Commit Graph

1540 Commits

Author SHA1 Message Date
Duncan Overbruck
57675c7dfc
lib/fetch: fix CVE-2020-7450
https://www.freebsd.org/security/advisories/FreeBSD-SA-20:01.libfetch.asc
2020-01-28 20:29:39 +01:00
Juan RP
40dd4deb4d
unpack: really skip current data on archive with noextract. 2020-01-26 10:35:40 +01:00
Juan RP
8a0c3032b7
xbps_find_pkg_orphans: improvements.
While checking for orphans in automatic mode (xbps-query -O,
xbps-remove -o) there's no need to generate a fulldeptree...
instead we need to iterate against pkgdb until no more orphans
are found.

See https://github.com/void-linux/xbps/issues/156#issuecomment-578473222

Also add some debugging that helped me to catch the issue
easily.

Closes #156
2020-01-26 07:40:25 +01:00
Juan RP
ead62bdc7c
xbps_remove_pkg: make sure pkgver is valid before use.
pkgver might contain garbage due to removal of
its ancestor object (the pkg dictionary).
2020-01-25 13:58:00 +01:00
Juan RP
6e6a9294a7
xbps-install: fix for -D foo (anything else than xbps). 2020-01-25 13:44:46 +01:00
Juan RP
bda4452016
xbps-install: improved -D,--download-only support.
Added support to download all dependencies even
if the euid does not have write perms to rootdir.

In this mode we only care if cachedir is writable,
rootdir access is not necessary.

This is really useful to download all binary packages
required by any number of packages as any regular
user to later perform off-line installations, i.e:

```
$ xbps-install -c $PWD/cachedir -yD xbps
...
$ tree cachedir
cachedir/
├── acl-2.2.53_1.x86_64-musl.xbps
├── acl-2.2.53_1.x86_64-musl.xbps.sig
├── attr-2.4.48_1.x86_64-musl.xbps
├── attr-2.4.48_1.x86_64-musl.xbps.sig
├── bzip2-1.0.8_1.x86_64-musl.xbps
├── bzip2-1.0.8_1.x86_64-musl.xbps.sig
├── ca-certificates-20190110_1.noarch.xbps
├── ca-certificates-20190110_1.noarch.xbps.sig
├── libarchive-3.4.1_1.x86_64-musl.xbps
├── libarchive-3.4.1_1.x86_64-musl.xbps.sig
├── libcrypto45-3.0.2_2.x86_64-musl.xbps
├── libcrypto45-3.0.2_2.x86_64-musl.xbps.sig
├── liblz4-1.9.2_1.x86_64-musl.xbps
├── liblz4-1.9.2_1.x86_64-musl.xbps.sig
├── liblzma-5.2.4_2.x86_64-musl.xbps
├── liblzma-5.2.4_2.x86_64-musl.xbps.sig
├── libressl-3.0.2_2.x86_64-musl.xbps
├── libressl-3.0.2_2.x86_64-musl.xbps.sig
├── libssl47-3.0.2_2.x86_64-musl.xbps
├── libssl47-3.0.2_2.x86_64-musl.xbps.sig
├── libtls19-3.0.2_2.x86_64-musl.xbps
├── libtls19-3.0.2_2.x86_64-musl.xbps.sig
├── libxbps-0.57.1_8.x86_64-musl.xbps
├── libxbps-0.57.1_8.x86_64-musl.xbps.sig
├── libzstd-1.4.4_1.x86_64-musl.xbps
├── libzstd-1.4.4_1.x86_64-musl.xbps.sig
├── musl-1.1.24_1.x86_64-musl.xbps
├── musl-1.1.24_1.x86_64-musl.xbps.sig
├── run-parts-4.9.1_1.x86_64-musl.xbps
├── run-parts-4.9.1_1.x86_64-musl.xbps.sig
├── xbps-0.57.1_8.x86_64-musl.xbps
├── xbps-0.57.1_8.x86_64-musl.xbps.sig
├── xbps-triggers-0.113_3.noarch.xbps
├── xbps-triggers-0.113_3.noarch.xbps.sig
├── zlib-1.2.11_3.x86_64-musl.xbps
└── zlib-1.2.11_3.x86_64-musl.xbps.sig

0 directories, 36 files
$
```

Inpired by #213
Closes #213
2020-01-25 13:05:46 +01:00
Juan RP
ed5e481e77
xbps_transaction_package_replace: fix condition 2020-01-25 11:21:37 +01:00
Juan RP
a29f4709d0
xbps_transaction_package_replace: ignore pkgs on hold. 2020-01-25 11:19:54 +01:00
Juan RP
31a8dd15d0
xbps_transaction_revdeps: simplify 2020-01-25 11:09:03 +01:00
Juan RP
c6e0af44e8 xbps_transaction_shlibs: better interaction with on hold pkgs.
pkgs that are on hold mode should be ignored while collecting
required shlibs (shlib-requires).

Fixes #215
2020-01-25 10:23:06 +01:00
Duncan Overbruck
013177cec3
lib/download.c: fix digest for continued downloads 2020-01-18 16:33:58 +01:00
Duncan Overbruck
6794077efd
Add noextract configuration option
Closes #208
Fixes #165
2020-01-18 15:51:13 +01:00
Juan RP
ef9260a16e
libxbps: fix for vpkg providers in multiple repos.
Added new test case by @st3r4g via #206

Closes #206
2020-01-18 12:50:59 +01:00
Juan RP
5ff3ab5c60
transaction_revdeps: do not skip pkgs that are being updated.
Modified the test case with changes by @duncaen.

Closes #205
2020-01-18 08:58:54 +01:00
Juan RP
feece576b3
xbps_dbg_printf{,_append}: return if xhp is NULL.
assert() here was totally wrong, better to catch
this in all cases (NDEBUG does not change the behaviour).
2020-01-11 09:48:38 +01:00
Piotr Wójcik
6cf1555398 Revert "libxbps: verify repodata signatures even if rootdir is unset."
This reverts commit be05118aa8.
2020-01-06 15:33:25 +01:00
Juan RP
615b6ce7e9
xbps_repo_fetch_remote: use XBPS_REPOIDX_META. 2020-01-06 15:09:16 +01:00
Juan RP
850ba2d416
Revert the repodata signature stuff. 2020-01-06 14:56:01 +01:00
Juan RP
79321f3ff0
Revert "Verify index-meta for in-memory sync"
This reverts commit a1481cb285.
2020-01-06 14:52:06 +01:00
Juan RP
e04cb2fa24
Revert "Read also unsigned index-meta"
This reverts commit 61ef5c3f8a.
2020-01-06 14:50:32 +01:00
Juan RP
8b2c62adfc
Revert "Verify index-meta"
This reverts commit 09125769bd.
2020-01-06 14:48:39 +01:00
Juan RP
2884fc3ab7
Revert "Don't assume repodata is signed when has index-meta.plist"
This reverts commit 4e3d4d2287.
2020-01-06 14:45:57 +01:00
Juan RP
5f1f87eeb8
Revert "Use predefined constant in place of magic string"
This reverts commit ce4873a1f1.
2020-01-06 14:34:22 +01:00
Juan RP
d2208f91e0
Revert "Verify repodata signature"
This reverts commit a7830cf780.
2020-01-06 14:33:49 +01:00
Juan RP
b4fdc39e67
Revert "Sign repodata"
This reverts commit 04194f44c8.
2020-01-06 14:31:40 +01:00
Juan RP
d5e91cb7d8
xbps_transaction_store: fix memleak. 2020-01-06 12:47:13 +01:00
Juan RP
802a6eae09
xbps_dbg_printf{,_append}: add assertion 2020-01-06 12:10:47 +01:00
Juan RP
10075c28e5
libxbps: ignore indirect broken revdeps while updating xbps.
This fixes the long standing issue that has been a plague for
a long time.

See the test case for more information.
2020-01-04 13:01:28 +01:00
Juan RP
d68ff7ebf0
xbps-install: fix --reproducable.
The 'repository' obj also needs to be skipped to be fully
reproducable between different repositories.

Updated the test case accordingly.
2019-12-29 16:31:23 +01:00
Juan RP
95a3ba651f libxbps: added XBPS_FLAG_INSTALL_REPRO for xbps_handle::flags.
If set, enable reproducible mode; skips adding the
"install-date" obj into pkgdb.
2019-12-29 11:02:51 +01:00
Juan RP
166caab986 Do not silently update xbps on any install/update transaction.
When there's a new xbps update, xbps-install(1) will now return
EBUSY (16) and a message (if dry-run disabled) explaining
how to proceed.

If there's an update and transaction does not contain xbps, it will
error out unless the 'xbps' pkg is the only target pkg, i.e:

	# xbps-install -Su
	# echo $?
	16

To update xbps, the only way to proceed is to explicitly declare
it as an update, i.e:

	# xbps-install -u xbps

The dry-run mode will still show there's an xbps update.

Modified the existing test cases to satisfy the new behaviour.

Closes #166
Closes #142
2019-12-27 21:35:40 +01:00
Juan RP
c81a2806ff xbps_transaction_prepare: optimize a bit.
If all packages in transaction are on hold, there's no
need to check for conflicts, shlibs, etc.

This makes `xbps-install -un` work faster on my system:
~0.450ms -> ~0.250ms

There's still room for more improvements :-)
2019-12-27 21:32:54 +01:00
Juan RP
73e0668840 libxbps: fix issue found by the recent glvnd switch.
See the new test case for details, but this simulates
the recent glvnd switch, with mesa, nvidia and libglvnd.

Thanks @st3r4g for the fix! this indeed fixes the new test case.

Close #186
2019-12-27 20:25:05 +01:00
Juan RP
2f51b4c0bc xbps_init: fix warning on glibc. 2019-12-27 16:23:56 +01:00
Juan RP
7f75fd840a xbps_init: autodetect musl libc variant at compile time.
This way we don't need to set the 'architecture' xbps.d
setting when the binaries are compiled for musl.

Close #195
2019-12-27 16:23:56 +01:00
Juan RP
66b07bb795
xbps_array_foreach_cb_multi: fix previous. 2019-12-27 16:22:40 +01:00
Juan RP
f5d93caf15
xbps_array_foreach_cb_multi: improve previous (v2).
As suggested by @CasperVector reuse the 'i' var to
wait for threads that were created successfully.
2019-12-27 15:47:43 +01:00
Juan RP
a3a1c372cb
xbps_array_foreach_cb_multi: improve previous.
Do not wait for the other threads to finish, just exit early.
2019-12-27 15:19:22 +01:00
Juan RP
08a1c61a4d
xbps_array_foreach_cb_multi: error out if pthread_create(3) fails.
We do not want to continue processing more threads
if pthread_create(3) fails, rather return an error.

This is for #182 but not yet fixed, there might be a
memleak somewhere.
2019-12-27 14:27:51 +01:00
Juan RP
0e1482917a
Fix maybe-uninitialized warnings detected by LTO. 2019-12-27 10:53:10 +01:00
Piotr Wójcik
26d853751e lib/util.c: relax revision check to match existing data 2019-12-14 12:07:12 +01:00
Juan RP
be05118aa8
libxbps: verify repodata signatures even if rootdir is unset.
xbps-rindex(1) has a -r option that sets the remove mode,
due to the changes added to sign repodata we need to access
to the correct directory where repository public keys are
stored. This makes the code use `$PWD/keys` before falling
back to `metadir`.

Fixes the test suite to run with unprivileged users (non root).
2019-11-24 12:52:50 +01:00
Juan RP
f723edbca1
trans/revdeps: ignore pkgs on hold.
shlib checking is still performed later on...
2019-11-24 11:44:21 +01:00
q66
85b8b3bbb7 lib/package_alternatives.c: prune obsolete alternatives groups
In the edge case when an updated package has different (or no)
alternatives groups, make sure to prune those that are in pkgdb
but not in the newly installed package.

A potentially common case of this is when a package that formerly
had alternatives gets removed and a transitional metapackage
takes its place (which has no alternatives).

When the new package has no dependencies, oldest next possible
alternatives group will be used. This is because that indicates
a removed package. When there are dependencies, the newest one
will be used; as this indicates a transitional package.
2019-11-17 13:22:15 +01:00
Piotr Wójcik
a1481cb285 Verify index-meta for in-memory sync 2019-11-02 11:53:14 +01:00
Piotr Wójcik
61ef5c3f8a Read also unsigned index-meta 2019-11-02 11:53:14 +01:00
Piotr Wójcik
09125769bd Verify index-meta 2019-11-02 11:53:14 +01:00
Piotr Wójcik
4e3d4d2287 Don't assume repodata is signed when has index-meta.plist 2019-11-02 11:53:14 +01:00
Piotr Wójcik
381b7b7600 Sign index-meta 2019-11-02 11:53:14 +01:00
Piotr Wójcik
b4e93a95bf Turn off repodata signing 2019-11-02 11:53:14 +01:00
Piotr Wójcik
ce4873a1f1 Use predefined constant in place of magic string 2019-11-02 11:53:14 +01:00
Piotr Wójcik
a7830cf780 Verify repodata signature 2019-11-02 11:53:14 +01:00
Piotr Wójcik
04194f44c8 Sign repodata 2019-11-02 11:53:14 +01:00
Juan RP
6886a73288
Bump to 0.57.1 and libxbps micro. 2019-10-27 09:50:11 +01:00
Juan RP
b9b6f43300 package_script.c: fix runtime with tcc
Making `shells` a global declaration does not seem to make tcc happy, so make this a local variable in `xbps_pkg_exec_buffer` instead.
2019-10-27 09:38:50 +01:00
Enno Boland
bc59d0b407 lib/package_script.c: try to find a usable shell instead of using /bin/sh 2019-10-27 09:38:50 +01:00
Juan RP
98e09e01e1
lib/package_alternatives.c: check if alternative is a symlink before removing it
Original commit by @duncaen ... but couldn't find this anywhere.
2019-10-27 08:44:37 +01:00
Duncaen
3854bd103f lib/transaction_fetch.c: fix memory leak 2019-10-25 23:38:01 +02:00
Duncaen
143b13f9e6 lib/transaction_fetch.c: move fetch and verify binpkgs and make use of xbps_fetch_file_digest 2019-10-25 23:38:01 +02:00
Duncaen
6ed0c8c5c5 lib/verifysig.c: add xbps_verify_signature to verify signature against digest 2019-10-25 23:38:01 +02:00
Duncaen
62c1102cc4 lib/util.c: xbps_remote_binpkg_exists to check if signature and binpkg are cached 2019-10-25 23:38:01 +02:00
Duncaen
d2bdd9574e lib/download.c: add xbps_fetch_file{_dest,}_digest 2019-10-25 23:38:01 +02:00
Piotr Wójcik
699b2bdd3b lib/util.c: verify revision in xbps_pkg_{version,revision,name} 2019-10-25 23:37:23 +02:00
Duncan Overbruck
7b4a925302 bin/xbps-rindex: better error handling for writing repodata archives
This fixes issues when writes fail (as example if the disk is full),
where xbps would create empty repodata or stagedata archives.
2019-10-25 23:36:44 +02:00
Duncan Overbruck
f0d62b9a80 lib/transaction_files.c: fix conf handling
This only changes the debug messages, because modified files and conf
files are handled the same on removal and unless a conf file changes
the file type it is never deleted.
2019-08-06 13:49:42 +02:00
Duncan Overbruck
fa23602561 lib/transaction_files.c: rename remove to removepkg to not shadow remove(3) 2019-08-05 15:56:04 +02:00
Duncan Overbruck
df22b0384d lib/package_remove.c: fix uninitialized xbps_array_t 2019-08-05 15:48:11 +02:00
Duncan Overbruck
c815d3d5f5 lib/package_remove.c: fix check_remove_pkg_files if euid is 0
True means the check failed, false means success
2019-08-05 15:41:23 +02:00
Duncan Overbruck
e59ded73ae lib/conf.c: don't stop after the first error and print error
This fixes void-linux/xbps#153.
2019-08-05 15:28:24 +02:00
Duncan Overbruck
745ba32641 lib/package_remove.c: use obsolete_files from transaction 2019-08-05 14:56:21 +02:00
Duncan Overbruck
f0d90d3fec lib/transaction_files.c: prepare to use obsolete files detection on package removal 2019-08-05 14:55:21 +02:00
Duncan Overbruck
f103b91663 Revert "lib/transaction_{revdeps,prepare}.c: try to update packages if necessary"
This reverts commit 0e950156fc.
2019-08-05 11:48:15 +02:00
Duncan Overbruck
cb28e7959a Revert "lib/transaction_ops.c: remove updating all reverse dependencies"
This reverts commit 5e4d33a58f.
2019-08-05 11:48:11 +02:00
Duncaen
0e950156fc lib/transaction_{revdeps,prepare}.c: try to update packages if necessary
`xbps_transaction_revdeps` will now try to add updates for packages to the
transaction if the dependency is not satisified anymore due to a package
install/update.

`xbps_transaction_prepare` will now check the return value of
`xbps_transaction_revdeps` and repeat the dependency resolution,
until `xbps_transaction_revdeps` returns 0, which means that it didn't
add any new packages to the transaction.
2019-07-03 00:48:57 +02:00
Duncaen
5e4d33a58f lib/transaction_ops.c: remove updating all reverse dependencies 2019-07-03 00:48:57 +02:00
Duncaen
041eed8255 lib/package_fulldeptree.c: also use the initial item from the hashtable 2019-07-02 09:48:05 +02:00
Duncaen
7c3029589c lib/package_fulldeptree.c: don't add the package itself to the fulldeptree result
This was noticed a few days ago by @leah2.
2019-07-02 09:48:05 +02:00
Duncaen
57256c2328 lib/package_fulldeptree.c: add items to result if they are found in the hashtable 2019-07-02 09:48:05 +02:00
Duncaen
b60054267b lib/package_orphans.c: the argument is not UNUSED 2019-07-02 09:48:05 +02:00
Juan RP
0677678387 Added LTO support and fix warnings (maybe-uninitialized). 2019-06-27 18:09:26 +02:00
Juan RP
d6aebd45f0
fetch/http.c: fix tcc build failure.
fetch/http.c:1475: warning: function might return no value: 'parse_index'

The code uses abort() before returning anything; return a proper
return value instead.
2019-06-26 14:57:39 +02:00
Duncaen
d72091a206 lib/transaction_files.c: fix returning error on hash mismatch 2019-06-26 13:07:16 +02:00
Duncaen
b39e341426 libxbps: don't check revdeps on removal of ignored packages 2019-06-23 12:23:17 +02:00
Johannes Brechtmann
11e5190a36 lib/fetch: happy_eyeballs_connect check for waiting connections before
decrementing them, remove dead code
2019-06-23 12:14:21 +02:00
Duncaen
66f66ab7a1 Revert "xbps_array_foreach_cb_multi: fix incorrect array counter."
This reverts commit 08aa44602f.

The element still has to be processed and ignored by one of the
threads, it is not the last entry this will make the actually last item
be ignored.
2019-06-23 11:14:37 +02:00
Duncaen
a4dd0221ac lib/plist.c: fix xbps_array_foreach_cb_multi processing entries multiple times
the first thread to finish will start again from 0 (`reserved`) until
0+slicecount, next thread will then start from the end of the previous
thread which is already wrong, resulting in processing the first
slicecount*maxthreads entries twice.

The first slicecount*maxthreads entries are accounted by the thread
creation loop and `reserved` has to start at the first unaccounted index.
2019-06-23 11:14:37 +02:00
Juan RP
173c834fc8
lib/pkgdb.c: initialize pkgdb_fd.
otherwise xbps_pkgdb_unlock will always succeed.
2019-06-23 11:05:03 +02:00
Juan RP
97672bd79f
pkgdb: fix two issues in _update() and _release().
xbps_pkgdb_update: inverted condition that made it 'flush' when !flush.
xbps_pkgdb_release: xhp->pkgdb might be NULL, but unlock pkgdb anyway.
2019-06-22 18:47:13 +02:00
Duncaen
7e762cc357 lib/fetch.c: ignore EADDRNOTAVAIL and try next ip 2019-06-21 20:23:55 +02:00
Juan RP
2f1fd70a4e
xbps_transaction_prepare: initialize trans dict!
... otherwise it will always return ENXIO
2019-06-21 17:13:06 +02:00
Juan RP
fe943eb7d2
xbps-install(1): added -D, --download-only.
Added `-D, --download-only` flag to allow downloading
packages to the cache without attempting to install them.

Contributed by Toyam Cox via #9

Adapted to master by yours truly.

Close #9
2019-06-21 15:57:25 +02:00
Juan RP
4f717dc597 xbps-install(1): added -I, --ignore-file-conflicts.
If set it will continue with the transaction and will
just print what are the conflicting files without returning
EEXIST.

This is a temporary solution for void where there are still
some packages with conflicting files (qt5-host-tools vs qt5-tools-devel).

With input by @duncaen
2019-06-21 15:31:04 +02:00
Juan RP
9a72aaf577
xbps_transaction_files: report all conflicting files not just the first. 2019-06-21 13:48:47 +02:00
Juan RP
0f69773273
lib/transaction_ops.c: more debug. 2019-06-21 13:14:24 +02:00
Juan RP
c44e1f958d
lib/transaction_prepare.c: update for rename. 2019-06-21 10:48:17 +02:00
Juan RP
fcab44dbd3
lib/transaction_dictionary.c -> transaction_prepare.c. 2019-06-21 10:46:32 +02:00
q66
a72cbf3c23 lib/package_unpack.c: silence gcc false positive
On some systems, something like this happens:

package_unpack.c:375:11: error: 'buf' may be used uninitialized in this function

This is not actually a bug as logically `buf` is always initialized
in that place, but gcc doesn't like it anyway.
2019-06-21 08:59:46 +02:00
Duncaen
70867bd774 lib/transaction_files.c: fix size_t printf 2019-06-20 18:04:47 +02:00
Duncaen
dc547d9f50 lib/transaction_files.c: skip preserved files while looking for obsoletes 2019-06-20 14:53:08 +02:00
Duncaen
093950dba2 lib/fetch: remove port from happy eyeballs verbose logs, wrong cast and redundant 2019-06-20 13:28:14 +02:00