emo/xbps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,948 Commits 1 Branch 0 Tags 11 MiB
4aae026615
Commit Graph

2948 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Gehring
4aae026615 lib/package_unpack.c: verify signed pkgver matches 
$ARCH-repodata is currently not protected by a signature. While most of
the package metadata is also embedded into the .xbps files, which are
protected by a signature, xbps-install ignores it
(1670ff000d/lib/package_unpack.c (L123))
and relies entirely on $ARCH-repodata.

This enables anyone who is able to modify the $ARCH-repodata to
substitute packages. This patch adds a check that verifies the signed
pkgver matches the one in the repodata, so at least downgrades posing as
updates are detected.

This is an incomplete fix as the whole transaction is still set up with
the unsigned repodata and other issues surely exist. The real fix is
signing $ARCH-repodata.
 2017-07-09 12:46:01 +00:00
Juan RP
66c6331689 NEWS: sync 2017-02-19 02:54:00 +01:00
Juan RP
1670ff000d Merge pull request #206 from Duncaen/memleak 
fix some some memory leaks
 2017-02-19 02:46:50 +01:00
Juan RP
a7f2080367 Merge pull request #198 from roman-neuhauser/package-modes 
xbps-pkgdb(1), xbps-install(1), xbps-remove(1): extend discussion of package modes
 2017-02-19 02:45:58 +01:00
Juan RP
956ec93f45 Merge pull request #202 from ebfe/list-repolock 
bin/xbps-query: add --list-repolock-pkgs
 2017-02-19 02:45:51 +01:00
Juan RP
a53bcef00b Merge pull request #196 from Duncaen/xbps-uchroot 
xbps-uchroot: umount chroot mounts
 2017-02-19 02:44:43 +01:00
ojab
e8c1ae96ae Fix -l flags order in feature detection 2017-01-02 18:39:23 +01:00
Alain Kalker
69a5ee2c1b xbps-checkvers.1: fix incorrect double negative (#219) 2016-12-25 21:21:28 +01:00
Christian Neukirchen
c255ede2ca _xbps: add run_depends to _xbps_properties. 2016-11-22 17:04:24 +01:00
Christian Neukirchen
392d686f07 _xbps: add alternatives and build-date to _xbps_properties. 2016-11-22 16:58:02 +01:00
Josh de Kock
21492ca1bf configure: check for --no-as-needed before using (#217) 2016-11-04 07:49:48 +01:00
Enno Boland
c3068808a2 Merge pull request #211 from ebfe/flush-progress 
bin/xbps-install/fetch_cb.c: flush stdout when printing progress
 2016-10-18 13:05:42 +02:00
Michael Gehring
2984d6a5ec bin/xbps-install/fetch_cb.c: flush stdout when printing progress 2016-10-05 20:18:43 +02:00
Duncaen
cf43597e74 lib/package_unpack.c: add memleak notice 2016-09-25 21:47:58 +02:00
Duncaen
797796e086 lib/transaction_shlibs.c: fix memleak 2016-09-25 21:47:40 +02:00
Duncaen
4797dee468 lib/package_configure.c: fix memleak 2016-09-25 21:27:46 +02:00
Duncaen
81673d69c7 bin/xbps-rindex: fix memleaks in index_add 2016-09-25 21:27:38 +02:00
Roman Neuhauser
d0b4089e6e xbps-install(1), xbps-remove(1) point to xbps-pkgdb(1) 
... from descriptions of -A and -u (xbps-install) and -o (xbps-remove).
 2016-09-21 14:56:17 +02:00
Roman Neuhauser
025b133025 xbps-pkgdb(1): extend discussion of package modes 
description of implications of the various modes was scattered across
xbps-pkgdb(1), xbps-install(1), xbps-remove(1).
 2016-09-21 14:56:17 +02:00
Michael Gehring
3dce6ab1ed bin/xbps-query: add --list-repolock-pkgs 2016-09-21 14:11:04 +02:00
Duncaen
414256292a bin/xbps-uchroot: mount / as private 2016-09-20 17:45:56 +02:00
Duncaen
bc5b38218a bin/xbps-uchroot: call clone only once if its successful 2016-09-20 17:39:13 +02:00
Christian Neukirchen
7d06fb0e71 _xbps, _xbps-src: add aarch64 completion. 2016-09-17 17:37:04 +02:00
Enno Boland
7967efc1e0 xbps-install: do not fail on update if any of the provided packages are up to date. 
addresses #194
 2016-09-14 18:12:54 +02:00
Enno Boland
1ffac73f54 Merge pull request #192 from jantatje/clean-cache-dry-run 
xbps-remove: fix --dry-run for --clean-cache
 2016-09-07 22:03:28 +02:00
Jan Tatje
46be602e28 xbps-remove: fix --dry-run for --clean-cache 
`xbps-remove --clean-cache --dry-run` did not consider the
--dry-run flag, this has been fixed.
 2016-09-07 21:56:01 +02:00
Juan RP
e4907adfe7 Merge pull request #187 from weakish/free-space-message 
Change free space message to avoid ambiguity.
 2016-09-07 07:49:12 +02:00
Juan RP
b0c5be169a Merge pull request #193 from Duncaen/alternatives 
xbps-alternativs fixes and more
 2016-09-07 07:47:12 +02:00
Duncaen
3b04602cc6 lib/package_alternatives.c: cleanup create_symlinks 2016-09-05 16:03:41 +02:00
Duncaen
dd7a0d073b lib/package_alternatives.c: remove previous symlinks 2016-09-05 02:03:30 +02:00
Enno Boland
2aa538bf35 Merge pull request #191 from Duncaen/socks5 
lib/fetch: add socks5 support
 2016-09-03 09:44:46 +02:00
Duncaen
08b9ed878f lib/fetch: default port, error checks and authentication support 2016-09-02 17:50:05 +02:00
Duncaen
30ace44394 lib/fetch: add socks5 support 2016-09-01 00:38:55 +02:00
Michael Gehring
3a1892028a xbps-checkvers: fix build with glibc-2.24 (#188) 2016-08-15 12:44:25 +02:00
Jakukyo Friel
4e2823ffa5
Change free space message to avoid ambiguity. 
`xbps-install` will report free space available on disk wording:

> Free space on disk: ...

'free' above is supposed to be  an adjective.
But 'free' can also be a verb,
thus the above message can be interpreted as free some space on disk.

'Free' is now changed to 'Available' to avoid ambiguity.
 2016-08-11 21:04:28 +08:00
Andrea Brancaleoni
03d29f64b8 bin/xbps-uchroot: add docker support (#176) 2016-07-17 20:41:12 +02:00
Juan RP
9046727301 xbps-uhelper: fix a warning reported by clang-3.8.1. 2016-07-17 11:34:39 +02:00
Juan RP
0cff982e7b xbps-rindex/sign: simplify. 2016-07-13 08:37:04 +02:00
Enno Boland
8030f47626 Merge pull request #186 from Gottox/fix-185 
lib/fetch/http.c: send proxy auth on https as connect header.
 2016-07-08 17:24:01 +02:00
Enno Boland
648e48a481 Update NEWS 2016-07-08 10:10:55 +02:00
Enno Boland
934a59ecd9 lib/fetch/http.c: send proxy auth on https as connect header. 
fixes #185
 2016-07-08 08:24:14 +02:00
Enno Boland
f196abb207 Merge pull request #183 from Gottox/avoid_mmap 
Avoid mmap
 2016-06-20 13:49:18 +02:00
Enno Boland
842ac7c97e lib/util_hash.c: fix memleak. 2016-06-20 10:03:49 +02:00
Enno Boland
35fa3b5808 xbps-create: remove mmap to load files to archive. 2016-06-17 17:10:10 +02:00
Enno Boland
30d1d0f607 util_hash.c: void return value 2016-06-17 17:03:43 +02:00
Enno Boland
cb94ffe1c0 util_hash.c: fail on negative result code of read. 2016-06-17 17:03:43 +02:00
Enno Boland
f0f15304e1 update NEWS 2016-06-17 13:05:49 +02:00
Enno Boland
b55ffeceae lib/util_hash.c: write directly to malloced string instead if coping it over 2016-06-16 07:00:08 +02:00
Enno Boland
df97be6a54 lib/verifysig.c: use xbps_file_hash_raw() 
instead of mmap'ing the source file, xbps_file_hash_raw is used
to generate a digest of the file.
 2016-06-16 06:51:10 +02:00
Enno Boland
7ce66edc57 lib/util_hash.c: add xbps_file_hash_raw method 
this function does not mmap the target file and therefore
avoids out of memory exceptions on 32bit systems.
 2016-06-16 06:51:10 +02:00