Commit Graph

1530 Commits

Author SHA1 Message Date
Duncaen
f45c6798c9 lib/transaction_files.c: update package archive compressions 2019-06-18 19:54:22 +02:00
Duncaen
8a81f6ce86 lib/package_unpack.c: use transaction obsolete detection 2019-06-18 19:54:22 +02:00
Duncaen
658f87b9c5 lib/transaction_files.c: rework to remove obsoletes before unpacking 2019-06-18 19:54:22 +02:00
Duncaen
29f1433afd lib/transaction_files.c: collect file installs/removals to correctly find obsoletes 2019-06-18 19:54:22 +02:00
Juan RP
00d552424d lib/repo.c: fix dead assignment.
Found by clang-analyzer.

Bug Summary
File: lib/repo.c
Warning: line 162, column 3
Value stored to 'rv' is never read
2019-06-18 18:49:29 +02:00
Juan RP
ab44f4ef80 lib/portableproplib/rb.c: fix dead initialization.
Found by clang analyzer.

Bug Summary
File: lib/portableproplib/rb.c
Warning: line 363, column 19
Value stored to 'grandpa' during its initialization is never read
2019-06-18 18:49:29 +02:00
Juan RP
6b84d75dc1 lib/transaction_dictionary.c: fix dead assignment.
Found by clang-analyzer.

Bug Summary
File: lib/transaction_dictionary.c
Warning: line 68, column 2
Value stored to 'rootdir_free_size' is never read
2019-06-18 18:49:29 +02:00
Juan RP
6fe5bbc596 lib/transaction_ops.c: fix a dead assignment.
Found by clang-analyzer.

Bug Summary
File: lib/transaction_ops.c
Warning: line 274, column 4
Value stored to 'rv' is never read
2019-06-18 18:49:29 +02:00
Juan RP
363f5a93de lib/Makefile: disable pkgdb_conversion.c.
It was made many years ago to update the pkgdb format, but
it's innecessary to build it by default because is dead code.

Anyway keep it just in case pkgdb format changes.
2019-06-18 18:49:29 +02:00
Juan RP
fd88298755 lib/fetch/common.c: fix memleak in happy_eyeballs_connect.
Found by clang-analyzer.

Bug Summary

File: lib/fetch/common.c
Warning: line 587, column 4
Potential leak of memory pointed to by 'pfd'
2019-06-18 18:49:29 +02:00
Juan RP
d16a2fc987 xbps_init: fix a logic error.
Initialize rv to avoid a logic error.

Found by clang-analyzer.

Bug Summary
File: lib/initend.c
Warning: line 101, column 10
The left operand of '<' is a garbage value
2019-06-18 18:49:29 +02:00
Juan RP
87f7766c5f xbps_symlink_target: fix two memleaks found by clang-analyzer. 2019-06-18 18:49:29 +02:00
Juan RP
d36d37fc6a lib/external/fexec.c: fix potential insecure usage in vfork().
Reported by clang-analyzer.

After reading the linux man-pages vfork(2) manpage I came to the
conclusion that it's better to change the behaviour of the
original source (NetBSD) and change this to use fork(2).
2019-06-18 18:49:29 +02:00
Juan RP
b672e1a7f2
Improved "xbps auto-updating itself" behaviour.
Always check if there's a new xbps package version available
while *installing* or *updating* in any form.

This fixes the following scenario:

- xbps-0.53_10 is currently installed
- xbps-0.54_1 is available in repo
- xbps-install --update netbsd-wtf || xbps-install new-pkg || xbps-install --update

As expected any of the following scenarios in last cmd will use *this*
transaction to autoupdate xbps and its reverse dependencies.

Another transaction will be necessary to install or update the other unrelated
packages.

Added a new test case to verify this case and improve the other test
cases with more extensive checks.
2019-06-17 12:02:02 +02:00
Juan RP
7f75910054
libxbps: added support for multiple compression formats in repodata.
Also don't use obsolete libarchive interfaces.
2019-06-17 07:14:24 +02:00
Juan RP
59dffd76cc
lib/package_fulldeptree.c: simplify. 2019-06-17 05:38:36 +02:00
Duncaen
b2f5afd02e lib/repo: add xbps_repo_remove and use it in xbps_rpool_foreach
https://github.com/void-linux/xbps/issues/3
2019-06-15 21:11:07 +02:00
Duncaen
104e8393f3 lib/fetch: fix happy eyeballs without any usable addresses and catch more errors 2019-06-15 19:19:40 +02:00
Duncaen
8018833010 lib/fetch: add FORCE_IPV{4,6} environment variables 2019-06-15 19:19:40 +02:00
Juan RP
271601dd0e
fulldeptree: replace another assert() with proper return code.
Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-15 18:15:13 +02:00
Juan RP
a9a889c54d fulldeptree: return a proper error if deps can't be resolved.
xbps_get_pkg_fulldeptree() now returns NULL and sets errno to ENODEV
when there are missing dependencies, rather than assert()ing.

Added another test case to check returned error codes.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-15 18:04:20 +02:00
Juan RP
82e7d11db8
Merge pull request #116 from Duncaen/umask
umask "fixes"
2019-06-15 13:08:32 +02:00
Duncaen
45fc07260c xbps_binpkg_exists: fix access() on remote packages and avoid malloc 2019-06-14 23:21:06 +02:00
Duncaen
008e1ed901 lib/external/fexec.c: run child with 022 umask 2019-06-14 21:09:15 +02:00
Duncaen
c3f6f485a3 lib/repo_sync.c: set umask before creating repo cache directories 2019-06-14 21:08:55 +02:00
Juan RP
04291329aa
Bump XBPS_API_VERSION and libxbps major soname.
- struct xbps_handle was modified.
- xbps_pkg_is_ignored() was added to the API.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-14 09:54:51 +02:00
Juan RP
f6116fc2ac xbps_pkgdb_lock(): check if rootfs is writable.
As shown in https://github.com/void-linux/xbps/issues/110
/var might be rw, while / might be ro.

Check this via xbps_pkgdb_lock() for both things.

Close #110

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-13 17:41:01 +02:00
Juan RP
c3b2d7ca53 libxbps: fix xbps autoupdate when its revdeps are up-to-date.
The current code was failing because while checking for updates
on its reverse dependencies, up-to-date versions were treated
as an error.

Added a new test case to verify that it works as expected.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-13 14:18:31 +02:00
Juan RP
cf4f0f4aa0 xbps_alternatives_register: fix a memleak.
Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
bcd80f2936 xbps_alternatives_register: update pkgdb alternatives dictionary.
... otherwise the entry might not be added to our array and won't
hit pkgdb.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
1c85083a94 lib/package_alternatives.c: update copyright.
Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
f06edd8850 xbps_alternatives_register: no need to check for 'alloc'.
Found by @huglovefan. Thanks.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
639ff2d642 xbps_alternatives_register: get rid of an unnecessary change.
Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
d189921818 xbps_alternatives_register: fix test case "more_entries_update".
Even if the alternatives group is already registered, we need
to create the symlinks from current pkg dictionary (repo).

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
f4f9bef6e5 xbps_alternatives_register: find and remove obsolete symlinks.
This fixes the new test case "less_entries_update" contributed
by @duncaen.

If "alternatives" dict from pkgdb differs from the one from repos,
find obsoletes and remove them.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
04f899c80f xbps_alternatives_unregister: fix removal of current provider.
Fix logic as found by @duncaen in #101.

Also set "first" when the entry is removed from the array.

Fixes #102

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
c29efcd13b xbps_alternatives_unregister: fix xbps_set_cb_state().
In the !current branch, "first" wasn't initialized so it displayed garbage:

Removing `pinentry-tty-1.1.0_5' ...
Removing 'pinentry' alternatives group symlink: pinentry
pinentry-tty-1.1.0_5: unregistered 'pinentry' alternatives group
Switched 'pinentry' alternatives group to 'p
o@�'
Creating 'pinentry' alternatives group symlink: pinentry -> /usr/bin/pinentry-tty
Removed file `/usr/bin/pinentry-tty'
Removed `pinentry-tty-1.1.0_5' successfully.

With my fix:

Removing `pinentry-tty-1.1.0_5' ...
Removing 'pinentry' alternatives group symlink: pinentry
pinentry-tty-1.1.0_5: unregistered 'pinentry' alternatives group
Switched 'pinentry' alternatives group to 'pinentry'
Creating 'pinentry' alternatives group symlink: pinentry -> /usr/bin/pinentry-tty
Removed file `/usr/bin/pinentry-tty'
Removed `pinentry-tty-1.1.0_5' successfully.

Signed-off-by: Juan RP <xtraeme@gmail.com>
2019-06-11 19:53:19 +02:00
Juan RP
dd3dc2ddec xbps_symlink_target: always canonicalize rootdir.
... otherwise we might end up with a relative rootdir that will
give unexpected results.

dtrt when rootdir != /
2019-06-07 20:13:24 +02:00
Juan RP
9e2c00ee8b libxbps: remove dangling symlinks properly.
This fixes removal of packages that contain multiple levels
of dangling symlinks, i.e faenza-icon-theme and probably others.

Close #23
2019-06-07 20:13:24 +02:00
Juan RP
371be9703e Sync with portableproplib-0.6.8. 2019-06-04 21:43:52 +02:00
Duncaen
33fbe8a5ef fulldeptree: ignore missing local runtime dependencies
They most likely come from `ignorepkg` and without this patch
operations xbps-remove -R aborts if a dependency was ignored
at install time.
2019-05-27 12:41:39 +02:00
Duncaen
67badf983b lib/conf.c: ignore glob errors 2019-05-22 15:05:45 +02:00
Duncaen
79317563e9 lib/conf.c: fix including absolute paths 2019-05-22 15:05:45 +02:00
Duncaen
85bf13f138 lib: move conf parsing to lib/conf.c and refactor to not rely on getcwd/chdir
This fixes https://github.com/voidlinux/xbps/issues/158
2019-05-22 13:22:10 +02:00
Johannes Brechtmann
949d2d90e7 package_remove: fix length comparison 2019-05-16 11:04:48 +02:00
Juan RP
108a165534 libxbps: try to update revdeps when installing or updating pkgs.
This fixes the cases where a pkg installation or update
could break its revdeps due to not satisfying dependencies.

When performing an install or update, xbps now always checks if
there are updates for its revdeps and get added to the transaction.

See the two new test cases for more information.
2019-05-14 23:34:53 +02:00
Juan RP
2a9794968c proplib/prop_object: needs compat.h. 2019-04-22 15:32:06 +02:00
Juan RP
cf78b7272f lib/util: musl needs _{GNU,BSD}_SOURCE for strlc{at,py}(). 2019-04-22 15:31:07 +02:00
Juan RP
0db5ace61d configure: fix vasprintf test; cosmetics.
The vasprintf test was always failing because it needed stdarg.h.
Misc cosmetics: rename compat objs to COMPAT_OBJS.
2019-04-22 15:30:02 +02:00
Duncaen
456f775e4d alternatives: don't switch unchanged alternative groups on removal
Closes: #82 [via git-merge-pr]
2019-04-22 14:51:32 +02:00
Juan RP
1d8b95a993 package_config_files.c: fix a shadowed variable declaration.
Found by pcc.
2019-04-22 14:51:13 +02:00
Juan RP
c658e41747 fulldeptree: make sure there are no dups.
Added a test case to verify that dup deps are discarded
completely.
2019-04-22 14:51:13 +02:00
Juan RP
71775950e8 lib/fetch/http.c: fix https->http redirection via proxy.
See https://github.com/void-linux/xbps/issues/52

Thanks @jschultz

Closes: #79 [via git-merge-pr]
2019-04-22 14:49:54 +02:00
Andreas Kempe
0c657582f2 lib/fetch/common.c: send socks5 request as a single transaction
Splitting the socks5 request is causing issues when running against Tor.
It causes Tor to fail with an address unknown error. Assembling the
request and sending it in its entirety solves the issue.

An strace of torsocks, that functions correctly when used with xbps, shows
that the request is being sent all at once:

        recvfrom(3, "\5\0", 2, 0, NULL, NULL)
        sendto(3, "\5\1\0\3>lysator7eknrfl47rlyxvgeamrv7ucefgrrlhk7rouv3sna25asetwid.onion\0P", 69, 0, NULL, 0)
        recvfrom(3, "\5\0\0\1\0\0\0\0\0\0", 10, 0, NULL, NULL)

Closes: #54 [via git-merge-pr]
2019-04-20 11:11:40 +02:00
human
b502dc708a fix setting alternatives for packages with more than one group 2019-04-20 11:10:34 +02:00
Duncaen
ea2cb1d369 unpack: keep conf_files replaced with symlinks, unpack as .new-pkgver 2019-04-20 10:56:08 +02:00
Duncaen
cd4c07a467 libxbps: sane umask for pkgdb and files plists 2019-04-20 10:46:59 +02:00
Duncaen
d1667fd931 Add the ability to ignore packages
The previous idea was to use virtual packages in the users configuration
to satisfy dependencies by mapping them to existing installed packages.
Using virtual packages for it doesn't work as expected and trying to make
it work would break other functionalities of virtual packages, like the
version satisfaction checks for `provides` and the ability to replace
virtual packages with real packages. The virtual package functionality
should be used exclusively for virtual packages.

This allows users to specify packages packages that should be ignored.
Ignored packages in dependencies are always satisfied without installing
the package, while updating or installing a package that depends on an
ignored package.

This does NOT ignore the shlib checks, ignoring a package that provides
required shared libraries will abort the transaction as if there was no
package that provides the required shared library.
2019-04-19 23:07:59 +02:00
Duncaen
9f52a7837f lib/fetch: add happy eyeballs connect algorithm (RFC6555/RFC8305)
Connect to the addresses from `getaddrinfo(3)`,
alternating between address family,
starting with ipv6 and wait `fetchConnDelay`
between each connection attempt.

If a connection is established within the attempts,
use this connection and close all others.

If `connect(3)` returns `ENETUNREACH`, don't attempt more
connections with the failing address family.

If there are no more addresses to attempt,
wait for `fetchConnTimeout` and return the first established
connection.

If no connection was established within the timeouts,
close all sockets and return -1 and set errno to
`ETIMEDOUT`.
2019-04-19 22:58:50 +02:00
Juan RP
291faddf8c xbps now also updates revdeps of itself if there's an update.
Close https://github.com/void-linux/xbps/issues/77

Closes: #78 [via git-merge-pr]
2019-04-19 22:57:42 +02:00
Juan RP
08aa44602f xbps_array_foreach_cb_multi: fix incorrect array counter.
This fixes some races that could be seen when there's a
determined number of pkgs and CPU threads.
2019-04-19 22:57:42 +02:00
Juan RP
580a5ba29b xbps_get_pkg_fulldeptree(): fix all known bugs and make it 50x faster.
faster: use a hash table with pkg names on the transaction dict,
 the process of collecting and sorting is now 50x faster or
 even more (kde5).

bugs: this now detects cyclic deps and returns with an appropropiate
 return value: ELOOP and ENOENT in xbps-query(1) --fulldeptree.
 Ping me if you need more details :-)

Close https://github.com/void-linux/xbps/issues/16
Close https://github.com/void-linux/xbps/issues/5
2019-04-19 22:57:42 +02:00
human
8d594727cc lib/util.c: improve error handling in xbps_binpkg_{arch,pkgver}
they no longer assert or segfault on malformed strings

Closes: #48 [via git-merge-pr]
2019-04-14 15:01:18 +02:00
Johannes Brechtmann
2745e25740 lib/package_remove: order directories before removal
The order of entries in files.plist is inconsistent
between different releases of xbps. Hence they must be
ordered before removal to, so sub directories are removed
before their parents.
2019-04-14 14:30:16 +02:00
Duncaen
5aabfe3ad9 fix indention 2019-04-14 12:37:24 +02:00
Duncaen
4d1f9832c1 lib/package_find_obsoletes: fix comment 2019-04-14 11:52:32 +02:00
Yuxuan Shui
2c69345acc Don't process processed packages again in collect_rdeps
Otherwise we will get exponential time complexity
2019-04-14 11:25:41 +02:00
Duncaen
07ec982b07 lib/fetch/http.c: ignore headers after CONNECT response 2019-04-08 13:34:23 +02:00
Duncaen
c1a64ba86e Revert "lib/initend.c: Fix user virtual packages"
This reverts commit bea146c724.
2019-03-22 22:34:11 +01:00
kayvenm
bea146c724 lib/initend.c: Fix user virtual packages
Dictionary was never initialized because of wrong condition check

Closes: #265 [via git-merge-pr]
2019-03-22 21:45:44 +01:00
Cameron Nemo
5aa1adca90 lib/initend.c: xbps_init(): safer string handling
Signed-off-by: Cameron Nemo <camerontnorman@gmail.com>
Closes: #58 [via git-merge-pr]
2019-03-22 19:14:08 +01:00
wuhanck
b4eebafa6d upgrade to openssl 1.1.x. 2019-01-24 14:57:50 -05:00
Foxlet
0f33859701 Fix namespace violation 2018-09-25 22:11:30 -04:00
Enno Boland
e4702d9d3b
Merge pull request #6 from foxlet/fix-string-formatting
Fix string formatting of 64-bit unsigned integers
2018-07-30 20:28:09 +02:00
Enno Boland
a5bfc59203 prepare release 2018-07-30 13:47:08 +02:00
Foxlet
4eaf45a767 Fix string formatting of 64-bit unsigned integers 2018-07-17 20:50:48 -04:00
Enno Boland
bfd6b2e88e lib/plist.c: share workload more efficient between threads
Before this patch xbps had a constant slice count for every thread.
This resulted in unbalanced thread usage if the workload was
homogenous over the slices.

This patch replaces the naive slice count approach by spinlock based
reservation.
2018-07-02 13:18:23 +02:00
Juan RP
eaccf4813d Merge pull request #246 from ebfe/signed_pkgver
lib/package_unpack.c: verify signed pkgver matches
2017-10-25 09:17:55 +02:00
Juan RP
eae215e2a0 Merge pull request #234 from Duncaen/umask
Fix pkgdb and files plist permissions with restictive umask.
2017-10-25 09:13:26 +02:00
Agustin Chiappe Berrini
2cd0dc688f Fix compilation of initend for gcc 7
This is a trickier situation.

The original message:

```
initend.c:423:10: error: ‘%s’ directive output may be truncated writing 15 bytes into a region of size between 1 and 512 [-Werror=format-truncation=]
       "%s%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
          ^~
initend.c:422:3: note: ‘snprintf’ output between 16 and 527 bytes into a destination of size 512
   snprintf(xhp->confdir, sizeof(xhp->confdir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       XBPS_SYSCONF_PATH);
       ~~~~~~~~~~~~~~~~~~
initend.c:429:7: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation ]
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ^~~~~~~
initend.c:428:3: note: ‘snprintf’ output 2 or more bytes (assuming 513) into a destination of size 512
   snprintf(xhp->confdir, sizeof(xhp->confdir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
initend.c:434:9: error: ‘%s’ directive output may be truncated writing 17 bytes into a region of size between 1 and 512 [-Werror=format-truncation=]
      "%s%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
         ^~
initend.c:433:2: note: ‘snprintf’ output between 18 and 529 bytes into a destination of size 512
  snprintf(sysconfdir, sizeof(sysconfdir),
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      "%s%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      XBPS_SYSDEFCONF_PATH);
      ~~~~~~~~~~~~~~~~~~~~~
initend.c:455:11: error: ‘%s’ directive output may be truncated writing 14 bytes into a region of size between 0 and 511 [-Werror=format-truncation=]
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
           ^~
initend.c:454:3: note: ‘snprintf’ output between 16 and 527 bytes into a destination of size 512
   snprintf(xhp->cachedir, sizeof(xhp->cachedir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       XBPS_CACHE_PATH);
       ~~~~~~~~~~~~~~~~
initend.c:461:7: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation ]
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ^~~~~~~
initend.c:460:3: note: ‘snprintf’ output 2 or more bytes (assuming 513) into a destination of size 512
   snprintf(xhp->cachedir, sizeof(xhp->cachedir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
initend.c:467:11: error: ‘%s’ directive output may be truncated writing 12 bytes into a region of size between 0 and 511 [-Werror=format-truncation=]
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
           ^~
initend.c:466:3: note: ‘snprintf’ output between 14 and 525 bytes into a destination of size 512
   snprintf(xhp->metadir, sizeof(xhp->metadir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "",
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       XBPS_META_PATH);
       ~~~~~~~~~~~~~~~
initend.c:473:7: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation ]
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ^~~~~~~
initend.c:472:3: note: ‘snprintf’ output 2 or more bytes (assuming 513) into a destination of size 512
   snprintf(xhp->metadir, sizeof(xhp->metadir),
   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       "%s/%s", strcmp(xhp->rootdir, "/") ? xhp->rootdir : "", buf);
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
```

It's basically warning about dangerous operations on strings. And as
far as I could tell, is a valid warning and not a false alarm!

This fix makes the concept of `XBPS_MAXPATH` lose a little bit of sense
as now it doesn't necessarily represent the max size of the paths used
by xbps, but instead the max allowed size of the path configured.

I think this change is ok, but I wasn't able to find any reference to
why it was chosen to be 512. POSIX mandates at least 256, so I'm not
breaking anything that wasn't broken already, and Linux seems to have
a maximum size of 4096, which is pretty safe.

Therefore, this changes should be harmless. I think.
2017-08-22 18:35:45 -04:00
Agustin Chiappe Berrini
be5277591f Fix compilation in ftp.c
When trying to compile the file ftp.c, I get errors related with
warnings that were marked to be reported as error.

This was the original message:

```
fetch/ftp.c:444:8: error: this statement may fall through [-Werror=implicit-fallthrough=]
   type = 'D';
   ~~~~~^~~~~
fetch/ftp.c:445:2: note: here
  case 'D':
  ^~~~
fetch/ftp.c: In function ‘ftp_request’:
fetch/ftp.c:342:3: error: missed loop optimization, the loop counter may overflow [-Werror=unsafe-loop-optimizations]
   for (i = 0; i <= len && i <= end - dst; ++i)
   ^~~
fetch/ftp.c:342:24: error: missed loop optimization, the loop counter may overflow [-Werror=unsafe-loop-optimizations]
   for (i = 0; i <= len && i <= end - dst; ++i)
               ~~~~~~~~~^~~~~~~~~~~~~~~~~
```
2017-08-22 18:03:32 -04:00
Michael Gehring
4aae026615 lib/package_unpack.c: verify signed pkgver matches
$ARCH-repodata is currently not protected by a signature. While most of
the package metadata is also embedded into the .xbps files, which are
protected by a signature, xbps-install ignores it
(1670ff000d/lib/package_unpack.c (L123))
and relies entirely on $ARCH-repodata.

This enables anyone who is able to modify the $ARCH-repodata to
substitute packages. This patch adds a check that verifies the signed
pkgver matches the one in the repodata, so at least downgrades posing as
updates are detected.

This is an incomplete fix as the whole transaction is still set up with
the unsigned repodata and other issues surely exist. The real fix is
signing $ARCH-repodata.
2017-07-09 12:46:01 +00:00
Duncaen
e797936c40 lib/repo_sync.c: sane umask for repodata files 2017-02-27 18:50:19 +01:00
Duncaen
332fbc195a lib/package_unpack.c: set a sane umask for pkg files plists 2017-02-27 18:24:51 +01:00
Duncaen
44778867df lib/pkgdb.c: set a sane umask for pkgdb plist 2017-02-27 18:24:46 +01:00
Duncaen
cf43597e74 lib/package_unpack.c: add memleak notice 2016-09-25 21:47:58 +02:00
Duncaen
797796e086 lib/transaction_shlibs.c: fix memleak 2016-09-25 21:47:40 +02:00
Duncaen
4797dee468 lib/package_configure.c: fix memleak 2016-09-25 21:27:46 +02:00
Duncaen
3b04602cc6 lib/package_alternatives.c: cleanup create_symlinks 2016-09-05 16:03:41 +02:00
Duncaen
dd7a0d073b lib/package_alternatives.c: remove previous symlinks 2016-09-05 02:03:30 +02:00
Duncaen
08b9ed878f lib/fetch: default port, error checks and authentication support 2016-09-02 17:50:05 +02:00
Duncaen
30ace44394 lib/fetch: add socks5 support 2016-09-01 00:38:55 +02:00
Enno Boland
934a59ecd9 lib/fetch/http.c: send proxy auth on https as connect header.
fixes #185
2016-07-08 08:24:14 +02:00
Enno Boland
842ac7c97e lib/util_hash.c: fix memleak. 2016-06-20 10:03:49 +02:00
Enno Boland
30d1d0f607 util_hash.c: void return value 2016-06-17 17:03:43 +02:00
Enno Boland
cb94ffe1c0 util_hash.c: fail on negative result code of read. 2016-06-17 17:03:43 +02:00
Enno Boland
b55ffeceae lib/util_hash.c: write directly to malloced string instead if coping it over 2016-06-16 07:00:08 +02:00
Enno Boland
df97be6a54 lib/verifysig.c: use xbps_file_hash_raw()
instead of mmap'ing the source file, xbps_file_hash_raw is used
to generate a digest of the file.
2016-06-16 06:51:10 +02:00
Enno Boland
7ce66edc57 lib/util_hash.c: add xbps_file_hash_raw method
this function does not mmap the target file and therefore
avoids out of memory exceptions on 32bit systems.
2016-06-16 06:51:10 +02:00
Enno Boland
0b96156b5e Merge pull request #174 from ebfe/stage-leak
lib/repo: plug stage repo mem leak
2016-06-04 07:48:39 +02:00
Michael Gehring
46744c412d lib/fetch/common.c: fix build with -Werror=misleading-indentation
Fixes #179
2016-06-03 20:26:52 +02:00
Michael Gehring
2d6e865d00 lib/repo: plug stage repo mem leak 2016-05-04 09:46:14 +02:00
Enno Boland
7c8b1d7aaa lib/fetch/http.c: HTTP CONNECT needs two \r\ns 2016-04-27 11:04:14 +02:00
Enno Boland
3a5c1f3a71 lib/fetch/http.c: fix EOL at HTTP CONNECT
fixes #172.
2016-04-26 13:59:49 +02:00
Juan RP
adcc6d16a4 lib/fetch/common.c: simplify ssl_init(). 2016-04-24 19:20:54 +02:00
Michael Gehring
793de8399c lib: dont call EVP_cleanup in fp2str
Calling EVP_cleanup here undoes initialization already done in
lib/fetch/common.c ssl_init() causing subsequent attempts to call
SSL_CTX_new() to fail. Which ultimately is the root cause for #170.

Fixes #170
2016-04-24 16:40:25 +02:00
Juan RP
eb3d227d61 lib/fetch: check that SSL_CTX_new() does not fail and print its errors (#170).
Thanks @ebfe.
2016-04-24 08:42:32 +02:00
Juan RP
b810c25601 lib/fetch/common.c: dup pthread.h inclusion. 2016-04-23 07:04:25 +02:00
Juan RP
e2e8eea490 lib/fetch: also call SSL_load_error_strings() once (#167).
Close #168
2016-04-22 11:38:01 +02:00
Juan RP
228a89d51e Use pthread_once(3) to initialize openssl/libressl just once.
Fixes openssl initialization concurrently by multiple threads.
Close #167
2016-04-22 11:32:34 +02:00
Juan RP
2434b90d6e libxbps: use xbps_strlc{at,py} everywhere. 2016-04-17 20:17:37 +02:00
Juan RP
048668b0fe xbps_transaction_shlibs: for providers also print its pkgver obj. 2016-04-17 17:54:49 +02:00
Michael Gehring
530149d90d lib/portableproplib: fix various oob reads/segfaults
Applies the following patches from NetBSD:

http://cvsweb.netbsd.org/bsdweb.cgi/src/common/lib/libprop/prop_object.c?rev=1.30&content-type=text/x-cvsweb-markup
http://cvsweb.netbsd.org/bsdweb.cgi/src/common/lib/libprop/prop_object_impl.h?rev=1.31.12.1&content-type=text/x-cvsweb-markup
2016-04-07 15:07:11 +02:00
Michael Gehring
51511231bf lib/repo.c: fix potential null pointer deref 2016-04-07 02:15:49 +02:00
Juan RP
35ad10ccbd Fix 29765271e correctly.
xbps_find_virtualpkg_in_conf() needs to look at the vpkgs set up in
configuration files, not from those set by pkgdb.

As a result of this the two test cases that were failing yesterday are now
fixed.
2016-03-24 10:23:20 +01:00
Enno Boland
fa635399f0 Merge pull request #156 from Gottox/atomic-rindex-a
xbps-rindex: check for consistent shlibs
2016-03-24 07:11:53 +01:00
Juan RP
29765271e9 xbps.d(5): 'virtualpkg' can now be used to map any pkg to another.
See NEWS for more information.
2016-03-23 12:46:52 +01:00
Enno Boland
4d1ee3b01d xbps-rindex: check for consistent shlibs
When adding packages to the index, xbps-rindex will check if the
consistency of shlibs is broken by a package. If so, rindex will create
a stage file and commit the packages there. Once the consistency is restored,
rindex -a will commit the stage area back to the public repo and delete the
stage file.
2016-03-21 08:31:18 +01:00
Enno Boland
897ac238c4 Revert "xbps-rindex: check for consistent shlibs"
This reverts commit 5f4e1ad43e which was
accidently checked in in the master branch.
2016-03-20 21:40:22 +01:00
Enno Boland
5f4e1ad43e xbps-rindex: check for consistent shlibs
When adding packages to the index, xbps-rindex will check if the
consistency of shlibs is broken by a package. If so, rindex will create
a stage repository and commit the packages there. Once the consistency
is restored, rindex -a will commit the stage area back to the public
repo and delete the stage file.
2016-03-20 21:36:30 +01:00
Michael Gehring
3bfc7b5e6d alternatives: fix dirname() buffer reuse 2016-02-08 15:10:07 +01:00
Michael Gehring
ab0d5c847d libxbps: define _WITH_GETLINE for FreeBSD 2016-02-08 15:09:58 +01:00
Michael Gehring
618e504d30 actually use HAVE_FDATASYNC 2016-02-08 15:09:43 +01:00
Michael Gehring
0f56b68eac add HAVE_STRNSTR 2016-02-08 15:09:33 +01:00
Juan RP
041708f643 Revert "Execute pkg scripts via posix_spawn(3)."
This reverts commit e33f6354c3.

@Gottox pointed out why this won't work.
2016-02-06 10:56:32 +01:00
Juan RP
2130d5daa6 proplib/prop_data: avoid 0 sized allocation reported by clang-analyzer. 2016-02-06 09:41:27 +01:00
Juan RP
42994ada07 Fix xbps_dbg_printf arguments by using __attribute__((format, printf)).
Patch provided by Michael Ghering in #148.

Close #148
2016-02-06 09:13:38 +01:00
Juan RP
067687ce28 libxbps: ignore updates for pkgs with held deps. Close #143 2016-02-06 09:03:54 +01:00
Juan RP
e33f6354c3 Execute pkg scripts via posix_spawn(3). 2016-02-04 11:39:02 +01:00
Juan RP
91067c0547 xbps_symlink_target: fix bug introduced in b81b9ab. 2016-02-04 09:55:46 +01:00
Juan RP
1e733f4daa lib/util: fix a memleak detected by clang-analyzer. 2016-02-03 11:52:07 +01:00
Juan RP
f5f25a5ff4 xbps_symlink_target: fix a double free. 2016-02-02 11:51:26 +01:00
Juan RP
430a25f422 libxbps: execute pkg scripts with /bin/sh directly.
The pkg INSTALL/REMOVE scripts do not need to have the executable
bit set anymore, thus /tmp can be mounted with 'noexec' from now on.

GH #149
2016-02-02 11:28:48 +01:00
Juan RP
b81b9ab379 xbps_symlink_target: fix bb977c7 (v3). 2016-02-02 11:08:05 +01:00
Juan RP
d984eeeb47 xbps_symlink_target: fix bb977c7 (v2). 2015-12-21 17:50:13 +01:00
Juan RP
4c655fd56a xbps_symlink_target: fix bb977c7 2015-12-21 17:20:34 +01:00
Juan RP
9e524d831c fetch/common.c: fix a memleak found by clang-analyzer. 2015-12-21 17:12:14 +01:00
Juan RP
bb977c73e4 xbps_symlink_target: fix a meamleak reported by clang-analyzer. 2015-12-21 16:55:53 +01:00
Juan RP
9c4fa4909c libxbps: initialize locale correctly to handle UTF-8 filenames with musl.
This fixes unpacking of ca-certificates that wasn't unpacking the files
with UTF-8 characters correctly.
2015-12-11 09:59:16 +01:00
Juan RP
2830bbef6d package_remove: reset errno when a file does not exist (ENOENT).
To not propagate it later on... and also pass rv not errno to the
state callback function.
2015-12-01 08:31:05 +01:00
Juan RP
a9482027b2 xbps_array_foreach_cb_multi: handle the case of sysconf returning 0. 2015-11-26 07:18:14 +01:00
Juan RP
93b50bc4dc alternatives: preserve order while updating pkgs (thanks chris2/duncaen). 2015-11-17 16:32:12 +01:00
Juan RP
15ab86c90d alternatives: fix a double free in error path. 2015-11-15 09:23:51 +01:00
Juan RP
9ef83cfa69 alternatives: handle dirname() returning ".". 2015-11-15 09:17:05 +01:00
Juan RP
b3c7d27c6b alternatives: fix creation of symlinks with unexistent dirs.
If an alternative needs to create /usr/bin/foo, and /usr/bin
does not exist, this directory must be created prior to create
the symlink.
2015-11-14 07:26:27 +01:00
Juan RP
e0ce5641a3 lib/repo_pkgdeps.c: add missing \n in debug printfs. 2015-11-13 16:28:59 +01:00
Juan RP
2202482e0e conflicts: really fix the issue with on hold pkgs and update test case. 2015-11-12 13:23:00 +01:00
Juan RP
e9dbb7b2e9 conflicts: add some debugging and remove wrong path. 2015-11-12 13:06:09 +01:00
Juan RP
6a59b65e28 conflicts: fix previous again... 2015-11-12 12:54:53 +01:00
Juan RP
3a5f1f8ad5 conflicts: really ignore on hold pkgs from pkgdb. 2015-11-12 12:41:36 +01:00
Juan RP
784e43d876 conflicts: do not take into account conflicts for on hold pkgs. 2015-11-12 12:24:33 +01:00
Juan RP
0cf4a2c0c0 conflicts: another bugfix + test case. 2015-11-10 15:36:25 +01:00
Juan RP
da5ad3d052 lib/package_alternatives.c: fix builds on travis. 2015-11-10 12:05:20 +01:00
Enno Boland
ae44f32be2 lib/package_alternatives.c: fix memleak 2015-11-10 11:58:07 +01:00
Juan RP
0fced28044 lib/package_alternatives.c: error out if xbps_mkpath() fails.
... and ignore EEXIST for existing dirs.
2015-11-09 16:31:22 +01:00
Juan RP
594c48b9eb Merge pull request #133 from Gottox/relalt
lib/package_alternatives.c: always use relative symlinks in alternatives
2015-11-09 16:17:34 +01:00
Juan RP
182e5bb421 conflicts: ignore pkgs to be removed in transaction. 2015-11-09 16:00:15 +01:00
Enno Boland
2927e58df2 lib/package_alternatives.c: fix style 2015-11-09 08:52:49 +01:00
Enno Boland
78e3bde269 lib/package_alternatives.c: Handle // cases. 2015-11-08 10:47:25 +01:00
Enno Boland
19a65158d9 lib/package_alternatives.c: get rid of goto in normpath. 2015-11-08 10:38:31 +01:00
Enno Boland
8bd2808108 lib/package_alternatives.c: fix wrong /. handling for normalizing paths. 2015-11-08 10:37:26 +01:00
Enno Boland
635db51c27 lib/package_alternatives.c: always use relative symlinks in alternatives
This commit adds relative link support to lib/package_alternatives.c.
Instead of creating absolute links, xbps will create relative links
to the target. This allows to follow links on systems even if the
aren't mounted on /.
2015-11-07 08:40:57 +01:00
Juan RP
9b0cde3267 xbps-alternatives: dangling symlinks are now supported. 2015-11-02 21:02:37 +01:00
Juan RP
1ed8551c08 xbps_configure_packages: ignore internal xbps objects.
Fixes an assertion triggered by `xbps-reconfigure -a`.
2015-10-31 15:03:26 +01:00
Juan RP
f896b17ba7 alternatives: fix an assertion! 2015-10-31 14:19:50 +01:00
Juan RP
33a1bea633 alternatives: fix a warning. 2015-10-31 14:07:12 +01:00
Juan RP
512122da4c alternatives: really make relative symlinks this time. 2015-10-31 14:01:20 +01:00
Joey Gouly
b06ce15136 Allow relative symlinks in xbps-alternatives. 2015-10-31 11:54:01 +00:00
Juan RP
59a8d3d20e alternatives: skip dup alternative groups. 2015-10-31 11:47:58 +01:00
Juan RP
35718e676c Document alternatives in the API. 2015-10-30 13:18:32 +01:00
Juan RP
3ae197f94a xbps_pkgdb_unlock: there's no need to call xbps_pkgdb_update().
Users should call xbps_end() instead; this will flush pkgdb automatically.
2015-10-30 13:17:21 +01:00
Juan RP
cb857dfc27 Alternatives framework for xbps (2/2).
See xbps-alternatives(1) for more information.

Thanks to all who helped to design this and for fixing grammar in
the manual page.
2015-10-30 12:24:46 +01:00
Juan RP
f4cb178f6c libfetch: use default CA path rather than default CA file.
The default CA file set by FreeBSD is only available when using the
LibreSSL provided CA file, and we've decided to use the CA path
by default.

Discussed with @dominikh.
2015-10-28 07:31:26 +01:00
Juan RP
c4bce18734 Merge pull request #122 from GiedriusS/fix_1
libxbps: remove unused variable `pkgdepname'
2015-10-28 05:24:48 +01:00
Juan RP
a13a7fa896 Implemented reverse conflicts for pkgs in pkgdb and transaction. 2015-10-28 05:23:42 +01:00
Juan RP
2c81984f48 repo: fix 29608b0 correctly.
In 29608b0 local repos were simply ignored.
2015-10-27 14:22:30 +01:00
Juan RP
29608b0d8b repo: with XBPS_FLAG_REPOS_MEMSYNC only process remote repos. 2015-10-27 12:47:24 +01:00
Giedrius Statkevičius
5595bf95f1 libxbps: remove unused variable `pkgdepname' 2015-10-25 20:03:02 +02:00
Juan RP
90eb1d9433 libfetch: merge some features from FreeBSD:
- Supports HTTP/1.1 308 redirect.
- SSLv[23] HTTPS connections are forbidden by default.
- TLS client certificate validation thru OpenSSL.
- Fixes for user/password encoding, misc.
2015-10-24 07:52:30 +02:00
Juan RP
47c05047ea Merge pull request #108 from datenwolf/master
set umask for pkgdb creation/access
2015-10-21 09:11:55 +02:00
Juan RP
103caf0694 libxbps: extend the fix for #116 even more for the expected case.
This now catches both test cases correctly.
2015-10-19 18:19:24 +02:00
Juan RP
b069eb14ae libxbps: fixed issue #116 (vpkg does not replace pkg with update in trans).
Thanks to @dominikh for the test case.
2015-10-19 18:01:43 +02:00
Juan RP
4e446968c5 alternatives: do not ignore symlink(2) return value.
This fixes the travisci warning seen with gcc.
2015-10-19 17:11:34 +02:00
Juan RP
240d87af92 rpool: if pkg wasn't found set errno to ENOENT.
This is to return a proper error to the callers (i.e xbps-query(1)).
2015-10-19 17:05:55 +02:00
Juan RP
faeff38ca2 Alternatives framework (1/2) (WIP). 2015-10-18 10:38:35 +02:00
Juan RP
c457b594aa libxbps: fix eudev-libgudev -> libgudev fallout.
Packages to be replaced must be collected *before* checking for
broken reverse dependencies, otherwise them will always be detected
as broken.
2015-10-14 11:46:56 +02:00
Juan RP
d8fc08eb50 libxbps: make relative cachedir set via xbps.d(5) work again.
Close #117
2015-09-15 09:26:07 +02:00
Juan RP
782ec10111 xbps-create(1): timestamps of metadata files are now set to epoch.
Thanks to @Gottox for finding the real issue.
2015-09-03 11:12:49 +02:00
Juan RP
8081751f86 libxbps: print in verbose mode what pkgs are added to the transaction.
Useful to know why a transaction cannot be completed when there are
unresolved reverse dependencies.

Requested by @chris2.
2015-09-02 18:56:20 +02:00
Juan RP
0f2543a650 Fixed and improved msg when revdeps cannot be resolved in a transaction.
After:

$ xbps-install -un
re2-2015.07.01_1 (update) breaks installed pkg `chromium-44.0.2403.155_1'
Transaction aborted due to unresolved dependencies.
$

Before:

$ xbps-install -un
chromium-44.0.2403.155_1 broken, needs `re2-2015.07.01_1'
Transaction aborted due to unresolved dependencies.
$
2015-09-02 11:20:18 +02:00
Wolfgang Draxinger
bd8ea8133f fixed umask value 2015-08-19 15:42:48 +02:00
Wolfgang Draxinger
13f73ef41a Merge branch 'master' of github.com:voidlinux/xbps 2015-08-11 18:29:30 +02:00
Juan RP
8acc375487 portableproplib/prop_object: fix tyops in previous. 2015-07-26 09:16:32 +02:00
Juan RP
0d3c07cdee portableproplib/prop_object: fix an insecure temporary file (CID #62739). 2015-07-26 09:11:20 +02:00
Juan RP
36026451ce Fix some insecure temporary files reported by Coverity. 2015-07-26 09:02:04 +02:00
Juan RP
78f9a97980 lib/package_unpack: ignore remove(2) return value (CID #98681). 2015-07-26 08:22:27 +02:00
Juan RP
28f01b3836 xbps_transaction_package_replace: fix a resource leak (CID #98688). 2015-07-26 08:15:07 +02:00
Juan RP
0b7093e108 portableproplib/prop_object: handle possible NULL pointer deref (CID #62722). 2015-07-26 08:10:26 +02:00
Juan RP
a8d2b1d742 pkgdb: handle possible NULL pointer derefs (CID #98684). 2015-07-26 08:08:05 +02:00
Juan RP
7edabe907f xbps_rpool_release: fix a double free (CID #98695). 2015-07-26 08:03:16 +02:00