This is the first commit in a series to make xbps-create build
reproducable packages.
xbps-create uses nftw(3) to walk through all files. As nftw doesn't
sort files it may happen that the resulting packages will have
different checksums due to differentiating orders of files on
different filesystems.
To solve this issue xbps-create uses xbps_directory_t, which is always
sorted, instead of a simple linked list.
The latter could be too expensive, and we only care for the data to be written
to the binary package because a bit later we rename() the temporary file,
which will ensure a data flush to disk.
There's no reason to make them absolute, simply store in the metadata
the target file as is. This vastly simplifies the code and makes all
test pass correctly.
Rather than using a random buffer from stack or heap, and decide
what size to use, create a private memory mapped object...
This simplifies the code in lib/verifysig.c and xbps-create.
xz -9 is very expensive in terms of CPU and memory usage, and also
memory usage for decompression. Thus we stick to default of -6 for
xz. For gzip and bzip2, -9 is ok.
There's not much point in using FTW_MOUNT anyway because we don't care
if files are in another filesystem. This makes it work with musl
(which uses a different behaviour when FTW_MOUNT is set).
- Repository keys are now stored in a new directory on metadir (/var/db/xbps):
<metadir>/key>
- Repository keys are stored with the hex fingerprint of its RSA
public key in a plist dictionary:
<metadir>/keys/xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.plist
- Drop xbps-rkeys(8) and merge its functionality into xbps-install(8) and
xbps-query(8).
- xbps-query(8) -vL now shows some more details of remote repositories:
3134 http://localhost:8000 (RSA signed, verified)
Signed-by: Void Linux
4096 60:ae:0c:d6:f0:95:17:80:bc:93:46:7a:89:af:a3:2d
16 http://localhost:8000/nonfree (RSA signed, verified)
Signed-by: Void Linux
4096 60:ae:0c:d6:f0:95:17:80:bc:93:46:7a:89:af:a3:2d
Bump XBPS_API_VERSION.
