summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2021-07-22adb: remove the now unused get_default_int() hookTimo Teräs2-8/+1
It is no longer needed, and can be later reintroduced if needed.
2021-07-22adb: unify various interfaces to adb_m_processTimo Teräs12-220/+252
Removes code duplication, and puts important checks in one place. Support seamless decompression in adbdump.
2021-07-22adbsign: support compressed adb filesTimo Teräs4-6/+9
2021-07-22adb: support seamless de/compression of adb filesTimo Teräs9-22/+111
Add compression header of adb files. Support uncompressed and deflate compression at this time.
2021-07-22convndx: add error reportingTimo Teräs1-1/+5
2021-07-16libfetch: simplify code by merging protocol error handling branchesTimo Teräs2-36/+22
removes some code duplication
2021-07-16extract: fix integrity check failure to remove the bad file/volumeTimo Teräs1-33/+31
2021-07-16genhelp: improve to work with lua 5.1Timo Teräs2-7/+7
Fix the script to not contain \x00 escape which was the only new feature used. Fix the meson build script to use given lua interpreter for running the genhelp.lua. Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-16check trust in adb_trust_write_signatures()Timo Teräs1-1/+3
Based on patch from Daniel Golle <daniel@makrotopia.org>
2021-07-06define APK_DEFAULT_ARCH for loongarch targetsAriadne Conill1-0/+6
Macros used have been taken from Loongson's work-in-progress GCC 12 port.
2021-06-23mkpkg, extract: implement support for symlinks, devices and fifosTimo Teräs4-33/+101
2021-06-21openssl: explicitly ignore BIO_reset() return valueTimo Teräs1-1/+1
This caused some -Wall errors on certain gcc versions due to BIO_reset() being a macro with explicit cast.
2021-06-21db: check syscall errors in update_permissions()Timo Teräs1-5/+18
2021-06-21print: handle write() errors in apk_print_progress()Timo Teräs3-19/+25
2021-06-19doc: add missing options to index, info, and versionRodrigo Lourenço3-12/+23
2021-06-19reduce misuse of error codes from errno.hTimo Teräs17-118/+141
2021-06-19crypto: improve compatibilityTimo Teräs3-7/+9
EVP_MD_CTX_set_pkey_ctx() is fairly new openssl function, and not existing in many alternative. Use EVP_MD_CTX_reset() which is slightly more heavy but more portable. Add also signature buffer lengths to work with RSA.
2021-06-19mkpkg: ignore special files with warning instead of erroringTimo Teräs1-2/+1
2021-06-19fixup some includesTimo Teräs7-6/+1
- remove unneeded assert.h - add needed limits.h
2021-06-19Document apk-searchRodrigo Lourenço3-0/+45
Fixes #10746.
2021-06-19Remove AUTHORS section from man pagesTimo Teräs22-110/+0
Use of an AUTHORS section is strongly discouraged. Generally, it is better not to clutter every page with a list of (over time potentially numerous) authors. Add your name to comments in sources, or the root level AUTHORS file instead.
2021-06-14update Makefile to include new v3 code and appletsTimo Teräs1-11/+11
2021-06-12crypto: make EVP_MD_CTX_FLAG_FINALISE optionalTimo Teräs1-0/+2
Improves compatibility with libressl, wolfssl and older openssl libraries not having the flag. Usage of this is optional as it's purely performance optimization related flag.
2021-06-11fix glibc build of crypto abstraction headerTimo Teräs1-0/+1
2021-06-11fix makefile build after crypto abstraction workTimo Teräs1-1/+1
2021-06-11extract: add experimental support for uvol volumesTimo Teräs3-3/+104
2021-06-11extract: new applet to extract v2 packagesTimo Teräs14-65/+413
2021-06-11add basic abstraction for cryptographic operationsTimo Teräs25-260/+462
- basic digesting and signing apis (subject still to fine tuning) - update digest code, and adb signing for the thin wrapping layer - old v1 package and database handling not updated - default mkpkg file hash to sha256 ref #10744
2021-06-11mkpkg: new applet to create v2 packages with basic functionalityTimo Teräs17-210/+647
2021-06-11genadb: fix maximum inner adb limit checkingTimo Teräs2-1/+3
2021-05-31Disable progress bar on dumb terminals by defaultSören Tempel1-1/+4
The progress bar requires the terminal emulator to support ANSI escape sequences. Normally, TERM is set to dumb to indicate that the terminal emulator doesn't support any ANSI escape sequences. Attempting to use ANSI escape sequences on dumb terminals will lead to weird output. In order to make apk work by default, even on dumb terminals, this commit introduces an additional check which consults $TERM and disables the progress bar if it is set to "dumb".
2021-06-02add adbgen applet to generate databases from it's text dumpTimo Teräs14-8/+430
2021-05-26add abstraction to adb "walking" - a sax like API to enumerate whole dbTimo Teräs7-202/+357
This converts 'adbdump' applet to generate adb_walk api callbacks, and implement gentext backend to generate the yaml-like text output.
2021-05-19solver: don't consider requirer count for preferenceTimo Teräs3-18/+29
The original intent was to choose packages to which there is most dependencies. However, since the code has evolved this is has been mostly obsolete. And in fact now interferes with the provides and provides priority mechanism. Remove this as obsolete. Fixes #10742
2021-04-12io_archive: add bounds limit for uname and gname tar header fieldsTimo Teräs3-10/+11
Modify apk_resolve_[ug]id to take the user/groupname as a blob, so proper length checking is done and honored. ==31584== Conditional jump or move depends on uninitialised value(s) ==31584== at 0x5C8CA5: strlen (strlen.c:17) ==31584== by 0x432575: APK_BLOB_STR (apk_blob.h:79) ==31584== by 0x4350EB: apk_resolve_uid (io.c:1112) ==31584== by 0x43696C: apk_tar_parse (io_archive.c:152) ==31584== by 0x4271BC: apk_pkg_read (package.c:929) ==31584== by 0x402D75: add_main (app_add.c:163) ==31584== by 0x40D5FF: main (apk-static.c:516) Fixes a potential crash (DoS) on a crafted TAR file. CVE-2021-30139. Reported-by: Sören Tempel <soeren+git@soeren-tempel.net> Reviewed-by: Ariadne Conill <ariadne@dereferenced.org>
2021-04-11io: fix fd leak in error handling pathsTimo Teräs1-5/+20
apk_dir_foreach_file and apk_resolve_[ug]id needs to free the fd in case fdopen/fdopendir fails. Additionally this does not rely on fdopen to fail if openat() returned -1, making sure that we don't call any syscalls with invalid file handle.
2021-04-02Fix segfault in log_internal if prefix is APK_OUT_LOG_ONLYSören Tempel1-1/+1
This commit fixes a regression which was introduced in changeset 646c834492a419a96b4032c230e842d27f87e997. If apk_out_fmt() is called while out->log is set and prefix is set to APK_OUT_LOG_ONLY, then apk_out_fmt() would pass this prefix to log_internal() which would, in turn, attempt to write it to standard out using fprintf(). Unfortunately, doing so wont work as intended if prefix is ((char*)-1) (i.e. APK_OUT_LOG_ONLY) and will cause a segmentation fault instead. This commit fixes this segmentation fault by not printing the prefix in log_internal() if it is either NULL or APK_OUT_LOG_ONLY.
2021-03-19Log to /var/log/apk.logDrew DeVault5-10/+61
This adds a log file at /var/log/apk.log. On each run, apk's version information and the current date & time are written to this file, followed by any normal apk output.
2021-03-19database: do not chroot(".") unless actually necessaryAriadne Conill3-2/+14
If we use default root (/), then we do not have to chroot to run scripts. Use APK_NO_CHROOT flag for this scenario to avoid the chroot. This helps with using apk with bwrap and OSTree. Closes #10736.
2021-03-19del: report correctly package's provides namesTimo Teräs1-9/+21
The code assumed that when package is in world, it would be there by it's primary name. The code is now updated to properly print the package names that are actually present in world. fixes #10718
2021-03-16libfetch: send Proxy-Authorization also for https connectTimo Teräs1-8/+20
fixes #10738
2021-03-13Use correct port when redirectedMartin Vahlensieck1-1/+1
If server redirects from http to https, libfetch detects this, but wrongly uses the old url scheme to determine the port. This subsequently leads to the following OpenSSL error: 139741541575496:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:331: Using the new scheme fixes this. This error message comes from trying to connect to port 80 with TLS, it can also be observed by issuing $ openssl s_client -connect alpinelinux.org:80 This bug was introduced in commit: 7158474 libfetch: keep http auth only if redirect is for the same host
2021-02-07db: fix control character check to use uint8_tTimo Teräs1-2/+2
fixes #10737
2021-02-04db: consider control characters in filename as maliciousTimo Teräs3-11/+22
Especially a newline can produce havoc in the database file as the filename is written there as-is. This hardenes the extraction to consider any control character as malicious. Additional hardening is added to database loading to better detect corrupt state and return proper error code about it. Reported-by: Luca Weiss <luca@z3ntu.xyz>
2021-02-04io: Handle really long linesOlliver Schinagl3-19780/+1
While commit 18b0b45 (io: Handle long lines, Thu Jan 7 17:25:23 2021 +0100) did attempt to address this issue, the buffer really is still to small when dealing with big-big dependency lists. Lets make it sufficiently large for now, until the new APKINDEX format can support multi-line dependencies, making this not needed any more. [TT: Originally the buffer size was conservative to run on resource constrained embedded platforms. But since the available memory on those has also increased much, the adjustment to 128kB makes sense also to increase performance a little bit. Removing also the iolimit test.] Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
2021-02-04gunzip: fix false end-of-file condition in rare circumstancesTimo Teräs1-1/+1
It turns out inflate() can output zero bytes, even if it consumed data. This had the unfortunate side effect of returning zero bytes (end-of-file) condition before calling the boundary callbacks. This fixes the logic to not return zero reads on gzip boundary. In practice this fixes the seldom seen issues of apk reporting bad signature (when it was correct).
2021-01-27fix compilation without deprecated OpenSSL APIsRosen Penev3-33/+32
(De)initialization is deprecated under OpenSSL 1.0 and above. [TT: Some simplifications, and additional edits.] Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-19libfetch: harden URL parsingTimo Teräs1-11/+28
Treat URLs with too long individual components as malformed instead of silently truncating that field. There might be unexpected results if hostname, username or password field gets truncated.
2021-01-19libfetch: fix connection pooling for proxied http/https requestsTimo Teräs4-15/+14
The connection pooling was broken in two ways: 1. The original URL was always used as the connection pool URL, resulting in duplicate connections to the proxy for http URLs (each http URL would get separate proxy connection) 2. The cache_url stored was always the socket level connect URL. In case of HTTPS, the lookup was done done with the real URL, but the proxy URL was stored as the "cache URL". Thus HTTPS CONNECT connections were never re-used. This fixes the code with following logic: 1. The cache key url is the real URL when no-proxy, or when HTTPS with proxy (the socket is connected to proxy, but logically it is connected to the real URL due to HTTP CONNECT request). And for HTTP with proxy, it's the proxy URL so same proxy connection can be reused for all requests going through it. 2. fetch_connect() now gets cache key URL separately, and it always gets the same value as the fetch_cache_get() calls.
2021-01-19libfetch: fix use-after-free in connection cache managementTimo Teräs1-3/+3
fixes #10734