| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
handler
SA_ONESHOT is a GNU-specific alias for POSIX SA_RESETHAND.
|
|
the stat64 family of functions were provided as transitional functions,
but when building on glibc with _GNU_SOURCE, or any other supported system,
the stat functions are equivalent to their stat64 counterparts
|
|
This options is useful for (post)install scripts to run with the same
environment variables as apk is executed.
[TT: minor stylistic changes]
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
musl implements support for malloc.h, but it is only a stub. we do not use
any of the GNU-specific malloc interfaces, so just use POSIX stdlib.h instead.
ref #10794
|
|
fixes #10796
|
|
The v3 format will not require the hash, but synthesize it to the
DB so v3 packages can get installed properly.
fixes #10785
|
|
The apk_fsdir_file_digest() servers dual purpose: to calculate
the checksum, but also to determine if the file exists. Move
it's error check where it originally was.
fixes #10791
|
|
fixes #10778
|
|
Remove the APK_REPOSITORY_CACHED bit from dependencies only
packages (that is, installed_size == 0). For fetch, the problem
is that apk_db_select_repo() would return the cache repository,
but the package would not be there. Update also the locations
needed to handle these packages correctly without the cached
repository bit being set.
|
|
|
|
by adding an abstraction layer to the file system
|
|
When extraction failed, the user has had no opportunity to edit
any files. Just clean up.
|
|
fix also the progress callback on uvol extraction
|
|
|
|
|
|
|
|
In most places where pointer can be an 'error' it cannot be null
pointer. Further, in those cases just calling PTR_ERR() is not enough
to handle the null case. Simplify code by removing this case.
If NULL case needs to be handled, it's better to add separate check
and return fixed error code in that case.
|
|
fixes #10762
|
|
This splits the callbacks by type, and further prepares the API
to be usable for v3 files too.
|
|
This moves and isolates the tar code to tar.c. And the actual
file extraction to disk is moved to extract.c.
A new API is introduced and used for v2 file extraction. This
essentially moves and isolates the apk_sign_ctx_* beast into
extract_v2.c and offers a saner interface to handling packages.
A place holder is added for v3 extraction.
|
|
Make errors more observable. Unfortunately full rollback is
non-trivial to implement. This is something to be fixed with
the v3 database format.
|
|
Packages containing files with path names longer than 1024 characters
cannot fit into the buffer which is used to write "installed" database.
This leads to bbuf being APK_BLOB_NULL in apk_db_write_fdb because
apk_blob_push_blob notices the condition and correctly handles it.
The problem occurs when arguments to apk_ostream_write are manually
calculated by pointer arithmetics. Since bbuf.ptr is NULL in such a
case, bbuf.ptr - buf leads to a huge size value while buf still points
into the stack.
fixes #10751
[TT: minor edit to commit and abbreviating the commit message]
|
|
fixes #10748
|
|
|
|
- apk_istream_splice usage is converted to apk_stream_copy which
is the newer variant. With caching enabled by default, this
makes more sense mmapping or using separate buffers.
- apk_istream_tee is reworked to write to apk_ostream, which simplifies
quite a bit of various things
|
|
The interface was slightly cumbersome, so replace these functions
to return explicit error, and make the return blob a pointer arg.
|
|
|
|
|
|
|
|
- basic digesting and signing apis (subject still to fine tuning)
- update digest code, and adb signing for the thin wrapping layer
- old v1 package and database handling not updated
- default mkpkg file hash to sha256
ref #10744
|
|
If we use default root (/), then we do not have to chroot to run scripts.
Use APK_NO_CHROOT flag for this scenario to avoid the chroot. This helps
with using apk with bwrap and OSTree.
Closes #10736.
|
|
fixes #10737
|
|
Especially a newline can produce havoc in the database file as
the filename is written there as-is. This hardenes the extraction
to consider any control character as malicious. Additional
hardening is added to database loading to better detect corrupt
state and return proper error code about it.
Reported-by: Luca Weiss <luca@z3ntu.xyz>
|
|
Regression introduced by 0fb0d30 which makes parsing a description
a critical failure.
[TT: Minor stylistic change. Fix also missing final line change
from the earlier commit]
|
|
In case of failure when loading an APKINDEX, no errors are
propagated to the user which may uncorrectly interpret the
current problem.
|
|
|
|
The new v3 applets don't use it, and eventually all applets will
use the new formats only.
This prepares the code for this, and moves trust, id_cache, and
root_fd to apk_ctx which is enough for v3 applets at this time.
The generic code is made to not initialize apk_database if it's
not needed.
|
|
makes apk_verbosity non-global
fixes #10682
|
|
ref #10682
|
|
ref #10682
|
|
|
|
|
|
This is a flat buffers inspired format that allows fast
mmaped access to the data with low overhead, signature support
and relatively good forward support.
|
|
|
|
Document the version when changed. And print error with similar note
if the given repositories-file cannot be read.
|
|
On some systems the `/var/` dir is mounted in a tmpfs which is reseted
after each reboot. For that reason no post-install script can handle the
creation of the cache dir at `/var/cache/apk`.
Check on database opnening if the folder is available, if not create it.
Fixes #10715
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
It used to be relative to the --root specified root, but that
causes issues with relative command line filenames and is unintuitive.
Update documentation accordingly. Fixes #10702.
|
|
fixes #10710
|
|
|
|
Closes #10708.
|
