Since 8d5c48b, xbps has used a sha1 ASN1 prefix with a sha256 hash, and
as of openssl v3, openssl cares about this. This works around that in a
compatible way by moving to a second sig file, binpkg.sig2.
For xbps-remove -O and xbps-rindex -r, also clean up obselete .sig files.
This reverts commit be7d8cfaf1.
This commit missed some previous copyrights mentioned,
in general I think its better to have this per-file to
follow who wrote what and when.
When adding packages to the index, xbps-rindex will check if the
consistency of shlibs is broken by a package. If so, rindex will create
a stage file and commit the packages there. Once the consistency is restored,
rindex -a will commit the stage area back to the public repo and delete the
stage file.
We use a simple file lock that is created with O_CREAT|O_EXCL.
This should fix the concurrency issues with multiple processes
running xbps-rindex -a/-c on the same repository/arch combo.
If xbps_repo_open() was called with the lock arg set, xbps_repo_close()
will now unlock the repo file lock, without the need to set it.
This avoids the need to always unlock the file lock even if it wasn't
locked previously. This also introduceds an ABI/API break, but this
way it's cleaner.
- xbps_repo_open() accepts a third argument (bool) to acquire a POSIX file
lock on the repository archive.
- xbps_repo_close() accepts a second argument (bool) to release a POSIX file
lock on the repository archive.
This avoids the issue of multiple xbps-rindex(8) processes being blocked
even for different repositories on the same architecture, resulting in
unnecessary contention.
- Removed -c --clean mode. It's not too useful and adds a considerable
amount of gratuitous code. It takes almost the same time than
adding all pkgs from scratch.
- When creating the repository data always add the meta plist at the
2nd position in the archive, to optimize its access.
- Misc improvements.