Since 8d5c48b, xbps has used a sha1 ASN1 prefix with a sha256 hash, and
as of openssl v3, openssl cares about this. This works around that in a
compatible way by moving to a second sig file, binpkg.sig2.
For xbps-remove -O and xbps-rindex -r, also clean up obselete .sig files.
Instead of just cryptically exiting 0 when opening a non-existant
repodata or stagedata, with the only message existing in the debug
output, show an error to the user on stderr.
mentioned in #519
With HTTP 1.1 persistent connection is default and Connection
header is not sent.
Before patch, for every file, including 512b signature, there was
done dns query, tls handshake etc.
Prior to this change, xbps-query --cat would abort if the entry file
name would contain non ascii characters as it returns ARCHIVE_WARN
when failing to use iconv to the users character encoding without
having locales initialized.
Other places in xbps already ignore ARCHIVE_WARN.
when repolocked package has newer version in other repository and other
package depend on that newer version, repolocked package was updated and
swiched to other repo, while repolock status was left enabled
Deleting obsolete directories is different from deleting obsolete files,
files need to be deleted by the first package that might change the file
into a different file type.
Directories need to be deleted by the last package that removes files
out of the directory to avoid ENOTEMPTY if another package has a file in
the given directory which is uninstalled later.
This fixes#282.
Those packages are going to be either updated or uninstalled,
changing the transaction type breaks this.
There is no apperent reason to change the type anyways.
- internalize scripts so we can use them before unpacking packages.
- moves some required metadata checks out of the package unpack stage
so errors do not leave the system in a half unpacked state.
xbps_transaction_files will be changed later to use the loaded
files.plist instead of opening each binary package on its own again.
Using fmemopen here wasn't necessary, since memcpy could have been used
with way lower overhead. We don't use a dedicated function, because
turning a data field into a string is an inefficient operation and
shouldn't be encouraged.
Also don't initialize data when it's declared, it isn't necessary.
- use less intermediate variables
- assert that archive_read_new managed to allocate memory for itself:
not ideal, but if we ever want to move from assertions it shows us
where we need to change things
- use libarchive's archive_error_string for better error messages
Closes: #345 [via git-merge-pr]
HTTP connections are cached for performance, but they end up being
leaked when running configure scripts. To avoid this, close the
connection cache after all downloads are finished.
Closes: #326 [via git-merge-pr]
Both CFLAGS and LDFLAGS need to be passed during linkage as CFLAGS may
contain things that influence linkage (e.g. ssp_nonshared may be
necessary to link when using strong stack protector).
Pointed out by q66.
Closes: #330 [via git-merge-pr]
The HTTP_REDIRECT() macro already included this case, but the
switch-case with the return value of http_get_reply(conn) didn't. This
made it so that a server returning HTTP_TEMP_REDIRECT (307) would
generate a failure, unless libfetch was used in verbose mode, in which
case the headers would be parsed (in order to report errors), then the
'Location' header would be found and a new connection would be made.
Fixes#348
The width of unsigned long matching the width of a pointer isn't
guaranteed by any standard, though it is a requirement of the Linux
syscall API. Using uintptr_t directly is always correct.