Juan RP
eaccf4813d
Merge pull request #246 from ebfe/signed_pkgver
...
lib/package_unpack.c: verify signed pkgver matches
2017-10-25 09:17:55 +02:00
Michael Gehring
4aae026615
lib/package_unpack.c: verify signed pkgver matches
...
$ARCH-repodata is currently not protected by a signature. While most of
the package metadata is also embedded into the .xbps files, which are
protected by a signature, xbps-install ignores it
(1670ff000d/lib/package_unpack.c (L123)
)
and relies entirely on $ARCH-repodata.
This enables anyone who is able to modify the $ARCH-repodata to
substitute packages. This patch adds a check that verifies the signed
pkgver matches the one in the repodata, so at least downgrades posing as
updates are detected.
This is an incomplete fix as the whole transaction is still set up with
the unsigned repodata and other issues surely exist. The real fix is
signing $ARCH-repodata.
2017-07-09 12:46:01 +00:00
Duncaen
332fbc195a
lib/package_unpack.c: set a sane umask for pkg files plists
2017-02-27 18:24:51 +01:00
Duncaen
cf43597e74
lib/package_unpack.c: add memleak notice
2016-09-25 21:47:58 +02:00
Juan RP
42994ada07
Fix xbps_dbg_printf arguments by using __attribute__((format, printf)).
...
Patch provided by Michael Ghering in #148 .
Close #148
2016-02-06 09:13:38 +01:00
Juan RP
faeff38ca2
Alternatives framework (1/2) (WIP).
2015-10-18 10:38:35 +02:00
Juan RP
78f9a97980
lib/package_unpack: ignore remove(2) return value (CID #98681 ).
2015-07-26 08:22:27 +02:00
Juan RP
c464874c1e
unpack: make sure the xucd callbacks don't get a dangling pointer.
...
If the current entry filename has been changed, the pointer must be updated
to point to the updated string.
2015-05-28 10:39:39 +02:00
Juan RP
976718417b
libxbps: remove "skip-obsoletes" handling; unnecessary with the mtime checks.
2015-02-26 19:51:03 +01:00
Juan RP
cbe493858c
libxbps: apply file timestamps to unmodified files on-disk while unpacking.
2015-02-25 11:10:18 +01:00
Juan RP
b133b9023c
lib/package_unpack.c: wrap some long lines and fix an obvious error.
2015-02-24 09:34:39 +01:00
Juan RP
571d96fa92
libxbps: make sure to remove pkg metadata file on upgrades with skip-obsoletes.
...
This fixes the following case:
- A-1.0_1 is installed and owns bin/foo.
- A-1.1_1 is in the transaction and depends on B-1.0_1 that owns bin/foo.
- B-1.0_1 is in the transaction and replaces A<1.1_1.
- A-1.1_1 in the transaction now has "skip-obsoletes".
- A is updated to 1.1_1, its metadata file (<pkgname>-files.plist) wasn't removed.
Added two new test cases to verify moving files from/to a dependency.
2015-01-27 17:53:37 +01:00
Juan RP
d11230a29d
libxbps: abort pkg unpacking as soon as a file cannot be written.
...
Close #74
2015-01-18 10:22:05 +01:00
Juan RP
91b7b2fd5a
Use a sane umask(2) before unpacking package files.
...
See https://github.com/voidlinux/void-packages/issues/835
for more information.
2015-01-11 11:01:09 +01:00
Juan RP
e75beec76f
unpack: get rid of code that checks for modified symlinks.
...
Unpacking those symlinks is so cheap that there's no point in wasting
resources just to check if those have been modified, just unpack them
unconditionally.
2014-10-25 06:52:12 +02:00
Juan RP
654c77df25
Switch back to uncompressed plists.
...
There's no point in slowing down read performance just to save a few bytes.
2014-10-24 10:15:41 +02:00
Juan RP
e35d0c202c
unpack: simplify pkg metadata extraction.
...
There's no need to internalize props.plist because there are no changes
compared to the pkg dictionary stored in the repo index, simply ignore it.
The code only cares for the files.plist to check for obsolete files.
2014-10-21 09:25:15 +02:00
Juan RP
b1eb62a2df
lib/package_unpack.c: switch pkg meta files to zplist too.
2014-10-17 10:23:12 +02:00
Juan RP
89b8c61c47
lib/package_unpack.c: remove unused var (CID 62731)
2014-10-05 11:57:20 +02:00
Juan RP
dd851f18a2
lib/package_unpack.c: zero out struct (CID 62755)
2014-10-05 07:12:30 +02:00
Juan RP
2fe35a5bf3
lib/package_unpack.c: do not initialize xucd at all, unnecessary.
...
Initializing with {0} wasn't understood with gcc-4.6.x on travis-ci,
so just remove it.
2014-10-04 21:59:47 +02:00
Juan RP
ac2c517bd7
Fixed install/update tests on pkgs with no files.
2014-09-14 18:04:10 +02:00
Juan RP
ed6b3c00f5
xbps_entry_install_conf_file: fix non debug build.
2014-09-11 11:56:23 +02:00
Juan RP
01dbb968dd
Welcome pkgdb-0.38.
2014-09-11 00:12:12 +02:00
Juan RP
f8d8f91a08
Implement support to "preserve" existent on-disk files.
...
See NEWS for more information. Fix #51
2014-08-01 15:09:51 +02:00
Juan RP
04c7647492
lib/package_unpack.c: fix a typo that made modified files to not be unpacked.
2014-07-30 18:50:43 +02:00
Juan RP
cc6f9901f1
Fix #50 (Existent files on disk might be overwritten by packages with conf_files).
2014-07-30 16:18:57 +02:00
Juan RP
b63cc62e3d
lib/package_unpack.c: add some comments.
2014-07-02 11:30:41 +02:00
Juan RP
18e0524287
libxbps: optimize rootdir access/creation by checking/creating it only once.
2014-05-27 10:02:01 +02:00
Juan RP
8c47021ec3
Fix #31 and add new test case to reproduce it.
2014-02-25 22:55:39 +01:00
Juan RP
5eea259c13
Remove the config.h kludge and override vasprintf detection via HAVE_VASPRINTF.
2014-01-20 18:50:33 +01:00
Juan RP
16fc064aef
Remove obsolete files also on package reinstalls (and downgrades).
2014-01-15 21:52:35 +01:00
Juan RP
6943eedd26
Partial revert of 36adf15 (lib code is not yet ready).
2014-01-15 21:03:53 +01:00
Juan RP
36adf15c6b
tests: new test to verify obsolete files code works in updates and reinstalls.
2014-01-15 20:59:49 +01:00
Juan RP
92a73a9a54
lib/package_unpack.c: remove redundant assertions.
2013-12-25 09:00:51 +01:00
Juan RP
0cf9047bd2
unpack: use files.plist from binpkg when checking for configuration files.
2013-12-25 08:40:45 +01:00
Juan RP
73509b3556
lib/package_unpack.c: remove dead code (softreplace).
2013-12-25 08:35:55 +01:00
Juan RP
3c0edd40c8
lib/package_unpack.c: only create rootdir if it doesn't exist once.
2013-12-21 12:03:38 +01:00
Juan RP
79bf795e1a
lib/package_unpack.c: make clang stfu due to -Wmissing-field-initializers.
2013-11-19 10:39:46 +01:00
Juan RP
8d7c899d48
lib/package_unpack.c: initiliaze struct rather than memset.
2013-11-18 18:23:31 +01:00
Juan RP
44533f9f57
lib/package_unpack.c: compute unpack cb stats only once.
2013-11-15 10:36:31 +01:00
Juan RP
6d9bb47fba
unpack: make sure to remove only on-disk files if file type does not match.
...
Added another ATF test-case to make sure it works properly.
2013-11-09 08:59:02 +01:00
Juan RP
8f36f8e638
Make sure that configuration files are properly kept or unpacked.
...
Added two new test cases to verify it works as advertised.
2013-11-06 10:45:33 +01:00
Juan RP
c1fafcd339
Fix #20 and added an ATF test-case.
2013-11-05 09:56:36 +01:00
Juan RP
747f250202
unpack: apply correctly file permissions to existent files.
...
Will be backported to the 0.26.x branch.
2013-10-30 12:02:16 +01:00
Juan RP
4057e4961c
Use C99 for loop initializers.
...
That means that a C99 compiler is now mandatory.
2013-09-15 10:06:49 +02:00
Juan RP
571d8748b4
lib/package_unpack.c: fix a double free.
2013-08-30 15:34:29 +02:00
Juan RP
24ff0472dd
Use fs blksize from stat(2)ed file when reading archives.
2013-08-29 14:30:14 +02:00
Juan RP
20fb38142b
lib/package_unpack.c: fixed two memleaks.
2013-08-29 12:06:04 +02:00
Juan RP
52fc384e4e
Fixed some issues/warnings found by clang-analyzer.
2013-06-20 11:25:43 +02:00