summaryrefslogtreecommitdiff
path: root/pkgtools
diff options
context:
space:
mode:
authorjoerg <joerg@pkgsrc.org>2017-04-19 21:42:50 +0000
committerjoerg <joerg@pkgsrc.org>2017-04-19 21:42:50 +0000
commitb9bf574a1b77c308cfb7fb24974f89335ad9c9a6 (patch)
tree2b9477af020b9b5a929dc9075661af4551e2f0aa /pkgtools
parente2a5f2e64fb39b333611a2a9a7edc8a8038d0685 (diff)
downloadpkgsrc-b9bf574a1b77c308cfb7fb24974f89335ad9c9a6.tar.gz
pkg_install-20170419:
- Convert to libarchive 3.x interfaces, avoiding the legacy glue. - Rename local copy of netpgpverify to match installed headers. - Shuffle bootstrap code to reduce special cases in pkg_add. - Always read/write file names in tar archives as binary. While they are supposed to be UTF-8, locale conversion creates more problems than it solves here. - Fix const correctness in gpg_verify. - Add format string annotation for xasprintf for GCC-like compilers. - Restrict supported archive formats for binary packages to ar (signed packages) and tar (actual content) with uncompressed/gzip/bzip2/xz as compression choices. This reduces the exposed libarchive surface. - The pkg-vulnerability file correspondingly supports only the same compression choices.
Diffstat (limited to 'pkgtools')
-rw-r--r--pkgtools/pkg_install/Makefile14
-rw-r--r--pkgtools/pkg_install/files/add/perform.c27
-rw-r--r--pkgtools/pkg_install/files/admin/main.c8
-rw-r--r--pkgtools/pkg_install/files/create/build.c20
-rw-r--r--pkgtools/pkg_install/files/create/util.c13
-rw-r--r--pkgtools/pkg_install/files/info/perform.c35
-rw-r--r--pkgtools/pkg_install/files/lib/Makefile.in6
-rw-r--r--pkgtools/pkg_install/files/lib/defs.h5
-rw-r--r--pkgtools/pkg_install/files/lib/gpgsig.c16
-rw-r--r--pkgtools/pkg_install/files/lib/lib.h10
-rw-r--r--pkgtools/pkg_install/files/lib/pkg_io.c47
-rw-r--r--pkgtools/pkg_install/files/lib/pkg_signature.c41
-rw-r--r--pkgtools/pkg_install/files/lib/version.h4
-rw-r--r--pkgtools/pkg_install/files/lib/vulnerabilities-file.c34
14 files changed, 144 insertions, 136 deletions
diff --git a/pkgtools/pkg_install/Makefile b/pkgtools/pkg_install/Makefile
index 02aab8921f8..5e557da239b 100644
--- a/pkgtools/pkg_install/Makefile
+++ b/pkgtools/pkg_install/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.219 2017/01/03 17:53:14 jperkin Exp $
+# $NetBSD: Makefile,v 1.220 2017/04/19 21:42:50 joerg Exp $
# Notes to package maintainers:
#
@@ -104,8 +104,8 @@ MAKE_FLAGS+= ACTIVE_CC=clang
VERSION!= ${AWK} '/PKGTOOLS_VERSION/ {print $$3}' \
${FILESDIR}/lib/version.h
-# raw format appeared in libarchive 2.8.
-BUILDLINK_API_DEPENDS.libarchive+= libarchive>=2.8.0
+# Requires 3.x filter API and bugfixes.
+BUILDLINK_API_DEPENDS.libarchive+= libarchive>=3.3.1
.include "../../archivers/bzip2/builtin.mk"
.include "../../archivers/xz/builtin.mk"
@@ -181,9 +181,9 @@ pre-configure: config-guess-override config-sub-override
CPPFLAGS+= -I${WRKDIR}/libfetch
LDFLAGS+= -L${WRKDIR}/libfetch
# Avoid duplicate and conflicting headers, pull in any we need
-# directly with <netpgpgverify/*.h>
+# directly with <netpgpg/*.h>
CPPFLAGS+= -I${WRKDIR}
-LDFLAGS+= -L${WRKDIR}/netpgpverify
+LDFLAGS+= -L${WRKDIR}/netpgp
CONFIGURE_ENV+= LIBS=${LIBS:Q}
@@ -199,7 +199,7 @@ do-extract:
@${CP} -R ${FILESDIR.libarchive} ${WRKDIR}/libarchive
.endif
@${CP} -R ${FILESDIR.libfetch} ${WRKDIR}/libfetch
- @${CP} -R ${FILESDIR.netpgpverify} ${WRKDIR}/netpgpverify
+ @${CP} -R ${FILESDIR.netpgpverify} ${WRKDIR}/netpgp
pre-configure:
.if empty(USE_BUILTIN.bzip2:M[yY][eE][sS])
@@ -223,7 +223,7 @@ pre-configure:
${SETENV} ${MAKE_ENV} ${BSD_MAKE_ENV} \
${MAKE_PROGRAM} ${MAKE_FLAGS} ${BUILD_MAKE_FLAGS} \
-f ${MAKE_FILE} depend all
- cd ${WRKDIR}/netpgpverify && \
+ cd ${WRKDIR}/netpgp && \
${SED} -e '/zlib/d' Makefile.lib.in >Makefile.in && \
${RM} -f bzlib.h zlib.h && \
${CONFIG_SHELL} ${CONFIG_SHELL_FLAGS} ./configure && \
diff --git a/pkgtools/pkg_install/files/add/perform.c b/pkgtools/pkg_install/files/add/perform.c
index feddef6bc47..e954cbed2e8 100644
--- a/pkgtools/pkg_install/files/add/perform.c
+++ b/pkgtools/pkg_install/files/add/perform.c
@@ -1,4 +1,4 @@
-/* $NetBSD: perform.c,v 1.108 2015/12/27 12:36:42 joerg Exp $ */
+/* $NetBSD: perform.c,v 1.109 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
@@ -6,7 +6,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: perform.c,v 1.108 2015/12/27 12:36:42 joerg Exp $");
+__RCSID("$NetBSD: perform.c,v 1.109 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 2003 Grant Beattie <grant@NetBSD.org>
@@ -50,6 +50,7 @@ __RCSID("$NetBSD: perform.c,v 1.108 2015/12/27 12:36:42 joerg Exp $");
#if HAVE_FCNTL_H
#include <fcntl.h>
#endif
+#include <limits.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
@@ -827,8 +828,7 @@ extract_files(struct pkg_task *pkg)
out:
if (!NoRecord)
pkgdb_close();
- archive_write_close(writer);
- archive_write_finish(writer);
+ archive_write_free(writer);
return r;
}
@@ -1373,9 +1373,7 @@ check_license(struct pkg_task *pkg)
static int
pkg_do(const char *pkgpath, int mark_automatic, int top_level)
{
-#ifndef BOOTSTRAP
char *archive_name;
-#endif
int status, invalid_sig;
struct pkg_task *pkg;
@@ -1383,26 +1381,19 @@ pkg_do(const char *pkgpath, int mark_automatic, int top_level)
status = -1;
-#ifdef BOOTSTRAP
- pkg->archive = archive_read_new();
- archive_read_support_compression_all(pkg->archive);
- archive_read_support_format_all(pkg->archive);
- if (archive_read_open_filename(pkg->archive, pkgpath, 1024)) {
- warnx("no pkg found for '%s', sorry.", pkgpath);
- archive_read_free(pkg->archive);
- goto clean_find_archive;
- }
-#else
pkg->archive = find_archive(pkgpath, top_level, &archive_name);
if (pkg->archive == NULL) {
warnx("no pkg found for '%s', sorry.", pkgpath);
goto clean_find_archive;
}
+#ifndef BOOTSTRAP
invalid_sig = pkg_verify_signature(archive_name, &pkg->archive, &pkg->entry,
&pkg->pkgname);
- free(archive_name);
+#else
+ invalid_sig = 0;
#endif
+ free(archive_name);
if (pkg->archive == NULL)
goto clean_memory;
@@ -1572,7 +1563,7 @@ clean_memory:
free_plist(&pkg->plist);
free_meta_data(pkg);
if (pkg->archive)
- archive_read_finish(pkg->archive);
+ archive_read_free(pkg->archive);
free(pkg->other_version);
free(pkg->pkgname);
clean_find_archive:
diff --git a/pkgtools/pkg_install/files/admin/main.c b/pkgtools/pkg_install/files/admin/main.c
index 82017938368..482f8b0aa92 100644
--- a/pkgtools/pkg_install/files/admin/main.c
+++ b/pkgtools/pkg_install/files/admin/main.c
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.64 2015/01/02 14:26:16 wiz Exp $ */
+/* $NetBSD: main.c,v 1.65 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
@@ -7,7 +7,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: main.c,v 1.64 2015/01/02 14:26:16 wiz Exp $");
+__RCSID("$NetBSD: main.c,v 1.65 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 1999-2009 The NetBSD Foundation, Inc.
@@ -608,8 +608,8 @@ main(int argc, char *argv[])
if (pkg_full_signature_check(archive_name, &pkg))
rc = 1;
free(archive_name);
- if (!pkg)
- archive_read_finish(pkg);
+ if (pkg != NULL)
+ archive_read_free(pkg);
}
return rc;
} else if (strcasecmp(argv[0], "x509-sign-package") == 0) {
diff --git a/pkgtools/pkg_install/files/create/build.c b/pkgtools/pkg_install/files/create/build.c
index 4479a19871e..1c13cb587bc 100644
--- a/pkgtools/pkg_install/files/create/build.c
+++ b/pkgtools/pkg_install/files/create/build.c
@@ -1,4 +1,4 @@
-/* $NetBSD: build.c,v 1.16 2014/12/30 15:13:20 wiz Exp $ */
+/* $NetBSD: build.c,v 1.17 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
@@ -7,7 +7,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: build.c,v 1.16 2014/12/30 15:13:20 wiz Exp $");
+__RCSID("$NetBSD: build.c,v 1.17 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 2007 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -233,6 +233,7 @@ make_dist(const char *pkg, const char *suffix, const package_t *plist)
archive = archive_write_new();
archive_write_set_format_pax_restricted(archive);
+ archive_write_set_options(archive, "hdrcharset=BINARY");
if ((resolver = archive_entry_linkresolver_new()) == NULL)
errx(2, "cannot create link resolver");
archive_entry_linkresolver_set_strategy(resolver,
@@ -250,20 +251,18 @@ make_dist(const char *pkg, const char *suffix, const package_t *plist)
}
if (strcmp(CompressionType, "bzip2") == 0)
- archive_write_set_compression_bzip2(archive);
+ archive_write_add_filter_bzip2(archive);
else if (strcmp(CompressionType, "gzip") == 0)
- archive_write_set_compression_gzip(archive);
+ archive_write_add_filter_gzip(archive);
else if (strcmp(CompressionType, "xz") == 0)
- archive_write_set_compression_xz(archive);
- else if (strcmp(CompressionType, "none") == 0)
- archive_write_set_compression_none(archive);
- else
+ archive_write_add_filter_xz(archive);
+ else if (strcmp(CompressionType, "none") != 0)
errx(1, "Unspported compression type for -F: %s",
CompressionType);
archive_name = xasprintf("%s.%s", pkg, suffix);
- if (archive_write_open_file(archive, archive_name))
+ if (archive_write_open_filename(archive, archive_name))
errx(2, "cannot create archive: %s", archive_error_string(archive));
free(archive_name);
@@ -324,9 +323,8 @@ make_dist(const char *pkg, const char *suffix, const package_t *plist)
archive_entry_linkresolver_free(resolver);
- if (archive_write_close(archive))
+ if (archive_write_free(archive))
errx(2, "cannot finish archive: %s", archive_error_string(archive));
- archive_write_finish(archive);
free(initial_cwd);
}
diff --git a/pkgtools/pkg_install/files/create/util.c b/pkgtools/pkg_install/files/create/util.c
index d17b1fed763..88d470cffb1 100644
--- a/pkgtools/pkg_install/files/create/util.c
+++ b/pkgtools/pkg_install/files/create/util.c
@@ -39,27 +39,18 @@
#if HAVE_ERR_H
#include <err.h>
#endif
+#include <fcntl.h>
#if HAVE_PWD_H
#include <grp.h>
#endif
+#include <limits.h>
#if HAVE_PWD_H
#include <pwd.h>
#endif
-#if HAVE_STDLIB_H
#include <stdlib.h>
-#endif
-#if HAVE_STRING_H
#include <string.h>
-#endif
-#if HAVE_TIME_H
#include <time.h>
-#endif
-#if HAVE_UNISTD_H
#include <unistd.h>
-#endif
-#if HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
#include "lib.h"
#include "create.h"
diff --git a/pkgtools/pkg_install/files/info/perform.c b/pkgtools/pkg_install/files/info/perform.c
index f227b85c395..e3bbbcb7fe0 100644
--- a/pkgtools/pkg_install/files/info/perform.c
+++ b/pkgtools/pkg_install/files/info/perform.c
@@ -1,4 +1,4 @@
-/* $NetBSD: perform.c,v 1.62 2014/12/30 15:13:20 wiz Exp $ */
+/* $NetBSD: perform.c,v 1.63 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
@@ -7,13 +7,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-#if HAVE_SYS_QUEUE_H
-#include <sys/queue.h>
-#endif
-#if HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-__RCSID("$NetBSD: perform.c,v 1.62 2014/12/30 15:13:20 wiz Exp $");
+__RCSID("$NetBSD: perform.c,v 1.63 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -73,6 +67,12 @@ __RCSID("$NetBSD: perform.c,v 1.62 2014/12/30 15:13:20 wiz Exp $");
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
+#if HAVE_SYS_QUEUE_H
+#include <sys/queue.h>
+#endif
+#if HAVE_SYS_WAIT_H
+#include <sys/wait.h>
+#endif
#ifndef BOOTSTRAP
#include <archive.h>
@@ -81,22 +81,13 @@ __RCSID("$NetBSD: perform.c,v 1.62 2014/12/30 15:13:20 wiz Exp $");
#if HAVE_ERR_H
#include <err.h>
#endif
-#if HAVE_ERRNO_H
+#include <ctype.h>
+#include <dirent.h>
#include <errno.h>
-#endif
-#if HAVE_FCNTL_H
#include <fcntl.h>
-#endif
-#if HAVE_SIGNAL_H
-#include <signal.h>
-#endif
-#if HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
+#include <limits.h>
#include <stddef.h>
+#include <signal.h>
#define LOAD_CONTENTS (1 << 0)
#define LOAD_COMMENT (1 << 1)
@@ -358,7 +349,7 @@ pkg_do(const char *pkg)
free(pkgname);
meta = read_meta_data_from_archive(archive, entry);
- archive_read_finish(archive);
+ archive_read_free(archive);
if (!IS_URL(pkg))
binpkgfile = pkg;
#endif
diff --git a/pkgtools/pkg_install/files/lib/Makefile.in b/pkgtools/pkg_install/files/lib/Makefile.in
index 5a5d77bb9d6..bb1e7e7cec1 100644
--- a/pkgtools/pkg_install/files/lib/Makefile.in
+++ b/pkgtools/pkg_install/files/lib/Makefile.in
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.35 2015/09/01 12:14:06 jperkin Exp $
+# $NetBSD: Makefile.in,v 1.36 2017/04/19 21:42:50 joerg Exp $
srcdir= @srcdir@
@@ -28,7 +28,7 @@ LIB= libinstall.a
OBJS= automatic.o conflicts.o dewey.o fexec.o file.o \
global.o iterate.o license.o lpkg.o opattern.o \
- parse-config.o pkgdb.o plist.o remove.o \
+ parse-config.o pkgdb.o pkg_io.o plist.o remove.o \
str.o var.o version.o vulnerabilities-file.o xwrapper.o
CPPFLAGS+= -DSYSCONFDIR=\"$(sysconfdir)\"
@@ -36,7 +36,7 @@ CPPFLAGS+= -DSYSCONFDIR=\"$(sysconfdir)\"
.if !empty(BOOTSTRAP)
CPPFLAGS+= -DBOOTSTRAP
.else
-OBJS+= gpgsig.o pkg_io.o pkg_signature.o
+OBJS+= gpgsig.o pkg_signature.o
.endif
.if !empty(SSL_SUPPORT)
diff --git a/pkgtools/pkg_install/files/lib/defs.h b/pkgtools/pkg_install/files/lib/defs.h
index 6916c122ef8..a592358c224 100644
--- a/pkgtools/pkg_install/files/lib/defs.h
+++ b/pkgtools/pkg_install/files/lib/defs.h
@@ -1,4 +1,4 @@
-/* $NetBSD: defs.h,v 1.10 2012/02/21 18:32:14 wiz Exp $ */
+/* $NetBSD: defs.h,v 1.11 2017/04/19 21:42:50 joerg Exp $ */
/*-
* Copyright (c) 1999,2000,2009 The NetBSD Foundation, Inc.
@@ -38,6 +38,9 @@
#if HAVE_ERR_H
#include <err.h>
#endif
+#if HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif
diff --git a/pkgtools/pkg_install/files/lib/gpgsig.c b/pkgtools/pkg_install/files/lib/gpgsig.c
index c0cd9e08eb1..499fdea8d32 100644
--- a/pkgtools/pkg_install/files/lib/gpgsig.c
+++ b/pkgtools/pkg_install/files/lib/gpgsig.c
@@ -1,4 +1,4 @@
-/* $NetBSD: gpgsig.c,v 1.5 2016/07/06 21:00:04 agc Exp $ */
+/* $NetBSD: gpgsig.c,v 1.6 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
@@ -7,7 +7,7 @@
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: gpgsig.c,v 1.5 2016/07/06 21:00:04 agc Exp $");
+__RCSID("$NetBSD: gpgsig.c,v 1.6 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -50,8 +50,9 @@ __RCSID("$NetBSD: gpgsig.c,v 1.5 2016/07/06 21:00:04 agc Exp $");
#include <stdlib.h>
#endif
+#include <netpgp/verify.h>
+
#include "lib.h"
-#include "netpgpverify/verify.h"
int
gpg_verify(const char *content, size_t len, const char *keyring,
@@ -62,17 +63,19 @@ gpg_verify(const char *content, size_t len, const char *keyring,
static const char hdr1[] = "-----BEGIN PGP SIGNED MESSAGE-----\n";
static const char hdr2[] = "Hash: SHA512\n\n";
ssize_t buflen;
- char *buf;
+ char *allocated_buf;
+ const char *buf;
/*
* If there is a detached signature we need to construct a format that
* netpgp can parse, otherwise use as-is.
*/
if (sig_len) {
- buf = xasprintf("%s%s%s%s", hdr1, hdr2, content, sig);
+ buf = allocated_buf = xasprintf("%s%s%s%s", hdr1, hdr2, content, sig);
buflen = strlen(buf);
} else {
buf = content;
+ allocated_buf = NULL;
buflen = len;
}
@@ -88,8 +91,7 @@ gpg_verify(const char *content, size_t len, const char *keyring,
pgpv_close(pgp);
- if (sig_len)
- free(buf);
+ free(allocated_buf);
return 0;
}
diff --git a/pkgtools/pkg_install/files/lib/lib.h b/pkgtools/pkg_install/files/lib/lib.h
index 7032575922f..d4e72ce2f79 100644
--- a/pkgtools/pkg_install/files/lib/lib.h
+++ b/pkgtools/pkg_install/files/lib/lib.h
@@ -1,4 +1,4 @@
-/* $NetBSD: lib.h,v 1.67 2015/10/15 13:31:27 sevan Exp $ */
+/* $NetBSD: lib.h,v 1.68 2017/04/19 21:42:50 joerg Exp $ */
/* from FreeBSD Id: lib.h,v 1.25 1997/10/08 07:48:03 charnier Exp */
@@ -316,6 +316,7 @@ int has_pkgdir(const char *);
struct archive;
struct archive_entry;
+struct archive *prepare_archive(void);
struct archive *open_archive(const char *, char **);
struct archive *find_archive(const char *, int, char **);
void process_pkg_path(void);
@@ -412,7 +413,12 @@ char *xstrdup(const char *);
void *xrealloc(void *, size_t);
void *xcalloc(size_t, size_t);
void *xmalloc(size_t);
-char *xasprintf(const char *, ...);
+#if defined(__GNUC__) && __GNUC__ >= 2
+char *xasprintf(const char *, ...)
+ __attribute__((__format__(__printf__, 1, 2)));
+#else
+char *xasprintf(const char *, ...);
+#endif
/* Externs */
extern Boolean Verbose;
diff --git a/pkgtools/pkg_install/files/lib/pkg_io.c b/pkgtools/pkg_install/files/lib/pkg_io.c
index 59f934f9ceb..82076d2f7ec 100644
--- a/pkgtools/pkg_install/files/lib/pkg_io.c
+++ b/pkgtools/pkg_install/files/lib/pkg_io.c
@@ -1,4 +1,4 @@
-/* $NetBSD: pkg_io.c,v 1.11 2010/04/20 00:39:13 joerg Exp $ */
+/* $NetBSD: pkg_io.c,v 1.12 2017/04/19 21:42:50 joerg Exp $ */
/*-
* Copyright (c) 2008, 2009 Joerg Sonnenberger <joerg@NetBSD.org>.
* All rights reserved.
@@ -36,7 +36,7 @@
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: pkg_io.c,v 1.11 2010/04/20 00:39:13 joerg Exp $");
+__RCSID("$NetBSD: pkg_io.c,v 1.12 2017/04/19 21:42:50 joerg Exp $");
#include <archive.h>
#include <archive_entry.h>
@@ -46,9 +46,14 @@ __RCSID("$NetBSD: pkg_io.c,v 1.11 2010/04/20 00:39:13 joerg Exp $");
#if HAVE_ERRNO_H
#include <errno.h>
#endif
-#include <fetch.h>
#include <stdlib.h>
+#ifdef BOOTSTRAP
+#define IS_URL(x) 0
+#else
+#include <fetch.h>
+#endif
+
#include "lib.h"
struct pkg_path {
@@ -59,6 +64,7 @@ struct pkg_path {
static char *orig_cwd, *last_toplevel;
static TAILQ_HEAD(, pkg_path) pkg_path = TAILQ_HEAD_INITIALIZER(pkg_path);
+#ifndef BOOTSTRAP
struct fetch_archive {
struct url *url;
fetchIO *fetch;
@@ -145,19 +151,33 @@ open_archive_by_url(struct url *url, char **archive_name)
*archive_name = fetchStringifyURL(url);
- a = archive_read_new();
- archive_read_support_compression_all(a);
- archive_read_support_format_all(a);
+ a = prepare_archive();
if (archive_read_open(a, f, fetch_archive_open, fetch_archive_read,
fetch_archive_close)) {
free(*archive_name);
*archive_name = NULL;
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
return a;
}
+#endif /* !BOOTSTRAP */
+
+struct archive *
+prepare_archive(void)
+{
+ struct archive *a = archive_read_new();
+ if (a == NULL)
+ errx(EXIT_FAILURE, "memory allocation failed");
+ archive_read_support_filter_gzip(a);
+ archive_read_support_filter_bzip2(a);
+ archive_read_support_filter_xz(a);
+ archive_read_support_format_ar(a);
+ archive_read_support_format_tar(a);
+ archive_read_set_options(a, "hdrcharset=BINARY");
+ return a;
+}
struct archive *
open_archive(const char *url, char **archive_name)
@@ -168,9 +188,7 @@ open_archive(const char *url, char **archive_name)
*archive_name = NULL;
if (!IS_URL(url)) {
- a = archive_read_new();
- archive_read_support_compression_all(a);
- archive_read_support_format_all(a);
+ a = prepare_archive();
if (archive_read_open_filename(a, url, 1024)) {
archive_read_close(a);
return NULL;
@@ -179,6 +197,9 @@ open_archive(const char *url, char **archive_name)
return a;
}
+#ifdef BOOTSTRAP
+ return NULL;
+#else
if ((u = fetchParseURL(url)) == NULL)
return NULL;
@@ -186,8 +207,10 @@ open_archive(const char *url, char **archive_name)
fetchFreeURL(u);
return a;
+#endif
}
+#ifndef BOOTSTRAP
static int
strip_suffix(char *filename)
{
@@ -333,6 +356,7 @@ find_best_package(const char *toplevel, const char *pattern, int do_path)
return best_match;
}
+#endif /* !BOOTSTRAP */
struct archive *
find_archive(const char *fname, int top_level, char **archive_name)
@@ -364,7 +388,7 @@ find_archive(const char *fname, int top_level, char **archive_name)
free(full_fname);
return a;
}
-
+#ifndef BOOTSTRAP
fname = last_slash + 1;
*last_slash = '\0';
@@ -379,5 +403,6 @@ find_archive(const char *fname, int top_level, char **archive_name)
return NULL;
a = open_archive_by_url(best_match, archive_name);
fetchFreeURL(best_match);
+#endif /* !BOOTSTRAP */
return a;
}
diff --git a/pkgtools/pkg_install/files/lib/pkg_signature.c b/pkgtools/pkg_install/files/lib/pkg_signature.c
index 78b5d0dcab7..b62a8274a22 100644
--- a/pkgtools/pkg_install/files/lib/pkg_signature.c
+++ b/pkgtools/pkg_install/files/lib/pkg_signature.c
@@ -1,4 +1,4 @@
-/* $NetBSD: pkg_signature.c,v 1.12 2015/09/01 12:14:06 jperkin Exp $ */
+/* $NetBSD: pkg_signature.c,v 1.13 2017/04/19 21:42:50 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
@@ -7,7 +7,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: pkg_signature.c,v 1.12 2015/09/01 12:14:06 jperkin Exp $");
+__RCSID("$NetBSD: pkg_signature.c,v 1.13 2017/04/19 21:42:50 joerg Exp $");
/*-
* Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -47,6 +47,7 @@ __RCSID("$NetBSD: pkg_signature.c,v 1.12 2015/09/01 12:14:06 jperkin Exp $");
#endif
#include <errno.h>
#include <fcntl.h>
+#include <limits.h>
#include <stdlib.h>
#ifndef NETBSD
#include <nbcompat/sha2.h>
@@ -159,7 +160,7 @@ verify_signature_close_cb(struct archive *archive, void *cookie)
{
struct signature_archive *state = cookie;
- archive_read_finish(state->archive);
+ archive_read_free(state->archive);
free_signature_int(state);
return 0;
}
@@ -330,7 +331,7 @@ pkg_verify_signature(const char *archive_name, struct archive **archive,
r = read_file_from_archive(archive_name, *archive, entry, HASH_FNAME,
&hash_file, &hash_len);
if (r == -1) {
- archive_read_finish(*archive);
+ archive_read_free(*archive);
*archive = NULL;
free(state);
goto no_valid_signature;
@@ -345,7 +346,7 @@ pkg_verify_signature(const char *archive_name, struct archive **archive,
r = read_file_from_archive(archive_name, *archive, entry, SIGNATURE_FNAME,
&signature_file, &signature_len);
if (r == -1) {
- archive_read_finish(*archive);
+ archive_read_free(*archive);
*archive = NULL;
free(state);
free(hash_file);
@@ -356,7 +357,7 @@ pkg_verify_signature(const char *archive_name, struct archive **archive,
entry, GPG_SIGNATURE_FNAME,
&signature_file, &signature_len);
if (r == -1) {
- archive_read_finish(*archive);
+ archive_read_free(*archive);
*archive = NULL;
free(state);
free(hash_file);
@@ -399,13 +400,11 @@ pkg_verify_signature(const char *archive_name, struct archive **archive,
state->archive = *archive;
- a = archive_read_new();
- archive_read_support_compression_all(a);
- archive_read_support_format_all(a);
+ a = prepare_archive();
if (archive_read_open(a, state, NULL, verify_signature_read_cb,
verify_signature_close_cb)) {
warnx("Can't open signed package file");
- archive_read_finish(a);
+ archive_read_free(a);
goto no_valid_signature;
}
*archive = a;
@@ -448,13 +447,11 @@ extract_pkgname(int fd)
ssize_t len;
int r;
- a = archive_read_new();
- archive_read_support_compression_all(a);
- archive_read_support_format_all(a);
+ a = prepare_archive();
if (archive_read_open_fd(a, fd, 1024)) {
warnx("Cannot open binary package: %s",
archive_error_string(a));
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
@@ -462,17 +459,17 @@ extract_pkgname(int fd)
if (r != ARCHIVE_OK) {
warnx("Cannot extract package name: %s",
r == ARCHIVE_EOF ? "EOF" : archive_error_string(a));
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
if (strcmp(archive_entry_pathname(entry), "+CONTENTS") != 0) {
warnx("Invalid binary package, doesn't start with +CONTENTS");
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
if (archive_entry_size(entry) > SSIZE_MAX - 1) {
warnx("+CONTENTS too large to process");
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
@@ -482,12 +479,12 @@ extract_pkgname(int fd)
if (archive_read_data(a, buf, len) != len) {
warnx("Short read when extracing +CONTENTS");
free(buf);
- archive_read_finish(a);
+ archive_read_free(a);
return NULL;
}
buf[len] = '\0';
- archive_read_finish(a);
+ archive_read_free(a);
parse_plist(&plist, buf);
free(buf);
@@ -579,7 +576,6 @@ pkg_sign_x509(const char *name, const char *output, const char *key_file, const
archive_entry_set_size(sign_entry, signature_len);
pkg = archive_write_new();
- archive_write_set_compression_none(pkg);
archive_write_set_format_ar_bsd(pkg);
archive_write_open_filename(pkg, output);
@@ -608,7 +604,7 @@ pkg_sign_x509(const char *name, const char *output, const char *key_file, const
archive_write_finish_entry(pkg);
archive_entry_free(entry);
- archive_write_finish(pkg);
+ archive_write_free(pkg);
close(fd);
@@ -673,7 +669,6 @@ pkg_sign_gpg(const char *name, const char *output)
archive_entry_set_size(sign_entry, signature_len);
pkg = archive_write_new();
- archive_write_set_compression_none(pkg);
archive_write_set_format_ar_bsd(pkg);
archive_write_open_filename(pkg, output);
@@ -702,7 +697,7 @@ pkg_sign_gpg(const char *name, const char *output)
archive_write_finish_entry(pkg);
archive_entry_free(entry);
- archive_write_finish(pkg);
+ archive_write_free(pkg);
close(fd);
diff --git a/pkgtools/pkg_install/files/lib/version.h b/pkgtools/pkg_install/files/lib/version.h
index adf3b42061c..aef3e34e46e 100644
--- a/pkgtools/pkg_install/files/lib/version.h
+++ b/pkgtools/pkg_install/files/lib/version.h
@@ -1,4 +1,4 @@
-/* $NetBSD: version.h,v 1.170 2016/04/10 19:01:19 joerg Exp $ */
+/* $NetBSD: version.h,v 1.171 2017/04/19 21:42:50 joerg Exp $ */
/*
* Copyright (c) 2001 Thomas Klausner. All rights reserved.
@@ -27,6 +27,6 @@
#ifndef _INST_LIB_VERSION_H_
#define _INST_LIB_VERSION_H_
-#define PKGTOOLS_VERSION 20160410
+#define PKGTOOLS_VERSION 20170419
#endif /* _INST_LIB_VERSION_H_ */
diff --git a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
index e620986fead..614522220bb 100644
--- a/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
+++ b/pkgtools/pkg_install/files/lib/vulnerabilities-file.c
@@ -1,4 +1,4 @@
-/* $NetBSD: vulnerabilities-file.c,v 1.8 2015/09/01 12:14:06 jperkin Exp $ */
+/* $NetBSD: vulnerabilities-file.c,v 1.9 2017/04/19 21:42:50 joerg Exp $ */
/*-
* Copyright (c) 2008, 2010 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -38,7 +38,7 @@
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
-__RCSID("$NetBSD: vulnerabilities-file.c,v 1.8 2015/09/01 12:14:06 jperkin Exp $");
+__RCSID("$NetBSD: vulnerabilities-file.c,v 1.9 2017/04/19 21:42:50 joerg Exp $");
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
@@ -77,6 +77,20 @@ static const char pgp_msg_end[] = "-----BEGIN PGP SIGNATURE-----\n";
static const char pkcs7_begin[] = "-----BEGIN PKCS7-----\n";
static const char pkcs7_end[] = "-----END PKCS7-----\n";
+static struct archive *
+prepare_raw_file(void)
+{
+ struct archive *a = archive_read_new();
+ if (a == NULL)
+ errx(EXIT_FAILURE, "memory allocation failed");
+
+ archive_read_support_filter_gzip(a);
+ archive_read_support_filter_bzip2(a);
+ archive_read_support_filter_xz(a);
+ archive_read_support_format_raw(a);
+ return a;
+}
+
static void
verify_signature_pkcs7(const char *input)
{
@@ -345,12 +359,8 @@ read_pkg_vulnerabilities_memory(void *buf, size_t len, int check_sum)
struct archive *a;
struct pkg_vulnerabilities *pv;
- if ((a = archive_read_new()) == NULL)
- errx(EXIT_FAILURE, "memory allocation failed");
-
- if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
- archive_read_support_format_raw(a) != ARCHIVE_OK ||
- archive_read_open_memory(a, buf, len) != ARCHIVE_OK)
+ a = prepare_raw_file();
+ if (archive_read_open_memory(a, buf, len) != ARCHIVE_OK)
errx(EXIT_FAILURE, "Cannot open pkg_vulnerabilies buffer: %s",
archive_error_string(a));
@@ -376,12 +386,8 @@ read_pkg_vulnerabilities_file(const char *path, int ignore_missing, int check_su
err(EXIT_FAILURE, "Cannot open %s", path);
}
- if ((a = archive_read_new()) == NULL)
- errx(EXIT_FAILURE, "memory allocation failed");
-
- if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
- archive_read_support_format_raw(a) != ARCHIVE_OK ||
- archive_read_open_fd(a, fd, 65536) != ARCHIVE_OK)
+ a = prepare_raw_file();
+ if (archive_read_open_fd(a, fd, 65536) != ARCHIVE_OK)
errx(EXIT_FAILURE, "Cannot open ``%s'': %s", path,
archive_error_string(a));