Commit f123d77e authored by Timo Teräs's avatar Timo Teräs

archive: make apk_tar_parse check and close input stream

simplifies other code quite a bit
parent 1de9ef42
...@@ -138,6 +138,8 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser, ...@@ -138,6 +138,8 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
apk_blob_t pax = APK_BLOB_NULL, longname = APK_BLOB_NULL; apk_blob_t pax = APK_BLOB_NULL, longname = APK_BLOB_NULL;
char filename[sizeof buf.name + sizeof buf.prefix + 2]; char filename[sizeof buf.name + sizeof buf.prefix + 2];
if (IS_ERR_OR_NULL(is)) return PTR_ERR(is) ?: -EINVAL;
memset(&entry, 0, sizeof(entry)); memset(&entry, 0, sizeof(entry));
entry.name = buf.name; entry.name = buf.name;
while ((r = apk_istream_read(is, &buf, 512)) == 512) { while ((r = apk_istream_read(is, &buf, 512)) == 512) {
...@@ -262,6 +264,7 @@ ok: ...@@ -262,6 +264,7 @@ ok:
free(pax.ptr); free(pax.ptr);
free(longname.ptr); free(longname.ptr);
apk_fileinfo_free(&entry); apk_fileinfo_free(&entry);
apk_istream_close(is);
return r; return r;
} }
......
...@@ -652,10 +652,7 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo, ...@@ -652,10 +652,7 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo,
is = apk_istream_from_url_if_modified(url, st.st_mtime); is = apk_istream_from_url_if_modified(url, st.st_mtime);
is = apk_istream_tee(is, db->cache_fd, tmpcacheitem, !autoupdate, cb, cb_ctx); is = apk_istream_tee(is, db->cache_fd, tmpcacheitem, !autoupdate, cb, cb_ctx);
is = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &sctx); is = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &sctx);
if (!IS_ERR_OR_NULL(is)) r = apk_tar_parse(is, apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
r = apk_tar_parse(is, apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
else
r = PTR_ERR(is) ?: -EIO;
apk_sign_ctx_free(&sctx); apk_sign_ctx_free(&sctx);
} else { } else {
is = apk_istream_from_url_if_modified(url, st.st_mtime); is = apk_istream_from_url_if_modified(url, st.st_mtime);
...@@ -673,8 +670,8 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo, ...@@ -673,8 +670,8 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo,
} }
close(fd); close(fd);
} }
if (!IS_ERR_OR_NULL(is)) apk_istream_close(is);
} }
if (!IS_ERR_OR_NULL(is)) apk_istream_close(is);
if (r == -EALREADY) { if (r == -EALREADY) {
if (autoupdate) utimensat(db->cache_fd, cacheitem, NULL, 0); if (autoupdate) utimensat(db->cache_fd, cacheitem, NULL, 0);
return r; return r;
...@@ -1148,7 +1145,6 @@ static void apk_db_triggers_read(struct apk_database *db, struct apk_istream *is ...@@ -1148,7 +1145,6 @@ static void apk_db_triggers_read(struct apk_database *db, struct apk_istream *is
static int apk_db_read_state(struct apk_database *db, int flags) static int apk_db_read_state(struct apk_database *db, int flags)
{ {
struct apk_istream *is;
apk_blob_t blob, world; apk_blob_t blob, world;
int r; int r;
...@@ -1173,12 +1169,8 @@ static int apk_db_read_state(struct apk_database *db, int flags) ...@@ -1173,12 +1169,8 @@ static int apk_db_read_state(struct apk_database *db, int flags)
} }
if (!(flags & APK_OPENF_NO_SCRIPTS)) { if (!(flags & APK_OPENF_NO_SCRIPTS)) {
is = apk_istream_from_file(db->root_fd, apk_scripts_file); apk_tar_parse(apk_istream_from_file(db->root_fd, apk_scripts_file),
if (!IS_ERR_OR_NULL(is)) { apk_read_script_archive_entry, db, &db->id_cache);
apk_tar_parse(is, apk_read_script_archive_entry, db,
&db->id_cache);
apk_istream_close(is);
}
} }
return 0; return 0;
...@@ -2189,9 +2181,7 @@ static int load_index(struct apk_database *db, struct apk_istream *is, ...@@ -2189,9 +2181,7 @@ static int load_index(struct apk_database *db, struct apk_istream *is,
ctx.repo = repo; ctx.repo = repo;
ctx.found = 0; ctx.found = 0;
apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY, NULL, db->keys_fd); apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx); r = apk_tar_parse(apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx), load_apkindex, &ctx, &db->id_cache);
r = apk_tar_parse(is, load_apkindex, &ctx, &db->id_cache);
apk_istream_close(is);
apk_sign_ctx_free(&ctx.sctx); apk_sign_ctx_free(&ctx.sctx);
if (r >= 0 && ctx.found == 0) if (r >= 0 && ctx.found == 0)
...@@ -2753,7 +2743,7 @@ static int apk_db_unpack_pkg(struct apk_database *db, ...@@ -2753,7 +2743,7 @@ static int apk_db_unpack_pkg(struct apk_database *db,
char **script_args) char **script_args)
{ {
struct install_ctx ctx; struct install_ctx ctx;
struct apk_istream *is = NULL, *cache_is, *tar; struct apk_istream *is = NULL, *cache_is;
struct apk_repository *repo; struct apk_repository *repo;
struct apk_package *pkg = ipkg->pkg; struct apk_package *pkg = ipkg->pkg;
char file[PATH_MAX]; char file[PATH_MAX];
...@@ -2811,10 +2801,8 @@ static int apk_db_unpack_pkg(struct apk_database *db, ...@@ -2811,10 +2801,8 @@ static int apk_db_unpack_pkg(struct apk_database *db,
.cb_ctx = cb_ctx, .cb_ctx = cb_ctx,
}; };
apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY_IDENTITY, &pkg->csum, db->keys_fd); apk_sign_ctx_init(&ctx.sctx, APK_SIGN_VERIFY_IDENTITY, &pkg->csum, db->keys_fd);
tar = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx); r = apk_tar_parse(apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, &ctx.sctx), apk_db_install_archive_entry, &ctx, &db->id_cache);
r = apk_tar_parse(tar, apk_db_install_archive_entry, &ctx, &db->id_cache);
apk_sign_ctx_free(&ctx.sctx); apk_sign_ctx_free(&ctx.sctx);
apk_istream_close(tar);
if (need_copy) { if (need_copy) {
if (r == 0) { if (r == 0) {
......
...@@ -87,20 +87,15 @@ static int read_file_entry(void *ctx, const struct apk_file_info *ae, ...@@ -87,20 +87,15 @@ static int read_file_entry(void *ctx, const struct apk_file_info *ae,
static void process_file(struct apk_database *db, const char *match) static void process_file(struct apk_database *db, const char *match)
{ {
struct apk_sign_ctx sctx; struct apk_sign_ctx sctx;
struct apk_istream *is;
struct manifest_file_ctx ctx = {match, &sctx}; struct manifest_file_ctx ctx = {match, &sctx};
int r;
apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd); apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, match), r = apk_tar_parse(
apk_sign_ctx_mpart_cb, &sctx); apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, match), apk_sign_ctx_mpart_cb, &sctx),
read_file_entry, &ctx, &db->id_cache);
if (IS_ERR_OR_NULL(is)) { apk_sign_ctx_free(&sctx);
apk_error("%s: %s", match, strerror(errno)); if (r < 0) apk_error("%s: %s", match, apk_error_str(r));
return;
}
(void) apk_tar_parse(is, read_file_entry, &ctx, &db->id_cache);
apk_istream_close(is);
} }
static void process_match(struct apk_database *db, const char *match, struct apk_name *name, void *ctx) static void process_match(struct apk_database *db, const char *match, struct apk_name *name, void *ctx)
......
...@@ -904,7 +904,6 @@ int apk_pkg_read(struct apk_database *db, const char *file, ...@@ -904,7 +904,6 @@ int apk_pkg_read(struct apk_database *db, const char *file,
{ {
struct read_info_ctx ctx; struct read_info_ctx ctx;
struct apk_file_info fi; struct apk_file_info fi;
struct apk_istream *is, *tar;
int r; int r;
r = apk_fileinfo_get(AT_FDCWD, file, APK_CHECKSUM_NONE, &fi); r = apk_fileinfo_get(AT_FDCWD, file, APK_CHECKSUM_NONE, &fi);
...@@ -912,23 +911,18 @@ int apk_pkg_read(struct apk_database *db, const char *file, ...@@ -912,23 +911,18 @@ int apk_pkg_read(struct apk_database *db, const char *file,
return r; return r;
memset(&ctx, 0, sizeof(ctx)); memset(&ctx, 0, sizeof(ctx));
ctx.db = db;
ctx.sctx = sctx; ctx.sctx = sctx;
ctx.pkg = apk_pkg_new(); ctx.pkg = apk_pkg_new();
r = -ENOMEM; r = -ENOMEM;
if (ctx.pkg == NULL) if (ctx.pkg == NULL)
goto err; goto err;
is = apk_istream_from_file(AT_FDCWD, file);
if (IS_ERR_OR_NULL(is)) {
r = PTR_ERR(is) ?: -EIO;
goto err;
}
ctx.db = db;
ctx.pkg->size = fi.size; ctx.pkg->size = fi.size;
tar = apk_istream_gunzip_mpart(is, apk_sign_ctx_mpart_cb, sctx); r = apk_tar_parse(
r = apk_tar_parse(tar, read_info_entry, &ctx, &db->id_cache); apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, file), apk_sign_ctx_mpart_cb, sctx),
apk_istream_close(tar); read_info_entry, &ctx, &db->id_cache);
if (r < 0 && r != -ECANCELED) if (r < 0 && r != -ECANCELED)
goto err; goto err;
if (ctx.pkg->name == NULL || ctx.pkg->uninstallable) { if (ctx.pkg->name == NULL || ctx.pkg->uninstallable) {
......
...@@ -20,34 +20,26 @@ ...@@ -20,34 +20,26 @@
static int verify_main(void *ctx, struct apk_database *db, struct apk_string_array *args) static int verify_main(void *ctx, struct apk_database *db, struct apk_string_array *args)
{ {
struct apk_sign_ctx sctx; struct apk_sign_ctx sctx;
struct apk_istream *is;
char **parg; char **parg;
int r, ok, rc = 0; int r, ok, rc = 0;
foreach_array_item(parg, args) { foreach_array_item(parg, args) {
apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd); apk_sign_ctx_init(&sctx, APK_SIGN_VERIFY, NULL, db->keys_fd);
is = apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, *parg), r = apk_tar_parse(
apk_sign_ctx_mpart_cb, &sctx); apk_istream_gunzip_mpart(apk_istream_from_file(AT_FDCWD, *parg),
if (IS_ERR_OR_NULL(is)) { apk_sign_ctx_mpart_cb, &sctx),
if (apk_verbosity >= 1) apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
apk_error("%s: %s", *parg, strerror(errno));
else
printf("%s\n", *parg);
apk_sign_ctx_free(&sctx);
rc++;
continue;
}
r = apk_tar_parse(is, apk_sign_ctx_verify_tar, &sctx, &db->id_cache);
apk_istream_close(is);
ok = sctx.control_verified && sctx.data_verified; ok = sctx.control_verified && sctx.data_verified;
if (apk_verbosity >= 1) if (apk_verbosity >= 1)
apk_message("%s: %d - %s", *parg, r, apk_message("%s: %d - %s", *parg, r,
r < 0 ? apk_error_str(r) :
ok ? "OK" : ok ? "OK" :
!sctx.control_verified ? "UNTRUSTED" : "FAILED"); !sctx.control_verified ? "UNTRUSTED" : "FAILED");
else if (!ok) else if (!ok)
printf("%s\n", *parg); printf("%s\n", *parg);
if (!ok) if (!ok)
rc++; rc++;
apk_sign_ctx_free(&sctx); apk_sign_ctx_free(&sctx);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment