Sertonix authored 7 months ago and Timo Teräs committed 7 months ago

Also avoids locking when --files has been passed a fifo

Prevent storing false xattrs data for symlinks.

fixes c5d8d286 adb: implement ADB_BLOCK_EXT flavor for large files

Sertonix authored 7 months ago and Timo Teräs committed 7 months ago

ADB_COMP_NONE is special cause we don't allow specifying a
level by having max_level = 0 but we set level to 1 to distinguish
it from default compression.

fixes apk mkpkg --compression none

Sertonix authored 7 months ago and Timo Teräs committed 7 months ago

When the dir passed to --files had xattrs this would cause the fd to be closed too early.

Sertonix authored 8 months ago and Timo Teräs committed 8 months ago

Otherwise constrains in the world file after an error will be ignored and
may cause false package removal.

Fixes #11009

Christian Marangi authored 9 months ago and Timo Teräs committed 9 months ago

There is currently a fundamental problem with how tar are handled
insternally for scriptdb usage.

We totally lack any support and handling for filename in scriptdb that
are longer than 99char. This cause the filename to be cut and have
situation with file ending with:
- kernel-6.6.30~01f651a1bd5c5592d7cf5a98209bdce4-r1.X121290490411c8c2cf47e3
- kernel-6.6.30~01f651a1bd5c5592d7cf5a98209bdce4-r1.X121290490411c8c2cf47e308d95f12d65d011a391.post-instal
- kernel-6.6.30~01f651a1bd5c5592d7cf5a98209bdce4-r1.X121290490411c8c2cf47e308d95f12d65d011a391.post-i
- kernel-6.6.30~01f651a1bd5c5592d7cf5a98209bdce4-r1.X121290490411c8c2cf47e308d95f12d65

This is caused by the fact that POSIX ustar support up to 99char. The
prefix value can only be used to path but can't be used for filename
hence that is not a valuable solution.

To fix this introduce support to apk_tar_write_entry for GNU longnames
extension header. This is already supported by apk_tar_parse but we
couldn't actually add the special header.

With this fix long filename are correctly handled and the cut problem is
solved.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

Christian Marangi authored 9 months ago and Timo Teräs committed 9 months ago

Generalize tar header setup in a dedicated function in preparation for
support of additional header for longnames and PAX extension headers.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

Christian Marangi authored 9 months ago and Timo Teräs committed 9 months ago

Generalize apk_tar_write_padding size handling in preparation to make
use of it also in other context where apk_file_info is not used.

The function just required the size of data written hence we can just
pass that value directly instead of a pointer to the apk_file_info
struct.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

Christian Marangi authored 10 months ago and Timo Teräs committed 9 months ago

Always use CSUM in HEX for scriptdb tar entry.

Currently we use HEX for MD5 CSUM and base64 for SHA1 CSUM. This is
problematic for the scripts.tar as in base64 the "/" char is allowed.
This makes the tar think the file is placed in a dedicated directory
causing inconsistent files in scripts.tar making it problematic if
someone wants to handle scripts manually by accessing the file in the
.tar

Fix this by introducing apk_blob_push_csum_hex that always use HEX for
CSUM blob.

Pulling CSUM in HEX format is already supported and it's done by using
the X prefix instead of the current Q, hence this won't cause any
regression since both format are supported by the apk_blob_pull_csum
function.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

As discussed in #10749, I suggested that we remove FTP support to reduce possible attack surface
as there are no Alpine mirrors which use FTP.

There are also no known mirrors of any other apk-using distribution which use FTP, so I believe
we are safe to remove support for FTP-based mirrors in apk-tools 3.

Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>

a copy/paste error from openssl implementation to mbedtls

- fix asserts
- assert APK_DIGEST_NONE is not used in update/final as it causes
  issues in openssl and is generally not useful and allowing it
  typically is root of security issues

backend is selected at compile-time with crypto_backend option (for
meson) or CRYPTO (for legacy Makefile)

Co-developed-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>

Can be configured by setting URL_BACKEND. If not set libfetch is
selected by default.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

nina authored 10 months ago and Timo Teräs committed 10 months ago

fixes #11005

Add also a digest context reset without algorithm change.

This is a GCC extension, and seems to not work correctly with
cross-compilation. Perhaps the combination of using also designated
array initializer mixed up things.

Just git rid of the flexible member for now.

and additional sanity checks on the extraction state

The _DATA callback needs to be deferred until extracted data is
handled for the state machine to work correctly for identity data
generation.

fixes regresion in "apk index"

fixes 9855169e "io: simplify mpart and error handling"