From 2fa868f587e3b04dba99bb0eb26947db9dd07a6f Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Thu, 10 Jan 2019 08:34:46 +0000 Subject: main/apk-tools: fix error message for apk fetch --- ...001-fetch-fix-error-message-for-recursive.patch | 29 ++ main/apk-tools/APKBUILD | 6 +- main/apk-tools/add-support-for-openssl-1.1.patch | 380 --------------------- main/apk-tools/fix-xattr-hash-to-be-sha1.patch | 27 -- 4 files changed, 33 insertions(+), 409 deletions(-) create mode 100644 main/apk-tools/0001-fetch-fix-error-message-for-recursive.patch delete mode 100644 main/apk-tools/add-support-for-openssl-1.1.patch delete mode 100644 main/apk-tools/fix-xattr-hash-to-be-sha1.patch diff --git a/main/apk-tools/0001-fetch-fix-error-message-for-recursive.patch b/main/apk-tools/0001-fetch-fix-error-message-for-recursive.patch new file mode 100644 index 0000000000..97a6abe6d5 --- /dev/null +++ b/main/apk-tools/0001-fetch-fix-error-message-for-recursive.patch @@ -0,0 +1,29 @@ +From 947baeea1860a4eb44bb8636e1db295a7bc1d259 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Thu, 10 Jan 2019 09:29:35 +0100 +Subject: [PATCH] fetch: fix error message for --recursive + +Give error message for `apk fetch --recursive missing` +--- + src/fetch.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/fetch.c b/src/fetch.c +index e745d84..9a7c46a 100644 +--- a/src/fetch.c ++++ b/src/fetch.c +@@ -229,8 +229,10 @@ static void mark_name_flags(struct apk_database *db, const char *match, struct a + if (!IS_ERR_OR_NULL(name)) { + name->auto_select_virtual = 1; + apk_deps_add(&ctx->world, &dep); +- } else ++ } else { + ctx->errors++; ++ mark_error(ctx, match, name); ++ } + } + + static void mark_names_recursive(struct apk_database *db, struct apk_string_array *args, void *pctx) +-- +2.20.1 + diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD index f65d88c812..31191903e2 100644 --- a/main/apk-tools/APKBUILD +++ b/main/apk-tools/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa pkgname=apk-tools pkgver=2.10.3 -pkgrel=0 +pkgrel=1 pkgdesc="Alpine Package Keeper - package manager for alpine" subpackages="$pkgname-static" depends= @@ -13,6 +13,7 @@ if [ "$CBUILD" = "$CHOST" ]; then makedepends="$makedepends lua5.2-dev" fi source="https://dev.alpinelinux.org/archive/$pkgname/$pkgname-$pkgver.tar.xz + 0001-fetch-fix-error-message-for-recursive.patch " url="https://git.alpinelinux.org/cgit/apk-tools/" @@ -82,4 +83,5 @@ luaapk() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/ } -sha512sums="1b190cfd04c69369bd4f2b708d4df0f8cf2937e1580c95138fd2c2257e7604d015deaca10a9fe0da6742981caadb6b067c15e417a1951866f781b8a5c71c98ee apk-tools-2.10.3.tar.xz" +sha512sums="1b190cfd04c69369bd4f2b708d4df0f8cf2937e1580c95138fd2c2257e7604d015deaca10a9fe0da6742981caadb6b067c15e417a1951866f781b8a5c71c98ee apk-tools-2.10.3.tar.xz +0fe8d05d6d1c3f6ed5c86d5a5a9aca4fd5246579ed346adb990b8fba6dcac0033056a655181659b4e12a8c934d27df512d29e4e134889a4eafcfbf80e60da2a5 0001-fetch-fix-error-message-for-recursive.patch" diff --git a/main/apk-tools/add-support-for-openssl-1.1.patch b/main/apk-tools/add-support-for-openssl-1.1.patch deleted file mode 100644 index 997837b7d7..0000000000 --- a/main/apk-tools/add-support-for-openssl-1.1.patch +++ /dev/null @@ -1,380 +0,0 @@ -From beab8545ebb2898a2beb157a4d9424ebddf3e26f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= -Date: Fri, 26 Oct 2018 08:21:52 +0300 -Subject: add support for openssl 1.1 - ---- - src/apk_blob.h | 2 +- - src/apk_io.h | 1 - - src/apk_openssl.h | 21 +++++++++++++++++++++ - src/apk_package.h | 2 +- - src/archive.c | 17 ++++++++++------- - src/database.c | 19 ++++++++++++------- - src/io.c | 45 ++++++++++++++++++++++++++------------------- - src/package.c | 37 +++++++++++++++++++------------------ - 8 files changed, 90 insertions(+), 54 deletions(-) - create mode 100644 src/apk_openssl.h - -diff --git a/src/apk_blob.h b/src/apk_blob.h -index 2d2e30e..4fdd3be 100644 ---- a/src/apk_blob.h -+++ b/src/apk_blob.h -@@ -14,9 +14,9 @@ - - #include - #include --#include - - #include "apk_defines.h" -+#include "apk_openssl.h" - - typedef const unsigned char *apk_spn_match; - typedef unsigned char apk_spn_match_def[256 / 8]; -diff --git a/src/apk_io.h b/src/apk_io.h -index 94aa989..26c3f28 100644 ---- a/src/apk_io.h -+++ b/src/apk_io.h -@@ -12,7 +12,6 @@ - #define APK_IO - - #include --#include - #include - #include - -diff --git a/src/apk_openssl.h b/src/apk_openssl.h -new file mode 100644 -index 0000000..c45beb9 ---- /dev/null -+++ b/src/apk_openssl.h -@@ -0,0 +1,21 @@ -+#ifndef APK_SSL_COMPAT_H -+#define APK_SSL_COMPAT_H -+ -+#include -+#include -+ -+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) -+ -+static inline EVP_MD_CTX *EVP_MD_CTX_new(void) -+{ -+ return EVP_MD_CTX_create(); -+} -+ -+static inline void EVP_MD_CTX_free(EVP_MD_CTX *mdctx) -+{ -+ return EVP_MD_CTX_destroy(mdctx); -+} -+ -+#endif -+ -+#endif -diff --git a/src/apk_package.h b/src/apk_package.h -index 87635a9..6c4ff29 100644 ---- a/src/apk_package.h -+++ b/src/apk_package.h -@@ -58,7 +58,7 @@ struct apk_sign_ctx { - int data_verified : 1; - char data_checksum[EVP_MAX_MD_SIZE]; - struct apk_checksum identity; -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - - struct { - apk_blob_t data; -diff --git a/src/archive.c b/src/archive.c -index 9a184fd..f3a66c2 100644 ---- a/src/archive.c -+++ b/src/archive.c -@@ -28,6 +28,7 @@ - #include "apk_defines.h" - #include "apk_print.h" - #include "apk_archive.h" -+#include "apk_openssl.h" - - struct tar_header { - /* ustar header, Posix 1003.1 */ -@@ -82,7 +83,7 @@ struct apk_tar_entry_istream { - struct apk_istream is; - struct apk_istream *tar_is; - size_t bytes_left; -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - struct apk_checksum *csum; - time_t mtime; - }; -@@ -121,10 +122,10 @@ static ssize_t tar_entry_read(void *stream, void *ptr, size_t size) - if (teis->csum == NULL) - return r; - -- EVP_DigestUpdate(&teis->mdctx, ptr, r); -+ EVP_DigestUpdate(teis->mdctx, ptr, r); - if (teis->bytes_left == 0) { -- teis->csum->type = EVP_MD_CTX_size(&teis->mdctx); -- EVP_DigestFinal_ex(&teis->mdctx, teis->csum->data, NULL); -+ teis->csum->type = EVP_MD_CTX_size(teis->mdctx); -+ EVP_DigestFinal_ex(teis->mdctx, teis->csum->data, NULL); - } - return r; - } -@@ -210,7 +211,9 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser, - char filename[sizeof buf.name + sizeof buf.prefix + 2]; - - odi = (struct apk_tar_digest_info *) &buf.linkname[3]; -- EVP_MD_CTX_init(&teis.mdctx); -+ teis.mdctx = EVP_MD_CTX_new(); -+ if (!teis.mdctx) return -ENOMEM; -+ - memset(&entry, 0, sizeof(entry)); - entry.name = buf.name; - while ((r = apk_istream_read(is, &buf, 512)) == 512) { -@@ -327,7 +330,7 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser, - if (entry.mode & S_IFMT) { - /* callback parser function */ - if (teis.csum != NULL) -- EVP_DigestInit_ex(&teis.mdctx, -+ EVP_DigestInit_ex(teis.mdctx, - apk_checksum_default(), NULL); - - r = parser(ctx, &entry, &teis.is); -@@ -360,7 +363,7 @@ err: - /* Check that there was no partial (or non-zero) record */ - if (r >= 0) r = -EBADMSG; - ok: -- EVP_MD_CTX_cleanup(&teis.mdctx); -+ EVP_MD_CTX_free(teis.mdctx); - free(pax.ptr); - free(longname.ptr); - apk_fileinfo_free(&entry); -diff --git a/src/database.c b/src/database.c -index 8cf63b2..91fcedd 100644 ---- a/src/database.c -+++ b/src/database.c -@@ -35,6 +35,7 @@ - #include "apk_applet.h" - #include "apk_archive.h" - #include "apk_print.h" -+#include "apk_openssl.h" - - static const apk_spn_match_def apk_spn_repo_separators = { - [4] = (1<<0) /* */, -@@ -2363,18 +2364,22 @@ static struct apk_db_dir_instance *apk_db_install_directory_entry(struct install - - static const char *format_tmpname(struct apk_package *pkg, struct apk_db_file *f, char tmpname[static TMPNAME_MAX]) - { -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - unsigned char md[EVP_MAX_MD_SIZE]; - apk_blob_t b = APK_BLOB_PTR_LEN(tmpname, TMPNAME_MAX); - - if (!f) return NULL; - -- EVP_DigestInit(&mdctx, EVP_sha256()); -- EVP_DigestUpdate(&mdctx, pkg->name->name, strlen(pkg->name->name) + 1); -- EVP_DigestUpdate(&mdctx, f->diri->dir->name, f->diri->dir->namelen); -- EVP_DigestUpdate(&mdctx, "/", 1); -- EVP_DigestUpdate(&mdctx, f->name, f->namelen); -- EVP_DigestFinal(&mdctx, md, NULL); -+ mdctx = EVP_MD_CTX_new(); -+ if (!mdctx) return NULL; -+ -+ EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL); -+ EVP_DigestUpdate(mdctx, pkg->name->name, strlen(pkg->name->name) + 1); -+ EVP_DigestUpdate(mdctx, f->diri->dir->name, f->diri->dir->namelen); -+ EVP_DigestUpdate(mdctx, "/", 1); -+ EVP_DigestUpdate(mdctx, f->name, f->namelen); -+ EVP_DigestFinal_ex(mdctx, md, NULL); -+ EVP_MD_CTX_free(mdctx); - - apk_blob_push_blob(&b, APK_BLOB_PTR_LEN(f->diri->dir->name, f->diri->dir->namelen)); - apk_blob_push_blob(&b, APK_BLOB_STR("/.apk.")); -diff --git a/src/io.c b/src/io.c -index ff254fd..0295807 100644 ---- a/src/io.c -+++ b/src/io.c -@@ -28,6 +28,7 @@ - #include "apk_defines.h" - #include "apk_io.h" - #include "apk_hash.h" -+#include "apk_openssl.h" - - #if defined(__GLIBC__) || defined(__UCLIBC__) - #define HAVE_FGETPWENT_R -@@ -623,22 +624,25 @@ static void hash_len_data(EVP_MD_CTX *ctx, uint32_t len, const void *ptr) - void apk_fileinfo_hash_xattr_array(struct apk_xattr_array *xattrs, const EVP_MD *md, struct apk_checksum *csum) - { - struct apk_xattr *xattr; -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - -- if (!xattrs || xattrs->num == 0) { -- csum->type = APK_CHECKSUM_NONE; -- return; -- } -+ if (!xattrs || xattrs->num == 0) goto err; -+ mdctx = EVP_MD_CTX_new(); -+ if (!mdctx) goto err; - - qsort(xattrs->item, xattrs->num, sizeof(xattrs->item[0]), cmp_xattr); - -- EVP_DigestInit(&mdctx, md); -+ EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL); - foreach_array_item(xattr, xattrs) { -- hash_len_data(&mdctx, strlen(xattr->name), xattr->name); -- hash_len_data(&mdctx, xattr->value.len, xattr->value.ptr); -+ hash_len_data(mdctx, strlen(xattr->name), xattr->name); -+ hash_len_data(mdctx, xattr->value.len, xattr->value.ptr); - } -- csum->type = EVP_MD_CTX_size(&mdctx); -- EVP_DigestFinal(&mdctx, csum->data, NULL); -+ csum->type = EVP_MD_CTX_size(mdctx); -+ EVP_DigestFinal_ex(mdctx, csum->data, NULL); -+ EVP_MD_CTX_free(mdctx); -+ return; -+err: -+ csum->type = APK_CHECKSUM_NONE; - } - - void apk_fileinfo_hash_xattr(struct apk_file_info *fi) -@@ -723,17 +727,20 @@ int apk_fileinfo_get(int atfd, const char *filename, unsigned int flags, - } else { - bs = apk_bstream_from_file(atfd, filename); - if (!IS_ERR_OR_NULL(bs)) { -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - apk_blob_t blob; - -- EVP_DigestInit(&mdctx, apk_checksum_evp(checksum)); -- if (bs->flags & APK_BSTREAM_SINGLE_READ) -- EVP_MD_CTX_set_flags(&mdctx, EVP_MD_CTX_FLAG_ONESHOT); -- while (!APK_BLOB_IS_NULL(blob = apk_bstream_read(bs, APK_BLOB_NULL))) -- EVP_DigestUpdate(&mdctx, (void*) blob.ptr, blob.len); -- fi->csum.type = EVP_MD_CTX_size(&mdctx); -- EVP_DigestFinal(&mdctx, fi->csum.data, NULL); -- -+ mdctx = EVP_MD_CTX_new(); -+ if (mdctx) { -+ EVP_DigestInit_ex(mdctx, apk_checksum_evp(checksum), NULL); -+ if (bs->flags & APK_BSTREAM_SINGLE_READ) -+ EVP_MD_CTX_set_flags(mdctx, EVP_MD_CTX_FLAG_ONESHOT); -+ while (!APK_BLOB_IS_NULL(blob = apk_bstream_read(bs, APK_BLOB_NULL))) -+ EVP_DigestUpdate(mdctx, (void*) blob.ptr, blob.len); -+ fi->csum.type = EVP_MD_CTX_size(mdctx); -+ EVP_DigestFinal_ex(mdctx, fi->csum.data, NULL); -+ EVP_MD_CTX_free(mdctx); -+ } - apk_bstream_close(bs, NULL); - } - } -diff --git a/src/package.c b/src/package.c -index e19250a..baa8a90 100644 ---- a/src/package.c -+++ b/src/package.c -@@ -21,6 +21,7 @@ - #include - #include - -+#include "apk_openssl.h" - #include - - #include "apk_defines.h" -@@ -490,9 +491,9 @@ void apk_sign_ctx_init(struct apk_sign_ctx *ctx, int action, - ctx->data_started = 1; - break; - } -- EVP_MD_CTX_init(&ctx->mdctx); -- EVP_DigestInit_ex(&ctx->mdctx, ctx->md, NULL); -- EVP_MD_CTX_set_flags(&ctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); -+ ctx->mdctx = EVP_MD_CTX_new(); -+ EVP_DigestInit_ex(ctx->mdctx, ctx->md, NULL); -+ EVP_MD_CTX_set_flags(ctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); - } - - void apk_sign_ctx_free(struct apk_sign_ctx *ctx) -@@ -501,7 +502,7 @@ void apk_sign_ctx_free(struct apk_sign_ctx *ctx) - free(ctx->signature.data.ptr); - if (ctx->signature.pkey != NULL) - EVP_PKEY_free(ctx->signature.pkey); -- EVP_MD_CTX_cleanup(&ctx->mdctx); -+ EVP_MD_CTX_free(ctx->mdctx); - } - - static int check_signing_key_trust(struct apk_sign_ctx *sctx) -@@ -674,16 +675,16 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) - - /* Drool in the remaining of the digest block now, we will finish - * it on all cases */ -- EVP_DigestUpdate(&sctx->mdctx, data.ptr, data.len); -+ EVP_DigestUpdate(sctx->mdctx, data.ptr, data.len); - - /* End of control-block and checking control hash/signature or - * end of data-block and checking its hash/signature */ - if (sctx->has_data_checksum && !end_of_control) { - /* End of control-block and check it's hash */ -- EVP_DigestFinal_ex(&sctx->mdctx, calculated, NULL); -- if (EVP_MD_CTX_size(&sctx->mdctx) == 0 || -+ EVP_DigestFinal_ex(sctx->mdctx, calculated, NULL); -+ if (EVP_MD_CTX_size(sctx->mdctx) == 0 || - memcmp(calculated, sctx->data_checksum, -- EVP_MD_CTX_size(&sctx->mdctx)) != 0) -+ EVP_MD_CTX_size(sctx->mdctx)) != 0) - return -EKEYREJECTED; - sctx->data_verified = 1; - if (!(apk_flags & APK_ALLOW_UNTRUSTED) && -@@ -700,7 +701,7 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) - case APK_SIGN_VERIFY: - case APK_SIGN_VERIFY_AND_GENERATE: - if (sctx->signature.pkey != NULL) { -- r = EVP_VerifyFinal(&sctx->mdctx, -+ r = EVP_VerifyFinal(sctx->mdctx, - (unsigned char *) sctx->signature.data.ptr, - sctx->signature.data.len, - sctx->signature.pkey); -@@ -717,13 +718,13 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) - sctx->data_verified = 1; - } - if (sctx->action == APK_SIGN_VERIFY_AND_GENERATE) { -- sctx->identity.type = EVP_MD_CTX_size(&sctx->mdctx); -- EVP_DigestFinal_ex(&sctx->mdctx, sctx->identity.data, NULL); -+ sctx->identity.type = EVP_MD_CTX_size(sctx->mdctx); -+ EVP_DigestFinal_ex(sctx->mdctx, sctx->identity.data, NULL); - } - break; - case APK_SIGN_VERIFY_IDENTITY: - /* Reset digest for hashing data */ -- EVP_DigestFinal_ex(&sctx->mdctx, calculated, NULL); -+ EVP_DigestFinal_ex(sctx->mdctx, calculated, NULL); - if (memcmp(calculated, sctx->identity.data, - sctx->identity.type) != 0) - return -EKEYREJECTED; -@@ -733,21 +734,21 @@ int apk_sign_ctx_mpart_cb(void *ctx, int part, apk_blob_t data) - break; - case APK_SIGN_GENERATE: - /* Package identity is the checksum */ -- sctx->identity.type = EVP_MD_CTX_size(&sctx->mdctx); -- EVP_DigestFinal_ex(&sctx->mdctx, sctx->identity.data, NULL); -+ sctx->identity.type = EVP_MD_CTX_size(sctx->mdctx); -+ EVP_DigestFinal_ex(sctx->mdctx, sctx->identity.data, NULL); - if (sctx->action == APK_SIGN_GENERATE && - sctx->has_data_checksum) - return -ECANCELED; - break; - } - reset_digest: -- EVP_DigestInit_ex(&sctx->mdctx, sctx->md, NULL); -- EVP_MD_CTX_set_flags(&sctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); -+ EVP_DigestInit_ex(sctx->mdctx, sctx->md, NULL); -+ EVP_MD_CTX_set_flags(sctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); - return 0; - - update_digest: -- EVP_MD_CTX_clear_flags(&sctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); -- EVP_DigestUpdate(&sctx->mdctx, data.ptr, data.len); -+ EVP_MD_CTX_clear_flags(sctx->mdctx, EVP_MD_CTX_FLAG_ONESHOT); -+ EVP_DigestUpdate(sctx->mdctx, data.ptr, data.len); - return 0; - } - --- -cgit v1.1 - diff --git a/main/apk-tools/fix-xattr-hash-to-be-sha1.patch b/main/apk-tools/fix-xattr-hash-to-be-sha1.patch deleted file mode 100644 index 96af35c894..0000000000 --- a/main/apk-tools/fix-xattr-hash-to-be-sha1.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f38d1f74af7a5ef0ccee2029be0d8036b9020f1a Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= -Date: Tue, 30 Oct 2018 18:26:10 +0200 -Subject: fix xattr hash to be sha1 - -The hash type was accidentally changed in previous commit. Currently -csum->data cannot hold longer hash, so fix the hash. ---- - src/io.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/io.c b/src/io.c -index 0295807..382fd1b 100644 ---- a/src/io.c -+++ b/src/io.c -@@ -632,7 +632,7 @@ void apk_fileinfo_hash_xattr_array(struct apk_xattr_array *xattrs, const EVP_MD - - qsort(xattrs->item, xattrs->num, sizeof(xattrs->item[0]), cmp_xattr); - -- EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL); -+ EVP_DigestInit_ex(mdctx, EVP_sha1(), NULL); - foreach_array_item(xattr, xattrs) { - hash_len_data(mdctx, strlen(xattr->name), xattr->name); - hash_len_data(mdctx, xattr->value.len, xattr->value.ptr); --- -cgit v1.1 - -- cgit v1.2.3