pkgng/pkgng b2621dftests/frontend lock.sh

tests/lock.sh: replace test message with the new one

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+4-4tests/frontend/lock.sh
+4-41 files

pkgng/pkgng e86c05fdocs pkg-lock.8

pkg-lock(8): use single hyphen and use complete words

1. Use "-all" which man will render as "--all".
2. Use complete words (such as upgrade, downgrade etc.) for a good
grammatical view.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+5-5docs/pkg-lock.8
+5-51 files

pkgng/pkgng 2d23565src lock.c

src/lock.c: print on stdout when no locked packages are found

Printing on stderr, raises test errors, and it seems only resonable
when an error occurs. As this isn't an error, it should be on stdout.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+1-1src/lock.c
+1-11 files

pkgng/pkgng f5068bfsrc lock.c

src/lock.c: add a message when there are no locked packages

Right now, even if there are no locked packages to list, it shows
a line, with message "Currently locked packages:" and nothing else.
From a user prospective, it's better to have a clear error/help
message if there are no locked packages to list.

Also, the return value is kind of odd here. If there are no locked
packages, "pkg lock -l" command doesn't return 1 or anything > 0.
"pkg lock -lq" also has the same behavior, except if we pass
--has-locked-packages and gotone is false, it returns 1 (EXIT_FAILURE).

I think it's also better to simply return 0 (if there are locked
packages) or 1 (if there's none locked packages).

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+15-11src/lock.c
+15-111 files

pkgng/pkgng d6c14ceexternal/libder/libder libder_private.h

external: libder: fix after explicit_bzero() usage

explicit_bzero() is in <strings.h> on FreeBSD, but <string.h> on Linux --
just include both.
DeltaFile
+4-4external/libder/libder/libder_private.h
+4-41 files

pkgng/pkgng d0d6c93external/libder/libder libder_write.c

Revert "ecc: fix buffer overflow"

This reverts commit 136f30ba8fff99b22c22afa195340d890a30e5cc.
DeltaFile
+1-1external/libder/libder/libder_write.c
+1-11 files

pkgng/pkgng 3766425libpkg pkgsign_ossl.c pkg_repo.c

libpkg: push siglen +/- 1 into the ossl signer

pack_sign() cannot know that it's safe to read past the bounds of the buffer
provided, so we have to stop that.  We can't just stop writing the nul
terminator to avoid breaking compatibility with previous versions' signing
and verifying RSA signatures, so instead push the hack into the ossl signer.

This fixes an overflow when trying to read from the libder-encoded buffer.
DeltaFile
+11-1libpkg/pkgsign_ossl.c
+1-5libpkg/pkg_repo.c
+1-1libpkg/pkg_repo_create.c
+13-73 files

pkgng/pkgng 13b432b. NEWS

1.20.99.12
DeltaFile
+5-0NEWS
+5-01 files

pkgng/pkgng 136f30bexternal/libder/libder libder_write.c

ecc: fix buffer overflow
DeltaFile
+1-1external/libder/libder/libder_write.c
+1-11 files

pkgng/pkgng a340f78libpkg pkg_ports.c utils.c, libpkg/private pkg.h

plist: grow the notion of variable

Now %%var%% can be defined directly in the plist in the form
@var key value

The line read from the plist are first parsed and get its %%var%%
expanded prior any analysis
DeltaFile
+98-1libpkg/pkg_ports.c
+35-0tests/frontend/create.sh
+1-0libpkg/utils.c
+1-0libpkg/private/pkg.h
+135-14 files

pkgng/pkgng f3151f6libpkg pkg_solve.c

solver: fix sigbus with vital rule
DeltaFile
+2-0libpkg/pkg_solve.c
+2-01 files

pkgng/pkgng df217a9external/libder README.md, external/libder/libder libder_read.c libder_obj.c

external: import libder changes to zero out payloads

libder doesn't know whether it's dealing with sensitive material or not, so
it now zeroes out every buffer it uses for DER data transport to be overly
cautious.
DeltaFile
+49-3external/libder/libder/libder_read.c
+25-5external/libder/libder/libder_obj.c
+17-1external/libder/libder/libder_private.h
+5-0external/libder/README.md
+1-0external/libder/libder/libder_write.c
+97-95 files

pkgng/pkgng 26f1275tests/frontend vital.sh

vital: adapt test to latest changes

the solver now removes entirely a program flag as vital from any plan
which end up deleting it.
DeltaFile
+2-2tests/frontend/vital.sh
+2-21 files

pkgng/pkgng 6b43cffexternal/sqlite sqlite3.c shell.c

sqlite: update to 3.45.2
DeltaFile
+339-164external/sqlite/sqlite3.c
+58-35external/sqlite/shell.c
+5-3external/sqlite/sqlite3.h
+402-2023 files

pkgng/pkgng f13d616libpkg pkg_solve.c

libpkg/pkg_solve.c: remove the err label

Remove the "err" jump label as it just being used to return NULL,
which can be directly returned (without a jump).

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+3-6libpkg/pkg_solve.c
+3-61 files

pkgng/pkgng 5fe7a39libpkg pkgsign_ecc.c

libpkg: zero out key material in the ecc signer
DeltaFile
+5-1libpkg/pkgsign_ecc.c
+5-11 files

pkgng/pkgng 749c286libpkg Makefile.autosetup

libpkg: bundle libder in the share object
DeltaFile
+1-0libpkg/Makefile.autosetup
+1-01 files

pkgng/pkgng b9ced99libpkg Makefile.autosetup

libpkg: bundle libecc in the share object
DeltaFile
+1-0libpkg/Makefile.autosetup
+1-01 files

pkgng/pkgng 2e61e4b. NEWS auto.def

1.20.99.11
DeltaFile
+4-0NEWS
+1-1auto.def
+5-12 files

pkgng/pkgng 6b9357csrc info.c

Revert "src/info.c: keep the length in a variable to avoid another call"

This reverts commit caa1d6b3e8b188412c6eea704572e0b1e82ff3a0.

This changes causes segfaults because strlen(pkgname) on a non
initialized pkgname
DeltaFile
+2-4src/info.c
+2-41 files

pkgng/pkgng 3681bf1tests/frontend upgrade.sh

Test: add a testsuite about the solver and the vital flags
DeltaFile
+43-1tests/frontend/upgrade.sh
+43-11 files

pkgng/pkgng ccfbf0clibpkg pkg_solve.c

Take PKG_ATTR_{VITAL,LOCKED} into account when solving for pkg upgrade.

The package marked "vital" could not be removed. However, the plan generated
by the solver may still contain such decisions. Such plans will fail when
executed, but this change prevent them from being generated to begin with.

Sponsored by:   Serenity Cybersecurity, LLC
DeltaFile
+28-0libpkg/pkg_solve.c
+28-01 files

pkgng/pkgng b34c6e3libpkg pkgsign_ecc.c

libpkg: remove some debugging cruft from pkgsign_ecc

Accidentally included, should have been removed; these don't make any sense
in the final context.
DeltaFile
+0-9libpkg/pkgsign_ecc.c
+0-91 files

pkgng/pkgng caa1d6bsrc info.c

src/info.c: keep the length in a variable to avoid another call

Keeping the string length (strlen()) value in a variable can avoid
re-calculating the length of the string (or another strlen() function
call). Although, most compilers might just "fix" this by keeping it
in the previous register, but it will only, if optimization is enabled.
To avoid this, it seems just better to do this manually.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+4-2src/info.c
+4-21 files

pkgng/pkgng a669c9csrc add.c

src/add.c: check the getenv() before to avoid another getenv() call

Instead of calling getenv() in a ternary, call it before and keep the
value in a variable. This avoids calling getenv() for the second time,
and also makes the code a bit more clean.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+5-3src/add.c
+5-31 files

pkgng/pkgng e9d2587libpkg pkg_repo.c

libpkg/pkg_repo.c: multiple trivial changes

1. In pkg_repo_archive_extract_check_archive() function, don't set rc
value that needed to be returned whenever an error or okay happens.
Instead, just return the error to avoid a few more instructions to
set the rc variable and jumping to a different label.

2. pkg_repo_fetch_data_fd(): do the check, whether fd is -1 in the same
braces where the function was called. This avoids two multiple checks
for fd if the first one isn't -1.

e.g. if fd isn't -1
and below another check which will be always true if the previous one
succeed.
if fd isn't -1
...

3. Use the environment variable "TMPDIR" and not "TMMDIR". (It doesn't
exists) and so the branch will always going to be false.

    [6 lines not shown]
DeltaFile
+24-24libpkg/pkg_repo.c
+24-241 files

pkgng/pkgng 3d294f2libpkg fetch_libcurl.c

libpkg/fetch_libcurl.c: use label name do_retry

Use the lable name do_retry, instead of, retry to distinguish between
variable (retry variable) and the jump label.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+3-3libpkg/fetch_libcurl.c
+3-31 files

pkgng/pkgng b15ecacsrc main.c

src/main.c: remove the redundant return

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+1-3src/main.c
+1-31 files

pkgng/pkgng 4ac6289libpkg pkg_status.c

libpkg/pkg_status.c: keep the getenv() value in a variable

Same as commit: aa1ef79d9796494d0c3807dd7a7bf2af1803cd97

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+5-2libpkg/pkg_status.c
+5-21 files

pkgng/pkgng 0f444c3libpkg utils.c

libpkg/utils.c: keep the length in a variable to avoid another call

1. Same as commit b8a10ba09c1874365ce88a6ff3c3f688a45da0bb
2. Move the struct (tempdir) at the toplevel of the function.

Signed-off-by: rilysh <nightquick at proton.me>
DeltaFile
+5-4libpkg/utils.c
+5-41 files