Commit Graph

99 Commits

Author SHA1 Message Date
cperciva
c9b82c3a4c Avoid division by zero in the rare case that portsnap needs to fetch
zero patches.  (This avoids two "dc: divide by zero" warnings.)

MFC after:	3 days
2016-12-16 22:37:16 +00:00
emaste
909bb20a50 portsnap: use lam on the known good hash list
This change is equivalent to the approach committed in r306417, but if
sed has a bug it could be exploited by the untrusted tar file. Instead,
generate the expected tar content and compare that with find's output.

convert the expected hash list to the expected tar content filesystem
layout, and compare that with find's output.

Submitted by:	cperciva (in review D8052)
Reviewed by:	oshogbo
MFC after:	2 weeks
2016-10-07 20:01:59 +00:00
emaste
27891556e1 portsnap: only move expected snapshot contents from snap/ to files/
Previously it was possible to smuggle in addional files that would
be used by later portsnap runs. Now we only move those files expected
to be in the snapshot into files/ and require that there are no
unexpected files.

This was used by portsnap attacks 2, 3, and 4 in the "non-cryptanalytic
attacks against FreeBSD update components" anonymous gist.

Reported by:	anonymous gist
Reviewed by:	allanjude, delphij
MFC after:	ASAP
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8052
2016-09-28 21:22:51 +00:00
delphij
69ca030985 Ensure that we always open only files that is named by explicitly
using shell redirections instead of having gzip(1) to decide what
file to open.

Issue reported in the "non-cryptanalytic attacks against freebsd
update components" anonymous gist.

Reviewed by:	allanjude, emaste
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D7653
2016-09-06 08:52:00 +00:00
pfg
26c891f034 Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
jgh
4966cb7da8 - update portsnap(8) to direct users to pkg-version
PR:		202971
Submitted by:	adamw@FreeBSD.org
Reviewed by:	bdrewery@
Approved by:	wblock@
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D5429
2016-03-01 22:13:20 +00:00
trasz
ec8974ab42 Fix typo.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-02-29 17:25:13 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
delphij
968744b0aa Add a manual page for phttpget(8).
MFC after:	1 month
2015-01-02 21:02:41 +00:00
sjg
d7cd1d425c Merge head from 7/28 2014-08-19 06:50:54 +00:00
bapt
c0cd28f928 use .Mt to mark up email addresses consistently (part2)
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
2014-06-20 09:57:27 +00:00
sjg
5860f0d106 Updated dependencies 2014-05-16 14:09:51 +00:00
sjg
1a7e48acf1 Updated dependencies 2014-05-10 05:16:28 +00:00
sjg
5e568154a0 Merge head 2014-04-28 07:50:45 +00:00
delphij
c5b1d984c7 Use case insensitive match in portsnap.
PR:		bin/186510
Submitted by:	olli
MFC after:	2 weeks
2014-04-21 19:33:27 +00:00
imp
c39e6fc2c9 NO_MAN= has been deprecated in favor of MAN= for some time, go ahead
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
2014-04-13 05:21:56 +00:00
cperciva
12cf4d4a0c When verifying that files we need are present, also check that they don't
have zero length.  Filesystem corruption will tend to truncate files, and
since these are short that's likely to result in them becoming empty.

Suggested by:	Richard Clayton
Convinced by:	rwatson
MFC after:	3 weeks
2013-11-14 09:22:32 +00:00
gavin
bb2f04b00e Rename the "alfred" command to "auto", and document it. Retain support
for "portsnap alfred" for now.

Discussed:	many times, most recently on svn-src-all
MFC after:	1 week
2013-10-22 18:55:52 +00:00
sjg
62bb106222 Merge from head 2013-09-05 20:18:59 +00:00
cperciva
7d9a4be39e Fix bug in deleting files: If two ports had the same tarball and one of
them changed (or was removed from the tree) then portsnap would delete
that file.  This happened earlier today when one of two empty port
directories was removed.  Uniquifying the lists of needed files fixes
this.

9.2-RELEASE candidate.

MFC after:	3 days
2013-07-11 22:19:18 +00:00
delphij
cf69e9d6c1 Make 'portsnap alfred' overwrite ports tree if it's not created by a
portsnap.

Discussed with:	alfred
Reviewed by:	cperciva
2013-06-07 20:21:30 +00:00
joel
d1ce45a46f mdoc sweep 2013-05-13 18:13:50 +00:00
joel
05a725b2d7 mdoc sweep. 2013-05-12 22:22:12 +00:00
sjg
6d37b86f2b Updated dependencies 2013-03-11 17:21:52 +00:00
sjg
0ee5295509 Updated dependencies 2013-02-16 01:23:54 +00:00
obrien
3028e3f8ab Sync with HEAD. 2013-02-08 16:10:16 +00:00
alfred
ed59b019d4 Change progress indicator for downloading patches.
Use a percent style indicator instead of emitting one
long line of patch numbers.
2012-12-13 01:39:49 +00:00
sjg
778e93c51a Sync from head 2012-11-04 02:52:03 +00:00
eadler
ece1c03fda Avoid changing IFS in a global context as this can sometimes cause
errors later on.

PR:		bin/172715
Submitted by:	Matthew D.Fuller <fullermd@over-yonder.net> (older
version)
Submitted by:	dteske
Approved by:	cperciva
MFC after:	1 week
2012-10-24 12:49:03 +00:00
joel
576f668282 Remove cvs/cvsup reference. 2012-10-14 10:12:32 +00:00
issyl0
9546d5704f Change "only only" to "only" in portsnap(8).
Spotted by:	Ruslan Mahmatkhanov
Approved by:	gabor (mentor, implicit)
2012-09-28 11:40:59 +00:00
issyl0
025fb75eb6 Add a note to portsnap(8) about the behaviour of the example cron command.
PR:		docs/171759
Submitted by:	Paul Hoffman (phoffman at proper dot com)
Approved by:	cperciva, gabor (mentor)
MFC after:	3 days
2012-09-28 11:11:42 +00:00
marcel
9dd41e3647 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
eadler
d26d8ba30e Add interactive option to override portsnap's automagical detection of
a terminal.

Submitted by:	Hannes h2+fbsdports@fsfe.org
Approved by:	cperciva
MFC after:	1 week
2012-08-05 21:13:21 +00:00
eadler
b9dff5c3f7 make it easier for users used to a VCS that allows up to be a shortcut
for update.

PR:		bin/152856
Approved by:	cperciva
MFC after:	3 days
2012-05-09 21:56:10 +00:00
alfred
6280e6aab3 Fix spelling of extract.
Pointed out by: gcooper
2011-11-13 06:39:49 +00:00
alfred
3e2fdc5998 Utilize shell's IFS instead of forking ~6 processes to
handle splitting input files on a '|'.  This greatly
reduces the time taken to process several databases
during the update process.

Additionally add some more debug logging.
2011-11-13 03:18:57 +00:00
jilles
56aec06683 portsnap: Detect error immediately if we can't fetch the snapshot metadata.
Also add some quotes around command substitution where useful and possible.

Reviewed by:	cperciva
MFC after:	1 week
2011-10-04 22:28:06 +00:00
simon
b19345a9d7 Add --numeric-owner to tar extract operations in portsnap.
This is done to speed up extraction significantly (both for portsnap
extract and update) in the case of slow NSS modules (like nss_ldap) as
it avoids having to look up uid and gid for root / wheel.

The reason this is a bigger problem for portsnap than for many other
system operations, is that portsnap executes tar(1) once for each port
so the internal uid/gid caching in tar(1) only helps a bit, resulting
in many user lookup calls.

Discussed with:	cperciva
2010-12-19 23:09:42 +00:00
uqs
8ae3afcfad mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
joel
dd1fff9bcb Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
ed
073cafdd42 The last big commit: let usr.sbin/ use WARNS=6 by default. 2010-01-02 11:07:44 +00:00
cperciva
0fabff56c2 Add undocumented 'portsnap alfred' command, which runs (fetch|cron)
based on whether fd 0 is a terminal, and then runs (extract|update)
based on whether ${PORTSDIR} exists.

Requested by:	alfred
MFC after:	1 month
2009-12-30 06:28:47 +00:00
cperciva
8e78b05618 Set SO_NOSIGPIPE on sockets used by phttpget. Without this, if
(1) phttpget is attempting to download enough files that it can't send
all the requests at once, and
(2) the remote server forcibly closes the connection, resulting in RST
packets being sent,
phttpget will receive a SIGPIPE and terminate without downloading all
of the files.

This is probably responsible for a number of hard-to-reproduce errors
with portsnap and freebsd-update.

MFC after:	3 days
2009-04-03 21:13:18 +00:00
danger
03499dabc8 - remove superfluous word
PR:		docs/127401
Submitted by:	Mick Charles Beaver <mick@cs.wisc.edu>
MFC after:	1 week
2008-09-15 16:30:06 +00:00
cperciva
55aafae3bb Add support for specifying which INDEX files to build via portsnap.conf.
Requested by:	brooks
Reminded by:	brooks, about halfway through his BSDCan talk
2008-05-17 16:26:27 +00:00
cperciva
5525e95af0 Improve conformance to the HTTP specification by using case-insensitive
comparisons for header keywords.  Apparently some proxies use creative
capitalization.

Weird proxy found by:	brooks
MFC after:		3 days
2008-02-13 20:46:23 +00:00
cperciva
4ddafa9af1 Attempt to reduce the rate of foot-shooting injuries by adding a new
paragraph clarifying that portsnap does not behave the same way as
cvs and cvsup where local modifications are concerned.

Submitted by:	peter
Feet shot:	peter, kris, obrien, + many others
2007-12-28 20:39:18 +00:00