To quash warnings from GCC 7.

	/home/yunion/git-repo/openwrt/openwrt/build_dir/target-mips_24kc_musl/linux-malta_be/opkg-2019-06-14-21b7bd73

/libopkg/pkg_alternatives.c:35:42: warning: duplicate 'const' declaration specifier [-Wduplicate-decl-specifier]
	 static const struct alternative_provider const providers[] = {
						  ^~~~~
Signed-off-by: Yousong Zhou <zhouyousong@yunionyun.com>

Almost all busybox applets are alternatives to some other existing
"full" utilities.  To lift the maintenance burden of enumerating CONFIG
symbols, symlink path of each applet, we special case busybox here as a
known alternatives provider.

All file pathes provided by busybox will serve as fallback alternatives
with -inf priority.  Packages intending to switch to using alternatives
mechanism will also not need to depend on the same kind of change be
applied on busybox in base system

v3 <- v2 continue to next when fetching provider pkg failed
v2 <- v1 Move busybox-specific part into data section
Signed-off-by: Yousong Zhou <zhouyousong@yunionyun.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>

Fixes: cb664038

 ("libopkg: check for file size mismatches")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Reject package files whose file size deviates from the size specified
in the package index in order to complicate producing hash collisions.

Ref: https://groups.google.com/d/msg/opkg-devel/o4kiGQMvkiw/hu0TVv59DgAJ

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

This reverts commit 1504d35f

.

We won't use Replaces: for the repo ABI_VERSION tracking after all, so
drop this hack before it becomes another liability.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

This reverts commit 89fe77cb

.

After spending further thoughts on this I think this makes no sense at all
and such situations should be avoided on the repo level instead by don't
providing incompatible packages having an identical name.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

The presence of a "Replaces:" tag in any package feed list will cause
opkg prior to "d217daf1

 libopkg: fix replacelist parsing and writing"
to segfault while parsing such a list.

Add a hack which lets opkg recognize a "Replace2" field and handle
it identically to "Replaces".
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Also consider the list of provided abstract packages when testing the
package vector for name matches. This fixes the "opkg whatdepends"
command with abstract provided package arguments.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Instead of silently failing and claiming that the signature verification
failed, print out the error status when the initial fork() call fails.

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=1999

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Sometimes opkg ends up reporting unresolved dependencies multiple
times while also missing a newline between consecutive error lines,
making the error message output looking garbled and confusing.

Add some logic to skip repeated unresolved dependencies and ensure
that message lines are properly terminated by newlines.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Opkg might receive percent-encoded file:/ URLs from various sources,
e.g. local package lists, user-supplied command line arguments etc.

In order to support such URLs, decode the path component before
trying to invoke file operations on it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Introduce a new urldecode_path() helper to resolve percent-encoded URL
portions back into the original binary form.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Consolidate the various copies of the bin2hex table into one global variant
and replace the broken hex() define with a static helper function to prevent
accidential multiple expression evaluation.

This also fixes bug when converting hexadecimal checksums into binary forms
where the letters a..f/A..F where incorrectly converted into 0..5 instead
of 10..15 .
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

http_timeout will append `--timeout xy` to the resulting wget
call. This is useful when using opkg update in a automatic
way and prevent long timeouts
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>

Various web servers, namely Amazon S3 ones, have problems handling requests
to URLs with a literal "+" in the path component.

According to the RFC 3986 "+" is a reserved char and its purpose is
delimiting. When used in a file name it should be encoded.

Use the new urlencode_path() helper to encode the path component before
constructing the final download URL.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Tested-by: Rafał Miłecki <rafal@milecki.pl>

Introduce a helper function urlencode_path() which can be used to encode
problematic characters in package file names.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Tested-by: Rafał Miłecki <rafal@milecki.pl>

The SHA256 implementation relied on WORDS_BIGENDIAN being defined for
big endian systems, but this was broken since the switch to cmake,
causing wrong checksums on big endian systems like ar71xx.

Fix this by adding a cmake check for endianess similar to the one done
by the original autotools.

Fixes: e6e6c5a2

 ("build: add cmake build system")
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>

During parsing of multi-line descriptions that begin with a newline
character, the description pointer will be NULL when the first
continuation line is encountered, causing the strlen() invocation
on the description pointer to segfault.

This is caused by the fact that the parse_simple() helper used for
parsing the initial description line returns NULL instead of an
empty string when encountering only whitespace after the field name.

Rework the continuation line parsing code to not assume an initialized
pointer by checking before calling strlen() and avoiding realloc()
on a NULL pointer.

Fixes FS#933.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

This can happen when opkg installs, then configures multiple
alternatives in a batch.  Symlink to the highest prio alternative will
be created in the initial configuring stage causing later symlink call
fail with EEXIST

    Configuring busybox.
    ...
    symlink("/sbin/ip-full", "/home/yousong/j/t/lede-imagebuilder-mvebu.Linux-x86_64/build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/root-mvebu/sbin/ip") = 0
    ...
    Configuring ip-full.
    ...
    symlink("/sbin/ip-full", "/home/yousong/j/t/lede-imagebuilder-mvebu.Linux-x86_64/build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/root-mvebu/sbin/ip") = -1 EEXIST (File exists)
    ...

While at it, "mkdir -p" dirname(path_in_dest) before symlink in case the
following symlink call may fail with ENOENT

Ref: https://github.com/openwrt/packages/issues/4567

Reported-by: Aner Andros <aa@anerandros.info>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

For cases when artifacts are stored on https:// accessible
locations and you don't want to install ca-certificates
(for various reasons).

I'll admit, using SSL like this is not recommended,
but since wget (even uclient-fetch) allows the
--no-check-certificate option, it would be nice
for opkg to support setting it if needed/configured.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

It's a list of specs of the following form seprated by commas to describe
alternatives provided by the package

    <prio>:<path>:<altpath>

where <path> will be a symbolic link to <altpath> of the highest <prio>

Size comparison on x86_64 after the change

    function                                             old     new   delta
    pkg_alternatives_update                                -     587    +587
    pkg_parse_line                                      2101    2609    +522
    .rodata                                            24594   24738    +144
    pkg_formatted_field                                 2385    2528    +143
    pkg_deinit                                           427     486     +59
    pkg_print_status                                     264     280     +16
    opkg_configure                                        59      69     +10
    xreadlink                                            120     128      +8
    opkg_remove_pkg                                     1079    1087      +8
    ------------------------------------------------------------------------------
    (add/remove: 2/0 grow/shrink: 8/0 up/down: 1483/0)           Total: 1497 bytes
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

Fixes running scripts for packages in half-installed state which would
otherwise fail with:

 * pkg_run_script: Internal error: ... has a NULL tmp_unpack_dir.
 * opkg_remove_pkg: not removing package "...", prerm script failed

Upstream bug: https://bugzilla.yoctoproject.org/show_bug.cgi?id=11245

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
[Jo-Philipp Wich: rebased onto opkg-lede, updated commit message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

The function check_data_file_clashes_change update the ownership of
files that belong to a package being replaced. It calls
pkg_get_installed_files then adds an offline root if
opkg_conf->offline_root to each path. However, pkg_get_installed_files
already returns paths with the offline root (if present).

This fixes issue 156.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

If package A both replaces and conflicts package B, it is added
unconditionally to the replaced_by vector of package B. Add check to
only add it if it's not there to avoid inaccurate warnings of the type:

Multiple replacers for X, using first one
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

compare-versions doesn't need lock files created and databases opened, so don't.
Signed-off-by: Ross Burton <ross.burton@intel.com>

Due to the fact that we're using blob buffers internally now we cannot simpyl
call parse_version() on an uninitialized struct.

Properly create the temporary packages using pkg_new() and deallocated them
using pkg_deinit() and free().
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

The implementation of opkg compare-version was simply returning the return value
of pkg_version_satisfied(), which returns a boolean.  This results in inverted
logic in that:

$ opkg compare-version 1.0 == 1.0 || echo different
different

That's clearly not right.  As nobody had noticed this before presumably nobody
was actually using this (likely either opkg-compare-version or
opkg-compare-versions.sh) just change the return value so it's correct.
Signed-off-by: Ross Burton <ross.burton@intel.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>

Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>