Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits f17f98f
Merge remote-tracking branch 'upstream/master'
Shawn Webb committed 2 years ago
commit f17f98f2c9a0862692dd8d28cfc70485da900d26
parent 609fca8
22 files changed +354 -89
modified libpkg/fetch_libcurl.c
@@ -494,9 +494,13 @@ retry:
		retcode = EPKG_CANCEL;

	} else if (rc != 200) {

		--retry;
- 
		if (retry <= 0 || (rc == 404 && repo->mirror_type == NOMIRROR)) {
- 
			pkg_emit_error("An error occured while fetching package");
- 
			retcode = EPKG_FATAL;
+ 
		if (retry <= 0) {
+ 
			if (rc == 404) {
+ 
				retcode = EPKG_ENOENT;
+ 
			} else {
+ 
				pkg_emit_error("An error occured while fetching package");
+ 
				retcode = EPKG_FATAL;
+ 
			}

		} else

			goto retry;

	}
@@ -504,7 +508,7 @@ retry:
	if (res == CURLE_OK && t >= 0) {

		fi->mtime = t;

	} else if (rc != 304 && retcode != EPKG_FATAL &&
- 
	    retcode != EPKG_CANCEL) {
+ 
	    retcode != EPKG_CANCEL && retcode != EPKG_ENOENT) {

		pkg_emit_error("Impossible to get the value from Last-Modified"

		    " HTTP header");

		fi->mtime = 0;
@@ -528,5 +532,4 @@ curl_cleanup(struct pkg_repo *repo)
	if (cr->url != NULL)

		curl_url_cleanup(cr->url);

	repo->fetch_priv = NULL;
- 
	return;

}
modified libpkg/fetch_libfetch.c
@@ -158,18 +158,18 @@ fetch_connect(struct pkg_repo *repo, struct url *u)
			u->port = http_current->url->port;

		}

		fetchOpts = xstring_new();
- 
		fputs("i", fetchOpts->fp);
+ 
	        fputc('i', fetchOpts->fp);

		if (repo != NULL) {

			if ((repo->flags & REPO_FLAGS_USE_IPV4) ==

			    REPO_FLAGS_USE_IPV4)
- 
				fputs("4", fetchOpts->fp);
+ 
				fputc('4', fetchOpts->fp);

			else if ((repo->flags & REPO_FLAGS_USE_IPV6) ==

			    REPO_FLAGS_USE_IPV6)
- 
				fputs("6", fetchOpts->fp);
+ 
				fputc('6', fetchOpts->fp);

		}



		if (ctx.debug_level >= 4)
- 
			fputs("v", fetchOpts->fp);
+ 
			fputc('v', fetchOpts->fp);



		opts = xstring_get(fetchOpts);

		pkg_debug(1,"Fetch: fetching from: %s://%s%s%s%s with opts \"%s\"",
modified libpkg/libpkg.ver
@@ -141,6 +141,7 @@ global:
	pkg_repo_create_free;

	pkg_repo_create_new;

	pkg_repo_create_set_create_filelist;
+ 
	pkg_repo_create_set_groups;

	pkg_repo_create_set_hash;

	pkg_repo_create_set_hash_symlink;

	pkg_repo_create_set_metafile;
modified libpkg/pkg.h.in
@@ -524,7 +524,8 @@ typedef enum {
	/**

	 * the operation has failed due to network down

	 */
- 
	EPKG_NONETWORK
+ 
	EPKG_NONETWORK,
+ 
	EPKG_ENOENT,

} pkg_error_t;



/**
@@ -817,6 +818,7 @@ void pkg_repo_create_set_hash_symlink(struct pkg_repo_create *prc, bool);
void pkg_repo_create_set_output_dir(struct pkg_repo_create *prc, const char *);

void pkg_repo_create_set_metafile(struct pkg_repo_create *prc, const char *);

void pkg_repo_create_set_sign(struct pkg_repo_create *prc, char **argv, int argc, pkg_password_cb *cb);
+ 
void pkg_repo_create_set_groups(struct pkg_repo_create *prc, const char *);

int pkg_repo_create(struct pkg_repo_create *, char *path);



/**
modified libpkg/pkg_repo.c
@@ -1,5 +1,5 @@
/*-
- 
 * Copyright (c) 2011-2019 Baptiste Daroussin <bapt@FreeBSD.org>
+ 
 * Copyright (c) 2011-2024 Baptiste Daroussin <bapt@FreeBSD.org>

 * Copyright (c) 2011-2012 Julien Laffaye <jlaffaye@FreeBSD.org>

 * Copyright (c) 2011-2012 Marin Atanasov Nikolov <dnaeon@gmail.com>

 * Copyright (c) 2012-2015 Matthew Seaman <matthew@FreeBSD.org>
@@ -681,6 +681,53 @@ out:
}



int
+ 
pkg_repo_fetch_data_fd(struct pkg_repo *repo, struct pkg_repo_content *prc)
+ 
{
+ 
	int fd;
+ 
	const char *tmpdir;
+ 
	char tmp[MAXPATHLEN];
+ 
	struct stat st;
+ 
	int rc = EPKG_OK;
+
+ 
	fd = pkg_repo_fetch_remote_tmp(repo, repo->meta->data, "pkg", &prc->mtime, &rc, false);
+ 
	if (fd == -1) {
+ 
		if (rc == EPKG_UPTODATE)
+ 
			return (rc);
+ 
		fd = pkg_repo_fetch_remote_tmp(repo, repo->meta->data,
+ 
		    packing_format_to_string(repo->meta->packing_format), &prc->mtime, &rc, false);
+ 
	}
+ 
	if (fd == -1)
+ 
		return (EPKG_FATAL);
+
+ 
	tmpdir = getenv("TMMDIR");
+ 
	if (tmpdir == NULL)
+ 
		tmpdir = "/tmp";
+ 
	snprintf(tmp, sizeof(tmp), "%s/%s.XXXXXX", tmpdir, repo->meta->data);
+ 
	prc->data_fd = mkstemp(tmp);
+ 
	if (prc->data_fd == -1) {
+ 
		pkg_emit_error("Cound not create temporary file %s, "
+ 
		    "aborting update.\n", tmp);
+ 
		close(fd);
+ 
		return (EPKG_FATAL);
+ 
	}
+
+ 
	unlink(tmp);
+ 
	if (pkg_repo_archive_extract_check_archive(fd, repo->meta->data, repo, prc->data_fd) != EPKG_OK) {
+ 
		close(prc->data_fd);
+ 
		close(fd);
+ 
		return (EPKG_FATAL);
+ 
	}
+
+ 
	close(fd);
+ 
	if (fstat(prc->data_fd, &st) == -1) {
+ 
		close(prc->data_fd);
+ 
		return (EPKG_FATAL);
+ 
	}
+
+ 
	return (EPKG_OK);
+ 
}
+
+ 
int

pkg_repo_fetch_remote_extract_fd(struct pkg_repo *repo, struct pkg_repo_content *prc)

{

	int fd;
modified libpkg/pkg_repo_create.c
@@ -48,6 +48,7 @@
#include <math.h>

#include <pthread.h>

#include <fcntl.h>
+ 
#include <dirent.h>



#include "tllist.h"

#include "pkg.h"
@@ -415,9 +416,133 @@ pkg_repo_create_free(struct pkg_repo_create *prc)
	pkg_repo_meta_free(prc->meta);

	if (prc->ofd != -1)

		close(prc->ofd);
+ 
	ucl_object_unref(prc->groups);

	free(prc);

}
+ 
static void
+ 
group_load(struct pkg_repo_create *prc, int dfd, const char *name, ucl_object_t *schema)
+ 
{
+ 
	struct ucl_parser *p;
+ 
	ucl_object_t *obj = NULL;
+ 
	int fd;
+ 
	struct ucl_schema_error err;
+
+ 
	fd = openat(dfd, name, O_RDONLY);
+ 
	if (fd == -1) {
+ 
		pkg_emit_error("Unable to open group: %s", name);
+ 
		return;
+ 
	}
+
+ 
	p = ucl_parser_new(0);
+ 
	if (!ucl_parser_add_fd(p, fd)) {
+ 
		pkg_emit_error("Error parsing group '%s': %s'",
+ 
		    name, ucl_parser_get_error(p));
+ 
		ucl_parser_free(p);
+ 
		close(fd);
+ 
		return;
+ 
	}
+ 
	close(fd);
+
+ 
	obj = ucl_parser_get_object(p);
+ 
	ucl_parser_free(p);
+ 
	if (obj == NULL)
+ 
		return;
+
+ 
	if (!ucl_object_validate(schema, obj, &err)) {
+ 
		pkg_emit_error("group definition %s cannot be validated: %s",
+ 
		    name, err.msg);
+ 
		ucl_object_unref(obj);
+ 
		return;
+ 
	}
+ 
	if (prc->groups == NULL)
+ 
		prc->groups = ucl_object_typed_new(UCL_ARRAY);
+ 
	ucl_array_append(prc->groups, obj);
+ 
}
+
+ 
static ucl_object_t *
+ 
group_open_schema(void)
+ 
{
+ 
	struct ucl_parser *parser;
+ 
	ucl_object_t *group_schema;
+ 
	static const char group_schema_str[] = ""
+ 
		"{"
+ 
		"  type = object;"
+ 
		"  properties: {"
+ 
		"    name: { type = string };"
+ 
		"    requires: { "
+ 
		"      type = array;"
+ 
		"      item = { type = string };"
+ 
		"    };"
+ 
		"    depends: { "
+ 
		"      type = array;"
+ 
		"      item = { type = string };"
+ 
		"    };"
+ 
		"    comment: { type = string };"
+ 
		"  };"
+ 
		"  required = [ name, comment ];"
+ 
		"};";
+ 
	parser = ucl_parser_new(UCL_PARSER_NO_FILEVARS);
+ 
	if (!ucl_parser_add_chunk(parser, group_schema_str,
+ 
	    sizeof(group_schema_str) -1)) {
+ 
		pkg_emit_error("Cannot parse schema for group: %s",
+ 
		    ucl_parser_get_error(parser));
+ 
		    ucl_parser_free(parser);
+ 
		    return (NULL);
+ 
	}
+ 
	group_schema = ucl_parser_get_object(parser);
+ 
	ucl_parser_free(parser);
+ 
	return (group_schema);
+
+ 
}
+
+ 
void
+ 
pkg_repo_create_set_groups(struct pkg_repo_create *prc, const char *path)
+ 
{
+ 
	int dfd = open(path, O_DIRECTORY);
+ 
	DIR *d;
+ 
	struct dirent *e;
+ 
	struct stat st;
+ 
	ucl_object_t *schema;
+
+ 
	if (dfd == -1) {
+ 
		pkg_emit_error("Unable to open the groups directory '%s'", path);
+ 
		return;
+ 
	}
+
+ 
	d = fdopendir(dfd);
+ 
	if (d == NULL) {
+ 
		pkg_emit_error("Unable to open the groups directory '%s'", path);
+ 
		close(dfd);
+ 
		return;
+ 
	}
+
+ 
	schema = group_open_schema();
+
+ 
	while ((e = readdir(d)) != NULL) {
+ 
		const char *ext;
+ 
		/* ignore all hidden files */
+ 
		if (e->d_name[0] == '.')
+ 
			continue;
+ 
		/* only consider files ending with .ucl */
+ 
		ext = strrchr(e->d_name, '.');
+ 
		if (ext == NULL)
+ 
			continue;
+ 
		if (strcmp(ext, ".ucl") != 0)
+ 
			continue;
+ 
		/* only regular files are considered */
+ 
		if (fstatat(dfd, e->d_name, &st, AT_SYMLINK_NOFOLLOW) != 0) {
+ 
			pkg_emit_errno("fstatat", e->d_name);
+ 
			return;
+ 
		}
+ 
		if (!S_ISREG(st.st_mode))
+ 
			continue;
+ 
		group_load(prc, dfd, e->d_name, schema);
+ 
	}
+ 
	closedir(d);
+ 
	ucl_object_unref(schema);
+ 
}
+ 


void

pkg_repo_create_set_create_filelist(struct pkg_repo_create *prc, bool val)

{
@@ -694,6 +819,13 @@ pkg_repo_create(struct pkg_repo_create *prc, char *path)
		pthread_join(threads[i], NULL);

	pkg_emit_progress_tick(len, len);

	ucl_object_emit_streamline_end_container(te.ctx);
+ 
	ucl_object_emit_streamline_end_container(te.ctx);
+ 
	if (prc->groups != NULL) {
+ 
		prc->groups->key = "groups";
+ 
		prc->groups->keylen = sizeof("groups") -1;
+ 
		ucl_object_emit_streamline_start_container(te.ctx, prc->groups);
+ 
		ucl_object_emit_streamline_end_container(te.ctx);
+ 
	}

	ucl_object_emit_streamline_finish(te.ctx);

	ucl_object_emit_funcs_free(f);

	ucl_object_unref(obj);
modified libpkg/private/pkg.h
@@ -1,5 +1,5 @@
/*-
- 
 * Copyright (c) 2011-2023 Baptiste Daroussin <bapt@FreeBSD.org>
+ 
 * Copyright (c) 2011-2024 Baptiste Daroussin <bapt@FreeBSD.org>

 * Copyright (c) 2011-2012 Julien Laffaye <jlaffaye@FreeBSD.org>

 * Copyright (c) 2013 Matthew Seaman <matthew@FreeBSD.org>

 * Copyright (c) 2013-2017 Vsevolod Stakhov <vsevolod@FreeBSD.org>
@@ -181,6 +181,7 @@ struct pkg_repo_content {
	time_t mtime;

	int manifest_fd;

	size_t manifest_len;
+ 
	int data_fd;

};



struct pkg_repo_it;
@@ -308,6 +309,7 @@ struct pkg_repo_create {
	int ofd;

	const char *metafile;

	struct pkg_repo_meta *meta;
+ 
	ucl_object_t *groups;

	struct {

		char **argv;

		int argc;
@@ -647,6 +649,8 @@ int pkg_repo_mirror_package(struct pkg *pkg, const char *destdir);
int pkg_repo_fetch_remote_extract_fd(struct pkg_repo *repo, struct pkg_repo_content *);

int pkg_repo_meta_dump_fd(struct pkg_repo_meta *target, const int fd);

int pkg_repo_fetch_meta(struct pkg_repo *repo, time_t *t);
+ 
int pkg_repo_fetch_remote_extract_fd(struct pkg_repo *repo, struct pkg_repo_content *);
+ 
int pkg_repo_fetch_data_fd(struct pkg_repo *repo, struct pkg_repo_content *);



struct pkg_repo_meta *pkg_repo_meta_default(void);

int pkg_repo_meta_load(const int fd, struct pkg_repo_meta **target);
@@ -851,4 +855,6 @@ void append_touched_dir(const char *path);
void append_touched_file(const char *path);

bool stringlist_contains(stringlist_t *l, const char *name);
+ 
int pkg_parse_manifest_ucl(struct pkg *pkg, ucl_object_t *o);
+ 


#endif
modified libpkg/repo/binary/update.c
@@ -84,7 +84,7 @@ pkg_repo_binary_init_update(struct pkg_repo *repo, const char *name)


static int

pkg_repo_binary_delete_conflicting(const char *origin, const char *version,
- 
			 const char *pkg_path, bool forced)
+ 
    bool forced)

{

	int ret = EPKG_FATAL;

	const char *oversion;
@@ -98,8 +98,8 @@ pkg_repo_binary_delete_conflicting(const char *origin, const char *version,
		switch(pkg_version_cmp(oversion, version)) {

		case -1:

			pkg_emit_error("duplicate package origin: replacing older "
- 
					"version %s in repo with package %s for "
- 
					"origin %s", oversion, pkg_path, origin);
+ 
					"version %s in repo with package %s",
+ 
					oversion, origin);



			if (pkg_repo_binary_run_prstatement(DELETE, origin, origin) !=

							SQLITE_DONE)
@@ -111,8 +111,8 @@ pkg_repo_binary_delete_conflicting(const char *origin, const char *version,
		case 0:

		case 1:

			pkg_emit_error("duplicate package origin: package %s is not "
- 
					"newer than version %s already in repo for "
- 
					"origin %s", pkg_path, oversion, origin);
+ 
					"newer than version %s already in repo",
+ 
					origin, oversion);

			ret = EPKG_END;	/* keep what is already in the repo */

			break;

		}
@@ -130,8 +130,7 @@ cleanup:
}



static int
- 
pkg_repo_binary_add_pkg(struct pkg *pkg, const char *pkg_path,
- 
		sqlite3 *sqlite, bool forced)
+ 
pkg_repo_binary_add_pkg(struct pkg *pkg, sqlite3 *sqlite, bool forced)

{

	int			 ret;

	struct pkg_dep		*dep      = NULL;
@@ -151,7 +150,7 @@ try_again:
		if (ret == SQLITE_CONSTRAINT) {

			ERROR_SQLITE(sqlite, "grmbl");

			switch(pkg_repo_binary_delete_conflicting(pkg->origin,
- 
			    pkg->version, pkg_path, forced)) {
+ 
			    pkg->version, forced)) {

			case EPKG_FATAL: /* sqlite error */

				ERROR_SQLITE(sqlite, pkg_repo_binary_sql_prstatement(PKG));

				return (EPKG_FATAL);
@@ -362,8 +361,51 @@ pkg_repo_binary_register_conflicts(const char *origin, char **conflicts,
}



static int
+ 
pkg_repo_binary_add_from_ucl(sqlite3 *sqlite, ucl_object_t *o, struct pkg_repo *repo)
+ 
{
+ 
	int rc = EPKG_OK;
+ 
	struct pkg *pkg;
+ 
	const char *abi;
+
+ 
	rc = pkg_new(&pkg, PKG_REMOTE);
+ 
	if (rc != EPKG_OK)
+ 
		return (EPKG_FATAL);
+
+ 
	rc = pkg_parse_manifest_ucl(pkg, o);
+ 
	if (rc != EPKG_OK) {
+ 
		goto cleanup;
+ 
	}
+
+ 
	if (pkg->digest == NULL || !pkg_checksum_is_valid(pkg->digest, strlen(pkg->digest)))
+ 
		pkg_checksum_calculate(pkg, NULL, false, true, false);
+ 
	abi = pkg->abi != NULL ? pkg->abi : pkg->arch;
+ 
	if (abi == NULL || !is_valid_abi(abi, true)) {
+ 
		rc = EPKG_FATAL;
+ 
		pkg_emit_error("repository %s contains packages with wrong ABI: %s",
+ 
			repo->name, abi);
+ 
		goto cleanup;
+ 
	}
+ 
	if (!is_valid_os_version(pkg)) {
+ 
		rc = EPKG_FATAL;
+ 
		pkg_emit_error("repository %s contains packages for wrong OS "
+ 
		    "version: %s", repo->name, abi);
+ 
		goto cleanup;
+ 
	}
+
+ 
	free(pkg->reponame);
+ 
	pkg->reponame = xstrdup(repo->name);
+
+ 
	rc = pkg_repo_binary_add_pkg(pkg, sqlite, true);
+
+ 
cleanup:
+ 
	ucl_object_unref(o);
+ 
	pkg_free(pkg);
+
+ 
	return (rc);
+ 
}
+
+ 
static int

pkg_repo_binary_add_from_manifest(const char *buf, sqlite3 *sqlite, size_t len,
- 
		struct pkg **p __unused,

		struct pkg_repo *repo)

{

	int rc = EPKG_OK;
@@ -398,7 +440,7 @@ pkg_repo_binary_add_from_manifest(const char *buf, sqlite3 *sqlite, size_t len,
	free(pkg->reponame);

	pkg->reponame = xstrdup(repo->name);
- 
	rc = pkg_repo_binary_add_pkg(pkg, NULL, sqlite, true);
+ 
	rc = pkg_repo_binary_add_pkg(pkg, sqlite, true);



cleanup:

	pkg_free(pkg);
@@ -454,11 +496,11 @@ rollback_repo(void *data)
	snprintf(path, sizeof(path), "%s-journal", name);

	unlink(path);

}
+ 


static int

pkg_repo_binary_update_proceed(const char *name, struct pkg_repo *repo,

	time_t *mtime, bool force)

{
- 
	struct pkg *pkg = NULL;

	int rc = EPKG_FATAL, cancel = 0;

	sqlite3 *sqlite = NULL;

	int cnt = 0;
@@ -470,6 +512,7 @@ pkg_repo_binary_update_proceed(const char *name, struct pkg_repo *repo,
	size_t linecap = 0;

	ssize_t linelen, totallen = 0;

	struct pkg_repo_content prc;
+ 
	ucl_object_t *data;



	pkg_debug(1, "Pkgrepo, begin update of '%s'", name);
@@ -488,12 +531,32 @@ pkg_repo_binary_update_proceed(const char *name, struct pkg_repo *repo,
	prc.manifest_fd = -1;

	prc.mtime = *mtime;

	prc.manifest_len = 0;
+ 
	prc.data_fd = -1;
- 
	rc = pkg_repo_fetch_remote_extract_fd(repo, &prc);
- 
	if (rc != EPKG_OK)
+ 
	rc = pkg_repo_fetch_data_fd(repo, &prc);
+ 
	if (rc == EPKG_UPTODATE)

		goto cleanup;
- 
	f = fdopen(prc.manifest_fd, "r");
- 
	rewind(f);
+
+ 
	if (rc == EPKG_OK) {
+ 
		struct ucl_parser *p = ucl_parser_new(0);
+ 
		if (!ucl_parser_add_fd(p, prc.data_fd)) {
+ 
			pkg_emit_error("Error parsing data file: %s'",
+ 
			    ucl_parser_get_error(p));
+ 
			ucl_parser_free(p);
+ 
			close(prc.data_fd);
+ 
			goto cleanup;
+ 
		}
+ 
		data = ucl_parser_get_object(p);
+ 
		ucl_parser_free(p);
+ 
		close(prc.data_fd);
+ 
		/* XXX TODO check against a schema */
+ 
	} else {
+ 
		rc = pkg_repo_fetch_remote_extract_fd(repo, &prc);
+ 
		if (rc != EPKG_OK)
+ 
			goto cleanup;
+ 
		f = fdopen(prc.manifest_fd, "r");
+ 
		rewind(f);
+ 
	}



	*mtime = prc.mtime;

	/*fconflicts = repo_fetch_remote_extract_tmp(repo,
@@ -513,7 +576,7 @@ pkg_repo_binary_update_proceed(const char *name, struct pkg_repo *repo,
	/* Here sqlite is initialized */

	sqlite = PRIV_GET(repo);
- 
	pkg_debug(1, "Pkgrepo, reading new %s for '%s'", repo->meta->manifests, name);
+ 
	pkg_debug(1, "Pkgrepo, reading new metadata");



	pkg_emit_incremental_update_begin(repo->name);

	pkg_emit_progress_start("Processing entries");
@@ -530,17 +593,33 @@ pkg_repo_binary_update_proceed(const char *name, struct pkg_repo *repo,
		goto cleanup;



	in_trans = true;
- 
	while ((linelen = getline(&line, &linecap, f)) > 0) {
- 
		cnt++;
- 
		totallen += linelen;
- 
		if ((cnt % 10 ) == 0)
- 
			cancel = pkg_emit_progress_tick(totallen, prc.manifest_len);
- 
		rc = pkg_repo_binary_add_from_manifest(line, sqlite, linelen,
- 
		    &pkg, repo);
- 
		if (rc != EPKG_OK || cancel != 0)
- 
			break;
+ 
	if (f != NULL) {
+ 
		while ((linelen = getline(&line, &linecap, f)) > 0) {
+ 
			cnt++;
+ 
			totallen += linelen;
+ 
			if ((cnt % 10 ) == 0)
+ 
				cancel = pkg_emit_progress_tick(totallen, prc.manifest_len);
+ 
			rc = pkg_repo_binary_add_from_manifest(line, sqlite,
+ 
			    linelen, repo);
+ 
			if (rc != EPKG_OK || cancel != 0)
+ 
				break;
+ 
		}
+ 
		pkg_emit_progress_tick(prc.manifest_len, prc.manifest_len);
+ 
	}
+ 
	if (data != NULL) {
+ 
		ucl_object_t *pkgs = ucl_object_ref(ucl_object_find_key(data, "packages"));
+ 
		int nbel = ucl_array_size(pkgs);
+ 
		while (cnt < nbel) {
+ 
			ucl_object_t *o = ucl_array_pop_first(pkgs);
+ 
			cnt++;
+ 
			if ((cnt % 10 ) == 0)
+ 
				cancel = pkg_emit_progress_tick(nbel, cnt);
+ 
			rc = pkg_repo_binary_add_from_ucl(sqlite, o, repo);
+ 
			if (rc != EPKG_OK || cancel != 0)
+ 
				break;
+ 
		}
+ 
		pkg_emit_progress_tick(nbel, cnt);

	}
- 
	pkg_emit_progress_tick(prc.manifest_len, prc.manifest_len);



	if (rc == EPKG_OK)

		pkg_emit_incremental_update(repo->name, cnt);
@@ -574,7 +653,6 @@ cleanup:
		free(path);

	}

	pkg_unregister_cleanup_callback(rollback_repo, (void *)name);
- 
	pkg_free(pkg);

	free(line);

	if (f != NULL)

		fclose(f);
modified libpkg/triggers.c
@@ -68,16 +68,28 @@ trigger_open_schema(void)
		"  properties {"

		"    description: { type = string };"

		"    path: { "
- 
		"      type = array; "
- 
		"      item = { type = string };"
+ 
		"      anyOf = [{"
+ 
		"        type = array; "
+ 
		"        item = { type = string };"
+ 
		"      }, {"
+ 
		"        type = string;"
+ 
		"      }]"

		"    };"

		"    path_glob: { "
- 
		"      type = array; "
- 
		"      item = { type = string };"
+ 
		"      anyOf = [{"
+ 
		"        type = array; "
+ 
		"        item = { type = string };"
+ 
		"      }, {"
+ 
		"        type = string;"
+ 
		"      }]"

		"    };"

		"    path_regexp: { "
- 
		"      type = array; "
- 
		"      item = { type = string };"
+ 
		"      anyOf = [{"
+ 
		"        type = array; "
+ 
		"        item = { type = string };"
+ 
		"      }, {"
+ 
		"        type = string;"
+ 
		"      }]"

		"    };"

		"    cleanup = { "

		"      type = object; "
@@ -104,7 +116,7 @@ trigger_open_schema(void)
		"      required = [ type, script ];"

		"    };"

		"  }\n"
- 
		"  required = [ description, trigger ];"
+ 
		"  required = [ trigger ];"

		"}";



	parser = ucl_parser_new(UCL_PARSER_NO_FILEVARS);
@@ -134,7 +146,6 @@ trigger_load(int dfd, const char *name, bool cleanup_only, ucl_object_t *schema)
	fd = openat(dfd, name, O_RDONLY);

	if (fd == -1) {

		pkg_emit_error("Unable to open the tigger: %s", name);
- 
		pkg_emit_errno("plop", name);

		return (NULL);

	}
@@ -153,7 +164,7 @@ trigger_load(int dfd, const char *name, bool cleanup_only, ucl_object_t *schema)
	if (obj == NULL)

		return (NULL);
- 
	if (!ucl_object_validate(obj, schema, &err)) {
+ 
	if (!ucl_object_validate(schema, obj, &err)) {

		pkg_emit_error("trigger definition %s cannot be validated: %s", name, err.msg);

		ucl_object_unref(obj);

		return (NULL);
modified src/add.c
@@ -29,7 +29,6 @@


#include <err.h>

#include <errno.h>
- 
#include <libgen.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>
modified src/alias.c
@@ -27,8 +27,6 @@
#include <sys/param.h>



#include <err.h>
- 
#include <errno.h>
- 
#include <libgen.h>

#include <stdio.h>

#include <string.h>

#include <unistd.h>
modified src/repo.c
@@ -1,6 +1,5 @@
/*-
- 
 * Copyright (c) 2011-2012 Baptiste Daroussin <bapt@FreeBSD.org>
- 
 * All rights reserved.
+ 
 * Copyright (c) 2011-2024 Baptiste Daroussin <bapt@FreeBSD.org>

 * 

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions
@@ -50,7 +49,7 @@
void

usage_repo(void)

{
- 
	fprintf(stderr, "Usage: pkg repo [-lqL] [-o output-dir] <repo-path> "
+ 
	fprintf(stderr, "Usage: pkg repo [-hlqs] [-m metafile] [-o output-dir] <repo-path> "

	    "[rsa:<rsa-key>|signing_command: <the command>]\n\n");

	fprintf(stderr, "For more information see 'pkg help repo'.\n");

}
@@ -99,6 +98,7 @@ exec_repo(int argc, char **argv)
	hash_symlink = (getenv("PKG_REPO_SYMLINK") != NULL);



	struct option longopts[] = {
+ 
		{ "groups",	required_argument,	NULL,	'g' },

		{ "hash",	no_argument,		NULL,	'h' },

		{ "list-files", no_argument,		NULL,	'l' },

		{ "meta-file",	required_argument,	NULL,	'm' },
@@ -108,8 +108,11 @@ exec_repo(int argc, char **argv)
		{ NULL,		0,			NULL,	0   },

	};
- 
	while ((ch = getopt_long(argc, argv, "+hlo:qm:s", longopts, NULL)) != -1) {
+ 
	while ((ch = getopt_long(argc, argv, "+hg:lo:qm:s", longopts, NULL)) != -1) {

		switch (ch) {
+ 
		case 'g':
+ 
			pkg_repo_create_set_groups(prc, optarg);
+ 
			break;

		case 'h':

			hash = true;

			break;
modified src/upgrade.c
@@ -105,20 +105,12 @@ check_vulnerable(struct pkg_audit *audit, struct pkgdb *db, int sock)
	pkgdb_it_free(it);

	pkgdb_close(db);
- 
	if (check == NULL) {
- 
		pkg_audit_free(audit);
- 
		pkghash_destroy(check);
- 
		fclose(out);
- 
		return;
- 
	}
-
+ 
	if (check == NULL)
+ 
	        goto out_cleanup;



	if (pkg_audit_load(audit, NULL) != EPKG_OK) {

		warn("unable to open vulnxml file");
- 
		fclose(out);
- 
		pkg_audit_free(audit);
- 
		pkghash_destroy(check);
- 
		return;
+ 
	        goto out_cleanup;

	}



	pkg_drop_privileges();
@@ -127,10 +119,7 @@ check_vulnerable(struct pkg_audit *audit, struct pkgdb *db, int sock)
#ifndef PKG_COVERAGE

	if (cap_enter() < 0 && errno != ENOSYS) {

		warn("cap_enter() failed");
- 
		pkg_audit_free(audit);
- 
		pkghash_destroy(check);
- 
		fclose(out);
- 
		return;
+ 
		goto out_cleanup;

	}

#endif

#endif
@@ -155,6 +144,7 @@ check_vulnerable(struct pkg_audit *audit, struct pkgdb *db, int sock)
		warnx("cannot process vulnxml");

	}
+ 
out_cleanup:

	pkg_audit_free(audit);

	pkghash_destroy(check);

	fclose(out);
@@ -233,12 +223,8 @@ add_vulnerable_upgrades(struct pkg_jobs *jobs, struct pkgdb *db)
	fclose(in);



	while (waitpid(cld, &retcode, 0) == -1) {
- 
		if (errno == EINTR) {
- 
			continue;
- 
		}
- 
		else {
+ 
		if (errno != EINTR) {

			warnx("Cannot wait");
- 


			return (EPKG_FATAL);

		}

	}
modified src/version.c
@@ -143,8 +143,7 @@ print_version(struct pkg *pkg, const char *source, const char *ver,
		}

	}
- 
	printf("\n");
- 
	return;
+ 
	putchar('\n');

}



static int
modified tests/frontend/conflicts-multirepo.sh
@@ -146,12 +146,12 @@ EOF


OUTPUT="Updating local1 repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local1 repository update completed. 2 packages processed.

Updating local2 repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local2 repository update completed. 2 packages processed.

All repositories are up to date.
modified tests/frontend/conflicts.sh
@@ -434,7 +434,7 @@ EOF


OUTPUT="Updating local repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local repository update completed. 1 packages processed.

All repositories are up to date.
modified tests/frontend/formula.sh
@@ -57,7 +57,7 @@ EOF


	OUTPUT="Updating local1 repository catalogue...

${JAILED}meta.conf                                 :  done
- 
${JAILED}packagesite.pkg                           :  done
+ 
${JAILED}data.pkg                           :  done

Processing entries:  done

local1 repository update completed. 2 packages processed.

All repositories are up to date.
modified tests/frontend/issue1425.sh
@@ -153,12 +153,12 @@ EOF


OUTPUT_CASE1="Updating repoA repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

repoA repository update completed. 4 packages processed.

Updating repoB repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

repoB repository update completed. 4 packages processed.

All repositories are up to date.
modified tests/frontend/issue1440.sh
@@ -188,12 +188,12 @@ EOF


OUTPUT_CASE1="Updating repoA repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

repoA repository update completed. 4 packages processed.

Updating repoB repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

repoB repository update completed. 4 packages processed.

All repositories are up to date.
modified tests/frontend/php-pr.sh
@@ -241,7 +241,7 @@ php53-gd-5.3.27


OUTPUT="Updating local repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local repository update completed. 4 packages processed.

All repositories are up to date.
modified tests/frontend/requires.sh
@@ -41,7 +41,7 @@ EOF


	OUTPUT="Updating local1 repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local1 repository update completed. 2 packages processed.

All repositories are up to date.
@@ -105,7 +105,7 @@ EOF


	OUTPUT="Updating local1 repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local1 repository update completed. 2 packages processed.

All repositories are up to date.
modified tests/frontend/rubypuppet.sh
@@ -228,7 +228,7 @@ EOF


	OUTPUT="Updating local repository catalogue...

${JAILED}Fetching meta.conf:  done
- 
${JAILED}Fetching packagesite.pkg:  done
+ 
${JAILED}Fetching data.pkg:  done

Processing entries:  done

local repository update completed. 5 packages processed.

All repositories are up to date.