| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Avoid division by zero in the rare case that portsnap needs to fetch
zero patches. (This avoids two "dc: divide by zero" warnings.)
|
|
|
|
|
|
|
|
| |
This change is equivalent to the approach committed in r306417, but if
sed has a bug it could be exploited by the untrusted tar file. Instead,
generate the expected tar content and compare that with find's output.
Submitted by: cperciva (in review D8052)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously it was possible to smuggle in addional files that would
be used by later portsnap runs. Now we only move those files expected
to be in the snapshot into files/ and require that there are no
unexpected files.
This was used by portsnap attacks 2, 3, and 4 in the "non-cryptanalytic
attacks against FreeBSD update components" anonymous gist.
Approved by: re (gjb)
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that we always open only files that is named by explicitly
using shell redirections instead of having gzip(1) to decide what
file to open.
Issue reported in the "non-cryptanalytic attacks against freebsd
update components" anonymous gist.
Reviewed by: allanjude, emaste
|
| |
|
|
|
|
|
|
|
|
|
| |
PR: 202971
Submitted by: adamw@FreeBSD.org
Reviewed by: bdrewery@
Approved by: wblock@
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D5429
|
|
|
|
|
| |
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
|
| | |
|
| |\
| |/
|/| |
|
| |\ |
|
| | | |
|
| | | |
|
| |\ \ |
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \ |
|
| | \ \ \ \ | |
| | \ \ \ \ | |
| |\ \ \ \ \ \ |
|
| | |/ / / / /
| |/| | | | |
| | | | | | |
| | | | | | | |
Requested by: Simon Gerraty <sjg@juniper.net>
|
| |_|_|_|_|/
|/| | | | |
| | | | | |
| | | | | | |
MFC after: 1 month
|
| |_|_|_|/
|/| | | |
| | | | |
| | | | |
| | | | | |
PR: 191174
Submitted by: Franco Fichtner <franco@lastsummer.de>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
PR: bin/186510
Submitted by: olli
MFC after: 2 weeks
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
have zero length. Filesystem corruption will tend to truncate files, and
since these are short that's likely to result in them becoming empty.
Suggested by: Richard Clayton
Convinced by: rwatson
MFC after: 3 weeks
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
for "portsnap alfred" for now.
Discussed: many times, most recently on svn-src-all
MFC after: 1 week
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
them changed (or was removed from the tree) then portsnap would delete
that file. This happened earlier today when one of two empty port
directories was removed. Uniquifying the lists of needed files fixes
this.
9.2-RELEASE candidate.
MFC after: 3 days
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
portsnap.
Discussed with: alfred
Reviewed by: cperciva
|
| | | | |
|
| |_|/
|/| | |
|
| |/
|/|
| |
| |
| | |
Use a percent style indicator instead of emitting one
long line of patch numbers.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
errors later on.
PR: bin/172715
Submitted by: Matthew D.Fuller <fullermd@over-yonder.net> (older
version)
Submitted by: dteske
Approved by: cperciva
MFC after: 1 week
|
| | |
|
| |
| |
| |
| |
| | |
Spotted by: Ruslan Mahmatkhanov
Approved by: gabor (mentor, implicit)
|
| |
| |
| |
| |
| |
| |
| | |
PR: docs/171759
Submitted by: Paul Hoffman (phoffman at proper dot com)
Approved by: cperciva, gabor (mentor)
MFC after: 3 days
|
|/
|
|
|
|
|
|
| |
a terminal.
Submitted by: Hannes h2+fbsdports@fsfe.org
Approved by: cperciva
MFC after: 1 week
|
|
|
|
|
|
|
|
| |
for update.
PR: bin/152856
Approved by: cperciva
MFC after: 3 days
|
|
|
|
| |
Pointed out by: gcooper
|
|
|
|
|
|
|
|
| |
handle splitting input files on a '|'. This greatly
reduces the time taken to process several databases
during the update process.
Additionally add some more debug logging.
|
|
|
|
|
|
|
| |
Also add some quotes around command substitution where useful and possible.
Reviewed by: cperciva
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is done to speed up extraction significantly (both for portsnap
extract and update) in the case of slow NSS modules (like nss_ldap) as
it avoids having to look up uid and gid for root / wheel.
The reason this is a bigger problem for portsnap than for many other
system operations, is that portsnap executes tar(1) once for each port
so the internal uid/gid caching in tar(1) only helps a bit, resulting
in many user lookup calls.
Discussed with: cperciva
|
|
|
|
| |
They have no effect when coming in pairs, or before .Bl/.Bd
|
|
|
|
|
|
| |
translating these manual pages. Minor corrections by me.
Submitted by: Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
|
| |
|
|
|
|
|
|
|
|
| |
based on whether fd 0 is a terminal, and then runs (extract|update)
based on whether ${PORTSDIR} exists.
Requested by: alfred
MFC after: 1 month
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(1) phttpget is attempting to download enough files that it can't send
all the requests at once, and
(2) the remote server forcibly closes the connection, resulting in RST
packets being sent,
phttpget will receive a SIGPIPE and terminate without downloading all
of the files.
This is probably responsible for a number of hard-to-reproduce errors
with portsnap and freebsd-update.
MFC after: 3 days
|
|
|
|
|
|
| |
PR: docs/127401
Submitted by: Mick Charles Beaver <mick@cs.wisc.edu>
MFC after: 1 week
|
|
|
|
|
| |
Requested by: brooks
Reminded by: brooks, about halfway through his BSDCan talk
|
|
|
|
|
|
|
|
| |
comparisons for header keywords. Apparently some proxies use creative
capitalization.
Weird proxy found by: brooks
MFC after: 3 days
|
|
|
|
|
|
|
|
| |
paragraph clarifying that portsnap does not behave the same way as
cvs and cvsup where local modifications are concerned.
Submitted by: peter
Feet shot: peter, kris, obrien, + many others
|