pkg_install-20100421:

Fix an off-by-one in the check for properly sized pkgdb entries.
It rejected perfectly valid entries.

Extract dependencies of libarchive from the pkgconfig file and thereby
drop knowledge of the needed libraries.

At least some versions of HP-UX are known to not support %zu, add a
workaround. This is using the black list approach for now.

Recognize xz as compression type for pkg_create.

The first time an error is hit while fetching packages, try to reget
from the same position. This works around the server closing the
connection while fetching dependencies.

Try to detect common forms of pkgdb corruption and issue a warning in
that case.

Refactor the pkg_vulnerabilities logic to use the compression support
from libarchive. This reduces the amount zlib/bzip2 interaction to
the linkage.

Add man pages for audit-packages and download-vulnerability-list which
point to pkg_admin and notes that the scripts are obsolete.

external/bsd/pkg_install/dist/add/perform.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: perform.c,v 1.1.1.15 2010/02/20 04:41:52 joerg Exp $	*/
+/*	$NetBSD: perform.c,v 1.1.1.16 2010/04/23 20:54:06 joerg Exp $	*/
 #if HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -6,7 +6,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: perform.c,v 1.1.1.15 2010/02/20 04:41:52 joerg Exp $");
+__RCSID("$NetBSD: perform.c,v 1.1.1.16 2010/04/23 20:54:06 joerg Exp $");
 
 /*-
  * Copyright (c) 2003 Grant Beattie <grant@NetBSD.org>
@@ -1280,7 +1280,7 @@ check_vulnerable(struct pkg_task *pkg)
 	}
 
 	if (pv == NULL) {
-		pv = read_pkg_vulnerabilities(pkg_vulnerabilities_file,
+		pv = read_pkg_vulnerabilities_file(pkg_vulnerabilities_file,
 		    require_check, 0);
 		if (pv == NULL)
 			return require_check;

external/bsd/pkg_install/dist/admin/audit-packages.8

@@ -0,0 +1,66 @@
+.\" $NetBSD: audit-packages.8,v 1.1.1.1 2010/04/23 20:54:06 joerg Exp $
+.\"
+.\" Copyright (c) 2010 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Thomas Klausner.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd March 18, 2010
+.Dt AUDIT-PACKAGES 8
+.Os
+.Sh NAME
+.Nm audit-packages
+.Nd report vulnerabilities for the installed packages
+.Sh SYNOPSIS
+.Nm
+.Op Fl deqsVv
+.Op Fl c Ar config_file
+.Op Fl F Ar file
+.Op Fl g Ar file
+.Op Fl h Ar file
+.Op Fl K Ar pkg_dbdir
+.Op Fl n Ar package
+.Op Fl p Ar package
+.Op Fl Q Ar varname
+.Op Fl t Ar type
+.Sh DESCRIPTION
+.Nm
+is deprecated.
+Please use the
+.Cm audit ,
+.Cm audit-pkg ,
+.Cm audit-batch ,
+and
+.Cm fetch-pkg-vulnerabilities
+commands of
+.Xr pkg_admin 1
+instead.
+.Pp
+The
+.Nm
+script is installed for backwards compatibility only and will
+eventually be removed.
+.Sh SEE ALSO
+.Xr pkg_admin 1

external/bsd/pkg_install/dist/admin/audit.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: audit.c,v 1.1.1.6 2009/08/06 16:55:19 joerg Exp $	*/
+/*	$NetBSD: audit.c,v 1.1.1.7 2010/04/23 20:54:06 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,7 +7,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: audit.c,v 1.1.1.6 2009/08/06 16:55:19 joerg Exp $");
+__RCSID("$NetBSD: audit.c,v 1.1.1.7 2010/04/23 20:54:06 joerg Exp $");
 
 /*-
  * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -209,7 +209,7 @@ check_and_read_pkg_vulnerabilities(void)
 			    (long)(now / 86400), now / 86400 == 1 ? "" : "s");
 	}
 
-	pv = read_pkg_vulnerabilities(pkg_vulnerabilities_file, 0, check_signature);
+	pv = read_pkg_vulnerabilities_file(pkg_vulnerabilities_file, 0, check_signature);
 }
 
 void
@@ -282,7 +282,7 @@ check_pkg_vulnerabilities(int argc, char **argv)
 	if (argc != optind + 1)
 		usage();
 
-	pv = read_pkg_vulnerabilities(argv[optind], 0, check_signature);
+	pv = read_pkg_vulnerabilities_file(argv[optind], 0, check_signature);
 	free_pkg_vulnerabilities(pv);
 }
 
@@ -290,8 +290,8 @@ void
 fetch_pkg_vulnerabilities(int argc, char **argv)
 {
 	struct pkg_vulnerabilities *pv_check;
-	char *buf, *decompressed_input;
-	size_t buf_len, buf_fetched, decompressed_len;
+	char *buf;
+	size_t buf_len, buf_fetched;
 	ssize_t cur_fetched;
 	struct url *url;
 	struct url_stat st;
@@ -363,15 +363,7 @@ fetch_pkg_vulnerabilities(int argc, char **argv)
 	
 	buf[buf_len] = '\0';
 
-	if (decompress_buffer(buf, buf_len, &decompressed_input,
-	    &decompressed_len)) {
-		pv_check = parse_pkg_vulnerabilities(decompressed_input,
-		    decompressed_len, check_signature);
-		free(decompressed_input);
-	} else {
-		pv_check = parse_pkg_vulnerabilities(buf, buf_len,
-		    check_signature);
-	}
+	pv_check = read_pkg_vulnerabilities_memory(buf, buf_len, check_signature);
 	free_pkg_vulnerabilities(pv_check);
 
 	fd = open(pkg_vulnerabilities_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);

external/bsd/pkg_install/dist/admin/download-vulnerability-list.8

@@ -0,0 +1,54 @@
+.\" $NetBSD: download-vulnerability-list.8,v 1.1.1.1 2010/04/23 20:54:06 joerg Exp $
+.\"
+.\" Copyright (c) 2010 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Thomas Klausner.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd March 18, 2010
+.Dt DOWNLOAD-VULNERABILITY-LIST 8
+.Os
+.Sh NAME
+.Nm download-vulnerability-list
+.Nd download vulnerability list used for checking installed packages
+.Sh SYNOPSIS
+.Nm
+.Op Fl hs
+.Op Fl c Ar config_file
+.Sh DESCRIPTION
+.Nm
+is deprecated.
+Please use the
+.Cm fetch-pkg-vulnerabilities
+command of
+.Xr pkg_admin 1
+instead.
+.Pp
+The
+.Nm
+script is installed for backwards compatibility only and will
+eventually be removed.
+.Sh SEE ALSO
+.Xr pkg_admin 1

external/bsd/pkg_install/dist/admin/download-vulnerability-list.sh.in

@@ -3,7 +3,7 @@
 pkg_admin=@PKG_ADMIN@
 
 usage() {
-	echo 'Usage: download-vulnerability-list -hs [-c config_file]' >& $2
+	echo 'Usage: download-vulnerability-list [-hs] [-c config_file]' >& $2
 	echo "Please use \`\`pkg_admin fetch-pkg-vulnerabilities'' instead." >& $2
 	exit $1
 }

external/bsd/pkg_install/dist/admin/main.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: main.c,v 1.1.1.14 2010/02/20 04:41:53 joerg Exp $	*/
+/*	$NetBSD: main.c,v 1.1.1.15 2010/04/23 20:54:07 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,7 +7,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: main.c,v 1.1.1.14 2010/02/20 04:41:53 joerg Exp $");
+__RCSID("$NetBSD: main.c,v 1.1.1.15 2010/04/23 20:54:07 joerg Exp $");
 
 /*-
  * Copyright (c) 1999-2009 The NetBSD Foundation, Inc.
@@ -248,8 +248,8 @@ rebuild(void)
 	iterate_pkg_db(add_pkg, &count);
 
 	printf("\n");
-	printf("Stored %zu file%s and %zu explicit director%s"
-	    " from %zu package%s in %s.\n",
+	printf("Stored %" PRIzu " file%s and %zu explicit director%s"
+	    " from %"PRIzu " package%s in %s.\n",
 	    count.files, count.files == 1 ? "" : "s",
 	    count.directories, count.directories == 1 ? "y" : "ies",
 	    count.packages, count.packages == 1 ? "" : "s",

external/bsd/pkg_install/dist/create/build.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: build.c,v 1.1.1.7 2009/11/05 18:39:02 joerg Exp $	*/
+/*	$NetBSD: build.c,v 1.1.1.8 2010/04/23 20:54:07 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,7 +7,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: build.c,v 1.1.1.7 2009/11/05 18:39:02 joerg Exp $");
+__RCSID("$NetBSD: build.c,v 1.1.1.8 2010/04/23 20:54:07 joerg Exp $");
 
 /*-
  * Copyright (c) 2007 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -254,6 +254,8 @@ make_dist(const char *pkg, const char *suffix, const package_t *plist)
 		archive_write_set_compression_bzip2(archive);
 	else if (strcmp(CompressionType, "gzip") == 0)
 		archive_write_set_compression_gzip(archive);
+	else if (strcmp(CompressionType, "xz") == 0)
+		archive_write_set_compression_xz(archive);
 	else if (strcmp(CompressionType, "none") == 0)
 		archive_write_set_compression_none(archive);
 	else

external/bsd/pkg_install/dist/create/pkg_create.1

@@ -1,4 +1,4 @@
-.\" $NetBSD: pkg_create.1,v 1.1.1.7 2010/01/30 21:33:32 joerg Exp $
+.\" $NetBSD: pkg_create.1,v 1.1.1.8 2010/04/23 20:54:08 joerg Exp $
 .\"
 .\" FreeBSD install - a package for the installation and maintenance
 .\" of non-core utilities.
@@ -166,7 +166,7 @@ Use
 as compression algorithm.
 This overrides the heuristic to guess the compression type from the
 output name.
-Currently supported values are bzip2, gzip and none.
+Currently supported values are bzip2, gzip, none and xz.
 .It Fl f Ar packlist
 Fetch
 .Pq packing list

external/bsd/pkg_install/dist/delete/pkg_delete.1

@@ -1,4 +1,4 @@
-.\" $NetBSD: pkg_delete.1,v 1.1.1.7 2010/01/30 21:33:36 joerg Exp $
+.\" $NetBSD: pkg_delete.1,v 1.1.1.8 2010/04/23 20:54:08 joerg Exp $
 .\"
 .\" FreeBSD install - a package for the installation and maintenance
 .\" of non-core utilities.
@@ -26,13 +26,9 @@
 .Sh SYNOPSIS
 .Nm
 .Op Fl ADFfkNnORrVv
-.Bk -words
 .Op Fl K Ar pkg_dbdir
-.Ek
-.Bk -words
 .Op Fl P Ar destdir
 .Op Fl p Ar prefix
-.Ek
 .Ar pkg-name ...
 .Sh DESCRIPTION
 The
@@ -41,8 +37,8 @@ command is used to delete packages that have been previously installed
 with the
 .Xr pkg_add 1
 command.
-The given packages are sorted, so that the dependencies of a package
-are deleted after the package.
+The given packages are sorted, so that the dependencies needed by a
+package are deleted after the package.
 Before any action is executed,
 .Nm
 checks for packages that are marked as
@@ -50,8 +46,7 @@ checks for packages that are marked as
 or have depending packages left.
 If the
 .Fl k
-flag is given, preserved packages are removed from the list of packages
-to remove.
+flag is given, preserved packages are skipped and not removed.
 Unless the
 .Fl f
 flag is given,
@@ -102,26 +97,31 @@ will be removed.
 If the
 .Fl F
 flag is given, one or more (absolute) filenames may be specified and
-the Package Database will be consulted for the package to which the
+the package database will be consulted for the package to which the
 given file belongs.
 These packages are then deinstalled.
 .It Fl A
 Recursively remove all automatically installed packages that were needed
 by the given packages and are no longer required.
-See also the
+Does not remove manually installed packages; see also the
 .Fl R
 flag.
 .It Fl D
 If a deinstallation script exists for a given package, do not execute it.
 .It Fl F
-Any pkg-name given will be interpreted as pathname which is
-subsequently transformed in a (real) package name via the Package
-Database.
+Any
+.Ar pkg-name
+given will be interpreted as pathname which is
+subsequently transformed in a (real) package name via the package
+database.
 That way, packages can be deleted by giving a filename
 instead of the package-name.
 .It Fl f
 Force removal of the package, even if a dependency is recorded or the
 deinstall script fails.
+This might break the package database; see
+.Xr pkg_admin 1
+on how to repair it.
 .It Fl ff
 Force removal of the package, even if the package is marked as a
 .Cm preserved
@@ -141,18 +141,21 @@ Silently skip all packages that are marked as
 .It Fl N
 Remove the package's registration and its entries from the package database,
 but leave the files installed.
-Don't run any deinstall scripts or @unexec lines either.
+Don't run any deinstall scripts or
+.Cm @unexec
+lines either.
 .It Fl n
 Don't actually deinstall a package, just report the steps that
-would be taken if it were.
+would be taken.
 .It Fl O
-Only delete the package's entries from the package database, do not
+Only delete the package's entries from the package database; do not
 touch the package or its files itself.
-.It Fl p Ar destdir
+.It Fl P Ar destdir
 Prefix all file and directory names with
 .Ar destdir .
 For packages without install scripts this has the same behavior as
-using chroot.
+using
+.Xr chroot 8 .
 .It Fl p Ar prefix
 Set
 .Ar prefix
@@ -163,7 +166,7 @@ be set automatically to the installed location by
 .Xr pkg_add 1 .
 .It Fl R
 Recursively remove all packages that were needed by the given packages
-and that have no other dependencies left.
+and are no longer required.
 This option overrides the
 .Fl A
 flag.
@@ -198,8 +201,9 @@ option is given).
 If a filename is given instead of a package name, the package of which
 the given file belongs to can be deleted if the
 .Fl F
-Flag is given.
-The filename needs to be absolute, see the output produced by the pkg_info
+flag is given.
+The filename needs to be absolute, see the output produced by the
+.Xr pkg_info 1
 .Fl aF
 command.
 .Pp
@@ -234,7 +238,7 @@ before deleting all files and as:
 after deleting them.
 Passing the keywords
 .Ar VIEW-DEINSTALL ,
-.Ar DEINSTALL
+.Ar DEINSTALL ,
 and
 .Ar POST-DEINSTALL
 lets you potentially write only one program/script that handles all

external/bsd/pkg_install/dist/info/pkg_info.1

@@ -1,4 +1,4 @@
-.\" $NetBSD: pkg_info.1,v 1.1.1.4 2010/01/30 21:33:41 joerg Exp $
+.\" $NetBSD: pkg_info.1,v 1.1.1.5 2010/04/23 20:54:09 joerg Exp $
 .\"
 .\" FreeBSD install - a package for the installation and maintenance
 .\" of non-core utilities.
@@ -17,7 +17,7 @@
 .\"
 .\"     @(#)pkg_info.1
 .\"
-.Dd January 22, 2010
+.Dd February 27, 2010
 .Dt PKG_INFO 1
 .Os
 .Sh NAME
@@ -25,7 +25,7 @@
 .Nd a utility for displaying information on software packages
 .Sh SYNOPSIS
 .Nm
-.Op Fl BbcDdFfhIikLmNnpqrRSsVvX
+.Op Fl BbcDdFfhIikLmNnpqRrSsVvX
 .Op Fl e Ar package
 .Op Fl E Ar package
 .Op Fl K Ar pkg_dbdir
@@ -117,7 +117,7 @@ can contain wildcards (see the
 section below).
 .It Fl F
 Interpret any pkg-name given as filename, and translate it to a
-package name using the Package Database.
+package name using the package database.
 This can be used to query information on a per-file basis, e.g. in
 conjunction with the
 .Fl e
@@ -207,7 +207,7 @@ in
 .Pp
 A filename can be given instead of a (installed) package name to query
 information on the package this file belongs to.
-This filename is then resolved to a package name using the Package Database.
+This filename is then resolved to a package name using the package database.
 For this translation to take place, the
 .Fl F
 flag must be given.
@@ -289,7 +289,9 @@ The magic string
 .Dq pl
 equates to a
 .Pa patch level
-and has the same value as a dot in the dewey-decimal ordering schemes.
+and has the same value as a dot in the dewey-decimal ordering schemes,
+as does the underscore
+.Sq _ .
 .Sh ENVIRONMENT
 See
 .Xr pkg_install.conf 5

external/bsd/pkg_install/dist/lib/config.h.in

@@ -105,6 +105,9 @@
 /* Define to 1 if you have the <vis.h> header file. */
 #undef HAVE_VIS_H
 
+/* Define to 1 if the `z' modifider for printf is missing. */
+#undef MISSING_SIZE_T_SUPPORT
+
 /* Defined when PRIu64 is missing or broken */
 #undef NEED_PRI_MACRO
 
@@ -138,6 +141,9 @@
 /* The size of `long long', as computed by sizeof. */
 #undef SIZEOF_LONG_LONG
 
+/* The size of `size_t', as computed by sizeof. */
+#undef SIZEOF_SIZE_T
+
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 
@@ -176,3 +182,15 @@
 # define vfork fork
 #endif
 
+#ifndef MISSING_SIZE_T_SUPPORT
+#  define PRIzu "zu"
+#elif SIZEOF_SIZE_T == SIZEOF_INT
+#  define PRIzu "u"
+#elif SIZEOF_SIZE_T == SIZEOF_LONG
+#  define PRIzu "lu"
+#elif SIZEOF_SIZE_T == SIZEOF_LONG_LONG
+#  define PRIzu "llu"
+#else
+#  errror "Unknown size_t size"
+#endif
+

external/bsd/pkg_install/dist/lib/license.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: license.c,v 1.1.1.7 2010/01/30 21:33:49 joerg Exp $	*/
+/*	$NetBSD: license.c,v 1.1.1.8 2010/04/23 20:54:10 joerg Exp $	*/
 
 /*-
  * Copyright (c) 2009 Joerg Sonnenberger <joerg@NetBSD.org>.
@@ -162,7 +162,7 @@ acceptable_license(const char *license)
 
 	len = strlen(license);
 	if (strspn(license, license_chars) != len) {
-		warnx("Invalid character in license name at position %zu", len);
+		warnx("Invalid character in license name at position %" PRIzu, len);
 		return -1;
 	}
 
@@ -204,7 +204,7 @@ acceptable_pkg_license_internal(const char **licensep, int toplevel, const char
 		} else {
 			len = strspn(license, license_chars);
 			if (len == 0) {
-				warnx("Invalid character in license name at position %zu", license - start + 1);
+				warnx("Invalid character in license name at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 
@@ -219,7 +219,7 @@ acceptable_pkg_license_internal(const char **licensep, int toplevel, const char
 
 			len = strspn(license, license_spaces);
 			if (len == 0 && *license && *license  != ')') {
-				warnx("Missing space at position %zu", license - start + 1);
+				warnx("Missing space at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 			license += len;
@@ -227,7 +227,7 @@ acceptable_pkg_license_internal(const char **licensep, int toplevel, const char
 
 		if (*license == ')') {
 			if (!need_parenthesis) {
-				warnx("Missing open parenthesis at position %zu", license - start + 1);
+				warnx("Missing open parenthesis at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 			*licensep = license + 1;
@@ -235,7 +235,7 @@ acceptable_pkg_license_internal(const char **licensep, int toplevel, const char
 		}
 		if (*license == '\0') {
 			if (need_parenthesis) {
-				warnx("Unbalanced parenthesis at position %zu", license - start + 1);
+				warnx("Unbalanced parenthesis at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 			*licensep = license;
@@ -244,25 +244,25 @@ acceptable_pkg_license_internal(const char **licensep, int toplevel, const char
 
 		if (strncmp(license, "AND", 3) == 0) {
 			if (expr_type == 1) {
-				warnx("Invalid operator in OR expression at position %zu", license - start + 1);
+				warnx("Invalid operator in OR expression at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 			expr_type = 2;
 			license += 3;
 		} else if (strncmp(license, "OR", 2) == 0) {
 			if (expr_type == 2) {
-				warnx("Invalid operator in AND expression at position %zu", license - start + 1);
+				warnx("Invalid operator in AND expression at position %" PRIzu, license - start + 1);
 				return -1;
 			}
 			expr_type = 1;
 			license += 2;
 		} else {
-			warnx("Invalid operator at position %zu", license - start + 1);
+			warnx("Invalid operator at position %" PRIzu, license - start + 1);
 			return -1;
 		}
 		len = strspn(license, license_spaces);
 		if (len == 0 && *license != '(') {
-			warnx("Missing space at position %zu", license - start + 1);
+			warnx("Missing space at position %" PRIzu, license - start + 1);
 			return -1;
 		}
 		license += len;

external/bsd/pkg_install/dist/lib/pkg_io.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: pkg_io.c,v 1.1.1.8 2010/02/20 04:41:57 joerg Exp $	*/
+/*	$NetBSD: pkg_io.c,v 1.1.1.9 2010/04/23 20:54:11 joerg Exp $	*/
 /*-
  * Copyright (c) 2008, 2009 Joerg Sonnenberger <joerg@NetBSD.org>.
  * All rights reserved.
@@ -36,7 +36,7 @@
 #include <sys/cdefs.h>
 #endif
 
-__RCSID("$NetBSD: pkg_io.c,v 1.1.1.8 2010/02/20 04:41:57 joerg Exp $");
+__RCSID("$NetBSD: pkg_io.c,v 1.1.1.9 2010/04/23 20:54:11 joerg Exp $");
 
 #include <archive.h>
 #include <archive_entry.h>
@@ -63,16 +63,22 @@ struct fetch_archive {
 	struct url *url;
 	fetchIO *fetch;
 	char buffer[32768];
+	off_t size;
+	int restart;
 };
 
 static int
 fetch_archive_open(struct archive *a, void *client_data)
 {
 	struct fetch_archive *f = client_data;
+	struct url_stat us;
 
-	f->fetch = fetchGet(f->url, fetch_flags);
+	f->fetch = fetchXGet(f->url, &us, fetch_flags);
 	if (f->fetch == NULL)
 		return ENOENT;
+	f->size = us.size;
+	f->restart = 1;
+	f->url->offset = 0;
 	return 0;
 }
 
@@ -81,9 +87,39 @@ fetch_archive_read(struct archive *a, void *client_data,
     const void **buffer)
 {
 	struct fetch_archive *f = client_data;
-	
+	struct url_stat us;
+	ssize_t rv;	
+
 	*buffer = f->buffer;
-	return fetchIO_read(f->fetch, f->buffer, sizeof(f->buffer));	
+	rv = fetchIO_read(f->fetch, f->buffer, sizeof(f->buffer));
+	if (rv > 0) {
+		f->url->offset += rv;
+		return rv;
+	}
+	if (f->restart == 0)
+		return rv;
+	if (rv == 0) {
+		if (f->size == -1)
+			return 0;
+		if (f->url->offset == f->size)
+			return 0;
+	}
+	f->restart = 0;
+	if (1) {
+		char *url = fetchStringifyURL(f->url);
+		fprintf(stderr, "Trying to reconnect %s\n", url);
+		free(url);
+	}
+	fetchIO_close(f->fetch);
+	f->fetch = fetchXGet(f->url, &us, fetch_flags);
+	if (f->fetch == NULL)
+		return -1;
+	if (us.size != f->size)
+		return -1;
+	rv = fetchIO_read(f->fetch, f->buffer, sizeof(f->buffer));
+	if (rv > 0)
+		f->url->offset += rv;
+	return rv;
 }
 
 static int
@@ -93,6 +129,7 @@ fetch_archive_close(struct archive *a, void *client_data)
 
 	if (f->fetch != NULL)
 		fetchIO_close(f->fetch);
+	fetchFreeURL(f->url);
 	free(f);
 	return 0;
 }
@@ -104,7 +141,7 @@ open_archive_by_url(struct url *url, char **archive_name)
 	struct archive *a;
 
 	f = xmalloc(sizeof(*f));
-	f->url = url;
+	f->url = fetchCopyURL(url);
 
 	*archive_name = fetchStringifyURL(url);
 

external/bsd/pkg_install/dist/lib/pkgdb.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: pkgdb.c,v 1.1.1.7 2010/01/30 21:33:52 joerg Exp $	*/
+/*	$NetBSD: pkgdb.c,v 1.1.1.8 2010/04/23 20:54:11 joerg Exp $	*/
 
 #if HAVE_CONFIG_H
 #include "config.h"
@@ -7,10 +7,10 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: pkgdb.c,v 1.1.1.7 2010/01/30 21:33:52 joerg Exp $");
+__RCSID("$NetBSD: pkgdb.c,v 1.1.1.8 2010/04/23 20:54:11 joerg Exp $");
 
 /*-
- * Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
+ * Copyright (c) 1999-2010 The NetBSD Foundation, Inc.
  * All rights reserved.
  *
  * This code is derived from software contributed to The NetBSD Foundation
@@ -168,6 +168,8 @@ pkgdb_retrieve(const char *key)
 {
 	DBT     keyd, vald;
 	int     status;
+	char	*eos;
+	static int corruption_warning;
 
 	if (pkgdbp == NULL)
 		return NULL;
@@ -179,9 +181,15 @@ pkgdb_retrieve(const char *key)
 	vald.data = (void *)NULL;
 	vald.size = 0;
 	status = (*pkgdbp->get) (pkgdbp, &keyd, &vald, 0);
-	if (status) {
-		vald.data = NULL;
-		vald.size = 0;
+	if (status)
+		return NULL;
+	eos = memchr(vald.data, 0, vald.size);
+	if (eos == NULL || eos + 1 != (char *)vald.data + vald.size) {
+		if (!corruption_warning) {
+			warnx("pkgdb corrupted, please run ``pkg_admin rebuild''");
+			corruption_warning = 1;
+		}
+		return NULL;
 	}
 
 	return vald.data;

external/bsd/pkg_install/dist/lib/vulnerabilities-file.c

@@ -1,7 +1,7 @@
-/*	$NetBSD: vulnerabilities-file.c,v 1.1.1.3 2009/03/02 22:31:18 joerg Exp $	*/
+/*	$NetBSD: vulnerabilities-file.c,v 1.1.1.4 2010/04/23 20:54:12 joerg Exp $	*/
 
 /*-
- * Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
+ * Copyright (c) 2008, 2010 Joerg Sonnenberger <joerg@NetBSD.org>.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -38,7 +38,7 @@
 #if HAVE_SYS_CDEFS_H
 #include <sys/cdefs.h>
 #endif
-__RCSID("$NetBSD: vulnerabilities-file.c,v 1.1.1.3 2009/03/02 22:31:18 joerg Exp $");
+__RCSID("$NetBSD: vulnerabilities-file.c,v 1.1.1.4 2010/04/23 20:54:12 joerg Exp $");
 
 #if HAVE_SYS_STAT_H
 #include <sys/stat.h>
@@ -46,6 +46,9 @@ __RCSID("$NetBSD: vulnerabilities-file.c,v 1.1.1.3 2009/03/02 22:31:18 joerg Exp
 #if HAVE_SYS_WAIT_H
 #include <sys/wait.h>
 #endif
+#ifndef BOOTSTRAP
+#include <archive.h>
+#endif
 #include <ctype.h>
 #if HAVE_ERR_H
 #include <err.h>
@@ -66,6 +69,9 @@ __RCSID("$NetBSD: vulnerabilities-file.c,v 1.1.1.3 2009/03/02 22:31:18 joerg Exp
 
 #include "lib.h"
 
+static struct pkg_vulnerabilities *read_pkg_vulnerabilities_archive(struct archive *, int);
+static struct pkg_vulnerabilities *parse_pkg_vuln(const char *, size_t, int);
+
 static const char pgp_msg_start[] = "-----BEGIN PGP SIGNED MESSAGE-----\n";
 static const char pgp_msg_end[] = "-----BEGIN PGP SIGNATURE-----\n";
 static const char pkcs7_begin[] = "-----BEGIN PKCS7-----\n";
@@ -336,14 +342,38 @@ add_vulnerability(struct pkg_vulnerabilities *pv, size_t *allocated, const char
 }
 
 struct pkg_vulnerabilities *
-read_pkg_vulnerabilities(const char *path, int ignore_missing, int check_sum)
+read_pkg_vulnerabilities_memory(void *buf, size_t len, int check_sum)
 {
+#ifdef BOOTSTRAP
+	errx(EXIT_FAILURE, "Audit functions are unsupported during bootstrap");
+#else
+	struct archive *a;
+	struct pkg_vulnerabilities *pv;
+
+	if ((a = archive_read_new()) == NULL)
+		errx(EXIT_FAILURE, "memory allocation failed");
+	
+	if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
+	    archive_read_support_format_raw(a) != ARCHIVE_OK ||
+	    archive_read_open_memory(a, buf, len) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot open pkg_vulnerabilies buffer: %s",
+		    archive_error_string(a));
+
+	pv = read_pkg_vulnerabilities_archive(a, check_sum);
+
+	return pv;
+#endif
+}
+
+struct pkg_vulnerabilities *
+read_pkg_vulnerabilities_file(const char *path, int ignore_missing, int check_sum)
+{
+#ifdef BOOTSTRAP
+	errx(EXIT_FAILURE, "Audit functions are unsupported during bootstrap");
+#else
+	struct archive *a;
 	struct pkg_vulnerabilities *pv;
-	struct stat st;
 	int fd;
-	char *input, *decompressed_input;
-	size_t input_len, decompressed_len;
-	ssize_t bytes_read;
 
 	if ((fd = open(path, O_RDONLY)) == -1) {
 		if (errno == ENOENT && ignore_missing)
@@ -351,39 +381,67 @@ read_pkg_vulnerabilities(const char *path, int ignore_missing, int check_sum)
 		err(EXIT_FAILURE, "Cannot open %s", path);
 	}
 
-	if (fstat(fd, &st) == -1)
-		err(EXIT_FAILURE, "Cannot stat %s", path);
-
-	if ((st.st_mode & S_IFMT) != S_IFREG)
-		errx(EXIT_FAILURE, "Input is not regular file");
-	if (st.st_size > SSIZE_MAX - 1)
-		errx(EXIT_FAILURE, "Input too large");
-
-	input_len = (size_t)st.st_size;
-	if (input_len < 4)
-		err(EXIT_FAILURE, "Input too short for a pkg_vulnerability file");
-	input = xmalloc(input_len + 1);
-	if ((bytes_read = read(fd, input, input_len)) == -1)
-		err(1, "Failed to read input");
-	if (bytes_read != st.st_size)
-		errx(1, "Unexpected short read");
+	if ((a = archive_read_new()) == NULL)
+		errx(EXIT_FAILURE, "memory allocation failed");
+	
+	if (archive_read_support_compression_all(a) != ARCHIVE_OK ||
+	    archive_read_support_format_raw(a) != ARCHIVE_OK ||
+	    archive_read_open_fd(a, fd, 65536) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot open ``%s'': %s", path,
+		    archive_error_string(a));
 
+	pv = read_pkg_vulnerabilities_archive(a, check_sum);
 	close(fd);
 
-	if (decompress_buffer(input, input_len, &decompressed_input,
-	    &decompressed_len)) {
-		free(input);
-		input = decompressed_input;
-		input_len = decompressed_len;
-	}
-	pv = parse_pkg_vulnerabilities(input, input_len, check_sum);
-	free(input);
+	return pv;
+#endif
+}
 
+#ifndef BOOTSTRAP
+static struct pkg_vulnerabilities *
+read_pkg_vulnerabilities_archive(struct archive *a, int check_sum)
+{
+	struct archive_entry *ae;
+	struct pkg_vulnerabilities *pv;
+	char *buf;
+	size_t buf_len, off;
+	ssize_t r;
+
+	if (archive_read_next_header(a, &ae) != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot read pkg_vulnerabilities: %s",
+		    archive_error_string(a));
+
+	off = 0;
+	buf_len = 65536;
+	buf = xmalloc(buf_len + 1);
+
+	for (;;) {
+		r = archive_read_data(a, buf + off, buf_len - off);
+		if (r <= 0)
+			break;
+		off += r;
+		if (off == buf_len) {
+			buf_len *= 2;
+			if (buf_len < off)
+				errx(EXIT_FAILURE, "pkg_vulnerabilties too large");
+			buf = xrealloc(buf, buf_len + 1);
+		}
+	}
+
+	if (r != ARCHIVE_OK)
+		errx(EXIT_FAILURE, "Cannot read pkg_vulnerabilities: %s",
+		    archive_error_string(a));
+
+	archive_read_close(a);
+
+	buf[off] = '\0';
+	pv = parse_pkg_vuln(buf, off, check_sum);
+	free(buf);
 	return pv;
 }
 
-struct pkg_vulnerabilities *
-parse_pkg_vulnerabilities(const char *input, size_t input_len, int check_sum)
+static struct pkg_vulnerabilities *
+parse_pkg_vuln(const char *input, size_t input_len, int check_sum)
 {
 	struct pkg_vulnerabilities *pv;
 	long version;
@@ -502,6 +560,7 @@ parse_pkg_vulnerabilities(const char *input, size_t input_len, int check_sum)
 
 	return pv;
 }
+#endif
 
 void
 free_pkg_vulnerabilities(struct pkg_vulnerabilities *pv)