main/apk-tools: security upgrade to 2.10.1

5 files changed, 3 insertions, 204 deletions

diff --git a/main/apk-tools/0001-prevent-automatic-repository-index-update-for-apk-de.patch b/main/apk-tools/0001-prevent-automatic-repository-index-update-for-apk-de.patch
deleted file mode 100644
index 61bbe0586f..0000000000
--- a/main/apk-tools/0001-prevent-automatic-repository-index-update-for-apk-de.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From e1a05c74cb8ae6ab41ee960343cc64a0a9af95a5 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Wed, 18 Jul 2018 13:28:49 +0300
-Subject: [PATCH] prevent automatic repository index update for 'apk del'
-
-ref #9063
----
- src/apk_database.h | 3 ++-
- src/database.c     | 6 ++++--
- src/del.c          | 2 +-
- 3 files changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/src/apk_database.h b/src/apk_database.h
-index 19bafcd..2a7cb3b 100644
---- a/src/apk_database.h
-+++ b/src/apk_database.h
-@@ -156,7 +156,7 @@ struct apk_database {
- 	unsigned int pending_triggers;
- 	int performing_self_upgrade : 1;
- 	int permanent : 1;
--	int open_write : 1;
-+	int autoupdate : 1;
- 	int open_complete : 1;
- 	int compat_newfeatures : 1;
- 	int compat_notinstallable : 1;
-@@ -211,6 +211,7 @@ struct apk_db_file *apk_db_file_query(struct apk_database *db,
- #define APK_OPENF_NO_SYS_REPOS		0x0100
- #define APK_OPENF_NO_INSTALLED_REPO	0x0200
- #define APK_OPENF_CACHE_WRITE		0x0400
-+#define APK_OPENF_NO_AUTOUPDATE		0x0800
- 
- #define APK_OPENF_NO_REPOS	(APK_OPENF_NO_SYS_REPOS |	\
- 				 APK_OPENF_NO_INSTALLED_REPO)
-diff --git a/src/database.c b/src/database.c
-index db34ed3..70a1053 100644
---- a/src/database.c
-+++ b/src/database.c
-@@ -1519,7 +1519,9 @@ int apk_db_open(struct apk_database *db, struct apk_db_options *dbopts)
- 		r = -1;
- 		goto ret_r;
- 	}
--	if (dbopts->open_flags & APK_OPENF_WRITE) db->open_write = 1;
-+	if ((dbopts->open_flags & APK_OPENF_WRITE) &&
-+	    !(dbopts->open_flags & APK_OPENF_NO_AUTOUPDATE))
-+		db->autoupdate = 1;
- 	if (!dbopts->cache_dir) dbopts->cache_dir = "etc/apk/cache";
- 
- 	apk_db_setup_repositories(db, dbopts->cache_dir);
-@@ -2266,7 +2268,7 @@ int apk_db_add_repository(apk_database_t _db, apk_blob_t _repository)
- 			r = apk_repo_format_real_url(db, repo, NULL, buf, sizeof(buf));
- 			if (r == 0) apk_message("fetch %s", buf);
- 		} else {
--			if (db->open_write) apk_repository_update(db, repo);
-+			if (db->autoupdate) apk_repository_update(db, repo);
- 			r = apk_repo_format_cache_index(APK_BLOB_BUF(buf), repo);
- 		}
- 	} else {
-diff --git a/src/del.c b/src/del.c
-index d1a6015..8e149ab 100644
---- a/src/del.c
-+++ b/src/del.c
-@@ -161,7 +161,7 @@ static struct apk_applet apk_del = {
- 	.name = "del",
- 	.help = "Remove PACKAGEs from 'world' and uninstall them",
- 	.arguments = "PACKAGE...",
--	.open_flags = APK_OPENF_WRITE,
-+	.open_flags = APK_OPENF_WRITE | APK_OPENF_NO_AUTOUPDATE,
- 	.context_size = sizeof(struct del_ctx),
- 	.optgroups = { &optgroup_global, &optgroup_commit, &optgroup_applet },
- 	.main = del_main,
--- 
-2.18.0
-
diff --git a/main/apk-tools/0001-prevent-automatic-repository-index-update-with-no-ne.patch b/main/apk-tools/0001-prevent-automatic-repository-index-update-with-no-ne.patch
deleted file mode 100644
index 67fd7eab73..0000000000
--- a/main/apk-tools/0001-prevent-automatic-repository-index-update-with-no-ne.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 13c534db7755865380bfd930aa384aebc16347e6 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Tue, 21 Aug 2018 12:24:26 +0000
-Subject: [PATCH] prevent automatic repository index update with --no-network
-
-We should not update repository index when --no-network is specified.
-
-ref #9126
----
- src/database.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/database.c b/src/database.c
-index 70a1053..eea7177 100644
---- a/src/database.c
-+++ b/src/database.c
-@@ -1520,7 +1520,8 @@ int apk_db_open(struct apk_database *db, struct apk_db_options *dbopts)
- 		goto ret_r;
- 	}
- 	if ((dbopts->open_flags & APK_OPENF_WRITE) &&
--	    !(dbopts->open_flags & APK_OPENF_NO_AUTOUPDATE))
-+	    !(dbopts->open_flags & APK_OPENF_NO_AUTOUPDATE) &&
-+	    !(apk_flags & APK_NO_NETWORK))
- 		db->autoupdate = 1;
- 	if (!dbopts->cache_dir) dbopts->cache_dir = "etc/apk/cache";
- 
--- 
-2.18.0
-
diff --git a/main/apk-tools/0001-solver-allow-names-with-only-one-provider-to-be-auto.patch b/main/apk-tools/0001-solver-allow-names-with-only-one-provider-to-be-auto.patch
deleted file mode 100644
index 107676e93c..0000000000
--- a/main/apk-tools/0001-solver-allow-names-with-only-one-provider-to-be-auto.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From 0dcbd933c8d3d305395a99b7b1690a187ce5ec8c Mon Sep 17 00:00:00 2001
-From: William Pitcock <nenolod@dereferenced.org>
-Date: Wed, 21 Feb 2018 15:35:53 +0000
-Subject: [PATCH] solver: allow names with only one provider to be autoselected
- regardless of priority
-
----
- src/solver.c       | 5 +++--
- test/provides.repo | 9 ++++++++-
- 2 files changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/src/solver.c b/src/solver.c
-index 91e5958..d27a7a3 100644
---- a/src/solver.c
-+++ b/src/solver.c
-@@ -671,11 +671,12 @@ static void select_package(struct apk_solver_state *ss, struct apk_name *name)
- 			    (!p->pkg->ss.iif_triggered ||
- 			     !p->pkg->ss.tag_ok))
- 				continue;
--			/* Virtual packages without provider_priority cannot be autoselected */
-+			/* Virtual packages without provider_priority cannot be autoselected,
-+			 * unless there is only one provider */
- 			if (p->version == &apk_null_blob &&
- 			    p->pkg->name->auto_select_virtual == 0 &&
- 			    p->pkg->name->ss.requirers == 0 &&
--			    p->pkg->provider_priority == 0)
-+			    (p->pkg->provider_priority == 0 && name->providers->num > 1))
- 				continue;
- 			if (compare_providers(ss, p, &chosen) > 0)
- 				chosen = *p;
-diff --git a/test/provides.repo b/test/provides.repo
-index 58bd416..358151e 100644
---- a/test/provides.repo
-+++ b/test/provides.repo
-@@ -82,7 +82,7 @@ P:conflicted-provider-b
- V:0.1
- S:1
- I:1
--p:conflicted-provider
-+p:conflicted-provider conflicted-provider-2
- 
- C:Q1EyN5AdpAOBJWKMR89ppC66ccccj=
- P:conflicted-dep
-@@ -104,3 +104,10 @@ V:0.1
- S:1
- I:1
- p:self-provide
-+
-+C:Q1EyN5AdpAOBJWKMR89ppC66eeeej=
-+P:conflicted-dep-2
-+V:0.1
-+S:1
-+I:1
-+D:conflicted-provider-2
--- 
-2.16.1
-
diff --git a/main/apk-tools/0002-db-fix-refreshing-index-if-time-is-zero.patch b/main/apk-tools/0002-db-fix-refreshing-index-if-time-is-zero.patch
deleted file mode 100644
index 263bc71955..0000000000
--- a/main/apk-tools/0002-db-fix-refreshing-index-if-time-is-zero.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 258519b1cd32e285060fa4758c123b55ebfe3ef3 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Thu, 5 Apr 2018 09:57:15 +0300
-Subject: [PATCH] db: fix refreshing index if time is zero
-
-During netboot on systems without RTC, time() will be near zero,
-and the index fill not exist. Thus the plain test of st.st_mtime
-against system time failed. Verify that fstatat() succeeds.
----
- src/database.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/src/database.c b/src/database.c
-index 3976d3d..db34ed3 100644
---- a/src/database.c
-+++ b/src/database.c
-@@ -634,9 +634,11 @@ int apk_cache_download(struct apk_database *db, struct apk_repository *repo,
- 	r = apk_repo_format_real_url(db, repo, pkg, url, sizeof(url));
- 	if (r < 0) return r;
- 
--	if (!(apk_force & APK_FORCE_REFRESH))
--		(void) fstatat(db->cache_fd, cacheitem, &st, 0);
--	if (autoupdate && now - st.st_mtime <= db->cache_max_age) return -EALREADY;
-+	if (autoupdate && !(apk_force & APK_FORCE_REFRESH)) {
-+		if (fstatat(db->cache_fd, cacheitem, &st, 0) == 0 &&
-+		    now - st.st_mtime <= db->cache_max_age)
-+			return -EALREADY;
-+	}
- 
- 	apk_message("fetch %s", url);
- 
--- 
-2.16.3
-
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD
index 430bab1cb8..d829bf640c 100644
--- a/main/apk-tools/APKBUILD
+++ b/main/apk-tools/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=apk-tools
-pkgver=2.9.1
-pkgrel=4
+pkgver=2.10.1
+pkgrel=0
 pkgdesc="Alpine Package Keeper - package manager for alpine"
 subpackages="$pkgname-static"
 depends=
@@ -13,10 +13,6 @@ if [ "$CBUILD" = "$CHOST" ]; then
 	makedepends="$makedepends lua5.2-dev"
 fi
 source="http://dev.alpinelinux.org/archive/$pkgname/$pkgname-$pkgver.tar.xz
-	0001-solver-allow-names-with-only-one-provider-to-be-auto.patch
-	0002-db-fix-refreshing-index-if-time-is-zero.patch
-	0001-prevent-automatic-repository-index-update-for-apk-de.patch
-	0001-prevent-automatic-repository-index-update-with-no-ne.patch
 	"
 
 url="https://git.alpinelinux.org/cgit/apk-tools/"
@@ -86,8 +82,4 @@ luaapk() {
 	mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/
 }
 
-sha512sums="4ffb8d1716bbb94421b1cc4277beb47d369c429f4c3bf597d08949abb7586d30c4504edf2f775bea3b93614a280c12391b956ca8f914fb0ec27799a4a005a145  apk-tools-2.9.1.tar.xz
-5ca2d2f2646032ed8f9f86357e986b054045a80ddb944be6a540566ff7092f38591ec8dfc7ac06b9daededa95e86c0e892ead55f9e8907eb318aed76644f7f97  0001-solver-allow-names-with-only-one-provider-to-be-auto.patch
-6852e1dfce1af502ecd5beadcad920fbde0ec3e34b1dcd010ed80d8f9a44816a51430d6e85b4fe713128ca2d3dc859f53570df39dd5b67fee4a5206b0f85aee8  0002-db-fix-refreshing-index-if-time-is-zero.patch
-7e5e68f44d749b391f318afb4ee56964754a8560e1f073c0f07e47e58ccf035addff5843a195968d16c2e71c8dc9876ce97aad45dab090f0d488f79f22e85907  0001-prevent-automatic-repository-index-update-for-apk-de.patch
-17071687e532b00c9f276bb7e42369ec04231b15d223fd3eb803a51eb5cd4f2611d9c7525d905482a42e9b9fc293274887a411a2bf7520eee0607de2bf7a1268  0001-prevent-automatic-repository-index-update-with-no-ne.patch"
+sha512sums="f994dba20b9ba7ee0ad4cbd9d137f65b814851f348f0d5eb75eb60c7d6a21f88648b472239e14298eaf1348c517de00652432e7f8c8abd54565914c7d49e3cd3  apk-tools-2.10.1.tar.xz"