306941 |
10-Oct-2016 |
delphij |
Fix bspatch heap overflow vulnerability. [SA-16:29]
Fix multiple portsnap vulnerabilities. [SA-16:30]
Fix multiple libarchive vulnerabilities. [SA-16:31]
Approved by: so |
272461 |
03-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of the 10.1-RELEASE process.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
265742 |
09-May-2014 |
delphij |
MFC r264740:
Use case insensitive match in portsnap.
PR: bin/186510 Submitted by: olli
|
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
253224 |
11-Jul-2013 |
cperciva |
Fix bug in deleting files: If two ports had the same tarball and one of them changed (or was removed from the tree) then portsnap would delete that file. This happened earlier today when one of two empty port directories was removed. Uniquifying the lists of needed files fixes this.
9.2-RELEASE candidate.
MFC after: 3 days
|
251507 |
07-Jun-2013 |
delphij |
Make 'portsnap alfred' overwrite ports tree if it's not created by a portsnap.
Discussed with: alfred Reviewed by: cperciva
|
250604 |
13-May-2013 |
joel |
mdoc sweep
|
250582 |
12-May-2013 |
joel |
mdoc sweep.
|
244165 |
13-Dec-2012 |
alfred |
Change progress indicator for downloading patches.
Use a percent style indicator instead of emitting one long line of patch numbers.
|
241999 |
24-Oct-2012 |
eadler |
Avoid changing IFS in a global context as this can sometimes cause errors later on.
PR: bin/172715 Submitted by: Matthew D.Fuller <fullermd@over-yonder.net> (older version) Submitted by: dteske Approved by: cperciva MFC after: 1 week
|
241539 |
14-Oct-2012 |
joel |
Remove cvs/cvsup reference.
|
241026 |
28-Sep-2012 |
issyl0 |
Change "only only" to "only" in portsnap(8).
Spotted by: Ruslan Mahmatkhanov Approved by: gabor (mentor, implicit)
|
241024 |
28-Sep-2012 |
issyl0 |
Add a note to portsnap(8) about the behaviour of the example cron command.
PR: docs/171759 Submitted by: Paul Hoffman (phoffman at proper dot com) Approved by: cperciva, gabor (mentor) MFC after: 3 days
|
239078 |
05-Aug-2012 |
eadler |
Add interactive option to override portsnap's automagical detection of a terminal.
Submitted by: Hannes h2+fbsdports@fsfe.org Approved by: cperciva MFC after: 1 week
|
235208 |
09-May-2012 |
eadler |
make it easier for users used to a VCS that allows up to be a shortcut for update.
PR: bin/152856 Approved by: cperciva MFC after: 3 days
|
227484 |
13-Nov-2011 |
alfred |
Fix spelling of extract.
Pointed out by: gcooper
|
227483 |
13-Nov-2011 |
alfred |
Utilize shell's IFS instead of forking ~6 processes to handle splitting input files on a '|'. This greatly reduces the time taken to process several databases during the update process.
Additionally add some more debug logging.
|
226028 |
04-Oct-2011 |
jilles |
portsnap: Detect error immediately if we can't fetch the snapshot metadata.
Also add some quotes around command substitution where useful and possible.
Reviewed by: cperciva MFC after: 1 week
|
216575 |
19-Dec-2010 |
simon |
Add --numeric-owner to tar extract operations in portsnap.
This is done to speed up extraction significantly (both for portsnap extract and update) in the case of slow NSS modules (like nss_ldap) as it avoids having to look up uid and gid for root / wheel.
The reason this is a bigger problem for portsnap than for many other system operations, is that portsnap executes tar(1) once for each port so the internal uid/gid caching in tar(1) only helps a bit, resulting in many user lookup calls.
Discussed with: cperciva
|
213573 |
08-Oct-2010 |
uqs |
mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
|
211397 |
16-Aug-2010 |
joel |
Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while translating these manual pages. Minor corrections by me.
Submitted by: Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
|
201390 |
02-Jan-2010 |
ed |
The last big commit: let usr.sbin/ use WARNS=6 by default.
|
201251 |
30-Dec-2009 |
cperciva |
Add undocumented 'portsnap alfred' command, which runs (fetch|cron) based on whether fd 0 is a terminal, and then runs (extract|update) based on whether ${PORTSDIR} exists.
Requested by: alfred MFC after: 1 month
|
190679 |
03-Apr-2009 |
cperciva |
Set SO_NOSIGPIPE on sockets used by phttpget. Without this, if (1) phttpget is attempting to download enough files that it can't send all the requests at once, and (2) the remote server forcibly closes the connection, resulting in RST packets being sent, phttpget will receive a SIGPIPE and terminate without downloading all of the files.
This is probably responsible for a number of hard-to-reproduce errors with portsnap and freebsd-update.
MFC after: 3 days
|
183041 |
15-Sep-2008 |
danger |
- remove superfluous word
PR: docs/127401 Submitted by: Mick Charles Beaver <mick@cs.wisc.edu> MFC after: 1 week
|
179073 |
17-May-2008 |
cperciva |
Add support for specifying which INDEX files to build via portsnap.conf.
Requested by: brooks Reminded by: brooks, about halfway through his BSDCan talk
|
176250 |
13-Feb-2008 |
cperciva |
Improve conformance to the HTTP specification by using case-insensitive comparisons for header keywords. Apparently some proxies use creative capitalization.
Weird proxy found by: brooks MFC after: 3 days
|
174961 |
28-Dec-2007 |
cperciva |
Attempt to reduce the rate of foot-shooting injuries by adding a new paragraph clarifying that portsnap does not behave the same way as cvs and cvsup where local modifications are concerned.
Submitted by: peter Feet shot: peter, kris, obrien, + many others
|
171691 |
02-Aug-2007 |
cperciva |
When generating ports INDEX files from downloaded "describes" data, build an index for FreeBSD 7.x too.
MFC After: 1 week Approved by: re (hrs)
|
171120 |
30-Jun-2007 |
cperciva |
Add support for HTTP/1.0 Persistent Connections to phttpget. Requests are be marked as HTTP/1.1 but "Connection: Keep-Alive" is added; this convinces HTTP/1.0 servers and proxies to hold the TCP connection open despite not being able to use HTTP pipelining.
This dramatically cuts down on the number of TCP connections (and thus port numbers) used by portsnap when talking to an HTTP/1.0 proxy (e.g., squid), and has the side benefit of improving performance in those cases.
Tested by: simon Approved by: re (kensmith) MFC After: 1 week
|
164057 |
07-Nov-2006 |
cperciva |
Add support for the HTTP_TIMEOUT environment variable (integer number of seconds, just like in fetch(1)).
Submitted by: rdivacky
|
163564 |
21-Oct-2006 |
cperciva |
Set LC_ALL=C in order to avoid problems with character ranges and sorting.
PR: bin/104505 MFC after: 3 days
|
162806 |
29-Sep-2006 |
ru |
Markup fixes.
|
161809 |
01-Sep-2006 |
cperciva |
s/MAN8/MAN/
Pointed out by: ru
|
159062 |
30-May-2006 |
cperciva |
Use some features of sh(1) which I didn't know about until today ("read" can read two variables at once; and suffix pattern deletion) to make the extract command fork fewer processes.
With the portsnap snapshot and the ports tree in swap-backed memory disks on my 1.4GHz laptop, this reduces 178800 processes and 195/56/126 seconds of real/user/sys time to 44600 processes and 103/34/60 seconds.
|
158524 |
13-May-2006 |
cperciva |
Fix typo.
Pointed out by: ceri
|
158523 |
13-May-2006 |
cperciva |
Add a mechanism for constructing INDEX files which include local ports.
Requested by: brooks
|
158473 |
12-May-2006 |
cperciva |
Use 'rm -rf foo/bar' to remove a port instead of 'rm -rf foo/bar/'. When /usr/ports/foo/bar is a symlink pointing outside the tree, this deletes the symlink instead of the directory it points to.
Requested by: delphij
|
158301 |
05-May-2006 |
cperciva |
Allow the HTTP_PROXY environment variable to be (mis)spelled as "http_proxy", since some people apparently do this and fetch(3) allows it.
|
158299 |
05-May-2006 |
cperciva |
Fix the test for whether ${HTTP_PROXY} is set -- I got it backwards.
Pointy hat to: cperciva Pointed out by: pjd
|
158276 |
03-May-2006 |
cperciva |
Remove two lines of debugging which I forgot to remove before the last commit.
Noticed by: simon
|
158274 |
03-May-2006 |
cperciva |
The approach portsnap uses of "pick a random HTTP mirror" doesn't interact very nicely with HTTP proxies: Since proxies do not know that all the files on portsnap1.freebsd.org are identical to the files with the same names on portsnap2.freebsd.org, said proxies end up downloading and storing files in duplicate.
This commit uses the HTTP_PROXY environment variable, if set, to generate a random number seed for use in selecting a mirror. This means that if several systems all have the same HTTP_PROXY value set, they will ask the proxy to fetch files from the same mirror (unless that mirror fails, in which case all the systems will use the same second choice, et cetera).
Portsnap still doesn't interact very well with "transparent" HTTP proxies, but there's nothing I can do about those.
Requested by: simon Sponsored by: FreeBSD security development fundraiser
|
158273 |
03-May-2006 |
cperciva |
Instead of selecting a mirror and failing if it is inaccessible, keep track of which mirrors we have tried and try a different mirror if we fail when trying to download the SSL public key or the snapshot signature.
Failures later in the download process will not result in switching to a different mirror, for two reasons: 1. If is very unlikely that a mirror will fail partway through the process of downloading updates. 2. If we switched from a more recently updated mirror to a less recently updated mirror partway through the download process, we would end up failing anyway because we would be trying to fetch files which the second mirror didn't have yet.
PR: bin/96288 Requested by: lots of people Sponsored by: FreeBSD security development fundraiser
|
158245 |
02-May-2006 |
cperciva |
Teach portsnap to parse the output of the host(1) in BIND 8 as well as the host(1) from BIND 9. This doesn't matter for HEAD, but will help people who install portsnap from the ports tree onto older versions of FreeBSD.
PR: ports/93901 Sponsored by: FreeBSD security development fundraiser
|
156813 |
17-Mar-2006 |
ru |
Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
156406 |
07-Mar-2006 |
ume |
Remove trailing dot from the servername in the serverlist to be able to use portsnap from behind a http proxy. Some HTTP proxy don't like trailing dot in the servername.
Approved by: cperciva MFC after: 2 days
|
156405 |
07-Mar-2006 |
ume |
Correct handling of HTTP_PROXY_AUTH. A password may have `:'.
Approved by: cperciva MFC after: 2 days
|
156042 |
26-Feb-2006 |
wkoszek |
Reference sha256(1) instead of sha256(8), which doesn't exist.
Approved by: cognet (mentor) MFC after: 3 days
|
155181 |
01-Feb-2006 |
joel |
Expand contractions.
|
154909 |
27-Jan-2006 |
cperciva |
Merge from accidental commit to RELENG_5: Correctly identify the host and port values on a failed getaddrinfo lookup.
|
154693 |
22-Jan-2006 |
cperciva |
Replace "fetch" with "fetch -r" when downloading the initial ~38MB snapshot in order to avoid unnecessary re-downloading.
Remove the earlier "rm -f ${SNAPSHOTHASH}.tgz" to make this work.
Suggested by: Lars Engels MFC after: 7 days
|
154443 |
17-Jan-2006 |
cperciva |
Mention that the random time slept by "portsnap cron" is between 1 and 3600 seconds.
Suggested by: Niki Denev MFC after: 3 days
|
154088 |
06-Jan-2006 |
cperciva |
Make "portsnap extract" automatically create ${PORTSDIR} if necessary instead of complaining that "Directory does not exist or is not writable".
Suggested by: {tlp, siep} via IRC MFC after: 1 week
|
152997 |
01-Dec-2005 |
cperciva |
Make "missing dependency" errors more useful by indicating which port is trying to depend upon the non-existent port.
Suggested by: kris MFC after: 3 days
|
152625 |
20-Nov-2005 |
cperciva |
An empty file does not have a positive number of lines.
Make sure that the number of lines read is non-zero before in order to avoid dumping core.
Reported by: Wojciech A. Koszek Pointy hat to: cperciva
|
152546 |
17-Nov-2005 |
cperciva |
Correctly handle a TCP connection being shutdown by the server while we're reading response headers. (Handle it as a connection-killing error, rather than entering an infinite loop reading zero bytes.)
Reported by: simon Discovered thanks to: A not-very-transparent transparent HTTP proxy. MFC after: 3 days
|
150461 |
22-Sep-2005 |
cperciva |
Add HTTP proxy authentication, via the HTTP_PROXY_AUTH environment variable.
Tested by: Emil Mikulic X-MFC-After: 6.0-RELEASE
|
150427 |
21-Sep-2005 |
cperciva |
Style fix: "if (pointer)" -> "if (pointer != NULL)"
|
150284 |
18-Sep-2005 |
cperciva |
Add a note pointing out that certain information (IP address, list of files fetched, FreeBSD release level) is transmitted to the portsnap server when portsnap is run, but that this information is only used anonymously and in aggregate.
|
150254 |
17-Sep-2005 |
cperciva |
Handle circular dependencies properly (via errx(3)) rather than dumping core. This bug was made visible by a recent change to the audio/timidity++ port, which now has itself as a run dependency.
Reported by: Emil Mikulic, Andreas Klemm
|
150159 |
15-Sep-2005 |
cperciva |
Portsnap uses host(1) to search for mirrors, but this is only available when the base system is not compiled with NO_BIND set. Before we start searching for mirrors, make sure that host(1) can be found, and if it doesn't exist then fallback to the A record instead of the SRV records.
Submitted by: Luca Morettoni
|
149984 |
11-Sep-2005 |
cperciva |
Fix typo: ${PORTDIR} -> ${PORTSDIR}.
Apologies to everyone who has run portsnap in 7.0-CURRENT since Tuesday; if there is a file "/.portsnap.INDEX" on your system, you can delete it (or even better, move it to /usr/ports/.portsnap.INDEX).
Big pointy hat to: cperciva Reported that things weren't working properly: Aleksander Fafula
|
149868 |
07-Sep-2005 |
cperciva |
Fix typo: Cowarly -> Cowardly.
Reported by: Joerg Sonnenberger
|
149824 |
06-Sep-2005 |
cperciva |
Teach portsnap how to ignore unwanted parts of the ports tree. A line of the form "REFUSE foo" in portsnap.conf will result in parts of the tree matching "^foo" being (a) not extracted by "portsnap extract", (b) not updated by "portsnap update", and (c) not having any patches or new ports downloaded by "portsnap fetch" or "portsnap cron". The example shown in portsnap.conf demonstrates ignoring all the language categories.
As mentioned in portsnap.conf.5, the use of an imcomplete ports tree is not officially supported; but this is something which many users have requested, so I'm adding it anyway.
PR: bin/85619 (but not the patch provided therein) MFC after: 1 month
|
149042 |
14-Aug-2005 |
cperciva |
Spell "cmp > /dev/null" as "cmp -s".
Suggested by: dougb
|
149041 |
13-Aug-2005 |
cperciva |
Correctly exit from extract_run() and update_run() if files needed are missing from ${WORKDIR}/files/.
This bug was caused by the astonishing interaction of "return" and pipelines; in the following code, the "return" does not exit the function, but instead exits the subshell which was spawned for the last element of the pipeline; consequently, the output produced is "foo".
foo() { echo bar | while read baz; do if [ ${baz} = "bar" ]; then return 1 fi done
echo foo }
Reported by: simon
|
149032 |
13-Aug-2005 |
simon |
Misc mdoc(7) fixes: - Bump document date for recent updates. - Use .Fx for FreeBSD. - Remove EOL whitespace. - Start new sentences on new lines.
Reviewed by: cperciva
|
149027 |
13-Aug-2005 |
cperciva |
Allow multiple commands to be specified on a single command line, e.g., "portsnap fetch update" or "portsnap -I cron update". They will be executed in the order that they appear, and duplicates are not removed (so "portsnap fetch fetch fetch fetch" is meaningful, albeit rather silly).
Requested by: Roman Divacky
|
149023 |
13-Aug-2005 |
cperciva |
Fix the progress statistics code by printing the right variable. I missed this when I changed the stats code in the ports -> base transition.
Pointed out by: simon
|
148981 |
12-Aug-2005 |
cperciva |
When using cmp(1) to determine if the ports tree is already up to date, we want the exit code, but not the actual output; add a redirect to /dev/null.
Pointy hat to: cperciva
|
148958 |
11-Aug-2005 |
cperciva |
If the ports tree is already up to date when we run `portsnap update`, exit early; this avoids spending five seconds rebuilding the INDEX files.
Requested by: somebody on IRC, but I can't remember who
|
148925 |
10-Aug-2005 |
cperciva |
Remove unused variable.
Reported by: stefanf
|
148885 |
09-Aug-2005 |
cperciva |
Check that malloc() succeeds in makelist.
Submitted by: Roman Divacky (who did a very complete review of both make_index.c and phttpget.c)
|
148881 |
09-Aug-2005 |
cperciva |
Replace INT_MAX with OFF_MAX. I used INT_MAX originally (in ports) because OFF_MAX wasn't defined on FreeBSD 4.x.
|
148880 |
09-Aug-2005 |
cperciva |
When parsing the HTTP_PROXY environment variable, strip a trailing / from the port number (if any exists). This unbreaks env HTTP_PROXY="http://localhost:3128/" portsnap fetch
While I'm here, list both the host and the port in the error message output if getaddrinfo() fails, since either of them could be responsible for the failure.
|
148879 |
09-Aug-2005 |
cperciva |
Add a missing EOL when printing "Latest snapshot on server is older than what we already have" message. [1]
When operating with the undocumented --debug option, replace "xargs phttpget" with "xargs -t phttpget", since that might conceivably help debugging.
Noticed by: simon [1]
|
148871 |
08-Aug-2005 |
cperciva |
Add portsnap to the base system. This is a secure, easy to use, fast, lightweight, and generally good way for users to keep their ports trees up to date.
This is version 0.9.4 from the ports tree (sysutils/portsnap) with the following changes: 1. The experimental pipelined http code is enabled. No seatbelts in -CURRENT. (^_^) 2. The working directory has moved from /usr/local/portsnap to /var/db/portsnap (as discussed on -arch two days ago). 3. Portsnap now fetches a list of mirrors (distributed as DNS SRV records) and selects one randomly. This should help to avoid the uneven loading which plagues the cvsup mirror network. 4. The license is now 2-clause BSD instead of 3-clause BSD. 5. Various incidental changes to make portsnap fit into the base system's build mechanics.
X-MFC-After: 6.0-RELEASE X-MFC-Before: 5.5-RELEASE X-MFC-To: RELENG_6, RELENG_5, ports discussed on: -arch and several other places "yes please" from: simon, remko, flz, Diane Bruce thinks this is a great idea: bsdimp Hopes he didn't forget any files: cperciva
|