1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-13 21:05:05 -05:00
Commit Graph

4239 Commits

Author SHA1 Message Date
Dan McGee
e07547ee4e Rework finding a writable cache directory
This is a refactor and refresh of the code used to find where we should
download packages.

* Incorporate suggestions from FS#25435 to use TMPDIR from the
  environment if set, otherwise fall back to /tmp as before.
* Make the writability tests a bit more in depth. We now do a three part
  check consisting of:
  - S_ISDIR(): is this even a directory
  - access(W_OK): is this directory writable by the current user.
    Unfortunately for root, this almost always returns that it is, but
    in the case of a RO mount or NFS share inaccessible to root, this
    check will exclude the directory.
  - mode & (any write bit): is there a writable bit set on this
    directory. This makes it possible to enforce a read-only cache
    directory by setting permissions to 0555, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 13:10:17 -05:00
Dan McGee
6d544984f2 Be more robust when copying package data
This changes the signature of _alpm_pkg_dup() to return an integer error
code and provide the new package in a passed pointer argument. All
callers are now more robust with checking the return value of this
function to ensure a fatal error did not occur.

We allow load failures to proceed as otherwise we have a chicken and egg
problem- if a 'desc' local database entry is missing, the best way of
restoring said file is `pacman -Sf --dbonly packagename`. This patch
fixes a segfault that was occurring in this case.

Fixes the segfault reported in FS#25667.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 11:09:57 -05:00
Dave Reisner
9934b3bd34 lib/dload: unlink on response code >=400
ftp and http both define >=400 as being "something bad happened"

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:54:58 -05:00
Dave Reisner
24824b54ce dload: add 'unlink_on_fail' to payload struct
Let callers of _alpm_download state whether we should delete on fail,
rather than inferring it from context. We still override this decision
and always unlink when a temp file is used.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:43:19 -05:00
Dave Reisner
2ca27ab3a1 makepkg: quote re-evaluation of simple vars
This is a safety measure to prevent simple code injection.

$ i="foo bar"
$ eval i="$i"
bash: bar: command not found
$ eval i=\"$i\"
$ echo "|$i|"
|foo bar|

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:42:41 -05:00
Dave Reisner
1723e6dc4f lib/dload: prevent possible NULL dereference
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:41:55 -05:00
Dave Reisner
16334f778b sync: fix garbled output in conflict prompt
$ pacman -S cronie
resolving dependencies...
looking for inter-conflicts...
:: cronie and fcron are in conflict (@.). Remove fcron? [y/N] n

$ sudo pacman -S pacman
resolving dependencies...
looking for inter-conflicts...
:: pacman and pacman-git are in conflict (pKÈ). Remove pacman-git? [y/N]

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:40:07 -05:00
Allan McRae
c28052e45b makepkg: deal with variable substitution when checking sanity
If any of pkgver, pkgrel or epoch contained a variable substitution,
then it needed to be evaluated before checking its value conformed
to the rules.

[Dan: add quotes around RHS]

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:50:17 -05:00
Dan McGee
2a466c2abc doc/PKGBUILD: update regarding versioned package fields
Add the info that versioned replaces are now supported, as well as
beefing up some of the other places touching on versioned fields.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
6cfc4757b9 Convert resolvedep() to use _alpm_depcmp_literal()
The whole first loop is trying to check literals only, so teach it to do
so. Also, reorder operations to make more sense by putting the strcmp()
first in the literal loop, and using a very cheap name_hash check first
in the second loop.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
3752edbff4 Fix replacement of provider issue
When we switched to using alpm_depcmp() in resolving replacments, we had
some interesting behavior with regard to providers and packages not
found in repositories. Teach the replacement resolving code to not look
at provisions at all to be slightly more sane.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
d008a816f1 Add an _alpm_depcmp_literal() function
This omits the finding of matching provisions and only checks the
package itself against the provided dep.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
78b63ce7c3 Replacements refactor: extract check_replacers()
This moves code that was inline in alpm_sync_sysupgrade() to its own
method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
231d6cc1e4 Replacements refactor: extract check_literal()
This moves code that was inline in alpm_sync_sysupgrade() to its own
method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
5d291d050e Remove usages of alpm_list_next() in backend
Another function call that can be replaced by a single pointer
dereference.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
c4bd476ad1 Remove use of no-op accessor functions in library
The functions alpm_db_get_name(), alpm_pkg_get_name(), and
alpm_pkg_get_version() are not necessary at all, so remove the calling
and indirection when used in the backend, which makes things slightly
more efficient and reduces code size.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
c885a953eb Enhance and utilize database status flags
* Move is_local standalone field to status enum
* Create VALID/INVALID flag pair
* Create EXISTS/MISSING flag pair

With these additional fields, we can be more intelligent with database
loading and messages to the user. We now only warn once if a sync
database does not exist and do not continue to try to load it once we
have marked it as missing.

The reason for the flags existing in pairs is so the unknown case can be
represented. There should never be a time when both flags in the same
group are true, but if they are both false, it represents the unknown
case. Care is taken to always manipulate both flags at the same time.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Sebastien Luttringer
4a7f3bbc46 Add makepkg -S which is an alias to makepkg --source
makepkg --source is a often used go make source package like for AUR.
Have a -S shortcut will save the world.

Signed-off-by: Sebastien Luttringer <seblu@seblu.net>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Lukas Fleischer
d18e600952 lib/libalpm/dload.c: Use STRDUP() instead of strdup()
Use the STRDUP macro instead of strdup() for the sake of better error
handling on memory allocation failures.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Lukas Fleischer
0745288c14 lib/libalpm/dload.c: Add ASSERT() to alpm_fetch_pkgurl()
Return with ALPM_ERR_WRONG_ARGS instead of causing a potential segfault
if alpm_fetch_pkgurl() is invoked with a NULL URL.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 07:38:31 -05:00
Dave Reisner
9f139550f8 lib/dload: refactor deletion on failure
This moves all the delete-on-fail logic to under cleanup label. This
also implies should_unlink when a payload is received that doesn't allow
resuming.

Fixes .db.sig.part files leftover in the sync dir.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 21:03:43 -05:00
Dave Reisner
2dbdfe0788 lib/dload: avoid renaming download to 0 length destfile
This leverages earlier work that avoids a rename when destfile is unset.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:31:04 -05:00
Lukas Fleischer
b9833838c6 Avoid stat() on NULL path in curl_download_internal()
stat()'s behaviour is undefined if the first argument is NULL and might
be prone to segfault. Add an additional check to skip the stat()
invocation if no destfile is used.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:30:52 -05:00
Lukas Fleischer
9cddc4ad80 Skip rename() on NULL destfile in curl_download_internal()
Avoid a potential segfault that may occur if we use a temporary file and
fail to build the destination file name from the effective URL.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:30:41 -05:00
Dan McGee
3ceef97799 Fix trailing whitespace in whole codebase
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:03:19 -05:00
Sebastien Luttringer
b2688e9559 Update PKGBUILD manpage about startdir deprecation
Signed-off-by: Sebastien Luttringer <seblu@seblu.net>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 16:54:53 -05:00
Dan McGee
b952a3b08c Fix compilation using --without-gpgme
This function is used regardless of whether gpgme support is enabled, so
make sure it is always accessible.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 19:51:21 -05:00
Allan McRae
c5c1a1349a configure.ac: add checks for more types, functions and headers
This covers most types, functions and headers that we use in the
code base.  Currently we do not use any of these checks, but it
is useful to have the configure output when looking at build issues
on other peoples systems.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 19:39:07 -05:00
Dave Reisner
b008193c12 dload: zero out pm_errno in curl_download_internal
This reverts some hacky behavior from 5fc3ec and resets the handle's
pm_errno where it should be reset -- prior to each download. This
prevents a transaction with a download from being aborted when a package
is successfully grabbed from a secondary server.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 19:37:14 -05:00
Dan McGee
cea6d7eb13 doc/PKGBUILD: fix Asciidoc formatting issues
We had this gem:
    ⇐ (less than or equal to)

Due to not ensuring we did literal printing of things like this. Fix it
and a few other problems noticed scanning through both the HTML and
manpage generated files.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 11:47:53 -05:00
Dan McGee
70db027204 Update authors and contributors
* .mailmap: add mapping for Dave's two email addresses.
* AUTHORS: clear out file, tell people to use `git shortlog -s` instead.
* doc/footer.txt: "promote" Dave, put Xavier and Nagy in past contributors.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 11:46:44 -05:00
Allan McRae
f41dc7e8fa repo-add: fix creation of signature symlink
When creating a repo outside the current directory, the signature
symlink was not created.

Reported-by: Gaetan Bisson <bisson@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 09:25:10 -05:00
Dan McGee
1175702828 Update message catalogs
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 16:09:45 -05:00
Dan McGee
d4a92cacc6 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 16:09:11 -05:00
Dan McGee
11b9bc443d repo-add: reorganize output messages for clarity
The use of warning once we had already started adding a package was
confusing as it broke the standard indent pattern. It was especially bad
if adding multiple packages as it wasn't clear what sub-messages applied
to which package being added. This should be an output change only from:

    ==> Adding package '/tmp/sync/netcfg-2.6.7-1-any.pkg.tar.xz'
      -> Computing checksums...
      -> Adding package signature...
    ==> WARNING: An entry for 'netcfg-2.6.7-1' already existed
      -> Removing existing entry 'netcfg-2.6.7-1'...
      -> Creating 'desc' db entry...
      -> Creating 'depends' db entry...

to:

    ==> Adding package '/tmp/sync/netcfg-2.6.7-1-any.pkg.tar.xz'
    ==> WARNING: An entry for 'netcfg-2.6.7-1' already existed
      -> Computing checksums...
      -> Adding package signature...
      -> Removing existing entry 'netcfg-2.6.7-1'...
      -> Creating 'desc' db entry...
      -> Creating 'depends' db entry...

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 15:15:11 -05:00
Dan McGee
11f4a7a48e Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum

Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 15:15:11 -05:00
Rémy Oudompheng
855bc16a9e libalpm: fix a remaining old syntax of RET_ERR() macro
It would prevent compilation of pacman on FreeBSD, and possibly other
systems.

Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:55:14 -05:00
Dave Reisner
5fc3ecf7f8 lib/sync: ignore download errors for as long as possible
Previously, the behavior was such that if a sync operation required
packages from multiple repos, a download error in the first repo would
cause a hard repo, ignoring the remainder of the repositories. Change
this behavior so that we do a better job of fetching as many packages as
possible before aborting the transaction.

There's a little bit of refactoring mixed in here to get rid of some
useless variables. Since we now depend heavily on the value of
handle->pm_errno being accurate the determine the function's return
value, we clear it when the transaction state is set.

Fixes FS#25532.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:54:21 -05:00
Dan McGee
796eaaed40 Further fixes to replacement iteration
A partial fix for this was in commit 7de92cb22, but this should fix the
remaining cases. There are still several issues dealing with "provision
as replacement" selection however.

Addresses FS#25538 and FS#25527.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:47:19 -05:00
Dan McGee
88bd1cec77 Add short example signature config to pacman.conf
This is similar to what we do with every other option.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 13:08:24 -05:00
Dave Reisner
82ffe2cbfd build-sys: always use $(RM) instead of rm -f
These are equivalent. Use the autoconf macro for consistency.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 13:05:27 -05:00
Dave Reisner
1741b5cc30 dist: preserve symlinks on installation
This applies to the repo-remove man page as well as the script itself.

Yes Dan, I ran distcheck afterwards.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 13:05:17 -05:00
Dan McGee
a628feee46 Parse conflicts/provides/replaces at database load time
We did this with depends way back in commit c244cfecf6 in 2007. We
can do it with these fields as well.

Of note is the inclusion of provides even though only '=' is supported-
we'll parse other things, but no guarantees are given as to behavior,
which is more or less similar to before since we only looked for the
equals sign.

Also of note is the non-inclusion of optdepends; this will likely be
resolved down the road.

The biggest benefactors of this change will be the resolving code that
formerly had to parse and reparse several of these fields; it only
happens once now at load time. This does lead to the disadvantage that
we will now always be parsing this information up front even if we never
need it in the split form, but as these are uncommon fields and our
parser is quite efficient it shouldn't be a big concern.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:56:41 -05:00
Dan McGee
bd5ec9cd8e Validate the sha256sum if available
Adjust load_internal() to check the sha256sum value if we have it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:13:35 -05:00
Dan McGee
f37c501657 Show 'None' in Signatures -Qip/-Si output if none found
This is to be as consistent as possible across both types of display.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:12:37 -05:00
Dan McGee
fa4aad5b50 decode_signature: guess signature data length for efficiency
We may end up allocating 1 or 2 extra bytes this way, but it is worth it
to simplify the method and not have to call base64_decode() a second
time. Use the hueristic that base64 encoding produces 3 bytes of decoded
data for every 4 bytes of encoded data.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
f3f39cef84 Remove checksum access indirection
These items are never present in anything but sync databases, nor do we
even try to load them from the local database. Remvoe the indirection
meant to allow the caching layer to work since it will never do anything
anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dave Reisner
7de92cb223 lib/sync: reset flag after rejecting a replace
This prevents iteration through the remainder of the current tree, with
pacman claiming that they're all replacements to the original
replacement candidate.

:: Synchronizing package databases...
 allanbrokeit is up to date
 testing is up to date
 core is up to date
 extra is up to date
 community-testing is up to date
 community is up to date
:: Starting full system upgrade...
:: Replace util-linux-git with core/util-linux? [Y/n] n
:: Replace util-linux-git with core/vi? [Y/n] n
:: Replace util-linux-git with core/vpnc? [Y/n] n
:: Replace util-linux-git with core/wget? [Y/n] n
:: Replace util-linux-git with core/which? [Y/n] n
:: Replace util-linux-git with core/wireless-regdb? [Y/n] n
:: Replace util-linux-git with core/wireless_tools? [Y/n] n
:: Replace util-linux-git with core/wpa_actiond? [Y/n] n
:: Replace util-linux-git with core/wpa_supplicant? [Y/n] n
:: Replace util-linux-git with core/xfsprogs? [Y/n] n
:: Replace util-linux-git with core/xinetd? [Y/n] n
:: Replace util-linux-git with core/xz? [Y/n] n
:: Replace util-linux-git with core/zd1211-firmware? [Y/n] n
:: Replace util-linux-git with core/zlib? [Y/n] n
 there is nothing to do

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
ebb2e36cc4 Load and allow access to sha256sum
This adds a field in the package struct for this checksum type as well
as allowing access via the API to it. The frontend is now able to
display any read value. Note that this does not implement any use or
verification of the value internally.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:55 -05:00
Dan McGee
31f2e0cba3 Add ALPM sha256sum routines
These mirror ones we already have for md5sums.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:07:13 -05:00