1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-15 22:05:02 -05:00
Commit Graph

1869 Commits

Author SHA1 Message Date
Dan McGee
11f4a7a48e Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum

Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 15:15:11 -05:00
Rémy Oudompheng
855bc16a9e libalpm: fix a remaining old syntax of RET_ERR() macro
It would prevent compilation of pacman on FreeBSD, and possibly other
systems.

Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:55:14 -05:00
Dave Reisner
5fc3ecf7f8 lib/sync: ignore download errors for as long as possible
Previously, the behavior was such that if a sync operation required
packages from multiple repos, a download error in the first repo would
cause a hard repo, ignoring the remainder of the repositories. Change
this behavior so that we do a better job of fetching as many packages as
possible before aborting the transaction.

There's a little bit of refactoring mixed in here to get rid of some
useless variables. Since we now depend heavily on the value of
handle->pm_errno being accurate the determine the function's return
value, we clear it when the transaction state is set.

Fixes FS#25532.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:54:21 -05:00
Dan McGee
796eaaed40 Further fixes to replacement iteration
A partial fix for this was in commit 7de92cb22, but this should fix the
remaining cases. There are still several issues dealing with "provision
as replacement" selection however.

Addresses FS#25538 and FS#25527.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:47:19 -05:00
Dan McGee
a628feee46 Parse conflicts/provides/replaces at database load time
We did this with depends way back in commit c244cfecf6 in 2007. We
can do it with these fields as well.

Of note is the inclusion of provides even though only '=' is supported-
we'll parse other things, but no guarantees are given as to behavior,
which is more or less similar to before since we only looked for the
equals sign.

Also of note is the non-inclusion of optdepends; this will likely be
resolved down the road.

The biggest benefactors of this change will be the resolving code that
formerly had to parse and reparse several of these fields; it only
happens once now at load time. This does lead to the disadvantage that
we will now always be parsing this information up front even if we never
need it in the split form, but as these are uncommon fields and our
parser is quite efficient it shouldn't be a big concern.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:56:41 -05:00
Dan McGee
bd5ec9cd8e Validate the sha256sum if available
Adjust load_internal() to check the sha256sum value if we have it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:13:35 -05:00
Dan McGee
fa4aad5b50 decode_signature: guess signature data length for efficiency
We may end up allocating 1 or 2 extra bytes this way, but it is worth it
to simplify the method and not have to call base64_decode() a second
time. Use the hueristic that base64 encoding produces 3 bytes of decoded
data for every 4 bytes of encoded data.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
f3f39cef84 Remove checksum access indirection
These items are never present in anything but sync databases, nor do we
even try to load them from the local database. Remvoe the indirection
meant to allow the caching layer to work since it will never do anything
anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dave Reisner
7de92cb223 lib/sync: reset flag after rejecting a replace
This prevents iteration through the remainder of the current tree, with
pacman claiming that they're all replacements to the original
replacement candidate.

:: Synchronizing package databases...
 allanbrokeit is up to date
 testing is up to date
 core is up to date
 extra is up to date
 community-testing is up to date
 community is up to date
:: Starting full system upgrade...
:: Replace util-linux-git with core/util-linux? [Y/n] n
:: Replace util-linux-git with core/vi? [Y/n] n
:: Replace util-linux-git with core/vpnc? [Y/n] n
:: Replace util-linux-git with core/wget? [Y/n] n
:: Replace util-linux-git with core/which? [Y/n] n
:: Replace util-linux-git with core/wireless-regdb? [Y/n] n
:: Replace util-linux-git with core/wireless_tools? [Y/n] n
:: Replace util-linux-git with core/wpa_actiond? [Y/n] n
:: Replace util-linux-git with core/wpa_supplicant? [Y/n] n
:: Replace util-linux-git with core/xfsprogs? [Y/n] n
:: Replace util-linux-git with core/xinetd? [Y/n] n
:: Replace util-linux-git with core/xz? [Y/n] n
:: Replace util-linux-git with core/zd1211-firmware? [Y/n] n
:: Replace util-linux-git with core/zlib? [Y/n] n
 there is nothing to do

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
ebb2e36cc4 Load and allow access to sha256sum
This adds a field in the package struct for this checksum type as well
as allowing access via the API to it. The frontend is now able to
display any read value. Note that this does not implement any use or
verification of the value internally.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:55 -05:00
Dan McGee
31f2e0cba3 Add ALPM sha256sum routines
These mirror ones we already have for md5sums.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:07:13 -05:00
Dan McGee
ff88228abd Add sha2 (sha256) routines from PolarSSL
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:07:13 -05:00
Dave Reisner
20b5cc96be pacman/package: show presence of signature in in -Si
adds a new API method: alpm_pkg_get_base64_sig

[Dan: don't use a new header string in frontend]

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:06:23 -05:00
Dave Reisner
05f87e0b09 alpm.h: fix inconsistency in function prototype
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:30:58 -05:00
Dave Reisner
6bf60568f8 lib/dload: avoid deleting .part file on too-slow xfer
Take this opportunity to refactor the if/then/else logic into a
switch/case which is likely going to be needed to fine tune more
exceptions in the future.

Fixes FS#25531

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:26:08 -05:00
Dan McGee
83f076d3a8 Update base64 PolarSSL code
Also adjust our code using it for the size_t adjustments made by
upstream.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:24:49 -05:00
Dan McGee
835365b817 Update MD5 routines with changes from PolarSSL
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 20:17:21 -05:00
Dan McGee
f3fa77bcf1 Add -S --recursive operation
This closely matches what we had before for -R --recursive. Basically,
when specifying a target (e.g., pacman), we can now recursively pull all
dependencies, regardless of version specifiers and whether they are
already satisfied in the local database. This could be used to update
pacman on a system with an old glibc, for example, as both pacman and
glibc would get pulled into the transaction.

This is most useful with --needed to prevent needless reinstalls as
described in the man page changes.

The end goal of this change is to wire it into SyncFirst and have it be
the default mode of operation there, but that belongs in a separate
changeset.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:19:04 -05:00
Dan McGee
1f6afe6b0b Dependency code style cleanups
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:55 -05:00
Dave Reisner
edd9ed6a3b stop progress callbacks after curl_easy_perform returns
This prevents possible null dereferences in FTP transfers when the
progress callback is touched during connection teardown.

http://curl.haxx.se/mail/lib-2011-08/0128.html

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:21 -05:00
Dave Reisner
c4112da8c3 dload: remove unnecessary cast in alpm_load_payload_free
Dan: make it compile, s/load/payload/.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:00 -05:00
Dan McGee
5c1b83d9b1 Parse replaces strings as dep strings with version specs
This is done extremely crudely and is not very efficient, but it does
push us down the path of being closer to right, as one additional test
now passes.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:13:25 -05:00
Dan McGee
ce74f76a4c Conflict comparison performance enhancements
* Add *_hash fields to conflict struct and populate them
* Remove unnecessary backwards string comparisons

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:11:22 -05:00
Dan McGee
76dfea6e83 Update string catalogs after string tweaks
This also pulls in some early translations we had entered in Transifex
in the last day so those would not be lost. The diffstat is huge and not
very telling as usual, as all sorts of fuzzyness switches happened this
time around for some reason.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:00:48 -05:00
Dan McGee
96c4b1c303 Don't walk off front of string when stripping newline
If the string was zero-length to begin with, or consists of only newline
characters, nothing stopped us from incrementing right off the front of
the string. Ensure len stays above zero the whole time.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:41:18 -05:00
Dan McGee
6803260f26 Fix compile error when curl is not used
Noticed in my PowerPC Linux VM:

    cc1: warnings being treated as errors
    dload.c:45: error: 'get_filename' defined but not used
    make[3]: *** [dload.lo] Error 1

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:40:21 -05:00
Dan McGee
40ea6cd607 Depend on name_hash being set
This is a fairly valid assumption at this point, or at least as good of
one as assuming packages all have names.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:38:54 -05:00
Dan McGee
5f38660be1 Add reason to corrupted package callback
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 19:55:44 -05:00
Dan McGee
9d09c9fdf7 Attempt to fix up some of the brokenness around failed package loads
This is a bit of a mess, due to the fact that we have a progress meter
running. It is also ironic that we are in the midst of a method named
"commit" when we haven't done a damn thing yet, and can still fail hard
if either a checksum or signature is invalid or unrecognized.

Adapt the former test_md5sum method to be invoked for any of the various
failure types, which at least gives the user some indication of what
packages are failing. A second patch will be needed to actually show
worthwhile error codes, but this is going to involve modifying the
actual data passed with the callback.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 19:42:52 -05:00
Dan McGee
9a40927533 Update all translation files
This moves us toward staring translations for the 4.0.0 release,
although this should not be interpreted as a string freeze by any means.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 17:17:15 -05:00
Dan McGee
09f950af07 _alpm_access(): don't call gettext() in debug level loggers
This is standard procedure elsewhere and cuts down on translations that
won't be seen (and we don't want if we need English debug output
anyway).

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 17:11:14 -05:00
Dan McGee
8fa330335f Merge branch 'maint'
Conflicts:
	lib/libalpm/dload.c
	lib/libalpm/po/fi.po
	lib/libalpm/po/libalpm.pot
	po/de.po
	po/fi.po
	src/pacman/po/pacman.pot
	src/pacman/util.c
2011-08-08 17:05:25 -05:00
Dan McGee
ef4757afa5 Store a package info level flag if we fail to load data
If we are missing a local database file, we get repeated messages over
and over telling us the same thing, rather than being sane and erroring
only once. This package adds an INFRQ_ERROR level that is added to the
mask if we encounter any errors on a local_db_read() operation, and
short circuits future calls if found in the value. This fixes FS#25313.

Note that this does not make any behavior changes other than suppressing
error messages and repeated code calls to failure cases; we still have
more to do in the "local database is hosed" department.

Also make a small update to the wrong but unused flags set in
be_package; using INFRQ_ALL there was not totally correct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 16:56:48 -05:00
Dan McGee
67445334e7 Update translations from transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 16:39:04 -05:00
Dan McGee
07a1292721 Check return value of rename() calls
We did a good job checking this in add.c, but not necessarily anywhere
else. Fix this up by adding checks into dload.c, remove.c, and conf.c in
the frontend. Also add loggers where appropriate and make the message
syntax more consistent.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 13:29:45 -05:00
Dan McGee
cbaff216b3 Don't trim whitespace when reading database entries
We don't write with extra or unknown whitespace, so there is little
reason for us to trim it when reading either. This also fixes the
hopefully never encountered "paths that start or end with spaces" issue,
for which two pactests have been added. The tests also contain other
evil characters that we have encountered before and handle just fine,
but it doesn't hurt to ensure we don't break such support in the future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-02 08:20:34 -04:00
Dan McGee
66d9995711 Revamp signing checks
This ensures we are actually making correct use of the information gpgme
is returning to us. Marginal being allowed was obvious before, but
Unknown should deal with trust level, and not the presence or lack
thereof of a public key to validate the signature with.

Return status and validity information in two separate values so check
methods and the frontend can use them independently. For now, we treat
expired keys as valid, while expired signatures are invalid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28 18:46:52 -05:00
Dan McGee
a3def7ac87 Make free_groupcache() private
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28 15:01:31 -05:00
Lukas Fleischer
005eab0a08 libalpm: Set ret correctly in download_internal()
Immediately jump to the cleanup code after setting the return code to -1
in case rename() fails. Otherwise, it will be reset to 0 right after we
leave the if branch.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-25 08:48:02 -05:00
Dan McGee
bb3dada871 Convert package filelists to an array instead of linked list
This accomplishes quite a few things with one rather invasive change.

1. Iteration is much more performant, due to a reduction in pointer
   chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
   linked list as the file struts are now laid out consecutively in
   memory.
3. Memory allocation has been massively reworked. Before, we would
   allocate three different pieces of memory per file item- the list
   struct, the file struct, and the copied filename. What this resulted
   in was massive fragmentation of memory when loading filelists since
   the memory allocator had to leave holes all over the place. The new
   situation here now removes the need for any list item allocation;
   allocates the file structs in contiguous memory (and reallocs as
   necessary), leaving only the strings as individually allocated. Tests
   using valgrind (massif) show some pretty significant memory
   reductions on the worst case `pacman -Ql > /dev/null` (366387 files
   on my machine):

   Before:
     Peak heap:   54,416,024 B
	 Useful heap: 36,840,692 B
	 Extra heap:  17,575,332 B

   After:
     Peak heap:   38,004,352 B
	 Useful heap: 28,101,347 B
	 Extra heap:   9,903,005 B

Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-21 15:04:30 -05:00
Dan McGee
70d6fe6632 Clean up my debug logger mess
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-19 00:23:42 -05:00
Dan McGee
05f7c0280e Fix test suite when GPGME is disabled
As noted by Allan, we failed pretty hard if gpgme was compiled out. With
these changes, only sign001.py fails. This can/will be fixed later once
we beef up the test suite with more signing tests anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 21:06:24 -05:00
Florian Pritz
dad96ccce2 replace access() calls for debug info where applicable
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:44:28 -05:00
Florian Pritz
89c070b263 signing.c: check if needed files are readable
If we can't read the keyring, gpgme will output confusing debug
information and fail to verify the signature, so we should log some
debug information.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:44:07 -05:00
Florian Pritz
29a96bcfe1 add _alpm_access() wrapper
This is a wrapper function for access() which logs some debug
information and eases handling in case of split directory and filename.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:42:48 -05:00
Allan McRae
c0fe1743e5 Fix compilation without gpgme
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:36:41 -05:00
Dan McGee
1c39e4fbad Handle removal of empty directories properly
This addresses FS#25141. We shouldn't remove every empty directory we
come across during the removal process unless it is truly not known to
any other package. This will prevent removal of essential directories
such as '/var/lock/'.

This is accomplished by first checking the empty/non-empty status of a
directory, which was previously done implicitly by calling rmdir() and
ignoring errors. We do this to avoid the next (new) check in most cases,
which is to look at all local packages to see if the to-be-removed
directory is present in another packages' filelist. If we do not find it
anywhere, then we remove it, else we keep the file around.

The pactest has been updated to test more cases, as well as finding a
flaw in the original expected to fail case- we need separate DIR and
FILE based EXIST rules.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:34:05 -05:00
Dan McGee
8f72ffbc45 Make alpm_db_set_pkgreason() arguments more sane
This can only ever operate on the local database, and a local package at
that. Change the function signature to take a handle and package object,
add the relevant asserts, and ensure the frontend can detect the package
not found condition when finding packages to pass to this method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14 15:59:57 -05:00
Dan McGee
af357d6ab0 Allow fileconflict if unowned file moving into backup array
The bulk of this commit is adding new tests to ensure the new behavior
works without disrupting old behavior. This is a relatively sane maneuver
when a package adds a conf file (e.g. '/etc/mercurial/hgrc') that was
not previously in the package, but it is placed in the backup array. In
essence, we can treat the existing file as having always been a part of
the package and do our normal compare/install as pacnew logic checks.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14 15:34:04 -05:00
Dan McGee
00628c7268 Unify package removal code
This code duplication has always been a rather clumsy casuality of
fixing some past upgrade issues. Unify the removal code across upgrade
and remove operations into  a new _alpm_remove_single_package() method
wihch makes it very clear how we handle upgrade and remove differently,
via several conditionals on newpkg.

This commit highlights interesting behavior such as the fact that the
implicit removal in every package upgrade never gets transaction events
or progress callbacks.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-06 09:26:09 -05:00