If a .sig file sits side-by-side on the filesystem with a package archive,
read it in during the package struct creation process so we can verify it at
a later time if necessary.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
We will need these for GPG functionality (decoding the base64 encoded
signature stored in the databases).
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Implements FS#23103. Also modify libalpm so it ignores this value
without any warning as we know it is likely to exist.
Signed-off-by: Dan McGee <dan@archlinux.org>
Fix the way we were referring to paths (use ``), .pac* extensions (use
''), and other general things across our main manpages.
Signed-off-by: Dan McGee <dan@archlinux.org>
Make it actually like all our other tools rather than some homegrown
format. Also make it translator friendly by not wrapping messages across
lines in different strings.
Signed-off-by: Dan McGee <dan@archlinux.org>
Make the usage output display nicely on 80 character width terminals.
Also fix parsing of "-h" and "-v" options and avoid root check when
run with no commands.
Signed-off-by: Allan McRae <allan@archlinux.org>
The --reload command was refactored to allow a more flexible management.
There are two sets of keys that will be added, one that will be
removed and one that will be kept.
The set of keys to be kept are configured in pacman.conf, with the
option HoldKeys, with the same meaning of HoldPkgs. It can be repeated
and several values can be put in the same entry.
The new behavior allows a key to be marked for removal, but the user
can decide if that key must be kept. For example, if a developer has
a public repository, signed with his own key, that key must be added
to the HoldKeys option. If the key is marked for removal from pacman's
keyring, it will not be removed for the users that have configured
HoldKeys correctly.
There are other minor fixes, mainly in the handling of --add command
when there is no aditional parameter. In that case, pacman-key will
behave just like gpg, adding the contents of stdin into pacman's keyring.
Signed-off-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
The script pacman-key will manage pacman's keyring. It imports, exports,
fetches from keyservers, helps in the process of trusting and updates
the trust database.
Signed-off-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This is intended to verify an existing signature on a database before
making further changes to it and performing updates. Rarely would you
use this without immediately resigning it via the -s/--sign option.
Instead, it is intended as a "chain of trust" operation where the
previous signature is verified to give you some sense that what you sign
off on is also safe.
Still todo: don't make changes unless the signature is not only good,
but also in the accepted list of keys.
Signed-off-by: Dan McGee <dan@archlinux.org>
In order to be fully secure, we can't only sign packages. We also need
to sign our repository metadata to prevent database falsification,
dependency injection, etc. Add an '-s/--sign' option that allows this
functionality, and will generate a .sig file side-by-side with the
package database.
While at it, fix the issue where a signature file would never be found
because of 'cd' madness (this needs fixing in another commit).
Signed-off-by: Dan McGee <dan@archlinux.org>
Use base64 encoding to store the value in the database if a .sig file exists
for the package being added.
Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a rather simple patch to add signing support to makepkg. Add a
create_signature() to makepkg, add a 'sign' BUILDENV option in makepkg.conf,
and document the changes in the makepkg.conf manpage.
Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr>
Signed-off-by: Dan McGee <dan@archlinux.org>
Wrap lines of long length, noticed while creating and messing around
with some of the other maint branch patches.
Signed-off-by: Dan McGee <dan@archlinux.org>
Noticed with the openoffice/libreoffice replacement scheme where many
packages are listed as replacements to one package, thus electing it for
removal multiple times. Ensure a given package is not already present
before placing it in the removal list.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a rather serious data corruption issue that luckily manifested
itself today in a noticable way. A package in testing had replaces
entries read in as ["%RE pkgname", "%RE"] which was clearly wrong. This
happens when we hit the end of an archive block, do not have a newline,
and have to continue reading from the next block to complete the line.
Signed-off-by: Dan McGee <dan@archlinux.org>
Drawing progress bars before calling curl_easy_perform() is needless as
the curl progress callback is called with zero progress before actually
downloading the file anyways. Fixes display of "0%" progress bars when
sync'ing package databases that are already up to date.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
Remove unnecessary output when using -Sp. Fixes FS#23340.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is by no means a guarantee of this behavior remaining the same in
the future, but it is easy enough to do what we used to in this case by
delaying any sort of error condition until after we are completely done
parsing options. Addresses FS#23370.
Signed-off-by: Dan McGee <dan@archlinux.org>
This was discussed and more or less agreed upon on the mailing list. A
huge checkin, but if we just do it and let people adjust the pain will
end soon enough. Rebasing should be relatively straighforward for anyone
that sees conflicts; just be sure you use the new return style if
possible.
The following semantic patch was used to do the change, along with some
hand-massaging in order to preserve parenthesis where appropriate:
The semantic match that finds this problem is as follows, although some
hand-massaging was done in order to keep parenthesis where appropriate:
(http://coccinelle.lip6.fr/)
// <smpl>
@@
expression a;
@@
- return(a);
+ return a;
// </smpl>
A macros_file was also provided with the following content:
Additional steps taken, mainly for ASSERT() macros:
$ sed -i -e 's#return(NULL)#return NULL#' lib/libalpm/*.c
$ sed -i -e 's#return(-1)#return -1#' lib/libalpm/*.c
Signed-off-by: Dan McGee <dan@archlinux.org>