This is the first step in a long process to remove our dependence on the
global handle variable we currently share in libalpm, with the goal to
make things a bit more thread-safe and re-entrant.
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently we have one call that has all sorts of crazy behavior and doesn't
make a whole lot of sense. Go from one method to the normal four methods we
have for all of our other lists we use in the library to make it a lot
easier for a frontend to manipulate server lists.
Signed-off-by: Dan McGee <dan@archlinux.org>
Both md5sum verification and PGP verification can and should be done at
package load time. This allows verification to happen as early as
possible for packages provided by filename and loaded in the frontend,
and moves more stuff out of sync_commit that doesn't really belong
there. This should also set the stage for simplified parallel loading of
packages later down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
Given that we offer no transparency into the pmpgpsig_t type, we don't
really need to expose it outside of the library, and at this point, we
don't need it at all. Don't decode anything except when checking
signatures. For packages/files not from a sync database, we now just
read the signature file directly anyway.
Also push the decoding logic down further into the check method so we
don't need this hanging out in a less than ideal place. This will make
it easier to conditionally compile things down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
The various "level" values were a bit crazy to decipher, and we were
doing some very interesting comparisons in certain places. Break it out
into two parameters instead so we can seperate the type from the extra
information display, and do things accordingly.
Nothing changes with the display of any of the five types we currently
show: -Si, -Sii, -Qi, -Qii, -Qip.
Something to note- we should expose the PKG_FROM enum type somehow, this
patch leaves the door open to do that quite easily.
Signed-off-by: Dan McGee <dan@archlinux.org>
* add _alpm_db_get_sigverify_level
* add alpm_option_{get,set}_default_sigverify
And set the default verification level to OPTIONAL if not set otherwise.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently the only error case then when handle == NULL.
However several handle functions return -1 on this error,
and a uniform API makes things simpler.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This will serve as the home directory we pass to GPGME when making calls so
we can have a libalpm-utilized keyring.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add PM_ERR_LIBCURL to error enum and handle case in error.c by returning
curl_easy_strerror() based on the error number carried by the gloabl alpm
handle.
Signed-off-by: Dave Reisner <d@falconindy.com>
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.
Signed-off-by: Dan McGee <dan@archlinux.org>
There's no API functions exposed which allow manipulation of this type,
so remove it from public view. Also, rename the public and private
alpm_db_get_pkgcache symbol to alpm_db_get_pkgcache_has.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Read the package information for sync/local databases into a pmpkghash_t
structure.
Provide a alpm_db_get_pkgcache_list() method that returns the list from
the hash object. Most usages of alpm_db_get_pkgcache are converted to
this at this stage for ease of implementation. Review whether these are
better accessing the hash table directly at a later stage.
Signed-off-by: Allan McRae <allan@archlinux.org>
This flag allows to disable version checking in dependency resolving
code.
depcmp_tolerant respects the NODEPVERSION flag but we still keep the
original strict depcmp. The idea is to reduce the impact of the
NODEPVERSION flag by using it in fewer places.
I replaced almost all depcmp calls by depcmp_tolerant in deps.c (except
in the public find_satisfier used by deptest / pacman -T), but I kept
depcmp in sync.c and conflict.c
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
It's likely that these interfaces will break sooner or later, now that
pacman no longer uses them.
So better force the two people who use them to migrate their code to the
new add_pkg/remove_pkg interface, which is very easy anyway.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Old interface is marked as deprecated:
int alpm_sync_target(char *target);
int alpm_sync_dbtarget(char *db, char *target);
int alpm_add_target(char *target);
int alpm_remove_target(char *target);
New recommended interface:
int alpm_add_pkg(pmpkg_t *pkg);
int alpm_remove_pkg(pmpkg_t *pkg);
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
For consistency with alpm_add_pkg.
The new recommended interface is alpm_add_pkg / alpm_remove_pkg, all
others interfaces are deprecated.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This group function is meant to help group handling from frontend : it
scans all dbs, handling ignored packages and duplicate members (the
first repo where a member is found has the priority).
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This new function is meant to deprecate all existing
sync/add target functions :
int alpm_sync_target(char *target);
int alpm_sync_dbtarget(char *db, char *target);
int alpm_add_target(char *target);
Rather than dropping these 3 interfaces, it might be better to rewrite
them using alpm_add_pkg for now.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This is a public interface for resolvedep. It looks nicer to expose it
this way rather than through sync_target.
This function can also be helpful for external tools as it should give
good results close to how pacman select a package for satisfying a given
dep.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
If there are multiple providers in one db, pacman used to just stop at
the first one (both during dependency resolution or for pacman -S
'provision' which uses the same code).
This adds a new conversation callback so that the user can choose which
provider to install. By default (user press enter or --noconfirm), the
first provider is still chosen, so for example the behavior of sync402
and 403 is preserved. But at least the user now has the possibility to
make the right choice in a manual run.
If one of the provider is already installed, it is picked for
reinstall/upgrade, so that provision 002/003 pactest now pass.
$ pacman -S community/smtp-server
:: There are 3 providers available for smtp-server:
1) courier-mta 2) esmtp 3) exim
Which one do you want to install?
Enter a number (default=1):
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Perform the cheap struct and string setup of the local DB at handle
initialization time to match the teardown we do when releasing the handle.
If the local DB is not needed, all real initialization is done lazily after
DB paths and other things have been configured anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
Instead, go the same route we have always taken with version-release in
libalpm and treat it all as one piece of information. Makepkg is the only
script that knows about epoch as a distinct value; from there on out we will
parse out the components as necessary.
This makes the code a lot simpler as far as epoch handling goes. The
downside here is that we are tossing some compatibility to the wind;
packages using force will have to be rebuilt with an incremented epoch to
keep their special status.
Signed-off-by: Dan McGee <dan@archlinux.org>
This can take a while too, and it is really easy to add the necessary
callback stuff for adding a progressbar.
Signed-off-by: Dan McGee <dan@archlinux.org>
There is a lot of swtiching between size_t and int for alpm_list sizes
in the codebase. Start converting these to all be size_t by adjusting
the return type of alpm_list_count and fixing all additional warnings
given by -Wconversion that are generated by this change.
Dan: a few more small changes to ensure things compile, adjusting some
printf format string characters to accommodate the larger size on x86_64.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>