It's your own damn fault if you do this, and this code is remnants from
an old time when we weren't very good at coding.
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes the need to strdup() the section name at every decent into
an Include statement, as well as having duplicate DB pointers around
that are never used independently.
Signed-off-by: Dan McGee <dan@archlinux.org>
This needlessly prevents the easiest way available of clearing any of these
values. We can also do the same for the 'arch' value.
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently we have one call that has all sorts of crazy behavior and doesn't
make a whole lot of sense. Go from one method to the normal four methods we
have for all of our other lists we use in the library to make it a lot
easier for a frontend to manipulate server lists.
Signed-off-by: Dan McGee <dan@archlinux.org>
The switch from FUNCTION to DEBUG was ill-advised inside the local
database load. Instead, add a DEBUG level logger to both local and sync
database loads that shows the number of packages processed.
Signed-off-by: Dan McGee <dan@archlinux.org>
This ensures we call any alpm_option type functions before registering
databases, making sure all paths and other defaults (e.g. sig
verification levels) have been set first. This will ensure we can
continue to allow crazy config files where [options] doesn't come first.
The diffstat on this commit is misleading; view with
-w/--ignore-all-space to get a better idea of what needed to be touched.
Signed-off-by: Dan McGee <dan@archlinux.org>
This moves the generated root/ directory into /tmp, or at least a path
returned by tempfile.mkdtemp(), by default. This can make test runs
significantly faster if done when /tmp is a tmpfs.
If you are debugging a failed test, use the new --keep-root option to
not clean up and pactest will print the location of the generated root/
test directory.
Signed-off-by: Dan McGee <dan@archlinux.org>
We were erroring out in the case where a first (possibly bogus) mirror
would cause the download process to return a failure code, even though
subsequent servers had the file.
Signed-off-by: Dan McGee <dan@archlinux.org>
This started off removing the "(void)foo" hacks to work around
unused function parameters and ended up fixing every warning
generated by -Wunused-parameter.
Dan: rename to UNUSED.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Use a few structs to hold configuration values we change given certain
options so we can be const-correct with string assignment across the
board. Behavior should be completely unchanged.
Signed-off-by: Dan McGee <dan@archlinux.org>
We had a lot of similar looking code that we can collapse down into a
function. This also fixes errors seen when turning on some gcc warnings
and implicitly casting away the const-ness of the string. Free the list
when we are done with it as well.
Also, fix a logic error where we should be checking with &&, not ||.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add quotes around $srcdir/$pkgdir (FS#23960) and use a package()
function.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Change "which" to "that" when used in a restrictive clause.
Replace usage of the relative prounoun "those" with a common noun for
added clarity.
Signed-off-by: Matt Mooney <mfm@muteddisk.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This makes it possible to omit usage of -lgpgme, just as we can do for
-lcurl and -lcrypto.
Thanks to Rémy Oudompheng for an initial stab at this.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add some lookup functions for nice names for the various types used by
the library, and remove some fields that are of little use to us in the
debug output. This should make looking at key loading and verification a
bit easier, especially in determining what makes up our good and bad
criteria.
Signed-off-by: Dan McGee <dan@archlinux.org>
Both md5sum verification and PGP verification can and should be done at
package load time. This allows verification to happen as early as
possible for packages provided by filename and loaded in the frontend,
and moves more stuff out of sync_commit that doesn't really belong
there. This should also set the stage for simplified parallel loading of
packages later down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
More stuff going on in the pre-committing stage that can be in a static
method to make things a bit more clear.
Signed-off-by: Dan McGee <dan@archlinux.org>
This part is almost completely self-contained, except building the list
of delta filenames that we use later to check their md5sums. Refactor it
into a static method so we can bring most of the code in sync_commit
closer to the method name.
Signed-off-by: Dan McGee <dan@archlinux.org>
Given that we offer no transparency into the pmpgpsig_t type, we don't
really need to expose it outside of the library, and at this point, we
don't need it at all. Don't decode anything except when checking
signatures. For packages/files not from a sync database, we now just
read the signature file directly anyway.
Also push the decoding logic down further into the check method so we
don't need this hanging out in a less than ideal place. This will make
it easier to conditionally compile things down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
Rather than go through all the hassle of doing this ourselves, just let
GPGME handle the work by passing it a file handle.
Signed-off-by: Dan McGee <dan@archlinux.org>
Also unify the usage output with that given by repo-add itself.
Dan: use 'options', not 'option(s)'.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Check for the presence of gpg as soon as we know we need it.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add -k/--key option to specify a non-default key for signing
a package database.
Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Listing every option on the usage line becomes unweildly as more
options get added so simplify it. Also, provide a standard package
name in the repo-add example.
Dan: just use 'options' as we use elsewhere, not 'option(s)'.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The various "level" values were a bit crazy to decipher, and we were
doing some very interesting comparisons in certain places. Break it out
into two parameters instead so we can seperate the type from the extra
information display, and do things accordingly.
Nothing changes with the display of any of the five types we currently
show: -Si, -Sii, -Qi, -Qii, -Qip.
Something to note- we should expose the PKG_FROM enum type somehow, this
patch leaves the door open to do that quite easily.
Signed-off-by: Dan McGee <dan@archlinux.org>
There's a lot of related moving parts here:
* Iteration through mirrors is moved back to the calling functions. This
allows removal of _alpm_download_single_file and _alpm_download_files.
* The download function gets a few more arguments to influence behavior.
This allows several different scenarios to customize behavior:
- database
- database signature (req'd and optional)
- package
- package via direct URL
- package signature via direct URL (req'd and optional)
* For databases, we need signatures from the same mirror, so structure
the code accordingly.
Some-inspiration-from: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
The allow_resume is the start of the fix to the "don't ever resume
database downloads" problem, as well as being useful for '.sig'
downloads as well. For now, we say "always allow resume", but this will
eventually get pushed down as necessary.
Error checks are reworked in order to correctly error out when a file is
not found on the remote end and reports 0 bytes downloaded. In addition,
the two error messages printed are now different as one reports a more
specific error message provided via the cURL error buffer.
Some example output from an -Sy run with [testing], [community],
[community2], [eee], and [nonexistant] defined as repos. [community2]
and [nonexistant] are both invalid, one using FTP and one using HTTP.
:: Synchronizing package databases...
testing is up to date
community is up to date
error: failed retrieving file 'community2.db' from ftp.archlinux.org : Given file does not exist
error: failed to update community2 (FTP: couldn't retrieve (RETR failed) the specified file)
eee is up to date
error: failed retrieving file 'nonexistant.db' from code.toofishes.net : The requested URL returned error: 404
error: failed to update nonexistant (HTTP response code said error)
Signed-off-by: Dan McGee <dan@archlinux.org>
The value PM_PGP_VERIFY_UNKNOWN is reserved to error cases,
now that the signature verification level defaults to the
globally set level. The only error case is when handle == NULL,
which is false in the context of _alpm_sync_commit().
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
