Because we aren't using gpgv and a dedicated keyring that is known to be
all safe, we should honor this flag being set on a given key in the
keyring to know to not honor it. This prevents a key from being
reimported that a user does not want to be used- instead of deleting,
one should mark it as disabled.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is for eventual use by the PGP key import code. Breaking this into
a separate commit now makes the following patches a bit easier to
understand.
Signed-off-by: Dan McGee <dan@archlinux.org>
pm_asprintf() does not return a length as asprintf() does. Fail. Make
sure it is not -1 as that is the only failure condition.
Signed-off-by: Dan McGee <dan@archlinux.org>
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.
Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.
Signed-off-by: Dan McGee <dan@archlinux.org>
alpm_list_count() returns size_t, which we should use to store the
result since it is easy enough to format for printing.
Signed-off-by: Dan McGee <dan@archlinux.org>
This adds a some new callback event and progress codes for package
loading, which was formerly bundled in with package validation before.
The main sync.c loop where loading occurred is now two loops running
sequentially. The behavior should not change with this patch outside of
progress and event display; more changes will come in following patches.
Signed-off-by: Dan McGee <dan@archlinux.org>
Do this outside the loop to prevent the message from being displayed
(and pluralized!) for each individual package.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
None of these are hot-code paths, and at least the target reading has
little need for an arbitrary length limitation (however crazy it might
be to have longer arguments).
Signed-off-by: Dan McGee <dan@archlinux.org>
There is no need to print them into buffers; we can use the values
returned by gettext() directly without issue.
Signed-off-by: Dan McGee <dan@archlinux.org>
Display now looks like this, whereas before we would have just showed
'2M/s' for the extra repository download. The cutoff is placed at 100.0
to ensure we only use 4 character slots of width (e.g. '99.9', '100').
:: Synchronizing package databases...
testing 39.9 KiB 470K/s 00:00 [######################] 100%
core 51.4 KiB 469K/s 00:00 [######################] 100%
extra 768.8 KiB 2.1M/s 00:00 [######################] 100%
community-testing 1941.0 B 54.4M/s 00:00 [######################] 100%
multilib 26.6 KiB 458K/s 00:00 [######################] 100%
community 449.8 KiB 1649K/s 00:00 [######################] 100%
Signed-off-by: Dan McGee <dan@archlinux.org>
This will be the first thing printed when doing an upgrade. Currently
there is no output at all until we start resolving dependencies, which
can be a while in if specifying very large targets on the command line,
in which case it is nice to let the user know we are doing something.
Addresses FS#25822 in the most KISS way possible.
Signed-off-by: Dan McGee <dan@archlinux.org>
We don't need to keep track of how many files are in a package now that
said value is provided to us. It also makes more sense to use size_t
here for types rather than the (hopefully never too short) int.
Signed-off-by: Dan McGee <dan@archlinux.org>
Put all the callback stuff in alpm.h in one spot, and make the following
renames for clarity with the new structure:
ALPM_TRANS_EVT_* --> ALPM_EVENT_*
ALPM_TRANS_CONV_* --> ALPM_QUESTION_*
ALPM_TRANS_PROGRESS_* --> ALPM_PROGRESS_*
alpm_option_get_convcb() --> alpm_option_get_questioncb()
alpm_option_set_convcb() --> alpm_option_set_questioncb()
Signed-off-by: Dan McGee <dan@archlinux.org>
This was just disgusting before, unnecessary to limit these to only
usage in a transaction. Still a lot of more room for cleanup but we'll
start by attaching them to the handle rather than the transaction we may
or may not even want to use these callbacks.
Signed-off-by: Dan McGee <dan@archlinux.org>
Call strlen earlier in the dl progress callback, and reuse this length
to replace some heavier str*() calls with more optimized mem*()
replacements. This also gets rid of a false assumption that the ending
string will ever be longer than the original string.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
When the database is locked, sync operations involving transactions, such as
pacman -Syy, show the following:
:: Synchronizing package databases...
error: failed to update core (unable to lock database)
error: failed to update extra (unable to lock database)
error: failed to update community (unable to lock database)
error: failed to update multilib (unable to lock database)
error: failed to synchronize any databases
Whereas pacman -U <pkg> shows:
error: failed to init transaction (unable to lock database)
if you're sure a package manager is not already
running, you can remove /var/lib/pacman/db.lck
Which is much more meaningful, since the presence of db.lck may indicate an
erroneous lockfile instead of an ongoing transaction.
Improve the error messages for sync operations by advising the user to remove
db.lck if he is sure that no package manager is running.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
We only updated if the percentage incremented and enough time had
elapsed, even though the numerator of the current/howmany fraction may
have changed. Ensure we proceed with the progress bar update in these
cases so as to not mislead the user.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add new alpm_pkg_get_origin() method, use it in the front end now that
the enum constants are publicly available.
Signed-off-by: Dan McGee <dan@archlinux.org>
libalpm now exports type alpm_pkgfrom_t in alpm.h, which may be used
by frontends.
Pacman now uses alpm_pkgfrom_t instead of replicating that type (pkg_from
as was in src/pacman/package.h)
Updated API change in README.
Signed-off-by: Diogo Sousa <diogogsousa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
There are many other ways to fail a package load other than "file not
found". We should also use the correct error code in this case. Clean it
up a bit in the various callers.
Signed-off-by: Dan McGee <dan@archlinux.org>
I was trying to take a shortcut and not introduce a wrapper struct for
the signature results, so packed it all into alpm_sigresult_t in the
first iteration. However, this is painful when one wants to add new
fields or only return information regarding a single signature.
Refactor the type into a few components which are exposed to the end
user, and will allow a lot more future flexibility. This also exposes
more information regarding the key to the frontend than was previously
available.
The "private" void *data pointer is used by the library to store the
actual key object returned by gpgme; it is typed this way so the
frontend has no expectations of what is there, and so we don't have any
hard gpgme requirement in our public API.
Signed-off-by: Dan McGee <dan@archlinux.org>
config_set_arch() already calls strdup(). Remove strdup() from the
config_set_arch() invocation to avoid a memory leak.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
We had two issues here. One is a file with an absolute path passed to -S
results in a cryptic error message due to the database name being '\0'.
The second is not realizing you should be doing -U instead of -S. Fix
both of these to transform this:
$ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz
error: database not found:
to this:
$ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz
error: target not found: /tmp/binutils-2.21.1-2-i686.pkg.tar.xz
warning: '/tmp/binutils-2.21.1-2-i686.pkg.tar.xz' is a file, did you mean -U/--upgrade instead of -S/--sync?
Signed-off-by: Dan McGee <dan@archlinux.org>
There were many cases where the string coming in was a blank line, e.g.
"\n\0", length 1. The trim routine starts by trimming leading spaces,
thus trimming everything. We would then proceed to do a memmove of the
NULL byte, which is completely worthless as we can just assign it
instead.
Signed-off-by: Dan McGee <dan@archlinux.org>
We only used short labels in one place, and the short label is always
the first character of the long label anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
This cleans up some of the mess we have here.
* switch to long units for the download size
* omit the .0 decimal part from the download rate
* omit the almost always zero HH: from estimated time if eta_h == 0
* Display --:-- if eta_h > 99; formatting was screwed up before
The net result of this is we usually have 1 more character to use for
filename display.
Before:
extra 500.9K 1242.4K/s 00:00:00 [######################] 100%
community-testing 947.0B 28.2M/s 00:00:00 [######################] 100%
multilib 26.5K 405.1K/s 00:00:00 [######################] 100%
community 450.6K 1238.3K/s 00:00:00 [######################] 100%
After:
extra 500.9 KiB 1118K/s 00:00 [######################] 100%
community-testing 947.0 B 23M/s 00:00 [######################] 100%
multilib 26.5 KiB 255K/s 00:00 [######################] 100%
community 450.6 KiB 1211K/s 00:00 [######################] 100%
Signed-off-by: Dan McGee <dan@archlinux.org>
Because why the hell not? Exbibyte, zebibyte, and yobibyte are going in,
even though nothing bigger than the 2^60 exbibyte can be represented
using an off_t variable anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
This ensures we grab and use the library default once we have processed
the global SigLevel setting, but before processing the repo-specific
settings. This means the following two configs will now evaluate the
same, as the backend currently defaults to 'Optional':
Config 1:
[options]
# nothing here
[repo]
SigLevel = TrustAll
Config 2:
[options]
SigLevel = Optional
[repo]
SigLevel = TrustAll
Signed-off-by: Dan McGee <dan@archlinux.org>
This is measuring strings that are potentially localized, so we need a
multibyte aware function to count characters instead of bytes.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We used fprintf() elsewhere in this function, but we didn't use it on
the debug timestamp printing. Use fprintf() instead of printf() to fix
this.
Signed-off-by: Dan McGee <dan@archlinux.org>
Pointer sizes are the same but this makes intention clearer.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
We did this with depends way back in commit c244cfecf6 in 2007. We
can do it with these fields as well.
Of note is the inclusion of provides even though only '=' is supported-
we'll parse other things, but no guarantees are given as to behavior,
which is more or less similar to before since we only looked for the
equals sign.
Also of note is the non-inclusion of optdepends; this will likely be
resolved down the road.
The biggest benefactors of this change will be the resolving code that
formerly had to parse and reparse several of these fields; it only
happens once now at load time. This does lead to the disadvantage that
we will now always be parsing this information up front even if we never
need it in the split form, but as these are uncommon fields and our
parser is quite efficient it shouldn't be a big concern.
Signed-off-by: Dan McGee <dan@archlinux.org>
This adds a field in the package struct for this checksum type as well
as allowing access via the API to it. The frontend is now able to
display any read value. Note that this does not implement any use or
verification of the value internally.
Signed-off-by: Dan McGee <dan@archlinux.org>
adds a new API method: alpm_pkg_get_base64_sig
[Dan: don't use a new header string in frontend]
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We were using i as the loop variable in both the inner and outer loop.
Use j in the inner loop instead for clarity.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is somewhat of a dangerous option with limited use cases. Don't
advertise it as an easily accessibly option.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Trivial to implement as the same backend machinery is used anyway.
Document it and add it to the accepted options.
Signed-off-by: Dan McGee <dan@archlinux.org>
This closely matches what we had before for -R --recursive. Basically,
when specifying a target (e.g., pacman), we can now recursively pull all
dependencies, regardless of version specifiers and whether they are
already satisfied in the local database. This could be used to update
pacman on a system with an old glibc, for example, as both pacman and
glibc would get pulled into the transaction.
This is most useful with --needed to prevent needless reinstalls as
described in the man page changes.
The end goal of this change is to wire it into SyncFirst and have it be
the default mode of operation there, but that belongs in a separate
changeset.
Signed-off-by: Dan McGee <dan@archlinux.org>
This also pulls in some early translations we had entered in Transifex
in the last day so those would not be lost. The diffstat is huge and not
very telling as usual, as all sorts of fuzzyness switches happened this
time around for some reason.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a bit of a mess, due to the fact that we have a progress meter
running. It is also ironic that we are in the midst of a method named
"commit" when we haven't done a damn thing yet, and can still fail hard
if either a checksum or signature is invalid or unrecognized.
Adapt the former test_md5sum method to be invoked for any of the various
failure types, which at least gives the user some indication of what
packages are failing. A second patch will be needed to actually show
worthwhile error codes, but this is going to involve modifying the
actual data passed with the callback.
Signed-off-by: Dan McGee <dan@archlinux.org>
If someone did a 'touch bogusrepo.db', we had the potential to throw a
SIGFPE or divide by zero, given that the total file size was 0 and
getting passed up to the pacman callback. Fix this so we get weird but
sane output and don't blow up when downloading:
:: Synchronizing package databases...
core 35.7K 306.7K/s 00:00:00 [###################] 100%
bogusrepo 0.0K 0.0K/s 00:00:00 [###################] 100%
Exception as seen in gdb:
Program received signal SIGFPE, Arithmetic exception.
0x000000000040cc73 in cb_dl_progress (filename=0x619dfc "bogusrepo.db", file_xfered=0, file_total=0) at callback.c:584
584 file_percent = (file_xfered * 100) / file_total;
Signed-off-by: Dan McGee <dan@archlinux.org>
This moves us toward staring translations for the 4.0.0 release,
although this should not be interpreted as a string freeze by any means.
Signed-off-by: Dan McGee <dan@archlinux.org>
These are never modified and even getopt_long's prototype shows this
modifier on the parameter.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
pacsort is a command line sorting utility that implements libalpm's
alpm_pkg_vercmp algorithm.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We did a good job checking this in add.c, but not necessarily anywhere
else. Fix this up by adding checks into dload.c, remove.c, and conf.c in
the frontend. Also add loggers where appropriate and make the message
syntax more consistent.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add code to conf.c that parses the new SigLevel directive. An
overwhelming number of options are presented, but most users will still
be fine with the Never/Optional/Required trio. More advanced users can
combine these or any of the other options on a 'SigLevel = ' line, which
is parsed in a left-to-right fashion and flags turned on and off
accordingly. For example, all three of these will net the same config:
SigLevel = Required PackageOptional
SigLevel = Optional DatabaseRequired
SigLevel = DatabaseRequired PackageOptional
Additionally, database-specific lines assume you wish to start with any
global default that has been set. For example, if any of the above lines
were in the [options] section, something such as:
SigLevel = PackageRequired PackageAllowMarginal
Would continue to enforce required database signatures.
Inspiration-by: Kerrick Staley <mail@kerrickstaley.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This ensures we are actually making correct use of the information gpgme
is returning to us. Marginal being allowed was obvious before, but
Unknown should deal with trust level, and not the presence or lack
thereof of a public key to validate the signature with.
Return status and validity information in two separate values so check
methods and the frontend can use them independently. For now, we treat
expired keys as valid, while expired signatures are invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
Pacman did a great job of having almost (but not quite) duplicate code
paths through the sync and upgrade code. We can use the same logic in
both upgrade in sync once the targets are resolved, so extract a
function and delete a bunch of code.
Signed-off-by: Dan McGee <dan@archlinux.org>
Hardcoding anything always ends up burning you, and the arbitrary length
of 64 here did just that. Add the ability to reallocate the readline
buffer for longer inputs if necessary, and add other error checking as
approprate. This also plugs one small memory leak of the group
processing code selection array.
Addresses FS#24253.
Signed-off-by: Dan McGee <dan@archlinux.org>
This accomplishes quite a few things with one rather invasive change.
1. Iteration is much more performant, due to a reduction in pointer
chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
linked list as the file struts are now laid out consecutively in
memory.
3. Memory allocation has been massively reworked. Before, we would
allocate three different pieces of memory per file item- the list
struct, the file struct, and the copied filename. What this resulted
in was massive fragmentation of memory when loading filelists since
the memory allocator had to leave holes all over the place. The new
situation here now removes the need for any list item allocation;
allocates the file structs in contiguous memory (and reallocs as
necessary), leaving only the strings as individually allocated. Tests
using valgrind (massif) show some pretty significant memory
reductions on the worst case `pacman -Ql > /dev/null` (366387 files
on my machine):
Before:
Peak heap: 54,416,024 B
Useful heap: 36,840,692 B
Extra heap: 17,575,332 B
After:
Peak heap: 38,004,352 B
Useful heap: 28,101,347 B
Extra heap: 9,903,005 B
Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.
Signed-off-by: Dan McGee <dan@archlinux.org>
This can only ever operate on the local database, and a local package at
that. Change the function signature to take a handle and package object,
add the relevant asserts, and ensure the frontend can detect the package
not found condition when finding packages to pass to this method.
Signed-off-by: Dan McGee <dan@archlinux.org>
We did some funny stuff here before to allow specifying fully-qualified
package names, such as 'testing/gcc' or 'core/gcc'. However, it was done
by duplicating code, not to mention an early escape if a repository
could not be found for an early target. Something like `pacman -Si
foo/bar core/gcc' would not give expected results, although `pacman -Si
bar gcc' would.
Clean up the code, remove strncpy() usage, and clarify the error
messages a bit.
Signed-off-by: Dan McGee <dan@archlinux.org>
The supposed safety blanket of this function is better handled by
explicit length checking and usages of strlen() on known NULL-terminated
strings rather than hoping things fit in a buffer. We also have no need
to fully fill a PATH_MAX length variable with NULLs every time as long
as a single terminating byte is there. Remove usages of it by using
strcpy() or memcpy() as appropriate, after doing length checks via
strlen().
Signed-off-by: Dan McGee <dan@archlinux.org>
The only thing this accessor did was remove the const qualifier
given our entire list implementation requires passing around the
head anyway.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
They are placeholders, but important for things like trying to re-sync a
database missing a signature. By using the alpm_db_validity() method at
the right time, a client can take the appropriate action with these
invalid databases as necessary.
In pacman's case, we disallow just about anything that involves looking
at a sync database outside of an '-Sy' operation (although we do check
the validity immediately after). A few operations are still permitted-
'-Q' ops that don't touch sync databases as well as '-R'.
Signed-off-by: Dan McGee <dan@archlinux.org>
Show output in -Qip for each package signature, which includes the UID
string from the key ("Joe User <joe@example.com>") and the validity of
said key. Example output:
Signatures : Valid signature from "Dan McGee <dpmcgee@gmail.com>"
Unknown signature from "<Key Unknown>"
Invalid signature from "Dan McGee <dpmcgee@gmail.com>"
Also add a backend alpm_sigresult_cleanup() function since memory
allocation took place on this object, and we need some way of freeing
it.
Signed-off-by: Dan McGee <dan@archlinux.org>
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
This allows us to capture size and mode data when building filelists
from package files. Future patches will take advantage of this newly
available information, and frontends can use it as well.
Signed-off-by: Dan McGee <dan@archlinux.org>