1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-13 21:05:05 -05:00
Commit Graph

2025 Commits

Author SHA1 Message Date
Dan McGee
1953fe4368 Fix thinko in _alpm_strip_newline
The point of this early compare to NULL byte check was so we could bail
early and skip the strcmp() call. Given we weren't doing the check
right, this never exited early. Fix it to work as intended.

Noticed-by: Pepe Juárez <trulustapa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-01 19:17:26 -05:00
Dave Reisner
4c259d51f7 dload: remove redundant conditional
Replacing the strdup when after the first NULL check assures that we get
continue with payload->remote_name defined.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-10-27 17:49:09 -05:00
Dave Reisner
f4875fab9b dload: chmod tempfiles to respect umask
Dan: fix mask calculation, add it to the success/fail block instead.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-27 17:46:48 -05:00
Dan McGee
3343185473 Introduce ALPM_BUFFER_SIZE constant
This takes the place of three previously used constants:
ARCHIVE_DEFAULT_BYTES_PER_BLOCK, BUFFER_SIZE, and CPBUFSIZE.

In libarchive 3.0, the first constant will be no more, so we can ensure
we are forward-compatible by removing our usage of it now. The rest are
unified for consistency.

By default, we will use the value of BUFSIZ provided by <stdio.h>, which
is 8192 on Linux. If that is undefined, a default value is provided.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-27 14:59:24 -05:00
Dan McGee
8a9ce12a27 Fix issues with replacing unowned symlinks
There aretwo seperate issues in the same block of file conflict
checking code here:
1) If realpath errored, such as when a symlink was broken, we would call
   'continue' rather than simply exit this particular method of
   resolution. This was likely just a copy-paste mistake as the previous
   resolving steps all use loops where continue makes sense. Refactor
   the check so we only proceed if realpath is successful, and continue
   with the rest of the checks either way.
2) The real problem this code was trying to solve was canonicalizing
   path component (e.g., directory) symlinks. The final component, if
   not a directory, should not be handled at all in this loop. Add a
   !S_ISLNK() condition to the loop so we only call this for real files.

There are few other small cleanups to the debug messages that I made
while debugging this problem- we don't need to keep printing the file
name, and ensure every block that sets resolved_conflict to true prints
a debug message so we know how it was resolved.

This fixes the expected failures from symlink010.py and symlink011.py,
while still ensuring the fix for fileconflict007.py works.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-26 17:32:46 -05:00
Dan McGee
7a6b01d46c Don't realloc a 0-length files array when loading packages
There is some pecular behavior going on here when a package is loaded
that has no files, as is very common in our test suite. When we enter
the realloc/sort code, a package without files will call the following:

    files = realloc(NULL, 0);

One would assume this is a no-op, returning a NULL pointer, but that is
not the case and valgrind later reports we are leaking memory. Fix the
whole thing by skipping the reallocation and sort steps if the pointer
is NULL, as we have nothing to do.

Note that the package still gets marked as 'files loaded', becuase
although there were none, we tried and were successful.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-26 15:44:55 -05:00
Dave Reisner
2da59e1aa9 lib/sync: inform callers of compute_download_size of a partial
Extend the return values of compute_download_size to allow callers to
know that a .part file exists for the package.

This extra value isn't currently used, but it'll be needed later on.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-25 10:38:12 -05:00
Dan McGee
5853025137 Add more logging to download code
This adds a logger to the CURLE_OK case so we can always know the return
code if it was >= 400, and debug log it regardless. Also adjust another
logger to use the cURL error message directly, as well as use fstat()
when we have an open file handle rather than stat().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-24 13:49:14 -05:00
Dan McGee
bac670ddc9 Show an error message on failed remote key lookup
The absolutely terrible part about this is the failure on GPGME's part
to distinguish between "key not found" and "keyserver timeout". Instead,
it returns the same silly GPG_ERR_EOF in both cases (why isn't
GPG_ERR_TIMEOUT being used?), leaving us helpless to tell them apart.

Spit out a generic enough error message that covers both cases;
unfortunately we can't provide much guidance to the user because we
aren't sure what actually happened.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-17 09:38:35 -05:00
Dan McGee
185cbb8a44 Add missing #ifdef around cURL error code in download struct
Thanks to Eduardo Tongson on the mailing list.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-14 07:38:58 -05:00
Dan McGee
86bc36412e curl_gethost() potential bug fixups
This is in the realm of "probably not going to happen", but if someone
were to translate "disk" to a string longer than 256 characters, we
would have a smashed/corrupted stack due to our unchecked strcpy() call.
Rework the function to always length-check the value we copy into the
hostname buffer, and do it with memcpy rather than the more cumbersome
and unnecessary snprintf.

Finally, move the magic 256 value into a constant and pass it into the
function which is going to get inlined anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 15:16:10 -05:00
Dan McGee
12642a299b Add user-visible warning message if public keyring not found
This should help point users in the right direction if they have not
initialized via pacman-key just yet.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 17:54:08 -05:00
Dan McGee
2a18171afa signing: delay gpgme_init() until latest possible moment
In the default configuration, we can enter the signing code but still
have nothing to do with GPGME- for example, if database signatures are
optional but none are present. Delay initialization of GPGME until we
know there is a signature file present or we were passed base64-encoded
data.

This also makes debugging with valgrind a lot easier as you don't have
to deal with all the GPGME error noise because their code leaks like a
sieve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:20:47 -05:00
Dan McGee
a0d0f3f47f Final Transifex update before 4.0
We have a few incomplete translations, but these should be addressable
before the 4.0.1 maint release that is surely not that far in the
future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 13:42:12 -05:00
Dan McGee
8cc4ed0d63 Update translations from Transifex
In prep for the 4.0.0 release.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:19 -05:00
Dave Reisner
abfa8370c0 dload: unhook error buffer after transfer finishes
Similar to what we did in edd9ed6a, disconnect the relationship with our
stack allocated error buffer from the curl handle. Just as an FTP
connection might have some network chatter on teardown causing the
progress callback to be triggered, we might also hit an error condition
that causes curl to write to our (now out of scope) error buffer.

I'm unable to reproduce FS#26327, but I have a suspicion that this
should fix it.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-10 19:09:59 -05:00
Dan McGee
a8ca9b93f8 Update translation message catalogs in prep for 4.0 release
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:39:05 -05:00
Dan McGee
dc7d691b20 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:30:14 -05:00
Dan McGee
cf0edb92ba Parse '0' as a valid package installed size
This was a bad oversight on my part, pointed out by Jakob. Whoops.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-04 15:31:17 -05:00
Dan McGee
c4d6688694 Use _alpm_local_db_pkgpath in _cache_changelog_open
Another place where we were doing the dirty work by hand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 11:08:49 -05:00
Dan McGee
39b0ac43fc Revamp scriptlet path formation for scriptlets in local database
Expose the current static get_pkgpath() function internally to the rest
of the library as _alpm_local_db_pkgpath(). This allows use of this
convenience function in add.c and remove.c when forming the path to the
scriptlet location.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:55:58 -05:00
Dan McGee
73139ccb3c Refactor _alpm_runscriptlet()
Add an is_archive parameter to reduce the amount of black magic going
on. Rework to use fewer PATH_MAX sized local variables, and simplify
some of the logic where appropriate in both this function and in the
callers where duplicate calls can be replaced by some conditional
parameter code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:55:58 -05:00
Dave Reisner
ad8d3ceb89 move prevprogress onto payload handle
This is a poor place for it, and it will likely move again in the
future, but it's better to have it here than as a static variable.

Initialization of this variable is now no longer necessary as its
zeroed on creation of the payload struct.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-29 12:58:37 -05:00
Dan McGee
e0acf2f144 Refactor download payload reset and free
This was done to squash a memory leak in the sync database download
code. When we downloaded a database and then reused the payload struct,
we could find ourselves calling get_fullpath() for the signatures and
overwriting non-freed values we had left over from the database
download.

Refactor the payload_free function into a payload_reset function that we
can call that does NOT free the payload itself, so we can reuse payload
structs. This also allows us to move the payload to the stack in some
call paths, relieving us of the need to alloc space.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 13:01:03 -05:00
Dan McGee
9a58d5c6c5 Initialize cURL library on first use
Rather than always initializing it on any handle creation. There are
several frontend operations (search, info, etc.) that never need the
download code, so spending time initializing this every single time is a
bit silly. This makes it a bit more like the GPGME code init path.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 13:01:03 -05:00
Dan McGee
40a264478e Track unresolvable transaction packages
Rather than free them right away, keep the list on the transaction as
we already do with add and remove lists. This is necessary because we
may be manipulating pointers the frontend needs to refer to packages,
and we are breaking our contract as stated in the alpm_add_pkg()
documentation of only freeing packages at the end of a transaction.

This fixes an issue found when refactoring the package list display
code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:52:37 -05:00
Dan McGee
6e081a0c57 Move pacsave path construction code off the stack
This is definitely not in the normal hot path, so we can afford to do
some temporary heap allocation here.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:53 -05:00
Dan McGee
98e0371ae3 Use the full buffer when computing md5/sha256 sums
No wonder these were slower than expected. We were only reading 4
(32-bit) or 8 (64-bit) bytes at a time and feeding it to the hash
functions. Define a buffer size constant and use it correctly so we feed
8K at a time into the hashing algorithm.

This cut one larger `-Sw --noconfirm` operation, with nothing to
actually download so only timing integrity, from 3.3s to 1.7s.

This has been broken since the original commit eba521913d introducing
OpenSSL usage for crypto hash functions. Boy do I feel stupid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:42 -05:00
Dan McGee
f66f9f11cd Fix memory leak in download payload->remote_name
In the sync code, we explicitly allocated a string for this field, while
in the dload code itself it was filled in with a pointer to another
string. This led to a memory leak in the sync download case.

Make remote_name non-const and always explicitly allocate it. This patch
ensures this as well as uses malloc + snprintf (rather than calloc) in
several codepaths, and eliminates the only use of PATH_MAX in the
download code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:33 -05:00
Dan McGee
ea3c47825e Revert "libalpm: compare pkgname with strcoll"
This commit was made with the intent of displaying "correctly" sorted
package lists to users. Here are some reasons I think this is incorrect:

* It is done in the wrong place. If a frontend application wants to show
  a different order of packages dependent on locale, it should do that
  on its own.
* Even if one wants a locale-specific order, almost all package names
  are all ASCII and language agnostic, so this different comparison
  makes little sense and may serve only to confuse people.
* _alpm_pkg_cmp was unlike any other comparator function. None of the
  rest had any dependency on anything but the content of the structs
  being compared (e.g., they only used strcmp() or other basic
  comparison operators).

This reverts commit 3e4d2c3aa6.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 20:24:04 -05:00
Dan McGee
69962184bb _alpm_splitdep: use malloc instead of calloc
There was only one simple to handle case where we left a field
uninitialized; set it to NULL and use malloc() instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:52:38 -05:00
Dan McGee
d8fab9b441 be_sync: fetch only entry mode, not full stat struct
This saves a lot of unnecessary work since we don't need any of the
other fields in the stat struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:34 -05:00
Dan McGee
bf56fb6eb8 alpm_list: use malloc instead of calloc
In every case we were calling calloc, the struct we allocated (or the
memory to be used) is fully specified later in the method.

For alpm_list_t allocations, we always set all of data, next, and prev.

For list copying and transforming to an array, we always copy the entire
data element, so no need to zero it first.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:27 -05:00
Dan McGee
fa929e8258 Fix compilation using --without-gpgme
I'm really good at breaking this on a regular basis. If only we had some
sort of automated testing for this...

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:15:36 -05:00
Dan McGee
b242b2d050 Remove unnecessary logger
This is just a wrapper function; the real function we call logs an
almost identical line.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:08:01 -05:00
Dan McGee
47657107af Delay check for repository servers until we need them
In the sync download code, we added an early check in 6731d0a940 for
sync download server existence so we wouldn't show the same error over
and over for each file to be downloaded. Move this check into the
download block so we only run it if there are actually files that need
to be downloaded for this repository.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 07:53:38 -05:00
Dan McGee
80b0f27125 Ensure fileconflict value is actually a string
When we switched to a file object and not just a simple string, we missed an
update along the way here in target-target conflicts. This patch looks
large, but it really comes down to one errant (char *) cast before that has
been reworked to explicitly point to the alpm_file_t object. The rest is
simply code cleanup.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 17:36:29 -05:00
Dan McGee
2517ba3303 Update Doxyfile and fix some documentation errors caught by Doxygen
A few parameters were outdated or wrongly named, and a few things were
explicitly linked that Doxygen wasn't able to resolve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:37:36 -05:00
Dan McGee
c406949226 Ensure database validity flags are set in invalid signature case
We returned the right error code but never set the flags accordingly.
Also, now that we can bail early, ensure we set the error code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:11 -05:00
Dan McGee
1e0ed133f4 Handle key import errors correctly and with good error messages
This adds calls to gpgme_op_import_result() which we were not looking at
before to ensure the key was actually imported. Additionally, we do some
preemptive checks to ensure the keyring is even writable if we are going
to prompt the user to add things to it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:10 -05:00
Dan McGee
907e8af5be signing: be consistent with returning -1 for error cases
This also fixes a segfault found by dave when key_search is
unsuccessful; the key_search return code documentation has also been
updated to reflect reality.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:05 -05:00
Dan McGee
43787d0067 Regenerate message catalogs and translations
We've had a bit of churn since the last time this was done.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:36:09 -05:00
Dan McGee
a78e3e3a23 Translation file updates from Transifex
Pick up any updates before I push new source messages out to the
service.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:35:31 -05:00
Dan McGee
6767de5380 Add status and check for key being disabled
Because we aren't using gpgv and a dedicated keyring that is known to be
all safe, we should honor this flag being set on a given key in the
keyring to know to not honor it. This prevents a key from being
reimported that a user does not want to be used- instead of deleting,
one should mark it as disabled.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
765178c5ba Implement PGP key search and import
Add two new static methods, key_search() and key_import(), to our
growing list of signing code.

If we come across a key we do not have, attempt to look it up remotely
and ask the user if they wish to import said key. If they do, flag the
validation process as a potential 'retry', meaning it might succeed the
next time it is ran.

These depend on you having a 'keyserver hkp://foo.example.com' line in
your gpg.conf file in your gnupg home directory to function.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:31 -05:00
Dan McGee
0ef7129a4a signing: document most undocumented functions
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:06:03 -05:00
Dan McGee
4849a4596d Add _alpm_process_siglist() logic to failed package validation
This moves the result processing out of the validation check loop itself
and into a new loop. Errors will be presented to the user one-by-one
after we fully complete the validation loop, so they no longer overlap
the progress bar.

Unlike the database validation, we may have several errors to process in
sequence here, so we use a function-scoped struct to track all the
necessary information between seeing an error and asking the user about
it.

The older prompt_to_delete() callback logic is still kept, but only for
checksum failures. It is debatable whether we should do this at all or
just delegate said actions to the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
0a4a5cea97 Add new import key question enum value and stub frontend function
This is for eventual use by the PGP key import code. Breaking this into
a separate commit now makes the following patches a bit easier to
understand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
d36d70d294 Add alpm_capabilities() method and enumeration
This allows a frontend program to query, at runtime, what the library
supports. This can be useful for sanity checking during config-
requiring a downloader or disallowing signature settings, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:35 -05:00
Dan McGee
33f2518531 Move default siglevel value from backend to frontend
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.

Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:30 -05:00