Add a --with-nettle configure option that directs pacman to use the libnettle
hashing functions. Only one of the --with-libssl and --with-nettle configure
options can be specified.
[Allan: rewrote configure check]
Signed-off-by: Allan McRae <allan@archlinux.org>
parseopts is used in makepkg and other scripts such as pacman-key as a
getopt replacement.
Instead of including it in those scripts via a macro, move it to
libmakepkg/util/parseopts.sh and have scripts source this file where
appropriate.
To keep the parseopts test, a new variable was introduced:
PM_LIBMAKEPKG_DIR
Signed-off-by: Alad Wenter <alad@archlinux.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
In order for the scripts to be used in testsuites, it is easiest to generate
all of them so they are found in the build directory (which may be different
to the source directory).
Signed-off-by: Alad Wenter <alad@archlinux.info>
Signed-off-by: Allan McRae <allan@archlinux.org>
This should make pacman's behavior consistent with GNU coreutils df,
as well as follow advice from affected filesystems' devs as well as
`man statvfs`.
This fixes FS#37402
Signed-off-by: Martin Kühne <mysatyre@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
makepkg-wrapper did not get rebuilt if makepkg was regenerated due to library
changes. Ensure makepkg-wrapper is always generated and linked any time
makepkg changes.
Signed-off-by: Allan McRae <allan@archlinux.org>
We checked for empty array elements, but did not catch empty array. Add
a check for that case as well.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
The contrib directory takes too much of the pacman developer's limited time,
which could be better spent developing and reviewing patches for the primary
projects. The community can pick this up in a separate repository if wanted.
Signed-off-by: Allan McRae <allan@archlinux.org>
The people who believe that pacman-optimize is actually doing something
useful are the same people who are voting for Trump.
Signed-off-by: Allan McRae <allan@archlinux.org>
This fixes the issue with --printsrcinfo that all arch specific variants
of a variable get merged into their non arch specific variant.
The .SRCINFO file ends up having $depends containing $depends_x86_64
and omitting the latter.
Signed-off-by: Allan McRae <allan@archlinux.org>
This was included due to use of PolarSSL's implementation for our internal
SHA2 support. As our internal checksum calculations are now removed, we
can also remove this unused code path.
Signed-off-by: Allan McRae <allan@archlinux.org>
The internal implementations for md5 and sha256 checksums have not been merged
from upstream sources for a long time. Instead of us carrying copies of code
from other projects, we should just support building against multiple libraries
that provide such functionality.
This patch removes the md5 and sha2 code (originally obtained from PolarSSL)
from our repository. The configure script will now error unless at least one
library supporting checksum generation is present, with the only library
currently supported being openssl. It will be relatively simple for other
such libraries (e.g. nettle) to be supported if anyone wishes to add them.
Signed-off-by: Allan McRae <allan@archlinux.org>
Adding and clarifying comments.
Adding and removing some new lines.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Switch to parseopts instead of merely checking the first argument.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
To enable the creation of multiple packages with one command move the
assembly process into its own function.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add missing newline in paclog-pkglist help output
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Making it size_t matches the return value of alpm_list_count() and
avoids the implicit cast to int.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Since the number of packages is not used anywhere, just return a
boolean to avoid the implicit cast from size_t to int in be_local.c.
Use 0 as success to be consistent with db_validate.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Recent gcc (tested with 6.2.1) produces the following error when
compiling with both --enable-warningflags and --enable-debug.
In particular, it seems it is the combination of GCC_STACK_PROTECT_LIB
and -Wstrict-overflow=5 produces the error.
be_local.c:609:4: error: assuming signed overflow does not occur
when simplifying conditional
[-Werror=strict-overflow]
if(count > 0) {
Fix this by changing the type of count from int to size_t, which is
fine since count is never negative.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
We weren't supplying the rpl_malloc function needed if this failed, and
didn't check for realloc, so just remove.
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Curl 7.32.0 added CURLOPT_XFERINFOFUNCTION, which deprecates
CURLOPT_PROGRESSFUNCTION and means less casting doubles to size_ts for
alpm. This change has no user-facing nor frontend-facing effects.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a space between the option and its argument. Also, do not enclose
the argument in asterisk characters.
Fixes a typo introduced in aa4c61f (Document database checking options,
2014-12-28).
Reported-by: Luca Weiss <luca.emanuel.weiss@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
From the documentation:
verify-pacman-repo-db looks at a pacman repo database and verifies its
content with the actual package files. The database is expected to be in
the same directory as the packages (or symlinks to the packages).
The following properties are verified for each package in the database:
- existence of the package file
- file size
- MD5 and SHA256 checksum (--checksum)
Signed-off-by: Florian Pritz <bluewind@xinu.at>
When curl calls alpm's dlcb, alpm calls the frontend's cb with the
following (dlsize, totalsize) arguments:
0, -1: initialize
0, 0: no change since last call
x {x>0, x<y}, y {y>0}: data downloaded, total size known
x {x>0}, x: download finished
If total size is not known, do not call frontend cb (no change to
original behavior); alpm's callback shouldn't be called if there is a
download error.
See agregory's original spec here:
https://wiki.archlinux.org/index.php/User:Apg#download_callback
Signed-off-by: Allan McRae <allan@archlinux.org>
`makepkg -g` looks for existing checksums in the PKGBUILD file, so that
it can generate new sums of the same type. Previously it only checked
variables of the form "sha256sums", and not "sha256sums_x86_64". That
meant it would always fall back to MD5 for packages with only
architecture-specific sources. This change makes it look at
architecture-specific checksums too to determine the type.
Signed-off-by: Jack O'Connor <oconnor663@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
It was reported being --with-libcurl in the help (and the check for libcurl
being installed used $with_libcurl accordingly), but the option handling was set
using $with_curl and, therefore, expected option --with-curl.
In the end, --with-libcurl wasn't recognized, and --with-curl had no effect.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
macOS < 10.10 do not provide fstatat. We were constructing the full
path to the hook file for all other operations anyway, so there was no
real benefit to using fstatat.
Fixes FS#49771
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
The width of wchar_t is allowed to be of the same width as long,
according to standards. The return type of mbscasecmp is int though.
On amd64 with a 32 bit int, this means that mbscasecmp can return
zero (indicating that strings are equal) even though the input
strings differ.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
If signature files are larger than SIZE_MAX, not enough memory could
be allocated for this file. The script repo-add rejects files which
are larger than 16384 bytes, therefore handle these as errors here,
too.
While at it, I also rearranged the code to avoid a quite harmless
TOCTOU race condition between stat() and fopen().
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Some resources (memory or file descriptors) are not released on all
error paths.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
pacman expects an unarmored signature. makepkg forces the generation of
unarmored signatures, and repo-add will reject any armored signature.
For consistency pacman-key should also reject armored signatures.
Signed-off-by: Allan McRae <allan@archlinux.org>
Florian Weigelt