RET_ERR calls _alpm_log which includes calls that are not safe for use
in asynchronous signal handlers (see signal(7)). Replace it in
functions called from our signal handlers with a new macro
RET_ERR_ASYNC_SAFE which is identical except that it lacks the call to
_alpm_log.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
init_gpgme checks for various paths under gpgdir by concatenating them
directly, giving warning messages incorrectly if gpgdir does not end
with '/'.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
alpm_unlock is a limited version of alpm_release that does nothing but
the actual unlinking of the lock file and is therefore safe to call from
signal handlers.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Returning -1 is useless since we don't provide any way
to determine why it failed.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
alpm_depend_t is an exposed data type. Front-ends may opt for alloc'ing
one and filling the fields manually, but alpm's _alpm_hash_sdbm is not
exposed, making it impossible for them to fill in the name_hash field.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
assumeinstalled options are used as provisions for which MOD_EQ and
MOD_ANY are the only meaningful settings.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Fixes a segfault when trying to remove an assumeinstalled
option without a version.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This allows frontends to select between the .db and .files databases
currently supplied by repo-add or any other compatible database.
Signed-off-by: Allan McRae <allan@archlinux.org>
For parity with alpm_option_match_noextract.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Moving logging to the event callback caused warnings
under clang due to non-literal format strings and
silenced all log messages when --print was used.
This reverts commit cd793c5ab7.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Conflicts:
lib/libalpm/alpm.h
src/pacman/callback.c
Signed-off-by: Allan McRae <allan@archlinux.org>
* conflicts need to be freed with alpm_conflict_free
* sync dbs need to be unregistered and are handled by alpm_release
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Problems due to concurrent running instances of pacman can be difficult
to diagnose. Log a warning to make it more obvious that that's what
happened, that it's a bad idea, and hopefully encourage people who do
things like removing the lock file to run pacman from an install script
to at least be courteous enough to put it back when they're done.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Rather than have individual callers log failure, just
do it directly in _alpm_handle_unlock.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Consolidates repeated code and replaces dangerous
strdup calls with STRDUP.
Also fix a couple variables named "pkg" that
refer to file paths.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When ALPM emits a log message, it still goes through _alpm_log() but
instead of calling a specific log callback, it goes as an event.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.
Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
When calling open(), use O_CLOEXEC as much as possible to ensure the
file descriptor is closed when and if a process using libalpm forks.
For most of these cases, and especially in utility functions, the file
descriptor is opened and closed in the same function, so we don't have
too much to worry about. However, for things like the log file and
database lock file, we should ensure descriptors aren't left hanging
around for children to touch.
This patch is inspired by the problem in FS#36161, where an open file
descriptor to the current working directory prevents chroot() from
working on FreeBSD. We don't need this file descriptor in the child
process, so open it (and now several others) with O_CLOEXEC.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
There was a brief window between opening the file descriptor and
creating a stream to it. If the process was interrupted during that
window the lock file would not be removed correctly.
The pid is no longer printed to the lock file as this was virtually
meaningless for lock files on NFS.
Fixes FS#35603
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This brings file siglevels in line with how db siglevels are handled.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add LocalFileSigLevel and RemoteFileSigLevel to control the signature
checking for "pacman -U <file>" and "pacman -U <url>" operations
respectively. The starting value for both these options is SigLevel,
if it is specified in the [options] section, or the built-in system
default. The specified values override and/or supplement this initial
value. Note there is no distinction between setting "Required" and
"PackageRequired" as there are no database options for Upgrade
operations.
Signed-off-by: Allan McRae <allan@archlinux.org>
There is little reason here to grab 4K from the heap only to return it a
few lines later. Instead, just use the stack to hold the returned value
saving ourselves the malloc/free cycle.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add 2012 to the copyright range for all libalpm and pacman source files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This makes several small adjustments to our exposed method names, and in
one case, parameters. The justification here is to make methods less odd
in their naming convention. If a method takes an alpm_db_t argument, the
method should be named 'alpm_db_*', but perhaps more importantly, if it
doesn't take a database as the first parameter, it should not.
Summary of changes:
alpm_db_register_sync -> alpm_register_syncdb
alpm_db_unregister_all -> alpm_unregister_all_syncdbs
alpm_option_get_localdb -> aplpm_get_localdb
alpm_option_get_syncdbs -> aplpm_get_syncdbs
alpm_db_readgroup -> alpm_db_get_group
alpm_db_set_pkgreason -> alpm_pkg_set_reason
All methods keep the same argument list except for alpm_pkg_set_reason;
there we drop the 'handle' argument as it can be retrieved from the
passed in package object.
Signed-off-by: Dan McGee <dan@archlinux.org>
Rework the frontend and backend to allow passing a ratio value in for
UseDelta rather than having a hardcoded #define-d 0.7 value always used.
This is useful for those with fast connections, who would likely benefit
from tuning this ratio to lower values; it is also useful for general
testing purposes.
The libalpm API changes for this, but we do support the old config file
format with a no-value 'UseDelta' option; in this case we simply use the
old default of 0.7.
We clamp the ratio values to a sane range between 0.0 and 2.0, allowing
ratios above 1.0 for testing purposes.
Signed-off-by: Dan McGee <dan@archlinux.org>
This reduces the number of regcomp() calls when parsing delta entries in
the database from once per entry to once for the entire context handle
by storing the compiled regex data on the handle itself. Just as we do
with the cURL handle, we initialize it the first time it is needed and
free it when releasing the handle.
A few other small tweaks to the parsing function also take place,
including using the stack to store the transient and short file size
string while parsing it.
When parsing a sync database with 1378 delta entries, this reduces the
time of a `pacman -Sl deltas` operation by 50% from 0.22s to 0.12s.
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensures that config.h is always ordered correctly (first) in the
includes. Also means that new source files get this for free without
having to remember to add it.
We opt for -imacros over -include as its more portable, and the
added constraint by -imacros doesn't bother us for config.h.
This also touches the HACKING file to remove the explicit mention of
config.h as part of the includes.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is consistent with the other enums and structs, and should be
slightly more readable.
Signed-off-by: Jonathan Conder <jonno.conder@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.
Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.
Signed-off-by: Dan McGee <dan@archlinux.org>
Rather than using a string-based path, we can restore the working
directory via a file descriptor and use of fchdir().
From the getcwd manpage:
Opening the current directory (".") and calling fchdir(2) to
return is usually a faster and more reliable alternative when
sufficiently many file descriptors are available.
Signed-off-by: Dan McGee <dan@archlinux.org>
Put all the callback stuff in alpm.h in one spot, and make the following
renames for clarity with the new structure:
ALPM_TRANS_EVT_* --> ALPM_EVENT_*
ALPM_TRANS_CONV_* --> ALPM_QUESTION_*
ALPM_TRANS_PROGRESS_* --> ALPM_PROGRESS_*
alpm_option_get_convcb() --> alpm_option_get_questioncb()
alpm_option_set_convcb() --> alpm_option_set_questioncb()
Signed-off-by: Dan McGee <dan@archlinux.org>
This was just disgusting before, unnecessary to limit these to only
usage in a transaction. Still a lot of more room for cleanup but we'll
start by attaching them to the handle rather than the transaction we may
or may not even want to use these callbacks.
Signed-off-by: Dan McGee <dan@archlinux.org>
As noted by Allan, we failed pretty hard if gpgme was compiled out. With
these changes, only sign001.py fails. This can/will be fixed later once
we beef up the test suite with more signing tests anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
The supposed safety blanket of this function is better handled by
explicit length checking and usages of strlen() on known NULL-terminated
strings rather than hoping things fit in a buffer. We also have no need
to fully fill a PATH_MAX length variable with NULLs every time as long
as a single terminating byte is there. Remove usages of it by using
strcpy() or memcpy() as appropriate, after doing length checks via
strlen().
Signed-off-by: Dan McGee <dan@archlinux.org>
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
Andrew Gregory