Start by converting all of our flags to a 'status' bitmask (pkgcache
status, grpcache status). Add a new 'valid' flag as well. This will let
us keep track if the database itself has been marked valid in whatever
fashion.
For local databases at the moment we ensure there are no depends files;
for sync databases we ensure the PGP signature is valid if
required/requested. The loading of the pkgcache is prohibited if the
database is invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is the ideal place to do it as all clients should be checking the
return value and ensuring there are no errors. This is similar to
pkg_load().
We also add an additional step of validation after we download a new
database; a subsequent '-y' operation can potentially invalidate the
original check at registration time.
Note that this implementation is still a bit naive; if a signature is
invalid it is currently impossible to refresh and re-download the file
without manually deleting it first. Similarly, if one downloads a
database and the check fails, the database object is still there and can
be used. These shortcomings will be addressed in a future commit.
Signed-off-by: Dan McGee <dan@archlinux.org>
This allows us to separate the name and hash elements in one place and
not scatter different parsing code all over the place, including both
the frontend and backend.
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes the need to write accessor methods for every type we have,
and simplifies the API. Any type that doesn't need magic* can be
converted in this fashion to make it easier for frontend applications to
use, as well as make it less of a pain to introduce new such structs in
the future.
* "magic" meaning something like pmpkg_t where values can be lazy loaded.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is more in line with reality and what we have our makepkg, etc.
options named anyway.
Original-patch-by: Kerrick Staley <mail@kerrickstaley.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This method is old, it doesn't adequately check for a NULL server list,
and can easily be done using better API method we provide these days.
All former users of this method can get similar results by calling
alpm_db_get_servers() and using the data from the returned server list.
Signed-off-by: Dan McGee <dan@archlinux.org>
This makes these functions consistent with the rest of the transaction
related API calls. We do an additional assert to ensure the handle
attached to the package is the same as the handle passed in.
Signed-off-by: Dan McGee <dan@archlinux.org>
Begin enforcing the need to pass a handle. This allows us to remove one
more extern handle declaration from the backend.
Signed-off-by: Dan McGee <dan@archlinux.org>
This requires a lot of line changes, but not many functional changes as
more often than not our handle variable is already available in some
fashion.
Signed-off-by: Dan McGee <dan@archlinux.org>
These new method signatures return and take handle objects to operate on
so we can move away from the idea of one global handle in the API. There
is also another important change and that deals with the setting of root
and dbpaths. These are now done at initialization time instead of using
setter methods. This allows the library to operate more safely knowing
that paths won't change underneath it.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is the first step in a long process to remove our dependence on the
global handle variable we currently share in libalpm, with the goal to
make things a bit more thread-safe and re-entrant.
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently we have one call that has all sorts of crazy behavior and doesn't
make a whole lot of sense. Go from one method to the normal four methods we
have for all of our other lists we use in the library to make it a lot
easier for a frontend to manipulate server lists.
Signed-off-by: Dan McGee <dan@archlinux.org>
Both md5sum verification and PGP verification can and should be done at
package load time. This allows verification to happen as early as
possible for packages provided by filename and loaded in the frontend,
and moves more stuff out of sync_commit that doesn't really belong
there. This should also set the stage for simplified parallel loading of
packages later down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
Given that we offer no transparency into the pmpgpsig_t type, we don't
really need to expose it outside of the library, and at this point, we
don't need it at all. Don't decode anything except when checking
signatures. For packages/files not from a sync database, we now just
read the signature file directly anyway.
Also push the decoding logic down further into the check method so we
don't need this hanging out in a less than ideal place. This will make
it easier to conditionally compile things down the road.
Signed-off-by: Dan McGee <dan@archlinux.org>
The various "level" values were a bit crazy to decipher, and we were
doing some very interesting comparisons in certain places. Break it out
into two parameters instead so we can seperate the type from the extra
information display, and do things accordingly.
Nothing changes with the display of any of the five types we currently
show: -Si, -Sii, -Qi, -Qii, -Qip.
Something to note- we should expose the PKG_FROM enum type somehow, this
patch leaves the door open to do that quite easily.
Signed-off-by: Dan McGee <dan@archlinux.org>
* add _alpm_db_get_sigverify_level
* add alpm_option_{get,set}_default_sigverify
And set the default verification level to OPTIONAL if not set otherwise.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently the only error case then when handle == NULL.
However several handle functions return -1 on this error,
and a uniform API makes things simpler.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This will serve as the home directory we pass to GPGME when making calls so
we can have a libalpm-utilized keyring.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add PM_ERR_LIBCURL to error enum and handle case in error.c by returning
curl_easy_strerror() based on the error number carried by the gloabl alpm
handle.
Signed-off-by: Dave Reisner <d@falconindy.com>
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.
Signed-off-by: Dan McGee <dan@archlinux.org>
There's no API functions exposed which allow manipulation of this type,
so remove it from public view. Also, rename the public and private
alpm_db_get_pkgcache symbol to alpm_db_get_pkgcache_has.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Read the package information for sync/local databases into a pmpkghash_t
structure.
Provide a alpm_db_get_pkgcache_list() method that returns the list from
the hash object. Most usages of alpm_db_get_pkgcache are converted to
this at this stage for ease of implementation. Review whether these are
better accessing the hash table directly at a later stage.
Signed-off-by: Allan McRae <allan@archlinux.org>
This flag allows to disable version checking in dependency resolving
code.
depcmp_tolerant respects the NODEPVERSION flag but we still keep the
original strict depcmp. The idea is to reduce the impact of the
NODEPVERSION flag by using it in fewer places.
I replaced almost all depcmp calls by depcmp_tolerant in deps.c (except
in the public find_satisfier used by deptest / pacman -T), but I kept
depcmp in sync.c and conflict.c
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
It's likely that these interfaces will break sooner or later, now that
pacman no longer uses them.
So better force the two people who use them to migrate their code to the
new add_pkg/remove_pkg interface, which is very easy anyway.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Old interface is marked as deprecated:
int alpm_sync_target(char *target);
int alpm_sync_dbtarget(char *db, char *target);
int alpm_add_target(char *target);
int alpm_remove_target(char *target);
New recommended interface:
int alpm_add_pkg(pmpkg_t *pkg);
int alpm_remove_pkg(pmpkg_t *pkg);
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
For consistency with alpm_add_pkg.
The new recommended interface is alpm_add_pkg / alpm_remove_pkg, all
others interfaces are deprecated.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This group function is meant to help group handling from frontend : it
scans all dbs, handling ignored packages and duplicate members (the
first repo where a member is found has the priority).
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This new function is meant to deprecate all existing
sync/add target functions :
int alpm_sync_target(char *target);
int alpm_sync_dbtarget(char *db, char *target);
int alpm_add_target(char *target);
Rather than dropping these 3 interfaces, it might be better to rewrite
them using alpm_add_pkg for now.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
This is a public interface for resolvedep. It looks nicer to expose it
this way rather than through sync_target.
This function can also be helpful for external tools as it should give
good results close to how pacman select a package for satisfying a given
dep.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
If there are multiple providers in one db, pacman used to just stop at
the first one (both during dependency resolution or for pacman -S
'provision' which uses the same code).
This adds a new conversation callback so that the user can choose which
provider to install. By default (user press enter or --noconfirm), the
first provider is still chosen, so for example the behavior of sync402
and 403 is preserved. But at least the user now has the possibility to
make the right choice in a manual run.
If one of the provider is already installed, it is picked for
reinstall/upgrade, so that provision 002/003 pactest now pass.
$ pacman -S community/smtp-server
:: There are 3 providers available for smtp-server:
1) courier-mta 2) esmtp 3) exim
Which one do you want to install?
Enter a number (default=1):
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Perform the cheap struct and string setup of the local DB at handle
initialization time to match the teardown we do when releasing the handle.
If the local DB is not needed, all real initialization is done lazily after
DB paths and other things have been configured anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
Instead, go the same route we have always taken with version-release in
libalpm and treat it all as one piece of information. Makepkg is the only
script that knows about epoch as a distinct value; from there on out we will
parse out the components as necessary.
This makes the code a lot simpler as far as epoch handling goes. The
downside here is that we are tossing some compatibility to the wind;
packages using force will have to be rebuilt with an incremented epoch to
keep their special status.
Signed-off-by: Dan McGee <dan@archlinux.org>
This can take a while too, and it is really easy to add the necessary
callback stuff for adding a progressbar.
Signed-off-by: Dan McGee <dan@archlinux.org>
There is a lot of swtiching between size_t and int for alpm_list sizes
in the codebase. Start converting these to all be size_t by adjusting
the return type of alpm_list_count and fixing all additional warnings
given by -Wconversion that are generated by this change.
Dan: a few more small changes to ensure things compile, adjusting some
printf format string characters to accommodate the larger size on x86_64.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Always declare a function with (void) rather than () when we expect
no arguements. Fixes all warnings with -Wstrict-prototypes.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Checking disk space needed for a transaction can take a while so add
an informative progress bar.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Disk space checking is likely to be an unnecessary bottleneck to
people with reasonable partition sizes so add a configuration option
to allow it to be disabled/enabled as wanted.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pull together the work of the previous commits to implement a check
for enough free space before performing an install transaction. Abort
if there is not enough free space with an appropriate pm_errno..
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Either we expose all low levels function dealing with pmdepend_t
(splitdep and depfree come to mind), or we don't.
Since none of the tools use depcmp, I chose to remove it. In the future,
we might want to expose higher level functions such as
alpm_find_satisfier, or just lower level functions like splitdep and
depfree together with depcmp.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This has been replaced by the more flexible alpm_find_satisfier
function, and alpm_deptest was completely unsused now.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
whatprovides and splitdep were removed, so depcmp alone is quite useless
now without splitdep, and deptest is not flexible enough.
Introduce a new alpm_find_satisfier which is hopefully more flexible,
this should make implementation of deptest very easy, and also help alpm
tools such as pactree.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This will allow for better control of what was previously the 'force' option
in a PKGBUILD and transferred into the built package.
Signed-off-by: Dan McGee <dan@archlinux.org>
Check that writing to destination file actually occurs in
_alpm_copyfile. Required adding a new error (PM_ERR_WRITE)
as none of the others appeared appropriate.
Prevents compiler warning when using -D_FORTIFY_SOURCE=2.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
The request of FS#12950 is implemented.
On the backend side, I introduced a new function, alpm_db_set_pkgreason(),
to modify the install reason of a package in the local database. On the
front-end side, I introduced a new main operation, -D/--database, which has
two options, --asdeps and --asexplicit. I documented this in pacman manual.
I've created two pactests to test -D: database001.py and database002.py.
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
Sorry for this being such a huge patch, but I believe it is necessary for
quite a few reasons which I will attempt to explain herein. I've been
mulling this over for a while, but wasn't super happy with making the
download interface more complex. Instead, if we carefully order things in
the internal download code, we can actually make the interface simpler.
1. FS#15657 - This involves `name.db.tar.gz.part` files being left around the
filesystem, and then causing all sorts of issues when someone attempts to
rerun the operation they canceled. We need to ensure that if we resume a
download, we are resuming it on exactly the same file; if we cannot be
almost postive of that then we need to start over.
2. http://www.mail-archive.com/pacman-dev@archlinux.org/msg03536.html - Here
we have a lighttpd bug to ruin the day. If we send both a Range: header and
If-Modified-Since: header across the wire in a GET request, lighttpd doesn't
do what we want in several cases. If the file hadn't been modified, it
returns a '304 Not Modified' instead of a '206 Partial Content'. We need to
do a stat (e.g. HEAD in HTTP terms) operation here, and the proceed
accordingly based off the values we get back from it.
3. The mtime stuff was rather ugly, and relied on the called function to
write back to a passed in reference, which isn't the greatest. Instead, use
the power of the filesystem to contain this info. Every file downloaded
internally is now carefully timestamped with the remote file time. This
should allow the resume logic to work. In order to guarantee this, we need
to implement a signal handler that catches interrupts, notifies the running
code, and causes it to set the mtimes on the file. It then rethrows the
signal so the pacman signal handler (or any frontend) works as expected.
4. We did a lot of funky stuff in trying to track the DB last modified time.
It is a lot easier to just keep the downloaded DB file around and track the
time on that rather than in a funky dot file. It also kills a lot of code.
5. For GPG verification of the databases down the road, we are going to need
the DB file around for at least a short bit of time anyway, so this gets us
closer to that.
Signed-off-by: Dan McGee <dan@archlinux.org>
[Xav: fixed printf with off_t]
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
This offers a cleaner way to deal with constant in enum and allow easy
maintainance
Signed-off-by: solsTiCe d'Hiver <solstice.dhiver@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
After our recent screwup with size_t and ssize_t in the download code, I
found the `-Wsign-conversion` flag to GCC to see if we were doing anything
else boneheaded. I didn't find anything quite as bad, but we did have some
goofups- most of our public unsigned methods would return -1 on error, which
is a bit odd in an unsigned context.
Signed-off-by: Dan McGee <dan@archlinux.org>