When attempting to install a package (either via -S or -U) and the
signature is missing, the current error message "invalid or corrupted
package (PGP signature)" is very unclear. Instead inform the user
that the package is missing the required signature.
Partial fix for FS#34741.
Signed-off-by: Allan McRae <allan@archlinux.org>
Failure isn't always due to the package file location not existing;
permission issues can also play a part on something like a FUSE-based
filesystem inaccessible to root.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add 2012 to the copyright range for all libalpm and pacman source files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensures that config.h is always ordered correctly (first) in the
includes. Also means that new source files get this for free without
having to remember to add it.
We opt for -imacros over -include as its more portable, and the
added constraint by -imacros doesn't bother us for config.h.
This also touches the HACKING file to remove the explicit mention of
config.h as part of the includes.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is consistent with the other enums and structs, and should be
slightly more readable.
Signed-off-by: Jonathan Conder <jonno.conder@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a bit of a mess, due to the fact that we have a progress meter
running. It is also ironic that we are in the midst of a method named
"commit" when we haven't done a damn thing yet, and can still fail hard
if either a checksum or signature is invalid or unrecognized.
Adapt the former test_md5sum method to be invoked for any of the various
failure types, which at least gives the user some indication of what
packages are failing. A second patch will be needed to actually show
worthwhile error codes, but this is going to involve modifying the
actual data passed with the callback.
Signed-off-by: Dan McGee <dan@archlinux.org>
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
Start by converting all of our flags to a 'status' bitmask (pkgcache
status, grpcache status). Add a new 'valid' flag as well. This will let
us keep track if the database itself has been marked valid in whatever
fashion.
For local databases at the moment we ensure there are no depends files;
for sync databases we ensure the PGP signature is valid if
required/requested. The loading of the pkgcache is prohibited if the
database is invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
This will make the patching process less invasive as we start to remove
this variable from all source files.
Signed-off-by: Dan McGee <dan@archlinux.org>
This was discussed and more or less agreed upon on the mailing list. A
huge checkin, but if we just do it and let people adjust the pain will
end soon enough. Rebasing should be relatively straighforward for anyone
that sees conflicts; just be sure you use the new return style if
possible.
The following semantic patch was used to do the change, along with some
hand-massaging in order to preserve parenthesis where appropriate:
The semantic match that finds this problem is as follows, although some
hand-massaging was done in order to keep parenthesis where appropriate:
(http://coccinelle.lip6.fr/)
// <smpl>
@@
expression a;
@@
- return(a);
+ return a;
// </smpl>
A macros_file was also provided with the following content:
Additional steps taken, mainly for ASSERT() macros:
$ sed -i -e 's#return(NULL)#return NULL#' lib/libalpm/*.c
$ sed -i -e 's#return(-1)#return -1#' lib/libalpm/*.c
Signed-off-by: Dan McGee <dan@archlinux.org>
Add PM_ERR_LIBCURL to error enum and handle case in error.c by returning
curl_easy_strerror() based on the error number carried by the gloabl alpm
handle.
Signed-off-by: Dave Reisner <d@falconindy.com>
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.
Signed-off-by: Dan McGee <dan@archlinux.org>
PM_ERR_WRITE is defined in alpm.h but not handled in
alpm_strerror(). This patch corrects that.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Although they won't be the same in the gettext catalog because of the '\n'
we should still use the same text.
Signed-off-by: Dan McGee <dan@archlinux.org>
We use PATH_MAX everywhere by including limits.h so there is no
point in doing a check for it in a different header when dealing
with FreeBSD's libfetch.
Also, remove autoconf check for strings.h header as it is not used
anywhere.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
POSIX does not require PATH_MAX be defined when there is not actual
limit to its value. This affects HURD based systems. Work around
this by defining PATH_MAX to 4096 (as on Linux) when this is not
defined.
Also, clean up inclusions of limits.h and remove autoconf check for
this header as we do not use macro shields for its inclusion anyway.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pull together the work of the previous commits to implement a check
for enough free space before performing an install transaction. Abort
if there is not enough free space with an appropriate pm_errno..
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
I don't know what I tested in commit 3e7b90ff69, but it definitely wasn't
working as advertised. Fix the checks in the source code itself to match the
right define (HAVE_LIBFETCH), as well as make sure the configure check
defaults to looking for the library but not bailing if it could not be
found.
Signed-off-by: Dan McGee <dan@archlinux.org>
Model it after the new OpenSSL check, and have it be a bit more useful. If
you do not explicitly pass a command line option, it will be linked if
available but will not error out if it is missing. Also bump the version to
that where connection caching was introduced as we use these new features in
the codebase.
Signed-off-by: Dan McGee <dan@archlinux.org>
It was probably a bad idea to modify the target directly in case of
repo/pkg syntax.
Duplicating it also allows us to keep the original target string, which
is more informative when printing errors.
Also remove a duplicated error message from libalpm, and improve the
message already returned to the frontend.
$ pacman -S foo/bar
before
error: repository 'foo' not found
error: 'bar': no such repository
after
error: 'foo/bar': could not find repository for target
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This fixes FS#14899. When running an -Sp operation without servers
configured for a repository, we would segfault, so add an assert to the
backend method returning the first server preventing a null pointer
dereference.
In addition, add a new error code to libalpm that indicates we have no
servers configured for a repository. This makes -Sy and -S <package>
operations fail gracefully and helpfully when a repo is set up with no
servers, as the default mirrorlist in Arch is provided this way.
Signed-off-by: Dan McGee <dan@archlinux.org>
This flag indicates that the front-end will not call alpm_trans_commit(),
so the database needn't be locked. This is the first step toward fixing
FS#8905.
If this flag is set, alpm_trans_commit() does nothing and returns with
an error (that has new code: PM_ERR_TRANS_NOT_LOCKED).
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
This patch fixes FS#12059.
Now sync_addtarget can return with PM_ERR_PKG_IGNORED, which indicates that
although the requested package was found it is in ignorepkg, so alpm could
not add it to the transaction. So the front-end can decide what to do.
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
The HoldPkg feature is even more important when the packages to be held are
pulled automatically by pacman, in a -Rc and -Rs operation. Before, it only
applied when the packages were explicitly requested by the user to be
removed. This patch extends holdpkg to -Rc and -Rs by doing the HoldPkg
check just before trans_commit.
Additionally, the whole HoldPkg stuff was moved to the front-end.
I changed the default behavior to "don't remove", so I modified remove030.py
pactest as well.
See also: FS#9173.
Original-work-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
Aaron said to consider libdownload a dead project so libdownload support was
removed to more easily fix libfetch one (otherwise many ifdef needed).
There was no direct replacement for ferror to detect an error while
downloading. So instead, I added a check at the end to see if the file was
fully downloaded, which is just a small chunk of code taken from here:
http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/net/libfetch/files/fetch.c?only_with_tag=MAIN
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Use libfetch naming in the code in place of libdownload names. This is in
preparation for dropping support for libdownload at some point as libfetch
can run on Linux.
Signed-off-by: Dan McGee <dan@archlinux.org>
We removed one too many FREELIST() calls when trying to fix some memleaks,
and add a safety/sanity check to ensure filename is set, as packages in old
DBs are likely to not have this field.
Signed-off-by: Dan McGee <dan@archlinux.org>
This should remove the need for any additional patching to run on platforms
that have libfetch available but not libdownload. It isn't the prettiest,
but we have kept our libdownload impact down to just a few files, so it can
be easily done.
Signed-off-by: Dan McGee <dan@archlinux.org>
Add a new --disable-internal-download flag to configure allowing the
internal download code to be skipped. This will be helpful on platforms that
currently don't support either libdownload or libfetch (such as Cygwin) and
for just compiling a lighter weight pacman binary.
This was made really easy by our recent refactoring of the download code
into separate internal and external functions, as well as some error code
cleanup.
Signed-off-by: Dan McGee <dan@archlinux.org>
test_delta_md5sum and test_pkg_md5sum were simple wrappers to test_md5sum,
and only used once, so not very useful. I removed them.
Also, test_md5sum and alpm_pkg_checkmd5sum functions were a bit duplicated,
so I refactored them with a new _alpm_test_md5sum function in libalpm/util.c
Signed-off-by: Chantry Xavier <shiningxc@gmail.com>
Update the GPL boilerplate to direct people to the GNU website for a copy of
the license, as well as bump all of Judd's copyrights to 2007.
Signed-off-by: Dan McGee <dan@archlinux.org>
Delta files will be used if the size is smaller than a percent
(MAX_DELTA_RATIO) of the package size.
Signed-off-by: Nathan Jones <nathanj@insightbb.com>
Signed-off-by: Dan McGee <dan@archlinux.org>