This makes it absolutely dead easy to ensure off_t has the same length
in all compilation units. I just spent 2.5 hours bashing my head on an
issue related to this so damn it I'm fixing it for good.
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently the only error case then when handle == NULL.
However several handle functions return -1 on this error,
and a uniform API makes things simpler.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
For a package to be loaded from any of our backends, these two fields
are always required upfront. Due to this fact, we don't need them to be
backend-specific operations and can just refer to the field directly.
Additionally, our static (and thus private) cache package accessors had
a NULL check on pkg before returning the relevant field. Eliminate this
since they only way they are ever called is via the packages attached
callback struct, which would have caused the NULL pointer dereference in
the first place.
Signed-off-by: Dan McGee <dan@archlinux.org>
So we only need one copy in the final library, not one copy per time
used. Ensure all necessary includes are in place (especially to get the
right size of off_t each time it is compiled) by including "config.h" in
the new graph.c.
One small adjustment here makes the graph_free code more robust- ensure
we don't have invalid pointers after each iteration by looking at the
parents and children and adjusting accordingly.
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensure we only have one- this looks like the result of a bad merge from
old 2008 signing code with the current stuff which has changed quite a
bit.
Originally-seen-by: Rémy Oudompheng <remyoudompheng@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
The current state of the code does not allow to see immediately
that it returns a list of pmdepmissing_t structures.
Signed-off-by: Dan McGee <dan@archlinux.org>
Some systems, like FreeBSD might define both statfs
and statvfs: however if statvfs exists whereas getmntinfo()
uses a statfs struct, the current ifdefs would select the wrong
line of code.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
There is no reason to not support versions of libarchive that lack
ARCHIVE_COMPRESSION_UU. Distributions should work properly without
this.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
That's a funny one, building with optimization levels (with both gcc and
clang) caused open_mode to always be set to "ab", which worked.
This was spotted both with clang-analyzer, and by Jakob who reported a
segfault as he was using an un-optimized build.
Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
So we don't segfault when calling this on be_sync loaded packages. They
return logical values as much as possible for indicating there is no
changelog available.
Signed-off-by: Dan McGee <dan@archlinux.org>
We didn't do this sanity check before trying to open an archive. If
the alpm dbpath wasn't set, the sync database dbpath would be NULL,
causing us to hang indefinitely in archive_read_open_filename() rather
than erroring out.
We already have a corresponding check in local_db_populate().
The following program will test this case, and hangs before this patch
without the call to set_dbpath:
int main(int argc, char *argv[]) {
alpm_initialize();
// alpm_option_set_dbpath("/var/lib/pacman/");
pmdb_t *core = alpm_db_register_sync("core");
pmpkg_t *pkg = alpm_db_get_pkg(core, "pacman");
return 0;
}
Signed-off-by: Dan McGee <dan@archlinux.org>
We had two functions that were oh so similar but slightly different. We
can combine them and add some conditional operation stuff to decide what
to return.
Signed-off-by: Dan McGee <dan@archlinux.org>
Many alpm_option_get/set_*() functions already check this
and set pm_errno to the right value, but not all, so
this improves consistency.
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This greatly simplifies the cleanup fallthrough in our download function
and we'll be able to reuse this for signatures.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Based on the fact that localf always points to the same file, there's no
need to code in multiple fopen calls with varying results. Instead,
track the desired file open mode and make a single call to fopen.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Create a more general function that allows appending a suffix to a
filepath.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This lets us determine the real size of the file on disk so that we can
properly bump the progress bar when we're resuming a download.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This addresses FS#23424. The -dd backend code was introduced in commit
b6ec9019d7, and unfortunately the munged depend used for comparison did
not carry through to the eventual display of this version. To fix this,
we undo some of the depcmp_tolerant() business introduced, and instead
make a new pmdepend_t object if necessary when the no dependency version
flag is set. This results in the correct depend being copied to the
missing depend passed onto the frontend.
Signed-off-by: Dan McGee <dan@archlinux.org>
pacman 3.5.0 removed alpm_db_register_local, so calling
alpm_db_unregister_all leaves the front end in a position where there's
no local db, and no way to re-register it.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
After updating a database, remove the old signature to prevent it
being used in validation if the new signature fails to download.
Signed-off-by: Allan McRae <allan@archlinux.org>
If signature verification is needed, attempt to download a signature
file for a repo when it is updated. Return an error if unable to
download signature only when checking is mandatory, or if signature is
invalid.
TODO: At the moment the database signature is only checked on download.
Should we do anything with a database if it fails to be verified to prevent
its future usage?
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
Our curl callback does a whole lot of work for nothing if the front end
never defined a callback to receive the data we'd calculate for it.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
CURLINFO_HTTP_CODE is deprecated in favor of CURLINFO_RESPONSE_CODE.
Both yield the same values.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
The files we transfer are generally compressed already, so this just
adds unnecessary overhead.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Use a static variable to effectively track the initialization state of
the progress callback via the last byte amount reported as downloaded by
libcurl.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
* introduces new macro in util.h (DOUBLE_EQ) for properly comparing
floating point values
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Move the (possibly still temporary) output generated during signature
checking into the --debug output.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
We pass in a db object, so no need to go looking for it in the list on
the handle. This is a remnant of when we passed in a treename, more than
likely.
Signed-off-by: Dan McGee <dan@archlinux.org>
This will serve as the home directory we pass to GPGME when making calls so
we can have a libalpm-utilized keyring.
Signed-off-by: Dan McGee <dan@archlinux.org>
If a .sig file sits side-by-side on the filesystem with a package archive,
read it in during the package struct creation process so we can verify it at
a later time if necessary.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
We will need these for GPG functionality (decoding the base64 encoded
signature stored in the databases).
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Implements FS#23103. Also modify libalpm so it ignores this value
without any warning as we know it is likely to exist.
Signed-off-by: Dan McGee <dan@archlinux.org>
Wrap lines of long length, noticed while creating and messing around
with some of the other maint branch patches.
Signed-off-by: Dan McGee <dan@archlinux.org>
Noticed with the openoffice/libreoffice replacement scheme where many
packages are listed as replacements to one package, thus electing it for
removal multiple times. Ensure a given package is not already present
before placing it in the removal list.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a rather serious data corruption issue that luckily manifested
itself today in a noticable way. A package in testing had replaces
entries read in as ["%RE pkgname", "%RE"] which was clearly wrong. This
happens when we hit the end of an archive block, do not have a newline,
and have to continue reading from the next block to complete the line.
Signed-off-by: Dan McGee <dan@archlinux.org>
Drawing progress bars before calling curl_easy_perform() is needless as
the curl progress callback is called with zero progress before actually
downloading the file anyways. Fixes display of "0%" progress bars when
sync'ing package databases that are already up to date.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was discussed and more or less agreed upon on the mailing list. A
huge checkin, but if we just do it and let people adjust the pain will
end soon enough. Rebasing should be relatively straighforward for anyone
that sees conflicts; just be sure you use the new return style if
possible.
The following semantic patch was used to do the change, along with some
hand-massaging in order to preserve parenthesis where appropriate:
The semantic match that finds this problem is as follows, although some
hand-massaging was done in order to keep parenthesis where appropriate:
(http://coccinelle.lip6.fr/)
// <smpl>
@@
expression a;
@@
- return(a);
+ return a;
// </smpl>
A macros_file was also provided with the following content:
Additional steps taken, mainly for ASSERT() macros:
$ sed -i -e 's#return(NULL)#return NULL#' lib/libalpm/*.c
$ sed -i -e 's#return(-1)#return -1#' lib/libalpm/*.c
Signed-off-by: Dan McGee <dan@archlinux.org>
We erroniously dropped the call to _alpm_delta_parse() when macro-izing,
causing segfaults for repos that provide deltas. Addresses FS#23314.
Signed-off-by: Dan McGee <dan@archlinux.org>
Partially addresses the "why doesn't CheckSpace work in a chroot" issue.
We can't make it work, but we can at least detect when it won't work by
checking for a partition for our given installation root. If we can't
determine the mountpoint for this, bail out with an error.
Signed-off-by: Dan McGee <dan@archlinux.org>
