1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-17 14:55:07 -05:00
Commit Graph

113 Commits

Author SHA1 Message Date
Allan McRae
5c404268d9 Add information on how an installed package was validated
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.

e.g.
Validated By   : SHA256 Sum

Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.

Dan: just a few very minor tweaks.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-08 17:58:04 -06:00
Allan McRae
326c6a8eed Update copyright years
Add 2012 to the copyright range for all libalpm and pacman source files.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-20 16:54:34 -06:00
Dave Reisner
d6ccd44390 include config.h via Makefiles
Ensures that config.h is always ordered correctly (first) in the
includes. Also means that new source files get this for free without
having to remember to add it.

We opt for -imacros over -include as its more portable, and the
added constraint by -imacros doesn't bother us for config.h.

This also touches the HACKING file to remove the explicit mention of
config.h as part of the includes.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-21 18:13:17 -06:00
Dan McGee
5f3629bea0 Introduce alpm_time_t type
This will always be a 64-bit signed integer rather than the variable length
time_t type. Dates beyond 2038 should be fully supported in the library; the
frontend still lags behind because 32-bit platforms provide no localtime64()
or equivalent function to convert from an epoch value to a broken down time
structure.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
b7ebacc576 Pass package signature data up one more level
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
afdbfc05f7 Extract an _alpm_pkg_validate_internal() method
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of
the method that dealt with checksum and signature validation into a
separate method that should be called before one loads a package to
ensure it is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
86d9fcbfff Remove const specifier from changelog_read() void parameter
This shouldn't really be declared with const, and causes a compile error
when -Wcast-qual is used. Remove the const specifier from the function
specification and all implementations.

Also fix one other trivial -Wcast-qual warning in _alpm_db_cmp().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:11:39 -05:00
Dan McGee
7ea1ea88bb More package operations cleanup
Neither deltas nor filename attributes are ever present in the local
database, so we can remove all of the indirection for accessing these
attributes.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 22:07:06 -05:00
Dan McGee
83a1e4fee3 Clean up handling of size fields
We currently have csize, isize, and size concepts, and sometimes the
difference isn't clear. Ensure the following holds:

* size (aka csize): always the compressed size of the package; available
  for everything except local packages (where it will return 0)
* isize: always the installed size of the package; available for all
  three package types

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 19:26:07 -05:00
Diogo Sousa
3a458783a2 Removed multiple definitions of pkgfrom_t
libalpm now exports type alpm_pkgfrom_t in alpm.h, which may be used
by frontends.

Pacman now uses alpm_pkgfrom_t instead of replicating that type (pkg_from
as was in src/pacman/package.h)

Updated API change in README.

Signed-off-by: Diogo Sousa <diogogsousa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 23:30:10 -05:00
Dan McGee
dc3336c277 Refactor some args out of pkg_load_internal
Just pass the entire sync package in if we have it; that way we can do
any necessary operations involving it rather than have a parameter list
growing endlessly.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:19 -05:00
Dan McGee
6d544984f2 Be more robust when copying package data
This changes the signature of _alpm_pkg_dup() to return an integer error
code and provide the new package in a passed pointer argument. All
callers are now more robust with checking the return value of this
function to ensure a fatal error did not occur.

We allow load failures to proceed as otherwise we have a chicken and egg
problem- if a 'desc' local database entry is missing, the best way of
restoring said file is `pacman -Sf --dbonly packagename`. This patch
fixes a segfault that was occurring in this case.

Fixes the segfault reported in FS#25667.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 11:09:57 -05:00
Dan McGee
bd5ec9cd8e Validate the sha256sum if available
Adjust load_internal() to check the sha256sum value if we have it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:13:35 -05:00
Dan McGee
f3f39cef84 Remove checksum access indirection
These items are never present in anything but sync databases, nor do we
even try to load them from the local database. Remvoe the indirection
meant to allow the caching layer to work since it will never do anything
anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
ebb2e36cc4 Load and allow access to sha256sum
This adds a field in the package struct for this checksum type as well
as allowing access via the API to it. The frontend is now able to
display any read value. Note that this does not implement any use or
verification of the value internally.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:55 -05:00
Dan McGee
bb3dada871 Convert package filelists to an array instead of linked list
This accomplishes quite a few things with one rather invasive change.

1. Iteration is much more performant, due to a reduction in pointer
   chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
   linked list as the file struts are now laid out consecutively in
   memory.
3. Memory allocation has been massively reworked. Before, we would
   allocate three different pieces of memory per file item- the list
   struct, the file struct, and the copied filename. What this resulted
   in was massive fragmentation of memory when loading filelists since
   the memory allocator had to leave holes all over the place. The new
   situation here now removes the need for any list item allocation;
   allocates the file structs in contiguous memory (and reallocs as
   necessary), leaving only the strings as individually allocated. Tests
   using valgrind (massif) show some pretty significant memory
   reductions on the worst case `pacman -Ql > /dev/null` (366387 files
   on my machine):

   Before:
     Peak heap:   54,416,024 B
	 Useful heap: 36,840,692 B
	 Extra heap:  17,575,332 B

   After:
     Peak heap:   38,004,352 B
	 Useful heap: 28,101,347 B
	 Extra heap:   9,903,005 B

Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-21 15:04:30 -05:00
Dan McGee
7af0ab1cde signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.

* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
  a simple integer success/failure value. This allows callers to
  determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
  returned status code; pm_errno is now set only to PKG_INVALID_SIG or
  DB_INVALID_SIG as appropriate.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
6a6fc3107f Move alpm filelists to a struct object
This allows us to capture size and mode data when building filelists
from package files. Future patches will take advantage of this newly
available information, and frontends can use it as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 14:29:30 -05:00
Dan McGee
13235ba65a Make local_db_read() private to the local backend
There is little need to expose the guts of this function even within the
library. Make it static in be_local.c, and clean up a few other things
since we know exactly where it is being called from:

* Remove unnecessary origin checks in _cache_get_*() methods- if you are
  calling a cache method your package type will be correct.
* Remove sanity checks within local_db_read() itself- packages will
  always have a name and version if they get this far, and the package
  object will never be NULL either.

The one case calling this from outside the backend was in add.c, where
we forced a full load of a package before we duplicated it. Move this
concern elsewhere and have pkg_dup() always force a full package load
via a new force_load() function on the operations callback struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 11:51:49 -05:00
Allan McRae
028b965e1a Rename pmdbinfrq_t to alpm_dbinfrq_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:24 +10:00
Allan McRae
08fc1db24c Rename pmpkgfrom_t to alpm_pkgfrom_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:24 +10:00
Allan McRae
8a04bc25a1 Rename pmpkg_t to alpm_pkg_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:26:39 +10:00
Allan McRae
939d5a9511 Rename pmdb_t to alpm_db_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 14:16:12 +10:00
Allan McRae
64c1cf7921 Rename pmhandle_t to alpm_handle_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 14:04:00 +10:00
Allan McRae
7ce674491b Rename pmpkgreason_t to alpm_pkgreason_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 13:54:04 +10:00
Dan McGee
54ef162a1a Convert backup list to new pmbackup_t type
This allows us to separate the name and hash elements in one place and
not scatter different parsing code all over the place, including both
the frontend and backend.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-22 12:31:12 -05:00
Dan McGee
0074cadb3b Add handle argument to _alpm_pkg_should_ignore()
This allows callers to retrieve it from wherever is convenient, which
may or may not be on the package object itself.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-14 08:38:51 -05:00
Dan McGee
d76341297a Require handle for alpm_pkg_load()
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-13 19:35:22 -05:00
Dan McGee
7f98460e37 Add handle attribute to pmpkg_t struct
Similar to what we just did for the database; this will make it easy to
always know what handle a given package originated from.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-03 12:13:22 -05:00
Dan McGee
4d63ebe2fb Perform package verification at package load time
Both md5sum verification and PGP verification can and should be done at
package load time. This allows verification to happen as early as
possible for packages provided by filename and loaded in the frontend,
and moves more stuff out of sync_commit that doesn't really belong
there. This should also set the stage for simplified parallel loading of
packages later down the road.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24 10:48:34 -05:00
Dan McGee
225acbbff1 Rein in the complexity of the signature type
Given that we offer no transparency into the pmpgpsig_t type, we don't
really need to expose it outside of the library, and at this point, we
don't need it at all. Don't decode anything except when checking
signatures. For packages/files not from a sync database, we now just
read the signature file directly anyway.

Also push the decoding logic down further into the check method so we
don't need this hanging out in a less than ideal place. This will make
it easier to conditionally compile things down the road.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24 10:48:33 -05:00
Dan McGee
202ade1398 Include "config.h" in header files using off_t
This makes it absolutely dead easy to ensure off_t has the same length
in all compilation units. I just spent 2.5 hours bashing my head on an
issue related to this so damn it I'm fixing it for good.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-15 18:40:32 -05:00
Dan McGee
dff2d916ba Remove indirection on get_name and get_version operations
For a package to be loaded from any of our backends, these two fields
are always required upfront. Due to this fact, we don't need them to be
backend-specific operations and can just refer to the field directly.

Additionally, our static (and thus private) cache package accessors had
a NULL check on pkg before returning the relevant field. Eliminate this
since they only way they are ever called is via the packages attached
callback struct, which would have caused the NULL pointer dereference in
the first place.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-15 18:37:09 -05:00
Allan McRae
ed6fda2f98 Add functions for verifying database signature
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures.  Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.

TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-23 22:22:33 -05:00
Dan McGee
60159c2e77 Allow PGP signature to be read from sync database
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.

Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.

Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-23 02:22:00 -05:00
Dan McGee
bf46e04614 Remove epoch as an independent field
Instead, go the same route we have always taken with version-release in
libalpm and treat it all as one piece of information. Makepkg is the only
script that knows about epoch as a distinct value; from there on out we will
parse out the components as necessary.

This makes the code a lot simpler as far as epoch handling goes. The
downside here is that we are tossing some compatibility to the wind;
packages using force will have to be rebuilt with an incremented epoch to
keep their special status.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-21 19:30:45 -06:00
Allan McRae
d288240426 Update copyright years for 2011
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-07 18:47:37 -06:00
Dan McGee
c7d332a26a Reorganize fields in package struct
Saves a few bytes due to padding (256 -> 248 bytes), especially on x86_64,
so we get the overhead of our new hash field right back.

Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-14 17:46:02 -06:00
Dan McGee
c2a73ba989 When setting package name, set hash value as well
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-14 12:06:31 -06:00
Dan McGee
580fe21065 Abstract has_scriptlet() to package ops struct
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-13 21:25:14 -06:00
Dan McGee
feb9889f22 Add epoch support to pacman/libalpm
This will allow for better control of what was previously the 'force' option
in a PKGBUILD and transferred into the built package.

Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-13 23:29:26 -05:00
Dan McGee
6cebd4e602 Complete rework of package accessor logic
Hopefully we've finally arrived at package handling nirvana, or at least
this commit will get us a heck of a lot closer. The former method of getting
the depends list for a package was the following:

1. call alpm_pkg_get_depends()
2. this method would check if the package came from the cache
3. if so, ensure our cache level is correct, otherwise call db_load
4. finally return the depends list

Why did this suck? Because getting the depends list from the package
shouldn't care about whether the package was loaded from a file, from the
'package cache', or some other system which we can't even use because the
damn thing is so complicated. It should just return the depends list.

So what does this commit change? It adds a pointer to a struct of function
pointers to every package for all of these 'package operations'  as I've
decided to call them (I know, sounds completely straightforward, right?). So
now when we call an alpm_pkg_get-* function, we don't do any of the cache
logic or anything else there- we let the actual backend handle it by
delegating all work to the method at pkg->ops->get_depends.

Now that be_package has achieved equal status with be_files, we can treat
packages from these completely different load points differently. We know a
package loaded from a zip file will have all of its fields populated, so
we can set up all its accessor functions to be direct accessors. On the
other hand, the packages loaded from the local and sync DBs are not always
fully-loaded, so their accessor functions are routed through the same logic
as before.

Net result? More code. However, this code now make it roughly 52 times
easier to open the door to something like a read-only tar.gz database
backend.

Are you still reading? I'm impressed. Looking at the patch will probably be
clearer than this long-winded explanation.

Signed-off-by: Dan McGee <dan@archlinux.org>
[Allan: rebase and adjust]
Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-13 23:53:18 +10:00
Dan McGee
d1126db128 Allow local and sync db to be treated separately
Implement this seemingly simple change in package.h:

 typedef enum _pmpkgfrom_t {
-       PKG_FROM_CACHE = 1,
-       PKG_FROM_FILE
+       PKG_FROM_FILE = 1,
+       PKG_FROM_LOCALDB,
+       PKG_FROM_SYNCDB
 } pmpkgfrom_t;

which requires flushing out several assumptions from around the codebase
with regards to usage of the PKG_FROM_CACHE value. Make some changes where
required to allow the switch, and now the correct value should be set (via a
crude hack) depending on whether a package was loaded as an entry in a local
db or a sync db.

This patch underwent some big rebasing from Allan and Dan.

Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-13 23:53:18 +10:00
Allan McRae
48589ccc64 Fix some whitespace issues
The combination of tabs and spaces is annoying in any editor that
does not use a tab width of 2 spaces.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-08-23 21:49:05 -05:00
Dan McGee
a36ff9404b Bump copyright dates to 2010
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-03-14 19:46:59 -05:00
Dan McGee
35dc9b0314 int typing: s/unsigned short/int/ in libalpm
After our recent screwup with size_t and ssize_t in the download code, I
found the `-Wsign-conversion` flag to GCC to see if we were doing anything
else boneheaded. I didn't find anything quite as bad, but we did have some
goofups- most of our public unsigned methods would return -1 on error, which
is a bit odd in an unsigned context.

Signed-off-by: Dan McGee <dan@archlinux.org>
2009-10-11 13:51:47 -05:00
Dan McGee
c72b4543b6 Update copyright headers and messages
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-07-01 02:08:33 -05:00
Nagy Gabor
19b8b63885 Introduce _alpm_pkg_free_trans()
The main purpose of this function to make our code more readable.
It frees transaction specific fields of pmpkg_t. (It is used when a package
is removed from the target list.)

Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-06-07 15:11:16 -05:00
Nagy Gabor
aefb4e0fa5 Remove pmsyncpkg_t
pmsyncpkg_t data sructure was removed:
1. pmpkg_t.reason is used instead of pmsyncpkg_t.newreason. (The target
packages come from sync repos, so we can use this field without any
problems. Upgrade transaction also uses this field to store this info.)
2. pmsyncpkg_t.removes was moved to pmpkg_t.removes.
This step requires careful programming, because we don't duplicate packages
when we add them to trans->packages. So we modify sync pkgcache when we
add this transaction-only info to our package. Hence it is important to
free this list when we remove any package from the target list
(remove_unresolvable, remove_conflicts, trans_free), otherwise this could
confuse the new sync transactions (with non-pacman GUI).

Overall, our code became ~100 line shorter, and we can call our helper
functions directly on trans->packages in sync.c, we don't need to maintain
parallel package lists.

Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-04-11 14:05:13 -05:00
Dan McGee
0669c9bfac Use correct C type for file sizes
We have been using unsigned long as a file size type for a while, which
works but isn't quite correct and could easily break. Worse was probably our
use of int in the download callback functions, which could be restrictive
for packages > 2GB in size.

Switch all file size variables to use off_t, which is the preferred type for
file sizes. Note that at least on Linux, all applications compiled against
libalpm must now be sure to use large file support, where _FILE_OFFSET_BITS
is defined to be 64 or there will be some weird issues that crop up.

Signed-off-by: Dan McGee <dan@archlinux.org>
2008-06-04 15:38:47 -05:00