GPG signatures have a timestamp which is checked and if it's in the
future, verification will fail.
Dan: slight wording change.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Given the message is repeated for each repo, it is a good idea to
print the repo name in the output.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
To improve conflict checking, we will need to make these functions
diverge to an extent where having two separate functions will be
preferable.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We have a few of these and might as well gather them together. This also
cleans up the code a bit by using an enum instead of integer values, as
well as makes a "search for file in filelist" function public so
frontends can do better than straight linear search of the filelists.
Signed-off-by: Dan McGee <dan@archlinux.org>
74274b5dc3 which added the real_line_size to the buffer struct
didn't properly account for what happens when archive_fgets has to loop
more than once to find the end of a line. In most cases, this isn't a
problem, but could potentially cause a longer line such as PGP signature
to be improperly read.
This patch fixes the oversight and focuses on only calculating the line
length when we hit the end of line marker. The effective length is then
calculated via pointer arithmetic as:
(start_of_last_read + read_length) - start_of_line
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Take advantage of the fact that our filelists are arrays sorted by
filename with a known length and use a binary search. This should speed
up file conflict checking, particularly when larger packages are
involved.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This may very well be a no-op, but better safe than sorry.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
On the assumption that these arrays are already mostly sorted, use the
standard quicksort method to sort the files arrays. The files_msort
function name is tweaked to give it a more general name to reflect this
change.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
When checking if a package owns a directory, it is important to check
not only that all the files in the directory are part of the package,
but also if the directory is part of a package. This catches empty
subdirectories during conflict checking for directory to file/symlink
replacements.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
When two packages own an empty directory, pacman finds no conflict when
one of those packages wants to replace the directory with a file or a
symlink. When it comes to actually extracting the new file/symlink,
pacman sees the directory is still there (we do not remove empty
directories if they are owned by a package) and refuses to extract.
Detect this potential conflict early and bail. Note that it is a
_potential_ conflict and not a guaranteed one as the other package owning
the directory could be updated or removed first which would remove
the conflict. However, pacman currently can not sort package installation
order to ensure this, so this conflict requires manual upgrade ordering.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Only load filesystem details for the mount points that we're actually
going to write to. This reduces our syscall count considerably. In the
case of installation, we would actually stat every mountpoint twice (an
extra round for download diskspace) which means (on my system) a total
of 60 syscalls to write to 3 partitions when installing the kernel
package. This change reduces the 60 syscalls down to the expected 3.
A slight debug output change is added here to discern between a
mountpoint added to our linked list versus when we actually load the fs
info.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
add mount_point_load_fsinfo() for platforms using getmntent().
Dan: move the #ifdef slightly so we don't have unused functions on
certain platforms (e.g., OS X).
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Similar to the case for makedepends, it is useful to be able to
access this information without parsing a PKGBUILD.
Signed-off-by: Allan McRae <allan@archlinux.org>
If known, callers can pass the line size to this function in order to
avoid an strlen call. Otherwise, they simply pass 0 and
_alpm_strip_newline will do the call instead.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We inevitably call strlen() or similar on the line returned from
_alpm_archive_fgets(), so include the line size of the interesting line
in the struct.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
With lazy loading in place, it's now quite obvious that we aren't
necessarily checking the right mountpoint for necessary download space.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This is useful for tools that automatically rebuild packages and
thus require to generate a build order. These entries are skipped
by pacman.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Apparently gcc 4.7 has decided that -Wshadow warnings aren't worth
reporting anymore even with the flag enabled. These were found on
an Ubuntu 10.04 install.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This path is rarely (read: never) taken in any normal run of the code,
so injecting the fprintf() call everywhere with the macro is a bit
overkill. Instead, add a lightweight _alpm_alloc_fail() function that
gets called instead.
This does have a reasonable effect on the size of the generated code;
most places using the macros provided by util.c have their code size
reduced.
Signed-off-by: Dan McGee <dan@archlinux.org>
Increment the strlen() provided value by 1 for the NULL byte so we use
the right value in all three places we later reference it.
Signed-off-by: Dan McGee <dan@archlinux.org>
There is little reason here to grab 4K from the heap only to return it a
few lines later. Instead, just use the stack to hold the returned value
saving ourselves the malloc/free cycle.
Signed-off-by: Dan McGee <dan@archlinux.org>
No one seems to do this "correctly", but for the sake of having an easy
method of detecting the presence and version of libalpm on a given
system, we provide a straightforward .pc file.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
There isn't a whole lot of reason other than code clarity for this, but
it makes it a bit more obvious where multivalued attributes start.
Signed-off-by: Dan McGee <dan@archlinux.org>
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Not sure why this one wasn't showing up on x86_64, but this fixes the
compile on i686.
diskspace.c: In function 'calculate_removed_size':
diskspace.c:247:4: error: assuming signed overflow does not occur when negating a division [-Werror=strict-overflow]
cc1: all warnings being treated as errors
Signed-off-by: Dan McGee <dan@archlinux.org>
This fixes a bunch of small issues in order to enable a clean
successful build with a crazy number of GCC warning flags. A lot of
these changes are covered by -Wshadow, -Wformat-security, and
-Wstrict-overflow=5.
Signed-off-by: Dan McGee <dan@archlinux.org>
Continue the trend of not touching the environment CFLAGS, ensuring that
the user always has the final say.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
- handle gpgme libs and cflags separately rather than appending to
CFLAGS and LDFLAGS
- be consistent in AC_LINK_IFELSE check for gpgme 1.3.0 (though this is
irrelephant since we don't actually run)
- be consistent with usage of "have" and "with" variables (this
actually ends up reducing SLOC)
- when voluntary detection fails, unset GPGME_CFLAGS and GPGME_LIBS
- when requested support fails the version check, complain about the min
version.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Failure isn't always due to the package file location not existing;
permission issues can also play a part on something like a FUSE-based
filesystem inaccessible to root.
Signed-off-by: Dan McGee <dan@archlinux.org>
The initial patch to implement this achieved nothing apart from
adding a configure option. This patch makes that configure option
do what it advertises.
Note that specifing any shell apart from /bin/sh causes testsuite
failures as /bin/sh is the only shell in the testing environment.
Bug-found-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Dan was right. This should have been FREE(), not free().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pull updates from transifex, run update-po on all files, fix a few
errors, and push them back to Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
For key searches only, gpg2 will fail to lookup any and all keys that
are not prefixed with 0x.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Using fputs should be faster as no format string parsing is required. It
also prevents silly errors related to unescaped '%' signs, and removes
the need to double them up in a lot of places.
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes a call to _alpm_local_db_pkgpath() as well as an access()
call when reading the local database. This appears to be code from 2006
that has stuck around. We don't need it because:
1) We never use this path except to check it via access(); however, we
are already in a readdir() loop so it exists, or at least did at the
time of the call.
2) The fopen() and other calls will fail on accessing the database files
anyway, and we need to check those for errors.
Signed-off-by: Dan McGee <dan@archlinux.org>
In case we have a mirror failure, unlink_on_fail would remain set,
causing an interrupt in a successive download attempt to be wrongly
unlinked.
This also fixes a memory leak in the url member, as we would allocate
over the previous, unfreed URL.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
To avoid conflicts on reusing a payload after a failed download, ensure
that we reset the filename hints in the payload struct prior to the
download operation.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We had one stubbed out so we didn't require a translation update, and
the other is more a code style issue.
Signed-off-by: Dan McGee <dan@archlinux.org>
Unify the output for local and sync packages by only printing a
list of possible validation types for sync packages. This also
has the advantage of not printing the very long sha256 checksum
which line wrapped on a standard width terminal.
Signed-off-by: Allan McRae <allan@archlinux.org>
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.
e.g.
Validated By : SHA256 Sum
Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.
Dan: just a few very minor tweaks.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
No new behaviour introduced, everything should work exactly as before.
Dan: refactored to use the single alpm_depend_t structure.
Signed-off-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is the first step in parsing and handling optdepends. There is no
behavior change introduced in this commit; however, depends that contain
a ": " string will now be parsed as having a description and it will be
stored in the depend structure. Later patches will utilize this new
field as appropriate.
This is heavily based on the work of Benedikt, who did something similar
but introduced a new type for this rather than only a new field to the
existing type.
Heavily-influenced-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
If we begin to create a file list when loading a package, but abort
because of an error to one of our goto labels, the memory used to create
the file list will leak. This is because we use a set of local variables
to hold the data, and thus _alpm_pkg_free() cannot clean up for us.
Use the file list struct on the package object as much as possible to
keep state when building the file list, thus allowing _alpm_pkg_free()
to clean up any partially built data.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is easily triggered via a `pacman -Sc` operation when it attempts
to open a delta file as a package- we end up leaking loads of memory
due to us never freeing the archive object. When you have upwards of
1200 delta files in your sync database directory, this results in a
memory leak of nearly 1.5 MiB.
Also fix another memory leak noticed at the same time- we need to call
the internal _alpm_pkg_free() function, as without the origin data being
set the public free function will do nothing.
Signed-off-by: Dan McGee <dan@archlinux.org>
It seems that if we pass the permissions that we want the created
directory to have, then we should probably use it...
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Add 2012 to the copyright range for all libalpm and pacman source files.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Simplify the implementation:
- allocate and manipulate a copy of the passed in path rather than
building out a path as the while loop progresses
- use simple pointer arithmetic to skip uninteresting cases
- use mkdir(3)'s return value and errno to detect failure
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
It can happen that the to-be-downloaded file cannot be created in cachedir.
For example, I am an -Sup user, and it is comfortable to set --cachedir to
/mnt/pendrive, which is a FAT filesystem, so files like
capseo-1:0.3-2-i686.pkg.tar.xz cannot be downloaded to there.
Before this patch, pacman didn't give clear output about what happens when
the download code could not create the necessary file. This can be confusing
with -Su. An example output:
***
$ sudo pacman -S capseo bochs --cachedir /c/TEMP
resolving dependencies...
looking for inter-conflicts...
Targets (2): bochs-2.4.6-1 capseo-1:0.3-2
Total Download Size: 0.61 MiB
Total Installed Size: 2.61 MiB
Proceed with installation? [Y/n]
:: Retrieving packages from extra...
warning: failed to retrieve some files from extra
bochs-2.4.6-1-i686 611.5 KiB 118K/s 00:05 [------------------] 97%
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.
***
After the patch, pacman will give more informative error message (and
pm_errno is set properly):
***
error: could not open file '/c/TEMP/capseo-1:0.3-2-i686.pkg.tar.xz.part': Invalid argument
error: failed to commit transaction (failed to retrieve some files)
***
Unfortunately, the "could not open file" error message is printed for
every mirror (that can be dozens of lines), which is ugly, but at least
informative... Without modifying the download logic (for example, by
introducing -2 return value for _alpm_download() to indicate giving up),
this ugliness cannot be eliminated.
Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
Mostly a waste of time. Sure, we no longer make sure your pacman
database partition has enough space, but if you are using this option
you better know what you are doing anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
(cherry picked from commit ee96900605)
If one had a mountpoint at '/e' (don't ask), a file being installed to
'/etc' would map to it incorrectly. Ensure we do more than just prefix
matching on paths by doing some more sanity checks once the simple
strncmp() call succeeds.
Signed-off-by: Dan McGee <dan@archlinux.org>
This reverts commit f3fa77bcf1 along with
making other necessary changes to fully back this (mis)feature out until
we can do it correctly.
The quick summary here is this was not implemented correctly; provides
are not fully taken into account in this logic, and making that happen
exposes a lot of other flaws in this code that are covered up later on
in the dependency resolving process by several other pieces of
convoluted and conditional logic.
Tests have been adjusted accordingly. Some test EXISTS conditions have
been removed as we already know the package is installed locally, and we
also are checking the VERSION condition anyway.
With these two related revert commits, we do have some changes in test
pass/fail results:
* upgrade078.py: does not pass, this is due to --recursive getting
removed for -U/-S operations after this commit.
* sync302.py: the version checks have been disabled, so this test
continues to pass but has been scaled back in scope.
* sync303.py: now passes, was failing before.
* sync304.py: still failing, was failing before.
* sync305.py: now passes, was failing before.
* sync306.py: still passes, was passing before.
Signed-off-by: Dan McGee <dan@archlinux.org>
Set errno to 0 at the start of _alpm_open_archive as it is not set when
archive_read_open_fd fails. This can result in _alpm_pkg_load_internal
thinking errno == ENOENT and setting the wrong pm_errno. e.g.
Before:
> testpkg pacman-4.0.1-4-i686.pkg.tar.gz.sig
error: could not open file pacman-4.0.1-4-i686.pkg.tar.gz.sig: Unrecognized archive format
Cannot find the given file.
After:
> testpkg pacman-4.0.1-4-i686.pkg.tar.gz.sig
error: could not open file pacman-4.0.1-4-i686.pkg.tar.gz.sig: Unrecognized archive format
Cannot open the given file.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Some distributions insist on using bash specific commands in their
install scripts under the assumption that "sh" is a symlink to bash.
This can causes issues if (e.g.) their users what to change sh to
point at another shell, such as dash, that does not support these
features. Add a configure option to explicitly set the shell being
used to run install scripts.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
pacman -U <pkg> returns a bogus "could not find or read package" if the
file is on a fuse file system that doesn't allow root access. Debug
output isn't very helpful here either so we should log why the access
check failed.
The other 2 checks already log something when failing so logging a more
specific error won't hurt either.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
The max filesize for a delta download must be the full size of the delta
file, not just what's remaining.
Fixes FS#28345
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is after some manual massaging to fix issues with newlines in some
translations of the script catalogs.
Signed-off-by: Dan McGee <dan@archlinux.org>
This makes several small adjustments to our exposed method names, and in
one case, parameters. The justification here is to make methods less odd
in their naming convention. If a method takes an alpm_db_t argument, the
method should be named 'alpm_db_*', but perhaps more importantly, if it
doesn't take a database as the first parameter, it should not.
Summary of changes:
alpm_db_register_sync -> alpm_register_syncdb
alpm_db_unregister_all -> alpm_unregister_all_syncdbs
alpm_option_get_localdb -> aplpm_get_localdb
alpm_option_get_syncdbs -> aplpm_get_syncdbs
alpm_db_readgroup -> alpm_db_get_group
alpm_db_set_pkgreason -> alpm_pkg_set_reason
All methods keep the same argument list except for alpm_pkg_set_reason;
there we drop the 'handle' argument as it can be retrieved from the
passed in package object.
Signed-off-by: Dan McGee <dan@archlinux.org>
Don't use trailing commas in enums if people really want to use a strict
C89 compiler, and document why on earth one particular enum uses bitmask
values when it doesn't seem necessary.
With comments, shoot for more consistency. When something is a
one-liner, keep it that way and move the whole /** sequence */ to one
line. When it needs more than one line, ensure we format most of them in
a similar fashion.
Two minor function signature adjustments are made that don't change
anything other than matching the parameter name (name -> filename)
and fitting in with our coding style (type* var -> type *var).
Signed-off-by: Dan McGee <dan@archlinux.org>
The pacman-scripts catalog is omitted here due to various newline errors
I don't have the time to fix right now.
Signed-off-by: Dan McGee <dan@archlinux.org>
Very rarely a segfault would occur when removing a number of packages
due to a corrupted list for the local database (FS#27805, FS#28195).
This was caused by the alpm_list_msort function not correctly dealing
with the two new head node's prev values.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This moves the code for removal of local database entries right into
be_local.c, which was the last user of the rmrf() function we had in our
utility source file. We can simplify the implementation and make it
non-recursive as we know the structure of the local database entries.
Signed-off-by: Dan McGee <dan@archlinux.org>