1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-13 21:05:05 -05:00
Commit Graph

2221 Commits

Author SHA1 Message Date
Dan McGee
53e525c4f3 Fix some strict 32-bit gcc warnings
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 16:25:21 -05:00
Dan McGee
86bc36412e curl_gethost() potential bug fixups
This is in the realm of "probably not going to happen", but if someone
were to translate "disk" to a string longer than 256 characters, we
would have a smashed/corrupted stack due to our unchecked strcpy() call.
Rework the function to always length-check the value we copy into the
hostname buffer, and do it with memcpy rather than the more cumbersome
and unnecessary snprintf.

Finally, move the magic 256 value into a constant and pass it into the
function which is going to get inlined anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13 15:16:10 -05:00
Dan McGee
ff87046354 Merge branch 'maint'
Conflicts:
	src/pacman/util.c
2011-10-13 11:25:50 -05:00
Dan McGee
12642a299b Add user-visible warning message if public keyring not found
This should help point users in the right direction if they have not
initialized via pacman-key just yet.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 17:54:08 -05:00
Dan McGee
6be492d2f7 Remove alpm_list_getdata wrapper function
This one is pretty darn useless. Just derefence the ->data attribute
since the type is public anyway and save yourself the function call.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:22:49 -05:00
Dan McGee
1b7d2b0cfa diskspace: extract check_mountpoint() function
This will be useful when extending disk space checks to free space
checking before we download package files.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:22:49 -05:00
Dan McGee
a27bdcfe51 _alpm_archive_fgets: optimize EOL search
Instead of iterating character by character, use memchr() calls to
hopefully speed up the search. A newline is the most likely culprit, so
search for that first followed by a NULL byte if there was no newline in
the buffer.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:22:48 -05:00
Dan McGee
2a18171afa signing: delay gpgme_init() until latest possible moment
In the default configuration, we can enter the signing code but still
have nothing to do with GPGME- for example, if database signatures are
optional but none are present. Delay initialization of GPGME until we
know there is a signature file present or we were passed base64-encoded
data.

This also makes debugging with valgrind a lot easier as you don't have
to deal with all the GPGME error noise because their code leaks like a
sieve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:20:47 -05:00
Dan McGee
89fe19f3e1 Convert MALLOC to actually call malloc()
If you need zero-filled allocations, call CALLOC() instead.

This was from the original definition of these macros in commit
cc754bc6e3be0f3; hopefully our code is in the shape it needs to be to
switch this behavior.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
980b3faea5 Move infrequently used path variables off the stack
These backup-related paths in package extraction are used on relatively
few files during the install process, so bump them off the stack and
into the heap. This removes the artificial PATH_MAX limitation on their
length as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
027a8a3260 Extract a try_rename helper from extract_single_file()
This moves the repetitive (and highly unlikely) logging work to a
single location.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
5f3629bea0 Introduce alpm_time_t type
This will always be a 64-bit signed integer rather than the variable length
time_t type. Dates beyond 2038 should be fully supported in the library; the
frontend still lags behind because 32-bit platforms provide no localtime64()
or equivalent function to convert from an epoch value to a broken down time
structure.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
759f435fb9 _alpm_parsedate: use strtoll() to parse numeric value
This prepares the function to handle values past year 2038. The return type
is still limited to 32-bits on 32-bit systems; this will be adjusted in a
future patch.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 14:01:25 -05:00
Dan McGee
a0d0f3f47f Final Transifex update before 4.0
We have a few incomplete translations, but these should be addressable
before the 4.0.1 maint release that is surely not that far in the
future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12 13:42:12 -05:00
Dan McGee
8cc4ed0d63 Update translations from Transifex
In prep for the 4.0.0 release.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11 09:07:19 -05:00
Dave Reisner
abfa8370c0 dload: unhook error buffer after transfer finishes
Similar to what we did in edd9ed6a, disconnect the relationship with our
stack allocated error buffer from the curl handle. Just as an FTP
connection might have some network chatter on teardown causing the
progress callback to be triggered, we might also hit an error condition
that causes curl to write to our (now out of scope) error buffer.

I'm unable to reproduce FS#26327, but I have a suspicion that this
should fix it.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-10 19:09:59 -05:00
Dan McGee
a8ca9b93f8 Update translation message catalogs in prep for 4.0 release
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:39:05 -05:00
Dan McGee
dc7d691b20 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05 22:30:14 -05:00
Dan McGee
cf0edb92ba Parse '0' as a valid package installed size
This was a bad oversight on my part, pointed out by Jakob. Whoops.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-04 15:31:17 -05:00
Dan McGee
c4d6688694 Use _alpm_local_db_pkgpath in _cache_changelog_open
Another place where we were doing the dirty work by hand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 11:08:49 -05:00
Dan McGee
39b0ac43fc Revamp scriptlet path formation for scriptlets in local database
Expose the current static get_pkgpath() function internally to the rest
of the library as _alpm_local_db_pkgpath(). This allows use of this
convenience function in add.c and remove.c when forming the path to the
scriptlet location.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:55:58 -05:00
Dan McGee
73139ccb3c Refactor _alpm_runscriptlet()
Add an is_archive parameter to reduce the amount of black magic going
on. Rework to use fewer PATH_MAX sized local variables, and simplify
some of the logic where appropriate in both this function and in the
callers where duplicate calls can be replaced by some conditional
parameter code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30 10:55:58 -05:00
Dave Reisner
ad8d3ceb89 move prevprogress onto payload handle
This is a poor place for it, and it will likely move again in the
future, but it's better to have it here than as a static variable.

Initialization of this variable is now no longer necessary as its
zeroed on creation of the payload struct.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-29 12:58:37 -05:00
Dan McGee
e0acf2f144 Refactor download payload reset and free
This was done to squash a memory leak in the sync database download
code. When we downloaded a database and then reused the payload struct,
we could find ourselves calling get_fullpath() for the signatures and
overwriting non-freed values we had left over from the database
download.

Refactor the payload_free function into a payload_reset function that we
can call that does NOT free the payload itself, so we can reuse payload
structs. This also allows us to move the payload to the stack in some
call paths, relieving us of the need to alloc space.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 13:01:03 -05:00
Dan McGee
9a58d5c6c5 Initialize cURL library on first use
Rather than always initializing it on any handle creation. There are
several frontend operations (search, info, etc.) that never need the
download code, so spending time initializing this every single time is a
bit silly. This makes it a bit more like the GPGME code init path.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 13:01:03 -05:00
Dan McGee
40a264478e Track unresolvable transaction packages
Rather than free them right away, keep the list on the transaction as
we already do with add and remove lists. This is necessary because we
may be manipulating pointers the frontend needs to refer to packages,
and we are breaking our contract as stated in the alpm_add_pkg()
documentation of only freeing packages at the end of a transaction.

This fixes an issue found when refactoring the package list display
code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:52:37 -05:00
Dan McGee
6e081a0c57 Move pacsave path construction code off the stack
This is definitely not in the normal hot path, so we can afford to do
some temporary heap allocation here.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:53 -05:00
Dan McGee
98e0371ae3 Use the full buffer when computing md5/sha256 sums
No wonder these were slower than expected. We were only reading 4
(32-bit) or 8 (64-bit) bytes at a time and feeding it to the hash
functions. Define a buffer size constant and use it correctly so we feed
8K at a time into the hashing algorithm.

This cut one larger `-Sw --noconfirm` operation, with nothing to
actually download so only timing integrity, from 3.3s to 1.7s.

This has been broken since the original commit eba521913d introducing
OpenSSL usage for crypto hash functions. Boy do I feel stupid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:42 -05:00
Dan McGee
f66f9f11cd Fix memory leak in download payload->remote_name
In the sync code, we explicitly allocated a string for this field, while
in the dload code itself it was filled in with a pointer to another
string. This led to a memory leak in the sync download case.

Make remote_name non-const and always explicitly allocate it. This patch
ensures this as well as uses malloc + snprintf (rather than calloc) in
several codepaths, and eliminates the only use of PATH_MAX in the
download code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:33 -05:00
Dan McGee
ea3c47825e Revert "libalpm: compare pkgname with strcoll"
This commit was made with the intent of displaying "correctly" sorted
package lists to users. Here are some reasons I think this is incorrect:

* It is done in the wrong place. If a frontend application wants to show
  a different order of packages dependent on locale, it should do that
  on its own.
* Even if one wants a locale-specific order, almost all package names
  are all ASCII and language agnostic, so this different comparison
  makes little sense and may serve only to confuse people.
* _alpm_pkg_cmp was unlike any other comparator function. None of the
  rest had any dependency on anything but the content of the structs
  being compared (e.g., they only used strcmp() or other basic
  comparison operators).

This reverts commit 3e4d2c3aa6.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 20:24:04 -05:00
Dan McGee
69962184bb _alpm_splitdep: use malloc instead of calloc
There was only one simple to handle case where we left a field
uninitialized; set it to NULL and use malloc() instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:52:38 -05:00
Dan McGee
d8fab9b441 be_sync: fetch only entry mode, not full stat struct
This saves a lot of unnecessary work since we don't need any of the
other fields in the stat struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:34 -05:00
Dan McGee
bf56fb6eb8 alpm_list: use malloc instead of calloc
In every case we were calling calloc, the struct we allocated (or the
memory to be used) is fully specified later in the method.

For alpm_list_t allocations, we always set all of data, next, and prev.

For list copying and transforming to an array, we always copy the entire
data element, so no need to zero it first.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:27 -05:00
Dan McGee
fa929e8258 Fix compilation using --without-gpgme
I'm really good at breaking this on a regular basis. If only we had some
sort of automated testing for this...

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:15:36 -05:00
Dan McGee
b242b2d050 Remove unnecessary logger
This is just a wrapper function; the real function we call logs an
almost identical line.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:08:01 -05:00
Dan McGee
47657107af Delay check for repository servers until we need them
In the sync download code, we added an early check in 6731d0a940 for
sync download server existence so we wouldn't show the same error over
and over for each file to be downloaded. Move this check into the
download block so we only run it if there are actually files that need
to be downloaded for this repository.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 07:53:38 -05:00
Dan McGee
80b0f27125 Ensure fileconflict value is actually a string
When we switched to a file object and not just a simple string, we missed an
update along the way here in target-target conflicts. This patch looks
large, but it really comes down to one errant (char *) cast before that has
been reworked to explicitly point to the alpm_file_t object. The rest is
simply code cleanup.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 17:36:29 -05:00
Dan McGee
2517ba3303 Update Doxyfile and fix some documentation errors caught by Doxygen
A few parameters were outdated or wrongly named, and a few things were
explicitly linked that Doxygen wasn't able to resolve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:37:36 -05:00
Dan McGee
c406949226 Ensure database validity flags are set in invalid signature case
We returned the right error code but never set the flags accordingly.
Also, now that we can bail early, ensure we set the error code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:11 -05:00
Dan McGee
1e0ed133f4 Handle key import errors correctly and with good error messages
This adds calls to gpgme_op_import_result() which we were not looking at
before to ensure the key was actually imported. Additionally, we do some
preemptive checks to ensure the keyring is even writable if we are going
to prompt the user to add things to it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:10 -05:00
Dan McGee
907e8af5be signing: be consistent with returning -1 for error cases
This also fixes a segfault found by dave when key_search is
unsuccessful; the key_search return code documentation has also been
updated to reflect reality.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:05 -05:00
Dan McGee
43787d0067 Regenerate message catalogs and translations
We've had a bit of churn since the last time this was done.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:36:09 -05:00
Dan McGee
a78e3e3a23 Translation file updates from Transifex
Pick up any updates before I push new source messages out to the
service.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:35:31 -05:00
Dan McGee
6767de5380 Add status and check for key being disabled
Because we aren't using gpgv and a dedicated keyring that is known to be
all safe, we should honor this flag being set on a given key in the
keyring to know to not honor it. This prevents a key from being
reimported that a user does not want to be used- instead of deleting,
one should mark it as disabled.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
765178c5ba Implement PGP key search and import
Add two new static methods, key_search() and key_import(), to our
growing list of signing code.

If we come across a key we do not have, attempt to look it up remotely
and ask the user if they wish to import said key. If they do, flag the
validation process as a potential 'retry', meaning it might succeed the
next time it is ran.

These depend on you having a 'keyserver hkp://foo.example.com' line in
your gpg.conf file in your gnupg home directory to function.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:31 -05:00
Dan McGee
0ef7129a4a signing: document most undocumented functions
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:06:03 -05:00
Dan McGee
4849a4596d Add _alpm_process_siglist() logic to failed package validation
This moves the result processing out of the validation check loop itself
and into a new loop. Errors will be presented to the user one-by-one
after we fully complete the validation loop, so they no longer overlap
the progress bar.

Unlike the database validation, we may have several errors to process in
sequence here, so we use a function-scoped struct to track all the
necessary information between seeing an error and asking the user about
it.

The older prompt_to_delete() callback logic is still kept, but only for
checksum failures. It is debatable whether we should do this at all or
just delegate said actions to the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
0a4a5cea97 Add new import key question enum value and stub frontend function
This is for eventual use by the PGP key import code. Breaking this into
a separate commit now makes the following patches a bit easier to
understand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
d36d70d294 Add alpm_capabilities() method and enumeration
This allows a frontend program to query, at runtime, what the library
supports. This can be useful for sanity checking during config-
requiring a downloader or disallowing signature settings, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:35 -05:00
Dan McGee
33f2518531 Move default siglevel value from backend to frontend
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.

Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:30 -05:00
Dan McGee
01f5c9e79a validate_deltas: split verify/check errors loops
This allows us to do all delta verification up front, followed by
whatever needs to be done with any found errors. In this case, we call
prompt_to_delete() for each error.

Add back the missing EVENT(ALPM_EVENT_DELTA_INTEGRITY_DONE) that
accidentally got removed in commit 062c391919.

Remove use of *data; we never even look at the stuff in this array for
the error code we were returning and this would be much better handled
by one callback per error anyway, or at least some strongly typed return
values.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:24 -05:00
Dan McGee
5e7875ae6a Fix possible segfault if siglist was empty
If siglist->results wasn't a NULL pointer, we would try to free it
anyway, even if siglist->count was zero. Only attempt to free this
pointer if we had results and the pointer is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:31:28 -05:00
Dan McGee
3a460a8be6 Remove noisy debug logger
This one can be overwhelming when reading debug output from a very large
package. We already have the output of each extracted file so we
probably can do without this in 99.9% of cases.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-21 13:02:35 -05:00
Dan McGee
8375ad214a _alpm_sync_commit: extract two static methods
This adds two new static methods, check_validity() and load_packages(),
to sync.c which are simply code fragments pulled out of our
do-everything sync commit code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
b7ebacc576 Pass package signature data up one more level
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
ec790ced7c signing: add a process and retry loop for database signatures
In reality, there is no retrying that happens as of now because we don't
have any import or changing of the keyring going on, but the code is set
up so we can drop this in our new _alpm_process_siglist() function. Wire
up the basics to the sync database validation code, so we see something
like the following:

    $ pacman -Ss unknowntrust
    error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust
    error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust
    error: database 'core' is not valid (invalid or corrupted database (PGP signature))

    $ pacman -Ss missingsig
    error: core: missing required signature
    error: core: missing required signature
    error: database 'core' is not valid (invalid or corrupted database (PGP signature))

Yes, there is some double output, but this should be fixable in the
future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
994cb4da4f Allow our PGP helper method to pass back the signature results
This will make its way up the call chain eventually to allow trusting
and importing of keys as necessary.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
a27f993600 Split package validation and load loops
This adds a some new callback event and progress codes for package
loading, which was formerly bundled in with package validation before.
The main sync.c loop where loading occurred is now two loops running
sequentially. The behavior should not change with this patch outside of
progress and event display; more changes will come in following patches.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
afdbfc05f7 Extract an _alpm_pkg_validate_internal() method
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of
the method that dealt with checksum and signature validation into a
separate method that should be called before one loads a package to
ensure it is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
79cbce60ac Remove all usages of alpm_list_getdata() from the library
No need for the indirection; just access ->data instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
70e2c34f0f _alpm_runscriptlet(): remove clean_tmpdir variable
This is always true at the end since we return early if we couldn't
create the tmpdir, so it is totally unnecessary.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
3796164848 Access db->pkgcache directly in db_free_pkgcache()
We shouldn't be going through the accessor that does a bunch of
unnecessary legwork, including potentially loading the pkgcache right
before we free it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
288a81d847 Use more efficient way of restoring working directory
Rather than using a string-based path, we can restore the working
directory via a file descriptor and use of fchdir().

From the getcwd manpage:
    Opening the current directory (".") and calling fchdir(2) to
    return is usually a faster and more reliable alternative when
    sufficiently many file descriptors are available.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 14:11:08 -05:00
Dan McGee
bfe36c2ddf Reduce path allocation on the stack in local database
We did a lot of both malloc-ing and stack printing to form some paths in
this code. Attempt to unify it all into the one get_pkgpath() method by
adding an optional third "filename" parameter, and form the necessary
path string all in one go.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:43:13 -05:00
Dan McGee
e1899cbc64 Be smarter about running ldconfig during removal transactions
1. Don't run it if something failed in package removal- this mirrors
what we already do in sync transactions.
2. Don't run it if we are invoking it for the replaces removal bit of a
sync transaction- it doesn't make sense to run ldconfig halfway through
a sync install; we should only run it once at the end.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:18:42 -05:00
Dan McGee
a94ad29740 Search for non-prefixed paths in skip_remove list
We add them to this list with the root path not appended; we should be
searching for them this way as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:17:16 -05:00
Dan McGee
41d8deff88 be_local: cope with a desc file without trailing newline
We checked the (fgets == NULL and !feof) case, but never actually bailed
out of the loop if we were at the end of the file, causing infinite
looping.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:32:15 -05:00
Dan McGee
86d9fcbfff Remove const specifier from changelog_read() void parameter
This shouldn't really be declared with const, and causes a compile error
when -Wcast-qual is used. Remove the const specifier from the function
specification and all implementations.

Also fix one other trivial -Wcast-qual warning in _alpm_db_cmp().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:11:39 -05:00
Dan McGee
69a3558b75 Remove dead changelog_feof() code
We never ended up using or really needing this; kill it for now knowing
it is in git history if ever needed again.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:03:56 -05:00
Dave Reisner
07e89c1e5d dload: avoid using memrchr
This function doesn't exist on OSX. Since there aren't any other
candidates in alpm for which this function would make sense to use,
simply replace the function call with a loop that does the equivalent.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 16:57:59 -05:00
Dan McGee
52c65fdfea Ensure entire struct is zeroed in _alpm_parsedate()
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 16:57:26 -05:00
Dave Reisner
223a92ca9d dload: remove user:pass@ definition from hostname
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 15:35:58 -05:00
Dan McGee
a7d7798032 Fix build without gpgme
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 15:34:28 -05:00
Dave Reisner
3905ada993 account for partial delta files in download size
Similar to an earlier commit which accounts for .part files for full
packages, calculate the download_size for deltas keeping mind the
possibility of a partial transfer.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:10:48 -05:00
Dave Reisner
d8eacae7bc make compute_download_size consider .part files
Check for the existance of a partial download of a package file before
jumping to delta calculations. Currently, if there were 10MiB remaining
in a 100MiB the values passed to the front end do not reflect this.

Refactored from an old patch originally by Dan.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:09:04 -05:00
Dave Reisner
befddfc3e6 dload: provide optional netrc support
if ~/.netrc exists and has credentials for the hostname requested in a
download, they will be provided in an http auth request. This can still
be overridden by explcitly declaring user:pass in the URL.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:07:25 -05:00
Dave Reisner
db70c9da15 diskspace: fix memory leak on root mount not found
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-08 14:18:19 -05:00
Dan McGee
8ffa2b24a5 Use more correct integer types in diskspace checks
This adjusts type usage to match POSIX provided types from
<sys/types.h> rather than assuming everything will fit in a long or
unsigned long. Use fsblkcnt_t (unsigned) and blkcnt_t (signed) as
appropriate. These are affected the same way off_t is on 32 bit
platforms, where the types are extende to 64 bits if large file support
is enabled.

Because most numbers here are block counts, this isn't
near as pressing as using a 32-bit variable for file sizes where
anything over 2GiB can burn you; we likely can support files at least
512 but mainly 4096 times larger.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-07 21:05:04 -05:00
Dan McGee
3e08614fda Ensure PackageRequired works as expected
Changes in commit dc3336c277 caused this to stop working as expected for
sync packages, due to the way the logic is structured. Ensure we always
enter the signature code if the bitflag is flipped on to check
signatures for packages. Rename 'use_sig' to 'has_sig' for clarity.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-07 20:51:35 -05:00
Dan McGee
8d0ff3d7dc dload: use intmax_t when printing off_t
This works for both 32-bit and 64-bit platforms.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-06 11:44:29 -05:00
Dave Reisner
a4e0d3e930 dload: abstract dload_interrupted reasons
This gives us some amount of room to grow in case we ever find another
reason that we might return with an error from the progress callback.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-06 08:44:14 -05:00
Dave Reisner
6c236277a3 dload: improve debug output
We lost some of this output in the fetch->curl conversion, but I also
noticed in FS#25852 that we just lack some of this useful information
along the way.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-06 08:44:09 -05:00
Dave Reisner
400942fedf avoid blowing out the filecache list when using tmpdir
_alpm_filecache_setup() destroys the list of cachedirs when it finds no
writeable directories in the config. This put us in an awkward situation
where _alpm_filecache_find() would locate a downloaded file in a r/o
cachedir, but then fail to install it after _alpm_filecache_setup() is
called (with a NULL argument). Change this behavior to merely prepend
the temporary directory to the list of available cachedirs.

Dan exposed it in e07547ee4e, as now a package can be found in a
directory we may not be able to actually store packages in.

Reported-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-06 08:42:02 -05:00
Dan McGee
7ea1ea88bb More package operations cleanup
Neither deltas nor filename attributes are ever present in the local
database, so we can remove all of the indirection for accessing these
attributes.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 22:07:06 -05:00
Dan McGee
98fdfa1968 Former transaction callback rename refactor
Put all the callback stuff in alpm.h in one spot, and make the following
renames for clarity with the new structure:

ALPM_TRANS_EVT_* --> ALPM_EVENT_*
ALPM_TRANS_CONV_* --> ALPM_QUESTION_*
ALPM_TRANS_PROGRESS_* --> ALPM_PROGRESS_*
alpm_option_get_convcb() --> alpm_option_get_questioncb()
alpm_option_set_convcb() --> alpm_option_set_questioncb()

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:45:08 -05:00
Dan McGee
37da18aee8 Move all callbacks up to the handle level
This was just disgusting before, unnecessary to limit these to only
usage in a transaction. Still a lot of more room for cleanup but we'll
start by attaching them to the handle rather than the transaction we may
or may not even want to use these callbacks.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:45:03 -05:00
Dan McGee
062c391919 Make delta validation/application more logical
The call to apply was tucked inside validate, and the EVENT callbacks
were done outside the function rather than inside. Reorganize things a
bit to make more sense.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 21:44:39 -05:00
Dan McGee
83a1e4fee3 Clean up handling of size fields
We currently have csize, isize, and size concepts, and sometimes the
difference isn't clear. Ensure the following holds:

* size (aka csize): always the compressed size of the package; available
  for everything except local packages (where it will return 0)
* isize: always the installed size of the package; available for all
  three package types

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-02 19:26:07 -05:00
Dan McGee
ad051f7328 _alpm_parsedate(): return time_t and not long
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-01 12:36:11 -05:00
Dan McGee
06b228b20f Scale package integrity progress bar/percentage by package size
This upgrades the simple 15/17 scaling by package number we used before
to package sized based scaling, which is much more accurate. Addresses
some of the issues raised in FS#25817.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-30 08:23:32 -05:00
Allan McRae
19c3880ec9 Remove outdated comment for _alpm_outerconflicts
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-30 08:11:57 -05:00
Dan McGee
234b6ffc2c Parse > 2GiB file sizes correctly
We were using atol(), which on 32 bit, cannot handle values greater than
2GiB, which is fail.

Switch to a strtoull() wrapper function tailored toward parsing off_t
values. This allows parsing of very large positive integer values. off_t
is a signed type, but in our usages, we never parse or have a need for
negative values, so the function will return -1 on error.

Before:
    $ pacman -Si flightgear-data | grep Size
    Download Size  : 2097152.00 K
    Installed Size : 2097152.00 K

After:
    $ ./src/pacman/pacman -Si flightgear-data | grep Size
    Download Size  : 2312592.52 KiB
    Installed Size : 5402896.00 KiB

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-29 19:57:05 -05:00
Helder Martins
d74dad79b7 lib/libalpm/handle.c: Removed redundant if condition
Signed-off-by: Helder Martins <heldermartins89@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-29 19:56:24 -05:00
Dan McGee
499e09734b Streamline alpm_splitdep() comparisons
This reduces from 5 to 3 the number of searches needed on the string
looking for a comparison operator, since we can so a second quick
comparison looking for '=' if we find '<' or '>'. It also makes every
search doable with strchr() or memchr() rather than the slower strstr()
method.

In testing, only 10% of splitdep calls (~1600 / 16000) during an -Ss
database load found a version comparison operator, so optimizing the not
found path to be require less work makes sense.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-29 19:54:18 -05:00
Dan McGee
8973875a1f _alpm_splitdep(): don't pass bogus length value to strndup
If we fell through to the ALPM_DEP_MOD_ANY case, ptr would be NULL, and
we would pass (0 - <str>), which is a rather large negative number or
bogus positive number, depending on signed/unsigned. Just use strdup in
the case where we don't have a ptr available.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 23:50:28 -05:00
Dan McGee
b221af660d Database read optimizations
Hard to believe there was still more room to improve on this, but I
found an easily correctable oversight tonight. Our databases (both sync
and local) contain many blank lines, and we were not moving onto the
next line right away in these cases; instead we would proceed through
our strcmp() conditional checks as normal.

Some local numbers follow to show the effects of this patch:

Sync `-Ss foobarbaz`:
71,709 blank lines skipped early
~1,505,889 strcmp() calls avoided (21 per line)
~15% speed improvement (.210 --> .179 sec)

Local `-Qs foobarbaz`:
6,823 blank lines skipped early
115,991 strcmp() calls avoided (17 per line)
~6% speed improvement (.080 -> .071 sec)

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 23:49:27 -05:00
Dan McGee
040083b97f Allow access to package origin data
Add new alpm_pkg_get_origin() method, use it in the front end now that
the enum constants are publicly available.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 23:41:17 -05:00
Diogo Sousa
3a458783a2 Removed multiple definitions of pkgfrom_t
libalpm now exports type alpm_pkgfrom_t in alpm.h, which may be used
by frontends.

Pacman now uses alpm_pkgfrom_t instead of replicating that type (pkg_from
as was in src/pacman/package.h)

Updated API change in README.

Signed-off-by: Diogo Sousa <diogogsousa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 23:30:10 -05:00
Dan McGee
2cfcc874b9 Better error handling out of package load method
There are many other ways to fail a package load other than "file not
found". We should also use the correct error code in this case. Clean it
up a bit in the various callers.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:41 -05:00
Dan McGee
dc3336c277 Refactor some args out of pkg_load_internal
Just pass the entire sync package in if we have it; that way we can do
any necessary operations involving it rather than have a parameter list
growing endlessly.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:19 -05:00
Dan McGee
c7e4005e5c Add more info to debug key display
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:10 -05:00
Dan McGee
de43d00db0 Refactor signature result return format
I was trying to take a shortcut and not introduce a wrapper struct for
the signature results, so packed it all into alpm_sigresult_t in the
first iteration. However, this is painful when one wants to add new
fields or only return information regarding a single signature.

Refactor the type into a few components which are exposed to the end
user, and will allow a lot more future flexibility. This also exposes
more information regarding the key to the frontend than was previously
available.

The "private" void *data pointer is used by the library to store the
actual key object returned by gpgme; it is typed this way so the
frontend has no expectations of what is there, and so we don't have any
hard gpgme requirement in our public API.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:51:54 -05:00
Diogo Sousa
12387ca4e5 lib/libalpm/signing.c: Fix memory leak in decode_signature() in case of error.
Signed-off-by: Diogo Sousa <diogogsousa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:50:22 -05:00
Lukas Fleischer
0dad2f6e62 lib/libalpm/util.c: Fix two memory leaks
Free "md5sum" if md5_file() fails in alpm_compute_md5sum(). Free
"sha256sum" if sha2_file() fails in alpm_compute_sha256sum().

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:49:02 -05:00
Dan McGee
a12a4ea396 Check local database status flag in db_write sanity check block
Do all the checks at once; this also avoids the 'return' call after we
have allocated memory for "pkgpath" as well as tweaked the umask.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:46:09 -05:00
Lukas Fleischer
455ca55f4e be_sync.c: Fix memory leak in alpm_db_update()
Free "syncpath" and restore umask if we fail to grab a lock.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:40:22 -05:00
Dan McGee
84d6de806b Fix possible mismatched type with several curl arguments
After commit 2e7d002315, we use off_t rather than long variables.
Use the _LARGE variants of the methods to indicate we are passing off_t
sized variables, and cast using (curl_off_t) accordingly.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:36:50 -05:00
Dan McGee
5a07b75b22 Always process validity value returned by gpgme
Don't force 'never'; you should be checking both the status and validity
anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 17:41:47 -05:00
Dan McGee
be72e10015 Fix small memory leak in sig check code
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 17:41:27 -05:00
Dan McGee
c5982a3eb5 strtrim: don't move empty string
There were many cases where the string coming in was a blank line, e.g.
"\n\0", length 1. The trim routine starts by trimming leading spaces,
thus trimming everything. We would then proceed to do a memmove of the
NULL byte, which is completely worthless as we can just assign it
instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 17:14:19 -05:00
Dan McGee
e1dce078b2 Remove argument from check_pgp_helper
This one wasn't all that necessary as we only used it in one place in
the function, which can be checked easily enough at the call site.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:12:49 -05:00
Dan McGee
6aa9fdce5a Remove trans is NULL check in QUESTION/EVENT/PROGRESS macros
trans cannot (and better not) be NULL at any point when these are being
called.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:12:33 -05:00
Dan McGee
f7a3c4c8df Finish large file download attack prevention
This handles the no Content-Length header problem as stated in the
comments of FS#23413. We add a quick check to the callback that will
force an abort if the downloaded data exceeds the payload size, and then
check for this error in the post-download cleanup code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:09:52 -05:00
Dan McGee
2e7d002315 Use off_t rather than double where possible
Beautiful of libcurl to use floating point types for what are never
fractional values. We can do better, and we usually want these values in
their integer form anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:09:52 -05:00
Dan McGee
f0357e415c Add new 'lt' and 'zh_TW' translations from transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:04:41 -05:00
Dan McGee
5c48ca3239 Update existing translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:04:41 -05:00
Diogo Sousa
268d0bbcbe Improved alpm_list_mmerge() performance (fixed coding style)
Improved alpm_list_mmerge() performance by removing an extra
pass to obtain the tail node.

This was actually suggested by a TODO comment.

Signed-off-by: Diogo Sousa <diogogsousa@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-24 11:27:11 -05:00
Dan McGee
30d978a966 vercmp: ensure 2.0a and 2.0.a do not compare equal
We had this interesting set of facts conundrum, according to vercmp
return values:
    2.0a <  2.0
    2.0  <  2.0.a
    2.0a == 2.0.a

This introduces a code change that ensures '2.0a < 2.0.a' as would be
expected by the first two comparisons. Unfortunately this stays us a bit
further from upstream RPM code, but those are the breaks (in RPM, the
versions involving 'a' do in fact compare the same, but they are both
greater than the bare '2.0').

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-23 01:49:29 -05:00
Dan McGee
cc03d6366a Style-match rpmvercmp code with upstream
Not sure how or why some of this differed, but it is easy enough to set
it back to how it was so it is easier to diff.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-23 01:47:45 -05:00
Dave Reisner
6731d0a940 sync: halt file discovery if repo has no servers
This avoids error spam when no servers are configured for a repo and a
sync operation is performed:

Proceed with installation? [Y/n] y
:: Retrieving packages from testing...
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing
warning: failed to retrieve some files from testing

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-23 00:49:14 -05:00
Dan McGee
762cbf574b dload: prevent need to copy struct in mask_signal()
Since we store this directly in the download function, just rework
mask_signal() to take a pointer to a location to store the original.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:27:13 -05:00
Dave Reisner
f3e2858621 dload: extract tempfile creation to its own function
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:23:18 -05:00
Dave Reisner
c65cea0dcb dload: move (un)masking of signals to separate functions
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:23:14 -05:00
Dave Reisner
10cbfc956c dload: move curl option setting to static function
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:19:38 -05:00
Dave Reisner
d64c409913 dload: add open_mode to payload struct
This is a precursor to a following patch which will move the setting of
options to a separate function. With the open mode as part of the
struct, we can avoid modifying stack allocated variables.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:18:00 -05:00
Dave Reisner
592ed13bce dload: rename cd_filename to content_disp_name
This is more in line with the menagerie of file name members that we now
have on the payload struct.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:15:11 -05:00
Dave Reisner
329a7b7e24 dload: move tempfile and destfile to payload struct
These are private to the download operation already, so glob them onto
the struct. This is an ugly rename patch, with the only logical change
being that destfile and tempfile are now freed by the payload_free
function.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-22 09:14:45 -05:00
Dan McGee
d9e5dab6ac Remove alpm_option_get_* usage from backend
These are all available directly on the handle without indirection.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 19:12:21 -05:00
Dave Reisner
d307ed5eb9 dload: remove unused macro
This was a vestige leftover from the libfetch days of yore.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 19:01:57 -05:00
Dave Reisner
82fc816d79 dload: delete zero length downloads on curl error
In the case of a non-operation (e.g. DNS resolver error), delete the
leftover 0 byte .part file.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 19:00:58 -05:00
Dave Reisner
43940f591e dload: rename payload->filename to payload->remote_name
This is a far more accurate description of what this is, since it's more
than likely not really a filename at all, but the name after a final
slash on a URL.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 19:00:40 -05:00
Dave Reisner
eae363c96f dload: remove code duplication
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 19:00:13 -05:00
Dan McGee
e07547ee4e Rework finding a writable cache directory
This is a refactor and refresh of the code used to find where we should
download packages.

* Incorporate suggestions from FS#25435 to use TMPDIR from the
  environment if set, otherwise fall back to /tmp as before.
* Make the writability tests a bit more in depth. We now do a three part
  check consisting of:
  - S_ISDIR(): is this even a directory
  - access(W_OK): is this directory writable by the current user.
    Unfortunately for root, this almost always returns that it is, but
    in the case of a RO mount or NFS share inaccessible to root, this
    check will exclude the directory.
  - mode & (any write bit): is there a writable bit set on this
    directory. This makes it possible to enforce a read-only cache
    directory by setting permissions to 0555, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 13:10:17 -05:00
Dan McGee
6d544984f2 Be more robust when copying package data
This changes the signature of _alpm_pkg_dup() to return an integer error
code and provide the new package in a passed pointer argument. All
callers are now more robust with checking the return value of this
function to ensure a fatal error did not occur.

We allow load failures to proceed as otherwise we have a chicken and egg
problem- if a 'desc' local database entry is missing, the best way of
restoring said file is `pacman -Sf --dbonly packagename`. This patch
fixes a segfault that was occurring in this case.

Fixes the segfault reported in FS#25667.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 11:09:57 -05:00
Dave Reisner
9934b3bd34 lib/dload: unlink on response code >=400
ftp and http both define >=400 as being "something bad happened"

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:54:58 -05:00
Dave Reisner
24824b54ce dload: add 'unlink_on_fail' to payload struct
Let callers of _alpm_download state whether we should delete on fail,
rather than inferring it from context. We still override this decision
and always unlink when a temp file is used.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:43:19 -05:00
Dave Reisner
1723e6dc4f lib/dload: prevent possible NULL dereference
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:41:55 -05:00
Dave Reisner
16334f778b sync: fix garbled output in conflict prompt
$ pacman -S cronie
resolving dependencies...
looking for inter-conflicts...
:: cronie and fcron are in conflict (@.). Remove fcron? [y/N] n

$ sudo pacman -S pacman
resolving dependencies...
looking for inter-conflicts...
:: pacman and pacman-git are in conflict (pKÈ). Remove pacman-git? [y/N]

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19 09:40:07 -05:00
Dan McGee
6cfc4757b9 Convert resolvedep() to use _alpm_depcmp_literal()
The whole first loop is trying to check literals only, so teach it to do
so. Also, reorder operations to make more sense by putting the strcmp()
first in the literal loop, and using a very cheap name_hash check first
in the second loop.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
3752edbff4 Fix replacement of provider issue
When we switched to using alpm_depcmp() in resolving replacments, we had
some interesting behavior with regard to providers and packages not
found in repositories. Teach the replacement resolving code to not look
at provisions at all to be slightly more sane.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
d008a816f1 Add an _alpm_depcmp_literal() function
This omits the finding of matching provisions and only checks the
package itself against the provided dep.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
78b63ce7c3 Replacements refactor: extract check_replacers()
This moves code that was inline in alpm_sync_sysupgrade() to its own
method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
231d6cc1e4 Replacements refactor: extract check_literal()
This moves code that was inline in alpm_sync_sysupgrade() to its own
method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
5d291d050e Remove usages of alpm_list_next() in backend
Another function call that can be replaced by a single pointer
dereference.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
c4bd476ad1 Remove use of no-op accessor functions in library
The functions alpm_db_get_name(), alpm_pkg_get_name(), and
alpm_pkg_get_version() are not necessary at all, so remove the calling
and indirection when used in the backend, which makes things slightly
more efficient and reduces code size.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Dan McGee
c885a953eb Enhance and utilize database status flags
* Move is_local standalone field to status enum
* Create VALID/INVALID flag pair
* Create EXISTS/MISSING flag pair

With these additional fields, we can be more intelligent with database
loading and messages to the user. We now only warn once if a sync
database does not exist and do not continue to try to load it once we
have marked it as missing.

The reason for the flags existing in pairs is so the unknown case can be
represented. There should never be a time when both flags in the same
group are true, but if they are both false, it represents the unknown
case. Care is taken to always manipulate both flags at the same time.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Lukas Fleischer
d18e600952 lib/libalpm/dload.c: Use STRDUP() instead of strdup()
Use the STRDUP macro instead of strdup() for the sake of better error
handling on memory allocation failures.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 10:47:41 -05:00
Lukas Fleischer
0745288c14 lib/libalpm/dload.c: Add ASSERT() to alpm_fetch_pkgurl()
Return with ALPM_ERR_WRONG_ARGS instead of causing a potential segfault
if alpm_fetch_pkgurl() is invoked with a NULL URL.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18 07:38:31 -05:00
Dave Reisner
9f139550f8 lib/dload: refactor deletion on failure
This moves all the delete-on-fail logic to under cleanup label. This
also implies should_unlink when a payload is received that doesn't allow
resuming.

Fixes .db.sig.part files leftover in the sync dir.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 21:03:43 -05:00
Dave Reisner
2dbdfe0788 lib/dload: avoid renaming download to 0 length destfile
This leverages earlier work that avoids a rename when destfile is unset.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:31:04 -05:00
Lukas Fleischer
b9833838c6 Avoid stat() on NULL path in curl_download_internal()
stat()'s behaviour is undefined if the first argument is NULL and might
be prone to segfault. Add an additional check to skip the stat()
invocation if no destfile is used.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:30:52 -05:00
Lukas Fleischer
9cddc4ad80 Skip rename() on NULL destfile in curl_download_internal()
Avoid a potential segfault that may occur if we use a temporary file and
fail to build the destination file name from the effective URL.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17 17:30:41 -05:00
Dan McGee
b952a3b08c Fix compilation using --without-gpgme
This function is used regardless of whether gpgme support is enabled, so
make sure it is always accessible.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 19:51:21 -05:00
Dave Reisner
b008193c12 dload: zero out pm_errno in curl_download_internal
This reverts some hacky behavior from 5fc3ec and resets the handle's
pm_errno where it should be reset -- prior to each download. This
prevents a transaction with a download from being aborted when a package
is successfully grabbed from a secondary server.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16 19:37:14 -05:00
Dan McGee
1175702828 Update message catalogs
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 16:09:45 -05:00
Dan McGee
d4a92cacc6 Update translations from Transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 16:09:11 -05:00
Dan McGee
11f4a7a48e Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum

Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 15:15:11 -05:00
Rémy Oudompheng
855bc16a9e libalpm: fix a remaining old syntax of RET_ERR() macro
It would prevent compilation of pacman on FreeBSD, and possibly other
systems.

Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:55:14 -05:00
Dave Reisner
5fc3ecf7f8 lib/sync: ignore download errors for as long as possible
Previously, the behavior was such that if a sync operation required
packages from multiple repos, a download error in the first repo would
cause a hard repo, ignoring the remainder of the repositories. Change
this behavior so that we do a better job of fetching as many packages as
possible before aborting the transaction.

There's a little bit of refactoring mixed in here to get rid of some
useless variables. Since we now depend heavily on the value of
handle->pm_errno being accurate the determine the function's return
value, we clear it when the transaction state is set.

Fixes FS#25532.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:54:21 -05:00
Dan McGee
796eaaed40 Further fixes to replacement iteration
A partial fix for this was in commit 7de92cb22, but this should fix the
remaining cases. There are still several issues dealing with "provision
as replacement" selection however.

Addresses FS#25538 and FS#25527.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 14:47:19 -05:00
Dan McGee
a628feee46 Parse conflicts/provides/replaces at database load time
We did this with depends way back in commit c244cfecf6 in 2007. We
can do it with these fields as well.

Of note is the inclusion of provides even though only '=' is supported-
we'll parse other things, but no guarantees are given as to behavior,
which is more or less similar to before since we only looked for the
equals sign.

Also of note is the non-inclusion of optdepends; this will likely be
resolved down the road.

The biggest benefactors of this change will be the resolving code that
formerly had to parse and reparse several of these fields; it only
happens once now at load time. This does lead to the disadvantage that
we will now always be parsing this information up front even if we never
need it in the split form, but as these are uncommon fields and our
parser is quite efficient it shouldn't be a big concern.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:56:41 -05:00
Dan McGee
bd5ec9cd8e Validate the sha256sum if available
Adjust load_internal() to check the sha256sum value if we have it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:13:35 -05:00
Dan McGee
fa4aad5b50 decode_signature: guess signature data length for efficiency
We may end up allocating 1 or 2 extra bytes this way, but it is worth it
to simplify the method and not have to call base64_decode() a second
time. Use the hueristic that base64 encoding produces 3 bytes of decoded
data for every 4 bytes of encoded data.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
f3f39cef84 Remove checksum access indirection
These items are never present in anything but sync databases, nor do we
even try to load them from the local database. Remvoe the indirection
meant to allow the caching layer to work since it will never do anything
anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dave Reisner
7de92cb223 lib/sync: reset flag after rejecting a replace
This prevents iteration through the remainder of the current tree, with
pacman claiming that they're all replacements to the original
replacement candidate.

:: Synchronizing package databases...
 allanbrokeit is up to date
 testing is up to date
 core is up to date
 extra is up to date
 community-testing is up to date
 community is up to date
:: Starting full system upgrade...
:: Replace util-linux-git with core/util-linux? [Y/n] n
:: Replace util-linux-git with core/vi? [Y/n] n
:: Replace util-linux-git with core/vpnc? [Y/n] n
:: Replace util-linux-git with core/wget? [Y/n] n
:: Replace util-linux-git with core/which? [Y/n] n
:: Replace util-linux-git with core/wireless-regdb? [Y/n] n
:: Replace util-linux-git with core/wireless_tools? [Y/n] n
:: Replace util-linux-git with core/wpa_actiond? [Y/n] n
:: Replace util-linux-git with core/wpa_supplicant? [Y/n] n
:: Replace util-linux-git with core/xfsprogs? [Y/n] n
:: Replace util-linux-git with core/xinetd? [Y/n] n
:: Replace util-linux-git with core/xz? [Y/n] n
:: Replace util-linux-git with core/zd1211-firmware? [Y/n] n
:: Replace util-linux-git with core/zlib? [Y/n] n
 there is nothing to do

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:59 -05:00
Dan McGee
ebb2e36cc4 Load and allow access to sha256sum
This adds a field in the package struct for this checksum type as well
as allowing access via the API to it. The frontend is now able to
display any read value. Note that this does not implement any use or
verification of the value internally.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:11:55 -05:00
Dan McGee
31f2e0cba3 Add ALPM sha256sum routines
These mirror ones we already have for md5sums.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:07:13 -05:00
Dan McGee
ff88228abd Add sha2 (sha256) routines from PolarSSL
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:07:13 -05:00
Dave Reisner
20b5cc96be pacman/package: show presence of signature in in -Si
adds a new API method: alpm_pkg_get_base64_sig

[Dan: don't use a new header string in frontend]

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 07:06:23 -05:00
Dave Reisner
05f87e0b09 alpm.h: fix inconsistency in function prototype
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:30:58 -05:00
Dave Reisner
6bf60568f8 lib/dload: avoid deleting .part file on too-slow xfer
Take this opportunity to refactor the if/then/else logic into a
switch/case which is likely going to be needed to fine tune more
exceptions in the future.

Fixes FS#25531

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:26:08 -05:00
Dan McGee
83f076d3a8 Update base64 PolarSSL code
Also adjust our code using it for the size_t adjustments made by
upstream.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 06:24:49 -05:00
Dan McGee
835365b817 Update MD5 routines with changes from PolarSSL
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 20:17:21 -05:00
Dan McGee
f3fa77bcf1 Add -S --recursive operation
This closely matches what we had before for -R --recursive. Basically,
when specifying a target (e.g., pacman), we can now recursively pull all
dependencies, regardless of version specifiers and whether they are
already satisfied in the local database. This could be used to update
pacman on a system with an old glibc, for example, as both pacman and
glibc would get pulled into the transaction.

This is most useful with --needed to prevent needless reinstalls as
described in the man page changes.

The end goal of this change is to wire it into SyncFirst and have it be
the default mode of operation there, but that belongs in a separate
changeset.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:19:04 -05:00
Dan McGee
1f6afe6b0b Dependency code style cleanups
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:55 -05:00
Dave Reisner
edd9ed6a3b stop progress callbacks after curl_easy_perform returns
This prevents possible null dereferences in FTP transfers when the
progress callback is touched during connection teardown.

http://curl.haxx.se/mail/lib-2011-08/0128.html

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:21 -05:00
Dave Reisner
c4112da8c3 dload: remove unnecessary cast in alpm_load_payload_free
Dan: make it compile, s/load/payload/.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11 11:18:00 -05:00
Dan McGee
5c1b83d9b1 Parse replaces strings as dep strings with version specs
This is done extremely crudely and is not very efficient, but it does
push us down the path of being closer to right, as one additional test
now passes.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:13:25 -05:00
Dan McGee
ce74f76a4c Conflict comparison performance enhancements
* Add *_hash fields to conflict struct and populate them
* Remove unnecessary backwards string comparisons

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:11:22 -05:00
Dan McGee
76dfea6e83 Update string catalogs after string tweaks
This also pulls in some early translations we had entered in Transifex
in the last day so those would not be lost. The diffstat is huge and not
very telling as usual, as all sorts of fuzzyness switches happened this
time around for some reason.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 16:00:48 -05:00
Dan McGee
96c4b1c303 Don't walk off front of string when stripping newline
If the string was zero-length to begin with, or consists of only newline
characters, nothing stopped us from incrementing right off the front of
the string. Ensure len stays above zero the whole time.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:41:18 -05:00
Dan McGee
6803260f26 Fix compile error when curl is not used
Noticed in my PowerPC Linux VM:

    cc1: warnings being treated as errors
    dload.c:45: error: 'get_filename' defined but not used
    make[3]: *** [dload.lo] Error 1

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:40:21 -05:00
Dan McGee
40ea6cd607 Depend on name_hash being set
This is a fairly valid assumption at this point, or at least as good of
one as assuming packages all have names.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09 15:38:54 -05:00
Dan McGee
5f38660be1 Add reason to corrupted package callback
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 19:55:44 -05:00
Dan McGee
9d09c9fdf7 Attempt to fix up some of the brokenness around failed package loads
This is a bit of a mess, due to the fact that we have a progress meter
running. It is also ironic that we are in the midst of a method named
"commit" when we haven't done a damn thing yet, and can still fail hard
if either a checksum or signature is invalid or unrecognized.

Adapt the former test_md5sum method to be invoked for any of the various
failure types, which at least gives the user some indication of what
packages are failing. A second patch will be needed to actually show
worthwhile error codes, but this is going to involve modifying the
actual data passed with the callback.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 19:42:52 -05:00
Dan McGee
9a40927533 Update all translation files
This moves us toward staring translations for the 4.0.0 release,
although this should not be interpreted as a string freeze by any means.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 17:17:15 -05:00
Dan McGee
09f950af07 _alpm_access(): don't call gettext() in debug level loggers
This is standard procedure elsewhere and cuts down on translations that
won't be seen (and we don't want if we need English debug output
anyway).

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 17:11:14 -05:00
Dan McGee
8fa330335f Merge branch 'maint'
Conflicts:
	lib/libalpm/dload.c
	lib/libalpm/po/fi.po
	lib/libalpm/po/libalpm.pot
	po/de.po
	po/fi.po
	src/pacman/po/pacman.pot
	src/pacman/util.c
2011-08-08 17:05:25 -05:00
Dan McGee
ef4757afa5 Store a package info level flag if we fail to load data
If we are missing a local database file, we get repeated messages over
and over telling us the same thing, rather than being sane and erroring
only once. This package adds an INFRQ_ERROR level that is added to the
mask if we encounter any errors on a local_db_read() operation, and
short circuits future calls if found in the value. This fixes FS#25313.

Note that this does not make any behavior changes other than suppressing
error messages and repeated code calls to failure cases; we still have
more to do in the "local database is hosed" department.

Also make a small update to the wrong but unused flags set in
be_package; using INFRQ_ALL there was not totally correct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 16:56:48 -05:00
Dan McGee
67445334e7 Update translations from transifex
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 16:39:04 -05:00
Dan McGee
07a1292721 Check return value of rename() calls
We did a good job checking this in add.c, but not necessarily anywhere
else. Fix this up by adding checks into dload.c, remove.c, and conf.c in
the frontend. Also add loggers where appropriate and make the message
syntax more consistent.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 13:29:45 -05:00
Dan McGee
cbaff216b3 Don't trim whitespace when reading database entries
We don't write with extra or unknown whitespace, so there is little
reason for us to trim it when reading either. This also fixes the
hopefully never encountered "paths that start or end with spaces" issue,
for which two pactests have been added. The tests also contain other
evil characters that we have encountered before and handle just fine,
but it doesn't hurt to ensure we don't break such support in the future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-02 08:20:34 -04:00
Dan McGee
66d9995711 Revamp signing checks
This ensures we are actually making correct use of the information gpgme
is returning to us. Marginal being allowed was obvious before, but
Unknown should deal with trust level, and not the presence or lack
thereof of a public key to validate the signature with.

Return status and validity information in two separate values so check
methods and the frontend can use them independently. For now, we treat
expired keys as valid, while expired signatures are invalid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28 18:46:52 -05:00
Dan McGee
a3def7ac87 Make free_groupcache() private
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28 15:01:31 -05:00
Lukas Fleischer
005eab0a08 libalpm: Set ret correctly in download_internal()
Immediately jump to the cleanup code after setting the return code to -1
in case rename() fails. Otherwise, it will be reset to 0 right after we
leave the if branch.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-25 08:48:02 -05:00
Dan McGee
bb3dada871 Convert package filelists to an array instead of linked list
This accomplishes quite a few things with one rather invasive change.

1. Iteration is much more performant, due to a reduction in pointer
   chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
   linked list as the file struts are now laid out consecutively in
   memory.
3. Memory allocation has been massively reworked. Before, we would
   allocate three different pieces of memory per file item- the list
   struct, the file struct, and the copied filename. What this resulted
   in was massive fragmentation of memory when loading filelists since
   the memory allocator had to leave holes all over the place. The new
   situation here now removes the need for any list item allocation;
   allocates the file structs in contiguous memory (and reallocs as
   necessary), leaving only the strings as individually allocated. Tests
   using valgrind (massif) show some pretty significant memory
   reductions on the worst case `pacman -Ql > /dev/null` (366387 files
   on my machine):

   Before:
     Peak heap:   54,416,024 B
	 Useful heap: 36,840,692 B
	 Extra heap:  17,575,332 B

   After:
     Peak heap:   38,004,352 B
	 Useful heap: 28,101,347 B
	 Extra heap:   9,903,005 B

Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-21 15:04:30 -05:00
Dan McGee
70d6fe6632 Clean up my debug logger mess
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-19 00:23:42 -05:00
Dan McGee
05f7c0280e Fix test suite when GPGME is disabled
As noted by Allan, we failed pretty hard if gpgme was compiled out. With
these changes, only sign001.py fails. This can/will be fixed later once
we beef up the test suite with more signing tests anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 21:06:24 -05:00
Florian Pritz
dad96ccce2 replace access() calls for debug info where applicable
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:44:28 -05:00
Florian Pritz
89c070b263 signing.c: check if needed files are readable
If we can't read the keyring, gpgme will output confusing debug
information and fail to verify the signature, so we should log some
debug information.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:44:07 -05:00
Florian Pritz
29a96bcfe1 add _alpm_access() wrapper
This is a wrapper function for access() which logs some debug
information and eases handling in case of split directory and filename.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:42:48 -05:00
Allan McRae
c0fe1743e5 Fix compilation without gpgme
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:36:41 -05:00
Dan McGee
1c39e4fbad Handle removal of empty directories properly
This addresses FS#25141. We shouldn't remove every empty directory we
come across during the removal process unless it is truly not known to
any other package. This will prevent removal of essential directories
such as '/var/lock/'.

This is accomplished by first checking the empty/non-empty status of a
directory, which was previously done implicitly by calling rmdir() and
ignoring errors. We do this to avoid the next (new) check in most cases,
which is to look at all local packages to see if the to-be-removed
directory is present in another packages' filelist. If we do not find it
anywhere, then we remove it, else we keep the file around.

The pactest has been updated to test more cases, as well as finding a
flaw in the original expected to fail case- we need separate DIR and
FILE based EXIST rules.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18 10:34:05 -05:00
Dan McGee
8f72ffbc45 Make alpm_db_set_pkgreason() arguments more sane
This can only ever operate on the local database, and a local package at
that. Change the function signature to take a handle and package object,
add the relevant asserts, and ensure the frontend can detect the package
not found condition when finding packages to pass to this method.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14 15:59:57 -05:00
Dan McGee
af357d6ab0 Allow fileconflict if unowned file moving into backup array
The bulk of this commit is adding new tests to ensure the new behavior
works without disrupting old behavior. This is a relatively sane maneuver
when a package adds a conf file (e.g. '/etc/mercurial/hgrc') that was
not previously in the package, but it is placed in the backup array. In
essence, we can treat the existing file as having always been a part of
the package and do our normal compare/install as pacnew logic checks.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14 15:34:04 -05:00
Dan McGee
00628c7268 Unify package removal code
This code duplication has always been a rather clumsy casuality of
fixing some past upgrade issues. Unify the removal code across upgrade
and remove operations into  a new _alpm_remove_single_package() method
wihch makes it very clear how we handle upgrade and remove differently,
via several conditionals on newpkg.

This commit highlights interesting behavior such as the fact that the
implicit removal in every package upgrade never gets transaction events
or progress callbacks.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-06 09:26:09 -05:00
Dan McGee
1d53dd716d include util.h in rawstr.c
Fixes "error: no previous prototype for '_alpm_raw_cmp'
[-Werror=missing-prototypes]" warnings, and also prevents someone from
getting the prototypes and functions out of sync.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 22:36:40 -05:00
Dan McGee
b678e00271 Merge remote-tracking branch 'dave/download' 2011-07-05 22:01:29 -05:00
Dave Reisner
57eac093c4 absorb fileinfo struct into dload_payload
This transitional struct becomes delicious noms for dload_payload.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05 23:00:03 -04:00
Dave Reisner
3eec745910 absorb some _alpm_download params into payload struct
Restore some sanity to the number of arguments passed to _alpm_download
and curl_download_internal.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05 23:00:02 -04:00
Dave Reisner
6dc71926f9 lib/dload: prevent large file attacks
This means creating a new struct which can pass more descriptive data
from the back end sync functions to the downloader. In particular, we're
interested in the download size read from the sync DB. When the remote
server reports a size larger than this (via a content-length header),
abort the transfer.

In cases where the size is unknown, we set a hard upper limit of:

* 25MiB for a sync DB
* 16KiB for a signature

For reference, 25MiB is more than twice the size of all of the current
binary repos (with files) combined, and 16KiB is a truly gargantuan
signature.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05 22:58:55 -04:00
Dave Reisner
6c9b82e72a dload: handle irregular URLs
URLs might end with a slash and follow redirects, or could be a
generated by a script such as /getpkg.php?id=12345. In both cases, we
may have a better filename that we can write to, taken from either
content-disposition header, or the effective URL.

Specific to the first case, we write to a temporary file of the format
'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this
is a randomly generated file, we cannot support resuming and the file is
unlinked in the event of an interrupt.

We also run into the possibility of changing out the filename from under
alpm on a -U operation, so callers of _alpm_download can optionally pass
a pointer to a *char to be filled in by curl_download_internal with the
actual filename we wrote to. Any sync operation will pass a NULL pointer
here, as we rely on specific names for packages from a mirror.

Fixes FS#22645.

Signed-off-by: Dave Reisner <d@falconindy.com>
2011-07-05 22:58:27 -04:00
Dan McGee
ae7139adcf Remove most usages of strncmp()
The supposed safety blanket of this function is better handled by
explicit length checking and usages of strlen() on known NULL-terminated
strings rather than hoping things fit in a buffer. We also have no need
to fully fill a PATH_MAX length variable with NULLs every time as long
as a single terminating byte is there. Remove usages of it by using
strcpy() or memcpy() as appropriate, after doing length checks via
strlen().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 21:29:02 -05:00
Dave Reisner
44889da5b7 dload: rearrange code to avoid extra cpp block
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05 17:18:23 -04:00
Dave Reisner
6cce517f1a lib/rawstr: borrow raw string functions from curl
We'll need these functions to do locale agnostic and case insensitive
string comparisons.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05 17:18:23 -04:00
Allan McRae
24324ff0e1 Simplify alpm_list_previous
We can readily detect the first node in a list by checking if
node->prev->next is NULL. So there is no need to pass the head
of the list to this function and its prototype now looks like
all the other item accessors.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:22:11 -05:00
Allan McRae
97103f860d Remove alpm_list_first
The only thing this accessor did was remove the const qualifier
given our entire list implementation requires passing around the
head anyway.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:22:05 -05:00
Dan McGee
c748eadc80 Allow invalid sync DBs to be returned by the library
They are placeholders, but important for things like trying to re-sync a
database missing a signature. By using the alpm_db_validity() method at
the right time, a client can take the appropriate action with these
invalid databases as necessary.

In pacman's case, we disallow just about anything that involves looking
at a sync database outside of an '-Sy' operation (although we do check
the validity immediately after). A few operations are still permitted-
'-Q' ops that don't touch sync databases as well as '-R'.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
07502f2d82 Allow frontend access to signature verification information
Show output in -Qip for each package signature, which includes the UID
string from the key ("Joe User <joe@example.com>") and the validity of
said key. Example output:

Signatures     : Valid signature from "Dan McGee <dpmcgee@gmail.com>"
                 Unknown signature from "<Key Unknown>"
                 Invalid signature from "Dan McGee <dpmcgee@gmail.com>"

Also add a backend alpm_sigresult_cleanup() function since memory
allocation took place on this object, and we need some way of freeing
it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
e8443b1685 Correctly check the GPG error codes
The error code is in fact a bitmask value of an error code and an error
source, so use the proper function to get only the relevant bits. For
the no error case, this shouldn't ever matter, but it bit me when I was
trying to compare the error code to other values and wondered why it
wasn't working, so set a good example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
7af0ab1cde signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.

* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
  a simple integer success/failure value. This allows callers to
  determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
  returned status code; pm_errno is now set only to PKG_INVALID_SIG or
  DB_INVALID_SIG as appropriate.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
1ce7f39ad7 Merge remote-tracking branch 'allan/ALPM'
Conflicts:
	lib/libalpm/be_local.c
	lib/libalpm/be_package.c
	lib/libalpm/conflict.c
	lib/libalpm/diskspace.c
	lib/libalpm/dload.c
	lib/libalpm/remove.c
2011-07-03 14:44:57 -05:00
Dan McGee
c839415e3f conflict code tweaks and cleanups
We can take advantage of a few things on our new and improved filelist
in this code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 14:29:30 -05:00
Dan McGee
26195f8da1 diskspace: remove all libarchive usage
Now that the filelists capture mode and size information, we can read
the data from there and prevent having to loop through and uncompress
every archive to check required diskspace usage.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 14:29:30 -05:00
Dan McGee
6a6fc3107f Move alpm filelists to a struct object
This allows us to capture size and mode data when building filelists
from package files. Future patches will take advantage of this newly
available information, and frontends can use it as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 14:29:30 -05:00
Dan McGee
06840f14b4 Fix debug logger without a newline
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:44:26 -05:00
Allan McRae
a7b02d07f4 Do not replicate files list when removing packages
This saves replicating the potentially large list of files in a package
that is being removed.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:42:43 -05:00
Allan McRae
ab79b13079 Add alpm_list_previous method
Helper function to get the previous item in a list

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:42:24 -05:00
Dan McGee
f612e5ede7 checkdeps: remove unnecessary list join and copy
We can just perform the same search operation on both lists.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:39:13 -05:00
Dan McGee
925d74f38d be_local: use macros in database loading similar to be_sync
This removes some of the repetition in the code for reading and parsing
database file lines.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:37:04 -05:00
Dan McGee
de8b9a85a5 be_sync: make READ_NEXT() a no-arg macro
We passed in 'line', but not 'buf.line'. In addition, the macros
building off of READ_NEXT() assume variable names anyway. Since we only
use these macros in one function, might as well simplify them.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 13:07:19 -05:00
Allan McRae
afc96f2ab3 Prefix _alpm_errno_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:39 +10:00
Allan McRae
bd88a8d551 Prefix alpm_transprog_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:39 +10:00
Allan McRae
495ba26e63 Prefix alpm_transconv_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:39 +10:00
Allan McRae
3189d3bc4a Prefix alpm_transevt_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:39 +10:00
Allan McRae
39262acab6 Prefix alpm_transflag_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:39 +10:00
Allan McRae
ca43fdd92f Prefix alpm_loglevel_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:38 +10:00
Allan McRae
d796d1cdda Prefix alpm_fileconflicttype_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:38 +10:00
Allan McRae
f818f570c5 Prefix alpm_depmod_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:38 +10:00
Allan McRae
eb39a9482b Prefix alpm_pkgreason_t members with ALPM
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02 02:01:38 +10:00
Dan McGee
cf1401a04d signing: check validity of all available signatures
Change the check into a loop over all signatures present and returned by
GPGME. Also modify the return values and checks slightly now that I know
a little bit more about what type of values are returned.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 17:25:53 -05:00
Dan McGee
23a2d2c16a Make alpm_db_get_sigverify_level() public
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 16:16:41 -05:00
Dan McGee
68284da0d7 Add an alpm_db_get_valid() public function
This allows one to check if a database is valid or invalid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 16:05:20 -05:00
Dan McGee
13235ba65a Make local_db_read() private to the local backend
There is little need to expose the guts of this function even within the
library. Make it static in be_local.c, and clean up a few other things
since we know exactly where it is being called from:

* Remove unnecessary origin checks in _cache_get_*() methods- if you are
  calling a cache method your package type will be correct.
* Remove sanity checks within local_db_read() itself- packages will
  always have a name and version if they get this far, and the package
  object will never be NULL either.

The one case calling this from outside the backend was in add.c, where
we forced a full load of a package before we duplicated it. Move this
concern elsewhere and have pkg_dup() always force a full package load
via a new force_load() function on the operations callback struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 11:51:49 -05:00
Dan McGee
b94e8ecd1f Fix a few warnings pointed out via clang scan-build
Some of these are legit (the backup hash NULL checks), while others are
either extemely unlikely or just impossible for the static code
analysis to prove, but are worth adding anyway because they have little
overhead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 11:51:36 -05:00
Dan McGee
ad577b3cb4 Merge remote-tracking branch 'allan/breakshit' 2011-06-30 10:37:08 -05:00
Dave Reisner
0f4aaeee42 lib/util: modify entry_prefix, not prefix
Modifying prefix caused tmp directories to be left behind after
running scriptlets, and the path '/' to be passed to _alpm_rmrf. Broken
in f01c6f.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 10:34:32 -05:00
Dave Reisner
002d2fda7a lib/alpm: unlock the handle before freeing it
This avoids, probably among other things, leaving the lock file in place
after a SIGINT'd sync DB update.

Fixes regression introduced in 4f8ae2b.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 10:33:24 -05:00
Allan McRae
fed3e09c94 Use ignoregroup rather than ignoregrp in the handle
This matches the naming in pacman.conf.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29 16:00:25 +10:00
Allan McRae
b1894ccf06 Rename internal functions with grp in their name
The following function renames take place for the same reasoning as
the previous commit:

  _alpm_grp_new -> _alpm_group_new
  _alpm_grp_free -> _alpm_group_free
  _alpm_db_free_grpcache -> _alpm_db_free_groupcache
  _alpm_db_get_grpfromcache -> _alpm_db_get_groupfromcache

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29 15:52:33 +10:00