Add code to conf.c that parses the new SigLevel directive. An
overwhelming number of options are presented, but most users will still
be fine with the Never/Optional/Required trio. More advanced users can
combine these or any of the other options on a 'SigLevel = ' line, which
is parsed in a left-to-right fashion and flags turned on and off
accordingly. For example, all three of these will net the same config:
SigLevel = Required PackageOptional
SigLevel = Optional DatabaseRequired
SigLevel = DatabaseRequired PackageOptional
Additionally, database-specific lines assume you wish to start with any
global default that has been set. For example, if any of the above lines
were in the [options] section, something such as:
SigLevel = PackageRequired PackageAllowMarginal
Would continue to enforce required database signatures.
Inspiration-by: Kerrick Staley <mail@kerrickstaley.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
paccache is a robust and flexible package cache cleaner with a variety
of options. Much credit goes to DJ Mills and Pat Brisbin for ideas
behind this script.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
[Dan: add .gitignore entry]
Signed-off-by: Dan McGee <dan@archlinux.org>
The current --list option outputed the keys and all their signatures
which can be overly verbose. It also did not take a list of keys on
the command line to limit its output (although the code suggests that
was intended).
That patch brings consistency with gpg, providing --list-keys and
--list-sigs options that function equivalently to those provided by
gpg.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We don't write with extra or unknown whitespace, so there is little
reason for us to trim it when reading either. This also fixes the
hopefully never encountered "paths that start or end with spaces" issue,
for which two pactests have been added. The tests also contain other
evil characters that we have encountered before and handle just fine,
but it doesn't hurt to ensure we don't break such support in the future.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is more in line with standard Python practice, and makes keyboard
interrupts behave a lot more sanely. It also prevents the useless
spawning of a shell as well as simplifies the command building and
working directory stuff.
Signed-off-by: Dan McGee <dan@archlinux.org>
This ensures we are actually making correct use of the information gpgme
is returning to us. Marginal being allowed was obvious before, but
Unknown should deal with trust level, and not the presence or lack
thereof of a public key to validate the signature with.
Return status and validity information in two separate values so check
methods and the frontend can use them independently. For now, we treat
expired keys as valid, while expired signatures are invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
This gets us close to using the same modeline in all files we run
through Asciidoc, as well as adding the spell and spelllang
declarations, just as we had in NEWS already.
The choice of 'en_us' is mainly for consistency and because the body of
work already uses these spellings.
Signed-off-by: Dan McGee <dan@archlinux.org>
Currently, pacman-key allows the user to import their keys using the --add
option. However, no similar functionality exists for importing ownertrust
values.
The --import-trustdb option takes a list of directories and imports ownertrust
values if the directories have a trustdb.gpg database.
The --import option takes a list of directories and imports keys from
pubring.gpg and ownertrust values from trustdb.gpg. Think of it as a combination
of --add and --import-trustdb
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allows the commands to safely handle any possible arguments
Signed-off-by: DJ Mills <danielmills1@gmail.com>
Allan: rebase patch
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Move the source integrity checking into its own function as the code
was duplicated and is now more complicated with the separation of the
two checks types.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Allows the skipping of all integrity checks (checksum and PGP) or
either the checksum or PGP checks individually.
Original-patch-by: Wieland Hoffman <theminew@googlemail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Many projects provide signature files along with the source code
archives. It's good to check these, too, when verifying the integrity
of source code archives.
Not everybody is using gpg so the verification can be disabled with
--skippgpcheck.
Additionally, only a warning is displayed when the key that signed the
source file is unknown.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Pacman did a great job of having almost (but not quite) duplicate code
paths through the sync and upgrade code. We can use the same logic in
both upgrade in sync once the targets are resolved, so extract a
function and delete a bunch of code.
Signed-off-by: Dan McGee <dan@archlinux.org>
When epoch, pkgver and/or pkgrel were overridden in a split package
function, makepkg failed hard finding the real version for checking
if packages were already built or trying to install packages. Fix
the get_full_version function to deal with overrides and return the
actual package version.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
We can override pkgver and pkgrel so it is only logical to add epoch
to that list
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Check any overrides of the "arch" variable contain the required
architecture.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Enforce syntax checking for pkgrel and pkgver overrides in package
functions.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
There is always someone who tries to break things (cough *Dave* cough...)
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a cleaner expression of the same information.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This accomplishes quite a few things with one rather invasive change.
1. Iteration is much more performant, due to a reduction in pointer
chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
linked list as the file struts are now laid out consecutively in
memory.
3. Memory allocation has been massively reworked. Before, we would
allocate three different pieces of memory per file item- the list
struct, the file struct, and the copied filename. What this resulted
in was massive fragmentation of memory when loading filelists since
the memory allocator had to leave holes all over the place. The new
situation here now removes the need for any list item allocation;
allocates the file structs in contiguous memory (and reallocs as
necessary), leaving only the strings as individually allocated. Tests
using valgrind (massif) show some pretty significant memory
reductions on the worst case `pacman -Ql > /dev/null` (366387 files
on my machine):
Before:
Peak heap: 54,416,024 B
Useful heap: 36,840,692 B
Extra heap: 17,575,332 B
After:
Peak heap: 38,004,352 B
Useful heap: 28,101,347 B
Extra heap: 9,903,005 B
Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.
Signed-off-by: Dan McGee <dan@archlinux.org>
As noted by Allan, we failed pretty hard if gpgme was compiled out. With
these changes, only sign001.py fails. This can/will be fixed later once
we beef up the test suite with more signing tests anyway.
Signed-off-by: Dan McGee <dan@archlinux.org>
Makes sure that the pacman keyring is readable and that the user
has permissions to create a lock file if lock-never is not specified
in the gpg.conf file.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add an --init option that ensures that the pacman keyring has all
the necessary files and they have the correct permissions for being
read as a user.
Signed-off-by: Allan McRae <allan@archlinux.org>
This function had a variety of pitfalls, including the inability to
successfully find a key=value pair where no whitespace surrounded the
equals sign. Make it more robust by splitting the line on the equals
itself, and performing whitespace trimming on the resulting key/value
pair.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Follow the example of gpg and only allow a single operation to be
specified each time. Prevents having to deal with conflicting
variable names and potential issues due to the order in which the
operations are run.
Signed-off-by: Allan McRae <allan@archlinux.org>
This moves the processing of the --edit-key and --receive options
to functions, keeping the final option processing to be all single
line statements.
Also rework the --edit-key option to validate all input before
processing.
Signed-off-by: Allan McRae <allan@archlinux.org>
Update man page to reflect current options. Also add a description
on how to manually interact with the pacman keyring with gpg.
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit correctly redirects to /dev/null the output of several
commands that get executed on logic checks.
Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This keeps the naming of the option more consistent with what is
actually being called by gpg.
Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit adds quotes to several variable assignments. Unquoted values
can cause problems on several occasions if the value is empty. It is
safer to have every assignment quoted.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
