1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-14 13:25:09 -05:00
Commit Graph

99 Commits

Author SHA1 Message Date
Dan McGee
7af0ab1cde signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.

* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
  a simple integer success/failure value. This allows callers to
  determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
  returned status code; pm_errno is now set only to PKG_INVALID_SIG or
  DB_INVALID_SIG as appropriate.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
68284da0d7 Add an alpm_db_get_valid() public function
This allows one to check if a database is valid or invalid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 16:05:20 -05:00
Dan McGee
13235ba65a Make local_db_read() private to the local backend
There is little need to expose the guts of this function even within the
library. Make it static in be_local.c, and clean up a few other things
since we know exactly where it is being called from:

* Remove unnecessary origin checks in _cache_get_*() methods- if you are
  calling a cache method your package type will be correct.
* Remove sanity checks within local_db_read() itself- packages will
  always have a name and version if they get this far, and the package
  object will never be NULL either.

The one case calling this from outside the backend was in add.c, where
we forced a full load of a package before we duplicated it. Move this
concern elsewhere and have pkg_dup() always force a full package load
via a new force_load() function on the operations callback struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30 11:51:49 -05:00
Allan McRae
b1894ccf06 Rename internal functions with grp in their name
The following function renames take place for the same reasoning as
the previous commit:

  _alpm_grp_new -> _alpm_group_new
  _alpm_grp_free -> _alpm_group_free
  _alpm_db_free_grpcache -> _alpm_db_free_groupcache
  _alpm_db_get_grpfromcache -> _alpm_db_get_groupfromcache

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29 15:52:33 +10:00
Allan McRae
f1bb56cebf Rename public functions with grp in their name
Using grp instead of group is a small saving at the cost of clarity.
Rename the following functions:

  alpm_option_get_ignoregrps -> alpm_option_get_ignoregroups
  alpm_option_add_ignoregrp -> alpm_option_add_ignoregroup
  alpm_option_set_ignoregrps -> alpm_option_set_ignoregroups
  alpm_option_remove_ignoregrp -> alpm_option_remove_ignoregroup
  alpm_db_readgrp -> alpm_db_readgroup
  alpm_db_get_grpcache -> alpm_db_get_groupcache
  alpm_find_grp_pkgs -> alpm_find_group_pkgs

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29 15:46:49 +10:00
Allan McRae
7633c14bd5 Rename _pmdbstatus_t to _alpm_dbstatus_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:24 +10:00
Allan McRae
028b965e1a Rename pmdbinfrq_t to alpm_dbinfrq_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:24 +10:00
Allan McRae
71fa9f912d Rename pmpkghash_t to alpm_pkghash_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:24 +10:00
Allan McRae
1fdbe79022 Rename pmgrp_t to alpm_group_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:28:23 +10:00
Allan McRae
8a04bc25a1 Rename pmpkg_t to alpm_pkg_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 23:26:39 +10:00
Allan McRae
939d5a9511 Rename pmdb_t to alpm_db_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 14:16:12 +10:00
Allan McRae
64c1cf7921 Rename pmhandle_t to alpm_handle_t
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28 14:04:00 +10:00
Dan McGee
79e98316ea Add a 'valid' flag to the database object
Start by converting all of our flags to a 'status' bitmask (pkgcache
status, grpcache status). Add a new 'valid' flag as well. This will let
us keep track if the database itself has been marked valid in whatever
fashion.

For local databases at the moment we ensure there are no depends files;
for sync databases we ensure the PGP signature is valid if
required/requested. The loading of the pkgcache is prohibited if the
database is invalid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-24 03:46:12 -05:00
Dan McGee
1150d9e15a Move database 'version' check to registration time
This is another step toward doing both local database validation
(ensuring we don't have depends files) and sync database validation (via
signatures if present) when the database is registered.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-24 03:31:32 -05:00
Dan McGee
db3b86e7f3 Do database signature checking at load time
This is the ideal place to do it as all clients should be checking the
return value and ensuring there are no errors. This is similar to
pkg_load().

We also add an additional step of validation after we download a new
database; a subsequent '-y' operation can potentially invalidate the
original check at registration time.

Note that this implementation is still a bit naive; if a signature is
invalid it is currently impossible to refresh and re-download the file
without manually deleting it first. Similarly, if one downloads a
database and the check fails, the database object is still there and can
be used. These shortcomings will be addressed in a future commit.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-24 02:34:50 -05:00
Dan McGee
8be4db8caf Add a helper method for retrieving the DB signature path
Note that is a bit different than the normal _alpm_db_path() method; the
caller is expected to free the result.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-13 19:41:37 -05:00
Dan McGee
fb4b422fc4 New signatures for alpm initialize and release
These new method signatures return and take handle objects to operate on
so we can move away from the idea of one global handle in the API. There
is also another important change and that deals with the setting of root
and dbpaths. These are now done at initialization time instead of using
setter methods. This allows the library to operate more safely knowing
that paths won't change underneath it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-07 11:37:05 -05:00
Dan McGee
307a6de17a Remove global handle from some package and db code
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-03 12:44:01 -05:00
Dan McGee
c47d25d74b Add handle attribute to pmdb_t struct
This is the first step in a long process to remove our dependence on the
global handle variable we currently share in libalpm, with the goal to
make things a bit more thread-safe and re-entrant.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-03 12:06:25 -05:00
Dan McGee
31e55b8049 signing: let GPGME handle loading signatures from files
Rather than go through all the hassle of doing this ourselves, just let
GPGME handle the work by passing it a file handle.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24 10:48:33 -05:00
Allan McRae
ed6fda2f98 Add functions for verifying database signature
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures.  Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.

TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-23 22:22:33 -05:00
Xavier Chantry
f9505063f8 Added gpg verification options per repo to the config file.
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.

Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23 03:35:50 -05:00
Dan McGee
f45369800a Check local DB version before continuing transaction
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-02-28 10:46:00 -06:00
Dave Reisner
1fcc496756 alpm: alpm_db_get_pkgcache_list => alpm_db_get_pkgcache
This avoids needless breakage of the public API.

Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-02-25 09:46:36 -06:00
Dave Reisner
eefe8c8364 alpm: remove public visibility of pmpkghash_t
There's no API functions exposed which allow manipulation of this type,
so remove it from public view. Also, rename the public and private
alpm_db_get_pkgcache symbol to alpm_db_get_pkgcache_has.

Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-02-25 09:45:13 -06:00
Allan McRae
f8fdce6cb0 Read pkgcache into hash
Read the package information for sync/local databases into a pmpkghash_t
structure.

Provide a alpm_db_get_pkgcache_list() method that returns the list from
the hash object.  Most usages of alpm_db_get_pkgcache are converted to
this at this stage for ease of implementation.  Review whether these are
better accessing the hash table directly at a later stage.

Signed-off-by: Allan McRae <allan@archlinux.org>
2011-02-04 09:55:45 +10:00
Allan McRae
d288240426 Update copyright years for 2011
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-01-07 18:47:37 -06:00
Allan McRae
81dd9d3ebc Detect undefined PATH_MAX
POSIX does not require PATH_MAX be defined when there is not actual
limit to its value.  This affects HURD based systems.  Work around
this by defining PATH_MAX to 4096 (as on Linux) when this is not
defined.

Also, clean up inclusions of limits.h and remove autoconf check for
this header as we do not use macro shields for its inclusion anyway.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-29 19:24:13 -06:00
Dan McGee
c00e05992e Remove non-public functions from header
And rename accordingly.

Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-13 21:16:47 -06:00
Dan McGee
94d3d665f0 Mark sync_db_read() as static
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-13 21:14:03 -06:00
Allan McRae
21833d90e2 Merge desc and depends files in local db
Whenever depends is needed from the local db, so is desc.  The only
disadvantage to merging them is the additional time taken to read the
depends entries when they are not needed.  As depends is in general
relatively small, the additional time taken to read it in will be
negligable.  Also, merging these files will speed up local database
access due to less file seeks.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-12-12 21:42:41 -06:00
Allan McRae
d39248120e Remove lazy loading of deltas
Local packages do not have deltas so remove lazy loading of delta
information.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:40 +10:00
Allan McRae
e464339e3b Move and rename splitname
The splitname function is a general utility function and so is better
suited to util.h.  Rename it to _alpm_splitname to indicate it is an
internal libalpm function as was the case prior to splitting local and
sync db handling.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:40 +10:00
Allan McRae
448f78c067 Restrict visibility of checkdbdir and get_pkgpath
These functions are only needed by be_local and were only promoted
to db.{h,c} as part of the splitting of handling the local and sync
dbs.  Move them into be_local.c and make them static again.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:39 +10:00
Allan McRae
4a8e396a58 Parse sync database
Read in package information for a tar based sync database. Do not
use lazy loading for sync db.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:39 +10:00
Allan McRae
fc32faaa6a Completely separate local and sync db handling
Put the db_operations struct to use and completely split the handling
of the sync and local databases.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:39 +10:00
Allan McRae
5b2de3d8ec Separate be_files into be_sync and be_local
The file be_files.c is "split" to be_local.c and be_sync.c in order
to achieve separate handling of sync and local databases.

Some basic clean-up of functions that are only of use for local or
sync databases has been performed and some rough function renaming
in duplicated code has been performed to prevent compilation errors.
However, most of the clean-up and final separation of sync and local
db handling occurs in following patches.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-14 13:17:38 +10:00
Allan McRae
0909a72000 Move database handling utility functions
Move splitname, checkdbdir, get_pkgpath into db.{h,c} as these will be
needed to parse both the local and sync databases during the initial
splitting.  They will be moved out of db.{h,c} at to more appropriate
locations at a later stage.

Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-13 23:53:18 +10:00
Dan McGee
efbae3cfcb Initial hack at a DB operations struct
It doesn't do a whole lot yet, but these type of operations will
potentially be different for the DBs we load.

Signed-off-by: Dan McGee <dan@archlinux.org>
2010-10-13 23:53:18 +10:00
Dan McGee
522ef5e981 Move the cache stuff where it should be
Cache bullshit only has relevance to be_files, so move it there.

Signed-off-by: Dan McGee <dan@archlinux.org>
[Allan: BIG rebase]
Signed-off-by: Allan McRae <allan@archlinux.org>
2010-10-13 23:53:18 +10:00
Jonathan Conder
df99495b82 Compute package download size outside _alpm_sync_prepare
And add a new info level for this piece of data.

Signed-off-by: Jonathan Conder <j@skurvy.no-ip.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-05-05 18:15:52 -05:00
Dan McGee
a36ff9404b Bump copyright dates to 2010
Signed-off-by: Dan McGee <dan@archlinux.org>
2010-03-14 19:46:59 -05:00
solsTiCe d'Hiver
e3ac806262 use bitwise shift operator in enum "bit field"
This offers a cleaner way to deal with constant in enum and allow easy
maintainance

Signed-off-by: solsTiCe d'Hiver <solstice.dhiver@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-10-11 22:13:49 -05:00
Dan McGee
35dc9b0314 int typing: s/unsigned short/int/ in libalpm
After our recent screwup with size_t and ssize_t in the download code, I
found the `-Wsign-conversion` flag to GCC to see if we were doing anything
else boneheaded. I didn't find anything quite as bad, but we did have some
goofups- most of our public unsigned methods would return -1 on error, which
is a bit odd in an unsigned context.

Signed-off-by: Dan McGee <dan@archlinux.org>
2009-10-11 13:51:47 -05:00
Dan McGee
72883e3bcb Fully implement database lazy loading
Commit 34e1413d75 attempted to implement lazy loading of package databases.
Although it took care of my main complaint (creating the database directory
if it didn't exist), it didn't allow sync repos to be registered before
alpm_option_set_dbpath() had been called.

With this patch, we no longer compute the individual repository DB paths
until necessary, allowing full lazy loading to work as intended, and
allowing us to drop the extra setlibpath() calls from the frontend. This
allows the changes introduced in a2cd48960 (but later reverted) to be added
back in again.

Signed-off-by: Dan McGee <dan@archlinux.org>
2009-09-20 12:19:57 -05:00
Dan McGee
c72b4543b6 Update copyright headers and messages
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-07-01 02:08:33 -05:00
Xavier Chantry
14230869e6 Remove some db abstraction crap.
These db_open and db_close looked quite useless. And they caused the db
directory to be opened on a simple registering of a database. This is
totally unneeded, this opening can be delayed to when we actually need it.

Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
2009-01-20 14:04:54 +01:00
Nagy Gabor
cb7337eb64 db->pkgcache_loaded and db->grpcache_loaded
Clearly the old code was more elegant (NULL cache indicated "not loaded"),
but it had some drawbacks, so from now on we indicate the state of caches
explicitly.

Old drawbacks:
When we had an empty database (unstable), libalpm called db_populate after
every pkgcache access, because NULL pkgcache indicated "not loaded" state.
This is not a common case, but the same situation can happen with grpcache,
which is more problematic: If the user had a custom repo with no groups,
grpcache was always NULL. (grpcache is also loaded per database.) Thus
every get_grpcache call induced a load_grpcache operation, so the benefits
of grpcache was completely lost.

Signed-off-by: Nagy Gabor <ngaba@bibl.u-szeged.hu>
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-01-12 23:59:37 -06:00
Allan McRae
a73ad4f0e3 Separate local db directory creation and db write
Changelogs and install files were getting extracted into the local
db folder before it was manually created.  This created issues for
uses with 0077 umasks and was highlighted with the new sudo handling
of umasks (FS#12263).

This moves the local db creation to its own function which is called
before the start of package archive extraction.  Also, added a check
that the folder is actually created.

Signed-off-by: Allan McRae <allan@archlinux.org>
[Dan: rename to _alpm_db_prepare()]
Signed-off-by: Dan McGee <dan@archlinux.org>
2009-01-02 23:52:32 -06:00
Dan McGee
57393eb730 Fix variable naming issues in _alpm_db_cmp
When this function got a rewrite in commit f43805d875, argument and variable
names got a bit mixed up when separating the casts from the strcmp
operation. Fix the mixup which also fixes a possible segfault when this
function is called.

Signed-off-by: Dan McGee <dan@archlinux.org>
2008-08-08 13:45:46 -05:00