Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
Our curl callback does a whole lot of work for nothing if the front end
never defined a callback to receive the data we'd calculate for it.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
CURLINFO_HTTP_CODE is deprecated in favor of CURLINFO_RESPONSE_CODE.
Both yield the same values.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
The files we transfer are generally compressed already, so this just
adds unnecessary overhead.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Use a static variable to effectively track the initialization state of
the progress callback via the last byte amount reported as downloaded by
libcurl.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
* introduces new macro in util.h (DOUBLE_EQ) for properly comparing
floating point values
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Move the (possibly still temporary) output generated during signature
checking into the --debug output.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
We pass in a db object, so no need to go looking for it in the list on
the handle. This is a remnant of when we passed in a treename, more than
likely.
Signed-off-by: Dan McGee <dan@archlinux.org>
This will serve as the home directory we pass to GPGME when making calls so
we can have a libalpm-utilized keyring.
Signed-off-by: Dan McGee <dan@archlinux.org>
If a .sig file sits side-by-side on the filesystem with a package archive,
read it in during the package struct creation process so we can verify it at
a later time if necessary.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
We will need these for GPG functionality (decoding the base64 encoded
signature stored in the databases).
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Implements FS#23103. Also modify libalpm so it ignores this value
without any warning as we know it is likely to exist.
Signed-off-by: Dan McGee <dan@archlinux.org>
Wrap lines of long length, noticed while creating and messing around
with some of the other maint branch patches.
Signed-off-by: Dan McGee <dan@archlinux.org>
Noticed with the openoffice/libreoffice replacement scheme where many
packages are listed as replacements to one package, thus electing it for
removal multiple times. Ensure a given package is not already present
before placing it in the removal list.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a rather serious data corruption issue that luckily manifested
itself today in a noticable way. A package in testing had replaces
entries read in as ["%RE pkgname", "%RE"] which was clearly wrong. This
happens when we hit the end of an archive block, do not have a newline,
and have to continue reading from the next block to complete the line.
Signed-off-by: Dan McGee <dan@archlinux.org>
Drawing progress bars before calling curl_easy_perform() is needless as
the curl progress callback is called with zero progress before actually
downloading the file anyways. Fixes display of "0%" progress bars when
sync'ing package databases that are already up to date.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
This was discussed and more or less agreed upon on the mailing list. A
huge checkin, but if we just do it and let people adjust the pain will
end soon enough. Rebasing should be relatively straighforward for anyone
that sees conflicts; just be sure you use the new return style if
possible.
The following semantic patch was used to do the change, along with some
hand-massaging in order to preserve parenthesis where appropriate:
The semantic match that finds this problem is as follows, although some
hand-massaging was done in order to keep parenthesis where appropriate:
(http://coccinelle.lip6.fr/)
// <smpl>
@@
expression a;
@@
- return(a);
+ return a;
// </smpl>
A macros_file was also provided with the following content:
Additional steps taken, mainly for ASSERT() macros:
$ sed -i -e 's#return(NULL)#return NULL#' lib/libalpm/*.c
$ sed -i -e 's#return(-1)#return -1#' lib/libalpm/*.c
Signed-off-by: Dan McGee <dan@archlinux.org>
We erroniously dropped the call to _alpm_delta_parse() when macro-izing,
causing segfaults for repos that provide deltas. Addresses FS#23314.
Signed-off-by: Dan McGee <dan@archlinux.org>
Partially addresses the "why doesn't CheckSpace work in a chroot" issue.
We can't make it work, but we can at least detect when it won't work by
checking for a partition for our given installation root. If we can't
determine the mountpoint for this, bail out with an error.
Signed-off-by: Dan McGee <dan@archlinux.org>
this is just some debuggery to allow pacman to operate with both fetch
and curl at the same time. use the PACMANDL variable to control which
library is used.
Signed-off-by: Dave Reisner <d@falconindy.com>
This is a feature complete re-implementation of the fetch based internal
downloader, with a few improvements:
* support for SSL
* gzip and deflate compression on HTTP connections
* reuses a single connection over the entire session for lower resource
usage.
Signed-off-by: Dave Reisner <d@falconindy.com>
Add PM_ERR_LIBCURL to error enum and handle case in error.c by returning
curl_easy_strerror() based on the error number carried by the gloabl alpm
handle.
Signed-off-by: Dave Reisner <d@falconindy.com>
no actual code changes here. change preprocessor logic to include
get_tempfile, get_destfile, signal handler enum, and the interrupt
handler logic when either HAVE_LIBCURL or HAVE_LIBFETCH are defined.
Signed-off-by: Dave Reisner <d@falconindy.com>
Do this in preparation for implementing similar curl based
functionality. We want the ability to test these side by side.
Signed-off-by: Dave Reisner <d@falconindy.com>
Adding the CURLcode is necessary in order to return an error string from
pm_error. Unlike libfetch, curl returns numerical error numbers and does
not maintain a staticly allocated string with the last error generated.
Adding the curl object itself to the handle is advantageous (and
encouraged by curl_easy_perform(3)) because the handle is reusable for
successive operations. This cuts back on overhead when downloading
multiple files in a single transaction.
Signed-off-by: Dave Reisner <d@falconindy.com>
repo-add can add a "files" entry into the sync db. Currently we
do nothing with this file, so explicitly skip it to prevent
unknown database file warnings.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Our keywords were all screwed up in this regard. Fix it so our
ngettext() shortcut calls are actually recognized and respected.
Signed-off-by: Dan McGee <dan@archlinux.org>
Fixes FS#23090, a rather serious problem where the user was completely
unable to read the local database. Even if entry->d_type is available,
the given filesystem providing it may not fill the contents, in which
case we should fall back to a stat() as we did before. In this case, the
filesystem was XFS but there may be others.
Signed-off-by: Dan McGee <dan@archlinux.org>
A lot of these were places that should have used the same message but
didn't, or were very easy to convert to using the same message and
letting some of the burden off of the translators.
Signed-off-by: Dan McGee <dan@archlinux.org>
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.
Signed-off-by: Dan McGee <dan@archlinux.org>
We only call these from the transaction init and teardown, so move them
to that file, mark them static, and push more of the logic of handle
manipulation into these functions.
Signed-off-by: Dan McGee <dan@archlinux.org>
According to FOPEN(3), using fclose on an fdopen'd file stream also
closes the underlying file descriptor. This happened in _alpm_lckmk
(util.c), which meant that when alpm_trans_release closed it again, the
log file (which reused the original file descriptor) was closed instead.
Signed-off-by: Jonathan Conder <jonno.conder@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
There's no API functions exposed which allow manipulation of this type,
so remove it from public view. Also, rename the public and private
alpm_db_get_pkgcache symbol to alpm_db_get_pkgcache_has.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
This allows error messages emitted by the frontend to be a bit more
descriptive and not have the annoying "well why didn't you tell me that
the first time" problem. If a package had multiple missing deps, we
would bail on the first one before rather than finish processing all
missing dependencies, and only print one error message. Instead,
continue through this entire set of missing deps and append all eventual
errors.
The added pactest tests this case, as the to be installed package has
two missing dependencies. However, pactest does not actually test or see
the difference in output from before and after, so it passes in both
cases, but it is clearly visible in the logs.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is old code that has since gone stale; we no longer ever add
anything to this list so no need to keep it around and check the
contents during extraction.
Signed-off-by: Dan McGee <dan@archlinux.org>
* Make conflict_isin() static; it is used nowhere else.
* Remove does_conflict(): it turns out to be replaceable by a single call to
_alpm_depcmp(). By pushing it up, we can reduce calls to _alpm_splitdep()
from 60,368 to 16,940 during one test -Su operation I ran.
Signed-off-by: Dan McGee <dan@archlinux.org>
* Use stat() and not lstat(); we don't care for the size of the symlink if
it is one, we want the size of the reference file.
* FS#22896, fix local database estimation on platforms that don't abide by
the nlink assumption for number of children.
* Fix a missing newline on an error message.
Signed-off-by: Dan McGee <dan@archlinux.org>
Change _alpm_graph_new() to use CALLOC to avoid explicit zeroing out of fields
in pmgraph_t.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Turn it into an enum rather than a boolean, and use a bitmask like we do for
reading DB entries. The relevant flag is turned on in our two calculate
loops, and anything reading the used flag later can decided which flag (or
either) is relevant.
This will allow the read-only partition code to be triggered on a
remove-only operation, e.g. if /boot was read-only and one tried to remove
grub in a sync transaction. Of course, right now, we don't actually run the
diskspace check code in the '-R' codepath.
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a bit of a stopgap solution for the problem, but an easier one than
revamping the file conflict checking code to support the same stuff. Using
some more gross autoconf magic, figure out which struct field we need to
look at to determine read-only status and store that on our mountpoint
struct. If we find out we needed this partition after calculating size
requirements, then toss an error.
Signed-off-by: Dan McGee <dan@archlinux.org>
In the getmntinfo() section, the local variable mnt doesn't exist; this
would have caused a compile error if I had tested the code on such a
platform. Unify both codepaths to just run strlen() on the already copied
mount path instead.
Signed-off-by: Dan McGee <dan@archlinux.org>
In packages, our description file contains:
key = value is here
type entries, and we passed "key " and " value is here" to our strtrim
function, causing us to always memmove the value portion to remove the
space. Since this is a throwaway buffer, do the advancing on our own before
trimming to save the need to shift memory around; "value is here" will now
be passed and strtrim will be responsible for trailing whitespace.
Signed-off-by: Dan McGee <dan@archlinux.org>
We did this in some but not all cases, assuming the 0 value coming out of
libarchive would not be a problem. However, this does not work for "fake"
filesystems such as rpc_pipefs, which reports a free block and total block
count of zero.
Fix this by not ever counting symlinks or directories, and adding a note
explaining that if we someday do count directories, their size needs to be
attributed to the proper place.
This patch also includes a few cleanups/performance tweaks- avoid calling
strlen() on the mountpoint directory string as much by storing this size in
our mountpoint struct, and push the snprintf() call up to the calculate
functions since we were already doing it here in the remove case.
Signed-off-by: Dan McGee <dan@archlinux.org>
The overlapping code in _alpm_pkghash_add() and _alpm_pkghash_add_sorted()
are now in a new static function pkghash_add_pkg(). This function has a
third flag parameter which determines whether the package should be added in
sorted order.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
In sync_db_populate() and local_db_populate(), a NULL db->pkgcache is not
caught, allowing the functions to continue instead of exiting.
A later alpm_list_msort() call which uses alpm_list_nth() will thus traverse
invalid pointers in a non-existent db->pkgcache->list.
pm_errno is set to PM_ERR_MEMORY as _alpm_pkghash_create() will only return
NULL when we run out of memory / exceed max hash table size. The local/sync
db_populate() functions are also exited.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
When reading the "desc" file in _alpm_local_db_read(), some
strings are trimmed and checked for length > 0 before their
use/duplication subsequently. They are then trimmed again
when there is no need to.
The following code snippet should illustrate it clearly:
while(fgets(line, sizeof(line), fp) &&
strlen(_alpm_strtrim(line))) {
char *linedup;
STRDUP(linedup, _alpm_strtrim(line), goto error);
info->groups = alpm_list_add(info->groups, linedup);
}
This patch removes the redundant _alpm_strtrim() calls in
_alpm_local_db_read() such as the one inside the STRDUP shown
above.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
PM_ERR_WRITE is defined in alpm.h but not handled in
alpm_strerror(). This patch corrects that.
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
We located files in a few places but didn't check if they were files or
directories. Ensure they are actually files using stat() and S_ISREG(); this
showed itself when trying to download to the directory name itself in
FS#22645.
Signed-off-by: Dan McGee <dan@archlinux.org>
Rather than potentially move every item to the next NULL, attempt to move at
most one item at a time by iterating backwards from the NULL location in the
hash array. If we move an item, we repeat the process on the now shorter
"chain" until no more items need moving.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
This takes in the list and a list item, and does the pointer dance necessary
to remove it from the list regardless of whether it is first, last, or
somewhere in the middle. It is useful for callers that already know what
item needs to be removed and have a pointer to it rather than doing a search
by data that the plain alpm_list_remove() does.
Refactor alpm_list_remove() to use this function as well.
Signed-off-by: Dan McGee <dan@archlinux.org>
Fully removes a package from the hash. Also unify prototype with
removal from an alpm_list_t, fixing issues when removing a package
from the pkgcache.
Signed-off-by: Allan McRae <allan@archlinux.org>