1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-13 21:05:05 -05:00
Commit Graph

117 Commits

Author SHA1 Message Date
Dave Reisner
eb19d41d5f do not check error from close(2)
On operating systems we support, the behavior is always such that the
kernel will do the right thing as far as invalidating the file
descriptor, regardless of the eventual return value. Therefore,
potentially looping and calling close multiple times is wrong.

At best, we call close again on an invalid FD and throw a spurious EBADF
error. At worst, we might close an FD which doesn't belong to us when a
multi-threaded application opens its own file descriptor between
iterations of the loop.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-07-05 14:32:23 +10:00
Allan McRae
dc08eca368 Improve error message when package is missing required signature
When attempting to install a package (either via -S or -U) and the
signature is missing, the current error message "invalid or corrupted
package (PGP signature)" is very unclear.  Instead inform the user
that the package is missing the required signature.

Partial fix for FS#34741.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-05-29 14:08:03 +10:00
Anatol Pomozov
769facca22 Fix spelling errors using 'codespell' tool
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-04-18 13:20:13 +10:00
Andrew Gregory
d5a5a6b512 fix style violations
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-16 11:06:43 +10:00
Allan McRae
5f5469c774 Import key if needed when installing package from file
When installing a package with "pacman -U" that has a detached
signature, check if the needed key is in the keyring and download
if necessary.

Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09 12:43:37 +10:00
Dave Reisner
e1e4bbb79d Use libarchive compat header for relevant symbols
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29 13:37:32 +10:00
Gerardo Exequiel Pozzi
86eefc1a3a Fix space between control structure and open parens
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-04 21:49:38 +10:00
Allan McRae
1dd3405813 Update copyright year for 2013
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03 12:03:09 +10:00
Dan McGee
72d3713cc7 Move filelist functions into separate source file
We have a few of these and might as well gather them together. This also
cleans up the code a bit by using an enum instead of integer values, as
well as makes a "search for file in filelist" function public so
frontends can do better than straight linear search of the filelists.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-08-02 09:39:08 -05:00
Dave Reisner
8fe383860e lib/be_package: use qsort instead of our own msort
On the assumption that these arrays are already mostly sorted, use the
standard quicksort method to sort the files arrays. The files_msort
function name is tweaked to give it a more general name to reflect this
change.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-08-01 08:53:10 -05:00
Dave Reisner
f556fe8b4a add line length parameter to _alpm_strip_newline
If known, callers can pass the line size to this function in order to
avoid an strlen call. Otherwise, they simply pass 0 and
_alpm_strip_newline will do the call instead.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-06-25 23:04:31 -05:00
Dan McGee
5a9f5c60da Convert ALLOC_FAIL macro into a function
This path is rarely (read: never) taken in any normal run of the code,
so injecting the fprintf() call everywhere with the macro is a bit
overkill. Instead, add a lightweight _alpm_alloc_fail() function that
gets called instead.

This does have a reasonable effect on the size of the generated code;
most places using the macros provided by util.c have their code size
reduced.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-29 23:40:06 -05:00
Allan McRae
3be02aa27c Prefix alpm_pkgfrom_t members with ALPM_
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07 11:29:55 -05:00
Dan McGee
42d408e0c2 Return more useful error codes on package open failures
Failure isn't always due to the package file location not existing;
permission issues can also play a part on something like a FUSE-based
filesystem inaccessible to root.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07 11:29:11 -05:00
Dan McGee
8de0631edb Merge branch 'maint'
Conflicts:
	lib/libalpm/be_package.c
2012-03-08 18:08:15 -06:00
Allan McRae
4773c6b66e Remove _alpm_csum
The enum alpm_pkgvalidation_t is essentially a more generic version
of _alpm_csum, so use it instead.

Signed-off-by: Allan McRae <allan@archlinux.org>
2012-03-08 17:59:13 -06:00
Allan McRae
5c404268d9 Add information on how an installed package was validated
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.

e.g.
Validated By   : SHA256 Sum

Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.

Dan: just a few very minor tweaks.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-08 17:58:04 -06:00
Benedikt Morbach
e85e77e6f9 Hook new optdepend structures up
No new behaviour introduced, everything should work exactly as before.

Dan: refactored to use the single alpm_depend_t structure.

Signed-off-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-08 17:26:46 -06:00
Dan McGee
986e99a613 Fix a potential memory leak in filelist creation
If we begin to create a file list when loading a package, but abort
because of an error to one of our goto labels, the memory used to create
the file list will leak. This is because we use a set of local variables
to hold the data, and thus _alpm_pkg_free() cannot clean up for us.

Use the file list struct on the package object as much as possible to
keep state when building the file list, thus allowing _alpm_pkg_free()
to clean up any partially built data.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05 11:44:34 -06:00
Dan McGee
4b384b7f0b Fix a memory leak when loading an invalid package
This is easily triggered via a `pacman -Sc` operation when it attempts
to open a delta file as a package- we end up leaking loads of memory
due to us never freeing the archive object. When you have upwards of
1200 delta files in your sync database directory, this results in a
memory leak of nearly 1.5 MiB.

Also fix another memory leak noticed at the same time- we need to call
the internal _alpm_pkg_free() function, as without the origin data being
set the public free function will do nothing.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05 11:44:34 -06:00
Allan McRae
326c6a8eed Update copyright years
Add 2012 to the copyright range for all libalpm and pacman source files.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-20 16:54:34 -06:00
Florian Pritz
20a16f55b3 use _alpm_access in a few more places for increased debugging info
pacman -U <pkg> returns a bogus "could not find or read package" if the
file is on a fuse file system that doesn't allow root access. Debug
output isn't very helpful here either so we should log why the access
check failed.

The other 2 checks already log something when failing so logging a more
specific error won't hurt either.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-13 10:02:02 -06:00
Dan McGee
7f51ba99ae Fix segfaults on opening invalid archive files
"invalid" in this case simply means files that may or may not be
archives. Discovered via a `pacman -Sc` operation with delta files in
the package cache directory, but can be triggered if any file is passed
to `pacman -Ql` that isn't an archive, for instance, or if the sync
database file is not an archive.

Fix it up so we are more careful about calling archive_read_finish()
only on archives that are valid and have not already been closed, and
teach our archive open function to set the returned archive to NULL if
we aren't going to be returning something valid anyway.

Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-08 11:53:22 -06:00
Allan McRae
29e94dc065 be_package.c: fix compiler warning
be_package.c: In function 'parse_descfile':
be_package.c:181:28: error: comparison between signed and unsigned
integer expressions [-Werror=sign-compare]

ptr - key + 2 is guaranteed to be > 0 so we can cast to size_t

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-02 12:58:51 -06:00
Dan McGee
a7cb150931 be_package: be more explicit parsing key/value pairs
This eliminates the need for strtrim() usage completely, instead relying
on the fact that the only allowed delimiter between key and value is the
" = " string.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-23 14:37:03 -06:00
Dave Reisner
d6ccd44390 include config.h via Makefiles
Ensures that config.h is always ordered correctly (first) in the
includes. Also means that new source files get this for free without
having to remember to add it.

We opt for -imacros over -include as its more portable, and the
added constraint by -imacros doesn't bother us for config.h.

This also touches the HACKING file to remove the explicit mention of
config.h as part of the includes.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-21 18:13:17 -06:00
Dan McGee
dee8144ce5 Add helper method for creating and opening archive object
This moves the common setup code of about 5 different callers into one
method. Error messages will now be common and shared in all places;
several paths did not have any messages at all before.

In addition, we now pick an ideal block size for the archive read based
off the larger value of our default buffer size or the st.st_blksize
field. For a filesystem such as NFS, this is often much larger than the
default 8192- values such as 32768 and 131072 are common.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-16 14:51:06 -06:00
Dan McGee
6df558177f Convert package and database archive reads to use file descriptors
This gives us a bit more control and over the archive reading process,
and a bit less is done behind the scenes. It also allows us to use
fstat() in preference to stat(), which should avoid some potential race
conditions.

Some reorganization is necessary to move the stat calls after the open()
calls. Error handling and cleanup in general is also improved, as we had
several potential memory and file handle leaks before in some error
paths.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-01 10:27:31 -05:00
Dan McGee
3343185473 Introduce ALPM_BUFFER_SIZE constant
This takes the place of three previously used constants:
ARCHIVE_DEFAULT_BYTES_PER_BLOCK, BUFFER_SIZE, and CPBUFSIZE.

In libarchive 3.0, the first constant will be no more, so we can ensure
we are forward-compatible by removing our usage of it now. The rest are
unified for consistency.

By default, we will use the value of BUFSIZ provided by <stdio.h>, which
is 8192 on Linux. If that is undefined, a default value is provided.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-27 14:59:24 -05:00
Dan McGee
7a6b01d46c Don't realloc a 0-length files array when loading packages
There is some pecular behavior going on here when a package is loaded
that has no files, as is very common in our test suite. When we enter
the realloc/sort code, a package without files will call the following:

    files = realloc(NULL, 0);

One would assume this is a no-op, returning a NULL pointer, but that is
not the case and valgrind later reports we are leaking memory. Fix the
whole thing by skipping the reallocation and sort steps if the pointer
is NULL, as we have nothing to do.

Note that the package still gets marked as 'files loaded', becuase
although there were none, we tried and were successful.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-26 15:44:55 -05:00
Dan McGee
4849a4596d Add _alpm_process_siglist() logic to failed package validation
This moves the result processing out of the validation check loop itself
and into a new loop. Errors will be presented to the user one-by-one
after we fully complete the validation loop, so they no longer overlap
the progress bar.

Unlike the database validation, we may have several errors to process in
sequence here, so we use a function-scoped struct to track all the
necessary information between seeing an error and asking the user about
it.

The older prompt_to_delete() callback logic is still kept, but only for
checksum failures. It is debatable whether we should do this at all or
just delegate said actions to the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
b7ebacc576 Pass package signature data up one more level
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
994cb4da4f Allow our PGP helper method to pass back the signature results
This will make its way up the call chain eventually to allow trusting
and importing of keys as necessary.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
afdbfc05f7 Extract an _alpm_pkg_validate_internal() method
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of
the method that dealt with checksum and signature validation into a
separate method that should be called before one loads a package to
ensure it is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
86d9fcbfff Remove const specifier from changelog_read() void parameter
This shouldn't really be declared with const, and causes a compile error
when -Wcast-qual is used. Remove the const specifier from the function
specification and all implementations.

Also fix one other trivial -Wcast-qual warning in _alpm_db_cmp().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:11:39 -05:00
Dan McGee
3e08614fda Ensure PackageRequired works as expected
Changes in commit dc3336c277 caused this to stop working as expected for
sync packages, due to the way the logic is structured. Ensure we always
enter the signature code if the bitflag is flipped on to check
signatures for packages. Rename 'use_sig' to 'has_sig' for clarity.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-07 20:51:35 -05:00
Dan McGee
234b6ffc2c Parse > 2GiB file sizes correctly
We were using atol(), which on 32 bit, cannot handle values greater than
2GiB, which is fail.

Switch to a strtoull() wrapper function tailored toward parsing off_t
values. This allows parsing of very large positive integer values. off_t
is a signed type, but in our usages, we never parse or have a need for
negative values, so the function will return -1 on error.

Before:
    $ pacman -Si flightgear-data | grep Size
    Download Size  : 2097152.00 K
    Installed Size : 2097152.00 K

After:
    $ ./src/pacman/pacman -Si flightgear-data | grep Size
    Download Size  : 2312592.52 KiB
    Installed Size : 5402896.00 KiB

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-29 19:57:05 -05:00
Dan McGee
2cfcc874b9 Better error handling out of package load method
There are many other ways to fail a package load other than "file not
found". We should also use the correct error code in this case. Clean it
up a bit in the various callers.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:41 -05:00
Dan McGee
dc3336c277 Refactor some args out of pkg_load_internal
Just pass the entire sync package in if we have it; that way we can do
any necessary operations involving it rather than have a parameter list
growing endlessly.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-28 19:52:19 -05:00
Dan McGee
e1dce078b2 Remove argument from check_pgp_helper
This one wasn't all that necessary as we only used it in one place in
the function, which can be checked easily enough at the call site.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-25 16:12:49 -05:00
Dan McGee
11f4a7a48e Only check necessary signatures and checksums
The precedence goes as follows: signature > sha256sum > md5sum

Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 15:15:11 -05:00
Dan McGee
a628feee46 Parse conflicts/provides/replaces at database load time
We did this with depends way back in commit c244cfecf6 in 2007. We
can do it with these fields as well.

Of note is the inclusion of provides even though only '=' is supported-
we'll parse other things, but no guarantees are given as to behavior,
which is more or less similar to before since we only looked for the
equals sign.

Also of note is the non-inclusion of optdepends; this will likely be
resolved down the road.

The biggest benefactors of this change will be the resolving code that
formerly had to parse and reparse several of these fields; it only
happens once now at load time. This does lead to the disadvantage that
we will now always be parsing this information up front even if we never
need it in the split form, but as these are uncommon fields and our
parser is quite efficient it shouldn't be a big concern.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:56:41 -05:00
Dan McGee
bd5ec9cd8e Validate the sha256sum if available
Adjust load_internal() to check the sha256sum value if we have it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15 12:13:35 -05:00
Dan McGee
9d09c9fdf7 Attempt to fix up some of the brokenness around failed package loads
This is a bit of a mess, due to the fact that we have a progress meter
running. It is also ironic that we are in the midst of a method named
"commit" when we haven't done a damn thing yet, and can still fail hard
if either a checksum or signature is invalid or unrecognized.

Adapt the former test_md5sum method to be invoked for any of the various
failure types, which at least gives the user some indication of what
packages are failing. A second patch will be needed to actually show
worthwhile error codes, but this is going to involve modifying the
actual data passed with the callback.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 19:42:52 -05:00
Dan McGee
ef4757afa5 Store a package info level flag if we fail to load data
If we are missing a local database file, we get repeated messages over
and over telling us the same thing, rather than being sane and erroring
only once. This package adds an INFRQ_ERROR level that is added to the
mask if we encounter any errors on a local_db_read() operation, and
short circuits future calls if found in the value. This fixes FS#25313.

Note that this does not make any behavior changes other than suppressing
error messages and repeated code calls to failure cases; we still have
more to do in the "local database is hosed" department.

Also make a small update to the wrong but unused flags set in
be_package; using INFRQ_ALL there was not totally correct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08 16:56:48 -05:00
Dan McGee
cbaff216b3 Don't trim whitespace when reading database entries
We don't write with extra or unknown whitespace, so there is little
reason for us to trim it when reading either. This also fixes the
hopefully never encountered "paths that start or end with spaces" issue,
for which two pactests have been added. The tests also contain other
evil characters that we have encountered before and handle just fine,
but it doesn't hurt to ensure we don't break such support in the future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-02 08:20:34 -04:00
Dan McGee
bb3dada871 Convert package filelists to an array instead of linked list
This accomplishes quite a few things with one rather invasive change.

1. Iteration is much more performant, due to a reduction in pointer
   chasing and linear item access.
2. Data structures are smaller- we no longer have the overhead of the
   linked list as the file struts are now laid out consecutively in
   memory.
3. Memory allocation has been massively reworked. Before, we would
   allocate three different pieces of memory per file item- the list
   struct, the file struct, and the copied filename. What this resulted
   in was massive fragmentation of memory when loading filelists since
   the memory allocator had to leave holes all over the place. The new
   situation here now removes the need for any list item allocation;
   allocates the file structs in contiguous memory (and reallocs as
   necessary), leaving only the strings as individually allocated. Tests
   using valgrind (massif) show some pretty significant memory
   reductions on the worst case `pacman -Ql > /dev/null` (366387 files
   on my machine):

   Before:
     Peak heap:   54,416,024 B
	 Useful heap: 36,840,692 B
	 Extra heap:  17,575,332 B

   After:
     Peak heap:   38,004,352 B
	 Useful heap: 28,101,347 B
	 Extra heap:   9,903,005 B

Several small helper methods have been introduced, including a list to
array conversion helper as well as a filelist merge sort that works
directly on arrays.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-21 15:04:30 -05:00
Dan McGee
7af0ab1cde signing: move to new signing verification and return scheme
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.

* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
  a simple integer success/failure value. This allows callers to
  determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
  returned status code; pm_errno is now set only to PKG_INVALID_SIG or
  DB_INVALID_SIG as appropriate.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05 10:13:20 -05:00
Dan McGee
1ce7f39ad7 Merge remote-tracking branch 'allan/ALPM'
Conflicts:
	lib/libalpm/be_local.c
	lib/libalpm/be_package.c
	lib/libalpm/conflict.c
	lib/libalpm/diskspace.c
	lib/libalpm/dload.c
	lib/libalpm/remove.c
2011-07-03 14:44:57 -05:00
Dan McGee
6a6fc3107f Move alpm filelists to a struct object
This allows us to capture size and mode data when building filelists
from package files. Future patches will take advantage of this newly
available information, and frontends can use it as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03 14:29:30 -05:00