We've unofficially agreed to raise our minimum supported bash version to
4.1, and since added features that require it. Additionally, an earlier
commit adds a syntax check to the builds of scripts/ and contrib/ which
could conceivably fail with an earlier shell. Therefore, make this a
hard requirement of the build process.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Use the no-exec mode of $(BASH_SHELL) to check for syntax errors in
shell scripts. Since we use the extglob feature in various places, this
requires that we pass -O extglob to the shell as well, to ensure that
the parser is armed to handle this syntax.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
For consistency with the scripts/ directory, ensure that all bash
scripts use the same pre-build suffix.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Treat bash scripts separately from the others to allow for a different
build rule, which is reused from the scripts/ subdir.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Perform a search for keys that clearly aren't key IDs. This allows
receiving keys by name or email address, but only if the key resolves
unambiguously.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Loop through arguments passed to verify_sig and treat each as a
signature to be verified against a source file. Output each file as its
checked to avoid ambiguity.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
- only do file completion for options which expect files
- add completion for possible key ids when a relevant operation is in
COMPWORDS.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This requires an ugly amount of reworking of how pacman-key handles
options. The change simply to avoid passing keys, files, and directories
as arguments to options, but to leave them as arguments to the overall
program. This is reasonable since pacman-key limits the user to
essentially one operation per invocation (like pacman).
Since we now pass around the positional parameters to the various
operations, we can add some better sanity checking. Each operation is
responsible for testing input and making sure it can operate properly,
otherwise it throws an error and exits.
The doc is updated to reflect this, and uses similar verbiage as pacman,
describing the non-option arguments now passed to pacman-key as targets.
Similar to the doc, --help is reorganized to separate operations and
options and remove argument tokens from operations.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This will replace our current options parser used in pacman-key,
makepkg, and ideally elsewhere. It follows heuristics closer to that of
GNU getopt long (and thus pacman itself), with the exception that it
does not allow for options with optional arguments. Due to the way this
parser will be used, this sort of functionality will not be needed.
Instead of relying on eval+set, options are normalized into an array,
OPTRET, which callers should expect to be populated after returning from
parseopts. This avoids problems with quotes and spaces in arguments,
assuming that the user quotes properly when passing into the
application.
A new test harness for parseopts is added in test/scripts.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
We're not linking to libssl, only libcrypto. -Wl,--as-needed will get
rid of this, but there's no sense in checking for and linking against a
library we don't need.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This removes some unnecessary quotes and adds quotes in a few places to
hopefully work correctly if the tempdir has spaces.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
Big deltas or deltas for very small packages are not needed so we should
check that and not generate any.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Dan McGee <dan@archlinux.org>
This is a vestige leftover from the rewrite over a year ago in
622e7fdd4.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This has outlived its usefulness and causes more problems than it
solves. It has historically only ever been used to install pacman first.
That should not be needed given we provide the vercmp utility (which has
no library dependencies) and so calling pacman in install scripts is a
sign of poor packaging.
Work-duplicated-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Detected by clang scan-build static code analyzer.
* Don't attempt to free an uninitialized gpgme key variable
* Initialize answer variable before asking frontend a question
* Pass by reference instead of value if uninitialized fields are
possible in download signal handler code
* Ensure we never call strlen() on NULL payload->remote_name value
Signed-off-by: Dan McGee <dan@archlinux.org>
Not sure why this one wasn't showing up on x86_64, but this fixes the
compile on i686.
diskspace.c: In function 'calculate_removed_size':
diskspace.c:247:4: error: assuming signed overflow does not occur when negating a division [-Werror=strict-overflow]
cc1: all warnings being treated as errors
Signed-off-by: Dan McGee <dan@archlinux.org>
If the PKGBUILD isn't writeable for devel_update, throw a warning
instead of silently ignoring it. Some logical reordering is present in
this patch to reduce the number of nested if's.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
It's expected that this will lead to unwanted behavior, and needs
widespread testing. It's desirable to commit this for a few reasons:
- there's no reason we can't do our own error checking for code that we
write.
- it avoids the need for ||true hacks scattered about in the code.
- it makes us immune to upstream changes in exit codes (FS#28248)
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
This fixes a bunch of small issues in order to enable a clean
successful build with a crazy number of GCC warning flags. A lot of
these changes are covered by -Wshadow, -Wformat-security, and
-Wstrict-overflow=5.
Signed-off-by: Dan McGee <dan@archlinux.org>
- Use LT_INIT over AC_PROG_LIBTOOL, as the latter is a deprecated alias
for the former.
- Remove redundant macros which are called implicitly by LT_INIT.
- Remove unneeded AC_PROG_CXX call (we don't use c++ anywhere)
- Add AC_CONFIG_MACRO_DIR([m4]) -- not strictly necessary, but added for
consistency with autogen.sh and Makefile.am
ref: http://www.gnu.org/software/libtool/manual/html_node/LT_005fINIT.html
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Continue the trend of not touching the environment CFLAGS, ensuring that
the user always has the final say.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
- handle gpgme libs and cflags separately rather than appending to
CFLAGS and LDFLAGS
- be consistent in AC_LINK_IFELSE check for gpgme 1.3.0 (though this is
irrelephant since we don't actually run)
- be consistent with usage of "have" and "with" variables (this
actually ends up reducing SLOC)
- when voluntary detection fails, unset GPGME_CFLAGS and GPGME_LIBS
- when requested support fails the version check, complain about the min
version.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Extend our grep pattern to match TRUST_ULTIMATE, not just TRUST_FULLY,
as these keys are to be trusted as well.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
Make these functions more whitespace space by treating newlines as the
element delimiter rather than every form of whitespace.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>