1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-12-23 08:18:51 -05:00
Commit Graph

1997 Commits

Author SHA1 Message Date
Dan McGee
f66f9f11cd Fix memory leak in download payload->remote_name
In the sync code, we explicitly allocated a string for this field, while
in the dload code itself it was filled in with a pointer to another
string. This led to a memory leak in the sync download case.

Make remote_name non-const and always explicitly allocate it. This patch
ensures this as well as uses malloc + snprintf (rather than calloc) in
several codepaths, and eliminates the only use of PATH_MAX in the
download code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:33 -05:00
Dan McGee
ea3c47825e Revert "libalpm: compare pkgname with strcoll"
This commit was made with the intent of displaying "correctly" sorted
package lists to users. Here are some reasons I think this is incorrect:

* It is done in the wrong place. If a frontend application wants to show
  a different order of packages dependent on locale, it should do that
  on its own.
* Even if one wants a locale-specific order, almost all package names
  are all ASCII and language agnostic, so this different comparison
  makes little sense and may serve only to confuse people.
* _alpm_pkg_cmp was unlike any other comparator function. None of the
  rest had any dependency on anything but the content of the structs
  being compared (e.g., they only used strcmp() or other basic
  comparison operators).

This reverts commit 3e4d2c3aa6.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 20:24:04 -05:00
Dan McGee
69962184bb _alpm_splitdep: use malloc instead of calloc
There was only one simple to handle case where we left a field
uninitialized; set it to NULL and use malloc() instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:52:38 -05:00
Dan McGee
d8fab9b441 be_sync: fetch only entry mode, not full stat struct
This saves a lot of unnecessary work since we don't need any of the
other fields in the stat struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:34 -05:00
Dan McGee
bf56fb6eb8 alpm_list: use malloc instead of calloc
In every case we were calling calloc, the struct we allocated (or the
memory to be used) is fully specified later in the method.

For alpm_list_t allocations, we always set all of data, next, and prev.

For list copying and transforming to an array, we always copy the entire
data element, so no need to zero it first.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:27 -05:00
Dan McGee
fa929e8258 Fix compilation using --without-gpgme
I'm really good at breaking this on a regular basis. If only we had some
sort of automated testing for this...

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:15:36 -05:00
Dan McGee
b242b2d050 Remove unnecessary logger
This is just a wrapper function; the real function we call logs an
almost identical line.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:08:01 -05:00
Dan McGee
47657107af Delay check for repository servers until we need them
In the sync download code, we added an early check in 6731d0a940 for
sync download server existence so we wouldn't show the same error over
and over for each file to be downloaded. Move this check into the
download block so we only run it if there are actually files that need
to be downloaded for this repository.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 07:53:38 -05:00
Dan McGee
80b0f27125 Ensure fileconflict value is actually a string
When we switched to a file object and not just a simple string, we missed an
update along the way here in target-target conflicts. This patch looks
large, but it really comes down to one errant (char *) cast before that has
been reworked to explicitly point to the alpm_file_t object. The rest is
simply code cleanup.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 17:36:29 -05:00
Dan McGee
2517ba3303 Update Doxyfile and fix some documentation errors caught by Doxygen
A few parameters were outdated or wrongly named, and a few things were
explicitly linked that Doxygen wasn't able to resolve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:37:36 -05:00
Dan McGee
c406949226 Ensure database validity flags are set in invalid signature case
We returned the right error code but never set the flags accordingly.
Also, now that we can bail early, ensure we set the error code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:11 -05:00
Dan McGee
1e0ed133f4 Handle key import errors correctly and with good error messages
This adds calls to gpgme_op_import_result() which we were not looking at
before to ensure the key was actually imported. Additionally, we do some
preemptive checks to ensure the keyring is even writable if we are going
to prompt the user to add things to it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:10 -05:00
Dan McGee
907e8af5be signing: be consistent with returning -1 for error cases
This also fixes a segfault found by dave when key_search is
unsuccessful; the key_search return code documentation has also been
updated to reflect reality.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:05 -05:00
Dan McGee
43787d0067 Regenerate message catalogs and translations
We've had a bit of churn since the last time this was done.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:36:09 -05:00
Dan McGee
a78e3e3a23 Translation file updates from Transifex
Pick up any updates before I push new source messages out to the
service.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:35:31 -05:00
Dan McGee
6767de5380 Add status and check for key being disabled
Because we aren't using gpgv and a dedicated keyring that is known to be
all safe, we should honor this flag being set on a given key in the
keyring to know to not honor it. This prevents a key from being
reimported that a user does not want to be used- instead of deleting,
one should mark it as disabled.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
765178c5ba Implement PGP key search and import
Add two new static methods, key_search() and key_import(), to our
growing list of signing code.

If we come across a key we do not have, attempt to look it up remotely
and ask the user if they wish to import said key. If they do, flag the
validation process as a potential 'retry', meaning it might succeed the
next time it is ran.

These depend on you having a 'keyserver hkp://foo.example.com' line in
your gpg.conf file in your gnupg home directory to function.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:31 -05:00
Dan McGee
0ef7129a4a signing: document most undocumented functions
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:06:03 -05:00
Dan McGee
4849a4596d Add _alpm_process_siglist() logic to failed package validation
This moves the result processing out of the validation check loop itself
and into a new loop. Errors will be presented to the user one-by-one
after we fully complete the validation loop, so they no longer overlap
the progress bar.

Unlike the database validation, we may have several errors to process in
sequence here, so we use a function-scoped struct to track all the
necessary information between seeing an error and asking the user about
it.

The older prompt_to_delete() callback logic is still kept, but only for
checksum failures. It is debatable whether we should do this at all or
just delegate said actions to the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
0a4a5cea97 Add new import key question enum value and stub frontend function
This is for eventual use by the PGP key import code. Breaking this into
a separate commit now makes the following patches a bit easier to
understand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
d36d70d294 Add alpm_capabilities() method and enumeration
This allows a frontend program to query, at runtime, what the library
supports. This can be useful for sanity checking during config-
requiring a downloader or disallowing signature settings, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:35 -05:00
Dan McGee
33f2518531 Move default siglevel value from backend to frontend
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.

Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:30 -05:00
Dan McGee
01f5c9e79a validate_deltas: split verify/check errors loops
This allows us to do all delta verification up front, followed by
whatever needs to be done with any found errors. In this case, we call
prompt_to_delete() for each error.

Add back the missing EVENT(ALPM_EVENT_DELTA_INTEGRITY_DONE) that
accidentally got removed in commit 062c391919.

Remove use of *data; we never even look at the stuff in this array for
the error code we were returning and this would be much better handled
by one callback per error anyway, or at least some strongly typed return
values.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:24 -05:00
Dan McGee
5e7875ae6a Fix possible segfault if siglist was empty
If siglist->results wasn't a NULL pointer, we would try to free it
anyway, even if siglist->count was zero. Only attempt to free this
pointer if we had results and the pointer is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:31:28 -05:00
Dan McGee
3a460a8be6 Remove noisy debug logger
This one can be overwhelming when reading debug output from a very large
package. We already have the output of each extracted file so we
probably can do without this in 99.9% of cases.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-21 13:02:35 -05:00
Dan McGee
8375ad214a _alpm_sync_commit: extract two static methods
This adds two new static methods, check_validity() and load_packages(),
to sync.c which are simply code fragments pulled out of our
do-everything sync commit code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
b7ebacc576 Pass package signature data up one more level
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
ec790ced7c signing: add a process and retry loop for database signatures
In reality, there is no retrying that happens as of now because we don't
have any import or changing of the keyring going on, but the code is set
up so we can drop this in our new _alpm_process_siglist() function. Wire
up the basics to the sync database validation code, so we see something
like the following:

    $ pacman -Ss unknowntrust
    error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust
    error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust
    error: database 'core' is not valid (invalid or corrupted database (PGP signature))

    $ pacman -Ss missingsig
    error: core: missing required signature
    error: core: missing required signature
    error: database 'core' is not valid (invalid or corrupted database (PGP signature))

Yes, there is some double output, but this should be fixable in the
future.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
994cb4da4f Allow our PGP helper method to pass back the signature results
This will make its way up the call chain eventually to allow trusting
and importing of keys as necessary.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
a27f993600 Split package validation and load loops
This adds a some new callback event and progress codes for package
loading, which was formerly bundled in with package validation before.
The main sync.c loop where loading occurred is now two loops running
sequentially. The behavior should not change with this patch outside of
progress and event display; more changes will come in following patches.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
afdbfc05f7 Extract an _alpm_pkg_validate_internal() method
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of
the method that dealt with checksum and signature validation into a
separate method that should be called before one loads a package to
ensure it is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:11 -05:00
Dan McGee
79cbce60ac Remove all usages of alpm_list_getdata() from the library
No need for the indirection; just access ->data instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
70e2c34f0f _alpm_runscriptlet(): remove clean_tmpdir variable
This is always true at the end since we return early if we couldn't
create the tmpdir, so it is totally unnecessary.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
3796164848 Access db->pkgcache directly in db_free_pkgcache()
We shouldn't be going through the accessor that does a bunch of
unnecessary legwork, including potentially loading the pkgcache right
before we free it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20 10:23:10 -05:00
Dan McGee
288a81d847 Use more efficient way of restoring working directory
Rather than using a string-based path, we can restore the working
directory via a file descriptor and use of fchdir().

From the getcwd manpage:
    Opening the current directory (".") and calling fchdir(2) to
    return is usually a faster and more reliable alternative when
    sufficiently many file descriptors are available.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 14:11:08 -05:00
Dan McGee
bfe36c2ddf Reduce path allocation on the stack in local database
We did a lot of both malloc-ing and stack printing to form some paths in
this code. Attempt to unify it all into the one get_pkgpath() method by
adding an optional third "filename" parameter, and form the necessary
path string all in one go.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:43:13 -05:00
Dan McGee
e1899cbc64 Be smarter about running ldconfig during removal transactions
1. Don't run it if something failed in package removal- this mirrors
what we already do in sync transactions.
2. Don't run it if we are invoking it for the replaces removal bit of a
sync transaction- it doesn't make sense to run ldconfig halfway through
a sync install; we should only run it once at the end.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:18:42 -05:00
Dan McGee
a94ad29740 Search for non-prefixed paths in skip_remove list
We add them to this list with the root path not appended; we should be
searching for them this way as well.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19 13:17:16 -05:00
Dan McGee
41d8deff88 be_local: cope with a desc file without trailing newline
We checked the (fgets == NULL and !feof) case, but never actually bailed
out of the loop if we were at the end of the file, causing infinite
looping.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:32:15 -05:00
Dan McGee
86d9fcbfff Remove const specifier from changelog_read() void parameter
This shouldn't really be declared with const, and causes a compile error
when -Wcast-qual is used. Remove the const specifier from the function
specification and all implementations.

Also fix one other trivial -Wcast-qual warning in _alpm_db_cmp().

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:11:39 -05:00
Dan McGee
69a3558b75 Remove dead changelog_feof() code
We never ended up using or really needing this; kill it for now knowing
it is in git history if ever needed again.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 17:03:56 -05:00
Dave Reisner
07e89c1e5d dload: avoid using memrchr
This function doesn't exist on OSX. Since there aren't any other
candidates in alpm for which this function would make sense to use,
simply replace the function call with a loop that does the equivalent.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 16:57:59 -05:00
Dan McGee
52c65fdfea Ensure entire struct is zeroed in _alpm_parsedate()
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 16:57:26 -05:00
Dave Reisner
223a92ca9d dload: remove user:pass@ definition from hostname
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18 15:35:58 -05:00
Dan McGee
a7d7798032 Fix build without gpgme
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18 15:34:28 -05:00
Dave Reisner
3905ada993 account for partial delta files in download size
Similar to an earlier commit which accounts for .part files for full
packages, calculate the download_size for deltas keeping mind the
possibility of a partial transfer.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:10:48 -05:00
Dave Reisner
d8eacae7bc make compute_download_size consider .part files
Check for the existance of a partial download of a package file before
jumping to delta calculations. Currently, if there were 10MiB remaining
in a 100MiB the values passed to the front end do not reflect this.

Refactored from an old patch originally by Dan.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:09:04 -05:00
Dave Reisner
befddfc3e6 dload: provide optional netrc support
if ~/.netrc exists and has credentials for the hostname requested in a
download, they will be provided in an http auth request. This can still
be overridden by explcitly declaring user:pass in the URL.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-11 19:07:25 -05:00
Dave Reisner
db70c9da15 diskspace: fix memory leak on root mount not found
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-08 14:18:19 -05:00
Dan McGee
8ffa2b24a5 Use more correct integer types in diskspace checks
This adjusts type usage to match POSIX provided types from
<sys/types.h> rather than assuming everything will fit in a long or
unsigned long. Use fsblkcnt_t (unsigned) and blkcnt_t (signed) as
appropriate. These are affected the same way off_t is on 32 bit
platforms, where the types are extende to 64 bits if large file support
is enabled.

Because most numbers here are block counts, this isn't
near as pressing as using a 32-bit variable for file sizes where
anything over 2GiB can burn you; we likely can support files at least
512 but mainly 4096 times larger.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-07 21:05:04 -05:00