1
0
mirror of https://github.com/moparisthebest/pacman synced 2024-11-10 19:45:01 -05:00
Commit Graph

4545 Commits

Author SHA1 Message Date
Dan McGee
98e0371ae3 Use the full buffer when computing md5/sha256 sums
No wonder these were slower than expected. We were only reading 4
(32-bit) or 8 (64-bit) bytes at a time and feeding it to the hash
functions. Define a buffer size constant and use it correctly so we feed
8K at a time into the hashing algorithm.

This cut one larger `-Sw --noconfirm` operation, with nothing to
actually download so only timing integrity, from 3.3s to 1.7s.

This has been broken since the original commit eba521913d introducing
OpenSSL usage for crypto hash functions. Boy do I feel stupid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:42 -05:00
Dan McGee
f66f9f11cd Fix memory leak in download payload->remote_name
In the sync code, we explicitly allocated a string for this field, while
in the dload code itself it was filled in with a pointer to another
string. This led to a memory leak in the sync download case.

Make remote_name non-const and always explicitly allocate it. This patch
ensures this as well as uses malloc + snprintf (rather than calloc) in
several codepaths, and eliminates the only use of PATH_MAX in the
download code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28 04:48:33 -05:00
Dan McGee
ea3c47825e Revert "libalpm: compare pkgname with strcoll"
This commit was made with the intent of displaying "correctly" sorted
package lists to users. Here are some reasons I think this is incorrect:

* It is done in the wrong place. If a frontend application wants to show
  a different order of packages dependent on locale, it should do that
  on its own.
* Even if one wants a locale-specific order, almost all package names
  are all ASCII and language agnostic, so this different comparison
  makes little sense and may serve only to confuse people.
* _alpm_pkg_cmp was unlike any other comparator function. None of the
  rest had any dependency on anything but the content of the structs
  being compared (e.g., they only used strcmp() or other basic
  comparison operators).

This reverts commit 3e4d2c3aa6.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 20:24:04 -05:00
Dan McGee
69962184bb _alpm_splitdep: use malloc instead of calloc
There was only one simple to handle case where we left a field
uninitialized; set it to NULL and use malloc() instead.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:52:38 -05:00
Dan McGee
d8fab9b441 be_sync: fetch only entry mode, not full stat struct
This saves a lot of unnecessary work since we don't need any of the
other fields in the stat struct.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:34 -05:00
Dan McGee
bf56fb6eb8 alpm_list: use malloc instead of calloc
In every case we were calling calloc, the struct we allocated (or the
memory to be used) is fully specified later in the method.

For alpm_list_t allocations, we always set all of data, next, and prev.

For list copying and transforming to an array, we always copy the entire
data element, so no need to zero it first.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 17:49:27 -05:00
Dave Reisner
619c3629ca makepkg: ensure '-' is last in a character glob
If '-' isn't the last item, it's interpreted as a range and not
literally, causing problematic behavior in parsing optdepends.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-27 11:35:17 -04:00
Dan McGee
e70d540501 pacman-key: use consistent punctuation in error messages
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:17:11 -05:00
Dan McGee
fa929e8258 Fix compilation using --without-gpgme
I'm really good at breaking this on a regular basis. If only we had some
sort of automated testing for this...

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:15:36 -05:00
Dan McGee
b242b2d050 Remove unnecessary logger
This is just a wrapper function; the real function we call logs an
almost identical line.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 09:08:01 -05:00
Dan McGee
47657107af Delay check for repository servers until we need them
In the sync download code, we added an early check in 6731d0a940 for
sync download server existence so we wouldn't show the same error over
and over for each file to be downloaded. Move this check into the
download block so we only run it if there are actually files that need
to be downloaded for this repository.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27 07:53:38 -05:00
Allan McRae
5e13b2b6af Avoid comparison between signed and unsigned types
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 23:04:09 -05:00
Dan McGee
80b0f27125 Ensure fileconflict value is actually a string
When we switched to a file object and not just a simple string, we missed an
update along the way here in target-target conflicts. This patch looks
large, but it really comes down to one errant (char *) cast before that has
been reworked to explicitly point to the alpm_file_t object. The rest is
simply code cleanup.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 17:36:29 -05:00
Dave Reisner
d1fc3aec4c bash_completion: add completion for pacman-key
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Dave Reisner
507b01b912 pacman-key: allow get_from to return a default value
Keep the non-zero return val to let the caller know that the key wasn't
found.

Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Dave Reisner
b6ccae2d18 pacman-key: simplify writing to config file
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Allan McRae
dd82b8d09f makepkg: normalize whitespace for optdepends in .PKGINFO
Many PKGBUILDs use formatting whitespace when specifying optdepends.
This is removed when adding a package to a repo-database so the
output of "pacman -Si <package>" and "pacman -Qip <package file>"
becomes inconsistent.  Instead, do the adjustment when creating
the .PKGINFO file.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Allan McRae
6adf502f0d makepkg: allow versioned optdepends with epoch
Allow the specification of versioned optdepends with an epoch.
This also (partially) enforces a whitespace between ":" and the
description which is required for the future optdepends parsing
code.

Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:19 -05:00
Dan McGee
d26d50e664 Revamp pacman signal handler
* All errors now go to stderr, so do the same here and simplify the
  writing of the error message.
* Add SIGHUP to the handled signal list, and don't repeat code.
* Attempt to release the transaction (e.g. remove the lock file)
  for all of HUP, INT, and TERM. Signals HUP and INT respects
  transaction state, TERM will immediately terminate the process.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26 16:02:12 -05:00
Dan McGee
2517ba3303 Update Doxyfile and fix some documentation errors caught by Doxygen
A few parameters were outdated or wrongly named, and a few things were
explicitly linked that Doxygen wasn't able to resolve.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:37:36 -05:00
Dan McGee
c406949226 Ensure database validity flags are set in invalid signature case
We returned the right error code but never set the flags accordingly.
Also, now that we can bail early, ensure we set the error code.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:11 -05:00
Dan McGee
1e0ed133f4 Handle key import errors correctly and with good error messages
This adds calls to gpgme_op_import_result() which we were not looking at
before to ensure the key was actually imported. Additionally, we do some
preemptive checks to ensure the keyring is even writable if we are going
to prompt the user to add things to it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:10 -05:00
Dan McGee
907e8af5be signing: be consistent with returning -1 for error cases
This also fixes a segfault found by dave when key_search is
unsuccessful; the key_search return code documentation has also been
updated to reflect reality.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 16:01:05 -05:00
Dan McGee
f1beb050a3 Update configure.ac version to rc2
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 12:08:35 -05:00
Dan McGee
43787d0067 Regenerate message catalogs and translations
We've had a bit of churn since the last time this was done.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:36:09 -05:00
Dan McGee
a78e3e3a23 Translation file updates from Transifex
Pick up any updates before I push new source messages out to the
service.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:35:31 -05:00
Dan McGee
1df9b2aa79 pacman-key: add an additional plain text 'foo-trusted' file
This is similar to the 'foo-revoked' file we had. This will be used to
inform the user what keys in the shipped keyring need to be explicitly
trusted by the user.

A distro such as Arch will likely have 3-4 master keys listed in this
trusted file, but an additional 25 developer keys present in the keyring
that the user shouldn't have to directly sign.

We use this list to prompt the user to sign the keys locally. If the key
is already signed locally gpg will print a bit of junk but will continue
without pestering the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
067721cbff pacman-key: factor out validate_with_gpg() method
This was copy-pasted code for the most part once the filename was
factored out.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
33685b960d pacman-key: remove holdkeys functionality
We're putting the cart ahead of the horse a bit here. Given that our
keyring is not one where everything is implicitly trusted (ala gpgv),
keeping or deleting a key has no bearing on its trusted status, only
whether we can actually verify things signed by said key.

If we need to address this down the road, we can find a solution that
works for the problem at hand rather than trying to solve it now before
signing is even widespread.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
595e1a437f pacman-key: implement promptless lsigning
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:45 -05:00
Dan McGee
7d961c849b pacman-key: disable, don't remove, revoked keys
Unlike our protégé apt-key, removing a key from our keyring is not
sufficient to prevent it from being trusted or used for verification. We
are better off flagging it as disabled and leaving it in the keyring so
it cannot be reimported or fetched at a later date from a keyserver and
continue to be used.

Implement the logic to disable the key instead of delete it, figuring
out --command-fd in the process.

Note that the surefire way to disable a key involves including said key
in the keyring package, such that it is both in foobar.gpg and
foobar-revoked.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:15:39 -05:00
Dan McGee
6767de5380 Add status and check for key being disabled
Because we aren't using gpgv and a dedicated keyring that is known to be
all safe, we should honor this flag being set on a given key in the
keyring to know to not honor it. This prevents a key from being
reimported that a user does not want to be used- instead of deleting,
one should mark it as disabled.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
213950afa3 pacman-key: simplify import in populate
This finishes the cleanup started in 710e83999b. We can do a straight
import from another keyring rather than all the funky parsing and piping
business we were doing.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
491b656c54 pacman-key: don't hide --verify details in populate
Otherwise we're hiding extremely relevant bits like this one:
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
03e1b4caa9 pacman-key: print message in populate if signature is missing
Rather than saying it was invalid, tell the user no signature exists.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
a7691ba6fd pacman-key: clean up populate output
* Ensure usage message is indented correctly
* Show short filenames for both the gpg keyring and revocation file

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:35 -05:00
Dan McGee
4b6a5ae159 pacman-key: ensure array iterations are quoted
When doing something like `pacman-key --edit-key 'Dan McGee'`, one would
expect it to work, and not fail.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:34 -05:00
Dan McGee
765178c5ba Implement PGP key search and import
Add two new static methods, key_search() and key_import(), to our
growing list of signing code.

If we come across a key we do not have, attempt to look it up remotely
and ask the user if they wish to import said key. If they do, flag the
validation process as a potential 'retry', meaning it might succeed the
next time it is ran.

These depend on you having a 'keyserver hkp://foo.example.com' line in
your gpg.conf file in your gnupg home directory to function.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:14:31 -05:00
Dan McGee
0ef7129a4a signing: document most undocumented functions
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 11:06:03 -05:00
Dan McGee
4849a4596d Add _alpm_process_siglist() logic to failed package validation
This moves the result processing out of the validation check loop itself
and into a new loop. Errors will be presented to the user one-by-one
after we fully complete the validation loop, so they no longer overlap
the progress bar.

Unlike the database validation, we may have several errors to process in
sequence here, so we use a function-scoped struct to track all the
necessary information between seeing an error and asking the user about
it.

The older prompt_to_delete() callback logic is still kept, but only for
checksum failures. It is debatable whether we should do this at all or
just delegate said actions to the user.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
0a4a5cea97 Add new import key question enum value and stub frontend function
This is for eventual use by the PGP key import code. Breaking this into
a separate commit now makes the following patches a bit easier to
understand.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:35:52 -05:00
Dan McGee
3e4749fe3e Fix signature printing in package info
pm_asprintf() does not return a length as asprintf() does. Fail. Make
sure it is not -1 as that is the only failure condition.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:34:07 -05:00
Dan McGee
361ed6a600 config parsing: add note if libcurl disabled and no XferCommand
Just a helpful warning for those users in this unenviable position.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:33:48 -05:00
Dan McGee
e4690232d6 config parsing: include file and line number in more errors
Before:
    $ pacman -Si pacman
    error: invalid value for 'SigLevel' : 'FooValue'

After:
    $ ./src/pacman/pacman -Si pacman
    error: config file /etc/pacman.conf, line 88: invalid value for 'SigLevel' : 'FooValue'

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:33:43 -05:00
Dan McGee
ca58e326dc Pull option names out of messages in config parsing
This allows some message reuse, as well as making it clear to
translators what *not* to translate.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:33:39 -05:00
Dan McGee
69694edd2c Check capabilities in SigLevel option parsing
Only allow turning it on if the backend library has support for it.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:39 -05:00
Dan McGee
d36d70d294 Add alpm_capabilities() method and enumeration
This allows a frontend program to query, at runtime, what the library
supports. This can be useful for sanity checking during config-
requiring a downloader or disallowing signature settings, for example.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:35 -05:00
Dan McGee
33f2518531 Move default siglevel value from backend to frontend
This takes the libraries hidden default out of the equation: hidden in
the sense that we can't even find out what it is until we create a
handle. This is a chicken-and-egg problem where we have probably already
parsed the config, so it is hard to get the bitmask value right.

Move it to the frontend so the caller can do whatever the heck they
want. This also exposes a shortcoming where the frontend doesn't know if
the library even supports signatures, so we should probably add a
alpm_capabilities() method which exposes things like HAS_DOWNLOADER,
HAS_SIGNATURES, etc.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:30 -05:00
Dan McGee
01f5c9e79a validate_deltas: split verify/check errors loops
This allows us to do all delta verification up front, followed by
whatever needs to be done with any found errors. In this case, we call
prompt_to_delete() for each error.

Add back the missing EVENT(ALPM_EVENT_DELTA_INTEGRITY_DONE) that
accidentally got removed in commit 062c391919.

Remove use of *data; we never even look at the stuff in this array for
the error code we were returning and this would be much better handled
by one callback per error anyway, or at least some strongly typed return
values.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:32:24 -05:00
Dan McGee
5e7875ae6a Fix possible segfault if siglist was empty
If siglist->results wasn't a NULL pointer, we would try to free it
anyway, even if siglist->count was zero. Only attempt to free this
pointer if we had results and the pointer is valid.

Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22 10:31:28 -05:00