summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2011-03-28Create pacman keyring directory if missingRay Kohler1-1/+6
Use mode 755, so non-root users can see inside. Add "--no-permission-warning" to GPG_PACMAN to suppress the noise that otherwise comes of not using mode 700 - this is not private data. GPGme turns out not to issue this warning itself, so no problem there. TODO: should non-root users be allowed to use the read-only operations (--list, --export, --finger)? Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Documentation formatting updatesDan McGee3-11/+11
Be consistent in the Synopsis and Description sections with the use of quotes around command names. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Add manpage for pkgdeltaRay Kohler4-0/+48
Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Update repo-add manpageRay Kohler1-19/+27
Add -v, mention delta support (other than -d), and split repo-add-specific options out from those common to repo-add and repo-remove. Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Clean up repo-add usage messageRay Kohler1-18/+25
This now includes -s and -v, tailors itself to the current command, and is formatted more like that of other pacman commands. Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Temporary fix for new warnings from gcc 4.6Dan McGee2-2/+4
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Merge branch 'maint'Dan McGee5-108/+113
Conflicts: lib/libalpm/deps.c
2011-03-28Sign database even if emptyRay Kohler1-1/+2
Move the create_signature() call outside the case of non-empty databases, so it will be called regardless. Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28makepkg: allow PKGEXT and SRCEXT to be overridden by env variablesRay Kohler1-0/+4
Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Rely on the return value of type instead of its outputDave Reisner4-6/+6
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: abstract out helper function to set utimesDave Reisner1-22/+22
This greatly simplifies the cleanup fallthrough in our download function and we'll be able to reuse this for signatures. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: remove proxy debug outputDave Reisner1-6/+0
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: code simplificationDave Reisner1-11/+8
Based on the fact that localf always points to the same file, there's no need to code in multiple fopen calls with varying results. Instead, track the desired file open mode and make a single call to fopen. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: merge get_{destfile,tempfile} into get_fullpathDave Reisner1-20/+13
Create a more general function that allows appending a suffix to a filepath. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28pacman/pacman.c: fix setting of useragent stringDave Reisner1-1/+6
libcurl doesn't natively honor the HTTP_USER_AGENT environment variable. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: pass a struct with filename and size to curl_progressDave Reisner2-13/+27
This lets us determine the real size of the file on disk so that we can properly bump the progress bar when we're resuming a download. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28Clarify error message in pacman-db-upgradeDan McGee1-1/+5
Addresses FS#23451. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Ensure reported missing dependencies show correct version comparisonDan McGee2-35/+38
This addresses FS#23424. The -dd backend code was introduced in commit b6ec9019d77, and unfortunately the munged depend used for comparison did not carry through to the eventual display of this version. To fix this, we undo some of the depcmp_tolerant() business introduced, and instead make a new pmdepend_t object if necessary when the no dependency version flag is set. This results in the correct depend being copied to the missing depend passed onto the frontend. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Mark various functions in deps.c staticDan McGee2-32/+27
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Move alpm_find_dbs_satisfier() function down in deps.cDan McGee1-23/+24
This will make sense for a later commit when static/non-static properties of other functions are changed. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Rework find_requiredby() to not use _alpm_dep_edge()Dan McGee1-8/+8
And move the sort after the final loop; we don't need to sort once for each database we look at. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Don't include version in dep string if mod == ANYDan McGee1-2/+3
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Update usage instruction stringsDan McGee1-8/+9
* Address FS#23433 by documenting -d vs. -dd * Drop the useless "as well", "also", "too", and "that won't break packages" strings from -R usage * Fix alignment of multiline strings in source (no string change) Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Merge branch 'maint'Dan McGee5-11/+21
2011-03-25Add -T, --deptest to usage messageRay Kohler1-0/+4
Fixes FS #23369 Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-25Make log redirection sanerJan Steffens1-5/+5
My main motivation was to remove the "sync", which can stall for minutes on a busy machine (FS#23378). I also cleaned up the redirection. Signed-off-by: Jan Steffens <jan.steffens@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-24alpm/db: do not close local DB in alpm_db_unregister_allDave Reisner2-6/+11
pacman 3.5.0 removed alpm_db_register_local, so calling alpm_db_unregister_all leaves the front end in a position where there's no local db, and no way to re-register it. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-24Fix use of relative paths for packages in repo-addRay Kohler1-14/+17
Move checksum and pgpsig calcluation before changing into the tmpdir, otherwise we can't find the files if a relative path was used. Signed-off-by: Ray Kohler <ataraxia937@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-24Do not reuse old signatureAllan McRae2-3/+10
After updating a database, remove the old signature to prevent it being used in validation if the new signature fails to download. Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-24Download and verify package database signaturesAllan McRae1-6/+38
If signature verification is needed, attempt to download a signature file for a repo when it is updated. Return an error if unable to download signature only when checking is mandatory, or if signature is invalid. TODO: At the moment the database signature is only checked on download. Should we do anything with a database if it fails to be verified to prevent its future usage? Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-24Refactor signature loading code into common functionDan McGee4-81/+65
We can use this for both standalone package signatures as well as standalone database signatures. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-24Add functions for verifying database signatureAllan McRae6-37/+124
Add a pmpgpsig_t struct to the database entry struct and functions for the lazy loading of database signatures. Add a function for checking database signatures, reusing (and generalizing) the code currently used for checking package signatures. TODO: The code for reading in signature files from the filesystem is duplicated for local packages and database and needs refactoring. Signed-off-by: Allan McRae <allan@archlinux.org>
2011-03-24etc/makepkg.conf: use curl in place of wget as a DLAGENTDave Reisner1-3/+3
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23lib/dload.c: Check for dlcb == NULL earlierDave Reisner1-10/+12
Our curl callback does a whole lot of work for nothing if the front end never defined a callback to receive the data we'd calculate for it. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Update doc/index.txt with 3.5.1 release datev3.5.1Dan McGee1-0/+1
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23lib/dload.c: don't use deprecated curl symbolsDave Reisner1-1/+1
CURLINFO_HTTP_CODE is deprecated in favor of CURLINFO_RESPONSE_CODE. Both yield the same values. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23lib/dload.c: don't request compressed transportDave Reisner1-1/+0
The files we transfer are generally compressed already, so this just adds unnecessary overhead. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23lib/dload.c: Fix progress callback issues on downloadDave Reisner1-5/+15
Use a static variable to effectively track the initialization state of the progress callback via the last byte amount reported as downloaded by libcurl. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23lib/dload.c: fix compiler warnings generated by -Wfloat-equalDave Reisner2-3/+8
* introduces new macro in util.h (DOUBLE_EQ) for properly comparing floating point values Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23buildsys: use libcurl's m4 macro for buildtime detectionDave Reisner3-17/+253
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Report output from signature checking to debug logAllan McRae1-11/+11
Move the (possibly still temporary) output generated during signature checking into the --debug output. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Added gpg verification options per repo to the config file.Xavier Chantry10-8/+72
Once we do this, add support for VerifySig to pactest. We just check if the repo name contains Always, Never or Optional to determine the value of VerifySig. The default is Never. pacman uses Always by default but this is not suitable for pactest. Original-work-by: shankar <jatheendra@gmail.com> Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Remove unnecessary sanity check on db->setserverDan McGee1-12/+0
We pass in a db object, so no need to go looking for it in the list on the handle. This is a remnant of when we passed in a treename, more than likely. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Let pacman specify GnuPG's home directory.Chris Brannon5-1/+43
GnuPG looks for configuration files and keyrings in its home directory. For a user, that is typically ~/.gnupg. This patch causes pacman to use /etc/pacman.d/gnupg/ as the default GnuPG home. One may override the default using --gpgdir on the command-line or GPGDir in pacman's configuration file. Signed-off-by: Chris Brannon <cmbrannon@cox.net> Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Add a pactest showing failed GPG verificationDan McGee1-0/+10
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Integrate GPGME into libalpmDan McGee7-16/+286
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Add some error codes for signature verificationDan McGee2-0/+8
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Add signature directory as option on libalpm handleDan McGee3-0/+32
This will serve as the home directory we pass to GPGME when making calls so we can have a libalpm-utilized keyring. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Actually read PGPSIG field in sync DB codeDan McGee1-0/+2
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-23Merge branch 'gpg-libalpm-basics'Dan McGee11-1/+385