Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The people who believe that pacman-optimize is actually doing something
useful are the same people who are voting for Trump.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This fixes the issue with --printsrcinfo that all arch specific variants
of a variable get merged into their non arch specific variant.
The .SRCINFO file ends up having $depends containing $depends_x86_64
and omitting the latter.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This was included due to use of PolarSSL's implementation for our internal
SHA2 support. As our internal checksum calculations are now removed, we
can also remove this unused code path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The internal implementations for md5 and sha256 checksums have not been merged
from upstream sources for a long time. Instead of us carrying copies of code
from other projects, we should just support building against multiple libraries
that provide such functionality.
This patch removes the md5 and sha2 code (originally obtained from PolarSSL)
from our repository. The configure script will now error unless at least one
library supporting checksum generation is present, with the only library
currently supported being openssl. It will be relatively simple for other
such libraries (e.g. nettle) to be supported if anyone wishes to add them.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Adding and clarifying comments.
Adding and removing some new lines.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Switch to parseopts instead of merely checking the first argument.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Trap SIGHUP, SIGINT, SIGTERM and remove working directories accordingly.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
To enable the creation of multiple packages with one command move the
assembly process into its own function.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add missing newline in paclog-pkglist help output
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Making it size_t matches the return value of alpm_list_count() and
avoids the implicit cast to int.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Since the number of packages is not used anywhere, just return a
boolean to avoid the implicit cast from size_t to int in be_local.c.
Use 0 as success to be consistent with db_validate.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Recent gcc (tested with 6.2.1) produces the following error when
compiling with both --enable-warningflags and --enable-debug.
In particular, it seems it is the combination of GCC_STACK_PROTECT_LIB
and -Wstrict-overflow=5 produces the error.
be_local.c:609:4: error: assuming signed overflow does not occur
when simplifying conditional
[-Werror=strict-overflow]
if(count > 0) {
Fix this by changing the type of count from int to size_t, which is
fine since count is never negative.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Fixes FS#50285
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Also add pactest which captures this leak when run under valgrind.
Reported-by: Sergey Petrenko
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We weren't supplying the rpl_malloc function needed if this failed, and
didn't check for realloc, so just remove.
Signed-off-by: Alastair Hughes <hobbitalastair@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Curl 7.32.0 added CURLOPT_XFERINFOFUNCTION, which deprecates
CURLOPT_PROGRESSFUNCTION and means less casting doubles to size_ts for
alpm. This change has no user-facing nor frontend-facing effects.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add a space between the option and its argument. Also, do not enclose
the argument in asterisk characters.
Fixes a typo introduced in aa4c61f (Document database checking options,
2014-12-28).
Reported-by: Luca Weiss <luca.emanuel.weiss@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Makefile.am is mostly copied from ./doc/Makefile.am
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
From the documentation:
verify-pacman-repo-db looks at a pacman repo database and verifies its
content with the actual package files. The database is expected to be in
the same directory as the packages (or symlinks to the packages).
The following properties are verified for each package in the database:
- existence of the package file
- file size
- MD5 and SHA256 checksum (--checksum)
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
|
|
As discussed on mailing list:
https://lists.archlinux.org/pipermail/pacman-dev/2016-July/021239.html
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When curl calls alpm's dlcb, alpm calls the frontend's cb with the
following (dlsize, totalsize) arguments:
0, -1: initialize
0, 0: no change since last call
x {x>0, x<y}, y {y>0}: data downloaded, total size known
x {x>0}, x: download finished
If total size is not known, do not call frontend cb (no change to
original behavior); alpm's callback shouldn't be called if there is a
download error.
See agregory's original spec here:
https://wiki.archlinux.org/index.php/User:Apg#download_callback
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
`makepkg -g` looks for existing checksums in the PKGBUILD file, so that
it can generate new sums of the same type. Previously it only checked
variables of the form "sha256sums", and not "sha256sums_x86_64". That
meant it would always fall back to MD5 for packages with only
architecture-specific sources. This change makes it look at
architecture-specific checksums too to determine the type.
Signed-off-by: Jack O'Connor <oconnor663@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It was reported being --with-libcurl in the help (and the check for libcurl
being installed used $with_libcurl accordingly), but the option handling was set
using $with_curl and, therefore, expected option --with-curl.
In the end, --with-libcurl wasn't recognized, and --with-curl had no effect.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
macOS < 10.10 do not provide fstatat. We were constructing the full
path to the hook file for all other operations anyway, so there was no
real benefit to using fstatat.
Fixes FS#49771
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
glibc 2.24 deprecates readdir_r.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The width of wchar_t is allowed to be of the same width as long,
according to standards. The return type of mbscasecmp is int though.
On amd64 with a 32 bit int, this means that mbscasecmp can return
zero (indicating that strings are equal) even though the input
strings differ.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If signature files are larger than SIZE_MAX, not enough memory could
be allocated for this file. The script repo-add rejects files which
are larger than 16384 bytes, therefore handle these as errors here,
too.
While at it, I also rearranged the code to avoid a quite harmless
TOCTOU race condition between stat() and fopen().
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Some resources (memory or file descriptors) are not released on all
error paths.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
pacman expects an unarmored signature. makepkg forces the generation of
unarmored signatures, and repo-add will reject any armored signature.
For consistency pacman-key should also reject armored signatures.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In out of memory conditions, an undefined error value is written
into *err, because myerr is never explicitly set in these cases.
I have also converted a calloc into a MALLOC call, because the memory
will be properly filled by the snprintf call right after it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Cyclic dependencies (A depends on B, B depends on A) were not selected
because neither package could be removed individually, so
can_remove_package would always return false for both. By preselecting
all dependencies then filtering back out any dependencies still required
by any packages that will not be uninstalled, groups of unneeded cyclic
dependencies can be found.
Fixes FS#41031
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The colour of the package version could leak onto the next line in both
-Qo and -Fo.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Ashley Whetter <ashley@awhetter.co.uk>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
verification.
The current way of extracting key trust from output of gpg --verify is not very
robust against changes in the format of said output. As a result, pacman-key
can return an error even if the signature is actuall good.
This change relaxes the regexp when parsing output of gpg.
Signed-off-by: Leonid Isaev <leonid.isaev@jila.colorado.edu>
Signed-off-by: Allan McRae <allan@archlinux.org>
|