Age | Commit message (Collapse) | Author | Files | Lines |
|
This allows it to serve double-duty. In order to allow users to base
verification decisions off of both a valid signature and a trusted
signature, we need to assign some level of owner trust to the keys we
designate as trusted on import.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
* --import now only imports keys from pubkey.gpg and does not import
owner trust; if you want to have both simply run the operations in
sequence.
* --import-trustdb has been simplified; it will overwrite existing
values in the trust database as before, but there is no need to export
it first as those values are safe if left untouched.
* Fix the manpage referring to a non-existent option.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This was a bad oversight on my part, pointed out by Jakob. Whoops.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
If PKGEXT is not one of the recognized tar*'s, create_package() would
create an empty package file and fail, since bsdtar on the left side of
the pipe returns 141 on SIGPIPE (broken pipe).
This patch changes the behavior for an invalid PKGEXT. A warning is
printed on stderr, and a tar file is created. Also retire the obsolete
$EXT variable.
Add the obligatory comment why we don't use bsdtar's compression.
Finally, fix mixed-tab-space indentation.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Another place where we were doing the dirty work by hand.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
SRCEXT should allow whatever PKGEXT does.
Also address an uninitialized use of $ret.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
|
|
Expose the current static get_pkgpath() function internally to the rest
of the library as _alpm_local_db_pkgpath(). This allows use of this
convenience function in add.c and remove.c when forming the path to the
scriptlet location.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Add an is_archive parameter to reduce the amount of black magic going
on. Rework to use fewer PATH_MAX sized local variables, and simplify
some of the logic where appropriate in both this function and in the
callers where duplicate calls can be replaced by some conditional
parameter code.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Always quote the right-hand side of expression when the == or != operator
is used, unless intended as a pattern.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Declare and initialize integer variables 'needsroot' and 'verbose'.
Don't use the fact that (( undefined_variable )) evaluates to 0.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
We're ill equipped to be using this flag as we don't trap and respond to
the ERR signal. The result is that if is ever tripped, pacman-key will
instantly exit with no indication of why. At the same time, we're
already fairly good about doing our own error checking and verbalizing
it before dying.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This prevents the error trap being set off when GPGDir is commented
in pacman.conf. Bug introduced in 507b01b9.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Printing all of "Installed", "Removed" and "Net Upgrade" sizes is
redundant as the difference of the first two is the last. Instead,
only print "Installed Size" and "Net Upgrade Size" when both the
installed and removed are non-zero.
This results in the following output in the following cases:
- package installation only: Installed Size
- package removal only: Removed Size
- package installation involving replacement: Installed + Net Upgrade Size
- package upgrade: Installed + Net Upgrade Size
- combination upgrade and installation: Installed + Net Upgrade Size
Download Size remains outputted whenever something is downloaded.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Verify the argument to -k is a non-negative integer. Leading zeros
are simply stripped.
'declare -i keep' allowed the argument to -k to be any arithmetic
evaluation expression. The simple assignment 'keep=$OPTARG' triggers
arithmetic evaluation implicitly, which can either consume a huge amount
of resources with input such as '2**2**32' or immediately produce an error
on invalid input. Instead, we simply 'declare -- keep' and avoid all that.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Printing "[removal]" beside all package names is redundant when all
packages are being removed (i.e. when using -R).
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is a poor place for it, and it will likely move again in the
future, but it's better to have it here than as a static variable.
Initialization of this variable is now no longer necessary as its
zeroed on creation of the payload struct.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Always quote the right-hand side of expression when the == or != operator
is used, unless intended as a pattern.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
|
|
Always quote the righthand side of expression when the == or != operator
is used, unless intended as a pattern. Quoting bash(1):
When the == and != operators are used, the string to the right of the
operator is considered a pattern. Any part of the pattern may be quoted
to force it to be matched as a string.
Signed-off-by: lolilolicon <lolilolicon@gmail.com>
|
|
This also fixes a memory leak and makes the dual-purpose "rows" variable
go away in favor of storing the rows and non-verbose names separately.
This also fixes some potential memory leaks and/or wrong behavior due to
the config->verbosepkglists flag being flipped, which we should never be
doing.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This was done to squash a memory leak in the sync database download
code. When we downloaded a database and then reused the payload struct,
we could find ourselves calling get_fullpath() for the signatures and
overwriting non-freed values we had left over from the database
download.
Refactor the payload_free function into a payload_reset function that we
can call that does NOT free the payload itself, so we can reuse payload
structs. This also allows us to move the payload to the stack in some
call paths, relieving us of the need to alloc space.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Rather than always initializing it on any handle creation. There are
several frontend operations (search, info, etc.) that never need the
download code, so spending time initializing this every single time is a
bit silly. This makes it a bit more like the GPGME code init path.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Left this in as part of the last set of commits, whoops.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
The prompt can be rather confusing otherwise when all files have already
been downloaded, but there is not a single total size listed.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Better scoping of variables for the most part, and ensure we are using
string_length() and not strlen() as appropriate. Also refactor the
longest cell code to call string_length() a lot less; by simply using an
array of max sizes we don't have to recompute values nearly as much.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
For getcols(), the functions we call return a value of type 'unsigned
short', so it makes sense for us to do the same.
string_length() is meant to behave like strlen(), so it should return
type size_t. This exposes other functions such as indentprint() which
should also be using signed return types.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
We now label the old 'Size' column as 'Net Change' to reflect the
reality of what we are looking at. Sync operations now get an additional
'Download Size' column.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This allows us to sort the output list by showing all pulled
dependencies first, followed by the explicitly specified targets.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
There was no real reason for these to be done separately.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Rather than free them right away, keep the list on the transaction as
we already do with add and remove lists. This is necessary because we
may be manipulating pointers the frontend needs to refer to packages,
and we are breaking our contract as stated in the alpm_add_pkg()
documentation of only freeing packages at the end of a transaction.
This fixes an issue found when refactoring the package list display
code.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is definitely not in the normal hot path, so we can afford to do
some temporary heap allocation here.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
No wonder these were slower than expected. We were only reading 4
(32-bit) or 8 (64-bit) bytes at a time and feeding it to the hash
functions. Define a buffer size constant and use it correctly so we feed
8K at a time into the hashing algorithm.
This cut one larger `-Sw --noconfirm` operation, with nothing to
actually download so only timing integrity, from 3.3s to 1.7s.
This has been broken since the original commit eba521913d6 introducing
OpenSSL usage for crypto hash functions. Boy do I feel stupid.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
In the sync code, we explicitly allocated a string for this field, while
in the dload code itself it was filled in with a pointer to another
string. This led to a memory leak in the sync download case.
Make remote_name non-const and always explicitly allocate it. This patch
ensures this as well as uses malloc + snprintf (rather than calloc) in
several codepaths, and eliminates the only use of PATH_MAX in the
download code.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This commit was made with the intent of displaying "correctly" sorted
package lists to users. Here are some reasons I think this is incorrect:
* It is done in the wrong place. If a frontend application wants to show
a different order of packages dependent on locale, it should do that
on its own.
* Even if one wants a locale-specific order, almost all package names
are all ASCII and language agnostic, so this different comparison
makes little sense and may serve only to confuse people.
* _alpm_pkg_cmp was unlike any other comparator function. None of the
rest had any dependency on anything but the content of the structs
being compared (e.g., they only used strcmp() or other basic
comparison operators).
This reverts commit 3e4d2c3aa65416487939148828afb385de2ee146.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
There was only one simple to handle case where we left a field
uninitialized; set it to NULL and use malloc() instead.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This saves a lot of unnecessary work since we don't need any of the
other fields in the stat struct.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
In every case we were calling calloc, the struct we allocated (or the
memory to be used) is fully specified later in the method.
For alpm_list_t allocations, we always set all of data, next, and prev.
For list copying and transforming to an array, we always copy the entire
data element, so no need to zero it first.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
If '-' isn't the last item, it's interpreted as a range and not
literally, causing problematic behavior in parsing optdepends.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
I'm really good at breaking this on a regular basis. If only we had some
sort of automated testing for this...
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is just a wrapper function; the real function we call logs an
almost identical line.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
In the sync download code, we added an early check in 6731d0a9407e for
sync download server existence so we wouldn't show the same error over
and over for each file to be downloaded. Move this check into the
download block so we only run it if there are actually files that need
to be downloaded for this repository.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
When we switched to a file object and not just a simple string, we missed an
update along the way here in target-target conflicts. This patch looks
large, but it really comes down to one errant (char *) cast before that has
been reworked to explicitly point to the alpm_file_t object. The rest is
simply code cleanup.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Keep the non-zero return val to let the caller know that the key wasn't
found.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Many PKGBUILDs use formatting whitespace when specifying optdepends.
This is removed when adding a package to a repo-database so the
output of "pacman -Si <package>" and "pacman -Qip <package file>"
becomes inconsistent. Instead, do the adjustment when creating
the .PKGINFO file.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Allow the specification of versioned optdepends with an epoch.
This also (partially) enforces a whitespace between ":" and the
description which is required for the future optdepends parsing
code.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
* All errors now go to stderr, so do the same here and simplify the
writing of the error message.
* Add SIGHUP to the handled signal list, and don't repeat code.
* Attempt to release the transaction (e.g. remove the lock file)
for all of HUP, INT, and TERM. Signals HUP and INT respects
transaction state, TERM will immediately terminate the process.
Signed-off-by: Dan McGee <dan@archlinux.org>
|