summaryrefslogtreecommitdiffstats
path: root/lib/libalpm/be_package.c
AgeCommit message (Collapse)AuthorFilesLines
2021-01-08libalpm: const annotate struct pkg_operationsEmil Velikov1-1/+1
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08get_file_pkg_ops: update commentAllan McRae1-3/+2
2020-08-10Enable sha256/md5 hash verification if detached signatures are usedAnatol Pomozov1-1/+1
Pacman has multiple ways to verify package content integrity: - gpg signature - sha256 - md5 These verification mechanisms overlap each other. gpg signatures already contain hash value of the package content. So if a package signature is present then pacman ignored the other 2 hash values. This worked well with signtures embedded into pacman database. Recently pacman got an ability to handle detached signatures (*.sig files located next to the package files). If pacman verifies detached signature only then one can replace pkg+sig files with some other content and pacman still processes it as a valid package. To prevent it we need to verify database<->package integrity using hash values stored in the database. This commit fixes FS#67232 The new debug output is: checking package integrity... debug: found cached pkg: /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: sha256sum: 77baf61c62c5570b3a37cf0c3b16c5d9a97dde6fedd1a3528bf0cc5f96dd5e52 debug: checking sha256sum for /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: sig data: <from .sig> debug: checking signature for /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: 1 signatures returned debug: fingerprint: B5971F2C5C10A9A08C60030F786C63F330D7CB92 Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-04-13Use GOTO_ERR throughoutAllan McRae1-16/+8
The GOTO_ERR define was added in commit 80ae8014 for use in future commits. There are plenty of places in the code base it can be used, so convert them. Signed-off-by: Allan McRae <allan@archlinux.org>
2020-04-13Use STRDUP for error checking in more placesAllan McRae1-3/+7
Use STRDUP() over strdup() to catch memory allocation errors. There are still some instances of strdup left, but these are in functions that currently have no error path and would require a larger rework. Signed-off-by: Allan McRae <allan@archlinux.org>
2020-04-13Add REALLOC macro to simplify realloc error handlingRikard Falkeborn1-2/+1
realloc can fail just like the other memory allocation functions. Add a macro to simplify handling of realloc failures, similar to the already existing MALLOC, CALLOC, etc. Replace the existing realloc uses with the new macro, allowing us to move tedious error handling to the macro. Also, in be_package and be_sync, this fixes hypothetical memory leaks (and thereafter null pointer dereferences) in case realloc fails to shrink the allocated memory. Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-02-10build-aux/update-copyright 2019 2020Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-01-07Use c99 struct initialization to avoid memset callsDave Reisner1-5/+2
This is guaranteed less error prone than calling memset and hoping the human gets the argument order correct.
2019-10-27Fix segfault importing PGP key for pacman -U operationsAllan McRae1-2/+2
Use after free. Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-23Update copyright yearsAllan McRae1-1/+1
make update-copyright OLD=2018 NEW=2019 Signed-off-by: Allan McRae <allan@archlinux.org>
2019-10-07signing: move key import confirmation before key_searchJonas Witschel1-1/+11
Ask the user whether they want to import a missing key before even doing a search on the keyserver. This will be useful for getting Web Key Directory support in place: for a WKD, looking up and importing a key are a single action, so the current key_search -> QUESTION -> key_import workflow does not apply. Since only the ID of the package signing key is available before key_search, we display the packager variable in addition to the key ID for user convenience. Signed-off-by: Jonas Witschel <diabonas@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-05-14Remove all modelines from the projectEli Schwartz1-2/+0
Many of these are pointless (e.g. there is no need to explicitly turn on spellchecking and language dictionaries for the manpages by default). The only useful modelines are the ones enforcing the project coding standards for indentation style (and "maybe" filetype/syntax, but everything except the asciidoc manpages and makepkg.conf is already autodetected), and indent style can be applied more easily with .editorconfig Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2018-03-14Update coyrights for 2018Allan McRae1-1/+1
make update-copyright OLD=2017 NEW=201 Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Add alpm_pkg_get_makedepends and alpm_pkg_get_checkdependsMark Weiman1-2/+4
makepkg adds makedepends and checkdepends to a package's .PKGINFO file. Add functions that allow use of these from libalpm. Signed-off-by: Mark Weiman <mark.weiman@markzz.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04add _alpm_filelist_sortAndrew Gregory1-2/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2017-01-04Update copyright yearsAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2016-10-22Represent bitfields as ints, not enumsIvy Foster1-4/+4
Many bitfield variables are declared to be enums, because they are generated using bitwise operations on enums such. However, their actual values aren't necessary members of their parent enum, so declaring them 'int' is more accurate. Signed-off-by: Ivy Foster <ivy.foster@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-10-22Add ALPM_ERR_OK to _alpm_errno_tIvy Foster1-1/+1
This allows functions which return an _alpm_errno_t to always return a genuine _alpm_errno_t for consistency, even in cases where there are no errors. Since ALPM_ERR_OK = 0, their callers can still simply check 'err = some_fn(); if (!err) { ... }'. Signed-off-by: Ivy Foster <ivy.foster@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-08-30Reject files larger than 16384 bytes in read_sigfile.Tobias Stoeckmann1-5/+9
If signature files are larger than SIZE_MAX, not enough memory could be allocated for this file. The script repo-add rejects files which are larger than 16384 bytes, therefore handle these as errors here, too. While at it, I also rearranged the code to avoid a quite harmless TOCTOU race condition between stat() and fopen(). Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-08-30Release resources on error paths.Tobias Stoeckmann1-0/+1
Some resources (memory or file descriptors) are not released on all error paths. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-05-05fix spelling mistakesEric Engestrom1-1/+1
Signed-off-by: Eric Engestrom <eric@engestrom.ch> Signed-off-by: Allan McRae <allan@archlinux.org>
2016-01-04Update copyright years for 2016Allan McRae1-1/+1
make update-copyright OLD=2015 NEW=2016 Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26be_package: fallback to standard filelist loadingAndrew Gregory1-15/+22
In order to work properly, loading the filelist from an mtree file requires a libarchive patch that has not yet been included in an official release.[1] Under certain circumstances, an unpatched libarchive may refuse to read the mtree file due to inconsistencies between it and the user's file system. In order to allow alpm to recover in this situation, read the mtree data into a temporary filelist that is only copied over to the package if the entire read is successful. [1] https://github.com/libarchive/libarchive/commit/661684170b970ef7d6eff135b57e58a537e8bc53 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26add_entry_to_files_list: pass filelist directlyAndrew Gregory1-8/+9
Allows entries to be added to arbitrary filelists not connected to a package. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03parse_descfile: fix memory leak in error caseAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Update copyright notices for 2015Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-01-02be_package.c: fix style violationAndrew Gregory1-1/+2
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-24libalpm: Parse and write PKGBASEsJohannes Löthberg1-1/+1
This commit adds support to libalpm to parse the pkgbase present in packages .PKGINFO files, writing the PKGBASE to the %BASE% section of the local DBs desc files and for parsing it again when loading the local DB Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-09-30libalpm: export alpm_splitdep as alpm_dep_from_depstring and alpm_dep_freeFlorian Pritz1-5/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-08-09Fix loading invalid packageOlivier Brunel1-1/+3
In 5acfa65f when adding a new variable (hit_mtree), the initialization of a variable (config) was dropped, which could lead to loading invalid package files, i.e. files that aren't archive (no metadata loaded) would return a new alpm_pkg_t with everything set to 0/NULL. Depending on the operation/use of the package, this could lead to segfault. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-27Always supply base name and version info in .PKGFILE if neededAllan McRae1-0/+2
Provide pkgbase information for non-split packages with pkgbase set. Also record the version of the "base" package. This is useful for matching package files to source packages. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-08Use MALLOC throughtout libalpmAllan McRae1-5/+3
Use MALLOC instead of malloc for safety in libalpm. Some changes are pure refactoring, but for others this provides a success check for memory allocation. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03be_package: Build the file list from MTREE if possibleFlorian Pritz1-4/+145
This greatly speeds up file list generation times by avoiding uncompressing the whole package. pacman -S base with a deliberate file conflict: before: 9.1 seconds after: 2.2 seconds Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-03-03be_package: Refactor code adding a file to the files listFlorian Pritz1-27/+29
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-03-03be_package: Refactor handling of simple path checksFlorian Pritz1-5/+22
This is used to deduplicate code when using the mtree as the file list source. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-01-28Remove ts and sw from vim modeline when noet is setFlorian Pritz1-1/+1
Forcing vim users to view files with a tabstop of 2 seems really unnecessary when noet is set. I find it much easier to read code with ts=4 and I dislike having to override the modeline by hand. Command run: find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} + Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06Update copyright years for 2014Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-11-15Fix whitespace and other formatting issuesJason St. John1-1/+1
This commit: -- replaces space-based indents with tabs per the coding standards -- removes extraneous whitespace (e.g. extra spaces between function args) -- adds missing braces for a one-line if statement Signed-off-by: Jason St. John <jstjohn@purdue.edu>
2013-11-15Ignore makedepend and checkdepend entries when parsing .PKGINFO fileAllan McRae1-0/+4
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31Make functions to decode a signature and extract keyid publicAllan McRae1-1/+1
These are useful for frontends. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-15Ensure packages have a valid versionAllan McRae1-0/+4
Currently you can manually create and then install a package with a version not containing a pkgrel. The created local database entry is invalid as the directory name can not be split by _alpm_splitname due to the assumtion of hyphens separating name-pkgver-pkgrel. Ensure the package has a valid version when it is loaded. Fixes FS#35514. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-07-05do not check error from close(2)Dave Reisner1-5/+5
On operating systems we support, the behavior is always such that the kernel will do the right thing as far as invalidating the file descriptor, regardless of the eventual return value. Therefore, potentially looping and calling close multiple times is wrong. At best, we call close again on an invalid FD and throw a spurious EBADF error. At worst, we might close an FD which doesn't belong to us when a multi-threaded application opens its own file descriptor between iterations of the loop. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-05-29Improve error message when package is missing required signatureAllan McRae1-1/+5
When attempting to install a package (either via -S or -U) and the signature is missing, the current error message "invalid or corrupted package (PGP signature)" is very unclear. Instead inform the user that the package is missing the required signature. Partial fix for FS#34741. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-04-18Fix spelling errors using 'codespell' toolAnatol Pomozov1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-16fix style violationsAndrew Gregory1-2/+3
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09Import key if needed when installing package from fileAllan McRae1-0/+64
When installing a package with "pacman -U" that has a detached signature, check if the needed key is in the keyring and download if necessary. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29Use libarchive compat header for relevant symbolsDave Reisner1-5/+6
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-04Fix space between control structure and open parensGerardo Exequiel Pozzi1-1/+1
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03Update copyright year for 2013Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2012-08-02Move filelist functions into separate source fileDan McGee1-0/+1
We have a few of these and might as well gather them together. This also cleans up the code a bit by using an enum instead of integer values, as well as makes a "search for file in filelist" function public so frontends can do better than straight linear search of the filelists. Signed-off-by: Dan McGee <dan@archlinux.org>