summaryrefslogtreecommitdiffstats
path: root/lib/libalpm/dload.c
AgeCommit message (Collapse)AuthorFilesLines
2011-08-19lib/dload: prevent possible NULL dereferenceDave Reisner1-1/+1
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/libalpm/dload.c: Use STRDUP() instead of strdup()Lukas Fleischer1-3/+5
Use the STRDUP macro instead of strdup() for the sake of better error handling on memory allocation failures. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/libalpm/dload.c: Add ASSERT() to alpm_fetch_pkgurl()Lukas Fleischer1-0/+1
Return with ALPM_ERR_WRONG_ARGS instead of causing a potential segfault if alpm_fetch_pkgurl() is invoked with a NULL URL. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/dload: refactor deletion on failureDave Reisner1-6/+2
This moves all the delete-on-fail logic to under cleanup label. This also implies should_unlink when a payload is received that doesn't allow resuming. Fixes .db.sig.part files leftover in the sync dir. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/dload: avoid renaming download to 0 length destfileDave Reisner1-1/+1
This leverages earlier work that avoids a rename when destfile is unset. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Avoid stat() on NULL path in curl_download_internal()Lukas Fleischer1-1/+1
stat()'s behaviour is undefined if the first argument is NULL and might be prone to segfault. Add an additional check to skip the stat() invocation if no destfile is used. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Skip rename() on NULL destfile in curl_download_internal()Lukas Fleischer1-5/+9
Avoid a potential segfault that may occur if we use a temporary file and fail to build the destination file name from the effective URL. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17dload: zero out pm_errno in curl_download_internalDave Reisner1-0/+1
This reverts some hacky behavior from 5fc3ec and resets the handle's pm_errno where it should be reset -- prior to each download. This prevents a transaction with a download from being aborted when a package is successfully grabbed from a secondary server. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15lib/dload: avoid deleting .part file on too-slow xferDave Reisner1-13/+21
Take this opportunity to refactor the if/then/else logic into a switch/case which is likely going to be needed to fine tune more exceptions in the future. Fixes FS#25531 Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11stop progress callbacks after curl_easy_perform returnsDave Reisner1-0/+3
This prevents possible null dereferences in FTP transfers when the progress callback is touched during connection teardown. http://curl.haxx.se/mail/lib-2011-08/0128.html Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11dload: remove unnecessary cast in alpm_load_payload_freeDave Reisner1-6/+4
Dan: make it compile, s/load/payload/. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Fix compile error when curl is not usedDan McGee1-3/+3
Noticed in my PowerPC Linux VM: cc1: warnings being treated as errors dload.c:45: error: 'get_filename' defined but not used make[3]: *** [dload.lo] Error 1 Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Check return value of rename() callsDan McGee1-2/+5
We did a good job checking this in add.c, but not necessarily anywhere else. Fix this up by adding checks into dload.c, remove.c, and conf.c in the frontend. Also add loggers where appropriate and make the message syntax more consistent. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-06absorb fileinfo struct into dload_payloadDave Reisner1-28/+26
This transitional struct becomes delicious noms for dload_payload. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-06absorb some _alpm_download params into payload structDave Reisner1-23/+23
Restore some sanity to the number of arguments passed to _alpm_download and curl_download_internal. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-06lib/dload: prevent large file attacksDave Reisner1-17/+38
This means creating a new struct which can pass more descriptive data from the back end sync functions to the downloader. In particular, we're interested in the download size read from the sync DB. When the remote server reports a size larger than this (via a content-length header), abort the transfer. In cases where the size is unknown, we set a hard upper limit of: * 25MiB for a sync DB * 16KiB for a signature For reference, 25MiB is more than twice the size of all of the current binary repos (with files) combined, and 16KiB is a truly gargantuan signature. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-06dload: handle irregular URLsDave Reisner1-20/+111
URLs might end with a slash and follow redirects, or could be a generated by a script such as /getpkg.php?id=12345. In both cases, we may have a better filename that we can write to, taken from either content-disposition header, or the effective URL. Specific to the first case, we write to a temporary file of the format 'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this is a randomly generated file, we cannot support resuming and the file is unlinked in the event of an interrupt. We also run into the possibility of changing out the filename from under alpm on a -U operation, so callers of _alpm_download can optionally pass a pointer to a *char to be filled in by curl_download_internal with the actual filename we wrote to. Any sync operation will pass a NULL pointer here, as we rely on specific names for packages from a mirror. Fixes FS#22645. Signed-off-by: Dave Reisner <d@falconindy.com>
2011-07-05dload: rearrange code to avoid extra cpp blockDave Reisner1-4/+2
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05signing: move to new signing verification and return schemeDan McGee1-3/+2
This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Merge remote-tracking branch 'allan/ALPM'Dan McGee1-15/+15
Conflicts: lib/libalpm/be_local.c lib/libalpm/be_package.c lib/libalpm/conflict.c lib/libalpm/diskspace.c lib/libalpm/dload.c lib/libalpm/remove.c
2011-07-03Fix debug logger without a newlineDan McGee1-1/+1
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-01Prefix _alpm_errno_t members with ALPMAllan McRae1-6/+6
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-01Prefix alpm_loglevel_t members with ALPMAllan McRae1-9/+9
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-30Fix a few warnings pointed out via clang scan-buildDan McGee1-1/+1
Some of these are legit (the backup hash NULL checks), while others are either extemely unlikely or just impossible for the static code analysis to prove, but are worth adding anyway because they have little overhead. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-28Rename pmhandle_t to alpm_handle_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-27Fix several -Wshadow warningsDan McGee1-3/+3
Only one of these looked like a real red flag, in find_requiredby(), but it doesn't hurt to fix several of them up anyway. Unfortunately, we can't turn this on universally due to things like the sync(), remove(), etc. builtins which we often use as variable names. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-20Documented _alpm_download()Kerrick Staley1-0/+10
Documented the _alpm_download() function in dload.c Signed-off-by: Kerrick Staley <mail@kerrickstaley.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-14Ensure handle is valid and pm_errno is reset when calling into APIDan McGee1-0/+2
We didn't do due diligence before and ensure prior pm_errno values weren't influencing what happened in further ALPM calls. I observed one case of early setup code setting pm_errno to PM_ERR_WRONG_ARGS and that flag persisting the entire time we were calling library code. Add a new CHECK_HANDLE() macro that does two things: 1) ensures the handle variable passed to it is non-NULL and 2) clears any existing pm_errno flag set on the handle. This macro can replace many places we used the ASSERT(handle != NULL, ...) pattern before. Several other other places only need a simple 'set to zero' of the pm_errno field. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-14Switch all logging to use handle directlyDan McGee1-10/+9
This is the last user of our global handle object. Once again the diff is large but the functional changes are not. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-14Move pm_errno onto the handleDan McGee1-18/+18
This involves some serious changes and a very messy diff, unfortunately. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-09Require handle argument to all alpm_option_(get|set)_*() methodsDan McGee1-3/+3
This requires a lot of line changes, but not many functional changes as more often than not our handle variable is already available in some fashion. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-03Push down extern handle variable to files that need itDan McGee1-0/+3
This will make the patching process less invasive as we start to remove this variable from all source files. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-03Remove ALPM_LOG_FUNC macroDan McGee1-2/+0
The usefulness of this is rather limited due to it not being compiled into production builds. When you do choose to see the output, it is often overwhelming and not helpful. The best bet is to use a debugger and/or well-placed fprintf() statements. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-01lib/dload.c: remove assumption in continuation logicDave Reisner1-5/+3
Callers to curl_download_internal now tell us if its okay to continue a transfer, so obey this instead of using a heuristic. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-01dload: abort transfer on CURLOPT_LOW_SPEED_LIMITDave Reisner1-0/+2
If a connection drops below 1kb/s for 10s, curl will kill the transfer and we'll report failure. This is the average transfer speed over the delta defined by CURLOPT_LOW_SPEED_TIME, so setting a low value here shouldn't bother folks using 14.4k dial-up. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04dload: make sure we never print a bogus error bufferDan McGee1-0/+2
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04Deal with unused function parameters correctlyAllan McRae1-7/+2
This started off removing the "(void)foo" hacks to work around unused function parameters and ended up fixing every warning generated by -Wunused-parameter. Dan: rename to UNUSED. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-23libalpm/dload: major refactor of signature downloadingDan McGee1-65/+36
There's a lot of related moving parts here: * Iteration through mirrors is moved back to the calling functions. This allows removal of _alpm_download_single_file and _alpm_download_files. * The download function gets a few more arguments to influence behavior. This allows several different scenarios to customize behavior: - database - database signature (req'd and optional) - package - package via direct URL - package signature via direct URL (req'd and optional) * For databases, we need signatures from the same mirror, so structure the code accordingly. Some-inspiration-from: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-23libalpm/dload: add allow_resume and reorder error checksDan McGee1-19/+21
The allow_resume is the start of the fix to the "don't ever resume database downloads" problem, as well as being useful for '.sig' downloads as well. For now, we say "always allow resume", but this will eventually get pushed down as necessary. Error checks are reworked in order to correctly error out when a file is not found on the remote end and reports 0 bytes downloaded. In addition, the two error messages printed are now different as one reports a more specific error message provided via the cURL error buffer. Some example output from an -Sy run with [testing], [community], [community2], [eee], and [nonexistant] defined as repos. [community2] and [nonexistant] are both invalid, one using FTP and one using HTTP. :: Synchronizing package databases... testing is up to date community is up to date error: failed retrieving file 'community2.db' from ftp.archlinux.org : Given file does not exist error: failed to update community2 (FTP: couldn't retrieve (RETR failed) the specified file) eee is up to date error: failed retrieving file 'nonexistant.db' from code.toofishes.net : The requested URL returned error: 404 error: failed to update nonexistant (HTTP response code said error) Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22libalpm/dload: const and static correctnessDan McGee1-5/+6
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-21syntax: if/while statements should have no trailing spaceDan McGee1-1/+1
This is the standard, and we have had a few of these introduced lately that should not be here. Done with: find -name '*.c' | xargs sed -i -e 's#if (#if(#g' find -name '*.c' | xargs sed -i -e 's#while (#while(#g' Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-21style cleanup: cast as (type *) not (type*)Dave Reisner1-1/+1
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-16Merge branch 'maint'Dan McGee1-5/+1
Conflicts: lib/libalpm/alpm.h lib/libalpm/trans.c Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-09Move documentation for public package function to alpm.hRémy Oudompheng1-5/+1
2011-04-02dload: dont forget to initialize open_modeXavier Chantry1-1/+2
That's a funny one, building with optimization levels (with both gcc and clang) caused open_mode to always be set to "ab", which worked. This was spotted both with clang-analyzer, and by Jakob who reported a segfault as he was using an un-optimized build. Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: abstract out helper function to set utimesDave Reisner1-22/+22
This greatly simplifies the cleanup fallthrough in our download function and we'll be able to reuse this for signatures. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: remove proxy debug outputDave Reisner1-6/+0
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: code simplificationDave Reisner1-11/+8
Based on the fact that localf always points to the same file, there's no need to code in multiple fopen calls with varying results. Instead, track the desired file open mode and make a single call to fopen. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28lib/dload: merge get_{destfile,tempfile} into get_fullpathDave Reisner1-20/+13
Create a more general function that allows appending a suffix to a filepath. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-03-28pacman/pacman.c: fix setting of useragent stringDave Reisner1-1/+6
libcurl doesn't natively honor the HTTP_USER_AGENT environment variable. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>