summaryrefslogtreecommitdiffstats
path: root/lib/libalpm/sync.c
AgeCommit message (Collapse)AuthorFilesLines
2015-07-20ensure matching database and package versionLevente Polyak1-0/+18
While loading each package ensure that the internal version matches the expected database version to avoid the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. The behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03sync_prepare: exclude removals from resolvedepsAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Update copyright notices for 2015Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27apply_deltas: fix memory leak on errorAllan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-24build_payload: free memory on errorAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-10-13sync.c: download packages before starting commitAndrew Gregory1-3/+8
download_files sets the transaction state to STATE_DOWNLOADING. Modifying the state after it has already been set to STATE_COMMITTING created a brief window where SIGINT would fail to interrupt the process and caused interrupted downloads to result in a 'transaction started' message in the log with no matching transaction end. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2014-10-01check_keyring: skip keys known to be missingAndrew Gregory1-4/+3
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2014-10-01remove retry check from signature validationAndrew Gregory1-8/+2
The retry path was removed by 4ccf16dff589ce9f369d377bb5d3f490bd27c624 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2014-09-30libalpm: export alpm_splitdep as alpm_dep_from_depstring and alpm_dep_freeFlorian Pritz1-6/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-08-03sync_prepare: remove useless check for replacersAndrew Gregory1-2/+0
Since 017184fa, alpm_sync_sysupgrade will not add both a replacement and a literal upgrade to the transaction. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-06-24Update the question callbackOlivier Brunel1-21/+39
Much like with events, instead of using a bunch of void* arguments for all questions, we now send one pointer to an alpm_question_t union. This contains the type of question that was triggered. With this information, a question-specific struct can be accessed in order to get additional arguments. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-08Use MALLOC throughtout libalpmAllan McRae1-1/+2
Use MALLOC instead of malloc for safety in libalpm. Some changes are pure refactoring, but for others this provides a success check for memory allocation. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-04sync_prepare: ignore explicitly removed conflictsAndrew Gregory1-0/+3
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03Fix warnings with strict-overflow in gcc-4.9Allan McRae1-1/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03Add events _PKGDOWNLOAD_{START, DONE, FAILED}Olivier Brunel1-0/+9
These will be emmitted when download a package file from a repository, indicating that the download starts, and whether it was successfull or not. Note that when multiple servers are available, no event is emmitted when switching to another server. (This doesn't apply to alpm_fetch_pkgurl(), but since it is called by the frontend, it shouldn't have problems knowing when the download starts and when it ends.) Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03Add events ALPM_EVENT_RETRIEVE_{DONE, FAILED}Olivier Brunel1-0/+3
To go along with RETRIEVE_START, one other event will be emmitted once the downloads are done: RETRIEVE_DONE if all files were successfully downloaded, else RETRIEVE_FAILED. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-03-03Update the event callbackOlivier Brunel1-24/+57
Instead of using two void* arguments for all events, we now send one pointer to an alpm_event_t struct. This contains the type of event that was triggered. With this information, the pointer can then be typecasted to the event-specific struct in order to get additional arguments. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-08_alpm_sync_prepare: fix unresolvable packages leakAndrew Gregory1-0/+1
If the user opted not to remove the unresolvable packages from the transaction, the list was neither free'd nor saved to the transaction to be free'd in trans_release. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-02-04alpm: export *_free functionsAndrew Gregory1-7/+9
Front-ends should be able to free memory that alpm hands them. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-30sync_prepare: manually set pm_errnoAndrew Gregory1-2/+1
_alpm_resolvedeps resets pm_errno to 0 by calling alpm_checkdeps. Whenever the last call succeeded, pm_errno was not properly set, preventing pacman from properly handling the error and leaking additional memory. We know pm_errno should be ALPM_ERR_UNSATISFIED_DEPS if resolvedeps has failed, so just set it manually. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-28Remove ts and sw from vim modeline when noet is setFlorian Pritz1-1/+1
Forcing vim users to view files with a tabstop of 2 seems really unnecessary when noet is set. I find it much easier to read code with ts=4 and I dislike having to override the modeline by hand. Command run: find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} + Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-15sync_prepare: treat from_sync as a booleanAndrew Gregory1-2/+5
We only care that packages are being installed from a repo, not how many. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-10Consistently use #ifdefAllan McRae1-1/+1
Fix the occurances of #if to be #ifdef for consistency.
2014-01-06check_keyring: plug memory leakAndrew Gregory1-0/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-01-06Update copyright years for 2014Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-12-19trans_prepare: always sort trans->remove by depsAndrew Gregory1-5/+0
Packages can be removed during a sync transaction either directly or due to conflicts and need to be sorted. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-12-15remove useless continueAndrew Gregory1-1/+0
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-12-15alpm_sync_sysupgrade: skip packages being removedAndrew Gregory1-0/+5
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31sortbydeps: include local pkgs in dep graphAndrew Gregory1-3/+6
Detecting indirect dependencies by traversing a package's entire dependency tree is prohibitively slow for larger transactions. Instead add local packages to the dependency graph. This additionally requires delaying dependency ordering for sync operations so that removed packages may be excluded from dependency detection. tests/sync012.py was also updated to ensure that the dependency cycle was actually detected. Fixes FS#37380 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31Expose alpm_pkg_should_ignoreAllan McRae1-7/+7
This function is useful for frontends to annotate package upgrades that will be ignored. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-31Make functions to decode a signature and extract keyid publicAllan McRae1-2/+2
These are useful for frontends. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-15Fix progress bar overflow while checking package integrityAllan McRae1-3/+5
On 32bit systems, the progress bar intergrity checking can show values greater than 100% with large transactions. This is due to the total size of all package files being greater than a size_t. Use uint64_t for these sizes. Fixes FS#36608 Signed-off-by: Allan McRae <allan@archlinux.org>
2013-10-15Report which package is missing a signatureAllan McRae1-1/+4
If any package in a sync transaction is missing a required signature, we give an uninformative error message (which may or may not state that the missing signature is the issue). Always output the package with the missing signature. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-09-04libalpm: introduce a usage level for reposDave Reisner1-2/+13
This defines a level of interest a user has in a repository. These are described by the bitmask flags in the alpm_db_usage_t enum: ALPM_DB_USAGE_SEARCH: repo is valid for searching ALPM_DB_USAGE_INSTALL: repo is valid for installs (e.g. -S pkg) ALPM_DB_USAGE_UPGRADE: repo is valid for sysupgrades ALPM_DB_USAGE_ALL: all of the above are valid Explicitly listing the contents of a repo will always be valid, and the repo will always be refreshed appropriately on sync operations. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-10libalpm/sync: remove useless intermediate variableDave Reisner1-5/+2
This also rearranges some code to ensure that declarations and code aren't mixed. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-07libalpm: Search for replacers before literalsOlivier Brunel1-12/+14
Since 882bff36 literals would be searched before replacers, resulting in a package being replaced by another not actually being replaced under certain conditions (e.g. they're both in the same repo). This change effectively reversed the expectations in test sync132. This patch switches the order back to replacers first, thus making sure if a package is replacing another one, the change will always happen, even if both are in the same repo. Note that a package replacing another one in a repo with higher priority will not be done, see FS#11737 and test sync1105 Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-03-07libalpm: Fix installing update of a replaced packageOlivier Brunel1-0/+2
During a sysupgrade, if a package is replaced by another, and an update for the former package is found (on another repo) the replaced package would be re-installed. Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-24Perform limited conflict checking with --forceAllan McRae1-1/+1
Pacman currently bails when trying to extract a file over a directory when using --force. Instead of ignoring all conflict, perform the check and skip any file-file conflicts. Conflicts between directories and files are still flagged and cause the transation to abort. As a bonus, we now know about files changing packages when using --force, so we can skip removing them fixing upgrade046. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-16fix style violationsAndrew Gregory1-4/+4
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-13Fix --without-gpgme buildAllan McRae1-0/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09Prompt to delete packages with signature failsAllan McRae1-0/+1
Offer to remove the bad package when a signature fails to validate as is done for checksum failures. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09Remove retry path from signature validationAllan McRae1-10/+4
Now that the keyring is checked for all needed keys before the validation, we can not reach a point of a missing key when doing validity checks for sync operations. Signed-off-by: Allan McRae <allan@archlinux.org>
2013-02-09Check keys are in keyring before package validationAllan McRae1-0/+77
Keys used to create signatures are checked for presence in the keyring before package validation is performed. Signed-off-by: Allan McRae <allan@archlinux.org> Conflicts: lib/libalpm/alpm.h Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-29dload: pass back the effective URL to callers of _alpm_downloadDave Reisner1-1/+1
I suspect that eventually we're going to end up returning a pointer to an allocated struct to describe the download result, but that's for another patch when the need arises... Fixes FS#33508. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2013-01-03Update copyright year for 2013Allan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2012-12-14Plug various minor memory leaksAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2012-12-14Make alpm_pkg_find publicAllan McRae1-10/+10
This function is particularly useful, so make it public. Signed-off-by: Allan McRae <allan@archlinux.org>
2012-08-08Merge branch 'maint'Dan McGee1-1/+2
2012-08-08Print repo being search for replaces in debug outputAllan McRae1-1/+2
Given the message is repeated for each repo, it is a good idea to print the repo name in the output. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07Prefix alpm_pkgfrom_t members with ALPM_Allan McRae1-6/+6
Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>