summaryrefslogtreecommitdiffstats
path: root/lib/libalpm
AgeCommit message (Collapse)AuthorFilesLines
2011-09-27Fix compilation using --without-gpgmeDan McGee1-3/+10
I'm really good at breaking this on a regular basis. If only we had some sort of automated testing for this... Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Remove unnecessary loggerDan McGee1-1/+0
This is just a wrapper function; the real function we call logs an almost identical line. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Delay check for repository servers until we need themDan McGee1-8/+8
In the sync download code, we added an early check in 6731d0a9407e for sync download server existence so we wouldn't show the same error over and over for each file to be downloaded. Move this check into the download block so we only run it if there are actually files that need to be downloaded for this repository. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Ensure fileconflict value is actually a stringDan McGee1-16/+14
When we switched to a file object and not just a simple string, we missed an update along the way here in target-target conflicts. This patch looks large, but it really comes down to one errant (char *) cast before that has been reworked to explicitly point to the alpm_file_t object. The rest is simply code cleanup. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Update Doxyfile and fix some documentation errors caught by DoxygenDan McGee6-10/+13
A few parameters were outdated or wrongly named, and a few things were explicitly linked that Doxygen wasn't able to resolve. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Ensure database validity flags are set in invalid signature caseDan McGee1-0/+3
We returned the right error code but never set the flags accordingly. Also, now that we can bail early, ensure we set the error code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Handle key import errors correctly and with good error messagesDan McGee1-6/+36
This adds calls to gpgme_op_import_result() which we were not looking at before to ensure the key was actually imported. Additionally, we do some preemptive checks to ensure the keyring is even writable if we are going to prompt the user to add things to it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22signing: be consistent with returning -1 for error casesDan McGee1-12/+17
This also fixes a segfault found by dave when key_search is unsuccessful; the key_search return code documentation has also been updated to reflect reality. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Regenerate message catalogs and translationsv4.0.0rc2Dan McGee28-246/+470
We've had a bit of churn since the last time this was done. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Translation file updates from TransifexDan McGee27-160/+196
Pick up any updates before I push new source messages out to the service. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add status and check for key being disabledDan McGee2-2/+14
Because we aren't using gpgv and a dedicated keyring that is known to be all safe, we should honor this flag being set on a given key in the keyring to know to not honor it. This prevents a key from being reimported that a user does not want to be used- instead of deleting, one should mark it as disabled. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Implement PGP key search and importDan McGee1-5/+149
Add two new static methods, key_search() and key_import(), to our growing list of signing code. If we come across a key we do not have, attempt to look it up remotely and ask the user if they wish to import said key. If they do, flag the validation process as a potential 'retry', meaning it might succeed the next time it is ran. These depend on you having a 'keyserver hkp://foo.example.com' line in your gpg.conf file in your gnupg home directory to function. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22signing: document most undocumented functionsDan McGee1-0/+55
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add _alpm_process_siglist() logic to failed package validationDan McGee2-24/+59
This moves the result processing out of the validation check loop itself and into a new loop. Errors will be presented to the user one-by-one after we fully complete the validation loop, so they no longer overlap the progress bar. Unlike the database validation, we may have several errors to process in sequence here, so we use a function-scoped struct to track all the necessary information between seeing an error and asking the user about it. The older prompt_to_delete() callback logic is still kept, but only for checksum failures. It is debatable whether we should do this at all or just delegate said actions to the user. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add new import key question enum value and stub frontend functionDan McGee1-0/+1
This is for eventual use by the PGP key import code. Breaking this into a separate commit now makes the following patches a bit easier to understand. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add alpm_capabilities() method and enumerationDan McGee2-2/+31
This allows a frontend program to query, at runtime, what the library supports. This can be useful for sanity checking during config- requiring a downloader or disallowing signature settings, for example. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Move default siglevel value from backend to frontendDan McGee1-6/+1
This takes the libraries hidden default out of the equation: hidden in the sense that we can't even find out what it is until we create a handle. This is a chicken-and-egg problem where we have probably already parsed the config, so it is hard to get the bitmask value right. Move it to the frontend so the caller can do whatever the heck they want. This also exposes a shortcoming where the frontend doesn't know if the library even supports signatures, so we should probably add a alpm_capabilities() method which exposes things like HAS_DOWNLOADER, HAS_SIGNATURES, etc. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22validate_deltas: split verify/check errors loopsDan McGee1-10/+14
This allows us to do all delta verification up front, followed by whatever needs to be done with any found errors. In this case, we call prompt_to_delete() for each error. Add back the missing EVENT(ALPM_EVENT_DELTA_INTEGRITY_DONE) that accidentally got removed in commit 062c391919e93f1d6. Remove use of *data; we never even look at the stuff in this array for the error code we were returning and this would be much better handled by one callback per error anyway, or at least some strongly typed return values. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Fix possible segfault if siglist was emptyDan McGee1-1/+4
If siglist->results wasn't a NULL pointer, we would try to free it anyway, even if siglist->count was zero. Only attempt to free this pointer if we had results and the pointer is valid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-21Remove noisy debug loggerDan McGee1-3/+0
This one can be overwhelming when reading debug output from a very large package. We already have the output of each extracted file so we probably can do without this in 99.9% of cases. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20_alpm_sync_commit: extract two static methodsDan McGee1-54/+69
This adds two new static methods, check_validity() and load_packages(), to sync.c which are simply code fragments pulled out of our do-everything sync commit code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Pass package signature data up one more levelDan McGee3-16/+14
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20signing: add a process and retry loop for database signaturesDan McGee3-6/+81
In reality, there is no retrying that happens as of now because we don't have any import or changing of the keyring going on, but the code is set up so we can drop this in our new _alpm_process_siglist() function. Wire up the basics to the sync database validation code, so we see something like the following: $ pacman -Ss unknowntrust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: database 'core' is not valid (invalid or corrupted database (PGP signature)) $ pacman -Ss missingsig error: core: missing required signature error: core: missing required signature error: database 'core' is not valid (invalid or corrupted database (PGP signature)) Yes, there is some double output, but this should be fixable in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Allow our PGP helper method to pass back the signature resultsDan McGee4-11/+30
This will make its way up the call chain eventually to allow trusting and importing of keys as necessary. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Split package validation and load loopsDan McGee2-12/+51
This adds a some new callback event and progress codes for package loading, which was formerly bundled in with package validation before. The main sync.c loop where loading occurred is now two loops running sequentially. The behavior should not change with this patch outside of progress and event display; more changes will come in following patches. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Extract an _alpm_pkg_validate_internal() methodDan McGee3-37/+68
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of the method that dealt with checksum and signature validation into a separate method that should be called before one loads a package to ensure it is valid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Remove all usages of alpm_list_getdata() from the libraryDan McGee4-5/+6
No need for the indirection; just access ->data instead. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20_alpm_runscriptlet(): remove clean_tmpdir variableDan McGee1-7/+4
This is always true at the end since we return early if we couldn't create the tmpdir, so it is totally unnecessary. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Access db->pkgcache directly in db_free_pkgcache()Dan McGee1-2/+4
We shouldn't be going through the accessor that does a bunch of unnecessary legwork, including potentially loading the pkgcache right before we free it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Use more efficient way of restoring working directoryDan McGee3-24/+37
Rather than using a string-based path, we can restore the working directory via a file descriptor and use of fchdir(). From the getcwd manpage: Opening the current directory (".") and calling fchdir(2) to return is usually a faster and more reliable alternative when sufficiently many file descriptors are available. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Reduce path allocation on the stack in local databaseDan McGee1-32/+35
We did a lot of both malloc-ing and stack printing to form some paths in this code. Attempt to unify it all into the one get_pkgpath() method by adding an optional third "filename" parameter, and form the necessary path string all in one go. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Be smarter about running ldconfig during removal transactionsDan McGee4-9/+11
1. Don't run it if something failed in package removal- this mirrors what we already do in sync transactions. 2. Don't run it if we are invoking it for the replaces removal bit of a sync transaction- it doesn't make sense to run ldconfig halfway through a sync install; we should only run it once at the end. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Search for non-prefixed paths in skip_remove listDan McGee1-3/+3
We add them to this list with the root path not appended; we should be searching for them this way as well. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19be_local: cope with a desc file without trailing newlineDan McGee1-2/+6
We checked the (fgets == NULL and !feof) case, but never actually bailed out of the loop if we were at the end of the file, causing infinite looping. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Remove const specifier from changelog_read() void parameterDan McGee6-8/+8
This shouldn't really be declared with const, and causes a compile error when -Wcast-qual is used. Remove the const specifier from the function specification and all implementations. Also fix one other trivial -Wcast-qual warning in _alpm_db_cmp(). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-19Remove dead changelog_feof() codeDan McGee2-9/+0
We never ended up using or really needing this; kill it for now knowing it is in git history if ever needed again. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-18dload: avoid using memrchrDave Reisner1-3/+9
This function doesn't exist on OSX. Since there aren't any other candidates in alpm for which this function would make sense to use, simply replace the function call with a loop that does the equivalent. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18Ensure entire struct is zeroed in _alpm_parsedate()Dan McGee1-1/+2
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18dload: remove user:pass@ definition from hostnameDave Reisner1-1/+9
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-18Fix build without gpgmeDan McGee1-1/+3
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-12account for partial delta files in download sizeDave Reisner1-5/+21
Similar to an earlier commit which accounts for .part files for full packages, calculate the download_size for deltas keeping mind the possibility of a partial transfer. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-12make compute_download_size consider .part filesDave Reisner1-3/+24
Check for the existance of a partial download of a package file before jumping to delta calculations. Currently, if there were 10MiB remaining in a 100MiB the values passed to the front end do not reflect this. Refactored from an old patch originally by Dan. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-12dload: provide optional netrc supportDave Reisner1-0/+1
if ~/.netrc exists and has credentials for the hostname requested in a download, they will be provided in an http auth request. This can still be overridden by explcitly declaring user:pass in the URL. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-08diskspace: fix memory leak on root mount not foundDave Reisner1-1/+3
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-08Use more correct integer types in diskspace checksDan McGee2-16/+20
This adjusts type usage to match POSIX provided types from <sys/types.h> rather than assuming everything will fit in a long or unsigned long. Use fsblkcnt_t (unsigned) and blkcnt_t (signed) as appropriate. These are affected the same way off_t is on 32 bit platforms, where the types are extende to 64 bits if large file support is enabled. Because most numbers here are block counts, this isn't near as pressing as using a 32-bit variable for file sizes where anything over 2GiB can burn you; we likely can support files at least 512 but mainly 4096 times larger. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-08Ensure PackageRequired works as expectedDan McGee1-6/+7
Changes in commit dc3336c277 caused this to stop working as expected for sync packages, due to the way the logic is structured. Ensure we always enter the signature code if the bitflag is flipped on to check signatures for packages. Rename 'use_sig' to 'has_sig' for clarity. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-06dload: use intmax_t when printing off_tDan McGee1-2/+4
This works for both 32-bit and 64-bit platforms. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-06dload: abstract dload_interrupted reasonsDave Reisner1-3/+9
This gives us some amount of room to grow in case we ever find another reason that we might return with an error from the progress callback. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-06dload: improve debug outputDave Reisner1-2/+13
We lost some of this output in the fetch->curl conversion, but I also noticed in FS#25852 that we just lack some of this useful information along the way. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-09-06avoid blowing out the filecache list when using tmpdirDave Reisner1-4/+2
_alpm_filecache_setup() destroys the list of cachedirs when it finds no writeable directories in the config. This put us in an awkward situation where _alpm_filecache_find() would locate a downloaded file in a r/o cachedir, but then fail to install it after _alpm_filecache_setup() is called (with a NULL argument). Change this behavior to merely prepend the temporary directory to the list of available cachedirs. Dan exposed it in e07547ee4ed4, as now a package can be found in a directory we may not be able to actually store packages in. Reported-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>