summaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Collapse)AuthorFilesLines
2015-07-20ensure matching database and package versionLevente Polyak1-0/+18
While loading each package ensure that the internal version matches the expected database version to avoid the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. The behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-15Read file lists from databasesAllan McRae1-2/+36
If a sync database contains a "files" file, the file list will be read. Currently, there is no known demand for the file list to be lazy loaded by any libalpm frontend, so these files are read whenever present. Lazy loading can be implemented when a demand exists. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-15Allow frontends to specify the sync database extensionAllan McRae6-8/+44
This allows frontends to select between the .db and .files databases currently supplied by repo-add or any other compatible database. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-14Do not warn about packages that optionally require a removal when ignoring depsAllan McRae1-1/+3
If a transaction is removing a package while ignoring all dependencies, there should not be any warning about other packages optionally requiring it. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-07-12Do not warn about downgrades when only downloading packageAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12libalpm: Do a sanity check before manipulating final DB URLDavid Macek1-4/+11
The change in commit 9d96bed9d6b57 causes download errors for the .db.sig file in case the final URL for the .db file contains query strings or other unexpected stuff. This commit isn't intended to be a total solution, but it should eliminate the problem in the most obvious cases. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12Fix comment in alpm_db_updateDavid Macek1-1/+1
Fix comment to better explain the magic constant used when allocating a buffer for ".db.sig" URL. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12alpm_logaction: implement documented return valueAndrew Gregory1-8/+16
"return 0 on success, -1 on error (pm_errno is set accordingly)" Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12alpm_logaction: allow falling back to syslogAndrew Gregory1-1/+1
Even if opening the log file fails, if a user has enabled syslog we may still be able to log to that. Set the error return value and continue instead of bailing out. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12alpm_logaction: check logfile before openingAndrew Gregory1-1/+1
valgrind does not like calling open(NULL, ...). This also makes the return value 0 if logfile has not been set. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12merge _alpm_logaction into alpm_logactionAndrew Gregory3-54/+29
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-05-12Silence warning from clangAllan McRae1-1/+1
clang is wrong - dbfile is always used initialized in that function. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26close stdin before running install scriptsAndrew Gregory1-0/+1
libalpm does not guarantee that script output will be presented to the user or that stdin will be connected to a terminal. Close stdin so that scripts do not attempt to use it for user interaction. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26be_package: fallback to standard filelist loadingAndrew Gregory1-15/+22
In order to work properly, loading the filelist from an mtree file requires a libarchive patch that has not yet been included in an official release.[1] Under certain circumstances, an unpatched libarchive may refuse to read the mtree file due to inconsistencies between it and the user's file system. In order to allow alpm to recover in this situation, read the mtree data into a temporary filelist that is only copied over to the package if the entire read is successful. [1] https://github.com/libarchive/libarchive/commit/661684170b970ef7d6eff135b57e58a537e8bc53 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-26add_entry_to_files_list: pass filelist directlyAndrew Gregory1-8/+9
Allows entries to be added to arbitrary filelists not connected to a package. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03remove: use strcmp for files in skip_removeAndrew Gregory1-49/+33
Paths from noupgrade, the transaction skip_remove, and package backup lists were combined into a single list matched using fnmatch causing paths with glob characters to match unrelated files. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03sync_prepare: exclude removals from resolvedepsAndrew Gregory1-1/+1
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03calculate_removed_size: ensure llstat succeedsAllan McRae1-1/+6
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03Abort of failure to add version file to empty local databaseAllan McRae1-2/+12
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-03-03parse_descfile: fix memory leak in error caseAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-20Merge branch 'maint'Allan McRae45-855/+1717
2015-02-20Update translations from TransifexAllan McRae10-118/+120
2015-02-14Update translations from TransifexAllan McRae40-743/+1603
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12Merge branch 'maint'Allan McRae2-0/+15
2015-02-12Disable directory ownership warningsAllan McRae1-0/+8
There was a lot of confusion regarding these warnings, particularly for packages that create users post_install and then chown the directories. Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-12set package origin when adding to db cacheAndrew Gregory1-0/+7
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Update copyright notices for 2015Allan McRae50-50/+50
Signed-off-by: Allan McRae <allan@archlinux.org>
2015-02-01Merge branch 'maint'Allan McRae1-0/+4
2015-02-01trans_commit: restore pm_errno after updating logAndrew Gregory1-0/+4
If the call to alpm_logaction failed it would overwrite pm_errno, leading to error messages unrelated to the actual reason the transaction failed. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-01-21extract_single_file: consolidate extraction logicAndrew Gregory1-79/+61
Also adds checks that the filename does not exceed PATH_MAX. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21extract_single_file: use .pacnew for check filesAndrew Gregory1-27/+13
Prevents the need to rename the file if we end up keeping it and ensures that pacnew files always reflect the most recent version by overwriting stale copies. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21remove support for .pacorig filesAndrew Gregory2-73/+24
Leave user files in place and save new config files with a .pacnew extension. This reduces the complexity of file extraction and respects the principle that pacman shouldn't modify files it didn't create. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21extract_single_file: use full path in messagesAndrew Gregory1-18/+13
If an error occurs the actual path being extracted is more useful than the original path from the package file list. The original path is still used for checks that use it directly. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21extract_single_file: factor out db file extractionAndrew Gregory1-28/+32
alpm's database files (.INSTALL, .MTREE, etc.) should be extracted no matter what; skip mtree/needbackup/noextract/noupgrade checks for them. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21extract_single_file: reduce indentationAndrew Gregory1-55/+51
Puts all of the conflict cases at the same level. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21extract_single_file: consolidate needbackup checksAndrew Gregory1-39/+15
We need to know if a file needs to be backed up for all extracted files. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21conf.c: use masks for siglevel inheritanceAndrew Gregory2-4/+1
This will allow pacman to parse its config file in a single pass and removes the need for the *_SET siglevels in alpm that were only required for pacman's siglevel inheritance. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
2015-01-21Merge branch 'maint'Allan McRae2-2/+2
2015-01-21fix geometric growth in _alpm_greedy_growDaniel Micay1-1/+1
It was allocating the required size rather than the calculated new size, resulting in pathological incremental reallocations. Signed-off-by: Daniel Micay <danielmicay@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-01-21be_local: fix _alpm_greedy_grow usageDaniel Micay1-1/+1
The files_size variable contains the current capacity (in bytes) and should not be used to calculate the next length increment. It only works because _alpm_greedy_grow currently results in incremental growth. Signed-off-by: Daniel Micay <danielmicay@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-01-02initialize pointers passed to _alpm_pkg_dupAndrew Gregory2-2/+2
_alpm_pkg_dup leaves the destination pointer unaltered in case of fatal errors, so when commits 2f0ca00e and be4198b3 freed the pointer, they fixed a memory leak on non-fatal errors by replacing it with a segmentation fault on fatal errors. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2015-01-02be_package.c: fix style violationAndrew Gregory1-1/+2
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27Remove logically dead code in _alpm_local_db_writeAllan McRae1-5/+0
We can only get to cleanup: through fp being NULL due to fopen failing or normal execution when fclose is called. Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27_alpm_run_chroot: only close working directory if it was openedAllan McRae1-1/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27_alpm_db_add_pkgincache: free potential memory leakAllan McRae1-0/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27Initialize memory to prevent issues when freeing on errorAllan McRae2-4/+4
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27_alpm_recursedeps: free memory on errorAllan McRae1-0/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27apply_deltas: fix memory leak on errorAllan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2014-12-27Merge branch 'maint'Allan McRae1-1/+1
2014-12-27fix duplication of package sha256sumAllan McRae1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>