Age | Commit message (Collapse) | Author | Files | Lines |
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
If a scriptlet/hook dies at the wrong moment it can trigger SIGPIPE,
terminating the process. For pipes, there is no way to prevent SIGPIPE
other than ignoring it process-wide. This can have unintended
consequences in a multi-threaded process. Using send(2) with sockets,
however, allows ignoring SIGPIPE on a per-call basis, leaving other
threads able to make use of SIGPIPE.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
If the user replaces a directory with a symlink, libalpm would get
confused because the trailing slash causes system calls to resolve the
symlink. This leads to errors and a misleading message during upgrades.
Even though libalpm does not support this, it should not be giving
misleading errors.
Also adds an overflow check.
Fixes FS#51377
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
vptr is a simple list iterator, which are typically named i.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
Allows for safer, more fine-grained control for overwriting files than
--force's all-or-nothing approach.
Implements FS#31549.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
archive_read_extract() forces resolution of uid/gid to names
when extracting the tarball. This can lead to wrong file
ownership when using pacman with -r option and when uid/gid
differ in the host and in the chroot.
archive_read_extract2() uses uid's and gid's only. See also:
https://lists.archlinux.org/pipermail/pacman-dev/2017-March/021912.html
Signed-off-by: Armin K <krejzi@email.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Makes error detection and handling easier for a common operation.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If a comment in an INSTALL file contains the name of a valid
INSTALL file function but the function itself is not present,
pacman tries to execute that function. That leads to an error.
Ignore comments in the grep function in libalpm/trans.c to
avoid such errors.
Signed-off-by: Michael Straube <straubem@gmx.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add command line option ('--disable-download-timeout') and config file
option ('DisableDownloadTimeout') to disable defaults for low speed
limit and timeout on downloads. Use this if you have issues downloading
files with proxy and/or security gateway.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Also remove redundant additional return path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
makepkg adds makedepends and checkdepends to a package's .PKGINFO file.
Add functions that allow use of these from libalpm.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The files belong to the new version of a package being installed, they
are not temporary in any way.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When replacing a file with a directory, any files under that directory
do not need to be checked for conflicts. This prevents possible
false-positive conflicts where the file being replaced is a symlink.
We were already skipping the directory children when the file was owned
by the previous version of a package being upgraded. This extends that
to other packages being removed.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The former is really old, and should be avoided.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Some database files (install, mtree, and changelog) are extracted
directly from the package, but DBONLY was skipping extraction
altogether, causing those files to be missing after the transaction.
Fixes #52052
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
LAZY_LOAD has completely ignored the errret value since commit
307a6de17a3bca9f8666b33aa3fb9a8dd88c300b in 2011.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In FS#43434, Downloads which fail and are restarted on a different server
will resume and may display a negative download speed. The payload's progress
in libalpm was not properly reset which ultimately caused terminal noise
because the line width calculation assumes positive download speeds.
This patch fixes the incomplete reset of the payload by mimicing what
be_sync.c:alpm_db_update() does over in sync.c:download_single_file().
The new dload.c:_alpm_dload_payload_reset_for_retry() extends beyond the
current behavior by updating initial_size and prevprogress for this case.
This makes pacman reset the progress properly in the next invocation of the
callback and display positive download speeds.
Fixes FS#43434.
Signed-off-by: Martin Kühne <mysatyre@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This does exactly the same thing as it code it replaces, but punt to
curl to do it for brevity. Requires curl 7.25.0, which we already cover.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Many bitfield variables are declared to be enums, because they are
generated using bitwise operations on enums such. However, their
actual values aren't necessary members of their parent enum, so
declaring them 'int' is more accurate.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows functions which return an _alpm_errno_t to always return a
genuine _alpm_errno_t for consistency, even in cases where there are
no errors. Since ALPM_ERR_OK = 0, their callers can still simply check
'err = some_fn(); if (!err) { ... }'.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Add a --with-nettle configure option that directs pacman to use the libnettle
hashing functions. Only one of the --with-libssl and --with-nettle configure
options can be specified.
[Allan: rewrote configure check]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This should make pacman's behavior consistent with GNU coreutils df,
as well as follow advice from affected filesystems' devs as well as
`man statvfs`.
This fixes FS#37402
Signed-off-by: Martin Kühne <mysatyre@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This was included due to use of PolarSSL's implementation for our internal
SHA2 support. As our internal checksum calculations are now removed, we
can also remove this unused code path.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The internal implementations for md5 and sha256 checksums have not been merged
from upstream sources for a long time. Instead of us carrying copies of code
from other projects, we should just support building against multiple libraries
that provide such functionality.
This patch removes the md5 and sha2 code (originally obtained from PolarSSL)
from our repository. The configure script will now error unless at least one
library supporting checksum generation is present, with the only library
currently supported being openssl. It will be relatively simple for other
such libraries (e.g. nettle) to be supported if anyone wishes to add them.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Making it size_t matches the return value of alpm_list_count() and
avoids the implicit cast to int.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Since the number of packages is not used anywhere, just return a
boolean to avoid the implicit cast from size_t to int in be_local.c.
Use 0 as success to be consistent with db_validate.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Recent gcc (tested with 6.2.1) produces the following error when
compiling with both --enable-warningflags and --enable-debug.
In particular, it seems it is the combination of GCC_STACK_PROTECT_LIB
and -Wstrict-overflow=5 produces the error.
be_local.c:609:4: error: assuming signed overflow does not occur
when simplifying conditional
[-Werror=strict-overflow]
if(count > 0) {
Fix this by changing the type of count from int to size_t, which is
fine since count is never negative.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Also add pactest which captures this leak when run under valgrind.
Reported-by: Sergey Petrenko
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Curl 7.32.0 added CURLOPT_XFERINFOFUNCTION, which deprecates
CURLOPT_PROGRESSFUNCTION and means less casting doubles to size_ts for
alpm. This change has no user-facing nor frontend-facing effects.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When curl calls alpm's dlcb, alpm calls the frontend's cb with the
following (dlsize, totalsize) arguments:
0, -1: initialize
0, 0: no change since last call
x {x>0, x<y}, y {y>0}: data downloaded, total size known
x {x>0}, x: download finished
If total size is not known, do not call frontend cb (no change to
original behavior); alpm's callback shouldn't be called if there is a
download error.
See agregory's original spec here:
https://wiki.archlinux.org/index.php/User:Apg#download_callback
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
macOS < 10.10 do not provide fstatat. We were constructing the full
path to the hook file for all other operations anyway, so there was no
real benefit to using fstatat.
Fixes FS#49771
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
glibc 2.24 deprecates readdir_r.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If signature files are larger than SIZE_MAX, not enough memory could
be allocated for this file. The script repo-add rejects files which
are larger than 16384 bytes, therefore handle these as errors here,
too.
While at it, I also rearranged the code to avoid a quite harmless
TOCTOU race condition between stat() and fopen().
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Some resources (memory or file descriptors) are not released on all
error paths.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In out of memory conditions, an undefined error value is written
into *err, because myerr is never explicitly set in these cases.
I have also converted a calloc into a MALLOC call, because the memory
will be properly filled by the snprintf call right after it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Cyclic dependencies (A depends on B, B depends on A) were not selected
because neither package could be removed individually, so
can_remove_package would always return false for both. By preselecting
all dependencies then filtering back out any dependencies still required
by any packages that will not be uninstalled, groups of unneeded cyclic
dependencies can be found.
Fixes FS#41031
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The value EAGAIN is allowed by POSIX to be the same as EWOULDBLOCK, but this is
not guaranteed. Thus on some systems (e.g. glibc Linux), we get a warning that
the logical OR is being performed on two expressions of the same type. We can
not get rid of this test in case any system defines these as unique values.
Suggested-by: Dave Reisner
Signed-off-by: Allan McRae <allan@archlinux.org>
|