summaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Collapse)AuthorFilesLines
2021-01-09doc: rename libalpm-list man page for consistencyAllan McRae1-1/+1
All other libalpm man pages are in the form libalpm_<name>. Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08doc: change group names to libalpm_*morganamilo2-36/+23
Also change the group's title to point to the group's man page. This makes generated man pages be named libalpm_* which is more consistent with what library man pages are usually called. Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08libalpm: const annotate struct db_operationsEmil Velikov2-2/+2
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08libalpm: const annotate struct pkg_operationsEmil Velikov5-6/+6
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08get_file_pkg_ops: update commentAllan McRae1-3/+2
2021-01-08libalpm: introduce get_sync_pkg_ops() helperEmil Velikov1-2/+17
Currently default_pkg_ops is accessed in two different ways. There is get_file_pkg_ops (in be_package.c) creating a local once-off 'tweaked' copy. As well as load_pkg_for_entry (be_sync.c) which modifies in-place and uses default_pkg_ops. This seems rather misleading and fragile approach. Introduce a helper for the second use-case so that default_pkg_ops is handled consistently and essentially remains unchanged throughout. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08Remove unused SYMHIDDEN macrosEmil Velikov2-2/+0
The macro hasn't been used since 2007 with commit 7f7da2b5fc01f46d28236384540c7ecfdac16a63. Although it was still copied over into alpm_list.c an year or so later with commit ca1a1871 ("More cleanup to alpm_list") Just remove all instances of it. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08libalpm: pass the number of packages being downloaded in totaldlcbmorganamilo2-2/+7
Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08libalpm: don't use curl's deprecated functionsmorganamilo2-8/+7
This bumps the minimun curl version from 7.32.0 to 7.55.0. Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-08libalpm: remove useless ifmorganamilo1-4/+0
Signed-off-by: Allan McRae <allan@archlinux.org>
2021-01-03doc: fix typosmorganamilo1-9/+9
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-29Move hex_representation() to src/commonEmil Velikov1-24/+0
We'll reuse the function in pacman with a later commit. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-29Remove pre libarchive 3.0 codeEmil Velikov1-20/+0
Pacman has required libarchive 3.0 or later for quite some time mow. Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: add extra documentation to the man pagemorganamilo2-2/+16
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: rename alpm_api group to alpmmorganamilo1-1/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: move top level items into groupsmorganamilo1-2/+11
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: move alpm_api group to top of filemorganamilo1-5/+5
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document optionsmorganamilo1-28/+564
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document alpm_listmorganamilo2-255/+294
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document miscmorganamilo1-15/+20
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document transactionsmorganamilo1-12/+23
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document files and groupsmorganamilo1-46/+56
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document packagesmorganamilo1-68/+96
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document loggingmorganamilo1-5/+20
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document databasesmorganamilo1-219/+249
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document callbacksmorganamilo1-168/+271
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document dependsmorganamilo1-131/+164
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document signaturesmorganamilo1-115/+167
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document handlemorganamilo1-28/+30
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: document errormorganamilo1-13/+109
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: add doc header to alpm.hmorganamilo1-0/+12
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-21doc: remove stray doxygen commentmorganamilo1-2/+0
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-09Implement TotalDownload functionalityAnatol Pomozov1-5/+0
With the recent 'multibar' interface changes TotalDownload has been disabled. Now we have a new UI and we need to find another way to display this information. When 'TotalDownload' config option is enabled we are going to have an extra progress bar at the bottom of the screen that shows how much of the entire download has been completed. Closes FS#68202 Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-12-03libalpm: set ret in download filesmorganamilo1-2/+4
download_files never set ret on failiure, so even when downloading fails, the transaction goes on to commit and error out. :: Retrieving packages... python-packaging-20.4-4-any.pkg.tar.zst failed to download error: failed retrieving file 'python-packaging-20.4-4-any.pkg.tar.zst' from mirror.oldsql.cc : The requested URL returned error: 404 warning: failed to retrieve some files (1/1) checking keys in keyring (1/1) checking package integrity error: failed to commit transaction (wrong or NULL argument passed) Errors occurred, no packages were upgraded. Also make the ret checking more consistent. Signed-off-by: Allan McRae <allan@archlinux.org>
2020-11-26libalpm: add alpm_option_get_parallel_downloadsmorganamilo2-0/+12
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-11-26libalpm: set errno when setting parallel downloads with an invalid numbermorganamilo1-3/+1
Signed-off-by: Allan McRae <allan@archlinux.org>
2020-11-26libalpm: clarify alpm_download_event_completed_t statusmorganamilo1-3/+3
The comment makes it seem that the result itself is an error code. But all it does is simply return -1 to indicate an error occured; Signed-off-by: Allan McRae <allan@archlinux.org>
2020-11-26libalpm: don't call dlcb when not setmorganamilo1-2/+2
Fixes FS#68728: Signed-off-by: Allan McRae <allan@archlinux.org>
2020-11-26libalpm: set parallel_downloads to 1 when creating the handlemorganamilo1-0/+2
Fixes FS#68729 Signed-off-by: Allan McRae <allan@archlinux.org>
2020-09-23FS#66472: Remove *.sig file if package corruptedAnatol Pomozov1-0/+6
In case if a package corrupted (e.g. signature or hash is invalid) pacman tries to remove the package file to redownload it anew the next time. Remove *.sig file as well to make sure no data is left for the invalid package. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-09-03remove more autotools filesEli Schwartz4-4/+0
We forgot to remove m4/ in commit 454ea024383eab60295e4c4fdf2c329475887b2c and now it's tragically reminding me of autotools! Also take this opportunity to drop some symlinks in lib/libalpm/ for libcommon source files. In autotools these were built specifically for libalpm and needed to be available in that directory, but the meson setup just has libalpm depend on libcommon. So these pseudo source files aren't needed anymore. Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-08-10Enable sha256/md5 hash verification if detached signatures are usedAnatol Pomozov1-1/+1
Pacman has multiple ways to verify package content integrity: - gpg signature - sha256 - md5 These verification mechanisms overlap each other. gpg signatures already contain hash value of the package content. So if a package signature is present then pacman ignored the other 2 hash values. This worked well with signtures embedded into pacman database. Recently pacman got an ability to handle detached signatures (*.sig files located next to the package files). If pacman verifies detached signature only then one can replace pkg+sig files with some other content and pacman still processes it as a valid package. To prevent it we need to verify database<->package integrity using hash values stored in the database. This commit fixes FS#67232 The new debug output is: checking package integrity... debug: found cached pkg: /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: sha256sum: 77baf61c62c5570b3a37cf0c3b16c5d9a97dde6fedd1a3528bf0cc5f96dd5e52 debug: checking sha256sum for /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: sig data: <from .sig> debug: checking signature for /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: 1 signatures returned debug: fingerprint: B5971F2C5C10A9A08C60030F786C63F330D7CB92 Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-08-10Fix error during keyring checkingAnatol Pomozov1-3/+1
With current master version the 'keyring checking' step produces an error: debug: returning error 6 from alpm_pkg_get_sig (../lib/libalpm/package.c: 274) : wrong or NULL argument passed The package signature is still checked later at the integrity verification step though. This commit fixes keyring checking and now the debug log looks like this: debug: found cached pkg: /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst debug: found detached signature /var/cache/pacman/pkg/ruby-2.7.1-2-x86_64.pkg.tar.zst.sig with size 566 debug: found signature key: 786C63F330D7CB92 debug: looking up key 786C63F330D7CB92 locally debug: key lookup success, key exists Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-14Check that destfile_name exists before using itAnatol Pomozov1-3/+6
In some cases (when trust_remote_name is used for a URL without a filename and no Content-Disposition is provided by the server) destfile_name will be NULL. In this case payload data will be stored in tempfile_name and no destfile_name is set. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-14Do not free payload fields in the middle of this structure useAnatol Pomozov1-4/+0
At the end of payload use it calls _alpm_dload_payload_reset() that will free() these and other fields anyway. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-14Build signature remote name based on the main payload nameAnatol Pomozov1-24/+37
The main payload final name might be affected by url redirects or Content-Disposition HTTP header value. We want to make sure that accompanion *.sig filename always matches the package filename. So ignore finalname/Content-Disposition for the *.sig file. It also helps to fix a corner case when the download URL does not contain a filename and server provides Content-Disposition for the main payload but not for the signature payload. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-07Fallback to detached signatures during keyring checkAnatol Pomozov5-9/+98
Pacman has a 'key in keyring' verification step that makes sure the signatures have a valid keyid. Currently pacman parses embedded package signatures only. Add a fallback to detached signatures. If embedded signature is missing then it tries to read corresponding *.sig file and get keyid from there. Verification: debug: found cached pkg: /var/cache/pacman/pkg/glib-networking-2.64.3-1-x86_64.pkg.tar.zst debug: found detached signature /var/cache/pacman/pkg/glib-networking-2.64.3-1-x86_64.pkg.tar.zst.sig with size 310 debug: found signature key: A5E9288C4FA415FA debug: looking up key A5E9288C4FA415FA locally debug: key lookup success, key exists Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-07FS#33992: force download *.sig file if it does not exist in the cacheAnatol Pomozov2-9/+24
In case if *.pkg exists but *.sig file does not we still have to pass the pkg to multi_download API. To avoid redownloading *.pkg file we use CURLOPT_TIMECONDITION curl option. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-07Add a utility function to check whether a file exists in the cacheAnatol Pomozov2-0/+16
It is similar to _alpm_filecache_find() but does not return a dynamically allocated memory to user. Thus the user does not need to free this resource. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
2020-07-07Do not use counter for error trackingAnatol Pomozov1-8/+10
Current code uses an incrementing counter to check whether a function returned error: errors += some_function(); if(errors) { goto finish } Replace with a more standard variable errors = some_function(); if(errors) { goto finish } Rename 'errors' variable to a more typical 'ret'. Avoid reporting both ALPM_EVENT_PKG_RETRIEVE_FAILED and ALPM_EVENT_PKG_RETRIEVE_DONE in the error path. Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>