From db3b86e7f34f4c3ccb42e98465f2069aa642a85f Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 17:29:55 -0500 Subject: Do database signature checking at load time This is the ideal place to do it as all clients should be checking the return value and ensuring there are no errors. This is similar to pkg_load(). We also add an additional step of validation after we download a new database; a subsequent '-y' operation can potentially invalidate the original check at registration time. Note that this implementation is still a bit naive; if a signature is invalid it is currently impossible to refresh and re-download the file without manually deleting it first. Similarly, if one downloads a database and the check fails, the database object is still there and can be used. These shortcomings will be addressed in a future commit. Signed-off-by: Dan McGee --- src/pacman/conf.c | 16 +++------------- src/util/cleanupdelta.c | 2 +- src/util/testdb.c | 2 +- 3 files changed, 5 insertions(+), 15 deletions(-) (limited to 'src') diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 081cdd5e..5c2a11d3 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -460,7 +460,7 @@ static int setup_libalpm(void) ret = alpm_option_set_logfile(handle, config->logfile); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting logfile '%s' (%s)\n"), - config->logfile, alpm_strerror(alpm_errno(config->handle))); + config->logfile, alpm_strerror(alpm_errno(handle))); return ret; } @@ -470,7 +470,7 @@ static int setup_libalpm(void) ret = alpm_option_set_gpgdir(handle, config->gpgdir); if(ret != 0) { pm_printf(PM_LOG_ERROR, _("problem setting gpgdir '%s' (%s)\n"), - config->gpgdir, alpm_strerror(alpm_errno(config->handle))); + config->gpgdir, alpm_strerror(alpm_errno(handle))); return ret; } @@ -542,7 +542,7 @@ static int finish_section(struct section_t *section, int parse_options) } /* if we are not looking at options sections only, register a db */ - db = alpm_db_register_sync(config->handle, section->name); + db = alpm_db_register_sync(config->handle, section->name, section->sigverify); if(db == NULL) { pm_printf(PM_LOG_ERROR, _("could not register '%s' database (%s)\n"), section->name, alpm_strerror(alpm_errno(config->handle))); @@ -550,16 +550,6 @@ static int finish_section(struct section_t *section, int parse_options) goto cleanup; } - if(section->sigverify) { - if(alpm_db_set_pgp_verify(db, section->sigverify)) { - pm_printf(PM_LOG_ERROR, - _("could not set verify option for database '%s' (%s)\n"), - section->name, alpm_strerror(alpm_errno(config->handle))); - ret = 1; - goto cleanup; - } - } - for(i = section->servers; i; i = alpm_list_next(i)) { char *value = alpm_list_getdata(i); if(_add_mirror(db, value) != 0) { diff --git a/src/util/cleanupdelta.c b/src/util/cleanupdelta.c index 98291706..5ee59dbb 100644 --- a/src/util/cleanupdelta.c +++ b/src/util/cleanupdelta.c @@ -75,7 +75,7 @@ static void checkdbs(const char *dbpath, alpm_list_t *dbnames) { for(i = dbnames; i; i = alpm_list_next(i)) { char *dbname = alpm_list_getdata(i); snprintf(syncdbpath, PATH_MAX, "%s/sync/%s", dbpath, dbname); - db = alpm_db_register_sync(handle, dbname); + db = alpm_db_register_sync(handle, dbname, PM_PGP_VERIFY_OPTIONAL); if(db == NULL) { fprintf(stderr, "error: could not register sync database (%s)\n", alpm_strerror(alpm_errno(handle))); diff --git a/src/util/testdb.c b/src/util/testdb.c index 4937480d..af5007e2 100644 --- a/src/util/testdb.c +++ b/src/util/testdb.c @@ -151,7 +151,7 @@ static int check_syncdbs(alpm_list_t *dbnames) { for(i = dbnames; i; i = alpm_list_next(i)) { char *dbname = alpm_list_getdata(i); - db = alpm_db_register_sync(handle, dbname); + db = alpm_db_register_sync(handle, dbname, PM_PGP_VERIFY_OPTIONAL); if(db == NULL) { fprintf(stderr, "error: could not register sync database (%s)\n", alpm_strerror(alpm_errno(handle))); -- cgit v1.2.3-24-g4f1b From 1150d9e15aaea2ae1f259995d11442f491ef0af7 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Wed, 20 Apr 2011 19:54:01 -0500 Subject: Move database 'version' check to registration time This is another step toward doing both local database validation (ensuring we don't have depends files) and sync database validation (via signatures if present) when the database is registered. Signed-off-by: Dan McGee --- src/pacman/conf.c | 3 +++ src/pacman/util.c | 3 --- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/pacman/conf.c b/src/pacman/conf.c index 5c2a11d3..c5f78d40 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -449,6 +449,9 @@ static int setup_libalpm(void) if(!handle) { pm_printf(PM_LOG_ERROR, _("failed to initialize alpm library (%s)\n"), alpm_strerror(err)); + if(err == PM_ERR_DB_VERSION) { + fprintf(stderr, _(" try running pacman-db-upgrade\n")); + } return -1; } config->handle = handle; diff --git a/src/pacman/util.c b/src/pacman/util.c index 66f127c6..77a7e56c 100644 --- a/src/pacman/util.c +++ b/src/pacman/util.c @@ -68,9 +68,6 @@ int trans_init(pmtransflag_t flags) " running, you can remove %s\n"), alpm_option_get_lockfile(config->handle)); } - else if(err == PM_ERR_DB_VERSION) { - fprintf(stderr, _(" try running pacman-db-upgrade\n")); - } return -1; } -- cgit v1.2.3-24-g4f1b From 79e98316ea89486d107466858543e965bcfbb0a9 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 20:42:15 -0500 Subject: Add a 'valid' flag to the database object Start by converting all of our flags to a 'status' bitmask (pkgcache status, grpcache status). Add a new 'valid' flag as well. This will let us keep track if the database itself has been marked valid in whatever fashion. For local databases at the moment we ensure there are no depends files; for sync databases we ensure the PGP signature is valid if required/requested. The loading of the pkgcache is prohibited if the database is invalid. Signed-off-by: Dan McGee --- src/pacman/conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/pacman/conf.c b/src/pacman/conf.c index c5f78d40..076e854d 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -450,7 +450,7 @@ static int setup_libalpm(void) pm_printf(PM_LOG_ERROR, _("failed to initialize alpm library (%s)\n"), alpm_strerror(err)); if(err == PM_ERR_DB_VERSION) { - fprintf(stderr, _(" try running pacman-db-upgrade\n")); + pm_printf(PM_LOG_ERROR, _(" try running pacman-db-upgrade\n")); } return -1; } -- cgit v1.2.3-24-g4f1b From 4f8ae2bab61c8fc678589c6840d44977c82d4cc2 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Fri, 24 Jun 2011 04:11:38 -0500 Subject: Don't require a transaction for sync DB updates Instead, just do the required locking directly in the backend in calls to alpm_db_update(). Signed-off-by: Dan McGee --- src/pacman/sync.c | 7 ------- 1 file changed, 7 deletions(-) (limited to 'src') diff --git a/src/pacman/sync.c b/src/pacman/sync.c index 6c86bd10..f242c827 100644 --- a/src/pacman/sync.c +++ b/src/pacman/sync.c @@ -283,10 +283,6 @@ static int sync_synctree(int level, alpm_list_t *syncs) alpm_list_t *i; int success = 0, ret; - if(trans_init(0) == -1) { - return 0; - } - for(i = syncs; i; i = alpm_list_next(i)) { pmdb_t *db = alpm_list_getdata(i); @@ -302,9 +298,6 @@ static int sync_synctree(int level, alpm_list_t *syncs) } } - if(trans_release() == -1) { - return 0; - } /* We should always succeed if at least one DB was upgraded - we may possibly * fail later with unresolved deps, but that should be rare, and would be * expected -- cgit v1.2.3-24-g4f1b From e06586ceb49a0dc7e59996ae3a1483337d2ada05 Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Tue, 21 Jun 2011 13:42:17 -0400 Subject: pactree: carry a list of databases for dep resolution Declare an alpm_list which, for now, only holds our local database. walk_deps and walk_reverse_deps are refactored to account for this, and a helper function is added to wrap alpm_db_get_pkg for traversing a list. This is groundwork for letting pactree walk the sync DBs. Signed-off-by: Dave Reisner Signed-off-by: Dan McGee --- src/util/pactree.c | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/util/pactree.c b/src/util/pactree.c index 6b29d935..87bac6d1 100644 --- a/src/util/pactree.c +++ b/src/util/pactree.c @@ -75,7 +75,6 @@ static struct color_choices no_color = { /* globals */ pmhandle_t *handle = NULL; -pmdb_t *db_local; alpm_list_t *walked = NULL; alpm_list_t *provisions = NULL; @@ -241,15 +240,27 @@ static void print_end(void) } } +static pmpkg_t *get_pkg_from_dbs(alpm_list_t *dbs, const char *needle) { + alpm_list_t *i; + pmpkg_t *ret; + + for(i = dbs; i; i = alpm_list_next(i)) { + ret = alpm_db_get_pkg(alpm_list_getdata(i), needle); + if(ret) { + return ret; + } + } + return NULL; +} /** * walk dependencies in reverse, showing packages which require the target */ -static void walk_reverse_deps(pmpkg_t *pkg, int depth) +static void walk_reverse_deps(alpm_list_t *dblist, pmpkg_t *pkg, int depth) { alpm_list_t *required_by, *i; - if((max_depth >= 0) && (depth == max_depth + 1)) { + if(!pkg || ((max_depth >= 0) && (depth == max_depth + 1))) { return; } @@ -267,7 +278,7 @@ static void walk_reverse_deps(pmpkg_t *pkg, int depth) } } else { print(alpm_pkg_get_name(pkg), pkgname, NULL, depth); - walk_reverse_deps(alpm_db_get_pkg(db_local, pkgname), depth + 1); + walk_reverse_deps(dblist, get_pkg_from_dbs(dblist, pkgname), depth + 1); } } @@ -277,7 +288,7 @@ static void walk_reverse_deps(pmpkg_t *pkg, int depth) /** * walk dependencies, showing dependencies of the target */ -static void walk_deps(pmpkg_t *pkg, int depth) +static void walk_deps(alpm_list_t *dblist, pmpkg_t *pkg, int depth) { alpm_list_t *i; @@ -289,8 +300,7 @@ static void walk_deps(pmpkg_t *pkg, int depth) for(i = alpm_pkg_get_depends(pkg); i; i = alpm_list_next(i)) { pmdepend_t *depend = alpm_list_getdata(i); - pmpkg_t *provider = alpm_find_satisfier(alpm_db_get_pkgcache(db_local), - depend->name); + pmpkg_t *provider = alpm_find_dbs_satisfier(handle, dblist, depend->name); if(provider) { const char *provname = alpm_pkg_get_name(provider); @@ -303,7 +313,7 @@ static void walk_deps(pmpkg_t *pkg, int depth) } } else { print(alpm_pkg_get_name(pkg), provname, depend->name, depth); - walk_deps(provider, depth + 1); + walk_deps(dblist, provider, depth + 1); } } else { /* unresolvable package */ @@ -318,6 +328,7 @@ int main(int argc, char *argv[]) enum _pmerrno_t err; const char *target_name; pmpkg_t *pkg; + alpm_list_t *dblist = NULL; if(parse_options(argc, argv) != 0) { usage(); @@ -333,12 +344,12 @@ int main(int argc, char *argv[]) goto finish; } - db_local = alpm_option_get_localdb(handle); + dblist = alpm_list_add(dblist, alpm_option_get_localdb(handle)); /* we only care about the first non option arg for walking */ target_name = argv[optind]; - pkg = alpm_find_satisfier(alpm_db_get_pkgcache(db_local), target_name); + pkg = alpm_find_dbs_satisfier(handle, dblist, target_name); if(!pkg) { fprintf(stderr, "error: package '%s' not found\n", target_name); ret = 1; @@ -348,13 +359,15 @@ int main(int argc, char *argv[]) print_start(alpm_pkg_get_name(pkg), target_name); if(reverse) { - walk_reverse_deps(pkg, 1); + walk_reverse_deps(dblist, pkg, 1); } else { - walk_deps(pkg, 1); + walk_deps(dblist, pkg, 1); } print_end(); + alpm_list_free(dblist); + finish: cleanup(); return ret; -- cgit v1.2.3-24-g4f1b