summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Check return value of rename() callsDan McGee2011-08-08
| | | | | | | | | We did a good job checking this in add.c, but not necessarily anywhere else. Fix this up by adding checks into dload.c, remove.c, and conf.c in the frontend. Also add loggers where appropriate and make the message syntax more consistent. Signed-off-by: Dan McGee <dan@archlinux.org>
* docs/pacman.conf: Document SigLevel optionDan McGee2011-08-02
| | | | | | | | | This adds docs for SigLevel, which can exist in both [options] and [repository] sections. It also does a bit of reworking of the structure of this manpage and adds a labeled list under the repo sections where we didn't have one before. Signed-off-by: Dan McGee <dan@archlinux.org>
* Implement parsing of the new SigLevel directiveDan McGee2011-08-02
| | | | | | | | | | | | | | | | | | | | | | | | Add code to conf.c that parses the new SigLevel directive. An overwhelming number of options are presented, but most users will still be fine with the Never/Optional/Required trio. More advanced users can combine these or any of the other options on a 'SigLevel = ' line, which is parsed in a left-to-right fashion and flags turned on and off accordingly. For example, all three of these will net the same config: SigLevel = Required PackageOptional SigLevel = Optional DatabaseRequired SigLevel = DatabaseRequired PackageOptional Additionally, database-specific lines assume you wish to start with any global default that has been set. For example, if any of the above lines were in the [options] section, something such as: SigLevel = PackageRequired PackageAllowMarginal Would continue to enforce required database signatures. Inspiration-by: Kerrick Staley <mail@kerrickstaley.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* paccache: add new contrib scriptDave Reisner2011-08-02
| | | | | | | | | | paccache is a robust and flexible package cache cleaner with a variety of options. Much credit goes to DJ Mills and Pat Brisbin for ideas behind this script. Signed-off-by: Dave Reisner <dreisner@archlinux.org> [Dan: add .gitignore entry] Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: follow gpg options for listing keysAllan McRae2011-08-02
| | | | | | | | | | | | | | The current --list option outputed the keys and all their signatures which can be overly verbose. It also did not take a list of keys on the command line to limit its output (although the code suggests that was intended). That patch brings consistency with gpg, providing --list-keys and --list-sigs options that function equivalently to those provided by gpg. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Don't trim whitespace when reading database entriesDan McGee2011-08-02
| | | | | | | | | | | We don't write with extra or unknown whitespace, so there is little reason for us to trim it when reading either. This also fixes the hopefully never encountered "paths that start or end with spaces" issue, for which two pactests have been added. The tests also contain other evil characters that we have encountered before and handle just fine, but it doesn't hurt to ensure we don't break such support in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
* pactest: use subprocess module instead of os.systemDan McGee2011-08-02
| | | | | | | | | This is more in line with standard Python practice, and makes keyboard interrupts behave a lot more sanely. It also prevents the useless spawning of a shell as well as simplifies the command building and working directory stuff. Signed-off-by: Dan McGee <dan@archlinux.org>
* Revamp signing checksDan McGee2011-07-28
| | | | | | | | | | | | | This ensures we are actually making correct use of the information gpgme is returning to us. Marginal being allowed was obvious before, but Unknown should deal with trust level, and not the presence or lack thereof of a public key to validate the signature with. Return status and validity information in two separate values so check methods and the frontend can use them independently. For now, we treat expired keys as valid, while expired signatures are invalid. Signed-off-by: Dan McGee <dan@archlinux.org>
* Tidy up testdb to match coding stylesDan McGee2011-07-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Make free_groupcache() privateDan McGee2011-07-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge remote-tracking branch 'dave/scripts-fixup'Dan McGee2011-07-28
|\
| * scripts/pkgdelta: exit properly on missing argsDave Reisner2011-07-28
| | | | | | | | | | | | | | Removes usage of 'nounset' which, when combined with 'errexit' can cause undesirable early exits. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
| * scripts/repo-add: show usage when no DB file specifiedDave Reisner2011-07-28
| | | | | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* | Unify modelines in Asciidoc filesDan McGee2011-07-28
|/ | | | | | | | | | | This gets us close to using the same modeline in all files we run through Asciidoc, as well as adding the spell and spelllang declarations, just as we had in NEWS already. The choice of 'en_us' is mainly for consistency and because the body of work already uses these spellings. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: Add --import and --import-trustdbPang Yan Han2011-07-27
| | | | | | | | | | | | | | | | | Currently, pacman-key allows the user to import their keys using the --add option. However, no similar functionality exists for importing ownertrust values. The --import-trustdb option takes a list of directories and imports ownertrust values if the directories have a trustdb.gpg database. The --import option takes a list of directories and imports keys from pubring.gpg and ownertrust values from trustdb.gpg. Think of it as a combination of --add and --import-trustdb Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: change GPG_PACMAN and GPG_NOKEYRING to arraysDJ Mills2011-07-27
| | | | | | | | | Allows the commands to safely handle any possible arguments Signed-off-by: DJ Mills <danielmills1@gmail.com> Allan: rebase patch Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: fix syntax error in -r arg parsingAllan McRae2011-07-27
| | | | | | | Previous fix did not work... Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: refactor checking source integrityAllan McRae2011-07-27
| | | | | | | | | Move the source integrity checking into its own function as the code was duplicated and is now more complicated with the separation of the two checks types. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: more control of skipping integrity checksAllan McRae2011-07-27
| | | | | | | | | Allows the skipping of all integrity checks (checksum and PGP) or either the checksum or PGP checks individually. Original-patch-by: Wieland Hoffman <theminew@googlemail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: Add support for verifying pgp signaturesWieland Hoffmann2011-07-27
| | | | | | | | | | | | | Many projects provide signature files along with the source code archives. It's good to check these, too, when verifying the integrity of source code archives. Not everybody is using gpg so the verification can be disabled with --skippgpcheck. Additionally, only a warning is displayed when the key that signed the source file is unknown. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove duplicate code shared between sync and upgradeDan McGee2011-07-27
| | | | | | | | | Pacman did a great job of having almost (but not quite) duplicate code paths through the sync and upgrade code. We can use the same logic in both upgrade in sync once the targets are resolved, so extract a function and delete a bunch of code. Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: get package version with overridesAllan McRae2011-07-27
| | | | | | | | | | | When epoch, pkgver and/or pkgrel were overridden in a split package function, makepkg failed hard finding the real version for checking if packages were already built or trying to install packages. Fix the get_full_version function to deal with overrides and return the actual package version. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: allow epoch to be overriddenAllan McRae2011-07-27
| | | | | | | | We can override pkgver and pkgrel so it is only logical to add epoch to that list Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: check arch overrides for required architectureAllan McRae2011-07-27
| | | | | | | | Check any overrides of the "arch" variable contain the required architecture. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: check overrides for pkgrel and pkgverAllan McRae2011-07-27
| | | | | | | | Enforce syntax checking for pkgrel and pkgver overrides in package functions. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: pkgver and pkgrel can not have whitespaceAllan McRae2011-07-27
| | | | | | | There is always someone who tries to break things (cough *Dave* cough...) Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* contrib/pacsearch: skip non-matching linesDan McGee2011-07-27
| | | | | | | This prevents some perl errors from popping up when pacman prints error or warning messages. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: refactor post parse opt check into a caseDave Reisner2011-07-21
| | | | | | | This is a cleaner expression of the same information. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: s/UPDATEBD/UPDATEDB/Dave Reisner2011-07-21
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: fix syntax error in -r arg parsingDave Reisner2011-07-21
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: return $ret, not errorsDave Reisner2011-07-21
| | | | | | | fixes: /usr/bin/pacman-key: line 286: return: errors: numeric argument required Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Convert package filelists to an array instead of linked listDan McGee2011-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This accomplishes quite a few things with one rather invasive change. 1. Iteration is much more performant, due to a reduction in pointer chasing and linear item access. 2. Data structures are smaller- we no longer have the overhead of the linked list as the file struts are now laid out consecutively in memory. 3. Memory allocation has been massively reworked. Before, we would allocate three different pieces of memory per file item- the list struct, the file struct, and the copied filename. What this resulted in was massive fragmentation of memory when loading filelists since the memory allocator had to leave holes all over the place. The new situation here now removes the need for any list item allocation; allocates the file structs in contiguous memory (and reallocs as necessary), leaving only the strings as individually allocated. Tests using valgrind (massif) show some pretty significant memory reductions on the worst case `pacman -Ql > /dev/null` (366387 files on my machine): Before: Peak heap: 54,416,024 B Useful heap: 36,840,692 B Extra heap: 17,575,332 B After: Peak heap: 38,004,352 B Useful heap: 28,101,347 B Extra heap: 9,903,005 B Several small helper methods have been introduced, including a list to array conversion helper as well as a filelist merge sort that works directly on arrays. Signed-off-by: Dan McGee <dan@archlinux.org>
* contrib: add paclog-pkglist to gitignoreDan McGee2011-07-21
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Clean up my debug logger messDan McGee2011-07-19
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge remote-tracking branch 'allan/pacman-key'Dan McGee2011-07-18
|\
| * pacman-key: --init: correct creation of gpg.confPang Yan Han2011-07-19
| | | | | | | | | | Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: correct spelling mistakePang Yan Han2011-07-19
| | | | | | | | | | Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add dependency on parse_options to MakefileAllan McRae2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: check required permissions on keyringAllan McRae2011-07-19
| | | | | | | | | | | | | | | | Makes sure that the pacman keyring is readable and that the user has permissions to create a lock file if lock-never is not specified in the gpg.conf file. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add --init optionAllan McRae2011-07-19
| | | | | | | | | | | | | | | | Add an --init option that ensures that the pacman keyring has all the necessary files and they have the correct permissions for being read as a user. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: tidy up logic for finding pacman keyring directoryDave Reisner2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: refactor get_fromDave Reisner2011-07-19
| | | | | | | | | | | | | | | | | | | | | | This function had a variety of pitfalls, including the inability to successfully find a key=value pair where no whitespace surrounded the equals sign. Make it more robust by splitting the line on the equals itself, and performing whitespace trimming on the resulting key/value pair. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add --verify optionAllan McRae2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: check only a single operation has been specifiedAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | Follow the example of gpg and only allow a single operation to be specified each time. Prevents having to deal with conflicting variable names and potential issues due to the order in which the operations are run. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: move verifying keyring files to own functionAllan McRae2011-07-19
| | | | | | | | | | | | Also check all files before bailing on errors. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: move --edit-key and --receive processing to functionsAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | | | | | This moves the processing of the --edit-key and --receive options to functions, keeping the final option processing to be all single line statements. Also rework the --edit-key option to validate all input before processing. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: update man pageAllan McRae2011-07-19
| | | | | | | | | | | | | | Update man page to reflect current options. Also add a description on how to manually interact with the pacman keyring with gpg. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: hide output of executed commands on logic checksIvan Kanakarakis2011-07-19
| | | | | | | | | | | | | | | | | | This commit correctly redirects to /dev/null the output of several commands that get executed on logic checks. Original-patch-by: Denis A. AltoƩ Falqueto <denisfalqueto@gmail.com> Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: rename --trust to --edit-keyAllan McRae2011-07-19
| | | | | | | | | | | | | | | | This keeps the naming of the option more consistent with what is actually being called by gpg. Original-patch-by: Denis A. AltoƩ Falqueto <denisfalqueto@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: fix quotation on several variable assignmentsIvan Kanakarakis2011-07-19
| | | | | | | | | | | | | | | | This commit adds quotes to several variable assignments. Unquoted values can cause problems on several occasions if the value is empty. It is safer to have every assignment quoted. Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>