summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* pactest: use subprocess module instead of os.systemDan McGee2011-08-02
| | | | | | | | | This is more in line with standard Python practice, and makes keyboard interrupts behave a lot more sanely. It also prevents the useless spawning of a shell as well as simplifies the command building and working directory stuff. Signed-off-by: Dan McGee <dan@archlinux.org>
* Revamp signing checksDan McGee2011-07-28
| | | | | | | | | | | | | This ensures we are actually making correct use of the information gpgme is returning to us. Marginal being allowed was obvious before, but Unknown should deal with trust level, and not the presence or lack thereof of a public key to validate the signature with. Return status and validity information in two separate values so check methods and the frontend can use them independently. For now, we treat expired keys as valid, while expired signatures are invalid. Signed-off-by: Dan McGee <dan@archlinux.org>
* Tidy up testdb to match coding stylesDan McGee2011-07-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Make free_groupcache() privateDan McGee2011-07-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge remote-tracking branch 'dave/scripts-fixup'Dan McGee2011-07-28
|\
| * scripts/pkgdelta: exit properly on missing argsDave Reisner2011-07-28
| | | | | | | | | | | | | | Removes usage of 'nounset' which, when combined with 'errexit' can cause undesirable early exits. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
| * scripts/repo-add: show usage when no DB file specifiedDave Reisner2011-07-28
| | | | | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* | Unify modelines in Asciidoc filesDan McGee2011-07-28
|/ | | | | | | | | | | This gets us close to using the same modeline in all files we run through Asciidoc, as well as adding the spell and spelllang declarations, just as we had in NEWS already. The choice of 'en_us' is mainly for consistency and because the body of work already uses these spellings. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: Add --import and --import-trustdbPang Yan Han2011-07-27
| | | | | | | | | | | | | | | | | Currently, pacman-key allows the user to import their keys using the --add option. However, no similar functionality exists for importing ownertrust values. The --import-trustdb option takes a list of directories and imports ownertrust values if the directories have a trustdb.gpg database. The --import option takes a list of directories and imports keys from pubring.gpg and ownertrust values from trustdb.gpg. Think of it as a combination of --add and --import-trustdb Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: change GPG_PACMAN and GPG_NOKEYRING to arraysDJ Mills2011-07-27
| | | | | | | | | Allows the commands to safely handle any possible arguments Signed-off-by: DJ Mills <danielmills1@gmail.com> Allan: rebase patch Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: fix syntax error in -r arg parsingAllan McRae2011-07-27
| | | | | | | Previous fix did not work... Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: refactor checking source integrityAllan McRae2011-07-27
| | | | | | | | | Move the source integrity checking into its own function as the code was duplicated and is now more complicated with the separation of the two checks types. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: more control of skipping integrity checksAllan McRae2011-07-27
| | | | | | | | | Allows the skipping of all integrity checks (checksum and PGP) or either the checksum or PGP checks individually. Original-patch-by: Wieland Hoffman <theminew@googlemail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: Add support for verifying pgp signaturesWieland Hoffmann2011-07-27
| | | | | | | | | | | | | Many projects provide signature files along with the source code archives. It's good to check these, too, when verifying the integrity of source code archives. Not everybody is using gpg so the verification can be disabled with --skippgpcheck. Additionally, only a warning is displayed when the key that signed the source file is unknown. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove duplicate code shared between sync and upgradeDan McGee2011-07-27
| | | | | | | | | Pacman did a great job of having almost (but not quite) duplicate code paths through the sync and upgrade code. We can use the same logic in both upgrade in sync once the targets are resolved, so extract a function and delete a bunch of code. Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: get package version with overridesAllan McRae2011-07-27
| | | | | | | | | | | When epoch, pkgver and/or pkgrel were overridden in a split package function, makepkg failed hard finding the real version for checking if packages were already built or trying to install packages. Fix the get_full_version function to deal with overrides and return the actual package version. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: allow epoch to be overriddenAllan McRae2011-07-27
| | | | | | | | We can override pkgver and pkgrel so it is only logical to add epoch to that list Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: check arch overrides for required architectureAllan McRae2011-07-27
| | | | | | | | Check any overrides of the "arch" variable contain the required architecture. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: check overrides for pkgrel and pkgverAllan McRae2011-07-27
| | | | | | | | Enforce syntax checking for pkgrel and pkgver overrides in package functions. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: pkgver and pkgrel can not have whitespaceAllan McRae2011-07-27
| | | | | | | There is always someone who tries to break things (cough *Dave* cough...) Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* contrib/pacsearch: skip non-matching linesDan McGee2011-07-27
| | | | | | | This prevents some perl errors from popping up when pacman prints error or warning messages. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: refactor post parse opt check into a caseDave Reisner2011-07-21
| | | | | | | This is a cleaner expression of the same information. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: s/UPDATEBD/UPDATEDB/Dave Reisner2011-07-21
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: fix syntax error in -r arg parsingDave Reisner2011-07-21
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: return $ret, not errorsDave Reisner2011-07-21
| | | | | | | fixes: /usr/bin/pacman-key: line 286: return: errors: numeric argument required Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Convert package filelists to an array instead of linked listDan McGee2011-07-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This accomplishes quite a few things with one rather invasive change. 1. Iteration is much more performant, due to a reduction in pointer chasing and linear item access. 2. Data structures are smaller- we no longer have the overhead of the linked list as the file struts are now laid out consecutively in memory. 3. Memory allocation has been massively reworked. Before, we would allocate three different pieces of memory per file item- the list struct, the file struct, and the copied filename. What this resulted in was massive fragmentation of memory when loading filelists since the memory allocator had to leave holes all over the place. The new situation here now removes the need for any list item allocation; allocates the file structs in contiguous memory (and reallocs as necessary), leaving only the strings as individually allocated. Tests using valgrind (massif) show some pretty significant memory reductions on the worst case `pacman -Ql > /dev/null` (366387 files on my machine): Before: Peak heap: 54,416,024 B Useful heap: 36,840,692 B Extra heap: 17,575,332 B After: Peak heap: 38,004,352 B Useful heap: 28,101,347 B Extra heap: 9,903,005 B Several small helper methods have been introduced, including a list to array conversion helper as well as a filelist merge sort that works directly on arrays. Signed-off-by: Dan McGee <dan@archlinux.org>
* contrib: add paclog-pkglist to gitignoreDan McGee2011-07-21
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Clean up my debug logger messDan McGee2011-07-19
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge remote-tracking branch 'allan/pacman-key'Dan McGee2011-07-18
|\
| * pacman-key: --init: correct creation of gpg.confPang Yan Han2011-07-19
| | | | | | | | | | Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: correct spelling mistakePang Yan Han2011-07-19
| | | | | | | | | | Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add dependency on parse_options to MakefileAllan McRae2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: check required permissions on keyringAllan McRae2011-07-19
| | | | | | | | | | | | | | | | Makes sure that the pacman keyring is readable and that the user has permissions to create a lock file if lock-never is not specified in the gpg.conf file. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add --init optionAllan McRae2011-07-19
| | | | | | | | | | | | | | | | Add an --init option that ensures that the pacman keyring has all the necessary files and they have the correct permissions for being read as a user. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: tidy up logic for finding pacman keyring directoryDave Reisner2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: refactor get_fromDave Reisner2011-07-19
| | | | | | | | | | | | | | | | | | | | | | This function had a variety of pitfalls, including the inability to successfully find a key=value pair where no whitespace surrounded the equals sign. Make it more robust by splitting the line on the equals itself, and performing whitespace trimming on the resulting key/value pair. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: add --verify optionAllan McRae2011-07-19
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: check only a single operation has been specifiedAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | Follow the example of gpg and only allow a single operation to be specified each time. Prevents having to deal with conflicting variable names and potential issues due to the order in which the operations are run. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: move verifying keyring files to own functionAllan McRae2011-07-19
| | | | | | | | | | | | Also check all files before bailing on errors. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: move --edit-key and --receive processing to functionsAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | | | | | This moves the processing of the --edit-key and --receive options to functions, keeping the final option processing to be all single line statements. Also rework the --edit-key option to validate all input before processing. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: update man pageAllan McRae2011-07-19
| | | | | | | | | | | | | | Update man page to reflect current options. Also add a description on how to manually interact with the pacman keyring with gpg. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: hide output of executed commands on logic checksIvan Kanakarakis2011-07-19
| | | | | | | | | | | | | | | | | | This commit correctly redirects to /dev/null the output of several commands that get executed on logic checks. Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com> Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: rename --trust to --edit-keyAllan McRae2011-07-19
| | | | | | | | | | | | | | | | This keeps the naming of the option more consistent with what is actually being called by gpg. Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: fix quotation on several variable assignmentsIvan Kanakarakis2011-07-19
| | | | | | | | | | | | | | | | This commit adds quotes to several variable assignments. Unquoted values can cause problems on several occasions if the value is empty. It is safer to have every assignment quoted. Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
| * pacman-key: allow the export of all key idsAllan McRae2011-07-19
| | | | | | | | | | | | | | The gpg --export will exprt all keys if none are specified. Replicate this behavior in pacman-key. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: rename --del to --deleteAllan McRae2011-07-19
| | | | | | | | | | | | | | There is already the short -d alias provided, so stay verbose with the longer option name. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: remove the --adv optionAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | The conversion to using parse_options causes this option to break. It is preferable to remove the option rather than fix it as it is simply a wrapper for "gpg --homedir @sysconfdir@/pacman.d/gnupg". Any user using more advanced keyring management than provided by pacman-key can manage to point gpg at the right place themselves... How to manually edit the keyring with gpg will instead be documented in the man page in a later commit. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: use our option parserAllan McRae2011-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The pacman-key script is complicated enough to warrent usage of the parse_options script. This is especially helpful in dealing with all the configuration file override flags as the no longer need to be specified first. It also allows us to do the right thing early with --help/--version and no option cases cleanly. This change also makde the check for root privileges only occur on operations where they are needed. This patch is inspired by and supercedes some patches submitted by Denis A. Altoé Falqueto and Ivan Kanakarakis who were altering the previous option handling in an attempt to deal with the above issues. Signed-off-by: Allan McRae <allan@archlinux.org>
* | Fix test suite when GPGME is disabledDan McGee2011-07-18
| | | | | | | | | | | | | | | | As noted by Allan, we failed pretty hard if gpgme was compiled out. With these changes, only sign001.py fails. This can/will be fixed later once we beef up the test suite with more signing tests anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* | pacman/callback: show .sig suffix on sig downloadDave Reisner2011-07-18
| | | | | | | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>