| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
Move the create_signature() call outside the case of non-empty
databases, so it will be called regardless.
Signed-off-by: Ray Kohler <ataraxia937@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
| |
Signed-off-by: Ray Kohler <ataraxia937@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
| |
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
|
|
| |
This greatly simplifies the cleanup fallthrough in our download function
and we'll be able to reuse this for signatures.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
| |
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
|
|
|
| |
Based on the fact that localf always points to the same file, there's no
need to code in multiple fopen calls with varying results. Instead,
track the desired file open mode and make a single call to fopen.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
|
|
| |
Create a more general function that allows appending a suffix to a
filepath.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
|
| |
libcurl doesn't natively honor the HTTP_USER_AGENT environment variable.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
|
|
|
|
|
|
| |
This lets us determine the real size of the file on disk so that we can
properly bump the progress bar when we're resuming a download.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
Fixes FS #23369
Signed-off-by: Ray Kohler <ataraxia937@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
My main motivation was to remove the "sync", which can stall for
minutes on a busy machine (FS#23378). I also cleaned up the redirection.
Signed-off-by: Jan Steffens <jan.steffens@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
pacman 3.5.0 removed alpm_db_register_local, so calling
alpm_db_unregister_all leaves the front end in a position where there's
no local db, and no way to re-register it.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move checksum and pgpsig calcluation before changing into the
tmpdir, otherwise we can't find the files if a relative path
was used.
Signed-off-by: Ray Kohler <ataraxia937@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| | |
After updating a database, remove the old signature to prevent it
being used in validation if the new signature fails to download.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If signature verification is needed, attempt to download a signature
file for a repo when it is updated. Return an error if unable to
download signature only when checking is mandatory, or if signature is
invalid.
TODO: At the moment the database signature is only checked on download.
Should we do anything with a database if it fails to be verified to prevent
its future usage?
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| | |
We can use this for both standalone package signatures as well as
standalone database signatures.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| |
| |
| |
| |
| | |
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Our curl callback does a whole lot of work for nothing if the front end
never defined a callback to receive the data we'd calculate for it.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
CURLINFO_HTTP_CODE is deprecated in favor of CURLINFO_RESPONSE_CODE.
Both yield the same values.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
The files we transfer are generally compressed already, so this just
adds unnecessary overhead.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use a static variable to effectively track the initialization state of
the progress callback via the last byte amount reported as downloaded by
libcurl.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
* introduces new macro in util.h (DOUBLE_EQ) for properly comparing
floating point values
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| | |
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Move the (possibly still temporary) output generated during signature
checking into the --debug output.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
We pass in a db object, so no need to go looking for it in the list on
the handle. This is a remnant of when we passed in a treename, more than
likely.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GnuPG looks for configuration files and keyrings in its home directory.
For a user, that is typically ~/.gnupg.
This patch causes pacman to use /etc/pacman.d/gnupg/ as the default
GnuPG home. One may override the default using --gpgdir on the command-line
or GPGDir in pacman's configuration file.
Signed-off-by: Chris Brannon <cmbrannon@cox.net>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| |
| |
| |
| | |
This will serve as the home directory we pass to GPGME when making calls so
we can have a libalpm-utilized keyring.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| |
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|\ \ |
|
| | |
| | |
| | |
| | | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a .sig file sits side-by-side on the filesystem with a package archive,
read it in during the package struct creation process so we can verify it at
a later time if necessary.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Allow pkg.pgpsig to end up in the created sync databases.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a new field to the package struct to hold PGP information and
instruct db_read to pick it up from the database. It is currently unused
internally but this is the first step.
Due to the fact that we store the PGP sig as binary data, we need to store
both the data and the length so we have a small utility struct to assist us.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We will need these for GPG functionality (decoding the base64 encoded
signature stored in the databases).
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|/ /
| |
| |
| | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Implements FS#23103. Also modify libalpm so it ignores this value
without any warning as we know it is likely to exist.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Allan McRae <allan@archlinux.org>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is intended to verify an existing signature on a database before
making further changes to it and performing updates. Rarely would you
use this without immediately resigning it via the -s/--sign option.
Instead, it is intended as a "chain of trust" operation where the
previous signature is verified to give you some sense that what you sign
off on is also safe.
Still todo: don't make changes unless the signature is not only good,
but also in the accepted list of keys.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In order to be fully secure, we can't only sign packages. We also need
to sign our repository metadata to prevent database falsification,
dependency injection, etc. Add an '-s/--sign' option that allows this
functionality, and will generate a .sig file side-by-side with the
package database.
While at it, fix the issue where a signature file would never be found
because of 'cd' madness (this needs fixing in another commit).
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use base64 encoding to store the value in the database if a .sig file exists
for the package being added.
Signed-off-by: Geoffroy Carrier <geoffroy.carrier@koon.fr>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Be consistent in package and signature placements when using
PKGDEST.
Signed-off-by: Allan McRae <allan@archlinux.org>
|