summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* pacman-key: import everything then revoke on --populateAllan McRae2011-08-29
| | | | | | | | | | | | | | | The optimization of only importing keys that were not to be later revoked was a not smart enough. For example, if a key was in both a repos keyring and its revoke list, alternate runs of pacman-key --populate would add then remove the key from the pacman keyring. This problem is made worse when considering the possibility of multiple keyrings being imported. Instead, import all keys followed by the revoking of all keys. This may result in a key being added then revoked, but that is not much of an issue given that is a very fast operation. Signed-off-by: Allan McRae <allan@archlinux.org>
* pacman-key: rework importing distro/repo provided keyringsAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | The current --reload option, apart from being non-clear in its naming, is very limited in that only one keyring can be provided. A distribution may want to provide multiple keyrings for various subsets of its organisation or custom repo providers may also want to provide a keyring. This patch adds a --populate option that reads keyrings from (by default) /usr/share/pacman/keyrings. A keyring is named foo.gpg, with optional foo-revoked file providing a list of revoked key ids. These files are required to be signed (detached) by a key trusted by pacman-key, in practice probably by the key that signed the package providing these files. The --populate flag either updates the pacman keyring using all keyrings in the directory or individual keyrings can be specified. Signed-off-by: Allan McRae <allan@archlinux.org>
* Better error handling out of package load methodDan McGee2011-08-28
| | | | | | | | There are many other ways to fail a package load other than "file not found". We should also use the correct error code in this case. Clean it up a bit in the various callers. Signed-off-by: Dan McGee <dan@archlinux.org>
* Refactor some args out of pkg_load_internalDan McGee2011-08-28
| | | | | | | | Just pass the entire sync package in if we have it; that way we can do any necessary operations involving it rather than have a parameter list growing endlessly. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add more info to debug key displayDan McGee2011-08-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Refactor signature result return formatDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | | I was trying to take a shortcut and not introduce a wrapper struct for the signature results, so packed it all into alpm_sigresult_t in the first iteration. However, this is painful when one wants to add new fields or only return information regarding a single signature. Refactor the type into a few components which are exposed to the end user, and will allow a lot more future flexibility. This also exposes more information regarding the key to the frontend than was previously available. The "private" void *data pointer is used by the library to store the actual key object returned by gpgme; it is typed this way so the frontend has no expectations of what is there, and so we don't have any hard gpgme requirement in our public API. Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/libalpm/signing.c: Fix memory leak in decode_signature() in case of error.Diogo Sousa2011-08-28
| | | | | Signed-off-by: Diogo Sousa <diogogsousa@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/libalpm/util.c: Fix two memory leaksLukas Fleischer2011-08-28
| | | | | | | | Free "md5sum" if md5_file() fails in alpm_compute_md5sum(). Free "sha256sum" if sha2_file() fails in alpm_compute_sha256sum(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* Check local database status flag in db_write sanity check blockDan McGee2011-08-28
| | | | | | | Do all the checks at once; this also avoids the 'return' call after we have allocated memory for "pkgpath" as well as tweaked the umask. Signed-off-by: Dan McGee <dan@archlinux.org>
* be_sync.c: Fix memory leak in alpm_db_update()Lukas Fleischer2011-08-28
| | | | | | | Free "syncpath" and restore umask if we fail to grab a lock. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman.c: Remove redundant strdup() in parsearg_global()Lukas Fleischer2011-08-28
| | | | | | | | config_set_arch() already calls strdup(). Remove strdup() from the config_set_arch() invocation to avoid a memory leak. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* Make sync error message smarter on unfound targetsDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | We had two issues here. One is a file with an absolute path passed to -S results in a cryptic error message due to the database name being '\0'. The second is not realizing you should be doing -U instead of -S. Fix both of these to transform this: $ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz error: database not found: to this: $ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz error: target not found: /tmp/binutils-2.21.1-2-i686.pkg.tar.xz warning: '/tmp/binutils-2.21.1-2-i686.pkg.tar.xz' is a file, did you mean -U/--upgrade instead of -S/--sync? Signed-off-by: Dan McGee <dan@archlinux.org>
* Fix possible mismatched type with several curl argumentsDan McGee2011-08-28
| | | | | | | | After commit 2e7d0023150664, we use off_t rather than long variables. Use the _LARGE variants of the methods to indicate we are passing off_t sized variables, and cast using (curl_off_t) accordingly. Signed-off-by: Dan McGee <dan@archlinux.org>
* Always process validity value returned by gpgmeDan McGee2011-08-25
| | | | | | | Don't force 'never'; you should be checking both the status and validity anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* Fix small memory leak in sig check codeDan McGee2011-08-25
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* strtrim: don't move empty stringDan McGee2011-08-25
| | | | | | | | | | There were many cases where the string coming in was a blank line, e.g. "\n\0", length 1. The trim routine starts by trimming leading spaces, thus trimming everything. We would then proceed to do a memmove of the NULL byte, which is completely worthless as we can just assign it instead. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove argument from check_pgp_helperDan McGee2011-08-25
| | | | | | | This one wasn't all that necessary as we only used it in one place in the function, which can be checked easily enough at the call site. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove trans is NULL check in QUESTION/EVENT/PROGRESS macrosDan McGee2011-08-25
| | | | | | | trans cannot (and better not) be NULL at any point when these are being called. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove short/long label distinctionDan McGee2011-08-25
| | | | | | | We only used short labels in one place, and the short label is always the first character of the long label anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* Slight refresh of the download progress callbackDan McGee2011-08-25
| | | | | | | | | | | | | | | | | | | | | | | | | | This cleans up some of the mess we have here. * switch to long units for the download size * omit the .0 decimal part from the download rate * omit the almost always zero HH: from estimated time if eta_h == 0 * Display --:-- if eta_h > 99; formatting was screwed up before The net result of this is we usually have 1 more character to use for filename display. Before: extra 500.9K 1242.4K/s 00:00:00 [######################] 100% community-testing 947.0B 28.2M/s 00:00:00 [######################] 100% multilib 26.5K 405.1K/s 00:00:00 [######################] 100% community 450.6K 1238.3K/s 00:00:00 [######################] 100% After: extra 500.9 KiB 1118K/s 00:00 [######################] 100% community-testing 947.0 B 23M/s 00:00 [######################] 100% multilib 26.5 KiB 255K/s 00:00 [######################] 100% community 450.6 KiB 1211K/s 00:00 [######################] 100% Signed-off-by: Dan McGee <dan@archlinux.org>
* Add a few more sizes to humanize_sizes()Dan McGee2011-08-25
| | | | | | | | Because why the hell not? Exbibyte, zebibyte, and yobibyte are going in, even though nothing bigger than the 2^60 exbibyte can be represented using an off_t variable anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* Finish large file download attack preventionDan McGee2011-08-25
| | | | | | | | | This handles the no Content-Length header problem as stated in the comments of FS#23413. We add a quick check to the callback that will force an abort if the downloaded data exceeds the payload size, and then check for this error in the post-download cleanup code. Signed-off-by: Dan McGee <dan@archlinux.org>
* Use off_t rather than double where possibleDan McGee2011-08-25
| | | | | | | | Beautiful of libcurl to use floating point types for what are never fractional values. We can do better, and we usually want these values in their integer form anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add new 'lt' and 'zh_TW' translations from transifexDan McGee2011-08-25
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Update existing translations from TransifexDan McGee2011-08-25
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Improved alpm_list_mmerge() performance (fixed coding style)Diogo Sousa2011-08-24
| | | | | | | | | | Improved alpm_list_mmerge() performance by removing an extra pass to obtain the tail node. This was actually suggested by a TODO comment. Signed-off-by: Diogo Sousa <diogogsousa@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* vercmp: ensure 2.0a and 2.0.a do not compare equalDan McGee2011-08-23
| | | | | | | | | | | | | | | | We had this interesting set of facts conundrum, according to vercmp return values: 2.0a < 2.0 2.0 < 2.0.a 2.0a == 2.0.a This introduces a code change that ensures '2.0a < 2.0.a' as would be expected by the first two comparisons. Unfortunately this stays us a bit further from upstream RPM code, but those are the breaks (in RPM, the versions involving 'a' do in fact compare the same, but they are both greater than the bare '2.0'). Signed-off-by: Dan McGee <dan@archlinux.org>
* Style-match rpmvercmp code with upstreamDan McGee2011-08-23
| | | | | | | Not sure how or why some of this differed, but it is easy enough to set it back to how it was so it is easier to diff. Signed-off-by: Dan McGee <dan@archlinux.org>
* Retrieve default SigLevel value from backend after initial settingDan McGee2011-08-23
| | | | | | | | | | | | | | | | | | | | | This ensures we grab and use the library default once we have processed the global SigLevel setting, but before processing the repo-specific settings. This means the following two configs will now evaluate the same, as the backend currently defaults to 'Optional': Config 1: [options] # nothing here [repo] SigLevel = TrustAll Config 2: [options] SigLevel = Optional [repo] SigLevel = TrustAll Signed-off-by: Dan McGee <dan@archlinux.org>
* sync: halt file discovery if repo has no serversDave Reisner2011-08-23
| | | | | | | | | | | | | | | | | | | | | This avoids error spam when no servers are configured for a repo and a sync operation is performed: Proceed with installation? [Y/n] y :: Retrieving packages from testing... warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing warning: failed to retrieve some files from testing Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Fix formatting in pacman-key manpageJakob Gruber2011-08-22
| | | | | Signed-off-by: Jakob Gruber <jakob.gruber@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: prevent need to copy struct in mask_signal()Dan McGee2011-08-22
| | | | | | | Since we store this directly in the download function, just rework mask_signal() to take a pointer to a location to store the original. Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: extract tempfile creation to its own functionDave Reisner2011-08-22
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: move (un)masking of signals to separate functionsDave Reisner2011-08-22
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: move curl option setting to static functionDave Reisner2011-08-22
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: add open_mode to payload structDave Reisner2011-08-22
| | | | | | | | | This is a precursor to a following patch which will move the setting of options to a separate function. With the open mode as part of the struct, we can avoid modifying stack allocated variables. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: rename cd_filename to content_disp_nameDave Reisner2011-08-22
| | | | | | | | This is more in line with the menagerie of file name members that we now have on the payload struct. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: move tempfile and destfile to payload structDave Reisner2011-08-22
| | | | | | | | | | These are private to the download operation already, so glob them onto the struct. This is an ugly rename patch, with the only logical change being that destfile and tempfile are now freed by the payload_free function. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman/util: use string_length to calculate line lengthDave Reisner2011-08-22
| | | | | | | | This is measuring strings that are potentially localized, so we need a multibyte aware function to count characters instead of bytes. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Print callback messages to stderrAllan McRae2011-08-22
| | | | | | | Fixes FS#25099. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Print debug timestamps to same stream as rest of outputDan McGee2011-08-22
| | | | | | | | We used fprintf() elsewhere in this function, but we didn't use it on the debug timestamp printing. Use fprintf() instead of printf() to fix this. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacsort: correct list freeingPang Yan Han2011-08-22
| | | | | Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacsort: ensure list is freed if size is 0Dan McGee2011-08-22
| | | | | | Found using: `valgrind ./src/util/.libs/lt-pacsort /dev/null` Signed-off-by: Dan McGee <dan@archlinux.org>
* pacsort: correct pointer type in list_newPang Yan Han2011-08-22
| | | | | | | Pointer sizes are the same but this makes intention clearer. Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove alpm_option_get_* usage from backendDan McGee2011-08-19
| | | | | | These are all available directly on the handle without indirection. Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: remove unused macroDave Reisner2011-08-19
| | | | | | | This was a vestige leftover from the libfetch days of yore. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: delete zero length downloads on curl errorDave Reisner2011-08-19
| | | | | | | | In the case of a non-operation (e.g. DNS resolver error), delete the leftover 0 byte .part file. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: rename payload->filename to payload->remote_nameDave Reisner2011-08-19
| | | | | | | | | This is a far more accurate description of what this is, since it's more than likely not really a filename at all, but the name after a final slash on a URL. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: remove code duplicationDave Reisner2011-08-19
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* bash_completion: add dbonly to sync optionsDave Reisner2011-08-19
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>