summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* pacman-key: split keyserver to a separate optionDan McGee2011-09-02
| | | | | | | | This also renames '--receive' to '-recv-keys' to match the wrapped gpg option name, rather than invent a new one, now that the calling convention is the same. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key help and documentation cleanupDan McGee2011-09-02
| | | | | | | | | We were using the mystical [<foobar>] options which is some sort of cross between a <required> argument and an [optional] one. Remove this madness and do some other general cleanup/consistency work in the manpage. Signed-off-by: Dan McGee <dan@archlinux.org>
* doc: consistency when referencing other optionsDan McGee2011-09-02
| | | | | | Use '\--option' rather than `--option` everywhere. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: document --lsign-keyDan McGee2011-09-02
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Clean up handling of size fieldsDan McGee2011-09-02
| | | | | | | | | | | | We currently have csize, isize, and size concepts, and sometimes the difference isn't clear. Ensure the following holds: * size (aka csize): always the compressed size of the package; available for everything except local packages (where it will return 0) * isize: always the installed size of the package; available for all three package types Signed-off-by: Dan McGee <dan@archlinux.org>
* pactest: remove PACMAN_OUTPUT from ldconfig testsDan McGee2011-09-01
| | | | | | | | | This removes the last usages of this rule that aren't explicitly looking at real output from pacman. Notably, these tests depended on one particular debug logger not ever being changed, which is too fragile, not to mention doesn't work at all with --nolog. Signed-off-by: Dan McGee <dan@archlinux.org>
* _alpm_parsedate(): return time_t and not longDan McGee2011-09-01
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Add pactest for overflowing date (year 2038 problem)Dan McGee2011-09-01
| | | | | | | | This will work fine on x86_64 (or any platform that has a 64 bit long), but currently fails on i686. This test also stresses the recent changes to accommodate package size values greater than a 32 bit UINT_MAX. Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: fix overzealous PGP signature file matchingDan McGee2011-09-01
| | | | | | | | The regex wasn't rooted at the end of the filename, nor was it matching a period/dot before the file extension. The end result was this matched a file named '07_all_sig.patch' which is totally broken. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman/callback: reuse strlen calculationDave Reisner2011-09-01
| | | | | | | | | | Call strlen earlier in the dl progress callback, and reuse this length to replace some heavier str*() calls with more optimized mem*() replacements. This also gets rid of a false assumption that the ending string will ever be longer than the original string. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: fix sanity checking in versioningDave Reisner2011-09-01
| | | | | | | | Read the entire variable, respecting escapes, which are necessary to retain for the successive eval. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: read filenames in a while loopDave Reisner2011-09-01
| | | | | | | | Further improvments on 2ca27ab which will allow the changelog and install script files to contain whitespace. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* makepkg: fix breakage in eval'ing quoted stringsDave Reisner2011-09-01
| | | | | | | Broken in 2ca27a by me, trying to fix another problem. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: add --lsign-key operationDan McGee2011-08-30
| | | | | | | This allows local signing of a given key to help establish the web of trust rooted at the generated (or imported) master key. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key master key generationDan McGee2011-08-30
| | | | | | | | | | | | | This enables pacman-key, during --init, to generate a single secret key for the pacman keyring if one is not present. This will be used as the root of the web of trust for those that do not wish to manage it with their own key, as will be the default. This does not preclude later adding other secret keys to the keyring, or removing this one- we simply ensure you have at least one secret key available. Signed-off-by: Dan McGee <dan@archlinux.org>
* Scale package integrity progress bar/percentage by package sizeDan McGee2011-08-30
| | | | | | | | This upgrades the simple 15/17 scaling by package number we used before to package sized based scaling, which is much more accurate. Addresses some of the issues raised in FS#25817. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove outdated comment for _alpm_outerconflictsAllan McRae2011-08-30
| | | | | Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Improve advice for sync ops when db.lck is presentPang Yan Han2011-08-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | When the database is locked, sync operations involving transactions, such as pacman -Syy, show the following: :: Synchronizing package databases... error: failed to update core (unable to lock database) error: failed to update extra (unable to lock database) error: failed to update community (unable to lock database) error: failed to update multilib (unable to lock database) error: failed to synchronize any databases Whereas pacman -U <pkg> shows: error: failed to init transaction (unable to lock database) if you're sure a package manager is not already running, you can remove /var/lib/pacman/db.lck Which is much more meaningful, since the presence of db.lck may indicate an erroneous lockfile instead of an ongoing transaction. Improve the error messages for sync operations by advising the user to remove db.lck if he is sure that no package manager is running. Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Parse > 2GiB file sizes correctlyDan McGee2011-08-29
| | | | | | | | | | | | | | | | | | | | | | We were using atol(), which on 32 bit, cannot handle values greater than 2GiB, which is fail. Switch to a strtoull() wrapper function tailored toward parsing off_t values. This allows parsing of very large positive integer values. off_t is a signed type, but in our usages, we never parse or have a need for negative values, so the function will return -1 on error. Before: $ pacman -Si flightgear-data | grep Size Download Size : 2097152.00 K Installed Size : 2097152.00 K After: $ ./src/pacman/pacman -Si flightgear-data | grep Size Download Size : 2312592.52 KiB Installed Size : 5402896.00 KiB Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/libalpm/handle.c: Removed redundant if conditionHelder Martins2011-08-29
| | | | | Signed-off-by: Helder Martins <heldermartins89@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Ensure progress callback updates if XX/YY numerator changesDan McGee2011-08-29
| | | | | | | | | We only updated if the percentage incremented and enough time had elapsed, even though the numerator of the current/howmany fraction may have changed. Ensure we proceed with the progress bar update in these cases so as to not mislead the user. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman-key: fix broken logic around updating trust databaseDan McGee2011-08-29
| | | | | | | | | | | Any option that flips UPDATEDB=1 doesn't work right now due to what we thought was a good idea in commit cab1379a1ab14. Fix this by not including the update operation in the option count and special casing it where necessary. Also, bring back the helpful "Updating trust database" message. Signed-off-by: Dan McGee <dan@archlinux.org>
* Run pacman test-suite with LC_ALL=CAllan McRae2011-08-29
| | | | | | | | Running the pacman test-suite in a non-English locale results in a few failures. Force the test-suite to run with LC_ALL=C. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Streamline alpm_splitdep() comparisonsDan McGee2011-08-29
| | | | | | | | | | | | | | This reduces from 5 to 3 the number of searches needed on the string looking for a comparison operator, since we can so a second quick comparison looking for '=' if we find '<' or '>'. It also makes every search doable with strchr() or memchr() rather than the slower strstr() method. In testing, only 10% of splitdep calls (~1600 / 16000) during an -Ss database load found a version comparison operator, so optimizing the not found path to be require less work makes sense. Signed-off-by: Dan McGee <dan@archlinux.org>
* pacsort: use boolean, not binary OR operationDave Reisner2011-08-29
| | | | | Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Rework scriptlet tests to not depend on pacman outputDan McGee2011-08-29
| | | | | | | This actually does something in a scriptlet we can check with our normal set of rules, rather than relying on pacman debug output. Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge branch 'allan/pacman-key'Dan McGee2011-08-28
|\
| * pacman-key: have --init add more options to default gpg.confDan McGee2011-08-29
| | | | | | | | | | | | | | | | | | | | | | This adds a add_gpg_conf_option() helper function which tries to be intelligent and only add not found options, and those which have not been explicitly commented out. The new options added are 'no-greeting', 'no-permission-warning', and a default 'keyserver'. Signed-off-by: Dan McGee <dan@archlinux.org>
| * pacman-key: refine permission and locking checksDan McGee2011-08-29
| | | | | | | | | | | | | | * secring.gpg can be 600, readable by root user only * ensure grep for lock-never option in check_keyring doesn't catch comments Signed-off-by: Dan McGee <dan@archlinux.org>
| * pacman-key: rework and document holding keys in keyringAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | | The HoldKey option was undocumented and was not suited for pacman.conf. Instead use the file "/etc/pacman.d/gnupg/heldkeys" to contain a list of keys not to be removed from the pacman keyring with the --populate option. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: Improve documentation for --populateAllan McRae2011-08-29
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: update trust database for relevant operationsAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | | After most operations that touch the keyring, it is a good idea to always run a check on the trustdb as this prevents gpg complaining on later operations. Inspiration-from: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: import everything then revoke on --populateAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The optimization of only importing keys that were not to be later revoked was a not smart enough. For example, if a key was in both a repos keyring and its revoke list, alternate runs of pacman-key --populate would add then remove the key from the pacman keyring. This problem is made worse when considering the possibility of multiple keyrings being imported. Instead, import all keys followed by the revoking of all keys. This may result in a key being added then revoked, but that is not much of an issue given that is a very fast operation. Signed-off-by: Allan McRae <allan@archlinux.org>
| * pacman-key: rework importing distro/repo provided keyringsAllan McRae2011-08-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current --reload option, apart from being non-clear in its naming, is very limited in that only one keyring can be provided. A distribution may want to provide multiple keyrings for various subsets of its organisation or custom repo providers may also want to provide a keyring. This patch adds a --populate option that reads keyrings from (by default) /usr/share/pacman/keyrings. A keyring is named foo.gpg, with optional foo-revoked file providing a list of revoked key ids. These files are required to be signed (detached) by a key trusted by pacman-key, in practice probably by the key that signed the package providing these files. The --populate flag either updates the pacman keyring using all keyrings in the directory or individual keyrings can be specified. Signed-off-by: Allan McRae <allan@archlinux.org>
* | _alpm_splitdep(): don't pass bogus length value to strndupDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | If we fell through to the ALPM_DEP_MOD_ANY case, ptr would be NULL, and we would pass (0 - <str>), which is a rather large negative number or bogus positive number, depending on signed/unsigned. Just use strdup in the case where we don't have a ptr available. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Database read optimizationsDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hard to believe there was still more room to improve on this, but I found an easily correctable oversight tonight. Our databases (both sync and local) contain many blank lines, and we were not moving onto the next line right away in these cases; instead we would proceed through our strcmp() conditional checks as normal. Some local numbers follow to show the effects of this patch: Sync `-Ss foobarbaz`: 71,709 blank lines skipped early ~1,505,889 strcmp() calls avoided (21 per line) ~15% speed improvement (.210 --> .179 sec) Local `-Qs foobarbaz`: 6,823 blank lines skipped early 115,991 strcmp() calls avoided (17 per line) ~6% speed improvement (.080 -> .071 sec) Signed-off-by: Dan McGee <dan@archlinux.org>
* | Allow access to package origin dataDan McGee2011-08-28
| | | | | | | | | | | | | | Add new alpm_pkg_get_origin() method, use it in the front end now that the enum constants are publicly available. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Removed multiple definitions of pkgfrom_tDiogo Sousa2011-08-28
|/ | | | | | | | | | | | | libalpm now exports type alpm_pkgfrom_t in alpm.h, which may be used by frontends. Pacman now uses alpm_pkgfrom_t instead of replicating that type (pkg_from as was in src/pacman/package.h) Updated API change in README. Signed-off-by: Diogo Sousa <diogogsousa@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Better error handling out of package load methodDan McGee2011-08-28
| | | | | | | | There are many other ways to fail a package load other than "file not found". We should also use the correct error code in this case. Clean it up a bit in the various callers. Signed-off-by: Dan McGee <dan@archlinux.org>
* Refactor some args out of pkg_load_internalDan McGee2011-08-28
| | | | | | | | Just pass the entire sync package in if we have it; that way we can do any necessary operations involving it rather than have a parameter list growing endlessly. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add more info to debug key displayDan McGee2011-08-28
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Refactor signature result return formatDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | | I was trying to take a shortcut and not introduce a wrapper struct for the signature results, so packed it all into alpm_sigresult_t in the first iteration. However, this is painful when one wants to add new fields or only return information regarding a single signature. Refactor the type into a few components which are exposed to the end user, and will allow a lot more future flexibility. This also exposes more information regarding the key to the frontend than was previously available. The "private" void *data pointer is used by the library to store the actual key object returned by gpgme; it is typed this way so the frontend has no expectations of what is there, and so we don't have any hard gpgme requirement in our public API. Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/libalpm/signing.c: Fix memory leak in decode_signature() in case of error.Diogo Sousa2011-08-28
| | | | | Signed-off-by: Diogo Sousa <diogogsousa@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/libalpm/util.c: Fix two memory leaksLukas Fleischer2011-08-28
| | | | | | | | Free "md5sum" if md5_file() fails in alpm_compute_md5sum(). Free "sha256sum" if sha2_file() fails in alpm_compute_sha256sum(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* Check local database status flag in db_write sanity check blockDan McGee2011-08-28
| | | | | | | Do all the checks at once; this also avoids the 'return' call after we have allocated memory for "pkgpath" as well as tweaked the umask. Signed-off-by: Dan McGee <dan@archlinux.org>
* be_sync.c: Fix memory leak in alpm_db_update()Lukas Fleischer2011-08-28
| | | | | | | Free "syncpath" and restore umask if we fail to grab a lock. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* pacman.c: Remove redundant strdup() in parsearg_global()Lukas Fleischer2011-08-28
| | | | | | | | config_set_arch() already calls strdup(). Remove strdup() from the config_set_arch() invocation to avoid a memory leak. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* Make sync error message smarter on unfound targetsDan McGee2011-08-28
| | | | | | | | | | | | | | | | | | We had two issues here. One is a file with an absolute path passed to -S results in a cryptic error message due to the database name being '\0'. The second is not realizing you should be doing -U instead of -S. Fix both of these to transform this: $ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz error: database not found: to this: $ sudo pacman -S /tmp/binutils-2.21.1-2-i686.pkg.tar.xz error: target not found: /tmp/binutils-2.21.1-2-i686.pkg.tar.xz warning: '/tmp/binutils-2.21.1-2-i686.pkg.tar.xz' is a file, did you mean -U/--upgrade instead of -S/--sync? Signed-off-by: Dan McGee <dan@archlinux.org>
* Fix possible mismatched type with several curl argumentsDan McGee2011-08-28
| | | | | | | | After commit 2e7d0023150664, we use off_t rather than long variables. Use the _LARGE variants of the methods to indicate we are passing off_t sized variables, and cast using (curl_off_t) accordingly. Signed-off-by: Dan McGee <dan@archlinux.org>
* Always process validity value returned by gpgmeDan McGee2011-08-25
| | | | | | | Don't force 'never'; you should be checking both the status and validity anyway. Signed-off-by: Dan McGee <dan@archlinux.org>