summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* | Reduce duplicate signing debug code and fix logic conditionDan McGee2011-05-04
| | | | | | | | | | | | | | | | | | | | | | We had a lot of similar looking code that we can collapse down into a function. This also fixes errors seen when turning on some gcc warnings and implicitly casting away the const-ness of the string. Free the list when we are done with it as well. Also, fix a logic error where we should be checking with &&, not ||. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-04-29
|\|
| * Transifex updatesDan McGee2011-04-29
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
| * pacman(8): grammar correction for relative clausesMatt Mooney2011-04-29
| | | | | | | | | | | | | | | | | | | | Change "which" to "that" when used in a restrictive clause. Replace usage of the relative prounoun "those" with a common noun for added clarity. Signed-off-by: Matt Mooney <mfm@muteddisk.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
| * pacman(8): change "options" to "operation" when referring to -DMatt Mooney2011-04-29
| | | | | | | | | | | | | | -D is an operation not an option. Signed-off-by: Matt Mooney <mfm@muteddisk.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* | configure: add output showing what libraries will be usedDan McGee2011-04-27
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | Allow conditional compilation with GPGMEDan McGee2011-04-27
| | | | | | | | | | | | | | | | | | This makes it possible to omit usage of -lgpgme, just as we can do for -lcurl and -lcrypto. Thanks to Rémy Oudompheng for an initial stab at this. Signed-off-by: Dan McGee <dan@archlinux.org>
* | signing: add more detail to unexpected signature count errorDan McGee2011-04-24
| | | | | | | | | | | | | | Do a quick loop and count of the returned data so we can show how many signatures were parsed and read. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Enhance GPGME debug outputDan McGee2011-04-24
| | | | | | | | | | | | | | | | | | | | Add some lookup functions for nice names for the various types used by the library, and remove some fields that are of little use to us in the debug output. This should make looking at key loading and verification a bit easier, especially in determining what makes up our good and bad criteria. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Perform package verification at package load timeDan McGee2011-04-24
| | | | | | | | | | | | | | | | | | | | | | Both md5sum verification and PGP verification can and should be done at package load time. This allows verification to happen as early as possible for packages provided by filename and loaded in the frontend, and moves more stuff out of sync_commit that doesn't really belong there. This should also set the stage for simplified parallel loading of packages later down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
* | sync_commit: refactor out validate_deltasDan McGee2011-04-24
| | | | | | | | | | | | | | More stuff going on in the pre-committing stage that can be in a static method to make things a bit more clear. Signed-off-by: Dan McGee <dan@archlinux.org>
* | sync_commit: refactor out file downloadsDan McGee2011-04-24
| | | | | | | | | | | | | | | | | | This part is almost completely self-contained, except building the list of delta filenames that we use later to check their md5sums. Refactor it into a static method so we can bring most of the code in sync_commit closer to the method name. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Rein in the complexity of the signature typeDan McGee2011-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Given that we offer no transparency into the pmpgpsig_t type, we don't really need to expose it outside of the library, and at this point, we don't need it at all. Don't decode anything except when checking signatures. For packages/files not from a sync database, we now just read the signature file directly anyway. Also push the decoding logic down further into the check method so we don't need this hanging out in a less than ideal place. This will make it easier to conditionally compile things down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
* | signing: let GPGME handle loading signatures from filesDan McGee2011-04-24
| | | | | | | | | | | | | | Rather than go through all the hassle of doing this ourselves, just let GPGME handle the work by passing it a file handle. Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: update copyright messageAllan McRae2011-04-24
| | | | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: document -k optionAllan McRae2011-04-24
| | | | | | | | | | | | | | | | | | Also unify the usage output with that given by repo-add itself. Dan: use 'options', not 'option(s)'. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: check for gpg earlyAllan McRae2011-04-24
| | | | | | | | | | | | | | Check for the presence of gpg as soon as we know we need it. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: check for valid key when signing is requestedAllan McRae2011-04-24
| | | | | | | | | | | | | | Follow the example of makepkg Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: add option to specify a different key to sign withDenis A. Altoé Falqueto2011-04-24
| | | | | | | | | | | | | | | | | | Add -k/--key option to specify a non-default key for signing a package database. Original-patch-by: Denis A. Altoé Falqueto <denisfalqueto@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | repo-add: simplify usage messageAllan McRae2011-04-24
| | | | | | | | | | | | | | | | | | | | | | Listing every option on the usage line becomes unweildly as more options get added so simplify it. Also, provide a standard package name in the repo-add example. Dan: just use 'options' as we use elsewhere, not 'option(s)'. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Make dump_pkg_full a little less insaneDan McGee2011-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The various "level" values were a bit crazy to decipher, and we were doing some very interesting comparisons in certain places. Break it out into two parameters instead so we can seperate the type from the extra information display, and do things accordingly. Nothing changes with the display of any of the five types we currently show: -Si, -Sii, -Qi, -Qii, -Qip. Something to note- we should expose the PKG_FROM enum type somehow, this patch leaves the door open to do that quite easily. Signed-off-by: Dan McGee <dan@archlinux.org>
* | libalpm/dload: major refactor of signature downloadingDan McGee2011-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's a lot of related moving parts here: * Iteration through mirrors is moved back to the calling functions. This allows removal of _alpm_download_single_file and _alpm_download_files. * The download function gets a few more arguments to influence behavior. This allows several different scenarios to customize behavior: - database - database signature (req'd and optional) - package - package via direct URL - package signature via direct URL (req'd and optional) * For databases, we need signatures from the same mirror, so structure the code accordingly. Some-inspiration-from: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | libalpm/dload: add allow_resume and reorder error checksDan McGee2011-04-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The allow_resume is the start of the fix to the "don't ever resume database downloads" problem, as well as being useful for '.sig' downloads as well. For now, we say "always allow resume", but this will eventually get pushed down as necessary. Error checks are reworked in order to correctly error out when a file is not found on the remote end and reports 0 bytes downloaded. In addition, the two error messages printed are now different as one reports a more specific error message provided via the cURL error buffer. Some example output from an -Sy run with [testing], [community], [community2], [eee], and [nonexistant] defined as repos. [community2] and [nonexistant] are both invalid, one using FTP and one using HTTP. :: Synchronizing package databases... testing is up to date community is up to date error: failed retrieving file 'community2.db' from ftp.archlinux.org : Given file does not exist error: failed to update community2 (FTP: couldn't retrieve (RETR failed) the specified file) eee is up to date error: failed retrieving file 'nonexistant.db' from code.toofishes.net : The requested URL returned error: 404 error: failed to update nonexistant (HTTP response code said error) Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-04-22
|\|
| * Small translation update from TransifexDan McGee2011-04-22
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
| * doc/pacman: split -Su description in 3 paragraphsXavier Chantry2011-04-20
| | | | | | | | | | | | | | One paragraph for -Suu and one for -Su foo. Fixes FS#23451. Signed-off-by: Xavier Chantry <chantry.xavier@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | cleanup: add_pkg() and remove_pkg()Dan McGee2011-04-22
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | libalpm/dload: const and static correctnessDan McGee2011-04-22
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | be_sync: use _alpm_db_get_sigverify_level()Dan McGee2011-04-22
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | sync.c: remove unnecessary check for PM_PGP_VERIFY_UNKNOWNRémy Oudompheng2011-04-21
| | | | | | | | | | | | | | | | | | | | The value PM_PGP_VERIFY_UNKNOWN is reserved to error cases, now that the signature verification level defaults to the globally set level. The only error case is when handle == NULL, which is false in the context of _alpm_sync_commit(). Signed-off-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | handle.c: force sigverify level not to be PM_PGP_VERIFY_UNKNOWNRémy Oudompheng2011-04-21
| | | | | | | | | | Signed-off-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge remote-tracking branch 'remy/doxygen'Dan McGee2011-04-21
|\ \
| * | alpm.h: add several missing documentation stringsRémy Oudompheng2011-04-21
| | | | | | | | | | | | Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
| * | alpm.h: rationalize option getters/setters documentationRémy Oudompheng2011-04-21
| | | | | | | | | | | | Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
| * | alpm.h: add/improve function documentationRémy Oudompheng2011-04-21
| | | | | | | | | | | | Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
* | | pacman-key: improved reading of the configuration fileIvan Kanakarakis2011-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit replaces the find_config() function with the get_from() function. get_from expects two arguments, the first is the file to read and the second is the key to look for in the given file. get_from returns the first matching value for the given key. The file is expected to be in the format: key = value Each of 'key' 'equal sign' 'value' can be surrounded be random whitespace. Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | | pacman-key: display the unsupported command to the userIvan Kanakarakis2011-04-21
| | | | | | | | | | | | | | | | | | | | | | | | If the user provides an unsupported command, inform the user that this switch is unknown, display usage and exit. Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | | makepkg, pacman-key: unify help message with other scriptsIvan Kanakarakis2011-04-21
|/ / | | | | | | | | | | | | | | The help message changed to match the one rankmirrors script has. It's clearer as to what the --help switch does. Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Rename gpgsig struct fields for clarityDan McGee2011-04-20
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | Form the signature file location in one placeDan McGee2011-04-20
| | | | | | | | | | | | Since we do this for all cases anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Header inclusion cleanupDan McGee2011-04-20
| | | | | | | | | | | | | | | | This does touch a lot of things, and hopefully doesn't break things on other platforms, but allows us to also clean up a bunch of crud that no longer needs to be there. Signed-off-by: Dan McGee <dan@archlinux.org>
* | syntax: if/while statements should have no trailing spaceDan McGee2011-04-20
| | | | | | | | | | | | | | | | | | | | | | This is the standard, and we have had a few of these introduced lately that should not be here. Done with: find -name '*.c' | xargs sed -i -e 's#if (#if(#g' find -name '*.c' | xargs sed -i -e 's#while (#while(#g' Signed-off-by: Dan McGee <dan@archlinux.org>
* | Allow VerifySig to act as a default verification in [options]Dave Reisner2011-04-20
| | | | | | | | | | | | | | | | | | | | * add _alpm_db_get_sigverify_level * add alpm_option_{get,set}_default_sigverify And set the default verification level to OPTIONAL if not set otherwise. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | alpm.h: forward-declare shared enumerationsDan McGee2011-04-20
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | style cleanup: cast as (type *) not (type*)Dave Reisner2011-04-20
| | | | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | lib: remove dead code in be_local and be_packageDave Reisner2011-04-20
| | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com>
* | Put comments on their own lineDan McGee2011-04-20
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | Add configure option to specify package signing keyAllan McRae2011-04-20
| | | | | | | | | | | | | | | | | | Add the "GPGKEY" option to makepkg.conf for specifying signing packages with the non-default key from the keyring. Is overridded by makepkg's --key option. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Document makepkg package signing optionsAllan McRae2011-04-20
| | | | | | | | | | | | | | Dan: fix some grammar issues. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | New VerbosePkgLists optionJakob Gruber2011-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If enabled, displays package lists for upgrade, sync and remove operations formatted as a table. Falls back to default list display if insufficient terminal columns are available. Example output: :: Starting full system upgrade... :: Replace libjpeg with testing/libjpeg-turbo? [Y/n] resolving dependencies... looking for inter-conflicts... Remove (1): Name Old Version Size libjpeg 8.3.0-1 0.83 MB Total Removed Size: 0.83 MB Targets (5): Name Old Version New Version Size libjpeg-turbo 1.1.0-1 0.20 MB linux-firmware 20110201-1 20110227-1 8.23 MB ncurses 5.7-4 5.8-1 0.92 MB ppl 0.11.1-1 0.11.2-1 2.74 MB v4l-utils 0.8.1-1 0.8.3-1 0.23 MB Total Download Size: 12.32 MB Total Installed Size: 58.82 MB Signed-off-by: Jakob Gruber <jakob.gruber@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>