summaryrefslogtreecommitdiff
path: root/lib/libalpm/dload.h
Commit message (Collapse)AuthorAge
* absorb fileinfo struct into dload_payloadDave Reisner2011-07-05
| | | | | | This transitional struct becomes delicious noms for dload_payload. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* absorb some _alpm_download params into payload structDave Reisner2011-07-05
| | | | | | | Restore some sanity to the number of arguments passed to _alpm_download and curl_download_internal. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* lib/dload: prevent large file attacksDave Reisner2011-07-05
| | | | | | | | | | | | | | | | | | | This means creating a new struct which can pass more descriptive data from the back end sync functions to the downloader. In particular, we're interested in the download size read from the sync DB. When the remote server reports a size larger than this (via a content-length header), abort the transfer. In cases where the size is unknown, we set a hard upper limit of: * 25MiB for a sync DB * 16KiB for a signature For reference, 25MiB is more than twice the size of all of the current binary repos (with files) combined, and 16KiB is a truly gargantuan signature. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* dload: handle irregular URLsDave Reisner2011-07-05
| | | | | | | | | | | | | | | | | | | | | | URLs might end with a slash and follow redirects, or could be a generated by a script such as /getpkg.php?id=12345. In both cases, we may have a better filename that we can write to, taken from either content-disposition header, or the effective URL. Specific to the first case, we write to a temporary file of the format 'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this is a randomly generated file, we cannot support resuming and the file is unlinked in the event of an interrupt. We also run into the possibility of changing out the filename from under alpm on a -U operation, so callers of _alpm_download can optionally pass a pointer to a *char to be filled in by curl_download_internal with the actual filename we wrote to. Any sync operation will pass a NULL pointer here, as we rely on specific names for packages from a mirror. Fixes FS#22645. Signed-off-by: Dave Reisner <d@falconindy.com>
* Rename pmhandle_t to alpm_handle_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Move pm_errno onto the handleDan McGee2011-06-13
| | | | | | This involves some serious changes and a very messy diff, unfortunately. Signed-off-by: Dan McGee <dan@archlinux.org>
* libalpm/dload: major refactor of signature downloadingDan McGee2011-04-22
| | | | | | | | | | | | | | | | | | There's a lot of related moving parts here: * Iteration through mirrors is moved back to the calling functions. This allows removal of _alpm_download_single_file and _alpm_download_files. * The download function gets a few more arguments to influence behavior. This allows several different scenarios to customize behavior: - database - database signature (req'd and optional) - package - package via direct URL - package signature via direct URL (req'd and optional) * For databases, we need signatures from the same mirror, so structure the code accordingly. Some-inspiration-from: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* libalpm/dload: const and static correctnessDan McGee2011-04-22
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/dload: pass a struct with filename and size to curl_progressDave Reisner2011-03-27
| | | | | | | | This lets us determine the real size of the file on disk so that we can properly bump the progress bar when we're resuming a download. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove all traces of libfetchDave Reisner2011-03-09
| | | | Signed-off-by: Dave Reisner <d@falconindy.com>
* Update copyright years for 2011Allan McRae2011-01-07
| | | | | Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Bump copyright dates to 2010Dan McGee2010-03-14
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* download: major refactor to address lingering issuesDan McGee2009-11-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sorry for this being such a huge patch, but I believe it is necessary for quite a few reasons which I will attempt to explain herein. I've been mulling this over for a while, but wasn't super happy with making the download interface more complex. Instead, if we carefully order things in the internal download code, we can actually make the interface simpler. 1. FS#15657 - This involves `name.db.tar.gz.part` files being left around the filesystem, and then causing all sorts of issues when someone attempts to rerun the operation they canceled. We need to ensure that if we resume a download, we are resuming it on exactly the same file; if we cannot be almost postive of that then we need to start over. 2. http://www.mail-archive.com/pacman-dev@archlinux.org/msg03536.html - Here we have a lighttpd bug to ruin the day. If we send both a Range: header and If-Modified-Since: header across the wire in a GET request, lighttpd doesn't do what we want in several cases. If the file hadn't been modified, it returns a '304 Not Modified' instead of a '206 Partial Content'. We need to do a stat (e.g. HEAD in HTTP terms) operation here, and the proceed accordingly based off the values we get back from it. 3. The mtime stuff was rather ugly, and relied on the called function to write back to a passed in reference, which isn't the greatest. Instead, use the power of the filesystem to contain this info. Every file downloaded internally is now carefully timestamped with the remote file time. This should allow the resume logic to work. In order to guarantee this, we need to implement a signal handler that catches interrupts, notifies the running code, and causes it to set the mtimes on the file. It then rethrows the signal so the pacman signal handler (or any frontend) works as expected. 4. We did a lot of funky stuff in trying to track the DB last modified time. It is a lot easier to just keep the downloaded DB file around and track the time on that rather than in a funky dot file. It also kills a lot of code. 5. For GPG verification of the databases down the road, we are going to need the DB file around for at least a short bit of time anyway, so this gets us closer to that. Signed-off-by: Dan McGee <dan@archlinux.org> [Xav: fixed printf with off_t] Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
* Update copyright headers and messagesDan McGee2009-07-01
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove unnecessary import in dload.hDan McGee2008-04-10
| | | | | | | We no longer expose any of libdownload in our public functions, so no need to include this header anymore. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add new stub download functions for use throughout the codeDan McGee2008-02-24
| | | | | | | | Add new stub functions that work by calling the existing (terrible) download forreal function, which needs a serious overhaul. Hide the existing functions and switch all former users to the new functions. Signed-off-by: Dan McGee <dan@archlinux.org>
* Move download code out of server.cDan McGee2008-02-24
This is the first in what will be a series of patches to clean up the current download code in libalpm. Start by moving download code out of server.c and into download.c. Signed-off-by: Dan McGee <dan@archlinux.org>