summaryrefslogtreecommitdiff
path: root/lib/libalpm/sync.c
Commit message (Collapse)AuthorAge
* Update copyright years for 2016Allan McRae2016-01-04
| | | | | | make update-copyright OLD=2015 NEW=2016 Signed-off-by: Allan McRae <allan@archlinux.org>
* check fileconflicts and diskspace outside commitAndrew Gregory2015-09-20
| | | | | | | | | This is necessary in order to be able to run PreTransaction hooks as close to the actual commit as possible so that we don't prematurely run hooks for a transaction that ultimately never happens. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* ensure matching database and package versionLevente Polyak2015-07-20
| | | | | | | | | | | | | | | While loading each package ensure that the internal version matches the expected database version to avoid the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. The behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* sync_prepare: exclude removals from resolvedepsAndrew Gregory2015-03-03
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Update copyright notices for 2015Allan McRae2015-02-01
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* apply_deltas: fix memory leak on errorAllan McRae2014-12-27
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* build_payload: free memory on errorAllan McRae2014-12-24
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* sync.c: download packages before starting commitAndrew Gregory2014-10-13
| | | | | | | | | | download_files sets the transaction state to STATE_DOWNLOADING. Modifying the state after it has already been set to STATE_COMMITTING created a brief window where SIGINT would fail to interrupt the process and caused interrupted downloads to result in a 'transaction started' message in the log with no matching transaction end. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
* check_keyring: skip keys known to be missingAndrew Gregory2014-10-01
| | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
* remove retry check from signature validationAndrew Gregory2014-10-01
| | | | | | | The retry path was removed by 4ccf16dff589ce9f369d377bb5d3f490bd27c624 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
* libalpm: export alpm_splitdep as alpm_dep_from_depstring and alpm_dep_freeFlorian Pritz2014-09-30
| | | | Signed-off-by: Florian Pritz <bluewind@xinu.at>
* sync_prepare: remove useless check for replacersAndrew Gregory2014-08-03
| | | | | | | | Since 017184fa, alpm_sync_sysupgrade will not add both a replacement and a literal upgrade to the transaction. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Update the question callbackOlivier Brunel2014-06-24
| | | | | | | | | | | | Much like with events, instead of using a bunch of void* arguments for all questions, we now send one pointer to an alpm_question_t union. This contains the type of question that was triggered. With this information, a question-specific struct can be accessed in order to get additional arguments. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Use MALLOC throughtout libalpmAllan McRae2014-03-08
| | | | | | | | Use MALLOC instead of malloc for safety in libalpm. Some changes are pure refactoring, but for others this provides a success check for memory allocation. Signed-off-by: Allan McRae <allan@archlinux.org>
* sync_prepare: ignore explicitly removed conflictsAndrew Gregory2014-03-04
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix warnings with strict-overflow in gcc-4.9Allan McRae2014-03-03
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Add events _PKGDOWNLOAD_{START, DONE, FAILED}Olivier Brunel2014-03-03
| | | | | | | | | | | | | | | | These will be emmitted when download a package file from a repository, indicating that the download starts, and whether it was successfull or not. Note that when multiple servers are available, no event is emmitted when switching to another server. (This doesn't apply to alpm_fetch_pkgurl(), but since it is called by the frontend, it shouldn't have problems knowing when the download starts and when it ends.) Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Add events ALPM_EVENT_RETRIEVE_{DONE, FAILED}Olivier Brunel2014-03-03
| | | | | | | | | To go along with RETRIEVE_START, one other event will be emmitted once the downloads are done: RETRIEVE_DONE if all files were successfully downloaded, else RETRIEVE_FAILED. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Update the event callbackOlivier Brunel2014-03-03
| | | | | | | | | | | | Instead of using two void* arguments for all events, we now send one pointer to an alpm_event_t struct. This contains the type of event that was triggered. With this information, the pointer can then be typecasted to the event-specific struct in order to get additional arguments. Signed-off-by: Olivier Brunel <jjk@jjacky.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* _alpm_sync_prepare: fix unresolvable packages leakAndrew Gregory2014-02-08
| | | | | | | | | If the user opted not to remove the unresolvable packages from the transaction, the list was neither free'd nor saved to the transaction to be free'd in trans_release. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm: export *_free functionsAndrew Gregory2014-02-04
| | | | | | | Front-ends should be able to free memory that alpm hands them. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* sync_prepare: manually set pm_errnoAndrew Gregory2014-01-30
| | | | | | | | | | | _alpm_resolvedeps resets pm_errno to 0 by calling alpm_checkdeps. Whenever the last call succeeded, pm_errno was not properly set, preventing pacman from properly handling the error and leaking additional memory. We know pm_errno should be ALPM_ERR_UNSATISFIED_DEPS if resolvedeps has failed, so just set it manually. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove ts and sw from vim modeline when noet is setFlorian Pritz2014-01-28
| | | | | | | | | | | | Forcing vim users to view files with a tabstop of 2 seems really unnecessary when noet is set. I find it much easier to read code with ts=4 and I dislike having to override the modeline by hand. Command run: find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} + Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Allan McRae <allan@archlinux.org>
* sync_prepare: treat from_sync as a booleanAndrew Gregory2014-01-15
| | | | | | | | We only care that packages are being installed from a repo, not how many. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Consistently use #ifdefAllan McRae2014-01-10
| | | | Fix the occurances of #if to be #ifdef for consistency.
* check_keyring: plug memory leakAndrew Gregory2014-01-06
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Update copyright years for 2014Allan McRae2014-01-06
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* trans_prepare: always sort trans->remove by depsAndrew Gregory2013-12-19
| | | | | | | | Packages can be removed during a sync transaction either directly or due to conflicts and need to be sorted. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* remove useless continueAndrew Gregory2013-12-15
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm_sync_sysupgrade: skip packages being removedAndrew Gregory2013-12-15
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* sortbydeps: include local pkgs in dep graphAndrew Gregory2013-10-31
| | | | | | | | | | | | | | | | Detecting indirect dependencies by traversing a package's entire dependency tree is prohibitively slow for larger transactions. Instead add local packages to the dependency graph. This additionally requires delaying dependency ordering for sync operations so that removed packages may be excluded from dependency detection. tests/sync012.py was also updated to ensure that the dependency cycle was actually detected. Fixes FS#37380 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Expose alpm_pkg_should_ignoreAllan McRae2013-10-31
| | | | | | | This function is useful for frontends to annotate package upgrades that will be ignored. Signed-off-by: Allan McRae <allan@archlinux.org>
* Make functions to decode a signature and extract keyid publicAllan McRae2013-10-31
| | | | | | These are useful for frontends. Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix progress bar overflow while checking package integrityAllan McRae2013-10-15
| | | | | | | | | | | On 32bit systems, the progress bar intergrity checking can show values greater than 100% with large transactions. This is due to the total size of all package files being greater than a size_t. Use uint64_t for these sizes. Fixes FS#36608 Signed-off-by: Allan McRae <allan@archlinux.org>
* Report which package is missing a signatureAllan McRae2013-10-15
| | | | | | | | | If any package in a sync transaction is missing a required signature, we give an uninformative error message (which may or may not state that the missing signature is the issue). Always output the package with the missing signature. Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: introduce a usage level for reposDave Reisner2013-09-04
| | | | | | | | | | | | | | | | This defines a level of interest a user has in a repository. These are described by the bitmask flags in the alpm_db_usage_t enum: ALPM_DB_USAGE_SEARCH: repo is valid for searching ALPM_DB_USAGE_INSTALL: repo is valid for installs (e.g. -S pkg) ALPM_DB_USAGE_UPGRADE: repo is valid for sysupgrades ALPM_DB_USAGE_ALL: all of the above are valid Explicitly listing the contents of a repo will always be valid, and the repo will always be refreshed appropriately on sync operations. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm/sync: remove useless intermediate variableDave Reisner2013-03-10
| | | | | | | | This also rearranges some code to ensure that declarations and code aren't mixed. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: Search for replacers before literalsOlivier Brunel2013-03-07
| | | | | | | | | | | | | | | | | Since 882bff36 literals would be searched before replacers, resulting in a package being replaced by another not actually being replaced under certain conditions (e.g. they're both in the same repo). This change effectively reversed the expectations in test sync132. This patch switches the order back to replacers first, thus making sure if a package is replacing another one, the change will always happen, even if both are in the same repo. Note that a package replacing another one in a repo with higher priority will not be done, see FS#11737 and test sync1105 Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: Fix installing update of a replaced packageOlivier Brunel2013-03-07
| | | | | | | | | During a sysupgrade, if a package is replaced by another, and an update for the former package is found (on another repo) the replaced package would be re-installed. Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Perform limited conflict checking with --forceAllan McRae2013-02-24
| | | | | | | | | | | | Pacman currently bails when trying to extract a file over a directory when using --force. Instead of ignoring all conflict, perform the check and skip any file-file conflicts. Conflicts between directories and files are still flagged and cause the transation to abort. As a bonus, we now know about files changing packages when using --force, so we can skip removing them fixing upgrade046. Signed-off-by: Allan McRae <allan@archlinux.org>
* fix style violationsAndrew Gregory2013-02-16
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix --without-gpgme buildAllan McRae2013-02-13
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prompt to delete packages with signature failsAllan McRae2013-02-09
| | | | | | | Offer to remove the bad package when a signature fails to validate as is done for checksum failures. Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove retry path from signature validationAllan McRae2013-02-09
| | | | | | | | Now that the keyring is checked for all needed keys before the validation, we can not reach a point of a missing key when doing validity checks for sync operations. Signed-off-by: Allan McRae <allan@archlinux.org>
* Check keys are in keyring before package validationAllan McRae2013-02-09
| | | | | | | | | | | | Keys used to create signatures are checked for presence in the keyring before package validation is performed. Signed-off-by: Allan McRae <allan@archlinux.org> Conflicts: lib/libalpm/alpm.h Signed-off-by: Allan McRae <allan@archlinux.org>
* dload: pass back the effective URL to callers of _alpm_downloadDave Reisner2013-01-29
| | | | | | | | | | | I suspect that eventually we're going to end up returning a pointer to an allocated struct to describe the download result, but that's for another patch when the need arises... Fixes FS#33508. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Update copyright year for 2013Allan McRae2013-01-03
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Plug various minor memory leaksAndrew Gregory2012-12-14
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Make alpm_pkg_find publicAllan McRae2012-12-14
| | | | | | This function is particularly useful, so make it public. Signed-off-by: Allan McRae <allan@archlinux.org>
* Merge branch 'maint'Dan McGee2012-08-07
|\