summaryrefslogtreecommitdiff
path: root/lib/libalpm/sync.c
Commit message (Collapse)AuthorAge
...
* Parse conflicts/provides/replaces at database load timeDan McGee2011-08-15
| | | | | | | | | | | | | | | | | | | | | | We did this with depends way back in commit c244cfecf654d3 in 2007. We can do it with these fields as well. Of note is the inclusion of provides even though only '=' is supported- we'll parse other things, but no guarantees are given as to behavior, which is more or less similar to before since we only looked for the equals sign. Also of note is the non-inclusion of optdepends; this will likely be resolved down the road. The biggest benefactors of this change will be the resolving code that formerly had to parse and reparse several of these fields; it only happens once now at load time. This does lead to the disadvantage that we will now always be parsing this information up front even if we never need it in the split form, but as these are uncommon fields and our parser is quite efficient it shouldn't be a big concern. Signed-off-by: Dan McGee <dan@archlinux.org>
* Validate the sha256sum if availableDan McGee2011-08-15
| | | | | | Adjust load_internal() to check the sha256sum value if we have it. Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/sync: reset flag after rejecting a replaceDave Reisner2011-08-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This prevents iteration through the remainder of the current tree, with pacman claiming that they're all replacements to the original replacement candidate. :: Synchronizing package databases... allanbrokeit is up to date testing is up to date core is up to date extra is up to date community-testing is up to date community is up to date :: Starting full system upgrade... :: Replace util-linux-git with core/util-linux? [Y/n] n :: Replace util-linux-git with core/vi? [Y/n] n :: Replace util-linux-git with core/vpnc? [Y/n] n :: Replace util-linux-git with core/wget? [Y/n] n :: Replace util-linux-git with core/which? [Y/n] n :: Replace util-linux-git with core/wireless-regdb? [Y/n] n :: Replace util-linux-git with core/wireless_tools? [Y/n] n :: Replace util-linux-git with core/wpa_actiond? [Y/n] n :: Replace util-linux-git with core/wpa_supplicant? [Y/n] n :: Replace util-linux-git with core/xfsprogs? [Y/n] n :: Replace util-linux-git with core/xinetd? [Y/n] n :: Replace util-linux-git with core/xz? [Y/n] n :: Replace util-linux-git with core/zd1211-firmware? [Y/n] n :: Replace util-linux-git with core/zlib? [Y/n] n there is nothing to do Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Parse replaces strings as dep strings with version specsDan McGee2011-08-09
| | | | | | | | This is done extremely crudely and is not very efficient, but it does push us down the path of being closer to right, as one additional test now passes. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add reason to corrupted package callbackDan McGee2011-08-08
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Attempt to fix up some of the brokenness around failed package loadsDan McGee2011-08-08
| | | | | | | | | | | | | | | This is a bit of a mess, due to the fact that we have a progress meter running. It is also ironic that we are in the midst of a method named "commit" when we haven't done a damn thing yet, and can still fail hard if either a checksum or signature is invalid or unrecognized. Adapt the former test_md5sum method to be invoked for any of the various failure types, which at least gives the user some indication of what packages are failing. A second patch will be needed to actually show worthwhile error codes, but this is going to involve modifying the actual data passed with the callback. Signed-off-by: Dan McGee <dan@archlinux.org>
* absorb some _alpm_download params into payload structDave Reisner2011-07-05
| | | | | | | Restore some sanity to the number of arguments passed to _alpm_download and curl_download_internal. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* lib/dload: prevent large file attacksDave Reisner2011-07-05
| | | | | | | | | | | | | | | | | | | This means creating a new struct which can pass more descriptive data from the back end sync functions to the downloader. In particular, we're interested in the download size read from the sync DB. When the remote server reports a size larger than this (via a content-length header), abort the transfer. In cases where the size is unknown, we set a hard upper limit of: * 25MiB for a sync DB * 16KiB for a signature For reference, 25MiB is more than twice the size of all of the current binary repos (with files) combined, and 16KiB is a truly gargantuan signature. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
* dload: handle irregular URLsDave Reisner2011-07-05
| | | | | | | | | | | | | | | | | | | | | | URLs might end with a slash and follow redirects, or could be a generated by a script such as /getpkg.php?id=12345. In both cases, we may have a better filename that we can write to, taken from either content-disposition header, or the effective URL. Specific to the first case, we write to a temporary file of the format 'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this is a randomly generated file, we cannot support resuming and the file is unlinked in the event of an interrupt. We also run into the possibility of changing out the filename from under alpm on a -U operation, so callers of _alpm_download can optionally pass a pointer to a *char to be filled in by curl_download_internal with the actual filename we wrote to. Any sync operation will pass a NULL pointer here, as we rely on specific names for packages from a mirror. Fixes FS#22645. Signed-off-by: Dave Reisner <d@falconindy.com>
* Allow invalid sync DBs to be returned by the libraryDan McGee2011-07-05
| | | | | | | | | | | | | | They are placeholders, but important for things like trying to re-sync a database missing a signature. By using the alpm_db_validity() method at the right time, a client can take the appropriate action with these invalid databases as necessary. In pacman's case, we disallow just about anything that involves looking at a sync database outside of an '-Sy' operation (although we do check the validity immediately after). A few operations are still permitted- '-Q' ops that don't touch sync databases as well as '-R'. Signed-off-by: Dan McGee <dan@archlinux.org>
* signing: move to new signing verification and return schemeDan McGee2011-07-05
| | | | | | | | | | | | | | | | | This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee <dan@archlinux.org>
* Prefix _alpm_errno_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_transprog_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_transconv_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_transevt_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_transflag_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_loglevel_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Prefix alpm_pkgreason_t members with ALPMAllan McRae2011-07-02
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Make alpm_db_get_sigverify_level() publicDan McGee2011-06-30
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Rename public functions with grp in their nameAllan McRae2011-06-29
| | | | | | | | | | | | | | | Using grp instead of group is a small saving at the cost of clarity. Rename the following functions: alpm_option_get_ignoregrps -> alpm_option_get_ignoregroups alpm_option_add_ignoregrp -> alpm_option_add_ignoregroup alpm_option_set_ignoregrps -> alpm_option_set_ignoregroups alpm_option_remove_ignoregrp -> alpm_option_remove_ignoregroup alpm_db_readgrp -> alpm_db_readgroup alpm_db_get_grpcache -> alpm_db_get_groupcache alpm_find_grp_pkgs -> alpm_find_group_pkgs Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmdelta_t to alpm_delta_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmgrp_t to alpm_group_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmconflict_t to alpm_conflict_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmdepend_t to alpm_depend_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmtrans_t to alpm_trans_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmpkg_t to alpm_pkg_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmdb_t to alpm_db_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Rename pmhandle_t to alpm_handle_tAllan McRae2011-06-28
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Make pmgrp_t publicDan McGee2011-06-16
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Make pmdelta_t publicDan McGee2011-06-16
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Ensure handle is valid and pm_errno is reset when calling into APIDan McGee2011-06-14
| | | | | | | | | | | | | | | | | We didn't do due diligence before and ensure prior pm_errno values weren't influencing what happened in further ALPM calls. I observed one case of early setup code setting pm_errno to PM_ERR_WRONG_ARGS and that flag persisting the entire time we were calling library code. Add a new CHECK_HANDLE() macro that does two things: 1) ensures the handle variable passed to it is non-NULL and 2) clears any existing pm_errno flag set on the handle. This macro can replace many places we used the ASSERT(handle != NULL, ...) pattern before. Several other other places only need a simple 'set to zero' of the pm_errno field. Signed-off-by: Dan McGee <dan@archlinux.org>
* Small handle related cleanupsDan McGee2011-06-14
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Add handle argument to _alpm_pkg_should_ignore()Dan McGee2011-06-14
| | | | | | | This allows callers to retrieve it from wherever is convenient, which may or may not be on the package object itself. Signed-off-by: Dan McGee <dan@archlinux.org>
* Switch all logging to use handle directlyDan McGee2011-06-13
| | | | | | | This is the last user of our global handle object. Once again the diff is large but the functional changes are not. Signed-off-by: Dan McGee <dan@archlinux.org>
* Move pm_errno onto the handleDan McGee2011-06-13
| | | | | | This involves some serious changes and a very messy diff, unfortunately. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add handle argument to two more alpm methodsDan McGee2011-06-13
| | | | | | This takes care of alpm_checkdeps() and alpm_find_dbs_satisfier(). Signed-off-by: Dan McGee <dan@archlinux.org>
* Require handle for alpm_checkconflicts()Dan McGee2011-06-13
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Require handle for alpm_pkg_load()Dan McGee2011-06-13
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Require handle for alpm_sync_sysupgrade()Dan McGee2011-06-09
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Require handle argument to all alpm_option_(get|set)_*() methodsDan McGee2011-06-09
| | | | | | | | This requires a lot of line changes, but not many functional changes as more often than not our handle variable is already available in some fashion. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove global handle dependencies from sync/upgrade pathsDan McGee2011-06-03
| | | | | | | | | This kills a lot more global handle business off. sync.c still requires the handle declaration for one reference that can't be changed yet; it will be removed in a future patch which isolates all of the necesary API changes. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove global handle from remove.cDan McGee2011-06-03
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove global handle from diskspace.cDan McGee2011-06-03
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Push down extern handle variable to files that need itDan McGee2011-06-03
| | | | | | | This will make the patching process less invasive as we start to remove this variable from all source files. Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove ALPM_LOG_FUNC macroDan McGee2011-06-03
| | | | | | | | | The usefulness of this is rather limited due to it not being compiled into production builds. When you do choose to see the output, it is often overwhelming and not helpful. The best bet is to use a debugger and/or well-placed fprintf() statements. Signed-off-by: Dan McGee <dan@archlinux.org>
* dload: ensure we return success if we found files on any mirrorDan McGee2011-05-05
| | | | | | | | We were erroring out in the case where a first (possibly bogus) mirror would cause the download process to return a failure code, even though subsequent servers had the file. Signed-off-by: Dan McGee <dan@archlinux.org>
* Perform package verification at package load timeDan McGee2011-04-24
| | | | | | | | | | | Both md5sum verification and PGP verification can and should be done at package load time. This allows verification to happen as early as possible for packages provided by filename and loaded in the frontend, and moves more stuff out of sync_commit that doesn't really belong there. This should also set the stage for simplified parallel loading of packages later down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
* sync_commit: refactor out validate_deltasDan McGee2011-04-24
| | | | | | | More stuff going on in the pre-committing stage that can be in a static method to make things a bit more clear. Signed-off-by: Dan McGee <dan@archlinux.org>
* sync_commit: refactor out file downloadsDan McGee2011-04-24
| | | | | | | | | This part is almost completely self-contained, except building the list of delta filenames that we use later to check their md5sums. Refactor it into a static method so we can bring most of the code in sync_commit closer to the method name. Signed-off-by: Dan McGee <dan@archlinux.org>
* Rein in the complexity of the signature typeDan McGee2011-04-24
| | | | | | | | | | | | | | Given that we offer no transparency into the pmpgpsig_t type, we don't really need to expose it outside of the library, and at this point, we don't need it at all. Don't decode anything except when checking signatures. For packages/files not from a sync database, we now just read the signature file directly anyway. Also push the decoding logic down further into the check method so we don't need this hanging out in a less than ideal place. This will make it easier to conditionally compile things down the road. Signed-off-by: Dan McGee <dan@archlinux.org>