summaryrefslogtreecommitdiff
path: root/lib/libalpm
Commit message (Collapse)AuthorAge
* Download and verify package database signaturesAllan McRae2011-03-23
| | | | | | | | | | | | | If signature verification is needed, attempt to download a signature file for a repo when it is updated. Return an error if unable to download signature only when checking is mandatory, or if signature is invalid. TODO: At the moment the database signature is only checked on download. Should we do anything with a database if it fails to be verified to prevent its future usage? Signed-off-by: Allan McRae <allan@archlinux.org>
* Refactor signature loading code into common functionDan McGee2011-03-23
| | | | | | | We can use this for both standalone package signatures as well as standalone database signatures. Signed-off-by: Dan McGee <dan@archlinux.org>
* Add functions for verifying database signatureAllan McRae2011-03-23
| | | | | | | | | | | | Add a pmpgpsig_t struct to the database entry struct and functions for the lazy loading of database signatures. Add a function for checking database signatures, reusing (and generalizing) the code currently used for checking package signatures. TODO: The code for reading in signature files from the filesystem is duplicated for local packages and database and needs refactoring. Signed-off-by: Allan McRae <allan@archlinux.org>
* lib/dload.c: Check for dlcb == NULL earlierDave Reisner2011-03-23
| | | | | | | | Our curl callback does a whole lot of work for nothing if the front end never defined a callback to receive the data we'd calculate for it. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/dload.c: don't use deprecated curl symbolsDave Reisner2011-03-23
| | | | | | | | CURLINFO_HTTP_CODE is deprecated in favor of CURLINFO_RESPONSE_CODE. Both yield the same values. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/dload.c: don't request compressed transportDave Reisner2011-03-23
| | | | | | | | The files we transfer are generally compressed already, so this just adds unnecessary overhead. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/dload.c: Fix progress callback issues on downloadDave Reisner2011-03-23
| | | | | | | | | Use a static variable to effectively track the initialization state of the progress callback via the last byte amount reported as downloaded by libcurl. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* lib/dload.c: fix compiler warnings generated by -Wfloat-equalDave Reisner2011-03-23
| | | | | | | | * introduces new macro in util.h (DOUBLE_EQ) for properly comparing floating point values Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* buildsys: use libcurl's m4 macro for buildtime detectionDave Reisner2011-03-23
| | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Report output from signature checking to debug logAllan McRae2011-03-23
| | | | | | | | Move the (possibly still temporary) output generated during signature checking into the --debug output. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* Added gpg verification options per repo to the config file.Xavier Chantry2011-03-23
| | | | | | | | | | | Once we do this, add support for VerifySig to pactest. We just check if the repo name contains Always, Never or Optional to determine the value of VerifySig. The default is Never. pacman uses Always by default but this is not suitable for pactest. Original-work-by: shankar <jatheendra@gmail.com> Signed-off-by: Xavier Chantry <shiningxc@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* Remove unnecessary sanity check on db->setserverDan McGee2011-03-23
| | | | | | | | We pass in a db object, so no need to go looking for it in the list on the handle. This is a remnant of when we passed in a treename, more than likely. Signed-off-by: Dan McGee <dan@archlinux.org>
* Integrate GPGME into libalpmDan McGee2011-03-23
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Add some error codes for signature verificationDan McGee2011-03-23
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Add signature directory as option on libalpm handleDan McGee2011-03-23
| | | | | | | This will serve as the home directory we pass to GPGME when making calls so we can have a libalpm-utilized keyring. Signed-off-by: Dan McGee <dan@archlinux.org>
* Actually read PGPSIG field in sync DB codeDan McGee2011-03-23
| | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge branch 'gpg-libalpm-basics'Dan McGee2011-03-23
|\
| * Read in .sig files when opening a package fileDan McGee2011-03-23
| | | | | | | | | | | | | | | | | | If a .sig file sits side-by-side on the filesystem with a package archive, read it in during the package struct creation process so we can verify it at a later time if necessary. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
| * Allow PGP signature to be read from sync databaseDan McGee2011-03-23
| | | | | | | | | | | | | | | | | | | | | | | | Add a new field to the package struct to hold PGP information and instruct db_read to pick it up from the database. It is currently unused internally but this is the first step. Due to the fact that we store the PGP sig as binary data, we need to store both the data and the length so we have a small utility struct to assist us. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
| * Add base64 algorithms from PolarSSL to libalpmDan McGee2011-03-23
| | | | | | | | | | | | | | | | We will need these for GPG functionality (decoding the base64 encoded signature stored in the databases). Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* | Remove libfetch error codeDan McGee2011-03-23
|/ | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* Merge branch 'gpg-build-tools'Dan McGee2011-03-23
|\
| * repo-add: add sha256sum values to repo databaseDan McGee2011-03-23
| | | | | | | | | | | | | | Implements FS#23103. Also modify libalpm so it ignores this value without any warning as we know it is likely to exist. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-03-23
|\ \ | |/ |/|
| * Updated 3.5.1 translations from TransifexDan McGee2011-03-23
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
| * Add new Serbian translation from TransifexSlobodan Terzić2011-03-23
| | | | | | | | | | | | Thanks! Signed-off-by: Dan McGee <dan@archlinux.org>
| * Minor code cleanupsDan McGee2011-03-21
| | | | | | | | | | | | | | Wrap lines of long length, noticed while creating and messing around with some of the other maint branch patches. Signed-off-by: Dan McGee <dan@archlinux.org>
| * Ensure package removal list does not contain duplicatesDan McGee2011-03-21
| | | | | | | | | | | | | | | | | | Noticed with the openoffice/libreoffice replacement scheme where many packages are listed as replacements to one package, thus electing it for removal multiple times. Ensure a given package is not already present before placing it in the removal list. Signed-off-by: Dan McGee <dan@archlinux.org>
| * Fix line_offset not being reset in _alpm_archive_fgets()Dan McGee2011-03-21
| | | | | | | | | | | | | | | | | | | | This is a rather serious data corruption issue that luckily manifested itself today in a noticable way. A package in testing had replaces entries read in as ["%RE pkgname", "%RE"] which was clearly wrong. This happens when we hit the end of an archive block, do not have a newline, and have to continue reading from the next block to complete the line. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-03-21
|\| | | | | | | | | | | | | | | Conflicts due to change in return calling style. Conflicts: src/pacman/pacman.c src/pacman/sync.c
| * Update source translation files in prep for 3.5.1Dan McGee2011-03-20
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
| * Fix comparison to 0 rather than NULLDan McGee2011-03-20
| | | | | | | | | | | | Another fix found by Coccinelle example semantic patches. Signed-off-by: Dan McGee <dan@archlinux.org>
| * Fix assignment before NULL checkDan McGee2011-03-20
| | | | | | | | | | | | Easy fix, found using null_ref.cocci example Coccinelle script. Signed-off-by: Dan McGee <dan@archlinux.org>
* | Don't initialize progress to zero before calling curl_easy_perform().Lukas Fleischer2011-03-21
| | | | | | | | | | | | | | | | | | | | Drawing progress bars before calling curl_easy_perform() is needless as the curl progress callback is called with zero progress before actually downloading the file anyways. Fixes display of "0%" progress bars when sync'ing package databases that are already up to date. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Ensure dlcb is defined before calling itDan McGee2011-03-21
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
* | Style change: return(x) --> return xDan McGee2011-03-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This was discussed and more or less agreed upon on the mailing list. A huge checkin, but if we just do it and let people adjust the pain will end soon enough. Rebasing should be relatively straighforward for anyone that sees conflicts; just be sure you use the new return style if possible. The following semantic patch was used to do the change, along with some hand-massaging in order to preserve parenthesis where appropriate: The semantic match that finds this problem is as follows, although some hand-massaging was done in order to keep parenthesis where appropriate: (http://coccinelle.lip6.fr/) // <smpl> @@ expression a; @@ - return(a); + return a; // </smpl> A macros_file was also provided with the following content: Additional steps taken, mainly for ASSERT() macros: $ sed -i -e 's#return(NULL)#return NULL#' lib/libalpm/*.c $ sed -i -e 's#return(-1)#return -1#' lib/libalpm/*.c Signed-off-by: Dan McGee <dan@archlinux.org>
* | lib/dload.c: fix opening braces to conform with coding styleDave Reisner2011-03-20
| | | | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-03-20
|\|
| * Add missing include for size_tDan McGee2011-03-20
| | | | | | | | | | | | Needed for things like our strndup() substitute function. Signed-off-by: Dan McGee <dan@archlinux.org>
| * Use sane umask for repo db downloadsAllan McRae2011-03-20
| | | | | | | | | | | | | | Fixes FS#23343. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
| * Correctly parse %DELTAS% entries in sync DBtuxce2011-03-17
| | | | | | | | | | | | | | We erroniously dropped the call to _alpm_delta_parse() when macro-izing, causing segfaults for repos that provide deltas. Addresses FS#23314. Signed-off-by: Dan McGee <dan@archlinux.org>
| * Ensure we have a root partition when checking spaceDan McGee2011-03-17
| | | | | | | | | | | | | | | | | | Partially addresses the "why doesn't CheckSpace work in a chroot" issue. We can't make it work, but we can at least detect when it won't work by checking for a partition for our given installation root. If we can't determine the mountpoint for this, bail out with an error. Signed-off-by: Dan McGee <dan@archlinux.org>
* | lib/dload.c: remove lingering libfetch specific headersDave Reisner2011-03-20
| | | | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Fix triple progress bars on downloadDave Reisner2011-03-17
| | | | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'maint'Dan McGee2011-03-16
|\|
| * alpm_list: fix typo in doxygen commentDave Reisner2011-03-16
| | | | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
| * Update translations for message with added newlineDan McGee2011-03-16
| | | | | | | | Signed-off-by: Dan McGee <dan@archlinux.org>
| * Add missing newline to warning messageAllan McRae2011-03-16
| | | | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
* | Merge branch 'download'Dan McGee2011-03-16
|\ \ | |/ |/|
| * Remove all traces of libfetchDave Reisner2011-03-09
| | | | | | | | Signed-off-by: Dave Reisner <d@falconindy.com>