summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAge
* always unlink files before extractionAndrew Gregory2015-12-05
| | | | | | | | | | | | libarchive will not extract a directory over an existing directory symlink, making it impossible to replace a symlink with a directory across packages. Adding the ARCHIVE_EXTRACT_UNLINK and ARCHIVE_EXTRACT_SECURE_SYMLINKS causes libarchive to unlink the existing symlink and prevents it from extracting any paths that contain a symlink, which we should not be doing anyway. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Add large file support CFLAGS to pkgconfig fileAllan McRae2015-12-04
| | | | | | | | | | | Large file support is enabled by our configure script as required. If anything linking to libalpm does not also define large file support, there will be differences in the size of off_t which are not caught until runtime. Add the required CFLAGS to the pkg-config file so that users of libalpm know what flags are required. Signed-off-by: Allan McRae <allan@archlinux.org>
* run_chroot: always clear script output bufferAndrew Gregory2015-11-29
| | | | | | | | If the script output does not end in a newline there could still be data in the buffer after the poll loop. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* hooks: pass matched targets to hooksAndrew Gregory2015-11-28
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* allow specifying input to scriptletsAndrew Gregory2015-11-28
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* allow arguments in hook Exec fieldsAndrew Gregory2015-11-28
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Use correct format specifiersRikard Falkeborn2015-11-11
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* ensure realloc has a positive sizeAndrew Gregory2015-11-03
| | | | | | | | If given size 0 POSIX allows realloc to return a pointer that is not suitable for use. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* _alpm_hook_run: check path length before copyingAndrew Gregory2015-10-28
| | | | | | | | | If a hook path equals or exceeds PATH_MAX characters the path will be left unterminated. Pre-calculating the path length also allows us to use the more efficient memcpy over strncpy. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* hook.c: print invalid option nameAndrew Gregory2015-10-27
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* order hooks by file nameAndrew Gregory2015-10-27
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Alpm, check for NULL in free-functionsRikard Falkeborn2015-10-27
| | | | | | | | Also, use FREE() instead of free() in _alpm_backup_free() to set the pointers to NULL. Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Use ARRAYSIZE macro for non-string array size computationPierre Neidhardt2015-10-27
| | | | | Signed-off-by: Pierre Neidhardt <ambrevar@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* validate hooks after parsingAndrew Gregory2015-10-18
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* run hooks during trans_commitAndrew Gregory2015-10-18
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* add hook data types and parserAndrew Gregory2015-10-18
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* handle: add hookdirs optionAndrew Gregory2015-10-18
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* check fileconflicts and diskspace outside commitAndrew Gregory2015-09-20
| | | | | | | | | This is necessary in order to be able to run PreTransaction hooks as close to the actual commit as possible so that we don't prematurely run hooks for a transaction that ultimately never happens. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* sortbydeps: skip local packages being updatedAndrew Gregory2015-09-19
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: Force update when database is marked as corrupted.Sebastian Lackner2015-08-08
| | | | | | | | | | | | | When a database and its signature is updated non-atomically on a server, there is a window where a user may update the database but grab the old signature. The database is marked as invalid by libalpm, which can be fixed by forcing a refresh (assuming the server has caught up and the user realizes what has happened) or with a future update of the repo. Work around this by forcing a repository refresh whenever a database is invalid. Signed-off-by: Sebastian Lackner <sebastian@fds-team.de> Signed-off-by: Allan McRae <allan@archlinux.org>
* fill in name_hash for assumeinstalled optionsAndrew Gregory2015-08-08
| | | | | | | | | alpm_depend_t is an exposed data type. Front-ends may opt for alloc'ing one and filling the fields manually, but alpm's _alpm_hash_sdbm is not exposed, making it impossible for them to fill in the name_hash field. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* copy assumeinstalled optionsAndrew Gregory2015-08-08
| | | | | | | All other option setters copy their input. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* check assumeinstalled for meaningful modAndrew Gregory2015-08-08
| | | | | | | | assumeinstalled options are used as provisions for which MOD_EQ and MOD_ANY are the only meaningful settings. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* check dep versions before calling strcmpAndrew Gregory2015-08-08
| | | | | | | | Fixes a segfault when trying to remove an assumeinstalled option without a version. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Remove ko_KR translationAllan McRae2015-08-08
| | | | | | | The "ko_KR" locale is the same as the "ko" locale. Remove the "ko_KR" variant as it is incomplete and has been superseded by "ko" on transifex. Signed-off-by: Allan McRae <allan@archlinux.org>
* ensure matching database and package versionLevente Polyak2015-07-20
| | | | | | | | | | | | | | | While loading each package ensure that the internal version matches the expected database version to avoid the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. The behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Signed-off-by: Levente Polyak <anthraxx@archlinux.org> Signed-off-by: Remi Gacogne <rgacogne@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* Read file lists from databasesAllan McRae2015-07-15
| | | | | | | | | | If a sync database contains a "files" file, the file list will be read. Currently, there is no known demand for the file list to be lazy loaded by any libalpm frontend, so these files are read whenever present. Lazy loading can be implemented when a demand exists. Signed-off-by: Allan McRae <allan@archlinux.org>
* Allow frontends to specify the sync database extensionAllan McRae2015-07-15
| | | | | | | This allows frontends to select between the .db and .files databases currently supplied by repo-add or any other compatible database. Signed-off-by: Allan McRae <allan@archlinux.org>
* Do not warn about packages that optionally require a removal when ignoring depsAllan McRae2015-07-14
| | | | | | | If a transaction is removing a package while ignoring all dependencies, there should not be any warning about other packages optionally requiring it. Signed-off-by: Allan McRae <allan@archlinux.org>
* Do not warn about downgrades when only downloading packageAllan McRae2015-07-12
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* libalpm: Do a sanity check before manipulating final DB URLDavid Macek2015-05-12
| | | | | | | | | The change in commit 9d96bed9d6b57 causes download errors for the .db.sig file in case the final URL for the .db file contains query strings or other unexpected stuff. This commit isn't intended to be a total solution, but it should eliminate the problem in the most obvious cases. Signed-off-by: Allan McRae <allan@archlinux.org>
* Fix comment in alpm_db_updateDavid Macek2015-05-12
| | | | | | | Fix comment to better explain the magic constant used when allocating a buffer for ".db.sig" URL. Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm_logaction: implement documented return valueAndrew Gregory2015-05-12
| | | | | | | "return 0 on success, -1 on error (pm_errno is set accordingly)" Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm_logaction: allow falling back to syslogAndrew Gregory2015-05-12
| | | | | | | | | Even if opening the log file fails, if a user has enabled syslog we may still be able to log to that. Set the error return value and continue instead of bailing out. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* alpm_logaction: check logfile before openingAndrew Gregory2015-05-12
| | | | | | | | valgrind does not like calling open(NULL, ...). This also makes the return value 0 if logfile has not been set. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* merge _alpm_logaction into alpm_logactionAndrew Gregory2015-05-12
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* Silence warning from clangAllan McRae2015-05-12
| | | | | | | | clang is wrong - dbfile is always used initialized in that function. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Allan McRae <allan@archlinux.org>
* close stdin before running install scriptsAndrew Gregory2015-03-26
| | | | | | | | | libalpm does not guarantee that script output will be presented to the user or that stdin will be connected to a terminal. Close stdin so that scripts do not attempt to use it for user interaction. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* be_package: fallback to standard filelist loadingAndrew Gregory2015-03-26
| | | | | | | | | | | | | | | | In order to work properly, loading the filelist from an mtree file requires a libarchive patch that has not yet been included in an official release.[1] Under certain circumstances, an unpatched libarchive may refuse to read the mtree file due to inconsistencies between it and the user's file system. In order to allow alpm to recover in this situation, read the mtree data into a temporary filelist that is only copied over to the package if the entire read is successful. [1] https://github.com/libarchive/libarchive/commit/661684170b970ef7d6eff135b57e58a537e8bc53 Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* add_entry_to_files_list: pass filelist directlyAndrew Gregory2015-03-26
| | | | | | | | Allows entries to be added to arbitrary filelists not connected to a package. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* remove: use strcmp for files in skip_removeAndrew Gregory2015-03-03
| | | | | | | | | Paths from noupgrade, the transaction skip_remove, and package backup lists were combined into a single list matched using fnmatch causing paths with glob characters to match unrelated files. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* sync_prepare: exclude removals from resolvedepsAndrew Gregory2015-03-03
| | | | | Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
* calculate_removed_size: ensure llstat succeedsAllan McRae2015-03-03
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Abort of failure to add version file to empty local databaseAllan McRae2015-03-03
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* parse_descfile: fix memory leak in error caseAllan McRae2015-03-03
| | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* Merge branch 'maint'Allan McRae2015-02-20
|\
| * Update translations from TransifexAllan McRae2015-02-20
| |
| * Update translations from TransifexAllan McRae2015-02-14
| | | | | | | | Signed-off-by: Allan McRae <allan@archlinux.org>
* | Merge branch 'maint'Allan McRae2015-02-12
|\|
| * Disable directory ownership warningsAllan McRae2015-02-12
| | | | | | | | | | | | | | There was a lot of confusion regarding these warnings, particularly for packages that create users post_install and then chown the directories. Signed-off-by: Allan McRae <allan@archlinux.org>