From db3b86e7f34f4c3ccb42e98465f2069aa642a85f Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 17:29:55 -0500 Subject: Do database signature checking at load time This is the ideal place to do it as all clients should be checking the return value and ensuring there are no errors. This is similar to pkg_load(). We also add an additional step of validation after we download a new database; a subsequent '-y' operation can potentially invalidate the original check at registration time. Note that this implementation is still a bit naive; if a signature is invalid it is currently impossible to refresh and re-download the file without manually deleting it first. Similarly, if one downloads a database and the check fails, the database object is still there and can be used. These shortcomings will be addressed in a future commit. Signed-off-by: Dan McGee --- test/pacman/tests/sign001.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'test') diff --git a/test/pacman/tests/sign001.py b/test/pacman/tests/sign001.py index 0ae417b7..14add09c 100644 --- a/test/pacman/tests/sign001.py +++ b/test/pacman/tests/sign001.py @@ -1,8 +1,8 @@ -self.description = "Add a signature to a package DB" +self.description = "Add a bogus signature to a package DB" sp = pmpkg("pkg1") sp.pgpsig = "asdfasdfsdfasdfsdafasdfsdfasd" -self.addpkg2db("sync+Always", sp) +self.addpkg2db("sync+Optional", sp) self.args = "-Ss" -- cgit v1.2.3-70-g09d2 From 79e98316ea89486d107466858543e965bcfbb0a9 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Tue, 7 Jun 2011 20:42:15 -0500 Subject: Add a 'valid' flag to the database object Start by converting all of our flags to a 'status' bitmask (pkgcache status, grpcache status). Add a new 'valid' flag as well. This will let us keep track if the database itself has been marked valid in whatever fashion. For local databases at the moment we ensure there are no depends files; for sync databases we ensure the PGP signature is valid if required/requested. The loading of the pkgcache is prohibited if the database is invalid. Signed-off-by: Dan McGee --- lib/libalpm/alpm.h | 1 + lib/libalpm/be_local.c | 6 ++++++ lib/libalpm/be_sync.c | 12 ++++++++++- lib/libalpm/db.c | 49 ++++++++++++++++++++++-------------------- lib/libalpm/db.h | 14 +++++++----- lib/libalpm/error.c | 2 ++ lib/libalpm/trans.c | 8 +++++++ src/pacman/conf.c | 2 +- test/pacman/tests/ignore007.py | 2 +- 9 files changed, 65 insertions(+), 31 deletions(-) (limited to 'test') diff --git a/lib/libalpm/alpm.h b/lib/libalpm/alpm.h index eb2eff88..579b45f2 100644 --- a/lib/libalpm/alpm.h +++ b/lib/libalpm/alpm.h @@ -1002,6 +1002,7 @@ enum _pmerrno_t { PM_ERR_DB_NULL, PM_ERR_DB_NOT_NULL, PM_ERR_DB_NOT_FOUND, + PM_ERR_DB_INVALID, PM_ERR_DB_VERSION, PM_ERR_DB_WRITE, PM_ERR_DB_REMOVE, diff --git a/lib/libalpm/be_local.c b/lib/libalpm/be_local.c index 0ff51deb..96f04c51 100644 --- a/lib/libalpm/be_local.c +++ b/lib/libalpm/be_local.c @@ -321,6 +321,10 @@ static int local_db_validate(pmdb_t *db) DIR *dbdir; int ret = -1; + if(db->status & DB_STATUS_VALID) { + return 0; + } + dbpath = _alpm_db_path(db); if(dbpath == NULL) { RET_ERR(db->handle, PM_ERR_DB_OPEN, -1); @@ -329,6 +333,7 @@ static int local_db_validate(pmdb_t *db) if(dbdir == NULL) { if(errno == ENOENT) { /* database dir doesn't exist yet */ + db->status |= DB_STATUS_VALID; return 0; } else { RET_ERR(db->handle, PM_ERR_DB_OPEN, -1); @@ -354,6 +359,7 @@ static int local_db_validate(pmdb_t *db) } } /* we found no depends file after full scan */ + db->status |= DB_STATUS_VALID; ret = 0; done: diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c index 1a434f24..c1703ffe 100644 --- a/lib/libalpm/be_sync.c +++ b/lib/libalpm/be_sync.c @@ -69,9 +69,15 @@ static char *get_sync_dir(pmhandle_t *handle) static int sync_db_validate(pmdb_t *db) { + pgp_verify_t check_sig; + + if(db->status & DB_STATUS_VALID) { + return 0; + } + /* this takes into account the default verification level if UNKNOWN * was assigned to this db */ - pgp_verify_t check_sig = _alpm_db_get_sigverify_level(db); + check_sig = _alpm_db_get_sigverify_level(db); if(check_sig != PM_PGP_VERIFY_NEVER) { int ret; @@ -83,6 +89,7 @@ static int sync_db_validate(pmdb_t *db) /* we can skip any validation if the database doesn't exist */ if(access(dbpath, R_OK) != 0 && errno == ENOENT) { + goto valid; return 0; } @@ -95,6 +102,8 @@ static int sync_db_validate(pmdb_t *db) } } +valid: + db->status |= DB_STATUS_VALID; return 0; } @@ -215,6 +224,7 @@ int SYMEXPORT alpm_db_update(int force, pmdb_t *db) /* Cache needs to be rebuilt */ _alpm_db_free_pkgcache(db); + db->status &= ~DB_STATUS_VALID; if(sync_db_validate(db)) { /* pm_errno should be set */ ret = -1; diff --git a/lib/libalpm/db.c b/lib/libalpm/db.c index 820261a1..b20421a3 100644 --- a/lib/libalpm/db.c +++ b/lib/libalpm/db.c @@ -468,11 +468,8 @@ alpm_list_t *_alpm_db_search(pmdb_t *db, const alpm_list_t *needles) /* Returns a new package cache from db. * It frees the cache if it already exists. */ -int _alpm_db_load_pkgcache(pmdb_t *db) +static int load_pkgcache(pmdb_t *db) { - if(db == NULL) { - return -1; - } _alpm_db_free_pkgcache(db); _alpm_log(db->handle, PM_LOG_DEBUG, "loading package cache for repository '%s'\n", @@ -483,23 +480,23 @@ int _alpm_db_load_pkgcache(pmdb_t *db) return -1; } - db->pkgcache_loaded = 1; + db->status |= DB_STATUS_PKGCACHE; return 0; } void _alpm_db_free_pkgcache(pmdb_t *db) { - if(db == NULL || !db->pkgcache_loaded) { + if(db == NULL || !(db->status & DB_STATUS_PKGCACHE)) { return; } - _alpm_log(db->handle, PM_LOG_DEBUG, "freeing package cache for repository '%s'\n", - db->treename); + _alpm_log(db->handle, PM_LOG_DEBUG, + "freeing package cache for repository '%s'\n", db->treename); alpm_list_free_inner(_alpm_db_get_pkgcache(db), (alpm_list_fn_free)_alpm_pkg_free); _alpm_pkghash_free(db->pkgcache); - db->pkgcache_loaded = 0; + db->status &= ~DB_STATUS_PKGCACHE; _alpm_db_free_grpcache(db); } @@ -510,8 +507,12 @@ pmpkghash_t *_alpm_db_get_pkgcache_hash(pmdb_t *db) return NULL; } - if(!db->pkgcache_loaded) { - _alpm_db_load_pkgcache(db); + if(!(db->status & DB_STATUS_VALID)) { + RET_ERR(db->handle, PM_ERR_DB_INVALID, NULL); + } + + if(!(db->status & DB_STATUS_PKGCACHE)) { + load_pkgcache(db); } return db->pkgcache; @@ -533,7 +534,7 @@ int _alpm_db_add_pkgincache(pmdb_t *db, pmpkg_t *pkg) { pmpkg_t *newpkg; - if(db == NULL || !db->pkgcache_loaded || pkg == NULL) { + if(db == NULL || pkg == NULL || !(db->status & DB_STATUS_PKGCACHE)) { return -1; } @@ -555,7 +556,7 @@ int _alpm_db_remove_pkgfromcache(pmdb_t *db, pmpkg_t *pkg) { pmpkg_t *data = NULL; - if(db == NULL || !db->pkgcache_loaded || pkg == NULL) { + if(db == NULL || pkg == NULL || !(db->status & DB_STATUS_PKGCACHE)) { return -1; } @@ -585,8 +586,6 @@ pmpkg_t *_alpm_db_get_pkgfromcache(pmdb_t *db, const char *target) pmpkghash_t *pkgcache = _alpm_db_get_pkgcache_hash(db); if(!pkgcache) { - _alpm_log(db->handle, PM_LOG_DEBUG, "warning: failed to get '%s' from NULL pkgcache\n", - target); return NULL; } @@ -595,7 +594,7 @@ pmpkg_t *_alpm_db_get_pkgfromcache(pmdb_t *db, const char *target) /* Returns a new group cache from db. */ -int _alpm_db_load_grpcache(pmdb_t *db) +static int load_grpcache(pmdb_t *db) { alpm_list_t *lp; @@ -641,7 +640,7 @@ int _alpm_db_load_grpcache(pmdb_t *db) } } - db->grpcache_loaded = 1; + db->status |= DB_STATUS_GRPCACHE; return 0; } @@ -649,19 +648,19 @@ void _alpm_db_free_grpcache(pmdb_t *db) { alpm_list_t *lg; - if(db == NULL || !db->grpcache_loaded) { + if(db == NULL || !(db->status & DB_STATUS_GRPCACHE)) { return; } - _alpm_log(db->handle, PM_LOG_DEBUG, "freeing group cache for repository '%s'\n", - db->treename); + _alpm_log(db->handle, PM_LOG_DEBUG, + "freeing group cache for repository '%s'\n", db->treename); for(lg = db->grpcache; lg; lg = lg->next) { _alpm_grp_free(lg->data); lg->data = NULL; } FREELIST(db->grpcache); - db->grpcache_loaded = 0; + db->status &= ~DB_STATUS_GRPCACHE; } alpm_list_t *_alpm_db_get_grpcache(pmdb_t *db) @@ -670,8 +669,12 @@ alpm_list_t *_alpm_db_get_grpcache(pmdb_t *db) return NULL; } - if(!db->grpcache_loaded) { - _alpm_db_load_grpcache(db); + if(!(db->status & DB_STATUS_VALID)) { + RET_ERR(db->handle, PM_ERR_DB_INVALID, NULL); + } + + if(!(db->status & DB_STATUS_GRPCACHE)) { + load_grpcache(db); } return db->grpcache; diff --git a/lib/libalpm/db.h b/lib/libalpm/db.h index 4541c258..03187342 100644 --- a/lib/libalpm/db.h +++ b/lib/libalpm/db.h @@ -43,6 +43,13 @@ typedef enum _pmdbinfrq_t { INFRQ_ALL = 0x1F } pmdbinfrq_t; +/** Database status. Bitflags. */ +enum _pmdbstatus_t { + DB_STATUS_VALID = (1 << 0), + DB_STATUS_PKGCACHE = (1 << 1), + DB_STATUS_GRPCACHE = (1 << 2) +}; + struct db_operations { int (*populate) (pmdb_t *); void (*unregister) (pmdb_t *); @@ -54,10 +61,10 @@ struct __pmdb_t { char *treename; /* do not access directly, use _alpm_db_path(db) for lazy access */ char *_path; - int pkgcache_loaded; - int grpcache_loaded; /* also indicates whether we are RO or RW */ int is_local; + /* flags determining validity, loaded caches, etc. */ + enum _pmdbstatus_t status; pmpkghash_t *pkgcache; alpm_list_t *grpcache; alpm_list_t *servers; @@ -72,7 +79,6 @@ pmdb_t *_alpm_db_new(const char *treename, int is_local); void _alpm_db_free(pmdb_t *db); const char *_alpm_db_path(pmdb_t *db); char *_alpm_db_sig_path(pmdb_t *db); -int _alpm_db_version(pmdb_t *db); int _alpm_db_cmp(const void *d1, const void *d2); alpm_list_t *_alpm_db_search(pmdb_t *db, const alpm_list_t *needles); pmdb_t *_alpm_db_register_local(pmhandle_t *handle); @@ -88,7 +94,6 @@ int _alpm_local_db_remove(pmdb_t *db, pmpkg_t *info); /* cache bullshit */ /* packages */ -int _alpm_db_load_pkgcache(pmdb_t *db); void _alpm_db_free_pkgcache(pmdb_t *db); int _alpm_db_add_pkgincache(pmdb_t *db, pmpkg_t *pkg); int _alpm_db_remove_pkgfromcache(pmdb_t *db, pmpkg_t *pkg); @@ -97,7 +102,6 @@ alpm_list_t *_alpm_db_get_pkgcache(pmdb_t *db); int _alpm_db_ensure_pkgcache(pmdb_t *db, pmdbinfrq_t infolevel); pmpkg_t *_alpm_db_get_pkgfromcache(pmdb_t *db, const char *target); /* groups */ -int _alpm_db_load_grpcache(pmdb_t *db); void _alpm_db_free_grpcache(pmdb_t *db); alpm_list_t *_alpm_db_get_grpcache(pmdb_t *db); pmgrp_t *_alpm_db_get_grpfromcache(pmdb_t *db, const char *target); diff --git a/lib/libalpm/error.c b/lib/libalpm/error.c index d893f866..1e4e705b 100644 --- a/lib/libalpm/error.c +++ b/lib/libalpm/error.c @@ -70,6 +70,8 @@ const char SYMEXPORT *alpm_strerror(enum _pmerrno_t err) return _("database already registered"); case PM_ERR_DB_NOT_FOUND: return _("could not find database"); + case PM_ERR_DB_INVALID: + return _("invalid or corrupted database"); case PM_ERR_DB_VERSION: return _("database is incorrect version"); case PM_ERR_DB_WRITE: diff --git a/lib/libalpm/trans.c b/lib/libalpm/trans.c index b4bdccfb..11a28e5c 100644 --- a/lib/libalpm/trans.c +++ b/lib/libalpm/trans.c @@ -101,11 +101,19 @@ int SYMEXPORT alpm_trans_init(pmhandle_t *handle, pmtransflag_t flags, alpm_trans_cb_progress progress) { pmtrans_t *trans; + alpm_list_t *i; /* Sanity checks */ CHECK_HANDLE(handle, return -1); ASSERT(handle->trans == NULL, RET_ERR(handle, PM_ERR_TRANS_NOT_NULL, -1)); + for(i = handle->dbs_sync; i; i = i->next) { + const pmdb_t *db = i->data; + if(!(db->status & DB_STATUS_VALID)) { + RET_ERR(handle, PM_ERR_DB_INVALID, -1); + } + } + /* lock db */ if(!(flags & PM_TRANS_FLAG_NOLOCK)) { if(make_lock(handle)) { diff --git a/src/pacman/conf.c b/src/pacman/conf.c index c5f78d40..076e854d 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -450,7 +450,7 @@ static int setup_libalpm(void) pm_printf(PM_LOG_ERROR, _("failed to initialize alpm library (%s)\n"), alpm_strerror(err)); if(err == PM_ERR_DB_VERSION) { - fprintf(stderr, _(" try running pacman-db-upgrade\n")); + pm_printf(PM_LOG_ERROR, _(" try running pacman-db-upgrade\n")); } return -1; } diff --git a/test/pacman/tests/ignore007.py b/test/pacman/tests/ignore007.py index 90ff4ef6..7670e770 100644 --- a/test/pacman/tests/ignore007.py +++ b/test/pacman/tests/ignore007.py @@ -18,4 +18,4 @@ self.args = "--ask=1 -S grp" self.addrule("PACMAN_RETCODE=0") self.addrule("!PKG_EXIST=%s" % pkg1.name) self.addrule("PKG_EXIST=%s" % pkg2.name) -self.addrule("PACMAN_OUTPUT=is in IgnorePkg") +self.addrule("PKG_EXIST=%s" % pkg3.name) -- cgit v1.2.3-70-g09d2