Age | Commit message (Collapse) | Author | Files | Lines |
|
We cannot rely on gpg's exit code. Instead we have to check the status-fd to
figure out whether a signature is valid or not.
In addition to this pacman-key --verify can now be used in scripts as it will
return an exit code of 1 if the signature is invalid.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This matches the optimization made to repo-add in commit 8bbaf045b9ce
way back in 2009. We don't need to read the whole package file to ensure
multiple .PKGINFO entries don't exist, as well-formed packages should
have this file first in the archive.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Dan was right. This should have been FREE(), not free().
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Since we treat this as an array, we need to initialize it as one. This
avoids addition of an empty element to the option string when we set the
option array from the calling program, e.g.
+/usr/bin/makepkg[2033]: set -- -i --pkg vim -- ''
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This encompasses a few languages that have had changes since 4.0.2
available on Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
User reports indicate that the SKS keyservers are more reliable
than both the gnupg.net and mit.edu ones.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Using -e without arguments failed to export all keys. Using --export
worked as expected.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Pull updates from transifex, run update-po on all files, fix a few
errors, and push them back to Transifex.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
delayed allocation hoses us here and causes erroenous install sizes to
be reported. Add a short sleep to allow the transaction to be committed
to the filesystem and the stat buffers to be updated.
This is apparently a "feature", as per to some of the denizens of #btrfs
on freenode.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
For key searches only, gpg2 will fail to lookup any and all keys that
are not prefixed with 0x.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
pacman-key requires at least one dashed option, so complete them right
away, rather than falling back to default completion.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is pretty old at this point, and upstream bash completions project
uses compopt heavily. Completions are by no means a make-or-break
feature anyway, so this is not critical. This basically reverts commit
6f4f9c1b66ed85 made in 2010.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
It is only used inside util.c.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This dramatically improves upon a much older attempt in 2008 in commit
ce3d70aa99ab86. We don't need to call it once per line we print unless
there is a reasonable expectation of being able to resize the terminal
mid-operation; this is really only the case during our callback progress
bars.
Some before and after numbers of ioctl() calls, gleaned from strace of
the following operations (no targets to any of them to maximize the
amount of output):
pacman -Qii : 37768 -> 2616 (93.1% decrease)
pacman -Qs : 2616 -> 4 (99.8%)
pacman -Sii : 133036 -> 10926 (91.8%)
pacman -Ss : 10926 -> 14 (99.9%)
Obviously the search results are astounding; we only call getcols()
once in the case of -Qs, and once per repo in the case of -Ss. For
-Qii and -Sii we are still calling it once per package, but this is
much better than once per line of info output.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This makes these methods a bit more flexible.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Conflicts:
lib/libalpm/sync.c
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Most places in makepkg deal with full file paths, but a few use the
file name only. Protect from potential issues when a file name
starts with a hyphen.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This means multiple packages can be build using the same BUILDDIR
without their source files all ending up extracted in the same
directory. Fixes FS#28417.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Currently, we try to do a bunch of funkyness constraining download size
to print only when doing a -S/--sync operation. However, it is possible
we try to download packages on a -U/--upgrade operation, and we
currently won't show any itemized download sizes.
Fix this ommission by always including the download size stuff in the
built table rows; this column will be completely omitted anyway if there
are no values due to prior work in commit 33bb7dbd35.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Treat this value as the empty string.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Using fputs should be faster as no format string parsing is required. It
also prevents silly errors related to unescaped '%' signs, and removes
the need to double them up in a lot of places.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This reduces a lot of code duplication in the write function, which
cleans it up a bit.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This removes a call to _alpm_local_db_pkgpath() as well as an access()
call when reading the local database. This appears to be code from 2006
that has stuck around. We don't need it because:
1) We never use this path except to check it via access(); however, we
are already in a readdir() loop so it exists, or at least did at the
time of the call.
2) The fopen() and other calls will fail on accessing the database files
anyway, and we need to check those for errors.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
In case we have a mirror failure, unlink_on_fail would remain set,
causing an interrupt in a successive download attempt to be wrongly
unlinked.
This also fixes a memory leak in the url member, as we would allocate
over the previous, unfreed URL.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
To avoid conflicts on reusing a payload after a failed download, ensure
that we reset the filename hints in the payload struct prior to the
download operation.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Ignore *.sig, *.db*, and *.src.tar* when cleaning the package cache.
Fixes FS#25166.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We had one stubbed out so we didn't require a translation update, and
the other is more a code style issue.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
These got lost when I switched to the new Asciidoc tables syntax in
commit 1ebe5dc1979e.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Conflicts:
lib/libalpm/be_package.c
|
|
Similar to how we manage receipt of SIGINT in pacman's internal
downloader, catch the signal and invoke our own trap handler before
unsetting it and calling the default. This requires a slight
modification to the arguments passed to trap_exit so we can pass the
raised signal to trap_exit (note that we substitue USR1 for ERR since
the latter is unique to bash).
Fixes FS#28491.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Unify the output for local and sync packages by only printing a
list of possible validation types for sync packages. This also
has the advantage of not printing the very long sha256 checksum
which line wrapped on a standard width terminal.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The enum alpm_pkgvalidation_t is essentially a more generic version
of _alpm_csum, so use it instead.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.
e.g.
Validated By : SHA256 Sum
Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.
Dan: just a few very minor tweaks.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
|
|
Python PEP-394 states that all python code should point at the
python2 or python3 symlinks at maintain cross-distro compatibility.
Note that this does not matter when calling these scripts using
"make check" as they are explictly called using the detected python
version. As this only affects manually calling these scripts, I
have not had configure/make replace the shebangs.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Adds the ability to override the commands used to compressing
compiled and source packages. This is useful for those wanting
to use alternative implementations of the compression tools or
non-default compression options.
Allan: documented options in man page
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
No new behaviour introduced, everything should work exactly as before.
Dan: refactored to use the single alpm_depend_t structure.
Signed-off-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is the first step in parsing and handling optdepends. There is no
behavior change introduced in this commit; however, depends that contain
a ": " string will now be parsed as having a description and it will be
stored in the depend structure. Later patches will utilize this new
field as appropriate.
This is heavily based on the work of Benedikt, who did something similar
but introduced a new type for this rather than only a new field to the
existing type.
Heavily-influenced-by: Benedikt Morbach <benedikt.morbach@googlemail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
The rest of our scripts have been using `openssl dgst` rather than tools
like `md5sum` for some time, so convert this one too. We also make the
following other adjustments:
* Use a `find -print0 | xargs -0` pipeline so paths with spaces and or
newlines don't totally kill us.
* Ensure the files we write out contain only paths relative to the
database root, where we know the filenames should all be sane.
* Remove use of `diff`, this was the only time we used it in scripts and
we can get a cheap substitute by comparing file checksums instead.
* Only touch the local/ part of the database. It makes little sense to
do anything to the sync/ directory anymore as they are compressed
single files that should be regularly written out in full and won't be
fragmented on any sane filesystem.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Verifing the keyring at this point is useless as a malicious package is already
installed and as such has several options to bypass this check anyway.
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
* it updates to all translations
* minor fr, pt_BR, de, lt, sk and uk updates
* add new strings in pacman translation catalog
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Passing the "-L" flag to stat means we get the size of the file
being pointed to for symlinks instead of the size of the symlink.
Keep "-L" usage in repo-add as we want the actual size of the
package/delta/signature there.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
With multiple items in $libdepends this check only worked for the first
one, everything after this returned an error. This was probably an issue
with \s being treated wrong.
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
libperl.so results in soname="libperl.so.so" which is wrong.
This returns the correct string: "libperl.so"
Fix-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If we begin to create a file list when loading a package, but abort
because of an error to one of our goto labels, the memory used to create
the file list will leak. This is because we use a set of local variables
to hold the data, and thus _alpm_pkg_free() cannot clean up for us.
Use the file list struct on the package object as much as possible to
keep state when building the file list, thus allowing _alpm_pkg_free()
to clean up any partially built data.
Signed-off-by: Dan McGee <dan@archlinux.org>
|