Age | Commit message (Collapse) | Author | Files | Lines |
|
The precedence goes as follows: signature > sha256sum > md5sum
Add some logic and helper methods to check what we have available when
loading a package, and then only check what is necessary to verify the
package. This should speed up sync database verifies as we no longer
will be doing both a checksum and a signature validation.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
If we are missing a local database file, we get repeated messages over
and over telling us the same thing, rather than being sane and erroring
only once. This package adds an INFRQ_ERROR level that is added to the
mask if we encounter any errors on a local_db_read() operation, and
short circuits future calls if found in the value. This fixes FS#25313.
Note that this does not make any behavior changes other than suppressing
error messages and repeated code calls to failure cases; we still have
more to do in the "local database is hosed" department.
Also make a small update to the wrong but unused flags set in
be_package; using INFRQ_ALL there was not totally correct.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This gives us more granularity than the former Never/Optional/Always
trifecta. The frontend still uses these values temporarily but that will
be changed in a future patch.
* Use 'siglevel' consistenly in method names, 'level' as variable name
* The level becomes an enum bitmask value for flexibility
* Signature check methods now return a array of status codes rather than
a simple integer success/failure value. This allows callers to
determine whether things such as an unknown signature are valid.
* Specific signature error codes mostly disappear in favor of the above
returned status code; pm_errno is now set only to PKG_INVALID_SIG or
DB_INVALID_SIG as appropriate.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This allows one to check if a database is valid or invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
There is little need to expose the guts of this function even within the
library. Make it static in be_local.c, and clean up a few other things
since we know exactly where it is being called from:
* Remove unnecessary origin checks in _cache_get_*() methods- if you are
calling a cache method your package type will be correct.
* Remove sanity checks within local_db_read() itself- packages will
always have a name and version if they get this far, and the package
object will never be NULL either.
The one case calling this from outside the backend was in add.c, where
we forced a full load of a package before we duplicated it. Move this
concern elsewhere and have pkg_dup() always force a full package load
via a new force_load() function on the operations callback struct.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
The following function renames take place for the same reasoning as
the previous commit:
_alpm_grp_new -> _alpm_group_new
_alpm_grp_free -> _alpm_group_free
_alpm_db_free_grpcache -> _alpm_db_free_groupcache
_alpm_db_get_grpfromcache -> _alpm_db_get_groupfromcache
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Using grp instead of group is a small saving at the cost of clarity.
Rename the following functions:
alpm_option_get_ignoregrps -> alpm_option_get_ignoregroups
alpm_option_add_ignoregrp -> alpm_option_add_ignoregroup
alpm_option_set_ignoregrps -> alpm_option_set_ignoregroups
alpm_option_remove_ignoregrp -> alpm_option_remove_ignoregroup
alpm_db_readgrp -> alpm_db_readgroup
alpm_db_get_grpcache -> alpm_db_get_groupcache
alpm_find_grp_pkgs -> alpm_find_group_pkgs
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Start by converting all of our flags to a 'status' bitmask (pkgcache
status, grpcache status). Add a new 'valid' flag as well. This will let
us keep track if the database itself has been marked valid in whatever
fashion.
For local databases at the moment we ensure there are no depends files;
for sync databases we ensure the PGP signature is valid if
required/requested. The loading of the pkgcache is prohibited if the
database is invalid.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is another step toward doing both local database validation
(ensuring we don't have depends files) and sync database validation (via
signatures if present) when the database is registered.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is the ideal place to do it as all clients should be checking the
return value and ensuring there are no errors. This is similar to
pkg_load().
We also add an additional step of validation after we download a new
database; a subsequent '-y' operation can potentially invalidate the
original check at registration time.
Note that this implementation is still a bit naive; if a signature is
invalid it is currently impossible to refresh and re-download the file
without manually deleting it first. Similarly, if one downloads a
database and the check fails, the database object is still there and can
be used. These shortcomings will be addressed in a future commit.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Note that is a bit different than the normal _alpm_db_path() method; the
caller is expected to free the result.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
These new method signatures return and take handle objects to operate on
so we can move away from the idea of one global handle in the API. There
is also another important change and that deals with the setting of root
and dbpaths. These are now done at initialization time instead of using
setter methods. This allows the library to operate more safely knowing
that paths won't change underneath it.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This is the first step in a long process to remove our dependence on the
global handle variable we currently share in libalpm, with the goal to
make things a bit more thread-safe and re-entrant.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Rather than go through all the hassle of doing this ourselves, just let
GPGME handle the work by passing it a file handle.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Add a pmpgpsig_t struct to the database entry struct and functions for
the lazy loading of database signatures. Add a function for checking
database signatures, reusing (and generalizing) the code currently used
for checking package signatures.
TODO: The code for reading in signature files from the filesystem is
duplicated for local packages and database and needs refactoring.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Once we do this, add support for VerifySig to pactest. We just check if
the repo name contains Always, Never or Optional to determine the value
of VerifySig. The default is Never. pacman uses Always by default but
this is not suitable for pactest.
Original-work-by: shankar <jatheendra@gmail.com>
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Ensure we have a local DB version that is up to par with what we expect
before we go down any road that might modify it. This should prevent
stupid mistakes with the 3.5.X upgrade and people not running
pacman-db-upgrade after the transaction as they will need to.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This avoids needless breakage of the public API.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
There's no API functions exposed which allow manipulation of this type,
so remove it from public view. Also, rename the public and private
alpm_db_get_pkgcache symbol to alpm_db_get_pkgcache_has.
Signed-off-by: Dave Reisner <d@falconindy.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Read the package information for sync/local databases into a pmpkghash_t
structure.
Provide a alpm_db_get_pkgcache_list() method that returns the list from
the hash object. Most usages of alpm_db_get_pkgcache are converted to
this at this stage for ease of implementation. Review whether these are
better accessing the hash table directly at a later stage.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
POSIX does not require PATH_MAX be defined when there is not actual
limit to its value. This affects HURD based systems. Work around
this by defining PATH_MAX to 4096 (as on Linux) when this is not
defined.
Also, clean up inclusions of limits.h and remove autoconf check for
this header as we do not use macro shields for its inclusion anyway.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
And rename accordingly.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Whenever depends is needed from the local db, so is desc. The only
disadvantage to merging them is the additional time taken to read the
depends entries when they are not needed. As depends is in general
relatively small, the additional time taken to read it in will be
negligable. Also, merging these files will speed up local database
access due to less file seeks.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Local packages do not have deltas so remove lazy loading of delta
information.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The splitname function is a general utility function and so is better
suited to util.h. Rename it to _alpm_splitname to indicate it is an
internal libalpm function as was the case prior to splitting local and
sync db handling.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
These functions are only needed by be_local and were only promoted
to db.{h,c} as part of the splitting of handling the local and sync
dbs. Move them into be_local.c and make them static again.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Read in package information for a tar based sync database. Do not
use lazy loading for sync db.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Put the db_operations struct to use and completely split the handling
of the sync and local databases.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The file be_files.c is "split" to be_local.c and be_sync.c in order
to achieve separate handling of sync and local databases.
Some basic clean-up of functions that are only of use for local or
sync databases has been performed and some rough function renaming
in duplicated code has been performed to prevent compilation errors.
However, most of the clean-up and final separation of sync and local
db handling occurs in following patches.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Move splitname, checkdbdir, get_pkgpath into db.{h,c} as these will be
needed to parse both the local and sync databases during the initial
splitting. They will be moved out of db.{h,c} at to more appropriate
locations at a later stage.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It doesn't do a whole lot yet, but these type of operations will
potentially be different for the DBs we load.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Cache bullshit only has relevance to be_files, so move it there.
Signed-off-by: Dan McGee <dan@archlinux.org>
[Allan: BIG rebase]
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
And add a new info level for this piece of data.
Signed-off-by: Jonathan Conder <j@skurvy.no-ip.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This offers a cleaner way to deal with constant in enum and allow easy
maintainance
Signed-off-by: solsTiCe d'Hiver <solstice.dhiver@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
After our recent screwup with size_t and ssize_t in the download code, I
found the `-Wsign-conversion` flag to GCC to see if we were doing anything
else boneheaded. I didn't find anything quite as bad, but we did have some
goofups- most of our public unsigned methods would return -1 on error, which
is a bit odd in an unsigned context.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Commit 34e1413d75 attempted to implement lazy loading of package databases.
Although it took care of my main complaint (creating the database directory
if it didn't exist), it didn't allow sync repos to be registered before
alpm_option_set_dbpath() had been called.
With this patch, we no longer compute the individual repository DB paths
until necessary, allowing full lazy loading to work as intended, and
allowing us to drop the extra setlibpath() calls from the frontend. This
allows the changes introduced in a2cd48960 (but later reverted) to be added
back in again.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
These db_open and db_close looked quite useless. And they caused the db
directory to be opened on a simple registering of a database. This is
totally unneeded, this opening can be delayed to when we actually need it.
Signed-off-by: Xavier Chantry <shiningxc@gmail.com>
|