summaryrefslogtreecommitdiffstats
path: root/lib/libalpm
AgeCommit message (Collapse)AuthorFilesLines
2011-07-05lib/dload: prevent large file attacksDave Reisner4-40/+87
This means creating a new struct which can pass more descriptive data from the back end sync functions to the downloader. In particular, we're interested in the download size read from the sync DB. When the remote server reports a size larger than this (via a content-length header), abort the transfer. In cases where the size is unknown, we set a hard upper limit of: * 25MiB for a sync DB * 16KiB for a signature For reference, 25MiB is more than twice the size of all of the current binary repos (with files) combined, and 16KiB is a truly gargantuan signature. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05dload: handle irregular URLsDave Reisner4-24/+116
URLs might end with a slash and follow redirects, or could be a generated by a script such as /getpkg.php?id=12345. In both cases, we may have a better filename that we can write to, taken from either content-disposition header, or the effective URL. Specific to the first case, we write to a temporary file of the format 'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this is a randomly generated file, we cannot support resuming and the file is unlinked in the event of an interrupt. We also run into the possibility of changing out the filename from under alpm on a -U operation, so callers of _alpm_download can optionally pass a pointer to a *char to be filled in by curl_download_internal with the actual filename we wrote to. Any sync operation will pass a NULL pointer here, as we rely on specific names for packages from a mirror. Fixes FS#22645. Signed-off-by: Dave Reisner <d@falconindy.com>
2011-07-05dload: rearrange code to avoid extra cpp blockDave Reisner1-4/+2
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05lib/rawstr: borrow raw string functions from curlDave Reisner3-0/+138
We'll need these functions to do locale agnostic and case insensitive string comparisons. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05Simplify alpm_list_previousAllan McRae3-7/+6
We can readily detect the first node in a list by checking if node->prev->next is NULL. So there is no need to pass the head of the list to this function and its prototype now looks like all the other item accessors. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Remove alpm_list_firstAllan McRae2-17/+0
The only thing this accessor did was remove the const qualifier given our entire list implementation requires passing around the head anyway. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Allow invalid sync DBs to be returned by the libraryDan McGee3-13/+9
They are placeholders, but important for things like trying to re-sync a database missing a signature. By using the alpm_db_validity() method at the right time, a client can take the appropriate action with these invalid databases as necessary. In pacman's case, we disallow just about anything that involves looking at a sync database outside of an '-Sy' operation (although we do check the validity immediately after). A few operations are still permitted- '-Q' ops that don't touch sync databases as well as '-R'. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Allow frontend access to signature verification informationDan McGee2-2/+22
Show output in -Qip for each package signature, which includes the UID string from the key ("Joe User <joe@example.com>") and the validity of said key. Example output: Signatures : Valid signature from "Dan McGee <dpmcgee@gmail.com>" Unknown signature from "<Key Unknown>" Invalid signature from "Dan McGee <dpmcgee@gmail.com>" Also add a backend alpm_sigresult_cleanup() function since memory allocation took place on this object, and we need some way of freeing it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Correctly check the GPG error codesDan McGee1-2/+2
The error code is in fact a bitmask value of an error code and an error source, so use the proper function to get only the relevant bits. For the no error case, this shouldn't ever matter, but it bit me when I was trying to compare the error code to other values and wondered why it wasn't working, so set a good example. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05signing: move to new signing verification and return schemeDan McGee13-115/+237
This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Merge remote-tracking branch 'allan/ALPM'Dan McGee22-739/+739
Conflicts: lib/libalpm/be_local.c lib/libalpm/be_package.c lib/libalpm/conflict.c lib/libalpm/diskspace.c lib/libalpm/dload.c lib/libalpm/remove.c
2011-07-03conflict code tweaks and cleanupsDan McGee1-20/+14
We can take advantage of a few things on our new and improved filelist in this code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03diskspace: remove all libarchive usageDan McGee1-41/+7
Now that the filelists capture mode and size information, we can read the data from there and prevent having to loop through and uncompress every archive to check required diskspace usage. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Move alpm filelists to a struct objectDan McGee9-45/+125
This allows us to capture size and mode data when building filelists from package files. Future patches will take advantage of this newly available information, and frontends can use it as well. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Fix debug logger without a newlineDan McGee1-1/+1
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Do not replicate files list when removing packagesAllan McRae1-9/+3
This saves replicating the potentially large list of files in a package that is being removed. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03Add alpm_list_previous methodAllan McRae2-0/+19
Helper function to get the previous item in a list Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03checkdeps: remove unnecessary list join and copyDan McGee1-4/+2
We can just perform the same search operation on both lists. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03be_local: use macros in database loading similar to be_syncDan McGee1-77/+43
This removes some of the repetition in the code for reading and parsing database file lines. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-03be_sync: make READ_NEXT() a no-arg macroDan McGee1-12/+12
We passed in 'line', but not 'buf.line'. In addition, the macros building off of READ_NEXT() assume variable names anyway. Since we only use these macros in one function, might as well simplify them. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-02Prefix _alpm_errno_t members with ALPMAllan McRae20-265/+265
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_transprog_t members with ALPMAllan McRae6-22/+22
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_transconv_t members with ALPMAllan McRae3-15/+15
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_transevt_t members with ALPMAllan McRae5-54/+54
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_transflag_t members with ALPMAllan McRae6-48/+48
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_loglevel_t members with ALPMAllan McRae18-296/+296
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_fileconflicttype_t members with ALPMAllan McRae2-5/+5
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_depmod_t members with ALPMAllan McRae2-28/+28
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-07-02Prefix alpm_pkgreason_t members with ALPMAllan McRae4-11/+11
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-30signing: check validity of all available signaturesDan McGee1-28/+29
Change the check into a loop over all signatures present and returned by GPGME. Also modify the return values and checks slightly now that I know a little bit more about what type of values are returned. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30Make alpm_db_get_sigverify_level() publicDan McGee6-19/+22
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30Add an alpm_db_get_valid() public functionDan McGee5-0/+19
This allows one to check if a database is valid or invalid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30Make local_db_read() private to the local backendDan McGee5-32/+27
There is little need to expose the guts of this function even within the library. Make it static in be_local.c, and clean up a few other things since we know exactly where it is being called from: * Remove unnecessary origin checks in _cache_get_*() methods- if you are calling a cache method your package type will be correct. * Remove sanity checks within local_db_read() itself- packages will always have a name and version if they get this far, and the package object will never be NULL either. The one case calling this from outside the backend was in add.c, where we forced a full load of a package before we duplicated it. Move this concern elsewhere and have pkg_dup() always force a full package load via a new force_load() function on the operations callback struct. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30Fix a few warnings pointed out via clang scan-buildDan McGee4-15/+14
Some of these are legit (the backup hash NULL checks), while others are either extemely unlikely or just impossible for the static code analysis to prove, but are worth adding anyway because they have little overhead. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30Merge remote-tracking branch 'allan/breakshit'Dan McGee44-916/+916
2011-06-30lib/util: modify entry_prefix, not prefixDave Reisner1-1/+1
Modifying prefix caused tmp directories to be left behind after running scriptlets, and the path '/' to be passed to _alpm_rmrf. Broken in f01c6f. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-30lib/alpm: unlock the handle before freeing itDave Reisner1-0/+1
This avoids, probably among other things, leaving the lock file in place after a SIGINT'd sync DB update. Fixes regression introduced in 4f8ae2b. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-29Use ignoregroup rather than ignoregrp in the handleAllan McRae3-9/+9
This matches the naming in pacman.conf. Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29Rename internal functions with grp in their nameAllan McRae4-15/+15
The following function renames take place for the same reasoning as the previous commit: _alpm_grp_new -> _alpm_group_new _alpm_grp_free -> _alpm_group_free _alpm_db_free_grpcache -> _alpm_db_free_groupcache _alpm_db_get_grpfromcache -> _alpm_db_get_groupfromcache Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-29Rename public functions with grp in their nameAllan McRae5-19/+19
Using grp instead of group is a small saving at the cost of clarity. Rename the following functions: alpm_option_get_ignoregrps -> alpm_option_get_ignoregroups alpm_option_add_ignoregrp -> alpm_option_add_ignoregroup alpm_option_set_ignoregrps -> alpm_option_set_ignoregroups alpm_option_remove_ignoregrp -> alpm_option_remove_ignoregroup alpm_db_readgrp -> alpm_db_readgroup alpm_db_get_grpcache -> alpm_db_get_groupcache alpm_find_grp_pkgs -> alpm_find_group_pkgs Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename _pmdbstatus_t to _alpm_dbstatus_tAllan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmdbinfrq_t to alpm_dbinfrq_tAllan McRae3-8/+8
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmtransstate_t to alpm_transstate_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmpkghash_t to alpm_pkghash_tAllan McRae4-26/+26
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmgraph_t to alpm_graph_tAllan McRae4-24/+24
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmpkgfrom_t to alpm_pkgfrom_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmerrno_t to alpm_errno_tAllan McRae5-11/+11
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmtransprog_t to alpm_transprog_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmtransconv_t to alpm_transconv_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>
2011-06-28Rename pmtransevt_t to alpm_transevt_tAllan McRae1-3/+3
Signed-off-by: Allan McRae <allan@archlinux.org>