summaryrefslogtreecommitdiffstats
path: root/lib/libalpm
AgeCommit message (Collapse)AuthorFilesLines
2011-08-15Update base64 PolarSSL codeDan McGee3-17/+20
Also adjust our code using it for the size_t adjustments made by upstream. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Update MD5 routines with changes from PolarSSLDan McGee2-39/+34
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Add -S --recursive operationDan McGee1-0/+29
This closely matches what we had before for -R --recursive. Basically, when specifying a target (e.g., pacman), we can now recursively pull all dependencies, regardless of version specifiers and whether they are already satisfied in the local database. This could be used to update pacman on a system with an old glibc, for example, as both pacman and glibc would get pulled into the transaction. This is most useful with --needed to prevent needless reinstalls as described in the man page changes. The end goal of this change is to wire it into SyncFirst and have it be the default mode of operation there, but that belongs in a separate changeset. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Dependency code style cleanupsDan McGee2-21/+25
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11stop progress callbacks after curl_easy_perform returnsDave Reisner1-0/+3
This prevents possible null dereferences in FTP transfers when the progress callback is touched during connection teardown. http://curl.haxx.se/mail/lib-2011-08/0128.html Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11dload: remove unnecessary cast in alpm_load_payload_freeDave Reisner1-6/+4
Dan: make it compile, s/load/payload/. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Parse replaces strings as dep strings with version specsDan McGee1-10/+17
This is done extremely crudely and is not very efficient, but it does push us down the path of being closer to right, as one additional test now passes. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Conflict comparison performance enhancementsDan McGee2-17/+19
* Add *_hash fields to conflict struct and populate them * Remove unnecessary backwards string comparisons Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Update string catalogs after string tweaksDan McGee26-872/+587
This also pulls in some early translations we had entered in Transifex in the last day so those would not be lost. The diffstat is huge and not very telling as usual, as all sorts of fuzzyness switches happened this time around for some reason. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Don't walk off front of string when stripping newlineDan McGee1-1/+1
If the string was zero-length to begin with, or consists of only newline characters, nothing stopped us from incrementing right off the front of the string. Ensure len stays above zero the whole time. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Fix compile error when curl is not usedDan McGee1-3/+3
Noticed in my PowerPC Linux VM: cc1: warnings being treated as errors dload.c:45: error: 'get_filename' defined but not used make[3]: *** [dload.lo] Error 1 Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Depend on name_hash being setDan McGee2-4/+2
This is a fairly valid assumption at this point, or at least as good of one as assuming packages all have names. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Add reason to corrupted package callbackDan McGee1-4/+6
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Attempt to fix up some of the brokenness around failed package loadsDan McGee4-17/+20
This is a bit of a mess, due to the fact that we have a progress meter running. It is also ironic that we are in the midst of a method named "commit" when we haven't done a damn thing yet, and can still fail hard if either a checksum or signature is invalid or unrecognized. Adapt the former test_md5sum method to be invoked for any of the various failure types, which at least gives the user some indication of what packages are failing. A second patch will be needed to actually show worthwhile error codes, but this is going to involve modifying the actual data passed with the callback. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Update all translation filesDan McGee26-441/+819
This moves us toward staring translations for the 4.0.0 release, although this should not be interpreted as a string freeze by any means. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08_alpm_access(): don't call gettext() in debug level loggersDan McGee1-4/+8
This is standard procedure elsewhere and cuts down on translations that won't be seen (and we don't want if we need English debug output anyway). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Merge branch 'maint'Dan McGee2-7/+12
Conflicts: lib/libalpm/dload.c lib/libalpm/po/fi.po lib/libalpm/po/libalpm.pot po/de.po po/fi.po src/pacman/po/pacman.pot src/pacman/util.c
2011-08-08Store a package info level flag if we fail to load dataDan McGee3-6/+15
If we are missing a local database file, we get repeated messages over and over telling us the same thing, rather than being sane and erroring only once. This package adds an INFRQ_ERROR level that is added to the mask if we encounter any errors on a local_db_read() operation, and short circuits future calls if found in the value. This fixes FS#25313. Note that this does not make any behavior changes other than suppressing error messages and repeated code calls to failure cases; we still have more to do in the "local database is hosed" department. Also make a small update to the wrong but unused flags set in be_package; using INFRQ_ALL there was not totally correct. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Update translations from transifexDan McGee2-8/+13
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Check return value of rename() callsDan McGee2-8/+23
We did a good job checking this in add.c, but not necessarily anywhere else. Fix this up by adding checks into dload.c, remove.c, and conf.c in the frontend. Also add loggers where appropriate and make the message syntax more consistent. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-02Don't trim whitespace when reading database entriesDan McGee5-15/+37
We don't write with extra or unknown whitespace, so there is little reason for us to trim it when reading either. This also fixes the hopefully never encountered "paths that start or end with spaces" issue, for which two pactests have been added. The tests also contain other evil characters that we have encountered before and handle just fine, but it doesn't hurt to ensure we don't break such support in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28Revamp signing checksDan McGee2-48/+96
This ensures we are actually making correct use of the information gpgme is returning to us. Marginal being allowed was obvious before, but Unknown should deal with trust level, and not the presence or lack thereof of a public key to validate the signature with. Return status and validity information in two separate values so check methods and the frontend can use them independently. For now, we treat expired keys as valid, while expired signatures are invalid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-28Make free_groupcache() privateDan McGee2-25/+23
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-25libalpm: Set ret correctly in download_internal()Lukas Fleischer1-0/+1
Immediately jump to the cleanup code after setting the return code to -1 in case rename() fails. Otherwise, it will be reset to 0 right after we leave the if branch. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-21Convert package filelists to an array instead of linked listDan McGee11-97/+246
This accomplishes quite a few things with one rather invasive change. 1. Iteration is much more performant, due to a reduction in pointer chasing and linear item access. 2. Data structures are smaller- we no longer have the overhead of the linked list as the file struts are now laid out consecutively in memory. 3. Memory allocation has been massively reworked. Before, we would allocate three different pieces of memory per file item- the list struct, the file struct, and the copied filename. What this resulted in was massive fragmentation of memory when loading filelists since the memory allocator had to leave holes all over the place. The new situation here now removes the need for any list item allocation; allocates the file structs in contiguous memory (and reallocs as necessary), leaving only the strings as individually allocated. Tests using valgrind (massif) show some pretty significant memory reductions on the worst case `pacman -Ql > /dev/null` (366387 files on my machine): Before: Peak heap: 54,416,024 B Useful heap: 36,840,692 B Extra heap: 17,575,332 B After: Peak heap: 38,004,352 B Useful heap: 28,101,347 B Extra heap: 9,903,005 B Several small helper methods have been introduced, including a list to array conversion helper as well as a filelist merge sort that works directly on arrays. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-19Clean up my debug logger messDan McGee1-2/+0
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18Fix test suite when GPGME is disabledDan McGee3-1/+16
As noted by Allan, we failed pretty hard if gpgme was compiled out. With these changes, only sign001.py fails. This can/will be fixed later once we beef up the test suite with more signing tests anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18replace access() calls for debug info where applicableFlorian Pritz3-5/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18signing.c: check if needed files are readableFlorian Pritz1-0/+6
If we can't read the keyring, gpgme will output confusing debug information and fail to verify the signature, so we should log some debug information. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18add _alpm_access() wrapperFlorian Pritz2-0/+48
This is a wrapper function for access() which logs some debug information and eases handling in case of split directory and filename. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18Fix compilation without gpgmeAllan McRae1-2/+2
Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-18Handle removal of empty directories properlyDan McGee3-6/+82
This addresses FS#25141. We shouldn't remove every empty directory we come across during the removal process unless it is truly not known to any other package. This will prevent removal of essential directories such as '/var/lock/'. This is accomplished by first checking the empty/non-empty status of a directory, which was previously done implicitly by calling rmdir() and ignoring errors. We do this to avoid the next (new) check in most cases, which is to look at all local packages to see if the to-be-removed directory is present in another packages' filelist. If we do not find it anywhere, then we remove it, else we keep the file around. The pactest has been updated to test more cases, as well as finding a flaw in the original expected to fail case- we need separate DIR and FILE based EXIST rules. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14Make alpm_db_set_pkgreason() arguments more saneDan McGee2-18/+23
This can only ever operate on the local database, and a local package at that. Change the function signature to take a handle and package object, add the relevant asserts, and ensure the frontend can detect the package not found condition when finding packages to pass to this method. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-14Allow fileconflict if unowned file moving into backup arrayDan McGee5-8/+23
The bulk of this commit is adding new tests to ensure the new behavior works without disrupting old behavior. This is a relatively sane maneuver when a package adds a conf file (e.g. '/etc/mercurial/hgrc') that was not previously in the package, but it is placed in the backup array. In essence, we can treat the existing file as having always been a part of the package and do our normal compare/install as pacnew logic checks. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-06Unify package removal codeDan McGee3-109/+100
This code duplication has always been a rather clumsy casuality of fixing some past upgrade issues. Unify the removal code across upgrade and remove operations into a new _alpm_remove_single_package() method wihch makes it very clear how we handle upgrade and remove differently, via several conditionals on newpkg. This commit highlights interesting behavior such as the fact that the implicit removal in every package upgrade never gets transaction events or progress callbacks. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05include util.h in rawstr.cDan McGee1-0/+2
Fixes "error: no previous prototype for '_alpm_raw_cmp' [-Werror=missing-prototypes]" warnings, and also prevents someone from getting the prototypes and functions out of sync. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Merge remote-tracking branch 'dave/download'Dan McGee7-89/+365
2011-07-05absorb fileinfo struct into dload_payloadDave Reisner2-36/+28
This transitional struct becomes delicious noms for dload_payload. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05absorb some _alpm_download params into payload structDave Reisner4-31/+40
Restore some sanity to the number of arguments passed to _alpm_download and curl_download_internal. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05lib/dload: prevent large file attacksDave Reisner4-40/+87
This means creating a new struct which can pass more descriptive data from the back end sync functions to the downloader. In particular, we're interested in the download size read from the sync DB. When the remote server reports a size larger than this (via a content-length header), abort the transfer. In cases where the size is unknown, we set a hard upper limit of: * 25MiB for a sync DB * 16KiB for a signature For reference, 25MiB is more than twice the size of all of the current binary repos (with files) combined, and 16KiB is a truly gargantuan signature. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05dload: handle irregular URLsDave Reisner4-24/+116
URLs might end with a slash and follow redirects, or could be a generated by a script such as /getpkg.php?id=12345. In both cases, we may have a better filename that we can write to, taken from either content-disposition header, or the effective URL. Specific to the first case, we write to a temporary file of the format 'alpmtmp.XXXXXX', where XXXXXX is randomized by mkstemp(3). Since this is a randomly generated file, we cannot support resuming and the file is unlinked in the event of an interrupt. We also run into the possibility of changing out the filename from under alpm on a -U operation, so callers of _alpm_download can optionally pass a pointer to a *char to be filled in by curl_download_internal with the actual filename we wrote to. Any sync operation will pass a NULL pointer here, as we rely on specific names for packages from a mirror. Fixes FS#22645. Signed-off-by: Dave Reisner <d@falconindy.com>
2011-07-05Remove most usages of strncmp()Dan McGee1-1/+1
The supposed safety blanket of this function is better handled by explicit length checking and usages of strlen() on known NULL-terminated strings rather than hoping things fit in a buffer. We also have no need to fully fill a PATH_MAX length variable with NULLs every time as long as a single terminating byte is there. Remove usages of it by using strcpy() or memcpy() as appropriate, after doing length checks via strlen(). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05dload: rearrange code to avoid extra cpp blockDave Reisner1-4/+2
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05lib/rawstr: borrow raw string functions from curlDave Reisner3-0/+138
We'll need these functions to do locale agnostic and case insensitive string comparisons. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-07-05Simplify alpm_list_previousAllan McRae3-7/+6
We can readily detect the first node in a list by checking if node->prev->next is NULL. So there is no need to pass the head of the list to this function and its prototype now looks like all the other item accessors. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Remove alpm_list_firstAllan McRae2-17/+0
The only thing this accessor did was remove the const qualifier given our entire list implementation requires passing around the head anyway. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Allow invalid sync DBs to be returned by the libraryDan McGee3-13/+9
They are placeholders, but important for things like trying to re-sync a database missing a signature. By using the alpm_db_validity() method at the right time, a client can take the appropriate action with these invalid databases as necessary. In pacman's case, we disallow just about anything that involves looking at a sync database outside of an '-Sy' operation (although we do check the validity immediately after). A few operations are still permitted- '-Q' ops that don't touch sync databases as well as '-R'. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Allow frontend access to signature verification informationDan McGee2-2/+22
Show output in -Qip for each package signature, which includes the UID string from the key ("Joe User <joe@example.com>") and the validity of said key. Example output: Signatures : Valid signature from "Dan McGee <dpmcgee@gmail.com>" Unknown signature from "<Key Unknown>" Invalid signature from "Dan McGee <dpmcgee@gmail.com>" Also add a backend alpm_sigresult_cleanup() function since memory allocation took place on this object, and we need some way of freeing it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05Correctly check the GPG error codesDan McGee1-2/+2
The error code is in fact a bitmask value of an error code and an error source, so use the proper function to get only the relevant bits. For the no error case, this shouldn't ever matter, but it bit me when I was trying to compare the error code to other values and wondered why it wasn't working, so set a good example. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-07-05signing: move to new signing verification and return schemeDan McGee13-115/+237
This gives us more granularity than the former Never/Optional/Always trifecta. The frontend still uses these values temporarily but that will be changed in a future patch. * Use 'siglevel' consistenly in method names, 'level' as variable name * The level becomes an enum bitmask value for flexibility * Signature check methods now return a array of status codes rather than a simple integer success/failure value. This allows callers to determine whether things such as an unknown signature are valid. * Specific signature error codes mostly disappear in favor of the above returned status code; pm_errno is now set only to PKG_INVALID_SIG or DB_INVALID_SIG as appropriate. Signed-off-by: Dan McGee <dan@archlinux.org>