summaryrefslogtreecommitdiffstats
path: root/lib/libalpm
AgeCommit message (Collapse)AuthorFilesLines
2011-06-01dload: abort transfer on CURLOPT_LOW_SPEED_LIMITDave Reisner1-0/+2
If a connection drops below 1kb/s for 10s, curl will kill the transfer and we'll report failure. This is the average transfer speed over the delta defined by CURLOPT_LOW_SPEED_TIME, so setting a low value here shouldn't bother folks using 14.4k dial-up. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-06-01Merge branch 'maint'Dan McGee3-4/+3
2011-05-24alpm_list: fix typo in doxygen commentPang Yan Han1-1/+1
Signed-off-by: Pang Yan Han <pangyanhan@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-19Bail early if we don't have a valid lockfile pathDan McGee2-3/+2
This addresses FS#24292. If one does the bad thing of not checking pm_errno after calling set_dbpath(), you may not realize the initialization process went wrong and calling trans_init() resulted in a segfault. If we don't have a lockfile path, bail out and have trans_init() fail. Also remove a ALPM_LOG_FUNC call that was causing pm_errno to return "no handle"; this was due to a log call in the handle setup (whereby the log attempts to use a callback attached to the handle). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-19Merge branch 'maint'Dan McGee2-10/+11
Conflicts: lib/libalpm/trans.c src/pacman/query.c
2011-05-16Fix segfault when uninstalling broken backed-up symlinkDan McGee1-1/+1
Issue FS#24230. If a symlink is broken and included in the removal process of a package, we blew up and segfaulted due to alpm_compute_md5sum() returning NULL and then performing a strcmp() operation. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-16trans.c: create transaction prior to checking DB versionDave Reisner1-9/+10
The addition of the DB version check introduces a lag time between the lockfile creation and the transaction initialization. In cases where the local DB is large enough and/or the user's disk is slow enough, this time is significant enough that its possible for a user to send a SIGINT and leave behind a db.lck file. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Remove sync DB reregister checkDan McGee1-10/+0
It's your own damn fault if you do this, and this code is remnants from an old time when we weren't very good at coding. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Merge branch 'maint'Dan McGee2-6/+8
2011-05-05Don't null-check handle lists before settingDan McGee1-6/+10
This needlessly prevents the easiest way available of clearing any of these values. We can also do the same for the 'arch' value. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Improve database server APIDan McGee2-23/+88
Currently we have one call that has all sorts of crazy behavior and doesn't make a whole lot of sense. Go from one method to the normal four methods we have for all of our other lists we use in the library to make it a lot easier for a frontend to manipulate server lists. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Ensure populate error return codes are consistentDan McGee2-6/+8
It must be -1 to differentiate it from a number of packages loaded count. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Logging changes during DB loadDan McGee2-1/+6
The switch from FUNCTION to DEBUG was ill-advised inside the local database load. Instead, add a DEBUG level logger to both local and sync database loads that shows the number of packages processed. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05dload: ensure we return success if we found files on any mirrorDan McGee1-1/+3
We were erroring out in the case where a first (possibly bogus) mirror would cause the download process to return a failure code, even though subsequent servers had the file. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-05Dan broke my patchAllan McRae1-1/+1
Add a missing space. Signed-off-by: Allan McRae <allan@archlinux.org>
2011-05-04Fix incorrect memory allocation assignmentDan McGee1-1/+1
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04dload: make sure we never print a bogus error bufferDan McGee1-0/+2
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04Deal with unused function parameters correctlyAllan McRae7-18/+28
This started off removing the "(void)foo" hacks to work around unused function parameters and ended up fixing every warning generated by -Wunused-parameter. Dan: rename to UNUSED. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04Fix warnings reported by -Wwrite-stringsDan McGee1-5/+3
These are places where we stuck a string constant in a variable not marked as const. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-05-04Reduce duplicate signing debug code and fix logic conditionDan McGee1-35/+23
We had a lot of similar looking code that we can collapse down into a function. This also fixes errors seen when turning on some gcc warnings and implicitly casting away the const-ness of the string. Free the list when we are done with it as well. Also, fix a logic error where we should be checking with &&, not ||. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-27Allow conditional compilation with GPGMEDan McGee2-2/+16
This makes it possible to omit usage of -lgpgme, just as we can do for -lcurl and -lcrypto. Thanks to Rémy Oudompheng for an initial stab at this. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24signing: add more detail to unexpected signature count errorDan McGee1-1/+7
Do a quick loop and count of the returned data so we can show how many signatures were parsed and read. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24Enhance GPGME debug outputDan McGee1-11/+97
Add some lookup functions for nice names for the various types used by the library, and remove some fields that are of little use to us in the debug output. This should make looking at key loading and verification a bit easier, especially in determining what makes up our good and bad criteria. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24Perform package verification at package load timeDan McGee4-38/+47
Both md5sum verification and PGP verification can and should be done at package load time. This allows verification to happen as early as possible for packages provided by filename and loaded in the frontend, and moves more stuff out of sync_commit that doesn't really belong there. This should also set the stage for simplified parallel loading of packages later down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24sync_commit: refactor out validate_deltasDan McGee1-50/+53
More stuff going on in the pre-committing stage that can be in a static method to make things a bit more clear. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24sync_commit: refactor out file downloadsDan McGee1-32/+37
This part is almost completely self-contained, except building the list of delta filenames that we use later to check their md5sums. Refactor it into a static method so we can bring most of the code in sync_commit closer to the method name. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24Rein in the complexity of the signature typeDan McGee7-69/+58
Given that we offer no transparency into the pmpgpsig_t type, we don't really need to expose it outside of the library, and at this point, we don't need it at all. Don't decode anything except when checking signatures. For packages/files not from a sync database, we now just read the signature file directly anyway. Also push the decoding logic down further into the check method so we don't need this hanging out in a less than ideal place. This will make it easier to conditionally compile things down the road. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-24signing: let GPGME handle loading signatures from filesDan McGee5-92/+35
Rather than go through all the hassle of doing this ourselves, just let GPGME handle the work by passing it a file handle. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22Make dump_pkg_full a little less insaneDan McGee1-2/+2
The various "level" values were a bit crazy to decipher, and we were doing some very interesting comparisons in certain places. Break it out into two parameters instead so we can seperate the type from the extra information display, and do things accordingly. Nothing changes with the display of any of the five types we currently show: -Si, -Sii, -Qi, -Qii, -Qip. Something to note- we should expose the PKG_FROM enum type somehow, this patch leaves the door open to do that quite easily. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22libalpm/dload: major refactor of signature downloadingDan McGee4-127/+95
There's a lot of related moving parts here: * Iteration through mirrors is moved back to the calling functions. This allows removal of _alpm_download_single_file and _alpm_download_files. * The download function gets a few more arguments to influence behavior. This allows several different scenarios to customize behavior: - database - database signature (req'd and optional) - package - package via direct URL - package signature via direct URL (req'd and optional) * For databases, we need signatures from the same mirror, so structure the code accordingly. Some-inspiration-from: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22libalpm/dload: add allow_resume and reorder error checksDan McGee1-19/+21
The allow_resume is the start of the fix to the "don't ever resume database downloads" problem, as well as being useful for '.sig' downloads as well. For now, we say "always allow resume", but this will eventually get pushed down as necessary. Error checks are reworked in order to correctly error out when a file is not found on the remote end and reports 0 bytes downloaded. In addition, the two error messages printed are now different as one reports a more specific error message provided via the cURL error buffer. Some example output from an -Sy run with [testing], [community], [community2], [eee], and [nonexistant] defined as repos. [community2] and [nonexistant] are both invalid, one using FTP and one using HTTP. :: Synchronizing package databases... testing is up to date community is up to date error: failed retrieving file 'community2.db' from ftp.archlinux.org : Given file does not exist error: failed to update community2 (FTP: couldn't retrieve (RETR failed) the specified file) eee is up to date error: failed retrieving file 'nonexistant.db' from code.toofishes.net : The requested URL returned error: 404 error: failed to update nonexistant (HTTP response code said error) Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22cleanup: add_pkg() and remove_pkg()Dan McGee2-6/+6
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22libalpm/dload: const and static correctnessDan McGee2-6/+7
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-22be_sync: use _alpm_db_get_sigverify_level()Dan McGee1-4/+7
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-21sync.c: remove unnecessary check for PM_PGP_VERIFY_UNKNOWNRémy Oudompheng1-7/+0
The value PM_PGP_VERIFY_UNKNOWN is reserved to error cases, now that the signature verification level defaults to the globally set level. The only error case is when handle == NULL, which is false in the context of _alpm_sync_commit(). Signed-off-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-21handle.c: force sigverify level not to be PM_PGP_VERIFY_UNKNOWNRémy Oudompheng1-0/+1
Signed-off-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-21alpm.h: add several missing documentation stringsRémy Oudompheng1-0/+13
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
2011-04-21alpm.h: rationalize option getters/setters documentationRémy Oudompheng1-17/+49
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
2011-04-21alpm.h: add/improve function documentationRémy Oudompheng3-12/+27
Signed-off-by: Rémy Oudompheng <remy@archlinux.org>
2011-04-20Rename gpgsig struct fields for clarityDan McGee5-26/+27
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20Form the signature file location in one placeDan McGee3-24/+16
Since we do this for all cases anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20Header inclusion cleanupDan McGee14-36/+2
This does touch a lot of things, and hopefully doesn't break things on other platforms, but allows us to also clean up a bunch of crud that no longer needs to be there. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20syntax: if/while statements should have no trailing spaceDan McGee15-63/+63
This is the standard, and we have had a few of these introduced lately that should not be here. Done with: find -name '*.c' | xargs sed -i -e 's#if (#if(#g' find -name '*.c' | xargs sed -i -e 's#while (#while(#g' Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20Allow VerifySig to act as a default verification in [options]Dave Reisner6-11/+58
* add _alpm_db_get_sigverify_level * add alpm_option_{get,set}_default_sigverify And set the default verification level to OPTIONAL if not set otherwise. Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20alpm.h: forward-declare shared enumerationsDan McGee1-19/+30
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20style cleanup: cast as (type *) not (type*)Dave Reisner9-10/+10
Signed-off-by: Dave Reisner <d@falconindy.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20lib: remove dead code in be_local and be_packageDave Reisner2-15/+0
Signed-off-by: Dave Reisner <d@falconindy.com>
2011-04-20Put comments on their own lineDan McGee1-4/+8
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-04-20Merge branch 'maint'Dan McGee26-258/+270
2011-04-183.5.2 translation updates from TransifexDan McGee26-258/+270
And also a POT version and package version update. Signed-off-by: Dan McGee <dan@archlinux.org>