summaryrefslogtreecommitdiff
path: root/lib/libalpm
AgeCommit message (Collapse)Author
2011-08-19lib/dload: prevent possible NULL dereferenceDave Reisner
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-19sync: fix garbled output in conflict promptDave Reisner
$ pacman -S cronie resolving dependencies... looking for inter-conflicts... :: cronie and fcron are in conflict (@.). Remove fcron? [y/N] n $ sudo pacman -S pacman resolving dependencies... looking for inter-conflicts... :: pacman and pacman-git are in conflict (pKÈ). Remove pacman-git? [y/N] Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Convert resolvedep() to use _alpm_depcmp_literal()Dan McGee
The whole first loop is trying to check literals only, so teach it to do so. Also, reorder operations to make more sense by putting the strcmp() first in the literal loop, and using a very cheap name_hash check first in the second loop. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Fix replacement of provider issueDan McGee
When we switched to using alpm_depcmp() in resolving replacments, we had some interesting behavior with regard to providers and packages not found in repositories. Teach the replacement resolving code to not look at provisions at all to be slightly more sane. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Add an _alpm_depcmp_literal() functionDan McGee
This omits the finding of matching provisions and only checks the package itself against the provided dep. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Replacements refactor: extract check_replacers()Dan McGee
This moves code that was inline in alpm_sync_sysupgrade() to its own method. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Replacements refactor: extract check_literal()Dan McGee
This moves code that was inline in alpm_sync_sysupgrade() to its own method. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Remove usages of alpm_list_next() in backendDan McGee
Another function call that can be replaced by a single pointer dereference. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Remove use of no-op accessor functions in libraryDan McGee
The functions alpm_db_get_name(), alpm_pkg_get_name(), and alpm_pkg_get_version() are not necessary at all, so remove the calling and indirection when used in the backend, which makes things slightly more efficient and reduces code size. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18Enhance and utilize database status flagsDan McGee
* Move is_local standalone field to status enum * Create VALID/INVALID flag pair * Create EXISTS/MISSING flag pair With these additional fields, we can be more intelligent with database loading and messages to the user. We now only warn once if a sync database does not exist and do not continue to try to load it once we have marked it as missing. The reason for the flags existing in pairs is so the unknown case can be represented. There should never be a time when both flags in the same group are true, but if they are both false, it represents the unknown case. Care is taken to always manipulate both flags at the same time. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/libalpm/dload.c: Use STRDUP() instead of strdup()Lukas Fleischer
Use the STRDUP macro instead of strdup() for the sake of better error handling on memory allocation failures. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-18lib/libalpm/dload.c: Add ASSERT() to alpm_fetch_pkgurl()Lukas Fleischer
Return with ALPM_ERR_WRONG_ARGS instead of causing a potential segfault if alpm_fetch_pkgurl() is invoked with a NULL URL. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17lib/dload: refactor deletion on failureDave Reisner
This moves all the delete-on-fail logic to under cleanup label. This also implies should_unlink when a payload is received that doesn't allow resuming. Fixes .db.sig.part files leftover in the sync dir. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17lib/dload: avoid renaming download to 0 length destfileDave Reisner
This leverages earlier work that avoids a rename when destfile is unset. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17Avoid stat() on NULL path in curl_download_internal()Lukas Fleischer
stat()'s behaviour is undefined if the first argument is NULL and might be prone to segfault. Add an additional check to skip the stat() invocation if no destfile is used. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-17Skip rename() on NULL destfile in curl_download_internal()Lukas Fleischer
Avoid a potential segfault that may occur if we use a temporary file and fail to build the destination file name from the effective URL. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16Fix compilation using --without-gpgmeDan McGee
This function is used regardless of whether gpgme support is enabled, so make sure it is always accessible. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-16dload: zero out pm_errno in curl_download_internalDave Reisner
This reverts some hacky behavior from 5fc3ec and resets the handle's pm_errno where it should be reset -- prior to each download. This prevents a transaction with a download from being aborted when a package is successfully grabbed from a secondary server. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Update message catalogsDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Update translations from TransifexDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Only check necessary signatures and checksumsDan McGee
The precedence goes as follows: signature > sha256sum > md5sum Add some logic and helper methods to check what we have available when loading a package, and then only check what is necessary to verify the package. This should speed up sync database verifies as we no longer will be doing both a checksum and a signature validation. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15libalpm: fix a remaining old syntax of RET_ERR() macroRémy Oudompheng
It would prevent compilation of pacman on FreeBSD, and possibly other systems. Signed-off-by: Rémy Oudompheng <remy@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15lib/sync: ignore download errors for as long as possibleDave Reisner
Previously, the behavior was such that if a sync operation required packages from multiple repos, a download error in the first repo would cause a hard repo, ignoring the remainder of the repositories. Change this behavior so that we do a better job of fetching as many packages as possible before aborting the transaction. There's a little bit of refactoring mixed in here to get rid of some useless variables. Since we now depend heavily on the value of handle->pm_errno being accurate the determine the function's return value, we clear it when the transaction state is set. Fixes FS#25532. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Further fixes to replacement iterationDan McGee
A partial fix for this was in commit 7de92cb22, but this should fix the remaining cases. There are still several issues dealing with "provision as replacement" selection however. Addresses FS#25538 and FS#25527. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Parse conflicts/provides/replaces at database load timeDan McGee
We did this with depends way back in commit c244cfecf654d3 in 2007. We can do it with these fields as well. Of note is the inclusion of provides even though only '=' is supported- we'll parse other things, but no guarantees are given as to behavior, which is more or less similar to before since we only looked for the equals sign. Also of note is the non-inclusion of optdepends; this will likely be resolved down the road. The biggest benefactors of this change will be the resolving code that formerly had to parse and reparse several of these fields; it only happens once now at load time. This does lead to the disadvantage that we will now always be parsing this information up front even if we never need it in the split form, but as these are uncommon fields and our parser is quite efficient it shouldn't be a big concern. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Validate the sha256sum if availableDan McGee
Adjust load_internal() to check the sha256sum value if we have it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15decode_signature: guess signature data length for efficiencyDan McGee
We may end up allocating 1 or 2 extra bytes this way, but it is worth it to simplify the method and not have to call base64_decode() a second time. Use the hueristic that base64 encoding produces 3 bytes of decoded data for every 4 bytes of encoded data. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Remove checksum access indirectionDan McGee
These items are never present in anything but sync databases, nor do we even try to load them from the local database. Remvoe the indirection meant to allow the caching layer to work since it will never do anything anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15lib/sync: reset flag after rejecting a replaceDave Reisner
This prevents iteration through the remainder of the current tree, with pacman claiming that they're all replacements to the original replacement candidate. :: Synchronizing package databases... allanbrokeit is up to date testing is up to date core is up to date extra is up to date community-testing is up to date community is up to date :: Starting full system upgrade... :: Replace util-linux-git with core/util-linux? [Y/n] n :: Replace util-linux-git with core/vi? [Y/n] n :: Replace util-linux-git with core/vpnc? [Y/n] n :: Replace util-linux-git with core/wget? [Y/n] n :: Replace util-linux-git with core/which? [Y/n] n :: Replace util-linux-git with core/wireless-regdb? [Y/n] n :: Replace util-linux-git with core/wireless_tools? [Y/n] n :: Replace util-linux-git with core/wpa_actiond? [Y/n] n :: Replace util-linux-git with core/wpa_supplicant? [Y/n] n :: Replace util-linux-git with core/xfsprogs? [Y/n] n :: Replace util-linux-git with core/xinetd? [Y/n] n :: Replace util-linux-git with core/xz? [Y/n] n :: Replace util-linux-git with core/zd1211-firmware? [Y/n] n :: Replace util-linux-git with core/zlib? [Y/n] n there is nothing to do Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Load and allow access to sha256sumDan McGee
This adds a field in the package struct for this checksum type as well as allowing access via the API to it. The frontend is now able to display any read value. Note that this does not implement any use or verification of the value internally. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Add ALPM sha256sum routinesDan McGee
These mirror ones we already have for md5sums. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Add sha2 (sha256) routines from PolarSSLDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15pacman/package: show presence of signature in in -SiDave Reisner
adds a new API method: alpm_pkg_get_base64_sig [Dan: don't use a new header string in frontend] Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15alpm.h: fix inconsistency in function prototypeDave Reisner
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15lib/dload: avoid deleting .part file on too-slow xferDave Reisner
Take this opportunity to refactor the if/then/else logic into a switch/case which is likely going to be needed to fine tune more exceptions in the future. Fixes FS#25531 Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-15Update base64 PolarSSL codeDan McGee
Also adjust our code using it for the size_t adjustments made by upstream. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Update MD5 routines with changes from PolarSSLDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Add -S --recursive operationDan McGee
This closely matches what we had before for -R --recursive. Basically, when specifying a target (e.g., pacman), we can now recursively pull all dependencies, regardless of version specifiers and whether they are already satisfied in the local database. This could be used to update pacman on a system with an old glibc, for example, as both pacman and glibc would get pulled into the transaction. This is most useful with --needed to prevent needless reinstalls as described in the man page changes. The end goal of this change is to wire it into SyncFirst and have it be the default mode of operation there, but that belongs in a separate changeset. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Dependency code style cleanupsDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11stop progress callbacks after curl_easy_perform returnsDave Reisner
This prevents possible null dereferences in FTP transfers when the progress callback is touched during connection teardown. http://curl.haxx.se/mail/lib-2011-08/0128.html Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11dload: remove unnecessary cast in alpm_load_payload_freeDave Reisner
Dan: make it compile, s/load/payload/. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Parse replaces strings as dep strings with version specsDan McGee
This is done extremely crudely and is not very efficient, but it does push us down the path of being closer to right, as one additional test now passes. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Conflict comparison performance enhancementsDan McGee
* Add *_hash fields to conflict struct and populate them * Remove unnecessary backwards string comparisons Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Update string catalogs after string tweaksDan McGee
This also pulls in some early translations we had entered in Transifex in the last day so those would not be lost. The diffstat is huge and not very telling as usual, as all sorts of fuzzyness switches happened this time around for some reason. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Don't walk off front of string when stripping newlineDan McGee
If the string was zero-length to begin with, or consists of only newline characters, nothing stopped us from incrementing right off the front of the string. Ensure len stays above zero the whole time. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Fix compile error when curl is not usedDan McGee
Noticed in my PowerPC Linux VM: cc1: warnings being treated as errors dload.c:45: error: 'get_filename' defined but not used make[3]: *** [dload.lo] Error 1 Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-09Depend on name_hash being setDan McGee
This is a fairly valid assumption at this point, or at least as good of one as assuming packages all have names. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Add reason to corrupted package callbackDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Attempt to fix up some of the brokenness around failed package loadsDan McGee
This is a bit of a mess, due to the fact that we have a progress meter running. It is also ironic that we are in the midst of a method named "commit" when we haven't done a damn thing yet, and can still fail hard if either a checksum or signature is invalid or unrecognized. Adapt the former test_md5sum method to be invoked for any of the various failure types, which at least gives the user some indication of what packages are failing. A second patch will be needed to actually show worthwhile error codes, but this is going to involve modifying the actual data passed with the callback. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-08Update all translation filesDan McGee
This moves us toward staring translations for the 4.0.0 release, although this should not be interpreted as a string freeze by any means. Signed-off-by: Dan McGee <dan@archlinux.org>