summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2011-10-12Add user-visible warning message if public keyring not foundDan McGee
This should help point users in the right direction if they have not initialized via pacman-key just yet. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12signing: delay gpgme_init() until latest possible momentDan McGee
In the default configuration, we can enter the signing code but still have nothing to do with GPGME- for example, if database signatures are optional but none are present. Delay initialization of GPGME until we know there is a signature file present or we were passed base64-encoded data. This also makes debugging with valgrind a lot easier as you don't have to deal with all the GPGME error noise because their code leaks like a sieve. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12Final Transifex update before 4.0Dan McGee
We have a few incomplete translations, but these should be addressable before the 4.0.1 maint release that is surely not that far in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-11Update translations from TransifexDan McGee
In prep for the 4.0.0 release. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-10dload: unhook error buffer after transfer finishesDave Reisner
Similar to what we did in edd9ed6a, disconnect the relationship with our stack allocated error buffer from the curl handle. Just as an FTP connection might have some network chatter on teardown causing the progress callback to be triggered, we might also hit an error condition that causes curl to write to our (now out of scope) error buffer. I'm unable to reproduce FS#26327, but I have a suspicion that this should fix it. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05Update translation message catalogs in prep for 4.0 releaseDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-05Update translations from TransifexDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-04Parse '0' as a valid package installed sizeDan McGee
This was a bad oversight on my part, pointed out by Jakob. Whoops. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30Use _alpm_local_db_pkgpath in _cache_changelog_openDan McGee
Another place where we were doing the dirty work by hand. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30Revamp scriptlet path formation for scriptlets in local databaseDan McGee
Expose the current static get_pkgpath() function internally to the rest of the library as _alpm_local_db_pkgpath(). This allows use of this convenience function in add.c and remove.c when forming the path to the scriptlet location. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-30Refactor _alpm_runscriptlet()Dan McGee
Add an is_archive parameter to reduce the amount of black magic going on. Rework to use fewer PATH_MAX sized local variables, and simplify some of the logic where appropriate in both this function and in the callers where duplicate calls can be replaced by some conditional parameter code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-29move prevprogress onto payload handleDave Reisner
This is a poor place for it, and it will likely move again in the future, but it's better to have it here than as a static variable. Initialization of this variable is now no longer necessary as its zeroed on creation of the payload struct. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Refactor download payload reset and freeDan McGee
This was done to squash a memory leak in the sync database download code. When we downloaded a database and then reused the payload struct, we could find ourselves calling get_fullpath() for the signatures and overwriting non-freed values we had left over from the database download. Refactor the payload_free function into a payload_reset function that we can call that does NOT free the payload itself, so we can reuse payload structs. This also allows us to move the payload to the stack in some call paths, relieving us of the need to alloc space. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Initialize cURL library on first useDan McGee
Rather than always initializing it on any handle creation. There are several frontend operations (search, info, etc.) that never need the download code, so spending time initializing this every single time is a bit silly. This makes it a bit more like the GPGME code init path. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Track unresolvable transaction packagesDan McGee
Rather than free them right away, keep the list on the transaction as we already do with add and remove lists. This is necessary because we may be manipulating pointers the frontend needs to refer to packages, and we are breaking our contract as stated in the alpm_add_pkg() documentation of only freeing packages at the end of a transaction. This fixes an issue found when refactoring the package list display code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Move pacsave path construction code off the stackDan McGee
This is definitely not in the normal hot path, so we can afford to do some temporary heap allocation here. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Use the full buffer when computing md5/sha256 sumsDan McGee
No wonder these were slower than expected. We were only reading 4 (32-bit) or 8 (64-bit) bytes at a time and feeding it to the hash functions. Define a buffer size constant and use it correctly so we feed 8K at a time into the hashing algorithm. This cut one larger `-Sw --noconfirm` operation, with nothing to actually download so only timing integrity, from 3.3s to 1.7s. This has been broken since the original commit eba521913d6 introducing OpenSSL usage for crypto hash functions. Boy do I feel stupid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-28Fix memory leak in download payload->remote_nameDan McGee
In the sync code, we explicitly allocated a string for this field, while in the dload code itself it was filled in with a pointer to another string. This led to a memory leak in the sync download case. Make remote_name non-const and always explicitly allocate it. This patch ensures this as well as uses malloc + snprintf (rather than calloc) in several codepaths, and eliminates the only use of PATH_MAX in the download code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Revert "libalpm: compare pkgname with strcoll"Dan McGee
This commit was made with the intent of displaying "correctly" sorted package lists to users. Here are some reasons I think this is incorrect: * It is done in the wrong place. If a frontend application wants to show a different order of packages dependent on locale, it should do that on its own. * Even if one wants a locale-specific order, almost all package names are all ASCII and language agnostic, so this different comparison makes little sense and may serve only to confuse people. * _alpm_pkg_cmp was unlike any other comparator function. None of the rest had any dependency on anything but the content of the structs being compared (e.g., they only used strcmp() or other basic comparison operators). This reverts commit 3e4d2c3aa65416487939148828afb385de2ee146. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27_alpm_splitdep: use malloc instead of callocDan McGee
There was only one simple to handle case where we left a field uninitialized; set it to NULL and use malloc() instead. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27be_sync: fetch only entry mode, not full stat structDan McGee
This saves a lot of unnecessary work since we don't need any of the other fields in the stat struct. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27alpm_list: use malloc instead of callocDan McGee
In every case we were calling calloc, the struct we allocated (or the memory to be used) is fully specified later in the method. For alpm_list_t allocations, we always set all of data, next, and prev. For list copying and transforming to an array, we always copy the entire data element, so no need to zero it first. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Fix compilation using --without-gpgmeDan McGee
I'm really good at breaking this on a regular basis. If only we had some sort of automated testing for this... Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Remove unnecessary loggerDan McGee
This is just a wrapper function; the real function we call logs an almost identical line. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-27Delay check for repository servers until we need themDan McGee
In the sync download code, we added an early check in 6731d0a9407e for sync download server existence so we wouldn't show the same error over and over for each file to be downloaded. Move this check into the download block so we only run it if there are actually files that need to be downloaded for this repository. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-26Ensure fileconflict value is actually a stringDan McGee
When we switched to a file object and not just a simple string, we missed an update along the way here in target-target conflicts. This patch looks large, but it really comes down to one errant (char *) cast before that has been reworked to explicitly point to the alpm_file_t object. The rest is simply code cleanup. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Update Doxyfile and fix some documentation errors caught by DoxygenDan McGee
A few parameters were outdated or wrongly named, and a few things were explicitly linked that Doxygen wasn't able to resolve. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Ensure database validity flags are set in invalid signature caseDan McGee
We returned the right error code but never set the flags accordingly. Also, now that we can bail early, ensure we set the error code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Handle key import errors correctly and with good error messagesDan McGee
This adds calls to gpgme_op_import_result() which we were not looking at before to ensure the key was actually imported. Additionally, we do some preemptive checks to ensure the keyring is even writable if we are going to prompt the user to add things to it. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22signing: be consistent with returning -1 for error casesDan McGee
This also fixes a segfault found by dave when key_search is unsuccessful; the key_search return code documentation has also been updated to reflect reality. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Regenerate message catalogs and translationsDan McGee
We've had a bit of churn since the last time this was done. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Translation file updates from TransifexDan McGee
Pick up any updates before I push new source messages out to the service. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add status and check for key being disabledDan McGee
Because we aren't using gpgv and a dedicated keyring that is known to be all safe, we should honor this flag being set on a given key in the keyring to know to not honor it. This prevents a key from being reimported that a user does not want to be used- instead of deleting, one should mark it as disabled. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Implement PGP key search and importDan McGee
Add two new static methods, key_search() and key_import(), to our growing list of signing code. If we come across a key we do not have, attempt to look it up remotely and ask the user if they wish to import said key. If they do, flag the validation process as a potential 'retry', meaning it might succeed the next time it is ran. These depend on you having a 'keyserver hkp://foo.example.com' line in your gpg.conf file in your gnupg home directory to function. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22signing: document most undocumented functionsDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add _alpm_process_siglist() logic to failed package validationDan McGee
This moves the result processing out of the validation check loop itself and into a new loop. Errors will be presented to the user one-by-one after we fully complete the validation loop, so they no longer overlap the progress bar. Unlike the database validation, we may have several errors to process in sequence here, so we use a function-scoped struct to track all the necessary information between seeing an error and asking the user about it. The older prompt_to_delete() callback logic is still kept, but only for checksum failures. It is debatable whether we should do this at all or just delegate said actions to the user. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add new import key question enum value and stub frontend functionDan McGee
This is for eventual use by the PGP key import code. Breaking this into a separate commit now makes the following patches a bit easier to understand. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Add alpm_capabilities() method and enumerationDan McGee
This allows a frontend program to query, at runtime, what the library supports. This can be useful for sanity checking during config- requiring a downloader or disallowing signature settings, for example. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Move default siglevel value from backend to frontendDan McGee
This takes the libraries hidden default out of the equation: hidden in the sense that we can't even find out what it is until we create a handle. This is a chicken-and-egg problem where we have probably already parsed the config, so it is hard to get the bitmask value right. Move it to the frontend so the caller can do whatever the heck they want. This also exposes a shortcoming where the frontend doesn't know if the library even supports signatures, so we should probably add a alpm_capabilities() method which exposes things like HAS_DOWNLOADER, HAS_SIGNATURES, etc. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22validate_deltas: split verify/check errors loopsDan McGee
This allows us to do all delta verification up front, followed by whatever needs to be done with any found errors. In this case, we call prompt_to_delete() for each error. Add back the missing EVENT(ALPM_EVENT_DELTA_INTEGRITY_DONE) that accidentally got removed in commit 062c391919e93f1d6. Remove use of *data; we never even look at the stuff in this array for the error code we were returning and this would be much better handled by one callback per error anyway, or at least some strongly typed return values. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-22Fix possible segfault if siglist was emptyDan McGee
If siglist->results wasn't a NULL pointer, we would try to free it anyway, even if siglist->count was zero. Only attempt to free this pointer if we had results and the pointer is valid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-21Remove noisy debug loggerDan McGee
This one can be overwhelming when reading debug output from a very large package. We already have the output of each extracted file so we probably can do without this in 99.9% of cases. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20_alpm_sync_commit: extract two static methodsDan McGee
This adds two new static methods, check_validity() and load_packages(), to sync.c which are simply code fragments pulled out of our do-everything sync commit code. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Pass package signature data up one more levelDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20signing: add a process and retry loop for database signaturesDan McGee
In reality, there is no retrying that happens as of now because we don't have any import or changing of the keyring going on, but the code is set up so we can drop this in our new _alpm_process_siglist() function. Wire up the basics to the sync database validation code, so we see something like the following: $ pacman -Ss unknowntrust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: core: signature from "Dan McGee <dpmcgee@gmail.com>" is unknown trust error: database 'core' is not valid (invalid or corrupted database (PGP signature)) $ pacman -Ss missingsig error: core: missing required signature error: core: missing required signature error: database 'core' is not valid (invalid or corrupted database (PGP signature)) Yes, there is some double output, but this should be fixable in the future. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Allow our PGP helper method to pass back the signature resultsDan McGee
This will make its way up the call chain eventually to allow trusting and importing of keys as necessary. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Split package validation and load loopsDan McGee
This adds a some new callback event and progress codes for package loading, which was formerly bundled in with package validation before. The main sync.c loop where loading occurred is now two loops running sequentially. The behavior should not change with this patch outside of progress and event display; more changes will come in following patches. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Extract an _alpm_pkg_validate_internal() methodDan McGee
_alpm_pkg_load_internal() was becoming a monster. Extract the top bit of the method that dealt with checksum and signature validation into a separate method that should be called before one loads a package to ensure it is valid. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20Remove all usages of alpm_list_getdata() from the libraryDan McGee
No need for the indirection; just access ->data instead. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-09-20_alpm_runscriptlet(): remove clean_tmpdir variableDan McGee
This is always true at the end since we return early if we couldn't create the tmpdir, so it is totally unnecessary. Signed-off-by: Dan McGee <dan@archlinux.org>