Ask the user whether they want to import a missing key before even doing
a search on the keyserver. This will be useful for getting Web Key
Directory support in place: for a WKD, looking up and importing a key
are a single action, so the current key_search -> QUESTION -> key_import
workflow does not apply.
Since only the ID of the package signing key is available before
key_search, we display the packager variable in addition to the key ID
for user convenience.
Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Many of these are pointless (e.g. there is no need to explicitly turn on
spellchecking and language dictionaries for the manpages by default).
The only useful modelines are the ones enforcing the project coding
standards for indentation style (and "maybe" filetype/syntax, but
everything except the asciidoc manpages and makepkg.conf is already
autodetected), and indent style can be applied more easily with
.editorconfig
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
makepkg adds makedepends and checkdepends to a package's .PKGINFO file.
Add functions that allow use of these from libalpm.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Many bitfield variables are declared to be enums, because they are
generated using bitwise operations on enums such. However, their
actual values aren't necessary members of their parent enum, so
declaring them 'int' is more accurate.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This allows functions which return an _alpm_errno_t to always return a
genuine _alpm_errno_t for consistency, even in cases where there are
no errors. Since ALPM_ERR_OK = 0, their callers can still simply check
'err = some_fn(); if (!err) { ... }'.
Signed-off-by: Ivy Foster <ivy.foster@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If signature files are larger than SIZE_MAX, not enough memory could
be allocated for this file. The script repo-add rejects files which
are larger than 16384 bytes, therefore handle these as errors here,
too.
While at it, I also rearranged the code to avoid a quite harmless
TOCTOU race condition between stat() and fopen().
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Some resources (memory or file descriptors) are not released on all
error paths.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
In order to work properly, loading the filelist from an mtree file
requires a libarchive patch that has not yet been included in an
official release.[1] Under certain circumstances, an unpatched
libarchive may refuse to read the mtree file due to inconsistencies
between it and the user's file system. In order to allow alpm to
recover in this situation, read the mtree data into a temporary filelist
that is only copied over to the package if the entire read is
successful.
[1] 661684170b
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Allows entries to be added to arbitrary filelists not connected to
a package.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit adds support to libalpm to parse the pkgbase present in
packages .PKGINFO files, writing the PKGBASE to the %BASE% section of
the local DBs desc files and for parsing it again when loading the local
DB
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
In 5acfa65f when adding a new variable (hit_mtree), the initialization of a
variable (config) was dropped, which could lead to loading invalid package
files, i.e. files that aren't archive (no metadata loaded) would return a new
alpm_pkg_t with everything set to 0/NULL.
Depending on the operation/use of the package, this could lead to segfault.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Provide pkgbase information for non-split packages with pkgbase set.
Also record the version of the "base" package. This is useful for
matching package files to source packages.
Signed-off-by: Allan McRae <allan@archlinux.org>
Use MALLOC instead of malloc for safety in libalpm. Some changes are pure
refactoring, but for others this provides a success check for memory
allocation.
Signed-off-by: Allan McRae <allan@archlinux.org>
This greatly speeds up file list generation times by avoiding
uncompressing the whole package.
pacman -S base with a deliberate file conflict:
before: 9.1 seconds
after: 2.2 seconds
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Forcing vim users to view files with a tabstop of 2 seems really
unnecessary when noet is set. I find it much easier to read code with
ts=4 and I dislike having to override the modeline by hand.
Command run:
find . -type f -exec sed -i '/vim.* noet/s# ts=2 sw=2##' {} +
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Allan McRae <allan@archlinux.org>
This commit:
-- replaces space-based indents with tabs per the coding standards
-- removes extraneous whitespace (e.g. extra spaces between function args)
-- adds missing braces for a one-line if statement
Signed-off-by: Jason St. John <jstjohn@purdue.edu>
Currently you can manually create and then install a package with a
version not containing a pkgrel. The created local database entry is
invalid as the directory name can not be split by _alpm_splitname due
to the assumtion of hyphens separating name-pkgver-pkgrel.
Ensure the package has a valid version when it is loaded. Fixes FS#35514.
Signed-off-by: Allan McRae <allan@archlinux.org>
On operating systems we support, the behavior is always such that the
kernel will do the right thing as far as invalidating the file
descriptor, regardless of the eventual return value. Therefore,
potentially looping and calling close multiple times is wrong.
At best, we call close again on an invalid FD and throw a spurious EBADF
error. At worst, we might close an FD which doesn't belong to us when a
multi-threaded application opens its own file descriptor between
iterations of the loop.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
When attempting to install a package (either via -S or -U) and the
signature is missing, the current error message "invalid or corrupted
package (PGP signature)" is very unclear. Instead inform the user
that the package is missing the required signature.
Partial fix for FS#34741.
Signed-off-by: Allan McRae <allan@archlinux.org>
When installing a package with "pacman -U" that has a detached
signature, check if the needed key is in the keyring and download
if necessary.
Signed-off-by: Allan McRae <allan@archlinux.org>
We have a few of these and might as well gather them together. This also
cleans up the code a bit by using an enum instead of integer values, as
well as makes a "search for file in filelist" function public so
frontends can do better than straight linear search of the filelists.
Signed-off-by: Dan McGee <dan@archlinux.org>
On the assumption that these arrays are already mostly sorted, use the
standard quicksort method to sort the files arrays. The files_msort
function name is tweaked to give it a more general name to reflect this
change.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
If known, callers can pass the line size to this function in order to
avoid an strlen call. Otherwise, they simply pass 0 and
_alpm_strip_newline will do the call instead.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
This path is rarely (read: never) taken in any normal run of the code,
so injecting the fprintf() call everywhere with the macro is a bit
overkill. Instead, add a lightweight _alpm_alloc_fail() function that
gets called instead.
This does have a reasonable effect on the size of the generated code;
most places using the macros provided by util.c have their code size
reduced.
Signed-off-by: Dan McGee <dan@archlinux.org>
Failure isn't always due to the package file location not existing;
permission issues can also play a part on something like a FUSE-based
filesystem inaccessible to root.
Signed-off-by: Dan McGee <dan@archlinux.org>
When installing a package, store information on which validation
method was used and output this on "pacman -Qi" operations.
e.g.
Validated By : SHA256 Sum
Possible values are Unknown, None, MD5 Sum, SHA256 Sum, Signature.
Dan: just a few very minor tweaks.
Signed-off-by: Allan McRae <allan@archlinux.org>
Signed-off-by: Dan McGee <dan@archlinux.org>
