ALPM_SIG_USE_DEFAULT does not refer to an actual siglevel, rather it
indicates that the global default should be used in place of the
operation-specific one. Setting this value for the global default
itself makes no sense.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
An empty siglevel does not do any signature verification which is
exactly what we want when compiled without gpg support. This is already
allowed in other parts of the codebase and required for the test suite
to pass when compiled without gpg support.
Fixes: FS#60880
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
"wrong or NULL argument passed" is a useless error for end users.
Fixes FS#60880.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Provide both build systems in parallel for now, to ensure that we work
out all the differences between the two. Some time from now, we'll give
up on autotools.
Meson tends to be faster and probably easier to read/maintain. On my
machine, the full meson configure+build+install takes a little under
half as long as a similar autotools-based invocation.
Building with meson is a two step process. First, configure the build:
meson build
Then, compile the project:
ninja -C build
There's some mild differences in functionality between meson and
autotools. specifically:
1) No singular update-po target. meson only generates individual
update-po targets for each textdomain (of which we have 3). To make
this easier, there's a build-aux/update-po script which finds all
update-po targets and runs them.
2) No 'make dist' equivalent. Just run 'git archive' to generate a
suitable tarball for distribution.
If poll() is interrupted by a signal, alpm was closing the socket it
uses for listening to script/hook output. This would drop script output
at the least and kill the script at the worst.
Fixes FS#60396
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Front-ends or libraries may set signals to be ignored, which gets
inherited across fork and exec. This can cause scripts to malfunction
if they expect the signal. To make matters worse, scripts written in
bash can't reset signals that were ignored when bash was started.
Fixes FS#56756
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
When --needed is used, up to date packages are now filtered out
before showing the group select.
Fixes FS#22870.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Upon receiving SIGINT a flag is set to abort the (curl) download.
However, since it was never reset/initialized, if a front-end doesn't
actually exit on SIGINT, and later tries any operation that needs to
perform a new download, said download would always get aborted right
away due to the flag not having been reset.
Variable dload_interrupted is used both to abort a download because
SIGINT was caught, and when a file limit is reached. But raising SIGINT
is only meant to happen in the first case.
Signed-off-by: Olivier Brunel <jjk@jjacky.com>
Currently, if checking the validity of packages fails due to an access
error on one or more packages, the user must sift through debug output
in order to find the culprit package(s). This patch adds a call to
_alpm_log in such a case to make the culprits more easily visible.
Signed-off-by: Allan McRae <allan@archlinux.org>
Add a case for curl error 'Could not resolve host'.
An attempt to fix FS#48285.
Signed-off-by: Michael Straube <straubem@gmx.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
It is desirable to have 'a-post.hook' ordered after 'a.hook'. For this,
it is needed to ignore the suffix when sorting.
Signed-off-by: Allan McRae <allan@archlinux.org>
The pacman --overwrite operation currently expects a path without
the root prefix specified. This is unexpected, particularly
given our conflict error message reports the path with the root
prefix included.
This patch allows libalpm to overwrite files with the root prefix
specified.
Signed-off-by: Allan McRae <allan@archlinux.org>
The filename in the license header did not match the actual filename
as in the other files. Hopefully this is not too nit-picky.
Signed-off-by: Michael Straube <straubem@gmx.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
Also remove any translations that are less than 75% complete. These will
be readded once translation completion passes our minimum threshold.
Signed-off-by: Allan McRae <allan@archlinux.org>
Many of these are pointless (e.g. there is no need to explicitly turn on
spellchecking and language dictionaries for the manpages by default).
The only useful modelines are the ones enforcing the project coding
standards for indentation style (and "maybe" filetype/syntax, but
everything except the asciidoc manpages and makepkg.conf is already
autodetected), and indent style can be applied more easily with
.editorconfig
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Attempting to compile pacman with gcc8 results in several warnings like:
remove.c: In function ‘unlink_file.isra.4’:
remove.c:407:34: warning: ‘.pacsave.’ directive output may be truncated writing 9 bytes into a region of size between 1 and 4096 [-Wformat-truncation=]
Fix by adding checks to error out if snprintf tries to reserve a
truncated filename. Because the return values are checked, gcc delegates
the truncation response to our code instead of throwing warnings.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
pkg-config has built-in dependency handling, but we currently insert the
raw $LIBS into libalpm's own linker flags and fail to handle Cflags at
all.
For dependencies which support pkg-config, simply use that instead.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
RFC 4880 defines two packet formats for OpenPGP. Pacman aborted its key
in keyring check with an error message if it encountered the new format.
This was fine until some annoying Arch Trusted User generated a key
using the new format!
Implement the new format. This also required parsing the hashed sub
packets. requiring the parsing code to moved to its own function.
Signed-off-by: Allan McRae <allan@archlinux.org>
If rehash ever failed with a full hash it would return the old hash
that is already full. get_hash_position would then loop forever
because it would never find an empty bucket.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If you manage to download a bad database (e.g. an html file when
behind a proxy or with a badly configured webserver), pacman makes
sure you know about it. Here is some example output:
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
error: could not open file /var/lib/pacman/sync/extra.db: Unrecognized archive format
I don't know how many times that gets printed because it goes beyond my scrollback
buffer.
Flag a database that we can "open" and "fstat" but not read from as invalid to avoid
this.
Signed-off-by: Allan McRae <allan@archlinux.org>
6cfc4757b9 was overzealous in attempting
to optimize away a call to strcmp based on a comparison of hashes. The
call can be skipped if the hashes are different, but different strings
could have the same hash.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Frontends rely on an initialization call for setup between downloads.
Checking for intialization after checking for a completed download can
skip initialization in cases where files are small enough to be
downloaded all at once (FS#56408). Relying on previous download size
can result in multiple initializations if there are multiple
non-transfer events prior to the download starting (fS#56468).
Introduce a new cb_initialized variable to the payload struct and use it
to ensure that the callback is initialized exactly once prior to any
actual events.
Fixes FS#56408, FS#56468
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
This is a rewrite of Tobias Stoeckmann’s patch from June 2016[1] using
functions instead of macros. (Thanks to Tobias for explanations of his patch.)
A short question on Freenode IRC showed that macros are generally discouraged
and functions should be used.
The patch introduces a static size_t length_check() in libalpm/signing.c.
[1] Original patch:
https://lists.archlinux.org/pipermail/pacman-dev/2016-June/021148.html
CVE request (and assignment):
http://seclists.org/oss-sec/2016/q2/526
Signed-off-by: Allan McRae <allan@archlinux.org>
This makes it possible to detect a failure in several alpm_list
functions. Previously these functions would continue after a failure,
returning partial results and potentially leaking memory.
Unfortunately, NULL is a valid return value for the affected functions
if the input list is empty, so they still do not have a dedicated error
value. Callers can at least detect an error by checking if the input
list was empty.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Prevents SIGSEGV if we catch SIGINT or SIGHUP before initializing alpm.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
If a scriptlet/hook dies at the wrong moment it can trigger SIGPIPE,
terminating the process. For pipes, there is no way to prevent SIGPIPE
other than ignoring it process-wide. This can have unintended
consequences in a multi-threaded process. Using send(2) with sockets,
however, allows ignoring SIGPIPE on a per-call basis, leaving other
threads able to make use of SIGPIPE.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
If the user replaces a directory with a symlink, libalpm would get
confused because the trailing slash causes system calls to resolve the
symlink. This leads to errors and a misleading message during upgrades.
Even though libalpm does not support this, it should not be giving
misleading errors.
Also adds an overflow check.
Fixes FS#51377
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
