summaryrefslogtreecommitdiff
path: root/lib/libalpm
AgeCommit message (Collapse)Author
2012-04-09Fix issues with unintialized variable value usageDan McGee
Detected by clang scan-build static code analyzer. * Don't attempt to free an uninitialized gpgme key variable * Initialize answer variable before asking frontend a question * Pass by reference instead of value if uninitialized fields are possible in download signal handler code * Ensure we never call strlen() on NULL payload->remote_name value Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07sync: fix crash on failed downloadsDave Reisner
Dan was right. This should have been FREE(), not free(). Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-04-07Updates from TransifexDan McGee
This encompasses a few languages that have had changes since 4.0.2 available on Transifex. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-28Update all translation filesDan McGee
Pull updates from transifex, run update-po on all files, fix a few errors, and push them back to Transifex. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-28signing: cope with gpg2's failure at lifeDave Reisner
For key searches only, gpg2 will fail to lookup any and all keys that are not prefixed with 0x. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-14lib/sync: avoid unwanted unlink after download failDave Reisner
In case we have a mirror failure, unlink_on_fail would remain set, causing an interrupt in a successive download attempt to be wrongly unlinked. This also fixes a memory leak in the url member, as we would allocate over the previous, unfreed URL. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2012-03-14dload: reset payload filename members before downloadDave Reisner
To avoid conflicts on reusing a payload after a failed download, ensure that we reset the filename hints in the payload struct prior to the download operation. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05Translation updates from TransifexDan McGee
* it updates to all translations * minor fr, pt_BR, de, lt, sk and uk updates * add new strings in pacman translation catalog Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05Fix a potential memory leak in filelist creationDan McGee
If we begin to create a file list when loading a package, but abort because of an error to one of our goto labels, the memory used to create the file list will leak. This is because we use a set of local variables to hold the data, and thus _alpm_pkg_free() cannot clean up for us. Use the file list struct on the package object as much as possible to keep state when building the file list, thus allowing _alpm_pkg_free() to clean up any partially built data. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-03-05Fix a memory leak when loading an invalid packageDan McGee
This is easily triggered via a `pacman -Sc` operation when it attempts to open a delta file as a package- we end up leaking loads of memory due to us never freeing the archive object. When you have upwards of 1200 delta files in your sync database directory, this results in a memory leak of nearly 1.5 MiB. Also fix another memory leak noticed at the same time- we need to call the internal _alpm_pkg_free() function, as without the origin data being set the public free function will do nothing. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-20Don't check diskspace when using --dbonlyDan McGee
Mostly a waste of time. Sure, we no longer make sure your pacman database partition has enough space, but if you are using this option you better know what you are doing anyway. Signed-off-by: Dan McGee <dan@archlinux.org> (cherry picked from commit ee969006056c86e88d5f179a7575d64f23d5b252)
2012-02-19diskspace: ensure we match only full path componentsDan McGee
If one had a mountpoint at '/e' (don't ask), a file being installed to '/etc' would map to it incorrectly. Ensure we do more than just prefix matching on paths by doing some more sanity checks once the simple strncmp() call succeeds. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-15Revert "Add -S --recursive operation"Dan McGee
This reverts commit f3fa77bcf1d792971c314f8c0de255866e89f3f3 along with making other necessary changes to fully back this (mis)feature out until we can do it correctly. The quick summary here is this was not implemented correctly; provides are not fully taken into account in this logic, and making that happen exposes a lot of other flaws in this code that are covered up later on in the dependency resolving process by several other pieces of convoluted and conditional logic. Tests have been adjusted accordingly. Some test EXISTS conditions have been removed as we already know the package is installed locally, and we also are checking the VERSION condition anyway. With these two related revert commits, we do have some changes in test pass/fail results: * upgrade078.py: does not pass, this is due to --recursive getting removed for -U/-S operations after this commit. * sync302.py: the version checks have been disabled, so this test continues to pass but has been scaled back in scope. * sync303.py: now passes, was failing before. * sync304.py: still failing, was failing before. * sync305.py: now passes, was failing before. * sync306.py: still passes, was passing before. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-14Update SIGPIPE signal handler commentDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-13lib/sync: use full delta size as max download sizeDave Reisner
The max filesize for a delta download must be the full size of the delta file, not just what's remaining. Fixes FS#28345 Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-06Fix a handful of comment typos or misspellingsDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-06Translation updates from Transifex, mostly scriptsDan McGee
This is after some manual massaging to fix issues with newlines in some translations of the script catalogs. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-02-06Update translations from TransifexDan McGee
The pacman-scripts catalog is omitted here due to various newline errors I don't have the time to fix right now. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-31Fix rare segfault on package removalAllan McRae
Very rarely a segfault would occur when removing a number of packages due to a corrupted list for the local database (FS#27805, FS#28195). This was caused by the alpm_list_msort function not correctly dealing with the two new head node's prev values. Signed-off-by: Allan McRae <allan@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-30Update translationsDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-23lib/dload: give uniform naming to curl CB functionsDave Reisner
Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-23Fix sys/mnttab.h header includeDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-23lib/dload: enforce usage of TCP keepalivesDave Reisner
This is particularly important in the case of FTP control connections, which may be closed by rogue NAT/firewall devices detecting idle connections on larger transfers which may take 5-10+ minutes. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-19Add diskspace checking support for Solaris/IllumosDan McGee
Was able to get my hands on one of these boxes today, so add yet another new way of doing this. I'm glad these calls are so standardized. This was compile tested on Linux and Illumos and seems to still be working in both places. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18Update copyright on changed files since beginning of yearDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18util.c, rmrf(): only create string when neededOlivier Brunel
The entry's name is only used when not "." or ".." so only print the string then. Signed-off-by: Olivier Brunel <i.am.jack.mail@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18fetch_url: look for files in cache before downloadingDave Reisner
We lost this logic somewhere between the libfetch and libcurl transition, as it existed in the internal downloader, but was pulled back only into the sync workflow. Add a helper function that will let us check for existance in the filecache prior to calling the downloader. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-18Use isdigit() rather than character range comparisonsDan McGee
This is safer and guaranteed to work with even exotic character sets. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-05Remove useless logger messageDan McGee
We don't need two log messages back-to-back about the same thing here. Signed-off-by: Dan McGee <dan@archlinux.org>
2012-01-05Search for PGP subkeys in a keyserver-acceptable wayDan McGee
PGP keyservers are pieces of sh** when it comes to searching for subkeys, and only allow it if you submit an 8-character fingerprint rather than the recommended and less chance of collision 16-character fingerprint. Add a second remote lookup for the 8-character version of a key ID if we don't find anything the first time we look up the key. This fixes FS#27612 and the deficiency has been sent upstream to the GnuPG users mailing list as well. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-29Fix bogus string cast in search debug messageDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-05Use correct size in memsetDan McGee
We were using the size of a pointer, not the size of the whole archive_read_buffer struct. Thanks to Clang/LLVM 3.0 and Allan/Dave in IRC for finding this one. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-12-05Enforce signature download size limit on -U <url> operationsDan McGee
We had a 16 KiB limit on database signatures, we should do the same here too to have a slight sanity check, even if we can't do so for the package itself yet. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-30_alpm_ldconfig: return value from _alpm_run_chrootDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-16Update translations from TransifexDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-15Allow sync_prepare to work in certain cases without sync databasesDan McGee
When doing a bare -U operation on a local package that doesn't pull in any dependencies from the sync databases, we can get away with missing database files. This makes the check conditional on no sync targets found in the target list. This is not the prettiest code here so we have a bit of hackish behavior required to straighten both the behavior and the nonsensical error message out. Addresses FS#26899. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-13Update translations from TransifexDan McGee
Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-13Updates in preparation for 4.0.1 releaseDan McGee
Bump the version, update the translation template files, and fill in NEWS with relevant commits and changes since 4.0.0. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-11-01Fix thinko in _alpm_strip_newlineDan McGee
The point of this early compare to NULL byte check was so we could bail early and skip the strcmp() call. Given we weren't doing the check right, this never exited early. Fix it to work as intended. Noticed-by: Pepe Juárez <trulustapa@gmail.com> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-27dload: remove redundant conditionalDave Reisner
Replacing the strdup when after the first NULL check assures that we get continue with payload->remote_name defined. Signed-off-by: Dave Reisner <dreisner@archlinux.org>
2011-10-27dload: chmod tempfiles to respect umaskDave Reisner
Dan: fix mask calculation, add it to the success/fail block instead. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-27Introduce ALPM_BUFFER_SIZE constantDan McGee
This takes the place of three previously used constants: ARCHIVE_DEFAULT_BYTES_PER_BLOCK, BUFFER_SIZE, and CPBUFSIZE. In libarchive 3.0, the first constant will be no more, so we can ensure we are forward-compatible by removing our usage of it now. The rest are unified for consistency. By default, we will use the value of BUFSIZ provided by <stdio.h>, which is 8192 on Linux. If that is undefined, a default value is provided. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-26Fix issues with replacing unowned symlinksDan McGee
There aretwo seperate issues in the same block of file conflict checking code here: 1) If realpath errored, such as when a symlink was broken, we would call 'continue' rather than simply exit this particular method of resolution. This was likely just a copy-paste mistake as the previous resolving steps all use loops where continue makes sense. Refactor the check so we only proceed if realpath is successful, and continue with the rest of the checks either way. 2) The real problem this code was trying to solve was canonicalizing path component (e.g., directory) symlinks. The final component, if not a directory, should not be handled at all in this loop. Add a !S_ISLNK() condition to the loop so we only call this for real files. There are few other small cleanups to the debug messages that I made while debugging this problem- we don't need to keep printing the file name, and ensure every block that sets resolved_conflict to true prints a debug message so we know how it was resolved. This fixes the expected failures from symlink010.py and symlink011.py, while still ensuring the fix for fileconflict007.py works. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-26Don't realloc a 0-length files array when loading packagesDan McGee
There is some pecular behavior going on here when a package is loaded that has no files, as is very common in our test suite. When we enter the realloc/sort code, a package without files will call the following: files = realloc(NULL, 0); One would assume this is a no-op, returning a NULL pointer, but that is not the case and valgrind later reports we are leaking memory. Fix the whole thing by skipping the reallocation and sort steps if the pointer is NULL, as we have nothing to do. Note that the package still gets marked as 'files loaded', becuase although there were none, we tried and were successful. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-25lib/sync: inform callers of compute_download_size of a partialDave Reisner
Extend the return values of compute_download_size to allow callers to know that a .part file exists for the package. This extra value isn't currently used, but it'll be needed later on. Signed-off-by: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-24Add more logging to download codeDan McGee
This adds a logger to the CURLE_OK case so we can always know the return code if it was >= 400, and debug log it regardless. Also adjust another logger to use the cURL error message directly, as well as use fstat() when we have an open file handle rather than stat(). Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-17Show an error message on failed remote key lookupDan McGee
The absolutely terrible part about this is the failure on GPGME's part to distinguish between "key not found" and "keyserver timeout". Instead, it returns the same silly GPG_ERR_EOF in both cases (why isn't GPG_ERR_TIMEOUT being used?), leaving us helpless to tell them apart. Spit out a generic enough error message that covers both cases; unfortunately we can't provide much guidance to the user because we aren't sure what actually happened. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-14Add missing #ifdef around cURL error code in download structDan McGee
Thanks to Eduardo Tongson on the mailing list. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-13curl_gethost() potential bug fixupsDan McGee
This is in the realm of "probably not going to happen", but if someone were to translate "disk" to a string longer than 256 characters, we would have a smashed/corrupted stack due to our unchecked strcpy() call. Rework the function to always length-check the value we copy into the hostname buffer, and do it with memcpy rather than the more cumbersome and unnecessary snprintf. Finally, move the magic 256 value into a constant and pass it into the function which is going to get inlined anyway. Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-12Add user-visible warning message if public keyring not foundDan McGee
This should help point users in the right direction if they have not initialized via pacman-key just yet. Signed-off-by: Dan McGee <dan@archlinux.org>