| Age | Commit message (Collapse) | Author |
|---|
|
dload_payload->curlerr is a field that is used inside
curl_download_internal() function only. It can be converted to a local
variable.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
To be able to run multiple download in parallel efficiently we need to
use curl_multi interface [1]. It introduces a set of APIs over new type
of handler 'CURLM'.
Create CURLM object at the application start and set it to global ALPM
context.
The 'single-download' CURL handle moves to payload struct. A new CURL
handle is created for each payload with intention to be processed by CURLM.
Note that curl_download_internal() is not ported to CURLM interface due
to the fact that the function will go away soon.
[1] https://curl.haxx.se/libcurl/c/libcurl-multi.html
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is an equivalent of alpm_db_update but for multiplexed (parallel)
download. The difference is that this function accepts list of
databases to update. And then ALPM internals download it in parallel if
possible.
Add a stub for _alpm_multi_download the function that will do parallel
payloads downloads in the future.
Introduce dload_payload->filepath field that contains url path to the
file we download. It is like fileurl field but does not contain
protocol/server part. The rationale for having this field is that with
the curl multidownload the server retry logic is going to move to a curl
callback. And the callback needs to be able to reconstruct the 'next'
fileurl. One will be able to do it by getting the next server url from
'servers' list and then concat with filepath. Once the 'parallel download'
refactoring is over 'fileurl' field will go away.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It includes pacman.conf new 'ParallelDownloads' option that
specifies how many concurrent downloads cURL starts in parallel.
Add alpm_option_set_parallel_downloads() ALPM function that
allows to set this config option programmatically.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The GOTO_ERR define was added in commit 80ae8014 for use in future commits.
There are plenty of places in the code base it can be used, so convert them.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Use STRDUP() over strdup() to catch memory allocation errors.
There are still some instances of strdup left, but these are in functions
that currently have no error path and would require a larger rework.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
realloc can fail just like the other memory allocation functions. Add a
macro to simplify handling of realloc failures, similar to the already
existing MALLOC, CALLOC, etc.
Replace the existing realloc uses with the new macro, allowing us to
move tedious error handling to the macro. Also, in be_package and
be_sync, this fixes hypothetical memory leaks (and thereafter null
pointer dereferences) in case realloc fails to shrink the allocated
memory.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Following the example of the recently added GOTO_ERR, adding the file and
line number in addition to the function name in our debug messages is
potentially useful.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is a macro similar to RET_ERR but useful in the case when we need
to record an error and then jump to some cleanup section.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Since commit 2ee7a8d8, there is no cleanup needed in this function. Just
return instead of jumping to the cleanup label.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
One reason why the function returns an error is some repo
does not have any servers.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently, download_files() creates payloads for all packages then
iterates over them, calling download_single_file. This can be
simplified by looping over packages and constructing the payload as needed.
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Current flow looks like
loop dbs_sync {
loop pkgs {
if pkg.db == db then process(pkg, db)
}
}
Package sync transaction always has a counterpart in the dbs_sync list
(I cannot come up with a use-case when it is not true). So the loop can
be simplified to:
loop pkgs {
process(pkg, pkg.db)
}
Tested: 'ninja test' & manually by using pacman with this patch for a
week
Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
libalpm: move docs from .c files into alpm.h And fix/expand some
along the way.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
It looks like this function has never actually worked. The current list
is never set to NULL after being freed. So the new deps were just
appended to the already freed list, leading to a segfault.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Commit e6a6d307 detected complete part files by comparing a payload's
max_size to initial_size. However, these values are also equal when we
use pacman -U on a URL as max_size is set to 0 in that case. Add a further
condition to avoid that.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We previously has the maximum database size as 25MB. This was set in the days
before repos had as many packages as they do now, and before we started
distributing files databases. Increase this limit to 128MB.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This is guaranteed less error prone than calling memset and hoping the
human gets the argument order correct.
|
|
The documentation of the return types of alpm_mtree_next was incorrect.
This extended into the relevant function in be_local.c.
Also, return explicit integer values, rather than the ARCHIVE_xxx values,
to avoid unnecessarily exposing frontends to libarchive internals (even
though it makes no functional difference).
Original-work-by: morganamilo <morganamilo@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
|
|
Daniel T. Borelli <danieltborelli@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
In rare cases, likely due to a well timed Ctrl+C, but possibly due to a
broken mirror, a ".part" file may have size at least that of the correct
package size.
When encountering this issue, currently pacman fails in different ways
depending on where the package falls in the list to download. If last,
"wrong or NULL argument passed" error is reported, or a "invalid or
corrupt package" issue if not.
Capture these .part files, and remove the extension. This lets pacman
either use the package if valid, or offer to remove it if it fails checksum
or signature verification.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
We now store key structs of our missing key info, so can not search the list
for string matches. This caused missing keys to be downloaded once for every
package they signed.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Previously, pacman treated no matches and an error during search the
same.
To fix this, alpm_db_search now returns its status as an int and
instead takes the to be returned list as a param. Allowing front ends to
easily differentiate between errors and no matches.
Signed-off-by: morganamilo <morganamilo@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Use after free.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
make update-copyright OLD=2018 NEW=2019
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
This allows pacman to print the correct error message when checking keys
and libalpm has been compiled without gpgme support.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
The dummy checksigs function never sets count to 0, leaving it
unitialized. This caused the siglist cleanup to try and free the empty
list.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Pull all translations with >75% completion.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
|
|
With unknown uid pacman crashed. Return with error from email_from_uid()
if uid is NULL.
Signed-off-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
when a satisfying package is already installed, we always pick it
instead of prompting the user. So we can return that package as soon as
we find it, instead of waiting until we've iterated through all the
databases.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If we failed to get the pkg from pkgcache then we know no satisfying
package exists by name. So only compare provides.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently pacman relies on the SKS keyserver network to fetch unknown
PGP keys. These keyservers are vulnerable to signature spamming attacks,
potentionally making it impossible to import the required keys. An
alternative to keyservers is a so-called Web Key Directory (WKD), a
well-known, trusted location on a server from where the keys can be
fetched.
This commit adds the ability to retrieve keys from a WKD. Due to the
mentioned vulnerabilities, the WKD is tried first, falling back to the
keyservers only if no appropriate key is found there.
In contrast to keyservers, keys in a WKD are not looked up using their
fingerprint, but by email address. Since the email address of the
signing key is usually not included in the signature, we will use the
packager email address to perform the lookup.
Also see FS#63171.
Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Ask the user whether they want to import a missing key before even doing
a search on the keyserver. This will be useful for getting Web Key
Directory support in place: for a WKD, looking up and importing a key
are a single action, so the current key_search -> QUESTION -> key_import
workflow does not apply.
Since only the ID of the package signing key is available before
key_search, we display the packager variable in addition to the key ID
for user convenience.
Signed-off-by: Jonas Witschel <diabonas@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Downloads with a Content-Disposition header will typically not include
slashes. When they do, we should most certainly only take the basename,
but when they don't, we should treat the header value as the filename.
Crash introduced in d197d8ab82cf when we started using get_filename
in order to rightfully avoid an arbitrary file overwrite vulnerability.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
If we use make dist to create the official, signed release tarballs,
those will not have meson build files by default since autotools doesn't
know what they are.
Also distribute all src/common/ files. We never strictly needed any of
them to be distributed with autotools, because the dist tarball
dereferences the symlinks (???), but only some of them were being
distributed, and meson needs them to be in the right location as we only
build libcommon from the primary files.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Currently when caling alpm_trans_commit, if fetching a package restults
in a 404 (or other non 400 response code), the function returns -1 but
errno is never set.
This patch sets errno to ALPM_ERR_RETRIEVE.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
%X is locale-dependent, making it impossible to reliably parse and
potentially overflowing the buffer. %T is consistent across locales.
Also fixes some adjacent whitespace.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Credit to Andrew for identifying source of the leak.
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Make it clearer that the targets are matched against both directories
and regular files and free up File to potentially refer specifically to
regular files in the future. File is retained as a deprecated alias for
Path for the time being to avoid breaking existing hooks and will be
removed in a future release.
See FS#53136.
Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
|
|
Clang 8 warns that adding a string to an integer does not append to
string. Indeed it doesn't, but that was not the intentetion. Use array
indexing as suggested by the compiler to silence the warning. There
should be no functional change.
Example of warning message:
alpm.c:71:54: warning: adding 'int' to a string does not append to the string [-Wstring-plus-int]
sprintf(hookdir, "%s%s", myhandle->root, SYSHOOKDIR + 1);
~~~~~~~~~~~^~~
alpm.c:71:54: note: use array indexing to silence this warning
sprintf(hookdir, "%s%s", myhandle->root, SYSHOOKDIR + 1);
^
& [ ]
1 warning generated.
|
|
gpgme in git master now supports pkg-config and with the next release we
can and should prefer its use. However, retain the legacy code that
enables building with older versions of gpgme, as a fallback.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
|