Allan McRae pushed to branch release/6.0.x at Pacman / Pacman

Commits:

• ec0bf17c
  by Andrew Gregory at 2022-10-02T11:14:00+10:00

  remove YouCompleteMe config
  
  Added, seemingly by accident, with meson in
  51db84750ece4de58923d4ce43cb0638ef150f5f
  
  Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com>
  (cherry picked from commit 529e208f39a02f5e8347f8e97b4748ef4b69b004)
  

• e56c7a3f
  by Carlo Teubner at 2022-10-02T11:14:31+10:00

  "pacman -Q --changelog": fix writing uninit'd mem
  
  Previously, when printing a package changelog to stdout, we would write
  chunks of data that were not necessarily nul-terminated to stdout using
  a function (fputs) which requires the input string to be nul-terminated.
  
  On my system, this would result in occasional garbage characters showing
  up in the "pacman -Qc" output.
  
  Fix this by never nul-terminating the chunk, and using the fwrite()
  function which takes an explicit input size and does not require a
  nul-terminated string.
  
  Signed-off-by: Carlo Teubner <carlo@cteubner.net>
  (cherry picked from commit 806ccd90ede19a69a013206641e5c6e330950d07)
  

• 53289acd
  by morganamilo at 2022-10-02T11:14:59+10:00

  alpm: fix wrong access() being used
  
  When removing files we check _alpm_access() to see if we can write
  (delete) the file. If not, we check if the file exists because if the
  file does not exist then we don't actually need to remove it so there's
  no issue.
  
  However the second call uses acess() instead of _alpm_access() which
  does not the rootdir into account.
  
  (cherry picked from commit 5287cc7251759d619382d702161dae79fa121ded)
  

• 0352053e
  by Allan McRae at 2022-10-02T11:15:37+10:00

  LTO: Add -flto to LDFLAGS for clang
  
  GCC automatically detects when it is linking LTO objects, but clang does
  not.  Add -flto to LDFLAGS to make this work for clang too.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 26ee6ff6adbcd8560ec3a65cf219d2ab98edb804)
  

• ff91a9d4
  by morganamilo at 2022-10-02T11:16:22+10:00

  alpm: return -1 for error in find_dl_candidates
  
  This is the error value generally used and the calling function
  explicitly checks for -1, later causing the error to be missed
  and the transaction to continue.
  
  > pacman -S xterm
  warning: xterm-369-1 is up to date -- reinstalling
  resolving dependencies...
  looking for conflicting packages...
  
  Package (1)  Old Version  New Version  Net Change  Download Size
  
  extra/xterm  369-1        369-1          0.00 MiB       0.42 MiB
  
  Total Download Size:   0.42 MiB
  Total Installed Size:  1.05 MiB
  Net Upgrade Size:      0.00 MiB
  
  :: Proceed with installation? [Y/n]
  error: no servers configured for repository: extra
  (1/1) checking keys in keyring                                                                 [--------------------------------------------------------] 100%
  (1/1) checking package integrity                                                               [--------------------------------------------------------] 100%
  error: failed to commit transaction (wrong or NULL argument passed)
  Errors occurred, no packages were upgraded.
  
  (cherry picked from commit 58c81fa2139a1e928f2a0e673c76f9d6ea684a1b)
  

• 95ef9899
  by Xiretza at 2022-10-02T11:16:56+10:00

  makepkg: use -ffile-prefix-map instead of -fdebug-prefix-map
  
  >From gcc(1):
  
  -ffile-prefix-map=old=new
  	[...] Specifying this option is equivalent to specifying all the
  	individual -f*-prefix-map options. This can be used to make reproducible
  	builds that are location independent.
  
  Specifically, this additionally enables -fmacro-prefix-map=, which causes
  prefix mapping to be applied to expansions of __FILE__ and similar macros.
  
  Without this option, if source files are compiled by passing the
  absolute file path to the compiler (as done by e.g. cmake), any
  expansions of __FILE__ (e.g. from uses of assert()) will contain
  $srcdir.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit e37f7d8b6b4d2f9accf97eb96d0eacbddf2a1345)
  

• 6c880acb
  by Morten Linderud at 2022-10-02T11:18:33+10:00

  makepkg: Use pkgbase in pkgdesc for debug packages
  
  When trying to identify debug packages among other packages we
  discovered that it's pkgname used in pkgdesc. Since pkgname can
  sometimes be an array when building debug packages for a split package,
  this could potentially include a pkgname that might not make sense
  depending on the order of the array.
  
  This patch simply uses pkgbase as it seems more correct.
  
  Signed-off-by: Morten Linderud <morten@linderud.pw>
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 2fe1ba5d817d1e51188de1b63fcd61e7d7ad173a)
  

• 23e337ba
  by Allan McRae at 2022-10-02T11:19:09+10:00

  libmakepkg: add extra buildflags only when buildflags is not disabled
  
  This means options=('!buildflags') will disable the addition of CFLAG
  etc for LTO and debug building.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 42fe4864a0c8e2846007ffee532fe0cf4b321cdd)
  

• c4a21f33
  by Morten Linderud at 2022-10-02T11:19:25+10:00

  strip: Use debugedit instead of AWK to parse source files
  
  This moves us from the fairly ugly AWK parsing line to debugedit which
  originally comes out of the rpm project.
  
  The original code has issues parsing anything that was not straight
  C/C++ and languages like Rust or Go would return invalid source code
  files. debugedit handles all these cases better.
  
  Fixes FS#66755
  Fixes FS#66888
  Fixes FS#65677
  
  Signed-off-by: Morten Linderud <morten@linderud.pw>
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit ae2f506ddfd11d9becda7216033fe1b159536982)
  

• 51354b7d
  by Evangelos Foutras at 2022-10-02T11:20:32+10:00

  Make link time optimization flags configurable
  
  We want to use -flto=auto in Arch Linux to speed up building, but we
  can't hardcode it in buildenv/lto.sh because other downstreams might
  have clang < 13.0.0 which did not recognize -flto=auto as equivalent
  to -flto=full.
  
  Introducing an LTOFLAGS variable to makepkg.conf seems the way to go.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit e1ce2351f5c00dd90104e0f4ce3bf176da28af08)
  

• c974d6d2
  by Allan McRae at 2022-10-02T11:23:51+10:00

  Ensure WKD key lookup returns the correct key
  
  Looking up a key using WKD just ensures you have a key with the
  same email address, it does not ensure that a key with the correct
  fingerprint has been downloaded.
  
  Check a key with the relevant fingerprint is available after a
  WKD import.
  
  (cherry picked from commit e1246baddd14ec6f4b6270b59bea0e1b639472a7)
  

• 2c83cd08
  by Allan McRae at 2022-10-02T11:23:51+10:00

  Fix segfault when failing to import keys
  
  Avoid a segfault when a search of the keyserver returns that the
  key is found but returns no primary IDs.  We are then likely going
  to fail the import, but attempt anyway because no-one know what
  a keyserver will do!
  
  Fixes FS#73534.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 6b37d9943183f662cbd9be9031e5e7ba6fd6bea1)
  

• b187daef
  by Allan McRae at 2022-10-02T11:23:51+10:00

  Do not use WKD to import keys for package installs from a file
  
  In order to use WKD in pacman -U/--upgrade operations, we need to
  get the packager information from the .PKGINFO within the package.
  That has obvious security implications. e.g. something like this
  could convince a user to download a different key to what they
  expect:
  
  packager = foo bar <>^[[2K^[[0G:: Import PGP key DEADBEEF, "foo <bar>
  
  While downloading an untrusted key has little impact due to the
  web-of-trust model used by pacman, this could be bad in combination
  with an exploit that allowed trust of keys in the keyring to be
  altered.
  
  To be safe, do not use WKD when installing using -U.
  
  Fixes FS#73703.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 632eb9739d23181996cc3f4fb069b81eb0e998c7)
  

• 3bad9848
  by Allan McRae at 2022-10-02T11:23:51+10:00

  Avoid information leakage with badly formed download header
  
  Parsing of Content-Disposition relies on well formed headers.
  A malformed header such as:
  
  Content-Disposition="";
  
  will result in a strnduppayload->content_disp_name, -1, ptr),
  which will copy memory until it hits a \0.
  
  Prevent this by only copying the value if it exists.
  
  Fixes FS#73704.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 40583ebe892018587ef354993dee15cff9c808d6)
  

• a1837fa5
  by Jonas Witschel at 2022-10-02T11:23:51+10:00

  makepkg: use bsdtar --no-read-sparse for archive creation if available
  
  bsdtar uses the "pax" TAR archive format by default, which has support for
  storing sparse file information in the archive. Unfortunately this is a source
  of unreproducibility because the sparse encoding is taken from the file system
  and different file systems handle sparse files differently: some file systems
  have no support for sparsely encoded files at all, and even file systems with
  sparse file support can report different file information for identical files
  due to differing implementations.
  
  As a real world example where this happens, consider the Arch Linux package
  "brotli-testdata 1.0.9-7", which contains a sparsely encoded all-zeros file
  "usr/share/brotli/testdata/zeros". Building this package on a btrfs file system
  yields a different package than building it on tmpfs or ext4 solely due to
  different sparse file information that gets recorded in the package tarball.
  
  To improve the reproducibility of archives containing sparsely encoded files,
  libarchive version 3.6.0 introduces a new --no-read-sparse option. This skips
  reading sparse file information from disk entirely and therefore stores files
  "expanded" in the archive, which is the only way to make them reliably
  reproducible across file systems.
  
  makepkg will use this option if libarchive is recent enough to support it,
  which is detected at build time.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit f5f9e0f4ea30503657944b5c34690bd36069b07e)
  

• ce40629b
  by Allan McRae at 2022-10-02T11:24:15+10:00

  libmakepkg: Do not "strip" files when the format is not recognised
  
  We use a multi step process during stripping to ensure permissions do
  not get changed.  However, if the initial objcopy fails, the subsequent cat
  results in a blank file.  Abandon early if objcopy fails.
  
  Fixes FS#74486
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 18152a211aeee07e655c2cc4438c25e558e3b8aa)
  

• d55924db
  by Morten Linderud at 2022-10-02T11:24:47+10:00

  debugflags: Ensure we have unique source paths
  
  In some cases packages are built outside of a directory which contains
  pkgname-pkgver, this results in source listing in debug packages having
  a conflicting path like `/usr/src/debug/build/` which is not ideal.
  
  This patch ensures we always include the pkgbase to ensure the paths are
  unique.
  
  Signed-off-by: Morten Linderud <morten@linderud.pw>
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 776b7c1e75f24b9cab86b797c1acf549c7da2c46)
  

• 4b21c60e
  by Allan McRae at 2022-10-02T11:25:22+10:00

  Correctly handle failure in getting build or install dates
  
  alpm_pkg_get_builddate() and alpm_pkg_get_installdate() both return -1 on
  error. Correctly handle the error condition in pacman.
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit 7bcc2d9b233dea3d7ed3824cc33d635d024d0784)
  

• 958475a7
  by Kristian Klausen at 2022-10-02T11:26:04+10:00

  pacman-key: Don't check gpg's trustdb after each key revocation
  
  The trustdb is marked as dirty when a key is revoked[1] and GPG will
  recheck it the next time. Checking the trustdb can take 300-500ms which
  with 52 revoked keys (and counting) adds up.
  
  This is very noticeable when initializing and populating pacman's
  keyring like archiso is doing[2]. It is also unnecessary as the trustdb
  is always checked as the last step when populating the keyring.
  
  [1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keyedit.c;h=1cb62de8a87a823e06b2ed74efdc9e7a4cd99e2b;hb=refs/heads/STABLE-BRANCH-2-2#l6509
  [2] https://gitlab.archlinux.org/archlinux/archiso/-/issues/191
  
  (cherry picked from commit 673ce1ab10a652948f4f62bbbe8d12c5f4932cb0)
  

• 1daabff0
  by Allan McRae at 2022-10-02T11:26:26+10:00

  Gitlab CI: Install glibc-debug valgrind test
  
  Currently our gitlab CI is failing due to valgrind breakage. With
  Arch stripping glibc, valgrind now requires debuginfod to be active.
  However the gitlab CI system combined without our testsuite does not
  retrieve these symbols, even when the appropriate environmental
  variable is set.
  
  Work around this by installing the glibc-debug package directly
  using a slight kludge...  All blame for this approach is assigned
  to foutrelis!
  
  Signed-off-by: Allan McRae <allan@archlinux.org>
  (cherry picked from commit d1e95c4e540283ff5d2a108459582ce2fa05c6ff)
  

20 changed files:

• .gitlab-ci.yml
• − .ycm_extra_conf.py
• build-aux/edit-script.sh.in
• doc/makepkg.conf.5.asciidoc
• etc/makepkg.conf.in
• lib/libalpm/be_package.c
• lib/libalpm/dload.c
• lib/libalpm/remove.c
• lib/libalpm/signing.c
• lib/libalpm/sync.c
• meson.build
• scripts/libmakepkg/buildenv/buildflags.sh.in
• scripts/libmakepkg/buildenv/debugflags.sh.in
• scripts/libmakepkg/buildenv/lto.sh.in
• + scripts/libmakepkg/executable/debugedit.sh.in
• scripts/libmakepkg/lint_config/variable.sh.in
• scripts/libmakepkg/tidy/strip.sh.in
• scripts/makepkg.sh.in
• scripts/pacman-key.sh.in
• src/pacman/package.c