[pacman-dev] [PATCH 1/4] pacman-key: ensure array iterations are quoted
When doing something like `pacman-key --edit-key 'Dan McGee'`, one would expect it to work, and not fail. Signed-off-by: Dan McGee <dan@archlinux.org> --- scripts/pacman-key.sh.in | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index 2a78803..b3f5259 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -203,7 +203,7 @@ verify_keyring_input() { # Verify signatures of keyring files and association revocation files if they exist msg "$(gettext "Verifying keyring file signatures...")" local keyring - for keyring in ${KEYRINGIDS[@]}; do + for keyring in "${KEYRINGIDS[@]}"; do if ! "${GPG_PACMAN[@]}" --verify "${KEYRING_IMPORT_DIR}/${keyring}.gpg.sig" &>/dev/null; then error "$(gettext "The signature of file %s is not valid.")" "${ADDED_KEYS}" ret=1 @@ -239,7 +239,7 @@ populate_keyring() { fi else # verify listed keyrings exist - for keyring in ${KEYRINGIDS[@]}; do + for keyring in "${KEYRINGIDS[@]}"; do if [[ ! -f "$KEYRING_IMPORT_DIR/$keyring.gpg" ]]; then error "$(gettext "The keyring file %s does not exist.")" "$KEYRING_IMPORT_DIR/$keyring.gpg" ret=1 @@ -258,7 +258,7 @@ populate_keyring() { local key_id # Add keys from requested keyrings - for keyring in ${KEYRINGIDS[@]}; do + for keyring in "${KEYRINGIDS[@]}"; do msg "$(gettext "Appending keys from %s.gpg...")" "$keyring" local add_keys="$("${GPG_NOKEYRING[@]}" --keyring "${KEYRING_IMPORT_DIR}/${keyring}.gpg" --with-colons --list-keys | grep ^pub | cut -d: -f5)" for key_id in ${add_keys}; do @@ -270,7 +270,7 @@ populate_keyring() { # to key ids is important, because key ids are the only guarantee of identification # for the keys. local -A removed_ids - for keyring in ${KEYRINGIDS[@]}; do + for keyring in "${KEYRINGIDS[@]}"; do if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then while read key; do local key_values name @@ -313,7 +313,7 @@ populate_keyring() { edit_keys() { local errors=0; - for key in ${KEYIDS[@]}; do + for key in "${KEYIDS[@]}"; do # Verify if the key exists in pacman's keyring if ! "${GPG_PACMAN[@]}" --list-keys "$key" &>/dev/null; then error "$(gettext "The key identified by %s does not exist")" "$key" @@ -322,7 +322,7 @@ edit_keys() { done (( errors )) && exit 1; - for key in ${KEYIDS[@]}; do + for key in "${KEYIDS[@]}"; do "${GPG_PACMAN[@]}" --edit-key "$key" done } -- 1.7.6.3
* Ensure usage message is indented correctly * Show short filenames for both the gpg keyring and revocation file Signed-off-by: Dan McGee <dan@archlinux.org> --- scripts/pacman-key.sh.in | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/pacman-key.sh.in b/scripts/pacman-key.sh.in index b3f5259..82131e9 100644 --- a/scripts/pacman-key.sh.in +++ b/scripts/pacman-key.sh.in @@ -80,7 +80,7 @@ usage() { echo "$(gettext " --keyserver Specify a keyserver to use if necessary")" echo "$(gettext " --list-sigs [keyid(s)] List keys and their signatures")" echo "$(gettext " --lsign-key <keyid> Locally sign the specified keyid")" - printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\ + printf "$(gettext " --populate [keyring(s)] Reload the default keys from the (given) keyrings\n\ in '%s'")\n" "@pkgdatadir@/keyrings" echo "$(gettext " --refresh-keys [keyid(s)] Update specified or all keys from a keyserver")" } @@ -205,13 +205,13 @@ verify_keyring_input() { local keyring for keyring in "${KEYRINGIDS[@]}"; do if ! "${GPG_PACMAN[@]}" --verify "${KEYRING_IMPORT_DIR}/${keyring}.gpg.sig" &>/dev/null; then - error "$(gettext "The signature of file %s is not valid.")" "${ADDED_KEYS}" + error "$(gettext "The signature of file %s is not valid.")" "${keyring}.gpg" ret=1 fi if [[ -f "${KEYRING_IMPORT_DIR}/${keyring}-revoked" ]]; then if ! "${GPG_PACMAN[@]}" --verify "${KEYRING_IMPORT_DIR}/${keyring}-revoked.sig" &>/dev/null; then - error "$(gettext "The signature of file %s is not valid.")" "${KEYRING_IMPORT_DIR}/${keyring}-revoked" + error "$(gettext "The signature of file %s is not valid.")" "${keyring}-revoked" ret=1 fi fi -- 1.7.6.3
This one can be overwhelming when reading debug output from a very large package. We already have the output of each extracted file so we probably can do without this in 99.9% of cases. Signed-off-by: Dan McGee <dan@archlinux.org> --- lib/libalpm/add.c | 3 --- 1 files changed, 0 insertions(+), 3 deletions(-) diff --git a/lib/libalpm/add.c b/lib/libalpm/add.c index eb05f84..170d09e 100644 --- a/lib/libalpm/add.c +++ b/lib/libalpm/add.c @@ -584,9 +584,6 @@ static int commit_single_pkg(alpm_handle_t *handle, alpm_pkg_t *newpkg, * (missing metadata sizes) */ int64_t pos = archive_position_compressed(archive); percent = (pos * 100) / newpkg->size; - _alpm_log(handle, ALPM_LOG_DEBUG, "decompression progress: " - "%d%% (%"PRId64" / %jd)\n", - percent, pos, (intmax_t)newpkg->size); if(percent >= 100) { percent = 100; } -- 1.7.6.3
This takes the libraries hidden default out of the equation: hidden in the sense that we can't even find out what it is until we create a handle. This is a chicken-and-egg problem where we have probably already parsed the config, so it is hard to get the bitmask value right. Move it to the frontend so the caller can do whatever the heck they want. This also exposes a shortcoming where the frontend doesn't know if the library even supports signatures, so we should probably add a alpm_capabilities() method which exposes things like HAS_DOWNLOADER, HAS_SIGNATURES, etc. Signed-off-by: Dan McGee <dan@archlinux.org> --- lib/libalpm/handle.c | 7 +------ src/pacman/conf.c | 3 ++- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/libalpm/handle.c b/lib/libalpm/handle.c index dcd81ce..7402be5 100644 --- a/lib/libalpm/handle.c +++ b/lib/libalpm/handle.c @@ -39,17 +39,12 @@ #include "trans.h" #include "alpm.h" -alpm_handle_t *_alpm_handle_new() +alpm_handle_t *_alpm_handle_new(void) { alpm_handle_t *handle; CALLOC(handle, 1, sizeof(alpm_handle_t), return NULL); -#ifdef HAVE_LIBGPGME - handle->siglevel = ALPM_SIG_PACKAGE | ALPM_SIG_PACKAGE_OPTIONAL | - ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; -#endif - return handle; } diff --git a/src/pacman/conf.c b/src/pacman/conf.c index e8b34f7..7f4b006 100644 --- a/src/pacman/conf.c +++ b/src/pacman/conf.c @@ -54,7 +54,8 @@ config_t *config_new(void) newconfig->op = PM_OP_MAIN; newconfig->logmask = ALPM_LOG_ERROR | ALPM_LOG_WARNING; newconfig->configfile = strdup(CONFFILE); - newconfig->siglevel = ALPM_SIG_USE_DEFAULT; + newconfig->siglevel = ALPM_SIG_PACKAGE | ALPM_SIG_PACKAGE_OPTIONAL | + ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL; return newconfig; } -- 1.7.6.3
participants (1)
-
Dan McGee