[pacman-dev] [PATCH 1/1] be_sync: use effective URL for db file signature download
Dave Reisner
d at falconindy.com
Thu Oct 16 11:40:03 UTC 2014
On Mon, Oct 06, 2014 at 01:00:38PM +0200, Christian Hesse wrote:
> From: Christian Hesse <mail at eworm.de>
>
> If download server is dynamic mirror chances are that db file download
> and db file signature download are redirected to different mirrors,
> resulting in invalid signature.
> This uses effective URL for db file signature download and makes the
> files always match.
>
> Signed-off-by: Christian Hesse <mail at eworm.de>
> ---
> lib/libalpm/be_sync.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/lib/libalpm/be_sync.c b/lib/libalpm/be_sync.c
> index b03d273..6572a8a 100644
> --- a/lib/libalpm/be_sync.c
> +++ b/lib/libalpm/be_sync.c
> @@ -209,6 +209,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db)
> }
>
> for(i = db->servers; i; i = i->next) {
> + char *final_db_url = NULL;
> const char *server = i->data;
> struct dload_payload payload;
> size_t len;
> @@ -228,7 +229,7 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db)
> payload.force = force;
> payload.unlink_on_fail = 1;
>
> - ret = _alpm_download(&payload, syncpath, NULL, NULL);
> + ret = _alpm_download(&payload, syncpath, NULL, &final_db_url);
> _alpm_dload_payload_reset(&payload);
>
> if(ret == 0 && (level & ALPM_SIG_DATABASE)) {
> @@ -242,11 +243,11 @@ int SYMEXPORT alpm_db_update(int force, alpm_db_t *db)
> free(sigpath);
>
> /* if we downloaded a DB, we want the .sig from the same server */
> - /* print server + filename into a buffer (leave space for .sig) */
> - len = strlen(server) + strlen(db->treename) + 9;
> + /* print final_db_url into a buffer (leave space for .sig) */
> + len = strlen(final_db_url) + 5;
> /* TODO fix leak syncpath and umask unset */
> MALLOC(payload.fileurl, len, RET_ERR(handle, ALPM_ERR_MEMORY, -1));
> - snprintf(payload.fileurl, len, "%s/%s.db.sig", server, db->treename);
> + snprintf(payload.fileurl, len, "%s.sig", final_db_url);
final_db_url leaks here. You need to free it.
Patch looks fine, otherwise.
> payload.handle = handle;
> payload.force = 1;
> payload.errors_ok = (level & ALPM_SIG_DATABASE_OPTIONAL);
> --
> 2.1.2
More information about the pacman-dev
mailing list