[pacman-dev] [GIT] The official pacman repository branch, master, updated. v5.0.1-208-g3a9a510c
Allan McRae
allan at archlinux.org
Mon Jan 8 03:54:14 UTC 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The official pacman repository".
The branch, master has been updated
via 3a9a510ca873df123a117133c7cb3ebaa711159c (commit)
via 8bf972824a331ebcb30de01103b26b92b6792d59 (commit)
via eba623b44377682534763b4222a660d3e6d60932 (commit)
via 59bb21fce369e6453e00791cbb788e502e4039e9 (commit)
via d0981d4c5b59d724d9b7989b1083c2c0e9f839b2 (commit)
via 3d4e95e5262a8886a5e775c999fa48ed6a78e179 (commit)
via 135f4397c2473844bc060e967dbe1b248b444301 (commit)
via 8bec63bf92d8dd028aa88dbd5109c314cdb9ebea (commit)
via 259d521e37c4cbcdbdc074e6cf832d233f2a9528 (commit)
via 1825bd6716c2a51c92642e8b96beac0101e83805 (commit)
via 2fb8081d059cae1f6d22a0b63c3714b51c1c1093 (commit)
via c50ce453dc4adc1339577e3f0f1010590be3724f (commit)
via ad0517d3711b6826cd7a95b99beb36ccd072c2e0 (commit)
via 44f3a157983e903f926b4f11ddb3f57d111e60f9 (commit)
via ab2be5794de8a57426ec3fc0f631cc766a0b8227 (commit)
via 67ce123457cf9c0ee9d4298776ae563202214c69 (commit)
from e4f13e62cf74393e811dd247a28b887935ce6a56 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3a9a510ca873df123a117133c7cb3ebaa711159c
Author: Andrew Gregory <andrew.gregory.8 at gmail.com>
Date: Wed Dec 20 23:22:36 2017 -0500
do not rely on name hashes for matching
6cfc4757b98e813428d261dbc185e20618ca83a6 was overzealous in attempting
to optimize away a call to strcmp based on a comparison of hashes. The
call can be skipped if the hashes are different, but different strings
could have the same hash.
Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 8bf972824a331ebcb30de01103b26b92b6792d59
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Sun Dec 17 14:28:24 2017 -0500
vercmp: fix incorrect info in the manpage
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit eba623b44377682534763b4222a660d3e6d60932
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Sun Dec 17 14:28:23 2017 -0500
vercmp: remove --usage variant of the -help option
I think two ways to ask for this are enough for everyone, and we have
never documented this anyway.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 59bb21fce369e6453e00791cbb788e502e4039e9
Author: Andrew Gregory <andrew.gregory.8 at gmail.com>
Date: Sat Dec 16 12:41:11 2017 -0500
dload: ensure callback is always initialized once
Frontends rely on an initialization call for setup between downloads.
Checking for intialization after checking for a completed download can
skip initialization in cases where files are small enough to be
downloaded all at once (FS#56408). Relying on previous download size
can result in multiple initializations if there are multiple
non-transfer events prior to the download starting (fS#56468).
Introduce a new cb_initialized variable to the payload struct and use it
to ensure that the callback is initialized exactly once prior to any
actual events.
Fixes FS#56408, FS#56468
Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit d0981d4c5b59d724d9b7989b1083c2c0e9f839b2
Author: Andrew Gregory <andrew.gregory.8 at gmail.com>
Date: Sat Dec 16 12:41:10 2017 -0500
avoid printing NULL string
Signed-off-by: Andrew Gregory <andrew.gregory.8 at gmail.com>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 3d4e95e5262a8886a5e775c999fa48ed6a78e179
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Tue Nov 21 23:34:47 2017 -0500
libmakepkg/integrity: fix git signatures not seen with multiple files
In eaa82b4d0775252856a4e54a6f2a9ea191cf0b8f source_has_signature() was
modified to check if git repositories are marked as signed. However, due
to a typo the unused variable $netfile was checked. This worked as long
as the last source element was marked as signed, due to $netfile being
mistakenly set as a global in check_vcs_software(), but usually failed
with multiple sources.
Break this more consistently by properly declaring $netfile as a local
variable in check_vcs_software() which it should be regardless. Fix it
again by completely moving over to $netfile in source_has_signature()
as netfile is more descriptive of the current state.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 135f4397c2473844bc060e967dbe1b248b444301
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Tue Nov 21 23:34:46 2017 -0500
libmakepkg/integrity: fix regression that broke invalid file sigs
In 42e7020281d3ae260e1e9693495f527b7f476625 creating the gpg statusfile
for a source file was split into a separate function, which used the
return code to indicate unsigned files and proto-specific errors.
However, the fallback return code was set by the final gpg invocation,
which would be 1 if the signature was somehow broken (for example, the
key was not available in the gpg keyring). As a result makepkg thought
that file did not have a signature and skipped over it rather than
erroring out.
Fix this by explicitly setting the return code for all
verify_*_signature() functions.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 8bec63bf92d8dd028aa88dbd5109c314cdb9ebea
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Mon Oct 30 14:35:23 2017 -0400
makepkg: tell the compiler to record debugging info for debug packages
In commit 8b0d59b83a60eb504567590346119fe4cd891cad support was added for
storing the source files of binaries in debug packages. This made use of
the debugedit program which is part of the RPM package manager, which is
not very standalone.
The same effect can be achieved using -fdebug-prefix-map, an option
accepted by both the gcc and clang compilers which modifies how the
compiler itself stores the references to the source files rather than
requiring us to later edit the produced binaries. This also removes the
dependency on external programs like debugedit.
As a result of this change, source files will only be effectively added
for programs which actually use the exported CFLAGS. This is a reasonable
tradeoff as we expect our CFLAGS to be used rather than ignored. Upstream
software which do not produce useful debug packages are expected to fix
their build systems to respect the environment CFLAGS.
As a result of this change, the routine for extracting source filenames
from binaries had to be modified to derive the source file from the
final debug location, rather than the other way around.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 259d521e37c4cbcdbdc074e6cf832d233f2a9528
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Mon Oct 30 14:35:22 2017 -0400
makepkg: Add a config option to specify the location of debug sources
In commit 8b0d59b83a60eb504567590346119fe4cd891cad support was added for
storing the source files of binaries in debug packages. Allow the user
to specify where those source files should be stored via makepkg.conf
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 1825bd6716c2a51c92642e8b96beac0101e83805
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Sun Aug 27 21:37:20 2017 -0400
makepkg: refactor archive compression for reusability
This allows for more easily extending the list of allowed compression
methods, as it has to be modified in only one place.
Also allow the user to specify their own preferred command + options for
source packages in addition to compiled packages. Currently,
makepkg.conf(5) erroneously claims this is already possible.
commit 2fb8081d059cae1f6d22a0b63c3714b51c1c1093
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Mon Oct 30 14:15:16 2017 -0400
libmakepkg: fix .gitignore to simply ignore all generated .sh files
Prior to commit aca153bfa6b1bcd828f0b35db453bb9fea6a08bf some .sh files
were not generated and simply included directly, and it was necessary to
explicitly iterate all ignored files to prevent git from ignoring the
directly-included files. However, now all .sh files are in fact
generated so it makes no sense to list each one separately in the
.gitignore file.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit c50ce453dc4adc1339577e3f0f1010590be3724f
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Mon Oct 30 14:03:28 2017 -0400
makepkg: reorganize the restoration of settings by precedence
The extra variables on the commandline were inconsistently applied. They
should override anything else, instead, most were overridden by
environment variables with the exception of BUILDDIR (and this was not
sanity-checked to see if it had write permissions).
e.g. given the commandline:
`PKGDEST="$(pwd)"` BUILDDIR="$(pwd)" makepkg PKGDEST=/doesnt/exist BUILDDIR=/doesnt/exist`
We would incorrectly use the current working directory for PKGDEST.
Meanwhile, we checked the wrong directory for BUILDDIR, and later
errored when we tried to create $srcdir inside the non-writable
directory "/doesnt/exist".
In order to fix this, use the preferred bash builtin for saving variable
definitions, similar to how we restore traps etc. rather than tediously
redefining each one by hand, and restore this immediately after
makepkg.conf is sourced. Finally, the `make`-style commandline overrides
are applied.
Also canonicalize_path is applied only on the final paths we try to use.
While it is unlikely the value in makepkg.conf will be a relative path,
since we now properly respect commandline overrides, they should be
canonicalized as well.
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit ad0517d3711b6826cd7a95b99beb36ccd072c2e0
Author: Nils Freydank <holgersson at posteo.de>
Date: Fri Oct 20 22:42:32 2017 +0200
Fix CVE-2016-5434 (DoS/loop and out of boundary read)
This is a rewrite of Tobias Stoeckmann’s patch from June 2016[1] using
functions instead of macros. (Thanks to Tobias for explanations of his patch.)
A short question on Freenode IRC showed that macros are generally discouraged
and functions should be used.
The patch introduces a static size_t length_check() in libalpm/signing.c.
[1] Original patch:
https://lists.archlinux.org/pipermail/pacman-dev/2016-June/021148.html
CVE request (and assignment):
http://seclists.org/oss-sec/2016/q2/526
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 44f3a157983e903f926b4f11ddb3f57d111e60f9
Author: Eli Schwartz <eschwartz at archlinux.org>
Date: Tue Sep 26 12:16:39 2017 -0400
makepkg.conf: correct the documentation on the default options
The documentation for OPTIONS and BUILDENV listed some incorrect
defaults for undefined options. The defaults are implementation-defined
in the source code for makepkg itself (e.g. it depends whether we use
`check_option "opt" "y"` or `check_option "opt" "n"`) but were
erroneously declared to be "whatever we *define* in the default
makepkg.conf".
Fixes FS#55754
Signed-off-by: Eli Schwartz <eschwartz at archlinux.org>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit ab2be5794de8a57426ec3fc0f631cc766a0b8227
Author: Ivy Foster <ivy.foster at gmail.com>
Date: Fri Sep 22 13:01:09 2017 -0500
makepkg: implement error codes
For your convenience, makepkg now has 16 distinct ways to fail.
Also closes FS#54204.
Signed-off-by: Ivy Foster <iff at escondida.tk>
Signed-off-by: Allan McRae <allan at archlinux.org>
commit 67ce123457cf9c0ee9d4298776ae563202214c69
Author: Ivy Foster <ivy.foster at gmail.com>
Date: Fri Sep 22 12:25:06 2017 -0500
makepkg: clarify error when user passes -F
Signed-off-by: Allan McRae <allan at archlinux.org>
-----------------------------------------------------------------------
Summary of changes:
doc/makepkg.8.txt | 57 ++++++
doc/makepkg.conf.5.txt | 10 +-
doc/vercmp.8.txt | 12 +-
etc/makepkg.conf.in | 6 +-
lib/libalpm/be_sync.c | 2 +-
lib/libalpm/deps.c | 6 +-
lib/libalpm/dload.c | 9 +-
lib/libalpm/dload.h | 1 +
lib/libalpm/signing.c | 48 ++++-
scripts/Makefile.am | 2 +
scripts/libmakepkg/.gitignore | 18 +-
.../libmakepkg/integrity/verify_signature.sh.in | 10 +-
scripts/libmakepkg/tidy/strip.sh.in | 9 +-
scripts/libmakepkg/util/compress.sh.in | 47 +++++
.../{lint_pkgbuild.sh.in => util/error.sh.in} | 51 +++--
scripts/makepkg.sh.in | 215 +++++++++------------
src/util/vercmp.c | 3 +-
17 files changed, 299 insertions(+), 207 deletions(-)
create mode 100644 scripts/libmakepkg/util/compress.sh.in
copy scripts/libmakepkg/{lint_pkgbuild.sh.in => util/error.sh.in} (53%)
hooks/post-receive
--
The official pacman repository
More information about the pacman-dev
mailing list