repo: Add a "gpg-verify-result" signal
Emitted during a pull operation upon GPG verification (if enabled). Applications can connect to this signal to output the verification results if desired.
This commit is contained in:
Matthew Barnes
parent
d0770e9993
commit
20076ff201
|
|
@ -962,13 +962,29 @@ scan_commit_object (OtPullData *pull_data,
|
||||||
|
|
||||||
if (pull_data->gpg_verify)
|
if (pull_data->gpg_verify)
|
||||||
{
|
{
|
||||||
if (!ostree_repo_verify_commit (pull_data->repo,
|
gs_unref_object OstreeGpgVerifyResult *result = NULL;
|
||||||
checksum,
|
|
||||||
NULL,
|
result = ostree_repo_verify_commit_ext (pull_data->repo,
|
||||||
NULL,
|
checksum,
|
||||||
cancellable,
|
NULL,
|
||||||
error))
|
NULL,
|
||||||
|
cancellable,
|
||||||
|
error);
|
||||||
|
|
||||||
|
if (result == NULL)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
|
/* Allow callers to output the results immediately. */
|
||||||
|
g_signal_emit_by_name (pull_data->repo,
|
||||||
|
"gpg-verify-result",
|
||||||
|
checksum, result);
|
||||||
|
|
||||||
|
if (ostree_gpg_verify_result_count_valid (result) == 0)
|
||||||
|
{
|
||||||
|
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
|
||||||
|
"GPG signatures found, but none are in trusted keyring");
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!ostree_repo_load_variant (pull_data->repo, OSTREE_OBJECT_TYPE_COMMIT, checksum,
|
if (!ostree_repo_load_variant (pull_data->repo, OSTREE_OBJECT_TYPE_COMMIT, checksum,
|
||||||
|
|
|
||||||
|
|
@ -77,6 +77,10 @@
|
||||||
*/
|
*/
|
||||||
typedef struct {
|
typedef struct {
|
||||||
GObjectClass parent_class;
|
GObjectClass parent_class;
|
||||||
|
|
||||||
|
void (*gpg_verify_result) (OstreeRepo *self,
|
||||||
|
const char *checksum,
|
||||||
|
OstreeGpgVerifyResult *result);
|
||||||
} OstreeRepoClass;
|
} OstreeRepoClass;
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
|
|
@ -85,6 +89,13 @@ enum {
|
||||||
PROP_PATH
|
PROP_PATH
|
||||||
};
|
};
|
||||||
|
|
||||||
|
enum {
|
||||||
|
GPG_VERIFY_RESULT,
|
||||||
|
LAST_SIGNAL
|
||||||
|
};
|
||||||
|
|
||||||
|
static guint signals[LAST_SIGNAL] = { 0 };
|
||||||
|
|
||||||
G_DEFINE_TYPE (OstreeRepo, ostree_repo, G_TYPE_OBJECT)
|
G_DEFINE_TYPE (OstreeRepo, ostree_repo, G_TYPE_OBJECT)
|
||||||
|
|
||||||
GS_DEFINE_CLEANUP_FUNCTION0(GKeyFile*, local_keyfile_unref, g_key_file_unref)
|
GS_DEFINE_CLEANUP_FUNCTION0(GKeyFile*, local_keyfile_unref, g_key_file_unref)
|
||||||
|
|
@ -472,6 +483,29 @@ ostree_repo_class_init (OstreeRepoClass *klass)
|
||||||
"",
|
"",
|
||||||
G_TYPE_FILE,
|
G_TYPE_FILE,
|
||||||
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
||||||
|
|
||||||
|
/**
|
||||||
|
* OstreeRepo::gpg-verify-result:
|
||||||
|
* @self: an #OstreeRepo
|
||||||
|
* @checksum: checksum of the signed object
|
||||||
|
* @result: an #OstreeGpgVerifyResult
|
||||||
|
*
|
||||||
|
* Emitted during a pull operation upon GPG verification (if enabled).
|
||||||
|
* Applications can connect to this signal to output the verification
|
||||||
|
* results if desired.
|
||||||
|
*
|
||||||
|
* The signal will be emitted from whichever #GMainContext is the
|
||||||
|
* thread-default at the point when ostree_repo_pull_with_options()
|
||||||
|
* is called.
|
||||||
|
*/
|
||||||
|
signals[GPG_VERIFY_RESULT] = g_signal_new ("gpg-verify-result",
|
||||||
|
OSTREE_TYPE_REPO,
|
||||||
|
G_SIGNAL_RUN_LAST,
|
||||||
|
G_STRUCT_OFFSET (OstreeRepoClass, gpg_verify_result),
|
||||||
|
NULL, NULL, NULL,
|
||||||
|
G_TYPE_NONE, 2,
|
||||||
|
G_TYPE_STRING,
|
||||||
|
OSTREE_TYPE_GPG_VERIFY_RESULT);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue