diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c index 48787ca2..5fb54205 100644 --- a/src/libostree/ostree-repo.c +++ b/src/libostree/ostree-repo.c @@ -1697,43 +1697,22 @@ out: #endif } -/** - * ostree_repo_verify_commit: - * @self: Repository - * @commit_checksum: ASCII SHA256 checksum - * @keyringdir: (allow-none): Path to directory GPG keyrings; overrides built-in default if given - * @extra_keyring: (allow-none): Path to additional keyring file (not a directory) - * @cancellable: Cancellable - * @error: Error - * - * Check for a valid GPG signature on commit named by the ASCII - * checksum @commit_checksum. - */ -gboolean -ostree_repo_verify_commit (OstreeRepo *self, - const gchar *commit_checksum, - GFile *keyringdir, - GFile *extra_keyring, - GCancellable *cancellable, - GError **error) +static gboolean +_ostree_repo_gpg_verify_file_with_metadata (OstreeRepo *self, + GFile *path, + GVariant *metadata, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error) { #ifdef HAVE_GPGME gboolean ret = FALSE; gs_unref_object OstreeGpgVerifier *verifier = NULL; - gs_unref_variant GVariant *commit_variant = NULL; - gs_unref_object GFile *commit_tmp_path = NULL; - gs_unref_object GFile *keyringdir_ref = NULL; - gs_unref_variant GVariant *metadata = NULL; gs_unref_variant GVariant *signaturedata = NULL; - gs_free gchar *commit_filename = NULL; gint i, n; gboolean had_valid_signataure = FALSE; - if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, - commit_checksum, &commit_variant, - error)) - goto out; - verifier = _ostree_gpg_verifier_new (cancellable, error); if (!verifier) goto out; @@ -1751,16 +1730,6 @@ ostree_repo_verify_commit (OstreeRepo *self, goto out; } - if (!ostree_repo_read_commit_detached_metadata (self, - commit_checksum, - &metadata, - cancellable, - error)) - { - g_prefix_error (error, "Failed to read detached metadata: "); - goto out; - } - if (metadata) signaturedata = g_variant_lookup_value (metadata, "ostree.gpgsigs", G_VARIANT_TYPE ("aay")); if (!signaturedata) @@ -1770,18 +1739,6 @@ ostree_repo_verify_commit (OstreeRepo *self, goto out; } - if (!gs_file_open_in_tmpdir (self->tmp_dir, 0644, - &commit_tmp_path, NULL, - cancellable, error)) - goto out; - - if (!g_file_replace_contents (commit_tmp_path, - (char*)g_variant_get_data (commit_variant), - g_variant_get_size (commit_variant), - NULL, FALSE, 0, NULL, - cancellable, error)) - goto out; - n = g_variant_n_children (signaturedata); for (i = 0; i < n; i++) { @@ -1801,7 +1758,7 @@ ostree_repo_verify_commit (OstreeRepo *self, goto out; if (!_ostree_gpg_verifier_check_signature (verifier, - commit_tmp_path, + path, temp_sig_path, &had_valid_signataure, cancellable, error)) @@ -1820,11 +1777,9 @@ ostree_repo_verify_commit (OstreeRepo *self, "GPG signatures found, but none are in trusted keyring"); goto out; } - + ret = TRUE; -out: - if (commit_tmp_path) - (void) gs_file_unlink (commit_tmp_path, NULL, NULL); + out: return ret; #else g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, @@ -1832,3 +1787,70 @@ out: return FALSE; #endif } + +/** + * ostree_repo_verify_commit: + * @self: Repository + * @commit_checksum: ASCII SHA256 checksum + * @keyringdir: (allow-none): Path to directory GPG keyrings; overrides built-in default if given + * @extra_keyring: (allow-none): Path to additional keyring file (not a directory) + * @cancellable: Cancellable + * @error: Error + * + * Check for a valid GPG signature on commit named by the ASCII + * checksum @commit_checksum. + */ +gboolean +ostree_repo_verify_commit (OstreeRepo *self, + const gchar *commit_checksum, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error) +{ + gboolean ret = FALSE; + gs_unref_variant GVariant *commit_variant = NULL; + gs_unref_object GFile *commit_tmp_path = NULL; + gs_unref_object GFile *keyringdir_ref = NULL; + gs_unref_variant GVariant *metadata = NULL; + gs_free gchar *commit_filename = NULL; + + /* Create a temporary file for the commit */ + if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, + commit_checksum, &commit_variant, + error)) + goto out; + if (!gs_file_open_in_tmpdir (self->tmp_dir, 0644, + &commit_tmp_path, NULL, + cancellable, error)) + goto out; + if (!g_file_replace_contents (commit_tmp_path, + (char*)g_variant_get_data (commit_variant), + g_variant_get_size (commit_variant), + NULL, FALSE, 0, NULL, + cancellable, error)) + goto out; + + /* Load the metadata */ + if (!ostree_repo_read_commit_detached_metadata (self, + commit_checksum, + &metadata, + cancellable, + error)) + { + g_prefix_error (error, "Failed to read detached metadata: "); + goto out; + } + + if (!_ostree_repo_gpg_verify_file_with_metadata (self, + commit_tmp_path, metadata, + keyringdir, extra_keyring, + cancellable, error)) + goto out; + + ret = TRUE; +out: + if (commit_tmp_path) + (void) gs_file_unlink (commit_tmp_path, NULL, NULL); + return ret; +}