lib/repo-pull: return errors from signature engines
Improve error handling for signatures checks -- passthrough real reasons from signature engines instead of using common messages. Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
This commit is contained in:
Denis Pynkin
parent
194ab368f2
commit
59b9e64b72
|
|
@ -1485,14 +1485,14 @@ process_verify_result (OtPullData *pull_data,
|
||||||
static gboolean
|
static gboolean
|
||||||
_load_public_keys (OstreeSign *sign,
|
_load_public_keys (OstreeSign *sign,
|
||||||
OstreeRepo *repo,
|
OstreeRepo *repo,
|
||||||
const gchar *remote_name)
|
const gchar *remote_name,
|
||||||
|
GError **error)
|
||||||
{
|
{
|
||||||
|
|
||||||
g_autofree gchar *pk_ascii = NULL;
|
g_autofree gchar *pk_ascii = NULL;
|
||||||
g_autofree gchar *pk_file = NULL;
|
g_autofree gchar *pk_file = NULL;
|
||||||
gboolean loaded_from_file = TRUE;
|
gboolean loaded_from_file = TRUE;
|
||||||
gboolean loaded_inlined = TRUE;
|
gboolean loaded_inlined = TRUE;
|
||||||
g_autoptr (GError) error = NULL;
|
|
||||||
|
|
||||||
ostree_repo_get_remote_option (repo,
|
ostree_repo_get_remote_option (repo,
|
||||||
remote_name,
|
remote_name,
|
||||||
|
|
@ -1528,48 +1528,53 @@ _load_public_keys (OstreeSign *sign,
|
||||||
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file));
|
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file));
|
||||||
options = g_variant_builder_end (builder);
|
options = g_variant_builder_end (builder);
|
||||||
|
|
||||||
if (ostree_sign_load_pk (sign, options, &error))
|
if (ostree_sign_load_pk (sign, options, error))
|
||||||
loaded_from_file = TRUE;
|
loaded_from_file = TRUE;
|
||||||
else
|
else
|
||||||
{
|
|
||||||
g_assert (error);
|
|
||||||
g_debug("Unable to load public keys for '%s' from file '%s': %s",
|
g_debug("Unable to load public keys for '%s' from file '%s': %s",
|
||||||
ostree_sign_get_name(sign), pk_file, error->message);
|
ostree_sign_get_name(sign), pk_file, (*error)->message);
|
||||||
g_clear_error (&error);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pk_ascii != NULL)
|
if (pk_ascii != NULL)
|
||||||
{
|
{
|
||||||
|
g_autoptr (GError) local_error = NULL;
|
||||||
g_autoptr (GVariant) pk = g_variant_new_string(pk_ascii);
|
g_autoptr (GVariant) pk = g_variant_new_string(pk_ascii);
|
||||||
|
|
||||||
/* Add inlined public key */
|
/* Add inlined public key */
|
||||||
if (loaded_from_file)
|
if (loaded_from_file)
|
||||||
loaded_inlined = ostree_sign_add_pk (sign, pk, &error);
|
loaded_inlined = ostree_sign_add_pk (sign, pk, &local_error);
|
||||||
else
|
else
|
||||||
loaded_inlined = ostree_sign_set_pk (sign, pk, &error);
|
loaded_inlined = ostree_sign_set_pk (sign, pk, &local_error);
|
||||||
|
|
||||||
if (!loaded_inlined)
|
if (!loaded_inlined)
|
||||||
{
|
{
|
||||||
if (error == NULL)
|
|
||||||
g_set_error_literal (&error, G_IO_ERROR, G_IO_ERROR_FAILED,
|
|
||||||
"unknown reason");
|
|
||||||
|
|
||||||
g_debug("Unable to load public key '%s' for '%s': %s",
|
g_debug("Unable to load public key '%s' for '%s': %s",
|
||||||
pk_ascii, ostree_sign_get_name(sign), error->message);
|
pk_ascii, ostree_sign_get_name(sign), local_error->message);
|
||||||
g_clear_error (&error);
|
|
||||||
|
/* Save error message for better reason detection later if needed */
|
||||||
|
if (*error == NULL)
|
||||||
|
g_propagate_error (error, g_steal_pointer (&local_error));
|
||||||
|
else
|
||||||
|
g_prefix_error (error, "%s; ", local_error->message);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Return true if able to load from any source */
|
/* Return true if able to load from any source */
|
||||||
return (loaded_from_file || loaded_inlined);
|
if (loaded_from_file || loaded_inlined)
|
||||||
|
{
|
||||||
|
g_clear_error (error);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
static gboolean
|
static gboolean
|
||||||
_ostree_repo_sign_verify (OstreeRepo *repo,
|
_ostree_repo_sign_verify (OstreeRepo *repo,
|
||||||
const gchar *remote_name,
|
const gchar *remote_name,
|
||||||
GBytes *signed_data,
|
GBytes *signed_data,
|
||||||
GVariant *metadata)
|
GVariant *metadata,
|
||||||
|
GError **error)
|
||||||
{
|
{
|
||||||
/* list all signature types in detached metadata and check if signed by any? */
|
/* list all signature types in detached metadata and check if signed by any? */
|
||||||
g_auto (GStrv) names = ostree_sign_list_names();
|
g_auto (GStrv) names = ostree_sign_list_names();
|
||||||
|
|
@ -1596,18 +1601,33 @@ _ostree_repo_sign_verify (OstreeRepo *repo,
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* Try to load public key(s) according remote's configuration */
|
/* Try to load public key(s) according remote's configuration */
|
||||||
if (!_load_public_keys (sign, repo, remote_name))
|
if (_load_public_keys (sign, repo, remote_name, &local_error))
|
||||||
continue;
|
{
|
||||||
|
/* Return true if any signature fit to pre-loaded public keys.
|
||||||
|
* If no keys configured -- then system configuration will be used */
|
||||||
|
if (ostree_sign_data_verify (sign,
|
||||||
|
signed_data,
|
||||||
|
signatures,
|
||||||
|
&local_error))
|
||||||
|
{
|
||||||
|
g_clear_error (error);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* Return true if any signature fit to pre-loaded public keys.
|
/* Save error message for better reason detection later if needed */
|
||||||
* If no keys configured -- then system configuration will be used */
|
if (*error == NULL)
|
||||||
if (ostree_sign_data_verify (sign,
|
g_propagate_error (error, g_steal_pointer (&local_error));
|
||||||
signed_data,
|
else
|
||||||
signatures,
|
g_prefix_error (error, "%s; ", local_error->message);
|
||||||
&local_error))
|
|
||||||
return TRUE;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* In case if there were no signatures of known type
|
||||||
|
* or metadata contains invalid data */
|
||||||
|
if (*error == NULL)
|
||||||
|
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
|
||||||
|
"Metadata doesn't signed with supported type");
|
||||||
|
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1658,10 +1678,9 @@ ostree_verify_unwritten_commit (OtPullData *pull_data,
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, signed_data, detached_metadata))
|
if (!_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, signed_data, detached_metadata, error))
|
||||||
{
|
{
|
||||||
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
|
g_prefix_error (error, "Can't verify commit");
|
||||||
"Can't verify commit");
|
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -2014,18 +2033,19 @@ scan_commit_object (OtPullData *pull_data,
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* Try to load public key(s) according remote's configuration */
|
/* Try to load public key(s) according remote's configuration */
|
||||||
if (!_load_public_keys (sign, pull_data->repo, pull_data->remote_name))
|
if (_load_public_keys (sign, pull_data->repo, pull_data->remote_name, &local_error))
|
||||||
continue;
|
|
||||||
|
|
||||||
/* Set return to true if any sign fit */
|
|
||||||
if (ostree_sign_commit_verify (sign,
|
|
||||||
pull_data->repo,
|
|
||||||
checksum,
|
|
||||||
cancellable,
|
|
||||||
&local_error))
|
|
||||||
{
|
{
|
||||||
ret = TRUE;
|
|
||||||
g_clear_error (error);
|
/* Set return to true if any sign fit */
|
||||||
|
if (ostree_sign_commit_verify (sign,
|
||||||
|
pull_data->repo,
|
||||||
|
checksum,
|
||||||
|
cancellable,
|
||||||
|
&local_error))
|
||||||
|
{
|
||||||
|
ret = TRUE;
|
||||||
|
g_clear_error (error);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Save error message for better reason detection later if needed */
|
/* Save error message for better reason detection later if needed */
|
||||||
|
|
@ -4416,12 +4436,13 @@ ostree_repo_pull_with_options (OstreeRepo *self,
|
||||||
if (bytes_summary && bytes_sig)
|
if (bytes_summary && bytes_sig)
|
||||||
{
|
{
|
||||||
g_autoptr(GVariant) signatures = NULL;
|
g_autoptr(GVariant) signatures = NULL;
|
||||||
|
g_autoptr(GError) temp_error = NULL;
|
||||||
|
|
||||||
signatures = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
|
signatures = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
|
||||||
bytes_sig, FALSE);
|
bytes_sig, FALSE);
|
||||||
|
|
||||||
|
|
||||||
if (!_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, bytes_summary, signatures))
|
if (!_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, bytes_summary, signatures, &temp_error))
|
||||||
{
|
{
|
||||||
gboolean ret = FALSE;
|
gboolean ret = FALSE;
|
||||||
|
|
||||||
|
|
@ -4452,14 +4473,16 @@ ostree_repo_pull_with_options (OstreeRepo *self,
|
||||||
cancellable, error))
|
cancellable, error))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
if (_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, bytes_summary, signatures))
|
if (_ostree_repo_sign_verify (pull_data->repo, pull_data->remote_name, bytes_summary, signatures, error))
|
||||||
ret = TRUE;
|
ret = TRUE;
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
g_propagate_error (error, g_steal_pointer (&temp_error));
|
||||||
|
|
||||||
|
|
||||||
if (!ret)
|
if (!ret)
|
||||||
{
|
{
|
||||||
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
|
g_prefix_error (error, "Can't verify summary: ");
|
||||||
"Can't verify summary");
|
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -6560,12 +6583,8 @@ ostree_repo_remote_fetch_summary_with_options (OstreeRepo *self,
|
||||||
sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
|
sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT,
|
||||||
signatures, FALSE);
|
signatures, FALSE);
|
||||||
|
|
||||||
if (!_ostree_repo_sign_verify (self, name, summary, sig_variant))
|
if (!_ostree_repo_sign_verify (self, name, summary, sig_variant, error))
|
||||||
{
|
goto out;
|
||||||
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
|
|
||||||
"Signature verification enabled, but no valid signatures found");
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue