From 772409e945aa1f5d8e6c20c233fa36dda80950d8 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 1 Jul 2014 08:50:05 -0400
Subject: [PATCH] pull: Only set ca path if we actually have a setting for it

Otherwise, GTlsFileDatabase ends up accepting NULL for anchors, and
then we don't trust any CAs at all.

https://bugzilla.gnome.org/show_bug.cgi?id=726256
---
 src/libostree/ostree-repo-pull.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index 7d3ad262..2cdc6c15 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -1138,11 +1138,14 @@ ostree_repo_pull (OstreeRepo               *self,
                                             NULL, &tls_ca_path, error))
       goto out;
 
-    db = g_tls_file_database_new (tls_ca_path, error);
-    if (!db)
-      goto out;
-
-    _ostree_fetcher_set_tls_database (pull_data->fetcher, db);
+    if (tls_ca_path)
+      {
+        db = g_tls_file_database_new (tls_ca_path, error);
+        if (!db)
+          goto out;
+        
+        _ostree_fetcher_set_tls_database (pull_data->fetcher, db);
+      }
   }
 
   if (!pull_data->base_uri)