packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pull: Only set ca path if we actually have a setting for it 

Otherwise, GTlsFileDatabase ends up accepting NULL for anchors, and
then we don't trust any CAs at all.

https://bugzilla.gnome.org/show_bug.cgi?id=726256
This commit is contained in:
Colin Walters 2014-07-01 08:50:05 -04:00
parent f60bac45fd
commit 772409e945
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/libostree/ostree-repo-pull.c
View File

@ -1138,11 +1138,14 @@ ostree_repo_pull (OstreeRepo *self,
NULL, &tls_ca_path, error)) NULL, &tls_ca_path, error))
goto out; goto out;
db = g_tls_file_database_new (tls_ca_path, error); if (tls_ca_path)
if (!db) {
goto out; db = g_tls_file_database_new (tls_ca_path, error);
if (!db)
_ostree_fetcher_set_tls_database (pull_data->fetcher, db); goto out;
_ostree_fetcher_set_tls_database (pull_data->fetcher, db);
}
} }
if (!pull_data->base_uri) if (!pull_data->base_uri)