packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib: Prefix GPG errors with the checksum 

I was working on https://bugzilla.redhat.com/show_bug.cgi?id=1393545
and it was annoying that I couldn't know what the new (unsigned)
commit has was until verification succeeded.  I could pull it
manually without GPG, but then it'd be sitting in the repo.

Now:

```
Updating from: fedora-atomic:fedora-atomic/25/x86_64/docker-host

Receiving metadata objects: 0/(estimating) -/s 0 bytes
error: Commit 2fb89decd2cb5c3bd73983f0a7b35c7437f23e3aaa91698fab952bb224e46af5: GPG verification enabled, but no signatures found (use gpg-verify=false in remote config to disable)
```

Closes: #663
Approved by: giuseppe
This commit is contained in:
Colin Walters 2017-01-30 10:55:22 +01:00 committed by Atomic Bot
parent 1fd05fe840
commit a89be1f00f
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/libostree/ostree-repo-pull.c
View File

@ -1035,14 +1035,22 @@ process_verify_result (OtPullData *pull_data,
GError **error) GError **error)
{ {
if (result == NULL) if (result == NULL)
return FALSE; {
g_prefix_error (error, "Commit %s: ", checksum);
return FALSE;
}
/* Allow callers to output the results immediately. */ /* Allow callers to output the results immediately. */
g_signal_emit_by_name (pull_data->repo, g_signal_emit_by_name (pull_data->repo,
"gpg-verify-result", "gpg-verify-result",
checksum, result); checksum, result);
return ostree_gpg_verify_result_require_valid_signature (result, error); if (!ostree_gpg_verify_result_require_valid_signature (result, error))
{
g_prefix_error (error, "Commit %s: ", checksum);
return FALSE;
}
return TRUE;
} }
static gboolean static gboolean
@ -1060,8 +1068,9 @@ gpg_verify_unwritten_commit (OtPullData *pull_data,
if (!detached_metadata) if (!detached_metadata)
{ {
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"No detached metadata found for GPG verification"); "Commit %s: no detached metadata found for GPG verification",
checksum);
return FALSE; return FALSE;
} }

11
src/libostree/ostree-repo.c
View File

@ -4356,8 +4356,8 @@ _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self,
_OSTREE_METADATA_GPGSIGS_TYPE); _OSTREE_METADATA_GPGSIGS_TYPE);
if (!signaturedata) if (!signaturedata)
{ {
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND, g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"GPG verification enabled, but no signatures found (use gpg-verify=false in remote config to disable)"); "GPG verification enabled, but no signatures found (use gpg-verify=false in remote config to disable)");
return NULL; return NULL;
} }
@ -4474,7 +4474,12 @@ ostree_repo_verify_commit (OstreeRepo *self,
keyringdir, extra_keyring, keyringdir, extra_keyring,
cancellable, error); cancellable, error);
return ostree_gpg_verify_result_require_valid_signature (result, error); if (!ostree_gpg_verify_result_require_valid_signature (result, error))
{
g_prefix_error (error, "Commit %s: ", commit_checksum);
return FALSE;
}
return TRUE;
} }
/** /**