diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h index adf5ec2b..7b02b12c 100644 --- a/src/libostree/ostree-repo-private.h +++ b/src/libostree/ostree-repo-private.h @@ -199,11 +199,21 @@ OstreeGpgVerifyResult * _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self, GBytes *signed_data, GVariant *metadata, + const char *remote_name, GFile *keyringdir, GFile *extra_keyring, GCancellable *cancellable, GError **error); +OstreeGpgVerifyResult * +_ostree_repo_verify_commit_internal (OstreeRepo *self, + const char *commit_checksum, + const char *remote_name, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error); + gboolean _ostree_repo_commit_loose_final (OstreeRepo *self, const char *checksum, diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index 19e8d7ed..c6d4c45b 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -968,12 +968,13 @@ scan_commit_object (OtPullData *pull_data, { glnx_unref_object OstreeGpgVerifyResult *result = NULL; - result = ostree_repo_verify_commit_ext (pull_data->repo, - checksum, - NULL, - NULL, - cancellable, - error); + result = _ostree_repo_verify_commit_internal (pull_data->repo, + checksum, + pull_data->remote_name, + NULL, + NULL, + cancellable, + error); if (result == NULL) goto out; @@ -1926,6 +1927,7 @@ ostree_repo_pull_with_options (OstreeRepo *self, sig_variant, NULL, NULL, + NULL, cancellable, error); if (result == NULL) diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c index 189ec909..148dfadd 100644 --- a/src/libostree/ostree-repo.c +++ b/src/libostree/ostree-repo.c @@ -3561,7 +3561,7 @@ ostree_repo_sign_commit (OstreeRepo *self, result = _ostree_repo_gpg_verify_with_metadata (self, commit_data, old_metadata, - NULL, NULL, + NULL, NULL, NULL, cancellable, &local_error); @@ -3694,10 +3694,14 @@ ostree_repo_add_gpg_signature_summary (OstreeRepo *self, return ret; } +/* Special remote for _ostree_repo_gpg_verify_with_metadata() */ +static const char *OSTREE_ALL_REMOTES = "__OSTREE_ALL_REMOTES__"; + OstreeGpgVerifyResult * _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self, GBytes *signed_data, GVariant *metadata, + const char *remote_name, GFile *keyringdir, GFile *extra_keyring, GCancellable *cancellable, @@ -3715,6 +3719,33 @@ _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self, if (!verifier) goto out; + if (remote_name == OSTREE_ALL_REMOTES) + { + /* Add all available remote keyring files. */ + + if (!_ostree_gpg_verifier_add_keyring_dir (verifier, self->repodir, + cancellable, error)) + goto out; + } + else if (remote_name != NULL) + { + /* Add the remote's keyring file. OstreeGpgVerifier + * will ignore it if the keyring file does not exist. */ + + OstreeRemote *remote; + g_autoptr(GFile) file = NULL; + + remote = ost_repo_get_remote (self, remote_name, error); + if (remote == NULL) + goto out; + + file = g_file_get_child (self->repodir, remote->keyring); + + _ostree_gpg_verifier_add_keyring (verifier, file); + + ost_remote_unref (remote); + } + if (keyringdir) { if (!_ostree_gpg_verifier_add_keyring_dir (verifier, keyringdir, @@ -3764,6 +3795,62 @@ _ostree_repo_gpg_verify_with_metadata (OstreeRepo *self, return result; } +/* Needed an internal version for the remote_name parameter. */ +OstreeGpgVerifyResult * +_ostree_repo_verify_commit_internal (OstreeRepo *self, + const char *commit_checksum, + const char *remote_name, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error) +{ + OstreeGpgVerifyResult *result = NULL; + gs_unref_variant GVariant *commit_variant = NULL; + gs_unref_variant GVariant *metadata = NULL; + gs_unref_bytes GBytes *signed_data = NULL; + + /* Load the commit */ + if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, + commit_checksum, &commit_variant, + error)) + { + g_prefix_error (error, "Failed to read commit: "); + goto out; + } + + /* Load the metadata */ + if (!ostree_repo_read_commit_detached_metadata (self, + commit_checksum, + &metadata, + cancellable, + error)) + { + g_prefix_error (error, "Failed to read detached metadata: "); + goto out; + } + + signed_data = g_variant_get_data_as_bytes (commit_variant); + + /* XXX This is a hackish way to indicate to use ALL remote-specific + * keyrings in the signature verification. We want this when + * verifying a signed commit that's already been pulled. */ + if (remote_name == NULL) + remote_name = OSTREE_ALL_REMOTES; + + result = _ostree_repo_gpg_verify_with_metadata (self, + signed_data, + metadata, + remote_name, + keyringdir, + extra_keyring, + cancellable, + error); + +out: + return result; +} + /** * ostree_repo_verify_commit: * @self: Repository @@ -3828,42 +3915,13 @@ ostree_repo_verify_commit_ext (OstreeRepo *self, GCancellable *cancellable, GError **error) { - OstreeGpgVerifyResult *result = NULL; - g_autoptr(GVariant) commit_variant = NULL; - g_autoptr(GFile) keyringdir_ref = NULL; - g_autoptr(GVariant) metadata = NULL; - g_autoptr(GBytes) signed_data = NULL; - g_autofree char *commit_filename = NULL; - - /* Create a temporary file for the commit */ - if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, - commit_checksum, &commit_variant, - error)) - { - g_prefix_error (error, "Failed to read commit: "); - goto out; - } - - /* Load the metadata */ - if (!ostree_repo_read_commit_detached_metadata (self, - commit_checksum, - &metadata, - cancellable, - error)) - { - g_prefix_error (error, "Failed to read detached metadata: "); - goto out; - } - - signed_data = g_variant_get_data_as_bytes (commit_variant); - - result = _ostree_repo_gpg_verify_with_metadata (self, - signed_data, metadata, - keyringdir, extra_keyring, - cancellable, error); - -out: - return result; + return _ostree_repo_verify_commit_internal (self, + commit_checksum, + NULL, + keyringdir, + extra_keyring, + cancellable, + error); } /**