packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2117 from cgwalters/pull-signapi-default-explicit 

remote-add: Default to explicit sign-verify backends
This commit is contained in:
OpenShift Merge Robot 2020-05-28 13:52:48 -04:00 committed by GitHub
parent 854099802f 68ebf743cd
commit c6eade5ce5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/ostree/ot-remote-builtin-add.c
View File

@ -59,7 +59,7 @@ static GOptionEntry option_entries[] = {
{ NULL } { NULL }
}; };
static gboolean static char *
add_verify_opt (GVariantBuilder *builder, add_verify_opt (GVariantBuilder *builder,
const char *keyspec, const char *keyspec,
GError **error) GError **error)
@ -68,11 +68,11 @@ add_verify_opt (GVariantBuilder *builder,
g_assert (parts && *parts); g_assert (parts && *parts);
const char *keytype = parts[0]; const char *keytype = parts[0];
if (!parts[1]) if (!parts[1])
return glnx_throw (error, "Failed to parse KEYTYPE=[inline|file]:DATA in %s", keyspec); return glnx_null_throw (error, "Failed to parse KEYTYPE=[inline|file]:DATA in %s", keyspec);
g_autoptr(OstreeSign) sign = ostree_sign_get_by_name (keytype, error); g_autoptr(OstreeSign) sign = ostree_sign_get_by_name (keytype, error);
if (!sign) if (!sign)
return FALSE; return NULL;
const char *rest = parts[1]; const char *rest = parts[1];
g_assert (!parts[2]); g_assert (!parts[2]);
@ -86,13 +86,13 @@ add_verify_opt (GVariantBuilder *builder,
else if (g_str_equal (keyref, "file")) else if (g_str_equal (keyref, "file"))
optname = g_strdup_printf ("verification-%s-file", keytype); optname = g_strdup_printf ("verification-%s-file", keytype);
else else
return glnx_throw (error, "Invalid key reference %s, expected inline|file", keyref); return glnx_null_throw (error, "Invalid key reference %s, expected inline|file", keyref);
g_assert (keyparts[1] && !keyparts[2]); g_assert (keyparts[1] && !keyparts[2]);
g_variant_builder_add (builder, "{s@v}", g_variant_builder_add (builder, "{s@v}",
optname, optname,
g_variant_new_variant (g_variant_new_string (keyparts[1]))); g_variant_new_variant (g_variant_new_string (keyparts[1])));
return TRUE; return g_strdup (ostree_sign_get_name (sign));
} }
gboolean gboolean
@ -101,6 +101,7 @@ ot_remote_builtin_add (int argc, char **argv, OstreeCommandInvocation *invocatio
g_autoptr(GOptionContext) context = NULL; g_autoptr(GOptionContext) context = NULL;
g_autoptr(OstreeSysroot) sysroot = NULL; g_autoptr(OstreeSysroot) sysroot = NULL;
g_autoptr(OstreeRepo) repo = NULL; g_autoptr(OstreeRepo) repo = NULL;
g_autoptr(GString) sign_verify = NULL;
const char *remote_name; const char *remote_name;
const char *remote_url; const char *remote_url;
char **iter; char **iter;
@ -193,13 +194,23 @@ ot_remote_builtin_add (int argc, char **argv, OstreeCommandInvocation *invocatio
for (char **iter = opt_sign_verify; iter && *iter; iter++) for (char **iter = opt_sign_verify; iter && *iter; iter++)
{ {
const char *keyspec = *iter; const char *keyspec = *iter;
if (!add_verify_opt (optbuilder, keyspec, error)) g_autofree char *signname = add_verify_opt (optbuilder, keyspec, error);
if (!signname)
return FALSE; return FALSE;
if (!sign_verify)
{
sign_verify = g_string_new (signname);
} }
if (opt_sign_verify) else
{
g_string_append_c (sign_verify, ',');
g_string_append (sign_verify, signname);
}
}
if (sign_verify != NULL)
g_variant_builder_add (optbuilder, "{s@v}", g_variant_builder_add (optbuilder, "{s@v}",
"sign-verify", "sign-verify",
g_variant_new_variant (g_variant_new_boolean (TRUE))); g_variant_new_variant (g_variant_new_string (sign_verify->str)));
if (opt_collection_id != NULL) if (opt_collection_id != NULL)
g_variant_builder_add (optbuilder, "{s@v}", "collection-id", g_variant_builder_add (optbuilder, "{s@v}", "collection-id",