packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,926 Commits 2 Branches 0 Tags 18 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Matthew Barnes c2b01adbf0 OstreeGpgVerifier: Take the signature as a GBytes 
The signature data is in memory to begin with, so there's no need to
write it to disk only to immediately read it back.

Also, because the GPGME multi-keyring workaround is somewhat expensive
to setup and teardown, concatenate all signatures into a single GBytes
so _ostree_gpg_verifier_check_signature() is only called once.  We're
currently only looking for one valid signature anyway.
 2015-03-06 08:22:44 -05:00
Matthew Barnes 0bae648977 gpg: Remove _ostree_gpg_verifier_set_homedir() 
Never called, and the setting is never applied anyway.
 2015-03-02 12:03:04 -05:00
Colin Walters 4e5b31b8fc trivial: Don't include config.h in headers 
This should be included by each .c file.  This fixes using libostree
from a "plain" project without config.h.
 2013-10-15 15:26:37 -04:00
Jeremy Whiting 7f9eefb62d pull: Verify commits with gpg signatures from detached metadata 
This uses gpgv for verification against DATADIR/ostree/pubring.gpg by
default.  The keyring can be overridden by specifying OSTREE_GPG_HOME.

Add a unit test for commit signing with gpg key and verifying on pull;
to implement this we ship a test GPG key generated with no password
for Ostree Tester <test@test.com>.

Change all of the existing tests to disable GPG verification.
 2013-09-29 14:49:47 -04:00