359435de84
We have a bunch of APIs to do GPG verification of a commit, but that doesn't generalize to signapi. Further, they require the caller to check the signature status explicitly which seems like a trap. This much higher level API works with both GPG and signapi. The intention is to use this in things that are doing "external pulls" like the ostree-ext tar import support. There we will get the commitmeta from the tarball and we want to verify it at the same time we import the commit. |
||
|---|---|---|
| .. | ||
| Makefile.am | ||
| ostree-docs.xml | ||
| ostree-experimental-sections.txt | ||
| ostree-sections.txt | ||