From 3b7044f45ef5f62a855454293447061016a53bd3 Mon Sep 17 00:00:00 2001 From: Jeremy Hiatt Date: Thu, 8 Mar 2018 01:44:43 +0000 Subject: [PATCH] lib/repo: Fix multi-signature support when generating summary files Ensure that the metadata object is built up with the signatures from all keys passed to ostree_repo_add_gpg_signature_summary(). Previously only the signature from the last key would end up in the metadata. Closes: #1488 Closes: #1489 Approved by: jlebon --- src/libostree/ostree-repo.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c index 5798ae2e..8ff0d961 100644 --- a/src/libostree/ostree-repo.c +++ b/src/libostree/ostree-repo.c @@ -4811,17 +4811,16 @@ ostree_repo_add_gpg_signature_summary (OstreeRepo *self, /* Note that fd is reused below */ glnx_close_fd (&fd); - g_autoptr(GVariant) existing_signatures = NULL; + g_autoptr(GVariant) metadata = NULL; if (!ot_openat_ignore_enoent (self->repo_dir_fd, "summary.sig", &fd, error)) return FALSE; if (fd != -1) { if (!ot_variant_read_fd (fd, 0, G_VARIANT_TYPE (OSTREE_SUMMARY_SIG_GVARIANT_STRING), - FALSE, &existing_signatures, error)) + FALSE, &metadata, error)) return FALSE; } - g_autoptr(GVariant) new_metadata = NULL; for (guint i = 0; key_id[i]; i++) { g_autoptr(GBytes) signature_data = NULL; @@ -4830,10 +4829,11 @@ ostree_repo_add_gpg_signature_summary (OstreeRepo *self, cancellable, error)) return FALSE; - new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_signatures, signature_data); + g_autoptr(GVariant) old_metadata = g_steal_pointer (&metadata); + metadata = _ostree_detached_metadata_append_gpg_sig (old_metadata, signature_data); } - g_autoptr(GVariant) normalized = g_variant_get_normal_form (new_metadata); + g_autoptr(GVariant) normalized = g_variant_get_normal_form (metadata); if (!_ostree_repo_file_replace_contents (self, self->repo_dir_fd,