From 598afd5030bbc0b1c4aa3d43d383d6fec58e3746 Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Mon, 19 Oct 2015 09:23:52 +0200 Subject: [PATCH] pull: Verify checksums from static deltas unless gpg signed summary Otherwise untrusted repos can lie about the commit ids. --- src/libostree/ostree-repo-pull.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index 91538573..4c3b14bf 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -977,7 +977,8 @@ static_deltapart_fetch_on_complete (GObject *object, _ostree_static_delta_part_execute_async (pull_data->repo, fetch_data->objects, delta_data, - TRUE, + /* Trust checksums if summary was gpg signed */ + pull_data->gpg_verify_summary && pull_data->summary_data_sig, pull_data->cancellable, on_static_delta_written, fetch_data); @@ -1629,7 +1630,8 @@ process_one_static_delta (OtPullData *pull_data, _ostree_static_delta_part_execute_async (pull_data->repo, fetch_data->objects, delta_data, - TRUE, + /* Trust checksums if summary was gpg signed */ + pull_data->gpg_verify_summary && pull_data->summary_data_sig, pull_data->cancellable, on_static_delta_written, fetch_data);