diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index b1fdc68e..91538573 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -977,6 +977,7 @@ static_deltapart_fetch_on_complete (GObject *object, _ostree_static_delta_part_execute_async (pull_data->repo, fetch_data->objects, delta_data, + TRUE, pull_data->cancellable, on_static_delta_written, fetch_data); @@ -1628,6 +1629,7 @@ process_one_static_delta (OtPullData *pull_data, _ostree_static_delta_part_execute_async (pull_data->repo, fetch_data->objects, delta_data, + TRUE, pull_data->cancellable, on_static_delta_written, fetch_data); diff --git a/src/libostree/ostree-repo-static-delta-core.c b/src/libostree/ostree-repo-static-delta-core.c index 2168985e..c373b60f 100644 --- a/src/libostree/ostree-repo-static-delta-core.c +++ b/src/libostree/ostree-repo-static-delta-core.c @@ -365,7 +365,7 @@ ostree_repo_static_delta_execute_offline (OstreeRepo *self, goto out; } - if (!_ostree_static_delta_part_execute (self, objects, bytes, + if (!_ostree_static_delta_part_execute (self, objects, bytes, skip_validation, cancellable, error)) { g_prefix_error (error, "executing delta part %i: ", i); diff --git a/src/libostree/ostree-repo-static-delta-private.h b/src/libostree/ostree-repo-static-delta-private.h index 7dfba0a9..de32ec65 100644 --- a/src/libostree/ostree-repo-static-delta-private.h +++ b/src/libostree/ostree-repo-static-delta-private.h @@ -113,18 +113,21 @@ gboolean _ostree_static_delta_part_validate (OstreeRepo *repo, gboolean _ostree_static_delta_part_execute (OstreeRepo *repo, GVariant *header, GBytes *partdata, + gboolean trusted, GCancellable *cancellable, GError **error); gboolean _ostree_static_delta_part_execute_raw (OstreeRepo *repo, GVariant *header, GVariant *part, + gboolean trusted, GCancellable *cancellable, GError **error); void _ostree_static_delta_part_execute_async (OstreeRepo *repo, GVariant *header, GBytes *partdata, + gboolean trusted, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data); diff --git a/src/libostree/ostree-repo-static-delta-processing.c b/src/libostree/ostree-repo-static-delta-processing.c index 496c9abb..10e533c6 100644 --- a/src/libostree/ostree-repo-static-delta-processing.c +++ b/src/libostree/ostree-repo-static-delta-processing.c @@ -39,6 +39,7 @@ G_STATIC_ASSERT (sizeof (guint) >= sizeof (guint32)); typedef struct { + gboolean trusted; OstreeRepo *repo; guint checksum_index; const guint8 *checksums; @@ -182,6 +183,7 @@ gboolean _ostree_static_delta_part_execute_raw (OstreeRepo *repo, GVariant *objects, GVariant *part, + gboolean trusted, GCancellable *cancellable, GError **error) { @@ -198,6 +200,7 @@ _ostree_static_delta_part_execute_raw (OstreeRepo *repo, state->repo = repo; state->async_error = error; + state->trusted = trusted; if (!_ostree_static_delta_parse_checksum_array (objects, &checksums_data, @@ -308,6 +311,7 @@ gboolean _ostree_static_delta_part_execute (OstreeRepo *repo, GVariant *header, GBytes *part_bytes, + gboolean trusted, GCancellable *cancellable, GError **error) { @@ -356,7 +360,7 @@ _ostree_static_delta_part_execute (OstreeRepo *repo, payload = g_variant_new_from_bytes (G_VARIANT_TYPE (OSTREE_STATIC_DELTA_PART_PAYLOAD_FORMAT_V0), payload_data, FALSE); - if (!_ostree_static_delta_part_execute_raw (repo, header, payload, + if (!_ostree_static_delta_part_execute_raw (repo, header, payload, trusted, cancellable, error)) goto out; @@ -371,6 +375,7 @@ typedef struct { GBytes *partdata; GCancellable *cancellable; GSimpleAsyncResult *result; + gboolean trusted; } StaticDeltaPartExecuteAsyncData; static void @@ -397,6 +402,7 @@ static_delta_part_execute_thread (GSimpleAsyncResult *res, if (!_ostree_static_delta_part_execute (data->repo, data->header, data->partdata, + data->trusted, cancellable, &error)) g_simple_async_result_take_error (res, error); } @@ -405,6 +411,7 @@ void _ostree_static_delta_part_execute_async (OstreeRepo *repo, GVariant *header, GBytes *partdata, + gboolean trusted, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) @@ -415,6 +422,7 @@ _ostree_static_delta_part_execute_async (OstreeRepo *repo, asyncdata->repo = g_object_ref (repo); asyncdata->header = g_variant_ref (header); asyncdata->partdata = g_bytes_ref (partdata); + asyncdata->trusted = trusted; asyncdata->cancellable = cancellable ? g_object_ref (cancellable) : NULL; asyncdata->result = g_simple_async_result_new ((GObject*) repo, @@ -591,13 +599,27 @@ dispatch_open_splice_and_close (OstreeRepo *repo, metadata = g_variant_new_from_data (ostree_metadata_variant_type (state->output_objtype), state->payload_data + offset, length, TRUE, NULL, NULL); - - if (!ostree_repo_write_metadata_trusted (state->repo, state->output_objtype, - state->checksum, - metadata, - cancellable, - error)) - goto out; + + if (state->trusted) + { + if (!ostree_repo_write_metadata_trusted (state->repo, state->output_objtype, + state->checksum, + metadata, + cancellable, + error)) + goto out; + } + else + { + g_autofree guchar *actual_csum = NULL; + + if (!ostree_repo_write_metadata (state->repo, state->output_objtype, + state->checksum, + metadata, &actual_csum, + cancellable, + error)) + goto out; + } } else { @@ -622,13 +644,26 @@ dispatch_open_splice_and_close (OstreeRepo *repo, (repo->mode == OSTREE_REPO_MODE_BARE || repo->mode == OSTREE_REPO_MODE_BARE_USER)) { - if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum, - state->content_size, - &state->barecommitstate, - &state->content_out, - &state->have_obj, - cancellable, error)) - goto out; + if (state->trusted) + { + if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum, + state->content_size, + &state->barecommitstate, + &state->content_out, + &state->have_obj, + cancellable, error)) + goto out; + } + else + { + if (!_ostree_repo_open_untrusted_content_bare (repo, state->checksum, + state->content_size, + &state->barecommitstate, + &state->content_out, + &state->have_obj, + cancellable, error)) + goto out; + } if (!state->have_obj) { @@ -665,13 +700,28 @@ dispatch_open_splice_and_close (OstreeRepo *repo, cancellable, error)) goto out; - if (!ostree_repo_write_content_trusted (state->repo, - state->checksum, - object_input, - objlen, - cancellable, - error)) - goto out; + if (state->trusted) + { + if (!ostree_repo_write_content_trusted (state->repo, + state->checksum, + object_input, + objlen, + cancellable, + error)) + goto out; + } + else + { + g_autofree guchar *actual_csum = NULL; + if (!ostree_repo_write_content (state->repo, + state->checksum, + object_input, + objlen, + &actual_csum, + cancellable, + error)) + goto out; + } } } @@ -707,13 +757,26 @@ dispatch_open (OstreeRepo *repo, if (!read_varuint64 (state, &state->content_size, error)) goto out; - if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum, - state->content_size, - &state->barecommitstate, - &state->content_out, - &state->have_obj, - cancellable, error)) - goto out; + if (state->trusted) + { + if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum, + state->content_size, + &state->barecommitstate, + &state->content_out, + &state->have_obj, + cancellable, error)) + goto out; + } + else + { + if (!_ostree_repo_open_untrusted_content_bare (repo, state->checksum, + state->content_size, + &state->barecommitstate, + &state->content_out, + &state->have_obj, + cancellable, error)) + goto out; + } ret = TRUE; out: @@ -868,11 +931,22 @@ dispatch_close (OstreeRepo *repo, if (!g_output_stream_flush (state->content_out, cancellable, error)) goto out; - if (!_ostree_repo_commit_trusted_content_bare (repo, state->checksum, &state->barecommitstate, - state->uid, state->gid, state->mode, - state->xattrs, - cancellable, error)) - goto out; + if (state->trusted) + { + if (!_ostree_repo_commit_trusted_content_bare (repo, state->checksum, &state->barecommitstate, + state->uid, state->gid, state->mode, + state->xattrs, + cancellable, error)) + goto out; + } + else + { + if (!_ostree_repo_commit_untrusted_content_bare (repo, state->checksum, &state->barecommitstate, + state->uid, state->gid, state->mode, + state->xattrs, + cancellable, error)) + goto out; + } } if (!dispatch_unset_read_source (repo, state, cancellable, error))