lib: Prefix GPG errors with the checksum

I was working on https://bugzilla.redhat.com/show_bug.cgi?id=1393545 and it was annoying that I couldn't know what the new (unsigned) commit has was until verification succeeded. I could pull it manually without GPG, but then it'd be sitting in the repo. Now: ``` Updating from: fedora-atomic:fedora-atomic/25/x86_64/docker-host Receiving metadata objects: 0/(estimating) -/s 0 bytes error: Commit 2fb89decd2cb5c3bd73983f0a7b35c7437f23e3aaa91698fab952bb224e46af5: GPG verification enabled, but no signatures found (use gpg-verify=false in remote config to disable) ``` Closes: #663 Approved by: giuseppe
2024-10-27 10:25:07 +03:00 · 2017-01-30 10:55:22 +01:00 · 2017-01-30 10:55:22 +01:00 · a89be1f00f
commit a89be1f00f
parent 1fd05fe840
2 changed files with 21 additions and 7 deletions
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@ -1035,14 +1035,22 @@ process_verify_result (OtPullData            *pull_data,
                       GError               **error)
 {
  if (result == NULL)
+    {
+      g_prefix_error (error, "Commit %s: ", checksum);
      return FALSE;
+    }

  /* Allow callers to output the results immediately. */
  g_signal_emit_by_name (pull_data->repo,
                         "gpg-verify-result",
                         checksum, result);

-  return ostree_gpg_verify_result_require_valid_signature (result, error);
+  if (!ostree_gpg_verify_result_require_valid_signature (result, error))
+    {
+      g_prefix_error (error, "Commit %s: ", checksum);
+      return FALSE;
+    }
+  return TRUE;
 }

 static gboolean
@ -1060,8 +1068,9 @@ gpg_verify_unwritten_commit (OtPullData         *pull_data,

      if (!detached_metadata)
        {
-          g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                               "No detached metadata found for GPG verification");
+          g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+                       "Commit %s: no detached metadata found for GPG verification",
+                       checksum);
          return FALSE;
        }

--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@ -4356,7 +4356,7 @@ _ostree_repo_gpg_verify_with_metadata (OstreeRepo          *self,
                                            _OSTREE_METADATA_GPGSIGS_TYPE);
  if (!signaturedata)
    {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
+      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
                           "GPG verification enabled, but no signatures found (use gpg-verify=false in remote config to disable)");
      return NULL;
    }
@ -4474,7 +4474,12 @@ ostree_repo_verify_commit (OstreeRepo   *self,
                                          keyringdir, extra_keyring,
                                          cancellable, error);

-  return ostree_gpg_verify_result_require_valid_signature (result, error);
+  if (!ostree_gpg_verify_result_require_valid_signature (result, error))
+    {
+      g_prefix_error (error, "Commit %s: ", commit_checksum);
+      return FALSE;
+    }
+  return TRUE;
 }

 /**