mirror of
https://github.com/ostreedev/ostree.git
synced 2025-01-20 18:09:21 +03:00
Merge pull request #3131 from cgwalters/status-use-remote
status: Pass correct remote name when verifying
This commit is contained in:
commit
ac8638f3e4
@ -29,39 +29,14 @@
|
|||||||
#include <glib/gi18n.h>
|
#include <glib/gi18n.h>
|
||||||
|
|
||||||
static gboolean opt_verify;
|
static gboolean opt_verify;
|
||||||
|
static gboolean opt_skip_signatures;
|
||||||
|
|
||||||
static GOptionEntry options[] = { { "verify", 'V', 0, G_OPTION_ARG_NONE, &opt_verify,
|
static GOptionEntry options[]
|
||||||
"Print the commit verification status", NULL },
|
= { { "verify", 'V', 0, G_OPTION_ARG_NONE, &opt_verify, "Print the commit verification status",
|
||||||
{ NULL } };
|
NULL },
|
||||||
|
{ "skip-signatures", 'S', 0, G_OPTION_ARG_NONE, &opt_skip_signatures,
|
||||||
#ifndef OSTREE_DISABLE_GPGME
|
"Print the commit verification status", NULL },
|
||||||
static gboolean
|
{ NULL } };
|
||||||
deployment_get_gpg_verify (OstreeDeployment *deployment, OstreeRepo *repo)
|
|
||||||
{
|
|
||||||
/* XXX Something like this could be added to the OstreeDeployment
|
|
||||||
* API in libostree if the OstreeRepo parameter is acceptable. */
|
|
||||||
GKeyFile *origin = ostree_deployment_get_origin (deployment);
|
|
||||||
|
|
||||||
if (origin == NULL)
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
g_autofree char *refspec = g_key_file_get_string (origin, "origin", "refspec", NULL);
|
|
||||||
|
|
||||||
if (refspec == NULL)
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
g_autofree char *remote = NULL;
|
|
||||||
if (!ostree_parse_refspec (refspec, &remote, NULL, NULL))
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
gboolean gpg_verify = FALSE;
|
|
||||||
if (remote)
|
|
||||||
(void)ostree_repo_remote_get_gpg_verify (repo, remote, &gpg_verify, NULL);
|
|
||||||
|
|
||||||
return gpg_verify;
|
|
||||||
}
|
|
||||||
#endif /* OSTREE_DISABLE_GPGME */
|
|
||||||
|
|
||||||
static gboolean
|
static gboolean
|
||||||
deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeployment *deployment,
|
deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeployment *deployment,
|
||||||
gboolean is_booted, gboolean is_pending, gboolean is_rollback,
|
gboolean is_booted, gboolean is_pending, gboolean is_rollback,
|
||||||
@ -95,6 +70,8 @@ deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeploym
|
|||||||
}
|
}
|
||||||
|
|
||||||
GKeyFile *origin = ostree_deployment_get_origin (deployment);
|
GKeyFile *origin = ostree_deployment_get_origin (deployment);
|
||||||
|
g_autofree char *origin_refspec
|
||||||
|
= origin ? g_key_file_get_string (origin, "origin", "refspec", NULL) : NULL;
|
||||||
|
|
||||||
const char *deployment_status = "";
|
const char *deployment_status = "";
|
||||||
if (ostree_deployment_is_finalization_locked (deployment))
|
if (ostree_deployment_is_finalization_locked (deployment))
|
||||||
@ -127,7 +104,6 @@ deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeploym
|
|||||||
g_print (" origin: none\n");
|
g_print (" origin: none\n");
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
g_autofree char *origin_refspec = g_key_file_get_string (origin, "origin", "refspec", NULL);
|
|
||||||
if (!origin_refspec)
|
if (!origin_refspec)
|
||||||
g_print (" origin: <unknown origin type>\n");
|
g_print (" origin: <unknown origin type>\n");
|
||||||
else
|
else
|
||||||
@ -137,15 +113,22 @@ deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeploym
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifndef OSTREE_DISABLE_GPGME
|
#ifndef OSTREE_DISABLE_GPGME
|
||||||
if (!opt_verify && deployment_get_gpg_verify (deployment, repo))
|
g_autofree char *remote = NULL;
|
||||||
|
if (origin_refspec && !ostree_parse_refspec (origin_refspec, &remote, NULL, NULL))
|
||||||
|
return FALSE;
|
||||||
|
|
||||||
|
gboolean gpg_verify = FALSE;
|
||||||
|
if (remote)
|
||||||
|
(void)ostree_repo_remote_get_gpg_verify (repo, remote, &gpg_verify, NULL);
|
||||||
|
if (!opt_skip_signatures && !opt_verify && gpg_verify)
|
||||||
{
|
{
|
||||||
|
g_assert (remote);
|
||||||
g_autoptr (GString) output_buffer = g_string_sized_new (256);
|
g_autoptr (GString) output_buffer = g_string_sized_new (256);
|
||||||
/* Print any digital signatures on this commit. */
|
/* Print any digital signatures on this commit. */
|
||||||
|
|
||||||
const char *osname = ostree_deployment_get_osname (deployment);
|
|
||||||
g_autoptr (GError) local_error = NULL;
|
g_autoptr (GError) local_error = NULL;
|
||||||
g_autoptr (OstreeGpgVerifyResult) result
|
g_autoptr (OstreeGpgVerifyResult) result
|
||||||
= ostree_repo_verify_commit_for_remote (repo, ref, osname, cancellable, &local_error);
|
= ostree_repo_verify_commit_for_remote (repo, ref, remote, cancellable, &local_error);
|
||||||
|
|
||||||
/* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */
|
/* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */
|
||||||
if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
|
if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
|
||||||
@ -174,16 +157,8 @@ deployment_print_status (OstreeSysroot *sysroot, OstreeRepo *repo, OstreeDeploym
|
|||||||
{
|
{
|
||||||
if (!commit)
|
if (!commit)
|
||||||
return glnx_throw (error, "Cannot verify, failed to load commit");
|
return glnx_throw (error, "Cannot verify, failed to load commit");
|
||||||
|
if (origin_refspec == NULL)
|
||||||
if (origin == NULL)
|
|
||||||
return glnx_throw (error, "Cannot verify deployment with no origin");
|
|
||||||
|
|
||||||
g_autofree char *refspec = g_key_file_get_string (origin, "origin", "refspec", NULL);
|
|
||||||
if (refspec == NULL)
|
|
||||||
return glnx_throw (error, "No origin/refspec, cannot verify");
|
return glnx_throw (error, "No origin/refspec, cannot verify");
|
||||||
g_autofree char *remote = NULL;
|
|
||||||
if (!ostree_parse_refspec (refspec, &remote, NULL, NULL))
|
|
||||||
return FALSE;
|
|
||||||
if (remote == NULL)
|
if (remote == NULL)
|
||||||
return glnx_throw (error, "Cannot verify deployment without remote");
|
return glnx_throw (error, "Cannot verify deployment without remote");
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user