From b09c9b7005555fa5057bfff754e7dd4ff884a891 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 3 Jun 2015 10:18:03 +0200 Subject: [PATCH] repo: new function ostree_repo_remote_get_gpg_verify_summary It allows to specify whether GPG verification for the summary file is enabled for a specific repository. Signed-off-by: Giuseppe Scrivano --- doc/ostree-sections.txt | 1 + doc/ostree.repo-config.xml | 9 +++++++++ src/libostree/ostree-repo.c | 23 +++++++++++++++++++++++ src/libostree/ostree-repo.h | 5 +++++ 4 files changed, 38 insertions(+) diff --git a/doc/ostree-sections.txt b/doc/ostree-sections.txt index 8149b5ef..1e488e00 100644 --- a/doc/ostree-sections.txt +++ b/doc/ostree-sections.txt @@ -233,6 +233,7 @@ ostree_repo_remote_change ostree_repo_remote_list ostree_repo_remote_get_url ostree_repo_remote_get_gpg_verify +ostree_repo_remote_get_gpg_verify_summary ostree_repo_remote_gpg_import ostree_repo_remote_fetch_summary ostree_repo_get_parent diff --git a/doc/ostree.repo-config.xml b/doc/ostree.repo-config.xml index 38b7a0bf..c77ccc6e 100644 --- a/doc/ostree.repo-config.xml +++ b/doc/ostree.repo-config.xml @@ -148,6 +148,15 @@ Boston, MA 02111-1307, USA. manual under GPG. + + gpg-verify-summary + A boolean value, defaults to false. + Controls whether or not OSTree will check if the summary + is signed by a known GPG key. + For more information, see the ostree1 + manual under GPG. + + tls-permissive A boolean value, defaults to false. By diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c index 56f7b29a..badc8ff9 100644 --- a/src/libostree/ostree-repo.c +++ b/src/libostree/ostree-repo.c @@ -1272,6 +1272,29 @@ ostree_repo_remote_get_gpg_verify (OstreeRepo *self, TRUE, out_gpg_verify, error); } +/** + * ostree_repo_remote_get_gpg_verify_summary: + * @self: Repo + * @name: Name of remote + * @out_gpg_verify_summary: (out) (allow-none): Remote's GPG option + * @error: Error + * + * Return whether GPG verification of the summary is enabled for the remote + * named @name through @out_gpg_verify_summary. It is an error if the provided + * remote does not exist. + * + * Returns: %TRUE on success, %FALSE on failure + */ +gboolean +ostree_repo_remote_get_gpg_verify_summary (OstreeRepo *self, + const char *name, + gboolean *out_gpg_verify_summary, + GError **error) +{ + return _ostree_repo_get_remote_boolean_option (self, name, "gpg-verify-summary", + FALSE, out_gpg_verify_summary, error); +} + /** * ostree_repo_remote_gpg_import: * @self: Self diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h index ce81c464..e6937b5f 100644 --- a/src/libostree/ostree-repo.h +++ b/src/libostree/ostree-repo.h @@ -112,6 +112,11 @@ gboolean ostree_repo_remote_get_gpg_verify (OstreeRepo *self, gboolean *out_gpg_verify, GError **error); +gboolean ostree_repo_remote_get_gpg_verify_summary (OstreeRepo *self, + const char *name, + gboolean *out_gpg_verify_summary, + GError **error); + gboolean ostree_repo_remote_gpg_import (OstreeRepo *self, const char *name, GInputStream *source_stream,