Commit Graph

2148 Commits

Author SHA1 Message Date
Matthew Barnes
df0cae4375 tests: Export OSTREE_SYSROOT in setup_os_repository
Eliminates the need for constantly passing --sysroot=sysroot, but
also makes ostree place remote configs for sysroot/ostree/repo in
sysroot/etc/ostree/remotes.d where they should have been all along.
2015-07-16 12:49:34 -04:00
Matthew Barnes
254def3584 main: Fix UID check based on sysroot path
This is another place where we were hard-coding a default.  Create the
OstreeSysroot first and THEN check if its path is the root directory.
2015-07-16 12:49:28 -04:00
Matthew Barnes
708d923125 repo: Fix location of remote configs for system repos
Need to respect the repo's system root directory instead of assuming the
compile-time $(sysconfdir).
2015-07-16 12:49:18 -04:00
Matthew Barnes
74fb777edb sysroot: Pass the internal repo a system root path 2015-07-16 12:49:11 -04:00
Matthew Barnes
104b8bf6fb repo: Add a "sysroot-path" property
Adds ostree_repo_new_for_sysroot_path() to specify a system root path.
OstreeRepo otherwise uses _ostree_get_default_sysroot_path().
2015-07-16 12:48:56 -04:00
Matthew Barnes
26225cb198 sysroot: Use _ostree_get_default_sysroot_path()
Instead of hard-coding the root directory as default.
2015-07-16 12:48:44 -04:00
Matthew Barnes
f2ddf10d4e core: Add _ostree_get_default_sysroot_path()
Returns a GFile for the default system root, which is usually the root
directory unless overridden by the OSTREE_SYSROOT environment variable
(which is mainly intended for testing).
2015-07-16 12:48:11 -04:00
Colin Walters
31d16c9cce pull: Plug a memory leak 2015-06-29 21:57:44 -04:00
Colin Walters
889b86e96d pull: Avoid leaking signal handlers across fetch requests
libsoup will cache sessions, so it might be the case that we get a
reused session when pulling from the same repo multiple times in one
process.

In this case we were leaking signal connections, which caused
callbacks into freed memory with bad consequences.

Fix it by tying the signal connection to the object lifetime.
2015-06-29 21:56:03 -04:00
Jeremy Cline
f0a02fbf20 build: Make gtk-doc optional
This is similar to what's done in glib.
2015-06-29 16:08:51 -04:00
Colin Walters
530631376e tests: Check error messages instead of "expected-fail", handle old parallel 2015-06-29 13:35:07 -04:00
Colin Walters
c8c239f94c pull: Also fix misplaced remote name handling
We want to set the remote name only if we're operating on a remote
URL.
2015-06-29 11:20:41 -04:00
Colin Walters
536d6fb083 core: Fix inverted conditional in GPG checking 2015-06-29 11:09:00 -04:00
Colin Walters
720e3b5f83 pull: Error if gpg=true and summary is 404, add more tests
I did a quick audit pass through the pull code.  What I focused on the
most is the case where `gpg-verify-summary=true`, and in particular
where `gpg-verify=false` too.  This should be a valid and secure
configuration.

The primary change here is to error out very quickly if either
`summary` or `summary.sig` are 404.  Previously, we'd only error out
if we were processing deltas.

Expand the existing test case to cover this, plus invalid summary and
invalid sig.  (The test case was failing with current git master too).
2015-06-27 12:04:18 -04:00
Giuseppe Scrivano
3737b9851a ostree_repo_remote_fetch_summary: honor gpg-verify-summary
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-26 11:02:25 +02:00
Giuseppe Scrivano
0bd10eb6e2 tests: add test for check for remote add --set=gpg-verify-summary=true
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-26 11:02:25 +02:00
Giuseppe Scrivano
19ce011e1f pull: fail if GPG is enabled and the summary is not signed
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-26 11:02:25 +02:00
Giuseppe Scrivano
b09c9b7005 repo: new function ostree_repo_remote_get_gpg_verify_summary
It allows to specify whether GPG verification for the summary file is
enabled for a specific repository.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-26 11:02:25 +02:00
Giuseppe Scrivano
6bf067411d pull: verify summary signatures also when not mirroring
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-26 11:02:24 +02:00
Matthew Barnes
6284beb2b6 ostree: Add a "remote refs" command
Works like "ostree refs" but fetches refs from a remote repo.

This depends on the remote repo having a summary file, but any repo
being served over HTTP *ought* to have one.
2015-06-26 11:02:24 +02:00
Matthew Barnes
0dbf91484b repo: Add ostree_repo_remote_fetch_summary()
Reusable method for fetching a summary file and signatures.
2015-06-26 11:02:24 +02:00
Matthew Barnes
87851c7bbe metalink: Return requested file as a GBytes
This may not be the best idea for general usage, but the only use case
for metalinks currently is fetching a summary file and those are pretty
small.  Far more convenient to return the file content in a GBytes.
2015-06-26 11:02:24 +02:00
Matthew Barnes
ebef43eabe metalink: Allow NULL for "out" params in metalink requests
Caller may not be interested in all the outbound params, particularly
"fetching_sync_uri".
2015-06-26 11:02:24 +02:00
Matthew Barnes
3515e01f6a repo: Redo ostree_repo_remote_get_url()
Make it work like in ostree_repo_pull_with_options(), handling "file://"
remotes and inheriting the "url" option from parent repos if needed.
2015-06-26 11:02:24 +02:00
Matthew Barnes
d4111aeac0 repo: Handle "file" remotes in ostree_repo_remote_get_gpg_verify() 2015-06-26 11:02:24 +02:00
Matthew Barnes
e592faec43 repo: Add _ostree_repo_get_remote_option_inherit()
Split out from ostree-repo-pull.c.  Still private but more reusable now.
2015-06-26 11:02:24 +02:00
Matthew Barnes
b02777accd repo: Add _ostree_repo_remote_new_fetcher()
Creates and configures an OstreeFetcher instance for a given remote.

Split out from ostree_repo_pull_with_options().
2015-06-26 11:02:24 +02:00
Matthew Barnes
6e3cb828b6 diff: Fix adding CLI options twice 2015-06-18 17:58:13 -04:00
Colin Walters
43cbe8c1b1 tests/metalink: Add a case with nested unknown elements 2015-06-15 21:20:52 -04:00
Matthew Barnes
b6722f9d80 metalink: Fix behavior when requested file is not found
The state machine's "passthrough_previous" field never got set, so the
machine gets put back into the wrong state after a passthrough phase.
Couple other minor issues around error handling.
2015-06-15 21:20:52 -04:00
Dan Nicholson
5af7e8e8c2 pull-local: Support --depth option
Like pull, allow pull-local to mirror another another repository by
specifying how many parents to traverse.

https://bugzilla.gnome.org/show_bug.cgi?id=750581
2015-06-14 08:49:35 -04:00
Giuseppe Scrivano
91d7f3fa0d tests/test-pull-mirror-summary.sh: remove empty newline
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-12 13:10:02 +02:00
Giuseppe Scrivano
a0520a51d2 autogen.sh: fix typo
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-06-12 09:44:12 +02:00
Matthew Barnes
9f1b50d41c repo: Change GPG verification policy
The global keyring directory (trusted.gpg.d) is deprecated.  Only use it
when a specified remote does NOT have its own keyring, or when verifying
local repository objects.

Note, because mixing in the global keyring directory is now an explicit
choice, OstreeGpgVerifier no longer needs to implement GInitableIface.
2015-06-10 12:28:57 -04:00
John Hiesey
4f6f97caf0 Fix double free in ostree_repo_pull_with_options
Duplicate the commit checksum for expected_commit_sizes since it's also
used as a value in requested_refs_to_fetch.

https://bugzilla.gnome.org/show_bug.cgi?id=750366
2015-06-05 17:27:38 -04:00
Dan Nicholson
acf228e3c8 Revert "tests: skip test-commit-sign.sh when not root"
This reverts commit d3545b0661. Since the
test is now using the temporary copy of the gpg homedir, it is no longer
owned by root.
2015-06-04 20:58:26 -04:00
Dan Nicholson
e228e0f142 tests: Use temporary gpg homedir
libtest always makes a copy of the gpghome directory to the test
directory, so there's no need to operate on the installed copy. This
allows test-remote-gpg-import to pass as an unprivileged user since it
otherwise couldn't create the temp files gpgme creates.
2015-06-04 20:58:14 -04:00
Dan Nicholson
2e0521804d tests: Use readdir64 when _FILE_OFFSET_BITS set
On 32 bit systems, _FILE_OFFSET_BITS will be set to 64 by
AC_SYS_LARGEFILE. This causes the glibc headers to use readdir64 rather
than readdir. Emulate that behavior in the preloader or the tests will
all fail with "No such file or directory".
2015-06-04 18:56:31 -04:00
Dan Nicholson
7aa23d53cd tests: Link test-gpg-verify-result with gpgme
This test uses gpgme directly to verify the signatures, so it needs to
find the gpgme headers and link with gpgme to ensure the linker can
resolve the symbols.
2015-06-04 18:16:00 -04:00
John Hiesey
06fc597762 Fix tests on 32 bit systems
Use guint64 when the 't' format is used for GVariant
2015-06-04 17:58:12 -04:00
Matthew Barnes
94ef7669d7 gpg: Gracefully handle no trusted.gpg.d directory
This is a deprecated fallback method anyway.  We prefer
remote-specific keyrings now.

https://bugzilla.gnome.org/750049
2015-06-04 17:54:42 -04:00
Colin Walters
44e7e59d27 Release 2015.7 2015-06-02 12:59:48 -04:00
Colin Walters
4f785d4f86 tests/remote-gpg-import: Only commit workdir
Just noticed this while debugging something else.  We don't want to
commit the whole test dir, just the workdir.

Trying to commit the repo itself is potentially subject to race
conditions at least.
2015-06-02 12:39:23 -04:00
Colin Walters
92deafec46 tests: Run all tests through a randomized readdir()
Having undefined (but in practice rarely changing) ordering for
`readdir()` ended up screwing us over for bootloader config
generation; see https://bugzilla.redhat.com/show_bug.cgi?id=1226520

Let's make things significantly more likely to fail more quickly in
the future if similar bugs are introduced.  We accomplish this by
introducing a little `LD_PRELOAD` library that randomizes the results
of `readdir()`.
2015-06-02 12:02:59 -04:00
Colin Walters
5ec148ec4d Revert "tests: Run all tests through a randomized readdir()"
Unintentionally pushed.

This reverts commit ce49264157.
2015-06-02 12:02:28 -04:00
Colin Walters
ee9b98e9d7 tests: Add a test-pull-summary-sigs
This is intended to cover non-mirroring usage of GPG + summary +
deltas.
2015-06-02 09:07:28 -04:00
Colin Walters
acf1caa12f repo: Don't crash when creating a summary if we have --empty deltas 2015-06-02 09:07:28 -04:00
Colin Walters
9acb6283d1 tests: Add a commented out test for mirroring with deltas 2015-06-02 09:07:28 -04:00
Colin Walters
9161e35d20 pull: Validate delta checksums more strongly
We need to check that it's 'ay'.  Also reuse the existing validation
function to check it's 32 bytes rather than potentially crashing with
assertion.

Just noticed this during a code review.
2015-06-02 09:07:28 -04:00
Colin Walters
0bd1ff3939 pull: Ensure console state for multiple GPG verification messages
If there are multiple signatures to verify, we would attempt to
display them multiple times, but we can only call
`gs_console_end_status_line()` if the console has been enabled.

Ensure we turn back on the console after printing our status.  This
will result in extra newlines, but fixing that cleanly would require a
saner GSConsole API.
2015-06-02 09:07:28 -04:00