projects / ostree.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8801e38) | patch
pull: Add support for sign-verify=<list>
authorColin Walters <walters@verbum.org>
Fri, 15 May 2020 20:43:23 +0000 (20:43 +0000)
committerColin Walters <walters@verbum.org>
Fri, 22 May 2020 19:10:32 +0000 (19:10 +0000)
commit5cb9d0df38e7c24e9db999c2d4e6a76fbf758fa5
tree1b89d6c0905731229e3a2ae95ba72b22e250f4a8tree | snapshot
parent8801e38bba46ed586a74b733ea2e49d06ff8afd7commit | diff
pull: Add support for sign-verify=<list>

The goal here is to move the code towards a model
where the *client* can explicitly specify which signature types
are acceptable.

We retain support for `sign-verify=true` for backwards compatibility.
But in that configuration, a missing public key is just "no signatures found".

With `sign-verify=ed25519` and no key configured, we can
explicitly say `No keys found for required signapi type ed25519`
which is much, much clearer.

Implementation side, rather than maintaining `gboolean sign_verify` *and*
`GPtrArray sign_verifiers`, just have the array.  If it's `NULL` that means
not to verify.

Note that currently, an explicit list is an OR of signatures, not AND.
In practice...I think most people are going to be using a single entry
anyways.
src/libostree/ostree-repo-pull-private.h diff | blob | history
src/libostree/ostree-repo-pull-verify.c diff | blob | history
src/libostree/ostree-repo-pull.c diff | blob | history
tests/test-signed-pull.sh diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.