gboolean ret = FALSE;
g_autoptr(GBytes) signed_data = g_variant_get_data_as_bytes (commit);
/* list all signature types in detached metadata and check if signed by any? */
- g_auto(GStrv) names = ostree_sign_list_names();
+ g_auto (GStrv) names = ostree_sign_list_names();
for (guint i=0; i < g_strv_length (names); i++)
{
g_autoptr (OstreeSign) sign = NULL;
+ g_autoptr (GError) local_error = NULL;
g_autoptr (GVariant) signatures = NULL;
- g_autofree gchar *signature_key = NULL;
- g_autofree GVariantType *signature_format = NULL;
+ const gchar *signature_key = NULL;
+ GVariantType *signature_format = NULL;
g_autofree gchar *pk_ascii = NULL;
g_autofree gchar *pk_file = NULL;
- if ((sign = ostree_sign_get_by_name (names[i], error)) == NULL)
- {
- g_clear_error (error);
- continue;
- }
+ if ((sign = ostree_sign_get_by_name (names[i], &local_error)) == NULL)
+ continue;
+
signature_key = ostree_sign_metadata_key (sign);
signature_format = (GVariantType *) ostree_sign_metadata_format (sign);
signatures = g_variant_lookup_value (detached_metadata,
signature_key,
signature_format);
-
if (!signatures)
continue;
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file));
options = g_variant_builder_end (builder);
- if (!ostree_sign_load_pk (sign, options, error))
- g_clear_error (error);
+ if (!ostree_sign_load_pk (sign, options, &local_error))
+ g_clear_error (&local_error);
}
/* Override key if it is set explicitly */
pk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
}
- if (!ostree_sign_set_pk (sign, pk, error))
- g_clear_error (error);
+ if (!ostree_sign_set_pk (sign, pk, &local_error))
+ continue;
}
/* Set return to true if any sign fit */
if (ostree_sign_metadata_verify (sign,
signed_data,
signatures,
- error
+ &local_error
))
ret = TRUE;
- else
- g_clear_error (error);
}
/* Mark the commit as verified to avoid double verification
* see process_verify_result () for rationale */
if (ret)
- {
g_hash_table_add (pull_data->verified_commits, g_strdup (checksum));
- }
else
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Can't verify commit");
gboolean ret = FALSE;
/* list all signature types in detached metadata and check if signed by any? */
g_auto (GStrv) names = ostree_sign_list_names();
- for (guint i=0; i < g_strv_length (names); i++)
+ for (char **iter=names; iter && *iter; iter++)
{
g_autoptr (OstreeSign) sign = NULL;
+ g_autoptr (GError) local_error = NULL;
g_autofree gchar *pk_ascii = NULL;
g_autofree gchar *pk_file = NULL;
- if ((sign = ostree_sign_get_by_name (names[i], error)) == NULL)
- {
- g_clear_error (error);
- continue;
- }
+ if ((sign = ostree_sign_get_by_name (*iter, &local_error)) == NULL)
+ continue;
/* Load keys for remote from file */
ostree_repo_get_remote_option (pull_data->repo,
g_variant_builder_add (builder, "{sv}", "filename", g_variant_new_string (pk_file));
options = g_variant_builder_end (builder);
- if (!ostree_sign_load_pk (sign, options, error))
- g_clear_error (error);
+ if (!ostree_sign_load_pk (sign, options, &local_error))
+ g_clear_error (&local_error);
}
ostree_repo_get_remote_option (pull_data->repo,
pk = g_variant_new_fixed_array (G_VARIANT_TYPE_BYTE, key, key_len, sizeof(guchar));
}
- if (!ostree_sign_set_pk (sign, pk, error))
- g_clear_error (error);
+ if (!ostree_sign_set_pk (sign, pk, &local_error))
+ continue;
}
pull_data->repo,
checksum,
cancellable,
- error))
+ &local_error))
ret = TRUE;
- else
- g_clear_error (error);
}
if (!ret)
return TRUE;
}
-gchar * ostree_sign_dummy_get_name (OstreeSign *self)
+const gchar * ostree_sign_dummy_get_name (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
- g_autofree gchar *name = g_strdup(OSTREE_SIGN_DUMMY_NAME);
-
- return g_steal_pointer (&name);
+ return OSTREE_SIGN_DUMMY_NAME;
}
-gchar * ostree_sign_dummy_metadata_key (OstreeSign *self)
+const gchar * ostree_sign_dummy_metadata_key (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
- g_autofree gchar *key = g_strdup(OSTREE_SIGN_METADATA_DUMMY_KEY);
- return g_steal_pointer (&key);
+ return OSTREE_SIGN_METADATA_DUMMY_KEY;
}
-gchar * ostree_sign_dummy_metadata_format (OstreeSign *self)
+const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
- g_autofree gchar *type = g_strdup(OSTREE_SIGN_METADATA_DUMMY_TYPE);
- return g_steal_pointer (&type);
+ return OSTREE_SIGN_METADATA_DUMMY_TYPE;
}
gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self,
SIGN_DUMMY,
GObject)
-gchar * ostree_sign_dummy_get_name (OstreeSign *self);
+const gchar * ostree_sign_dummy_get_name (OstreeSign *self);
gboolean ostree_sign_dummy_data (OstreeSign *self,
GBytes *data,
GCancellable *cancellable,
GError **error);
-gchar * ostree_sign_dummy_metadata_key (OstreeSign *self);
-gchar * ostree_sign_dummy_metadata_format (OstreeSign *self);
+const gchar * ostree_sign_dummy_metadata_key (OstreeSign *self);
+const gchar * ostree_sign_dummy_metadata_format (OstreeSign *self);
gboolean ostree_sign_dummy_metadata_verify (OstreeSign *self,
GBytes *data,
OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self));
#ifdef HAVE_LIBSODIUM
- g_autofree guchar *sig = NULL;
+ guchar *sig = NULL;
#endif
if ((sign->initialized != TRUE) || (sign->secret_key == NULL))
goto err;
}
- *signature = g_bytes_new (sig, sig_size);
+ *signature = g_bytes_new_take (sig, sig_size);
return TRUE;
#endif /* HAVE_LIBSODIUM */
err:
return FALSE;
}
-gchar * ostree_sign_ed25519_get_name (OstreeSign *self)
+const gchar * ostree_sign_ed25519_get_name (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE);
- g_autofree gchar *name = g_strdup (OSTREE_SIGN_ED25519_NAME);
-
- return g_steal_pointer (&name);
+ return OSTREE_SIGN_ED25519_NAME;
}
-gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self)
+const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
- g_autofree gchar *key = g_strdup(OSTREE_SIGN_METADATA_ED25519_KEY);
- return g_steal_pointer (&key);
+ return OSTREE_SIGN_METADATA_ED25519_KEY;
}
-gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self)
+const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
- g_autofree gchar *type = g_strdup (OSTREE_SIGN_METADATA_ED25519_TYPE);
- return g_steal_pointer (&type);
+ return OSTREE_SIGN_METADATA_ED25519_TYPE;
}
gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self,
g_set_error_literal (error,
G_IO_ERROR, G_IO_ERROR_FAILED,
"signature: ed25519: commit have no signatures of my type");
- goto err;
+ goto out;
}
if (!g_variant_is_of_type (signatures, (GVariantType *) OSTREE_SIGN_METADATA_ED25519_TYPE))
g_set_error_literal (error,
G_IO_ERROR, G_IO_ERROR_FAILED,
"signature: ed25519: wrong type passed for verification");
- goto err;
+ goto out;
}
if (sign->initialized != TRUE)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Not able to verify: libsodium library isn't initialized properly");
- goto err;
+ goto out;
}
#ifdef HAVE_LIBSODIUM
options = g_variant_builder_end (builder);
if (!ostree_sign_ed25519_load_pk (self, options, error))
- goto err;
+ goto out;
}
g_debug ("verify: data hash = 0x%x", g_bytes_hash(data));
"Not able to verify: no valid signatures found");
#endif /* HAVE_LIBSODIUM */
+out:
return ret;
-err:
- return FALSE;
}
gboolean
#ifdef HAVE_LIBSODIUM
OstreeSignEd25519 *sign = ostree_sign_ed25519_get_instance_private(OSTREE_SIGN_ED25519(self));
- g_autofree char * hex = NULL;
g_free (sign->secret_key);
goto err;
}
- hex = g_malloc0 (crypto_sign_SECRETKEYBYTES*2 + 1);
-// g_debug ("Set ed25519 secret key = %s", sodium_bin2hex (hex, crypto_sign_SECRETKEYBYTES*2+1, sign->secret_key, n_elements));
-
return TRUE;
err:
/* Substitute the key(s) with a new one */
if (sign->public_keys != NULL)
{
- g_list_free_full (sign->public_keys, g_object_unref);
+ g_list_free_full (sign->public_keys, g_free);
sign->public_keys = NULL;
}
goto err;
}
- key = g_memdup (key, n_elements);
if (g_list_find (sign->public_keys, key) == NULL)
- sign->public_keys = g_list_prepend (sign->public_keys, key);
+ {
+ gpointer newkey = g_memdup (key, n_elements);
+ sign->public_keys = g_list_prepend (sign->public_keys, newkey);
+ }
return TRUE;
GError **error)
{
g_debug ("%s enter", __FUNCTION__);
+ g_debug ("Processing file '%s'", filename);
g_autoptr (GFile) keyfile = NULL;
g_autoptr (GFileInputStream) key_stream_in = NULL;
/* Clear already loaded keys */
if (sign->public_keys != NULL)
{
- g_list_free_full (sign->public_keys, g_object_unref);
+ g_list_free_full (sign->public_keys, g_free);
sign->public_keys = NULL;
}
GCancellable *cancellable,
GError **error);
-gchar * ostree_sign_ed25519_get_name (OstreeSign *self);
-gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self);
-gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self);
+const gchar * ostree_sign_ed25519_get_name (OstreeSign *self);
+const gchar * ostree_sign_ed25519_metadata_key (OstreeSign *self);
+const gchar * ostree_sign_ed25519_metadata_format (OstreeSign *self);
gboolean ostree_sign_ed25519_metadata_verify (OstreeSign *self,
GBytes *data,
g_debug ("OstreeSign initialization");
}
-gchar * ostree_sign_metadata_key (OstreeSign *self)
+const gchar * ostree_sign_metadata_key (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
return OSTREE_SIGN_GET_IFACE (self)->metadata_key (self);
}
-gchar * ostree_sign_metadata_format (OstreeSign *self)
+const gchar * ostree_sign_metadata_format (OstreeSign *self)
{
g_debug ("%s enter", __FUNCTION__);
g_debug ("%s enter", __FUNCTION__);
if (OSTREE_SIGN_GET_IFACE (self)->load_pk == NULL)
- return FALSE;
+ return TRUE;
return OSTREE_SIGN_GET_IFACE (self)->load_pk (self, options, error);
}
g_variant_dict_init (&metadata_dict, existing_metadata);
- g_autofree gchar *signature_key = ostree_sign_metadata_key(self);
- g_autofree GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format(self);
+ const gchar *signature_key = ostree_sign_metadata_key(self);
+ GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format(self);
signature_data = g_variant_dict_lookup_value (&metadata_dict,
signature_key,
g_autoptr(GVariant) signatures = NULL;
- g_autofree gchar *signature_key = ostree_sign_metadata_key(self);
- g_autofree GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format(self);
+ const gchar *signature_key = ostree_sign_metadata_key(self);
+ GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format(self);
if (metadata)
signatures = g_variant_lookup_value (metadata,
struct _OstreeSignInterface
{
GTypeInterface g_iface;
- gchar *(* get_name) (OstreeSign *self);
+ const gchar *(* get_name) (OstreeSign *self);
gboolean (* data) (OstreeSign *self,
GBytes *data,
GBytes **signature,
GCancellable *cancellable,
GError **error);
- gchar *(* metadata_key) (OstreeSign *self);
- gchar *(* metadata_format) (OstreeSign *self);
+ const gchar *(* metadata_key) (OstreeSign *self);
+ const gchar *(* metadata_format) (OstreeSign *self);
gboolean (* metadata_verify) (OstreeSign *self,
GBytes *data,
GVariant *metadata,
_OSTREE_PUBLIC
-gchar * ostree_sign_metadata_key (OstreeSign *self);
+const gchar * ostree_sign_metadata_key (OstreeSign *self);
_OSTREE_PUBLIC
-gchar * ostree_sign_metadata_format (OstreeSign *self);
+const gchar * ostree_sign_metadata_format (OstreeSign *self);
_OSTREE_PUBLIC
GVariant * ostree_sign_detached_metadata_append (OstreeSign *self,
projects / ostree.git / commitdiff