pull: Only set ca path if we actually have a setting for it

Otherwise, GTlsFileDatabase ends up accepting NULL for anchors, and
then we don't trust any CAs at all.

https://bugzilla.gnome.org/show_bug.cgi?id=726256

diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index 7d3ad2621986a4811d8cf7c594063ae30db195f5..2cdc6c151bca952008f6276e9f2feede6e61563a 100644 (file)
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -1138,11 +1138,14 @@ ostree_repo_pull (OstreeRepo               *self,
                                             NULL, &tls_ca_path, error))
       goto out;
 
-    db = g_tls_file_database_new (tls_ca_path, error);
-    if (!db)
-      goto out;
-
-    _ostree_fetcher_set_tls_database (pull_data->fetcher, db);
+    if (tls_ca_path)
+      {
+        db = g_tls_file_database_new (tls_ca_path, error);
+        if (!db)
+          goto out;
+        
+        _ostree_fetcher_set_tls_database (pull_data->fetcher, db);
+      }
   }
 
   if (!pull_data->base_uri)