{
pull_data->summary_data = g_bytes_ref (bytes_summary);
pull_data->summary = g_variant_new_from_bytes (OSTREE_SUMMARY_GVARIANT_FORMAT, bytes_summary, FALSE);
+
+ if (bytes_sig)
+ pull_data->summary_data_sig = g_bytes_ref (bytes_sig);
}
- if (bytes_summary && bytes_sig)
+ if (pull_data->gpg_verify_summary && bytes_summary && bytes_sig)
{
g_autoptr(GVariant) sig_variant = NULL;
glnx_unref_object OstreeGpgVerifyResult *result = NULL;
- pull_data->summary_data_sig = g_bytes_ref (bytes_sig);
-
sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT, bytes_sig, FALSE);
result = _ostree_repo_gpg_verify_with_metadata (self,
bytes_summary,
assert_has_file repo/summary.sig
echo "ok pull mirror with signed summary"
+cp ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig{,.good}
+truncate --size=1 ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig
+
+cd ${test_tmpdir}
+rm -rf repo
+mkdir repo
+${OSTREE} --repo=repo init --mode=archive-z2
+${OSTREE} --repo=repo remote add origin $(cat httpd-address)/ostree/gnomerepo
+${OSTREE} --repo=repo pull --mirror origin
+assert_has_file repo/summary
+assert_has_file repo/summary.sig
+mv ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig{.good,}
+echo "ok pull mirror with invalid summary sig and no verification"
+
# Uncomment when we support mirroring deltas
#
# ${OSTREE} --repo=${test_tmpdir}/ostree-srv/gnomerepo static-delta generate main
projects / ostree.git / commitdiff