From 7a4fb1b2f1ff5ef69fab867f62ea2dac5f93b95f Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Thu, 15 Oct 2015 19:34:04 +0200 Subject: [PATCH] Add _ostree_repo_open|commit_untrusted_content_bare Also renames OstreeRepoTrustedContentBareCommit to OstreeRepoContentBareCommit so that it can be used by both. This will be needed when we introduce checksum verification of objects in static deltas. --- src/libostree/ostree-repo-commit.c | 99 ++++++++++++++++++- src/libostree/ostree-repo-private.h | 28 +++++- .../ostree-repo-static-delta-processing.c | 2 +- 3 files changed, 123 insertions(+), 6 deletions(-) diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c index 62da0e35..a761a8a9 100644 --- a/src/libostree/ostree-repo-commit.c +++ b/src/libostree/ostree-repo-commit.c @@ -446,11 +446,106 @@ fallocate_stream (GFileDescriptorBased *stream, return ret; } +gboolean +_ostree_repo_open_untrusted_content_bare (OstreeRepo *self, + const char *expected_checksum, + guint64 content_len, + OstreeRepoContentBareCommit *out_state, + GOutputStream **out_stream, + gboolean *out_have_object, + GCancellable *cancellable, + GError **error) +{ + /* The trusted codepath is fine here */ + return _ostree_repo_open_trusted_content_bare (self, + expected_checksum, + content_len, + out_state, + out_stream, + out_have_object, + cancellable, + error); +} + +gboolean +_ostree_repo_commit_untrusted_content_bare (OstreeRepo *self, + const char *expected_checksum, + OstreeRepoContentBareCommit *state, + guint32 uid, + guint32 gid, + guint32 mode, + GVariant *xattrs, + GCancellable *cancellable, + GError **error) +{ + gboolean ret = FALSE; + + if (state->fd != -1) + { + GMappedFile *mapped; + g_autoptr(GBytes) bytes = NULL; + g_autoptr(GInputStream) raw_in = NULL; + g_autoptr(GInputStream) in = NULL; + g_autoptr(GFileInfo) file_info = NULL; + g_autofree guchar *actual_csum = NULL; + g_autofree char *actual_checksum = NULL; + int fd; + + fd = openat (self->tmp_dir_fd, state->temp_filename, O_RDONLY); + if (fd == -1) + { + gs_set_error_from_errno (error, errno); + goto out; + } + + mapped = g_mapped_file_new_from_fd (fd, FALSE, error); + + close (fd); + if (mapped == NULL) + goto out; + + bytes = g_mapped_file_get_bytes (mapped); + g_mapped_file_unref (mapped); + + raw_in = g_memory_input_stream_new_from_bytes (bytes); + + file_info = _ostree_header_gfile_info_new (mode, uid, gid); + + if (!ostree_raw_file_to_content_stream (raw_in, file_info, xattrs, &in, NULL, cancellable, error)) + goto out; + + if (!ot_gio_checksum_stream (in, &actual_csum, cancellable, error)) + goto out; + + actual_checksum = ostree_checksum_from_bytes (actual_csum); + + if (strcmp (actual_checksum, expected_checksum) != 0) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, + "Corrupted object %s (actual checksum is %s)", + expected_checksum, actual_checksum); + goto out; + } + + if (!commit_loose_object_trusted (self, expected_checksum, OSTREE_OBJECT_TYPE_FILE, + state->temp_filename, + FALSE, uid, gid, mode, + xattrs, state->fd, + cancellable, error)) + goto out; + } + + ret = TRUE; + out: + g_free (state->temp_filename); + return ret; +} + gboolean _ostree_repo_open_trusted_content_bare (OstreeRepo *self, const char *checksum, guint64 content_len, - OstreeRepoTrustedContentBareCommit *out_state, + OstreeRepoContentBareCommit *out_state, GOutputStream **out_stream, gboolean *out_have_object, GCancellable *cancellable, @@ -495,7 +590,7 @@ _ostree_repo_open_trusted_content_bare (OstreeRepo *self, gboolean _ostree_repo_commit_trusted_content_bare (OstreeRepo *self, const char *checksum, - OstreeRepoTrustedContentBareCommit *state, + OstreeRepoContentBareCommit *state, guint32 uid, guint32 gid, guint32 mode, diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h index 8f86fec4..ccb648f8 100644 --- a/src/libostree/ostree-repo-private.h +++ b/src/libostree/ostree-repo-private.h @@ -245,13 +245,13 @@ _ostree_repo_commit_loose_final (OstreeRepo *self, typedef struct { int fd; char *temp_filename; -} OstreeRepoTrustedContentBareCommit; +} OstreeRepoContentBareCommit; gboolean _ostree_repo_open_trusted_content_bare (OstreeRepo *self, const char *checksum, guint64 content_len, - OstreeRepoTrustedContentBareCommit *out_state, + OstreeRepoContentBareCommit *out_state, GOutputStream **out_stream, gboolean *out_have_object, GCancellable *cancellable, @@ -260,7 +260,7 @@ _ostree_repo_open_trusted_content_bare (OstreeRepo *self, gboolean _ostree_repo_commit_trusted_content_bare (OstreeRepo *self, const char *checksum, - OstreeRepoTrustedContentBareCommit *state, + OstreeRepoContentBareCommit *state, guint32 uid, guint32 gid, guint32 mode, @@ -268,6 +268,28 @@ _ostree_repo_commit_trusted_content_bare (OstreeRepo *self, GCancellable *cancellable, GError **error); +gboolean +_ostree_repo_open_untrusted_content_bare (OstreeRepo *self, + const char *expected_checksum, + guint64 content_len, + OstreeRepoContentBareCommit *out_state, + GOutputStream **out_stream, + gboolean *out_have_object, + GCancellable *cancellable, + GError **error); + +gboolean +_ostree_repo_commit_untrusted_content_bare (OstreeRepo *self, + const char *expected_checksum, + OstreeRepoContentBareCommit *state, + guint32 uid, + guint32 gid, + guint32 mode, + GVariant *xattrs, + GCancellable *cancellable, + GError **error); + + gboolean _ostree_repo_read_bare_fd (OstreeRepo *self, const char *checksum, diff --git a/src/libostree/ostree-repo-static-delta-processing.c b/src/libostree/ostree-repo-static-delta-processing.c index f60ec7a1..496c9abb 100644 --- a/src/libostree/ostree-repo-static-delta-processing.c +++ b/src/libostree/ostree-repo-static-delta-processing.c @@ -55,7 +55,7 @@ typedef struct { GError **async_error; OstreeObjectType output_objtype; - OstreeRepoTrustedContentBareCommit barecommitstate; + OstreeRepoContentBareCommit barecommitstate; guint64 content_size; GOutputStream *content_out; char checksum[65]; -- 2.30.2