projects / ostree.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b064581) | patch
pull: Verify commits with gpg signatures from detached metadata
authorJeremy Whiting <jeremy.whiting@collabora.com>
Thu, 5 Sep 2013 18:50:36 +0000 (12:50 -0600)
committerColin Walters <walters@verbum.org>
Sun, 29 Sep 2013 18:49:47 +0000 (14:49 -0400)
commit7f9eefb62d2b5a977289fa5a5a1d34755f597679
tree066943d31be8969ed92bda7dbd860f76738462d1tree | snapshot
parentb0645815770e0721d8915f924903d3a0a51e3964commit | diff
pull: Verify commits with gpg signatures from detached metadata

This uses gpgv for verification against DATADIR/ostree/pubring.gpg by
default.  The keyring can be overridden by specifying OSTREE_GPG_HOME.

Add a unit test for commit signing with gpg key and verifying on pull;
to implement this we ship a test GPG key generated with no password
for Ostree Tester <test@test.com>.

Change all of the existing tests to disable GPG verification.
19 files changed:
Makefile-libostree.am diff | blob | history
Makefile-tests.am diff | blob | history
src/libgsystem diff | blob | history
src/libostree/README-gpg [new file with mode: 0644] blob
src/libostree/ostree-gpg-verifier.c [new file with mode: 0644] blob
src/libostree/ostree-gpg-verifier.h [new file with mode: 0644] blob
src/libostree/ostree-repo-pull.c diff | blob | history
src/libostree/ostree-repo.c diff | blob | history
src/libostree/ostree-repo.h diff | blob | history
src/libostree/ostree-sysroot.c diff | blob | history
src/ostree/ot-admin-builtin-upgrade.c diff | blob | history
tests/libtest.sh diff | blob | history
tests/pull-test.sh diff | blob | history
tests/test-admin-deploy-1.sh diff | blob | history
tests/test-admin-deploy-2.sh diff | blob | history
tests/test-archivez.sh diff | blob | history
tests/test-commit-sign.sh [new file with mode: 0755] blob
tests/test-pull-corruption.sh diff | blob | history
tests/test-pull-resume.sh diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.