lib/repo-finder: Emit gpg-verify-summary=false in dynamic remote config

When returning results from finding repos, set gpg-verify-summary=false
in their configs, since any pulls from such remotes will necessarily
involve collection IDs, and hence should be using the unsigned summary
support. In the intended deployment mode for P2P transmission of OSTree
refs, summaries *cannot* be signed, so setting gpg-verify-summary=true
would cause all the pulls to fail.

The unsigned summary support is the move of repository metadata from
the summary file (not spliceable) to the well-known ostree-metadata ref
(spliceable, as it can exist for multiple collection IDs in the same
repository).

Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #1066
Approved by: cgwalters

diff --git a/src/libostree/ostree-repo-finder-avahi.c b/src/libostree/ostree-repo-finder-avahi.c
index a1500567f52bdc7dd5fd4b52846c397ac21f681a..5ded963623871ce2500cb562bab4df4f0b4a67d1 100644 (file)
--- a/src/libostree/ostree-repo-finder-avahi.c
+++ b/src/libostree/ostree-repo-finder-avahi.c
@@ -824,9 +824,10 @@ ostree_avahi_service_build_repo_finder_result (OstreeAvahiService
       g_clear_pointer (&remote->keyring, g_free);
       remote->keyring = g_strdup (repo->keyring);
 
+      /* gpg-verify-summary is false since we use the unsigned summary file support. */
       g_key_file_set_string (remote->options, remote->group, "url", repo->uri);
       g_key_file_set_boolean (remote->options, remote->group, "gpg-verify", TRUE);
-      g_key_file_set_boolean (remote->options, remote->group, "gpg-verify-summary", TRUE);
+      g_key_file_set_boolean (remote->options, remote->group, "gpg-verify-summary", FALSE);
 
       get_checksums (finder, parent_repo, remote, supported_ref_to_checksum, &error);
       if (error != NULL)

diff --git a/src/libostree/ostree-repo-finder-mount.c b/src/libostree/ostree-repo-finder-mount.c
index ffe31e99635506b659345998ccab17be0a507388..1eb3d31d045ba2d447c7149e531d913de5294e52 100644 (file)
--- a/src/libostree/ostree-repo-finder-mount.c
+++ b/src/libostree/ostree-repo-finder-mount.c
@@ -392,9 +392,10 @@ ostree_repo_finder_mount_resolve_async (OstreeRepoFinder                  *finde
           g_clear_pointer (&remote->keyring, g_free);
           remote->keyring = g_strdup (repo->keyring);
 
+          /* gpg-verify-summary is false since we use the unsigned summary file support. */
           g_key_file_set_string (remote->options, remote->group, "url", repo->uri);
           g_key_file_set_boolean (remote->options, remote->group, "gpg-verify", TRUE);
-          g_key_file_set_boolean (remote->options, remote->group, "gpg-verify-summary", TRUE);
+          g_key_file_set_boolean (remote->options, remote->group, "gpg-verify-summary", FALSE);
 
           /* Set the timestamp in the #OstreeRepoFinderResult to 0 because
            * the code in ostree_repo_pull_from_remotes_async() will be able to

diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index 6298a28eef351269de56f0c93c3d74852cee81fb..d637d5fd5d520c767706806db5b18e08a1766756 100644 (file)
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -5344,7 +5344,7 @@ ostree_repo_pull_from_remotes_async (OstreeRepo                           *self,
       g_variant_dict_insert (&local_options_dict, "flags", "i", OSTREE_REPO_PULL_FLAGS_UNTRUSTED | flags);
       g_variant_dict_insert_value (&local_options_dict, "collection-refs", g_variant_builder_end (&refs_to_pull_builder));
       g_variant_dict_insert (&local_options_dict, "gpg-verify", "b", TRUE);
-      g_variant_dict_insert (&local_options_dict, "gpg-verify-summary", "b", TRUE);
+      g_variant_dict_insert (&local_options_dict, "gpg-verify-summary", "b", FALSE);
       g_variant_dict_insert (&local_options_dict, "inherit-transaction", "b", TRUE);
       copy_option (&options_dict, &local_options_dict, "depth", G_VARIANT_TYPE ("i"));
       copy_option (&options_dict, &local_options_dict, "disable-static-deltas", G_VARIANT_TYPE ("b"));