<SECTION>
<FILE>ostree-sign</FILE>
OstreeSign
-ostree_sign_list_names
+ostree_sign_get_all
ostree_sign_commit
ostree_sign_commit_verify
ostree_sign_data
ostree_repo_commit_modifier_set_sepolicy_from_commit;
someostree_symbol_deleteme;
ostree_sign_get_type;
- ostree_sign_list_names;
+ ostree_sign_get_all;
ostree_sign_commit;
ostree_sign_commit_verify;
ostree_sign_data;
return TRUE;
}
+/* Iterate over all known signing types, and check if the commit is signed
+ * by at least one.
+ */
gboolean
_sign_verify_for_remote (OstreeRepo *repo,
const gchar *remote_name,
GVariant *metadata,
GError **error)
{
- /* list all signature types in detached metadata and check if signed by any? */
- g_auto (GStrv) names = ostree_sign_list_names();
guint n_invalid_signatures = 0;
- guint n_unknown_signatures = 0;
g_autoptr (GError) last_sig_error = NULL;
gboolean found_sig = FALSE;
- for (char **iter=names; iter && *iter; iter++)
+ g_autoptr(GPtrArray) signers = ostree_sign_get_all ();
+ for (guint i = 0; i < signers->len; i++)
{
- g_autoptr (OstreeSign) sign = NULL;
- g_autoptr (GVariant) signatures = NULL;
- const gchar *signature_key = NULL;
- GVariantType *signature_format = NULL;
-
- if ((sign = ostree_sign_get_by_name (*iter, NULL)) == NULL)
- {
- n_unknown_signatures++;
- continue;
- }
-
- signature_key = ostree_sign_metadata_key (sign);
- signature_format = (GVariantType *) ostree_sign_metadata_format (sign);
-
- signatures = g_variant_lookup_value (metadata,
- signature_key,
- signature_format);
+ OstreeSign *sign = signers->pdata[i];
+ const gchar *signature_key = ostree_sign_metadata_key (sign);
+ GVariantType *signature_format = (GVariantType *) ostree_sign_metadata_format (sign);
+ g_autoptr (GVariant) signatures =
+ g_variant_lookup_value (metadata, signature_key, signature_format);
/* If not found signatures for requested signature subsystem */
if (!signatures)
}
if (!found_sig)
- {
- if (n_unknown_signatures > 0)
- return glnx_throw (error, "No signatures found (%d unknown type)", n_unknown_signatures);
- return glnx_throw (error, "No signatures found");
- }
+ return glnx_throw (error, "No signatures found");
g_assert (last_sig_error);
g_propagate_error (error, g_steal_pointer (&last_sig_error));
gboolean found_any_signature = FALSE;
gboolean found_valid_signature = FALSE;
- /* list all signature types in detached metadata and check if signed by any? */
- g_auto (GStrv) names = ostree_sign_list_names();
- for (char **iter=names; iter && *iter; iter++)
+ /* FIXME - dedup this with _sign_verify_for_remote() */
+ g_autoptr(GPtrArray) signers = ostree_sign_get_all ();
+ for (guint i = 0; i < signers->len; i++)
{
- g_autoptr (OstreeSign) sign = NULL;
-
- if ((sign = ostree_sign_get_by_name (*iter, NULL)) == NULL)
- continue;
+ OstreeSign *sign = signers->pdata[i];
/* Try to load public key(s) according remote's configuration */
if (!_signapi_load_public_keys (sign, pull_data->repo, pull_data->remote_name, error))
*
* Return the pointer to the name of currently used/selected signing engine.
*
- * The list of available engines could be acquired with #ostree_sign_list_names.
- *
* Returns: (transfer none): pointer to the name
* @NULL in case of error (unlikely).
*
}
/**
- * ostree_sign_list_names:
+ * ostree_sign_get_all:
*
- * Return an array with all available sign engines names.
+ * Return an array with newly allocated instances of all available
+ * signing engines; they will not be initialized.
*
- * Returns: (transfer full): an array of strings, free when you used it
+ * Returns: (transfer full) (element-type OstreeSign): an array of signing engines
*
* Since: 2020.2
*/
-GStrv
-ostree_sign_list_names(void)
+GPtrArray *
+ostree_sign_get_all (void)
{
+ g_autoptr(GPtrArray) engines = g_ptr_array_new_with_free_func (g_object_unref);
+ for (guint i = 0; i < G_N_ELEMENTS(sign_types); i++)
+ {
+ OstreeSign *engine = ostree_sign_get_by_name (sign_types[i].name, NULL);
+ g_assert (engine);
+ g_ptr_array_add (engines, engine);
+ }
- GStrv names = g_new0 (char *, G_N_ELEMENTS(sign_types) + 1);
- gint i = 0;
-
- for (i=0; i < G_N_ELEMENTS(sign_types); i++)
- {
- names[i] = g_strdup(sign_types[i].name);
- g_debug ("Found '%s' signing engine", names[i]);
- }
-
- return names;
+ return g_steal_pointer (&engines);
}
/**
* @name: the name of desired signature engine
* @error: return location for a #GError
*
- * Tries to find and return proper signing engine by it's name.
- *
- * The list of available engines could be acquired with #ostree_sign_list_names.
+ * Create a new instance of a signing engine.
*
- * Returns: (transfer full): a constant, free when you used it
+ * Returns: (transfer full): New signing engine, or %NULL if the engine is not known
*
* Since: 2020.2
*/
_OSTREE_PUBLIC
-GStrv ostree_sign_list_names(void);
+GPtrArray * ostree_sign_get_all(void);
_OSTREE_PUBLIC
OstreeSign * ostree_sign_get_by_name (const gchar *name, GError **error);
projects / ostree.git / commitdiff