repo: Never delete .commitmeta files

Do not delete a .commitmeta file after removing the last metadata entry.
This way a client will pull the empty .commitmeta file and overwrite old
metadata as expected.

https://bugzilla.gnome.org/750459

diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index 732bbd06f79d7399c2a2d825cadc9617a4c90540..bee58caf57da85c28abd2d86c51aa8bed862cd7f 100644 (file)
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -2140,30 +2140,28 @@ ostree_repo_write_commit_detached_metadata (OstreeRepo      *self,
       normalized_size = g_variant_get_size (normalized);
     }
 
-  if (normalized_size == 0)
+  if (normalized_size > 0)
     {
-      GError *local_error = NULL;
-
-      (void) g_file_delete (metadata_path, cancellable, &local_error);
-
-      if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
-        {
-          g_clear_error (&local_error);
-        }
-      else if (local_error != NULL)
+      if (!g_file_replace_contents (metadata_path,
+                                    g_variant_get_data (normalized),
+                                    g_variant_get_size (normalized),
+                                    NULL, FALSE, 0, NULL,
+                                    cancellable, error))
         {
-          g_propagate_error (error, local_error);
-          g_prefix_error (error, "Unable to delete detached metadata: ");
+          g_prefix_error (error, "Unable to write detached metadata: ");
           goto out;
         }
     }
   else
     {
-      if (!g_file_replace_contents (metadata_path,
-                                    g_variant_get_data (normalized),
-                                    g_variant_get_size (normalized),
-                                    NULL, FALSE, 0, NULL,
-                                    cancellable, error))
+      g_autoptr(GFileOutputStream) output_stream = NULL;
+
+      /* Don't write to the stream, leave the file empty. */
+      output_stream = g_file_replace (metadata_path,
+                                      NULL, FALSE,
+                                      G_FILE_CREATE_NONE,
+                                      cancellable, error);
+      if (output_stream == NULL)
         {
           g_prefix_error (error, "Unable to write detached metadata: ");
           goto out;

diff --git a/src/ostree/ot-builtin-trivial-httpd.c b/src/ostree/ot-builtin-trivial-httpd.c
index d7701893543a6aa9f8fcd0f43e88b67da9f25bcd..c6a3757d2f78d06b5b6e93d6db229465a88e5cd9 100644 (file)
--- a/src/ostree/ot-builtin-trivial-httpd.c
+++ b/src/ostree/ot-builtin-trivial-httpd.c
@@ -273,7 +273,8 @@ do_get (OtTrivialHttpd    *self,
           buffer = soup_buffer_new_with_owner (g_mapped_file_get_contents (mapping),
                                                buffer_length,
                                                mapping, (GDestroyNotify)g_mapped_file_unref);
-          soup_message_body_append_buffer (msg->response_body, buffer);
+          if (buffer->length > 0)
+            soup_message_body_append_buffer (msg->response_body, buffer);
           soup_buffer_free (buffer);
         }
       else /* msg->method == SOUP_METHOD_HEAD */

diff --git a/tests/test-commit-sign.sh b/tests/test-commit-sign.sh
index 2288d09bd10eb00ebe0c6eec47be12af02360583..0dfbb768d78a1d6716211a4c6604298c6989e084 100755 (executable)
--- a/tests/test-commit-sign.sh
+++ b/tests/test-commit-sign.sh
@@ -119,4 +119,13 @@ ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-h
 ${CMD_PREFIX} ostree --repo=repo pull origin main
 ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature' > show
 assert_file_has_content show 'Found 1 signature'
+
+# Delete the signature from the commit so the detached metadata is empty,
+# then pull and verify the signature is also deleted on the client side.
+${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo gpg-sign --gpg-homedir=${SRCDIR}/gpghome --delete main $keyid
+${CMD_PREFIX} ostree --repo=repo pull origin main
+if ${CMD_PREFIX} ostree --repo=repo show main | grep -o 'Found [[:digit:]] signature'; then
+  assert_not_reached
+fi
+
 rm -rf repo gnomerepo-files