From: Philip Withnall <withnall@endlessm.com>
Date: Mon, 19 Jun 2017 14:26:50 +0000 (+0100)
Subject: lib/pull: Don’t cache summary file until its signature is verified
X-Git-Tag: archive/raspbian/2022.1-3+rpi1~1^2~4^2~35^2~33
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=eb4887d619002932b348496c5613424b0ee120e0;p=ostree.git

lib/pull: Don’t cache summary file until its signature is verified

This makes no difference to the validity of the code, since any summary
file loaded from the cache will be verified before being read anyway;
but it will make some upcoming changes a little simpler.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #961
Approved by: cgwalters
---

diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index acc5098a..cc8a51eb 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -3339,6 +3339,24 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
         goto out;
       }
 
+    if (pull_data->gpg_verify_summary && bytes_summary && bytes_sig)
+      {
+        g_autoptr(GVariant) sig_variant = NULL;
+        glnx_unref_object OstreeGpgVerifyResult *result = NULL;
+
+        sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT, bytes_sig, FALSE);
+        result = _ostree_repo_gpg_verify_with_metadata (self,
+                                                        bytes_summary,
+                                                        sig_variant,
+                                                        pull_data->remote_name,
+                                                        NULL,
+                                                        NULL,
+                                                        cancellable,
+                                                        error);
+        if (!ostree_gpg_verify_result_require_valid_signature (result, error))
+          goto out;
+      }
+
     if (bytes_summary)
       {
         pull_data->summary_data = g_bytes_ref (bytes_summary);
@@ -3348,7 +3366,6 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
           pull_data->summary_data_sig = g_bytes_ref (bytes_sig);
       }
 
-
     if (!summary_from_cache && bytes_summary && bytes_sig)
       {
         if (!pull_data->remote_repo_local &&
@@ -3361,24 +3378,6 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
           goto out;
       }
 
-    if (pull_data->gpg_verify_summary && bytes_summary && bytes_sig)
-      {
-        g_autoptr(GVariant) sig_variant = NULL;
-        glnx_unref_object OstreeGpgVerifyResult *result = NULL;
-
-        sig_variant = g_variant_new_from_bytes (OSTREE_SUMMARY_SIG_GVARIANT_FORMAT, bytes_sig, FALSE);
-        result = _ostree_repo_gpg_verify_with_metadata (self,
-                                                        bytes_summary,
-                                                        sig_variant,
-                                                        pull_data->remote_name,
-                                                        NULL,
-                                                        NULL,
-                                                        cancellable,
-                                                        error);
-        if (!ostree_gpg_verify_result_require_valid_signature (result, error))
-          goto out;
-      }
-
     if (pull_data->summary)
       {
         additional_metadata = g_variant_get_child_value (pull_data->summary, 1);