[ostree] deltas: Verify checksums in apply-offline unless skip_validate is TRUE
- From: Alexander Larsson <alexl src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [ostree] deltas: Verify checksums in apply-offline unless skip_validate is TRUE
- Date: Tue, 10 Nov 2015 08:53:24 +0000 (UTC)
commit 78f14555c8c1352f3be6f1c228d22edc152ab6fa
Author: Alexander Larsson <alexl redhat com>
Date: Thu Oct 15 19:36:30 2015 +0200
deltas: Verify checksums in apply-offline unless skip_validate is TRUE
src/libostree/ostree-repo-pull.c | 2 +
src/libostree/ostree-repo-static-delta-core.c | 2 +-
src/libostree/ostree-repo-static-delta-private.h | 3 +
.../ostree-repo-static-delta-processing.c | 142 +++++++++++++++-----
4 files changed, 114 insertions(+), 35 deletions(-)
---
diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index b1fdc68..9153857 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -977,6 +977,7 @@ static_deltapart_fetch_on_complete (GObject *object,
_ostree_static_delta_part_execute_async (pull_data->repo,
fetch_data->objects,
delta_data,
+ TRUE,
pull_data->cancellable,
on_static_delta_written,
fetch_data);
@@ -1628,6 +1629,7 @@ process_one_static_delta (OtPullData *pull_data,
_ostree_static_delta_part_execute_async (pull_data->repo,
fetch_data->objects,
delta_data,
+ TRUE,
pull_data->cancellable,
on_static_delta_written,
fetch_data);
diff --git a/src/libostree/ostree-repo-static-delta-core.c b/src/libostree/ostree-repo-static-delta-core.c
index 2168985..c373b60 100644
--- a/src/libostree/ostree-repo-static-delta-core.c
+++ b/src/libostree/ostree-repo-static-delta-core.c
@@ -365,7 +365,7 @@ ostree_repo_static_delta_execute_offline (OstreeRepo *self,
goto out;
}
- if (!_ostree_static_delta_part_execute (self, objects, bytes,
+ if (!_ostree_static_delta_part_execute (self, objects, bytes, skip_validation,
cancellable, error))
{
g_prefix_error (error, "executing delta part %i: ", i);
diff --git a/src/libostree/ostree-repo-static-delta-private.h
b/src/libostree/ostree-repo-static-delta-private.h
index 7dfba0a..de32ec6 100644
--- a/src/libostree/ostree-repo-static-delta-private.h
+++ b/src/libostree/ostree-repo-static-delta-private.h
@@ -113,18 +113,21 @@ gboolean _ostree_static_delta_part_validate (OstreeRepo *repo,
gboolean _ostree_static_delta_part_execute (OstreeRepo *repo,
GVariant *header,
GBytes *partdata,
+ gboolean trusted,
GCancellable *cancellable,
GError **error);
gboolean _ostree_static_delta_part_execute_raw (OstreeRepo *repo,
GVariant *header,
GVariant *part,
+ gboolean trusted,
GCancellable *cancellable,
GError **error);
void _ostree_static_delta_part_execute_async (OstreeRepo *repo,
GVariant *header,
GBytes *partdata,
+ gboolean trusted,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
diff --git a/src/libostree/ostree-repo-static-delta-processing.c
b/src/libostree/ostree-repo-static-delta-processing.c
index 496c9ab..10e533c 100644
--- a/src/libostree/ostree-repo-static-delta-processing.c
+++ b/src/libostree/ostree-repo-static-delta-processing.c
@@ -39,6 +39,7 @@
G_STATIC_ASSERT (sizeof (guint) >= sizeof (guint32));
typedef struct {
+ gboolean trusted;
OstreeRepo *repo;
guint checksum_index;
const guint8 *checksums;
@@ -182,6 +183,7 @@ gboolean
_ostree_static_delta_part_execute_raw (OstreeRepo *repo,
GVariant *objects,
GVariant *part,
+ gboolean trusted,
GCancellable *cancellable,
GError **error)
{
@@ -198,6 +200,7 @@ _ostree_static_delta_part_execute_raw (OstreeRepo *repo,
state->repo = repo;
state->async_error = error;
+ state->trusted = trusted;
if (!_ostree_static_delta_parse_checksum_array (objects,
&checksums_data,
@@ -308,6 +311,7 @@ gboolean
_ostree_static_delta_part_execute (OstreeRepo *repo,
GVariant *header,
GBytes *part_bytes,
+ gboolean trusted,
GCancellable *cancellable,
GError **error)
{
@@ -356,7 +360,7 @@ _ostree_static_delta_part_execute (OstreeRepo *repo,
payload = g_variant_new_from_bytes (G_VARIANT_TYPE (OSTREE_STATIC_DELTA_PART_PAYLOAD_FORMAT_V0),
payload_data, FALSE);
- if (!_ostree_static_delta_part_execute_raw (repo, header, payload,
+ if (!_ostree_static_delta_part_execute_raw (repo, header, payload, trusted,
cancellable, error))
goto out;
@@ -371,6 +375,7 @@ typedef struct {
GBytes *partdata;
GCancellable *cancellable;
GSimpleAsyncResult *result;
+ gboolean trusted;
} StaticDeltaPartExecuteAsyncData;
static void
@@ -397,6 +402,7 @@ static_delta_part_execute_thread (GSimpleAsyncResult *res,
if (!_ostree_static_delta_part_execute (data->repo,
data->header,
data->partdata,
+ data->trusted,
cancellable, &error))
g_simple_async_result_take_error (res, error);
}
@@ -405,6 +411,7 @@ void
_ostree_static_delta_part_execute_async (OstreeRepo *repo,
GVariant *header,
GBytes *partdata,
+ gboolean trusted,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
@@ -415,6 +422,7 @@ _ostree_static_delta_part_execute_async (OstreeRepo *repo,
asyncdata->repo = g_object_ref (repo);
asyncdata->header = g_variant_ref (header);
asyncdata->partdata = g_bytes_ref (partdata);
+ asyncdata->trusted = trusted;
asyncdata->cancellable = cancellable ? g_object_ref (cancellable) : NULL;
asyncdata->result = g_simple_async_result_new ((GObject*) repo,
@@ -591,13 +599,27 @@ dispatch_open_splice_and_close (OstreeRepo *repo,
metadata = g_variant_new_from_data (ostree_metadata_variant_type (state->output_objtype),
state->payload_data + offset, length, TRUE, NULL, NULL);
-
- if (!ostree_repo_write_metadata_trusted (state->repo, state->output_objtype,
- state->checksum,
- metadata,
- cancellable,
- error))
- goto out;
+
+ if (state->trusted)
+ {
+ if (!ostree_repo_write_metadata_trusted (state->repo, state->output_objtype,
+ state->checksum,
+ metadata,
+ cancellable,
+ error))
+ goto out;
+ }
+ else
+ {
+ g_autofree guchar *actual_csum = NULL;
+
+ if (!ostree_repo_write_metadata (state->repo, state->output_objtype,
+ state->checksum,
+ metadata, &actual_csum,
+ cancellable,
+ error))
+ goto out;
+ }
}
else
{
@@ -622,13 +644,26 @@ dispatch_open_splice_and_close (OstreeRepo *repo,
(repo->mode == OSTREE_REPO_MODE_BARE ||
repo->mode == OSTREE_REPO_MODE_BARE_USER))
{
- if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum,
- state->content_size,
- &state->barecommitstate,
- &state->content_out,
- &state->have_obj,
- cancellable, error))
- goto out;
+ if (state->trusted)
+ {
+ if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum,
+ state->content_size,
+ &state->barecommitstate,
+ &state->content_out,
+ &state->have_obj,
+ cancellable, error))
+ goto out;
+ }
+ else
+ {
+ if (!_ostree_repo_open_untrusted_content_bare (repo, state->checksum,
+ state->content_size,
+ &state->barecommitstate,
+ &state->content_out,
+ &state->have_obj,
+ cancellable, error))
+ goto out;
+ }
if (!state->have_obj)
{
@@ -665,13 +700,28 @@ dispatch_open_splice_and_close (OstreeRepo *repo,
cancellable, error))
goto out;
- if (!ostree_repo_write_content_trusted (state->repo,
- state->checksum,
- object_input,
- objlen,
- cancellable,
- error))
- goto out;
+ if (state->trusted)
+ {
+ if (!ostree_repo_write_content_trusted (state->repo,
+ state->checksum,
+ object_input,
+ objlen,
+ cancellable,
+ error))
+ goto out;
+ }
+ else
+ {
+ g_autofree guchar *actual_csum = NULL;
+ if (!ostree_repo_write_content (state->repo,
+ state->checksum,
+ object_input,
+ objlen,
+ &actual_csum,
+ cancellable,
+ error))
+ goto out;
+ }
}
}
@@ -707,13 +757,26 @@ dispatch_open (OstreeRepo *repo,
if (!read_varuint64 (state, &state->content_size, error))
goto out;
- if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum,
- state->content_size,
- &state->barecommitstate,
- &state->content_out,
- &state->have_obj,
- cancellable, error))
- goto out;
+ if (state->trusted)
+ {
+ if (!_ostree_repo_open_trusted_content_bare (repo, state->checksum,
+ state->content_size,
+ &state->barecommitstate,
+ &state->content_out,
+ &state->have_obj,
+ cancellable, error))
+ goto out;
+ }
+ else
+ {
+ if (!_ostree_repo_open_untrusted_content_bare (repo, state->checksum,
+ state->content_size,
+ &state->barecommitstate,
+ &state->content_out,
+ &state->have_obj,
+ cancellable, error))
+ goto out;
+ }
ret = TRUE;
out:
@@ -868,11 +931,22 @@ dispatch_close (OstreeRepo *repo,
if (!g_output_stream_flush (state->content_out, cancellable, error))
goto out;
- if (!_ostree_repo_commit_trusted_content_bare (repo, state->checksum, &state->barecommitstate,
- state->uid, state->gid, state->mode,
- state->xattrs,
- cancellable, error))
- goto out;
+ if (state->trusted)
+ {
+ if (!_ostree_repo_commit_trusted_content_bare (repo, state->checksum, &state->barecommitstate,
+ state->uid, state->gid, state->mode,
+ state->xattrs,
+ cancellable, error))
+ goto out;
+ }
+ else
+ {
+ if (!_ostree_repo_commit_untrusted_content_bare (repo, state->checksum, &state->barecommitstate,
+ state->uid, state->gid, state->mode,
+ state->xattrs,
+ cancellable, error))
+ goto out;
+ }
}
if (!dispatch_unset_read_source (repo, state, cancellable, error))
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
