[ostree: 5/70] Add --untrusted option to pull and pull-local
- From: Colin Walters <walters src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [ostree: 5/70] Add --untrusted option to pull and pull-local
- Date: Fri, 15 Apr 2016 21:01:39 +0000 (UTC)
commit 456f515522b31bb59f03e2b30a2d86b0faa7d106
Author: Alexander Larsson <alexl redhat com>
Date: Wed Mar 23 12:32:03 2016 +0100
Add --untrusted option to pull and pull-local
https://bugzilla.gnome.org/show_bug.cgi?id=764125
Closes: #221
Approved by: cgwalters
Makefile-tests.am | 1 +
man/ostree-pull-local.xml | 8 ++++
man/ostree-pull.xml | 8 ++++
src/ostree/ot-builtin-pull-local.c | 8 ++++-
src/ostree/ot-builtin-pull.c | 5 +++
tests/test-pull-untrusted.sh | 63 ++++++++++++++++++++++++++++++++++++
6 files changed, 92 insertions(+), 1 deletions(-)
---
diff --git a/Makefile-tests.am b/Makefile-tests.am
index 50c714a..ce56226 100644
--- a/Makefile-tests.am
+++ b/Makefile-tests.am
@@ -48,6 +48,7 @@ test_scripts = \
tests/test-pull-metalink.sh \
tests/test-pull-summary-sigs.sh \
tests/test-pull-resume.sh \
+ tests/test-pull-untrusted.sh \
tests/test-local-pull-depth.sh \
tests/test-gpg-signed-commit.sh \
tests/test-admin-upgrade-unconfigured.sh \
diff --git a/man/ostree-pull-local.xml b/man/ostree-pull-local.xml
index 2ecd12c..6789874 100644
--- a/man/ostree-pull-local.xml
+++ b/man/ostree-pull-local.xml
@@ -80,6 +80,14 @@ Boston, MA 02111-1307, USA.
Do no invoke fsync().
</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><option>--untrusted</option></term>
+
+ <listitem><para>
+ Do not trust source, verify checksums and don't hardlink into source.
+ </para></listitem>
+ </varlistentry>
</variablelist>
</refsect1>
diff --git a/man/ostree-pull.xml b/man/ostree-pull.xml
index c419307..24ab0b7 100644
--- a/man/ostree-pull.xml
+++ b/man/ostree-pull.xml
@@ -74,6 +74,14 @@ Boston, MA 02111-1307, USA.
</varlistentry>
<varlistentry>
+ <term><option>--untrusted</option></term>
+
+ <listitem><para>
+ Do not trust local sources, verify checksums and don't hardlink into source.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><option>--disable-static-deltas</option></term>
<listitem><para>
diff --git a/src/ostree/ot-builtin-pull-local.c b/src/ostree/ot-builtin-pull-local.c
index ed87d80..f3ca184 100644
--- a/src/ostree/ot-builtin-pull-local.c
+++ b/src/ostree/ot-builtin-pull-local.c
@@ -32,11 +32,13 @@
static char *opt_remote;
static gboolean opt_disable_fsync;
+static gboolean opt_untrusted;
static int opt_depth = 0;
static GOptionEntry options[] = {
{ "remote", 0, 0, G_OPTION_ARG_STRING, &opt_remote, "Add REMOTE to refspec", "REMOTE" },
{ "disable-fsync", 0, 0, G_OPTION_ARG_NONE, &opt_disable_fsync, "Do not invoke fsync()", NULL },
+ { "untrusted", 0, 0, G_OPTION_ARG_NONE, &opt_untrusted, "Do not trust source", NULL },
{ "depth", 0, 0, G_OPTION_ARG_INT, &opt_depth, "Traverse DEPTH parents (-1=infinite) (default: 0)",
"DEPTH" },
{ NULL }
};
@@ -54,6 +56,7 @@ ostree_builtin_pull_local (int argc, char **argv, GCancellable *cancellable, GEr
glnx_unref_object OstreeAsyncProgress *progress = NULL;
g_autoptr(GPtrArray) refs_to_fetch = NULL;
g_autoptr(GHashTable) source_objects = NULL;
+ OstreeRepoPullFlags pullflags = 0;
context = g_option_context_new ("SRC_REPO [REFS...] - Copy data from SRC_REPO");
@@ -83,6 +86,9 @@ ostree_builtin_pull_local (int argc, char **argv, GCancellable *cancellable, GEr
src_repo_uri = g_strconcat ("file://", cwd, "/", src_repo_arg, NULL);
}
+ if (opt_untrusted)
+ pullflags |= OSTREE_REPO_PULL_FLAGS_UNTRUSTED;
+
if (opt_disable_fsync)
ostree_repo_set_disable_fsync (repo, TRUE);
@@ -133,7 +139,7 @@ ostree_builtin_pull_local (int argc, char **argv, GCancellable *cancellable, GEr
g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sv}"));
g_variant_builder_add (&builder, "{s v}", "flags",
- g_variant_new_variant (g_variant_new_int32 (OSTREE_REPO_PULL_FLAGS_NONE)));
+ g_variant_new_variant (g_variant_new_int32 (pullflags)));
g_variant_builder_add (&builder, "{s v}", "refs",
g_variant_new_variant (g_variant_new_strv ((const char *const*)
refs_to_fetch->pdata, -1)));
if (opt_remote)
diff --git a/src/ostree/ot-builtin-pull.c b/src/ostree/ot-builtin-pull.c
index 7c91890..8bef63a 100644
--- a/src/ostree/ot-builtin-pull.c
+++ b/src/ostree/ot-builtin-pull.c
@@ -33,6 +33,7 @@ static gboolean opt_commit_only;
static gboolean opt_dry_run;
static gboolean opt_disable_static_deltas;
static gboolean opt_require_static_deltas;
+static gboolean opt_untrusted;
static char* opt_subpath;
static int opt_depth = 0;
@@ -43,6 +44,7 @@ static GOptionEntry options[] = {
{ "require-static-deltas", 0, 0, G_OPTION_ARG_NONE, &opt_require_static_deltas, "Require static deltas",
NULL },
{ "mirror", 0, 0, G_OPTION_ARG_NONE, &opt_mirror, "Write refs suitable for a mirror", NULL },
{ "subpath", 0, 0, G_OPTION_ARG_STRING, &opt_subpath, "Only pull the provided subpath", NULL },
+ { "untrusted", 0, 0, G_OPTION_ARG_NONE, &opt_untrusted, "Do not trust (local) sources", NULL },
{ "dry-run", 0, 0, G_OPTION_ARG_NONE, &opt_dry_run, "Only print information on what will be downloaded
(requires static deltas)", NULL },
{ "depth", 0, 0, G_OPTION_ARG_INT, &opt_depth, "Traverse DEPTH parents (-1=infinite) (default: 0)",
"DEPTH" },
{ NULL }
@@ -134,6 +136,9 @@ ostree_builtin_pull (int argc, char **argv, GCancellable *cancellable, GError **
if (opt_commit_only)
pullflags |= OSTREE_REPO_PULL_FLAGS_COMMIT_ONLY;
+ if (opt_untrusted)
+ pullflags |= OSTREE_REPO_PULL_FLAGS_UNTRUSTED;
+
if (opt_dry_run && !opt_require_static_deltas)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
diff --git a/tests/test-pull-untrusted.sh b/tests/test-pull-untrusted.sh
new file mode 100755
index 0000000..95f7ab9
--- /dev/null
+++ b/tests/test-pull-untrusted.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+#
+# Copyright (C) 2014 Alexander Larsson <alexl redhat com>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+
+set -euo pipefail
+
+. $(dirname $0)/libtest.sh
+
+echo '1..3'
+
+setup_test_repository "bare"
+
+cd ${test_tmpdir}
+mkdir repo2
+${CMD_PREFIX} ostree --repo=repo2 init --mode="bare"
+
+${CMD_PREFIX} ostree --repo=repo2 --untrusted pull-local repo
+
+find repo2 -type f -links +1 | while read line; do
+ assert_not_reached "pull-local created hardlinks"
+done
+echo "ok pull-local --untrusted didn't hardlink"
+
+# Corrupt repo
+for i in ${test_tmpdir}/repo/objects/*/*.file; do
+ echo "corrupting $i"
+ echo "broke" >> $i
+ break;
+done
+
+rm -rf repo2
+mkdir repo2
+${CMD_PREFIX} ostree --repo=repo2 init --mode="bare"
+if ${CMD_PREFIX} ostree --repo=repo2 pull-local repo; then
+ echo "ok trusted pull with corruption succeeded"
+else
+ assert_not_reached "corrupted trusted pull unexpectedly succeeded!"
+fi
+
+rm -rf repo2
+mkdir repo2
+${CMD_PREFIX} ostree --repo=repo2 init --mode="bare"
+if ${CMD_PREFIX} ostree --repo=repo2 pull-local --untrusted repo; then
+ assert_not_reached "corrupted untrusted pull unexpectedly failed!"
+else
+ echo "ok untrusted pull with corruption failed"
+fi
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
