Skip to content

Commit

Permalink
lib/repo: Fix multi-signature support when generating summary files
Browse files Browse the repository at this point in the history
Ensure that the metadata object is built up with the signatures from all keys
passed to ostree_repo_add_gpg_signature_summary(). Previously only the signature
from the last key would end up in the metadata.

Closes: #1488
  • Loading branch information
jeremy-hiatt committed Mar 8, 2018
1 parent 127d8bb commit 52a38f4
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions src/libostree/ostree-repo.c
Original file line number Diff line number Diff line change
Expand Up @@ -4811,17 +4811,16 @@ ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
/* Note that fd is reused below */
glnx_close_fd (&fd);

g_autoptr(GVariant) existing_signatures = NULL;
g_autoptr(GVariant) metadata = NULL;
if (!ot_openat_ignore_enoent (self->repo_dir_fd, "summary.sig", &fd, error))
return FALSE;
if (fd != -1)
{
if (!ot_variant_read_fd (fd, 0, G_VARIANT_TYPE (OSTREE_SUMMARY_SIG_GVARIANT_STRING),
FALSE, &existing_signatures, error))
FALSE, &metadata, error))
return FALSE;
}

g_autoptr(GVariant) new_metadata = NULL;
for (guint i = 0; key_id[i]; i++)
{
g_autoptr(GBytes) signature_data = NULL;
Expand All @@ -4830,10 +4829,10 @@ ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
cancellable, error))
return FALSE;

new_metadata = _ostree_detached_metadata_append_gpg_sig (existing_signatures, signature_data);
metadata = _ostree_detached_metadata_append_gpg_sig (metadata, signature_data);
}

g_autoptr(GVariant) normalized = g_variant_get_normal_form (new_metadata);
g_autoptr(GVariant) normalized = g_variant_get_normal_form (metadata);

if (!_ostree_repo_file_replace_contents (self,
self->repo_dir_fd,
Expand Down

0 comments on commit 52a38f4

Please sign in to comment.