git.ipfire.org Git - thirdparty/systemd.git/commit

author	Lennart Poettering <lennart@poettering.net>
	Fri, 15 Jan 2021 15:45:29 +0000 (16:45 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 19 Jan 2021 17:29:59 +0000 (18:29 +0100)
commit	f14717a7e2d9331010a091baeae6cf9e99f4bb5c
tree	e47c6f43244cdd7d60439d253eb02e090ece2588	tree \| snapshot
parent	c20307fd347da5f2d6cfe7fad3ae64450ffec818	commit \| diff

import: rework how verification works

Previously the PullJob object took internal care of rerequested the
SHA256SUMS file, if requesting <image>.sha256 didn't work. This was a
weird a non-abstraction only used when actually getting the checksum
files.

Let's move this out of the PullJob, so that it is generic again, and
does roughly the same stuff for all resources it is used for: let's
define a generic .on_not_found() handler that can be set on a PullJob
object, and is called whenever with see HTTP 404, and may be used to
provide a new URL to try if the first didn't work.

This is also preparation for later work to support PKCS#7 signatures
instead of gpg signatures, where a similar logic is needed, and we thus
should have a generic infrastructure place.

This gets rid of the VerificationStyle field in the PullJob object:
instead of storing this non-generic field we just derive the same
information from the URL itself, which is safe, since we generated it
ourselves earlier.

src/import/pull-common.c		diff \| blob \| blame \| history
src/import/pull-common.h		diff \| blob \| blame \| history
src/import/pull-job.c		diff \| blob \| blame \| history
src/import/pull-job.h		diff \| blob \| blame \| history
src/import/pull-raw.c		diff \| blob \| blame \| history
src/import/pull-tar.c		diff \| blob \| blame \| history