[Libguestfs] [PATCH] builder: when not checking sigs, ignore --fingerprint args (RHBZ#1193237)
Pino Toscano
ptoscano at redhat.com
Tue Feb 17 15:34:16 UTC 2015
When the user chooses to not verify the signatures on the indexes
(using --no-check-signature), there is no point in requiring as many
--fingerprint as --source (or even just one), as they will not be used
anyway.
In this case just ignore all the values of the specified --fingerprint
arguments.
---
builder/cmdline.ml | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/builder/cmdline.ml b/builder/cmdline.ml
index 9dad141..b8227cc 100644
--- a/builder/cmdline.ml
+++ b/builder/cmdline.ml
@@ -281,13 +281,18 @@ read the man page virt-builder(1).
let nr_sources = List.length sources in
let fingerprints =
- match fingerprints with
- | [fingerprint] ->
- (* You're allowed to have multiple sources and one fingerprint: it
- * means that the same fingerprint is used for all sources.
- *)
- repeat fingerprint nr_sources
- | xs -> xs in
+ if check_signature then (
+ match fingerprints with
+ | [fingerprint] ->
+ (* You're allowed to have multiple sources and one fingerprint: it
+ * means that the same fingerprint is used for all sources.
+ *)
+ repeat fingerprint nr_sources
+ | xs -> xs
+ ) else
+ (* We are not checking signatures, so just ignore any fingerprint
+ * specified. *)
+ repeat "" nr_sources in
if List.length fingerprints <> nr_sources then
error (f_"source and fingerprint lists are not the same length");
--
2.1.4
More information about the Libguestfs
mailing list