update: Fix OCI updates in the system repo

We need to check whether the remote is gpg verified after handling the oci case, because OCI is fine to update systemwide without gpg verification (in fact it doesn't support verification). This just reorders the code, matching what is done in the install case already. Closes: #2891 Approved by: alexlarsson (cherry picked from commit 4c4c80b85d) Closes: #3115 Approved by: alexlarsson
2026-04-02 22:34:25 -04:00 · 2019-05-08 16:54:55 +02:00
parent 32f5756127
commit 50358545d3
1 changed files with 16 additions and 16 deletions
--- a/common/flatpak-dir.c
+++ b/common/flatpak-dir.c
@@ -8364,22 +8364,6 @@ flatpak_dir_update (FlatpakDir                           *self,
      if (no_pull)
        {
        }
-      else if ((!gpg_verify_summary && state->collection_id == NULL) || !gpg_verify)
-        {
-          /* The remote is not gpg verified, so we don't want to allow installation via
-             a download in the home directory, as there is no way to verify you're not
-             injecting anything into the remote. However, in the case of a remote
-             configured to a local filesystem we can just let the system helper do
-             the installation, as it can then avoid network i/o and be certain the
-             data comes from the right place.
-
-             If @collection_id is non-%NULL, we can verify the refs in commit
-             metadata, so don’t need to verify the summary. */
-          if (g_str_has_prefix (url, "file:"))
-            helper_flags |= FLATPAK_HELPER_DEPLOY_FLAGS_LOCAL_PULL;
-          else
-            return flatpak_fail_error (error, FLATPAK_ERROR_UNTRUSTED, _("Can't pull from untrusted non-gpg verified remote"));
-        }
      else if (is_oci)
        {
          g_autoptr(FlatpakOciRegistry) registry = NULL;
@@ -8396,6 +8380,22 @@ flatpak_dir_update (FlatpakDir                           *self,
          if (!flatpak_dir_mirror_oci (self, registry, state, ref, NULL, progress, cancellable, error))
            return FALSE;
        }
+      else if ((!gpg_verify_summary && state->collection_id == NULL) || !gpg_verify)
+        {
+          /* The remote is not gpg verified, so we don't want to allow installation via
+             a download in the home directory, as there is no way to verify you're not
+             injecting anything into the remote. However, in the case of a remote
+             configured to a local filesystem we can just let the system helper do
+             the installation, as it can then avoid network i/o and be certain the
+             data comes from the right place.
+
+             If @collection_id is non-%NULL, we can verify the refs in commit
+             metadata, so don’t need to verify the summary. */
+          if (g_str_has_prefix (url, "file:"))
+            helper_flags |= FLATPAK_HELPER_DEPLOY_FLAGS_LOCAL_PULL;
+          else
+            return flatpak_fail_error (error, FLATPAK_ERROR_UNTRUSTED, _("Can't pull from untrusted non-gpg verified remote"));
+        }
      else
        {
          /* We're pulling from a remote source, we do the network mirroring pull as a