diff options
author | Miloslav Trmač <mitr@redhat.com> | 2022-08-24 19:39:11 +0200 |
---|---|---|
committer | Miloslav Trmač <mitr@redhat.com> | 2022-08-29 17:55:38 +0200 |
commit | 04b3cc3936970882703ee1dbde01009b4f69ef29 (patch) | |
tree | b9e77d7c460bc9128f4bf5f1167e1b7461a5e456 /pkg/trust/policy.go | |
parent | e43881af37707e4e76059b707eee90aa2b307590 (diff) | |
download | podman-04b3cc3936970882703ee1dbde01009b4f69ef29.tar.gz podman-04b3cc3936970882703ee1dbde01009b4f69ef29.tar.bz2 podman-04b3cc3936970882703ee1dbde01009b4f69ef29.zip |
Improve validation of data in ImageEngine.SetTrust
- Also reject public keys with types that don't use them
- Reject unknown trust types
- And add unit tests
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'pkg/trust/policy.go')
-rw-r--r-- | pkg/trust/policy.go | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/pkg/trust/policy.go b/pkg/trust/policy.go index 352be781c..df4f49ff1 100644 --- a/pkg/trust/policy.go +++ b/pkg/trust/policy.go @@ -143,10 +143,22 @@ func AddPolicyEntries(policyPath string, input AddPolicyEntriesInput) error { if trustType == "accept" { trustType = "insecureAcceptAnything" } - pubkeysfile := input.PubKeyFiles - if len(pubkeysfile) == 0 && trustType == "signedBy" { - return errors.New("at least one public key must be defined for type 'signedBy'") + + // The error messages in validation failures use input.Type instead of trustType to match the user’s input. + switch trustType { + case "insecureAcceptAnything", "reject": + if len(pubkeysfile) != 0 { + return fmt.Errorf("%d public keys unexpectedly provided for trust type %v", len(pubkeysfile), input.Type) + } + + case "signedBy": + if len(pubkeysfile) == 0 { + return errors.New("at least one public key must be defined for type 'signedBy'") + } + + default: + return fmt.Errorf("unknown trust type %q", input.Type) } _, err := os.Stat(policyPath) |