summaryrefslogtreecommitdiff
path: root/src/import/pull-raw.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/import/pull-raw.c')
-rw-r--r--src/import/pull-raw.c469
1 files changed, 303 insertions, 166 deletions
diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c
index 56c99a690e..c071e134f2 100644
--- a/src/import/pull-raw.c
+++ b/src/import/pull-raw.c
@@ -15,6 +15,7 @@
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
+#include "install-file.h"
#include "macro.h"
#include "mkdir.h"
#include "path-util.h"
@@ -46,6 +47,8 @@ struct RawPull {
ImportVerify verify;
char *image_root;
+ uint64_t offset;
+
PullJob *raw_job;
PullJob *checksum_job;
PullJob *signature_job;
@@ -57,7 +60,8 @@ struct RawPull {
RawPullFinished on_finished;
void *userdata;
- char *local;
+ char *local; /* In PULL_DIRECT mode the path we are supposed to place things in, otherwise the
+ * machine name of the final copy we make */
char *final_path;
char *temp_path;
@@ -73,6 +77,8 @@ struct RawPull {
char *verity_path;
char *verity_temp_path;
+
+ char *checksum;
};
RawPull* raw_pull_unref(RawPull *i) {
@@ -103,6 +109,7 @@ RawPull* raw_pull_unref(RawPull *i) {
free(i->verity_path);
free(i->image_root);
free(i->local);
+ free(i->checksum);
return mfree(i);
}
@@ -148,6 +155,7 @@ int raw_pull_new(
.image_root = TAKE_PTR(root),
.event = TAKE_PTR(e),
.glue = TAKE_PTR(g),
+ .offset = UINT64_MAX,
};
i->glue->on_finished = pull_job_curl_on_finished;
@@ -230,12 +238,20 @@ static void raw_pull_report_progress(RawPull *i, RawProgress p) {
}
static int raw_pull_maybe_convert_qcow2(RawPull *i) {
+ _cleanup_(unlink_and_freep) char *t = NULL;
_cleanup_close_ int converted_fd = -1;
- _cleanup_free_ char *t = NULL;
+ _cleanup_free_ char *f = NULL;
int r;
assert(i);
assert(i->raw_job);
+ assert(!FLAGS_SET(i->flags, PULL_DIRECT));
+
+ if (!FLAGS_SET(i->flags, PULL_CONVERT_QCOW2))
+ return 0;
+
+ assert(i->final_path);
+ assert(i->raw_job->close_disk_fd);
r = qcow2_detect(i->raw_job->disk_fd);
if (r < 0)
@@ -244,32 +260,35 @@ static int raw_pull_maybe_convert_qcow2(RawPull *i) {
return 0;
/* This is a QCOW2 image, let's convert it */
- r = tempfn_random(i->final_path, NULL, &t);
+ r = tempfn_random(i->final_path, NULL, &f);
if (r < 0)
return log_oom();
- converted_fd = open(t, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
+ converted_fd = open(f, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
if (converted_fd < 0)
- return log_error_errno(errno, "Failed to create %s: %m", t);
+ return log_error_errno(errno, "Failed to create %s: %m", f);
+
+ t = TAKE_PTR(f);
(void) import_set_nocow_and_log(converted_fd, t);
log_info("Unpacking QCOW2 file.");
r = qcow2_convert(i->raw_job->disk_fd, converted_fd);
- if (r < 0) {
- (void) unlink(t);
+ if (r < 0)
return log_error_errno(r, "Failed to convert qcow2 image: %m");
- }
- (void) unlink(i->temp_path);
- free_and_replace(i->temp_path, t);
+ unlink_and_free(i->temp_path);
+ i->temp_path = TAKE_PTR(t);
CLOSE_AND_REPLACE(i->raw_job->disk_fd, converted_fd);
return 1;
}
-static int raw_pull_determine_path(RawPull *i, const char *suffix, char **field) {
+static int raw_pull_determine_path(
+ RawPull *i,
+ const char *suffix,
+ char **field /* input + output (!) */) {
int r;
assert(i);
@@ -290,7 +309,7 @@ static int raw_pull_determine_path(RawPull *i, const char *suffix, char **field)
static int raw_pull_copy_auxiliary_file(
RawPull *i,
const char *suffix,
- char **path) {
+ char **path /* input + output (!) */) {
const char *local;
int r;
@@ -305,7 +324,14 @@ static int raw_pull_copy_auxiliary_file(
local = strjoina(i->image_root, "/", i->local, suffix);
- r = copy_file_atomic(*path, local, 0644, 0, 0, COPY_REFLINK | (FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0));
+ r = copy_file_atomic(
+ *path,
+ local,
+ 0644,
+ 0, 0,
+ COPY_REFLINK |
+ (FLAGS_SET(i->flags, PULL_FORCE) ? COPY_REPLACE : 0) |
+ (FLAGS_SET(i->flags, PULL_SYNC) ? COPY_FSYNC_FULL : 0));
if (r == -EEXIST)
log_warning_errno(r, "File %s already exists, not replacing.", local);
else if (r == -ENOENT)
@@ -319,13 +345,15 @@ static int raw_pull_copy_auxiliary_file(
}
static int raw_pull_make_local_copy(RawPull *i) {
- _cleanup_free_ char *tp = NULL;
+ _cleanup_(unlink_and_freep) char *tp = NULL;
+ _cleanup_free_ char *f = NULL;
_cleanup_close_ int dfd = -1;
const char *p;
int r;
assert(i);
assert(i->raw_job);
+ assert(!FLAGS_SET(i->flags, PULL_DIRECT));
if (!i->local)
return 0;
@@ -342,6 +370,7 @@ static int raw_pull_make_local_copy(RawPull *i) {
/* We freshly downloaded the image, use it */
assert(i->raw_job->disk_fd >= 0);
+ assert(i->offset == UINT64_MAX);
if (lseek(i->raw_job->disk_fd, SEEK_SET, 0) == (off_t) -1)
return log_error_errno(errno, "Failed to seek to beginning of vendor image: %m");
@@ -349,38 +378,38 @@ static int raw_pull_make_local_copy(RawPull *i) {
p = strjoina(i->image_root, "/", i->local, ".raw");
- if (FLAGS_SET(i->flags, PULL_FORCE))
- (void) rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
-
- r = tempfn_random(p, NULL, &tp);
+ r = tempfn_random(p, NULL, &f);
if (r < 0)
return log_oom();
- dfd = open(tp, O_WRONLY|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
+ dfd = open(f, O_WRONLY|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
if (dfd < 0)
return log_error_errno(errno, "Failed to create writable copy of image: %m");
+ tp = TAKE_PTR(f);
+
/* Turn off COW writing. This should greatly improve performance on COW file systems like btrfs,
* since it reduces fragmentation caused by not allowing in-place writes. */
(void) import_set_nocow_and_log(dfd, tp);
r = copy_bytes(i->raw_job->disk_fd, dfd, UINT64_MAX, COPY_REFLINK);
- if (r < 0) {
- (void) unlink(tp);
+ if (r < 0)
return log_error_errno(r, "Failed to make writable copy of image: %m");
- }
(void) copy_times(i->raw_job->disk_fd, dfd, COPY_CRTIME);
(void) copy_xattr(i->raw_job->disk_fd, dfd, 0);
dfd = safe_close(dfd);
- r = rename(tp, p);
- if (r < 0) {
- r = log_error_errno(errno, "Failed to move writable image into place: %m");
- (void) unlink(tp);
- return r;
- }
+ r = install_file(AT_FDCWD, tp,
+ AT_FDCWD, p,
+ (i->flags & PULL_FORCE ? INSTALL_REPLACE : 0) |
+ (i->flags & PULL_READ_ONLY ? INSTALL_READ_ONLY : 0) |
+ (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
+ if (r < 0)
+ return log_error_errno(errno, "Failed to move local image into place '%s': %m", p);
+
+ tp = mfree(tp);
log_info("Created new local image '%s'.", i->local);
@@ -442,9 +471,10 @@ static int raw_pull_rename_auxiliary_file(
int r;
assert(i);
+ assert(path);
assert(temp_path);
+ assert(*temp_path);
assert(suffix);
- assert(path);
/* Regenerate final name for this auxiliary file, we might know the etag of the file now, and we should
* incorporate it in the file name if we can */
@@ -453,61 +483,78 @@ static int raw_pull_rename_auxiliary_file(
if (r < 0)
return r;
- r = import_make_read_only(*temp_path);
+ r = install_file(
+ AT_FDCWD, *temp_path,
+ AT_FDCWD, *path,
+ INSTALL_READ_ONLY|
+ (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
if (r < 0)
- return r;
-
- r = rename_noreplace(AT_FDCWD, *temp_path, AT_FDCWD, *path);
- if (r < 0)
- return log_error_errno(r, "Failed to rename file %s to %s: %m", *temp_path, *path);
+ return log_error_errno(r, "Failed to move '%s' into place: %m", *path);
*temp_path = mfree(*temp_path);
-
return 1;
}
static void raw_pull_job_on_finished(PullJob *j) {
RawPull *i;
+ PullJob *jj;
int r;
assert(j);
assert(j->userdata);
i = j->userdata;
- if (j == i->settings_job) {
- if (j->error != 0)
+
+ if (j->error != 0) {
+ /* Only the main job and the checksum job are fatal if they fail. The other fails are just
+ * "decoration", that we'll download if we can. The signature job isn't fatal here because we
+ * might not actually need it in case Suse style signatures are used, that are inline in the
+ * checksum file. */
+
+ if (j == i->raw_job) {
+ if (j->error == ENOMEDIUM) /* HTTP 404 */
+ r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
+ else
+ r = log_error_errno(j->error, "Failed to retrieve image file.");
+ goto finish;
+ } else if (j == i->checksum_job) {
+ r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
+ goto finish;
+ } else if (j == i->signature_job)
+ log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
+ else if (j == i->settings_job)
log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
- } else if (j == i->roothash_job) {
- if (j->error != 0)
+ else if (j == i->roothash_job)
log_info_errno(j->error, "Root hash file could not be retrieved, proceeding without.");
- } else if (j == i->roothash_signature_job) {
- if (j->error != 0)
+ else if (j == i->roothash_signature_job)
log_info_errno(j->error, "Root hash signature file could not be retrieved, proceeding without.");
- } else if (j == i->verity_job) {
- if (j->error != 0)
- log_info_errno(j->error, "Verity integrity file could not be retrieved, proceeding without. %s", j->url);
- } else if (j->error != 0 && j != i->signature_job) {
- if (j == i->checksum_job)
- log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
+ else if (j == i->verity_job)
+ log_info_errno(j->error, "Verity integrity file could not be retrieved, proceeding without.");
else
- log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
-
- r = j->error;
- goto finish;
+ assert_not_reached();
}
/* This is invoked if either the download completed successfully, or the download was skipped because
* we already have the etag. In this case ->etag_exists is true.
*
- * We only do something when we got all three files */
+ * We only do something when we got all files */
if (!raw_pull_is_done(i))
return;
if (i->signature_job && i->signature_job->error != 0) {
VerificationStyle style;
+ PullJob *verify_job;
+
+ /* The signature job failed. Let's see if we actually need it */
+
+ verify_job = i->checksum_job ?: i->raw_job; /* if the checksum job doesn't exist this must be
+ * because the main job is the checksum file
+ * itself */
+
+ assert(verify_job);
- r = verification_style_from_url(i->checksum_job->url, &style);
+ r = verification_style_from_url(verify_job->url, &style);
if (r < 0) {
log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
goto finish;
@@ -517,32 +564,21 @@ static void raw_pull_job_on_finished(PullJob *j) {
* in per-directory verification mode, since only
* then the signature is detached, and thus a file
* of its own. */
- log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
- r = i->signature_job->error;
+ r = log_error_errno(i->signature_job->error,
+ "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
goto finish;
}
}
- if (i->settings_job)
- i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd);
- if (i->roothash_job)
- i->roothash_job->disk_fd = safe_close(i->roothash_job->disk_fd);
- if (i->roothash_signature_job)
- i->roothash_signature_job->disk_fd = safe_close(i->roothash_signature_job->disk_fd);
- if (i->verity_job)
- i->verity_job->disk_fd = safe_close(i->verity_job->disk_fd);
-
- r = raw_pull_determine_path(i, ".raw", &i->final_path);
- if (r < 0)
- goto finish;
+ /* Let's close these auxiliary files now, we don't need access to them anymore. */
+ FOREACH_POINTER(jj, i->settings_job, i->roothash_job, i->roothash_signature_job, i->verity_job)
+ pull_job_close_disk_fd(jj);
if (!i->raw_job->etag_exists) {
- /* This is a new download, verify it, and move it into place */
- assert(i->raw_job->disk_fd >= 0);
-
raw_pull_report_progress(i, RAW_VERIFYING);
r = pull_verify(i->verify,
+ i->checksum,
i->raw_job,
i->checksum_job,
i->signature_job,
@@ -552,50 +588,91 @@ static void raw_pull_job_on_finished(PullJob *j) {
i->verity_job);
if (r < 0)
goto finish;
+ }
- raw_pull_report_progress(i, RAW_UNPACKING);
+ if (i->flags & PULL_DIRECT) {
+ assert(!i->settings_job);
+ assert(!i->roothash_job);
+ assert(!i->roothash_signature_job);
+ assert(!i->verity_job);
+
+ raw_pull_report_progress(i, RAW_FINALIZING);
- r = raw_pull_maybe_convert_qcow2(i);
+ if (i->local) {
+ r = install_file(AT_FDCWD, i->local,
+ AT_FDCWD, NULL,
+ ((i->flags & PULL_READ_ONLY) && i->offset == UINT64_MAX ? INSTALL_READ_ONLY : 0) |
+ (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
+ if (r < 0) {
+ log_error_errno(r, "Failed to finalize raw file to '%s': %m", i->local);
+ goto finish;
+ }
+ }
+ } else {
+ r = raw_pull_determine_path(i, ".raw", &i->final_path);
if (r < 0)
goto finish;
- raw_pull_report_progress(i, RAW_FINALIZING);
+ if (!i->raw_job->etag_exists) {
+ /* This is a new download, verify it, and move it into place */
+
+ assert(i->temp_path);
+ assert(i->final_path);
- if (i->raw_job->etag) {
- /* Only make a read-only copy if ETag header is set. */
- r = import_make_read_only_fd(i->raw_job->disk_fd);
+ raw_pull_report_progress(i, RAW_UNPACKING);
+
+ r = raw_pull_maybe_convert_qcow2(i);
if (r < 0)
goto finish;
- r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
+ raw_pull_report_progress(i, RAW_FINALIZING);
+
+ r = install_file(AT_FDCWD, i->temp_path,
+ AT_FDCWD, i->final_path,
+ INSTALL_READ_ONLY|
+ (i->flags & PULL_SYNC ? INSTALL_FSYNC_FULL : 0));
if (r < 0) {
- log_error_errno(r, "Failed to rename raw file to %s: %m", i->final_path);
+ log_error_errno(r, "Failed to move raw file to '%s': %m", i->final_path);
goto finish;
}
- }
- i->temp_path = mfree(i->temp_path);
+ i->temp_path = mfree(i->temp_path);
- if (i->roothash_job &&
- i->roothash_job->error == 0) {
- r = raw_pull_rename_auxiliary_file(i, ".roothash", &i->roothash_temp_path, &i->roothash_path);
- if (r < 0)
- goto finish;
- }
+ if (i->settings_job &&
+ i->settings_job->error == 0) {
+ r = raw_pull_rename_auxiliary_file(i, ".nspawn", &i->settings_temp_path, &i->settings_path);
+ if (r < 0)
+ goto finish;
+ }
- if (i->settings_job &&
- i->settings_job->error == 0) {
- r = raw_pull_rename_auxiliary_file(i, ".nspawn", &i->settings_temp_path, &i->settings_path);
- if (r < 0)
- goto finish;
+ if (i->roothash_job &&
+ i->roothash_job->error == 0) {
+ r = raw_pull_rename_auxiliary_file(i, ".roothash", &i->roothash_temp_path, &i->roothash_path);
+ if (r < 0)
+ goto finish;
+ }
+
+ if (i->roothash_signature_job &&
+ i->roothash_signature_job->error == 0) {
+ r = raw_pull_rename_auxiliary_file(i, ".roothash.p7s", &i->roothash_signature_temp_path, &i->roothash_signature_path);
+ if (r < 0)
+ goto finish;
+ }
+
+ if (i->verity_job &&
+ i->verity_job->error == 0) {
+ r = raw_pull_rename_auxiliary_file(i, ".verity", &i->verity_temp_path, &i->verity_path);
+ if (r < 0)
+ goto finish;
+ }
}
- }
- raw_pull_report_progress(i, RAW_COPYING);
+ raw_pull_report_progress(i, RAW_COPYING);
- r = raw_pull_make_local_copy(i);
- if (r < 0)
- goto finish;
+ r = raw_pull_make_local_copy(i);
+ if (r < 0)
+ goto finish;
+ }
r = 0;
@@ -610,7 +687,7 @@ static int raw_pull_job_on_open_disk_generic(
RawPull *i,
PullJob *j,
const char *extra,
- char **temp_path) {
+ char **temp_path /* input + output */) {
int r;
@@ -619,6 +696,8 @@ static int raw_pull_job_on_open_disk_generic(
assert(extra);
assert(temp_path);
+ assert(!FLAGS_SET(i->flags, PULL_DIRECT));
+
if (!*temp_path) {
r = tempfn_random_child(i->image_root, extra, temp_path);
if (r < 0)
@@ -643,12 +722,34 @@ static int raw_pull_job_on_open_disk_raw(PullJob *j) {
i = j->userdata;
assert(i->raw_job == j);
+ assert(j->disk_fd < 0);
- r = raw_pull_job_on_open_disk_generic(i, j, "raw", &i->temp_path);
- if (r < 0)
- return r;
+ if (i->flags & PULL_DIRECT) {
+
+ if (!i->local) { /* If no local name specified, the pull job will write its data to stdout */
+ j->disk_fd = STDOUT_FILENO;
+ j->close_disk_fd = false;
+ return 0;
+ }
+
+ (void) mkdir_parents_label(i->local, 0700);
+
+ j->disk_fd = open(i->local, O_RDWR|O_NOCTTY|O_CLOEXEC|(i->offset == UINT64_MAX ? O_TRUNC|O_CREAT : 0), 0664);
+ if (j->disk_fd < 0)
+ return log_error_errno(errno, "Failed to open destination '%s': %m", i->local);
+
+ if (i->offset == UINT64_MAX)
+ (void) import_set_nocow_and_log(j->disk_fd, i->local);
+
+ } else {
+ r = raw_pull_job_on_open_disk_generic(i, j, "raw", &i->temp_path);
+ if (r < 0)
+ return r;
+
+ assert(i->offset == UINT64_MAX);
+ (void) import_set_nocow_and_log(j->disk_fd, i->temp_path);
+ }
- (void) import_set_nocow_and_log(j->disk_fd, i->temp_path);
return 0;
}
@@ -715,20 +816,29 @@ int raw_pull_start(
RawPull *i,
const char *url,
const char *local,
+ uint64_t offset,
+ uint64_t size_max,
PullFlags flags,
- ImportVerify verify) {
+ ImportVerify verify,
+ const char *checksum) {
+ PullJob *j;
int r;
assert(i);
- assert(verify < _IMPORT_VERIFY_MAX);
- assert(verify >= 0);
+ assert(url);
+ assert(verify == _IMPORT_VERIFY_INVALID || verify < _IMPORT_VERIFY_MAX);
+ assert(verify == _IMPORT_VERIFY_INVALID || verify >= 0);
+ assert((verify < 0) || !checksum);
assert(!(flags & ~PULL_FLAGS_MASK_RAW));
+ assert(offset == UINT64_MAX || FLAGS_SET(flags, PULL_DIRECT));
+ assert(!(flags & (PULL_SETTINGS|PULL_ROOTHASH|PULL_ROOTHASH_SIGNATURE|PULL_VERITY)) || !(flags & PULL_DIRECT));
+ assert(!(flags & (PULL_SETTINGS|PULL_ROOTHASH|PULL_ROOTHASH_SIGNATURE|PULL_VERITY)) || !checksum);
if (!http_url_is_valid(url))
return -EINVAL;
- if (local && !hostname_is_valid(local, 0))
+ if (local && !pull_validate_local(local, flags))
return -EINVAL;
if (i->raw_job)
@@ -738,6 +848,10 @@ int raw_pull_start(
if (r < 0)
return r;
+ r = free_and_strdup(&i->checksum, checksum);
+ if (r < 0)
+ return r;
+
i->flags = flags;
i->verify = verify;
@@ -748,98 +862,121 @@ int raw_pull_start(
i->raw_job->on_finished = raw_pull_job_on_finished;
i->raw_job->on_open_disk = raw_pull_job_on_open_disk_raw;
- i->raw_job->on_progress = raw_pull_job_on_progress;
- i->raw_job->calc_checksum = verify != IMPORT_VERIFY_NO;
-
- r = pull_find_old_etags(url, i->image_root, DT_REG, ".raw-", ".raw", &i->raw_job->old_etags);
- if (r < 0)
- return r;
-
- r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, raw_pull_job_on_finished, i);
- if (r < 0)
- return r;
-
- if (FLAGS_SET(flags, PULL_SETTINGS)) {
- r = pull_make_auxiliary_job(&i->settings_job, url, raw_strip_suffixes, ".nspawn", i->glue, raw_pull_job_on_finished, i);
- if (r < 0)
- return r;
- i->settings_job->on_open_disk = raw_pull_job_on_open_disk_settings;
- i->settings_job->on_progress = raw_pull_job_on_progress;
- i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO;
- }
+ if (checksum)
+ i->raw_job->calc_checksum = true;
+ else if (verify != IMPORT_VERIFY_NO) {
+ /* Calculate checksum of the main download unless the users asks for a SHA256SUM file or its
+ * signature, which we let gpg verify instead. */
- if (FLAGS_SET(flags, PULL_ROOTHASH)) {
- r = pull_make_auxiliary_job(&i->roothash_job, url, raw_strip_suffixes, ".roothash", i->glue, raw_pull_job_on_finished, i);
+ r = pull_url_needs_checksum(url);
if (r < 0)
return r;
- i->roothash_job->on_open_disk = raw_pull_job_on_open_disk_roothash;
- i->roothash_job->on_progress = raw_pull_job_on_progress;
- i->roothash_job->calc_checksum = verify != IMPORT_VERIFY_NO;
+ i->raw_job->calc_checksum = r;
+ i->raw_job->force_memory = true; /* make sure this is both written to disk if that's
+ * requested and into memory, since we need to verify it */
}
- if (FLAGS_SET(flags, PULL_ROOTHASH_SIGNATURE)) {
- r = pull_make_auxiliary_job(&i->roothash_signature_job, url, raw_strip_suffixes, ".roothash.p7s", i->glue, raw_pull_job_on_finished, i);
- if (r < 0)
- return r;
-
- i->roothash_signature_job->on_open_disk = raw_pull_job_on_open_disk_roothash_signature;
- i->roothash_signature_job->on_progress = raw_pull_job_on_progress;
- i->roothash_signature_job->calc_checksum = verify != IMPORT_VERIFY_NO;
- }
+ if (size_max != UINT64_MAX)
+ i->raw_job->uncompressed_max = size_max;
+ if (offset != UINT64_MAX)
+ i->raw_job->offset = i->offset = offset;
- if (FLAGS_SET(flags, PULL_VERITY)) {
- r = pull_make_auxiliary_job(&i->verity_job, url, raw_strip_suffixes, ".verity", i->glue, raw_pull_job_on_finished, i);
+ if (!FLAGS_SET(flags, PULL_DIRECT)) {
+ r = pull_find_old_etags(url, i->image_root, DT_REG, ".raw-", ".raw", &i->raw_job->old_etags);
if (r < 0)
return r;
-
- i->verity_job->on_open_disk = raw_pull_job_on_open_disk_verity;
- i->verity_job->on_progress = raw_pull_job_on_progress;
- i->verity_job->calc_checksum = verify != IMPORT_VERIFY_NO;
}
- r = pull_job_begin(i->raw_job);
+ r = pull_make_verification_jobs(
+ &i->checksum_job,
+ &i->signature_job,
+ verify,
+ i->checksum,
+ url,
+ i->glue,
+ raw_pull_job_on_finished,
+ i);
if (r < 0)
return r;
- if (i->checksum_job) {
- i->checksum_job->on_progress = raw_pull_job_on_progress;
- i->checksum_job->on_not_found = pull_job_restart_with_sha256sum;
-
- r = pull_job_begin(i->checksum_job);
+ if (FLAGS_SET(flags, PULL_SETTINGS)) {
+ r = pull_make_auxiliary_job(
+ &i->settings_job,
+ url,
+ raw_strip_suffixes,
+ ".nspawn",
+ verify,
+ i->glue,
+ raw_pull_job_on_open_disk_settings,
+ raw_pull_job_on_finished,
+ i);
if (r < 0)
return r;
}
- if (i->signature_job) {
- i->signature_job->on_progress = raw_pull_job_on_progress;
-
- r = pull_job_begin(i->signature_job);
+ if (FLAGS_SET(flags, PULL_ROOTHASH)) {
+ r = pull_make_auxiliary_job(
+ &i->roothash_job,
+ url,
+ raw_strip_suffixes,
+ ".roothash",
+ verify,
+ i->glue,
+ raw_pull_job_on_open_disk_roothash,
+ raw_pull_job_on_finished,
+ i);
if (r < 0)
return r;
}
- if (i->settings_job) {
- r = pull_job_begin(i->settings_job);
+ if (FLAGS_SET(flags, PULL_ROOTHASH_SIGNATURE)) {
+ r = pull_make_auxiliary_job(
+ &i->roothash_signature_job,
+ url,
+ raw_strip_suffixes,
+ ".roothash.p7s",
+ verify,
+ i->glue,
+ raw_pull_job_on_open_disk_roothash_signature,
+ raw_pull_job_on_finished,
+ i);
if (r < 0)
return r;
}
- if (i->roothash_job) {
- r = pull_job_begin(i->roothash_job);
+ if (FLAGS_SET(flags, PULL_VERITY)) {
+ r = pull_make_auxiliary_job(
+ &i->verity_job,
+ url,
+ raw_strip_suffixes,
+ ".verity",
+ verify,
+ i->glue,
+ raw_pull_job_on_open_disk_verity,
+ raw_pull_job_on_finished,
+ i);
if (r < 0)
return r;
}
- if (i->roothash_signature_job) {
- r = pull_job_begin(i->roothash_signature_job);
- if (r < 0)
- return r;
- }
+ FOREACH_POINTER(j,
+ i->raw_job,
+ i->checksum_job,
+ i->signature_job,
+ i->settings_job,
+ i->roothash_job,
+ i->roothash_signature_job,
+ i->verity_job) {
+
+ if (!j)
+ continue;
+
+ j->on_progress = raw_pull_job_on_progress;
+ j->sync = FLAGS_SET(flags, PULL_SYNC);
- if (i->verity_job) {
- r = pull_job_begin(i->verity_job);
+ r = pull_job_begin(j);
if (r < 0)
return r;
}
View Lorry Controller Status