From f38224e924bc38ea2b94930f8d12e29c7c8df7a8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 7 Feb 2017 19:23:16 +0100 Subject: [PATCH] copyStorePath(): Don't require signatures for "trusted" stores For example, SSH stores could be trusted. --- src/libstore/store-api.cc | 9 +++++++++ src/libstore/store-api.hh | 4 ++++ 2 files changed, 13 insertions(+) diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index f98ba3840..11c2f4b02 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -529,6 +529,15 @@ void copyStorePath(ref srcStore, ref dstStore, StringSink sink; srcStore->narFromPath({storePath}, sink); + if (srcStore->isTrusted()) + dontCheckSigs = true; + + if (!info->narHash && dontCheckSigs) { + auto info2 = make_ref(*info); + info2->narHash = hashString(htSHA256, *sink.s); + info = info2; + } + dstStore->addToStore(*info, sink.s, repair, dontCheckSigs); } diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh index 8058daf14..39132be89 100644 --- a/src/libstore/store-api.hh +++ b/src/libstore/store-api.hh @@ -562,6 +562,10 @@ public: const Stats & getStats(); + /* Whether this store paths from this store can be imported even + if they lack a signature. */ + virtual bool isTrusted() { return false; } + protected: Stats stats;