forked from lix-project/lix
nix-copy-closure / build-remote.pl: Disable signature checking
This restores the Nix 1.11 behaviour.
This commit is contained in:
parent
e4f0ba55ac
commit
c2d27d30cf
12 changed files with 20 additions and 17 deletions
|
@ -182,11 +182,11 @@ void exportPaths(int fd, ...)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void importPaths(int fd)
|
void importPaths(int fd, int dontCheckSigs)
|
||||||
PPCODE:
|
PPCODE:
|
||||||
try {
|
try {
|
||||||
FdSource source(fd);
|
FdSource source(fd);
|
||||||
store()->importPaths(source, 0);
|
store()->importPaths(source, 0, dontCheckSigs);
|
||||||
} catch (Error & e) {
|
} catch (Error & e) {
|
||||||
croak("%s", e.what());
|
croak("%s", e.what());
|
||||||
}
|
}
|
||||||
|
|
|
@ -271,5 +271,5 @@ if (scalar @outputs2 > 0) {
|
||||||
writeInt(0, $to); # don't sign
|
writeInt(0, $to); # don't sign
|
||||||
writeStrings(\@outputs2, $to);
|
writeStrings(\@outputs2, $to);
|
||||||
$ENV{'NIX_HELD_LOCKS'} = "@outputs2"; # FIXME: ugly
|
$ENV{'NIX_HELD_LOCKS'} = "@outputs2"; # FIXME: ugly
|
||||||
importPaths(fileno($from));
|
importPaths(fileno($from), 1);
|
||||||
}
|
}
|
||||||
|
|
|
@ -97,7 +97,7 @@ else { # Copy FROM the remote machine.
|
||||||
writeInt(5, $to); # == cmdExportPaths
|
writeInt(5, $to); # == cmdExportPaths
|
||||||
writeInt(0, $to); # obsolete
|
writeInt(0, $to); # obsolete
|
||||||
writeStrings(\@missing, $to);
|
writeStrings(\@missing, $to);
|
||||||
importPaths(fileno($from));
|
importPaths(fileno($from), 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -63,7 +63,8 @@ Path BinaryCacheStore::narInfoFileFor(const Path & storePath)
|
||||||
return storePathToHash(storePath) + ".narinfo";
|
return storePathToHash(storePath) + ".narinfo";
|
||||||
}
|
}
|
||||||
|
|
||||||
void BinaryCacheStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
|
void BinaryCacheStore::addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
|
bool repair, bool dontCheckSigs)
|
||||||
{
|
{
|
||||||
if (!repair && isValidPath(info.path)) return;
|
if (!repair && isValidPath(info.path)) return;
|
||||||
|
|
||||||
|
|
|
@ -84,7 +84,7 @@ public:
|
||||||
bool wantMassQuery() { return wantMassQuery_; }
|
bool wantMassQuery() { return wantMassQuery_; }
|
||||||
|
|
||||||
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
bool repair = false) override;
|
bool repair = false, bool dontCheckSigs = false) override;
|
||||||
|
|
||||||
Path addToStore(const string & name, const Path & srcPath,
|
Path addToStore(const string & name, const Path & srcPath,
|
||||||
bool recursive = true, HashType hashAlgo = htSHA256,
|
bool recursive = true, HashType hashAlgo = htSHA256,
|
||||||
|
|
|
@ -82,7 +82,7 @@ struct NopSink : ParseSink
|
||||||
{
|
{
|
||||||
};
|
};
|
||||||
|
|
||||||
Paths Store::importPaths(Source & source, std::shared_ptr<FSAccessor> accessor)
|
Paths Store::importPaths(Source & source, std::shared_ptr<FSAccessor> accessor, bool dontCheckSigs)
|
||||||
{
|
{
|
||||||
Paths res;
|
Paths res;
|
||||||
while (true) {
|
while (true) {
|
||||||
|
@ -117,7 +117,7 @@ Paths Store::importPaths(Source & source, std::shared_ptr<FSAccessor> accessor)
|
||||||
if (readInt(source) == 1)
|
if (readInt(source) == 1)
|
||||||
readString(source);
|
readString(source);
|
||||||
|
|
||||||
addToStore(info, *tee.data);
|
addToStore(info, *tee.data, false, dontCheckSigs);
|
||||||
|
|
||||||
// FIXME: implement accessors?
|
// FIXME: implement accessors?
|
||||||
assert(!accessor);
|
assert(!accessor);
|
||||||
|
|
|
@ -904,14 +904,15 @@ void LocalStore::invalidatePath(State & state, const Path & path)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
|
void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
|
bool repair, bool dontCheckSigs)
|
||||||
{
|
{
|
||||||
Hash h = hashString(htSHA256, nar);
|
Hash h = hashString(htSHA256, nar);
|
||||||
if (h != info.narHash)
|
if (h != info.narHash)
|
||||||
throw Error(format("hash mismatch importing path ‘%s’; expected hash ‘%s’, got ‘%s’") %
|
throw Error(format("hash mismatch importing path ‘%s’; expected hash ‘%s’, got ‘%s’") %
|
||||||
info.path % info.narHash.to_string() % h.to_string());
|
info.path % info.narHash.to_string() % h.to_string());
|
||||||
|
|
||||||
if (requireSigs && !info.checkSignatures(publicKeys))
|
if (requireSigs && !dontCheckSigs && !info.checkSignatures(publicKeys))
|
||||||
throw Error(format("cannot import path ‘%s’ because it lacks a valid signature") % info.path);
|
throw Error(format("cannot import path ‘%s’ because it lacks a valid signature") % info.path);
|
||||||
|
|
||||||
addTempRoot(info.path);
|
addTempRoot(info.path);
|
||||||
|
|
|
@ -117,7 +117,7 @@ public:
|
||||||
SubstitutablePathInfos & infos) override;
|
SubstitutablePathInfos & infos) override;
|
||||||
|
|
||||||
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
bool repair) override;
|
bool repair, bool dontCheckSigs) override;
|
||||||
|
|
||||||
Path addToStore(const string & name, const Path & srcPath,
|
Path addToStore(const string & name, const Path & srcPath,
|
||||||
bool recursive = true, HashType hashAlgo = htSHA256,
|
bool recursive = true, HashType hashAlgo = htSHA256,
|
||||||
|
|
|
@ -326,7 +326,8 @@ Path RemoteStore::queryPathFromHashPart(const string & hashPart)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
void RemoteStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
|
void RemoteStore::addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
|
bool repair, bool dontCheckSigs)
|
||||||
{
|
{
|
||||||
throw Error("RemoteStore::addToStore() not implemented");
|
throw Error("RemoteStore::addToStore() not implemented");
|
||||||
}
|
}
|
||||||
|
|
|
@ -52,7 +52,7 @@ public:
|
||||||
SubstitutablePathInfos & infos) override;
|
SubstitutablePathInfos & infos) override;
|
||||||
|
|
||||||
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
void addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
bool repair) override;
|
bool repair, bool dontCheckSigs) override;
|
||||||
|
|
||||||
Path addToStore(const string & name, const Path & srcPath,
|
Path addToStore(const string & name, const Path & srcPath,
|
||||||
bool recursive = true, HashType hashAlgo = htSHA256,
|
bool recursive = true, HashType hashAlgo = htSHA256,
|
||||||
|
|
|
@ -257,7 +257,7 @@ public:
|
||||||
|
|
||||||
/* Import a path into the store. */
|
/* Import a path into the store. */
|
||||||
virtual void addToStore(const ValidPathInfo & info, const std::string & nar,
|
virtual void addToStore(const ValidPathInfo & info, const std::string & nar,
|
||||||
bool repair = false) = 0;
|
bool repair = false, bool dontCheckSigs = false) = 0;
|
||||||
|
|
||||||
/* Copy the contents of a path to the store and register the
|
/* Copy the contents of a path to the store and register the
|
||||||
validity the resulting path. The resulting path is returned.
|
validity the resulting path. The resulting path is returned.
|
||||||
|
@ -398,8 +398,8 @@ public:
|
||||||
the Nix store. Optionally, the contents of the NARs are
|
the Nix store. Optionally, the contents of the NARs are
|
||||||
preloaded into the specified FS accessor to speed up subsequent
|
preloaded into the specified FS accessor to speed up subsequent
|
||||||
access. */
|
access. */
|
||||||
Paths importPaths(Source & source,
|
Paths importPaths(Source & source, std::shared_ptr<FSAccessor> accessor,
|
||||||
std::shared_ptr<FSAccessor> accessor);
|
bool dontCheckSigs = false);
|
||||||
|
|
||||||
struct Stats
|
struct Stats
|
||||||
{
|
{
|
||||||
|
|
|
@ -901,7 +901,7 @@ static void opServe(Strings opFlags, Strings opArgs)
|
||||||
|
|
||||||
case cmdImportPaths: {
|
case cmdImportPaths: {
|
||||||
if (!writeAllowed) throw Error("importing paths is not allowed");
|
if (!writeAllowed) throw Error("importing paths is not allowed");
|
||||||
store->importPaths(in, 0);
|
store->importPaths(in, 0, true); // FIXME: should we skip sig checking?
|
||||||
out << 1; // indicate success
|
out << 1; // indicate success
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue