From e52ae1c0ffed6af893438cb456c5c38a272c8b21 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <e.dolstra@tudelft.nl>
Date: Tue, 15 Mar 2005 11:12:48 +0000
Subject: [PATCH] * Use SHA-256 for nix-push.

---
 corepkgs/nar/nar.nix           |  5 ++--
 corepkgs/nar/nar.sh.in         |  4 +--
 scripts/generate-patches.pl.in |  2 +-
 scripts/nix-push.in            | 46 +++++++++++++++++++++-------------
 4 files changed, 34 insertions(+), 23 deletions(-)

diff --git a/corepkgs/nar/nar.nix b/corepkgs/nar/nar.nix
index f288e0ed4..e0d4878bf 100644
--- a/corepkgs/nar/nar.nix
+++ b/corepkgs/nar/nar.nix
@@ -1,6 +1,5 @@
-{system, path}: derivation {
+{system, path, hashAlgo}: derivation {
   name = "nar";
   builder = ./nar.sh;
-  system = system;
-  path = path;
+  inherit system path hashAlgo;
 }
diff --git a/corepkgs/nar/nar.sh.in b/corepkgs/nar/nar.sh.in
index d64cfd815..1a7c33ab2 100644
--- a/corepkgs/nar/nar.sh.in
+++ b/corepkgs/nar/nar.sh.in
@@ -10,8 +10,8 @@ dst=$out/tmp.nar.bz2
 
 @bzip2@ < tmp > $dst
 
-@bindir@/nix-hash -vvvvv --flat --type sha1 --base32 tmp > $out/nar-hash
+@bindir@/nix-hash -vvvvv --flat --type $hashAlgo --base32 tmp > $out/nar-hash
 
-@bindir@/nix-hash --flat --type sha1 --base32 $dst > $out/narbz2-hash
+@bindir@/nix-hash --flat --type $hashAlgo --base32 $dst > $out/narbz2-hash
 
 mv $out/tmp.nar.bz2 $out/$(cat $out/narbz2-hash).nar.bz2
diff --git a/scripts/generate-patches.pl.in b/scripts/generate-patches.pl.in
index baa66369d..9392ef5c7 100755
--- a/scripts/generate-patches.pl.in
+++ b/scripts/generate-patches.pl.in
@@ -6,7 +6,7 @@ use readmanifest;
 
 die unless scalar @ARGV == 5;
 
-my $hashAlgo = "sha1";
+my $hashAlgo = "sha256";
 
 my $cacheDir = $ARGV[0];
 my $patchesDir = $ARGV[1];
diff --git a/scripts/nix-push.in b/scripts/nix-push.in
index ecc7a77af..c087b3e37 100644
--- a/scripts/nix-push.in
+++ b/scripts/nix-push.in
@@ -5,6 +5,8 @@ use IPC::Open2;
 use POSIX qw(tmpnam);
 use readmanifest;
 
+my $hashAlgo = "sha256";
+
 my $tmpdir;
 do { $tmpdir = tmpnam(); }
 until mkdir $tmpdir, 0777;
@@ -90,7 +92,7 @@ foreach my $storePath (@storePaths) {
     # Construct a Nix expression that creates a Nix archive.
     my $nixexpr = 
         "((import $dataDir/nix/corepkgs/nar/nar.nix) " .
-        "{path = \"$storePath\"; system = \"@system@\";}) ";
+        "{path = \"$storePath\"; system = \"@system@\"; hashAlgo = \"$hashAlgo\";}) ";
     
     print NIX $nixexpr;
 }
@@ -102,13 +104,18 @@ close NIX;
 # Instantiate store expressions from the Nix expression.
 my @storeExprs;
 print STDERR "instantiating store expressions...\n";
-open STOREEXPRS, "$binDir/nix-instantiate $nixfile |" or die "cannot run nix-instantiate";
-while (<STOREEXPRS>) {
+my $pid = open2(\*READ, \*WRITE, "$binDir/nix-instantiate $nixfile")
+    or die "cannot run nix-instantiate";
+close WRITE;
+while (<READ>) {
     chomp;
     die unless /^\//;
     push @storeExprs, $_;
 }
-close STOREEXPRS;
+close READ;
+
+waitpid $pid, 0;
+$? == 0 or die "nix-instantiate failed";
 
 
 # Realise the store expressions.
@@ -123,13 +130,18 @@ while (scalar @tmp > 0) {
     my @tmp2 = @tmp[0..$n - 1];
     @tmp = @tmp[$n..scalar @tmp - 1];
 
-    open NARPATHS, "$binDir/nix-store --realise @tmp2 |" or die "cannot run nix-store";
-    while (<NARPATHS>) {
+    my $pid = open2(\*READ, \*WRITE, "$binDir/nix-store --realise @tmp2")
+        or die "cannot run nix-store";
+    close WRITE;
+    while (<READ>) {
         chomp;
         die unless (/^\//);
         push @narPaths, "$_";
     }
-    close NARPATHS;
+    close READ;
+
+    waitpid $pid, 0;
+    $? == 0 or die "nix-store failed";
 }
 
 
@@ -148,17 +160,17 @@ for (my $n = 0; $n < scalar @storePaths; $n++) {
     my $basename = $1;
     defined $basename or die;
 
-    open SHA1, "$narDir/narbz2-hash" or die "cannot open narbz2-hash";
-    my $narbz2Hash = <SHA1>;
+    open HASH, "$narDir/narbz2-hash" or die "cannot open narbz2-hash";
+    my $narbz2Hash = <HASH>;
     chomp $narbz2Hash;
-    $narbz2Hash =~ /^[0-9a-z]{32}$/ or die "invalid hash";
-    close SHA1;
+    $narbz2Hash =~ /^[0-9a-z]+$/ or die "invalid hash";
+    close HASH;
 
-    open SHA1, "$narDir/nar-hash" or die "cannot open nar-hash";
-    my $narHash = <SHA1>;
+    open HASH, "$narDir/nar-hash" or die "cannot open nar-hash";
+    my $narHash = <HASH>;
     chomp $narHash;
-    $narHash =~ /^[0-9a-z]{32}$/ or die "invalid hash";
-    close SHA1;
+    $narHash =~ /^[0-9a-z]+$/ or die "invalid hash";
+    close HASH;
     
     my $narName = "$narbz2Hash.nar.bz2";
 
@@ -185,9 +197,9 @@ for (my $n = 0; $n < scalar @storePaths; $n++) {
     }
     $narFiles{$storePath} = [
         { url => $url
-        , hash => "sha1:$narbz2Hash"
+        , hash => "$hashAlgo:$narbz2Hash"
         , size => $narbz2Size
-        , narHash => "sha1:$narHash"
+        , narHash => "$hashAlgo:$narHash"
         , references => $references
         , deriver => $deriver
         }