nrabulinski/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

Get rid of the authHook parameter on processConnection

Browse source 
This is (morally) dead code.

As @edolstra pointed out in
https://github.com/NixOS/nix/pull/5226#discussion_r1073470813, this is
no longer needed.

I created this in 8d4162ff9e, so it is
fitting that I now destroy it :).
This commit is contained in:
John Ericson 2023-02-02 12:02:03 -05:00
parent b574c70ccb
commit 479c011784
4 changed files with 5 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/libstore/build/local-derivation-goal.cc
View file

@ -1516,8 +1516,7 @@ void LocalDerivationGoal::startDaemon()
FdSink to(remote.get()); FdSink to(remote.get());
try { try {
daemon::processConnection(store, from, to, daemon::processConnection(store, from, to,
daemon::NotTrusted, daemon::Recursive, daemon::NotTrusted, daemon::Recursive);
[&](Store & store) {});
debug("terminated daemon connection"); debug("terminated daemon connection");
} catch (SysError &) { } catch (SysError &) {
ignoreException(); ignoreException();

7
src/libstore/daemon.cc
View file

@ -985,8 +985,7 @@ void processConnection(
FdSource & from, FdSource & from,
FdSink & to, FdSink & to,
TrustedFlag trusted, TrustedFlag trusted,
RecursiveFlag recursive, RecursiveFlag recursive)
std::function<void(Store &)> authHook)
{ {
auto monitor = !recursive ? std::make_unique<MonitorFdHup>(from.fd) : nullptr; auto monitor = !recursive ? std::make_unique<MonitorFdHup>(from.fd) : nullptr;
@ -1029,10 +1028,6 @@ void processConnection(
try { try {
/* If we can't accept clientVersion, then throw an error
*here* (not above). */
authHook(*store);
tunnelLogger->stopWork(); tunnelLogger->stopWork();
to.flush(); to.flush();

7
src/libstore/daemon.hh
View file

@ -13,11 +13,6 @@ void processConnection(
FdSource & from, FdSource & from,
FdSink & to, FdSink & to,
TrustedFlag trusted, TrustedFlag trusted,
RecursiveFlag recursive, RecursiveFlag recursive);
/* Arbitrary hook to check authorization / initialize user data / whatever
after the protocol has been negotiated. The idea is that this function
and everything it calls doesn't know about this stuff, and the
`nix-daemon` handles that instead. */
std::function<void(Store &)> authHook);
} }

11
src/nix/daemon.cc
View file

@ -241,14 +241,7 @@ static void daemonLoop()
// Handle the connection. // Handle the connection.
FdSource from(remote.get()); FdSource from(remote.get());
FdSink to(remote.get()); FdSink to(remote.get());
processConnection(openUncachedStore(), from, to, trusted, NotRecursive, [&](Store & store) { processConnection(openUncachedStore(), from, to, trusted, NotRecursive);
#if 0
/* Prevent users from doing something very dangerous. */
if (geteuid() == 0 &&
querySetting("build-users-group", "") == "")
throw Error("if you run 'nix-daemon' as root, then you MUST set 'build-users-group'!");
#endif
});
exit(0); exit(0);
}, options); }, options);
@ -301,7 +294,7 @@ static void runDaemon(bool stdio)
/* Auth hook is empty because in this mode we blindly trust the /* Auth hook is empty because in this mode we blindly trust the
standard streams. Limiting access to those is explicitly standard streams. Limiting access to those is explicitly
not `nix-daemon`'s responsibility. */ not `nix-daemon`'s responsibility. */
processConnection(openUncachedStore(), from, to, Trusted, NotRecursive, [&](Store & _){}); processConnection(openUncachedStore(), from, to, Trusted, NotRecursive);
} }
} else } else
daemonLoop(); daemonLoop();