forked from lix-project/lix
c815aff21b
derivations. This is mostly to simplify the implementation of nix-prefetch-{url, svn}, which now work properly in setuid installations. * Enforce valid store names in `nix-store --add / --add-fixed'.
70 lines
1.6 KiB
Plaintext
70 lines
1.6 KiB
Plaintext
#! @shell@ -e
|
|
|
|
url=$1
|
|
expHash=$2
|
|
|
|
hashType=$NIX_HASH_ALGO
|
|
if test -z "$hashType"; then
|
|
hashType=md5
|
|
fi
|
|
|
|
hashFormat=
|
|
if test "$hashType" != "md5"; then
|
|
hashFormat=--base32
|
|
fi
|
|
|
|
if test -z "$url"; then
|
|
echo "syntax: nix-prefetch-url URL [EXPECTED-HASH]" >&2
|
|
exit 1
|
|
fi
|
|
|
|
name=$(basename "$url")
|
|
if test -z "$name"; then echo "invalid url"; exit 1; fi
|
|
|
|
|
|
# If the hash was given, a file with that hash may already be in the
|
|
# store.
|
|
if test -n "$expHash"; then
|
|
finalPath=$(@bindir@/nix-store --print-fixed-path "$hashType" "$expHash" "$name")
|
|
if ! @bindir@/nix-store --check-validity "$finalPath" 2> /dev/null; then
|
|
finalPath=
|
|
fi
|
|
hash=$expHash
|
|
fi
|
|
|
|
|
|
# If we don't know the hash or a file with that hash doesn't exist,
|
|
# download the file and add it to the store.
|
|
if test -z "$finalPath"; then
|
|
|
|
tmpPath=/tmp/nix-prefetch-url-$$ # !!! security?
|
|
tmpFile=$tmpPath/$name
|
|
mkdir $tmpPath
|
|
|
|
# Perform the download.
|
|
@curl@ --fail --location --max-redirs 20 "$url" > $tmpFile
|
|
|
|
# Compute the hash.
|
|
hash=$(@bindir@/nix-hash --type "$hashType" $hashFormat --flat $tmpFile)
|
|
if ! test -n "$QUIET"; then echo "hash is $hash" >&2; fi
|
|
|
|
# Add the downloaded file to the Nix store.
|
|
finalPath=$(@bindir@/nix-store --add-fixed "$hashType" $tmpFile)
|
|
|
|
if test -n "$tmpPath"; then rm -rf $tmpPath || true; fi
|
|
|
|
if test -n "$expHash" -a "$expHash" != "$hash"; then
|
|
echo "hash mismatch for URL \`$url'"
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
|
|
if ! test -n "$QUIET"; then echo "path is $finalPath" >&2; fi
|
|
|
|
echo $hash
|
|
|
|
if test -n "$PRINT_PATH"; then
|
|
echo $finalPath
|
|
fi
|