From 57d33013ce58e0cfd31e51dfb57a78f8f2a545fd Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 30 May 2016 15:09:01 +0200 Subject: [PATCH] Check signatures before downloading the substitute --- src/libstore/build.cc | 10 ++++++++++ src/libstore/local-store.hh | 1 + 2 files changed, 11 insertions(+) diff --git a/src/libstore/build.cc b/src/libstore/build.cc index a6f8dfaba..cca357dfb 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -3142,6 +3142,16 @@ void SubstitutionGoal::tryNext() hasSubstitute = true; + /* Bail out early if this substituter lacks a valid + signature. LocalStore::addToStore() also checks for this, but + only after we've downloaded the path. */ + if (worker.store.requireSigs && !info->checkSignatures(worker.store.publicKeys)) { + printMsg(lvlInfo, format("warning: substituter ā€˜%sā€™ does not have a valid signature for path ā€˜%sā€™") + % sub->getUri() % storePath); + tryNext(); + return; + } + /* To maintain the closure invariant, we first have to realise the paths referenced by this one. */ for (auto & i : info->references) diff --git a/src/libstore/local-store.hh b/src/libstore/local-store.hh index 8de58cea8..2a3f452bc 100644 --- a/src/libstore/local-store.hh +++ b/src/libstore/local-store.hh @@ -248,6 +248,7 @@ private: void signPathInfo(ValidPathInfo & info); friend class DerivationGoal; + friend class SubstitutionGoal; };