* Don't check the signature unless we have to.
This commit is contained in:
parent
2ea3bebc23
commit
b4a040e52b
1 changed files with 20 additions and 18 deletions
|
@ -840,27 +840,29 @@ Path LocalStore::importPath(bool requireSignature, Source & source)
|
||||||
if (haveSignature) {
|
if (haveSignature) {
|
||||||
string signature = readString(hashAndReadSource);
|
string signature = readString(hashAndReadSource);
|
||||||
|
|
||||||
Path sigFile = tmpDir + "/sig";
|
if (requireSignature) {
|
||||||
writeStringToFile(sigFile, signature);
|
Path sigFile = tmpDir + "/sig";
|
||||||
|
writeStringToFile(sigFile, signature);
|
||||||
|
|
||||||
Strings args;
|
Strings args;
|
||||||
args.push_back("rsautl");
|
args.push_back("rsautl");
|
||||||
args.push_back("-verify");
|
args.push_back("-verify");
|
||||||
args.push_back("-inkey");
|
args.push_back("-inkey");
|
||||||
args.push_back(nixConfDir + "/signing-key.pub");
|
args.push_back(nixConfDir + "/signing-key.pub");
|
||||||
args.push_back("-pubin");
|
args.push_back("-pubin");
|
||||||
args.push_back("-in");
|
args.push_back("-in");
|
||||||
args.push_back(sigFile);
|
args.push_back(sigFile);
|
||||||
string hash2 = runProgram("openssl", true, args);
|
string hash2 = runProgram("openssl", true, args);
|
||||||
|
|
||||||
/* Note: runProgram() throws an exception if the signature is
|
/* Note: runProgram() throws an exception if the signature
|
||||||
invalid. */
|
is invalid. */
|
||||||
|
|
||||||
if (printHash(hash) != hash2)
|
if (printHash(hash) != hash2)
|
||||||
throw Error(
|
throw Error(
|
||||||
"signed hash doesn't match actual contents of imported "
|
"signed hash doesn't match actual contents of imported "
|
||||||
"archive; archive could be corrupt, or someone is trying "
|
"archive; archive could be corrupt, or someone is trying "
|
||||||
"to import a Trojan horse");
|
"to import a Trojan horse");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Do the actual import. */
|
/* Do the actual import. */
|
||||||
|
|
Loading…
Reference in a new issue