RemoteStore::addToStore(): Pass content-addressability assertion
... and use this in Downloader::downloadCached(). This fixes $ nix-build https://nixos.org/channels/nixos-16.09-small/nixexprs.tar.xz -A hello error: cannot import path ‘/nix/store/csfbp1s60dkgmk9f8g0zk0mwb7hzgabd-nixexprs.tar.xz’ because it lacks a valid signature
This commit is contained in:
parent
fe2db1dae5
commit
f023f64f40
6 changed files with 16 additions and 3 deletions
|
@ -612,6 +612,7 @@ Path Downloader::downloadCached(ref<Store> store, const string & url_, bool unpa
|
||||||
Hash hash = hashString(expectedHash ? expectedHash.type : htSHA256, *res.data);
|
Hash hash = hashString(expectedHash ? expectedHash.type : htSHA256, *res.data);
|
||||||
info.path = store->makeFixedOutputPath(false, hash, name);
|
info.path = store->makeFixedOutputPath(false, hash, name);
|
||||||
info.narHash = hashString(htSHA256, *sink.s);
|
info.narHash = hashString(htSHA256, *sink.s);
|
||||||
|
info.ca = makeFixedOutputCA(false, hash);
|
||||||
store->addToStore(info, sink.s, false, true);
|
store->addToStore(info, sink.s, false, true);
|
||||||
storePath = info.path;
|
storePath = info.path;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1002,7 +1002,7 @@ Path LocalStore::addToStoreFromDump(const string & dump, const string & name,
|
||||||
info.narHash = hash.first;
|
info.narHash = hash.first;
|
||||||
info.narSize = hash.second;
|
info.narSize = hash.second;
|
||||||
info.ultimate = true;
|
info.ultimate = true;
|
||||||
info.ca = "fixed:" + (recursive ? (std::string) "r:" : "") + h.to_string();
|
info.ca = makeFixedOutputCA(recursive, h);
|
||||||
registerValidPath(info);
|
registerValidPath(info);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -380,7 +380,7 @@ void RemoteStore::addToStore(const ValidPathInfo & info, const ref<std::string>
|
||||||
conn->to << wopAddToStoreNar
|
conn->to << wopAddToStoreNar
|
||||||
<< info.path << info.deriver << printHash(info.narHash)
|
<< info.path << info.deriver << printHash(info.narHash)
|
||||||
<< info.references << info.registrationTime << info.narSize
|
<< info.references << info.registrationTime << info.narSize
|
||||||
<< info.ultimate << info.sigs << *nar << repair << dontCheckSigs;
|
<< info.ultimate << info.sigs << info.ca << *nar << repair << dontCheckSigs;
|
||||||
// FIXME: don't send nar as a string
|
// FIXME: don't send nar as a string
|
||||||
conn->processStderr();
|
conn->processStderr();
|
||||||
}
|
}
|
||||||
|
|
|
@ -676,6 +676,12 @@ Strings ValidPathInfo::shortRefs() const
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
std::string makeFixedOutputCA(bool recursive, const Hash & hash)
|
||||||
|
{
|
||||||
|
return "fixed:" + (recursive ? (std::string) "r:" : "") + hash.to_string();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -128,7 +128,7 @@ struct ValidPathInfo
|
||||||
of an output path of a derivation were actually produced by
|
of an output path of a derivation were actually produced by
|
||||||
that derivation. In the intensional model, we have to trust
|
that derivation. In the intensional model, we have to trust
|
||||||
that a particular output path was produced by a derivation; the
|
that a particular output path was produced by a derivation; the
|
||||||
path name then implies the contents.)
|
path then implies the contents.)
|
||||||
|
|
||||||
Ideally, the content-addressability assertion would just be a
|
Ideally, the content-addressability assertion would just be a
|
||||||
Boolean, and the store path would be computed from
|
Boolean, and the store path would be computed from
|
||||||
|
@ -687,6 +687,11 @@ ValidPathInfo decodeValidPathInfo(std::istream & str,
|
||||||
bool hashGiven = false);
|
bool hashGiven = false);
|
||||||
|
|
||||||
|
|
||||||
|
/* Compute the content-addressability assertion (ValidPathInfo::ca)
|
||||||
|
for paths created by makeFixedOutputPath() / addToStore(). */
|
||||||
|
std::string makeFixedOutputCA(bool recursive, const Hash & hash);
|
||||||
|
|
||||||
|
|
||||||
MakeError(SubstError, Error)
|
MakeError(SubstError, Error)
|
||||||
MakeError(BuildError, Error) /* denotes a permanent build failure */
|
MakeError(BuildError, Error) /* denotes a permanent build failure */
|
||||||
MakeError(InvalidPath, Error)
|
MakeError(InvalidPath, Error)
|
||||||
|
|
|
@ -582,6 +582,7 @@ static void performOp(ref<LocalStore> store, bool trusted, unsigned int clientVe
|
||||||
info.narSize = readLongLong(from);
|
info.narSize = readLongLong(from);
|
||||||
info.ultimate = readLongLong(from);
|
info.ultimate = readLongLong(from);
|
||||||
info.sigs = readStrings<StringSet>(from);
|
info.sigs = readStrings<StringSet>(from);
|
||||||
|
info.ca = readString(from);
|
||||||
auto nar = make_ref<std::string>(readString(from));
|
auto nar = make_ref<std::string>(readString(from));
|
||||||
auto repair = readInt(from) ? true : false;
|
auto repair = readInt(from) ? true : false;
|
||||||
auto dontCheckSigs = readInt(from) ? true : false;
|
auto dontCheckSigs = readInt(from) ? true : false;
|
||||||
|
|
Loading…
Reference in a new issue