maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nix verify-paths: Add ‘--sigs-needed <N>’ flag

Browse source 
This specifies the number of distinct signatures required to consider
each path "trusted".

Also renamed ‘--no-sigs’ to ‘--no-trust’ for the flag that disables
verifying whether a path is trusted (since a path can also be trusted
if it has no signatures, but was built locally).
This commit is contained in:
Eelco Dolstra 2016-04-07 15:14:12 +02:00
parent 6b2ae52808
commit 05fbc606fc
3 changed files with 41 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/libstore/store-api.hh
View file

@ -127,6 +127,9 @@ struct ValidPathInfo
/* Return the number of signatures on this .narinfo that were
produced by one of the specified keys. */
unsigned int checkSignatures(const PublicKeys & publicKeys) const;
/* Verify a single signature. */
bool checkSignature(const PublicKeys & publicKeys, const std::string & sig) const;
};
typedef list<ValidPathInfo> ValidPathInfos;