maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix #1921

Browse source
This commit is contained in:
Eelco Dolstra 2018-04-13 15:42:35 +02:00
parent 4fd28bee89
commit d34fa2bcc3
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
3 changed files with 14 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/libstore/build.cc
View file

@ -3687,7 +3687,7 @@ void SubstitutionGoal::tryNext()
only after we've downloaded the path. */ only after we've downloaded the path. */
if (worker.store.requireSigs if (worker.store.requireSigs
&& !sub->isTrusted && !sub->isTrusted
&& !info->checkSignatures(worker.store, worker.store.publicKeys)) && !info->checkSignatures(worker.store, worker.store.getPublicKeys()))
{ {
printError("warning: substituter '%s' does not have a valid signature for path '%s'", printError("warning: substituter '%s' does not have a valid signature for path '%s'",
sub->getUri(), storePath); sub->getUri(), storePath);

12
src/libstore/local-store.cc
View file

@ -53,7 +53,6 @@ LocalStore::LocalStore(const Params & params)
, trashDir(realStoreDir + "/trash") , trashDir(realStoreDir + "/trash")
, tempRootsDir(stateDir + "/temproots") , tempRootsDir(stateDir + "/temproots")
, fnTempRoots(fmt("%s/%d", tempRootsDir, getpid())) , fnTempRoots(fmt("%s/%d", tempRootsDir, getpid()))
, publicKeys(getDefaultPublicKeys())
{ {
auto state(_state.lock()); auto state(_state.lock());
@ -964,12 +963,21 @@ void LocalStore::invalidatePath(State & state, const Path & path)
} }
const PublicKeys & LocalStore::getPublicKeys()
{
auto state(_state.lock());
if (!state->publicKeys)
state->publicKeys = std::make_unique<PublicKeys>(getDefaultPublicKeys());
return *state->publicKeys;
}
void LocalStore::addToStore(const ValidPathInfo & info, Source & source, void LocalStore::addToStore(const ValidPathInfo & info, Source & source,
RepairFlag repair, CheckSigsFlag checkSigs, std::shared_ptr<FSAccessor> accessor) RepairFlag repair, CheckSigsFlag checkSigs, std::shared_ptr<FSAccessor> accessor)
{ {
assert(info.narHash); assert(info.narHash);
if (requireSigs && checkSigs && !info.checkSignatures(*this, publicKeys)) if (requireSigs && checkSigs && !info.checkSignatures(*this, getPublicKeys()))
throw Error("cannot add path '%s' because it lacks a valid signature", info.path); throw Error("cannot add path '%s' because it lacks a valid signature", info.path);
addTempRoot(info.path); addTempRoot(info.path);

4
src/libstore/local-store.hh
View file

@ -77,6 +77,8 @@ private:
minFree but not much below availAfterGC, then there is no minFree but not much below availAfterGC, then there is no
point in starting a new GC. */ point in starting a new GC. */
uint64_t availAfterGC = std::numeric_limits<uint64_t>::max(); uint64_t availAfterGC = std::numeric_limits<uint64_t>::max();
std::unique_ptr<PublicKeys> publicKeys;
}; };
Sync<State, std::recursive_mutex> _state; Sync<State, std::recursive_mutex> _state;
@ -100,7 +102,7 @@ private:
settings.requireSigs, settings.requireSigs,
"require-sigs", "whether store paths should have a trusted signature on import"}; "require-sigs", "whether store paths should have a trusted signature on import"};
PublicKeys publicKeys; const PublicKeys & getPublicKeys();
public: public: