diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2012-07-31T22·56-0400 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2012-07-31T22·56-0400 |
| commit | 4d1b64f118cf6ebcbf530bea4a3c531704d7d6ba (patch) | |
| tree | 07a51356c5c580d76aec2e8c7edef26f8fcc1359 | |
| parent | eb7849e3a281511a59abf72ae5c3133f903bbaab (diff) | |
Allow daemon users to override ‘binary-caches’
For security reasons, daemon users can only specify caches that appear in the ‘binary-caches’ and ‘trusted-binary-caches’ options in nix.conf.
| -rw-r--r-- | doc/manual/conf-file.xml | 13 | ||||
| -rw-r--r-- | scripts/download-from-binary-cache.pl.in | 30 |
2 files changed, 40 insertions, 3 deletions
diff --git a/doc/manual/conf-file.xml b/doc/manual/conf-file.xml index c19e44ebf6..c09d46206a 100644 --- a/doc/manual/conf-file.xml +++ b/doc/manual/conf-file.xml @@ -329,6 +329,19 @@ build-use-chroot = /dev /proc /bin</programlisting> </varlistentry> + <varlistentry><term><literal>trusted-binary-caches</literal></term> + + <listitem><para>A list of URLs of binary caches, separated by + whitespace. These are not used by default, but can be enabled by + users of the Nix daemon by specifying <literal>--option + binary-caches <replaceable>urls</replaceable></literal> on the + command line. Daemon users are only allowed to pass a subset of + the URLs listed in <literal>binary-caches</literal> and + <literal>trusted-binary-caches</literal>.</para></listitem> + + </varlistentry> + + <varlistentry><term><literal>binary-caches-parallel-connections</literal></term> <listitem><para>The maximum number of parallel HTTP connections diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in index 5d65e664e5..3f7d3ef45f 100644 --- a/scripts/download-from-binary-cache.pl.in +++ b/scripts/download-from-binary-cache.pl.in @@ -8,6 +8,7 @@ use Nix::Store; use Nix::Utils; use WWW::Curl::Easy; use WWW::Curl::Multi; +use List::MoreUtils qw(any); use strict; @@ -166,9 +167,32 @@ sub getAvailableCaches { return if $gotCaches; $gotCaches = 1; - my @urls = map { s/\/+$//; $_ } split(/ /, - $Nix::Config::config{"binary-caches"} - // ($Nix::Config::storeDir eq "/nix/store" ? "http://nixos.org/binary-cache" : "")); + sub strToList { + my ($s) = @_; + return map { s/\/+$//; $_ } split(/ /, $s); + } + + my @urls = strToList + ($Nix::Config::config{"binary-caches"} + // ($Nix::Config::storeDir eq "/nix/store" ? "http://nixos.org/binary-cache" : "")); + + # Allow Nix daemon users to override the binary caches to a subset + # of those listed in the config file. Note that ‘untrusted-*’ + # denotes options passed by the client. + if (defined $Nix::Config::config{"untrusted-binary-caches"}) { + my @untrustedUrls = strToList $Nix::Config::config{"untrusted-binary-caches"}; + my @trustedUrls = (@urls, strToList($Nix::Config::config{"trusted-binary-caches"} // "")); + @urls = (); + foreach my $url (@untrustedUrls) { + if (any { $url eq $_ } @trustedUrls) { + push @urls, $url; + } else { + # FIXME: should die here, but we currently can't + # deliver error messages to clients. + warn "warning: binary cache ‘$url’ is not trusted (please add it to ‘trusted-binary-caches’ in $Nix::Config::confDir/nix.conf)\n"; + } + } + } foreach my $url (@urls) { |