about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2016-05-30T13·09+0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2016-05-30T13·18+0200
commit57d33013ce58e0cfd31e51dfb57a78f8f2a545fd (patch)
treec638b464c0811f5eca34391bd70c6531eb7b2505
parent42ae8d95aa152b69a8e190772845922ed7681cf5 (diff)
Check signatures before downloading the substitute
-rw-r--r--src/libstore/build.cc10
-rw-r--r--src/libstore/local-store.hh1
2 files changed, 11 insertions, 0 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index a6f8dfabac00..cca357dfb31b 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -3142,6 +3142,16 @@ void SubstitutionGoal::tryNext()
 
     hasSubstitute = true;
 
+    /* Bail out early if this substituter lacks a valid
+       signature. LocalStore::addToStore() also checks for this, but
+       only after we've downloaded the path. */
+    if (worker.store.requireSigs && !info->checkSignatures(worker.store.publicKeys)) {
+        printMsg(lvlInfo, format("warning: substituter ‘%s’ does not have a valid signature for path ‘%s’")
+            % sub->getUri() % storePath);
+        tryNext();
+        return;
+    }
+
     /* To maintain the closure invariant, we first have to realise the
        paths referenced by this one. */
     for (auto & i : info->references)
diff --git a/src/libstore/local-store.hh b/src/libstore/local-store.hh
index 8de58cea8e43..2a3f452bc5c7 100644
--- a/src/libstore/local-store.hh
+++ b/src/libstore/local-store.hh
@@ -248,6 +248,7 @@ private:
     void signPathInfo(ValidPathInfo & info);
 
     friend class DerivationGoal;
+    friend class SubstitutionGoal;
 };