about summary refs log tree commit diff
path: root/scripts/download-from-binary-cache.pl.in
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2015-02-19T13·10+0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2015-02-19T13·10+0100
commit175935e053dc153901673ab711a4359da80eec16 (patch)
tree96d1db65af736471faa2f7384b04fc5c93a9d7a3 /scripts/download-from-binary-cache.pl.in
parent1816ac0db1817642e27ef1544c7d9b904dbb670a (diff)
FIXMEs
Diffstat (limited to 'scripts/download-from-binary-cache.pl.in')
-rw-r--r--scripts/download-from-binary-cache.pl.in4
1 files changed, 4 insertions, 0 deletions
diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in
index 4655f9ac9a0e..bb63eafca522 100644
--- a/scripts/download-from-binary-cache.pl.in
+++ b/scripts/download-from-binary-cache.pl.in
@@ -54,6 +54,10 @@ sub isTrue {
     return $x eq "true" || $x eq "1";
 }
 
+# FIXME: this should be cache URLs required to have valid signatures,
+# or "*" to require signatures on all binary caches.
+# FIXME: should binary caches using a key in
+# ‘binary-cache-public-keys’ be trusted by default?
 my $requireSignedBinaryCaches = ($Nix::Config::config{"signed-binary-caches"} // "0") ne "0";
 
 my $curlConnectTimeout = int(