diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-07-26T19·16+0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-07-26T19·16+0200 |
commit | 06bbfb6004942bfcddd930e746ee7a2bfe5c3872 (patch) | |
tree | 25395e3e0da92eb914abf4f59f33027269a28224 /src/libexpr | |
parent | ee3032e4de439b481ce1a4bc7fd8d71ea6ed2c94 (diff) |
builtins.{fetchurl,fetchTarball}: Support a sha256 attribute
Also, allow builtins.{fetchurl,fetchTarball} in restricted mode if a hash is specified.
Diffstat (limited to 'src/libexpr')
-rw-r--r-- | src/libexpr/primops.cc | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 565ed69ae77b..25736ebff065 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1680,9 +1680,8 @@ static void prim_compareVersions(EvalState & state, const Pos & pos, Value * * a void fetch(EvalState & state, const Pos & pos, Value * * args, Value & v, const string & who, bool unpack) { - if (state.restricted) throw Error(format("‘%1%’ is not allowed in restricted mode") % who); - string url; + Hash expectedHash; state.forceValue(*args[0]); @@ -1694,6 +1693,8 @@ void fetch(EvalState & state, const Pos & pos, Value * * args, Value & v, string name(attr.name); if (name == "url") url = state.forceStringNoCtx(*attr.value, *attr.pos); + else if (name == "sha256") + expectedHash = parseHash16or32(htSHA256, state.forceStringNoCtx(*attr.value, *attr.pos)); else throw EvalError(format("unsupported argument ‘%1%’ to ‘%2%’, at %3%") % attr.name % who % attr.pos); } @@ -1704,7 +1705,10 @@ void fetch(EvalState & state, const Pos & pos, Value * * args, Value & v, } else url = state.forceStringNoCtx(*args[0], pos); - Path res = makeDownloader()->downloadCached(state.store, url, unpack); + if (state.restricted && !expectedHash) + throw Error(format("‘%1%’ is not allowed in restricted mode") % who); + + Path res = makeDownloader()->downloadCached(state.store, url, unpack, expectedHash); mkString(v, res, PathSet({res})); } |