Disable TLS verification for builtin fetchurl

This makes it consistent with the Nixpkgs fetchurl and makes it work in chroots. We don't need verification because the hash of the result is checked anyway.
author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-10-21T12·59+0200
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2015-10-21T13·14+0200
commit: 5db358d4d78aea7204a8f22c5bf2a309267ee038 (patch)
tree: be5d2c166ae5504d255512ad632d73b9a174fe5b /src/libstore/download.hh
parent: 357d31b33962fcd19f2f05bd6ce6b8c7088a6e39 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/src/libstore/download.hh b/src/libstore/download.hh
index 28c9117e42..aff109ee7c 100644
--- a/src/libstore/download.hh
+++ b/src/libstore/download.hh
@@ -5,13 +5,19 @@
 
 namespace nix {
 
+struct DownloadOptions
+{
+    string expectedETag;
+    bool verifyTLS{true};
+};
+
 struct DownloadResult
 {
     bool cached;
     string data, etag;
 };
 
-DownloadResult downloadFile(string url, string expectedETag = "");
+DownloadResult downloadFile(string url, const DownloadOptions & options);
 
 Path downloadFileCached(const string & url, bool unpack);
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-10-21T12·59+0200
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2015-10-21T13·14+0200
commit	5db358d4d78aea7204a8f22c5bf2a309267ee038 (patch)
tree	be5d2c166ae5504d255512ad632d73b9a174fe5b /src/libstore/download.hh
parent	357d31b33962fcd19f2f05bd6ce6b8c7088a6e39 (diff)