Re-implement binary cache signature checking

This is now done in LocalStore::addToStore(), rather than in the binary cache substituter (which no longer exists).
author: Eelco Dolstra <eelco.dolstra@logicblox.com> 2016-05-30T11·55+0200
committer: Eelco Dolstra <eelco.dolstra@logicblox.com> 2016-05-30T13·18+0200
commit: 3593c8285dec644f07156496fd8cd84ef70ec665 (patch)
tree: 9ad57876fc842299c6a8948840d05437c12df945 /src/libstore/local-store.cc
parent: 12ddbad45893f125e2ab46c5e26d7c8396b31bdb (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc
index 8608b39ec5..b44384957c 100644
--- a/src/libstore/local-store.cc
+++ b/src/libstore/local-store.cc
@@ -58,6 +58,8 @@ LocalStore::LocalStore()
     : linksDir(settings.nixStore + "/.links")
     , reservedPath(settings.nixDBPath + "/reserved")
     , schemaPath(settings.nixDBPath + "/schema")
+    , requireSigs(settings.get("signed-binary-caches", std::string("")) != "") // FIXME: rename option
+    , publicKeys(getDefaultPublicKeys())
 {
     auto state(_state.lock());
 
@@ -909,6 +911,9 @@ void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar,
         throw Error(format("hash mismatch importing path ‘%s’; expected hash ‘%s’, got ‘%s’") %
             info.path % info.narHash.to_string() % h.to_string());
 
+    if (requireSigs && !info.checkSignatures(publicKeys))
+        throw Error(format("cannot import path ‘%s’ because it lacks a valid signature") % info.path);
+
     addTempRoot(info.path);
 
     if (repair || !isValidPath(info.path)) {
author	Eelco Dolstra <eelco.dolstra@logicblox.com>	2016-05-30T11·55+0200
committer	Eelco Dolstra <eelco.dolstra@logicblox.com>	2016-05-30T13·18+0200
commit	3593c8285dec644f07156496fd8cd84ef70ec665 (patch)
tree	9ad57876fc842299c6a8948840d05437c12df945 /src/libstore/local-store.cc
parent	12ddbad45893f125e2ab46c5e26d7c8396b31bdb (diff)