copyStorePath(): Don't require signatures for "trusted" stores

For example, SSH stores could be trusted.
author: Eelco Dolstra <edolstra@gmail.com> 2017-02-07T18·23+0100
committer: Eelco Dolstra <edolstra@gmail.com> 2017-02-07T18·29+0100
commit: f38224e924bc38ea2b94930f8d12e29c7c8df7a8 (patch)
tree: d1f9c5dbf740f47c2b14a8e466b3d613c59c808c /src
parent: fa07558a069b974769e22ac944cfe21a69fb4485 (diff)
2 files changed, 13 insertions, 0 deletions
diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc
index f98ba38406d1..11c2f4b02b2e 100644
--- a/src/libstore/store-api.cc
+++ b/src/libstore/store-api.cc
@@ -529,6 +529,15 @@ void copyStorePath(ref<Store> srcStore, ref<Store> dstStore,
     StringSink sink;
     srcStore->narFromPath({storePath}, sink);
 
+    if (srcStore->isTrusted())
+        dontCheckSigs = true;
+
+    if (!info->narHash && dontCheckSigs) {
+        auto info2 = make_ref<ValidPathInfo>(*info);
+        info2->narHash = hashString(htSHA256, *sink.s);
+        info = info2;
+    }
+
     dstStore->addToStore(*info, sink.s, repair, dontCheckSigs);
 }
 
diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh
index 8058daf149be..39132be893c0 100644
--- a/src/libstore/store-api.hh
+++ b/src/libstore/store-api.hh
@@ -562,6 +562,10 @@ public:
 
     const Stats & getStats();
 
+    /* Whether this store paths from this store can be imported even
+       if they lack a signature. */
+    virtual bool isTrusted() { return false; }
+
 protected:
 
     Stats stats;
author	Eelco Dolstra <edolstra@gmail.com>	2017-02-07T18·23+0100
committer	Eelco Dolstra <edolstra@gmail.com>	2017-02-07T18·29+0100
commit	f38224e924bc38ea2b94930f8d12e29c7c8df7a8 (patch)
tree	d1f9c5dbf740f47c2b14a8e466b3d613c59c808c /src
parent	fa07558a069b974769e22ac944cfe21a69fb4485 (diff)