about summary refs log tree commit diff
path: root/third_party/nix/src/nix-daemon
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/nix/src/nix-daemon')
-rw-r--r--third_party/nix/src/nix-daemon/nix-daemon.cc120
1 files changed, 74 insertions, 46 deletions
diff --git a/third_party/nix/src/nix-daemon/nix-daemon.cc b/third_party/nix/src/nix-daemon/nix-daemon.cc
index 34ea932fe9e7..4f71a0c36fe2 100644
--- a/third_party/nix/src/nix-daemon/nix-daemon.cc
+++ b/third_party/nix/src/nix-daemon/nix-daemon.cc
@@ -90,8 +90,9 @@ struct TunnelLogger {
         state->canSendStderr = false;
         throw;
       }
-    } else
+    } else {
       state->pendingMsgs.push_back(s);
+    }
   }
 
   void log(const FormatOrString& fs) {
@@ -253,14 +254,15 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
       Path path = readStorePath(*store, from);
       logger->startWork();
       PathSet paths;
-      if (op == wopQueryReferences)
+      if (op == wopQueryReferences) {
         paths = store->queryPathInfo(path)->references;
-      else if (op == wopQueryReferrers)
+      } else if (op == wopQueryReferrers) {
         store->queryReferrers(path, paths);
-      else if (op == wopQueryValidDerivers)
+      } else if (op == wopQueryValidDerivers) {
         paths = store->queryValidDerivers(path);
-      else
+      } else {
         paths = store->queryDerivationOutputs(path);
+      }
       logger->stopWork();
       to << paths;
       break;
@@ -377,10 +379,11 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
 
         /* Repairing is not atomic, so disallowed for "untrusted"
            clients.  */
-        if (mode == bmRepair && !trusted)
+        if (mode == bmRepair && !trusted) {
           throw Error(
               "repairing is not allowed because you are not in "
               "'trusted-users'");
+        }
       }
       logger->startWork();
       store->buildPaths(drvs, mode);
@@ -451,10 +454,11 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
 
       to << size;
 
-      for (auto& [target, links] : roots)
+      for (auto& [target, links] : roots) {
         for (auto& link : links) {
           to << link << target;
         }
+      }
 
       break;
     }
@@ -472,8 +476,9 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
       GCResults results;
 
       logger->startWork();
-      if (options.ignoreLiveness)
+      if (options.ignoreLiveness) {
         throw Error("you are not allowed to ignore liveness");
+      }
       store->collectGarbage(options, results);
       logger->stopWork();
 
@@ -522,30 +527,33 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
           }
           Strings subs;
           auto ss = tokenizeString<Strings>(value);
-          for (auto& s : ss)
-            if (trusted.count(s))
+          for (auto& s : ss) {
+            if (trusted.count(s)) {
               subs.push_back(s);
-            else
+            } else {
               LOG(WARNING) << "ignoring untrusted substituter '" << s << "'";
+            }
+          }
           res = subs;
           return true;
         };
 
         try {
-          if (name == "ssh-auth-sock")  // obsolete
+          if (name == "ssh-auth-sock") {  // obsolete
             ;
-          else if (trusted || name == settings.buildTimeout.name ||
-                   name == "connect-timeout" ||
-                   (name == "builders" && value == ""))
+          } else if (trusted || name == settings.buildTimeout.name ||
+                     name == "connect-timeout" ||
+                     (name == "builders" && value == "")) {
             settings.set(name, value);
-          else if (setSubstituters(settings.substituters))
+          } else if (setSubstituters(settings.substituters)) {
             ;
-          else if (setSubstituters(settings.extraSubstituters))
+          } else if (setSubstituters(settings.extraSubstituters)) {
             ;
-          else
+          } else {
             LOG(WARNING) << "ignoring the user-specified setting '" << name
                          << "', because it is a "
                          << "restricted setting and you are not a trusted user";
+          }
         } catch (UsageError& e) {
           LOG(WARNING) << e.what();
         }
@@ -562,9 +570,9 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
       store->querySubstitutablePathInfos({path}, infos);
       logger->stopWork();
       SubstitutablePathInfos::iterator i = infos.find(path);
-      if (i == infos.end())
+      if (i == infos.end()) {
         to << 0;
-      else {
+      } else {
         to << 1 << i->second.deriver << i->second.references
            << i->second.downloadSize << i->second.narSize;
       }
@@ -632,8 +640,9 @@ static void performOp(TunnelLogger* logger, ref<Store> store, bool trusted,
       bool checkContents, repair;
       from >> checkContents >> repair;
       logger->startWork();
-      if (repair && !trusted)
+      if (repair && !trusted) {
         throw Error("you are not privileged to repair paths");
+      }
       bool errors = store->verifyStore(checkContents, (RepairFlag)repair);
       logger->stopWork();
       to << errors;
@@ -746,8 +755,9 @@ static void processConnection(bool trusted, const std::string& userName,
     DLOG(INFO) << opCount << " operations";
   });
 
-  if (GET_PROTOCOL_MINOR(clientVersion) >= 14 && readInt(from))
+  if (GET_PROTOCOL_MINOR(clientVersion) >= 14 && readInt(from)) {
     setAffinityTo(readInt(from));
+  }
 
   readInt(from);  // obsolete reserveSpace
 
@@ -823,8 +833,9 @@ static void sigChldHandler(int sigNo) {
   // Ensure we don't modify errno of whatever we've interrupted
   auto saved_errno = errno;
   /* Reap all dead children. */
-  while (waitpid(-1, 0, WNOHANG) > 0)
+  while (waitpid(-1, 0, WNOHANG) > 0) {
     ;
+  }
   errno = saved_errno;
 }
 
@@ -833,8 +844,9 @@ static void setSigChldAction(bool autoReap) {
   act.sa_handler = autoReap ? sigChldHandler : SIG_DFL;
   sigfillset(&act.sa_mask);
   act.sa_flags = 0;
-  if (sigaction(SIGCHLD, &act, &oact))
+  if (sigaction(SIGCHLD, &act, &oact)) {
     throw SysError("setting SIGCHLD handler");
+  }
 }
 
 bool matchUser(const string& user, const string& group, const Strings& users) {
@@ -846,7 +858,7 @@ bool matchUser(const string& user, const string& group, const Strings& users) {
     return true;
   }
 
-  for (auto& i : users)
+  for (auto& i : users) {
     if (string(i, 0, 1) == "@") {
       if (group == string(i, 1)) {
         return true;
@@ -855,11 +867,13 @@ bool matchUser(const string& user, const string& group, const Strings& users) {
       if (!gr) {
         continue;
       }
-      for (char** mem = gr->gr_mem; *mem; mem++)
+      for (char** mem = gr->gr_mem; *mem; mem++) {
         if (user == string(*mem)) {
           return true;
         }
+      }
     }
+  }
 
   return false;
 }
@@ -881,8 +895,9 @@ static PeerInfo getPeerInfo(int remote) {
 
   ucred cred;
   socklen_t credLen = sizeof(cred);
-  if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1)
+  if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1) {
     throw SysError("getting peer credentials");
+  }
   peer = {true, cred.pid, true, cred.uid, true, cred.gid};
 
 #elif defined(LOCAL_PEERCRED)
@@ -918,8 +933,9 @@ static void daemonLoop(char** argv) {
   /* Handle socket-based activation by systemd. */
   if (getEnv("LISTEN_FDS") != "") {
     if (getEnv("LISTEN_PID") != std::to_string(getpid()) ||
-        getEnv("LISTEN_FDS") != "1")
+        getEnv("LISTEN_FDS") != "1") {
       throw Error("unexpected systemd environment variables");
+    }
     fdSocket = SD_LISTEN_FDS_START;
   }
 
@@ -938,14 +954,16 @@ static void daemonLoop(char** argv) {
     /* Urgh, sockaddr_un allows path names of only 108 characters.
        So chdir to the socket directory so that we can pass a
        relative path name. */
-    if (chdir(dirOf(socketPath).c_str()) == -1)
+    if (chdir(dirOf(socketPath).c_str()) == -1) {
       throw SysError("cannot change current directory");
+    }
     Path socketPathRel = "./" + baseNameOf(socketPath);
 
     struct sockaddr_un addr;
     addr.sun_family = AF_UNIX;
-    if (socketPathRel.size() >= sizeof(addr.sun_path))
+    if (socketPathRel.size() >= sizeof(addr.sun_path)) {
       throw Error(format("socket path '%1%' is too long") % socketPathRel);
+    }
     strcpy(addr.sun_path, socketPathRel.c_str());
 
     unlink(socketPath.c_str());
@@ -956,14 +974,17 @@ static void daemonLoop(char** argv) {
     mode_t oldMode = umask(0111);
     int res = bind(fdSocket.get(), (struct sockaddr*)&addr, sizeof(addr));
     umask(oldMode);
-    if (res == -1)
+    if (res == -1) {
       throw SysError(format("cannot bind to socket '%1%'") % socketPath);
+    }
 
-    if (chdir("/") == -1) /* back to the root */
+    if (chdir("/") == -1) { /* back to the root */
       throw SysError("cannot change current directory");
+    }
 
-    if (listen(fdSocket.get(), 5) == -1)
+    if (listen(fdSocket.get(), 5) == -1) {
       throw SysError(format("cannot listen on socket '%1%'") % socketPath);
+    }
   }
 
   closeOnExec(fdSocket.get());
@@ -1062,16 +1083,17 @@ static int _main(int argc, char** argv) {
 
     parseCmdLine(argc, argv,
                  [&](Strings::iterator& arg, const Strings::iterator& end) {
-                   if (*arg == "--daemon")
+                   if (*arg == "--daemon") {
                      ; /* ignored for backwards compatibility */
-                   else if (*arg == "--help")
+                   } else if (*arg == "--help") {
                      showManPage("nix-daemon");
-                   else if (*arg == "--version")
+                   } else if (*arg == "--version") {
                      printVersion("nix-daemon");
-                   else if (*arg == "--stdio")
+                   } else if (*arg == "--stdio") {
                      stdio = true;
-                   else
+                   } else {
                      return false;
+                   }
                    return true;
                  });
 
@@ -1087,20 +1109,23 @@ static int _main(int argc, char** argv) {
         }
 
         auto socketDir = dirOf(socketPath);
-        if (chdir(socketDir.c_str()) == -1)
+        if (chdir(socketDir.c_str()) == -1) {
           throw SysError(format("changing to socket directory '%1%'") %
                          socketDir);
+        }
 
         auto socketName = baseNameOf(socketPath);
         auto addr = sockaddr_un{};
         addr.sun_family = AF_UNIX;
-        if (socketName.size() + 1 >= sizeof(addr.sun_path))
+        if (socketName.size() + 1 >= sizeof(addr.sun_path)) {
           throw Error(format("socket name %1% is too long") % socketName);
+        }
         strcpy(addr.sun_path, socketName.c_str());
 
-        if (connect(s, (struct sockaddr*)&addr, sizeof(addr)) == -1)
+        if (connect(s, (struct sockaddr*)&addr, sizeof(addr)) == -1) {
           throw SysError(format("cannot connect to daemon at %1%") %
                          socketPath);
+        }
 
         auto nfds = (s > STDIN_FILENO ? s : STDIN_FILENO) + 1;
         while (true) {
@@ -1108,23 +1133,26 @@ static int _main(int argc, char** argv) {
           FD_ZERO(&fds);
           FD_SET(s, &fds);
           FD_SET(STDIN_FILENO, &fds);
-          if (select(nfds, &fds, nullptr, nullptr, nullptr) == -1)
+          if (select(nfds, &fds, nullptr, nullptr, nullptr) == -1) {
             throw SysError("waiting for data from client or server");
+          }
           if (FD_ISSET(s, &fds)) {
             auto res = splice(s, nullptr, STDOUT_FILENO, nullptr, SSIZE_MAX,
                               SPLICE_F_MOVE);
-            if (res == -1)
+            if (res == -1) {
               throw SysError("splicing data from daemon socket to stdout");
-            else if (res == 0)
+            } else if (res == 0) {
               throw EndOfFile("unexpected EOF from daemon socket");
+            }
           }
           if (FD_ISSET(STDIN_FILENO, &fds)) {
             auto res = splice(STDIN_FILENO, nullptr, s, nullptr, SSIZE_MAX,
                               SPLICE_F_MOVE);
-            if (res == -1)
+            if (res == -1) {
               throw SysError("splicing data from stdin to daemon socket");
-            else if (res == 0)
+            } else if (res == 0) {
               return 0;
+            }
           }
         }
       } else {