depot - monorepo for the virus lounge

Age	Commit message (Collapse)	Author	Files	Lines
2012-07-30	Refactor settings processing	Eelco Dolstra	1	-11/+11
	Put all Nix configuration flags in a Settings object.
2011-09-12	* Ouch. A store upgrade could cause a substituter to be triggered,	Eelco Dolstra	1	-1/+2
	causing a deadlock.
2011-08-31	* Eliminate all uses of the global variable ‘store’ from libstore.	Eelco Dolstra	1	-5/+6
	This should also fix: nix-instantiate: ./../boost/shared_ptr.hpp:254: T* boost::shared_ptr<T>::operator->() const [with T = nix::StoreAPI]: Assertion `px != 0' failed. which was caused by hashDerivationModulo() calling the ‘store’ object (during store upgrades) before openStore() assigned it.
2011-07-20	* Fix a huuuuge security hole in the Nix daemon. It didn't check that	Eelco Dolstra	1	-0/+79
	derivations added to the store by clients have "correct" output paths (meaning that the output paths are computed by hashing the derivation according to a certain algorithm). This means that a malicious user could craft a special .drv file to build any desired path in the store with any desired contents (so long as the path doesn't already exist). Then the attacker just needs to wait for a victim to come along and install the compromised path. For instance, if Alice (the attacker) knows that the latest Firefox derivation in Nixpkgs produces the path /nix/store/1a5nyfd4ajxbyy97r1fslhgrv70gj8a7-firefox-5.0.1 then (provided this path doesn't already exist) she can craft a .drv file that creates that path (i.e., has it as one of its outputs), add it to the store using "nix-store --add", and build it with "nix-store -r". So the fake .drv could write a Trojan to the Firefox path. Then, if user Bob (the victim) comes along and does $ nix-env -i firefox $ firefox he executes the Trojan injected by Alice. The fix is to have the Nix daemon verify that derivation outputs are correct (in addValidPath()). This required some refactoring to move the hash computation code to libstore.
2010-04-21	* Don't use an ostringstream in unparseDerivation(), because it's	Eelco Dolstra	1	-38/+39
	slow. A `nix-env -qa --drv-path \*' on Nixpkgs was spending 40% of its time in unparseDerivation() because of this (now 11%).
2010-04-19	* Don't use the ATerm library for parsing/printing .drv files.	Eelco Dolstra	1	-110/+113

2009-04-21	* Use foreach in a lot of places.	Eelco Dolstra	1	-2/+1

2008-08-25	* Strip off the `.nix' suffix from the attribute name for files in	Eelco Dolstra	1	-3/+2
	~/.nix-defexpr, otherwise the attribute cannot be selected with the `-A' option. Useful if you want to stick a Nix expression directly in ~/.nix-defexpr.
2007-01-29	* computeStorePathForText: take the references into account when	Eelco Dolstra	1	-1/+1
	computing the store path (NIX-77). This is an important security property in multi-user Nix stores. Note that this changes the store paths of derivations (since the derivation aterms are added using addTextToStore), but not most outputs (unless they use builtins.toFile).
2006-12-01	* Replace read-only calls to addTextToStore.	Eelco Dolstra	1	-2/+6

2006-11-30	* Refactoring. There is now an abstract interface class StoreAPI	Eelco Dolstra	1	-2/+2
	containing functions that operate on the Nix store. One implementation is LocalStore, which operates on the Nix store directly. The next step, to enable secure multi-user Nix, is to create a different implementation RemoteStore that talks to a privileged daemon process that uses LocalStore to perform the actual operations.
2006-10-16	* Big cleanup of the semantics of paths, strings, contexts, string	Eelco Dolstra	1	-12/+2
	concatenation and string coercion. This was a big mess (see e.g. NIX-67). Contexts are now folded into strings, so that they don't cause evaluation errors when they're not expected. The semantics of paths has been clarified (see nixexpr-ast.def). toString() and coerceToString() have been merged. Semantic change: paths are now copied to the store when they're in a concatenation (and in most other situations - that's the formalisation of the meaning of a path). So "foo " + ./bla evaluates to "foo /nix/store/hash...-bla", not "foo /path/to/current-dir/bla". This prevents accidental impurities, and is more consistent with the treatment of derivation outputs, e.g., `"foo " + bla' where `bla' is a derivation. (Here `bla' would be replaced by the output path of `bla'.)
2006-09-04	* Remove unnecessary inclusions of aterm2.h.	Eelco Dolstra	1	-0/+1

2006-09-04	* Use a proper namespace.	Eelco Dolstra	1	-1/+6
	* Optimise header file usage a bit. * Compile the parser as C++.
2006-05-02	* Removed a bunch of ATreverses.	Eelco Dolstra	1	-16/+19

2005-01-25	* Maintain the references/referers relation also for derivations.	Eelco Dolstra	1	-1/+9
	This simplifies garbage collection and `nix-store --query --requisites' since we no longer need to treat derivations specially. * Better maintaining of the invariants, e.g., setReferences() can only be called on a valid/substitutable path.
2005-01-20	* Terminology fixes.	Eelco Dolstra	1	-1/+1

2005-01-20	* Another change to low-level derivations. The last one this year, I	Eelco Dolstra	1	-11/+30
	promise :-) This allows derivations to specify on what output paths of input derivations they are dependent. This helps to prevent unnecessary downloads. For instance, a build might be dependent on the `devel' and `lib' outputs of some library component, but not the `docs' output.
2005-01-19	* Renamed `normalise.cc' -> `build.cc', `storeexprs.cc' ->	Eelco Dolstra	1	-0/+142
	`derivations.cc', etc. * Store the SHA-256 content hash of store paths in the database after they have been built/added. This is so that we can check whether the store has been messed with (a la `rpm --verify'). * When registering path validity, verify that the closure property holds.