about summary refs log tree commit diff
path: root/src/libutil/hash.cc
AgeCommit message (Collapse)AuthorFilesLines
2010-03-09 * In `nix-store --export', abort if the contents of a path hasEelco Dolstra1-0/+7
changed. This prevents corrupt paths from spreading to other machines. Note that checking the hash is cheap because we're hashing anyway (because of the --sign feature).
2008-12-03 * Pass HashType values instead of strings.Eelco Dolstra1-0/+9
2008-08-25 * Doh.Eelco Dolstra1-1/+0
2008-08-25 * Strip off the `.nix' suffix from the attribute name for files inEelco Dolstra1-0/+1
~/.nix-defexpr, otherwise the attribute cannot be selected with the `-A' option. Useful if you want to stick a Nix expression directly in ~/.nix-defexpr.
2008-05-21 * GCC 4.3.0 (Fedora 9) compatibility fixes. Reported by Gour andEelco Dolstra1-0/+1
Armijn Hemel.
2007-02-21 * `nix-store --export --sign': sign the Nix archive using the RSA keyEelco Dolstra1-15/+24
in /nix/etc/nix/signing-key.sec
2006-12-12 * New primop builtins.filterSource, which can be used to filter filesEelco Dolstra1-2/+2
from a source directory. All files for which a predicate function returns true are copied to the store. Typical example is to leave out the .svn directory: stdenv.mkDerivation { ... src = builtins.filterSource (path: baseNameOf (toString path) != ".svn") ./source-dir; # as opposed to # src = ./source-dir; } This is important because the .svn directory influences the hash in a rather unpredictable and variable way.
2006-11-30 * Skeleton of the privileged worker program.Eelco Dolstra1-1/+1
* Some refactoring: put the NAR archive integer/string serialisation code in a separate file so it can be reused by the worker protocol implementation.
2006-09-20 * Print a better error message for wrong hashes (NIX-49).Eelco Dolstra1-1/+7
2006-09-04 * Use a proper namespace.Eelco Dolstra1-2/+9
* Optimise header file usage a bit. * Compile the parser as C++.
2006-03-09 * Ugh, printHash() was very inefficient because it usedEelco Dolstra1-5/+7
ostringstreams. Around 11% of execution time was spent here (now it's 0.5%).
2006-03-01 * Ouch, parseHash32 was completely broken. All digits >= 4 wereEelco Dolstra1-1/+1
parsed as 4. For a moment I worried that printHash32 was broken, and that would have been really, *really* bad ;-)
2006-02-13 * Optional switch "--with-openssl=<PATH>" to use OpenSSL'sEelco Dolstra1-11/+15
implementations of MD5, SHA-1 and SHA-256. The main benefit is that we get assembler-optimised implementations of MD5 and SHA-1 (though not SHA-256 (at least on x86), unfortunately). OpenSSL's SHA-1 implementation on Intel is twice as fast as ours.
2006-02-13 * Use a union.Eelco Dolstra1-2/+1
2005-11-16 * Did something useful while waiting at IAD: reference scanning is nowEelco Dolstra1-1/+5
much faster.
2005-03-23 * Fix endianness bug.Eelco Dolstra1-18/+18
2005-01-17 * Removed the `id' attribute hack.Eelco Dolstra1-3/+61
* Formalise the notion of fixed-output derivations, i.e., derivations for which a cryptographic hash of the output is known in advance. Changes to such derivations should not propagate upwards through the dependency graph. Previously this was done by specifying the hash component of the output path through the `id' attribute, but this is insecure since you can lie about it (i.e., you can specify any hash and then produce a completely different output). Now the responsibility for checking the output is moved from the builder to Nix itself. A fixed-output derivation can be created by specifying the `outputHash' and `outputHashAlgo' attributes, the latter taking values `md5', `sha1', and `sha256', and the former specifying the actual hash in hexadecimal or in base-32 (auto-detected by looking at the length of the attribute value). MD5 is included for compatibility but should be considered deprecated. * Removed the `drvPath' pseudo-attribute in derivation results. It's no longer necessary. * Cleaned up the support for multiple output paths in derivation store expressions. Each output now has a unique identifier (e.g., `out', `devel', `docs'). Previously there was no way to tell output paths apart at the store expression level. * `nix-hash' now has a flag `--base32' to specify that the hash should be printed in base-32 notation. * `fetchurl' accepts parameters `sha256' and `sha1' in addition to `md5'. * `nix-prefetch-url' now prints out a SHA-1 hash in base-32. (TODO: a flag to specify the hash.)
2005-01-14 * Shorten SHA-256 hashes used in store path name generation to 160Eelco Dolstra1-6/+66
bits, then encode them in a radix-32 representation (using digits and letters except e, o, u, and t). This produces store paths like /nix/store/4i0zb0z7f88mwghjirkz702a71dcfivn-aterm-2.3.1. The nice thing about this is that the hash part of the file name is still 32 characters, as before with MD5. (Of course, shortening SHA-256 to 160 bits makes it no better than SHA-160 in theory, but hopefully it's a bit more resistant to attacks; it's certainly a lot slower.)
2005-01-14 * Start move towards SHA-256 hashes instead of MD5.Eelco Dolstra1-0/+1
* Start cleaning up unique store path generation (they weren't always unique; in particular the suffix ("-aterm-2.2", "-builder.sh") was not part of the hash, therefore changes to the suffix would cause multiple store objects with the same hash).
2005-01-14 * Add SHA-256.Eelco Dolstra1-0/+6
* Tests for the various hashes.
2005-01-13 * Added SHA-1 support. `nix-hash' now has an option `--type sha1' toEelco Dolstra1-17/+70
select SHA-1 hashing.
2005-01-13 * Refactoring to support SHA-1.Eelco Dolstra1-8/+12
2003-11-18 * Source tree refactoring.Eelco Dolstra1-0/+124