about summary refs log tree commit diff
path: root/src/libutil
AgeCommit message (Collapse)AuthorFilesLines
2015-02-04 Use libsodium instead of OpenSSL for binary cache signingEelco Dolstra2-7/+20
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key.
2015-02-03 Simplify parseHash32Eelco Dolstra1-37/+10
2015-02-03 Simplify printHash32Eelco Dolstra1-35/+17
2015-01-02 libutil: Limit readLink() error to only overflows.aszlig1-2/+2
Let's not just improve the error message itself, but also the behaviour to actually work around the ntfs-3g symlink bug. If the readlink() call returns a smaller size than the stat() call, this really isn't a problem even if the symlink target really has changed between the calls. So if stat() reports the size for the absolute path, it's most likely that the relative path is smaller and thus it should also work for file system bugs as mentioned in 93002d69fc58c2b71e2dfad202139230c630c53a. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Tested-by: John Ericson <Ericson2314@Yahoo.com>
2015-01-02 libutil: Improve errmsg on readLink size mismatch.aszlig1-1/+5
A message like "error: reading symbolic link `...' : Success" really is quite confusing, so let's not indicate "success" but rather point out the real issue. We could also limit the check of this to just check for non-negative values, but this would introduce a race condition between stat() and readlink() if the link target changes between those two calls, thus leading to a buffer overflow vulnerability. Reported by @Ericson2314 on IRC. Happened due to a possible ntfs-3g bug where a relative symlink returned the absolute path (st_)size in stat() while readlink() returned the relative size. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Tested-by: John Ericson <Ericson2314@Yahoo.com>
2014-12-14 PedantryEelco Dolstra1-1/+1
2014-12-14 Merge branch 'cygwin-master' of https://github.com/ternaris/nixEelco Dolstra1-0/+1
2014-12-12 Fix some memory leaksEelco Dolstra2-6/+18
2014-12-12 Ensure we're writing to stderr in the builderEelco Dolstra2-12/+14
http://hydra.nixos.org/build/17862041
2014-12-12 DohEelco Dolstra1-2/+2
2014-12-10 Don't do vfork in conjunction with setuidEelco Dolstra1-0/+3
2014-12-10 Use vforkEelco Dolstra2-10/+33
2014-12-10 Revert "Use posix_spawn to run the pager"Eelco Dolstra2-9/+2
This reverts commit d34d2b2bbf784c0bb420a50905af25e02c6e4989.
2014-12-09 Explicitly include required C headersMarko Durkovic1-0/+1
2014-12-05 Use posix_spawn to run the pagerEelco Dolstra2-2/+9
In low memory environments, "nix-env -qa" failed because the fork to run the pager hit the kernel's overcommit limits. Using posix_spawn gets around this. (Actually, you have to use posix_spawn with the undocumented POSIX_SPAWN_USEVFORK flag, otherwise it just uses fork/exec...)
2014-11-25 Add a primop for regular expression pattern matchingEelco Dolstra2-4/+28
The function ‘builtins.match’ takes a POSIX extended regular expression and an arbitrary string. It returns ‘null’ if the string does not match the regular expression. Otherwise, it returns a list containing substring matches corresponding to parenthesis groups in the regex. The regex must match the entire string (i.e. there is an implied "^<pat>$" around the regex). For example: match "foo" "foobar" => null match "foo" "foo" => [] match "f(o+)(.*)" "foooobar" => ["oooo" "bar"] match "(.*/)?([^/]*)" "/dir/file.nix" => ["/dir/" "file.nix"] match "(.*/)?([^/]*)" "file.nix" => [null "file.nix"] The following example finds all regular files with extension .nix or .patch underneath the current directory: let findFiles = pat: dir: concatLists (mapAttrsToList (name: type: if type == "directory" then findFiles pat (dir + "/" + name) else if type == "regular" && match pat name != null then [(dir + "/" + name)] else []) (readDir dir)); in findFiles ".*\\.(nix|patch)" (toString ./.)
2014-11-19 nix-daemon: Call exit(), not _exit()Eelco Dolstra2-3/+6
This was preventing destructors from running. In particular, it was preventing the deletion of the temproot file for each worker process. It may also have been responsible for the excessive WAL growth on Hydra (due to the SQLite database not being closed properly). Apparently broken by accident in 8e9140cfdef9dbd1eb61e4c75c91d452ab5e4a74.
2014-10-20 Fix build on gcc < 4.7Shea Levy1-0/+13
2014-10-20 Revert "Drop support for pre-c++11 compilers."Shea Levy1-1/+2
The breakage this fixed can be worked around without removing support. This reverts commit 84a13dc576496f1227665259c61f86184f452f51.
2014-10-18 Drop support for pre-c++11 compilers.Shea Levy1-2/+1
In particular, gcc 4.6's std::exception::~exception has an exception specification in c++0x mode, which requires us to use that deprecated feature in nix (and led to breakage after some recent changes that were valid c++11). nix already uses several c++11 features and gcc 4.7 has been around for over 2 years.
2014-10-03 Remove some duplicate codeEelco Dolstra2-0/+12
2014-10-03 nix-env: Add regular expression support in selectorsEelco Dolstra2-0/+55
So you can now do things like: $ nix-env -qa '.*zip.*' $ nix-env -qa '.*(firefox|chromium).*'
2014-10-03 createDirs(): Handle ‘path’ being a symlinkEelco Dolstra1-0/+3
In particular, this fixes "nix-build -o /tmp/result" on Mac OS X (where /tmp is a symlink).
2014-09-19 Remove bogus commentEelco Dolstra1-1/+0
2014-08-21 Use PR_SET_PDEATHSIG to ensure child cleanupEelco Dolstra2-2/+12
2014-08-20 Use proper quotes everywhereEelco Dolstra3-42/+42
2014-08-20 Add some colorEelco Dolstra2-0/+47
2014-08-20 nix-store -l: Automatically pipe output into $PAGEREelco Dolstra1-2/+2
2014-08-04 Get rid of "killing <pid>" message for unused build hooksEelco Dolstra2-3/+4
2014-08-01 Call commonChildInit() before doing chroot initEelco Dolstra1-8/+10
This ensures that daemon clients see error messages from the chroot setup.
2014-08-01 Eliminate redundant copyEelco Dolstra2-1/+3
2014-08-01 Make readDirectory() return inode / file typeEelco Dolstra3-17/+24
2014-07-31 Restore default SIGPIPE handler before invoking ‘man’Eelco Dolstra2-0/+14
Fixes NixOS/nixpkgs#3410.
2014-07-24 Use pthread_cancel instead of a signalEelco Dolstra1-5/+2
Signal handlers are process-wide, so sending SIGINT to the monitor thread will cause the normal SIGINT handler to run. This sets the isInterrupted flag, which is not what we want. So use pthread_cancel instead.
2014-07-24 Fix bogus pass by referenceEelco Dolstra1-6/+1
http://hydra.nixos.org/build/12711659
2014-07-24 More debuggingEelco Dolstra1-0/+1
2014-07-24 Add some assertionsEelco Dolstra1-0/+6
2014-07-23 nix-daemon: Simplify stderr handlingEelco Dolstra1-0/+1
2014-07-23 nix-daemon: Use a thread instead of SIGPOLL to catch client disconnectsEelco Dolstra1-0/+43
The thread calls poll() to wait until a HUP (or other error event) happens on the client connection. If so, it sends SIGINT to the main thread, which is then cleaned up normally. This is much nicer than messing around with SIGPOLL.
2014-07-23 startProcess: Make writing error messages from the child more robustEelco Dolstra1-2/+4
2014-07-18 Better fix for strcasecmp on DarwinEelco Dolstra1-3/+1
2014-07-17 Ugly hack to fix building on old DarwinEelco Dolstra1-0/+3
http://hydra.nixos.org/build/12580878
2014-07-16 Get rid of a compiler warningEelco Dolstra1-1/+2
2014-07-16 Be more strict about file names in NARsEelco Dolstra1-1/+6
2014-07-16 Handle case collisions on case-insensitive systemsEelco Dolstra2-75/+100
When running NixOps under Mac OS X, we need to be able to import store paths built on Linux into the local Nix store. However, HFS+ is usually case-insensitive, so if there are directories with file names that differ only in case, then importing will fail. The solution is to add a suffix ("~nix~case~hack~<integer>") to colliding files. For instance, if we have a directory containing xt_CONNMARK.h and xt_connmark.h, then the latter will be renamed to "xt_connmark.h~nix~case~hack~1". If a store path is dumped as a NAR, the suffixes are removed. Thus, importing and exporting via a case-insensitive Nix store is round-tripping. So when NixOps calls nix-copy-closure to copy the path to a Linux machine, you get the original file names back. Closes #119.
2014-07-10 Fix broken Pid constructorEelco Dolstra1-5/+2
2014-07-10 Refactoring: Move all fork handling into a higher-order functionEelco Dolstra2-54/+60
C++11 lambdas ftw.
2014-07-10 Remove maybeVforkEelco Dolstra2-11/+1
2014-07-09 Fix compilation error on some versions of GCCEelco Dolstra1-2/+2
src/libexpr/primops.cc:42:8: error: looser throw specifier for 'virtual nix::InvalidPathError::~InvalidPathError()' src/libexpr/nixexpr.hh:12:1: error: overriding 'virtual nix::EvalError::~EvalError() noexcept (true)' http://hydra.nixos.org/build/12385750
2014-06-12 Don't use member initialisersEelco Dolstra1-4/+4
They're a little bit too recent (only supported since GCC 4.7). http://hydra.nixos.org/build/11851475