about summary refs log tree commit diff
path: root/tvix/nix-compat/src
AgeCommit message (Collapse)AuthorFilesLines
2023-11-28 r/7084 feat(nix-compat/narinfo): add PubKey::verify(fp, sig)Florian Klink1-0/+32
This makes it easy for each PubKey to check if a given Signature is correct for a given fingerprint. Change-Id: I56e6211d133f74f390fd1ae3ae799eef12221904 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10151 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-28 r/7083 feat(nix-compat/narinfo): add PubKeyFlorian Klink2-0/+119
This represents a ed25519 public key and "name". These are normally passed in the `trusted-public-keys` Nix config option, and consist of a name and base64-encoded ed25519 pubkey, separated by a `:`. Change-Id: I9ab4b3e0e5821805ea6faf2499626630fc5a3f0a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10150 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-11-28 r/7082 refactor(nix-compat/narinfo/signature): rename Error typeFlorian Klink2-9/+7
Just call this Error, we can infer from the package what error this is. Change-Id: I5df25d2873ec739c49c08804f35562c84c222e06 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10149 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-11-27 r/7075 fix(nix-compat/narinfo/signature): validate name fieldFlorian Klink1-2/+15
We should restrict this to alphanumeric mostly, and we definitely don't want newlines. Not entirely sure about the exact additionally allowed characters outside of alphanumeric, but this can always be extended further. Change-Id: I1357e79e553f2df2fa97792889f63f0f35d50ed5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10147 Reviewed-by: edef <edef@edef.eu> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2023-11-27 r/7074 fix(nix-compat/narinfo): don't panic trying to parse signaturesFlorian Klink1-6/+13
BASE64.decode_mut panics if we're passing data that has the wrong size. Do the size check first and error out there. Also update the error, and talk about b64-encoded sizes. Change-Id: I290f80a37d48526a30bf1df9d1d9fe34865008eb Reviewed-on: https://cl.tvl.fyi/c/depot/+/10146 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de>
2023-11-27 r/7073 refactor(nix-compat): use ed25519_dalek::SIGNATURE_LENGTHFlorian Klink1-8/+9
No need to hardcode magic numbers here, we have a constant for that. Change-Id: I67b671c0c4bb7c3bfb001e9c36499f31873ee717 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10145 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-25 r/7064 fix(tvix): ensure PartialOrd/Ord agree for StorePath & NixStringVincent Ambo1-1/+1
This fixes a *future* clippy lint: https://rust-lang.github.io/rust-clippy/master/index.html#/incorrect_partial_ord_impl_on_ord_type In essence, because the implementation of *both* Ord and PartialOrd implies that ordering is not partial, all results of PartialOrd should simply be those of Ord. This is to avoid subtle bugs in future refactorings. Change-Id: I8fc6694010208752dd47746a2aaaeca0c788d574 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10109 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-22 r/7050 feat(nix-compat/narinfo/signature): add new() constructorFlorian Klink1-0/+5
This is useful when creating a new Signature struct where the individual elements are already parsed. Change-Id: Ie33c66287641951e7a030aaa1e7ff0a86b2628ac Reviewed-on: https://cl.tvl.fyi/c/depot/+/10111 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-22 r/7047 refactor(tvix/nix-compat): move from_name_and_digest to StorePathRefFlorian Klink1-8/+8
We can simply use .to_owned() on that thing afterwards if we want to construct an owned StorePath. Change-Id: I0f3e2e4434b99ee522f2a7dbfa391e13a987479c Reviewed-on: https://cl.tvl.fyi/c/depot/+/10105 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: edef <edef@edef.eu> Tested-by: BuildkiteCI
2023-11-22 r/7046 feat(nix-compat/narinfo): drop .drv from Narinfo.deriver fieldFlorian Klink1-12/+15
We always know this needs to end with a .drv, and fail parsing if it doesn't, so there's no need to hang onto these 4 bytes. This will make it much easier to synthesize a NarInfo<'_> later on from a PathInfo proto, because we don't have to make this ".drv" appear out of thin air. Change-Id: Id95e7fd937d7c9a420a39b5a4bab73985640ca3b Reviewed-on: https://cl.tvl.fyi/c/depot/+/10084 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Reviewed-by: raitobezarius <tvl@lahfa.xyz> Autosubmit: flokli <flokli@flokli.de>
2023-11-22 r/7045 refactor(tvix/nix-compat): cleanup parse_{ca,hash} and fmt structsFlorian Klink6-97/+83
These were used to format to and parse from strings. Move this to the CAHash and NixHash structs directly, and be explicit in the name about which encoding for digests is used. For output path calculation, nix encodes the nixpaths in hex, but for writing out NARInfos, it's using nixbase32. Change-Id: Ia585a76a3811b2609e7ce259fda66a29403b7e07 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10079 Reviewed-by: raitobezarius <tvl@lahfa.xyz> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2023-11-19 r/7043 feat(tvix/nix-compat/narinfo): add fingerprintFlorian Klink2-0/+64
This adds support to compute the fingerprint string, which is what's ed25519-signed in binary caches. Change-Id: I8947239c609896acfd7261f110450014bedf465a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10080 Reviewed-by: raitobezarius <tvl@lahfa.xyz> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-19 r/7042 feat(tvix/nix-compat): add narinfo::Signature::verifyFlorian Klink1-0/+54
This adds support for verifying signatures found in NARInfo files. This still needs to be hooked together with the nix+http[s] backend. Change-Id: Ic1c8ddbdecfb05cefca2492808388b0f7f3f2637 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10081 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: raitobezarius <tvl@lahfa.xyz> Tested-by: BuildkiteCI
2023-11-19 r/7040 refactor(nix-compat/narinfo): move signature into separate fileFlorian Klink2-52/+59
Change-Id: Ic257475e2afebf059c5317c1cc5b04ba63d5d318 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10078 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 r/7039 refactor(tvix/nix-compat): move narinfo into separate modFlorian Klink1-2/+4
Change-Id: Id85f979e46946da0345483cbbc6de3dd29c94c63 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10077 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 r/7035 feat(nix-compat/nar/reader): provide passthrough buffered I/Oedef1-13/+75
Allow taking advantage of the buffer of the underlying reader to avoid unnecessary copies of file data. We can't easily implement the methods of BufRead directly, since we have some extra I/O to perform in the final consume() invocation. That could be resolved at the cost of additional bookkeeping, but this will suffice for now. Change-Id: I8100cf0abd79e7469670b8596bd989be5db44a91 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10089 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-19 r/7034 fix(nix-compat/nar/reader): require BufReadedef1-2/+2
We rely on being able to make small reads cheaply, so this was already an implicit practical requirement. Requiring it explicitly removes a performance footgun, and makes further optimisations possible. Change-Id: I7f65880a41b1d6b5e6bf2e52dfe47d4c49b34bcd Reviewed-on: https://cl.tvl.fyi/c/depot/+/10088 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-19 r/7033 fix(nix-compat/store_path): valid names ⊊ UTF-8edef1-1/+2
We don't need to validate UTF-8 separately, since valid names are a strict subset of ASCII, and therefore a strict subset of UTF-8. Change-Id: I3261bf0efe3480b5b315074efafcf5e47a6c5a65 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10087 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
2023-11-18 r/7028 refactor(tvix/nix-compat): no impl <StorePathRef<'_>> for StorePathFlorian Klink1-10/+8
This suggests it's cheap to convert around, but name actually does allocate. Move to a `to_owned(&self) -> StorePath`, to better signal that this does allocate. Change-Id: Ifaf7c21599e2a467d06e2b4ae1364228370275db Reviewed-on: https://cl.tvl.fyi/c/depot/+/10066 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: raitobezarius <tvl@lahfa.xyz> Tested-by: BuildkiteCI
2023-11-10 r/6987 chore(nix-compat/store_path): use hex_literaledef1-8/+6
Change-Id: Id093a0131aa7e3ac532daffbf5a883ca213c83ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/9996 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-10 r/6986 feat(nix-compat/narinfo): turn flags into bitfieldsedef1-21/+24
Change-Id: I8b95723444013e97bc6ec8d282c7135b1aede114 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9987 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-10 r/6985 feat(nix-compat/narinfo): permit out-of-order referencesedef1-10/+45
This appears in the cache.nixos.org dataset. Change-Id: I2eadafe8441e0132a448828026553da2dc7c12aa Reviewed-on: https://cl.tvl.fyi/c/depot/+/9994 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-10 r/6984 feat(nix-compat/narinfo): accept hex-encoded NarHashedef1-3/+40
This appears in the cache.nixos.org dataset. Change-Id: I35921f7ef148f6681081a4e371abb8c9cc98854d Reviewed-on: https://cl.tvl.fyi/c/depot/+/9993 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-10 r/6983 feat(nix-compat/nixbase32): use data_encoding::DecodeErroredef4-30/+28
Rather than having our own error type, just make decoding errors use the same common error type. Change-Id: Ie2c86972f3745c695253adc3214444ac0ab8db6e Reviewed-on: https://cl.tvl.fyi/c/depot/+/9995 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-10 r/6982 feat(nix-compat/narinfo): default compression to bzip2edef1-2/+36
Change-Id: Ibdebc0a69672c00026c8748b93fcd2a83a0e69a5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9992 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-10 r/6981 feat(nix-compat/narinfo): track presence of unknown fieldsedef1-1/+5
Change-Id: Ia3f8a86209a0045ff98322b56a21ae20220fbe99 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9991 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-10 r/6980 feat(nix-compat/narinfo): permit non-SHA256 CAHash::Naredef1-3/+28
This appears in the cache.nixos.org dataset. Change-Id: I055b60b9950a1a6a36c1b0576b957e11e1d4264b Reviewed-on: https://cl.tvl.fyi/c/depot/+/9990 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-07 r/6971 feat(tvix/nix-compat): add drvfmtFlorian Klink1-0/+41
This small tool formats A-Term in a more readable format. It's a lossy conversion for non-valid UTF-8 environment values. Change-Id: I65a51054d7faf528321bc2d9fc4425180a7813f5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9970 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
2023-11-05 r/6956 refactor(tvix/nix-compat): check presence with btree_map's entry APIVincent Ambo1-8/+9
Walking a btree_map twice is more expensive than copying a string, especially because the cloning only happens in the (non-hot) error path. This fixes a clippy lint, so it's related to b/321. Change-Id: I2ccfd0bc46792a45d277f47564e595b87107d8be Reviewed-on: https://cl.tvl.fyi/c/depot/+/9962 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-11-05 r/6955 chore(tvix): fix trivial clippy lintsVincent Ambo2-4/+4
Relates to b/321. Change-Id: I37284f89b186e469eb432e2bbedb37aa125a6ad4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9961 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: tazjin <tazjin@tvl.su>
2023-11-05 r/6950 refactor(tvix/nix-compat): remove unused importsFlorian Klink1-2/+1
Change-Id: I64523df2344233d9e424812d94b1c7ed2ecb1a74 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9956 Tested-by: BuildkiteCI Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-05 r/6949 refactor(tvix/nix-compat): use matches! macroFlorian Klink1-5/+1
Flagged by ``#[warn(clippy::match_like_matches_macro)]`.` Change-Id: If07109e5ec01b05df898119f9a577196dfe11b37 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9955 Tested-by: BuildkiteCI Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-05 r/6948 refactor(tvix/nix-compat): drop useless try_into().expect()Florian Klink1-1/+1
This already has the right type. Change-Id: I8f5850a41f9e97f1bc5f2a45ca05cf7439665c9d Reviewed-on: https://cl.tvl.fyi/c/depot/+/9954 Reviewed-by: raitobezarius <tvl@lahfa.xyz> Tested-by: BuildkiteCI
2023-11-04 r/6940 fix(nix-compat/nixbase32): mark encode_len/decode_len constedef2-10/+3
Change-Id: Ib688bbb37cd54cfcd01e5cb3a8c376414ee8311e Reviewed-on: https://cl.tvl.fyi/c/depot/+/9926 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-04 r/6939 refactor(tvix/glue): move builtins into separate directoryFlorian Klink1-0/+1
Change-Id: I25b7197458dbfbde8623545dc0a0286eb2744f10 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9911 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-10-28 r/6902 fix(nix-compat/narinfo): don't allocate errors earlyedef1-11/+12
We also switch the MissingField error to &'static str, since we only parse a fixed set of fields. Together, this makes the performance impact of error handling negligible in batch happy-path parsing. Change-Id: I2bd0ef2f5b35fcaced56b32d238eca75ac199ef1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9867 Reviewed-by: flokli <flokli@flokli.de> Autosubmit: edef <edef@edef.eu> Tested-by: BuildkiteCI
2023-10-28 r/6900 refactor(tvix/nix-compat/narinfo): return errorsFlorian Klink1-45/+127
This provides more info about where a NARInfo failed to parse, rather than just returning None and leaving a library user to manually debug. Change-Id: I9a28ddd8e5712101483ebe686fdc474c7bbc8e4e Reviewed-on: https://cl.tvl.fyi/c/depot/+/9831 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-10-28 r/6899 refactor(nix-compat/nixbase32): clean up encodeedef1-16/+15
Change-Id: I63da5bd47cd9033e1cc13fbe4b4864514a5343cb Reviewed-on: https://cl.tvl.fyi/c/depot/+/9865 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6898 fix(nix-compat/nar/writer): `use ByteSlice` closer to call siteedef2-2/+2
Otherwise, it'll generate unused import warnings in release mode. Change-Id: I0399d2617a8a8b973a2b8c18f4a0a613d70c48f5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9864 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6897 feat(tvix/nix-compat): add narinfo parsing and serialisationedef3-1/+407
Change-Id: I72c63414794642ca8d85c3f635f49db888420c40 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9852 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6896 refactor(nix-compat/store_path): use nixbase32::decode_fixededef1-4/+2
Change-Id: I81471ee57920aa8fa889fb00c7903cdc570af9c5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9863 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6895 feat(nix-compat/store_path): add StorePathRefedef1-22/+72
Change-Id: I0d888a55d93e5c22e77cb0264d09757656f731d7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9862 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-10-27 r/6893 refactor(tvix): turn nullary enum variants into unit variantsedef2-16/+16
Change-Id: Iad4f2cb4aa92b5bb29ead6050348a8cd3e7b8632 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9860 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6892 refactor(nix-compat/store_path): speed up validate_name fast pathedef1-12/+39
Change-Id: Ie50b29145804777f7644952c65cb42519a8565e3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9859 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6891 feat(nix-compat/store_path): validate_name takes AsRef<[u8]>edef2-3/+4
Change-Id: I8819e2a7b63008a68f4f82035a08b960ac480dc3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9858 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6890 feat(nix-compat/store_path): validate_name over borrowed dataedef2-6/+10
Change-Id: Ifeb6231f48d4ad267a7acd398b4b3b687ee4d560 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9857 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6889 refactor(nix-compat/store_path): don't materialise fingerprintedef1-8/+9
Change-Id: I6a88531ded05c0dfb9232a0343a465fa02fb6989 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9856 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6888 refactor(nix-compat/store_path): make digest and name privateedef1-10/+12
Change-Id: I62cbe883afcf3dd0c8d4de0e3b845069eb750c97 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9855 Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-10-27 r/6887 fix(tvix/nix-compat): validate store path name lengthedef1-2/+13
Change-Id: I89ac0ad147a1872c021ab4235ca46ef3f51d0446 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9854 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-10-27 r/6886 fix(tvix/nix-compat): don't box CAHash::Textedef3-14/+9
Change-Id: I31df3909bc21c9038f9fb831879e60e541242819 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9853 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>