From d0f5719c2a2e5a0eea49dc072b26e7d161564bbb Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Tue, 5 Apr 2016 15:30:22 +0200
Subject: Add "nix copy-sigs" command

This imports signatures from one store into another. E.g.

  $ nix copy-sigs -r /run/current-system -s https://cache.nixos.org/
  imported 595 signatures
---
 src/libstore/binary-cache-store.hh |  3 +++
 src/libstore/local-store.cc        | 22 +++++++++++++++++++---
 src/libstore/local-store.hh        |  2 ++
 src/libstore/remote-store.cc       |  9 +++++++++
 src/libstore/remote-store.hh       |  2 ++
 src/libstore/store-api.hh          |  4 ++++
 src/libstore/worker-protocol.hh    |  1 +
 7 files changed, 40 insertions(+), 3 deletions(-)

(limited to 'src/libstore')

diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/binary-cache-store.hh
index de6941561d5e..0020f89eee49 100644
--- a/src/libstore/binary-cache-store.hh
+++ b/src/libstore/binary-cache-store.hh
@@ -170,6 +170,9 @@ public:
 
     ref<FSAccessor> getFSAccessor() override;
 
+    void addSignatures(const Path & storePath, const StringSet & sigs)
+    { notImpl(); }
+
 };
 
 }
diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc
index 9b961b1924a6..28e340af7a5e 100644
--- a/src/libstore/local-store.cc
+++ b/src/libstore/local-store.cc
@@ -312,7 +312,7 @@ void LocalStore::openDB(bool create)
     stmtRegisterValidPath.create(db,
         "insert into ValidPaths (path, hash, registrationTime, deriver, narSize, ultimate) values (?, ?, ?, ?, ?, ?);");
     stmtUpdatePathInfo.create(db,
-        "update ValidPaths set narSize = ?, hash = ?, ultimate = ? where path = ?;");
+        "update ValidPaths set narSize = ?, hash = ?, ultimate = ?, sigs = ? where path = ?;");
     stmtAddReference.create(db,
         "insert or replace into Refs (referrer, reference) values (?, ?);");
     stmtQueryPathInfo.create(db,
@@ -683,14 +683,14 @@ ValidPathInfo LocalStore::queryPathInfo(const Path & path)
 }
 
 
-/* Update path info in the database.  Currently only updates the
-   narSize field. */
+/* Update path info in the database. */
 void LocalStore::updatePathInfo(const ValidPathInfo & info)
 {
     stmtUpdatePathInfo.use()
         (info.narSize, info.narSize != 0)
         ("sha256:" + printHash(info.narHash))
         (info.ultimate ? 1 : 0, info.ultimate)
+        (concatStringsSep(" ", info.sigs), !info.sigs.empty())
         (info.path)
         .exec();
 }
@@ -1694,4 +1694,20 @@ void LocalStore::vacuumDB()
 }
 
 
+void LocalStore::addSignatures(const Path & storePath, const StringSet & sigs)
+{
+    retrySQLite<void>([&]() {
+        SQLiteTxn txn(db);
+
+        auto info = queryPathInfo(storePath);
+
+        info.sigs.insert(sigs.begin(), sigs.end());
+
+        updatePathInfo(info);
+
+        txn.commit();
+    });
+}
+
+
 }
diff --git a/src/libstore/local-store.hh b/src/libstore/local-store.hh
index e90894277e92..ec8146e68b79 100644
--- a/src/libstore/local-store.hh
+++ b/src/libstore/local-store.hh
@@ -182,6 +182,8 @@ public:
 
     void setSubstituterEnv();
 
+    void addSignatures(const Path & storePath, const StringSet & sigs) override;
+
 private:
 
     Path schemaPath;
diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc
index 7893f2a4c3cc..4d5d689dc7f9 100644
--- a/src/libstore/remote-store.cc
+++ b/src/libstore/remote-store.cc
@@ -554,6 +554,15 @@ bool RemoteStore::verifyStore(bool checkContents, bool repair)
 }
 
 
+void RemoteStore::addSignatures(const Path & storePath, const StringSet & sigs)
+{
+    auto conn(connections->get());
+    conn->to << wopAddSignatures << storePath << sigs;
+    conn->processStderr();
+    readInt(conn->from);
+}
+
+
 RemoteStore::Connection::~Connection()
 {
     try {
diff --git a/src/libstore/remote-store.hh b/src/libstore/remote-store.hh
index 85c8292c7698..cede4d332f88 100644
--- a/src/libstore/remote-store.hh
+++ b/src/libstore/remote-store.hh
@@ -93,6 +93,8 @@ public:
 
     bool verifyStore(bool checkContents, bool repair) override;
 
+    void addSignatures(const Path & storePath, const StringSet & sigs) override;
+
 private:
 
     struct Connection
diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh
index 7c6e4c0795ed..4ea360b9d17a 100644
--- a/src/libstore/store-api.hh
+++ b/src/libstore/store-api.hh
@@ -346,6 +346,10 @@ public:
     /* Return an object to access files in the Nix store. */
     virtual ref<FSAccessor> getFSAccessor() = 0;
 
+    /* Add signatures to the specified store path. The signatures are
+       not verified. */
+    virtual void addSignatures(const Path & storePath, const StringSet & sigs) = 0;
+
     /* Utility functions. */
 
     /* Read a derivation, after ensuring its existence through
diff --git a/src/libstore/worker-protocol.hh b/src/libstore/worker-protocol.hh
index 4f60c3adcf5f..c10598d5d301 100644
--- a/src/libstore/worker-protocol.hh
+++ b/src/libstore/worker-protocol.hh
@@ -45,6 +45,7 @@ typedef enum {
     wopOptimiseStore = 34,
     wopVerifyStore = 35,
     wopBuildDerivation = 36,
+    wopAddSignatures = 37,
 } WorkerOp;
 
 
-- 
cgit 1.4.1