Ver a proveniência

daemon: Install 'authenticate' script under LIBEXECDIR/guix.

That way it is handled in the same way as other helper scripts.

* nix/scripts/guix-authenticate.in: Rename to...
* nix/scripts/authenticate.in: ... this.
* config-daemon.ac: Adjust accordingly.
* nix/local.mk (libstore_a_CPPFLAGS): Remove -DOPENSSL_PATH.
(nodist_libexec_SCRIPTS): Remove.
(nodist_pkglibexec_SCRIPTS): New variable.
* nix/nix-daemon/guix-daemon.cc (main): Remove 'setenv' call for
"PATH".
* nix/libstore/local-store.cc (runAuthenticationProgram): New function.
(LocalStore::exportPath, LocalStore::importPath): Use it instead of
'runProgram' and OPENSSL_PATH.
gn-latest-20200428
Ludovic Courtès há 2 anos
ascendente
cometimento
0fe1fba4af
Não foi encontrada uma chave conhecida para esta assinatura, na base de dados ID da chave GPG: 90B11993D9AEBB5
5 ficheiros alterados com 19 adições e 21 eliminações
  1. +2
    -2
      config-daemon.ac
  2. +15
    -2
      nix/libstore/local-store.cc
  3. +2
    -5
      nix/local.mk
  4. +0
    -12
      nix/nix-daemon/guix-daemon.cc
  5. +0
    -0
      nix/scripts/authenticate.in

+ 2
- 2
config-daemon.ac Ver ficheiro

@@ -163,8 +163,8 @@ if test "x$guix_build_daemon" = "xyes"; then
[chmod +x nix/scripts/download])
AC_CONFIG_FILES([nix/scripts/substitute],
[chmod +x nix/scripts/substitute])
AC_CONFIG_FILES([nix/scripts/guix-authenticate],
[chmod +x nix/scripts/guix-authenticate])
AC_CONFIG_FILES([nix/scripts/authenticate],
[chmod +x nix/scripts/authenticate])
AC_CONFIG_FILES([nix/scripts/offload],
[chmod +x nix/scripts/offload])
fi


+ 15
- 2
nix/libstore/local-store.cc Ver ficheiro

@@ -1222,6 +1222,18 @@ static void checkSecrecy(const Path & path)
}


static std::string runAuthenticationProgram(const Strings & args)
{
/* Use the 'authenticate' script from 'LIBEXECDIR/guix' or just
'LIBEXECDIR', depending on whether we're uninstalled or not. */
const bool installed = getenv("GUIX_UNINSTALLED") == NULL;
const string program = settings.nixLibexecDir
+ (installed ? "/guix" : "")
+ "/authenticate";

return runProgram(program, false, args);
}

void LocalStore::exportPath(const Path & path, bool sign,
Sink & sink)
{
@@ -1276,7 +1288,8 @@ void LocalStore::exportPath(const Path & path, bool sign,
args.push_back(secretKey);
args.push_back("-in");
args.push_back(hashFile);
string signature = runProgram(OPENSSL_PATH, true, args);

string signature = runAuthenticationProgram(args);

writeString(signature, hashAndWriteSink);

@@ -1366,7 +1379,7 @@ Path LocalStore::importPath(bool requireSignature, Source & source)
args.push_back("-pubin");
args.push_back("-in");
args.push_back(sigFile);
string hash2 = runProgram(OPENSSL_PATH, true, args);
string hash2 = runAuthenticationProgram(args);

/* Note: runProgram() throws an exception if the signature
is invalid. */


+ 2
- 5
nix/local.mk Ver ficheiro

@@ -113,7 +113,6 @@ libstore_a_CPPFLAGS = \
-DGUIX_CONFIGURATION_DIRECTORY=\"$(sysconfdir)/guix\" \
-DNIX_LIBEXEC_DIR=\"$(libexecdir)\" \
-DNIX_BIN_DIR=\"$(bindir)\" \
-DOPENSSL_PATH="\"guix-authenticate\"" \
-DDEFAULT_CHROOT_DIRS="\"\""

libstore_a_CXXFLAGS = $(AM_CXXFLAGS) \
@@ -168,10 +167,8 @@ nodist_pkglibexec_SCRIPTS += \

endif BUILD_DAEMON_OFFLOAD


# XXX: It'd be better to hide it in $(pkglibexecdir).
nodist_libexec_SCRIPTS = \
%D%/scripts/guix-authenticate
nodist_pkglibexec_SCRIPTS += \
%D%/scripts/authenticate

# The '.service' files for systemd.
systemdservicedir = $(libdir)/systemd/system


+ 0
- 12
nix/nix-daemon/guix-daemon.cc Ver ficheiro

@@ -466,18 +466,6 @@ main (int argc, char *argv[])
{
settings.processEnvironment ();

/* Hackily help 'local-store.cc' find our 'guix-authenticate' program, which
is known as 'OPENSSL_PATH' here. */
std::string search_path;
search_path = settings.nixLibexecDir;
if (getenv ("PATH") != NULL)
{
search_path += ":";
search_path += getenv ("PATH");
}

setenv ("PATH", search_path.c_str (), 1);

/* Use our substituter by default. */
settings.substituters.clear ();
settings.set ("build-use-substitutes", "true");


nix/scripts/guix-authenticate.in → nix/scripts/authenticate.in Ver ficheiro


Carregando…
Cancelar
Guardar