Split comment, match with each variable

1 files changed, 5 insertions, 18 deletions

diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc
index 7366a7c27..323e04fdb 100644
--- a/src/build-remote/build-remote.cc
+++ b/src/build-remote/build-remote.cc
@@ -291,32 +291,19 @@ connected:
 
         std::optional<BuildResult> optResult;
 
-        // Let's break this down
-        //
-        // ### Trust part
-        //
-        // ```
-        // std::optional trust = sshStore->isTrustedClient(); (!trust || *trust)
-        // ```
-        //
         // If we don't know whether we are trusted (e.g. `ssh://`
         // stores), we assume we are. This is necessary for backwards
         // compat.
-        //
-        // ### Content-addressing part
-        //
-        // ```
-        // ...trustCond... || drv.type().isCA()
-        // ```
-        //
+        bool trustedOrLegacy = ({
+            std::optional trusted = sshStore->isTrustedClient();
+            !trusted || *trusted;
+        });
+
         // See the very large comment in `case wopBuildDerivation:` in
         // `src/libstore/daemon.cc` that explains the trust model here.
         //
         // This condition mirrors that: that code enforces the "rules" outlined there;
         // we do the best we can given those "rules".
-        std::optional trusted = sshStore->isTrustedClient();
-        // for backward compatibility (use existing comments here)
-        bool trustedOrLegacy = !trusted || *trusted;
         if (trustedOrLegacy || drv.type().isCA())  {
             // Hijack the inputs paths of the derivation to include all
             // the paths that come from the `inputDrvs` set. We don’t do