Add `Store::isTrustedClient()`

This function returns true or false depending on whether the Nix client is trusted or not. Mostly relevant when speaking to a remote store with a daemon. We include this information in `nix ping store` and `nix doctor` Co-Authored-By: John Ericson <John.Ericson@Obsidian.Systems>
author: matthewcroughan <matt@croughan.sh> 2022-12-26 20:21:08 +0000
committer: John Ericson <John.Ericson@Obsidian.Systems> 2023-04-06 19:59:57 -0400
commit: 9207f945822764a041a485009759f0a895468e94 (patch)
tree: 8eb60530be71b451d588d493dde52efe86ea30ff /src/libstore/http-binary-cache-store.cc
parent: 91856396317995aa38dc7244357596b8de27f937 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc
index 238fd1d98..85c5eed4c 100644
--- a/src/libstore/http-binary-cache-store.cc
+++ b/src/libstore/http-binary-cache-store.cc
@@ -194,6 +194,18 @@ protected:
             }});
     }
 
+    /**
+     * This isn't actually necessary read only. We support "upsert" now, so we
+     * have a notion of authentication via HTTP POST/PUT.
+     *
+     * For now, we conservatively say we don't know.
+     *
+     * \todo try to expose our HTTP authentication status.
+     */
+    std::optional<TrustedFlag> isTrustedClient() override
+    {
+        return std::nullopt;
+    }
 };
 
 static RegisterStoreImplementation<HttpBinaryCacheStore, HttpBinaryCacheStoreConfig> regHttpBinaryCacheStore;
author	matthewcroughan <matt@croughan.sh>	2022-12-26 20:21:08 +0000
committer	John Ericson <John.Ericson@Obsidian.Systems>	2023-04-06 19:59:57 -0400
commit	9207f945822764a041a485009759f0a895468e94 (patch)
tree	8eb60530be71b451d588d493dde52efe86ea30ff /src/libstore/http-binary-cache-store.cc
parent	91856396317995aa38dc7244357596b8de27f937 (diff)