aboutsummaryrefslogtreecommitdiff
path: root/src/libstore/remote-store.cc
diff options
context:
space:
mode:
authormatthewcroughan <matt@croughan.sh>2022-12-26 20:21:08 +0000
committerJohn Ericson <John.Ericson@Obsidian.Systems>2023-04-06 19:59:57 -0400
commit9207f945822764a041a485009759f0a895468e94 (patch)
tree8eb60530be71b451d588d493dde52efe86ea30ff /src/libstore/remote-store.cc
parent91856396317995aa38dc7244357596b8de27f937 (diff)
Add `Store::isTrustedClient()`
This function returns true or false depending on whether the Nix client is trusted or not. Mostly relevant when speaking to a remote store with a daemon. We include this information in `nix ping store` and `nix doctor` Co-Authored-By: John Ericson <John.Ericson@Obsidian.Systems>
Diffstat (limited to 'src/libstore/remote-store.cc')
-rw-r--r--src/libstore/remote-store.cc46
1 files changed, 46 insertions, 0 deletions
diff --git a/src/libstore/remote-store.cc b/src/libstore/remote-store.cc
index d24d83117..e128c3a29 100644
--- a/src/libstore/remote-store.cc
+++ b/src/libstore/remote-store.cc
@@ -42,6 +42,40 @@ void write(const Store & store, Sink & out, const StorePath & storePath)
}
+std::optional<TrustedFlag> read(const Store & store, Source & from, Phantom<std::optional<TrustedFlag>> _)
+{
+ auto temp = readNum<uint8_t>(from);
+ switch (temp) {
+ case 0:
+ return std::nullopt;
+ case 1:
+ return { Trusted };
+ case 2:
+ return { NotTrusted };
+ default:
+ throw Error("Invalid trusted status from remote");
+ }
+}
+
+void write(const Store & store, Sink & out, const std::optional<TrustedFlag> & optTrusted)
+{
+ if (!optTrusted)
+ out << (uint8_t)0;
+ else {
+ switch (*optTrusted) {
+ case Trusted:
+ out << (uint8_t)1;
+ break;
+ case NotTrusted:
+ out << (uint8_t)2;
+ break;
+ default:
+ assert(false);
+ };
+ }
+}
+
+
ContentAddress read(const Store & store, Source & from, Phantom<ContentAddress> _)
{
return parseContentAddress(readString(from));
@@ -226,6 +260,13 @@ void RemoteStore::initConnection(Connection & conn)
conn.daemonNixVersion = readString(conn.from);
}
+ if (GET_PROTOCOL_MINOR(conn.daemonVersion) >= 35) {
+ conn.remoteTrustsUs = worker_proto::read(*this, conn.from, Phantom<std::optional<TrustedFlag>> {});
+ } else {
+ // We don't know the answer; protocol to old.
+ conn.remoteTrustsUs = std::nullopt;
+ }
+
auto ex = conn.processStderr();
if (ex) std::rethrow_exception(ex);
}
@@ -1082,6 +1123,11 @@ unsigned int RemoteStore::getProtocol()
return conn->daemonVersion;
}
+std::optional<TrustedFlag> RemoteStore::isTrustedClient()
+{
+ auto conn(getConnection());
+ return conn->remoteTrustsUs;
+}
void RemoteStore::flushBadConnections()
{