diff options
author | Eelco Dolstra <e.dolstra@tudelft.nl> | 2007-01-29 15:51:37 +0000 |
---|---|---|
committer | Eelco Dolstra <e.dolstra@tudelft.nl> | 2007-01-29 15:51:37 +0000 |
commit | b618fa6eb6aa4cc128286ab748bfb100fa46a888 (patch) | |
tree | cbc903a32f4b1fa2570904e4e4768839b2e64a1e /src/libstore/store-api.cc | |
parent | c558b1583c0e23bf4e19e916ef0ba223b61405a3 (diff) |
* computeStorePathForText: take the references into account when
computing the store path (NIX-77). This is an important security
property in multi-user Nix stores.
Note that this changes the store paths of derivations (since the
derivation aterms are added using addTextToStore), but not most
outputs (unless they use builtins.toFile).
Diffstat (limited to 'src/libstore/store-api.cc')
-rw-r--r-- | src/libstore/store-api.cc | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index be9ea788b..6ffbaf1eb 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -73,6 +73,8 @@ Path makeStorePath(const string & type, string s = type + ":sha256:" + printHash(hash) + ":" + nixStore + ":" + suffix; + printMsg(lvlError, s); + checkStoreName(suffix); return nixStore + "/" @@ -114,10 +116,19 @@ std::pair<Path, Hash> computeStorePathForPath(const Path & srcPath, } -Path computeStorePathForText(const string & suffix, const string & s) +Path computeStorePathForText(const string & suffix, const string & s, + const PathSet & references) { Hash hash = hashString(htSHA256, s); - return makeStorePath("text", hash, suffix); + /* Stuff the references (if any) into the type. This is a bit + hacky, but we can't put them in `s' since that would be + ambiguous. */ + string type = "text"; + for (PathSet::const_iterator i = references.begin(); i != references.end(); ++i) { + type += ":"; + type += *i; + } + return makeStorePath(type, hash, suffix); } |