From 9207f945822764a041a485009759f0a895468e94 Mon Sep 17 00:00:00 2001
From: matthewcroughan <matt@croughan.sh>
Date: Mon, 26 Dec 2022 20:21:08 +0000
Subject: Add `Store::isTrustedClient()`

This function returns true or false depending on whether the Nix client
is trusted or not. Mostly relevant when speaking to a remote store with
a daemon.

We include this information in `nix ping store` and `nix doctor`

Co-Authored-By: John Ericson <John.Ericson@Obsidian.Systems>
---
 src/libstore/daemon.cc | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/libstore/daemon.cc')

diff --git a/src/libstore/daemon.cc b/src/libstore/daemon.cc
index 656ad4587..63898f8dc 100644
--- a/src/libstore/daemon.cc
+++ b/src/libstore/daemon.cc
@@ -1032,6 +1032,15 @@ void processConnection(
     if (GET_PROTOCOL_MINOR(clientVersion) >= 33)
         to << nixVersion;
 
+    if (GET_PROTOCOL_MINOR(clientVersion) >= 35) {
+        // We and the underlying store both need to trust the client for
+        // it to be trusted.
+        auto temp = trusted
+            ? store->isTrustedClient()
+            : std::optional { NotTrusted };
+        worker_proto::write(*store, to, temp);
+    }
+
     /* Send startup error messages to the client. */
     tunnelLogger->startWork();
 
-- 
cgit v1.2.3