/* GNU Guix --- Functional package management for GNU Copyright (C) 2016, 2017, 2018 Ludovic Courtès This file is part of GNU Guix. GNU Guix is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. GNU Guix is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Guix. If not, see . */ #include #include #include #include #include namespace nix { static void builtinDownload(const Derivation &drv, const std::string &drvPath, const std::string &output) { /* Invoke 'guix perform-download'. */ Strings args; args.push_back("perform-download"); args.push_back(drvPath); /* Close all other file descriptors. */ closeMostFDs(set()); const char *const argv[] = { "download", drvPath.c_str(), output.c_str(), NULL }; /* Tell the script what the store file name is, so that 'strip-store-file-name' (used for instance to determine the URL of content-addressed mirrors) works correctly. */ setenv("NIX_STORE", settings.nixStore.c_str(), 1); /* Tell it about options such as "print-extended-build-trace". */ setenv("_NIX_OPTIONS", settings.pack().c_str(), 1); /* XXX: Hack our way to use the 'download' script from 'LIBEXECDIR/guix' or just 'LIBEXECDIR', depending on whether we're running uninstalled or not. */ const string subdir = getenv("GUIX_UNINSTALLED") != NULL ? "" : "/guix"; const string program = settings.nixLibexecDir + subdir + "/download"; execv(program.c_str(), (char *const *) argv); throw SysError(format("failed to run download program '%1%'") % program); } static const std::map builtins = { { "download", builtinDownload } }; derivationBuilder lookupBuiltinBuilder(const std::string & name) { if (name.substr(0, 8) == "builtin:") { auto realName = name.substr(8); auto builder = builtins.find(realName); return builder == builtins.end() ? NULL : builder->second; } else return NULL; } std::list builtinBuilderNames() { std::list result; for(auto&& iter: builtins) { result.push_back(iter.first); } return result; } } :08 +0100'>2022-02-14git-authenticate: Ensure the target is a descendant of the introductory commit....Fixes a bug whereby authentication of a commit *not* descending from the introductory commit could succeed, provided the commit verifies the authorization invariant. In the example below, A is a common ancestor of the introductory commit I and of commit X. Authentication of X would succeed, even though it is not a descendant of I, as long as X is authorized according to the '.guix-authorizations' in A: X I \ / A This is because, 'authenticate-repository' would not check whether X descends from I, and the call (commit-difference X I) would return X. In practice that only affects forks because it means that ancestors of the introductory commit already contain a '.guix-authorizations' file. * guix/git-authenticate.scm (authenticate-repository): Add call to 'commit-descendant?'. * tests/channels.scm ("authenticate-channel, not a descendant of introductory commit"): New test. * tests/git-authenticate.scm ("authenticate-repository, target not a descendant of intro"): New test. * tests/guix-git-authenticate.sh: Expect earlier test to fail since 9549f0283a78fe36f2d4ff2a04ef8ad6b0c02604 is not a descendant of $intro_commit. Add new test targeting an ancestor of the introductory commit, and another test targeting the v1.2.0 commit. * doc/guix.texi (Specifying Channel Authorizations): Add a sentence. Ludovic Courtès