wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-25 06:31:14 +02:00
Code Activity

Merge pull request #12009 from DeterminateSystems/401-cache

Browse source 
HttpBinaryCacheStore: Improve error message for unauthorized caches
This commit is contained in:
Jörg Thalheim 2024-12-10 05:41:37 +01:00 committed by GitHub
commit 7bd8ece4ba
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 29 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/libstore/binary-cache-store.cc
View file

@ -39,15 +39,13 @@ BinaryCacheStore::BinaryCacheStore(const Params & params)
void BinaryCacheStore::init() void BinaryCacheStore::init()
{ {
std::string cacheInfoFile = "nix-cache-info"; auto cacheInfo = getNixCacheInfo();
auto cacheInfo = getFile(cacheInfoFile);
if (!cacheInfo) { if (!cacheInfo) {
upsertFile(cacheInfoFile, "StoreDir: " + storeDir + "\n", "text/x-nix-cache-info"); upsertFile(cacheInfoFile, "StoreDir: " + storeDir + "\n", "text/x-nix-cache-info");
} else { } else {
for (auto & line : tokenizeString<Strings>(*cacheInfo, "\n")) { for (auto & line : tokenizeString<Strings>(*cacheInfo, "\n")) {
size_t colon= line.find(':'); size_t colon = line.find(':');
if (colon ==std::string::npos) continue; if (colon == std::string::npos) continue;
auto name = line.substr(0, colon); auto name = line.substr(0, colon);
auto value = trim(line.substr(colon + 1, std::string::npos)); auto value = trim(line.substr(colon + 1, std::string::npos));
if (name == "StoreDir") { if (name == "StoreDir") {
@ -63,6 +61,11 @@ void BinaryCacheStore::init()
} }
} }
std::optional<std::string> BinaryCacheStore::getNixCacheInfo()
{
return getFile(cacheInfoFile);
}
void BinaryCacheStore::upsertFile(const std::string & path, void BinaryCacheStore::upsertFile(const std::string & path,
std::string && data, std::string && data,
const std::string & mimeType) const std::string & mimeType)

8
src/libstore/binary-cache-store.hh
View file

@ -64,6 +64,8 @@ protected:
// The prefix under which realisation infos will be stored // The prefix under which realisation infos will be stored
const std::string realisationsPrefix = "realisations"; const std::string realisationsPrefix = "realisations";
const std::string cacheInfoFile = "nix-cache-info";
BinaryCacheStore(const Params & params); BinaryCacheStore(const Params & params);
public: public:
@ -84,6 +86,12 @@ public:
*/ */
virtual void getFile(const std::string & path, Sink & sink); virtual void getFile(const std::string & path, Sink & sink);
/**
* Get the contents of /nix-cache-info. Return std::nullopt if it
* doesn't exist.
*/
virtual std::optional<std::string> getNixCacheInfo();
/** /**
* Fetch the specified file and call the specified callback with * Fetch the specified file and call the specified callback with
* the result. A subclass may implement this asynchronously. * the result. A subclass may implement this asynchronously.

13
src/libstore/http-binary-cache-store.cc
View file

@ -194,6 +194,19 @@ protected:
} }
} }
std::optional<std::string> getNixCacheInfo() override
{
try {
auto result = getFileTransfer()->download(makeRequest(cacheInfoFile));
return result.data;
} catch (FileTransferError & e) {
if (e.error == FileTransfer::NotFound)
return std::nullopt;
maybeDisable();
throw;
}
}
/** /**
* This isn't actually necessary read only. We support "upsert" now, so we * This isn't actually necessary read only. We support "upsert" now, so we
* have a notion of authentication via HTTP POST/PUT. * have a notion of authentication via HTTP POST/PUT.