* `nix-store --add-fixed' to preload the outputs of fixed-output

derivations.  This is mostly to simplify the implementation of
  nix-prefetch-{url, svn}, which now work properly in setuid
  installations.

* Enforce valid store names in `nix-store --add / --add-fixed'.

src/libexpr/primops.cc

@@ -267,17 +267,7 @@ static Expr primDerivation(EvalState & state, const ATermVector & _args)
     /* Check the derivation name.  It shouldn't contain whitespace,
        but we are conservative here: we check whether only
        alphanumerics and some other characters appear. */
-    string validChars = "+-._?=";
-    for (string::iterator i = drvName.begin(); i != drvName.end(); ++i)
-        if (!((*i >= 'A' && *i <= 'Z') ||
-              (*i >= 'a' && *i <= 'z') ||
-              (*i >= '0' && *i <= '9') ||
-              validChars.find(*i) != string::npos))
-        {
-            throw Error(format("invalid character `%1%' in derivation name `%2%'")
-                % *i % drvName);
-        }
-
+    checkStoreName(drvName);
     if (isDerivation(drvName))
         throw Error(format("derivation names are not allowed to end in `%1%'")
             % drvExtension);

src/libstore/store.cc

@@ -202,6 +202,21 @@ Path toStorePath(const Path & path)
 }
 
 
+void checkStoreName(const string & name)
+{
+    string validChars = "+-._?=";
+    for (string::const_iterator i = name.begin(); i != name.end(); ++i)
+        if (!((*i >= 'A' && *i <= 'Z') ||
+              (*i >= 'a' && *i <= 'z') ||
+              (*i >= '0' && *i <= '9') ||
+              validChars.find(*i) != string::npos))
+        {
+            throw Error(format("invalid character `%1%' in name `%2%'")
+                % *i % name);
+        }
+}
+
+
 void canonicalisePathMetaData(const Path & path)
 {
     checkInterrupt();
@@ -579,13 +594,28 @@ Path makeStorePath(const string & type,
     string s = type + ":sha256:" + printHash(hash) + ":"
         + nixStore + ":" + suffix;
 
+    checkStoreName(suffix);
+
     return nixStore + "/"
         + printHash32(compressHash(hashString(htSHA256, s), 20))
         + "-" + suffix;
 }
 
 
-Path addToStore(const Path & _srcPath)
+Path makeFixedOutputPath(bool recursive,
+    string hashAlgo, Hash hash, string name)
+{
+    /* !!! copy/paste from primops.cc */
+    Hash h = hashString(htSHA256, "fixed:out:"
+        + (recursive ? (string) "r:" : "") + hashAlgo + ":"
+        + printHash(hash) + ":"
+        + "");
+    return makeStorePath("output:out", h, name);
+}
+
+
+static Path _addToStore(bool fixed, bool recursive,
+    string hashAlgo, const Path & _srcPath)
 {
     Path srcPath(absPath(_srcPath));
     debug(format("adding `%1%' to the store") % srcPath);
@@ -597,7 +627,22 @@ Path addToStore(const Path & _srcPath)
     }
 
     string baseName = baseNameOf(srcPath);
-    Path dstPath = makeStorePath("source", h, baseName);
+
+    Path dstPath;
+    
+    if (fixed) {
+
+        HashType ht(parseHashType(hashAlgo));
+        Hash h2(ht);
+        {
+            SwitchToOriginalUser sw;
+            h2 = recursive ? hashPath(ht, srcPath) : hashFile(ht, srcPath);
+        }
+        
+        dstPath = makeFixedOutputPath(recursive, hashAlgo, h2, baseName);
+    }
+        
+    else dstPath = makeStorePath("source", h, baseName);
 
     addTempRoot(dstPath);
 
@@ -635,6 +680,18 @@ Path addToStore(const Path & _srcPath)
 }
 
 
+Path addToStore(const Path & srcPath)
+{
+    return _addToStore(false, false, "", srcPath);
+}
+
+
+Path addToStoreFixed(bool recursive, string hashAlgo, const Path & srcPath)
+{
+    return _addToStore(true, recursive, hashAlgo, srcPath);
+}
+
+
 Path addTextToStore(const string & suffix, const string & s,
     const PathSet & references)
 {

src/libstore/store.hh

@@ -85,6 +85,8 @@ void assertStorePath(const Path & path);
 bool isInStore(const Path & path);
 bool isStorePath(const Path & path);
 
+void checkStoreName(const string & name);
+
 /* Chop off the parts after the top-level store name, e.g.,
    /nix/store/abcd-foo/bar => /nix/store/abcd-foo. */
 Path toStorePath(const Path & path);
@@ -137,6 +139,13 @@ Path makeStorePath(const string & type,
    the resulting path.  The resulting path is returned. */
 Path addToStore(const Path & srcPath);
 
+/* Like addToStore(), but for pre-adding the outputs of fixed-output
+   derivations. */
+Path addToStoreFixed(bool recursive, string hashAlgo, const Path & srcPath);
+
+Path makeFixedOutputPath(bool recursive,
+    string hashAlgo, Hash hash, string name);
+
 /* Like addToStore, but the contents written to the output path is a
    regular file containing the given string. */
 Path addTextToStore(const string & suffix, const string & s,

src/nix-store/main.cc

@@ -85,8 +85,7 @@ static void opRealise(Strings opFlags, Strings opArgs)
 }
 
 
-/* Add files to the Nix values directory and print the resulting
-   paths. */
+/* Add files to the Nix store and print the resulting paths. */
 static void opAdd(Strings opFlags, Strings opArgs)
 {
     if (!opFlags.empty()) throw UsageError("unknown flag");
@@ -96,6 +95,49 @@ static void opAdd(Strings opFlags, Strings opArgs)
 }
 
 
+/* Preload the output of a fixed-output derivation into the Nix
+   store. */
+static void opAddFixed(Strings opFlags, Strings opArgs)
+{
+    bool recursive = false;
+    
+    for (Strings::iterator i = opFlags.begin();
+         i != opFlags.end(); ++i)
+        if (*i == "--recursive") recursive = true;
+        else throw UsageError(format("unknown flag `%1%'") % *i);
+
+    if (opArgs.empty())
+        throw UsageError("first argument must be hash algorithm");
+    
+    string hashAlgo = opArgs.front();
+    opArgs.pop_front();
+
+    for (Strings::iterator i = opArgs.begin(); i != opArgs.end(); ++i)
+        cout << format("%1%\n") % addToStoreFixed(recursive, hashAlgo, *i);
+}
+
+
+/* Hack to support caching in `nix-prefetch-url'. */
+static void opPrintFixedPath(Strings opFlags, Strings opArgs)
+{
+    bool recursive = false;
+    
+    for (Strings::iterator i = opFlags.begin();
+         i != opFlags.end(); ++i)
+        if (*i == "--recursive") recursive = true;
+        else throw UsageError(format("unknown flag `%1%'") % *i);
+
+    Strings::iterator i = opArgs.begin();
+    string hashAlgo = *i++;
+    string hash = *i++;
+    string name = *i++;
+
+    cout << format("%1%\n") %
+        makeFixedOutputPath(recursive, hashAlgo,
+            parseHash(parseHashType(hashAlgo), hash), name);
+}
+
+
 /* Place in `paths' the set of paths that are required to `realise'
    the given store path, i.e., all paths necessary for valid
    deployment of the path.  For a derivation, this is the union of
@@ -557,6 +599,10 @@ void run(Strings args)
             op = opRealise;
         else if (arg == "--add" || arg == "-A")
             op = opAdd;
+        else if (arg == "--add-fixed")
+            op = opAddFixed;
+        else if (arg == "--print-fixed-path")
+            op = opPrintFixedPath;
         else if (arg == "--query" || arg == "-q")
             op = opQuery;
         else if (arg == "--substitute")