Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
;;; GNU Guix --- Functional package management for GNU
|
2019-06-03 17:18:41 +02:00
|
|
|
|
;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
|
2014-04-07 01:46:16 +02:00
|
|
|
|
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
|
Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
;;;
|
|
|
|
|
;;; This file is part of GNU Guix.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
|
;;; your option) any later version.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
|
;;;
|
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
|
|
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
(define-module (guix nar)
|
|
|
|
|
#:use-module (guix serialization)
|
2016-05-06 13:12:45 +02:00
|
|
|
|
#:use-module (guix build syscalls)
|
2014-01-22 17:09:21 +01:00
|
|
|
|
#:use-module ((guix build utils)
|
|
|
|
|
#:select (delete-file-recursively with-directory-excursion))
|
2018-11-13 09:46:40 +01:00
|
|
|
|
|
|
|
|
|
;; XXX: Eventually we should use (guix store database) exclusively, and not
|
|
|
|
|
;; (guix store) since this is "daemon-side" code.
|
2014-01-22 17:09:21 +01:00
|
|
|
|
#:use-module (guix store)
|
2018-06-08 10:56:19 +02:00
|
|
|
|
#:use-module (guix store database)
|
2020-06-18 11:58:41 +02:00
|
|
|
|
#:use-module ((guix build store-copy) #:select (store-info))
|
2018-11-13 09:46:40 +01:00
|
|
|
|
|
2020-06-18 14:26:48 +02:00
|
|
|
|
#:use-module (guix i18n)
|
Switch to Guile-Gcrypt.
This removes (guix hash) and (guix pk-crypto), which now live as part of
Guile-Gcrypt (version 0.1.0.)
* guix/gcrypt.scm, guix/hash.scm, guix/pk-crypto.scm,
tests/hash.scm, tests/pk-crypto.scm: Remove.
* configure.ac: Test for Guile-Gcrypt. Remove LIBGCRYPT and
LIBGCRYPT_LIBDIR assignments.
* m4/guix.m4 (GUIX_ASSERT_LIBGCRYPT_USABLE): Remove.
* README: Add Guile-Gcrypt to the dependencies; move libgcrypt as
"required unless --disable-daemon".
* doc/guix.texi (Requirements): Likewise.
* gnu/packages/bash.scm, guix/derivations.scm, guix/docker.scm,
guix/git.scm, guix/http-client.scm, guix/import/cpan.scm,
guix/import/cran.scm, guix/import/crate.scm, guix/import/elpa.scm,
guix/import/gnu.scm, guix/import/hackage.scm,
guix/import/texlive.scm, guix/import/utils.scm, guix/nar.scm,
guix/pki.scm, guix/scripts/archive.scm,
guix/scripts/authenticate.scm, guix/scripts/download.scm,
guix/scripts/hash.scm, guix/scripts/pack.scm,
guix/scripts/publish.scm, guix/scripts/refresh.scm,
guix/scripts/substitute.scm, guix/store.scm,
guix/store/deduplication.scm, guix/tests.scm, tests/base32.scm,
tests/builders.scm, tests/challenge.scm, tests/cpan.scm,
tests/crate.scm, tests/derivations.scm, tests/gem.scm,
tests/nar.scm, tests/opam.scm, tests/pki.scm,
tests/publish.scm, tests/pypi.scm, tests/store-deduplication.scm,
tests/store.scm, tests/substitute.scm: Adjust imports.
* gnu/system/vm.scm: Likewise.
(guile-sqlite3&co): Rename to...
(gcrypt-sqlite3&co): ... this. Add GUILE-GCRYPT.
(expression->derivation-in-linux-vm)[config]: Remove.
(iso9660-image)[config]: Remove.
(qemu-image)[config]: Remove.
(system-docker-image)[config]: Remove.
* guix/scripts/pack.scm: Adjust imports.
(guile-sqlite3&co): Rename to...
(gcrypt-sqlite3&co): ... this. Add GUILE-GCRYPT.
(self-contained-tarball)[build]: Call 'make-config.scm' without
#:libgcrypt argument.
(squashfs-image)[libgcrypt]: Remove.
[build]: Call 'make-config.scm' without #:libgcrypt.
(docker-image)[config, json]: Remove.
[build]: Add GUILE-GCRYPT to the extensions Remove (guix config) from
the imported modules.
* guix/self.scm (specification->package): Remove "libgcrypt", add
"guile-gcrypt".
(compiled-guix): Remove #:libgcrypt.
[guile-gcrypt]: New variable.
[dependencies]: Add it.
[*core-modules*]: Remove #:libgcrypt from 'make-config.scm' call.
Add #:extensions.
[*config*]: Remove #:libgcrypt from 'make-config.scm' call.
(%dependency-variables): Remove %libgcrypt.
(make-config.scm): Remove #:libgcrypt.
* build-aux/build-self.scm (guile-gcrypt): New variable.
(make-config.scm): Remove #:libgcrypt.
(build-program)[fake-gcrypt-hash]: New variable.
Add (gcrypt hash) to the imported modules. Adjust load path
assignments.
* gnu/packages/package-management.scm (guix)[propagated-inputs]: Add
GUILE-GCRYPT.
[arguments]: In 'wrap-program' phase, add GUILE-GCRYPT to the search
path.
2018-08-31 17:07:07 +02:00
|
|
|
|
#:use-module (gcrypt hash)
|
2014-01-22 17:09:21 +01:00
|
|
|
|
#:use-module (guix pki)
|
Switch to Guile-Gcrypt.
This removes (guix hash) and (guix pk-crypto), which now live as part of
Guile-Gcrypt (version 0.1.0.)
* guix/gcrypt.scm, guix/hash.scm, guix/pk-crypto.scm,
tests/hash.scm, tests/pk-crypto.scm: Remove.
* configure.ac: Test for Guile-Gcrypt. Remove LIBGCRYPT and
LIBGCRYPT_LIBDIR assignments.
* m4/guix.m4 (GUIX_ASSERT_LIBGCRYPT_USABLE): Remove.
* README: Add Guile-Gcrypt to the dependencies; move libgcrypt as
"required unless --disable-daemon".
* doc/guix.texi (Requirements): Likewise.
* gnu/packages/bash.scm, guix/derivations.scm, guix/docker.scm,
guix/git.scm, guix/http-client.scm, guix/import/cpan.scm,
guix/import/cran.scm, guix/import/crate.scm, guix/import/elpa.scm,
guix/import/gnu.scm, guix/import/hackage.scm,
guix/import/texlive.scm, guix/import/utils.scm, guix/nar.scm,
guix/pki.scm, guix/scripts/archive.scm,
guix/scripts/authenticate.scm, guix/scripts/download.scm,
guix/scripts/hash.scm, guix/scripts/pack.scm,
guix/scripts/publish.scm, guix/scripts/refresh.scm,
guix/scripts/substitute.scm, guix/store.scm,
guix/store/deduplication.scm, guix/tests.scm, tests/base32.scm,
tests/builders.scm, tests/challenge.scm, tests/cpan.scm,
tests/crate.scm, tests/derivations.scm, tests/gem.scm,
tests/nar.scm, tests/opam.scm, tests/pki.scm,
tests/publish.scm, tests/pypi.scm, tests/store-deduplication.scm,
tests/store.scm, tests/substitute.scm: Adjust imports.
* gnu/system/vm.scm: Likewise.
(guile-sqlite3&co): Rename to...
(gcrypt-sqlite3&co): ... this. Add GUILE-GCRYPT.
(expression->derivation-in-linux-vm)[config]: Remove.
(iso9660-image)[config]: Remove.
(qemu-image)[config]: Remove.
(system-docker-image)[config]: Remove.
* guix/scripts/pack.scm: Adjust imports.
(guile-sqlite3&co): Rename to...
(gcrypt-sqlite3&co): ... this. Add GUILE-GCRYPT.
(self-contained-tarball)[build]: Call 'make-config.scm' without
#:libgcrypt argument.
(squashfs-image)[libgcrypt]: Remove.
[build]: Call 'make-config.scm' without #:libgcrypt.
(docker-image)[config, json]: Remove.
[build]: Add GUILE-GCRYPT to the extensions Remove (guix config) from
the imported modules.
* guix/self.scm (specification->package): Remove "libgcrypt", add
"guile-gcrypt".
(compiled-guix): Remove #:libgcrypt.
[guile-gcrypt]: New variable.
[dependencies]: Add it.
[*core-modules*]: Remove #:libgcrypt from 'make-config.scm' call.
Add #:extensions.
[*config*]: Remove #:libgcrypt from 'make-config.scm' call.
(%dependency-variables): Remove %libgcrypt.
(make-config.scm): Remove #:libgcrypt.
* build-aux/build-self.scm (guile-gcrypt): New variable.
(make-config.scm): Remove #:libgcrypt.
(build-program)[fake-gcrypt-hash]: New variable.
Add (gcrypt hash) to the imported modules. Adjust load path
assignments.
* gnu/packages/package-management.scm (guix)[propagated-inputs]: Add
GUILE-GCRYPT.
[arguments]: In 'wrap-program' phase, add GUILE-GCRYPT to the search
path.
2018-08-31 17:07:07 +02:00
|
|
|
|
#:use-module (gcrypt pk-crypto)
|
Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
#:use-module (srfi srfi-1)
|
2014-01-22 17:09:21 +01:00
|
|
|
|
#:use-module (srfi srfi-11)
|
Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
#:use-module (srfi srfi-26)
|
2013-04-08 22:54:08 +02:00
|
|
|
|
#:use-module (srfi srfi-34)
|
|
|
|
|
#:use-module (srfi srfi-35)
|
Break module cycle involving (guix store) and (guix ui).
Before, there was a cycle along the lines of:
(guix store) -> (guix nar) -> (guix ui) -> (guix store)
This caused problems, as discussed at:
http://lists.gnu.org/archive/html/guix-devel/2014-10/msg00109.html
This patch removes cycles in the (guix ...) modules.
* guix/nar.scm (&nar-error, &nar-read-error, dump, write-contents,
read-contents, %archive-version-1, write-file, restore-file): Move to...
* guix/serialization.scm: ... here.
* guix/store.scm: Remove dependency on (guix nar).
* guix/scripts/hash.scm, guix/scripts/offload.scm,
guix/scripts/substitute-binary.scm, tests/nar.scm, tests/store.scm,
tests/substitute-binary.scm: Adjust accordingly.
2014-10-09 23:46:13 +02:00
|
|
|
|
#:export (nar-invalid-hash-error?
|
2014-01-22 17:09:21 +01:00
|
|
|
|
nar-invalid-hash-error-expected
|
|
|
|
|
nar-invalid-hash-error-actual
|
|
|
|
|
|
|
|
|
|
nar-signature-error?
|
|
|
|
|
nar-signature-error-signature
|
|
|
|
|
|
|
|
|
|
restore-file-set))
|
Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
|
|
|
|
|
;;; Comment:
|
|
|
|
|
;;;
|
|
|
|
|
;;; Read and write Nix archives, aka. ‘nar’.
|
|
|
|
|
;;;
|
|
|
|
|
;;; Code:
|
|
|
|
|
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(define-condition-type &nar-signature-error &nar-error
|
|
|
|
|
nar-signature-error?
|
|
|
|
|
(signature nar-signature-error-signature)) ; faulty signature or #f
|
2013-04-08 22:54:08 +02:00
|
|
|
|
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(define-condition-type &nar-invalid-hash-error &nar-signature-error
|
|
|
|
|
nar-invalid-hash-error?
|
|
|
|
|
(expected nar-invalid-hash-error-expected) ; expected hash (a bytevector)
|
|
|
|
|
(actual nar-invalid-hash-error-actual)) ; actual hash
|
|
|
|
|
|
2013-04-08 22:54:08 +02:00
|
|
|
|
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
|
|
|
|
;;;
|
|
|
|
|
;;; Restoring a file set into the store.
|
|
|
|
|
;;;
|
|
|
|
|
|
|
|
|
|
;; The code below accesses the store directly and is meant to be run from
|
|
|
|
|
;; "build hooks", which cannot invoke the daemon's 'import-paths' RPC since
|
|
|
|
|
;; (1) the locks on the files to be restored as already held, and (2) the
|
|
|
|
|
;; $NIX_HELD_LOCKS hackish environment variable cannot be set.
|
|
|
|
|
;;
|
|
|
|
|
;; So we're really duplicating that functionality of the daemon (well, until
|
|
|
|
|
;; most of the daemon is in Scheme :-)). But note that we do use a couple of
|
|
|
|
|
;; RPCs for functionality not available otherwise, like 'valid-path?'.
|
|
|
|
|
|
|
|
|
|
(define* (finalize-store-file source target
|
|
|
|
|
#:key (references '()) deriver (lock? #t))
|
|
|
|
|
"Rename SOURCE to TARGET and register TARGET as a valid store item, with
|
|
|
|
|
REFERENCES and DERIVER. When LOCK? is true, acquire exclusive locks on TARGET
|
|
|
|
|
before attempting to register it; otherwise, assume TARGET's locks are already
|
|
|
|
|
held."
|
2020-05-06 18:48:21 +02:00
|
|
|
|
;; TODO: make this reusable
|
|
|
|
|
(define (acquire-lock file)
|
|
|
|
|
(let ((port (lock-file file)))
|
|
|
|
|
;; There is an inherent race condition between opening the lock file and
|
|
|
|
|
;; attempting to acquire the lock on it, and because we like deleting
|
|
|
|
|
;; these lock files when we release them, only the first successful
|
|
|
|
|
;; acquisition on a given lock file matters. To make it easier to tell
|
|
|
|
|
;; when an acquisition is and isn't the first, the first to acquire it
|
|
|
|
|
;; writes a deletion token (arbitrary character) prior to releasing the
|
|
|
|
|
;; lock.
|
|
|
|
|
(if (zero? (stat:size (stat port)))
|
|
|
|
|
port
|
|
|
|
|
;; if FILE is non-empty, that's because it contains the deletion
|
|
|
|
|
;; token, so we aren't the first to acquire it. So try again!
|
|
|
|
|
(begin
|
|
|
|
|
(close port)
|
|
|
|
|
(acquire-lock file)))))
|
|
|
|
|
|
2018-11-13 09:46:40 +01:00
|
|
|
|
(with-database %default-database-file db
|
|
|
|
|
(unless (path-id db target)
|
2019-06-03 17:18:41 +02:00
|
|
|
|
(let ((lock (and lock?
|
2020-05-06 18:48:21 +02:00
|
|
|
|
(acquire-lock (string-append target ".lock")))))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2019-06-03 17:18:41 +02:00
|
|
|
|
(unless (path-id db target)
|
|
|
|
|
;; If FILE already exists, delete it (it's invalid anyway.)
|
|
|
|
|
(when (file-exists? target)
|
|
|
|
|
(delete-file-recursively target))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2019-06-03 17:18:41 +02:00
|
|
|
|
;; Install the new TARGET.
|
|
|
|
|
(rename-file source target)
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2019-06-03 17:18:41 +02:00
|
|
|
|
;; Register TARGET. As a side effect, it resets the timestamps of all
|
|
|
|
|
;; its files, recursively, and runs a deduplication pass.
|
2020-06-18 11:58:41 +02:00
|
|
|
|
(register-items db
|
|
|
|
|
(list (store-info target deriver references))))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2019-06-03 17:18:41 +02:00
|
|
|
|
(when lock?
|
2020-05-06 18:48:21 +02:00
|
|
|
|
(delete-file (string-append target ".lock"))
|
|
|
|
|
;; Write the deletion token to inform anyone who acquires the lock
|
|
|
|
|
;; on this particular file next that they aren't the first to
|
|
|
|
|
;; acquire it, so they should retry.
|
|
|
|
|
(display "d" lock)
|
|
|
|
|
(force-output lock)
|
2019-06-03 17:18:41 +02:00
|
|
|
|
(unlock-file lock))))))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2014-04-12 23:03:56 +02:00
|
|
|
|
(define (temporary-store-file)
|
2014-04-21 23:23:34 +02:00
|
|
|
|
"Return the file name of a temporary file created in the store."
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(let* ((template (string-append (%store-prefix) "/guix-XXXXXX"))
|
|
|
|
|
(port (mkstemp! template)))
|
|
|
|
|
(close-port port)
|
2014-04-21 23:23:34 +02:00
|
|
|
|
template))
|
2014-04-12 23:03:56 +02:00
|
|
|
|
|
|
|
|
|
(define-syntax-rule (with-temporary-store-file name body ...)
|
|
|
|
|
"Evaluate BODY with NAME bound to the file name of a temporary store item
|
|
|
|
|
protected from GC."
|
2020-05-06 18:52:16 +02:00
|
|
|
|
(with-store store
|
|
|
|
|
(let loop ((name (temporary-store-file)))
|
2014-04-21 23:23:34 +02:00
|
|
|
|
;; Add NAME to the current process' roots. (Opening this connection to
|
|
|
|
|
;; the daemon allows us to reuse its code that deals with the
|
|
|
|
|
;; per-process roots file.)
|
|
|
|
|
(add-temp-root store name)
|
|
|
|
|
|
|
|
|
|
;; There's a window during which GC could delete NAME. Try again when
|
|
|
|
|
;; that happens.
|
|
|
|
|
(if (file-exists? name)
|
|
|
|
|
(begin
|
|
|
|
|
(delete-file name)
|
|
|
|
|
body ...)
|
|
|
|
|
(loop (temporary-store-file))))))
|
2014-04-12 23:03:56 +02:00
|
|
|
|
|
|
|
|
|
(define* (restore-one-item port
|
|
|
|
|
#:key acl (verify-signature? #t) (lock? #t)
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(log-port (current-error-port)))
|
2014-04-12 23:03:56 +02:00
|
|
|
|
"Restore one store item from PORT; return its file name on success."
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
|
|
|
|
(define (assert-valid-signature signature hash file)
|
2014-03-15 12:46:16 +01:00
|
|
|
|
;; Bail out if SIGNATURE, which must be a string as produced by
|
|
|
|
|
;; 'canonical-sexp->string', doesn't match HASH, a bytevector containing
|
|
|
|
|
;; the expected hash for FILE.
|
2014-03-31 23:47:02 +02:00
|
|
|
|
(let ((signature (catch 'gcry-error
|
|
|
|
|
(lambda ()
|
|
|
|
|
(string->canonical-sexp signature))
|
2014-04-22 11:41:52 +02:00
|
|
|
|
(lambda (key proc err)
|
2014-03-31 23:47:02 +02:00
|
|
|
|
(raise (condition
|
|
|
|
|
(&message
|
|
|
|
|
(message "signature is not a valid \
|
2014-01-22 17:09:21 +01:00
|
|
|
|
s-expression"))
|
2014-03-31 23:47:02 +02:00
|
|
|
|
(&nar-signature-error
|
|
|
|
|
(file file)
|
|
|
|
|
(signature signature) (port port))))))))
|
|
|
|
|
(signature-case (signature hash (current-acl))
|
|
|
|
|
(valid-signature #t)
|
|
|
|
|
(invalid-signature
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message (message "invalid signature"))
|
|
|
|
|
(&nar-signature-error
|
|
|
|
|
(file file) (signature signature) (port port)))))
|
|
|
|
|
(hash-mismatch
|
|
|
|
|
(raise (condition (&message (message "invalid hash"))
|
|
|
|
|
(&nar-invalid-hash-error
|
|
|
|
|
(port port) (file file)
|
|
|
|
|
(signature signature)
|
|
|
|
|
(expected (hash-data->bytevector
|
|
|
|
|
(signature-signed-data signature)))
|
|
|
|
|
(actual hash)))))
|
|
|
|
|
(unauthorized-key
|
|
|
|
|
(raise (condition (&message (message "unauthorized public key"))
|
|
|
|
|
(&nar-signature-error
|
|
|
|
|
(signature signature) (file file) (port port)))))
|
|
|
|
|
(corrupt-signature
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message (message "corrupt signature data"))
|
|
|
|
|
(&nar-signature-error
|
|
|
|
|
(signature signature) (file file) (port port))))))))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
|
2014-04-12 23:03:56 +02:00
|
|
|
|
(define %export-magic
|
|
|
|
|
;; Number used to identify genuine file set archives.
|
|
|
|
|
#x4558494e)
|
|
|
|
|
|
|
|
|
|
(define port*
|
|
|
|
|
;; Keep that one around, for error conditions.
|
|
|
|
|
port)
|
|
|
|
|
|
|
|
|
|
(let-values (((port get-hash)
|
|
|
|
|
(open-sha256-input-port port)))
|
|
|
|
|
(with-temporary-store-file temp
|
|
|
|
|
(restore-file port temp)
|
|
|
|
|
|
|
|
|
|
(let ((magic (read-int port)))
|
|
|
|
|
(unless (= magic %export-magic)
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message (message "corrupt file set archive"))
|
|
|
|
|
(&nar-read-error
|
|
|
|
|
(port port*) (file #f) (token #f))))))
|
|
|
|
|
|
|
|
|
|
(let ((file (read-store-path port))
|
|
|
|
|
(refs (read-store-path-list port))
|
|
|
|
|
(deriver (read-string port))
|
|
|
|
|
(hash (get-hash))
|
|
|
|
|
(has-sig? (= 1 (read-int port))))
|
|
|
|
|
(format log-port
|
ui: Rename '_' to 'G_'.
This avoids collisions with '_' when the latter is used as a 'match'
pattern for instance. See
<https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00464.html>.
* guix/ui.scm: Rename '_' to 'G_'.
* po/guix/Makevars (XGETTEXT_OPTIONS): Adjust accordingly.
* build-aux/compile-all.scm (warnings): Remove 'format'.
* gnu/packages.scm,
gnu/services.scm,
gnu/services/shepherd.scm,
gnu/system.scm,
gnu/system/shadow.scm,
guix/gnupg.scm,
guix/http-client.scm,
guix/import/cpan.scm,
guix/import/elpa.scm,
guix/import/pypi.scm,
guix/nar.scm,
guix/scripts.scm,
guix/scripts/archive.scm,
guix/scripts/authenticate.scm,
guix/scripts/build.scm,
guix/scripts/challenge.scm,
guix/scripts/container.scm,
guix/scripts/container/exec.scm,
guix/scripts/copy.scm,
guix/scripts/download.scm,
guix/scripts/edit.scm,
guix/scripts/environment.scm,
guix/scripts/gc.scm,
guix/scripts/graph.scm,
guix/scripts/hash.scm,
guix/scripts/import.scm,
guix/scripts/import/cpan.scm,
guix/scripts/import/cran.scm,
guix/scripts/import/crate.scm,
guix/scripts/import/elpa.scm,
guix/scripts/import/gem.scm,
guix/scripts/import/gnu.scm,
guix/scripts/import/hackage.scm,
guix/scripts/import/nix.scm,
guix/scripts/import/pypi.scm,
guix/scripts/import/stackage.scm,
guix/scripts/lint.scm,
guix/scripts/offload.scm,
guix/scripts/pack.scm,
guix/scripts/package.scm,
guix/scripts/perform-download.scm,
guix/scripts/publish.scm,
guix/scripts/pull.scm,
guix/scripts/refresh.scm,
guix/scripts/size.scm,
guix/scripts/substitute.scm,
guix/scripts/system.scm,
guix/ssh.scm,
guix/upstream.scm: Use 'G_' instead of '_'. Most of this change was
obtained by running: "sed -i -e's/(_ "/(G_ "/g' `find -name \*.scm`".
2017-05-03 15:57:02 +02:00
|
|
|
|
(G_ "importing file or directory '~a'...~%")
|
2014-04-12 23:03:56 +02:00
|
|
|
|
file)
|
|
|
|
|
|
2015-01-18 22:19:04 +01:00
|
|
|
|
;; The signature may contain characters that are meant to be
|
|
|
|
|
;; interpreted as bytes in a 'char *', so read them as a ISO-8859-1.
|
|
|
|
|
(let ((sig (and has-sig? (read-latin1-string port))))
|
2014-04-12 23:03:56 +02:00
|
|
|
|
(when verify-signature?
|
|
|
|
|
(if sig
|
|
|
|
|
(begin
|
|
|
|
|
(assert-valid-signature sig hash file)
|
|
|
|
|
(format log-port
|
ui: Rename '_' to 'G_'.
This avoids collisions with '_' when the latter is used as a 'match'
pattern for instance. See
<https://lists.gnu.org/archive/html/guix-devel/2017-04/msg00464.html>.
* guix/ui.scm: Rename '_' to 'G_'.
* po/guix/Makevars (XGETTEXT_OPTIONS): Adjust accordingly.
* build-aux/compile-all.scm (warnings): Remove 'format'.
* gnu/packages.scm,
gnu/services.scm,
gnu/services/shepherd.scm,
gnu/system.scm,
gnu/system/shadow.scm,
guix/gnupg.scm,
guix/http-client.scm,
guix/import/cpan.scm,
guix/import/elpa.scm,
guix/import/pypi.scm,
guix/nar.scm,
guix/scripts.scm,
guix/scripts/archive.scm,
guix/scripts/authenticate.scm,
guix/scripts/build.scm,
guix/scripts/challenge.scm,
guix/scripts/container.scm,
guix/scripts/container/exec.scm,
guix/scripts/copy.scm,
guix/scripts/download.scm,
guix/scripts/edit.scm,
guix/scripts/environment.scm,
guix/scripts/gc.scm,
guix/scripts/graph.scm,
guix/scripts/hash.scm,
guix/scripts/import.scm,
guix/scripts/import/cpan.scm,
guix/scripts/import/cran.scm,
guix/scripts/import/crate.scm,
guix/scripts/import/elpa.scm,
guix/scripts/import/gem.scm,
guix/scripts/import/gnu.scm,
guix/scripts/import/hackage.scm,
guix/scripts/import/nix.scm,
guix/scripts/import/pypi.scm,
guix/scripts/import/stackage.scm,
guix/scripts/lint.scm,
guix/scripts/offload.scm,
guix/scripts/pack.scm,
guix/scripts/package.scm,
guix/scripts/perform-download.scm,
guix/scripts/publish.scm,
guix/scripts/pull.scm,
guix/scripts/refresh.scm,
guix/scripts/size.scm,
guix/scripts/substitute.scm,
guix/scripts/system.scm,
guix/ssh.scm,
guix/upstream.scm: Use 'G_' instead of '_'. Most of this change was
obtained by running: "sed -i -e's/(_ "/(G_ "/g' `find -name \*.scm`".
2017-05-03 15:57:02 +02:00
|
|
|
|
(G_ "found valid signature for '~a'~%")
|
2014-04-12 23:03:56 +02:00
|
|
|
|
file)
|
|
|
|
|
(finalize-store-file temp file
|
|
|
|
|
#:references refs
|
|
|
|
|
#:deriver deriver
|
|
|
|
|
#:lock? lock?))
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message (message "imported file lacks \
|
|
|
|
|
a signature"))
|
|
|
|
|
(&nar-signature-error
|
|
|
|
|
(port port*) (file file) (signature #f))))))
|
|
|
|
|
file)))))
|
|
|
|
|
|
|
|
|
|
(define* (restore-file-set port
|
|
|
|
|
#:key (verify-signature? #t) (lock? #t)
|
|
|
|
|
(log-port (current-error-port)))
|
|
|
|
|
"Restore the file set read from PORT to the store. The format of the data
|
|
|
|
|
on PORT must be as created by 'export-paths'---i.e., a series of Nar-formatted
|
|
|
|
|
archives with interspersed meta-data joining them together, possibly with a
|
|
|
|
|
digital signature at the end. Log progress to LOG-PORT. Return the list of
|
|
|
|
|
files restored.
|
|
|
|
|
|
|
|
|
|
When LOCK? is #f, assume locks for the files to be restored are already held.
|
|
|
|
|
This is the case when the daemon calls a build hook.
|
|
|
|
|
|
|
|
|
|
Note that this procedure accesses the store directly, so it's only meant to be
|
|
|
|
|
used by the daemon's build hooks since they cannot call back to the daemon
|
|
|
|
|
while the locks are held."
|
|
|
|
|
(define acl
|
|
|
|
|
(current-acl))
|
|
|
|
|
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(let loop ((n (read-long-long port))
|
|
|
|
|
(files '()))
|
|
|
|
|
(case n
|
|
|
|
|
((0)
|
|
|
|
|
(reverse files))
|
|
|
|
|
((1)
|
2014-04-12 23:03:56 +02:00
|
|
|
|
(let ((file
|
|
|
|
|
(restore-one-item port
|
|
|
|
|
#:acl acl #:verify-signature? verify-signature?
|
|
|
|
|
#:lock? lock? #:log-port log-port)))
|
|
|
|
|
(loop (read-long-long port)
|
|
|
|
|
(cons file files))))
|
2014-01-22 17:09:21 +01:00
|
|
|
|
(else
|
|
|
|
|
;; Neither 0 nor 1.
|
|
|
|
|
(raise (condition
|
|
|
|
|
(&message (message "invalid inter-file archive mark"))
|
|
|
|
|
(&nar-read-error
|
|
|
|
|
(port port) (file #f) (token #f))))))))
|
|
|
|
|
|
2014-04-12 23:03:56 +02:00
|
|
|
|
;;; Local Variables:
|
|
|
|
|
;;; eval: (put 'with-temporary-store-file 'scheme-indent-function 1)
|
|
|
|
|
;;; End:
|
|
|
|
|
|
Add (guix nar) and (guix serialization).
* guix/store.scm (write-int, read-int, write-long-long, read-long-long,
write-padding, write-string, read-string, read-latin1-string,
write-string-list, read-string-list, write-store-path,
read-store-path, write-store-path-list, read-store-path-list): Move to
serialization.scm.
(write-contents, write-file): Move to nar.scm.
* guix/nar.scm, guix/serialization.scm: New files.
* Makefile.am (MODULES): Add them.
2013-04-04 22:29:08 +02:00
|
|
|
|
;;; nar.scm ends here
|