aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-06-06 18:00:58 +0200
committerLudovic Courtès <ludo@gnu.org>2015-06-06 18:58:55 +0200
commitaa0f8409db9abb4d8d04127b1072f12a64b5f7ee (patch)
treef24e5dd174f749cacd4d1971beba4b95c05f4667
parentd2aa12250ece6d71ef1edee2ea2a69ccf70ac354 (diff)
downloadpatches-aa0f8409db9abb4d8d04127b1072f12a64b5f7ee.tar
patches-aa0f8409db9abb4d8d04127b1072f12a64b5f7ee.tar.gz
daemon: Always require a signature when importing an archive.
* nix/nix-daemon/nix-daemon.cc (performOp): Pass true as the first argument to 'performOp'.
-rw-r--r--nix/nix-daemon/nix-daemon.cc5
1 files changed, 4 insertions, 1 deletions
diff --git a/nix/nix-daemon/nix-daemon.cc b/nix/nix-daemon/nix-daemon.cc
index 2b89190dbe..10159db62e 100644
--- a/nix/nix-daemon/nix-daemon.cc
+++ b/nix/nix-daemon/nix-daemon.cc
@@ -440,7 +440,10 @@ static void performOp(bool trusted, unsigned int clientVersion,
case wopImportPaths: {
startWork();
TunnelSource source(from);
- Paths paths = store->importPaths(!trusted, source);
+
+ /* Unlike Nix, always require a signature, even for "trusted"
+ users. */
+ Paths paths = store->importPaths(true, source);
stopWork();
writeStrings(paths, to);
break;