git annex get from exports

Straightforward enough, except for the needed belt-and-suspenders sanity checks to avoid foot shooting due to exports not being key/value stores. * Even when annex.verify=false, always verify from exports. * Only get files from exports that use a backend that supports checksum verification. * Never trust exports, even if the user says to, because then `git annex drop` would drop content if the export seemed to contain a copy. This commit was supported by the NSF-funded DataLad project.
author: Joey Hess <joeyh@joeyh.name> 2017-09-04 16:39:56 -0400
committer: Joey Hess <joeyh@joeyh.name> 2017-09-04 16:39:56 -0400
commit: 0f9282d22dc773bd57f3482b79dd976316ec0467 (patch)
tree: f0920aab9f59dda9674a995b33936e1379bab515 /Annex
parent: 25ed1e54abcc25f729fed016ec77a8cd049142fa (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/Annex/Content.hs b/Annex/Content.hs
index 0001e8ac9..b74b39753 100644
--- a/Annex/Content.hs
+++ b/Annex/Content.hs
@@ -354,8 +354,12 @@ shouldVerify :: VerifyConfig -> Annex Bool
 shouldVerify AlwaysVerify = return True
 shouldVerify NoVerify = return False
 shouldVerify DefaultVerify = annexVerify <$> Annex.getGitConfig
-shouldVerify (RemoteVerify r) = shouldVerify DefaultVerify
-	<&&> pure (remoteAnnexVerify (Types.Remote.gitconfig r))
+shouldVerify (RemoteVerify r) = 
+	(shouldVerify DefaultVerify
+			<&&> pure (remoteAnnexVerify (Types.Remote.gitconfig r)))
+	-- Export remotes are not key/value stores, so always verify
+	-- content from them even when verification is disabled.
+	<||> Types.Remote.exportSupported (Types.Remote.exportActions r)
 
 {- Checks if there is enough free disk space to download a key
  - to its temp file.
author	Joey Hess <joeyh@joeyh.name>	2017-09-04 16:39:56 -0400
committer	Joey Hess <joeyh@joeyh.name>	2017-09-04 16:39:56 -0400
commit	0f9282d22dc773bd57f3482b79dd976316ec0467 (patch)
tree	f0920aab9f59dda9674a995b33936e1379bab515 /Annex
parent	25ed1e54abcc25f729fed016ec77a8cd049142fa (diff)