diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2015-10-01 15:54:37 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-10-01 15:56:39 -0400 |
| commit | b9fe55705f19fc39889da6157714039047aed4c9 (patch) | |
| tree | 107888b257bfcf370353bce2969897046be3af33 /Command/Get.hs | |
| parent | 55d635e356ecae2dd90d8cea355656faf3b24db1 (diff) | |
Do verification of checksums of annex objects downloaded from remotes.
* When annex objects are received into git repositories, their checksums are
verified then too.
* To get the old, faster, behavior of not verifying checksums, set
annex.verify=false, or remote.<name>.annex-verify=false.
* setkey, rekey: These commands also now verify that the provided file
matches the key, unless annex.verify=false.
* reinject: Already verified content; this can now be disabled by
setting annex.verify=false.
recvkey and reinject already did verification, so removed now duplicate
code from them. fsck still does its own verification, which is ok since it
does not use getViaTmp, so verification doesn't happen twice when using fsck
--from.
Diffstat (limited to 'Command/Get.hs')
| -rw-r--r-- | Command/Get.hs | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/Command/Get.hs b/Command/Get.hs index 324ff2752..58fbefed2 100644 --- a/Command/Get.hs +++ b/Command/Get.hs @@ -68,17 +68,16 @@ start' expensivecheck from key afile = stopUnless (not <$> inAnnex key) $ next a perform :: Key -> AssociatedFile -> CommandPerform -perform key afile = stopUnless (getViaTmp key $ getKeyFile key afile) $ +perform key afile = stopUnless (getKey key afile) $ next $ return True -- no cleanup needed {- Try to find a copy of the file in one of the remotes, - and copy it to here. -} -getKeyFile :: Key -> AssociatedFile -> FilePath -> Annex Bool -getKeyFile key afile dest = getKeyFile' key afile dest - =<< Remote.keyPossibilities key +getKey :: Key -> AssociatedFile -> Annex Bool +getKey key afile = getKey' key afile =<< Remote.keyPossibilities key -getKeyFile' :: Key -> AssociatedFile -> FilePath -> [Remote] -> Annex Bool -getKeyFile' key afile dest = dispatch +getKey' :: Key -> AssociatedFile -> [Remote] -> Annex Bool +getKey' key afile = dispatch where dispatch [] = do showNote "not available" @@ -102,6 +101,9 @@ getKeyFile' key afile dest = dispatch | Remote.hasKeyCheap r = either (const False) id <$> Remote.hasKey r key | otherwise = return True - docopy r = download (Remote.uuid r) key afile noRetry noObserver $ \p -> do - showAction $ "from " ++ Remote.name r - Remote.retrieveKeyFile r key afile dest p + docopy r witness = getViaTmp (RemoteVerify r) key $ \dest -> + download (Remote.uuid r) key afile noRetry noObserver + (\p -> do + showAction $ "from " ++ Remote.name r + Remote.retrieveKeyFile r key afile dest p + ) witness |