diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2015-10-02 13:56:42 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-10-02 14:35:12 -0400 |
| commit | 78be7e95266412a04aed31062fde7d19c6f9e117 (patch) | |
| tree | e3c73f5bef3c4d90cabeb32312ecaed562c5920f /Remote/Helper | |
| parent | 1292c38a52e103ff49642968adf2e6c8d01f35ad (diff) | |
other 80% of avoding verification when hard linking to objects in shared repo
In c3b38fb2a075b4250e867ebd910324c65712c747, it actually only handled
uploading objects to a shared repository. To avoid verification when
downloading objects from a shared repository, was a lot harder.
On the plus side, if the process of downloading a file from a remote
is able to verify its content on the side, the remote can indicate this
now, and avoid the extra post-download verification.
As of yet, I don't have any remotes (except Git) using this ability.
Some more work would be needed to support it in special remotes.
It would make sense for tahoe to implicitly verify things downloaded from it;
as long as you trust your tahoe server (which typically runs locally),
there's cryptographic integrity. OTOH, despite bup being based on shas,
a bup repo under an attacker's control could have the git ref used for an
object changed, and so a bup repo shouldn't implicitly verify. Indeed,
tahoe seems unique in being trustworthy enough to implicitly verify.
Diffstat (limited to 'Remote/Helper')
| -rw-r--r-- | Remote/Helper/Special.hs | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/Remote/Helper/Special.hs b/Remote/Helper/Special.hs index 1acabcc91..7faf7a8a1 100644 --- a/Remote/Helper/Special.hs +++ b/Remote/Helper/Special.hs @@ -122,8 +122,8 @@ byteRetriever a k _m callback = a k (callback . ByteContent) -} storeKeyDummy :: Key -> AssociatedFile -> MeterUpdate -> Annex Bool storeKeyDummy _ _ _ = return False -retreiveKeyFileDummy :: Key -> AssociatedFile -> FilePath -> MeterUpdate -> Annex Bool -retreiveKeyFileDummy _ _ _ _ = return False +retreiveKeyFileDummy :: Key -> AssociatedFile -> FilePath -> MeterUpdate -> Annex (Bool, Verification) +retreiveKeyFileDummy _ _ _ _ = unVerified (return False) removeKeyDummy :: Key -> Annex Bool removeKeyDummy _ = return False checkPresentDummy :: Key -> Annex Bool @@ -156,7 +156,7 @@ specialRemote' cfg c preparestorer prepareretriever prepareremover preparecheckp where encr = baser { storeKey = \k f p -> cip >>= storeKeyGen k f p - , retrieveKeyFile = \k f d p -> cip >>= retrieveKeyFileGen k f d p + , retrieveKeyFile = \k f d p -> cip >>= unVerified . retrieveKeyFileGen k f d p , retrieveKeyFileCheap = \k f d -> cip >>= maybe (retrieveKeyFileCheap baser k f d) -- retrieval of encrypted keys is never cheap |