From 75dba7f7bc50b75e08ee49cb4b758a375ef70d68 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Wed, 20 Jun 2012 20:05:40 -0400
Subject: belt and suspenders check

It's possible for there to be multiple queued changes all adding the same
file, and for those changes to be reordered. Maybe. This check will guard
against that ending up adding the wrong version of the file last.
---
 Assistant/Committer.hs | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'Assistant')

diff --git a/Assistant/Committer.hs b/Assistant/Committer.hs
index 46fee1b74..63df8cafc 100644
--- a/Assistant/Committer.hs
+++ b/Assistant/Committer.hs
@@ -118,7 +118,7 @@ handleAdds st changechan cs = returnWhen (null pendingadds) $ do
 
 		add :: Change -> IO (Maybe Change)
 		add change@(PendingAddChange { keySource = ks }) = do
-			r <- catchMaybeIO $ runThreadState st $ do
+			r <- catchMaybeIO $ sanitycheck ks $ runThreadState st $ do
 				showStart "add" $ keyFilename ks
 				handle (finishedChange change) (keyFilename ks)
 					=<< Command.Add.ingest ks
@@ -140,6 +140,16 @@ handleAdds st changechan cs = returnWhen (null pendingadds) $ do
 			showEndOk
 			return $ Just change
 
+		{- Check that the keysource's keyFilename still exists,
+		 - and is still a hard link to its contentLocation,
+		 - before ingesting it. -}
+		sanitycheck keysource a = do
+			fs <- getSymbolicLinkStatus $ keyFilename keysource
+			ks <- getSymbolicLinkStatus $ contentLocation keysource
+			if deviceID ks == deviceID fs && fileID ks == fileID fs
+				then a
+				else return Nothing
+
 {- PendingAddChanges can Either be Right to be added now,
  - or are unsafe, and must be Left for later.
  -
-- 
cgit v1.2.3