From b9fe55705f19fc39889da6157714039047aed4c9 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Oct 2015 15:54:37 -0400 Subject: Do verification of checksums of annex objects downloaded from remotes. * When annex objects are received into git repositories, their checksums are verified then too. * To get the old, faster, behavior of not verifying checksums, set annex.verify=false, or remote..annex-verify=false. * setkey, rekey: These commands also now verify that the provided file matches the key, unless annex.verify=false. * reinject: Already verified content; this can now be disabled by setting annex.verify=false. recvkey and reinject already did verification, so removed now duplicate code from them. fsck still does its own verification, which is ok since it does not use getViaTmp, so verification doesn't happen twice when using fsck --from. --- Remote/Git.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Remote/Git.hs') diff --git a/Remote/Git.hs b/Remote/Git.hs index 1b5b2ab42..ada2055f2 100644 --- a/Remote/Git.hs +++ b/Remote/Git.hs @@ -502,7 +502,7 @@ copyToRemote' r key file p ensureInitialized runTransfer (Transfer Download u key) file noRetry noObserver $ const $ Annex.Content.saveState True `after` - Annex.Content.getViaTmp key + Annex.Content.getViaTmp (Annex.Content.RemoteVerify r) key (\dest -> mkCopier hardlink params object dest >>= \a -> a p <&&> liftIO checksuccessio) ) -- cgit v1.2.3