Update binary cache signing to Nix 1.9
[?]
Feb 17, 2015, 7:15 PM
5US6TQ2N6EVVXSQHGJB4VVRTQCIDMLDCJSP3PSVLHUR3CA2XHTVACDependencies
- [2]
AFNDUSGDSet Expires headers for Hydra's binary cache - [3]
AJVEJENFAllow Hydra's binary cache to be signed - [4]
UCJEI7YZDon't compress already-compressed files. - [5]
GX2GISE2Revert "Don't compress already-compressed files." - [6]
IDT3SO3PGenerate *.narinfo files on the fly to support the binary cache substituter
Change contents
- edit in src/lib/Hydra/View/NARInfo.pm at line 3
use strict;use base qw/Catalyst::View/; - edit in src/lib/Hydra/View/NARInfo.pm at line 4
use Hydra::Helper::CatalystUtils;use MIME::Base64;use Nix::Manifest; - replacement in src/lib/Hydra/View/NARInfo.pm at line 8
use Nix::Crypto;use Hydra::Helper::CatalystUtils;use Nix::Utils;use base qw/Catalyst::View/;use strict; - replacement in src/lib/Hydra/View/NARInfo.pm at line 37
my $privateKeyFile = $c->config->{binary_cache_private_key_file};my $keyName = $c->config->{binary_cache_key_name};if (defined $privateKeyFile && defined $keyName) {my $sig = signString($privateKeyFile, $info);$info .= "Signature: 1;$keyName;$sig\n";my $secretKeyFile = $c->config->{binary_cache_secret_key_file};if (defined $secretKeyFile) {my $s = readFile $secretKeyFile;chomp $s;my ($keyName, $secretKey) = split ":", $s;die "invalid secret key file\n" unless defined $keyName && defined $secretKey;my $fingerprint = fingerprintPath($storePath, $narHash, $narSize, $refs);my $sig = encode_base64(signString(decode_base64($secretKey), $fingerprint), "");$info .= "Sig: $keyName:$sig\n";