picnoir/Nix
1
0
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity
Nix/src/nix/hash.cc
Eelco Dolstra 0abb3ad537 Allow content-addressable paths to have references 
This adds a command 'nix make-content-addressable' that rewrites the
specified store paths into content-addressable paths. The advantage of
such paths is that 1) they can be imported without signatures; 2) they
can enable deduplication in cases where derivation changes do not
cause output changes (apart from store path hashes).

For example,

  $ nix make-content-addressable -r nixpkgs.cowsay
  rewrote '/nix/store/g1g31ah55xdia1jdqabv1imf6mcw0nb1-glibc-2.25-49' to '/nix/store/48jfj7bg78a8n4f2nhg269rgw1936vj4-glibc-2.25-49'
  ...
  rewrote '/nix/store/qbi6rzpk0bxjw8lw6azn2mc7ynnn455q-cowsay-3.03+dfsg1-16' to '/nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16'

We can then copy the resulting closure to another store without
signatures:

  $ nix copy --trusted-public-keys '' ---to ~/my-nix /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16

In order to support self-references in content-addressable paths,
these paths are hashed "modulo" self-references, meaning that
self-references are zeroed out during hashing. Somewhat annoyingly,
this means that the NAR hash stored in the Nix database is no longer
necessarily equal to the output of "nix hash-path"; for
content-addressable paths, you need to pass the --modulo flag:

  $ nix path-info --json /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16  | jq -r .[].narHash
  sha256:0ri611gdilz2c9rsibqhsipbfs9vwcqvs811a52i2bnkhv7w9mgw

  $ nix hash-path --type sha256 --base32 /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16
  1ggznh07khq0hz6id09pqws3a8q9pn03ya3c03nwck1kwq8rclzs

  $ nix hash-path --type sha256 --base32 /nix/store/iq6g2x4q62xp7y7493bibx0qn5w7xz67-cowsay-3.03+dfsg1-16 --modulo iq6g2x4q62xp7y7493bibx0qn5w7xz67
  0ri611gdilz2c9rsibqhsipbfs9vwcqvs811a52i2bnkhv7w9mgw
2019-10-21 17:47:24 +02:00

172 lines
4.7 KiB
C++
Raw Blame History

#include "command.hh"
#include "hash.hh"
#include "legacy.hh"
#include "shared.hh"
#include "references.hh"
#include "archive.hh"
using namespace nix;
struct CmdHash : Command
{
enum Mode { mFile, mPath };
Mode mode;
Base base = SRI;
bool truncate = false;
HashType ht = htSHA256;
std::vector<std::string> paths;
std::experimental::optional<std::string> modulus;
CmdHash(Mode mode) : mode(mode)
{
mkFlag(0, "sri", "print hash in SRI format", &base, SRI);
mkFlag(0, "base64", "print hash in base-64", &base, Base64);
mkFlag(0, "base32", "print hash in base-32 (Nix-specific)", &base, Base32);
mkFlag(0, "base16", "print hash in base-16", &base, Base16);
mkFlag()
.longName("type")
.mkHashTypeFlag(&ht);
mkFlag()
.longName("modulo")
.description("compute hash modulo specified string")
.labels({"modulus"})
.dest(&modulus);
expectArgs("paths", &paths);
}
std::string name() override
{
return mode == mFile ? "hash-file" : "hash-path";
}
std::string description() override
{
return mode == mFile
? "print cryptographic hash of a regular file"
: "print cryptographic hash of the NAR serialisation of a path";
}
void run() override
{
for (auto path : paths) {
std::unique_ptr<AbstractHashSink> hashSink;
if (modulus)
hashSink = std::make_unique<HashModuloSink>(ht, *modulus);
else
hashSink = std::make_unique<HashSink>(ht);
if (mode == mFile)
readFile(path, *hashSink);
else
dumpPath(path, *hashSink);
Hash h = hashSink->finish().first;
if (truncate && h.hashSize > 20) h = compressHash(h, 20);
std::cout << format("%1%\n") %
h.to_string(base, base == SRI);
}
}
};
static RegisterCommand r1(make_ref<CmdHash>(CmdHash::mFile));
static RegisterCommand r2(make_ref<CmdHash>(CmdHash::mPath));
struct CmdToBase : Command
{
Base base;
HashType ht = htUnknown;
std::vector<std::string> args;
CmdToBase(Base base) : base(base)
{
mkFlag()
.longName("type")
.mkHashTypeFlag(&ht);
expectArgs("strings", &args);
}
std::string name() override
{
return
base == Base16 ? "to-base16" :
base == Base32 ? "to-base32" :
base == Base64 ? "to-base64" :
"to-sri";
}
std::string description() override
{
return fmt("convert a hash to %s representation",
base == Base16 ? "base-16" :
base == Base32 ? "base-32" :
base == Base64 ? "base-64" :
"SRI");
}
void run() override
{
for (auto s : args)
std::cout << fmt("%s\n", Hash(s, ht).to_string(base, base == SRI));
}
};
static RegisterCommand r3(make_ref<CmdToBase>(Base16));
static RegisterCommand r4(make_ref<CmdToBase>(Base32));
static RegisterCommand r5(make_ref<CmdToBase>(Base64));
static RegisterCommand r6(make_ref<CmdToBase>(SRI));
/* Legacy nix-hash command. */
static int compatNixHash(int argc, char * * argv)
{
HashType ht = htMD5;
bool flat = false;
bool base32 = false;
bool truncate = false;
enum { opHash, opTo32, opTo16 } op = opHash;
std::vector<std::string> ss;
parseCmdLine(argc, argv, [&](Strings::iterator & arg, const Strings::iterator & end) {
if (*arg == "--help")
showManPage("nix-hash");
else if (*arg == "--version")
printVersion("nix-hash");
else if (*arg == "--flat") flat = true;
else if (*arg == "--base32") base32 = true;
else if (*arg == "--truncate") truncate = true;
else if (*arg == "--type") {
string s = getArg(*arg, arg, end);
ht = parseHashType(s);
if (ht == htUnknown)
throw UsageError(format("unknown hash type '%1%'") % s);
}
else if (*arg == "--to-base16") op = opTo16;
else if (*arg == "--to-base32") op = opTo32;
else if (*arg != "" && arg->at(0) == '-')
return false;
else
ss.push_back(*arg);
return true;
});
if (op == opHash) {
CmdHash cmd(flat ? CmdHash::mFile : CmdHash::mPath);
cmd.ht = ht;
cmd.base = base32 ? Base32 : Base16;
cmd.truncate = truncate;
cmd.paths = ss;
cmd.run();
}
else {
CmdToBase cmd(op == opTo32 ? Base32 : Base16);
cmd.args = ss;
cmd.ht = ht;
cmd.run();
}
return 0;
}
static RegisterLegacyCommand s1("nix-hash", compatNixHash);
Reference in a new issue View git blame Copy permalink