git-annex/Command/Reinject.hs

84 lines
2 KiB
Haskell
Raw Normal View History

{- git-annex command
-
- Copyright 2011-2016 Joey Hess <id@joeyh.name>
-
- Licensed under the GNU GPL version 3 or higher.
-}
2011-10-31 19:18:41 +00:00
module Command.Reinject where
import Command
import Logs.Location
import Annex.Content
import Backend
import Types.KeySource
cmd :: Command
cmd = command "reinject" SectionUtility
"inject content of file back into annex"
(paramRepeating (paramPair "SRC" "DEST"))
(seek <$$> optParser)
data ReinjectOptions = ReinjectOptions
{ params :: CmdParams
, knownOpt :: Bool
}
optParser :: CmdParamsDesc -> Parser ReinjectOptions
optParser desc = ReinjectOptions
<$> cmdParams desc
<*> switch
( long "known"
<> help "inject all known files"
<> hidden
)
seek :: ReinjectOptions -> CommandSeek
seek os
| knownOpt os = withStrings (commandAction . startKnown) (params os)
| otherwise = withWords (commandAction . startSrcDest) (params os)
startSrcDest :: [FilePath] -> CommandStart
startSrcDest (src:dest:[])
2011-10-31 20:46:51 +00:00
| src == dest = stop
| otherwise = notAnnexed src $ do
2012-11-12 05:05:04 +00:00
showStart "reinject" dest
next $ ifAnnexed dest go stop
where
go key = ifM (verifyKeyContent RetrievalAllKeysSecure DefaultVerify UnVerified key src)
( perform src key
, giveup $ src ++ " does not have expected content of " ++ dest
)
startSrcDest _ = giveup "specify a src file and a dest file"
startKnown :: FilePath -> CommandStart
startKnown src = notAnnexed src $ do
showStart "reinject" src
mkb <- genKey (KeySource src src Nothing) Nothing
case mkb of
Nothing -> error "Failed to generate key"
Just (key, _) -> ifM (isKnownKey key)
( next $ perform src key
, do
warning "Not known content; skipping"
next $ next $ return True
)
notAnnexed :: FilePath -> CommandStart -> CommandStart
notAnnexed src = ifAnnexed src $
giveup $ "cannot used annexed file as src: " ++ src
perform :: FilePath -> Key -> CommandPerform
perform src key = ifM move
( next $ cleanup key
, error "failed"
)
2012-11-12 05:05:04 +00:00
where
annex.securehashesonly Cryptographically secure hashes can be forced to be used in a repository, by setting annex.securehashesonly. This does not prevent the git repository from containing files with insecure hashes, but it does prevent the content of such files from being pulled into .git/annex/objects from another repository. We want to make sure that at no point does git-annex accept content into .git/annex/objects that is hashed with an insecure key. Here's how it was done: * .git/annex/objects/xx/yy/KEY/ is kept frozen, so nothing can be written to it normally * So every place that writes content must call, thawContent or modifyContent. We can audit for these, and be sure we've considered all cases. * The main functions are moveAnnex, and linkToAnnex; these were made to check annex.securehashesonly, and are the main security boundary for annex.securehashesonly. * Most other calls to modifyContent deal with other files in the KEY directory (inode cache etc). The other ones that mess with the content are: - Annex.Direct.toDirectGen, in which content already in the annex directory is moved to the direct mode file, so not relevant. - fix and lock, which don't add new content - Command.ReKey.linkKey, which manually unlocks it to make a copy. * All other calls to thawContent appear safe. Made moveAnnex return a Bool, so checked all callsites and made them deal with a failure in appropriate ways. linkToAnnex simply returns LinkAnnexFailed; all callsites already deal with it failing in appropriate ways. This commit was sponsored by Riku Voipio.
2017-02-27 17:01:32 +00:00
move = checkDiskSpaceToGet key False $
moveAnnex key src
cleanup :: Key -> CommandCleanup
cleanup key = do
logStatus key InfoPresent
return True