deal with unlocked files
P2P protocol version 1 adds VALID|INVALID after DATA; INVALID means the file was detected to change content while it was being sent and so we may not have received the valid content of the file. Added new MustVerify constructor for Verification, which forces verification even when annex.verify=false etc. This is used when INVALID and in protocol version 0. As well as changing git-annex-shell p2psdio, this makes git-annex tor remotes always force verification, since they don't yet use protocol version 1. Previously, annex.verify=false could skip verification when using tor remotes, and let bad data into the repository. This commit was sponsored by Jack Hill on Patreon.
This commit is contained in:
Joey Hess
parent
9930b1f140
commit
31e1adc005
10 changed files with 141 additions and 78 deletions
|
|
@ -79,11 +79,11 @@ perform file oldkey newkey = do
|
|||
linkKey :: FilePath -> Key -> Key -> Annex Bool
|
||||
linkKey file oldkey newkey = ifM (isJust <$> isAnnexLink file)
|
||||
{- If the object file is already hardlinked to elsewhere, a hard
|
||||
- link won't be made by getViaTmp', but a copy instead.
|
||||
- link won't be made by getViaTmpFromDisk, but a copy instead.
|
||||
- This avoids hard linking to content linked to an
|
||||
- unlocked file, which would leave the new key unlocked
|
||||
- and vulnerable to corruption. -}
|
||||
( getViaTmp' DefaultVerify newkey $ \tmp -> unVerified $ do
|
||||
( getViaTmpFromDisk DefaultVerify newkey $ \tmp -> unVerified $ do
|
||||
oldobj <- calcRepo (gitAnnexLocation oldkey)
|
||||
linkOrCopy' (return True) newkey oldobj tmp Nothing
|
||||
, do
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue