force verification when resuming download

When resuming a download and not using a rolling checksummer like rsync, the partial file we start with might contain garbage, in the case where a file changed as it was being downloaded. So, disabling verification on resumes risked a bad object being put into the annex. Even downloads with rsync are currently affected. It didn't seem worth the added complexity to special case those to prevent verification, especially since git-annex is using rsync less often now. This commit was sponsored by Brock Spratlen on Patreon.
2018-03-13 14:50:49 -04:00 · 2018-03-13 14:50:49 -04:00 · 4015c5679a
commit 4015c5679a
parent 31e1adc005
5 changed files with 41 additions and 19 deletions
--- a/Annex/Content.hs
+++ b/Annex/Content.hs
@ -303,9 +303,19 @@ getViaTmp v key action = checkDiskSpaceToGet key False $
 getViaTmpFromDisk :: VerifyConfig -> Key -> (FilePath -> Annex (Bool, Verification)) -> Annex Bool
 getViaTmpFromDisk v key action = do
 	tmpfile <- prepTmp key
+	resuming <- liftIO $ doesFileExist tmpfile
 	(ok, verification) <- action tmpfile
+	-- When the temp file already had content, we don't know if
+	-- that content is good or not, so only trust if it the action
+	-- Verified it in passing. Otherwise, force verification even
+	-- if the VerifyConfig normally disables it.
+	let verification' = if resuming
+		then case verification of
+			Verified -> Verified
+			_ -> MustVerify
+		else verification
 	if ok
-		then ifM (verifyKeyContent v verification key tmpfile)
+		then ifM (verifyKeyContent v verification' key tmpfile)
 			( ifM (pruneTmpWorkDirBefore tmpfile (moveAnnex key))
 				( do
 					logStatus key InfoPresent