Tahoe: Avoid verifying hash after download, since tahoe does sufficient verification itself
See my comment in the next commit for some details about why Verified needs a hash with preimage resistance. As far as tahoe goes, it's fully cryptographically secure. I think that bup could also return Verified. However, the Retriever interface does not currenly support that.
This commit is contained in:
parent
cbe84b62b9
commit
fa3d71d924
4 changed files with 11 additions and 2 deletions
|
@ -99,6 +99,9 @@ gen r _ rc gc rs = do
|
|||
downloadKey :: Key -> AssociatedFile -> FilePath -> MeterUpdate -> Annex Verification
|
||||
downloadKey key _file dest p = do
|
||||
get . map (torrentUrlNum . fst . getDownloader) =<< getBitTorrentUrls key
|
||||
-- While bittorrent verifies the hash in the torrent file,
|
||||
-- the torrent file itself is downloaded without verification,
|
||||
-- so the overall download is not verified.
|
||||
return UnVerified
|
||||
where
|
||||
get [] = giveup "could not download torrent"
|
||||
|
|
|
@ -147,7 +147,9 @@ store rs hdl k _f _p = sendAnnex k noop $ \src ->
|
|||
retrieve :: RemoteStateHandle -> TahoeHandle -> Key -> AssociatedFile -> FilePath -> MeterUpdate -> Annex Verification
|
||||
retrieve rs hdl k _f d _p = do
|
||||
go =<< getCapability rs k
|
||||
return UnVerified
|
||||
-- Tahoe verifies the content it retrieves using cryptographically
|
||||
-- secure methods.
|
||||
return Verified
|
||||
where
|
||||
go Nothing = giveup "tahoe capability is not known"
|
||||
go (Just cap) = unlessM (liftIO $ requestTahoe hdl "get" [Param cap, File d]) $
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue