Merge pull request #12009 from DeterminateSystems/401-cache

HttpBinaryCacheStore: Improve error message for unauthorized caches
NixOS · Dec 10, 2024 · 7bd8ece · 7bd8ece
2 parents 8c25eac + 3b21ea4
commit 7bd8ece
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 5 deletions.
diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc
@@ -39,15 +39,13 @@ BinaryCacheStore::BinaryCacheStore(const Params & params)
 
 void BinaryCacheStore::init()
 {
-    std::string cacheInfoFile = "nix-cache-info";
-
-    auto cacheInfo = getFile(cacheInfoFile);
+    auto cacheInfo = getNixCacheInfo();
     if (!cacheInfo) {
         upsertFile(cacheInfoFile, "StoreDir: " + storeDir + "\n", "text/x-nix-cache-info");
     } else {
         for (auto & line : tokenizeString<Strings>(*cacheInfo, "\n")) {
-            size_t colon= line.find(':');
-            if (colon ==std::string::npos) continue;
+            size_t colon = line.find(':');
+            if (colon == std::string::npos) continue;
             auto name = line.substr(0, colon);
             auto value = trim(line.substr(colon + 1, std::string::npos));
             if (name == "StoreDir") {
@@ -63,6 +61,11 @@ void BinaryCacheStore::init()
     }
 }
 
+std::optional<std::string> BinaryCacheStore::getNixCacheInfo()
+{
+    return getFile(cacheInfoFile);
+}
+
 void BinaryCacheStore::upsertFile(const std::string & path,
     std::string && data,
     const std::string & mimeType)

diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/binary-cache-store.hh
@@ -64,6 +64,8 @@ protected:
     // The prefix under which realisation infos will be stored
     const std::string realisationsPrefix = "realisations";
 
+    const std::string cacheInfoFile = "nix-cache-info";
+
     BinaryCacheStore(const Params & params);
 
 public:
@@ -84,6 +86,12 @@ public:
      */
     virtual void getFile(const std::string & path, Sink & sink);
 
+    /**
+     * Get the contents of /nix-cache-info. Return std::nullopt if it
+     * doesn't exist.
+     */
+    virtual std::optional<std::string> getNixCacheInfo();
+
     /**
      * Fetch the specified file and call the specified callback with
      * the result. A subclass may implement this asynchronously.

diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc
@@ -194,6 +194,19 @@ class HttpBinaryCacheStore : public virtual HttpBinaryCacheStoreConfig, public v
         }
     }
 
+    std::optional<std::string> getNixCacheInfo() override
+    {
+        try {
+            auto result = getFileTransfer()->download(makeRequest(cacheInfoFile));
+            return result.data;
+        } catch (FileTransferError & e) {
+            if (e.error == FileTransfer::NotFound)
+                return std::nullopt;
+            maybeDisable();
+            throw;
+        }
+    }
+
     /**
      * This isn't actually necessary read only. We support "upsert" now, so we
      * have a notion of authentication via HTTP POST/PUT.