diff --git a/bootstrap b/bootstrap index 7c56bab..16c1be5 100755 --- a/bootstrap +++ b/bootstrap @@ -101,7 +101,7 @@ extract(Binary) -> request(Url) -> HttpOptions = [{relaxed, true} | get_proxy_auth()], - case httpc:request(get, {Url, []}, + case rebar_hermeticity:request(get, {Url, []}, HttpOptions, [{body_format, binary}], rebar) of diff --git a/src/rebar_hermeticity.erl b/src/rebar_hermeticity.erl new file mode 100644 index 0000000..8f6cc7d --- /dev/null +++ b/src/rebar_hermeticity.erl @@ -0,0 +1,42 @@ +%% -*- erlang-indent-level: 4;indent-tabs-mode: nil -*- +%% ex: ts=4 sw=4 et +%% ------------------------------------------------------------------- +%% +%% rebar: Erlang Build Tools +%% +%% Copyright (c) 2016 Eric Merritt (eric@merritt.tech) +%% +%% Permission is hereby granted, free of charge, to any person obtaining a copy +%% of this software and associated documentation files (the "Software"), to deal +%% in the Software without restriction, including without limitation the rights +%% to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +%% copies of the Software, and to permit persons to whom the Software is +%% furnished to do so, subject to the following conditions: +%% +%% The above copyright notice and this permission notice shall be included in +%% all copies or substantial portions of the Software. +%% +%% THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +%% IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +%% FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +%% AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +%% LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +%% OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +%% THE SOFTWARE. +%% ------------------------------------------------------------------- +-module(rebar_hermeticity). + +-export([request/5]). + +-include("rebar.hrl"). + +%% ==================================================================== +%% Public API +%% ==================================================================== + +request(Method, {Url, _Headers}, _HTTPOptions, _Options, _Profile) -> + ?ERROR("A request is being made that violates Nix hermicity " + "This request has been stopped. Details of the request " + "are as follows:", []), + ?ERROR("Request: ~p ~s", [Method, Url]), + erlang:halt(1). diff --git a/src/rebar_pkg_resource.erl b/src/rebar_pkg_resource.erl index d588f24..9ac8ad4 100644 --- a/src/rebar_pkg_resource.erl +++ b/src/rebar_pkg_resource.erl @@ -109,7 +109,7 @@ make_vsn(_) -> request(Url, ETag) -> HttpOptions = [{ssl, ssl_opts(Url)}, {relaxed, true} | rebar_utils:get_proxy_auth()], - case httpc:request(get, {Url, [{"if-none-match", ETag} || ETag =/= false]++[{"User-Agent", rebar_utils:user_agent()}]}, + case rebar_hermeticity:request(get, {Url, [{"if-none-match", ETag} || ETag =/= false]++[{"User-Agent", rebar_utils:user_agent()}]}, HttpOptions, [{body_format, binary}], rebar) of diff --git a/src/rebar_prv_update.erl b/src/rebar_prv_update.erl index a019c5a..697cbab 100644 --- a/src/rebar_prv_update.erl +++ b/src/rebar_prv_update.erl @@ -38,6 +38,8 @@ init(State) -> {ok, State1}. -spec do(rebar_state:t()) -> {ok, rebar_state:t()} | {error, string()}. +do(State) -> {ok, State}. +-ifdef(non_hermetic). do(State) -> try case rebar_packages:registry_dir(State) of @@ -52,7 +54,7 @@ do(State) -> case rebar_utils:url_append_path(CDN, ?REMOTE_REGISTRY_FILE) of {ok, Url} -> ?DEBUG("Fetching registry from ~p", [Url]), - case httpc:request(get, {Url, [{"User-Agent", rebar_utils:user_agent()}]}, + case rebar_hermeticity:request(get, {Url, [{"User-Agent", rebar_utils:user_agent()}]}, [], [{stream, TmpFile}, {sync, true}], rebar) of {ok, saved_to_file} -> @@ -76,6 +78,7 @@ do(State) -> ?DEBUG("Error creating package index: ~p ~p", [C, erlang:get_stacktrace()]), throw(?PRV_ERROR(package_index_write)) end. +-endif. -spec format_error(any()) -> iolist(). format_error({package_parse_cdn, Uri}) ->