[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GNU Guixguix source archive branch, wip-signed-archives, created. v0.5-4
|
From: |
Ludovic Courtès |
|
Subject: |
GNU Guixguix source archive branch, wip-signed-archives, created. v0.5-478-ged15f75 |
|
Date: |
Fri, 28 Mar 2014 23:11:21 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "guix source archive".
The branch, wip-signed-archives has been created
at ed15f756d77da2f650c59ea6316d5096ffb16994 (commit)
- Log -----------------------------------------------------------------
commit ed15f756d77da2f650c59ea6316d5096ffb16994
Author: Ludovic Courtès <address@hidden>
Date: Wed Mar 26 23:50:04 2014 +0100
substitute-binary: Defer narinfo authentication and authorization checks.
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp):
Catch 'gcry-error' around 'string->canonical-sexp' call, and re-raise
as a SRFI-35 &message and &nar-signature-error.
(narinfo-maker): Handle when SIGNATURE is #f or an invalid canonical
sexp.
(&nar-signature-error, &nar-invalid-hash-error): New variables.
(assert-valid-signature): Use them. Expect 'signature' to be a
canonical sexp.
(read-narinfo): Remove authentication and authorization checks.
(%signature-line-rx): New variable.
(assert-valid-narinfo, valid-narinfo?): New procedures.
(guix-substitute-binary): Wrap body in 'with-error-handling'.
[valid?]: New procedure.
<--query>: Show only store items of narinfos that match
'valid-narinfo?'.
<--substitute>: Call 'assert-valid-narinfo'.
* tests/substitute-binary.scm ("corrupt signature data",
"unauthorized public key", "invalid signature"): Make the first
argument to 'assert-valid-signature' a canonical sexp.
commit 70eb0773b30228d7a9e5e5a5a9004df89dbd46e1
Author: Ludovic Courtès <address@hidden>
Date: Wed Mar 26 23:31:31 2014 +0100
substitute-binary: Store the cache's URI in the local cached narinfo.
* guix/scripts/substitute-binary.scm (<narinfo>)[uri-base]: New field.
(narinfo-maker): Pass CACHE-URL as the 'uri-base' value.
(string->narinfo): Add 'cache-uri' parameter.
(lookup-narinfo)[cache-entry]: Switch to version 1. Add 'cache-uri'
field. Adjust body accordingly.
(remove-expired-cached-narinfos): Switch to version 1 by default.
commit 126878cd2ff7b5d8d524c5fead35007cd451ffee
Author: Nikita Karetnikov <address@hidden>
Date: Sat Mar 29 00:06:41 2014 +0100
substitute-binary: Support the Signature field of a narinfo file.
* guix/scripts/substitute-binary.scm (<narinfo>): Add the 'signature'
and 'contents' fields.
(narinfo-signature->canonical-sexp): New function.
(narinfo-maker): Add the 'signature' argument and use it.
(assert-valid-signature): New function.
(read-narinfo): Support the Signature field.
(write-narinfo): Use 'narinfo-contents'.
(%allow-unauthenticated-substitutes?): New variable.
* guix/base64.scm, tests/base64.scm, tests/substitute-binary.scm: New files.
* Makefile.am (SCM_TESTS): Add tests/base64.scm and
tests/substitute-binary.scm.
(MODULES): Add guix/base64.scm.
* test-env.in: Set 'GUIX_ALLOW_UNAUTHENTICATED_SUBSTITUTES'.
commit 063dc96020ed54ca9304df56ce5b98dfd3391df7
Author: Nikita Karetnikov <address@hidden>
Date: Sat Mar 15 11:46:16 2014 +0000
nar: Clarify that 'assert-valid-signature' accepts a string.
* guix/nar.scm (assert-valid-signature): Improve the wording.
-----------------------------------------------------------------------
hooks/post-receive
--
guix source archive
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- GNU Guixguix source archive branch, wip-signed-archives, created. v0.5-478-ged15f75,
Ludovic Courtès <=