Message ID | 20200625211605.29316-3-ludo@gnu.org |
---|---|
State | Accepted |
Headers | show |
Series | [bug#42048,1/6] channels: Add 'openpgp-fingerprint->bytevector'. | expand |
Context | Check | Description |
---|---|---|
cbaines/comparison | success | View comparision |
cbaines/git branch | success | View Git branch |
cbaines/applying patch | success | View Laminar job |
Ludovic Courtès <ludo@gnu.org> writes: > In the end signing the commit/key pair does not buy us much. Someone > publishing a valid but different commit/key pair would effectively be > publishing a different channel, which could be a fork (made by a former > authorized developer) or simply a mirror. In the latter case, there's > nothing to be gained by publishing a different commit/key pair. > > * guix/channels.scm (<channel-introduction>)[signature]: Remove. > (make-channel-introduction): Adjust accordingly. > --- […] > (define (make-channel-introduction commit signer) > "Return a new channel introduction: COMMIT is the introductory where > authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of > the signer of that commit." > - (%make-channel-introduction commit signer #f)) > + (%make-channel-introduction commit signer)) Do we still need this procedure at all? Looks like %make-channel-introduction could simply be renamed to make-channel-introduction.
Hi, Ricardo Wurmus <rekado@elephly.net> skribis: > Ludovic Courtès <ludo@gnu.org> writes: > >> In the end signing the commit/key pair does not buy us much. Someone >> publishing a valid but different commit/key pair would effectively be >> publishing a different channel, which could be a fork (made by a former >> authorized developer) or simply a mirror. In the latter case, there's >> nothing to be gained by publishing a different commit/key pair. >> >> * guix/channels.scm (<channel-introduction>)[signature]: Remove. >> (make-channel-introduction): Adjust accordingly. >> --- > […] >> (define (make-channel-introduction commit signer) >> "Return a new channel introduction: COMMIT is the introductory where >> authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of >> the signer of that commit." >> - (%make-channel-introduction commit signer #f)) >> + (%make-channel-introduction commit signer)) > > Do we still need this procedure at all? Looks like > %make-channel-introduction could simply be renamed to make-channel-introduction. ‘%make-channel-introduction’ is actually a macro, which is thus inlined. Exporting a procedure makes it easier to preserve ABI compatibility and allow for future extensions (keyword parameters, for instance). Ludo’.
diff --git a/guix/channels.scm b/guix/channels.scm index 9859bfdda8..05b2661445 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -128,22 +128,19 @@ ;; Channel introductions. A "channel introduction" provides a commit/signer ;; pair that specifies the first commit of the authentication process as well -;; as its signer's fingerprint. The pair must be signed by the signer of that -;; commit so that only them may emit this introduction. Introductions are -;; used to bootstrap trust in a channel. +;; as its signer's fingerprint. Introductions are used to bootstrap trust in +;; a channel. (define-record-type <channel-introduction> - (%make-channel-introduction first-signed-commit first-commit-signer - signature) + (%make-channel-introduction first-signed-commit first-commit-signer) channel-introduction? - (first-signed-commit channel-introduction-first-signed-commit) ;hex string - (first-commit-signer channel-introduction-first-commit-signer) ;bytevector - (signature channel-introduction-signature)) ;string + (first-signed-commit channel-introduction-first-signed-commit) ;hex string + (first-commit-signer channel-introduction-first-commit-signer)) ;bytevector (define (make-channel-introduction commit signer) "Return a new channel introduction: COMMIT is the introductory where authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of the signer of that commit." - (%make-channel-introduction commit signer #f)) + (%make-channel-introduction commit signer)) (define (openpgp-fingerprint->bytevector str) "Convert STR, an OpenPGP fingerprint (hexadecimal string with whitespace),