From patchwork Mon Oct 18 15:57:30 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 33916 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 6299727BBE3; Mon, 18 Oct 2021 16:58:36 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id EBA4827BBE1 for ; Mon, 18 Oct 2021 16:58:35 +0100 (BST) Received: from localhost ([::1]:45948 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mcV21-0006wz-VH for patchwork@mira.cbaines.net; Mon, 18 Oct 2021 11:58:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55806) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcV1X-0006sr-7k for guix-patches@gnu.org; Mon, 18 Oct 2021 11:58:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36770) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mcV1W-0002FL-S0 for guix-patches@gnu.org; Mon, 18 Oct 2021 11:58:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mcV1W-0006zp-Rg for guix-patches@gnu.org; Mon, 18 Oct 2021 11:58:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 1/5] tests: Smarten up git repository testing framework. References: <20210926101928.3877-1-attila@lendvai.name> In-Reply-To: <20210926101928.3877-1-attila@lendvai.name> Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Oct 2021 15:58:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163457267626860 (code B ref 50814); Mon, 18 Oct 2021 15:58:02 +0000 Received: (at 50814) by debbugs.gnu.org; 18 Oct 2021 15:57:56 +0000 Received: from localhost ([127.0.0.1]:48311 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1Q-0006z7-Ja for submit@debbugs.gnu.org; Mon, 18 Oct 2021 11:57:56 -0400 Received: from mail-ed1-f42.google.com ([209.85.208.42]:44804) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1O-0006yr-60 for 50814@debbugs.gnu.org; Mon, 18 Oct 2021 11:57:56 -0400 Received: by mail-ed1-f42.google.com with SMTP id w14so1051501edv.11 for <50814@debbugs.gnu.org>; Mon, 18 Oct 2021 08:57:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Q1LEPb2GaMgwANKUBjTAL73fLUg/TR6v/7o6kLsZRSs=; b=A5pLJmG3KfYlHjWfBcUMi3IPYHtchncQtJlbEa9Ok+5bgFlvsH79sBQ3ZIvMM7tBwm Yy/QNDXny84Kgd8ml6TPOY67m0c9KrGyObTqVFVzb7WnmCIayzJ3GOZrTvM7bl42WLfS u2aI8RpLYFjD2AAuom2ermAEAXPL1jgAVbEmYYFqfcgtvJP4qYGeh9AefRyRJrsgpQtm kRvLkVzIZ1tNAnd27/SZcLIvaqkhtaGC0Rzb0GypO8f16CQXi4ECNTRMrsTxRtXvopnw w/WO+RwZyotjNrO3mZ3s+b8YQ4HnoCmFzLKeqrrtT8h940tR40e7TLlpSDrhLK4nowTO kRFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :mime-version:content-transfer-encoding; bh=Q1LEPb2GaMgwANKUBjTAL73fLUg/TR6v/7o6kLsZRSs=; b=OWQmecmC43bJkeLVjIEIS+3IVmJWIK36zJaXOqpXGlDj5BF6WlWXsLDVPRgXI56RU1 UNnhA47pIZgEBnRMixDq9JVJ0F6ILhibj1CBBzxoTHwFNr8N12M6exCUzLJrAGofL3NR Z2ZRbaUzntGsImW4rcmM7jTBQeVMYCEGpt++U7f/6ouAlnST6v40hUmn9S4YqOsz4F1L PqR0MECzxxaA+kyvdGDUqVrNEZSgy6Ki1q4EpiumrPs4mm9eBaqt6oD7keTeJseh9V2N P4tze68o68FCChTloyIZLIxN9CFPfZPH8m+y7NZ+SX84LQ37I0Bn26d21+HSHGqJGUxw rZIw== X-Gm-Message-State: AOAM531tTEgoYiLBGlE/a92HG/2xx8AH+kF/65TYOK24TCaz0g/a6RP1 7fJZIDkvGNHUWRZuHW+0bfrIxUswlck= X-Google-Smtp-Source: ABdhPJyB2Lt2gJih99l5w9bmq1lCsYS+VsaE9J4bAVK+1puO0r5n0SW5lXUMIAeSqifLnWyr2JPtjQ== X-Received: by 2002:a17:906:7a50:: with SMTP id i16mr31606213ejo.507.1634572665483; Mon, 18 Oct 2021 08:57:45 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:3710:6480:8fb4:66e9:57c0:8a0a]) by smtp.gmail.com with ESMTPSA id n22sm8762059eja.120.2021.10.18.08.57.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 08:57:44 -0700 (PDT) From: Attila Lendvai Date: Mon, 18 Oct 2021 17:57:30 +0200 Message-Id: <20211018155734.5175-1-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * guix/tests/git.scm (with-git-repository): New macro that can be used in a nested way under a with-temporary-git-repository. (populate-git-repository): Extend the DSL with (add "some-noise"), (reset "[commit hash]"), (checkout "branch" orphan). * guix/tests/gnupg.scm (key-fingerprint-vector): New function. --- guix/tests/git.scm | 23 +++++++++++++++++++++-- guix/tests/gnupg.scm | 8 ++++++-- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/guix/tests/git.scm b/guix/tests/git.scm index 69960284d9..76f5a8b937 100644 --- a/guix/tests/git.scm +++ b/guix/tests/git.scm @@ -26,6 +26,7 @@ (define-module (guix tests git) #:use-module (ice-9 control) #:export (git-command with-temporary-git-repository + with-git-repository find-commit)) (define git-command @@ -59,8 +60,9 @@ (define (git command . args) (apply invoke (git-command) "-C" directory command args))))) - (mkdir-p directory) - (git "init") + (unless (directory-exists? (string-append directory "/.git")) + (mkdir-p directory) + (git "init")) (let loop ((directives directives)) (match directives @@ -78,6 +80,9 @@ (define (git command . args) port))) (git "add" file) (loop rest))) + ((('add file-name-and-content) rest ...) + (loop (cons `(add ,file-name-and-content ,file-name-and-content) + rest))) ((('remove file) rest ...) (git "rm" "-f" file) (loop rest)) @@ -99,12 +104,18 @@ (define (git command . args) ((('checkout branch) rest ...) (git "checkout" branch) (loop rest)) + ((('checkout branch 'orphan) rest ...) + (git "checkout" "--orphan" branch) + (loop rest)) ((('merge branch message) rest ...) (git "merge" branch "-m" message) (loop rest)) ((('merge branch message ('signer fingerprint)) rest ...) (git "merge" branch "-m" message (string-append "--gpg-sign=" fingerprint)) + (loop rest)) + ((('reset to) rest ...) + (git "reset" "--hard" to) (loop rest))))) (define (call-with-temporary-git-repository directives proc) @@ -121,6 +132,14 @@ (define-syntax-rule (with-temporary-git-repository directory (lambda (directory) exp ...))) +(define-syntax-rule (with-git-repository directory + directives exp ...) + "Evaluate EXP in a context where DIRECTORY is (further) populated as +per DIRECTIVES." + (begin + (populate-git-repository directory directives) + exp ...)) + (define (find-commit repository message) "Return the commit in REPOSITORY whose message includes MESSAGE, a string." (let/ec return diff --git a/guix/tests/gnupg.scm b/guix/tests/gnupg.scm index eb8ff63a43..c7630db912 100644 --- a/guix/tests/gnupg.scm +++ b/guix/tests/gnupg.scm @@ -33,6 +33,7 @@ (define-module (guix tests gnupg) read-openpgp-packet key-fingerprint + key-fingerprint-vector key-id)) (define gpg-command @@ -76,7 +77,10 @@ (define (read-openpgp-packet file) (open-bytevector-input-port (call-with-input-file file read-radix-64)))) +(define key-fingerprint-vector + (compose openpgp-public-key-fingerprint + read-openpgp-packet)) + (define key-fingerprint (compose openpgp-format-fingerprint - openpgp-public-key-fingerprint - read-openpgp-packet)) + key-fingerprint-vector)) From patchwork Mon Oct 18 15:57:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 33919 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 1E2C027BBE3; Mon, 18 Oct 2021 17:03:30 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID, URIBL_BLOCKED,URI_HEX autolearn=no autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 1594D27BBE1 for ; Mon, 18 Oct 2021 17:03:29 +0100 (BST) Received: from localhost ([::1]:53428 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mcV6m-0003gp-5Z for patchwork@mira.cbaines.net; Mon, 18 Oct 2021 12:03:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56090) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00084P-Uf for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36779) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mcV2T-000362-RO for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mcV2T-00071y-QQ for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 2/5] tests: Move keys into ./tests/keys/ and add a third ed25519 key. Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Oct 2021 15:59:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163457269126939 (code B ref 50814); Mon, 18 Oct 2021 15:59:01 +0000 Received: (at 50814) by debbugs.gnu.org; 18 Oct 2021 15:58:11 +0000 Received: from localhost ([127.0.0.1]:48315 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1T-0006zQ-TF for submit@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:11 -0400 Received: from mail-ed1-f47.google.com ([209.85.208.47]:43608) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1R-0006yv-A0 for 50814@debbugs.gnu.org; Mon, 18 Oct 2021 11:57:59 -0400 Received: by mail-ed1-f47.google.com with SMTP id i20so946654edj.10 for <50814@debbugs.gnu.org>; Mon, 18 Oct 2021 08:57:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=8qHZbo8hTAzZI1w0pEUIclE9I3EZ8GGjjP4O25GQ0VU=; b=KJ3xrUr0dtnadjcmPKIMvKSO2mOoqQZYian5GPwSMcyqm5u96cjW2xPOvlUE0jD+gS ke3cSS1EU4h1BQgbXPT9QOw41iqNfi26siJn3kqsCqpmll8bOcLZgrEk/DN9kGDkhBB9 OGOMnV2HTNPbSjgEmQmBb3MgqzR3cQWj1LCTpeJDULA2itj3x9+HrSetjgIrE/2alhoN 0G5aagtcwb5E29Vtt1jL0CnvCdo+SBxo6a5rW9M6HNrP70jifUnN0J1TIa6kF4axs0jt Lywld/YlmnUujSfOznqpZikIdYLtKbay9jfkmsmG5+Uoo4IexPnPMKeZWeVsSUFIRX+O fLYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=8qHZbo8hTAzZI1w0pEUIclE9I3EZ8GGjjP4O25GQ0VU=; b=b0k0cOiXWD5GQnuuJPUeWZKV5gj20hmODuocVVhf/QFPBs4EP/YoyYvL2hk3ODIlCk M+og6oh8/mCKZOMbWVsw+M4L+jKzD5WdnWvNesO0TNX2zdF4KBWrIxLlIiFtjVsrlnvt x6mwHwbeQpA825N9fWjjJjt1qx86rCGJKfHRuuF/eQCoWBSukYfyW73DLMn9uEUfz1/h gxBGs1VBtOBPCb5T8iMYpoB2Rhr0HjlJJipqA9N6IC1jsXbFo4R2c/H9gkXylhIYHqKV NxcGTb77jSchX+mMfTEvK9SiIAiGlTzmIM6xIGnyDdCY1B5H6h1RY4Ktr8oFkAlSrX9E eMPA== X-Gm-Message-State: AOAM532tMf9ZJPRPQQGsxj3G/2RswJuckGYsXeAV+OlQ1s/FmLQ0i01e kUwGVtCnyqvtwcwT4W3Bs/Pliki2GMg= X-Google-Smtp-Source: ABdhPJxFrs9cnFHmXwYo6nPZb37NvBVTJ4DogQHD0AV80mi2FG+k/5htKa9jJNZmt5iExR6r7ILz9g== X-Received: by 2002:a17:906:35cc:: with SMTP id p12mr31050002ejb.351.1634572666160; Mon, 18 Oct 2021 08:57:46 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:3710:6480:8fb4:66e9:57c0:8a0a]) by smtp.gmail.com with ESMTPSA id n22sm8762059eja.120.2021.10.18.08.57.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 08:57:45 -0700 (PDT) From: Attila Lendvai Date: Mon, 18 Oct 2021 17:57:31 +0200 Message-Id: <20211018155734.5175-2-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211018155734.5175-1-attila@lendvai.name> References: <20211018155734.5175-1-attila@lendvai.name> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches The third key will be used in an upcoming commit. Rename public keys to .pub. * guix/tests/gnupg.scm (%ed25519-3-public-key-file): New variable. (%ed25519-3-secret-key-file): New variable. (%ed25519-2-public-key-file): Renamed from %ed25519bis-public-key-file. (%ed25519-2-secret-key-file): Renamed from %ed25519bis-secret-key-file. * tests/keys/ed25519-3.key: New file. * tests/keys/ed25519-3.sec: New file. --- Makefile.am | 20 +++++----- build-aux/test-env.in | 6 +-- guix/tests/gnupg.scm | 22 ++++++---- tests/channels.scm | 18 ++++----- tests/git-authenticate.scm | 23 +++++------ tests/guix-authenticate.sh | 4 +- tests/{civodul.key => keys/civodul.pub} | 0 tests/{dsa.key => keys/dsa.pub} | 0 tests/{ed25519bis.key => keys/ed25519-2.pub} | 0 tests/{ed25519bis.sec => keys/ed25519-2.sec} | 0 tests/keys/ed25519-3.pub | 9 +++++ tests/keys/ed25519-3.sec | 10 +++++ tests/{ed25519.key => keys/ed25519.pub} | 0 tests/{ => keys}/ed25519.sec | 0 tests/{rsa.key => keys/rsa.pub} | 0 tests/{ => keys}/signing-key.pub | 0 tests/{ => keys}/signing-key.sec | 0 tests/openpgp.scm | 42 +++++++++++--------- 18 files changed, 93 insertions(+), 61 deletions(-) rename tests/{civodul.key => keys/civodul.pub} (100%) rename tests/{dsa.key => keys/dsa.pub} (100%) rename tests/{ed25519bis.key => keys/ed25519-2.pub} (100%) rename tests/{ed25519bis.sec => keys/ed25519-2.sec} (100%) create mode 100644 tests/keys/ed25519-3.pub create mode 100644 tests/keys/ed25519-3.sec rename tests/{ed25519.key => keys/ed25519.pub} (100%) rename tests/{ => keys}/ed25519.sec (100%) rename tests/{rsa.key => keys/rsa.pub} (100%) rename tests/{ => keys}/signing-key.pub (100%) rename tests/{ => keys}/signing-key.sec (100%) diff --git a/Makefile.am b/Makefile.am index 635147efc1..95c6597c17 100644 --- a/Makefile.am +++ b/Makefile.am @@ -645,16 +645,18 @@ EXTRA_DIST += \ build-aux/update-guix-package.scm \ build-aux/update-NEWS.scm \ tests/test.drv \ - tests/signing-key.pub \ - tests/signing-key.sec \ tests/cve-sample.json \ - tests/civodul.key \ - tests/rsa.key \ - tests/dsa.key \ - tests/ed25519.key \ - tests/ed25519.sec \ - tests/ed25519bis.key \ - tests/ed25519bis.sec \ + tests/keys/signing-key.pub \ + tests/keys/signing-key.sec \ + tests/keys/civodul.pub \ + tests/keys/rsa.pub \ + tests/keys/dsa.pub \ + tests/keys/ed25519.pub \ + tests/keys/ed25519.sec \ + tests/keys/ed25519-2.pub \ + tests/keys/ed25519-2.sec \ + tests/keys/ed25519-3.pub \ + tests/keys/ed25519-3.sec \ build-aux/config.rpath \ bootstrap \ doc/build.scm \ diff --git a/build-aux/test-env.in b/build-aux/test-env.in index 7efc43206c..ca786437e9 100644 --- a/build-aux/test-env.in +++ b/build-aux/test-env.in @@ -73,9 +73,9 @@ then # Copy the keys so that the secret key has the right permissions (the # daemon errors out when this is not the case.) mkdir -p "$GUIX_CONFIGURATION_DIRECTORY" - cp "@abs_top_srcdir@/tests/signing-key.sec" \ - "@abs_top_srcdir@/tests/signing-key.pub" \ - "$GUIX_CONFIGURATION_DIRECTORY" + cp "@abs_top_srcdir@/tests/keys/signing-key.sec" \ + "@abs_top_srcdir@/tests/keys/signing-key.pub" \ + "$GUIX_CONFIGURATION_DIRECTORY" chmod 400 "$GUIX_CONFIGURATION_DIRECTORY/signing-key.sec" fi diff --git a/guix/tests/gnupg.scm b/guix/tests/gnupg.scm index c7630db912..09f02a2b67 100644 --- a/guix/tests/gnupg.scm +++ b/guix/tests/gnupg.scm @@ -28,8 +28,10 @@ (define-module (guix tests gnupg) %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file + %ed25519-2-public-key-file + %ed25519-2-secret-key-file + %ed25519-3-public-key-file + %ed25519-3-secret-key-file read-openpgp-packet key-fingerprint @@ -64,13 +66,17 @@ (define-syntax-rule (with-fresh-gnupg-setup imported exp ...) (call-with-fresh-gnupg-setup imported (lambda () exp ...))) (define %ed25519-public-key-file - (search-path %load-path "tests/ed25519.key")) + (search-path %load-path "tests/keys/ed25519.pub")) (define %ed25519-secret-key-file - (search-path %load-path "tests/ed25519.sec")) -(define %ed25519bis-public-key-file - (search-path %load-path "tests/ed25519bis.key")) -(define %ed25519bis-secret-key-file - (search-path %load-path "tests/ed25519bis.sec")) + (search-path %load-path "tests/keys/ed25519.sec")) +(define %ed25519-2-public-key-file + (search-path %load-path "tests/keys/ed25519-2.pub")) +(define %ed25519-2-secret-key-file + (search-path %load-path "tests/keys/ed25519-2.sec")) +(define %ed25519-3-public-key-file + (search-path %load-path "tests/keys/ed25519-3.pub")) +(define %ed25519-3-secret-key-file + (search-path %load-path "tests/keys/ed25519-3.sec")) (define (read-openpgp-packet file) (get-openpgp-packet diff --git a/tests/channels.scm b/tests/channels.scm index 3e82315b0c..d45c450241 100644 --- a/tests/channels.scm +++ b/tests/channels.scm @@ -480,8 +480,8 @@ (define (find-commit* message) #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -507,7 +507,7 @@ (define (find-commit* message) (commit-id-string commit1) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))) ;different key + %ed25519-2-public-key-file)))) ;different key (channel (channel (name 'example) (url (string-append "file://" directory)) (introduction intro)))) @@ -519,7 +519,7 @@ (define (find-commit* message) (oid->string (commit-id commit1)) (key-fingerprint %ed25519-public-key-file) (key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit2) #:keyring-reference-prefix "") @@ -530,8 +530,8 @@ (define (find-commit* message) #t (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add ".guix-channel" ,(object->string @@ -552,12 +552,12 @@ (define (find-commit* message) (signer ,(key-fingerprint %ed25519-public-key-file))) (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (branch "channel-keyring") (checkout "channel-keyring") (add "signer.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) - (add "other.key" ,(call-with-input-file %ed25519bis-public-key-file + (add "other.key" ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (commit "keyring commit") (checkout "master")) @@ -588,7 +588,7 @@ (define (find-commit* message) (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint (read-openpgp-packet - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (authenticate-channel channel directory (commit-id-string commit3) #:keyring-reference-prefix "") diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index d87eacc659..f66ef191b0 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -161,14 +161,14 @@ (define (gpg+git-available?) (test-assert "signed commits, .guix-authorizations, unauthorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -184,7 +184,7 @@ (define (gpg+git-available?) (checkout "devel") (add "devel/1.txt" "1") (commit "first devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -203,7 +203,7 @@ (define (correct? c commit) (openpgp-public-key-fingerprint (unauthorized-commit-error-signing-key c)) (openpgp-public-key-fingerprint - (read-openpgp-packet %ed25519bis-public-key-file))))) + (read-openpgp-packet %ed25519-2-public-key-file))))) (and (authenticate-commits repository (list master1 master2) #:keyring-reference "master") @@ -230,14 +230,14 @@ (define (correct? c commit) (test-assert "signed commits, .guix-authorizations, authorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file %ed25519-secret-key-file - %ed25519bis-public-key-file - %ed25519bis-secret-key-file) + %ed25519-2-public-key-file + %ed25519-2-secret-key-file) (with-temporary-git-repository directory `((add "signer1.key" ,(call-with-input-file %ed25519-public-key-file get-string-all)) (add "signer2.key" - ,(call-with-input-file %ed25519bis-public-key-file + ,(call-with-input-file %ed25519-2-public-key-file get-string-all)) (add ".guix-authorizations" ,(object->string @@ -258,12 +258,12 @@ (define (correct? c commit) %ed25519-public-key-file) (name "Alice")) (,(key-fingerprint - %ed25519bis-public-key-file)))))) + %ed25519-2-public-key-file)))))) (commit "first devel commit" (signer ,(key-fingerprint %ed25519-public-key-file))) (add "devel/2.txt" "2") (commit "second devel commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file))) + (signer ,(key-fingerprint %ed25519-2-public-key-file))) (checkout "master") (add "b.txt" "B") (commit "second commit" @@ -273,7 +273,7 @@ (define (correct? c commit) ;; After the merge, the second signer is authorized. (add "c.txt" "C") (commit "third commit" - (signer ,(key-fingerprint %ed25519bis-public-key-file)))) + (signer ,(key-fingerprint %ed25519-2-public-key-file)))) (with-repository directory repository (let ((master1 (find-commit repository "first commit")) (master2 (find-commit repository "second commit")) @@ -328,4 +328,3 @@ (define (correct? c commit) 'failed))))))) (test-end "git-authenticate") - diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh index 3a05b232c1..0de6da1878 100644 --- a/tests/guix-authenticate.sh +++ b/tests/guix-authenticate.sh @@ -28,7 +28,7 @@ rm -f "$sig" "$hash" trap 'rm -f "$sig" "$hash"' EXIT -key="$abs_top_srcdir/tests/signing-key.sec" +key="$abs_top_srcdir/tests/keys/signing-key.sec" key_len="`echo -n $key | wc -c`" # A hexadecimal string as long as a sha256 hash. @@ -67,7 +67,7 @@ test "$code" -ne 0 # encoded independently of the current locale: . hash="636166e9636166e9636166e9636166e9636166e9636166e9636166e9636166e9" latin1_cafe="caf$(printf '\351')" -echo "sign 21:tests/signing-key.sec 64:$hash" | guix authenticate \ +echo "sign 26:tests/keys/signing-key.sec 64:$hash" | guix authenticate \ | LC_ALL=C grep "hash sha256 \"$latin1_cafe" # Test for : make sure 'guix authenticate' produces diff --git a/tests/civodul.key b/tests/keys/civodul.pub similarity index 100% rename from tests/civodul.key rename to tests/keys/civodul.pub diff --git a/tests/dsa.key b/tests/keys/dsa.pub similarity index 100% rename from tests/dsa.key rename to tests/keys/dsa.pub diff --git a/tests/ed25519bis.key b/tests/keys/ed25519-2.pub similarity index 100% rename from tests/ed25519bis.key rename to tests/keys/ed25519-2.pub diff --git a/tests/ed25519bis.sec b/tests/keys/ed25519-2.sec similarity index 100% rename from tests/ed25519bis.sec rename to tests/keys/ed25519-2.sec diff --git a/tests/keys/ed25519-3.pub b/tests/keys/ed25519-3.pub new file mode 100644 index 0000000000..72f311984c --- /dev/null +++ b/tests/keys/ed25519-3.pub @@ -0,0 +1,9 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldm0FTxleGFtcGxlQGV4YW1wbGUuY29tPoiWBBMWCAA+FiEEjO6M85jMSK68 +7tINGBzA7NyoagkFAmFR/+8CGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgEC +F4AACgkQGBzA7Nyoagl3lgEAw6yqIlX11lTqwxBGhZk/Oy34O13cbJSZCGv+m0ja ++hcA/3DCNOmT+oXjgO/w6enQZUQ1m/d6dUjCc2wOLlLz+ZoG +=+r3i +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/keys/ed25519-3.sec b/tests/keys/ed25519-3.sec new file mode 100644 index 0000000000..04128a4131 --- /dev/null +++ b/tests/keys/ed25519-3.sec @@ -0,0 +1,10 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lFgEYVH/7xYJKwYBBAHaRw8BAQdALMLeUhjEG2/UPCJj2j/debFwwAK5gT3G0l5d +ILfFldkAAP92goSbbzQ0ttElr9lr5Cm6rmQtqUZ2Cu/Jk9fvfZROwxI0tBU8ZXhh +bXBsZUBleGFtcGxlLmNvbT6IlgQTFggAPhYhBIzujPOYzEiuvO7SDRgcwOzcqGoJ +BQJhUf/vAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBgcwOzc +qGoJd5YBAMOsqiJV9dZU6sMQRoWZPzst+Dtd3GyUmQhr/ptI2voXAP9wwjTpk/qF +44Dv8Onp0GVENZv3enVIwnNsDi5S8/maBg== +=EmOt +-----END PGP PRIVATE KEY BLOCK----- diff --git a/tests/ed25519.key b/tests/keys/ed25519.pub similarity index 100% rename from tests/ed25519.key rename to tests/keys/ed25519.pub diff --git a/tests/ed25519.sec b/tests/keys/ed25519.sec similarity index 100% rename from tests/ed25519.sec rename to tests/keys/ed25519.sec diff --git a/tests/rsa.key b/tests/keys/rsa.pub similarity index 100% rename from tests/rsa.key rename to tests/keys/rsa.pub diff --git a/tests/signing-key.pub b/tests/keys/signing-key.pub similarity index 100% rename from tests/signing-key.pub rename to tests/keys/signing-key.pub diff --git a/tests/signing-key.sec b/tests/keys/signing-key.sec similarity index 100% rename from tests/signing-key.sec rename to tests/keys/signing-key.sec diff --git a/tests/openpgp.scm b/tests/openpgp.scm index c2be26fa49..1f20466772 100644 --- a/tests/openpgp.scm +++ b/tests/openpgp.scm @@ -59,18 +59,22 @@ (define %binary-sample (define %civodul-fingerprint "3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5") -(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.key - -;; Test keys. They were generated in a container along these lines: -;; guix environment -CP --ad-hoc gnupg pinentry -;; then, within the container: -;; mkdir ~/.gnupg -;; echo pinentry-program ~/.guix-profile/bin/pinentry-tty > ~/.gnupg/gpg-agent.conf -;; gpg --quick-gen-key '' rsa -;; or similar. -(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.key -(define %dsa-key-id #x587918047BE8BD2C) ;dsa.key -(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key +(define %civodul-key-id #x090B11993D9AEBB5) ;civodul.pub + +#| +Test keys in ./tests/keys. They were generated in a container along these lines: + guix environment -CP --ad-hoc gnupg pinentry coreutils +then, within the container: + mkdir ~/.gnupg && chmod -R og-rwx ~/.gnupg + gpg --batch --passphrase '' --quick-gen-key '' ed25519 + gpg --armor --export example@example.com + gpg --armor --export-secret-key example@example.com + # echo pinentry-program ~/.guix-profile/bin/pinentry-curses > ~/.gnupg/gpg-agent.conf +or similar. +|# +(define %rsa-key-id #xAE25DA2A70DEED59) ;rsa.pub +(define %dsa-key-id #x587918047BE8BD2C) ;dsa.pub +(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.pub (define %rsa-key-fingerprint (base16-string->bytevector @@ -168,7 +172,7 @@ (define %hello-signature/ed25519/sha1 ;digest-algo: sha1 (not (port-ascii-armored? (open-bytevector-input-port %binary-sample)))) (test-assert "get-openpgp-keyring" - (let* ((key (search-path %load-path "tests/civodul.key")) + (let* ((key (search-path %load-path "tests/keys/civodul.pub")) (keyring (get-openpgp-keyring (open-bytevector-input-port (call-with-input-file key read-radix-64))))) @@ -228,8 +232,10 @@ (define %hello-signature/ed25519/sha1 ;digest-algo: sha1 (verify-openpgp-signature signature keyring (open-input-string "Hello!\n")))) (list status (openpgp-public-key-id key))))) - (list "tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" "tests/ed25519.key") + (list "tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub") (list %hello-signature/rsa %hello-signature/dsa %hello-signature/ed25519/sha256 %hello-signature/ed25519/sha512 @@ -248,9 +254,9 @@ (define %hello-signature/ed25519/sha1 ;digest-algo: sha1 (call-with-input-file key read-radix-64)) keyring))) %empty-keyring - '("tests/rsa.key" "tests/dsa.key" - "tests/ed25519.key" "tests/ed25519.key" - "tests/ed25519.key")))) + '("tests/keys/rsa.pub" "tests/keys/dsa.pub" + "tests/keys/ed25519.pub" "tests/keys/ed25519.pub" + "tests/keys/ed25519.pub")))) (map (lambda (signature) (let ((signature (string->openpgp-packet signature))) (let-values (((status key) From patchwork Mon Oct 18 15:57:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 33918 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 1043C27BBE3; Mon, 18 Oct 2021 17:03:00 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 95A9327BBE1 for ; Mon, 18 Oct 2021 17:02:59 +0100 (BST) Received: from localhost ([::1]:52458 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mcV6I-00032s-Mk for patchwork@mira.cbaines.net; Mon, 18 Oct 2021 12:02:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56092) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00084Q-Up for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36780) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mcV2U-00036g-LD for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mcV2U-00072B-KZ for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 3/5] guix: Prepare the UI for continuable &warning exceptions. Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Oct 2021 15:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163457269226955 (code B ref 50814); Mon, 18 Oct 2021 15:59:02 +0000 Received: (at 50814) by debbugs.gnu.org; 18 Oct 2021 15:58:12 +0000 Received: from localhost ([127.0.0.1]:48323 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1g-00070b-Em for submit@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:12 -0400 Received: from mail-ed1-f50.google.com ([209.85.208.50]:46839) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1X-0006z8-1Y for 50814@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:03 -0400 Received: by mail-ed1-f50.google.com with SMTP id z20so867796edc.13 for <50814@debbugs.gnu.org>; Mon, 18 Oct 2021 08:58:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=L7y/+COJjYPaozopnnQ+sBjtLR+/Y2RyAcjzRtsyLQc=; b=ibAfSRkNJk8HZXM0jK6b+ySD2dgUIF4xH9ZfyW4YGppNho1/Up0F1+uYlq1nyezmuL 672I+TgHjrfCAKsvtxU2sKM/F+mpDf00T9AOJ2zdfY6UN4zqrj2J3sNMlNTeBXnpJyqn 9fB4iNl3IejJFAZ7BHtTZVOyaboWak2KoVaL+CRRXZmX82zn7cmEd03zrBq0QfXsknvp cQkrDlWbmV4mjlG/kvJqmwTR7ZYHZWJw5aMicp9HZ1MNhnIETMxHoZfF8ChP5Q8FcrOH eolgW3S21dF3PI+0Evix6mgZXSN3cg54Id6x7qFLkMqIhIwPaeA6yYJRKpBtuJzKsWcH 0sgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=L7y/+COJjYPaozopnnQ+sBjtLR+/Y2RyAcjzRtsyLQc=; b=dlNDy6al67AKVRK/yGp6ARazOO7w7buVnhFL1OWcyasis6Sc1dmxe+hTvyjDPAc+zM hXSJb1q/MfMGv8KYFCN+JCKs00mQGcY4x9h6ykFx5ygN0wFb53itObZUM1pFk/18hq6a wibm0gfj7wJ4P/pvi1AGm2bXW2h0Fs4io9B6uMCDS1TNzKC4NotvDhO1QkwzsXHkQFG/ uNtbSFG2dUlU5efAaDGXLREY0qIUAigASVxIHyUhUsYFw7G9Rf2OYxsjt2+bLdeekQxW TXYawG1mjgEHfI+/MFlHIm1zUdhjLmTufkoCosv3Kz3VLhW8gq3y0sgrg2lMfR9s+HM5 atyg== X-Gm-Message-State: AOAM532piEvBjc+UBntcRkpPtNomXk6LioYYVxvrteZ0YYMVa61joVws JbzlxMYrk14O8Q4y9Gv8WES6kn0Zwsk= X-Google-Smtp-Source: ABdhPJzUB2aXYgZtnQtRRDX6Jik7IT3O8L1Fol4X67mEaG2skpWxVJ/UdQEkH9jpa81GNMZqwUm0BA== X-Received: by 2002:aa7:ccc1:: with SMTP id y1mr46457408edt.177.1634572666944; Mon, 18 Oct 2021 08:57:46 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:3710:6480:8fb4:66e9:57c0:8a0a]) by smtp.gmail.com with ESMTPSA id n22sm8762059eja.120.2021.10.18.08.57.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 08:57:46 -0700 (PDT) From: Attila Lendvai Date: Mon, 18 Oct 2021 17:57:32 +0200 Message-Id: <20211018155734.5175-3-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211018155734.5175-1-attila@lendvai.name> References: <20211018155734.5175-1-attila@lendvai.name> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * guix/store.scm (call-with-store): Use dynamic-wind so that continuable exceptions are not broken by being re-raised as non-continuable. This is needed for a later commit that uses continuable exceptions from within git-authenticate to signal warnings to the user. The reason for this is that this way tests can explicitly check that a warning was signalled in certain situations. * guix/ui.scm (call-with-error-handling): Handle &warning type exceptions by printing them to the user, and then continuing at the place they were signalled at. * guix/diagnostics.scm (emit-formatted-warning): New exported function. --- guix/diagnostics.scm | 4 ++++ guix/store.scm | 7 +++++-- guix/ui.scm | 11 ++++++++++- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/guix/diagnostics.scm b/guix/diagnostics.scm index 6a792febd4..343213fb45 100644 --- a/guix/diagnostics.scm +++ b/guix/diagnostics.scm @@ -48,6 +48,7 @@ (define-module (guix diagnostics) formatted-message? formatted-message-string formatted-message-arguments + emit-formatted-warning &fix-hint fix-hint? @@ -161,6 +162,9 @@ (define-syntax-rule (leave args ...) (report-error args ...) (exit 1))) +(define* (emit-formatted-warning fmt . args) + (emit-diagnostic fmt args #:prefix (G_ "warning: ") #:colors %warning-color)) + (define* (emit-diagnostic fmt args #:key location (colors (color)) (prefix "")) "Report diagnostic message FMT with the given ARGS and the specified diff --git a/guix/store.scm b/guix/store.scm index 89a719bcfc..1b177cc952 100644 --- a/guix/store.scm +++ b/guix/store.scm @@ -34,6 +34,8 @@ (define-module (guix store) #:use-module (guix profiling) #:autoload (guix build syscalls) (terminal-columns) #:use-module (rnrs bytevectors) + #:use-module ((rnrs conditions) #:select (warning?)) + #:use-module ((rnrs exceptions) #:select (raise-continuable)) #:use-module (ice-9 binary-ports) #:use-module ((ice-9 control) #:select (let/ec)) #:use-module (ice-9 atomic) @@ -661,8 +663,9 @@ (define (thunk) (apply values results))))) (with-exception-handler (lambda (exception) - (close-connection store) - (raise-exception exception)) + (unless (warning? exception) + (close-connection store)) + (raise-continuable exception)) thunk))) (define-syntax-rule (with-store store exp ...) diff --git a/guix/ui.scm b/guix/ui.scm index 1428c254b3..88940f99ef 100644 --- a/guix/ui.scm +++ b/guix/ui.scm @@ -69,6 +69,8 @@ (define-module (guix ui) #:use-module (srfi srfi-31) #:use-module (srfi srfi-34) #:use-module (srfi srfi-35) + #:use-module ((rnrs conditions) + #:select (warning?)) #:autoload (ice-9 ftw) (scandir) #:use-module (ice-9 match) #:use-module (ice-9 format) @@ -689,7 +691,14 @@ (define (port-filename* port) (and (not (port-closed? port)) (port-filename port))) - (guard* (c ((package-input-error? c) + (guard* (c ((warning? c) + (if (formatted-message? c) + (apply emit-formatted-warning + (formatted-message-string c) + (formatted-message-arguments c)) + (emit-formatted-warning "~a" c)) + '()) + ((package-input-error? c) (let* ((package (package-error-package c)) (input (package-error-invalid-input c)) (location (package-location package)) From patchwork Mon Oct 18 15:57:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 33917 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id CC71A27BBE3; Mon, 18 Oct 2021 17:01:01 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 027A027BBE1 for ; Mon, 18 Oct 2021 17:01:01 +0100 (BST) Received: from localhost ([::1]:49082 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mcV4N-0000fj-TW for patchwork@mira.cbaines.net; Mon, 18 Oct 2021 12:00:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56094) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00084R-W0 for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36782) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00037G-7M for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mcV2U-000725-6D for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 4/5] guix: git-authenticate: Fix authenticate-repository. Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Oct 2021 15:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163457269226947 (code B ref 50814); Mon, 18 Oct 2021 15:59:02 +0000 Received: (at 50814) by debbugs.gnu.org; 18 Oct 2021 15:58:12 +0000 Received: from localhost ([127.0.0.1]:48321 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1f-00070S-Cc for submit@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:12 -0400 Received: from mail-ed1-f47.google.com ([209.85.208.47]:36553) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1S-0006yx-TU for 50814@debbugs.gnu.org; Mon, 18 Oct 2021 11:57:59 -0400 Received: by mail-ed1-f47.google.com with SMTP id d3so1096147edp.3 for <50814@debbugs.gnu.org>; Mon, 18 Oct 2021 08:57:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mssy46LG9pPfC05ohM4Vd1lxt6KHdiMy0L/zng1m38U=; b=AnwPvnX+jdrfgo7FpAXZUHKCsSj9sKfjKm5lQDYj5uOF3sZiXxGT3yIGr4jbTJCKPG luZJ6FOiBVP1tflbHZ44og/jcuSm2+ZMH+5guVyLbZFzjXC8itXSrnt0iLW1tMoUJSpT K0lfuNgU5PZOr0qNLn3L4UcNUq3MXaXJ2qjzIpVdvgcKsBNZTKGgONjn7MQ3FG+DbyKN 5psWUSLtgNjC7S3qrW/r5+sujm/jmYOhSX2zhgAVMIjtpNifzKgQSWV9iEqHpYJJIRGc hiOamz4YGVO9uM0RwrcyEeICtSZex48e9hxB4pOtkzJAVQeBvw/P324FWX1oZqofYm5K 9b3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=mssy46LG9pPfC05ohM4Vd1lxt6KHdiMy0L/zng1m38U=; b=zw5zIOcGvJ/ZNRg4YsTdiN0212z4M1FLnPVCeK8HeKWHMJC1o2KnOTpTWaCsmpiTIZ tHOxuvIqVMTqsfaOF8fRxvGMqT8I9cG/6idzBoEHPdfjLqlZndxnZlMkiAZ1dPjKLSUm bylhpQ7xMvI7wRtVrEy1n3I/dlqd6jQzn7SgHDV6tauXpm4nyqs0cEj/ypoZpqlYnOUI mwHLmMnPWP4YiVorFdJSXaQuLfIz0qNFJn+PvPN7K73HoFYVwYqY8yrX6yjevZkGmRF7 FZEQt4NIBGLp17VkaN7uToXEhvUzD3tvScjdd7SkdB4lJSbKiDB0GJ5DRumnocXLgOgD QyMA== X-Gm-Message-State: AOAM531dCLzBq3mHsfyEzU93+lB0V7aDiPCg9xFavblxSe4OludOSd8b VM4RHtxegFiE0UMd96ezVHDwCxsjeVk= X-Google-Smtp-Source: ABdhPJw58/43/P+URwtPfEa0NS9qndzH4pg8YLUju3JWKndadlofqrDOKHu+05TOp2VlVyyT0DcCDw== X-Received: by 2002:a17:906:712:: with SMTP id y18mr29707425ejb.408.1634572671460; Mon, 18 Oct 2021 08:57:51 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:3710:6480:8fb4:66e9:57c0:8a0a]) by smtp.gmail.com with ESMTPSA id n22sm8762059eja.120.2021.10.18.08.57.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 08:57:51 -0700 (PDT) From: Attila Lendvai Date: Mon, 18 Oct 2021 17:57:33 +0200 Message-Id: <20211018155734.5175-4-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211018155734.5175-1-attila@lendvai.name> References: <20211018155734.5175-1-attila@lendvai.name> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Always verify the channel introduction commit, so that no commit can slip through that was signed with a different key. Always update the cache, because it affects the behavior of later calls. Signal a continuable compound-condition (with type &warning included) when a channel introduction commit doesn't also update the '.guix-authentications' file. * guix/git-authenticate.scm (authenticate-commit): Reword and extend the error message to point to the relevant part of the manual. (authenticate-repository): Eliminate optimizations to make the code path less dependent on the input. Always trust the intro-commit itself. Always call verify-introductory-commit. (verify-introductory-commit): Check if the commit contains the key that was used to sign it, and issue a warning otherwise. This is to avoid the confusion caused by only the *second* commit yielding an error, because intro-commits are always trusted. (authenticate-commit): Clarify error message. (authorized-keys-at-commit): Factored out to the toplevel from commit-authorized-keys. --- guix/channels.scm | 4 +- guix/git-authenticate.scm | 158 +++++++++++++++++++++++--------------- 2 files changed, 96 insertions(+), 66 deletions(-) diff --git a/guix/channels.scm b/guix/channels.scm index e4e0428eb5..b84064537f 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -347,8 +347,8 @@ (define (make-reporter start-commit end-commit commits) (progress-reporter/bar (length commits))) (define authentic-commits - ;; Consider the currently-used commit of CHANNEL as authentic so - ;; authentication can skip it and all its closure. + ;; Optimization: consider the currently-used commit of CHANNEL as + ;; authentic, so that authentication can skip it and all its closure. (match (find (lambda (candidate) (eq? (channel-name candidate) (channel-name channel))) (current-channels)) diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index ab3fcd8b2f..a667863d65 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -30,6 +30,7 @@ (define-module (guix git-authenticate) #:select (cache-directory with-atomic-file-output)) #:use-module ((guix build utils) #:select (mkdir-p)) + #:use-module (guix diagnostics) #:use-module (guix progress) #:use-module (srfi srfi-1) #:use-module (srfi srfi-11) @@ -37,7 +38,10 @@ (define-module (guix git-authenticate) #:use-module (srfi srfi-34) #:use-module (srfi srfi-35) #:use-module (rnrs bytevectors) + #:use-module ((rnrs exceptions) + #:select (raise-continuable)) #:use-module (rnrs io ports) + #:use-module (ice-9 exceptions) #:use-module (ice-9 match) #:autoload (ice-9 pretty-print) (pretty-print) #:export (read-authorizations @@ -159,11 +163,12 @@ (define (read-authorizations port) (string-downcase (string-filter char-set:graphic fingerprint)))) fingerprints)))) -(define* (commit-authorized-keys repository commit - #:optional (default-authorizations '())) - "Return the list of OpenPGP fingerprints authorized to sign COMMIT, based on -authorizations listed in its parent commits. If one of the parent commits -does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." +(define (authorized-keys-at-commit repository commit default-value) + "Return the list of authorized key fingerprints in REPOSITORY as encoded in +the '.guix-authorizations' file at the point denoted by COMMIT. If the file is +not present, then assert that it has never been there (i.e. do not allow +its removal), and return DEFAULT-VALUE." + (define (parents-have-authorizations-file? commit) ;; Return true if at least one of the parents of COMMIT has the ;; '.guix-authorizations' file. @@ -185,28 +190,35 @@ (define (assert-parents-lack-authorizations commit) to remove '.guix-authorizations' file") (oid->string (commit-id commit))))))) - (define (commit-authorizations commit) - (catch 'git-error - (lambda () - (let* ((tree (commit-tree commit)) - (entry (tree-entry-bypath tree ".guix-authorizations")) - (blob (blob-lookup repository (tree-entry-id entry)))) - (read-authorizations - (open-bytevector-input-port (blob-content blob))))) - (lambda (key error) - (if (= (git-error-code error) GIT_ENOTFOUND) - (begin - ;; Prevent removal of '.guix-authorizations' since it would make - ;; it trivial to force a fallback to DEFAULT-AUTHORIZATIONS. - (assert-parents-lack-authorizations commit) - default-authorizations) - (throw key error))))) + (catch 'git-error + (lambda () + (let* ((tree (commit-tree commit)) + (entry (tree-entry-bypath tree ".guix-authorizations")) + (blob (blob-lookup repository (tree-entry-id entry)))) + (read-authorizations + (open-bytevector-input-port (blob-content blob))))) + (lambda (key error) + (if (= (git-error-code error) GIT_ENOTFOUND) + (begin + ;; Prevent removal of '.guix-authorizations' since it would make + ;; it trivial to force a fallback to DEFAULT-VALUE. + (assert-parents-lack-authorizations commit) + default-value) + (throw key error))))) +(define* (commit-authorized-keys repository commit + #:optional (default-authorizations '())) + "Return the list of OpenPGP fingerprints authorized to sign COMMIT, based on +authorizations listed in its parent commits. If one of the parent commits +does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (match (commit-parents commit) (() default-authorizations) (parents (apply lset-intersection bytevector=? - (map commit-authorizations parents))))) + (map (lambda (commit) + (authorized-keys-at-commit repository commit + default-authorizations)) + parents))))) (define* (authenticate-commit repository commit keyring #:key (default-authorizations '())) @@ -236,8 +248,8 @@ (define signing-key (condition (&unauthorized-commit-error (commit id) (signing-key signing-key))) - (formatted-message (G_ "commit ~a not signed by an authorized \ -key: ~a") + (formatted-message (G_ "commit ~a is signed by an unauthorized \ +key: ~a\nSee info guix \"Specifying Channel Authorizations\".") (oid->string id) (openpgp-format-fingerprint (openpgp-public-key-fingerprint @@ -356,7 +368,8 @@ (define (repository-cache-key repository) (base64-encode (sha256 (string->utf8 (repository-directory repository)))))) -(define (verify-introductory-commit repository keyring commit expected-signer) +(define (verify-introductory-commit repository commit expected-signer keyring + authorizations) "Look up COMMIT in REPOSITORY, and raise an exception if it is not signed by EXPECTED-SIGNER." (define actual-signer @@ -364,13 +377,26 @@ (define actual-signer (commit-signing-key repository (commit-id commit) keyring))) (unless (bytevector=? expected-signer actual-signer) - (raise (formatted-message (G_ "initial commit ~a is signed by '~a' \ + (raise (make-compound-condition + (condition (&unauthorized-commit-error (commit (commit-id commit)) + (signing-key actual-signer))) + (formatted-message (G_ "initial commit ~a is signed by '~a' \ instead of '~a'") - (oid->string (commit-id commit)) - (openpgp-format-fingerprint actual-signer) - (openpgp-format-fingerprint expected-signer))))) - -(define* (authenticate-repository repository start signer + (oid->string (commit-id commit)) + (openpgp-format-fingerprint actual-signer) + (openpgp-format-fingerprint expected-signer))))) + (unless (member actual-signer + (authorized-keys-at-commit repository commit authorizations) + bytevector=?) + (raise-continuable + (make-compound-condition + (condition (&warning)) + (formatted-message (G_ "initial commit ~a does not add \ +the key it is signed with (~a) to the '.guix-authorizations' file.") + (oid->string (commit-id commit)) + (openpgp-format-fingerprint actual-signer)))))) + +(define* (authenticate-repository repository intro-commit-hash intro-signer #:key (keyring-reference "keyring") (cache-key (repository-cache-key repository)) @@ -380,11 +406,12 @@ (define* (authenticate-repository repository start signer (historical-authorizations '()) (make-reporter (const progress-reporter/silent))) - "Authenticate REPOSITORY up to commit END, an OID. Authentication starts -with commit START, an OID, which must be signed by SIGNER; an exception is -raised if that is not the case. Commits listed in AUTHENTIC-COMMITS and their -closure are considered authentic. Return an alist mapping OpenPGP public keys -to the number of commits signed by that key that have been traversed. + "Authenticate REPOSITORY up to commit END, an OID. Authentication starts with +commit INTRO-COMMIT-HASH, an OID, which must be signed by INTRO-SIGNER; an +exception is raised if that is not the case. Commits listed in +AUTHENTIC-COMMITS and their closure are considered authentic. Return an +alist mapping OpenPGP public keys to the number of commits signed by that +key that have been traversed. The OpenPGP keyring is loaded from KEYRING-REFERENCE in REPOSITORY, where KEYRING-REFERENCE is the name of a branch. The list of authenticated commits @@ -393,8 +420,10 @@ (define* (authenticate-repository repository start signer HISTORICAL-AUTHORIZATIONS must be a list of OpenPGP fingerprints (bytevectors) denoting the authorized keys for commits whose parent lack the '.guix-authorizations' file." - (define start-commit - (commit-lookup repository start)) + + (define intro-commit + (commit-lookup repository intro-commit-hash)) + (define end-commit (commit-lookup repository end)) @@ -404,36 +433,37 @@ (define keyring (define authenticated-commits ;; Previously-authenticated commits that don't need to be checked again. (filter-map (lambda (id) + ;; We need to tolerate when cached commits disappear due to + ;; --allow-downgrades. (false-if-git-not-found (commit-lookup repository (string->oid id)))) (append (previously-authenticated-commits cache-key) - authentic-commits))) + authentic-commits + ;; The intro commit is unconditionally trusted. + (list (oid->string intro-commit-hash))))) (define commits ;; Commits to authenticate, excluding the closure of ;; AUTHENTICATED-COMMITS. - (commit-difference end-commit start-commit - authenticated-commits)) - - ;; When COMMITS is empty, it's because END-COMMIT is in the closure of - ;; START-COMMIT and/or AUTHENTICATED-COMMITS, in which case it's known to - ;; be authentic already. - (if (null? commits) - '() - (let ((reporter (make-reporter start-commit end-commit commits))) - ;; If it's our first time, verify START-COMMIT's signature. - (when (null? authenticated-commits) - (verify-introductory-commit repository keyring - start-commit signer)) - - (let ((stats (call-with-progress-reporter reporter - (lambda (report) - (authenticate-commits repository commits - #:keyring keyring - #:default-authorizations - historical-authorizations - #:report-progress report))))) - (cache-authenticated-commit cache-key - (oid->string (commit-id end-commit))) - - stats)))) + (commit-difference end-commit intro-commit + authenticated-commits)) + + (verify-introductory-commit repository intro-commit + intro-signer keyring + historical-authorizations) + + (let* ((reporter (make-reporter intro-commit end-commit commits)) + (stats (call-with-progress-reporter reporter + (lambda (report) + (authenticate-commits repository commits + #:keyring keyring + #:default-authorizations + historical-authorizations + #:report-progress report))))) + ;; Note that this will make the then current end commit of any channel, + ;; that has been used/trusted in the past with a channel introduction, + ;; remain trusted until the cache is cleared. + (cache-authenticated-commit cache-key + (oid->string (commit-id end-commit))) + + stats)) From patchwork Mon Oct 18 15:57:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Attila Lendvai X-Patchwork-Id: 33920 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 8655827BBE3; Mon, 18 Oct 2021 17:03:54 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 01ADD27BBE1 for ; Mon, 18 Oct 2021 17:03:54 +0100 (BST) Received: from localhost ([::1]:54420 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mcV7B-0004Ma-30 for patchwork@mira.cbaines.net; Mon, 18 Oct 2021 12:03:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:56088) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00084N-UT for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:36781) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mcV2V-00036y-1E for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mcV2V-00072L-1A for guix-patches@gnu.org; Mon, 18 Oct 2021 11:59:03 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50814] [PATCH 5/5] tests: Add test for .guix-authorizations and channel intro. Resent-From: Attila Lendvai Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 18 Oct 2021 15:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 50814 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50814@debbugs.gnu.org Cc: Attila Lendvai Received: via spool by 50814-submit@debbugs.gnu.org id=B50814.163457269326961 (code B ref 50814); Mon, 18 Oct 2021 15:59:02 +0000 Received: (at 50814) by debbugs.gnu.org; 18 Oct 2021 15:58:13 +0000 Received: from localhost ([127.0.0.1]:48325 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1g-00070i-QF for submit@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:13 -0400 Received: from mail-ed1-f48.google.com ([209.85.208.48]:41485) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mcV1X-0006zJ-G6 for 50814@debbugs.gnu.org; Mon, 18 Oct 2021 11:58:04 -0400 Received: by mail-ed1-f48.google.com with SMTP id a25so948013edx.8 for <50814@debbugs.gnu.org>; Mon, 18 Oct 2021 08:58:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+zDupLbRlsQC/k/BphcMTVNlMjLMZIWW6s00wMbOpVA=; b=DF8XD6MmUFjYkB53jjSkm/Shub2nI9o5NooSxdnVgKMzoatGnyH4RyPGU7gKCOv0Kg QSiOUcI85sIkWTz+3Woi+w7fU0yyVU7k7kRrOm/Q1yKyPhgN7njRRu95bNHQ0vJ2ZKFL xIkVA5TELvFsWsdNFyfGFECg8P6EVxglufIBCQCaDdpVNYhEm+cE+XRejiotzT9hewQ6 OfmlYEdO0UG1onQBK4KXH4sY8Quz4QRrYtF5pCDBgjaINaWStzCTg1OXvYgDfW3HkpQE XTZ8DO0UgRzPz3hHnAdTCnTLhtMEYIVI/umzEKRqhENRYh0Vg6supOL+fyqd+yTjOLJJ G9Tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=+zDupLbRlsQC/k/BphcMTVNlMjLMZIWW6s00wMbOpVA=; b=C5vIF+kQ8Z1poBeKGYWMGC8kZ125DwJ5TLZZ0PmNDIOaaagnSuWzV0cfto4eDlb9XH FEetKNY+Yo4Xy1erak5RSEC5BoiUfr56T/Ad3qEwjU3YsXHnk+922ZiUHAhYkkaVGz1L 8bQLpRWiK3MAFg8BTbt+2yACKWLmqdUzkSnPhw1e6Xe3X6wNlzfCoCjzgwb+1bFxvzx+ 0aRKgjhSjvX9pFGAdOcakSb087q13wG36XoxWCDrEy/SHLul4fCCFObxEQGC9QT4FNRC Py0iPAo6Tfgg++4sMgHsOJhkU3rhC/y/xAsqT8TlWroRK3uz5koPGbB9z0U2fWBuXHgo Kugw== X-Gm-Message-State: AOAM5332Zor/Okm/e9V1BMJHC2TxDmLWuAniaGeTPBia0W1XKXEmAGs7 75hBd68zNSp2bXZFqINzdvDLlAWEmG8= X-Google-Smtp-Source: ABdhPJxQqGcRAAm0Gd4G5NgAWhhpM7kw59klMMtwivFMIvOe9MCjNkphnTwhxo3Ptmhj7yYP5hCtzg== X-Received: by 2002:a17:906:e85:: with SMTP id p5mr30802289ejf.159.1634572672170; Mon, 18 Oct 2021 08:57:52 -0700 (PDT) Received: from localhost.localdomain ([2a02:ab88:3710:6480:8fb4:66e9:57c0:8a0a]) by smtp.gmail.com with ESMTPSA id n22sm8762059eja.120.2021.10.18.08.57.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 18 Oct 2021 08:57:51 -0700 (PDT) From: Attila Lendvai Date: Mon, 18 Oct 2021 17:57:34 +0200 Message-Id: <20211018155734.5175-5-attila@lendvai.name> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211018155734.5175-1-attila@lendvai.name> References: <20211018155734.5175-1-attila@lendvai.name> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches This test used to fail before a recent fix to authenticate-repository. * tests/git-authenticate.scm: New test "signed commits, .guix-authorizations, channel-introduction". --- tests/git-authenticate.scm | 150 +++++++++++++++++++++++++++++++++++++ 1 file changed, 150 insertions(+) diff --git a/tests/git-authenticate.scm b/tests/git-authenticate.scm index f66ef191b0..25b4962ea4 100644 --- a/tests/git-authenticate.scm +++ b/tests/git-authenticate.scm @@ -18,6 +18,7 @@ (define-module (test-git-authenticate) #:use-module (git) + #:use-module (guix diagnostics) #:use-module (guix git) #:use-module (guix git-authenticate) #:use-module (guix openpgp) @@ -28,6 +29,10 @@ (define-module (test-git-authenticate) #:use-module (srfi srfi-34) #:use-module (srfi srfi-64) #:use-module (rnrs bytevectors) + #:use-module ((rnrs conditions) + #:select (warning?)) + #:use-module ((rnrs exceptions) + #:select (with-exception-handler)) #:use-module (rnrs io ports)) ;; Test the (guix git-authenticate) tools. @@ -226,6 +231,151 @@ (define (correct? c commit) #:keyring-reference "master") #f))))))) +(unless (gpg+git-available?) (test-skip 1)) +(test-assert "signed commits, .guix-authorizations, channel-introduction" + (let* ((result #true) + (key1 %ed25519-public-key-file) + (key2 %ed25519-2-public-key-file) + (key3 %ed25519-3-public-key-file)) + (with-fresh-gnupg-setup (list key1 %ed25519-secret-key-file + key2 %ed25519-2-secret-key-file + key3 %ed25519-3-secret-key-file) + (with-temporary-git-repository dir + `((checkout "keyring" orphan) + (add "signer1.key" ,(call-with-input-file key1 get-string-all)) + (add "signer2.key" ,(call-with-input-file key2 get-string-all)) + (add "signer3.key" ,(call-with-input-file key3 get-string-all)) + (commit "keyring commit") + + (checkout "main" orphan) + (add "noise0") + (add ".guix-authorizations" + ,(object->string + `(authorizations + (version 0) + ((,(key-fingerprint key1) (name "Alice")) + ;; Notice that key2 is not authorized at this point. + (,(key-fingerprint key3) (name "Charlie")))))) + (commit "commit 0" (signer ,(key-fingerprint key3))) + (add "noise1") + (commit "commit 1" (signer ,(key-fingerprint key1))) + (add "noise2") + (commit "commit 2" (signer ,(key-fingerprint key1)))) + (with-repository dir repo + (let* ((commit-0 (find-commit repo "commit 0")) + (check-from + (lambda* (commit #:key (should-fail? #false) (key key1) + (historical-authorizations + ;; Let's mark key3 to be trusted + ;; unconditionally, so that it authorizes + ;; commit 0. + (list (key-fingerprint-vector key3)))) + (guard (c ((unauthorized-commit-error? c) + (if should-fail? + c + (let ((port (current-output-port))) + (format port "FAILURE: Unexpected exception at commit '~s':~%" + commit) + (print-exception port (stack-ref (make-stack #t) 1) + c (exception-args c)) + (set! result #false) + '())))) + (format #true "~%~%Checking ~s, should-fail? ~s, repo commits:~%" + commit should-fail?) + ;; To be able to inspect git's state in the logs. + (invoke "git" "-C" dir "log" "--reverse" "--pretty=oneline" "main") + (set! commit (find-commit repo commit)) + (authenticate-repository repo + (commit-id commit) + (key-fingerprint-vector key) + #:historical-authorizations + historical-authorizations) + (when should-fail? + (format #t "FAILURE: Authenticating commit '~s' should have failed.~%" commit) + (set! result #false)) + '())))) + (check-from "commit 0" #:key key3) + (check-from "commit 1") + (check-from "commit 2") + (with-git-repository dir + `((add "noise 3") + (commit "commit 3" (signer ,(key-fingerprint key2)))) + ;; This should fail because it is signed by key2, i.e. an + ;; unauthorized key. + (check-from "commit 3" #:should-fail? #true) + ;; Specify commit 3 as a channel-introduction signed with + ;; key2. This is valid, but it should warn the user, because + ;; .guix-authorizations is not updated to include key2, which + ;; means that any subsequent commits with the same key will be + ;; rejected. + (set! result + (and (let ((signalled? #false)) + (with-exception-handler + (lambda (c) + (cond + ((not (warning? c)) + (raise c)) + ((formatted-message? c) + (format #true "warning (expected): ~a~%" + (apply format #false + (formatted-message-string c) + (formatted-message-arguments c))) + (set! signalled? #true))) + '()) + (lambda () + (check-from "commit 3" #:key key2) + (unless signalled? + (format #t "FAILURE: No warning signalled for commit 3~%")) + signalled?))) + result))) + (with-git-repository dir + ;; Drop the faulty commit 3 + `((reset ,(oid->string (commit-id (find-commit repo "commit 2")))) + (add "noise 4") + (add ".guix-authorizations" + ,(object->string + ;; Remove key3, add key2. + `(authorizations + (version 0) + ((,(key-fingerprint key1) (name "Alice")) + (,(key-fingerprint key2) (name "Bob")))))) + (commit "commit 4" (signer ,(key-fingerprint key2)))) + ;; This should fail because even though commit 4 adds key2 to + ;; .guix-authorizations, but commit 1 was created prior to that, + ;; therefore it is not authorized. + (check-from "commit 1" #:should-fail? #true) + ;; This should pass, because it's a valid channel intro at commit 4 + (check-from "commit 4" #:key key2)) + (with-git-repository dir + `((add "noise 5") + (commit "commit 5" (signer ,(key-fingerprint key2)))) + ;; It is not very intuitive why commit 1 and 2 should be trusted + ;; at this point: commit 4 has previously been used as a channel + ;; intro, thus it got marked as trusted in the ~/.cache/. + ;; Because commit 1 and 2 are among its parents, it should also + ;; be trusted at this point because of the cache. Note that + ;; it's debatable whether this semantics is a good idea, but + ;; this is how git-authenticate is and has been implemented for + ;; a while (modulo failing to update the cache in the past when + ;; taking certain code paths). + (check-from "commit 1") + (check-from "commit 2") + ;; Should still be fine, but only when starting from commit 4 + (check-from "commit 4" #:key key2)) + (with-git-repository dir + `((add "noise 6") + (commit "commit 6" (signer ,(key-fingerprint key1)))) + (check-from "commit 1") + (check-from "commit 2") + (check-from "commit 4" #:key key2)) + (with-git-repository dir + `((add "noise 7") + (commit "commit 7" (signer ,(key-fingerprint key3)))) + ;; This should fail because key3 is not among the authorized + ;; keys anymore, and commit 7 is signed by it. + (check-from "commit 6" #:should-fail? #true)))))) + result)) + (unless (gpg+git-available?) (test-skip 1)) (test-assert "signed commits, .guix-authorizations, authorized merge" (with-fresh-gnupg-setup (list %ed25519-public-key-file