From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id WB4rGHJ21V4aVQAA0tVLHw (envelope-from ) for ; Mon, 01 Jun 2020 21:43:14 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id EOD7E3J21V5keQAA1q6Kng (envelope-from ) for ; Mon, 01 Jun 2020 21:43:14 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id A0EF894042C for ; Mon, 1 Jun 2020 21:43:13 +0000 (UTC) Received: from localhost ([::1]:42654 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jfsD8-0000XP-Th for larch@yhetil.org; Mon, 01 Jun 2020 17:43:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59080) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jfsD0-0000VP-3S for guix-patches@gnu.org; Mon, 01 Jun 2020 17:43:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:53920) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jfsCz-0007fK-OH for guix-patches@gnu.org; Mon, 01 Jun 2020 17:43:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jfsCz-0002QM-MF for guix-patches@gnu.org; Mon, 01 Jun 2020 17:43:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#41653] [PATCH 3/4] git-authenticate: Raise proper SRFI-35 conditions. Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 01 Jun 2020 21:43:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41653 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 41653@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 41653-submit@debbugs.gnu.org id=B41653.15910477239229 (code B ref 41653); Mon, 01 Jun 2020 21:43:01 +0000 Received: (at 41653) by debbugs.gnu.org; 1 Jun 2020 21:42:03 +0000 Received: from localhost ([127.0.0.1]:37229 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jfsC2-0002Oc-D3 for submit@debbugs.gnu.org; Mon, 01 Jun 2020 17:42:02 -0400 Received: from eggs.gnu.org ([209.51.188.92]:50554) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jfsC0-0002Ny-Pp for 41653@debbugs.gnu.org; Mon, 01 Jun 2020 17:42:01 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:57939) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jfsBv-000735-Gq; Mon, 01 Jun 2020 17:41:55 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=51784 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jfsBu-0007Sn-TL; Mon, 01 Jun 2020 17:41:55 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Date: Mon, 1 Jun 2020 23:41:46 +0200 Message-Id: <20200601214147.3357-3-ludo@gnu.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200601214147.3357-1-ludo@gnu.org> References: <20200601214147.3357-1-ludo@gnu.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: 5.49 X-TUID: J+wEKRbCtwbF * guix/git-authenticate.scm (&git-authentication-error) (&unsigned-commit-error, &unauthorized-commit-error) (&signature-verification-error, &missing-key-error): New condition types. (commit-signing-key, authenticate-commit): Raise them. --- guix/git-authenticate.scm | 44 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index 4217ab6d27..b73f957105 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -41,7 +41,18 @@ authenticate-commits load-keyring-from-reference previously-authenticated-commits - cache-authenticated-commit)) + cache-authenticated-commit + + git-authentication-error? + git-authentication-error-commit + unsigned-commit-error? + unauthorized-commit-error? + unauthorized-commit-error-signing-key + signature-verification-error? + signature-verification-error-keyring + signature-verification-error-signature + missing-key-error? + missing-key-error-signature)) ;;; Commentary: ;;; @@ -52,6 +63,27 @@ ;;; ;;; Code: +(define-condition-type &git-authentication-error &error + git-authentication-error? + (commit git-authentication-error-commit)) + +(define-condition-type &unsigned-commit-error &git-authentication-error + unsigned-commit-error?) + +(define-condition-type &unauthorized-commit-error &git-authentication-error + unauthorized-commit-error? + (signing-key unauthorized-commit-error-signing-key)) + +(define-condition-type &signature-verification-error &git-authentication-error + signature-verification-error? + (signature signature-verification-error-signature) + (keyring signature-verification-error-keyring)) + +(define-condition-type &missing-key-error &git-authentication-error + missing-key-error? + (signature missing-key-error-signature)) + + (define (commit-signing-key repo commit-id keyring) "Return the OpenPGP key that signed COMMIT-ID (an OID). Raise an exception if the commit is unsigned, has an invalid signature, or if its signing key is @@ -64,9 +96,10 @@ not in KEYRING." (values #f #f))))) (unless signature (raise (condition + (&unsigned-commit-error (commit commit-id)) (&message (message (format #f (G_ "commit ~a lacks a signature") - commit-id)))))) + (oid->string commit-id))))))) (let ((signature (string->openpgp-packet signature))) (with-fluids ((%default-port-encoding "UTF-8")) @@ -77,12 +110,17 @@ not in KEYRING." ('bad-signature ;; There's a signature but it's invalid. (raise (condition + (&signature-verification-error (commit commit-id) + (signature signature) + (keyring keyring)) (&message (message (format #f (G_ "signature verification failed \ for commit ~a") (oid->string commit-id))))))) ('missing-key (raise (condition + (&missing-key-error (commit commit-id) + (signature signature)) (&message (message (format #f (G_ "could not authenticate \ commit ~a: key ~a is missing") @@ -138,6 +176,8 @@ not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (commit-authorized-keys repository commit default-authorizations)) (raise (condition + (&unauthorized-commit-error (commit id) + (signing-key signing-key)) (&message (message (format #f (G_ "commit ~a not signed by an authorized \ key: ~a") -- 2.26.2