From: "Ludovic Courtès" <ludo@gnu.org>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: 40565@debbugs.gnu.org
Subject: bug#40565: [PATCH 1/1] git-authenticate: Fetch keyrings from Savannah.
Date: Sun, 19 Apr 2020 13:15:12 +0200 [thread overview]
Message-ID: <87v9lv3ewv.fsf@gnu.org> (raw)
In-Reply-To: <20200417202015.14741-2-me@tobias.gr> (Tobias Geerinckx-Rice's message of "Fri, 17 Apr 2020 22:20:15 +0200")
Hi Tobias,
Tobias Geerinckx-Rice <me@tobias.gr> skribis:
> * build-aux/git-authenticate.scm (%project-keyring-uris)
> (import-keyring-uri, import-project-keys): New variables.
> (authenticate-commits): Import known project keys before authenticating.
> * guix/gnupg.scm (ensure-file): New procedure.
> (gnupg-receive-keys): Use it.
> (gnupg-import): New exported procedure.
The patch LGTM but it doesn’t apply for some reason. Could you take a
look?
> +;; XXX HTTP here is OK but is there any realistic scenario where TLS won't work?
> +(define %project-keyring-uris
I’m not sure what the XXX comment means. We’re fetching over HTTPS
anyway, right?
> +(define* (import-keyring-uri uri)
> + (let* ((port (http-fetch uri))
> + (keyring (get-bytevector-all port)))
> + (close-port port)
> + (gnupg-import keyring)))
IWBN if ‘gnupg-import’ could take an input port instead of a bytevector.
It’d be great if you could add docstrings for top-level procedures.
> +(define* (gnupg-import keys
> + #:optional (keyring (current-keyring)))
> + "Add all KEYS in a bytevector produced by ‘gpg --export’ to KEYRING."
> + (ensure-file keyring)
> + (let ((pipe (open-pipe* OPEN_WRITE
> + (%gpg-command) "--import" "--batch" "--quiet"
> + "--no-default-keyring" "--keyring" keyring)))
> + (put-bytevector pipe keys)
> + (close-port pipe)))
So what about changing ‘keys’ to ‘port’, and then you would:
(dump-port port pipe)
?
Thanks for addressing this!
Ludo’.
next prev parent reply other threads:[~2020-04-19 11:16 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-12 2:55 bug#40565: make authenticate fails: commit 77704cb13e5bebf412297dab764a00849a3cfdc0: key A0C5E3522EF8EF5C64CDB7F0FD73CAC719D32566 is missing elaexuotee--- via Bug reports for GNU Guix
2020-04-16 16:24 ` Tobias Geerinckx-Rice via Bug reports for GNU Guix
2020-04-17 1:52 ` Eric Bavier
2020-04-17 11:15 ` Tobias Geerinckx-Rice via Bug reports for GNU Guix
2020-04-17 17:39 ` Tobias Geerinckx-Rice via Bug reports for GNU Guix
2020-04-17 20:20 ` bug#40565: [PATCH 0/1] bug#40565: make authenticate fails Tobias Geerinckx-Rice via Bug reports for GNU Guix
2020-04-17 20:20 ` bug#40565: [PATCH 1/1] git-authenticate: Fetch keyrings from Savannah Tobias Geerinckx-Rice via Bug reports for GNU Guix
2020-04-19 11:15 ` Ludovic Courtès [this message]
2020-05-04 9:02 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87v9lv3ewv.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=40565@debbugs.gnu.org \
--cc=me@tobias.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.