summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-06-21 16:39:27 +0200
committerLudovic Courtès <ludo@gnu.org>2020-06-21 17:36:40 +0200
commite4a4287c5fb51c0e47431606df5ee78b953d71f8 (patch)
treed46264905fc86a845c1544cc2077e8e3c5ec002f
parentgit-authenticate: Ignore authenticated commit cache when it's not #o600. (diff)
downloadguix-e4a4287c5fb51c0e47431606df5ee78b953d71f8.tar.gz
guix-e4a4287c5fb51c0e47431606df5ee78b953d71f8.tar.bz2
guix-e4a4287c5fb51c0e47431606df5ee78b953d71f8.tar.xz
channels: 'authenticate-channel' doesn't check relation with intro commit.
Fixes <https://bugs.gnu.org/41908>. Reported by Jan Nieuwenhuizen <janneke@gnu.org>. The relation check imposed an extra restriction that was unnecessary: it's enough to authenticate the set difference between the closure of START-COMMIT and that of END-COMMIT. Any attempt to jump to an unrelated commit would lead to the authentication failure of one commit on the way. * guix/channels.scm (authenticate-channel): Remove extra 'commit-relation' check when (null? commits).
-rw-r--r--guix/channels.scm64
1 files changed, 26 insertions, 38 deletions
diff --git a/guix/channels.scm b/guix/channels.scm
index c879cb6..3eec5df 100644
--- a/guix/channels.scm
+++ b/guix/channels.scm
@@ -350,45 +350,33 @@ fails."
350 (define reporter 350 (define reporter
351 (progress-reporter/bar (length commits))) 351 (progress-reporter/bar (length commits)))
352 352
353 ;; When COMMITS is empty, it's either because AUTHENTICATED-COMMITS 353 ;; When COMMITS is empty, it's because END-COMMIT is in the closure of
354 ;; contains END-COMMIT or because END-COMMIT is not a descendant of 354 ;; START-COMMIT and/or AUTHENTICATED-COMMITS, in which case it's known to
355 ;; START-COMMIT. Check that. 355 ;; be authentic already.
356 (if (null? commits) 356 (unless (null? commits)
357 (match (commit-relation start-commit end-commit) 357 (format (current-error-port)
358 ((or 'self 'ancestor 'descendant) #t) ;nothing to do! 358 (G_ "Authenticating channel '~a', \
359 ('unrelated
360 (raise
361 (condition
362 (&message
363 (message
364 (format #f (G_ "'~a' is not related to introductory \
365commit of channel '~a'~%")
366 (oid->string (commit-id end-commit))
367 (channel-name channel))))))))
368 (begin
369 (format (current-error-port)
370 (G_ "Authenticating channel '~a', \
371commits ~a to ~a (~h new commits)...~%") 359commits ~a to ~a (~h new commits)...~%")
372 (channel-name channel) 360 (channel-name channel)
373 (commit-short-id start-commit) 361 (commit-short-id start-commit)
374 (commit-short-id end-commit) 362 (commit-short-id end-commit)
375 (length commits)) 363 (length commits))
376 364
377 ;; If it's our first time, verify CHANNEL's introductory commit. 365 ;; If it's our first time, verify CHANNEL's introductory commit.
378 (when (null? authenticated-commits) 366 (when (null? authenticated-commits)
379 (verify-introductory-commit repository 367 (verify-introductory-commit repository
380 (channel-introduction channel) 368 (channel-introduction channel)
381 keyring)) 369 keyring))
382 370
383 (call-with-progress-reporter reporter 371 (call-with-progress-reporter reporter
384 (lambda (report) 372 (lambda (report)
385 (authenticate-commits repository commits 373 (authenticate-commits repository commits
386 #:keyring keyring 374 #:keyring keyring
387 #:report-progress report))) 375 #:report-progress report)))
388 376
389 (cache-authenticated-commit cache-key 377 (cache-authenticated-commit cache-key
390 (oid->string 378 (oid->string
391 (commit-id end-commit))))))) 379 (commit-id end-commit))))))
392 380
393(define* (latest-channel-instance store channel 381(define* (latest-channel-instance store channel
394 #:key (patches %patches) 382 #:key (patches %patches)