[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/02: gnupg: 'gnupg-status-good-signature?' no longer returns a key ID.
From: |
guix-commits |
Subject: |
01/02: gnupg: 'gnupg-status-good-signature?' no longer returns a key ID. |
Date: |
Wed, 18 Dec 2019 17:48:55 -0500 (EST) |
civodul pushed a commit to branch master
in repository guix.
commit 9cfa322579e1be0adf0e2e1c489d336a4e5eedf7
Author: Ludovic Courtès <address@hidden>
Date: Wed Dec 18 17:19:00 2019 +0100
gnupg: 'gnupg-status-good-signature?' no longer returns a key ID.
Returning a key ID was inconsequential because the only user of
'gnupg-status-good-signature?', (guix upstream) (via 'gnupg-verify*'),
would not check the return value as long as it's true.
* guix/gnupg.scm (gnupg-status-good-signature?): Return a
fingerprint/user pair instead of key-id/user.
(gnupg-verify*): Mention it in docstring.
---
guix/gnupg.scm | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/guix/gnupg.scm b/guix/gnupg.scm
index 40feb44..bf01c7f 100644
--- a/guix/gnupg.scm
+++ b/guix/gnupg.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2010, 2011, 2013, 2014, 2016, 2018 Ludovic Courtès
<address@hidden>
+;;; Copyright © 2010, 2011, 2013, 2014, 2016, 2018, 2019 Ludovic Courtès
<address@hidden>
;;; Copyright © 2013 Nikita Karetnikov <address@hidden>
;;;
;;; This file is part of GNU Guix.
@@ -142,13 +142,15 @@ revoked. Return a status s-exp if GnuPG failed."
(define (gnupg-status-good-signature? status)
"If STATUS, as returned by `gnupg-verify', denotes a good signature, return
-a key-id/user pair; return #f otherwise."
- (any (lambda (sexp)
- (match sexp
- (((or 'good-signature 'expired-key-signature) key-id user)
- (cons key-id user))
- (_ #f)))
- status))
+a fingerprint/user pair; return #f otherwise."
+ (match (assq 'valid-signature status)
+ (('valid-signature fingerprint date timestamp)
+ (match (or (assq 'good-signature status)
+ (assq 'expired-key-signature status))
+ ((_ key-id user) (cons fingerprint user))
+ (_ #f)))
+ (_
+ #f)))
(define (gnupg-status-missing-key? status)
"If STATUS denotes a missing-key error, then return the key-id of the
@@ -178,7 +180,8 @@ missing key."
"Like `gnupg-verify', but try downloading the public key if it's missing.
Return #t if the signature was good, #f otherwise. KEY-DOWNLOAD specifies a
download policy for missing OpenPGP keys; allowed values: 'always', 'never',
-and 'interactive' (default)."
+and 'interactive' (default). Return a fingerprint/user name pair on success
+and #f otherwise."
(let ((status (gnupg-verify sig file)))
(or (gnupg-status-good-signature? status)
(let ((missing (gnupg-status-missing-key? status)))