ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2025-01-12 22:26:40 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

channels: Remove 'signature' from <channel-introduction>.

Browse source 
In the end signing the commit/key pair does not buy us much.  Someone
publishing a valid but different commit/key pair would effectively be
publishing a different channel, which could be a fork (made by a former
authorized developer) or simply a mirror.  In the latter case, there's
nothing to be gained by publishing a different commit/key pair.

* guix/channels.scm (<channel-introduction>)[signature]: Remove.
(make-channel-introduction): Adjust accordingly.
This commit is contained in:
Ludovic Courtès 2020-06-25 15:37:02 +02:00
parent 8b7d982e6a
commit 22a9699257
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
guix/channels.scm
View file

@ -128,22 +128,19 @@ (define-record-type* <channel> channel make-channel
;; Channel introductions. A "channel introduction" provides a commit/signer ;; Channel introductions. A "channel introduction" provides a commit/signer
;; pair that specifies the first commit of the authentication process as well ;; pair that specifies the first commit of the authentication process as well
;; as its signer's fingerprint. The pair must be signed by the signer of that ;; as its signer's fingerprint. Introductions are used to bootstrap trust in
;; commit so that only them may emit this introduction. Introductions are ;; a channel.
;; used to bootstrap trust in a channel.
(define-record-type <channel-introduction> (define-record-type <channel-introduction>
(%make-channel-introduction first-signed-commit first-commit-signer (%make-channel-introduction first-signed-commit first-commit-signer)
signature)
channel-introduction? channel-introduction?
(first-signed-commit channel-introduction-first-signed-commit) ;hex string (first-signed-commit channel-introduction-first-signed-commit) ;hex string
(first-commit-signer channel-introduction-first-commit-signer) ;bytevector (first-commit-signer channel-introduction-first-commit-signer)) ;bytevector
(signature channel-introduction-signature)) ;string
(define (make-channel-introduction commit signer) (define (make-channel-introduction commit signer)
"Return a new channel introduction: COMMIT is the introductory where "Return a new channel introduction: COMMIT is the introductory where
authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of authentication starts, and SIGNER is the OpenPGP fingerprint (a bytevector) of
the signer of that commit." the signer of that commit."
(%make-channel-introduction commit signer #f)) (%make-channel-introduction commit signer))
(define (openpgp-fingerprint->bytevector str) (define (openpgp-fingerprint->bytevector str)
"Convert STR, an OpenPGP fingerprint (hexadecimal string with whitespace), "Convert STR, an OpenPGP fingerprint (hexadecimal string with whitespace),