pki: 'public-keys->acl' deduplicates entries.
Reported by Tobias Geerinckx-Rice <me@tobias.gr> in <https://issues.guix.gnu.org/50892>. * guix/pki.scm (public-keys->acl): Add call to 'delete-duplicates'. * tests/pki.scm ("public-keys->acl deduplication"): New test.
parent
94e9651241
commit
3677b97030
|
@ -1,5 +1,5 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2013, 2014, 2016, 2022 Ludovic Courtès <ludo@gnu.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -21,6 +21,7 @@
|
|||
#:use-module (gcrypt pk-crypto)
|
||||
#:use-module ((guix utils) #:select (with-atomic-file-output))
|
||||
#:use-module ((guix build utils) #:select (mkdir-p))
|
||||
#:autoload (srfi srfi-1) (delete-duplicates)
|
||||
#:use-module (ice-9 match)
|
||||
#:use-module (ice-9 rdelim)
|
||||
#:use-module (ice-9 binary-ports)
|
||||
|
@ -61,9 +62,10 @@ element in KEYS must be a canonical sexp with type 'public-key'."
|
|||
;; want to have name certificates and to use subject names instead of
|
||||
;; complete keys.
|
||||
`(acl ,@(map (lambda (key)
|
||||
`(entry ,(canonical-sexp->sexp key)
|
||||
`(entry ,key
|
||||
(tag (guix import))))
|
||||
keys)))
|
||||
(delete-duplicates
|
||||
(map canonical-sexp->sexp keys)))))
|
||||
|
||||
(define %acl-file
|
||||
(string-append %config-directory "/acl"))
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2013, 2014, 2022 Ludovic Courtès <ludo@gnu.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -66,6 +66,10 @@
|
|||
(test-assert "authorized-key? public-key singleton"
|
||||
(authorized-key? %public-key (public-keys->acl (list %public-key))))
|
||||
|
||||
(test-equal "public-keys->acl deduplication"
|
||||
(public-keys->acl (list %public-key))
|
||||
(public-keys->acl (make-list 10 %public-key)))
|
||||
|
||||
(test-assert "signature-case valid-signature"
|
||||
(let* ((hash (sha256 #vu8(1 2 3)))
|
||||
(data (bytevector->hash-data hash #:key-type (key-type %public-key)))
|
||||
|
|
Reference in New Issue