me
/
guix
Archived
1
0
Fork 0

services: knot: Fix configuration verification.

* gnu/services/dns.scm (verify-knot-key-configuration): Fix the
order of memq arguments.
(verify-knot-keystore-configuration): Likewise.
(verify-knot-acl-configuration): Replace fold with every procedure.

Signed-off-by: 宋文武 <iyzsong@member.fsf.org>
master
Alexey Abramov 2021-01-30 09:19:32 +01:00 committed by 宋文武
parent 07143d9fe1
commit 408f0b4c4d
No known key found for this signature in database
GPG Key ID: D415BF253B515976
1 changed files with 7 additions and 7 deletions

View File

@ -256,9 +256,9 @@
(let ((id (knot-key-configuration-id key)))
(unless (and (string? id) (not (equal? id "")))
(error-out "key id must be a non empty string.")))
(unless (memq '(#f hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512)
(knot-key-configuration-algorithm key))
(error-out "algorithm must be one of: #f, 'hmac-md5, 'hmac-sha1,
(unless (memq (knot-key-configuration-algorithm key)
'(#f hmac-md5 hmac-sha1 hmac-sha224 hmac-sha256 hmac-sha384 hmac-sha512))
(error-out "algorithm must be one of: #f, 'hmac-md5, 'hmac-sha1,
'hmac-sha224, 'hmac-sha256, 'hmac-sha384 or 'hmac-sha512")))
(define (verify-knot-keystore-configuration keystore)
@ -267,9 +267,9 @@
(let ((id (knot-keystore-configuration-id keystore)))
(unless (and (string? id) (not (equal? id "")))
(error-out "keystore id must be a non empty string.")))
(unless (memq '(pem pkcs11)
(knot-keystore-configuration-backend keystore))
(error-out "backend must be one of: 'pem or 'pkcs11")))
(unless (memq (knot-keystore-configuration-backend keystore)
'(pem pkcs11))
(error-out "backend must be one of: 'pem or 'pkcs11")))
(define (verify-knot-policy-configuration policy)
(unless (knot-policy-configuration? policy)
@ -288,7 +288,7 @@
(unless (and (string? id) (not (equal? id "")))
(error-out "acl id must be a non empty string."))
(unless (and (list? address)
(fold (lambda (x1 x2) (and (string? x1) (string? x2))) "" address))
(every string? address))
(error-out "acl address must be a list of strings.")))
(unless (boolean? (knot-acl-configuration-deny? acl))
(error-out "deny? must be #t or #f.")))