Fix building of Shishi with libgcrypt 1.6 and later. Patch copied from Debian: https://anonscm.debian.org/cgit/collab-maint/shishi.git/tree/debian/patches/fix_gcrypt_detection.diff?id=948301ae648a542a408da250755aeed58a6e3542 Description: Fix autoconf gnutls detection to also accept gcrypt 1.6. Author: Andreas Metzler Bug-Debian: http://bugs.debian.org/753150 Origin: vendor Forwarded: no Last-Update: 2014-07-18 --- shishi-1.0.2.orig/gl/m4/gc.m4 +++ shishi-1.0.2/gl/m4/gc.m4 @@ -12,10 +12,12 @@ AC_DEFUN([gl_GC], if test "$libgcrypt" != no; then AC_LIB_HAVE_LINKFLAGS([gcrypt], [gpg-error], [ #include -/* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c - will fail on startup if we don't have 1.4.4 or later, so - test for it early. */ -#if !defined GCRY_MODULE_ID_USER +/* gc-libgcrypt.c will fail on startup if we don't have libgcrypt 1.4.4 or + later, test for it early. by checking for either + - GCRY_MODULE_ID_USER which was added in 1.4.4 and dropped in 1.6 or + - GCRYPT_VERSION_NUMBER which was added in 1.6. + */ +#if !defined GCRY_MODULE_ID_USER && !defined GCRYPT_VERSION_NUMBER error too old libgcrypt #endif ]) henticate.sh'>logtreecommitdiff
path: root/tests/guix-authenticate.sh
AgeCommit message (Expand)Author
2021-12-22tests: Move keys into ./tests/keys/ and add a third ed25519 key....The third key will be used in an upcoming commit. Rename public keys to .pub. * guix/tests/gnupg.scm (%ed25519-3-public-key-file): New variable. (%ed25519-3-secret-key-file): New variable. (%ed25519-2-public-key-file): Renamed from %ed25519bis-public-key-file. (%ed25519-2-secret-key-file): Renamed from %ed25519bis-secret-key-file. * tests/keys/ed25519-3.key: New file. * tests/keys/ed25519-3.sec: New file. Signed-off-by: Mathieu Othacehe <othacehe@gnu.org> Attila Lendvai
2020-09-15authenticate: Encode strings as ISO-8859-1....Fixes <https://bugs.gnu.org/43421>. * guix/scripts/authenticate.scm (read-command): Decode strings as ISO-8859-1, not UTF-8. (guix-authenticate)[send-reply]: Encode strings as ISO-8859-1, not UTF-8. * tests/guix-authenticate.sh: Add test. Ludovic Courtès
2020-09-14daemon: Spawn 'guix authenticate' once for all....Previously, we'd spawn 'guix authenticate' once for each item that has to be signed (when exporting) or authenticated (when importing). Now, we spawn it once for all and then follow a request/reply protocol. This reduces the wall-clock time of: guix archive --export -r $(guix build coreutils -d) from 30s to 2s. * guix/scripts/authenticate.scm (sign-with-key): Return the signature instead of displaying it. Raise a &formatted-message instead of calling 'leave'. (validate-signature): Likewise. (read-command): New procedure. (define-enumerate-type, reply-code): New macros. (guix-authenticate)[send-reply]: New procedure. Change to read commands from current-input-port. * nix/libstore/local-store.cc (runAuthenticationProgram): Remove. (authenticationAgent, readInteger, readAuthenticateReply): New functions. (signHash, verifySignature): Rewrite in terms of the agent. * tests/store.scm ("import not signed"): Remove 'pk' call. ("import signed by unauthorized key"): Check the error message of C. * tests/guix-authenticate.sh: Rewrite using the new protocol. fixlet Ludovic Courtès
2020-09-11daemon: Simplify interface with 'guix authenticate'....There's no reason at this point to mimic the calling convention of the 'openssl' command. * nix/libstore/local-store.cc (LocalStore::exportPath): Add only "sign" and HASH to ARGS. Remove 'tmpDir' and 'hashFile'. (LocalStore::importPath): Add only "verify" and SIGNATURE to * guix/scripts/authenticate.scm (guix-authenticate): Adjust accordingly; remove the OpenSSL-style clauses. (read-hash-data): Remove. (sign-with-key): Replace 'port' with 'sha256' and adjust accordingly. (validate-signature): Export SIGNATURE to be a canonical sexp. * tests/guix-authenticate.sh: Adjust tests accordingly. Ludovic Courtès