aboutsummaryrefslogtreecommitdiff
path: root/nix/local.mk
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-09-11 12:51:36 +0200
committerLudovic Courtès <ludo@gnu.org>2020-09-14 15:42:55 +0200
commit64cf660f872fb7aaf0d2b463e45b4c756297f743 (patch)
treee1fdd38b1a704915b4df4cd0b7db6669bd7b77dc /nix/local.mk
parentee9dff34f9317509cb2b833d07a0d5e01a36a4ae (diff)
downloadguix-64cf660f872fb7aaf0d2b463e45b4c756297f743.tar
guix-64cf660f872fb7aaf0d2b463e45b4c756297f743.tar.gz
daemon: Spawn 'guix authenticate' once for all.
Previously, we'd spawn 'guix authenticate' once for each item that has to be signed (when exporting) or authenticated (when importing). Now, we spawn it once for all and then follow a request/reply protocol. This reduces the wall-clock time of: guix archive --export -r $(guix build coreutils -d) from 30s to 2s. * guix/scripts/authenticate.scm (sign-with-key): Return the signature instead of displaying it. Raise a &formatted-message instead of calling 'leave'. (validate-signature): Likewise. (read-command): New procedure. (define-enumerate-type, reply-code): New macros. (guix-authenticate)[send-reply]: New procedure. Change to read commands from current-input-port. * nix/libstore/local-store.cc (runAuthenticationProgram): Remove. (authenticationAgent, readInteger, readAuthenticateReply): New functions. (signHash, verifySignature): Rewrite in terms of the agent. * tests/store.scm ("import not signed"): Remove 'pk' call. ("import signed by unauthorized key"): Check the error message of C. * tests/guix-authenticate.sh: Rewrite using the new protocol. fixlet
Diffstat (limited to 'nix/local.mk')
0 files changed, 0 insertions, 0 deletions