diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2020-09-11 12:51:36 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2020-09-14 15:42:55 +0200 |
| commit | 64cf660f872fb7aaf0d2b463e45b4c756297f743 (patch) | |
| tree | e1fdd38b1a704915b4df4cd0b7db6669bd7b77dc /tests/store.scm | |
| parent | ee9dff34f9317509cb2b833d07a0d5e01a36a4ae (diff) | |
| download | guix-64cf660f872fb7aaf0d2b463e45b4c756297f743.tar guix-64cf660f872fb7aaf0d2b463e45b4c756297f743.tar.gz | |
daemon: Spawn 'guix authenticate' once for all.
Previously, we'd spawn 'guix authenticate' once for each item that has
to be signed (when exporting) or authenticated (when importing). Now,
we spawn it once for all and then follow a request/reply protocol. This
reduces the wall-clock time of:
guix archive --export -r $(guix build coreutils -d)
from 30s to 2s.
* guix/scripts/authenticate.scm (sign-with-key): Return the signature
instead of displaying it. Raise a &formatted-message instead of calling
'leave'.
(validate-signature): Likewise.
(read-command): New procedure.
(define-enumerate-type, reply-code): New macros.
(guix-authenticate)[send-reply]: New procedure.
Change to read commands from current-input-port.
* nix/libstore/local-store.cc (runAuthenticationProgram): Remove.
(authenticationAgent, readInteger, readAuthenticateReply): New
functions.
(signHash, verifySignature): Rewrite in terms of the agent.
* tests/store.scm ("import not signed"): Remove 'pk' call.
("import signed by unauthorized key"): Check the error message of C.
* tests/guix-authenticate.sh: Rewrite using the new protocol.
fixlet
Diffstat (limited to 'tests/store.scm')
| -rw-r--r-- | tests/store.scm | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/tests/store.scm b/tests/store.scm index 8ff76e8f98..3a2a21a250 100644 --- a/tests/store.scm +++ b/tests/store.scm @@ -990,7 +990,7 @@ ;; Ensure 'import-paths' raises an exception. (guard (c ((store-protocol-error? c) - (and (not (zero? (store-protocol-error-status (pk 'C c)))) + (and (not (zero? (store-protocol-error-status c))) (string-contains (store-protocol-error-message c) "lacks a signature")))) (let* ((source (open-bytevector-input-port dump)) @@ -1030,9 +1030,9 @@ ;; Ensure 'import-paths' raises an exception. (guard (c ((store-protocol-error? c) - ;; XXX: The daemon-provided error message currently doesn't - ;; mention the reason of the failure. - (not (zero? (store-protocol-error-status c))))) + (and (not (zero? (store-protocol-error-status c))) + (string-contains (store-protocol-error-message c) + "unauthorized public key")))) (let* ((source (open-bytevector-input-port dump)) (imported (import-paths %store source))) (pk 'unauthorized-imported imported) |