From d51bfe242fbe6f3f8f71d723e8fe0c7bbe711ba1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Sat, 25 Jul 2020 18:26:18 +0200 Subject: Use 'formatted-message' instead of '&message' where appropriate. * gnu.scm (%try-use-modules): Use 'formatted-message' instead of '&message'. * gnu/machine/digital-ocean.scm (maybe-raise-unsupported-configuration-error): Likewise. * gnu/machine/ssh.scm (machine-check-file-system-availability): Likewise. (machine-check-building-for-appropriate-system): Likewise. (deploy-managed-host): Likewise. (maybe-raise-unsupported-configuration-error): Likewise. * gnu/packages.scm (search-patch): Likewise. * gnu/services.scm (%service-with-default-value): Likewise. (files->etc-directory): Likewise. (fold-services): Likewise. * gnu/system.scm (locale-name->definition*): Likewise. * gnu/system/mapped-devices.scm (check-device-initrd-modules): Likewise. (check-luks-device): Likewise. * guix/channels.scm (latest-channel-instance): Likewise. * guix/cve.scm (json->cve-items): Likewise. * guix/git-authenticate.scm (commit-signing-key): Likewise. (commit-authorized-keys): Likewise. (authenticate-commit): Likewise. (verify-introductory-commit): Likewise. * guix/remote.scm (remote-pipe-for-gexp): Likewise. * guix/scripts/graph.scm (assert-package): Likewise. * guix/scripts/offload.scm (private-key-from-file*): Likewise. * guix/ssh.scm (authenticate-server*): Likewise. (open-ssh-session): Likewise. (remote-inferior): Likewise. * guix/ui.scm (matching-generations): Likewise. * guix/upstream.scm (package-update): Likewise. * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"): Catch 'formatted-message?'. ("authenticate-channel, wrong first commit signer"): Likewise. * tests/lint.scm ("patches: not found"): Adjust message string. * tests/packages.scm ("patch not found yields a run-time error"): Catch 'formatted-message?'. * guix/lint.scm (check-patch-file-names): Handle 'formatted-message?'. (check-derivation): Ditto. --- guix/git-authenticate.scm | 86 ++++++++++++++++++++++------------------------- 1 file changed, 41 insertions(+), 45 deletions(-) (limited to 'guix/git-authenticate.scm') diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index 6cfc7fabe1..4ab5419bd6 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -24,6 +24,7 @@ #:use-module ((guix git) #:select (commit-difference false-if-git-not-found)) #:use-module (guix i18n) + #:use-module ((guix diagnostics) #:select (formatted-message)) #:use-module (guix openpgp) #:use-module ((guix utils) #:select (cache-directory with-atomic-file-output)) @@ -105,23 +106,21 @@ not in KEYRING." (lambda _ (values #f #f))))) (unless signature - (raise (condition - (&unsigned-commit-error (commit commit-id)) - (&message - (message (format #f (G_ "commit ~a lacks a signature") - (oid->string commit-id))))))) + (raise (make-compound-condition + (condition (&unsigned-commit-error (commit commit-id))) + (formatted-message (G_ "commit ~a lacks a signature") + (oid->string commit-id))))) (let ((signature (string->openpgp-packet signature))) (when (memq (openpgp-signature-hash-algorithm signature) `(,@disallowed-hash-algorithms md5)) - (raise (condition - (&unsigned-commit-error (commit commit-id)) - (&message - (message (format #f (G_ "commit ~a has a ~a signature, \ + (raise (make-compound-condition + (condition (&unsigned-commit-error (commit commit-id))) + (formatted-message (G_ "commit ~a has a ~a signature, \ which is not permitted") - (oid->string commit-id) - (openpgp-signature-hash-algorithm - signature))))))) + (oid->string commit-id) + (openpgp-signature-hash-algorithm + signature))))) (with-fluids ((%default-port-encoding "UTF-8")) (let-values (((status data) @@ -130,23 +129,22 @@ which is not permitted") (match status ('bad-signature ;; There's a signature but it's invalid. - (raise (condition - (&signature-verification-error (commit commit-id) - (signature signature) - (keyring keyring)) - (&message - (message (format #f (G_ "signature verification failed \ + (raise (make-compound-condition + (condition + (&signature-verification-error (commit commit-id) + (signature signature) + (keyring keyring))) + (formatted-message (G_ "signature verification failed \ for commit ~a") - (oid->string commit-id))))))) + (oid->string commit-id))))) ('missing-key - (raise (condition - (&missing-key-error (commit commit-id) - (signature signature)) - (&message - (message (format #f (G_ "could not authenticate \ + (raise (make-compound-condition + (condition (&missing-key-error (commit commit-id) + (signature signature))) + (formatted-message (G_ "could not authenticate \ commit ~a: key ~a is missing") - (oid->string commit-id) - (openpgp-format-fingerprint data))))))) + (oid->string commit-id) + (openpgp-format-fingerprint data))))) ('good-signature data))))))) (define (read-authorizations port) @@ -179,13 +177,13 @@ does not specify anything, fall back to DEFAULT-AUTHORIZATIONS." ;; If COMMIT removes the '.guix-authorizations' file found in one of its ;; parents, raise an error. (when (parents-have-authorizations-file? commit) - (raise (condition - (&unauthorized-commit-error (commit (commit-id commit)) - (signing-key #f)) - (&message - (message (format #f (G_ "commit ~a attempts \ + (raise (make-compound-condition + (condition + (&unauthorized-commit-error (commit (commit-id commit)) + (signing-key #f))) + (formatted-message (G_ "commit ~a attempts \ to remove '.guix-authorizations' file") - (oid->string (commit-id commit))))))))) + (oid->string (commit-id commit))))))) (define (commit-authorizations commit) (catch 'git-error @@ -234,16 +232,16 @@ not specify anything, fall back to DEFAULT-AUTHORIZATIONS." (unless (member (openpgp-public-key-fingerprint signing-key) (commit-authorized-keys repository commit default-authorizations)) - (raise (condition - (&unauthorized-commit-error (commit id) - (signing-key signing-key)) - (&message - (message (format #f (G_ "commit ~a not signed by an authorized \ + (raise (make-compound-condition + (condition + (&unauthorized-commit-error (commit id) + (signing-key signing-key))) + (formatted-message (G_ "commit ~a not signed by an authorized \ key: ~a") - (oid->string id) - (openpgp-format-fingerprint - (openpgp-public-key-fingerprint - signing-key)))))))) + (oid->string id) + (openpgp-format-fingerprint + (openpgp-public-key-fingerprint + signing-key)))))) signing-key) @@ -366,13 +364,11 @@ EXPECTED-SIGNER." (commit-signing-key repository (commit-id commit) keyring))) (unless (bytevector=? expected-signer actual-signer) - (raise (condition - (&message - (message (format #f (G_ "initial commit ~a is signed by '~a' \ + (raise (formatted-message (G_ "initial commit ~a is signed by '~a' \ instead of '~a'") (oid->string (commit-id commit)) (openpgp-format-fingerprint actual-signer) - (openpgp-format-fingerprint expected-signer)))))))) + (openpgp-format-fingerprint expected-signer))))) (define* (authenticate-repository repository start signer #:key -- cgit v1.2.3