From 0ba91c945be8a963ac9d11ae538c4e8b30374558 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Sat, 11 May 2013 12:44:19 +0200
Subject: gnupg: Turn the GPG command name and keyserver into parameters.

* guix/gnupg.scm (%gpg-command): Turn into a SRFI-39 parameter.
  (%openpgp-key-server): Likewise.  Default to pgp.mit.edu, as
  keys.gnupg.net is unreliable.
  Update users.
---
 guix/gnupg.scm | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

(limited to 'guix/gnupg.scm')

diff --git a/guix/gnupg.scm b/guix/gnupg.scm
index ee67bea91b..c17a495f81 100644
--- a/guix/gnupg.scm
+++ b/guix/gnupg.scm
@@ -22,7 +22,9 @@
   #:use-module (ice-9 regex)
   #:use-module (ice-9 rdelim)
   #:use-module (srfi srfi-1)
-  #:export (gnupg-verify
+  #:export (%gpg-command
+            %openpgp-key-server
+            gnupg-verify
             gnupg-verify*
             gnupg-status-good-signature?
             gnupg-status-missing-key?))
@@ -33,8 +35,14 @@
 ;;;
 ;;; Code:
 
-(define %gpg-command "gpg2")
-(define %openpgp-key-server "keys.gnupg.net")
+(define %gpg-command
+  ;; The GnuPG 2.x command-line program name.
+  (make-parameter "gpg2"))
+
+(define %openpgp-key-server
+  ;; The default key server.  Note that keys.gnupg.net appears to be
+  ;; unreliable.
+  (make-parameter "pgp.mit.edu"))
 
 (define (gnupg-verify sig file)
   "Verify signature SIG for FILE.  Return a status s-exp if GnuPG failed."
@@ -106,7 +114,7 @@
           (loop (read-line input)
                 (cons (status-line->sexp line) result)))))
 
-  (let* ((pipe   (open-pipe* OPEN_READ %gpg-command "--status-fd=1"
+  (let* ((pipe   (open-pipe* OPEN_READ (%gpg-command) "--status-fd=1"
                              "--verify" sig file))
          (status (parse-status pipe)))
     ;; Ignore PIPE's exit status since STATUS above should contain all the
@@ -135,9 +143,9 @@ missing key."
        status))
 
 (define (gnupg-receive-keys key-id server)
-  (system* %gpg-command "--keyserver" server "--recv-keys" key-id))
+  (system* (%gpg-command) "--keyserver" server "--recv-keys" key-id))
 
-(define* (gnupg-verify* sig file #:optional (server %openpgp-key-server))
+(define* (gnupg-verify* sig file #:optional (server (%openpgp-key-server)))
   "Like `gnupg-verify', but try downloading the public key if it's missing.
 Return #t if the signature was good, #f otherwise."
   (let ((status (gnupg-verify sig file)))
-- 
cgit v1.2.3