diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-12-22 15:26:30 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-12-22 15:26:30 +0100 |
commit | f30830b2e67d973f2363903dbe5b27269da1901a (patch) | |
tree | 851a3a361cde2e083c418c54a1932bd57096c5a0 /guix/scripts/substitute.scm | |
parent | 34f1838f04c7c359da8dbba86817499630ce7f01 (diff) | |
parent | 25ec3684e3529fae290d389ba11755c7e7c016ea (diff) | |
download | guix-patches-f30830b2e67d973f2363903dbe5b27269da1901a.tar guix-patches-f30830b2e67d973f2363903dbe5b27269da1901a.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'guix/scripts/substitute.scm')
-rwxr-xr-x | guix/scripts/substitute.scm | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/guix/scripts/substitute.scm b/guix/scripts/substitute.scm index d6dc9b6448..53b1777241 100755 --- a/guix/scripts/substitute.scm +++ b/guix/scripts/substitute.scm @@ -392,12 +392,21 @@ No authentication and authorization checks are performed here!" (define (narinfo-sha256 narinfo) "Return the sha256 hash of NARINFO as a bytevector, or #f if NARINFO lacks a 'Signature' field." + (define %mandatory-fields + ;; List of fields that must be signed. If they are not signed, the + ;; narinfo is considered unsigned. + '("StorePath" "NarHash" "References")) + (let ((contents (narinfo-contents narinfo))) (match (string-contains contents "Signature:") (#f #f) (index - (let ((above-signature (string-take contents index))) - (sha256 (string->utf8 above-signature))))))) + (let* ((above-signature (string-take contents index)) + (signed-fields (match (call-with-input-string above-signature + fields->alist) + (((fields . values) ...) fields)))) + (and (every (cut member <> signed-fields) %mandatory-fields) + (sha256 (string->utf8 above-signature)))))))) (define* (valid-narinfo? narinfo #:optional (acl (current-acl)) #:key verbose?) |