diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2022-12-12 14:55:32 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2022-12-12 15:03:05 +0100 |
| commit | 3677b97030e5954fa26bdb435e0d3379a1a4ec43 (patch) | |
| tree | bb3d364684a72d6dd8461c3f2be543018a770848 | |
| parent | 94e9651241b3e827531779717952d386535801f3 (diff) | |
pki: 'public-keys->acl' deduplicates entries.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>
in <https://issues.guix.gnu.org/50892>.
* guix/pki.scm (public-keys->acl): Add call to 'delete-duplicates'.
* tests/pki.scm ("public-keys->acl deduplication"): New test.
| -rw-r--r-- | guix/pki.scm | 8 | ||||
| -rw-r--r-- | tests/pki.scm | 6 |
2 files changed, 10 insertions, 4 deletions
diff --git a/guix/pki.scm b/guix/pki.scm index 6326e065e9..c5b2fb9634 100644 --- a/guix/pki.scm +++ b/guix/pki.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2016, 2022 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -21,6 +21,7 @@ #:use-module (gcrypt pk-crypto) #:use-module ((guix utils) #:select (with-atomic-file-output)) #:use-module ((guix build utils) #:select (mkdir-p)) + #:autoload (srfi srfi-1) (delete-duplicates) #:use-module (ice-9 match) #:use-module (ice-9 rdelim) #:use-module (ice-9 binary-ports) @@ -61,9 +62,10 @@ element in KEYS must be a canonical sexp with type 'public-key'." ;; want to have name certificates and to use subject names instead of ;; complete keys. `(acl ,@(map (lambda (key) - `(entry ,(canonical-sexp->sexp key) + `(entry ,key (tag (guix import)))) - keys))) + (delete-duplicates + (map canonical-sexp->sexp keys))))) (define %acl-file (string-append %config-directory "/acl")) diff --git a/tests/pki.scm b/tests/pki.scm index d6a6b476c7..86daff8ddf 100644 --- a/tests/pki.scm +++ b/tests/pki.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2013, 2014, 2022 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -66,6 +66,10 @@ (test-assert "authorized-key? public-key singleton" (authorized-key? %public-key (public-keys->acl (list %public-key)))) +(test-equal "public-keys->acl deduplication" + (public-keys->acl (list %public-key)) + (public-keys->acl (make-list 10 %public-key))) + (test-assert "signature-case valid-signature" (let* ((hash (sha256 #vu8(1 2 3))) (data (bytevector->hash-data hash #:key-type (key-type %public-key))) |