From af91c2d540ef437e3f663b2c18c76dc2b94e13d2 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 27 Mar 2023 10:55:31 +0200 Subject: substitute: Gracefully handle TLS termination while fetching narinfos. Fixes . * guix/substitutes.scm (call-with-connection-error-handling): Add 'gnutls-error case. --- guix/substitutes.scm | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'guix') diff --git a/guix/substitutes.scm b/guix/substitutes.scm index 84c7be83ca..e732096933 100644 --- a/guix/substitutes.scm +++ b/guix/substitutes.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès +;;; Copyright © 2013-2021, 2023 Ludovic Courtès ;;; Copyright © 2014 Nikita Karetnikov ;;; Copyright © 2018 Kyle Meyer ;;; Copyright © 2020 Christopher Baines @@ -35,6 +35,7 @@ #:select ((open-connection-for-uri . guix:open-connection-for-uri) resolve-uri-reference)) + #:autoload (gnutls) (error->string error/premature-termination) #:use-module (guix progress) #:use-module (ice-9 match) #:use-module (ice-9 format) @@ -152,6 +153,13 @@ indicates that PATH is unavailable at CACHE-URL." (strerror (system-error-errno `(system-error ,@args))))) #f) + (('gnutls-error error proc . rest) + (if (eq? error error/premature-termination) + (begin + (warning (G_ "~a: TLS connection failed: in ~a: ~a~%") host + proc (error->string error)) + #f) + (apply throw 'gnutls-error error proc rest))) (args (apply throw args))))) -- cgit v1.2.3 From 836297eae5ebe5fd0d434056db64770acc3f3275 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 27 Mar 2023 12:01:05 +0200 Subject: syscalls: 'getxattr' throws upon error. * guix/build/syscalls.scm (getxattr): Throw in the negative SIZE case. --- guix/build/syscalls.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'guix') diff --git a/guix/build/syscalls.scm b/guix/build/syscalls.scm index df9b9f6ac7..d947b010d3 100644 --- a/guix/build/syscalls.scm +++ b/guix/build/syscalls.scm @@ -970,7 +970,10 @@ backend device." (string->pointer key) (string->pointer "") 0))) - (cond ((< size 0) #f) + (cond ((< size 0) + (throw 'system-error "getxattr" "~S: ~A" + (list file key (strerror err)) + (list err))) ((zero? size) "") ;; Get VALUE in buffer of SIZE. XXX actual size can race. (else (let*-values (((buf) (make-bytevector size)) -- cgit v1.2.3 From ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Mon, 27 Mar 2023 18:48:07 +0200 Subject: lint: Prevent inlining of 'package-vulnerabilities'. * guix/lint.scm (package-vulnerabilities): Prevent inlining. --- guix/lint.scm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'guix') diff --git a/guix/lint.scm b/guix/lint.scm index 3ed7fd6e4d..9eece374ff 100644 --- a/guix/lint.scm +++ b/guix/lint.scm @@ -1,7 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Cyril Roelandt ;;; Copyright © 2014, 2015 Eric Bavier -;;; Copyright © 2013-2022 Ludovic Courtès +;;; Copyright © 2013-2023 Ludovic Courtès ;;; Copyright © 2015, 2016 Mathieu Lirzin ;;; Copyright © 2016 Danny Milosavljevic ;;; Copyright © 2016 Hartmut Goebel @@ -1485,6 +1485,9 @@ the NIST server non-fatal." (package-version package)))) ((force lookup) name version))))) +;; Prevent Guile 3 from inlining this procedure so we can mock it in tests. +(set! package-vulnerabilities package-vulnerabilities) + (define* (check-vulnerabilities package #:optional (package-vulnerabilities package-vulnerabilities)) -- cgit v1.2.3 From c9af27d4ca733b20f09019f1465d3e5fdc1ec724 Mon Sep 17 00:00:00 2001 From: Felix Lechner Date: Mon, 20 Mar 2023 21:25:41 -0700 Subject: lint: Append "/info/refs" to git-reference-url. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For the atftp package added in the preceeding commit, lint produced this warning: gnu/packages/networking.scm:2924:5: atftp@0.8.0: URI https://git.code.sf.net/p/atftp/code not reachable: 404 ("Not Found") Thanks to Sergey Trofimov for suggesting a fix! [1] [1] https://issues.guix.gnu.org/62156#3 It was implemented here, and the warning disappeared. * guix/lint.scm (check-source): Append "/info/refs" to git-reference-url. Co-authored-by: Sergey Trofimov Signed-off-by: Ludovic Courtès --- guix/lint.scm | 9 ++++++++- tests/lint.scm | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) (limited to 'guix') diff --git a/guix/lint.scm b/guix/lint.scm index 9eece374ff..3a93ba5325 100644 --- a/guix/lint.scm +++ b/guix/lint.scm @@ -1224,7 +1224,14 @@ password, provided REF's URI is HTTP or HTTPS." '()))) ((git-reference? (origin-uri origin)) (warnings-for-uris - (list (string->uri (git-reference-url (origin-uri origin)))))) + ;; for atftp, lint produced a warning: + ;; gnu/packages/networking.scm:2924:5: atftp@0.8.0: + ;; URI https://git.code.sf.net/p/atftp/code not reachable: + ;; 404 ("Not Found") + ;; fix from here: https://issues.guix.gnu.org/62156#3 + (list (string->uri (string-append + (git-reference-url (origin-uri origin)) + "/info/refs"))))) ((or (svn-reference? (origin-uri origin)) (svn-multi-reference? (origin-uri origin))) (let ((uri (svn-reference-uri-with-userinfo (origin-uri origin)))) diff --git a/tests/lint.scm b/tests/lint.scm index ce22e2355a..71e38550a1 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -1052,7 +1052,7 @@ (parameterize ((%http-server-port 0)) (with-http-server `((,redirect "")) (test-equal "source, git-reference: 301 -> 200" - (format #f "permanent redirect from ~a to ~a" + (format #f "permanent redirect from ~a/info/refs to ~a" (%local-url) initial-url) (let ((pkg (dummy-package "x" -- cgit v1.2.3 From cc7a79a8ade673cc66249c7b4583a0074348b370 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 28 Mar 2023 21:18:27 -0400 Subject: Revert "lint: Append "/info/refs" to git-reference-url." This reverts commit c9af27d4ca733b20f09019f1465d3e5fdc1ec724. The change causes 'guix lint' to print URI not reachable (403) errors for GitHub every URLs. --- guix/lint.scm | 9 +-------- tests/lint.scm | 2 +- 2 files changed, 2 insertions(+), 9 deletions(-) (limited to 'guix') diff --git a/guix/lint.scm b/guix/lint.scm index 3a93ba5325..9eece374ff 100644 --- a/guix/lint.scm +++ b/guix/lint.scm @@ -1224,14 +1224,7 @@ password, provided REF's URI is HTTP or HTTPS." '()))) ((git-reference? (origin-uri origin)) (warnings-for-uris - ;; for atftp, lint produced a warning: - ;; gnu/packages/networking.scm:2924:5: atftp@0.8.0: - ;; URI https://git.code.sf.net/p/atftp/code not reachable: - ;; 404 ("Not Found") - ;; fix from here: https://issues.guix.gnu.org/62156#3 - (list (string->uri (string-append - (git-reference-url (origin-uri origin)) - "/info/refs"))))) + (list (string->uri (git-reference-url (origin-uri origin)))))) ((or (svn-reference? (origin-uri origin)) (svn-multi-reference? (origin-uri origin))) (let ((uri (svn-reference-uri-with-userinfo (origin-uri origin)))) diff --git a/tests/lint.scm b/tests/lint.scm index 71e38550a1..ce22e2355a 100644 --- a/tests/lint.scm +++ b/tests/lint.scm @@ -1052,7 +1052,7 @@ (parameterize ((%http-server-port 0)) (with-http-server `((,redirect "")) (test-equal "source, git-reference: 301 -> 200" - (format #f "permanent redirect from ~a/info/refs to ~a" + (format #f "permanent redirect from ~a to ~a" (%local-url) initial-url) (let ((pkg (dummy-package "x" -- cgit v1.2.3