Commit Graph

71 Commits

Author SHA1 Message Date
Ludovic Courtès 9b7bd1b160 substitute: Add HTTPS support.
Fixes <http://bugs.gnu.org/22937>.
Reported by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'.  Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise.  Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'.  Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it.  Explain why servers
are not authenticated.  Add "On Trusting Binaries" subsection.
2016-03-10 13:55:30 +01:00
Ludovic Courtès 204d34ff96 substitute: Error out on unsupported URL schemes.
Reported in <http://bugs.gnu.org/22937>
by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
2016-03-09 23:47:49 +01:00
Ludovic Courtès ae4427e3f3 substitute: Warn upon store prefix mismatches.
Suggested by Hynek Urban <hynek.urban@gmail.com>.

* guix/scripts/substitute.scm (fetch-narinfos): Move body to...
[do-fetch]: ... here.  New procedure.
Emit a warning when CACHE-INFO's prefix does not match.
2015-11-28 00:02:23 +01:00
Ludovic Courtès 55b2fc1877 substitute: Honor all the specified server URLs.
* guix/scripts/substitute.scm (lookup-narinfos/diverse): New procedure.
  (lookup-narinfo): Use it.
  (process-query): Change #:cache-url to #:cache-urls.
  [valid?]: Remove 'narinfo?' check, which is no longer necessary.
  Use 'lookup-narinfos/diverse' instead of 'lookup-narinfos'.
  (process-substitution): Change #:cache-url to #:cache-urls.
  (%cache-url): Rename to...
  (%cache-urls): ... this.  Turn into a list.
  (guix-substitute): Remove 'getaddrinfo' test with early exit.  Adjust
  calls to 'process-query' and 'process-substitution'.
* tests/substitute.scm: Change '%cache-url' to '%cache-urls'.
2015-10-28 12:04:03 +01:00
Ludovic Courtès a89dde1ed8 substitute: 'lookup-narinfos' returns exactly a list of narinfos.
* guix/scripts/substitute.scm (lookup-narinfos): Filter out #f values
  from CACHED, such that the end result is exactly a list of narinfos,
  not interspersed with #f.
* guix/scripts/challenge.scm (discrepancies): Assume REMOTE is a list of
  narinfos.
2015-10-28 12:04:03 +01:00
Ludovic Courtès f151298fa0 substitute: 'http-multiple-get' follows 'fold' style.
* guix/scripts/substitute.scm (http-multiple-get): Add 'seed'
  parameter.  Call PROC in 'fold' style.
  (fetch-narinfos)[handle-narinfo-response]: Adjust accordingly.
  Update 'http-multiple-get' call accordingly.
2015-10-28 12:04:03 +01:00
Ludovic Courtès ea0c6e0507 substitute: Expose narinfo access.
* guix/scripts/substitute.scm: Export <narinfo> accessors.
  (narinfo-hash->sha256): New procedure.
  (cache-narinfo!): Ignore EACCES exceptions.
2015-10-19 23:12:34 +02:00
Steve Sprang a8be7b9a7a substitute: Improve readability of download progress report.
* guix/build/download.scm
  (string-pad-middle, store-url-abbreviation, store-path-abbreviation):
  New procedures.
  (progress-proc): Add #:abbreviation parameter and use it.  Generate a
  better indeterminate progress string.
* guix/scripts/substitute.scm (assert-valid-narinfo): Add newlines to output.
  (process-substitution): Use byte-count->string and store-path-abbreviation.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2015-09-16 23:50:12 +02:00
Ludovic Courtès 9d2f48df02 publish: Gracefully handle the lack of a deriver.
* guix/scripts/publish.scm (narinfo-string): Catch 'system-error' around
  'load-derivation' call; return BASE-INFO upon ENOENT.  This allows us
  to return the narinfo even if DERIVER is missing.  Before that, the
  exception would be uncaught, leading to 500 Internal Error on the
  client side.
2015-09-04 00:13:05 +02:00
Ludovic Courtès ef8f910fce substitute: Improve functional decomposition.
* guix/scripts/substitute.scm (display-narinfo-data,
  process-query, process-substitution): New procedures.  Code moved from...
  (guix-substitute): ... here.  Use them.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 24f5aaaf24 substitute: Honor "substitute-urls" option passed by "untrusted" clients.
* guix/scripts/substitute.scm (or*): New macro.
  (%cache-url): Honor "untrusted-substitute-urls".
* guix/tests.scm (%test-substitute-urls): New variable.
  (open-connection-for-tests): Use it.
* tests/derivations.scm ("derivation-prerequisites-to-build and substitutes",
  "derivation-prerequisites-to-build and substitutes, non-substitutable
  build", "derivation-prerequisites-to-build and substitutes, local build"):
  Pass it to 'set-build-options'.
* tests/guix-daemon.sh: Likewise.
* tests/store.scm ("substitute query, alternating URLs"): New test.
  ("substitute query", "substitute", "substitute + build-things with output
  path", "substitute, corrupt output hash", "substitute --fallback"): Pass
  #:substitute-urls to 'set-build-options'.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 895d1eda54 substitute: Store cached narinfo in cache-specific sub-directories.
This ensures that switching between different substitute servers doesn't lead
to a polluted narinfo cache.

* guix/scripts/substitute.scm (narinfo-cache-file): Add 'cache-url'
  parameter.  Add the base32 of CACHE-URL as a sub-directory under
  %NARINFO-CACHE-DIRECTORY.  Update callers.
  (cached-narinfo): Likewise.  Call 'mkdir-p' on the dirname of the cache
  file.  Update callers.
  (remove-expired-cached-narinfos): Add 'directory' parameter and use it
  instead of %NARINFO-CACHE-DIRECTORY.
  (narinfo-cache-directories): New procedure.
  (maybe-remove-expired-cached-narinfo): Call 'remove-expired-cached-narinfos'
  for each item returned by 'narinfo-cache-directories'.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 074efd63a8 substitute: Pass the cache URL instead of <cache> objects.
* guix/scripts/substitute.scm (<cache>): Rename to...
  (<cache-info>): ... this.
  (open-cache): Rename to...
  (download-cache-info): ... this.  Return a <cache-info> or #f.
  (open-cache*): Remove.
  (cache-narinfo!): Take a URL instead of a <cache> as the first parameter.
  (fetch-narinfos): Likewise.  Call 'download-cache-info'.  Remove use of
  'force'.
  (guix-substitute): Replace calls to 'open-cache*' with %CACHE-URL.
2015-07-13 18:29:01 +02:00
Ludovic Courtès e4e099feca substitute: Remove unneeded conditionals.
* guix/scripts/substitute.scm (guix-substitute): Remove unneeded (if cache
  ...) forms since CACHE is always true (it's a promise.)
2015-07-13 18:29:01 +02:00
Andy Patterson 075d99f195 substitute: Avoid infinite loop when updating the substitute list.
Reported
at <http://lists.gnu.org/archive/html/guix-devel/2015-07/msg00119.html>.

* guix/scripts/substitute.scm (http-multiple-get): When RESP has "Connection:
  close", consume HEAD anyway; always call PROC to read from BODY.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2015-07-07 01:04:02 +02:00
Ludovic Courtès 09d809db6a Remove assorted Guile 2.0.5 workarounds.
* guix/scripts/authenticate.scm (%default-port-conversion-strategy):
  Remove.
* guix/scripts/substitute.scm (fetch): Remove 2.0.5 special cases.
* guix/serialization.scm (write-file): Remove 'scandir' workaround.
* guix/ui.scm (command-files): Likewise.
2015-05-10 11:07:51 +02:00
Ludovic Courtès 7623848343 download: Work around Guile small-receive-buffer bug.
Previously, code using directly (guix build download) was still affected
by <http://bugs.gnu.org/15368>.  This includes source derivations, the
'guix download' command, and (guix gnu-maintenance).

'guix substitute' was unaffected since it used (guix http-client), which
already had the fix.

* guix/http-client.scm (open-socket-for-uri): Remove.
  (http-fetch): Remove #:buffered? argument to 'open-socket-for-uri';
  use 'setvbuf' instead.
* guix/scripts/substitute.scm (fetch): Likewise.
* guix/build/download.scm (open-socket-for-uri): New procedure, taken
  from guix/http-client.scm, but without the #:buffered? parameter.
2015-05-06 10:31:11 +02:00
Ludovic Courtès 5e6039a48b substitute: Increase TTL from 24h to 36h.
* guix/scripts/substitute.scm (%narinfo-ttl): Increase to 36h.
2015-05-04 23:30:51 +02:00
Ludovic Courtès 310709ae58 substitute: Fix file descriptor leak in 'http-multiple-get'.
In practice we would not leak much since we reconnect after ~100
requests (with nginx running on hydra.gnu.org.)

* guix/scripts/substitute.scm (http-multiple-get): Call 'close-port'
  before 'connect'.
2015-05-01 12:50:27 +02:00
Ludovic Courtès 614c218842 substitute: Rename cache directory from "substitute-binary" to "substitute".
* guix/scripts/substitute.scm (%narinfo-cache-directory): Change
  "substitute-binary" to "substitute".
* tests/store.scm ("substitute query"): Likewise.
* tests/substitute.scm (call-with-narinfo): Likewise.
2015-03-25 10:46:22 +01:00
Ludovic Courtès 2c74fde00e Rename 'guix substitute-binary' to 'guix substitute'.
* guix/scripts/substitute-binary.scm: Rename to...
* guix/scripts/substitute.scm: ... this.  Adjust module name, entry
  point, comments, and help string accordingly.
* nix/scripts/substitute-binary.in: Rename to...
* nix/scripts/substitute.in: ... this.
* pre-inst-env.in (NIX_SUBSTITUTERS): Adjust accordingly.
* tests/substitute-binary.scm: Rename to...
* tests/substitute.scm: ... this.  Adjust references to (guix scripts
  substitute) accordingly.
* guix/ui.scm (show-guix-help)[internal?]: Change "substitute-binary" to
  "substitute".
* Makefile.am (MODULES, SCM_TESTS): Adjust to file renames.
* daemon.am (nodist_pkglibexec_SCRIPTS): Likewise.
* config-daemon.ac: Likewise.
* guix/tests.scm (call-with-derivation-narinfo): Adjust comments and
  docstring.
2015-03-25 10:46:22 +01:00