Commit Graph

31 Commits

Author SHA1 Message Date
Ludovic Courtès 8c321299c5 substitute: Gracefully handle TLS errors.
* guix/scripts/substitute.scm (with-networking): Use 'match-lambda*' and
add case for 'gnutls-error'.
2016-03-23 00:23:12 +01:00
Ludovic Courtès b879b3e848 substitute: Do not leak file descriptors for TLS connections.
Partially fixes <http://bugs.gnu.org/20145>.

* guix/scripts/substitute.scm (fetch, download-cache-info):
(http-multiple-get, fetch-narinfos, progress-report-port): Use
'close-connection' instead of 'close-port'.
2016-03-17 23:53:53 +01:00
Ludovic Courtès 958fb14cdb substitute: Cache transient HTTP errors for 10mn.
* guix/scripts/substitute.scm (fetch-narinfos)[handle-narinfo-response]:
Cache transient errors for 10mn.
(%narinfo-transient-error-ttl): New variable.
2016-03-17 23:53:53 +01:00
Ludovic Courtès fc3ea24bf4 substitute: Update progress for responses different from 200/404.
* guix/scripts/substitute.scm (fetch-narinfos)[handle-narinfo-response]:
Add missing call to 'update-progress!'.
2016-03-17 23:53:53 +01:00
Ludovic Courtès 71e2065a38 substitute: Honor client-provided empty URL list.
Before that, 'guix build --substitute-urls=""' would lead to using the
daemon's own URL list instead of the empty list.  The 'or*' hack, which
is to blame, had become unnecessary since commit
fb4bf72be3.

Reported by Mark H Weaver <mhw@netris.org>.

* guix/scripts/substitute.scm (or*): Remove.
(%cache-urls): Use 'or' instead of 'or*'.
* tests/store.scm ("substitute query, alternating URLs"): Add test with
empty URL list.
* doc/guix.texi (Common Build Options): Mention the empty string.
2016-03-16 18:34:53 +01:00
Ludovic Courtès 23d60ba65c substitute: Honor the 'max-age' of 'Cache-Control' headers.
This allows substitute servers to tell 'guix substitute' how long they
can cache narinfo lookups.

* guix/scripts/substitute.scm (cache-narinfo!): Add 'ttl' parameter.
[cache-entry]: Honor it.
(fetch-narinfos)[handle-narinfo-response]: Check the 'Cache-Control'
header of RESPONSE and pass its 'max-age' value to 'cache-narinfo!'.
2016-03-16 15:57:47 +01:00
Ludovic Courtès 1cf7e31898 substitute: Make room for a 'ttl' field in cached entries.
* guix/scripts/substitute.scm (cached-narinfo): Expect 'narinfo' sexp
version 2 with a 'ttl' field.
(cache-narinfo!)[cache-entry]: Produce 'narinfo' sexp version 2 with a
'ttl' field.
(remove-expired-cached-narinfos)[expired?]: Read 'narinfo' sexp version 2.
2016-03-16 15:57:47 +01:00
Ludovic Courtès 026ca50fa4 substitute: Keep the initial connection alive.
The connection used to fetch /nix-cache-info is now reused for the
subsequent narinfo requests.

* guix/scripts/substitute.scm (download-cache-info)[download]: Remove.
[uri, read-cache-info]: New variables.
Rewrite in terms of 'http-fetch' instead of 'fetch'.  Return an open
port in addition to a <cache-info>.
* guix/scripts/substitute.scm (http-multiple-get): Add #:port parameter
and honor it.
(fetch-narinfos)[do-fetch]: Add 'port' parameter.
Adjust to new 'download-cache-info' and 'do-fetch' signatures.
2016-03-14 23:34:33 +01:00
Ludovic Courtès cc27dbcf4a substitute: Remove dead code.
This parameter became unused with the switch to HTTP pipelining in
commit d3a652037e.

* guix/scripts/substitute.scm (fetch): Remove #:quiet-404? and adjust
accordingly.
2016-03-14 23:34:33 +01:00
Ludovic Courtès ec278439f3 substitute: Optimize HTTP pipelining over TLS.
* guix/scripts/substitute.scm (http-multiple-get): Write the requests
to a bytevector output port before sending them.
2016-03-10 13:55:30 +01:00
Ludovic Courtès 9b7bd1b160 substitute: Add HTTPS support.
Fixes <http://bugs.gnu.org/22937>.
Reported by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'https' alongside 'http'.
Use 'open-connection-for-uri' instead of 'open-socket-for-uri'.  Call
'setvbuf' only when PORT matches 'file-port?'.
(http-multiple-get): Likewise.  Change 'base-url' parameter to
'base-uri'.
(fetch-narinfos)[do-fetch]: Add 'https' case alongside 'http'.  Pass URI
instead of URL to 'http-multiple-get'.
* doc/guix.texi (Requirements): Move GnuTLS one level higher and mention
HTTPS substitutes.
(Substitutes): Mention HTTPS and recommend it.  Explain why servers
are not authenticated.  Add "On Trusting Binaries" subsection.
2016-03-10 13:55:30 +01:00
Ludovic Courtès 204d34ff96 substitute: Error out on unsupported URL schemes.
Reported in <http://bugs.gnu.org/22937>
by Chris Marusich <cmmarusich@gmail.com>.

* guix/scripts/substitute.scm (fetch): Add 'else' case and call 'leave'.
2016-03-09 23:47:49 +01:00
Ludovic Courtès ae4427e3f3 substitute: Warn upon store prefix mismatches.
Suggested by Hynek Urban <hynek.urban@gmail.com>.

* guix/scripts/substitute.scm (fetch-narinfos): Move body to...
[do-fetch]: ... here.  New procedure.
Emit a warning when CACHE-INFO's prefix does not match.
2015-11-28 00:02:23 +01:00
Ludovic Courtès 55b2fc1877 substitute: Honor all the specified server URLs.
* guix/scripts/substitute.scm (lookup-narinfos/diverse): New procedure.
  (lookup-narinfo): Use it.
  (process-query): Change #:cache-url to #:cache-urls.
  [valid?]: Remove 'narinfo?' check, which is no longer necessary.
  Use 'lookup-narinfos/diverse' instead of 'lookup-narinfos'.
  (process-substitution): Change #:cache-url to #:cache-urls.
  (%cache-url): Rename to...
  (%cache-urls): ... this.  Turn into a list.
  (guix-substitute): Remove 'getaddrinfo' test with early exit.  Adjust
  calls to 'process-query' and 'process-substitution'.
* tests/substitute.scm: Change '%cache-url' to '%cache-urls'.
2015-10-28 12:04:03 +01:00
Ludovic Courtès a89dde1ed8 substitute: 'lookup-narinfos' returns exactly a list of narinfos.
* guix/scripts/substitute.scm (lookup-narinfos): Filter out #f values
  from CACHED, such that the end result is exactly a list of narinfos,
  not interspersed with #f.
* guix/scripts/challenge.scm (discrepancies): Assume REMOTE is a list of
  narinfos.
2015-10-28 12:04:03 +01:00
Ludovic Courtès f151298fa0 substitute: 'http-multiple-get' follows 'fold' style.
* guix/scripts/substitute.scm (http-multiple-get): Add 'seed'
  parameter.  Call PROC in 'fold' style.
  (fetch-narinfos)[handle-narinfo-response]: Adjust accordingly.
  Update 'http-multiple-get' call accordingly.
2015-10-28 12:04:03 +01:00
Ludovic Courtès ea0c6e0507 substitute: Expose narinfo access.
* guix/scripts/substitute.scm: Export <narinfo> accessors.
  (narinfo-hash->sha256): New procedure.
  (cache-narinfo!): Ignore EACCES exceptions.
2015-10-19 23:12:34 +02:00
Steve Sprang a8be7b9a7a substitute: Improve readability of download progress report.
* guix/build/download.scm
  (string-pad-middle, store-url-abbreviation, store-path-abbreviation):
  New procedures.
  (progress-proc): Add #:abbreviation parameter and use it.  Generate a
  better indeterminate progress string.
* guix/scripts/substitute.scm (assert-valid-narinfo): Add newlines to output.
  (process-substitution): Use byte-count->string and store-path-abbreviation.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2015-09-16 23:50:12 +02:00
Ludovic Courtès 9d2f48df02 publish: Gracefully handle the lack of a deriver.
* guix/scripts/publish.scm (narinfo-string): Catch 'system-error' around
  'load-derivation' call; return BASE-INFO upon ENOENT.  This allows us
  to return the narinfo even if DERIVER is missing.  Before that, the
  exception would be uncaught, leading to 500 Internal Error on the
  client side.
2015-09-04 00:13:05 +02:00
Ludovic Courtès ef8f910fce substitute: Improve functional decomposition.
* guix/scripts/substitute.scm (display-narinfo-data,
  process-query, process-substitution): New procedures.  Code moved from...
  (guix-substitute): ... here.  Use them.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 24f5aaaf24 substitute: Honor "substitute-urls" option passed by "untrusted" clients.
* guix/scripts/substitute.scm (or*): New macro.
  (%cache-url): Honor "untrusted-substitute-urls".
* guix/tests.scm (%test-substitute-urls): New variable.
  (open-connection-for-tests): Use it.
* tests/derivations.scm ("derivation-prerequisites-to-build and substitutes",
  "derivation-prerequisites-to-build and substitutes, non-substitutable
  build", "derivation-prerequisites-to-build and substitutes, local build"):
  Pass it to 'set-build-options'.
* tests/guix-daemon.sh: Likewise.
* tests/store.scm ("substitute query, alternating URLs"): New test.
  ("substitute query", "substitute", "substitute + build-things with output
  path", "substitute, corrupt output hash", "substitute --fallback"): Pass
  #:substitute-urls to 'set-build-options'.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 895d1eda54 substitute: Store cached narinfo in cache-specific sub-directories.
This ensures that switching between different substitute servers doesn't lead
to a polluted narinfo cache.

* guix/scripts/substitute.scm (narinfo-cache-file): Add 'cache-url'
  parameter.  Add the base32 of CACHE-URL as a sub-directory under
  %NARINFO-CACHE-DIRECTORY.  Update callers.
  (cached-narinfo): Likewise.  Call 'mkdir-p' on the dirname of the cache
  file.  Update callers.
  (remove-expired-cached-narinfos): Add 'directory' parameter and use it
  instead of %NARINFO-CACHE-DIRECTORY.
  (narinfo-cache-directories): New procedure.
  (maybe-remove-expired-cached-narinfo): Call 'remove-expired-cached-narinfos'
  for each item returned by 'narinfo-cache-directories'.
2015-07-13 18:29:01 +02:00
Ludovic Courtès 074efd63a8 substitute: Pass the cache URL instead of <cache> objects.
* guix/scripts/substitute.scm (<cache>): Rename to...
  (<cache-info>): ... this.
  (open-cache): Rename to...
  (download-cache-info): ... this.  Return a <cache-info> or #f.
  (open-cache*): Remove.
  (cache-narinfo!): Take a URL instead of a <cache> as the first parameter.
  (fetch-narinfos): Likewise.  Call 'download-cache-info'.  Remove use of
  'force'.
  (guix-substitute): Replace calls to 'open-cache*' with %CACHE-URL.
2015-07-13 18:29:01 +02:00
Ludovic Courtès e4e099feca substitute: Remove unneeded conditionals.
* guix/scripts/substitute.scm (guix-substitute): Remove unneeded (if cache
  ...) forms since CACHE is always true (it's a promise.)
2015-07-13 18:29:01 +02:00
Andy Patterson 075d99f195 substitute: Avoid infinite loop when updating the substitute list.
Reported
at <http://lists.gnu.org/archive/html/guix-devel/2015-07/msg00119.html>.

* guix/scripts/substitute.scm (http-multiple-get): When RESP has "Connection:
  close", consume HEAD anyway; always call PROC to read from BODY.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2015-07-07 01:04:02 +02:00
Ludovic Courtès 09d809db6a Remove assorted Guile 2.0.5 workarounds.
* guix/scripts/authenticate.scm (%default-port-conversion-strategy):
  Remove.
* guix/scripts/substitute.scm (fetch): Remove 2.0.5 special cases.
* guix/serialization.scm (write-file): Remove 'scandir' workaround.
* guix/ui.scm (command-files): Likewise.
2015-05-10 11:07:51 +02:00
Ludovic Courtès 7623848343 download: Work around Guile small-receive-buffer bug.
Previously, code using directly (guix build download) was still affected
by <http://bugs.gnu.org/15368>.  This includes source derivations, the
'guix download' command, and (guix gnu-maintenance).

'guix substitute' was unaffected since it used (guix http-client), which
already had the fix.

* guix/http-client.scm (open-socket-for-uri): Remove.
  (http-fetch): Remove #:buffered? argument to 'open-socket-for-uri';
  use 'setvbuf' instead.
* guix/scripts/substitute.scm (fetch): Likewise.
* guix/build/download.scm (open-socket-for-uri): New procedure, taken
  from guix/http-client.scm, but without the #:buffered? parameter.
2015-05-06 10:31:11 +02:00
Ludovic Courtès 5e6039a48b substitute: Increase TTL from 24h to 36h.
* guix/scripts/substitute.scm (%narinfo-ttl): Increase to 36h.
2015-05-04 23:30:51 +02:00
Ludovic Courtès 310709ae58 substitute: Fix file descriptor leak in 'http-multiple-get'.
In practice we would not leak much since we reconnect after ~100
requests (with nginx running on hydra.gnu.org.)

* guix/scripts/substitute.scm (http-multiple-get): Call 'close-port'
  before 'connect'.
2015-05-01 12:50:27 +02:00
Ludovic Courtès 614c218842 substitute: Rename cache directory from "substitute-binary" to "substitute".
* guix/scripts/substitute.scm (%narinfo-cache-directory): Change
  "substitute-binary" to "substitute".
* tests/store.scm ("substitute query"): Likewise.
* tests/substitute.scm (call-with-narinfo): Likewise.
2015-03-25 10:46:22 +01:00
Ludovic Courtès 2c74fde00e Rename 'guix substitute-binary' to 'guix substitute'.
* guix/scripts/substitute-binary.scm: Rename to...
* guix/scripts/substitute.scm: ... this.  Adjust module name, entry
  point, comments, and help string accordingly.
* nix/scripts/substitute-binary.in: Rename to...
* nix/scripts/substitute.in: ... this.
* pre-inst-env.in (NIX_SUBSTITUTERS): Adjust accordingly.
* tests/substitute-binary.scm: Rename to...
* tests/substitute.scm: ... this.  Adjust references to (guix scripts
  substitute) accordingly.
* guix/ui.scm (show-guix-help)[internal?]: Change "substitute-binary" to
  "substitute".
* Makefile.am (MODULES, SCM_TESTS): Adjust to file renames.
* daemon.am (nodist_pkglibexec_SCRIPTS): Likewise.
* config-daemon.ac: Likewise.
* guix/tests.scm (call-with-derivation-narinfo): Adjust comments and
  docstring.
2015-03-25 10:46:22 +01:00