bug#27100: Unnecessary backtrace by guix/build/download.scm

bug#27100: Unnecessary backtrace by guix/build/download.scm

[Danny Milosavljevic]

guix [env]$ ./pre-inst-env guix import pypi flex
;;; note: source file /x/home/dannym/src/guix/gnu/packages/databases.scm
;;;       newer than compiled /x/home/dannym/src/guix/gnu/packages/databases.go
Backtrace:
           9 (primitive-load "/x/home/dannym/src/guix/scripts/guix")
In guix/ui.scm:
   1264:8  8 (run-guix-command _ . _)
In guix/scripts/import.scm:
   114:11  7 (guix-import . _)
In guix/scripts/import/pypi.scm:
    84:19  6 (guix-import-pypi . _)
In guix/import/pypi.scm:
   279:17  5 (pypi->guix-package _)
In ice-9/boot-9.scm:
    837:9  4 (catch srfi-34 #<procedure 34cec00 at guix/import/json?> ?)
In guix/import/json.scm:
    32:17  3 (_)
In guix/http-client.scm:
   239:25  2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?)
In guix/build/download.scm:
    520:4  1 (open-connection-for-uri _ #:timeout _ # _)
    417:6  0 (tls-wrap #<closed: file 1e2a9a0> _ # _)

guix/build/download.scm:417:6: In procedure tls-wrap:
guix/build/download.scm:417:6: X.509 certificate of 'pypi.python.org' could not be verified:
  signer-not-found
  invalid

Also, the most interesting information, which is which certificates it DID know and where it got them, is not printed.

bug#27100: And another unnecessary backtrace by guix/build/download.scm

[Danny Milosavljevic]

Backtrace:
          12 (primitive-load "/x/home/dannym/src/guix/scripts/guix")
In guix/ui.scm:
   1264:8 11 (run-guix-command _ . _)
In guix/scripts/import.scm:
   114:11 10 (guix-import . _)
In guix/scripts/import/pypi.scm:
    84:19  9 (guix-import-pypi . _)
In guix/import/pypi.scm:
   279:17  8 (pypi->guix-package _)
In ice-9/boot-9.scm:
    837:9  7 (catch srfi-34 #<procedure 2ced7e0 at guix/import/json…> …)
In guix/import/json.scm:
    32:17  6 (_)
In guix/http-client.scm:
   239:25  5 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # …)
In guix/build/download.scm:
    520:4  4 (open-connection-for-uri _ #:timeout _ # _)
   391:34  3 (tls-wrap #<input-output: socket 16> "pypi.python.org" # …)
    308:4  2 (make-credendials-with-ca-trust-files _)
In srfi/srfi-1.scm:
    640:9  1 (for-each #<procedure 2cf0b60 at guix/build/download.s…> …)
In unknown file:
           0 (set-certificate-credentials-x509-trust-file! #<certif…> …)

ERROR: In procedure set-certificate-credentials-x509-trust-file!:
ERROR: Throw to key `gnutls-error' with args `(#<gnutls-error-enum Fehler beim Dateilesen.> set-certificate-credentials-x509-trust-file!)'.

Again without the actual interesting information (the file in question), which is presumably cut off by the "..." in the backtrace.  Btw how can I turn the cutoff off?

bug#27100: Unnecessary backtrace by guix/build/download.scm

[zimoun]

Hi Danny,

On Sat, 27 May 2017 at 13:36, Danny Milosavljevic <dannym@scratchpost.org> wrote:
> guix [env]$ ./pre-inst-env guix import pypi flex
> Backtrace:

[...] Ugly 

> guix/build/download.scm:417:6: In procedure tls-wrap:
> guix/build/download.scm:417:6: X.509 certificate of 'pypi.python.org' could not be verified:
>   signer-not-found
>   invalid
>
> Also, the most interesting information, which is which certificates it DID know and where it got them, is not printed.

Well, the bug #27100 [1] is solved now, I guess.  First, the command

  $ guix import pypi flex

works now.  And the command:

  $ guix import pypi kikoo
  following redirection to `https://pypi.org/pypi/kikoo/json/'...
  guix import: error: failed to download meta-data for package 'kikoo'

fails gracefully.  What remains is “guix import pypi kikoo -r” but it is
tracked by #44115 about the recursive option of all the importers.

Otherwise, do you have example to reproduce the bug you initiated.

1: <http://issues.guix.gnu.org/issue/27100>
2: <http://issues.guix.gnu.org/issue/44115>


Thanks,
simon

bug#27100: Unnecessary backtrace by guix/build/download.scm

[zimoun]

Hi,

On Wed, 18 Nov 2020 at 00:27, zimoun <zimon.toutoune@gmail.com> wrote:
> On Sat, 27 May 2017 at 13:36, Danny Milosavljevic <dannym@scratchpost.org> wrote:
>> guix [env]$ ./pre-inst-env guix import pypi flex
>> Backtrace:
>
> [...] Ugly 
>
>> guix/build/download.scm:417:6: In procedure tls-wrap:
>> guix/build/download.scm:417:6: X.509 certificate of 'pypi.python.org' could not be verified:
>>   signer-not-found
>>   invalid
>>
>> Also, the most interesting information, which is which certificates it DID know and where it got them, is not printed.
>
> Well, the bug #27100 [1] is solved now, I guess.  First, the command
>
>   $ guix import pypi flex
>
> works now.  And the command:
>
>   $ guix import pypi kikoo
>   following redirection to `https://pypi.org/pypi/kikoo/json/'...
>   guix import: error: failed to download meta-data for package 'kikoo'
>
> fails gracefully.  What remains is “guix import pypi kikoo -r” but it is
> tracked by #44115 about the recursive option of all the importers.

I think this bug is now addressed and could be closed.  WDYT?


All the best,
simon

bug#27100: Unnecessary backtrace by guix/build/download.scm

[Danny Milosavljevic]

[-- Attachment #1: Type: text/plain, Size: 440 bytes --]

Hi,

>$ LC_ALL=C guix download https://192.168.10.1

>Starting download of /tmp/guix-file.Zfy7gX
>From https://192.168.10.1...
>X.509 server certificate for '192.168.10.1' does not match: C=ZZ,ST=Somewhere,L=Unknown,O=libreCMC087d391f,CN=libreCMC
>failed to download "/tmp/guix-file.Zfy7gX" from "https://192.168.10.1"
>guix download: error: https://192.168.10.1: download failed

Nice!

Yes, it's much better now!  Thank you!

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]