unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
From: ludo@gnu.org (Ludovic Courtès)
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: 26907@debbugs.gnu.org
Subject: bug#26907: guix import (really: SSL) broken in different ways
Date: Sat, 13 May 2017 16:37:36 +0200	[thread overview]
Message-ID: <87ziegzutr.fsf@gnu.org> (raw)
In-Reply-To: <20170513120125.6bc1b03f@scratchpost.org> (Danny Milosavljevic's message of "Sat, 13 May 2017 12:01:25 +0200")

Hi Danny,

Danny Milosavljevic <dannym@scratchpost.org> skribis:

> So after I installed the huge update from master, it seems that guix import doesn't work anymore (the cwd is a guix master checkout):
>
> (1) Normal:
>
> $ ./pre-inst-env guix import pypi flask-migrate
> ...
> In guix/import/pypi.scm:
>    278:17  5 (pypi->guix-package _)
> In ice-9/boot-9.scm:
>     837:9  4 (catch srfi-34 #<procedure 2b12300 at guix/import/json?> ?)
> In guix/import/json.scm:
>     32:17  3 (_)
> In guix/http-client.scm:
>    239:25  2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?)
> In guix/build/download.scm:
>     520:4  1 (open-connection-for-uri _ #:timeout _ # _)
>     360:0  0 (tls-wrap #<input-output: socket 14> "pypi.python.org" # ?)
>
> guix/build/download.scm:360:0: In procedure tls-wrap:
> guix/build/download.scm:360:0: In procedure module-lookup: Unbound variable: make-session

GnuTLS is not installed.  It’s now a mandatory dependency and
./configure checks for it.

Note that if you use Guile 2.2, you need to install “guile2.2-gnutls”
rather than just “gnutls”.

> (2) In an environment:
>
> $ guix environment guix --fallback --pure
> $ ./pre-inst-env guix import pypi flask-migrate
> ...
> In guix/import/pypi.scm:
>    278:17  5 (pypi->guix-package _)
> In ice-9/boot-9.scm:
>     837:9  4 (catch srfi-34 #<procedure 1e971a0 at guix/import/json?> ?)
> In guix/import/json.scm:
>     32:17  3 (_)
> In guix/http-client.scm:
>    239:25  2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?)
> In guix/build/download.scm:
>     520:4  1 (open-connection-for-uri _ #:timeout _ # _)
>     417:6  0 (tls-wrap #<closed: file 1069af0> _ # _)
>
> guix/build/download.scm:417:6: In procedure tls-wrap:
> guix/build/download.scm:417:6: X.509 certificate of 'pypi.python.org' could not be verified:
>   signer-not-found
>   invalid

See “X.509 Certificates” in the manual.  :-)

> (2b) In an environment with guile-json:
>
> $ guix environment guix --fallback --pure --ad-hoc guile-json
> $ ./pre-inst-env guix import pypi flask-migrate
> ...
>
> ERROR: In procedure scm-error:
> ERROR: no code for module (json)

If you use Guile 2.2, you need “guile2.2-json”, not “guile-json”.

> (3) In a container:
>
> $ guix environment -C guix --fallback --pure --ad-hoc guile-json
> $ ./pre-inst-env guix import pypi flask-migrate
> ...
> In guix/import/pypi.scm:
>    278:17  7 (pypi->guix-package _)
> In ice-9/boot-9.scm:
>     837:9  6 (catch srfi-34 #<procedure 4dac340 at guix/import/json?> ?)
> In guix/import/json.scm:
>     32:17  5 (_)
> In guix/http-client.scm:
>    239:25  4 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?)
> In guix/build/download.scm:
>     520:4  3 (open-connection-for-uri _ #:timeout _ # _)
>    521:14  2 (thunk)
>     460:7  1 (open-socket-for-uri _ #:timeout _)
> In unknown file:
>            0 (getaddrinfo "pypi.python.org" "https" 32 #<undefined> # ?)
>
> ERROR: In procedure getaddrinfo:
> ERROR: In procedure getaddrinfo: Servname not supported for ai_socktype

In addition to -C, you need -N for network access.

> (4) For reference, the guix-pulled version works:
>
> $ cd /
> $ guix import pypi flask-migrate
> following redirection to `https://pypi.python.org/pypi/Flask-Migrate/json'...
>
> Starting download of /tmp/guix-file.lHkpNj
> From https://pypi.python.org/packages/a9/fe/559c313679b08f67efb9fba6f01debbc9ea3a488539d03a5a38371351456/Flask-Migrate-2.0.3.tar.gz...
>  ...-2.0.3.tar.gz  15KiB            170KiB/s 00:00 [####################] 100.0%
> (package
> ...
>
> Maybe I need to logout and login again?  Will test that later - but right now I just wanted to log the errors.

I think you stumbled upon a mixture of poor error reporting,
misconfiguration, and overall a situation where there are many ways to
shoot oneself in the foot.

HTH!

Ludo’.

  reply	other threads:[~2017-05-13 14:38 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-13 10:01 bug#26907: guix import (really: SSL) broken in different ways Danny Milosavljevic
2017-05-13 14:37 ` Ludovic Courtès [this message]
2022-01-11  5:16   ` Leo Famulari

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ziegzutr.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=26907@debbugs.gnu.org \
    --cc=dannym@scratchpost.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).