From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#26907: guix import (really: SSL) broken in different ways Date: Sat, 13 May 2017 16:37:36 +0200 Message-ID: <87ziegzutr.fsf@gnu.org> References: <20170513120125.6bc1b03f@scratchpost.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:54113) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d9YBJ-0003Z4-GE for bug-guix@gnu.org; Sat, 13 May 2017 10:38:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d9YBG-0003JV-Ej for bug-guix@gnu.org; Sat, 13 May 2017 10:38:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:40411) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d9YBG-0003JR-As for bug-guix@gnu.org; Sat, 13 May 2017 10:38:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1d9YBG-0008O9-5p for bug-guix@gnu.org; Sat, 13 May 2017 10:38:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20170513120125.6bc1b03f@scratchpost.org> (Danny Milosavljevic's message of "Sat, 13 May 2017 12:01:25 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Danny Milosavljevic Cc: 26907@debbugs.gnu.org Hi Danny, Danny Milosavljevic skribis: > So after I installed the huge update from master, it seems that guix impo= rt doesn't work anymore (the cwd is a guix master checkout): > > (1) Normal: > > $ ./pre-inst-env guix import pypi flask-migrate > ... > In guix/import/pypi.scm: > 278:17 5 (pypi->guix-package _) > In ice-9/boot-9.scm: > 837:9 4 (catch srfi-34 # ?) > In guix/import/json.scm: > 32:17 3 (_) > In guix/http-client.scm: > 239:25 2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?) > In guix/build/download.scm: > 520:4 1 (open-connection-for-uri _ #:timeout _ # _) > 360:0 0 (tls-wrap # "pypi.python.org" # ?) > > guix/build/download.scm:360:0: In procedure tls-wrap: > guix/build/download.scm:360:0: In procedure module-lookup: Unbound variab= le: make-session GnuTLS is not installed. It=E2=80=99s now a mandatory dependency and ./configure checks for it. Note that if you use Guile 2.2, you need to install =E2=80=9Cguile2.2-gnutl= s=E2=80=9D rather than just =E2=80=9Cgnutls=E2=80=9D. > (2) In an environment: > > $ guix environment guix --fallback --pure > $ ./pre-inst-env guix import pypi flask-migrate > ... > In guix/import/pypi.scm: > 278:17 5 (pypi->guix-package _) > In ice-9/boot-9.scm: > 837:9 4 (catch srfi-34 # ?) > In guix/import/json.scm: > 32:17 3 (_) > In guix/http-client.scm: > 239:25 2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?) > In guix/build/download.scm: > 520:4 1 (open-connection-for-uri _ #:timeout _ # _) > 417:6 0 (tls-wrap # _ # _) > > guix/build/download.scm:417:6: In procedure tls-wrap: > guix/build/download.scm:417:6: X.509 certificate of 'pypi.python.org' cou= ld not be verified: > signer-not-found > invalid See =E2=80=9CX.509 Certificates=E2=80=9D in the manual. :-) > (2b) In an environment with guile-json: > > $ guix environment guix --fallback --pure --ad-hoc guile-json > $ ./pre-inst-env guix import pypi flask-migrate > ... > > ERROR: In procedure scm-error: > ERROR: no code for module (json) If you use Guile 2.2, you need =E2=80=9Cguile2.2-json=E2=80=9D, not =E2=80= =9Cguile-json=E2=80=9D. > (3) In a container: > > $ guix environment -C guix --fallback --pure --ad-hoc guile-json > $ ./pre-inst-env guix import pypi flask-migrate > ... > In guix/import/pypi.scm: > 278:17 7 (pypi->guix-package _) > In ice-9/boot-9.scm: > 837:9 6 (catch srfi-34 # ?) > In guix/import/json.scm: > 32:17 5 (_) > In guix/http-client.scm: > 239:25 4 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # ?) > In guix/build/download.scm: > 520:4 3 (open-connection-for-uri _ #:timeout _ # _) > 521:14 2 (thunk) > 460:7 1 (open-socket-for-uri _ #:timeout _) > In unknown file: > 0 (getaddrinfo "pypi.python.org" "https" 32 # # ?) > > ERROR: In procedure getaddrinfo: > ERROR: In procedure getaddrinfo: Servname not supported for ai_socktype In addition to -C, you need -N for network access. > (4) For reference, the guix-pulled version works: > > $ cd / > $ guix import pypi flask-migrate > following redirection to `https://pypi.python.org/pypi/Flask-Migrate/json= '... > > Starting download of /tmp/guix-file.lHkpNj > From https://pypi.python.org/packages/a9/fe/559c313679b08f67efb9fba6f01de= bbc9ea3a488539d03a5a38371351456/Flask-Migrate-2.0.3.tar.gz... > ...-2.0.3.tar.gz 15KiB 170KiB/s 00:00 [####################]= 100.0% > (package > ... > > Maybe I need to logout and login again? Will test that later - but right= now I just wanted to log the errors. I think you stumbled upon a mixture of poor error reporting, misconfiguration, and overall a situation where there are many ways to shoot oneself in the foot. HTH! Ludo=E2=80=99.