From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id MBHZKxgFa2UlXgAAG6o9tA:P1 (envelope-from ) for ; Sat, 02 Dec 2023 11:21:12 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id MBHZKxgFa2UlXgAAG6o9tA (envelope-from ) for ; Sat, 02 Dec 2023 11:21:12 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 936D5168A5 for ; Sat, 2 Dec 2023 11:21:12 +0100 (CET) Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=SYtfC3vp; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1701512472; a=rsa-sha256; cv=none; b=A6O0DUbpqm7UArTUyB/RdcyVP6cWffMDnfGCuqYIuwJjo6KzfiEGbhyq9NXh5U7mmJqf+/ aFGmSlxBDc9xuaQt3oiks4d+D10eLYG8N2qvT6BgUZotUjxPaTBaF+5pdyN27Zxf9uQndQ WVCUjMvDJgqNnv6TjMRVVO+2H7DqDVP6/HuzH1EpfbjN0sSPKEnqptSPioCBqMLk1c1AWG SwJSZqQWB3/GsY5aeyMzKXFw2BAtfbeAvdpvcGrgfl252XkI4UsBYszofaqgWbYG4v8giF WIyabf6CIc0mmupm5KS3e3y/ZaONxc5XDi5FDLeHnDDmekFwQjraKA8b1E6zng== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=SYtfC3vp; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1701512472; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=xFV4M9ozn7C4FQBVtXCuOj+dgx/9RsktD4629JAJHNw=; b=hvGmCFLoGyZPZPpj1OxP0hkdH4OS8K8IPd8fgxjkGSJFDaIr99pBTmOHIfOjoFUCfrpedm MpKhwXJWaEb7Qo7bpI4xztwJSOlcBd2mJ364c+Jr10WkipOWUklekn09+sdC3clVfTMKQV TtWI9SYFHDDFh3uJcaY7USF0DfwgH5sVz30RoPRbNm2jXYIjID/FaQPK2IWkVwn/A2exSA z8DKVfOGx8tdYr9zRnRkXvnf0PJp9fupERHNHKZu5cGxJYneIxBHRNinj0s3wesxZytAep G+JJcQ2VJKxX10VUe+aepce2oxrzAbuP8nWUXkFYw++OOK748Yuuvce5aaxtng== Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r9N7G-0001x1-BH; Sat, 02 Dec 2023 05:20:54 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r9N7E-0001wj-Ue for guix-patches@gnu.org; Sat, 02 Dec 2023 05:20:52 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1r9N7E-0000bU-MR for guix-patches@gnu.org; Sat, 02 Dec 2023 05:20:52 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1r9N7N-0008PM-TB for guix-patches@gnu.org; Sat, 02 Dec 2023 05:21:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#67072] [PATCH 4/4] weather: Report unauthorized substitute servers. Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 02 Dec 2023 10:21:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 67072 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Simon Tournier Cc: Josselin Poiret , 67072@debbugs.gnu.org, Mathieu Othacehe , Tobias Geerinckx-Rice , Ricardo Wurmus , Christopher Baines Received: via spool by 67072-submit@debbugs.gnu.org id=B67072.170151244132279 (code B ref 67072); Sat, 02 Dec 2023 10:21:01 +0000 Received: (at 67072) by debbugs.gnu.org; 2 Dec 2023 10:20:41 +0000 Received: from localhost ([127.0.0.1]:56675 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r9N72-0008OY-PY for submit@debbugs.gnu.org; Sat, 02 Dec 2023 05:20:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:44188) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1r9N71-0008OL-5Q for 67072@debbugs.gnu.org; Sat, 02 Dec 2023 05:20:40 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r9N6m-0000VV-6Y; Sat, 02 Dec 2023 05:20:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=xFV4M9ozn7C4FQBVtXCuOj+dgx/9RsktD4629JAJHNw=; b=SYtfC3vpRZ082vJtON1+ xYO5yHzsRP5KqTcNcQkfq+1XXxoH+U3f3WipP73e0Y4vvSvtWPUbVgTG7Mp7JNnlR+KgqCVHi+rpM kaUYHpdK1bmva+h/B/+ulN2ZRxUmdNpbCHH5Jz/J63z2I7qdiegroTq5GEbGVs6ex36ldrrAY3L7d wiZPouo0+xXrXmPGxtwer516yvgSHFVjHpuQmUWNNl8EU7vxkzTVfWC/0DvQXnFupMHT9u10mLJu/ 29+7/qQtf4fVNKExd4+FwLZMski/jDy70o0cp0mXFwcL+79D1XoVAcYTPBezbt8L68L/i81j9c1tu K0TZZggyB4f5gw==; From: Ludovic =?UTF-8?Q?Court=C3=A8s?= In-Reply-To: <87jzq2aukw.fsf@gmail.com> (Simon Tournier's message of "Tue, 28 Nov 2023 14:14:23 +0100") References: <87jzq2aukw.fsf@gmail.com> Date: Sat, 02 Dec 2023 11:20:21 +0100 Message-ID: <875y1gj47u.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -5.35 X-Spam-Score: -5.35 X-Migadu-Queue-Id: 936D5168A5 X-TUID: B0lZyS+VlaGQ Hi Simon, Simon Tournier skribis: > I know it is irrelevant with the patch at hand. Maybe not. :-) > > 1. Why this =E2=80=99(not (not=E2=80=99 ? This ensures the result is a Boolean. [...] >> +(define (check-narinfo-authorization narinfo) >> + "Print a warning when NARINFO is not signed by an authorized key." >> + (unless (valid-narinfo? narinfo) > > =E2=80=A6I entered in this part =E2=80=93 hence the look up (guix pki) ;-= ). Well, my > mistake is hard to reproduce outside of Guix development tree but > =E2=80=99valid-narinfo?=E2=80=99 returns false for more cases than just > unauthorized-key. Therefore, the hint could be misleading. It=E2=80=99s true that =E2=80=98valid-narinfo?=E2=80=99 catches more cases,= but the other cases where it returns #f are situations where the substitute server is bogus. So I chose to favor conciseness here. > Since we are discussing about an helper, I would run =E2=80=99signature-c= ase=E2=80=99 > here in check-narinfo. For example, if the case is 'unauthorized-key, > then I would check is %acl-file exists. Maybe display the full > %acl-file explaining that the key is not in, etc. Right, checking for =E2=80=98%acl-file=E2=80=99 is a good idea; I wouldn=E2= =80=99t display its contents though because that=E2=80=99d be intimidating and unhelpful IMO. > Moreover, running =E2=80=9Cguix challenge coreutils=E2=80=9D does not war= n about > anything [=E2=80=A6] That=E2=80=99s on purpose: --8<---------------cut here---------------start------------->8--- (define (compare-contents items servers) "Challenge the substitute servers whose URLs are listed in SERVERS by comparing the hash of the substitutes of ITEMS that they serve. Return the list of objects. This procedure does not authenticate narinfos from SERVERS, nor does it ver= ify that they are signed by an authorized public keys. The reason is that, by definition, we may want to target unknown servers. Furthermore, no risk is taken since we do not import the archives." --8<---------------cut here---------------end--------------->8--- > guix weather: warning: could not determine current substitute URLs; using= defaults > computing 1 package derivations for x86_64-linux... > looking for 2 store items on https://ci.guix.gnu.org... > guix weather: error: open-file: Permission denied: "/etc/guix/acl" Uh, it should be able to deal with it gracefully. > Hum? Maybe I am doing something wrong=E2=80=A6 The file /etc/guix/acl ha= s the > permission: > > -rw------- 1 root root 528 acl It=E2=80=99s normally world-readable. > Is it incorrect? Well, if all are allowed to read (chmod a+r) then > there is not error. And it displays the warning: > > guix weather: warning: could not determine current substitute URLs; using= defaults > > And that=E2=80=99s because the daemon is not supporting the operation. T= his > warning appears to me misleading: personally I think that I am > misconfigured something when that=E2=80=99s not the case. Instead, I wou= ld > display: > > warning: using defaults substitute URLs Yes, good idea. I=E2=80=99ll send v2 soonish. Thanks for your feedback! Ludo=E2=80=99.