From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id 8B0bBAcXTGIvlAAAgWs5BA (envelope-from ) for ; Tue, 05 Apr 2022 12:16:39 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id 2BbEOAYXTGLBVgEAG6o9tA (envelope-from ) for ; Tue, 05 Apr 2022 12:16:38 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 4415420F6F for ; Tue, 5 Apr 2022 12:16:38 +0200 (CEST) Received: from localhost ([::1]:37774 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nbgEm-00016A-EK for larch@yhetil.org; Tue, 05 Apr 2022 06:16:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55234) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nbgEI-00014R-BV for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:06 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:59878) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nbgEE-0002Ow-El for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1nbgEE-00056z-7l for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#54723] [PATCH] Check URI when verifying narinfo validity. Resent-From: Guillaume Le Vaillant Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 05 Apr 2022 10:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 54723 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 54723@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.164915371319564 (code B ref -1); Tue, 05 Apr 2022 10:16:02 +0000 Received: (at submit) by debbugs.gnu.org; 5 Apr 2022 10:15:13 +0000 Received: from localhost ([127.0.0.1]:53775 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nbgDQ-00055S-Ub for submit@debbugs.gnu.org; Tue, 05 Apr 2022 06:15:13 -0400 Received: from lists.gnu.org ([209.51.188.17]:52912) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nbgDO-00055J-LU for submit@debbugs.gnu.org; Tue, 05 Apr 2022 06:15:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:54958) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nbgDN-0000eH-2c for guix-patches@gnu.org; Tue, 05 Apr 2022 06:15:10 -0400 Received: from mout02.posteo.de ([185.67.36.66]:45197) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nbgDJ-00022P-5W for guix-patches@gnu.org; Tue, 05 Apr 2022 06:15:07 -0400 Received: from submission (posteo.de [185.67.36.169]) by mout02.posteo.de (Postfix) with ESMTPS id C5DB924010B for ; Tue, 5 Apr 2022 12:15:00 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1649153700; bh=8mbdQLrtBo+xvOBTeTWQDzN9qPCQbpCON8DcPnaizKY=; h=From:To:Subject:Date:From; b=eGYfJB0WHgiU/M2GIqMGUEjTYTSt9Woj57y6bSn2TDGUXdE+qovw0tqx0rEx48vUD nIdfeX0q2qiQD8/8rKLNL5KlDcw3I/30pHICra+ZImHQyRyD9dl44h0SN6+8xYYLun H/vAuEleMDF4ChYMMF+89tdv4ACDSqz8LV8Uu0wZlVMdsUyhaPq0eTqnx6NDYGbeN5 E3DBWUqrb6qPKFtOQh+2PgvL6SB8rJHPbsEGnDG18G8ipWKWY4QCEwunqbsDAiixmV 7dZB9mKkuI2XGPacWUgciZT0pdzWRXhSBD/x1T3YMwb5wDuMS7Lw/rRWdeWDmslYUD 09XEdMSnOJymA== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4KXk6C4DY9z6tnm for ; Tue, 5 Apr 2022 12:14:59 +0200 (CEST) From: Guillaume Le Vaillant Date: Tue, 05 Apr 2022 09:58:18 +0000 Message-ID: <87a6czbzvh.fsf@kitej> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=185.67.36.66; envelope-from=glv@posteo.net; helo=mout02.posteo.de X-Spam_score_int: -31 X-Spam_score: -3.2 X-Spam_bar: --- X-Spam_report: (-3.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1649153798; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post:dkim-signature; bh=zg6t9+1gNTnMoLkZDIs/6sHDMk7PJ+SpqCJi96QlfNk=; b=qkRu/LkAGPCVCvA2tdtz/P+aZBVLv3weDMVzQYr/RIY7mnyAxloXvZ2VON4LY9ZSI6uaRX W4NcVFFudLbdwo36nT0a0EHdUKu2fuoPJmXctzNOOLCVwVOoP6b7yDxsYTkLZKX1fPqHAa R6+V1IbVAz0/hzhMJoiH94pAeEpX08Q3ImIqaVnMu145jhgnMoS2iq6RGwwB9V+WP0t4R1 aYwPTwZ0YNfRK0HIc5F8lhSDtTD46Ho33pCWIjDJRFrBvPvWy1W8ZrPD68KoA7yOx70cOi dXUGMQqfDakKuD1+z0ZRp+XEU5MLZts5Z+CHcmyfAKPTHTzxIafgszg44nm1BQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1649153798; a=rsa-sha256; cv=none; b=LI45+caCgzbcGBg3RuDHJfwgfmXqftbATkcNm3KkLIgu7dbl+nfWq0EmwAQ7b8i8pJLGMa OoWeowM4YMMc7YJHsXiyymJdqdpRhjbb8c9aC0wLhfKdphu0Wl3JgqxB4k2jBjrO7eeceW ycIdZibzK+jstV9+i2995Tyeqn+NWDeCOhxh4JYrVDqwRv2gjGzHkV/UdMr/e51EDOFMd6 e+loEWcHsAYxJtLe0i7bsV/14ohBXnD5K3pCzzl3B8ic9OQIjXbpEjSh3yTlcFHhb7AczJ Vzc5t9x6oXNaz/4kONykpTTaZmJdnnltc5QEadjokgDm10aHaBSyMaNkMovI1Q== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=posteo.net header.s=2017 header.b=eGYfJB0W; dmarc=fail reason="SPF not aligned (strict)" header.from=posteo.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 2.83 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=posteo.net header.s=2017 header.b=eGYfJB0W; dmarc=fail reason="SPF not aligned (strict)" header.from=posteo.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 4415420F6F X-Spam-Score: 2.83 X-Migadu-Scanner: scn0.migadu.com X-TUID: hNWnqa1v3XKP --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable When trying to upgrade a machine using a substitute server on the same LAN, I get this crash a lot: =2D-8<---------------cut here---------------start------------->8--- # guix system reconfigure --substitute-urls=3D"http://192.168.0.22:8080 htt= ps://ci.guix.gnu.org" /etc/guix/config.scm substitute: mise =C3=A0 jour des substituts depuis =C2=AB=C2=A0http://192.1= 68.0.22:8080=C2=A0=C2=BB... 100.0 % substitute: Backtrace: substitute: In ice-9/boot-9.scm: substitute: 1752:10 17 (with-exception-handler _ _ #:unwind? _ # _) substitute: In unknown file: substitute: 16 (apply-smob/0 #) substitute: In ice-9/boot-9.scm: substitute: 724:2 15 (call-with-prompt _ _ #) substitute: In ice-9/eval.scm: substitute: 619:8 14 (_ #(#(#))) substitute: In guix/ui.scm: substitute: 2209:7 13 (run-guix . _) substitute: 2172:10 12 (run-guix-command _ . _) substitute: In ice-9/boot-9.scm: substitute: 1752:10 11 (with-exception-handler _ _ #:unwind? _ # _) substitute: 1752:10 10 (with-exception-handler _ _ #:unwind? _ # _) substitute: In guix/scripts/substitute.scm: substitute: 757:18 9 (_) substitute: 348:26 8 (process-query # _ #:cache-urls _ = #:acl _) substitute: In guix/substitutes.scm: substitute: 369:45 7 (lookup-narinfos/diverse _ _ # =E2=80=A6) substitute: In unknown file: substitute: 6 (filter # =E2=80=A6) substitute: In guix/narinfo.scm: substitute: 215:32 5 (valid-narinfo? _ _ #:verbose? _) substitute: In ice-9/boot-9.scm: substitute: 1685:16 4 (raise-exception _ #:continuable? _) substitute: 1685:16 3 (raise-exception _ #:continuable? _) substitute: 1780:13 2 (_ #<&compound-exception components: (#<&assertion= -fail=E2=80=A6>) substitute: 1685:16 1 (raise-exception _ #:continuable? _) substitute: 1685:16 0 (raise-exception _ #:continuable? _) substitute:=20 substitute: ice-9/boot-9.scm:1685:16: In procedure raise-exception: substitute: In procedure car: Wrong type argument in position 1 (expecting = pair): () guix system: erreur : `/gnu/store/wgygsxcdy1z3pfvwhpgyl5vjp4xvwhhh-guix-1.3= .0-23.a27e47f/bin/guix substitute' died unexpectedly =2D-8<---------------cut here---------------end--------------->8--- It looks like the 'narinfo-uri' field is an empty list instead of a list of URIs. Is that supposed to be possible? Does the the attached patch adding a check for the validity of this field in the 'valid-narinfo?' function make sense? The substitute server configuration is: =2D-8<---------------cut here---------------start------------->8--- (service guix-publish-service-type (guix-publish-configuration (host "0.0.0.0") (port 8080) (compression '(("zstd" 3))) (advertise? #t))) =2D-8<---------------cut here---------------end--------------->8--- --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-narinfo-Check-URI-when-verifying-narinfo-validity.patch Content-Transfer-Encoding: quoted-printable From=208d9a45b2f38809fb3acfacf6f83532b7b556e78c Mon Sep 17 00:00:00 2001 From: Guillaume Le Vaillant Date: Tue, 5 Apr 2022 11:50:48 +0200 Subject: [PATCH] narinfo: Check URI when verifying narinfo validity. * guix/narinfo.scm (valid-narinfo?): Check if the 'uri' field is valid. =2D-- guix/narinfo.scm | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/guix/narinfo.scm b/guix/narinfo.scm index 4fc550aa6c..466ce20deb 100644 =2D-- a/guix/narinfo.scm +++ b/guix/narinfo.scm @@ -209,11 +209,13 @@ (define %mandatory-fields =20 (define* (valid-narinfo? narinfo #:optional (acl (current-acl)) #:key verbose?) =2D "Return #t if NARINFO's signature is not valid." + "Return #t if NARINFO's signature is valid." (let ((hash (narinfo-sha256 narinfo)) (signature (narinfo-signature narinfo)) =2D (uri (uri->string (first (narinfo-uris narinfo))))) =2D (and hash signature + (uri (if (null? (narinfo-uris narinfo)) + #f + (uri->string (first (narinfo-uris narinfo)))))) + (and hash signature uri (signature-case (signature hash acl) (valid-signature #t) (invalid-signature =2D-=20 2.35.1 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iIUEAREKAC0WIQTLxZxm7Ce5cXlAaz5r6CCK3yH+PwUCYkwWog8cZ2x2QHBvc3Rl by5uZXQACgkQa+ggit8h/j9XpwD/V8fwTiGUelJ8zHqE9C8Jz4utsd/GUDfWLHFY e/kXrDIA/3XZm1n0UrYE9KN/z03rtUtRbSp7TREBvzlt3R2daxLD =o6sA -----END PGP SIGNATURE----- --==-=-=--