From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: Struggling with a caching substitute server
Date: Tue, 05 Apr 2016 11:29:05 +0200
Message-ID: <87wpocwgim.fsf@gnu.org>
References: <20160404135637.GA30755@thebird.nl> <87zit9axwz.fsf@gnu.org>
	<20160405075748.GA2689@thebird.nl>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49873)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1anNIO-0001rI-Ag
	for guix-devel@gnu.org; Tue, 05 Apr 2016 05:29:16 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1anNIK-0004lK-Am
	for guix-devel@gnu.org; Tue, 05 Apr 2016 05:29:12 -0400
In-Reply-To: <20160405075748.GA2689@thebird.nl> (Pjotr Prins's message of
	"Tue, 5 Apr 2016 09:57:48 +0200")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Pjotr Prins <pjotr.public12@thebird.nl>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Pjotr Prins <pjotr.public12@thebird.nl> skribis:

> On Mon, Apr 04, 2016 at 11:04:12PM +0200, Ludovic Court=C3=A8s wrote:
>> Did you authorize the singing key of that server?
>
> That fixed it. I had switched clients forgetting about this one. Would
> it be possible to generate a warning for using a (1) URL where guix
> publish server is not reached and (2) where the client is not
> authorized? Silent failure just has the user guessing.

My initial thoughts was that this is not a failure, so not something to
warn about.  Indeed, at any time the admin can change the ACL, which in
turn makes substitutes available or not.

Besides, signatures are per substitute, so a warning would have to be
generated for each substitute that is signed by an unauthorized
signature, I think.  Like this:


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline

diff --git a/guix/scripts/substitute.scm b/guix/scripts/substitute.scm
index 82ce069..fdd72b2 100755
--- a/guix/scripts/substitute.scm
+++ b/guix/scripts/substitute.scm
@@ -412,7 +412,9 @@ or is signed by an unauthorized key."
         (and hash signature
              (signature-case (signature hash acl)
                (valid-signature #t)
-               (else #f))))))
+               (else
+                (warning (_ "bad sig!~%"))
+                #f))))))
 
 (define (write-narinfo narinfo port)
   "Write NARINFO to PORT."

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


This would obviously be suboptimal.

Any suggestions?

Ludo=E2=80=99.

--=-=-=--