From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#17312: =?UTF-8?Q?=E2=80=98guix_?= =?UTF-8?Q?authenticate=E2=80=99?= failure in C locale Date: Tue, 22 Apr 2014 10:51:34 +0200 Message-ID: <87y4yx21d5.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43762) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WcWQy-0004i6-GS for bug-guix@gnu.org; Tue, 22 Apr 2014 04:52:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WcWQs-0005cU-Pw for bug-guix@gnu.org; Tue, 22 Apr 2014 04:52:08 -0400 Received: from debbugs.gnu.org ([140.186.70.43]:46512) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WcWQs-0005cL-Mc for bug-guix@gnu.org; Tue, 22 Apr 2014 04:52:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1WcWQs-00015f-1u for bug-guix@gnu.org; Tue, 22 Apr 2014 04:52:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43557) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WcWQY-0003wN-II for bug-guix@gnu.org; Tue, 22 Apr 2014 04:51:47 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WcWQS-0005XM-Sg for bug-guix@gnu.org; Tue, 22 Apr 2014 04:51:42 -0400 Received: from hera.aquilenet.fr ([2a01:474::1]:38219) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WcWQS-0005XE-Lo for bug-guix@gnu.org; Tue, 22 Apr 2014 04:51:36 -0400 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 7708E1A68 for ; Tue, 22 Apr 2014 10:51:35 +0200 (CEST) Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5QvRGv768fSe for ; Tue, 22 Apr 2014 10:51:35 +0200 (CEST) Received: from pluto (pluto.bordeaux.inria.fr [193.50.110.57]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 462D96E5 for ; Tue, 22 Apr 2014 10:51:35 +0200 (CEST) List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org To: 17312@debbugs.gnu.org As seen in , =E2=80=98guix authenticate= =E2=80=99 could fail when running in the C locale (as is the case on hydra.gnu.org): --8<---------------cut here---------------start------------->8--- @ build-started /gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv = - x86_64-linux /nix/var/log/guix/drvs/63//9n30wn56fsnvxnp5sv4nxshxdsym32-gm= p-6.0.0a.drv sending 2 store files to 'hydra.gnunet.org'... importing path `/gnu/store/hyr8lvpbl2lbbkvr5v1qa25895bpcxls-gmp-6.0.0a-guil= e-builder' guix archive: error: build failed: program `guix-authenticate' failed with = exit code 1 builder for `/gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv' fa= iled to produce output path `/gnu/store/6va1dygagfrlc1xqy71ckawh4cymrl4h-gm= p-6.0.0a-debug' @ hook-failed /gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv - = 0 builder for `/gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv' = failed to produce output path `/gnu/store/6va1dygagfrlc1xqy71ckawh4cymrl4h-= gmp-6.0.0a-debug' --8<---------------cut here---------------end--------------->8--- The problem was that it could in some cases produce a signature sexp with an invalid hash value. For example: guix archive --export /gnu/store/hyr8lvpbl2lbbkvr5v1qa25895bpcxls-gmp-6.= 0.0a-guile-builder would produce an archive with a signature sexp like this (literally): (signature=20 (data=20 (flags pkcs1) (hash sha256 "^?\vU????{N4?`??eL??x???|1y????{L") ) [...] The problem is that the hash value shown here is the result of substituting non-ASCII characters with question marks and other things. Obviously signature verification on such a thing would fail, leading to errors like the one above. This could happen in some cases, when libgcrypt would choose to use a byte string representation instead of a hexadecimal string, and is due to the fact that =E2=80=98string->canonical-sexp=E2=80=99 would convert str= ings passed to =E2=80=98gcry_sexp_new=E2=80=99 to locale encoding. This is fixed with commit 6030d84 (see that commit for a concrete example.) Ludo=E2=80=99.