From patchwork Tue Apr  5 09:58:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Guillaume Le Vaillant <glv@posteo.net>
X-Patchwork-Id: 38331
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 3B50427BBEB; Tue,  5 Apr 2022 11:16:42 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,NUMERIC_HTTP_ADDR,SPF_HELO_PASS,
	URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 9792B27BBEA
	for <patchwork@mira.cbaines.net>; Tue,  5 Apr 2022 11:16:41 +0100 (BST)
Received: from localhost ([::1]:37774 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1nbgEq-00016A-Kb
	for patchwork@mira.cbaines.net; Tue, 05 Apr 2022 06:16:40 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:55234)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1nbgEI-00014R-BV
 for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:06 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:59878)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1nbgEE-0002Ow-El
 for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1nbgEE-00056z-7l
 for guix-patches@gnu.org; Tue, 05 Apr 2022 06:16:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#54723] [PATCH] Check URI when verifying narinfo validity.
Resent-From: Guillaume Le Vaillant <glv@posteo.net>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Tue, 05 Apr 2022 10:16:02 +0000
Resent-Message-ID: <handler.54723.B.164915371319564@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 54723
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 54723@debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.164915371319564
 (code B ref -1); Tue, 05 Apr 2022 10:16:02 +0000
Received: (at submit) by debbugs.gnu.org; 5 Apr 2022 10:15:13 +0000
Received: from localhost ([127.0.0.1]:53775 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1nbgDQ-00055S-Ub
 for submit@debbugs.gnu.org; Tue, 05 Apr 2022 06:15:13 -0400
Received: from lists.gnu.org ([209.51.188.17]:52912)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <glv@posteo.net>) id 1nbgDO-00055J-LU
 for submit@debbugs.gnu.org; Tue, 05 Apr 2022 06:15:11 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:54958)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <glv@posteo.net>) id 1nbgDN-0000eH-2c
 for guix-patches@gnu.org; Tue, 05 Apr 2022 06:15:10 -0400
Received: from mout02.posteo.de ([185.67.36.66]:45197)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <glv@posteo.net>) id 1nbgDJ-00022P-5W
 for guix-patches@gnu.org; Tue, 05 Apr 2022 06:15:07 -0400
Received: from submission (posteo.de [185.67.36.169])
 by mout02.posteo.de (Postfix) with ESMTPS id C5DB924010B
 for <guix-patches@gnu.org>; Tue,  5 Apr 2022 12:15:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1649153700; bh=8mbdQLrtBo+xvOBTeTWQDzN9qPCQbpCON8DcPnaizKY=;
 h=From:To:Subject:Date:From;
 b=eGYfJB0WHgiU/M2GIqMGUEjTYTSt9Woj57y6bSn2TDGUXdE+qovw0tqx0rEx48vUD
 nIdfeX0q2qiQD8/8rKLNL5KlDcw3I/30pHICra+ZImHQyRyD9dl44h0SN6+8xYYLun
 H/vAuEleMDF4ChYMMF+89tdv4ACDSqz8LV8Uu0wZlVMdsUyhaPq0eTqnx6NDYGbeN5
 E3DBWUqrb6qPKFtOQh+2PgvL6SB8rJHPbsEGnDG18G8ipWKWY4QCEwunqbsDAiixmV
 7dZB9mKkuI2XGPacWUgciZT0pdzWRXhSBD/x1T3YMwb5wDuMS7Lw/rRWdeWDmslYUD
 09XEdMSnOJymA==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4KXk6C4DY9z6tnm
 for <guix-patches@gnu.org>; Tue,  5 Apr 2022 12:14:59 +0200 (CEST)
From: Guillaume Le Vaillant <glv@posteo.net>
Date: Tue, 05 Apr 2022 09:58:18 +0000
Message-ID: <87a6czbzvh.fsf@kitej>
MIME-Version: 1.0
Received-SPF: pass client-ip=185.67.36.66; envelope-from=glv@posteo.net;
 helo=mout02.posteo.de
X-Spam_score_int: -31
X-Spam_score: -3.2
X-Spam_bar: ---
X-Spam_report: (-3.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001,
 RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
 <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-getmail-retrieved-from-mailbox: Patches

When trying to upgrade a machine using a substitute server on the same
LAN, I get this crash a lot:

--8<---------------cut here---------------start------------->8---
# guix system reconfigure --substitute-urls="http://192.168.0.22:8080 https://ci.guix.gnu.org" /etc/guix/config.scm
substitute: mise à jour des substituts depuis « http://192.168.0.22:8080 »... 100.0 %
substitute: Backtrace:
substitute: In ice-9/boot-9.scm:
substitute:   1752:10 17 (with-exception-handler _ _ #:unwind? _ # _)
substitute: In unknown file:
substitute:           16 (apply-smob/0 #<thunk 7fe08afb72e0>)
substitute: In ice-9/boot-9.scm:
substitute:     724:2 15 (call-with-prompt _ _ #<procedure default-prompt-handle…>)
substitute: In ice-9/eval.scm:
substitute:     619:8 14 (_ #(#(#<directory (guile-user) 7fe08afbcc80>)))
substitute: In guix/ui.scm:
substitute:    2209:7 13 (run-guix . _)
substitute:   2172:10 12 (run-guix-command _ . _)
substitute: In ice-9/boot-9.scm:
substitute:   1752:10 11 (with-exception-handler _ _ #:unwind? _ # _)
substitute:   1752:10 10 (with-exception-handler _ _ #:unwind? _ # _)
substitute: In guix/scripts/substitute.scm:
substitute:    757:18  9 (_)
substitute:    348:26  8 (process-query #<output: file 4> _ #:cache-urls _ #:acl _)
substitute: In guix/substitutes.scm:
substitute:    369:45  7 (lookup-narinfos/diverse _ _ #<procedure 7fe088c9cbc0 …> …)
substitute: In unknown file:
substitute:            6 (filter #<procedure 7fe088c9cbc0 at guix/scripts/subst…> …)
substitute: In guix/narinfo.scm:
substitute:    215:32  5 (valid-narinfo? _ _ #:verbose? _)
substitute: In ice-9/boot-9.scm:
substitute:   1685:16  4 (raise-exception _ #:continuable? _)
substitute:   1685:16  3 (raise-exception _ #:continuable? _)
substitute:   1780:13  2 (_ #<&compound-exception components: (#<&assertion-fail…>)
substitute:   1685:16  1 (raise-exception _ #:continuable? _)
substitute:   1685:16  0 (raise-exception _ #:continuable? _)
substitute: 
substitute: ice-9/boot-9.scm:1685:16: In procedure raise-exception:
substitute: In procedure car: Wrong type argument in position 1 (expecting pair): ()
guix system: erreur : `/gnu/store/wgygsxcdy1z3pfvwhpgyl5vjp4xvwhhh-guix-1.3.0-23.a27e47f/bin/guix substitute' died unexpectedly
--8<---------------cut here---------------end--------------->8---

It looks like the 'narinfo-uri' field is an empty list instead of a list
of URIs. Is that supposed to be possible?
Does the the attached patch adding a check for the validity of
this field in the 'valid-narinfo?' function make sense?


The substitute server configuration is:

--8<---------------cut here---------------start------------->8---
(service guix-publish-service-type
         (guix-publish-configuration
          (host "0.0.0.0")
          (port 8080)
          (compression '(("zstd" 3)))
          (advertise? #t)))
--8<---------------cut here---------------end--------------->8---

From 8d9a45b2f38809fb3acfacf6f83532b7b556e78c Mon Sep 17 00:00:00 2001
From: Guillaume Le Vaillant <glv@posteo.net>
Date: Tue, 5 Apr 2022 11:50:48 +0200
Subject: [PATCH] narinfo: Check URI when verifying narinfo validity.

* guix/narinfo.scm (valid-narinfo?): Check if the 'uri' field is valid.
---
 guix/narinfo.scm | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/guix/narinfo.scm b/guix/narinfo.scm
index 4fc550aa6c..466ce20deb 100644
--- a/guix/narinfo.scm
+++ b/guix/narinfo.scm
@@ -209,11 +209,13 @@ (define %mandatory-fields
 
 (define* (valid-narinfo? narinfo #:optional (acl (current-acl))
                          #:key verbose?)
-  "Return #t if NARINFO's signature is not valid."
+  "Return #t if NARINFO's signature is valid."
   (let ((hash      (narinfo-sha256 narinfo))
         (signature (narinfo-signature narinfo))
-        (uri       (uri->string (first (narinfo-uris narinfo)))))
-    (and hash signature
+        (uri       (if (null? (narinfo-uris narinfo))
+                       #f
+                       (uri->string (first (narinfo-uris narinfo))))))
+    (and hash signature uri
          (signature-case (signature hash acl)
            (valid-signature #t)
            (invalid-signature
-- 
2.35.1