;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2020 by Amar M. Singh <nly@disroot.org>
+;;; Copyright © 2016-2022 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module ((guix serialization) #:select (restore-file))
#:use-module (gcrypt pk-crypto)
#:use-module ((guix pki) #:select (%public-key-file %private-key-file))
- #:use-module (guix zlib)
- #:use-module (guix lzlib)
+ #:use-module (zlib)
+ #:use-module (lzlib)
+ #:autoload (zstd) (call-with-zstd-input-port)
#:use-module (web uri)
#:use-module (web client)
+ #:use-module (web request)
#:use-module (web response)
+ #:use-module ((guix http-client) #:select (http-multiple-get))
#:use-module (rnrs bytevectors)
#:use-module (ice-9 binary-ports)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-64)
+ #:use-module (srfi srfi-71)
#:use-module (ice-9 threads)
#:use-module (ice-9 format)
#:use-module (ice-9 match)
(define %store
(open-connection-for-tests))
+(define (zstd-supported?)
+ (resolve-module '(zstd) #t #f #:ensure #f))
+
(define %reference (add-text-to-store %store "ref" "foo"))
(define %item (add-text-to-store %store "item" "bar" (list %reference)))
(unsigned-info
(format #f
"StorePath: ~a
-URL: nar/~a
-Compression: none
-FileSize: ~a
NarHash: sha256:~a
NarSize: ~d
References: ~a~%"
%item
- (basename %item)
- (path-info-nar-size info)
(bytevector->nix-base32-string
(path-info-hash info))
(path-info-nar-size info)
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
- (format #f "~aSignature: 1;~a;~a~%"
- unsigned-info (gethostname) signature))
+ (signed-string unsigned-info))))))
+ (format #f "~aSignature: 1;~a;~a
+URL: nar/~a
+Compression: none
+FileSize: ~a\n"
+ unsigned-info (gethostname) signature
+ (basename %item)
+ (path-info-nar-size info)))
(utf8->string
(http-get-body
(publish-uri
(string-append "/" (store-path-hash-part %item) ".narinfo")))))
+(test-equal "/*.narinfo pipeline"
+ (make-list 500 200)
+ ;; Make sure clients can pipeline requests and correct responses, in the
+ ;; right order. See <https://issues.guix.gnu.org/54723>.
+ (let* ((uri (string->uri (publish-uri
+ (string-append "/"
+ (store-path-hash-part %item)
+ ".narinfo"))))
+ (_ expected (http-get uri #:streaming? #f #:decode-body? #f)))
+ (http-multiple-get (string->uri (publish-uri ""))
+ (lambda (request response port result)
+ (and (bytevector=? expected
+ (get-bytevector-n port
+ (response-content-length
+ response)))
+ (cons (response-code response) result)))
+ '()
+ (make-list 500 (build-request uri))
+ #:batch-size 77)))
+
(test-equal "/*.narinfo with properly encoded '+' sign"
;; See <http://bugs.gnu.org/21888>.
(let* ((item (add-text-to-store %store "fake-gtk+" "Congrats!"))
(unsigned-info
(format #f
"StorePath: ~a
-URL: nar/~a
-Compression: none
-FileSize: ~a
NarHash: sha256:~a
NarSize: ~d
References: ~%"
item
- (uri-encode (basename item))
- (path-info-nar-size info)
(bytevector->nix-base32-string
(path-info-hash info))
(path-info-nar-size info)))
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
- (format #f "~aSignature: 1;~a;~a~%"
- unsigned-info (gethostname) signature))
+ (signed-string unsigned-info))))))
+ (format #f "~aSignature: 1;~a;~a
+URL: nar/~a
+Compression: none
+FileSize: ~a~%"
+ unsigned-info (gethostname) signature
+ (uri-encode (basename item))
+ (path-info-nar-size info)))
(let ((item (add-text-to-store %store "fake-gtk+" "Congrats!")))
(utf8->string
(call-with-input-string nar (cut restore-file <> temp)))
(call-with-input-file temp read-string))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "/nar/gzip/*"
"bar"
(call-with-temporary-output-file
(cut restore-file <> temp)))
(call-with-input-file temp read-string))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "/nar/gzip/* is really gzip"
%gzip-magic-bytes
;; Since 'gzdopen' (aka. 'call-with-gzip-input-port') transparently reads
(string-append "/nar/gzip/" (basename %item))))))
(get-bytevector-n nar (bytevector-length %gzip-magic-bytes))))
-(unless (lzlib-available?)
- (test-skip 1))
(test-equal "/nar/lzip/*"
"bar"
(call-with-temporary-output-file
(cut restore-file <> temp)))
(call-with-input-file temp read-string))))
-(unless (zlib-available?)
- (test-skip 1))
+(unless (zstd-supported?) (test-skip 1))
+(test-equal "/nar/zstd/*"
+ "bar"
+ (call-with-temporary-output-file
+ (lambda (temp port)
+ (let ((nar (http-get-port
+ (publish-uri
+ (string-append "/nar/zstd/" (basename %item))))))
+ (call-with-zstd-input-port nar
+ (cut restore-file <> temp)))
+ (call-with-input-file temp read-string))))
+
(test-equal "/*.narinfo with compression"
`(("StorePath" . ,%item)
("URL" . ,(string-append "nar/gzip/" (basename %item)))
(_ #f)))
(recutils->alist body)))))
-(unless (lzlib-available?)
- (test-skip 1))
(test-equal "/*.narinfo with lzip compression"
`(("StorePath" . ,%item)
("URL" . ,(string-append "nar/lzip/" (basename %item)))
(_ #f)))
(recutils->alist body)))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "/*.narinfo for a compressed file"
'("none" "nar") ;compression-less nar
;; Assume 'guix publish -C' is already running on port 6799.
(list (assoc-ref info "Compression")
(dirname (assoc-ref info "URL")))))
-(unless (and (zlib-available?) (lzlib-available?))
- (test-skip 1))
(test-equal "/*.narinfo with lzip + gzip"
`((("StorePath" . ,%item)
("URL" . ,(string-append "nar/gzip/" (basename %item)))
(part (store-path-hash-part %item))
(url (string-append base part ".narinfo"))
(body (http-get-port url)))
- (list (take (recutils->alist body) 5)
+ (list (filter (match-lambda
+ (("StorePath" . _) #t)
+ (("URL" . _) #t)
+ (("Compression" . _) #t)
+ (_ #f))
+ (recutils->alist body))
(response-code
(http-get (string-append base "nar/gzip/"
(basename %item))))
(call-with-input-string "" port-sha256))))))
(response-code (http-get uri))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "with cache"
(list #t
`(("StorePath" . ,%item)
(call-with-new-thread
(lambda ()
(guix-publish "--port=6797" "-C2"
- (string-append "--cache=" cache)))))))
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
(wait-until-ready 6797)
(let* ((base "http://localhost:6797/")
(part (store-path-hash-part %item))
(< ttl 3600)))
(wait-for-file cached)
+
+ ;; Both the narinfo and nar should be world-readable.
+ (= #o444 (logand #o444 (stat:perms (lstat cached))))
+ (= #o444 (logand #o444 (stat:perms (lstat nar))))
+
(let* ((body (http-get-port url))
(compressed (http-get nar-url))
(uncompressed (http-get (string-append base "nar/"
(stat:size (stat nar)))
(response-code uncompressed)))))))))
-(unless (and (zlib-available?) (lzlib-available?))
- (test-skip 1))
(test-equal "with cache, lzip + gzip"
'(200 200 404)
(call-with-temporary-directory
(call-with-new-thread
(lambda ()
(guix-publish "--port=6794" "-Cgzip:2" "-Clzip:2"
- (string-append "--cache=" cache)))))))
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
(wait-until-ready 6794)
(let* ((base "http://localhost:6794/")
(part (store-path-hash-part %item))
(basename %item))))
(and (file-exists? (nar "gzip"))
(file-exists? (nar "lzip"))
- (equal? (take (pk 'narinfo/gzip+lzip narinfo) 7)
- `(("StorePath" . ,%item)
- ("URL" . ,(nar-url "gzip"))
- ("Compression" . "gzip")
- ("FileSize" . ,(number->string
- (stat:size (stat (nar "gzip")))))
- ("URL" . ,(nar-url "lzip"))
- ("Compression" . "lzip")
- ("FileSize" . ,(number->string
- (stat:size (stat (nar "lzip")))))))
+ (match (pk 'narinfo/gzip+lzip narinfo)
+ ((("StorePath" . path)
+ _ ...
+ ("Signature" . _)
+ ("URL" . gzip-url)
+ ("Compression" . "gzip")
+ ("FileSize" . (= string->number gzip-size))
+ ("URL" . lzip-url)
+ ("Compression" . "lzip")
+ ("FileSize" . (= string->number lzip-size)))
+ (and (string=? gzip-url (nar-url "gzip"))
+ (string=? lzip-url (nar-url "lzip"))
+ (= gzip-size
+ (stat:size (stat (nar "gzip"))))
+ (= lzip-size
+ (stat:size (stat (nar "lzip")))))))
(list (response-code
(http-get (string-append base (nar-url "gzip"))))
(response-code
(response-code
(http-get uncompressed))))))))))
-(unless (zlib-available?)
- (test-skip 1))
(let ((item (add-text-to-store %store "fake-compressed-thing.tar.gz"
(random-text))))
(test-equal "with cache, uncompressed"
(call-with-new-thread
(lambda ()
(guix-publish "--port=6796" "-C2" "--ttl=42h"
- (string-append "--cache=" cache)))))))
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
(wait-until-ready 6796)
(let* ((base "http://localhost:6796/")
(part (store-path-hash-part item))
(item (add-text-to-store %store "random" (random-text)))
(part (store-path-hash-part item))
(url (string-append base part ".narinfo"))
- (cached (string-append cache
- (if (zlib-available?)
- "/gzip/" "/none/")
+ (cached (string-append cache "/gzip/"
(basename item)
".narinfo"))
(response (http-get url)))
- (and (= 404 (response-code response))
+ (and (= 200 (response-code response)) ;we're below the threshold
(wait-for-file cached)
(begin
(delete-paths %store (list item))
(response-code (pk 'response (http-get url))))))))))
+(test-equal "with cache, cache bypass"
+ 200
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6788" "-C" "gzip"
+ (string-append "--cache=" cache)))))))
+ (wait-until-ready 6788)
+
+ (let* ((base "http://localhost:6788/")
+ (item (add-text-to-store %store "random" (random-text)))
+ (part (store-path-hash-part item))
+ (narinfo (string-append base part ".narinfo"))
+ (nar (string-append base "nar/gzip/" (basename item)))
+ (cached (string-append cache "/gzip/" (basename item)
+ ".narinfo")))
+ ;; We're below the default cache bypass threshold, so NAR and NARINFO
+ ;; should immediately return 200. The NARINFO request should trigger
+ ;; caching, and the next request to NAR should return 200 as well.
+ (and (let ((response (pk 'r1 (http-get nar))))
+ (and (= 200 (response-code response))
+ (not (response-content-length response)))) ;not known
+ (= 200 (response-code (http-get narinfo)))
+ (begin
+ (wait-for-file cached)
+ (let ((response (pk 'r2 (http-get nar))))
+ (and (> (response-content-length response)
+ (stat:size (stat item)))
+ (response-code response))))))))))
+
+(test-equal "with cache, cache bypass, unmapped hash part"
+ 200
+
+ ;; This test reproduces the bug described in <https://bugs.gnu.org/44442>:
+ ;; the daemon connection would be closed as a side effect of a nar request
+ ;; for a non-existing file name.
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6787" "-C" "gzip"
+ (string-append "--cache=" cache)))))))
+ (wait-until-ready 6787)
+
+ (let* ((base "http://localhost:6787/")
+ (item (add-text-to-store %store "random" (random-text)))
+ (part (store-path-hash-part item))
+ (narinfo (string-append base part ".narinfo"))
+ (nar (string-append base "nar/gzip/" (basename item)))
+ (cached (string-append cache "/gzip/" (basename item)
+ ".narinfo")))
+ ;; The first response used to be 500 and to terminate the daemon
+ ;; connection as a side effect.
+ (and (= (response-code
+ (http-get (string-append base "nar/gzip/"
+ (make-string 32 #\e)
+ "-does-not-exist")))
+ 404)
+ (= 200 (response-code (http-get nar)))
+ (= 200 (response-code (http-get narinfo)))
+ (begin
+ (wait-for-file cached)
+ (response-code (http-get nar)))))))))
+
(test-equal "/log/NAME"
- `(200 #t application/x-bzip2)
+ `(200 #t text/plain (gzip))
(let ((drv (run-with-store %store
(gexp->derivation "with-log"
#~(call-with-output-file #$output
(base (basename (derivation-file-name drv)))
(log (string-append (dirname %state-directory)
"/log/guix/drvs/" (string-take base 2)
- "/" (string-drop base 2) ".bz2")))
+ "/" (string-drop base 2) ".gz")))
(list (response-code response)
(= (response-content-length response) (stat:size (stat log)))
- (first (response-content-type response))))))
+ (first (response-content-type response))
+ (response-content-encoding response)))))
+
+(test-equal "negative TTL"
+ `(404 42)
+
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6786" "-C0"
+ "--negative-ttl=42s"))))))
+ (wait-until-ready 6786)
+
+ (let* ((base "http://localhost:6786/")
+ (url (string-append base (make-string 32 #\z)
+ ".narinfo"))
+ (response (http-get url)))
+ (list (response-code response)
+ (match (assq-ref (response-headers response) 'cache-control)
+ ((('max-age . ttl)) ttl)
+ (_ #f))))))))
+
+(test-equal "no negative TTL"
+ `(404 #f)
+ (let* ((uri (publish-uri
+ (string-append "/" (make-string 32 #\z)
+ ".narinfo")))
+ (response (http-get uri)))
+ (list (response-code response)
+ (assq-ref (response-headers response) 'cache-control))))
(test-equal "/log/NAME not found"
404
(let ((uri (publish-uri "/log/does-not-exist")))
(response-code (http-get uri))))
+(test-equal "/signing-key.pub"
+ 200
+ (response-code (http-get (publish-uri "/signing-key.pub"))))
+
(test-equal "non-GET query"
'(200 404)
(let ((path (string-append "/" (store-path-hash-part %item)