;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2020 by Amar M. Singh <nly@disroot.org>
+;;; Copyright © 2016-2022 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (guix tests)
#:use-module (guix config)
#:use-module (guix utils)
- #:use-module (guix hash)
+ #:use-module (gcrypt hash)
#:use-module (guix store)
#:use-module (guix derivations)
#:use-module (guix gexp)
#:use-module (guix base64)
#:use-module ((guix records) #:select (recutils->alist))
#:use-module ((guix serialization) #:select (restore-file))
- #:use-module (guix pk-crypto)
+ #:use-module (gcrypt pk-crypto)
#:use-module ((guix pki) #:select (%public-key-file %private-key-file))
- #:use-module (guix zlib)
+ #:use-module (zlib)
+ #:use-module (lzlib)
+ #:autoload (zstd) (call-with-zstd-input-port)
#:use-module (web uri)
#:use-module (web client)
+ #:use-module (web request)
#:use-module (web response)
+ #:use-module ((guix http-client) #:select (http-multiple-get))
#:use-module (rnrs bytevectors)
#:use-module (ice-9 binary-ports)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (srfi srfi-64)
+ #:use-module (srfi srfi-71)
+ #:use-module (ice-9 threads)
#:use-module (ice-9 format)
#:use-module (ice-9 match)
#:use-module (ice-9 rdelim))
(define %store
(open-connection-for-tests))
+(define (zstd-supported?)
+ (resolve-module '(zstd) #t #f #:ensure #f))
+
(define %reference (add-text-to-store %store "ref" "foo"))
(define %item (add-text-to-store %store "item" "bar" (list %reference)))
(let ((socket (open-socket-for-uri uri)))
;; Make sure to use an unbuffered port so that we can then peek at the
;; underlying file descriptor via 'call-with-gzip-input-port'.
- (setvbuf socket _IONBF)
+ (setvbuf socket 'none)
(call-with-values
(lambda ()
(http-get uri #:port socket #:streaming? #t))
(lambda (response port)
- ;; Don't (setvbuf port _IONBF) because of <http://bugs.gnu.org/19610>
+ ;; Don't (setvbuf port 'none) because of <http://bugs.gnu.org/19610>
;; (PORT might be a custom binary input port).
port))))
(unsigned-info
(format #f
"StorePath: ~a
-URL: nar/~a
-Compression: none
NarHash: sha256:~a
NarSize: ~d
-References: ~a
-FileSize: ~a~%"
+References: ~a~%"
%item
- (basename %item)
(bytevector->nix-base32-string
(path-info-hash info))
(path-info-nar-size info)
- (basename (first (path-info-references info)))
- (path-info-nar-size info)))
+ (basename (first (path-info-references info)))))
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
- (format #f "~aSignature: 1;~a;~a~%"
- unsigned-info (gethostname) signature))
+ (signed-string unsigned-info))))))
+ (format #f "~aSignature: 1;~a;~a
+URL: nar/~a
+Compression: none
+FileSize: ~a\n"
+ unsigned-info (gethostname) signature
+ (basename %item)
+ (path-info-nar-size info)))
(utf8->string
(http-get-body
(publish-uri
(string-append "/" (store-path-hash-part %item) ".narinfo")))))
+(test-equal "/*.narinfo pipeline"
+ (make-list 500 200)
+ ;; Make sure clients can pipeline requests and correct responses, in the
+ ;; right order. See <https://issues.guix.gnu.org/54723>.
+ (let* ((uri (string->uri (publish-uri
+ (string-append "/"
+ (store-path-hash-part %item)
+ ".narinfo"))))
+ (_ expected (http-get uri #:streaming? #f #:decode-body? #f)))
+ (http-multiple-get (string->uri (publish-uri ""))
+ (lambda (request response port result)
+ (and (bytevector=? expected
+ (get-bytevector-n port
+ (response-content-length
+ response)))
+ (cons (response-code response) result)))
+ '()
+ (make-list 500 (build-request uri))
+ #:batch-size 77)))
+
(test-equal "/*.narinfo with properly encoded '+' sign"
;; See <http://bugs.gnu.org/21888>.
(let* ((item (add-text-to-store %store "fake-gtk+" "Congrats!"))
(unsigned-info
(format #f
"StorePath: ~a
-URL: nar/~a
-Compression: none
NarHash: sha256:~a
NarSize: ~d
-References: ~%\
-FileSize: ~a~%"
+References: ~%"
item
- (uri-encode (basename item))
(bytevector->nix-base32-string
(path-info-hash info))
- (path-info-nar-size info)
(path-info-nar-size info)))
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
- (format #f "~aSignature: 1;~a;~a~%"
- unsigned-info (gethostname) signature))
+ (signed-string unsigned-info))))))
+ (format #f "~aSignature: 1;~a;~a
+URL: nar/~a
+Compression: none
+FileSize: ~a~%"
+ unsigned-info (gethostname) signature
+ (uri-encode (basename item))
+ (path-info-nar-size info)))
(let ((item (add-text-to-store %store "fake-gtk+" "Congrats!")))
(utf8->string
(call-with-input-string nar (cut restore-file <> temp)))
(call-with-input-file temp read-string))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "/nar/gzip/*"
"bar"
(call-with-temporary-output-file
(cut restore-file <> temp)))
(call-with-input-file temp read-string))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "/nar/gzip/* is really gzip"
%gzip-magic-bytes
;; Since 'gzdopen' (aka. 'call-with-gzip-input-port') transparently reads
(string-append "/nar/gzip/" (basename %item))))))
(get-bytevector-n nar (bytevector-length %gzip-magic-bytes))))
-(unless (zlib-available?)
- (test-skip 1))
+(test-equal "/nar/lzip/*"
+ "bar"
+ (call-with-temporary-output-file
+ (lambda (temp port)
+ (let ((nar (http-get-port
+ (publish-uri
+ (string-append "/nar/lzip/" (basename %item))))))
+ (call-with-lzip-input-port nar
+ (cut restore-file <> temp)))
+ (call-with-input-file temp read-string))))
+
+(unless (zstd-supported?) (test-skip 1))
+(test-equal "/nar/zstd/*"
+ "bar"
+ (call-with-temporary-output-file
+ (lambda (temp port)
+ (let ((nar (http-get-port
+ (publish-uri
+ (string-append "/nar/zstd/" (basename %item))))))
+ (call-with-zstd-input-port nar
+ (cut restore-file <> temp)))
+ (call-with-input-file temp read-string))))
+
(test-equal "/*.narinfo with compression"
`(("StorePath" . ,%item)
("URL" . ,(string-append "nar/gzip/" (basename %item)))
(_ #f)))
(recutils->alist body)))))
-(unless (zlib-available?)
- (test-skip 1))
+(test-equal "/*.narinfo with lzip compression"
+ `(("StorePath" . ,%item)
+ ("URL" . ,(string-append "nar/lzip/" (basename %item)))
+ ("Compression" . "lzip"))
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6790" "-Clzip"))))))
+ (wait-until-ready 6790)
+ (let* ((url (string-append "http://localhost:6790/"
+ (store-path-hash-part %item) ".narinfo"))
+ (body (http-get-port url)))
+ (filter (lambda (item)
+ (match item
+ (("Compression" . _) #t)
+ (("StorePath" . _) #t)
+ (("URL" . _) #t)
+ (_ #f)))
+ (recutils->alist body)))))
+
(test-equal "/*.narinfo for a compressed file"
'("none" "nar") ;compression-less nar
;; Assume 'guix publish -C' is already running on port 6799.
(list (assoc-ref info "Compression")
(dirname (assoc-ref info "URL")))))
+(test-equal "/*.narinfo with lzip + gzip"
+ `((("StorePath" . ,%item)
+ ("URL" . ,(string-append "nar/gzip/" (basename %item)))
+ ("Compression" . "gzip")
+ ("URL" . ,(string-append "nar/lzip/" (basename %item)))
+ ("Compression" . "lzip"))
+ 200
+ 200)
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6793" "-Cgzip:2" "-Clzip:2"))))))
+ (wait-until-ready 6793)
+ (let* ((base "http://localhost:6793/")
+ (part (store-path-hash-part %item))
+ (url (string-append base part ".narinfo"))
+ (body (http-get-port url)))
+ (list (filter (match-lambda
+ (("StorePath" . _) #t)
+ (("URL" . _) #t)
+ (("Compression" . _) #t)
+ (_ #f))
+ (recutils->alist body))
+ (response-code
+ (http-get (string-append base "nar/gzip/"
+ (basename %item))))
+ (response-code
+ (http-get (string-append base "nar/lzip/"
+ (basename %item))))))))))
+
(test-equal "custom nar path"
;; Serve nars at /foo/bar/chbouib instead of /nar.
(list `(("StorePath" . ,%item)
(call-with-input-string "" port-sha256))))))
(response-code (http-get uri))))
-(unless (zlib-available?)
- (test-skip 1))
(test-equal "with cache"
(list #t
`(("StorePath" . ,%item)
(call-with-new-thread
(lambda ()
(guix-publish "--port=6797" "-C2"
- (string-append "--cache=" cache)))))))
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
(wait-until-ready 6797)
(let* ((base "http://localhost:6797/")
(part (store-path-hash-part %item))
(< ttl 3600)))
(wait-for-file cached)
+
+ ;; Both the narinfo and nar should be world-readable.
+ (= #o444 (logand #o444 (stat:perms (lstat cached))))
+ (= #o444 (logand #o444 (stat:perms (lstat nar))))
+
(let* ((body (http-get-port url))
(compressed (http-get nar-url))
(uncompressed (http-get (string-append base "nar/"
(stat:size (stat nar)))
(response-code uncompressed)))))))))
-(unless (zlib-available?)
- (test-skip 1))
+(test-equal "with cache, lzip + gzip"
+ '(200 200 404)
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6794" "-Cgzip:2" "-Clzip:2"
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
+ (wait-until-ready 6794)
+ (let* ((base "http://localhost:6794/")
+ (part (store-path-hash-part %item))
+ (url (string-append base part ".narinfo"))
+ (nar-url (cute string-append "nar/" <> "/"
+ (basename %item)))
+ (cached (cute string-append cache "/" <> "/"
+ (basename %item) ".narinfo"))
+ (nar (cute string-append cache "/" <> "/"
+ (basename %item) ".nar"))
+ (response (http-get url)))
+ (wait-for-file (cached "gzip"))
+ (let* ((body (http-get-port url))
+ (narinfo (recutils->alist body))
+ (uncompressed (string-append base "nar/"
+ (basename %item))))
+ (and (file-exists? (nar "gzip"))
+ (file-exists? (nar "lzip"))
+ (match (pk 'narinfo/gzip+lzip narinfo)
+ ((("StorePath" . path)
+ _ ...
+ ("Signature" . _)
+ ("URL" . gzip-url)
+ ("Compression" . "gzip")
+ ("FileSize" . (= string->number gzip-size))
+ ("URL" . lzip-url)
+ ("Compression" . "lzip")
+ ("FileSize" . (= string->number lzip-size)))
+ (and (string=? gzip-url (nar-url "gzip"))
+ (string=? lzip-url (nar-url "lzip"))
+ (= gzip-size
+ (stat:size (stat (nar "gzip"))))
+ (= lzip-size
+ (stat:size (stat (nar "lzip")))))))
+ (list (response-code
+ (http-get (string-append base (nar-url "gzip"))))
+ (response-code
+ (http-get (string-append base (nar-url "lzip"))))
+ (response-code
+ (http-get uncompressed))))))))))
+
(let ((item (add-text-to-store %store "fake-compressed-thing.tar.gz"
(random-text))))
(test-equal "with cache, uncompressed"
(list #t
+ (* 42 3600) ;TTL on narinfo
`(("StorePath" . ,item)
("URL" . ,(string-append "nar/" (basename item)))
("Compression" . "none"))
200 ;nar/…
+ (* 42 3600) ;TTL on nar/…
(path-info-nar-size
(query-path-info %store item)) ;FileSize
404) ;nar/gzip/…
(let ((thread (with-separate-output-ports
(call-with-new-thread
(lambda ()
- (guix-publish "--port=6796" "-C2"
- (string-append "--cache=" cache)))))))
+ (guix-publish "--port=6796" "-C2" "--ttl=42h"
+ (string-append "--cache=" cache)
+ "--cache-bypass-threshold=0"))))))
(wait-until-ready 6796)
(let* ((base "http://localhost:6796/")
(part (store-path-hash-part item))
(and (= 404 (response-code response))
(wait-for-file cached)
- (let* ((body (http-get-port url))
+ (let* ((response (http-get url))
+ (body (http-get-port url))
(compressed (http-get (string-append base "nar/gzip/"
(basename item))))
(uncompressed (http-get (string-append base "nar/"
(basename item))))
(narinfo (recutils->alist body)))
(list (file-exists? nar)
+ (match (assq-ref (response-headers response)
+ 'cache-control)
+ ((('max-age . ttl)) ttl)
+ (_ #f))
+
(filter (lambda (item)
(match item
(("Compression" . _) #t)
(_ #f)))
narinfo)
(response-code uncompressed)
+ (match (assq-ref (response-headers uncompressed)
+ 'cache-control)
+ ((('max-age . ttl)) ttl)
+ (_ #f))
+
(string->number
(assoc-ref narinfo "FileSize"))
(response-code compressed))))))))))
+(test-equal "with cache, vanishing item" ;<https://bugs.gnu.org/33897>
+ 200
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6795"
+ (string-append "--cache=" cache)))))))
+ (wait-until-ready 6795)
+
+ ;; Make sure that, even if ITEM disappears, we're still able to fetch
+ ;; it.
+ (let* ((base "http://localhost:6795/")
+ (item (add-text-to-store %store "random" (random-text)))
+ (part (store-path-hash-part item))
+ (url (string-append base part ".narinfo"))
+ (cached (string-append cache "/gzip/"
+ (basename item)
+ ".narinfo"))
+ (response (http-get url)))
+ (and (= 200 (response-code response)) ;we're below the threshold
+ (wait-for-file cached)
+ (begin
+ (delete-paths %store (list item))
+ (response-code (pk 'response (http-get url))))))))))
+
+(test-equal "with cache, cache bypass"
+ 200
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6788" "-C" "gzip"
+ (string-append "--cache=" cache)))))))
+ (wait-until-ready 6788)
+
+ (let* ((base "http://localhost:6788/")
+ (item (add-text-to-store %store "random" (random-text)))
+ (part (store-path-hash-part item))
+ (narinfo (string-append base part ".narinfo"))
+ (nar (string-append base "nar/gzip/" (basename item)))
+ (cached (string-append cache "/gzip/" (basename item)
+ ".narinfo")))
+ ;; We're below the default cache bypass threshold, so NAR and NARINFO
+ ;; should immediately return 200. The NARINFO request should trigger
+ ;; caching, and the next request to NAR should return 200 as well.
+ (and (let ((response (pk 'r1 (http-get nar))))
+ (and (= 200 (response-code response))
+ (not (response-content-length response)))) ;not known
+ (= 200 (response-code (http-get narinfo)))
+ (begin
+ (wait-for-file cached)
+ (let ((response (pk 'r2 (http-get nar))))
+ (and (> (response-content-length response)
+ (stat:size (stat item)))
+ (response-code response))))))))))
+
+(test-equal "with cache, cache bypass, unmapped hash part"
+ 200
+
+ ;; This test reproduces the bug described in <https://bugs.gnu.org/44442>:
+ ;; the daemon connection would be closed as a side effect of a nar request
+ ;; for a non-existing file name.
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6787" "-C" "gzip"
+ (string-append "--cache=" cache)))))))
+ (wait-until-ready 6787)
+
+ (let* ((base "http://localhost:6787/")
+ (item (add-text-to-store %store "random" (random-text)))
+ (part (store-path-hash-part item))
+ (narinfo (string-append base part ".narinfo"))
+ (nar (string-append base "nar/gzip/" (basename item)))
+ (cached (string-append cache "/gzip/" (basename item)
+ ".narinfo")))
+ ;; The first response used to be 500 and to terminate the daemon
+ ;; connection as a side effect.
+ (and (= (response-code
+ (http-get (string-append base "nar/gzip/"
+ (make-string 32 #\e)
+ "-does-not-exist")))
+ 404)
+ (= 200 (response-code (http-get nar)))
+ (= 200 (response-code (http-get narinfo)))
+ (begin
+ (wait-for-file cached)
+ (response-code (http-get nar)))))))))
+
(test-equal "/log/NAME"
- `(200 #t application/x-bzip2)
+ `(200 #t text/plain (gzip))
(let ((drv (run-with-store %store
(gexp->derivation "with-log"
#~(call-with-output-file #$output
(lambda (port)
(display "Hello, build log!"
(current-error-port))
- (display "" port)))))))
+ (display #$(random-text) port)))))))
(build-derivations %store (list drv))
(let* ((response (http-get
(publish-uri (string-append "/log/"
(base (basename (derivation-file-name drv)))
(log (string-append (dirname %state-directory)
"/log/guix/drvs/" (string-take base 2)
- "/" (string-drop base 2) ".bz2")))
+ "/" (string-drop base 2) ".gz")))
(list (response-code response)
(= (response-content-length response) (stat:size (stat log)))
- (first (response-content-type response))))))
+ (first (response-content-type response))
+ (response-content-encoding response)))))
+
+(test-equal "negative TTL"
+ `(404 42)
+
+ (call-with-temporary-directory
+ (lambda (cache)
+ (let ((thread (with-separate-output-ports
+ (call-with-new-thread
+ (lambda ()
+ (guix-publish "--port=6786" "-C0"
+ "--negative-ttl=42s"))))))
+ (wait-until-ready 6786)
+
+ (let* ((base "http://localhost:6786/")
+ (url (string-append base (make-string 32 #\z)
+ ".narinfo"))
+ (response (http-get url)))
+ (list (response-code response)
+ (match (assq-ref (response-headers response) 'cache-control)
+ ((('max-age . ttl)) ttl)
+ (_ #f))))))))
+
+(test-equal "no negative TTL"
+ `(404 #f)
+ (let* ((uri (publish-uri
+ (string-append "/" (make-string 32 #\z)
+ ".narinfo")))
+ (response (http-get uri)))
+ (list (response-code response)
+ (assq-ref (response-headers response) 'cache-control))))
(test-equal "/log/NAME not found"
404
(let ((uri (publish-uri "/log/does-not-exist")))
(response-code (http-get uri))))
+(test-equal "/signing-key.pub"
+ 200
+ (response-code (http-get (publish-uri "/signing-key.pub"))))
+
(test-equal "non-GET query"
'(200 404)
(let ((path (string-append "/" (store-path-hash-part %item)
HCoop / jackhill / guix / guix.git / blobdiff