HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: gnupg: Update to 2.1.23.
[jackhill/guix/guix.git] / guix / download.scm
CommitLineData
233e7676 1;;; GNU Guix --- Functional package management for GNU
95001d4b 2;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
9884d7ec 3;;; Copyright © 2013, 2014, 2015 Andreas Enge <andreas@enge.fr>
95001d4b 4;;; Copyright © 2015 Federico Beffa <beffa@fbengineering.ch>
fe224d20 5;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
9c97afe8 6;;; Copyright © 2016 David Craven <david@craven.ch>
58f91e4d 7;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
62cab99c 8;;;
233e7676 9;;; This file is part of GNU Guix.
62cab99c 10;;;
233e7676 11;;; GNU Guix is free software; you can redistribute it and/or modify it
62cab99c
LC		 12;;; under the terms of the GNU General Public License as published by
13;;; the Free Software Foundation; either version 3 of the License, or (at
14;;; your option) any later version.
15;;;
233e7676 16;;; GNU Guix is distributed in the hope that it will be useful, but
62cab99c
LC		 17;;; WITHOUT ANY WARRANTY; without even the implied warranty of
18;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19;;; GNU General Public License for more details.
20;;;
21;;; You should have received a copy of the GNU General Public License
233e7676 22;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
62cab99c
LC		 23
24(define-module (guix download)
25 #:use-module (ice-9 match)
26 #:use-module (guix derivations)
27 #:use-module (guix packages)
e87f0591 28 #:use-module (guix store)
b5b73a82 29 #:use-module ((guix build download) #:prefix build:)
6f8f8ccb
LC		 30 #:use-module (guix monads)
31 #:use-module (guix gexp)
62cab99c 32 #:use-module (guix utils)
d8907ac4 33 #:use-module (web uri)
483f1158 34 #:use-module (srfi srfi-1)
94d222ad 35 #:use-module (srfi srfi-26)
ec4d308a 36 #:export (%mirrors
861693f3 37 url-fetch
95001d4b 38 url-fetch/tarbomb
814b099a 39 url-fetch/zipbomb
861693f3 40 download-to-store))
62cab99c
LC		 41
42;;; Commentary:
43;;;
44;;; Produce fixed-output derivations with data fetched over HTTP or FTP.
45;;;
46;;; Code:
47
94d222ad
LC		 48(define %mirrors
49 ;; Mirror lists used when `mirror://' URLs are passed.
50 (let* ((gnu-mirrors
51 '(;; This one redirects to a (supposedly) nearby and (supposedly)
52 ;; up-to-date mirror.
53 "http://ftpmirror.gnu.org/"
54
55 "ftp://ftp.cs.tu-berlin.de/pub/gnu/"
94d222ad
LC		 56 "ftp://ftp.funet.fi/pub/mirrors/ftp.gnu.org/gnu/"
57
58 ;; This one is the master repository, and thus it's always
59 ;; up-to-date.
60 "http://ftp.gnu.org/pub/gnu/")))
61 `((gnu ,@gnu-mirrors)
62 (gcc
63 "ftp://ftp.nluug.nl/mirror/languages/gcc/"
64 "ftp://ftp.fu-berlin.de/unix/languages/gcc/"
65 "ftp://ftp.irisa.fr/pub/mirrors/gcc.gnu.org/gcc/"
66 "ftp://gcc.gnu.org/pub/gcc/"
67 ,@(map (cut string-append <> "/gcc") gnu-mirrors))
68 (gnupg
b23c1a71 69 "http://gd.tuwien.ac.at/privacy/gnupg/"
d57b88be 70 "ftp://mirrors.dotsrc.org/gcrypt/"
94d222ad 71 "ftp://mirror.cict.fr/gnupg/"
d57b88be
AE		 72 "http://artfiles.org/gnupg.org"
73 "ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/"
74 "ftp://ftp.freenet.de/pub/ftp.gnupg.org/gcrypt/"
75 "http://www.crysys.hu/"
76 "ftp://ftp.hi.is/pub/mirrors/gnupg/"
77 "ftp://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/"
78 "ftp://ftp.bit.nl/mirror/gnupg/"
79 "ftp://ftp.surfnet.nl/pub/security/gnupg/"
80 "ftp://ftp.iasi.roedu.net/pub/mirrors/ftp.gnupg.org/"
81 "ftp://ftp.sunet.se/pub/security/gnupg/"
82 "ftp://mirror.switch.ch/mirror/gnupg/"
83 "ftp://mirror.tje.me.uk/pub/mirrors/ftp.gnupg.org/"
84 "ftp://ftp.mirrorservice.org/sites/ftp.gnupg.org/gcrypt/"
85 "ftp://ftp.ring.gr.jp/pub/net/gnupg/"
86 "ftp://ftp.gnupg.org/gcrypt/")
71eb5c10
LC		 87 (gnome
88 "http://ftp.belnet.be/ftp.gnome.org/"
89 "http://ftp.linux.org.uk/mirrors/ftp.gnome.org/"
90 "http://ftp.gnome.org/pub/GNOME/"
93897a45 91 "https://download.gnome.org/"
71eb5c10 92 "http://mirror.yandex.ru/mirrors/ftp.gnome.org/")
442c2c99 93 (hackage
4c13aad0 94 "http://hackage.haskell.org/")
94d222ad 95 (savannah
a4eabecd 96 "http://download.savannah.gnu.org/releases/"
94d222ad
LC		 97 "ftp://ftp.twaren.net/Unix/NonGNU/"
98 "ftp://mirror.csclub.uwaterloo.ca/nongnu/"
99 "ftp://mirror.publicns.net/pub/nongnu/"
100 "ftp://savannah.c3sl.ufpr.br/"
101 "http://ftp.cc.uoc.gr/mirrors/nongnu.org/"
102 "http://ftp.twaren.net/Unix/NonGNU/"
103 "http://mirror.csclub.uwaterloo.ca/nongnu/"
104 "http://nongnu.askapache.com/"
105 "http://savannah.c3sl.ufpr.br/"
3f6d5b8a
LC		 106 "http://download.savannah.gnu.org/releases-noredirect/"
107 "http://download-mirror.savannah.gnu.org/releases/")
321dc4df 108 (sourceforge ; https://sourceforge.net/p/forge/documentation/Mirrors/
fe224d20 109 "http://downloads.sourceforge.net/project/"
cd4c41fd
LC		 110 "http://ufpr.dl.sourceforge.net/project/"
111 "http://heanet.dl.sourceforge.net/project/"
112 "http://freefr.dl.sourceforge.net/project/"
113 "http://internode.dl.sourceforge.net/project/"
114 "http://jaist.dl.sourceforge.net/project/"
115 "http://kent.dl.sourceforge.net/project/"
116 "http://liquidtelecom.dl.sourceforge.net/project/"
117 "http://nbtelecom.dl.sourceforge.net/project/"
118 "http://nchc.dl.sourceforge.net/project/"
119 "http://ncu.dl.sourceforge.net/project/"
120 "http://netcologne.dl.sourceforge.net/project/"
121 "http://netix.dl.sourceforge.net/project/"
122 "http://pilotfiber.dl.sourceforge.net/project/"
123 "http://superb-sea2.dl.sourceforge.net/project/"
124 "http://tenet.dl.sourceforge.net/project/"
125 "http://vorboss.dl.sourceforge.net/project/"
126 "http://netassist.dl.sourceforge.net/project/")
7c7b802c
MB		 127 (netfilter.org ; https://www.netfilter.org/mirrors.html
128 "http://ftp.netfilter.org/pub/"
129 "ftp://ftp.es.netfilter.org/mirrors/netfilter/"
130 "ftp://ftp.hu.netfilter.org/"
131 "ftp://www.lt.netfilter.org/pub/")
b40b259f 132 (kernel.org
b40b259f
LC		 133 "http://ramses.wh2.tu-dresden.de/pub/mirrors/kernel.org/"
134 "http://linux-kernel.uio.no/pub/"
135 "http://kernel.osuosl.org/pub/"
5d9cd707
LC		 136 "ftp://ftp.funet.fi/pub/mirrors/ftp.kernel.org/pub/"
137 "http://ftp.be.debian.org/pub/"
138 "http://mirror.linux.org.au/")
47f9db41
LC		 139 (apache ; from http://www.apache.org/mirrors/dist.html
140 "http://www.eu.apache.org/dist/"
141 "http://www.us.apache.org/dist/"
142 "ftp://gd.tuwien.ac.at/pub/infosys/servers/http/apache/dist/"
143 "http://apache.belnet.be/"
144 "http://mirrors.ircam.fr/pub/apache/"
f06afd4d
LC		 145 "http://apache-mirror.rbc.ru/pub/apache/"
146
147 ;; As a last resort, try the archive.
148 "http://archive.apache.org/dist/")
149acc29 149 (xorg ; from http://www.x.org/wiki/Releases/Download
0820a58b 150 "http://www.x.org/releases/" ; main mirrors
149acc29
AE		 151 "ftp://mirror.csclub.uwaterloo.ca/x.org/" ; North America
152 "ftp://xorg.mirrors.pair.com/"
153 "http://mirror.csclub.uwaterloo.ca/x.org/"
154 "http://xorg.mirrors.pair.com/"
155 "http://mirror.us.leaseweb.net/xorg/"
156 "ftp://artfiles.org/x.org/" ; Europe
157 "ftp://ftp.chg.ru/pub/X11/x.org/"
158 "ftp://ftp.fu-berlin.de/unix/X11/FTP.X.ORG/"
159 "ftp://ftp.gwdg.de/pub/x11/x.org/"
160 "ftp://ftp.mirrorservice.org/sites/ftp.x.org/"
161 "ftp://ftp.ntua.gr/pub/X11/"
162 "ftp://ftp.piotrkosoft.net/pub/mirrors/ftp.x.org/"
163 "ftp://ftp.portal-to-web.de/pub/mirrors/x.org/"
164 "ftp://ftp.solnet.ch/mirror/x.org/"
149acc29
AE		 165 "ftp://gd.tuwien.ac.at/X11/"
166 "ftp://mi.mirror.garr.it/mirrors/x.org/"
167 "ftp://mirror.cict.fr/x.org/"
168 "ftp://mirror.switch.ch/mirror/X11/"
169 "ftp://mirrors.ircam.fr/pub/x.org/"
170 "ftp://x.mirrors.skynet.be/pub/ftp.x.org/"
171 "ftp://ftp.cs.cuhk.edu.hk/pub/X11" ; East Asia
172 "ftp://ftp.u-aizu.ac.jp/pub/x11/x.org/"
173 "ftp://ftp.yz.yamagata-u.ac.jp/pub/X11/x.org/"
174 "ftp://ftp.kaist.ac.kr/x.org/"
175 "ftp://mirrors.go-part.com/xorg/"
176 "http://x.cs.pu.edu.tw/"
6af31019
LC		 177 "ftp://ftp.is.co.za/pub/x.org") ; South Africa
178 (cpan ; from http://www.cpan.org/SITES.html
8aa5e15e 179 "http://mirror.ibcp.fr/pub/CPAN/"
6af31019
LC		 180 "ftp://ftp.ciril.fr/pub/cpan/"
181 "ftp://artfiles.org/cpan.org/"
182 "http://www.cpan.org/"
183 "ftp://cpan.rinet.ru/pub/mirror/CPAN/"
6af31019
LC		 184 "ftp://cpan.inode.at/"
185 "ftp://cpan.iht.co.il/"
186 "ftp://ftp.osuosl.org/pub/CPAN/"
187 "ftp://ftp.nara.wide.ad.jp/pub/CPAN/"
188 "http://mirrors.163.com/cpan/"
552ffa02
EF		 189 "ftp://cpan.mirror.ac.za/"
190 "http://cpan.mirrors.ionfish.org/"
191 "http://cpan.mirror.dkm.cz/pub/CPAN/"
192 "http://cpan.mirror.iphh.net/"
193 "http://mirrors.teentelecom.net/CPAN/"
194 "http://mirror.teklinks.com/CPAN/"
195 "http://cpan.weepeetelecom.be/"
196 "http://mirrors.xservers.ro/CPAN/"
197 "http://cpan.yimg.com/"
198 "http://mirror.yazd.ac.ir/cpan/"
199 "http://ftp.belnet.be/ftp.cpan.org/")
cb7e4867
RW		 200 (cran
201 ;; Arbitrary mirrors from http://cran.r-project.org/mirrors.html
202 ;; This one automatically redirects to servers worldwide
c009bb5a 203 "http://cran.r-project.org/"
cb7e4867
RW		 204 "http://cran.rstudio.com/"
205 "http://cran.univ-lyon1.fr/"
cb7e4867
RW		 206 "http://cran.ism.ac.jp/"
207 "http://cran.stat.auckland.ac.nz/"
208 "http://cran.mirror.ac.za/"
209 "http://cran.csie.ntu.edu.tw/")
6d763bdd
AE		 210 (imagemagick
211 ;; from http://www.imagemagick.org/script/download.php
212 ;; (without mirrors that are unavailable or not up to date)
213 ;; mirrors keeping old versions at the top level
6d763bdd
AE		 214 "ftp://sunsite.icm.edu.pl/packages/ImageMagick/"
215 ;; mirrors moving old versions to "legacy"
6d763bdd 216 "ftp://mirror.aarnet.edu.au/pub/imagemagick/"
7fa37abc 217 "http://mirror.checkdomain.de/imagemagick/"
6d763bdd
AE		 218 "ftp://ftp.kddlabs.co.jp/graphics/ImageMagick/"
219 "ftp://ftp.u-aizu.ac.jp/pub/graphics/image/ImageMagick/imagemagick.org/"
220 "ftp://ftp.nluug.nl/pub/ImageMagick/"
221 "http://ftp.surfnet.nl/pub/ImageMagick/"
222 "http://mirror.searchdaimon.com/ImageMagick"
223 "ftp://ftp.tpnet.pl/pub/graphics/ImageMagick/"
7fa37abc 224 "http://mirror.is.co.za/pub/imagemagick/"
6d763bdd
AE		 225 "http://mirrors-usa.go-parts.com/mirrors/ImageMagick/"
226 "ftp://ftp.fifi.org/pub/ImageMagick/"
227 "http://www.imagemagick.org/download/"
228 ;; one legacy location as a last resort
229 "http://www.imagemagick.org/download/legacy/")
e0029b74
LC		 230 (debian
231 "http://ftp.de.debian.org/debian/"
232 "http://ftp.fr.debian.org/debian/"
6b287c5c 233 "http://ftp.debian.org/debian/"
ff02b826
DC		 234 "http://archive.debian.org/debian/")
235 (kde
112f089d 236 "http://download.kde.org"
ff02b826
DC		 237 ;; Mirrors from http://files.kde.org/extra/mirrors.html
238 ;; Europe
239 "http://mirror.easyname.at/kde"
240 "http://mirror.karneval.cz/pub/kde"
241 "http://ftp.fi.muni.cz/pub/kde/"
242 "http://mirror.oss.maxcdn.com/kde/"
243 "http://ftp5.gwdg.de/pub/linux/kde/"
244 "http://ftp-stud.fht-esslingen.de/Mirrors/ftp.kde.org/pub/kde/"
245 "http://mirror.klaus-uwe.me/kde/ftp/"
246 "http://kde.beta.mirror.ga/"
247 "http://kde.alpha.mirror.ga/"
248 "http://mirror.netcologne.de/kde"
249 "http://vesta.informatik.rwth-aachen.de/ftp/pub/mirror/kde/"
250 "http://ftp.rz.uni-wuerzburg.de/pub/unix/kde/"
251 "http://mirrors.dotsrc.org/kde/"
252 "http://ftp.funet.fi/pub/mirrors/ftp.kde.org/pub/kde/"
253 "http://kde-mirror.freenux.org/"
254 "http://mirrors.ircam.fr/pub/KDE/"
255 "http://www-ftp.lip6.fr/pub/X11/kde/"
256 "http://fr2.rpmfind.net/linux/KDE/"
257 "http://kde.mirror.anlx.net/"
258 "http://www.mirrorservice.org/sites/ftp.kde.org/pub/kde/"
259 "http://ftp.heanet.ie/mirrors/ftp.kde.org/"
260 "http://ftp.nluug.nl/pub/windowing/kde/"
261 "http://ftp.surfnet.nl/windowing/kde/"
262 "http://ftp.icm.edu.pl/pub/unix/kde/"
263 "http://ftp.pbone.net/pub/kde/"
264 "http://piotrkosoft.net/pub/mirrors/ftp.kde.org/"
265 "http://mirrors.fe.up.pt/pub/kde/"
266 "http://ftp.iasi.roedu.net/pub/mirrors/ftp.kde.org/"
267 "http://ftp.acc.umu.se/mirror/kde.org/ftp/"
268 "http://kde.ip-connect.vn.ua/"
269 ;; North America
270 "http://mirror.its.dal.ca/kde/"
271 "http://mirror.csclub.uwaterloo.ca/kde/"
272 "http://mirror.cc.columbia.edu/pub/software/kde/"
273 "http://mirrors-usa.go-parts.com/kde"
274 "http://kde.mirrors.hoobly.com/"
275 "http://ftp.ussg.iu.edu/kde/"
276 "http://mirrors.mit.edu/kde/"
277 "http://kde.mirrors.tds.net/pub/kde/"
278 ;; Oceania
279 "http://ftp.kddlabs.co.jp/pub/X11/kde/"
644e5f17
TGR		 280 "http://kde.mirror.uber.com.au/")
281 (openbsd
282 "https://ftp.openbsd.org/pub/OpenBSD/"
283 ;; Anycast CDN redirecting to your friendly local mirror.
284 "https://mirrors.evowise.com/pub/OpenBSD/"
285 ;; Other HTTPS mirrors from https://www.openbsd.org/ftp.html
286 "https://mirror.aarnet.edu.au/pub/OpenBSD/"
287 "https://ftp2.eu.openbsd.org/pub/OpenBSD/"
288 "https://openbsd.c3sl.ufpr.br/pub/OpenBSD/"
289 "https://openbsd.ipacct.com/pub/OpenBSD/"
290 "https://ftp.OpenBSD.org/pub/OpenBSD/"
291 "https://openbsd.cs.toronto.edu/pub/OpenBSD/"
292 "https://openbsd.delfic.org/pub/OpenBSD/"
293 "https://openbsd.mirror.netelligent.ca/pub/OpenBSD/"
294 "https://mirrors.ucr.ac.cr/pub/OpenBSD/"
295 "https://mirrors.dotsrc.org/pub/OpenBSD/"
296 "https://mirror.one.com/pub/OpenBSD/"
297 "https://ftp.fr.openbsd.org/pub/OpenBSD/"
298 "https://ftp2.fr.openbsd.org/pub/OpenBSD/"
299 "https://mirrors.ircam.fr/pub/OpenBSD/"
300 "https://ftp.spline.de/pub/OpenBSD/"
301 "https://mirror.hs-esslingen.de/pub/OpenBSD/"
302 "https://ftp.halifax.rwth-aachen.de/openbsd/"
303 "https://ftp.hostserver.de/pub/OpenBSD/"
304 "https://ftp.fau.de/pub/OpenBSD/"
305 "https://ftp.cc.uoc.gr/pub/OpenBSD/"
306 "https://openbsd.hk/pub/OpenBSD/"
307 "https://ftp.heanet.ie/pub/OpenBSD/"
308 "https://openbsd.mirror.garr.it/pub/OpenBSD/"
309 "https://mirror.litnet.lt/pub/OpenBSD/"
310 "https://mirror.meerval.net/pub/OpenBSD/"
311 "https://ftp.nluug.nl/pub/OpenBSD/"
312 "https://ftp.bit.nl/pub/OpenBSD/"
313 "https://mirrors.dalenys.com/pub/OpenBSD/"
314 "https://ftp.icm.edu.pl/pub/OpenBSD/"
315 "https://ftp.rnl.tecnico.ulisboa.pt/pub/OpenBSD/"
316 "https://mirrors.pidginhost.com/pub/OpenBSD/"
317 "https://mirror.yandex.ru/pub/OpenBSD/"
318 "https://ftp.eu.openbsd.org/pub/OpenBSD/"
319 "https://ftp.yzu.edu.tw/pub/OpenBSD/"
320 "https://www.mirrorservice.org/pub/OpenBSD/"
321 "https://anorien.csc.warwick.ac.uk/pub/OpenBSD/"
322 "https://mirror.bytemark.co.uk/pub/OpenBSD/"
323 "https://mirrors.sonic.net/pub/OpenBSD/"
324 "https://ftp3.usa.openbsd.org/pub/OpenBSD/"
325 "https://mirrors.syringanetworks.net/pub/OpenBSD/"
326 "https://openbsd.mirror.constant.com/pub/OpenBSD/"
327 "https://ftp4.usa.openbsd.org/pub/OpenBSD/"
328 "https://ftp5.usa.openbsd.org/pub/OpenBSD/"
329 "https://mirror.esc7.net/pub/OpenBSD/"))))
94d222ad 330
53216419
LC		 331(define %mirror-file
332 ;; Copy of the list of mirrors to a file. This allows us to keep a single
333 ;; copy in the store, and computing it here avoids repeated calls to
334 ;; 'object->string'.
335 (plain-file "mirrors" (object->string %mirrors)))
336
cd436bf0
LC		 337(define %content-addressed-mirrors
338 ;; List of content-addressed mirrors. Each mirror is represented as a
ab84b927
LC		 339 ;; procedure that takes a file name, an algorithm (symbol) and a hash
340 ;; (bytevector), and returns a URL or #f.
40f788b9 341 ;; Note: Avoid 'https' to mitigate <http://bugs.gnu.org/22774>.
cd436bf0 342 ;; TODO: Add more.
ab84b927 343 '(list (lambda (file algo hash)
40f788b9
LC		 344 ;; Files served by 'guix publish' are accessible under a single
345 ;; hash algorithm.
346 (string-append "http://mirror.hydra.gnu.org/file/"
347 file "/" (symbol->string algo) "/"
348 (bytevector->nix-base32-string hash)))
349 (lambda (file algo hash)
cd436bf0
LC		 350 ;; 'tarballs.nixos.org' supports several algorithms.
351 (string-append "http://tarballs.nixos.org/"
352 (symbol->string algo) "/"
353 (bytevector->nix-base32-string hash)))))
354
355(define %content-addressed-mirror-file
356 ;; Content-addressed mirrors stored in a file.
357 (plain-file "content-addressed-mirrors"
358 (object->string %content-addressed-mirrors)))
359
6f8f8ccb 360(define (gnutls-package)
6119ebf1 361 "Return the default GnuTLS package."
9884d7ec 362 (let ((module (resolve-interface '(gnu packages tls))))
6f8f8ccb 363 (module-ref module 'gnutls)))
94d222ad 364
05ceb8dc
LC		 365(define built-in-builders*
366 (let ((cache (make-weak-key-hash-table)))
367 (lambda ()
368 "Return, as a monadic value, the list of built-in builders supported by
369the daemon."
370 (lambda (store)
371 ;; Memoize the result to avoid repeated RPCs.
372 (values (or (hashq-ref cache store)
373 (let ((result (built-in-builders store)))
374 (hashq-set! cache store result)
375 result))
376 store)))))
94d222ad 377
05ceb8dc
LC		 378(define* (built-in-download file-name url
379 #:key system hash-algo hash
380 mirrors content-addressed-mirrors
381 (guile 'unused))
382 "Download FILE-NAME from URL using the built-in 'download' builder.
62cab99c 383
05ceb8dc
LC		 384This is an \"out-of-band\" download in that the returned derivation does not
385explicitly depend on Guile, GnuTLS, etc. Instead, the daemon performs the
386download by itself using its own dependencies."
387 (mlet %store-monad ((mirrors (lower-object mirrors))
388 (content-addressed-mirrors
389 (lower-object content-addressed-mirrors)))
390 (raw-derivation file-name "builtin:download" '()
391 #:system system
392 #:hash-algo hash-algo
393 #:hash hash
394 #:inputs `((,mirrors)
395 (,content-addressed-mirrors))
396
397 ;; Honor the user's proxy and locale settings.
398 #:leaked-env-vars '("http_proxy" "https_proxy"
399 "LC_ALL" "LC_MESSAGES" "LANG"
400 "COLUMNS")
401
402 #:env-vars `(("url" . ,(object->string url))
403 ("mirrors" . ,mirrors)
404 ("content-addressed-mirrors"
4c80d4c4
LC		 405 . ,content-addressed-mirrors))
406
407 ;; Do not offload this derivation because we cannot be
408 ;; sure that the remote daemon supports the 'download'
409 ;; built-in. We may remove this limitation when support
410 ;; for that built-in is widespread.
411 #:local-build? #t)))
05ceb8dc
LC		 412
413(define* (in-band-download file-name url
414 #:key system hash-algo hash
415 mirrors content-addressed-mirrors
416 guile)
417 "Download FILE-NAME from URL using a normal, \"in-band\" fixed-output
418derivation.
419
420This is now deprecated since it has the drawback of causing bootstrapping
421issues: we may need to build GnuTLS just to be able to download the source of
422GnuTLS itself and its dependencies. See <http://bugs.gnu.org/22774>."
483f1158
LC		 423 (define need-gnutls?
424 ;; True if any of the URLs need TLS support.
425 (let ((https? (cut string-prefix? "https://" <>)))
426 (match url
427 ((? string?)
428 (https? url))
429 ((url ...)
430 (any https? url)))))
431
6f8f8ccb 432 (define builder
e9b046fd
LC		 433 (with-imported-modules '((guix build download)
434 (guix build utils)
435 (guix ftp-client)
436 (guix base32)
437 (guix base64))
438 #~(begin
439 #+(if need-gnutls?
6f8f8ccb 440
e9b046fd
LC		 441 ;; Add GnuTLS to the inputs and to the load path.
442 #~(eval-when (load expand eval)
443 (set! %load-path
444 (cons (string-append #+(gnutls-package)
445 "/share/guile/site/"
446 (effective-version))
447 %load-path)))
448 #~#t)
6f8f8ccb 449
e9b046fd
LC		 450 (use-modules (guix build download)
451 (guix base32))
cd436bf0 452
e9b046fd
LC		 453 (let ((value-from-environment (lambda (variable)
454 (call-with-input-string
455 (getenv variable)
456 read))))
457 (url-fetch (value-from-environment "guix download url")
458 #$output
05ceb8dc 459 #:mirrors (call-with-input-file #$mirrors read)
ced20032 460
e9b046fd
LC		 461 ;; Content-addressed mirrors.
462 #:hashes
463 (value-from-environment "guix download hashes")
464 #:content-addressed-mirrors
05ceb8dc 465 (primitive-load #$content-addressed-mirrors)
bc3c41ce
LC		 466
467 ;; No need to validate certificates since we know the
468 ;; hash of the expected result.
469 #:verify-certificate? #f)))))
6f8f8ccb 470
6c5b56f9 471 (mlet %store-monad ((guile (package->derivation guile system)))
05ceb8dc
LC		 472 (gexp->derivation file-name builder
473 #:guile-for-build guile
474 #:system system
475 #:hash-algo hash-algo
476 #:hash hash
477
478 ;; Use environment variables and a fixed script
479 ;; name so there's only one script in store for
480 ;; all the downloads.
481 #:script-name "download"
482 #:env-vars
483 `(("guix download url" . ,(object->string url))
484 ("guix download hashes"
485 . ,(object->string `((,hash-algo . ,hash)))))
486
487 ;; Honor the user's proxy settings.
488 #:leaked-env-vars '("http_proxy" "https_proxy")
489
490 ;; In general, offloading downloads is not a good
491 ;; idea. Daemons before 0.8.3 would also
492 ;; interpret this as "do not substitute" (see
493 ;; <https://bugs.gnu.org/18747>.)
494 #:local-build? #t)))
495
496(define* (url-fetch url hash-algo hash
497 #:optional name
498 #:key (system (%current-system))
499 (guile (default-guile)))
500 "Return a fixed-output derivation that fetches URL (a string, or a list of
501strings denoting alternate URLs), which is expected to have hash HASH of type
502HASH-ALGO (a symbol). By default, the file name is the base name of URL;
503optionally, NAME can specify a different file name.
504
505When one of the URL starts with mirror://, then its host part is
506interpreted as the name of a mirror scheme, taken from %MIRROR-FILE.
507
508Alternately, when URL starts with file://, return the corresponding file name
509in the store."
510 (define file-name
511 (match url
512 ((head _ ...)
513 (basename head))
514 (_
515 (basename url))))
516
882383a9
LC		 517 (let ((uri (and (string? url) (string->uri url))))
518 (if (or (and (string? url) (not uri))
519 (and uri (memq (uri-scheme uri) '(#f file))))
f220a838
LC		 520 (interned-file (if uri (uri-path uri) url)
521 (or name file-name))
05ceb8dc
LC		 522 (mlet* %store-monad ((builtins (built-in-builders*))
523 (download -> (if (member "download" builtins)
524 built-in-download
525 in-band-download)))
526 (download (or name file-name) url
527 #:guile guile
528 #:system system
529 #:hash-algo hash-algo
530 #:hash hash
531 #:mirrors %mirror-file
532 #:content-addressed-mirrors
533 %content-addressed-mirror-file)))))
62cab99c 534
95001d4b
LC		 535(define* (url-fetch/tarbomb url hash-algo hash
536 #:optional name
537 #:key (system (%current-system))
538 (guile (default-guile)))
539 "Similar to 'url-fetch' but unpack the file from URL in a directory of its
540own. This helper makes it easier to deal with \"tar bombs\"."
58f91e4d
TGR		 541 (define file-name
542 (match url
543 ((head _ ...)
544 (basename head))
545 (_
546 (basename url))))
95001d4b
LC		 547 (define gzip
548 (module-ref (resolve-interface '(gnu packages compression)) 'gzip))
549 (define tar
550 (module-ref (resolve-interface '(gnu packages base)) 'tar))
551
552 (mlet %store-monad ((drv (url-fetch url hash-algo hash
58f91e4d
TGR		 553 (string-append "tarbomb-"
554 (or name file-name))
95001d4b
LC		 555 #:system system
556 #:guile guile)))
557 ;; Take the tar bomb, and simply unpack it as a directory.
58f91e4d 558 (gexp->derivation (or name file-name)
95001d4b
LC		 559 #~(begin
560 (mkdir #$output)
561 (setenv "PATH" (string-append #$gzip "/bin"))
562 (chdir #$output)
563 (zero? (system* (string-append #$tar "/bin/tar")
564 "xf" #$drv)))
565 #:local-build? #t)))
566
814b099a
TGR		 567(define* (url-fetch/zipbomb url hash-algo hash
568 #:optional name
569 #:key (system (%current-system))
570 (guile (default-guile)))
571 "Similar to 'url-fetch' but unpack the zip file at URL in a directory of its
572own. This helper makes it easier to deal with \"zip bombs\"."
573 (define file-name
574 (match url
575 ((head _ ...)
576 (basename head))
577 (_
578 (basename url))))
579 (define unzip
148585c2 580 (module-ref (resolve-interface '(gnu packages compression)) 'unzip))
814b099a
TGR		 581
582 (mlet %store-monad ((drv (url-fetch url hash-algo hash
583 (string-append "zipbomb-"
584 (or name file-name))
585 #:system system
586 #:guile guile)))
587 ;; Take the zip bomb, and simply unpack it as a directory.
588 (gexp->derivation (or name file-name)
589 #~(begin
590 (mkdir #$output)
591 (chdir #$output)
592 (zero? (system* (string-append #$unzip "/bin/unzip")
593 #$drv)))
594 #:local-build? #t)))
595
861693f3 596(define* (download-to-store store url #:optional (name (basename url))
64b8695c
LC		 597 #:key (log (current-error-port)) recursive?
598 (verify-certificate? #t))
861693f3 599 "Download from URL to STORE, either under NAME or URL's basename if
a43b55f1 600omitted. Write progress reports to LOG. RECURSIVE? has the same effect as
64b8695c
LC		 601the same-named parameter of 'add-to-store'. VERIFY-CERTIFICATE? determines
602whether or not to validate HTTPS server certificates."
d8907ac4
LC		 603 (define uri
604 (string->uri url))
605
d91a8791 606 (if (or (not uri) (memq (uri-scheme uri) '(file #f)))
a43b55f1 607 (add-to-store store name recursive? "sha256"
d91a8791 608 (if uri (uri-path uri) url))
d8907ac4
LC		 609 (call-with-temporary-output-file
610 (lambda (temp port)
611 (let ((result
612 (parameterize ((current-output-port log))
64b8695c
LC		 613 (build:url-fetch url temp
614 #:mirrors %mirrors
615 #:verify-certificate?
616 verify-certificate?))))
d8907ac4
LC		 617 (close port)
618 (and result
a43b55f1 619 (add-to-store store name recursive? "sha256" temp)))))))
861693f3 620
62cab99c 621;;; download.scm ends here
jackhill's copy of GNU Guix: https://guix.gnu.org/