GNU bug report logs - #17312
‘guix authenticate’ failure in C locale

Previous Next

Package: guix;

Reported by: ludo <at> gnu.org (Ludovic Courtès)

Date: Tue, 22 Apr 2014 08:52:01 UTC

Severity: normal

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: bug-guix <at> gnu.org
Subject: ‘guix authenticate’ failure in C locale
Date: Tue, 22 Apr 2014 10:51:34 +0200

As seen in <http://hydra.gnu.org/build/54212>, ‘guix authenticate’ could
fail when running in the C locale (as is the case on hydra.gnu.org):

--8<---------------cut here---------------start------------->8---
@ build-started /gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv - x86_64-linux /nix/var/log/guix/drvs/63//9n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv
sending 2 store files to 'hydra.gnunet.org'...
importing path `/gnu/store/hyr8lvpbl2lbbkvr5v1qa25895bpcxls-gmp-6.0.0a-guile-builder'
guix archive: error: build failed: program `guix-authenticate' failed with exit code 1
builder for `/gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv' failed to produce output path `/gnu/store/6va1dygagfrlc1xqy71ckawh4cymrl4h-gmp-6.0.0a-debug'
@ hook-failed /gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv - 0 builder for `/gnu/store/639n30wn56fsnvxnp5sv4nxshxdsym32-gmp-6.0.0a.drv' failed to produce output path `/gnu/store/6va1dygagfrlc1xqy71ckawh4cymrl4h-gmp-6.0.0a-debug'
--8<---------------cut here---------------end--------------->8---

The problem was that it could in some cases produce a signature sexp
with an invalid hash value.  For example:

  guix  archive --export /gnu/store/hyr8lvpbl2lbbkvr5v1qa25895bpcxls-gmp-6.0.0a-guile-builder

would produce an archive with a signature sexp like this (literally):

  (signature 
   (data 
    (flags pkcs1)
    (hash sha256 "^?\vU????{N4?`??eL??x???|1y????{L")
    )

  [...]

The problem is that the hash value shown here is the result of
substituting non-ASCII characters with question marks and other things.
Obviously signature verification on such a thing would fail, leading to
errors like the one above.

This could happen in some cases, when libgcrypt would choose to use a
byte string representation instead of a hexadecimal string, and is due
to the fact that ‘string->canonical-sexp’ would convert strings passed
to ‘gcry_sexp_new’ to locale encoding.

This is fixed with commit 6030d84 (see that commit for a concrete
example.)

Ludo’.
This bug report was last modified 11 years and 32 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.