GNU bug report logs - #38857
X.509 certificate of 'crates.io' could not be verified during a recursive import from crates.io

Previous Next

Package: guix;

Reported by: Valentin Ignatev <valentignatev <at> gmail.com>

Date: Wed, 1 Jan 2020 22:46:02 UTC

Severity: normal

Merged with 20145, 38836

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 38857 <at> debbugs.gnu.org (full text, mbox):

From: Efraim Flashner <efraim <at> flashner.co.il>
To: Valentin Ignatev <valentignatev <at> gmail.com>
Cc: 38857 <at> debbugs.gnu.org
Subject: Re: bug#38857: X.509 certificate of 'crates.io' could not be
 verified during a recursive import from crates.io
Date: Thu, 2 Jan 2020 09:12:43 +0200

[Message part 1 (text/plain, inline)]
On Thu, Jan 02, 2020 at 01:45:35AM +0300, Valentin Ignatev wrote:
> Hi! I'm trying to recursively import a package from crates.io like this:
> 
> guix import crate notify <at> 4.0.14 --recursive
> 
> It follows redirections for a while untill at some point throws this:
> 
> Backtrace:
>           12 (primitive-load "/home/vj/.config/guix/current/bin/guix")
> In guix/ui.scm:
>   1806:12 11 (run-guix-command _ . _)
> In guix/scripts/import.scm:
>    116:11 10 (guix-import . _)
> In guix/scripts/import/crate.scm:
>    103:16  9 (guix-import-crate . _)
> In guix/import/utils.scm:
>     425:7  8 (recursive-import _ _ #:repo->guix-package _ #:guix-name …)
>    397:31  7 (topological-sort _ #<procedure 7f9a59729630 at guix/i…> …)
> In srfi/srfi-1.scm:
>    592:17  6 (map1 ("tempfile"))
> In guix/import/utils.scm:
>    421:36  5 (lookup-node "tempfile")
> In guix/import/crate.scm:
>    222:10  4 (crate->guix-package "tempfile" _)
>    150:15  3 (make-crate-sexp #:name _ #:version _ #:cargo-inputs _ # …)
> In guix/http-client.scm:
>     88:25  2 (http-fetch _ #:port _ #:text? _ #:buffered? _ # _ # _ # …)
> In guix/build/download.scm:
>     419:4  1 (open-connection-for-uri _ #:timeout _ # _)
>     306:6  0 (tls-wrap #<closed: file 7f9a564b3a10> _ # _)
> 
> guix/build/download.scm:306:6: In procedure tls-wrap:
> X.509 certificate of 'crates.io' could not be verified:
>   signer-not-found
>   invalid
> 
> I suspect that it happens after the importer hits
> "wasm-bindgen-webidl" and starts going circles. Maybe there's some
> circullar dependencies going on, but I'm not sure. I'm attaching a
> full log for convenience.
> 
> For additional info: I'm running Guix on Arch Linux. I've also
> installed nss-certs package, exported all neeeded variables
> (SSL_CERT_DIR, SSL_CERT_FILE and GIT_SSL_CAINFO) before running guix
> import and also made sure nscd.service is running.
> 
> Regards,
> Valentin Ignatev

I've had it happen to me also sometimes. It's like it forgets that it
just successfully connected 100+ times and then fails.


-- 
Efraim Flashner   <efraim <at> flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 5 years and 136 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.