#20402 guix cannot download via an http proxy

Message #5 received at submit@debbugs.gnu.org (full text, mbox, reply):

Received: (at submit) by debbugs.gnu.org; 21 Apr 2015 23:00:12 +0000
From debbugs-submit-bounces@debbugs.gnu.org Tue Apr 21 19:00:12 2015
Received: from localhost ([127.0.0.1]:35606 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1Ykh9C-0005a7-5N
	for submit@debbugs.gnu.org; Tue, 21 Apr 2015 19:00:11 -0400
Received: from mail-la0-f50.google.com ([209.85.215.50]:33843)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <jrandall@gmail.com>) id 1Ykh5M-0005U5-ML
 for submit@debbugs.gnu.org; Tue, 21 Apr 2015 18:56:09 -0400
Received: by laat2 with SMTP id t2so162162946laa.1
 for <submit@debbugs.gnu.org>; Tue, 21 Apr 2015 15:56:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:date:message-id:subject:from:to:content-type;
 bh=k4dzW7sJf6NbWt+elzOO44yFbYcmLOI2G9hHKdLifMg=;
 b=HdZC2vuCqeB+CUgaEC4wwWmJiNYy8s0JqzUq2WpReUg1nf2/pnsTbqQW0bN4QjUiic
 mk56kDO2y+y6LmHWCv2LFtZ2aDUdDeSLhedkrSvLmm/2asWH03OvFl+atdCvT4qTEqKd
 MDk8BiuZWdhgYphEo279rjZBuBRxr3xAaAh7xKLSlZBolmnirSZB+VGl8tL/EPrXIZMB
 Q0F/CpyhSEOi0SU5EFilrlr8boT0ipol29L/cti0IvizzGW5kflI/wC84oWz+yGC8kl6
 ml3og1k4Ckli2Cm3s0gCfm8ZNM9XqN2BQLtc2FKvasS0Yhm040D1WuJ+c1LnPJtXuNDp
 RiuQ==
MIME-Version: 1.0
X-Received: by 10.152.239.135 with SMTP id vs7mr22182991lac.104.1429656962172; 
 Tue, 21 Apr 2015 15:56:02 -0700 (PDT)
Received: by 10.25.80.9 with HTTP; Tue, 21 Apr 2015 15:56:02 -0700 (PDT)
Date: Tue, 21 Apr 2015 23:56:02 +0100
X-Google-Sender-Auth: 2_PZ6HObWICxUbal8Z8XFEuuuto
Message-ID: <CAFBLGSNKzhWGjCiheo8W5sc=tzmcjw6PkczxsDizVw-nKwnSzQ@mail.gmail.com>
Subject: guix cannot download via an http proxy
From: Joshua Randall <jcrandall@alum.mit.edu>
To: submit@debbugs.gnu.org
Content-Type: multipart/alternative; boundary=001a1134788c618db6051443f3be
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Tue, 21 Apr 2015 19:00:04 -0400
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

[Message part 1 (text/plain, inline)]

Package: guix
Version: 0.8.1

I am attempting to use guix from within a network that does not allow
outbound http connections except via an http proxy. I am using Guile
v2.0.11, which supports http proxies, so my expectation would be that since
I have http_proxy and https_proxy environment variables set, guix would use
the specified proxy for outbound http connections, but instead it appears
to ignore the proxy settings and attempts to contact the http server
directly, which results in a timeout.

For example, when doing a `guix pull` I got the following:
$ guix pull
starting download of `/tmp/guix-file.l1zwZ7' from `
http://git.savannah.gnu.org/cgit/guix.git/snapshot/guix-master.tar.gz'...
ERROR: In procedure connect: Connection timed out
failed to download "/tmp/guix-file.l1zwZ7" from "
http://git.savannah.gnu.org/cgit/guix.git/snapshot/guix-master.tar.gz"
guix pull: error: failed to download up-to-date source, exiting

It appears that Guile has had support for http proxies in the web client
package since v2.0.10, and although guix is using the http-get method from
Guile, it isn't using the open-socket-for-uri method, which is the one that
implements making a proxy connection. Instead, guix seems to have copied
and modified the code from an older version of open-socket-for-uri
into open-connection-for-uri
(
http://git.savannah.gnu.org/cgit/guix.git/tree/guix/build/download.scm?id=v0.8.1#n153)
and uses that instead. I suspect what has happened is that the Guile
version of open-socket-for-uri has added proxy support since the code was
copied into open-connection-for-uri. One fix would be to port over the
changes to open-socket-for-uri that were made in Guile 2.0.10.

However, it appears from the code comment that that the reason
open-connection-for-uri copies the functionality of open-socket-for-uri is
to avoid NSS lookups for symbolic port arguments, and it looks to me that
since version 2.0.7 of Guile, its open-socket-for-uri can be convinced not
to do NSS lookups as long as (uri-port uri) is not #f (see
http://git.savannah.gnu.org/cgit/guile.git/tree/module/web/client.scm?id=v2.0.7#n53
).

Rather than porting the new code from Guile's open-socket-for-uri, it might
make more sense to just call open-socket-for-uri with a uri that always has
a port (i.e. implement the same hard-coding for http and https in the
http-fetch function to make sure that uri has the default port set - I
notice for some reason Guile's string->uri parser does not set the port for
http and https even though it has the default ports for both set in the
code. I suppose one could use the existing post-2.0.7? test to keep calling
open-connection-for-uri for backwards compatibility with old versions of
Guile (which in any case don't have proxy support, so for my use case it
doesn't matter).

I can try to put together a patch that implements this fix, although I
haven't written scheme in quite a while, so someone else may be better
suited for it.

Cheers,

Josh.

[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.