GNU bug report logs

#52555 [RFC PATCH 0/3] Decentralized substitute distribution with ERIS

PackageSource(s)Maintainer(s)
guix-patches PTS Buildd Popcon
Full log

Message #178 received at 52555@debbugs.gnu.org (full text, mbox, reply):

Received: (at 52555) by debbugs.gnu.org; 28 Dec 2023 09:40:34 +0000
From debbugs-submit-bounces@debbugs.gnu.org Thu Dec 28 04:40:34 2023
Received: from localhost ([127.0.0.1]:38506 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1rImsT-0005ii-Rn
	for submit@debbugs.gnu.org; Thu, 28 Dec 2023 04:40:34 -0500
Received: from mout01.posteo.de ([185.67.36.65]:57653)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <pukkamustard@posteo.net>) id 1rImsS-0005iI-5p
 for 52555@debbugs.gnu.org; Thu, 28 Dec 2023 04:40:32 -0500
Received: from submission (posteo.de [185.67.36.169]) 
 by mout01.posteo.de (Postfix) with ESMTPS id 5DEC0240029
 for <52555@debbugs.gnu.org>; Thu, 28 Dec 2023 10:40:27 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1703756427; bh=C7DasrBu7qWaF2tHB6A9GffXP4Z1A0kR60CwJnxDNe0=;
 h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:
 Content-Transfer-Encoding:From;
 b=SnRJsjZWTZnX+OFGY84Y2sD5Sa/2AC9vIlebn3mbp3btoGkFL/6QFEKAfGMHOr57F
 5YFV7U5q1rIr81U/aVUVYY7+J/PaPIIYLODitg6MgyraMyM0UW59HEgIWEoihhO3Y2
 OMXG858yL56E9Dw6gJMcz4/H28YbnZMzcDP2jCub9Xnq+CZ8MH+pT4bWyaJ9XhPxc9
 wwxiKJH/9bCAk19sK82p3KDrs4tjGPUc6hd+HRBmWEIuP2MheyCzQ5i5fVRFqmzCBI
 Yc7s71wIEXWFNBLgLz42xXTRBvFwCgTQJjgpqjOH4y0A28MKuuMvIqQ29gj7WDZueW
 lWbwomaJFs03g==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4T13Qf40s3z6tn4;
 Thu, 28 Dec 2023 10:40:26 +0100 (CET)
From: pukkamustard <pukkamustard@posteo.net>
To: 52555@debbugs.gnu.org
Subject: [PATCH v4 1/7] narinfo: Add ERIS field.
Date: Thu, 28 Dec 2023 09:40:04 +0000
Message-ID: <7c1c7108a369b608e8cebbe09c4cbfe24d032067.1703316055.git.pukkamustard@posteo.net>
In-Reply-To: <cover.1703316055.git.pukkamustard@posteo.net>
References: <cover.1703316055.git.pukkamustard@posteo.net>
MIME-Version: 1.0
X-Debbugs-Cc: Christopher Baines <guix@cbaines.net>, Josselin Poiret <dev@jpoiret.xyz>, Ludovic Courtès <ludo@gnu.org>, Mathieu Othacehe <othacehe@gnu.org>, Ricardo Wurmus <rekado@elephly.net>, Simon Tournier <zimon.toutoune@gmail.com>, Tobias Geerinckx-Rice <me@tobias.gr>
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 52555
Cc: pukkamustard <pukkamustard@posteo.net>, ludo@gnu.org,
 maximedevos@telenet.be
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

* guix/narinfo.scm (<narinfo>)[eris-urn]: New field.
  (narinfo-maker): Handle new field.
  (read-narifno): Handle new field.
  (equivalent-narinfo?): Require ERIS field to be equal.
---
 guix/narinfo.scm | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/guix/narinfo.scm b/guix/narinfo.scm
index a149d9a901..5f5ed8be6f 100644
--- a/guix/narinfo.scm
+++ b/guix/narinfo.scm
@@ -45,6 +45,7 @@ (define-module (guix narinfo)
             narinfo-file-sizes
             narinfo-hash
             narinfo-size
+            narinfo-eris-urn
             narinfo-references
             narinfo-deriver
             narinfo-system
@@ -69,7 +70,7 @@ (define-module (guix narinfo)
 
 (define-record-type <narinfo>
   (%make-narinfo path uri-base uris compressions file-sizes file-hashes
-                 nar-hash nar-size references deriver system
+                 nar-hash nar-size eris-urn references deriver system
                  signature contents)
   narinfo?
   (path         narinfo-path)
@@ -80,6 +81,7 @@ (define-record-type <narinfo>
   (file-hashes  narinfo-file-hashes)
   (nar-hash     narinfo-hash)
   (nar-size     narinfo-size)
+  (eris-urn     narinfo-eris-urn)
   (references   narinfo-references)
   (deriver      narinfo-deriver)
   (system       narinfo-system)
@@ -136,7 +138,7 @@ (define (narinfo-maker str cache-url)
   "Return a narinfo constructor for narinfos originating from CACHE-URL.  STR
 must contain the original contents of a narinfo file."
   (lambda (path urls compressions file-hashes file-sizes
-                nar-hash nar-size references deriver system
+                nar-hash nar-size eris-urn references deriver system
                 signature)
     "Return a new <narinfo> object."
     (define len (length urls))
@@ -158,6 +160,7 @@ (define (narinfo-maker str cache-url)
                      ((lst ...) (map string->number lst)))
                    nar-hash
                    (and=> nar-size string->number)
+                   (if eris-urn (string->uri eris-urn) #f)
                    (string-tokenize references)
                    (match deriver
                      ((or #f "") #f)
@@ -185,7 +188,7 @@ (define* (read-narinfo port #:optional url
                    (narinfo-maker str url)
                    '("StorePath" "URL" "Compression"
                      "FileHash" "FileSize" "NarHash" "NarSize"
-                     "References" "Deriver" "System"
+                     "ERIS" "References" "Deriver" "System"
                      "Signature")
                    '("URL" "Compression" "FileSize" "FileHash"))))
 
@@ -271,7 +274,13 @@ (define (equivalent-narinfo? narinfo1 narinfo2)
                (narinfo-references narinfo2))
 
        (= (narinfo-size narinfo1)
-          (narinfo-size narinfo2))))
+          (narinfo-size narinfo2))
+
+       ;; When downloading substitutes with ERIS the hash is not checked. To
+       ;; avoid malicious substitutes we must ensure that the ERIS URN is equal.
+       ;; See also <https://issues.guix.gnu.org/52555#43>.
+       (equal? (narinfo-eris-urn narinfo1)
+               (narinfo-eris-urn narinfo2))))
 
 (define %compression-methods
   ;; Known compression methods and a thunk to determine whether they're
-- 
2.41.0

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Mon Sep 8 11:54:33 2025; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.