bug#31303: substitute: guix substitute: error: TLS error in procedure 'handshake'
On 04/29/2018 at 10:19 Carlo Zancanaro writes: > Hey George, > > On Sat, Apr 28 2018, George myglc2 Clemmer wrote: >> g1@sysi17 ~ [env]$ guix environment >> --substitute-urls=https://g1.local:8080 > > The guix substitute command only runs a normal http server, so you > have to use http://, not https://. I think the other servers you > mention are behind proxies which handle the SSL part and forward the > requests on to the substitute process. > > Does it work if you run this instead? > > guix environment --substitute-urls=http://g1.local:8080 > > Carlo LOL, yes it does! Duh, I guess I was so impressed by all the HTTPS's in "3.3.3 Substitute Authentication" that I couldn't see the HTTP's in "5.11 Invoking ‘guix publish’" ;-) Many thanks - George
bug#31303: substitute: guix substitute: error: TLS error in procedure 'handshake'
Hey George, On Sat, Apr 28 2018, George myglc2 Clemmer wrote: g1@sysi17 ~ [env]$ guix environment --substitute-urls=https://g1.local:8080 The guix substitute command only runs a normal http server, so you have to use http://, not https://. I think the other servers you mention are behind proxies which handle the SSL part and forward the requests on to the substitute process. Does it work if you run this instead? guix environment --substitute-urls=http://g1.local:8080 Carlo signature.asc Description: PGP signature
bug#31303: substitute: guix substitute: error: TLS error in procedure 'handshake'
On 04/28/2018 at 15:16 George myglc2 Clemmer writes: > I am attempting to supply substitutes from a GuixSD install (g1) to a > 'guix system vm-image' (sysi17.local). I did this on g1 ... Oops, here are configs (sys.scm was used for g1)... sys.scm Description: Binary data sysi17.scm Description: Binary data
bug#31303: substitute: guix substitute: error: TLS error in procedure 'handshake'
I am attempting to supply substitutes from a GuixSD install (g1) to a 'guix system vm-image' (sysi17.local). I did this on g1 ... g1@g1 ~$ sudo guix publish guix publish: warning: server running as root; consider using the '--user' option! publishing /gnu/store on 0.0.0.0, port 8080 ... and I get this error on sysi17 ... g1@sysi17 ~ [env]$ guix environment --substitute-urls=https://g1.local:8080 substitute: guix substitute: error: TLS error in procedure 'handshake': An unexpected TLS packet was received. guix environment: error: corrupt input while restoring archive from # ... which looks like this on g1 ... In ice-9/boot-9.scm: 841:4 4 (with-throw-handler _ _ _) In web/server/http.scm: 127:28 3 (_) In web/request.scm: 205:31 2 (read-request # _) In web/http.scm: 1141:6 1 (read-request-line _) In ice-9/boot-9.scm: 752:25 0 (dispatch-exception _ _ _) Bad request: Bad Request-Line: "\x16\x03\x01\x00ò\x01\x00\x00î\x03\x03Zäº\x17<À\x9aËù»ò\x8c\x12n8y:\x16¸q\x0fá\x87Gtéc´8¿±<\x00\x00rÀ,À\x87Ì©À\xadÀ" The keys are setup this way ... g1@g1 ~$ cat /etc/guix/signing-key.pub (public-key (ecc (curve Ed25519) (q #C38DCF2B0EBE663B9450BEFB0E77DFAF6643E8E971318F7002721076ED9C9788#) ) ) g1@sysi17 ~ [env]$ sudo cat /etc/guix/acl Password: (acl (entry (public-key (ecc (curve Ed25519) (q #C38DCF2B0EBE663B9450BEFB0E77DFAF6643E8E971318F7002721076ED9C9788#) ) ) (tag (guix import) ) ) [...] ) sysi17 has no trouble reaching hydra ... g1@sysi17 ~ [env]$ guix environment --substitute-urls=https://mirror.hydra.gnu.org --dry-run hello substitute: updating list of substitutes from 'https://mirror.hydra.gnu.org'... 100.0% [...] or pinging g1... g1@sysi17 ~ [env]$ ping g1.local PING g1.local (192.168.1.7): 56 data bytes 64 bytes from 192.168.1.7: icmp_seq=0 ttl=64 [...] Both systems were configured using ... guix (GNU Guix) 0.14.0.4439-eb88e ... which was built from ... 5b862761f2a60af79b4c16851454a5e792ef4f56 gnu: guix: Update to ab85cf7. ... with 4.16.4 reverted ... ba39d3280759fb20a4ff0092a5afac721a5fa769 "gnu: linux-libre: Update to 4.16.4." TIA - George