bug#43662: 'guix refresh' can hang during interactions with FTP servers

[Ludovic Courtès]

Hi,

Maxim Cournoyer  skribis:

> [pid 19343] connect(17, {sa_family=AF_INET, sin_port=htons(21), 
> sin_addr=inet_addr("217.69.76.55")}, 16) = 0
> [pid 19343] fstat(17, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
> [pid 19343] read(17, "220-Welcome hacker!\r\n", 4096) = 21
> [pid 19343] read(17, "220-.\r\n220-This is the FTP server of the GnuPG 
> project.  If you are looking for\r\n220-GnuPG change to the \"gcrypt\" 
> directory.  Please send problem reports\r\n220-to ftpmas...@gnupg.org after 
> having checked the gnupg-users archives\r\n220-at 
> https://lists.gnupg.org/pipermail/gnupg-users/ for known problems."..., 4096) 
> = 680
> [pid 19343] write(17, "USER anonymous\r\n", 16) = 16
> [pid 19343] read(17, "331 Send e-mail address as password.\r\n", 4096) = 38
> [pid 19343] write(17, "PASS g...@example.com\r\n", 23) = 23
> [pid 19343] read(17, "230 User logged in, proceed.\r\n", 4096) = 30
> [pid 19343] write(17, "CWD /\r\n", 7)   = 7
> [pid 19343] read(17, "250 Directory change successful.\r\n", 4096) = 34
> [pid 19343] write(17, "CWD gcrypt\r\n", 12) = 12
> [pid 19343] read(17, "250-This directory is used as FTP site for GNU crypto 
> software and\r\n250-related stuff.\r\n250-.\r\n250-US laws place restrictions 
> on the export of defense articles, which\r\n250-includes some types of 
> cryptographic software; this is the reason\r\n250-that such software is not 
> available from ftp.gnu.org. It is"..., 4096) = 1106
> [pid 19343] write(17, "CWD gnutls\r\n", 12) = 12
> [pid 19343] read(17, "250-More information on GnuTLS can be found at 
> http://www.gnutls.org/\r\n250 Directory change successful.\r\n", 4096) = 105
> [pid 19343] write(17, "PASV\r\n", 6)= 6
> [pid 19343] read(17,

It’s a bug in (guix ftp-client), not specifically in ‘guix refresh’.

Now, we could work around it by arranging to use the HTTPS updater
instead of ‘gnu-ftp’ for packages hosted at gnupg.org.

Thanks,
Ludo’.

bug#43662: 'guix refresh' can hang during interactions with FTP servers

[Maxim Cournoyer]

Hello,

Running 'guix refresh gnutls' on master hangs, with no output.

Strace suggests that the hang originates from the code attempting to
fetch what's in the GNU FTP server:

[pid 19343] close(17)   = 0
[pid 19343] socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 17
[pid 19343] connect(17, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 
110) = 0
[pid 19343] sendto(17, "\2\0\0\0\16\0\0\0\17\0\0\0ftp.gnutls.org\0", 27, 
MSG_NOSIGNAL, NULL, 0) = 27
[pid 19343] poll([{fd=17, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 
([{fd=17, revents=POLLIN}])
[pid 19343] read(17, "\2\0\0\0\1\0\0\0\1\0\0\0\4\0\0\0\16\0\0\0\0\0\0\0", 24) = 
24
[pid 19343] read(17, "\331EL7\2ftp.gnupg.org\0", 19) = 19
[pid 19343] close(17)   = 0
[pid 19343] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 17
[pid 19343] connect(17, {sa_family=AF_INET, sin_port=htons(21), 
sin_addr=inet_addr("217.69.76.55")}, 16) = 0
[pid 19343] fstat(17, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
[pid 19343] read(17, "220-Welcome hacker!\r\n", 4096) = 21
[pid 19343] read(17, "220-.\r\n220-This is the FTP server of the GnuPG project. 
 If you are looking for\r\n220-GnuPG change to the \"gcrypt\" directory.  
Please send problem reports\r\n220-to ftpmas...@gnupg.org after having checked 
the gnupg-users archives\r\n220-at 
https://lists.gnupg.org/pipermail/gnupg-users/ for known problems."..., 4096) = 
680
[pid 19343] write(17, "USER anonymous\r\n", 16) = 16
[pid 19343] read(17, "331 Send e-mail address as password.\r\n", 4096) = 38
[pid 19343] write(17, "PASS g...@example.com\r\n", 23) = 23
[pid 19343] read(17, "230 User logged in, proceed.\r\n", 4096) = 30
[pid 19343] write(17, "CWD /\r\n", 7)   = 7
[pid 19343] read(17, "250 Directory change successful.\r\n", 4096) = 34
[pid 19343] write(17, "CWD gcrypt\r\n", 12) = 12
[pid 19343] read(17, "250-This directory is used as FTP site for GNU crypto 
software and\r\n250-related stuff.\r\n250-.\r\n250-US laws place restrictions 
on the export of defense articles, which\r\n250-includes some types of 
cryptographic software; this is the reason\r\n250-that such software is not 
available from ftp.gnu.org. It is"..., 4096) = 1106
[pid 19343] write(17, "CWD gnutls\r\n", 12) = 12
[pid 19343] read(17, "250-More information on GnuTLS can be found at 
http://www.gnutls.org/\r\n250 Directory change successful.\r\n", 4096) = 105
[pid 19343] write(17, "PASV\r\n", 6)= 6
[pid 19343] read(17,

Maxim