On 2024-05-02 13:16:08 -0700, Vagrant Cascadian wrote: > On 2024-05-02, Tomas Volf wrote: > > Package: guix > > Version: 1.4.0-3 > > > > When I invoke `guix pull' against my channel, it fails with a SSL error: > > > > # /usr/bin/guix pull --url=https://git.wolfsden.cz/.git/guix > > Updating channel 'guix' from Git repository at > > 'https://git.wolfsden.cz/.git/guix'... > > guix pull: error: Git error: SSL error: 0xffff8880 - SSL - A fatal > > alert message was received from our peer > > > > No special configuration is needed, just booting the system and installing > > guix > > via apt-get. > > Does guix pull with the default channels work?
Yes, that is a workaround I use for now. Guix pull the default channel, and after that pull mine using the new Guix. However since guix pull is slow and resource intensive, that is wasteful and I would like to be able to skip that step, hence this report. > > What certificate authority does your https server for your channel use? Let's Encrypt. > > > > This seems to be a problem specific to Guix from the debian package. When > > I try > > to access the channel by other means (from the same system as above), it > > works > > fine. `git clone' works just fine, and even Guix installed in non-debian > > way > > works fine, for example via time-machine: > > > > guix time-machine -q --commit=v1.4.0 -- pull > > --url=https://git.wolfsden.cz/.git/guix > > > > I am using Debian 12 on 6.7.4 kernel and 2.36-9 libc, running on physical > > server > > machine. > > You seem to also be lacking the recent security update for guix > (e.g. 1.4.0-3+deb12u1), please test that version also, just in case > there is some weird hidden versioned dependency conflict (e.g. if > guile-gnutls was built against a different version of gnutls than when > guix was initially built). Sorry for bad bug report, I did use that version: # apt list -a guix Listing... Done guix/stable-security,stable-security,now 1.4.0-3+deb12u1 amd64 [installed] guix/stable,stable 1.4.0-3 amd64 The example bug report on the website does not have the +deb... suffix, so I assumed I should exclude it, sorry (I do not know much about debian packaging). > > > live well, > vagrant -- There are only two hard things in Computer Science: cache invalidation, naming things and off-by-one errors.
signature.asc
Description: PGP signature