GNU bug report logs - #27796
26.0.50; elpa unsigned file archive-contents

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 27796 in the body.
You can then email your comments to 27796 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Mark Oteiza <mvoteiza <at> udel.edu>
To: bug-gnu-emacs <at> gnu.org
Subject: 26.0.50; elpa unsigned file archive-contents
Date: Sun, 23 Jul 2017 01:14:06 -0400

Hi,

1. HOME=/somewhere/else emacs -nw -Q
2. (require 'package)
3. (setq-default package-check-signature t)
4. M-x list-packages

  error in process filter: Unsigned file `archive-contents' at https://elpa.gnu.org/packages/ [2 times]

Repository revision: 640fc129fdf75c86c43ce15b0215d224e240052f

Message #10 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Stefan Monnier <monnier <at> iro.umontreal.ca>
Cc: Mark Oteiza <mvoteiza <at> udel.edu>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 14:08:55 -0400

Mark Oteiza wrote:

>   error in process filter: Unsigned file `archive-contents' at
> https://elpa.gnu.org/packages/ [2 times]

Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
but is not a valid signature file?

Message #13 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Stefan Monnier <monnier <at> iro.umontreal.ca>
Cc: Mark Oteiza <mvoteiza <at> udel.edu>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 14:25:26 -0400

Glenn Morris wrote:

> Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
> but is not a valid signature file?

Sorry, ignore that. It works fine with:

  gpg --homedir ~/.emacs.d/elpa/gnupg --verify archive-contents.sig 

(Albeit with the issue from https://debbugs.gnu.org/25532, which does
not affect the exit status for me, but might depending on the user's gpg
configuration, I guess.)

Message #16 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Mark Oteiza <mvoteiza <at> udel.edu>,  27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 15:24:54 -0400

I feel like sometimes this works for me, and sometimes it doesn't.

It's not helpful that package.el simply prints "unsigned file" for all
such errors, rather than showing the actual problem.

Message #19 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Monnier <monnier <at> IRO.UMontreal.CA>
To: Glenn Morris <rgm <at> gnu.org>
Cc: Mark Oteiza <mvoteiza <at> udel.edu>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 15:51:35 -0400

>> error in process filter: Unsigned file `archive-contents' at
>> https://elpa.gnu.org/packages/ [2 times]

> Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
> but is not a valid signature file?

Hmm... works here:

    % gpg --homedir ~/.emacs.d/elpa/gnupg/ archive-contents.sig                 
    gpg: WARNING: no command supplied.  Trying to guess what you mean ...
    gpg: assuming signed data in 'archive-contents'
    gpg: Signature made lun 24 jui 2017 05:10:02 EDT
    gpg:                using DSA key CA442C00F91774F17F59D9B0474F05837FBDEF9B
    gpg: Good signature from "GNU ELPA Signing Agent <elpasign <at> elpa.gnu.org>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: CA44 2C00 F917 74F1 7F59  D9B0 474F 0583 7FBD EF9B
    % 


-- Stefan

Message #22 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Mark Oteiza <mvoteiza <at> udel.edu>
To: Glenn Morris <rgm <at> gnu.org>
Cc: 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 22:24:56 -0400

On 24/07/17 at 03:24pm, Glenn Morris wrote:
>
>I feel like sometimes this works for me, and sometimes it doesn't.

Same, I idly called M-x list-packages a few times in a row and it
stopped erroring.  Restarted emacs, list-packages started erroring again.

>It's not helpful that package.el simply prints "unsigned file" for all
>such errors, rather than showing the actual problem.

Message #25 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Mark Oteiza <mvoteiza <at> udel.edu>
To: Glenn Morris <rgm <at> gnu.org>
Cc: Stefan Monnier <monnier <at> iro.umontreal.ca>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Mon, 24 Jul 2017 22:35:54 -0400

On 24/07/17 at 02:25pm, Glenn Morris wrote:
>Glenn Morris wrote:
>
>> Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
>> but is not a valid signature file?
>
>Sorry, ignore that. It works fine with:
>
>  gpg --homedir ~/.emacs.d/elpa/gnupg --verify archive-contents.sig
>
>(Albeit with the issue from https://debbugs.gnu.org/25532, which does
>not affect the exit status for me, but might depending on the user's gpg
>configuration, I guess.)

Here, I do get the same warning as in that bug, as well as exit status 0.

Message #28 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Mark Oteiza <mvoteiza <at> udel.edu>
Cc: 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Tue, 25 Jul 2017 14:06:28 -0400

After faffing around with debug statements, I think the problem is that
sometimes url-retrieving "https://elpa.gnu.org/packages/archive-contents.sig"
returns
    
    HTTP/1.1 400 Bad Request
    [...]
    Your browser sent a request that this server could not understand.
    Reason: You're speaking plain HTTP to an SSL-enabled server port.
     Instead use the HTTPS scheme to access this URL, please.

I have no idea whether this is a problem in url.el or elpa.gnu.org.

Message #31 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Glenn Morris <rgm <at> gnu.org>
To: Mark Oteiza <mvoteiza <at> udel.edu>
Cc: 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Tue, 25 Jul 2017 14:21:24 -0400

I feel like (setq url-http-attempt-keepalives nil) stops the problem
from happening (as well as speeding things up?).

Message #34 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Mark Oteiza <mvoteiza <at> udel.edu>
To: Glenn Morris <rgm <at> gnu.org>
Cc: Stefan Monnier <monnier <at> IRO.UMontreal.CA>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Tue, 25 Jul 2017 18:18:30 -0400

On 25/07/17 at 02:21pm, Glenn Morris wrote:
>I feel like (setq url-http-attempt-keepalives nil) stops the problem
>from happening (as well as speeding things up?).

I see the same effect.

HTTP/1.1 (url-http-version indicates "1.1") doesn't need this header.

Message #37 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Stefan Kangas <stefan <at> marxist.se>
To: Glenn Morris <rgm <at> gnu.org>
Cc: Mark Oteiza <mvoteiza <at> udel.edu>, Stefan Monnier <monnier <at> iro.umontreal.ca>,
 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Tue, 8 Sep 2020 14:05:39 +0000

Glenn Morris <rgm <at> gnu.org> writes:

> Mark Oteiza wrote:
>
>>   error in process filter: Unsigned file `archive-contents' at
>> https://elpa.gnu.org/packages/ [2 times]
>
> Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
> but is not a valid signature file?

FWIW, I've never seen this.  Is this still an issue?

Message #40 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Mark Oteiza <mvoteiza <at> udel.edu>
To: Stefan Kangas <stefan <at> marxist.se>
Cc: Glenn Morris <rgm <at> gnu.org>, Stefan Monnier <monnier <at> iro.umontreal.ca>,
 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Wed, 9 Sep 2020 12:37:19 -0400

On 08/09/20 at 02:05pm, Stefan Kangas wrote:
> Glenn Morris <rgm <at> gnu.org> writes:
> 
> > Mark Oteiza wrote:
> >
> >>   error in process filter: Unsigned file `archive-contents' at
> >> https://elpa.gnu.org/packages/ [2 times]
> >
> > Looks like http://elpa.gnu.org/packages/archive-contents.sig exists,
> > but is not a valid signature file?
> 
> FWIW, I've never seen this.  Is this still an issue?

I haven't been using package archives very much, but I'm currently not
seeing it when listing/updating packages, or running the recipe from the
original report.

Message #43 received at 27796 <at> debbugs.gnu.org (full text, mbox):

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Mark Oteiza <mvoteiza <at> udel.edu>
Cc: Glenn Morris <rgm <at> gnu.org>, Stefan Kangas <stefan <at> marxist.se>,
 Stefan Monnier <monnier <at> iro.umontreal.ca>, 27796 <at> debbugs.gnu.org
Subject: Re: bug#27796: 26.0.50; elpa unsigned file archive-contents
Date: Tue, 15 Feb 2022 11:33:07 +0100

Mark Oteiza <mvoteiza <at> udel.edu> writes:

> I haven't been using package archives very much, but I'm currently not
> seeing it when listing/updating packages, or running the recipe from the
> original report.

(I'm going through old bug reports that unfortunately weren't resolved
at the time.)

It sounds like it was a transitory problem with fetching the .sig file?
In which case I don't think there's much to be done on the Emacs side,
and I'm closing this bug report.  If there's something here that should
be worked on, please respond to the debbugs address and we'll reopen.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.