[PATCH] gnu: protonvpn-cli: Update to 2.2.6.

  • Done
  • quality assurance status badge
Details
3 participants
  • Efraim Flashner
  • Leo Famulari
  • Ryan Prior
Owner
unassigned
Submitted by
Ryan Prior
Severity
normal
R
R
Ryan Prior wrote on 17 Dec 2020 05:53
(address . guix-patches@gnu.org)
20201217045258.3365-1-rprior@protonmail.com
* gnu/packages/vpn.scm (protonvpn-cli): Update to 2.2.6.
- Propagates all packages needed to connect.
---
gnu/packages/vpn.scm | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)

Toggle diff (40 lines)
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index 0c504ca6cc..4c9cb16209 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -351,7 +351,7 @@ traversing network address translators (@dfn{NAT}s) and firewalls.")
(define-public protonvpn-cli
(package
(name "protonvpn-cli")
- (version "2.2.4")
+ (version "2.2.6")
(source
(origin
;; PyPI has a ".whl" file but not a proper source release.
@@ -363,7 +363,7 @@ traversing network address translators (@dfn{NAT}s) and firewalls.")
(file-name (git-file-name name version))
(sha256
(base32
- "08yca0a0prrnrc7ir7ajd56yxvxpcs4m1k8f5kf273f5whgr7wzw"))))
+ "0y7v9ikrmy5dbjlpbpacp08gy838i8z54m8m4ps7ldk1j6kyia3n"))))
(build-system python-build-system)
(arguments '(#:tests? #f)) ; no tests in repo
(native-inputs
@@ -373,8 +373,13 @@ traversing network address translators (@dfn{NAT}s) and firewalls.")
("python-pythondialog" ,python-pythondialog)
("python-requests" ,python-requests)))
(propagated-inputs
- `(("openvpn" ,openvpn)
- ("dialog" ,dialog)))
+ `(("dialog" ,dialog)
+ ("iproute2" ,iproute)
+ ("iptables" ,iptables)
+ ("ncurses" ,ncurses)
+ ("openvpn" ,openvpn)
+ ("procps" ,procps)
+ ("which" ,which)))
(synopsis "Command-line client for ProtonVPN")
(description
"This is the official command-line interface for ProtonVPN, a secure
--
2.29.2
R
R
Ryan Prior wrote on 17 Dec 2020 05:57
Propagated packages
(name . 45284@debbugs.gnu.org)(address . 45284@debbugs.gnu.org)
znN3w1zeQMxd5xDJYakJkcZcmV7DrAuIJeD6XuqJfmKn1kH7F3up0wZkR600r6i8R-lewTj1woXFuD2bZtdJqMsEAn8i7Wzaqe_W6phcHjo=@protonmail.com
This protonvpn-cli package propagates a bunch of things, even moreso than before. I've verified that it needs them to connect, but I think we can avoid propagating them if I carefully go in and patch the system shell invocations to use explicit paths.

I don't know when I'll have time to do that, so I'd recommend merging this patch to make the latest protonvpn-cli available. In any case I'll try and get a patched package with minimal if any propagation out ASAP.

Cheers,
Ryan
Attachment: file
E
E
Efraim Flashner wrote on 17 Dec 2020 10:55
(name . Ryan Prior)(address . rprior@protonmail.com)(name . 45284@debbugs.gnu.org)(address . 45284@debbugs.gnu.org)
X9srIWL1uGriQV8i@E5400
On Thu, Dec 17, 2020 at 04:57:24AM +0000, Ryan Prior via Guix-patches via wrote:
Toggle quote (5 lines)
> This protonvpn-cli package propagates a bunch of things, even moreso than before. I've verified that it needs them to connect, but I think we can avoid propagating them if I carefully go in and patch the system shell invocations to use explicit paths.
>
> I don't know when I'll have time to do that, so I'd recommend merging this patch to make the latest protonvpn-cli available. In any case I'll try and get a patched package with minimal if any propagation out ASAP.
>

Does the current protonvpn-cli not work? That is a lot of propagated
inputs. Is it possible to wrap the binary instead?

--
Efraim Flashner <efraim@flashner.co.il> ????? ?????
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl/bKyEACgkQQarn3Mo9
g1HY9RAAoujBmONhcAkeJTajNP0gphqgm2RXe872bsrhhb+sDOEfvqfyV1h8eRu9
j1Fx1Mt9PZ+yMGoyQDVU8EpTdrZVjDB6uOnH9DIyy/pqEI58DTOStAebdvfDAFnw
LUPNa8OhALOfWSWnNKU0TXwzFUh7xZRbnKb6dpVdNOuOo0RC5FXYTqB/cOhSpCj3
g3Zx4WpsA0VGUQ4wlpUElxJyWnZR+DXVV2sUjmy76gMeITiSZYCeuX5dp4JH3QvM
XzrU6m0KIoOZ3x6hMzPnzdrH/fRgt6OrtbKOmfGgRwzIfVZHrT+IcATW5pY76KjV
XEa7ILeJcf7cnHqB0fQw5s5pJQCivB4cGHnzza+KivssEWPxnIp3dQEhBSndR7g1
8UWGbCoujydUJLBPbO1+FHhM320H3VyqFTA+GShxRCwyeBlKIN987G6G+ELe9qgc
WvNhDkmiYa1zhSOWFuJifbTIUs9i8shAr2xULXRkbxPxHuhTg9UX3KN5TDkpjdT5
XmKA3LWGAbGyo6UZ2iu9+g8UMmEcVP8fGkKOzyLSnCrNt/cDVpcTQIfnJkbc1DyE
nCLhk+wYJR39aQPwKqLDVA8opkEsS/SrSDtc/nKGOcOGmu9L9SKShtFHLu2TgvJs
GUspLBjumpRVnuzQLH9sS+vZhj0l8NzHpJXGn1GUzmirzKqtjjc=
=fspV
-----END PGP SIGNATURE-----


R
R
Ryan Prior wrote on 23 Dec 2020 04:38
[PATCH] gnu: protonvpn-cli: Stop propagating inputs.
(address . 45284@debbugs.gnu.org)
20201223033802.16667-1-rprior@protonmail.com
* gnu/packages/vpn.scm (protonvpn-cli): Stop propagating inputs.
- Adds all necessary inputs.
- Wraps entrypoint to avoid propagation.
---
gnu/packages/vpn.scm | 37 +++++++++++++++++++++++++++++++------
1 file changed, 31 insertions(+), 6 deletions(-)

Toggle diff (54 lines)
diff --git a/gnu/packages/vpn.scm b/gnu/packages/vpn.scm
index c1f0b65e84..72ca9ee31b 100644
--- a/gnu/packages/vpn.scm
+++ b/gnu/packages/vpn.scm
@@ -364,16 +364,41 @@ traversing network address translators (@dfn{NAT}s) and firewalls.")
(sha256
(base32 "0y7v9ikrmy5dbjlpbpacp08gy838i8z54m8m4ps7ldk1j6kyia3n"))))
(build-system python-build-system)
- (arguments '(#:tests? #f)) ; no tests in repo
+ (arguments
+ '(#:tests? #f ; no tests in repo
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'wrap 'wrap-wrapper
+ ;; Wrap entrypoint with paths to its hard dependencies.
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let ((entrypoint (string-append (assoc-ref outputs "out") "/bin/.protonvpn-real")))
+ (wrap-program entrypoint
+ `("PATH" ":" prefix
+ ,(map (lambda (name)
+ (let ((input (assoc-ref inputs name)))
+ (string-append input "/bin:"
+ input "/sbin")))
+ (list "dialog"
+ "iproute2"
+ "iptables"
+ "ncurses"
+ "openvpn"
+ "procps"
+ "which")))))
+ #t)))))
(native-inputs
`(("python-docopt" ,python-docopt)))
(inputs
- `(("python-jinja2" ,python-jinja2)
+ `(("dialog" ,dialog)
+ ("iproute2" ,iproute)
+ ("iptables" ,iptables)
+ ("ncurses" ,ncurses)
+ ("openvpn" ,openvpn)
+ ("procps" ,procps)
+ ("python-jinja2" ,python-jinja2)
("python-pythondialog" ,python-pythondialog)
- ("python-requests" ,python-requests)))
- (propagated-inputs
- `(("openvpn" ,openvpn)
- ("dialog" ,dialog)))
+ ("python-requests" ,python-requests)
+ ("which" ,which)))
(synopsis "Command-line client for ProtonVPN")
(description
"This is the official command-line interface for ProtonVPN, a secure
--
2.29.2
R
R
Ryan Prior wrote on 23 Dec 2020 04:42
Double wrapper for protonvpn
(name . 45284@debbugs.gnu.org)(address . 45284@debbugs.gnu.org)
hi1hZzTSBsgxKsytOVex922VrDUMxlzSWf782iFOzJJ9rs8OEB_ZVC--I5dxg5-6nj7z3TWSCCwhOyaAfWkcP7Hy-4nl750gPjGVAXvFmBA=@protonmail.com
Hi there! This patch updates the protonvpn-cli package to use a wrapper, so now it doesn't propagate anything.

I ran into a hitch when wrapping the program the same way it's typically done didn't work. I was getting a "bad interpreter" error from the kernel when I ran the program. Digging into it, I discovered it's because the program was double-wrapped, and the second wrapping garbled the work done by the first wrapping.

Investigating further, I determined the messiness stems from python-build-system automatically wrapping my output for me to set the PYTHONPATH. From my searching in gnu/packages/python-* sources, there isn't much explicit wrapping in python land.
So y'all know me, I decided to try the dumbest possible thing first: I wrapped the wrapper.

It works fine. But you end up with a situation like:
- invoke protonvpn
- which sets PYTHONPATH and invokes .protonvpn-real
- which sets PATH and calls ..protonvpn-real-real

Additionally, in the build output we have a "wrap" phase and then a "wrap-wrapper" phase.

So what do you think? Is my dumb solution that works thus not dumb, and we should ship it? Or is there a better way of composing wrappers so that I'm not creating this billiards game situation with the entrypoint?

Cheers,
Ryan
Attachment: file
L
L
Leo Famulari wrote on 24 Dec 2020 22:20
Re: [bug#45284] [PATCH] gnu: protonvpn-cli: Stop propagating inputs.
(name . Ryan Prior via Guix-patches via)(address . guix-patches@gnu.org)(address . 45284@debbugs.gnu.org)
X+UGOGe223Nx5HSp@jasmine.lan
On Wed, Dec 23, 2020 at 03:38:08AM +0000, Ryan Prior via Guix-patches via wrote:
Toggle quote (4 lines)
> * gnu/packages/vpn.scm (protonvpn-cli): Stop propagating inputs.
> - Adds all necessary inputs.
> - Wraps entrypoint to avoid propagation.

Thanks! I wrote the commit message and pushed as bcfa8b4a285c4948b61bc7297ade28a7c0e59e2c
L
L
Leo Famulari wrote on 24 Dec 2020 22:21
Re: [bug#45284] Double wrapper for protonvpn
(name . Ryan Prior via Guix-patches via)(address . guix-patches@gnu.org)(name . 45284@debbugs.gnu.org)(address . 45284-done@debbugs.gnu.org)
X+UGbiYD4L7ZWxXk@jasmine.lan
On Wed, Dec 23, 2020 at 03:42:48AM +0000, Ryan Prior via Guix-patches via wrote:
Toggle quote (2 lines)
> So what do you think? Is my dumb solution that works thus not dumb, and we should ship it? Or is there a better way of composing wrappers so that I'm not creating this billiards game situation with the entrypoint?

There are plenty of Guix packages that create multiple wrappers. I'm
sure there is room for improvement but this is fine if it works for you.
?