bug#49508: Implement --allow-insecure-transport for `guix pull`

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#49508: Implement --allow-insecure-transport for `guix pull`

From:	Leo Famulari
Subject:	bug#49508: Implement --allow-insecure-transport for `guix pull`
Date:	Tue, 8 Feb 2022 12:11:32 -0500

On Tue, Feb 08, 2022 at 11:18:08AM +0100, Ludovic Courtès wrote:
> Unfortunately it seems that libgit2 doesn’t let us turn off certificate
> verification:
> 
>   https://libgit2.org/libgit2/#HEAD/group/libgit2
> 
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally.

Ah, that's not surprising.

> So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

Right, but it might not be accepted.

> Now, by default, ‘guix pull’ honors /etc/ssl/certs.  Assuming those are
> up-to-date, it should be fine, right?

Yeah, I think so.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#49508: Implement --allow-insecure-transport for `guix pull`, Ludovic Courtès, 2022/02/08
- bug#49508: Implement --allow-insecure-transport for `guix pull`, Leo Famulari <=

Prev by Date: bug#53621: Re : Re: bug#53621: i18n guix module error when opening shell after guix home reconfigure
Next by Date: bug#53881: GNOME Settings: View Keyboard Layout doesn't work
Previous by thread: bug#49508: Implement --allow-insecure-transport for `guix pull`
Next by thread: bug#53873: Failed to compute derivation for Guix (version: "eb0dd063a0687301b6d805feaf4b1ada87f6e120"; system: "x86_64-linux"; host version: "1.3.0"; pull-version: 1)
Index(es):
- Date
- Thread