guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]


From: Ludovic Courtès
Date: Fri, 29 Sep 2017 03:46:31 -0400 (EDT)

branch: master
commit 9cfea9fe2e3ca6a3d1b832a6ec217426ec973c93
Author: Ludovic Courtès <address@hidden>
Date:   Fri Sep 29 09:44:37 2017 +0200

    Do not mistakenly use 'GIT_SSL_CAINFO' as a directory name.
    
    'GIT_SSL_CAINFO' designates a single-file certificate bundle, not a
    directory; thus it must be passed as the second argument to
    'set-tls-certificate-locations!'.
    
    * src/cuirass/base.scm (process-specs): Pass $SSL_CERT_DIR as the first
    argument to 'set-tls-certificate-locations!', and $GIT_SSL_CAINFO or
    $SSL_CERT_FILE as the second argument.
---
 src/cuirass/base.scm | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/cuirass/base.scm b/src/cuirass/base.scm
index d1c8282..960a5e7 100644
--- a/src/cuirass/base.scm
+++ b/src/cuirass/base.scm
@@ -255,10 +255,14 @@ directory and the sha1 of the top level commit in this 
directory."
       (let ((stamp (db-get-stamp db spec)))
         ;; Catch and report git errors.
         (with-git-error-handling
-         (let ((certs (or (getenv "GIT_SSL_CAINFO")
-                          (getenv "SSL_CERT_DIR"))))
-           (when certs
-             (set-tls-certificate-locations! certs)))
+         ;; Try the 'GIT_SSL_CAINFO' or 'SSL_CERT_FILE' file first, then
+         ;; search the 'SSL_CERT_DIR' directory.
+         (let ((directory (getenv "SSL_CERT_DIR"))
+               (file      (or (getenv "GIT_SSL_CAINFO")
+                              (getenv "SSL_CERT_FILE"))))
+           (when (or directory file)
+             (set-tls-certificate-locations! directory file)))
+
          (receive (checkout commit)
              (fetch-repository store spec)
            (when commit



reply via email to

[Prev in Thread] Current Thread [Next in Thread]