bug-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25422: GIT_SSL_CAINFO set incorrectly


From: Ludovic Courtès
Subject: bug#25422: GIT_SSL_CAINFO set incorrectly
Date: Sat, 14 Jan 2017 22:20:59 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

Hi!

Leo Famulari <address@hidden> skribis:

> Recently, Guix started to set the environment GIT_SSL_CAINFO like a
> search path, instead of pointing to single file, which is what it should
> be.

I don’t think anything has changed, maybe it’s just that your profile
now includes ‘ssl/certs’?

On my GuixSD machine, I still have:

  $ env |grep GIT_
  GIT_SSL_CAINFO=/etc/ssl/certs/ca-certificates.crt

but that’s because ~/.guix-profile does not contain certificates.

At any rate, you are right that GIT_SSL_CAINFO should be a single file.
There’s a note in the code:

   (native-search-paths
    ;; For HTTPS access, Git needs a single-file certificate bundle, specified
    ;; with $GIT_SSL_CAINFO.
    ;; FIXME: This variable designates a single file; it is not a search path.
    (list (search-path-specification
           (variable "GIT_SSL_CAINFO")
           (file-type 'regular)
           (files '("etc/ssl/certs/ca-certificates.crt")))))

So we’re abusing the search path mechanism here.

A proper fix might be to add an option in ‘search-path-specification’ to
pick only the first match.

WDYT?

Thanks,
Ludo’.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]