Re: `guix pull` over HTTPS

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `guix pull` over HTTPS

From:	Leo Famulari
Subject:	Re: `guix pull` over HTTPS
Date:	Wed, 1 Mar 2017 00:14:20 -0500
User-agent:	Mutt/1.7.2 (2016-11-26)

On Wed, Mar 01, 2017 at 03:36:11AM +0100, Marius Bakke wrote:
> Subject: [PATCH] pull: Default to HTTPS.
> 
> * guix/build/download.scm (tls-wrap): Add CERTIFICATE-DIRECTORY parameter.
> (open-connection-for-uri): Adjust parameters to match.
> (http-fetch): Likewise.
> (url-fetch): Likewise.
> * guix/download.scm (download-to-store): Likewise.
> * guix/scripts/pull.scm (%snapshot-url): Use HTTPS.
> (guix-pull): Verify against the store path of NSS-CERTS.

When I don't have GnuTLS in my environment, it fails like this:

Starting download of /tmp/guix-file.pSCYyI
From https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz...
;;; Failed to autoload make-session in (gnutls):
;;; ERROR: missing interface for module (gnutls)
ERROR: In procedure module-lookup: Unbound variable: make-session
failed to download "/tmp/guix-file.pSCYyI" from 
"https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz";
guix pull: error: failed to download up-to-date source, exiting

Also, I think we should only use a default trust store when pulling from
%snapshot-url.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: `guix pull` over HTTPS, Leo Famulari <=
- [PATCH v3] pull: Default to HTTPS., Marius Bakke, 2017/03/01
  - Re: [PATCH v3] pull: Default to HTTPS., Leo Famulari, 2017/03/01
- Re: `guix pull` over HTTPS, Marius Bakke, 2017/03/01
- Re: `guix pull` over HTTPS, Ludovic Courtès, 2017/03/06
- Re: `guix pull` over HTTPS, Ludovic Courtès, 2017/03/06
  - Re: `guix pull` over HTTPS, Marius Bakke, 2017/03/06

Next by Date: Re: gnu-patches back log
Next by thread: [PATCH v3] pull: Default to HTTPS.
Index(es):
- Date
- Thread