guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `guix pull` over HTTPS


From: Marius Bakke
Subject: Re: `guix pull` over HTTPS
Date: Wed, 01 Mar 2017 22:21:15 +0100
User-agent: Notmuch/0.23.5 (https://notmuchmail.org) Emacs/25.1.1 (x86_64-unknown-linux-gnu)

Leo Famulari <address@hidden> writes:

> On Wed, Mar 01, 2017 at 03:36:11AM +0100, Marius Bakke wrote:
>> Subject: [PATCH] pull: Default to HTTPS.
>> 
>> * guix/build/download.scm (tls-wrap): Add CERTIFICATE-DIRECTORY parameter.
>> (open-connection-for-uri): Adjust parameters to match.
>> (http-fetch): Likewise.
>> (url-fetch): Likewise.
>> * guix/download.scm (download-to-store): Likewise.
>> * guix/scripts/pull.scm (%snapshot-url): Use HTTPS.
>> (guix-pull): Verify against the store path of NSS-CERTS.
>
> When I don't have GnuTLS in my environment, it fails like this:
>
> Starting download of /tmp/guix-file.pSCYyI
> From https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz...
> ;;; Failed to autoload make-session in (gnutls):
> ;;; ERROR: missing interface for module (gnutls)
> ERROR: In procedure module-lookup: Unbound variable: make-session
> failed to download "/tmp/guix-file.pSCYyI" from 
> "https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz";
> guix pull: error: failed to download up-to-date source, exiting
>
> Also, I think we should only use a default trust store when pulling from
> %snapshot-url.

Please try version 3 of the patch, where I tried to address these
issues. It is also far simpler than the previous approaches.

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]