Implement --allow-insecure-transport for `guix pull`

OpenSubmitted by Leo Famulari.
Details
2 participants
  • Leo Famulari
  • Ludovic Courtès
Owner
unassigned
Severity
important
L
L
Leo Famulari wrote on 10 Jul 2021 19:28
(address . bug-guix@gnu.org)
YOnYqnI8fXzyFXgi@jasmine.lan
As discussed in #46829, `guix pull` needs an option like
--allow-insecure-transport so that users can continue to pull from the
same channel even when their local certificate store has expired or is
otherwise invalid.

L
L
Leo Famulari wrote on 3 Feb 18:44 +0100
(no subject)
(address . control@debbugs.gnu.org)
YfwUfbmGj1HWLFG7@jasmine.lan
block 53214 with 49508
L
L
Ludovic Courtès wrote on 8 Feb 11:18 +0100
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Leo Famulari)(address . leo@famulari.name)(address . 49508@debbugs.gnu.org)
875yppbr1b.fsf@gnu.org
Hi,

Leo Famulari <leo@famulari.name> skribis:

Toggle quote (5 lines)
> As discussed in #46829, `guix pull` needs an option like
> --allow-insecure-transport so that users can continue to pull from the
> same channel even when their local certificate store has expired or is
> otherwise invalid.

Agreed.

Unfortunately it seems that libgit2 doesn’t let us turn off certificate
verification:


‘verify_server_cert’ in src/streams/openssl.c is called
unconditionally. So it seems that the first thing to do would be to
submit a patch upstream that would allow users to disable certificate
checks via ‘git_libgit2_opts’.

Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
up-to-date, it should be fine, right?

Thanks,
Ludo’.
L
L
Ludovic Courtès wrote on 8 Feb 11:18 +0100
control message for bug #49508
(address . control@debbugs.gnu.org)
874k59br11.fsf@gnu.org
severity 49508 important
quit
L
L
Leo Famulari wrote on 8 Feb 18:11 +0100
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 49508@debbugs.gnu.org)
YgKkRDbry8C2b3u1@jasmine.lan
On Tue, Feb 08, 2022 at 11:18:08AM +0100, Ludovic Courtès wrote:
Toggle quote (8 lines)
> Unfortunately it seems that libgit2 doesn’t let us turn off certificate
> verification:
>
> https://libgit2.org/libgit2/#HEAD/group/libgit2
>
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally.

Ah, that's not surprising.

Toggle quote (4 lines)
> So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

Right, but it might not be accepted.

Toggle quote (3 lines)
> Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
> up-to-date, it should be fine, right?

Yeah, I think so.
?