Implement --allow-insecure-transport for `guix pull`

  • Open
  • quality assurance status badge
Details
4 participants
  • Leo Famulari
  • Ludovic Courtès
  • Mathieu Othacehe
  • Mathieu Othacehe
Owner
unassigned
Submitted by
Leo Famulari
Severity
important
L
L
Leo Famulari wrote on 10 Jul 2021 19:28
(address . bug-guix@gnu.org)
YOnYqnI8fXzyFXgi@jasmine.lan
As discussed in #46829, `guix pull` needs an option like
--allow-insecure-transport so that users can continue to pull from the
same channel even when their local certificate store has expired or is
otherwise invalid.

L
L
Leo Famulari wrote on 3 Feb 2022 18:44
(no subject)
(address . control@debbugs.gnu.org)
YfwUfbmGj1HWLFG7@jasmine.lan
block 53214 with 49508
L
L
Ludovic Courtès wrote on 8 Feb 2022 11:18
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Leo Famulari)(address . leo@famulari.name)(address . 49508@debbugs.gnu.org)
875yppbr1b.fsf@gnu.org
Hi,

Leo Famulari <leo@famulari.name> skribis:

Toggle quote (5 lines)
> As discussed in #46829, `guix pull` needs an option like
> --allow-insecure-transport so that users can continue to pull from the
> same channel even when their local certificate store has expired or is
> otherwise invalid.

Agreed.

Unfortunately it seems that libgit2 doesn’t let us turn off certificate
verification:


‘verify_server_cert’ in src/streams/openssl.c is called
unconditionally. So it seems that the first thing to do would be to
submit a patch upstream that would allow users to disable certificate
checks via ‘git_libgit2_opts’.

Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
up-to-date, it should be fine, right?

Thanks,
Ludo’.
L
L
Ludovic Courtès wrote on 8 Feb 2022 11:18
control message for bug #49508
(address . control@debbugs.gnu.org)
874k59br11.fsf@gnu.org
severity 49508 important
quit
L
L
Leo Famulari wrote on 8 Feb 2022 18:11
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 49508@debbugs.gnu.org)
YgKkRDbry8C2b3u1@jasmine.lan
On Tue, Feb 08, 2022 at 11:18:08AM +0100, Ludovic Courtès wrote:
Toggle quote (8 lines)
> Unfortunately it seems that libgit2 doesn’t let us turn off certificate
> verification:
>
> https://libgit2.org/libgit2/#HEAD/group/libgit2
>
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally.

Ah, that's not surprising.

Toggle quote (4 lines)
> So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

Right, but it might not be accepted.

Toggle quote (3 lines)
> Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
> up-to-date, it should be fine, right?

Yeah, I think so.
M
M
Mathieu Othacehe wrote on 1 Nov 2022 18:30
(name . Ludovic Courtès)(address . ludo@gnu.org)
871qqmmvjn.fsf@gnu.org
Hello,

Toggle quote (5 lines)
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally. So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

While this seems like something that we definitely want, I think we
shouldn't block the release with a contribution that can take time to be
upstreamed in libgit2.

Unblocking #53214.

Mathieu
M
M
Mathieu Othacehe wrote on 1 Nov 2022 18:32
control message for bug #53214
(address . control@debbugs.gnu.org)
87zgdalgwv.fsf@meije.mail-host-address-is-not-set
unblock 53214 by 49508
quit
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 49508@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 49508
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch