Implement --allow-insecure-transport for `guix pull`

  • Open
  • quality assurance status badge
Details
4 participants
  • Leo Famulari
  • Ludovic Courtès
  • Mathieu Othacehe
  • Mathieu Othacehe
Owner
unassigned
Submitted by
Leo Famulari
Severity
important
L
L
Leo Famulari wrote on 10 Jul 2021 19:28
(address . bug-guix@gnu.org)
YOnYqnI8fXzyFXgi@jasmine.lan
As discussed in #46829, `guix pull` needs an option like
--allow-insecure-transport so that users can continue to pull from the
same channel even when their local certificate store has expired or is
otherwise invalid.

L
L
Leo Famulari wrote on 3 Feb 2022 18:44
(no subject)
(address . control@debbugs.gnu.org)
YfwUfbmGj1HWLFG7@jasmine.lan
block 53214 with 49508
L
L
Ludovic Courtès wrote on 8 Feb 2022 11:18
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Leo Famulari)(address . leo@famulari.name)(address . 49508@debbugs.gnu.org)
875yppbr1b.fsf@gnu.org
Hi,

Leo Famulari <leo@famulari.name> skribis:

Toggle quote (5 lines)
> As discussed in #46829, `guix pull` needs an option like
> --allow-insecure-transport so that users can continue to pull from the
> same channel even when their local certificate store has expired or is
> otherwise invalid.

Agreed.

Unfortunately it seems that libgit2 doesn’t let us turn off certificate
verification:


‘verify_server_cert’ in src/streams/openssl.c is called
unconditionally. So it seems that the first thing to do would be to
submit a patch upstream that would allow users to disable certificate
checks via ‘git_libgit2_opts’.

Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
up-to-date, it should be fine, right?

Thanks,
Ludo’.
L
L
Ludovic Courtès wrote on 8 Feb 2022 11:18
control message for bug #49508
(address . control@debbugs.gnu.org)
874k59br11.fsf@gnu.org
severity 49508 important
quit
L
L
Leo Famulari wrote on 8 Feb 2022 18:11
Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 49508@debbugs.gnu.org)
YgKkRDbry8C2b3u1@jasmine.lan
On Tue, Feb 08, 2022 at 11:18:08AM +0100, Ludovic Courtès wrote:
Toggle quote (8 lines)
> Unfortunately it seems that libgit2 doesn’t let us turn off certificate
> verification:
>
> https://libgit2.org/libgit2/#HEAD/group/libgit2
>
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally.

Ah, that's not surprising.

Toggle quote (4 lines)
> So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

Right, but it might not be accepted.

Toggle quote (3 lines)
> Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are
> up-to-date, it should be fine, right?

Yeah, I think so.
M
M
Mathieu Othacehe wrote on 1 Nov 2022 18:30
(name . Ludovic Courtès)(address . ludo@gnu.org)
871qqmmvjn.fsf@gnu.org
Hello,

Toggle quote (5 lines)
> ‘verify_server_cert’ in src/streams/openssl.c is called
> unconditionally. So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via ‘git_libgit2_opts’.

While this seems like something that we definitely want, I think we
shouldn't block the release with a contribution that can take time to be
upstreamed in libgit2.

Unblocking #53214.

Mathieu
M
M
Mathieu Othacehe wrote on 1 Nov 2022 18:32
control message for bug #53214
(address . control@debbugs.gnu.org)
87zgdalgwv.fsf@meije.mail-host-address-is-not-set
unblock 53214 by 49508
quit
?