GNU bug report logs - #70674
[PATCH core-updates 0/1] Allow cargo to use custom SSL certificates

Previous Next

Package: guix-patches;

Reported by: Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>

Date: Tue, 30 Apr 2024 14:13:01 UTC

Severity: normal

Tags: patch

To reply to this bug, email your comments to 70674 AT debbugs.gnu.org.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to efraim <at> flashner.co.il, guix-patches <at> gnu.org:
bug#70674; Package guix-patches. (Tue, 30 Apr 2024 14:13:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>:
New bug report received and forwarded. Copy sent to efraim <at> flashner.co.il, guix-patches <at> gnu.org. (Tue, 30 Apr 2024 14:13:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>
To: guix-patches <at> gnu.org
Cc: Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>
Subject: [PATCH core-updates 0/1] Allow cargo to use custom SSL certificates
Date: Tue, 30 Apr 2024 14:11:09 +0000

Cargo, just like git, allows certificate validation against a customized set
of certificates. Add the required native-path for this, just like
GIT_SSL_CAINFO for git.

Jean-Baptiste Note (1):
  gnu: rust: Add CARGO_HTTP_CAINFO to native-search-path.

 gnu/packages/rust.scm | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

-- 
2.41.0
Information forwarded to efraim <at> flashner.co.il, guix-patches <at> gnu.org:
bug#70674; Package guix-patches. (Tue, 30 Apr 2024 14:19:02 GMT) Full text and rfc822 format available.

Message #8 received at 70674 <at> debbugs.gnu.org (full text, mbox):

From: Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>
To: 70674 <at> debbugs.gnu.org
Cc: Jean-Baptiste Note <jean-baptiste.note <at> m4x.org>
Subject: [PATCH core-updates 1/1] gnu: rust: Add CARGO_HTTP_CAINFO to
 native-search-path.
Date: Tue, 30 Apr 2024 14:17:49 +0000

* gnu/packages/rust.scm (rust-1.55): Add CARGO_HTTP_CAINFO native-search-path
so that Cargo honors custom certificates (a la GIT_SSL_CAINFO).
---
 gnu/packages/rust.scm | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/rust.scm b/gnu/packages/rust.scm
index 60aa9b1ea0..aaba458933 100644
--- a/gnu/packages/rust.scm
+++ b/gnu/packages/rust.scm
@@ -539,9 +539,18 @@ (define-public rust-1.55
     (inputs
      `(("llvm" ,llvm-13)
        ("openssl" ,openssl)))
-    ;; rustc invokes gcc, so we need to set its search paths accordingly.
     (native-search-paths
-      %gcc-search-paths)
+     (cons
+      ;; For HTTPS access, Cargo reads from a single-file certificate
+      ;; specified with $CARGO_HTTP_CAINFO. See
+      ;; https://doc.rust-lang.org/cargo/reference/environment-variables.html
+      (search-path-specification
+       (variable "CARGO_HTTP_CAINFO")
+       (file-type 'regular)
+       (separator #f)              ;single entry
+       (files '("etc/ssl/certs/ca-certificates.crt")))
+      ;; rustc invokes gcc, so we need to set its search paths accordingly.
+      %gcc-search-paths))
     ;; Limit this to systems where the final rust compiler builds successfully.
     (supported-systems '("x86_64-linux" "aarch64-linux" "riscv64-linux"))
     (synopsis "Compiler for the Rust programming language")
-- 
2.41.0
This bug report was last modified 16 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.