Mathieu Othacehe <mathieu@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.
Received: (at 49508) by debbugs.gnu.org; 1 Nov 2022 17:31:09 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Nov 01 13:31:09 2022
Received: from localhost ([127.0.0.1]:44144 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1opv6T-0002Lh-Bi
for submit <at> debbugs.gnu.org; Tue, 01 Nov 2022 13:31:09 -0400
Received: from eggs.gnu.org ([209.51.188.92]:45166)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <othacehe@HIDDEN>) id 1opv6O-0002L7-Ef
for 49508 <at> debbugs.gnu.org; Tue, 01 Nov 2022 13:31:08 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <othacehe@HIDDEN>)
id 1opv6I-0005pB-E4; Tue, 01 Nov 2022 13:30:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
From; bh=u22izXh0Cg6oxjt2WBoXNiEcO76vq7FR5cRldSdSaMw=; b=Vv9+7yJcvyhyG/drGj7P
3paRDCw73a9PI+TPRwXWmDyoBlQPRnsghK5p0zCPagP43j0ygUJ3MgeDn9VEc8Dof2Rv6IyJKbREh
flBE0gjK+rUoEhvTjPwMVWUtvCFk15AinOuO7zSJGZ1E5zDSwjF0JgpN3RvKu8L2QfaAz2jR967V8
e1qdCN2S8MXzsitQKat6V+y0wIvoAq99+1V+aWJAmnm2mfj3gZcDzEJ03IrwlTdb8hevzAM69BWJd
1uwaXglslpNo9fx1+BBQJflUlsvrTjDjTNmC3rdZ26XT9YjyOm7KeguvnjpBrSIhIWBeBhjHDXdzI
8cye4ZgjNwiXoA==;
Received: from 2a02-8429-81d2-3d01-94c9-8097-ea5c-2774.rev.sfr.net
([2a02:8429:81d2:3d01:94c9:8097:ea5c:2774] helo=meije)
by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <othacehe@HIDDEN>)
id 1opv6G-0003lc-Bz; Tue, 01 Nov 2022 13:30:58 -0400
From: Mathieu Othacehe <othacehe@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#49508: Implement --allow-insecure-transport for `guix pull`
References: <YOnYqnI8fXzyFXgi@HIDDEN> <875yppbr1b.fsf@HIDDEN>
Date: Tue, 01 Nov 2022 18:30:52 +0100
In-Reply-To: <875yppbr1b.fsf@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
=?utf-8?Q?s?= message of "Tue, 08 Feb 2022 11:18:08 +0100")
Message-ID: <871qqmmvjn.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 49508
Cc: 49508 <at> debbugs.gnu.org, Leo Famulari <leo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Hello,
> =E2=80=98verify_server_cert=E2=80=99 in src/streams/openssl.c is called
> unconditionally. So it seems that the first thing to do would be to
> submit a patch upstream that would allow users to disable certificate
> checks via =E2=80=98git_libgit2_opts=E2=80=99.
While this seems like something that we definitely want, I think we
shouldn't block the release with a contribution that can take time to be
upstreamed in libgit2.
Unblocking #53214.
Mathieu
bug-guix@HIDDEN:bug#49508; Package guix.
Full text available.Received: (at 49508) by debbugs.gnu.org; 8 Feb 2022 17:11:41 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 08 12:11:41 2022 Received: from localhost ([127.0.0.1]:48484 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1nHU1l-0003aV-2B for submit <at> debbugs.gnu.org; Tue, 08 Feb 2022 12:11:41 -0500 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:58869) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1nHU1i-0003aJ-TX for 49508 <at> debbugs.gnu.org; Tue, 08 Feb 2022 12:11:39 -0500 Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id DDCC85C009F; Tue, 8 Feb 2022 12:11:33 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 08 Feb 2022 12:11:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=cc:cc:content-transfer-encoding:content-type:date:date:from :from:in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=mesmtp; bh=lMbqFmGqohB pltNdW7UpcQYNgWGaJc8RnZlKT7f/CrU=; b=X8+c3TM4QGREkj1H9sMlgS1Njn9 DXTe+qMVI0YVX1HJuUVnKLbHx694eyfrC8XCkiq10gC3HiySFqOnAH2fGRK3T+Et G0KTEAZB9Q0B3gT0e5iI8eJjvNgtyPkgB9KAklWC+KbvCDir1cbgX6uEXoEIXmHF +gjecd2X8N8dmGPU= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=lMbqFmGqohBpltNdW7UpcQYNgWGaJc8RnZlKT7f/C rU=; b=aSgZDinHoaEvsWZbRNXOfu2y5p9hMKJqKG6BGjqxKcfC6x5nTq0hA2MZT b+dhaxwQNx6EEvdpN9R8OL5P1QMOdortyEIV48/rYKAscxjJtWoJJ4nZPXKU709P f8rtokW4z5RjOor/SGQnWcEgRAt4Ib3EB1a72CC4dkXRKHQkHL26NPurxLZH/13+ ZehPX9HAi5BPGESBb5czfIR3ur9QU2lyjgNepasmFb7pWgwlVNKZfkw5AXj8P00g 07j4+DD+U8Ydo3uvwm1YQL1zkaVYNiQidZHjN0A3LlK3RsLaOObkkidCjtQp6jZP DODDsOM+DjdwuAIGuJCodNqPORpig== X-ME-Sender: <xms:RaQCYqiLdPhWmOlrElu1cdh46VIphr_MdB2J1TK9sw4fAMUhQEsyZg> <xme:RaQCYrCC7jXjPeqkhZfXYogq6ahwwIrr21Ujxmb9NiW5qCahFrFuJE_qKcVQFw_6s csXBCG38hxn7BM0yw> X-ME-Received: <xmr:RaQCYiEdmFEMht_GNEuro9j4iO8BvrsqFXIBCTEr96leEyVAXsF6TGK9t-fMDpr7uVd7L1wBzH7XjbAEIuCStobxgw> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrheejgdelgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvuffkfhggtggugfgjsehtkeertddttdejnecuhfhrohhmpefnvghoucfh rghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtth gvrhhnpeeihedtheetgfevveffieeiieffhfekgfehueduueduhfdttddvjeetteejueef tdenucffohhmrghinheplhhisghgihhtvddrohhrghenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: <xmx:RaQCYjR5PyU5Jbbm1EVO2dCpc-tMlnQiltfzCwp7_zpmdeyYtiAu1w> <xmx:RaQCYnwXH_MIKM7qycxn4HDKG_5TQeevv4oAzYGJlr0ymnYs6Pbu9g> <xmx:RaQCYh4EjSIDxAMnyYyKWnv8OLpv3Xycw99lwhdqNFG28l3pTsPgiQ> <xmx:RaQCYlZdxdvMAOAUe2mPTKUurtWgouvaVRAdsPhB4mEpn_WiSBEZZA> Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 8 Feb 2022 12:11:33 -0500 (EST) Date: Tue, 8 Feb 2022 12:11:32 -0500 From: Leo Famulari <leo@HIDDEN> To: Ludovic =?iso-8859-1?Q?Court=E8s?= <ludo@HIDDEN> Subject: Re: bug#49508: Implement --allow-insecure-transport for `guix pull` Message-ID: <YgKkRDbry8C2b3u1@HIDDEN> References: <YOnYqnI8fXzyFXgi@HIDDEN> <875yppbr1b.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <875yppbr1b.fsf@HIDDEN> X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 49508 Cc: 49508 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) On Tue, Feb 08, 2022 at 11:18:08AM +0100, Ludovic Courtès wrote: > Unfortunately it seems that libgit2 doesn’t let us turn off certificate > verification: > > https://libgit2.org/libgit2/#HEAD/group/libgit2 > > ‘verify_server_cert’ in src/streams/openssl.c is called > unconditionally. Ah, that's not surprising. > So it seems that the first thing to do would be to > submit a patch upstream that would allow users to disable certificate > checks via ‘git_libgit2_opts’. Right, but it might not be accepted. > Now, by default, ‘guix pull’ honors /etc/ssl/certs. Assuming those are > up-to-date, it should be fine, right? Yeah, I think so.
bug-guix@HIDDEN:bug#49508; Package guix.
Full text available.Ludovic Courtès <ludo@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at 49508) by debbugs.gnu.org; 8 Feb 2022 10:18:19 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 08 05:18:19 2022 Received: from localhost ([127.0.0.1]:45435 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1nHNZi-00088T-TW for submit <at> debbugs.gnu.org; Tue, 08 Feb 2022 05:18:19 -0500 Received: from hera.aquilenet.fr ([185.233.100.1]:36898) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1nHNZg-00088A-UJ for 49508 <at> debbugs.gnu.org; Tue, 08 Feb 2022 05:18:17 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 7CEEB193; Tue, 8 Feb 2022 11:18:10 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pZlDrSf1e8p1; Tue, 8 Feb 2022 11:18:10 +0100 (CET) Received: from ribbon (unknown [IPv6:2001:660:6102:320:e120:2c8f:8909:cdfe]) by hera.aquilenet.fr (Postfix) with ESMTPSA id 7CBC916C; Tue, 8 Feb 2022 11:18:09 +0100 (CET) From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Leo Famulari <leo@HIDDEN> Subject: Re: bug#49508: Implement --allow-insecure-transport for `guix pull` References: <YOnYqnI8fXzyFXgi@HIDDEN> Date: Tue, 08 Feb 2022 11:18:08 +0100 In-Reply-To: <YOnYqnI8fXzyFXgi@HIDDEN> (Leo Famulari's message of "Sat, 10 Jul 2021 13:28:10 -0400") Message-ID: <875yppbr1b.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: / Authentication-Results: hera.aquilenet.fr; none X-Rspamd-Server: hera X-Rspamd-Queue-Id: 7CEEB193 X-Spamd-Result: default: False [-0.10 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[] X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 49508 Cc: 49508 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.0 (/) Hi, Leo Famulari <leo@HIDDEN> skribis: > As discussed in #46829, `guix pull` needs an option like > --allow-insecure-transport so that users can continue to pull from the > same channel even when their local certificate store has expired or is > otherwise invalid. Agreed. Unfortunately it seems that libgit2 doesn=E2=80=99t let us turn off certifi= cate verification: https://libgit2.org/libgit2/#HEAD/group/libgit2 =E2=80=98verify_server_cert=E2=80=99 in src/streams/openssl.c is called unconditionally. So it seems that the first thing to do would be to submit a patch upstream that would allow users to disable certificate checks via =E2=80=98git_libgit2_opts=E2=80=99. Now, by default, =E2=80=98guix pull=E2=80=99 honors /etc/ssl/certs. Assumi= ng those are up-to-date, it should be fine, right? Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#49508; Package guix.
Full text available.Leo Famulari <leo@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at submit) by debbugs.gnu.org; 10 Jul 2021 17:28:18 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Jul 10 13:28:18 2021 Received: from localhost ([127.0.0.1]:33406 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1m2Gm2-0007Al-DU for submit <at> debbugs.gnu.org; Sat, 10 Jul 2021 13:28:18 -0400 Received: from lists.gnu.org ([209.51.188.17]:50526) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1m2Gm1-0007Ae-9b for submit <at> debbugs.gnu.org; Sat, 10 Jul 2021 13:28:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43500) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1m2Gm0-0006HS-Vz for bug-guix@HIDDEN; Sat, 10 Jul 2021 13:28:17 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:33635) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo@HIDDEN>) id 1m2Glz-0003AW-8F for bug-guix@HIDDEN; Sat, 10 Jul 2021 13:28:16 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id EAA815C00C3; Sat, 10 Jul 2021 13:28:12 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 10 Jul 2021 13:28:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:subject:message-id:mime-version:content-type; s= mesmtp; bh=7p1O3WUUNdMmXOwOTsqwVo7v/C+wKaEcfn/F4u4NI+4=; b=duE74 YLksgFr4I+RCTMVzM107Y8B1HfpwxTZPXrvrScuBlmYl3VrGeYgPfpSnc3J0R4ft gGFgcC7h9HtPl2joNEguzlsxr0jdnbbAer6ZsLuVKE5aF9X7QuOS5aPRVjD8yQmh L/seumd/XzjecQxo+q5PKJWWSvCR5qmJwBTJ+A= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=7p1O3WUUNdMmXOwOTsqwVo7v/C+wK aEcfn/F4u4NI+4=; b=OjobQDANm9U/hXBCIEZHZvj7ko614GUonpPIa+TGrqzth wp6fYhMo/TcPe9SpuL8zAPS3DS+wijRfJk8Agpc+SEXPKiko6IdZRWsrCHpkv7IH X4cWnislkShPYz8owpFptQDSaODZU4bTpAetj9rAbNLvP4pGnUPFPSGCmBRHG8gN IdsYJ256FHr1kfnEdDT3KkuqiJC7QvftUsSSBsK3vbkxdMUrNOd6rNHgNPhfZD4R Br6m+eNZa5fQuGgOTPN/TZ1sLY/GsYVCvvXcG+Li9KWx9fb4kMWWKcshIUcTxvdd y/2HYwcpv5KEHJCvQrg6tJDxSrOvzu+BzZgfFFfTQ== X-ME-Sender: <xms:rNjpYMOmJb2-7HWJO1boMpnmPk54vBZikcwL4vOiZnwwH12qezl0dA> <xme:rNjpYC9PlXq7AZaE3ZFRQ-pgr8YAz2SXUcG4ukiGeVvQeGEwCcLhuY7QoYAi0acnh ySRvnVvXPiS5BCliQ> X-ME-Received: <xmr:rNjpYDRJaw_XUfjzGagbikzjEUgMfTb7nhbGadD4uAVBMmowDRmjtHRb5glx_jd7nmNWtvvVlyD12T6yv1gOWhim1vn5A5r9Tyrh_FO_hV62> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrtdekgdduuddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesthdtredttd dtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecuggftrfgrthhtvghrnhepueeiudeijeduffdvhfejvdegvdehgffgje dvveekfeefleefkeeuieejudevtedunecuffhomhgrihhnpehgnhhurdhorhhgnecuvehl uhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmh hulhgrrhhirdhnrghmvg X-ME-Proxy: <xmx:rNjpYEtPRs1CmRiqPvABhwg_QG8K8uoHl75d-hWYB7Qu7GrRyfPDYg> <xmx:rNjpYEfplPGoMxVveLlw_xqpd5-sybUh2hTJy3CNlnR0wjh4OXBoiw> <xmx:rNjpYI25V8ZF5QweWSskGMyRfQDUtKXricfnB7FCVQJjRwn_Nx3e2Q> <xmx:rNjpYOqY_Js8DJdE4JwNt6yugdHmi2QqNwjw506fIHqZJUfsZV37xQ> Received: by mail.messagingengine.com (Postfix) with ESMTPA for <bug-guix@HIDDEN>; Sat, 10 Jul 2021 13:28:12 -0400 (EDT) Date: Sat, 10 Jul 2021 13:28:10 -0400 From: Leo Famulari <leo@HIDDEN> To: bug-guix@HIDDEN Subject: Implement --allow-insecure-transport for `guix pull` Message-ID: <YOnYqnI8fXzyFXgi@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Received-SPF: pass client-ip=66.111.4.28; envelope-from=leo@HIDDEN; helo=out4-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.4 (--) As discussed in #46829, `guix pull` needs an option like --allow-insecure-transport so that users can continue to pull from the same channel even when their local certificate store has expired or is otherwise invalid. [0] <https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46829#114>
Leo Famulari <leo@HIDDEN>:bug-guix@HIDDEN.
Full text available.bug-guix@HIDDEN:bug#49508; Package guix.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.