GNU bug report logs - #40486
http-get doesn't respect #:verify-certificate?

Previous Next

Package: guile;

Reported by: Jan Synacek <jsynacek <at> redhat.com>

Date: Tue, 7 Apr 2020 15:31:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Jan Synacek <jsynacek <at> redhat.com>
Subject: bug#40486: closed (Re: bug#40486: http-get doesn't respect
 #:verify-certificate?)
Date: Wed, 27 May 2020 21:30:03 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#40486: http-get doesn't respect #:verify-certificate?

which was filed against the guile package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 40486 <at> debbugs.gnu.org.

-- 
40486: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=40486
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Ludovic Courtès <ludo <at> gnu.org>
To: Jan Synacek <jsynacek <at> redhat.com>
Cc: 40486-done <at> debbugs.gnu.org
Subject: Re: bug#40486: http-get doesn't respect #:verify-certificate?
Date: Wed, 27 May 2020 23:29:49 +0200

Hi,

Jan Synacek <jsynacek <at> redhat.com> skribis:

> When I run the following piece of code:
>
> (use-modules (web client))
> (http-get "https://bugzilla.redhat.com/rest/bug/1" #:verify-certificate? #f)
>
> I get:
> ...
> In web/client.scm:
>     563:0  1 (http-get "https://bugzilla.redhat.com/rest/bug/1" # _ # …)
>     231:6  0 (tls-wrap #<closed: file 1db4540> _ # _)
>
> web/client.scm:231:6: In procedure tls-wrap:
> X.509 certificate of 'bugzilla.redhat.com' could not be verified:
>   signer-not-found invalid
>
> If I use http-request instead of http-get, the keyword argument is
> correctly taken into account and the certificate is not verified.
>
> I use v3.0.2.

Fixed in a5421d2bb6e27fe77e794f950833ca6d84c8c523, thanks!

Ludo’.


[Message part 3 (message/rfc822, inline)]
From: Jan Synacek <jsynacek <at> redhat.com>
To: bug-guile <at> gnu.org
Subject: http-get doesn't respect #:verify-certificate?
Date: Tue, 07 Apr 2020 17:29:54 +0200

When I run the following piece of code:

(use-modules (web client))
(http-get "https://bugzilla.redhat.com/rest/bug/1" #:verify-certificate? #f)

I get:
...
In web/client.scm:
    563:0  1 (http-get "https://bugzilla.redhat.com/rest/bug/1" # _ # …)
    231:6  0 (tls-wrap #<closed: file 1db4540> _ # _)

web/client.scm:231:6: In procedure tls-wrap:
X.509 certificate of 'bugzilla.redhat.com' could not be verified:
  signer-not-found invalid

If I use http-request instead of http-get, the keyword argument is
correctly taken into account and the certificate is not verified.

I use v3.0.2.
This bug report was last modified 5 years and 47 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.