From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:33:41 2024 Received: (at submit) by debbugs.gnu.org; 10 Dec 2024 23:33:41 +0000 Received: from localhost ([127.0.0.1]:60032 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9jY-0005Lr-VY for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:33:41 -0500 Received: from lists.gnu.org ([209.51.188.17]:52566) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9jW-0005Lc-P0 for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:33:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9jV-0007VL-TI for guix-patches@gnu.org; Tue, 10 Dec 2024 18:33:37 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9jT-0002M6-Ee; Tue, 10 Dec 2024 18:33:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:Subject:To:From:in-reply-to: references; bh=pVsfPDa9vN0ojfmtMpFZxOsBuSbDEv/m6LjzEFjubEE=; b=myc1PACXRmVCn9 XGXMzu9tvoCIOO4VAiphEUBcIwX7bvbUoCFUntbIiJdyG+vHztoNcbMOc7ZlC7mkHT41oyb6+0Hcz b9fmQUPC59nlPPfizuRG+jtq/AC4N+JBM69exR7/OeODte3QfOKzX9QzHlAkjw+e6WVDh79KvMRUF +NRvXdUUGh8C23EtiDWRLIyJ+kT+NeQWYD2+qrnPJE/5ctoHScmUxJ7CcNUHgxwLdarQFdT9cZ+2Z iA9E/8lzBSJniDwuvKO2v+89zLzHgiRuRGNeicLnl6lJOhwO/VgdoQfTkiUiN6fBwBeAaz0EYFmdj jOxZ5YJzuquppBiolSWw==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: guix-patches@gnu.org Subject: [PATCH 0/7] Adding '--no-check-certificate' to 'pull' and 'time-machine' Date: Wed, 11 Dec 2024 00:33:22 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= , Nicolas Graves X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hello, As discussed with Nicolas in , being able to skip X.509 certificate verification in ‘guix pull’ & co. can be useful in emergency situations. This patch series: • fixes ‘guix download --git --no-check-certificate’ so that ‘--no-check-certificate’ is actually honored; • adds ‘--no-check-certificate’ to ‘pull’ and ‘time-machine’. Thoughts? Ludo’. Ludovic Courtès (7): git: Remove Guile-Git < 0.4.0 compatibility fallback. git: Allow X.509 certificate verification to be disabled. guix download: Honor ‘--no-check-certificate’ for ‘--git’. channels: Add #:verify-certificate? and honor it. pull: Add ‘--no-check-certificate’. inferior: Add #:verify-certificate? to ‘cached-channel-instance’. time-machine: Add ‘--no-check-certificate’. doc/guix.texi | 8 ++++ guix/channels.scm | 22 ++++++++--- guix/git.scm | 72 ++++++++++++++++++++++++----------- guix/inferior.scm | 24 ++++++++---- guix/scripts/download.scm | 34 +++++++++-------- guix/scripts/pull.scm | 16 ++++++-- guix/scripts/time-machine.scm | 14 ++++++- 7 files changed, 134 insertions(+), 56 deletions(-) base-commit: dcaccc8b722cee279c00bb321baa48ae73563931 -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:04 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:04 +0000 Received: from localhost ([127.0.0.1]:60044 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kt-0005TI-IB for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:04 -0500 Received: from eggs.gnu.org ([209.51.188.92]:52832) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9ks-0005ST-6A for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:02 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9km-0002P6-VE; Tue, 10 Dec 2024 18:34:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=HTZbWmZGhER0Oyu1yj0gCCZqCyXoPAm5/xH3oUx3cMs=; b=enCzhvGa2rDqptpQtgxO qhZOBnNvm7bHkE9u54M5LXk2DcuuTUe94zPoj8jylY76+RiypPeKIYdsdiQagWnQOtT1XljBzIdCb eru7PuMkID8A1opaRfFDi68a11vARPm5r9nsHCGnbVDW2sx76yDXS8+1l3TdKUdklOcMDNxdsZ0yn OrHAxRCBQxA6SLasW3ruuS4TUksarySK9pESfDVPkDeJ9q2Xr77+fQSy3Fuuws81dfMZ17UP6dQny CZXmAbgiQYFGszZ07rAtNY3JPHmLfNrdpdphp1XPPvPGWvvPtv7M5xPZI8F35FFa4tLQ1bSu0pZUK L55iWsGDHnjxYA==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 1/7] git: Remove Guile-Git < 0.4.0 compatibility fallback. Date: Wed, 11 Dec 2024 00:34:40 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Guile-Git 0.4.0 was released in October 2020. * guix/git.scm (make-default-fetch-options): Remove ‘wrong-number-of-args’ fallback. Change-Id: I5ebcb7212fd96241ea5defc4127e9880a6dd9667 --- guix/git.scm | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/guix/git.scm b/guix/git.scm index 410cd4c153..1b0839b1e3 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -185,19 +185,13 @@ (define (show-progress progress) (define (make-default-fetch-options) "Return the default fetch options." (let ((auth-method (%make-auth-ssh-agent))) - ;; The #:transfer-progress and #:proxy-url options appeared in Guile-Git - ;; 0.4.0. Omit them when using an older version. - (catch 'wrong-number-of-args - (lambda () - (make-fetch-options auth-method - ;; Guile-Git doesn't distinguish between these. - #:proxy-url (or (getenv "http_proxy") - (getenv "https_proxy")) - #:transfer-progress - (and (isatty? (current-error-port)) - show-progress))) - (lambda args - (make-fetch-options auth-method))))) + (make-fetch-options auth-method + ;; Guile-Git doesn't distinguish between these. + #:proxy-url (or (getenv "http_proxy") + (getenv "https_proxy")) + #:transfer-progress + (and (isatty? (current-error-port)) + show-progress)))) (define GITERR_HTTP ;; Guile-Git <= 0.5.2 lacks this constant. -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:08 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:08 +0000 Received: from localhost ([127.0.0.1]:60052 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kx-0005U4-Gh for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:08 -0500 Received: from eggs.gnu.org ([209.51.188.92]:52844) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kt-0005SU-2D for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:03 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9kn-0002PH-Sc; Tue, 10 Dec 2024 18:34:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=lgOCsVTfZNd/lxKNLlV7JkSB2c8g32K+RXStQk+5hmE=; b=qnQO+c4jb58pqLzkWOpz h9J+fleWknnbREeZQzmcQUChvgP1xdnlLus6NI9CK3GBSrQJbB+MJ/vlIwUR+EkPp2Ao7R1X1h5y3 Xx4v8dDC8oSPlTl+C4KAwmbZzuLW4Po1zEcBrXWOMGCmHT4jXBZIm8h9SlWC65txZ3VyFS9oQx88T X7L9g9/JqK/yQaIPPi+7EPEYYBBHlJgRlaqmIVIJlzGqo93jpi1sKC+GH2klJ6iKD90EOabYb17Hy ejdg7P8sVQtM5QS827e19Rt3Q1hDBm0MbXl8ljiQgBnpxzp3JJBpuxFOVPwAhxjIUTO7PIBbph80l 1zT4mXDPb5Xh7g==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 2/7] git: Allow X.509 certificate verification to be disabled. Date: Wed, 11 Dec 2024 00:34:41 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * guix/git.scm (make-default-fetch-options): Add #:verify-certificate? and honor it. Define ‘warn-for-invalid-certificate’. (clone*): Add #:verify-certificate? and pass it on. (clone/swh-fallback): Likewise. (update-cached-checkout): Likewise. (latest-repository-commit): Likewise. Change-Id: Ibf535a4a8d2a7e0c4026a896da9d4ab72e85401a --- guix/git.scm | 66 ++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 17 deletions(-) diff --git a/guix/git.scm b/guix/git.scm index 1b0839b1e3..6ac6e4e3a2 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -182,16 +182,29 @@ (define (show-progress progress) ;; Return true to indicate that we should go on. #t) -(define (make-default-fetch-options) - "Return the default fetch options." - (let ((auth-method (%make-auth-ssh-agent))) - (make-fetch-options auth-method - ;; Guile-Git doesn't distinguish between these. - #:proxy-url (or (getenv "http_proxy") - (getenv "https_proxy")) - #:transfer-progress - (and (isatty? (current-error-port)) - show-progress)))) +(define* (make-default-fetch-options #:key (verify-certificate? #t)) + "Return the default fetch options. VERIFY-CERTIFICATE? determines whether +to verify X.509 host certificates." + (define (warn-for-invalid-certificate host valid?) + (unless valid? + (warning (G_ "ignoring invalid certificate for '~a'~%") host))) + + (let* ((auth-method (%make-auth-ssh-agent)) + (options + (make-fetch-options auth-method + ;; Guile-Git doesn't distinguish between these. + #:proxy-url (or (getenv "http_proxy") + (getenv "https_proxy")) + #:transfer-progress + (and (isatty? (current-error-port)) + show-progress)))) + ;; When VERIFY-CERTIFICATE? is true, keep the default libgit2 behavior, + ;; which is to raise an exception upon invalid certificates. + (unless verify-certificate? + (let ((callbacks (fetch-options-remote-callbacks options))) + (set-remote-callbacks-certificate-check! callbacks + warn-for-invalid-certificate))) + options)) (define GITERR_HTTP ;; Guile-Git <= 0.5.2 lacks this constant. @@ -213,7 +226,7 @@ (define (set-git-timeouts connection-timeout read-timeout) read-timeout) (set-server-timeout! read-timeout))) -(define (clone* url directory) +(define* (clone* url directory #:key (verify-certificate? #t)) "Clone git repository at URL into DIRECTORY. Upon failure, make sure no empty directory is left behind." (with-throw-handler #t @@ -222,7 +235,8 @@ (define (clone* url directory) (clone url directory (make-clone-options - #:fetch-options (make-default-fetch-options)))) + #:fetch-options (make-default-fetch-options + #:verify-certificate? verify-certificate?)))) (lambda _ (false-if-exception (rmdir directory))))) @@ -445,7 +459,8 @@ (define (clone-from-swh url tag-or-commit output) (remote-set-url! repository "origin" url) repository))))) -(define (clone/swh-fallback url ref cache-directory) +(define* (clone/swh-fallback url ref cache-directory + #:key (verify-certificate? #t)) "Like 'clone', but fallback to Software Heritage if the repository cannot be found at URL." (define (inaccessible-url-error? err) @@ -456,7 +471,8 @@ (define (clone/swh-fallback url ref cache-directory) (catch 'git-error (lambda () - (clone* url cache-directory)) + (clone* url cache-directory + #:verify-certificate? verify-certificate?)) (lambda (key err) (match ref (((or 'commit 'tag-or-commit) . commit) @@ -526,6 +542,7 @@ (define* (update-cached-checkout url (check-out? #t) starting-commit (log-port (%make-void-port "w")) + (verify-certificate? #t) (cache-directory (url-cache-directory url (%repository-cache-directory) @@ -544,6 +561,9 @@ (define* (update-cached-checkout url When CHECK-OUT? is true, reset the cached working tree to REF; otherwise leave it unchanged. +When VERIFY-CERTIFICATE? is true, raise an error when encountering an invalid +X.509 host certificate; otherwise, warn about the problem and keep going. + Wait for up to CONNECTION-TIMEOUT milliseconds when establishing connection to the remote server, and for up to READ-TIMEOUT milliseconds when reading from it. When zero, use the system defaults for these timeouts; when false, leave @@ -573,15 +593,22 @@ (define* (update-cached-checkout url (let* ((cache-exists? (openable-repository? cache-directory)) (repository (if cache-exists? (repository-open cache-directory) - (clone/swh-fallback url ref cache-directory)))) + (clone/swh-fallback url ref cache-directory + #:verify-certificate? + verify-certificate?)))) ;; Only fetch remote if it has not been cloned just before. (when (and cache-exists? (not (reference-available? repository ref))) (remote-fetch (remote-lookup repository "origin") - #:fetch-options (make-default-fetch-options))) + #:fetch-options (make-default-fetch-options + #:verify-certificate? + verify-certificate?))) (when recursive? (update-submodules repository #:log-port log-port - #:fetch-options (make-default-fetch-options))) + #:fetch-options + (make-default-fetch-options + #:verify-certificate? + verify-certificate?))) ;; Note: call 'commit-relation' from here because it's more efficient ;; than letting users re-open the checkout later on. @@ -632,6 +659,7 @@ (define* (latest-repository-commit store url #:key recursive? (log-port (%make-void-port "w")) + (verify-certificate? #t) (cache-directory (%repository-cache-directory)) (ref '())) @@ -644,6 +672,9 @@ (define* (latest-repository-commit store url When RECURSIVE? is true, check out submodules as well, if any. +When VERIFY-CERTIFICATE? is true, raise an error when encountering an invalid +X.509 host certificate; otherwise, warn about the problem and keep going. + Git repositories are kept in the cache directory specified by %repository-cache-directory parameter. @@ -668,6 +699,7 @@ (define* (latest-repository-commit store url (url-cache-directory url cache-directory #:recursive? recursive?) + #:verify-certificate? verify-certificate? #:log-port log-port)) ((name) (url+commit->name url commit))) -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:09 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:09 +0000 Received: from localhost ([127.0.0.1]:60054 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9ky-0005U6-4u for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:08 -0500 Received: from eggs.gnu.org ([209.51.188.92]:52858) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9ku-0005Sc-2H for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:05 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9ko-0002PS-S9; Tue, 10 Dec 2024 18:34:58 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=xMNozuDFaIcsOhBzPjyxJk0tD8mBPU08DflTV9ZKMfI=; b=cXaOh+bzZbXl/GwX0CpX HWCNEsdiNTTibxcchI/0efggo+fHaIBYNSY4BjCK7sNDPC47W/zkmpjpjrRTacK7n3+X7XBqzDT4D WZKckBrt0jIyGgRISEZPQ44FbySAkvzkdOUJ/HRDzL/l9Vlj1DbLHN87xjXwkuYIyVA5FvspTBSSd z+HRW9ochfmxxeDGSJnkVPz1PnGM/v/AWwD8WOkMGFN5P2TqfmQQu7fcmI9ULZ1P3osvUCbRkep9b TqNQfcMGxVwqo+h9a7pbSxAzCfB/iYu+wg+uhXWpaw5ZLZReWV5G5YmeCkTjPMWW8Z8bDnQhQmCnA Tb+nBxAbatxNGQ==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 3/7] =?UTF-8?q?guix=20download:=20Honor=20=E2=80=98--no-ch?= =?UTF-8?q?eck-certificate=E2=80=99=20for=20=E2=80=98--git=E2=80=99.?= Date: Wed, 11 Dec 2024 00:34:42 +0100 Message-ID: <4c0835f5958108ad2235c4bb63f22d2b742356d2.1733873391.git.ludo@gnu.org> X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Until now ‘--no-check-certificate’ had no effect when combined with ‘--git’. This can be tested with: guix shell libfaketime -- faketime 2019-01-01 \ guix download --no-check-certificate --git \ https://git.savannah.gnu.org/git/shepherd.git * guix/scripts/download.scm (git-download-to-file): Add #:verify-certificate? and honor it. (git-download-to-store*): Likewise. (add-git-download-option): Likewise. (%options): Likewise. Change-Id: Ib3905398199d814a02319ed3328eb8a4ed219bd5 --- guix/scripts/download.scm | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/guix/scripts/download.scm b/guix/scripts/download.scm index de68e6f328..f373e46941 100644 --- a/guix/scripts/download.scm +++ b/guix/scripts/download.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2012, 2013, 2015, 2016, 2017, 2020 Ludovic Courtès +;;; Copyright © 2012-2013, 2015-2017, 2020, 2024 Ludovic Courtès ;;; Copyright © 2021 Simon Tournier ;;; ;;; This file is part of GNU Guix. @@ -94,7 +94,8 @@ (define (copy-recursively-without-dot-git source destination) #t source)) -(define (git-download-to-file url file reference recursive?) +(define* (git-download-to-file url file reference recursive? + #:key (verify-certificate? #t)) "Download the git repo at URL to file, checked out at REFERENCE. REFERENCE must be a pair argument as understood by 'latest-repository-commit'. Return FILE." @@ -108,7 +109,8 @@ (define (git-download-to-file url file reference recursive?) (else url)))) (copy-recursively-without-dot-git (with-git-error-handling - (update-cached-checkout url #:ref reference #:recursive? recursive?)) + (update-cached-checkout url #:ref reference #:recursive? recursive? + #:verify-certificate? verify-certificate?)) file)) file) @@ -151,12 +153,13 @@ (define* (git-download-to-store* url (string-drop url (string-length "file:"))) url))) (with-store store - ;; TODO: Verify certificate support and deactivation. (with-git-error-handling (latest-repository-commit store url #:recursive? recursive? - #:ref reference))))) + #:ref reference + #:verify-certificate? + verify-certificate?))))) (define %default-options ;; Alist of default option values. @@ -207,9 +210,10 @@ (define (show-help) (define (add-git-download-option result) (alist-cons 'download-proc - ;; XXX: #:verify-certificate? currently ignored. (lambda* (url #:key verify-certificate? ref recursive?) - (git-download-to-store* url ref recursive?)) + (git-download-to-store* url ref recursive? + #:verify-certificate? + verify-certificate?)) (alist-delete 'download result))) (define %options @@ -243,20 +247,20 @@ (define %options (alist-cons 'verify-certificate? #f result))) (option '(#\o "output") #t #f (lambda (opt name arg result) - (let* ((git - (assoc-ref result 'git-reference))) + (let* ((git (assoc-ref result 'git-reference))) (if git (alist-cons 'download-proc - (lambda* (url - #:key - verify-certificate? - ref - recursive?) + (lambda* (url #:key + (verify-certificate? #t) + ref + recursive?) (git-download-to-file url arg (assoc-ref result 'git-reference) - recursive?)) + recursive? + #:verify-certificate? + verify-certificate?)) (alist-delete 'download result)) (alist-cons 'download-proc (lambda* (url -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:10 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:11 +0000 Received: from localhost ([127.0.0.1]:60058 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kz-0005UI-8Q for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:10 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39848) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kv-0005Se-2x for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:05 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9kp-0002Pe-Pk; Tue, 10 Dec 2024 18:34:59 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=C12T3M4qjwe2uqZc0ZAenMUCgNo7S1ZYvf3oErX3FTs=; b=opBvRxC2Y0mXoIg78lMm MP/Kds+QT4FuO+3IqVsCPMX04+ELqZfDd8ynKK8vfUblFc15EnnnsELn0ctce963jvnSk/SEuXJaw YMh4g6FG07Iuo9F3rJIECaZx7hrHRmzmBsymmd4zUJ3O7+BlPSy4TTuU00xWJUF0N5Ct3kK0gO1pC dkNQuanGrhuhKg2+l0uAIGJMCvMtgn+4hurIzU+TigPTv/NfZgc8o37OEX/A1byfTpVokp6c27yaO SGAuD12btsJ/kd8pjTGhlfMQlJsL6eGGaacLsUi17DeStAGsuQodWwLKI2DA9Makd/N8/1dWEfSSZ SFJOwhdPbN1VEQ==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 4/7] channels: Add #:verify-certificate? and honor it. Date: Wed, 11 Dec 2024 00:34:43 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * guix/channels.scm (latest-channel-instance): Add #:verify-certificate? and pass it on. (latest-channel-instances): Likewise. Change-Id: I43564738dfeefa5b735e6f9e349f9f5596d25164 --- guix/channels.scm | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/guix/channels.scm b/guix/channels.scm index 34f63eb833..4700f7a45d 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -407,12 +407,15 @@ (define* (authenticate-channel channel checkout commit (define* (latest-channel-instance store channel #:key (patches %patches) starting-commit - (authenticate? #f) + (authenticate? #t) (validate-pull - ensure-forward-channel-update)) + ensure-forward-channel-update) + (verify-certificate? #t)) "Return the latest channel instance for CHANNEL. When STARTING-COMMIT is true, call VALIDATE-PULL with CHANNEL, STARTING-COMMIT, the target commit, and -their relation. When AUTHENTICATE? is false, CHANNEL is not authenticated." +their relation. When AUTHENTICATE? is false, CHANNEL is not authenticated. +When VERIFY-CERTIFICATE? is false, invalid X.509 host certificates are +accepted." (define (dot-git? file stat) (and (string=? (basename file) ".git") (eq? 'directory (stat:type stat)))) @@ -421,7 +424,8 @@ (define* (latest-channel-instance store channel (checkout commit relation (update-cached-checkout (channel-url channel) #:ref (channel-reference channel) - #:starting-commit starting-commit))) + #:starting-commit starting-commit + #:verify-certificate? verify-certificate?))) (when relation (validate-pull channel starting-commit commit relation)) @@ -505,13 +509,17 @@ (define* (latest-channel-instances store channels (current-channels '()) (authenticate? #t) (validate-pull - ensure-forward-channel-update)) + ensure-forward-channel-update) + (verify-certificate? #t)) "Return a list of channel instances corresponding to the latest checkouts of CHANNELS and the channels on which they depend. When AUTHENTICATE? is true, authenticate the subset of CHANNELS that has a \"channel introduction\". +When VERIFY-CERTIFICATE? is false, invalid X.509 host certificates are +accepted. + CURRENT-CHANNELS is the list of currently used channels. It is compared against the newly-fetched instances of CHANNELS, and VALIDATE-PULL is called for each channel update and can choose to emit warnings or raise an error, @@ -562,7 +570,9 @@ (define* (latest-channel-instances store channels #:validate-pull validate-pull #:starting-commit - current))) + current + #:verify-certificate? + verify-certificate?))) (when authenticate? ;; CHANNEL is authenticated so we can trust the ;; primary URL advertised in its metadata and warn -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:12 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:12 +0000 Received: from localhost ([127.0.0.1]:60062 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9l0-0005Ug-U4 for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:11 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39850) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kw-0005Sg-1t for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:06 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9kq-0002Pq-Ra; Tue, 10 Dec 2024 18:35:00 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=ZpHBPYx5+heUxCw5fDOkvdOYuBiHXoqqcOLUWK8laCQ=; b=R7DxHyhPMbnv/VcGvNEA vxIsiK725/icdkMvKPAjPoWs0VOGVuyQzFh9e6SbC5EnnfKXKbbNk34ZQG5lP9UnHI/zEwIuGsnn2 JP1KvzXyCV/kUs4B+DSguwsbRAiolGWqwSYgSXqoVMzGJNHx7Yb6RvaZn7PLqJWF77f/7X+9hJLZR HKipzmkThr2mf3FGLUUktV+CRenZVLMxhmARkUrUMOkoNRcKOo7TcLELOiD+RWm0hYTvIvR5HjYlb ZqVjyulPBpPs6qI55MDMwBTzQVrT6bHK+q0Sx0EZt7EAHuODLRpp8gmPIrqK0kKUid5mXdF1TS9yB BzgcY7f2lQAiSg==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 5/7] =?UTF-8?q?pull:=20Add=20=E2=80=98--no-check-certifica?= =?UTF-8?q?te=E2=80=99.?= Date: Wed, 11 Dec 2024 00:34:44 +0100 Message-ID: X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Maxim Cournoyer , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) This can be tested with: guix shell libfaketime -- faketime 2019-01-01 \ guix pull -q --no-check-certificate -p /tmp/p * guix/scripts/pull.scm (%options, show-help): Add ‘--no-check-certificate’. (%default-options): Add ‘verify-certificate?’ key. (guix-pull): Honor it. * doc/guix.texi (Invoking guix pull): Document it. Change-Id: Ia9d7af1c64156b112e86027fb637e2e02dae6e3c --- doc/guix.texi | 8 ++++++++ guix/scripts/pull.scm | 16 +++++++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index a2915de954..cad16a0660 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -4635,6 +4635,14 @@ Invoking guix pull @option{--disable-authentication}. @end quotation +@item --no-check-certificate +Do not validate the X.509 certificates of HTTPS servers. + +When using this option, you have @emph{absolutely no guarantee} that you +are communicating with the authentic server responsible for the given +URL. Unless the channel is authenticated, this makes you vulnerable to +``man-in-the-middle'' attacks. + @item --system=@var{system} @itemx -s @var{system} Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index 58d3cd7e83..76aed0b5cc 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2013-2015, 2017-2023 Ludovic Courtès +;;; Copyright © 2013-2015, 2017-2024 Ludovic Courtès ;;; Copyright © 2017 Marius Bakke ;;; Copyright © 2020, 2021 Tobias Geerinckx-Rice ;;; @@ -77,6 +77,7 @@ (define %default-options (debug . 0) (verbosity . 1) (authenticate-channels? . #t) + (verify-certificate? . #t) (validate-pull . ,ensure-forward-channel-update))) (define (show-help) @@ -98,6 +99,9 @@ (define (show-help) (display (G_ " --disable-authentication disable channel authentication")) + (display (G_ " + --no-check-certificate + do not validate the certificate of HTTPS servers")) (display (G_ " -N, --news display news compared to the previous generation")) (display (G_ " @@ -183,6 +187,9 @@ (define %options (option '("disable-authentication") #f #f (lambda (opt name arg result) (alist-cons 'authenticate-channels? #f result))) + (option '("no-check-certificate") #f #f + (lambda (opt name arg result) + (alist-cons 'verify-certificate? #f result))) (option '(#\p "profile") #t #f (lambda (opt name arg result) (alist-cons 'profile (canonicalize-profile arg) @@ -845,7 +852,8 @@ (define-command (guix-pull . args) (profile (or (assoc-ref opts 'profile) %current-profile)) (current-channels (profile-channels profile)) (validate-pull (assoc-ref opts 'validate-pull)) - (authenticate? (assoc-ref opts 'authenticate-channels?))) + (authenticate? (assoc-ref opts 'authenticate-channels?)) + (verify-certificate? (assoc-ref opts 'verify-certificate?))) (cond ((assoc-ref opts 'query) (process-query opts profile)) @@ -877,7 +885,9 @@ (define-command (guix-pull . args) #:validate-pull validate-pull #:authenticate? - authenticate?))) + authenticate? + #:verify-certificate? + verify-certificate?))) (format (current-error-port) (N_ "Building from this channel:~%" "Building from these channels:~%" -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:17 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:17 +0000 Received: from localhost ([127.0.0.1]:60065 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9l6-0005Y7-8t for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:17 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39866) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9ky-0005TH-FJ for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:09 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9kt-0002Uw-1n; Tue, 10 Dec 2024 18:35:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=p17ggAbyAeGglmwSyQVAFYFphqkimWtTXp9aVZjSqgQ=; b=bJow8PumT09De7hiiR9H Y+j7LBxZNZqr8pzkWvY1bAsc+9FGyrBoItbf0aI+1pqe+Ba+ctyJfAdkz3aYagQ66zKS0Fmxjp+Ot 0wZVGX066/qEM0nR2eOPq4+VVWOuK+0xzuCwul3jJRvOv0g7iEaA15snwwOQ+yAiIPuzxDQXrDozu 816mj/UtiqfF3QzpBBIz3mIUN6QtZYcyx1Rn9xK+R3t2OqSK+bYXN7AWfNd6Ggk6vW0xrbnsNP9vy a65z4yZ5z4P0+udv3XnZBwPSMaRsWHaldeo/rTyGOnZDEUvn0FnvLpTYK9XtbobZY2E8GVb09xonY QesOsrw81QKN3g==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 6/7] =?UTF-8?q?inferior:=20Add=20#:verify-certificate=3F?= =?UTF-8?q?=20to=20=E2=80=98cached-channel-instance=E2=80=99.?= Date: Wed, 11 Dec 2024 00:34:45 +0100 Message-ID: <2ca2cc830049e38f4ef6dde25da3a111ca99e8d1.1733873391.git.ludo@gnu.org> X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * guix/inferior.scm (channel-full-commit): Add #:verify-certificate? and pass it on. (cached-channel-instance): Likewise. Change-Id: I9882660ac9eee2c4d9bb5e227979fd8de10555b1 --- guix/inferior.scm | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/guix/inferior.scm b/guix/inferior.scm index b60bf1ab01..8066cce2fc 100644 --- a/guix/inferior.scm +++ b/guix/inferior.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2018-2023 Ludovic Courtès +;;; Copyright © 2018-2024 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; @@ -864,7 +864,7 @@ (define %inferior-cache-directory (make-parameter (string-append (cache-directory #:ensure? #f) "/inferiors"))) -(define (channel-full-commit channel) +(define* (channel-full-commit channel #:key (verify-certificate? #t)) "Return the commit designated by CHANNEL as quickly as possible. If CHANNEL's 'commit' field is a full SHA1, return it as-is; if it's a SHA1 prefix, resolve it; and if 'commit' is unset, fetch CHANNEL's branch tip." @@ -876,7 +876,8 @@ (define (channel-full-commit channel) (cache commit relation (update-cached-checkout (channel-url channel) #:ref ref - #:check-out? #f))) + #:check-out? #f + #:verify-certificate? verify-certificate?))) commit)))) (define* (cached-channel-instance store @@ -886,7 +887,8 @@ (define* (cached-channel-instance store (cache-directory (%inferior-cache-directory)) (ttl (* 3600 24 30)) (reference-channels '()) - (validate-channels (const #t))) + (validate-channels (const #t)) + (verify-certificate? #t)) "Return a directory containing a guix filetree defined by CHANNELS, a list of channels. The directory is a subdirectory of CACHE-DIRECTORY, where entries can be reclaimed after TTL seconds. This procedure opens a new connection to the @@ -895,12 +897,18 @@ (define* (cached-channel-instance store VALIDATE-CHANNELS must be a four-argument procedure used to validate channel instances against REFERENCE-CHANNELS; it is passed as #:validate-pull to 'latest-channel-instances' and should raise an exception in case a target -channel commit is deemed \"invalid\"." +channel commit is deemed \"invalid\". + +When VERIFY-CERTIFICATE? is true, raise an error when encountering an invalid +X.509 host certificate; otherwise, warn about the problem and keep going." (define commits ;; Since computing the instances of CHANNELS is I/O-intensive, use a ;; cheaper way to get the commit list of CHANNELS. This limits overhead ;; to the minimum in case of a cache hit. - (map channel-full-commit channels)) + (map (lambda (channel) + (channel-full-commit channel + #:verify-certificate? verify-certificate?)) + channels)) (define key (bytevector->base32-string @@ -951,7 +959,9 @@ (define* (cached-channel-instance store #:current-channels reference-channels #:validate-pull - validate-channels)) + validate-channels + #:verify-certificate? + verify-certificate?)) (profile (channel-instances->derivation instances))) (mbegin %store-monad -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 18:35:18 2024 Received: (at 74776) by debbugs.gnu.org; 10 Dec 2024 23:35:18 +0000 Received: from localhost ([127.0.0.1]:60067 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9l7-0005ZQ-HR for submit@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:17 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39876) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tL9kz-0005TT-2u for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 18:35:10 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tL9kt-0002b9-SI; Tue, 10 Dec 2024 18:35:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To: From; bh=GTlCADlZ1AP8lQOQ3qonievBGRLFBAlMDgD5anqEijU=; b=qz9bpwqNLAa47hpK530Y dfDkmEYQ0FglQabnisMO1kjtFp+x6XG28yBuoSvkE/8bdNhPvHz4lS/5BH9stuT5NgmINi/V9VoWj 1rdDiCCLCat+fRIOyckevDLTpT7B8POy9SVjshWgKUEuX0tKUMRLX6+nAuEHKm+StW32QffFx5F5+ xE6r3j0GIh20uNfe9iTpat/n8SGYAwWRVrmWGCvZcPvcIwmVsN5ZOGIZrbgIWFXOa+v0yexc71ZVT SrXUYAmViPOyhZao/ukPT4rkQjjyoi9Skr+TRnJvzcuOqKjtbIgLEbc3LaoXv8L3zqvchsX6VmQk8 /85rYeTNKsJBKQ==; From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= To: 74776@debbugs.gnu.org Subject: [PATCH 7/7] =?UTF-8?q?time-machine:=20Add=20=E2=80=98--no-check-c?= =?UTF-8?q?ertificate=E2=80=99.?= Date: Wed, 11 Dec 2024 00:34:46 +0100 Message-ID: <54a8cf29cc3853916105da244a8c56b0b060fc29.1733873391.git.ludo@gnu.org> X-Mailer: git-send-email 2.46.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Debbugs-Cc: Christopher Baines , Josselin Poiret , Ludovic Courtès , Mathieu Othacehe , Simon Tournier , Tobias Geerinckx-Rice Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776 Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) This can be tested with: guix shell libfaketime -- faketime 2019-01-01 \ guix time-machine -q --no-check-certificate * guix/scripts/time-machine.scm (%options, show-help): Add ‘--no-check-certificate’. (%default-options): Add ‘verify-certificate?’ key. (guix-time-machine): Honor it. Change-Id: I25a29d03d4df78d1618c6a416ec85fd8e90fec6c --- guix/scripts/time-machine.scm | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/guix/scripts/time-machine.scm b/guix/scripts/time-machine.scm index 21145239d4..0fd2d15eb5 100644 --- a/guix/scripts/time-machine.scm +++ b/guix/scripts/time-machine.scm @@ -70,6 +70,9 @@ (define (show-help) (display (G_ " --disable-authentication disable channel authentication")) + (display (G_ " + --no-check-certificate + do not validate the certificate of HTTPS servers")) (newline) (show-build-options-help) (newline) @@ -101,6 +104,9 @@ (define %options (option '("disable-authentication") #f #f (lambda (opt name arg result) (alist-cons 'authenticate-channels? #f result))) + (option '("no-check-certificate") #f #f + (lambda (opt name arg result) + (alist-cons 'verify-certificate? #f result))) (option '(#\h "help") #f #f (lambda args (leave-on-EPIPE (show-help)) @@ -120,6 +126,7 @@ (define %default-options (print-extended-build-trace? . #t) (multiplexed-build-output? . #t) (authenticate-channels? . #t) + (verify-certificate? . #t) (graft? . #t) (debug . 0) (verbosity . 1))) @@ -180,7 +187,8 @@ (define-command (guix-time-machine . args) (command-line (assoc-ref opts 'exec)) (ref (assoc-ref opts 'ref)) (substitutes? (assoc-ref opts 'substitutes?)) - (authenticate? (assoc-ref opts 'authenticate-channels?))) + (authenticate? (assoc-ref opts 'authenticate-channels?)) + (verify-certificate? (assoc-ref opts 'verify-certificate?))) (let* ((directory (with-store store (with-status-verbosity (assoc-ref opts 'verbosity) @@ -195,7 +203,9 @@ (define-command (guix-time-machine . args) #:reference-channels %reference-channels #:validate-channels - validate-guix-channel))))) + validate-guix-channel + #:verify-certificate? + verify-certificate?))))) (executable (string-append directory "/bin/guix"))) (if command-line (apply execl (cons* executable executable command-line)) -- 2.46.0 From debbugs-submit-bounces@debbugs.gnu.org Tue Dec 10 21:46:52 2024 Received: (at 74776) by debbugs.gnu.org; 11 Dec 2024 02:46:53 +0000 Received: from localhost ([127.0.0.1]:60596 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tLCkS-0002qs-8n for submit@debbugs.gnu.org; Tue, 10 Dec 2024 21:46:52 -0500 Received: from mail-pf1-f174.google.com ([209.85.210.174]:48618) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tLCkQ-0002qb-3C for 74776@debbugs.gnu.org; Tue, 10 Dec 2024 21:46:46 -0500 Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-728f1525565so33496b3a.1 for <74776@debbugs.gnu.org>; Tue, 10 Dec 2024 18:46:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733885140; x=1734489940; darn=debbugs.gnu.org; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to; bh=3qAr+LeaIwCbScwzzoSdBOHEeTMLzd+WAI+yF1I6d8s=; b=Mj+YSyBLPlzcYrhQcnnkWADvO/8UlHk1mjdiNLjQIGcJJLZ+BJ+bpny54MBfDS3Ad4 aoZa3sZX5Qaw3avCIxeIZKB8gX1dRAxk6IC81mhoqAhB9F6dyRvksv8MMwyrY0EsbITS qbgTlN1p5k0ks4Op6oA261EToYHnaEa1UehZNiqIjeg3C1tweIvHHDHIjFV7kR94eRo7 nnFEKacE6OVgP6K78aMXBDAWdh8CvjqU5J3oqqI8jdK4JYAkmaKPfqKK08N3hPkK6QBv opQCMC8YYe9u9V6MGJBEaNoI1UA5mMnlcdHkev8E3CWBbsXOfcYmu1hCxDkRw7B5TJjh tXWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733885140; x=1734489940; h=mime-version:user-agent:message-id:date:references:in-reply-to :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=3qAr+LeaIwCbScwzzoSdBOHEeTMLzd+WAI+yF1I6d8s=; b=CrqzHl+yJX/22QUdJcOLtMmERt8idLs4gfo6xDjIqWr6dou/J84sqtyhZXYbz3+LjV SVwtjrpXx1ioZPVbSRL9s3TdGBDPnWDWtf+azjMFcSo1oANde3//FiYfoJiNsBT7j7zW Nye0JO1ZrRDIIScm8CceeJahqD6DBtqNWcgAk+NRAS/u+Sh0nBlT+f0pkzFFIxmNezz1 o3NKECNGkdDv8xAHw0Pcy8CIV1n8BlhswIQ59VjCM9RquKsHrecPnnIDu2xQli5ydGhJ +OQpl0Yht4DtJPRAZbONSkV+GfLAZjzTsWsySmIeTn9uBti9V3qCI4KYj9qJhKZmlOyC 07Fg== X-Gm-Message-State: AOJu0YzWXWyADt0o0m82ZyxupEm+H/2hGnNH7teXIUecTanw+3xZffNd +u0WSLS2Uu44tT/HQJLNCYqeQLx452+2w3zWpwTgtkgOjvW0Eu4/ X-Gm-Gg: ASbGnctlI7blEsrC6h8ht8+1x5O++e3TUjYrpcIvG6HR6Ln+9AewMLbNZdgT3lCIdJn IdXww3DeTNxJzbyAfKQhrm8zmeOo1Nd6kOoaUu/PB/WzVK7No3xIgZfCsJY/F+tjvV4H0HYSmtA p0JiOdEJr1If1Rto3tuGLPI4lR02bnmjhR5vGrUbdDWZQi6qsYWRlu5lG4gRmTZ4aQZBfPgvlRH pURudu5T9F3eM0aqKAwUs1BZ+oZB2OtVYHj6C4Ee0C3C4b8GcY= X-Google-Smtp-Source: AGHT+IEXIbJsVpQ1lG6JzpsSFVbjOWEeS8usxGff+PgFDt23TLJtikqYXX4N06BBw0V9GfddE1KPzg== X-Received: by 2002:a05:6a21:328f:b0:1e0:c30a:6f22 with SMTP id adf61e73a8af0-1e1c1437098mr2315999637.40.1733885140554; Tue, 10 Dec 2024 18:45:40 -0800 (PST) Received: from terra ([2405:6586:be0:0:c8ff:1707:9b9:af89]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-725dad8ada1sm6413154b3a.140.2024.12.10.18.45.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Dec 2024 18:45:39 -0800 (PST) From: Maxim Cournoyer To: Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: [bug#74776] [PATCH 5/7] pull: Add =?utf-8?Q?=E2=80=98--no-che?= =?utf-8?Q?ck-certificate=E2=80=99=2E?= In-Reply-To: ("Ludovic =?utf-8?Q?Court=C3=A8s=22's?= message of "Wed, 11 Dec 2024 00:34:44 +0100") References: Date: Wed, 11 Dec 2024 11:45:30 +0900 Message-ID: <87bjxjgcol.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 74776 Cc: Josselin Poiret , Simon Tournier , 74776@debbugs.gnu.org, Mathieu Othacehe , Tobias Geerinckx-Rice , Christopher Baines X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hello! I've read this commit's diff only (received because I'm in the documentation team I think), and it looks good to me! Here's my badge of approval: Reviewed-by: Maxim Cournoyer -- Thanks, Maxim From debbugs-submit-bounces@debbugs.gnu.org Wed Dec 25 17:54:38 2024 Received: (at 74776-done) by debbugs.gnu.org; 25 Dec 2024 22:54:38 +0000 Received: from localhost ([127.0.0.1]:39312 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tQaH0-0005kY-8U for submit@debbugs.gnu.org; Wed, 25 Dec 2024 17:54:38 -0500 Received: from eggs.gnu.org ([209.51.188.92]:33208) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1tQaGy-0005kD-Lo for 74776-done@debbugs.gnu.org; Wed, 25 Dec 2024 17:54:37 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tQaGp-00089V-S2; Wed, 25 Dec 2024 17:54:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=ppyHrhwGNT78UlbXQBkCSWOBw/GyroYpwqCboYgfgM8=; b=sKb7WRN5OWg89O/YxuzX tzdLkD6vhlBkYtA7PJYyCbQIWXPKhWk4y0v5SCyUC/thmn9+O+upzFIWbbZGXzkNteLzpBWkXKf05 tUbT00tGtY86NUnyoTZ7tT9wtphg48HT+dITA2ROZZE1ioy8NwOy93ePBea70FlYhVLfWE+hE/4Tn Y8TH7kTUvrj4GlF07XQULAgLJo79HSZzEVKtJm/YhXVyk4mEdKkWZDbBn8BwikTRlgkdGscKTLxYe wjvknfpXD5l/etUo0cnS6ODJWfOZkldDmqNglbbdzycFET/hwFGXEy0Qv/9Yy8FeSJdRax3q7pwmF dBMpjnOMaLJN0w==; From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: 74776-done@debbugs.gnu.org Subject: Re: [bug#74776] [PATCH 0/7] Adding '--no-check-certificate' to 'pull' and 'time-machine' In-Reply-To: ("Ludovic =?utf-8?Q?Court?= =?utf-8?Q?=C3=A8s=22's?= message of "Wed, 11 Dec 2024 00:33:22 +0100") References: Date: Wed, 25 Dec 2024 23:54:24 +0100 Message-ID: <871pxv2x27.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 74776-done Cc: Josselin Poiret , Nicolas Graves , Simon Tournier , Mathieu Othacehe , Tobias Geerinckx-Rice , Christopher Baines X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Ludovic Court=C3=A8s skribis: > git: Remove Guile-Git < 0.4.0 compatibility fallback. > git: Allow X.509 certificate verification to be disabled. > guix download: Honor =E2=80=98--no-check-certificate=E2=80=99 for =E2= =80=98--git=E2=80=99. > channels: Add #:verify-certificate? and honor it. > pull: Add =E2=80=98--no-check-certificate=E2=80=99. > inferior: Add #:verify-certificate? to =E2=80=98cached-channel-instance= =E2=80=99. > time-machine: Add =E2=80=98--no-check-certificate=E2=80=99. Pushed as e16cdcf37d8223b3634ec5e658356c3b7f154859. Ludo=E2=80=99. From unknown Mon Jun 16 23:45:32 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Thu, 23 Jan 2025 12:24:23 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator