* SVN download
@ 2014-03-25 13:04 Sree Harsha Totakura
2014-03-25 20:29 ` Ludovic Courtès
0 siblings, 1 reply; 3+ messages in thread
From: Sree Harsha Totakura @ 2014-03-25 13:04 UTC (permalink / raw)
To: guix-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I wrote a helper to download sources from SVN directories. I guess it
works but I am unable to test it as I get the following error while
validating the server SSL certificates:
> @ build-started
> /gnu/store/7826n7p4928dnrdgjslpjhkkm7mc40jj-svn-checkout.drv -
> x86_64-linux
> /usr/local/var/log/guix/drvs/78//26n7p4928dnrdgjslpjhkkm7mc40jj-svn-checkout.drv.bz2
>
>
Error validating server certificate for 'https://gnunet.org:443':
> - The certificate is not issued by a trusted authority. Use the
> fingerprint to validate the certificate manually! Certificate
> information: - Hostname: ng.gnunet.org - Valid: from Mon, 14 May
> 2012 12:14:28 GMT until Sun, 01 Jun 2014 04:00:00 GMT - Issuer:
> Technische Universitaet Muenchen, DE - Fingerprint:
> b5:75:8b:72:f8:8e:7e:04:b5:a7:bb:37:4a:b5:91:a6:3c:bb:19:51
> (R)eject, accept (t)emporarily or accept (p)ermanently? svn:
> E175002: Unable to connect to a repository at URL
> 'https://gnunet.org/svn/gnunet' svn: E175002: OPTIONS of
> 'https://gnunet.org/svn/gnunet': Server certificate verification
> failed: issuer is not trusted (https://gnunet.org) builder for
> `/gnu/store/7826n7p4928dnrdgjslpjhkkm7mc40jj-svn-checkout.drv'
> failed with exit code 1 @ build-failed
> /gnu/store/7826n7p4928dnrdgjslpjhkkm7mc40jj-svn-checkout.drv - 1
> builder for
> `/gnu/store/7826n7p4928dnrdgjslpjhkkm7mc40jj-svn-checkout.drv'
> failed with exit code 1 cannot build derivation
> `/gnu/store/dii1141l46gnn347lk11spqaqi15kgl9-svn-checkout.xz.drv':
> 1 dependencies couldn't be built cannot build derivation
> `/gnu/store/wb5p8rf206r6kx5070bszvg4iy49fzcy-gnunet-0.10.1-svn.drv':
> 1 dependencies couldn't be built guix build: error: build failed:
> build of
> `/gnu/store/wb5p8rf206r6kx5070bszvg4iy49fzcy-gnunet-0.10.1-svn.drv'
> failed
The certificate of ng.gnunet.org is signed by Deutsche Telekom Root CA
2. Where should that certificate be included to get past this error?
Sree
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQEcBAEBAgAGBQJTMX7wAAoJECthXLMALpxG104IAItKQU86tbpbKEapQSRce8vx
D5+dse5Oi5KCeeVWX93zVwnO/Zh0D7HW293cz+U4HHtpHuvHckMJszPhFAo8JpEv
26vxtJc2o/IW8hPdeKXUOKprGDQ7gOGIlap+I/GX2/JcERGBvlujCnj3ZPMx2p+S
v418P589IwB5/s2rHvtmw4lxA1F0O4lxhCY0JWybLeE6RH4fhc24ZYpsd1CVzXM1
FjvzP6JSb6LL47fiaI3V7VgFsaIViMaHvnB0f0fwnjfFNdpP+yODWjWd6pk32dGX
kwGIwHOYRQ2uVG5L/Bgm884O1rjHvQQpVw9iF73v2EcAVLtPGSlyRytzSEAaVbA=
=2bjW
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SVN download
2014-03-25 13:04 SVN download Sree Harsha Totakura
@ 2014-03-25 20:29 ` Ludovic Courtès
2014-03-25 21:50 ` Sree Harsha Totakura
0 siblings, 1 reply; 3+ messages in thread
From: Ludovic Courtès @ 2014-03-25 20:29 UTC (permalink / raw)
To: Sree Harsha Totakura; +Cc: guix-devel
Sree Harsha Totakura <sreeharsha@totakura.in> skribis:
> I wrote a helper to download sources from SVN directories. I guess it
> works but I am unable to test it as I get the following error while
> validating the server SSL certificates:
Given that our Subversion is currently linked against an OpenSSL-using
version of Neon, I think what would need to be done is to (1) get a
ca-certificates packages, and (2) point whatever OpenSSL’s environment
variable is to those certificates, in the build environment.
This has been discussed a bit in the thread at
https://lists.gnu.org/archive/html/guix-devel/2014-02/msg00242.html
Now, alternately, does GNUnet provide http SVN access (no TLS)?
If it does, you could:
1. Do an SVN checkout manually, and authenticate it (we can’t really
claim that TLS buys you anything here, as discussed with Mark on
IRC recently...)
2. Compute that checkout’s hash, with ‘guix hash -r’.
3. Write your recipe so that it uses the non-SSL SVN access, with the
revision and hash obtained above.
WDYT?
Ludo’.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SVN download
2014-03-25 20:29 ` Ludovic Courtès
@ 2014-03-25 21:50 ` Sree Harsha Totakura
0 siblings, 0 replies; 3+ messages in thread
From: Sree Harsha Totakura @ 2014-03-25 21:50 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/25/2014 09:29 PM, Ludovic Courtès wrote:
> Now, alternately, does GNUnet provide http SVN access (no TLS)? If
> it does, you could:
It doesn't provide http SVN access. So, I guess the only option for
now is to use the ca-certificates package.
Sree
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQEcBAEBAgAGBQJTMfoSAAoJECthXLMALpxGDPYH/Am4H0wQimyAuASBdpo6Nuwz
UlVz9FcXXlY883uBQeKfWfedU5e5SaaHoL02TkUSIVxdAmtpsGu/h68kL0sjcZhj
pfOFSwXQusQnQ7+HYcmbPgkZBBQi5oFrCT21mMjH0U4ZgDT7GCQH8w8bPnnl1Am1
A1UG3ZKwYvZNNhDAFWSYvWJVgZwF8zRKQ34EOSqHJQdQ8PgRonsESc8TmBiSMCr2
UsmTTAtLcIL1ICsIInlHHTrYh+JqMnrTcv0c0ya2ZG3xCSX1Qxl2u9g86HOKTRmT
IyhcfCOKhiiGOHXYLEoPyD2ThHHYB1r/kD6OuJ1Zsdbk2y+sgGXHFEKx5Rcy3UQ=
=5ho8
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-03-25 21:50 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-03-25 13:04 SVN download Sree Harsha Totakura
2014-03-25 20:29 ` Ludovic Courtès
2014-03-25 21:50 ` Sree Harsha Totakura
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).