From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: [PATCH 42/42] gnu: Add darcs. Date: Mon, 26 Sep 2016 17:04:12 -0400 Message-ID: <20160926210412.GA14907@jasmine> References: <20160918161022.26135-1-ng0@we.make.ritual.n0.is> <20160918161022.26135-42-ng0@we.make.ritual.n0.is> <20160921014449.GA18022@jasmine> <878tulfyik.fsf@we.make.ritual.n0.is> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:40432) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bod4f-00029y-Jr for guix-devel@gnu.org; Mon, 26 Sep 2016 17:04:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bod4a-0000wD-RE for guix-devel@gnu.org; Mon, 26 Sep 2016 17:04:29 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:43397) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bod4Y-0000tE-Ao for guix-devel@gnu.org; Mon, 26 Sep 2016 17:04:24 -0400 Content-Disposition: inline List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: ng0 Cc: guix-devel@gnu.org On Fri, Sep 23, 2016 at 02:27:28AM -0400, Leo Famulari wrote: > On Wed, Sep 21, 2016 at 08:27:47AM +0000, ng0 wrote: > > ;; http://darcs.net/manual/Configuring_darcs.html#SECTION00440070000000000000 > > Based on that link to the Darcs manual, my understanding is that users > must provide Darcs with a set of URL handlers in the form of shell > invocations in environment variables. I was wrong; those variables are no longer used by Darcs. HTTPS should "just work". Here I am using Darcs from Debian Stretch: $ darcs clone --debug-http https://dev.seek-together.space/s/fr33domlover/r/vervis * Trying 188.120.157.6... * Connected to dev.seek-together.space (188.120.157.6) port 443 (#0) * found 173 certificates in /etc/ssl/certs/ca-certificates.crt * found 692 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384 * server certificate verification OK * server certificate status verification SKIPPED * common name: dev.seek-together.space (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: CN=dev.seek-together.space * start date: Tue, 09 Aug 2016 12:20:00 GMT * expire date: Mon, 07 Nov 2016 12:20:00 GMT * issuer: C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3 * compression: NULL * ALPN, server did not agree to a protocol > GET /s/fr33domlover/r/vervis/_darcs/prefs/motd HTTP/1.1 Host: dev.seek-together.space User-Agent: darcs/2.12.0 libcurl/7.47.0 Accept: */* Cache-Control: max-age=600 [... et cetera ...] But, with the WIP Guix package, our libcurl does not find the certificate store: $ darcs clone --debug-http https://dev.seek-together.space/s/fr33domlover/r/vervis * Trying 188.120.157.6... * TCP_NODELAY set * Connected to dev.seek-together.space (188.120.157.6) port 443 (#0) * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384 * server certificate verification failed. CAfile: none CRLfile: none * Curl_http_done: called premature == 1 * Closing connection 0 * Hostname dev.seek-together.space was found in DNS cache * Trying 188.120.157.6... * TCP_NODELAY set * Connected to dev.seek-together.space (188.120.157.6) port 443 (#1) * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384 * server certificate verification failed. CAfile: none CRLfile: none * Curl_http_done: called premature == 1 * Closing connection 1 * Hostname dev.seek-together.space was found in DNS cache * Trying 188.120.157.6... * TCP_NODELAY set * Connected to dev.seek-together.space (188.120.157.6) port 443 (#2) * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384 * server certificate verification failed. CAfile: none CRLfile: none * Curl_http_done: called premature == 1 * Closing connection 2 darcs failed: Not a repository: https://dev.seek-together.space/s/fr33domlover/r/vervis (Peer certificate cannot be authenticated with given CA certificates) HINT: Do you have the right URI for the repository?