all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: "Ludovic Courtès" <ludo@gnu.org>
To: 74776@debbugs.gnu.org
Cc: "Ludovic Courtès" <ludo@gnu.org>,
	"Christopher Baines" <guix@cbaines.net>,
	"Josselin Poiret" <dev@jpoiret.xyz>,
	"Ludovic Courtès" <ludo@gnu.org>,
	"Mathieu Othacehe" <othacehe@gnu.org>,
	"Simon Tournier" <zimon.toutoune@gmail.com>,
	"Tobias Geerinckx-Rice" <me@tobias.gr>
Subject: [bug#74776] [PATCH 7/7] time-machine: Add ‘--no-check-certificate’.
Date: Wed, 11 Dec 2024 00:34:46 +0100	[thread overview]
Message-ID: <54a8cf29cc3853916105da244a8c56b0b060fc29.1733873391.git.ludo@gnu.org> (raw)
In-Reply-To: <cover.1733873391.git.ludo@gnu.org>

This can be tested with:

  guix shell libfaketime -- faketime 2019-01-01 \
    guix time-machine -q --no-check-certificate

* guix/scripts/time-machine.scm (%options, show-help): Add
‘--no-check-certificate’.
(%default-options): Add ‘verify-certificate?’ key.
(guix-time-machine): Honor it.

Change-Id: I25a29d03d4df78d1618c6a416ec85fd8e90fec6c
---
 guix/scripts/time-machine.scm | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/guix/scripts/time-machine.scm b/guix/scripts/time-machine.scm
index 21145239d4..0fd2d15eb5 100644
--- a/guix/scripts/time-machine.scm
+++ b/guix/scripts/time-machine.scm
@@ -70,6 +70,9 @@ (define (show-help)
   (display (G_ "
       --disable-authentication
                          disable channel authentication"))
+  (display (G_ "
+      --no-check-certificate
+                         do not validate the certificate of HTTPS servers"))
   (newline)
   (show-build-options-help)
   (newline)
@@ -101,6 +104,9 @@ (define %options
          (option '("disable-authentication") #f #f
                  (lambda (opt name arg result)
                    (alist-cons 'authenticate-channels? #f result)))
+         (option '("no-check-certificate") #f #f
+                 (lambda (opt name arg result)
+                   (alist-cons 'verify-certificate? #f result)))
          (option '(#\h "help") #f #f
                  (lambda args
                    (leave-on-EPIPE (show-help))
@@ -120,6 +126,7 @@ (define %default-options
     (print-extended-build-trace? . #t)
     (multiplexed-build-output? . #t)
     (authenticate-channels? . #t)
+    (verify-certificate? . #t)
     (graft? . #t)
     (debug . 0)
     (verbosity . 1)))
@@ -180,7 +187,8 @@ (define-command (guix-time-machine . args)
             (command-line (assoc-ref opts 'exec))
             (ref          (assoc-ref opts 'ref))
             (substitutes?  (assoc-ref opts 'substitutes?))
-            (authenticate? (assoc-ref opts 'authenticate-channels?)))
+            (authenticate? (assoc-ref opts 'authenticate-channels?))
+            (verify-certificate? (assoc-ref opts 'verify-certificate?)))
        (let* ((directory
                (with-store store
                  (with-status-verbosity (assoc-ref opts 'verbosity)
@@ -195,7 +203,9 @@ (define-command (guix-time-machine . args)
                                               #:reference-channels
                                               %reference-channels
                                               #:validate-channels
-                                              validate-guix-channel)))))
+                                              validate-guix-channel
+                                              #:verify-certificate?
+                                              verify-certificate?)))))
               (executable (string-append directory "/bin/guix")))
          (if command-line
              (apply execl (cons* executable executable command-line))
-- 
2.46.0





      parent reply	other threads:[~2024-12-10 23:36 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-12-10 23:33 [bug#74776] [PATCH 0/7] Adding '--no-check-certificate' to 'pull' and 'time-machine' Ludovic Courtès
2024-12-10 23:34 ` [bug#74776] [PATCH 1/7] git: Remove Guile-Git < 0.4.0 compatibility fallback Ludovic Courtès
2024-12-10 23:34 ` [bug#74776] [PATCH 2/7] git: Allow X.509 certificate verification to be disabled Ludovic Courtès
2024-12-10 23:34 ` [bug#74776] [PATCH 3/7] guix download: Honor ‘--no-check-certificate’ for ‘--git’ Ludovic Courtès
2024-12-10 23:34 ` [bug#74776] [PATCH 4/7] channels: Add #:verify-certificate? and honor it Ludovic Courtès
2024-12-10 23:34 ` [bug#74776] [PATCH 5/7] pull: Add ‘--no-check-certificate’ Ludovic Courtès
2024-12-11  2:45   ` Maxim Cournoyer
2024-12-10 23:34 ` [bug#74776] [PATCH 6/7] inferior: Add #:verify-certificate? to ‘cached-channel-instance’ Ludovic Courtès
2024-12-10 23:34 ` Ludovic Courtès [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54a8cf29cc3853916105da244a8c56b0b060fc29.1733873391.git.ludo@gnu.org \
    --to=ludo@gnu.org \
    --cc=74776@debbugs.gnu.org \
    --cc=dev@jpoiret.xyz \
    --cc=guix@cbaines.net \
    --cc=me@tobias.gr \
    --cc=othacehe@gnu.org \
    --cc=zimon.toutoune@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.