From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marius Bakke Subject: Re: `guix pull` over HTTPS Date: Tue, 28 Feb 2017 22:54:12 +0100 Message-ID: <87efyi0ynv.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> References: <20170209155512.GA11291@jasmine> <20170210003054.GA12412@jasmine> <87fujmcb6w.fsf@gnu.org> <87lgte10eu.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87inoh660r.fsf@gnu.org> <874m011xb2.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <871sv44x97.fsf@gnu.org> <20170228054616.GA28504@jasmine> <87shmy1hup.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <20170228162919.GA10253@jasmine> <87mvd61cxv.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87k28a11wt.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> <87h93e0z4a.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:49161) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cipiy-0002nD-0M for guix-devel@gnu.org; Tue, 28 Feb 2017 16:54:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cipip-000469-Mo for guix-devel@gnu.org; Tue, 28 Feb 2017 16:54:24 -0500 In-Reply-To: <87h93e0z4a.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Leo Famulari Cc: guix-devel@gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Marius Bakke writes: > @@ -224,8 +225,11 @@ contained therein." > (with-error-handling > (let* ((opts (parse-options)) > (store (open-connection)) > + (certs (string-append (package-output store nss-certs) > + "/etc/ssl/certs")) Note: This only works if you have nss-certs in the store already. Not sure how to convert this into a gexp. > (url (assoc-ref opts 'tarball-url))) > - (let ((tarball (download-to-store store url "guix-latest.tar.gz"))) > + (let ((tarball (download-to-store store url "guix-latest.tar.gz" > + #:verify-certificate? certs))) > (unless tarball > (leave (_ "failed to download up-to-date source, exiting\n"))) > (parameterize ((%guile-for-build > --=20 > 2.12.0 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAli18YQACgkQoqBt8qM6 VPpANggAgHrGvwQzBgM22q7iYz6ynh31+a+YsBRuki6Gsi6jF03K/x6GpzpGmxpT 539WNd/CJdDwAOx1QY9YY7A0ECMZPWoQ2JETRZnsZ4tIDDRvsZgbeMg0O/tgf/sR TND/Y5YNIdfuMYJT5FPFhtgO7ejZhd11SuRKNOF0Ok+bXcVE+arqPwDMpEF1hVpU GS5+pNidNEfgD81mDy3MD4h7Oqm5QXgqVf9PkU+6tALBwFgxyNvCjC+Yj+OwFUeP C86lDaQjm045u2FgPiNXjSSfuLx0vJ0DaNK6zUu8B0FEc4WvyMx4UDNiWabi3H6o 1jab2c7lYDYdIuMaV2dnGQY8oZ90Ow== =Iho3 -----END PGP SIGNATURE----- --=-=-=--