From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: `guix pull` over HTTPS
Date: Mon, 06 Mar 2017 11:04:33 +0100
Message-ID: <87shmqwwjy.fsf@gnu.org>
References: <874m011xb2.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<871sv44x97.fsf@gnu.org> <20170228054616.GA28504@jasmine>
	<87shmy1hup.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<20170228162919.GA10253@jasmine>
	<87mvd61cxv.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<87k28a11wt.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<87h93e0z4a.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<87efyi0ynv.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<8760jt206c.fsf@kirby.i-did-not-set--mail-host-address--so-tickle-me>
	<20170301051420.GA11310@jasmine>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:34224)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1ckpVQ-0006fg-FG
	for guix-devel@gnu.org; Mon, 06 Mar 2017 05:04:41 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1ckpVM-0007xL-Gl
	for guix-devel@gnu.org; Mon, 06 Mar 2017 05:04:40 -0500
In-Reply-To: <20170301051420.GA11310@jasmine> (Leo Famulari's message of "Wed,
	1 Mar 2017 00:14:20 -0500")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org

Leo Famulari <leo@famulari.name> skribis:

> On Wed, Mar 01, 2017 at 03:36:11AM +0100, Marius Bakke wrote:
>> Subject: [PATCH] pull: Default to HTTPS.
>>=20
>> * guix/build/download.scm (tls-wrap): Add CERTIFICATE-DIRECTORY paramete=
r.
>> (open-connection-for-uri): Adjust parameters to match.
>> (http-fetch): Likewise.
>> (url-fetch): Likewise.
>> * guix/download.scm (download-to-store): Likewise.
>> * guix/scripts/pull.scm (%snapshot-url): Use HTTPS.
>> (guix-pull): Verify against the store path of NSS-CERTS.
>
> When I don't have GnuTLS in my environment, it fails like this:
>
> Starting download of /tmp/guix-file.pSCYyI
> From https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz...
> ;;; Failed to autoload make-session in (gnutls):
> ;;; ERROR: missing interface for module (gnutls)
> ERROR: In procedure module-lookup: Unbound variable: make-session
> failed to download "/tmp/guix-file.pSCYyI" from "https://git.savannah.gnu=
.org/cgit/guix.git/snapshot/master.tar.gz"
> guix pull: error: failed to download up-to-date source, exiting

What about making GnuTLS a hard requirement for Guix?

Ludo=E2=80=99.