tribes/guix
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/guix.git synced 2026-04-06 21:20:33 +02:00
Code Activity

pull: Add ‘--no-check-certificate’.

Browse Source 
This can be tested with:

  guix shell libfaketime -- faketime 2019-01-01 \
    guix pull -q --no-check-certificate -p /tmp/p

* guix/scripts/pull.scm (%options, show-help): Add
‘--no-check-certificate’.
(%default-options): Add ‘verify-certificate?’ key.
(guix-pull): Honor it.
* doc/guix.texi (Invoking guix pull): Document it.

Change-Id: Ia9d7af1c64156b112e86027fb637e2e02dae6e3c
This commit is contained in:
Ludovic Courtès
2024-12-10 23:58:12 +01:00
parent e168d31819
commit 7d235a6799
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/guix.texi
View File

@@ -4643,6 +4643,14 @@ Make sure you understand its security implications before using
@option{--disable-authentication}.
@end quotation
@item --no-check-certificate
Do not validate the X.509 certificates of HTTPS servers.
When using this option, you have @emph{absolutely no guarantee} that you
are communicating with the authentic server responsible for the given
URL. Unless the channel is authenticated, this makes you vulnerable to
``man-in-the-middle'' attacks.
@item --system=@var{system}
@itemx -s @var{system}
Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of