* guix/scripts/pull.scm (%snapshot-url): Use HTTPS. (%options): Add "--insecure" option. (show-help): Mention it. (guix-pull): Pass #:verify-certificate to DOWNLOAD-TO-STORE. --- guix/scripts/pull.scm | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index a4824e4fd..b1724f13c 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -45,7 +45,7 @@ (define %snapshot-url ;; "http://hydra.gnu.org/job/guix/master/tarball/latest/download" - "http://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz" + "https://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz" ) (define-syntax-rule (with-environment-variable variable value body ...) @@ -78,6 +78,8 @@ Download and deploy the latest version of Guix.\n")) (display (_ " --url=URL download the Guix tarball from URL")) (display (_ " + --insecure do not perform validation of TLS certificates")) + (display (_ " --bootstrap use the bootstrap Guile to build the new Guix")) (newline) (display (_ " @@ -96,6 +98,9 @@ Download and deploy the latest version of Guix.\n")) (lambda (opt name arg result) (alist-cons 'tarball-url arg (alist-delete 'tarball-url result)))) + (option '("insecure") #f #f + (lambda (opt name arg result) + (alist-cons 'insecure? #t result))) (option '("bootstrap") #f #f (lambda (opt name arg result) (alist-cons 'bootstrap? #t result))) @@ -225,7 +230,9 @@ contained therein." (let* ((opts (parse-options)) (store (open-connection)) (url (assoc-ref opts 'tarball-url))) - (let ((tarball (download-to-store store url "guix-latest.tar.gz"))) + (let ((tarball (download-to-store store url "guix-latest.tar.gz" + #:verify-certificate? + (not (assoc-ref opts 'insecure?))))) (unless tarball (leave (_ "failed to download up-to-date source, exiting\n"))) (parameterize ((%guile-for-build -- 2.12.0