GNU bug report logs - #40486
http-get doesn't respect #:verify-certificate?

Previous Next

Package: guile;

Reported by: Jan Synacek <jsynacek <at> redhat.com>

Date: Tue, 7 Apr 2020 15:31:02 UTC

Severity: normal

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 40486 in the body.
You can then email your comments to 40486 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-guile <at> gnu.org:
bug#40486; Package guile. (Tue, 07 Apr 2020 15:31:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jan Synacek <jsynacek <at> redhat.com>:
New bug report received and forwarded. Copy sent to bug-guile <at> gnu.org. (Tue, 07 Apr 2020 15:31:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jan Synacek <jsynacek <at> redhat.com>
To: bug-guile <at> gnu.org
Subject: http-get doesn't respect #:verify-certificate?
Date: Tue, 07 Apr 2020 17:29:54 +0200
When I run the following piece of code:

(use-modules (web client))
(http-get "https://bugzilla.redhat.com/rest/bug/1" #:verify-certificate? #f)

I get:
...
In web/client.scm:
    563:0  1 (http-get "https://bugzilla.redhat.com/rest/bug/1" # _ # …)
    231:6  0 (tls-wrap #<closed: file 1db4540> _ # _)

web/client.scm:231:6: In procedure tls-wrap:
X.509 certificate of 'bugzilla.redhat.com' could not be verified:
  signer-not-found invalid

If I use http-request instead of http-get, the keyword argument is
correctly taken into account and the certificate is not verified.

I use v3.0.2.





Reply sent to Ludovic Courtès <ludo <at> gnu.org>:
You have taken responsibility. (Wed, 27 May 2020 21:30:02 GMT) Full text and rfc822 format available.

Notification sent to Jan Synacek <jsynacek <at> redhat.com>:
bug acknowledged by developer. (Wed, 27 May 2020 21:30:03 GMT) Full text and rfc822 format available.

Message #10 received at 40486-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Jan Synacek <jsynacek <at> redhat.com>
Cc: 40486-done <at> debbugs.gnu.org
Subject: Re: bug#40486: http-get doesn't respect #:verify-certificate?
Date: Wed, 27 May 2020 23:29:49 +0200
Hi,

Jan Synacek <jsynacek <at> redhat.com> skribis:

> When I run the following piece of code:
>
> (use-modules (web client))
> (http-get "https://bugzilla.redhat.com/rest/bug/1" #:verify-certificate? #f)
>
> I get:
> ...
> In web/client.scm:
>     563:0  1 (http-get "https://bugzilla.redhat.com/rest/bug/1" # _ # …)
>     231:6  0 (tls-wrap #<closed: file 1db4540> _ # _)
>
> web/client.scm:231:6: In procedure tls-wrap:
> X.509 certificate of 'bugzilla.redhat.com' could not be verified:
>   signer-not-found invalid
>
> If I use http-request instead of http-get, the keyword argument is
> correctly taken into account and the certificate is not verified.
>
> I use v3.0.2.

Fixed in a5421d2bb6e27fe77e794f950833ca6d84c8c523, thanks!

Ludo’.




bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 25 Jun 2020 11:24:09 GMT) Full text and rfc822 format available.

This bug report was last modified 3 years and 277 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.