From 17cff9c66214be38de8ece0ce98f707823e25bf2 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 12 Nov 2016 12:53:45 +0100 Subject: http-client: Add #:verify-certificate? to 'http-fetch'. * guix/http-client.scm (http-fetch): Add #:verify-certificate? parameter and pass it to 'open-connection-for-uri'. --- guix/http-client.scm | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/guix/http-client.scm b/guix/http-client.scm index a8324be09f..cc3acc9587 100644 --- a/guix/http-client.scm +++ b/guix/http-client.scm @@ -223,7 +223,7 @@ or if EOF is reached." 'shutdown (const #f)) (define* (http-fetch uri #:key port (text? #f) (buffered? #t) - keep-alive?) + keep-alive? (verify-certificate? #t)) "Return an input port containing the data at URI, and the expected number of bytes available or #f. If TEXT? is true, the data at URI is considered to be textual. Follow any HTTP redirection. When BUFFERED? is #f, return an @@ -231,11 +231,15 @@ unbuffered port, suitable for use in `filtered-port'. When KEEP-ALIVE? is true, send a 'Connection: keep-alive' HTTP header, in which case PORT may be reused for future HTTP requests. +When VERIFY-CERTIFICATE? is true, verify HTTPS server certificates. + Raise an '&http-get-error' condition if downloading fails." (let loop ((uri (if (string? uri) (string->uri uri) uri))) - (let ((port (or port (open-connection-for-uri uri))) + (let ((port (or port (open-connection-for-uri uri + #:verify-certificate? + verify-certificate?))) (auth-header (match (uri-userinfo uri) ((? string? str) (list (cons 'Authorization -- cgit 1.4.1