New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: ssl verify environment variable #2122
Comments
Here's my "temporary" workaround; this is really hacky. Note that I found the callback name here and the documentation for the callback here. This is against Julia v1.3.1, and I have the binary distribution unpacked in my home directory which lets me launch using the following command (using the Pkg.jl development idiom from the README). export JULIA_BINDIR=~/.bin/julia-1.3.1/bin
$JULIA_BINDIR/julia --project=$JULIA_BINDIR/../share/julia/stdlib/v1.3/Pkg/ -e 'import Pkg' -i --- GitTools.jl 2020-11-02 12:21:35.485749320 -0500
+++ GitTools.jl.new 2020-11-02 12:22:01.375749623 -0500
@@ -108,6 +108,8 @@
ispath(target_path) ? LibGit2.GitRepo(target_path) : GitTools.clone(url, target_path; kwargs...)
+ignore_cert_errors(_...) = Cint(0)
+
function clone(url, source_path; header=nothing, kwargs...)
@assert !isdir(source_path) || isempty(readdir(source_path))
url = normalize_url(url)
@@ -117,6 +119,10 @@
:transfer_progress => (
@cfunction(transfer_progress, Cint, (Ptr{LibGit2.TransferProgress}, Any)),
transfer_payload,
+ ),
+ :certificate_check => (
+ @cfunction(ignore_cert_errors, Cint, (Ptr{Any},Cint,Ptr{Any},Ptr{Any},)),
+ ignore_cert_errors,
)
)
print(stdout, "\e[?25l") # disable cursor
@@ -151,6 +157,10 @@
:transfer_progress => (
@cfunction(transfer_progress, Cint, (Ptr{LibGit2.TransferProgress}, Any)),
transfer_payload,
+ ),
+ :certificate_check => (
+ @cfunction(ignore_cert_errors, Cint, (Ptr{Any},Cint,Ptr{Any},Ptr{Any},)),
+ ignore_cert_errors,
)
)
print(stdout, "\e[?25l") # disable cursor |
I believe this is fixed now (@StefanKarpinski?), see https://github.com/JuliaLang/NetworkOptions.jl#verify_host |
Using julia behind a proxy / on a corporate server can get complicated. One complication is that making requests over secure https doesn't work due to SSL verification failing, despite otherwise being fine. Git and other languages' package managers have the ability to turn off SSL verification for requests, for example with conda you can put
ssl_verify: false
in the.condarc
file and suddenly package requests work over https. I think it'd be really helpful to add such an option for julia, either through an environment variable likeJULIA_SSL_VERIFY
which you can set tofalse
, or some other place where similar options might be located. Currently my only solution is to overwrite thegen_download_cmd
method in Pkg.PlatformEngines to append the-k
flag to the curl command in thestartup.jl
file, but ideally this can be done automatically with the correct option for each download engine.Also sorry if this is a duplicate, I looked but couldn't find any related issues
The text was updated successfully, but these errors were encountered: