New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cmd/go: go get -insecure fails with go1.6 #15531

Open
igaskin opened this Issue May 3, 2016 · 5 comments

Comments

Projects
None yet
4 participants
@igaskin

igaskin commented May 3, 2016

Please answer these questions before submitting your issue. Thanks!

  1. What version of Go are you using (go version)?
    1.6
  2. What operating system and processor architecture are you using (go env)?
    GOARCH="amd64"
    GOBIN=""
    GOEXE=""
    GOHOSTARCH="amd64"
    GOHOSTOS="linux"
    GOOS="linux"
    GOPATH="/var/lib/jenkins/.gvm/pkgsets/go1.5/global"
    GORACE=""
    GOROOT="/var/lib/jenkins/.gvm/gos/go1.5"
    GOTOOLDIR="/var/lib/jenkins/.gvm/gos/go1.5/pkg/tool/linux_amd64"
    GO15VENDOREXPERIMENT=""
    CC="gcc"
    GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0"
    CXX="g++"
    CGO_ENABLED="1"
  3. What did you do?
    Attempted to go get a package with the -insecure flag.
  4. What did you expect to see?
    Package installed to my $GOPATH, pulled over HTTP
  5. What did you see instead?
    502 Response due to fetching over HTTPS
@bradfitz

This comment has been minimized.

Member

bradfitz commented May 3, 2016

Yeah, I suppose we could make it skip non-2xx status codes too. @rsc, @adg?

@bradfitz bradfitz changed the title from Go get -insecure fails with version 1.6 to cmd/go: -insecure fails with version 1.6 May 3, 2016

@bradfitz

This comment has been minimized.

Member

bradfitz commented May 3, 2016

@igaskin, is this a regression from an earlier Go release? You mention "version 1.6" explicitly.

@bradfitz bradfitz added this to the Unplanned milestone May 3, 2016

@igaskin

This comment has been minimized.

igaskin commented May 3, 2016

@bradfitz Yes it appears to be a regression, I tested it on two VMs and got the same result. With go1.5 go get -insecure will properly fetch packages over HTTP. The insecure flag seems to be bugged in go1.6

@adg

This comment has been minimized.

Contributor

adg commented May 4, 2016

@igaskin what's the package you're trying to fetch?

@igaskin

This comment has been minimized.

igaskin commented May 4, 2016

@adg a local go package hosted on an internal stash server. Here is the exact problem I'm seeing.

user@example:$ go version
go version go1.5 linux/amd64
juser@example:$ go get -insecure -v -u -d go.stash.c42/opslib
Fetching https://go.stash.c42/opslib?go-get=1
https fetch failed.
Fetching http://go.stash.c42/opslib?go-get=1
Parsing meta tags from http://go.stash.c42/opslib?go-get=1 (status code 200)
get "go.stash.c42/opslib": found meta tag main.metaImport{Prefix:"go.stash.c42/opslib", VCS:"git",     RepoRoot:"ssh://git@stash.c42:7999/ops/go-opslib.git"} at http://go.stash.c42/opslib?go-get=1
go.stash.c42/opslib (download)
package go.stash.c42/opslib: no buildable Go source files in     /var/lib/jenkins/.gvm/pkgsets/go1.5/global/src/go.stash.c42/opslib
user@example:$ gvm use system
Now using version system
user@example:$ go version
go version go1.6.1 linux/amd64
user@example:$ go get -insecure -v -u -d go.stash.c42/opslib
Fetching https://go.stash.c42/opslib?go-get=1
Parsing meta tags from https://go.stash.c42/opslib?go-get=1 (status code 502)
package go.stash.c42/opslib: unrecognized import path "go.stash.c42/opslib" (parse https://go.stash.c42/opslib?go-get=1: no go-import meta tags)

You can see in the last command that with go1.6 it did not attempt to fetch over http.

@ALTree ALTree changed the title from cmd/go: -insecure fails with version 1.6 to cmd/go: go get -insecure fails with go1.6 Jul 18, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment