Don't error when initializing LibGit2 with CA roots path #56924
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nsajko
added
libgit2
visr
force-pushed
the
allow-cert-file
branch
2 times, most recently
from
8be0eee to
e33618a
Compare
|
Test failures are unrelated. I rebased this now on top of the LibGit2 1.9 update and switch to OpenSSL that have merged since. Would appreciate a review on this and its companion JuliaLang/NetworkOptions.jl#37. Tagging @StefanKarpinski who originally contributed this code in #38827. |
|
Bump, hoping to get a review for this and JuliaLang/NetworkOptions.jl#37. |
|
I don't think I have the necessary knowledge to review this PR, but I can try to find someone to review it. |
|
Thanks for the review of JuliaLang/NetworkOptions.jl#37 @aviks. Would you be able to take a look at this one as well? |
When e.g. SSL_CERT_FILE is set, we cannot set this location in LibGit2_jll because it isn't built with support for that. Until now we've errored out with a message telling users to set JULIA_SSL_CA_ROOTS_PATH to an empty string. This changes the behavior to allow this expected error. Variables like SSL_CERT_FILE are for instance set by Conda, ensuring many people running into this, see e.g. https://discourse.julialang.org/search?q=JULIA_SSL_CA_ROOTS_PATH. The other part, and some more context for this, is here: JuliaLang/NetworkOptions.jl#37 (comment)
visr
force-pushed
the
allow-cert-file
branch
from
e33618a to
16739c2
Compare
|
Rebased and rewrote the top post with a lot of references for easier reviewing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When SSL_CERT_FILE or SSL_CERT_DIR is set, it is impossible to set this location in LibGit2_jll on Apple and Windows because it isn't built with support for that. Until now we've errored out with a message telling users to set JULIA_SSL_CA_ROOTS_PATH to an empty string, which is a somewhat problematic workaround because the Windows environment variables UI doesn't allow empty values, and setting it to an empty string from PowerShell unsets it. This PR changes the behavior to allow this expected error.
Variables like SSL_CERT_FILE are for instance set by the Conda OpenSSL package on environment activation used by e.g. Python, ensuring many people cannot use Pkg operations that use LibGit2, like
dev Example,add Example#master. See more user reports on Discourse.Together with JuliaLang/NetworkOptions.jl#37 this should improve the experience of users trying out Julia from a Conda environment. This should also be fine to backport.