git2r
git2r copied to clipboard
ropensci
not respecting http.sslverify=false
We have a personal git repository server, and I haven't found an easy way to add our SSL certificate properly so that git works with it, so the config has http.sslverify=false, but when I use git2r to try and push via https on this repo, I get the error:
Error in 'git2r_push': The SSL certificate is invalid
Thanks for this report @rmflight. I'll investigate how to resolve the issue.
Added the branch respect_http_sslverify_false for the issue.
The following libgit2 code (unused) shows an example of the check https://github.com/ropensci/git2r/blob/4b1f21528bd7f80f467c78e15535be224cdd1021/src/libgit2/remote.c#L89
Add a callback and set git_remote_callbacks.git_transport_certificate_check_cb in https://github.com/ropensci/git2r/blob/521acefad2eaa39489e00b0f696feaafabc9df06/src/git2r_push.c#L88
The callback should also respect specification per URL (http://git-scm.com/docs/git-config)
[http]
sslVerify
[http "https://weak.example.com"]
sslVerify = false
We run a similar git server at my company and the same issue. This is the workaround that we came up with for installing packages when we know that they are on internal servers. Not the most secure, but it is functional.
value <- Sys.getenv("GIT_SSL_NO_VERIFY")
Sys.setenv(GIT_SSL_NO_VERIFY="true")
# git install commands like the following
devtools::install_git(url, dependencies=TRUE, branch=branch,...)
Sys.setenv(GIT_SSL_NO_VERIFY=value)
We would be thrilled if git2r found a better solution.
The only comment I would have to above (as I've been looking for this answer is to use on.exit:
value <- Sys.getenv("GIT_SSL_NO_VERIFY")
Sys.setenv(GIT_SSL_NO_VERIFY="true")
on.exit({
Sys.setenv(GIT_SSL_NO_VERIFY=value)
})
