http-client: Add #:verify-certificate? to 'http-fetch'.

* guix/http-client.scm (http-fetch): Add #:verify-certificate? parameter and pass it to 'open-connection-for-uri'.
2016-11-12 12:53:45 +01:00 · 2016-11-12 12:53:45 +01:00 · 17cff9c662
commit 17cff9c662
parent eda2ad5cd1
1 changed files with 6 additions and 2 deletions
--- a/guix/http-client.scm
+++ b/guix/http-client.scm
@ -223,7 +223,7 @@ or if EOF is reached."
                'shutdown (const #f))

 (define* (http-fetch uri #:key port (text? #f) (buffered? #t)
-                     keep-alive?)
+                     keep-alive? (verify-certificate? #t))
  "Return an input port containing the data at URI, and the expected number of
 bytes available or #f.  If TEXT? is true, the data at URI is considered to be
 textual.  Follow any HTTP redirection.  When BUFFERED? is #f, return an
@ -231,11 +231,15 @@ unbuffered port, suitable for use in `filtered-port'.  When KEEP-ALIVE? is
 true, send a 'Connection: keep-alive' HTTP header, in which case PORT may be
 reused for future HTTP requests.

+When VERIFY-CERTIFICATE? is true, verify HTTPS server certificates.
+
 Raise an '&http-get-error' condition if downloading fails."
  (let loop ((uri (if (string? uri)
                      (string->uri uri)
                      uri)))
-    (let ((port (or port (open-connection-for-uri uri)))
+    (let ((port (or port (open-connection-for-uri uri
+                                                  #:verify-certificate?
+                                                  verify-certificate?)))
          (auth-header (match (uri-userinfo uri)
                         ((? string? str)
                          (list (cons 'Authorization