[pacman-dev] [PATCH 1/2] libalpm: Add dlclientcert and dlclientkey options.

Allan McRae allan at archlinux.org
Wed Nov 28 04:08:00 UTC 2018


On 15/11/18 2:37 am, Maarten de Vries wrote:
> These patches add support for client certificates to alpm and pacman.
> 
> This can already be achieved currently by setting an XferCommand,
> but doing so significantly reduces the quality of the feedback pacman
> gives during the downloads. Especially annoying are the 404 errors on
> most database signature files, but that's not the only issue.
> 
> I admit this is a bit of an edge case, but I find myself in the
> situation where I have to download packages from a private repository
> that requires a valid client certificate. I really want the nice regular
> pacman feedback back though, so I figured I'd hack it in myself.
> 
> I tried to follow naming schemes and other conventions the best I could,
> but please let me know if I should change anything, or forgot something.

I am very, very reluctant to include this.  We have been quite strict on
which download options we have included in pacman in the past - it took
quite some time for DisableDownloadTimeout to be added and we still
don't have real speed limiting - although this was (still is?) due to
curl implementation limitation.  This is way too much of an edge case,
and we do have XferCommand for such things.

Note, database signature file errors can be removed by adding "SigLevel
= DatabaseNone" to the relevant databases.

Allan


More information about the pacman-dev mailing list