I know nothing about the Go language, I'd just like to use this app on Ubuntu 14:
Before doing anything, I had to set the GOPATH environment variable in my ~/.bashrc. Then the README says this program is installed with:
go get -u github.com/mvdan/fdroidcl/cmd/fdroidcl
This passes fine, and an executable is found. In fact, these are the files found in home, where GOPATH
is ~/go
:
$ find ~ -name 'fdroidcl*' 2>/dev/null
/home/myusername/.cache/fdroidcl
/home/myusername/.config/fdroidcl
/home/myusername/go/pkg/gccgo_linux_386/github.com/mvdan/fdroidcl
/home/myusername/go/src/github.com/mvdan/fdroidcl
/home/myusername/go/src/github.com/mvdan/fdroidcl/cmd/fdroidcl
/home/myusername/go/bin/fdroidcl
Nice, but now when I start the initial command:
$ fdroidcl updateDownloading https://f-droid.org/repo/index.jar...
update: could not update index: Get https://f-droid.org/repo/index.jar: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: algorithm unimplemented" while trying to verify candidate authority certificate "COMODO RSA Certification Authority")
This is most likely a failure due to self-signed certificate. A quick fix would be to use http://
instead of https://
(in case of f-droid.org
it is currently possible), so I tried changing ~/go/src/github.com/mvdan/fdroidcl/cmd/fdroidcl/main.go
:
var config = userConfig{
Repos: []repo{
{
ID: "f-droid",
//URL: "https://f-droid.org/repo",
URL: "http://f-droid.org/repo",
Enabled: true,
},
{
ID: "f-droid-archive",
//URL: "https://f-droid.org/archive",
URL: "http://f-droid.org/archive",
Enabled: false,
},
},
}
... but the command is actually binary:
$ file $(which fdroidcl)
~/go/bin/fdroidcl: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=cd1dc87b54f9023983511ef46fda15a4d88dcb2d, not stripped
... which means I'd have to somehow re-build this application from source in order to get those changes in - how would I do that?
Furthermore, there may be other apps with self-signed https certificates that would break, so I'd much rather skip SSL / X509 verification. It seems that, as golang: How to do a https request with bad certificate? points out, that one should do in code:
tr := http.DefaultTransport.(*http.Transport)
tr.TLSClientConfig.InsecureSkipVerify = true
... which again requires hacking/recompiling the source code - but isn't there some sort of a environment variable to help that, like GIT_SSL_NO_VERIFY
for git
?