Closed tghoward closed 3 months ago
Here's an example of the behavior I'm describing. (default install.packages
only works with REVOKE_BEST_EFFORT set to TRUE, but pak will happily do the install with it set to FALSE).
> Sys.setenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT" = "FALSE")
> Sys.getenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT")
[1] "FALSE"
> pak::pkg_install("fortunes")
→ Will install 1 package.
→ Will download 1 CRAN package (210.45 kB).
+ fortunes 1.5-4 [dl] (210.45 kB)
ℹ Getting 1 pkg (210.45 kB)
✔ Got fortunes 1.5-4 (i386+x86_64-w64-mingw32) (210.45 kB)
✔ Downloaded 1 package (210.45 kB) in 1.4s
✔ Installed fortunes 1.5-4 (126ms)
✔ 1 pkg: added 1, dld 1 (210.45 kB) [2.1s]
> Sys.getenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT")
[1] "FALSE"
> remove.packages("fortunes")
Removing package from ‘F:/softwareInstalls/R_packages’
(as ‘lib’ is unspecified)
> install.packages("fortunes")
WARNING: Rtools is required to build R packages but is not currently installed. Please download and install the appropriate version of Rtools before proceeding:
https://cran.rstudio.com/bin/windows/Rtools/
Installing package into ‘F:/softwareInstalls/R_packages’
(as ‘lib’ is unspecified)
trying URL 'https://cran.rstudio.com/bin/windows/contrib/4.3/fortunes_1.5-4.zip'
Warning in install.packages :
URL 'https://cran.rstudio.com/bin/windows/contrib/4.3/fortunes_1.5-4.zip': status was 'SSL connect error'
Error in download.file(url, destfile, method, mode = "wb", ...) :
cannot open URL 'https://cran.rstudio.com/bin/windows/contrib/4.3/fortunes_1.5-4.zip'
Warning in install.packages :
download of package ‘fortunes’ failed
> Sys.setenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT" = "TRUE")
> Sys.getenv("R_LIBCURL_SSL_REVOKE_BEST_EFFORT")
[1] "TRUE"
> install.packages("fortunes")
WARNING: Rtools is required to build R packages but is not currently installed. Please download and install the appropriate version of Rtools before proceeding:
https://cran.rstudio.com/bin/windows/Rtools/
Installing package into ‘F:/softwareInstalls/R_packages’
(as ‘lib’ is unspecified)
trying URL 'https://cran.rstudio.com/bin/windows/contrib/4.3/fortunes_1.5-4.zip'
Content type 'application/zip' length 210446 bytes (205 KB)
downloaded 205 KB
package ‘fortunes’ successfully unpacked and MD5 sums checked
> sessionInfo()
R version 4.3.1 (2023-06-16 ucrt)
Platform: x86_64-w64-mingw32/x64 (64-bit)
Running under: Windows 10 x64 (build 19045)
Matrix products: default
locale:
[1] LC_COLLATE=English_United States.utf8 LC_CTYPE=English_United States.utf8
[3] LC_MONETARY=English_United States.utf8 LC_NUMERIC=C
[5] LC_TIME=English_United States.utf8
time zone: America/New_York
tzcode source: internal
attached base packages:
[1] stats graphics grDevices utils datasets methods base
loaded via a namespace (and not attached):
[1] compiler_4.3.1 tools_4.3.1 rstudioapi_0.15.0 pak_0.7.2
>
I don't know. pak does not use that environment variable. That is for R, not for libcurl.
Yes, it's an R variable, but I think it's telling libcurl to use "CURLSSLOPT_REVOKE_BEST_EFFORT" as described here: https://curl.se/libcurl/c/CURLOPT_PROXY_SSL_OPTIONS.html
What SSL options does pak
use in libcurl?
What SSL options does pak use in libcurl?
None.
Okay. Thanks for your replies and comments!
With an update to R at 4.2.1, curl started detecting MITM issues on enterprise networks. This is described here:
https://bugs.r-project.org/show_bug.cgi?id=18379
and the fix is to set the environment variable R_LIBCURL_SSL_REVOKE_BEST_EFFORT = "TRUE"
pak
doesn't seem to need this environment variable setting. Can you explain why? Is it related to the proxy settings? (https://github.com/r-lib/pak/issues/143)Thanks, Tim