Add option to skip SSL checks

[moritzwilksch]

Problem

When downloading sources from servers with misconfigured certs, it would be nice to be able to skip rattler-build's internal SSL checks.

Repro

# recipe.yaml
context:
  version: '1.1.0'

package:
  name: lua-lpeg
  version: ${{ version }}

source:
  - url: http://www.inf.puc-rio.br/~roberto/lpeg/lpeg-${{ version }}.tar.gz
    sha256: 4b155d67d2246c1ffa7ad7bc466c1ea899bbc40fef0257cc9c03cecbaed4352a

➜  lua-lpeg-feedstock git:(win) ✗ rattler-build build -r recipe/

 ╭─ Finding outputs from recipe
 │ Found 1 variants
 │ Build variant: lua-lpeg-1.1.0-hb0f4dca_0
 │
 │ ╭─────────────────┬──────────╮
 │ │ Variant         ┆ Version  │
 │ ╞═════════════════╪══════════╡
 │ │ target_platform ┆ linux-64 │
 │ ╰─────────────────┴──────────╯
 │
 ╰─────────────────── (took 0 seconds)
Error:   × Failed to download source from url: error sending request for url (https://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.1.0.tar.gz)
  ├─▶ error sending request for url (https://www.inf.puc-rio.br/~roberto/lpeg/lpeg-1.1.0.tar.gz)
  ├─▶ client error (Connect)
  ├─▶ error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:2091: (unable to get local issuer certificate)
  ╰─▶ error:0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:2091:

[wolfv]

The URL alos looks as if the ${{ version }} wasn't part of it.

[moritzwilksch]

oops, fixed it, error remains the same

[wolfv]

I think this is the reqwest client we would need to configure: https://github.com/wolfv/rattler-build/blob/3ad69f0e37e028fc5bc50d8ee2d9d6c021b4d621/src/source/url_source.rs#L69-L70

Should probably add it to the tool config, in fact.

[pavelzw]

xref conda-forge/lua-lpeg-feedstock#13