* On 2019-07-18 at 14:45 BST, Jason Bacon wrote:
The question that remains is why does https work in PKG_PATH for 99% of
packages, but not for a handful of dependencies? It seems that PKG_PATH
must be configured correctly in very rare cases, even though pkg_add is not
downloading anything.
I confirmed that all packages are present in
/sharedapps/pkg-2019Q2/var/db/pkgin/cache/.
I think the real solution on our end is to rebuild pkg_install with SSL
support. This will ensure security in case someone bypasses pkgin. ( Or I
may have another go at building with SSL support during bootstrap, although
that was not practical before for reasons I can't remember. )
I'd still like to understand what's going on here, though.
My best guess is that your shell wrapper is sourcing a PKG_PATH
variable from some rc file and that is confusing things.
pkgin explicitly unsets PKG_PATH prior to calling pkg_add, but this
would be overridden if your wrapper is inserting it again, and that
might change the lookup logic used (which would normally look for
package dependencies within the same pkgin cache directory).
A strace might be enlightening as to what is actually going on.
pkgin does its own downloading of packages, it doesn't use the
PKG_PATH setting in pkg_install.conf, so the https isn't working, it's
just being exposed as broken in certain situations.