tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ftp enhancements

Jean-Yves Migeon <> writes:

> Le 18/03/13 16:20, a écrit :
>> On Mon, Mar 18, 2013 at 11:08:25AM -0400, Greg Troxel wrote:
>>> The issue is that pkgsrc has to run on all systems.  So what we really
>>> need is some mechanism to know about each platform's capability and do
>>> the right thing.  It used to be that https fetch was odd, and now it
>>> isn't, so this probably needs some work.
>> This was basically my next pair of questions. If we aren't currently
>> handling this in, could we put it on the task list for next
>> quarter? It would obsolete the necessity for FETCH_USING=curl/wget in
>> many package Makefiles for https/ftps URLs. Then, we could also add a
>> warning to pkglint to let the developer know that such an addition is
>> not necessary anymore and update the documentation to clarify this.

We don't really have task lists.  But if you want to send a patch
(especially one that you've testted :-) people will look at it.

> Why is there so many packages using TLS/SSL then? Unless we provide a
> list of acceptable certificates or CAs to validate server-side certs,
> having SSL/TLS does not bring any real benefit.

It's not a question of us deciding there's benefit.  You're quite right
that the whole hundred-CAs TLS situation is a bit odd.  The real point
is that there are a number of packages for which the distfiles are
*only* available via https.  So we have to fetch them that way.

Attachment: pgpUkvwmQpBdJ.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index