tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkgsrc vs. https-only master sites
On Mon, Feb 23, 2015 at 03:46:13PM +0100, Tobias Nygren wrote:
> Platforms with builtin openssl will already DTRT I think? Including
> openssl in the bootstrap procedure is probably not a viable as it
> requires perl5 and godknowswhatelse.
>
> > It's mostly SMOP, but it involves the bootstrap process and no-one was
> > motivated enough yet to tackle it.
>
> How about if bootstrap uses regular non-openssl tnftp, and we create a
> separate "tnftp-ssl" package that avoids conflict with tnftp and can be
> depended on later when the bootstrap is done?
Well, but if you follow the plan to make it ssl-aware ftp default,
then it'll be the first package everyone will have to build and you
might as well include it in the bootstrap. What's the difference? At
the very least you would need to mark openssl and its dependencies as
not needing https support.
> True in a sense, but OTOH we have distinfo checksums and this is a
> primarily a matter of downloading the file, not downloading it securely.
Yeah, good enough for me.
Thomas
Home |
Main Index |
Thread Index |
Old Index