From nobody Mon Jan 24 15:05:02 2022 X-Original-To: ports@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8B9C71985213 for ; Mon, 24 Jan 2022 15:05:20 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from mail.rlwinm.de (mail.rlwinm.de [138.201.35.217]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4JjCvz437gz3rDV for ; Mon, 24 Jan 2022 15:05:19 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from [IPV6:2001:16b8:64c6:8a00:9c00:5f91:1eb0:9327] (unknown [IPv6:2001:16b8:64c6:8a00:9c00:5f91:1eb0:9327]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits)) (No client certificate requested) by mail.rlwinm.de (Postfix) with ESMTPSA id A5DCD3A034 for ; Mon, 24 Jan 2022 15:05:17 +0000 (UTC) Message-ID: <294d58ca-8e22-3f85-639c-5ab7b975ab6d@rlwinm.de> Date: Mon, 24 Jan 2022 16:05:02 +0100 List-Id: Porting software to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-ports List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports@freebsd.org X-BeenThere: freebsd-ports@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: Deprecation of the ftp support in pkg Content-Language: en-US To: ports@freebsd.org References: <202201240956.20O9u7KF023714@nuc.oldach.net> From: Jan Bramkamp In-Reply-To: <202201240956.20O9u7KF023714@nuc.oldach.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4JjCvz437gz3rDV X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of crest@rlwinm.de designates 138.201.35.217 as permitted sender) smtp.mailfrom=crest@rlwinm.de X-Spamd-Result: default: False [-3.29 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[ports@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.991]; DMARC_NA(0.00)[rlwinm.de]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; MLMMJ_DEST(0.00)[ports]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:138.201.0.0/16, country:DE]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[2001:16b8:64c6:8a00:9c00:5f91:1eb0:9327:received] X-ThisMailContainsUnwantedMimeParts: N On 24.01.22 10:56, Helge Oldach wrote: > Jose Quinteiro wrote on Mon, 24 Jan 2022 07:40:03 +0100 (CET): >> On 1/23/22 13:12, Helge Oldach wrote: >>> Stefan Esser wrote on Sun, 23 Jan 2022 21:08:30 +0100 (CET): >>>> Am 23.01.22 um 18:12 schrieb Jose Quinteiro: >>>>> On 1/23/22 09:06, tech-lists wrote: >>>>>> On Sun, Jan 23, 2022 at 08:55:09AM -0800, Jose Quinteiro wrote: >>>>>> >>>>>>> You can run HTTP on a non-standard port. For example, 8080 is commonly >>>>>>> used. As an added bonus, this means that the HTTP server need not run as >>>>>>> root. >>>>>> Unless I'm mistaken, there is no web server in base. There is though, an >>>>>> ftp server. >>>>> Touche. I wouldn't mind having Thttpd in base. >>>>> https://www.acme.com/software/thttpd/ >>>> An interesting idea, we have it as a port in www/thttpd. >>> Does thttpd support SSL in the meantime? I suspect that is an option people would ask for instantly. >>> >> It does not. This is by design. It is really meant to be as small and >> simple as possible. > www/webfs is significantly simpler and smaller (5k LOC compared to > thttpd's 17k) and lacks SSL as well. > > I'd say importing NetBSD's or OpenBSD's httpd would be the better option > then - www/obhttpd is in ports already. Apart from serving pkg purposes > (as discussed here) it will bring in a resonable http server and feature > parity with *BSD. Can the OpenBSD httpd be relied on to work with the OpenSSL version included in base? One of the problems with OpenBSD daemons is that an ever increasing number of them dropped support for the complex and error prone OpenSSL API and replaced them with the simpler libtls API calls only available as part of LibreTLS. There is also a trend among recently (re-)written daemons to rely heavily on pledge() and unveil() for security going as far as replacing the elaborate priv-sep designs used previously by OpenBSD for their daemons.