From owner-freebsd-pkg@freebsd.org Sat Sep 12 06:36:43 2020 Return-Path: Delivered-To: freebsd-pkg@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 183D13F5B57 for ; Sat, 12 Sep 2020 06:36:43 +0000 (UTC) (envelope-from andrew@lists.savchenko.net) Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BpNFP74YBz4TPW for ; Sat, 12 Sep 2020 06:36:41 +0000 (UTC) (envelope-from andrew@lists.savchenko.net) Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4BpNFM2blzzQlQ9 for ; Sat, 12 Sep 2020 08:36:39 +0200 (CEST) X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp2.mailbox.org ([80.241.60.241]) by spamfilter05.heinlein-hosting.de (spamfilter05.heinlein-hosting.de [80.241.56.123]) (amavisd-new, port 10030) with ESMTP id rY3VPjUnFnWx for ; Sat, 12 Sep 2020 08:36:35 +0200 (CEST) Date: Sat, 12 Sep 2020 16:06:27 +0930 From: Andrew Savchenko Message-ID: <867747272.20200912160627@savchenko.net> To: freebsd-pkg@freebsd.org Subject: Re[2]: Switching `pkg` to HTTPS by default MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-MBO-SPAM-Probability: X-Rspamd-Score: -5.68 / 15.00 / 15.00 X-Rspamd-UID: 0b1d16 X-Rspamd-Queue-Id: 4BpNFP74YBz4TPW X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=lists.savchenko.net; spf=pass (mx1.freebsd.org: domain of andrew@lists.savchenko.net designates 80.241.56.172 as permitted sender) smtp.mailfrom=andrew@lists.savchenko.net X-Spamd-Result: default: False [-3.15 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.012]; FREEFALL_USER(0.00)[andrew]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:80.241.56.0/21]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pkg@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.02)[-1.017]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-0.22)[-0.220]; DMARC_POLICY_ALLOW(-0.50)[lists.savchenko.net,none]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:199118, ipnet:80.241.56.0/21, country:DE]; RCVD_TLS_LAST(0.00)[]; MAILMAN_DEST(0.00)[freebsd-pkg]; RCVD_IN_DNSWL_LOW(-0.10)[80.241.56.172:from] X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Sep 2020 06:36:43 -0000 Hello Baptiste, Friday, September 11, 2020, 11:52:23 PM, you wrote: > Sorry I completly miss read your report > yes this is a bug I will look into it > What does pkg -vv tell you ? No worries at all. CA roots are installed from pkg via HTTP. $ pkg -vv Version : 1.14.5 PKG_DBDIR = "/var/db/pkg"; PKG_CACHEDIR = "/var/cache/pkg"; PORTSDIR = "/usr/ports"; INDEXDIR = ""; INDEXFILE = "INDEX-12"; HANDLE_RC_SCRIPTS = false; DEFAULT_ALWAYS_YES = false; ASSUME_ALWAYS_YES = false; REPOS_DIR [ "/etc/pkg/", "/usr/local/etc/pkg/repos/", ] PLIST_KEYWORDS_DIR = ""; SYSLOG = true; ABI = "FreeBSD:12:amd64"; ALTABI = "freebsd:12:x86:64"; DEVELOPER_MODE = false; VULNXML_SITE = "https://vuxml.freebsd.org/freebsd/vuln.xml.bz2"; FETCH_RETRY = 3; PKG_PLUGINS_DIR = "/usr/local/lib/pkg/"; PKG_ENABLE_PLUGINS = true; PLUGINS [ ] DEBUG_SCRIPTS = false; PLUGINS_CONF_DIR = "/usr/local/etc/pkg/"; PERMISSIVE = false; REPO_AUTOUPDATE = true; NAMESERVER = ""; HTTP_USER_AGENT = "pkg/1.14.5"; EVENT_PIPE = ""; FETCH_TIMEOUT = 30; UNSET_TIMESTAMP = false; SSH_RESTRICT_DIR = ""; PKG_ENV { } PKG_SSH_ARGS = ""; DEBUG_LEVEL = 0; ALIAS { all-depends = "query %dn-%dv"; annotations = "info -A"; build-depends = "info -qd"; cinfo = "info -Cx"; comment = "query -i \"%c\""; csearch = "search -Cx"; desc = "query -i \"%e\""; download = "fetch"; iinfo = "info -ix"; isearch = "search -ix"; prime-list = "query -e '%a = 0' '%n'"; prime-origins = "query -e '%a = 0' '%o'"; leaf = "query -e '%#r == 0' '%n-%v'"; list = "info -ql"; noauto = "query -e '%a == 0' '%n-%v'"; options = "query -i \"%n - %Ok: %Ov\""; origin = "info -qo"; provided-depends = "info -qb"; rall-depends = "rquery %dn-%dv"; raw = "info -R"; rcomment = "rquery -i \"%c\""; rdesc = "rquery -i \"%e\""; required-depends = "info -qr"; roptions = "rquery -i \"%n - %Ok: %Ov\""; shared-depends = "info -qB"; show = "info -f -k"; size = "info -sq"; } CUDF_SOLVER = ""; SAT_SOLVER = ""; RUN_SCRIPTS = true; CASE_SENSITIVE_MATCH = false; LOCK_WAIT = 1; LOCK_RETRIES = 5; SQLITE_PROFILE = false; WORKERS_COUNT = 0; READ_LOCK = false; PLIST_ACCEPT_DIRECTORIES = false; IP_VERSION = 0; AUTOMERGE = true; VERSION_SOURCE = ""; CONSERVATIVE_UPGRADE = true; PKG_CREATE_VERBOSE = false; AUTOCLEAN = false; DOT_FILE = ""; REPOSITORIES { } VALID_URL_SCHEME [ "pkg+http", "pkg+https", "https", "http", "file", "ssh", "ftp", "ftps", "pkg+ssh", "pkg+ftp", "pkg+ftps", ] ALLOW_BASE_SHLIBS = false; WARN_SIZE_LIMIT = 1048576; METALOG = ""; OSVERSION = 1201000; IGNORE_OSVERSION = false; BACKUP_LIBRARIES = false; BACKUP_LIBRARY_PATH = "/usr/local/lib/compat/pkg"; Repositories: FreeBSD: { url : "pkg+https://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly", enabled : yes, priority : 0, mirror_type : "SRV", signature_type : "FINGERPRINTS", fingerprints : "/usr/share/keys/pkg" } -- Regards, A