Date: Mon, 19 Jan 2015 12:44:54 +0000 From: Mohit Hasija <MH00122988@TechMahindra.com> To: Baptiste Daroussin <bapt@freebsd.org>, "pkg@freebsd.org" <pkg@freebsd.org> Subject: RE: Please help regarding usage of client certifcates with pkg command used on freeBSD Message-ID: <005efbaf6e8a4d6fa6800a5e25383d26@NODEXCHMBX003.TechMahindra.com> In-Reply-To: <9ad51442a3c72408e067ef1d1af8ee6e@mail.etoilebsd.net> References: <afee7e679b57440a9006c1d5ba6892c1@NODEXCHMBX001.TechMahindra.com>, <9ad51442a3c72408e067ef1d1af8ee6e@mail.etoilebsd.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear Baptiste, we have found from the pkg source code that the environment variables SSL= _CLIENT_CERT_FILE and SSL_CLIENT_KEY_FILE are required to be set before u= sing client certificates with pkg. In order to automate the setting of environment variables, before pkg beg= ins https authentication with a remote repository server, we decided to u= se plugins feature of pkg.We decided to write a callback function that wo= uld be called at appropriate time and set the environment variables. However, after much R&D, we could not find any HOOK that could be used to= register a callback function, which could be called before https authent= ication takes place. Hence, we have decided to use pkg_plugin_init() function for setting the = environment variables.This function is called every time a pkg command is= executed and hence we can set the environment variables.In pkg_plugin_sh= utdown() function, we can remove the environment variables. Please suggest any better method to set the environment variables or prov= ide your feedback on our approach. regards Mohit Hasija Mobile No.: +91-9958302266 ________________________________________ From: Baptiste Daroussin <baptiste.daroussin@gmail.com> on behalf of Bapt= iste Daroussin <bapt@freebsd.org> Sent: Monday, January 19, 2015 4:37 PM To: Mohit Hasija; portmgr@FreeBSD.org Cc: pkg@freebsd.org Subject: Re: Please help regarding usage of client certifcates with pkg c= ommand used on freeBSD January 1 2015 8:09 AM, "Mohit Hasija" <mh00122988@techmahindra.com> wrot= e: > Dear Pkg port Manager, > > We intend to use client certificates for https authentication during re= treival of a package from a > custom repository built at remote location. > > We want to know the following: > > 1.Is there inbuilt support for usage of client certifcates with "pkg" c= omamnd on freeBSD 10.1 > release? > > In case Yes, how can we use the client certifcates with pkg on freeBSD? > > In case No, how can we add support to pkg with minimal effrts for using= client certifcates? > > Awaiting an early reply... > > regards > > Mohit Hasija > Mobile No.: +91-9958302266 pkg(8) is using libfetch to handle http(s) and I'm not sure libfetch does= support such feature. Adding such feature to libfetch would be great but that would also means = it will not find its way to FreeBSD 10.1 as FreeBSD 10.1 is already relea= sed. FYI: I added pkg@FreeBSD.org to CC as it is the right list to discuss suc= h things. Best regards, Bapt =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0D Disclaimer: This message and the information contained herein is proprie= tary and confidential and subject to the Tech Mahindra policy statement, = you may review the policy at http://www.techmahindra.com/Disclaimer.html = externally http://tim.techmahindra.com/tim/disclaimer.html internally wit= hin TechMahindra.=0D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0D
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005efbaf6e8a4d6fa6800a5e25383d26>