FreeBSD Mail Archives

Date:      Mon, 13 Mar 2017 14:06:05 +0100
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        Eitan Adler <lists@eitanadler.com>, Tijl Coosemans <tijl@freebsd.org>, "ports-secteam@freebsd.org" <ports-secteam@freebsd.org>
Cc:        FreeBSD Ports <ports@freebsd.org>, Gerald Pfeifer <gerald@pfeifer.com>, Jan Beich <jbeich@freebsd.org>, Ports Management Team <portmgr@freebsd.org>
Subject:   Re: bsd.sites.mk: Do we prefer http or https (or both)
Message-ID:  <34e570e8-c776-46c2-282e-4a8eb86494ba@FreeBSD.org>
In-Reply-To: <CAF6rxgneWn%2BCoxoqvvJT1hVQLXD9HMZWMusoNUuAayiGeSCFqw@mail.gmail.com>
References:  <20170311113355.0f3f8b77@kalimero.tijl.coosemans.org> <20170311121851.715B55859@freefall.freebsd.org> <20170311181339.58bcf2a8@kalimero.tijl.coosemans.org> <CAF6rxgneWn%2BCoxoqvvJT1hVQLXD9HMZWMusoNUuAayiGeSCFqw@mail.gmail.com>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--UpVXLFNUVf7mCCC6mINcKQc0XeCUwi4KG
Content-Type: multipart/mixed; boundary="NnSafco4jJQr1xNx2TF8MgDxX2q96h2x3";
 protected-headers="v1"
From: Mathieu Arnold <mat@FreeBSD.org>
To: Eitan Adler <lists@eitanadler.com>, Tijl Coosemans <tijl@freebsd.org>,
 "ports-secteam@freebsd.org" <ports-secteam@freebsd.org>
Cc: FreeBSD Ports <ports@freebsd.org>, Gerald Pfeifer <gerald@pfeifer.com>,
 Jan Beich <jbeich@freebsd.org>, Ports Management Team <portmgr@freebsd.org>
Message-ID: <34e570e8-c776-46c2-282e-4a8eb86494ba@FreeBSD.org>
Subject: Re: bsd.sites.mk: Do we prefer http or https (or both)
References: <20170311113355.0f3f8b77@kalimero.tijl.coosemans.org>
 <20170311121851.715B55859@freefall.freebsd.org>
 <20170311181339.58bcf2a8@kalimero.tijl.coosemans.org>
 <CAF6rxgneWn+CoxoqvvJT1hVQLXD9HMZWMusoNUuAayiGeSCFqw@mail.gmail.com>
In-Reply-To: <CAF6rxgneWn+CoxoqvvJT1hVQLXD9HMZWMusoNUuAayiGeSCFqw@mail.gmail.com>

--NnSafco4jJQr1xNx2TF8MgDxX2q96h2x3
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Le 11/03/2017 =C3=A0 19:32, Eitan Adler a =C3=A9crit :
> On 11 March 2017 at 09:13, Tijl Coosemans <tijl@freebsd.org> wrote:
>> On Sat, 11 Mar 2017 12:18:51 +0000 (UTC) jbeich@freebsd.org (Jan Beich=
) wrote:
>>> Tijl Coosemans <tijl@FreeBSD.org> writes:
>>>> On Sat, 11 Mar 2017 10:53:01 +0100 (CET) Gerald Pfeifer <gerald@pfei=
fer.com> wrote:
>>>>> As some of you may have seen, I have done a bit of work on
>>>>> bsd.sites.mk recently.
>>>>>
>>>>> One question I ran into:  If a site offers both HTTPS and HTTP,
>>>>> which of the two do we prefer?  (Or do we want to list both?)
>>>> https first for people that run 'make makesum'.
>>> It was made MITM-friendly sometime ago.
>>>
>>> https://svnweb.freebsd.org/changeset/ports/324051
>> Ugh, can portmgr approve the attached patch?
> I can't approve on behalf of portmgr but I'd like to echo this
> request on behalf of ports-secteam. Maintainers rarely verify the
> hashes that makesum generates.
>
> I wish we can go further and filter out non-HTTPS sites during makesum.=


This should be pretty easy to do with the existing MASTER_SORT feature.

--=20
Mathieu Arnold



--NnSafco4jJQr1xNx2TF8MgDxX2q96h2x3--

--UpVXLFNUVf7mCCC6mINcKQc0XeCUwi4KG
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJYxplEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz
QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85I30cQAKJaGKGhwJORRkC1h9gvvW4i
tul9s+ylXu9WH04Agdrzc4UAx0IXnn1UDbsJ+nOEeV8gZ71ImU+TeNkMGfq61CEh
NkvnYiaQD7NzrCnJdF5XB3YHkK5v5eNRa7lvp5lf6yz037AJbGOBlHaNzxdEqSkJ
5rMGhkaBx10/WBMrQuV0PaevDCjHW4tvYR4Z6+PpyNioQibJJRTST2KaxMWzO7fN
TaZSUM4Ys9lW57WI0dwE1t/P/hO1uiZSxe4c1+E/6LJNLO6CX6Mbk/fmxYQhkbWZ
SP8pH4tEICy9VTg/4EtGXr4haKq3oSZRzrBM8hfHEZnxJvAkbVprtbiRKrOTaMsf
5Y9mEQQEl+njel0icy56PXxTJSSAAaTG3Yrrd6pwIt7RYlMM4/jJikfrEZOq1VOM
kTGj2MrfMxZbyJyn1/id6eKQslCz9CQCYzTbk3jAVxGVv7JLJ+K0tGFFBt2jSiYW
Vxod6K0eBGu7QmkoKujnm7fUBAJb8U4cqpbCDoN9NnHodfZl8XguRvm3A3RkFe6D
EWVe8UiV3hrw6S5QF1YAn8FF0SLAd9K8X3WwYsDjGay8EQ4KaAz8AZgwTrkWPsQm
EDLTdo2AIA42ZqzsdHzTgTCUIgChnfmv9gpd21a6DrUVQLp6XjYJYUIzcrLDvTjK
5M2uWA/O9gPzbKDgj/1d
=Yu86
-----END PGP SIGNATURE-----

--UpVXLFNUVf7mCCC6mINcKQc0XeCUwi4KG--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34e570e8-c776-46c2-282e-4a8eb86494ba>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation