[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: source file audit - 2009-11-01

On Thu, 5 Nov 2009 11:39:04 +0000
"Richard W.M. Jones" <rjones redhat com> wrote:

> On Wed, Nov 04, 2009 at 05:18:16PM -0700, Kevin Fenzi wrote:
> > rjones:BADURL:ocaml-autoconf-1.1.tar.gz:ocaml-autoconf
> False alarm?  Both the URL and Source0 work for me, but note that the
> site has a self-signed certificate so you need
> "--no-check-certificate" or the equivalent to download the source:
>   wget --no-check-certificate
> https://forge.ocamlcore.org/frs/download.php/282/ocaml-autoconf-1.1.tar.gz

Well, the script I am running uses 'spectool -g' and indeed, it doesn't
handle self signed certs: 

--2009-11-02 03:15:09--  https://forge.ocamlcore.org/frs/download.php/282/ocaml-autoconf-1.1.tar.gz
Resolving forge.ocamlcore.org...
Connecting to forge.ocamlcore.org||:443... connected.
ERROR: cannot verify forge.ocamlcore.org's certificate, issued by `/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support cacert org':
  Unable to locally verify the issuer's authority.
To connect to forge.ocamlcore.org insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.

Would it be possible to use a http link there?

> > rjones:BADSOURCE:pa_do-0.8.10.tar.gz:ocaml-pa-do
> This is the same hosting provider as above, and I can definitely
> access the URL and Source0 from here.
>   wget --no-check-certificate
> http://forge.ocamlcore.org/frs/download.php/273/pa_do-0.8.10.tar.gz

Yeah, same issue. 

> > rjones:BADURL:coccinelle-0.1.10.tgz:coccinelle
> Upstream moved their website hosting.  Fixed by rebuilding all the
> branches.
> > rjones:BADURL:febootstrap-2.5.tar.gz:febootstrap
> Fixed (upstream website problem).
> > rjones:BADURL:libpng-1.2.37.tar.bz2:mingw32-libpng
> Ugghh, upstream like to remove old copies of their source tarballs.
> Fixed and rebuilt in Rawhide only, because I don't want to push
> unstable updates to the other branches and there's no way to fix those
> other branches if the upstream tarball has gone.

No need to build anything for these... just correct the links and it
should go out with the next update for something else. ;) 


Attachment: signature.asc
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]