[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: source file audit - 2009-11-01



On Thu, Nov 05, 2009 at 09:33:48PM +0200, Ville Skyttä wrote:
> On Thursday 05 November 2009, Jason L Tibbitts III wrote:
> > >>>>> "KF" == Kevin Fenzi <kevin scrye com> writes:
> > 
> > KF> Well, the script I am running uses 'spectool -g' and indeed, it
> > KF> doesn't handle self signed certs:
> > 
> > Honestly, I find it easier to just hack spectool rather than reject
> > valid URLs that just happen to use self-signed certificates.  You might
> > also be able to tweak /etc/fedora/wgetrc to achieve the same thing.
> 
> Unless there are objections, I'll make spectool use wget --no-check-
> certificate in the next rpmdevtools release (internally, because shipping a 
> /etc/fedora/wgetrc would be a backwards incompatible change that could break 
> stuff).

Please make it also an paramater, e.g. only
spectool -g --no-check-certificate foo.spec

will disable the certificate checking. In case upstream provides a https
URL with a well known CA, it should be easily for packagers to use it to
update their package.

Regards
Till

Attachment: pgpvZjZdTAuUf.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]