fastest_pkg.py: HTTPS by grahamperrin · Pull Request #7 · ehaupt/fastest_pkg

grahamperrin · 2023-09-15T19:44:08Z

Towards consistency with pkg: use https by default · freebsd/freebsd-src@d557a86

d557a86c879a pkg: use https by default

From https://reviews.freebsd.org/D40473:

… base is providing a CA root bundle suitable to validate the certificates used by the project. …

Cross-reference: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273833

Towards consistency with freebsd/freebsd-src@d557a86 d557a86c879a pkg: use https by default

grahamperrin · 2023-09-15T19:49:14Z

In addition, will changes to lines 87 and 89 be appropriate? In ehaupt:master:

fastest_pkg/fastest_pkg/fastest_pkg.py

Lines 86 to 89 in ddf442a

    
           try: 
        
               pkg_mirrors = resolver.resolve("_http._tcp.pkg.all.freebsd.org", "SRV") 
        
           except AttributeError: 
        
               pkg_mirrors = resolver.query("_http._tcp.pkg.all.freebsd.org", "SRV")

More generally, I guess that a change to HTTPS should not be made until the bundle becomes broadly available to end users.

ehaupt · 2023-10-02T11:59:28Z

When using HTTPS the SRV query should probably be adjusted even though the list is currently identical apart from the port (which is not used in the script).

$ dig +short -t srv _http._tcp.pkg.all.freebsd.org
50 10 80 pkg0.bbt.freebsd.org.
50 10 80 pkg0.bme.freebsd.org.
50 10 80 pkg0.bra.freebsd.org.
50 10 80 pkg0.fra.freebsd.org.
50 10 80 pkg0.isc.freebsd.org.
50 10 80 pkg0.kul.freebsd.org.
50 10 80 pkg0.kwc.freebsd.org.
50 10 80 pkg0.nyi.freebsd.org.
50 10 80 pkg0.tuk.freebsd.org.
50 10 80 pkg0.twn.freebsd.org.
50 10 80 pkg0.jinx.freebsd.org.

$ dig +short -t srv _https._tcp.pkg.all.freebsd.org
50 10 443 pkg0.bbt.freebsd.org.
50 10 443 pkg0.bme.freebsd.org.
50 10 443 pkg0.bra.freebsd.org.
50 10 443 pkg0.fra.freebsd.org.
50 10 443 pkg0.isc.freebsd.org.
50 10 443 pkg0.kul.freebsd.org.
50 10 443 pkg0.kwc.freebsd.org.
50 10 443 pkg0.nyi.freebsd.org.
50 10 443 pkg0.tuk.freebsd.org.
50 10 443 pkg0.twn.freebsd.org.
50 10 443 pkg0.jinx.freebsd.org.

I am in favor of introducing a command line option for disabling HTTPS but use it by default. Maybe --disable-ssl. Thoughts?

grahamperrin · 2023-10-06T00:04:56Z

Thoughts?

Thinking … if you become impatient, after a few days or weeks, nudge me :)

grahamperrin · 2025-11-01T10:35:25Z

after a few days or weeks,

or years, LOL!

I think, please do whatever pleases you :-)

fastest_pkg.py: HTTPS

840d2c9

Towards consistency with freebsd/freebsd-src@d557a86 d557a86c879a pkg: use https by default

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fastest_pkg.py: HTTPS#7

fastest_pkg.py: HTTPS#7
grahamperrin wants to merge 1 commit into
ehaupt:masterfrom
grahamperrin:patch-1

grahamperrin commented Sep 15, 2023 •

edited

Loading

Uh oh!

grahamperrin commented Sep 15, 2023

Uh oh!

ehaupt commented Oct 2, 2023

Uh oh!

grahamperrin commented Oct 6, 2023

Uh oh!

grahamperrin commented Nov 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

grahamperrin commented Sep 15, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

grahamperrin commented Sep 15, 2023

Uh oh!

ehaupt commented Oct 2, 2023

Uh oh!

grahamperrin commented Oct 6, 2023

Uh oh!

grahamperrin commented Nov 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

grahamperrin commented Sep 15, 2023 •

edited

Loading