source file audit - 2009-11-01
Till Maas
opensource at till.name
Fri Nov 6 08:39:59 UTC 2009
On Thu, Nov 05, 2009 at 09:33:48PM +0200, Ville Skyttä wrote:
> On Thursday 05 November 2009, Jason L Tibbitts III wrote:
> > >>>>> "KF" == Kevin Fenzi <kevin at scrye.com> writes:
> >
> > KF> Well, the script I am running uses 'spectool -g' and indeed, it
> > KF> doesn't handle self signed certs:
> >
> > Honestly, I find it easier to just hack spectool rather than reject
> > valid URLs that just happen to use self-signed certificates. You might
> > also be able to tweak /etc/fedora/wgetrc to achieve the same thing.
>
> Unless there are objections, I'll make spectool use wget --no-check-
> certificate in the next rpmdevtools release (internally, because shipping a
> /etc/fedora/wgetrc would be a backwards incompatible change that could break
> stuff).
Please make it also an paramater, e.g. only
spectool -g --no-check-certificate foo.spec
will disable the certificate checking. In case upstream provides a https
URL with a well known CA, it should be easily for packagers to use it to
update their package.
Regards
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091106/8d5f03c0/attachment.sig>
More information about the fedora-devel-list
mailing list