git: DragonFly_RELEASE_5_6 build - Update pkg-static to version 03, bootstrap https

Matthew Dillon dillon at crater.dragonflybsd.org
Thu Aug 1 19:44:29 PDT 2019


commit 2ea76c0bd4a124d77106d1564fbe7fc69c97d7e2
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sat Jul 27 21:42:23 2019 -0700

    build - Update pkg-static to version 03, bootstrap https
    
    * There appears to be a database versioning issue between pkg-static
      and pkg on master, re-synchronize the pkg-static tarball.
    
    * Currently the pkg bootstrap installs a df-latest.conf with
      http:// paths instead of https:// paths, because it doesn't
      have the CA root.
    
      After installing pkg, Makefile.usr now also installs ca_root_nss
      and then copies the df-latest.conf.sample file to df-latest.conf,
      thus installing the official df-latest.conf using https.
    
    * Note that this sequence is not entirely safe because the initial
      bootstrap will be insecure if the CA root certificates are not
      already installed.  They should be installed by our official images,
      but will not be (currently) if one creates an absolutely pristine
      base system with installworld/installkernel/distribution.
    
      The bootstrap should now work in both situations, but we really
      need to include root certs in the base system I think.

Summary of changes:
 etc/Makefile.usr | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2ea76c0bd4a124d77106d1564fbe7fc69c97d7e2


-- 
DragonFly BSD source repository



More information about the Commits mailing list