Re: source file audit - 2009-11-01

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 5 Nov 2009 11:39:04 +0000
"Richard W.M. Jones" <rjones@xxxxxxxxxx> wrote:

> On Wed, Nov 04, 2009 at 05:18:16PM -0700, Kevin Fenzi wrote:
> > rjones:BADURL:ocaml-autoconf-1.1.tar.gz:ocaml-autoconf
> 
> False alarm?  Both the URL and Source0 work for me, but note that the
> site has a self-signed certificate so you need
> "--no-check-certificate" or the equivalent to download the source:
> 
>   wget --no-check-certificate
> https://forge.ocamlcore.org/frs/download.php/282/ocaml-autoconf-1.1.tar.gz

Well, the script I am running uses 'spectool -g' and indeed, it doesn't
handle self signed certs: 

--2009-11-02 03:15:09--  https://forge.ocamlcore.org/frs/download.php/282/ocaml-autoconf-1.1.tar.gz
Resolving forge.ocamlcore.org... 87.98.154.45
Connecting to forge.ocamlcore.org|87.98.154.45|:443... connected.
ERROR: cannot verify forge.ocamlcore.org's certificate, issued by `/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@xxxxxxxxxx':
  Unable to locally verify the issuer's authority.
To connect to forge.ocamlcore.org insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.

Would it be possible to use a http link there?

> > rjones:BADSOURCE:pa_do-0.8.10.tar.gz:ocaml-pa-do
> 
> This is the same hosting provider as above, and I can definitely
> access the URL and Source0 from here.
> 
>   wget --no-check-certificate
> http://forge.ocamlcore.org/frs/download.php/273/pa_do-0.8.10.tar.gz

Yeah, same issue. 

> > rjones:BADURL:coccinelle-0.1.10.tgz:coccinelle
> 
> Upstream moved their website hosting.  Fixed by rebuilding all the
> branches.
> 
> > rjones:BADURL:febootstrap-2.5.tar.gz:febootstrap
> 
> Fixed (upstream website problem).
> 
> > rjones:BADURL:libpng-1.2.37.tar.bz2:mingw32-libpng
> 
> Ugghh, upstream like to remove old copies of their source tarballs.
> 
> Fixed and rebuilt in Rawhide only, because I don't want to push
> unstable updates to the other branches and there's no way to fix those
> other branches if the upstream tarball has gone.

No need to build anything for these... just correct the links and it
should go out with the next update for something else. ;) 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux