[Pkg-ocaml-maint-commits] [opam] 01/01: Stop using insecure and no-check-certificate flags when fetching files using wget and curl.
Mehdi Dogguy
mehdi at moszumanska.debian.org
Sun Apr 10 10:31:10 UTC 2016
This is an automated email from the git hooks/post-receive script.
mehdi pushed a commit to branch debian/jessie
in repository opam.
commit 05caafe7ce65ba6a5fdc87dc4bb54aea2304cab7
Author: Mehdi Dogguy <mehdi at debian.org>
Date: Sun Apr 10 12:29:13 2016 +0200
Stop using insecure and no-check-certificate flags when fetching files using wget and curl.
---
debian/changelog | 7 +++++
...emove-insecure-no-check-certificate-flags.patch | 30 ++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 38 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 27a89f4..58cc082 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+opam (1.2.0-1+deb8u1) jessie; urgency=medium
+
+ * Stop using insecure and no-check-certificate flags when fetching
+ files using wget and curl.
+
+ -- Mehdi Dogguy <mehdi at debian.org> Sun, 10 Apr 2016 12:27:13 +0200
+
opam (1.2.0-1) unstable; urgency=medium
* New upstream release.
diff --git a/debian/patches/0003-remove-insecure-no-check-certificate-flags.patch b/debian/patches/0003-remove-insecure-no-check-certificate-flags.patch
new file mode 100644
index 0000000..c8162be
--- /dev/null
+++ b/debian/patches/0003-remove-insecure-no-check-certificate-flags.patch
@@ -0,0 +1,30 @@
+From: Mehdi Dogguy <mehdi at debian.org>
+Date: Sun, 10 Apr 2016 12:26:17 +0200
+Subject: remove insecure / no-check-certificate flags
+
+---
+ src/core/opamSystem.ml | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/core/opamSystem.ml b/src/core/opamSystem.ml
+index a8e3168..c4151e9 100644
+--- a/src/core/opamSystem.ml
++++ b/src/core/opamSystem.ml
+@@ -597,7 +597,7 @@ let download_command =
+ let wget ~compress:_ src =
+ let wget = [
+ "wget";
+- "--content-disposition"; "--no-check-certificate";
++ "--content-disposition";
+ "-t"; retry;
+ src
+ ] in
+@@ -605,7 +605,7 @@ let download_command =
+ let curl command ~compress src =
+ let curl = [
+ command;
+- "--write-out"; "%{http_code}\\n"; "--insecure";
++ "--write-out"; "%{http_code}\\n";
+ "--retry"; retry; "--retry-delay"; "2";
+ ] @ (if compress then ["--compressed"] else []) @ [
+ "-OL"; src
diff --git a/debian/patches/series b/debian/patches/series
index 840e637..abbcd00 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
0001-Fix-some-spelling-errors.patch
0002-Import-uutf-and-jsonm-temporarily.patch
+0003-remove-insecure-no-check-certificate-flags.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ocaml-maint/packages/opam.git
More information about the Pkg-ocaml-maint-commits
mailing list