Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#68139 - [mariadb] use https

Attached to Project: Arch Linux
Opened by mysta (mysta) - Wednesday, 07 October 2020, 17:36 GMT
Last edited by Christian Hesse (eworm) - Wednesday, 07 October 2020, 19:13 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Christian Hesse (eworm)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Attached diff switches the mariadb package from an rsync connection to an HTTPS connection in the source line.

Additional info:
The mariadb package was switched from downloads.mariadb.org to rsync.osuosl.org in November of 2019 due to issues with redirects:

https://github.com/archlinux/svntogit-packages/commit/fa887ad64dcf8555ef0a16d022c0b89f66cd500e

This same osuosl mirror also offers HTTPS downloads:

$ host rsync.osuosl.org
rsync.osuosl.org has address 140.211.166.134
rsync.osuosl.org has address 64.50.236.52
rsync.osuosl.org has address 64.50.233.100

$ host ftp.osuosl.org
ftp.osuosl.org has address 140.211.166.134
ftp.osuosl.org has address 64.50.233.100
ftp.osuosl.org has address 64.50.236.52

Using the second domain avoids an unencrypted outgoing connection and a dependency on rsync. The PKGBUILD mentions that "some" mirrors may be out of date, but this isn't a problem since it's the same host.

==> Retrieving sources...
[...]
==> Validating source files with sha256sums...
mariadb-10.5.5.tar.gz ... Passed
mariadb-10.5.5.tar.gz.asc ... Skipped
0001-arch-specific.patch ... Passed
==> Verifying source file signatures with gpg...
mariadb-10.5.5.tar.gz ... Passed
This task depends upon

Closed by  Christian Hesse (eworm)
Wednesday, 07 October 2020, 19:13 GMT
Reason for closing:  Fixed
Additional comments about closing:  in SVN
Comment by Christian Hesse (eworm) - Wednesday, 07 October 2020, 19:13 GMT
Committed a modified version, thanks for the hint!

Loading...