Using bidirectional authentication in pkgng
Michael Gmelin
freebsd at grem.de
Thu Jan 24 11:19:44 UTC 2013
On Thu, 24 Jan 2013 10:50:11 +0100
Dag-Erling Smørgrav <des at des.no> wrote:
> Baptiste Daroussin <bapt at FreeBSD.org> writes:
> > Michael Gmelin <freebsd at grem.de> writes:
> > > I implemented the necessary bits over the weekend and filed a PR
> > > containing the patch (SSL peer verification, hostname checking,
> > > client certificates etc.).
> > >
> > > http://www.freebsd.org/cgi/query-pr.cgi?pr=175514
> > >
> > > Assuming the code quality is sufficient, it would be great if it
> > > made it to base (not sure if des at freebsd.org is still taking care
> > > of libfetch).
> > Yes he is, that is why I have CCed him
>
> Thank you.
>
> The patch looks interesting, modulo a metric buttload of style
> issues :)
Would be great if you could point out the exact issues, so I could avoid
them next time (I spent literally hours trying to clean up the code so
it complies to style(9), even though it doesn't seem like fetch really
follows it either). Other people's coding standards are always arbitrary
and, um, wrong anyway, you know ;)
> I'll take a closer look in a few days, feel free to remind
> me.
Will do.
>
> > > That said, if there's interest I could volunteer to implement DANE
> > > later this year - assuming there is someone who can audit the
> > > results.
>
> If you're interested in working on fetch, I'm looking for someone
> who's willing to help reimplement it from scratch.
I can only work on open source projects in my spare time - this was
slightly different since we might profit from being able to use pkg in a
compliant way. A complete re-implementation sounds more like a summer of
code project to me. Assuming I'm able to get DANE in there, maybe
somebody else could pick up all the bits and pieces and repackage them.
Well, let's see, never say never :)
>
> DES
Cheers,
--
Michael Gmelin
More information about the freebsd-ports
mailing list