freebsd-update's "Fetching patches" phase?

Vlad K. vlad-fbsd at acheronmedia.com
Sat Aug 13 13:38:16 UTC 2016


On 2016-08-13 15:20, RW via freebsd-questions wrote:
> On Sat, 13 Aug 2016 12:28:43 +0200
> 
> That's where the updates are downloaded.

Yes, but I mean specifically the patches, since this is binary upgrade, 
and is followed by "Fetching files" of equally large number of them.



> It might be because of the MITM vulnerability in freebsd-update.

Ah, that might explain it. But is that the case?



> If you use a proxy each client should be have HTTP_PROXY set to the
> same thing as this is used the seed the random selection of origin
> servers. If you intercept the connections it wont cache well.

Actually I'm not using HTTP_PROXY at all, but I've set ServerName in 
/etc/freebsd-update.conf to hostname where the rev proxy is. There nginx 
is running with proxy cache, including cached 404s.



Thanks for your reply!


-- 

Vlad K.


More information about the freebsd-questions mailing list