[Asterisk-code-review] BuildSystem: Allow fetch of PJProject without trust anchors. (asterisk[master])
Corey Farrell
asteriskteam at digium.com
Fri Mar 9 07:41:49 CST 2018
Corey Farrell has posted comments on this change. ( https://gerrit.asterisk.org/8181 )
Change subject: BuildSystem: Allow fetch of PJProject without trust anchors.
......................................................................
Patch Set 3: Code-Review-1
I'm against unconditionally disabling SSL validation from wget and curl. You want to do this to *BSD* fine I guess, Linux should continue to use the full security offered by SSL.
Before you mention that pjproject uses a checksum for validation, you are disabling SSL for download of that too. So with this change we would use a completely unverified checksum to validate the pjproject tarball. Fix that and maybe I can be convinced, but even then I think I'd like the variable name appended with _INSECURE so we don't accidentally use for anything which requires validation in the future.
--
To view, visit https://gerrit.asterisk.org/8181
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I573308fa11a69d28480b669971b5bfe66476fa60
Gerrit-Change-Number: 8181
Gerrit-PatchSet: 3
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Corey Farrell <git at cfware.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Comment-Date: Fri, 09 Mar 2018 13:41:49 +0000
Gerrit-HasComments: No
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20180309/5eff472a/attachment-0001.html>
More information about the asterisk-code-review
mailing list