[coreboot-gerrit] Change in coreboot[master]: util/crossgcc: Ignore TLS certificate issues

6 Dec 2020


      Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/47935 )
Change subject: util/crossgcc: Ignore TLS certificate issues
......................................................................
Patch Set 3: Code-Review+1
(1 comment)
IIRC, we were well aware that we do the hash checks anyway, and
the reason to move to https was to make sure that no adversary
can see the full URL (at least that's the only argument I remember
that technically made sense). We'd lose that this way.
Honestly, I don't care. An alternative would be to offer to try
again without certificate checks in case of failure, so the user
would have a choice.
https://review.coreboot.org/c/coreboot/+/47935/3/util/crossgcc/buildgcc 
File util/crossgcc/buildgcc:
https://review.coreboot.org/c/coreboot/+/47935/3/util/crossgcc/buildgcc@1060 
PS3, Line 1060: 		wget --tries=3 "$url" 2>&1 | while read -r line; do
Should we add `--no-check-certificate` here?
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/47935
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Id6ebb301775e1279b3c00e5064491c8f88be73ef
Gerrit-Change-Number: 47935
Gerrit-PatchSet: 3
Gerrit-Owner: Patrick Georgi pgeorgi@google.com
Gerrit-Reviewer: Idwer Vollering vidwer@gmail.com
Gerrit-Reviewer: Mariusz Szafrański mariuszx.szafranski@intel.com
Gerrit-Reviewer: Nico Huber nico.h@gmx.de
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-CC: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-Comment-Date: Sun, 06 Dec 2020 17:13:12 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Gerrit-MessageType: comment

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: util/crossgcc: Ignore TLS certificate issues