On 2015/01/25 23:21, Timo Myyrä wrote: > Stuart Henderson <st...@openbsd.org> writes: > > > On 2015/01/25 22:16, Timo Myyrä wrote: > >> Hi, > >> > >> Here's an update for the pekwm window manager to latest version. > > > > $ make fetch > > ===> Checking files for pekwm-0.1.17 > >>> Fetch > >>> https://www.pekwm.org/projects/pekwm/projects/pekwm/files/pekwm-0.1.17.tar.bz2 > > SSL failure: SSL connect failed: 1 > > Ah, good catch. I've been using this version for long so I haven't had to > re-fetch the distfile. > The pekwm.org uses self-signed cert and seems to forward all http requests to > https. Quickly looking around I didn't notice any way to download the distfile > though http. > How are these situations normally handled? Upload the distfile to another site > and download from there? Or selectively disable host verification for SSL?
Yes, if they can't fix things, the distfile will need to be mirrored. There's no way to override this in the ports framework (overriding FETCH_CMD isn't allowed). I could host it if needed. They have modified it since the version you have though (I wish people wouldn't do that, it makes things harder for packagers who check file hashes; IMO if it's worth changing something in a distfile it's worth updating the filename too). > I'll try to ask if someone from pekwm community could fix their site so that > at > least downloading releases wouldn't force to use un-verified https > connections. thanks :)
