-
Notifications
You must be signed in to change notification settings - Fork 273
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update source download URLs for openssl following the move. #1178
Update source download URLs for openssl following the move. #1178
Conversation
Also add openssl-1.1.1f and update openssl-fips URLs. Obvious fix.
config/software/openssl.rb
Outdated
@@ -27,12 +27,16 @@ | |||
|
|||
# OpenSSL source ships with broken symlinks which windows doesn't allow. | |||
# Skip error checking. | |||
source url: "https://www.openssl.org/source/openssl-#{version}.tar.gz", extract: :lax_tar | |||
source url: "https://www.openssl.org/source/old/#{version}/openssl-#{version}.tar.gz", extract: :lax_tar |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i believe there is a typo here:
curl -v https://www.openssl.org/source/old/1.0.2u/openssl-1.0.2u.tar.gz
...
< HTTP/1.1 404 Not Found
< Server: Apache/2.4.29 (Ubuntu)
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
< Accept-Ranges: bytes
< Content-Type: text/html; charset=UTF-8
< Content-Length: 4182
< Cache-Control: max-age=172800
< Expires: Wed, 08 Apr 2020 19:10:48 GMT
< Date: Mon, 06 Apr 2020 19:10:48 GMT
< Connection: keep-alive
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice catch. Sorry about that. Should be fixed now.
Gentle ping? |
source url: "https://www.openssl.org/source/openssl-fips-#{version}.tar.gz", extract: :lax_tar | ||
source url: "https://www.openssl.org/source/old/fips/openssl-fips-#{version}.tar.gz", extract: :lax_tar | ||
|
||
version("2.0.16") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2.0.16 is also in the old dir so this shouldn't be necessary
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right. It's really bizarre that they would put the latest fips tarball in the old directory, but not the latest openssl 1.1.1 tarball. However, I'd argue that there's an advantage to keeping this override, even if it's unnecessary for 2.0.16, because they might not continue this behavior with 2.0.17, and then the override would be useful. WDYT? If you'd rather apply YAGNI here, I can remove it.
Thanks for putting this all together |
Thanks, @tas50. Sadly, we can't actually use this change in our project, because omnibus-software |
Also revert #257 and upgrade omnibus to 7.0.9.
Also add openssl-1.1.1f and update openssl-fips URLs.
Description
The openssl sources have moved again — breaking the downloads in the same was as described in #833. This change attempts to adjust the download URL pattern for older versions, while still keeping the latest version at the original URL pattern.
Related Issue
Fixes #833
Types of changes
Checklist:
I have updated the documentation accordingly.I have added tests to cover my changes.All commits have been signed-off for the Developer Certificate of Origin.