diff options
| author | Viktor Szakats | 2016-06-22 19:56:10 +0200 |
|---|---|---|
| committer | Dominyk Tiller | 2016-06-22 18:56:10 +0100 |
| commit | 6bd24a7fb806184d401ee98e1f8c82d97f813107 (patch) | |
| tree | 80fbdac81d1b7f8c07e08cc8e8b48c0feea61134 | |
| parent | 915eed4c6427271c5b4c01fa36239361c3680c40 (diff) | |
| download | brew-6bd24a7fb806184d401ee98e1f8c82d97f813107.tar.bz2 | |
audit.rb: require https for ftpmirror.gnu.org (#393)
* audit.rb: require https for ftpmirror.gnu.org
The situation is similar to other mirror redirectors: the server
may subsequently redirect to an insecure url. But it's a step.
* manpage: update HOMEBREW_NO_INSECURE_REDIRECT section
| -rw-r--r-- | Library/Homebrew/cmd/audit.rb | 8 | ||||
| -rw-r--r-- | Library/Homebrew/manpages/brew.1.md.erb | 4 | ||||
| -rw-r--r-- | share/doc/homebrew/brew.1.html | 2 | ||||
| -rw-r--r-- | share/man/man1/brew.1 | 2 |
4 files changed, 6 insertions, 10 deletions
diff --git a/Library/Homebrew/cmd/audit.rb b/Library/Homebrew/cmd/audit.rb index 39d58a146..3cfbbe724 100644 --- a/Library/Homebrew/cmd/audit.rb +++ b/Library/Homebrew/cmd/audit.rb @@ -1135,12 +1135,7 @@ class ResourceAuditor def audit_urls # Check GNU urls; doesn't apply to mirrors if url =~ %r{^(?:https?|ftp)://(?!alpha).+/gnu/} - problem "Please use \"http://ftpmirror.gnu.org\" instead of #{url}." - end - - # GNU's ftpmirror does NOT support SSL/TLS. - if url =~ %r{^https://ftpmirror\.gnu\.org/} - problem "Please use http:// for #{url}" + problem "Please use \"https://ftpmirror.gnu.org\" instead of #{url}." end if mirrors.include?(url) @@ -1154,6 +1149,7 @@ class ResourceAuditor urls.each do |p| case p when %r{^http://ftp\.gnu\.org/}, + %r{^http://ftpmirror\.gnu\.org/}, %r{^http://[^/]*\.apache\.org/}, %r{^http://code\.google\.com/}, %r{^http://fossies\.org/}, diff --git a/Library/Homebrew/manpages/brew.1.md.erb b/Library/Homebrew/manpages/brew.1.md.erb index f88d4e091..21fc4f81a 100644 --- a/Library/Homebrew/manpages/brew.1.md.erb +++ b/Library/Homebrew/manpages/brew.1.md.erb @@ -180,8 +180,8 @@ can take several different forms: to insecure HTTP. While ensuring your downloads are fully secure, this is likely - to cause from-source Sourceforge & GNOME based formulae - to fail to download. + to cause from-source Sourceforge, some GNU & GNOME based + formulae to fail to download. * `HOMEBREW_NO_GITHUB_API`: If set, Homebrew will not use the GitHub API for e.g searches or diff --git a/share/doc/homebrew/brew.1.html b/share/doc/homebrew/brew.1.html index 6afa74454..b103c0091 100644 --- a/share/doc/homebrew/brew.1.html +++ b/share/doc/homebrew/brew.1.html @@ -561,7 +561,7 @@ successful build.</p> to insecure HTTP.</p> <p>While ensuring your downloads are fully secure, this is likely -to cause from-source Sourceforge & GNOME based formulae +to cause from-source Sourceforge, some GNU & GNOME based formulae to fail to download.</p></dd> <dt><code>HOMEBREW_NO_GITHUB_API</code></dt><dd><p>If set, Homebrew will not use the GitHub API for e.g searches or fetching relevant issues on a failed install.</p></dd> diff --git a/share/man/man1/brew.1 b/share/man/man1/brew.1 index 2d5f14e5c..54f6ca78b 100644 --- a/share/man/man1/brew.1 +++ b/share/man/man1/brew.1 @@ -783,7 +783,7 @@ If set, Homebrew will not print the \fBHOMEBREW_INSTALL_BADGE\fR on a successful If set, Homebrew will not permit redirects from secure HTTPS to insecure HTTP\. . .IP -While ensuring your downloads are fully secure, this is likely to cause from\-source Sourceforge & GNOME based formulae to fail to download\. +While ensuring your downloads are fully secure, this is likely to cause from\-source Sourceforge, some GNU & GNOME based formulae to fail to download\. . .TP \fBHOMEBREW_NO_GITHUB_API\fR |