[Buildroot] [psa] various server software upgrades
Mike Frysinger
vapier at gentoo.org
Mon Dec 7 23:22:56 UTC 2015
On 08 Dec 2015 00:02, Yann E. MORIN wrote:
> On 2015-12-07 17:54 -0500, Mike Frysinger spake thusly:
> > we're already at (3). even if we weren't, i don't see how transitioning
> > would affect the SNI issue. the question is simple: how long do you want
> > to (try to) support old systems where people refuse to fix their setup ?
> > we're talking about systems that are over three years old (wget-1.14 was
> > released in Aug 2012). what is your cut off ? 3 years ? 4 years ?
>
> A lot of companies are still using RHEL5, which was released in 2007.
>
> Yes, that's old. But once an enterprise has settled on their "production
> environment", it lasts years, up to the decade or more. Yes, we are
> still trying to have Buildroot work in such an old environment...
to be clear, the initial download doesn't necessarily have to happen on
the RHEL system itself, and it is possible to work around -- the wget
command itself already suggested a "fix" by adding the no check flag:
--no-check-certificate
in this mode, it's basically equiv to using http, and it works with
wget versions that don't support SNI.
and it doesn't address the other issue i raised: is buildroot going to
bootstrap wget and such to be sure SNI is supported ? otherwise, even
if you get the buildroot source, sticking to http doesn't help when the
server transparently redirects you to https. like getting busybox or
uclibc archives :). or will buildroot detect wget is old and then use
--no-check-certificate everywhere ?
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20151207/c9c6dd56/attachment-0002.asc>
More information about the buildroot
mailing list