| #
303975 |
|
11-Aug-2016 |
gjb |
Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE
cycle.
Prune svn:mergeinfo from the new branch, and rename it to RC1.
Update __FreeBSD_version.
Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and
the dvd1.iso packages population.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| #
303975 |
|
11-Aug-2016 |
gjb |
Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE
cycle.
Prune svn:mergeinfo from the new branch, and rename it to RC1.
Update __FreeBSD_version.
Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and
the dvd1.iso packages population.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| #
302408 |
|
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.
Additional commits post-branch will follow.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| #
263937 |
|
30-Mar-2014 |
bdrewery |
Give hint on how to disable the default repository.
Discussed with: bapt
MFC after: instantly (preparing EN)
|
| #
258227 |
|
16-Nov-2013 |
bapt |
Enabled should be a boolean, not a string
MFC after: 2 days
|
| #
257668 |
|
05-Nov-2013 |
bdrewery |
Use proper capitalization for FreeBSD.org
Approved by: bapt
MFC after: 2 days
|
| #
257667 |
|
05-Nov-2013 |
bdrewery |
Enable fingerprint checking as the currently known
fingerprint has an uploaded signature on all mirrors.
Approved by: bapt
MFC after: 2 days
|
| #
257344 |
|
29-Oct-2013 |
bdrewery |
Move /etc/keys to /usr/share/keys where users are less likely to modify them.
Requested by: secteam (cperciva, des)
Approved by: bapt
|
| #
257159 |
|
26-Oct-2013 |
bdrewery |
Disable fingerprint checking for now as the pkg repository mirrors will
not receive the signature until later this week.
Approved by: bapt
|
| #
257147 |
|
26-Oct-2013 |
bdrewery |
Support checking signature for pkg bootstrap.
If the pkg.conf is configured with SIGNATURE_TYPE: FINGERPRINTS,
and FINGERPRINTS: /etc/keys/pkg then a pkg.sig file is fetched along
with pkg.txz. The signature contains the signature provided by the
signing server, and the public key. The .sig is the exact output
from the signing server in the following format:
SIGNATURE
<openssl signed>
CERT
<rsa public key>
END
The signature is verified with the following logic:
- If the .sig file is missing, it fails.
- If the .sig doesn't validate, it fails.
- If the public key in the .sig is not in the known trusted fingerprints,
it fails.
- If the public key is in the revoked key list, it fails.
Approved by: bapt
MFC after: 2 days
Discussed by: bapt with des, jonathan, gavin
|
| #
257145 |
|
26-Oct-2013 |
bdrewery |
Add support for reading configuration files from /etc/pkg.
For now only /etc/pkg/FreeBSD.conf is supported. Its style is:
Repo: {
URL: "...",
MIRROR_TYPE: "...",
...
}
The configuration will be read from /usr/local/etc/pkg.conf if exists,
otherwise /etc/pkg/FreeBSD.conf
Approved by: bapt
MFC after: 2 days
|