Message ID | e413a810-b60d-813d-502c-07a0261dc32c@link38.eu |
---|---|
State | Dropped |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 0DB3B85D3E5 for <patchwork@web07.i.ipfire.org>; Sun, 20 Jan 2019 16:40:36 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 43jL5b0yr3z59c6g; Sun, 20 Jan 2019 16:40:35 +0000 (GMT) Received: from mx-nbg.link38.eu (mx-nbg.link38.eu [IPv6:2a03:4000:6:432c:1f9e:48:ac3:199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx-nbg.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 43jL5X0Nn4z57jrb for <development@lists.ipfire.org>; Sun, 20 Jan 2019 16:40:31 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=link38.eu; s=201803; t=1548002420; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=a4xghPjZjldoVkzlHE8sg8v7AcgNT3EqDIbUAXBRjfI=; b=E5qpRboEkn6aP0blvLhFAC59fRHVXe2XEaZZEtTrq5gsa1ZTLlwen/xpHmzLnDnFAbJkm1 XL/W4NDAODHPenz/nM+/zSzSl5T4gGwgoacJ9P7iTuEQgYo87R58EOaAKXeRjNgEU5Z9vx m/4X5ySyhcdOlf3BNTidnIE/UYhncIS0TDtS8Jh8F0ALoGGYA0HcbO1v4AkD2S+0subqoB EuJ9q+JK4U0nqCiML0jC9EDyCA6avVoXl2n4BTcJboCfAPNxNJJINfsvhNpGvq9z4bmCIp 59+nQqrid+Resjj6Ah+/DOqK2EQf9gJ1RCgCHBA7im7ktM7dWNvqtPx/6D7GZw== To: "IPFire: Development-List" <development@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@link38.eu> Openpgp: preference=signencrypt Autocrypt: addr=peter.mueller@link38.eu; keydata= mQINBFrlh/UBEADDNM0LnM9+1NhjgfIz7Ww9Hlx6egK75TJoVa/S9gjI+3DeXn7hsj7vZnQz qSXMhSauU7k4g+F+MmOJP2HRIl0lEo/JNrpAqrAseSnbJp4eq8OTyAL6+Z3SVNJNbcRDOHmw jb/GR8ncURcgYDYV+oCs4csrghtBnm4cWaD/RW10zlB4nQsqQ5G3jzY9aIM+NKRHSAZEbXBZ W6pyDcGRMkwSFTHXpjtFDZ6mVEMxi1nv2W8PMU+uGbs3ud4gzPZ0tT5ICR8bp71qpua4r4RQ o6rB/suiPOptOE5/rk8FiW3ho0y1xDu7bRx8UzdLS9cYCVeSvf9n9YZ6RGOH9O7dS23zfTkS 8iqYol1PmVZrNtpsWBCq4HzFtRJPs6gykFNfj2sVQXU3RHHf2ui0OKm3R0olhLVbKSw2qSPM ajP1vBuVLEMSJmucxlJQ72Im/afnOz3LlNt+/FOB0zneoKGvPpPGSP/Fr5FJYED6/l1DZl2W 8Wb76xq3HGfETHW9kwwqbbQefMu6LNQIw9CnTpSk/R9mt7AnIrKCjxfclLDfz6VBJ0grRDDF PBEVBrj7uZM0UCl/dUX0adjDxBfma/UJZcBlDVX61+41vsX6w094sveKaNdqybAIxqGnhRUq kCHm5P/IYOZrtkao/TsRIW508MJBGmxoUl2qqCj7tXtNy2tiUQARAQABtCdQZXRlciBNw7xs bGVyIDxwZXRlci5tdWVsbGVyQGxpbmszOC5ldT6JAj8EEwECACkFAlrlh/UCGyMFCQlmAYAH CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDZSPIPfXufaDlVD/0elAwSohcC4T5jFtPt hZ1+jU9t46pwBhQ8ohKpo4/wAuVBg5B0FYb0gegcSicYWsNkhTtCjUhExMilLKTaJir5l+3V B/rU/WG7NgLYqmYsGlgHPXdLZAbOMU/0atONFYos1UZnRGmPfhLwRw3g5TBaKrfqaFBzRABE W0R+XuRoXy9ho+lNP5g0Sa+SxtOeBpLQxppObk5WLUqDKxrvHhStgM3PrJASKujsJiw19IUg ws0q+WezH8LPQd3Vc8DP56sl1/h8w2Xklsdxj1NEcO7OIrrKSNIRGyqgqvtmDi6dxh1suGUW Par/VhB+P+u0yVy8H1lZ4SFUsZJFPwHNFSN41USmT/uHf9Z7K1+qXm4zpyexrDQ+ojuXxnB1 y97cHYcYaCZ2Bo+deljXng1NF0I3CdIdhPfLv7FHRBoBw1xs0qJjUfTfSAZsYD0H/jl76bRx 4s8rrECqM7pMnE4aLiP4m6gKJKooH8QAQsmGRYAI8gG/BIHPHZUpZ8J2jRnj6GQ1MpEdcnLE Q0N7QMayDoPq177es7tey5vzofq3bDGW/O9yqUWiz3e7uaGSQnYoRGm2oCCTojvGt37yS0H8 v+ms2fokPNt8UDmpZoLFFPXDwVcnL/KBkPY665xchatKpBOtJ3lRnXdlyRJW1gGda9G5mGFn xLcWumkZ12YKmtixuLkCDQRa5Yf1ARAA4UCkVBvQhks9lApBxvfZ8ekWrticMooBkegL+KQT TPWQHTgdwkFzSneaRq0vFFcgKxmXA54OmT58y0tf09hUvTGK4COs5GTZKP/SYSWZM6xOQqaT 37fros/ma4iSS+IJw/eDh7bWKM5gllz0EuoewaTveGDWeucf7V36mRUPG47GsNk/PgCRsO5Y SLlpfT/3xH02aRnUmWjzHCkJ9EV388cIWaYo9kP4q9rbcl3IyHP0t78XpIIWH6+o/I0FgzwL GJBdJ0eAE3PNIRGYu8nqYlJ+TIpcIrEPitma6nZtiWAITRO2XDb/2o05tUlEbmlN6dUOqM7X Jvj/Z9KkYNgvYNbHXqXJ+j5gzcq0DR7DtDSDnd1WDrYivQMGBDnZR2YfFjBEsmeArdmDTZqY aqYhBN3iMCI9cErZgik6Niz6jrqBMK98geB04vrqZUYprh7zXgPu0A/EwTIJuZ+GGeEKwMVL pBc2NGxUb/kt8nr1JHAnSludD78EW6QVdpcgO4DhHxzhdDk/L8yE53b5UdvXwad5N4T1QS/Y kk80nByinD4vaIIHti9nOvLQJAro1p997YnVeY0wQ2x14Qw1rqeCOeKqB8PxmHvSK6b+nXLg Dv7HuFLovIeQd/IimGLXBDW4Bkn60HApJ5KcX+GwHp5XqPRKPmtjfMsETZn1ESjyc3sAEQEA AYkCJQQYAQIADwUCWuWH9QIbDAUJCWYBgAAKCRDZSPIPfXufaBRaEACMS5Q1BY/O5o+Vn8lD uMUczEVk/8j07gi1EV2ffutwZ5eYrKvXkuoMPEBb7SWqPUKqpTbw1pNjUf5002c2xm2r/OSZ oQMRWDztht+EMhjy0qkixMV+TvS6DcFPb8sd+KOoIBD08EBVUxpeNhAFxaRjGEDboJUwtDAd EDUJts5HnXvBqEcnkOfkwDSUWf9epa1mbyO1sO5NnMtxQY6paB2UGQPNE5/J3eo4f5s4wrxR AaM6OCCOtJxs4u0svmOCwd0D8LQ6higBq+EFesc57ZpG3pkNokrROFWRpx6OpQJUnYi5lWm8 +4xF99QfI9mHIz+jrnPcsfAiKdXb8QkeaDkR7bIU269wwKupfN6bHsKFtOnx7AhMLUddzTHA hTe8cov/tnn5xPvSZhpfknOBx+mffNQBsCETuCxPMqtDN5xFuwBxw4ZKZpKYFk/FUl6As1z4 LY2tNXb/JI58fGiLreunuvxsEkb97hmly1e19IPOTJzawB/aKRQNpIkoE11UBhKyc+kwIfVo ZCTlp+3hpBFqxEjRReSQUKKb9hA4yP3j90Fb353JbNKf9+Y3UtFPJb67koDOGtbJsk19bzPE zO0j/ek+eXxTIf5NxURVuzY6yvg57ZzW7T/tApT/LLfMEmuYz/LiijgON0uTOSp8KflwAt8m eNtEia+FigGVqn+PSQ== Subject: [PATCH] use HTTPS for downloading GeoIP database files Message-ID: <e413a810-b60d-813d-502c-07a0261dc32c@link38.eu> Date: Sun, 20 Jan 2019 17:40:18 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: de-DE Content-Transfer-Encoding: 8bit Authentication-Results: mail01.ipfire.org; dkim=pass header.d=link38.eu header.s=201803 header.b=E5qpRboE; dmarc=pass (policy=none) header.from=link38.eu; spf=pass (mail01.ipfire.org: domain of peter.mueller@link38.eu designates 2a03:4000:6:432c:1f9e:48:ac3:199 as permitted sender) smtp.mailfrom=peter.mueller@link38.eu X-Spamd-Result: default: False [-10.70 / 11.00]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[link38.eu:s=201803]; BAYES_HAM(-3.00)[100.00%]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a03:4000:6:432c:1f9e:48:ac3:199]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_ONE(0.00)[1]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: mx-nbg.link38.eu]; DKIM_TRACE(0.00)[link38.eu:+]; DMARC_POLICY_ALLOW(-0.50)[link38.eu,none]; NEURAL_HAM(-2.90)[-0.968,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-3.78)[ip: (-9.91), ipnet: 2a03:4000::/32(-4.95), asn: 197540(-3.96), country: DE(-0.09)]; ASN(0.00)[asn:197540, ipnet:2a03:4000::/32, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-Spam-Status: No, score=-10.70 X-Rspamd-Server: mail01.i.ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
use HTTPS for downloading GeoIP database files
|
|
Commit Message
Peter Müller
Jan. 21, 2019, 3:40 a.m. UTC
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
src/scripts/xt_geoip_update | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Hello, I can only merge this into next right now. Core Update 127 is already closed, built and distributed on the mirrors. Please *review* the patches that are being submitted on the list to spot these things earlier. This is why we are doing this process and this is not only supposed to be my public inbox. Also, this patch doesn’t apply. Best, -Michael > On 20 Jan 2019, at 16:40, Peter Müller <peter.mueller@link38.eu> wrote: > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > src/scripts/xt_geoip_update | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update > index b45c5b343..93884dcf5 100644 > --- a/src/scripts/xt_geoip_update > +++ b/src/scripts/xt_geoip_update > @@ -26,7 +26,7 @@ SCRIPT_PATH=/usr/local/bin > DEST_PATH=/usr/share/xt_geoip > DB_PATH=/var/lib/GeoIP > > -DL_URL=http://geolite.maxmind.com/download/geoip/database > +DL_URL=https://geolite.maxmind.com/download/geoip/database > DL_FILE=GeoLite2-Country-CSV.zip > > eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) > @@ -40,7 +40,7 @@ function download() { > # Proxy settings. > # Check if a proxy should be used. > if [[ $UPSTREAM_PROXY ]]; then > - PROXYSETTINGS="-e http_proxy=http://" > + PROXYSETTINGS="-e https_proxy=http://" > > # Check if authentication against the proxy is configured. > if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then > -- > 2.16.4
diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update index b45c5b343..93884dcf5 100644 --- a/src/scripts/xt_geoip_update +++ b/src/scripts/xt_geoip_update @@ -26,7 +26,7 @@ SCRIPT_PATH=/usr/local/bin DEST_PATH=/usr/share/xt_geoip DB_PATH=/var/lib/GeoIP -DL_URL=http://geolite.maxmind.com/download/geoip/database +DL_URL=https://geolite.maxmind.com/download/geoip/database DL_FILE=GeoLite2-Country-CSV.zip eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) @@ -40,7 +40,7 @@ function download() { # Proxy settings. # Check if a proxy should be used. if [[ $UPSTREAM_PROXY ]]; then - PROXYSETTINGS="-e http_proxy=http://" + PROXYSETTINGS="-e https_proxy=http://" # Check if authentication against the proxy is configured. if [[ $UPSTREAM_USER && $UPSTREAM_PASSWORD ]]; then