Bug 277409
| Summary: | security/dehydrated: should run daily to update OCSP information before they expire | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Matthias Fechner <mfechner> |
| Component: | Individual Port(s) | Assignee: | Koichiro Iwao <meta> |
| Status: | Closed FIXED | ||
| Severity: | Affects Some People | Flags: | bugzilla:
maintainer-feedback?
(meta) |
| Priority: | --- | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
|
Description
Matthias Fechner
2024-03-01 04:56:36 UTC
I'll look into this. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=8b99252493ebd9ad3c26b430af4de57021c46e6e commit 8b99252493ebd9ad3c26b430af4de57021c46e6e Author: Koichiro Iwao <meta@FreeBSD.org> AuthorDate: 2024-03-06 04:04:02 +0000 Commit: Koichiro Iwao <meta@FreeBSD.org> CommitDate: 2024-03-06 04:28:44 +0000 security/dehydrated: Update to 0.7.1-6-g4fd777e Also add another periodic file to run dehydrated more frequent than weekly because OSCP response file should be updated before expiry [1]. PR: 277409 Reported by: mfechner [1] security/dehydrated/Makefile | 16 ++++---- security/dehydrated/distinfo | 6 +-- .../dehydrated/files/000.dehydrated.daily.in (new) | 46 ++++++++++++++++++++++ ...{000.dehydrated.in => 000.dehydrated.weekly.in} | 0 security/dehydrated/files/pkg-message.in | 11 ++++++ security/dehydrated/pkg-plist | 1 + 6 files changed, 69 insertions(+), 11 deletions(-) (In reply to Matthias Fechner from comment #0) I added another periodic file for daily run. Not the port supports both weekly and daily run. Try this instead. daily_dehydrated_enable="YES" (In reply to Koichiro Iwao from comment #3) Thanks a lot, I upgrade the new version already. Now I need to wait if ocsp files get updated. They will expire in 136 hours. It is working perfectly fine. Thanks a lot! It's my pleasure! |