* Martijn Lievaart <m@rtij.nl> [2021-12-03 17:35:17 +0100]: > Op 03-12-2021 om 17:13 schreef Tomasz Konojacki: > > On Fri, 3 Dec 2021 12:41:08 +0100 > > Salvador Fandino <sfandino@gmail.com> wrote: > > > > > In this regard, and in the context of just bootstrapping a CPAN client, I think that using standalone TLS/HTTPS clients should be also considered. > > > > > > Getting Net::SSLeay to compile against OpenSSL (or any other SSL client library) can be pretty difficult, but just wrapping something like "openssl s_client" command is mostly trivial. "socat", "curl" or "wget" are other options. > > CPAN.pm already uses wget or curl when IO::Socket::SSL isn't available > > and a https mirror was requested. > > > > In that case, a major reason for getting ssl in core went away, and it is > indeed just one of the features we may or may not add, like the csv support > I requested. cpanm uses http by default, though during the recent root CA letsencrypt-alypse I ran into this issue described here (and closed with workaround): > 'need option to pass option to "don't verify SSL" to underlying download method (wget, curl, _lwp_)' > https://github.com/miyagawa/cpanminus/issues/634 And while I do support a existing tools-based approach, this is not going to be 100% foolproof since we're dealing with many realms outside of just the perl domain. Lastly, if we're going to rely on a tool that is not universially installed (not even wget or curl is this reliably installed), our final logical backstop will remain being the easiest way to get things on a computer, i.e., the native package manager. Unfortunately in this case, I can't see how perl can be able to accomplish this in a vacuum; so we may wish to consider diligence on the upstream end to track what perl related stuff is: a) provided in a "base" (including "min") install and b) whats available in the package manager. Cheers, Brett > > > HTH, > > M4 > > -- -- oodler@cpan.org oodler577@sdf-eu.org SDF-EU Public Access UNIX System - http://sdfeu.org irc.perl.org #openmp #pdl #nativeThread Previous | Thread Next