From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ben Sturmfels <ben@sturm.com.au>
Newsgroups: gmane.emacs.devel
Subject: Default package-archives to HTTPS
Date: Mon, 07 Sep 2015 14:43:05 +1000
Message-ID: <87twr696w6.fsf@sturm.com.au>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
X-Trace: ger.gmane.org 1441601027 30474 80.91.229.3 (7 Sep 2015 04:43:47 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Mon, 7 Sep 2015 04:43:47 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon Sep 07 06:43:35 2015
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1ZYoHD-0001AC-T4
	for ged-emacs-devel@m.gmane.org; Mon, 07 Sep 2015 06:43:32 +0200
Original-Received: from localhost ([::1]:53028 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1ZYoHD-0005p5-24
	for ged-emacs-devel@m.gmane.org; Mon, 07 Sep 2015 00:43:31 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:44455)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ben@sturm.com.au>) id 1ZYoGy-0005of-QJ
	for emacs-devel@gnu.org; Mon, 07 Sep 2015 00:43:17 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ben@sturm.com.au>) id 1ZYoGt-0001xl-V0
	for emacs-devel@gnu.org; Mon, 07 Sep 2015 00:43:16 -0400
Original-Received: from out4-smtp.messagingengine.com ([66.111.4.28]:39568)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ben@sturm.com.au>) id 1ZYoGt-0001w7-NU
	for emacs-devel@gnu.org; Mon, 07 Sep 2015 00:43:11 -0400
Original-Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
	by mailout.nyi.internal (Postfix) with ESMTP id 1265B20197
	for <emacs-devel@gnu.org>; Mon,  7 Sep 2015 00:43:10 -0400 (EDT)
Original-Received: from frontend2 ([10.202.2.161])
	by compute4.internal (MEProxy); Mon, 07 Sep 2015 00:43:10 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=sturm.com.au; h=
	content-type:date:from:message-id:mime-version:subject:to
	:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=DeAKCWE1Wc9LTVvwDT8AxI0O+P8
	=; b=imVJLYz5As4asGktNAXtx5bKX/ZtY+wjX93VClsKXeSY1wekDEfzLUeLEaO
	9XK5KxjE37uTZ+z5N7lqSdVb8WzfEj+fJQkT/Ub31Dii8A4sTQK/ng+iy0aVzvHp
	YIlnYNi8MjCGfq9DRkLjBq+OtPMJfQeKqCoHO0a4diog+5Fc=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=content-type:date:from:message-id
	:mime-version:subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=De
	AKCWE1Wc9LTVvwDT8AxI0O+P8=; b=bVhdiU4Xg4XpGZ+D07Ge5yS9x6sfa91Qra
	SRby/R12AvwaMYcW5TUk8CK++ZHmiWV1oWBX/V94gzyRWFJkES7CNQ1UXw5vxK2Q
	nzLyW6cK6HCBb46WXWiN63M3g+coIB34a/JHqbuIYoVGd++YBX94jIk7K5EMyDHh
	mor3AiK1I=
X-Sasl-enc: AbSbWci/9ASGbJk/j6UuO+D7xRcYzGOwEyZZV4xt8EUd 1441600989
Original-Received: from Womble (ppp118-209-108-235.lns20.mel4.internode.on.net
	[118.209.108.235])
	by mail.messagingengine.com (Postfix) with ESMTPA id 8252268007E;
	Mon,  7 Sep 2015 00:43:09 -0400 (EDT)
Original-Received: by Womble (Postfix, from userid 1000)
	id 43018414A5; Mon,  7 Sep 2015 14:43:06 +1000 (AEST)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 66.111.4.28
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:189663
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/189663>

--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi Folks,

I've attached a small patch to switch the `package-archives' default,
http://elpa.gnu.org/packages/, to HTTPS. This helps to avoid
surveillance or tampering with downloaded packages.

Thanks to Fran=C3=A7ois Marier for the suggestion:
https://identi.ca/fmarier/note/XBKVu8OLT9KiUmqIj-a4Rg

This is my first patch to Emacs, so let me know if it needs any changes.

Regards,
Ben

=2D-=20
Ben Sturmfels

Sturm
www.sturm.com.au
(03) 9024 2467


--=-=-=
Content-Type: text/x-diff
Content-Disposition: attachment;
 filename=package-archive-default-https.patch
Content-Transfer-Encoding: quoted-printable

From=2046ee3020703c951eeb975ff95fad3b1689c20b49 Mon Sep 17 00:00:00 2001
From: Ben Sturmfels <ben@sturm.com.au>
Date: Mon, 7 Sep 2015 14:27:35 +1000
Subject: [PATCH] Switch default package archive to HTTPS

* lisp/emacs-lisp/package.el (package-archives): Use HTTPS to access the
  default archive, elpa.gnu.org/packages/.

Copyright-paperwork-exempt: yes
=2D--
 lisp/emacs-lisp/package.el | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
index 4d3678a..5579db6 100644
=2D-- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@@ -204,14 +204,14 @@ If VERSION is nil, the package is not loaded (it is \=
"disabled\")."
   :risky t
   :version "24.1")
=20
=2D(defcustom package-archives '(("gnu" . "http://elpa.gnu.org/packages/"))
+(defcustom package-archives '(("gnu" . "https://elpa.gnu.org/packages/"))
   "An alist of archives from which to fetch.
 The default value points to the GNU Emacs package repository.
=20
 Each element has the form (ID . LOCATION).
  ID is an archive name, as a string.
  LOCATION specifies the base location for the archive.
=2D  If it starts with \"http:\", it is treated as a HTTP URL;
+  If it starts with \"http:\" or \"https:\", it is treated as a URL;
   otherwise it should be an absolute directory name.
   (Other types of URL are currently not supported.)
=20
=2D-=20
1.9.1


--=-=-=--

--==-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV7RXZAAoJEAI8BeLJwGjw4BwP/jUtb41rrC54gmmHG8RfTlPm
9stU9zJpUoe1rAEYjQNRdNCMLvg82YRMYCOnWIXak7BSYaG3LUpEu8dtaP9R8nMB
O0pSSteqmA3RJ3ThAdM3AIH9wl8YPR+fvOurbwK6ea2mWCfMuc5SLOqtguoXtgAU
2I7zp4Fdrwl4EkUnhIsddSeF2y29pNhyGoD/3Zls9GtUDGKPVHbP+xdGB+uUFEp8
dBMm5z25mAE9MR7rgVUpIoVSyGqwPg90WoTOT6vJzaSQzjdYPiHKY3lf1t5G43PI
v3TIGzqcc+h+w6+k1W7vRBE9/EeYG59ZasA1SwYE2kbfwUAWLCvJcOu3KtIafuKX
zlw2DAKf2K4Vy/QMeY4uCOE1NzvuRBjd4FnIWMNtqO4xI0WyfZ+b2Vad5/kjqva1
FDcda5u3YyWRooVwcNlPgj1iwmO8wfHBHe2DSLbxHpPI31w8NDlOvS2I1asfzEqC
fyUCkQgnBQaVjrZ+35ZVD5q71BZ6IzvSA4wgJzP8BsmsIhrwebJF5zAS9ASglR8S
r8Oy0sNM1brMImLMrm5loR8kR0+xH7HagA1UHjbvtC0ARniNu258tRa3bVDdnyfI
p338V+1lVbz1oyb7Qy80g52OO58qfkWkuz31O+y5ZkOsE12xAF0fI4WK+R0HcXF/
cKsHgqcyNb6ylChJ0Qx3
=sKvb
-----END PGP SIGNATURE-----
--==-=-=--