Re: Cloudflare mirror link broken & more

2019-10-07 Thread Theo de Raadt
Anatoli wrote: > > looking at the number of bytes moved in the sessions is sufficient to > > determine which firmwares were selected and downloaded. > > Theo, I may be completely wrong here (please excuse my ignorance if it > is the case), but I see it this way: > > On a shared server (or one f

Re: Cloudflare mirror link broken & more

2019-10-07 Thread Theo de Raadt
Anatoli wrote: > > looking at the number of bytes moved in the sessions is sufficient to > > determine which firmwares were selected and downloaded. > > Theo, I may be completely wrong here (please excuse my ignorance if it > is the case), but I see it this way: > > On a shared server (or one f

Re: Cloudflare mirror link broken & more

2019-10-07 Thread Anatoli
> looking at the number of bytes moved in the sessions is sufficient to > determine which firmwares were selected and downloaded. Theo, I may be completely wrong here (please excuse my ignorance if it is the case), but I see it this way: On a shared server (or one fronted by a CDN) on the same po

Re: Cloudflare mirror link broken & more

2019-10-07 Thread Theo de Raadt
Anatoli wrote: > And thank you for your detailed explanation about the certs for firmware > sub-domain. Just wanted to say that IMO there's actually one thing that > it would solve: the privacy of the requests, i.e. we wouldn't be leaking > info about our devices with proprietary fw to anyone lis

Re: Cloudflare mirror link broken & more

2019-10-07 Thread Anatoli
Hi Stuart, Sorry for late reply. Upon Theo's request I provided job@ with the needed info and the issues were triaged and fixed. cdn.openbsd.org now works fine. And the location of files at cloudflare.cdn.openbsd.org is correct again too. BTW, > Is https://openbsd.c3sl.ufpr.br/pub/OpenBSD/ any

Re: Cloudflare mirror link broken & more

2019-09-25 Thread Stuart Henderson
On 2019-09-24, Anatoli wrote: > Hi All, > > I see for some time that the link to Cloudflare CDN is broken. > https://www.openbsd.org/ftp.html says it is > https://cloudflare.cdn.openbsd.org/pub/OpenBSD/ but it gives 404. > > It looks like Cloudflare removed /pub/ and renamed to lowercase OpenBSD >

Re: Cloudflare mirror link broken & more

2019-09-24 Thread Theo de Raadt
The fastly/cloudflare issues will be looked at by the people who handle that. But I can answer this piece: firmware.openbsd.org is not available via HTTPS. The tools only use them it via http, so your testing for https is a mistake. You are noticing that some of these machines are multiple-purp