Closed Bug 686262 Opened 13 years ago Closed 9 years ago

dataimport/import-buildbot-data.py should talk to its sources over https

Categories

(Tree Management Graveyard :: TBPL, defect)

Product:
Tree Management Graveyard
Component:
TBPL
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: philor, Unassigned)

References

Details

We sort of assume that import-buildbot-data.py is talking to the real hg.mozilla.org and the real ftp.mozilla.org and the real build.mozilla.org, based on nothing more than our guess that it would be sort of hard to MITM it.

We should instead know that it is, because it got a valid cert for each of them when it connected to them over https.

hg.m.o and ftp.m.o are as easy as finding someone who knows how to ensure that they are really validating certs from within Python (not, the last time I looked at it, a particularly easy task, but that was pre-2.6). build.m.o will have to wait on bug 657359 shuffling things around to where it over https isn't looking for auth.
Product: Webtools → Tree Management
TBPL has been EOLed (bug 1054977).
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → INCOMPLETE
Product: Tree Management → Tree Management Graveyard
You need to log in before you can comment on or make changes to this bug.