On Fri, Jan 31, 2020 at 09:24:08PM +0100, Sven Wolf wrote: > Hi, > > I run current. After I run sysupgrade today (GENERIC.MP #626 build Jan 30) > it's not possible to run pkd_add. I always get the error > TLS connect failure: failed to set session > signify: gzheader truncated > > The error is reproducible on two machines and didn't occur until build #616 > (Jan 21). > > /etc/installurl points to an internal mirror server. This mirror server runs > on Debian/Apache and has a letsencrypt certificate. Maybe the letsencrypt > certificate is the root cause. > When I switch /etc/installurl to an official OpenBSD mirror (e.g. > https://artfiles.org/openbsd/) the error doesn't occur. > Also when /etc/installurl points to the internal mirror server using the > http instead of the https protocol then there is also no error.
pkg_add(1) does not deal directly with network connections. Any TLS bug is related to ftp(1). If you sign your packages, https is not event needed.
