« previous next »
Pages: [1]

Author Topic: Downloading YATE source code over HTTPS  (Read 9249 times)

Rjevski

  • Newbie
  • *
  • Posts: 2
    • View Profile
Downloading YATE source code over HTTPS
« on: June 02, 2020, 07:14:20 AM »
Hello,

Does anyone know how can I get a copy of the YATE source via a secure channel such as HTTPS?

At the moment it seems like both binary downloads and SVN go over unencrypted HTTP.

Regards.
Logged

cc08

  • Newbie
  • *
  • Posts: 27
    • View Profile
Re: Downloading YATE source code over HTTPS
« Reply #1 on: June 02, 2020, 09:37:11 AM »
Rjevski, nahuya vam https ?

Here is the working link:

svn checkout https://voip.null.ro/svn/yate/trunk yate

but the certificate is self-signed. Therefore, from SVN there will be additional questions.
Logged

Rjevski

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: Downloading YATE source code over HTTPS
« Reply #2 on: June 02, 2020, 02:56:10 PM »
Thanks for your reply.

Yes I remember trying the HTTPS URL and seeing the self-signed certificate. It helps a bit but still doesn't fully mitigate the risk.

When using software in production I do my best to ensure there's no risk of accidentally ending up with malicious code thanks to an MITM attack. Most software nowadays is distributed over a secure channel (whether HTTPS or HTTP with signatures verified out of band, like Debian's APT that uses GPG keys for this) so I was hoping it would be the same for Yate.
Logged
Pages: [1]
« previous next »