summaryrefslogtreecommitdiff
path: root/t/subpkg4.sh
diff options
context:
space:
mode:
authorPaul Eggert <eggert@cs.ucla.edu>2017-09-16 13:03:36 -0700
committerPaul Eggert <eggert@cs.ucla.edu>2017-09-16 13:25:44 -0700
commit199e7a445040270fa5ef67623c56cde40d765199 (patch)
tree79d5ad3495469737e8eb56be09b2e32f09cc1fed /t/subpkg4.sh
parentf389ecb89acb7f51b6a9e8f41ebad3e45ac905a2 (diff)
downloadautomake-199e7a445040270fa5ef67623c56cde40d765199.tar.gz
Prefer https: URLs
In Gnulib, Emacs, etc. we are changing ftp: and http: URLs to use https:, to discourage man-in-the-middle attacks when downloading software. The attached patch propagates these changes upstream to Automake. This patch does not affect files that Automake is downstream of, which I'll patch separately. Althouth the resources are not secret, plain HTTP is vulnerable to malicious routers that tamper with responses from GNU servers, and this sort of thing is all too common when people in some other countries browse US-based websites. See, for example: Aceto G, Botta A, Pescapé A, Awan MF, Ahmad T, Qaisar S. Analyzing internet censorship in Pakistan. RTSI 2016. https://dx.doi.org/10.1109/RTSI.2016.7740626 HTTPS is not a complete solution here, but it can be a significant help. The GNU project regularly serves up code to users, so we should take some care here.
Diffstat (limited to 't/subpkg4.sh')
-rw-r--r--t/subpkg4.sh2
1 files changed, 1 insertions, 1 deletions
diff --git a/t/subpkg4.sh b/t/subpkg4.sh
index 76a4ed08d..cb76e5281 100644
--- a/t/subpkg4.sh
+++ b/t/subpkg4.sh
@@ -12,7 +12,7 @@
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
# Test to ensure 'distdir' fixes the mode of files and directories
# copied into '$(distdir)', even with sub-packages.