This prevents a possible MITM attack described in:
https://www.reddit.com/r/BSD/comments/br62hm/freebsd_cryptographic_bypass_and_mitmbased/
Details
Details
- Reviewers
emaste swills antoine - Group Reviewers
portmgr - Commits
- rP508820: MFH: r508819
rP508819: Force ports depending on a fetch target to actually run checksum.
Diff Detail
Diff Detail
- Lint
No Lint Coverage - Unit
No Test Coverage - Build Status
Buildable 25806 Build 24378: arc lint + arc unit
Event Timeline
Comment Actions
Seems reasonable to me. I might expand the comment slightly to "prevents a MITM attack on the dependency."