apk-tools/libfetch/Makefile, branch 2.10-stable Alpine Package Keeper, the 2.x tree libfetch: improve openssl/libressl compatibility 2017-10-06T10:25:27+00:00 Timo Teräs timo.teras@iki.fi 2017-10-06T10:23:54+00:00 eb8f44d629aca3a780f7feedfee11794f14082ad X509_check_host() is introduced in libressl-2.5.0 and openssl-1.0.2 which are not yet universally available. Add support for building against the older versions. 
X509_check_host() is introduced in libressl-2.5.0 and openssl-1.0.2
which are not yet universally available. Add support for building
against the older versions.
libfetch: improve ssl connections 2017-10-05T13:59:14+00:00 Timo Teräs timo.teras@iki.fi 2017-10-05T13:39:47+00:00 52fd85a8dcfee9c93522d80693673bc95cc1caaf loosely based on the freebsd implementation, implement https connection settings to override CA, and use client certificate. new files supported in /etc/apk/: ca.pem - if exists, it contains CAs acceptable for https (otherwise system wide CAs are used) crl.pem - if ca.pem is used, this is the (optional) CRL for it cert.pem - used as client authentication certificate (+ key) cert.key - used as client key (can be also inside cert.pem) 
loosely based on the freebsd implementation, implement https
connection settings to override CA, and use client certificate.

new files supported in /etc/apk/:
  ca.pem   - if exists, it contains CAs acceptable for https
	     (otherwise system wide CAs are used)
  crl.pem  - if ca.pem is used, this is the (optional) CRL for it
  cert.pem - used as client authentication certificate (+ key)
  cert.key - used as client key (can be also inside cert.pem)
libfetch: remove unwanted code conditionals 2017-10-05T13:59:14+00:00 Timo Teräs timo.teras@iki.fi 2017-10-05T10:47:36+00:00 531fea4c9082d6542c776dcb6d4ca0a3949ecdd0 






build and use bundled libfetch natively
2017-10-05T13:59:14+00:00

Timo Teräs
timo.teras@iki.fi

2017-10-05T07:57:45+00:00

86436fce2fe2364bbc9e705ddc92d7733fc8ed75












import libfetch-2.38 from NetBSD
2017-10-05T13:58:09+00:00

Timo Teräs
timo.teras@iki.fi

2017-10-05T05:57:18+00:00

9dc6278c7b4ef41810b264ca99b597634511bda1

ftp://ftp.fu-berlin.de/unix/NetBSD/packages/current-src/pkgsrc/net/libfetch/files

libfetch comes (at least) in netbsd and freebsd flavors which
differing functionality. Alpine and Arch package netbsd one,
but it's not widely packaged across other distributions.

We need NetBSD version as it does not use funopen(3) which is not
supported in musl, and supports connection pooling.

FreeBSD seems to be the orignal and better maintained version
with support for SSL CAs, client certificate authentication,
proxy authentication, and improved http redirect handling.

So this imports NetBSD version, and future commits will pick up
the needed improvements from FreeBSD tree.

Incidentally, this also fixes #7857 and likes for good.





ftp://ftp.fu-berlin.de/unix/NetBSD/packages/current-src/pkgsrc/net/libfetch/files

libfetch comes (at least) in netbsd and freebsd flavors which
differing functionality. Alpine and Arch package netbsd one,
but it's not widely packaged across other distributions.

We need NetBSD version as it does not use funopen(3) which is not
supported in musl, and supports connection pooling.

FreeBSD seems to be the orignal and better maintained version
with support for SSL CAs, client certificate authentication,
proxy authentication, and improved http redirect handling.

So this imports NetBSD version, and future commits will pick up
the needed improvements from FreeBSD tree.

Incidentally, this also fixes #7857 and likes for good.