apk-tools/libfetch, branch 2.8-stable Alpine Package Keeper, the 2.x tree libfetch: add option to set "Cache-Control: no-cache" 2018-01-09T07:56:05+00:00 Timo Teräs timo.teras@iki.fi 2018-01-03T08:01:08+00:00 b7f70c067c035493cdfbf08fa78a0befbbfde3ea ref #8161 (cherry picked from commit f90af35e9c563bd4f865d8d47a7ae357191494db) 
ref #8161

(cherry picked from commit f90af35e9c563bd4f865d8d47a7ae357191494db)
libfetch: honor https_proxy variable for https 2018-01-09T07:55:26+00:00 Timo Teräs timo.teras@iki.fi 2018-01-03T08:43:31+00:00 c051f6f10ff08fd68a091cd236c3606027952db3 fixes #8160 (cherry picked from commit 99e7bb93dfff2f43987b81ce7600ad8fbd0ce64c) 
fixes #8160

(cherry picked from commit 99e7bb93dfff2f43987b81ce7600ad8fbd0ce64c)
libfetch: fix certificate host name check 2017-10-06T15:09:37+00:00 Timo Teräs timo.teras@iki.fi 2017-10-06T15:09:37+00:00 0d814ba35b5e26eb9a42ea7a52521eca44306479 OpenSSL allows passing zero-length to indicate "use strlen". LibreSSL requires using the real length always, so pass the length. 
OpenSSL allows passing zero-length to indicate "use strlen".
LibreSSL requires using the real length always, so pass the length.
libfetch: improve openssl/libressl compatibility 2017-10-06T10:25:27+00:00 Timo Teräs timo.teras@iki.fi 2017-10-06T10:23:54+00:00 eb8f44d629aca3a780f7feedfee11794f14082ad X509_check_host() is introduced in libressl-2.5.0 and openssl-1.0.2 which are not yet universally available. Add support for building against the older versions. 
X509_check_host() is introduced in libressl-2.5.0 and openssl-1.0.2
which are not yet universally available. Add support for building
against the older versions.
libfetch: improve ssl connections 2017-10-05T13:59:14+00:00 Timo Teräs timo.teras@iki.fi 2017-10-05T13:39:47+00:00 52fd85a8dcfee9c93522d80693673bc95cc1caaf loosely based on the freebsd implementation, implement https connection settings to override CA, and use client certificate. new files supported in /etc/apk/: ca.pem - if exists, it contains CAs acceptable for https (otherwise system wide CAs are used) crl.pem - if ca.pem is used, this is the (optional) CRL for it cert.pem - used as client authentication certificate (+ key) cert.key - used as client key (can be also inside cert.pem) 
loosely based on the freebsd implementation, implement https
connection settings to override CA, and use client certificate.

new files supported in /etc/apk/:
  ca.pem   - if exists, it contains CAs acceptable for https
	     (otherwise system wide CAs are used)
  crl.pem  - if ca.pem is used, this is the (optional) CRL for it
  cert.pem - used as client authentication certificate (+ key)
  cert.key - used as client key (can be also inside cert.pem)
libfetch: remove unwanted code conditionals 2017-10-05T13:59:14+00:00 Timo Teräs timo.teras@iki.fi 2017-10-05T10:47:36+00:00 531fea4c9082d6542c776dcb6d4ca0a3949ecdd0 






libfetch: fix ssl context leak
2017-10-05T13:59:14+00:00

Timo Teräs
timo.teras@iki.fi

2017-10-05T10:30:39+00:00

f6860e0e110a82fe61ce46de4fb5a05794e456ab

from freebsd





from freebsd







build and use bundled libfetch natively
2017-10-05T13:59:14+00:00

Timo Teräs
timo.teras@iki.fi

2017-10-05T07:57:45+00:00

86436fce2fe2364bbc9e705ddc92d7733fc8ed75












import libfetch-2.38 from NetBSD
2017-10-05T13:58:09+00:00

Timo Teräs
timo.teras@iki.fi

2017-10-05T05:57:18+00:00

9dc6278c7b4ef41810b264ca99b597634511bda1

ftp://ftp.fu-berlin.de/unix/NetBSD/packages/current-src/pkgsrc/net/libfetch/files

libfetch comes (at least) in netbsd and freebsd flavors which
differing functionality. Alpine and Arch package netbsd one,
but it's not widely packaged across other distributions.

We need NetBSD version as it does not use funopen(3) which is not
supported in musl, and supports connection pooling.

FreeBSD seems to be the orignal and better maintained version
with support for SSL CAs, client certificate authentication,
proxy authentication, and improved http redirect handling.

So this imports NetBSD version, and future commits will pick up
the needed improvements from FreeBSD tree.

Incidentally, this also fixes #7857 and likes for good.





ftp://ftp.fu-berlin.de/unix/NetBSD/packages/current-src/pkgsrc/net/libfetch/files

libfetch comes (at least) in netbsd and freebsd flavors which
differing functionality. Alpine and Arch package netbsd one,
but it's not widely packaged across other distributions.

We need NetBSD version as it does not use funopen(3) which is not
supported in musl, and supports connection pooling.

FreeBSD seems to be the orignal and better maintained version
with support for SSL CAs, client certificate authentication,
proxy authentication, and improved http redirect handling.

So this imports NetBSD version, and future commits will pick up
the needed improvements from FreeBSD tree.

Incidentally, this also fixes #7857 and likes for good.