apk-tools/libfetch, branch master Alpine Package Keeper, the 2.x tree libfetch: fix no_proxy domain name comparision 2020-04-01T08:08:43+00:00 Timo Teräs timo.teras@iki.fi 2020-04-01T08:08:43+00:00 d6c54f932054c58aee8f7a6d2bd49b115d804da1 Fix comparing of the hostname portion that matches exactly. The no_proxy matching is pretty rudimentary though and probably could go through a bit of additional rework. Fixes #10681 
Fix comparing of the hostname portion that matches exactly.
The no_proxy matching is pretty rudimentary though and probably
could go through a bit of additional rework.

Fixes #10681
libfetch: fixups to packetization socket option setting 2020-03-25T06:50:44+00:00 Timo Teräs timo.teras@iki.fi 2020-03-25T06:50:44+00:00 eae92bbacf3c005bf12f8f5f5555bff953ebb5d7 - split the code to a helper function - do not set sockets to corked state when putting back to cache so socket state is always deterministic - cork/uncork also when sending CONNECT to a proxy, this can reduce a little bit the latency how fast the packet gets sent out - also pair corking with uncorking in http_request to make it more obvious pairing 
- split the code to a helper function
- do not set sockets to corked state when putting back to
  cache so socket state is always deterministic
- cork/uncork also when sending CONNECT to a proxy, this
  can reduce a little bit the latency how fast the packet
  gets sent out
- also pair corking with uncorking in http_request to make
  it more obvious pairing
libfetch: minor HTTP handling improvement 2020-03-25T06:33:37+00:00 Alexander Wauck waucka@ironstarconsulting.net 2020-03-24T19:51:15+00:00 09dbe46a7608f56f07914137834e7ddda15c4837 The recent TCP_CORK change missed this bit of code. This change should improve performance a bit when making HTTP requests by calling http_cmd only once instead of three times. 
The recent TCP_CORK change missed this bit of code.  This change
should improve performance a bit when making HTTP requests by calling
http_cmd only once instead of three times.
libfetch: support TCP_CORK 2020-02-18T13:36:01+00:00 Timo Teräs timo.teras@iki.fi 2020-02-18T13:21:35+00:00 271047cc930150a2972573625124b0c097ad322a Unfortunately libfetch operates on raw sockets and is sending each HTTP request line using separate syscall which causes the HTTP request to be sent as multiple packets over the wire in most configurations. This is not good for performance, but can also cause subtle breakage if there's DPI firewall that does not get the Host header. Incidentally, it seems that on BSDs libfetch already sets TCP_NOPUSH optimize the packetization. This commit adds same logic for using TCP_CORK if available. When using TCP_CORK there is no requirement to set TCP_NODELAY as uncorking will also cause immediate send. Keep TCP_NODELAY in the fallback codepaths. Long term, it might make sense to replace or rewrite libfetch to use application level buffering. 
Unfortunately libfetch operates on raw sockets and is sending
each HTTP request line using separate syscall which causes the
HTTP request to be sent as multiple packets over the wire in most
configurations. This is not good for performance, but can also
cause subtle breakage if there's DPI firewall that does not get
the Host header.

Incidentally, it seems that on BSDs libfetch already sets
TCP_NOPUSH optimize the packetization. This commit adds same
logic for using TCP_CORK if available. When using TCP_CORK
there is no requirement to set TCP_NODELAY as uncorking will
also cause immediate send. Keep TCP_NODELAY in the fallback
codepaths.

Long term, it might make sense to replace or rewrite libfetch
to use application level buffering.
fix strncpy bounds errors 2019-02-13T14:05:27+00:00 Timo Teräs timo.teras@iki.fi 2019-02-13T13:44:03+00:00 44daf808737f85ff462905269c7a1e66d52e2fff error: 'strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation] Based on patch by Elan Ruusamäe <glen@delfi.ee> 
error: 'strncpy' specified bound 4096 equals destination size [-Werror=stringop-truncation]

Based on patch by Elan Ruusamäe <glen@delfi.ee>
libfetch: do not give out user/hostname as ftp anonymous password 2018-09-05T07:32:00+00:00 Timo Teräs timo.teras@iki.fi 2018-09-05T07:32:00+00:00 e4f54cfe6681b301fb32b455cb9bbab24d97c0f4 This is unwanted information disclosure. Reported-by: Max Justicz <max@justi.cz> 
This is unwanted information disclosure.

Reported-by: Max Justicz <max@justi.cz>
libfetch: support OpenSSL 2018-01-31T20:04:46+00:00 A. Wilcox AWilcox@Wilcox-Tech.com 2018-01-31T20:03:22+00:00 36f5cf8e4bbe863a5bcfaf33f5f0a460993a339f TLS_client_method is a LibreSSL extension. SSLv23_client_method is generic, and doesn't mean SSL v2/v3 only. 
TLS_client_method is a LibreSSL extension.
SSLv23_client_method is generic, and doesn't mean SSL v2/v3 only.
libfetch: add option to set "Cache-Control: no-cache" 2018-01-03T12:25:07+00:00 Timo Teräs timo.teras@iki.fi 2018-01-03T08:01:08+00:00 f90af35e9c563bd4f865d8d47a7ae357191494db ref #8161 
ref #8161
libfetch: honor https_proxy variable for https 2018-01-03T08:43:31+00:00 Timo Teräs timo.teras@iki.fi 2018-01-03T08:43:31+00:00 99e7bb93dfff2f43987b81ce7600ad8fbd0ce64c fixes #8160 
fixes #8160
libfetch: fix certificate host name check 2017-10-06T15:09:37+00:00 Timo Teräs timo.teras@iki.fi 2017-10-06T15:09:37+00:00 0d814ba35b5e26eb9a42ea7a52521eca44306479 OpenSSL allows passing zero-length to indicate "use strlen". LibreSSL requires using the real length always, so pass the length. 
OpenSSL allows passing zero-length to indicate "use strlen".
LibreSSL requires using the real length always, so pass the length.