pkgsrc-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkgin doesn't work with https and proxy
On Fri, Apr 5, 2024 at 7:03 PM Martin Husemann <martin%duskware.de@localhost> wrote:
>
> On Fri, Apr 05, 2024 at 10:50:20AM +0100, Jonathan Perkin wrote:
> > > ftp(1) command can fetch pkg_summary.gz under the same environment:
> >
> > I don't believe ftp checks certificates, at least by default.
>
> The ftp(1) in NetBSD 10.0 does validate the certificates, so the openssl
> setup (and certificates) must be working.
>
> > > The version of pkgin:
> > >
> > > netbsd10# pkgin -v
> > > pkgin 23.8.1 (using SQLite 3.26.0)
> >
> > Oh, that's strange. That version of pkgin doesn't even perform validation.
> > I guess this is a libfetch issue on NetBSD, or the SSL errors above aren't
> > related to verification.
>
> It works for me (on NetBSD 10.0) with pkgin 23.8.1 (using SQLite 3.26.0)
> from the repository at https://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/x86_64/10.0/All
nonaka@n.o has provided me with a patch for libfetch (at the end of the mail).
The patch works for me, though I don't know if it is appropriate or not.
ozaki-r
Index: net/libfetch/files/http.c
===================================================================
RCS file: /cvsroot/pkgsrc/net/libfetch/files/http.c,v
retrieving revision 1.42
diff -u -p -r1.42 http.c
--- net/libfetch/files/http.c 23 Aug 2022 17:48:53 -0000 1.42
+++ net/libfetch/files/http.c 5 Apr 2024 05:39:39 -0000
@@ -765,10 +765,12 @@ http_connect(struct url *URL, struct url
goto ouch;
}
/* Read and discard the rest of the proxy response */
+#if 0
if (fetch_getln(conn) < 0) {
fetch_syserr();
goto ouch;
}
+#endif
do {
switch ((h = http_next_header(conn, &p))) {
case hdr_syserror:
Home |
Main Index |
Thread Index |
Old Index