Re: Fetching an https: URL

["OBATA Akio" <obache%netbsd.org@localhost>]

Hi,

On Wed, 27 Oct 2010 23:41:39 +0900, Hauke Fath 
<hf%spg.tu-darmstadt.de@localhost> wrote:

> teaching a pkg to fetch a distfile from an SSL web server, I get the
> impression that nobody @ pkgsrc has done this before...

I have a plan, but not doing yet because my packages have only http and ftp
MASTER_SITES.

1) define supported protocols for tech fetch command
FETCH_SUPPORTED_PROTOCOL.ftp= ftp http
FETCH_SUPPORTED_PROTOCOL.wget= ftp http https

2) change FETCH_USING to allow multiple fetch command
   with preferred order
FETCH_USING= ftp wget curl


3) get required protocol from MASTER_SITES
_FETCH_REQUIRED_PROTOCOLS=      ${MASTER_SITES:C/\:.+\$//g:u}

4) define fetch commands for each protocols

.for p in ${_FETCH_REQUIRED_PROTOCOLS}
.  for c in ${FETCH_USING}
.    if ${FETCH_SUPPORTED_PROTOCOL.${c}:M${p}}
_FETCH_USING.${p}?=     ${c}
.    endif
.  endfor
.endfor

5) add bootstrap dependency for all required fetch command

6) use _FETCH_USING.${protocol} for fetching distfile

> Setting FETCH_CMD doesn't do anything, it's FETCH_USING you need to set.
> But even then it is impossible to set
> FETCH_BEFORE_ARGS=--no-check-certificate to actually fetch a file over
> https. Looking at mk/fetch/fetch.mk, none of the FETCH*.${FETCH_USING}
> variables are user-settable. What was the idea behind that?

Two plan:

1) always ignore certs

2) define certs and use it, like wip/mk/svn-package.mk


We have already own hash checksum, so 1) may be sufficient,
but for PKG_DEVELOPERS, 2) may be required.

--
OBATA Akio / obache%NetBSD.org@localhost