Package: apt Version: 0.5.9 Severity: wishlist Tags: patch (Patch sent separately; a previous version of this message, with the patch, was bounced by the bug mail server.)
Here is the Progeny version of the patch to add SSL support to apt. This patch is derived from the work of Tomas Pospisek <[EMAIL PROTECTED]>. Our main innovation is to merge the http and https methods into one binary, with https as a symlink to http. This was done so that redirects could be made from http to https and vice versa. (See our other patches for the redirect/auth patch.) One important consideration: there may be some confusion on our part regarding the license. Tomas seemed to have received permission to link OpenSSL with apt, but the only documentation of this is in Tomas's patch itself, and there's some question as to whether the license grant was legit. If there is a problem, we will implement GNU TLS right away, as we are distributing binaries of this patch now. Another concern that I've heard: binding SSL support so tightly to apt, and thus adding another dependency to the base system. I'm open to ideas regarding this problem if it's considered important. This patch is against vanilla apt 0.5.9. We can also produce patches against our redirect/auth and cookie version of 0.5.9, or can migrate to newer apt versions, as needed.
