aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHenry <PopularMoment@protonmail.com>2025-03-20 14:26:54 +0000
committerVladimir Druzenko <vvd@FreeBSD.org>2025-03-20 14:42:33 +0000
commit2d98b8845826a914ff74af01c30f69ae456705d6 (patch)
tree2d3d79b373e4848fb7912c7152220bd9f183dbc1
parent94ca69451ccaff3e1136cd49de7315a3b4d1012d (diff)
net/xapsd: Update g20240326 => g20241228
- fixes CVE-2024-45338 and CVE-2024-51744 - requires at least go 1.23, so use latest stable - adds sub folder support Commit log: https://github.com/freswa/dovecot-xaps-daemon/compare/1e589be...8cf4e49 PR: 285485
-rw-r--r--net/xapsd/Makefile35
-rw-r--r--net/xapsd/distinfo62
-rw-r--r--net/xapsd/files/patch-internal_apns.go63
-rw-r--r--net/xapsd/files/patch-internal_socket.go44
-rw-r--r--net/xapsd/files/patch-pkg_apple__xserver__certs_http.go83
5 files changed, 152 insertions, 135 deletions
diff --git a/net/xapsd/Makefile b/net/xapsd/Makefile
index d48dbd68cea9..30ac9b4c6809 100644
--- a/net/xapsd/Makefile
+++ b/net/xapsd/Makefile
@@ -1,6 +1,5 @@
PORTNAME= xapsd
-DISTVERSION= g20240326
-PORTREVISION= 7
+DISTVERSION= g20241228
CATEGORIES= net
MAINTAINER= PopularMoment@protonmail.com
@@ -10,39 +9,37 @@ WWW= https://github.com/freswa/dovecot-xaps-daemon
LICENSE= MIT
LICENSE_FILE= ${WRKSRC}/LICENSE
-USES= go:modules
+USES= go:1.24,modules
USE_RC_SUBR= xapsd
USE_GITHUB= yes
GH_ACCOUNT= freswa
GH_PROJECT= dovecot-xaps-daemon
-GH_TAGNAME= 1e589be
+GH_TAGNAME= 8cf4e49
GH_TUPLE= freswa:go-plist:900e8a7d907d:freswa_go_plist/vendor/github.com/freswa/go-plist \
- fsnotify:fsnotify:v1.6.0:fsnotify_fsnotify/vendor/github.com/fsnotify/fsnotify \
+ fsnotify:fsnotify:v1.8.0:fsnotify_fsnotify/vendor/github.com/fsnotify/fsnotify \
go-ini:ini:v1.67.0:go_ini_ini/vendor/gopkg.in/ini.v1 \
go-yaml:yaml:v3.0.1:go_yaml_yaml/vendor/gopkg.in/yaml.v3 \
- golang-jwt:jwt:v4.5.0:golang_jwt_jwt_v4/vendor/github.com/golang-jwt/jwt/v4 \
- golang:exp:7918f672742d:golang_exp/vendor/golang.org/x/exp \
- golang:net:v0.17.0:golang_net/vendor/golang.org/x/net \
- golang:sys:v0.13.0:golang_sys/vendor/golang.org/x/sys \
- golang:text:v0.13.0:golang_text/vendor/golang.org/x/text \
+ golang-jwt:jwt:v4.5.1:golang_jwt_jwt_v4/vendor/github.com/golang-jwt/jwt/v4 \
+ golang:exp:b2144cdd0a67:golang_exp/vendor/golang.org/x/exp \
+ golang:net:v0.33.0:golang_net/vendor/golang.org/x/net \
+ golang:sys:v0.28.0:golang_sys/vendor/golang.org/x/sys \
+ golang:text:v0.21.0:golang_text/vendor/golang.org/x/text \
hashicorp:hcl:v1.0.0:hashicorp_hcl/vendor/github.com/hashicorp/hcl \
julienschmidt:httprouter:v1.3.0:julienschmidt_httprouter/vendor/github.com/julienschmidt/httprouter \
- magiconair:properties:v1.8.7:magiconair_properties/vendor/github.com/magiconair/properties \
+ magiconair:properties:v1.8.9:magiconair_properties/vendor/github.com/magiconair/properties \
mitchellh:mapstructure:v1.5.0:mitchellh_mapstructure/vendor/github.com/mitchellh/mapstructure \
- pelletier:go-toml:v2.1.0:pelletier_go_toml_v2/vendor/github.com/pelletier/go-toml/v2 \
- sagikazarmark:locafero:v0.3.0:sagikazarmark_locafero/vendor/github.com/sagikazarmark/locafero \
+ pelletier:go-toml:v2.2.3:pelletier_go_toml_v2/vendor/github.com/pelletier/go-toml/v2 \
+ sagikazarmark:locafero:v0.6.0:sagikazarmark_locafero/vendor/github.com/sagikazarmark/locafero \
sagikazarmark:slog-shim:v0.1.0:sagikazarmark_slog_shim/vendor/github.com/sagikazarmark/slog-shim \
- sideshow:apns2:v0.23.0:sideshow_apns2/vendor/github.com/sideshow/apns2 \
+ sideshow:apns2:v0.25.0:sideshow_apns2/vendor/github.com/sideshow/apns2 \
sirupsen:logrus:v1.9.3:sirupsen_logrus/vendor/github.com/sirupsen/logrus \
sourcegraph:conc:v0.3.0:sourcegraph_conc/vendor/github.com/sourcegraph/conc \
- spf13:afero:v1.10.0:spf13_afero/vendor/github.com/spf13/afero \
- spf13:cast:v1.5.1:spf13_cast/vendor/github.com/spf13/cast \
- spf13:jwalterweatherman:v1.1.0:spf13_jwalterweatherman/vendor/github.com/spf13/jwalterweatherman \
+ spf13:afero:v1.11.0:spf13_afero/vendor/github.com/spf13/afero \
+ spf13:cast:v1.7.1:spf13_cast/vendor/github.com/spf13/cast \
spf13:pflag:v1.0.5:spf13_pflag/vendor/github.com/spf13/pflag \
- spf13:viper:v1.17.0:spf13_viper/vendor/github.com/spf13/viper \
+ spf13:viper:v1.19.0:spf13_viper/vendor/github.com/spf13/viper \
subosito:gotenv:v1.6.0:subosito_gotenv/vendor/github.com/subosito/gotenv \
- uber-go:atomic:v1.11.0:uber_go_atomic/vendor/go.uber.org/atomic \
uber-go:multierr:v1.11.0:uber_go_multierr/vendor/go.uber.org/multierr
GO_TARGET= ./cmd/xapsd:${PREFIX}/sbin/xapsd
diff --git a/net/xapsd/distinfo b/net/xapsd/distinfo
index 741a85ef7df7..14c8c2a539b2 100644
--- a/net/xapsd/distinfo
+++ b/net/xapsd/distinfo
@@ -1,57 +1,53 @@
-TIMESTAMP = 1712416748
-SHA256 (freswa-dovecot-xaps-daemon-g20240326-1e589be_GH0.tar.gz) = 1e6c019df01f9c54e4499537678fbebf83270a39570c24677b41b93ed2022e17
-SIZE (freswa-dovecot-xaps-daemon-g20240326-1e589be_GH0.tar.gz) = 110569
+TIMESTAMP = 1741456749
+SHA256 (freswa-dovecot-xaps-daemon-g20241228-8cf4e49_GH0.tar.gz) = 85296246ef9729d3233dfbf69147ba085f815bccad58a0c1c8d783e42b8dbd77
+SIZE (freswa-dovecot-xaps-daemon-g20241228-8cf4e49_GH0.tar.gz) = 41256
SHA256 (freswa-go-plist-900e8a7d907d_GH0.tar.gz) = 2b4a06b8805bc1436ab8f34d6fd140645a0a01ccaf9f4b3a7dc3e0e35f5a2e88
SIZE (freswa-go-plist-900e8a7d907d_GH0.tar.gz) = 47675
-SHA256 (fsnotify-fsnotify-v1.6.0_GH0.tar.gz) = 583b2b399709d04807c5c3185e7d4dc0543d532af91fdeb85eeaf803a0b7703b
-SIZE (fsnotify-fsnotify-v1.6.0_GH0.tar.gz) = 46044
+SHA256 (fsnotify-fsnotify-v1.8.0_GH0.tar.gz) = 3c4cbec6225307397717f18bb87ffc496e59d0f802a41fff572bf09e5dbf6e2b
+SIZE (fsnotify-fsnotify-v1.8.0_GH0.tar.gz) = 72325
SHA256 (go-ini-ini-v1.67.0_GH0.tar.gz) = 06ba51234140118d1b6064f1817aa89cc971c6e7ce04cb9d286e6660d89296c8
SIZE (go-ini-ini-v1.67.0_GH0.tar.gz) = 53531
SHA256 (go-yaml-yaml-v3.0.1_GH0.tar.gz) = cf05411540d3e6ef8f1fd88434b34f94cedaceb540329031d80e23b74540c4e5
SIZE (go-yaml-yaml-v3.0.1_GH0.tar.gz) = 91173
-SHA256 (golang-jwt-jwt-v4.5.0_GH0.tar.gz) = 00b1cc127cba09b4e4ea9efa5c0f18a36bb55e08b5eec0a222b8e1599a938077
-SIZE (golang-jwt-jwt-v4.5.0_GH0.tar.gz) = 53049
-SHA256 (golang-exp-7918f672742d_GH0.tar.gz) = b95b3ce3e29ce58fb69a562d1e0ad092086f5acbe8258e7288a313c9f354f9ed
-SIZE (golang-exp-7918f672742d_GH0.tar.gz) = 1634283
-SHA256 (golang-net-v0.17.0_GH0.tar.gz) = 8cbbc0df17599834c9f547d802045b279724a3931f3cdb92c02d141214fd80c4
-SIZE (golang-net-v0.17.0_GH0.tar.gz) = 1456230
-SHA256 (golang-sys-v0.13.0_GH0.tar.gz) = 8877d20a8f1b2533ddef00e65b6b3b9cebbcbffa319ed525df0bc229f583e2b6
-SIZE (golang-sys-v0.13.0_GH0.tar.gz) = 1442250
-SHA256 (golang-text-v0.13.0_GH0.tar.gz) = c6e22ff8280188539ba0a6c65cbc80cda877adcf5332651fa78044018c05d6af
-SIZE (golang-text-v0.13.0_GH0.tar.gz) = 8967009
+SHA256 (golang-jwt-jwt-v4.5.1_GH0.tar.gz) = 1bb5df28987139b800083b79fab18bb644f664da1aade0f9d36482c3bf04eccd
+SIZE (golang-jwt-jwt-v4.5.1_GH0.tar.gz) = 53181
+SHA256 (golang-exp-b2144cdd0a67_GH0.tar.gz) = 837709d8463fad36e00f30eafd6b6ab3f44c7e7926959cdafbc69fa4a2a9ffb7
+SIZE (golang-exp-b2144cdd0a67_GH0.tar.gz) = 1741596
+SHA256 (golang-net-v0.33.0_GH0.tar.gz) = 675e0ceaf54baf4f6e2a5152fe148906119c97e7b1d37d1c44ec2621faeab0e8
+SIZE (golang-net-v0.33.0_GH0.tar.gz) = 1466426
+SHA256 (golang-sys-v0.28.0_GH0.tar.gz) = 62726b1ccbb09c7e8de2215756a26012751bdded12b5bacc6de83296db694ebf
+SIZE (golang-sys-v0.28.0_GH0.tar.gz) = 1519898
+SHA256 (golang-text-v0.21.0_GH0.tar.gz) = d64dbf40a8ae06c4805895e48553ecdadaed07089d8ed2168a0d61551d17ff22
+SIZE (golang-text-v0.21.0_GH0.tar.gz) = 8964782
SHA256 (hashicorp-hcl-v1.0.0_GH0.tar.gz) = 50632428210503070fd2fde748c88b7414bf84a6a0eadebf9d8e596a033bead2
SIZE (hashicorp-hcl-v1.0.0_GH0.tar.gz) = 70658
SHA256 (julienschmidt-httprouter-v1.3.0_GH0.tar.gz) = 2999dffc23f8ac3872ea37d108ddec0ba570d2780a42876300bdcdb0744908e2
SIZE (julienschmidt-httprouter-v1.3.0_GH0.tar.gz) = 23889
-SHA256 (magiconair-properties-v1.8.7_GH0.tar.gz) = 09e950df1970975400edc7f6c2f9e3edace4e1ea49f823006387d130fb0f4f03
-SIZE (magiconair-properties-v1.8.7_GH0.tar.gz) = 31425
+SHA256 (magiconair-properties-v1.8.9_GH0.tar.gz) = 259f5a9eea40458a1096f7c51121178823e912af07c1ca620d115905db5c4f26
+SIZE (magiconair-properties-v1.8.9_GH0.tar.gz) = 28416
SHA256 (mitchellh-mapstructure-v1.5.0_GH0.tar.gz) = 81106cbac93000812c194b4a2069dd32913ec18819b1e99e8436595ce4939413
SIZE (mitchellh-mapstructure-v1.5.0_GH0.tar.gz) = 30123
-SHA256 (pelletier-go-toml-v2.1.0_GH0.tar.gz) = ee61dae04dfb61262f2ab5c1b55dabaec8acb74f9513e4729b72511479eb9fd1
-SIZE (pelletier-go-toml-v2.1.0_GH0.tar.gz) = 899401
-SHA256 (sagikazarmark-locafero-v0.3.0_GH0.tar.gz) = babb395f253048afda2bd17a91750cf7f2dcb28c1d870f10a01d6d37531d2eeb
-SIZE (sagikazarmark-locafero-v0.3.0_GH0.tar.gz) = 23726
+SHA256 (pelletier-go-toml-v2.2.3_GH0.tar.gz) = 3a5dfdc1e543efd6032813cb27a5b06d66bbefbbcc88bb664f69d605725c42af
+SIZE (pelletier-go-toml-v2.2.3_GH0.tar.gz) = 909237
+SHA256 (sagikazarmark-locafero-v0.6.0_GH0.tar.gz) = 2a1ba4cb44d1858b77fb750f6f72f1b3b3d013ef8731644bdc0a6fdc9e3f28be
+SIZE (sagikazarmark-locafero-v0.6.0_GH0.tar.gz) = 11140
SHA256 (sagikazarmark-slog-shim-v0.1.0_GH0.tar.gz) = a594ec7e138265768a5c23f8ab460724d8215db45dc1bddde4743bca3373803d
SIZE (sagikazarmark-slog-shim-v0.1.0_GH0.tar.gz) = 10872
-SHA256 (sideshow-apns2-v0.23.0_GH0.tar.gz) = 5ad9b2fb211ac9ae9040e09ba5b3b2c74189826e778f874b99aeb174ad22a1ea
-SIZE (sideshow-apns2-v0.23.0_GH0.tar.gz) = 1264203
+SHA256 (sideshow-apns2-v0.25.0_GH0.tar.gz) = c269325d9f5d34fd394aecee79d48e1726ce9ddf899f22a20b4362616f388e84
+SIZE (sideshow-apns2-v0.25.0_GH0.tar.gz) = 1264207
SHA256 (sirupsen-logrus-v1.9.3_GH0.tar.gz) = cfa48a647a28c1f12fb6a9b672bc4d88b6407ff05aedcf23ce939d342646acce
SIZE (sirupsen-logrus-v1.9.3_GH0.tar.gz) = 50320
SHA256 (sourcegraph-conc-v0.3.0_GH0.tar.gz) = c20a36ef6e8cd4721b8824d3e0a590d78f56ce72ace53ec7fdd2f7a978e9240f
SIZE (sourcegraph-conc-v0.3.0_GH0.tar.gz) = 23021
-SHA256 (spf13-afero-v1.10.0_GH0.tar.gz) = 4a35513ee4da7c1e38d0abd67fe541c15abe21b45e521498060c565d88213950
-SIZE (spf13-afero-v1.10.0_GH0.tar.gz) = 94857
-SHA256 (spf13-cast-v1.5.1_GH0.tar.gz) = 445aa5b0e61b67ccd0d14fe38cd473d73775f1bec4b58fe83b16e3b0cab08a9a
-SIZE (spf13-cast-v1.5.1_GH0.tar.gz) = 15524
-SHA256 (spf13-jwalterweatherman-v1.1.0_GH0.tar.gz) = 4fd850a792c5738954c4801cf549d8d0bf53edd17139cd39d179aa5abf7ec68d
-SIZE (spf13-jwalterweatherman-v1.1.0_GH0.tar.gz) = 6871
+SHA256 (spf13-afero-v1.11.0_GH0.tar.gz) = f83f67c4a03d8bba2b7fe1a496e848b2b1b7d97d0b951d85d2b401e7488a4ed4
+SIZE (spf13-afero-v1.11.0_GH0.tar.gz) = 89257
+SHA256 (spf13-cast-v1.7.1_GH0.tar.gz) = 582dcd8edee06058dde613d3e9cea2c721a26e8afa7aa782d7d24075798579f3
+SIZE (spf13-cast-v1.7.1_GH0.tar.gz) = 15743
SHA256 (spf13-pflag-v1.0.5_GH0.tar.gz) = 9a2cae1f8e8ab0d2cc8ebe468e871af28d9ac0962cf0520999e3ba85f0c7b808
SIZE (spf13-pflag-v1.0.5_GH0.tar.gz) = 50796
-SHA256 (spf13-viper-v1.17.0_GH0.tar.gz) = 7f5476e4333a29e6fd5d277f5f9c7c5e234e802419059c6d6b088108e7627358
-SIZE (spf13-viper-v1.17.0_GH0.tar.gz) = 127661
+SHA256 (spf13-viper-v1.19.0_GH0.tar.gz) = bd754a586de7b8f6e54037b715765833f8120cb8bdbb4240a69c6537a0ccdfd5
+SIZE (spf13-viper-v1.19.0_GH0.tar.gz) = 119990
SHA256 (subosito-gotenv-v1.6.0_GH0.tar.gz) = 51a5a8e36f30ddd97866779e93c4e93b0d4958a60fabd1d17fc2226bfe7823db
SIZE (subosito-gotenv-v1.6.0_GH0.tar.gz) = 11470
-SHA256 (uber-go-atomic-v1.11.0_GH0.tar.gz) = cfe258c20d71ac4dbf0f716a23ed00c332b7f281180651e2a67ad40a8b0772cc
-SIZE (uber-go-atomic-v1.11.0_GH0.tar.gz) = 24299
SHA256 (uber-go-multierr-v1.11.0_GH0.tar.gz) = 8aa599cf7de733306cf8770f854f8a38e6c819b1ae4296f15e44b1e7c6698f34
SIZE (uber-go-multierr-v1.11.0_GH0.tar.gz) = 16900
diff --git a/net/xapsd/files/patch-internal_apns.go b/net/xapsd/files/patch-internal_apns.go
new file mode 100644
index 000000000000..ff3b78d16cda
--- /dev/null
+++ b/net/xapsd/files/patch-internal_apns.go
@@ -0,0 +1,63 @@
+--- internal/apns.go.orig 2024-03-26 13:15:17 UTC
++++ internal/apns.go
+@@ -1,18 +1,21 @@
+ package internal
+
+ import (
++ "crypto/md5"
+ "crypto/tls"
+ "crypto/x509"
++ "encoding/hex"
+ "errors"
++ "net/http"
++ "sync"
++ "time"
++
+ "github.com/freswa/dovecot-xaps-daemon/internal/config"
+ "github.com/freswa/dovecot-xaps-daemon/internal/database"
+ "github.com/freswa/dovecot-xaps-daemon/pkg/apple_xserver_certs"
+ "github.com/sideshow/apns2"
+ log "github.com/sirupsen/logrus"
+ "golang.org/x/net/http2"
+- "net/http"
+- "sync"
+- "time"
+ )
+
+ const (
+@@ -135,11 +138,11 @@ func (apns *Apns) checkDelayed() {
+ }
+ apns.mapMutex.Unlock()
+ for _, reg := range sendNow {
+- apns.SendNotification(reg, false)
++ apns.SendNotification(reg, false, "")
+ }
+ }
+
+-func (apns *Apns) SendNotification(registration database.Registration, delayed bool) {
++func (apns *Apns) SendNotification(registration database.Registration, delayed bool, mailbox string) {
+ apns.mapMutex.Lock()
+ if delayed {
+ apns.delayedApns[registration] = time.Now()
+@@ -149,6 +152,7 @@ func (apns *Apns) SendNotification(registration databa
+ delete(apns.delayedApns, registration)
+ apns.mapMutex.Unlock()
+ }
++
+ log.Debugln("Sending notification to", registration.AccountId, "/", registration.DeviceToken)
+
+ notification := &apns2.Notification{}
+@@ -156,6 +160,13 @@ func (apns *Apns) SendNotification(registration databa
+ notification.Topic = apns.Topic
+ composedPayload := []byte(`{"aps":{`)
+ composedPayload = append(composedPayload, []byte(`"account-id":"`+registration.AccountId+`"`)...)
++
++ if mailbox != "" {
++ hash := md5.Sum([]byte(mailbox))
++ mailbox_hash := hex.EncodeToString(hash[:])
++ composedPayload = append(composedPayload, []byte(`, "m":"`+mailbox_hash+`"`)...)
++ }
++
+ composedPayload = append(composedPayload, []byte(`}}`)...)
+ notification.Payload = composedPayload
+ notification.Expiration = time.Now().Add(24 * time.Hour)
diff --git a/net/xapsd/files/patch-internal_socket.go b/net/xapsd/files/patch-internal_socket.go
new file mode 100644
index 000000000000..77652634e99b
--- /dev/null
+++ b/net/xapsd/files/patch-internal_socket.go
@@ -0,0 +1,44 @@
+--- internal/socket.go.orig 2024-03-26 13:15:17 UTC
++++ internal/socket.go
+@@ -2,12 +2,13 @@ package internal
+
+ import (
+ "encoding/json"
++ "net/http"
++ "strings"
++
+ "github.com/freswa/dovecot-xaps-daemon/internal/config"
+ "github.com/freswa/dovecot-xaps-daemon/internal/database"
+ "github.com/julienschmidt/httprouter"
+ log "github.com/sirupsen/logrus"
+- "net/http"
+- "strings"
+ )
+
+ type httpHandler struct {
+@@ -147,11 +148,11 @@ func (httpHandler *httpHandler) handleNotify(writer ht
+ }
+
+ // we don't know how to handle other mailboxes other than INBOX, so ignore them
+- if notify.Mailbox != "INBOX" {
+- log.Debugln("Ignoring non INBOX event for:", notify.Mailbox)
+- writer.WriteHeader(http.StatusOK)
+- return
+- }
++ //if notify.Mailbox != "INBOX" {
++ // log.Debugln("Ignoring non INBOX event for:", notify.Mailbox)
++ // writer.WriteHeader(http.StatusOK)
++ // return
++ //}
+
+ // Find all the devices registered for this mailbox event
+ registrations, err := httpHandler.db.FindRegistrations(notify.Username, notify.Mailbox)
+@@ -179,7 +180,7 @@ func (httpHandler *httpHandler) handleNotify(writer ht
+ // Send a notification to all registered devices. We ignore failures
+ // because there is not a lot we can do.
+ for _, registration := range registrations {
+- httpHandler.apns.SendNotification(registration, !isMessageNew)
++ httpHandler.apns.SendNotification(registration, !isMessageNew, notify.Mailbox)
+ }
+
+ writer.WriteHeader(http.StatusOK)
diff --git a/net/xapsd/files/patch-pkg_apple__xserver__certs_http.go b/net/xapsd/files/patch-pkg_apple__xserver__certs_http.go
deleted file mode 100644
index cc029df6316f..000000000000
--- a/net/xapsd/files/patch-pkg_apple__xserver__certs_http.go
+++ /dev/null
@@ -1,83 +0,0 @@
---- pkg/apple_xserver_certs/http.go.orig 2024-03-26 13:15:17 UTC
-+++ pkg/apple_xserver_certs/http.go
-@@ -1,11 +1,17 @@
- package apple_xserver_certs
-
- import (
-+ "bufio"
- "bytes"
-+ "context"
-+ "crypto/tls"
- "encoding/pem"
-+ "io"
- "io/ioutil"
- "log"
-+ "math"
- "net/http"
-+ "time"
- )
-
- func NewCerts(username string, passwordhash string) *Certificates {
-@@ -50,7 +56,6 @@ func handleResponse(certs *Certificates, response []by
- }
-
- func sendRequest(reqBody []byte, newCerts bool) (respBody []byte) {
-- client := &http.Client{}
- r := bytes.NewReader(reqBody)
- url := "https://identity.apple.com/pushcert/caservice/renew"
- if newCerts {
-@@ -67,12 +72,51 @@ func sendRequest(reqBody []byte, newCerts bool) (respB
- req.Header.Set("Accept", "*/*")
- req.Header.Set("Accept-Language", "en-us")
-
-- resp, err := client.Do(req)
-+ req.Close = true
-+
-+ ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
-+ defer cancel()
-+
-+ conn, err := new(tls.Dialer).DialContext(
-+ ctx,
-+ "tcp",
-+ req.URL.Host+":443",
-+ )
- if err != nil {
-- log.Fatalln(err)
-+ log.Fatalln(err) // TODO: Handle error properly
- }
-+ defer func() {
-+ _ = conn.Close() //nolint:errcheck,gosec // Ignored on purpose
-+ }()
-
-- defer resp.Body.Close()
-+ if err := req.Write(conn); err != nil {
-+ log.Fatalln(err) // TODO: Handle error properly
-+ }
-+
-+ buf, err := io.ReadAll(io.LimitReader(conn, math.MaxInt64))
-+ if err != nil {
-+ log.Fatalln(err) // TODO: Handle error properly
-+ }
-+
-+ const (
-+ cr = "\r"
-+ nl = "\n"
-+ )
-+ for _, ign := range []string{
-+ "1;: mode=block",
-+ "max-age=31536000;: includeSubdomains",
-+ } {
-+ buf = bytes.Replace(buf, []byte(nl+ign+cr+nl), []byte(nl), 1)
-+ }
-+
-+ resp, err := http.ReadResponse(bufio.NewReader(bytes.NewReader(buf)), req)
-+ if err != nil {
-+ log.Fatalln(err) // TODO: Handle error properly
-+ }
-+ defer func() {
-+ _ = resp.Body.Close() //nolint:errcheck,gosec // Ignored on purpose
-+ }()
-+
- respBody, err = ioutil.ReadAll(resp.Body)
- if err != nil {
- log.Fatalln(err)