mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2026-02-11 02:42:21 +01:00
397f0cd902
Notable changes: * The sysklogd -Z option has been removed in favor of -t option which has been added by upstream. * Our own nologin.c applet has been replaced by an upstream nologin shell applet. * New bc applet. OK ncopa@ Fixes #9279 Fixes #7818
70 lines
2.4 KiB
Diff
70 lines
2.4 KiB
Diff
From 4fcea48c7a0c6b63a316764932f7ba4854e444f9 Mon Sep 17 00:00:00 2001
|
|
From: Natanael Copa <ncopa@alpinelinux.org>
|
|
Date: Wed, 30 May 2018 09:52:20 +0000
|
|
Subject: [PATCH] properly fix wget https support
|
|
|
|
See: https://git.alpinelinux.org/cgit/aports/commit/?id=1d0560a9b6b5597b191e5aff69a31c2fe0aba273
|
|
---
|
|
networking/wget.c | 21 ++++++++++++---------
|
|
1 file changed, 12 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/networking/wget.c b/networking/wget.c
|
|
index 30683dfc0..1ad4e1769 100644
|
|
--- a/networking/wget.c
|
|
+++ b/networking/wget.c
|
|
@@ -51,7 +51,6 @@
|
|
//it also enables FTPS support, but it's not well tested yet
|
|
//config: default y
|
|
//config: depends on WGET
|
|
-//config: select TLS
|
|
//config: help
|
|
//config: wget will use internal TLS code to connect to https:// URLs.
|
|
//config: Note:
|
|
@@ -717,10 +716,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
int pid;
|
|
char *servername, *p;
|
|
|
|
- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
|
|
- option_mask32 |= WGET_OPT_NO_CHECK_CERT;
|
|
- bb_error_msg("note: TLS certificate validation not implemented");
|
|
- }
|
|
+ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT))
|
|
+ bb_error_msg_and_die("note: TLS certificate validation not implemented");
|
|
|
|
servername = xstrdup(host);
|
|
p = strrchr(servername, ':');
|
|
@@ -737,14 +734,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
close(sp[0]);
|
|
xmove_fd(sp[1], 0);
|
|
xdup2(0, 1);
|
|
- if (BB_MMU) {
|
|
+ if (BB_MMU && ENABLE_TLS && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
|
|
tls_state_t *tls = new_tls_state();
|
|
tls->ifd = tls->ofd = network_fd;
|
|
tls_handshake(tls, servername);
|
|
tls_run_copy_loop(tls, flags);
|
|
exit(0);
|
|
} else {
|
|
- char *argv[6];
|
|
+ char *argv[7], **a;
|
|
|
|
xmove_fd(network_fd, 3);
|
|
argv[0] = (char*)"ssl_client";
|
|
@@ -752,8 +749,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
//TODO: if (!is_ip_address(servername))...
|
|
argv[2] = (char*)"-n";
|
|
argv[3] = servername;
|
|
- argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL);
|
|
- argv[5] = NULL;
|
|
+
|
|
+ a = &argv[4];
|
|
+ if (flags & TLSLOOP_EXIT_ON_LOCAL_EOF)
|
|
+ *a++ = (char*)"-e";
|
|
+ if (!ENABLE_SSL_CLIENT && (option_mask32 & WGET_OPT_NO_CHECK_CERT))
|
|
+ *a++= (char*)"-I";
|
|
+ *a = NULL;
|
|
+
|
|
BB_EXECVP(argv[0], argv);
|
|
bb_perror_msg_and_die("can't execute '%s'", argv[0]);
|
|
}
|