mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-04-19 14:56:46 +02:00
531e69840c
Not a lot of big changes in this release, mostly code shrinks and bug fixes here and there. Hence, I don't expect too much breakage. Most patches applied as is and didn't require any changes either. Nonetheless, I rebased the entire patchset and removed patches that were backported. The 0001-modutils-check-ELF-header-before-calling-finit_modul.patch should be superseded by an upstream modutils change which checks that if the loaded module file path ends in .ko and if not attempts to uncompress it first. Thereby preventing compressed modules to be passed to the kernel and causing a weird error to be emitted. Therefore, this patch was removed See: https://git.busybox.net/busybox/commit/?id=af5277f883e8fc2e0236aa9ecc5115ecaffd0ccb
72 lines
2.5 KiB
Diff
72 lines
2.5 KiB
Diff
From ac0b2ec0744280305c82a6c40226b56a8c249f0b Mon Sep 17 00:00:00 2001
|
|
From: Natanael Copa <ncopa@alpinelinux.org>
|
|
Date: Wed, 30 May 2018 09:40:33 +0000
|
|
Subject: [PATCH] properly fix wget https support
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
See: https://git.alpinelinux.org/cgit/aports/commit/?id=1d0560a9b6b5597b191e5aff69a31c2fe0aba273
|
|
---
|
|
networking/wget.c | 21 ++++++++++++---------
|
|
1 file changed, 12 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/networking/wget.c b/networking/wget.c
|
|
index 0cc25da17..385e1deec 100644
|
|
--- a/networking/wget.c
|
|
+++ b/networking/wget.c
|
|
@@ -57,7 +57,6 @@
|
|
//config: bool "Support HTTPS using internal TLS code"
|
|
//config: default y
|
|
//config: depends on WGET
|
|
-//config: select TLS
|
|
//config: help
|
|
//config: wget will use internal TLS code to connect to https:// URLs.
|
|
//config: It also enables FTPS support, but it's not well tested yet.
|
|
@@ -776,10 +775,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
int pid;
|
|
char *servername, *p;
|
|
|
|
- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
|
|
- option_mask32 |= WGET_OPT_NO_CHECK_CERT;
|
|
- bb_simple_error_msg("note: TLS certificate validation not implemented");
|
|
- }
|
|
+ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT))
|
|
+ bb_simple_error_msg_and_die("note: TLS certificate validation not implemented");
|
|
|
|
servername = xstrdup(host);
|
|
p = strrchr(servername, ':');
|
|
@@ -796,14 +793,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
close(sp[0]);
|
|
xmove_fd(sp[1], 0);
|
|
xdup2(0, 1);
|
|
- if (BB_MMU) {
|
|
+ if (BB_MMU && ENABLE_TLS && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
|
|
tls_state_t *tls = new_tls_state();
|
|
tls->ifd = tls->ofd = network_fd;
|
|
tls_handshake(tls, servername);
|
|
tls_run_copy_loop(tls, flags);
|
|
exit(0);
|
|
} else {
|
|
- char *argv[6];
|
|
+ char *argv[7], **a;
|
|
|
|
xmove_fd(network_fd, 3);
|
|
argv[0] = (char*)"ssl_client";
|
|
@@ -811,8 +808,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
|
|
//TODO: if (!is_ip_address(servername))...
|
|
argv[2] = (char*)"-n";
|
|
argv[3] = servername;
|
|
- argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL);
|
|
- argv[5] = NULL;
|
|
+
|
|
+ a = &argv[4];
|
|
+ if (flags & TLSLOOP_EXIT_ON_LOCAL_EOF)
|
|
+ *a++ = (char*)"-e";
|
|
+ if (!ENABLE_SSL_CLIENT && (option_mask32 & WGET_OPT_NO_CHECK_CERT))
|
|
+ *a++= (char*)"-I";
|
|
+ *a = NULL;
|
|
+
|
|
BB_EXECVP(argv[0], argv);
|
|
bb_perror_msg_and_die("can't execute '%s'", argv[0]);
|
|
}
|