* [ptxdist] [PATCH v2 1/2] wget: version bump 1.19.1 -> 1.20
@ 2019-01-12 9:02 Ladislav Michl
2019-01-12 9:03 ` [ptxdist] [PATCH v2 2/2] wget: add TLS support Ladislav Michl
0 siblings, 1 reply; 5+ messages in thread
From: Ladislav Michl @ 2019-01-12 9:02 UTC (permalink / raw)
To: ptxdist
CVE-2017-6508 patch was merged upstream, so remove it.
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
-v2: also remove patch
patches/wget-1.19.1/CVE-2017-6508.patch | 31 -------------------------
patches/wget-1.19.1/series | 1 -
rules/wget.make | 4 ++--
3 files changed, 2 insertions(+), 34 deletions(-)
delete mode 100644 patches/wget-1.19.1/CVE-2017-6508.patch
delete mode 100644 patches/wget-1.19.1/series
diff --git a/patches/wget-1.19.1/CVE-2017-6508.patch b/patches/wget-1.19.1/CVE-2017-6508.patch
deleted file mode 100644
index bb2f63f5c..000000000
--- a/patches/wget-1.19.1/CVE-2017-6508.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Tim Rühsen <tim.ruehsen@gmx.de>
-Date: Mon Mar 6 10:04:22 2017 +0100
-Subject: Fix CRLF injection in Wget host part
-
-* src/url.c (url_parse): Reject control characters in host part of URL
-
-Reported-by: Orange Tsai
-
-commit 4d729e322fae359a1aefaafec1144764a54e8ad4
-diff --git a/src/url.c b/src/url.c
-index 8f8ff0b8..7d36b27d 100644
---- a/src/url.c
-+++ b/src/url.c
-@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode)
- url_unescape (u->host);
- host_modified = true;
-
-+ /* check for invalid control characters in host name */
-+ for (p = u->host; *p; p++)
-+ {
-+ if (c_iscntrl(*p))
-+ {
-+ url_free(u);
-+ error_code = PE_INVALID_HOST_NAME;
-+ goto error;
-+ }
-+ }
-+
- /* Apply IDNA regardless of iri->utf8_encode status */
- if (opt.enable_iri && iri)
- {
diff --git a/patches/wget-1.19.1/series b/patches/wget-1.19.1/series
deleted file mode 100644
index f58bfe356..000000000
--- a/patches/wget-1.19.1/series
+++ /dev/null
@@ -1 +0,0 @@
-CVE-2017-6508.patch
diff --git a/rules/wget.make b/rules/wget.make
index 4e62dd18c..9e17d410e 100644
--- a/rules/wget.make
+++ b/rules/wget.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_WGET) += wget
#
# Paths and names
#
-WGET_VERSION := 1.19.1
-WGET_MD5 := 87cea36b7161fd43e3fd51a4e8b89689
+WGET_VERSION := 1.20
+WGET_MD5 := 9f1515d083b769e9ff7642ce6016518e
WGET := wget-$(WGET_VERSION)
WGET_SUFFIX := tar.gz
WGET_URL := $(call ptx/mirror, GNU, wget/$(WGET).$(WGET_SUFFIX))
--
2.20.1
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 5+ messages in thread
* [ptxdist] [PATCH v2 2/2] wget: add TLS support
2019-01-12 9:02 [ptxdist] [PATCH v2 1/2] wget: version bump 1.19.1 -> 1.20 Ladislav Michl
@ 2019-01-12 9:03 ` Ladislav Michl
2019-01-14 7:47 ` Ladislav Michl
2019-01-14 7:50 ` Denis OSTERLAND
0 siblings, 2 replies; 5+ messages in thread
From: Ladislav Michl @ 2019-01-12 9:03 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
-v2: fix indentation, simplify --with-ssl
rules/wget.in | 47 +++++++++++++++++++++++++++++++++++++++++++++--
rules/wget.make | 9 +++++----
2 files changed, 50 insertions(+), 6 deletions(-)
diff --git a/rules/wget.in b/rules/wget.in
index 033946bcc..4f9edef03 100644
--- a/rules/wget.in
+++ b/rules/wget.in
@@ -1,10 +1,14 @@
## SECTION=networking
-config WGET
+
+menuconfig WGET
tristate
- prompt "wget"
+ prompt "wget "
depends on !BUSYBOX_WGET || ALLYES
select LIBC_RT
select GCCLIBS_GCC_S
+ select GNUTLS if WGET_SSL_GNUTLS
+ select OPENSSL if WGET_SSL_OPENSSL
+ select ZLIB if WGET_ZLIB
help
GNU wget is a commandline mirroring tool.
@@ -34,5 +38,44 @@ config WGET
http://www.gnu.org/software/wget/
+if WGET
+
+choice
+ prompt "SSL support"
+ default WGET_SSL_NONE
+
+ config WGET_SSL_OPENSSL
+ bool
+ prompt "OpenSSL"
+ help
+ Wget uses OpenSSL
+
+ config WGET_SSL_GNUTLS
+ bool
+ prompt "GNU TLS"
+ help
+ Wget uses GNU TLS
+
+ config WGET_SSL_NONE
+ bool
+ prompt "none"
+ help
+ No SSL support for wget
+
+endchoice
+
+config WGET_SSL
+ string
+ default "openssl" if WGET_SSL_OPENSSL
+ default "gnutls" if WGET_SSL_GNUTLS
+ default "no" if WGET_SSL_NONE
+
+config WGET_ZLIB
+ bool "zlib support"
+ help
+ Build wget with zlib support
+
+endif
+
comment "BusyBox's wget is selected!"
depends on BUSYBOX_WGET
diff --git a/rules/wget.make b/rules/wget.make
index 9e17d410e..4d8c3ddea 100644
--- a/rules/wget.make
+++ b/rules/wget.make
@@ -37,7 +37,8 @@ WGET_ENV := \
#
# autoconf
#
-WGET_AUTOCONF := \
+WGET_CONF_TOOL := autoconf
+WGET_CONF_OPT := \
$(CROSS_AUTOCONF_USR) \
--enable-opie \
--enable-digest \
@@ -54,11 +55,11 @@ WGET_AUTOCONF := \
--disable-pcre \
--disable-xattr \
--without-libpsl \
- --without-ssl \
- --without-zlib \
+ --with-ssl=$(PTXCONF_WGET_SSL) \
+ --$(call ptx/wwo,PTXCONF_WGET_ZLIB)-zlib \
--with-metalink \
--without-cares \
- --without-openssl \
+ --$(call ptx/wwo,PTXCONF_WGET_OPENSSL)-openssl \
--with-included-libunistring \
--without-included-regex \
--with-libidn=/usr \
--
2.20.1
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [ptxdist] [PATCH v2 2/2] wget: add TLS support
2019-01-12 9:03 ` [ptxdist] [PATCH v2 2/2] wget: add TLS support Ladislav Michl
@ 2019-01-14 7:47 ` Ladislav Michl
2019-01-14 7:50 ` Denis OSTERLAND
1 sibling, 0 replies; 5+ messages in thread
From: Ladislav Michl @ 2019-01-14 7:47 UTC (permalink / raw)
To: ptxdist
v3 with changes bellow...
On Sat, Jan 12, 2019 at 10:03:14AM +0100, Ladislav Michl wrote:
> Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> ---
> Changes:
> -v2: fix indentation, simplify --with-ssl
>
> rules/wget.in | 47 +++++++++++++++++++++++++++++++++++++++++++++--
> rules/wget.make | 9 +++++----
> 2 files changed, 50 insertions(+), 6 deletions(-)
>
> diff --git a/rules/wget.in b/rules/wget.in
> index 033946bcc..4f9edef03 100644
> --- a/rules/wget.in
> +++ b/rules/wget.in
> @@ -1,10 +1,14 @@
> ## SECTION=networking
> -config WGET
> +
> +menuconfig WGET
> tristate
> - prompt "wget"
> + prompt "wget "
> depends on !BUSYBOX_WGET || ALLYES
> select LIBC_RT
> select GCCLIBS_GCC_S
> + select GNUTLS if WGET_SSL_GNUTLS
> + select OPENSSL if WGET_SSL_OPENSSL
> + select ZLIB if WGET_ZLIB
> help
> GNU wget is a commandline mirroring tool.
>
> @@ -34,5 +38,44 @@ config WGET
>
> http://www.gnu.org/software/wget/
>
> +if WGET
> +
> +choice
> + prompt "SSL support"
> + default WGET_SSL_NONE
> +
> + config WGET_SSL_OPENSSL
> + bool
> + prompt "OpenSSL"
> + help
> + Wget uses OpenSSL
> +
> + config WGET_SSL_GNUTLS
> + bool
> + prompt "GNU TLS"
> + help
> + Wget uses GNU TLS
> +
> + config WGET_SSL_NONE
> + bool
> + prompt "none"
> + help
> + No SSL support for wget
> +
> +endchoice
> +
> +config WGET_SSL
> + string
> + default "openssl" if WGET_SSL_OPENSSL
> + default "gnutls" if WGET_SSL_GNUTLS
> + default "no" if WGET_SSL_NONE
> +
> +config WGET_ZLIB
> + bool "zlib support"
> + help
> + Build wget with zlib support
> +
> +endif
> +
> comment "BusyBox's wget is selected!"
> depends on BUSYBOX_WGET
> diff --git a/rules/wget.make b/rules/wget.make
> index 9e17d410e..4d8c3ddea 100644
> --- a/rules/wget.make
> +++ b/rules/wget.make
> @@ -37,7 +37,8 @@ WGET_ENV := \
> #
> # autoconf
> #
> -WGET_AUTOCONF := \
> +WGET_CONF_TOOL := autoconf
> +WGET_CONF_OPT := \
> $(CROSS_AUTOCONF_USR) \
> --enable-opie \
> --enable-digest \
> @@ -54,11 +55,11 @@ WGET_AUTOCONF := \
> --disable-pcre \
> --disable-xattr \
> --without-libpsl \
> - --without-ssl \
> - --without-zlib \
> + --with-ssl=$(PTXCONF_WGET_SSL) \
$(call remove_quotes,$(PTXCONF_WGET_SSL)
> + --$(call ptx/wwo,PTXCONF_WGET_ZLIB)-zlib \
> --with-metalink \
> --without-cares \
> - --without-openssl \
> + --$(call ptx/wwo,PTXCONF_WGET_OPENSSL)-openssl \
PTXCONF_WGET_SSL_OPENSSL
> --with-included-libunistring \
> --without-included-regex \
> --with-libidn=/usr \
> --
> 2.20.1
>
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [ptxdist] [PATCH v2 2/2] wget: add TLS support
2019-01-12 9:03 ` [ptxdist] [PATCH v2 2/2] wget: add TLS support Ladislav Michl
2019-01-14 7:47 ` Ladislav Michl
@ 2019-01-14 7:50 ` Denis OSTERLAND
2019-01-14 9:26 ` Ladislav Michl
1 sibling, 1 reply; 5+ messages in thread
From: Denis OSTERLAND @ 2019-01-14 7:50 UTC (permalink / raw)
To: ptxdist
Hi,
Am Samstag, den 12.01.2019, 10:03 +0100 schrieb Ladislav Michl:
> +
> +config WGET_SSL
> + string
> + default "openssl" if WGET_SSL_OPENSSL
> + default "gnutls" if WGET_SSL_GNUTLS
> + default "no" if WGET_SSL_NONE
> +
> +config WGET_ZLIB
> + bool "zlib support"
> + help
> + Build wget with zlib support
> +
> +endif
> +
> comment "BusyBox's wget is selected!"
> depends on BUSYBOX_WGET
> diff --git a/rules/wget.make b/rules/wget.make
> index 9e17d410e..4d8c3ddea 100644
> --- a/rules/wget.make
> +++ b/rules/wget.make
> @@ -37,7 +37,8 @@ WGET_ENV := \
> #
> # autoconf
> #
> -WGET_AUTOCONF := \
> +WGET_CONF_TOOL := autoconf
> +WGET_CONF_OPT := \
> $(CROSS_AUTOCONF_USR) \
> --enable-opie \
> --enable-digest \
> @@ -54,11 +55,11 @@ WGET_AUTOCONF := \
> --disable-pcre \
> --disable-xattr \
> --without-libpsl \
> - --without-ssl \
> - --without-zlib \
> + --with-ssl=$(PTXCONF_WGET_SSL) \
> + --$(call ptx/wwo,PTXCONF_WGET_ZLIB)-zlib \
> --with-metalink \
> --without-cares \
> - --without-openssl \
> + --$(call ptx/wwo,PTXCONF_WGET_OPENSSL)-openssl \
I wonder if '--$(call ptx/wwo,PTXCONF_WGET_GNUTLS)-gnutls' would be required,
or '--with-ssl=$(PTXCONF_WGET_SSL)' does everything and none of them are required.
> --with-included-libunistring \
> --without-included-regex \
> --with-libidn=/usr \
Regards Denis
Diehl Connectivity Solutions GmbH
Geschäftsführung: Horst Leonberger
Sitz der Gesellschaft: Nürnberg - Registergericht: Amtsgericht
Nürnberg: HRB 32315
___________________________________________________________________________________________________
Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten haben. Bitte loeschen Sie in diesem Fall die Nachricht.
Jede unerlaubte Form der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation dieser E-Mail ist strengstens untersagt.
The contents of the above mentioned e-mail is not legally binding. This e-mail contains confidential and/or legally protected information. Please inform us if you have received this e-mail by
mistake and delete it in such a case. Each unauthorized reproduction, disclosure, alteration, distribution and/or publication of this e-mail is strictly prohibited.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [ptxdist] [PATCH v2 2/2] wget: add TLS support
2019-01-14 7:50 ` Denis OSTERLAND
@ 2019-01-14 9:26 ` Ladislav Michl
0 siblings, 0 replies; 5+ messages in thread
From: Ladislav Michl @ 2019-01-14 9:26 UTC (permalink / raw)
To: ptxdist
On Mon, Jan 14, 2019 at 07:50:11AM +0000, Denis OSTERLAND wrote:
> Hi,
>
> Am Samstag, den 12.01.2019, 10:03 +0100 schrieb Ladislav Michl:
> > +
> > +config WGET_SSL
> > + string
> > + default "openssl" if WGET_SSL_OPENSSL
> > + default "gnutls" if WGET_SSL_GNUTLS
> > + default "no" if WGET_SSL_NONE
> > +
> > +config WGET_ZLIB
> > + bool "zlib support"
> > + help
> > + Build wget with zlib support
> > +
> > +endif
> > +
> > comment "BusyBox's wget is selected!"
> > depends on BUSYBOX_WGET
> > diff --git a/rules/wget.make b/rules/wget.make
> > index 9e17d410e..4d8c3ddea 100644
> > --- a/rules/wget.make
> > +++ b/rules/wget.make
> > @@ -37,7 +37,8 @@ WGET_ENV := \
> > #
> > # autoconf
> > #
> > -WGET_AUTOCONF := \
> > +WGET_CONF_TOOL := autoconf
> > +WGET_CONF_OPT := \
> > $(CROSS_AUTOCONF_USR) \
> > --enable-opie \
> > --enable-digest \
> > @@ -54,11 +55,11 @@ WGET_AUTOCONF := \
> > --disable-pcre \
> > --disable-xattr \
> > --without-libpsl \
> > - --without-ssl \
> > - --without-zlib \
> > + --with-ssl=$(PTXCONF_WGET_SSL) \
> > + --$(call ptx/wwo,PTXCONF_WGET_ZLIB)-zlib \
> > --with-metalink \
> > --without-cares \
> > - --without-openssl \
> > + --$(call ptx/wwo,PTXCONF_WGET_OPENSSL)-openssl \
> I wonder if '--$(call ptx/wwo,PTXCONF_WGET_GNUTLS)-gnutls' would be required,
> or '--with-ssl=$(PTXCONF_WGET_SSL)' does everything and none of them are required.
There is no such option. --with-openssl comes from m4/gl-openssl.m4 while
--with-ssl is from configure.ac
It seems that wget is using libcrypto or kernel crypto api and either libssl or
gnutls. Something to investigate :)
> > --with-included-libunistring \
> > --without-included-regex \
> > --with-libidn=/usr \
>
> Regards Denis
>
> Diehl Connectivity Solutions GmbH
> Geschäftsführung: Horst Leonberger
> Sitz der Gesellschaft: Nürnberg - Registergericht: Amtsgericht
> Nürnberg: HRB 32315
> ___________________________________________________________________________________________________
>
> Der Inhalt der vorstehenden E-Mail ist nicht rechtlich bindend. Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen.
> Informieren Sie uns bitte, wenn Sie diese E-Mail faelschlicherweise erhalten haben. Bitte loeschen Sie in diesem Fall die Nachricht.
> Jede unerlaubte Form der Reproduktion, Bekanntgabe, Aenderung, Verteilung und/oder Publikation dieser E-Mail ist strengstens untersagt.
> The contents of the above mentioned e-mail is not legally binding. This e-mail contains confidential and/or legally protected information. Please inform us if you have received this e-mail by
> mistake and delete it in such a case. Each unauthorized reproduction, disclosure, alteration, distribution and/or publication of this e-mail is strictly prohibited.
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-01-14 9:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-12 9:02 [ptxdist] [PATCH v2 1/2] wget: version bump 1.19.1 -> 1.20 Ladislav Michl
2019-01-12 9:03 ` [ptxdist] [PATCH v2 2/2] wget: add TLS support Ladislav Michl
2019-01-14 7:47 ` Ladislav Michl
2019-01-14 7:50 ` Denis OSTERLAND
2019-01-14 9:26 ` Ladislav Michl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox