1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
From 948090c675f8b60b74c7357fcafb1cc8c179e0a6 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 28 May 2018 14:36:26 +0200
Subject: [PATCH] wget: emit a message that certificate verification is not
implemented
function old new delta
spawn_ssl_client 185 209 +24
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
networking/wget.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/networking/wget.c b/networking/wget.c
index d1d85230c..cd92b3a28 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -136,6 +136,7 @@
//usage: "Retrieve files via HTTP or FTP\n"
//usage: IF_FEATURE_WGET_LONG_OPTIONS(
//usage: "\n --spider Only check URL existence: $? is 0 if exists"
+///////: "\n --no-check-certificate Don't validate the server's certificate"
//usage: )
//usage: "\n -c Continue retrieval of aborted transfer"
//usage: "\n -q Quiet"
@@ -267,6 +268,7 @@ enum {
WGET_OPT_HEADER = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
WGET_OPT_POST_DATA = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
WGET_OPT_SPIDER = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
+ WGET_OPT_NO_CHECK_CERT = (1 << 13) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
};
enum {
@@ -765,6 +767,9 @@ static void spawn_ssl_client(const char *host, int network_fd)
int pid;
char *servername, *p;
+ if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT))
+ bb_error_msg("note: TLS certificate validation not implemented");
+
servername = xstrdup(host);
p = strrchr(servername, ':');
if (p) *p = '\0';
@@ -1353,10 +1358,9 @@ IF_DESKTOP( "tries\0" Required_argument "t")
"header\0" Required_argument "\xff"
"post-data\0" Required_argument "\xfe"
"spider\0" No_argument "\xfd"
+ "no-check-certificate\0" No_argument "\xfc"
/* Ignored (we always use PASV): */
IF_DESKTOP( "passive-ftp\0" No_argument "\xf0")
- /* Ignored (we don't do ssl) */
-IF_DESKTOP( "no-check-certificate\0" No_argument "\xf0")
/* Ignored (we don't support caching) */
IF_DESKTOP( "no-cache\0" No_argument "\xf0")
IF_DESKTOP( "no-verbose\0" No_argument "\xf0")
@@ -1416,6 +1420,7 @@ IF_DESKTOP( "no-parent\0" No_argument "\xf0")
if (option_mask32 & WGET_OPT_HEADER) bb_error_msg("--header");
if (option_mask32 & WGET_OPT_POST_DATA) bb_error_msg("--post-data");
if (option_mask32 & WGET_OPT_SPIDER) bb_error_msg("--spider");
+ if (option_mask32 & WGET_OPT_NO_CHECK_CERT) bb_error_msg("--no-check-certificate");
exit(0);
#endif
argv += optind;
--
2.17.0
|