Sync from SUSE:ALP:Source:Standard:1.0 wget revision 065a14127e337661a888c74735bb85ae

This commit is contained in:
Adrian Schröter 2024-08-02 17:24:21 +02:00
commit f0035b3a1e
13 changed files with 3078 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

View File

@ -0,0 +1,74 @@
From ed0c7c7e0e8f7298352646b2fd6e06a11e242ace Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Sun, 2 Jun 2024 12:40:16 +0200
Subject: Properly re-implement userinfo parsing (rfc2396)
* src/url.c (url_skip_credentials): Properly re-implement userinfo parsing (rfc2396)
The reason why the implementation is based on RFC 2396, an outdated standard,
is that the whole file is based on that RFC, and mixing standard here might be
dangerous.
---
src/url.c | 40 ++++++++++++++++++++++++++++++++++------
1 file changed, 34 insertions(+), 6 deletions(-)
diff --git a/src/url.c b/src/url.c
index 69e948b..07c3bc8 100644
--- a/src/url.c
+++ b/src/url.c
@@ -41,6 +41,7 @@ as that of the covered work. */
#include "url.h"
#include "host.h" /* for is_valid_ipv6_address */
#include "c-strcase.h"
+#include "c-ctype.h"
#ifdef HAVE_ICONV
# include <iconv.h>
@@ -526,12 +527,39 @@ scheme_leading_string (enum url_scheme scheme)
static const char *
url_skip_credentials (const char *url)
{
- /* Look for '@' that comes before terminators, such as '/', '?',
- '#', or ';'. */
- const char *p = (const char *)strpbrk (url, "@/?#;");
- if (!p || *p != '@')
- return url;
- return p + 1;
+ /*
+ * This whole file implements https://www.rfc-editor.org/rfc/rfc2396 .
+ * RFC 2396 is outdated since 2005 and needs a rewrite or a thorough re-visit.
+ *
+ * The RFC says
+ * server = [ [ userinfo "@" ] hostport ]
+ * userinfo = *( unreserved | escaped | ";" | ":" | "&" | "=" | "+" | "$" | "," )
+ * unreserved = alphanum | mark
+ * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
+ */
+ static const char *allowed = "-_.!~*'();:&=+$,";
+
+ for (const char *p = url; *p; p++)
+ {
+ if (c_isalnum(*p))
+ continue;
+
+ if (strchr(allowed, *p))
+ continue;
+
+ if (*p == '%' && c_isxdigit(p[1]) && c_isxdigit(p[2]))
+ {
+ p += 2;
+ continue;
+ }
+
+ if (*p == '@')
+ return p + 1;
+
+ break;
+ }
+
+ return url;
}
/* Parse credentials contained in [BEG, END). The region is expected
--
cgit v1.1

View File

@ -0,0 +1,10 @@
Index: wget-1.24.5/util/rmold.pl
===================================================================
--- wget-1.24.5.orig/util/rmold.pl
+++ wget-1.24.5/util/rmold.pl
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl -w
+#!/usr/bin/perl -w
# Copyright (C) 1995-1997, 2007-2011, 2015, 2018-2024 Free Software
# Foundation, Inc.

View File

@ -0,0 +1,15 @@
Index: wget-1.24.5/src/openssl.c
===================================================================
--- wget-1.24.5.orig/src/openssl.c
+++ wget-1.24.5/src/openssl.c
@@ -426,7 +426,9 @@ ssl_init (void)
/* The OpenSSL library can handle renegotiations automatically, so
tell it to do so. */
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_AUTO_RETRY);
-
+#ifdef SSL_OP_NO_COMPRESSION
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
return true;
error:

BIN
wget-1.24.5.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

17
wget-1.24.5.tar.gz.sig Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJDBAABCAAtFiEEa5j2N9h5xSNuJ3xcZP+QqujHCvkFAmXtv7QPHGdwZ0BkYXJu
aXIubmV0AAoJEGT/kKroxwr59lwQAKCzs/wa9PmMW4MgcUKXMwixoysi/kl4zwTO
V7W3JN80YRyf2kG/wPu6//JmYgeUXwY0x9XbbfwmCsopmCXsXWJlD6BswOrZi+34
BFmQOQImfUYurKjA9N/ZiZbCl8i+/WiEW/kRHJ3TCiZ578JAy+H16pM2EJbv/jkE
/FBW2gAyNcsu7pGCcv9DjdwJEGySvKklKmv6l/uA9l6wBX8/DqdmjjnMN3YaXot+
2HpWZeEDnMhT3++MAYbpPVF76OWTFoyE9WBbPbs2uci75vsghwyF9PLmyqxBRNoE
SGpY18DXrx01eXUiXYd5DUNkkFQReWRaMxkURijTgXVvebiXJ4b3Updr5Ds5j6vb
adCgyf4zj8hbd41T+an/e3u51D+6+M+jjBGmL0gY/edixZMVb9lS8FiUBD9rjvpe
VlNZWOS3C7Wr7iwq39t0R6sZc9GjnxokmcS+xCM3FBLpSg/jOJ0P+WIgVxyScuHa
sLcQk0laXWcDwfOzPSjFSEMtDvt4NANhCMxHOi0dh5L+n+KFvFIS9R1mlyKmdLCo
O72NS+Ks9zgSLebapGPFutvZlp6mB98f4YWhOyJR3VkfdHrtlWfq9EvofMM+KpB9
0bKt+eDvIpkbMhUisAtjE0OwpTSZa1pBogwF3Zwjvb+baGD51EPbh4Al8XlQ8ONE
9obMVikI
=qpKJ
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,118 @@
Index: wget-1.21.1/src/http.c
===================================================================
--- wget-1.21.1.orig/src/http.c
+++ wget-1.21.1/src/http.c
@@ -3155,6 +3155,33 @@ fail:
}
#endif /* HAVE_METALINK */
+/*
+ * Check if the corresponding header line should not
+ * be sent after a redirect
+ */
+static inline int
+unredirectable_headerline(char *line)
+{
+ static struct {
+ size_t len;
+ char *name;
+ } field_name[] = {
+ { 14, "Authorization:" },
+ { 7, "Cookie:" },
+ { 0, NULL }
+ };
+ int i;
+
+ /*
+ * Note: According to RFC 2616, Field names are case-insensitive.
+ */
+ for (i = 0; field_name[i].name != NULL; i++)
+ if (strncasecmp(line, field_name[i].name, field_name[i].len) == 0)
+ return 1;
+
+ return 0;
+}
+
/* Retrieve a document through HTTP protocol. It recognizes status
code, and correctly handles redirections. It closes the network
socket. If it receives an error from the functions below it, it
@@ -3167,7 +3194,7 @@ fail:
server, and u->url will be requested. */
static uerr_t
gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
- int *dt, struct url *proxy, struct iri *iri, int count)
+ int *dt, struct url *proxy, struct iri *iri, int count, int location_changed)
{
struct request *req = NULL;
@@ -3314,7 +3341,16 @@ gethttp (const struct url *u, struct url
{
int i;
for (i = 0; opt.user_headers[i]; i++)
- request_set_user_header (req, opt.user_headers[i]);
+ {
+ /*
+ * IF we have been redirected
+ * AND the user-supplied header line should NOT be sent to the new host
+ * DO NOT append that header line
+ */
+ if (location_changed && unredirectable_headerline(opt.user_headers[i]))
+ continue;
+ request_set_user_header (req, opt.user_headers[i]);
+ }
}
proxyauth = NULL;
@@ -4232,7 +4268,7 @@ check_retry_on_http_error (const int sta
uerr_t
http_loop (const struct url *u, struct url *original_url, char **newloc,
char **local_file, const char *referer, int *dt, struct url *proxy,
- struct iri *iri)
+ struct iri *iri, int location_changed)
{
int count;
bool got_head = false; /* used for time-stamping and filename detection */
@@ -4424,7 +4460,7 @@ http_loop (const struct url *u, struct u
*dt &= ~SEND_NOCACHE;
/* Try fetching the document, or at least its head. */
- err = gethttp (u, original_url, &hstat, dt, proxy, iri, count);
+ err = gethttp (u, original_url, &hstat, dt, proxy, iri, count, location_changed);
/* Time? */
tms = datetime_str (time (NULL));
Index: wget-1.21.1/src/http.h
===================================================================
--- wget-1.21.1.orig/src/http.h
+++ wget-1.21.1/src/http.h
@@ -36,7 +36,7 @@ as that of the covered work. */
struct url;
uerr_t http_loop (const struct url *, struct url *, char **, char **, const char *,
- int *, struct url *, struct iri *);
+ int *, struct url *, struct iri *, int);
void save_cookies (void);
void http_cleanup (void);
time_t http_atotm (const char *);
Index: wget-1.21.1/src/retr.c
===================================================================
--- wget-1.21.1.orig/src/retr.c
+++ wget-1.21.1/src/retr.c
@@ -886,7 +886,7 @@ retrieve_url (struct url * orig_parsed,
{
uerr_t result;
char *url;
- bool location_changed;
+ bool location_changed = 0;
bool iri_fallbacked = 0;
int dummy;
char *mynewloc, *proxy;
@@ -985,7 +985,7 @@ retrieve_url (struct url * orig_parsed,
}
#endif
result = http_loop (u, orig_parsed, &mynewloc, &local_file, refurl, dt,
- proxy_url, iri);
+ proxy_url, iri, location_changed);
}
else if (u->scheme == SCHEME_FTP
#ifdef HAVE_SSL

30
wget-errno-clobber.patch Normal file
View File

@ -0,0 +1,30 @@
Index: wget-1.19.2/src/http.c
===================================================================
--- wget-1.19.2.orig/src/http.c 2017-10-26 17:30:08.000000000 +0200
+++ wget-1.19.2/src/http.c 2017-10-27 17:59:48.659093393 +0200
@@ -1524,6 +1524,7 @@ persistent_available_p (const char *host
active, registered connection". */
#define CLOSE_FINISH(fd) do { \
+ int errno_sav = errno; \
if (!keep_alive) \
{ \
if (pconn_active && (fd) == pconn.socket) \
@@ -1532,14 +1533,17 @@ persistent_available_p (const char *host
fd_close (fd); \
fd = -1; \
} \
+ errno = errno_sav; \
} while (0)
#define CLOSE_INVALIDATE(fd) do { \
+ int errno_sav = errno; \
if (pconn_active && (fd) == pconn.socket) \
invalidate_persistent (); \
else \
fd_close (fd); \
fd = -1; \
+ errno = errno_sav; \
} while (0)
typedef enum

17
wget-fix-pod-syntax.diff Normal file
View File

@ -0,0 +1,17 @@
---
doc/texi2pod.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: wget-1.15/doc/texi2pod.pl
===================================================================
--- wget-1.15.orig/doc/texi2pod.pl 2014-01-19 21:41:04.000000000 +0000
+++ wget-1.15/doc/texi2pod.pl 2014-01-19 21:41:31.000000000 +0000
@@ -294,7 +294,7 @@ while(<$inf>) {
$_ = "\n=item C<$thing>\n";
} else {
# Entity escapes prevent munging by the <> processing below.
- $_ = "\n=item $ic\&LT;$thing\&GT;\n";
+ $_ = "\n=item Z<>$ic\&LT;$thing\&GT;\n";
}
} else {
$_ = "\n=item $ic\n";

1084
wget.changes Normal file

File diff suppressed because it is too large Load Diff

1575
wget.keyring Normal file

File diff suppressed because it is too large Load Diff

98
wget.spec Normal file
View File

@ -0,0 +1,98 @@
#
# spec file for package wget
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2024 Andreas Stieger <Andreas.Stieger@gmx.de>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%bcond_with regression_tests
Name: wget
Version: 1.24.5
Release: 0
Summary: A Tool for Mirroring FTP and HTTP Servers
License: GPL-3.0-or-later
Group: Productivity/Networking/Web/Utilities
URL: https://www.gnu.org/software/wget/
Source: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz
Source1: https://ftp.gnu.org/gnu/wget/%{name}-%{version}.tar.gz.sig
Source2: https://savannah.gnu.org/people/viewgpg.php?user_id=90497#/%{name}.keyring
Patch0: wgetrc.patch
Patch6: wget-1.14-no-ssl-comp.patch
# PATCH-FIX-OPENSUSE fix pod syntax for perl 5.18 coolo@suse.de
Patch7: wget-fix-pod-syntax.diff
Patch8: wget-errno-clobber.patch
Patch9: remove-env-from-shebang.patch
Patch10: wget-do-not-propagate-credentials.patch
Patch11: properly-re-implement-userinfo-parsing.patch
BuildRequires: gpgme-devel >= 0.4.2
BuildRequires: libcares-devel
BuildRequires: libidn2-devel
BuildRequires: libpng-devel
BuildRequires: makeinfo
BuildRequires: openssl-devel
BuildRequires: pkgconfig >= 0.9.0
BuildRequires: pkgconfig(libmetalink)
BuildRequires: pkgconfig(libpcre2-8)
# px_proxy_factory_free_proxies added in 0.4.16
BuildRequires: pkgconfig(libproxy-1.0) >= 0.4.16
BuildRequires: pkgconfig(libpsl)
BuildRequires: pkgconfig(uuid)
%if %{with regression_tests}
# For the Testsuite
BuildRequires: perl-HTTP-Daemon
BuildRequires: perl-IO-Socket-SSL
%endif
%description
Wget enables you to retrieve WWW documents or FTP files from a server.
This can be done in script files or via the command line.
%lang_package
%prep
%autosetup -p1
%build
%configure \
--with-ssl=openssl \
--with-cares \
--with-metalink \
--enable-libproxy \
%{nil}
%make_build
sed -i 's/\/usr\/bin\/env perl -w/\/usr\/bin\/perl -w/' util/rmold.pl
%check
%if %{with regression_tests}
%make_build -C tests/ check
%endif
%install
%make_install
%find_lang %{name} --all-name %{?no_lang_C}
%files
%license COPYING
%doc AUTHORS NEWS README MAILING-LIST
%doc doc/sample.wgetrc util/rmold.pl
%{_mandir}/*/wget*
%{_infodir}/wget*
%config(noreplace) %{_sysconfdir}/wgetrc
%{_bindir}/*
%files lang -f %{name}.lang
%license COPYING
%changelog

14
wgetrc.patch Normal file
View File

@ -0,0 +1,14 @@
Index: wget-1.20/doc/sample.wgetrc
===================================================================
--- wget-1.20.orig/doc/sample.wgetrc
+++ wget-1.20/doc/sample.wgetrc
@@ -120,6 +120,9 @@
# To try ipv6 addresses first:
#prefer-family = IPv6
+#
+# Let the DNS resolver decide whether to prefer IPv4 or IPv6
+prefer-family = none
# Set default IRI support state
#iri = off