Accepting request 895667 from home:jmoellers:branches:network:utilities

OBS-URL: https://build.opensuse.org/request/show/895667 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wget?expand=0&rev=112
2021-05-31 09:20:40 +00:00 · 2021-05-31 09:20:40 +00:00 · 93578f9e20
commit 93578f9e20
parent f3221bf841
4 changed files with 251 additions and 0 deletions
--- a/0001-src-main.c-Introduce-truncate_filename-option.patch
+++ b/0001-src-main.c-Introduce-truncate_filename-option.patch
@ -0,0 +1,110 @@
+Index: wget-1.21.1/src/url.c
+===================================================================
+--- wget-1.21.1.orig/src/url.c
+++ wget-1.21.1/src/url.c
+@@ -1652,6 +1652,50 @@ convert_fname (char *fname)
+ }
+ #endif
+ 
+/* Check if the length of path element is acceptable.
+   If it's longer than OS-defined maximum, truncate it. */
+static void
+possibly_truncate_pathel (char *pathel) {
+  size_t len = strlen (pathel);
+  size_t max_length;
+
+#ifdef WINDOWS
+  if (MAX_PATH > (len + CHOMP_BUFFER + 2))
+    {
+      max_length = MAX_PATH - (len + CHOMP_BUFFER + 2);
+      /* FIXME: In Windows a filename is usually limited to 255 characters.
+      To really be accurate you could call GetVolumeInformation() to get
+      lpMaximumComponentLength
+
+      Only FAT16 actually uses the 8.3 standard; this shouldn't be worrisome.
+      */
+      if (max_length > 255)
+        {
+          max_length = 255;
+        }
+    }
+  else
+    {
+      max_length = 0;
+    }
+#else
+  max_length = get_max_length (pathel, len, _PC_NAME_MAX) - CHOMP_BUFFER;
+#endif
+  if (max_length > 0 && len > max_length)
+    {
+      logprintf (LOG_NOTQUIET, "The name is too long, %lu chars total.\n",
+          (unsigned long) len);
+      logprintf (LOG_NOTQUIET, "Trying to shorten...\n");
+
+      /* Truncate path element. */
+      pathel[max_length] = '\0';
+
+      logprintf (LOG_NOTQUIET, "New name is %s.\n", pathel);
+    }
+
+  return;
+}
+
+ /* Append to DEST the directory structure that corresponds the
+    directory part of URL's path.  For example, if the URL is
+    http://server/dir1/dir2/file, this appends "/dir1/dir2".
+@@ -1686,7 +1730,11 @@ append_dir_structure (const struct url *
+ 
+       if (dest->tail)
+         append_char ('/', dest);
+
+      *next = '\0';   /* temporarily isolate the next element */
+      possibly_truncate_pathel(pathel);
+       append_uri_pathel (pathel, next, true, dest);
+      *next = '/';
+     }
+ }
+ 
+@@ -1796,41 +1844,8 @@ url_file_name (const struct url *u, char
+   temp_fnres.size = 0;
+   temp_fnres.tail = 0;
+   append_string (fname, &temp_fnres);
+-  xfree (fname);
+-
+-  /* Check that the length of the file name is acceptable. */
+-#ifdef WINDOWS
+-  if (MAX_PATH > (fnres.tail + CHOMP_BUFFER + 2))
+-    {
+-      max_length = MAX_PATH - (fnres.tail + CHOMP_BUFFER + 2);
+-      /* FIXME: In Windows a filename is usually limited to 255 characters.
+-      To really be accurate you could call GetVolumeInformation() to get
+-      lpMaximumComponentLength
+-      */
+-      if (max_length > 255)
+-        {
+-          max_length = 255;
+-        }
+-    }
+-  else
+-    {
+-      max_length = 0;
+-    }
+-#else
+-  max_length = get_max_length (fnres.base, fnres.tail, _PC_NAME_MAX) - CHOMP_BUFFER;
+-#endif
+-  if (max_length > 0 && strlen (temp_fnres.base) > max_length)
+-    {
+-      logprintf (LOG_NOTQUIET, "The name is too long, %lu chars total.\n",
+-          (unsigned long) strlen (temp_fnres.base));
+-      logprintf (LOG_NOTQUIET, "Trying to shorten...\n");
+-
+-      /* Shorten the file name. */
+-      temp_fnres.base[max_length] = '\0';
+-
+-      logprintf (LOG_NOTQUIET, "New name is %s.\n", temp_fnres.base);
+-    }
+ 
+  xfree (fname);
+   xfree (fname_len_check);
+ 
+   /* The filename has already been 'cleaned' by append_uri_pathel() above.  So,
--- a/wget-do-not-propagate-credentials.patch
+++ b/wget-do-not-propagate-credentials.patch
@ -0,0 +1,118 @@
+Index: wget-1.21.1/src/http.c
+===================================================================
+--- wget-1.21.1.orig/src/http.c
+++ wget-1.21.1/src/http.c
+@@ -3155,6 +3155,33 @@ fail:
+ }
+ #endif /* HAVE_METALINK */
+ 
+/*
+ * Check if the corresponding header line should not
+ * be sent after a redirect
+ */
+static inline int
+unredirectable_headerline(char *line)
+{
+    static struct {
+        size_t len;
+	char *name;
+    } field_name[] = {
+        { 14, "Authorization:" },
+	{ 7, "Cookie:" },
+	{ 0, NULL }
+    };
+    int i;
+
+    /*
+     * Note: According to RFC 2616, Field names are case-insensitive.
+     */
+    for (i = 0; field_name[i].name != NULL; i++)
+        if (strncasecmp(line, field_name[i].name, field_name[i].len) == 0)
+	    return 1;
+
+    return 0;
+}
+
+ /* Retrieve a document through HTTP protocol.  It recognizes status
+    code, and correctly handles redirections.  It closes the network
+    socket.  If it receives an error from the functions below it, it
+@@ -3167,7 +3194,7 @@ fail:
+    server, and u->url will be requested.  */
+ static uerr_t
+ gethttp (const struct url *u, struct url *original_url, struct http_stat *hs,
+-         int *dt, struct url *proxy, struct iri *iri, int count)
+         int *dt, struct url *proxy, struct iri *iri, int count, int location_changed)
+ {
+   struct request *req = NULL;
+ 
+@@ -3314,7 +3341,16 @@ gethttp (const struct url *u, struct url
+     {
+       int i;
+       for (i = 0; opt.user_headers[i]; i++)
+-        request_set_user_header (req, opt.user_headers[i]);
+	{
+	 /*
+	  * IF we have been redirected
+	  * AND the user-supplied header line should NOT be sent to the new host
+	  * DO NOT append that header line
+	  */
+	 if (location_changed && unredirectable_headerline(opt.user_headers[i]))
+	   continue;
+	 request_set_user_header (req, opt.user_headers[i]);
+	}
+     }
+ 
+   proxyauth = NULL;
+@@ -4232,7 +4268,7 @@ check_retry_on_http_error (const int sta
+ uerr_t
+ http_loop (const struct url *u, struct url *original_url, char **newloc,
+            char **local_file, const char *referer, int *dt, struct url *proxy,
+-           struct iri *iri)
+           struct iri *iri, int location_changed)
+ {
+   int count;
+   bool got_head = false;         /* used for time-stamping and filename detection */
+@@ -4424,7 +4460,7 @@ http_loop (const struct url *u, struct u
+         *dt &= ~SEND_NOCACHE;
+ 
+       /* Try fetching the document, or at least its head.  */
+-      err = gethttp (u, original_url, &hstat, dt, proxy, iri, count);
+      err = gethttp (u, original_url, &hstat, dt, proxy, iri, count, location_changed);
+ 
+       /* Time?  */
+       tms = datetime_str (time (NULL));
+Index: wget-1.21.1/src/http.h
+===================================================================
+--- wget-1.21.1.orig/src/http.h
+++ wget-1.21.1/src/http.h
+@@ -36,7 +36,7 @@ as that of the covered work.  */
+ struct url;
+ 
+ uerr_t http_loop (const struct url *, struct url *, char **, char **, const char *,
+-                  int *, struct url *, struct iri *);
+                  int *, struct url *, struct iri *, int);
+ void save_cookies (void);
+ void http_cleanup (void);
+ time_t http_atotm (const char *);
+Index: wget-1.21.1/src/retr.c
+===================================================================
+--- wget-1.21.1.orig/src/retr.c
+++ wget-1.21.1/src/retr.c
+@@ -886,7 +886,7 @@ retrieve_url (struct url * orig_parsed,
+ {
+   uerr_t result;
+   char *url;
+-  bool location_changed;
+  bool location_changed = 0;
+   bool iri_fallbacked = 0;
+   int dummy;
+   char *mynewloc, *proxy;
+@@ -985,7 +985,7 @@ retrieve_url (struct url * orig_parsed,
+ 	}
+ #endif
+       result = http_loop (u, orig_parsed, &mynewloc, &local_file, refurl, dt,
+-                          proxy_url, iri);
+                          proxy_url, iri, location_changed);
+     }
+   else if (u->scheme == SCHEME_FTP
+ #ifdef HAVE_SSL
--- a/wget.changes
+++ b/wget.changes
@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Mon May 10 13:15:35 UTC 2021 - Josef Möllers <josef.moellers@suse.com>
+
+- When running recursively, wget will verify the length of the whole
+  URL when saving the files. This will make it overwrite files with
+  truncated names, throwing the "The name is too long, ... trying to
+  shorten" messages. The patch moves the length check code to a
+  separate function and call it from the append_dir_structure() for each
+  path element.
+  [ bsc#1181173, 0001-src-main.c-Introduce-truncate_filename-option.patch]
+
+-------------------------------------------------------------------
+Mon May 10 13:13:14 UTC 2021 - Josef Möllers <josef.moellers@suse.com>
+
+- If wget for an http URL is redirected to a different site (hostname
+  parts of URLs differ), then any "Authenticate" and "Cookie" header
+  entries are discarded.
+  [bsc#1175551, wget-do-not-propagate-credentials.patch]
+
 -------------------------------------------------------------------
 Sun Jan 24 14:21:24 UTC 2021 - Dirk Müller <dmueller@suse.com>

--- a/wget.spec
+++ b/wget.spec
@ -34,6 +34,8 @@ Patch6:         wget-1.14-no-ssl-comp.patch
 Patch7:         wget-fix-pod-syntax.diff
 Patch8:         wget-errno-clobber.patch
 Patch9:         remove-env-from-shebang.patch
+Patch10:        wget-do-not-propagate-credentials.patch
+Patch11:        0001-src-main.c-Introduce-truncate_filename-option.patch
 BuildRequires:  automake
 BuildRequires:  gpgme-devel >= 0.4.2
 BuildRequires:  libcares-devel
@ -79,6 +81,8 @@ This can be done in script files or via the command line.
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%patch10 -p1
+%patch11 -p1

 %build
 %if 0%{?suse_version} > 1110