moparisthebest
/
wget
mirror of https://github.com/moparisthebest/wget
1
0
Fork 0
Code Issues Releases Wiki Activity
3,487 Commits 1 Branch 0 Tags 9.6 MiB
Commit Graph

77 Commits

Author SHA1 Message Date
Ander Juaristi 46cd721c0f Fix potential NULL pointer dereference 
* src/gnutls.c (ssl_connect_wget): check for NULL before calls
 2015-11-20 19:22:25 +01:00
Tim Rühsen 26fadc55c2 Handle TLS rehandshakes in GnuTLS code 
* src/gnutls.c: New static function _do_handshake()
* src/gnutls.c (wgnutls_read_timeout): Handle rehandshake
* src/gnutls.c (wgnutls_write): Handle rehandshake
* src/gnutls.c (ssl_connect_wget): Move handshake code into _do_handshake()

Fixes #46061
 2015-09-28 16:18:33 +02:00
Ander Juaristi f8901af4e0 Added support for FTPS 
* doc/wget.texi: updated documentation to reflect the new FTPS functionality.
 * src/ftp-basic.c (ftp_greeting): new function to read the server's greeting.
   (ftp_login): greeting code was previously here. Moved to ftp_greeting to
   support FTPS implicit mode.
   (ftp_auth): wrapper around the AUTH TLS command.
   (ftp_ccc): wrapper around the CCC command.
   (ftp_pbsz): wrapper around the PBSZ command.
   (ftp_prot): wraooer around the PROT command.
 * src/ftp.c (get_ftp_greeting): new static function.
   (init_control_ssl_connection): new static function to start SSL/TLS on the
   control channel.
   (getftp): added hooks to support FTPS commands (RFCs 2228 and 4217).
   (ftp_loop_internal): test for new FTPS error codes.
 * src/ftp.h: new enum 'prot_level' with available FTPS protection levels +
   prototypes of previous functions. New flag for enum 'wget_ftp_fstatus' to track
   whether the data channel has some security mechanism enabled or not.
 * src/gnutls.c (struct wgnutls_transport_context): new field 'session_data'.
   (wgnutls_close): free GnuTLS session data before exiting.
   (ssl_connect_wget): save/resume SSL/TLS session.
 * src/http.c (establish_connection): refactor ssl_connect_wget call.
   (metalink_from_http): take into account SCHEME_FTPS as well.
 * src/init.c, src/main.c, src/options.h: new command line/wgetrc options.
   (main): in recursive downloads, check for SCHEME_FTPS as well.
 * src/openssl.c (struct openssl_transport_context): new field 'sess'.
   (ssl_connect_wget): save/resume SSL/TLS session.
 * src/retr.c (retrieve_url): check new scheme SCHEME_FTPS.
 * src/ssl.h (ssl_connect_wget): refactor. New parameter of type 'int *'.
 * src/url.c. src/url.h: new scheme SCHEME_FTPS.
 * src/wget.h: new FTPS error codes.
 * src/metalink.h: support FTPS scheme.
 2015-09-14 10:16:44 +02:00
Rohit Mathulla 8654f7e2e7 Fix double free bug in SSL code 
* src/openssl.c, src/gnutls.c (ssl_init): Copy options using xstrdup
 2015-04-27 19:48:51 +02:00
Giuseppe Scrivano 16f1fb1d1f maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
Darshit Shah 4b845615fa Define MIN and MAx macros in a single location 
MIN and MAx are macros that a developer will universally expect
throughout the source. Yet, they were being defined in multiple places
across the source. Instead, define them in a single location in the
common wget.h header file and use them consistently everywhere.
 2014-12-04 18:36:54 +05:30
Tim Rühsen 007bee88d8 GnuTLS support for --secure-protocol=TLSv1_1|TLSv1_2 
The code seemed to be forgotten.
Also added a message before aborting Wget in such a case.
 2014-11-26 12:49:21 +01:00
Tim Rühsen 1356e90a14 Trivial fixes for C89 compliancy 2014-11-20 09:56:57 +01:00
Tim Rühsen f518d6cea1 Report load failure of cert files only with --debug 
Fixes #41331
 2014-11-19 11:26:20 +01:00
Tim Ruehsen 50ec4d9c3d Fix warnings from clang-analyzer 3.6 2014-11-18 20:44:56 +01:00
Tim Rühsen e4a8fe84e2 Added --crl-file to load a Certificate Revocation List (CRL) file 
Reported-by: Noël Köthe <noel@debian.org>
 2014-11-11 15:06:51 +01:00
Tim Ruehsen 6fc11e46ec do not use SSLv3 except explicitely requested 2014-10-19 21:57:06 +02:00
Giuseppe Scrivano 5a712b5bcf gnutls: do not include <assert.h> 2014-06-12 18:49:15 +02:00
Tim Ruehsen 3b6a3e84a0 fix GnuTLS connect timeout 2013-12-29 11:35:58 +01:00
Tim Ruehsen 0c9fb2b041 better backport availability for PFS feature 2013-10-17 09:56:27 +02:00
Tim Ruehsen e1fc2057c7 PFS runtime check 2013-09-08 00:49:36 +02:00
Tim Ruehsen e505664ef3 added PFS to --secure-protocol 2013-09-07 13:22:15 +02:00
Tim Ruehsen 695f11304b gnutls: Prevent CA files from being loaded twice if possible 2013-08-09 23:06:17 +02:00
Tim Ruehsen 91f0f99e9a gnutls: honor connect timeout 2013-07-12 00:07:05 +02:00
mancha ae80fd2ec7 gnutls: do not abort on non-fatal alerts during handshake 
Signed-off-by: mancha <mancha1@hush.com>
 2013-05-06 22:52:13 +02:00
Tim Ruehsen 3be7e0a53c fix --secure-protocol=SSLv2/SSLv3 2012-12-23 01:40:53 +01:00
Tim Ruehsen e2cb2fa2e3 don't error if CA directory is empty 2012-09-02 14:17:50 +02:00
Tim Ruehsen b718128b4f gnutls: deinit gnutls_x509_crt_t 2012-09-02 14:16:47 +02:00
Tim Ruehsen 370f96d36c gnutls: honor the specified timeout value 
* gnutls.c (wgnutls_poll): Honor the specified `timeout' value.
(wgnutls_peek): Likewise.
 2012-05-21 22:54:41 +02:00
Tim Ruehsen d19cc259cb gnutls: do not call fcntl in a loop. 
* gnutls.c (wgnutls_read_timeout): removed warnings, moved fcntl stuff
outside loop.
 2012-05-14 22:18:41 +02:00
Tim Ruehsen 0b4c04b583 gnutls: remove deprecated gnutls types. 2012-05-13 16:03:39 +02:00
Tim Ruehsen 0aa3c5d33c Fix some compiler warnings. 2012-05-05 15:24:35 +02:00
Phil Pennock fd582e4543 Add support for TLS SNI 2012-04-13 23:58:46 +02:00
Daniel Kahn Gillmor 154d499be2 Enable client certificates when GNU TLS is used. 2012-04-07 14:43:12 +02:00
Giuseppe Scrivano b30ba732ad gnutls: Fix a memory leak. 2012-04-01 16:30:59 +02:00
Giuseppe Scrivano 3bb17fca04 gnutls: do not access unitialized variable. 2012-04-01 16:26:44 +02:00
Giuseppe Scrivano 611a219fb0 gnutls: Remove two unused variables. 2012-02-23 11:11:49 +01:00
Steven Schweda 127036d3ec gnutls: fix memory leak. 2011-11-04 22:31:48 +01:00
Christian Jullien eb557e9e77 Fix a build problem under solaris. 2011-09-04 13:30:01 +02:00
Giuseppe Scrivano d23ce97885 Fix some other problems with GNU TLS and non blocking sockets. 2011-08-30 16:43:25 +02:00
Giuseppe Scrivano 66bbc5bc63 Fix some problems with the GNU TLS backend and not-blocking sockets. 2011-08-29 16:21:45 +02:00
Giuseppe Scrivano 5bcd75d32f gnutls: Honor read timeout. 2011-08-26 17:13:56 +02:00
Giuseppe Scrivano 76c651e3a1 gnutls: don't use gnutls_certificate_type_set_priority. 2011-08-11 10:32:44 +02:00
Giuseppe Scrivano 228299b4f7 Fix a linker error on systems with an older gnutls version. 2011-08-10 21:35:59 +02:00
Giuseppe Scrivano c6cf57d215 gnutls: do not use a deprecated function. 2011-08-05 21:36:08 +02:00
Giuseppe Scrivano ee6021a3b0 Fix GCC warnings. 2011-04-24 13:03:48 +02:00
Giuseppe Scrivano 366dbedf1b gnutls: use the blocking socket. 2011-04-19 14:40:21 +02:00
Giuseppe Scrivano 8d764f3ac6 Use correctly FIONBIO values. 2011-04-17 13:07:01 +02:00
Giuseppe Scrivano c09d62159b Remove tight loop around gnutls_record_recv. 2011-04-07 12:56:51 +02:00
Giuseppe Scrivano 0424cb1aed Allow X509 v1 certificates. 2011-04-07 12:55:42 +02:00
Ray Satiro 96c3ec36c2 gnutls: Check for the GNUTLS_E_AGAIN return code. 2011-04-07 12:25:39 +02:00
Giuseppe Scrivano d18b9749d9 Fix a bug recently introduced in wgnutls_peek. 2011-04-07 12:02:07 +02:00
Giuseppe Scrivano b1acde223f Fix build under Windows. 2011-04-03 20:23:31 +02:00
Giuseppe Scrivano ca244196f1 Make wgnutls_peek non blocking. 2011-04-03 02:15:22 +02:00
Giuseppe Scrivano 2f6aa1d741 mass change: update copyright years. 2011-01-01 13:19:37 +01:00