moparisthebest/wget
1
0
Fork 0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00
Code Issues Releases Wiki Activity
3,369 Commits 1 Branch 0 Tags 9.6 MiB
ac40b84ee1
Commit Graph

2122 Commits

Author SHA1 Message Date
Tim Rühsen
eb0789d43f src/iri.c: Call xstrndup instead of strndup 
strndup() does not exist in some older C libraries, also xstrndup()
exits on memory allocation failures.
 2014-12-12 16:15:51 +01:00
Tim Rühsen
cbaabe78e8 src/iri.c: Use c_strcasestr instead of strcasestr 
This also fixes a problem with strcasestr not being in the
boostrap.conf module list.

Reported-by: Kiyoshi KANAZAWA <yoi_no_myoujou@yahoo.co.jp>
 2014-12-12 15:45:32 +01:00
Friedrich Haubensak
0a4826f4a1 Add support for older versions of flex (tiny change) 
E.g. flex 2.5.4 (Solaris 10) does not like a space after -o.
 2014-12-11 15:18:57 +01:00
Tim Rühsen
94447e31a6 Replace compatibility functions by gnulib functions 2014-12-05 11:57:28 +01:00
Darshit Shah
e6713474c0 Fix indentation in ftp.c (getftp) 2014-12-04 19:24:04 +05:30
Darshit Shah
aaefe8bc83 Remove illogical assertion in ftp.c 
A call to assert(1) will always fail and cause Wget to crash. If such a
situation does arise, Wget should invoke abort() and provide a useful
error message to the user prior to exiting.
 2014-12-04 19:24:04 +05:30
Darshit Shah
4b845615fa Define MIN and MAx macros in a single location 
MIN and MAx are macros that a developer will universally expect
throughout the source. Yet, they were being defined in multiple places
across the source. Instead, define them in a single location in the
common wget.h header file and use them consistently everywhere.
 2014-12-04 18:36:54 +05:30
Gisle Vanem
aeca2c33c0 Fix C89 warning in src/openssl.c 2014-12-03 20:23:54 +01:00
Gisle Vanem
11c6dcb705 Fix compilation error in src/mswindows.c 2014-12-03 15:04:11 +01:00
Jérémie Courrèges-Anglas
ce088c2b9e openssl backend: repair use of TLSv1+ protocols 
The use of TLSv1_client_method() means that the protocol used will be
limited to TLSv1.0.  This is not desirable for --secure-protocol values
of "auto" (default) and "pfs".  Fix by using SSLv23_client_method() and
disabling SSLv[23].

Issue reported by Mikolaj Kucharski.
 2014-12-03 09:24:20 +05:30
Tim Rühsen
e4583ab364 Fix issues reported by static code analysis tool 'parfait' 
Closes: #41235
Reported-by: Jiri Kukacka
 2014-12-01 20:39:44 +01:00
Tim Ruehsen
4850e9c873 Replaced xfree_null() by xfree() and nullify argument after freeing. 2014-12-01 16:15:37 +01:00
Tim Ruehsen
d9325f5db5 Fix length of program_argstring in main.c 2014-11-28 22:40:19 +01:00
Tim Ruehsen
5d3b52d0b8 Remove gettext.h from Makefile.am 2014-11-28 21:39:31 +01:00
Tim Rühsen
e194c1dfd3 Get rid of gettext.h 2014-11-28 11:27:58 +01:00
Darshit Shah
3e609a1192 Replace all occurences of free() with xfree() 2014-11-27 11:11:34 +05:30
Tim Ruehsen
5edc97f3f8 Select most secure challenge from WWW-Authenticate 
This patch also adds support for multiple challenges per
WWW-Authenticate header line.
The test Test-auth-both.py now succeeds and thus is taken away
from XFAIL_TESTS (expected to fail tests).
 2014-11-26 16:41:56 +01:00
Tim Rühsen
007bee88d8 GnuTLS support for --secure-protocol=TLSv1_1|TLSv1_2 
The code seemed to be forgotten.
Also added a message before aborting Wget in such a case.
 2014-11-26 12:49:21 +01:00
Tim Rühsen
d87fdecd55 Add space after function names 2014-11-26 12:39:47 +01:00
Tim Rühsen
54227091b8 Fix blacklisting of URLs to download 
Fixes a reported crash and prevents multiple downloads of the
same file in case the URL is escaped in different ways.

Reported-by: Frédéric <vfrederix@gmail.com>
 2014-11-26 11:19:41 +01:00
Pär Karlsson
1853e425f5 Added missing version.h to Makefile.am 2014-11-26 09:27:47 +01:00
Tim Rühsen
255133326b Fix possibly uninitialized variable 2014-11-24 12:00:21 +01:00
Tim Rühsen
0c18773308 Add size of buffer to warc_timestamp() 2014-11-24 10:41:08 +01:00
Tim Rühsen
9217b864d8 Make program_name and program_argstring const 2014-11-24 10:20:51 +01:00
Tim Rühsen
5e2ecaf277 Fix C89 compile errors using ./configure --without-libuuid 2014-11-24 09:44:48 +01:00
Darshit Shah
cd23c7fe0e Supplement logical assumption assert with error message 2014-11-22 21:27:55 +05:30
Darshit Shah
ed996fe32f Remove defensive assert in cookies.c 2014-11-22 21:25:38 +05:30
Darshit Shah
1b8e54b808 Add extern declaration for program_arsgstring 
In test.c, this patch changes the type of program_argstring to char *
from a const char *. This is because, we use a char * string in the rest
of the program and declare an extern accordingly. Removing the const
type helps in keeping the code cleaner at no extra cost.
 2014-11-22 17:26:06 +05:30
Darshit Shah
eab0f5d222 Make extern declaration for program_name 2014-11-22 17:26:06 +05:30
Darshit Shah
e94a542d0f Declare extern numurls in common header 2014-11-22 17:26:06 +05:30
Darshit Shah
b6de436547 Fix missing extern declaration error for build_info.pl 2014-11-22 17:26:06 +05:30
Darshit Shah
c6b750061a Add extern declaration for version.c strings 2014-11-22 17:26:06 +05:30
Darshit Shah
b41a3a6568 Mark unused paramter in utils.c 2014-11-22 17:26:05 +05:30
Daniel Stenberg
09d47ead18 Fix compiler warning in src/iri.c 2014-11-21 10:43:14 +01:00
Darshit Shah
00203b2888 Revert "remote_to_utf8: cut off part of condition always false" 
This reverts commit 1553c70961.

Some architectures like arm64 and ppc64 have unsigned chars where this
commit will cause problems.
 2014-11-21 14:19:48 +05:30
Daniel Stenberg
1553c70961 remote_to_utf8: cut off part of condition always false 
A signed char is never larger than 127.
 2014-11-21 13:59:04 +05:30
Tim Ruehsen
bc75d2ecdf Fix code for undefined USE_NLS_PROGRESS_BAR in progress.c 
Reported-by: Gisle Vanem
 2014-11-20 21:48:04 +01:00
Gisle Vanem
e15ef0b4da Assume large-file support for WINDOWS 2014-11-20 21:37:24 +01:00
Tim Rühsen
3c51ad7f02 Removed form feeds from sources and NEWS 2014-11-20 16:35:34 +01:00
Gisle Vanem
6a9b2d36e1 Fix C89 issue in http.c found by MSVC 16 2014-11-20 16:20:20 +01:00
Darshit Shah
d9f21b4b95 Aesthetic changes to progress bar 2014-11-20 16:43:47 +05:30
Tim Rühsen
7b43510fe3 Fixes possible issues with Wget running in a turkish locale 2014-11-20 10:56:21 +01:00
Tim Rühsen
1356e90a14 Trivial fixes for C89 compliancy 2014-11-20 09:56:57 +01:00
Darshit Shah
f9646a0c14 Fix potential memory leak in main.c 2014-11-19 23:39:22 +05:30
Darshit Shah
1ce1a40f94 Fix memory leak in utils.c 2014-11-19 21:55:30 +05:30
Tim Rühsen
7a7a241e5b Use random() and srandom() if available. 
Reported-by: Coverity scanner
 2014-11-19 16:06:19 +01:00
Tim Rühsen
18fe274e1c Fix loop check in FTP code 
Reported-by: Coverity scanner
 2014-11-19 16:05:55 +01:00
Darshit Shah
c6ee033425 Make 504 Gateway Timeout non fatal 2014-11-19 18:03:17 +05:30
Tim Rühsen
0c1bff841b Fix memory leak in OpenSSL code 2014-11-19 12:09:04 +01:00
Tim Rühsen
f518d6cea1 Report load failure of cert files only with --debug 
Fixes #41331
 2014-11-19 11:26:20 +01:00
Tim Ruehsen
50ec4d9c3d Fix warnings from clang-analyzer 3.6 2014-11-18 20:44:56 +01:00
Tim Rühsen
94b8458af1 Fix possible authentication problem with turkish locale 
The test server now treats authentication schemes case-independent.
 2014-11-18 12:49:52 +01:00
Tim Rühsen
db621341a4 Code cleanup for redirect_output_signal() 
Also fixes a compiler warning for 'make check'.
 2014-11-17 11:46:57 +01:00
Tim Rühsen
2ece0cc425 Remove 'make check'compiler warnings 2014-11-17 11:28:20 +01:00
Tom Li
6c989c7131 Scroll to last character of filename in progress 2014-11-16 12:03:10 +05:30
Darshit Shah
94805ad55a Fix progress bar assertion 2014-11-15 00:13:13 +05:30
Tim Rühsen
897ef07712 Fix error handling for CRL loading in OpenSSL code 2014-11-12 15:38:21 +01:00
Witchakorn Kamolpornwijit
6e259b76b7 Fix range check in map_html_tags() 2014-11-12 15:22:15 +01:00
Tim Rühsen
cf4991d602 Added OpenSSL support for --crl-file 2014-11-12 10:00:51 +01:00
Tim Rühsen
176c2b17fc Add 'Accept-Encoding: identity' to request header 
Fixes bug #40819
Reported-by: Noël Köthe <noel@debian.org>
 2014-11-11 20:05:21 +01:00
Tim Rühsen
9823dc1989 Fix missing _Noreturn declaration specifiers in src/main.c 
Reported-by: Gisle Vanem <gvanem@yahoo.no>
 2014-11-11 16:34:57 +01:00
Tim Rühsen
2457715e7d Fix OpenSSL compile-time check for TLSv1.1 and TLSv1.2 
Reported-by: Velemas Vosak <velemas@gmail.com>
 2014-11-11 15:09:41 +01:00
Tim Rühsen
e4a8fe84e2 Added --crl-file to load a Certificate Revocation List (CRL) file 
Reported-by: Noël Köthe <noel@debian.org>
 2014-11-11 15:06:51 +01:00
Darshit Shah
170a469533 Honour Keep-Alive when range not satisfiable 2014-11-09 14:33:13 +05:30
Darshit Shah
d81a8d5f56 Remove redundant condition eval 2014-11-09 14:20:22 +05:30
Tim Ruehsen
7259c30929 Fix segmentation fault on do_conversion() failure 
Having an unknown local encoding made Wget crash.
We also fix a wrong 'Conversion from ...' message and
changed two logging messages into debug messages.

Reported-by: Mikael Magnusson <mikachu@gmail.com>
 2014-11-05 21:57:18 +01:00
Matthew Atkinson
e0f149d29d Always send Content-Length with POST, PUT, PATCH 2014-11-05 08:42:51 +01:00
Jakub Čajka
981c7456ff * iri.c (remote_to_utf8): Fixed assumption that char is signed. 
Fixes fellowing test case failures idn-cmd-utf8, idn-robots-utf8,
if char is unsigned.
 2014-11-03 15:43:55 +01:00
Tim Rühsen
e52879514f * src/log.c: turn on automatic format check for log_vprintf_internal() 2014-11-03 09:22:47 +01:00
Darshit Shah
35bfcb34b0 Remove extra padding from the progress bar 2014-11-01 23:38:07 +05:30
Giuseppe Scrivano
ea97693b54 http: Always check for "Connection: close" presence 2014-11-01 13:22:07 +01:00
Tim Rühsen
fb8f81040a make _get_rfc2253_formatted static 2014-10-31 09:25:21 +01:00
Tim Rühsen
4ea40809cb fix implicit decl warning 2014-10-30 15:44:04 +01:00
Tim Rühsen
c2bb6bc875 fix memory leak 2014-10-30 11:05:07 +01:00
Tim Rühsen
a5c6ae8f28 use CLOSE_INVALIDATE instead of fd_close 2014-10-30 11:05:07 +01:00
Tim Rühsen
42333c4a5e always set fd invalid after close 2014-10-30 11:05:07 +01:00
Tim Rühsen
a6c2ba73d9 fix memory leak in openssl.c 2014-10-30 11:04:52 +01:00
Peter Meiser
c81e3df2bc Add guard for OpenSSL without SSLv3 2014-10-29 19:27:11 +01:00
Tim Rühsen
148065bc00 content for commit 6092205538 2014-10-29 16:18:01 +01:00
Tim Ruehsen
4152e98bb0 content for commit 605d9053e5 2014-10-28 20:21:33 +01:00
Tim Rühsen
6092205538 fixing several memory leaks 2014-10-28 16:56:34 +01:00
Giuseppe Scrivano
e5cb0f77e6 Revert "Replace @VAR@ in Makefile.am files with $VAR" 
This reverts commit d1ab00cab4.

Conflicts:
	tests/Makefile.am
 2014-10-28 10:42:50 +01:00
Darshit Shah
69c45cba43 Add checks for valid listing file in FTP 
When Wget retrieves a file through FTP, it first downloads a .listing
file and parses it for information about the files and other metadata.
Some servers may serve invalid .listing files. This patch checks for one
such known inconsistency wherein multiple lines in a listing file have
the same name. Such a filesystem is clearly not possible and hence we
eliminate duplicate entries here.

Signed-off-by: Darshit Shah <darnir@gmail.com>
 2014-10-27 09:18:13 +01:00
Darshit Shah
18b0979357 CVE-2014-4877: Arbitrary Symlink Access 
Wget was susceptible to a symlink attack which could create arbitrary
files, directories or symbolic links and set their permissions when
retrieving a directory recursively through FTP. This commit changes the
default settings in Wget such that Wget no longer creates local symbolic
links, but rather traverses them and retrieves the pointed-to file in
such a retrieval.

The old behaviour can be attained by passing the --retr-symlinks=no
option to the Wget invokation command.
 2014-10-27 09:18:13 +01:00
Giuseppe Scrivano
c986ea790c Fix ChangeLog entry 2014-10-27 09:14:56 +01:00
Tim Ruehsen
3e3073ca7b add TLSv1_1 and TLSv1_2 to --secure-protocol 2014-10-23 21:16:37 +02:00
Ángel González
601b282cd8 css-url.c (get_uri_string): Fix regression from 8e6de1fb5 
Solves the issue discovered by Gabriel Somlo and reported in the ml thread
"Regression in git master branch (commit 8e6de1fb5f)"
 2014-10-22 20:26:28 +02:00
Tim Rühsen
bc347cc36f fixed IRI misbehaviour(s) 2014-10-20 08:53:12 +02:00
Tim Ruehsen
6fc11e46ec do not use SSLv3 except explicitely requested 2014-10-19 21:57:06 +02:00
Tim Rühsen
8c2d9afd08 fixed memleak in retrieve_url() 2014-09-30 20:50:06 +05:30
Darshit Shah
efe090df89 Handle multibyte characters in progressbar 
This commit fixes a bug in the progressbar implementation wherein
filenames with multibyte characters were not handled correctly.
 2014-09-14 16:17:00 +05:30
Darshit Shah
eab853b7e6 Plug memory leaks 2014-07-24 14:23:43 +05:30
Daniel Stenberg
3d7797c46e main.c: update the --method description 
The first line of a HTTP request is not a header, it is the start-line,
which for requests is called the request-line.

See http://tools.ietf.org/html/rfc7230#section-3.1
 2014-07-23 18:46:21 +05:30
Darshit Shah
a44841cbe2 Fix potential memory leak and libpsl configure 2014-07-21 13:25:54 +05:30
Tomas Hozza
e43ae39dff Fix checking of iconv_open return code. 
Based on libiconv documentation, the iconv_open function returns
(iconv_t)(-1).

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2014-07-08 17:01:17 +02:00
Darshit Shah
c5f2c7fcef Convert domains to lowercase before libpsl checks 2014-07-05 16:21:40 +05:30
Darshit Shah
550cd6e9d2 Fix indentation and remove excess variable 2014-07-05 16:18:38 +05:30
Darshit Shah
97ce41b2d0 Remove unused error codes 2014-07-05 16:18:31 +05:30
Giuseppe Scrivano
416d0e892c convert: initialize variable before usage. 2014-06-30 11:35:46 +02:00
Giuseppe Scrivano
e2c8436e17 warc: Avoid out-of-scope variable usage 2014-06-29 11:22:44 +02:00