moparisthebest
/
wget
mirror of https://github.com/moparisthebest/wget
1
0
Fork 0
Code Issues Releases Wiki Activity
3,460 Commits 1 Branch 0 Tags 9.6 MiB
Commit Graph

96 Commits

Author SHA1 Message Date
Ander Juaristi f8901af4e0 Added support for FTPS 
* doc/wget.texi: updated documentation to reflect the new FTPS functionality.
 * src/ftp-basic.c (ftp_greeting): new function to read the server's greeting.
   (ftp_login): greeting code was previously here. Moved to ftp_greeting to
   support FTPS implicit mode.
   (ftp_auth): wrapper around the AUTH TLS command.
   (ftp_ccc): wrapper around the CCC command.
   (ftp_pbsz): wrapper around the PBSZ command.
   (ftp_prot): wraooer around the PROT command.
 * src/ftp.c (get_ftp_greeting): new static function.
   (init_control_ssl_connection): new static function to start SSL/TLS on the
   control channel.
   (getftp): added hooks to support FTPS commands (RFCs 2228 and 4217).
   (ftp_loop_internal): test for new FTPS error codes.
 * src/ftp.h: new enum 'prot_level' with available FTPS protection levels +
   prototypes of previous functions. New flag for enum 'wget_ftp_fstatus' to track
   whether the data channel has some security mechanism enabled or not.
 * src/gnutls.c (struct wgnutls_transport_context): new field 'session_data'.
   (wgnutls_close): free GnuTLS session data before exiting.
   (ssl_connect_wget): save/resume SSL/TLS session.
 * src/http.c (establish_connection): refactor ssl_connect_wget call.
   (metalink_from_http): take into account SCHEME_FTPS as well.
 * src/init.c, src/main.c, src/options.h: new command line/wgetrc options.
   (main): in recursive downloads, check for SCHEME_FTPS as well.
 * src/openssl.c (struct openssl_transport_context): new field 'sess'.
   (ssl_connect_wget): save/resume SSL/TLS session.
 * src/retr.c (retrieve_url): check new scheme SCHEME_FTPS.
 * src/ssl.h (ssl_connect_wget): refactor. New parameter of type 'int *'.
 * src/url.c. src/url.h: new scheme SCHEME_FTPS.
 * src/wget.h: new FTPS error codes.
 * src/metalink.h: support FTPS scheme.
 2015-09-14 10:16:44 +02:00
Rohit Mathulla 3765a1b266 openssl: Read cert from private key file when needed 
* src/openssl.c (ssl_init): Assign opt.cert_{file, type}
  from opt.private_key(_type)
 2015-04-27 19:52:18 +02:00
Rohit Mathulla 8654f7e2e7 Fix double free bug in SSL code 
* src/openssl.c, src/gnutls.c (ssl_init): Copy options using xstrdup
 2015-04-27 19:48:51 +02:00
Giuseppe Scrivano 16f1fb1d1f maint: update copyright year ranges to include 2015 2015-03-09 16:32:01 +01:00
Tim Rühsen c83f344564 src/openssl.c: Use SSL_state() instead of ssl_st.state 
Changes in OpenSSL 1.0.2 API hides ssl_st structure members.
Reported-by: Gisle Vanem <gvanem@yahoo.no>
 2015-02-10 09:53:42 +01:00
Jérémie Courrèges-Anglas b5778699f0 openssl: Detect the availability of RAND_egd (tiny change) 
Alternatives like LibreSSL don't provide RAND_egd() anymore.
Fixes compilation on OpenBSD.
 2014-12-17 11:47:15 +01:00
Gisle Vanem aeca2c33c0 Fix C89 warning in src/openssl.c 2014-12-03 20:23:54 +01:00
Jérémie Courrèges-Anglas ce088c2b9e openssl backend: repair use of TLSv1+ protocols 
The use of TLSv1_client_method() means that the protocol used will be
limited to TLSv1.0.  This is not desirable for --secure-protocol values
of "auto" (default) and "pfs".  Fix by using SSLv23_client_method() and
disabling SSLv[23].

Issue reported by Mikolaj Kucharski.
 2014-12-03 09:24:20 +05:30
Tim Ruehsen 4850e9c873 Replaced xfree_null() by xfree() and nullify argument after freeing. 2014-12-01 16:15:37 +01:00
Tim Rühsen 007bee88d8 GnuTLS support for --secure-protocol=TLSv1_1|TLSv1_2 
The code seemed to be forgotten.
Also added a message before aborting Wget in such a case.
 2014-11-26 12:49:21 +01:00
Tim Rühsen 1356e90a14 Trivial fixes for C89 compliancy 2014-11-20 09:56:57 +01:00
Tim Rühsen 0c1bff841b Fix memory leak in OpenSSL code 2014-11-19 12:09:04 +01:00
Tim Rühsen 897ef07712 Fix error handling for CRL loading in OpenSSL code 2014-11-12 15:38:21 +01:00
Tim Rühsen cf4991d602 Added OpenSSL support for --crl-file 2014-11-12 10:00:51 +01:00
Tim Rühsen 2457715e7d Fix OpenSSL compile-time check for TLSv1.1 and TLSv1.2 
Reported-by: Velemas Vosak <velemas@gmail.com>
 2014-11-11 15:09:41 +01:00
Tim Rühsen fb8f81040a make _get_rfc2253_formatted static 2014-10-31 09:25:21 +01:00
Tim Rühsen 4ea40809cb fix implicit decl warning 2014-10-30 15:44:04 +01:00
Tim Rühsen a6c2ba73d9 fix memory leak in openssl.c 2014-10-30 11:04:52 +01:00
Peter Meiser c81e3df2bc Add guard for OpenSSL without SSLv3 2014-10-29 19:27:11 +01:00
Tim Ruehsen 3e3073ca7b add TLSv1_1 and TLSv1_2 to --secure-protocol 2014-10-23 21:16:37 +02:00
Tim Ruehsen 6fc11e46ec do not use SSLv3 except explicitely requested 2014-10-19 21:57:06 +02:00
Nikita Vetrov 104fd20ac3 Add GOST94-GOST89-GOST89 and other ciphers support 
It is done via one-time call OPENSSL_config. It will fix this error
`OpenSSL: error:140920F8:SSL routines:SSL3_GET_SERVER_HELLO:unknown
cipher returned`. OpenSSL with GOST-support and rebuilding wget
required
 2014-06-21 18:33:41 +02:00
Darshit Shah 8624553a31 Whitespace and formatting changes.(Aesthetic only) 
This commit makes lots of whitespace only changes. It has been ensured that this
commit does not make any changes to the functioning of the program. The only
changes that have been made are:
    * Remove trailing whitespaces
    * Convert tabs to spaces
    * Fix indentation issues in the code
    * Other aesthetic changes to the formatting of comments
 2014-05-30 21:12:57 +05:30
Tim Ruehsen 38a7829dcb Fix compiler warnings 2014-05-12 12:18:50 +02:00
Tim Ruehsen e505664ef3 added PFS to --secure-protocol 2013-09-07 13:22:15 +02:00
Karsten Hopp b8f036d16c Fix timeout option when used with SSL 
Previously wget didn't honor the --timeout option if the remote host did
not answer SSL handshake

Signed-off-by: Tomas Hozza <thozza@redhat.com>
 2013-07-12 11:43:41 +02:00
Tim Ruehsen 321b5dce85 * fix a few little dissonances 2012-06-04 22:05:40 +02:00
Phil Pennock fd582e4543 Add support for TLS SNI 2012-04-13 23:58:46 +02:00
Steven Schweda 8c7bd588fe Fix some problems under VMS. 2011-10-23 13:11:22 +02:00
Giuseppe Scrivano 547bcb0d3f Silent a compiler warning. 2011-08-26 12:37:17 +02:00
Ray Satiro 53427a9b76 openssl: Prevent loops on read errors. 2011-05-15 16:54:58 +02:00
Giuseppe Scrivano 1eb1e76e9a Fix build error. 2011-04-18 14:32:14 +02:00
Giuseppe Scrivano b0a3d43014 openssl: make openssl_peek non-blocking. 2011-04-13 13:57:37 +02:00
Cristian Rodrwuez cbe8eb725b openssl: Use SSLv2 only when available. 2011-04-11 11:08:39 +02:00
Giuseppe Scrivano 6dca252c60 openssl: Retry to read if a non-blocking socket returns immediately. 2011-04-04 16:56:51 +02:00
Giuseppe Scrivano 4d564bd630 Ensure FD_TO_SOCKET is defined under Windows. 2011-04-04 16:46:38 +02:00
Giuseppe Scrivano 2f6aa1d741 mass change: update copyright years. 2011-01-01 13:19:37 +01:00
Giuseppe Scrivano 9ae052b1e2 Remove redundant guard. 2010-12-01 13:15:13 +01:00
Giuseppe Scrivano 5af14a7589 Fix GNU TLS backend under Windows. 2010-06-15 13:03:13 +02:00
Giuseppe Scrivano 293008f682 Mass update copyright years. 2010-05-08 21:56:15 +02:00
Giuseppe Scrivano b76ef3f452 Use always close as it is defined by gnulib on platforms lacking it. 2010-05-07 13:27:11 +02:00
Micah Cowan 30b24240ae Fixed some mixed declarations-and-code. 2010-01-13 20:41:15 -08:00
Petr Pisar d92049ef66 Implement support for subjectAltName fields in X509 certs. 2009-10-24 16:06:44 -07:00
Micah Cowan 34b1a7ad5d Avoid reusing same buffer for successive quoted args. 2009-09-22 09:16:43 -07:00
Micah Cowan 4a08094db8 [mq]: cfg-mk 2009-09-21 20:39:44 -07:00
Gisle Vanem f3e634a8b2 Adjustments for MSDOS. 2009-09-05 11:27:52 -07:00
Micah Cowan b9e9ad65cc Ran update-copyright. 2009-09-04 00:13:47 -07:00
Micah Cowan 57c9e17e6c Only warn of attack if the hostname would have matched. 2009-08-19 01:15:27 -07:00
Joao Ferreira 61a4b1f77a Detect NULs in common name. 2009-08-19 00:44:22 -07:00
Micah Cowan d5e283b1a7 Automated merge. 2009-07-04 15:32:57 -07:00