Update to 1.17.1

Signed-off-by: Tomas Hozza <thozza@redhat.com>
2015-12-14 19:21:24 +01:00 · 2015-12-14 19:21:24 +01:00 · 1856f50660
commit 1856f50660
parent 0d4143a03e
7 changed files with 9 additions and 225 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,3 +7,4 @@ wget-1.12.tar.bz2
 /wget-1.16.2.tar.xz
 /wget-1.16.3.tar.xz
 /wget-1.17.tar.xz
 /wget-1.17.1.tar.xz
--- a/2
+++ b/2
@ -1 +1 @@
-b8cff5a2f88f5ce60a2b0e361e030b46  wget-1.17.tar.xz
+b0d58ef4963690e71effba24c105ed52  wget-1.17.1.tar.xz
--- a/wget-1.17-Fix-SIGSEGV-in-N-content-disposition-combination.patch
+++ b/wget-1.17-Fix-SIGSEGV-in-N-content-disposition-combination.patch
@ -1,62 +0,0 @@
 From 218d81f6e5fb4f5ecd8db0fb2d9091ea509e0475 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
 Date: Sat, 21 Nov 2015 21:44:11 +0100
 Subject: [PATCH] Fix SIGSEGV in -N / --content-disposition combination
 * src/http.c (http_loop): Fix SIGSEGV
 Reported-by: "Schleusener, Jens" <Jens.Schleusener@t-online.de>
 ---
 src/http.c | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)
 diff --git a/src/http.c b/src/http.c
 index 355ff53..9d71483 100644
 --- a/src/http.c
 +++ b/src/http.c
@@ -3794,7 +3794,6 @@ http_loop (struct url *u, struct url *original_url, char **newloc,
   struct http_stat hstat;        /* HTTP status */
   struct_stat st;
   bool send_head_first = true;
 -  char *file_name;
   bool force_full_retrieve = false;
@@ -3864,11 +3863,6 @@ http_loop (struct url *u, struct url *original_url, char **newloc,
   if (opt.content_disposition && opt.always_rest)
     send_head_first = true;
 -  if (!opt.output_document)
 -      file_name = url_file_name (opt.trustservernames ? u : original_url, NULL);
 -  else
 -    file_name = xstrdup (opt.output_document);
 -
 #ifdef HAVE_METALINK
   if (opt.metalink_over_http)
     {
@@ -3881,7 +3875,7 @@ http_loop (struct url *u, struct url *original_url, char **newloc,
     {
       /* Use conditional get request if requested
        * and if timestamp is known at this moment.  */
 -      if (opt.if_modified_since && file_exists_p (file_name) && !send_head_first)
 +      if (opt.if_modified_since && !send_head_first && got_name && file_exists_p (hstat.local_file))
         {
           *dt |= IF_MODIFIED_SINCE;
           {
@@ -3892,12 +3886,10 @@ http_loop (struct url *u, struct url *original_url, char **newloc,
         }
         /* Send preliminary HEAD request if -N is given and we have existing
          * destination file or content disposition is enabled.  */
 -      else if (file_exists_p (file_name) || opt.content_disposition)
 +      else if (opt.content_disposition || file_exists_p (hstat.local_file))
         send_head_first = true;
     }
 -  xfree (file_name);
 -
   /* THE loop */
   do
     {
 -- 
 2.4.3
--- a/wget-1.17-Fix-regression-in-HTTP-authentication.patch
+++ b/wget-1.17-Fix-regression-in-HTTP-authentication.patch
@ -1,29 +0,0 @@
 From 4e37fb6191d1d3d3c810379854882bbc63ce1697 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
 Date: Mon, 23 Nov 2015 17:50:59 +0100
 Subject: [PATCH] Fix regression in HTTP authentication
 * src/http.c (initialize_request): Fix wrong params to search_netrc()
 Regression introduced in commit 29850e77
 Reported-by: Axel Reinhold <axel@freakout.de>
 ---
 src/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/src/http.c b/src/http.c
 index 9d71483..8916d2b 100644
 --- a/src/http.c
 +++ b/src/http.c
@@ -1872,7 +1872,7 @@ initialize_request (struct url *u, struct http_stat *hs, int *dt, struct url *pr
   /* Find the username and password for authentication. */
   *user = u->user;
   *passwd = u->passwd;
 -  search_netrc (u->host, (const char **)&user, (const char **)&passwd, 0);
 +  search_netrc (u->host, (const char **)user, (const char **)passwd, 0);
   *user = *user ? *user : (opt.http_user ? opt.http_user : opt.user);
   *passwd = *passwd ? *passwd : (opt.http_passwd ? opt.http_passwd : opt.passwd);
 -- 
 2.4.3
--- a/wget-1.17-fix-HSTS-memory-issue-and-test-code-issue.patch
+++ b/wget-1.17-fix-HSTS-memory-issue-and-test-code-issue.patch
@ -1,122 +0,0 @@
 From 99aa7b4f5e13a30e04d4410e98bbb81780e74f09 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@openmediasystem.de>
 Date: Wed, 18 Nov 2015 10:58:56 +0100
 Subject: [PATCH] Fix HSTS memory issue + test code issue
 * src/hsts.c (hsts_find_entry): Fix freeing memory
  (hsts_remove_entry): Remove freeing host member
  (hsts_match): Free host member here
  (hsts_store_entry): Free host member here
  (test_url_rewrite): Fix 'created' value
  (test_hsts_read_database): Fix 'created' value
 Reported-by: Dagobert Michelsen <dam@opencsw.org>
 ---
 src/hsts.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)
 diff --git a/src/hsts.c b/src/hsts.c
 index b0989c7..3ddbf72 100644
 --- a/src/hsts.c
 +++ b/src/hsts.c
@@ -148,13 +148,14 @@ hsts_find_entry (hsts_store_t store,
 end:
   /* restore pointer or we'll get a SEGV */
   k->host = org_ptr;
 -  xfree (k->host);
   /* copy parameters to previous frame */
   if (match_type)
     *match_type = match;
   if (kh)
     memcpy (kh, k, sizeof (struct hsts_kh));
 +  else
 +    xfree (k->host);
   xfree (k);
   return khi;
@@ -236,8 +237,7 @@ hsts_new_entry (hsts_store_t store,
 static void
 hsts_remove_entry (hsts_store_t store, struct hsts_kh *kh)
 {
 -  if (hash_table_remove (store->table, kh))
 -    xfree (kh->host);
 +  hash_table_remove (store->table, kh);
 }
 static bool
@@ -375,9 +375,10 @@ hsts_match (hsts_store_t store, struct url *u)
           else
             hsts_remove_entry (store, kh);
         }
 +      xfree (kh->host);
     }
 -  xfree(kh);
 +  xfree (kh);
   return url_changed;
 }
@@ -451,9 +452,10 @@ hsts_store_entry (hsts_store_t store,
           result = hsts_add_entry (store, host, port, max_age, include_subdomains);
         }
       /* we ignore new entries with max_age == 0 */
 +      xfree (kh->host);
     }
 -  xfree(kh);
 +  xfree (kh);
   return result;
 }
@@ -613,7 +615,7 @@ test_url_rewrite (hsts_store_t s, const char *url, int port, bool rewrite)
   if (rewrite)
     {
       if (port == 80)
 -       mu_assert("URL: port should've been rewritten to 443", u.port == 443);
 +        mu_assert("URL: port should've been rewritten to 443", u.port == 443);
       else
         mu_assert("URL: port should've been left intact", u.port == port);
       mu_assert("URL: scheme should've been rewritten to HTTPS", u.scheme == SCHEME_HTTPS);
@@ -686,7 +688,7 @@ test_hsts_url_rewrite_superdomain (void)
   s = open_hsts_test_store ();
   mu_assert("Could not open the HSTS store", s != NULL);
 -  created = hsts_store_entry (s, SCHEME_HTTPS, "www.foo.com", 443, time(NULL) + 1234, true);
 +  created = hsts_store_entry (s, SCHEME_HTTPS, "www.foo.com", 443, 1234, true);
   mu_assert("A new entry should've been created", created == true);
   TEST_URL_RW (s, "www.foo.com", 80);
@@ -707,7 +709,7 @@ test_hsts_url_rewrite_congruent (void)
   s = open_hsts_test_store ();
   mu_assert("Could not open the HSTS store", s != NULL);
 -  created = hsts_store_entry (s, SCHEME_HTTPS, "foo.com", 443, time(NULL) + 1234, false);
 +  created = hsts_store_entry (s, SCHEME_HTTPS, "foo.com", 443, 1234, false);
   mu_assert("A new entry should've been created", created == true);
   TEST_URL_RW (s, "foo.com", 80);
@@ -726,6 +728,7 @@ test_hsts_read_database (void)
   char *home = home_dir();
   char *file = NULL;
   FILE *fp = NULL;
 +  time_t created = time(NULL) - 10;
   if (home)
     {
@@ -734,9 +737,9 @@ test_hsts_read_database (void)
       if (fp)
         {
           fputs ("# dummy comment\n", fp);
 -          fputs ("foo.example.com\t0\t1\t1434224817\t123123123\n", fp);
 -          fputs ("bar.example.com\t0\t0\t1434224817\t456456456\n", fp);
 -          fputs ("test.example.com\t8080\t0\t1434224817\t789789789\n", fp);
 +          fprintf (fp, "foo.example.com\t0\t1\t%ld\t123\n",(long) created);
 +          fprintf (fp, "bar.example.com\t0\t0\t%ld\t456\n", (long) created);
 +          fprintf (fp, "test.example.com\t8080\t0\t%ld\t789\n", (long) created);
           fclose (fp);
           table = hsts_store_open (file);
 -- 
 2.4.3
--- a/wget-rh-modified.patch
+++ b/wget-rh-modified.patch
@ -3,9 +3,9 @@
@@ -561,7 +561,7 @@
 PACKAGE_NAME='wget'
 PACKAGE_TARNAME='wget'
- PACKAGE_VERSION='1.17'
+ PACKAGE_VERSION='1.17.1'
-PACKAGE_STRING='wget 1.17'
+-PACKAGE_STRING='wget 1.17.1'
-+PACKAGE_STRING='wget 1.17 (Red Hat modified)'
+PACKAGE_STRING='wget 1.17.1 (Red Hat modified)'
 PACKAGE_BUGREPORT='bug-wget@gnu.org'
 PACKAGE_URL=''
--- a/wget.spec
+++ b/wget.spec
@ -1,6 +1,6 @@
 Summary: A utility for retrieving files using the HTTP or FTP protocols
 Name: wget
-Version: 1.17
+Version: 1.17.1
 Release: 1%{?dist}
 License: GPLv3+
 Group: Applications/Internet
@ -9,10 +9,6 @@ Source: ftp://ftp.gnu.org/gnu/wget/wget-%{version}.tar.xz
 Patch1: wget-rh-modified.patch
 Patch2: wget-1.17-path.patch
 # upstream fixes from git post 1.17 version
 Patch3: wget-1.17-fix-HSTS-memory-issue-and-test-code-issue.patch
 patch4: wget-1.17-Fix-SIGSEGV-in-N-content-disposition-combination.patch
 Patch5: wget-1.17-Fix-regression-in-HTTP-authentication.patch
 Provides: webclient
 Provides: bundled(gnulib) 
@ -36,9 +32,6 @@ support for Proxy servers, and configurability.
 %setup -q
 %patch1 -p0 -b .rh_modified
 %patch2 -p1 -b .path
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
 %build
 %configure \
@ -84,6 +77,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_infodir}/*
 %changelog
 * Mon Dec 14 2015 Tomas Hozza <thozza@redhat.com> - 1.17.1-1
 - Update to 1.17.1
 * Fri Nov 27 2015 Tomas Hozza <thozza@redhat.com> - 1.17-1
 - Updated to 1.17 + added some additional upstream fixes
 - Fixed hardening of wget executable (#1281829)
`@ -1 +1 @@`
	`b8cff5a2f88f5ce60a2b0e361e030b46 wget-1.17.tar.xz`	`b0d58ef4963690e71effba24c105ed52 wget-1.17.1.tar.xz`