diff --git a/.gitignore b/.gitignore index 9d12d88..e1ccbe9 100644 --- a/.gitignore +++ b/.gitignore @@ -11,3 +11,4 @@ wget-1.12.tar.bz2 /wget-1.18.tar.xz /wget-1.19.tar.xz /wget-1.19.1.tar.xz +/wget-1.19.2.tar.gz diff --git a/sources b/sources index 3db4a26..adfc643 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (wget-1.19.1.tar.xz) = 00864d225439bcb7c5af01d7ef19efa615427812d3320ab3f4c8f62c38191e837b1392397843f935d7dc5860a4d0ce89ee31f2730c4a729402f1f2bf3e5f64e5 +SHA512 (wget-1.19.2.tar.gz) = a0f8afcc0767a8fd1acd64b1b1b27d177bc938e70cc3709c1b3faa6c1426ec926642cd8e49d292cec0268ee507683539b5152072110106de5a728a03efd8cedd diff --git a/wget-1.17-path.patch b/wget-1.17-path.patch index 0273909..ba83493 100644 --- a/wget-1.17-path.patch +++ b/wget-1.17-path.patch @@ -1,6 +1,42 @@ -diff -up wget-1.17/doc/sample.wgetrc.munged_for_texi_inclusion.path wget-1.17/doc/sample.wgetrc.munged_for_texi_inclusion ---- wget-1.17/doc/sample.wgetrc.munged_for_texi_inclusion.path 2015-11-15 15:11:06.000000000 +0100 -+++ wget-1.17/doc/sample.wgetrc.munged_for_texi_inclusion 2015-11-27 10:39:14.257380430 +0100 +diff --git a/NEWS b/NEWS +index 5e01a3c..88c7073 100644 +--- a/NEWS ++++ b/NEWS +@@ -893,7 +893,7 @@ distributed with Wget. + + ** Compiles on pre-ANSI compilers. + +-** Global wgetrc now goes to /usr/local/etc (i.e. $sysconfdir). ++** Global wgetrc now goes to /etc (i.e. $sysconfdir). + + ** Lots of bugfixes. + +@@ -956,7 +956,7 @@ Emacs, standalone info, or converted to HTML, dvi or postscript. + ** Fixed a long-standing bug, so that Wget now works over SLIP + connections. + +-** You can have a system-wide wgetrc (/usr/local/lib/wgetrc by ++** You can have a system-wide wgetrc (/etc/wgetrc by + default). Settings in $HOME/.wgetrc override the global ones, of + course :-) + +diff --git a/README b/README +index 61cb2aa..6c9b2fa 100644 +--- a/README ++++ b/README +@@ -33,7 +33,7 @@ for socks. + + Most of the features are configurable, either through command-line + options, or via initialization file .wgetrc. Wget allows you to +-install a global startup file (/usr/local/etc/wgetrc by default) for ++install a global startup file (/etc/wgetrc by default) for + site settings. + + Wget works under almost all Unix variants in use today and, unlike +diff --git a/doc/sample.wgetrc b/doc/sample.wgetrc +index c0d0779..9a73ada 100644 +--- a/doc/sample.wgetrc ++++ b/doc/sample.wgetrc @@ -10,7 +10,7 @@ ## Or online here: ## https://www.gnu.org/software/wget/manual/wget.html#Startup-File @@ -19,9 +55,10 @@ diff -up wget-1.17/doc/sample.wgetrc.munged_for_texi_inclusion.path wget-1.17/do ## Think well before you change them, since they may reduce wget's ## functionality, and make it behave contrary to the documentation: ## -diff -up wget-1.17/doc/sample.wgetrc.path wget-1.17/doc/sample.wgetrc ---- wget-1.17/doc/sample.wgetrc.path 2015-11-09 16:24:06.000000000 +0100 -+++ wget-1.17/doc/sample.wgetrc 2015-11-27 10:39:14.257380430 +0100 +diff --git a/doc/sample.wgetrc.munged_for_texi_inclusion b/doc/sample.wgetrc.munged_for_texi_inclusion +index 3c7f2f4..521ef16 100644 +--- a/doc/sample.wgetrc.munged_for_texi_inclusion ++++ b/doc/sample.wgetrc.munged_for_texi_inclusion @@ -10,7 +10,7 @@ ## Or online here: ## https://www.gnu.org/software/wget/manual/wget.html#Startup-File @@ -40,9 +77,10 @@ diff -up wget-1.17/doc/sample.wgetrc.path wget-1.17/doc/sample.wgetrc ## Think well before you change them, since they may reduce wget's ## functionality, and make it behave contrary to the documentation: ## -diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info ---- wget-1.17/doc/wget.info.path 2015-11-15 15:11:08.000000000 +0100 -+++ wget-1.17/doc/wget.info 2015-11-27 10:45:42.131452410 +0100 +diff --git a/doc/wget.info b/doc/wget.info +index 985b614..3e9b771 100644 +--- a/doc/wget.info ++++ b/doc/wget.info @@ -113,7 +113,7 @@ retrieval through HTTP proxies. • Most of the features are fully configurable, either through command line options, or via the initialization file ‘.wgetrc’ (*note @@ -50,9 +88,9 @@ diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info - (‘/usr/local/etc/wgetrc’ by default) for site settings. You can + (‘/etc/wgetrc’ by default) for site settings. You can also specify the location of a startup file with the –config - option. - -@@ -2712,8 +2712,8 @@ File: wget.info, Node: Wgetrc Location, + option. To disable the reading of config files, use –no-config. + If both –config and –no-config are given, –no-config is ignored. +@@ -2814,8 +2814,8 @@ File: wget.info, Node: Wgetrc Location, Next: Wgetrc Syntax, Prev: Startup Fi =================== When initializing, Wget will look for a “global” startup file, @@ -63,7 +101,7 @@ diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info there, if it exists. Then it will look for the user’s file. If the environmental variable -@@ -2724,7 +2724,7 @@ further attempts will be made. +@@ -2826,7 +2826,7 @@ further attempts will be made. The fact that user’s settings are loaded after the system-wide ones means that in case of collision user’s wgetrc _overrides_ the @@ -72,7 +110,7 @@ diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info admins, away!  -@@ -3261,7 +3261,7 @@ its line. +@@ -3369,7 +3369,7 @@ its line. ## Or online here: ## https://www.gnu.org/software/wget/manual/wget.html#Startup-File ## @@ -81,7 +119,7 @@ diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info ## (global, for all users) or $HOME/.wgetrc (for a single user). ## ## To use the settings in this file, you will have to uncomment them, -@@ -3273,7 +3273,7 @@ its line. +@@ -3381,7 +3381,7 @@ its line. ## @@ -90,18 +128,20 @@ diff -up wget-1.17/doc/wget.info.path wget-1.17/doc/wget.info ## Think well before you change them, since they may reduce wget's ## functionality, and make it behave contrary to the documentation: ## -diff -up wget-1.17/doc/wget.texi.path wget-1.17/doc/wget.texi ---- wget-1.17/doc/wget.texi.path 2015-11-09 16:24:17.000000000 +0100 -+++ wget-1.17/doc/wget.texi 2015-11-27 10:39:14.259380425 +0100 -@@ -191,14 +191,14 @@ gauge can be customized to your preferen +diff --git a/doc/wget.texi b/doc/wget.texi +index 31aef52..cffdced 100644 +--- a/doc/wget.texi ++++ b/doc/wget.texi +@@ -191,7 +191,7 @@ gauge can be customized to your preferences. Most of the features are fully configurable, either through command line options, or via the initialization file @file{.wgetrc} (@pxref{Startup File}). Wget allows you to define @dfn{global} startup files -(@file{/usr/local/etc/wgetrc} by default) for site settings. You can also +(@file{/etc/wgetrc} by default) for site settings. You can also specify the location of a startup file with the --config option. - - + To disable the reading of config files, use --no-config. + If both --config and --no-config are given, --no-config is ignored. +@@ -200,7 +200,7 @@ If both --config and --no-config are given, --no-config is ignored. @ignore @c man begin FILES @table @samp @@ -110,7 +150,7 @@ diff -up wget-1.17/doc/wget.texi.path wget-1.17/doc/wget.texi Default location of the @dfn{global} startup file. @item .wgetrc -@@ -3030,8 +3030,8 @@ commands. +@@ -3143,8 +3143,8 @@ commands. @cindex location of wgetrc When initializing, Wget will look for a @dfn{global} startup file, @@ -121,7 +161,7 @@ diff -up wget-1.17/doc/wget.texi.path wget-1.17/doc/wget.texi from there, if it exists. Then it will look for the user's file. If the environmental variable -@@ -3042,7 +3042,7 @@ If @code{WGETRC} is not set, Wget will t +@@ -3155,7 +3155,7 @@ If @code{WGETRC} is not set, Wget will try to load @file{$HOME/.wgetrc}. The fact that user's settings are loaded after the system-wide ones means that in case of collision user's wgetrc @emph{overrides} the @@ -130,36 +170,3 @@ diff -up wget-1.17/doc/wget.texi.path wget-1.17/doc/wget.texi Fascist admins, away! @node Wgetrc Syntax, Wgetrc Commands, Wgetrc Location, Startup File -diff -up wget-1.17/NEWS.path wget-1.17/NEWS ---- wget-1.17/NEWS.path 2015-11-15 15:14:50.000000000 +0100 -+++ wget-1.17/NEWS 2015-11-27 10:39:14.259380425 +0100 -@@ -782,7 +782,7 @@ distributed with Wget. - - ** Compiles on pre-ANSI compilers. - --** Global wgetrc now goes to /usr/local/etc (i.e. $sysconfdir). -+** Global wgetrc now goes to /etc (i.e. $sysconfdir). - - ** Lots of bugfixes. - -@@ -845,7 +845,7 @@ Emacs, standalone info, or converted to - ** Fixed a long-standing bug, so that Wget now works over SLIP - connections. - --** You can have a system-wide wgetrc (/usr/local/lib/wgetrc by -+** You can have a system-wide wgetrc (/etc/wgetrc by - default). Settings in $HOME/.wgetrc override the global ones, of - course :-) - -diff -up wget-1.17/README.path wget-1.17/README ---- wget-1.17/README.path 2015-11-09 16:24:06.000000000 +0100 -+++ wget-1.17/README 2015-11-27 10:39:14.259380425 +0100 -@@ -33,7 +33,7 @@ for socks. - - Most of the features are configurable, either through command-line - options, or via initialization file .wgetrc. Wget allows you to --install a global startup file (/usr/local/etc/wgetrc by default) for -+install a global startup file (/etc/wgetrc by default) for - site settings. - - Wget works under almost all Unix variants in use today and, unlike diff --git a/wget-1.19.1-Add-command-line-option-to-disable-use-of-.netrc.patch b/wget-1.19.1-Add-command-line-option-to-disable-use-of-.netrc.patch deleted file mode 100644 index f5e35a0..0000000 --- a/wget-1.19.1-Add-command-line-option-to-disable-use-of-.netrc.patch +++ /dev/null @@ -1,139 +0,0 @@ -From 876def8ebe56d483921cf645371d277b615373e5 Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Fri, 12 May 2017 19:17:32 +0200 -Subject: [PATCH 3/4] Add command line option to disable use of .netrc - -Although internally code uses option for (not) reading .netrc for -credentials, it was not possible to turn this behavior off on command -line. Note that it was possible to turn it off using wgetrc. - -Idea for this change came from Bruce Jerrick (bmj001@gmail.com). -Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1425097 - -Signed-off-by: Tomas Hozza ---- - doc/wget.texi | 6 ++++ - src/main.c | 3 ++ - testenv/Makefile.am | 1 + - testenv/Test-auth-basic-no-netrc-fail.py | 59 ++++++++++++++++++++++++++++++++ - 4 files changed, 69 insertions(+) - create mode 100755 testenv/Test-auth-basic-no-netrc-fail.py - -diff --git a/doc/wget.texi b/doc/wget.texi -index a2bf9dc..e4e0bf6 100644 ---- a/doc/wget.texi -+++ b/doc/wget.texi -@@ -703,6 +703,12 @@ Before (over)writing a file, back up an existing file by adding a - files are rotated to @samp{.2}, @samp{.3}, and so on, up to - @var{backups} (and lost beyond that). - -+@cindex authentication credentials -+@item --no-netrc -+Do not try to obtain credentials from @file{.netrc} file. By default -+@file{.netrc} file is searched for credentials in case none have been -+passed on command line and authentication is required. -+ - @cindex continue retrieval - @cindex incomplete downloads - @cindex resume download -diff --git a/src/main.c b/src/main.c -index 8e9d6e9..297499e 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -359,6 +359,7 @@ static struct cmdline_option option_data[] = - #endif - { "method", 0, OPT_VALUE, "method", -1 }, - { "mirror", 'm', OPT_BOOLEAN, "mirror", -1 }, -+ { "netrc", 0, OPT_BOOLEAN, "netrc", -1 }, - { "no", 'n', OPT__NO, NULL, required_argument }, - { "no-clobber", 0, OPT_BOOLEAN, "noclobber", -1 }, - { "no-config", 0, OPT_BOOLEAN, "noconfig", -1}, -@@ -629,6 +630,8 @@ Download:\n"), - -nc, --no-clobber skip downloads that would download to\n\ - existing files (overwriting them)\n"), - N_("\ -+ --no-netrc don't try to obtain credentials from .netrc\n"), -+ N_("\ - -c, --continue resume getting a partially-downloaded file\n"), - N_("\ - --start-pos=OFFSET start downloading from zero-based position OFFSET\n"), -diff --git a/testenv/Makefile.am b/testenv/Makefile.am -index 7104314..ef4158a 100644 ---- a/testenv/Makefile.am -+++ b/testenv/Makefile.am -@@ -78,6 +78,7 @@ if HAVE_PYTHON3 - Test-auth-basic-netrc.py \ - Test-auth-basic-netrc-user-given.py \ - Test-auth-basic-netrc-pass-given.py \ -+ Test-auth-basic-no-netrc-fail.py \ - Test-auth-both.py \ - Test-auth-digest.py \ - Test-auth-no-challenge.py \ -diff --git a/testenv/Test-auth-basic-no-netrc-fail.py b/testenv/Test-auth-basic-no-netrc-fail.py -new file mode 100755 -index 0000000..fad15e9 ---- /dev/null -+++ b/testenv/Test-auth-basic-no-netrc-fail.py -@@ -0,0 +1,59 @@ -+#!/usr/bin/env python3 -+from sys import exit -+from test.http_test import HTTPTest -+from misc.wget_file import WgetFile -+ -+""" -+ This test ensures that Wget will not use credentials from .netrc -+ when --no-netrc option is specified and Basic authentication is required -+ and fails. -+""" -+############# File Definitions ############################################### -+File1 = "I am an invisble man." -+ -+User = "Sauron" -+Password = "TheEye" -+ -+File1_rules = { -+ "Authentication" : { -+ "Type" : "Basic", -+ "User" : User, -+ "Pass" : Password -+ } -+} -+ -+Netrc = "machine 127.0.0.1\n\tlogin {0}\n\tpassword {1}".format(User, Password) -+ -+A_File = WgetFile ("File1", File1, rules=File1_rules) -+Netrc_File = WgetFile (".netrc", Netrc) -+ -+WGET_OPTIONS = "--no-netrc" -+WGET_URLS = [["File1"]] -+ -+Files = [[A_File]] -+LocalFiles = [Netrc_File] -+ -+ExpectedReturnCode = 6 -+ExpectedDownloadedFiles = [Netrc_File] -+ -+################ Pre and Post Test Hooks ##################################### -+pre_test = { -+ "ServerFiles" : Files, -+ "LocalFiles" : LocalFiles -+} -+test_options = { -+ "WgetCommands" : WGET_OPTIONS, -+ "Urls" : WGET_URLS -+} -+post_test = { -+ "ExpectedFiles" : ExpectedDownloadedFiles, -+ "ExpectedRetcode" : ExpectedReturnCode -+} -+ -+err = HTTPTest ( -+ pre_hook=pre_test, -+ test_params=test_options, -+ post_hook=post_test -+).begin () -+ -+exit (err) --- -2.7.5 - diff --git a/wget-1.19.1-Added-tests-for-HTTP-authentication-using-credential.patch b/wget-1.19.1-Added-tests-for-HTTP-authentication-using-credential.patch deleted file mode 100644 index 2d8079f..0000000 --- a/wget-1.19.1-Added-tests-for-HTTP-authentication-using-credential.patch +++ /dev/null @@ -1,275 +0,0 @@ -From 17960b57d51ffb19b2b20df3e53da42c555f022c Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Fri, 12 May 2017 19:17:30 +0200 -Subject: [PATCH 1/4] Added tests for HTTP authentication using credentials - from .netrc - -Getting credentials from .netrc has been broken from time to time, thus -adding a test coverage to prevent regressions. - -Also added setting of "HOME" environment variable when executing wget, -to make sure LocalFiles like .netrc, which are created just for the -test, are actually used. - -Signed-off-by: Tomas Hozza ---- - testenv/Makefile.am | 3 ++ - testenv/Test-auth-basic-netrc-pass-given.py | 68 +++++++++++++++++++++++++++++ - testenv/Test-auth-basic-netrc-user-given.py | 68 +++++++++++++++++++++++++++++ - testenv/Test-auth-basic-netrc.py | 66 ++++++++++++++++++++++++++++ - testenv/test/base_test.py | 2 +- - 5 files changed, 206 insertions(+), 1 deletion(-) - create mode 100755 testenv/Test-auth-basic-netrc-pass-given.py - create mode 100755 testenv/Test-auth-basic-netrc-user-given.py - create mode 100755 testenv/Test-auth-basic-netrc.py - -diff --git a/testenv/Makefile.am b/testenv/Makefile.am -index 3febec7..7104314 100644 ---- a/testenv/Makefile.am -+++ b/testenv/Makefile.am -@@ -75,6 +75,9 @@ if HAVE_PYTHON3 - TESTS = Test-504.py \ - Test-auth-basic-fail.py \ - Test-auth-basic.py \ -+ Test-auth-basic-netrc.py \ -+ Test-auth-basic-netrc-user-given.py \ -+ Test-auth-basic-netrc-pass-given.py \ - Test-auth-both.py \ - Test-auth-digest.py \ - Test-auth-no-challenge.py \ -diff --git a/testenv/Test-auth-basic-netrc-pass-given.py b/testenv/Test-auth-basic-netrc-pass-given.py -new file mode 100755 -index 0000000..43dfe34 ---- /dev/null -+++ b/testenv/Test-auth-basic-netrc-pass-given.py -@@ -0,0 +1,68 @@ -+#!/usr/bin/env python3 -+from sys import exit -+from test.http_test import HTTPTest -+from misc.wget_file import WgetFile -+ -+""" -+ This test ensures Wget uses credentials from .netrc for Basic Authorization Negotiation. -+ In this case we test that .netrc credentials are used in case only -+ password is given on the command line. -+ Also, we ensure that Wget saves the host after a successful auth and -+ doesn't wait for a challenge the second time. -+""" -+############# File Definitions ############################################### -+File1 = "I am an invisble man." -+File2 = "I too am an invisible man." -+ -+User = "Sauron" -+Password = "TheEye" -+ -+File1_rules = { -+ "Authentication" : { -+ "Type" : "Basic", -+ "User" : User, -+ "Pass" : Password -+ } -+} -+File2_rules = { -+ "ExpectHeader" : { -+ "Authorization" : "Basic U2F1cm9uOlRoZUV5ZQ==" -+ } -+} -+ -+Netrc = "machine 127.0.0.1\n\tlogin {0}".format(User) -+ -+A_File = WgetFile ("File1", File1, rules=File1_rules) -+B_File = WgetFile ("File2", File2, rules=File2_rules) -+Netrc_File = WgetFile (".netrc", Netrc) -+ -+WGET_OPTIONS = "--password={0}".format(Password) -+WGET_URLS = [["File1", "File2"]] -+ -+Files = [[A_File, B_File]] -+LocalFiles = [Netrc_File] -+ -+ExpectedReturnCode = 0 -+ExpectedDownloadedFiles = [A_File, B_File, Netrc_File] -+ -+################ Pre and Post Test Hooks ##################################### -+pre_test = { -+ "ServerFiles" : Files, -+ "LocalFiles" : LocalFiles -+} -+test_options = { -+ "WgetCommands" : WGET_OPTIONS, -+ "Urls" : WGET_URLS -+} -+post_test = { -+ "ExpectedFiles" : ExpectedDownloadedFiles, -+ "ExpectedRetcode" : ExpectedReturnCode -+} -+ -+err = HTTPTest ( -+ pre_hook=pre_test, -+ test_params=test_options, -+ post_hook=post_test -+).begin () -+ -+exit (err) -diff --git a/testenv/Test-auth-basic-netrc-user-given.py b/testenv/Test-auth-basic-netrc-user-given.py -new file mode 100755 -index 0000000..57b6148 ---- /dev/null -+++ b/testenv/Test-auth-basic-netrc-user-given.py -@@ -0,0 +1,68 @@ -+#!/usr/bin/env python3 -+from sys import exit -+from test.http_test import HTTPTest -+from misc.wget_file import WgetFile -+ -+""" -+ This test ensures Wget uses credentials from .netrc for Basic Authorization Negotiation. -+ In this case we test that .netrc credentials are used in case only -+ user login is given on the command line. -+ Also, we ensure that Wget saves the host after a successful auth and -+ doesn't wait for a challenge the second time. -+""" -+############# File Definitions ############################################### -+File1 = "I am an invisble man." -+File2 = "I too am an invisible man." -+ -+User = "Sauron" -+Password = "TheEye" -+ -+File1_rules = { -+ "Authentication" : { -+ "Type" : "Basic", -+ "User" : User, -+ "Pass" : Password -+ } -+} -+File2_rules = { -+ "ExpectHeader" : { -+ "Authorization" : "Basic U2F1cm9uOlRoZUV5ZQ==" -+ } -+} -+ -+Netrc = "machine 127.0.0.1\n\tlogin {0}\n\tpassword {1}".format(User, Password) -+ -+A_File = WgetFile ("File1", File1, rules=File1_rules) -+B_File = WgetFile ("File2", File2, rules=File2_rules) -+Netrc_File = WgetFile (".netrc", Netrc) -+ -+WGET_OPTIONS = "--user={0}".format(User) -+WGET_URLS = [["File1", "File2"]] -+ -+Files = [[A_File, B_File]] -+LocalFiles = [Netrc_File] -+ -+ExpectedReturnCode = 0 -+ExpectedDownloadedFiles = [A_File, B_File, Netrc_File] -+ -+################ Pre and Post Test Hooks ##################################### -+pre_test = { -+ "ServerFiles" : Files, -+ "LocalFiles" : LocalFiles -+} -+test_options = { -+ "WgetCommands" : WGET_OPTIONS, -+ "Urls" : WGET_URLS -+} -+post_test = { -+ "ExpectedFiles" : ExpectedDownloadedFiles, -+ "ExpectedRetcode" : ExpectedReturnCode -+} -+ -+err = HTTPTest ( -+ pre_hook=pre_test, -+ test_params=test_options, -+ post_hook=post_test -+).begin () -+ -+exit (err) -diff --git a/testenv/Test-auth-basic-netrc.py b/testenv/Test-auth-basic-netrc.py -new file mode 100755 -index 0000000..5710fe7 ---- /dev/null -+++ b/testenv/Test-auth-basic-netrc.py -@@ -0,0 +1,66 @@ -+#!/usr/bin/env python3 -+from sys import exit -+from test.http_test import HTTPTest -+from misc.wget_file import WgetFile -+ -+""" -+ This test ensures Wget uses credentials from .netrc for Basic Authorization Negotiation. -+ In this case we test that .netrc credentials are used in case no user -+ login and no password is given on the command line. -+ Also, we ensure that Wget saves the host after a successful auth and -+ doesn't wait for a challenge the second time. -+""" -+############# File Definitions ############################################### -+File1 = "I am an invisble man." -+File2 = "I too am an invisible man." -+ -+User = "Sauron" -+Password = "TheEye" -+ -+File1_rules = { -+ "Authentication" : { -+ "Type" : "Basic", -+ "User" : User, -+ "Pass" : Password -+ } -+} -+File2_rules = { -+ "ExpectHeader" : { -+ "Authorization" : "Basic U2F1cm9uOlRoZUV5ZQ==" -+ } -+} -+ -+Netrc = "machine 127.0.0.1\n\tlogin {0}\n\tpassword {1}".format(User, Password) -+ -+A_File = WgetFile ("File1", File1, rules=File1_rules) -+B_File = WgetFile ("File2", File2, rules=File2_rules) -+Netrc_File = WgetFile (".netrc", Netrc) -+ -+WGET_URLS = [["File1", "File2"]] -+ -+Files = [[A_File, B_File]] -+LocalFiles = [Netrc_File] -+ -+ExpectedReturnCode = 0 -+ExpectedDownloadedFiles = [A_File, B_File, Netrc_File] -+ -+################ Pre and Post Test Hooks ##################################### -+pre_test = { -+ "ServerFiles" : Files, -+ "LocalFiles" : LocalFiles -+} -+test_options = { -+ "Urls" : WGET_URLS -+} -+post_test = { -+ "ExpectedFiles" : ExpectedDownloadedFiles, -+ "ExpectedRetcode" : ExpectedReturnCode -+} -+ -+err = HTTPTest ( -+ pre_hook=pre_test, -+ test_params=test_options, -+ post_hook=post_test -+).begin () -+ -+exit (err) -diff --git a/testenv/test/base_test.py b/testenv/test/base_test.py -index b0087e9..bb706d8 100644 ---- a/testenv/test/base_test.py -+++ b/testenv/test/base_test.py -@@ -102,7 +102,7 @@ class BaseTest: - time.sleep(float(os.getenv("SERVER_WAIT"))) - - try: -- ret_code = call(params) -+ ret_code = call(params, env={"HOME": os.getcwd()}) - except FileNotFoundError: - raise TestFailed("The Wget Executable does not exist at the " - "expected path.") --- -2.7.5 - diff --git a/wget-1.19.1-CVE-2017-6508.patch b/wget-1.19.1-CVE-2017-6508.patch deleted file mode 100644 index 57801e5..0000000 --- a/wget-1.19.1-CVE-2017-6508.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 4d729e322fae359a1aefaafec1144764a54e8ad4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Mon, 6 Mar 2017 10:04:22 +0100 -Subject: [PATCH] Fix CRLF injection in Wget host part - -* src/url.c (url_parse): Reject control characters in host part of URL - -Reported-by: Orange Tsai ---- - src/url.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/src/url.c b/src/url.c -index 8f8ff0b..7d36b27 100644 ---- a/src/url.c -+++ b/src/url.c -@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode) - url_unescape (u->host); - host_modified = true; - -+ /* check for invalid control characters in host name */ -+ for (p = u->host; *p; p++) -+ { -+ if (c_iscntrl(*p)) -+ { -+ url_free(u); -+ error_code = PE_INVALID_HOST_NAME; -+ goto error; -+ } -+ } -+ - /* Apply IDNA regardless of iri->utf8_encode status */ - if (opt.enable_iri && iri) - { --- -2.7.4 - diff --git a/wget-1.19.1-Fix-two-Metalink-tests-if-HOME-is-changed.patch b/wget-1.19.1-Fix-two-Metalink-tests-if-HOME-is-changed.patch deleted file mode 100644 index 30fdd32..0000000 --- a/wget-1.19.1-Fix-two-Metalink-tests-if-HOME-is-changed.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 5d4ada1b7b0b79f8053f3d6ffddda2e2c66d9dce Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Tim=20R=C3=BChsen?= -Date: Tue, 16 May 2017 10:24:52 +0200 -Subject: [PATCH 4/4] Fix two Metalink tests if $HOME is changed - -* conf/expected_files.py (gen_local_fs_snapshot): Skip processing - of 'pubring.kbx' ---- - testenv/conf/expected_files.py | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/testenv/conf/expected_files.py b/testenv/conf/expected_files.py -index 5362771..4e3ace9 100644 ---- a/testenv/conf/expected_files.py -+++ b/testenv/conf/expected_files.py -@@ -24,6 +24,11 @@ class ExpectedFiles: - snapshot = {} - for parent, dirs, files in os.walk('.'): - for name in files: -+ # pubring.kbx will be created by libgpgme if $HOME doesn't contain the .gnupg directory. -+ # setting $HOME to CWD (in base_test.py) breaks two Metalink tests, so we skip this file here. -+ if name == 'pubring.kbx': -+ continue -+ - f = {'content': ''} - file_path = os.path.join(parent, name) - with open(file_path) as fp: --- -2.7.5 - diff --git a/wget-1.19.1-Fixed-getting-of-credentials-from-.netrc.patch b/wget-1.19.1-Fixed-getting-of-credentials-from-.netrc.patch deleted file mode 100644 index 2ee9213..0000000 --- a/wget-1.19.1-Fixed-getting-of-credentials-from-.netrc.patch +++ /dev/null @@ -1,38 +0,0 @@ -From f8c3df1f40f09dd61078436614d06e7ad818536e Mon Sep 17 00:00:00 2001 -From: Tomas Hozza -Date: Fri, 12 May 2017 19:17:31 +0200 -Subject: [PATCH 2/4] Fixed getting of credentials from .netrc - -There seemed to be a copy&paste error in http.c code, which decides -whether to get credentials from .netrc. In ftp.c "user" and "pass" -variables are char*, while in http.c, these are char**. For this reason -they should be dereferenced when determining if password and user login -is set to some value. - -Also since both variables are dereferenced on lines above the changed -code, it does not really make sense to check if they are NULL. - -This patch is based on fix from Bruce Jerrick . -Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1425097 - -Signed-off-by: Tomas Hozza ---- - src/http.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/http.c b/src/http.c -index 8b77a10..323f559 100644 ---- a/src/http.c -+++ b/src/http.c -@@ -1900,7 +1900,7 @@ initialize_request (const struct url *u, struct http_stat *hs, int *dt, struct u - *passwd = NULL; - - /* Check for ~/.netrc if none of the above match */ -- if (opt.netrc && (!user || (!passwd || !*passwd))) -+ if (opt.netrc && (!*user || !*passwd)) - search_netrc (u->host, (const char **) user, (const char **) passwd, 0); - - /* We only do "site-wide" authentication with "global" user/password --- -2.7.5 - diff --git a/wget-1.19.1-skip-failing-https-tests.patch b/wget-1.19.1-skip-failing-https-tests.patch deleted file mode 100644 index 6d41c64..0000000 --- a/wget-1.19.1-skip-failing-https-tests.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff --git a/testenv/Makefile.am b/testenv/Makefile.am -index ef4158a..a534e77 100644 ---- a/testenv/Makefile.am -+++ b/testenv/Makefile.am -@@ -96,16 +96,12 @@ if HAVE_PYTHON3 - Test-cookie.py \ - Test-Head.py \ - Test-hsts.py \ -- Test--https.py \ - Test--https-crl.py \ - Test-missing-scheme-retval.py \ - Test-O.py \ -- Test-pinnedpubkey-der-https.py \ - Test-pinnedpubkey-der-no-check-https.py \ -- Test-pinnedpubkey-hash-https.py \ - Test-pinnedpubkey-hash-no-check-fail-https.py \ - Test-pinnedpubkey-pem-fail-https.py \ -- Test-pinnedpubkey-pem-https.py \ - Test-Post.py \ - Test-recursive-basic.py \ - Test-recursive-include.py \ diff --git a/wget.spec b/wget.spec index 3fbed7a..6a84e33 100644 --- a/wget.spec +++ b/wget.spec @@ -1,27 +1,13 @@ Summary: A utility for retrieving files using the HTTP or FTP protocols Name: wget -Version: 1.19.1 -Release: 6%{?dist} +Version: 1.19.2 +Release: 1%{?dist} License: GPLv3+ Group: Applications/Internet Url: http://www.gnu.org/software/wget/ -Source: ftp://ftp.gnu.org/gnu/wget/wget-%{version}.tar.xz +Source: ftp://ftp.gnu.org/gnu/wget/wget-%{version}.tar.gz Patch1: wget-1.17-path.patch -# http://git.savannah.gnu.org/cgit/wget.git/commit/?id=4d729e322fae359a1aefaafec1144764a54e8ad4 -Patch2: wget-1.19.1-CVE-2017-6508.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1425097 -# 4 upstream commits total -# http://git.savannah.gnu.org/cgit/wget.git/commit/?id=17960b57d51ffb19b2b20df3e53da42c555f022c -Patch3: wget-1.19.1-Added-tests-for-HTTP-authentication-using-credential.patch -# http://git.savannah.gnu.org/cgit/wget.git/commit/?id=f8c3df1f40f09dd61078436614d06e7ad818536e -Patch4: wget-1.19.1-Fixed-getting-of-credentials-from-.netrc.patch -# http://git.savannah.gnu.org/cgit/wget.git/commit/?id=876def8ebe56d483921cf645371d277b615373e5 -patch5: wget-1.19.1-Add-command-line-option-to-disable-use-of-.netrc.patch -# http://git.savannah.gnu.org/cgit/wget.git/commit/?id=5d4ada1b7b0b79f8053f3d6ffddda2e2c66d9dce -Patch6: wget-1.19.1-Fix-two-Metalink-tests-if-HOME-is-changed.patch -# http://lists.gnu.org/archive/html/bug-wget/2017-06/msg00009.html -Patch7: wget-1.19.1-skip-failing-https-tests.patch Provides: webclient Provides: bundled(gnulib) @@ -29,10 +15,7 @@ Requires(post): /sbin/install-info Requires(preun): /sbin/install-info # needed for test suite BuildRequires: perl-HTTP-Daemon, python3 -BuildRequires: gnutls-devel, pkgconfig, texinfo, gettext, autoconf, libidn2-devel, libuuid-devel, perl-podlators, libpsl-devel, libmetalink-devel -# needed because of added test in Patch3. Need to remove this after rebase -BuildRequires: automake -BuildRequires: gpgme-devel +BuildRequires: gnutls-devel, pkgconfig, texinfo, gettext, autoconf, libidn2-devel, libuuid-devel, perl-podlators, libpsl-devel, libmetalink-devel, gpgme-devel BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description @@ -52,18 +35,8 @@ sed -i "s|\(PACKAGE_STRING='wget .*\)'|\1 (Red Hat modified)'|" configure grep "PACKAGE_STRING='wget .* (Red Hat modified)'" configure || exit 1 %patch1 -p1 -b .path -%patch2 -p1 -b .CVE-2017-6508 -%patch3 -p1 -b .netrc_1 -%patch4 -p1 -b .netrc_2 -%patch5 -p1 -b .netrc_3 -%patch6 -p1 -b .netrc_4 -%patch7 -p1 -b .failing-tests - -sed -i 's|/{{port|/{\\{port|' tests/*.{pm,px} %build -aclocal -autoreconf %configure \ --with-ssl=gnutls \ --with-libpsl \ @@ -108,6 +81,9 @@ rm -rf $RPM_BUILD_ROOT %{_infodir}/* %changelog +* Fri Oct 27 2017 Tomas Hozza - 1.19.2-1 +- Update to latest upstream version due to CVE-2017-13089 CVE-2017-13090 + * Mon Oct 09 2017 Troy Dawson - 1.19.1-6 - Fix FTBFS (#1499876)