summaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorwiz <wiz@pkgsrc.org>2009-10-31 02:29:14 +0000
committerwiz <wiz@pkgsrc.org>2009-10-31 02:29:14 +0000
commit622ca94e089e4fc13999ff8311378a6e40ce18fd (patch)
treee5200c6833080123f81f7bdffef6aff230611300 /net
parent8d4785dd67d08a4e35ace5b53a5a9677cacb9fc6 (diff)
downloadpkgsrc-622ca94e089e4fc13999ff8311378a6e40ce18fd.tar.gz
Update to 1.12. Add default-on idn option (see fourth entry in ChangeLog
below). ** Mailing list MOVED to bug-wget@gnu.org ** SECURITY FIX: It had been possible to trick Wget into accepting SSL certificates that don't match the host name, through the trick of embedding NUL characters into the certs' common name. Fixed by Joao Ferreira <joao@joaoff.com>. ** Added support for CSS. This includes: - Parsing links from CSS files, and from CSS content found in HTML style tags and attributes. - Supporting conversion of links found within CSS content, when --convert-links is specified. - Ensuring that CSS files end in the ".css" filename extension, when --convert-links is specified. CSS support in Wget is thanks to Ted Mielczarek <ted.mielczarek@gmail.com>. ** Added support for Internationalized Resource Identifiers (IRIs, RFC 3987). When support is enabled (requires libidn and libiconv), links with non-ASCII bytes are translated from their source encoding to UTF-8 before percent-encoding. IRI support was added by Saint Xavier <wget@sxav.eu>, as his project for the Google Summer of Code. ** Wget now provides more sensible exit status codes when downloads don't proceed as expected (see the manual). ** --default-page option (and associated wgetrc command) added to support alternative default names for index.html. ** --ask-password option (and associated wgetrc command) added to support password prompts at the console. ** The --input-file option now also handles retrieving links from an external file. ** The output generated by the --version option now includes information on how it was built, and the set of configure-time options that were selected. ** --html-extension has been renamed to --adjust-extension, to reflect the fact that it now also applies to CSS content. --html-extension is still acceptable, but is now deprecated. ** An "ascii" specifier is now accepted by --restrict-file-names, which forces the percent-encoding of all non-ASCII bytes ** Several previously existing, but undocumented .wgetrc options are now documented: save_headers, spider, and user_agent, auth_no_challenge, and keep_session_cookies. Also added documentation for the "lowercase" and "uppercase" values for --restrict-file-names, which had been present since Wget 1.11.
Diffstat (limited to 'net')
-rw-r--r--net/wget/Makefile5
-rw-r--r--net/wget/PLIST6
-rw-r--r--net/wget/distinfo9
-rw-r--r--net/wget/options.mk14
-rw-r--r--net/wget/patches/patch-aa65
5 files changed, 22 insertions, 77 deletions
diff --git a/net/wget/Makefile b/net/wget/Makefile
index 80fc054d478..ec0ae0ca94d 100644
--- a/net/wget/Makefile
+++ b/net/wget/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.100 2009/09/14 12:06:12 tron Exp $
+# $NetBSD: Makefile,v 1.101 2009/10/31 02:29:14 wiz Exp $
-DISTNAME= wget-1.11.4
-PKGREVISION= 1
+DISTNAME= wget-1.12
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_GNU:=wget/}
diff --git a/net/wget/PLIST b/net/wget/PLIST
index bfe88f2ab94..42af497bc16 100644
--- a/net/wget/PLIST
+++ b/net/wget/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.14 2009/06/14 18:09:48 joerg Exp $
+@comment $NetBSD: PLIST,v 1.15 2009/10/31 02:29:14 wiz Exp $
bin/wget
info/wget.info
man/man1/wget.1
@@ -10,7 +10,10 @@ share/locale/cs/LC_MESSAGES/wget.mo
share/locale/da/LC_MESSAGES/wget.mo
share/locale/de/LC_MESSAGES/wget.mo
share/locale/el/LC_MESSAGES/wget.mo
+share/locale/en@boldquot/LC_MESSAGES/wget.mo
+share/locale/en@quot/LC_MESSAGES/wget.mo
share/locale/en_GB/LC_MESSAGES/wget.mo
+share/locale/en_US/LC_MESSAGES/wget.mo
share/locale/eo/LC_MESSAGES/wget.mo
share/locale/es/LC_MESSAGES/wget.mo
share/locale/et/LC_MESSAGES/wget.mo
@@ -25,6 +28,7 @@ share/locale/hu/LC_MESSAGES/wget.mo
share/locale/id/LC_MESSAGES/wget.mo
share/locale/it/LC_MESSAGES/wget.mo
share/locale/ja/LC_MESSAGES/wget.mo
+share/locale/lt/LC_MESSAGES/wget.mo
share/locale/nb/LC_MESSAGES/wget.mo
share/locale/nl/LC_MESSAGES/wget.mo
share/locale/pl/LC_MESSAGES/wget.mo
diff --git a/net/wget/distinfo b/net/wget/distinfo
index 1d405716bf9..e2888dee1fd 100644
--- a/net/wget/distinfo
+++ b/net/wget/distinfo
@@ -1,6 +1,5 @@
-$NetBSD: distinfo,v 1.34 2009/09/14 12:06:12 tron Exp $
+$NetBSD: distinfo,v 1.35 2009/10/31 02:29:14 wiz Exp $
-SHA1 (wget-1.11.4.tar.gz) = a78a3b71fd59504df3ff3dbc0a2195a1410e9eac
-RMD160 (wget-1.11.4.tar.gz) = 1cec99b073fcf64dd362977b0b88a55f8f47bbb8
-Size (wget-1.11.4.tar.gz) = 1475149 bytes
-SHA1 (patch-aa) = eb8852e90ba61f2672fb2eea16f6148e27a6ee2b
+SHA1 (wget-1.12.tar.gz) = 50d4ed2441e67db7aa5061d8a4dde41ee0e94248
+RMD160 (wget-1.12.tar.gz) = 232d0aa6fb36731c162d2b7374aa9ab59e671b7d
+Size (wget-1.12.tar.gz) = 2464747 bytes
diff --git a/net/wget/options.mk b/net/wget/options.mk
index c93710150f4..de24dbc5251 100644
--- a/net/wget/options.mk
+++ b/net/wget/options.mk
@@ -1,12 +1,20 @@
-# $NetBSD: options.mk,v 1.4 2005/12/05 23:55:15 rillig Exp $
+# $NetBSD: options.mk,v 1.5 2009/10/31 02:29:14 wiz Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.wget
-PKG_SUPPORTED_OPTIONS= inet6 ssl
-PKG_SUGGESTED_OPTIONS= ssl
+PKG_SUPPORTED_OPTIONS= idn inet6 ssl
+PKG_SUGGESTED_OPTIONS= idn ssl
.include "../../mk/bsd.options.mk"
###
+### Support IDN
+###
+.if !empty(PKG_OPTIONS:Midn)
+.include "../../devel/libidn/buildlink3.mk"
+.include "../../converters/libiconv/buildlink3.mk"
+.endif
+
+###
### Support IPv6
###
.if !empty(PKG_OPTIONS:Minet6)
diff --git a/net/wget/patches/patch-aa b/net/wget/patches/patch-aa
deleted file mode 100644
index b511b81d038..00000000000
--- a/net/wget/patches/patch-aa
+++ /dev/null
@@ -1,65 +0,0 @@
-$NetBSD: patch-aa,v 1.9 2009/09/14 12:06:13 tron Exp $
-
-Fix for SA36540 (SSL certificate spoofing vulnerability) taken from here:
-
-http://hg.addictivecode.org/wget/mainline/rev/2d8c76a23e7d
-http://hg.addictivecode.org/wget/mainline/rev/f2d2ca32fd1b
-
---- src/openssl.c.orig 2008-04-27 05:48:23.000000000 +0100
-+++ src/openssl.c 2009-09-14 13:03:13.000000000 +0100
-@@ -561,9 +561,11 @@
- - Ensure that ASN1 strings from the certificate are encoded as
- UTF-8 which can be meaningfully compared to HOST. */
-
-+ X509_NAME *xname = X509_get_subject_name(cert);
- common_name[0] = '\0';
-- X509_NAME_get_text_by_NID (X509_get_subject_name (cert),
-- NID_commonName, common_name, sizeof (common_name));
-+ X509_NAME_get_text_by_NID (xname, NID_commonName, common_name,
-+ sizeof (common_name));
-+
- if (!pattern_match (common_name, host))
- {
- logprintf (LOG_NOTQUIET, _("\
-@@ -571,6 +573,41 @@
- severity, escnonprint (common_name), escnonprint (host));
- success = false;
- }
-+ else
-+ {
-+ /* We now determine the length of the ASN1 string. If it differs from
-+ * common_name's length, then there is a \0 before the string terminates.
-+ * This can be an instance of a null-prefix attack.
-+ *
-+ * https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
-+ * */
-+
-+ int i = -1, j;
-+ X509_NAME_ENTRY *xentry;
-+ ASN1_STRING *sdata;
-+
-+ if (xname) {
-+ for (;;)
-+ {
-+ j = X509_NAME_get_index_by_NID (xname, NID_commonName, i);
-+ if (j == -1) break;
-+ i = j;
-+ }
-+ }
-+
-+ xentry = X509_NAME_get_entry(xname,i);
-+ sdata = X509_NAME_ENTRY_get_data(xentry);
-+ if (strlen (common_name) != ASN1_STRING_length (sdata))
-+ {
-+ logprintf (LOG_NOTQUIET, _("\
-+%s: certificate common name is invalid (contains a NUL character).\n\
-+This may be an indication that the host is not who it claims to be\n\
-+(that is, it is not the real %s).\n"),
-+ severity, escnonprint (host));
-+ success = false;
-+ }
-+ }
-+
-
- if (success)
- DEBUGP (("X509 certificate successfully verified and matches host %s\n",