diff options
author | Mike Frysinger <vapier@gentoo.org> | 2013-12-23 07:24:00 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2013-12-23 07:24:00 +0000 |
commit | 6b47ec97f235d91b839cd1b6621a898a061922be (patch) | |
tree | aaebad4b44f8e1105768db4b61ecbffedab360df /net-misc | |
parent | Remove old. (diff) | |
download | gentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.tar.gz gentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.tar.bz2 gentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.zip |
Add fix from upstream for gnutls/ssl connection rejections #479948 by Scott Bertilson. Document user agent issue in /etc/wgetrc wrt portage fetching #327229. Update the pkg-config patch to cover more libraries #438912.
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key FB7C4156)
Diffstat (limited to 'net-misc')
-rw-r--r-- | net-misc/wget/ChangeLog | 11 | ||||
-rw-r--r-- | net-misc/wget/files/wget-1.14-gnutls-ssl.patch | 68 | ||||
-rw-r--r-- | net-misc/wget/files/wget-1.14-pkg-config.patch | 200 | ||||
-rw-r--r-- | net-misc/wget/files/wget-1.14-wgetrc.patch | 31 | ||||
-rw-r--r-- | net-misc/wget/wget-1.14-r1.ebuild | 85 |
5 files changed, 394 insertions, 1 deletions
diff --git a/net-misc/wget/ChangeLog b/net-misc/wget/ChangeLog index d8fb701fbe69..3b4e25e282c0 100644 --- a/net-misc/wget/ChangeLog +++ b/net-misc/wget/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-misc/wget # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/ChangeLog,v 1.177 2013/11/04 06:38:44 polynomial-c Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/ChangeLog,v 1.178 2013/12/23 07:23:59 vapier Exp $ + +*wget-1.14-r1 (23 Dec 2013) + + 23 Dec 2013; Mike Frysinger <vapier@gentoo.org> + +files/wget-1.14-gnutls-ssl.patch, +files/wget-1.14-pkg-config.patch, + +files/wget-1.14-wgetrc.patch, +wget-1.14-r1.ebuild: + Add fix from upstream for gnutls/ssl connection rejections #479948 by Scott + Bertilson. Document user agent issue in /etc/wgetrc wrt portage fetching + #327229. Update the pkg-config patch to cover more libraries #438912. 04 Nov 2013; Lars Wendler <polynomial-c@gentoo.org> wget-1.14.ebuild, +files/wget-1.14-texi2pod.patch: diff --git a/net-misc/wget/files/wget-1.14-gnutls-ssl.patch b/net-misc/wget/files/wget-1.14-gnutls-ssl.patch new file mode 100644 index 000000000000..8d5fe81e1b55 --- /dev/null +++ b/net-misc/wget/files/wget-1.14-gnutls-ssl.patch @@ -0,0 +1,68 @@ +https://bugs.gentoo.org/479948 + +From ae80fd2ec75fafdbec9895b9d973f2966209d588 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 5 May 2013 07:16:58 +0200 +Subject: [PATCH] gnutls: do not abort on non-fatal alerts during handshake + +Signed-off-by: mancha <mancha1@hush.com> +--- + src/ChangeLog | 6 ++++++ + src/gnutls.c | 25 ++++++++++++++++++++++--- + 2 files changed, 28 insertions(+), 3 deletions(-) + +2013-05-05 mancha <mancha1@hush.com> (tiny change) + + * gnutls.c (ssl_connect_wget): Don't abort on non-fatal alerts + received during handshake. For example, when connecting to servers + using TSL-SNI that send warning-level unrecognized_name alerts. + +diff --git a/src/gnutls.c b/src/gnutls.c +index 769b005..54422fc 100644 +--- a/src/gnutls.c ++++ b/src/gnutls.c +@@ -376,8 +376,9 @@ ssl_connect_wget (int fd, const char *hostname) + { + struct wgnutls_transport_context *ctx; + gnutls_session_t session; +- int err; ++ int err,alert; + gnutls_init (&session, GNUTLS_CLIENT); ++ const char *str; + + /* We set the server name but only if it's not an IP address. */ + if (! is_valid_ip_address (hostname)) +@@ -440,10 +441,28 @@ ssl_connect_wget (int fd, const char *hostname) + return false; + } + +- err = gnutls_handshake (session); ++ /* We don't stop the handshake process for non-fatal errors */ ++ do ++ { ++ err = gnutls_handshake (session); ++ if (err < 0) ++ { ++ logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err)); ++ if (err == GNUTLS_E_WARNING_ALERT_RECEIVED || ++ err == GNUTLS_E_FATAL_ALERT_RECEIVED) ++ { ++ alert = gnutls_alert_get (session); ++ str = gnutls_alert_get_name (alert); ++ if (str == NULL) ++ str = "(unknown)"; ++ logprintf (LOG_NOTQUIET, "GnuTLS: received alert [%d]: %s\n", alert, str); ++ } ++ } ++ } ++ while (err == GNUTLS_E_WARNING_ALERT_RECEIVED && gnutls_error_is_fatal (err) == 0); ++ + if (err < 0) + { +- logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err)); + gnutls_deinit (session); + return false; + } +-- +1.8.4.3 + diff --git a/net-misc/wget/files/wget-1.14-pkg-config.patch b/net-misc/wget/files/wget-1.14-pkg-config.patch new file mode 100644 index 000000000000..ea6364bf3ae1 --- /dev/null +++ b/net-misc/wget/files/wget-1.14-pkg-config.patch @@ -0,0 +1,200 @@ +From b97942cd6b496501b396ea3bc2710010f4591542 Mon Sep 17 00:00:00 2001 +From: Mike Frysinger <vapier@gentoo.org> +Date: Mon, 21 May 2012 18:39:59 -0400 +Subject: [PATCH] detect openssl/pcre/libuuid/zlib via pkg-config if it's + available + +Newer versions of these packages ship with pkg-config files, so if we can +detect it via those, do so. If that fails, fall back to the old methods. + +Signed-off-by: Mike Frysinger <vapier@gentoo.org> +--- + configure.ac | 110 ++++++++++++++++++++++++++++++++++++++--------------------- + 1 file changed, 71 insertions(+), 39 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 873c3c9..779ff39 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -68,6 +68,9 @@ AC_ARG_WITH(ssl, + AC_ARG_WITH(zlib, + [[ --without-zlib disable zlib ]]) + ++AC_ARG_ENABLE(pcre, AC_HELP_STRING([--disable-pcre], ++ [Disable PCRE style regular expressions])) ++ + AC_ARG_ENABLE(opie, + [ --disable-opie disable support for opie or s/key FTP login], + ENABLE_OPIE=$enableval, ENABLE_OPIE=yes) +@@ -237,11 +240,25 @@ dnl + dnl Checks for libraries. + dnl + ++PKG_PROG_PKG_CONFIG ++ + AS_IF([test x"$with_zlib" != xno], [ +- AC_CHECK_LIB(z, compress) ++ PKG_CHECK_MODULES([ZLIB], zlib, [ ++ LIBS="$ZLIB_LIBS $LIBS" ++ CFLAGS="$ZLIB_CFLAGS $CFLAGS" ++ ], [ ++ AC_CHECK_LIB(z, compress) ++ ]) + ]) + + AS_IF([test x"$with_ssl" = xopenssl], [ ++ PKG_CHECK_MODULES([OPENSSL], [openssl], [ ++ AC_MSG_NOTICE([compiling in support for SSL via OpenSSL]) ++ AC_LIBOBJ([openssl]) ++ LIBS="$OPENSSL_LIBS $LIBS" ++ CFLAGS="$OPENSSL_CFLAGS -DHAVE_LIBSSL $CFLAGS" ++ LIBSSL=" " # ntlm check below wants this ++ ], [ + dnl some versions of openssl use zlib compression + AC_CHECK_LIB(z, compress) + +@@ -278,29 +295,29 @@ AS_IF([test x"$with_ssl" = xopenssl], [ + ;; + esac + +-AS_IF([test x$ssl_found != xyes], +-[ +- dnl Now actually check for -lssl if it wasn't already found +- AC_LIB_HAVE_LINKFLAGS([ssl], [crypto z], [ +- #include <openssl/ssl.h> +- #include <openssl/x509.h> +- #include <openssl/err.h> +- #include <openssl/rand.h> +- #include <openssl/des.h> +- #include <openssl/md4.h> +- #include <openssl/md5.h> +- ], [SSL_library_init ()]) +- if test x"$LIBSSL" != x +- then +- ssl_found=yes +- AC_MSG_NOTICE([compiling in support for SSL via OpenSSL]) +- AC_LIBOBJ([openssl]) +- LIBS="$LIBSSL $LIBS" +- elif test x"$with_ssl" != x +- then +- AC_MSG_ERROR([--with-ssl=openssl was given, but SSL is not available.]) +- fi +-]) ++ AS_IF([test x$ssl_found != xyes], [ ++ dnl Now actually check for -lssl if it wasn't already found ++ AC_LIB_HAVE_LINKFLAGS([ssl], [crypto z], [ ++#include <openssl/ssl.h> ++#include <openssl/x509.h> ++#include <openssl/err.h> ++#include <openssl/rand.h> ++#include <openssl/des.h> ++#include <openssl/md4.h> ++#include <openssl/md5.h> ++ ], [SSL_library_init ()]) ++ if test x"$LIBSSL" != x ++ then ++ ssl_found=yes ++ AC_MSG_NOTICE([compiling in support for SSL via OpenSSL]) ++ AC_LIBOBJ([openssl]) ++ LIBS="$LIBSSL $LIBS" ++ elif test x"$with_ssl" != x ++ then ++ AC_MSG_ERROR([--with-ssl=openssl was given, but SSL is not available.]) ++ fi ++ ]) ++ ]) + + ], [ + # --with-ssl is not gnutls: check if it's no +@@ -322,13 +322,20 @@ AS_IF([test x"$with_ssl" = xopenssl], [ + ], [ + # --with-ssl is not gnutls: check if it's no + AS_IF([test x"$with_ssl" != xno], [ +- dnl Now actually check for -lssl ++ dnl Now actually check for gnutls + ++ PKG_CHECK_MODULES([GNUTLS], [gnutls], [ ++ AC_MSG_NOTICE([compiling in support for SSL via GnuTLS]) ++ AC_LIBOBJ([gnutls]) ++ LIBS="$GNUTLS_LIBS $LIBS" ++ CFLAGS="$GNUTLS_CFLAGS -DHAVE_LIBGNUTLS $CFLAGS" ++ ], [ ++ ++ dnl Now actually check for -lgnutls + AC_CHECK_LIB(z, compress) + AC_CHECK_LIB(gpg-error, gpg_err_init) + AC_CHECK_LIB(gcrypt, gcry_control) + +- dnl Now actually check for -lssl + AC_LIB_HAVE_LINKFLAGS([gnutls], [], [ + #include <gnutls/gnutls.h> + ], [gnutls_global_init()]) +@@ -342,6 +349,8 @@ AS_IF([test x"$with_ssl" = xopenssl], [ + AC_MSG_ERROR([--with-ssl was given, but GNUTLS is not available.]) + fi + ++ ]) ++ + AC_CHECK_FUNCS(gnutls_priority_set_direct) + ]) # endif: --with-ssl == no? + ]) # endif: --with-ssl == openssl? +@@ -524,26 +541,41 @@ dnl + dnl Check for UUID + dnl + +-AC_CHECK_HEADER(uuid/uuid.h, +- AC_CHECK_LIB(uuid, uuid_generate, +- [LIBS="${LIBS} -luuid" +- AC_DEFINE([HAVE_LIBUUID], 1, +- [Define if libuuid is available.]) +- ]) +-) ++AC_ARG_WITH(libuuid, AC_HELP_STRING([--without-libuuid], ++ [Generate UUIDs for WARC files via libuuid])) ++AS_IF([test "X$with_libuuid" != "Xno"],[ ++ PKG_CHECK_MODULES([UUID], uuid, [ ++ LIBS="$UUID_LIBS $LIBS" ++ CFLAGS="$UUID_CFLAGS $CFLAGS" ++ ], [ ++ AC_CHECK_HEADER(uuid/uuid.h, ++ AC_CHECK_LIB(uuid, uuid_generate, ++ [LIBS="${LIBS} -luuid" ++ AC_DEFINE([HAVE_LIBUUID], 1, ++ [Define if libuuid is available.]) ++ ]) ++ ) ++ ]) ++]) + + dnl + dnl Check for PCRE + dnl + +-AC_CHECK_HEADER(pcre.h, +- AC_CHECK_LIB(pcre, pcre_compile, +- [LIBS="${LIBS} -lpcre" +- AC_DEFINE([HAVE_LIBPCRE], 1, +- [Define if libpcre is available.]) +- ]) +-) +- ++AS_IF([test "X$enable_pcre" != "Xno"],[ ++ PKG_CHECK_MODULES([PCRE], libpcre, [ ++ LIBS="$PCRE_LIBS $LIBS" ++ CFLAGS="$PCRE_CFLAGS $CFLAGS" ++ ], [ ++ AC_CHECK_HEADER(pcre.h, ++ AC_CHECK_LIB(pcre, pcre_compile, ++ [LIBS="${LIBS} -lpcre" ++ AC_DEFINE([HAVE_LIBPCRE], 1, ++ [Define if libpcre is available.]) ++ ]) ++ ) ++ ]) ++]) + + dnl Needed by src/Makefile.am + AM_CONDITIONAL([IRI_IS_ENABLED], [test "X$iri" != "Xno"]) +-- +1.8.4.3 + diff --git a/net-misc/wget/files/wget-1.14-wgetrc.patch b/net-misc/wget/files/wget-1.14-wgetrc.patch new file mode 100644 index 000000000000..8252aca4273c --- /dev/null +++ b/net-misc/wget/files/wget-1.14-wgetrc.patch @@ -0,0 +1,31 @@ +link to the man manual pages + +document user agent issue vs portage fetching +https://bugs.gentoo.org/327229 + +--- a/doc/sample.wgetrc ++++ b/doc/sample.wgetrc +@@ -5,7 +5,10 @@ + ## You can use this file to change the default behaviour of wget or to + ## avoid having to type many many command-line options. This file does + ## not contain a comprehensive list of commands -- look at the manual +-## to find out what you can put into this file. ++## to find out what you can put into this file. You can find this here: ++## $ info wget.info 'Startup File' ++## Or online here: ++## https://www.gnu.org/software/wget/manual/wget.html#Startup-File + ## + ## Wget initialization file can reside in /usr/local/etc/wgetrc + ## (global, for all users) or $HOME/.wgetrc (for a single user). +@@ -14,6 +15,11 @@ + ## as well as change them, in most cases, as the values on the + ## commented-out lines are the default values (e.g. "off"). + ++## You should not modify user_agent in the global config file. Instead, ++## keep that in your ~/.wgetrc file. If you really want to modify it ++## globally, make sure you set a custom FETCHCOMMAND in your package ++## manager because you will randomly break fetching with some servers. ++ + + ## + ## Global settings (useful for setting up in /usr/local/etc/wgetrc). diff --git a/net-misc/wget/wget-1.14-r1.ebuild b/net-misc/wget/wget-1.14-r1.ebuild new file mode 100644 index 000000000000..284d25dca107 --- /dev/null +++ b/net-misc/wget/wget-1.14-r1.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/wget-1.14-r1.ebuild,v 1.1 2013/12/23 07:23:59 vapier Exp $ + +EAPI="4" + +inherit flag-o-matic toolchain-funcs autotools + +DESCRIPTION="Network utility to retrieve files from the WWW" +HOMEPAGE="http://www.gnu.org/software/wget/" +SRC_URI="mirror://gnu/wget/${P}.tar.xz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="debug gnutls idn ipv6 nls ntlm pcre +ssl static uuid zlib" + +LIB_DEPEND="idn? ( net-dns/libidn[static-libs(+)] ) + pcre? ( dev-libs/libpcre[static-libs(+)] ) + ssl? ( + gnutls? ( net-libs/gnutls[static-libs(+)] ) + !gnutls? ( dev-libs/openssl:0[static-libs(+)] ) + ) + uuid? ( sys-apps/util-linux[static-libs(+)] ) + zlib? ( sys-libs/zlib[static-libs(+)] )" +RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )" +DEPEND="${RDEPEND} + app-arch/xz-utils + virtual/pkgconfig + static? ( ${LIB_DEPEND} ) + nls? ( sys-devel/gettext )" + +REQUIRED_USE="ntlm? ( !gnutls ssl ) gnutls? ( ssl )" + +DOCS=( AUTHORS MAILING-LIST NEWS README doc/sample.wgetrc ) + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.14-pkg-config.patch + epatch "${FILESDIR}"/${P}-texi2pod.patch + epatch "${FILESDIR}"/${PN}-1.14-gnutls-ssl.patch #479948 + epatch "${FILESDIR}"/${PN}-1.14-wgetrc.patch #327229 + # We patch the wgetrc sample file which goes into the info page. + # Update the info timestamp to avoid regenerating it. + touch doc/sample.wgetrc.munged_for_texi_inclusion doc/wget.info + eautoreconf +} + +src_configure() { + # openssl-0.9.8 now builds with -pthread on the BSD's + use elibc_FreeBSD && use ssl && append-ldflags -pthread + # fix compilation on Solaris, we need filio.h for FIONBIO as used in + # the included gnutls -- force ioctl.h to include this header + [[ ${CHOST} == *-solaris* ]] && append-flags -DBSD_COMP=1 + + # some libraries tests lack configure options :( #432468 + eval export ac_cv_{header_pcre_h,lib_pcre_pcre_compile}=$(usex pcre) + eval export ac_cv_{header_uuid_uuid_h,lib_uuid_uuid_generate}=$(usex uuid) + + if use static ; then + append-ldflags -static + tc-export PKG_CONFIG + PKG_CONFIG+=" --static" + fi + econf \ + --disable-rpath \ + $(use_with ssl ssl $(usex gnutls gnutls openssl)) \ + $(use_enable ssl opie) \ + $(use_enable ssl digest) \ + $(use_enable idn iri) \ + $(use_enable ipv6) \ + $(use_enable nls) \ + $(use_enable ntlm) \ + $(use_enable debug) \ + $(use_with zlib) +} + +src_install() { + default + + sed -i \ + -e "s:/usr/local/etc:${EPREFIX}/etc:g" \ + "${ED}"/etc/wgetrc \ + "${ED}"/usr/share/man/man1/wget.1 \ + "${ED}"/usr/share/info/wget.info +} |