summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2013-12-23 07:24:00 +0000
committerMike Frysinger <vapier@gentoo.org>2013-12-23 07:24:00 +0000
commit6b47ec97f235d91b839cd1b6621a898a061922be (patch)
treeaaebad4b44f8e1105768db4b61ecbffedab360df /net-misc
parentRemove old. (diff)
downloadgentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.tar.gz
gentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.tar.bz2
gentoo-2-6b47ec97f235d91b839cd1b6621a898a061922be.zip
Add fix from upstream for gnutls/ssl connection rejections #479948 by Scott Bertilson. Document user agent issue in /etc/wgetrc wrt portage fetching #327229. Update the pkg-config patch to cover more libraries #438912.
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key FB7C4156)
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/wget/ChangeLog11
-rw-r--r--net-misc/wget/files/wget-1.14-gnutls-ssl.patch68
-rw-r--r--net-misc/wget/files/wget-1.14-pkg-config.patch200
-rw-r--r--net-misc/wget/files/wget-1.14-wgetrc.patch31
-rw-r--r--net-misc/wget/wget-1.14-r1.ebuild85
5 files changed, 394 insertions, 1 deletions
diff --git a/net-misc/wget/ChangeLog b/net-misc/wget/ChangeLog
index d8fb701fbe69..3b4e25e282c0 100644
--- a/net-misc/wget/ChangeLog
+++ b/net-misc/wget/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for net-misc/wget
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/ChangeLog,v 1.177 2013/11/04 06:38:44 polynomial-c Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/ChangeLog,v 1.178 2013/12/23 07:23:59 vapier Exp $
+
+*wget-1.14-r1 (23 Dec 2013)
+
+ 23 Dec 2013; Mike Frysinger <vapier@gentoo.org>
+ +files/wget-1.14-gnutls-ssl.patch, +files/wget-1.14-pkg-config.patch,
+ +files/wget-1.14-wgetrc.patch, +wget-1.14-r1.ebuild:
+ Add fix from upstream for gnutls/ssl connection rejections #479948 by Scott
+ Bertilson. Document user agent issue in /etc/wgetrc wrt portage fetching
+ #327229. Update the pkg-config patch to cover more libraries #438912.
04 Nov 2013; Lars Wendler <polynomial-c@gentoo.org> wget-1.14.ebuild,
+files/wget-1.14-texi2pod.patch:
diff --git a/net-misc/wget/files/wget-1.14-gnutls-ssl.patch b/net-misc/wget/files/wget-1.14-gnutls-ssl.patch
new file mode 100644
index 000000000000..8d5fe81e1b55
--- /dev/null
+++ b/net-misc/wget/files/wget-1.14-gnutls-ssl.patch
@@ -0,0 +1,68 @@
+https://bugs.gentoo.org/479948
+
+From ae80fd2ec75fafdbec9895b9d973f2966209d588 Mon Sep 17 00:00:00 2001
+From: mancha <mancha1@hush.com>
+Date: Sun, 5 May 2013 07:16:58 +0200
+Subject: [PATCH] gnutls: do not abort on non-fatal alerts during handshake
+
+Signed-off-by: mancha <mancha1@hush.com>
+---
+ src/ChangeLog | 6 ++++++
+ src/gnutls.c | 25 ++++++++++++++++++++++---
+ 2 files changed, 28 insertions(+), 3 deletions(-)
+
+2013-05-05 mancha <mancha1@hush.com> (tiny change)
+
+ * gnutls.c (ssl_connect_wget): Don't abort on non-fatal alerts
+ received during handshake. For example, when connecting to servers
+ using TSL-SNI that send warning-level unrecognized_name alerts.
+
+diff --git a/src/gnutls.c b/src/gnutls.c
+index 769b005..54422fc 100644
+--- a/src/gnutls.c
++++ b/src/gnutls.c
+@@ -376,8 +376,9 @@ ssl_connect_wget (int fd, const char *hostname)
+ {
+ struct wgnutls_transport_context *ctx;
+ gnutls_session_t session;
+- int err;
++ int err,alert;
+ gnutls_init (&session, GNUTLS_CLIENT);
++ const char *str;
+
+ /* We set the server name but only if it's not an IP address. */
+ if (! is_valid_ip_address (hostname))
+@@ -440,10 +441,28 @@ ssl_connect_wget (int fd, const char *hostname)
+ return false;
+ }
+
+- err = gnutls_handshake (session);
++ /* We don't stop the handshake process for non-fatal errors */
++ do
++ {
++ err = gnutls_handshake (session);
++ if (err < 0)
++ {
++ logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
++ if (err == GNUTLS_E_WARNING_ALERT_RECEIVED ||
++ err == GNUTLS_E_FATAL_ALERT_RECEIVED)
++ {
++ alert = gnutls_alert_get (session);
++ str = gnutls_alert_get_name (alert);
++ if (str == NULL)
++ str = "(unknown)";
++ logprintf (LOG_NOTQUIET, "GnuTLS: received alert [%d]: %s\n", alert, str);
++ }
++ }
++ }
++ while (err == GNUTLS_E_WARNING_ALERT_RECEIVED && gnutls_error_is_fatal (err) == 0);
++
+ if (err < 0)
+ {
+- logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
+ gnutls_deinit (session);
+ return false;
+ }
+--
+1.8.4.3
+
diff --git a/net-misc/wget/files/wget-1.14-pkg-config.patch b/net-misc/wget/files/wget-1.14-pkg-config.patch
new file mode 100644
index 000000000000..ea6364bf3ae1
--- /dev/null
+++ b/net-misc/wget/files/wget-1.14-pkg-config.patch
@@ -0,0 +1,200 @@
+From b97942cd6b496501b396ea3bc2710010f4591542 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Mon, 21 May 2012 18:39:59 -0400
+Subject: [PATCH] detect openssl/pcre/libuuid/zlib via pkg-config if it's
+ available
+
+Newer versions of these packages ship with pkg-config files, so if we can
+detect it via those, do so. If that fails, fall back to the old methods.
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ configure.ac | 110 ++++++++++++++++++++++++++++++++++++++---------------------
+ 1 file changed, 71 insertions(+), 39 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 873c3c9..779ff39 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -68,6 +68,9 @@ AC_ARG_WITH(ssl,
+ AC_ARG_WITH(zlib,
+ [[ --without-zlib disable zlib ]])
+
++AC_ARG_ENABLE(pcre, AC_HELP_STRING([--disable-pcre],
++ [Disable PCRE style regular expressions]))
++
+ AC_ARG_ENABLE(opie,
+ [ --disable-opie disable support for opie or s/key FTP login],
+ ENABLE_OPIE=$enableval, ENABLE_OPIE=yes)
+@@ -237,11 +240,25 @@ dnl
+ dnl Checks for libraries.
+ dnl
+
++PKG_PROG_PKG_CONFIG
++
+ AS_IF([test x"$with_zlib" != xno], [
+- AC_CHECK_LIB(z, compress)
++ PKG_CHECK_MODULES([ZLIB], zlib, [
++ LIBS="$ZLIB_LIBS $LIBS"
++ CFLAGS="$ZLIB_CFLAGS $CFLAGS"
++ ], [
++ AC_CHECK_LIB(z, compress)
++ ])
+ ])
+
+ AS_IF([test x"$with_ssl" = xopenssl], [
++ PKG_CHECK_MODULES([OPENSSL], [openssl], [
++ AC_MSG_NOTICE([compiling in support for SSL via OpenSSL])
++ AC_LIBOBJ([openssl])
++ LIBS="$OPENSSL_LIBS $LIBS"
++ CFLAGS="$OPENSSL_CFLAGS -DHAVE_LIBSSL $CFLAGS"
++ LIBSSL=" " # ntlm check below wants this
++ ], [
+ dnl some versions of openssl use zlib compression
+ AC_CHECK_LIB(z, compress)
+
+@@ -278,29 +295,29 @@ AS_IF([test x"$with_ssl" = xopenssl], [
+ ;;
+ esac
+
+-AS_IF([test x$ssl_found != xyes],
+-[
+- dnl Now actually check for -lssl if it wasn't already found
+- AC_LIB_HAVE_LINKFLAGS([ssl], [crypto z], [
+- #include <openssl/ssl.h>
+- #include <openssl/x509.h>
+- #include <openssl/err.h>
+- #include <openssl/rand.h>
+- #include <openssl/des.h>
+- #include <openssl/md4.h>
+- #include <openssl/md5.h>
+- ], [SSL_library_init ()])
+- if test x"$LIBSSL" != x
+- then
+- ssl_found=yes
+- AC_MSG_NOTICE([compiling in support for SSL via OpenSSL])
+- AC_LIBOBJ([openssl])
+- LIBS="$LIBSSL $LIBS"
+- elif test x"$with_ssl" != x
+- then
+- AC_MSG_ERROR([--with-ssl=openssl was given, but SSL is not available.])
+- fi
+-])
++ AS_IF([test x$ssl_found != xyes], [
++ dnl Now actually check for -lssl if it wasn't already found
++ AC_LIB_HAVE_LINKFLAGS([ssl], [crypto z], [
++#include <openssl/ssl.h>
++#include <openssl/x509.h>
++#include <openssl/err.h>
++#include <openssl/rand.h>
++#include <openssl/des.h>
++#include <openssl/md4.h>
++#include <openssl/md5.h>
++ ], [SSL_library_init ()])
++ if test x"$LIBSSL" != x
++ then
++ ssl_found=yes
++ AC_MSG_NOTICE([compiling in support for SSL via OpenSSL])
++ AC_LIBOBJ([openssl])
++ LIBS="$LIBSSL $LIBS"
++ elif test x"$with_ssl" != x
++ then
++ AC_MSG_ERROR([--with-ssl=openssl was given, but SSL is not available.])
++ fi
++ ])
++ ])
+
+ ], [
+ # --with-ssl is not gnutls: check if it's no
+@@ -322,13 +322,20 @@ AS_IF([test x"$with_ssl" = xopenssl], [
+ ], [
+ # --with-ssl is not gnutls: check if it's no
+ AS_IF([test x"$with_ssl" != xno], [
+- dnl Now actually check for -lssl
++ dnl Now actually check for gnutls
+
++ PKG_CHECK_MODULES([GNUTLS], [gnutls], [
++ AC_MSG_NOTICE([compiling in support for SSL via GnuTLS])
++ AC_LIBOBJ([gnutls])
++ LIBS="$GNUTLS_LIBS $LIBS"
++ CFLAGS="$GNUTLS_CFLAGS -DHAVE_LIBGNUTLS $CFLAGS"
++ ], [
++
++ dnl Now actually check for -lgnutls
+ AC_CHECK_LIB(z, compress)
+ AC_CHECK_LIB(gpg-error, gpg_err_init)
+ AC_CHECK_LIB(gcrypt, gcry_control)
+
+- dnl Now actually check for -lssl
+ AC_LIB_HAVE_LINKFLAGS([gnutls], [], [
+ #include <gnutls/gnutls.h>
+ ], [gnutls_global_init()])
+@@ -342,6 +349,8 @@ AS_IF([test x"$with_ssl" = xopenssl], [
+ AC_MSG_ERROR([--with-ssl was given, but GNUTLS is not available.])
+ fi
+
++ ])
++
+ AC_CHECK_FUNCS(gnutls_priority_set_direct)
+ ]) # endif: --with-ssl == no?
+ ]) # endif: --with-ssl == openssl?
+@@ -524,26 +541,41 @@ dnl
+ dnl Check for UUID
+ dnl
+
+-AC_CHECK_HEADER(uuid/uuid.h,
+- AC_CHECK_LIB(uuid, uuid_generate,
+- [LIBS="${LIBS} -luuid"
+- AC_DEFINE([HAVE_LIBUUID], 1,
+- [Define if libuuid is available.])
+- ])
+-)
++AC_ARG_WITH(libuuid, AC_HELP_STRING([--without-libuuid],
++ [Generate UUIDs for WARC files via libuuid]))
++AS_IF([test "X$with_libuuid" != "Xno"],[
++ PKG_CHECK_MODULES([UUID], uuid, [
++ LIBS="$UUID_LIBS $LIBS"
++ CFLAGS="$UUID_CFLAGS $CFLAGS"
++ ], [
++ AC_CHECK_HEADER(uuid/uuid.h,
++ AC_CHECK_LIB(uuid, uuid_generate,
++ [LIBS="${LIBS} -luuid"
++ AC_DEFINE([HAVE_LIBUUID], 1,
++ [Define if libuuid is available.])
++ ])
++ )
++ ])
++])
+
+ dnl
+ dnl Check for PCRE
+ dnl
+
+-AC_CHECK_HEADER(pcre.h,
+- AC_CHECK_LIB(pcre, pcre_compile,
+- [LIBS="${LIBS} -lpcre"
+- AC_DEFINE([HAVE_LIBPCRE], 1,
+- [Define if libpcre is available.])
+- ])
+-)
+-
++AS_IF([test "X$enable_pcre" != "Xno"],[
++ PKG_CHECK_MODULES([PCRE], libpcre, [
++ LIBS="$PCRE_LIBS $LIBS"
++ CFLAGS="$PCRE_CFLAGS $CFLAGS"
++ ], [
++ AC_CHECK_HEADER(pcre.h,
++ AC_CHECK_LIB(pcre, pcre_compile,
++ [LIBS="${LIBS} -lpcre"
++ AC_DEFINE([HAVE_LIBPCRE], 1,
++ [Define if libpcre is available.])
++ ])
++ )
++ ])
++])
+
+ dnl Needed by src/Makefile.am
+ AM_CONDITIONAL([IRI_IS_ENABLED], [test "X$iri" != "Xno"])
+--
+1.8.4.3
+
diff --git a/net-misc/wget/files/wget-1.14-wgetrc.patch b/net-misc/wget/files/wget-1.14-wgetrc.patch
new file mode 100644
index 000000000000..8252aca4273c
--- /dev/null
+++ b/net-misc/wget/files/wget-1.14-wgetrc.patch
@@ -0,0 +1,31 @@
+link to the man manual pages
+
+document user agent issue vs portage fetching
+https://bugs.gentoo.org/327229
+
+--- a/doc/sample.wgetrc
++++ b/doc/sample.wgetrc
+@@ -5,7 +5,10 @@
+ ## You can use this file to change the default behaviour of wget or to
+ ## avoid having to type many many command-line options. This file does
+ ## not contain a comprehensive list of commands -- look at the manual
+-## to find out what you can put into this file.
++## to find out what you can put into this file. You can find this here:
++## $ info wget.info 'Startup File'
++## Or online here:
++## https://www.gnu.org/software/wget/manual/wget.html#Startup-File
+ ##
+ ## Wget initialization file can reside in /usr/local/etc/wgetrc
+ ## (global, for all users) or $HOME/.wgetrc (for a single user).
+@@ -14,6 +15,11 @@
+ ## as well as change them, in most cases, as the values on the
+ ## commented-out lines are the default values (e.g. "off").
+
++## You should not modify user_agent in the global config file. Instead,
++## keep that in your ~/.wgetrc file. If you really want to modify it
++## globally, make sure you set a custom FETCHCOMMAND in your package
++## manager because you will randomly break fetching with some servers.
++
+
+ ##
+ ## Global settings (useful for setting up in /usr/local/etc/wgetrc).
diff --git a/net-misc/wget/wget-1.14-r1.ebuild b/net-misc/wget/wget-1.14-r1.ebuild
new file mode 100644
index 000000000000..284d25dca107
--- /dev/null
+++ b/net-misc/wget/wget-1.14-r1.ebuild
@@ -0,0 +1,85 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/wget/wget-1.14-r1.ebuild,v 1.1 2013/12/23 07:23:59 vapier Exp $
+
+EAPI="4"
+
+inherit flag-o-matic toolchain-funcs autotools
+
+DESCRIPTION="Network utility to retrieve files from the WWW"
+HOMEPAGE="http://www.gnu.org/software/wget/"
+SRC_URI="mirror://gnu/wget/${P}.tar.xz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="debug gnutls idn ipv6 nls ntlm pcre +ssl static uuid zlib"
+
+LIB_DEPEND="idn? ( net-dns/libidn[static-libs(+)] )
+ pcre? ( dev-libs/libpcre[static-libs(+)] )
+ ssl? (
+ gnutls? ( net-libs/gnutls[static-libs(+)] )
+ !gnutls? ( dev-libs/openssl:0[static-libs(+)] )
+ )
+ uuid? ( sys-apps/util-linux[static-libs(+)] )
+ zlib? ( sys-libs/zlib[static-libs(+)] )"
+RDEPEND="!static? ( ${LIB_DEPEND//\[static-libs(+)]} )"
+DEPEND="${RDEPEND}
+ app-arch/xz-utils
+ virtual/pkgconfig
+ static? ( ${LIB_DEPEND} )
+ nls? ( sys-devel/gettext )"
+
+REQUIRED_USE="ntlm? ( !gnutls ssl ) gnutls? ( ssl )"
+
+DOCS=( AUTHORS MAILING-LIST NEWS README doc/sample.wgetrc )
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-1.14-pkg-config.patch
+ epatch "${FILESDIR}"/${P}-texi2pod.patch
+ epatch "${FILESDIR}"/${PN}-1.14-gnutls-ssl.patch #479948
+ epatch "${FILESDIR}"/${PN}-1.14-wgetrc.patch #327229
+ # We patch the wgetrc sample file which goes into the info page.
+ # Update the info timestamp to avoid regenerating it.
+ touch doc/sample.wgetrc.munged_for_texi_inclusion doc/wget.info
+ eautoreconf
+}
+
+src_configure() {
+ # openssl-0.9.8 now builds with -pthread on the BSD's
+ use elibc_FreeBSD && use ssl && append-ldflags -pthread
+ # fix compilation on Solaris, we need filio.h for FIONBIO as used in
+ # the included gnutls -- force ioctl.h to include this header
+ [[ ${CHOST} == *-solaris* ]] && append-flags -DBSD_COMP=1
+
+ # some libraries tests lack configure options :( #432468
+ eval export ac_cv_{header_pcre_h,lib_pcre_pcre_compile}=$(usex pcre)
+ eval export ac_cv_{header_uuid_uuid_h,lib_uuid_uuid_generate}=$(usex uuid)
+
+ if use static ; then
+ append-ldflags -static
+ tc-export PKG_CONFIG
+ PKG_CONFIG+=" --static"
+ fi
+ econf \
+ --disable-rpath \
+ $(use_with ssl ssl $(usex gnutls gnutls openssl)) \
+ $(use_enable ssl opie) \
+ $(use_enable ssl digest) \
+ $(use_enable idn iri) \
+ $(use_enable ipv6) \
+ $(use_enable nls) \
+ $(use_enable ntlm) \
+ $(use_enable debug) \
+ $(use_with zlib)
+}
+
+src_install() {
+ default
+
+ sed -i \
+ -e "s:/usr/local/etc:${EPREFIX}/etc:g" \
+ "${ED}"/etc/wgetrc \
+ "${ED}"/usr/share/man/man1/wget.1 \
+ "${ED}"/usr/share/info/wget.info
+}