Commit Graph

4183 Commits

Author SHA1 Message Date
Tim Rühsen
b3f86f90cc Revert "Add . to perl path for all perl tests"
This reverts commit 79be99aff4.

/usr/bin/env 8.28 and below doesn't know -S.
2019-05-30 12:06:01 +02:00
Darshit Shah
60dc09b507 Revert " Hi, Thank you again Darshit for your response. The RejectHeaderField rule rejects ANY header"
I accidentally commited this patch.

This reverts commit 4ce2f93600.
2019-05-30 11:19:46 +02:00
Darshit Shah
02c059a857 * .gitignore: Update gitignore file 2019-05-30 11:19:15 +02:00
sulfastor
4ce2f93600 Hi, Thank you again Darshit for your response. The RejectHeaderField rule rejects ANY header
of the header field while RejectHeader rejects ONLY the specified full header.
	Since we wanted to be sure a header field is not sent to the server we wrote this rule.

	* doc/wget.texi: Added --disable-header documentation.
        * fuzz/wget_options_fuzzer.dict: Update with --disable-header inputs.
        * src/http.c (disabled_header): Checks for disabled headers
	(request_set_header): Doesn't let header to be set if disabled
	(gethttp): frees disabled header to let overriding
        * src/init.c (cmd_dis_header), (check_user_disabled_header) added new option disabled_headers.
        * src/main.c: added new option --disable-header, added help description
        * src/options.h: added new option --disable-header
	* src/utils.h (vec_remove_header)
	* src/utils.c (vec_remove_header) removes all header instances from vector
        * testenv/Makefile.am: Added new test files
        * testenv/server/http/http_server.py: Added new rule RejectHeaderField
        * testenv/conf/reject_header_field.py: Added new rule RejectHeaderField
        * testenv/README: Added help description for new rule
        * testenv/Test-disable-default-headers.py: Test without using --header
        * testenv/Test-disable-headers-after.py: Test using --header before --disable-header
        * testenv/Test-disable-headers-before.py: Test using --header after --disable-header

Signed-off-by: sulfastor <torresmoisesa@gmail.com>, adham elkarn <adhamelkarn@hotmail.com>
2019-05-30 10:01:24 +02:00
Tim Rühsen
0cdbc715a9 * src/log.c (log_vprintf_internal): Don't log twice 2019-05-28 16:26:03 +02:00
AviSoomirtee
95a677c7f5 * src/openssl.c (ssl_init): post handshake auth for OpenSSL
Copyright-paperwork-exempt: Yes
2019-05-25 18:10:37 +02:00
Tim Rühsen
96f48bf412 * bootstrap.conf: Explicitly set source_base and test_base 2019-05-24 11:14:19 +02:00
Tim Rühsen
95de9cd97f * src/convert.c (convert_basename): Do not pass NULL to strrchr() 2019-05-07 17:06:04 +02:00
Tim Rühsen
fac8f8099d * src/url.c (append_uri_pathel): Check for possible NULL dereference 2019-05-07 17:05:55 +02:00
Tim Rühsen
7da620c7ce * fuzz/main.c: Fix paths for WIN32 2019-05-07 17:05:32 +02:00
Tim Rühsen
e3790ad2a3 * bootstrap.conf: Work around VPATH issue 2019-05-07 17:05:26 +02:00
Tim Rühsen
021458ddf2 * configure.ac: Update gettext version to 0.19.3 2019-05-07 17:05:10 +02:00
Tim Rühsen
64618a9852 * bootstrap.conf: Remove rsync as prerequisite
'./bootstrap --skip-po' won't need wget nor rsync
2019-05-07 17:05:05 +02:00
Tim Rühsen
c9fa9d599e * bootstrap.conf: Replace prerequisite xz by gzip 2019-05-07 17:04:56 +02:00
Tim Rühsen
64f6f6847e Add sanitizer flags for ./configure
* bootstrap.conf: Add 'warning' gnulib module
* configure.ac: Add --enable-fsanitize-* flags
* tests/Makefile.am: Add compiler flags for unit testing
2019-05-03 11:27:30 +02:00
Tim Rühsen
94e2dd5ecd Add --enable-manywarnings from wget2
* .gitignore: Exclude /lib/Makefile.am
* bootstrap.conf: Use --makefile-name=gnulib.mk with gnulib-tool
* configure.ac: Use wget_MANYWARNINGS()
* lib/Makefile.am: Define empty noinst_LIBRARIES and MAINTAINERCLEANFILES
* m4/wget_manywarnings.m4: New file from GNU Wget2
* src/Makefile.am: Use WARN_CFLAGS for AM_CFLAGS
2019-05-02 12:53:19 +02:00
Tim Rühsen
14dc0c6af0 Add CONTRIBUTING.md
* CONTRIBUTING.md: New file for contributors
* README: Mention CONTRIBUTING.md
2019-04-28 20:36:14 +02:00
Tim Rühsen
6edf7a30b6 * fuzz/*.in/*: Update corpora from OSS-fuzz 2019-04-26 14:47:17 +02:00
Tim Rühsen
c34e9a8c47 * fuzz/get_ossfuzz_corpora: Remove -f from unzip, mkdir *.in/ 2019-04-26 14:14:12 +02:00
Tim Rühsen
370b778db2 * .gitlab-ci.yml: Update Gitlab CI WORKDIR to /usr/local 2019-04-26 11:04:03 +02:00
Eneas U de Queiroz
14e3712b8c * src/openssl.c: fix ssl_init for openssl 1.1.1
ssl_init fails with openssl 1.1.1 when openssl.cnf is not found.
Redundant calls to intialization functions were removed as
OPENSSL_config takes care of them for openssl versions < 1.1.0.
For versions > 1.1.0, OPENSSL_init_ssl is preferred.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Copyright-paperwork-exempt: Yes
2019-04-26 10:33:49 +02:00
Leif Ryge
263546473f * doc/wget.texi: Fix typo in man page
Copyright-paperwork-exempt: Yes
2019-04-11 14:47:30 +02:00
raminfp
4574771a6a [log] miss check If logging is inhibited 2019-04-11 08:50:42 +00:00
Tim Rühsen
562eacb76a * src/iri.c (do_conversion): Remove unneeded debug lines 2019-04-05 13:01:57 +02:00
Darshit Shah
a220ead435 * NEWS: Update NEWS for new release 2019-04-05 11:59:19 +02:00
Tim Ruehsen
692d5c5215 Fix a buffer overflow vulnerability
* src/iri.c(do_conversion): Reallocate the output buffer to a larger
  size if it is already full
2019-04-05 11:54:30 +02:00
Darshit Shah
2ae601a719 * NEWS: Update NEWS for new release 2019-04-05 11:54:30 +02:00
Tim Rühsen
0eaa5f1771 * src/openssl.c (ssl_init): Check for X509_V_FLAG_PARTIAL_CHAIN 2019-04-03 14:54:45 +02:00
Darshit Shah
39f17b3555 * gnulib: Pull forward 2019-04-01 20:15:05 +02:00
Tim Rühsen
4c89c85a28 * fuzz/main.c (test_all_from): Fix indentation 2019-03-26 09:42:50 +01:00
Tim Rühsen
5d87635c66 Fix corner case in processing server response
* src/http.c (response_head_terminator): Don't access uninitialized data
* fuzz/wget_read_hunk_fuzzer.c: Sync response_head_terminator()
2019-03-25 16:05:56 +01:00
Tim Rühsen
4046cd2a71 Add new fuzzer wget_read_hunk_fuzzer.c
* fuzz/Makefile.am: Add wget_read_hunk_fuzzer
* fuzz/wget_read_hunk_fuzzer.c: New file
* fuzz/wget_read_hunk_fuzzer.in/*: Fuzz corpora
* src/connect.c: Add connect_cleanup()
* src/connect.h: Add prototype for connect_cleanup()
2019-03-25 14:57:07 +01:00
Tim Rühsen
ae6636a28f * fuzz/wget_netrc_fuzzer.c: Fix fuzzer 2019-03-03 17:05:58 +01:00
Tim Rühsen
acef0fb4c6 * fuzz/wget_ftpls_fuzzer.c: Fix fuzzer 2019-03-03 17:05:44 +01:00
Jeffrey Walton
7c1c8eb3b1 * src/openssl.c (ssl_init): Trust partial cert chain 2019-02-22 12:46:53 +01:00
Tim Rühsen
19661f1d9a * src/ftp-ls.c (ftp_parse_vms_ls): Use snprintf instead of strcpy/strcat 2019-02-20 10:32:47 +01:00
Darshit Shah
e39be32838 * src/html-url.c(get_urls_html_fm): Add message in verbose mode with no-follow attribute 2019-02-19 23:25:05 +01:00
Tim Rühsen
8d8abcffdf Fix fuzz/ tests for OpenBSD
* fuzz/wget_*_fuzzer.c: Take care when calling exit()
2019-02-19 17:18:49 +01:00
Tim Rühsen
93d21e4217 * fuzz/Makefile.am: Remove hard-coded gcc flags 2019-02-19 15:52:58 +01:00
Tim Rühsen
07f9fbd0b3 Fix STDERR closing/restoring in fuzzers
* fuzz/fuzzer.h: Add CLOSE_STDERR and RESTORE_STDERR
* fuzz/wget_*_fuzzer.c: Use CLOSE_STDERR and RESTORE_STDERR
2019-02-19 15:50:34 +01:00
Tim Rühsen
74866d9ea0 * configure.ac: Rearrange AM_ICONV before gl_INIT 2019-02-19 15:49:41 +01:00
Tim Rühsen
1098de2b49 Do not hard-code -ldl in fuzz/Makefile.am
* configure.ac: Search for dlopen and add library to $FUZZ_LIBS
* fuzz/Makefile.am: Link with $FUZZ_LIBS instead of -ldl

This fixes linking on BSD systems.

Reported-by: Nam Nguyen
2019-02-19 15:11:04 +01:00
Tim Rühsen
c7f31d62b2 * doc/wget.texi: Correct --logfile -> --output-file 2019-02-14 10:39:54 +01:00
Darshit Shah
c53552e8cd Update gnulib 2019-02-10 11:51:03 +01:00
Darshit Shah
8b975e83d3 Update copyright statements 2019-02-10 11:50:17 +01:00
Leon Klingele
9e7c1554bd docs: --no-cache also sets the 'Cache-Control: no-cache' header
* doc/wget.texi: Add Cache-Control to docs
* src/wget.h: Add Cache-Control to comment of SEND_NOCACHE

Copyright-paperwork-exempt: Yes
2019-01-23 22:04:01 +01:00
Tim Rühsen
caf30fbe28 * .gitlab-ci.yml: Add minimal build 2019-01-20 19:58:10 +01:00
Tim Rühsen
f1eda916a6 * src/init.c (cleanup): Check HAVE_HSTS
Reported-by: Simon Dales
2019-01-20 19:42:53 +01:00
André Wolski
5dceb6626b NTLM restart authentication (trivial change)
* src/http-ntlm.c (ntlm_input): Continue on NTLMSTATE_LAST,
  error on NTLMSTATE_TYPE3

The code comes from the cURL project. Thanks to Daniel Stenberg
for donating the code.

https://lists.gnu.org/archive/html/bug-wget/2018-12/msg00030.html
2018-12-31 10:24:27 +01:00
Tim Rühsen
fc65b4521a * contrib/spell-checker: Remove trailing whitespace 2018-12-28 19:05:42 +01:00