summaryrefslogtreecommitdiff
path: root/networking/wget.c
diff options
context:
space:
mode:
authorDenys Vlasenko2015-10-07 01:39:40 +0200
committerDenys Vlasenko2015-10-07 01:39:40 +0200
commit1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8 (patch)
tree477c1daf40605269b4ee5912c5402d3f9e60aabc /networking/wget.c
parent3b650c1e7b0bcbb4dfebab6fd87449e6b1e0b788 (diff)
downloadbusybox-1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8.zip
busybox-1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8.tar.gz
wget: make openssl/ssl_helper choice configurable
I got sick of not being able to wget a https file... Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/wget.c')
-rw-r--r--networking/wget.c105
1 files changed, 95 insertions, 10 deletions
diff --git a/networking/wget.c b/networking/wget.c
index f744ea2..baa7e0e 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -9,6 +9,89 @@
* Kuhn's copyrights are licensed GPLv2-or-later. File as a whole remains GPLv2.
*/
+//config:config WGET
+//config: bool "wget"
+//config: default y
+//config: help
+//config: wget is a utility for non-interactive download of files from HTTP
+//config: and FTP servers.
+//config:
+//config:config FEATURE_WGET_STATUSBAR
+//config: bool "Enable a nifty process meter (+2k)"
+//config: default y
+//config: depends on WGET
+//config: help
+//config: Enable the transfer progress bar for wget transfers.
+//config:
+//config:config FEATURE_WGET_AUTHENTICATION
+//config: bool "Enable HTTP authentication"
+//config: default y
+//config: depends on WGET
+//config: help
+//config: Support authenticated HTTP transfers.
+//config:
+//config:config FEATURE_WGET_LONG_OPTIONS
+//config: bool "Enable long options"
+//config: default y
+//config: depends on WGET && LONG_OPTS
+//config: help
+//config: Support long options for the wget applet.
+//config:
+//config:config FEATURE_WGET_TIMEOUT
+//config: bool "Enable timeout option -T SEC"
+//config: default y
+//config: depends on WGET
+//config: help
+//config: Supports network read and connect timeouts for wget,
+//config: so that wget will give up and timeout, through the -T
+//config: command line option.
+//config:
+//config: Currently only connect and network data read timeout are
+//config: supported (i.e., timeout is not applied to the DNS query). When
+//config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
+//config: will work in addition to -T.
+//config:
+//config:choice
+//config: prompt "Choose how to handle https:// URLs"
+//config: depends on WGET
+//config: default FEATURE_WGET_OPENSSL
+//config: help
+//config: Choose how wget establishes SSL connection for https:// URLs.
+//config:
+//config: Busybox itself contains no SSL code. wget will spawn
+//config: a helper program to talk over HTTPS.
+//config:
+//config: OpenSSL has a simple SSL client for debug purposes.
+//config: If you select "openssl" helper, wget will effectively call
+//config: "openssl s_client -quiet -connect IP:443 2>/dev/null"
+//config: and pipe its data through it.
+//config: Note inconvenient API: host resolution is done twice,
+//config: and there is no guarantee openssl's idea of IPv6 address
+//config: format is the same as ours.
+//config: Another problem is that s_client prints debug information
+//config: to stderr, and it needs to be suppressed. This means
+//config: all error messages get suppressed too.
+//config: openssl is also a big binary, often dynamically linked
+//config: against ~15 libraries.
+//config:
+//config: ssl_helper is a tool which can be built statically
+//config: from busybox sources against a small embedded SSL library.
+//config: Please see networking/ssl_helper/README.
+//config: It does not require double host resolution and emits
+//config: error messages to stderr.
+//config:
+//config:config FEATURE_WGET_OPENSSL
+//config: bool "openssl"
+//config:
+//config:config FEATURE_WGET_SSL_HELPER
+//config: bool "ssl_helper"
+//config:
+//config:endchoice
+
+//applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP))
+
+//kbuild:lib-$(CONFIG_WGET) += wget.o
+
//usage:#define wget_trivial_usage
//usage: IF_FEATURE_WGET_LONG_OPTIONS(
//usage: "[-c|--continue] [-s|--spider] [-q|--quiet] [-O|--output-document FILE]\n"
@@ -520,6 +603,7 @@ static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_
return sfp;
}
+#if ENABLE_FEATURE_WGET_OPENSSL
static int spawn_https_helper(const char *host, unsigned port)
{
char *allocated = NULL;
@@ -569,12 +653,11 @@ static int spawn_https_helper(const char *host, unsigned port)
close(sp[1]);
return sp[0];
}
+#endif
-/* See networking/ssl_helper/README */
-#define SSL_HELPER 0
-
-#if SSL_HELPER
-static void spawn_https_helper1(int network_fd)
+/* See networking/ssl_helper/README how to build one */
+#if ENABLE_FEATURE_WGET_SSL_HELPER
+static void spawn_https_helper(int network_fd)
{
int sp[2];
int pid;
@@ -851,19 +934,21 @@ static void download_one_url(const char *url)
int status;
/* Open socket to http(s) server */
+#if ENABLE_FEATURE_WGET_OPENSSL
if (target.protocol == P_HTTPS) {
-/* openssl-based helper
- * Inconvenient API since we can't give it an open fd
- */
+ /* openssl-based helper
+ * Inconvenient API since we can't give it an open fd
+ */
int fd = spawn_https_helper(server.host, server.port);
sfp = fdopen(fd, "r+");
if (!sfp)
bb_perror_msg_and_die(bb_msg_memory_exhausted);
} else
+#endif
sfp = open_socket(lsa);
-#if SSL_HELPER
+#if ENABLE_FEATURE_WGET_SSL_HELPER
if (target.protocol == P_HTTPS)
- spawn_https_helper1(fileno(sfp));
+ spawn_https_helper(fileno(sfp));
#endif
/* Send HTTP request */
if (use_proxy) {