diff options
author | Denys Vlasenko | 2015-10-07 01:39:40 +0200 |
---|---|---|
committer | Denys Vlasenko | 2015-10-07 01:39:40 +0200 |
commit | 1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8 (patch) | |
tree | 477c1daf40605269b4ee5912c5402d3f9e60aabc /networking/wget.c | |
parent | 3b650c1e7b0bcbb4dfebab6fd87449e6b1e0b788 (diff) | |
download | busybox-1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8.zip busybox-1c6c670ed44a77ab4784ea0d4ac5411d7b0648d8.tar.gz |
wget: make openssl/ssl_helper choice configurable
I got sick of not being able to wget a https file...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking/wget.c')
-rw-r--r-- | networking/wget.c | 105 |
1 files changed, 95 insertions, 10 deletions
diff --git a/networking/wget.c b/networking/wget.c index f744ea2..baa7e0e 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -9,6 +9,89 @@ * Kuhn's copyrights are licensed GPLv2-or-later. File as a whole remains GPLv2. */ +//config:config WGET +//config: bool "wget" +//config: default y +//config: help +//config: wget is a utility for non-interactive download of files from HTTP +//config: and FTP servers. +//config: +//config:config FEATURE_WGET_STATUSBAR +//config: bool "Enable a nifty process meter (+2k)" +//config: default y +//config: depends on WGET +//config: help +//config: Enable the transfer progress bar for wget transfers. +//config: +//config:config FEATURE_WGET_AUTHENTICATION +//config: bool "Enable HTTP authentication" +//config: default y +//config: depends on WGET +//config: help +//config: Support authenticated HTTP transfers. +//config: +//config:config FEATURE_WGET_LONG_OPTIONS +//config: bool "Enable long options" +//config: default y +//config: depends on WGET && LONG_OPTS +//config: help +//config: Support long options for the wget applet. +//config: +//config:config FEATURE_WGET_TIMEOUT +//config: bool "Enable timeout option -T SEC" +//config: default y +//config: depends on WGET +//config: help +//config: Supports network read and connect timeouts for wget, +//config: so that wget will give up and timeout, through the -T +//config: command line option. +//config: +//config: Currently only connect and network data read timeout are +//config: supported (i.e., timeout is not applied to the DNS query). When +//config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option +//config: will work in addition to -T. +//config: +//config:choice +//config: prompt "Choose how to handle https:// URLs" +//config: depends on WGET +//config: default FEATURE_WGET_OPENSSL +//config: help +//config: Choose how wget establishes SSL connection for https:// URLs. +//config: +//config: Busybox itself contains no SSL code. wget will spawn +//config: a helper program to talk over HTTPS. +//config: +//config: OpenSSL has a simple SSL client for debug purposes. +//config: If you select "openssl" helper, wget will effectively call +//config: "openssl s_client -quiet -connect IP:443 2>/dev/null" +//config: and pipe its data through it. +//config: Note inconvenient API: host resolution is done twice, +//config: and there is no guarantee openssl's idea of IPv6 address +//config: format is the same as ours. +//config: Another problem is that s_client prints debug information +//config: to stderr, and it needs to be suppressed. This means +//config: all error messages get suppressed too. +//config: openssl is also a big binary, often dynamically linked +//config: against ~15 libraries. +//config: +//config: ssl_helper is a tool which can be built statically +//config: from busybox sources against a small embedded SSL library. +//config: Please see networking/ssl_helper/README. +//config: It does not require double host resolution and emits +//config: error messages to stderr. +//config: +//config:config FEATURE_WGET_OPENSSL +//config: bool "openssl" +//config: +//config:config FEATURE_WGET_SSL_HELPER +//config: bool "ssl_helper" +//config: +//config:endchoice + +//applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP)) + +//kbuild:lib-$(CONFIG_WGET) += wget.o + //usage:#define wget_trivial_usage //usage: IF_FEATURE_WGET_LONG_OPTIONS( //usage: "[-c|--continue] [-s|--spider] [-q|--quiet] [-O|--output-document FILE]\n" @@ -520,6 +603,7 @@ static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_ return sfp; } +#if ENABLE_FEATURE_WGET_OPENSSL static int spawn_https_helper(const char *host, unsigned port) { char *allocated = NULL; @@ -569,12 +653,11 @@ static int spawn_https_helper(const char *host, unsigned port) close(sp[1]); return sp[0]; } +#endif -/* See networking/ssl_helper/README */ -#define SSL_HELPER 0 - -#if SSL_HELPER -static void spawn_https_helper1(int network_fd) +/* See networking/ssl_helper/README how to build one */ +#if ENABLE_FEATURE_WGET_SSL_HELPER +static void spawn_https_helper(int network_fd) { int sp[2]; int pid; @@ -851,19 +934,21 @@ static void download_one_url(const char *url) int status; /* Open socket to http(s) server */ +#if ENABLE_FEATURE_WGET_OPENSSL if (target.protocol == P_HTTPS) { -/* openssl-based helper - * Inconvenient API since we can't give it an open fd - */ + /* openssl-based helper + * Inconvenient API since we can't give it an open fd + */ int fd = spawn_https_helper(server.host, server.port); sfp = fdopen(fd, "r+"); if (!sfp) bb_perror_msg_and_die(bb_msg_memory_exhausted); } else +#endif sfp = open_socket(lsa); -#if SSL_HELPER +#if ENABLE_FEATURE_WGET_SSL_HELPER if (target.protocol == P_HTTPS) - spawn_https_helper1(fileno(sfp)); + spawn_https_helper(fileno(sfp)); #endif /* Send HTTP request */ if (use_proxy) { |