FS#62048 - [busybox] Re-enable WGET_HTTPS due to source updates...
Attached to Project:
Community Packages
Opened by Micon Frink (frink) - Sunday, 17 March 2019, 21:42 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 01 April 2019, 00:43 GMT
Opened by Micon Frink (frink) - Sunday, 17 March 2019, 21:42 GMT
Last edited by Eli Schwartz (eschwartz) - Monday, 01 April 2019, 00:43 GMT
|
Details
Backstory:
in busybox 1.28.4-2 disable WGET_HTTPS This is due to HTTPS not actually being S in this case. :p http://lists.busybox.net/pipermail/busybox/2018-May/086462.html This will be re-enabled as soon as busybox at a minimum warns users when they're downloading https:// urls but not actually checking certificates. --- This notice is in the newest source. See wget.c ~ lines 720-723: if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) { option_mask32 |= WGET_OPT_NO_CHECK_CERT; bb_error_msg("note: TLS certificate validation not implemented"); } Viewed here: https://git.busybox.net/busybox/tree/networking/wget.c?h=1_30_stable |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Monday, 01 April 2019, 00:43 GMT
Reason for closing: None
Additional comments about closing: Request re-open if you can demonstrate how to print the notice.
Monday, 01 April 2019, 00:43 GMT
Reason for closing: None
Additional comments about closing: Request re-open if you can demonstrate how to print the notice.
Comment by
Eli Schwartz (eschwartz) - Sunday,
17 March 2019, 23:11 GMT
I tried it a year ago when I first saw that patch. I'm not sure
what it actually does, but what it definitely does *not* seem to
do is print the warning in question. Try building busybox with
https://git.archlinux.org/svntogit/community.git/commit/trunk?h=packages/busybox&id=1f1d36c6e15e2a5767ae82523e070e90fa8e3980
reverted, it doesn't do anything useful.