aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Jansa <Martin.Jansa@gmail.com>2010-10-30 16:53:23 +0200
committerMartin Jansa <Martin.Jansa@gmail.com>2010-10-30 17:02:04 +0200
commitb02ca204b3e418228e488597ce23a712737d9132 (patch)
treea7bedea088cc0b5b7d310817e2dc3f6672da3b4a
parent54063cb976b06b50d0303e7ee71106d5aa45a338 (diff)
downloadopenembedded-b02ca204b3e418228e488597ce23a712737d9132.tar.gz
openembedded-b02ca204b3e418228e488597ce23a712737d9132.tar.bz2
openembedded-b02ca204b3e418228e488597ce23a712737d9132.zip
wget: enable gnutls support for SHR and fix gnutls in wget-1.12
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
-rw-r--r--recipes/wget/wget-1.12/gnutls.bzr.patch266
-rw-r--r--recipes/wget/wget.inc3
-rw-r--r--recipes/wget/wget_1.12.bb6
3 files changed, 273 insertions, 2 deletions
diff --git a/recipes/wget/wget-1.12/gnutls.bzr.patch b/recipes/wget/wget-1.12/gnutls.bzr.patch
new file mode 100644
index 0000000000..6f0c2ebd2d
--- /dev/null
+++ b/recipes/wget/wget-1.12/gnutls.bzr.patch
@@ -0,0 +1,266 @@
+--- wget-1.12/src/gnutls.c 2009-09-22 04:59:33.000000000 +0200
++++ /OE/projects/wget/src/gnutls.c 2010-10-30 16:24:10.000000000 +0200
+@@ -1,6 +1,6 @@
+ /* SSL support via GnuTLS library.
+- Copyright (C) 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
+- Inc.
++ Copyright (C) 2005, 2006, 2007, 2008, 2009, 2010 Free Software
++ Foundation, Inc.
+
+ This file is part of GNU Wget.
+
+@@ -37,6 +37,8 @@
+ #endif
+ #include <string.h>
+ #include <stdio.h>
++#include <dirent.h>
++#include <stdlib.h>
+
+ #include <gnutls/gnutls.h>
+ #include <gnutls/x509.h>
+@@ -46,6 +48,10 @@
+ #include "url.h"
+ #include "ssl.h"
+
++#ifdef WIN32
++# include "w32sock.h"
++#endif
++
+ /* Note: some of the functions private to this file have names that
+ begin with "wgnutls_" (e.g. wgnutls_read) so that they wouldn't be
+ confused with actual gnutls functions -- such as the gnutls_read
+@@ -56,15 +62,50 @@
+ bool
+ ssl_init ()
+ {
++ const char *ca_directory;
++ DIR *dir;
++
+ gnutls_global_init ();
+ gnutls_certificate_allocate_credentials (&credentials);
++
++ ca_directory = opt.ca_directory ? opt.ca_directory : "/etc/ssl/certs";
++
++ dir = opendir (ca_directory);
++ if (dir == NULL)
++ {
++ if (opt.ca_directory)
++ logprintf (LOG_NOTQUIET, _("ERROR: Cannot open directory %s.\n"),
++ opt.ca_directory);
++ }
++ else
++ {
++ struct dirent *dent;
++ while ((dent = readdir (dir)) != NULL)
++ {
++ struct stat st;
++ char *ca_file;
++ asprintf (&ca_file, "%s/%s", ca_directory, dent->d_name);
++
++ stat (ca_file, &st);
++
++ if (S_ISREG (st.st_mode))
++ gnutls_certificate_set_x509_trust_file (credentials, ca_file,
++ GNUTLS_X509_FMT_PEM);
++
++ free (ca_file);
++ }
++
++ closedir (dir);
++ }
++
+ if (opt.ca_cert)
+ gnutls_certificate_set_x509_trust_file (credentials, opt.ca_cert,
+ GNUTLS_X509_FMT_PEM);
+ return true;
+ }
+
+-struct wgnutls_transport_context {
++struct wgnutls_transport_context
++{
+ gnutls_session session; /* GnuTLS session handle */
+ int last_error; /* last error returned by read/write/... */
+
+@@ -73,7 +114,7 @@
+ is stored to PEEKBUF, and wgnutls_read checks that buffer before
+ actually reading. */
+ char peekbuf[512];
+- int peekstart, peeklen;
++ int peeklen;
+ };
+
+ #ifndef MIN
+@@ -83,19 +124,18 @@
+ static int
+ wgnutls_read (int fd, char *buf, int bufsize, void *arg)
+ {
+- int ret;
++ int ret = 0;
+ struct wgnutls_transport_context *ctx = arg;
+
+ if (ctx->peeklen)
+ {
+ /* If we have any peek data, simply return that. */
+ int copysize = MIN (bufsize, ctx->peeklen);
+- memcpy (buf, ctx->peekbuf + ctx->peekstart, copysize);
++ memcpy (buf, ctx->peekbuf, copysize);
+ ctx->peeklen -= copysize;
+ if (ctx->peeklen != 0)
+- ctx->peekstart += copysize;
+- else
+- ctx->peekstart = 0;
++ memmove (ctx->peekbuf, ctx->peekbuf + copysize, ctx->peeklen);
++
+ return copysize;
+ }
+
+@@ -105,6 +145,7 @@
+
+ if (ret < 0)
+ ctx->last_error = ret;
++
+ return ret;
+ }
+
+@@ -124,31 +165,49 @@
+ static int
+ wgnutls_poll (int fd, double timeout, int wait_for, void *arg)
+ {
+- return 1;
++ struct wgnutls_transport_context *ctx = arg;
++ return ctx->peeklen || gnutls_record_check_pending (ctx->session)
++ || select_fd (fd, timeout, wait_for);
+ }
+
+ static int
+ wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
+ {
+- int ret;
++ int ret = 0;
+ struct wgnutls_transport_context *ctx = arg;
+-
+- /* We don't support peeks following peeks: the reader must drain all
+- peeked data before the next peek. */
+- assert (ctx->peeklen == 0);
++ int offset = MIN (bufsize, ctx->peeklen);
+ if (bufsize > sizeof ctx->peekbuf)
+ bufsize = sizeof ctx->peekbuf;
+
+- do
+- ret = gnutls_record_recv (ctx->session, buf, bufsize);
+- while (ret == GNUTLS_E_INTERRUPTED);
++ if (ctx->peeklen)
++ memcpy (buf, ctx->peekbuf, offset);
+
+- if (ret >= 0)
++ if (bufsize > offset)
+ {
+- memcpy (ctx->peekbuf, buf, ret);
+- ctx->peeklen = ret;
++ do
++ {
++ ret = gnutls_record_recv (ctx->session, buf + offset,
++ bufsize - offset);
++ }
++ while (ret == GNUTLS_E_INTERRUPTED);
++
++ if (ret < 0)
++ {
++ if (offset)
++ ret = 0;
++ else
++ return ret;
++ }
++
++ if (ret > 0)
++ {
++ memcpy (ctx->peekbuf + offset, buf + offset,
++ ret);
++ ctx->peeklen += ret;
++ }
+ }
+- return ret;
++
++ return offset + ret;
+ }
+
+ static const char *
+@@ -165,23 +224,20 @@
+ /*gnutls_bye (ctx->session, GNUTLS_SHUT_RDWR);*/
+ gnutls_deinit (ctx->session);
+ xfree (ctx);
+-#ifndef WINDOWS
+ close (fd);
+-#else
+- closesocket (fd);
+-#endif
+ }
+
+ /* gnutls_transport is the singleton that describes the SSL transport
+ methods provided by this file. */
+
+-static struct transport_implementation wgnutls_transport = {
++static struct transport_implementation wgnutls_transport =
++{
+ wgnutls_read, wgnutls_write, wgnutls_poll,
+ wgnutls_peek, wgnutls_errstr, wgnutls_close
+ };
+
+ bool
+-ssl_connect (int fd)
++ssl_connect_wget (int fd)
+ {
+ static const int cert_type_priority[] = {
+ GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0
+@@ -189,11 +245,42 @@
+ struct wgnutls_transport_context *ctx;
+ gnutls_session session;
+ int err;
++ int allowed_protocols[4] = {0, 0, 0, 0};
+ gnutls_init (&session, GNUTLS_CLIENT);
+ gnutls_set_default_priority (session);
+ gnutls_certificate_type_set_priority (session, cert_type_priority);
+ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, credentials);
+- gnutls_transport_set_ptr (session, (gnutls_transport_ptr) fd);
++#ifndef FD_TO_SOCKET
++# define FD_TO_SOCKET(X) (X)
++#endif
++ gnutls_transport_set_ptr (session, (gnutls_transport_ptr) FD_TO_SOCKET (fd));
++
++ err = 0;
++ switch (opt.secure_protocol)
++ {
++ case secure_protocol_auto:
++ break;
++ case secure_protocol_sslv2:
++ case secure_protocol_sslv3:
++ allowed_protocols[0] = GNUTLS_SSL3;
++ err = gnutls_protocol_set_priority (session, allowed_protocols);
++ break;
++ case secure_protocol_tlsv1:
++ allowed_protocols[0] = GNUTLS_TLS1_0;
++ allowed_protocols[1] = GNUTLS_TLS1_1;
++ allowed_protocols[2] = GNUTLS_TLS1_2;
++ err = gnutls_protocol_set_priority (session, allowed_protocols);
++ break;
++ default:
++ abort ();
++ }
++ if (err < 0)
++ {
++ logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
++ gnutls_deinit (session);
++ return false;
++ }
++
+ err = gnutls_handshake (session);
+ if (err < 0)
+ {
+@@ -201,6 +288,7 @@
+ gnutls_deinit (session);
+ return false;
+ }
++
+ ctx = xnew0 (struct wgnutls_transport_context);
+ ctx->session = session;
+ fd_register_transport (fd, &wgnutls_transport, ctx);
diff --git a/recipes/wget/wget.inc b/recipes/wget/wget.inc
index 21aa9369b8..15daafb2b0 100644
--- a/recipes/wget/wget.inc
+++ b/recipes/wget/wget.inc
@@ -1,6 +1,7 @@
DESCRIPTION = "A console URL download utility featuring HTTP, FTP, and more."
SECTION = "console/network"
DEPENDS = ""
+DEPENDS_shr = "gnutls"
INC_PR = "r8"
LICENSE = "GPL"
@@ -11,6 +12,8 @@ inherit autotools gettext
# Disable checking for SSL since that searches the system paths
EXTRA_OECONF = "--enable-ipv6 --without-ssl"
+# Enable SSL it's usefull
+EXTRA_OECONF_shr = "--enable-ipv6 --with-ssl=gnutls"
# The unslung kernel does not support ipv6
EXTRA_OECONF_unslung = "--without-ssl"
# SlugOS kernels do not support ipv6. Can be loaded as a module.
diff --git a/recipes/wget/wget_1.12.bb b/recipes/wget/wget_1.12.bb
index a353f6350f..4ce3c2df82 100644
--- a/recipes/wget/wget_1.12.bb
+++ b/recipes/wget/wget_1.12.bb
@@ -1,6 +1,8 @@
-PR="${INC_PR}.0"
+PR = "${INC_PR}.1"
-SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz"
+SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \
+ file://gnutls.bzr.patch \
+"
SRC_URI[md5sum] = "141461b9c04e454dc8933c9d1f2abf83"
SRC_URI[sha256sum] = "7578ed0974e12caa71120581fa3962ee5a69f7175ddc3d6a6db0ecdcba65b572"