[PATCH] wget: print warning when internal TLS is used
Denys Vlasenko
vda.linux at googlemail.com
Mon May 28 12:37:53 UTC 2018
Applied with some edits, thanks!
On Mon, May 28, 2018 at 12:33 AM, Jakub Jirutka <jakub at jirutka.cz> wrote:
> Internal TLS code (FEATURE_WGET_HTTPS) does not implement verification
> of the server's certificate. It is documented in the code, but not
> even mentioned in the --help message, so users typically don't know
> about this behaviour. That's a crime against security!
>
> This patch adds a warning message; before initializing a TLS connection
> using the internal TLS code (i.e. without certificate verification)
> warning message is printed, unless the user specified option
> "--no-check-certificate" (and FEATURE_WGET_LONG_OPTIONS is enabled).
> ---
> networking/wget.c | 30 +++++++++++++++++++-----------
> 1 file changed, 19 insertions(+), 11 deletions(-)
>
> diff --git a/networking/wget.c b/networking/wget.c
> index 30c339244..0a53fe3a5 100644
> --- a/networking/wget.c
> +++ b/networking/wget.c
> @@ -136,18 +136,21 @@
> //usage:#define wget_full_usage "\n\n"
> //usage: "Retrieve files via HTTP or FTP\n"
> //usage: IF_FEATURE_WGET_LONG_OPTIONS(
> -//usage: "\n --spider Only check URL existence: $? is 0 if exists"
> +//usage: "\n --spider Only check URL existence: $? is 0 if exists"
> +//usage: IF_FEATURE_WGET_HTTPS(
> +//usage: "\n --no-check-certificate Don't validate the server's certificate"
> +//usage: )
> //usage: )
> -//usage: "\n -c Continue retrieval of aborted transfer"
> -//usage: "\n -q Quiet"
> -//usage: "\n -P DIR Save to DIR (default .)"
> -//usage: "\n -S Show server response"
> +//usage: "\n -c Continue retrieval of aborted transfer"
> +//usage: "\n -q Quiet"
> +//usage: "\n -P DIR Save to DIR (default .)"
> +//usage: "\n -S Show server response"
> //usage: IF_FEATURE_WGET_TIMEOUT(
> -//usage: "\n -T SEC Network read timeout is SEC seconds"
> +//usage: "\n -T SEC Network read timeout is SEC seconds"
> //usage: )
> -//usage: "\n -O FILE Save to FILE ('-' for stdout)"
> -//usage: "\n -U STR Use STR for User-Agent header"
> -//usage: "\n -Y on/off Use proxy"
> +//usage: "\n -O FILE Save to FILE ('-' for stdout)"
> +//usage: "\n -U STR Use STR for User-Agent header"
> +//usage: "\n -Y on/off Use proxy"
>
> #include "libbb.h"
>
> @@ -271,6 +274,7 @@ enum {
> WGET_OPT_HEADER = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
> WGET_OPT_POST_DATA = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
> WGET_OPT_SPIDER = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
> + WGET_OPT_NO_CHECK_CERT = (1 << 13) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
> };
>
> enum {
> @@ -714,6 +718,11 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
> int pid;
> char *servername, *p;
>
> +#if ENABLE_FEATURE_WGET_LONG_OPTIONS
> + if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT))
> +#endif
> + bb_error_msg("WARNING: SSL/TLS certificate is not being validated!");
> +
> servername = xstrdup(host);
> p = strrchr(servername, ':');
> if (p) *p = '\0';
> @@ -1402,10 +1411,9 @@ IF_DESKTOP( "tries\0" Required_argument "t")
> "header\0" Required_argument "\xff"
> "post-data\0" Required_argument "\xfe"
> "spider\0" No_argument "\xfd"
> + "no-check-certificate\0" No_argument "\xfc"
> /* Ignored (we always use PASV): */
> IF_DESKTOP( "passive-ftp\0" No_argument "\xf0")
> - /* Ignored (we don't do ssl) */
> -IF_DESKTOP( "no-check-certificate\0" No_argument "\xf0")
> /* Ignored (we don't support caching) */
> IF_DESKTOP( "no-cache\0" No_argument "\xf0")
> IF_DESKTOP( "no-verbose\0" No_argument "\xf0")
> --
> 2.17.0
>
> _______________________________________________
> busybox mailing list
> busybox at busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
More information about the busybox
mailing list