+2014-05-30 Darshit Shah <darnir@gmail.com>
+
+ * configure.ac: Allow compilation without libpsl.
+ * README.checkout: Add libpsl as a dependency.
+
2014-05-24 Giuseppe Scrivano <gscrivan@redhat.com>
* gnulib: update module.
\f
* Changes in Wget X.Y.Z
+** Use libpsl for verifying cookie domains
+
** Default progress bar output changed
** Introduce --show-progress to force display the progress bar
does not contain automatically-generated files, even when these are
normally present in the distribution tarballs. Therefore, to build GNU
Wget from the sources in the repository, you'll need to have one or
- more of the following (note that gettext, OpenSSL, libidn and libiconv
- are not absolutely required):
+ more of the following (note that gettext, OpenSSL, libidn, libiconv
+ and libpsl are not absolutely required):
* [20]autoconf (currently, GNU Wget requires version 2.61). This is
needed to generate the configure script from configure.in. This is
* [34]git is used to fetch gnulib files trough the bootstrap.sh script.
+ * [35]libpsl is required for using a public suffix list to check for valid
+ cookie domains.
+
For those who might be confused as to what to do once they check out
the source code, considering configure and Makefile do not yet exist at
that point, a shell script called bootstrap.sh has been provided. After
Originally written by Hrvoje Niksic <hniksic@xemacs.org>.
- * [35]Edit
- * [36]Comments
- * [37]Info
- * [38]Attachments
+ * [36]Edit
+ * [37]Comments
+ * [38]Info
+ * [39]Attachments
* More Actions:
[Raw Text................] Do
- * [39]MoinMoin Powered
- * [40]Python Powered
- * [41]GPL licensed
- * [42]Valid HTML 4.01
+ * [40]MoinMoin Powered
+ * [41]Python Powered
+ * [42]GPL licensed
+ * [43]Valid HTML 4.01
__________________________________________________________________
All content © 2007 Free Software Foundation. For terms of use,
- redistribution, and modification, please see the [43]WikiLicense page.
+ redistribution, and modification, please see the [44]WikiLicense page.
References
32. http://www.gnu.org/software/libidn/
33. http://www.gnu.org/software/libiconv/
34. http://git-scm.com/
- 35. http://wget.addictivecode.org/CompilingRepoSources?action=edit&editor=text
- 36. http://wget.addictivecode.org/CompilingRepoSources
- 37. http://wget.addictivecode.org/CompilingRepoSources?action=info
- 38. http://wget.addictivecode.org/CompilingRepoSources?action=AttachFile
- 39. http://moinmo.in/
- 40. http://moinmo.in/Python
- 41. http://moinmo.in/GPL
- 42. http://validator.w3.org/check?uri=referer
- 43. http://wget.addictivecode.org/WikiLicense
+ 35. https://github.com/rockdaboot/libpsl
+ 36. http://wget.addictivecode.org/CompilingRepoSources?action=edit&editor=text
+ 37. http://wget.addictivecode.org/CompilingRepoSources
+ 38. http://wget.addictivecode.org/CompilingRepoSources?action=info
+ 39. http://wget.addictivecode.org/CompilingRepoSources?action=AttachFile
+ 40. http://moinmo.in/
+ 41. http://moinmo.in/Python
+ 42. http://moinmo.in/GPL
+ 43. http://validator.w3.org/check?uri=referer
+ 44. http://wget.addictivecode.org/WikiLicense
dnl Process features.
dnl
+AC_ARG_WITH(libpsl,
+ AS_HELP_STRING([--without-libpsl],
+ [disable support for libpsl cookie checking.]))
+
AC_ARG_WITH(ssl,
[[ --without-ssl disable SSL autodetection
--with-ssl={gnutls,openssl} specify the SSL backend. GNU TLS is the default.]])
dnl Checks for libraries.
dnl
+AS_IF([test x"$with_libpsl" != xno], [
+ with_libpsl=yes
+ AC_CHECK_LIB([psl], [psl_builtin])
+])
+
AS_IF([test x"$with_zlib" != xno], [
with_zlib=yes
AC_CHECK_LIB(z, compress)
fi
fi
+
dnl **********************************************************************
dnl Checks for IPv6
dnl **********************************************************************
Libs: $LIBS
SSL: $with_ssl
Zlib: $with_zlib
+ PSL: $with_libpsl
Digest: $ENABLE_DIGEST
NTLM: $ENABLE_NTLM
OPIE: $ENABLE_OPIE
+2014-05-30 Darshit Shah <darnir@gmail.com>
+
+ * cookies.c (check_domain_match): Use libpsl to check if the cookie domain
+ is valid. Also remove unneeded test for numeric addresses.
+
2014-05-30 Darshit Shah <darnir@gmail.com>
* connect.{c,h}, convert.{c,h}, cookies.{c,h}, ftp-ls.c, ftp.h, gettext.h,
needs to modify the string.
(bar_set_params): Add support for noscroll parameter to bar.
-
2014-05-03 Tim Ruehsen <tim.ruehsen@gmx.de>
* ftp-ls.c (ftp_parse_vms_ls): Explicitly typecast strlen's output
nls defined ENABLE_NLS
ntlm defined ENABLE_NTLM
opie defined ENABLE_OPIE
+psl defined HAVE_LIBPSL
ssl choice:
openssl defined HAVE_LIBSSL || defined HAVE_LIBSSL32
#include <assert.h>
#include <errno.h>
#include <time.h>
+#include <libpsl.h>
#include "utils.h"
#include "hash.h"
#include "cookies.h"
static bool
check_domain_match (const char *cookie_domain, const char *host)
{
+
+#ifdef HAVE_LIBPSL
DEBUGP (("cdm: 1"));
+ const psl_ctx_t *psl;
+ int is_acceptable;
+
+ if (!(psl = psl_builtin()))
+ {
+ DEBUGP (("\nlibpsl not built with a public suffix list. "
+ "Falling back to simple heuristics.\n"));
+ goto no_psl;
+ }
+
+ is_acceptable = psl_is_cookie_domain_acceptable (psl, host, cookie_domain);
+ return true ? (is_acceptable == 1) : false;
- /* Numeric address requires exact match. It also requires HOST to
- be an IP address. */
- if (numeric_address_p (cookie_domain))
- return 0 == strcmp (cookie_domain, host);
+no_psl:
+#endif
- DEBUGP ((" 2"));
+ /* For efficiency make some elementary checks first */
+ DEBUGP (("cdm: 2"));
/* For the sake of efficiency, check for exact match first. */
if (0 == strcasecmp (cookie_domain, host))