From 993a4f8b93e732d4e5a314b30dc570108558be04 Mon Sep 17 00:00:00 2001 From: Jakub Jirutka Date: Thu, 24 May 2018 02:19:23 +0200 Subject: [PATCH] wget: print warning when internal TLS is used Internal TLS code (FEATURE_WGET_SSL_HELPER) does not implement verification of the server's certificate. It is documented in the code, but not even mentioned in the --help message, so users typically don't know about this behaviour. That's a crime against security! This patch changes this behaviour for the case when both FEATURE_WGET_LONG_OPTIONS and FEATURE_WGET_SSL_HELPER are enabled - before initializing a TLS connection using the internal TLS code (i.e. without certificate validation) warning message is printed, unless the user specified option "--no-check-certificate". See-Also: http://lists.busybox.net/pipermail/busybox/2018-May/086444.html --- networking/wget.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/networking/wget.c b/networking/wget.c index afb09f587..8c68185a9 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -114,17 +114,20 @@ //usage:#define wget_full_usage "\n\n" //usage: "Retrieve files via HTTP or FTP\n" //usage: IF_FEATURE_WGET_LONG_OPTIONS( -//usage: "\n --spider Spider mode - only check file existence" +//usage: "\n --spider Spider mode - only check file existence" +//usage: IF_FEATURE_WGET_SSL_HELPER( +//usage: "\n --no-check-certificate Don't validate the server's certificate" +//usage: ) //usage: ) -//usage: "\n -c Continue retrieval of aborted transfer" -//usage: "\n -q Quiet" -//usage: "\n -P DIR Save to DIR (default .)" +//usage: "\n -c Continue retrieval of aborted transfer" +//usage: "\n -q Quiet" +//usage: "\n -P DIR Save to DIR (default .)" //usage: IF_FEATURE_WGET_TIMEOUT( -//usage: "\n -T SEC Network read timeout is SEC seconds" +//usage: "\n -T SEC Network read timeout is SEC seconds" //usage: ) -//usage: "\n -O FILE Save to FILE ('-' for stdout)" -//usage: "\n -U STR Use STR for User-Agent header" -//usage: "\n -Y on/off Use proxy" +//usage: "\n -O FILE Save to FILE ('-' for stdout)" +//usage: "\n -U STR Use STR for User-Agent header" +//usage: "\n -Y on/off Use proxy" #include "libbb.h" @@ -244,6 +247,7 @@ enum { WGET_OPT_HEADER = (1 << 9) * ENABLE_FEATURE_WGET_LONG_OPTIONS, WGET_OPT_POST_DATA = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS, WGET_OPT_SPIDER = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS, + WGET_OPT_NO_CHECK_CERT = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS, }; enum { @@ -736,6 +740,11 @@ static void spawn_https_helper_small(int network_fd) int sp[2]; int pid; +#if ENABLE_FEATURE_WGET_LONG_OPTIONS + if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) + bb_error_msg("WARNING: SSL/TLS certificate is not being validated!"); +#endif + if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0) /* Kernel can have AF_UNIX support disabled */ bb_perror_msg_and_die("socketpair"); @@ -1310,10 +1319,9 @@ IF_DESKTOP( "tries\0" Required_argument "t") "header\0" Required_argument "\xff" "post-data\0" Required_argument "\xfe" "spider\0" No_argument "\xfd" + "no-check-certificate\0" No_argument "\xfc" /* Ignored (we always use PASV): */ IF_DESKTOP( "passive-ftp\0" No_argument "\xf0") - /* Ignored (we don't do ssl) */ -IF_DESKTOP( "no-check-certificate\0" No_argument "\xf0") /* Ignored (we don't support caching) */ IF_DESKTOP( "no-cache\0" No_argument "\xf0") IF_DESKTOP( "no-verbose\0" No_argument "\xf0") -- 2.13.5