summaryrefslogtreecommitdiffhomepage
path: root/networking/wget.c
diff options
context:
space:
mode:
Diffstat (limited to 'networking/wget.c')
-rw-r--r--networking/wget.c120
1 files changed, 60 insertions, 60 deletions
diff --git a/networking/wget.c b/networking/wget.c
index 6d78dd56f..e47c9a51b 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -13,8 +13,8 @@
//config: bool "wget (35 kb)"
//config: default y
//config: help
-//config: wget is a utility for non-interactive download of files from HTTP
-//config: and FTP servers.
+//config: wget is a utility for non-interactive download of files from HTTP
+//config: and FTP servers.
//config:
//config:config FEATURE_WGET_LONG_OPTIONS
//config: bool "Enable long options"
@@ -31,21 +31,21 @@
//config: default y
//config: depends on WGET
//config: help
-//config: Support authenticated HTTP transfers.
+//config: Support authenticated HTTP transfers.
//config:
//config:config FEATURE_WGET_TIMEOUT
//config: bool "Enable timeout option -T SEC"
//config: default y
//config: depends on WGET
//config: help
-//config: Supports network read and connect timeouts for wget,
-//config: so that wget will give up and timeout, through the -T
-//config: command line option.
+//config: Supports network read and connect timeouts for wget,
+//config: so that wget will give up and timeout, through the -T
+//config: command line option.
//config:
-//config: Currently only connect and network data read timeout are
-//config: supported (i.e., timeout is not applied to the DNS query). When
-//config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
-//config: will work in addition to -T.
+//config: Currently only connect and network data read timeout are
+//config: supported (i.e., timeout is not applied to the DNS query). When
+//config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
+//config: will work in addition to -T.
//config:
//config:config FEATURE_WGET_HTTPS
//config: bool "Support HTTPS using internal TLS code"
@@ -53,68 +53,68 @@
//config: depends on WGET
//config: select TLS
//config: help
-//config: wget will use internal TLS code to connect to https:// URLs.
-//config: Note:
-//config: On NOMMU machines, ssl_helper applet should be available
-//config: in the $PATH for this to work. Make sure to select that applet.
+//config: wget will use internal TLS code to connect to https:// URLs.
+//config: Note:
+//config: On NOMMU machines, ssl_helper applet should be available
+//config: in the $PATH for this to work. Make sure to select that applet.
//config:
-//config: Note: currently, TLS code only makes TLS I/O work, it
-//config: does *not* check that the peer is who it claims to be, etc.
-//config: IOW: it uses peer-supplied public keys to establish encryption
-//config: and signing keys, then encrypts and signs outgoing data and
-//config: decrypts incoming data.
-//config: It does not check signature hashes on the incoming data:
-//config: this means that attackers manipulating TCP packets can
-//config: send altered data and we unknowingly receive garbage.
-//config: (This check might be relatively easy to add).
-//config: It does not check public key's certificate:
-//config: this means that the peer may be an attacker impersonating
-//config: the server we think we are talking to.
+//config: Note: currently, TLS code only makes TLS I/O work, it
+//config: does *not* check that the peer is who it claims to be, etc.
+//config: IOW: it uses peer-supplied public keys to establish encryption
+//config: and signing keys, then encrypts and signs outgoing data and
+//config: decrypts incoming data.
+//config: It does not check signature hashes on the incoming data:
+//config: this means that attackers manipulating TCP packets can
+//config: send altered data and we unknowingly receive garbage.
+//config: (This check might be relatively easy to add).
+//config: It does not check public key's certificate:
+//config: this means that the peer may be an attacker impersonating
+//config: the server we think we are talking to.
//config:
-//config: If you think this is unacceptable, consider this. As more and more
-//config: servers switch to HTTPS-only operation, without such "crippled"
-//config: TLS code it is *impossible* to simply download a kernel source
-//config: from kernel.org. Which can in real world translate into
-//config: "my small automatic tooling to build cross-compilers from sources
-//config: no longer works, I need to additionally keep a local copy
-//config: of ~4 megabyte source tarball of a SSL library and ~2 megabyte
-//config: source of wget, need to compile and built both before I can
-//config: download anything. All this despite the fact that the build
-//config: is done in a QEMU sandbox on a machine with absolutely nothing
-//config: worth stealing, so I don't care if someone would go to a lot
-//config: of trouble to intercept my HTTPS download to send me an altered
-//config: kernel tarball".
+//config: If you think this is unacceptable, consider this. As more and more
+//config: servers switch to HTTPS-only operation, without such "crippled"
+//config: TLS code it is *impossible* to simply download a kernel source
+//config: from kernel.org. Which can in real world translate into
+//config: "my small automatic tooling to build cross-compilers from sources
+//config: no longer works, I need to additionally keep a local copy
+//config: of ~4 megabyte source tarball of a SSL library and ~2 megabyte
+//config: source of wget, need to compile and built both before I can
+//config: download anything. All this despite the fact that the build
+//config: is done in a QEMU sandbox on a machine with absolutely nothing
+//config: worth stealing, so I don't care if someone would go to a lot
+//config: of trouble to intercept my HTTPS download to send me an altered
+//config: kernel tarball".
//config:
-//config: If you still think this is unacceptable, send patches.
+//config: If you still think this is unacceptable, send patches.
//config:
-//config: If you still think this is unacceptable, do not want to send
-//config: patches, but do want to waste bandwidth expaining how wrong
-//config: it is, you will be ignored.
+//config: If you still think this is unacceptable, do not want to send
+//config: patches, but do want to waste bandwidth expaining how wrong
+//config: it is, you will be ignored.
//config:
//config:config FEATURE_WGET_OPENSSL
//config: bool "Try to connect to HTTPS using openssl"
//config: default y
//config: depends on WGET
//config: help
-//config: Try to use openssl to handle HTTPS.
+//config: Try to use openssl to handle HTTPS.
//config:
-//config: OpenSSL has a simple SSL client for debug purposes.
-//config: If you select this option, wget will effectively run:
-//config: "openssl s_client -quiet -connect hostname:443
-//config: -servername hostname 2>/dev/null" and pipe its data
-//config: through it. -servername is not used if hostname is numeric.
-//config: Note inconvenient API: host resolution is done twice,
-//config: and there is no guarantee openssl's idea of IPv6 address
-//config: format is the same as ours.
-//config: Another problem is that s_client prints debug information
-//config: to stderr, and it needs to be suppressed. This means
-//config: all error messages get suppressed too.
-//config: openssl is also a big binary, often dynamically linked
-//config: against ~15 libraries.
+//config: OpenSSL has a simple SSL client for debug purposes.
+//config: If you select this option, wget will effectively run:
+//config: "openssl s_client -quiet -connect hostname:443
+//config: -servername hostname 2>/dev/null" and pipe its data
+//config: through it. -servername is not used if hostname is numeric.
+//config: Note inconvenient API: host resolution is done twice,
+//config: and there is no guarantee openssl's idea of IPv6 address
+//config: format is the same as ours.
+//config: Another problem is that s_client prints debug information
+//config: to stderr, and it needs to be suppressed. This means
+//config: all error messages get suppressed too.
+//config: openssl is also a big binary, often dynamically linked
+//config: against ~15 libraries.
//config:
-//config: If openssl can't be executed, internal TLS code will be used
-//config: (if you enabled it); if openssl can be executed but fails later,
-//config: wget can't detect this, and download will fail.
+//config: If openssl can't be executed, internal TLS code will be used
+//config: (if you enabled it); if openssl can be executed but fails later,
+//config: wget can't detect this, and download will fail.
//applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP))