Opened 12 years ago

Closed 4 years ago

#33370 closed defect (fixed)

wget should use curl-ca-bundle by default

Reported by: dave@… Owned by: ryandesign (Ryan Carsten Schmidt)
Priority: Normal Milestone:
Component: ports Version: 2.0.3
Keywords: Cc: piotr@…, cooljeanius (Eric Gallager)
Port: wget

Description

I think you're going to see this same issue applies in a lot of places. Now that it's been fixed for svn (see #19247), could we fix it for wget and everything else too?

pluto:/tmp dave% wget https://raw.github.com/gist/1746342/702dfe9e2dd79fddd536aa90d561efdeec2ba716                    
--2012-02-27 08:14:17--  https://raw.github.com/gist/1746342/702dfe9e2dd79fddd536aa90d561efdeec2ba716
Resolving raw.github.com (raw.github.com)... 207.97.227.243
Connecting to raw.github.com (raw.github.com)|207.97.227.243|:443... connected.
ERROR: The certificate of `raw.github.com' is not trusted.
ERROR: The certificate of `raw.github.com' hasn't got a known issuer.
pluto:/tmp dave% curl -O https://raw.github.com/gist/1746342/702dfe9e2dd79fddd536aa90d561efdeec2ba716
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  7341  100  7341    0     0   4875      0  0:00:01  0:00:01 --:--:-- 15821
pluto:/tmp dave% 

Change History (7)

comment:1 in reply to:  description Changed 12 years ago by ryandesign (Ryan Carsten Schmidt)

Cc: ryandesign@… added

Replying to dave@…:

I think you're going to see this same issue applies in a lot of places. Now that it's been fixed for svn (see #19247), could we fix it for wget

How? What would we need to do?

and everything else too?

What is "everything"?

comment:2 Changed 12 years ago by dave@…

I don't know what you would need to do; I'm not an expert in that area. But it's a bit perverse that curl works and wget doesn't.

And I don't know what else is broken. If there's a way to get an inventory of apps that need certs, I am suggesting you do that. Otherwise (obviously), don't.

comment:3 Changed 12 years ago by jmroot (Joshua Root)

Cc: ryandesign@… removed
Owner: changed from macports-tickets@… to ryandesign@…
Port: wget added

comment:4 Changed 10 years ago by ryandesign (Ryan Carsten Schmidt)

Cc: piotr@… added

Has duplicate #42445.

comment:5 Changed 10 years ago by cooljeanius (Eric Gallager)

Cc: egall@… added

Cc Me!

comment:6 Changed 5 years ago by jmroot (Joshua Root)

It looks like this was fixed upstream in 1.15: http://git.savannah.gnu.org/cgit/wget.git/commit/src/gnutls.c?id=695f11304b30ae3d29e5d8c9bc256f8f524bbd61 (the important bit is the added gnutls_certificate_set_x509_system_trust call.)

Can anyone verify that it works now?

comment:7 Changed 4 years ago by jmroot (Joshua Root)

Resolution: fixed
Status: newclosed

Seems fine to me.

% wget https://gist.githubusercontent.com/jmroot/d125e2c58b4ae677260e8f145b86d9e2/raw/7bb91b11c5d8d8c50f6f3b07281e48c706ced7c8/configure.diff
--2019-09-20 20:11:26--  https://gist.githubusercontent.com/jmroot/d125e2c58b4ae677260e8f145b86d9e2/raw/7bb91b11c5d8d8c50f6f3b07281e48c706ced7c8/configure.diff
Resolving gist.githubusercontent.com (gist.githubusercontent.com)... 151.101.80.133
Connecting to gist.githubusercontent.com (gist.githubusercontent.com)|151.101.80.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 225 [text/plain]
Saving to: ‘configure.diff’

configure.diff      100%[===================>]     225  --.-KB/s    in 0s      

2019-09-20 20:11:27 (3.41 MB/s) - ‘configure.diff’ saved [225/225]
Note: See TracTickets for help on using tickets.