Add support for libproxy, which is capable to extract desktop
environment proxy configurations from dozens of systems and platforms.
This also enables wget to handle pac/wpad proxy server.
* configure.ac: Add check for libbproxy.
* libwget/http.c (wget_http_open): Retrieve proxy via libproxy.
Copyright-paperwork-exempt: Yes
* configure.ac: Enable DANE if libgnutls-dane is installed,
add option --without-libdane.
* docs/wget2.md: Add docs for option --dane.
* include/wget/wget.h: Add WGET_SSL_DANE.
* libwget/ssl_gnutls.c: Include include <gnutls/dane.h> if requested,
(struct config): New member 'dane',
(wget_ssl_set_config_int): Set value for dane via WGET_SSL_DANE,
(wget_ssl_open): Call dane_verify_session_crt().
* src/options.c (options): Add entry for --dane,
(init): Set config.dane via wget_ssl_set_config_int().
* src/wget_options.h (struct config): Add member 'dane'.
If pkg-config check fails (which is the case on FreeBSD where system openssl does not have pkgconfig files), check for libssl library instead of incorrect libopenssl.
Copyright-paperwork-exempt: Yes
After the previous commit it now uses -Wl,--no-whole-archive
instead of patching libtool in the build system. This is more
portable for other libtool implementations other than the one
by GNU.
This changes configure semantics to fail if no TLS library
is found and no --with-ssl=none was explicitly requested.
It protects users from accidentally building without TLS.
* .gitlab-ci.yml: Tarball build using --with-ssl=none.
* configure.ac: Stop with error if no TLS was found and --with-ssl
was not used.
* tests/libtest.c: Fix issues with conditionally declared variables.
This patch modifies `configure.ac` to support GnuTLS, OpenSSL and wolfSSL as the SSL/TLS backends.
Either of these can be enabled at compile time the `configure` switch `--with-ssl`. Example:
./configure --with-ssl=openssl
If `--with-ssl` is omitted, the default behavior will be to build with GnuTLS if available, and without
TLS if not. TLS can be explicitly disabled with `--without-ssl`.
Regardless of which specific backend has been selected, the TLS and OCSP tests will always be built with GnuTLS,
as that is the only backend currently supported in the test suite.
It renames the constant `HAVE_GNUTLS_OCSP_H` to a more generic `WITH_OCSP`, that captures
the notion that OCSP has been enabled at compile-time, hiding the specific backend.
Changed files
* configure.ac: honor --with-ssl option, but keep on testing for GnuTLS
for the test suite.
* libwget/ssl_gnutls.c: replace HAVE_GNUTLS_OCSP_H with WITH_OCSP
* libwget/ssl_openssl.c: likewise
* tests/libtest.c: replace HAVE_GNUTLS_OCSP_H with WITH_OCSP.
Check for WITH_GNUTLS_IN_TESTSUITE.
* NEWS: Add --disable-manylibs
* configure.ac: Implement --disable-manylibs
* libwget/Makefile.am: Likewise
This switches off building small libraries from libwget functionality groups.
* cfg.mk: Exclude contrib/libtool.patch from 'make syntax-check'
* configure.ac: Patch libtool
* contrib/libtool.patch: New file
* lib/Makefile.am: Unset $LIBS
* libwget/Makefile.am: Use -no-whole-archive
This patch keeps the libwget libraries short by not adding
*everything* from lib/libgnu.a.
* .gitignore: Remove src/version-text.h
* cfg.mk: Add rule to update copyright in src/options.c
* configure.ac: Remove YEAR
* src/Makefile.am: Remove version-text.h.in
* src/options.c: Add version text
* src/version-text.h.in: Deleted
Reported-by: Bernhard M. Wiedemann
