* Remove ssl option, and add gnutls and openssl options.
The default is openssl like before.
* All security patches are included in upstream's tar ball.
* Remove ac_cv_func_sigsetjmp=yes line, because not defined now.
Tested on NetBSD/i386 4.0.1, 5.1 5.99.56.
Changelog:
* Changes in Wget 1.13.4
** Now --version and --help work again.
** Fix a build error on solaris 10 sparc.
** Now --timestamping and --continue work well together.
** Return a network failure when FTP downloads fail and --timestamping
is specified.
* Changes in Wget 1.13.3
** Support HTTP/1.1
** Now by default the GNU TLS library for secure connections, instead of
OpenSSL.
** Fix some portability issues.
** Handle properly malformed status line in a HTTP response.
** Ignore zero length domains in $no_proxy.
** Set new cookies after an authorization failure.
** Exit with failure if -k is specified and -O is not a regular file.
** Cope better with unclosed html tags.
** Print diagnostic messages to stderr, not stdout.
** Do not use an additional HEAD request when --content-disposition is used,
but use directly GET.
** Report the average transfer speed correctly when multiple URL's are specified
and -c influences the transferred data amount.
** GNU TLS backend works again.
** Now --timestamping and --continue works well together.
** By default, on server redirects, use the original URL to get the
local file name. Close CVE-2010-2252. This introduces a
backward-incompatibility; any script that relies on the old
behaviour must use --trust-server-names.
** Fix a problem when -k is used and some URLs are specified trough
CSS.
** Convert correctly URLs that need to be encoded to local files when following
links.
** Use persistent connections with proxies supporting them.
** Print the total download time as part of the summary for recursive downloads.
** Now it is possible to specify a different startup configuration file trough
the --config option.
** Fix an infinite loop with the error '<filename> has sprung into existence'
on a network error and -nc is used.
** Now --adjust-extension does not modify the file extension if the file ends
in .htm.
** Support HTTP/1.1 307 redirects keep request method.
** Now --no-parent doesn't fetch undesired files if HTTP and HTTPS are used
by the same host on different pages.
** Do not attempt to remove the file if it is not in the accept rules but
it is the output destination file.
** Introduce `show_all_dns_entries' to print all IP addresses corresponding to
a DNS name when it is resolved.
below).
** Mailing list MOVED to bug-wget@gnu.org
** SECURITY FIX: It had been possible to trick Wget into accepting
SSL certificates that don't match the host name, through the trick of
embedding NUL characters into the certs' common name. Fixed by Joao
Ferreira <joao@joaoff.com>.
** Added support for CSS. This includes:
- Parsing links from CSS files, and from CSS content found in HTML
style tags and attributes.
- Supporting conversion of links found within CSS content, when
--convert-links is specified.
- Ensuring that CSS files end in the ".css" filename extension,
when --convert-links is specified.
CSS support in Wget is thanks to Ted Mielczarek
<ted.mielczarek@gmail.com>.
** Added support for Internationalized Resource Identifiers (IRIs, RFC
3987). When support is enabled (requires libidn and libiconv), links
with non-ASCII bytes are translated from their source encoding to UTF-8
before percent-encoding. IRI support was added by Saint Xavier
<wget@sxav.eu>, as his project for the Google Summer of Code.
** Wget now provides more sensible exit status codes when downloads
don't proceed as expected (see the manual).
** --default-page option (and associated wgetrc command) added to
support alternative default names for index.html.
** --ask-password option (and associated wgetrc command) added to
support password prompts at the console.
** The --input-file option now also handles retrieving links from
an external file.
** The output generated by the --version option now includes
information on how it was built, and the set of configure-time options
that were selected.
** --html-extension has been renamed to --adjust-extension, to reflect
the fact that it now also applies to CSS content. --html-extension is
still acceptable, but is now deprecated.
** An "ascii" specifier is now accepted by --restrict-file-names, which
forces the percent-encoding of all non-ASCII bytes
** Several previously existing, but undocumented .wgetrc options are
now documented: save_headers, spider, and user_agent,
auth_no_challenge, and keep_session_cookies. Also added documentation
for the "lowercase" and "uppercase" values for --restrict-file-names, which had been present since Wget 1.11.
* Changes in Wget 1.11.
** Timestamping now uses the value from the most recent HTTP response,
rather than the first one it got.
** Authentication information is no longer sent as part of the Referer
header in recursive fetches.
** No authentication credentials are sent until a challenge is issued,
for improved security. Authentication handling is still not
RFC-compliant, as once a Basic challenge has been received, it will
assume it can send credentials to any URL at that same host, and not
just the ones at or below the original authenticated location.
Credentials for Digest authentication are still never saved or issued
automatically, and continue to require a challenge for each resource.
** Added --max-redirect option, allowing the user to specify what should
be the maximum number of HTTP redirects to follow.
** Wget now supports saving HTTP downloads using file names specified by
the `Content-Disposition' header. This is a standard way of specifying
the file name used by many web dynamically generated pages. However, the
current implementation is inefficient, and known to have bugs. It is
EXPERIMENTAL only, and not enabled by default. Use --content-disposition
to enable it.
** The new option `--ignore-case' makes Wget ignore case when
matching files, directories, and wildcards. This affects the -X, -I,
-A, and -R options, as well as globbing in FTP URLs.
** ETA projection is now displayed in "dot" progress output as well as
in the default progress bar. (The dot progress is used by default when
logging Wget's output to file using the `-o' option.)
** The "lockable boolean" argument type is no longer supported. It
was only used by the passive_ftp .wgetrc setting. If you're running
broken scripts or Perl modules that unconditionally specify
`--passive-ftp' and your firewall disallows it, you can override them
by replacing wget with a script that execs wget "$@" --no-passive-ftp.
** The source code has been migrated to Mercurial. The repositories are
available at http://hg.addictivecode.org/. Prior to this, the source
code was hosted on Subversion (migrated from the original CVS); you can
still get access to older tags and branches for Wget in the Subversion
repository at http://addictivecode.org/svn/wget/.
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
* Changes in Wget 1.10.
** Downloading files larger than 2GB, sometimes referred to as "large
files", now works on systems that support them. This includes the
majority of modern Unixes, as well as MS Windows.
** IPv6 is now supported by Wget. Unlike the experimental code in
1.9, this version supports dual-family systems. The new flags
`--inet4' and `--inet6' (or `-4' and `-6' for short) force the use of
IPv4 and IPv6 respectively. Note that IPv6 support has not yet been
tested on Windows.
** Microsoft's proprietary "NTLM" method of HTTP authentication is now
supported. This authentication method is undocumented and only used
by IIS. Note that *proxy* authentication is not supported in this
release; you can only authenticate to the target web site.
** Wget no longer truncates partially downloaded files when download
has to start over because the server doesn't support Range. Instead,
with such servers Wget now simply ignores the data up to the byte
where the last attempt left off, and only then continues appending to
the file. That way the downloaded file never shrinks, and download
retries from servers without support for partial downloads work even
when downloading to stdout.
** SSL/TLS changes:
*** SSL/TLS downloads now attempt to verify the server's certificate
against the recognized certificate authorities. This requires CA
certificates to have been installed in a location visible to the
OpenSSL library. If this is not the case, you can get the bundle
yourself from a source you trust (for example, the bundle extracted
from Mozilla available at http://curl.haxx.se/docs/caextract.html),
and point Wget to the PEM file using the `--ca-certificate'
command-line option or the corresponding `.wgetrc' command.
*** Secure downloads now verify that the host name in the URL matches
the "common name" in the certificate presented by the server.
*** Although the above checks provide more secure downloads, they
unavoidably break interoperability with some sites that worked with
previous versions, particularly those using self-signed, expired, or
otherwise invalid certificates. If you encounter "certificate
verification" errors or complaints that "common name doesn't match
requested host name" and are convinced of the site's authenticity, you
can use `--no-check-certificate' to bypass both checks.
*** Talking to SSL/TLS servers over proxies now actually works.
Previous versions of Wget erroneously sent GET requests for https
URLs. Wget 1.10 utilizes the CONNECT method designed for this
purpose.
*** The SSL/TLS-related options have been redesigned and, for the
first time, documented in the manual. The old, undocumented, options
are no longer supported.
** Passive FTP is now the default FTP transfer mode. Use
`--no-passive-ftp' or specify `passive_ftp = off' in your init file to
revert to the old behavior.
** The `--header' option can now be used to override generated
headers. For example, `wget --header="Host: foo.bar"
http://127.0.0.1' tells Wget to connect to localhost, but to specify
"foo.bar" in the `Host' header. In previous versions such use of
`--header' lead to duplicate headers in HTTP requests.
** The responses without headers, aka "HTTP 0.9" responses, are
detected and handled. Although HTTP 0.9 has long been obsolete, it is
still occasionally used, sometimes by accident.
** The progress bar is now updated regularly even when the data does
not arrive from the network.
** Wget no longer preserves permissions of files retrieved by FTP by
default. Anonymous FTP servers frequently use permissions like "664",
which might not be what the user wants. The new option
`--preserve-permissions' and the corresponding `.wgetrc' variable can
be used to revert to the old behavior.
** The new option `--protocol-directories' instructs Wget to also use
the protocol name as a directory component of local file names.
** Options that previously unconditionally set or unset various flags
are now boolean options that can be invoked as either `--OPTION' or
`--no-OPTION'. Options that required an argument "on" or "off" have
also been changed this way, but they still accept the old syntax for
backward compatibility. For example, instead of `--glob=off' you can
write `--no-glob'.
Allowing `--no-OPTION' for every `--OPTION' and the other way around
is useful because it allows the user to override non-default behavior
specified via `.wgetrc'.
** The new option `--keep-session-cookies' causes `--save-cookies' to
save session cookies (normally only kept in memory) along with the
permanent ones. This is useful because many sites track important
information, such as whether the user has authenticated, in session
cookies. With this option multiple Wget runs are treated as a single
browser session.
** Wget now supports the --ftp-user and --ftp-password command
switches to set username and password for FTP, and the --user and
--password command switches to set username and password for both FTP
and HTTP. The --http-passwd and --proxy-passwd command switches have
been renamed to --http-password and --proxy-password respectively, and
the related http_passwd and proxy_passwd .wgetrc commands to
http_password and proxy_password respectively. The login and passwd
.wgetrc commands have been deprecated.
* `wget -b' now works correctly under Windows.
* Wget 1.9.1 is a bugfix release with no user-visible changes.
* Changes in Wget 1.9.
** It is now possible to specify that POST method be used for HTTP
requests. For example, `wget --post-data="id=foo&data=bar" URL' will
send a POST request with the specified contents.
** IPv6 support is available, although it's still experimental.
** The `--timeout' option now also affects DNS lookup and establishing
the TCP connection. Previously it only affected reading and writing
data. Those three timeouts can be set separately using
`--dns-timeout', `--connection-timeout', and `--read-timeout',
respectively.
** Download speed shown by the progress bar is based on the data
recently read, rather than the average speed of the entire download.
The ETA projection is still based on the overall average.
** It is now possible to connect to FTP servers through FWTK
firewalls. Set ftp_proxy to an FTP URL, and Wget will automatically
log on to the proxy as "username@host".
** The new option `--retry-connrefused' makes Wget retry downloads
even in the face of refused connections, which are otherwise
considered a fatal error.
** The new option `--dns-cache=off' may be used to prevent Wget from
caching DNS lookups.
** Wget no longer escapes characters in local file names based on
whether they're appropriate in URLs. Escaping can still occur for
nonprintable characters or for '/', but no longer for frequent
characters such as space. You can use the new option
--restrict-file-names to relax or strengthen these rules, which can be
useful if you dislike the default or if you're downloading to
non-native partitions.
** Handling of HTML comments has been dumbed down to conform to what
users expect and other browsers do: instead of being treated as SGML
declaration, a comment is terminated at the first occurrence of "-->".
Use `--strict-comments' to revert to the old behavior.
** Wget now correctly handles relative URIs that begin with "//", such
as "//img.foo.com/foo.jpg".
** Boolean options in `.wgetrc' and on the command line now accept
values "yes" and "no" along with the traditional "on" and "off".
** It is now possible to specify decimal values for timeouts, waiting
periods, and download rate. For instance, `--wait=0.5' now works as
expected, as does `--dns-timeout=0.5' and even `--limit-rate=2.5k'.
already fixed (patches from RedHat RPM).
Note: this package does not support IPv6 any longer, since no
updated IPv6 patch for wget-1.8.2 exists (to my knowledge).
The next major wget release is expected to contain IPv6 support.
Uservisible changes since 1.7:
** A new progress indicator is now available and used by default.
You can choose the progress bar type with `--progress=TYPE'. Two
types are available, "bar" (the new default), and "dot" (the old
dotted indicator). You can permanently revert to the old progress
indicator by putting `progress = dot' in your `.wgetrc'.
** You can limit the download rate of the retrieval using the
`--limit-rate' option. For example, `wget --limit-rate=15k URL' will
tell Wget not to download the body of the URL faster than 15 kilobytes
per second.
** Recursive retrieval and link conversion have been revamped:
*** Wget now traverses links breadth-first. This makes the
calculation of depth much more reliable than before. Also, recursive
downloads are faster and consume *significantly* less memory than
before.
*** Links are converted only when the entire retrieval is complete.
This is the only safe thing to do, as only then is it known what URLs
have been downloaded.
*** BASE tags are handled correctly when converting links. Since Wget
already resolves <base href="..."> when resolving handling URLs, link
conversion now makes the BASE tags point to an empty string.
*** HTML anchors are now handled correctly. Links to an anchor in the
same document (<a href="#anchorname">), which used to confuse Wget,
are now converted correctly.
*** When in page-requisites (-p) mode, no-parent (-np) is ignored when
retrieving for inline images, stylesheets, and other documents needed
to display the page.
*** Page-requisites (-p) mode now works with frames. In other words,
`wget -p URL-THAT-USES-FRAMES' will now download the frame HTML files,
and all the files that they need to be displayed properly.
** `--base' now works conjunction with `--input-file', providing a
base for each URL and thereby allowing the URLs in the file to be
relative.
** If a host has more than one IP address, Wget uses the other
addresses when accessing the first one fails.
** Host directories now contain port information if the URL is at a
non-standard port.
** Wget now supports the robots.txt directives specified in
<http://www.robotstxt.org/wc/norobots-rfc.txt>.
** URL parser has been fixed, especially the infamous overzealous
quoting. Wget no longer dequotes reserved characters, e.g. `%3F' is
no longer translated to `?', nor `%2B' to `+'. Unsafe characters
which are not reserved are still escaped, of course.
** No more than 20 successive redirections are allowed.
Highlights of changes since 1.7:
* bugfixes
* new progress bar indicator
* breath-first recursive descent
* host directories contain port information if the server is at a
non-standard port
full list:
http://cvs.sunsite.dk/viewcvs.cgi/wget/NEWS?rev=WGET_1_8&content-type=text/plain
Provided by michal@pasternak.w.lub.pl in pkg/16124
Summary of changes:
- removal of USE_GTEXINFO
- addition of mk/texinfo.mk
- inclusion of this file in package Makefiles requiring it
- `install-info' substituted by `${INSTALL_INFO}' in PLISTs
- tuning of mk/bsd.pkg.mk:
removal of USE_GTEXINFO
INSTALL_INFO added to PLIST_SUBST
`${INSTALL_INFO}' replace `install-info' in target rules
print-PLIST target now generate `${INSTALL_INFO}' instead of `install-info'
- a couple of new patch files added for a handful of packages
- setting of the TEXINFO_OVERRIDE "switch" in packages Makefiles requiring it
- devel/cssc marked requiring texinfo 4.0
- a couple of packages Makefiles were tuned with respect of INFO_FILES and
makeinfo command usage
See -newly added by this commit- section 10.24 of Packages.txt for
further information.