[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802596: Please provide wget-udeb (linked against pending libssl-udeb)

Package: wget
Version: 1.16.3-3
Severity: normal
Tags: patch
X-Debbugs-CC: debian-boot@lists.debian.org

As I've discussed with Cyril during DebConf15, I'm interested in seeing https support in the Debian's debian-installer (it's already available in Ubuntu's).

In order to do this, we need to replace the version of wget provided by busybox, with a version of wget that includes SSL support.

As mentioned in #802591, wget in Debian links against gnutls, while it links against openssl in Ubuntu. I did the work to get a udeb out of gnutls, but the result is a) much larger than the equivalent from openssl b) linked against stuff that also has no udeb packages, which means both more work and even larger size.

I'm not aware of the reasons that pushed wget to move from openssl to gnutls back in 2011, although I suspect it was due to GPL incompatibility with one of the dependencies. However, since the udeb version is rather stripped out, the dependencies are easier to check. Dep by dep (as they come from the udeb package) license check:
* libc6-udeb (>= 2.19) -> LGPL
* libcrypto1.0.0-udeb (>= 1.0.1d) -> OpenSSL
* libpcre3-udeb (>= 1:8.35) -> BSD
* libssl1.0.0-udeb (>= 1.0.1d) -> OpenSSL
* libuuid1-udeb (>= 2.20.1) -> BSD
* zlib1g-udeb (>= 1:1.2.3.3.dfsg-1) -> BSD

Regarding libuuid1, it's part of the util-linux souce package which is mostly GPL, but the libuuid/ directory is BSD, I checked the source code and it's all BSD and doesn't link against any GPL code.

My proposal is then to link against the libssl udeb (pending in #802591) for the wget-udeb package, but leave the other wget as it is (linked against gnutls).

The work for this was done by Colin Watson for Ubuntu years ago, but was never applied in Debian. I have a patch that applies Ubuntu's changes to the current version in Debian, and I've verified that this (combined with the libssl udeb) makes wget in Debian's debian-installer support https.

I'm attaching the patch for adding the udeb, although it doesn't make sense to upload this until #802591 is fixed, but I wanted to get the ball rolling in case there are concerns.
--
Cheers,
Marga
diff -Nru wget-1.16.3/debian/changelog wget-1.16.3/debian/changelog
--- wget-1.16.3/debian/changelog	2015-06-20 19:02:34.000000000 +0200
+++ wget-1.16.3/debian/changelog	2015-10-20 15:12:09.000000000 +0200
@@ -1,3 +1,12 @@
+wget (1.16.3-4) unstable; urgency=medium
+
+  * Add udeb support, taken from the work done by Colin Watson for Ubuntu
+    in 1.10.2-2ubuntu2 and forward.
+  * Added dependency on libssl-dev for the udeb, as gnutls does not provide
+    a udeb package.
+
+ -- Margarita Manterola <marga@google.com>  Tue, 20 Oct 2015 13:56:26 +0200
+
 wget (1.16.3-3) unstable; urgency=medium
 
   * changed libgnutls28-dev dependency to a versioned one to fix
diff -Nru wget-1.16.3/debian/control wget-1.16.3/debian/control
--- wget-1.16.3/debian/control	2015-06-16 10:24:52.000000000 +0200
+++ wget-1.16.3/debian/control	2015-10-21 14:47:42.000000000 +0200
@@ -2,7 +2,7 @@
 Section: web
 Priority: important
 Maintainer: Noël Köthe <noel@debian.org>
-Build-Depends: debhelper (>> 9.0.0), gettext, texinfo, autotools-dev, libidn11-dev, uuid-dev, libpsl-dev, libpcre3-dev, libgnutls28-dev (>= 3.3.15-5)
+Build-Depends: debhelper (>> 9.0.0), gettext, texinfo, autotools-dev, libidn11-dev, uuid-dev, libpsl-dev, libpcre3-dev, libgnutls28-dev (>= 3.3.15-5), libssl-dev (>= 0.9.8k)
 Standards-Version: 3.9.6
 Homepage: https://www.gnu.org/software/wget/
 
@@ -32,3 +32,12 @@
  Wget supports proxy servers; this can lighten the network load,
  speed up retrieval, and provide access behind firewalls.
 
+Package: wget-udeb
+XC-Package-Type: udeb
+Architecture: any
+Section: debian-installer
+Priority: extra
+Depends: ${shlibs:Depends}
+Description: retrieves files from the web
+ This package provides wget.gnu binary as alternative to the limited
+ implementation in busybox (see for example ssl support).
diff -Nru wget-1.16.3/debian/rules wget-1.16.3/debian/rules
--- wget-1.16.3/debian/rules	2015-03-09 11:45:06.000000000 +0100
+++ wget-1.16.3/debian/rules	2015-10-21 14:48:00.000000000 +0200
@@ -17,11 +17,12 @@
 include /usr/share/dpkg/buildflags.mk
 CFLAGS += -DNO_SSLv2 -D_FILE_OFFSET_BITS=64 -g -Wall
 
-config.status: 
+configure-stamp: configure-udeb-stamp
 	dh_testdir
 	cp /usr/share/misc/config.guess /usr/share/misc/config.sub .
 	# Add here commands to configure the package.
-	CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure \
+	mkdir -p build
+	cd build && CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" ../configure \
 			--prefix=/usr \
 			--mandir=\$${prefix}/share/man \
 			--infodir=\$${prefix}/share/info \
@@ -32,27 +33,48 @@
 
 	touch configure-stamp
 
+configure-udeb-stamp:
+	dh_autotools-dev_updateconfig
+	mkdir -p build-udeb
+	cd build-udeb && CFLAGS="$(CFLAGS) -Os" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" ../configure \
+			--prefix=/usr \
+			--mandir=\$${prefix}/share/man \
+			--infodir=\$${prefix}/share/info \
+			--sysconfdir=/etc \
+			--enable-ipv6 \
+			--with-ssl=openssl \
+			--without-libpsl \
+			--disable-debug \
+			--disable-nls \
+			--disable-iri $(confflags)
+
+	touch configure-udeb-stamp
+
 build: build-arch build-indep
 
-build-arch: build-stamp
+build-arch: build-stamp build-udeb-stamp
 
 build-indep: build-stamp
 
-build-stamp: config.status
+build-stamp: configure-stamp
 	dh_testdir
 
 	# Add here commands to compile the package.
-	$(MAKE)
+	cd build && $(MAKE)
 	#/usr/bin/docbook-to-man debian/wget.sgml > wget.1
 
 	cd po; make wget.pot
 
 	touch build-stamp
 
+build-udeb-stamp: configure-udeb-stamp
+	cd build-udeb && $(MAKE)
+	touch build-udeb-stamp
+
 clean: 
 	dh_testdir
 	dh_testroot
-	rm -f build-stamp configure-stamp
+	rm -f build-stamp configure-stamp build-udeb-stamp configure-udeb-stamp
 
 	# Add here commands to clean up after the build process.
 	[ ! -f Makefile ] || $(MAKE) distclean
@@ -60,7 +82,7 @@
 	rm -f po/*.gmo po/wget.pot po/en@boldquot.po po/en@quot.po \
 	    doc/wget.inf* doc/stamp-vti doc/version.texi \
 	    doc/sample.wgetrc.munged_for_texi_inclusion
-	rm -f config.guess config.sub
+	rm -rf config.sub config.guess build-udeb build
 
 	dh_prep
 
@@ -71,9 +93,12 @@
 	dh_installdirs
 
 	# Add here commands to install the package into debian/wget.
-	$(MAKE) install DESTDIR=$(CURDIR)/debian/wget
+	cd build && $(MAKE) install DESTDIR=$(CURDIR)/debian/wget
 	rm -f $(CURDIR)/debian/wget/usr/share/info/dir
 
+	# udeb
+	mkdir -p debian/wget-udeb/usr/bin/
+	cp build-udeb/src/wget debian/wget-udeb/usr/bin/wget
 
 # Build architecture-independent files here.
 binary-indep: build install
Reply to: