On 12/02, Anthony Bryan wrote:
Our test suite was made to work entirely locally. It does not access the network, since the tests may be run on a machine with no network connectivity. However, we could implement these features within the local test suite itself. Would having to download over the network be such an important thing?thanks everybody for your work on the last release!I'm biased but I think some of the metalink features are very cool & helpful for automating things some people might be too lazy to do, like hash or signature verification. & very timely, (not to be too paranoid) but companies & whole governments are doing MITM attacks, potentially making HTTPS useless and signatures even more useful. I was looking at the 2 metalink tests in /testenv (Test-metalink-http.py, Test-metalink-xml.py) & thinking that it could be a useful test to have wget download it's source release with a metalink (hosted at https://ftp.gnu.org/gnu/wget/wget-1.17.tar.xz.metalink , and including a hash & signature) & then test those hash & signature features if they are available. I guess most tests use the local test FTP/HTTP server, so I don't know if any involve actual downloads?
Attached a patch to do this. Should have been done long ago, guess no one else noticed it.(alternatively, the metalinks for the curl releases at http://curl.haxx.se/download.html also have signatures, but I don't know if that would be rude or not). I also think having the compiled features listed when you do 'wget --version' listing '+metalink +gpgme' might quickly help to show that these features are available.
what do you guys think? -- (( Anthony Bryan ... Metalink [ http://www.metalinker.org ] )) Easier, More Reliable, Self Healing Downloads
-- Thanking You, Darshit Shah
From 2d440d5b4f9abeb84d17fc5474d0102f2fffbcc3 Mon Sep 17 00:00:00 2001 From: Darshit Shah <[email protected]> Date: Thu, 3 Dec 2015 10:49:37 +0100 Subject: [PATCH] Include Metalink and GPG information in version * src/build_info.c.in: Include the presence of Metalink and GPGME features in the output for wget --version --- src/build_info.c.in | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/build_info.c.in b/src/build_info.c.in index ce1fe25..83b7664 100644 --- a/src/build_info.c.in +++ b/src/build_info.c.in @@ -9,6 +9,9 @@ ntlm defined ENABLE_NTLM opie defined ENABLE_OPIE psl defined HAVE_LIBPSL +metalink defined HAVE_METALINK +gpgme defined HAVE_GPGME + ssl choice: openssl defined HAVE_LIBSSL || defined HAVE_LIBSSL32 gnutls defined HAVE_LIBGNUTLS -- 2.6.3
signature.asc
Description: PGP signature
