wget-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

wget2 | Add --check-hash=<hash as hex> (#520)


From: Tim Rühsen
Subject: wget2 | Add --check-hash=<hash as hex> (#520)
Date: Sun, 15 Mar 2020 10:16:59 +0000


Tim Rühsen created an issue: https://gitlab.com/gnuwget/wget2/-/issues/520



This automatically can test for the correct checksum, so no need for a script 
or a second pass.

We possibly need `--check-hash-type=<MD5|SHA1|...>`. If not given, we can guess 
from the hash length and/or test all available hash types. Libwget already has 
hash functions, so the implementation is seems trivial.

As a nice add-on, we can build the hash during download to reduce the wall 
time. Maybe switch this on only if `--check-hash-type` is given.

**Background**

While we have content verification in HTTPS, people are still using HTTP. Also 
there might be intercepting proxies / VPNs (e.g. in corporate environments), so 
that a verification makes sense even if using HTTPS.

This does not take in account a take-over of a web server. In such cases only 
proper verification of the PGP signature detects malicious changes in the 
downloaded file (see `-s / --verify-sig`).

-- 
Reply to this email directly or view it on GitLab: 
https://gitlab.com/gnuwget/wget2/-/issues/520
You're receiving this email because of your account on gitlab.com.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]