o unbreak manpage.

 - pod2man is required to build manpage.
o set LANG=C for sed.
 - This case [:print:] does not work correctly without LANG=C.

o Fix directory traversal bug in FTP.

References:
http://marc.theaimsgroup.com/?l=bugtraq&m=87602746719482&w=2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344

Patches obtained from: Red Hat Linux

3 files changed, 64 insertions, 2 deletions

diff --git a/ftp/wget+ipv6/Makefile b/ftp/wget+ipv6/Makefile
index 2a88a48ed098..38cb9c8fa74f 100644
--- a/ftp/wget+ipv6/Makefile
+++ b/ftp/wget+ipv6/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	wget
 PORTVERSION=	1.7
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	ftp www ipv6
 MASTER_SITES=	${MASTER_SITE_GNU} \
 		ftp://ftp.dl.ac.uk/ccp14/ftp-mirror/wget/pub/unix/util/wget/ \
@@ -30,6 +30,7 @@ LIB_DEPENDS=	intl.4:${PORTSDIR}/devel/gettext
 USE_OPENSSL=	yes
 CONFIGURE_ARGS=	--with-ssl=${OPENSSLBASE}
 .endif
+USE_PERL5_BUILD=	yes
 USE_GMAKE=	yes
 USE_REINPLACE=	yes
 GNU_CONFIGURE=	yes
@@ -49,7 +50,7 @@ post-patch:
 	${MV} po/zh_TW.po po/zh_TW.po.utf-8; \
 	${LOCALBASE}/bin/iconv -f UTF-8 -t BIG5 po/zh_TW.po.utf-8 |\
 		${SED} -e 's,utf-8,big5,' |\
-		${SED} -Ee 's,([^[:print:]])\\,\1\\\\,g' |\
+		${ENV} LANG=C ${SED} -Ee 's,([^[:print:]])\\,\1\\\\,g' |\
 		${SED} -Ee 's,\\\\([nt"]),\\\1,g' \
 		    > po/zh_TW.po)
 
diff --git a/ftp/wget+ipv6/files/patch-src_fnmatch_c b/ftp/wget+ipv6/files/patch-src_fnmatch_c
new file mode 100644
index 000000000000..5da55bc4f562
--- /dev/null
+++ b/ftp/wget+ipv6/files/patch-src_fnmatch_c
@@ -0,0 +1,21 @@
+$OpenBSD: patch-src_fnmatch_c,v 1.1 2002/12/10 18:37:24 brad Exp $
+--- src/fnmatch.c.orig	Tue Dec 10 13:06:09 2002
++++ src/fnmatch.c	Tue Dec 10 13:07:23 2002
+@@ -188,6 +188,17 @@ fnmatch (const char *pattern, const char
+   return (FNM_NOMATCH);
+ }
+ 
++/* Return non-zero if S has a leading '/'  or contains '../' */
++int
++has_invalid_name (const char *s)
++{
++	if (*s == '/')
++		return 1;
++	if (strstr(s, "../") != 0)
++		return 1;
++	return 0;
++}
++
+ /* Return non-zero if S contains globbing wildcards (`*', `?', `[' or
+    `]').  */
+ int
diff --git a/ftp/wget+ipv6/files/patch-src_ftp_c b/ftp/wget+ipv6/files/patch-src_ftp_c
new file mode 100644
index 000000000000..3da2f4186d7e
--- /dev/null
+++ b/ftp/wget+ipv6/files/patch-src_ftp_c
@@ -0,0 +1,40 @@
+$OpenBSD: patch-src_ftp_c,v 1.1 2002/12/10 18:37:24 brad Exp $
+--- src/ftp.c.orig	Tue Dec 10 13:08:00 2002
++++ src/ftp.c	Tue Dec 10 13:16:22 2002
+@@ -1637,6 +1637,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc
+ {
+   struct fileinfo *orig, *start;
+   uerr_t res;
++  struct fileinfo *f;
+ 
+   con->cmd |= LEAVE_PENDING;
+ 
+@@ -1648,8 +1649,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc
+      opt.accepts and opt.rejects.  */
+   if (opt.accepts || opt.rejects)
+     {
+-      struct fileinfo *f = orig;
+-
++      f = orig;
+       while (f)
+ 	{
+ 	  if (f->type != FT_DIRECTORY && !acceptable (f->name))
+@@ -1661,6 +1661,18 @@ ftp_retrieve_glob (struct urlinfo *u, cc
+ 	    f = f->next;
+ 	}
+     }
++  /* Remove all files with possible harmful names */
++  f = orig;
++  while (f)
++  {
++     if (has_invalid_name(f->name))
++     {
++	logprintf (LOG_VERBOSE, _("Rejecting `%s'.\n"), f->name);
++	f = delelement (f, &start);
++     }
++     else
++	f = f->next;
++  }
+   /* Now weed out the files that do not match our globbing pattern.
+      If we are dealing with a globbing pattern, that is.  */
+   if (*u->file && (action == GLOBALL || action == GETONE))