Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-9]: src/usr.bin/ftp Back out ticket #1523 for now - trust anchor ...
details: https://anonhg.NetBSD.org/src/rev/a46c6099365b
branches: netbsd-9
changeset: 370018:a46c6099365b
user: martin <martin%NetBSD.org@localhost>
date: Mon Sep 12 15:02:47 2022 +0000
description:
Back out ticket #1523 for now - trust anchor validation is not solved.
diffstat:
usr.bin/ftp/Makefile | 4 +-
usr.bin/ftp/fetch.c | 173 +++++++++----------------
usr.bin/ftp/ftp.1 | 336 ++++++++++++++++++++-----------------------------
usr.bin/ftp/ftp_var.h | 4 +-
usr.bin/ftp/main.c | 115 ++++-------------
usr.bin/ftp/ssl.c | 23 +---
usr.bin/ftp/util.c | 10 +-
usr.bin/ftp/version.h | 4 +-
8 files changed, 236 insertions(+), 433 deletions(-)
diffs (truncated from 1743 to 300 lines):
diff -r 3467e1066c4a -r a46c6099365b usr.bin/ftp/Makefile
--- a/usr.bin/ftp/Makefile Mon Sep 12 14:44:35 2022 +0000
+++ b/usr.bin/ftp/Makefile Mon Sep 12 15:02:47 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.37.12.2 2022/09/12 14:42:55 martin Exp $
+# $NetBSD: Makefile,v 1.37.12.3 2022/09/12 15:02:47 martin Exp $
# from: @(#)Makefile 8.2 (Berkeley) 4/3/94
.include <bsd.own.mk>
@@ -31,6 +31,4 @@
cmds.o fetch.o: version.h
main.o: ftp_var.h
-CWARNFLAGS.gcc+= ${GCC_NO_FORMAT_OVERFLOW}
-
.include <bsd.prog.mk>
diff -r 3467e1066c4a -r a46c6099365b usr.bin/ftp/fetch.c
--- a/usr.bin/ftp/fetch.c Mon Sep 12 14:44:35 2022 +0000
+++ b/usr.bin/ftp/fetch.c Mon Sep 12 15:02:47 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $ */
+/* $NetBSD: fetch.c,v 1.231.2.4 2022/09/12 15:02:47 martin Exp $ */
/*-
* Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.231.2.4 2022/09/12 15:02:47 martin Exp $");
#endif /* not lint */
/*
@@ -106,13 +106,12 @@
static int auth_url(const char *, char **, const struct authinfo *);
static void base64_encode(const unsigned char *, size_t, unsigned char *);
#endif
-static int go_fetch(const char *, struct urlinfo *);
+static int go_fetch(const char *);
static int fetch_ftp(const char *);
-static int fetch_url(const char *, const char *, char *, char *,
- struct urlinfo *);
+static int fetch_url(const char *, const char *, char *, char *);
static const char *match_token(const char **, const char *);
static int parse_url(const char *, const char *, struct urlinfo *,
- struct authinfo *, struct urlinfo *);
+ struct authinfo *);
static void url_decode(char *);
static void freeauthinfo(struct authinfo *);
static void freeurlinfo(struct urlinfo *);
@@ -275,7 +274,7 @@
scheme = "Basic"; /* only support Basic authentication */
gotpass = NULL;
- DPRINTF("%s: challenge `%s'\n", __func__, challenge);
+ DPRINTF("auth_url: challenge `%s'\n", challenge);
if (! match_token(&cp, scheme)) {
warnx("Unsupported authentication challenge `%s'",
@@ -337,7 +336,7 @@
*response = ftp_malloc(rlen);
(void)strlcpy(*response, scheme, rlen);
len = strlcat(*response, " ", rlen);
- /* use `clen - 1' to not encode the trailing NUL */
+ /* use `clen - 1' to not encode the trailing NUL */
base64_encode((unsigned char *)clear, clen - 1,
(unsigned char *)*response + len);
memset(clear, 0, clen);
@@ -368,7 +367,7 @@
| ((clear[i + 1] >> 4) & 0x0f)];
*(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
| ((clear[i + 2] >> 6) & 0x03)];
- *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
+ *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
}
*cp = '\0';
while (i-- > len)
@@ -401,42 +400,6 @@
*q = '\0';
}
-static const char *
-get_port(const struct urlinfo *ui)
-{
-
- switch(ui->utype) {
- case HTTP_URL_T:
- return httpport;
- case FTP_URL_T:
- return ftpport;
- case FILE_URL_T:
- return "";
-#ifdef WITH_SSL
- case HTTPS_URL_T:
- return httpsport;
-#endif
- default:
- return NULL;
- }
-}
-
-static int
-use_relative(const struct urlinfo *ui)
-{
- if (ui == NULL)
- return 0;
- switch (ui->utype) {
- case HTTP_URL_T:
- case FILE_URL_T:
-#ifdef WITH_SSL
- case HTTPS_URL_T:
-#endif
- return 1;
- default:
- return 0;
- }
-}
/*
* Parse URL of form (per RFC 3986):
@@ -472,7 +435,7 @@
static int
parse_url(const char *url, const char *desc, struct urlinfo *ui,
- struct authinfo *auth, struct urlinfo *rui)
+ struct authinfo *auth)
{
const char *origurl, *tport;
char *cp, *ep, *thost;
@@ -483,26 +446,29 @@
DPRINTF("parse_url: %s `%s'\n", desc, url);
origurl = url;
+ tport = NULL;
if (STRNEQUAL(url, HTTP_URL)) {
url += sizeof(HTTP_URL) - 1;
ui->utype = HTTP_URL_T;
ui->portnum = HTTP_PORT;
+ tport = httpport;
} else if (STRNEQUAL(url, FTP_URL)) {
url += sizeof(FTP_URL) - 1;
ui->utype = FTP_URL_T;
ui->portnum = FTP_PORT;
+ tport = ftpport;
} else if (STRNEQUAL(url, FILE_URL)) {
url += sizeof(FILE_URL) - 1;
ui->utype = FILE_URL_T;
+ tport = "";
#ifdef WITH_SSL
} else if (STRNEQUAL(url, HTTPS_URL)) {
url += sizeof(HTTPS_URL) - 1;
ui->utype = HTTPS_URL_T;
ui->portnum = HTTPS_PORT;
+ tport = httpsport;
#endif
- } else if (rui != NULL) {
- copyurlinfo(ui, rui);
} else {
warnx("Invalid %s `%s'", desc, url);
cleanup_parse_url:
@@ -511,7 +477,6 @@
return (-1);
}
-
if (*url == '\0')
return (0);
@@ -576,8 +541,7 @@
#endif /* INET6 */
if ((cp = strchr(thost, ':')) != NULL)
*cp++ = '\0';
- if (*thost != '\0')
- ui->host = thost;
+ ui->host = thost;
/* look for [:port] */
if (cp != NULL) {
@@ -592,9 +556,7 @@
}
ui->portnum = nport;
tport = cp;
- } else
- tport = get_port(ui);
-
+ }
if (tport != NULL)
ui->port = ftp_strdup(tport);
@@ -605,8 +567,8 @@
ui->path = ftp_strdup(emptypath);
}
- DPRINTF("%s: user `%s' pass `%s' host %s port %s(%d) "
- "path `%s'\n", __func__,
+ DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
+ "path `%s'\n",
STRorNULL(auth->user), STRorNULL(auth->pass),
STRorNULL(ui->host), STRorNULL(ui->port),
ui->portnum ? ui->portnum : -1, STRorNULL(ui->path));
@@ -619,7 +581,7 @@
static int
ftp_socket(const struct urlinfo *ui, void **ssl)
{
- struct addrinfo hints, *res, *res0 = NULL;
+ struct addrinfo hints, *res, *res0 = NULL;
int error;
int s;
const char *host = ui->host;
@@ -724,7 +686,7 @@
if (*cp == '\0')
continue;
if ((np = strrchr(cp, ':')) != NULL) {
- *np++ = '\0';
+ *np++ = '\0';
np_port = strtoul(np, &ep, 10);
if (*np == '\0' || *ep != '\0')
continue;
@@ -756,7 +718,7 @@
}
initurlinfo(&pui);
- if (parse_url(penv, "proxy URL", &pui, pauth, NULL) == -1)
+ if (parse_url(penv, "proxy URL", &pui, pauth) == -1)
return -1;
if ((!IS_HTTP_TYPE(pui.utype) && pui.utype != FTP_URL_T) ||
@@ -927,9 +889,9 @@
}
#endif
-#define C_OK 0
-#define C_CLEANUP 1
-#define C_IMPROPER 2
+#define C_OK 0
+#define C_CLEANUP 1
+#define C_IMPROPER 2
static int
getresponseline(FETCH *fin, char *buf, size_t buflen, int *len)
@@ -1028,7 +990,7 @@
static void
do_auth(int hcode, const char *url, const char *penv, struct authinfo *wauth,
struct authinfo *pauth, char **auth, const char *message,
- volatile int *rval, struct urlinfo *ui)
+ volatile int *rval)
{
struct authinfo aauth;
char *response;
@@ -1063,8 +1025,7 @@
if (auth_url(*auth, &response, &aauth) == 0) {
*rval = fetch_url(url, penv,
hcode == 401 ? pauth->auth : response,
- hcode == 401 ? response : wauth->auth,
- ui);
+ hcode == 401 ? response: wauth->auth);
memset(response, 0, strlen(response));
FREEPTR(response);
}
@@ -1075,12 +1036,12 @@
negotiate_connection(FETCH *fin, const char *url, const char *penv,
struct posinfo *pi, time_t *mtime, struct authinfo *wauth,
struct authinfo *pauth, volatile int *rval, volatile int *ischunked,
- char **auth, struct urlinfo *ui)
+ char **auth)
{
int len, hcode, rv;
char buf[FTPBUFLEN], *ep;
const char *cp, *token;
- char *location, *message;
+ char *location, *message;
*auth = message = location = NULL;
@@ -1195,19 +1156,18 @@
fprintf(ttyout, "Redirected via %s\n",
location);
*rval = fetch_url(url, location,
- pauth->auth, wauth->auth, ui);
+ pauth->auth, wauth->auth);
} else {
if (verbose)
fprintf(ttyout, "Redirected to %s\n",
location);
- *rval = go_fetch(location, ui);
+ *rval = go_fetch(location);
}
goto cleanup_fetch_url;
#ifndef NO_AUTH
case 401:
case 407:
- do_auth(hcode, url, penv, wauth, pauth, auth, message, rval,
- ui);
+ do_auth(hcode, url, penv, wauth, pauth, auth, message, rval);
goto cleanup_fetch_url;
#endif
default:
@@ -1272,7 +1232,7 @@
Home |
Main Index |
Thread Index |
Old Index