CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: snj Date: Sat Mar 18 05:02:28 UTC 2017 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c Log Message: Pull up following revision(s) (requested by nonaka in ticket #1353): usr.bin/ftp/fetch.c: revision 1.227 Use the first name we requested the http/https URL for, not any name we ended up with after random redirects. To generate a diff of this commit: cvs rdiff -u -r1.205.4.6 -r1.205.4.7 src/usr.bin/ftp/fetch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.6 src/usr.bin/ftp/fetch.c:1.205.4.7 --- src/usr.bin/ftp/fetch.c:1.205.4.6 Sun Dec 18 08:03:09 2016 +++ src/usr.bin/ftp/fetch.c Sat Mar 18 05:02:28 2017 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205.4.6 2016/12/18 08:03:09 snj Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.7 2017/03/18 05:02:28 snj Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.6 2016/12/18 08:03:09 snj Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.7 2017/03/18 05:02:28 snj Exp $"); #endif /* not lint */ /* @@ -1368,6 +1368,12 @@ fetch_url(const char *url, const char *p savefile = ftp_strdup(cp + 1); else savefile = ftp_strdup(decodedpath); + /* + * Use the first URL we requested not the name after a + * possible redirect, but careful to save it because our + * "safety" check is the match to outfile. + */ + outfile = ftp_strdup(savefile); } DPRINTF("%s: savefile `%s'\n", __func__, savefile); if (EMPTYSTRING(savefile)) {
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: snj Date: Sun Dec 18 08:03:09 UTC 2016 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c Log Message: Pull up following revision(s) (requested by nonaka in ticket #1331): usr.bin/ftp/fetch.c: revision 1.226 handle proxy authentication correctly. To generate a diff of this commit: cvs rdiff -u -r1.205.4.5 -r1.205.4.6 src/usr.bin/ftp/fetch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.5 src/usr.bin/ftp/fetch.c:1.205.4.6 --- src/usr.bin/ftp/fetch.c:1.205.4.5 Tue Nov 1 19:30:44 2016 +++ src/usr.bin/ftp/fetch.c Sun Dec 18 08:03:09 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205.4.5 2016/11/01 19:30:44 snj Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.6 2016/12/18 08:03:09 snj Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.5 2016/11/01 19:30:44 snj Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.6 2016/12/18 08:03:09 snj Exp $"); #endif /* not lint */ /* @@ -855,8 +855,7 @@ print_connect(FETCH *fin, const struct u #define C_OK 0 #define C_CLEANUP 1 #define C_IMPROPER 2 -#define C_PROXY 3 -#define C_NOPROXY 4 +#define C_RESTART 3 static int getresponseline(FETCH *fin, char *buf, size_t buflen, int *len) @@ -1086,7 +1085,7 @@ negotiate_connection(FETCH *fin, const c case 401: case 407: { - struct authinfo aauth; + struct authinfo aauth; char **authp; if (hcode == 401) @@ -1121,7 +1120,8 @@ negotiate_connection(FETCH *fin, const c authp = &aauth.auth; if (auth_url(*auth, authp, &aauth) == 0) { *rval = fetch_url(url, penv, - pauth->auth, wauth->auth); + hcode == 401 ? pauth->auth : aauth.auth, + hcode == 401 ? aauth.auth : wauth->auth); memset(*authp, 0, strlen(*authp)); FREEPTR(*authp); } @@ -1216,6 +1216,34 @@ connectmethod(int s, FETCH *fin, struct switch (hcode) { case 200: break; +#ifndef NO_AUTH + case 407: + if (verbose || pauth->auth == NULL || + pauth->user == NULL || pauth->pass == NULL) + fprintf(ttyout, "%s\n", message); + if (EMPTYSTRING(*auth)) { + warnx("No authentication challenge provided by server"); + goto cleanup_fetch_url; + } + + if (pauth->auth != NULL) { + char reply[10]; + + fprintf(ttyout, "Authorization failed. Retry (y/n)? "); + if (get_line(stdin, reply, sizeof(reply), NULL) + < 0) { +goto cleanup_fetch_url; + } + if (tolower((unsigned char)reply[0]) != 'y') +goto cleanup_fetch_url; + pauth->user = NULL; + pauth->pass = NULL; + } + + if (auth_url(*auth, &pauth->auth, pauth) == 0) + goto restart_fetch_url; + goto cleanup_fetch_url; +#endif default: if (message) warnx("Error proxy connect " "`%s'", message); @@ -1236,6 +1264,9 @@ improper: cleanup_fetch_url: rv = C_CLEANUP; goto out; +restart_fetch_url: + rv = C_RESTART; + goto out; out: FREEPTR(message); return rv; @@ -1444,6 +1475,10 @@ fetch_url(const char *url, const char *p if (isproxy && oui.utype == HTTPS_URL_T) { switch (connectmethod(s, fin, &oui, &ui, &pauth, &auth, &hasleading)) { + case C_RESTART: +rval = fetch_url(url, penv, pauth.auth, +wauth.auth); +/*FALLTHROUGH*/ case C_CLEANUP: goto cleanup_fetch_url; case C_IMPROPER:
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: snj Date: Tue Nov 1 19:30:44 UTC 2016 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c Log Message: Pull up following revision(s) (requested by dholland in ticket #1265): usr.bin/ftp/fetch.c: revision 1.225 PR/51558: ast@: ftp dumps core after usage message when IPv6 URL lacks a slash. Initialize variable so that we don't get random behavior on cleanup. To generate a diff of this commit: cvs rdiff -u -r1.205.4.4 -r1.205.4.5 src/usr.bin/ftp/fetch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.4 src/usr.bin/ftp/fetch.c:1.205.4.5 --- src/usr.bin/ftp/fetch.c:1.205.4.4 Fri Apr 29 19:03:44 2016 +++ src/usr.bin/ftp/fetch.c Tue Nov 1 19:30:44 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205.4.4 2016/04/29 19:03:44 snj Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.5 2016/11/01 19:30:44 snj Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.4 2016/04/29 19:03:44 snj Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.5 2016/11/01 19:30:44 snj Exp $"); #endif /* not lint */ /* @@ -1295,6 +1295,7 @@ fetch_url(const char *url, const char *p rval = 1; initurlinfo(&ui); + initurlinfo(&oui); initauthinfo(&wauth, wwwauth); initauthinfo(&pauth, proxyauth);
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: snj Date: Fri Apr 29 19:03:44 UTC 2016 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c Log Message: Pull up following revision(s) (requested by nonaka in ticket #1153): usr.bin/ftp/fetch.c: revision 1.223 PR/51043: Yorick Hardy: ftp(1) should use the port number for CONNECT To generate a diff of this commit: cvs rdiff -u -r1.205.4.3 -r1.205.4.4 src/usr.bin/ftp/fetch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.3 src/usr.bin/ftp/fetch.c:1.205.4.4 --- src/usr.bin/ftp/fetch.c:1.205.4.3 Sun Mar 13 11:49:14 2016 +++ src/usr.bin/ftp/fetch.c Fri Apr 29 19:03:44 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205.4.3 2016/03/13 11:49:14 martin Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.4 2016/04/29 19:03:44 snj Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.3 2016/03/13 11:49:14 martin Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.4 2016/04/29 19:03:44 snj Exp $"); #endif /* not lint */ /* @@ -847,8 +847,8 @@ print_connect(FETCH *fin, const struct u } else h = ui->host; - fetch_printf(fin, "CONNECT %s:%s HTTP/1.1\r\n", h, ui->port); - fetch_printf(fin, "Host: %s:%s\r\n", h, ui->port); + fetch_printf(fin, "CONNECT %s:%d HTTP/1.1\r\n", h, ui->portnum); + fetch_printf(fin, "Host: %s:%d\r\n", h, ui->portnum); } #endif
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: martin Date: Sun Mar 13 11:49:14 UTC 2016 Modified Files: src/usr.bin/ftp [netbsd-7]: cmds.c fetch.c ftp.c ftp_var.h ssl.c Log Message: Pull up following revision(s) (requested by nonakap in ticket #1133): usr.bin/ftp/fetch.c: revision 1.208-1.221 usr.bin/ftp/cmds.c: revision 1.136-1.137 usr.bin/ftp/ssl.c: revision 1.5 usr.bin/ftp/ftp.c: revision 1.165-1.166 usr.bin/ftp/ftp_var.h: revision 1.84 Workaround const issues of SSL_set_tlsext_host_name. Use the proper format "[IPv6 address]:port" when reporting connection attempts to IPv6 endpoints. (Hopefully) fix build without IPv6 support Try to factor out some code, this is completely out of control. Separate no_proxy handling. Factor the proxy handling code out. Fix compile failure without WITH_SSL. PR/50438: NONAKA Kimihiro: ftp(1): CONNECT method support make DPRINTF/DWARN always statements. Fix to connect https via proxy. Fix ttyout message. Simplify and factor out connect message Split the position/size parsing into a separate function. Mark function as only needed with ssl. Fix downloads of local files using file:// URLs Initialize the token match pointer. use sizeof() and array notation. CID 1354295: Array overrun. To generate a diff of this commit: cvs rdiff -u -r1.135 -r1.135.8.1 src/usr.bin/ftp/cmds.c cvs rdiff -u -r1.205.4.2 -r1.205.4.3 src/usr.bin/ftp/fetch.c cvs rdiff -u -r1.164 -r1.164.10.1 src/usr.bin/ftp/ftp.c cvs rdiff -u -r1.82.8.1 -r1.82.8.2 src/usr.bin/ftp/ftp_var.h cvs rdiff -u -r1.2.14.1 -r1.2.14.2 src/usr.bin/ftp/ssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/cmds.c diff -u src/usr.bin/ftp/cmds.c:1.135 src/usr.bin/ftp/cmds.c:1.135.8.1 --- src/usr.bin/ftp/cmds.c:1.135 Sat Dec 22 16:57:09 2012 +++ src/usr.bin/ftp/cmds.c Sun Mar 13 11:49:14 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: cmds.c,v 1.135 2012/12/22 16:57:09 christos Exp $ */ +/* $NetBSD: cmds.c,v 1.135.8.1 2016/03/13 11:49:14 martin Exp $ */ /*- * Copyright (c) 1996-2009 The NetBSD Foundation, Inc. @@ -96,7 +96,7 @@ #if 0 static char sccsid[] = "@(#)cmds.c 8.6 (Berkeley) 10/9/94"; #else -__RCSID("$NetBSD: cmds.c,v 1.135 2012/12/22 16:57:09 christos Exp $"); +__RCSID("$NetBSD: cmds.c,v 1.135.8.1 2016/03/13 11:49:14 martin Exp $"); #endif #endif /* not lint */ @@ -1967,15 +1967,15 @@ dotrans(char *dst, size_t dlen, const ch char *cp2 = dst; size_t i, ostop; - for (ostop = 0; *(ntout + ostop) && ostop < 16; ostop++) + for (ostop = 0; ntout[ostop] && ostop < sizeof(ntout); ostop++) continue; for (cp1 = src; *cp1; cp1++) { int found = 0; - for (i = 0; *(ntin + i) && i < 16; i++) { - if (*cp1 == *(ntin + i)) { + for (i = 0; i < sizeof(ntin) && ntin[i]; i++) { + if (*cp1 == ntin[i]) { found++; if (i < ostop) { - *cp2++ = *(ntout + i); + *cp2++ = ntout[i]; if (cp2 - dst >= (ptrdiff_t)(dlen - 1)) goto out; } Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.2 src/usr.bin/ftp/fetch.c:1.205.4.3 --- src/usr.bin/ftp/fetch.c:1.205.4.2 Thu Nov 5 05:26:38 2015 +++ src/usr.bin/ftp/fetch.c Sun Mar 13 11:49:14 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205.4.2 2015/11/05 05:26:38 riz Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.3 2016/03/13 11:49:14 martin Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.2 2015/11/05 05:26:38 riz Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.3 2016/03/13 11:49:14 martin Exp $"); #endif /* not lint */ /* @@ -74,27 +74,47 @@ __RCSID("$NetBSD: fetch.c,v 1.205.4.2 20 typedef enum { UNKNOWN_URL_T=-1, HTTP_URL_T, -#ifdef WITH_SSL HTTPS_URL_T, -#endif FTP_URL_T, FILE_URL_T, CLASSIC_URL_T } url_t; +struct authinfo { + char *auth; + char *user; + char *pass; +}; + +struct urlinfo { + char *host; + char *port; + char *path; + url_t utype; + in_port_t portnum; +}; + +struct posinfo { + off_t rangestart; + off_t rangeend; + off_t entitylen; +}; + __dead static void aborthttp(int); __dead static void timeouthttp(int); #ifndef NO_AUTH -static int auth_url(const char *, char **, const char *, const char *); +static int auth_url(const char *, char **, const struct authinfo *); static void base64_encode(const unsigned char *, size_t, unsigned char *); #endif static int go_fetch(const char *); static int fetch_ftp(const char *); static int fetch_url(const char *, const char *, char *, char *); static const char *match_token(const char **, const char *); -static int parse_url(const char *, const char *, url_t *, char **, - char **, char **, char **, in_port_t *, char **); +static int parse_url(const char *, const char *, struct urlinfo *, +struct authinfo *); static void url_decode(char *); +static void freeauthinfo(struct authinfo *); +sta
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: riz Date: Thu Nov 5 05:26:38 UTC 2015 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c ftp.1 main.c ssl.c ssl.h version.h Log Message: Pull up following revision(s) (requested by wiz in ticket #981): usr.bin/ftp/ftp.1: revision 1.135 usr.bin/ftp/ssl.c: revision 1.3 usr.bin/ftp/ssl.c: revision 1.4 usr.bin/ftp/ssl.h: revision 1.3 usr.bin/ftp/version.h: revision 1.86 usr.bin/ftp/version.h: revision 1.87 usr.bin/ftp/fetch.c: revision 1.207 usr.bin/ftp/main.c: revision 1.123 Add -x xferbufsize to set xferbuf size. Implement -x xferbufsize set the socket send and receive buffer size, as per 'xferbuf' in interactive mode. Patch from Nicholas Mills (via private mail), with minor adjustment by me. Add Server Name Indication (SNI) support for https. Needed for e.g. some github URLs. Bump version for SNI support. servername cannot be NULL here. Noted by joerg@. To generate a diff of this commit: cvs rdiff -u -r1.205.4.1 -r1.205.4.2 src/usr.bin/ftp/fetch.c cvs rdiff -u -r1.134 -r1.134.8.1 src/usr.bin/ftp/ftp.1 cvs rdiff -u -r1.122 -r1.122.8.1 src/usr.bin/ftp/main.c cvs rdiff -u -r1.2 -r1.2.14.1 src/usr.bin/ftp/ssl.c cvs rdiff -u -r1.2 -r1.2.4.1 src/usr.bin/ftp/ssl.h cvs rdiff -u -r1.84.6.1 -r1.84.6.2 src/usr.bin/ftp/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205.4.1 src/usr.bin/ftp/fetch.c:1.205.4.2 --- src/usr.bin/ftp/fetch.c:1.205.4.1 Sun Oct 26 16:47:12 2014 +++ src/usr.bin/ftp/fetch.c Thu Nov 5 05:26:38 2015 @@ -1,7 +1,7 @@ -/* $NetBSD: fetch.c,v 1.205.4.1 2014/10/26 16:47:12 martin Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.2 2015/11/05 05:26:38 riz Exp $ */ /*- - * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. + * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -10,6 +10,9 @@ * This code is derived from software contributed to The NetBSD Foundation * by Scott Aaron Bamford. * + * This code is derived from software contributed to The NetBSD Foundation + * by Thomas Klausner. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,7 +37,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205.4.1 2014/10/26 16:47:12 martin Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.2 2015/11/05 05:26:38 riz Exp $"); #endif /* not lint */ /* @@ -782,7 +785,7 @@ fetch_url(const char *url, const char *p #ifdef WITH_SSL if (urltype == HTTPS_URL_T) { -if ((ssl = fetch_start_ssl(s)) == NULL) { +if ((ssl = fetch_start_ssl(s, host)) == NULL) { close(s); s = -1; continue; Index: src/usr.bin/ftp/ftp.1 diff -u src/usr.bin/ftp/ftp.1:1.134 src/usr.bin/ftp/ftp.1:1.134.8.1 --- src/usr.bin/ftp/ftp.1:1.134 Sat Dec 22 16:57:10 2012 +++ src/usr.bin/ftp/ftp.1 Thu Nov 5 05:26:38 2015 @@ -1,6 +1,6 @@ -.\" $NetBSD: ftp.1,v 1.134 2012/12/22 16:57:10 christos Exp $ +.\" $NetBSD: ftp.1,v 1.134.8.1 2015/11/05 05:26:38 riz Exp $ .\" -.\" Copyright (c) 1996-2010 The NetBSD Foundation, Inc. +.\" Copyright (c) 1996-2015 The NetBSD Foundation, Inc. .\" All rights reserved. .\" .\" This code is derived from software contributed to The NetBSD Foundation @@ -57,7 +57,7 @@ .\" .\" @(#)ftp.1 8.3 (Berkeley) 10/9/94 .\" -.Dd December 22, 2012 +.Dd April 24, 2015 .Dt FTP 1 .Os .Sh NAME @@ -84,6 +84,7 @@ .Xc .Oc .Ek +.Op Fl x Ar xferbufsize .Bk -words .\" [[user@]host [port]] .Oo @@ -311,6 +312,12 @@ Forces .Nm to show all responses from the remote server, as well as report on data transfer statistics. +.It Fl x Ar xferbufsize +Set the size of the socket send and receive buffers to +.Ar xferbufsize . +Refer to +.Ic xferbuf +for more information. .El .Pp The client host with which Index: src/usr.bin/ftp/main.c diff -u src/usr.bin/ftp/main.c:1.122 src/usr.bin/ftp/main.c:1.122.8.1 --- src/usr.bin/ftp/main.c:1.122 Sat Dec 22 16:57:10 2012 +++ src/usr.bin/ftp/main.c Thu Nov 5 05:26:38 2015 @@ -1,7 +1,7 @@ -/* $NetBSD: main.c,v 1.122 2012/12/22 16:57:10 christos Exp $ */ +/* $NetBSD: main.c,v 1.122.8.1 2015/11/05 05:26:38 riz Exp $ */ /*- - * Copyright (c) 1996-2009 The NetBSD Foundation, Inc. + * Copyright (c) 1996-2015 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation @@ -91,14 +91,14 @@ #ifndef lint __COPYRIGHT("@(#) Copyright (c) 1985, 1989, 1993, 1994\ The Regents of the University of California. All rights reserved.\ - Copyright 1996-2008 The NetBSD Foundation, Inc. All rights reserved"); + Copyright 1996-2015 The NetBSD Foundation, Inc. All rights reserved"); #endif /* not lint */
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: snj Date: Tue Apr 14 05:10:38 UTC 2015 Modified Files: src/usr.bin/ftp [netbsd-7]: ftp_var.h Log Message: Pull up following revision(s) (requested by christos in ticket #685): usr.bin/ftp/ftp_var.h: revision 1.83 Increase the buffer limit; otherwise files in: http://www.taxdetective.ca/Samples/sampledatafiles.html fail. To generate a diff of this commit: cvs rdiff -u -r1.82 -r1.82.8.1 src/usr.bin/ftp/ftp_var.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/ftp_var.h diff -u src/usr.bin/ftp/ftp_var.h:1.82 src/usr.bin/ftp/ftp_var.h:1.82.8.1 --- src/usr.bin/ftp/ftp_var.h:1.82 Fri Dec 21 18:07:36 2012 +++ src/usr.bin/ftp/ftp_var.h Tue Apr 14 05:10:38 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: ftp_var.h,v 1.82 2012/12/21 18:07:36 christos Exp $ */ +/* $NetBSD: ftp_var.h,v 1.82.8.1 2015/04/14 05:10:38 snj Exp $ */ /*- * Copyright (c) 1996-2009 The NetBSD Foundation, Inc. @@ -169,7 +169,7 @@ enum { /* * Global defines */ -#define FTPBUFLEN MAXPATHLEN + 200 +#define FTPBUFLEN (4 * MAXPATHLEN) #define MAX_IN_PORT_T 0xU #define HASHBYTES 1024 /* default mark for `hash' command */
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: martin Date: Fri Oct 31 08:30:06 UTC 2014 Modified Files: src/usr.bin/ftp [netbsd-7]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #172): usr.bin/ftp/version.h: revision 1.85 Version 20141026 Ignore special characters unless they're from the command line. Fixes CVE-2014-8517 To generate a diff of this commit: cvs rdiff -u -r1.84 -r1.84.6.1 src/usr.bin/ftp/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/version.h diff -u src/usr.bin/ftp/version.h:1.84 src/usr.bin/ftp/version.h:1.84.6.1 --- src/usr.bin/ftp/version.h:1.84 Sun May 5 10:40:19 2013 +++ src/usr.bin/ftp/version.h Fri Oct 31 08:30:06 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.84 2013/05/05 10:40:19 lukem Exp $ */ +/* $NetBSD: version.h,v 1.84.6.1 2014/10/31 08:30:06 martin Exp $ */ /*- * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -34,5 +34,5 @@ #endif #ifndef FTP_VERSION -#define FTP_VERSION "20130220" +#define FTP_VERSION "20141026" #endif
CVS commit: [netbsd-7] src/usr.bin/ftp
Module Name:src Committed By: martin Date: Sun Oct 26 16:47:12 UTC 2014 Modified Files: src/usr.bin/ftp [netbsd-7]: fetch.c Log Message: Pull up following revision(s) (requested by christos in ticket #158): usr.bin/ftp/fetch.c: revision 1.206 don't pay attention to special characters if they don't come from the command line (from jmcneill) To generate a diff of this commit: cvs rdiff -u -r1.205 -r1.205.4.1 src/usr.bin/ftp/fetch.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.205 src/usr.bin/ftp/fetch.c:1.205.4.1 --- src/usr.bin/ftp/fetch.c:1.205 Thu Nov 7 02:06:51 2013 +++ src/usr.bin/ftp/fetch.c Sun Oct 26 16:47:12 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.205 2013/11/07 02:06:51 christos Exp $ */ +/* $NetBSD: fetch.c,v 1.205.4.1 2014/10/26 16:47:12 martin Exp $ */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ #include #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.205 2013/11/07 02:06:51 christos Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.205.4.1 2014/10/26 16:47:12 martin Exp $"); #endif /* not lint */ /* @@ -571,7 +571,7 @@ fetch_url(const char *url, const char *p url_decode(decodedpath); if (outfile) - savefile = ftp_strdup(outfile); + savefile = outfile; else { cp = strrchr(decodedpath, '/'); /* find savefile */ if (cp != NULL) @@ -595,8 +595,7 @@ fetch_url(const char *url, const char *p rangestart = rangeend = entitylen = -1; mtime = -1; if (restartautofetch) { - if (strcmp(savefile, "-") != 0 && *savefile != '|' && - stat(savefile, &sb) == 0) + if (stat(savefile, &sb) == 0) restart_point = sb.st_size; } if (urltype == FILE_URL_T) { /* file:// URLs */ @@ -1150,18 +1149,26 @@ fetch_url(const char *url, const char *p } } /* end of ftp:// or http:// specific setup */ - /* Open the output file. */ - if (strcmp(savefile, "-") == 0) { - fout = stdout; - } else if (*savefile == '|') { - oldpipe = xsignal(SIGPIPE, SIG_IGN); - fout = popen(savefile + 1, "w"); - if (fout == NULL) { - warn("Can't execute `%s'", savefile + 1); - goto cleanup_fetch_url; + /* Open the output file. */ + + /* + * Only trust filenames with special meaning if they came from + * the command line + */ + if (outfile == savefile) { + if (strcmp(savefile, "-") == 0) { + fout = stdout; + } else if (*savefile == '|') { + oldpipe = xsignal(SIGPIPE, SIG_IGN); + fout = popen(savefile + 1, "w"); + if (fout == NULL) { +warn("Can't execute `%s'", savefile + 1); +goto cleanup_fetch_url; + } + closefunc = pclose; } - closefunc = pclose; - } else { + } + if (fout == NULL) { if ((rangeend != -1 && rangeend <= restart_point) || (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { /* already done */ @@ -1379,7 +1386,8 @@ fetch_url(const char *url, const char *p (*closefunc)(fout); if (res0) freeaddrinfo(res0); - FREEPTR(savefile); + if (savefile != outfile) + FREEPTR(savefile); FREEPTR(uuser); if (pass != NULL) memset(pass, 0, strlen(pass));