Re: download site or stuff from sources with weak password
The install script has never used all features of all commands hiding inside it, intentionally, because we don't want to maintain all the edge conditions. *OUR* install scripts are meant to reach to *OUR* distribution infrastructure, and *OUR* distribution infrastructure doesn't use usernames or passwords options, which are fragile and scary and a more complicated to handle than a simple regexp. Also, a reminder to not be crass. Trying to be crass with me gets you nowhere, it simply reminds me of your past behaviour, and that means are wasting your time. sven falempin wrote: > On Mon, Jul 13, 2020 at 2:38 PM Theo de Raadt wrote: > > > I am sceptical of any need to support what you propose, especially > > when it isn't documented, and secondly when it is shitty, and > > outside the scope of the project. > > > > > FTP(1) General Commands ManualFTP(1) > > NAME > ftp - Internet file transfer program > > SYNOPSIS > ftp [-46AadEegiMmnptVv] [-D title] [-k seconds] [-P port] [-r seconds] > [-s srcaddr] [host [port]] > ftp [-C] [-o output] [-s srcaddr] > ftp://[user:password@]host[:port]/file[/] > > documented here > > > -- > -- > - > Knowing is not enough; we must apply. Willing is not enough; we must do
Re: download site or stuff from sources with weak password
On Mon, Jul 13, 2020 at 2:38 PM Theo de Raadt wrote: > I am sceptical of any need to support what you propose, especially > when it isn't documented, and secondly when it is shitty, and > outside the scope of the project. > FTP(1) General Commands ManualFTP(1) NAME ftp - Internet file transfer program SYNOPSIS ftp [-46AadEegiMmnptVv] [-D title] [-k seconds] [-P port] [-r seconds] [-s srcaddr] [host [port]] ftp [-C] [-o output] [-s srcaddr] ftp://[user:password@]host[:port]/file[/] documented here -- -- - Knowing is not enough; we must apply. Willing is not enough; we must do
Re: download site or stuff from sources with weak password
I am sceptical of any need to support what you propose, especially when it isn't documented, and secondly when it is shitty, and outside the scope of the project. sven falempin wrote: > ?(+([!@])@) > > is not very smart for something:something@ > but i guess it is enough ? > > ( tabulation should be present below ) > > Index: ./distrib/miniroot/install.sub > === > RCS file: /cvs/src/distrib/miniroot/install.sub,v > retrieving revision 1.1154 > diff -u -p -r1.1154 install.sub > --- ./distrib/miniroot/install.sub 26 May 2020 16:21:00 - > 1.1154 > +++ ./distrib/miniroot/install.sub 13 Jul 2020 18:26:42 - > @@ -1775,7 +1775,7 @@ install_http() { > HTTP_SERVER=${1%%/*} > # Repeat loop to get user to confirm server address. > ;; > - ?(http?(s)://)+([A-Za-z0-9:.\[\]_-])) > + ?(http?(s)://)?(+([!@])@)+([A-Za-z0-9:.\[\]_-])) > case $resp in > https://*) _tls=force _http_proto=https;; > http://*) _tls=no_http_proto=http;; > > --
download site or stuff from sources with weak password
?(+([!@])@) is not very smart for something:something@ but i guess it is enough ? ( tabulation should be present below ) Index: ./distrib/miniroot/install.sub === RCS file: /cvs/src/distrib/miniroot/install.sub,v retrieving revision 1.1154 diff -u -p -r1.1154 install.sub --- ./distrib/miniroot/install.sub 26 May 2020 16:21:00 - 1.1154 +++ ./distrib/miniroot/install.sub 13 Jul 2020 18:26:42 - @@ -1775,7 +1775,7 @@ install_http() { HTTP_SERVER=${1%%/*} # Repeat loop to get user to confirm server address. ;; - ?(http?(s)://)+([A-Za-z0-9:.\[\]_-])) + ?(http?(s)://)?(+([!@])@)+([A-Za-z0-9:.\[\]_-])) case $resp in https://*) _tls=force _http_proto=https;; http://*) _tls=no_http_proto=http;; --