http(1) An alternate implementation for a subset of ftp(1)
Hi, http(1) is a drop-in substitute for ftp(1)'s AUTO-FETCHING FILES mode. It defaults to HTTP method when the url doesn't specify the protocol and supports transferring files from HTTP(S) and FTP servers. The FTP support is limited to file transfer and doesn't do command interpretation. It works[0] with pkg_add(1) and related tools when set as FETCH_CMD. A SMALL variant could be built by disabling FTP and HTTPS support. Source: http://www.nimmagadda.net/http.tar.gz Thanks Patrick Keshishian and sthen@ for spotting Host header bug in previous version. Comments/Suggestions to improve it are most welcome. [0] Needs this small pkg_add(1) diff to get rid of the error messages when fetching for a FTP server... http://marc.info/?l=openbsd-techm=143966672102753w=2
Re: http(1) An alternate implementation for a subset of ftp(1)
On Mon, Aug 17, 2015 at 06:06:17PM +0200, Sebastien Marie wrote:
Hi,
I start reading your code, and I have a first remark.
I see in main.c (at line 142 and next) that on redirection, you trust
the server for the filename. I am not sure it is a good thing to do.
If the user request 'http://www.example.com/a_filename' (without -o),
the file created should be 'a_filename' what ever the redirection is.
Else, a evil server could arbitrary choose the filename (in the current
directory), and as file creation is done with O_TRUNC (or O_APPEND in
resume case), an evil server could override the file he wants.
Thanks for the comments, I agree with your observation. This diff
evaluates filename just once.
Index: main.c
===
RCS file: /cvs/http/main.c,v
retrieving revision 1.67
diff -u -p -r1.67 main.c
--- main.c 16 Aug 2015 08:00:25 - 1.67
+++ main.c 17 Aug 2015 17:33:20 -
@@ -108,8 +108,8 @@ main(int argc, char *argv[])
}
for (i = 0; i argc; i++) {
-retry:
fn = (output) ? output : basename(argv[i]);
+retry:
url_str = url_encode(argv[i]);
p = url_type(url_str);
if (url_parse(url_str, url, p) != 0)
Re: http(1) An alternate implementation for a subset of ftp(1)
Hi,
I attached 3 patchs:
- retry.patch: move name of output file outside the retry loop. Should
keep the filename defined by user, instead of pike one from server.
- spell.patch: correct a small spelling error
- url-user.patch: a small change in url_parse() in order to copte with
@ char in url path (http://example.com/my@funny@path isn't well
parsed)
And another note, the url_parse() don't copte with url in ipv6
(for example http://[2a00:1450:4007:807::1010]:80/), but I don't known
if it is a real issue for now.
Thanks.
--
Sebastien Marie
Index: b/main.c
===
--- a/main.c2015-08-16 10:00:25.0 +0200
+++ b/main.c2015-08-17 18:48:08.951532825 +0200
@@ -108,8 +108,8 @@ main(int argc, char *argv[])
}
for (i = 0; i argc; i++) {
-retry:
fn = (output) ? output : basename(argv[i]);
+retry:
url_str = url_encode(argv[i]);
p = url_type(url_str);
if (url_parse(url_str, url, p) != 0)
Index: b/main.c
===
--- a/main.c2015-08-17 18:48:08.951532825 +0200
+++ b/main.c2015-08-17 19:32:54.811047138 +0200
@@ -119,7 +119,7 @@ retry:
(void)strlcpy(url.port, port, sizeof(url.port));
if (strcmp(url.path, /) == 0 || strlen(url.path) == 0)
- errx(1, No filename afer host: %s, url.host);
+ errx(1, No filename after host: %s, url.host);
if (url_connect(url, pproxy) == -1)
return (-1);
Index: b/util.c
===
--- a/util.c2015-08-17 19:29:39.239294584 +0200
+++ b/util.c2015-08-17 19:37:40.483642472 +0200
@@ -198,6 +198,16 @@ url_parse(const char *url_str, struct ur
else
s = curl;
+ /* extract url path */
+ if ((e = strchr(s, '/'))) {
+ if (strlcpy(url-path, e,
+ sizeof(url-path)) = sizeof(url-path)) {
+ warnx(url_parse: path overflow);
+ goto cleanup;
+ }
+ *e = '\0';
+ }
+
/* extract user and password */
if ((e = strchr(s, '@'))) {
*e++ = '\0';
@@ -221,16 +231,6 @@ url_parse(const char *url_str, struct ur
s = e;
}
- /* extract url path */
- if ((e = strchr(s, '/'))) {
- if (strlcpy(url-path, e,
- sizeof(url-path)) = sizeof(url-path)) {
- warnx(url_parse: path overflow);
- goto cleanup;
- }
- *e = '\0';
- }
-
/* extract url port */
if ((t = strchr(s, ':'))) {
*t++ = '\0';
Re: http(1) An alternate implementation for a subset of ftp(1)
Hi, I start reading your code, and I have a first remark. I see in main.c (at line 142 and next) that on redirection, you trust the server for the filename. I am not sure it is a good thing to do. If the user request 'http://www.example.com/a_filename' (without -o), the file created should be 'a_filename' what ever the redirection is. Else, a evil server could arbitrary choose the filename (in the current directory), and as file creation is done with O_TRUNC (or O_APPEND in resume case), an evil server could override the file he wants. Regards. -- Sebastien Marie
