Module Name: src Committed By: martin Date: Mon Sep 12 15:02:47 UTC 2022
Modified Files: src/usr.bin/ftp [netbsd-9]: Makefile fetch.c ftp.1 ftp_var.h main.c ssl.c util.c version.h Log Message: Back out ticket #1523 for now - trust anchor validation is not solved. To generate a diff of this commit: cvs rdiff -u -r1.37.12.2 -r1.37.12.3 src/usr.bin/ftp/Makefile cvs rdiff -u -r1.231.2.3 -r1.231.2.4 src/usr.bin/ftp/fetch.c cvs rdiff -u -r1.136.8.2 -r1.136.8.3 src/usr.bin/ftp/ftp.1 cvs rdiff -u -r1.85.6.1 -r1.85.6.2 src/usr.bin/ftp/ftp_var.h cvs rdiff -u -r1.126.2.1 -r1.126.2.2 src/usr.bin/ftp/main.c cvs rdiff -u -r1.8.2.3 -r1.8.2.4 src/usr.bin/ftp/ssl.c cvs rdiff -u -r1.160.2.2 -r1.160.2.3 src/usr.bin/ftp/util.c cvs rdiff -u -r1.87.18.4 -r1.87.18.5 src/usr.bin/ftp/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/usr.bin/ftp/Makefile diff -u src/usr.bin/ftp/Makefile:1.37.12.2 src/usr.bin/ftp/Makefile:1.37.12.3 --- src/usr.bin/ftp/Makefile:1.37.12.2 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/Makefile Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.37.12.2 2022/09/12 14:42:55 martin Exp $ +# $NetBSD: Makefile,v 1.37.12.3 2022/09/12 15:02:47 martin Exp $ # from: @(#)Makefile 8.2 (Berkeley) 4/3/94 .include <bsd.own.mk> @@ -31,6 +31,4 @@ CPPFLAGS+= -DINET6 cmds.o fetch.o: version.h main.o: ftp_var.h -CWARNFLAGS.gcc+= ${GCC_NO_FORMAT_OVERFLOW} - .include <bsd.prog.mk> Index: src/usr.bin/ftp/fetch.c diff -u src/usr.bin/ftp/fetch.c:1.231.2.3 src/usr.bin/ftp/fetch.c:1.231.2.4 --- src/usr.bin/ftp/fetch.c:1.231.2.3 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/fetch.c Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: fetch.c,v 1.231.2.4 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. @@ -37,7 +37,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $"); +__RCSID("$NetBSD: fetch.c,v 1.231.2.4 2022/09/12 15:02:47 martin Exp $"); #endif /* not lint */ /* @@ -106,13 +106,12 @@ __dead static void timeouthttp(int); static int auth_url(const char *, char **, const struct authinfo *); static void base64_encode(const unsigned char *, size_t, unsigned char *); #endif -static int go_fetch(const char *, struct urlinfo *); +static int go_fetch(const char *); static int fetch_ftp(const char *); -static int fetch_url(const char *, const char *, char *, char *, - struct urlinfo *); +static int fetch_url(const char *, const char *, char *, char *); static const char *match_token(const char **, const char *); static int parse_url(const char *, const char *, struct urlinfo *, - struct authinfo *, struct urlinfo *); + struct authinfo *); static void url_decode(char *); static void freeauthinfo(struct authinfo *); static void freeurlinfo(struct urlinfo *); @@ -275,7 +274,7 @@ auth_url(const char *challenge, char **r scheme = "Basic"; /* only support Basic authentication */ gotpass = NULL; - DPRINTF("%s: challenge `%s'\n", __func__, challenge); + DPRINTF("auth_url: challenge `%s'\n", challenge); if (! match_token(&cp, scheme)) { warnx("Unsupported authentication challenge `%s'", @@ -337,7 +336,7 @@ auth_url(const char *challenge, char **r *response = ftp_malloc(rlen); (void)strlcpy(*response, scheme, rlen); len = strlcat(*response, " ", rlen); - /* use `clen - 1' to not encode the trailing NUL */ + /* use `clen - 1' to not encode the trailing NUL */ base64_encode((unsigned char *)clear, clen - 1, (unsigned char *)*response + len); memset(clear, 0, clen); @@ -368,7 +367,7 @@ base64_encode(const unsigned char *clear | ((clear[i + 1] >> 4) & 0x0f)]; *(cp++) = enc[((clear[i + 1] << 2) & 0x3c) | ((clear[i + 2] >> 6) & 0x03)]; - *(cp++) = enc[((clear[i + 2] ) & 0x3f)]; + *(cp++) = enc[((clear[i + 2] ) & 0x3f)]; } *cp = '\0'; while (i-- > len) @@ -401,42 +400,6 @@ url_decode(char *url) *q = '\0'; } -static const char * -get_port(const struct urlinfo *ui) -{ - - switch(ui->utype) { - case HTTP_URL_T: - return httpport; - case FTP_URL_T: - return ftpport; - case FILE_URL_T: - return ""; -#ifdef WITH_SSL - case HTTPS_URL_T: - return httpsport; -#endif - default: - return NULL; - } -} - -static int -use_relative(const struct urlinfo *ui) -{ - if (ui == NULL) - return 0; - switch (ui->utype) { - case HTTP_URL_T: - case FILE_URL_T: -#ifdef WITH_SSL - case HTTPS_URL_T: -#endif - return 1; - default: - return 0; - } -} /* * Parse URL of form (per RFC 3986): @@ -472,7 +435,7 @@ use_relative(const struct urlinfo *ui) static int parse_url(const char *url, const char *desc, struct urlinfo *ui, - struct authinfo *auth, struct urlinfo *rui) + struct authinfo *auth) { const char *origurl, *tport; char *cp, *ep, *thost; @@ -483,26 +446,29 @@ parse_url(const char *url, const char *d DPRINTF("parse_url: %s `%s'\n", desc, url); origurl = url; + tport = NULL; if (STRNEQUAL(url, HTTP_URL)) { url += sizeof(HTTP_URL) - 1; ui->utype = HTTP_URL_T; ui->portnum = HTTP_PORT; + tport = httpport; } else if (STRNEQUAL(url, FTP_URL)) { url += sizeof(FTP_URL) - 1; ui->utype = FTP_URL_T; ui->portnum = FTP_PORT; + tport = ftpport; } else if (STRNEQUAL(url, FILE_URL)) { url += sizeof(FILE_URL) - 1; ui->utype = FILE_URL_T; + tport = ""; #ifdef WITH_SSL } else if (STRNEQUAL(url, HTTPS_URL)) { url += sizeof(HTTPS_URL) - 1; ui->utype = HTTPS_URL_T; ui->portnum = HTTPS_PORT; + tport = httpsport; #endif - } else if (rui != NULL) { - copyurlinfo(ui, rui); } else { warnx("Invalid %s `%s'", desc, url); cleanup_parse_url: @@ -511,7 +477,6 @@ parse_url(const char *url, const char *d return (-1); } - if (*url == '\0') return (0); @@ -576,8 +541,7 @@ parse_url(const char *url, const char *d #endif /* INET6 */ if ((cp = strchr(thost, ':')) != NULL) *cp++ = '\0'; - if (*thost != '\0') - ui->host = thost; + ui->host = thost; /* look for [:port] */ if (cp != NULL) { @@ -592,9 +556,7 @@ parse_url(const char *url, const char *d } ui->portnum = nport; tport = cp; - } else - tport = get_port(ui); - + } if (tport != NULL) ui->port = ftp_strdup(tport); @@ -605,8 +567,8 @@ parse_url(const char *url, const char *d ui->path = ftp_strdup(emptypath); } - DPRINTF("%s: user `%s' pass `%s' host %s port %s(%d) " - "path `%s'\n", __func__, + DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) " + "path `%s'\n", STRorNULL(auth->user), STRorNULL(auth->pass), STRorNULL(ui->host), STRorNULL(ui->port), ui->portnum ? ui->portnum : -1, STRorNULL(ui->path)); @@ -619,7 +581,7 @@ sigjmp_buf httpabort; static int ftp_socket(const struct urlinfo *ui, void **ssl) { - struct addrinfo hints, *res, *res0 = NULL; + struct addrinfo hints, *res, *res0 = NULL; int error; int s; const char *host = ui->host; @@ -724,7 +686,7 @@ handle_noproxy(const char *host, in_port if (*cp == '\0') continue; if ((np = strrchr(cp, ':')) != NULL) { - *np++ = '\0'; + *np++ = '\0'; np_port = strtoul(np, &ep, 10); if (*np == '\0' || *ep != '\0') continue; @@ -756,7 +718,7 @@ handle_proxy(const char *url, const char } initurlinfo(&pui); - if (parse_url(penv, "proxy URL", &pui, pauth, NULL) == -1) + if (parse_url(penv, "proxy URL", &pui, pauth) == -1) return -1; if ((!IS_HTTP_TYPE(pui.utype) && pui.utype != FTP_URL_T) || @@ -927,9 +889,9 @@ print_connect(FETCH *fin, const struct u } #endif -#define C_OK 0 -#define C_CLEANUP 1 -#define C_IMPROPER 2 +#define C_OK 0 +#define C_CLEANUP 1 +#define C_IMPROPER 2 static int getresponseline(FETCH *fin, char *buf, size_t buflen, int *len) @@ -1028,7 +990,7 @@ parse_posinfo(const char **cp, struct po static void do_auth(int hcode, const char *url, const char *penv, struct authinfo *wauth, struct authinfo *pauth, char **auth, const char *message, - volatile int *rval, struct urlinfo *ui) + volatile int *rval) { struct authinfo aauth; char *response; @@ -1063,8 +1025,7 @@ do_auth(int hcode, const char *url, cons if (auth_url(*auth, &response, &aauth) == 0) { *rval = fetch_url(url, penv, hcode == 401 ? pauth->auth : response, - hcode == 401 ? response : wauth->auth, - ui); + hcode == 401 ? response: wauth->auth); memset(response, 0, strlen(response)); FREEPTR(response); } @@ -1075,12 +1036,12 @@ static int negotiate_connection(FETCH *fin, const char *url, const char *penv, struct posinfo *pi, time_t *mtime, struct authinfo *wauth, struct authinfo *pauth, volatile int *rval, volatile int *ischunked, - char **auth, struct urlinfo *ui) + char **auth) { int len, hcode, rv; char buf[FTPBUFLEN], *ep; const char *cp, *token; - char *location, *message; + char *location, *message; *auth = message = location = NULL; @@ -1195,19 +1156,18 @@ negotiate_connection(FETCH *fin, const c fprintf(ttyout, "Redirected via %s\n", location); *rval = fetch_url(url, location, - pauth->auth, wauth->auth, ui); + pauth->auth, wauth->auth); } else { if (verbose) fprintf(ttyout, "Redirected to %s\n", location); - *rval = go_fetch(location, ui); + *rval = go_fetch(location); } goto cleanup_fetch_url; #ifndef NO_AUTH case 401: case 407: - do_auth(hcode, url, penv, wauth, pauth, auth, message, rval, - ui); + do_auth(hcode, url, penv, wauth, pauth, auth, message, rval); goto cleanup_fetch_url; #endif default: @@ -1272,7 +1232,7 @@ connectmethod(FETCH *fin, const char *ur message = ftp_strdup(ep); break; } - + for (;;) { int len; if (getresponseline(fin, buf, sizeof(buf), &len) != C_OK) @@ -1301,8 +1261,7 @@ connectmethod(FETCH *fin, const char *ur break; #ifndef NO_AUTH case 407: - do_auth(hcode, url, penv, wauth, pauth, auth, message, rval, - ui); + do_auth(hcode, url, penv, wauth, pauth, auth, message, rval); goto cleanup_fetch_url; #endif default: @@ -1340,8 +1299,7 @@ out: * is still open (e.g, ftp xfer with trailing /) */ static int -fetch_url(const char *url, const char *proxyenv, char *proxyauth, - char *wwwauth, struct urlinfo *rui) +fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth) { sigfunc volatile oldint; sigfunc volatile oldpipe; @@ -1350,7 +1308,7 @@ fetch_url(const char *url, const char *p int volatile s; struct stat sb; int volatile isproxy; - int volatile rval, ischunked; + int volatile rval, ischunked; size_t flen; static size_t bufsize; static char *xferbuf; @@ -1361,7 +1319,7 @@ fetch_url(const char *url, const char *p char *volatile location; char *volatile message; char *volatile decodedpath; - struct authinfo wauth, pauth; + struct authinfo wauth, pauth; struct posinfo pi; off_t hashbytes; int (*volatile closefunc)(FILE *); @@ -1394,7 +1352,7 @@ fetch_url(const char *url, const char *p if (sigsetjmp(httpabort, 1)) goto cleanup_fetch_url; - if (parse_url(url, "URL", &ui, &wauth, rui) == -1) + if (parse_url(url, "URL", &ui, &wauth) == -1) goto cleanup_fetch_url; copyurlinfo(&oui, &ui); @@ -1410,7 +1368,7 @@ fetch_url(const char *url, const char *p rval = fetch_ftp(url); goto cleanup_fetch_url; } - if (!IS_HTTP_TYPE(ui.utype) || outfile == NULL) { + if (!IS_HTTP_TYPE(ui.utype) || outfile == NULL) { warnx("Invalid URL (no file after host) `%s'", url); goto cleanup_fetch_url; } @@ -1465,8 +1423,7 @@ fetch_url(const char *url, const char *p filesize = sb.st_size; } if (restart_point) { - if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) - < 0) { + if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) { warn("Can't seek to restart `%s'", decodedpath); goto cleanup_fetch_url; @@ -1578,7 +1535,7 @@ fetch_url(const char *url, const char *p switch (negotiate_connection(fin, url, penv, &pi, &mtime, &wauth, &pauth, &rval, &ischunked, - __UNVOLATILE(&auth), &ui)) { + __UNVOLATILE(&auth))) { case C_OK: break; case C_CLEANUP: @@ -1685,7 +1642,7 @@ fetch_url(const char *url, const char *p } /* - * XXX: Work around bug in Apache 1.3.9 and + * XXX: Work around bug in Apache 1.3.9 and * 1.3.11, which incorrectly put trailing * space after the chunk-size. */ @@ -1893,10 +1850,10 @@ fetch_ftp(const char *url) char dirbuf[4]; int dirhasglob, filehasglob, rval, transtype, xargc; int oanonftp, oautologin; - struct authinfo auth; + struct authinfo auth; struct urlinfo ui; - DPRINTF("%s: `%s'\n", __func__, url); + DPRINTF("fetch_ftp: `%s'\n", url); dir = file = NULL; rval = 1; transtype = TYPE_I; @@ -1905,7 +1862,7 @@ fetch_ftp(const char *url) initauthinfo(&auth, NULL); if (STRNEQUAL(url, FTP_URL)) { - if ((parse_url(url, "URL", &ui, &auth, NULL) == -1) || + if ((parse_url(url, "URL", &ui, &auth) == -1) || (auth.user != NULL && *auth.user == '\0') || EMPTYSTRING(ui.host)) { warnx("Invalid URL `%s'", url); @@ -1917,8 +1874,7 @@ fetch_ftp(const char *url) */ /* check for trailing ';type=[aid]' */ - if (! EMPTYSTRING(ui.path) - && (cp = strrchr(ui.path, ';')) != NULL) { + if (! EMPTYSTRING(ui.path) && (cp = strrchr(ui.path, ';')) != NULL) { if (strcasecmp(cp, ";type=a") == 0) transtype = TYPE_A; else if (strcasecmp(cp, ";type=i") == 0) @@ -1960,12 +1916,12 @@ fetch_ftp(const char *url) * If we are dealing with classic `[user@]host:[path]' syntax, * then a path of the form `/file' (resulting from input of the * form `host:/file') means that we should do "CWD /" before - * retrieving the file. So we set dir="/" and file="file". + * retrieving the file. So we set dir="/" and file="file". * * But if we are dealing with URLs like `ftp://host/path' then * a path of the form `/file' (resulting from a URL of the form * `ftp://host//file') means that we should do `CWD ' (with an - * empty argument) before retrieving the file. So we set + * empty argument) before retrieving the file. So we set * dir="" and file="file". * * If the path does not contain / at all, we set dir=NULL. @@ -1996,8 +1952,8 @@ fetch_ftp(const char *url) url_decode(file); /* but still don't url_decode(dir) */ } - DPRINTF("%s: user `%s' pass `%s' host %s port %s " - "path `%s' dir `%s' file `%s'\n", __func__, + DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s " + "path `%s' dir `%s' file `%s'\n", STRorNULL(auth.user), STRorNULL(auth.pass), STRorNULL(ui.host), STRorNULL(ui.port), STRorNULL(ui.path), STRorNULL(dir), STRorNULL(file)); @@ -2046,7 +2002,7 @@ fetch_ftp(const char *url) setbinary(1, xargv); break; default: - errx(1, "%s: unknown transfer type %d", __func__, transtype); + errx(1, "fetch_ftp: unknown transfer type %d", transtype); } /* @@ -2068,7 +2024,7 @@ fetch_ftp(const char *url) * (urltype is FTP_URL_T), then RFC 3986 says we need to * send a separate CWD command for each unescaped "/" * in the path, and we have to interpret %hex escaping - * *after* we find the slashes. It's possible to get + * *after* we find the slashes. It's possible to get * empty components here, (from multiple adjacent * slashes in the path) and RFC 3986 says that we should * still do `CWD ' (with a null argument) in such cases. @@ -2111,7 +2067,7 @@ fetch_ftp(const char *url) * "CWD /", "CWD foo", "CWD bar", "RETR file" * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar" * "CWD /foo", "CWD bar", "RETR file" - * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar" + * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar" * "CWD /foo/bar", "RETR file" * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL * "RETR /foo/bar/file" @@ -2128,7 +2084,7 @@ fetch_ftp(const char *url) url_decode(dir); } else nextpart = NULL; - DPRINTF("%s: dir `%s', nextpart `%s'\n", __func__, + DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n", STRorNULL(dir), STRorNULL(nextpart)); if (ui.utype == FTP_URL_T || *dir != '\0') { (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf)); @@ -2223,7 +2179,7 @@ fetch_ftp(const char *url) * is still open (e.g, ftp xfer with trailing /) */ static int -go_fetch(const char *url, struct urlinfo *rui) +go_fetch(const char *url) { char *proxyenv; char *p; @@ -2272,7 +2228,7 @@ go_fetch(const char *url, struct urlinfo || STRNEQUAL(url, HTTPS_URL) #endif || STRNEQUAL(url, FILE_URL)) - return (fetch_url(url, NULL, NULL, NULL, rui)); + return (fetch_url(url, NULL, NULL, NULL)); /* * If it contains "://" but does not begin with ftp:// @@ -2287,20 +2243,13 @@ go_fetch(const char *url, struct urlinfo errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url); /* - * Refer to previous urlinfo if provided. This makes relative - * redirects work. - */ - if (use_relative(rui)) - return fetch_url(url, NULL, NULL, NULL, rui); - - /* * Try FTP URL-style and host:file arguments next. * If ftpproxy is set with an FTP URL, use fetch_url() - * Otherwise, use fetch_ftp(). + * Othewise, use fetch_ftp(). */ proxyenv = getoptionvalue("ftp_proxy"); if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL)) - return (fetch_url(url, NULL, NULL, NULL, rui)); + return (fetch_url(url, NULL, NULL, NULL)); return (fetch_ftp(url)); } @@ -2343,7 +2292,7 @@ auto_fetch(int argc, char *argv[]) redirect_loop = 0; if (!anonftp) anonftp = 2; /* Handle "automatic" transfers. */ - rval = go_fetch(argv[argpos], NULL); + rval = go_fetch(argv[argpos]); if (outfile != NULL && strcmp(outfile, "-") != 0 && outfile[0] != '|') { FREEPTR(outfile); @@ -2382,7 +2331,7 @@ auto_put(int argc, char **argv, const ch pathsep = NULL; rval = 1; - DPRINTF("%s: target `%s'\n", __func__, uploadserver); + DPRINTF("auto_put: target `%s'\n", uploadserver); path = ftp_strdup(uploadserver); len = strlen(path); @@ -2391,7 +2340,7 @@ auto_put(int argc, char **argv, const ch * make sure we always pass a directory to auto_fetch */ if (argc > 1) { /* more than one file to upload */ - len = strlen(uploadserver) + 2; /* path + "/" + "\0" */ + len = strlen(uploadserver) + 2; /* path + "/" + "\0" */ free(path); path = (char *)ftp_malloc(len); (void)strlcpy(path, uploadserver, len); @@ -2415,7 +2364,7 @@ auto_put(int argc, char **argv, const ch uargc++; } } - DPRINTF("%s: URL `%s' argv[2] `%s'\n", __func__, + DPRINTF("auto_put: URL `%s' argv[2] `%s'\n", path, STRorNULL(uargv[2])); /* connect and cwd */ Index: src/usr.bin/ftp/ftp.1 diff -u src/usr.bin/ftp/ftp.1:1.136.8.2 src/usr.bin/ftp/ftp.1:1.136.8.3 --- src/usr.bin/ftp/ftp.1:1.136.8.2 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/ftp.1 Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -.\" $NetBSD: ftp.1,v 1.136.8.2 2022/09/12 14:42:55 martin Exp $ +.\" $NetBSD: ftp.1,v 1.136.8.3 2022/09/12 15:02:47 martin Exp $ .\" .\" Copyright (c) 1996-2021 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -57,7 +57,7 @@ .\" .\" @(#)ftp.1 8.3 (Berkeley) 10/9/94 .\" -.Dd August 29, 2022 +.Dd January 6, 2021 .Dt FTP 1 .Os .Sh NAME @@ -65,7 +65,7 @@ .Nd Internet file transfer program .Sh SYNOPSIS .Nm -.Op Fl 46AadefginpRtVv? +.Op Fl 46AadefginpRtVv .Op Fl N Ar netrc .Op Fl o Ar output .Op Fl P Ar port @@ -84,11 +84,12 @@ .Xc .Oc .Ek -.Op Fl x Ar xfersize +.Op Fl x Ar xferbufsize .Bk -words .\" [[user@]host [port]] .Oo -.Oo Ar user Ns Li \&@ Oc Ns Ar host Oo Ar port Oc +.Oo Ar user Ns Li \&@ Oc Ns Ar host +.Op Ar port .Oc .Ek .Bk -words @@ -121,7 +122,7 @@ .Ar host Oo Li \&: Ar port Oc .Li / Ar path .Op Li / -.Op Li ;type= Ar type +.Op Li ;type= Ar X .Oc .Sm on .Ek @@ -138,24 +139,12 @@ .Oc .Sm on .Ek -.Bk -words -.\" [https://[user[:password]@]host[:port]/path] -.Sm off -.Oo -.Li https:// -.Oo Ar user -.Op Li \&: Ar password -.Li \&@ Oc -.Ar host Oo Li \&: Ar port Oc -.Li / Ar path -.Oc -.Sm on -.Ek -.Ar \&... +.Op Ar \&.\&.\&. .Nm .Bk -words -.Fl u Ar url Ar +.Fl u Ar URL Ar file .Ek +.Op Ar \&.\&.\&. .Sh DESCRIPTION .Nm is the user interface to the Internet standard File Transfer Protocol. @@ -184,13 +173,10 @@ Forces .Nm to only use IPv6 addresses. .It Fl A -Force active mode -.Tn FTP . +Force active mode ftp. By default, .Nm -will try to use passive mode -.Tn FTP -and fall back to active mode +will try to use passive mode ftp and fall back to active mode if passive is not supported by the server. This option causes .Nm @@ -298,14 +284,12 @@ bytes/second. Refer to .Ic rate for more information. -.It Fl u Ar url Ar +.It Fl u Ar URL file Op \&.\&.\&. Upload files on the command line to -.Ar url +.Ar URL where -.Ar url -is one of the -.Sq Li ftp:// -URL types as supported by auto-fetch +.Ar URL +is one of the ftp URL types as supported by auto-fetch (with an optional target filename for single file uploads), and .Ar file is one or more local files to be uploaded. @@ -328,14 +312,12 @@ Forces .Nm to show all responses from the remote server, as well as report on data transfer statistics. -.It Fl x Ar xfersize +.It Fl x Ar xferbufsize Set the size of the socket send and receive buffers to -.Ar xfersize . +.Ar xferbufsize . Refer to .Ic xferbuf for more information. -.It Fl ? -Display help to stdout, and exit. .El .Pp The client host with which @@ -505,16 +487,18 @@ Toggle command line editing, and context completion. This is automatically enabled if input is from a terminal, and disabled otherwise. -.It Ic epsv , epsv4 , epsv6 +.It Ic epsv epsv4 epsv6 Toggle the use of the extended .Dv EPSV and .Dv EPRT commands on all IP, IPv4, and IPv6 connections respectively. First try -.Dv EPSV Ns \^/\^ Ns Dv EPRT , +.Dv EPSV / +.Dv EPRT , and then -.Dv PASV Ns \^/\^ Ns Dv PORT . +.Dv PASV / +.Dv PORT . This is enabled by default. If an extended command fails then this option will be temporarily disabled for the duration of the current connection, or until @@ -547,9 +531,7 @@ A synonym for .Ic open . .It Ic gate Op Ar host Op Ar port Toggle gate-ftp mode, which used to connect through the -TIS FWTK and Gauntlet -.Tn FTP -proxies. +TIS FWTK and Gauntlet ftp proxies. This will not be permitted if the gate-ftp server hasn't been set (either explicitly by the user, or from the .Ev FTPSERVER @@ -607,11 +589,9 @@ each remote file name is expanded separately on the remote machine and the lists are not merged. Expansion of a directory name is likely to be different from expansion of the name of an ordinary file: -the exact result depends on the foreign operating system and -.Tn FTP -server, +the exact result depends on the foreign operating system and ftp server, and can be previewed by doing -.Sq Li mls remote-files \- . +.Ql mls remote-files \- Note: .Ic mget , .Ic mput @@ -692,32 +672,32 @@ To invoke a macro, use the command (see above). .Pp The macro processor interprets -.Ql $ +.Sq $ and -.Ql \e +.Sq \e as special characters. A -.Ql $ +.Sq $ followed by a number (or numbers) is replaced by the corresponding argument on the macro invocation command line. A -.Ql $ +.Sq $ followed by an -.Ql i +.Sq i signals the macro processor that the executing macro is to be looped. On the first pass -.Ql $i +.Dq $i is replaced by the first argument on the macro invocation command line, on the second pass it is replaced by the second argument, and so on. A -.Ql \e +.Sq \e followed by any character is replaced by that character. Use the -.Ql \e +.Sq \e to prevent special treatment of the -.Ql $ . +.Sq $ . .It Ic mdelete Op Ar remote-files Delete the .Ar remote-files @@ -752,7 +732,7 @@ Files are transferred into the local wor which can be changed with .Ql lcd directory ; new local directories can be created with -.Sq Li "\&! mkdir directory" . +.Ql "\&! mkdir directory" . .It Ic mkdir Ar directory-name Make a directory on the remote machine. .It Ic mls Ar remote-files local-file @@ -775,7 +755,7 @@ Display the contents of in a machine-parsable form, using .Dv MLSD . The format of display can be changed with -.Sq Li "remopts mlst ..." . +.Sq "remopts mlst ..." . .It Ic mlst Op Ar remote-path Display the details about .Ar remote-path @@ -783,7 +763,7 @@ Display the details about in a machine-parsable form, using .Dv MLST . The format of display can be changed with -.Sq Li "remopts mlst ..." . +.Sq "remopts mlst ..." . .It Ic mode Ar mode-name Set the file transfer .Ic mode @@ -829,7 +809,7 @@ If the file does not exist on the current system, the remote file is considered .Ic newer . Otherwise, this command is identical to -.Ic get . +.Ar get . .It Ic nlist Op Ar remote-path Op Ar local-file A synonym for .Ic ls . @@ -854,8 +834,7 @@ The mapping follows the pattern set by .Ar inpattern and .Ar outpattern . -.Pp -.Ar inpattern +.Op Ar Inpattern is a template for incoming filenames (which may have already been processed according to the .Ic ntrans @@ -864,16 +843,16 @@ and settings). Variable templating is accomplished by including the sequences -.Ql $1 , -.Ql $2 , -\&...\|, -.Ql $9 +.Dq $1 , +.Dq $2 , +\&... +.Dq $9 in .Ar inpattern . Use -.Ql \e +.Sq \e to prevent this special treatment of the -.Ql $ +.Sq $ character. All other characters are treated literally, and are used to determine the .Ic nmap @@ -881,72 +860,53 @@ All other characters are treated literal variable values. For example, given .Ar inpattern -.Sq Li $1.$2 -and the remote file name -.Sq Li mydata.data , -.Ql $1 -would have the value -.Sq Li mydata , -and -.Ql $2 -would have the value -.Sq Li data . -.Pp +$1.$2 and the remote file name "mydata.data", $1 would have the value +"mydata", and $2 would have the value "data". The .Ar outpattern determines the resulting mapped filename. The sequences -.Ql $1 , -.Ql $2 , -\&...\|, -.Ql $9 +.Dq $1 , +.Dq $2 , +\&... +.Dq $9 are replaced by any value resulting from the .Ar inpattern template. The sequence -.Ql $0 +.Dq $0 is replaced by the original filename. Additionally, the sequence .Dq Op Ar seq1 , Ar seq2 is replaced by -.Ar seq1 +.Op Ar seq1 if .Ar seq1 is not a null string; otherwise it is replaced by .Ar seq2 . For example, the command .Pp -.Dl nmap $1.$2.$3 [$1,$2].[$2,file] +.Bd -literal -offset indent -compact +nmap $1.$2.$3 [$1,$2].[$2,file] +.Ed .Pp would yield -the output filename -.Sq Li myfile.data -for input filenames -.Sq Li myfile.data -and -.Sq Li myfile.data.old , -.Sq Li myfile.file -for the input filename -.Sq Li myfile , -and -.Sq Li myfile.myfile -for the input filename -.Sq Li "\&.myfile" . +the output filename "myfile.data" for input filenames "myfile.data" and +"myfile.data.old", "myfile.file" for the input filename "myfile", and +"myfile.myfile" for the input filename ".myfile". Spaces may be included in .Ar outpattern , as in the example: -.Pp .Dl nmap $1 sed "s/ *$//" > $1 -.Pp Use the -.Ql \e +.Sq \e character to prevent special treatment of the -.Ql $ , -.Ql \&[ , -.Ql \&] , +.Sq $ , +.Sq \&[ , +.Sq \&] , and -.Ql \&, +.Sq \&, characters. .It Ic ntrans Op Ar inchars Op Ar outchars Set or unset the filename character translation mechanism. @@ -1067,7 +1027,7 @@ The progress bar will be disabled for a as .Sq Fl or a command that starts with -.Ql \&| . +.Sq \&| . Refer to .Sx FILE NAMING CONVENTIONS for more information. @@ -1121,9 +1081,7 @@ Any other response will answer .Sq yes to the current file. .It Ic proxy Ar ftp-command -Execute an -.Tn FTP -command on a secondary control connection. +Execute an ftp command on a secondary control connection. This command allows simultaneous connection to two remote .Tn FTP servers for transferring files between the two servers. @@ -1132,13 +1090,11 @@ The first command should be an .Ic open , to establish the secondary control connection. -Enter the command -.Sq Li "proxy ?" -to see other +Enter the command "proxy ?" to see other .Tn FTP commands executable on the secondary connection. The following commands behave differently when prefaced by -.Ic proxy\^ : +.Ic proxy : .Ic open will not define new macros during the auto-login process, .Ic close @@ -1183,7 +1139,7 @@ machine. .It Ic quit A synonym for .Ic bye . -.It Ic quote Op Ar arg ... +.It Ic quote Ar arg1 arg2 ... The arguments specified are sent, verbatim, to the remote .Tn FTP server. @@ -1197,7 +1153,7 @@ is 0, disable the throttle. .Pp .Ar direction may be one of: -.Bl -tag -width ".Cm all" -offset indent -compact +.Bl -tag -width "all" -offset indent -compact .It Cm all Both directions. .It Cm get @@ -1210,7 +1166,7 @@ Outgoing transfers. can be modified on the fly by .Ar increment bytes (default: 1024) each time a given signal is received: -.Bl -tag -width ".Dv SIGUSR1" -offset indent +.Bl -tag -width "SIGUSR1" -offset indent .It Dv SIGUSR1 Increment .Ar maximum @@ -1268,7 +1224,7 @@ to Remote .Tn FTP commands known to support options include: -.Dv MLST +.Sq MLST (used for .Dv MLSD and @@ -1321,16 +1277,10 @@ local filename for a .Ic get or .Ic mget -command, a -.Ql \&.1 -is appended to the name. +command, a ".1" is appended to the name. If the resulting name matches another existing file, -a -.Ql \&.2 -is appended to the original name. -If this process continues up to -.Ql .99 , -an error +a ".2" is appended to the original name. +If this process continues up to ".99", an error message is printed, and the transfer does not take place. The generated unique filename will be reported. Note that @@ -1408,7 +1358,7 @@ Defaults to Defaults to .Ev $FTPRPROMPT . .El -.It Ic site Op Ar arg ... +.It Ic site Ar arg1 arg2 ... The arguments specified are sent, verbatim, to the remote .Tn FTP server as a @@ -1529,7 +1479,7 @@ A synonym for .Pp Command arguments which have embedded spaces may be quoted with quote -.Ql \&\(dq +.Sq \&" marks. .Pp Commands which toggle settings can take an explicit @@ -1564,7 +1514,7 @@ If receives a .Dv SIGINFO (see the -.Cm status +.Dq status argument of .Xr stty 1 ) or @@ -1594,7 +1544,7 @@ contains a glob character and globbing i (see .Ic glob ) , then the equivalent of -.Sq Li mget path +.Ql mget path is performed. .Pp If the directory component of @@ -1607,10 +1557,10 @@ of in the current directory. Otherwise, the full remote name is used as the local name, relative to the local root directory. -.\" ftp://[user[:password]@]host[:port]/path[/][;type=type] +.\" ftp://[user[:password]@]host[:port]/path[/][;type=X] .It Li ftp:// Ns Oo Ar user Ns Oo Ns Li \&: Ns Ar password Oc Ns Li \&@ Oc \ Ns Ar host Ns Oo Li \&: Ns Ar port Oc Ns Li / Ns Ar path Ns Oo Li / Oc \ -Ns Oo Li ;type= Ns Ar type Oc +Ns Oo Li ;type= Ns Ar X Oc An .Tn FTP URL, retrieved using the @@ -1633,9 +1583,9 @@ In this case, use if supplied, otherwise prompt the user for one. .Pp If a suffix of -.Sq Li \&;type=A +.Sq ;type=A or -.Sq Li \&;type=I +.Sq ;type=I is supplied, then the transfer type will take place as ascii or binary (respectively). The default transfer type is binary. @@ -1646,7 +1596,7 @@ In order to be compliant with interprets the .Ar path part of an -.Sq Li ftp:// +.Dq ftp:// auto-fetch URL as follows: .Bl -bullet .It @@ -1726,20 +1676,20 @@ user. If the .Pa / directory is required, use a leading path of -.Sq Li \&%2F . +.Dq %2F . If a user's home directory is required (and the remote server supports the syntax), use a leading path of -.Sq Li \&%7E Ns Ar user Ns Li / . +.Dq %7Euser/ . For example, to retrieve .Pa /etc/motd from -.Sq Li localhost +.Sq localhost as the user -.Sq Li myname +.Sq myname with the password -.Sq Li mypass , +.Sq mypass , use -.Sq Li ftp://myname:mypass@localhost/%2fetc/motd +.Dq ftp://myname:mypass@localhost/%2fetc/motd .It The exact .Ic cd @@ -1747,11 +1697,11 @@ and .Ic get commands can be controlled by careful choice of where to use -.Sq Li / +.Sq / and where to use -.Sq Li \&%2F +.Sq %2F (or -.Sq Li %2f ) . +.Sq %2f ) . For example, the following URLs correspond to the equivalents of the indicated commands: .Bl -tag -width "ftp://host/%2Fdir1%2Fdir2%2Ffile" @@ -1798,9 +1748,9 @@ If authorization is required to retrieve .Ar path , and -.Ar user +.Sq user (and optionally -.Ar password\^ ) +.Sq password ) is in the URL, use them for the first attempt to authenticate. .\" https://[user[:password]@]host[:port]/path .It Li https:// Ns Oo Ar user Ns Oo Li \&: Ns Ar password Oc Ns Li \&@ Oc \ @@ -1820,9 +1770,9 @@ If authorization is required to retrieve .Ar path , and -.Ar user +.Sq user (and optionally -.Ar password\^ ) +.Sq password ) is in the URL, use them for the first attempt to authenticate. There is currently no certificate validation and verification. .\" file:///path @@ -1865,7 +1815,7 @@ is recommended, to avoid writing to unex If a classic format or an .Tn FTP URL format has a trailing -.Ql / +.Sq / or an empty .Ar path component, then @@ -1897,9 +1847,9 @@ proxies will be restarted. For .Tn FTP , this is implemented by using -.Ic reget +.Nm reget instead of -.Ic get . +.Nm get . For .Tn HTTP , this is implemented by using the @@ -1913,7 +1863,7 @@ to enter a username and password to auth When specifying IPv6 numeric addresses in a URL, you need to surround the address in square brackets. E.g.: -.Sq Li ftp://[::1]:21/ . +.Dq ftp://[::1]:21/ . This is because colons are used in IPv6 numeric address as well as being the separator for the port number. .Sh ABORTING A FILE TRANSFER @@ -1936,9 +1886,7 @@ sending the requested file. .Pp If the terminal interrupt key sequence is used whilst .Nm -is awaiting a reply from the remote server for the -.Dv ABOR -processing, +is awaiting a reply from the remote server for the ABOR processing, then the connection will be closed. This is different from the traditional behaviour (which ignores the terminal interrupt during this phase), but is considered more useful. @@ -1951,13 +1899,13 @@ commands are processed according to the If the file name .Sq Fl is specified, the -.Va stdin +.Ar stdin (for reading) or -.Va stdout +.Ar stdout (for writing) is used. .It If the first character of the file name is -.Ql \&| , +.Sq \&| , the remainder of the argument is interpreted as a shell command. .Nm @@ -1967,12 +1915,13 @@ with the argument supplied, and reads (w (stdin). If the shell command includes spaces, the argument must be quoted; e.g. -.Sq Li \(dq|\~ls\~\-lt\(dq . +.Dq Qq Li \&| ls\ \-lt . A particularly useful example of this mechanism is: -.Sq Li dir\~\(dq\(dq\~|more . +.Dq Li dir \&"\&" \&|more . .It -Failing the above checks, if globbing +Failing the above checks, if +.Dq globbing is enabled, local file names are expanded according to the rules used in the .Xr csh 1 ; @@ -1983,7 +1932,7 @@ If the .Nm command expects a single local file (e.g. .Ic put ) , -only the first filename generated by the globbing operation is used. +only the first filename generated by the "globbing" operation is used. .It For .Ic mget @@ -2184,7 +2133,7 @@ The .Xr editline 3 library is configured with a .Pa .editrc -file \(em refer to +file - refer to .Xr editrc 5 for more information. .Pp @@ -2201,7 +2150,7 @@ By default, this is bound to the TAB key By default, .Nm displays a command line prompt of -.Sq Li ftp>\~ +.Dq "ftp> " to the user. This can be changed with the .Ic "set prompt" @@ -2218,42 +2167,42 @@ information: .It Li \&%/ The current remote working directory. .\" %c[[0]n], %.[[0]n] -.It Li \&%c Ns Oo Oo Li 0 Oc Ns Ar n Oc , Li \&%. Ns Oo Oo Li 0 Oc Ns Ar n Oc +.It \&%c Ns Oo Oo Li 0 Oc Ns Ar n Oc , Ns Li \&%. Ns Oo Oo Li 0 Oc Ns Ar n Oc The trailing component of the current remote working directory, or -.Ar n +.Em n trailing components if a digit -.Ar n +.Em n is given. If -.Ar n +.Em n begins with -.Ql 0 , +.Sq 0 , the number of skipped components precede the trailing component(s) in the format .\" ``/<number>trailing'' .Do .Sm off -.Li / Li < Ar number Li > -.Ar trailing +.Li / Li < Va number Li > +.Va trailing .Sm on .Dc (for -.Ql \&%c ) +.Sq \&%c ) or .\" ``...trailing'' -.Dq Li \&... Ns Ar trailing +.Dq Li \&... Ns Va trailing (for -.Ql \&%. ) . +.Sq \&%. ) . .It Li \&%M The remote host name. .It Li \&%m -The remote host name, up to the first dot -.Ql \&. . +The remote host name, up to the first +.Sq \&. . .It Li \&%n The remote user name. .It Li \&%% -A single percent character -.Ql % . +A single +.Sq % . .El .Sh ENVIRONMENT .Nm @@ -2264,7 +2213,7 @@ Password to send in an anonymous .Tn FTP transfer. Defaults to -.Dq Li \&\`whoami\`@ . +.Dq Li `whoami`@ . .It Ev FTPMODE Overrides the default operation mode. Support values are: @@ -2285,13 +2234,14 @@ only .It Ev FTPPROMPT Command-line prompt to use. Defaults to -.Sq Li ftp>\~ . +.Dq "ftp> " . Refer to .Sx COMMAND LINE PROMPT for more information. .It Ev FTPRPROMPT Command-line right side prompt to use. -Defaults to empty string. +Defaults to +.Dq "" . Refer to .Sx COMMAND LINE PROMPT for more information. @@ -2304,9 +2254,9 @@ Port to use when connecting to gate-ftp .Ic gate is enabled. Default is port returned by a -.Xr getservbyname 3 +.Fn getservbyname lookup of -.Dq Li ftpgate/tcp . +.Dq ftpgate/tcp . .It Ev FTPUSERAGENT The value to send for the .Tn HTTP @@ -2320,8 +2270,6 @@ file, if one exists. An alternate location of the .Pa .netrc file. -.It Ev NO_CERT_VERIFY -Don't verify SSL certificates. .It Ev PAGER Used by various commands to display files. Defaults to @@ -2356,9 +2304,9 @@ If .Dq unsafe URL characters are required in the username or password (for example -.Ql @ +.Sq @ or -.Ql / ) , +.Sq / ) , encode them with .Li RFC 3986 .Sq Li \&% Ns Ar XX @@ -2375,22 +2323,10 @@ may be incompatible with other programs .Em NOTE : this is not used for interactive sessions, only for command-line fetches. -.It Ev https_proxy -URL of -.Tn HTTPS -proxy to use when making -.Tn HTTPS -URL requests. -.Pp -See -.Ev http_proxy -for further notes about proxy use. .It Ev no_proxy A space or comma separated list of hosts (or domains) for which proxying is not to be used. -Each entry may have an optional trailing -.Sq Li \&: Ns Ar port , -which restricts +Each entry may have an optional trailing ":port", which restricts the matching to connections to that port. .El .Sh EXTENDED PASSIVE MODE AND FIREWALLS Index: src/usr.bin/ftp/ftp_var.h diff -u src/usr.bin/ftp/ftp_var.h:1.85.6.1 src/usr.bin/ftp/ftp_var.h:1.85.6.2 --- src/usr.bin/ftp/ftp_var.h:1.85.6.1 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/ftp_var.h Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ftp_var.h,v 1.85.6.1 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: ftp_var.h,v 1.85.6.2 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1996-2009 The NetBSD Foundation, Inc. @@ -341,7 +341,7 @@ extern struct option optiontab[]; #define DPRINTF(...) (void)0 #define DWARN(...) (void)0 #else -#define DWFTP(a) do a; while (0) +#define DWFTP(a) do a; while (/*CONSTCOND*/0) #define DPRINTF(...) DWFTP(if (ftp_debug) (void)fprintf(ttyout, __VA_ARGS__)) #define DWARN(...) DWFTP(if (ftp_debug) warn(__VA_ARGS__)) #endif Index: src/usr.bin/ftp/main.c diff -u src/usr.bin/ftp/main.c:1.126.2.1 src/usr.bin/ftp/main.c:1.126.2.2 --- src/usr.bin/ftp/main.c:1.126.2.1 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/main.c Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.126.2.1 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: main.c,v 1.126.2.2 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1996-2015 The NetBSD Foundation, Inc. @@ -98,7 +98,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 10/9/94"; #else -__RCSID("$NetBSD: main.c,v 1.126.2.1 2022/09/12 14:42:55 martin Exp $"); +__RCSID("$NetBSD: main.c,v 1.126.2.2 2022/09/12 15:02:47 martin Exp $"); #endif #endif /* not lint */ @@ -130,8 +130,7 @@ __RCSID("$NetBSD: main.c,v 1.126.2.1 202 #define NO_PROXY "no_proxy" /* env var with list of non-proxied * hosts, comma or space separated */ -static int usage(void); -static int usage_help(void); +__dead static void usage(void); static void setupoption(const char *, const char *, const char *); int @@ -267,7 +266,7 @@ main(int volatile argc, char **volatile } } - while ((ch = getopt(argc, argv, ":46AadefginN:o:pP:q:r:Rs:tT:u:vVx:")) != -1) { + while ((ch = getopt(argc, argv, "46AadefginN:o:pP:q:r:Rs:tT:u:vVx:")) != -1) { switch (ch) { case '4': family = AF_INET; @@ -379,15 +378,15 @@ main(int volatile argc, char **volatile if (*cp == '\0') { warnx("Bad throttle value `%s'", optarg); - return usage(); + usage(); + /* NOTREACHED */ } targv[targc++] = cp; if (targc >= 5) break; } - if (parserate(targc, targv, 1) == -1) { - return usage(); - } + if (parserate(targc, targv, 1) == -1) + usage(); free(oac); break; } @@ -416,19 +415,8 @@ main(int volatile argc, char **volatile rcvbuf_size = sndbuf_size; break; - case '?': - if (optopt == '?') { - return usage_help(); - } - warnx("-%c: unknown option", optopt); - return usage(); - - case ':': - warnx("-%c: missing argument", optopt); - return usage(); - default: - errx(1, "unimplemented option -%c", ch); + usage(); } } /* set line buffering on ttyout */ @@ -584,9 +572,8 @@ main(int volatile argc, char **volatile retry_connect = 0; /* connected, stop hiding msgs */ } } - if (isupload) { - return usage(); - } + if (isupload) + usage(); #ifndef NO_EDITCOMPLETE controlediting(); @@ -849,6 +836,7 @@ slurpstring(void) slrflag++; INC_CHKCURSOR(stringbase); return ((*sb == '!') ? bangstr : dollarstr); + /* NOTREACHED */ case 1: slrflag++; altarg = stringbase; @@ -977,7 +965,7 @@ help(int argc, char *argv[]) cmd = argv[0]; isusage = (strcmp(cmd, "usage") == 0); if (argc == 0 || (isusage && argc == 1)) { - UPRINTF("usage: %s [command ...]\n", cmd); + UPRINTF("usage: %s [command [...]]\n", cmd); return; } if (argc == 1) { @@ -1056,69 +1044,20 @@ setupoption(const char *name, const char set_option(name, value ? value : defaultvalue, 0); } -static void -synopsis(FILE * stream) +void +usage(void) { - const char * progname = getprogname(); + const char *progname = getprogname(); - fprintf(stream, -"usage: %s [-46AadefginpRtVv] [-N NETRC] [-o OUTPUT] [-P PORT] [-q QUITTIME]\n" -" [-r RETRY] [-s SRCADDR] [-T DIR,MAX[,INC]] [-x XFERSIZE]\n" -" [[USER@]HOST [PORT]]\n" -" [[USER@]HOST:[PATH][/]]\n" -" [file:///PATH]\n" -" [ftp://[USER[:PASSWORD]@]HOST[:PORT]/PATH[/][;type=TYPE]]\n" -" [http://[USER[:PASSWORD]@]HOST[:PORT]/PATH]\n" + (void)fprintf(stderr, +"usage: %s [-46AadefginpRtVv] [-N netrc] [-o outfile] [-P port] [-q quittime]\n" +" [-r retry] [-s srcaddr] [-T dir,max[,inc]] [-x xferbufsize]\n" +" [[user@]host [port]] [host:path[/]] [file:///file]\n" +" [ftp://[user[:pass]@]host[:port]/path[/]]\n" +" [http://[user[:pass]@]host[:port]/path] [...]\n" #ifdef WITH_SSL -" [https://[USER[:PASSWORD]@]HOST[:PORT]/PATH]\n" +" [https://[user[:pass]@]host[:port]/path] [...]\n" #endif -" ...\n" -" %s -u URL FILE ...\n" -" %s -?\n", - progname, progname, progname); -} - -static int -usage_help(void) -{ - synopsis(stdout); -#ifndef NO_USAGE - printf( -" -4 Only use IPv4 addresses\n" -" -6 Only use IPv6 addresses\n" -" -A Force active mode\n" -" -a Use anonymous login\n" -" -d Enable debugging\n" -" -e Disable command-line editing\n" -" -f Force cache reload for FTP or HTTP proxy transfers\n" -" -g Disable file name globbing\n" -" -i Disable interactive prompt during multiple file transfers\n" -" -N NETRC Use NETRC instead of ~/.netrc\n" -" -n Disable auto-login\n" -" -o OUTPUT Save auto-fetched files to OUTPUT\n" -" -P PORT Use port PORT\n" -" -p Force passive mode\n" -" -q QUITTIME Quit if connection stalls for QUITTIME seconds\n" -" -R Restart non-proxy auto-fetch\n" -" -r RETRY Retry failed connection attempts after RETRY seconds\n" -" -s SRCADDR Use source address SRCADDR\n" -" -t Enable packet tracing\n" -" -T DIR,MAX[,INC]\n" -" Set maximum transfer rate for direction DIR to MAX bytes/s,\n" -" with optional increment INC bytes/s\n" -" -u URL URL to upload file arguments to\n" -" -V Disable verbose and progress\n" -" -v Enable verbose and progress\n" -" -x XFERSIZE Set socket send and receive size to XFERSIZE\n" -" -? Display this help and exit\n" - ); -#endif - return EXIT_SUCCESS; -} - -static int -usage(void) -{ - synopsis(stderr); - return EXIT_FAILURE; +" %s -u URL file [...]\n", progname, progname); + exit(1); } Index: src/usr.bin/ftp/ssl.c diff -u src/usr.bin/ftp/ssl.c:1.8.2.3 src/usr.bin/ftp/ssl.c:1.8.2.4 --- src/usr.bin/ftp/ssl.c:1.8.2.3 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/ssl.c Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ssl.c,v 1.8.2.3 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: ssl.c,v 1.8.2.4 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav @@ -34,7 +34,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: ssl.c,v 1.8.2.3 2022/09/12 14:42:55 martin Exp $"); +__RCSID("$NetBSD: ssl.c,v 1.8.2.4 2022/09/12 15:02:47 martin Exp $"); #endif #include <errno.h> @@ -587,9 +587,7 @@ fetch_start_ssl(int sock, const char *se { SSL *ssl; SSL_CTX *ctx; - X509_VERIFY_PARAM *param; int ret, ssl_err; - int verify = getenv("NO_CERT_VERIFY") == NULL; /* Init the SSL library and context */ if (!SSL_library_init()){ @@ -601,10 +599,6 @@ fetch_start_ssl(int sock, const char *se ctx = SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); - if (verify) { - SSL_CTX_set_default_verify_paths(ctx); - SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL); - } ssl = SSL_new(ctx); if (ssl == NULL){ @@ -612,19 +606,6 @@ fetch_start_ssl(int sock, const char *se SSL_CTX_free(ctx); return NULL; } - - if (verify) { - param = SSL_get0_param(ssl); - if (!X509_VERIFY_PARAM_set1_host(param, servername, - strlen(servername))) { - fprintf(ttyout, "SSL verification setup failed\n"); - return NULL; - } - - /* Enable peer verification, (using the default callback) */ - SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL); - } - SSL_set_fd(ssl, sock); if (!SSL_set_tlsext_host_name(ssl, __UNCONST(servername))) { fprintf(ttyout, "SSL hostname setting failed\n"); Index: src/usr.bin/ftp/util.c diff -u src/usr.bin/ftp/util.c:1.160.2.2 src/usr.bin/ftp/util.c:1.160.2.3 --- src/usr.bin/ftp/util.c:1.160.2.2 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/util.c Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: util.c,v 1.160.2.2 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: util.c,v 1.160.2.3 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1997-2020 The NetBSD Foundation, Inc. @@ -64,7 +64,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: util.c,v 1.160.2.2 2022/09/12 14:42:55 martin Exp $"); +__RCSID("$NetBSD: util.c,v 1.160.2.3 2022/09/12 15:02:47 martin Exp $"); #endif /* not lint */ /* @@ -171,7 +171,7 @@ parse_feat(const char *fline) * work-around broken ProFTPd servers that can't * even obey RFC 2389. */ - while (*fline && isspace((unsigned char)*fline)) + while (*fline && isspace((int)*fline)) fline++; if (strcasecmp(fline, "MDTM") == 0) @@ -620,7 +620,7 @@ remglob(char *argv[], int doswitch, cons * return value. Can't control multiple values being expanded from the * expression, we return only the first. * Returns NULL on error, or a pointer to a buffer containing the filename - * that's the caller's responsibility to free(3) when finished with. + * that's the caller's responsiblity to free(3) when finished with. */ char * globulize(const char *pattern) @@ -731,7 +731,7 @@ remotemodtime(const char *file, int nois *frac++ = '\0'; if (strlen(timestr) == 15 && strncmp(timestr, "191", 3) == 0) { /* - * XXX: Workaround for buggy ftp servers that return + * XXX: Workaround for lame ftpd's that return * `19100' instead of `2000' */ fprintf(ttyout, Index: src/usr.bin/ftp/version.h diff -u src/usr.bin/ftp/version.h:1.87.18.4 src/usr.bin/ftp/version.h:1.87.18.5 --- src/usr.bin/ftp/version.h:1.87.18.4 Mon Sep 12 14:42:55 2022 +++ src/usr.bin/ftp/version.h Mon Sep 12 15:02:47 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.87.18.4 2022/09/12 14:42:55 martin Exp $ */ +/* $NetBSD: version.h,v 1.87.18.5 2022/09/12 15:02:47 martin Exp $ */ /*- * Copyright (c) 1999-2021 The NetBSD Foundation, Inc. @@ -34,5 +34,5 @@ #endif #ifndef FTP_VERSION -#define FTP_VERSION "20210826" +#define FTP_VERSION "20210603" #endif