Re: ftp(1): https:// handling with NOSSL

[Jeremie Courreges-Anglas]

On Wed, Dec 04 2019, Jeremie Courreges-Anglas <j...@wxcvbn.org> wrote:
> ftp(1) built with no TLS support is confused (confusing?) when handled
> an https url.  I have noticed this during tests with
> /usr/src/distrib/special/ftp.
>
> Now:
> --8<--
> ritchie /usr/src/distrib/special/ftp$ obj/ftp -o/dev/null 
> https://www.openbsd.org/
> ftp: https: no address associated with name
> ftp: Can't connect or login to host `https'
> -->8--
>
> The fix is easy: let url_get() decide if it can handle the URL, as
> suggested by the comment which has been there since TLS support has been
> added.  The diff below addresses this and also kills the ineffective
> comment.
>
> With the diff:
> --8<--
> ritchie /usr/src/distrib/special/ftp$ obj/ftp -o/dev/null 
> https://www.openbsd.org/
> ftp: url_get: Invalid URL 'https://www.openbsd.org/'
> -->8--
>
> --8<--
> ritchie /usr/src/distrib/special/ftp$ size fetch.o obj/fetch.o ftp obj/ftp
> text    data    bss     dec     hex
> 10927   0       104     11031   2b17    fetch.o
> 11002   0       104     11106   2b62    obj/fetch.o
> 407983  12904   43328   464215  71557   ftp
> 408079  12904   43328   464311  715b7   obj/ftp
> -->8--
>
> ok?  (assuming it fits on i386 floppies)

Rebased on top of cvs HEAD, I noticed a bunch of #ifdef inconsistencies
that were just too ugly.

So after feedback from Theo: print an explicit message if ftp(1) was
built without HTTPS support.  Printing a helpful message in this case
makes a lot of sense.

No need to show the function name in that case, but I'm keeping the
existing "url_get: Invalid URL '%s'" error as is; it shouldn't happen.

ok?


Index: fetch.c
===================================================================
RCS file: /cvs/src/usr.bin/ftp/fetch.c,v
retrieving revision 1.181
diff -u -p -r1.181 fetch.c
--- fetch.c     5 Dec 2019 10:26:25 -0000       1.181
+++ fetch.c     5 Dec 2019 10:41:14 -0000
@@ -240,14 +240,16 @@ url_get(const char *origline, const char
 #ifndef SMALL
                scheme = FILE_URL;
 #endif /* !SMALL */
-#ifndef NOSSL
        } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) 
{
+#ifndef NOSSL
                host = newline + sizeof(HTTPS_URL) - 1;
                ishttpsurl = 1;
+#else
+               errx(1, "%s: No HTTPS support", newline);
+#endif /* !NOSSL */
 #ifndef SMALL
                scheme = HTTPS_URL;
 #endif /* !SMALL */
-#endif /* !NOSSL */
        } else
                errx(1, "url_get: Invalid URL '%s'", newline);
 
@@ -1266,10 +1268,7 @@ auto_fetch(int argc, char *argv[], char 
                 * Try HTTP URL-style arguments first.
                 */
                if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
-#ifndef NOSSL
-                   /* even if we compiled without SSL, url_get will check */
                    strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 ||
-#endif /* !NOSSL */
                    strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
                        redirect_loop = 0;
                        retried = 0;

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE