On Fri, Oct 29, 2021 at 10:47 AM Rob Landley <[email protected]> wrote:
> On 10/29/21 10:51 AM, enh via Toybox wrote: > > i don't have much of an opinion here, but i was wondering about the > usefulness > > of this in a world where all the major browsers have now removed ftp > support... > > is anyone likely to still be using ftp by the time toybox hits 1.0? > > Other than me? (It's the only server/client protocol toybox had > implemented, I > was using it to send files out of mkroot.) > > I acknowledge there's a general tendency to accumulate old protocols. > Busybox > has "rdate" and "sum" and "mt" and so on, all of which toybox decided > against > adding. When do you remove once you've already got is an interesting > question. > > But right now, I have a question for you: what's the wget equivalent of > "ftpput"? How do you _upload_ a file when you remove this? This isn't even > a "we > haven't got an httpd yet". Even then, how do you push a file to a server? > scp for locked-down corporate systems, and... > (Yes rsync is on the todo list, but it's post-1.0 and would depend on an > external ssh implementation. There's lots of "behind the firewall, between > two > containers on the same machine, between VM and hypervisor" use cases that > don't > require the connection to be encrypted, especially during development. > Nice if > it CAN be, but can we provide that? If so, how? Can/should tftp do it?) > ...yeah, that's what i was assuming for smaller stuff. (or scp there too, or adb in some cases. tbh, i haven't seen tftp personally since the 1990s, but i'm happy to believe it's still alive and well _somewhere_ :-) ) toybox tftp already does puts too, no? i haven't used it, but it looks implemented? (and there's a tftpd in pending too.) > > (interesting that gnu sends you to an https server suggesting you update > any > > scripts before they remove ftp completely [without giving a specific > deadline], > > but libxml2 is basically just broken with current browsers.) > > The gnu guys are insane, I don't consider what they do a good indicator. > But > https://www.kernel.org/shutting-down-ftp-services.html meant something. > > Passive ftp support is still reasonable. Non-passive ftp was always nuts: > you > open a port and the server connects BACK to you. (What? Why?) There was > even an > sftp that tunneled ftp via https, but as "http" being in the name of https > implied, people kinda assumed that everyone everywhere would be doing > everything > over http from now own. (As insane hacks like "microsoft soap" attested > https://en.wikipedia.org/wiki/SOAP#History although that was mostly > microsoft > engineers wanting to bypass firewalls and take control away from site > administrators.) > > Removal of ftp support has been largely because "we have http, why open a > second > port"... > plus i don't think ftpes:// or ftps:// ever really caught on, did they? > Rob >
_______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
