diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2016-12-28 17:48:05 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2016-12-28 17:48:05 +0000 |
commit | baa5c4c8963ce87e54e776769cad6e11b37b4cc9 (patch) | |
tree | dd01d3a2c10e68f76ac312ef910644c672f57d77 /usr.bin | |
parent | 78bcab5a5c200a429af92290e862e9f8a619eb00 (diff) |
Split -DSMALL into -DNOSSL, so that a SSL-enabled version of ftp can
be built, which is still pretty small (in distrib/special/ftp-ssl).
Lots of testing by rpe.
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ftp/cookie.c | 4 | ||||
-rw-r--r-- | usr.bin/ftp/extern.h | 7 | ||||
-rw-r--r-- | usr.bin/ftp/fetch.c | 86 | ||||
-rw-r--r-- | usr.bin/ftp/ftp_var.h | 11 | ||||
-rw-r--r-- | usr.bin/ftp/main.c | 49 |
5 files changed, 85 insertions, 72 deletions
diff --git a/usr.bin/ftp/cookie.c b/usr.bin/ftp/cookie.c index 266f24dbcd4..60dfaf5760c 100644 --- a/usr.bin/ftp/cookie.c +++ b/usr.bin/ftp/cookie.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cookie.c,v 1.5 2009/05/05 19:35:30 martynas Exp $ */ +/* $OpenBSD: cookie.c,v 1.6 2016/12/28 17:48:04 deraadt Exp $ */ /* * Copyright (c) 2007 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -16,7 +16,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#ifndef SMALL +#ifndef NOSSL #include <sys/types.h> #include <sys/queue.h> diff --git a/usr.bin/ftp/extern.h b/usr.bin/ftp/extern.h index a44ad7c0fe9..2c944cf5639 100644 --- a/usr.bin/ftp/extern.h +++ b/usr.bin/ftp/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.45 2016/09/27 12:32:26 fcambus Exp $ */ +/* $OpenBSD: extern.h,v 1.46 2016/12/28 17:48:04 deraadt Exp $ */ /* $NetBSD: extern.h,v 1.17 1997/08/18 10:20:19 lukem Exp $ */ /* @@ -111,12 +111,13 @@ void setttywidth(int); char *slurpstring(void); void usage(void); +void cookie_get(const char *, const char *, int, char **); +void cookie_load(void); + #ifndef SMALL void abortsend(int); unsigned char complete(EditLine *, int); void controlediting(void); -void cookie_get(const char *, const char *, int, char **); -void cookie_load(void); void domacro(int, char **); void list_vertical(StringList *); void parse_list(char **, char *); diff --git a/usr.bin/ftp/fetch.c b/usr.bin/ftp/fetch.c index 92ce71ad04b..1c2c2f3f111 100644 --- a/usr.bin/ftp/fetch.c +++ b/usr.bin/ftp/fetch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fetch.c,v 1.153 2016/12/24 13:52:42 jsing Exp $ */ +/* $OpenBSD: fetch.c,v 1.154 2016/12/28 17:48:04 deraadt Exp $ */ /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ /*- @@ -58,11 +58,11 @@ #include <util.h> #include <resolv.h> -#ifndef SMALL +#ifndef NOSSL #include <tls.h> -#else /* !SMALL */ +#else /* !NOSSL */ struct tls; -#endif /* !SMALL */ +#endif /* !NOSSL */ #include "ftp_var.h" #include "cmds.h" @@ -78,6 +78,8 @@ char *ftp_readline(FILE *, struct tls *, size_t *); size_t ftp_read(FILE *, struct tls *, char *, size_t); #ifndef SMALL int proxy_connect(int, char *, char *); +#endif /* !SMALL */ +#ifndef NOSSL int SSL_vprintf(struct tls *, const char *, va_list); char *SSL_readline(struct tls *, size_t *); #endif /* !SMALL */ @@ -188,13 +190,13 @@ url_get(const char *origline, const char *proxyenv, const char *outfile) const char *errstr; ssize_t len, wlen; char *proxyhost = NULL; -#ifndef SMALL +#ifndef NOSSL char *sslpath = NULL, *sslhost = NULL; char *locbase, *full_host = NULL; const char *scheme; int ishttpurl = 0, ishttpsurl = 0; struct addrinfo *ares = NULL; -#endif /* !SMALL */ +#endif /* !NOSSL */ struct tls *tls = NULL; int status; int save_errno; @@ -220,13 +222,13 @@ url_get(const char *origline, const char *proxyenv, const char *outfile) } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { host = newline + sizeof(FILE_URL) - 1; isfileurl = 1; -#ifndef SMALL +#ifndef NOSSL scheme = FILE_URL; } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { host = newline + sizeof(HTTPS_URL) - 1; ishttpsurl = 1; scheme = HTTPS_URL; -#endif /* !SMALL */ +#endif /* !NOSSL */ } else errx(1, "url_get: Invalid URL '%s'", newline); @@ -255,7 +257,7 @@ url_get(const char *origline, const char *proxyenv, const char *outfile) noslash: -#ifndef SMALL +#ifndef NOSSL /* * Look for auth header in host, since now host does not * contain the path. Basic auth from RFC 2617, valid @@ -268,7 +270,7 @@ noslash: host = p + 1; } } -#endif /* SMALL */ +#endif /* NOSSL */ if (outfile) savefile = outfile; @@ -294,14 +296,14 @@ noslash: #endif /* !SMALL */ if (!isfileurl && proxyenv != NULL) { /* use proxy */ -#ifndef SMALL +#ifndef NOSSL if (ishttpsurl) { sslpath = strdup(path); sslhost = strdup(host); if (! sslpath || ! sslhost) errx(1, "Can't allocate memory for https path/host."); } -#endif /* !SMALL */ +#endif /* !NOSSL */ proxyhost = strdup(host); if (proxyhost == NULL) errx(1, "Can't allocate memory for proxy host."); @@ -471,11 +473,11 @@ noslash: portnum = strrchr(hosttail, ':'); /* find portnum */ if (portnum != NULL) *portnum++ = '\0'; -#ifndef SMALL +#ifndef NOSSL port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); -#else /* !SMALL */ +#else /* !NOSSL */ port = portnum ? portnum : httpport; -#endif /* !SMALL */ +#endif /* !NOSSL */ #ifndef SMALL if (full_host == NULL) @@ -498,11 +500,11 @@ noslash: if (error == EAI_SERVICE && port == httpport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); -#ifndef SMALL +#ifndef NOSSL } else if (error == EAI_SERVICE && port == httpsport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); -#endif /* !SMALL */ +#endif /* !NOSSL */ } if (error) { warnx("%s: %s", host, gai_strerror(error)); @@ -593,7 +595,7 @@ noslash: goto cleanup_url_get; } -#ifndef SMALL +#ifndef NOSSL if (ishttpsurl) { if (proxyenv && sslpath) { ishttpsurl = 0; @@ -621,16 +623,16 @@ noslash: } else { fin = fdopen(s, "r+"); } -#else /* !SMALL */ +#else /* !NOSSL */ fin = fdopen(s, "r+"); -#endif /* !SMALL */ +#endif /* !NOSSL */ /* * Construct and send the request. Proxy requests don't want leading /. */ -#ifndef SMALL +#ifndef NOSSL cookie_get(host, path, ishttpsurl, &buf); -#endif /* !SMALL */ +#endif /* !NOSSL */ epath = url_encode(path); if (proxyurl) { @@ -664,6 +666,8 @@ noslash: else restart_point = 0; } +#endif /* SMALL */ +#ifndef NOSSL if (credentials) { ftp_printf(fin, tls, "GET /%s %s\r\nAuthorization: Basic %s\r\nHost: ", @@ -673,7 +677,7 @@ noslash: free(credentials); credentials = NULL; } else -#endif /* SMALL */ +#endif /* NOSSL */ ftp_printf(fin, tls, "GET /%s %s\r\nHost: ", epath, #ifndef SMALL restart_point ? "HTTP/1.1\r\nConnection: close" : @@ -702,22 +706,22 @@ noslash: * 80. Some broken HTTP servers get confused if you explicitly * send them the port number. */ -#ifndef SMALL +#ifndef NOSSL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) ftp_printf(fin, tls, ":%s", port); if (restart_point) ftp_printf(fin, tls, "\r\nRange: bytes=%lld-", (long long)restart_point); -#else /* !SMALL */ +#else /* !NOSSL */ if (port && strcmp(port, "80") != 0) ftp_printf(fin, tls, ":%s", port); -#endif /* !SMALL */ +#endif /* !NOSSL */ ftp_printf(fin, tls, "\r\n%s%s\r\n\r\n", buf ? buf : "", httpuseragent); } free(epath); -#ifndef SMALL +#ifndef NOSSL free(buf); #endif /* !SMALL */ buf = NULL; @@ -987,14 +991,14 @@ improper: warnx("Improper response from %s", host); cleanup_url_get: -#ifndef SMALL +#ifndef NOSSL if (tls != NULL) { tls_close(tls); tls_free(tls); } free(full_host); free(sslhost); -#endif /* !SMALL */ +#endif /* !NOSSL */ if (fin != NULL) fclose(fin); else if (s != -1) @@ -1099,10 +1103,10 @@ auto_fetch(int argc, char *argv[], char *outfile) * Try HTTP URL-style arguments first. */ if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || -#ifndef SMALL +#ifndef NOSSL /* even if we compiled without SSL, url_get will check */ strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || -#endif /* !SMALL */ +#endif /* !NOSSL */ strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { redirect_loop = 0; if (url_get(url, httpproxy, outfile) == -1) @@ -1432,9 +1436,9 @@ isurl(const char *p) if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || -#ifndef SMALL +#ifndef NOSSL strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || -#endif /* !SMALL */ +#endif /* !NOSSL */ strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || strstr(p, ":/")) return (1); @@ -1446,10 +1450,10 @@ ftp_readline(FILE *fp, struct tls *tls, size_t *lenp) { if (fp != NULL) return fparseln(fp, lenp, NULL, "\0\0\0", 0); -#ifndef SMALL +#ifndef NOSSL else if (tls != NULL) return SSL_readline(tls, lenp); -#endif /* !SMALL */ +#endif /* !NOSSL */ else return NULL; } @@ -1457,14 +1461,14 @@ ftp_readline(FILE *fp, struct tls *tls, size_t *lenp) size_t ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len) { -#ifndef SMALL +#ifndef NOSSL ssize_t tls_ret; #endif size_t ret = 0; if (fp != NULL) ret = fread(buf, sizeof(char), len, fp); -#ifndef SMALL +#ifndef NOSSL else if (tls != NULL) { again: if ((tls_ret = tls_read(tls, buf, len)) >= 0) @@ -1474,7 +1478,7 @@ ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len) if (ret < 0) errx(1, "SSL read error: %s", tls_error(tls)); } -#endif /* !SMALL */ +#endif /* !NOSSL */ return (ret); } @@ -1488,10 +1492,10 @@ ftp_printf(FILE *fp, struct tls *tls, const char *fmt, ...) if (fp != NULL) ret = vfprintf(fp, fmt, ap); -#ifndef SMALL +#ifndef NOSSL else if (tls != NULL) ret = SSL_vprintf(tls, fmt, ap); -#endif /* !SMALL */ +#endif /* !NOSSL */ else ret = 0; @@ -1506,7 +1510,7 @@ ftp_printf(FILE *fp, struct tls *tls, const char *fmt, ...) return (ret); } -#ifndef SMALL +#ifndef NOSSL int SSL_vprintf(struct tls *tls, const char *fmt, va_list ap) { diff --git a/usr.bin/ftp/ftp_var.h b/usr.bin/ftp/ftp_var.h index 140abda1447..c892e189c39 100644 --- a/usr.bin/ftp/ftp_var.h +++ b/usr.bin/ftp/ftp_var.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ftp_var.h,v 1.38 2015/02/09 08:24:21 tedu Exp $ */ +/* $OpenBSD: ftp_var.h,v 1.39 2016/12/28 17:48:04 deraadt Exp $ */ /* $NetBSD: ftp_var.h,v 1.18 1997/08/18 10:20:25 lukem Exp $ */ /* @@ -156,11 +156,12 @@ History *hist; /* editline(3) history structure */ char *cursor_pos; /* cursor position we're looking for */ size_t cursor_argc; /* location of cursor in margv */ size_t cursor_argo; /* offset of cursor in margv[cursor_argc] */ -char *cookiefile; /* cookie jar to use */ int resume; /* continue transfer */ char *srcaddr; /* source address to bind to */ #endif /* !SMALL */ +char *cookiefile; /* cookie jar to use */ + off_t bytes; /* current # of bytes read */ off_t filesize; /* size of file being transferred */ char *direction; /* direction transfer is occurring */ @@ -171,7 +172,7 @@ int unix_proxy; /* proxy is unix, can use binary for ascii */ char *ftpport; /* port number to use for ftp connections */ char *httpport; /* port number to use for http connections */ -#ifndef SMALL +#ifndef NOSSL char *httpsport; /* port number to use for https connections */ #endif /* !SMALL */ char *httpuseragent; /* user agent for http(s) connections */ @@ -224,6 +225,6 @@ FILE *ttyout; /* stdout or stderr, depending on interactive */ extern struct cmd cmdtab[]; -#ifndef SMALL +#ifndef NOSSL extern struct tls_config *tls_config; -#endif /* !SMALL */ +#endif /* !NOSSL */ diff --git a/usr.bin/ftp/main.c b/usr.bin/ftp/main.c index 67f4db7b79f..c16f43c9ea1 100644 --- a/usr.bin/ftp/main.c +++ b/usr.bin/ftp/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.114 2016/12/22 16:30:03 beck Exp $ */ +/* $OpenBSD: main.c,v 1.115 2016/12/28 17:48:04 deraadt Exp $ */ /* $NetBSD: main.c,v 1.24 1997/08/18 10:20:26 lukem Exp $ */ /* @@ -80,7 +80,7 @@ #include "cmds.h" #include "ftp_var.h" -#ifndef SMALL +#ifndef NOSSL char * const ssl_verify_opts[] = { #define SSL_CAFILE 0 "cafile", @@ -157,7 +157,7 @@ process_ssl_options(char *cp) } } } -#endif /* !SMALL */ +#endif /* !NOSSL */ int family = PF_UNSPEC; int pipeout; @@ -177,9 +177,9 @@ main(volatile int argc, char *argv[]) ftpport = "ftp"; httpport = "http"; -#ifndef SMALL +#ifndef NOSSL httpsport = "https"; -#endif /* !SMALL */ +#endif /* !NOSSL */ gateport = getenv("FTPSERVERPORT"); if (gateport == NULL || *gateport == '\0') gateport = "ftpgate"; @@ -192,11 +192,13 @@ main(volatile int argc, char *argv[]) verbose = 0; progress = 0; gatemode = 0; +#ifndef NOSSL + cookiefile = NULL; +#endif /* NOSSL */ #ifndef SMALL editing = 0; el = NULL; hist = NULL; - cookiefile = NULL; resume = 0; srcaddr = NULL; marg_sl = sl_init(); @@ -251,7 +253,7 @@ main(volatile int argc, char *argv[]) if (isatty(fileno(ttyout)) && !dumb_terminal && foregroundproc()) progress = 1; /* progress bar on if tty is usable */ -#ifndef SMALL +#ifndef NOSSL cookiefile = getenv("http_cookies"); if (tls_init() != 0) errx(1, "tls init failed"); @@ -380,9 +382,9 @@ main(volatile int argc, char *argv[]) break; case 'S': -#ifndef SMALL +#ifndef NOSSL process_ssl_options(optarg); -#endif /* !SMALL */ +#endif /* !NOSSL */ break; case 's': @@ -422,9 +424,9 @@ main(volatile int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef SMALL +#ifndef NOSSL cookie_load(); -#endif /* !SMALL */ +#endif /* !NOSSL */ if (httpuseragent == NULL) httpuseragent = HTTP_USER_AGENT; @@ -910,23 +912,28 @@ usage(void) { fprintf(stderr, "usage: " #ifndef SMALL - "%1$s [-46AadEegiMmnptVv] [-D title] [-k seconds] [-P port] " + "ftp [-46AadEegiMmnptVv] [-D title] [-k seconds] [-P port] " "[-r seconds]\n" " [-s srcaddr] [host [port]]\n" - " %1$s [-C] [-o output] [-s srcaddr]\n" + " ftp [-C] [-o output] [-s srcaddr]\n" " ftp://[user:password@]host[:port]/file[/] ...\n" - " %1$s [-C] [-c cookie] [-o output] [-S ssl_options] " + " ftp [-C] [-c cookie] [-o output] [-S ssl_options] " "[-s srcaddr]\n" " [-U useragent] " "http[s]://[user:password@]host[:port]/file ...\n" - " %1$s [-C] [-o output] [-s srcaddr] file:file ...\n" - " %1$s [-C] [-o output] [-s srcaddr] host:/file[/] ...\n", + " ftp [-C] [-o output] [-s srcaddr] file:file ...\n" + " ftp [-C] [-o output] [-s srcaddr] host:/file[/] ...\n" #else /* !SMALL */ - "%1$s [-o output] ftp://[user:password@]host[:port]/file[/] ...\n" - " %1$s [-o output] http://host[:port]/file ...\n" - " %1$s [-o output] file:file ...\n" - " %1$s [-o output] host:/file[/] ...\n", + "ftp [-o output] ftp://[user:password@]host[:port]/file[/] ...\n" +#ifndef NOSSL + " ftp [-o output] [-S ssl_options] " + "http[s]://[user:password@]host[:port]/file ...\n" +#else + " ftp [-o output] http://host[:port]/file ...\n" +#endif /* NOSSL */ + " ftp [-o output] file:file ...\n" + " ftp [-o output] host:/file[/] ...\n" #endif /* !SMALL */ - __progname); + ); exit(1); } |