Age | Commit message (Collapse) | Author |
|
ok miod@ millert@
|
|
amendments to his diff are noted on tech
|
|
untrusted input.
OK tb@ kn@ millert@
|
|
HTTP standard allows for spaces in too many places
OK millert@ tb@
|
|
|
|
For hosts with multiple IP addrs this makes it possible to fall
over from an unresponsive IP to another. This also replaces the
other connect(2) + connect_wait() calls with timed_connect() so the
-w option now works for more that just http. OK sthen@ deraadt@
|
|
RFC9112 allows any amount of space/tabs between the ':' and the value.
Until now this code required exactly one space which works most of the
time but is not RFC compliant.
OK djm@
|
|
ok deraadt@ jmc@ miod@
|
|
I overlooked the autoinstall case where "Requesting ..." is used,
but those messages that got fixed where omitted in ftp's SMALL version.
Noticed the hard way by anton
|
|
Encoding URL paths changes the requested URL and therefore may yield
different responses (opposed to an unencoded URL), solely depending on how
the server implements de/encoding.
Always print the encoded URL which actually gets requested in output like
"Requesting ..." and erors likes "Error retrieving ....: 404 Not Found"
and don't use the original URL provided on the command line.
This matches exactly what is seen on the wire, e.g. with tshark(1) and
helps debugging URL de/encoding related (server) issues.
Feedback OK sthen
|
|
RFC 1738 Uniform Resource Locators (URL) lists tilde as unsafe character.
RFC 2396 Uniform Resource Identifiers (URI): Generic Syntax updates it to
The tilde "~" character was added to those in the "unreserved" set,
since it is extensively used on the Internet in spite of the
difficulty to transcribe it with some keyboards.
In theory, this shouldn't make a difference, but some servers do not decode
"%7e" and thus erroneously serve a 404.
RFC 2396 2.4.2. When to Escape and Unescape says:
In some cases, data that could be represented by an unreserved
character may appear escaped; for example, some of the unreserved
"mark" characters are automatically escaped by some systems. If the
given URI scheme defines a canonicalization algorithm, then
unreserved characters may be unescaped according to that algorithm.
For example, "%7e" is sometimes used instead of "~" in an http URL
path, but the two are equivalent for an http URL.
Update ftp(1) to RFC 2396 by no longer treating "~" as unsafe character.
This is effectively a one-character diff; update comments accordingly as
well as the order of characters to ease code-to-standard comparison.
This matches curl(1) and wget(1) behaviour wrt. encoding of "~".
OK sthen
|
|
|
|
As per the manual and lib/libtls/tls.c revision 1.79 from 2018
"Automatically handle library initialisation for libtls." initialisation
is handled automatically by other tls_*(3) functions.
Remove explicit tls_init() calls from base to not give the impression of
it being needed.
Feedback tb
OK Tests mestre
|
|
ptr++
ok claudio
|
|
ok jca robert
|
|
Reported by bentley@; ok bentley@ jca@
|
|
Replace fparseln(3) with getline(3). This removes the only use of
libutil.a(fparseln.o) from the ramdisk.
Replace a complicated fgetln(3) idiom with the much simpler getline(3).
ok jca@
|
|
|
|
fetching over http(s) and use the timestamps from the remote server's
Last-Modified header if available when saving local files
this makes it possible to mirror files better with ftp(1)
the new timestamp behaviour can be disabled with the new '-u' flag
ok sthen@, input from sthen@ and gnezdo@
|
|
|
|
ok jca@, kn@
|
|
may modify the string buffer.
improved and ok jca@
|
|
tls_config_error() in the errx() message.
discussed with jsing
|
|
|
|
from jca
|
|
ok jca
|
|
This adds the possibility of specifying the TLS protocols for ftp(1) to
use via -S "protocols=tlsv1.2:tlsv1.1" or -S "protocols=all" or simlar
options. This works the same way as nc(1)'s -T protocols option using
tls_config_{parse,set}_protocols(3) internally.
ok jca
|
|
Input and ok mortimer@
|
|
handler */
our snprintf is reentrant safe except for floating point.
Break the double apart into integer.integer notation, to avoid that.
ok kettenis millert
|
|
Fetch aborts through SIGINT (^C) print a message with fputs(3), but this
calls malloc() on its own, which is not supported from interrupt handler
context.
Fix it by using write(2) which avoids further memory allocations.
While here, merge abortfile() into the identical aborthttp() with a more
generic "fetch aborted." message for simplicity.
Spotted with vm.malloc_conf=SU and ^C on a port's "make fetch" causing
ftp(49660) in malloc(): recursive call
Abort trap (core dumped)
OK jca (who came up with using write(2) independently)
|
|
Consistently disarm the SIGINT handler on error, else a SIGINT can lead
to taking twice the cleanup path. Initial report by naddy@, ok tb@
|
|
|
|
ok yasuoka@
|
|
Not handling it is incorrect and can lead to credentials leaks in DNS
requests. The resulting growth is reasonable (about 300 bytes on
amd64).
ok yasuoka@
|
|
is work in progress.
|
|
First look for userinfo, and overwrite it to make sure it doesn't
reappears again later.
Then reset the path to fix the fragile mechanism that produces the full
request URI for the proxied connection case.
ok yazuoka@
|
|
https server with user/password through "http_proxy" environment
variable work properly.
ok jca
|
|
- allocate read buffer before setjmp(3) so that its value is properly
defined when longjmp(3) returns
- only mark as volatile variables modified after setjmp(3) and used
again after a possible return from longjmp(3)
|
|
Changes already present in file_get()
- no need to special case write(2) returning 0
- clearer loop condition
- fix read error detection and properly save errno
|
|
This is somewhat related to the "-b bind_addr" option some programs have,
which should get some cleanup also...
input florian claudio jmc
|
|
correctly. This would break ftp when the handshake doesn't complete in one
shot. (noticed when making tls 1.3 connections to cloudflare.cdn)
ok jsing@
|
|
Change several instances, most of them to the usual -width Ds.
|
|
The code is mostly duplicated already, handling local files here just
makes for more complex code. Split it out to its own function. This
mechanically prevents redirections to local files.
Positive feedback from Hiltjo Posthuma
|
|
Report and fix from Hiltjo Posthuma, input from and ok deraadt@
|
|
On SMALL builds ftp_printf is just a #define to avoid a size increase.
ok millert@
|
|
Input from deraadt@
|
|
Overlooked when shuffling the HTTP/1.1 code.
|
|
from Hiltjo Posthuma
|
|
|
|
|