Gordon Tetlow
64ae2f785e
Fix libfetch out of bounds read.
...
Approved by: so
Security: SA-21:15.libfetch
Security: CVE-2021-36159
2021-08-24 11:26:45 -07:00
Dag-Erling Smørgrav
8d9de5b10a
Improve URL parsing. In particular, convert scheme and host to lowercase.
...
MFC after: 1 week
2018-11-27 10:45:14 +00:00
Dag-Erling Smørgrav
b68815f088
Support proxying FTP over HTTPS, not just HTTP.
...
There is probably a PR for this, but I can't find this, or remember who
submitted it. The patch got lost in the noise of another that wasn't
ready to commit.
MFC after: 3 days
2018-11-27 10:06:41 +00:00
Dag-Erling Smørgrav
5f04ebd4d3
Fix an inverted conditional in the netrc code, which would ignore the
...
value of $HOME and always use the home directory from the passwd
database, unless $HOME was unset, in which case it would use (null).
While there, clean up handling of netrcfd and add debugging aids.
MFC after: 3 weeks
2018-05-29 13:07:36 +00:00
Dag-Erling Smørgrav
c5712d6da1
Use __VA_ARGS__ to simplify the DEBUG macro.
...
MFC after: 3 weeks
2018-05-29 10:28:20 +00:00
Pedro F. Giffuni
64de3fdd58
SPDX: use the Beerware identifier.
2017-11-30 20:33:45 +00:00
Pedro F. Giffuni
5e53a4f90f
lib: further adoption of SPDX licensing ID tags.
...
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-26 02:00:33 +00:00
Dag-Erling Smørgrav
792ef1ae7b
Refactor fetch_connect() and fetch_bind() to improve readability and avoid
...
repeating the same DNS lookups.
MFC after: 3 weeks
2016-11-22 13:30:07 +00:00
Pedro F. Giffuni
3cd7f4295f
libfetch: replace 0 with NULL for pointers.
...
Found with devel/coccinelle.
Reviewed by: des
2016-04-09 18:08:21 +00:00
Dag-Erling Smørgrav
578153f1ba
latin1 -> utf8
2011-10-19 11:43:51 +00:00
Dag-Erling Smørgrav
6337341d81
Update copyright dates and strip my middle name.
2011-09-27 18:57:26 +00:00
Dag-Erling Smørgrav
ecd18c961b
Think first, commit second.
...
1. Allow the caller to select active mode.
2. Fix the envar logic so it *always* overrides the caller's flags.
3. Document the change from active to passive.
2011-09-27 18:42:09 +00:00
Dag-Erling Smørgrav
4f411f8601
Long overdue: make passive mode the default for ftp.
2011-09-27 18:23:58 +00:00
Dag-Erling Smørgrav
eb9b80c30d
Increase WARNS to 4.
2011-05-12 21:26:42 +00:00
Dag-Erling Smørgrav
e8eaf30078
Fix a bug related to connection caching which could cause a crash after
...
a STAT command.
PR: kern/153748 (different patch)
Submitted by: Mark Johnston <markjdb@gmail.com>
MFC after: 2 weeks
2011-01-17 17:25:46 +00:00
Attilio Rao
f413289ee0
Fix a socket leak in ftp_request() after that a connection is established.
...
Submitted by: Sandvine Incorporated
Reviewed by: des, emaste
Sponsored by: Sandvine Incorporated
MFC: 1 week
2009-11-25 14:57:07 +00:00
Dag-Erling Smørgrav
340b079be0
Use memcpy(3) instead of the BSD-specific bcopy(3).
...
Submitted by: Joerg Sonnenberger <joerg@britannica.bec.de>
MFC after: 2 weeks
2008-02-08 09:48:48 +00:00
Dag-Erling Smørgrav
b2a9c5a1ba
Fix a regression introduced in rev 1.99: replace fclose(f) with a comment
...
explaining why f cannot possibly be a valid FILE * at this point.
MFC after: 1 day
2008-01-23 20:57:59 +00:00
Dag-Erling Smørgrav
facd982794
As several people pointed out, I did all the ctype casts the wrong
...
way (not for the first time...)
Noticed by: bde, ru ++
MFC after: 1 week
2007-12-19 00:26:36 +00:00
Dag-Erling Smørgrav
62a2681c93
Add support for the NO_PROXY / no_proxy environment variable as used by
...
lynx, curl etc. Note that this patch differs significantly from that
in the PR, as the submitter refined it after submitting the PR.
PR: 110388
Submitted by: Alexander Pohoyda <alexander.pohoyda@gmx.net>
MFC after: 3 weeks
2007-12-18 11:03:07 +00:00
Dag-Erling Smørgrav
836e34eeae
Old patch I had lying around: correctly cast the argument to is*().
...
IWBNI gcc could warn about this the way it warns about printf() abuse.
MFC after: 1 week
2007-12-18 10:41:12 +00:00
Dag-Erling Smørgrav
a1b37df2d7
Clean up namespace violations.
...
MFC after: 1 week
2007-12-14 10:26:58 +00:00
Nate Lawson
f5e97105d3
Add back the original behavior of changing the entire directory path at
...
once (CWD a/b/c vs. 3 CWDs). If an error occurs, we fall back to the default
method of a single CWD per directory element. Since this is technically
a violation of the basic FTP RFC, this behavior is under a compile-time
option FTP_COMBINE_CWDS and is off by default. It should work with most
Unix-based FTP daemons and can save latency.
MFC after: 2 weeks
2007-04-22 22:33:29 +00:00
Dag-Erling Smørgrav
9aa2cb8613
Respect FETCH_BIND_ADDRESS when opening the data connection.
...
PR: misc/98872
2006-06-13 10:21:03 +00:00
Dag-Erling Smørgrav
c23fb8a4d3
Fix a bug introduced in rev 1.92, where, when changing from one directory
...
to another, the first CWD after a string of CDUPs would incorrectly include
a slash before the directory name.
Reported by: obrien
PR: bin/83278
2006-06-13 10:19:59 +00:00
Dag-Erling Smørgrav
254f2fa208
In order to maintain interoperability with certain broken FTP servers,
...
ignore a MODE failure if and only if the mode we attempted to set was S
(which is supposed to be the default).
PR: bin/91973
2006-01-19 08:31:47 +00:00
Dag-Erling Smørgrav
fd04cc7766
Change directory one level at a time, and use CDUP to back out. This is a
...
work in progress; it partially fixed bin/83278 and is a prerequisite to
fixing bin/83277.
PR: bin/83277, bin/83278
2005-08-12 12:48:50 +00:00
Dag-Erling Smørgrav
2cbbf9dac9
Update copyright years.
2004-09-21 18:35:21 +00:00
Dag-Erling Smørgrav
fd8f6d2269
Don't close a FILE * which we know is bogus.
2003-08-29 15:54:12 +00:00
Dag-Erling Smørgrav
39082bb4a5
Some servers respond to RETR in active mode with 125 (connection already
...
open) rather than 150 (opening connection). There's no reason why we
shouldn't accept that.
PR: misc/42172
MFC in: 3 days
2003-08-19 11:43:11 +00:00
Mike Makonnen
4418f9df30
The flags passed in to _ftp_get_proxy may be null
...
Approved by: des, markm (mentor)(implicit)
2003-03-19 21:39:00 +00:00
Dag-Erling Smørgrav
b91d6074d4
Don't parse the proxy URL unless we're actually going to use it. No real
...
functional difference, but debugging output will be less confusing.
2003-03-11 08:20:58 +00:00
Dag-Erling Smørgrav
930105c1e9
style(9): add parentheses to sizeof even when not strictly required.
...
MFC after: 3 days
2003-01-28 08:04:40 +00:00
Dag-Erling Smørgrav
9f808a4dd0
Hook in the .netrc code + don't use pointers as if they were booleans.
2003-01-22 17:54:49 +00:00
Nate Lawson
13cc1c8394
The FTP connection caching needs a better interface -- connections are
...
closed through _fetch_close() which is the only one who knows the connection
REALLY was closed (since ref -> 0). However, FTP keeps its own local
cached_connection and checks if it is valid by comparing it to NULL. This
is bogus since it may have been freed elsewhere by _fetch_close().
This change checks if we are closing the cached_connection and the ref is 1
(soon to be 0). If so, set cached_connection to NULL so we don't
accidentally reuse it. The REAL fix should be to move connection caching
to the common.c level (_fetch_* functions) and NULL the cache(s) in
_fetch_close(). Then all layers could benefit from caching.
2002-10-25 01:17:32 +00:00
Tim J. Robbins
9d649c1fd0
When recycling a cached connection, increment the reference count so that
...
the heap block does not get freed and reused. This should fix the
pkg_add -r crashes that have been happening for months.
2002-10-20 10:36:27 +00:00
Bill Fenner
40cfbfd508
Make _fetch_connect() always set the error code.
...
Tell ftp that _fetch_connect() always sets the error code (http already knew)
2002-09-17 05:54:33 +00:00
Hajimu UMEMOTO
f8fa093e82
Cope with 2292bis-01 getaddrinfo (no NI_WITHSCOPEID, always attach
...
scope identifier).
Approved by: des
MFC after: 3 weeks
2002-07-02 11:09:02 +00:00
Dag-Erling Smørgrav
f606d589b9
Add a reference count to struct fetchconn so we don't prematurely close and
...
free a cached FTP connection.
2002-06-11 11:27:28 +00:00
Dag-Erling Smørgrav
9601e333a8
Wrap everything in struct connection, and enforce timeouts everywhere
...
(except for DNS operations). Always use funopen() for HTTP, to support
both timeouts and SSL.
2002-06-05 12:19:08 +00:00
Dag-Erling Smørgrav
dea29ca1d5
First step towards SSL support: wrap connections in a 'struct connection'
...
which contains the socket descriptor, the input buffer and (yet unused)
SSL state variables. This has the neat side effect of greatly improving
reentrance (though we're not *quite* there yet) and opening the door to
HTTP connection caching.
This commit is inspired by email conversations with and patches from
Henry Whincup <henry@techiebod.com> last fall.
2002-06-05 10:05:03 +00:00
Poul-Henning Kamp
06229ad2af
Modernize my email address
2002-03-25 13:53:46 +00:00
Dag-Erling Smørgrav
e19e6098b3
Reindent, and add parentheses to return statements. Some functions in
...
ftp.c and http.c now have exceedingly long lines due to deep nesting;
this will be corrected by reorganizing the code in a later revision.
2002-02-05 22:13:51 +00:00
Dag-Erling Smørgrav
e0583e0c23
Mark uploads as O_WRONLY, not O_RDONLY.
...
PR: misc/34043
MFC after: 2 weeks
2002-01-20 19:52:25 +00:00
Dag-Erling Smørgrav
f67efa37d6
Remove VT100 escapes from debugging messages now that they're enabled by
...
default.
PR: 32988
MFC after: 3 days
2002-01-01 14:48:09 +00:00
Dag-Erling Smørgrav
102a87c1e1
Reorganize to reduce code duplication.
2001-12-04 01:09:19 +00:00
Dag-Erling Smørgrav
f573a5fc94
Tons of type, style and warning fixes that have been rotting in my tree for
...
ages - some of which wouldn't be necessary if gcc wasn't broken or TPTB were
willing to do something (-fno-builtin) about it.
2001-10-18 08:29:26 +00:00
Matthew Dillon
cecb889f1d
Add __FBSDID()s to libfetch
2001-09-30 21:36:09 +00:00
Brian Somers
778de35906
Handle snprintf() returning < 0 (not just -1)
...
MFC after: 2 weeks
2001-08-20 15:44:17 +00:00
Brian Somers
5f32890558
Handle snrintf overflows.
...
Spotted by: bde
2001-08-20 13:44:13 +00:00