Module Name: src
Committed By: martin
Date: Mon Sep 12 14:42:56 UTC 2022
Modified Files:
src/usr.bin/ftp [netbsd-9]: Makefile fetch.c ftp.1 ftp_var.h main.c
ssl.c util.c version.h
Log Message:
Catch up to current, requested by christos in ticket #1523
usr.bin/ftp/Makefile up to 1.39
usr.bin/ftp/fetch.c up to 1.235
usr.bin/ftp/ftp.1 up to 1.147
usr.bin/ftp/ftp_var.h up to 1.86
usr.bin/ftp/main.c up to 1.128
usr.bin/ftp/ssl.c up to 1.11
usr.bin/ftp/util.c up to 1.164
usr.bin/ftp/version.h up to 1.94
PR 57003: Support relative redirects.
To generate a diff of this commit:
cvs rdiff -u -r1.37.12.1 -r1.37.12.2 src/usr.bin/ftp/Makefile
cvs rdiff -u -r1.231.2.2 -r1.231.2.3 src/usr.bin/ftp/fetch.c
cvs rdiff -u -r1.136.8.1 -r1.136.8.2 src/usr.bin/ftp/ftp.1
cvs rdiff -u -r1.85 -r1.85.6.1 src/usr.bin/ftp/ftp_var.h
cvs rdiff -u -r1.126 -r1.126.2.1 src/usr.bin/ftp/main.c
cvs rdiff -u -r1.8.2.2 -r1.8.2.3 src/usr.bin/ftp/ssl.c
cvs rdiff -u -r1.160.2.1 -r1.160.2.2 src/usr.bin/ftp/util.c
cvs rdiff -u -r1.87.18.3 -r1.87.18.4 src/usr.bin/ftp/version.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/ftp/Makefile
diff -u src/usr.bin/ftp/Makefile:1.37.12.1 src/usr.bin/ftp/Makefile:1.37.12.2
--- src/usr.bin/ftp/Makefile:1.37.12.1 Mon Jun 14 11:57:39 2021
+++ src/usr.bin/ftp/Makefile Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.37.12.1 2021/06/14 11:57:39 martin Exp $
+# $NetBSD: Makefile,v 1.37.12.2 2022/09/12 14:42:55 martin Exp $
# from: @(#)Makefile 8.2 (Berkeley) 4/3/94
.include <bsd.own.mk>
@@ -31,4 +31,6 @@ CPPFLAGS+= -DINET6
cmds.o fetch.o: version.h
main.o: ftp_var.h
+CWARNFLAGS.gcc+= ${GCC_NO_FORMAT_OVERFLOW}
+
.include <bsd.prog.mk>
Index: src/usr.bin/ftp/fetch.c
diff -u src/usr.bin/ftp/fetch.c:1.231.2.2 src/usr.bin/ftp/fetch.c:1.231.2.3
--- src/usr.bin/ftp/fetch.c:1.231.2.2 Sun Oct 24 10:13:40 2021
+++ src/usr.bin/ftp/fetch.c Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: fetch.c,v 1.231.2.2 2021/10/24 10:13:40 martin Exp $ */
+/* $NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.231.2.2 2021/10/24 10:13:40 martin Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.231.2.3 2022/09/12 14:42:55 martin Exp $");
#endif /* not lint */
/*
@@ -106,12 +106,13 @@ __dead static void timeouthttp(int);
static int auth_url(const char *, char **, const struct authinfo *);
static void base64_encode(const unsigned char *, size_t, unsigned char *);
#endif
-static int go_fetch(const char *);
+static int go_fetch(const char *, struct urlinfo *);
static int fetch_ftp(const char *);
-static int fetch_url(const char *, const char *, char *, char *);
+static int fetch_url(const char *, const char *, char *, char *,
+ struct urlinfo *);
static const char *match_token(const char **, const char *);
static int parse_url(const char *, const char *, struct urlinfo *,
- struct authinfo *);
+ struct authinfo *, struct urlinfo *);
static void url_decode(char *);
static void freeauthinfo(struct authinfo *);
static void freeurlinfo(struct urlinfo *);
@@ -274,7 +275,7 @@ auth_url(const char *challenge, char **r
scheme = "Basic"; /* only support Basic authentication */
gotpass = NULL;
- DPRINTF("auth_url: challenge `%s'\n", challenge);
+ DPRINTF("%s: challenge `%s'\n", __func__, challenge);
if (! match_token(&cp, scheme)) {
warnx("Unsupported authentication challenge `%s'",
@@ -336,7 +337,7 @@ auth_url(const char *challenge, char **r
*response = ftp_malloc(rlen);
(void)strlcpy(*response, scheme, rlen);
len = strlcat(*response, " ", rlen);
- /* use `clen - 1' to not encode the trailing NUL */
+ /* use `clen - 1' to not encode the trailing NUL */
base64_encode((unsigned char *)clear, clen - 1,
(unsigned char *)*response + len);
memset(clear, 0, clen);
@@ -367,7 +368,7 @@ base64_encode(const unsigned char *clear
| ((clear[i + 1] >> 4) & 0x0f)];
*(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
| ((clear[i + 2] >> 6) & 0x03)];
- *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
+ *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
}
*cp = '\0';
while (i-- > len)
@@ -400,6 +401,42 @@ url_decode(char *url)
*q = '\0';
}
+static const char *
+get_port(const struct urlinfo *ui)
+{
+
+ switch(ui->utype) {
+ case HTTP_URL_T:
+ return httpport;
+ case FTP_URL_T:
+ return ftpport;
+ case FILE_URL_T:
+ return "";
+#ifdef WITH_SSL
+ case HTTPS_URL_T:
+ return httpsport;
+#endif
+ default:
+ return NULL;
+ }
+}
+
+static int
+use_relative(const struct urlinfo *ui)
+{
+ if (ui == NULL)
+ return 0;
+ switch (ui->utype) {
+ case HTTP_URL_T:
+ case FILE_URL_T:
+#ifdef WITH_SSL
+ case HTTPS_URL_T:
+#endif
+ return 1;
+ default:
+ return 0;
+ }
+}
/*
* Parse URL of form (per RFC 3986):
@@ -435,7 +472,7 @@ url_decode(char *url)
static int
parse_url(const char *url, const char *desc, struct urlinfo *ui,
- struct authinfo *auth)
+ struct authinfo *auth, struct urlinfo *rui)
{
const char *origurl, *tport;
char *cp, *ep, *thost;
@@ -446,29 +483,26 @@ parse_url(const char *url, const char *d
DPRINTF("parse_url: %s `%s'\n", desc, url);
origurl = url;
- tport = NULL;
if (STRNEQUAL(url, HTTP_URL)) {
url += sizeof(HTTP_URL) - 1;
ui->utype = HTTP_URL_T;
ui->portnum = HTTP_PORT;
- tport = httpport;
} else if (STRNEQUAL(url, FTP_URL)) {
url += sizeof(FTP_URL) - 1;
ui->utype = FTP_URL_T;
ui->portnum = FTP_PORT;
- tport = ftpport;
} else if (STRNEQUAL(url, FILE_URL)) {
url += sizeof(FILE_URL) - 1;
ui->utype = FILE_URL_T;
- tport = "";
#ifdef WITH_SSL
} else if (STRNEQUAL(url, HTTPS_URL)) {
url += sizeof(HTTPS_URL) - 1;
ui->utype = HTTPS_URL_T;
ui->portnum = HTTPS_PORT;
- tport = httpsport;
#endif
+ } else if (rui != NULL) {
+ copyurlinfo(ui, rui);
} else {
warnx("Invalid %s `%s'", desc, url);
cleanup_parse_url:
@@ -477,6 +511,7 @@ parse_url(const char *url, const char *d
return (-1);
}
+
if (*url == '\0')
return (0);
@@ -541,7 +576,8 @@ parse_url(const char *url, const char *d
#endif /* INET6 */
if ((cp = strchr(thost, ':')) != NULL)
*cp++ = '\0';
- ui->host = thost;
+ if (*thost != '\0')
+ ui->host = thost;
/* look for [:port] */
if (cp != NULL) {
@@ -556,7 +592,9 @@ parse_url(const char *url, const char *d
}
ui->portnum = nport;
tport = cp;
- }
+ } else
+ tport = get_port(ui);
+
if (tport != NULL)
ui->port = ftp_strdup(tport);
@@ -567,8 +605,8 @@ parse_url(const char *url, const char *d
ui->path = ftp_strdup(emptypath);
}
- DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
- "path `%s'\n",
+ DPRINTF("%s: user `%s' pass `%s' host %s port %s(%d) "
+ "path `%s'\n", __func__,
STRorNULL(auth->user), STRorNULL(auth->pass),
STRorNULL(ui->host), STRorNULL(ui->port),
ui->portnum ? ui->portnum : -1, STRorNULL(ui->path));
@@ -581,7 +619,7 @@ sigjmp_buf httpabort;
static int
ftp_socket(const struct urlinfo *ui, void **ssl)
{
- struct addrinfo hints, *res, *res0 = NULL;
+ struct addrinfo hints, *res, *res0 = NULL;
int error;
int s;
const char *host = ui->host;
@@ -686,7 +724,7 @@ handle_noproxy(const char *host, in_port
if (*cp == '\0')
continue;
if ((np = strrchr(cp, ':')) != NULL) {
- *np++ = '\0';
+ *np++ = '\0';
np_port = strtoul(np, &ep, 10);
if (*np == '\0' || *ep != '\0')
continue;
@@ -718,7 +756,7 @@ handle_proxy(const char *url, const char
}
initurlinfo(&pui);
- if (parse_url(penv, "proxy URL", &pui, pauth) == -1)
+ if (parse_url(penv, "proxy URL", &pui, pauth, NULL) == -1)
return -1;
if ((!IS_HTTP_TYPE(pui.utype) && pui.utype != FTP_URL_T) ||
@@ -889,9 +927,9 @@ print_connect(FETCH *fin, const struct u
}
#endif
-#define C_OK 0
-#define C_CLEANUP 1
-#define C_IMPROPER 2
+#define C_OK 0
+#define C_CLEANUP 1
+#define C_IMPROPER 2
static int
getresponseline(FETCH *fin, char *buf, size_t buflen, int *len)
@@ -990,7 +1028,7 @@ parse_posinfo(const char **cp, struct po
static void
do_auth(int hcode, const char *url, const char *penv, struct authinfo *wauth,
struct authinfo *pauth, char **auth, const char *message,
- volatile int *rval)
+ volatile int *rval, struct urlinfo *ui)
{
struct authinfo aauth;
char *response;
@@ -1025,7 +1063,8 @@ do_auth(int hcode, const char *url, cons
if (auth_url(*auth, &response, &aauth) == 0) {
*rval = fetch_url(url, penv,
hcode == 401 ? pauth->auth : response,
- hcode == 401 ? response: wauth->auth);
+ hcode == 401 ? response : wauth->auth,
+ ui);
memset(response, 0, strlen(response));
FREEPTR(response);
}
@@ -1036,12 +1075,12 @@ static int
negotiate_connection(FETCH *fin, const char *url, const char *penv,
struct posinfo *pi, time_t *mtime, struct authinfo *wauth,
struct authinfo *pauth, volatile int *rval, volatile int *ischunked,
- char **auth)
+ char **auth, struct urlinfo *ui)
{
int len, hcode, rv;
char buf[FTPBUFLEN], *ep;
const char *cp, *token;
- char *location, *message;
+ char *location, *message;
*auth = message = location = NULL;
@@ -1156,18 +1195,19 @@ negotiate_connection(FETCH *fin, const c
fprintf(ttyout, "Redirected via %s\n",
location);
*rval = fetch_url(url, location,
- pauth->auth, wauth->auth);
+ pauth->auth, wauth->auth, ui);
} else {
if (verbose)
fprintf(ttyout, "Redirected to %s\n",
location);
- *rval = go_fetch(location);
+ *rval = go_fetch(location, ui);
}
goto cleanup_fetch_url;
#ifndef NO_AUTH
case 401:
case 407:
- do_auth(hcode, url, penv, wauth, pauth, auth, message, rval);
+ do_auth(hcode, url, penv, wauth, pauth, auth, message, rval,
+ ui);
goto cleanup_fetch_url;
#endif
default:
@@ -1232,7 +1272,7 @@ connectmethod(FETCH *fin, const char *ur
message = ftp_strdup(ep);
break;
}
-
+
for (;;) {
int len;
if (getresponseline(fin, buf, sizeof(buf), &len) != C_OK)
@@ -1261,7 +1301,8 @@ connectmethod(FETCH *fin, const char *ur
break;
#ifndef NO_AUTH
case 407:
- do_auth(hcode, url, penv, wauth, pauth, auth, message, rval);
+ do_auth(hcode, url, penv, wauth, pauth, auth, message, rval,
+ ui);
goto cleanup_fetch_url;
#endif
default:
@@ -1299,7 +1340,8 @@ out:
* is still open (e.g, ftp xfer with trailing /)
*/
static int
-fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth)
+fetch_url(const char *url, const char *proxyenv, char *proxyauth,
+ char *wwwauth, struct urlinfo *rui)
{
sigfunc volatile oldint;
sigfunc volatile oldpipe;
@@ -1308,7 +1350,7 @@ fetch_url(const char *url, const char *p
int volatile s;
struct stat sb;
int volatile isproxy;
- int volatile rval, ischunked;
+ int volatile rval, ischunked;
size_t flen;
static size_t bufsize;
static char *xferbuf;
@@ -1319,7 +1361,7 @@ fetch_url(const char *url, const char *p
char *volatile location;
char *volatile message;
char *volatile decodedpath;
- struct authinfo wauth, pauth;
+ struct authinfo wauth, pauth;
struct posinfo pi;
off_t hashbytes;
int (*volatile closefunc)(FILE *);
@@ -1352,7 +1394,7 @@ fetch_url(const char *url, const char *p
if (sigsetjmp(httpabort, 1))
goto cleanup_fetch_url;
- if (parse_url(url, "URL", &ui, &wauth) == -1)
+ if (parse_url(url, "URL", &ui, &wauth, rui) == -1)
goto cleanup_fetch_url;
copyurlinfo(&oui, &ui);
@@ -1368,7 +1410,7 @@ fetch_url(const char *url, const char *p
rval = fetch_ftp(url);
goto cleanup_fetch_url;
}
- if (!IS_HTTP_TYPE(ui.utype) || outfile == NULL) {
+ if (!IS_HTTP_TYPE(ui.utype) || outfile == NULL) {
warnx("Invalid URL (no file after host) `%s'", url);
goto cleanup_fetch_url;
}
@@ -1423,7 +1465,8 @@ fetch_url(const char *url, const char *p
filesize = sb.st_size;
}
if (restart_point) {
- if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) {
+ if (lseek(fetch_fileno(fin), restart_point, SEEK_SET)
+ < 0) {
warn("Can't seek to restart `%s'",
decodedpath);
goto cleanup_fetch_url;
@@ -1535,7 +1578,7 @@ fetch_url(const char *url, const char *p
switch (negotiate_connection(fin, url, penv, &pi,
&mtime, &wauth, &pauth, &rval, &ischunked,
- __UNVOLATILE(&auth))) {
+ __UNVOLATILE(&auth), &ui)) {
case C_OK:
break;
case C_CLEANUP:
@@ -1642,7 +1685,7 @@ fetch_url(const char *url, const char *p
}
/*
- * XXX: Work around bug in Apache 1.3.9 and
+ * XXX: Work around bug in Apache 1.3.9 and
* 1.3.11, which incorrectly put trailing
* space after the chunk-size.
*/
@@ -1850,10 +1893,10 @@ fetch_ftp(const char *url)
char dirbuf[4];
int dirhasglob, filehasglob, rval, transtype, xargc;
int oanonftp, oautologin;
- struct authinfo auth;
+ struct authinfo auth;
struct urlinfo ui;
- DPRINTF("fetch_ftp: `%s'\n", url);
+ DPRINTF("%s: `%s'\n", __func__, url);
dir = file = NULL;
rval = 1;
transtype = TYPE_I;
@@ -1862,7 +1905,7 @@ fetch_ftp(const char *url)
initauthinfo(&auth, NULL);
if (STRNEQUAL(url, FTP_URL)) {
- if ((parse_url(url, "URL", &ui, &auth) == -1) ||
+ if ((parse_url(url, "URL", &ui, &auth, NULL) == -1) ||
(auth.user != NULL && *auth.user == '\0') ||
EMPTYSTRING(ui.host)) {
warnx("Invalid URL `%s'", url);
@@ -1874,7 +1917,8 @@ fetch_ftp(const char *url)
*/
/* check for trailing ';type=[aid]' */
- if (! EMPTYSTRING(ui.path) && (cp = strrchr(ui.path, ';')) != NULL) {
+ if (! EMPTYSTRING(ui.path)
+ && (cp = strrchr(ui.path, ';')) != NULL) {
if (strcasecmp(cp, ";type=a") == 0)
transtype = TYPE_A;
else if (strcasecmp(cp, ";type=i") == 0)
@@ -1916,12 +1960,12 @@ fetch_ftp(const char *url)
* If we are dealing with classic `[user@]host:[path]' syntax,
* then a path of the form `/file' (resulting from input of the
* form `host:/file') means that we should do "CWD /" before
- * retrieving the file. So we set dir="/" and file="file".
+ * retrieving the file. So we set dir="/" and file="file".
*
* But if we are dealing with URLs like `ftp://host/path' then
* a path of the form `/file' (resulting from a URL of the form
* `ftp://host//file') means that we should do `CWD ' (with an
- * empty argument) before retrieving the file. So we set
+ * empty argument) before retrieving the file. So we set
* dir="" and file="file".
*
* If the path does not contain / at all, we set dir=NULL.
@@ -1952,8 +1996,8 @@ fetch_ftp(const char *url)
url_decode(file);
/* but still don't url_decode(dir) */
}
- DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s "
- "path `%s' dir `%s' file `%s'\n",
+ DPRINTF("%s: user `%s' pass `%s' host %s port %s "
+ "path `%s' dir `%s' file `%s'\n", __func__,
STRorNULL(auth.user), STRorNULL(auth.pass),
STRorNULL(ui.host), STRorNULL(ui.port),
STRorNULL(ui.path), STRorNULL(dir), STRorNULL(file));
@@ -2002,7 +2046,7 @@ fetch_ftp(const char *url)
setbinary(1, xargv);
break;
default:
- errx(1, "fetch_ftp: unknown transfer type %d", transtype);
+ errx(1, "%s: unknown transfer type %d", __func__, transtype);
}
/*
@@ -2024,7 +2068,7 @@ fetch_ftp(const char *url)
* (urltype is FTP_URL_T), then RFC 3986 says we need to
* send a separate CWD command for each unescaped "/"
* in the path, and we have to interpret %hex escaping
- * *after* we find the slashes. It's possible to get
+ * *after* we find the slashes. It's possible to get
* empty components here, (from multiple adjacent
* slashes in the path) and RFC 3986 says that we should
* still do `CWD ' (with a null argument) in such cases.
@@ -2067,7 +2111,7 @@ fetch_ftp(const char *url)
* "CWD /", "CWD foo", "CWD bar", "RETR file"
* ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar"
* "CWD /foo", "CWD bar", "RETR file"
- * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar"
+ * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar"
* "CWD /foo/bar", "RETR file"
* ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL
* "RETR /foo/bar/file"
@@ -2084,7 +2128,7 @@ fetch_ftp(const char *url)
url_decode(dir);
} else
nextpart = NULL;
- DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n",
+ DPRINTF("%s: dir `%s', nextpart `%s'\n", __func__,
STRorNULL(dir), STRorNULL(nextpart));
if (ui.utype == FTP_URL_T || *dir != '\0') {
(void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf));
@@ -2179,7 +2223,7 @@ fetch_ftp(const char *url)
* is still open (e.g, ftp xfer with trailing /)
*/
static int
-go_fetch(const char *url)
+go_fetch(const char *url, struct urlinfo *rui)
{
char *proxyenv;
char *p;
@@ -2228,7 +2272,7 @@ go_fetch(const char *url)
|| STRNEQUAL(url, HTTPS_URL)
#endif
|| STRNEQUAL(url, FILE_URL))
- return (fetch_url(url, NULL, NULL, NULL));
+ return (fetch_url(url, NULL, NULL, NULL, rui));
/*
* If it contains "://" but does not begin with ftp://
@@ -2243,13 +2287,20 @@ go_fetch(const char *url)
errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url);
/*
+ * Refer to previous urlinfo if provided. This makes relative
+ * redirects work.
+ */
+ if (use_relative(rui))
+ return fetch_url(url, NULL, NULL, NULL, rui);
+
+ /*
* Try FTP URL-style and host:file arguments next.
* If ftpproxy is set with an FTP URL, use fetch_url()
- * Othewise, use fetch_ftp().
+ * Otherwise, use fetch_ftp().
*/
proxyenv = getoptionvalue("ftp_proxy");
if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL))
- return (fetch_url(url, NULL, NULL, NULL));
+ return (fetch_url(url, NULL, NULL, NULL, rui));
return (fetch_ftp(url));
}
@@ -2292,7 +2343,7 @@ auto_fetch(int argc, char *argv[])
redirect_loop = 0;
if (!anonftp)
anonftp = 2; /* Handle "automatic" transfers. */
- rval = go_fetch(argv[argpos]);
+ rval = go_fetch(argv[argpos], NULL);
if (outfile != NULL && strcmp(outfile, "-") != 0
&& outfile[0] != '|') {
FREEPTR(outfile);
@@ -2331,7 +2382,7 @@ auto_put(int argc, char **argv, const ch
pathsep = NULL;
rval = 1;
- DPRINTF("auto_put: target `%s'\n", uploadserver);
+ DPRINTF("%s: target `%s'\n", __func__, uploadserver);
path = ftp_strdup(uploadserver);
len = strlen(path);
@@ -2340,7 +2391,7 @@ auto_put(int argc, char **argv, const ch
* make sure we always pass a directory to auto_fetch
*/
if (argc > 1) { /* more than one file to upload */
- len = strlen(uploadserver) + 2; /* path + "/" + "\0" */
+ len = strlen(uploadserver) + 2; /* path + "/" + "\0" */
free(path);
path = (char *)ftp_malloc(len);
(void)strlcpy(path, uploadserver, len);
@@ -2364,7 +2415,7 @@ auto_put(int argc, char **argv, const ch
uargc++;
}
}
- DPRINTF("auto_put: URL `%s' argv[2] `%s'\n",
+ DPRINTF("%s: URL `%s' argv[2] `%s'\n", __func__,
path, STRorNULL(uargv[2]));
/* connect and cwd */
Index: src/usr.bin/ftp/ftp.1
diff -u src/usr.bin/ftp/ftp.1:1.136.8.1 src/usr.bin/ftp/ftp.1:1.136.8.2
--- src/usr.bin/ftp/ftp.1:1.136.8.1 Mon Jun 14 11:52:52 2021
+++ src/usr.bin/ftp/ftp.1 Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-.\" $NetBSD: ftp.1,v 1.136.8.1 2021/06/14 11:52:52 martin Exp $
+.\" $NetBSD: ftp.1,v 1.136.8.2 2022/09/12 14:42:55 martin Exp $
.\"
.\" Copyright (c) 1996-2021 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -57,7 +57,7 @@
.\"
.\" @(#)ftp.1 8.3 (Berkeley) 10/9/94
.\"
-.Dd January 6, 2021
+.Dd August 29, 2022
.Dt FTP 1
.Os
.Sh NAME
@@ -65,7 +65,7 @@
.Nd Internet file transfer program
.Sh SYNOPSIS
.Nm
-.Op Fl 46AadefginpRtVv
+.Op Fl 46AadefginpRtVv?
.Op Fl N Ar netrc
.Op Fl o Ar output
.Op Fl P Ar port
@@ -84,12 +84,11 @@
.Xc
.Oc
.Ek
-.Op Fl x Ar xferbufsize
+.Op Fl x Ar xfersize
.Bk -words
.\" [[user@]host [port]]
.Oo
-.Oo Ar user Ns Li \&@ Oc Ns Ar host
-.Op Ar port
+.Oo Ar user Ns Li \&@ Oc Ns Ar host Oo Ar port Oc
.Oc
.Ek
.Bk -words
@@ -122,7 +121,7 @@
.Ar host Oo Li \&: Ar port Oc
.Li / Ar path
.Op Li /
-.Op Li ;type= Ar X
+.Op Li ;type= Ar type
.Oc
.Sm on
.Ek
@@ -139,12 +138,24 @@
.Oc
.Sm on
.Ek
-.Op Ar \&.\&.\&.
+.Bk -words
+.\" [https://[user[:password]@]host[:port]/path]
+.Sm off
+.Oo
+.Li https://
+.Oo Ar user
+.Op Li \&: Ar password
+.Li \&@ Oc
+.Ar host Oo Li \&: Ar port Oc
+.Li / Ar path
+.Oc
+.Sm on
+.Ek
+.Ar \&...
.Nm
.Bk -words
-.Fl u Ar URL Ar file
+.Fl u Ar url Ar
.Ek
-.Op Ar \&.\&.\&.
.Sh DESCRIPTION
.Nm
is the user interface to the Internet standard File Transfer Protocol.
@@ -173,10 +184,13 @@ Forces
.Nm
to only use IPv6 addresses.
.It Fl A
-Force active mode ftp.
+Force active mode
+.Tn FTP .
By default,
.Nm
-will try to use passive mode ftp and fall back to active mode
+will try to use passive mode
+.Tn FTP
+and fall back to active mode
if passive is not supported by the server.
This option causes
.Nm
@@ -284,12 +298,14 @@ bytes/second.
Refer to
.Ic rate
for more information.
-.It Fl u Ar URL file Op \&.\&.\&.
+.It Fl u Ar url Ar
Upload files on the command line to
-.Ar URL
+.Ar url
where
-.Ar URL
-is one of the ftp URL types as supported by auto-fetch
+.Ar url
+is one of the
+.Sq Li ftp://
+URL types as supported by auto-fetch
(with an optional target filename for single file uploads), and
.Ar file
is one or more local files to be uploaded.
@@ -312,12 +328,14 @@ Forces
.Nm
to show all responses from the remote server, as well
as report on data transfer statistics.
-.It Fl x Ar xferbufsize
+.It Fl x Ar xfersize
Set the size of the socket send and receive buffers to
-.Ar xferbufsize .
+.Ar xfersize .
Refer to
.Ic xferbuf
for more information.
+.It Fl ?
+Display help to stdout, and exit.
.El
.Pp
The client host with which
@@ -487,18 +505,16 @@ Toggle command line editing, and context
completion.
This is automatically enabled if input is from a terminal, and
disabled otherwise.
-.It Ic epsv epsv4 epsv6
+.It Ic epsv , epsv4 , epsv6
Toggle the use of the extended
.Dv EPSV
and
.Dv EPRT
commands on all IP, IPv4, and IPv6 connections respectively.
First try
-.Dv EPSV /
-.Dv EPRT ,
+.Dv EPSV Ns \^/\^ Ns Dv EPRT ,
and then
-.Dv PASV /
-.Dv PORT .
+.Dv PASV Ns \^/\^ Ns Dv PORT .
This is enabled by default.
If an extended command fails then this option will be temporarily
disabled for the duration of the current connection, or until
@@ -531,7 +547,9 @@ A synonym for
.Ic open .
.It Ic gate Op Ar host Op Ar port
Toggle gate-ftp mode, which used to connect through the
-TIS FWTK and Gauntlet ftp proxies.
+TIS FWTK and Gauntlet
+.Tn FTP
+proxies.
This will not be permitted if the gate-ftp server hasn't been set
(either explicitly by the user, or from the
.Ev FTPSERVER
@@ -589,9 +607,11 @@ each remote file name is expanded
separately on the remote machine and the lists are not merged.
Expansion of a directory name is likely to be
different from expansion of the name of an ordinary file:
-the exact result depends on the foreign operating system and ftp server,
+the exact result depends on the foreign operating system and
+.Tn FTP
+server,
and can be previewed by doing
-.Ql mls remote-files \-
+.Sq Li mls remote-files \- .
Note:
.Ic mget ,
.Ic mput
@@ -672,32 +692,32 @@ To invoke a macro, use the
command (see above).
.Pp
The macro processor interprets
-.Sq $
+.Ql $
and
-.Sq \e
+.Ql \e
as special characters.
A
-.Sq $
+.Ql $
followed by a number (or numbers) is replaced by the
corresponding argument on the macro invocation command line.
A
-.Sq $
+.Ql $
followed by an
-.Sq i
+.Ql i
signals the macro processor that the executing macro is to be
looped.
On the first pass
-.Dq $i
+.Ql $i
is replaced by the first argument on the macro invocation command
line, on the second pass it is replaced by the second argument,
and so on.
A
-.Sq \e
+.Ql \e
followed by any character is replaced by that character.
Use the
-.Sq \e
+.Ql \e
to prevent special treatment of the
-.Sq $ .
+.Ql $ .
.It Ic mdelete Op Ar remote-files
Delete the
.Ar remote-files
@@ -732,7 +752,7 @@ Files are transferred into the local wor
which can be changed with
.Ql lcd directory ;
new local directories can be created with
-.Ql "\&! mkdir directory" .
+.Sq Li "\&! mkdir directory" .
.It Ic mkdir Ar directory-name
Make a directory on the remote machine.
.It Ic mls Ar remote-files local-file
@@ -755,7 +775,7 @@ Display the contents of
in a machine-parsable form, using
.Dv MLSD .
The format of display can be changed with
-.Sq "remopts mlst ..." .
+.Sq Li "remopts mlst ..." .
.It Ic mlst Op Ar remote-path
Display the details about
.Ar remote-path
@@ -763,7 +783,7 @@ Display the details about
in a machine-parsable form, using
.Dv MLST .
The format of display can be changed with
-.Sq "remopts mlst ..." .
+.Sq Li "remopts mlst ..." .
.It Ic mode Ar mode-name
Set the file transfer
.Ic mode
@@ -809,7 +829,7 @@ If the file does not
exist on the current system, the remote file is considered
.Ic newer .
Otherwise, this command is identical to
-.Ar get .
+.Ic get .
.It Ic nlist Op Ar remote-path Op Ar local-file
A synonym for
.Ic ls .
@@ -834,7 +854,8 @@ The mapping follows the pattern set by
.Ar inpattern
and
.Ar outpattern .
-.Op Ar Inpattern
+.Pp
+.Ar inpattern
is a template for incoming filenames (which may have already been
processed according to the
.Ic ntrans
@@ -843,16 +864,16 @@ and
settings).
Variable templating is accomplished by including the
sequences
-.Dq $1 ,
-.Dq $2 ,
-\&...
-.Dq $9
+.Ql $1 ,
+.Ql $2 ,
+\&...\|,
+.Ql $9
in
.Ar inpattern .
Use
-.Sq \e
+.Ql \e
to prevent this special treatment of the
-.Sq $
+.Ql $
character.
All other characters are treated literally, and are used to determine the
.Ic nmap
@@ -860,53 +881,72 @@ All other characters are treated literal
variable values.
For example, given
.Ar inpattern
-$1.$2 and the remote file name "mydata.data", $1 would have the value
-"mydata", and $2 would have the value "data".
+.Sq Li $1.$2
+and the remote file name
+.Sq Li mydata.data ,
+.Ql $1
+would have the value
+.Sq Li mydata ,
+and
+.Ql $2
+would have the value
+.Sq Li data .
+.Pp
The
.Ar outpattern
determines the resulting mapped filename.
The sequences
-.Dq $1 ,
-.Dq $2 ,
-\&...
-.Dq $9
+.Ql $1 ,
+.Ql $2 ,
+\&...\|,
+.Ql $9
are replaced by any value resulting from the
.Ar inpattern
template.
The sequence
-.Dq $0
+.Ql $0
is replaced by the original filename.
Additionally, the sequence
.Dq Op Ar seq1 , Ar seq2
is replaced by
-.Op Ar seq1
+.Ar seq1
if
.Ar seq1
is not a null string; otherwise it is replaced by
.Ar seq2 .
For example, the command
.Pp
-.Bd -literal -offset indent -compact
-nmap $1.$2.$3 [$1,$2].[$2,file]
-.Ed
+.Dl nmap $1.$2.$3 [$1,$2].[$2,file]
.Pp
would yield
-the output filename "myfile.data" for input filenames "myfile.data" and
-"myfile.data.old", "myfile.file" for the input filename "myfile", and
-"myfile.myfile" for the input filename ".myfile".
+the output filename
+.Sq Li myfile.data
+for input filenames
+.Sq Li myfile.data
+and
+.Sq Li myfile.data.old ,
+.Sq Li myfile.file
+for the input filename
+.Sq Li myfile ,
+and
+.Sq Li myfile.myfile
+for the input filename
+.Sq Li "\&.myfile" .
Spaces may be included in
.Ar outpattern ,
as in the example:
+.Pp
.Dl nmap $1 sed "s/ *$//" > $1
+.Pp
Use the
-.Sq \e
+.Ql \e
character to prevent special treatment
of the
-.Sq $ ,
-.Sq \&[ ,
-.Sq \&] ,
+.Ql $ ,
+.Ql \&[ ,
+.Ql \&] ,
and
-.Sq \&,
+.Ql \&,
characters.
.It Ic ntrans Op Ar inchars Op Ar outchars
Set or unset the filename character translation mechanism.
@@ -1027,7 +1067,7 @@ The progress bar will be disabled for a
as
.Sq Fl
or a command that starts with
-.Sq \&| .
+.Ql \&| .
Refer to
.Sx FILE NAMING CONVENTIONS
for more information.
@@ -1081,7 +1121,9 @@ Any other response will answer
.Sq yes
to the current file.
.It Ic proxy Ar ftp-command
-Execute an ftp command on a secondary control connection.
+Execute an
+.Tn FTP
+command on a secondary control connection.
This command allows simultaneous connection to two remote
.Tn FTP
servers for transferring files between the two servers.
@@ -1090,11 +1132,13 @@ The first
command should be an
.Ic open ,
to establish the secondary control connection.
-Enter the command "proxy ?" to see other
+Enter the command
+.Sq Li "proxy ?"
+to see other
.Tn FTP
commands executable on the secondary connection.
The following commands behave differently when prefaced by
-.Ic proxy :
+.Ic proxy\^ :
.Ic open
will not define new macros during the auto-login process,
.Ic close
@@ -1139,7 +1183,7 @@ machine.
.It Ic quit
A synonym for
.Ic bye .
-.It Ic quote Ar arg1 arg2 ...
+.It Ic quote Op Ar arg ...
The arguments specified are sent, verbatim, to the remote
.Tn FTP
server.
@@ -1153,7 +1197,7 @@ is 0, disable the throttle.
.Pp
.Ar direction
may be one of:
-.Bl -tag -width "all" -offset indent -compact
+.Bl -tag -width ".Cm all" -offset indent -compact
.It Cm all
Both directions.
.It Cm get
@@ -1166,7 +1210,7 @@ Outgoing transfers.
can be modified on the fly by
.Ar increment
bytes (default: 1024) each time a given signal is received:
-.Bl -tag -width "SIGUSR1" -offset indent
+.Bl -tag -width ".Dv SIGUSR1" -offset indent
.It Dv SIGUSR1
Increment
.Ar maximum
@@ -1224,7 +1268,7 @@ to
Remote
.Tn FTP
commands known to support options include:
-.Sq MLST
+.Dv MLST
(used for
.Dv MLSD
and
@@ -1277,10 +1321,16 @@ local filename for a
.Ic get
or
.Ic mget
-command, a ".1" is appended to the name.
+command, a
+.Ql \&.1
+is appended to the name.
If the resulting name matches another existing file,
-a ".2" is appended to the original name.
-If this process continues up to ".99", an error
+a
+.Ql \&.2
+is appended to the original name.
+If this process continues up to
+.Ql .99 ,
+an error
message is printed, and the transfer does not take place.
The generated unique filename will be reported.
Note that
@@ -1358,7 +1408,7 @@ Defaults to
Defaults to
.Ev $FTPRPROMPT .
.El
-.It Ic site Ar arg1 arg2 ...
+.It Ic site Op Ar arg ...
The arguments specified are sent, verbatim, to the remote
.Tn FTP
server as a
@@ -1479,7 +1529,7 @@ A synonym for
.Pp
Command arguments which have embedded spaces may be quoted with
quote
-.Sq \&"
+.Ql \&\(dq
marks.
.Pp
Commands which toggle settings can take an explicit
@@ -1514,7 +1564,7 @@ If
receives a
.Dv SIGINFO
(see the
-.Dq status
+.Cm status
argument of
.Xr stty 1 )
or
@@ -1544,7 +1594,7 @@ contains a glob character and globbing i
(see
.Ic glob ) ,
then the equivalent of
-.Ql mget path
+.Sq Li mget path
is performed.
.Pp
If the directory component of
@@ -1557,10 +1607,10 @@ of
in the current directory.
Otherwise, the full remote name is used as the local name,
relative to the local root directory.
-.\" ftp://[user[:password]@]host[:port]/path[/][;type=X]
+.\" ftp://[user[:password]@]host[:port]/path[/][;type=type]
.It Li ftp:// Ns Oo Ar user Ns Oo Ns Li \&: Ns Ar password Oc Ns Li \&@ Oc \
Ns Ar host Ns Oo Li \&: Ns Ar port Oc Ns Li / Ns Ar path Ns Oo Li / Oc \
-Ns Oo Li ;type= Ns Ar X Oc
+Ns Oo Li ;type= Ns Ar type Oc
An
.Tn FTP
URL, retrieved using the
@@ -1583,9 +1633,9 @@ In this case, use
if supplied, otherwise prompt the user for one.
.Pp
If a suffix of
-.Sq ;type=A
+.Sq Li \&;type=A
or
-.Sq ;type=I
+.Sq Li \&;type=I
is supplied, then the transfer type will take place as
ascii or binary (respectively).
The default transfer type is binary.
@@ -1596,7 +1646,7 @@ In order to be compliant with
interprets the
.Ar path
part of an
-.Dq ftp://
+.Sq Li ftp://
auto-fetch URL as follows:
.Bl -bullet
.It
@@ -1676,20 +1726,20 @@ user.
If the
.Pa /
directory is required, use a leading path of
-.Dq %2F .
+.Sq Li \&%2F .
If a user's home directory is required (and the remote server supports
the syntax), use a leading path of
-.Dq %7Euser/ .
+.Sq Li \&%7E Ns Ar user Ns Li / .
For example, to retrieve
.Pa /etc/motd
from
-.Sq localhost
+.Sq Li localhost
as the user
-.Sq myname
+.Sq Li myname
with the password
-.Sq mypass ,
+.Sq Li mypass ,
use
-.Dq ftp://myname:mypass@localhost/%2fetc/motd
+.Sq Li ftp://myname:mypass@localhost/%2fetc/motd
.It
The exact
.Ic cd
@@ -1697,11 +1747,11 @@ and
.Ic get
commands can be controlled by careful choice of
where to use
-.Sq /
+.Sq Li /
and where to use
-.Sq %2F
+.Sq Li \&%2F
(or
-.Sq %2f ) .
+.Sq Li %2f ) .
For example, the following URLs correspond to the
equivalents of the indicated commands:
.Bl -tag -width "ftp://host/%2Fdir1%2Fdir2%2Ffile";
@@ -1748,9 +1798,9 @@ If
authorization is required to retrieve
.Ar path ,
and
-.Sq user
+.Ar user
(and optionally
-.Sq password )
+.Ar password\^ )
is in the URL, use them for the first attempt to authenticate.
.\" https://[user[:password]@]host[:port]/path
.It Li https:// Ns Oo Ar user Ns Oo Li \&: Ns Ar password Oc Ns Li \&@ Oc \
@@ -1770,9 +1820,9 @@ If
authorization is required to retrieve
.Ar path ,
and
-.Sq user
+.Ar user
(and optionally
-.Sq password )
+.Ar password\^ )
is in the URL, use them for the first attempt to authenticate.
There is currently no certificate validation and verification.
.\" file:///path
@@ -1815,7 +1865,7 @@ is recommended, to avoid writing to unex
If a classic format or an
.Tn FTP
URL format has a trailing
-.Sq /
+.Ql /
or an empty
.Ar path
component, then
@@ -1847,9 +1897,9 @@ proxies will be restarted.
For
.Tn FTP ,
this is implemented by using
-.Nm reget
+.Ic reget
instead of
-.Nm get .
+.Ic get .
For
.Tn HTTP ,
this is implemented by using the
@@ -1863,7 +1913,7 @@ to enter a username and password to auth
When specifying IPv6 numeric addresses in a URL, you need to
surround the address in square brackets.
E.g.:
-.Dq ftp://[::1]:21/ .
+.Sq Li ftp://[::1]:21/ .
This is because colons are used in IPv6 numeric address as well as
being the separator for the port number.
.Sh ABORTING A FILE TRANSFER
@@ -1886,7 +1936,9 @@ sending the requested file.
.Pp
If the terminal interrupt key sequence is used whilst
.Nm
-is awaiting a reply from the remote server for the ABOR processing,
+is awaiting a reply from the remote server for the
+.Dv ABOR
+processing,
then the connection will be closed.
This is different from the traditional behaviour (which ignores the
terminal interrupt during this phase), but is considered more useful.
@@ -1899,13 +1951,13 @@ commands are processed according to the
If the file name
.Sq Fl
is specified, the
-.Ar stdin
+.Va stdin
(for reading) or
-.Ar stdout
+.Va stdout
(for writing) is used.
.It
If the first character of the file name is
-.Sq \&| ,
+.Ql \&| ,
the
remainder of the argument is interpreted as a shell command.
.Nm
@@ -1915,13 +1967,12 @@ with the argument supplied, and reads (w
(stdin).
If the shell command includes spaces, the argument
must be quoted; e.g.
-.Dq Qq Li \&| ls\ \-lt .
+.Sq Li \(dq|\~ls\~\-lt\(dq .
A particularly
useful example of this mechanism is:
-.Dq Li dir \&"\&" \&|more .
+.Sq Li dir\~\(dq\(dq\~|more .
.It
-Failing the above checks, if
-.Dq globbing
+Failing the above checks, if globbing
is enabled, local file names are expanded according to the rules
used in the
.Xr csh 1 ;
@@ -1932,7 +1983,7 @@ If the
.Nm
command expects a single local file (e.g.
.Ic put ) ,
-only the first filename generated by the "globbing" operation is used.
+only the first filename generated by the globbing operation is used.
.It
For
.Ic mget
@@ -2133,7 +2184,7 @@ The
.Xr editline 3
library is configured with a
.Pa .editrc
-file - refer to
+file \(em refer to
.Xr editrc 5
for more information.
.Pp
@@ -2150,7 +2201,7 @@ By default, this is bound to the TAB key
By default,
.Nm
displays a command line prompt of
-.Dq "ftp> "
+.Sq Li ftp>\~
to the user.
This can be changed with the
.Ic "set prompt"
@@ -2167,42 +2218,42 @@ information:
.It Li \&%/
The current remote working directory.
.\" %c[[0]n], %.[[0]n]
-.It \&%c Ns Oo Oo Li 0 Oc Ns Ar n Oc , Ns Li \&%. Ns Oo Oo Li 0 Oc Ns Ar n Oc
+.It Li \&%c Ns Oo Oo Li 0 Oc Ns Ar n Oc , Li \&%. Ns Oo Oo Li 0 Oc Ns Ar n Oc
The trailing component of the current remote working directory, or
-.Em n
+.Ar n
trailing components if a digit
-.Em n
+.Ar n
is given.
If
-.Em n
+.Ar n
begins with
-.Sq 0 ,
+.Ql 0 ,
the number of skipped components precede the trailing component(s) in
the format
.\" ``/<number>trailing''
.Do
.Sm off
-.Li / Li < Va number Li >
-.Va trailing
+.Li / Li < Ar number Li >
+.Ar trailing
.Sm on
.Dc
(for
-.Sq \&%c )
+.Ql \&%c )
or
.\" ``...trailing''
-.Dq Li \&... Ns Va trailing
+.Dq Li \&... Ns Ar trailing
(for
-.Sq \&%. ) .
+.Ql \&%. ) .
.It Li \&%M
The remote host name.
.It Li \&%m
-The remote host name, up to the first
-.Sq \&. .
+The remote host name, up to the first dot
+.Ql \&. .
.It Li \&%n
The remote user name.
.It Li \&%%
-A single
-.Sq % .
+A single percent character
+.Ql % .
.El
.Sh ENVIRONMENT
.Nm
@@ -2213,7 +2264,7 @@ Password to send in an anonymous
.Tn FTP
transfer.
Defaults to
-.Dq Li `whoami`@ .
+.Dq Li \&\`whoami\`@ .
.It Ev FTPMODE
Overrides the default operation mode.
Support values are:
@@ -2234,14 +2285,13 @@ only
.It Ev FTPPROMPT
Command-line prompt to use.
Defaults to
-.Dq "ftp> " .
+.Sq Li ftp>\~ .
Refer to
.Sx COMMAND LINE PROMPT
for more information.
.It Ev FTPRPROMPT
Command-line right side prompt to use.
-Defaults to
-.Dq "" .
+Defaults to empty string.
Refer to
.Sx COMMAND LINE PROMPT
for more information.
@@ -2254,9 +2304,9 @@ Port to use when connecting to gate-ftp
.Ic gate
is enabled.
Default is port returned by a
-.Fn getservbyname
+.Xr getservbyname 3
lookup of
-.Dq ftpgate/tcp .
+.Dq Li ftpgate/tcp .
.It Ev FTPUSERAGENT
The value to send for the
.Tn HTTP
@@ -2270,6 +2320,8 @@ file, if one exists.
An alternate location of the
.Pa .netrc
file.
+.It Ev NO_CERT_VERIFY
+Don't verify SSL certificates.
.It Ev PAGER
Used by various commands to display files.
Defaults to
@@ -2304,9 +2356,9 @@ If
.Dq unsafe
URL characters are required in the username or password
(for example
-.Sq @
+.Ql @
or
-.Sq / ) ,
+.Ql / ) ,
encode them with
.Li RFC 3986
.Sq Li \&% Ns Ar XX
@@ -2323,10 +2375,22 @@ may be incompatible with other programs
.Em NOTE :
this is not used for interactive sessions, only for command-line
fetches.
+.It Ev https_proxy
+URL of
+.Tn HTTPS
+proxy to use when making
+.Tn HTTPS
+URL requests.
+.Pp
+See
+.Ev http_proxy
+for further notes about proxy use.
.It Ev no_proxy
A space or comma separated list of hosts (or domains) for which
proxying is not to be used.
-Each entry may have an optional trailing ":port", which restricts
+Each entry may have an optional trailing
+.Sq Li \&: Ns Ar port ,
+which restricts
the matching to connections to that port.
.El
.Sh EXTENDED PASSIVE MODE AND FIREWALLS
Index: src/usr.bin/ftp/ftp_var.h
diff -u src/usr.bin/ftp/ftp_var.h:1.85 src/usr.bin/ftp/ftp_var.h:1.85.6.1
--- src/usr.bin/ftp/ftp_var.h:1.85 Mon Nov 20 21:11:36 2017
+++ src/usr.bin/ftp/ftp_var.h Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: ftp_var.h,v 1.85 2017/11/20 21:11:36 kre Exp $ */
+/* $NetBSD: ftp_var.h,v 1.85.6.1 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1996-2009 The NetBSD Foundation, Inc.
@@ -341,7 +341,7 @@ extern struct option optiontab[];
#define DPRINTF(...) (void)0
#define DWARN(...) (void)0
#else
-#define DWFTP(a) do a; while (/*CONSTCOND*/0)
+#define DWFTP(a) do a; while (0)
#define DPRINTF(...) DWFTP(if (ftp_debug) (void)fprintf(ttyout, __VA_ARGS__))
#define DWARN(...) DWFTP(if (ftp_debug) warn(__VA_ARGS__))
#endif
Index: src/usr.bin/ftp/main.c
diff -u src/usr.bin/ftp/main.c:1.126 src/usr.bin/ftp/main.c:1.126.2.1
--- src/usr.bin/ftp/main.c:1.126 Mon Feb 4 04:09:13 2019
+++ src/usr.bin/ftp/main.c Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.126 2019/02/04 04:09:13 mrg Exp $ */
+/* $NetBSD: main.c,v 1.126.2.1 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1996-2015 The NetBSD Foundation, Inc.
@@ -98,7 +98,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 10/9/94";
#else
-__RCSID("$NetBSD: main.c,v 1.126 2019/02/04 04:09:13 mrg Exp $");
+__RCSID("$NetBSD: main.c,v 1.126.2.1 2022/09/12 14:42:55 martin Exp $");
#endif
#endif /* not lint */
@@ -130,7 +130,8 @@ __RCSID("$NetBSD: main.c,v 1.126 2019/02
#define NO_PROXY "no_proxy" /* env var with list of non-proxied
* hosts, comma or space separated */
-__dead static void usage(void);
+static int usage(void);
+static int usage_help(void);
static void setupoption(const char *, const char *, const char *);
int
@@ -266,7 +267,7 @@ main(int volatile argc, char **volatile
}
}
- while ((ch = getopt(argc, argv, "46AadefginN:o:pP:q:r:Rs:tT:u:vVx:")) != -1) {
+ while ((ch = getopt(argc, argv, ":46AadefginN:o:pP:q:r:Rs:tT:u:vVx:")) != -1) {
switch (ch) {
case '4':
family = AF_INET;
@@ -378,15 +379,15 @@ main(int volatile argc, char **volatile
if (*cp == '\0') {
warnx("Bad throttle value `%s'",
optarg);
- usage();
- /* NOTREACHED */
+ return usage();
}
targv[targc++] = cp;
if (targc >= 5)
break;
}
- if (parserate(targc, targv, 1) == -1)
- usage();
+ if (parserate(targc, targv, 1) == -1) {
+ return usage();
+ }
free(oac);
break;
}
@@ -415,8 +416,19 @@ main(int volatile argc, char **volatile
rcvbuf_size = sndbuf_size;
break;
+ case '?':
+ if (optopt == '?') {
+ return usage_help();
+ }
+ warnx("-%c: unknown option", optopt);
+ return usage();
+
+ case ':':
+ warnx("-%c: missing argument", optopt);
+ return usage();
+
default:
- usage();
+ errx(1, "unimplemented option -%c", ch);
}
}
/* set line buffering on ttyout */
@@ -572,8 +584,9 @@ main(int volatile argc, char **volatile
retry_connect = 0; /* connected, stop hiding msgs */
}
}
- if (isupload)
- usage();
+ if (isupload) {
+ return usage();
+ }
#ifndef NO_EDITCOMPLETE
controlediting();
@@ -836,7 +849,6 @@ slurpstring(void)
slrflag++;
INC_CHKCURSOR(stringbase);
return ((*sb == '!') ? bangstr : dollarstr);
- /* NOTREACHED */
case 1:
slrflag++;
altarg = stringbase;
@@ -965,7 +977,7 @@ help(int argc, char *argv[])
cmd = argv[0];
isusage = (strcmp(cmd, "usage") == 0);
if (argc == 0 || (isusage && argc == 1)) {
- UPRINTF("usage: %s [command [...]]\n", cmd);
+ UPRINTF("usage: %s [command ...]\n", cmd);
return;
}
if (argc == 1) {
@@ -1044,20 +1056,69 @@ setupoption(const char *name, const char
set_option(name, value ? value : defaultvalue, 0);
}
-void
-usage(void)
+static void
+synopsis(FILE * stream)
{
- const char *progname = getprogname();
+ const char * progname = getprogname();
- (void)fprintf(stderr,
-"usage: %s [-46AadefginpRtVv] [-N netrc] [-o outfile] [-P port] [-q quittime]\n"
-" [-r retry] [-s srcaddr] [-T dir,max[,inc]] [-x xferbufsize]\n"
-" [[user@]host [port]] [host:path[/]] [file:///file]\n"
-" [ftp://[user[:pass]@]host[:port]/path[/]]\n";
-" [http://[user[:pass]@]host[:port]/path] [...]\n"
+ fprintf(stream,
+"usage: %s [-46AadefginpRtVv] [-N NETRC] [-o OUTPUT] [-P PORT] [-q QUITTIME]\n"
+" [-r RETRY] [-s SRCADDR] [-T DIR,MAX[,INC]] [-x XFERSIZE]\n"
+" [[USER@]HOST [PORT]]\n"
+" [[USER@]HOST:[PATH][/]]\n"
+" [file:///PATH]\n"
+" [ftp://[USER[:PASSWORD]@]HOST[:PORT]/PATH[/][;type=TYPE]]\n";
+" [http://[USER[:PASSWORD]@]HOST[:PORT]/PATH]\n";
#ifdef WITH_SSL
-" [https://[user[:pass]@]host[:port]/path] [...]\n"
+" [https://[USER[:PASSWORD]@]HOST[:PORT]/PATH]\n";
#endif
-" %s -u URL file [...]\n", progname, progname);
- exit(1);
+" ...\n"
+" %s -u URL FILE ...\n"
+" %s -?\n",
+ progname, progname, progname);
+}
+
+static int
+usage_help(void)
+{
+ synopsis(stdout);
+#ifndef NO_USAGE
+ printf(
+" -4 Only use IPv4 addresses\n"
+" -6 Only use IPv6 addresses\n"
+" -A Force active mode\n"
+" -a Use anonymous login\n"
+" -d Enable debugging\n"
+" -e Disable command-line editing\n"
+" -f Force cache reload for FTP or HTTP proxy transfers\n"
+" -g Disable file name globbing\n"
+" -i Disable interactive prompt during multiple file transfers\n"
+" -N NETRC Use NETRC instead of ~/.netrc\n"
+" -n Disable auto-login\n"
+" -o OUTPUT Save auto-fetched files to OUTPUT\n"
+" -P PORT Use port PORT\n"
+" -p Force passive mode\n"
+" -q QUITTIME Quit if connection stalls for QUITTIME seconds\n"
+" -R Restart non-proxy auto-fetch\n"
+" -r RETRY Retry failed connection attempts after RETRY seconds\n"
+" -s SRCADDR Use source address SRCADDR\n"
+" -t Enable packet tracing\n"
+" -T DIR,MAX[,INC]\n"
+" Set maximum transfer rate for direction DIR to MAX bytes/s,\n"
+" with optional increment INC bytes/s\n"
+" -u URL URL to upload file arguments to\n"
+" -V Disable verbose and progress\n"
+" -v Enable verbose and progress\n"
+" -x XFERSIZE Set socket send and receive size to XFERSIZE\n"
+" -? Display this help and exit\n"
+ );
+#endif
+ return EXIT_SUCCESS;
+}
+
+static int
+usage(void)
+{
+ synopsis(stderr);
+ return EXIT_FAILURE;
}
Index: src/usr.bin/ftp/ssl.c
diff -u src/usr.bin/ftp/ssl.c:1.8.2.2 src/usr.bin/ftp/ssl.c:1.8.2.3
--- src/usr.bin/ftp/ssl.c:1.8.2.2 Mon Jun 14 11:57:39 2021
+++ src/usr.bin/ftp/ssl.c Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: ssl.c,v 1.8.2.2 2021/06/14 11:57:39 martin Exp $ */
+/* $NetBSD: ssl.c,v 1.8.2.3 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1998-2004 Dag-Erling Coïdan Smørgrav
@@ -34,7 +34,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: ssl.c,v 1.8.2.2 2021/06/14 11:57:39 martin Exp $");
+__RCSID("$NetBSD: ssl.c,v 1.8.2.3 2022/09/12 14:42:55 martin Exp $");
#endif
#include <errno.h>
@@ -587,7 +587,9 @@ fetch_start_ssl(int sock, const char *se
{
SSL *ssl;
SSL_CTX *ctx;
+ X509_VERIFY_PARAM *param;
int ret, ssl_err;
+ int verify = getenv("NO_CERT_VERIFY") == NULL;
/* Init the SSL library and context */
if (!SSL_library_init()){
@@ -599,6 +601,10 @@ fetch_start_ssl(int sock, const char *se
ctx = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
+ if (verify) {
+ SSL_CTX_set_default_verify_paths(ctx);
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+ }
ssl = SSL_new(ctx);
if (ssl == NULL){
@@ -606,6 +612,19 @@ fetch_start_ssl(int sock, const char *se
SSL_CTX_free(ctx);
return NULL;
}
+
+ if (verify) {
+ param = SSL_get0_param(ssl);
+ if (!X509_VERIFY_PARAM_set1_host(param, servername,
+ strlen(servername))) {
+ fprintf(ttyout, "SSL verification setup failed\n");
+ return NULL;
+ }
+
+ /* Enable peer verification, (using the default callback) */
+ SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL);
+ }
+
SSL_set_fd(ssl, sock);
if (!SSL_set_tlsext_host_name(ssl, __UNCONST(servername))) {
fprintf(ttyout, "SSL hostname setting failed\n");
Index: src/usr.bin/ftp/util.c
diff -u src/usr.bin/ftp/util.c:1.160.2.1 src/usr.bin/ftp/util.c:1.160.2.2
--- src/usr.bin/ftp/util.c:1.160.2.1 Mon Jun 14 11:28:28 2021
+++ src/usr.bin/ftp/util.c Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: util.c,v 1.160.2.1 2021/06/14 11:28:28 martin Exp $ */
+/* $NetBSD: util.c,v 1.160.2.2 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1997-2020 The NetBSD Foundation, Inc.
@@ -64,7 +64,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: util.c,v 1.160.2.1 2021/06/14 11:28:28 martin Exp $");
+__RCSID("$NetBSD: util.c,v 1.160.2.2 2022/09/12 14:42:55 martin Exp $");
#endif /* not lint */
/*
@@ -171,7 +171,7 @@ parse_feat(const char *fline)
* work-around broken ProFTPd servers that can't
* even obey RFC 2389.
*/
- while (*fline && isspace((int)*fline))
+ while (*fline && isspace((unsigned char)*fline))
fline++;
if (strcasecmp(fline, "MDTM") == 0)
@@ -620,7 +620,7 @@ remglob(char *argv[], int doswitch, cons
* return value. Can't control multiple values being expanded from the
* expression, we return only the first.
* Returns NULL on error, or a pointer to a buffer containing the filename
- * that's the caller's responsiblity to free(3) when finished with.
+ * that's the caller's responsibility to free(3) when finished with.
*/
char *
globulize(const char *pattern)
@@ -731,7 +731,7 @@ remotemodtime(const char *file, int nois
*frac++ = '\0';
if (strlen(timestr) == 15 && strncmp(timestr, "191", 3) == 0) {
/*
- * XXX: Workaround for lame ftpd's that return
+ * XXX: Workaround for buggy ftp servers that return
* `19100' instead of `2000'
*/
fprintf(ttyout,
Index: src/usr.bin/ftp/version.h
diff -u src/usr.bin/ftp/version.h:1.87.18.3 src/usr.bin/ftp/version.h:1.87.18.4
--- src/usr.bin/ftp/version.h:1.87.18.3 Mon Jun 14 11:57:39 2021
+++ src/usr.bin/ftp/version.h Mon Sep 12 14:42:55 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: version.h,v 1.87.18.3 2021/06/14 11:57:39 martin Exp $ */
+/* $NetBSD: version.h,v 1.87.18.4 2022/09/12 14:42:55 martin Exp $ */
/*-
* Copyright (c) 1999-2021 The NetBSD Foundation, Inc.
@@ -34,5 +34,5 @@
#endif
#ifndef FTP_VERSION
-#define FTP_VERSION "20210603"
+#define FTP_VERSION "20210826"
#endif
