=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ftp/fetch.c,v retrieving revision 1.153 retrieving revision 1.154 diff -c -r1.153 -r1.154 *** src/usr.bin/ftp/fetch.c 2016/12/24 13:52:42 1.153 --- src/usr.bin/ftp/fetch.c 2016/12/28 17:48:04 1.154 *************** *** 1,4 **** ! /* $OpenBSD: fetch.c,v 1.153 2016/12/24 13:52:42 jsing Exp $ */ /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ /*- --- 1,4 ---- ! /* $OpenBSD: fetch.c,v 1.154 2016/12/28 17:48:04 deraadt Exp $ */ /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ /*- *************** *** 58,68 **** #include #include ! #ifndef SMALL #include ! #else /* !SMALL */ struct tls; ! #endif /* !SMALL */ #include "ftp_var.h" #include "cmds.h" --- 58,68 ---- #include #include ! #ifndef NOSSL #include ! #else /* !NOSSL */ struct tls; ! #endif /* !NOSSL */ #include "ftp_var.h" #include "cmds.h" *************** *** 78,83 **** --- 78,85 ---- size_t ftp_read(FILE *, struct tls *, char *, size_t); #ifndef SMALL int proxy_connect(int, char *, char *); + #endif /* !SMALL */ + #ifndef NOSSL int SSL_vprintf(struct tls *, const char *, va_list); char *SSL_readline(struct tls *, size_t *); #endif /* !SMALL */ *************** *** 188,200 **** const char *errstr; ssize_t len, wlen; char *proxyhost = NULL; ! #ifndef SMALL char *sslpath = NULL, *sslhost = NULL; char *locbase, *full_host = NULL; const char *scheme; int ishttpurl = 0, ishttpsurl = 0; struct addrinfo *ares = NULL; ! #endif /* !SMALL */ struct tls *tls = NULL; int status; int save_errno; --- 190,202 ---- const char *errstr; ssize_t len, wlen; char *proxyhost = NULL; ! #ifndef NOSSL char *sslpath = NULL, *sslhost = NULL; char *locbase, *full_host = NULL; const char *scheme; int ishttpurl = 0, ishttpsurl = 0; struct addrinfo *ares = NULL; ! #endif /* !NOSSL */ struct tls *tls = NULL; int status; int save_errno; *************** *** 220,232 **** } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { host = newline + sizeof(FILE_URL) - 1; isfileurl = 1; ! #ifndef SMALL scheme = FILE_URL; } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { host = newline + sizeof(HTTPS_URL) - 1; ishttpsurl = 1; scheme = HTTPS_URL; ! #endif /* !SMALL */ } else errx(1, "url_get: Invalid URL '%s'", newline); --- 222,234 ---- } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { host = newline + sizeof(FILE_URL) - 1; isfileurl = 1; ! #ifndef NOSSL scheme = FILE_URL; } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { host = newline + sizeof(HTTPS_URL) - 1; ishttpsurl = 1; scheme = HTTPS_URL; ! #endif /* !NOSSL */ } else errx(1, "url_get: Invalid URL '%s'", newline); *************** *** 255,261 **** noslash: ! #ifndef SMALL /* * Look for auth header in host, since now host does not * contain the path. Basic auth from RFC 2617, valid --- 257,263 ---- noslash: ! #ifndef NOSSL /* * Look for auth header in host, since now host does not * contain the path. Basic auth from RFC 2617, valid *************** *** 268,274 **** host = p + 1; } } ! #endif /* SMALL */ if (outfile) savefile = outfile; --- 270,276 ---- host = p + 1; } } ! #endif /* NOSSL */ if (outfile) savefile = outfile; *************** *** 294,307 **** #endif /* !SMALL */ if (!isfileurl && proxyenv != NULL) { /* use proxy */ ! #ifndef SMALL if (ishttpsurl) { sslpath = strdup(path); sslhost = strdup(host); if (! sslpath || ! sslhost) errx(1, "Can't allocate memory for https path/host."); } ! #endif /* !SMALL */ proxyhost = strdup(host); if (proxyhost == NULL) errx(1, "Can't allocate memory for proxy host."); --- 296,309 ---- #endif /* !SMALL */ if (!isfileurl && proxyenv != NULL) { /* use proxy */ ! #ifndef NOSSL if (ishttpsurl) { sslpath = strdup(path); sslhost = strdup(host); if (! sslpath || ! sslhost) errx(1, "Can't allocate memory for https path/host."); } ! #endif /* !NOSSL */ proxyhost = strdup(host); if (proxyhost == NULL) errx(1, "Can't allocate memory for proxy host."); *************** *** 471,481 **** portnum = strrchr(hosttail, ':'); /* find portnum */ if (portnum != NULL) *portnum++ = '\0'; ! #ifndef SMALL port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); ! #else /* !SMALL */ port = portnum ? portnum : httpport; ! #endif /* !SMALL */ #ifndef SMALL if (full_host == NULL) --- 473,483 ---- portnum = strrchr(hosttail, ':'); /* find portnum */ if (portnum != NULL) *portnum++ = '\0'; ! #ifndef NOSSL port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); ! #else /* !NOSSL */ port = portnum ? portnum : httpport; ! #endif /* !NOSSL */ #ifndef SMALL if (full_host == NULL) *************** *** 498,508 **** if (error == EAI_SERVICE && port == httpport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); ! #ifndef SMALL } else if (error == EAI_SERVICE && port == httpsport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); ! #endif /* !SMALL */ } if (error) { warnx("%s: %s", host, gai_strerror(error)); --- 500,510 ---- if (error == EAI_SERVICE && port == httpport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); ! #ifndef NOSSL } else if (error == EAI_SERVICE && port == httpsport) { snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); error = getaddrinfo(host, pbuf, &hints, &res0); ! #endif /* !NOSSL */ } if (error) { warnx("%s: %s", host, gai_strerror(error)); *************** *** 593,599 **** goto cleanup_url_get; } ! #ifndef SMALL if (ishttpsurl) { if (proxyenv && sslpath) { ishttpsurl = 0; --- 595,601 ---- goto cleanup_url_get; } ! #ifndef NOSSL if (ishttpsurl) { if (proxyenv && sslpath) { ishttpsurl = 0; *************** *** 621,636 **** } else { fin = fdopen(s, "r+"); } ! #else /* !SMALL */ fin = fdopen(s, "r+"); ! #endif /* !SMALL */ /* * Construct and send the request. Proxy requests don't want leading /. */ ! #ifndef SMALL cookie_get(host, path, ishttpsurl, &buf); ! #endif /* !SMALL */ epath = url_encode(path); if (proxyurl) { --- 623,638 ---- } else { fin = fdopen(s, "r+"); } ! #else /* !NOSSL */ fin = fdopen(s, "r+"); ! #endif /* !NOSSL */ /* * Construct and send the request. Proxy requests don't want leading /. */ ! #ifndef NOSSL cookie_get(host, path, ishttpsurl, &buf); ! #endif /* !NOSSL */ epath = url_encode(path); if (proxyurl) { *************** *** 664,669 **** --- 666,673 ---- else restart_point = 0; } + #endif /* SMALL */ + #ifndef NOSSL if (credentials) { ftp_printf(fin, tls, "GET /%s %s\r\nAuthorization: Basic %s\r\nHost: ", *************** *** 673,679 **** free(credentials); credentials = NULL; } else ! #endif /* SMALL */ ftp_printf(fin, tls, "GET /%s %s\r\nHost: ", epath, #ifndef SMALL restart_point ? "HTTP/1.1\r\nConnection: close" : --- 677,683 ---- free(credentials); credentials = NULL; } else ! #endif /* NOSSL */ ftp_printf(fin, tls, "GET /%s %s\r\nHost: ", epath, #ifndef SMALL restart_point ? "HTTP/1.1\r\nConnection: close" : *************** *** 702,723 **** * 80. Some broken HTTP servers get confused if you explicitly * send them the port number. */ ! #ifndef SMALL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) ftp_printf(fin, tls, ":%s", port); if (restart_point) ftp_printf(fin, tls, "\r\nRange: bytes=%lld-", (long long)restart_point); ! #else /* !SMALL */ if (port && strcmp(port, "80") != 0) ftp_printf(fin, tls, ":%s", port); ! #endif /* !SMALL */ ftp_printf(fin, tls, "\r\n%s%s\r\n\r\n", buf ? buf : "", httpuseragent); } free(epath); ! #ifndef SMALL free(buf); #endif /* !SMALL */ buf = NULL; --- 706,727 ---- * 80. Some broken HTTP servers get confused if you explicitly * send them the port number. */ ! #ifndef NOSSL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) ftp_printf(fin, tls, ":%s", port); if (restart_point) ftp_printf(fin, tls, "\r\nRange: bytes=%lld-", (long long)restart_point); ! #else /* !NOSSL */ if (port && strcmp(port, "80") != 0) ftp_printf(fin, tls, ":%s", port); ! #endif /* !NOSSL */ ftp_printf(fin, tls, "\r\n%s%s\r\n\r\n", buf ? buf : "", httpuseragent); } free(epath); ! #ifndef NOSSL free(buf); #endif /* !SMALL */ buf = NULL; *************** *** 987,1000 **** warnx("Improper response from %s", host); cleanup_url_get: ! #ifndef SMALL if (tls != NULL) { tls_close(tls); tls_free(tls); } free(full_host); free(sslhost); ! #endif /* !SMALL */ if (fin != NULL) fclose(fin); else if (s != -1) --- 991,1004 ---- warnx("Improper response from %s", host); cleanup_url_get: ! #ifndef NOSSL if (tls != NULL) { tls_close(tls); tls_free(tls); } free(full_host); free(sslhost); ! #endif /* !NOSSL */ if (fin != NULL) fclose(fin); else if (s != -1) *************** *** 1099,1108 **** * Try HTTP URL-style arguments first. */ if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || ! #ifndef SMALL /* even if we compiled without SSL, url_get will check */ strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || ! #endif /* !SMALL */ strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { redirect_loop = 0; if (url_get(url, httpproxy, outfile) == -1) --- 1103,1112 ---- * Try HTTP URL-style arguments first. */ if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || ! #ifndef NOSSL /* even if we compiled without SSL, url_get will check */ strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || ! #endif /* !NOSSL */ strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { redirect_loop = 0; if (url_get(url, httpproxy, outfile) == -1) *************** *** 1432,1440 **** if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || ! #ifndef SMALL strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || ! #endif /* !SMALL */ strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || strstr(p, ":/")) return (1); --- 1436,1444 ---- if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || ! #ifndef NOSSL strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || ! #endif /* !NOSSL */ strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || strstr(p, ":/")) return (1); *************** *** 1446,1455 **** { if (fp != NULL) return fparseln(fp, lenp, NULL, "\0\0\0", 0); ! #ifndef SMALL else if (tls != NULL) return SSL_readline(tls, lenp); ! #endif /* !SMALL */ else return NULL; } --- 1450,1459 ---- { if (fp != NULL) return fparseln(fp, lenp, NULL, "\0\0\0", 0); ! #ifndef NOSSL else if (tls != NULL) return SSL_readline(tls, lenp); ! #endif /* !NOSSL */ else return NULL; } *************** *** 1457,1470 **** size_t ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len) { ! #ifndef SMALL ssize_t tls_ret; #endif size_t ret = 0; if (fp != NULL) ret = fread(buf, sizeof(char), len, fp); ! #ifndef SMALL else if (tls != NULL) { again: if ((tls_ret = tls_read(tls, buf, len)) >= 0) --- 1461,1474 ---- size_t ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len) { ! #ifndef NOSSL ssize_t tls_ret; #endif size_t ret = 0; if (fp != NULL) ret = fread(buf, sizeof(char), len, fp); ! #ifndef NOSSL else if (tls != NULL) { again: if ((tls_ret = tls_read(tls, buf, len)) >= 0) *************** *** 1474,1480 **** if (ret < 0) errx(1, "SSL read error: %s", tls_error(tls)); } ! #endif /* !SMALL */ return (ret); } --- 1478,1484 ---- if (ret < 0) errx(1, "SSL read error: %s", tls_error(tls)); } ! #endif /* !NOSSL */ return (ret); } *************** *** 1488,1497 **** if (fp != NULL) ret = vfprintf(fp, fmt, ap); ! #ifndef SMALL else if (tls != NULL) ret = SSL_vprintf(tls, fmt, ap); ! #endif /* !SMALL */ else ret = 0; --- 1492,1501 ---- if (fp != NULL) ret = vfprintf(fp, fmt, ap); ! #ifndef NOSSL else if (tls != NULL) ret = SSL_vprintf(tls, fmt, ap); ! #endif /* !NOSSL */ else ret = 0; *************** *** 1506,1512 **** return (ret); } ! #ifndef SMALL int SSL_vprintf(struct tls *tls, const char *fmt, va_list ap) { --- 1510,1516 ---- return (ret); } ! #ifndef NOSSL int SSL_vprintf(struct tls *tls, const char *fmt, va_list ap) {