netbsd-bugs: install/7520: sysinst can't use absolute directory names with ftp

Subject: install/7520: sysinst can't use absolute directory names with ftp
To: None <gnats-bugs@gnats.netbsd.org>
From: None <apb@iafrica.com>
List: netbsd-bugs
Date: 05/05/1999 04:51:30
>Number:         7520
>Category:       install
>Synopsis:       sysinst can't use absolute directory names with ftp
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    gnats-admin (GNATS administrator)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed May  5 04:50:01 1999
>Last-Modified:
>Originator:     Alan Barrett
>Organization:
not much
>Release:        NetBSD-current 1999-05-05
>Environment:
NetBSD 1.4_BETA i386, -current sources suped on 1999-05-05
>Description:
        When using sysinst to fetch distribution sets from an FTP
        server, the user is prompted for a directory name.  If the user
        gives an absolute directory name (say "/foo/bar"), then sysinst
        will later invoke ftp with an URL like

	    ftp://user:password@host//foo/bar/1.4/i386/base.tgz   [A]

        (where "1.4" is the version and "i386" is the port), but url [A]
        in fact refers to a relative directory on the FTP server.

	It would be better if sysinst used an URL like
	 
	    ftp://user:password@host/%2Ffoo/bar/1.4/i386/base.tgz   [B]

	or

	    ftp://user:password@host/%2Ffoo%2Fbar%2F1.4%2Fi386/base.tgz   [C]


>How-To-Repeat:
	Inspect the code, or read recent messages in tech-install mailing
	list.

>Fix:
	The following patch makes sysinst use url's like [B] above.
	The patch to use [C] instead would be simpler (just change
	RFC_1738_SAFE_LESS_SHELL_PLUS_SLASH to RFC_1738_SAFE_LESS_SHELL
	in two places in net.c).

--- current/src/distrib/utils/sysinst/net.c	Tue Apr 20 13:03:06 1999
+++ toplayer/src/distrib/utils/sysinst/net.c	Wed May  5 13:17:04 1999
@@ -423,13 +423,28 @@
 		 * paranoid and also encode ftp_user and ftp_dir.  (For
 		 * example, ftp_dir could easily contain '~', which is
 		 * unsafe by a strict reading of RFC 1738).
+		 *
+		 * When we encode ftp_dir, we change any leading "/" to
+		 * "%2F", but we leave other slashes alone.  So if the
+		 * user specifies a relative directory name "foo/bar"
+		 * then we get a URL like "ftp://host/foo.bar/file",
+		 * and if the user specifies an absolute directory
+		 * name like "/foo/bar" then we get a URL like
+		 * "ftp://host/%2Ffoo/bar/file".
 		 */
+		if (ftp_dir[0] == '/') {
+		    strcpy(ftp_dir_encoded, "%2F");
+		    url_encode(ftp_dir_encoded+3, ftp_dir+1, STRSIZE-3,
+				RFC1738_SAFE_LESS_SHELL_PLUS_SLASH);
+		} else {
+		    url_encode(ftp_dir_encoded, ftp_dir, STRSIZE,
+				RFC1738_SAFE_LESS_SHELL_PLUS_SLASH);
+		}
 		if (strcmp ("ftp", ftp_user) == 0)
 			ret = run_prog(0, 1, NULL, 
 			    "/usr/bin/ftp -a ftp://%s/%s/%s",
 			    ftp_host,
-			    url_encode(ftp_dir_encoded, ftp_dir, STRSIZE,
-					RFC1738_SAFE_LESS_SHELL_PLUS_SLASH),
+			    ftp_dir_encoded,
 			    filename);
 		else {
 			ret = run_prog(0, 1, NULL, 
@@ -439,8 +454,7 @@
 			    url_encode(ftp_pass_encoded, ftp_pass, STRSIZE,
 					RFC1738_SAFE_LESS_SHELL),
 			    ftp_host,
-			    url_encode(ftp_dir_encoded, ftp_dir, STRSIZE,
-					RFC1738_SAFE_LESS_SHELL_PLUS_SLASH),
+			    ftp_dir_encoded,
 			    filename);
 		}
 		if (ret) {

(end)
>Audit-Trail:
>Unformatted: