Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/ftp Implement:
details: https://anonhg.NetBSD.org/src/rev/4fa2d6d4fb35
branches: trunk
changeset: 581913:4fa2d6d4fb35
user: lukem <lukem%NetBSD.org@localhost>
date: Fri Jun 10 00:18:46 2005 +0000
description:
Implement:
int getline(FILE *stream, char *buf, size_t buflen, const char **errormsg)
Read a line from the FILE stream into buf/buflen using fgets(), so up
to buflen-1 chars will be read and the result will be NUL terminated.
If the line has a trailing newline it will be removed.
If the line is too long, excess characters will be read until
newline/EOF/error.
Various -ve return values indicate different errors, and errormsg
will be changed to an error description if it's not NULL.
Convert to use getline() instead of fgets() whenever reading user input
to ensure that an overly long input line doesn't leave excess characters
for the next input operation to accidentally use as input.
Zero out the password & account after we've finished with it.
Consistently use getpass(3) (i.e, character echo suppressed) when
reading the account data. For some reason, historically the "login"
code suppressed echo for Account: yet the "user" command did not!
Display the hostname in the "getaddrinfo failed" warning.
Appease some -Wcast-qual warnings. Fixing all of these requires
significant code refactoring. (mmm, legacy code).
diffstat:
usr.bin/ftp/cmds.c | 43 ++++++-------
usr.bin/ftp/extern.h | 6 +-
usr.bin/ftp/fetch.c | 27 +++++---
usr.bin/ftp/ftp.c | 6 +-
usr.bin/ftp/main.c | 30 ++++-----
usr.bin/ftp/ruserpass.c | 12 +-
usr.bin/ftp/util.c | 149 ++++++++++++++++++++++++++++++++---------------
usr.bin/ftp/version.h | 4 +-
8 files changed, 167 insertions(+), 110 deletions(-)
diffs (truncated from 630 to 300 lines):
diff -r 3cd274e09c7a -r 4fa2d6d4fb35 usr.bin/ftp/cmds.c
--- a/usr.bin/ftp/cmds.c Thu Jun 09 22:14:20 2005 +0000
+++ b/usr.bin/ftp/cmds.c Fri Jun 10 00:18:46 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: cmds.c,v 1.114 2005/05/19 03:05:04 lukem Exp $ */
+/* $NetBSD: cmds.c,v 1.115 2005/06/10 00:18:46 lukem Exp $ */
/*-
* Copyright (c) 1996-2005 The NetBSD Foundation, Inc.
@@ -103,7 +103,7 @@
#if 0
static char sccsid[] = "@(#)cmds.c 8.6 (Berkeley) 10/9/94";
#else
-__RCSID("$NetBSD: cmds.c,v 1.114 2005/05/19 03:05:04 lukem Exp $");
+__RCSID("$NetBSD: cmds.c,v 1.115 2005/06/10 00:18:46 lukem Exp $");
#endif
#endif /* not lint */
@@ -158,6 +158,7 @@
static int
confirm(const char *cmd, const char *file)
{
+ const char *errormsg;
char line[BUFSIZ];
if (!interactive || confirmrest)
@@ -165,10 +166,9 @@
while (1) {
fprintf(ttyout, "%s %s [anpqy?]? ", cmd, file);
(void)fflush(ttyout);
- if (fgets(line, sizeof(line), stdin) == NULL) {
+ if (getline(stdin, line, sizeof(line), &errormsg) < 0) {
mflag = 0;
- fprintf(ttyout, "\nEOF received; %s aborted\n", mname);
- clearerr(stdin);
+ fprintf(ttyout, "%s; %s aborted\n", errormsg, mname);
return (0);
}
switch (tolower((unsigned char)*line)) {
@@ -1472,7 +1472,7 @@
void
user(int argc, char *argv[])
{
- char acct[80];
+ char *password;
int n, aflag = 0;
if (argc == 0)
@@ -1489,34 +1489,31 @@
n = command("USER %s", argv[1]);
if (n == CONTINUE) {
if (argc < 3) {
- argv[2] = getpass("Password: ");
- argc++;
+ password = getpass("Password: ");
+ } else {
+ password = argv[2];
}
- n = command("PASS %s", argv[2]);
+ n = command("PASS %s", password);
+ memset(password, 0, strlen(password));
}
if (n == CONTINUE) {
+ aflag++;
if (argc < 4) {
- (void)fputs("Account: ", ttyout);
- (void)fflush(ttyout);
- if (fgets(acct, sizeof(acct) - 1, stdin) == NULL) {
- fprintf(ttyout,
- "\nEOF received; login aborted.\n");
- clearerr(stdin);
- code = -1;
- return;
- }
- acct[strlen(acct) - 1] = '\0';
- argv[3] = acct; argc++;
+ password = getpass("Account: ");
+ } else {
+ password = argv[3];
}
- n = command("ACCT %s", argv[3]);
- aflag++;
+ n = command("ACCT %s", password);
+ memset(password, 0, strlen(password));
}
if (n != COMPLETE) {
fputs("Login failed.\n", ttyout);
return;
}
if (!aflag && argc == 4) {
- (void)command("ACCT %s", argv[3]);
+ password = argv[3];
+ (void)command("ACCT %s", password);
+ memset(password, 0, strlen(password));
}
connected = -1;
getremoteinfo();
diff -r 3cd274e09c7a -r 4fa2d6d4fb35 usr.bin/ftp/extern.h
--- a/usr.bin/ftp/extern.h Thu Jun 09 22:14:20 2005 +0000
+++ b/usr.bin/ftp/extern.h Fri Jun 10 00:18:46 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: extern.h,v 1.68 2005/05/19 02:55:37 lukem Exp $ */
+/* $NetBSD: extern.h,v 1.69 2005/06/10 00:18:46 lukem Exp $ */
/*-
* Copyright (c) 1996-2005 The NetBSD Foundation, Inc.
@@ -141,6 +141,7 @@
void get(int, char **);
struct cmd *getcmd(const char *);
int getit(int, char **, int, const char *);
+int getline(FILE *, char *, size_t, const char **);
struct option *getoption(const char *);
char *getoptionvalue(const char *);
void getremoteinfo(void);
@@ -199,8 +200,7 @@
void rmthelp(int, char **);
void rmtstatus(int, char **);
char *rprompt(void);
-int ruserpass(const char *, const char **, const char **,
- const char **);
+int ruserpass(const char *, char **, char **, char **);
void sendrequest(const char *, const char *, const char *, int);
void setascii(int, char **);
void setbell(int, char **);
diff -r 3cd274e09c7a -r 4fa2d6d4fb35 usr.bin/ftp/fetch.c
--- a/usr.bin/ftp/fetch.c Thu Jun 09 22:14:20 2005 +0000
+++ b/usr.bin/ftp/fetch.c Fri Jun 10 00:18:46 2005 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: fetch.c,v 1.161 2005/06/01 12:10:14 lukem Exp $ */
+/* $NetBSD: fetch.c,v 1.162 2005/06/10 00:18:46 lukem Exp $ */
/*-
- * Copyright (c) 1997-2004 The NetBSD Foundation, Inc.
+ * Copyright (c) 1997-2005 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -41,7 +41,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.161 2005/06/01 12:10:14 lukem Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.162 2005/06/10 00:18:46 lukem Exp $");
#endif /* not lint */
/*
@@ -146,7 +146,7 @@
auth_url(const char *challenge, char **response, const char *guser,
const char *gpass)
{
- const char *cp, *scheme;
+ const char *cp, *scheme, *errormsg;
char *ep, *clear, *realm;
char user[BUFSIZ], *pass;
int rval;
@@ -193,8 +193,8 @@
fprintf(ttyout, "%s\n", user);
} else {
(void)fflush(ttyout);
- if (fgets(user, sizeof(user) - 1, stdin) == NULL) {
- clearerr(stdin);
+ if (getline(stdin, user, sizeof(user), &errormsg) < 0) {
+ warnx("%s; can't authenticate", errormsg);
goto cleanup_auth_url;
}
user[strlen(user) - 1] = '\0';
@@ -350,6 +350,8 @@
warnx("Invalid %s `%s'", desc, url);
cleanup_parse_url:
FREEPTR(*user);
+ if (*pass != NULL)
+ memset(*pass, 0, strlen(*pass));
FREEPTR(*pass);
FREEPTR(*host);
FREEPTR(*port);
@@ -695,7 +697,7 @@
hints.ai_protocol = 0;
error = getaddrinfo(host, NULL, &hints, &res0);
if (error) {
- warnx("%s", gai_strerror(error));
+ warnx("%s: %s", host, gai_strerror(error));
goto cleanup_fetch_url;
}
if (res0->ai_canonname)
@@ -1056,9 +1058,8 @@
fprintf(ttyout,
"Authorization failed. Retry (y/n)? ");
- if (fgets(reply, sizeof(reply), stdin)
- == NULL) {
- clearerr(stdin);
+ if (getline(stdin, reply, sizeof(reply), NULL)
+ < 0) {
goto cleanup_fetch_url;
}
if (tolower((unsigned char)reply[0]) != 'y')
@@ -1280,12 +1281,16 @@
freeaddrinfo(res0);
FREEPTR(savefile);
FREEPTR(user);
+ if (pass != NULL)
+ memset(pass, 0, strlen(pass));
FREEPTR(pass);
FREEPTR(host);
FREEPTR(port);
FREEPTR(path);
FREEPTR(decodedpath);
FREEPTR(puser);
+ if (ppass != NULL)
+ memset(ppass, 0, strlen(ppass));
FREEPTR(ppass);
FREEPTR(buf);
FREEPTR(auth);
@@ -1632,6 +1637,8 @@
FREEPTR(host);
FREEPTR(path);
FREEPTR(user);
+ if (pass)
+ memset(pass, 0, strlen(pass));
FREEPTR(pass);
return (rval);
}
diff -r 3cd274e09c7a -r 4fa2d6d4fb35 usr.bin/ftp/ftp.c
--- a/usr.bin/ftp/ftp.c Thu Jun 09 22:14:20 2005 +0000
+++ b/usr.bin/ftp/ftp.c Fri Jun 10 00:18:46 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ftp.c,v 1.133 2005/06/01 12:10:14 lukem Exp $ */
+/* $NetBSD: ftp.c,v 1.134 2005/06/10 00:18:46 lukem Exp $ */
/*-
* Copyright (c) 1996-2005 The NetBSD Foundation, Inc.
@@ -99,7 +99,7 @@
#if 0
static char sccsid[] = "@(#)ftp.c 8.6 (Berkeley) 10/27/94";
#else
-__RCSID("$NetBSD: ftp.c,v 1.133 2005/06/01 12:10:14 lukem Exp $");
+__RCSID("$NetBSD: ftp.c,v 1.134 2005/06/10 00:18:46 lukem Exp $");
#endif
#endif /* not lint */
@@ -182,7 +182,7 @@
hints.ai_protocol = 0;
error = getaddrinfo(host, NULL, &hints, &res0);
if (error) {
- warnx("%s", gai_strerror(error));
+ warnx("%s: %s", host, gai_strerror(error));
code = -1;
return (0);
}
diff -r 3cd274e09c7a -r 4fa2d6d4fb35 usr.bin/ftp/main.c
--- a/usr.bin/ftp/main.c Thu Jun 09 22:14:20 2005 +0000
+++ b/usr.bin/ftp/main.c Fri Jun 10 00:18:46 2005 +0000
@@ -1,7 +1,7 @@
-/* $NetBSD: main.c,v 1.96 2005/05/20 06:13:23 jdc Exp $ */
+/* $NetBSD: main.c,v 1.97 2005/06/10 00:18:46 lukem Exp $ */
/*-
- * Copyright (c) 1996-2004 The NetBSD Foundation, Inc.
+ * Copyright (c) 1996-2005 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
@@ -104,7 +104,7 @@
#if 0
static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 10/9/94";
#else
-__RCSID("$NetBSD: main.c,v 1.96 2005/05/20 06:13:23 jdc Exp $");
+__RCSID("$NetBSD: main.c,v 1.97 2005/06/10 00:18:46 lukem Exp $");
#endif
#endif /* not lint */
@@ -645,25 +645,23 @@
fprintf(ttyout, "%s ", p);
(void)fflush(ttyout);
}
- if (fgets(line, sizeof(line), stdin) == NULL) {
+ num = getline(stdin, line, sizeof(line), NULL);
+ switch (num) {
+ case -1: /* EOF */
+ case -2: /* error */
if (fromatty)
putc('\n', ttyout);
quit(0, NULL);
- }
- num = strlen(line);
- if (num == 0)
- break;
- if (line[--num] == '\n') {
- if (num == 0)
- break;
- line[num] = '\0';
- } else if (num == sizeof(line) - 2) {
+ /* NOTREACHED */
+ case -3: /* too long; try again */
fputs("Sorry, input line is too long.\n",
ttyout);
- while ((ch = getchar()) != '\n' && ch != EOF)
- /* void */;
+ continue;
+ case 0: /* empty; try again */
Home |
Main Index |
Thread Index |
Old Index