From owner-svn-src-vendor@FreeBSD.ORG Fri Dec 5 22:34:18 2014 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 79C718C7; Fri, 5 Dec 2014 22:34:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64AB9A3; Fri, 5 Dec 2014 22:34:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sB5MYIf6081308; Fri, 5 Dec 2014 22:34:18 GMT (envelope-from gavin@FreeBSD.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sB5MYGZM081293; Fri, 5 Dec 2014 22:34:16 GMT (envelope-from gavin@FreeBSD.org) Message-Id: <201412052234.sB5MYGZM081293@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: gavin set sender to gavin@FreeBSD.org using -f From: Gavin Atkinson Date: Fri, 5 Dec 2014 22:34:16 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r275526 - in vendor/tnftp/dist: . libnetbsd src X-SVN-Group: vendor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Dec 2014 22:34:18 -0000 Author: gavin Date: Fri Dec 5 22:34:15 2014 New Revision: 275526 URL: https://svnweb.freebsd.org/changeset/base/275526 Log: Import tnftp-20141031. Modified: vendor/tnftp/dist/ChangeLog vendor/tnftp/dist/NEWS vendor/tnftp/dist/THANKS vendor/tnftp/dist/configure vendor/tnftp/dist/configure.ac vendor/tnftp/dist/libnetbsd/glob.c vendor/tnftp/dist/src/fetch.c vendor/tnftp/dist/src/ssl.h vendor/tnftp/dist/src/version.h Modified: vendor/tnftp/dist/ChangeLog ============================================================================== --- vendor/tnftp/dist/ChangeLog Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/ChangeLog Fri Dec 5 22:34:15 2014 (r275526) @@ -1,4 +1,15 @@ -$NetBSD: ChangeLog,v 1.62 2013/05/05 13:53:38 lukem Exp $ +$NetBSD: ChangeLog,v 1.63 2014/10/31 04:13:56 lukem Exp $ + + +Fri Oct 31 04:07:38 UTC 2014 lukem + + * Release as "tnftp 20141031". + + * Merge NetBSD usr.bin/ftp from 20130220 to 20141026: + - Don't pay attention to special characters if they don't + come from the command line (from jmcneill). + Fixes CVE-2014-8517. + - PR/34796: Hauke Fath: ftp does not timeout on http fetches. Sun May 5 13:51:47 UTC 2013 lukem Modified: vendor/tnftp/dist/NEWS ============================================================================== --- vendor/tnftp/dist/NEWS Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/NEWS Fri Dec 5 22:34:15 2014 (r275526) @@ -1,6 +1,14 @@ -$NetBSD: NEWS,v 1.9 2013/05/05 13:53:38 lukem Exp $ +$NetBSD: NEWS,v 1.10 2014/10/31 04:06:54 lukem Exp $ -This is tnftp version 20130505. +This is tnftp version 20141031. + +Changes in tnftp from 20130505 to 20141031: + + Ignore special character behaviour in filenames not provided + by the user. + Fixes CVE-2014-8517. + + Fix timeout on HTTP fetches. Changes in tnftp from 20100108 to 20130505: Modified: vendor/tnftp/dist/THANKS ============================================================================== --- vendor/tnftp/dist/THANKS Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/THANKS Fri Dec 5 22:34:15 2014 (r275526) @@ -19,9 +19,11 @@ Douwe Kiela Eugene Kotlyarov Geoff Wing Giles Lean +Hauke Fath Havard Eidnes Hubert Feyrer ITOH Yasufumi +Jared McNeill Jason R. Thorpe John Hawkinson Joseph S. Myers Modified: vendor/tnftp/dist/configure ============================================================================== --- vendor/tnftp/dist/configure Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/configure Fri Dec 5 22:34:15 2014 (r275526) @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac Revision: 1.25 . +# From configure.ac Revision: 1.26 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for tnftp 20130505. +# Generated by GNU Autoconf 2.69 for tnftp 20141031. # # Report bugs to . # @@ -13,7 +13,7 @@ # gives unlimited permission to copy, distribute and modify it. # # -# Copyright (c) 1999-2013 The NetBSD Foundation, Inc. +# Copyright (c) 1999-2014 The NetBSD Foundation, Inc. # All rights reserved. # ## -------------------- ## @@ -596,8 +596,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='tnftp' PACKAGE_TARNAME='tnftp' -PACKAGE_VERSION='20130505' -PACKAGE_STRING='tnftp 20130505' +PACKAGE_VERSION='20141031' +PACKAGE_STRING='tnftp 20141031' PACKAGE_BUGREPORT='lukem@NetBSD.org' PACKAGE_URL='' @@ -1333,7 +1333,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures tnftp 20130505 to adapt to many kinds of systems. +\`configure' configures tnftp 20141031 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1403,7 +1403,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of tnftp 20130505:";; + short | recursive ) echo "Configuration of tnftp 20141031:";; esac cat <<\_ACEOF @@ -1518,7 +1518,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -tnftp configure 20130505 +tnftp configure 20141031 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1526,7 +1526,7 @@ This configure script is free software; gives unlimited permission to copy, distribute and modify it. -Copyright (c) 1999-2013 The NetBSD Foundation, Inc. +Copyright (c) 1999-2014 The NetBSD Foundation, Inc. All rights reserved. _ACEOF @@ -2103,7 +2103,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by tnftp $as_me 20130505, which was +It was created by tnftp $as_me 20141031, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3067,7 +3067,7 @@ fi # Define the identity of the package. PACKAGE='tnftp' - VERSION='20130505' + VERSION='20141031' cat >>confdefs.h <<_ACEOF @@ -15274,7 +15274,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by tnftp $as_me 20130505, which was +This file was extended by tnftp $as_me 20141031, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -15340,7 +15340,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -tnftp config.status 20130505 +tnftp config.status 20141031 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Modified: vendor/tnftp/dist/configure.ac ============================================================================== --- vendor/tnftp/dist/configure.ac Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/configure.ac Fri Dec 5 22:34:15 2014 (r275526) @@ -1,15 +1,15 @@ -# $NetBSD: configure.ac,v 1.25 2013/05/05 13:50:50 lukem Exp $ +# $NetBSD: configure.ac,v 1.26 2014/10/31 04:03:54 lukem Exp $ # # Process this file with autoconf to produce a configure script. -AC_INIT([tnftp], [20130505], [lukem@NetBSD.org]) +AC_INIT([tnftp], [20141031], [lukem@NetBSD.org]) AC_PREREQ([2.69]) AC_COPYRIGHT([ -Copyright (c) 1999-2013 The NetBSD Foundation, Inc. +Copyright (c) 1999-2014 The NetBSD Foundation, Inc. All rights reserved. ]) -AC_REVISION([$Revision: 1.25 $]) +AC_REVISION([$Revision: 1.26 $]) AS_SHELL_SANITIZE() Modified: vendor/tnftp/dist/libnetbsd/glob.c ============================================================================== --- vendor/tnftp/dist/libnetbsd/glob.c Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/libnetbsd/glob.c Fri Dec 5 22:34:15 2014 (r275526) @@ -1,4 +1,4 @@ -/* $NetBSD: glob.c,v 1.11 2013/05/05 13:20:16 lukem Exp $ */ +/* $NetBSD: glob.c,v 1.12 2014/05/05 00:20:45 lukem Exp $ */ /* from: NetBSD: glob.c,v 1.34 2013/02/21 18:17:43 christos Exp */ /* @@ -176,8 +176,8 @@ static void qprintf(const char *, Char #endif int -glob(const char * __restrict pattern, int flags, int (*errfunc)(const char *, - int), glob_t * __restrict pglob) +glob(const char * pattern, int flags, int (*errfunc)(const char *, + int), glob_t * pglob) { const unsigned char *patnext; int c; Modified: vendor/tnftp/dist/src/fetch.c ============================================================================== --- vendor/tnftp/dist/src/fetch.c Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/src/fetch.c Fri Dec 5 22:34:15 2014 (r275526) @@ -1,5 +1,5 @@ -/* $NetBSD: fetch.c,v 1.19 2013/05/05 11:17:30 lukem Exp $ */ -/* from NetBSD: fetch.c,v 1.202 2013/02/23 13:47:36 christos Exp */ +/* $NetBSD: fetch.c,v 1.20 2014/10/31 03:37:59 lukem Exp $ */ +/* from NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -39,7 +39,7 @@ #include #ifndef lint -__RCSID(" NetBSD: fetch.c,v 1.202 2013/02/23 13:47:36 christos Exp "); +__RCSID(" NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp "); #endif /* not lint */ /* @@ -87,6 +87,7 @@ typedef enum { } url_t; __dead static void aborthttp(int); +__dead static void timeouthttp(int); #ifndef NO_AUTH static int auth_url(const char *, char **, const char *, const char *); static void base64_encode(const unsigned char *, size_t, unsigned char *); @@ -499,8 +500,10 @@ fetch_url(const char *url, const char *p { struct addrinfo hints, *res, *res0 = NULL; int error; - sigfunc volatile oldintr; - sigfunc volatile oldintp; + sigfunc volatile oldint; + sigfunc volatile oldpipe; + sigfunc volatile oldalrm; + sigfunc volatile oldquit; int volatile s; struct stat sb; int volatile ischunked; @@ -526,6 +529,7 @@ fetch_url(const char *url, const char *p int (*volatile closefunc)(FILE *); FETCH *volatile fin; FILE *volatile fout; + const char *volatile penv = proxyenv; time_t mtime; url_t urltype; in_port_t portnum; @@ -533,9 +537,9 @@ fetch_url(const char *url, const char *p void *ssl; #endif - DPRINTF("fetch_url: `%s' proxyenv `%s'\n", url, STRorNULL(proxyenv)); + DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv)); - oldintr = oldintp = NULL; + oldquit = oldalrm = oldint = oldpipe = NULL; closefunc = NULL; fin = NULL; fout = NULL; @@ -546,6 +550,9 @@ fetch_url(const char *url, const char *p rval = 1; uuser = pass = host = path = decodedpath = puser = ppass = NULL; + if (sigsetjmp(httpabort, 1)) + goto cleanup_fetch_url; + if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port, &portnum, &path) == -1) goto cleanup_fetch_url; @@ -571,7 +578,7 @@ fetch_url(const char *url, const char *p url_decode(decodedpath); if (outfile) - savefile = ftp_strdup(outfile); + savefile = outfile; else { cp = strrchr(decodedpath, '/'); /* find savefile */ if (cp != NULL) @@ -579,7 +586,7 @@ fetch_url(const char *url, const char *p else savefile = ftp_strdup(decodedpath); } - DPRINTF("fetch_url: savefile `%s'\n", savefile); + DPRINTF("%s: savefile `%s'\n", __func__, savefile); if (EMPTYSTRING(savefile)) { if (urltype == FTP_URL_T) { rval = fetch_ftp(url); @@ -595,8 +602,7 @@ fetch_url(const char *url, const char *p rangestart = rangeend = entitylen = -1; mtime = -1; if (restartautofetch) { - if (strcmp(savefile, "-") != 0 && *savefile != '|' && - stat(savefile, &sb) == 0) + if (stat(savefile, &sb) == 0) restart_point = sb.st_size; } if (urltype == FILE_URL_T) { /* file:// URLs */ @@ -631,18 +637,18 @@ fetch_url(const char *url, const char *p const char *leading; int hasleading; - if (proxyenv == NULL) { + if (penv == NULL) { #ifdef WITH_SSL if (urltype == HTTPS_URL_T) - proxyenv = getoptionvalue("https_proxy"); + penv = getoptionvalue("https_proxy"); #endif - if (proxyenv == NULL && IS_HTTP_TYPE(urltype)) - proxyenv = getoptionvalue("http_proxy"); + if (penv == NULL && IS_HTTP_TYPE(urltype)) + penv = getoptionvalue("http_proxy"); else if (urltype == FTP_URL_T) - proxyenv = getoptionvalue("ftp_proxy"); + penv = getoptionvalue("ftp_proxy"); } direction = "retrieved"; - if (! EMPTYSTRING(proxyenv)) { /* use proxy */ + if (! EMPTYSTRING(penv)) { /* use proxy */ url_t purltype; char *phost, *ppath; char *pport, *no_proxy; @@ -689,10 +695,10 @@ fetch_url(const char *url, const char *p if (isproxy) { if (restart_point) { warnx("Can't restart via proxy URL `%s'", - proxyenv); + penv); goto cleanup_fetch_url; } - if (parse_url(proxyenv, "proxy URL", &purltype, + if (parse_url(penv, "proxy URL", &purltype, &puser, &ppass, &phost, &pport, &pportnum, &ppath) == -1) goto cleanup_fetch_url; @@ -702,8 +708,7 @@ fetch_url(const char *url, const char *p EMPTYSTRING(phost) || (! EMPTYSTRING(ppath) && strcmp(ppath, "/") != 0)) { - warnx("Malformed proxy URL `%s'", - proxyenv); + warnx("Malformed proxy URL `%s'", penv); FREEPTR(phost); FREEPTR(pport); FREEPTR(ppath); @@ -729,7 +734,7 @@ fetch_url(const char *url, const char *p FREEPTR(ppath); urltype = purltype; } - } /* ! EMPTYSTRING(proxyenv) */ + } /* ! EMPTYSTRING(penv) */ memset(&hints, 0, sizeof(hints)); hints.ai_flags = 0; @@ -801,9 +806,13 @@ fetch_url(const char *url, const char *p goto cleanup_fetch_url; } + oldalrm = xsignal(SIGALRM, timeouthttp); + alarmtimer(quit_time ? quit_time : 60); fin = fetch_fdopen(s, "r+"); fetch_set_ssl(fin, ssl); + alarmtimer(0); + alarmtimer(quit_time ? quit_time : 60); /* * Construct and send the request. */ @@ -890,11 +899,15 @@ fetch_url(const char *url, const char *p fetch_printf(fin, "\r\n"); if (fetch_flush(fin) == EOF) { warn("Writing HTTP request"); + alarmtimer(0); goto cleanup_fetch_url; } + alarmtimer(0); /* Read the response */ + alarmtimer(quit_time ? quit_time : 60); len = fetch_getline(fin, buf, sizeof(buf), &errormsg); + alarmtimer(0); if (len < 0) { if (*errormsg == '\n') errormsg++; @@ -903,7 +916,7 @@ fetch_url(const char *url, const char *p } while (len > 0 && (ISLWS(buf[len-1]))) buf[--len] = '\0'; - DPRINTF("fetch_url: received `%s'\n", buf); + DPRINTF("%s: received `%s'\n", __func__, buf); /* Determine HTTP response code */ cp = strchr(buf, ' '); @@ -918,7 +931,9 @@ fetch_url(const char *url, const char *p /* Read the rest of the header. */ while (1) { + alarmtimer(quit_time ? quit_time : 60); len = fetch_getline(fin, buf, sizeof(buf), &errormsg); + alarmtimer(0); if (len < 0) { if (*errormsg == '\n') errormsg++; @@ -929,7 +944,7 @@ fetch_url(const char *url, const char *p buf[--len] = '\0'; if (len == 0) break; - DPRINTF("fetch_url: received `%s'\n", buf); + DPRINTF("%s: received `%s'\n", __func__, buf); /* * Look for some headers @@ -941,8 +956,8 @@ fetch_url(const char *url, const char *p filesize = STRTOLL(cp, &ep, 10); if (filesize < 0 || *ep != '\0') goto improper; - DPRINTF("fetch_url: parsed len as: " LLF "\n", - (LLT)filesize); + DPRINTF("%s: parsed len as: " LLF "\n", + __func__, (LLT)filesize); } else if (match_token(&cp, "Content-Range:")) { if (! match_token(&cp, "bytes")) @@ -1013,8 +1028,8 @@ fetch_url(const char *url, const char *p } else if (match_token(&cp, "Location:")) { location = ftp_strdup(cp); - DPRINTF("fetch_url: parsed location as `%s'\n", - cp); + DPRINTF("%s: parsed location as `%s'\n", + __func__, cp); } else if (match_token(&cp, "Transfer-Encoding:")) { if (match_token(&cp, "binary")) { @@ -1029,19 +1044,20 @@ fetch_url(const char *url, const char *p goto cleanup_fetch_url; } ischunked++; - DPRINTF("fetch_url: using chunked encoding\n"); + DPRINTF("%s: using chunked encoding\n", + __func__); } else if (match_token(&cp, "Proxy-Authenticate:") || match_token(&cp, "WWW-Authenticate:")) { if (! (token = match_token(&cp, "Basic"))) { - DPRINTF( - "fetch_url: skipping unknown auth scheme `%s'\n", - token); + DPRINTF("%s: skipping unknown auth " + "scheme `%s'\n", __func__, token); continue; } FREEPTR(auth); auth = ftp_strdup(token); - DPRINTF("fetch_url: parsed auth as `%s'\n", cp); + DPRINTF("%s: parsed auth as `%s'\n", + __func__, cp); } } @@ -1123,7 +1139,7 @@ fetch_url(const char *url, const char *p apass = NULL; } if (auth_url(auth, authp, auser, apass) == 0) { - rval = fetch_url(url, proxyenv, + rval = fetch_url(url, penv, proxyauth, wwwauth); memset(*authp, 0, strlen(*authp)); FREEPTR(*authp); @@ -1140,18 +1156,26 @@ fetch_url(const char *url, const char *p } } /* end of ftp:// or http:// specific setup */ - /* Open the output file. */ - if (strcmp(savefile, "-") == 0) { - fout = stdout; - } else if (*savefile == '|') { - oldintp = xsignal(SIGPIPE, SIG_IGN); - fout = popen(savefile + 1, "w"); - if (fout == NULL) { - warn("Can't execute `%s'", savefile + 1); - goto cleanup_fetch_url; + /* Open the output file. */ + + /* + * Only trust filenames with special meaning if they came from + * the command line + */ + if (outfile == savefile) { + if (strcmp(savefile, "-") == 0) { + fout = stdout; + } else if (*savefile == '|') { + oldpipe = xsignal(SIGPIPE, SIG_IGN); + fout = popen(savefile + 1, "w"); + if (fout == NULL) { + warn("Can't execute `%s'", savefile + 1); + goto cleanup_fetch_url; + } + closefunc = pclose; } - closefunc = pclose; - } else { + } + if (fout == NULL) { if ((rangeend != -1 && rangeend <= restart_point) || (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { /* already done */ @@ -1180,10 +1204,8 @@ fetch_url(const char *url, const char *p } /* Trap signals */ - if (sigsetjmp(httpabort, 1)) - goto cleanup_fetch_url; - (void)xsignal(SIGQUIT, psummary); - oldintr = xsignal(SIGINT, aborthttp); + oldquit = xsignal(SIGQUIT, psummary); + oldint = xsignal(SIGINT, aborthttp); assert(rcvbuf_size > 0); if ((size_t)rcvbuf_size > bufsize) { @@ -1195,6 +1217,10 @@ fetch_url(const char *url, const char *p bytes = 0; hashbytes = mark; + if (oldalrm) { + (void)xsignal(SIGALRM, oldalrm); + oldalrm = NULL; + } progressmeter(-1); /* Finally, suck down the file. */ @@ -1241,7 +1267,7 @@ fetch_url(const char *url, const char *p warnx("Unexpected data following chunk-size"); goto cleanup_fetch_url; } - DPRINTF("fetch_url: got chunk-size of " LLF "\n", + DPRINTF("%s: got chunk-size of " LLF "\n", __func__, (LLT)chunksize); if (chunksize == 0) { lastchunk = 1; @@ -1251,7 +1277,7 @@ fetch_url(const char *url, const char *p /* transfer file or chunk */ while (1) { struct timeval then, now, td; - off_t bufrem; + volatile off_t bufrem; if (rate_get) (void)gettimeofday(&then, NULL); @@ -1299,6 +1325,7 @@ fetch_url(const char *url, const char *p chunkdone: if (ischunked) { if (fetch_getln(xferbuf, bufsize, fin) == NULL) { + alarmtimer(0); warnx("Unexpected EOF reading chunk CRLF"); goto cleanup_fetch_url; } @@ -1350,10 +1377,14 @@ fetch_url(const char *url, const char *p warnx("Improper response from `%s:%s'", host, port); cleanup_fetch_url: - if (oldintr) - (void)xsignal(SIGINT, oldintr); - if (oldintp) - (void)xsignal(SIGPIPE, oldintp); + if (oldint) + (void)xsignal(SIGINT, oldint); + if (oldpipe) + (void)xsignal(SIGPIPE, oldpipe); + if (oldalrm) + (void)xsignal(SIGALRM, oldalrm); + if (oldquit) + (void)xsignal(SIGQUIT, oldpipe); if (fin != NULL) fetch_close(fin); else if (s != -1) @@ -1362,7 +1393,8 @@ fetch_url(const char *url, const char *p (*closefunc)(fout); if (res0) freeaddrinfo(res0); - FREEPTR(savefile); + if (savefile != outfile) + FREEPTR(savefile); FREEPTR(uuser); if (pass != NULL) memset(pass, 0, strlen(pass)); @@ -1388,12 +1420,32 @@ static void aborthttp(int notused) { char msgbuf[100]; - size_t len; + int len; sigint_raised = 1; alarmtimer(0); - len = strlcpy(msgbuf, "\nHTTP fetch aborted.\n", sizeof(msgbuf)); - write(fileno(ttyout), msgbuf, len); + if (fromatty) { + len = snprintf(msgbuf, sizeof(msgbuf), + "\n%s: HTTP fetch aborted.\n", getprogname()); + if (len > 0) + write(fileno(ttyout), msgbuf, len); + } + siglongjmp(httpabort, 1); +} + +static void +timeouthttp(int notused) +{ + char msgbuf[100]; + int len; + + alarmtimer(0); + if (fromatty) { + len = snprintf(msgbuf, sizeof(msgbuf), + "\n%s: HTTP fetch timeout.\n", getprogname()); + if (len > 0) + write(fileno(ttyout), msgbuf, len); + } siglongjmp(httpabort, 1); } Modified: vendor/tnftp/dist/src/ssl.h ============================================================================== --- vendor/tnftp/dist/src/ssl.h Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/src/ssl.h Fri Dec 5 22:34:15 2014 (r275526) @@ -1,5 +1,5 @@ -/* $NetBSD: ssl.h,v 1.1.1.1 2013/05/05 10:40:57 lukem Exp $ */ -/* from NetBSD: ssl.h,v 1.1 2012/12/21 18:07:36 christos Exp */ +/* $NetBSD: ssl.h,v 1.2 2014/10/31 03:57:14 lukem Exp $ */ +/* from NetBSD: ssl.h,v 1.2 2014/01/07 02:07:08 joerg Exp */ /*- * Copyright (c) 2012 The NetBSD Foundation, Inc. @@ -31,7 +31,8 @@ #define FETCH struct fetch_connect struct fetch_connect; -int fetch_printf(struct fetch_connect *, const char *fmt, ...); +int fetch_printf(struct fetch_connect *, const char *fmt, ...) + ; int fetch_fileno(struct fetch_connect *); int fetch_error(struct fetch_connect *); int fetch_flush(struct fetch_connect *); Modified: vendor/tnftp/dist/src/version.h ============================================================================== --- vendor/tnftp/dist/src/version.h Fri Dec 5 21:37:27 2014 (r275525) +++ vendor/tnftp/dist/src/version.h Fri Dec 5 22:34:15 2014 (r275526) @@ -1,5 +1,5 @@ -/* $NetBSD: version.h,v 1.5 2013/05/05 11:17:31 lukem Exp $ */ -/* from NetBSD: version.h,v 1.84 2013/05/05 10:40:19 lukem Exp */ +/* $NetBSD: version.h,v 1.6 2014/10/31 03:37:59 lukem Exp $ */ +/* from NetBSD: version.h,v 1.85 2014/10/31 03:27:18 lukem Exp */ /*- * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -35,5 +35,5 @@ #endif #ifndef FTP_VERSION -#define FTP_VERSION "20130220" +#define FTP_VERSION "20141026" #endif