X-Git-Url: http://sjero.net/git/?a=blobdiff_plain;f=src%2Fftp.c;h=3159171f7c4caa3c26bc92d59aadf83ea0254ca0;hb=30ac043b0a4a9a983dd1b50ce1c89ed953019292;hp=ebddf3a06fbfaaf9d8890fbd459452b2ea209bcc;hpb=fd42ae13117c207c91558c2f466ffdbf6bb55039;p=wget diff --git a/src/ftp.c b/src/ftp.c index ebddf3a0..3159171f 100644 --- a/src/ftp.c +++ b/src/ftp.c @@ -16,7 +16,17 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Wget; if not, write to the Free Software -Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +In addition, as a special exception, the Free Software Foundation +gives permission to link the code of its release of Wget with the +OpenSSL project's "OpenSSL" library (or with modified versions of it +that use the same license as the "OpenSSL" library), and distribute +the linked executables. You must obey the GNU General Public License +in all respects for all of the code used other than "OpenSSL". If you +modify this file, you may extend this exception to your version of the +file, but you are not obligated to do so. If you do not wish to do +so, delete this exception statement from your version. */ #include @@ -175,7 +185,7 @@ getftp (struct url *u, long *len, long restval, ccon *con) address_list_release (al); if (csock < 0) - return errno == ECONNREFUSED ? CONREFUSED : CONERROR; + return CONNECT_ERROR (errno); if (cmd & LEAVE_PENDING) rbuf_initialize (&con->rbuf, csock); @@ -568,7 +578,7 @@ Error in server response, closing control connection.\n")); logprintf (LOG_VERBOSE, _("couldn't connect to %s:%hu: %s\n"), pretty_print_address (&passive_addr), passive_port, strerror (save_errno)); - return save_errno == ECONNREFUSED ? CONREFUSED : CONERROR; + return CONNECT_ERROR (save_errno); } pasv_mode_open = 1; /* Flag to avoid accept port */ @@ -861,7 +871,7 @@ Error in server response, closing control connection.\n")); /* Rewind the output document if the download starts over and if this is the first download. See gethttp() for a longer explanation. */ - if (!restval && global_download_count == 0) + if (!restval && global_download_count == 0 && opt.dfp != stdout) { /* This will silently fail for streams that don't correspond to regular files, but that's OK. */ @@ -1583,7 +1593,7 @@ Not descending to `%s' as it is excluded/not-included.\n"), newdir); static uerr_t ftp_retrieve_glob (struct url *u, ccon *con, int action) { - struct fileinfo *orig, *start; + struct fileinfo *f, *orig, *start; uerr_t res; con->cmd |= LEAVE_PENDING; @@ -1596,8 +1606,7 @@ ftp_retrieve_glob (struct url *u, ccon *con, int action) opt.accepts and opt.rejects. */ if (opt.accepts || opt.rejects) { - struct fileinfo *f = orig; - + f = orig; while (f) { if (f->type != FT_DIRECTORY && !acceptable (f->name)) @@ -1609,13 +1618,25 @@ ftp_retrieve_glob (struct url *u, ccon *con, int action) f = f->next; } } + /* Remove all files with possible harmful names */ + f = orig; + while (f) + { + if (has_insecure_name_p(f->name)) + { + logprintf (LOG_VERBOSE, _("Rejecting `%s'.\n"), f->name); + f = delelement (f, &start); + } + else + f = f->next; + } /* Now weed out the files that do not match our globbing pattern. If we are dealing with a globbing pattern, that is. */ if (*u->file && (action == GLOBALL || action == GETONE)) { int matchres = 0; - struct fileinfo *f = start; + f = start; while (f) { matchres = fnmatch (u->file, f->name, 0);