/* Basic FTP routines.
- Copyright (C) 1996-2007 Free Software Foundation, Inc.
+ Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003,
+ 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This file is part of GNU Wget.
You should have received a copy of the GNU General Public License
along with Wget. If not, see <http://www.gnu.org/licenses/>.
-In addition, as a special exception, the Free Software Foundation
-gives permission to link the code of its release of Wget with the
-OpenSSL project's "OpenSSL" library (or with modified versions of it
-that use the same license as the "OpenSSL" library), and distribute
-the linked executables. You must obey the GNU General Public License
-in all respects for all of the code used other than "OpenSSL". If you
-modify this file, you may extend this exception to your version of the
-file, but you are not obligated to do so. If you do not wish to do
-so, delete this exception statement from your version. */
+Additional permission under GNU GPL version 3 section 7
-#include <config.h>
+If you modify this program, or any covered work, by linking or
+combining it with the OpenSSL project's OpenSSL library (or a
+modified version of that library), containing parts covered by the
+terms of the OpenSSL or SSLeay licenses, the Free Software Foundation
+grants you additional permission to convey the resulting work.
+Corresponding Source for a non-source form of such a combination
+shall include the source code for the parts of OpenSSL used as well
+as that of the covered work. */
+
+#include "wget.h"
#include <assert.h>
#include <stdio.h>
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif
-
-#include "wget.h"
#include "utils.h"
#include "connect.h"
#include "host.h"
char *p;
char *line = fd_read_line (fd);
if (!line)
- return FTPRERR;
+ return FTPRERR;
/* Strip trailing CRLF before printing the line, so that
- escnonprint doesn't include bogus \012 and \015. */
+ escnonprint doesn't include bogus \012 and \015. */
p = strchr (line, '\0');
if (p > line && p[-1] == '\n')
- *--p = '\0';
+ *--p = '\0';
if (p > line && p[-1] == '\r')
- *--p = '\0';
+ *--p = '\0';
if (opt.server_response)
- logprintf (LOG_NOTQUIET, "%s\n", escnonprint (line));
+ logprintf (LOG_NOTQUIET, "%s\n",
+ quotearg_style (escape_quoting_style, line));
else
- DEBUGP (("%s\n", escnonprint (line)));
+ DEBUGP (("%s\n", quotearg_style (escape_quoting_style, line)));
/* The last line of output is the one that begins with "ddd ". */
- if (ISDIGIT (line[0]) && ISDIGIT (line[1]) && ISDIGIT (line[2])
- && line[3] == ' ')
- {
- strncpy (ftp_last_respline, line, sizeof (ftp_last_respline));
- ftp_last_respline[sizeof (ftp_last_respline) - 1] = '\0';
- *ret_line = line;
- return FTPOK;
- }
+ if (c_isdigit (line[0]) && c_isdigit (line[1]) && c_isdigit (line[2])
+ && line[3] == ' ')
+ {
+ strncpy (ftp_last_respline, line, sizeof (ftp_last_respline));
+ ftp_last_respline[sizeof (ftp_last_respline) - 1] = '\0';
+ *ret_line = line;
+ return FTPOK;
+ }
xfree (line);
}
}
if (value)
{
/* Check for newlines in VALUE (possibly injected by the %0A URL
- escape) making the callers inadvertently send multiple FTP
- commands at once. Without this check an attacker could
- intentionally redirect to ftp://server/fakedir%0Acommand.../
- and execute arbitrary FTP command on a remote FTP server. */
+ escape) making the callers inadvertently send multiple FTP
+ commands at once. Without this check an attacker could
+ intentionally redirect to ftp://server/fakedir%0Acommand.../
+ and execute arbitrary FTP command on a remote FTP server. */
if (strpbrk (value, "\r\n"))
- {
- /* Copy VALUE to the stack and modify CR/LF to space. */
- char *defanged, *p;
- STRDUP_ALLOCA (defanged, value);
- for (p = defanged; *p; p++)
- if (*p == '\r' || *p == '\n')
- *p = ' ';
- DEBUGP (("\nDetected newlines in %s \"%s\"; changing to %s \"%s\"\n",
- command, escnonprint (value), command, escnonprint (defanged)));
- /* Make VALUE point to the defanged copy of the string. */
- value = defanged;
- }
+ {
+ /* Copy VALUE to the stack and modify CR/LF to space. */
+ char *defanged, *p;
+ STRDUP_ALLOCA (defanged, value);
+ for (p = defanged; *p; p++)
+ if (*p == '\r' || *p == '\n')
+ *p = ' ';
+ DEBUGP (("\nDetected newlines in %s \"%s\"; changing to %s \"%s\"\n",
+ command, quotearg_style (escape_quoting_style, value),
+ command, quotearg_style (escape_quoting_style, defanged)));
+ /* Make VALUE point to the defanged copy of the string. */
+ value = defanged;
+ }
res = concat_strings (command, " ", value, "\r\n", (char *) 0);
}
else
"331 s/key ",
"331 opiekey "
};
- int i;
+ size_t i;
const char *seed = NULL;
for (i = 0; i < countof (skey_head); i++)
{
- int l = strlen (skey_head[i]);
+ int l = strlen (skey_head[i]);
if (0 == strncasecmp (skey_head[i], respline, l))
- {
- seed = respline + l;
- break;
- }
+ {
+ seed = respline + l;
+ break;
+ }
}
if (seed)
{
int skey_sequence = 0;
- /* Extract the sequence from SEED. */
- for (; ISDIGIT (*seed); seed++)
- skey_sequence = 10 * skey_sequence + *seed - '0';
- if (*seed == ' ')
- ++seed;
+ /* Extract the sequence from SEED. */
+ for (; c_isdigit (*seed); seed++)
+ skey_sequence = 10 * skey_sequence + *seed - '0';
+ if (*seed == ' ')
+ ++seed;
else
{
xfree (respline);
return FTPLOGREFUSED;
}
- /* Replace the password with the SKEY response to the
- challenge. */
+ /* Replace the password with the SKEY response to the
+ challenge. */
pass = skey_response (skey_sequence, seed, pass);
}
}
{
case AF_INET:
snprintf (buf, buflen, "%d,%d,%d,%d,%d,%d,%d,%d,%d", 4, 4,
- ptr[0], ptr[1], ptr[2], ptr[3], 2,
- (port & 0xff00) >> 8, port & 0xff);
+ ptr[0], ptr[1], ptr[2], ptr[3], 2,
+ (port & 0xff00) >> 8, port & 0xff);
break;
case AF_INET6:
snprintf (buf, buflen,
- "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d",
- 6, 16,
- ptr[0], ptr[1], ptr[2], ptr[3], ptr[4], ptr[5], ptr[6], ptr[7],
- ptr[8], ptr[9], ptr[10], ptr[11], ptr[12], ptr[13], ptr[14], ptr[15],
- 2, (port & 0xff00) >> 8, port & 0xff);
+ "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d",
+ 6, 16,
+ ptr[0], ptr[1], ptr[2], ptr[3], ptr[4], ptr[5], ptr[6], ptr[7],
+ ptr[8], ptr[9], ptr[10], ptr[11], ptr[12], ptr[13], ptr[14], ptr[15],
+ 2, (port & 0xff00) >> 8, port & 0xff);
break;
default:
abort ();
}
/* Parse the request. */
s = respline;
- for (s += 4; *s && !ISDIGIT (*s); s++)
+ for (s += 4; *s && !c_isdigit (*s); s++)
;
if (!*s)
return FTPINVPASV;
for (i = 0; i < 6; i++)
{
tmp[i] = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
tmp[i] = (*s - '0') + 10 * tmp[i];
if (*s == ',')
s++;
/* Parse the response. */
s = respline;
- for (s += 4; *s && !ISDIGIT (*s); s++)
+ for (s += 4; *s && !c_isdigit (*s); s++)
;
if (!*s)
return FTPINVPASV;
/* First, get the address family */
af = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
af = (*s - '0') + 10 * af;
if (af != 4 && af != 6)
/* Then, get the address length */
addrlen = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
addrlen = (*s - '0') + 10 * addrlen;
if (!*s || *s++ != ',')
for (i = 0; i < addrlen; i++)
{
tmp[i] = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
tmp[i] = (*s - '0') + 10 * tmp[i];
if (*s == ',')
s++;
/* Now, get the port length */
portlen = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
portlen = (*s - '0') + 10 * portlen;
if (!*s || *s++ != ',')
/* Finally, we get the port number */
tmpprt[0] = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
tmpprt[0] = (*s - '0') + 10 * tmpprt[0];
if (!*s || *s++ != ',')
}
tmpprt[1] = 0;
- for (; ISDIGIT (*s); s++)
+ for (; c_isdigit (*s); s++)
tmpprt[1] = (*s - '0') + 10 * tmpprt[1];
assert (s != NULL);
/* Finally, get the port number */
tport = 0;
- for (i = 1; ISDIGIT (*s); s++)
+ for (i = 1; c_isdigit (*s); s++)
{
if (i > 5)
{
int nwritten;
uerr_t err;
bool ok = false;
- int i = 0;
+ size_t i = 0;
/* Try `LIST -a' first and revert to `LIST' in case of failure. */
const char *list_commands[] = { "LIST -a",
"LIST" };
{
err = FTPNSFOD;
}
- else if (*respline == '1')
+ else if (*respline == '1')
{
err = FTPOK;
ok = true;
}
else
{
- err = FTPRERR;
+ err = FTPRERR;
}
xfree (respline);
}
else if (!strcasecmp (request, "UNIX"))
*server_type = ST_UNIX;
else if (!strcasecmp (request, "WINDOWS_NT")
- || !strcasecmp (request, "WINDOWS2000"))
+ || !strcasecmp (request, "WINDOWS2000"))
*server_type = ST_WINNT;
else if (!strcasecmp (request, "MACOS"))
*server_type = ST_MACOS;
if (params
&& 0 == strncasecmp (params, "type=", 5)
&& params[5] != '\0')
- return TOUPPER (params[5]);
+ return c_toupper (params[5]);
else
return 'I';
}