sporadic bogus syscall on i386
Hi, I see sporadic segmentation faults and this log message on i386: Dec 9 23:24:54 ot1 /bsd: [cc]91041/433958 pc=affd80b inside cf36000-cf41000: bogus syscall First mmap(2) in ld.so fails with ENOMEM, second call succeeds. But msyscall(2) uses the address from the first call. We have to reset exec_start address when we retry. ok? bluhm Index: libexec/ld.so/library_mquery.c === RCS file: /data/mirror/openbsd/cvs/src/libexec/ld.so/library_mquery.c,v retrieving revision 1.62 diff -u -p -r1.62 library_mquery.c --- libexec/ld.so/library_mquery.c 30 Nov 2019 23:06:02 - 1.62 +++ libexec/ld.so/library_mquery.c 9 Dec 2019 22:43:39 - @@ -112,8 +112,8 @@ _dl_tryload_shlib(const char *libname, i Elf_Phdr *ptls = NULL; Elf_Addr relro_addr = 0, relro_size = 0; struct stat sb; - char hbuf[4096], *exec_start = 0; - size_t exec_size = 0; + char hbuf[4096], *exec_start; + size_t exec_size; #define ROUND_PG(x) (((x) + align) & ~(align)) #define TRUNC_PG(x) ((x) & ~(align)) @@ -232,6 +232,8 @@ _dl_tryload_shlib(const char *libname, i #define LOFF ((Elf_Addr)lowld->start - lowld->moff) retry: + exec_start = NULL; + exec_size = 0; for (ld = lowld; ld != NULL; ld = ld->next) { off_t foff; int fd, flags; @@ -264,12 +266,6 @@ retry: res = _dl_mmap((void *)(LOFF + ld->moff), ROUND_PG(ld->size), ld->prot, flags | MAP_FIXED | __MAP_NOREPLACE, fd, foff); - - if ((ld->prot & PROT_EXEC) && exec_start == 0) { - exec_start = (void *)(LOFF + ld->moff); - exec_size = ROUND_PG(ld->size); - } - if (_dl_mmap_error(res)) { struct load_list *ll; @@ -281,6 +277,11 @@ retry: lowld->start += ROUND_PG(ld->size); goto retry; + } + + if ((ld->prot & PROT_EXEC) && exec_start == NULL) { + exec_start = (void *)(LOFF + ld->moff); + exec_size = ROUND_PG(ld->size); } ld->start = res;
rpki-client: improve the distclean target
Without this patch distclean may leave around some *.old files generated by configure. --- a/Makefile +++ b/Makefile @@ -73,7 +73,7 @@ clean: rm -f $(BINS) $(ALLOBJS) rpki-client.install.8 distclean: clean - rm -f config.h config.log Makefile.configure + rm -f config.h config.log config.h.old config.log.old Makefile.configure $(ALLOBJS): extern.h config.h -- ciao, Marco signature.asc Description: PGP signature
ospf6d: refactor kernel route message handling
Give some love to ospf6d. The goal is to have ospf6d looks like ospfd, this could be useful to have changes made in one daemon from one go inside the other. I will do it step by step until I get to the point where "ospf6ctl reload" works. First step is to refactor kernel route message handling, no functionnal change. Denis Index: kroute.c === RCS file: /cvs/src/usr.sbin/ospf6d/kroute.c,v retrieving revision 1.60 diff -u -p -r1.60 kroute.c --- kroute.c2 Jan 2019 21:32:55 - 1.60 +++ kroute.c9 Dec 2019 17:35:33 - @@ -80,7 +80,7 @@ struct kroute_node*kroute_match(struct intprotect_lo(void); void get_rtaddrs(int, struct sockaddr *, struct sockaddr **); -void if_change(u_short, int, struct if_data *); +void if_change(u_short, int, struct if_data *, struct sockaddr_dl *); void if_newaddr(u_short, struct sockaddr_in6 *, struct sockaddr_in6 *, struct sockaddr_in6 *); void if_deladdr(u_short, struct sockaddr_in6 *, @@ -90,6 +90,7 @@ void if_announce(void *); intsend_rtmsg(int, int, struct kroute *); intdispatch_rtmsg(void); intfetchtable(void); +intrtmsg_process(char *, size_t); RB_HEAD(kroute_tree, kroute_node) krt; RB_PROTOTYPE(kroute_tree, kroute_node, entry, kroute_compare) @@ -801,7 +802,8 @@ get_rtaddrs(int addrs, struct sockaddr * } void -if_change(u_short ifindex, int flags, struct if_data *ifd) +if_change(u_short ifindex, int flags, struct if_data *ifd, +struct sockaddr_dl *sdl) { struct kroute_node *kr, *tkr; struct iface*iface; @@ -809,7 +811,7 @@ if_change(u_short ifindex, int flags, st wasvalid = kif_validate(ifindex); - if ((iface = kif_update(ifindex, flags, ifd, NULL)) == NULL) { + if ((iface = kif_update(ifindex, flags, ifd, sdl)) == NULL) { log_warn("if_change: kif_update(%u)", ifindex); return; } @@ -1135,12 +1137,8 @@ fetchtable(void) { size_t len; int mib[7]; - char*buf, *next, *lim; - struct rt_msghdr*rtm; - struct sockaddr *sa, *rti_info[RTAX_MAX]; - struct sockaddr_in6 *sa_in6; - struct sockaddr_rtlabel *label; - struct kroute_node *kr; + char*buf; + int rv; mib[0] = CTL_NET; mib[1] = PF_ROUTE; @@ -1164,102 +1162,10 @@ fetchtable(void) return (-1); } - lim = buf + len; - for (next = buf; next < lim; next += rtm->rtm_msglen) { - rtm = (struct rt_msghdr *)next; - if (rtm->rtm_version != RTM_VERSION) - continue; - sa = (struct sockaddr *)(next + rtm->rtm_hdrlen); - get_rtaddrs(rtm->rtm_addrs, sa, rti_info); - - if ((sa = rti_info[RTAX_DST]) == NULL) - continue; - - /* Skip ARP/ND cache and broadcast routes. */ - if (rtm->rtm_flags & (RTF_LLINFO|RTF_BROADCAST)) - continue; - - if ((kr = calloc(1, sizeof(struct kroute_node))) == NULL) { - log_warn("fetchtable"); - free(buf); - return (-1); - } - - kr->r.flags = F_KERNEL; - kr->r.priority = rtm->rtm_priority; - - switch (sa->sa_family) { - case AF_INET6: - kr->r.prefix = - ((struct sockaddr_in6 *)sa)->sin6_addr; - sa_in6 = (struct sockaddr_in6 *)rti_info[RTAX_NETMASK]; - if (rtm->rtm_flags & RTF_STATIC) - kr->r.flags |= F_STATIC; - if (rtm->rtm_flags & RTF_BLACKHOLE) - kr->r.flags |= F_BLACKHOLE; - if (rtm->rtm_flags & RTF_REJECT) - kr->r.flags |= F_REJECT; - if (rtm->rtm_flags & RTF_DYNAMIC) - kr->r.flags |= F_DYNAMIC; - if (sa_in6 != NULL) { - if (sa_in6->sin6_len == 0) - break; - kr->r.prefixlen = - mask2prefixlen(sa_in6); - } else if (rtm->rtm_flags & RTF_HOST) - kr->r.prefixlen = 128; - else - fatalx("classful IPv6 route?!!"); - break; - default: - free(kr); - continue; - } - - kr->r.ifindex = rtm->rtm_index;
getusershell.c: remove unused includes
These are remnants from before the code was simplified by tedu@. - todd Index: lib/libc/gen/getusershell.c === RCS file: /cvs/src/lib/libc/gen/getusershell.c,v retrieving revision 1.17 diff -u -p -u -r1.17 getusershell.c --- lib/libc/gen/getusershell.c 8 Dec 2015 16:28:26 - 1.17 +++ lib/libc/gen/getusershell.c 9 Dec 2019 18:07:08 - @@ -28,10 +28,7 @@ * SUCH DAMAGE. */ -#include -#include #include -#include #include #include #include
ldomctl: status: print started and stopped domains alike
This fixes # ldomctl status primary -running OpenBSD running 0% guest1stopped guest2 ttyV1running OpenBoot Primary Boot Loader 50% to look like # ./obj/ldomctl status primary -running OpenBSD running 0% guest1 ttyV0stopped - 0% guest2 ttyV1running OpenBoot Primary Boot Loader 50% Diff with -w for easier review. OK? Index: ldomctl.c === RCS file: /cvs/src/usr.sbin/ldomctl/ldomctl.c,v retrieving revision 1.28 diff -u -p -w -r1.28 ldomctl.c --- ldomctl.c 30 Nov 2019 03:30:29 - 1.28 +++ ldomctl.c 9 Dec 2019 16:47:10 - @@ -610,9 +610,6 @@ guest_status(int argc, char **argv) break; } - if (state.state != GUEST_STATE_NORMAL) - printf("%-16s %-16s\n", guest->name, state_str); - else { /* primary has no console */ if (guest->gid != 0) { snprintf(console_str, sizeof(console_str), @@ -620,9 +617,8 @@ guest_status(int argc, char **argv) } printf("%-16s %-8s %-16s %-32s %3.0f%%\n", guest->name, - console_str, state_str, softstate.soft_state_str, - utilisation); - } + console_str, state_str, state.state == GUEST_STATE_NORMAL ? + softstate.soft_state_str : "-", utilisation); } }
Re: [PATCH] correcting in-sane ntpd.conf
Tim Kuijsten wrote: > > Nor do you bring up the traffic to the IP addresses offered by > > pool.ntp.org. That traffic has a pattern easily distinguished as > > "system startup". > > > > What's the difference? There isn't. Yet you brought up only google. > > I can understand why someone would be ok with sending some packets > to small players like pool.ntp.org and not be ok with sending packets > to extremely big and powerful companies that are in the business > of surveillance capitalism. Divide and conquer! So you have no justification at all.
[patch] xhci: Context Entries initialization fix
Hello, My uplcom(4) does not work correctly with Etron EJ168 xhci. It is attached correctly, but cannot be opened. If it is attached to other xHCI or EHCI, it works. When ucom is opened, bulk-in endpoint is configured at first, then bulk-out one is configured. The former has DCI=7 and the latter has DCI=4 (see below). Most of xHCIs allow to use this DCI value as a Context Entries in the Slot Context. But Etron EJ168 does not allow, that is, it requires the Context Entries shall be "Maximum DCI of configured endpoint contexts", as the specification 4.5.2 suggests. Otherwise it will generate Parameter Error(17). In my uplcom case, software should configure the bulk-in endpoint with Context Entries=7, and the bulk-out endpoint with Context Entries=7. xhci2 at pci5 dev 0 function 0 "Etron EJ168 xHCI" rev 0x01: msi, xHCI 1.0 xhci2: CAPLENGTH=0x20 xhci2: DOORBELL=0x3000 xhci2: RUNTIME=0x2000 xhci2: 64 bytes context xhci2: supported page size 0x0001 xhci2: 4 ports and 64 slots xhci2: 4 scratch pages, ETE=0, IST=0x7 usb2 at xhci2: USB revision 3.0 uhub2 at usb2 configuration 1 interface 0 "Etron xHCI root hub" rev 3.00/1.00 addr 1 xhci2: DCBAAP=00xda0d5000 xhci2: CRCR=00 (da0d6000) xhci2: ERSTBA=00xd9f3e000 xhci2: ERDP=00xda0d7000 xhci2: USBCMD=0x5 xhci2: IMAN=0x2 # xhci2: port=2 change=0x04 xhci2: port=2 change=0x04 xhci2: xhci_cmd_slot_control xhci2: dev 1, input=0xfd80dbe0 slot=0xfd80dbe00040 ep0=0xfd80dbe00080 xhci2: dev 1, setting DCBAA to 0xdbe01000 xhci_pipe_init: pipe=0x8050b000 addr=0 depth=1 port=2 speed=2 dev 1 dci 1 (epAddr=0x0) xhci2: xhci_cmd_set_address BSR=1 xhci2: xhci_cmd_set_address BSR=0 xhci2: dev 1 addr 1 uplcom0 at uhub2 port 2 configuration 1 interface 0 "Prolific Technology Inc. USB-Serial Controller" rev 1.10/3.00 addr 2 ucom0 at uplcom0 # cu -s115200 -lttyU0 xhci_pipe_init: pipe=0x8081a000 addr=2 depth=1 port=2 speed=2 dev 1 dci 7 (epAddr=0x83) xhci2: xhci_cmd_configure_ep dev 1 xhci_pipe_init: pipe=0x8081b000 addr=2 depth=1 port=2 speed=2 dev 1 dci 4 (epAddr=0x2) xhci2: xhci_cmd_configure_ep dev 1 xhci2: event error code=17, result=33 trb=0x800022376430 (0xda0d6040 0x1100 0x1008401) xhci2: xhci_cmd_slot_control xhci2: xhci_cmd_configure_ep dev 1 xhci2: event error code=11, result=33 trb=0x800022376530 (0xda0d6060 0x0b00 0x1008401) xhci2: error clearing ep (7) cu: open("/dev/ttyU0"): Input/output error To fix the problem, set the maximum value between the DCI of the last valid Endpoint Context and the DCI to be configured to the DCI to be configured. --- sys/dev/usb/xhci.c.orig Wed Dec 4 22:32:43 2019 +++ sys/dev/usb/xhci.c Sun Dec 8 03:24:00 2019 @@ -1330,7 +1330,7 @@ xhci_pipe_maxburst(struct usbd_pipe *pipe) int xhci_context_setup(struct xhci_softc *sc, struct usbd_pipe *pipe) { - struct xhci_pipe *xp = (struct xhci_pipe *)pipe; + struct xhci_pipe *lxp, *xp = (struct xhci_pipe *)pipe; struct xhci_soft_dev *sdev = >sc_sdevs[xp->slot]; usb_endpoint_descriptor_t *ed = pipe->endpoint->edesc; uint32_t mps = UGETW(ed->wMaxPacketSize); @@ -1338,6 +1338,7 @@ xhci_context_setup(struct xhci_softc *sc, struct usbd_ uint8_t speed, cerr = 0; uint32_t route = 0, rhport = 0; struct usbd_device *hub; + int i; /* * Calculate the Route String. Assume that there is no hub with @@ -1393,9 +1394,16 @@ xhci_context_setup(struct xhci_softc *sc, struct usbd_ sdev->input_ctx->drop_flags = 0; sdev->input_ctx->add_flags = htole32(XHCI_INCTX_MASK_DCI(xp->dci)); + /* Find the last valid Endpoint Context */ + for (i = 30; i >= 0; i--) { + lxp = sdev->pipes[i]; + if (lxp != NULL && lxp != xp) + break; + } + /* Setup the slot context */ sdev->slot_ctx->info_lo = htole32( - XHCI_SCTX_DCI(xp->dci) | XHCI_SCTX_SPEED(speed) | + XHCI_SCTX_DCI(max(lxp->dci, xp->dci)) | XHCI_SCTX_SPEED(speed) | XHCI_SCTX_ROUTE(route) ); sdev->slot_ctx->info_hi = htole32(XHCI_SCTX_RHPORT(rhport));
legacy sending of traps in snmpd
Hi, any initialization of the form struct ber_oid trapoid = OID(MIB_snmpTrapOID); requires a smi_scalar_oidlen() afterwards to set 'bo_n' to the correct length. The old ber_oid_cmp() from usr.sbin/snmpd/ber.c used to iterate over all elements of 'bo_id' and not just the first 'bo_n' ones. So calling smi_scalar_oidlen() wasn't a requirement here. However, with the new ober_oid_cmp() it is, since this version only iterates up to 'bo_n' array elements. Gerhard Index: usr.sbin/snmpd/trap.c === RCS file: /cvs/src/usr.sbin/snmpd/trap.c,v retrieving revision 1.33 diff -u -p -u -p -r1.33 trap.c --- usr.sbin/snmpd/trap.c 24 Oct 2019 12:39:27 - 1.33 +++ usr.sbin/snmpd/trap.c 9 Dec 2019 13:32:21 - @@ -83,6 +83,8 @@ trap_agentx(struct agentx_handle *h, str goto done; } + smi_scalar_oidlen(); + smi_scalar_oidlen(); while (pdu->datalen > sizeof(struct agentx_hdr)) { x++;
Re: attention please: host's IP stack behavior got changed slightly
On Mon, Dec 09, 2019 at 10:58:32AM +0500, Alexander E. Patrakov wrote: > 08.12.2019 16:42, Alexandr Nedvedicky wrote: > > Hello, > > > > commit from today [1] makes IP stack more paranoid. Up to now OpenBSD > > implemented so called 'weak host model' [2]. The today's commit alters > > that for hosts, which don't forward packets (don't act as routers). > > > > Your laptops, desktops and servers now check packet destination address > > with IP address bound to interface, where such packet is received on. > > If there will be mismatch the packet will be discarded and 'wrongif' > > counter will be bumped. You can use 'netstat -s|grep wrongif' to > > display the counter value. > > > > It is understood the behavior, which has been settled in IP stack since > > 80's, > > got changed. tech@openbsd.org (or b...@openbsd.org) wants to hear back from > > you, > > if this change breaks your existing set up. There is a common believe this > > change won't hurt majority (> 97%) users, though there is some non-zero > > risk, > > hence this announcement is being sent. > > Thanks for the announcement, it indeed looks like a useful hardening. > However, I am worried about one particular class of systems that forward > packets. Namely, systems that run virtual machines. This fix does not apply > to them, although in most cases it should. If forwarding is turned on then the system will behave like now. In general in such cases you should configure the firewall according to your needs. The system does not have enough information to understand which interfaces / IP are fine to route between and which ones are not. > There might be also other classes of routers which don't do anything > asymmetric and therefore would also want protection from packets received on > the wrong interface. This has nothing todo with symmetric or asymmetric routing. It has to do with the fact that you are forwarding packets between interfaces and so reaching the other interface of a box is like talking to host that is connected to that interface. Again on systems with forwarding enabled you need to configure the firewall to prevent traffic to cross a boundary. > So maybe a separate announcement should be sent, with recommendations how to > protect such systems. There is no simple recommendation for systems forwarding traffic. There are too many scenarios to cover. You have to configure pf(4) based on your network topology. pf(4) has a few ways to help you to do this: # for example use "on" to allow traffic on specific interfaces block in all pass in on external to $external_ip pass in on internal to $internal_ip # for example use received-on on out rules to know if something is # forwarded pass out on external received-on internal # block all forwarded traffic into internal network block out on internal received-on any People need to be careful about passing traffic in to local ips, in general such rules should always specify an interface: # bad, since this permits traffic from every interface pass in proto tcp to $internal_ip port 8080 Additionally there is antispoof and uRPF check to make some attacks harder or impossible. Again depending on your setup they may be an option or not. -- :wq Claudio
Re: [PATCH] correcting in-sane ntpd.conf
On 2019/12/09 13:16, Tim Kuijsten wrote: > > Nor do you bring up the traffic to the IP addresses offered by > > pool.ntp.org. That traffic has a pattern easily distinguished as > > "system startup". > > > > What's the difference? There isn't. Yet you brought up only google. > > I can understand why someone would be ok with sending some packets > to small players like pool.ntp.org and not be ok with sending packets > to extremely big and powerful companies that are in the business > of surveillance capitalism. Divide and conquer! > I don't see how pool.ntp.org can be described as a small player when it comes to public NTP servers? 3 of the 4 hosts I currently get from them are large transit ISPs (NTT, TATA, Interoute). Plus of course you have no idea in advance who you are getting. If you are concerned about people using this information to evaluate things like how many machines you have running OpenBSD or how often they reboot, run your own NTP server with an internet upstream and point clients there. Or if you don't want people on the network path between you and public NTP servers to figure out that you're running OpenBSD at all from your time queries, GNSS modules are pretty cheap nowadays so you can run your own stratum 1 easily enough.
Re: ripd: fix split-horizon simple
On Sun, Dec 08, 2019 at 11:29:43PM +0100, Remi Locherer wrote: > Hi, > > when "split-horizon simple" is used, ripd might send out messges with 0 > routes in it. This is because nentries is counted up even if the route > was not added to buf. Moving nentries++ up is fixing this. > > Below log message is an indicator for this bug: > recv_response: bad packet size, interface vether0 > > OK? OK claudio@ but I would prefer if you also adjust send_request() just above to the same layout. That code does not have the issue with the goto free but it would be nice if the same pattern would be used in both functions. > Remi > > > Index: message.c > === > RCS file: /cvs/src/usr.sbin/ripd/message.c,v > retrieving revision 1.12 > diff -u -p -r1.12 message.c > --- message.c 25 Oct 2014 03:23:49 - 1.12 > +++ message.c 8 Dec 2019 22:02:38 - > @@ -292,11 +292,11 @@ send_response(struct packet_head *r_list > ibuf_add(buf, , sizeof(netmask)); > ibuf_add(buf, , sizeof(nexthop)); > ibuf_add(buf, , sizeof(metric)); > + nentries++; > free: > TAILQ_REMOVE(r_list, entry, entry); > delete_entry(entry->rr); > free(entry); > - nentries++; > } > > if (iface->auth_type == AUTH_CRYPT) > -- :wq Claudio
Re: ripd: fix error message
On Sun, Dec 08, 2019 at 11:23:31PM +0100, Remi Locherer wrote: > Hi, > > this fixes an error message to reflect the correct function name. > > OK? OK claudio@ > Remi > > > Index: message.c > === > RCS file: /cvs/src/usr.sbin/ripd/message.c,v > retrieving revision 1.12 > diff -u -p -r1.12 message.c > --- message.c 25 Oct 2014 03:23:49 - 1.12 > +++ message.c 8 Dec 2019 22:02:38 - > @@ -70,7 +70,7 @@ add_entry(struct packet_head *r_list, st > fatalx("add_entry: no route report"); > > if ((re = calloc(1, sizeof(*re))) == NULL) > - fatal("add_response"); > + fatal("add_entry"); > > TAILQ_INSERT_TAIL(r_list, re, entry); > re->rr = rr; > -- :wq Claudio
Re: ripd: remove unused line
On Sun, Dec 08, 2019 at 11:20:16PM +0100, Remi Locherer wrote: > Hi, > > iface is not used afterwards. I think it should have been removed > in revision 1.8. > > OK? OK claudio@ > Remi > > > Index: ripe.c > === > RCS file: /cvs/src/usr.sbin/ripd/ripe.c,v > retrieving revision 1.23 > diff -u -p -r1.23 ripe.c > --- ripe.c4 Nov 2018 07:52:55 - 1.23 > +++ ripe.c8 Dec 2019 13:28:29 - > @@ -398,7 +398,6 @@ ripe_dispatch_rde(int fd, short event, v > imsg.hdr.peerid); > break; > } > - iface = nbr->iface; > add_entry(>rp_list, rr); > > break; > -- :wq Claudio
Re: [PATCH] correcting in-sane ntpd.conf
> Nor do you bring up the traffic to the IP addresses offered by > pool.ntp.org. That traffic has a pattern easily distinguished as > "system startup". > > What's the difference? There isn't. Yet you brought up only google. I can understand why someone would be ok with sending some packets to small players like pool.ntp.org and not be ok with sending packets to extremely big and powerful companies that are in the business of surveillance capitalism. Divide and conquer!
ftp(1) fetch.c: print sent headers with -d
Since rev 1.176 TLS connections are also handled with stdio. When removing the ftp_printf wrapper I also removed the optional printing of headers sent to the server. The diff below reinstates ftp_printf for !SMALL builds. For ramdisks, ftp_printf is just a #define so size doesn't change. ok? Index: fetch.c === --- fetch.c.orig +++ fetch.c @@ -78,6 +78,11 @@ static char *recode_credentials(const ch static char*ftp_readline(FILE *, size_t *); static voidftp_close(FILE **, struct tls **, volatile int *); static const char *sockerror(struct tls *); +#ifdef SMALL +#defineftp_printf(fp, ...) fprintf(fp, __VA_ARGS__) +#else +static int ftp_printf(FILE *, const char *, ...); +#endif /* SMALL */ #ifndef NOSSL static int proxy_connect(int, char *, char *); static int stdio_tls_write_wrapper(void *, const char *, int); @@ -695,14 +700,14 @@ noslash: * the original URI (path). */ if (credentials) - fprintf(fin, "GET %s HTTP/1.1\r\n" + ftp_printf(fin, "GET %s HTTP/1.1\r\n" "Connection: close\r\n" "Proxy-Authorization: Basic %s\r\n" "Host: %s\r\n%s%s\r\n\r\n", epath, credentials, proxyhost, buf ? buf : "", httpuseragent); else - fprintf(fin, "GET %s HTTP/1.1\r\n" + ftp_printf(fin, "GET %s HTTP/1.1\r\n" "Connection: close\r\n" "Host: %s\r\n%s%s\r\n\r\n", epath, proxyhost, buf ? buf : "", httpuseragent); @@ -721,7 +726,7 @@ noslash: #endif /* SMALL */ #ifndef NOSSL if (credentials) { - fprintf(fin, + ftp_printf(fin, "GET /%s HTTP/1.1\r\n" "Connection: close\r\n" "Authorization: Basic %s\r\n" @@ -730,12 +735,12 @@ noslash: credentials = NULL; } else #endif /* NOSSL */ - fprintf(fin, + ftp_printf(fin, "GET /%s HTTP/1.1\r\n" "Connection: close\r\n" "Host: ", epath); if (proxyhost) { - fprintf(fin, "%s", proxyhost); + ftp_printf(fin, "%s", proxyhost); port = NULL; } else if (strchr(host, ':')) { /* @@ -747,10 +752,10 @@ noslash: errx(1, "Can't allocate memory."); if ((p = strchr(h, '%')) != NULL) *p = '\0'; - fprintf(fin, "[%s]", h); + ftp_printf(fin, "[%s]", h); free(h); } else - fprintf(fin, "%s", host); + ftp_printf(fin, "%s", host); /* * Send port number only if it's specified and does not equal @@ -759,15 +764,15 @@ noslash: */ #ifndef NOSSL if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) - fprintf(fin, ":%s", port); + ftp_printf(fin, ":%s", port); if (restart_point) - fprintf(fin, "\r\nRange: bytes=%lld-", + ftp_printf(fin, "\r\nRange: bytes=%lld-", (long long)restart_point); #else /* !NOSSL */ if (port && strcmp(port, "80") != 0) - fprintf(fin, ":%s", port); + ftp_printf(fin, ":%s", port); #endif /* !NOSSL */ - fprintf(fin, "\r\n%s%s\r\n\r\n", + ftp_printf(fin, "\r\n%s%s\r\n\r\n", buf ? buf : "", httpuseragent); } free(epath); @@ -1614,6 +1619,27 @@ ftp_readline(FILE *fp, size_t *lenp) return fparseln(fp, lenp, NULL, "\0\0\0", 0); } +#ifndef SMALL +static int +ftp_printf(FILE *fp, const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vfprintf(fp, fmt, ap); + va_end(ap); + + if (debug) { + va_start(ap, fmt); + vfprintf(ttyout, fmt, ap); + va_end(ap); + } + + return ret; +} +#endif /* !SMALL */ + static void ftp_close(FILE **fin, struct tls **tls, volatile int *fd) { -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE