Re: CVS: cvs.openbsd.org: src

Tue, 09 Nov 2021 23:34:01 -0800 

On Wed, Nov 10, 2021 at 08:25:11AM +0100, Anton Lindqvist wrote:
> On Tue, Nov 09, 2021 at 05:14:35AM -0700, Klemens Nanni wrote:
> > CVSROOT:    /cvs
> > Module name:        src
> > Changes by: [email protected]    2021/11/09 05:14:35
> > 
> > Modified files:
> >     usr.bin/ftp    : fetch.c 
> > 
> > Log message:
> > Print actually requested URLs
> > 
> > Encoding URL paths changes the requested URL and therefore may yield
> > different responses (opposed to an unencoded URL), solely depending on how
> > the server implements de/encoding.
> > 
> > Always print the encoded URL which actually gets requested in output like
> > "Requesting ..." and erors likes "Error retrieving ....: 404 Not Found"
> > and don't use the original URL provided on the command line.
> > 
> > This matches exactly what is seen on the wire, e.g. with tshark(1) and
> > helps debugging URL de/encoding related (server) issues.
> > 
> > Feedback OK sthen
> 
> Autoinstall on my regress machine failed this morning. I suspect this is
> the offending commit but I don't have the time to try a revert right now.
> 
> There seem to be a change in behavior here as one of the
> fprintf("Requesting ") ended up behind `ifndef SMALL':
> 
> @@ -734,9 +748,9 @@ noslash:
>                             proxy_credentials);
>                 ftp_printf(fin, "\r\n");
>         } else {
> -               if (verbose)
> -                       fprintf(ttyout, "Requesting %s\n", origline);
>  #ifndef SMALL
> +               if (verbose)
> +                       fprintf(ttyout, "Requesting %s\n", eurl);
>                 if (resume || timestamp) {
>                         if (stat(savefile, &stbuf) == 0) {
>                                 if (resume)
> 
> Due to the above change, I suspect ending up taking the `$AI && exit 1'
> branch inside install_http() in install.sub:
> 
>       # In case of URL redirection, use the final location to retrieve the
>         # rest of the files from. Redirection does not change INSTALL_MIRROR.
>         _rurl_base=$(sed -n 's/^Requesting //p' $_ftp_stdout | sed '$!d')
>         _rurl_base=${_rurl_base%/SHA256.sig*}

Yup, that was an oversight, sorry for that.
I backed it out.

>         # Verify SHA256.sig, write SHA256 and extract the list of files.
>         if unpriv -f $_sha \
>                 signify -Vep $PUB_KEY -x $_sig -m $_sha >/dev/null 2>&1; then
>                 _file_list="$(sed -n 's/^SHA256 (\(.*\)).*$/\1/p' $_sha)"
>                 _file_list="SHA256.sig $_file_list"
>         else
>                 echo "Unable to get a verified list of distribution sets."
>                 # Deny this server, if it's a mirror without a valid 
> SHA256.sig.
>                 if [[ ${_rurl_base%/$HTTP_SETDIR} == 
> "$_http_proto://$INSTALL_MIRROR" ]]; then
>                         $AI && exit 1 || return
>                 fi
>         fi

Reply via email to