summaryrefslogtreecommitdiffstats
path: root/lib/libfetch/common.c
Commit message (Collapse)AuthorAgeFilesLines
* MFH (r294326): fall back to standard / configured CA storedes2016-02-201-3/+10
| | | | | PR: 193871 Approved by: re (gjb)
* MFH (r280630): remove all traces of SSLv2 supportdes2016-01-161-4/+3
| | | | | | | | | | | MFH (r285141): remove unused variable MFH (r288217): correctly check return value from getaddrinfo(3) MFH (r289419): fix bugs in HTTPS tunnelling MFH (r289420): use fopen()'s "e" mode instead of fcntl for close-on-exec MFH (r291453, r291461): use .netrc for http servers and proxies MFH (r292330, r292332): reset bufpos to 0 after refilling in chunked mode PR: 194483 199801 193740 204771
* MFH (r273114, r273124): disable SSLv3 by default.des2015-01-121-3/+7
|
* MFC: r267131, r267132, r267133, r268493, r268671bapt2014-07-201-0/+3
| | | | | | | | | | Use NULL instead of 0 (Patch by Sascha Wildner <saw at online.de> for Dragonfly) Remove unnecessary semicolons (Patch by Sascha Wildner <saw at online.de> for Dragonfly) Add support for arbitrary http requests [1] Support EAGAIN in fetch_writev Submitted by: Alex Hornung <alex at alexhornung.com> [1] Reviewed by: des
* MFH (r266291): look for root certs in /usr/local firstdes2014-05-241-2/+8
|
* MFH (r260904): fix format stringdes2014-02-271-102/+46
| | | | | MFH (r261230, r261263): fix buffering issues MFH (r261284): bump copyright
* MFC r258347,r258349:bdrewery2013-11-291-0/+10
| | | | | | | | | | | | Support SNI in libfetch SNI is Server Name Indentification which is a protocol for TLS that indicates the host that is being connected to at the start of the handshake. It allows to use Virtual Hosts on HTTPS. PR: kern/183583 Approved by: bapt (implicit) Approved by: re (gjb)
* Implement certificate verification, and many other SSL-relateddes2013-07-261-11/+524
| | | | | | | | imrovements; complete details in the PR. PR: kern/175514 Submitted by: Michael Gmelin <freebsd@grem.de> MFC after: 1 week
* libfetch: Avoid SIGPIPE on network connections.jilles2012-05-281-0/+2
| | | | | | | | | | | | To avoid unexpected process termination from SIGPIPE when writing to a closed network connection, enable SO_NOSIGPIPE on all network connections. The POSIX standard MSG_NOSIGNAL is not used since it requires modifying all send calls to add this flag. This is particularly nasty for SSL connections. Reviewed by: des Tested by: bapt MFC after: 5 days
* Since the socket is non-blocking, it is necessary to use select(2) evendes2012-04-301-17/+13
| | | | | | | | | when there is no timeout, because read(2) will return immediately if there is no data waiting in the TCP buffer, causing fetch_read() to busy-loop on slow connections. MFC after: 3 weeks Noticed by: Yanhui Shen <shen.elf@gmail.com>
* Fix two nits in previous commit pointed out by pjd@.des2012-01-231-2/+1
| | | | MFC after: 3 weeks
* Fix two issues related to the use of SIGINFO in fetch(1) to displaydes2012-01-181-2/+56
| | | | | | | | | | | | | progress information. The first is that fetch_read() (used in the HTTP code but not the FTP code) can enter an infinite loop if it has previously been interrupted by a signal. The second is that when it is interrupted, fetch_read() will discard any data it may have read up to that point. Luckily, both bugs are extremely timing-sensitive and therefore difficult to trigger. PR: bin/153240 Submitted by: Mark <markjdb@gmail.com> MFC after: 3 weeks
* latin1 -> utf8des2011-10-191-1/+1
|
* Update copyright dates and strip my middle name.des2011-09-271-1/+1
|
* Mark all socket and file descriptors close-on-exec.des2011-05-131-0/+1
| | | | | PR: bin/151866 MFC after: 3 weeks
* Move variable declarations into the conditional block where they areemaste2010-10-241-1/+1
| | | | | | | used, to fix warning if WITH_SSL is not set. Submitted by: Sean Bruno MFC after: 1 week
* Redo fetch_read() using non-blocking sockets. This is necessary todes2010-07-281-20/+89
| | | | | | | | | avoid a hang in the SSL case if the server sends a close notification before we are done reading. In the non-SSL case, it can provide a minor (but probably not noticeable) performance improvement for small transfers. MFC after: 3 weeks
* PR: 139751fabient2009-10-211-1/+1
| | | | | | Approved by: des Obtained from: Xavier Heiny <xavier.heiny@netasq.com> MFC after: 3 weeks
* Fix one-byte buffer overflow: NUL gets written to the buffer, but isn'tcperciva2008-04-151-1/+1
| | | | | | | | | | | counted in the width specification in scanf. This is not a security problem, since this function is only used to parse a user's configuration file. Submitted by: Joerg Sonnenberger Obtained from: dragonflybsd MFC after: 1 week
* s/wait/delta/ to avoid namespace collision.des2008-03-201-16/+16
| | | | MFC after: 2 weeks
* Use memcpy(3) instead of the BSD-specific bcopy(3).des2008-02-081-1/+1
| | | | | Submitted by: Joerg Sonnenberger <joerg@britannica.bec.de> MFC after: 2 weeks
* As several people pointed out, I did all the ctype casts the wrongdes2007-12-191-2/+2
| | | | | | | way (not for the first time...) Noticed by: bde, ru ++ MFC after: 1 week
* Add support for the NO_PROXY / no_proxy environment variable as used bydes2007-12-181-0/+50
| | | | | | | | | lynx, curl etc. Note that this patch differs significantly from that in the PR, as the submitter refined it after submitting the PR. PR: 110388 Submitted by: Alexander Pohoyda <alexander.pohoyda@gmx.net> MFC after: 3 weeks
* Clean up namespace violations.des2007-12-141-50/+50
| | | | MFC after: 1 week
* Fix a memory leak: when freeing the connection structure, don't forget todes2005-02-161-0/+1
| | | | | | | free the connection buffer as well. PR: bin/76153 MFC after: 1 week
* Update copyright years.des2004-09-211-1/+1
|
* preparation for RFC3493. EAI_NODATA was deprecated.ume2003-10-231-0/+2
|
* Add and document support for a FETCH_BIND_ADDRESS environment variabledes2003-03-031-3/+32
| | | | | | specifying a local address to bind sockets to. Caveat: lightly tested. PR: bin/37572
* style(9): add parentheses to sizeof even when not strictly required.des2003-01-281-8/+8
| | | | MFC after: 3 days
* Fix signed/unsigned comparison warning/error from 'make release'jwd2003-01-281-4/+4
|
* Experimental support for .netrc.des2003-01-221-0/+91
|
* Set auto-retry mode to avoid some spurious errors.des2003-01-031-0/+1
| | | | | Submitted by: Andre Albsmeier <andre.albsmeier@siemens.com> MFC after: 7 days
* Fix a bug in fenner's _fetch_writev() patch (rev 1.36)des2002-10-301-1/+6
| | | | Submitted by: fenner
* Recommit the non-broken parts of 1.34 and 1.37.des2002-10-301-6/+11
| | | | Change the type and name of a variable introduced in 1.33.
* Reinstate revs 1.35-36 and 1.38. Revisions 1.34 and 1.37 were specificallyimp2002-10-301-12/+38
| | | | | | | | the root cause of the bus errors I was experiencing. Submitted by: fenner Tested by: obrien Prompted by: peter
* Fix `pkg_add -r' by backing out revs 1.34-1.38.obrien2002-10-291-52/+19
| | | | | Revs 1.37-8 produce a bus error in some environments. Revs 1.34-6 do not bus error, but write corrupted files.
* Fix an off-by-one error (> where >= should have been used) which causeddes2002-10-281-6/+5
| | | | | | | | | _fetch_writev() to incorrectly report EPIPE in certain cases. Also fix a number of const warnings by using __DECONST(), plus a signed / unsigned comparison by casting the rhs to ssize_t. Submitted by: fenner, Craig Rodrigues <rodrigc@attbi.com>
* Slight amendment to rev 1.34: instead of considering any short read andes2002-10-271-6/+8
| | | | | | error, only report an error if no data was read at all (unless len was 0 to start with). Otherwise, the final read of practically any transfer will end in a fatal error.
* Introduce _fetch_writev(), which is the conn_t version of writev(2). Indes2002-10-271-7/+34
| | | | | | | | | | | | | | the SSL case, it is no different from the old _fetch_write(), but in the non-SSL case it uses writev(2) to send the entire vector as a single packet (provided it can fit in one packet). Implement _fetch_write() and _fetch_putln() in terms of _fetch_writev(). This should improve performance in the non-SSL case (by reducing protocol overhead) and solve the problem where too-smart-for-their-own-good firewalls reject FTP packets that do not end in CRLF. PR: bin/44123 Submitted by: fenner
* Eliminate two cases of undefined behaviour: total in _fetch_write() wasdes2002-10-271-0/+1
| | | | | | | | not initialized before use, and _http_growbuf() did not return a value on success. Reported by: Peter Edwards <pmedwards@eircom.net> MFC after: 2 weeks
* Back out the previous commit, and fix the bug rather than try to hide itsdes2002-10-271-10/+18
| | | | | | | symptoms: make timeouts and short transfers fatal, and set errno to an appropriate value (ETIMEDOUT for a timeout, EPIPE for a short transfer). MFC after: 2 weeks
* Fix an infinite loop when _fetch_read() can return 0 (if thealfred2002-09-201-1/+5
| | | | | connection is broken), take this into account and return at this point.
* Make _fetch_connect() always set the error code.fenner2002-09-171-1/+3
| | | | Tell ftp that _fetch_connect() always sets the error code (http already knew)
* Reintroduce debugging code that somehow got lost in a previous revision.des2002-06-241-0/+2
|
* Add a reference count to struct fetchconn so we don't prematurely close anddes2002-06-111-0/+19
| | | | free a cached FTP connection.
* Make SSL support conditional on NOCRYPT.des2002-06-051-0/+11
|
* Add SSL support + slight cleanup.des2002-06-051-1/+49
| | | | Submitted by: Henry Whincup <henry@techiebod.com> (in principle)
* Wrap everything in struct connection, and enforce timeouts everywheredes2002-06-051-61/+130
| | | | | (except for DNS operations). Always use funopen() for HTTP, to support both timeouts and SSL.
* First step towards SSL support: wrap connections in a 'struct connection'des2002-06-051-24/+56
| | | | | | | | | | which contains the socket descriptor, the input buffer and (yet unused) SSL state variables. This has the neat side effect of greatly improving reentrance (though we're not *quite* there yet) and opening the door to HTTP connection caching. This commit is inspired by email conversations with and patches from Henry Whincup <henry@techiebod.com> last fall.
* Switch to a self-starting allocation scheme.des2002-02-051-10/+3
|
OpenPOWER on IntegriCloud