projects
/
apt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY UPDATE for CVE-2014-{0488,0487,0489}
[apt.git]
/
methods
/
ftp.cc
diff --git
a/methods/ftp.cc
b/methods/ftp.cc
index 3e1725823d9a16e98b20adcfe73434723d79cbde..66787a7bea661808f147804ea020426cc2690b5a 100644
(file)
--- a/
methods/ftp.cc
+++ b/
methods/ftp.cc
@@
-3,7
+3,7
@@
// $Id: ftp.cc,v 1.31.2.1 2004/01/16 18:58:50 mdz Exp $
/* ######################################################################
// $Id: ftp.cc,v 1.31.2.1 2004/01/16 18:58:50 mdz Exp $
/* ######################################################################
- FTP A
quire Method - This is the FTP a
quire method for APT.
+ FTP A
cquire Method - This is the FTP ac
quire method for APT.
This is a very simple implementation that does not try to optimize
at all. Commands are sent syncronously with the FTP server (as the
This is a very simple implementation that does not try to optimize
at all. Commands are sent syncronously with the FTP server (as the
@@
-15,22
+15,27
@@
##################################################################### */
/*}}}*/
// Include Files /*{{{*/
##################################################################### */
/*}}}*/
// Include Files /*{{{*/
+#include <config.h>
+
#include <apt-pkg/fileutl.h>
#include <apt-pkg/acquire-method.h>
#include <apt-pkg/error.h>
#include <apt-pkg/hashes.h>
#include <apt-pkg/netrc.h>
#include <apt-pkg/fileutl.h>
#include <apt-pkg/acquire-method.h>
#include <apt-pkg/error.h>
#include <apt-pkg/hashes.h>
#include <apt-pkg/netrc.h>
+#include <apt-pkg/configuration.h>
+#include <apt-pkg/strutl.h>
+#include <ctype.h>
+#include <stdlib.h>
+#include <string.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/time.h>
-#include <utime.h>
#include <unistd.h>
#include <signal.h>
#include <stdio.h>
#include <errno.h>
#include <stdarg.h>
#include <iostream>
#include <unistd.h>
#include <signal.h>
#include <stdio.h>
#include <errno.h>
#include <stdarg.h>
#include <iostream>
-#include <apti18n.h>
// Internet stuff
#include <netinet/in.h>
// Internet stuff
#include <netinet/in.h>
@@
-41,6
+46,8
@@
#include "rfc2553emu.h"
#include "connect.h"
#include "ftp.h"
#include "rfc2553emu.h"
#include "connect.h"
#include "ftp.h"
+
+#include <apti18n.h>
/*}}}*/
using namespace std;
/*}}}*/
using namespace std;
@@
-54,9
+61,9
@@
struct AFMap
};
#ifndef AF_INET6
};
#ifndef AF_INET6
-struct AFMap AFMap[] = {{AF_INET,1},{}};
+struct AFMap AFMap[] = {{AF_INET,1},{
0, 0
}};
#else
#else
-struct AFMap AFMap[] = {{AF_INET,1},{AF_INET6,2},{}};
+struct AFMap AFMap[] = {{AF_INET,1},{AF_INET6,2},{
0, 0
}};
#endif
unsigned long TimeOut = 120;
#endif
unsigned long TimeOut = 120;
@@
-69,10
+76,12
@@
time_t FtpMethod::FailTime = 0;
// ---------------------------------------------------------------------
/* */
FTPConn::FTPConn(URI Srv) : Len(0), ServerFd(-1), DataFd(-1),
// ---------------------------------------------------------------------
/* */
FTPConn::FTPConn(URI Srv) : Len(0), ServerFd(-1), DataFd(-1),
- DataListenFd(-1), ServerName(Srv)
+ DataListenFd(-1), ServerName(Srv),
+ ForceExtended(false), TryPassive(true)
{
Debug = _config->FindB("Debug::Acquire::Ftp",false);
PasvAddr = 0;
{
Debug = _config->FindB("Debug::Acquire::Ftp",false);
PasvAddr = 0;
+ Buffer[0] = '\0';
}
/*}}}*/
// FTPConn::~FTPConn - Destructor /*{{{*/
}
/*}}}*/
// FTPConn::~FTPConn - Destructor /*{{{*/
@@
-431,6
+440,7
@@
bool FTPConn::WriteMsg(unsigned int &Ret,string &Text,const char *Fmt,...)
char S[400];
vsnprintf(S,sizeof(S) - 4,Fmt,args);
strcat(S,"\r\n");
char S[400];
vsnprintf(S,sizeof(S) - 4,Fmt,args);
strcat(S,"\r\n");
+ va_end(args);
if (Debug == true)
cerr << "-> '" << QuoteString(S,"") << "'" << endl;
if (Debug == true)
cerr << "-> '" << QuoteString(S,"") << "'" << endl;
@@
-559,7
+569,7
@@
bool FTPConn::ExtGoPasv()
string::const_iterator List[4];
unsigned Count = 0;
Pos++;
string::const_iterator List[4];
unsigned Count = 0;
Pos++;
- for (string::const_iterator I = Msg.begin() + Pos; I < Msg.end();
I++
)
+ for (string::const_iterator I = Msg.begin() + Pos; I < Msg.end();
++I
)
{
if (*I != Msg[Pos])
continue;
{
if (*I != Msg[Pos])
continue;
@@
-617,8
+627,7
@@
bool FTPConn::ExtGoPasv()
}
// Get a new passive address.
}
// Get a new passive address.
- int Res;
- if ((Res = getaddrinfo(IP.c_str(),PStr,&Hints,&PasvAddr)) != 0)
+ if (getaddrinfo(IP.c_str(),PStr,&Hints,&PasvAddr) != 0)
return true;
return true;
return true;
return true;
@@
-627,7
+636,7
@@
bool FTPConn::ExtGoPasv()
// FTPConn::Size - Return the size of a file /*{{{*/
// ---------------------------------------------------------------------
/* Grab the file size from the server, 0 means no size or empty file */
// FTPConn::Size - Return the size of a file /*{{{*/
// ---------------------------------------------------------------------
/* Grab the file size from the server, 0 means no size or empty file */
-bool FTPConn::Size(const char *Path,unsigned long &Size)
+bool FTPConn::Size(const char *Path,unsigned long
long
&Size)
{
// Query the size
unsigned int Tag;
{
// Query the size
unsigned int Tag;
@@
-637,7
+646,7
@@
bool FTPConn::Size(const char *Path,unsigned long &Size)
return false;
char *End;
return false;
char *End;
- Size = strtol(Msg.c_str(),&End,10);
+ Size = strto
ul
l(Msg.c_str(),&End,10);
if (Tag >= 400 || End == Msg.c_str())
Size = 0;
return true;
if (Tag >= 400 || End == Msg.c_str())
Size = 0;
return true;
@@
-661,8
+670,7
@@
bool FTPConn::ModTime(const char *Path, time_t &Time)
return true;
// Parse it
return true;
// Parse it
- StrToTime(Msg,Time);
- return true;
+ return FTPMDTMStrToTime(Msg.c_str(), Time);
}
/*}}}*/
// FTPConn::CreateDataFd - Get a data connection /*{{{*/
}
/*}}}*/
// FTPConn::CreateDataFd - Get a data connection /*{{{*/
@@
-717,14
+725,13
@@
bool FTPConn::CreateDataFd()
DataListenFd = -1;
// Get the information for a listening socket.
DataListenFd = -1;
// Get the information for a listening socket.
- struct addrinfo *BindAddr =
0
;
+ struct addrinfo *BindAddr =
NULL
;
struct addrinfo Hints;
memset(&Hints,0,sizeof(Hints));
Hints.ai_socktype = SOCK_STREAM;
Hints.ai_flags |= AI_PASSIVE;
Hints.ai_family = ((struct sockaddr *)&ServerAddr)->sa_family;
struct addrinfo Hints;
memset(&Hints,0,sizeof(Hints));
Hints.ai_socktype = SOCK_STREAM;
Hints.ai_flags |= AI_PASSIVE;
Hints.ai_family = ((struct sockaddr *)&ServerAddr)->sa_family;
- int Res;
- if ((Res = getaddrinfo(0,"0",&Hints,&BindAddr)) != 0)
+ if (getaddrinfo(0,"0",&Hints,&BindAddr) != 0 || BindAddr == NULL)
return _error->Error(_("getaddrinfo was unable to get a listening socket"));
// Construct the socket
return _error->Error(_("getaddrinfo was unable to get a listening socket"));
// Construct the socket
@@
-840,7
+847,7
@@
bool FTPConn::Finalize()
// ---------------------------------------------------------------------
/* This opens a data connection, sends REST and RETR and then
transfers the file over. */
// ---------------------------------------------------------------------
/* This opens a data connection, sends REST and RETR and then
transfers the file over. */
-bool FTPConn::Get(const char *Path,FileFd &To,unsigned long Resume,
+bool FTPConn::Get(const char *Path,FileFd &To,unsigned long
long
Resume,
Hashes &Hash,bool &Missing)
{
Missing = false;
Hashes &Hash,bool &Missing)
{
Missing = false;
@@
-865,7
+872,7
@@
bool FTPConn::Get(const char *Path,FileFd &To,unsigned long Resume,
if (Resume != 0)
{
if (Resume != 0)
{
- if (Hash.AddFD(To
.Fd()
,Resume) == false)
+ if (Hash.AddFD(To,Resume) == false)
{
_error->Errno("read",_("Problem hashing file"));
return false;
{
_error->Errno("read",_("Problem hashing file"));
return false;
@@
-944,20
+951,22
@@
FtpMethod::FtpMethod() : pkgAcqMethod("1.0",SendConfig)
/*}}}*/
// FtpMethod::SigTerm - Handle a fatal signal /*{{{*/
// ---------------------------------------------------------------------
/*}}}*/
// FtpMethod::SigTerm - Handle a fatal signal /*{{{*/
// ---------------------------------------------------------------------
-/* This closes and timestamps the open file. This is nec
cessary to get
+/* This closes and timestamps the open file. This is nec
essary to get
resume behavoir on user abort */
void FtpMethod::SigTerm(int)
{
if (FailFd == -1)
_exit(100);
resume behavoir on user abort */
void FtpMethod::SigTerm(int)
{
if (FailFd == -1)
_exit(100);
- close(FailFd);
-
+
// Timestamp
// Timestamp
- struct utimbuf UBuf;
- UBuf.actime = FailTime;
- UBuf.modtime = FailTime;
- utime(FailFile.c_str(),&UBuf);
-
+ struct timeval times[2];
+ times[0].tv_sec = FailTime;
+ times[1].tv_sec = FailTime;
+ times[0].tv_usec = times[1].tv_usec = 0;
+ utimes(FailFile.c_str(), times);
+
+ close(FailFd);
+
_exit(100);
}
/*}}}*/
_exit(100);
}
/*}}}*/
@@
-1003,7
+1012,7
@@
bool FtpMethod::Fetch(FetchItem *Itm)
// Get the files information
Status(_("Query"));
// Get the files information
Status(_("Query"));
- unsigned long Size;
+ unsigned long
long
Size;
if (Server->Size(File,Size) == false ||
Server->ModTime(File,FailTime) == false)
{
if (Server->Size(File,Size) == false ||
Server->ModTime(File,FailTime) == false)
{
@@
-1025,7
+1034,7
@@
bool FtpMethod::Fetch(FetchItem *Itm)
struct stat Buf;
if (stat(Itm->DestFile.c_str(),&Buf) == 0)
{
struct stat Buf;
if (stat(Itm->DestFile.c_str(),&Buf) == 0)
{
- if (Size == (unsigned)Buf.st_size && FailTime == Buf.st_mtime)
+ if (Size == (unsigned
long long
)Buf.st_size && FailTime == Buf.st_mtime)
{
Res.Size = Buf.st_size;
Res.LastModified = Buf.st_mtime;
{
Res.Size = Buf.st_size;
Res.LastModified = Buf.st_mtime;
@@
-1035,7
+1044,7
@@
bool FtpMethod::Fetch(FetchItem *Itm)
}
// Resume?
}
// Resume?
- if (FailTime == Buf.st_mtime && Size > (unsigned)Buf.st_size)
+ if (FailTime == Buf.st_mtime && Size > (unsigned
long long
)Buf.st_size)
Res.ResumePoint = Buf.st_size;
}
Res.ResumePoint = Buf.st_size;
}
@@
-1056,13
+1065,14
@@
bool FtpMethod::Fetch(FetchItem *Itm)
if (Server->Get(File,Fd,Res.ResumePoint,Hash,Missing) == false)
{
Fd.Close();
if (Server->Get(File,Fd,Res.ResumePoint,Hash,Missing) == false)
{
Fd.Close();
-
+
// Timestamp
// Timestamp
- struct utimbuf UBuf;
- UBuf.actime = FailTime;
- UBuf.modtime = FailTime;
- utime(FailFile.c_str(),&UBuf);
-
+ struct timeval times[2];
+ times[0].tv_sec = FailTime;
+ times[1].tv_sec = FailTime;
+ times[0].tv_usec = times[1].tv_usec = 0;
+ utimes(FailFile.c_str(), times);
+
// If the file is missing we hard fail and delete the destfile
// otherwise transient fail
if (Missing == true) {
// If the file is missing we hard fail and delete the destfile
// otherwise transient fail
if (Missing == true) {
@@
-1074,25
+1084,26
@@
bool FtpMethod::Fetch(FetchItem *Itm)
}
Res.Size = Fd.Size();
}
Res.Size = Fd.Size();
+
+ // Timestamp
+ struct timeval times[2];
+ times[0].tv_sec = FailTime;
+ times[1].tv_sec = FailTime;
+ times[0].tv_usec = times[1].tv_usec = 0;
+ utimes(Fd.Name().c_str(), times);
+ FailFd = -1;
}
}
-
+
Res.LastModified = FailTime;
Res.TakeHashes(Hash);
Res.LastModified = FailTime;
Res.TakeHashes(Hash);
-
- // Timestamp
- struct utimbuf UBuf;
- UBuf.actime = FailTime;
- UBuf.modtime = FailTime;
- utime(Queue->DestFile.c_str(),&UBuf);
- FailFd = -1;
URIDone(Res);
URIDone(Res);
-
+
return true;
}
/*}}}*/
return true;
}
/*}}}*/
-int main(int
argc,
const char *argv[])
+int main(int
,
const char *argv[])
{
setlocale(LC_ALL, "");
{
setlocale(LC_ALL, "");