diff options
author | lukem <lukem@pkgsrc.org> | 2005-06-10 04:52:08 +0000 |
---|---|---|
committer | lukem <lukem@pkgsrc.org> | 2005-06-10 04:52:08 +0000 |
commit | b70505434d71e95c4b2c6254fe3054fa841bba6a (patch) | |
tree | b4d3e6d4bbf45f16b73092da942338af18b4ec7c /pkglocate | |
parent | c13b0c970974dbe00eded44979d858a0628511c6 (diff) | |
download | pkgsrc-b70505434d71e95c4b2c6254fe3054fa841bba6a.tar.gz |
Import tnftp 20050610.
Security-related bug fixes:
* Convert to use getline() instead of fgets() whenever reading user input to
ensure that an overly long input line doesn't leave excess characters for
the next input operation to accidentally use as input.
* Zero out the password & account after we've finished with it.
* Consistently use getpass(3) (i.e, character echo suppressed) when reading
the account data. For some reason, historically the "login" code
suppressed echo for Account: yet the "user" command did not!
* Improve method used in fileindir() to determine if `file' is in or under
`dir': realpath(3) on non-NetBSD systems may fail if the target filename
doesn't exist, so instead use realpath(3) on the parent directory of `file'.
(The previous code was over-aggressive in preventing transfers on systems
with a realpath(3) that had different semantics to NetBSD.)
Bug fixes:
* Display the hostname in the "getaddrinfo failed" warning.
* Only print the "Trying <address>..." message if verbose and there's more
than one struct addrinfo in the getaddrinfo() result.
* formatbuf(): fix %m and %M to use the hostname, not the username.
* fetch_ftp(): preserve 'anonftp' across a disconnect() so that multiple ftp
auto-fetches on the same command line login automatically.
* Improve bounds checking.
* Update various copyright notices.
Portability fixes:
* Look for dirname(3), which may be in -lgen on IRIX, and replace it if not
found.
* Don't use non-standard: u_char, u_short, u_int, or uint.
* Use uint32_t instead of u_int32_t.
* Don't use register.
* Helps if the definition of xconnect() matches its declaration....
* Fix some cast issues highlighted by gcc 4 on OSX.4
* Use size_t instead of int where appropriate.
* Make this compile on sparc64 (size_t != int).
* Printf field widths and size_t don't always mix well, so cast to int.
Fixes build problem for alpha.
* auto_fetch(): use an initialized volatile int to appease IRIX cc.
* Don't abuse unconstify'ing a string and writing to it, because you'll core
dump. Also remove extra const that gives pain to the irix compiler.
* Make sure we flush after we prepare when we are unbuffered otherwise the
prompt will not appear immediately.
* Terminate the arglist with a NULL instead of 0. (Shuts up gcc4.x)
* Use malloc(3) instead of alloca(3).
* Include "src/progressbar.h" for xsignal_restart() prototype.
* Ensure that fallback #define of __attribute__ is available.
Fixes build problem on HP-UX with cc.
* Pull in <poll.h> or <sys/poll.h> if they exist even if we're not using poll,
as struct pollfd might exist in those. Fixes build problem on OSX.3.
* Use NS_INADDRSZ, NS_IN6ADDRSZ and NS_INT16SZ instead of
equivalents without NS_ prefix.
* Use socklen_t instead of size_t where appropriate.
* Separate CPPFLAGS from CFLAGS.
* Use "long long" instead of "quad" in various comments & constants.
* Prefer poll over select when implementing replacement usleep().
Diffstat (limited to 'pkglocate')
0 files changed, 0 insertions, 0 deletions