Home | History | Annotate | Download | only in ftp
History log of /src/usr.bin/ftp/Makefile
RevisionDateAuthorComments
 1.44  19-Oct-2025  riastradh openssl: Stop dragging libpthread into every libcrypto user.

With the new _NETBSD_PTHREAD_CREATE_WEAK, libcrypto can have a call
to pthread_create without linking against libpthread, so it is not
necessary to link all libcrypto users against libpthread too.

Applications that link against libcrypto but not libpthread can't use
threaded OpenSSL functionality, of course -- OSSL_set_max_threads
will always fail in such applications.

This reverts all the makefile churn that I found for unnecessary
libpthread linkage since the openssl 3.5 import.

PR lib/59685: libcrypto should not depend on libpthread
 1.43  24-Sep-2025  mrg m68* triggers a bad-maybe clobbered warning, avoid it.

ftp.c:779:23: error: variable 'rc' might be clobbered by 'longjmp' or 'vfork' [-Werror=clobbered]
779 | off_t rc;
| ^~
 1.42  20-Sep-2025  mrg sun2 and GCC 14 gets a maybe clobbered wrong here, i think.
 1.41  19-Jul-2025  christos crypto needs threads
 1.40  03-Jun-2023  lukem branches: 1.40.2;
bsd.own.mk: rename GCC_NO_* to CC_WNO_*

Rename compiler-warning-disable variables from
GCC_NO_warning
to
CC_WNO_warning
where warning is the full warning name as used by the compiler.

GCC_NO_IMPLICIT_FALLTHRU is CC_WNO_IMPLICIT_FALLTHROUGH

Using the convention CC_compilerflag, where compilerflag
is based on the full compiler flag name.
 1.39  03-Jun-2021  lukem use fetch_*() for I/O with SMALLPROG / !WITH_SSL builds

Adapt the SMALLPROG / -UWITH_SSL build to also use the fetch_*()
methods from ssl.c, instead of using stdio, as stdio isn't robust
when using interruptable signals.

Disable ssl-specific support in the fetch_*() methods if WITH_SSL
isn't defined, so SMALLPROG still doesn't have ssl support (as expected).

The resulting SMALLPROG binary is slightly larger than before
(e.g., 157KiB vs 153KiB on amd64).

Set version to 20210603 for this fix and the SO_KEEPALIVE fix for PR 56129.

PR install/56219
 1.38  06-Sep-2020  mrg branches: 1.38.4;
add support for new GCC 9 warnings that may be too much to fix
right now. new address-of-packed-member and format-overflow
warnings have new GCC_NO_ADDR_OF_PACKED_MEMBER amd
GCC_NO_FORMAT_OVERFLOW variables to remove these warnings.

apply to a bunch of the tree. mostly, these are real bugs that
should be fixed, but in many cases, only by removing the 'packed'
attribute from some structure that doesn't really need it. (i
looked at many different ones, and while perhaps 60-80% were
already properly aligned, it wasn't clear to me that the uses
were always coming from sane data vs network alignment, so it
doesn't seem safe to remove packed without careful research for
each affect struct.) clang already warned (and was not erroring)
for many of these cases, but gcc picked up dozens more.
 1.37  21-May-2017  riastradh branches: 1.37.2; 1.37.12;
Remove MKCRYPTO option.

Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export. The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.

In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated. I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.

The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.

My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.

As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:

https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.html
https://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.html
https://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html

P.S. Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet... That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.
 1.36  21-Dec-2012  christos PR/47276: Add https support
 1.35  14-Aug-2011  christos branches: 1.35.2; 1.35.4; 1.35.8;
fix gcc-4.5 warnings
 1.34  22-Jun-2011  mrg apply some -Wno-error and/or -fno-strict-aliasing.


all of this should be looked at closer, but some of them are not
very trivial.
 1.33  03-Feb-2010  roy Userland now builds and uses terminfo instead of termcap.

OK: core@, jdc@
 1.32  28-May-2007  tls Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry. RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros. Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default. Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
 1.31  29-Jun-2005  christos Add NO_USAGE and NO_DEBUG so that we can fit in the floppies again.
 1.30  11-Feb-2005  jmc branches: 1.30.2;
As dsl points out, sysinst uses the progress bar so put it back on SMALLPROG
 1.29  10-Feb-2005  jmc Add NO_PROGRESS for -DSMALL
 1.28  10-Jan-2005  lukem Only compile in IPv6 support if ${USE_INET6} != "no"

MKINET6 is for providing IPv6 infrastructure.
USE_INET6 is for compiling IPv6 support into the programs (needs MKINET6).
 1.27  06-Jun-2004  christos Save approximately 8K by not including http authentication, extended status
messages and help strings when the appropriate options are set.
 1.26  21-Jan-2003  jhawk Abstract out progress bar support into progressbar.[ch], for inclusion
in external programs (conditionalized on -DSTANDALONE_PROGRESS).

The following moved from util.c to progressbar.c:
alarmtimer(), progressmeter(), psummary(), ptransfer(),
xsignal(), xsignal_restart()

The following moved from extern.h and ftp_var.h to progressbar.h:
STALLTIME, verbose, fromatty, progress, quit_time, ttywidth
 1.25  30-Nov-2002  lukem tweaks for fparseln(3) move from libutil to libc:
- remove #include <util.h> if nothing else needed it
- remove LDFLAGS+=-lutil if nothing else needed it
 1.24  17-Oct-2002  lukem - if SMALLPROG is defined, add -DNO_EDITCOMPLETE -DNO_ABOUT,
and don't bother linking with -ledit -ltermcap
- if SMALLPROG is not defined or SMALLPROG_INET6 is defined, add -DINET6
 1.23  12-Dec-1999  lukem branches: 1.23.6;
add dependency on version.h
 1.22  01-Oct-1999  lukem simple dependancy so addition of global vars to ftp_var.h is detected for main.c
 1.21  26-Sep-1999  lukem * replace ifdefs against __SVR4 and __linux__ with DIRENT_MISSING_D_NAMLEN;
it's more portable and more obvious
* remove the mkgmtime() && HAVE_TIMEGM stuff:
a) why should netbsd have to define HAVE_TIMEGM to compile cleanly?
b) foreign compiles of ftp should just be linked with working
timegm function

a more portable version of this ftp client will be released as a 3rdparty
product; no use polluting our code with half-baked attempts...
 1.20  02-Jul-1999  itojun branches: 1.20.2;
add dual-stack (IPv4/v6) support. hope I broke no other part...
 1.19  16-Apr-1999  lukem revert previous (creation of /usr/bin/pftp link);
* $FTPMODE is the documented way in ftp(1) to force passive, active,
gate-ftp, or autodetect.
* AFAIK, we haven't shipped any previous release with pftp in /usr/bin
* no link was made for gate-ftp (and i don't think that makes sense in
/usr/bin either)
* even though the link isn't made, the support for pftp, gate-ftp, and
the `-p' flag should remain since people may depend on having their
own link (e.g, ~/bin/pftp -> /usr/bin/ftp) or aliases which use
these things. it doesn't hurt to leave argv[0] checking in ftp's main().
 1.18  15-Apr-1999  mcr added LINKS= to make /usr/bin/pftp
 1.17  18-Nov-1998  itohy Temporary fix of UTC -> time_t conversion:
1. changed to use timegm(3) on NetBSD and
2. supply alternative code for other Unix-like OSs
(NetBSD ftp shall be portable for some reasons :-).

This fix closes PR #6448.

NOTE: This should be fixed again if a portable UTC to time_t
conversion method is specified in some standards.
 1.16  22-Jul-1998  lukem * send 'Connection: close' in HTTP/1.1 headers, preventing the
remove server from using a persistent connection, which speeds
up such requests.
* support http 301 and 302 redirects
* rewrite guts of url_get() to use fparseln() et al instead of
read(s,&p,1)... enables each in the header to be parsed
as necessary
* rename login to ftp_login, to remove conflict with util.h::login
* cleanup verbose messages during http proxy requests
 1.15  18-Oct-1997  lukem branches: 1.15.2;
don't define WARNS=1 here
 1.14  14-Oct-1997  christos Change CFLAGS to CPPFLAGS
 1.13  18-Aug-1997  lukem bugs fixed:
* don't interpret '-' or '|' when a local filename is determined from
the remote name (i.e, in mget, and in get with only one argument).
This is implemented using an extra argument to recvrequest().
Fixes a major security hole.
* clean up memory leak when using globulize()
* clean up a couple of comments
* fix wording in TNF copyright

features added:
* support for TIS fwtk gate-ftp servers:
* read defaults from $FTPSERVER && $FTPSERVERPORT
* start in gate-ftp mode if invoked as 'gate-ftp'
* toggle or set with 'gate [host [port]]'
 1.12  20-Jul-1997  lukem * use RCSID() && COPYRIGHT() macros
* cleanup for WARNS=1 (including some ugly '(void)&var' bits wrapped in
#ifdef __GNUC__ to shut up gcc warnings WRT setjmp/longjmp)
* use strtol() instead of atoi(), and more extensively check result of
conversion
* use u_int16_t instead of short or int for TCP port addresses
 1.11  24-Mar-1997  christos - Makefile cleanups
 1.10  14-Mar-1997  christos SMALLFTP->SMALL; remove SMALL from Makefile
 1.9  13-Mar-1997  christos Deal with SMALLFTP a bit differently [by compiling complete.c]
 1.8  19-Jan-1997  lukem New features:
* Command line editing via editline(3) library.
* Context sensitive command and file completion, including remote files.

Enhancements to auto-fetch feature:
* Support for http:// URLs using the http protocol, including proxy HTTP
support via $htty_proxy if it's defined.
* The connection is kept open between successive files on the same host.
(obviously, this does not count for http requests.)
* Return value of ftp is 0 on no error, or the offset in argv[] of the file
which failed (i.e., argv[x] failed, ftp returns x).
* If the path in an ftp URL or classic format line has a trailing '/',
cd to the path and enter interactive mode. Fixes [bin/3011], albiet
requiring the user to help ftp in determining the operation.

Other changes:
* '-P port' works for normal ftp, and is the default for all classic style
auto-fetch transfers and for ftp URLs that don't specify the port.
(previously it would just work for the first xfer.)
* Some code moved into separated files along logical divisions.
* Editing and completion can be compiled out with -DSMALLFTP.
 1.7  09-Jan-1997  tls RCS ID police
 1.6  22-Nov-1995  cgd add -Dunix to CFLAGS
 1.5  08-Sep-1995  tls Sync with 4.4lite2
 1.4  29-Aug-1994  mycroft branches: 1.4.2;
Add RCS ids.
 1.3  25-Aug-1994  cgd clean up import, no local changes.
 1.2  31-Jul-1993  mycroft Add RCS indentifiers.
 1.1  21-Mar-1993  cgd branches: 1.1.1; 1.1.2;
Initial revision
 1.1.2.1  25-Aug-1994  cgd import from 4.4-Lite
 1.1.1.2  05-Sep-1995  tls imported from 44lite2
 1.1.1.1  21-Mar-1993  cgd initial import of 386bsd-0.1 sources
 1.4.2.2  29-Aug-1994  mycroft Add RCS ids.
 1.4.2.1  29-Aug-1994  mycroft file Makefile was added on branch netbsd-1-0 on 1994-08-29 03:09:06 +0000
 1.15.2.2  23-Nov-1998  cgd pull up rev 1.17 from trunk (itohy)
 1.15.2.1  10-Nov-1998  cgd pull up rev(s) 1.16 from trunk and patch to work on 1.3 branch. (feyrer)
 1.20.2.1  27-Dec-1999  wrstuden Pull up to last week's -current.
 1.23.6.1  10-Feb-2003  jmc Pullup rev 1.26 (requested by grant in ticket #1115)
Separate progress reporting into a utility set of routines. Use
these to provide a standalone progress binary and integrate support
for this into sysinst.
 1.30.2.1  24-Jul-2005  tron Pull up revision 1.31 (requested by lukem in ticket #606):
Add NO_USAGE and NO_DEBUG so that we can fit in the floppies again.
 1.35.8.1  25-Feb-2013  tls resync with head
 1.35.4.1  17-Dec-2013  bouyer Apply patch, requested by tron in ticket #997:
usr.bin/ftp/Makefile patch
usr.bin/ftp/cmds.c patch
usr.bin/ftp/cmdtab.c patch
usr.bin/ftp/extern.h patch
usr.bin/ftp/fetch.c patch
usr.bin/ftp/ftp.1 patch
usr.bin/ftp/ftp.c patch
usr.bin/ftp/ftp_var.h patch
usr.bin/ftp/main.c patch
usr.bin/ftp/progressbar.c patch
usr.bin/ftp/ssl.c patch
usr.bin/ftp/ssl.h patch
usr.bin/ftp/util.c patch
usr.bin/ftp/version.h patch

Add HTTPS support to ftp(1).
 1.35.2.1  23-Jan-2013  yamt sync with head
 1.37.12.4  12-Sep-2022  martin Catch up to current, requested by christos in ticket #1523

usr.bin/ftp/Makefile up to 1.39
usr.bin/ftp/fetch.c up to 1.235
usr.bin/ftp/ftp.1 up to 1.147
usr.bin/ftp/ftp_var.h up to 1.86
usr.bin/ftp/main.c up to 1.128
usr.bin/ftp/ssl.c up to 1.12
usr.bin/ftp/util.c up to 1.164
usr.bin/ftp/version.h up to 1.94

PR 57003: Support relative redirects.
 1.37.12.3  12-Sep-2022  martin Back out ticket #1523 for now - trust anchor validation is not solved.
 1.37.12.2  12-Sep-2022  martin Catch up to current, requested by christos in ticket #1523

usr.bin/ftp/Makefile up to 1.39
usr.bin/ftp/fetch.c up to 1.235
usr.bin/ftp/ftp.1 up to 1.147
usr.bin/ftp/ftp_var.h up to 1.86
usr.bin/ftp/main.c up to 1.128
usr.bin/ftp/ssl.c up to 1.11
usr.bin/ftp/util.c up to 1.164
usr.bin/ftp/version.h up to 1.94

PR 57003: Support relative redirects.
 1.37.12.1  14-Jun-2021  martin Pull up following revision(s) (requested by lukem in ticket #1295):

usr.bin/ftp/ssl.c: revision 1.10
usr.bin/ftp/ssl.h: revision 1.5
usr.bin/ftp/version.h: revision 1.93
usr.bin/ftp/Makefile: revision 1.39

use fetch_*() for I/O with SMALLPROG / !WITH_SSL builds

Adapt the SMALLPROG / -UWITH_SSL build to also use the fetch_*()
methods from ssl.c, instead of using stdio, as stdio isn't robust
when using interruptable signals.

Disable ssl-specific support in the fetch_*() methods if WITH_SSL
isn't defined, so SMALLPROG still doesn't have ssl support (as expected).

The resulting SMALLPROG binary is slightly larger than before
(e.g., 157KiB vs 153KiB on amd64).

Set version to 20210603 for this fix and the SO_KEEPALIVE fix for PR 56129.

PR install/56219
 1.37.2.3  12-Sep-2022  martin Catch up to current, requested by christos in ticket #1763:

usr.bin/ftp/Makefile up to 1.39
usr.bin/ftp/cmds.c up to 1.141
usr.bin/ftp/complete.c up to 1.47
usr.bin/ftp/domacro.c up to 1.23
usr.bin/ftp/extern.h up to 1.82
usr.bin/ftp/fetch.c up to 1.235
usr.bin/ftp/ftp.1 up to 1.147
usr.bin/ftp/ftp.c up to 1.174
usr.bin/ftp/ftp_var.h up to 1.86
usr.bin/ftp/main.c up to 1.128
usr.bin/ftp/progressbar.c up to 1.24
usr.bin/ftp/progressbar.h up to 1.9
usr.bin/ftp/ssl.c up to 1.12
usr.bin/ftp/ssl.h up to 1.5
usr.bin/ftp/util.c up to 1.164
usr.bin/ftp/version.h up to 1.94

ftp(1): validate address from PASV and LPSV response.
ftp(1): use raw write(2) instead of fwrite(3) to avoid stream
corruption because of the progress bar interrupts.
Fixes for PR 56219 and PR 55857.
PR 57003: Support relative redirects.
 1.37.2.2  12-Sep-2022  martin Backout ticket #1763 for now - trust anchors are not solved.
 1.37.2.1  12-Sep-2022  martin Catch up to current, requested by christos in ticket #1763:

usr.bin/ftp/Makefile up to 1.39
usr.bin/ftp/cmds.c up to 1.141
usr.bin/ftp/complete.c up to 1.47
usr.bin/ftp/domacro.c up to 1.23
usr.bin/ftp/extern.h up to 1.82
usr.bin/ftp/fetch.c up to 1.235
usr.bin/ftp/ftp.1 up to 1.147
usr.bin/ftp/ftp.c up to 1.174
usr.bin/ftp/ftp_var.h up to 1.86
usr.bin/ftp/main.c up to 1.128
usr.bin/ftp/progressbar.c up to 1.24
usr.bin/ftp/progressbar.h up to 1.9
usr.bin/ftp/ssl.c up to 1.11
usr.bin/ftp/ssl.h up to 1.5
usr.bin/ftp/util.c up to 1.164
usr.bin/ftp/version.h up to 1.94

ftp(1): validate address from PASV and LPSV response.
ftp(1): use raw write(2) instead of fwrite(3) to avoid stream
corruption because of the progress bar interrupts.
Fixes for PR 56219 and PR 55857.
PR 57003: Support relative redirects.
 1.38.4.1  06-Jun-2021  cjep sync with head
 1.40.2.1  02-Aug-2025  perseant Sync with HEAD

RSS XML Feed