uclient-fetch: add option to read POST data from file Passing post data in command line is convenient but has limited size, and may become tricky to correctly escape passed data especially in scripts. This patch add the option --post-file so the data to post can be read from a file. Tested on x86/64. Acked-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Gioacchino Mazzurco <gio@eigenlab.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
uclient-fetch: support specifying advertised TLS ciphers Introduce a new `--ciphers` option which allows specifying a colon separated list of usable TLS ciphers. Depending on the underlying ustream-ssl provider, the list either follows OpenSSL's cipher string format or, in case of mbedTLS, is a simple colon separated cipher whitelist. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uclient-http: properly handle HTTP redirects via proxy connections When uclient connects via an HTTP proxy connection we need to swap the contexts .proxy_url and not the .url property (which is the connection URL to the proxy server itself). This fixes uclient erroring out in a redirect loop when connecting via a proxy connection. Ref: https://forum.openwrt.org/t/opkg-update-fails/25813 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
uclient-http: Close ustream file handle only if allocated Since the connection setup in uclient_do_connect can fail before ustream_init_fd is called we must check the fd was actually allocated before closing it, else we would close STDIN. Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
uclient-fetch: use package name pattern in message for missing SSL library When faced with this error message, I did not directly know what package(s) to install. I first grepped the package list for packages named libustream-ssl... found nothing, and finally realized, that here only the library name was mentioned. But when we mention the certificate packages, why not also directly mention the SSL/TLS packages with a pattern. That will save one step next time when stumbling here - at least for me ;-) Signed-off-by: Michael Heimpold <mhei@heimpold.de>
uclient-fetch: fix overloading of output_file variable When uclient-fetch is called with multiple URL's, it derives the first filename from the URL. It then sets the global output_file variable, causing a use-after-free bug on an attempt to use it as output file for the next file. Fix this by avoiding the overwrite entirely by only setting a local variable Reported-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
uclient-http: fix Host: header for literal IPv6 addresses For literal IPv6 addresses, the host header must have the form Host: [...] including the square brackets, as it may also contain a port. Some webservers ignore the missing brackets, while others will return error 400. IPv6 addresses are determined by searching for ':' characters in the host, as neither IPv4 addresses nor DNS names can contain colons. An alternative would be to add a flag to the uclient_url struct; but as this struct is exposed in public headers, such a change could be considered an ABI change, making a backport difficult. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> Acked-by: Jo-Philipp Wich <jo@mein.io>
Fix unused results warnings Fixes: uclient-http.c:385:8: error: ignoring return value of 'fread', declared with attribute warn_unused_result [-Werror=unused-result] fread(&val, sizeof(val), 1, f); ^ uclient-fetch.c: In function 'main': uclient-fetch.c:664:12: error: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Werror=unused-result] asprintf(&auth_str, "%s:%s", username, password); ^ uclient-fetch.c: In function 'read_data_cb': uclient-fetch.c:269:9: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result] write(output_fd, buf, len); Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>