darinkes/ftp_no_proxy.patch

## ftp_no_proxy.patch
Index: fetch.c
===================================================================
RCS file: /mount/cvsdev/cvs/openbsd/src/usr.bin/ftp/fetch.c,v
retrieving revision 1.163
diff -u -r1.163 fetch.c
--- fetch.c	7 Mar 2017 08:00:23 -0000	1.163
+++ fetch.c	26 Apr 2017 13:10:48 -0000
@@ -57,6 +57,7 @@
 #include <unistd.h>
 #include <util.h>
 #include <resolv.h>
+#include <fnmatch.h>

 #ifndef NOSSL
 #include <tls.h>
@@ -67,7 +68,9 @@
 #include "ftp_var.h"
 #include "cmds.h"

-static int	url_get(const char *, const char *, const char *, int);
+static int	url_get(const char *, const char *, const char *, const char *,
+		    int);
+static int	probe_no_proxy(const char *, const char *);
 void		aborthttp(int);
 void		abortfile(int);
 char		hextochar(const char *);
@@ -88,6 +91,7 @@
 #define	FILE_URL	"file:"		/* file URL prefix */
 #define FTP_PROXY	"ftp_proxy"	/* env var with ftp proxy location */
 #define HTTP_PROXY	"http_proxy"	/* env var with http proxy location */
+#define NO_PROXY	"no_proxy"	/* env var with no proxy location */

 #define EMPTYSTRING(x)	((x) == NULL || (*(x) == '\0'))

@@ -174,12 +178,48 @@
 }

 /*
+ * Checks if host is in no_proxy
+ * Returns 1 on host found in no_proxy, otherwise 0
+ */
+static int
+probe_no_proxy(const char *host, const char *no_proxy)
+{
+	char		*p, *np, *last;
+	int		rval = 0;
+
+	if (no_proxy == NULL)
+		return 0;
+
+	np = strdup(no_proxy);
+	if (np == NULL)
+		errx(1, "Can't allocate memory to parse no_proxy");
+
+	for ((p = strtok_r(np, ",", &last)); p;
+	    (p = strtok_r(NULL, ",", &last))) {
+		if (fnmatch(p, host, 0) == 0) {
+#ifndef SMALL
+			if (debug)
+				fprintf(ttyout, "%s: Matched %s -> %s\n",
+				    __func__, host, p);
+#endif
+			rval = 1;
+			goto done;
+		}
+	}
+
+done:
+	free(np);
+	return (rval);
+}
+
+/*
  * Retrieve URL, via the proxy in $proxyvar if necessary.
  * Modifies the string argument given.
  * Returns -1 on failure, 0 on success
  */
 static int
-url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile)
+url_get(const char *origline, const char *proxyenv, const char *noproxy,
+    const char *outfile, int lastfile)
 {
 	char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4];
 	char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL;
@@ -304,7 +344,8 @@
 	}
 #endif /* !SMALL */

-	if (!isfileurl && proxyenv != NULL) {		/* use proxy */
+	if (!isfileurl && proxyenv != NULL &&
+	    !probe_no_proxy(host, noproxy)) {		/* use proxy */
 #ifndef NOSSL
 		if (ishttpsurl) {
 			sslpath = strdup(path);
@@ -916,7 +957,8 @@
 				fclose(fin);
 			else if (s != -1)
 				close(s);
-			rval = url_get(redirurl, proxyenv, savefile, lastfile);
+			rval = url_get(redirurl, proxyenv, noproxy,
+			    savefile, lastfile);
 			free(redirurl);
 			goto cleanup_url_get;
 		}
@@ -1101,7 +1143,7 @@
 	char *xargv[5];
 	char *cp, *url, *host, *dir, *file, *portnum;
 	char *username, *pass, *pathstart;
-	char *ftpproxy, *httpproxy;
+	char *ftpproxy, *httpproxy, *noproxy;
 	int rval, xargc, lastfile;
 	volatile int argpos;
 	int dirhasglob, filehasglob, oautologin;
@@ -1121,6 +1163,8 @@
 		ftpproxy = NULL;
 	if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
 		httpproxy = NULL;
+	if ((noproxy = getenv(NO_PROXY)) != NULL && *noproxy == '\0')
+		noproxy = NULL;

 	/*
 	 * Loop through as long as there's files to fetch.
@@ -1153,7 +1197,7 @@
 #endif /* !NOSSL */
 		    strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
 			redirect_loop = 0;
-			if (url_get(url, httpproxy, outfile, lastfile) == -1)
+			if (url_get(url, httpproxy, noproxy, outfile, lastfile) == -1)
 				rval = argpos + 1;
 			continue;
 		}
@@ -1168,7 +1212,7 @@
 			char *passend, *passagain, *userend;

 			if (ftpproxy) {
-				if (url_get(url, ftpproxy, outfile, lastfile) == -1)
+				if (url_get(url, ftpproxy, noproxy, outfile, lastfile) == -1)
 					rval = argpos + 1;
 				continue;
 			}
Index: ftp.1
===================================================================
RCS file: /mount/cvsdev/cvs/openbsd/src/usr.bin/ftp/ftp.1,v
retrieving revision 1.107
diff -u -r1.107 ftp.1
--- ftp.1	25 Jan 2017 07:21:18 -0000	1.107
+++ ftp.1	26 Apr 2017 10:23:46 -0000
@@ -1355,6 +1355,9 @@
 If
 .Ev http_proxy
 is defined, it is used as a URL to an HTTP proxy server.
+If
+.Ev no_proxy
+is defined, it is used to check for ftp or http proxy exceptions.
 If a
 .Ar user
 and
@@ -1741,6 +1744,9 @@
 (if not defined, use the standard FTP protocol).
 .It Ev http_proxy
 URL of HTTP proxy to use when making HTTP or HTTPS URL requests.
+.It Ev no_proxy
+A comma-separated list which specifies hosts that should
+be excluded from proxying. Asterisks can be used as wildcards.
 .It Ev http_cookies
 Path of a Netscape-like cookiejar file to use when making
 HTTP or HTTPS URL requests.
	Index: fetch.c
	===================================================================
	RCS file: /mount/cvsdev/cvs/openbsd/src/usr.bin/ftp/fetch.c,v
	retrieving revision 1.163
	diff -u -r1.163 fetch.c
	--- fetch.c 7 Mar 2017 08:00:23 -0000 1.163
	+++ fetch.c 26 Apr 2017 13:10:48 -0000
	@@ -57,6 +57,7 @@
	#include <unistd.h>
	#include <util.h>
	#include <resolv.h>
	+#include <fnmatch.h>

	#ifndef NOSSL
	#include <tls.h>
	@@ -67,7 +68,9 @@
	#include "ftp_var.h"
	#include "cmds.h"

	-static int url_get(const char , const char , const char *, int);
	+static int url_get(const char , const char , const char , const char ,
	+ int);
	+static int probe_no_proxy(const char , const char );
	void aborthttp(int);
	void abortfile(int);
	char hextochar(const char *);
	@@ -88,6 +91,7 @@
	#define FILE_URL "file:" /* file URL prefix */
	#define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */
	#define HTTP_PROXY "http_proxy" /* env var with http proxy location */
	+#define NO_PROXY "no_proxy" /* env var with no proxy location */

	#define EMPTYSTRING(x) ((x) == NULL \|\| (*(x) == '\0'))

	@@ -174,12 +178,48 @@
	}

	/*
	+ * Checks if host is in no_proxy
	+ * Returns 1 on host found in no_proxy, otherwise 0
	+ */
	+static int
	+probe_no_proxy(const char host, const char no_proxy)
	+{
	+ char p, np, *last;
	+ int rval = 0;
	+
	+ if (no_proxy == NULL)
	+ return 0;
	+
	+ np = strdup(no_proxy);
	+ if (np == NULL)
	+ errx(1, "Can't allocate memory to parse no_proxy");
	+
	+ for ((p = strtok_r(np, ",", &last)); p;
	+ (p = strtok_r(NULL, ",", &last))) {
	+ if (fnmatch(p, host, 0) == 0) {
	+#ifndef SMALL
	+ if (debug)
	+ fprintf(ttyout, "%s: Matched %s -> %s\n",
	+ __func__, host, p);
	+#endif
	+ rval = 1;
	+ goto done;
	+ }
	+ }
	+
	+done:
	+ free(np);
	+ return (rval);
	+}
	+
	+/*
	* Retrieve URL, via the proxy in $proxyvar if necessary.
	* Modifies the string argument given.
	* Returns -1 on failure, 0 on success
	*/
	static int
	-url_get(const char origline, const char proxyenv, const char *outfile, int lastfile)
	+url_get(const char origline, const char proxyenv, const char *noproxy,
	+ const char *outfile, int lastfile)
	{
	char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], cp, portnum, *path, ststr[4];
	char hosttail, cause = "unknown", newline, host, port, buf = NULL;
	@@ -304,7 +344,8 @@
	}
	#endif /* !SMALL */

	- if (!isfileurl && proxyenv != NULL) { /* use proxy */
	+ if (!isfileurl && proxyenv != NULL &&
	+ !probe_no_proxy(host, noproxy)) { /* use proxy */
	#ifndef NOSSL
	if (ishttpsurl) {
	sslpath = strdup(path);
	@@ -916,7 +957,8 @@
	fclose(fin);
	else if (s != -1)
	close(s);
	- rval = url_get(redirurl, proxyenv, savefile, lastfile);
	+ rval = url_get(redirurl, proxyenv, noproxy,
	+ savefile, lastfile);
	free(redirurl);
	goto cleanup_url_get;
	}
	@@ -1101,7 +1143,7 @@
	char *xargv[5];
	char cp, url, host, dir, file, portnum;
	char username, pass, *pathstart;
	- char ftpproxy, httpproxy;
	+ char ftpproxy, httpproxy, *noproxy;
	int rval, xargc, lastfile;
	volatile int argpos;
	int dirhasglob, filehasglob, oautologin;
	@@ -1121,6 +1163,8 @@
	ftpproxy = NULL;
	if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
	httpproxy = NULL;
	+ if ((noproxy = getenv(NO_PROXY)) != NULL && *noproxy == '\0')
	+ noproxy = NULL;

	/*
	* Loop through as long as there's files to fetch.
	@@ -1153,7 +1197,7 @@
	#endif /* !NOSSL */
	strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
	redirect_loop = 0;
	- if (url_get(url, httpproxy, outfile, lastfile) == -1)
	+ if (url_get(url, httpproxy, noproxy, outfile, lastfile) == -1)
	rval = argpos + 1;
	continue;
	}
	@@ -1168,7 +1212,7 @@
	char passend, passagain, *userend;

	if (ftpproxy) {
	- if (url_get(url, ftpproxy, outfile, lastfile) == -1)
	+ if (url_get(url, ftpproxy, noproxy, outfile, lastfile) == -1)
	rval = argpos + 1;
	continue;
	}
	Index: ftp.1
	===================================================================
	RCS file: /mount/cvsdev/cvs/openbsd/src/usr.bin/ftp/ftp.1,v
	retrieving revision 1.107
	diff -u -r1.107 ftp.1
	--- ftp.1 25 Jan 2017 07:21:18 -0000 1.107
	+++ ftp.1 26 Apr 2017 10:23:46 -0000
	@@ -1355,6 +1355,9 @@
	If
	.Ev http_proxy
	is defined, it is used as a URL to an HTTP proxy server.
	+If
	+.Ev no_proxy
	+is defined, it is used to check for ftp or http proxy exceptions.
	If a
	.Ar user
	and
	@@ -1741,6 +1744,9 @@
	(if not defined, use the standard FTP protocol).
	.It Ev http_proxy
	URL of HTTP proxy to use when making HTTP or HTTPS URL requests.
	+.It Ev no_proxy
	+A comma-separated list which specifies hosts that should
	+be excluded from proxying. Asterisks can be used as wildcards.
	.It Ev http_cookies
	Path of a Netscape-like cookiejar file to use when making
	HTTP or HTTPS URL requests.