fetch extension - use local filename from content-dispositionheader (new diff)

Martin Cracauer cracauer at cons.org
Fri Dec 30 22:51:09 PST 2005

John Baldwin wrote on Sat, Dec 31, 2005 at 01:15:39AM -0500: 
> On Friday 30 December 2005 06:56 pm, John Baldwin wrote:
> > On Friday 30 December 2005 06:25 pm, Dag-Erling Smørgrav wrote:
> > > Martin Cracauer <cracauer at cons.org> writes:
> > > > Ok, how about [...]
> > >
> > > how about I spell it out as simply as I can: "no"
> >
> > Nice to see your concern for actual users.  I guess people should just go
> > use wget or curl instead?  For that matter, why stick with FreeBSD when you
> > get to endure such helpful attitudes?  Offering suggestions rather than
> > just "piss off" would be more constructive.  I understand that the new
> > off-by-default feature does allow one to blow one's foot off, but UN*X has
> > a long history of delivering bullets to one's feet in a speedy fashion when
> > specifically requested.
> I haven't read any replies to this, but my conscience is killing me.  I'm 
> sorry for the tone I used above, especially to Des.

Well, it's not you who started it.  DES called my code "disgusting"
which by all measures to apply it was not.

The only reason why we have an ABI problem is that he chose that
interface, an interface which does the best (worst) possible job of
locking the ABI against future extensions to access more of the
growing number of useful http headers in common use.  How he can call
my code "disgusting" after having produced that is bejond me.

Leaving aside for a moment that both clients of the library are in the
FreeBSD base system and hence not affected by an ABI change, when I
offer him to change that to an interface that is robust against future
extensions (and can even be implemented API and ABI compatible to the
current one) he cuts my quote to a half-sentense and adds a one-word

So he limits his maintainership to "would like notification" and he
has obviously seen the notification.  I don't see why I shouldn't just
commit away after addressing his concerns, now that he has obviously
finished expressing actual concerns by now.

> I am quite frustrated 
> with some of the attitudes displayed in the thread to the original submitter 
> who is just trying to make FreeBSD better to get useful work done, but 
> blowing up is not the right way to handle that.

This feature is useful, it is actually required for my work, because I
use it from a little robot.  I use FreeBSD's fetch at work where I
have to get a gazillion of these attachments out of bugzilla.

The feature does nothing for people who don't want to use it.

The security implications are easy to understand and very well in line
with other Unix features.  Unpacking an tar or zip file has a lot more
potential to do damage than this (because the unpacking can also
contains permissions, you can put a *.cgi with a+x just for starters).

How come nobody demands that the 3 files that come out of "foo.tar"
are named foo.1, foo.2 and foo.3 instead of bar.c, bar.h and Makefile?

Most of the discussion is driven by people who don't put it in
perspective with other shoot-in-foot features and who wouldn't use my
extension in first place (and won't since it's off by default).

It was my fault for asking a big mailing list for comments, I'll know
better next time.  Of course, private mail to this particular
maintainer doesn't look like too promising an approach either given
the last reply.

> Martin, if you are unable to make any headway getting your patch to fetch 
> integrated, and/or having anyone else come up with a better implementation of 
> the feature you need, there are several other programs like curl or wget that 
> you can use instead.  Given that Mozilla already does what you want it seems 
> likely that at least one open-source command-line URL fetcher will be willing 
> to accept patches to implement the feature you need for your scripts.

Well, wget is out of question, that thing... [shakes head]

curl I didn't check out yet.

I am using that -O switch in my own branch of the pre-libfetch FreeBSD
fetch for years now, I thought it is time I contribute that back.
Among other things I wanted to do that to throw away my own fetch

How all this is worth such a mega-thread I don't know.  

I think the real mistakes here were to ask for a public review on a
large mailing list and to hack DES code in first place.  I can just go
and publish that branch of classic fetch.  That'll share our hacking
resources.  Shut up and code.  Each in their own codebase.

Martin Cracauer <cracauer at cons.org>   http://www.cons.org/cracauer/
FreeBSD - where you want to go, today.      http://www.freebsd.org/

More information about the freebsd-current mailing list