[Toybox] ftpget: Remove

enh enh at google.com
Fri Oct 29 11:16:39 PDT 2021


On Fri, Oct 29, 2021 at 10:47 AM Rob Landley <rob at landley.net> wrote:

> On 10/29/21 10:51 AM, enh via Toybox wrote:
> > i don't have much of an opinion here, but i was wondering about the
> usefulness
> > of this in a world where all the major browsers have now removed ftp
> support...
> > is anyone likely to still be using ftp by the time toybox hits 1.0?
>
> Other than me? (It's the only server/client protocol toybox had
> implemented, I
> was using it to send files out of mkroot.)
>
> I acknowledge there's a general tendency to accumulate old protocols.
> Busybox
> has "rdate" and "sum" and "mt" and so on, all of which toybox decided
> against
> adding. When do you remove once you've already got is an interesting
> question.
>
> But right now, I have a question for you: what's the wget equivalent of
> "ftpput"? How do you _upload_ a file when you remove this? This isn't even
> a "we
> haven't got an httpd yet". Even then, how do you push a file to a server?
>

scp for locked-down corporate systems, and...


> (Yes rsync is on the todo list, but it's post-1.0 and would depend on an
> external ssh implementation. There's lots of "behind the firewall, between
> two
> containers on the same machine, between VM and hypervisor" use cases that
> don't
> require the connection to be encrypted, especially during development.
> Nice if
> it CAN be, but can we provide that? If so, how? Can/should tftp do it?)
>

...yeah, that's what i was assuming for smaller stuff. (or scp there too,
or adb in some cases. tbh, i haven't seen tftp personally since the 1990s,
but i'm happy to believe it's still alive and well _somewhere_ :-) )

toybox tftp already does puts too, no? i haven't used it, but it looks
implemented? (and there's a tftpd in pending too.)


> > (interesting that gnu sends you to an https server suggesting you update
> any
> > scripts before they remove ftp completely [without giving a specific
> deadline],
> > but libxml2 is basically just broken with current browsers.)
>
> The gnu guys are insane, I don't consider what they do a good indicator.
> But
> https://www.kernel.org/shutting-down-ftp-services.html meant something.
>
> Passive ftp support is still reasonable. Non-passive ftp was always nuts:
> you
> open a port and the server connects BACK to you. (What? Why?) There was
> even an
> sftp that tunneled ftp via https, but as "http" being in the name of https
> implied, people kinda assumed that everyone everywhere would be doing
> everything
> over http from now own. (As insane hacks like "microsoft soap" attested
> https://en.wikipedia.org/wiki/SOAP#History although that was mostly
> microsoft
> engineers wanting to bypass firewalls and take control away from site
> administrators.)
>
> Removal of ftp support has been largely because "we have http, why open a
> second
> port"...
>

plus i don't think ftpes:// or ftps:// ever really caught on, did they?


> Rob
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20211029/9c03d86f/attachment-0001.htm>


More information about the Toybox mailing list