xref: /minix/usr.bin/ftp/fetch.c (revision 0a6a1f1d)
1 /*	$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $	*/
2 
3 /*-
4  * Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
5  * All rights reserved.
6  *
7  * This code is derived from software contributed to The NetBSD Foundation
8  * by Luke Mewburn.
9  *
10  * This code is derived from software contributed to The NetBSD Foundation
11  * by Scott Aaron Bamford.
12  *
13  * This code is derived from software contributed to The NetBSD Foundation
14  * by Thomas Klausner.
15  *
16  * Redistribution and use in source and binary forms, with or without
17  * modification, are permitted provided that the following conditions
18  * are met:
19  * 1. Redistributions of source code must retain the above copyright
20  *    notice, this list of conditions and the following disclaimer.
21  * 2. Redistributions in binary form must reproduce the above copyright
22  *    notice, this list of conditions and the following disclaimer in the
23  *    documentation and/or other materials provided with the distribution.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
26  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
29  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35  * POSSIBILITY OF SUCH DAMAGE.
36  */
37 
38 #include <sys/cdefs.h>
39 #ifndef lint
40 __RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $");
41 #endif /* not lint */
42 
43 /*
44  * FTP User Program -- Command line file retrieval
45  */
46 
47 #include <sys/types.h>
48 #include <sys/param.h>
49 #include <sys/socket.h>
50 #include <sys/stat.h>
51 #include <sys/time.h>
52 
53 #include <netinet/in.h>
54 
55 #include <arpa/ftp.h>
56 #include <arpa/inet.h>
57 
58 #include <assert.h>
59 #include <ctype.h>
60 #include <err.h>
61 #include <errno.h>
62 #include <netdb.h>
63 #include <fcntl.h>
64 #include <stdio.h>
65 #include <stdlib.h>
66 #include <string.h>
67 #include <unistd.h>
68 #include <time.h>
69 
70 #include "ssl.h"
71 #include "ftp_var.h"
72 #include "version.h"
73 
74 typedef enum {
75 	UNKNOWN_URL_T=-1,
76 	HTTP_URL_T,
77 #ifdef WITH_SSL
78 	HTTPS_URL_T,
79 #endif
80 	FTP_URL_T,
81 	FILE_URL_T,
82 	CLASSIC_URL_T
83 } url_t;
84 
85 __dead static void	aborthttp(int);
86 __dead static void	timeouthttp(int);
87 #ifndef NO_AUTH
88 static int	auth_url(const char *, char **, const char *, const char *);
89 static void	base64_encode(const unsigned char *, size_t, unsigned char *);
90 #endif
91 static int	go_fetch(const char *);
92 static int	fetch_ftp(const char *);
93 static int	fetch_url(const char *, const char *, char *, char *);
94 static const char *match_token(const char **, const char *);
95 static int	parse_url(const char *, const char *, url_t *, char **,
96 			    char **, char **, char **, in_port_t *, char **);
97 static void	url_decode(char *);
98 
99 static int	redirect_loop;
100 
101 
102 #define	STRNEQUAL(a,b)	(strncasecmp((a), (b), sizeof((b))-1) == 0)
103 #define	ISLWS(x)	((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t')
104 #define	SKIPLWS(x)	do { while (ISLWS((*x))) x++; } while (0)
105 
106 
107 #define	ABOUT_URL	"about:"	/* propaganda */
108 #define	FILE_URL	"file://"	/* file URL prefix */
109 #define	FTP_URL		"ftp://"	/* ftp URL prefix */
110 #define	HTTP_URL	"http://"	/* http URL prefix */
111 #ifdef WITH_SSL
112 #define	HTTPS_URL	"https://"	/* https URL prefix */
113 
114 #define	IS_HTTP_TYPE(urltype) \
115 	(((urltype) == HTTP_URL_T) || ((urltype) == HTTPS_URL_T))
116 #else
117 #define	IS_HTTP_TYPE(urltype) \
118 	((urltype) == HTTP_URL_T)
119 #endif
120 
121 /*
122  * Determine if token is the next word in buf (case insensitive).
123  * If so, advance buf past the token and any trailing LWS, and
124  * return a pointer to the token (in buf).  Otherwise, return NULL.
125  * token may be preceded by LWS.
126  * token must be followed by LWS or NUL.  (I.e, don't partial match).
127  */
128 static const char *
match_token(const char ** buf,const char * token)129 match_token(const char **buf, const char *token)
130 {
131 	const char	*p, *orig;
132 	size_t		tlen;
133 
134 	tlen = strlen(token);
135 	p = *buf;
136 	SKIPLWS(p);
137 	orig = p;
138 	if (strncasecmp(p, token, tlen) != 0)
139 		return NULL;
140 	p += tlen;
141 	if (*p != '\0' && !ISLWS(*p))
142 		return NULL;
143 	SKIPLWS(p);
144 	orig = *buf;
145 	*buf = p;
146 	return orig;
147 }
148 
149 #ifndef NO_AUTH
150 /*
151  * Generate authorization response based on given authentication challenge.
152  * Returns -1 if an error occurred, otherwise 0.
153  * Sets response to a malloc(3)ed string; caller should free.
154  */
155 static int
auth_url(const char * challenge,char ** response,const char * guser,const char * gpass)156 auth_url(const char *challenge, char **response, const char *guser,
157 	const char *gpass)
158 {
159 	const char	*cp, *scheme, *errormsg;
160 	char		*ep, *clear, *realm;
161 	char		 uuser[BUFSIZ], *gotpass;
162 	const char	*upass;
163 	int		 rval;
164 	size_t		 len, clen, rlen;
165 
166 	*response = NULL;
167 	clear = realm = NULL;
168 	rval = -1;
169 	cp = challenge;
170 	scheme = "Basic";	/* only support Basic authentication */
171 	gotpass = NULL;
172 
173 	DPRINTF("auth_url: challenge `%s'\n", challenge);
174 
175 	if (! match_token(&cp, scheme)) {
176 		warnx("Unsupported authentication challenge `%s'",
177 		    challenge);
178 		goto cleanup_auth_url;
179 	}
180 
181 #define	REALM "realm=\""
182 	if (STRNEQUAL(cp, REALM))
183 		cp += sizeof(REALM) - 1;
184 	else {
185 		warnx("Unsupported authentication challenge `%s'",
186 		    challenge);
187 		goto cleanup_auth_url;
188 	}
189 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */
190 	if ((ep = strchr(cp, '\"')) != NULL) {
191 		len = ep - cp;
192 		realm = (char *)ftp_malloc(len + 1);
193 		(void)strlcpy(realm, cp, len + 1);
194 	} else {
195 		warnx("Unsupported authentication challenge `%s'",
196 		    challenge);
197 		goto cleanup_auth_url;
198 	}
199 
200 	fprintf(ttyout, "Username for `%s': ", realm);
201 	if (guser != NULL) {
202 		(void)strlcpy(uuser, guser, sizeof(uuser));
203 		fprintf(ttyout, "%s\n", uuser);
204 	} else {
205 		(void)fflush(ttyout);
206 		if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) {
207 			warnx("%s; can't authenticate", errormsg);
208 			goto cleanup_auth_url;
209 		}
210 	}
211 	if (gpass != NULL)
212 		upass = gpass;
213 	else {
214 		gotpass = getpass("Password: ");
215 		if (gotpass == NULL) {
216 			warnx("Can't read password");
217 			goto cleanup_auth_url;
218 		}
219 		upass = gotpass;
220 	}
221 
222 	clen = strlen(uuser) + strlen(upass) + 2;	/* user + ":" + pass + "\0" */
223 	clear = (char *)ftp_malloc(clen);
224 	(void)strlcpy(clear, uuser, clen);
225 	(void)strlcat(clear, ":", clen);
226 	(void)strlcat(clear, upass, clen);
227 	if (gotpass)
228 		memset(gotpass, 0, strlen(gotpass));
229 
230 						/* scheme + " " + enc + "\0" */
231 	rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1;
232 	*response = (char *)ftp_malloc(rlen);
233 	(void)strlcpy(*response, scheme, rlen);
234 	len = strlcat(*response, " ", rlen);
235 			/* use  `clen - 1'  to not encode the trailing NUL */
236 	base64_encode((unsigned char *)clear, clen - 1,
237 	    (unsigned char *)*response + len);
238 	memset(clear, 0, clen);
239 	rval = 0;
240 
241  cleanup_auth_url:
242 	FREEPTR(clear);
243 	FREEPTR(realm);
244 	return (rval);
245 }
246 
247 /*
248  * Encode len bytes starting at clear using base64 encoding into encoded,
249  * which should be at least ((len + 2) * 4 / 3 + 1) in size.
250  */
251 static void
base64_encode(const unsigned char * clear,size_t len,unsigned char * encoded)252 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded)
253 {
254 	static const unsigned char enc[] =
255 	    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
256 	unsigned char	*cp;
257 	size_t	 i;
258 
259 	cp = encoded;
260 	for (i = 0; i < len; i += 3) {
261 		*(cp++) = enc[((clear[i + 0] >> 2))];
262 		*(cp++) = enc[((clear[i + 0] << 4) & 0x30)
263 			    | ((clear[i + 1] >> 4) & 0x0f)];
264 		*(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
265 			    | ((clear[i + 2] >> 6) & 0x03)];
266 		*(cp++) = enc[((clear[i + 2]     ) & 0x3f)];
267 	}
268 	*cp = '\0';
269 	while (i-- > len)
270 		*(--cp) = '=';
271 }
272 #endif
273 
274 /*
275  * Decode %xx escapes in given string, `in-place'.
276  */
277 static void
url_decode(char * url)278 url_decode(char *url)
279 {
280 	unsigned char *p, *q;
281 
282 	if (EMPTYSTRING(url))
283 		return;
284 	p = q = (unsigned char *)url;
285 
286 #define	HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10))
287 	while (*p) {
288 		if (p[0] == '%'
289 		    && p[1] && isxdigit((unsigned char)p[1])
290 		    && p[2] && isxdigit((unsigned char)p[2])) {
291 			*q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]);
292 			p+=3;
293 		} else
294 			*q++ = *p++;
295 	}
296 	*q = '\0';
297 }
298 
299 
300 /*
301  * Parse URL of form (per RFC 3986):
302  *	<type>://[<user>[:<password>]@]<host>[:<port>][/<path>]
303  * Returns -1 if a parse error occurred, otherwise 0.
304  * It's the caller's responsibility to url_decode() the returned
305  * user, pass and path.
306  *
307  * Sets type to url_t, each of the given char ** pointers to a
308  * malloc(3)ed strings of the relevant section, and port to
309  * the number given, or ftpport if ftp://, or httpport if http://.
310  *
311  * XXX: this is not totally RFC 3986 compliant; <path> will have the
312  * leading `/' unless it's an ftp:// URL, as this makes things easier
313  * for file:// and http:// URLs.  ftp:// URLs have the `/' between the
314  * host and the URL-path removed, but any additional leading slashes
315  * in the URL-path are retained (because they imply that we should
316  * later do "CWD" with a null argument).
317  *
318  * Examples:
319  *	 input URL			 output path
320  *	 ---------			 -----------
321  *	"http://host"			"/"
322  *	"http://host/"			"/"
323  *	"http://host/path"		"/path"
324  *	"file://host/dir/file"		"dir/file"
325  *	"ftp://host"			""
326  *	"ftp://host/"			""
327  *	"ftp://host//"			"/"
328  *	"ftp://host/dir/file"		"dir/file"
329  *	"ftp://host//dir/file"		"/dir/file"
330  */
331 static int
parse_url(const char * url,const char * desc,url_t * utype,char ** uuser,char ** pass,char ** host,char ** port,in_port_t * portnum,char ** path)332 parse_url(const char *url, const char *desc, url_t *utype,
333 		char **uuser, char **pass, char **host, char **port,
334 		in_port_t *portnum, char **path)
335 {
336 	const char	*origurl, *tport;
337 	char		*cp, *ep, *thost;
338 	size_t		 len;
339 
340 	if (url == NULL || desc == NULL || utype == NULL || uuser == NULL
341 	    || pass == NULL || host == NULL || port == NULL || portnum == NULL
342 	    || path == NULL)
343 		errx(1, "parse_url: invoked with NULL argument!");
344 	DPRINTF("parse_url: %s `%s'\n", desc, url);
345 
346 	origurl = url;
347 	*utype = UNKNOWN_URL_T;
348 	*uuser = *pass = *host = *port = *path = NULL;
349 	*portnum = 0;
350 	tport = NULL;
351 
352 	if (STRNEQUAL(url, HTTP_URL)) {
353 		url += sizeof(HTTP_URL) - 1;
354 		*utype = HTTP_URL_T;
355 		*portnum = HTTP_PORT;
356 		tport = httpport;
357 	} else if (STRNEQUAL(url, FTP_URL)) {
358 		url += sizeof(FTP_URL) - 1;
359 		*utype = FTP_URL_T;
360 		*portnum = FTP_PORT;
361 		tport = ftpport;
362 	} else if (STRNEQUAL(url, FILE_URL)) {
363 		url += sizeof(FILE_URL) - 1;
364 		*utype = FILE_URL_T;
365 #ifdef WITH_SSL
366 	} else if (STRNEQUAL(url, HTTPS_URL)) {
367 		url += sizeof(HTTPS_URL) - 1;
368 		*utype = HTTPS_URL_T;
369 		*portnum = HTTPS_PORT;
370 		tport = httpsport;
371 #endif
372 	} else {
373 		warnx("Invalid %s `%s'", desc, url);
374  cleanup_parse_url:
375 		FREEPTR(*uuser);
376 		if (*pass != NULL)
377 			memset(*pass, 0, strlen(*pass));
378 		FREEPTR(*pass);
379 		FREEPTR(*host);
380 		FREEPTR(*port);
381 		FREEPTR(*path);
382 		return (-1);
383 	}
384 
385 	if (*url == '\0')
386 		return (0);
387 
388 			/* find [user[:pass]@]host[:port] */
389 	ep = strchr(url, '/');
390 	if (ep == NULL)
391 		thost = ftp_strdup(url);
392 	else {
393 		len = ep - url;
394 		thost = (char *)ftp_malloc(len + 1);
395 		(void)strlcpy(thost, url, len + 1);
396 		if (*utype == FTP_URL_T)	/* skip first / for ftp URLs */
397 			ep++;
398 		*path = ftp_strdup(ep);
399 	}
400 
401 	cp = strchr(thost, '@');	/* look for user[:pass]@ in URLs */
402 	if (cp != NULL) {
403 		if (*utype == FTP_URL_T)
404 			anonftp = 0;	/* disable anonftp */
405 		*uuser = thost;
406 		*cp = '\0';
407 		thost = ftp_strdup(cp + 1);
408 		cp = strchr(*uuser, ':');
409 		if (cp != NULL) {
410 			*cp = '\0';
411 			*pass = ftp_strdup(cp + 1);
412 		}
413 		url_decode(*uuser);
414 		if (*pass)
415 			url_decode(*pass);
416 	}
417 
418 #ifdef INET6
419 			/*
420 			 * Check if thost is an encoded IPv6 address, as per
421 			 * RFC 3986:
422 			 *	`[' ipv6-address ']'
423 			 */
424 	if (*thost == '[') {
425 		cp = thost + 1;
426 		if ((ep = strchr(cp, ']')) == NULL ||
427 		    (ep[1] != '\0' && ep[1] != ':')) {
428 			warnx("Invalid address `%s' in %s `%s'",
429 			    thost, desc, origurl);
430 			goto cleanup_parse_url;
431 		}
432 		len = ep - cp;		/* change `[xyz]' -> `xyz' */
433 		memmove(thost, thost + 1, len);
434 		thost[len] = '\0';
435 		if (! isipv6addr(thost)) {
436 			warnx("Invalid IPv6 address `%s' in %s `%s'",
437 			    thost, desc, origurl);
438 			goto cleanup_parse_url;
439 		}
440 		cp = ep + 1;
441 		if (*cp == ':')
442 			cp++;
443 		else
444 			cp = NULL;
445 	} else
446 #endif /* INET6 */
447 		if ((cp = strchr(thost, ':')) != NULL)
448 			*cp++ = '\0';
449 	*host = thost;
450 
451 			/* look for [:port] */
452 	if (cp != NULL) {
453 		unsigned long	nport;
454 
455 		nport = strtoul(cp, &ep, 10);
456 		if (*cp == '\0' || *ep != '\0' ||
457 		    nport < 1 || nport > MAX_IN_PORT_T) {
458 			warnx("Unknown port `%s' in %s `%s'",
459 			    cp, desc, origurl);
460 			goto cleanup_parse_url;
461 		}
462 		*portnum = nport;
463 		tport = cp;
464 	}
465 
466 	if (tport != NULL)
467 		*port = ftp_strdup(tport);
468 	if (*path == NULL) {
469 		const char *emptypath = "/";
470 		if (*utype == FTP_URL_T)	/* skip first / for ftp URLs */
471 			emptypath++;
472 		*path = ftp_strdup(emptypath);
473 	}
474 
475 	DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
476 	    "path `%s'\n",
477 	    STRorNULL(*uuser), STRorNULL(*pass),
478 	    STRorNULL(*host), STRorNULL(*port),
479 	    *portnum ? *portnum : -1, STRorNULL(*path));
480 
481 	return (0);
482 }
483 
484 sigjmp_buf	httpabort;
485 
486 /*
487  * Retrieve URL, via a proxy if necessary, using HTTP.
488  * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or
489  * http_proxy/https_proxy as appropriate.
490  * Supports HTTP redirects.
491  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
492  * is still open (e.g, ftp xfer with trailing /)
493  */
494 static int
fetch_url(const char * url,const char * proxyenv,char * proxyauth,char * wwwauth)495 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth)
496 {
497 	struct addrinfo		hints, *res, *res0 = NULL;
498 	int			error;
499 	sigfunc volatile	oldint;
500 	sigfunc volatile	oldpipe;
501 	sigfunc volatile	oldalrm;
502 	sigfunc volatile	oldquit;
503 	int volatile		s;
504 	struct stat		sb;
505 	int volatile		ischunked;
506 	int volatile		isproxy;
507 	int volatile		rval;
508 	int volatile		hcode;
509 	int			len;
510 	size_t			flen;
511 	static size_t		bufsize;
512 	static char		*xferbuf;
513 	const char		*cp, *token;
514 	char			*ep;
515 	char			buf[FTPBUFLEN];
516 	const char		*errormsg;
517 	char			*volatile savefile;
518 	char			*volatile auth;
519 	char			*volatile location;
520 	char			*volatile message;
521 	char			*uuser, *pass, *host, *port, *path;
522 	char			*volatile decodedpath;
523 	char			*puser, *ppass, *useragent;
524 	off_t			hashbytes, rangestart, rangeend, entitylen;
525 	int			(*volatile closefunc)(FILE *);
526 	FETCH			*volatile fin;
527 	FILE			*volatile fout;
528 	const char		*volatile penv = proxyenv;
529 	time_t			mtime;
530 	url_t			urltype;
531 	in_port_t		portnum;
532 #ifdef WITH_SSL
533 	void			*ssl;
534 #endif
535 
536 	DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv));
537 
538 	oldquit = oldalrm = oldint = oldpipe = NULL;
539 	closefunc = NULL;
540 	fin = NULL;
541 	fout = NULL;
542 	s = -1;
543 	savefile = NULL;
544 	auth = location = message = NULL;
545 	ischunked = isproxy = hcode = 0;
546 	rval = 1;
547 	uuser = pass = host = path = decodedpath = puser = ppass = NULL;
548 
549 	if (sigsetjmp(httpabort, 1))
550 		goto cleanup_fetch_url;
551 
552 	if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port,
553 	    &portnum, &path) == -1)
554 		goto cleanup_fetch_url;
555 
556 	if (urltype == FILE_URL_T && ! EMPTYSTRING(host)
557 	    && strcasecmp(host, "localhost") != 0) {
558 		warnx("No support for non local file URL `%s'", url);
559 		goto cleanup_fetch_url;
560 	}
561 
562 	if (EMPTYSTRING(path)) {
563 		if (urltype == FTP_URL_T) {
564 			rval = fetch_ftp(url);
565 			goto cleanup_fetch_url;
566 		}
567 		if (!IS_HTTP_TYPE(urltype) || outfile == NULL)  {
568 			warnx("Invalid URL (no file after host) `%s'", url);
569 			goto cleanup_fetch_url;
570 		}
571 	}
572 
573 	decodedpath = ftp_strdup(path);
574 	url_decode(decodedpath);
575 
576 	if (outfile)
577 		savefile = outfile;
578 	else {
579 		cp = strrchr(decodedpath, '/');		/* find savefile */
580 		if (cp != NULL)
581 			savefile = ftp_strdup(cp + 1);
582 		else
583 			savefile = ftp_strdup(decodedpath);
584 	}
585 	DPRINTF("%s: savefile `%s'\n", __func__, savefile);
586 	if (EMPTYSTRING(savefile)) {
587 		if (urltype == FTP_URL_T) {
588 			rval = fetch_ftp(url);
589 			goto cleanup_fetch_url;
590 		}
591 		warnx("No file after directory (you must specify an "
592 		    "output file) `%s'", url);
593 		goto cleanup_fetch_url;
594 	}
595 
596 	restart_point = 0;
597 	filesize = -1;
598 	rangestart = rangeend = entitylen = -1;
599 	mtime = -1;
600 	if (restartautofetch) {
601 		if (stat(savefile, &sb) == 0)
602 			restart_point = sb.st_size;
603 	}
604 	if (urltype == FILE_URL_T) {		/* file:// URLs */
605 		direction = "copied";
606 		fin = fetch_open(decodedpath, "r");
607 		if (fin == NULL) {
608 			warn("Can't open `%s'", decodedpath);
609 			goto cleanup_fetch_url;
610 		}
611 		if (fstat(fetch_fileno(fin), &sb) == 0) {
612 			mtime = sb.st_mtime;
613 			filesize = sb.st_size;
614 		}
615 		if (restart_point) {
616 			if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) {
617 				warn("Can't seek to restart `%s'",
618 				    decodedpath);
619 				goto cleanup_fetch_url;
620 			}
621 		}
622 		if (verbose) {
623 			fprintf(ttyout, "Copying %s", decodedpath);
624 			if (restart_point)
625 				fprintf(ttyout, " (restarting at " LLF ")",
626 				    (LLT)restart_point);
627 			fputs("\n", ttyout);
628 		}
629 		if (0 == rcvbuf_size) {
630 			rcvbuf_size = 8 * 1024; /* XXX */
631 		}
632 	} else {				/* ftp:// or http:// URLs */
633 		const char *leading;
634 		int hasleading;
635 
636 		if (penv == NULL) {
637 #ifdef WITH_SSL
638 			if (urltype == HTTPS_URL_T)
639 				penv = getoptionvalue("https_proxy");
640 #endif
641 			if (penv == NULL && IS_HTTP_TYPE(urltype))
642 				penv = getoptionvalue("http_proxy");
643 			else if (urltype == FTP_URL_T)
644 				penv = getoptionvalue("ftp_proxy");
645 		}
646 		direction = "retrieved";
647 		if (! EMPTYSTRING(penv)) {			/* use proxy */
648 			url_t purltype;
649 			char *phost, *ppath;
650 			char *pport, *no_proxy;
651 			in_port_t pportnum;
652 
653 			isproxy = 1;
654 
655 				/* check URL against list of no_proxied sites */
656 			no_proxy = getoptionvalue("no_proxy");
657 			if (! EMPTYSTRING(no_proxy)) {
658 				char *np, *np_copy, *np_iter;
659 				unsigned long np_port;
660 				size_t hlen, plen;
661 
662 				np_iter = np_copy = ftp_strdup(no_proxy);
663 				hlen = strlen(host);
664 				while ((cp = strsep(&np_iter, " ,")) != NULL) {
665 					if (*cp == '\0')
666 						continue;
667 					if ((np = strrchr(cp, ':')) != NULL) {
668 						*np++ =  '\0';
669 						np_port = strtoul(np, &ep, 10);
670 						if (*np == '\0' || *ep != '\0')
671 							continue;
672 						if (np_port != portnum)
673 							continue;
674 					}
675 					plen = strlen(cp);
676 					if (hlen < plen)
677 						continue;
678 					if (strncasecmp(host + hlen - plen,
679 					    cp, plen) == 0) {
680 						isproxy = 0;
681 						break;
682 					}
683 				}
684 				FREEPTR(np_copy);
685 				if (isproxy == 0 && urltype == FTP_URL_T) {
686 					rval = fetch_ftp(url);
687 					goto cleanup_fetch_url;
688 				}
689 			}
690 
691 			if (isproxy) {
692 				if (restart_point) {
693 					warnx("Can't restart via proxy URL `%s'",
694 					    penv);
695 					goto cleanup_fetch_url;
696 				}
697 				if (parse_url(penv, "proxy URL", &purltype,
698 				    &puser, &ppass, &phost, &pport, &pportnum,
699 				    &ppath) == -1)
700 					goto cleanup_fetch_url;
701 
702 				if ((!IS_HTTP_TYPE(purltype)
703 				     && purltype != FTP_URL_T) ||
704 				    EMPTYSTRING(phost) ||
705 				    (! EMPTYSTRING(ppath)
706 				     && strcmp(ppath, "/") != 0)) {
707 					warnx("Malformed proxy URL `%s'", penv);
708 					FREEPTR(phost);
709 					FREEPTR(pport);
710 					FREEPTR(ppath);
711 					goto cleanup_fetch_url;
712 				}
713 				if (isipv6addr(host) &&
714 				    strchr(host, '%') != NULL) {
715 					warnx(
716 "Scoped address notation `%s' disallowed via web proxy",
717 					    host);
718 					FREEPTR(phost);
719 					FREEPTR(pport);
720 					FREEPTR(ppath);
721 					goto cleanup_fetch_url;
722 				}
723 
724 				FREEPTR(host);
725 				host = phost;
726 				FREEPTR(port);
727 				port = pport;
728 				FREEPTR(path);
729 				path = ftp_strdup(url);
730 				FREEPTR(ppath);
731 				urltype = purltype;
732 			}
733 		} /* ! EMPTYSTRING(penv) */
734 
735 		memset(&hints, 0, sizeof(hints));
736 		hints.ai_flags = 0;
737 		hints.ai_family = family;
738 		hints.ai_socktype = SOCK_STREAM;
739 		hints.ai_protocol = 0;
740 		error = getaddrinfo(host, port, &hints, &res0);
741 		if (error) {
742 			warnx("Can't LOOKUP `%s:%s': %s", host, port,
743 			    (error == EAI_SYSTEM) ? strerror(errno)
744 						  : gai_strerror(error));
745 			goto cleanup_fetch_url;
746 		}
747 		if (res0->ai_canonname)
748 			host = res0->ai_canonname;
749 
750 		s = -1;
751 #ifdef WITH_SSL
752 		ssl = NULL;
753 #endif
754 		for (res = res0; res; res = res->ai_next) {
755 			char	hname[NI_MAXHOST], sname[NI_MAXSERV];
756 
757 			ai_unmapped(res);
758 			if (getnameinfo(res->ai_addr, res->ai_addrlen,
759 			    hname, sizeof(hname), sname, sizeof(sname),
760 			    NI_NUMERICHOST | NI_NUMERICSERV) != 0) {
761 				strlcpy(hname, "?", sizeof(hname));
762 				strlcpy(sname, "?", sizeof(sname));
763 			}
764 
765 			if (verbose && res0->ai_next) {
766 				fprintf(ttyout, "Trying %s:%s ...\n",
767 				    hname, sname);
768 			}
769 
770 			s = socket(res->ai_family, SOCK_STREAM,
771 			    res->ai_protocol);
772 			if (s < 0) {
773 				warn(
774 				    "Can't create socket for connection to "
775 				    "`%s:%s'", hname, sname);
776 				continue;
777 			}
778 
779 			if (ftp_connect(s, res->ai_addr, res->ai_addrlen,
780 			    verbose || !res->ai_next) < 0) {
781 				close(s);
782 				s = -1;
783 				continue;
784 			}
785 
786 #ifdef WITH_SSL
787 			if (urltype == HTTPS_URL_T) {
788 				if ((ssl = fetch_start_ssl(s, host)) == NULL) {
789 					close(s);
790 					s = -1;
791 					continue;
792 				}
793 			}
794 #endif
795 
796 			/* success */
797 			break;
798 		}
799 
800 		if (s < 0) {
801 			warnx("Can't connect to `%s:%s'", host, port);
802 			goto cleanup_fetch_url;
803 		}
804 
805 		oldalrm = xsignal(SIGALRM, timeouthttp);
806 		alarmtimer(quit_time ? quit_time : 60);
807 		fin = fetch_fdopen(s, "r+");
808 		fetch_set_ssl(fin, ssl);
809 		alarmtimer(0);
810 
811 		alarmtimer(quit_time ? quit_time : 60);
812 		/*
813 		 * Construct and send the request.
814 		 */
815 		if (verbose)
816 			fprintf(ttyout, "Requesting %s\n", url);
817 		leading = "  (";
818 		hasleading = 0;
819 		if (isproxy) {
820 			if (verbose) {
821 				fprintf(ttyout, "%svia %s:%s", leading,
822 				    host, port);
823 				leading = ", ";
824 				hasleading++;
825 			}
826 			fetch_printf(fin, "GET %s HTTP/1.0\r\n", path);
827 			if (flushcache)
828 				fetch_printf(fin, "Pragma: no-cache\r\n");
829 		} else {
830 			fetch_printf(fin, "GET %s HTTP/1.1\r\n", path);
831 			if (strchr(host, ':')) {
832 				char *h, *p;
833 
834 				/*
835 				 * strip off IPv6 scope identifier, since it is
836 				 * local to the node
837 				 */
838 				h = ftp_strdup(host);
839 				if (isipv6addr(h) &&
840 				    (p = strchr(h, '%')) != NULL) {
841 					*p = '\0';
842 				}
843 				fetch_printf(fin, "Host: [%s]", h);
844 				free(h);
845 			} else
846 				fetch_printf(fin, "Host: %s", host);
847 #ifdef WITH_SSL
848 			if ((urltype == HTTP_URL_T && portnum != HTTP_PORT) ||
849 			    (urltype == HTTPS_URL_T && portnum != HTTPS_PORT))
850 #else
851 			if (portnum != HTTP_PORT)
852 #endif
853 				fetch_printf(fin, ":%u", portnum);
854 			fetch_printf(fin, "\r\n");
855 			fetch_printf(fin, "Accept: */*\r\n");
856 			fetch_printf(fin, "Connection: close\r\n");
857 			if (restart_point) {
858 				fputs(leading, ttyout);
859 				fetch_printf(fin, "Range: bytes=" LLF "-\r\n",
860 				    (LLT)restart_point);
861 				fprintf(ttyout, "restarting at " LLF,
862 				    (LLT)restart_point);
863 				leading = ", ";
864 				hasleading++;
865 			}
866 			if (flushcache)
867 				fetch_printf(fin, "Cache-Control: no-cache\r\n");
868 		}
869 		if ((useragent=getenv("FTPUSERAGENT")) != NULL) {
870 			fetch_printf(fin, "User-Agent: %s\r\n", useragent);
871 		} else {
872 			fetch_printf(fin, "User-Agent: %s/%s\r\n",
873 			    FTP_PRODUCT, FTP_VERSION);
874 		}
875 		if (wwwauth) {
876 			if (verbose) {
877 				fprintf(ttyout, "%swith authorization",
878 				    leading);
879 				leading = ", ";
880 				hasleading++;
881 			}
882 			fetch_printf(fin, "Authorization: %s\r\n", wwwauth);
883 		}
884 		if (proxyauth) {
885 			if (verbose) {
886 				fprintf(ttyout,
887 				    "%swith proxy authorization", leading);
888 				leading = ", ";
889 				hasleading++;
890 			}
891 			fetch_printf(fin, "Proxy-Authorization: %s\r\n", proxyauth);
892 		}
893 		if (verbose && hasleading)
894 			fputs(")\n", ttyout);
895 		fetch_printf(fin, "\r\n");
896 		if (fetch_flush(fin) == EOF) {
897 			warn("Writing HTTP request");
898 			alarmtimer(0);
899 			goto cleanup_fetch_url;
900 		}
901 		alarmtimer(0);
902 
903 				/* Read the response */
904 		alarmtimer(quit_time ? quit_time : 60);
905 		len = fetch_getline(fin, buf, sizeof(buf), &errormsg);
906 		alarmtimer(0);
907 		if (len < 0) {
908 			if (*errormsg == '\n')
909 				errormsg++;
910 			warnx("Receiving HTTP reply: %s", errormsg);
911 			goto cleanup_fetch_url;
912 		}
913 		while (len > 0 && (ISLWS(buf[len-1])))
914 			buf[--len] = '\0';
915 		DPRINTF("%s: received `%s'\n", __func__, buf);
916 
917 				/* Determine HTTP response code */
918 		cp = strchr(buf, ' ');
919 		if (cp == NULL)
920 			goto improper;
921 		else
922 			cp++;
923 		hcode = strtol(cp, &ep, 10);
924 		if (*ep != '\0' && !isspace((unsigned char)*ep))
925 			goto improper;
926 		message = ftp_strdup(cp);
927 
928 				/* Read the rest of the header. */
929 		while (1) {
930 			alarmtimer(quit_time ? quit_time : 60);
931 			len = fetch_getline(fin, buf, sizeof(buf), &errormsg);
932 			alarmtimer(0);
933 			if (len < 0) {
934 				if (*errormsg == '\n')
935 					errormsg++;
936 				warnx("Receiving HTTP reply: %s", errormsg);
937 				goto cleanup_fetch_url;
938 			}
939 			while (len > 0 && (ISLWS(buf[len-1])))
940 				buf[--len] = '\0';
941 			if (len == 0)
942 				break;
943 			DPRINTF("%s: received `%s'\n", __func__, buf);
944 
945 		/*
946 		 * Look for some headers
947 		 */
948 
949 			cp = buf;
950 
951 			if (match_token(&cp, "Content-Length:")) {
952 				filesize = STRTOLL(cp, &ep, 10);
953 				if (filesize < 0 || *ep != '\0')
954 					goto improper;
955 				DPRINTF("%s: parsed len as: " LLF "\n",
956 				    __func__, (LLT)filesize);
957 
958 			} else if (match_token(&cp, "Content-Range:")) {
959 				if (! match_token(&cp, "bytes"))
960 					goto improper;
961 
962 				if (*cp == '*')
963 					cp++;
964 				else {
965 					rangestart = STRTOLL(cp, &ep, 10);
966 					if (rangestart < 0 || *ep != '-')
967 						goto improper;
968 					cp = ep + 1;
969 					rangeend = STRTOLL(cp, &ep, 10);
970 					if (rangeend < 0 || rangeend < rangestart)
971 						goto improper;
972 					cp = ep;
973 				}
974 				if (*cp != '/')
975 					goto improper;
976 				cp++;
977 				if (*cp == '*')
978 					cp++;
979 				else {
980 					entitylen = STRTOLL(cp, &ep, 10);
981 					if (entitylen < 0)
982 						goto improper;
983 					cp = ep;
984 				}
985 				if (*cp != '\0')
986 					goto improper;
987 
988 #ifndef NO_DEBUG
989 				if (ftp_debug) {
990 					fprintf(ttyout, "parsed range as: ");
991 					if (rangestart == -1)
992 						fprintf(ttyout, "*");
993 					else
994 						fprintf(ttyout, LLF "-" LLF,
995 						    (LLT)rangestart,
996 						    (LLT)rangeend);
997 					fprintf(ttyout, "/" LLF "\n", (LLT)entitylen);
998 				}
999 #endif
1000 				if (! restart_point) {
1001 					warnx(
1002 				    "Received unexpected Content-Range header");
1003 					goto cleanup_fetch_url;
1004 				}
1005 
1006 			} else if (match_token(&cp, "Last-Modified:")) {
1007 				struct tm parsed;
1008 				const char *t;
1009 
1010 				memset(&parsed, 0, sizeof(parsed));
1011 				t = parse_rfc2616time(&parsed, cp);
1012 				if (t != NULL) {
1013 					parsed.tm_isdst = -1;
1014 					if (*t == '\0')
1015 						mtime = timegm(&parsed);
1016 #ifndef NO_DEBUG
1017 					if (ftp_debug && mtime != -1) {
1018 						fprintf(ttyout,
1019 						    "parsed time as: %s",
1020 						rfc2822time(localtime(&mtime)));
1021 					}
1022 #endif
1023 				}
1024 
1025 			} else if (match_token(&cp, "Location:")) {
1026 				location = ftp_strdup(cp);
1027 				DPRINTF("%s: parsed location as `%s'\n",
1028 				    __func__, cp);
1029 
1030 			} else if (match_token(&cp, "Transfer-Encoding:")) {
1031 				if (match_token(&cp, "binary")) {
1032 					warnx(
1033 			"Bogus transfer encoding `binary' (fetching anyway)");
1034 					continue;
1035 				}
1036 				if (! (token = match_token(&cp, "chunked"))) {
1037 					warnx(
1038 				    "Unsupported transfer encoding `%s'",
1039 					    token);
1040 					goto cleanup_fetch_url;
1041 				}
1042 				ischunked++;
1043 				DPRINTF("%s: using chunked encoding\n",
1044 				    __func__);
1045 
1046 			} else if (match_token(&cp, "Proxy-Authenticate:")
1047 				|| match_token(&cp, "WWW-Authenticate:")) {
1048 				if (! (token = match_token(&cp, "Basic"))) {
1049 					DPRINTF("%s: skipping unknown auth "
1050 					    "scheme `%s'\n", __func__, token);
1051 					continue;
1052 				}
1053 				FREEPTR(auth);
1054 				auth = ftp_strdup(token);
1055 				DPRINTF("%s: parsed auth as `%s'\n",
1056 				    __func__, cp);
1057 			}
1058 
1059 		}
1060 				/* finished parsing header */
1061 
1062 		switch (hcode) {
1063 		case 200:
1064 			break;
1065 		case 206:
1066 			if (! restart_point) {
1067 				warnx("Not expecting partial content header");
1068 				goto cleanup_fetch_url;
1069 			}
1070 			break;
1071 		case 300:
1072 		case 301:
1073 		case 302:
1074 		case 303:
1075 		case 305:
1076 		case 307:
1077 			if (EMPTYSTRING(location)) {
1078 				warnx(
1079 				"No redirection Location provided by server");
1080 				goto cleanup_fetch_url;
1081 			}
1082 			if (redirect_loop++ > 5) {
1083 				warnx("Too many redirections requested");
1084 				goto cleanup_fetch_url;
1085 			}
1086 			if (hcode == 305) {
1087 				if (verbose)
1088 					fprintf(ttyout, "Redirected via %s\n",
1089 					    location);
1090 				rval = fetch_url(url, location,
1091 				    proxyauth, wwwauth);
1092 			} else {
1093 				if (verbose)
1094 					fprintf(ttyout, "Redirected to %s\n",
1095 					    location);
1096 				rval = go_fetch(location);
1097 			}
1098 			goto cleanup_fetch_url;
1099 #ifndef NO_AUTH
1100 		case 401:
1101 		case 407:
1102 		    {
1103 			char **authp;
1104 			char *auser, *apass;
1105 
1106 			if (hcode == 401) {
1107 				authp = &wwwauth;
1108 				auser = uuser;
1109 				apass = pass;
1110 			} else {
1111 				authp = &proxyauth;
1112 				auser = puser;
1113 				apass = ppass;
1114 			}
1115 			if (verbose || *authp == NULL ||
1116 			    auser == NULL || apass == NULL)
1117 				fprintf(ttyout, "%s\n", message);
1118 			if (EMPTYSTRING(auth)) {
1119 				warnx(
1120 			    "No authentication challenge provided by server");
1121 				goto cleanup_fetch_url;
1122 			}
1123 			if (*authp != NULL) {
1124 				char reply[10];
1125 
1126 				fprintf(ttyout,
1127 				    "Authorization failed. Retry (y/n)? ");
1128 				if (get_line(stdin, reply, sizeof(reply), NULL)
1129 				    < 0) {
1130 					goto cleanup_fetch_url;
1131 				}
1132 				if (tolower((unsigned char)reply[0]) != 'y')
1133 					goto cleanup_fetch_url;
1134 				auser = NULL;
1135 				apass = NULL;
1136 			}
1137 			if (auth_url(auth, authp, auser, apass) == 0) {
1138 				rval = fetch_url(url, penv,
1139 				    proxyauth, wwwauth);
1140 				memset(*authp, 0, strlen(*authp));
1141 				FREEPTR(*authp);
1142 			}
1143 			goto cleanup_fetch_url;
1144 		    }
1145 #endif
1146 		default:
1147 			if (message)
1148 				warnx("Error retrieving file `%s'", message);
1149 			else
1150 				warnx("Unknown error retrieving file");
1151 			goto cleanup_fetch_url;
1152 		}
1153 	}		/* end of ftp:// or http:// specific setup */
1154 
1155 	/* Open the output file. */
1156 
1157 	/*
1158 	 * Only trust filenames with special meaning if they came from
1159 	 * the command line
1160 	 */
1161 	if (outfile == savefile) {
1162 		if (strcmp(savefile, "-") == 0) {
1163 			fout = stdout;
1164 		} else if (*savefile == '|') {
1165 			oldpipe = xsignal(SIGPIPE, SIG_IGN);
1166 			fout = popen(savefile + 1, "w");
1167 			if (fout == NULL) {
1168 				warn("Can't execute `%s'", savefile + 1);
1169 				goto cleanup_fetch_url;
1170 			}
1171 			closefunc = pclose;
1172 		}
1173 	}
1174 	if (fout == NULL) {
1175 		if ((rangeend != -1 && rangeend <= restart_point) ||
1176 		    (rangestart == -1 && filesize != -1 && filesize <= restart_point)) {
1177 			/* already done */
1178 			if (verbose)
1179 				fprintf(ttyout, "already done\n");
1180 			rval = 0;
1181 			goto cleanup_fetch_url;
1182 		}
1183 		if (restart_point && rangestart != -1) {
1184 			if (entitylen != -1)
1185 				filesize = entitylen;
1186 			if (rangestart != restart_point) {
1187 				warnx(
1188 				    "Size of `%s' differs from save file `%s'",
1189 				    url, savefile);
1190 				goto cleanup_fetch_url;
1191 			}
1192 			fout = fopen(savefile, "a");
1193 		} else
1194 			fout = fopen(savefile, "w");
1195 		if (fout == NULL) {
1196 			warn("Can't open `%s'", savefile);
1197 			goto cleanup_fetch_url;
1198 		}
1199 		closefunc = fclose;
1200 	}
1201 
1202 			/* Trap signals */
1203 	oldquit = xsignal(SIGQUIT, psummary);
1204 	oldint = xsignal(SIGINT, aborthttp);
1205 
1206 	assert(rcvbuf_size > 0);
1207 	if ((size_t)rcvbuf_size > bufsize) {
1208 		if (xferbuf)
1209 			(void)free(xferbuf);
1210 		bufsize = rcvbuf_size;
1211 		xferbuf = ftp_malloc(bufsize);
1212 	}
1213 
1214 	bytes = 0;
1215 	hashbytes = mark;
1216 	if (oldalrm) {
1217 		(void)xsignal(SIGALRM, oldalrm);
1218 		oldalrm = NULL;
1219 	}
1220 	progressmeter(-1);
1221 
1222 			/* Finally, suck down the file. */
1223 	do {
1224 		long chunksize;
1225 		short lastchunk;
1226 
1227 		chunksize = 0;
1228 		lastchunk = 0;
1229 					/* read chunk-size */
1230 		if (ischunked) {
1231 			if (fetch_getln(xferbuf, bufsize, fin) == NULL) {
1232 				warnx("Unexpected EOF reading chunk-size");
1233 				goto cleanup_fetch_url;
1234 			}
1235 			errno = 0;
1236 			chunksize = strtol(xferbuf, &ep, 16);
1237 			if (ep == xferbuf) {
1238 				warnx("Invalid chunk-size");
1239 				goto cleanup_fetch_url;
1240 			}
1241 			if (errno == ERANGE || chunksize < 0) {
1242 				errno = ERANGE;
1243 				warn("Chunk-size `%.*s'",
1244 				    (int)(ep-xferbuf), xferbuf);
1245 				goto cleanup_fetch_url;
1246 			}
1247 
1248 				/*
1249 				 * XXX:	Work around bug in Apache 1.3.9 and
1250 				 *	1.3.11, which incorrectly put trailing
1251 				 *	space after the chunk-size.
1252 				 */
1253 			while (*ep == ' ')
1254 				ep++;
1255 
1256 					/* skip [ chunk-ext ] */
1257 			if (*ep == ';') {
1258 				while (*ep && *ep != '\r')
1259 					ep++;
1260 			}
1261 
1262 			if (strcmp(ep, "\r\n") != 0) {
1263 				warnx("Unexpected data following chunk-size");
1264 				goto cleanup_fetch_url;
1265 			}
1266 			DPRINTF("%s: got chunk-size of " LLF "\n", __func__,
1267 			    (LLT)chunksize);
1268 			if (chunksize == 0) {
1269 				lastchunk = 1;
1270 				goto chunkdone;
1271 			}
1272 		}
1273 					/* transfer file or chunk */
1274 		while (1) {
1275 			struct timeval then, now, td;
1276 			volatile off_t bufrem;
1277 
1278 			if (rate_get)
1279 				(void)gettimeofday(&then, NULL);
1280 			bufrem = rate_get ? rate_get : (off_t)bufsize;
1281 			if (ischunked)
1282 				bufrem = MIN(chunksize, bufrem);
1283 			while (bufrem > 0) {
1284 				flen = fetch_read(xferbuf, sizeof(char),
1285 				    MIN((off_t)bufsize, bufrem), fin);
1286 				if (flen <= 0)
1287 					goto chunkdone;
1288 				bytes += flen;
1289 				bufrem -= flen;
1290 				if (fwrite(xferbuf, sizeof(char), flen, fout)
1291 				    != flen) {
1292 					warn("Writing `%s'", savefile);
1293 					goto cleanup_fetch_url;
1294 				}
1295 				if (hash && !progress) {
1296 					while (bytes >= hashbytes) {
1297 						(void)putc('#', ttyout);
1298 						hashbytes += mark;
1299 					}
1300 					(void)fflush(ttyout);
1301 				}
1302 				if (ischunked) {
1303 					chunksize -= flen;
1304 					if (chunksize <= 0)
1305 						break;
1306 				}
1307 			}
1308 			if (rate_get) {
1309 				while (1) {
1310 					(void)gettimeofday(&now, NULL);
1311 					timersub(&now, &then, &td);
1312 					if (td.tv_sec > 0)
1313 						break;
1314 					usleep(1000000 - td.tv_usec);
1315 				}
1316 			}
1317 			if (ischunked && chunksize <= 0)
1318 				break;
1319 		}
1320 					/* read CRLF after chunk*/
1321  chunkdone:
1322 		if (ischunked) {
1323 			if (fetch_getln(xferbuf, bufsize, fin) == NULL) {
1324 				alarmtimer(0);
1325 				warnx("Unexpected EOF reading chunk CRLF");
1326 				goto cleanup_fetch_url;
1327 			}
1328 			if (strcmp(xferbuf, "\r\n") != 0) {
1329 				warnx("Unexpected data following chunk");
1330 				goto cleanup_fetch_url;
1331 			}
1332 			if (lastchunk)
1333 				break;
1334 		}
1335 	} while (ischunked);
1336 
1337 /* XXX: deal with optional trailer & CRLF here? */
1338 
1339 	if (hash && !progress && bytes > 0) {
1340 		if (bytes < mark)
1341 			(void)putc('#', ttyout);
1342 		(void)putc('\n', ttyout);
1343 	}
1344 	if (fetch_error(fin)) {
1345 		warn("Reading file");
1346 		goto cleanup_fetch_url;
1347 	}
1348 	progressmeter(1);
1349 	(void)fflush(fout);
1350 	if (closefunc == fclose && mtime != -1) {
1351 		struct timeval tval[2];
1352 
1353 		(void)gettimeofday(&tval[0], NULL);
1354 		tval[1].tv_sec = mtime;
1355 		tval[1].tv_usec = 0;
1356 		(*closefunc)(fout);
1357 		fout = NULL;
1358 
1359 		if (utimes(savefile, tval) == -1) {
1360 			fprintf(ttyout,
1361 			    "Can't change modification time to %s",
1362 			    rfc2822time(localtime(&mtime)));
1363 		}
1364 	}
1365 	if (bytes > 0)
1366 		ptransfer(0);
1367 	bytes = 0;
1368 
1369 	rval = 0;
1370 	goto cleanup_fetch_url;
1371 
1372  improper:
1373 	warnx("Improper response from `%s:%s'", host, port);
1374 
1375  cleanup_fetch_url:
1376 	if (oldint)
1377 		(void)xsignal(SIGINT, oldint);
1378 	if (oldpipe)
1379 		(void)xsignal(SIGPIPE, oldpipe);
1380 	if (oldalrm)
1381 		(void)xsignal(SIGALRM, oldalrm);
1382 	if (oldquit)
1383 		(void)xsignal(SIGQUIT, oldpipe);
1384 	if (fin != NULL)
1385 		fetch_close(fin);
1386 	else if (s != -1)
1387 		close(s);
1388 	if (closefunc != NULL && fout != NULL)
1389 		(*closefunc)(fout);
1390 	if (res0)
1391 		freeaddrinfo(res0);
1392 	if (savefile != outfile)
1393 		FREEPTR(savefile);
1394 	FREEPTR(uuser);
1395 	if (pass != NULL)
1396 		memset(pass, 0, strlen(pass));
1397 	FREEPTR(pass);
1398 	FREEPTR(host);
1399 	FREEPTR(port);
1400 	FREEPTR(path);
1401 	FREEPTR(decodedpath);
1402 	FREEPTR(puser);
1403 	if (ppass != NULL)
1404 		memset(ppass, 0, strlen(ppass));
1405 	FREEPTR(ppass);
1406 	FREEPTR(auth);
1407 	FREEPTR(location);
1408 	FREEPTR(message);
1409 	return (rval);
1410 }
1411 
1412 /*
1413  * Abort a HTTP retrieval
1414  */
1415 static void
aborthttp(int notused)1416 aborthttp(int notused)
1417 {
1418 	char msgbuf[100];
1419 	int len;
1420 
1421 	sigint_raised = 1;
1422 	alarmtimer(0);
1423 	if (fromatty) {
1424 		len = snprintf(msgbuf, sizeof(msgbuf),
1425 		    "\n%s: HTTP fetch aborted.\n", getprogname());
1426 		if (len > 0)
1427 			write(fileno(ttyout), msgbuf, len);
1428 	}
1429 	siglongjmp(httpabort, 1);
1430 }
1431 
1432 static void
timeouthttp(int notused)1433 timeouthttp(int notused)
1434 {
1435 	char msgbuf[100];
1436 	int len;
1437 
1438 	alarmtimer(0);
1439 	if (fromatty) {
1440 		len = snprintf(msgbuf, sizeof(msgbuf),
1441 		    "\n%s: HTTP fetch timeout.\n", getprogname());
1442 		if (len > 0)
1443 			write(fileno(ttyout), msgbuf, len);
1444 	}
1445 	siglongjmp(httpabort, 1);
1446 }
1447 
1448 /*
1449  * Retrieve ftp URL or classic ftp argument using FTP.
1450  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1451  * is still open (e.g, ftp xfer with trailing /)
1452  */
1453 static int
fetch_ftp(const char * url)1454 fetch_ftp(const char *url)
1455 {
1456 	char		*cp, *xargv[5], rempath[MAXPATHLEN];
1457 	char		*host, *path, *dir, *file, *uuser, *pass;
1458 	char		*port;
1459 	char		 cmdbuf[MAXPATHLEN];
1460 	char		 dirbuf[4];
1461 	int		 dirhasglob, filehasglob, rval, transtype, xargc;
1462 	int		 oanonftp, oautologin;
1463 	in_port_t	 portnum;
1464 	url_t		 urltype;
1465 
1466 	DPRINTF("fetch_ftp: `%s'\n", url);
1467 	host = path = dir = file = uuser = pass = NULL;
1468 	port = NULL;
1469 	rval = 1;
1470 	transtype = TYPE_I;
1471 
1472 	if (STRNEQUAL(url, FTP_URL)) {
1473 		if ((parse_url(url, "URL", &urltype, &uuser, &pass,
1474 		    &host, &port, &portnum, &path) == -1) ||
1475 		    (uuser != NULL && *uuser == '\0') ||
1476 		    EMPTYSTRING(host)) {
1477 			warnx("Invalid URL `%s'", url);
1478 			goto cleanup_fetch_ftp;
1479 		}
1480 		/*
1481 		 * Note: Don't url_decode(path) here.  We need to keep the
1482 		 * distinction between "/" and "%2F" until later.
1483 		 */
1484 
1485 					/* check for trailing ';type=[aid]' */
1486 		if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) {
1487 			if (strcasecmp(cp, ";type=a") == 0)
1488 				transtype = TYPE_A;
1489 			else if (strcasecmp(cp, ";type=i") == 0)
1490 				transtype = TYPE_I;
1491 			else if (strcasecmp(cp, ";type=d") == 0) {
1492 				warnx(
1493 			    "Directory listing via a URL is not supported");
1494 				goto cleanup_fetch_ftp;
1495 			} else {
1496 				warnx("Invalid suffix `%s' in URL `%s'", cp,
1497 				    url);
1498 				goto cleanup_fetch_ftp;
1499 			}
1500 			*cp = 0;
1501 		}
1502 	} else {			/* classic style `[user@]host:[file]' */
1503 		urltype = CLASSIC_URL_T;
1504 		host = ftp_strdup(url);
1505 		cp = strchr(host, '@');
1506 		if (cp != NULL) {
1507 			*cp = '\0';
1508 			uuser = host;
1509 			anonftp = 0;	/* disable anonftp */
1510 			host = ftp_strdup(cp + 1);
1511 		}
1512 		cp = strchr(host, ':');
1513 		if (cp != NULL) {
1514 			*cp = '\0';
1515 			path = ftp_strdup(cp + 1);
1516 		}
1517 	}
1518 	if (EMPTYSTRING(host))
1519 		goto cleanup_fetch_ftp;
1520 
1521 			/* Extract the file and (if present) directory name. */
1522 	dir = path;
1523 	if (! EMPTYSTRING(dir)) {
1524 		/*
1525 		 * If we are dealing with classic `[user@]host:[path]' syntax,
1526 		 * then a path of the form `/file' (resulting from input of the
1527 		 * form `host:/file') means that we should do "CWD /" before
1528 		 * retrieving the file.  So we set dir="/" and file="file".
1529 		 *
1530 		 * But if we are dealing with URLs like `ftp://host/path' then
1531 		 * a path of the form `/file' (resulting from a URL of the form
1532 		 * `ftp://host//file') means that we should do `CWD ' (with an
1533 		 * empty argument) before retrieving the file.  So we set
1534 		 * dir="" and file="file".
1535 		 *
1536 		 * If the path does not contain / at all, we set dir=NULL.
1537 		 * (We get a path without any slashes if we are dealing with
1538 		 * classic `[user@]host:[file]' or URL `ftp://host/file'.)
1539 		 *
1540 		 * In all other cases, we set dir to a string that does not
1541 		 * include the final '/' that separates the dir part from the
1542 		 * file part of the path.  (This will be the empty string if
1543 		 * and only if we are dealing with a path of the form `/file'
1544 		 * resulting from an URL of the form `ftp://host//file'.)
1545 		 */
1546 		cp = strrchr(dir, '/');
1547 		if (cp == dir && urltype == CLASSIC_URL_T) {
1548 			file = cp + 1;
1549 			(void)strlcpy(dirbuf, "/", sizeof(dirbuf));
1550 			dir = dirbuf;
1551 		} else if (cp != NULL) {
1552 			*cp++ = '\0';
1553 			file = cp;
1554 		} else {
1555 			file = dir;
1556 			dir = NULL;
1557 		}
1558 	} else
1559 		dir = NULL;
1560 	if (urltype == FTP_URL_T && file != NULL) {
1561 		url_decode(file);
1562 		/* but still don't url_decode(dir) */
1563 	}
1564 	DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s "
1565 	    "path `%s' dir `%s' file `%s'\n",
1566 	    STRorNULL(uuser), STRorNULL(pass),
1567 	    STRorNULL(host), STRorNULL(port),
1568 	    STRorNULL(path), STRorNULL(dir), STRorNULL(file));
1569 
1570 	dirhasglob = filehasglob = 0;
1571 	if (doglob && urltype == CLASSIC_URL_T) {
1572 		if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL)
1573 			dirhasglob = 1;
1574 		if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL)
1575 			filehasglob = 1;
1576 	}
1577 
1578 			/* Set up the connection */
1579 	oanonftp = anonftp;
1580 	if (connected)
1581 		disconnect(0, NULL);
1582 	anonftp = oanonftp;
1583 	(void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf));
1584 	xargv[0] = cmdbuf;
1585 	xargv[1] = host;
1586 	xargv[2] = NULL;
1587 	xargc = 2;
1588 	if (port) {
1589 		xargv[2] = port;
1590 		xargv[3] = NULL;
1591 		xargc = 3;
1592 	}
1593 	oautologin = autologin;
1594 		/* don't autologin in setpeer(), use ftp_login() below */
1595 	autologin = 0;
1596 	setpeer(xargc, xargv);
1597 	autologin = oautologin;
1598 	if ((connected == 0) ||
1599 	    (connected == 1 && !ftp_login(host, uuser, pass))) {
1600 		warnx("Can't connect or login to host `%s:%s'",
1601 			host, port ? port : "?");
1602 		goto cleanup_fetch_ftp;
1603 	}
1604 
1605 	switch (transtype) {
1606 	case TYPE_A:
1607 		setascii(1, xargv);
1608 		break;
1609 	case TYPE_I:
1610 		setbinary(1, xargv);
1611 		break;
1612 	default:
1613 		errx(1, "fetch_ftp: unknown transfer type %d", transtype);
1614 	}
1615 
1616 		/*
1617 		 * Change directories, if necessary.
1618 		 *
1619 		 * Note: don't use EMPTYSTRING(dir) below, because
1620 		 * dir=="" means something different from dir==NULL.
1621 		 */
1622 	if (dir != NULL && !dirhasglob) {
1623 		char *nextpart;
1624 
1625 		/*
1626 		 * If we are dealing with a classic `[user@]host:[path]'
1627 		 * (urltype is CLASSIC_URL_T) then we have a raw directory
1628 		 * name (not encoded in any way) and we can change
1629 		 * directories in one step.
1630 		 *
1631 		 * If we are dealing with an `ftp://host/path' URL
1632 		 * (urltype is FTP_URL_T), then RFC 3986 says we need to
1633 		 * send a separate CWD command for each unescaped "/"
1634 		 * in the path, and we have to interpret %hex escaping
1635 		 * *after* we find the slashes.  It's possible to get
1636 		 * empty components here, (from multiple adjacent
1637 		 * slashes in the path) and RFC 3986 says that we should
1638 		 * still do `CWD ' (with a null argument) in such cases.
1639 		 *
1640 		 * Many ftp servers don't support `CWD ', so if there's an
1641 		 * error performing that command, bail out with a descriptive
1642 		 * message.
1643 		 *
1644 		 * Examples:
1645 		 *
1646 		 * host:			dir="", urltype=CLASSIC_URL_T
1647 		 *		logged in (to default directory)
1648 		 * host:file			dir=NULL, urltype=CLASSIC_URL_T
1649 		 *		"RETR file"
1650 		 * host:dir/			dir="dir", urltype=CLASSIC_URL_T
1651 		 *		"CWD dir", logged in
1652 		 * ftp://host/			dir="", urltype=FTP_URL_T
1653 		 *		logged in (to default directory)
1654 		 * ftp://host/dir/		dir="dir", urltype=FTP_URL_T
1655 		 *		"CWD dir", logged in
1656 		 * ftp://host/file		dir=NULL, urltype=FTP_URL_T
1657 		 *		"RETR file"
1658 		 * ftp://host//file		dir="", urltype=FTP_URL_T
1659 		 *		"CWD ", "RETR file"
1660 		 * host:/file			dir="/", urltype=CLASSIC_URL_T
1661 		 *		"CWD /", "RETR file"
1662 		 * ftp://host///file		dir="/", urltype=FTP_URL_T
1663 		 *		"CWD ", "CWD ", "RETR file"
1664 		 * ftp://host/%2F/file		dir="%2F", urltype=FTP_URL_T
1665 		 *		"CWD /", "RETR file"
1666 		 * ftp://host/foo/file		dir="foo", urltype=FTP_URL_T
1667 		 *		"CWD foo", "RETR file"
1668 		 * ftp://host/foo/bar/file	dir="foo/bar"
1669 		 *		"CWD foo", "CWD bar", "RETR file"
1670 		 * ftp://host//foo/bar/file	dir="/foo/bar"
1671 		 *		"CWD ", "CWD foo", "CWD bar", "RETR file"
1672 		 * ftp://host/foo//bar/file	dir="foo//bar"
1673 		 *		"CWD foo", "CWD ", "CWD bar", "RETR file"
1674 		 * ftp://host/%2F/foo/bar/file	dir="%2F/foo/bar"
1675 		 *		"CWD /", "CWD foo", "CWD bar", "RETR file"
1676 		 * ftp://host/%2Ffoo/bar/file	dir="%2Ffoo/bar"
1677 		 *		"CWD /foo", "CWD bar", "RETR file"
1678 		 * ftp://host/%2Ffoo%2Fbar/file	dir="%2Ffoo%2Fbar"
1679 		 *		"CWD /foo/bar", "RETR file"
1680 		 * ftp://host/%2Ffoo%2Fbar%2Ffile	dir=NULL
1681 		 *		"RETR /foo/bar/file"
1682 		 *
1683 		 * Note that we don't need `dir' after this point.
1684 		 */
1685 		do {
1686 			if (urltype == FTP_URL_T) {
1687 				nextpart = strchr(dir, '/');
1688 				if (nextpart) {
1689 					*nextpart = '\0';
1690 					nextpart++;
1691 				}
1692 				url_decode(dir);
1693 			} else
1694 				nextpart = NULL;
1695 			DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n",
1696 			    STRorNULL(dir), STRorNULL(nextpart));
1697 			if (urltype == FTP_URL_T || *dir != '\0') {
1698 				(void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf));
1699 				xargv[0] = cmdbuf;
1700 				xargv[1] = dir;
1701 				xargv[2] = NULL;
1702 				dirchange = 0;
1703 				cd(2, xargv);
1704 				if (! dirchange) {
1705 					if (*dir == '\0' && code == 500)
1706 						fprintf(stderr,
1707 "\n"
1708 "ftp: The `CWD ' command (without a directory), which is required by\n"
1709 "     RFC 3986 to support the empty directory in the URL pathname (`//'),\n"
1710 "     conflicts with the server's conformance to RFC 959.\n"
1711 "     Try the same URL without the `//' in the URL pathname.\n"
1712 "\n");
1713 					goto cleanup_fetch_ftp;
1714 				}
1715 			}
1716 			dir = nextpart;
1717 		} while (dir != NULL);
1718 	}
1719 
1720 	if (EMPTYSTRING(file)) {
1721 		rval = -1;
1722 		goto cleanup_fetch_ftp;
1723 	}
1724 
1725 	if (dirhasglob) {
1726 		(void)strlcpy(rempath, dir,	sizeof(rempath));
1727 		(void)strlcat(rempath, "/",	sizeof(rempath));
1728 		(void)strlcat(rempath, file,	sizeof(rempath));
1729 		file = rempath;
1730 	}
1731 
1732 			/* Fetch the file(s). */
1733 	xargc = 2;
1734 	(void)strlcpy(cmdbuf, "get", sizeof(cmdbuf));
1735 	xargv[0] = cmdbuf;
1736 	xargv[1] = file;
1737 	xargv[2] = NULL;
1738 	if (dirhasglob || filehasglob) {
1739 		int ointeractive;
1740 
1741 		ointeractive = interactive;
1742 		interactive = 0;
1743 		if (restartautofetch)
1744 			(void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf));
1745 		else
1746 			(void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf));
1747 		xargv[0] = cmdbuf;
1748 		mget(xargc, xargv);
1749 		interactive = ointeractive;
1750 	} else {
1751 		if (outfile == NULL) {
1752 			cp = strrchr(file, '/');	/* find savefile */
1753 			if (cp != NULL)
1754 				outfile = cp + 1;
1755 			else
1756 				outfile = file;
1757 		}
1758 		xargv[2] = (char *)outfile;
1759 		xargv[3] = NULL;
1760 		xargc++;
1761 		if (restartautofetch)
1762 			reget(xargc, xargv);
1763 		else
1764 			get(xargc, xargv);
1765 	}
1766 
1767 	if ((code / 100) == COMPLETE)
1768 		rval = 0;
1769 
1770  cleanup_fetch_ftp:
1771 	FREEPTR(port);
1772 	FREEPTR(host);
1773 	FREEPTR(path);
1774 	FREEPTR(uuser);
1775 	if (pass)
1776 		memset(pass, 0, strlen(pass));
1777 	FREEPTR(pass);
1778 	return (rval);
1779 }
1780 
1781 /*
1782  * Retrieve the given file to outfile.
1783  * Supports arguments of the form:
1784  *	"host:path", "ftp://host/path"	if $ftpproxy, call fetch_url() else
1785  *					call fetch_ftp()
1786  *	"http://host/path"		call fetch_url() to use HTTP
1787  *	"file:///path"			call fetch_url() to copy
1788  *	"about:..."			print a message
1789  *
1790  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1791  * is still open (e.g, ftp xfer with trailing /)
1792  */
1793 static int
go_fetch(const char * url)1794 go_fetch(const char *url)
1795 {
1796 	char *proxyenv;
1797 	char *p;
1798 
1799 #ifndef NO_ABOUT
1800 	/*
1801 	 * Check for about:*
1802 	 */
1803 	if (STRNEQUAL(url, ABOUT_URL)) {
1804 		url += sizeof(ABOUT_URL) -1;
1805 		if (strcasecmp(url, "ftp") == 0 ||
1806 		    strcasecmp(url, "tnftp") == 0) {
1807 			fputs(
1808 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n"
1809 "for the NetBSD project.  Execute `man ftp' for more details.\n", ttyout);
1810 		} else if (strcasecmp(url, "lukem") == 0) {
1811 			fputs(
1812 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n"
1813 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout);
1814 		} else if (strcasecmp(url, "netbsd") == 0) {
1815 			fputs(
1816 "NetBSD is a freely available and redistributable UNIX-like operating system.\n"
1817 "For more information, see http://www.NetBSD.org/\n", ttyout);
1818 		} else if (strcasecmp(url, "version") == 0) {
1819 			fprintf(ttyout, "Version: %s %s%s\n",
1820 			    FTP_PRODUCT, FTP_VERSION,
1821 #ifdef INET6
1822 			    ""
1823 #else
1824 			    " (-IPv6)"
1825 #endif
1826 			);
1827 		} else {
1828 			fprintf(ttyout, "`%s' is an interesting topic.\n", url);
1829 		}
1830 		fputs("\n", ttyout);
1831 		return (0);
1832 	}
1833 #endif
1834 
1835 	/*
1836 	 * Check for file:// and http:// URLs.
1837 	 */
1838 	if (STRNEQUAL(url, HTTP_URL)
1839 #ifdef WITH_SSL
1840 	    || STRNEQUAL(url, HTTPS_URL)
1841 #endif
1842 	    || STRNEQUAL(url, FILE_URL))
1843 		return (fetch_url(url, NULL, NULL, NULL));
1844 
1845 	/*
1846 	 * If it contains "://" but does not begin with ftp://
1847 	 * or something that was already handled, then it's
1848 	 * unsupported.
1849 	 *
1850 	 * If it contains ":" but not "://" then we assume the
1851 	 * part before the colon is a host name, not an URL scheme,
1852 	 * so we don't try to match that here.
1853 	 */
1854 	if ((p = strstr(url, "://")) != NULL && ! STRNEQUAL(url, FTP_URL))
1855 		errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url);
1856 
1857 	/*
1858 	 * Try FTP URL-style and host:file arguments next.
1859 	 * If ftpproxy is set with an FTP URL, use fetch_url()
1860 	 * Othewise, use fetch_ftp().
1861 	 */
1862 	proxyenv = getoptionvalue("ftp_proxy");
1863 	if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL))
1864 		return (fetch_url(url, NULL, NULL, NULL));
1865 
1866 	return (fetch_ftp(url));
1867 }
1868 
1869 /*
1870  * Retrieve multiple files from the command line,
1871  * calling go_fetch() for each file.
1872  *
1873  * If an ftp path has a trailing "/", the path will be cd-ed into and
1874  * the connection remains open, and the function will return -1
1875  * (to indicate the connection is alive).
1876  * If an error occurs the return value will be the offset+1 in
1877  * argv[] of the file that caused a problem (i.e, argv[x]
1878  * returns x+1)
1879  * Otherwise, 0 is returned if all files retrieved successfully.
1880  */
1881 int
auto_fetch(int argc,char * argv[])1882 auto_fetch(int argc, char *argv[])
1883 {
1884 	volatile int	argpos, rval;
1885 
1886 	argpos = rval = 0;
1887 
1888 	if (sigsetjmp(toplevel, 1)) {
1889 		if (connected)
1890 			disconnect(0, NULL);
1891 		if (rval > 0)
1892 			rval = argpos + 1;
1893 		return (rval);
1894 	}
1895 	(void)xsignal(SIGINT, intr);
1896 	(void)xsignal(SIGPIPE, lostpeer);
1897 
1898 	/*
1899 	 * Loop through as long as there's files to fetch.
1900 	 */
1901 	for (; (rval == 0) && (argpos < argc); argpos++) {
1902 		if (strchr(argv[argpos], ':') == NULL)
1903 			break;
1904 		redirect_loop = 0;
1905 		if (!anonftp)
1906 			anonftp = 2;	/* Handle "automatic" transfers. */
1907 		rval = go_fetch(argv[argpos]);
1908 		if (outfile != NULL && strcmp(outfile, "-") != 0
1909 		    && outfile[0] != '|')
1910 			outfile = NULL;
1911 		if (rval > 0)
1912 			rval = argpos + 1;
1913 	}
1914 
1915 	if (connected && rval != -1)
1916 		disconnect(0, NULL);
1917 	return (rval);
1918 }
1919 
1920 
1921 /*
1922  * Upload multiple files from the command line.
1923  *
1924  * If an error occurs the return value will be the offset+1 in
1925  * argv[] of the file that caused a problem (i.e, argv[x]
1926  * returns x+1)
1927  * Otherwise, 0 is returned if all files uploaded successfully.
1928  */
1929 int
auto_put(int argc,char ** argv,const char * uploadserver)1930 auto_put(int argc, char **argv, const char *uploadserver)
1931 {
1932 	char	*uargv[4], *path, *pathsep;
1933 	int	 uargc, rval, argpos;
1934 	size_t	 len;
1935 	char	 cmdbuf[MAX_C_NAME];
1936 
1937 	(void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf));
1938 	uargv[0] = cmdbuf;
1939 	uargv[1] = argv[0];
1940 	uargc = 2;
1941 	uargv[2] = uargv[3] = NULL;
1942 	pathsep = NULL;
1943 	rval = 1;
1944 
1945 	DPRINTF("auto_put: target `%s'\n", uploadserver);
1946 
1947 	path = ftp_strdup(uploadserver);
1948 	len = strlen(path);
1949 	if (path[len - 1] != '/' && path[len - 1] != ':') {
1950 			/*
1951 			 * make sure we always pass a directory to auto_fetch
1952 			 */
1953 		if (argc > 1) {		/* more than one file to upload */
1954 			len = strlen(uploadserver) + 2;	/* path + "/" + "\0" */
1955 			free(path);
1956 			path = (char *)ftp_malloc(len);
1957 			(void)strlcpy(path, uploadserver, len);
1958 			(void)strlcat(path, "/", len);
1959 		} else {		/* single file to upload */
1960 			(void)strlcpy(cmdbuf, "put", sizeof(cmdbuf));
1961 			uargv[0] = cmdbuf;
1962 			pathsep = strrchr(path, '/');
1963 			if (pathsep == NULL) {
1964 				pathsep = strrchr(path, ':');
1965 				if (pathsep == NULL) {
1966 					warnx("Invalid URL `%s'", path);
1967 					goto cleanup_auto_put;
1968 				}
1969 				pathsep++;
1970 				uargv[2] = ftp_strdup(pathsep);
1971 				pathsep[0] = '/';
1972 			} else
1973 				uargv[2] = ftp_strdup(pathsep + 1);
1974 			pathsep[1] = '\0';
1975 			uargc++;
1976 		}
1977 	}
1978 	DPRINTF("auto_put: URL `%s' argv[2] `%s'\n",
1979 	    path, STRorNULL(uargv[2]));
1980 
1981 			/* connect and cwd */
1982 	rval = auto_fetch(1, &path);
1983 	if(rval >= 0)
1984 		goto cleanup_auto_put;
1985 
1986 	rval = 0;
1987 
1988 			/* target filename provided; upload 1 file */
1989 			/* XXX : is this the best way? */
1990 	if (uargc == 3) {
1991 		uargv[1] = argv[0];
1992 		put(uargc, uargv);
1993 		if ((code / 100) != COMPLETE)
1994 			rval = 1;
1995 	} else {	/* otherwise a target dir: upload all files to it */
1996 		for(argpos = 0; argv[argpos] != NULL; argpos++) {
1997 			uargv[1] = argv[argpos];
1998 			mput(uargc, uargv);
1999 			if ((code / 100) != COMPLETE) {
2000 				rval = argpos + 1;
2001 				break;
2002 			}
2003 		}
2004 	}
2005 
2006  cleanup_auto_put:
2007 	free(path);
2008 	FREEPTR(uargv[2]);
2009 	return (rval);
2010 }
2011