1 /* $NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $ */
2
3 /*-
4 * Copyright (c) 1997-2015 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Luke Mewburn.
9 *
10 * This code is derived from software contributed to The NetBSD Foundation
11 * by Scott Aaron Bamford.
12 *
13 * This code is derived from software contributed to The NetBSD Foundation
14 * by Thomas Klausner.
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
19 * 1. Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
26 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35 * POSSIBILITY OF SUCH DAMAGE.
36 */
37
38 #include <sys/cdefs.h>
39 #ifndef lint
40 __RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $");
41 #endif /* not lint */
42
43 /*
44 * FTP User Program -- Command line file retrieval
45 */
46
47 #include <sys/types.h>
48 #include <sys/param.h>
49 #include <sys/socket.h>
50 #include <sys/stat.h>
51 #include <sys/time.h>
52
53 #include <netinet/in.h>
54
55 #include <arpa/ftp.h>
56 #include <arpa/inet.h>
57
58 #include <assert.h>
59 #include <ctype.h>
60 #include <err.h>
61 #include <errno.h>
62 #include <netdb.h>
63 #include <fcntl.h>
64 #include <stdio.h>
65 #include <stdlib.h>
66 #include <string.h>
67 #include <unistd.h>
68 #include <time.h>
69
70 #include "ssl.h"
71 #include "ftp_var.h"
72 #include "version.h"
73
74 typedef enum {
75 UNKNOWN_URL_T=-1,
76 HTTP_URL_T,
77 #ifdef WITH_SSL
78 HTTPS_URL_T,
79 #endif
80 FTP_URL_T,
81 FILE_URL_T,
82 CLASSIC_URL_T
83 } url_t;
84
85 __dead static void aborthttp(int);
86 __dead static void timeouthttp(int);
87 #ifndef NO_AUTH
88 static int auth_url(const char *, char **, const char *, const char *);
89 static void base64_encode(const unsigned char *, size_t, unsigned char *);
90 #endif
91 static int go_fetch(const char *);
92 static int fetch_ftp(const char *);
93 static int fetch_url(const char *, const char *, char *, char *);
94 static const char *match_token(const char **, const char *);
95 static int parse_url(const char *, const char *, url_t *, char **,
96 char **, char **, char **, in_port_t *, char **);
97 static void url_decode(char *);
98
99 static int redirect_loop;
100
101
102 #define STRNEQUAL(a,b) (strncasecmp((a), (b), sizeof((b))-1) == 0)
103 #define ISLWS(x) ((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t')
104 #define SKIPLWS(x) do { while (ISLWS((*x))) x++; } while (0)
105
106
107 #define ABOUT_URL "about:" /* propaganda */
108 #define FILE_URL "file://" /* file URL prefix */
109 #define FTP_URL "ftp://" /* ftp URL prefix */
110 #define HTTP_URL "http://" /* http URL prefix */
111 #ifdef WITH_SSL
112 #define HTTPS_URL "https://" /* https URL prefix */
113
114 #define IS_HTTP_TYPE(urltype) \
115 (((urltype) == HTTP_URL_T) || ((urltype) == HTTPS_URL_T))
116 #else
117 #define IS_HTTP_TYPE(urltype) \
118 ((urltype) == HTTP_URL_T)
119 #endif
120
121 /*
122 * Determine if token is the next word in buf (case insensitive).
123 * If so, advance buf past the token and any trailing LWS, and
124 * return a pointer to the token (in buf). Otherwise, return NULL.
125 * token may be preceded by LWS.
126 * token must be followed by LWS or NUL. (I.e, don't partial match).
127 */
128 static const char *
match_token(const char ** buf,const char * token)129 match_token(const char **buf, const char *token)
130 {
131 const char *p, *orig;
132 size_t tlen;
133
134 tlen = strlen(token);
135 p = *buf;
136 SKIPLWS(p);
137 orig = p;
138 if (strncasecmp(p, token, tlen) != 0)
139 return NULL;
140 p += tlen;
141 if (*p != '\0' && !ISLWS(*p))
142 return NULL;
143 SKIPLWS(p);
144 orig = *buf;
145 *buf = p;
146 return orig;
147 }
148
149 #ifndef NO_AUTH
150 /*
151 * Generate authorization response based on given authentication challenge.
152 * Returns -1 if an error occurred, otherwise 0.
153 * Sets response to a malloc(3)ed string; caller should free.
154 */
155 static int
auth_url(const char * challenge,char ** response,const char * guser,const char * gpass)156 auth_url(const char *challenge, char **response, const char *guser,
157 const char *gpass)
158 {
159 const char *cp, *scheme, *errormsg;
160 char *ep, *clear, *realm;
161 char uuser[BUFSIZ], *gotpass;
162 const char *upass;
163 int rval;
164 size_t len, clen, rlen;
165
166 *response = NULL;
167 clear = realm = NULL;
168 rval = -1;
169 cp = challenge;
170 scheme = "Basic"; /* only support Basic authentication */
171 gotpass = NULL;
172
173 DPRINTF("auth_url: challenge `%s'\n", challenge);
174
175 if (! match_token(&cp, scheme)) {
176 warnx("Unsupported authentication challenge `%s'",
177 challenge);
178 goto cleanup_auth_url;
179 }
180
181 #define REALM "realm=\""
182 if (STRNEQUAL(cp, REALM))
183 cp += sizeof(REALM) - 1;
184 else {
185 warnx("Unsupported authentication challenge `%s'",
186 challenge);
187 goto cleanup_auth_url;
188 }
189 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */
190 if ((ep = strchr(cp, '\"')) != NULL) {
191 len = ep - cp;
192 realm = (char *)ftp_malloc(len + 1);
193 (void)strlcpy(realm, cp, len + 1);
194 } else {
195 warnx("Unsupported authentication challenge `%s'",
196 challenge);
197 goto cleanup_auth_url;
198 }
199
200 fprintf(ttyout, "Username for `%s': ", realm);
201 if (guser != NULL) {
202 (void)strlcpy(uuser, guser, sizeof(uuser));
203 fprintf(ttyout, "%s\n", uuser);
204 } else {
205 (void)fflush(ttyout);
206 if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) {
207 warnx("%s; can't authenticate", errormsg);
208 goto cleanup_auth_url;
209 }
210 }
211 if (gpass != NULL)
212 upass = gpass;
213 else {
214 gotpass = getpass("Password: ");
215 if (gotpass == NULL) {
216 warnx("Can't read password");
217 goto cleanup_auth_url;
218 }
219 upass = gotpass;
220 }
221
222 clen = strlen(uuser) + strlen(upass) + 2; /* user + ":" + pass + "\0" */
223 clear = (char *)ftp_malloc(clen);
224 (void)strlcpy(clear, uuser, clen);
225 (void)strlcat(clear, ":", clen);
226 (void)strlcat(clear, upass, clen);
227 if (gotpass)
228 memset(gotpass, 0, strlen(gotpass));
229
230 /* scheme + " " + enc + "\0" */
231 rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1;
232 *response = (char *)ftp_malloc(rlen);
233 (void)strlcpy(*response, scheme, rlen);
234 len = strlcat(*response, " ", rlen);
235 /* use `clen - 1' to not encode the trailing NUL */
236 base64_encode((unsigned char *)clear, clen - 1,
237 (unsigned char *)*response + len);
238 memset(clear, 0, clen);
239 rval = 0;
240
241 cleanup_auth_url:
242 FREEPTR(clear);
243 FREEPTR(realm);
244 return (rval);
245 }
246
247 /*
248 * Encode len bytes starting at clear using base64 encoding into encoded,
249 * which should be at least ((len + 2) * 4 / 3 + 1) in size.
250 */
251 static void
base64_encode(const unsigned char * clear,size_t len,unsigned char * encoded)252 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded)
253 {
254 static const unsigned char enc[] =
255 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
256 unsigned char *cp;
257 size_t i;
258
259 cp = encoded;
260 for (i = 0; i < len; i += 3) {
261 *(cp++) = enc[((clear[i + 0] >> 2))];
262 *(cp++) = enc[((clear[i + 0] << 4) & 0x30)
263 | ((clear[i + 1] >> 4) & 0x0f)];
264 *(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
265 | ((clear[i + 2] >> 6) & 0x03)];
266 *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
267 }
268 *cp = '\0';
269 while (i-- > len)
270 *(--cp) = '=';
271 }
272 #endif
273
274 /*
275 * Decode %xx escapes in given string, `in-place'.
276 */
277 static void
url_decode(char * url)278 url_decode(char *url)
279 {
280 unsigned char *p, *q;
281
282 if (EMPTYSTRING(url))
283 return;
284 p = q = (unsigned char *)url;
285
286 #define HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10))
287 while (*p) {
288 if (p[0] == '%'
289 && p[1] && isxdigit((unsigned char)p[1])
290 && p[2] && isxdigit((unsigned char)p[2])) {
291 *q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]);
292 p+=3;
293 } else
294 *q++ = *p++;
295 }
296 *q = '\0';
297 }
298
299
300 /*
301 * Parse URL of form (per RFC 3986):
302 * <type>://[<user>[:<password>]@]<host>[:<port>][/<path>]
303 * Returns -1 if a parse error occurred, otherwise 0.
304 * It's the caller's responsibility to url_decode() the returned
305 * user, pass and path.
306 *
307 * Sets type to url_t, each of the given char ** pointers to a
308 * malloc(3)ed strings of the relevant section, and port to
309 * the number given, or ftpport if ftp://, or httpport if http://.
310 *
311 * XXX: this is not totally RFC 3986 compliant; <path> will have the
312 * leading `/' unless it's an ftp:// URL, as this makes things easier
313 * for file:// and http:// URLs. ftp:// URLs have the `/' between the
314 * host and the URL-path removed, but any additional leading slashes
315 * in the URL-path are retained (because they imply that we should
316 * later do "CWD" with a null argument).
317 *
318 * Examples:
319 * input URL output path
320 * --------- -----------
321 * "http://host" "/"
322 * "http://host/" "/"
323 * "http://host/path" "/path"
324 * "file://host/dir/file" "dir/file"
325 * "ftp://host" ""
326 * "ftp://host/" ""
327 * "ftp://host//" "/"
328 * "ftp://host/dir/file" "dir/file"
329 * "ftp://host//dir/file" "/dir/file"
330 */
331 static int
parse_url(const char * url,const char * desc,url_t * utype,char ** uuser,char ** pass,char ** host,char ** port,in_port_t * portnum,char ** path)332 parse_url(const char *url, const char *desc, url_t *utype,
333 char **uuser, char **pass, char **host, char **port,
334 in_port_t *portnum, char **path)
335 {
336 const char *origurl, *tport;
337 char *cp, *ep, *thost;
338 size_t len;
339
340 if (url == NULL || desc == NULL || utype == NULL || uuser == NULL
341 || pass == NULL || host == NULL || port == NULL || portnum == NULL
342 || path == NULL)
343 errx(1, "parse_url: invoked with NULL argument!");
344 DPRINTF("parse_url: %s `%s'\n", desc, url);
345
346 origurl = url;
347 *utype = UNKNOWN_URL_T;
348 *uuser = *pass = *host = *port = *path = NULL;
349 *portnum = 0;
350 tport = NULL;
351
352 if (STRNEQUAL(url, HTTP_URL)) {
353 url += sizeof(HTTP_URL) - 1;
354 *utype = HTTP_URL_T;
355 *portnum = HTTP_PORT;
356 tport = httpport;
357 } else if (STRNEQUAL(url, FTP_URL)) {
358 url += sizeof(FTP_URL) - 1;
359 *utype = FTP_URL_T;
360 *portnum = FTP_PORT;
361 tport = ftpport;
362 } else if (STRNEQUAL(url, FILE_URL)) {
363 url += sizeof(FILE_URL) - 1;
364 *utype = FILE_URL_T;
365 #ifdef WITH_SSL
366 } else if (STRNEQUAL(url, HTTPS_URL)) {
367 url += sizeof(HTTPS_URL) - 1;
368 *utype = HTTPS_URL_T;
369 *portnum = HTTPS_PORT;
370 tport = httpsport;
371 #endif
372 } else {
373 warnx("Invalid %s `%s'", desc, url);
374 cleanup_parse_url:
375 FREEPTR(*uuser);
376 if (*pass != NULL)
377 memset(*pass, 0, strlen(*pass));
378 FREEPTR(*pass);
379 FREEPTR(*host);
380 FREEPTR(*port);
381 FREEPTR(*path);
382 return (-1);
383 }
384
385 if (*url == '\0')
386 return (0);
387
388 /* find [user[:pass]@]host[:port] */
389 ep = strchr(url, '/');
390 if (ep == NULL)
391 thost = ftp_strdup(url);
392 else {
393 len = ep - url;
394 thost = (char *)ftp_malloc(len + 1);
395 (void)strlcpy(thost, url, len + 1);
396 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */
397 ep++;
398 *path = ftp_strdup(ep);
399 }
400
401 cp = strchr(thost, '@'); /* look for user[:pass]@ in URLs */
402 if (cp != NULL) {
403 if (*utype == FTP_URL_T)
404 anonftp = 0; /* disable anonftp */
405 *uuser = thost;
406 *cp = '\0';
407 thost = ftp_strdup(cp + 1);
408 cp = strchr(*uuser, ':');
409 if (cp != NULL) {
410 *cp = '\0';
411 *pass = ftp_strdup(cp + 1);
412 }
413 url_decode(*uuser);
414 if (*pass)
415 url_decode(*pass);
416 }
417
418 #ifdef INET6
419 /*
420 * Check if thost is an encoded IPv6 address, as per
421 * RFC 3986:
422 * `[' ipv6-address ']'
423 */
424 if (*thost == '[') {
425 cp = thost + 1;
426 if ((ep = strchr(cp, ']')) == NULL ||
427 (ep[1] != '\0' && ep[1] != ':')) {
428 warnx("Invalid address `%s' in %s `%s'",
429 thost, desc, origurl);
430 goto cleanup_parse_url;
431 }
432 len = ep - cp; /* change `[xyz]' -> `xyz' */
433 memmove(thost, thost + 1, len);
434 thost[len] = '\0';
435 if (! isipv6addr(thost)) {
436 warnx("Invalid IPv6 address `%s' in %s `%s'",
437 thost, desc, origurl);
438 goto cleanup_parse_url;
439 }
440 cp = ep + 1;
441 if (*cp == ':')
442 cp++;
443 else
444 cp = NULL;
445 } else
446 #endif /* INET6 */
447 if ((cp = strchr(thost, ':')) != NULL)
448 *cp++ = '\0';
449 *host = thost;
450
451 /* look for [:port] */
452 if (cp != NULL) {
453 unsigned long nport;
454
455 nport = strtoul(cp, &ep, 10);
456 if (*cp == '\0' || *ep != '\0' ||
457 nport < 1 || nport > MAX_IN_PORT_T) {
458 warnx("Unknown port `%s' in %s `%s'",
459 cp, desc, origurl);
460 goto cleanup_parse_url;
461 }
462 *portnum = nport;
463 tport = cp;
464 }
465
466 if (tport != NULL)
467 *port = ftp_strdup(tport);
468 if (*path == NULL) {
469 const char *emptypath = "/";
470 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */
471 emptypath++;
472 *path = ftp_strdup(emptypath);
473 }
474
475 DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
476 "path `%s'\n",
477 STRorNULL(*uuser), STRorNULL(*pass),
478 STRorNULL(*host), STRorNULL(*port),
479 *portnum ? *portnum : -1, STRorNULL(*path));
480
481 return (0);
482 }
483
484 sigjmp_buf httpabort;
485
486 /*
487 * Retrieve URL, via a proxy if necessary, using HTTP.
488 * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or
489 * http_proxy/https_proxy as appropriate.
490 * Supports HTTP redirects.
491 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
492 * is still open (e.g, ftp xfer with trailing /)
493 */
494 static int
fetch_url(const char * url,const char * proxyenv,char * proxyauth,char * wwwauth)495 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth)
496 {
497 struct addrinfo hints, *res, *res0 = NULL;
498 int error;
499 sigfunc volatile oldint;
500 sigfunc volatile oldpipe;
501 sigfunc volatile oldalrm;
502 sigfunc volatile oldquit;
503 int volatile s;
504 struct stat sb;
505 int volatile ischunked;
506 int volatile isproxy;
507 int volatile rval;
508 int volatile hcode;
509 int len;
510 size_t flen;
511 static size_t bufsize;
512 static char *xferbuf;
513 const char *cp, *token;
514 char *ep;
515 char buf[FTPBUFLEN];
516 const char *errormsg;
517 char *volatile savefile;
518 char *volatile auth;
519 char *volatile location;
520 char *volatile message;
521 char *uuser, *pass, *host, *port, *path;
522 char *volatile decodedpath;
523 char *puser, *ppass, *useragent;
524 off_t hashbytes, rangestart, rangeend, entitylen;
525 int (*volatile closefunc)(FILE *);
526 FETCH *volatile fin;
527 FILE *volatile fout;
528 const char *volatile penv = proxyenv;
529 time_t mtime;
530 url_t urltype;
531 in_port_t portnum;
532 #ifdef WITH_SSL
533 void *ssl;
534 #endif
535
536 DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv));
537
538 oldquit = oldalrm = oldint = oldpipe = NULL;
539 closefunc = NULL;
540 fin = NULL;
541 fout = NULL;
542 s = -1;
543 savefile = NULL;
544 auth = location = message = NULL;
545 ischunked = isproxy = hcode = 0;
546 rval = 1;
547 uuser = pass = host = path = decodedpath = puser = ppass = NULL;
548
549 if (sigsetjmp(httpabort, 1))
550 goto cleanup_fetch_url;
551
552 if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port,
553 &portnum, &path) == -1)
554 goto cleanup_fetch_url;
555
556 if (urltype == FILE_URL_T && ! EMPTYSTRING(host)
557 && strcasecmp(host, "localhost") != 0) {
558 warnx("No support for non local file URL `%s'", url);
559 goto cleanup_fetch_url;
560 }
561
562 if (EMPTYSTRING(path)) {
563 if (urltype == FTP_URL_T) {
564 rval = fetch_ftp(url);
565 goto cleanup_fetch_url;
566 }
567 if (!IS_HTTP_TYPE(urltype) || outfile == NULL) {
568 warnx("Invalid URL (no file after host) `%s'", url);
569 goto cleanup_fetch_url;
570 }
571 }
572
573 decodedpath = ftp_strdup(path);
574 url_decode(decodedpath);
575
576 if (outfile)
577 savefile = outfile;
578 else {
579 cp = strrchr(decodedpath, '/'); /* find savefile */
580 if (cp != NULL)
581 savefile = ftp_strdup(cp + 1);
582 else
583 savefile = ftp_strdup(decodedpath);
584 }
585 DPRINTF("%s: savefile `%s'\n", __func__, savefile);
586 if (EMPTYSTRING(savefile)) {
587 if (urltype == FTP_URL_T) {
588 rval = fetch_ftp(url);
589 goto cleanup_fetch_url;
590 }
591 warnx("No file after directory (you must specify an "
592 "output file) `%s'", url);
593 goto cleanup_fetch_url;
594 }
595
596 restart_point = 0;
597 filesize = -1;
598 rangestart = rangeend = entitylen = -1;
599 mtime = -1;
600 if (restartautofetch) {
601 if (stat(savefile, &sb) == 0)
602 restart_point = sb.st_size;
603 }
604 if (urltype == FILE_URL_T) { /* file:// URLs */
605 direction = "copied";
606 fin = fetch_open(decodedpath, "r");
607 if (fin == NULL) {
608 warn("Can't open `%s'", decodedpath);
609 goto cleanup_fetch_url;
610 }
611 if (fstat(fetch_fileno(fin), &sb) == 0) {
612 mtime = sb.st_mtime;
613 filesize = sb.st_size;
614 }
615 if (restart_point) {
616 if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) {
617 warn("Can't seek to restart `%s'",
618 decodedpath);
619 goto cleanup_fetch_url;
620 }
621 }
622 if (verbose) {
623 fprintf(ttyout, "Copying %s", decodedpath);
624 if (restart_point)
625 fprintf(ttyout, " (restarting at " LLF ")",
626 (LLT)restart_point);
627 fputs("\n", ttyout);
628 }
629 if (0 == rcvbuf_size) {
630 rcvbuf_size = 8 * 1024; /* XXX */
631 }
632 } else { /* ftp:// or http:// URLs */
633 const char *leading;
634 int hasleading;
635
636 if (penv == NULL) {
637 #ifdef WITH_SSL
638 if (urltype == HTTPS_URL_T)
639 penv = getoptionvalue("https_proxy");
640 #endif
641 if (penv == NULL && IS_HTTP_TYPE(urltype))
642 penv = getoptionvalue("http_proxy");
643 else if (urltype == FTP_URL_T)
644 penv = getoptionvalue("ftp_proxy");
645 }
646 direction = "retrieved";
647 if (! EMPTYSTRING(penv)) { /* use proxy */
648 url_t purltype;
649 char *phost, *ppath;
650 char *pport, *no_proxy;
651 in_port_t pportnum;
652
653 isproxy = 1;
654
655 /* check URL against list of no_proxied sites */
656 no_proxy = getoptionvalue("no_proxy");
657 if (! EMPTYSTRING(no_proxy)) {
658 char *np, *np_copy, *np_iter;
659 unsigned long np_port;
660 size_t hlen, plen;
661
662 np_iter = np_copy = ftp_strdup(no_proxy);
663 hlen = strlen(host);
664 while ((cp = strsep(&np_iter, " ,")) != NULL) {
665 if (*cp == '\0')
666 continue;
667 if ((np = strrchr(cp, ':')) != NULL) {
668 *np++ = '\0';
669 np_port = strtoul(np, &ep, 10);
670 if (*np == '\0' || *ep != '\0')
671 continue;
672 if (np_port != portnum)
673 continue;
674 }
675 plen = strlen(cp);
676 if (hlen < plen)
677 continue;
678 if (strncasecmp(host + hlen - plen,
679 cp, plen) == 0) {
680 isproxy = 0;
681 break;
682 }
683 }
684 FREEPTR(np_copy);
685 if (isproxy == 0 && urltype == FTP_URL_T) {
686 rval = fetch_ftp(url);
687 goto cleanup_fetch_url;
688 }
689 }
690
691 if (isproxy) {
692 if (restart_point) {
693 warnx("Can't restart via proxy URL `%s'",
694 penv);
695 goto cleanup_fetch_url;
696 }
697 if (parse_url(penv, "proxy URL", &purltype,
698 &puser, &ppass, &phost, &pport, &pportnum,
699 &ppath) == -1)
700 goto cleanup_fetch_url;
701
702 if ((!IS_HTTP_TYPE(purltype)
703 && purltype != FTP_URL_T) ||
704 EMPTYSTRING(phost) ||
705 (! EMPTYSTRING(ppath)
706 && strcmp(ppath, "/") != 0)) {
707 warnx("Malformed proxy URL `%s'", penv);
708 FREEPTR(phost);
709 FREEPTR(pport);
710 FREEPTR(ppath);
711 goto cleanup_fetch_url;
712 }
713 if (isipv6addr(host) &&
714 strchr(host, '%') != NULL) {
715 warnx(
716 "Scoped address notation `%s' disallowed via web proxy",
717 host);
718 FREEPTR(phost);
719 FREEPTR(pport);
720 FREEPTR(ppath);
721 goto cleanup_fetch_url;
722 }
723
724 FREEPTR(host);
725 host = phost;
726 FREEPTR(port);
727 port = pport;
728 FREEPTR(path);
729 path = ftp_strdup(url);
730 FREEPTR(ppath);
731 urltype = purltype;
732 }
733 } /* ! EMPTYSTRING(penv) */
734
735 memset(&hints, 0, sizeof(hints));
736 hints.ai_flags = 0;
737 hints.ai_family = family;
738 hints.ai_socktype = SOCK_STREAM;
739 hints.ai_protocol = 0;
740 error = getaddrinfo(host, port, &hints, &res0);
741 if (error) {
742 warnx("Can't LOOKUP `%s:%s': %s", host, port,
743 (error == EAI_SYSTEM) ? strerror(errno)
744 : gai_strerror(error));
745 goto cleanup_fetch_url;
746 }
747 if (res0->ai_canonname)
748 host = res0->ai_canonname;
749
750 s = -1;
751 #ifdef WITH_SSL
752 ssl = NULL;
753 #endif
754 for (res = res0; res; res = res->ai_next) {
755 char hname[NI_MAXHOST], sname[NI_MAXSERV];
756
757 ai_unmapped(res);
758 if (getnameinfo(res->ai_addr, res->ai_addrlen,
759 hname, sizeof(hname), sname, sizeof(sname),
760 NI_NUMERICHOST | NI_NUMERICSERV) != 0) {
761 strlcpy(hname, "?", sizeof(hname));
762 strlcpy(sname, "?", sizeof(sname));
763 }
764
765 if (verbose && res0->ai_next) {
766 fprintf(ttyout, "Trying %s:%s ...\n",
767 hname, sname);
768 }
769
770 s = socket(res->ai_family, SOCK_STREAM,
771 res->ai_protocol);
772 if (s < 0) {
773 warn(
774 "Can't create socket for connection to "
775 "`%s:%s'", hname, sname);
776 continue;
777 }
778
779 if (ftp_connect(s, res->ai_addr, res->ai_addrlen,
780 verbose || !res->ai_next) < 0) {
781 close(s);
782 s = -1;
783 continue;
784 }
785
786 #ifdef WITH_SSL
787 if (urltype == HTTPS_URL_T) {
788 if ((ssl = fetch_start_ssl(s, host)) == NULL) {
789 close(s);
790 s = -1;
791 continue;
792 }
793 }
794 #endif
795
796 /* success */
797 break;
798 }
799
800 if (s < 0) {
801 warnx("Can't connect to `%s:%s'", host, port);
802 goto cleanup_fetch_url;
803 }
804
805 oldalrm = xsignal(SIGALRM, timeouthttp);
806 alarmtimer(quit_time ? quit_time : 60);
807 fin = fetch_fdopen(s, "r+");
808 fetch_set_ssl(fin, ssl);
809 alarmtimer(0);
810
811 alarmtimer(quit_time ? quit_time : 60);
812 /*
813 * Construct and send the request.
814 */
815 if (verbose)
816 fprintf(ttyout, "Requesting %s\n", url);
817 leading = " (";
818 hasleading = 0;
819 if (isproxy) {
820 if (verbose) {
821 fprintf(ttyout, "%svia %s:%s", leading,
822 host, port);
823 leading = ", ";
824 hasleading++;
825 }
826 fetch_printf(fin, "GET %s HTTP/1.0\r\n", path);
827 if (flushcache)
828 fetch_printf(fin, "Pragma: no-cache\r\n");
829 } else {
830 fetch_printf(fin, "GET %s HTTP/1.1\r\n", path);
831 if (strchr(host, ':')) {
832 char *h, *p;
833
834 /*
835 * strip off IPv6 scope identifier, since it is
836 * local to the node
837 */
838 h = ftp_strdup(host);
839 if (isipv6addr(h) &&
840 (p = strchr(h, '%')) != NULL) {
841 *p = '\0';
842 }
843 fetch_printf(fin, "Host: [%s]", h);
844 free(h);
845 } else
846 fetch_printf(fin, "Host: %s", host);
847 #ifdef WITH_SSL
848 if ((urltype == HTTP_URL_T && portnum != HTTP_PORT) ||
849 (urltype == HTTPS_URL_T && portnum != HTTPS_PORT))
850 #else
851 if (portnum != HTTP_PORT)
852 #endif
853 fetch_printf(fin, ":%u", portnum);
854 fetch_printf(fin, "\r\n");
855 fetch_printf(fin, "Accept: */*\r\n");
856 fetch_printf(fin, "Connection: close\r\n");
857 if (restart_point) {
858 fputs(leading, ttyout);
859 fetch_printf(fin, "Range: bytes=" LLF "-\r\n",
860 (LLT)restart_point);
861 fprintf(ttyout, "restarting at " LLF,
862 (LLT)restart_point);
863 leading = ", ";
864 hasleading++;
865 }
866 if (flushcache)
867 fetch_printf(fin, "Cache-Control: no-cache\r\n");
868 }
869 if ((useragent=getenv("FTPUSERAGENT")) != NULL) {
870 fetch_printf(fin, "User-Agent: %s\r\n", useragent);
871 } else {
872 fetch_printf(fin, "User-Agent: %s/%s\r\n",
873 FTP_PRODUCT, FTP_VERSION);
874 }
875 if (wwwauth) {
876 if (verbose) {
877 fprintf(ttyout, "%swith authorization",
878 leading);
879 leading = ", ";
880 hasleading++;
881 }
882 fetch_printf(fin, "Authorization: %s\r\n", wwwauth);
883 }
884 if (proxyauth) {
885 if (verbose) {
886 fprintf(ttyout,
887 "%swith proxy authorization", leading);
888 leading = ", ";
889 hasleading++;
890 }
891 fetch_printf(fin, "Proxy-Authorization: %s\r\n", proxyauth);
892 }
893 if (verbose && hasleading)
894 fputs(")\n", ttyout);
895 fetch_printf(fin, "\r\n");
896 if (fetch_flush(fin) == EOF) {
897 warn("Writing HTTP request");
898 alarmtimer(0);
899 goto cleanup_fetch_url;
900 }
901 alarmtimer(0);
902
903 /* Read the response */
904 alarmtimer(quit_time ? quit_time : 60);
905 len = fetch_getline(fin, buf, sizeof(buf), &errormsg);
906 alarmtimer(0);
907 if (len < 0) {
908 if (*errormsg == '\n')
909 errormsg++;
910 warnx("Receiving HTTP reply: %s", errormsg);
911 goto cleanup_fetch_url;
912 }
913 while (len > 0 && (ISLWS(buf[len-1])))
914 buf[--len] = '\0';
915 DPRINTF("%s: received `%s'\n", __func__, buf);
916
917 /* Determine HTTP response code */
918 cp = strchr(buf, ' ');
919 if (cp == NULL)
920 goto improper;
921 else
922 cp++;
923 hcode = strtol(cp, &ep, 10);
924 if (*ep != '\0' && !isspace((unsigned char)*ep))
925 goto improper;
926 message = ftp_strdup(cp);
927
928 /* Read the rest of the header. */
929 while (1) {
930 alarmtimer(quit_time ? quit_time : 60);
931 len = fetch_getline(fin, buf, sizeof(buf), &errormsg);
932 alarmtimer(0);
933 if (len < 0) {
934 if (*errormsg == '\n')
935 errormsg++;
936 warnx("Receiving HTTP reply: %s", errormsg);
937 goto cleanup_fetch_url;
938 }
939 while (len > 0 && (ISLWS(buf[len-1])))
940 buf[--len] = '\0';
941 if (len == 0)
942 break;
943 DPRINTF("%s: received `%s'\n", __func__, buf);
944
945 /*
946 * Look for some headers
947 */
948
949 cp = buf;
950
951 if (match_token(&cp, "Content-Length:")) {
952 filesize = STRTOLL(cp, &ep, 10);
953 if (filesize < 0 || *ep != '\0')
954 goto improper;
955 DPRINTF("%s: parsed len as: " LLF "\n",
956 __func__, (LLT)filesize);
957
958 } else if (match_token(&cp, "Content-Range:")) {
959 if (! match_token(&cp, "bytes"))
960 goto improper;
961
962 if (*cp == '*')
963 cp++;
964 else {
965 rangestart = STRTOLL(cp, &ep, 10);
966 if (rangestart < 0 || *ep != '-')
967 goto improper;
968 cp = ep + 1;
969 rangeend = STRTOLL(cp, &ep, 10);
970 if (rangeend < 0 || rangeend < rangestart)
971 goto improper;
972 cp = ep;
973 }
974 if (*cp != '/')
975 goto improper;
976 cp++;
977 if (*cp == '*')
978 cp++;
979 else {
980 entitylen = STRTOLL(cp, &ep, 10);
981 if (entitylen < 0)
982 goto improper;
983 cp = ep;
984 }
985 if (*cp != '\0')
986 goto improper;
987
988 #ifndef NO_DEBUG
989 if (ftp_debug) {
990 fprintf(ttyout, "parsed range as: ");
991 if (rangestart == -1)
992 fprintf(ttyout, "*");
993 else
994 fprintf(ttyout, LLF "-" LLF,
995 (LLT)rangestart,
996 (LLT)rangeend);
997 fprintf(ttyout, "/" LLF "\n", (LLT)entitylen);
998 }
999 #endif
1000 if (! restart_point) {
1001 warnx(
1002 "Received unexpected Content-Range header");
1003 goto cleanup_fetch_url;
1004 }
1005
1006 } else if (match_token(&cp, "Last-Modified:")) {
1007 struct tm parsed;
1008 const char *t;
1009
1010 memset(&parsed, 0, sizeof(parsed));
1011 t = parse_rfc2616time(&parsed, cp);
1012 if (t != NULL) {
1013 parsed.tm_isdst = -1;
1014 if (*t == '\0')
1015 mtime = timegm(&parsed);
1016 #ifndef NO_DEBUG
1017 if (ftp_debug && mtime != -1) {
1018 fprintf(ttyout,
1019 "parsed time as: %s",
1020 rfc2822time(localtime(&mtime)));
1021 }
1022 #endif
1023 }
1024
1025 } else if (match_token(&cp, "Location:")) {
1026 location = ftp_strdup(cp);
1027 DPRINTF("%s: parsed location as `%s'\n",
1028 __func__, cp);
1029
1030 } else if (match_token(&cp, "Transfer-Encoding:")) {
1031 if (match_token(&cp, "binary")) {
1032 warnx(
1033 "Bogus transfer encoding `binary' (fetching anyway)");
1034 continue;
1035 }
1036 if (! (token = match_token(&cp, "chunked"))) {
1037 warnx(
1038 "Unsupported transfer encoding `%s'",
1039 token);
1040 goto cleanup_fetch_url;
1041 }
1042 ischunked++;
1043 DPRINTF("%s: using chunked encoding\n",
1044 __func__);
1045
1046 } else if (match_token(&cp, "Proxy-Authenticate:")
1047 || match_token(&cp, "WWW-Authenticate:")) {
1048 if (! (token = match_token(&cp, "Basic"))) {
1049 DPRINTF("%s: skipping unknown auth "
1050 "scheme `%s'\n", __func__, token);
1051 continue;
1052 }
1053 FREEPTR(auth);
1054 auth = ftp_strdup(token);
1055 DPRINTF("%s: parsed auth as `%s'\n",
1056 __func__, cp);
1057 }
1058
1059 }
1060 /* finished parsing header */
1061
1062 switch (hcode) {
1063 case 200:
1064 break;
1065 case 206:
1066 if (! restart_point) {
1067 warnx("Not expecting partial content header");
1068 goto cleanup_fetch_url;
1069 }
1070 break;
1071 case 300:
1072 case 301:
1073 case 302:
1074 case 303:
1075 case 305:
1076 case 307:
1077 if (EMPTYSTRING(location)) {
1078 warnx(
1079 "No redirection Location provided by server");
1080 goto cleanup_fetch_url;
1081 }
1082 if (redirect_loop++ > 5) {
1083 warnx("Too many redirections requested");
1084 goto cleanup_fetch_url;
1085 }
1086 if (hcode == 305) {
1087 if (verbose)
1088 fprintf(ttyout, "Redirected via %s\n",
1089 location);
1090 rval = fetch_url(url, location,
1091 proxyauth, wwwauth);
1092 } else {
1093 if (verbose)
1094 fprintf(ttyout, "Redirected to %s\n",
1095 location);
1096 rval = go_fetch(location);
1097 }
1098 goto cleanup_fetch_url;
1099 #ifndef NO_AUTH
1100 case 401:
1101 case 407:
1102 {
1103 char **authp;
1104 char *auser, *apass;
1105
1106 if (hcode == 401) {
1107 authp = &wwwauth;
1108 auser = uuser;
1109 apass = pass;
1110 } else {
1111 authp = &proxyauth;
1112 auser = puser;
1113 apass = ppass;
1114 }
1115 if (verbose || *authp == NULL ||
1116 auser == NULL || apass == NULL)
1117 fprintf(ttyout, "%s\n", message);
1118 if (EMPTYSTRING(auth)) {
1119 warnx(
1120 "No authentication challenge provided by server");
1121 goto cleanup_fetch_url;
1122 }
1123 if (*authp != NULL) {
1124 char reply[10];
1125
1126 fprintf(ttyout,
1127 "Authorization failed. Retry (y/n)? ");
1128 if (get_line(stdin, reply, sizeof(reply), NULL)
1129 < 0) {
1130 goto cleanup_fetch_url;
1131 }
1132 if (tolower((unsigned char)reply[0]) != 'y')
1133 goto cleanup_fetch_url;
1134 auser = NULL;
1135 apass = NULL;
1136 }
1137 if (auth_url(auth, authp, auser, apass) == 0) {
1138 rval = fetch_url(url, penv,
1139 proxyauth, wwwauth);
1140 memset(*authp, 0, strlen(*authp));
1141 FREEPTR(*authp);
1142 }
1143 goto cleanup_fetch_url;
1144 }
1145 #endif
1146 default:
1147 if (message)
1148 warnx("Error retrieving file `%s'", message);
1149 else
1150 warnx("Unknown error retrieving file");
1151 goto cleanup_fetch_url;
1152 }
1153 } /* end of ftp:// or http:// specific setup */
1154
1155 /* Open the output file. */
1156
1157 /*
1158 * Only trust filenames with special meaning if they came from
1159 * the command line
1160 */
1161 if (outfile == savefile) {
1162 if (strcmp(savefile, "-") == 0) {
1163 fout = stdout;
1164 } else if (*savefile == '|') {
1165 oldpipe = xsignal(SIGPIPE, SIG_IGN);
1166 fout = popen(savefile + 1, "w");
1167 if (fout == NULL) {
1168 warn("Can't execute `%s'", savefile + 1);
1169 goto cleanup_fetch_url;
1170 }
1171 closefunc = pclose;
1172 }
1173 }
1174 if (fout == NULL) {
1175 if ((rangeend != -1 && rangeend <= restart_point) ||
1176 (rangestart == -1 && filesize != -1 && filesize <= restart_point)) {
1177 /* already done */
1178 if (verbose)
1179 fprintf(ttyout, "already done\n");
1180 rval = 0;
1181 goto cleanup_fetch_url;
1182 }
1183 if (restart_point && rangestart != -1) {
1184 if (entitylen != -1)
1185 filesize = entitylen;
1186 if (rangestart != restart_point) {
1187 warnx(
1188 "Size of `%s' differs from save file `%s'",
1189 url, savefile);
1190 goto cleanup_fetch_url;
1191 }
1192 fout = fopen(savefile, "a");
1193 } else
1194 fout = fopen(savefile, "w");
1195 if (fout == NULL) {
1196 warn("Can't open `%s'", savefile);
1197 goto cleanup_fetch_url;
1198 }
1199 closefunc = fclose;
1200 }
1201
1202 /* Trap signals */
1203 oldquit = xsignal(SIGQUIT, psummary);
1204 oldint = xsignal(SIGINT, aborthttp);
1205
1206 assert(rcvbuf_size > 0);
1207 if ((size_t)rcvbuf_size > bufsize) {
1208 if (xferbuf)
1209 (void)free(xferbuf);
1210 bufsize = rcvbuf_size;
1211 xferbuf = ftp_malloc(bufsize);
1212 }
1213
1214 bytes = 0;
1215 hashbytes = mark;
1216 if (oldalrm) {
1217 (void)xsignal(SIGALRM, oldalrm);
1218 oldalrm = NULL;
1219 }
1220 progressmeter(-1);
1221
1222 /* Finally, suck down the file. */
1223 do {
1224 long chunksize;
1225 short lastchunk;
1226
1227 chunksize = 0;
1228 lastchunk = 0;
1229 /* read chunk-size */
1230 if (ischunked) {
1231 if (fetch_getln(xferbuf, bufsize, fin) == NULL) {
1232 warnx("Unexpected EOF reading chunk-size");
1233 goto cleanup_fetch_url;
1234 }
1235 errno = 0;
1236 chunksize = strtol(xferbuf, &ep, 16);
1237 if (ep == xferbuf) {
1238 warnx("Invalid chunk-size");
1239 goto cleanup_fetch_url;
1240 }
1241 if (errno == ERANGE || chunksize < 0) {
1242 errno = ERANGE;
1243 warn("Chunk-size `%.*s'",
1244 (int)(ep-xferbuf), xferbuf);
1245 goto cleanup_fetch_url;
1246 }
1247
1248 /*
1249 * XXX: Work around bug in Apache 1.3.9 and
1250 * 1.3.11, which incorrectly put trailing
1251 * space after the chunk-size.
1252 */
1253 while (*ep == ' ')
1254 ep++;
1255
1256 /* skip [ chunk-ext ] */
1257 if (*ep == ';') {
1258 while (*ep && *ep != '\r')
1259 ep++;
1260 }
1261
1262 if (strcmp(ep, "\r\n") != 0) {
1263 warnx("Unexpected data following chunk-size");
1264 goto cleanup_fetch_url;
1265 }
1266 DPRINTF("%s: got chunk-size of " LLF "\n", __func__,
1267 (LLT)chunksize);
1268 if (chunksize == 0) {
1269 lastchunk = 1;
1270 goto chunkdone;
1271 }
1272 }
1273 /* transfer file or chunk */
1274 while (1) {
1275 struct timeval then, now, td;
1276 volatile off_t bufrem;
1277
1278 if (rate_get)
1279 (void)gettimeofday(&then, NULL);
1280 bufrem = rate_get ? rate_get : (off_t)bufsize;
1281 if (ischunked)
1282 bufrem = MIN(chunksize, bufrem);
1283 while (bufrem > 0) {
1284 flen = fetch_read(xferbuf, sizeof(char),
1285 MIN((off_t)bufsize, bufrem), fin);
1286 if (flen <= 0)
1287 goto chunkdone;
1288 bytes += flen;
1289 bufrem -= flen;
1290 if (fwrite(xferbuf, sizeof(char), flen, fout)
1291 != flen) {
1292 warn("Writing `%s'", savefile);
1293 goto cleanup_fetch_url;
1294 }
1295 if (hash && !progress) {
1296 while (bytes >= hashbytes) {
1297 (void)putc('#', ttyout);
1298 hashbytes += mark;
1299 }
1300 (void)fflush(ttyout);
1301 }
1302 if (ischunked) {
1303 chunksize -= flen;
1304 if (chunksize <= 0)
1305 break;
1306 }
1307 }
1308 if (rate_get) {
1309 while (1) {
1310 (void)gettimeofday(&now, NULL);
1311 timersub(&now, &then, &td);
1312 if (td.tv_sec > 0)
1313 break;
1314 usleep(1000000 - td.tv_usec);
1315 }
1316 }
1317 if (ischunked && chunksize <= 0)
1318 break;
1319 }
1320 /* read CRLF after chunk*/
1321 chunkdone:
1322 if (ischunked) {
1323 if (fetch_getln(xferbuf, bufsize, fin) == NULL) {
1324 alarmtimer(0);
1325 warnx("Unexpected EOF reading chunk CRLF");
1326 goto cleanup_fetch_url;
1327 }
1328 if (strcmp(xferbuf, "\r\n") != 0) {
1329 warnx("Unexpected data following chunk");
1330 goto cleanup_fetch_url;
1331 }
1332 if (lastchunk)
1333 break;
1334 }
1335 } while (ischunked);
1336
1337 /* XXX: deal with optional trailer & CRLF here? */
1338
1339 if (hash && !progress && bytes > 0) {
1340 if (bytes < mark)
1341 (void)putc('#', ttyout);
1342 (void)putc('\n', ttyout);
1343 }
1344 if (fetch_error(fin)) {
1345 warn("Reading file");
1346 goto cleanup_fetch_url;
1347 }
1348 progressmeter(1);
1349 (void)fflush(fout);
1350 if (closefunc == fclose && mtime != -1) {
1351 struct timeval tval[2];
1352
1353 (void)gettimeofday(&tval[0], NULL);
1354 tval[1].tv_sec = mtime;
1355 tval[1].tv_usec = 0;
1356 (*closefunc)(fout);
1357 fout = NULL;
1358
1359 if (utimes(savefile, tval) == -1) {
1360 fprintf(ttyout,
1361 "Can't change modification time to %s",
1362 rfc2822time(localtime(&mtime)));
1363 }
1364 }
1365 if (bytes > 0)
1366 ptransfer(0);
1367 bytes = 0;
1368
1369 rval = 0;
1370 goto cleanup_fetch_url;
1371
1372 improper:
1373 warnx("Improper response from `%s:%s'", host, port);
1374
1375 cleanup_fetch_url:
1376 if (oldint)
1377 (void)xsignal(SIGINT, oldint);
1378 if (oldpipe)
1379 (void)xsignal(SIGPIPE, oldpipe);
1380 if (oldalrm)
1381 (void)xsignal(SIGALRM, oldalrm);
1382 if (oldquit)
1383 (void)xsignal(SIGQUIT, oldpipe);
1384 if (fin != NULL)
1385 fetch_close(fin);
1386 else if (s != -1)
1387 close(s);
1388 if (closefunc != NULL && fout != NULL)
1389 (*closefunc)(fout);
1390 if (res0)
1391 freeaddrinfo(res0);
1392 if (savefile != outfile)
1393 FREEPTR(savefile);
1394 FREEPTR(uuser);
1395 if (pass != NULL)
1396 memset(pass, 0, strlen(pass));
1397 FREEPTR(pass);
1398 FREEPTR(host);
1399 FREEPTR(port);
1400 FREEPTR(path);
1401 FREEPTR(decodedpath);
1402 FREEPTR(puser);
1403 if (ppass != NULL)
1404 memset(ppass, 0, strlen(ppass));
1405 FREEPTR(ppass);
1406 FREEPTR(auth);
1407 FREEPTR(location);
1408 FREEPTR(message);
1409 return (rval);
1410 }
1411
1412 /*
1413 * Abort a HTTP retrieval
1414 */
1415 static void
aborthttp(int notused)1416 aborthttp(int notused)
1417 {
1418 char msgbuf[100];
1419 int len;
1420
1421 sigint_raised = 1;
1422 alarmtimer(0);
1423 if (fromatty) {
1424 len = snprintf(msgbuf, sizeof(msgbuf),
1425 "\n%s: HTTP fetch aborted.\n", getprogname());
1426 if (len > 0)
1427 write(fileno(ttyout), msgbuf, len);
1428 }
1429 siglongjmp(httpabort, 1);
1430 }
1431
1432 static void
timeouthttp(int notused)1433 timeouthttp(int notused)
1434 {
1435 char msgbuf[100];
1436 int len;
1437
1438 alarmtimer(0);
1439 if (fromatty) {
1440 len = snprintf(msgbuf, sizeof(msgbuf),
1441 "\n%s: HTTP fetch timeout.\n", getprogname());
1442 if (len > 0)
1443 write(fileno(ttyout), msgbuf, len);
1444 }
1445 siglongjmp(httpabort, 1);
1446 }
1447
1448 /*
1449 * Retrieve ftp URL or classic ftp argument using FTP.
1450 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1451 * is still open (e.g, ftp xfer with trailing /)
1452 */
1453 static int
fetch_ftp(const char * url)1454 fetch_ftp(const char *url)
1455 {
1456 char *cp, *xargv[5], rempath[MAXPATHLEN];
1457 char *host, *path, *dir, *file, *uuser, *pass;
1458 char *port;
1459 char cmdbuf[MAXPATHLEN];
1460 char dirbuf[4];
1461 int dirhasglob, filehasglob, rval, transtype, xargc;
1462 int oanonftp, oautologin;
1463 in_port_t portnum;
1464 url_t urltype;
1465
1466 DPRINTF("fetch_ftp: `%s'\n", url);
1467 host = path = dir = file = uuser = pass = NULL;
1468 port = NULL;
1469 rval = 1;
1470 transtype = TYPE_I;
1471
1472 if (STRNEQUAL(url, FTP_URL)) {
1473 if ((parse_url(url, "URL", &urltype, &uuser, &pass,
1474 &host, &port, &portnum, &path) == -1) ||
1475 (uuser != NULL && *uuser == '\0') ||
1476 EMPTYSTRING(host)) {
1477 warnx("Invalid URL `%s'", url);
1478 goto cleanup_fetch_ftp;
1479 }
1480 /*
1481 * Note: Don't url_decode(path) here. We need to keep the
1482 * distinction between "/" and "%2F" until later.
1483 */
1484
1485 /* check for trailing ';type=[aid]' */
1486 if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) {
1487 if (strcasecmp(cp, ";type=a") == 0)
1488 transtype = TYPE_A;
1489 else if (strcasecmp(cp, ";type=i") == 0)
1490 transtype = TYPE_I;
1491 else if (strcasecmp(cp, ";type=d") == 0) {
1492 warnx(
1493 "Directory listing via a URL is not supported");
1494 goto cleanup_fetch_ftp;
1495 } else {
1496 warnx("Invalid suffix `%s' in URL `%s'", cp,
1497 url);
1498 goto cleanup_fetch_ftp;
1499 }
1500 *cp = 0;
1501 }
1502 } else { /* classic style `[user@]host:[file]' */
1503 urltype = CLASSIC_URL_T;
1504 host = ftp_strdup(url);
1505 cp = strchr(host, '@');
1506 if (cp != NULL) {
1507 *cp = '\0';
1508 uuser = host;
1509 anonftp = 0; /* disable anonftp */
1510 host = ftp_strdup(cp + 1);
1511 }
1512 cp = strchr(host, ':');
1513 if (cp != NULL) {
1514 *cp = '\0';
1515 path = ftp_strdup(cp + 1);
1516 }
1517 }
1518 if (EMPTYSTRING(host))
1519 goto cleanup_fetch_ftp;
1520
1521 /* Extract the file and (if present) directory name. */
1522 dir = path;
1523 if (! EMPTYSTRING(dir)) {
1524 /*
1525 * If we are dealing with classic `[user@]host:[path]' syntax,
1526 * then a path of the form `/file' (resulting from input of the
1527 * form `host:/file') means that we should do "CWD /" before
1528 * retrieving the file. So we set dir="/" and file="file".
1529 *
1530 * But if we are dealing with URLs like `ftp://host/path' then
1531 * a path of the form `/file' (resulting from a URL of the form
1532 * `ftp://host//file') means that we should do `CWD ' (with an
1533 * empty argument) before retrieving the file. So we set
1534 * dir="" and file="file".
1535 *
1536 * If the path does not contain / at all, we set dir=NULL.
1537 * (We get a path without any slashes if we are dealing with
1538 * classic `[user@]host:[file]' or URL `ftp://host/file'.)
1539 *
1540 * In all other cases, we set dir to a string that does not
1541 * include the final '/' that separates the dir part from the
1542 * file part of the path. (This will be the empty string if
1543 * and only if we are dealing with a path of the form `/file'
1544 * resulting from an URL of the form `ftp://host//file'.)
1545 */
1546 cp = strrchr(dir, '/');
1547 if (cp == dir && urltype == CLASSIC_URL_T) {
1548 file = cp + 1;
1549 (void)strlcpy(dirbuf, "/", sizeof(dirbuf));
1550 dir = dirbuf;
1551 } else if (cp != NULL) {
1552 *cp++ = '\0';
1553 file = cp;
1554 } else {
1555 file = dir;
1556 dir = NULL;
1557 }
1558 } else
1559 dir = NULL;
1560 if (urltype == FTP_URL_T && file != NULL) {
1561 url_decode(file);
1562 /* but still don't url_decode(dir) */
1563 }
1564 DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s "
1565 "path `%s' dir `%s' file `%s'\n",
1566 STRorNULL(uuser), STRorNULL(pass),
1567 STRorNULL(host), STRorNULL(port),
1568 STRorNULL(path), STRorNULL(dir), STRorNULL(file));
1569
1570 dirhasglob = filehasglob = 0;
1571 if (doglob && urltype == CLASSIC_URL_T) {
1572 if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL)
1573 dirhasglob = 1;
1574 if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL)
1575 filehasglob = 1;
1576 }
1577
1578 /* Set up the connection */
1579 oanonftp = anonftp;
1580 if (connected)
1581 disconnect(0, NULL);
1582 anonftp = oanonftp;
1583 (void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf));
1584 xargv[0] = cmdbuf;
1585 xargv[1] = host;
1586 xargv[2] = NULL;
1587 xargc = 2;
1588 if (port) {
1589 xargv[2] = port;
1590 xargv[3] = NULL;
1591 xargc = 3;
1592 }
1593 oautologin = autologin;
1594 /* don't autologin in setpeer(), use ftp_login() below */
1595 autologin = 0;
1596 setpeer(xargc, xargv);
1597 autologin = oautologin;
1598 if ((connected == 0) ||
1599 (connected == 1 && !ftp_login(host, uuser, pass))) {
1600 warnx("Can't connect or login to host `%s:%s'",
1601 host, port ? port : "?");
1602 goto cleanup_fetch_ftp;
1603 }
1604
1605 switch (transtype) {
1606 case TYPE_A:
1607 setascii(1, xargv);
1608 break;
1609 case TYPE_I:
1610 setbinary(1, xargv);
1611 break;
1612 default:
1613 errx(1, "fetch_ftp: unknown transfer type %d", transtype);
1614 }
1615
1616 /*
1617 * Change directories, if necessary.
1618 *
1619 * Note: don't use EMPTYSTRING(dir) below, because
1620 * dir=="" means something different from dir==NULL.
1621 */
1622 if (dir != NULL && !dirhasglob) {
1623 char *nextpart;
1624
1625 /*
1626 * If we are dealing with a classic `[user@]host:[path]'
1627 * (urltype is CLASSIC_URL_T) then we have a raw directory
1628 * name (not encoded in any way) and we can change
1629 * directories in one step.
1630 *
1631 * If we are dealing with an `ftp://host/path' URL
1632 * (urltype is FTP_URL_T), then RFC 3986 says we need to
1633 * send a separate CWD command for each unescaped "/"
1634 * in the path, and we have to interpret %hex escaping
1635 * *after* we find the slashes. It's possible to get
1636 * empty components here, (from multiple adjacent
1637 * slashes in the path) and RFC 3986 says that we should
1638 * still do `CWD ' (with a null argument) in such cases.
1639 *
1640 * Many ftp servers don't support `CWD ', so if there's an
1641 * error performing that command, bail out with a descriptive
1642 * message.
1643 *
1644 * Examples:
1645 *
1646 * host: dir="", urltype=CLASSIC_URL_T
1647 * logged in (to default directory)
1648 * host:file dir=NULL, urltype=CLASSIC_URL_T
1649 * "RETR file"
1650 * host:dir/ dir="dir", urltype=CLASSIC_URL_T
1651 * "CWD dir", logged in
1652 * ftp://host/ dir="", urltype=FTP_URL_T
1653 * logged in (to default directory)
1654 * ftp://host/dir/ dir="dir", urltype=FTP_URL_T
1655 * "CWD dir", logged in
1656 * ftp://host/file dir=NULL, urltype=FTP_URL_T
1657 * "RETR file"
1658 * ftp://host//file dir="", urltype=FTP_URL_T
1659 * "CWD ", "RETR file"
1660 * host:/file dir="/", urltype=CLASSIC_URL_T
1661 * "CWD /", "RETR file"
1662 * ftp://host///file dir="/", urltype=FTP_URL_T
1663 * "CWD ", "CWD ", "RETR file"
1664 * ftp://host/%2F/file dir="%2F", urltype=FTP_URL_T
1665 * "CWD /", "RETR file"
1666 * ftp://host/foo/file dir="foo", urltype=FTP_URL_T
1667 * "CWD foo", "RETR file"
1668 * ftp://host/foo/bar/file dir="foo/bar"
1669 * "CWD foo", "CWD bar", "RETR file"
1670 * ftp://host//foo/bar/file dir="/foo/bar"
1671 * "CWD ", "CWD foo", "CWD bar", "RETR file"
1672 * ftp://host/foo//bar/file dir="foo//bar"
1673 * "CWD foo", "CWD ", "CWD bar", "RETR file"
1674 * ftp://host/%2F/foo/bar/file dir="%2F/foo/bar"
1675 * "CWD /", "CWD foo", "CWD bar", "RETR file"
1676 * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar"
1677 * "CWD /foo", "CWD bar", "RETR file"
1678 * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar"
1679 * "CWD /foo/bar", "RETR file"
1680 * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL
1681 * "RETR /foo/bar/file"
1682 *
1683 * Note that we don't need `dir' after this point.
1684 */
1685 do {
1686 if (urltype == FTP_URL_T) {
1687 nextpart = strchr(dir, '/');
1688 if (nextpart) {
1689 *nextpart = '\0';
1690 nextpart++;
1691 }
1692 url_decode(dir);
1693 } else
1694 nextpart = NULL;
1695 DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n",
1696 STRorNULL(dir), STRorNULL(nextpart));
1697 if (urltype == FTP_URL_T || *dir != '\0') {
1698 (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf));
1699 xargv[0] = cmdbuf;
1700 xargv[1] = dir;
1701 xargv[2] = NULL;
1702 dirchange = 0;
1703 cd(2, xargv);
1704 if (! dirchange) {
1705 if (*dir == '\0' && code == 500)
1706 fprintf(stderr,
1707 "\n"
1708 "ftp: The `CWD ' command (without a directory), which is required by\n"
1709 " RFC 3986 to support the empty directory in the URL pathname (`//'),\n"
1710 " conflicts with the server's conformance to RFC 959.\n"
1711 " Try the same URL without the `//' in the URL pathname.\n"
1712 "\n");
1713 goto cleanup_fetch_ftp;
1714 }
1715 }
1716 dir = nextpart;
1717 } while (dir != NULL);
1718 }
1719
1720 if (EMPTYSTRING(file)) {
1721 rval = -1;
1722 goto cleanup_fetch_ftp;
1723 }
1724
1725 if (dirhasglob) {
1726 (void)strlcpy(rempath, dir, sizeof(rempath));
1727 (void)strlcat(rempath, "/", sizeof(rempath));
1728 (void)strlcat(rempath, file, sizeof(rempath));
1729 file = rempath;
1730 }
1731
1732 /* Fetch the file(s). */
1733 xargc = 2;
1734 (void)strlcpy(cmdbuf, "get", sizeof(cmdbuf));
1735 xargv[0] = cmdbuf;
1736 xargv[1] = file;
1737 xargv[2] = NULL;
1738 if (dirhasglob || filehasglob) {
1739 int ointeractive;
1740
1741 ointeractive = interactive;
1742 interactive = 0;
1743 if (restartautofetch)
1744 (void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf));
1745 else
1746 (void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf));
1747 xargv[0] = cmdbuf;
1748 mget(xargc, xargv);
1749 interactive = ointeractive;
1750 } else {
1751 if (outfile == NULL) {
1752 cp = strrchr(file, '/'); /* find savefile */
1753 if (cp != NULL)
1754 outfile = cp + 1;
1755 else
1756 outfile = file;
1757 }
1758 xargv[2] = (char *)outfile;
1759 xargv[3] = NULL;
1760 xargc++;
1761 if (restartautofetch)
1762 reget(xargc, xargv);
1763 else
1764 get(xargc, xargv);
1765 }
1766
1767 if ((code / 100) == COMPLETE)
1768 rval = 0;
1769
1770 cleanup_fetch_ftp:
1771 FREEPTR(port);
1772 FREEPTR(host);
1773 FREEPTR(path);
1774 FREEPTR(uuser);
1775 if (pass)
1776 memset(pass, 0, strlen(pass));
1777 FREEPTR(pass);
1778 return (rval);
1779 }
1780
1781 /*
1782 * Retrieve the given file to outfile.
1783 * Supports arguments of the form:
1784 * "host:path", "ftp://host/path" if $ftpproxy, call fetch_url() else
1785 * call fetch_ftp()
1786 * "http://host/path" call fetch_url() to use HTTP
1787 * "file:///path" call fetch_url() to copy
1788 * "about:..." print a message
1789 *
1790 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1791 * is still open (e.g, ftp xfer with trailing /)
1792 */
1793 static int
go_fetch(const char * url)1794 go_fetch(const char *url)
1795 {
1796 char *proxyenv;
1797 char *p;
1798
1799 #ifndef NO_ABOUT
1800 /*
1801 * Check for about:*
1802 */
1803 if (STRNEQUAL(url, ABOUT_URL)) {
1804 url += sizeof(ABOUT_URL) -1;
1805 if (strcasecmp(url, "ftp") == 0 ||
1806 strcasecmp(url, "tnftp") == 0) {
1807 fputs(
1808 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n"
1809 "for the NetBSD project. Execute `man ftp' for more details.\n", ttyout);
1810 } else if (strcasecmp(url, "lukem") == 0) {
1811 fputs(
1812 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n"
1813 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout);
1814 } else if (strcasecmp(url, "netbsd") == 0) {
1815 fputs(
1816 "NetBSD is a freely available and redistributable UNIX-like operating system.\n"
1817 "For more information, see http://www.NetBSD.org/\n", ttyout);
1818 } else if (strcasecmp(url, "version") == 0) {
1819 fprintf(ttyout, "Version: %s %s%s\n",
1820 FTP_PRODUCT, FTP_VERSION,
1821 #ifdef INET6
1822 ""
1823 #else
1824 " (-IPv6)"
1825 #endif
1826 );
1827 } else {
1828 fprintf(ttyout, "`%s' is an interesting topic.\n", url);
1829 }
1830 fputs("\n", ttyout);
1831 return (0);
1832 }
1833 #endif
1834
1835 /*
1836 * Check for file:// and http:// URLs.
1837 */
1838 if (STRNEQUAL(url, HTTP_URL)
1839 #ifdef WITH_SSL
1840 || STRNEQUAL(url, HTTPS_URL)
1841 #endif
1842 || STRNEQUAL(url, FILE_URL))
1843 return (fetch_url(url, NULL, NULL, NULL));
1844
1845 /*
1846 * If it contains "://" but does not begin with ftp://
1847 * or something that was already handled, then it's
1848 * unsupported.
1849 *
1850 * If it contains ":" but not "://" then we assume the
1851 * part before the colon is a host name, not an URL scheme,
1852 * so we don't try to match that here.
1853 */
1854 if ((p = strstr(url, "://")) != NULL && ! STRNEQUAL(url, FTP_URL))
1855 errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url);
1856
1857 /*
1858 * Try FTP URL-style and host:file arguments next.
1859 * If ftpproxy is set with an FTP URL, use fetch_url()
1860 * Othewise, use fetch_ftp().
1861 */
1862 proxyenv = getoptionvalue("ftp_proxy");
1863 if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL))
1864 return (fetch_url(url, NULL, NULL, NULL));
1865
1866 return (fetch_ftp(url));
1867 }
1868
1869 /*
1870 * Retrieve multiple files from the command line,
1871 * calling go_fetch() for each file.
1872 *
1873 * If an ftp path has a trailing "/", the path will be cd-ed into and
1874 * the connection remains open, and the function will return -1
1875 * (to indicate the connection is alive).
1876 * If an error occurs the return value will be the offset+1 in
1877 * argv[] of the file that caused a problem (i.e, argv[x]
1878 * returns x+1)
1879 * Otherwise, 0 is returned if all files retrieved successfully.
1880 */
1881 int
auto_fetch(int argc,char * argv[])1882 auto_fetch(int argc, char *argv[])
1883 {
1884 volatile int argpos, rval;
1885
1886 argpos = rval = 0;
1887
1888 if (sigsetjmp(toplevel, 1)) {
1889 if (connected)
1890 disconnect(0, NULL);
1891 if (rval > 0)
1892 rval = argpos + 1;
1893 return (rval);
1894 }
1895 (void)xsignal(SIGINT, intr);
1896 (void)xsignal(SIGPIPE, lostpeer);
1897
1898 /*
1899 * Loop through as long as there's files to fetch.
1900 */
1901 for (; (rval == 0) && (argpos < argc); argpos++) {
1902 if (strchr(argv[argpos], ':') == NULL)
1903 break;
1904 redirect_loop = 0;
1905 if (!anonftp)
1906 anonftp = 2; /* Handle "automatic" transfers. */
1907 rval = go_fetch(argv[argpos]);
1908 if (outfile != NULL && strcmp(outfile, "-") != 0
1909 && outfile[0] != '|')
1910 outfile = NULL;
1911 if (rval > 0)
1912 rval = argpos + 1;
1913 }
1914
1915 if (connected && rval != -1)
1916 disconnect(0, NULL);
1917 return (rval);
1918 }
1919
1920
1921 /*
1922 * Upload multiple files from the command line.
1923 *
1924 * If an error occurs the return value will be the offset+1 in
1925 * argv[] of the file that caused a problem (i.e, argv[x]
1926 * returns x+1)
1927 * Otherwise, 0 is returned if all files uploaded successfully.
1928 */
1929 int
auto_put(int argc,char ** argv,const char * uploadserver)1930 auto_put(int argc, char **argv, const char *uploadserver)
1931 {
1932 char *uargv[4], *path, *pathsep;
1933 int uargc, rval, argpos;
1934 size_t len;
1935 char cmdbuf[MAX_C_NAME];
1936
1937 (void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf));
1938 uargv[0] = cmdbuf;
1939 uargv[1] = argv[0];
1940 uargc = 2;
1941 uargv[2] = uargv[3] = NULL;
1942 pathsep = NULL;
1943 rval = 1;
1944
1945 DPRINTF("auto_put: target `%s'\n", uploadserver);
1946
1947 path = ftp_strdup(uploadserver);
1948 len = strlen(path);
1949 if (path[len - 1] != '/' && path[len - 1] != ':') {
1950 /*
1951 * make sure we always pass a directory to auto_fetch
1952 */
1953 if (argc > 1) { /* more than one file to upload */
1954 len = strlen(uploadserver) + 2; /* path + "/" + "\0" */
1955 free(path);
1956 path = (char *)ftp_malloc(len);
1957 (void)strlcpy(path, uploadserver, len);
1958 (void)strlcat(path, "/", len);
1959 } else { /* single file to upload */
1960 (void)strlcpy(cmdbuf, "put", sizeof(cmdbuf));
1961 uargv[0] = cmdbuf;
1962 pathsep = strrchr(path, '/');
1963 if (pathsep == NULL) {
1964 pathsep = strrchr(path, ':');
1965 if (pathsep == NULL) {
1966 warnx("Invalid URL `%s'", path);
1967 goto cleanup_auto_put;
1968 }
1969 pathsep++;
1970 uargv[2] = ftp_strdup(pathsep);
1971 pathsep[0] = '/';
1972 } else
1973 uargv[2] = ftp_strdup(pathsep + 1);
1974 pathsep[1] = '\0';
1975 uargc++;
1976 }
1977 }
1978 DPRINTF("auto_put: URL `%s' argv[2] `%s'\n",
1979 path, STRorNULL(uargv[2]));
1980
1981 /* connect and cwd */
1982 rval = auto_fetch(1, &path);
1983 if(rval >= 0)
1984 goto cleanup_auto_put;
1985
1986 rval = 0;
1987
1988 /* target filename provided; upload 1 file */
1989 /* XXX : is this the best way? */
1990 if (uargc == 3) {
1991 uargv[1] = argv[0];
1992 put(uargc, uargv);
1993 if ((code / 100) != COMPLETE)
1994 rval = 1;
1995 } else { /* otherwise a target dir: upload all files to it */
1996 for(argpos = 0; argv[argpos] != NULL; argpos++) {
1997 uargv[1] = argv[argpos];
1998 mput(uargc, uargv);
1999 if ((code / 100) != COMPLETE) {
2000 rval = argpos + 1;
2001 break;
2002 }
2003 }
2004 }
2005
2006 cleanup_auto_put:
2007 free(path);
2008 FREEPTR(uargv[2]);
2009 return (rval);
2010 }
2011