1.\"- 2.\" Copyright (c) 2000-2014 Dag-Erling Smørgrav 3.\" Copyright (c) 2013-2016 Michael Gmelin <freebsd@grem.de> 4.\" All rights reserved. 5.\" Portions Copyright (c) 1999 Massachusetts Institute of Technology; used 6.\" by permission. 7.\" 8.\" Redistribution and use in source and binary forms, with or without 9.\" modification, are permitted provided that the following conditions 10.\" are met: 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer 13.\" in this position and unchanged. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. The name of the author may not be used to endorse or promote products 18.\" derived from this software without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30.\" 31.\" $FreeBSD: head/usr.bin/fetch/fetch.1 333306 2018-05-06 15:59:03Z bjk $ 32.\" 33.Dd April 25, 2019 34.Dt FETCH 1 35.Os 36.Sh NAME 37.Nm fetch 38.Nd retrieve a file by Uniform Resource Locator 39.Sh SYNOPSIS 40.Nm 41.Op Fl 146AadFlMmnPpqRrsUv 42.Op Fl B Ar bytes 43.Op Fl -bind-address= Ns Ar host 44.Op Fl -ca-cert= Ns Ar file 45.Op Fl -ca-path= Ns Ar dir 46.Op Fl -cert= Ns Ar file 47.Op Fl -crl= Ns Ar file 48.Op Fl i Ar file 49.Op Fl -key= Ns Ar file 50.Op Fl N Ar file 51.Op Fl -no-passive 52.Op Fl -no-proxy= Ns Ar list 53.Op Fl -no-sslv3 54.Op Fl -no-tlsv1 55.Op Fl -no-verify-hostname 56.Op Fl -no-verify-peer 57.Op Fl o Ar file 58.Op Fl -referer= Ns Ar URL 59.Op Fl S Ar bytes 60.Op Fl T Ar seconds 61.Op Fl -user-agent= Ns Ar agent-string 62.Op Fl w Ar seconds 63.Ar URL ... 64.Nm 65.Op Fl 146AadFlMmnPpqRrsUv 66.Op Fl B Ar bytes 67.Op Fl -bind-address= Ns Ar host 68.Op Fl -ca-cert= Ns Ar file 69.Op Fl -ca-path= Ns Ar dir 70.Op Fl -cert= Ns Ar file 71.Op Fl -crl= Ns Ar file 72.Op Fl i Ar file 73.Op Fl -key= Ns Ar file 74.Op Fl N Ar file 75.Op Fl -no-passive 76.Op Fl -no-proxy= Ns Ar list 77.Op Fl -no-sslv3 78.Op Fl -no-tlsv1 79.Op Fl -no-verify-hostname 80.Op Fl -no-verify-peer 81.Op Fl o Ar file 82.Op Fl -referer= Ns Ar URL 83.Op Fl S Ar bytes 84.Op Fl T Ar seconds 85.Op Fl -user-agent= Ns Ar agent-string 86.Op Fl w Ar seconds 87.Fl h Ar host Fl f Ar file Oo Fl c Ar dir Oc 88.Sh DESCRIPTION 89The 90.Nm 91utility provides a command-line interface to the 92.Xr fetch 3 93library. 94Its purpose is to retrieve the file(s) pointed to by the URL(s) on the 95command line. 96.Pp 97The following options are available: 98.Bl -tag -width Fl 99.It Fl 1 , -one-file 100Stop and return exit code 0 at the first successfully retrieved file. 101.It Fl 4 , -ipv4-only 102Forces 103.Nm 104to use IPv4 addresses only. 105.It Fl 6 , -ipv6-only 106Forces 107.Nm 108to use IPv6 addresses only. 109.It Fl A , -no-redirect 110Do not automatically follow ``temporary'' (302) redirects. 111Some broken Web sites will return a redirect instead of a not-found 112error when the requested object does not exist. 113.It Fl a , -retry 114Automatically retry the transfer upon soft failures. 115.It Fl B Ar bytes , Fl -buffer-size= Ns Ar bytes 116Specify the read buffer size in bytes. 117The default is 16,384 bytes. 118Attempts to set a buffer size lower than this will be silently 119ignored. 120The number of reads actually performed is reported at verbosity level 121two or higher (see the 122.Fl v 123flag). 124.It Fl -bind-address= Ns Ar host 125Specifies a hostname or IP address to which sockets used for outgoing 126connections will be bound. 127.It Fl c Ar dir 128The file to retrieve is in directory 129.Ar dir 130on the remote host. 131This option is deprecated and is provided for backward compatibility 132only. 133.It Fl -ca-cert= Ns Ar file 134[SSL] 135Path to certificate bundle containing trusted CA certificates. 136If not specified, 137.Pa /usr/local/etc/ssl/cert.pem 138is used. 139If this file does not exist, 140.Pa /etc/ssl/cert.pem 141is used instead. 142If neither file exists and no CA path has been configured, 143OpenSSL's default CA cert and path settings apply. 144The certificate bundle can contain multiple CA certificates. 145The 146.Pa security/ca_root_nss 147port is a common source of a current CA bundle. 148.It Fl -ca-path= Ns Ar dir 149[SSL] 150The directory 151.Ar dir 152contains trusted CA hashes. 153.It Fl -cert= Ns Ar file 154[SSL] 155.Ar file 156is a PEM encoded client certificate/key which will be used in 157client certificate authentication. 158.It Fl -crl= Ns Ar file 159[SSL] 160Points to certificate revocation list 161.Ar file , 162which has to be in PEM format and may contain peer certificates that have 163been revoked. 164.It Fl d , -direct 165Use a direct connection even if a proxy is configured. 166.It Fl F , -force-restart 167In combination with the 168.Fl r 169flag, forces a restart even if the local and remote files have 170different modification times. 171Implies 172.Fl R . 173.It Fl f Ar file 174The file to retrieve is named 175.Ar file 176on the remote host. 177This option is deprecated and is provided for backward compatibility 178only. 179.It Fl h Ar host 180The file to retrieve is located on the host 181.Ar host . 182This option is deprecated and is provided for backward compatibility 183only. 184.It Fl i Ar file , Fl -if-modified-since= Ns Ar file 185If-Modified-Since mode: the remote file will only be retrieved if it 186is newer than 187.Ar file 188on the local host. 189(HTTP only) 190.It Fl -key= Ns Ar file 191[SSL] 192.Ar file 193is a PEM encoded client key that will be used in client certificate 194authentication in case key and client certificate are stored separately. 195.It Fl l , -symlink 196If the target is a file-scheme URL, make a symbolic link to the target 197rather than trying to copy it. 198.It Fl M 199.It Fl m , -mirror 200Mirror mode: if the file already exists locally and has the same size 201and modification time as the remote file, it will not be fetched. 202Note that the 203.Fl m 204and 205.Fl r 206flags are mutually exclusive. 207.It Fl N Ar file , Fl -netrc= Ns Ar file 208Use 209.Ar file 210instead of 211.Pa ~/.netrc 212to look up login names and passwords for FTP sites. 213See 214.Xr ftp 1 215for a description of the file format. 216This feature is experimental. 217.It Fl n , -no-mtime 218Do not preserve the modification time of the transferred file. 219.It Fl -no-passive 220Forces the FTP code to use active mode. 221.It Fl -no-proxy= Ns Ar list 222Either a single asterisk, which disables the use of proxies 223altogether, or a comma- or whitespace-separated list of hosts for 224which proxies should not be used. 225.It Fl -no-sslv3 226[SSL] 227Do not allow SSL version 3 when negotiating the connection. 228This option is deprecated and is provided for backward compatibility 229only. 230SSLv3 is disabled by default. 231Set 232.Ev SSL_ALLOW_SSL3 233to change this behavior. 234.It Fl -no-tlsv1 235[SSL] 236Do not allow TLS version 1 when negotiating the connection. 237.It Fl -no-verify-hostname 238[SSL] 239Do not verify that the hostname matches the subject of the 240certificate presented by the server. 241.It Fl -no-verify-peer 242[SSL] 243Do not verify the peer certificate against trusted CAs. 244.It Fl o Ar file , Fl -output= Ns Ar file 245Set the output file name to 246.Ar file . 247By default, a ``pathname'' is extracted from the specified URI, and 248its basename is used as the name of the output file. 249A 250.Ar file 251argument of 252.Sq Li \&- 253indicates that results are to be directed to the standard output. 254If the 255.Ar file 256argument is a directory, fetched file(s) will be placed within the 257directory, with name(s) selected as in the default behaviour. 258.It Fl P 259.It Fl p , -passive 260Use passive FTP. 261These flags have no effect, since passive FTP is the default, but are 262provided for compatibility with earlier versions where active FTP was 263the default. 264To force active mode, use the 265.Fl -no-passive 266flag or set the 267.Ev FTP_PASSIVE_MODE 268environment variable to 269.Ql NO . 270.It Fl -referer= Ns Ar URL 271Specifies the referrer URL to use for HTTP requests. 272If 273.Ar URL 274is set to 275.Dq auto , 276the document URL will be used as referrer URL. 277.It Fl q , -quiet 278Quiet mode. 279.It Fl R , -keep-output 280The output files are precious, and should not be deleted under any 281circumstances, even if the transfer failed or was incomplete. 282.It Fl r , -restart 283Restart a previously interrupted transfer. 284Note that the 285.Fl m 286and 287.Fl r 288flags are mutually exclusive. 289.It Fl S Ar bytes , Fl -require-size= Ns Ar bytes 290Require the file size reported by the server to match the specified 291value. 292If it does not, a message is printed and the file is not fetched. 293If the server does not support reporting file sizes, this option is 294ignored and the file is fetched unconditionally. 295.It Fl s , -print-size 296Print the size in bytes of each requested file, without fetching it. 297.It Fl T Ar seconds , Fl -timeout= Ns Ar seconds 298Set timeout value to 299.Ar seconds . 300Overrides the environment variables 301.Ev FTP_TIMEOUT 302for FTP transfers or 303.Ev HTTP_TIMEOUT 304for HTTP transfers if set. 305The timeout applies to connection and blocking during reads. 306Any progress during the bulk read resets the timeout. 307.It Fl U , -passive-portrange-default 308When using passive FTP, allocate the port for the data connection from 309the low (default) port range. 310See 311.Xr ip 4 312for details on how to specify which port range this corresponds to. 313.It Fl -user-agent= Ns Ar agent-string 314Specifies the User-Agent string to use for HTTP requests. 315This can be useful when working with HTTP origin or proxy servers that 316differentiate between user agents. 317.It Fl v , -verbose 318Increase verbosity level. 319.It Fl w Ar seconds , Fl -retry-delay= Ns Ar seconds 320When the 321.Fl a 322flag is specified, wait this many seconds between successive retries. 323.El 324.Pp 325If 326.Nm 327receives a 328.Dv SIGINFO 329signal (see the 330.Cm status 331argument for 332.Xr stty 1 ) , 333the current transfer rate statistics will be written to the 334standard error output, in the same format as the standard completion 335message. 336.Sh ENVIRONMENT 337.Bl -tag -width HTTP_TIMEOUT 338.It Ev FTP_TIMEOUT 339Maximum time, in seconds, to wait before aborting an FTP connection. 340.It Ev HTTP_TIMEOUT 341Maximum time, in seconds, to wait before aborting an HTTP connection. 342.El 343.Pp 344See 345.Xr fetch 3 346for a description of additional environment variables, including 347.Ev FETCH_BIND_ADDRESS , 348.Ev FTP_LOGIN , 349.Ev FTP_PASSIVE_MODE , 350.Ev FTP_PASSWORD , 351.Ev FTP_PROXY , 352.Ev ftp_proxy , 353.Ev HTTP_ACCEPT , 354.Ev HTTP_AUTH , 355.Ev HTTP_PROXY , 356.Ev http_proxy , 357.Ev HTTP_PROXY_AUTH , 358.Ev HTTP_REFERER , 359.Ev HTTP_USER_AGENT , 360.Ev NETRC , 361.Ev NO_PROXY , 362.Ev no_proxy , 363.Ev SSL_CA_CERT_FILE , 364.Ev SSL_CA_CERT_PATH , 365.Ev SSL_CLIENT_CERT_FILE , 366.Ev SSL_CLIENT_KEY_FILE , 367.Ev SSL_CRL_FILE , 368.Ev SSL_ALLOW_SSL3 , 369.Ev SSL_NO_TLS1 , 370.Ev SSL_NO_TLS1_1 , 371.Ev SSL_NO_TLS1_2 , 372.Ev SSL_NO_VERIFY_HOSTNAME 373and 374.Ev SSL_NO_VERIFY_PEER . 375.Sh EXIT STATUS 376The 377.Nm 378command returns zero on success, or one on failure. 379If multiple URLs are listed on the command line, 380.Nm 381will attempt to retrieve each one of them in turn, and will return 382zero only if they were all successfully retrieved. 383.Pp 384If the 385.Fl i 386argument is used and the remote file is not newer than the 387specified file then the command will still return success, 388although no file is transferred. 389.Sh SEE ALSO 390.Xr fetch 3 , 391.Xr phttpget 8 392.Sh HISTORY 393The 394.Nm 395command appeared in 396.Fx 2.1.5 . 397This implementation first appeared in 398.Fx 4.1 . 399.Sh AUTHORS 400.An -nosplit 401The original implementation of 402.Nm 403was done by 404.An Jean-Marc Zucconi Aq Mt jmz@FreeBSD.org . 405It was extensively re-worked for 406.Fx 2.2 407by 408.An Garrett Wollman Aq Mt wollman@FreeBSD.org , 409and later completely rewritten to use the 410.Xr fetch 3 411library by 412.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org 413and 414.An Michael Gmelin Aq Mt freebsd@grem.de . 415.Sh NOTES 416The 417.Fl b 418and 419.Fl t 420options are no longer supported and will generate warnings. 421They were workarounds for bugs in other OSes which this implementation 422does not trigger. 423.Pp 424One cannot both use the 425.Fl h , 426.Fl c 427and 428.Fl f 429options and specify URLs on the command line. 430