1 /* $NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $ */ 2 3 /*- 4 * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * This code is derived from software contributed to The NetBSD Foundation 11 * by Scott Aaron Bamford. 12 * 13 * This code is derived from software contributed to The NetBSD Foundation 14 * by Thomas Klausner. 15 * 16 * Redistribution and use in source and binary forms, with or without 17 * modification, are permitted provided that the following conditions 18 * are met: 19 * 1. Redistributions of source code must retain the above copyright 20 * notice, this list of conditions and the following disclaimer. 21 * 2. Redistributions in binary form must reproduce the above copyright 22 * notice, this list of conditions and the following disclaimer in the 23 * documentation and/or other materials provided with the distribution. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 26 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 #include <sys/cdefs.h> 39 #ifndef lint 40 __RCSID("$NetBSD: fetch.c,v 1.207 2015/09/12 19:38:42 wiz Exp $"); 41 #endif /* not lint */ 42 43 /* 44 * FTP User Program -- Command line file retrieval 45 */ 46 47 #include <sys/types.h> 48 #include <sys/param.h> 49 #include <sys/socket.h> 50 #include <sys/stat.h> 51 #include <sys/time.h> 52 53 #include <netinet/in.h> 54 55 #include <arpa/ftp.h> 56 #include <arpa/inet.h> 57 58 #include <assert.h> 59 #include <ctype.h> 60 #include <err.h> 61 #include <errno.h> 62 #include <netdb.h> 63 #include <fcntl.h> 64 #include <stdio.h> 65 #include <stdlib.h> 66 #include <string.h> 67 #include <unistd.h> 68 #include <time.h> 69 70 #include "ssl.h" 71 #include "ftp_var.h" 72 #include "version.h" 73 74 typedef enum { 75 UNKNOWN_URL_T=-1, 76 HTTP_URL_T, 77 #ifdef WITH_SSL 78 HTTPS_URL_T, 79 #endif 80 FTP_URL_T, 81 FILE_URL_T, 82 CLASSIC_URL_T 83 } url_t; 84 85 __dead static void aborthttp(int); 86 __dead static void timeouthttp(int); 87 #ifndef NO_AUTH 88 static int auth_url(const char *, char **, const char *, const char *); 89 static void base64_encode(const unsigned char *, size_t, unsigned char *); 90 #endif 91 static int go_fetch(const char *); 92 static int fetch_ftp(const char *); 93 static int fetch_url(const char *, const char *, char *, char *); 94 static const char *match_token(const char **, const char *); 95 static int parse_url(const char *, const char *, url_t *, char **, 96 char **, char **, char **, in_port_t *, char **); 97 static void url_decode(char *); 98 99 static int redirect_loop; 100 101 102 #define STRNEQUAL(a,b) (strncasecmp((a), (b), sizeof((b))-1) == 0) 103 #define ISLWS(x) ((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t') 104 #define SKIPLWS(x) do { while (ISLWS((*x))) x++; } while (0) 105 106 107 #define ABOUT_URL "about:" /* propaganda */ 108 #define FILE_URL "file://" /* file URL prefix */ 109 #define FTP_URL "ftp://" /* ftp URL prefix */ 110 #define HTTP_URL "http://" /* http URL prefix */ 111 #ifdef WITH_SSL 112 #define HTTPS_URL "https://" /* https URL prefix */ 113 114 #define IS_HTTP_TYPE(urltype) \ 115 (((urltype) == HTTP_URL_T) || ((urltype) == HTTPS_URL_T)) 116 #else 117 #define IS_HTTP_TYPE(urltype) \ 118 ((urltype) == HTTP_URL_T) 119 #endif 120 121 /* 122 * Determine if token is the next word in buf (case insensitive). 123 * If so, advance buf past the token and any trailing LWS, and 124 * return a pointer to the token (in buf). Otherwise, return NULL. 125 * token may be preceded by LWS. 126 * token must be followed by LWS or NUL. (I.e, don't partial match). 127 */ 128 static const char * 129 match_token(const char **buf, const char *token) 130 { 131 const char *p, *orig; 132 size_t tlen; 133 134 tlen = strlen(token); 135 p = *buf; 136 SKIPLWS(p); 137 orig = p; 138 if (strncasecmp(p, token, tlen) != 0) 139 return NULL; 140 p += tlen; 141 if (*p != '\0' && !ISLWS(*p)) 142 return NULL; 143 SKIPLWS(p); 144 orig = *buf; 145 *buf = p; 146 return orig; 147 } 148 149 #ifndef NO_AUTH 150 /* 151 * Generate authorization response based on given authentication challenge. 152 * Returns -1 if an error occurred, otherwise 0. 153 * Sets response to a malloc(3)ed string; caller should free. 154 */ 155 static int 156 auth_url(const char *challenge, char **response, const char *guser, 157 const char *gpass) 158 { 159 const char *cp, *scheme, *errormsg; 160 char *ep, *clear, *realm; 161 char uuser[BUFSIZ], *gotpass; 162 const char *upass; 163 int rval; 164 size_t len, clen, rlen; 165 166 *response = NULL; 167 clear = realm = NULL; 168 rval = -1; 169 cp = challenge; 170 scheme = "Basic"; /* only support Basic authentication */ 171 gotpass = NULL; 172 173 DPRINTF("auth_url: challenge `%s'\n", challenge); 174 175 if (! match_token(&cp, scheme)) { 176 warnx("Unsupported authentication challenge `%s'", 177 challenge); 178 goto cleanup_auth_url; 179 } 180 181 #define REALM "realm=\"" 182 if (STRNEQUAL(cp, REALM)) 183 cp += sizeof(REALM) - 1; 184 else { 185 warnx("Unsupported authentication challenge `%s'", 186 challenge); 187 goto cleanup_auth_url; 188 } 189 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */ 190 if ((ep = strchr(cp, '\"')) != NULL) { 191 len = ep - cp; 192 realm = (char *)ftp_malloc(len + 1); 193 (void)strlcpy(realm, cp, len + 1); 194 } else { 195 warnx("Unsupported authentication challenge `%s'", 196 challenge); 197 goto cleanup_auth_url; 198 } 199 200 fprintf(ttyout, "Username for `%s': ", realm); 201 if (guser != NULL) { 202 (void)strlcpy(uuser, guser, sizeof(uuser)); 203 fprintf(ttyout, "%s\n", uuser); 204 } else { 205 (void)fflush(ttyout); 206 if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) { 207 warnx("%s; can't authenticate", errormsg); 208 goto cleanup_auth_url; 209 } 210 } 211 if (gpass != NULL) 212 upass = gpass; 213 else { 214 gotpass = getpass("Password: "); 215 if (gotpass == NULL) { 216 warnx("Can't read password"); 217 goto cleanup_auth_url; 218 } 219 upass = gotpass; 220 } 221 222 clen = strlen(uuser) + strlen(upass) + 2; /* user + ":" + pass + "\0" */ 223 clear = (char *)ftp_malloc(clen); 224 (void)strlcpy(clear, uuser, clen); 225 (void)strlcat(clear, ":", clen); 226 (void)strlcat(clear, upass, clen); 227 if (gotpass) 228 memset(gotpass, 0, strlen(gotpass)); 229 230 /* scheme + " " + enc + "\0" */ 231 rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1; 232 *response = (char *)ftp_malloc(rlen); 233 (void)strlcpy(*response, scheme, rlen); 234 len = strlcat(*response, " ", rlen); 235 /* use `clen - 1' to not encode the trailing NUL */ 236 base64_encode((unsigned char *)clear, clen - 1, 237 (unsigned char *)*response + len); 238 memset(clear, 0, clen); 239 rval = 0; 240 241 cleanup_auth_url: 242 FREEPTR(clear); 243 FREEPTR(realm); 244 return (rval); 245 } 246 247 /* 248 * Encode len bytes starting at clear using base64 encoding into encoded, 249 * which should be at least ((len + 2) * 4 / 3 + 1) in size. 250 */ 251 static void 252 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded) 253 { 254 static const unsigned char enc[] = 255 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 256 unsigned char *cp; 257 size_t i; 258 259 cp = encoded; 260 for (i = 0; i < len; i += 3) { 261 *(cp++) = enc[((clear[i + 0] >> 2))]; 262 *(cp++) = enc[((clear[i + 0] << 4) & 0x30) 263 | ((clear[i + 1] >> 4) & 0x0f)]; 264 *(cp++) = enc[((clear[i + 1] << 2) & 0x3c) 265 | ((clear[i + 2] >> 6) & 0x03)]; 266 *(cp++) = enc[((clear[i + 2] ) & 0x3f)]; 267 } 268 *cp = '\0'; 269 while (i-- > len) 270 *(--cp) = '='; 271 } 272 #endif 273 274 /* 275 * Decode %xx escapes in given string, `in-place'. 276 */ 277 static void 278 url_decode(char *url) 279 { 280 unsigned char *p, *q; 281 282 if (EMPTYSTRING(url)) 283 return; 284 p = q = (unsigned char *)url; 285 286 #define HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10)) 287 while (*p) { 288 if (p[0] == '%' 289 && p[1] && isxdigit((unsigned char)p[1]) 290 && p[2] && isxdigit((unsigned char)p[2])) { 291 *q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]); 292 p+=3; 293 } else 294 *q++ = *p++; 295 } 296 *q = '\0'; 297 } 298 299 300 /* 301 * Parse URL of form (per RFC 3986): 302 * <type>://[<user>[:<password>]@]<host>[:<port>][/<path>] 303 * Returns -1 if a parse error occurred, otherwise 0. 304 * It's the caller's responsibility to url_decode() the returned 305 * user, pass and path. 306 * 307 * Sets type to url_t, each of the given char ** pointers to a 308 * malloc(3)ed strings of the relevant section, and port to 309 * the number given, or ftpport if ftp://, or httpport if http://. 310 * 311 * XXX: this is not totally RFC 3986 compliant; <path> will have the 312 * leading `/' unless it's an ftp:// URL, as this makes things easier 313 * for file:// and http:// URLs. ftp:// URLs have the `/' between the 314 * host and the URL-path removed, but any additional leading slashes 315 * in the URL-path are retained (because they imply that we should 316 * later do "CWD" with a null argument). 317 * 318 * Examples: 319 * input URL output path 320 * --------- ----------- 321 * "http://host" "/" 322 * "http://host/" "/" 323 * "http://host/path" "/path" 324 * "file://host/dir/file" "dir/file" 325 * "ftp://host" "" 326 * "ftp://host/" "" 327 * "ftp://host//" "/" 328 * "ftp://host/dir/file" "dir/file" 329 * "ftp://host//dir/file" "/dir/file" 330 */ 331 static int 332 parse_url(const char *url, const char *desc, url_t *utype, 333 char **uuser, char **pass, char **host, char **port, 334 in_port_t *portnum, char **path) 335 { 336 const char *origurl, *tport; 337 char *cp, *ep, *thost; 338 size_t len; 339 340 if (url == NULL || desc == NULL || utype == NULL || uuser == NULL 341 || pass == NULL || host == NULL || port == NULL || portnum == NULL 342 || path == NULL) 343 errx(1, "parse_url: invoked with NULL argument!"); 344 DPRINTF("parse_url: %s `%s'\n", desc, url); 345 346 origurl = url; 347 *utype = UNKNOWN_URL_T; 348 *uuser = *pass = *host = *port = *path = NULL; 349 *portnum = 0; 350 tport = NULL; 351 352 if (STRNEQUAL(url, HTTP_URL)) { 353 url += sizeof(HTTP_URL) - 1; 354 *utype = HTTP_URL_T; 355 *portnum = HTTP_PORT; 356 tport = httpport; 357 } else if (STRNEQUAL(url, FTP_URL)) { 358 url += sizeof(FTP_URL) - 1; 359 *utype = FTP_URL_T; 360 *portnum = FTP_PORT; 361 tport = ftpport; 362 } else if (STRNEQUAL(url, FILE_URL)) { 363 url += sizeof(FILE_URL) - 1; 364 *utype = FILE_URL_T; 365 #ifdef WITH_SSL 366 } else if (STRNEQUAL(url, HTTPS_URL)) { 367 url += sizeof(HTTPS_URL) - 1; 368 *utype = HTTPS_URL_T; 369 *portnum = HTTPS_PORT; 370 tport = httpsport; 371 #endif 372 } else { 373 warnx("Invalid %s `%s'", desc, url); 374 cleanup_parse_url: 375 FREEPTR(*uuser); 376 if (*pass != NULL) 377 memset(*pass, 0, strlen(*pass)); 378 FREEPTR(*pass); 379 FREEPTR(*host); 380 FREEPTR(*port); 381 FREEPTR(*path); 382 return (-1); 383 } 384 385 if (*url == '\0') 386 return (0); 387 388 /* find [user[:pass]@]host[:port] */ 389 ep = strchr(url, '/'); 390 if (ep == NULL) 391 thost = ftp_strdup(url); 392 else { 393 len = ep - url; 394 thost = (char *)ftp_malloc(len + 1); 395 (void)strlcpy(thost, url, len + 1); 396 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 397 ep++; 398 *path = ftp_strdup(ep); 399 } 400 401 cp = strchr(thost, '@'); /* look for user[:pass]@ in URLs */ 402 if (cp != NULL) { 403 if (*utype == FTP_URL_T) 404 anonftp = 0; /* disable anonftp */ 405 *uuser = thost; 406 *cp = '\0'; 407 thost = ftp_strdup(cp + 1); 408 cp = strchr(*uuser, ':'); 409 if (cp != NULL) { 410 *cp = '\0'; 411 *pass = ftp_strdup(cp + 1); 412 } 413 url_decode(*uuser); 414 if (*pass) 415 url_decode(*pass); 416 } 417 418 #ifdef INET6 419 /* 420 * Check if thost is an encoded IPv6 address, as per 421 * RFC 3986: 422 * `[' ipv6-address ']' 423 */ 424 if (*thost == '[') { 425 cp = thost + 1; 426 if ((ep = strchr(cp, ']')) == NULL || 427 (ep[1] != '\0' && ep[1] != ':')) { 428 warnx("Invalid address `%s' in %s `%s'", 429 thost, desc, origurl); 430 goto cleanup_parse_url; 431 } 432 len = ep - cp; /* change `[xyz]' -> `xyz' */ 433 memmove(thost, thost + 1, len); 434 thost[len] = '\0'; 435 if (! isipv6addr(thost)) { 436 warnx("Invalid IPv6 address `%s' in %s `%s'", 437 thost, desc, origurl); 438 goto cleanup_parse_url; 439 } 440 cp = ep + 1; 441 if (*cp == ':') 442 cp++; 443 else 444 cp = NULL; 445 } else 446 #endif /* INET6 */ 447 if ((cp = strchr(thost, ':')) != NULL) 448 *cp++ = '\0'; 449 *host = thost; 450 451 /* look for [:port] */ 452 if (cp != NULL) { 453 unsigned long nport; 454 455 nport = strtoul(cp, &ep, 10); 456 if (*cp == '\0' || *ep != '\0' || 457 nport < 1 || nport > MAX_IN_PORT_T) { 458 warnx("Unknown port `%s' in %s `%s'", 459 cp, desc, origurl); 460 goto cleanup_parse_url; 461 } 462 *portnum = nport; 463 tport = cp; 464 } 465 466 if (tport != NULL) 467 *port = ftp_strdup(tport); 468 if (*path == NULL) { 469 const char *emptypath = "/"; 470 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 471 emptypath++; 472 *path = ftp_strdup(emptypath); 473 } 474 475 DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) " 476 "path `%s'\n", 477 STRorNULL(*uuser), STRorNULL(*pass), 478 STRorNULL(*host), STRorNULL(*port), 479 *portnum ? *portnum : -1, STRorNULL(*path)); 480 481 return (0); 482 } 483 484 sigjmp_buf httpabort; 485 486 /* 487 * Retrieve URL, via a proxy if necessary, using HTTP. 488 * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or 489 * http_proxy/https_proxy as appropriate. 490 * Supports HTTP redirects. 491 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 492 * is still open (e.g, ftp xfer with trailing /) 493 */ 494 static int 495 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth) 496 { 497 struct addrinfo hints, *res, *res0 = NULL; 498 int error; 499 sigfunc volatile oldint; 500 sigfunc volatile oldpipe; 501 sigfunc volatile oldalrm; 502 sigfunc volatile oldquit; 503 int volatile s; 504 struct stat sb; 505 int volatile ischunked; 506 int volatile isproxy; 507 int volatile rval; 508 int volatile hcode; 509 int len; 510 size_t flen; 511 static size_t bufsize; 512 static char *xferbuf; 513 const char *cp, *token; 514 char *ep; 515 char buf[FTPBUFLEN]; 516 const char *errormsg; 517 char *volatile savefile; 518 char *volatile auth; 519 char *volatile location; 520 char *volatile message; 521 char *uuser, *pass, *host, *port, *path; 522 char *volatile decodedpath; 523 char *puser, *ppass, *useragent; 524 off_t hashbytes, rangestart, rangeend, entitylen; 525 int (*volatile closefunc)(FILE *); 526 FETCH *volatile fin; 527 FILE *volatile fout; 528 const char *volatile penv = proxyenv; 529 time_t mtime; 530 url_t urltype; 531 in_port_t portnum; 532 #ifdef WITH_SSL 533 void *ssl; 534 #endif 535 536 DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv)); 537 538 oldquit = oldalrm = oldint = oldpipe = NULL; 539 closefunc = NULL; 540 fin = NULL; 541 fout = NULL; 542 s = -1; 543 savefile = NULL; 544 auth = location = message = NULL; 545 ischunked = isproxy = hcode = 0; 546 rval = 1; 547 uuser = pass = host = path = decodedpath = puser = ppass = NULL; 548 549 if (sigsetjmp(httpabort, 1)) 550 goto cleanup_fetch_url; 551 552 if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port, 553 &portnum, &path) == -1) 554 goto cleanup_fetch_url; 555 556 if (urltype == FILE_URL_T && ! EMPTYSTRING(host) 557 && strcasecmp(host, "localhost") != 0) { 558 warnx("No support for non local file URL `%s'", url); 559 goto cleanup_fetch_url; 560 } 561 562 if (EMPTYSTRING(path)) { 563 if (urltype == FTP_URL_T) { 564 rval = fetch_ftp(url); 565 goto cleanup_fetch_url; 566 } 567 if (!IS_HTTP_TYPE(urltype) || outfile == NULL) { 568 warnx("Invalid URL (no file after host) `%s'", url); 569 goto cleanup_fetch_url; 570 } 571 } 572 573 decodedpath = ftp_strdup(path); 574 url_decode(decodedpath); 575 576 if (outfile) 577 savefile = outfile; 578 else { 579 cp = strrchr(decodedpath, '/'); /* find savefile */ 580 if (cp != NULL) 581 savefile = ftp_strdup(cp + 1); 582 else 583 savefile = ftp_strdup(decodedpath); 584 } 585 DPRINTF("%s: savefile `%s'\n", __func__, savefile); 586 if (EMPTYSTRING(savefile)) { 587 if (urltype == FTP_URL_T) { 588 rval = fetch_ftp(url); 589 goto cleanup_fetch_url; 590 } 591 warnx("No file after directory (you must specify an " 592 "output file) `%s'", url); 593 goto cleanup_fetch_url; 594 } 595 596 restart_point = 0; 597 filesize = -1; 598 rangestart = rangeend = entitylen = -1; 599 mtime = -1; 600 if (restartautofetch) { 601 if (stat(savefile, &sb) == 0) 602 restart_point = sb.st_size; 603 } 604 if (urltype == FILE_URL_T) { /* file:// URLs */ 605 direction = "copied"; 606 fin = fetch_open(decodedpath, "r"); 607 if (fin == NULL) { 608 warn("Can't open `%s'", decodedpath); 609 goto cleanup_fetch_url; 610 } 611 if (fstat(fetch_fileno(fin), &sb) == 0) { 612 mtime = sb.st_mtime; 613 filesize = sb.st_size; 614 } 615 if (restart_point) { 616 if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) { 617 warn("Can't seek to restart `%s'", 618 decodedpath); 619 goto cleanup_fetch_url; 620 } 621 } 622 if (verbose) { 623 fprintf(ttyout, "Copying %s", decodedpath); 624 if (restart_point) 625 fprintf(ttyout, " (restarting at " LLF ")", 626 (LLT)restart_point); 627 fputs("\n", ttyout); 628 } 629 if (0 == rcvbuf_size) { 630 rcvbuf_size = 8 * 1024; /* XXX */ 631 } 632 } else { /* ftp:// or http:// URLs */ 633 const char *leading; 634 int hasleading; 635 636 if (penv == NULL) { 637 #ifdef WITH_SSL 638 if (urltype == HTTPS_URL_T) 639 penv = getoptionvalue("https_proxy"); 640 #endif 641 if (penv == NULL && IS_HTTP_TYPE(urltype)) 642 penv = getoptionvalue("http_proxy"); 643 else if (urltype == FTP_URL_T) 644 penv = getoptionvalue("ftp_proxy"); 645 } 646 direction = "retrieved"; 647 if (! EMPTYSTRING(penv)) { /* use proxy */ 648 url_t purltype; 649 char *phost, *ppath; 650 char *pport, *no_proxy; 651 in_port_t pportnum; 652 653 isproxy = 1; 654 655 /* check URL against list of no_proxied sites */ 656 no_proxy = getoptionvalue("no_proxy"); 657 if (! EMPTYSTRING(no_proxy)) { 658 char *np, *np_copy, *np_iter; 659 unsigned long np_port; 660 size_t hlen, plen; 661 662 np_iter = np_copy = ftp_strdup(no_proxy); 663 hlen = strlen(host); 664 while ((cp = strsep(&np_iter, " ,")) != NULL) { 665 if (*cp == '\0') 666 continue; 667 if ((np = strrchr(cp, ':')) != NULL) { 668 *np++ = '\0'; 669 np_port = strtoul(np, &ep, 10); 670 if (*np == '\0' || *ep != '\0') 671 continue; 672 if (np_port != portnum) 673 continue; 674 } 675 plen = strlen(cp); 676 if (hlen < plen) 677 continue; 678 if (strncasecmp(host + hlen - plen, 679 cp, plen) == 0) { 680 isproxy = 0; 681 break; 682 } 683 } 684 FREEPTR(np_copy); 685 if (isproxy == 0 && urltype == FTP_URL_T) { 686 rval = fetch_ftp(url); 687 goto cleanup_fetch_url; 688 } 689 } 690 691 if (isproxy) { 692 if (restart_point) { 693 warnx("Can't restart via proxy URL `%s'", 694 penv); 695 goto cleanup_fetch_url; 696 } 697 if (parse_url(penv, "proxy URL", &purltype, 698 &puser, &ppass, &phost, &pport, &pportnum, 699 &ppath) == -1) 700 goto cleanup_fetch_url; 701 702 if ((!IS_HTTP_TYPE(purltype) 703 && purltype != FTP_URL_T) || 704 EMPTYSTRING(phost) || 705 (! EMPTYSTRING(ppath) 706 && strcmp(ppath, "/") != 0)) { 707 warnx("Malformed proxy URL `%s'", penv); 708 FREEPTR(phost); 709 FREEPTR(pport); 710 FREEPTR(ppath); 711 goto cleanup_fetch_url; 712 } 713 if (isipv6addr(host) && 714 strchr(host, '%') != NULL) { 715 warnx( 716 "Scoped address notation `%s' disallowed via web proxy", 717 host); 718 FREEPTR(phost); 719 FREEPTR(pport); 720 FREEPTR(ppath); 721 goto cleanup_fetch_url; 722 } 723 724 FREEPTR(host); 725 host = phost; 726 FREEPTR(port); 727 port = pport; 728 FREEPTR(path); 729 path = ftp_strdup(url); 730 FREEPTR(ppath); 731 urltype = purltype; 732 } 733 } /* ! EMPTYSTRING(penv) */ 734 735 memset(&hints, 0, sizeof(hints)); 736 hints.ai_flags = 0; 737 hints.ai_family = family; 738 hints.ai_socktype = SOCK_STREAM; 739 hints.ai_protocol = 0; 740 error = getaddrinfo(host, port, &hints, &res0); 741 if (error) { 742 warnx("Can't LOOKUP `%s:%s': %s", host, port, 743 (error == EAI_SYSTEM) ? strerror(errno) 744 : gai_strerror(error)); 745 goto cleanup_fetch_url; 746 } 747 if (res0->ai_canonname) 748 host = res0->ai_canonname; 749 750 s = -1; 751 #ifdef WITH_SSL 752 ssl = NULL; 753 #endif 754 for (res = res0; res; res = res->ai_next) { 755 char hname[NI_MAXHOST], sname[NI_MAXSERV]; 756 757 ai_unmapped(res); 758 if (getnameinfo(res->ai_addr, res->ai_addrlen, 759 hname, sizeof(hname), sname, sizeof(sname), 760 NI_NUMERICHOST | NI_NUMERICSERV) != 0) { 761 strlcpy(hname, "?", sizeof(hname)); 762 strlcpy(sname, "?", sizeof(sname)); 763 } 764 765 if (verbose && res0->ai_next) { 766 fprintf(ttyout, "Trying %s:%s ...\n", 767 hname, sname); 768 } 769 770 s = socket(res->ai_family, SOCK_STREAM, 771 res->ai_protocol); 772 if (s < 0) { 773 warn( 774 "Can't create socket for connection to " 775 "`%s:%s'", hname, sname); 776 continue; 777 } 778 779 if (ftp_connect(s, res->ai_addr, res->ai_addrlen, 780 verbose || !res->ai_next) < 0) { 781 close(s); 782 s = -1; 783 continue; 784 } 785 786 #ifdef WITH_SSL 787 if (urltype == HTTPS_URL_T) { 788 if ((ssl = fetch_start_ssl(s, host)) == NULL) { 789 close(s); 790 s = -1; 791 continue; 792 } 793 } 794 #endif 795 796 /* success */ 797 break; 798 } 799 800 if (s < 0) { 801 warnx("Can't connect to `%s:%s'", host, port); 802 goto cleanup_fetch_url; 803 } 804 805 oldalrm = xsignal(SIGALRM, timeouthttp); 806 alarmtimer(quit_time ? quit_time : 60); 807 fin = fetch_fdopen(s, "r+"); 808 fetch_set_ssl(fin, ssl); 809 alarmtimer(0); 810 811 alarmtimer(quit_time ? quit_time : 60); 812 /* 813 * Construct and send the request. 814 */ 815 if (verbose) 816 fprintf(ttyout, "Requesting %s\n", url); 817 leading = " ("; 818 hasleading = 0; 819 if (isproxy) { 820 if (verbose) { 821 fprintf(ttyout, "%svia %s:%s", leading, 822 host, port); 823 leading = ", "; 824 hasleading++; 825 } 826 fetch_printf(fin, "GET %s HTTP/1.0\r\n", path); 827 if (flushcache) 828 fetch_printf(fin, "Pragma: no-cache\r\n"); 829 } else { 830 fetch_printf(fin, "GET %s HTTP/1.1\r\n", path); 831 if (strchr(host, ':')) { 832 char *h, *p; 833 834 /* 835 * strip off IPv6 scope identifier, since it is 836 * local to the node 837 */ 838 h = ftp_strdup(host); 839 if (isipv6addr(h) && 840 (p = strchr(h, '%')) != NULL) { 841 *p = '\0'; 842 } 843 fetch_printf(fin, "Host: [%s]", h); 844 free(h); 845 } else 846 fetch_printf(fin, "Host: %s", host); 847 #ifdef WITH_SSL 848 if ((urltype == HTTP_URL_T && portnum != HTTP_PORT) || 849 (urltype == HTTPS_URL_T && portnum != HTTPS_PORT)) 850 #else 851 if (portnum != HTTP_PORT) 852 #endif 853 fetch_printf(fin, ":%u", portnum); 854 fetch_printf(fin, "\r\n"); 855 fetch_printf(fin, "Accept: */*\r\n"); 856 fetch_printf(fin, "Connection: close\r\n"); 857 if (restart_point) { 858 fputs(leading, ttyout); 859 fetch_printf(fin, "Range: bytes=" LLF "-\r\n", 860 (LLT)restart_point); 861 fprintf(ttyout, "restarting at " LLF, 862 (LLT)restart_point); 863 leading = ", "; 864 hasleading++; 865 } 866 if (flushcache) 867 fetch_printf(fin, "Cache-Control: no-cache\r\n"); 868 } 869 if ((useragent=getenv("FTPUSERAGENT")) != NULL) { 870 fetch_printf(fin, "User-Agent: %s\r\n", useragent); 871 } else { 872 fetch_printf(fin, "User-Agent: %s/%s\r\n", 873 FTP_PRODUCT, FTP_VERSION); 874 } 875 if (wwwauth) { 876 if (verbose) { 877 fprintf(ttyout, "%swith authorization", 878 leading); 879 leading = ", "; 880 hasleading++; 881 } 882 fetch_printf(fin, "Authorization: %s\r\n", wwwauth); 883 } 884 if (proxyauth) { 885 if (verbose) { 886 fprintf(ttyout, 887 "%swith proxy authorization", leading); 888 leading = ", "; 889 hasleading++; 890 } 891 fetch_printf(fin, "Proxy-Authorization: %s\r\n", proxyauth); 892 } 893 if (verbose && hasleading) 894 fputs(")\n", ttyout); 895 fetch_printf(fin, "\r\n"); 896 if (fetch_flush(fin) == EOF) { 897 warn("Writing HTTP request"); 898 alarmtimer(0); 899 goto cleanup_fetch_url; 900 } 901 alarmtimer(0); 902 903 /* Read the response */ 904 alarmtimer(quit_time ? quit_time : 60); 905 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 906 alarmtimer(0); 907 if (len < 0) { 908 if (*errormsg == '\n') 909 errormsg++; 910 warnx("Receiving HTTP reply: %s", errormsg); 911 goto cleanup_fetch_url; 912 } 913 while (len > 0 && (ISLWS(buf[len-1]))) 914 buf[--len] = '\0'; 915 DPRINTF("%s: received `%s'\n", __func__, buf); 916 917 /* Determine HTTP response code */ 918 cp = strchr(buf, ' '); 919 if (cp == NULL) 920 goto improper; 921 else 922 cp++; 923 hcode = strtol(cp, &ep, 10); 924 if (*ep != '\0' && !isspace((unsigned char)*ep)) 925 goto improper; 926 message = ftp_strdup(cp); 927 928 /* Read the rest of the header. */ 929 while (1) { 930 alarmtimer(quit_time ? quit_time : 60); 931 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 932 alarmtimer(0); 933 if (len < 0) { 934 if (*errormsg == '\n') 935 errormsg++; 936 warnx("Receiving HTTP reply: %s", errormsg); 937 goto cleanup_fetch_url; 938 } 939 while (len > 0 && (ISLWS(buf[len-1]))) 940 buf[--len] = '\0'; 941 if (len == 0) 942 break; 943 DPRINTF("%s: received `%s'\n", __func__, buf); 944 945 /* 946 * Look for some headers 947 */ 948 949 cp = buf; 950 951 if (match_token(&cp, "Content-Length:")) { 952 filesize = STRTOLL(cp, &ep, 10); 953 if (filesize < 0 || *ep != '\0') 954 goto improper; 955 DPRINTF("%s: parsed len as: " LLF "\n", 956 __func__, (LLT)filesize); 957 958 } else if (match_token(&cp, "Content-Range:")) { 959 if (! match_token(&cp, "bytes")) 960 goto improper; 961 962 if (*cp == '*') 963 cp++; 964 else { 965 rangestart = STRTOLL(cp, &ep, 10); 966 if (rangestart < 0 || *ep != '-') 967 goto improper; 968 cp = ep + 1; 969 rangeend = STRTOLL(cp, &ep, 10); 970 if (rangeend < 0 || rangeend < rangestart) 971 goto improper; 972 cp = ep; 973 } 974 if (*cp != '/') 975 goto improper; 976 cp++; 977 if (*cp == '*') 978 cp++; 979 else { 980 entitylen = STRTOLL(cp, &ep, 10); 981 if (entitylen < 0) 982 goto improper; 983 cp = ep; 984 } 985 if (*cp != '\0') 986 goto improper; 987 988 #ifndef NO_DEBUG 989 if (ftp_debug) { 990 fprintf(ttyout, "parsed range as: "); 991 if (rangestart == -1) 992 fprintf(ttyout, "*"); 993 else 994 fprintf(ttyout, LLF "-" LLF, 995 (LLT)rangestart, 996 (LLT)rangeend); 997 fprintf(ttyout, "/" LLF "\n", (LLT)entitylen); 998 } 999 #endif 1000 if (! restart_point) { 1001 warnx( 1002 "Received unexpected Content-Range header"); 1003 goto cleanup_fetch_url; 1004 } 1005 1006 } else if (match_token(&cp, "Last-Modified:")) { 1007 struct tm parsed; 1008 const char *t; 1009 1010 memset(&parsed, 0, sizeof(parsed)); 1011 t = parse_rfc2616time(&parsed, cp); 1012 if (t != NULL) { 1013 parsed.tm_isdst = -1; 1014 if (*t == '\0') 1015 mtime = timegm(&parsed); 1016 #ifndef NO_DEBUG 1017 if (ftp_debug && mtime != -1) { 1018 fprintf(ttyout, 1019 "parsed time as: %s", 1020 rfc2822time(localtime(&mtime))); 1021 } 1022 #endif 1023 } 1024 1025 } else if (match_token(&cp, "Location:")) { 1026 location = ftp_strdup(cp); 1027 DPRINTF("%s: parsed location as `%s'\n", 1028 __func__, cp); 1029 1030 } else if (match_token(&cp, "Transfer-Encoding:")) { 1031 if (match_token(&cp, "binary")) { 1032 warnx( 1033 "Bogus transfer encoding `binary' (fetching anyway)"); 1034 continue; 1035 } 1036 if (! (token = match_token(&cp, "chunked"))) { 1037 warnx( 1038 "Unsupported transfer encoding `%s'", 1039 token); 1040 goto cleanup_fetch_url; 1041 } 1042 ischunked++; 1043 DPRINTF("%s: using chunked encoding\n", 1044 __func__); 1045 1046 } else if (match_token(&cp, "Proxy-Authenticate:") 1047 || match_token(&cp, "WWW-Authenticate:")) { 1048 if (! (token = match_token(&cp, "Basic"))) { 1049 DPRINTF("%s: skipping unknown auth " 1050 "scheme `%s'\n", __func__, token); 1051 continue; 1052 } 1053 FREEPTR(auth); 1054 auth = ftp_strdup(token); 1055 DPRINTF("%s: parsed auth as `%s'\n", 1056 __func__, cp); 1057 } 1058 1059 } 1060 /* finished parsing header */ 1061 1062 switch (hcode) { 1063 case 200: 1064 break; 1065 case 206: 1066 if (! restart_point) { 1067 warnx("Not expecting partial content header"); 1068 goto cleanup_fetch_url; 1069 } 1070 break; 1071 case 300: 1072 case 301: 1073 case 302: 1074 case 303: 1075 case 305: 1076 case 307: 1077 if (EMPTYSTRING(location)) { 1078 warnx( 1079 "No redirection Location provided by server"); 1080 goto cleanup_fetch_url; 1081 } 1082 if (redirect_loop++ > 5) { 1083 warnx("Too many redirections requested"); 1084 goto cleanup_fetch_url; 1085 } 1086 if (hcode == 305) { 1087 if (verbose) 1088 fprintf(ttyout, "Redirected via %s\n", 1089 location); 1090 rval = fetch_url(url, location, 1091 proxyauth, wwwauth); 1092 } else { 1093 if (verbose) 1094 fprintf(ttyout, "Redirected to %s\n", 1095 location); 1096 rval = go_fetch(location); 1097 } 1098 goto cleanup_fetch_url; 1099 #ifndef NO_AUTH 1100 case 401: 1101 case 407: 1102 { 1103 char **authp; 1104 char *auser, *apass; 1105 1106 if (hcode == 401) { 1107 authp = &wwwauth; 1108 auser = uuser; 1109 apass = pass; 1110 } else { 1111 authp = &proxyauth; 1112 auser = puser; 1113 apass = ppass; 1114 } 1115 if (verbose || *authp == NULL || 1116 auser == NULL || apass == NULL) 1117 fprintf(ttyout, "%s\n", message); 1118 if (EMPTYSTRING(auth)) { 1119 warnx( 1120 "No authentication challenge provided by server"); 1121 goto cleanup_fetch_url; 1122 } 1123 if (*authp != NULL) { 1124 char reply[10]; 1125 1126 fprintf(ttyout, 1127 "Authorization failed. Retry (y/n)? "); 1128 if (get_line(stdin, reply, sizeof(reply), NULL) 1129 < 0) { 1130 goto cleanup_fetch_url; 1131 } 1132 if (tolower((unsigned char)reply[0]) != 'y') 1133 goto cleanup_fetch_url; 1134 auser = NULL; 1135 apass = NULL; 1136 } 1137 if (auth_url(auth, authp, auser, apass) == 0) { 1138 rval = fetch_url(url, penv, 1139 proxyauth, wwwauth); 1140 memset(*authp, 0, strlen(*authp)); 1141 FREEPTR(*authp); 1142 } 1143 goto cleanup_fetch_url; 1144 } 1145 #endif 1146 default: 1147 if (message) 1148 warnx("Error retrieving file `%s'", message); 1149 else 1150 warnx("Unknown error retrieving file"); 1151 goto cleanup_fetch_url; 1152 } 1153 } /* end of ftp:// or http:// specific setup */ 1154 1155 /* Open the output file. */ 1156 1157 /* 1158 * Only trust filenames with special meaning if they came from 1159 * the command line 1160 */ 1161 if (outfile == savefile) { 1162 if (strcmp(savefile, "-") == 0) { 1163 fout = stdout; 1164 } else if (*savefile == '|') { 1165 oldpipe = xsignal(SIGPIPE, SIG_IGN); 1166 fout = popen(savefile + 1, "w"); 1167 if (fout == NULL) { 1168 warn("Can't execute `%s'", savefile + 1); 1169 goto cleanup_fetch_url; 1170 } 1171 closefunc = pclose; 1172 } 1173 } 1174 if (fout == NULL) { 1175 if ((rangeend != -1 && rangeend <= restart_point) || 1176 (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { 1177 /* already done */ 1178 if (verbose) 1179 fprintf(ttyout, "already done\n"); 1180 rval = 0; 1181 goto cleanup_fetch_url; 1182 } 1183 if (restart_point && rangestart != -1) { 1184 if (entitylen != -1) 1185 filesize = entitylen; 1186 if (rangestart != restart_point) { 1187 warnx( 1188 "Size of `%s' differs from save file `%s'", 1189 url, savefile); 1190 goto cleanup_fetch_url; 1191 } 1192 fout = fopen(savefile, "a"); 1193 } else 1194 fout = fopen(savefile, "w"); 1195 if (fout == NULL) { 1196 warn("Can't open `%s'", savefile); 1197 goto cleanup_fetch_url; 1198 } 1199 closefunc = fclose; 1200 } 1201 1202 /* Trap signals */ 1203 oldquit = xsignal(SIGQUIT, psummary); 1204 oldint = xsignal(SIGINT, aborthttp); 1205 1206 assert(rcvbuf_size > 0); 1207 if ((size_t)rcvbuf_size > bufsize) { 1208 if (xferbuf) 1209 (void)free(xferbuf); 1210 bufsize = rcvbuf_size; 1211 xferbuf = ftp_malloc(bufsize); 1212 } 1213 1214 bytes = 0; 1215 hashbytes = mark; 1216 if (oldalrm) { 1217 (void)xsignal(SIGALRM, oldalrm); 1218 oldalrm = NULL; 1219 } 1220 progressmeter(-1); 1221 1222 /* Finally, suck down the file. */ 1223 do { 1224 long chunksize; 1225 short lastchunk; 1226 1227 chunksize = 0; 1228 lastchunk = 0; 1229 /* read chunk-size */ 1230 if (ischunked) { 1231 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1232 warnx("Unexpected EOF reading chunk-size"); 1233 goto cleanup_fetch_url; 1234 } 1235 errno = 0; 1236 chunksize = strtol(xferbuf, &ep, 16); 1237 if (ep == xferbuf) { 1238 warnx("Invalid chunk-size"); 1239 goto cleanup_fetch_url; 1240 } 1241 if (errno == ERANGE || chunksize < 0) { 1242 errno = ERANGE; 1243 warn("Chunk-size `%.*s'", 1244 (int)(ep-xferbuf), xferbuf); 1245 goto cleanup_fetch_url; 1246 } 1247 1248 /* 1249 * XXX: Work around bug in Apache 1.3.9 and 1250 * 1.3.11, which incorrectly put trailing 1251 * space after the chunk-size. 1252 */ 1253 while (*ep == ' ') 1254 ep++; 1255 1256 /* skip [ chunk-ext ] */ 1257 if (*ep == ';') { 1258 while (*ep && *ep != '\r') 1259 ep++; 1260 } 1261 1262 if (strcmp(ep, "\r\n") != 0) { 1263 warnx("Unexpected data following chunk-size"); 1264 goto cleanup_fetch_url; 1265 } 1266 DPRINTF("%s: got chunk-size of " LLF "\n", __func__, 1267 (LLT)chunksize); 1268 if (chunksize == 0) { 1269 lastchunk = 1; 1270 goto chunkdone; 1271 } 1272 } 1273 /* transfer file or chunk */ 1274 while (1) { 1275 struct timeval then, now, td; 1276 volatile off_t bufrem; 1277 1278 if (rate_get) 1279 (void)gettimeofday(&then, NULL); 1280 bufrem = rate_get ? rate_get : (off_t)bufsize; 1281 if (ischunked) 1282 bufrem = MIN(chunksize, bufrem); 1283 while (bufrem > 0) { 1284 flen = fetch_read(xferbuf, sizeof(char), 1285 MIN((off_t)bufsize, bufrem), fin); 1286 if (flen <= 0) 1287 goto chunkdone; 1288 bytes += flen; 1289 bufrem -= flen; 1290 if (fwrite(xferbuf, sizeof(char), flen, fout) 1291 != flen) { 1292 warn("Writing `%s'", savefile); 1293 goto cleanup_fetch_url; 1294 } 1295 if (hash && !progress) { 1296 while (bytes >= hashbytes) { 1297 (void)putc('#', ttyout); 1298 hashbytes += mark; 1299 } 1300 (void)fflush(ttyout); 1301 } 1302 if (ischunked) { 1303 chunksize -= flen; 1304 if (chunksize <= 0) 1305 break; 1306 } 1307 } 1308 if (rate_get) { 1309 while (1) { 1310 (void)gettimeofday(&now, NULL); 1311 timersub(&now, &then, &td); 1312 if (td.tv_sec > 0) 1313 break; 1314 usleep(1000000 - td.tv_usec); 1315 } 1316 } 1317 if (ischunked && chunksize <= 0) 1318 break; 1319 } 1320 /* read CRLF after chunk*/ 1321 chunkdone: 1322 if (ischunked) { 1323 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1324 alarmtimer(0); 1325 warnx("Unexpected EOF reading chunk CRLF"); 1326 goto cleanup_fetch_url; 1327 } 1328 if (strcmp(xferbuf, "\r\n") != 0) { 1329 warnx("Unexpected data following chunk"); 1330 goto cleanup_fetch_url; 1331 } 1332 if (lastchunk) 1333 break; 1334 } 1335 } while (ischunked); 1336 1337 /* XXX: deal with optional trailer & CRLF here? */ 1338 1339 if (hash && !progress && bytes > 0) { 1340 if (bytes < mark) 1341 (void)putc('#', ttyout); 1342 (void)putc('\n', ttyout); 1343 } 1344 if (fetch_error(fin)) { 1345 warn("Reading file"); 1346 goto cleanup_fetch_url; 1347 } 1348 progressmeter(1); 1349 (void)fflush(fout); 1350 if (closefunc == fclose && mtime != -1) { 1351 struct timeval tval[2]; 1352 1353 (void)gettimeofday(&tval[0], NULL); 1354 tval[1].tv_sec = mtime; 1355 tval[1].tv_usec = 0; 1356 (*closefunc)(fout); 1357 fout = NULL; 1358 1359 if (utimes(savefile, tval) == -1) { 1360 fprintf(ttyout, 1361 "Can't change modification time to %s", 1362 rfc2822time(localtime(&mtime))); 1363 } 1364 } 1365 if (bytes > 0) 1366 ptransfer(0); 1367 bytes = 0; 1368 1369 rval = 0; 1370 goto cleanup_fetch_url; 1371 1372 improper: 1373 warnx("Improper response from `%s:%s'", host, port); 1374 1375 cleanup_fetch_url: 1376 if (oldint) 1377 (void)xsignal(SIGINT, oldint); 1378 if (oldpipe) 1379 (void)xsignal(SIGPIPE, oldpipe); 1380 if (oldalrm) 1381 (void)xsignal(SIGALRM, oldalrm); 1382 if (oldquit) 1383 (void)xsignal(SIGQUIT, oldpipe); 1384 if (fin != NULL) 1385 fetch_close(fin); 1386 else if (s != -1) 1387 close(s); 1388 if (closefunc != NULL && fout != NULL) 1389 (*closefunc)(fout); 1390 if (res0) 1391 freeaddrinfo(res0); 1392 if (savefile != outfile) 1393 FREEPTR(savefile); 1394 FREEPTR(uuser); 1395 if (pass != NULL) 1396 memset(pass, 0, strlen(pass)); 1397 FREEPTR(pass); 1398 FREEPTR(host); 1399 FREEPTR(port); 1400 FREEPTR(path); 1401 FREEPTR(decodedpath); 1402 FREEPTR(puser); 1403 if (ppass != NULL) 1404 memset(ppass, 0, strlen(ppass)); 1405 FREEPTR(ppass); 1406 FREEPTR(auth); 1407 FREEPTR(location); 1408 FREEPTR(message); 1409 return (rval); 1410 } 1411 1412 /* 1413 * Abort a HTTP retrieval 1414 */ 1415 static void 1416 aborthttp(int notused) 1417 { 1418 char msgbuf[100]; 1419 int len; 1420 1421 sigint_raised = 1; 1422 alarmtimer(0); 1423 if (fromatty) { 1424 len = snprintf(msgbuf, sizeof(msgbuf), 1425 "\n%s: HTTP fetch aborted.\n", getprogname()); 1426 if (len > 0) 1427 write(fileno(ttyout), msgbuf, len); 1428 } 1429 siglongjmp(httpabort, 1); 1430 } 1431 1432 static void 1433 timeouthttp(int notused) 1434 { 1435 char msgbuf[100]; 1436 int len; 1437 1438 alarmtimer(0); 1439 if (fromatty) { 1440 len = snprintf(msgbuf, sizeof(msgbuf), 1441 "\n%s: HTTP fetch timeout.\n", getprogname()); 1442 if (len > 0) 1443 write(fileno(ttyout), msgbuf, len); 1444 } 1445 siglongjmp(httpabort, 1); 1446 } 1447 1448 /* 1449 * Retrieve ftp URL or classic ftp argument using FTP. 1450 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1451 * is still open (e.g, ftp xfer with trailing /) 1452 */ 1453 static int 1454 fetch_ftp(const char *url) 1455 { 1456 char *cp, *xargv[5], rempath[MAXPATHLEN]; 1457 char *host, *path, *dir, *file, *uuser, *pass; 1458 char *port; 1459 char cmdbuf[MAXPATHLEN]; 1460 char dirbuf[4]; 1461 int dirhasglob, filehasglob, rval, transtype, xargc; 1462 int oanonftp, oautologin; 1463 in_port_t portnum; 1464 url_t urltype; 1465 1466 DPRINTF("fetch_ftp: `%s'\n", url); 1467 host = path = dir = file = uuser = pass = NULL; 1468 port = NULL; 1469 rval = 1; 1470 transtype = TYPE_I; 1471 1472 if (STRNEQUAL(url, FTP_URL)) { 1473 if ((parse_url(url, "URL", &urltype, &uuser, &pass, 1474 &host, &port, &portnum, &path) == -1) || 1475 (uuser != NULL && *uuser == '\0') || 1476 EMPTYSTRING(host)) { 1477 warnx("Invalid URL `%s'", url); 1478 goto cleanup_fetch_ftp; 1479 } 1480 /* 1481 * Note: Don't url_decode(path) here. We need to keep the 1482 * distinction between "/" and "%2F" until later. 1483 */ 1484 1485 /* check for trailing ';type=[aid]' */ 1486 if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) { 1487 if (strcasecmp(cp, ";type=a") == 0) 1488 transtype = TYPE_A; 1489 else if (strcasecmp(cp, ";type=i") == 0) 1490 transtype = TYPE_I; 1491 else if (strcasecmp(cp, ";type=d") == 0) { 1492 warnx( 1493 "Directory listing via a URL is not supported"); 1494 goto cleanup_fetch_ftp; 1495 } else { 1496 warnx("Invalid suffix `%s' in URL `%s'", cp, 1497 url); 1498 goto cleanup_fetch_ftp; 1499 } 1500 *cp = 0; 1501 } 1502 } else { /* classic style `[user@]host:[file]' */ 1503 urltype = CLASSIC_URL_T; 1504 host = ftp_strdup(url); 1505 cp = strchr(host, '@'); 1506 if (cp != NULL) { 1507 *cp = '\0'; 1508 uuser = host; 1509 anonftp = 0; /* disable anonftp */ 1510 host = ftp_strdup(cp + 1); 1511 } 1512 cp = strchr(host, ':'); 1513 if (cp != NULL) { 1514 *cp = '\0'; 1515 path = ftp_strdup(cp + 1); 1516 } 1517 } 1518 if (EMPTYSTRING(host)) 1519 goto cleanup_fetch_ftp; 1520 1521 /* Extract the file and (if present) directory name. */ 1522 dir = path; 1523 if (! EMPTYSTRING(dir)) { 1524 /* 1525 * If we are dealing with classic `[user@]host:[path]' syntax, 1526 * then a path of the form `/file' (resulting from input of the 1527 * form `host:/file') means that we should do "CWD /" before 1528 * retrieving the file. So we set dir="/" and file="file". 1529 * 1530 * But if we are dealing with URLs like `ftp://host/path' then 1531 * a path of the form `/file' (resulting from a URL of the form 1532 * `ftp://host//file') means that we should do `CWD ' (with an 1533 * empty argument) before retrieving the file. So we set 1534 * dir="" and file="file". 1535 * 1536 * If the path does not contain / at all, we set dir=NULL. 1537 * (We get a path without any slashes if we are dealing with 1538 * classic `[user@]host:[file]' or URL `ftp://host/file'.) 1539 * 1540 * In all other cases, we set dir to a string that does not 1541 * include the final '/' that separates the dir part from the 1542 * file part of the path. (This will be the empty string if 1543 * and only if we are dealing with a path of the form `/file' 1544 * resulting from an URL of the form `ftp://host//file'.) 1545 */ 1546 cp = strrchr(dir, '/'); 1547 if (cp == dir && urltype == CLASSIC_URL_T) { 1548 file = cp + 1; 1549 (void)strlcpy(dirbuf, "/", sizeof(dirbuf)); 1550 dir = dirbuf; 1551 } else if (cp != NULL) { 1552 *cp++ = '\0'; 1553 file = cp; 1554 } else { 1555 file = dir; 1556 dir = NULL; 1557 } 1558 } else 1559 dir = NULL; 1560 if (urltype == FTP_URL_T && file != NULL) { 1561 url_decode(file); 1562 /* but still don't url_decode(dir) */ 1563 } 1564 DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s " 1565 "path `%s' dir `%s' file `%s'\n", 1566 STRorNULL(uuser), STRorNULL(pass), 1567 STRorNULL(host), STRorNULL(port), 1568 STRorNULL(path), STRorNULL(dir), STRorNULL(file)); 1569 1570 dirhasglob = filehasglob = 0; 1571 if (doglob && urltype == CLASSIC_URL_T) { 1572 if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL) 1573 dirhasglob = 1; 1574 if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL) 1575 filehasglob = 1; 1576 } 1577 1578 /* Set up the connection */ 1579 oanonftp = anonftp; 1580 if (connected) 1581 disconnect(0, NULL); 1582 anonftp = oanonftp; 1583 (void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf)); 1584 xargv[0] = cmdbuf; 1585 xargv[1] = host; 1586 xargv[2] = NULL; 1587 xargc = 2; 1588 if (port) { 1589 xargv[2] = port; 1590 xargv[3] = NULL; 1591 xargc = 3; 1592 } 1593 oautologin = autologin; 1594 /* don't autologin in setpeer(), use ftp_login() below */ 1595 autologin = 0; 1596 setpeer(xargc, xargv); 1597 autologin = oautologin; 1598 if ((connected == 0) || 1599 (connected == 1 && !ftp_login(host, uuser, pass))) { 1600 warnx("Can't connect or login to host `%s:%s'", 1601 host, port ? port : "?"); 1602 goto cleanup_fetch_ftp; 1603 } 1604 1605 switch (transtype) { 1606 case TYPE_A: 1607 setascii(1, xargv); 1608 break; 1609 case TYPE_I: 1610 setbinary(1, xargv); 1611 break; 1612 default: 1613 errx(1, "fetch_ftp: unknown transfer type %d", transtype); 1614 } 1615 1616 /* 1617 * Change directories, if necessary. 1618 * 1619 * Note: don't use EMPTYSTRING(dir) below, because 1620 * dir=="" means something different from dir==NULL. 1621 */ 1622 if (dir != NULL && !dirhasglob) { 1623 char *nextpart; 1624 1625 /* 1626 * If we are dealing with a classic `[user@]host:[path]' 1627 * (urltype is CLASSIC_URL_T) then we have a raw directory 1628 * name (not encoded in any way) and we can change 1629 * directories in one step. 1630 * 1631 * If we are dealing with an `ftp://host/path' URL 1632 * (urltype is FTP_URL_T), then RFC 3986 says we need to 1633 * send a separate CWD command for each unescaped "/" 1634 * in the path, and we have to interpret %hex escaping 1635 * *after* we find the slashes. It's possible to get 1636 * empty components here, (from multiple adjacent 1637 * slashes in the path) and RFC 3986 says that we should 1638 * still do `CWD ' (with a null argument) in such cases. 1639 * 1640 * Many ftp servers don't support `CWD ', so if there's an 1641 * error performing that command, bail out with a descriptive 1642 * message. 1643 * 1644 * Examples: 1645 * 1646 * host: dir="", urltype=CLASSIC_URL_T 1647 * logged in (to default directory) 1648 * host:file dir=NULL, urltype=CLASSIC_URL_T 1649 * "RETR file" 1650 * host:dir/ dir="dir", urltype=CLASSIC_URL_T 1651 * "CWD dir", logged in 1652 * ftp://host/ dir="", urltype=FTP_URL_T 1653 * logged in (to default directory) 1654 * ftp://host/dir/ dir="dir", urltype=FTP_URL_T 1655 * "CWD dir", logged in 1656 * ftp://host/file dir=NULL, urltype=FTP_URL_T 1657 * "RETR file" 1658 * ftp://host//file dir="", urltype=FTP_URL_T 1659 * "CWD ", "RETR file" 1660 * host:/file dir="/", urltype=CLASSIC_URL_T 1661 * "CWD /", "RETR file" 1662 * ftp://host///file dir="/", urltype=FTP_URL_T 1663 * "CWD ", "CWD ", "RETR file" 1664 * ftp://host/%2F/file dir="%2F", urltype=FTP_URL_T 1665 * "CWD /", "RETR file" 1666 * ftp://host/foo/file dir="foo", urltype=FTP_URL_T 1667 * "CWD foo", "RETR file" 1668 * ftp://host/foo/bar/file dir="foo/bar" 1669 * "CWD foo", "CWD bar", "RETR file" 1670 * ftp://host//foo/bar/file dir="/foo/bar" 1671 * "CWD ", "CWD foo", "CWD bar", "RETR file" 1672 * ftp://host/foo//bar/file dir="foo//bar" 1673 * "CWD foo", "CWD ", "CWD bar", "RETR file" 1674 * ftp://host/%2F/foo/bar/file dir="%2F/foo/bar" 1675 * "CWD /", "CWD foo", "CWD bar", "RETR file" 1676 * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar" 1677 * "CWD /foo", "CWD bar", "RETR file" 1678 * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar" 1679 * "CWD /foo/bar", "RETR file" 1680 * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL 1681 * "RETR /foo/bar/file" 1682 * 1683 * Note that we don't need `dir' after this point. 1684 */ 1685 do { 1686 if (urltype == FTP_URL_T) { 1687 nextpart = strchr(dir, '/'); 1688 if (nextpart) { 1689 *nextpart = '\0'; 1690 nextpart++; 1691 } 1692 url_decode(dir); 1693 } else 1694 nextpart = NULL; 1695 DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n", 1696 STRorNULL(dir), STRorNULL(nextpart)); 1697 if (urltype == FTP_URL_T || *dir != '\0') { 1698 (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf)); 1699 xargv[0] = cmdbuf; 1700 xargv[1] = dir; 1701 xargv[2] = NULL; 1702 dirchange = 0; 1703 cd(2, xargv); 1704 if (! dirchange) { 1705 if (*dir == '\0' && code == 500) 1706 fprintf(stderr, 1707 "\n" 1708 "ftp: The `CWD ' command (without a directory), which is required by\n" 1709 " RFC 3986 to support the empty directory in the URL pathname (`//'),\n" 1710 " conflicts with the server's conformance to RFC 959.\n" 1711 " Try the same URL without the `//' in the URL pathname.\n" 1712 "\n"); 1713 goto cleanup_fetch_ftp; 1714 } 1715 } 1716 dir = nextpart; 1717 } while (dir != NULL); 1718 } 1719 1720 if (EMPTYSTRING(file)) { 1721 rval = -1; 1722 goto cleanup_fetch_ftp; 1723 } 1724 1725 if (dirhasglob) { 1726 (void)strlcpy(rempath, dir, sizeof(rempath)); 1727 (void)strlcat(rempath, "/", sizeof(rempath)); 1728 (void)strlcat(rempath, file, sizeof(rempath)); 1729 file = rempath; 1730 } 1731 1732 /* Fetch the file(s). */ 1733 xargc = 2; 1734 (void)strlcpy(cmdbuf, "get", sizeof(cmdbuf)); 1735 xargv[0] = cmdbuf; 1736 xargv[1] = file; 1737 xargv[2] = NULL; 1738 if (dirhasglob || filehasglob) { 1739 int ointeractive; 1740 1741 ointeractive = interactive; 1742 interactive = 0; 1743 if (restartautofetch) 1744 (void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf)); 1745 else 1746 (void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf)); 1747 xargv[0] = cmdbuf; 1748 mget(xargc, xargv); 1749 interactive = ointeractive; 1750 } else { 1751 if (outfile == NULL) { 1752 cp = strrchr(file, '/'); /* find savefile */ 1753 if (cp != NULL) 1754 outfile = cp + 1; 1755 else 1756 outfile = file; 1757 } 1758 xargv[2] = (char *)outfile; 1759 xargv[3] = NULL; 1760 xargc++; 1761 if (restartautofetch) 1762 reget(xargc, xargv); 1763 else 1764 get(xargc, xargv); 1765 } 1766 1767 if ((code / 100) == COMPLETE) 1768 rval = 0; 1769 1770 cleanup_fetch_ftp: 1771 FREEPTR(port); 1772 FREEPTR(host); 1773 FREEPTR(path); 1774 FREEPTR(uuser); 1775 if (pass) 1776 memset(pass, 0, strlen(pass)); 1777 FREEPTR(pass); 1778 return (rval); 1779 } 1780 1781 /* 1782 * Retrieve the given file to outfile. 1783 * Supports arguments of the form: 1784 * "host:path", "ftp://host/path" if $ftpproxy, call fetch_url() else 1785 * call fetch_ftp() 1786 * "http://host/path" call fetch_url() to use HTTP 1787 * "file:///path" call fetch_url() to copy 1788 * "about:..." print a message 1789 * 1790 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1791 * is still open (e.g, ftp xfer with trailing /) 1792 */ 1793 static int 1794 go_fetch(const char *url) 1795 { 1796 char *proxyenv; 1797 char *p; 1798 1799 #ifndef NO_ABOUT 1800 /* 1801 * Check for about:* 1802 */ 1803 if (STRNEQUAL(url, ABOUT_URL)) { 1804 url += sizeof(ABOUT_URL) -1; 1805 if (strcasecmp(url, "ftp") == 0 || 1806 strcasecmp(url, "tnftp") == 0) { 1807 fputs( 1808 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n" 1809 "for the NetBSD project. Execute `man ftp' for more details.\n", ttyout); 1810 } else if (strcasecmp(url, "lukem") == 0) { 1811 fputs( 1812 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n" 1813 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout); 1814 } else if (strcasecmp(url, "netbsd") == 0) { 1815 fputs( 1816 "NetBSD is a freely available and redistributable UNIX-like operating system.\n" 1817 "For more information, see http://www.NetBSD.org/\n", ttyout); 1818 } else if (strcasecmp(url, "version") == 0) { 1819 fprintf(ttyout, "Version: %s %s%s\n", 1820 FTP_PRODUCT, FTP_VERSION, 1821 #ifdef INET6 1822 "" 1823 #else 1824 " (-IPv6)" 1825 #endif 1826 ); 1827 } else { 1828 fprintf(ttyout, "`%s' is an interesting topic.\n", url); 1829 } 1830 fputs("\n", ttyout); 1831 return (0); 1832 } 1833 #endif 1834 1835 /* 1836 * Check for file:// and http:// URLs. 1837 */ 1838 if (STRNEQUAL(url, HTTP_URL) 1839 #ifdef WITH_SSL 1840 || STRNEQUAL(url, HTTPS_URL) 1841 #endif 1842 || STRNEQUAL(url, FILE_URL)) 1843 return (fetch_url(url, NULL, NULL, NULL)); 1844 1845 /* 1846 * If it contains "://" but does not begin with ftp:// 1847 * or something that was already handled, then it's 1848 * unsupported. 1849 * 1850 * If it contains ":" but not "://" then we assume the 1851 * part before the colon is a host name, not an URL scheme, 1852 * so we don't try to match that here. 1853 */ 1854 if ((p = strstr(url, "://")) != NULL && ! STRNEQUAL(url, FTP_URL)) 1855 errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url); 1856 1857 /* 1858 * Try FTP URL-style and host:file arguments next. 1859 * If ftpproxy is set with an FTP URL, use fetch_url() 1860 * Othewise, use fetch_ftp(). 1861 */ 1862 proxyenv = getoptionvalue("ftp_proxy"); 1863 if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL)) 1864 return (fetch_url(url, NULL, NULL, NULL)); 1865 1866 return (fetch_ftp(url)); 1867 } 1868 1869 /* 1870 * Retrieve multiple files from the command line, 1871 * calling go_fetch() for each file. 1872 * 1873 * If an ftp path has a trailing "/", the path will be cd-ed into and 1874 * the connection remains open, and the function will return -1 1875 * (to indicate the connection is alive). 1876 * If an error occurs the return value will be the offset+1 in 1877 * argv[] of the file that caused a problem (i.e, argv[x] 1878 * returns x+1) 1879 * Otherwise, 0 is returned if all files retrieved successfully. 1880 */ 1881 int 1882 auto_fetch(int argc, char *argv[]) 1883 { 1884 volatile int argpos, rval; 1885 1886 argpos = rval = 0; 1887 1888 if (sigsetjmp(toplevel, 1)) { 1889 if (connected) 1890 disconnect(0, NULL); 1891 if (rval > 0) 1892 rval = argpos + 1; 1893 return (rval); 1894 } 1895 (void)xsignal(SIGINT, intr); 1896 (void)xsignal(SIGPIPE, lostpeer); 1897 1898 /* 1899 * Loop through as long as there's files to fetch. 1900 */ 1901 for (; (rval == 0) && (argpos < argc); argpos++) { 1902 if (strchr(argv[argpos], ':') == NULL) 1903 break; 1904 redirect_loop = 0; 1905 if (!anonftp) 1906 anonftp = 2; /* Handle "automatic" transfers. */ 1907 rval = go_fetch(argv[argpos]); 1908 if (outfile != NULL && strcmp(outfile, "-") != 0 1909 && outfile[0] != '|') 1910 outfile = NULL; 1911 if (rval > 0) 1912 rval = argpos + 1; 1913 } 1914 1915 if (connected && rval != -1) 1916 disconnect(0, NULL); 1917 return (rval); 1918 } 1919 1920 1921 /* 1922 * Upload multiple files from the command line. 1923 * 1924 * If an error occurs the return value will be the offset+1 in 1925 * argv[] of the file that caused a problem (i.e, argv[x] 1926 * returns x+1) 1927 * Otherwise, 0 is returned if all files uploaded successfully. 1928 */ 1929 int 1930 auto_put(int argc, char **argv, const char *uploadserver) 1931 { 1932 char *uargv[4], *path, *pathsep; 1933 int uargc, rval, argpos; 1934 size_t len; 1935 char cmdbuf[MAX_C_NAME]; 1936 1937 (void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf)); 1938 uargv[0] = cmdbuf; 1939 uargv[1] = argv[0]; 1940 uargc = 2; 1941 uargv[2] = uargv[3] = NULL; 1942 pathsep = NULL; 1943 rval = 1; 1944 1945 DPRINTF("auto_put: target `%s'\n", uploadserver); 1946 1947 path = ftp_strdup(uploadserver); 1948 len = strlen(path); 1949 if (path[len - 1] != '/' && path[len - 1] != ':') { 1950 /* 1951 * make sure we always pass a directory to auto_fetch 1952 */ 1953 if (argc > 1) { /* more than one file to upload */ 1954 len = strlen(uploadserver) + 2; /* path + "/" + "\0" */ 1955 free(path); 1956 path = (char *)ftp_malloc(len); 1957 (void)strlcpy(path, uploadserver, len); 1958 (void)strlcat(path, "/", len); 1959 } else { /* single file to upload */ 1960 (void)strlcpy(cmdbuf, "put", sizeof(cmdbuf)); 1961 uargv[0] = cmdbuf; 1962 pathsep = strrchr(path, '/'); 1963 if (pathsep == NULL) { 1964 pathsep = strrchr(path, ':'); 1965 if (pathsep == NULL) { 1966 warnx("Invalid URL `%s'", path); 1967 goto cleanup_auto_put; 1968 } 1969 pathsep++; 1970 uargv[2] = ftp_strdup(pathsep); 1971 pathsep[0] = '/'; 1972 } else 1973 uargv[2] = ftp_strdup(pathsep + 1); 1974 pathsep[1] = '\0'; 1975 uargc++; 1976 } 1977 } 1978 DPRINTF("auto_put: URL `%s' argv[2] `%s'\n", 1979 path, STRorNULL(uargv[2])); 1980 1981 /* connect and cwd */ 1982 rval = auto_fetch(1, &path); 1983 if(rval >= 0) 1984 goto cleanup_auto_put; 1985 1986 rval = 0; 1987 1988 /* target filename provided; upload 1 file */ 1989 /* XXX : is this the best way? */ 1990 if (uargc == 3) { 1991 uargv[1] = argv[0]; 1992 put(uargc, uargv); 1993 if ((code / 100) != COMPLETE) 1994 rval = 1; 1995 } else { /* otherwise a target dir: upload all files to it */ 1996 for(argpos = 0; argv[argpos] != NULL; argpos++) { 1997 uargv[1] = argv[argpos]; 1998 mput(uargc, uargv); 1999 if ((code / 100) != COMPLETE) { 2000 rval = argpos + 1; 2001 break; 2002 } 2003 } 2004 } 2005 2006 cleanup_auto_put: 2007 free(path); 2008 FREEPTR(uargv[2]); 2009 return (rval); 2010 } 2011