1 /* $NetBSD: fetch.c,v 1.213 2015/12/16 01:20:05 nonaka Exp $ */ 2 3 /*- 4 * Copyright (c) 1997-2015 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * This code is derived from software contributed to The NetBSD Foundation 11 * by Scott Aaron Bamford. 12 * 13 * This code is derived from software contributed to The NetBSD Foundation 14 * by Thomas Klausner. 15 * 16 * Redistribution and use in source and binary forms, with or without 17 * modification, are permitted provided that the following conditions 18 * are met: 19 * 1. Redistributions of source code must retain the above copyright 20 * notice, this list of conditions and the following disclaimer. 21 * 2. Redistributions in binary form must reproduce the above copyright 22 * notice, this list of conditions and the following disclaimer in the 23 * documentation and/or other materials provided with the distribution. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 26 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 29 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35 * POSSIBILITY OF SUCH DAMAGE. 36 */ 37 38 #include <sys/cdefs.h> 39 #ifndef lint 40 __RCSID("$NetBSD: fetch.c,v 1.213 2015/12/16 01:20:05 nonaka Exp $"); 41 #endif /* not lint */ 42 43 /* 44 * FTP User Program -- Command line file retrieval 45 */ 46 47 #include <sys/types.h> 48 #include <sys/param.h> 49 #include <sys/socket.h> 50 #include <sys/stat.h> 51 #include <sys/time.h> 52 53 #include <netinet/in.h> 54 55 #include <arpa/ftp.h> 56 #include <arpa/inet.h> 57 58 #include <assert.h> 59 #include <ctype.h> 60 #include <err.h> 61 #include <errno.h> 62 #include <netdb.h> 63 #include <fcntl.h> 64 #include <stdio.h> 65 #include <stdlib.h> 66 #include <string.h> 67 #include <unistd.h> 68 #include <time.h> 69 70 #include "ssl.h" 71 #include "ftp_var.h" 72 #include "version.h" 73 74 typedef enum { 75 UNKNOWN_URL_T=-1, 76 HTTP_URL_T, 77 HTTPS_URL_T, 78 FTP_URL_T, 79 FILE_URL_T, 80 CLASSIC_URL_T 81 } url_t; 82 83 __dead static void aborthttp(int); 84 __dead static void timeouthttp(int); 85 #ifndef NO_AUTH 86 static int auth_url(const char *, char **, const char *, const char *); 87 static void base64_encode(const unsigned char *, size_t, unsigned char *); 88 #endif 89 static int go_fetch(const char *); 90 static int fetch_ftp(const char *); 91 static int fetch_url(const char *, const char *, char *, char *); 92 static const char *match_token(const char **, const char *); 93 static int parse_url(const char *, const char *, url_t *, char **, 94 char **, char **, char **, in_port_t *, char **); 95 static void url_decode(char *); 96 97 static int redirect_loop; 98 99 100 #define STRNEQUAL(a,b) (strncasecmp((a), (b), sizeof((b))-1) == 0) 101 #define ISLWS(x) ((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t') 102 #define SKIPLWS(x) do { while (ISLWS((*x))) x++; } while (0) 103 104 105 #define ABOUT_URL "about:" /* propaganda */ 106 #define FILE_URL "file://" /* file URL prefix */ 107 #define FTP_URL "ftp://" /* ftp URL prefix */ 108 #define HTTP_URL "http://" /* http URL prefix */ 109 #ifdef WITH_SSL 110 #define HTTPS_URL "https://" /* https URL prefix */ 111 112 #define IS_HTTP_TYPE(urltype) \ 113 (((urltype) == HTTP_URL_T) || ((urltype) == HTTPS_URL_T)) 114 #else 115 #define IS_HTTP_TYPE(urltype) \ 116 ((urltype) == HTTP_URL_T) 117 #endif 118 119 /* 120 * Determine if token is the next word in buf (case insensitive). 121 * If so, advance buf past the token and any trailing LWS, and 122 * return a pointer to the token (in buf). Otherwise, return NULL. 123 * token may be preceded by LWS. 124 * token must be followed by LWS or NUL. (I.e, don't partial match). 125 */ 126 static const char * 127 match_token(const char **buf, const char *token) 128 { 129 const char *p, *orig; 130 size_t tlen; 131 132 tlen = strlen(token); 133 p = *buf; 134 SKIPLWS(p); 135 orig = p; 136 if (strncasecmp(p, token, tlen) != 0) 137 return NULL; 138 p += tlen; 139 if (*p != '\0' && !ISLWS(*p)) 140 return NULL; 141 SKIPLWS(p); 142 orig = *buf; 143 *buf = p; 144 return orig; 145 } 146 147 #ifndef NO_AUTH 148 /* 149 * Generate authorization response based on given authentication challenge. 150 * Returns -1 if an error occurred, otherwise 0. 151 * Sets response to a malloc(3)ed string; caller should free. 152 */ 153 static int 154 auth_url(const char *challenge, char **response, const char *guser, 155 const char *gpass) 156 { 157 const char *cp, *scheme, *errormsg; 158 char *ep, *clear, *realm; 159 char uuser[BUFSIZ], *gotpass; 160 const char *upass; 161 int rval; 162 size_t len, clen, rlen; 163 164 *response = NULL; 165 clear = realm = NULL; 166 rval = -1; 167 cp = challenge; 168 scheme = "Basic"; /* only support Basic authentication */ 169 gotpass = NULL; 170 171 DPRINTF("auth_url: challenge `%s'\n", challenge); 172 173 if (! match_token(&cp, scheme)) { 174 warnx("Unsupported authentication challenge `%s'", 175 challenge); 176 goto cleanup_auth_url; 177 } 178 179 #define REALM "realm=\"" 180 if (STRNEQUAL(cp, REALM)) 181 cp += sizeof(REALM) - 1; 182 else { 183 warnx("Unsupported authentication challenge `%s'", 184 challenge); 185 goto cleanup_auth_url; 186 } 187 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */ 188 if ((ep = strchr(cp, '\"')) != NULL) { 189 len = ep - cp; 190 realm = (char *)ftp_malloc(len + 1); 191 (void)strlcpy(realm, cp, len + 1); 192 } else { 193 warnx("Unsupported authentication challenge `%s'", 194 challenge); 195 goto cleanup_auth_url; 196 } 197 198 fprintf(ttyout, "Username for `%s': ", realm); 199 if (guser != NULL) { 200 (void)strlcpy(uuser, guser, sizeof(uuser)); 201 fprintf(ttyout, "%s\n", uuser); 202 } else { 203 (void)fflush(ttyout); 204 if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) { 205 warnx("%s; can't authenticate", errormsg); 206 goto cleanup_auth_url; 207 } 208 } 209 if (gpass != NULL) 210 upass = gpass; 211 else { 212 gotpass = getpass("Password: "); 213 if (gotpass == NULL) { 214 warnx("Can't read password"); 215 goto cleanup_auth_url; 216 } 217 upass = gotpass; 218 } 219 220 clen = strlen(uuser) + strlen(upass) + 2; /* user + ":" + pass + "\0" */ 221 clear = (char *)ftp_malloc(clen); 222 (void)strlcpy(clear, uuser, clen); 223 (void)strlcat(clear, ":", clen); 224 (void)strlcat(clear, upass, clen); 225 if (gotpass) 226 memset(gotpass, 0, strlen(gotpass)); 227 228 /* scheme + " " + enc + "\0" */ 229 rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1; 230 *response = (char *)ftp_malloc(rlen); 231 (void)strlcpy(*response, scheme, rlen); 232 len = strlcat(*response, " ", rlen); 233 /* use `clen - 1' to not encode the trailing NUL */ 234 base64_encode((unsigned char *)clear, clen - 1, 235 (unsigned char *)*response + len); 236 memset(clear, 0, clen); 237 rval = 0; 238 239 cleanup_auth_url: 240 FREEPTR(clear); 241 FREEPTR(realm); 242 return (rval); 243 } 244 245 /* 246 * Encode len bytes starting at clear using base64 encoding into encoded, 247 * which should be at least ((len + 2) * 4 / 3 + 1) in size. 248 */ 249 static void 250 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded) 251 { 252 static const unsigned char enc[] = 253 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 254 unsigned char *cp; 255 size_t i; 256 257 cp = encoded; 258 for (i = 0; i < len; i += 3) { 259 *(cp++) = enc[((clear[i + 0] >> 2))]; 260 *(cp++) = enc[((clear[i + 0] << 4) & 0x30) 261 | ((clear[i + 1] >> 4) & 0x0f)]; 262 *(cp++) = enc[((clear[i + 1] << 2) & 0x3c) 263 | ((clear[i + 2] >> 6) & 0x03)]; 264 *(cp++) = enc[((clear[i + 2] ) & 0x3f)]; 265 } 266 *cp = '\0'; 267 while (i-- > len) 268 *(--cp) = '='; 269 } 270 #endif 271 272 /* 273 * Decode %xx escapes in given string, `in-place'. 274 */ 275 static void 276 url_decode(char *url) 277 { 278 unsigned char *p, *q; 279 280 if (EMPTYSTRING(url)) 281 return; 282 p = q = (unsigned char *)url; 283 284 #define HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10)) 285 while (*p) { 286 if (p[0] == '%' 287 && p[1] && isxdigit((unsigned char)p[1]) 288 && p[2] && isxdigit((unsigned char)p[2])) { 289 *q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]); 290 p+=3; 291 } else 292 *q++ = *p++; 293 } 294 *q = '\0'; 295 } 296 297 298 /* 299 * Parse URL of form (per RFC 3986): 300 * <type>://[<user>[:<password>]@]<host>[:<port>][/<path>] 301 * Returns -1 if a parse error occurred, otherwise 0. 302 * It's the caller's responsibility to url_decode() the returned 303 * user, pass and path. 304 * 305 * Sets type to url_t, each of the given char ** pointers to a 306 * malloc(3)ed strings of the relevant section, and port to 307 * the number given, or ftpport if ftp://, or httpport if http://. 308 * 309 * XXX: this is not totally RFC 3986 compliant; <path> will have the 310 * leading `/' unless it's an ftp:// URL, as this makes things easier 311 * for file:// and http:// URLs. ftp:// URLs have the `/' between the 312 * host and the URL-path removed, but any additional leading slashes 313 * in the URL-path are retained (because they imply that we should 314 * later do "CWD" with a null argument). 315 * 316 * Examples: 317 * input URL output path 318 * --------- ----------- 319 * "http://host" "/" 320 * "http://host/" "/" 321 * "http://host/path" "/path" 322 * "file://host/dir/file" "dir/file" 323 * "ftp://host" "" 324 * "ftp://host/" "" 325 * "ftp://host//" "/" 326 * "ftp://host/dir/file" "dir/file" 327 * "ftp://host//dir/file" "/dir/file" 328 */ 329 static int 330 parse_url(const char *url, const char *desc, url_t *utype, 331 char **uuser, char **pass, char **host, char **port, 332 in_port_t *portnum, char **path) 333 { 334 const char *origurl, *tport; 335 char *cp, *ep, *thost; 336 size_t len; 337 338 if (url == NULL || desc == NULL || utype == NULL || uuser == NULL 339 || pass == NULL || host == NULL || port == NULL || portnum == NULL 340 || path == NULL) 341 errx(1, "parse_url: invoked with NULL argument!"); 342 DPRINTF("parse_url: %s `%s'\n", desc, url); 343 344 origurl = url; 345 *utype = UNKNOWN_URL_T; 346 *uuser = *pass = *host = *port = *path = NULL; 347 *portnum = 0; 348 tport = NULL; 349 350 if (STRNEQUAL(url, HTTP_URL)) { 351 url += sizeof(HTTP_URL) - 1; 352 *utype = HTTP_URL_T; 353 *portnum = HTTP_PORT; 354 tport = httpport; 355 } else if (STRNEQUAL(url, FTP_URL)) { 356 url += sizeof(FTP_URL) - 1; 357 *utype = FTP_URL_T; 358 *portnum = FTP_PORT; 359 tport = ftpport; 360 } else if (STRNEQUAL(url, FILE_URL)) { 361 url += sizeof(FILE_URL) - 1; 362 *utype = FILE_URL_T; 363 #ifdef WITH_SSL 364 } else if (STRNEQUAL(url, HTTPS_URL)) { 365 url += sizeof(HTTPS_URL) - 1; 366 *utype = HTTPS_URL_T; 367 *portnum = HTTPS_PORT; 368 tport = httpsport; 369 #endif 370 } else { 371 warnx("Invalid %s `%s'", desc, url); 372 cleanup_parse_url: 373 FREEPTR(*uuser); 374 if (*pass != NULL) 375 memset(*pass, 0, strlen(*pass)); 376 FREEPTR(*pass); 377 FREEPTR(*host); 378 FREEPTR(*port); 379 FREEPTR(*path); 380 return (-1); 381 } 382 383 if (*url == '\0') 384 return (0); 385 386 /* find [user[:pass]@]host[:port] */ 387 ep = strchr(url, '/'); 388 if (ep == NULL) 389 thost = ftp_strdup(url); 390 else { 391 len = ep - url; 392 thost = (char *)ftp_malloc(len + 1); 393 (void)strlcpy(thost, url, len + 1); 394 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 395 ep++; 396 *path = ftp_strdup(ep); 397 } 398 399 cp = strchr(thost, '@'); /* look for user[:pass]@ in URLs */ 400 if (cp != NULL) { 401 if (*utype == FTP_URL_T) 402 anonftp = 0; /* disable anonftp */ 403 *uuser = thost; 404 *cp = '\0'; 405 thost = ftp_strdup(cp + 1); 406 cp = strchr(*uuser, ':'); 407 if (cp != NULL) { 408 *cp = '\0'; 409 *pass = ftp_strdup(cp + 1); 410 } 411 url_decode(*uuser); 412 if (*pass) 413 url_decode(*pass); 414 } 415 416 #ifdef INET6 417 /* 418 * Check if thost is an encoded IPv6 address, as per 419 * RFC 3986: 420 * `[' ipv6-address ']' 421 */ 422 if (*thost == '[') { 423 cp = thost + 1; 424 if ((ep = strchr(cp, ']')) == NULL || 425 (ep[1] != '\0' && ep[1] != ':')) { 426 warnx("Invalid address `%s' in %s `%s'", 427 thost, desc, origurl); 428 goto cleanup_parse_url; 429 } 430 len = ep - cp; /* change `[xyz]' -> `xyz' */ 431 memmove(thost, thost + 1, len); 432 thost[len] = '\0'; 433 if (! isipv6addr(thost)) { 434 warnx("Invalid IPv6 address `%s' in %s `%s'", 435 thost, desc, origurl); 436 goto cleanup_parse_url; 437 } 438 cp = ep + 1; 439 if (*cp == ':') 440 cp++; 441 else 442 cp = NULL; 443 } else 444 #endif /* INET6 */ 445 if ((cp = strchr(thost, ':')) != NULL) 446 *cp++ = '\0'; 447 *host = thost; 448 449 /* look for [:port] */ 450 if (cp != NULL) { 451 unsigned long nport; 452 453 nport = strtoul(cp, &ep, 10); 454 if (*cp == '\0' || *ep != '\0' || 455 nport < 1 || nport > MAX_IN_PORT_T) { 456 warnx("Unknown port `%s' in %s `%s'", 457 cp, desc, origurl); 458 goto cleanup_parse_url; 459 } 460 *portnum = nport; 461 tport = cp; 462 } 463 464 if (tport != NULL) 465 *port = ftp_strdup(tport); 466 if (*path == NULL) { 467 const char *emptypath = "/"; 468 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 469 emptypath++; 470 *path = ftp_strdup(emptypath); 471 } 472 473 DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) " 474 "path `%s'\n", 475 STRorNULL(*uuser), STRorNULL(*pass), 476 STRorNULL(*host), STRorNULL(*port), 477 *portnum ? *portnum : -1, STRorNULL(*path)); 478 479 return (0); 480 } 481 482 sigjmp_buf httpabort; 483 484 static int 485 ftp_socket(const char *host, const char *port, void **ssl) 486 { 487 struct addrinfo hints, *res, *res0 = NULL; 488 int error; 489 int s; 490 491 memset(&hints, 0, sizeof(hints)); 492 hints.ai_flags = 0; 493 hints.ai_family = family; 494 hints.ai_socktype = SOCK_STREAM; 495 hints.ai_protocol = 0; 496 497 error = getaddrinfo(host, port, &hints, &res0); 498 if (error) { 499 warnx("Can't LOOKUP `%s:%s': %s", host, port, 500 (error == EAI_SYSTEM) ? strerror(errno) 501 : gai_strerror(error)); 502 return -1; 503 } 504 505 if (res0->ai_canonname) 506 host = res0->ai_canonname; 507 508 s = -1; 509 if (ssl) 510 *ssl = NULL; 511 for (res = res0; res; res = res->ai_next) { 512 char hname[NI_MAXHOST], sname[NI_MAXSERV]; 513 514 ai_unmapped(res); 515 if (getnameinfo(res->ai_addr, res->ai_addrlen, 516 hname, sizeof(hname), sname, sizeof(sname), 517 NI_NUMERICHOST | NI_NUMERICSERV) != 0) { 518 strlcpy(hname, "?", sizeof(hname)); 519 strlcpy(sname, "?", sizeof(sname)); 520 } 521 522 if (verbose && res0->ai_next) { 523 #ifdef INET6 524 if(res->ai_family == AF_INET6) { 525 fprintf(ttyout, "Trying [%s]:%s ...\n", 526 hname, sname); 527 } else { 528 #endif 529 fprintf(ttyout, "Trying %s:%s ...\n", 530 hname, sname); 531 #ifdef INET6 532 } 533 #endif 534 } 535 536 s = socket(res->ai_family, SOCK_STREAM, res->ai_protocol); 537 if (s < 0) { 538 warn( 539 "Can't create socket for connection to " 540 "`%s:%s'", hname, sname); 541 continue; 542 } 543 544 if (ftp_connect(s, res->ai_addr, res->ai_addrlen, 545 verbose || !res->ai_next) < 0) { 546 close(s); 547 s = -1; 548 continue; 549 } 550 551 #ifdef WITH_SSL 552 if (ssl) { 553 if ((*ssl = fetch_start_ssl(s, host)) == NULL) { 554 close(s); 555 s = -1; 556 continue; 557 } 558 } 559 #endif 560 break; 561 } 562 if (res0) 563 freeaddrinfo(res0); 564 return s; 565 } 566 567 static int 568 handle_noproxy(const char *host, in_port_t portnum) 569 { 570 571 char *cp, *ep, *np, *np_copy, *np_iter, *no_proxy; 572 unsigned long np_port; 573 size_t hlen, plen; 574 int isproxy = 1; 575 576 /* check URL against list of no_proxied sites */ 577 no_proxy = getoptionvalue("no_proxy"); 578 if (EMPTYSTRING(no_proxy)) 579 return isproxy; 580 581 np_iter = np_copy = ftp_strdup(no_proxy); 582 hlen = strlen(host); 583 while ((cp = strsep(&np_iter, " ,")) != NULL) { 584 if (*cp == '\0') 585 continue; 586 if ((np = strrchr(cp, ':')) != NULL) { 587 *np++ = '\0'; 588 np_port = strtoul(np, &ep, 10); 589 if (*np == '\0' || *ep != '\0') 590 continue; 591 if (np_port != portnum) 592 continue; 593 } 594 plen = strlen(cp); 595 if (hlen < plen) 596 continue; 597 if (strncasecmp(host + hlen - plen, cp, plen) == 0) { 598 isproxy = 0; 599 break; 600 } 601 } 602 FREEPTR(np_copy); 603 return isproxy; 604 } 605 606 static int 607 handle_proxy(const char *penv, char **host, char **port, char **puser, 608 char **ppass, url_t *urltype) 609 { 610 url_t purltype; 611 char *phost, *ppath; 612 char *pport; 613 in_port_t pportnum; 614 615 if (isipv6addr(*host) && strchr(*host, '%') != NULL) { 616 warnx("Scoped address notation `%s' disallowed via web proxy", 617 *host); 618 return -1; 619 } 620 621 if (parse_url(penv, "proxy URL", &purltype, puser, ppass, &phost, 622 &pport, &pportnum, &ppath) == -1) 623 return -1; 624 625 if ((!IS_HTTP_TYPE(purltype) && purltype != FTP_URL_T) || 626 EMPTYSTRING(phost) || 627 (! EMPTYSTRING(ppath) && strcmp(ppath, "/") != 0)) { 628 warnx("Malformed proxy URL `%s'", penv); 629 FREEPTR(phost); 630 FREEPTR(pport); 631 FREEPTR(ppath); 632 return -1; 633 } 634 FREEPTR(ppath); 635 636 FREEPTR(*host); 637 *host = phost; 638 FREEPTR(*port); 639 *port = pport; 640 641 *urltype = purltype; 642 643 return 0; 644 } 645 646 /* 647 * Retrieve URL, via a proxy if necessary, using HTTP. 648 * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or 649 * http_proxy/https_proxy as appropriate. 650 * Supports HTTP redirects. 651 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 652 * is still open (e.g, ftp xfer with trailing /) 653 */ 654 static int 655 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth) 656 { 657 sigfunc volatile oldint; 658 sigfunc volatile oldpipe; 659 sigfunc volatile oldalrm; 660 sigfunc volatile oldquit; 661 int volatile s; 662 struct stat sb; 663 int volatile ischunked; 664 int volatile isproxy; 665 int volatile rval; 666 int volatile hcode; 667 int len; 668 size_t flen; 669 static size_t bufsize; 670 static char *xferbuf; 671 const char *cp, *token; 672 char *ep; 673 char buf[FTPBUFLEN]; 674 const char *errormsg; 675 char *volatile savefile; 676 char *volatile auth; 677 char *volatile location; 678 char *volatile message; 679 char *uuser, *pass, *host, *port, *path; 680 char *volatile decodedpath; 681 char *puser, *ppass, *useragent; 682 off_t hashbytes, rangestart, rangeend, entitylen; 683 int (*volatile closefunc)(FILE *); 684 FETCH *volatile fin; 685 FILE *volatile fout; 686 const char *volatile penv = proxyenv; 687 time_t mtime; 688 url_t urltype; 689 in_port_t portnum; 690 void *ssl = NULL; 691 692 DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv)); 693 694 oldquit = oldalrm = oldint = oldpipe = NULL; 695 closefunc = NULL; 696 fin = NULL; 697 fout = NULL; 698 s = -1; 699 savefile = NULL; 700 auth = location = message = NULL; 701 ischunked = isproxy = hcode = 0; 702 rval = 1; 703 uuser = pass = host = path = decodedpath = puser = ppass = NULL; 704 705 if (sigsetjmp(httpabort, 1)) 706 goto cleanup_fetch_url; 707 708 if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port, 709 &portnum, &path) == -1) 710 goto cleanup_fetch_url; 711 712 if (urltype == FILE_URL_T && ! EMPTYSTRING(host) 713 && strcasecmp(host, "localhost") != 0) { 714 warnx("No support for non local file URL `%s'", url); 715 goto cleanup_fetch_url; 716 } 717 718 if (EMPTYSTRING(path)) { 719 if (urltype == FTP_URL_T) { 720 rval = fetch_ftp(url); 721 goto cleanup_fetch_url; 722 } 723 if (!IS_HTTP_TYPE(urltype) || outfile == NULL) { 724 warnx("Invalid URL (no file after host) `%s'", url); 725 goto cleanup_fetch_url; 726 } 727 } 728 729 decodedpath = ftp_strdup(path); 730 url_decode(decodedpath); 731 732 if (outfile) 733 savefile = outfile; 734 else { 735 cp = strrchr(decodedpath, '/'); /* find savefile */ 736 if (cp != NULL) 737 savefile = ftp_strdup(cp + 1); 738 else 739 savefile = ftp_strdup(decodedpath); 740 } 741 DPRINTF("%s: savefile `%s'\n", __func__, savefile); 742 if (EMPTYSTRING(savefile)) { 743 if (urltype == FTP_URL_T) { 744 rval = fetch_ftp(url); 745 goto cleanup_fetch_url; 746 } 747 warnx("No file after directory (you must specify an " 748 "output file) `%s'", url); 749 goto cleanup_fetch_url; 750 } 751 752 restart_point = 0; 753 filesize = -1; 754 rangestart = rangeend = entitylen = -1; 755 mtime = -1; 756 if (restartautofetch) { 757 if (stat(savefile, &sb) == 0) 758 restart_point = sb.st_size; 759 } 760 if (urltype == FILE_URL_T) { /* file:// URLs */ 761 direction = "copied"; 762 fin = fetch_open(decodedpath, "r"); 763 if (fin == NULL) { 764 warn("Can't open `%s'", decodedpath); 765 goto cleanup_fetch_url; 766 } 767 if (fstat(fetch_fileno(fin), &sb) == 0) { 768 mtime = sb.st_mtime; 769 filesize = sb.st_size; 770 } 771 if (restart_point) { 772 if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) { 773 warn("Can't seek to restart `%s'", 774 decodedpath); 775 goto cleanup_fetch_url; 776 } 777 } 778 if (verbose) { 779 fprintf(ttyout, "Copying %s", decodedpath); 780 if (restart_point) 781 fprintf(ttyout, " (restarting at " LLF ")", 782 (LLT)restart_point); 783 fputs("\n", ttyout); 784 } 785 if (0 == rcvbuf_size) { 786 rcvbuf_size = 8 * 1024; /* XXX */ 787 } 788 } else { /* ftp:// or http:// URLs */ 789 const char *leading; 790 int hasleading; 791 792 if (penv == NULL) { 793 #ifdef WITH_SSL 794 if (urltype == HTTPS_URL_T) 795 penv = getoptionvalue("https_proxy"); 796 #endif 797 if (penv == NULL && IS_HTTP_TYPE(urltype)) 798 penv = getoptionvalue("http_proxy"); 799 else if (urltype == FTP_URL_T) 800 penv = getoptionvalue("ftp_proxy"); 801 } 802 direction = "retrieved"; 803 if (! EMPTYSTRING(penv)) { /* use proxy */ 804 805 isproxy = handle_noproxy(host, portnum); 806 807 if (isproxy == 0 && urltype == FTP_URL_T) { 808 rval = fetch_ftp(url); 809 goto cleanup_fetch_url; 810 } 811 812 if (isproxy) { 813 if (restart_point) { 814 warnx( 815 "Can't restart via proxy URL `%s'", 816 penv); 817 goto cleanup_fetch_url; 818 } 819 if (handle_proxy(penv, &host, &port, 820 &puser, &ppass, &urltype) < 0) { 821 goto cleanup_fetch_url; 822 } else { 823 FREEPTR(path); 824 path = ftp_strdup(url); 825 } 826 } 827 } /* ! EMPTYSTRING(penv) */ 828 829 s = ftp_socket(host, port, 830 urltype == HTTPS_URL_T ? &ssl : NULL); 831 if (s < 0) { 832 warnx("Can't connect to `%s:%s'", host, port); 833 goto cleanup_fetch_url; 834 } 835 836 oldalrm = xsignal(SIGALRM, timeouthttp); 837 alarmtimer(quit_time ? quit_time : 60); 838 fin = fetch_fdopen(s, "r+"); 839 fetch_set_ssl(fin, ssl); 840 alarmtimer(0); 841 842 alarmtimer(quit_time ? quit_time : 60); 843 /* 844 * Construct and send the request. 845 */ 846 if (verbose) 847 fprintf(ttyout, "Requesting %s\n", url); 848 leading = " ("; 849 hasleading = 0; 850 if (isproxy) { 851 if (verbose) { 852 fprintf(ttyout, "%svia %s:%s", leading, 853 host, port); 854 leading = ", "; 855 hasleading++; 856 } 857 fetch_printf(fin, "GET %s HTTP/1.0\r\n", path); 858 if (flushcache) 859 fetch_printf(fin, "Pragma: no-cache\r\n"); 860 } else { 861 fetch_printf(fin, "GET %s HTTP/1.1\r\n", path); 862 if (strchr(host, ':')) { 863 char *h, *p; 864 865 /* 866 * strip off IPv6 scope identifier, since it is 867 * local to the node 868 */ 869 h = ftp_strdup(host); 870 if (isipv6addr(h) && 871 (p = strchr(h, '%')) != NULL) { 872 *p = '\0'; 873 } 874 fetch_printf(fin, "Host: [%s]", h); 875 free(h); 876 } else 877 fetch_printf(fin, "Host: %s", host); 878 #ifdef WITH_SSL 879 if ((urltype == HTTP_URL_T && portnum != HTTP_PORT) || 880 (urltype == HTTPS_URL_T && portnum != HTTPS_PORT)) 881 #else 882 if (portnum != HTTP_PORT) 883 #endif 884 fetch_printf(fin, ":%u", portnum); 885 fetch_printf(fin, "\r\n"); 886 fetch_printf(fin, "Accept: */*\r\n"); 887 fetch_printf(fin, "Connection: close\r\n"); 888 if (restart_point) { 889 fputs(leading, ttyout); 890 fetch_printf(fin, "Range: bytes=" LLF "-\r\n", 891 (LLT)restart_point); 892 fprintf(ttyout, "restarting at " LLF, 893 (LLT)restart_point); 894 leading = ", "; 895 hasleading++; 896 } 897 if (flushcache) 898 fetch_printf(fin, "Cache-Control: no-cache\r\n"); 899 } 900 if ((useragent=getenv("FTPUSERAGENT")) != NULL) { 901 fetch_printf(fin, "User-Agent: %s\r\n", useragent); 902 } else { 903 fetch_printf(fin, "User-Agent: %s/%s\r\n", 904 FTP_PRODUCT, FTP_VERSION); 905 } 906 if (wwwauth) { 907 if (verbose) { 908 fprintf(ttyout, "%swith authorization", 909 leading); 910 leading = ", "; 911 hasleading++; 912 } 913 fetch_printf(fin, "Authorization: %s\r\n", wwwauth); 914 } 915 if (proxyauth) { 916 if (verbose) { 917 fprintf(ttyout, 918 "%swith proxy authorization", leading); 919 leading = ", "; 920 hasleading++; 921 } 922 fetch_printf(fin, "Proxy-Authorization: %s\r\n", proxyauth); 923 } 924 if (verbose && hasleading) 925 fputs(")\n", ttyout); 926 fetch_printf(fin, "\r\n"); 927 if (fetch_flush(fin) == EOF) { 928 warn("Writing HTTP request"); 929 alarmtimer(0); 930 goto cleanup_fetch_url; 931 } 932 alarmtimer(0); 933 934 /* Read the response */ 935 alarmtimer(quit_time ? quit_time : 60); 936 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 937 alarmtimer(0); 938 if (len < 0) { 939 if (*errormsg == '\n') 940 errormsg++; 941 warnx("Receiving HTTP reply: %s", errormsg); 942 goto cleanup_fetch_url; 943 } 944 while (len > 0 && (ISLWS(buf[len-1]))) 945 buf[--len] = '\0'; 946 DPRINTF("%s: received `%s'\n", __func__, buf); 947 948 /* Determine HTTP response code */ 949 cp = strchr(buf, ' '); 950 if (cp == NULL) 951 goto improper; 952 else 953 cp++; 954 hcode = strtol(cp, &ep, 10); 955 if (*ep != '\0' && !isspace((unsigned char)*ep)) 956 goto improper; 957 message = ftp_strdup(cp); 958 959 /* Read the rest of the header. */ 960 while (1) { 961 alarmtimer(quit_time ? quit_time : 60); 962 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 963 alarmtimer(0); 964 if (len < 0) { 965 if (*errormsg == '\n') 966 errormsg++; 967 warnx("Receiving HTTP reply: %s", errormsg); 968 goto cleanup_fetch_url; 969 } 970 while (len > 0 && (ISLWS(buf[len-1]))) 971 buf[--len] = '\0'; 972 if (len == 0) 973 break; 974 DPRINTF("%s: received `%s'\n", __func__, buf); 975 976 /* 977 * Look for some headers 978 */ 979 980 cp = buf; 981 982 if (match_token(&cp, "Content-Length:")) { 983 filesize = STRTOLL(cp, &ep, 10); 984 if (filesize < 0 || *ep != '\0') 985 goto improper; 986 DPRINTF("%s: parsed len as: " LLF "\n", 987 __func__, (LLT)filesize); 988 989 } else if (match_token(&cp, "Content-Range:")) { 990 if (! match_token(&cp, "bytes")) 991 goto improper; 992 993 if (*cp == '*') 994 cp++; 995 else { 996 rangestart = STRTOLL(cp, &ep, 10); 997 if (rangestart < 0 || *ep != '-') 998 goto improper; 999 cp = ep + 1; 1000 rangeend = STRTOLL(cp, &ep, 10); 1001 if (rangeend < 0 || rangeend < rangestart) 1002 goto improper; 1003 cp = ep; 1004 } 1005 if (*cp != '/') 1006 goto improper; 1007 cp++; 1008 if (*cp == '*') 1009 cp++; 1010 else { 1011 entitylen = STRTOLL(cp, &ep, 10); 1012 if (entitylen < 0) 1013 goto improper; 1014 cp = ep; 1015 } 1016 if (*cp != '\0') 1017 goto improper; 1018 1019 #ifndef NO_DEBUG 1020 if (ftp_debug) { 1021 fprintf(ttyout, "parsed range as: "); 1022 if (rangestart == -1) 1023 fprintf(ttyout, "*"); 1024 else 1025 fprintf(ttyout, LLF "-" LLF, 1026 (LLT)rangestart, 1027 (LLT)rangeend); 1028 fprintf(ttyout, "/" LLF "\n", (LLT)entitylen); 1029 } 1030 #endif 1031 if (! restart_point) { 1032 warnx( 1033 "Received unexpected Content-Range header"); 1034 goto cleanup_fetch_url; 1035 } 1036 1037 } else if (match_token(&cp, "Last-Modified:")) { 1038 struct tm parsed; 1039 const char *t; 1040 1041 memset(&parsed, 0, sizeof(parsed)); 1042 t = parse_rfc2616time(&parsed, cp); 1043 if (t != NULL) { 1044 parsed.tm_isdst = -1; 1045 if (*t == '\0') 1046 mtime = timegm(&parsed); 1047 #ifndef NO_DEBUG 1048 if (ftp_debug && mtime != -1) { 1049 fprintf(ttyout, 1050 "parsed time as: %s", 1051 rfc2822time(localtime(&mtime))); 1052 } 1053 #endif 1054 } 1055 1056 } else if (match_token(&cp, "Location:")) { 1057 location = ftp_strdup(cp); 1058 DPRINTF("%s: parsed location as `%s'\n", 1059 __func__, cp); 1060 1061 } else if (match_token(&cp, "Transfer-Encoding:")) { 1062 if (match_token(&cp, "binary")) { 1063 warnx( 1064 "Bogus transfer encoding `binary' (fetching anyway)"); 1065 continue; 1066 } 1067 if (! (token = match_token(&cp, "chunked"))) { 1068 warnx( 1069 "Unsupported transfer encoding `%s'", 1070 token); 1071 goto cleanup_fetch_url; 1072 } 1073 ischunked++; 1074 DPRINTF("%s: using chunked encoding\n", 1075 __func__); 1076 1077 } else if (match_token(&cp, "Proxy-Authenticate:") 1078 || match_token(&cp, "WWW-Authenticate:")) { 1079 if (! (token = match_token(&cp, "Basic"))) { 1080 DPRINTF("%s: skipping unknown auth " 1081 "scheme `%s'\n", __func__, token); 1082 continue; 1083 } 1084 FREEPTR(auth); 1085 auth = ftp_strdup(token); 1086 DPRINTF("%s: parsed auth as `%s'\n", 1087 __func__, cp); 1088 } 1089 1090 } 1091 /* finished parsing header */ 1092 1093 switch (hcode) { 1094 case 200: 1095 break; 1096 case 206: 1097 if (! restart_point) { 1098 warnx("Not expecting partial content header"); 1099 goto cleanup_fetch_url; 1100 } 1101 break; 1102 case 300: 1103 case 301: 1104 case 302: 1105 case 303: 1106 case 305: 1107 case 307: 1108 if (EMPTYSTRING(location)) { 1109 warnx( 1110 "No redirection Location provided by server"); 1111 goto cleanup_fetch_url; 1112 } 1113 if (redirect_loop++ > 5) { 1114 warnx("Too many redirections requested"); 1115 goto cleanup_fetch_url; 1116 } 1117 if (hcode == 305) { 1118 if (verbose) 1119 fprintf(ttyout, "Redirected via %s\n", 1120 location); 1121 rval = fetch_url(url, location, 1122 proxyauth, wwwauth); 1123 } else { 1124 if (verbose) 1125 fprintf(ttyout, "Redirected to %s\n", 1126 location); 1127 rval = go_fetch(location); 1128 } 1129 goto cleanup_fetch_url; 1130 #ifndef NO_AUTH 1131 case 401: 1132 case 407: 1133 { 1134 char **authp; 1135 char *auser, *apass; 1136 1137 if (hcode == 401) { 1138 authp = &wwwauth; 1139 auser = uuser; 1140 apass = pass; 1141 } else { 1142 authp = &proxyauth; 1143 auser = puser; 1144 apass = ppass; 1145 } 1146 if (verbose || *authp == NULL || 1147 auser == NULL || apass == NULL) 1148 fprintf(ttyout, "%s\n", message); 1149 if (EMPTYSTRING(auth)) { 1150 warnx( 1151 "No authentication challenge provided by server"); 1152 goto cleanup_fetch_url; 1153 } 1154 if (*authp != NULL) { 1155 char reply[10]; 1156 1157 fprintf(ttyout, 1158 "Authorization failed. Retry (y/n)? "); 1159 if (get_line(stdin, reply, sizeof(reply), NULL) 1160 < 0) { 1161 goto cleanup_fetch_url; 1162 } 1163 if (tolower((unsigned char)reply[0]) != 'y') 1164 goto cleanup_fetch_url; 1165 auser = NULL; 1166 apass = NULL; 1167 } 1168 if (auth_url(auth, authp, auser, apass) == 0) { 1169 rval = fetch_url(url, penv, 1170 proxyauth, wwwauth); 1171 memset(*authp, 0, strlen(*authp)); 1172 FREEPTR(*authp); 1173 } 1174 goto cleanup_fetch_url; 1175 } 1176 #endif 1177 default: 1178 if (message) 1179 warnx("Error retrieving file `%s'", message); 1180 else 1181 warnx("Unknown error retrieving file"); 1182 goto cleanup_fetch_url; 1183 } 1184 } /* end of ftp:// or http:// specific setup */ 1185 1186 /* Open the output file. */ 1187 1188 /* 1189 * Only trust filenames with special meaning if they came from 1190 * the command line 1191 */ 1192 if (outfile == savefile) { 1193 if (strcmp(savefile, "-") == 0) { 1194 fout = stdout; 1195 } else if (*savefile == '|') { 1196 oldpipe = xsignal(SIGPIPE, SIG_IGN); 1197 fout = popen(savefile + 1, "w"); 1198 if (fout == NULL) { 1199 warn("Can't execute `%s'", savefile + 1); 1200 goto cleanup_fetch_url; 1201 } 1202 closefunc = pclose; 1203 } 1204 } 1205 if (fout == NULL) { 1206 if ((rangeend != -1 && rangeend <= restart_point) || 1207 (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { 1208 /* already done */ 1209 if (verbose) 1210 fprintf(ttyout, "already done\n"); 1211 rval = 0; 1212 goto cleanup_fetch_url; 1213 } 1214 if (restart_point && rangestart != -1) { 1215 if (entitylen != -1) 1216 filesize = entitylen; 1217 if (rangestart != restart_point) { 1218 warnx( 1219 "Size of `%s' differs from save file `%s'", 1220 url, savefile); 1221 goto cleanup_fetch_url; 1222 } 1223 fout = fopen(savefile, "a"); 1224 } else 1225 fout = fopen(savefile, "w"); 1226 if (fout == NULL) { 1227 warn("Can't open `%s'", savefile); 1228 goto cleanup_fetch_url; 1229 } 1230 closefunc = fclose; 1231 } 1232 1233 /* Trap signals */ 1234 oldquit = xsignal(SIGQUIT, psummary); 1235 oldint = xsignal(SIGINT, aborthttp); 1236 1237 assert(rcvbuf_size > 0); 1238 if ((size_t)rcvbuf_size > bufsize) { 1239 if (xferbuf) 1240 (void)free(xferbuf); 1241 bufsize = rcvbuf_size; 1242 xferbuf = ftp_malloc(bufsize); 1243 } 1244 1245 bytes = 0; 1246 hashbytes = mark; 1247 if (oldalrm) { 1248 (void)xsignal(SIGALRM, oldalrm); 1249 oldalrm = NULL; 1250 } 1251 progressmeter(-1); 1252 1253 /* Finally, suck down the file. */ 1254 do { 1255 long chunksize; 1256 short lastchunk; 1257 1258 chunksize = 0; 1259 lastchunk = 0; 1260 /* read chunk-size */ 1261 if (ischunked) { 1262 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1263 warnx("Unexpected EOF reading chunk-size"); 1264 goto cleanup_fetch_url; 1265 } 1266 errno = 0; 1267 chunksize = strtol(xferbuf, &ep, 16); 1268 if (ep == xferbuf) { 1269 warnx("Invalid chunk-size"); 1270 goto cleanup_fetch_url; 1271 } 1272 if (errno == ERANGE || chunksize < 0) { 1273 errno = ERANGE; 1274 warn("Chunk-size `%.*s'", 1275 (int)(ep-xferbuf), xferbuf); 1276 goto cleanup_fetch_url; 1277 } 1278 1279 /* 1280 * XXX: Work around bug in Apache 1.3.9 and 1281 * 1.3.11, which incorrectly put trailing 1282 * space after the chunk-size. 1283 */ 1284 while (*ep == ' ') 1285 ep++; 1286 1287 /* skip [ chunk-ext ] */ 1288 if (*ep == ';') { 1289 while (*ep && *ep != '\r') 1290 ep++; 1291 } 1292 1293 if (strcmp(ep, "\r\n") != 0) { 1294 warnx("Unexpected data following chunk-size"); 1295 goto cleanup_fetch_url; 1296 } 1297 DPRINTF("%s: got chunk-size of " LLF "\n", __func__, 1298 (LLT)chunksize); 1299 if (chunksize == 0) { 1300 lastchunk = 1; 1301 goto chunkdone; 1302 } 1303 } 1304 /* transfer file or chunk */ 1305 while (1) { 1306 struct timeval then, now, td; 1307 volatile off_t bufrem; 1308 1309 if (rate_get) 1310 (void)gettimeofday(&then, NULL); 1311 bufrem = rate_get ? rate_get : (off_t)bufsize; 1312 if (ischunked) 1313 bufrem = MIN(chunksize, bufrem); 1314 while (bufrem > 0) { 1315 flen = fetch_read(xferbuf, sizeof(char), 1316 MIN((off_t)bufsize, bufrem), fin); 1317 if (flen <= 0) 1318 goto chunkdone; 1319 bytes += flen; 1320 bufrem -= flen; 1321 if (fwrite(xferbuf, sizeof(char), flen, fout) 1322 != flen) { 1323 warn("Writing `%s'", savefile); 1324 goto cleanup_fetch_url; 1325 } 1326 if (hash && !progress) { 1327 while (bytes >= hashbytes) { 1328 (void)putc('#', ttyout); 1329 hashbytes += mark; 1330 } 1331 (void)fflush(ttyout); 1332 } 1333 if (ischunked) { 1334 chunksize -= flen; 1335 if (chunksize <= 0) 1336 break; 1337 } 1338 } 1339 if (rate_get) { 1340 while (1) { 1341 (void)gettimeofday(&now, NULL); 1342 timersub(&now, &then, &td); 1343 if (td.tv_sec > 0) 1344 break; 1345 usleep(1000000 - td.tv_usec); 1346 } 1347 } 1348 if (ischunked && chunksize <= 0) 1349 break; 1350 } 1351 /* read CRLF after chunk*/ 1352 chunkdone: 1353 if (ischunked) { 1354 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1355 alarmtimer(0); 1356 warnx("Unexpected EOF reading chunk CRLF"); 1357 goto cleanup_fetch_url; 1358 } 1359 if (strcmp(xferbuf, "\r\n") != 0) { 1360 warnx("Unexpected data following chunk"); 1361 goto cleanup_fetch_url; 1362 } 1363 if (lastchunk) 1364 break; 1365 } 1366 } while (ischunked); 1367 1368 /* XXX: deal with optional trailer & CRLF here? */ 1369 1370 if (hash && !progress && bytes > 0) { 1371 if (bytes < mark) 1372 (void)putc('#', ttyout); 1373 (void)putc('\n', ttyout); 1374 } 1375 if (fetch_error(fin)) { 1376 warn("Reading file"); 1377 goto cleanup_fetch_url; 1378 } 1379 progressmeter(1); 1380 (void)fflush(fout); 1381 if (closefunc == fclose && mtime != -1) { 1382 struct timeval tval[2]; 1383 1384 (void)gettimeofday(&tval[0], NULL); 1385 tval[1].tv_sec = mtime; 1386 tval[1].tv_usec = 0; 1387 (*closefunc)(fout); 1388 fout = NULL; 1389 1390 if (utimes(savefile, tval) == -1) { 1391 fprintf(ttyout, 1392 "Can't change modification time to %s", 1393 rfc2822time(localtime(&mtime))); 1394 } 1395 } 1396 if (bytes > 0) 1397 ptransfer(0); 1398 bytes = 0; 1399 1400 rval = 0; 1401 goto cleanup_fetch_url; 1402 1403 improper: 1404 warnx("Improper response from `%s:%s'", host, port); 1405 1406 cleanup_fetch_url: 1407 if (oldint) 1408 (void)xsignal(SIGINT, oldint); 1409 if (oldpipe) 1410 (void)xsignal(SIGPIPE, oldpipe); 1411 if (oldalrm) 1412 (void)xsignal(SIGALRM, oldalrm); 1413 if (oldquit) 1414 (void)xsignal(SIGQUIT, oldpipe); 1415 if (fin != NULL) 1416 fetch_close(fin); 1417 else if (s != -1) 1418 close(s); 1419 if (closefunc != NULL && fout != NULL) 1420 (*closefunc)(fout); 1421 if (savefile != outfile) 1422 FREEPTR(savefile); 1423 FREEPTR(uuser); 1424 if (pass != NULL) 1425 memset(pass, 0, strlen(pass)); 1426 FREEPTR(pass); 1427 FREEPTR(host); 1428 FREEPTR(port); 1429 FREEPTR(path); 1430 FREEPTR(decodedpath); 1431 FREEPTR(puser); 1432 if (ppass != NULL) 1433 memset(ppass, 0, strlen(ppass)); 1434 FREEPTR(ppass); 1435 FREEPTR(auth); 1436 FREEPTR(location); 1437 FREEPTR(message); 1438 return (rval); 1439 } 1440 1441 /* 1442 * Abort a HTTP retrieval 1443 */ 1444 static void 1445 aborthttp(int notused) 1446 { 1447 char msgbuf[100]; 1448 int len; 1449 1450 sigint_raised = 1; 1451 alarmtimer(0); 1452 if (fromatty) { 1453 len = snprintf(msgbuf, sizeof(msgbuf), 1454 "\n%s: HTTP fetch aborted.\n", getprogname()); 1455 if (len > 0) 1456 write(fileno(ttyout), msgbuf, len); 1457 } 1458 siglongjmp(httpabort, 1); 1459 } 1460 1461 static void 1462 timeouthttp(int notused) 1463 { 1464 char msgbuf[100]; 1465 int len; 1466 1467 alarmtimer(0); 1468 if (fromatty) { 1469 len = snprintf(msgbuf, sizeof(msgbuf), 1470 "\n%s: HTTP fetch timeout.\n", getprogname()); 1471 if (len > 0) 1472 write(fileno(ttyout), msgbuf, len); 1473 } 1474 siglongjmp(httpabort, 1); 1475 } 1476 1477 /* 1478 * Retrieve ftp URL or classic ftp argument using FTP. 1479 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1480 * is still open (e.g, ftp xfer with trailing /) 1481 */ 1482 static int 1483 fetch_ftp(const char *url) 1484 { 1485 char *cp, *xargv[5], rempath[MAXPATHLEN]; 1486 char *host, *path, *dir, *file, *uuser, *pass; 1487 char *port; 1488 char cmdbuf[MAXPATHLEN]; 1489 char dirbuf[4]; 1490 int dirhasglob, filehasglob, rval, transtype, xargc; 1491 int oanonftp, oautologin; 1492 in_port_t portnum; 1493 url_t urltype; 1494 1495 DPRINTF("fetch_ftp: `%s'\n", url); 1496 host = path = dir = file = uuser = pass = NULL; 1497 port = NULL; 1498 rval = 1; 1499 transtype = TYPE_I; 1500 1501 if (STRNEQUAL(url, FTP_URL)) { 1502 if ((parse_url(url, "URL", &urltype, &uuser, &pass, 1503 &host, &port, &portnum, &path) == -1) || 1504 (uuser != NULL && *uuser == '\0') || 1505 EMPTYSTRING(host)) { 1506 warnx("Invalid URL `%s'", url); 1507 goto cleanup_fetch_ftp; 1508 } 1509 /* 1510 * Note: Don't url_decode(path) here. We need to keep the 1511 * distinction between "/" and "%2F" until later. 1512 */ 1513 1514 /* check for trailing ';type=[aid]' */ 1515 if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) { 1516 if (strcasecmp(cp, ";type=a") == 0) 1517 transtype = TYPE_A; 1518 else if (strcasecmp(cp, ";type=i") == 0) 1519 transtype = TYPE_I; 1520 else if (strcasecmp(cp, ";type=d") == 0) { 1521 warnx( 1522 "Directory listing via a URL is not supported"); 1523 goto cleanup_fetch_ftp; 1524 } else { 1525 warnx("Invalid suffix `%s' in URL `%s'", cp, 1526 url); 1527 goto cleanup_fetch_ftp; 1528 } 1529 *cp = 0; 1530 } 1531 } else { /* classic style `[user@]host:[file]' */ 1532 urltype = CLASSIC_URL_T; 1533 host = ftp_strdup(url); 1534 cp = strchr(host, '@'); 1535 if (cp != NULL) { 1536 *cp = '\0'; 1537 uuser = host; 1538 anonftp = 0; /* disable anonftp */ 1539 host = ftp_strdup(cp + 1); 1540 } 1541 cp = strchr(host, ':'); 1542 if (cp != NULL) { 1543 *cp = '\0'; 1544 path = ftp_strdup(cp + 1); 1545 } 1546 } 1547 if (EMPTYSTRING(host)) 1548 goto cleanup_fetch_ftp; 1549 1550 /* Extract the file and (if present) directory name. */ 1551 dir = path; 1552 if (! EMPTYSTRING(dir)) { 1553 /* 1554 * If we are dealing with classic `[user@]host:[path]' syntax, 1555 * then a path of the form `/file' (resulting from input of the 1556 * form `host:/file') means that we should do "CWD /" before 1557 * retrieving the file. So we set dir="/" and file="file". 1558 * 1559 * But if we are dealing with URLs like `ftp://host/path' then 1560 * a path of the form `/file' (resulting from a URL of the form 1561 * `ftp://host//file') means that we should do `CWD ' (with an 1562 * empty argument) before retrieving the file. So we set 1563 * dir="" and file="file". 1564 * 1565 * If the path does not contain / at all, we set dir=NULL. 1566 * (We get a path without any slashes if we are dealing with 1567 * classic `[user@]host:[file]' or URL `ftp://host/file'.) 1568 * 1569 * In all other cases, we set dir to a string that does not 1570 * include the final '/' that separates the dir part from the 1571 * file part of the path. (This will be the empty string if 1572 * and only if we are dealing with a path of the form `/file' 1573 * resulting from an URL of the form `ftp://host//file'.) 1574 */ 1575 cp = strrchr(dir, '/'); 1576 if (cp == dir && urltype == CLASSIC_URL_T) { 1577 file = cp + 1; 1578 (void)strlcpy(dirbuf, "/", sizeof(dirbuf)); 1579 dir = dirbuf; 1580 } else if (cp != NULL) { 1581 *cp++ = '\0'; 1582 file = cp; 1583 } else { 1584 file = dir; 1585 dir = NULL; 1586 } 1587 } else 1588 dir = NULL; 1589 if (urltype == FTP_URL_T && file != NULL) { 1590 url_decode(file); 1591 /* but still don't url_decode(dir) */ 1592 } 1593 DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s " 1594 "path `%s' dir `%s' file `%s'\n", 1595 STRorNULL(uuser), STRorNULL(pass), 1596 STRorNULL(host), STRorNULL(port), 1597 STRorNULL(path), STRorNULL(dir), STRorNULL(file)); 1598 1599 dirhasglob = filehasglob = 0; 1600 if (doglob && urltype == CLASSIC_URL_T) { 1601 if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL) 1602 dirhasglob = 1; 1603 if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL) 1604 filehasglob = 1; 1605 } 1606 1607 /* Set up the connection */ 1608 oanonftp = anonftp; 1609 if (connected) 1610 disconnect(0, NULL); 1611 anonftp = oanonftp; 1612 (void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf)); 1613 xargv[0] = cmdbuf; 1614 xargv[1] = host; 1615 xargv[2] = NULL; 1616 xargc = 2; 1617 if (port) { 1618 xargv[2] = port; 1619 xargv[3] = NULL; 1620 xargc = 3; 1621 } 1622 oautologin = autologin; 1623 /* don't autologin in setpeer(), use ftp_login() below */ 1624 autologin = 0; 1625 setpeer(xargc, xargv); 1626 autologin = oautologin; 1627 if ((connected == 0) || 1628 (connected == 1 && !ftp_login(host, uuser, pass))) { 1629 warnx("Can't connect or login to host `%s:%s'", 1630 host, port ? port : "?"); 1631 goto cleanup_fetch_ftp; 1632 } 1633 1634 switch (transtype) { 1635 case TYPE_A: 1636 setascii(1, xargv); 1637 break; 1638 case TYPE_I: 1639 setbinary(1, xargv); 1640 break; 1641 default: 1642 errx(1, "fetch_ftp: unknown transfer type %d", transtype); 1643 } 1644 1645 /* 1646 * Change directories, if necessary. 1647 * 1648 * Note: don't use EMPTYSTRING(dir) below, because 1649 * dir=="" means something different from dir==NULL. 1650 */ 1651 if (dir != NULL && !dirhasglob) { 1652 char *nextpart; 1653 1654 /* 1655 * If we are dealing with a classic `[user@]host:[path]' 1656 * (urltype is CLASSIC_URL_T) then we have a raw directory 1657 * name (not encoded in any way) and we can change 1658 * directories in one step. 1659 * 1660 * If we are dealing with an `ftp://host/path' URL 1661 * (urltype is FTP_URL_T), then RFC 3986 says we need to 1662 * send a separate CWD command for each unescaped "/" 1663 * in the path, and we have to interpret %hex escaping 1664 * *after* we find the slashes. It's possible to get 1665 * empty components here, (from multiple adjacent 1666 * slashes in the path) and RFC 3986 says that we should 1667 * still do `CWD ' (with a null argument) in such cases. 1668 * 1669 * Many ftp servers don't support `CWD ', so if there's an 1670 * error performing that command, bail out with a descriptive 1671 * message. 1672 * 1673 * Examples: 1674 * 1675 * host: dir="", urltype=CLASSIC_URL_T 1676 * logged in (to default directory) 1677 * host:file dir=NULL, urltype=CLASSIC_URL_T 1678 * "RETR file" 1679 * host:dir/ dir="dir", urltype=CLASSIC_URL_T 1680 * "CWD dir", logged in 1681 * ftp://host/ dir="", urltype=FTP_URL_T 1682 * logged in (to default directory) 1683 * ftp://host/dir/ dir="dir", urltype=FTP_URL_T 1684 * "CWD dir", logged in 1685 * ftp://host/file dir=NULL, urltype=FTP_URL_T 1686 * "RETR file" 1687 * ftp://host//file dir="", urltype=FTP_URL_T 1688 * "CWD ", "RETR file" 1689 * host:/file dir="/", urltype=CLASSIC_URL_T 1690 * "CWD /", "RETR file" 1691 * ftp://host///file dir="/", urltype=FTP_URL_T 1692 * "CWD ", "CWD ", "RETR file" 1693 * ftp://host/%2F/file dir="%2F", urltype=FTP_URL_T 1694 * "CWD /", "RETR file" 1695 * ftp://host/foo/file dir="foo", urltype=FTP_URL_T 1696 * "CWD foo", "RETR file" 1697 * ftp://host/foo/bar/file dir="foo/bar" 1698 * "CWD foo", "CWD bar", "RETR file" 1699 * ftp://host//foo/bar/file dir="/foo/bar" 1700 * "CWD ", "CWD foo", "CWD bar", "RETR file" 1701 * ftp://host/foo//bar/file dir="foo//bar" 1702 * "CWD foo", "CWD ", "CWD bar", "RETR file" 1703 * ftp://host/%2F/foo/bar/file dir="%2F/foo/bar" 1704 * "CWD /", "CWD foo", "CWD bar", "RETR file" 1705 * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar" 1706 * "CWD /foo", "CWD bar", "RETR file" 1707 * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar" 1708 * "CWD /foo/bar", "RETR file" 1709 * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL 1710 * "RETR /foo/bar/file" 1711 * 1712 * Note that we don't need `dir' after this point. 1713 */ 1714 do { 1715 if (urltype == FTP_URL_T) { 1716 nextpart = strchr(dir, '/'); 1717 if (nextpart) { 1718 *nextpart = '\0'; 1719 nextpart++; 1720 } 1721 url_decode(dir); 1722 } else 1723 nextpart = NULL; 1724 DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n", 1725 STRorNULL(dir), STRorNULL(nextpart)); 1726 if (urltype == FTP_URL_T || *dir != '\0') { 1727 (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf)); 1728 xargv[0] = cmdbuf; 1729 xargv[1] = dir; 1730 xargv[2] = NULL; 1731 dirchange = 0; 1732 cd(2, xargv); 1733 if (! dirchange) { 1734 if (*dir == '\0' && code == 500) 1735 fprintf(stderr, 1736 "\n" 1737 "ftp: The `CWD ' command (without a directory), which is required by\n" 1738 " RFC 3986 to support the empty directory in the URL pathname (`//'),\n" 1739 " conflicts with the server's conformance to RFC 959.\n" 1740 " Try the same URL without the `//' in the URL pathname.\n" 1741 "\n"); 1742 goto cleanup_fetch_ftp; 1743 } 1744 } 1745 dir = nextpart; 1746 } while (dir != NULL); 1747 } 1748 1749 if (EMPTYSTRING(file)) { 1750 rval = -1; 1751 goto cleanup_fetch_ftp; 1752 } 1753 1754 if (dirhasglob) { 1755 (void)strlcpy(rempath, dir, sizeof(rempath)); 1756 (void)strlcat(rempath, "/", sizeof(rempath)); 1757 (void)strlcat(rempath, file, sizeof(rempath)); 1758 file = rempath; 1759 } 1760 1761 /* Fetch the file(s). */ 1762 xargc = 2; 1763 (void)strlcpy(cmdbuf, "get", sizeof(cmdbuf)); 1764 xargv[0] = cmdbuf; 1765 xargv[1] = file; 1766 xargv[2] = NULL; 1767 if (dirhasglob || filehasglob) { 1768 int ointeractive; 1769 1770 ointeractive = interactive; 1771 interactive = 0; 1772 if (restartautofetch) 1773 (void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf)); 1774 else 1775 (void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf)); 1776 xargv[0] = cmdbuf; 1777 mget(xargc, xargv); 1778 interactive = ointeractive; 1779 } else { 1780 if (outfile == NULL) { 1781 cp = strrchr(file, '/'); /* find savefile */ 1782 if (cp != NULL) 1783 outfile = cp + 1; 1784 else 1785 outfile = file; 1786 } 1787 xargv[2] = (char *)outfile; 1788 xargv[3] = NULL; 1789 xargc++; 1790 if (restartautofetch) 1791 reget(xargc, xargv); 1792 else 1793 get(xargc, xargv); 1794 } 1795 1796 if ((code / 100) == COMPLETE) 1797 rval = 0; 1798 1799 cleanup_fetch_ftp: 1800 FREEPTR(port); 1801 FREEPTR(host); 1802 FREEPTR(path); 1803 FREEPTR(uuser); 1804 if (pass) 1805 memset(pass, 0, strlen(pass)); 1806 FREEPTR(pass); 1807 return (rval); 1808 } 1809 1810 /* 1811 * Retrieve the given file to outfile. 1812 * Supports arguments of the form: 1813 * "host:path", "ftp://host/path" if $ftpproxy, call fetch_url() else 1814 * call fetch_ftp() 1815 * "http://host/path" call fetch_url() to use HTTP 1816 * "file:///path" call fetch_url() to copy 1817 * "about:..." print a message 1818 * 1819 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1820 * is still open (e.g, ftp xfer with trailing /) 1821 */ 1822 static int 1823 go_fetch(const char *url) 1824 { 1825 char *proxyenv; 1826 char *p; 1827 1828 #ifndef NO_ABOUT 1829 /* 1830 * Check for about:* 1831 */ 1832 if (STRNEQUAL(url, ABOUT_URL)) { 1833 url += sizeof(ABOUT_URL) -1; 1834 if (strcasecmp(url, "ftp") == 0 || 1835 strcasecmp(url, "tnftp") == 0) { 1836 fputs( 1837 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n" 1838 "for the NetBSD project. Execute `man ftp' for more details.\n", ttyout); 1839 } else if (strcasecmp(url, "lukem") == 0) { 1840 fputs( 1841 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n" 1842 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout); 1843 } else if (strcasecmp(url, "netbsd") == 0) { 1844 fputs( 1845 "NetBSD is a freely available and redistributable UNIX-like operating system.\n" 1846 "For more information, see http://www.NetBSD.org/\n", ttyout); 1847 } else if (strcasecmp(url, "version") == 0) { 1848 fprintf(ttyout, "Version: %s %s%s\n", 1849 FTP_PRODUCT, FTP_VERSION, 1850 #ifdef INET6 1851 "" 1852 #else 1853 " (-IPv6)" 1854 #endif 1855 ); 1856 } else { 1857 fprintf(ttyout, "`%s' is an interesting topic.\n", url); 1858 } 1859 fputs("\n", ttyout); 1860 return (0); 1861 } 1862 #endif 1863 1864 /* 1865 * Check for file:// and http:// URLs. 1866 */ 1867 if (STRNEQUAL(url, HTTP_URL) 1868 #ifdef WITH_SSL 1869 || STRNEQUAL(url, HTTPS_URL) 1870 #endif 1871 || STRNEQUAL(url, FILE_URL)) 1872 return (fetch_url(url, NULL, NULL, NULL)); 1873 1874 /* 1875 * If it contains "://" but does not begin with ftp:// 1876 * or something that was already handled, then it's 1877 * unsupported. 1878 * 1879 * If it contains ":" but not "://" then we assume the 1880 * part before the colon is a host name, not an URL scheme, 1881 * so we don't try to match that here. 1882 */ 1883 if ((p = strstr(url, "://")) != NULL && ! STRNEQUAL(url, FTP_URL)) 1884 errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url); 1885 1886 /* 1887 * Try FTP URL-style and host:file arguments next. 1888 * If ftpproxy is set with an FTP URL, use fetch_url() 1889 * Othewise, use fetch_ftp(). 1890 */ 1891 proxyenv = getoptionvalue("ftp_proxy"); 1892 if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL)) 1893 return (fetch_url(url, NULL, NULL, NULL)); 1894 1895 return (fetch_ftp(url)); 1896 } 1897 1898 /* 1899 * Retrieve multiple files from the command line, 1900 * calling go_fetch() for each file. 1901 * 1902 * If an ftp path has a trailing "/", the path will be cd-ed into and 1903 * the connection remains open, and the function will return -1 1904 * (to indicate the connection is alive). 1905 * If an error occurs the return value will be the offset+1 in 1906 * argv[] of the file that caused a problem (i.e, argv[x] 1907 * returns x+1) 1908 * Otherwise, 0 is returned if all files retrieved successfully. 1909 */ 1910 int 1911 auto_fetch(int argc, char *argv[]) 1912 { 1913 volatile int argpos, rval; 1914 1915 argpos = rval = 0; 1916 1917 if (sigsetjmp(toplevel, 1)) { 1918 if (connected) 1919 disconnect(0, NULL); 1920 if (rval > 0) 1921 rval = argpos + 1; 1922 return (rval); 1923 } 1924 (void)xsignal(SIGINT, intr); 1925 (void)xsignal(SIGPIPE, lostpeer); 1926 1927 /* 1928 * Loop through as long as there's files to fetch. 1929 */ 1930 for (; (rval == 0) && (argpos < argc); argpos++) { 1931 if (strchr(argv[argpos], ':') == NULL) 1932 break; 1933 redirect_loop = 0; 1934 if (!anonftp) 1935 anonftp = 2; /* Handle "automatic" transfers. */ 1936 rval = go_fetch(argv[argpos]); 1937 if (outfile != NULL && strcmp(outfile, "-") != 0 1938 && outfile[0] != '|') 1939 outfile = NULL; 1940 if (rval > 0) 1941 rval = argpos + 1; 1942 } 1943 1944 if (connected && rval != -1) 1945 disconnect(0, NULL); 1946 return (rval); 1947 } 1948 1949 1950 /* 1951 * Upload multiple files from the command line. 1952 * 1953 * If an error occurs the return value will be the offset+1 in 1954 * argv[] of the file that caused a problem (i.e, argv[x] 1955 * returns x+1) 1956 * Otherwise, 0 is returned if all files uploaded successfully. 1957 */ 1958 int 1959 auto_put(int argc, char **argv, const char *uploadserver) 1960 { 1961 char *uargv[4], *path, *pathsep; 1962 int uargc, rval, argpos; 1963 size_t len; 1964 char cmdbuf[MAX_C_NAME]; 1965 1966 (void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf)); 1967 uargv[0] = cmdbuf; 1968 uargv[1] = argv[0]; 1969 uargc = 2; 1970 uargv[2] = uargv[3] = NULL; 1971 pathsep = NULL; 1972 rval = 1; 1973 1974 DPRINTF("auto_put: target `%s'\n", uploadserver); 1975 1976 path = ftp_strdup(uploadserver); 1977 len = strlen(path); 1978 if (path[len - 1] != '/' && path[len - 1] != ':') { 1979 /* 1980 * make sure we always pass a directory to auto_fetch 1981 */ 1982 if (argc > 1) { /* more than one file to upload */ 1983 len = strlen(uploadserver) + 2; /* path + "/" + "\0" */ 1984 free(path); 1985 path = (char *)ftp_malloc(len); 1986 (void)strlcpy(path, uploadserver, len); 1987 (void)strlcat(path, "/", len); 1988 } else { /* single file to upload */ 1989 (void)strlcpy(cmdbuf, "put", sizeof(cmdbuf)); 1990 uargv[0] = cmdbuf; 1991 pathsep = strrchr(path, '/'); 1992 if (pathsep == NULL) { 1993 pathsep = strrchr(path, ':'); 1994 if (pathsep == NULL) { 1995 warnx("Invalid URL `%s'", path); 1996 goto cleanup_auto_put; 1997 } 1998 pathsep++; 1999 uargv[2] = ftp_strdup(pathsep); 2000 pathsep[0] = '/'; 2001 } else 2002 uargv[2] = ftp_strdup(pathsep + 1); 2003 pathsep[1] = '\0'; 2004 uargc++; 2005 } 2006 } 2007 DPRINTF("auto_put: URL `%s' argv[2] `%s'\n", 2008 path, STRorNULL(uargv[2])); 2009 2010 /* connect and cwd */ 2011 rval = auto_fetch(1, &path); 2012 if(rval >= 0) 2013 goto cleanup_auto_put; 2014 2015 rval = 0; 2016 2017 /* target filename provided; upload 1 file */ 2018 /* XXX : is this the best way? */ 2019 if (uargc == 3) { 2020 uargv[1] = argv[0]; 2021 put(uargc, uargv); 2022 if ((code / 100) != COMPLETE) 2023 rval = 1; 2024 } else { /* otherwise a target dir: upload all files to it */ 2025 for(argpos = 0; argv[argpos] != NULL; argpos++) { 2026 uargv[1] = argv[argpos]; 2027 mput(uargc, uargv); 2028 if ((code / 100) != COMPLETE) { 2029 rval = argpos + 1; 2030 break; 2031 } 2032 } 2033 } 2034 2035 cleanup_auto_put: 2036 free(path); 2037 FREEPTR(uargv[2]); 2038 return (rval); 2039 } 2040