1 /* $OpenBSD: fetch.c,v 1.208 2021/11/10 07:32:55 kn Exp $ */ 2 /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ 3 4 /*- 5 * Copyright (c) 1997 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Jason Thorpe and Luke Mewburn. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * FTP User Program -- Command line file retrieval 35 */ 36 37 #include <sys/types.h> 38 #include <sys/socket.h> 39 #include <sys/stat.h> 40 41 #include <netinet/in.h> 42 43 #include <arpa/ftp.h> 44 #include <arpa/inet.h> 45 46 #include <ctype.h> 47 #include <err.h> 48 #include <libgen.h> 49 #include <netdb.h> 50 #include <fcntl.h> 51 #include <signal.h> 52 #include <vis.h> 53 #include <stdio.h> 54 #include <stdarg.h> 55 #include <errno.h> 56 #include <stdlib.h> 57 #include <string.h> 58 #include <unistd.h> 59 #include <resolv.h> 60 #include <utime.h> 61 62 #ifndef NOSSL 63 #include <tls.h> 64 #else /* !NOSSL */ 65 struct tls; 66 #endif /* !NOSSL */ 67 68 #include "ftp_var.h" 69 #include "cmds.h" 70 71 static int file_get(const char *, const char *); 72 static int url_get(const char *, const char *, const char *, int); 73 static int save_chunked(FILE *, struct tls *, int , char *, size_t); 74 static void aborthttp(int); 75 static char hextochar(const char *); 76 static char *urldecode(const char *); 77 static char *recode_credentials(const char *_userinfo); 78 static void ftp_close(FILE **, struct tls **, int *); 79 static const char *sockerror(struct tls *); 80 #ifdef SMALL 81 #define ftp_printf(fp, ...) fprintf(fp, __VA_ARGS__) 82 #else 83 static int ftp_printf(FILE *, const char *, ...); 84 #endif /* SMALL */ 85 #ifndef NOSSL 86 static int proxy_connect(int, char *, char *); 87 static int stdio_tls_write_wrapper(void *, const char *, int); 88 static int stdio_tls_read_wrapper(void *, char *, int); 89 #endif /* !NOSSL */ 90 91 #define FTP_URL "ftp://" /* ftp URL prefix */ 92 #define HTTP_URL "http://" /* http URL prefix */ 93 #define HTTPS_URL "https://" /* https URL prefix */ 94 #define FILE_URL "file:" /* file URL prefix */ 95 #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */ 96 #define HTTP_PROXY "http_proxy" /* env var with http proxy location */ 97 98 #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0')) 99 100 static const char at_encoding_warning[] = 101 "Extra `@' characters in usernames and passwords should be encoded as %%40"; 102 103 static jmp_buf httpabort; 104 105 static int redirect_loop; 106 static int retried; 107 108 /* 109 * Determine whether the character needs encoding, per RFC2396. 110 */ 111 static int 112 to_encode(const char *c0) 113 { 114 /* 2.4.3. Excluded US-ASCII Characters */ 115 const char *excluded_chars = 116 " " /* space */ 117 "<>#\"" /* delims (modulo "%", see below) */ 118 "{}|\\^[]`" /* unwise */ 119 ; 120 const unsigned char *c = (const unsigned char *)c0; 121 122 /* 123 * No corresponding graphic US-ASCII. 124 * Control characters and octets not used in US-ASCII. 125 */ 126 return (iscntrl(*c) || !isascii(*c) || 127 128 /* 129 * '%' is also reserved, if is not followed by two 130 * hexadecimal digits. 131 */ 132 strchr(excluded_chars, *c) != NULL || 133 (*c == '%' && (!isxdigit(c[1]) || !isxdigit(c[2])))); 134 } 135 136 /* 137 * Encode given URL, per RFC2396. 138 * Allocate and return string to the caller. 139 */ 140 static char * 141 url_encode(const char *path) 142 { 143 size_t i, length, new_length; 144 char *epath, *epathp; 145 146 length = new_length = strlen(path); 147 148 /* 149 * First pass: 150 * Count characters to encode and determine length of the final URL. 151 */ 152 for (i = 0; i < length; i++) 153 if (to_encode(path + i)) 154 new_length += 2; 155 156 epath = epathp = malloc(new_length + 1); /* One more for '\0'. */ 157 if (epath == NULL) 158 err(1, "Can't allocate memory for URL encoding"); 159 160 /* 161 * Second pass: 162 * Encode, and copy final URL. 163 */ 164 for (i = 0; i < length; i++) 165 if (to_encode(path + i)) { 166 snprintf(epathp, 4, "%%" "%02x", 167 (unsigned char)path[i]); 168 epathp += 3; 169 } else 170 *(epathp++) = path[i]; 171 172 *epathp = '\0'; 173 return (epath); 174 } 175 176 /* ARGSUSED */ 177 static void 178 tooslow(int signo) 179 { 180 dprintf(STDERR_FILENO, "%s: connect taking too long\n", __progname); 181 _exit(2); 182 } 183 184 /* 185 * Copy a local file (used by the OpenBSD installer). 186 * Returns -1 on failure, 0 on success 187 */ 188 static int 189 file_get(const char *path, const char *outfile) 190 { 191 struct stat st; 192 int fd, out = -1, rval = -1, save_errno; 193 volatile sig_t oldintr, oldinti; 194 const char *savefile; 195 char *buf = NULL, *cp, *pathbuf = NULL; 196 const size_t buflen = 128 * 1024; 197 off_t hashbytes; 198 ssize_t len, wlen; 199 200 direction = "received"; 201 202 fd = open(path, O_RDONLY); 203 if (fd == -1) { 204 warn("Can't open file %s", path); 205 return -1; 206 } 207 208 if (fstat(fd, &st) == -1) 209 filesize = -1; 210 else 211 filesize = st.st_size; 212 213 if (outfile != NULL) 214 savefile = outfile; 215 else { 216 if (path[strlen(path) - 1] == '/') /* Consider no file */ 217 savefile = NULL; /* after dir invalid. */ 218 else { 219 pathbuf = strdup(path); 220 if (pathbuf == NULL) 221 errx(1, "Can't allocate memory for filename"); 222 savefile = basename(pathbuf); 223 } 224 } 225 226 if (EMPTYSTRING(savefile)) { 227 warnx("No filename after directory (use -o): %s", path); 228 goto cleanup_copy; 229 } 230 231 /* Open the output file. */ 232 if (!pipeout) { 233 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); 234 if (out == -1) { 235 warn("Can't open %s", savefile); 236 goto cleanup_copy; 237 } 238 } else 239 out = fileno(stdout); 240 241 if ((buf = malloc(buflen)) == NULL) 242 errx(1, "Can't allocate memory for transfer buffer"); 243 244 /* Trap signals */ 245 oldintr = NULL; 246 oldinti = NULL; 247 if (setjmp(httpabort)) { 248 if (oldintr) 249 (void)signal(SIGINT, oldintr); 250 if (oldinti) 251 (void)signal(SIGINFO, oldinti); 252 goto cleanup_copy; 253 } 254 oldintr = signal(SIGINT, aborthttp); 255 256 bytes = 0; 257 hashbytes = mark; 258 progressmeter(-1, path); 259 260 /* Finally, suck down the file. */ 261 oldinti = signal(SIGINFO, psummary); 262 while ((len = read(fd, buf, buflen)) > 0) { 263 bytes += len; 264 for (cp = buf; len > 0; len -= wlen, cp += wlen) { 265 if ((wlen = write(out, cp, len)) == -1) { 266 warn("Writing %s", savefile); 267 signal(SIGINT, oldintr); 268 signal(SIGINFO, oldinti); 269 goto cleanup_copy; 270 } 271 } 272 if (hash && !progress) { 273 while (bytes >= hashbytes) { 274 (void)putc('#', ttyout); 275 hashbytes += mark; 276 } 277 (void)fflush(ttyout); 278 } 279 } 280 save_errno = errno; 281 signal(SIGINT, oldintr); 282 signal(SIGINFO, oldinti); 283 if (hash && !progress && bytes > 0) { 284 if (bytes < mark) 285 (void)putc('#', ttyout); 286 (void)putc('\n', ttyout); 287 (void)fflush(ttyout); 288 } 289 if (len == -1) { 290 warnc(save_errno, "Reading from file"); 291 goto cleanup_copy; 292 } 293 progressmeter(1, NULL); 294 if (verbose) 295 ptransfer(0); 296 297 rval = 0; 298 299 cleanup_copy: 300 free(buf); 301 free(pathbuf); 302 if (out >= 0 && out != fileno(stdout)) 303 close(out); 304 close(fd); 305 306 return rval; 307 } 308 309 /* 310 * Retrieve URL, via the proxy in $proxyvar if necessary. 311 * Returns -1 on failure, 0 on success 312 */ 313 static int 314 url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile) 315 { 316 char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; 317 char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; 318 char *epath, *redirurl, *loctail, *h, *p, gerror[200]; 319 int error, isftpurl = 0, isredirect = 0, rval = -1; 320 int isunavail = 0, retryafter = -1; 321 struct addrinfo hints, *res0, *res; 322 const char *savefile; 323 char *pathbuf = NULL; 324 char *proxyurl = NULL; 325 char *credentials = NULL, *proxy_credentials = NULL; 326 int fd = -1, out = -1; 327 volatile sig_t oldintr, oldinti; 328 FILE *fin = NULL; 329 off_t hashbytes; 330 const char *errstr; 331 ssize_t len, wlen; 332 size_t bufsize; 333 char *proxyhost = NULL; 334 #ifndef NOSSL 335 char *sslpath = NULL, *sslhost = NULL; 336 int ishttpsurl = 0; 337 #endif /* !NOSSL */ 338 #ifndef SMALL 339 char *full_host = NULL; 340 const char *scheme; 341 char *locbase; 342 struct addrinfo *ares = NULL; 343 char tmbuf[32]; 344 time_t mtime = 0; 345 struct stat stbuf; 346 struct tm lmt = { 0 }; 347 struct timespec ts[2]; 348 #endif /* !SMALL */ 349 struct tls *tls = NULL; 350 int status; 351 int save_errno; 352 const size_t buflen = 128 * 1024; 353 int chunked = 0; 354 355 direction = "received"; 356 357 newline = strdup(origline); 358 if (newline == NULL) 359 errx(1, "Can't allocate memory to parse URL"); 360 if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) { 361 host = newline + sizeof(HTTP_URL) - 1; 362 #ifndef SMALL 363 scheme = HTTP_URL; 364 #endif /* !SMALL */ 365 } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 366 host = newline + sizeof(FTP_URL) - 1; 367 isftpurl = 1; 368 #ifndef SMALL 369 scheme = FTP_URL; 370 #endif /* !SMALL */ 371 } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { 372 #ifndef NOSSL 373 host = newline + sizeof(HTTPS_URL) - 1; 374 ishttpsurl = 1; 375 #else 376 errx(1, "%s: No HTTPS support", newline); 377 #endif /* !NOSSL */ 378 #ifndef SMALL 379 scheme = HTTPS_URL; 380 #endif /* !SMALL */ 381 } else 382 errx(1, "%s: URL not permitted", newline); 383 384 path = strchr(host, '/'); /* Find path */ 385 386 /* 387 * Look for auth header in host. 388 * Basic auth from RFC 2617, valid characters for path are in 389 * RFC 3986 section 3.3. 390 */ 391 if (!isftpurl) { 392 p = strchr(host, '@'); 393 if (p != NULL && (path == NULL || p < path)) { 394 *p++ = '\0'; 395 credentials = recode_credentials(host); 396 397 /* Overwrite userinfo */ 398 memmove(host, p, strlen(p) + 1); 399 path = strchr(host, '/'); 400 } 401 } 402 403 if (EMPTYSTRING(path)) { 404 if (outfile) { /* No slash, but */ 405 path = strchr(host,'\0'); /* we have outfile. */ 406 goto noslash; 407 } 408 if (isftpurl) 409 goto noftpautologin; 410 warnx("No `/' after host (use -o): %s", origline); 411 goto cleanup_url_get; 412 } 413 *path++ = '\0'; 414 if (EMPTYSTRING(path) && !outfile) { 415 if (isftpurl) 416 goto noftpautologin; 417 warnx("No filename after host (use -o): %s", origline); 418 goto cleanup_url_get; 419 } 420 421 noslash: 422 if (outfile) 423 savefile = outfile; 424 else { 425 if (path[strlen(path) - 1] == '/') /* Consider no file */ 426 savefile = NULL; /* after dir invalid. */ 427 else { 428 pathbuf = strdup(path); 429 if (pathbuf == NULL) 430 errx(1, "Can't allocate memory for filename"); 431 savefile = basename(pathbuf); 432 } 433 } 434 435 if (EMPTYSTRING(savefile)) { 436 if (isftpurl) 437 goto noftpautologin; 438 warnx("No filename after directory (use -o): %s", origline); 439 goto cleanup_url_get; 440 } 441 442 #ifndef SMALL 443 if (resume && pipeout) { 444 warnx("can't append to stdout"); 445 goto cleanup_url_get; 446 } 447 #endif /* !SMALL */ 448 449 if (proxyenv != NULL) { /* use proxy */ 450 #ifndef NOSSL 451 if (ishttpsurl) { 452 sslpath = strdup(path); 453 sslhost = strdup(host); 454 if (! sslpath || ! sslhost) 455 errx(1, "Can't allocate memory for https path/host."); 456 } 457 #endif /* !NOSSL */ 458 proxyhost = strdup(host); 459 if (proxyhost == NULL) 460 errx(1, "Can't allocate memory for proxy host."); 461 proxyurl = strdup(proxyenv); 462 if (proxyurl == NULL) 463 errx(1, "Can't allocate memory for proxy URL."); 464 if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 465 host = proxyurl + sizeof(HTTP_URL) - 1; 466 else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) 467 host = proxyurl + sizeof(FTP_URL) - 1; 468 else { 469 warnx("Malformed proxy URL: %s", proxyenv); 470 goto cleanup_url_get; 471 } 472 if (EMPTYSTRING(host)) { 473 warnx("Malformed proxy URL: %s", proxyenv); 474 goto cleanup_url_get; 475 } 476 if (*--path == '\0') 477 *path = '/'; /* add / back to real path */ 478 path = strchr(host, '/'); /* remove trailing / on host */ 479 if (!EMPTYSTRING(path)) 480 *path++ = '\0'; /* i guess this ++ is useless */ 481 482 path = strchr(host, '@'); /* look for credentials in proxy */ 483 if (!EMPTYSTRING(path)) { 484 *path = '\0'; 485 if (strchr(host, ':') == NULL) { 486 warnx("Malformed proxy URL: %s", proxyenv); 487 goto cleanup_url_get; 488 } 489 proxy_credentials = recode_credentials(host); 490 *path = '@'; /* restore @ in proxyurl */ 491 492 /* 493 * This removes the password from proxyurl, 494 * filling with stars 495 */ 496 for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@'; 497 host++) 498 *host = '*'; 499 500 host = path + 1; 501 } 502 503 path = newline; 504 } 505 506 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 507 (hosttail[1] == '\0' || hosttail[1] == ':')) { 508 host++; 509 *hosttail++ = '\0'; 510 #ifndef SMALL 511 if (asprintf(&full_host, "[%s]", host) == -1) 512 errx(1, "Cannot allocate memory for hostname"); 513 #endif /* !SMALL */ 514 } else 515 hosttail = host; 516 517 portnum = strrchr(hosttail, ':'); /* find portnum */ 518 if (portnum != NULL) 519 *portnum++ = '\0'; 520 #ifndef NOSSL 521 port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); 522 #else /* !NOSSL */ 523 port = portnum ? portnum : httpport; 524 #endif /* !NOSSL */ 525 526 #ifndef SMALL 527 if (full_host == NULL) 528 if ((full_host = strdup(host)) == NULL) 529 errx(1, "Cannot allocate memory for hostname"); 530 if (debug) 531 fprintf(ttyout, "host %s, port %s, path %s, " 532 "save as %s, auth %s.\n", host, port, path, 533 savefile, credentials ? credentials : "none"); 534 #endif /* !SMALL */ 535 536 memset(&hints, 0, sizeof(hints)); 537 hints.ai_family = family; 538 hints.ai_socktype = SOCK_STREAM; 539 error = getaddrinfo(host, port, &hints, &res0); 540 /* 541 * If the services file is corrupt/missing, fall back 542 * on our hard-coded defines. 543 */ 544 if (error == EAI_SERVICE && port == httpport) { 545 snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); 546 error = getaddrinfo(host, pbuf, &hints, &res0); 547 #ifndef NOSSL 548 } else if (error == EAI_SERVICE && port == httpsport) { 549 snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); 550 error = getaddrinfo(host, pbuf, &hints, &res0); 551 #endif /* !NOSSL */ 552 } 553 if (error) { 554 warnx("%s: %s", host, gai_strerror(error)); 555 goto cleanup_url_get; 556 } 557 558 #ifndef SMALL 559 if (srcaddr) { 560 hints.ai_flags |= AI_NUMERICHOST; 561 error = getaddrinfo(srcaddr, NULL, &hints, &ares); 562 if (error) { 563 warnx("%s: %s", srcaddr, gai_strerror(error)); 564 goto cleanup_url_get; 565 } 566 } 567 #endif /* !SMALL */ 568 569 /* ensure consistent order of the output */ 570 if (verbose) 571 setvbuf(ttyout, NULL, _IOLBF, 0); 572 573 fd = -1; 574 for (res = res0; res; res = res->ai_next) { 575 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, 576 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) 577 strlcpy(hbuf, "(unknown)", sizeof(hbuf)); 578 if (verbose) 579 fprintf(ttyout, "Trying %s...\n", hbuf); 580 581 fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 582 if (fd == -1) { 583 cause = "socket"; 584 continue; 585 } 586 587 #ifndef SMALL 588 if (srcaddr) { 589 if (ares->ai_family != res->ai_family) { 590 close(fd); 591 fd = -1; 592 errno = EINVAL; 593 cause = "bind"; 594 continue; 595 } 596 if (bind(fd, ares->ai_addr, ares->ai_addrlen) == -1) { 597 save_errno = errno; 598 close(fd); 599 errno = save_errno; 600 fd = -1; 601 cause = "bind"; 602 continue; 603 } 604 } 605 #endif /* !SMALL */ 606 607 if (connect_timeout) { 608 (void)signal(SIGALRM, tooslow); 609 alarmtimer(connect_timeout); 610 } 611 612 for (error = connect(fd, res->ai_addr, res->ai_addrlen); 613 error != 0 && errno == EINTR; error = connect_wait(fd)) 614 continue; 615 if (error != 0) { 616 save_errno = errno; 617 close(fd); 618 errno = save_errno; 619 fd = -1; 620 cause = "connect"; 621 continue; 622 } 623 624 /* get port in numeric */ 625 if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, 626 pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) 627 port = pbuf; 628 else 629 port = NULL; 630 631 #ifndef NOSSL 632 if (proxyenv && sslhost) 633 proxy_connect(fd, sslhost, proxy_credentials); 634 #endif /* !NOSSL */ 635 break; 636 } 637 freeaddrinfo(res0); 638 #ifndef SMALL 639 if (srcaddr) 640 freeaddrinfo(ares); 641 #endif /* !SMALL */ 642 if (fd < 0) { 643 warn("%s", cause); 644 goto cleanup_url_get; 645 } 646 647 #ifndef NOSSL 648 if (ishttpsurl) { 649 ssize_t ret; 650 if (proxyenv && sslpath) { 651 ishttpsurl = 0; 652 proxyurl = NULL; 653 path = sslpath; 654 } 655 if (sslhost == NULL) { 656 sslhost = strdup(host); 657 if (sslhost == NULL) 658 errx(1, "Can't allocate memory for https host."); 659 } 660 if ((tls = tls_client()) == NULL) { 661 fprintf(ttyout, "failed to create SSL client\n"); 662 goto cleanup_url_get; 663 } 664 if (tls_configure(tls, tls_config) != 0) { 665 fprintf(ttyout, "TLS configuration failure: %s\n", 666 tls_error(tls)); 667 goto cleanup_url_get; 668 } 669 if (tls_connect_socket(tls, fd, sslhost) != 0) { 670 fprintf(ttyout, "TLS connect failure: %s\n", tls_error(tls)); 671 goto cleanup_url_get; 672 } 673 do { 674 ret = tls_handshake(tls); 675 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 676 if (ret != 0) { 677 fprintf(ttyout, "TLS handshake failure: %s\n", tls_error(tls)); 678 goto cleanup_url_get; 679 } 680 fin = funopen(tls, stdio_tls_read_wrapper, 681 stdio_tls_write_wrapper, NULL, NULL); 682 } else { 683 fin = fdopen(fd, "r+"); 684 fd = -1; 685 } 686 #else /* !NOSSL */ 687 fin = fdopen(fd, "r+"); 688 fd = -1; 689 #endif /* !NOSSL */ 690 691 #ifdef SMALL 692 if (lastfile) { 693 if (pipeout) { 694 if (pledge("stdio rpath inet dns tty", NULL) == -1) 695 err(1, "pledge"); 696 } else { 697 if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1) 698 err(1, "pledge"); 699 } 700 } 701 #endif 702 703 if (connect_timeout) { 704 signal(SIGALRM, SIG_DFL); 705 alarmtimer(0); 706 } 707 708 /* 709 * Construct and send the request. Proxy requests don't want leading /. 710 */ 711 #ifndef NOSSL 712 cookie_get(host, path, ishttpsurl, &buf); 713 #endif /* !NOSSL */ 714 715 epath = url_encode(path); 716 if (proxyurl) { 717 if (verbose) { 718 fprintf(ttyout, "Requesting %s (via %s)\n", 719 origline, proxyurl); 720 } 721 /* 722 * Host: directive must use the destination host address for 723 * the original URI (path). 724 */ 725 ftp_printf(fin, "GET %s HTTP/1.1\r\n" 726 "Connection: close\r\n" 727 "Host: %s\r\n%s%s\r\n", 728 epath, proxyhost, buf ? buf : "", httpuseragent); 729 if (credentials) 730 ftp_printf(fin, "Authorization: Basic %s\r\n", 731 credentials); 732 if (proxy_credentials) 733 ftp_printf(fin, "Proxy-Authorization: Basic %s\r\n", 734 proxy_credentials); 735 ftp_printf(fin, "\r\n"); 736 } else { 737 if (verbose) 738 fprintf(ttyout, "Requesting %s\n", origline); 739 #ifndef SMALL 740 if (resume || timestamp) { 741 if (stat(savefile, &stbuf) == 0) { 742 if (resume) 743 restart_point = stbuf.st_size; 744 if (timestamp) 745 mtime = stbuf.st_mtime; 746 } else { 747 restart_point = 0; 748 mtime = 0; 749 } 750 } 751 #endif /* SMALL */ 752 ftp_printf(fin, 753 "GET /%s HTTP/1.1\r\n" 754 "Connection: close\r\n" 755 "Host: ", epath); 756 if (proxyhost) { 757 ftp_printf(fin, "%s", proxyhost); 758 port = NULL; 759 } else if (strchr(host, ':')) { 760 /* 761 * strip off scoped address portion, since it's 762 * local to node 763 */ 764 h = strdup(host); 765 if (h == NULL) 766 errx(1, "Can't allocate memory."); 767 if ((p = strchr(h, '%')) != NULL) 768 *p = '\0'; 769 ftp_printf(fin, "[%s]", h); 770 free(h); 771 } else 772 ftp_printf(fin, "%s", host); 773 774 /* 775 * Send port number only if it's specified and does not equal 776 * 80. Some broken HTTP servers get confused if you explicitly 777 * send them the port number. 778 */ 779 #ifndef NOSSL 780 if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) 781 ftp_printf(fin, ":%s", port); 782 if (restart_point) 783 ftp_printf(fin, "\r\nRange: bytes=%lld-", 784 (long long)restart_point); 785 #else /* !NOSSL */ 786 if (port && strcmp(port, "80") != 0) 787 ftp_printf(fin, ":%s", port); 788 #endif /* !NOSSL */ 789 790 #ifndef SMALL 791 if (mtime && (http_time(mtime, tmbuf, sizeof(tmbuf)) != 0)) 792 ftp_printf(fin, "\r\nIf-Modified-Since: %s", tmbuf); 793 #endif /* SMALL */ 794 795 ftp_printf(fin, "\r\n%s%s\r\n", 796 buf ? buf : "", httpuseragent); 797 if (credentials) 798 ftp_printf(fin, "Authorization: Basic %s\r\n", 799 credentials); 800 ftp_printf(fin, "\r\n"); 801 } 802 free(epath); 803 804 #ifndef NOSSL 805 free(buf); 806 #endif /* !NOSSL */ 807 buf = NULL; 808 bufsize = 0; 809 810 if (fflush(fin) == EOF) { 811 warnx("Writing HTTP request: %s", sockerror(tls)); 812 goto cleanup_url_get; 813 } 814 if ((len = getline(&buf, &bufsize, fin)) == -1) { 815 warnx("Receiving HTTP reply: %s", sockerror(tls)); 816 goto cleanup_url_get; 817 } 818 819 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 820 buf[--len] = '\0'; 821 #ifndef SMALL 822 if (debug) 823 fprintf(ttyout, "received '%s'\n", buf); 824 #endif /* !SMALL */ 825 826 cp = strchr(buf, ' '); 827 if (cp == NULL) 828 goto improper; 829 else 830 cp++; 831 832 strlcpy(ststr, cp, sizeof(ststr)); 833 status = strtonum(ststr, 200, 503, &errstr); 834 if (errstr) { 835 strnvis(gerror, cp, sizeof gerror, VIS_SAFE); 836 warnx("Error retrieving %s: %s", origline, gerror); 837 goto cleanup_url_get; 838 } 839 840 switch (status) { 841 case 200: /* OK */ 842 #ifndef SMALL 843 /* 844 * When we request a partial file, and we receive an HTTP 200 845 * it is a good indication that the server doesn't support 846 * range requests, and is about to send us the entire file. 847 * If the restart_point == 0, then we are not actually 848 * requesting a partial file, and an HTTP 200 is appropriate. 849 */ 850 if (resume && restart_point != 0) { 851 warnx("Server does not support resume."); 852 restart_point = resume = 0; 853 } 854 /* FALLTHROUGH */ 855 case 206: /* Partial Content */ 856 #endif /* !SMALL */ 857 break; 858 case 301: /* Moved Permanently */ 859 case 302: /* Found */ 860 case 303: /* See Other */ 861 case 307: /* Temporary Redirect */ 862 case 308: /* Permanent Redirect (RFC 7538) */ 863 isredirect++; 864 if (redirect_loop++ > 10) { 865 warnx("Too many redirections requested"); 866 goto cleanup_url_get; 867 } 868 break; 869 #ifndef SMALL 870 case 304: /* Not Modified */ 871 warnx("File is not modified on the server"); 872 goto cleanup_url_get; 873 case 416: /* Requested Range Not Satisfiable */ 874 warnx("File is already fully retrieved."); 875 goto cleanup_url_get; 876 #endif /* !SMALL */ 877 case 503: 878 isunavail = 1; 879 break; 880 default: 881 strnvis(gerror, cp, sizeof gerror, VIS_SAFE); 882 warnx("Error retrieving %s: %s", origline, gerror); 883 goto cleanup_url_get; 884 } 885 886 /* 887 * Read the rest of the header. 888 */ 889 filesize = -1; 890 891 for (;;) { 892 if ((len = getline(&buf, &bufsize, fin)) == -1) { 893 warnx("Receiving HTTP reply: %s", sockerror(tls)); 894 goto cleanup_url_get; 895 } 896 897 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 898 buf[--len] = '\0'; 899 if (len == 0) 900 break; 901 #ifndef SMALL 902 if (debug) 903 fprintf(ttyout, "received '%s'\n", buf); 904 #endif /* !SMALL */ 905 906 /* Look for some headers */ 907 cp = buf; 908 #define CONTENTLEN "Content-Length: " 909 if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { 910 size_t s; 911 cp += sizeof(CONTENTLEN) - 1; 912 if ((s = strcspn(cp, " \t"))) 913 *(cp+s) = 0; 914 filesize = strtonum(cp, 0, LLONG_MAX, &errstr); 915 if (errstr != NULL) 916 goto improper; 917 #ifndef SMALL 918 if (restart_point) 919 filesize += restart_point; 920 #endif /* !SMALL */ 921 #define LOCATION "Location: " 922 } else if (isredirect && 923 strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { 924 cp += sizeof(LOCATION) - 1; 925 /* 926 * If there is a colon before the first slash, this URI 927 * is not relative. RFC 3986 4.2 928 */ 929 if (cp[strcspn(cp, ":/")] != ':') { 930 #ifdef SMALL 931 errx(1, "Relative redirect not supported"); 932 #else /* SMALL */ 933 /* XXX doesn't handle protocol-relative URIs */ 934 if (*cp == '/') { 935 locbase = NULL; 936 cp++; 937 } else { 938 locbase = strdup(path); 939 if (locbase == NULL) 940 errx(1, "Can't allocate memory" 941 " for location base"); 942 loctail = strchr(locbase, '#'); 943 if (loctail != NULL) 944 *loctail = '\0'; 945 loctail = strchr(locbase, '?'); 946 if (loctail != NULL) 947 *loctail = '\0'; 948 loctail = strrchr(locbase, '/'); 949 if (loctail == NULL) { 950 free(locbase); 951 locbase = NULL; 952 } else 953 loctail[1] = '\0'; 954 } 955 /* Contruct URL from relative redirect */ 956 if (asprintf(&redirurl, "%s%s%s%s/%s%s", 957 scheme, full_host, 958 portnum ? ":" : "", 959 portnum ? portnum : "", 960 locbase ? locbase : "", 961 cp) == -1) 962 errx(1, "Cannot build " 963 "redirect URL"); 964 free(locbase); 965 #endif /* SMALL */ 966 } else if ((redirurl = strdup(cp)) == NULL) 967 errx(1, "Cannot allocate memory for URL"); 968 loctail = strchr(redirurl, '#'); 969 if (loctail != NULL) 970 *loctail = '\0'; 971 if (verbose) 972 fprintf(ttyout, "Redirected to %s\n", redirurl); 973 ftp_close(&fin, &tls, &fd); 974 rval = url_get(redirurl, proxyenv, savefile, lastfile); 975 free(redirurl); 976 goto cleanup_url_get; 977 #define RETRYAFTER "Retry-After: " 978 } else if (isunavail && 979 strncasecmp(cp, RETRYAFTER, sizeof(RETRYAFTER) - 1) == 0) { 980 size_t s; 981 cp += sizeof(RETRYAFTER) - 1; 982 if ((s = strcspn(cp, " \t"))) 983 cp[s] = '\0'; 984 retryafter = strtonum(cp, 0, 0, &errstr); 985 if (errstr != NULL) 986 retryafter = -1; 987 #define TRANSFER_ENCODING "Transfer-Encoding: " 988 } else if (strncasecmp(cp, TRANSFER_ENCODING, 989 sizeof(TRANSFER_ENCODING) - 1) == 0) { 990 cp += sizeof(TRANSFER_ENCODING) - 1; 991 cp[strcspn(cp, " \t")] = '\0'; 992 if (strcasecmp(cp, "chunked") == 0) 993 chunked = 1; 994 #ifndef SMALL 995 #define LAST_MODIFIED "Last-Modified: " 996 } else if (strncasecmp(cp, LAST_MODIFIED, 997 sizeof(LAST_MODIFIED) - 1) == 0) { 998 cp += sizeof(LAST_MODIFIED) - 1; 999 cp[strcspn(cp, "\t")] = '\0'; 1000 if (strptime(cp, "%a, %d %h %Y %T %Z", &lmt) == NULL) 1001 server_timestamps = 0; 1002 #endif /* !SMALL */ 1003 } 1004 } 1005 free(buf); 1006 buf = NULL; 1007 1008 /* Content-Length should be ignored for Transfer-Encoding: chunked */ 1009 if (chunked) 1010 filesize = -1; 1011 1012 if (isunavail) { 1013 if (retried || retryafter != 0) 1014 warnx("Error retrieving %s: 503 Service Unavailable", 1015 origline); 1016 else { 1017 if (verbose) 1018 fprintf(ttyout, "Retrying %s\n", origline); 1019 retried = 1; 1020 ftp_close(&fin, &tls, &fd); 1021 rval = url_get(origline, proxyenv, savefile, lastfile); 1022 } 1023 goto cleanup_url_get; 1024 } 1025 1026 /* Open the output file. */ 1027 if (!pipeout) { 1028 #ifndef SMALL 1029 if (resume) 1030 out = open(savefile, O_CREAT | O_WRONLY | O_APPEND, 1031 0666); 1032 else 1033 #endif /* !SMALL */ 1034 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 1035 0666); 1036 if (out == -1) { 1037 warn("Can't open %s", savefile); 1038 goto cleanup_url_get; 1039 } 1040 } else { 1041 out = fileno(stdout); 1042 #ifdef SMALL 1043 if (lastfile) { 1044 if (pledge("stdio tty", NULL) == -1) 1045 err(1, "pledge"); 1046 } 1047 #endif 1048 } 1049 1050 if ((buf = malloc(buflen)) == NULL) 1051 errx(1, "Can't allocate memory for transfer buffer"); 1052 1053 /* Trap signals */ 1054 oldintr = NULL; 1055 oldinti = NULL; 1056 if (setjmp(httpabort)) { 1057 if (oldintr) 1058 (void)signal(SIGINT, oldintr); 1059 if (oldinti) 1060 (void)signal(SIGINFO, oldinti); 1061 goto cleanup_url_get; 1062 } 1063 oldintr = signal(SIGINT, aborthttp); 1064 1065 bytes = 0; 1066 hashbytes = mark; 1067 progressmeter(-1, path); 1068 1069 /* Finally, suck down the file. */ 1070 oldinti = signal(SIGINFO, psummary); 1071 if (chunked) { 1072 error = save_chunked(fin, tls, out, buf, buflen); 1073 signal(SIGINT, oldintr); 1074 signal(SIGINFO, oldinti); 1075 if (error == -1) 1076 goto cleanup_url_get; 1077 } else { 1078 while ((len = fread(buf, 1, buflen, fin)) > 0) { 1079 bytes += len; 1080 for (cp = buf; len > 0; len -= wlen, cp += wlen) { 1081 if ((wlen = write(out, cp, len)) == -1) { 1082 warn("Writing %s", savefile); 1083 signal(SIGINT, oldintr); 1084 signal(SIGINFO, oldinti); 1085 goto cleanup_url_get; 1086 } 1087 } 1088 if (hash && !progress) { 1089 while (bytes >= hashbytes) { 1090 (void)putc('#', ttyout); 1091 hashbytes += mark; 1092 } 1093 (void)fflush(ttyout); 1094 } 1095 } 1096 save_errno = errno; 1097 signal(SIGINT, oldintr); 1098 signal(SIGINFO, oldinti); 1099 if (hash && !progress && bytes > 0) { 1100 if (bytes < mark) 1101 (void)putc('#', ttyout); 1102 (void)putc('\n', ttyout); 1103 (void)fflush(ttyout); 1104 } 1105 if (len == 0 && ferror(fin)) { 1106 errno = save_errno; 1107 warnx("Reading from socket: %s", sockerror(tls)); 1108 goto cleanup_url_get; 1109 } 1110 } 1111 progressmeter(1, NULL); 1112 if ( 1113 #ifndef SMALL 1114 !resume && 1115 #endif /* !SMALL */ 1116 filesize != -1 && len == 0 && bytes != filesize) { 1117 if (verbose) 1118 fputs("Read short file.\n", ttyout); 1119 goto cleanup_url_get; 1120 } 1121 1122 if (verbose) 1123 ptransfer(0); 1124 1125 rval = 0; 1126 goto cleanup_url_get; 1127 1128 noftpautologin: 1129 warnx( 1130 "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); 1131 goto cleanup_url_get; 1132 1133 improper: 1134 warnx("Improper response from %s", host); 1135 1136 cleanup_url_get: 1137 #ifndef SMALL 1138 free(full_host); 1139 #endif /* !SMALL */ 1140 #ifndef NOSSL 1141 free(sslhost); 1142 #endif /* !NOSSL */ 1143 ftp_close(&fin, &tls, &fd); 1144 if (out >= 0 && out != fileno(stdout)) { 1145 #ifndef SMALL 1146 if (server_timestamps && lmt.tm_zone != 0 && 1147 fstat(out, &stbuf) == 0 && S_ISREG(stbuf.st_mode) != 0) { 1148 ts[0].tv_nsec = UTIME_NOW; 1149 ts[1].tv_nsec = 0; 1150 setenv("TZ", lmt.tm_zone, 1); 1151 if (((ts[1].tv_sec = mktime(&lmt)) != -1) && 1152 (futimens(out, ts) == -1)) 1153 warnx("Unable to set file modification time"); 1154 } 1155 #endif /* !SMALL */ 1156 close(out); 1157 } 1158 free(buf); 1159 free(pathbuf); 1160 free(proxyhost); 1161 free(proxyurl); 1162 free(newline); 1163 free(credentials); 1164 free(proxy_credentials); 1165 return (rval); 1166 } 1167 1168 static int 1169 save_chunked(FILE *fin, struct tls *tls, int out, char *buf, size_t buflen) 1170 { 1171 1172 char *header = NULL, *end, *cp; 1173 unsigned long chunksize; 1174 size_t hsize = 0, rlen, wlen; 1175 ssize_t written; 1176 char cr, lf; 1177 1178 for (;;) { 1179 if (getline(&header, &hsize, fin) == -1) 1180 break; 1181 /* strip CRLF and any optional chunk extension */ 1182 header[strcspn(header, ";\r\n")] = '\0'; 1183 errno = 0; 1184 chunksize = strtoul(header, &end, 16); 1185 if (errno || header[0] == '\0' || *end != '\0' || 1186 chunksize > INT_MAX) { 1187 warnx("Invalid chunk size '%s'", header); 1188 free(header); 1189 return -1; 1190 } 1191 1192 if (chunksize == 0) { 1193 /* We're done. Ignore optional trailer. */ 1194 free(header); 1195 return 0; 1196 } 1197 1198 for (written = 0; chunksize != 0; chunksize -= rlen) { 1199 rlen = (chunksize < buflen) ? chunksize : buflen; 1200 rlen = fread(buf, 1, rlen, fin); 1201 if (rlen == 0) 1202 break; 1203 bytes += rlen; 1204 for (cp = buf, wlen = rlen; wlen > 0; 1205 wlen -= written, cp += written) { 1206 if ((written = write(out, cp, wlen)) == -1) { 1207 warn("Writing output file"); 1208 free(header); 1209 return -1; 1210 } 1211 } 1212 } 1213 1214 if (rlen == 0 || 1215 fread(&cr, 1, 1, fin) != 1 || 1216 fread(&lf, 1, 1, fin) != 1) 1217 break; 1218 1219 if (cr != '\r' || lf != '\n') { 1220 warnx("Invalid chunked encoding"); 1221 free(header); 1222 return -1; 1223 } 1224 } 1225 free(header); 1226 1227 if (ferror(fin)) 1228 warnx("Error while reading from socket: %s", sockerror(tls)); 1229 else 1230 warnx("Invalid chunked encoding: short read"); 1231 1232 return -1; 1233 } 1234 1235 /* 1236 * Abort a http retrieval 1237 */ 1238 /* ARGSUSED */ 1239 static void 1240 aborthttp(int signo) 1241 { 1242 const char errmsg[] = "\nfetch aborted.\n"; 1243 1244 alarmtimer(0); 1245 write(fileno(ttyout), errmsg, sizeof(errmsg) - 1); 1246 longjmp(httpabort, 1); 1247 } 1248 1249 /* 1250 * Retrieve multiple files from the command line, transferring 1251 * files of the form "host:path", "ftp://host/path" using the 1252 * ftp protocol, and files of the form "http://host/path" using 1253 * the http protocol. 1254 * If path has a trailing "/", then return (-1); 1255 * the path will be cd-ed into and the connection remains open, 1256 * and the function will return -1 (to indicate the connection 1257 * is alive). 1258 * If an error occurs the return value will be the offset+1 in 1259 * argv[] of the file that caused a problem (i.e, argv[x] 1260 * returns x+1) 1261 * Otherwise, 0 is returned if all files retrieved successfully. 1262 */ 1263 int 1264 auto_fetch(int argc, char *argv[], char *outfile) 1265 { 1266 char *xargv[5]; 1267 char *cp, *url, *host, *dir, *file, *portnum; 1268 char *username, *pass, *pathstart; 1269 char *ftpproxy, *httpproxy; 1270 int rval, xargc, lastfile; 1271 volatile int argpos; 1272 int dirhasglob, filehasglob, oautologin; 1273 char rempath[PATH_MAX]; 1274 1275 argpos = 0; 1276 1277 if (setjmp(toplevel)) { 1278 if (connected) 1279 disconnect(0, NULL); 1280 return (argpos + 1); 1281 } 1282 (void)signal(SIGINT, (sig_t)intr); 1283 (void)signal(SIGPIPE, (sig_t)lostpeer); 1284 1285 if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0') 1286 ftpproxy = NULL; 1287 if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0') 1288 httpproxy = NULL; 1289 1290 /* 1291 * Loop through as long as there's files to fetch. 1292 */ 1293 username = pass = NULL; 1294 for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) { 1295 if (strchr(argv[argpos], ':') == NULL) 1296 break; 1297 1298 free(username); 1299 free(pass); 1300 host = dir = file = portnum = username = pass = NULL; 1301 1302 lastfile = (argv[argpos+1] == NULL); 1303 1304 /* 1305 * We muck with the string, so we make a copy. 1306 */ 1307 url = strdup(argv[argpos]); 1308 if (url == NULL) 1309 errx(1, "Can't allocate memory for auto-fetch."); 1310 1311 if (strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 1312 if (file_get(url + sizeof(FILE_URL) - 1, outfile) == -1) 1313 rval = argpos + 1; 1314 continue; 1315 } 1316 1317 /* 1318 * Try HTTP URL-style arguments next. 1319 */ 1320 if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1321 strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0) { 1322 redirect_loop = 0; 1323 retried = 0; 1324 if (url_get(url, httpproxy, outfile, lastfile) == -1) 1325 rval = argpos + 1; 1326 continue; 1327 } 1328 1329 /* 1330 * Try FTP URL-style arguments next. If ftpproxy is 1331 * set, use url_get() instead of standard ftp. 1332 * Finally, try host:file. 1333 */ 1334 host = url; 1335 if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 1336 char *passend, *passagain, *userend; 1337 1338 if (ftpproxy) { 1339 if (url_get(url, ftpproxy, outfile, lastfile) == -1) 1340 rval = argpos + 1; 1341 continue; 1342 } 1343 host += sizeof(FTP_URL) - 1; 1344 dir = strchr(host, '/'); 1345 1346 /* Look for [user:pass@]host[:port] */ 1347 1348 /* check if we have "user:pass@" */ 1349 userend = strchr(host, ':'); 1350 passend = strchr(host, '@'); 1351 if (passend && userend && userend < passend && 1352 (!dir || passend < dir)) { 1353 username = host; 1354 pass = userend + 1; 1355 host = passend + 1; 1356 *userend = *passend = '\0'; 1357 passagain = strchr(host, '@'); 1358 if (strchr(pass, '@') != NULL || 1359 (passagain != NULL && passagain < dir)) { 1360 warnx(at_encoding_warning); 1361 username = pass = NULL; 1362 goto bad_ftp_url; 1363 } 1364 1365 if (EMPTYSTRING(username)) { 1366 bad_ftp_url: 1367 warnx("Invalid URL: %s", argv[argpos]); 1368 rval = argpos + 1; 1369 username = pass = NULL; 1370 continue; 1371 } 1372 username = urldecode(username); 1373 pass = urldecode(pass); 1374 } 1375 1376 /* check [host]:port, or [host] */ 1377 if (host[0] == '[') { 1378 cp = strchr(host, ']'); 1379 if (cp && (!dir || cp < dir)) { 1380 if (cp + 1 == dir || cp[1] == ':') { 1381 host++; 1382 *cp++ = '\0'; 1383 } else 1384 cp = NULL; 1385 } else 1386 cp = host; 1387 } else 1388 cp = host; 1389 1390 /* split off host[:port] if there is */ 1391 if (cp) { 1392 portnum = strchr(cp, ':'); 1393 pathstart = strchr(cp, '/'); 1394 /* : in path is not a port # indicator */ 1395 if (portnum && pathstart && 1396 pathstart < portnum) 1397 portnum = NULL; 1398 1399 if (!portnum) 1400 ; 1401 else { 1402 if (!dir) 1403 ; 1404 else if (portnum + 1 < dir) { 1405 *portnum++ = '\0'; 1406 /* 1407 * XXX should check if portnum 1408 * is decimal number 1409 */ 1410 } else { 1411 /* empty portnum */ 1412 goto bad_ftp_url; 1413 } 1414 } 1415 } else 1416 portnum = NULL; 1417 } else { /* classic style `host:file' */ 1418 dir = strchr(host, ':'); 1419 } 1420 if (EMPTYSTRING(host)) { 1421 rval = argpos + 1; 1422 continue; 1423 } 1424 1425 /* 1426 * If dir is NULL, the file wasn't specified 1427 * (URL looked something like ftp://host) 1428 */ 1429 if (dir != NULL) 1430 *dir++ = '\0'; 1431 1432 /* 1433 * Extract the file and (if present) directory name. 1434 */ 1435 if (!EMPTYSTRING(dir)) { 1436 cp = strrchr(dir, '/'); 1437 if (cp != NULL) { 1438 *cp++ = '\0'; 1439 file = cp; 1440 } else { 1441 file = dir; 1442 dir = NULL; 1443 } 1444 } 1445 #ifndef SMALL 1446 if (debug) 1447 fprintf(ttyout, 1448 "user %s:%s host %s port %s dir %s file %s\n", 1449 username, pass ? "XXXX" : NULL, host, portnum, 1450 dir, file); 1451 #endif /* !SMALL */ 1452 1453 /* 1454 * Set up the connection. 1455 */ 1456 if (connected) 1457 disconnect(0, NULL); 1458 xargv[0] = __progname; 1459 xargv[1] = host; 1460 xargv[2] = NULL; 1461 xargc = 2; 1462 if (!EMPTYSTRING(portnum)) { 1463 xargv[2] = portnum; 1464 xargv[3] = NULL; 1465 xargc = 3; 1466 } 1467 oautologin = autologin; 1468 if (username == NULL) 1469 anonftp = 1; 1470 else { 1471 anonftp = 0; 1472 autologin = 0; 1473 } 1474 setpeer(xargc, xargv); 1475 autologin = oautologin; 1476 if (connected == 0 || 1477 (connected == 1 && autologin && (username == NULL || 1478 !ftp_login(host, username, pass)))) { 1479 warnx("Can't connect or login to host `%s'", host); 1480 rval = argpos + 1; 1481 continue; 1482 } 1483 1484 /* Always use binary transfers. */ 1485 setbinary(0, NULL); 1486 1487 dirhasglob = filehasglob = 0; 1488 if (doglob) { 1489 if (!EMPTYSTRING(dir) && 1490 strpbrk(dir, "*?[]{}") != NULL) 1491 dirhasglob = 1; 1492 if (!EMPTYSTRING(file) && 1493 strpbrk(file, "*?[]{}") != NULL) 1494 filehasglob = 1; 1495 } 1496 1497 /* Change directories, if necessary. */ 1498 if (!EMPTYSTRING(dir) && !dirhasglob) { 1499 xargv[0] = "cd"; 1500 xargv[1] = dir; 1501 xargv[2] = NULL; 1502 cd(2, xargv); 1503 if (!dirchange) { 1504 rval = argpos + 1; 1505 continue; 1506 } 1507 } 1508 1509 if (EMPTYSTRING(file)) { 1510 #ifndef SMALL 1511 rval = -1; 1512 #else /* !SMALL */ 1513 recvrequest("NLST", "-", NULL, "w", 0, 0); 1514 rval = 0; 1515 #endif /* !SMALL */ 1516 continue; 1517 } 1518 1519 if (verbose) 1520 fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file); 1521 1522 if (dirhasglob) { 1523 snprintf(rempath, sizeof(rempath), "%s/%s", dir, file); 1524 file = rempath; 1525 } 1526 1527 /* Fetch the file(s). */ 1528 xargc = 2; 1529 xargv[0] = "get"; 1530 xargv[1] = file; 1531 xargv[2] = NULL; 1532 if (dirhasglob || filehasglob) { 1533 int ointeractive; 1534 1535 ointeractive = interactive; 1536 interactive = 0; 1537 xargv[0] = "mget"; 1538 #ifndef SMALL 1539 if (resume) { 1540 xargc = 3; 1541 xargv[1] = "-c"; 1542 xargv[2] = file; 1543 xargv[3] = NULL; 1544 } 1545 #endif /* !SMALL */ 1546 mget(xargc, xargv); 1547 interactive = ointeractive; 1548 } else { 1549 if (outfile != NULL) { 1550 xargv[2] = outfile; 1551 xargv[3] = NULL; 1552 xargc++; 1553 } 1554 #ifndef SMALL 1555 if (resume) 1556 reget(xargc, xargv); 1557 else 1558 #endif /* !SMALL */ 1559 get(xargc, xargv); 1560 } 1561 1562 if ((code / 100) != COMPLETE) 1563 rval = argpos + 1; 1564 } 1565 if (connected && rval != -1) 1566 disconnect(0, NULL); 1567 return (rval); 1568 } 1569 1570 char * 1571 urldecode(const char *str) 1572 { 1573 char *ret, c; 1574 int i, reallen; 1575 1576 if (str == NULL) 1577 return NULL; 1578 if ((ret = malloc(strlen(str) + 1)) == NULL) 1579 err(1, "Can't allocate memory for URL decoding"); 1580 for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) { 1581 c = str[i]; 1582 if (c == '+') { 1583 *ret = ' '; 1584 continue; 1585 } 1586 1587 /* Cannot use strtol here because next char 1588 * after %xx may be a digit. 1589 */ 1590 if (c == '%' && isxdigit((unsigned char)str[i + 1]) && 1591 isxdigit((unsigned char)str[i + 2])) { 1592 *ret = hextochar(&str[i + 1]); 1593 i += 2; 1594 continue; 1595 } 1596 *ret = c; 1597 } 1598 *ret = '\0'; 1599 1600 return ret - reallen; 1601 } 1602 1603 static char * 1604 recode_credentials(const char *userinfo) 1605 { 1606 char *ui, *creds; 1607 size_t ulen, credsize; 1608 1609 /* url-decode the user and pass */ 1610 ui = urldecode(userinfo); 1611 1612 ulen = strlen(ui); 1613 credsize = (ulen + 2) / 3 * 4 + 1; 1614 creds = malloc(credsize); 1615 if (creds == NULL) 1616 errx(1, "out of memory"); 1617 if (b64_ntop(ui, ulen, creds, credsize) == -1) 1618 errx(1, "error in base64 encoding"); 1619 free(ui); 1620 return (creds); 1621 } 1622 1623 static char 1624 hextochar(const char *str) 1625 { 1626 unsigned char c, ret; 1627 1628 c = str[0]; 1629 ret = c; 1630 if (isalpha(c)) 1631 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1632 else 1633 ret -= '0'; 1634 ret *= 16; 1635 1636 c = str[1]; 1637 ret += c; 1638 if (isalpha(c)) 1639 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1640 else 1641 ret -= '0'; 1642 return ret; 1643 } 1644 1645 int 1646 isurl(const char *p) 1647 { 1648 1649 if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || 1650 strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1651 #ifndef NOSSL 1652 strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || 1653 #endif /* !NOSSL */ 1654 strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || 1655 strstr(p, ":/")) 1656 return (1); 1657 return (0); 1658 } 1659 1660 #ifndef SMALL 1661 static int 1662 ftp_printf(FILE *fp, const char *fmt, ...) 1663 { 1664 va_list ap; 1665 int ret; 1666 1667 va_start(ap, fmt); 1668 ret = vfprintf(fp, fmt, ap); 1669 va_end(ap); 1670 1671 if (debug) { 1672 va_start(ap, fmt); 1673 vfprintf(ttyout, fmt, ap); 1674 va_end(ap); 1675 } 1676 1677 return ret; 1678 } 1679 #endif /* !SMALL */ 1680 1681 static void 1682 ftp_close(FILE **fin, struct tls **tls, int *fd) 1683 { 1684 #ifndef NOSSL 1685 int ret; 1686 1687 if (*tls != NULL) { 1688 if (tls_session_fd != -1) 1689 dprintf(STDERR_FILENO, "tls session resumed: %s\n", 1690 tls_conn_session_resumed(*tls) ? "yes" : "no"); 1691 do { 1692 ret = tls_close(*tls); 1693 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1694 tls_free(*tls); 1695 *tls = NULL; 1696 } 1697 if (*fd != -1) { 1698 close(*fd); 1699 *fd = -1; 1700 } 1701 #endif 1702 if (*fin != NULL) { 1703 fclose(*fin); 1704 *fin = NULL; 1705 } 1706 } 1707 1708 static const char * 1709 sockerror(struct tls *tls) 1710 { 1711 int save_errno = errno; 1712 #ifndef NOSSL 1713 if (tls != NULL) { 1714 const char *tlserr = tls_error(tls); 1715 if (tlserr != NULL) 1716 return tlserr; 1717 } 1718 #endif 1719 return strerror(save_errno); 1720 } 1721 1722 #ifndef NOSSL 1723 static int 1724 proxy_connect(int socket, char *host, char *cookie) 1725 { 1726 int l; 1727 char buf[1024]; 1728 char *connstr, *hosttail, *port; 1729 1730 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 1731 (hosttail[1] == '\0' || hosttail[1] == ':')) { 1732 host++; 1733 *hosttail++ = '\0'; 1734 } else 1735 hosttail = host; 1736 1737 port = strrchr(hosttail, ':'); /* find portnum */ 1738 if (port != NULL) 1739 *port++ = '\0'; 1740 if (!port) 1741 port = "443"; 1742 1743 if (cookie) { 1744 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n" 1745 "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n", 1746 host, port, cookie, HTTP_USER_AGENT); 1747 } else { 1748 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n", 1749 host, port, HTTP_USER_AGENT); 1750 } 1751 1752 if (l == -1) 1753 errx(1, "Could not allocate memory to assemble connect string!"); 1754 #ifndef SMALL 1755 if (debug) 1756 printf("%s", connstr); 1757 #endif /* !SMALL */ 1758 if (write(socket, connstr, l) != l) 1759 err(1, "Could not send connect string"); 1760 read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */ 1761 free(connstr); 1762 return(200); 1763 } 1764 1765 static int 1766 stdio_tls_write_wrapper(void *arg, const char *buf, int len) 1767 { 1768 struct tls *tls = arg; 1769 ssize_t ret; 1770 1771 do { 1772 ret = tls_write(tls, buf, len); 1773 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1774 1775 return ret; 1776 } 1777 1778 static int 1779 stdio_tls_read_wrapper(void *arg, char *buf, int len) 1780 { 1781 struct tls *tls = arg; 1782 ssize_t ret; 1783 1784 do { 1785 ret = tls_read(tls, buf, len); 1786 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1787 1788 return ret; 1789 } 1790 #endif /* !NOSSL */ 1791