1 /* $NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Luke Mewburn. 9 * 10 * This code is derived from software contributed to The NetBSD Foundation 11 * by Scott Aaron Bamford. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 23 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 24 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 25 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 26 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32 * POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 #ifndef lint 37 __RCSID("$NetBSD: fetch.c,v 1.206 2014/10/26 16:21:59 christos Exp $"); 38 #endif /* not lint */ 39 40 /* 41 * FTP User Program -- Command line file retrieval 42 */ 43 44 #include <sys/types.h> 45 #include <sys/param.h> 46 #include <sys/socket.h> 47 #include <sys/stat.h> 48 #include <sys/time.h> 49 50 #include <netinet/in.h> 51 52 #include <arpa/ftp.h> 53 #include <arpa/inet.h> 54 55 #include <assert.h> 56 #include <ctype.h> 57 #include <err.h> 58 #include <errno.h> 59 #include <netdb.h> 60 #include <fcntl.h> 61 #include <stdio.h> 62 #include <stdlib.h> 63 #include <string.h> 64 #include <unistd.h> 65 #include <time.h> 66 67 #include "ssl.h" 68 #include "ftp_var.h" 69 #include "version.h" 70 71 typedef enum { 72 UNKNOWN_URL_T=-1, 73 HTTP_URL_T, 74 #ifdef WITH_SSL 75 HTTPS_URL_T, 76 #endif 77 FTP_URL_T, 78 FILE_URL_T, 79 CLASSIC_URL_T 80 } url_t; 81 82 __dead static void aborthttp(int); 83 __dead static void timeouthttp(int); 84 #ifndef NO_AUTH 85 static int auth_url(const char *, char **, const char *, const char *); 86 static void base64_encode(const unsigned char *, size_t, unsigned char *); 87 #endif 88 static int go_fetch(const char *); 89 static int fetch_ftp(const char *); 90 static int fetch_url(const char *, const char *, char *, char *); 91 static const char *match_token(const char **, const char *); 92 static int parse_url(const char *, const char *, url_t *, char **, 93 char **, char **, char **, in_port_t *, char **); 94 static void url_decode(char *); 95 96 static int redirect_loop; 97 98 99 #define STRNEQUAL(a,b) (strncasecmp((a), (b), sizeof((b))-1) == 0) 100 #define ISLWS(x) ((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t') 101 #define SKIPLWS(x) do { while (ISLWS((*x))) x++; } while (0) 102 103 104 #define ABOUT_URL "about:" /* propaganda */ 105 #define FILE_URL "file://" /* file URL prefix */ 106 #define FTP_URL "ftp://" /* ftp URL prefix */ 107 #define HTTP_URL "http://" /* http URL prefix */ 108 #ifdef WITH_SSL 109 #define HTTPS_URL "https://" /* https URL prefix */ 110 111 #define IS_HTTP_TYPE(urltype) \ 112 (((urltype) == HTTP_URL_T) || ((urltype) == HTTPS_URL_T)) 113 #else 114 #define IS_HTTP_TYPE(urltype) \ 115 ((urltype) == HTTP_URL_T) 116 #endif 117 118 /* 119 * Determine if token is the next word in buf (case insensitive). 120 * If so, advance buf past the token and any trailing LWS, and 121 * return a pointer to the token (in buf). Otherwise, return NULL. 122 * token may be preceded by LWS. 123 * token must be followed by LWS or NUL. (I.e, don't partial match). 124 */ 125 static const char * 126 match_token(const char **buf, const char *token) 127 { 128 const char *p, *orig; 129 size_t tlen; 130 131 tlen = strlen(token); 132 p = *buf; 133 SKIPLWS(p); 134 orig = p; 135 if (strncasecmp(p, token, tlen) != 0) 136 return NULL; 137 p += tlen; 138 if (*p != '\0' && !ISLWS(*p)) 139 return NULL; 140 SKIPLWS(p); 141 orig = *buf; 142 *buf = p; 143 return orig; 144 } 145 146 #ifndef NO_AUTH 147 /* 148 * Generate authorization response based on given authentication challenge. 149 * Returns -1 if an error occurred, otherwise 0. 150 * Sets response to a malloc(3)ed string; caller should free. 151 */ 152 static int 153 auth_url(const char *challenge, char **response, const char *guser, 154 const char *gpass) 155 { 156 const char *cp, *scheme, *errormsg; 157 char *ep, *clear, *realm; 158 char uuser[BUFSIZ], *gotpass; 159 const char *upass; 160 int rval; 161 size_t len, clen, rlen; 162 163 *response = NULL; 164 clear = realm = NULL; 165 rval = -1; 166 cp = challenge; 167 scheme = "Basic"; /* only support Basic authentication */ 168 gotpass = NULL; 169 170 DPRINTF("auth_url: challenge `%s'\n", challenge); 171 172 if (! match_token(&cp, scheme)) { 173 warnx("Unsupported authentication challenge `%s'", 174 challenge); 175 goto cleanup_auth_url; 176 } 177 178 #define REALM "realm=\"" 179 if (STRNEQUAL(cp, REALM)) 180 cp += sizeof(REALM) - 1; 181 else { 182 warnx("Unsupported authentication challenge `%s'", 183 challenge); 184 goto cleanup_auth_url; 185 } 186 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */ 187 if ((ep = strchr(cp, '\"')) != NULL) { 188 len = ep - cp; 189 realm = (char *)ftp_malloc(len + 1); 190 (void)strlcpy(realm, cp, len + 1); 191 } else { 192 warnx("Unsupported authentication challenge `%s'", 193 challenge); 194 goto cleanup_auth_url; 195 } 196 197 fprintf(ttyout, "Username for `%s': ", realm); 198 if (guser != NULL) { 199 (void)strlcpy(uuser, guser, sizeof(uuser)); 200 fprintf(ttyout, "%s\n", uuser); 201 } else { 202 (void)fflush(ttyout); 203 if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) { 204 warnx("%s; can't authenticate", errormsg); 205 goto cleanup_auth_url; 206 } 207 } 208 if (gpass != NULL) 209 upass = gpass; 210 else { 211 gotpass = getpass("Password: "); 212 if (gotpass == NULL) { 213 warnx("Can't read password"); 214 goto cleanup_auth_url; 215 } 216 upass = gotpass; 217 } 218 219 clen = strlen(uuser) + strlen(upass) + 2; /* user + ":" + pass + "\0" */ 220 clear = (char *)ftp_malloc(clen); 221 (void)strlcpy(clear, uuser, clen); 222 (void)strlcat(clear, ":", clen); 223 (void)strlcat(clear, upass, clen); 224 if (gotpass) 225 memset(gotpass, 0, strlen(gotpass)); 226 227 /* scheme + " " + enc + "\0" */ 228 rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1; 229 *response = (char *)ftp_malloc(rlen); 230 (void)strlcpy(*response, scheme, rlen); 231 len = strlcat(*response, " ", rlen); 232 /* use `clen - 1' to not encode the trailing NUL */ 233 base64_encode((unsigned char *)clear, clen - 1, 234 (unsigned char *)*response + len); 235 memset(clear, 0, clen); 236 rval = 0; 237 238 cleanup_auth_url: 239 FREEPTR(clear); 240 FREEPTR(realm); 241 return (rval); 242 } 243 244 /* 245 * Encode len bytes starting at clear using base64 encoding into encoded, 246 * which should be at least ((len + 2) * 4 / 3 + 1) in size. 247 */ 248 static void 249 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded) 250 { 251 static const unsigned char enc[] = 252 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 253 unsigned char *cp; 254 size_t i; 255 256 cp = encoded; 257 for (i = 0; i < len; i += 3) { 258 *(cp++) = enc[((clear[i + 0] >> 2))]; 259 *(cp++) = enc[((clear[i + 0] << 4) & 0x30) 260 | ((clear[i + 1] >> 4) & 0x0f)]; 261 *(cp++) = enc[((clear[i + 1] << 2) & 0x3c) 262 | ((clear[i + 2] >> 6) & 0x03)]; 263 *(cp++) = enc[((clear[i + 2] ) & 0x3f)]; 264 } 265 *cp = '\0'; 266 while (i-- > len) 267 *(--cp) = '='; 268 } 269 #endif 270 271 /* 272 * Decode %xx escapes in given string, `in-place'. 273 */ 274 static void 275 url_decode(char *url) 276 { 277 unsigned char *p, *q; 278 279 if (EMPTYSTRING(url)) 280 return; 281 p = q = (unsigned char *)url; 282 283 #define HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10)) 284 while (*p) { 285 if (p[0] == '%' 286 && p[1] && isxdigit((unsigned char)p[1]) 287 && p[2] && isxdigit((unsigned char)p[2])) { 288 *q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]); 289 p+=3; 290 } else 291 *q++ = *p++; 292 } 293 *q = '\0'; 294 } 295 296 297 /* 298 * Parse URL of form (per RFC 3986): 299 * <type>://[<user>[:<password>]@]<host>[:<port>][/<path>] 300 * Returns -1 if a parse error occurred, otherwise 0. 301 * It's the caller's responsibility to url_decode() the returned 302 * user, pass and path. 303 * 304 * Sets type to url_t, each of the given char ** pointers to a 305 * malloc(3)ed strings of the relevant section, and port to 306 * the number given, or ftpport if ftp://, or httpport if http://. 307 * 308 * XXX: this is not totally RFC 3986 compliant; <path> will have the 309 * leading `/' unless it's an ftp:// URL, as this makes things easier 310 * for file:// and http:// URLs. ftp:// URLs have the `/' between the 311 * host and the URL-path removed, but any additional leading slashes 312 * in the URL-path are retained (because they imply that we should 313 * later do "CWD" with a null argument). 314 * 315 * Examples: 316 * input URL output path 317 * --------- ----------- 318 * "http://host" "/" 319 * "http://host/" "/" 320 * "http://host/path" "/path" 321 * "file://host/dir/file" "dir/file" 322 * "ftp://host" "" 323 * "ftp://host/" "" 324 * "ftp://host//" "/" 325 * "ftp://host/dir/file" "dir/file" 326 * "ftp://host//dir/file" "/dir/file" 327 */ 328 static int 329 parse_url(const char *url, const char *desc, url_t *utype, 330 char **uuser, char **pass, char **host, char **port, 331 in_port_t *portnum, char **path) 332 { 333 const char *origurl, *tport; 334 char *cp, *ep, *thost; 335 size_t len; 336 337 if (url == NULL || desc == NULL || utype == NULL || uuser == NULL 338 || pass == NULL || host == NULL || port == NULL || portnum == NULL 339 || path == NULL) 340 errx(1, "parse_url: invoked with NULL argument!"); 341 DPRINTF("parse_url: %s `%s'\n", desc, url); 342 343 origurl = url; 344 *utype = UNKNOWN_URL_T; 345 *uuser = *pass = *host = *port = *path = NULL; 346 *portnum = 0; 347 tport = NULL; 348 349 if (STRNEQUAL(url, HTTP_URL)) { 350 url += sizeof(HTTP_URL) - 1; 351 *utype = HTTP_URL_T; 352 *portnum = HTTP_PORT; 353 tport = httpport; 354 } else if (STRNEQUAL(url, FTP_URL)) { 355 url += sizeof(FTP_URL) - 1; 356 *utype = FTP_URL_T; 357 *portnum = FTP_PORT; 358 tport = ftpport; 359 } else if (STRNEQUAL(url, FILE_URL)) { 360 url += sizeof(FILE_URL) - 1; 361 *utype = FILE_URL_T; 362 #ifdef WITH_SSL 363 } else if (STRNEQUAL(url, HTTPS_URL)) { 364 url += sizeof(HTTPS_URL) - 1; 365 *utype = HTTPS_URL_T; 366 *portnum = HTTPS_PORT; 367 tport = httpsport; 368 #endif 369 } else { 370 warnx("Invalid %s `%s'", desc, url); 371 cleanup_parse_url: 372 FREEPTR(*uuser); 373 if (*pass != NULL) 374 memset(*pass, 0, strlen(*pass)); 375 FREEPTR(*pass); 376 FREEPTR(*host); 377 FREEPTR(*port); 378 FREEPTR(*path); 379 return (-1); 380 } 381 382 if (*url == '\0') 383 return (0); 384 385 /* find [user[:pass]@]host[:port] */ 386 ep = strchr(url, '/'); 387 if (ep == NULL) 388 thost = ftp_strdup(url); 389 else { 390 len = ep - url; 391 thost = (char *)ftp_malloc(len + 1); 392 (void)strlcpy(thost, url, len + 1); 393 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 394 ep++; 395 *path = ftp_strdup(ep); 396 } 397 398 cp = strchr(thost, '@'); /* look for user[:pass]@ in URLs */ 399 if (cp != NULL) { 400 if (*utype == FTP_URL_T) 401 anonftp = 0; /* disable anonftp */ 402 *uuser = thost; 403 *cp = '\0'; 404 thost = ftp_strdup(cp + 1); 405 cp = strchr(*uuser, ':'); 406 if (cp != NULL) { 407 *cp = '\0'; 408 *pass = ftp_strdup(cp + 1); 409 } 410 url_decode(*uuser); 411 if (*pass) 412 url_decode(*pass); 413 } 414 415 #ifdef INET6 416 /* 417 * Check if thost is an encoded IPv6 address, as per 418 * RFC 3986: 419 * `[' ipv6-address ']' 420 */ 421 if (*thost == '[') { 422 cp = thost + 1; 423 if ((ep = strchr(cp, ']')) == NULL || 424 (ep[1] != '\0' && ep[1] != ':')) { 425 warnx("Invalid address `%s' in %s `%s'", 426 thost, desc, origurl); 427 goto cleanup_parse_url; 428 } 429 len = ep - cp; /* change `[xyz]' -> `xyz' */ 430 memmove(thost, thost + 1, len); 431 thost[len] = '\0'; 432 if (! isipv6addr(thost)) { 433 warnx("Invalid IPv6 address `%s' in %s `%s'", 434 thost, desc, origurl); 435 goto cleanup_parse_url; 436 } 437 cp = ep + 1; 438 if (*cp == ':') 439 cp++; 440 else 441 cp = NULL; 442 } else 443 #endif /* INET6 */ 444 if ((cp = strchr(thost, ':')) != NULL) 445 *cp++ = '\0'; 446 *host = thost; 447 448 /* look for [:port] */ 449 if (cp != NULL) { 450 unsigned long nport; 451 452 nport = strtoul(cp, &ep, 10); 453 if (*cp == '\0' || *ep != '\0' || 454 nport < 1 || nport > MAX_IN_PORT_T) { 455 warnx("Unknown port `%s' in %s `%s'", 456 cp, desc, origurl); 457 goto cleanup_parse_url; 458 } 459 *portnum = nport; 460 tport = cp; 461 } 462 463 if (tport != NULL) 464 *port = ftp_strdup(tport); 465 if (*path == NULL) { 466 const char *emptypath = "/"; 467 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */ 468 emptypath++; 469 *path = ftp_strdup(emptypath); 470 } 471 472 DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) " 473 "path `%s'\n", 474 STRorNULL(*uuser), STRorNULL(*pass), 475 STRorNULL(*host), STRorNULL(*port), 476 *portnum ? *portnum : -1, STRorNULL(*path)); 477 478 return (0); 479 } 480 481 sigjmp_buf httpabort; 482 483 /* 484 * Retrieve URL, via a proxy if necessary, using HTTP. 485 * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or 486 * http_proxy/https_proxy as appropriate. 487 * Supports HTTP redirects. 488 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 489 * is still open (e.g, ftp xfer with trailing /) 490 */ 491 static int 492 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth) 493 { 494 struct addrinfo hints, *res, *res0 = NULL; 495 int error; 496 sigfunc volatile oldint; 497 sigfunc volatile oldpipe; 498 sigfunc volatile oldalrm; 499 sigfunc volatile oldquit; 500 int volatile s; 501 struct stat sb; 502 int volatile ischunked; 503 int volatile isproxy; 504 int volatile rval; 505 int volatile hcode; 506 int len; 507 size_t flen; 508 static size_t bufsize; 509 static char *xferbuf; 510 const char *cp, *token; 511 char *ep; 512 char buf[FTPBUFLEN]; 513 const char *errormsg; 514 char *volatile savefile; 515 char *volatile auth; 516 char *volatile location; 517 char *volatile message; 518 char *uuser, *pass, *host, *port, *path; 519 char *volatile decodedpath; 520 char *puser, *ppass, *useragent; 521 off_t hashbytes, rangestart, rangeend, entitylen; 522 int (*volatile closefunc)(FILE *); 523 FETCH *volatile fin; 524 FILE *volatile fout; 525 const char *volatile penv = proxyenv; 526 time_t mtime; 527 url_t urltype; 528 in_port_t portnum; 529 #ifdef WITH_SSL 530 void *ssl; 531 #endif 532 533 DPRINTF("%s: `%s' proxyenv `%s'\n", __func__, url, STRorNULL(penv)); 534 535 oldquit = oldalrm = oldint = oldpipe = NULL; 536 closefunc = NULL; 537 fin = NULL; 538 fout = NULL; 539 s = -1; 540 savefile = NULL; 541 auth = location = message = NULL; 542 ischunked = isproxy = hcode = 0; 543 rval = 1; 544 uuser = pass = host = path = decodedpath = puser = ppass = NULL; 545 546 if (sigsetjmp(httpabort, 1)) 547 goto cleanup_fetch_url; 548 549 if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port, 550 &portnum, &path) == -1) 551 goto cleanup_fetch_url; 552 553 if (urltype == FILE_URL_T && ! EMPTYSTRING(host) 554 && strcasecmp(host, "localhost") != 0) { 555 warnx("No support for non local file URL `%s'", url); 556 goto cleanup_fetch_url; 557 } 558 559 if (EMPTYSTRING(path)) { 560 if (urltype == FTP_URL_T) { 561 rval = fetch_ftp(url); 562 goto cleanup_fetch_url; 563 } 564 if (!IS_HTTP_TYPE(urltype) || outfile == NULL) { 565 warnx("Invalid URL (no file after host) `%s'", url); 566 goto cleanup_fetch_url; 567 } 568 } 569 570 decodedpath = ftp_strdup(path); 571 url_decode(decodedpath); 572 573 if (outfile) 574 savefile = outfile; 575 else { 576 cp = strrchr(decodedpath, '/'); /* find savefile */ 577 if (cp != NULL) 578 savefile = ftp_strdup(cp + 1); 579 else 580 savefile = ftp_strdup(decodedpath); 581 } 582 DPRINTF("%s: savefile `%s'\n", __func__, savefile); 583 if (EMPTYSTRING(savefile)) { 584 if (urltype == FTP_URL_T) { 585 rval = fetch_ftp(url); 586 goto cleanup_fetch_url; 587 } 588 warnx("No file after directory (you must specify an " 589 "output file) `%s'", url); 590 goto cleanup_fetch_url; 591 } 592 593 restart_point = 0; 594 filesize = -1; 595 rangestart = rangeend = entitylen = -1; 596 mtime = -1; 597 if (restartautofetch) { 598 if (stat(savefile, &sb) == 0) 599 restart_point = sb.st_size; 600 } 601 if (urltype == FILE_URL_T) { /* file:// URLs */ 602 direction = "copied"; 603 fin = fetch_open(decodedpath, "r"); 604 if (fin == NULL) { 605 warn("Can't open `%s'", decodedpath); 606 goto cleanup_fetch_url; 607 } 608 if (fstat(fetch_fileno(fin), &sb) == 0) { 609 mtime = sb.st_mtime; 610 filesize = sb.st_size; 611 } 612 if (restart_point) { 613 if (lseek(fetch_fileno(fin), restart_point, SEEK_SET) < 0) { 614 warn("Can't seek to restart `%s'", 615 decodedpath); 616 goto cleanup_fetch_url; 617 } 618 } 619 if (verbose) { 620 fprintf(ttyout, "Copying %s", decodedpath); 621 if (restart_point) 622 fprintf(ttyout, " (restarting at " LLF ")", 623 (LLT)restart_point); 624 fputs("\n", ttyout); 625 } 626 if (0 == rcvbuf_size) { 627 rcvbuf_size = 8 * 1024; /* XXX */ 628 } 629 } else { /* ftp:// or http:// URLs */ 630 const char *leading; 631 int hasleading; 632 633 if (penv == NULL) { 634 #ifdef WITH_SSL 635 if (urltype == HTTPS_URL_T) 636 penv = getoptionvalue("https_proxy"); 637 #endif 638 if (penv == NULL && IS_HTTP_TYPE(urltype)) 639 penv = getoptionvalue("http_proxy"); 640 else if (urltype == FTP_URL_T) 641 penv = getoptionvalue("ftp_proxy"); 642 } 643 direction = "retrieved"; 644 if (! EMPTYSTRING(penv)) { /* use proxy */ 645 url_t purltype; 646 char *phost, *ppath; 647 char *pport, *no_proxy; 648 in_port_t pportnum; 649 650 isproxy = 1; 651 652 /* check URL against list of no_proxied sites */ 653 no_proxy = getoptionvalue("no_proxy"); 654 if (! EMPTYSTRING(no_proxy)) { 655 char *np, *np_copy, *np_iter; 656 unsigned long np_port; 657 size_t hlen, plen; 658 659 np_iter = np_copy = ftp_strdup(no_proxy); 660 hlen = strlen(host); 661 while ((cp = strsep(&np_iter, " ,")) != NULL) { 662 if (*cp == '\0') 663 continue; 664 if ((np = strrchr(cp, ':')) != NULL) { 665 *np++ = '\0'; 666 np_port = strtoul(np, &ep, 10); 667 if (*np == '\0' || *ep != '\0') 668 continue; 669 if (np_port != portnum) 670 continue; 671 } 672 plen = strlen(cp); 673 if (hlen < plen) 674 continue; 675 if (strncasecmp(host + hlen - plen, 676 cp, plen) == 0) { 677 isproxy = 0; 678 break; 679 } 680 } 681 FREEPTR(np_copy); 682 if (isproxy == 0 && urltype == FTP_URL_T) { 683 rval = fetch_ftp(url); 684 goto cleanup_fetch_url; 685 } 686 } 687 688 if (isproxy) { 689 if (restart_point) { 690 warnx("Can't restart via proxy URL `%s'", 691 penv); 692 goto cleanup_fetch_url; 693 } 694 if (parse_url(penv, "proxy URL", &purltype, 695 &puser, &ppass, &phost, &pport, &pportnum, 696 &ppath) == -1) 697 goto cleanup_fetch_url; 698 699 if ((!IS_HTTP_TYPE(purltype) 700 && purltype != FTP_URL_T) || 701 EMPTYSTRING(phost) || 702 (! EMPTYSTRING(ppath) 703 && strcmp(ppath, "/") != 0)) { 704 warnx("Malformed proxy URL `%s'", penv); 705 FREEPTR(phost); 706 FREEPTR(pport); 707 FREEPTR(ppath); 708 goto cleanup_fetch_url; 709 } 710 if (isipv6addr(host) && 711 strchr(host, '%') != NULL) { 712 warnx( 713 "Scoped address notation `%s' disallowed via web proxy", 714 host); 715 FREEPTR(phost); 716 FREEPTR(pport); 717 FREEPTR(ppath); 718 goto cleanup_fetch_url; 719 } 720 721 FREEPTR(host); 722 host = phost; 723 FREEPTR(port); 724 port = pport; 725 FREEPTR(path); 726 path = ftp_strdup(url); 727 FREEPTR(ppath); 728 urltype = purltype; 729 } 730 } /* ! EMPTYSTRING(penv) */ 731 732 memset(&hints, 0, sizeof(hints)); 733 hints.ai_flags = 0; 734 hints.ai_family = family; 735 hints.ai_socktype = SOCK_STREAM; 736 hints.ai_protocol = 0; 737 error = getaddrinfo(host, port, &hints, &res0); 738 if (error) { 739 warnx("Can't LOOKUP `%s:%s': %s", host, port, 740 (error == EAI_SYSTEM) ? strerror(errno) 741 : gai_strerror(error)); 742 goto cleanup_fetch_url; 743 } 744 if (res0->ai_canonname) 745 host = res0->ai_canonname; 746 747 s = -1; 748 #ifdef WITH_SSL 749 ssl = NULL; 750 #endif 751 for (res = res0; res; res = res->ai_next) { 752 char hname[NI_MAXHOST], sname[NI_MAXSERV]; 753 754 ai_unmapped(res); 755 if (getnameinfo(res->ai_addr, res->ai_addrlen, 756 hname, sizeof(hname), sname, sizeof(sname), 757 NI_NUMERICHOST | NI_NUMERICSERV) != 0) { 758 strlcpy(hname, "?", sizeof(hname)); 759 strlcpy(sname, "?", sizeof(sname)); 760 } 761 762 if (verbose && res0->ai_next) { 763 fprintf(ttyout, "Trying %s:%s ...\n", 764 hname, sname); 765 } 766 767 s = socket(res->ai_family, SOCK_STREAM, 768 res->ai_protocol); 769 if (s < 0) { 770 warn( 771 "Can't create socket for connection to " 772 "`%s:%s'", hname, sname); 773 continue; 774 } 775 776 if (ftp_connect(s, res->ai_addr, res->ai_addrlen, 777 verbose || !res->ai_next) < 0) { 778 close(s); 779 s = -1; 780 continue; 781 } 782 783 #ifdef WITH_SSL 784 if (urltype == HTTPS_URL_T) { 785 if ((ssl = fetch_start_ssl(s)) == NULL) { 786 close(s); 787 s = -1; 788 continue; 789 } 790 } 791 #endif 792 793 /* success */ 794 break; 795 } 796 797 if (s < 0) { 798 warnx("Can't connect to `%s:%s'", host, port); 799 goto cleanup_fetch_url; 800 } 801 802 oldalrm = xsignal(SIGALRM, timeouthttp); 803 alarmtimer(quit_time ? quit_time : 60); 804 fin = fetch_fdopen(s, "r+"); 805 fetch_set_ssl(fin, ssl); 806 alarmtimer(0); 807 808 alarmtimer(quit_time ? quit_time : 60); 809 /* 810 * Construct and send the request. 811 */ 812 if (verbose) 813 fprintf(ttyout, "Requesting %s\n", url); 814 leading = " ("; 815 hasleading = 0; 816 if (isproxy) { 817 if (verbose) { 818 fprintf(ttyout, "%svia %s:%s", leading, 819 host, port); 820 leading = ", "; 821 hasleading++; 822 } 823 fetch_printf(fin, "GET %s HTTP/1.0\r\n", path); 824 if (flushcache) 825 fetch_printf(fin, "Pragma: no-cache\r\n"); 826 } else { 827 fetch_printf(fin, "GET %s HTTP/1.1\r\n", path); 828 if (strchr(host, ':')) { 829 char *h, *p; 830 831 /* 832 * strip off IPv6 scope identifier, since it is 833 * local to the node 834 */ 835 h = ftp_strdup(host); 836 if (isipv6addr(h) && 837 (p = strchr(h, '%')) != NULL) { 838 *p = '\0'; 839 } 840 fetch_printf(fin, "Host: [%s]", h); 841 free(h); 842 } else 843 fetch_printf(fin, "Host: %s", host); 844 #ifdef WITH_SSL 845 if ((urltype == HTTP_URL_T && portnum != HTTP_PORT) || 846 (urltype == HTTPS_URL_T && portnum != HTTPS_PORT)) 847 #else 848 if (portnum != HTTP_PORT) 849 #endif 850 fetch_printf(fin, ":%u", portnum); 851 fetch_printf(fin, "\r\n"); 852 fetch_printf(fin, "Accept: */*\r\n"); 853 fetch_printf(fin, "Connection: close\r\n"); 854 if (restart_point) { 855 fputs(leading, ttyout); 856 fetch_printf(fin, "Range: bytes=" LLF "-\r\n", 857 (LLT)restart_point); 858 fprintf(ttyout, "restarting at " LLF, 859 (LLT)restart_point); 860 leading = ", "; 861 hasleading++; 862 } 863 if (flushcache) 864 fetch_printf(fin, "Cache-Control: no-cache\r\n"); 865 } 866 if ((useragent=getenv("FTPUSERAGENT")) != NULL) { 867 fetch_printf(fin, "User-Agent: %s\r\n", useragent); 868 } else { 869 fetch_printf(fin, "User-Agent: %s/%s\r\n", 870 FTP_PRODUCT, FTP_VERSION); 871 } 872 if (wwwauth) { 873 if (verbose) { 874 fprintf(ttyout, "%swith authorization", 875 leading); 876 leading = ", "; 877 hasleading++; 878 } 879 fetch_printf(fin, "Authorization: %s\r\n", wwwauth); 880 } 881 if (proxyauth) { 882 if (verbose) { 883 fprintf(ttyout, 884 "%swith proxy authorization", leading); 885 leading = ", "; 886 hasleading++; 887 } 888 fetch_printf(fin, "Proxy-Authorization: %s\r\n", proxyauth); 889 } 890 if (verbose && hasleading) 891 fputs(")\n", ttyout); 892 fetch_printf(fin, "\r\n"); 893 if (fetch_flush(fin) == EOF) { 894 warn("Writing HTTP request"); 895 alarmtimer(0); 896 goto cleanup_fetch_url; 897 } 898 alarmtimer(0); 899 900 /* Read the response */ 901 alarmtimer(quit_time ? quit_time : 60); 902 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 903 alarmtimer(0); 904 if (len < 0) { 905 if (*errormsg == '\n') 906 errormsg++; 907 warnx("Receiving HTTP reply: %s", errormsg); 908 goto cleanup_fetch_url; 909 } 910 while (len > 0 && (ISLWS(buf[len-1]))) 911 buf[--len] = '\0'; 912 DPRINTF("%s: received `%s'\n", __func__, buf); 913 914 /* Determine HTTP response code */ 915 cp = strchr(buf, ' '); 916 if (cp == NULL) 917 goto improper; 918 else 919 cp++; 920 hcode = strtol(cp, &ep, 10); 921 if (*ep != '\0' && !isspace((unsigned char)*ep)) 922 goto improper; 923 message = ftp_strdup(cp); 924 925 /* Read the rest of the header. */ 926 while (1) { 927 alarmtimer(quit_time ? quit_time : 60); 928 len = fetch_getline(fin, buf, sizeof(buf), &errormsg); 929 alarmtimer(0); 930 if (len < 0) { 931 if (*errormsg == '\n') 932 errormsg++; 933 warnx("Receiving HTTP reply: %s", errormsg); 934 goto cleanup_fetch_url; 935 } 936 while (len > 0 && (ISLWS(buf[len-1]))) 937 buf[--len] = '\0'; 938 if (len == 0) 939 break; 940 DPRINTF("%s: received `%s'\n", __func__, buf); 941 942 /* 943 * Look for some headers 944 */ 945 946 cp = buf; 947 948 if (match_token(&cp, "Content-Length:")) { 949 filesize = STRTOLL(cp, &ep, 10); 950 if (filesize < 0 || *ep != '\0') 951 goto improper; 952 DPRINTF("%s: parsed len as: " LLF "\n", 953 __func__, (LLT)filesize); 954 955 } else if (match_token(&cp, "Content-Range:")) { 956 if (! match_token(&cp, "bytes")) 957 goto improper; 958 959 if (*cp == '*') 960 cp++; 961 else { 962 rangestart = STRTOLL(cp, &ep, 10); 963 if (rangestart < 0 || *ep != '-') 964 goto improper; 965 cp = ep + 1; 966 rangeend = STRTOLL(cp, &ep, 10); 967 if (rangeend < 0 || rangeend < rangestart) 968 goto improper; 969 cp = ep; 970 } 971 if (*cp != '/') 972 goto improper; 973 cp++; 974 if (*cp == '*') 975 cp++; 976 else { 977 entitylen = STRTOLL(cp, &ep, 10); 978 if (entitylen < 0) 979 goto improper; 980 cp = ep; 981 } 982 if (*cp != '\0') 983 goto improper; 984 985 #ifndef NO_DEBUG 986 if (ftp_debug) { 987 fprintf(ttyout, "parsed range as: "); 988 if (rangestart == -1) 989 fprintf(ttyout, "*"); 990 else 991 fprintf(ttyout, LLF "-" LLF, 992 (LLT)rangestart, 993 (LLT)rangeend); 994 fprintf(ttyout, "/" LLF "\n", (LLT)entitylen); 995 } 996 #endif 997 if (! restart_point) { 998 warnx( 999 "Received unexpected Content-Range header"); 1000 goto cleanup_fetch_url; 1001 } 1002 1003 } else if (match_token(&cp, "Last-Modified:")) { 1004 struct tm parsed; 1005 const char *t; 1006 1007 memset(&parsed, 0, sizeof(parsed)); 1008 t = parse_rfc2616time(&parsed, cp); 1009 if (t != NULL) { 1010 parsed.tm_isdst = -1; 1011 if (*t == '\0') 1012 mtime = timegm(&parsed); 1013 #ifndef NO_DEBUG 1014 if (ftp_debug && mtime != -1) { 1015 fprintf(ttyout, 1016 "parsed time as: %s", 1017 rfc2822time(localtime(&mtime))); 1018 } 1019 #endif 1020 } 1021 1022 } else if (match_token(&cp, "Location:")) { 1023 location = ftp_strdup(cp); 1024 DPRINTF("%s: parsed location as `%s'\n", 1025 __func__, cp); 1026 1027 } else if (match_token(&cp, "Transfer-Encoding:")) { 1028 if (match_token(&cp, "binary")) { 1029 warnx( 1030 "Bogus transfer encoding `binary' (fetching anyway)"); 1031 continue; 1032 } 1033 if (! (token = match_token(&cp, "chunked"))) { 1034 warnx( 1035 "Unsupported transfer encoding `%s'", 1036 token); 1037 goto cleanup_fetch_url; 1038 } 1039 ischunked++; 1040 DPRINTF("%s: using chunked encoding\n", 1041 __func__); 1042 1043 } else if (match_token(&cp, "Proxy-Authenticate:") 1044 || match_token(&cp, "WWW-Authenticate:")) { 1045 if (! (token = match_token(&cp, "Basic"))) { 1046 DPRINTF("%s: skipping unknown auth " 1047 "scheme `%s'\n", __func__, token); 1048 continue; 1049 } 1050 FREEPTR(auth); 1051 auth = ftp_strdup(token); 1052 DPRINTF("%s: parsed auth as `%s'\n", 1053 __func__, cp); 1054 } 1055 1056 } 1057 /* finished parsing header */ 1058 1059 switch (hcode) { 1060 case 200: 1061 break; 1062 case 206: 1063 if (! restart_point) { 1064 warnx("Not expecting partial content header"); 1065 goto cleanup_fetch_url; 1066 } 1067 break; 1068 case 300: 1069 case 301: 1070 case 302: 1071 case 303: 1072 case 305: 1073 case 307: 1074 if (EMPTYSTRING(location)) { 1075 warnx( 1076 "No redirection Location provided by server"); 1077 goto cleanup_fetch_url; 1078 } 1079 if (redirect_loop++ > 5) { 1080 warnx("Too many redirections requested"); 1081 goto cleanup_fetch_url; 1082 } 1083 if (hcode == 305) { 1084 if (verbose) 1085 fprintf(ttyout, "Redirected via %s\n", 1086 location); 1087 rval = fetch_url(url, location, 1088 proxyauth, wwwauth); 1089 } else { 1090 if (verbose) 1091 fprintf(ttyout, "Redirected to %s\n", 1092 location); 1093 rval = go_fetch(location); 1094 } 1095 goto cleanup_fetch_url; 1096 #ifndef NO_AUTH 1097 case 401: 1098 case 407: 1099 { 1100 char **authp; 1101 char *auser, *apass; 1102 1103 if (hcode == 401) { 1104 authp = &wwwauth; 1105 auser = uuser; 1106 apass = pass; 1107 } else { 1108 authp = &proxyauth; 1109 auser = puser; 1110 apass = ppass; 1111 } 1112 if (verbose || *authp == NULL || 1113 auser == NULL || apass == NULL) 1114 fprintf(ttyout, "%s\n", message); 1115 if (EMPTYSTRING(auth)) { 1116 warnx( 1117 "No authentication challenge provided by server"); 1118 goto cleanup_fetch_url; 1119 } 1120 if (*authp != NULL) { 1121 char reply[10]; 1122 1123 fprintf(ttyout, 1124 "Authorization failed. Retry (y/n)? "); 1125 if (get_line(stdin, reply, sizeof(reply), NULL) 1126 < 0) { 1127 goto cleanup_fetch_url; 1128 } 1129 if (tolower((unsigned char)reply[0]) != 'y') 1130 goto cleanup_fetch_url; 1131 auser = NULL; 1132 apass = NULL; 1133 } 1134 if (auth_url(auth, authp, auser, apass) == 0) { 1135 rval = fetch_url(url, penv, 1136 proxyauth, wwwauth); 1137 memset(*authp, 0, strlen(*authp)); 1138 FREEPTR(*authp); 1139 } 1140 goto cleanup_fetch_url; 1141 } 1142 #endif 1143 default: 1144 if (message) 1145 warnx("Error retrieving file `%s'", message); 1146 else 1147 warnx("Unknown error retrieving file"); 1148 goto cleanup_fetch_url; 1149 } 1150 } /* end of ftp:// or http:// specific setup */ 1151 1152 /* Open the output file. */ 1153 1154 /* 1155 * Only trust filenames with special meaning if they came from 1156 * the command line 1157 */ 1158 if (outfile == savefile) { 1159 if (strcmp(savefile, "-") == 0) { 1160 fout = stdout; 1161 } else if (*savefile == '|') { 1162 oldpipe = xsignal(SIGPIPE, SIG_IGN); 1163 fout = popen(savefile + 1, "w"); 1164 if (fout == NULL) { 1165 warn("Can't execute `%s'", savefile + 1); 1166 goto cleanup_fetch_url; 1167 } 1168 closefunc = pclose; 1169 } 1170 } 1171 if (fout == NULL) { 1172 if ((rangeend != -1 && rangeend <= restart_point) || 1173 (rangestart == -1 && filesize != -1 && filesize <= restart_point)) { 1174 /* already done */ 1175 if (verbose) 1176 fprintf(ttyout, "already done\n"); 1177 rval = 0; 1178 goto cleanup_fetch_url; 1179 } 1180 if (restart_point && rangestart != -1) { 1181 if (entitylen != -1) 1182 filesize = entitylen; 1183 if (rangestart != restart_point) { 1184 warnx( 1185 "Size of `%s' differs from save file `%s'", 1186 url, savefile); 1187 goto cleanup_fetch_url; 1188 } 1189 fout = fopen(savefile, "a"); 1190 } else 1191 fout = fopen(savefile, "w"); 1192 if (fout == NULL) { 1193 warn("Can't open `%s'", savefile); 1194 goto cleanup_fetch_url; 1195 } 1196 closefunc = fclose; 1197 } 1198 1199 /* Trap signals */ 1200 oldquit = xsignal(SIGQUIT, psummary); 1201 oldint = xsignal(SIGINT, aborthttp); 1202 1203 assert(rcvbuf_size > 0); 1204 if ((size_t)rcvbuf_size > bufsize) { 1205 if (xferbuf) 1206 (void)free(xferbuf); 1207 bufsize = rcvbuf_size; 1208 xferbuf = ftp_malloc(bufsize); 1209 } 1210 1211 bytes = 0; 1212 hashbytes = mark; 1213 if (oldalrm) { 1214 (void)xsignal(SIGALRM, oldalrm); 1215 oldalrm = NULL; 1216 } 1217 progressmeter(-1); 1218 1219 /* Finally, suck down the file. */ 1220 do { 1221 long chunksize; 1222 short lastchunk; 1223 1224 chunksize = 0; 1225 lastchunk = 0; 1226 /* read chunk-size */ 1227 if (ischunked) { 1228 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1229 warnx("Unexpected EOF reading chunk-size"); 1230 goto cleanup_fetch_url; 1231 } 1232 errno = 0; 1233 chunksize = strtol(xferbuf, &ep, 16); 1234 if (ep == xferbuf) { 1235 warnx("Invalid chunk-size"); 1236 goto cleanup_fetch_url; 1237 } 1238 if (errno == ERANGE || chunksize < 0) { 1239 errno = ERANGE; 1240 warn("Chunk-size `%.*s'", 1241 (int)(ep-xferbuf), xferbuf); 1242 goto cleanup_fetch_url; 1243 } 1244 1245 /* 1246 * XXX: Work around bug in Apache 1.3.9 and 1247 * 1.3.11, which incorrectly put trailing 1248 * space after the chunk-size. 1249 */ 1250 while (*ep == ' ') 1251 ep++; 1252 1253 /* skip [ chunk-ext ] */ 1254 if (*ep == ';') { 1255 while (*ep && *ep != '\r') 1256 ep++; 1257 } 1258 1259 if (strcmp(ep, "\r\n") != 0) { 1260 warnx("Unexpected data following chunk-size"); 1261 goto cleanup_fetch_url; 1262 } 1263 DPRINTF("%s: got chunk-size of " LLF "\n", __func__, 1264 (LLT)chunksize); 1265 if (chunksize == 0) { 1266 lastchunk = 1; 1267 goto chunkdone; 1268 } 1269 } 1270 /* transfer file or chunk */ 1271 while (1) { 1272 struct timeval then, now, td; 1273 volatile off_t bufrem; 1274 1275 if (rate_get) 1276 (void)gettimeofday(&then, NULL); 1277 bufrem = rate_get ? rate_get : (off_t)bufsize; 1278 if (ischunked) 1279 bufrem = MIN(chunksize, bufrem); 1280 while (bufrem > 0) { 1281 flen = fetch_read(xferbuf, sizeof(char), 1282 MIN((off_t)bufsize, bufrem), fin); 1283 if (flen <= 0) 1284 goto chunkdone; 1285 bytes += flen; 1286 bufrem -= flen; 1287 if (fwrite(xferbuf, sizeof(char), flen, fout) 1288 != flen) { 1289 warn("Writing `%s'", savefile); 1290 goto cleanup_fetch_url; 1291 } 1292 if (hash && !progress) { 1293 while (bytes >= hashbytes) { 1294 (void)putc('#', ttyout); 1295 hashbytes += mark; 1296 } 1297 (void)fflush(ttyout); 1298 } 1299 if (ischunked) { 1300 chunksize -= flen; 1301 if (chunksize <= 0) 1302 break; 1303 } 1304 } 1305 if (rate_get) { 1306 while (1) { 1307 (void)gettimeofday(&now, NULL); 1308 timersub(&now, &then, &td); 1309 if (td.tv_sec > 0) 1310 break; 1311 usleep(1000000 - td.tv_usec); 1312 } 1313 } 1314 if (ischunked && chunksize <= 0) 1315 break; 1316 } 1317 /* read CRLF after chunk*/ 1318 chunkdone: 1319 if (ischunked) { 1320 if (fetch_getln(xferbuf, bufsize, fin) == NULL) { 1321 alarmtimer(0); 1322 warnx("Unexpected EOF reading chunk CRLF"); 1323 goto cleanup_fetch_url; 1324 } 1325 if (strcmp(xferbuf, "\r\n") != 0) { 1326 warnx("Unexpected data following chunk"); 1327 goto cleanup_fetch_url; 1328 } 1329 if (lastchunk) 1330 break; 1331 } 1332 } while (ischunked); 1333 1334 /* XXX: deal with optional trailer & CRLF here? */ 1335 1336 if (hash && !progress && bytes > 0) { 1337 if (bytes < mark) 1338 (void)putc('#', ttyout); 1339 (void)putc('\n', ttyout); 1340 } 1341 if (fetch_error(fin)) { 1342 warn("Reading file"); 1343 goto cleanup_fetch_url; 1344 } 1345 progressmeter(1); 1346 (void)fflush(fout); 1347 if (closefunc == fclose && mtime != -1) { 1348 struct timeval tval[2]; 1349 1350 (void)gettimeofday(&tval[0], NULL); 1351 tval[1].tv_sec = mtime; 1352 tval[1].tv_usec = 0; 1353 (*closefunc)(fout); 1354 fout = NULL; 1355 1356 if (utimes(savefile, tval) == -1) { 1357 fprintf(ttyout, 1358 "Can't change modification time to %s", 1359 rfc2822time(localtime(&mtime))); 1360 } 1361 } 1362 if (bytes > 0) 1363 ptransfer(0); 1364 bytes = 0; 1365 1366 rval = 0; 1367 goto cleanup_fetch_url; 1368 1369 improper: 1370 warnx("Improper response from `%s:%s'", host, port); 1371 1372 cleanup_fetch_url: 1373 if (oldint) 1374 (void)xsignal(SIGINT, oldint); 1375 if (oldpipe) 1376 (void)xsignal(SIGPIPE, oldpipe); 1377 if (oldalrm) 1378 (void)xsignal(SIGALRM, oldalrm); 1379 if (oldquit) 1380 (void)xsignal(SIGQUIT, oldpipe); 1381 if (fin != NULL) 1382 fetch_close(fin); 1383 else if (s != -1) 1384 close(s); 1385 if (closefunc != NULL && fout != NULL) 1386 (*closefunc)(fout); 1387 if (res0) 1388 freeaddrinfo(res0); 1389 if (savefile != outfile) 1390 FREEPTR(savefile); 1391 FREEPTR(uuser); 1392 if (pass != NULL) 1393 memset(pass, 0, strlen(pass)); 1394 FREEPTR(pass); 1395 FREEPTR(host); 1396 FREEPTR(port); 1397 FREEPTR(path); 1398 FREEPTR(decodedpath); 1399 FREEPTR(puser); 1400 if (ppass != NULL) 1401 memset(ppass, 0, strlen(ppass)); 1402 FREEPTR(ppass); 1403 FREEPTR(auth); 1404 FREEPTR(location); 1405 FREEPTR(message); 1406 return (rval); 1407 } 1408 1409 /* 1410 * Abort a HTTP retrieval 1411 */ 1412 static void 1413 aborthttp(int notused) 1414 { 1415 char msgbuf[100]; 1416 int len; 1417 1418 sigint_raised = 1; 1419 alarmtimer(0); 1420 if (fromatty) { 1421 len = snprintf(msgbuf, sizeof(msgbuf), 1422 "\n%s: HTTP fetch aborted.\n", getprogname()); 1423 if (len > 0) 1424 write(fileno(ttyout), msgbuf, len); 1425 } 1426 siglongjmp(httpabort, 1); 1427 } 1428 1429 static void 1430 timeouthttp(int notused) 1431 { 1432 char msgbuf[100]; 1433 int len; 1434 1435 alarmtimer(0); 1436 if (fromatty) { 1437 len = snprintf(msgbuf, sizeof(msgbuf), 1438 "\n%s: HTTP fetch timeout.\n", getprogname()); 1439 if (len > 0) 1440 write(fileno(ttyout), msgbuf, len); 1441 } 1442 siglongjmp(httpabort, 1); 1443 } 1444 1445 /* 1446 * Retrieve ftp URL or classic ftp argument using FTP. 1447 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1448 * is still open (e.g, ftp xfer with trailing /) 1449 */ 1450 static int 1451 fetch_ftp(const char *url) 1452 { 1453 char *cp, *xargv[5], rempath[MAXPATHLEN]; 1454 char *host, *path, *dir, *file, *uuser, *pass; 1455 char *port; 1456 char cmdbuf[MAXPATHLEN]; 1457 char dirbuf[4]; 1458 int dirhasglob, filehasglob, rval, transtype, xargc; 1459 int oanonftp, oautologin; 1460 in_port_t portnum; 1461 url_t urltype; 1462 1463 DPRINTF("fetch_ftp: `%s'\n", url); 1464 host = path = dir = file = uuser = pass = NULL; 1465 port = NULL; 1466 rval = 1; 1467 transtype = TYPE_I; 1468 1469 if (STRNEQUAL(url, FTP_URL)) { 1470 if ((parse_url(url, "URL", &urltype, &uuser, &pass, 1471 &host, &port, &portnum, &path) == -1) || 1472 (uuser != NULL && *uuser == '\0') || 1473 EMPTYSTRING(host)) { 1474 warnx("Invalid URL `%s'", url); 1475 goto cleanup_fetch_ftp; 1476 } 1477 /* 1478 * Note: Don't url_decode(path) here. We need to keep the 1479 * distinction between "/" and "%2F" until later. 1480 */ 1481 1482 /* check for trailing ';type=[aid]' */ 1483 if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) { 1484 if (strcasecmp(cp, ";type=a") == 0) 1485 transtype = TYPE_A; 1486 else if (strcasecmp(cp, ";type=i") == 0) 1487 transtype = TYPE_I; 1488 else if (strcasecmp(cp, ";type=d") == 0) { 1489 warnx( 1490 "Directory listing via a URL is not supported"); 1491 goto cleanup_fetch_ftp; 1492 } else { 1493 warnx("Invalid suffix `%s' in URL `%s'", cp, 1494 url); 1495 goto cleanup_fetch_ftp; 1496 } 1497 *cp = 0; 1498 } 1499 } else { /* classic style `[user@]host:[file]' */ 1500 urltype = CLASSIC_URL_T; 1501 host = ftp_strdup(url); 1502 cp = strchr(host, '@'); 1503 if (cp != NULL) { 1504 *cp = '\0'; 1505 uuser = host; 1506 anonftp = 0; /* disable anonftp */ 1507 host = ftp_strdup(cp + 1); 1508 } 1509 cp = strchr(host, ':'); 1510 if (cp != NULL) { 1511 *cp = '\0'; 1512 path = ftp_strdup(cp + 1); 1513 } 1514 } 1515 if (EMPTYSTRING(host)) 1516 goto cleanup_fetch_ftp; 1517 1518 /* Extract the file and (if present) directory name. */ 1519 dir = path; 1520 if (! EMPTYSTRING(dir)) { 1521 /* 1522 * If we are dealing with classic `[user@]host:[path]' syntax, 1523 * then a path of the form `/file' (resulting from input of the 1524 * form `host:/file') means that we should do "CWD /" before 1525 * retrieving the file. So we set dir="/" and file="file". 1526 * 1527 * But if we are dealing with URLs like `ftp://host/path' then 1528 * a path of the form `/file' (resulting from a URL of the form 1529 * `ftp://host//file') means that we should do `CWD ' (with an 1530 * empty argument) before retrieving the file. So we set 1531 * dir="" and file="file". 1532 * 1533 * If the path does not contain / at all, we set dir=NULL. 1534 * (We get a path without any slashes if we are dealing with 1535 * classic `[user@]host:[file]' or URL `ftp://host/file'.) 1536 * 1537 * In all other cases, we set dir to a string that does not 1538 * include the final '/' that separates the dir part from the 1539 * file part of the path. (This will be the empty string if 1540 * and only if we are dealing with a path of the form `/file' 1541 * resulting from an URL of the form `ftp://host//file'.) 1542 */ 1543 cp = strrchr(dir, '/'); 1544 if (cp == dir && urltype == CLASSIC_URL_T) { 1545 file = cp + 1; 1546 (void)strlcpy(dirbuf, "/", sizeof(dirbuf)); 1547 dir = dirbuf; 1548 } else if (cp != NULL) { 1549 *cp++ = '\0'; 1550 file = cp; 1551 } else { 1552 file = dir; 1553 dir = NULL; 1554 } 1555 } else 1556 dir = NULL; 1557 if (urltype == FTP_URL_T && file != NULL) { 1558 url_decode(file); 1559 /* but still don't url_decode(dir) */ 1560 } 1561 DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s " 1562 "path `%s' dir `%s' file `%s'\n", 1563 STRorNULL(uuser), STRorNULL(pass), 1564 STRorNULL(host), STRorNULL(port), 1565 STRorNULL(path), STRorNULL(dir), STRorNULL(file)); 1566 1567 dirhasglob = filehasglob = 0; 1568 if (doglob && urltype == CLASSIC_URL_T) { 1569 if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL) 1570 dirhasglob = 1; 1571 if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL) 1572 filehasglob = 1; 1573 } 1574 1575 /* Set up the connection */ 1576 oanonftp = anonftp; 1577 if (connected) 1578 disconnect(0, NULL); 1579 anonftp = oanonftp; 1580 (void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf)); 1581 xargv[0] = cmdbuf; 1582 xargv[1] = host; 1583 xargv[2] = NULL; 1584 xargc = 2; 1585 if (port) { 1586 xargv[2] = port; 1587 xargv[3] = NULL; 1588 xargc = 3; 1589 } 1590 oautologin = autologin; 1591 /* don't autologin in setpeer(), use ftp_login() below */ 1592 autologin = 0; 1593 setpeer(xargc, xargv); 1594 autologin = oautologin; 1595 if ((connected == 0) || 1596 (connected == 1 && !ftp_login(host, uuser, pass))) { 1597 warnx("Can't connect or login to host `%s:%s'", 1598 host, port ? port : "?"); 1599 goto cleanup_fetch_ftp; 1600 } 1601 1602 switch (transtype) { 1603 case TYPE_A: 1604 setascii(1, xargv); 1605 break; 1606 case TYPE_I: 1607 setbinary(1, xargv); 1608 break; 1609 default: 1610 errx(1, "fetch_ftp: unknown transfer type %d", transtype); 1611 } 1612 1613 /* 1614 * Change directories, if necessary. 1615 * 1616 * Note: don't use EMPTYSTRING(dir) below, because 1617 * dir=="" means something different from dir==NULL. 1618 */ 1619 if (dir != NULL && !dirhasglob) { 1620 char *nextpart; 1621 1622 /* 1623 * If we are dealing with a classic `[user@]host:[path]' 1624 * (urltype is CLASSIC_URL_T) then we have a raw directory 1625 * name (not encoded in any way) and we can change 1626 * directories in one step. 1627 * 1628 * If we are dealing with an `ftp://host/path' URL 1629 * (urltype is FTP_URL_T), then RFC 3986 says we need to 1630 * send a separate CWD command for each unescaped "/" 1631 * in the path, and we have to interpret %hex escaping 1632 * *after* we find the slashes. It's possible to get 1633 * empty components here, (from multiple adjacent 1634 * slashes in the path) and RFC 3986 says that we should 1635 * still do `CWD ' (with a null argument) in such cases. 1636 * 1637 * Many ftp servers don't support `CWD ', so if there's an 1638 * error performing that command, bail out with a descriptive 1639 * message. 1640 * 1641 * Examples: 1642 * 1643 * host: dir="", urltype=CLASSIC_URL_T 1644 * logged in (to default directory) 1645 * host:file dir=NULL, urltype=CLASSIC_URL_T 1646 * "RETR file" 1647 * host:dir/ dir="dir", urltype=CLASSIC_URL_T 1648 * "CWD dir", logged in 1649 * ftp://host/ dir="", urltype=FTP_URL_T 1650 * logged in (to default directory) 1651 * ftp://host/dir/ dir="dir", urltype=FTP_URL_T 1652 * "CWD dir", logged in 1653 * ftp://host/file dir=NULL, urltype=FTP_URL_T 1654 * "RETR file" 1655 * ftp://host//file dir="", urltype=FTP_URL_T 1656 * "CWD ", "RETR file" 1657 * host:/file dir="/", urltype=CLASSIC_URL_T 1658 * "CWD /", "RETR file" 1659 * ftp://host///file dir="/", urltype=FTP_URL_T 1660 * "CWD ", "CWD ", "RETR file" 1661 * ftp://host/%2F/file dir="%2F", urltype=FTP_URL_T 1662 * "CWD /", "RETR file" 1663 * ftp://host/foo/file dir="foo", urltype=FTP_URL_T 1664 * "CWD foo", "RETR file" 1665 * ftp://host/foo/bar/file dir="foo/bar" 1666 * "CWD foo", "CWD bar", "RETR file" 1667 * ftp://host//foo/bar/file dir="/foo/bar" 1668 * "CWD ", "CWD foo", "CWD bar", "RETR file" 1669 * ftp://host/foo//bar/file dir="foo//bar" 1670 * "CWD foo", "CWD ", "CWD bar", "RETR file" 1671 * ftp://host/%2F/foo/bar/file dir="%2F/foo/bar" 1672 * "CWD /", "CWD foo", "CWD bar", "RETR file" 1673 * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar" 1674 * "CWD /foo", "CWD bar", "RETR file" 1675 * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar" 1676 * "CWD /foo/bar", "RETR file" 1677 * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL 1678 * "RETR /foo/bar/file" 1679 * 1680 * Note that we don't need `dir' after this point. 1681 */ 1682 do { 1683 if (urltype == FTP_URL_T) { 1684 nextpart = strchr(dir, '/'); 1685 if (nextpart) { 1686 *nextpart = '\0'; 1687 nextpart++; 1688 } 1689 url_decode(dir); 1690 } else 1691 nextpart = NULL; 1692 DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n", 1693 STRorNULL(dir), STRorNULL(nextpart)); 1694 if (urltype == FTP_URL_T || *dir != '\0') { 1695 (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf)); 1696 xargv[0] = cmdbuf; 1697 xargv[1] = dir; 1698 xargv[2] = NULL; 1699 dirchange = 0; 1700 cd(2, xargv); 1701 if (! dirchange) { 1702 if (*dir == '\0' && code == 500) 1703 fprintf(stderr, 1704 "\n" 1705 "ftp: The `CWD ' command (without a directory), which is required by\n" 1706 " RFC 3986 to support the empty directory in the URL pathname (`//'),\n" 1707 " conflicts with the server's conformance to RFC 959.\n" 1708 " Try the same URL without the `//' in the URL pathname.\n" 1709 "\n"); 1710 goto cleanup_fetch_ftp; 1711 } 1712 } 1713 dir = nextpart; 1714 } while (dir != NULL); 1715 } 1716 1717 if (EMPTYSTRING(file)) { 1718 rval = -1; 1719 goto cleanup_fetch_ftp; 1720 } 1721 1722 if (dirhasglob) { 1723 (void)strlcpy(rempath, dir, sizeof(rempath)); 1724 (void)strlcat(rempath, "/", sizeof(rempath)); 1725 (void)strlcat(rempath, file, sizeof(rempath)); 1726 file = rempath; 1727 } 1728 1729 /* Fetch the file(s). */ 1730 xargc = 2; 1731 (void)strlcpy(cmdbuf, "get", sizeof(cmdbuf)); 1732 xargv[0] = cmdbuf; 1733 xargv[1] = file; 1734 xargv[2] = NULL; 1735 if (dirhasglob || filehasglob) { 1736 int ointeractive; 1737 1738 ointeractive = interactive; 1739 interactive = 0; 1740 if (restartautofetch) 1741 (void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf)); 1742 else 1743 (void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf)); 1744 xargv[0] = cmdbuf; 1745 mget(xargc, xargv); 1746 interactive = ointeractive; 1747 } else { 1748 if (outfile == NULL) { 1749 cp = strrchr(file, '/'); /* find savefile */ 1750 if (cp != NULL) 1751 outfile = cp + 1; 1752 else 1753 outfile = file; 1754 } 1755 xargv[2] = (char *)outfile; 1756 xargv[3] = NULL; 1757 xargc++; 1758 if (restartautofetch) 1759 reget(xargc, xargv); 1760 else 1761 get(xargc, xargv); 1762 } 1763 1764 if ((code / 100) == COMPLETE) 1765 rval = 0; 1766 1767 cleanup_fetch_ftp: 1768 FREEPTR(port); 1769 FREEPTR(host); 1770 FREEPTR(path); 1771 FREEPTR(uuser); 1772 if (pass) 1773 memset(pass, 0, strlen(pass)); 1774 FREEPTR(pass); 1775 return (rval); 1776 } 1777 1778 /* 1779 * Retrieve the given file to outfile. 1780 * Supports arguments of the form: 1781 * "host:path", "ftp://host/path" if $ftpproxy, call fetch_url() else 1782 * call fetch_ftp() 1783 * "http://host/path" call fetch_url() to use HTTP 1784 * "file:///path" call fetch_url() to copy 1785 * "about:..." print a message 1786 * 1787 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection 1788 * is still open (e.g, ftp xfer with trailing /) 1789 */ 1790 static int 1791 go_fetch(const char *url) 1792 { 1793 char *proxyenv; 1794 char *p; 1795 1796 #ifndef NO_ABOUT 1797 /* 1798 * Check for about:* 1799 */ 1800 if (STRNEQUAL(url, ABOUT_URL)) { 1801 url += sizeof(ABOUT_URL) -1; 1802 if (strcasecmp(url, "ftp") == 0 || 1803 strcasecmp(url, "tnftp") == 0) { 1804 fputs( 1805 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n" 1806 "for the NetBSD project. Execute `man ftp' for more details.\n", ttyout); 1807 } else if (strcasecmp(url, "lukem") == 0) { 1808 fputs( 1809 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n" 1810 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout); 1811 } else if (strcasecmp(url, "netbsd") == 0) { 1812 fputs( 1813 "NetBSD is a freely available and redistributable UNIX-like operating system.\n" 1814 "For more information, see http://www.NetBSD.org/\n", ttyout); 1815 } else if (strcasecmp(url, "version") == 0) { 1816 fprintf(ttyout, "Version: %s %s%s\n", 1817 FTP_PRODUCT, FTP_VERSION, 1818 #ifdef INET6 1819 "" 1820 #else 1821 " (-IPv6)" 1822 #endif 1823 ); 1824 } else { 1825 fprintf(ttyout, "`%s' is an interesting topic.\n", url); 1826 } 1827 fputs("\n", ttyout); 1828 return (0); 1829 } 1830 #endif 1831 1832 /* 1833 * Check for file:// and http:// URLs. 1834 */ 1835 if (STRNEQUAL(url, HTTP_URL) 1836 #ifdef WITH_SSL 1837 || STRNEQUAL(url, HTTPS_URL) 1838 #endif 1839 || STRNEQUAL(url, FILE_URL)) 1840 return (fetch_url(url, NULL, NULL, NULL)); 1841 1842 /* 1843 * If it contains "://" but does not begin with ftp:// 1844 * or something that was already handled, then it's 1845 * unsupported. 1846 * 1847 * If it contains ":" but not "://" then we assume the 1848 * part before the colon is a host name, not an URL scheme, 1849 * so we don't try to match that here. 1850 */ 1851 if ((p = strstr(url, "://")) != NULL && ! STRNEQUAL(url, FTP_URL)) 1852 errx(1, "Unsupported URL scheme `%.*s'", (int)(p - url), url); 1853 1854 /* 1855 * Try FTP URL-style and host:file arguments next. 1856 * If ftpproxy is set with an FTP URL, use fetch_url() 1857 * Othewise, use fetch_ftp(). 1858 */ 1859 proxyenv = getoptionvalue("ftp_proxy"); 1860 if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL)) 1861 return (fetch_url(url, NULL, NULL, NULL)); 1862 1863 return (fetch_ftp(url)); 1864 } 1865 1866 /* 1867 * Retrieve multiple files from the command line, 1868 * calling go_fetch() for each file. 1869 * 1870 * If an ftp path has a trailing "/", the path will be cd-ed into and 1871 * the connection remains open, and the function will return -1 1872 * (to indicate the connection is alive). 1873 * If an error occurs the return value will be the offset+1 in 1874 * argv[] of the file that caused a problem (i.e, argv[x] 1875 * returns x+1) 1876 * Otherwise, 0 is returned if all files retrieved successfully. 1877 */ 1878 int 1879 auto_fetch(int argc, char *argv[]) 1880 { 1881 volatile int argpos, rval; 1882 1883 argpos = rval = 0; 1884 1885 if (sigsetjmp(toplevel, 1)) { 1886 if (connected) 1887 disconnect(0, NULL); 1888 if (rval > 0) 1889 rval = argpos + 1; 1890 return (rval); 1891 } 1892 (void)xsignal(SIGINT, intr); 1893 (void)xsignal(SIGPIPE, lostpeer); 1894 1895 /* 1896 * Loop through as long as there's files to fetch. 1897 */ 1898 for (; (rval == 0) && (argpos < argc); argpos++) { 1899 if (strchr(argv[argpos], ':') == NULL) 1900 break; 1901 redirect_loop = 0; 1902 if (!anonftp) 1903 anonftp = 2; /* Handle "automatic" transfers. */ 1904 rval = go_fetch(argv[argpos]); 1905 if (outfile != NULL && strcmp(outfile, "-") != 0 1906 && outfile[0] != '|') 1907 outfile = NULL; 1908 if (rval > 0) 1909 rval = argpos + 1; 1910 } 1911 1912 if (connected && rval != -1) 1913 disconnect(0, NULL); 1914 return (rval); 1915 } 1916 1917 1918 /* 1919 * Upload multiple files from the command line. 1920 * 1921 * If an error occurs the return value will be the offset+1 in 1922 * argv[] of the file that caused a problem (i.e, argv[x] 1923 * returns x+1) 1924 * Otherwise, 0 is returned if all files uploaded successfully. 1925 */ 1926 int 1927 auto_put(int argc, char **argv, const char *uploadserver) 1928 { 1929 char *uargv[4], *path, *pathsep; 1930 int uargc, rval, argpos; 1931 size_t len; 1932 char cmdbuf[MAX_C_NAME]; 1933 1934 (void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf)); 1935 uargv[0] = cmdbuf; 1936 uargv[1] = argv[0]; 1937 uargc = 2; 1938 uargv[2] = uargv[3] = NULL; 1939 pathsep = NULL; 1940 rval = 1; 1941 1942 DPRINTF("auto_put: target `%s'\n", uploadserver); 1943 1944 path = ftp_strdup(uploadserver); 1945 len = strlen(path); 1946 if (path[len - 1] != '/' && path[len - 1] != ':') { 1947 /* 1948 * make sure we always pass a directory to auto_fetch 1949 */ 1950 if (argc > 1) { /* more than one file to upload */ 1951 len = strlen(uploadserver) + 2; /* path + "/" + "\0" */ 1952 free(path); 1953 path = (char *)ftp_malloc(len); 1954 (void)strlcpy(path, uploadserver, len); 1955 (void)strlcat(path, "/", len); 1956 } else { /* single file to upload */ 1957 (void)strlcpy(cmdbuf, "put", sizeof(cmdbuf)); 1958 uargv[0] = cmdbuf; 1959 pathsep = strrchr(path, '/'); 1960 if (pathsep == NULL) { 1961 pathsep = strrchr(path, ':'); 1962 if (pathsep == NULL) { 1963 warnx("Invalid URL `%s'", path); 1964 goto cleanup_auto_put; 1965 } 1966 pathsep++; 1967 uargv[2] = ftp_strdup(pathsep); 1968 pathsep[0] = '/'; 1969 } else 1970 uargv[2] = ftp_strdup(pathsep + 1); 1971 pathsep[1] = '\0'; 1972 uargc++; 1973 } 1974 } 1975 DPRINTF("auto_put: URL `%s' argv[2] `%s'\n", 1976 path, STRorNULL(uargv[2])); 1977 1978 /* connect and cwd */ 1979 rval = auto_fetch(1, &path); 1980 if(rval >= 0) 1981 goto cleanup_auto_put; 1982 1983 rval = 0; 1984 1985 /* target filename provided; upload 1 file */ 1986 /* XXX : is this the best way? */ 1987 if (uargc == 3) { 1988 uargv[1] = argv[0]; 1989 put(uargc, uargv); 1990 if ((code / 100) != COMPLETE) 1991 rval = 1; 1992 } else { /* otherwise a target dir: upload all files to it */ 1993 for(argpos = 0; argv[argpos] != NULL; argpos++) { 1994 uargv[1] = argv[argpos]; 1995 mput(uargc, uargv); 1996 if ((code / 100) != COMPLETE) { 1997 rval = argpos + 1; 1998 break; 1999 } 2000 } 2001 } 2002 2003 cleanup_auto_put: 2004 free(path); 2005 FREEPTR(uargv[2]); 2006 return (rval); 2007 } 2008