1 /* $OpenBSD: fetch.c,v 1.213 2022/12/26 19:16:01 jmc Exp $ */ 2 /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ 3 4 /*- 5 * Copyright (c) 1997 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Jason Thorpe and Luke Mewburn. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * FTP User Program -- Command line file retrieval 35 */ 36 37 #include <sys/types.h> 38 #include <sys/socket.h> 39 #include <sys/stat.h> 40 41 #include <netinet/in.h> 42 43 #include <arpa/ftp.h> 44 #include <arpa/inet.h> 45 46 #include <ctype.h> 47 #include <err.h> 48 #include <libgen.h> 49 #include <netdb.h> 50 #include <fcntl.h> 51 #include <signal.h> 52 #include <vis.h> 53 #include <stdio.h> 54 #include <stdarg.h> 55 #include <errno.h> 56 #include <stdlib.h> 57 #include <string.h> 58 #include <unistd.h> 59 #include <resolv.h> 60 #include <utime.h> 61 62 #ifndef NOSSL 63 #include <tls.h> 64 #else /* !NOSSL */ 65 struct tls; 66 #endif /* !NOSSL */ 67 68 #include "ftp_var.h" 69 #include "cmds.h" 70 71 static int file_get(const char *, const char *); 72 static int url_get(const char *, const char *, const char *, int); 73 static int save_chunked(FILE *, struct tls *, int , char *, size_t); 74 static void aborthttp(int); 75 static char hextochar(const char *); 76 static char *urldecode(const char *); 77 static char *recode_credentials(const char *_userinfo); 78 static void ftp_close(FILE **, struct tls **, int *); 79 static const char *sockerror(struct tls *); 80 #ifdef SMALL 81 #define ftp_printf(fp, ...) fprintf(fp, __VA_ARGS__) 82 #else 83 static int ftp_printf(FILE *, const char *, ...); 84 #endif /* SMALL */ 85 #ifndef NOSSL 86 static int proxy_connect(int, char *, char *); 87 static int stdio_tls_write_wrapper(void *, const char *, int); 88 static int stdio_tls_read_wrapper(void *, char *, int); 89 #endif /* !NOSSL */ 90 91 #define FTP_URL "ftp://" /* ftp URL prefix */ 92 #define HTTP_URL "http://" /* http URL prefix */ 93 #define HTTPS_URL "https://" /* https URL prefix */ 94 #define FILE_URL "file:" /* file URL prefix */ 95 #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */ 96 #define HTTP_PROXY "http_proxy" /* env var with http proxy location */ 97 98 #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0')) 99 100 static const char at_encoding_warning[] = 101 "Extra `@' characters in usernames and passwords should be encoded as %%40"; 102 103 static jmp_buf httpabort; 104 105 static int redirect_loop; 106 static int retried; 107 108 /* 109 * Determine whether the character needs encoding, per RFC2396. 110 */ 111 static int 112 to_encode(const char *c0) 113 { 114 /* 2.4.3. Excluded US-ASCII Characters */ 115 const char *excluded_chars = 116 " " /* space */ 117 "<>#\"" /* delims (modulo "%", see below) */ 118 "{}|\\^[]`" /* unwise */ 119 ; 120 const unsigned char *c = (const unsigned char *)c0; 121 122 /* 123 * No corresponding graphic US-ASCII. 124 * Control characters and octets not used in US-ASCII. 125 */ 126 return (iscntrl(*c) || !isascii(*c) || 127 128 /* 129 * '%' is also reserved, if is not followed by two 130 * hexadecimal digits. 131 */ 132 strchr(excluded_chars, *c) != NULL || 133 (*c == '%' && (!isxdigit(c[1]) || !isxdigit(c[2])))); 134 } 135 136 /* 137 * Encode given URL, per RFC2396. 138 * Allocate and return string to the caller. 139 */ 140 static char * 141 url_encode(const char *path) 142 { 143 size_t i, length, new_length; 144 char *epath, *epathp; 145 146 length = new_length = strlen(path); 147 148 /* 149 * First pass: 150 * Count characters to encode and determine length of the final URL. 151 */ 152 for (i = 0; i < length; i++) 153 if (to_encode(path + i)) 154 new_length += 2; 155 156 epath = epathp = malloc(new_length + 1); /* One more for '\0'. */ 157 if (epath == NULL) 158 err(1, "Can't allocate memory for URL encoding"); 159 160 /* 161 * Second pass: 162 * Encode, and copy final URL. 163 */ 164 for (i = 0; i < length; i++) 165 if (to_encode(path + i)) { 166 snprintf(epathp, 4, "%%" "%02x", 167 (unsigned char)path[i]); 168 epathp += 3; 169 } else 170 *(epathp++) = path[i]; 171 172 *epathp = '\0'; 173 return (epath); 174 } 175 176 /* 177 * Copy a local file (used by the OpenBSD installer). 178 * Returns -1 on failure, 0 on success 179 */ 180 static int 181 file_get(const char *path, const char *outfile) 182 { 183 struct stat st; 184 int fd, out = -1, rval = -1, save_errno; 185 volatile sig_t oldintr, oldinti; 186 const char *savefile; 187 char *buf = NULL, *cp, *pathbuf = NULL; 188 const size_t buflen = 128 * 1024; 189 off_t hashbytes; 190 ssize_t len, wlen; 191 192 direction = "received"; 193 194 fd = open(path, O_RDONLY); 195 if (fd == -1) { 196 warn("Can't open file %s", path); 197 return -1; 198 } 199 200 if (fstat(fd, &st) == -1) 201 filesize = -1; 202 else 203 filesize = st.st_size; 204 205 if (outfile != NULL) 206 savefile = outfile; 207 else { 208 if (path[strlen(path) - 1] == '/') /* Consider no file */ 209 savefile = NULL; /* after dir invalid. */ 210 else { 211 pathbuf = strdup(path); 212 if (pathbuf == NULL) 213 errx(1, "Can't allocate memory for filename"); 214 savefile = basename(pathbuf); 215 } 216 } 217 218 if (EMPTYSTRING(savefile)) { 219 warnx("No filename after directory (use -o): %s", path); 220 goto cleanup_copy; 221 } 222 223 /* Open the output file. */ 224 if (!pipeout) { 225 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); 226 if (out == -1) { 227 warn("Can't open %s", savefile); 228 goto cleanup_copy; 229 } 230 } else 231 out = fileno(stdout); 232 233 if ((buf = malloc(buflen)) == NULL) 234 errx(1, "Can't allocate memory for transfer buffer"); 235 236 /* Trap signals */ 237 oldintr = NULL; 238 oldinti = NULL; 239 if (setjmp(httpabort)) { 240 if (oldintr) 241 (void)signal(SIGINT, oldintr); 242 if (oldinti) 243 (void)signal(SIGINFO, oldinti); 244 goto cleanup_copy; 245 } 246 oldintr = signal(SIGINT, aborthttp); 247 248 bytes = 0; 249 hashbytes = mark; 250 progressmeter(-1, path); 251 252 /* Finally, suck down the file. */ 253 oldinti = signal(SIGINFO, psummary); 254 while ((len = read(fd, buf, buflen)) > 0) { 255 bytes += len; 256 for (cp = buf; len > 0; len -= wlen, cp += wlen) { 257 if ((wlen = write(out, cp, len)) == -1) { 258 warn("Writing %s", savefile); 259 signal(SIGINT, oldintr); 260 signal(SIGINFO, oldinti); 261 goto cleanup_copy; 262 } 263 } 264 if (hash && !progress) { 265 while (bytes >= hashbytes) { 266 (void)putc('#', ttyout); 267 hashbytes += mark; 268 } 269 (void)fflush(ttyout); 270 } 271 } 272 save_errno = errno; 273 signal(SIGINT, oldintr); 274 signal(SIGINFO, oldinti); 275 if (hash && !progress && bytes > 0) { 276 if (bytes < mark) 277 (void)putc('#', ttyout); 278 (void)putc('\n', ttyout); 279 (void)fflush(ttyout); 280 } 281 if (len == -1) { 282 warnc(save_errno, "Reading from file"); 283 goto cleanup_copy; 284 } 285 progressmeter(1, NULL); 286 if (verbose) 287 ptransfer(0); 288 289 rval = 0; 290 291 cleanup_copy: 292 free(buf); 293 free(pathbuf); 294 if (out >= 0 && out != fileno(stdout)) 295 close(out); 296 close(fd); 297 298 return rval; 299 } 300 301 /* 302 * Retrieve URL, via the proxy in $proxyvar if necessary. 303 * Returns -1 on failure, 0 on success 304 */ 305 static int 306 url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile) 307 { 308 char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; 309 char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; 310 char *epath, *redirurl, *loctail, *h, *p, gerror[200]; 311 int error, isftpurl = 0, isredirect = 0, rval = -1; 312 int isunavail = 0, retryafter = -1; 313 struct addrinfo hints, *res0, *res; 314 const char *savefile; 315 char *pathbuf = NULL; 316 char *proxyurl = NULL; 317 char *credentials = NULL, *proxy_credentials = NULL; 318 int fd = -1, out = -1; 319 volatile sig_t oldintr, oldinti; 320 FILE *fin = NULL; 321 off_t hashbytes; 322 const char *errstr; 323 ssize_t len, wlen; 324 size_t bufsize; 325 char *proxyhost = NULL; 326 #ifndef NOSSL 327 char *sslpath = NULL, *sslhost = NULL; 328 int ishttpsurl = 0; 329 #endif /* !NOSSL */ 330 #ifndef SMALL 331 char *full_host = NULL; 332 const char *scheme; 333 char *locbase; 334 struct addrinfo *ares = NULL; 335 char tmbuf[32]; 336 time_t mtime = 0; 337 struct stat stbuf; 338 struct tm lmt = { 0 }; 339 struct timespec ts[2]; 340 #endif /* !SMALL */ 341 struct tls *tls = NULL; 342 int status; 343 int save_errno; 344 const size_t buflen = 128 * 1024; 345 int chunked = 0; 346 347 direction = "received"; 348 349 newline = strdup(origline); 350 if (newline == NULL) 351 errx(1, "Can't allocate memory to parse URL"); 352 if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) { 353 host = newline + sizeof(HTTP_URL) - 1; 354 #ifndef SMALL 355 scheme = HTTP_URL; 356 #endif /* !SMALL */ 357 } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 358 host = newline + sizeof(FTP_URL) - 1; 359 isftpurl = 1; 360 #ifndef SMALL 361 scheme = FTP_URL; 362 #endif /* !SMALL */ 363 } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { 364 #ifndef NOSSL 365 host = newline + sizeof(HTTPS_URL) - 1; 366 ishttpsurl = 1; 367 #else 368 errx(1, "%s: No HTTPS support", newline); 369 #endif /* !NOSSL */ 370 #ifndef SMALL 371 scheme = HTTPS_URL; 372 #endif /* !SMALL */ 373 } else 374 errx(1, "%s: URL not permitted", newline); 375 376 path = strchr(host, '/'); /* Find path */ 377 378 /* 379 * Look for auth header in host. 380 * Basic auth from RFC 2617, valid characters for path are in 381 * RFC 3986 section 3.3. 382 */ 383 if (!isftpurl) { 384 p = strchr(host, '@'); 385 if (p != NULL && (path == NULL || p < path)) { 386 *p++ = '\0'; 387 credentials = recode_credentials(host); 388 389 /* Overwrite userinfo */ 390 memmove(host, p, strlen(p) + 1); 391 path = strchr(host, '/'); 392 } 393 } 394 395 if (EMPTYSTRING(path)) { 396 if (outfile) { /* No slash, but */ 397 path = strchr(host,'\0'); /* we have outfile. */ 398 goto noslash; 399 } 400 if (isftpurl) 401 goto noftpautologin; 402 warnx("No `/' after host (use -o): %s", origline); 403 goto cleanup_url_get; 404 } 405 *path++ = '\0'; 406 if (EMPTYSTRING(path) && !outfile) { 407 if (isftpurl) 408 goto noftpautologin; 409 warnx("No filename after host (use -o): %s", origline); 410 goto cleanup_url_get; 411 } 412 413 noslash: 414 if (outfile) 415 savefile = outfile; 416 else { 417 if (path[strlen(path) - 1] == '/') /* Consider no file */ 418 savefile = NULL; /* after dir invalid. */ 419 else { 420 pathbuf = strdup(path); 421 if (pathbuf == NULL) 422 errx(1, "Can't allocate memory for filename"); 423 savefile = basename(pathbuf); 424 } 425 } 426 427 if (EMPTYSTRING(savefile)) { 428 if (isftpurl) 429 goto noftpautologin; 430 warnx("No filename after directory (use -o): %s", origline); 431 goto cleanup_url_get; 432 } 433 434 #ifndef SMALL 435 if (resume && pipeout) { 436 warnx("can't append to stdout"); 437 goto cleanup_url_get; 438 } 439 #endif /* !SMALL */ 440 441 if (proxyenv != NULL) { /* use proxy */ 442 #ifndef NOSSL 443 if (ishttpsurl) { 444 sslpath = strdup(path); 445 sslhost = strdup(host); 446 if (! sslpath || ! sslhost) 447 errx(1, "Can't allocate memory for https path/host."); 448 } 449 #endif /* !NOSSL */ 450 proxyhost = strdup(host); 451 if (proxyhost == NULL) 452 errx(1, "Can't allocate memory for proxy host."); 453 proxyurl = strdup(proxyenv); 454 if (proxyurl == NULL) 455 errx(1, "Can't allocate memory for proxy URL."); 456 if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 457 host = proxyurl + sizeof(HTTP_URL) - 1; 458 else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) 459 host = proxyurl + sizeof(FTP_URL) - 1; 460 else { 461 warnx("Malformed proxy URL: %s", proxyenv); 462 goto cleanup_url_get; 463 } 464 if (EMPTYSTRING(host)) { 465 warnx("Malformed proxy URL: %s", proxyenv); 466 goto cleanup_url_get; 467 } 468 if (*--path == '\0') 469 *path = '/'; /* add / back to real path */ 470 path = strchr(host, '/'); /* remove trailing / on host */ 471 if (!EMPTYSTRING(path)) 472 *path++ = '\0'; /* i guess this ++ is useless */ 473 474 path = strchr(host, '@'); /* look for credentials in proxy */ 475 if (!EMPTYSTRING(path)) { 476 *path = '\0'; 477 if (strchr(host, ':') == NULL) { 478 warnx("Malformed proxy URL: %s", proxyenv); 479 goto cleanup_url_get; 480 } 481 proxy_credentials = recode_credentials(host); 482 *path = '@'; /* restore @ in proxyurl */ 483 484 /* 485 * This removes the password from proxyurl, 486 * filling with stars 487 */ 488 for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@'; 489 host++) 490 *host = '*'; 491 492 host = path + 1; 493 } 494 495 path = newline; 496 } 497 498 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 499 (hosttail[1] == '\0' || hosttail[1] == ':')) { 500 host++; 501 *hosttail++ = '\0'; 502 #ifndef SMALL 503 if (asprintf(&full_host, "[%s]", host) == -1) 504 errx(1, "Cannot allocate memory for hostname"); 505 #endif /* !SMALL */ 506 } else 507 hosttail = host; 508 509 portnum = strrchr(hosttail, ':'); /* find portnum */ 510 if (portnum != NULL) 511 *portnum++ = '\0'; 512 #ifndef NOSSL 513 port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); 514 #else /* !NOSSL */ 515 port = portnum ? portnum : httpport; 516 #endif /* !NOSSL */ 517 518 #ifndef SMALL 519 if (full_host == NULL) 520 if ((full_host = strdup(host)) == NULL) 521 errx(1, "Cannot allocate memory for hostname"); 522 if (debug) 523 fprintf(ttyout, "host %s, port %s, path %s, " 524 "save as %s, auth %s.\n", host, port, path, 525 savefile, credentials ? credentials : "none"); 526 #endif /* !SMALL */ 527 528 memset(&hints, 0, sizeof(hints)); 529 hints.ai_family = family; 530 hints.ai_socktype = SOCK_STREAM; 531 error = getaddrinfo(host, port, &hints, &res0); 532 /* 533 * If the services file is corrupt/missing, fall back 534 * on our hard-coded defines. 535 */ 536 if (error == EAI_SERVICE && port == httpport) { 537 snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); 538 error = getaddrinfo(host, pbuf, &hints, &res0); 539 #ifndef NOSSL 540 } else if (error == EAI_SERVICE && port == httpsport) { 541 snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); 542 error = getaddrinfo(host, pbuf, &hints, &res0); 543 #endif /* !NOSSL */ 544 } 545 if (error) { 546 warnx("%s: %s", host, gai_strerror(error)); 547 goto cleanup_url_get; 548 } 549 550 #ifndef SMALL 551 if (srcaddr) { 552 hints.ai_flags |= AI_NUMERICHOST; 553 error = getaddrinfo(srcaddr, NULL, &hints, &ares); 554 if (error) { 555 warnx("%s: %s", srcaddr, gai_strerror(error)); 556 goto cleanup_url_get; 557 } 558 } 559 #endif /* !SMALL */ 560 561 /* ensure consistent order of the output */ 562 if (verbose) 563 setvbuf(ttyout, NULL, _IOLBF, 0); 564 565 fd = -1; 566 for (res = res0; res; res = res->ai_next) { 567 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, 568 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) 569 strlcpy(hbuf, "(unknown)", sizeof(hbuf)); 570 if (verbose) 571 fprintf(ttyout, "Trying %s...\n", hbuf); 572 573 fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 574 if (fd == -1) { 575 cause = "socket"; 576 continue; 577 } 578 579 #ifndef SMALL 580 if (srcaddr) { 581 if (ares->ai_family != res->ai_family) { 582 close(fd); 583 fd = -1; 584 errno = EINVAL; 585 cause = "bind"; 586 continue; 587 } 588 if (bind(fd, ares->ai_addr, ares->ai_addrlen) == -1) { 589 save_errno = errno; 590 close(fd); 591 errno = save_errno; 592 fd = -1; 593 cause = "bind"; 594 continue; 595 } 596 } 597 #endif /* !SMALL */ 598 599 error = timed_connect(fd, res->ai_addr, res->ai_addrlen, 600 connect_timeout); 601 if (error != 0) { 602 save_errno = errno; 603 close(fd); 604 errno = save_errno; 605 fd = -1; 606 cause = "connect"; 607 continue; 608 } 609 610 /* get port in numeric */ 611 if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, 612 pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) 613 port = pbuf; 614 else 615 port = NULL; 616 617 #ifndef NOSSL 618 if (proxyenv && sslhost) 619 proxy_connect(fd, sslhost, proxy_credentials); 620 #endif /* !NOSSL */ 621 break; 622 } 623 freeaddrinfo(res0); 624 #ifndef SMALL 625 if (srcaddr) 626 freeaddrinfo(ares); 627 #endif /* !SMALL */ 628 if (fd < 0) { 629 warn("%s", cause); 630 goto cleanup_url_get; 631 } 632 633 #ifndef NOSSL 634 if (ishttpsurl) { 635 ssize_t ret; 636 if (proxyenv && sslpath) { 637 ishttpsurl = 0; 638 proxyurl = NULL; 639 path = sslpath; 640 } 641 if (sslhost == NULL) { 642 sslhost = strdup(host); 643 if (sslhost == NULL) 644 errx(1, "Can't allocate memory for https host."); 645 } 646 if ((tls = tls_client()) == NULL) { 647 fprintf(ttyout, "failed to create SSL client\n"); 648 goto cleanup_url_get; 649 } 650 if (tls_configure(tls, tls_config) != 0) { 651 fprintf(ttyout, "TLS configuration failure: %s\n", 652 tls_error(tls)); 653 goto cleanup_url_get; 654 } 655 if (tls_connect_socket(tls, fd, sslhost) != 0) { 656 fprintf(ttyout, "TLS connect failure: %s\n", tls_error(tls)); 657 goto cleanup_url_get; 658 } 659 do { 660 ret = tls_handshake(tls); 661 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 662 if (ret != 0) { 663 fprintf(ttyout, "TLS handshake failure: %s\n", tls_error(tls)); 664 goto cleanup_url_get; 665 } 666 fin = funopen(tls, stdio_tls_read_wrapper, 667 stdio_tls_write_wrapper, NULL, NULL); 668 } else { 669 fin = fdopen(fd, "r+"); 670 fd = -1; 671 } 672 #else /* !NOSSL */ 673 fin = fdopen(fd, "r+"); 674 fd = -1; 675 #endif /* !NOSSL */ 676 677 #ifdef SMALL 678 if (lastfile) { 679 if (pipeout) { 680 if (pledge("stdio rpath inet dns tty", NULL) == -1) 681 err(1, "pledge"); 682 } else { 683 if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1) 684 err(1, "pledge"); 685 } 686 } 687 #endif 688 689 /* 690 * Construct and send the request. Proxy requests don't want leading /. 691 */ 692 #ifndef NOSSL 693 cookie_get(host, path, ishttpsurl, &buf); 694 #endif /* !NOSSL */ 695 696 epath = url_encode(path); 697 if (proxyurl) { 698 if (verbose) { 699 fprintf(ttyout, "Requesting %s (via %s)\n", 700 origline, proxyurl); 701 } 702 /* 703 * Host: directive must use the destination host address for 704 * the original URI (path). 705 */ 706 ftp_printf(fin, "GET %s HTTP/1.1\r\n" 707 "Connection: close\r\n" 708 "Host: %s\r\n%s%s\r\n", 709 epath, proxyhost, buf ? buf : "", httpuseragent); 710 if (credentials) 711 ftp_printf(fin, "Authorization: Basic %s\r\n", 712 credentials); 713 if (proxy_credentials) 714 ftp_printf(fin, "Proxy-Authorization: Basic %s\r\n", 715 proxy_credentials); 716 ftp_printf(fin, "\r\n"); 717 } else { 718 if (verbose) 719 fprintf(ttyout, "Requesting %s\n", origline); 720 #ifndef SMALL 721 if (resume || timestamp) { 722 if (stat(savefile, &stbuf) == 0) { 723 if (resume) 724 restart_point = stbuf.st_size; 725 if (timestamp) 726 mtime = stbuf.st_mtime; 727 } else { 728 restart_point = 0; 729 mtime = 0; 730 } 731 } 732 #endif /* SMALL */ 733 ftp_printf(fin, 734 "GET /%s HTTP/1.1\r\n" 735 "Connection: close\r\n" 736 "Host: ", epath); 737 if (proxyhost) { 738 ftp_printf(fin, "%s", proxyhost); 739 port = NULL; 740 } else if (strchr(host, ':')) { 741 /* 742 * strip off scoped address portion, since it's 743 * local to node 744 */ 745 h = strdup(host); 746 if (h == NULL) 747 errx(1, "Can't allocate memory."); 748 if ((p = strchr(h, '%')) != NULL) 749 *p = '\0'; 750 ftp_printf(fin, "[%s]", h); 751 free(h); 752 } else 753 ftp_printf(fin, "%s", host); 754 755 /* 756 * Send port number only if it's specified and does not equal 757 * 80. Some broken HTTP servers get confused if you explicitly 758 * send them the port number. 759 */ 760 #ifndef NOSSL 761 if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) 762 ftp_printf(fin, ":%s", port); 763 if (restart_point) 764 ftp_printf(fin, "\r\nRange: bytes=%lld-", 765 (long long)restart_point); 766 #else /* !NOSSL */ 767 if (port && strcmp(port, "80") != 0) 768 ftp_printf(fin, ":%s", port); 769 #endif /* !NOSSL */ 770 771 #ifndef SMALL 772 if (mtime && (http_time(mtime, tmbuf, sizeof(tmbuf)) != 0)) 773 ftp_printf(fin, "\r\nIf-Modified-Since: %s", tmbuf); 774 #endif /* SMALL */ 775 776 ftp_printf(fin, "\r\n%s%s\r\n", 777 buf ? buf : "", httpuseragent); 778 if (credentials) 779 ftp_printf(fin, "Authorization: Basic %s\r\n", 780 credentials); 781 ftp_printf(fin, "\r\n"); 782 } 783 free(epath); 784 785 #ifndef NOSSL 786 free(buf); 787 #endif /* !NOSSL */ 788 buf = NULL; 789 bufsize = 0; 790 791 if (fflush(fin) == EOF) { 792 warnx("Writing HTTP request: %s", sockerror(tls)); 793 goto cleanup_url_get; 794 } 795 if ((len = getline(&buf, &bufsize, fin)) == -1) { 796 warnx("Receiving HTTP reply: %s", sockerror(tls)); 797 goto cleanup_url_get; 798 } 799 800 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 801 buf[--len] = '\0'; 802 #ifndef SMALL 803 if (debug) 804 fprintf(ttyout, "received '%s'\n", buf); 805 #endif /* !SMALL */ 806 807 cp = strchr(buf, ' '); 808 if (cp == NULL) 809 goto improper; 810 else 811 cp++; 812 813 strlcpy(ststr, cp, sizeof(ststr)); 814 status = strtonum(ststr, 200, 503, &errstr); 815 if (errstr) { 816 strnvis(gerror, cp, sizeof gerror, VIS_SAFE); 817 warnx("Error retrieving %s: %s", origline, gerror); 818 goto cleanup_url_get; 819 } 820 821 switch (status) { 822 case 200: /* OK */ 823 #ifndef SMALL 824 /* 825 * When we request a partial file, and we receive an HTTP 200 826 * it is a good indication that the server doesn't support 827 * range requests, and is about to send us the entire file. 828 * If the restart_point == 0, then we are not actually 829 * requesting a partial file, and an HTTP 200 is appropriate. 830 */ 831 if (resume && restart_point != 0) { 832 warnx("Server does not support resume."); 833 restart_point = resume = 0; 834 } 835 /* FALLTHROUGH */ 836 case 206: /* Partial Content */ 837 #endif /* !SMALL */ 838 break; 839 case 301: /* Moved Permanently */ 840 case 302: /* Found */ 841 case 303: /* See Other */ 842 case 307: /* Temporary Redirect */ 843 case 308: /* Permanent Redirect (RFC 7538) */ 844 isredirect++; 845 if (redirect_loop++ > 10) { 846 warnx("Too many redirections requested"); 847 goto cleanup_url_get; 848 } 849 break; 850 #ifndef SMALL 851 case 304: /* Not Modified */ 852 warnx("File is not modified on the server"); 853 goto cleanup_url_get; 854 case 416: /* Requested Range Not Satisfiable */ 855 warnx("File is already fully retrieved."); 856 goto cleanup_url_get; 857 #endif /* !SMALL */ 858 case 503: 859 isunavail = 1; 860 break; 861 default: 862 strnvis(gerror, cp, sizeof gerror, VIS_SAFE); 863 warnx("Error retrieving %s: %s", origline, gerror); 864 goto cleanup_url_get; 865 } 866 867 /* 868 * Read the rest of the header. 869 */ 870 filesize = -1; 871 872 for (;;) { 873 if ((len = getline(&buf, &bufsize, fin)) == -1) { 874 warnx("Receiving HTTP reply: %s", sockerror(tls)); 875 goto cleanup_url_get; 876 } 877 878 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n' || 879 buf[len-1] == ' ' || buf[len-1] == '\t')) 880 buf[--len] = '\0'; 881 if (len == 0) 882 break; 883 #ifndef SMALL 884 if (debug) 885 fprintf(ttyout, "received '%s'\n", buf); 886 #endif /* !SMALL */ 887 888 /* Look for some headers */ 889 cp = buf; 890 #define CONTENTLEN "Content-Length:" 891 if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { 892 cp += sizeof(CONTENTLEN) - 1; 893 cp += strspn(cp, " \t"); 894 cp[strcspn(cp, " \t")] = '\0'; 895 filesize = strtonum(cp, 0, LLONG_MAX, &errstr); 896 if (errstr != NULL) 897 goto improper; 898 #ifndef SMALL 899 if (restart_point) 900 filesize += restart_point; 901 #endif /* !SMALL */ 902 #define LOCATION "Location:" 903 } else if (isredirect && 904 strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { 905 cp += sizeof(LOCATION) - 1; 906 cp += strspn(cp, " \t"); 907 /* 908 * If there is a colon before the first slash, this URI 909 * is not relative. RFC 3986 4.2 910 */ 911 if (cp[strcspn(cp, ":/")] != ':') { 912 #ifdef SMALL 913 errx(1, "Relative redirect not supported"); 914 #else /* SMALL */ 915 /* XXX doesn't handle protocol-relative URIs */ 916 if (*cp == '/') { 917 locbase = NULL; 918 cp++; 919 } else { 920 locbase = strdup(path); 921 if (locbase == NULL) 922 errx(1, "Can't allocate memory" 923 " for location base"); 924 loctail = strchr(locbase, '#'); 925 if (loctail != NULL) 926 *loctail = '\0'; 927 loctail = strchr(locbase, '?'); 928 if (loctail != NULL) 929 *loctail = '\0'; 930 loctail = strrchr(locbase, '/'); 931 if (loctail == NULL) { 932 free(locbase); 933 locbase = NULL; 934 } else 935 loctail[1] = '\0'; 936 } 937 /* Construct URL from relative redirect */ 938 if (asprintf(&redirurl, "%s%s%s%s/%s%s", 939 scheme, full_host, 940 portnum ? ":" : "", 941 portnum ? portnum : "", 942 locbase ? locbase : "", 943 cp) == -1) 944 errx(1, "Cannot build " 945 "redirect URL"); 946 free(locbase); 947 #endif /* SMALL */ 948 } else if ((redirurl = strdup(cp)) == NULL) 949 errx(1, "Cannot allocate memory for URL"); 950 loctail = strchr(redirurl, '#'); 951 if (loctail != NULL) 952 *loctail = '\0'; 953 if (verbose) { 954 char *visbuf; 955 if (stravis(&visbuf, redirurl, VIS_SAFE) == -1) 956 err(1, "Cannot vis redirect URL"); 957 fprintf(ttyout, "Redirected to %s\n", visbuf); 958 free(visbuf); 959 } 960 ftp_close(&fin, &tls, &fd); 961 rval = url_get(redirurl, proxyenv, savefile, lastfile); 962 free(redirurl); 963 goto cleanup_url_get; 964 #define RETRYAFTER "Retry-After:" 965 } else if (isunavail && 966 strncasecmp(cp, RETRYAFTER, sizeof(RETRYAFTER) - 1) == 0) { 967 size_t s; 968 cp += sizeof(RETRYAFTER) - 1; 969 cp += strspn(cp, " \t"); 970 cp[strcspn(cp, " \t")] = '\0'; 971 retryafter = strtonum(cp, 0, 0, &errstr); 972 if (errstr != NULL) 973 retryafter = -1; 974 #define TRANSFER_ENCODING "Transfer-Encoding:" 975 } else if (strncasecmp(cp, TRANSFER_ENCODING, 976 sizeof(TRANSFER_ENCODING) - 1) == 0) { 977 cp += sizeof(TRANSFER_ENCODING) - 1; 978 cp += strspn(cp, " \t"); 979 cp[strcspn(cp, " \t")] = '\0'; 980 if (strcasecmp(cp, "chunked") == 0) 981 chunked = 1; 982 #ifndef SMALL 983 #define LAST_MODIFIED "Last-Modified:" 984 } else if (strncasecmp(cp, LAST_MODIFIED, 985 sizeof(LAST_MODIFIED) - 1) == 0) { 986 cp += sizeof(LAST_MODIFIED) - 1; 987 cp[strcspn(cp, "\t")] = '\0'; 988 if (strptime(cp, "%a, %d %h %Y %T %Z", &lmt) == NULL) 989 server_timestamps = 0; 990 #endif /* !SMALL */ 991 } 992 } 993 free(buf); 994 buf = NULL; 995 996 /* Content-Length should be ignored for Transfer-Encoding: chunked */ 997 if (chunked) 998 filesize = -1; 999 1000 if (isunavail) { 1001 if (retried || retryafter != 0) 1002 warnx("Error retrieving %s: 503 Service Unavailable", 1003 origline); 1004 else { 1005 if (verbose) 1006 fprintf(ttyout, "Retrying %s\n", origline); 1007 retried = 1; 1008 ftp_close(&fin, &tls, &fd); 1009 rval = url_get(origline, proxyenv, savefile, lastfile); 1010 } 1011 goto cleanup_url_get; 1012 } 1013 1014 /* Open the output file. */ 1015 if (!pipeout) { 1016 #ifndef SMALL 1017 if (resume) 1018 out = open(savefile, O_CREAT | O_WRONLY | O_APPEND, 1019 0666); 1020 else 1021 #endif /* !SMALL */ 1022 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 1023 0666); 1024 if (out == -1) { 1025 warn("Can't open %s", savefile); 1026 goto cleanup_url_get; 1027 } 1028 } else { 1029 out = fileno(stdout); 1030 #ifdef SMALL 1031 if (lastfile) { 1032 if (pledge("stdio tty", NULL) == -1) 1033 err(1, "pledge"); 1034 } 1035 #endif 1036 } 1037 1038 if ((buf = malloc(buflen)) == NULL) 1039 errx(1, "Can't allocate memory for transfer buffer"); 1040 1041 /* Trap signals */ 1042 oldintr = NULL; 1043 oldinti = NULL; 1044 if (setjmp(httpabort)) { 1045 if (oldintr) 1046 (void)signal(SIGINT, oldintr); 1047 if (oldinti) 1048 (void)signal(SIGINFO, oldinti); 1049 goto cleanup_url_get; 1050 } 1051 oldintr = signal(SIGINT, aborthttp); 1052 1053 bytes = 0; 1054 hashbytes = mark; 1055 progressmeter(-1, path); 1056 1057 /* Finally, suck down the file. */ 1058 oldinti = signal(SIGINFO, psummary); 1059 if (chunked) { 1060 error = save_chunked(fin, tls, out, buf, buflen); 1061 signal(SIGINT, oldintr); 1062 signal(SIGINFO, oldinti); 1063 if (error == -1) 1064 goto cleanup_url_get; 1065 } else { 1066 while ((len = fread(buf, 1, buflen, fin)) > 0) { 1067 bytes += len; 1068 for (cp = buf; len > 0; len -= wlen, cp += wlen) { 1069 if ((wlen = write(out, cp, len)) == -1) { 1070 warn("Writing %s", savefile); 1071 signal(SIGINT, oldintr); 1072 signal(SIGINFO, oldinti); 1073 goto cleanup_url_get; 1074 } 1075 } 1076 if (hash && !progress) { 1077 while (bytes >= hashbytes) { 1078 (void)putc('#', ttyout); 1079 hashbytes += mark; 1080 } 1081 (void)fflush(ttyout); 1082 } 1083 } 1084 save_errno = errno; 1085 signal(SIGINT, oldintr); 1086 signal(SIGINFO, oldinti); 1087 if (hash && !progress && bytes > 0) { 1088 if (bytes < mark) 1089 (void)putc('#', ttyout); 1090 (void)putc('\n', ttyout); 1091 (void)fflush(ttyout); 1092 } 1093 if (len == 0 && ferror(fin)) { 1094 errno = save_errno; 1095 warnx("Reading from socket: %s", sockerror(tls)); 1096 goto cleanup_url_get; 1097 } 1098 } 1099 progressmeter(1, NULL); 1100 if ( 1101 #ifndef SMALL 1102 !resume && 1103 #endif /* !SMALL */ 1104 filesize != -1 && len == 0 && bytes != filesize) { 1105 if (verbose) 1106 fputs("Read short file.\n", ttyout); 1107 goto cleanup_url_get; 1108 } 1109 1110 if (verbose) 1111 ptransfer(0); 1112 1113 rval = 0; 1114 goto cleanup_url_get; 1115 1116 noftpautologin: 1117 warnx( 1118 "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); 1119 goto cleanup_url_get; 1120 1121 improper: 1122 warnx("Improper response from %s", host); 1123 1124 cleanup_url_get: 1125 #ifndef SMALL 1126 free(full_host); 1127 #endif /* !SMALL */ 1128 #ifndef NOSSL 1129 free(sslhost); 1130 #endif /* !NOSSL */ 1131 ftp_close(&fin, &tls, &fd); 1132 if (out >= 0 && out != fileno(stdout)) { 1133 #ifndef SMALL 1134 if (server_timestamps && lmt.tm_zone != 0 && 1135 fstat(out, &stbuf) == 0 && S_ISREG(stbuf.st_mode) != 0) { 1136 ts[0].tv_nsec = UTIME_NOW; 1137 ts[1].tv_nsec = 0; 1138 setenv("TZ", lmt.tm_zone, 1); 1139 if (((ts[1].tv_sec = mktime(&lmt)) != -1) && 1140 (futimens(out, ts) == -1)) 1141 warnx("Unable to set file modification time"); 1142 } 1143 #endif /* !SMALL */ 1144 close(out); 1145 } 1146 free(buf); 1147 free(pathbuf); 1148 free(proxyhost); 1149 free(proxyurl); 1150 free(newline); 1151 free(credentials); 1152 free(proxy_credentials); 1153 return (rval); 1154 } 1155 1156 static int 1157 save_chunked(FILE *fin, struct tls *tls, int out, char *buf, size_t buflen) 1158 { 1159 1160 char *header = NULL, *end, *cp; 1161 unsigned long chunksize; 1162 size_t hsize = 0, rlen, wlen; 1163 ssize_t written; 1164 char cr, lf; 1165 1166 for (;;) { 1167 if (getline(&header, &hsize, fin) == -1) 1168 break; 1169 /* strip CRLF and any optional chunk extension */ 1170 header[strcspn(header, "; \t\r\n")] = '\0'; 1171 errno = 0; 1172 chunksize = strtoul(header, &end, 16); 1173 if (errno || header[0] == '\0' || *end != '\0' || 1174 chunksize > INT_MAX) { 1175 warnx("Invalid chunk size '%s'", header); 1176 free(header); 1177 return -1; 1178 } 1179 1180 if (chunksize == 0) { 1181 /* We're done. Ignore optional trailer. */ 1182 free(header); 1183 return 0; 1184 } 1185 1186 for (written = 0; chunksize != 0; chunksize -= rlen) { 1187 rlen = (chunksize < buflen) ? chunksize : buflen; 1188 rlen = fread(buf, 1, rlen, fin); 1189 if (rlen == 0) 1190 break; 1191 bytes += rlen; 1192 for (cp = buf, wlen = rlen; wlen > 0; 1193 wlen -= written, cp += written) { 1194 if ((written = write(out, cp, wlen)) == -1) { 1195 warn("Writing output file"); 1196 free(header); 1197 return -1; 1198 } 1199 } 1200 } 1201 1202 if (rlen == 0 || 1203 fread(&cr, 1, 1, fin) != 1 || 1204 fread(&lf, 1, 1, fin) != 1) 1205 break; 1206 1207 if (cr != '\r' || lf != '\n') { 1208 warnx("Invalid chunked encoding"); 1209 free(header); 1210 return -1; 1211 } 1212 } 1213 free(header); 1214 1215 if (ferror(fin)) 1216 warnx("Error while reading from socket: %s", sockerror(tls)); 1217 else 1218 warnx("Invalid chunked encoding: short read"); 1219 1220 return -1; 1221 } 1222 1223 /* 1224 * Abort a http retrieval 1225 */ 1226 /* ARGSUSED */ 1227 static void 1228 aborthttp(int signo) 1229 { 1230 const char errmsg[] = "\nfetch aborted.\n"; 1231 1232 write(fileno(ttyout), errmsg, sizeof(errmsg) - 1); 1233 longjmp(httpabort, 1); 1234 } 1235 1236 /* 1237 * Retrieve multiple files from the command line, transferring 1238 * files of the form "host:path", "ftp://host/path" using the 1239 * ftp protocol, and files of the form "http://host/path" using 1240 * the http protocol. 1241 * If path has a trailing "/", then return (-1); 1242 * the path will be cd-ed into and the connection remains open, 1243 * and the function will return -1 (to indicate the connection 1244 * is alive). 1245 * If an error occurs the return value will be the offset+1 in 1246 * argv[] of the file that caused a problem (i.e, argv[x] 1247 * returns x+1) 1248 * Otherwise, 0 is returned if all files retrieved successfully. 1249 */ 1250 int 1251 auto_fetch(int argc, char *argv[], char *outfile) 1252 { 1253 char *xargv[5]; 1254 char *cp, *url, *host, *dir, *file, *portnum; 1255 char *username, *pass, *pathstart; 1256 char *ftpproxy, *httpproxy; 1257 int rval, xargc, lastfile; 1258 volatile int argpos; 1259 int dirhasglob, filehasglob, oautologin; 1260 char rempath[PATH_MAX]; 1261 1262 argpos = 0; 1263 1264 if (setjmp(toplevel)) { 1265 if (connected) 1266 disconnect(0, NULL); 1267 return (argpos + 1); 1268 } 1269 (void)signal(SIGINT, (sig_t)intr); 1270 (void)signal(SIGPIPE, (sig_t)lostpeer); 1271 1272 if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0') 1273 ftpproxy = NULL; 1274 if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0') 1275 httpproxy = NULL; 1276 1277 /* 1278 * Loop through as long as there's files to fetch. 1279 */ 1280 username = pass = NULL; 1281 for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) { 1282 if (strchr(argv[argpos], ':') == NULL) 1283 break; 1284 1285 free(username); 1286 free(pass); 1287 host = dir = file = portnum = username = pass = NULL; 1288 1289 lastfile = (argv[argpos+1] == NULL); 1290 1291 /* 1292 * We muck with the string, so we make a copy. 1293 */ 1294 url = strdup(argv[argpos]); 1295 if (url == NULL) 1296 errx(1, "Can't allocate memory for auto-fetch."); 1297 1298 if (strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 1299 if (file_get(url + sizeof(FILE_URL) - 1, outfile) == -1) 1300 rval = argpos + 1; 1301 continue; 1302 } 1303 1304 /* 1305 * Try HTTP URL-style arguments next. 1306 */ 1307 if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1308 strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0) { 1309 redirect_loop = 0; 1310 retried = 0; 1311 if (url_get(url, httpproxy, outfile, lastfile) == -1) 1312 rval = argpos + 1; 1313 continue; 1314 } 1315 1316 /* 1317 * Try FTP URL-style arguments next. If ftpproxy is 1318 * set, use url_get() instead of standard ftp. 1319 * Finally, try host:file. 1320 */ 1321 host = url; 1322 if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 1323 char *passend, *passagain, *userend; 1324 1325 if (ftpproxy) { 1326 if (url_get(url, ftpproxy, outfile, lastfile) == -1) 1327 rval = argpos + 1; 1328 continue; 1329 } 1330 host += sizeof(FTP_URL) - 1; 1331 dir = strchr(host, '/'); 1332 1333 /* Look for [user:pass@]host[:port] */ 1334 1335 /* check if we have "user:pass@" */ 1336 userend = strchr(host, ':'); 1337 passend = strchr(host, '@'); 1338 if (passend && userend && userend < passend && 1339 (!dir || passend < dir)) { 1340 username = host; 1341 pass = userend + 1; 1342 host = passend + 1; 1343 *userend = *passend = '\0'; 1344 passagain = strchr(host, '@'); 1345 if (strchr(pass, '@') != NULL || 1346 (passagain != NULL && passagain < dir)) { 1347 warnx(at_encoding_warning); 1348 username = pass = NULL; 1349 goto bad_ftp_url; 1350 } 1351 1352 if (EMPTYSTRING(username)) { 1353 bad_ftp_url: 1354 warnx("Invalid URL: %s", argv[argpos]); 1355 rval = argpos + 1; 1356 username = pass = NULL; 1357 continue; 1358 } 1359 username = urldecode(username); 1360 pass = urldecode(pass); 1361 } 1362 1363 /* check [host]:port, or [host] */ 1364 if (host[0] == '[') { 1365 cp = strchr(host, ']'); 1366 if (cp && (!dir || cp < dir)) { 1367 if (cp + 1 == dir || cp[1] == ':') { 1368 host++; 1369 *cp++ = '\0'; 1370 } else 1371 cp = NULL; 1372 } else 1373 cp = host; 1374 } else 1375 cp = host; 1376 1377 /* split off host[:port] if there is */ 1378 if (cp) { 1379 portnum = strchr(cp, ':'); 1380 pathstart = strchr(cp, '/'); 1381 /* : in path is not a port # indicator */ 1382 if (portnum && pathstart && 1383 pathstart < portnum) 1384 portnum = NULL; 1385 1386 if (!portnum) 1387 ; 1388 else { 1389 if (!dir) 1390 ; 1391 else if (portnum + 1 < dir) { 1392 *portnum++ = '\0'; 1393 /* 1394 * XXX should check if portnum 1395 * is decimal number 1396 */ 1397 } else { 1398 /* empty portnum */ 1399 goto bad_ftp_url; 1400 } 1401 } 1402 } else 1403 portnum = NULL; 1404 } else { /* classic style `host:file' */ 1405 dir = strchr(host, ':'); 1406 } 1407 if (EMPTYSTRING(host)) { 1408 rval = argpos + 1; 1409 continue; 1410 } 1411 1412 /* 1413 * If dir is NULL, the file wasn't specified 1414 * (URL looked something like ftp://host) 1415 */ 1416 if (dir != NULL) 1417 *dir++ = '\0'; 1418 1419 /* 1420 * Extract the file and (if present) directory name. 1421 */ 1422 if (!EMPTYSTRING(dir)) { 1423 cp = strrchr(dir, '/'); 1424 if (cp != NULL) { 1425 *cp++ = '\0'; 1426 file = cp; 1427 } else { 1428 file = dir; 1429 dir = NULL; 1430 } 1431 } 1432 #ifndef SMALL 1433 if (debug) 1434 fprintf(ttyout, 1435 "user %s:%s host %s port %s dir %s file %s\n", 1436 username, pass ? "XXXX" : NULL, host, portnum, 1437 dir, file); 1438 #endif /* !SMALL */ 1439 1440 /* 1441 * Set up the connection. 1442 */ 1443 if (connected) 1444 disconnect(0, NULL); 1445 xargv[0] = __progname; 1446 xargv[1] = host; 1447 xargv[2] = NULL; 1448 xargc = 2; 1449 if (!EMPTYSTRING(portnum)) { 1450 xargv[2] = portnum; 1451 xargv[3] = NULL; 1452 xargc = 3; 1453 } 1454 oautologin = autologin; 1455 if (username == NULL) 1456 anonftp = 1; 1457 else { 1458 anonftp = 0; 1459 autologin = 0; 1460 } 1461 setpeer(xargc, xargv); 1462 autologin = oautologin; 1463 if (connected == 0 || 1464 (connected == 1 && autologin && (username == NULL || 1465 !ftp_login(host, username, pass)))) { 1466 warnx("Can't connect or login to host `%s'", host); 1467 rval = argpos + 1; 1468 continue; 1469 } 1470 1471 /* Always use binary transfers. */ 1472 setbinary(0, NULL); 1473 1474 dirhasglob = filehasglob = 0; 1475 if (doglob) { 1476 if (!EMPTYSTRING(dir) && 1477 strpbrk(dir, "*?[]{}") != NULL) 1478 dirhasglob = 1; 1479 if (!EMPTYSTRING(file) && 1480 strpbrk(file, "*?[]{}") != NULL) 1481 filehasglob = 1; 1482 } 1483 1484 /* Change directories, if necessary. */ 1485 if (!EMPTYSTRING(dir) && !dirhasglob) { 1486 xargv[0] = "cd"; 1487 xargv[1] = dir; 1488 xargv[2] = NULL; 1489 cd(2, xargv); 1490 if (!dirchange) { 1491 rval = argpos + 1; 1492 continue; 1493 } 1494 } 1495 1496 if (EMPTYSTRING(file)) { 1497 #ifndef SMALL 1498 rval = -1; 1499 #else /* !SMALL */ 1500 recvrequest("NLST", "-", NULL, "w", 0, 0); 1501 rval = 0; 1502 #endif /* !SMALL */ 1503 continue; 1504 } 1505 1506 if (verbose) 1507 fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file); 1508 1509 if (dirhasglob) { 1510 snprintf(rempath, sizeof(rempath), "%s/%s", dir, file); 1511 file = rempath; 1512 } 1513 1514 /* Fetch the file(s). */ 1515 xargc = 2; 1516 xargv[0] = "get"; 1517 xargv[1] = file; 1518 xargv[2] = NULL; 1519 if (dirhasglob || filehasglob) { 1520 int ointeractive; 1521 1522 ointeractive = interactive; 1523 interactive = 0; 1524 xargv[0] = "mget"; 1525 #ifndef SMALL 1526 if (resume) { 1527 xargc = 3; 1528 xargv[1] = "-c"; 1529 xargv[2] = file; 1530 xargv[3] = NULL; 1531 } 1532 #endif /* !SMALL */ 1533 mget(xargc, xargv); 1534 interactive = ointeractive; 1535 } else { 1536 if (outfile != NULL) { 1537 xargv[2] = outfile; 1538 xargv[3] = NULL; 1539 xargc++; 1540 } 1541 #ifndef SMALL 1542 if (resume) 1543 reget(xargc, xargv); 1544 else 1545 #endif /* !SMALL */ 1546 get(xargc, xargv); 1547 } 1548 1549 if ((code / 100) != COMPLETE) 1550 rval = argpos + 1; 1551 } 1552 if (connected && rval != -1) 1553 disconnect(0, NULL); 1554 return (rval); 1555 } 1556 1557 char * 1558 urldecode(const char *str) 1559 { 1560 char *ret, c; 1561 int i, reallen; 1562 1563 if (str == NULL) 1564 return NULL; 1565 if ((ret = malloc(strlen(str) + 1)) == NULL) 1566 err(1, "Can't allocate memory for URL decoding"); 1567 for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) { 1568 c = str[i]; 1569 if (c == '+') { 1570 *ret = ' '; 1571 continue; 1572 } 1573 1574 /* Cannot use strtol here because next char 1575 * after %xx may be a digit. 1576 */ 1577 if (c == '%' && isxdigit((unsigned char)str[i + 1]) && 1578 isxdigit((unsigned char)str[i + 2])) { 1579 *ret = hextochar(&str[i + 1]); 1580 i += 2; 1581 continue; 1582 } 1583 *ret = c; 1584 } 1585 *ret = '\0'; 1586 1587 return ret - reallen; 1588 } 1589 1590 static char * 1591 recode_credentials(const char *userinfo) 1592 { 1593 char *ui, *creds; 1594 size_t ulen, credsize; 1595 1596 /* url-decode the user and pass */ 1597 ui = urldecode(userinfo); 1598 1599 ulen = strlen(ui); 1600 credsize = (ulen + 2) / 3 * 4 + 1; 1601 creds = malloc(credsize); 1602 if (creds == NULL) 1603 errx(1, "out of memory"); 1604 if (b64_ntop(ui, ulen, creds, credsize) == -1) 1605 errx(1, "error in base64 encoding"); 1606 free(ui); 1607 return (creds); 1608 } 1609 1610 static char 1611 hextochar(const char *str) 1612 { 1613 unsigned char c, ret; 1614 1615 c = str[0]; 1616 ret = c; 1617 if (isalpha(c)) 1618 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1619 else 1620 ret -= '0'; 1621 ret *= 16; 1622 1623 c = str[1]; 1624 ret += c; 1625 if (isalpha(c)) 1626 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1627 else 1628 ret -= '0'; 1629 return ret; 1630 } 1631 1632 int 1633 isurl(const char *p) 1634 { 1635 1636 if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || 1637 strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1638 #ifndef NOSSL 1639 strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || 1640 #endif /* !NOSSL */ 1641 strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || 1642 strstr(p, ":/")) 1643 return (1); 1644 return (0); 1645 } 1646 1647 #ifndef SMALL 1648 static int 1649 ftp_printf(FILE *fp, const char *fmt, ...) 1650 { 1651 va_list ap; 1652 int ret; 1653 1654 va_start(ap, fmt); 1655 ret = vfprintf(fp, fmt, ap); 1656 va_end(ap); 1657 1658 if (debug) { 1659 va_start(ap, fmt); 1660 vfprintf(ttyout, fmt, ap); 1661 va_end(ap); 1662 } 1663 1664 return ret; 1665 } 1666 #endif /* !SMALL */ 1667 1668 static void 1669 ftp_close(FILE **fin, struct tls **tls, int *fd) 1670 { 1671 #ifndef NOSSL 1672 int ret; 1673 1674 if (*tls != NULL) { 1675 if (tls_session_fd != -1) 1676 dprintf(STDERR_FILENO, "tls session resumed: %s\n", 1677 tls_conn_session_resumed(*tls) ? "yes" : "no"); 1678 do { 1679 ret = tls_close(*tls); 1680 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1681 tls_free(*tls); 1682 *tls = NULL; 1683 } 1684 if (*fd != -1) { 1685 close(*fd); 1686 *fd = -1; 1687 } 1688 #endif 1689 if (*fin != NULL) { 1690 fclose(*fin); 1691 *fin = NULL; 1692 } 1693 } 1694 1695 static const char * 1696 sockerror(struct tls *tls) 1697 { 1698 int save_errno = errno; 1699 #ifndef NOSSL 1700 if (tls != NULL) { 1701 const char *tlserr = tls_error(tls); 1702 if (tlserr != NULL) 1703 return tlserr; 1704 } 1705 #endif 1706 return strerror(save_errno); 1707 } 1708 1709 #ifndef NOSSL 1710 static int 1711 proxy_connect(int socket, char *host, char *cookie) 1712 { 1713 int l; 1714 char buf[1024]; 1715 char *connstr, *hosttail, *port; 1716 1717 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 1718 (hosttail[1] == '\0' || hosttail[1] == ':')) { 1719 host++; 1720 *hosttail++ = '\0'; 1721 } else 1722 hosttail = host; 1723 1724 port = strrchr(hosttail, ':'); /* find portnum */ 1725 if (port != NULL) 1726 *port++ = '\0'; 1727 if (!port) 1728 port = "443"; 1729 1730 if (cookie) { 1731 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n" 1732 "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n", 1733 host, port, cookie, HTTP_USER_AGENT); 1734 } else { 1735 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n", 1736 host, port, HTTP_USER_AGENT); 1737 } 1738 1739 if (l == -1) 1740 errx(1, "Could not allocate memory to assemble connect string!"); 1741 #ifndef SMALL 1742 if (debug) 1743 printf("%s", connstr); 1744 #endif /* !SMALL */ 1745 if (write(socket, connstr, l) != l) 1746 err(1, "Could not send connect string"); 1747 read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */ 1748 free(connstr); 1749 return(200); 1750 } 1751 1752 static int 1753 stdio_tls_write_wrapper(void *arg, const char *buf, int len) 1754 { 1755 struct tls *tls = arg; 1756 ssize_t ret; 1757 1758 do { 1759 ret = tls_write(tls, buf, len); 1760 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1761 1762 return ret; 1763 } 1764 1765 static int 1766 stdio_tls_read_wrapper(void *arg, char *buf, int len) 1767 { 1768 struct tls *tls = arg; 1769 ssize_t ret; 1770 1771 do { 1772 ret = tls_read(tls, buf, len); 1773 } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT); 1774 1775 return ret; 1776 } 1777 #endif /* !NOSSL */ 1778