1 /* $OpenBSD: fetch.c,v 1.97 2009/10/16 12:28:04 martynas Exp $ */ 2 /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ 3 4 /*- 5 * Copyright (c) 1997 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Jason Thorpe and Luke Mewburn. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * FTP User Program -- Command line file retrieval 35 */ 36 37 #include <sys/types.h> 38 #include <sys/param.h> 39 #include <sys/socket.h> 40 #include <sys/stat.h> 41 42 #include <netinet/in.h> 43 44 #include <arpa/ftp.h> 45 #include <arpa/inet.h> 46 47 #include <ctype.h> 48 #include <err.h> 49 #include <libgen.h> 50 #include <limits.h> 51 #include <netdb.h> 52 #include <fcntl.h> 53 #include <signal.h> 54 #include <stdio.h> 55 #include <stdarg.h> 56 #include <errno.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <unistd.h> 60 #include <util.h> 61 #include <resolv.h> 62 63 #ifndef SMALL 64 #include <openssl/ssl.h> 65 #include <openssl/err.h> 66 #else /* !SMALL */ 67 #define SSL void 68 #endif /* !SMALL */ 69 70 #include "ftp_var.h" 71 #include "cmds.h" 72 73 static int url_get(const char *, const char *, const char *); 74 void aborthttp(int); 75 void abortfile(int); 76 char hextochar(const char *); 77 char *urldecode(const char *); 78 int ftp_printf(FILE *, SSL *, const char *, ...) __attribute__((format(printf, 3, 4))); 79 char *ftp_readline(FILE *, SSL *, size_t *); 80 size_t ftp_read(FILE *, SSL *, char *, size_t); 81 #ifndef SMALL 82 int proxy_connect(int, char *, char *); 83 int SSL_vprintf(SSL *, const char *, va_list); 84 char *SSL_readline(SSL *, size_t *); 85 #endif /* !SMALL */ 86 87 #define FTP_URL "ftp://" /* ftp URL prefix */ 88 #define HTTP_URL "http://" /* http URL prefix */ 89 #define HTTPS_URL "https://" /* https URL prefix */ 90 #define FILE_URL "file:" /* file URL prefix */ 91 #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */ 92 #define HTTP_PROXY "http_proxy" /* env var with http proxy location */ 93 94 #define COOKIE_MAX_LEN 42 95 96 #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0')) 97 98 static const char *at_encoding_warning = 99 "Extra `@' characters in usernames and passwords should be encoded as %%40"; 100 101 jmp_buf httpabort; 102 103 static int redirect_loop; 104 105 /* 106 * Determine whether the character needs encoding, per RFC1738: 107 * - No corresponding graphic US-ASCII. 108 * - Unsafe characters. 109 */ 110 static int 111 unsafe_char(const char *c) 112 { 113 const char *unsafe_chars = " <>\"#{}|\\^~[]`"; 114 115 /* 116 * No corresponding graphic US-ASCII. 117 * Control characters and octets not used in US-ASCII. 118 */ 119 return (iscntrl(*c) || !isascii(*c) || 120 121 /* 122 * Unsafe characters. 123 * '%' is also unsafe, if is not followed by two 124 * hexadecimal digits. 125 */ 126 strchr(unsafe_chars, *c) != NULL || 127 (*c == '%' && (!isxdigit(*++c) || !isxdigit(*++c)))); 128 } 129 130 /* 131 * Encode given URL, per RFC1738. 132 * Allocate and return string to the caller. 133 */ 134 static char * 135 url_encode(const char *path) 136 { 137 size_t i, length, new_length; 138 char *epath, *epathp; 139 140 length = new_length = strlen(path); 141 142 /* 143 * First pass: 144 * Count unsafe characters, and determine length of the 145 * final URL. 146 */ 147 for (i = 0; i < length; i++) 148 if (unsafe_char(path + i)) 149 new_length += 2; 150 151 epath = epathp = malloc(new_length + 1); /* One more for '\0'. */ 152 if (epath == NULL) 153 return NULL; 154 155 /* 156 * Second pass: 157 * Encode, and copy final URL. 158 */ 159 for (i = 0; i < length; i++) 160 if (unsafe_char(path + i)) { 161 snprintf(epathp, 4, "%%" "%02x", path[i]); 162 epathp += 3; 163 } else 164 *(epathp++) = path[i]; 165 166 *epathp = '\0'; 167 return (epath); 168 } 169 170 /* 171 * Retrieve URL, via the proxy in $proxyvar if necessary. 172 * Modifies the string argument given. 173 * Returns -1 on failure, 0 on success 174 */ 175 static int 176 url_get(const char *origline, const char *proxyenv, const char *outfile) 177 { 178 char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; 179 char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; 180 char *epath; 181 int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1; 182 struct addrinfo hints, *res0, *res; 183 const char * volatile savefile; 184 char * volatile proxyurl = NULL; 185 char *cookie = NULL; 186 volatile int s = -1, out; 187 volatile sig_t oldintr, oldinti; 188 FILE *fin = NULL; 189 off_t hashbytes; 190 const char *errstr; 191 size_t len, wlen; 192 #ifndef SMALL 193 char *sslpath = NULL, *sslhost = NULL; 194 int ishttpsurl = 0; 195 SSL_CTX *ssl_ctx = NULL; 196 #endif /* !SMALL */ 197 SSL *ssl = NULL; 198 int status; 199 200 direction = "received"; 201 202 newline = strdup(origline); 203 if (newline == NULL) 204 errx(1, "Can't allocate memory to parse URL"); 205 if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 206 host = newline + sizeof(HTTP_URL) - 1; 207 else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 208 host = newline + sizeof(FTP_URL) - 1; 209 isftpurl = 1; 210 } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 211 host = newline + sizeof(FILE_URL) - 1; 212 isfileurl = 1; 213 #ifndef SMALL 214 } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { 215 host = newline + sizeof(HTTPS_URL) - 1; 216 ishttpsurl = 1; 217 #endif /* !SMALL */ 218 } else 219 errx(1, "url_get: Invalid URL '%s'", newline); 220 221 if (isfileurl) { 222 path = host; 223 } else { 224 path = strchr(host, '/'); /* Find path */ 225 if (EMPTYSTRING(path)) { 226 if (outfile) { /* No slash, but */ 227 path=strchr(host,'\0'); /* we have outfile. */ 228 goto noslash; 229 } 230 if (isftpurl) 231 goto noftpautologin; 232 warnx("No `/' after host (use -o): %s", origline); 233 goto cleanup_url_get; 234 } 235 *path++ = '\0'; 236 if (EMPTYSTRING(path) && !outfile) { 237 if (isftpurl) 238 goto noftpautologin; 239 warnx("No filename after host (use -o): %s", origline); 240 goto cleanup_url_get; 241 } 242 } 243 244 noslash: 245 if (outfile) 246 savefile = outfile; 247 else { 248 if (path[strlen(path) - 1] == '/') /* Consider no file */ 249 savefile = NULL; /* after dir invalid. */ 250 else 251 savefile = basename(path); 252 } 253 254 if (EMPTYSTRING(savefile)) { 255 if (isftpurl) 256 goto noftpautologin; 257 warnx("No filename after directory (use -o): %s", origline); 258 goto cleanup_url_get; 259 } 260 261 #ifndef SMALL 262 if (resume && (strcmp(savefile, "-") == 0)) { 263 warnx("can't append to stdout"); 264 goto cleanup_url_get; 265 } 266 #endif /* !SMALL */ 267 268 if (!isfileurl && proxyenv != NULL) { /* use proxy */ 269 #ifndef SMALL 270 if (ishttpsurl) { 271 sslpath = strdup(path); 272 sslhost = strdup(host); 273 if (! sslpath || ! sslhost) 274 errx(1, "Can't allocate memory for https path/host."); 275 } 276 #endif /* !SMALL */ 277 proxyurl = strdup(proxyenv); 278 if (proxyurl == NULL) 279 errx(1, "Can't allocate memory for proxy URL."); 280 if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 281 host = proxyurl + sizeof(HTTP_URL) - 1; 282 else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) 283 host = proxyurl + sizeof(FTP_URL) - 1; 284 else { 285 warnx("Malformed proxy URL: %s", proxyenv); 286 goto cleanup_url_get; 287 } 288 if (EMPTYSTRING(host)) { 289 warnx("Malformed proxy URL: %s", proxyenv); 290 goto cleanup_url_get; 291 } 292 if (*--path == '\0') 293 *path = '/'; /* add / back to real path */ 294 path = strchr(host, '/'); /* remove trailing / on host */ 295 if (!EMPTYSTRING(path)) 296 *path++ = '\0'; /* i guess this ++ is useless */ 297 298 path = strchr(host, '@'); /* look for credentials in proxy */ 299 if (!EMPTYSTRING(path)) { 300 *path = '\0'; 301 cookie = strchr(host, ':'); 302 if (EMPTYSTRING(cookie)) { 303 warnx("Malformed proxy URL: %s", proxyenv); 304 goto cleanup_url_get; 305 } 306 cookie = malloc(COOKIE_MAX_LEN); 307 if (cookie == NULL) 308 errx(1, "out of memory"); 309 if (b64_ntop(host, strlen(host), cookie, COOKIE_MAX_LEN) == -1) 310 errx(1, "error in base64 encoding"); 311 *path = '@'; /* restore @ in proxyurl */ 312 /* 313 * This removes the password from proxyurl, 314 * filling with stars 315 */ 316 for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@'; 317 host++) 318 *host = '*'; 319 320 host = path + 1; 321 } 322 path = newline; 323 } 324 325 if (isfileurl) { 326 struct stat st; 327 328 s = open(path, O_RDONLY); 329 if (s == -1) { 330 warn("Can't open file %s", path); 331 goto cleanup_url_get; 332 } 333 334 if (fstat(s, &st) == -1) 335 filesize = -1; 336 else 337 filesize = st.st_size; 338 339 /* Open the output file. */ 340 if (strcmp(savefile, "-") != 0) { 341 #ifndef SMALL 342 if (resume) 343 out = open(savefile, O_CREAT | O_WRONLY | 344 O_APPEND, 0666); 345 346 else 347 #endif /* !SMALL */ 348 out = open(savefile, O_CREAT | O_WRONLY | 349 O_TRUNC, 0666); 350 if (out < 0) { 351 warn("Can't open %s", savefile); 352 goto cleanup_url_get; 353 } 354 } else 355 out = fileno(stdout); 356 357 #ifndef SMALL 358 if (resume) { 359 if (fstat(out, &st) == -1) { 360 warn("Can't fstat %s", savefile); 361 goto cleanup_url_get; 362 } 363 if (lseek(s, st.st_size, SEEK_SET) == -1) { 364 warn("Can't lseek %s", path); 365 goto cleanup_url_get; 366 } 367 restart_point = st.st_size; 368 } 369 #endif /* !SMALL */ 370 371 /* Trap signals */ 372 oldintr = NULL; 373 oldinti = NULL; 374 if (setjmp(httpabort)) { 375 if (oldintr) 376 (void)signal(SIGINT, oldintr); 377 if (oldinti) 378 (void)signal(SIGINFO, oldinti); 379 goto cleanup_url_get; 380 } 381 oldintr = signal(SIGINT, abortfile); 382 383 bytes = 0; 384 hashbytes = mark; 385 progressmeter(-1, path); 386 387 if ((buf = malloc(4096)) == NULL) 388 errx(1, "Can't allocate memory for transfer buffer"); 389 390 /* Finally, suck down the file. */ 391 i = 0; 392 oldinti = signal(SIGINFO, psummary); 393 while ((len = read(s, buf, 4096)) > 0) { 394 bytes += len; 395 for (cp = buf; len > 0; len -= i, cp += i) { 396 if ((i = write(out, cp, len)) == -1) { 397 warn("Writing %s", savefile); 398 signal(SIGINFO, oldinti); 399 goto cleanup_url_get; 400 } 401 else if (i == 0) 402 break; 403 } 404 if (hash && !progress) { 405 while (bytes >= hashbytes) { 406 (void)putc('#', ttyout); 407 hashbytes += mark; 408 } 409 (void)fflush(ttyout); 410 } 411 } 412 signal(SIGINFO, oldinti); 413 if (hash && !progress && bytes > 0) { 414 if (bytes < mark) 415 (void)putc('#', ttyout); 416 (void)putc('\n', ttyout); 417 (void)fflush(ttyout); 418 } 419 if (len != 0) { 420 warn("Reading from file"); 421 goto cleanup_url_get; 422 } 423 progressmeter(1, NULL); 424 if (verbose) 425 ptransfer(0); 426 (void)signal(SIGINT, oldintr); 427 428 rval = 0; 429 goto cleanup_url_get; 430 } 431 432 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 433 (hosttail[1] == '\0' || hosttail[1] == ':')) { 434 host++; 435 *hosttail++ = '\0'; 436 } else 437 hosttail = host; 438 439 portnum = strrchr(hosttail, ':'); /* find portnum */ 440 if (portnum != NULL) 441 *portnum++ = '\0'; 442 443 #ifndef SMALL 444 if (debug) 445 fprintf(ttyout, "host %s, port %s, path %s, save as %s.\n", 446 host, portnum, path, savefile); 447 #endif /* !SMALL */ 448 449 memset(&hints, 0, sizeof(hints)); 450 hints.ai_family = family; 451 hints.ai_socktype = SOCK_STREAM; 452 #ifndef SMALL 453 port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); 454 #else /* !SMALL */ 455 port = portnum ? portnum : httpport; 456 #endif /* !SMALL */ 457 error = getaddrinfo(host, port, &hints, &res0); 458 /* 459 * If the services file is corrupt/missing, fall back 460 * on our hard-coded defines. 461 */ 462 if (error == EAI_SERVICE && port == httpport) { 463 snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); 464 error = getaddrinfo(host, pbuf, &hints, &res0); 465 #ifndef SMALL 466 } else if (error == EAI_SERVICE && port == httpsport) { 467 snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); 468 error = getaddrinfo(host, pbuf, &hints, &res0); 469 #endif /* !SMALL */ 470 } 471 if (error) { 472 warnx("%s: %s", gai_strerror(error), host); 473 goto cleanup_url_get; 474 } 475 476 s = -1; 477 for (res = res0; res; res = res->ai_next) { 478 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, 479 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) 480 strlcpy(hbuf, "(unknown)", sizeof(hbuf)); 481 if (verbose) 482 fprintf(ttyout, "Trying %s...\n", hbuf); 483 484 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 485 if (s == -1) { 486 cause = "socket"; 487 continue; 488 } 489 490 again: 491 if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { 492 int save_errno; 493 494 if (errno == EINTR) 495 goto again; 496 save_errno = errno; 497 close(s); 498 errno = save_errno; 499 s = -1; 500 cause = "connect"; 501 continue; 502 } 503 504 /* get port in numeric */ 505 if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, 506 pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) 507 port = pbuf; 508 else 509 port = NULL; 510 511 #ifndef SMALL 512 if (proxyenv && sslhost) 513 proxy_connect(s, sslhost, cookie); 514 #endif /* !SMALL */ 515 break; 516 } 517 freeaddrinfo(res0); 518 if (s < 0) { 519 warn("%s", cause); 520 goto cleanup_url_get; 521 } 522 523 #ifndef SMALL 524 if (ishttpsurl) { 525 if (proxyenv && sslpath) { 526 ishttpsurl = 0; 527 proxyurl = NULL; 528 path = sslpath; 529 } 530 SSL_library_init(); 531 SSL_load_error_strings(); 532 SSLeay_add_ssl_algorithms(); 533 ssl_ctx = SSL_CTX_new(SSLv23_client_method()); 534 ssl = SSL_new(ssl_ctx); 535 if (ssl == NULL || ssl_ctx == NULL) { 536 ERR_print_errors_fp(ttyout); 537 goto cleanup_url_get; 538 } 539 if (SSL_set_fd(ssl, s) == 0) { 540 ERR_print_errors_fp(ttyout); 541 goto cleanup_url_get; 542 } 543 if (SSL_connect(ssl) <= 0) { 544 ERR_print_errors_fp(ttyout); 545 goto cleanup_url_get; 546 } 547 } else { 548 fin = fdopen(s, "r+"); 549 } 550 #else /* !SMALL */ 551 fin = fdopen(s, "r+"); 552 #endif /* !SMALL */ 553 554 if (verbose) 555 fprintf(ttyout, "Requesting %s", origline); 556 557 /* 558 * Construct and send the request. Proxy requests don't want leading /. 559 */ 560 #ifndef SMALL 561 cookie_get(host, path, ishttpsurl, &buf); 562 #endif /* !SMALL */ 563 564 epath = url_encode(path); 565 if (epath == NULL) 566 return (-1); 567 if (proxyurl) { 568 if (verbose) 569 fprintf(ttyout, " (via %s)\n", proxyurl); 570 /* 571 * Host: directive must use the destination host address for 572 * the original URI (path). We do not attach it at this moment. 573 */ 574 if (cookie) 575 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n" 576 "Proxy-Authorization: Basic %s%s\r\n%s\r\n\r\n", 577 epath, cookie, buf ? buf : "", HTTP_USER_AGENT); 578 else 579 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s%s\r\n\r\n", 580 epath, buf ? buf : "", HTTP_USER_AGENT); 581 582 } else { 583 #ifndef SMALL 584 if (resume) { 585 struct stat stbuf; 586 587 if (stat(savefile, &stbuf) == 0) 588 restart_point = stbuf.st_size; 589 else 590 restart_point = 0; 591 } 592 #endif /* !SMALL */ 593 ftp_printf(fin, ssl, "GET /%s %s\r\nHost: ", epath, 594 #ifndef SMALL 595 restart_point ? "HTTP/1.1" : 596 #endif /* !SMALL */ 597 "HTTP/1.0"); 598 if (strchr(host, ':')) { 599 char *h, *p; 600 601 /* 602 * strip off scoped address portion, since it's 603 * local to node 604 */ 605 h = strdup(host); 606 if (h == NULL) 607 errx(1, "Can't allocate memory."); 608 if ((p = strchr(h, '%')) != NULL) 609 *p = '\0'; 610 ftp_printf(fin, ssl, "[%s]", h); 611 free(h); 612 } else 613 ftp_printf(fin, ssl, "%s", host); 614 615 /* 616 * Send port number only if it's specified and does not equal 617 * 80. Some broken HTTP servers get confused if you explicitly 618 * send them the port number. 619 */ 620 #ifndef SMALL 621 if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) 622 ftp_printf(fin, ssl, ":%s", port); 623 if (restart_point) 624 ftp_printf(fin, ssl, "\r\nRange: bytes=%lld-", 625 (long long)restart_point); 626 #else /* !SMALL */ 627 if (port && strcmp(port, "80") != 0) 628 ftp_printf(fin, ssl, ":%s", port); 629 #endif /* !SMALL */ 630 ftp_printf(fin, ssl, "\r\n%s%s\r\n\r\n", 631 buf ? buf : "", HTTP_USER_AGENT); 632 if (verbose) 633 fprintf(ttyout, "\n"); 634 } 635 free(epath); 636 637 #ifndef SMALL 638 free(buf); 639 #endif /* !SMALL */ 640 buf = NULL; 641 642 if (fin != NULL && fflush(fin) == EOF) { 643 warn("Writing HTTP request"); 644 goto cleanup_url_get; 645 } 646 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 647 warn("Receiving HTTP reply"); 648 goto cleanup_url_get; 649 } 650 651 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 652 buf[--len] = '\0'; 653 #ifndef SMALL 654 if (debug) 655 fprintf(ttyout, "received '%s'\n", buf); 656 #endif /* !SMALL */ 657 658 cp = strchr(buf, ' '); 659 if (cp == NULL) 660 goto improper; 661 else 662 cp++; 663 664 strlcpy(ststr, cp, sizeof(ststr)); 665 status = strtonum(ststr, 200, 416, &errstr); 666 if (errstr) { 667 warnx("Error retrieving file: %s", cp); 668 goto cleanup_url_get; 669 } 670 671 switch (status) { 672 case 200: /* OK */ 673 #ifndef SMALL 674 case 206: /* Partial Content */ 675 #endif /* !SMALL */ 676 break; 677 case 301: /* Moved Permanently */ 678 case 302: /* Found */ 679 case 303: /* See Other */ 680 case 307: /* Temporary Redirect */ 681 isredirect++; 682 if (redirect_loop++ > 10) { 683 warnx("Too many redirections requested"); 684 goto cleanup_url_get; 685 } 686 break; 687 #ifndef SMALL 688 case 416: /* Requested Range Not Satisfiable */ 689 warnx("File is already fully retrieved."); 690 goto cleanup_url_get; 691 #endif /* !SMALL */ 692 default: 693 warnx("Error retrieving file: %s", cp); 694 goto cleanup_url_get; 695 } 696 697 /* 698 * Read the rest of the header. 699 */ 700 free(buf); 701 filesize = -1; 702 703 for (;;) { 704 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 705 warn("Receiving HTTP reply"); 706 goto cleanup_url_get; 707 } 708 709 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 710 buf[--len] = '\0'; 711 if (len == 0) 712 break; 713 #ifndef SMALL 714 if (debug) 715 fprintf(ttyout, "received '%s'\n", buf); 716 #endif /* !SMALL */ 717 718 /* Look for some headers */ 719 cp = buf; 720 #define CONTENTLEN "Content-Length: " 721 if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { 722 cp += sizeof(CONTENTLEN) - 1; 723 filesize = strtonum(cp, 0, LLONG_MAX, &errstr); 724 if (errstr != NULL) 725 goto improper; 726 #ifndef SMALL 727 if (restart_point) 728 filesize += restart_point; 729 #endif /* !SMALL */ 730 #define LOCATION "Location: " 731 } else if (isredirect && 732 strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { 733 cp += sizeof(LOCATION) - 1; 734 if (verbose) 735 fprintf(ttyout, "Redirected to %s\n", cp); 736 if (fin != NULL) 737 fclose(fin); 738 else if (s != -1) 739 close(s); 740 free(proxyurl); 741 free(newline); 742 free(cookie); 743 rval = url_get(cp, proxyenv, savefile); 744 free(buf); 745 return (rval); 746 } 747 } 748 749 /* Open the output file. */ 750 if (strcmp(savefile, "-") != 0) { 751 #ifndef SMALL 752 if (resume) 753 out = open(savefile, O_CREAT | O_WRONLY | O_APPEND, 754 0666); 755 else 756 #endif /* !SMALL */ 757 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 758 0666); 759 if (out < 0) { 760 warn("Can't open %s", savefile); 761 goto cleanup_url_get; 762 } 763 } else 764 out = fileno(stdout); 765 766 /* Trap signals */ 767 oldintr = NULL; 768 oldinti = NULL; 769 if (setjmp(httpabort)) { 770 if (oldintr) 771 (void)signal(SIGINT, oldintr); 772 if (oldinti) 773 (void)signal(SIGINFO, oldinti); 774 goto cleanup_url_get; 775 } 776 oldintr = signal(SIGINT, aborthttp); 777 778 bytes = 0; 779 hashbytes = mark; 780 progressmeter(-1, path); 781 782 free(buf); 783 784 /* Finally, suck down the file. */ 785 if ((buf = malloc(4096)) == NULL) 786 errx(1, "Can't allocate memory for transfer buffer"); 787 i = 0; 788 len = 1; 789 oldinti = signal(SIGINFO, psummary); 790 while (len > 0) { 791 len = ftp_read(fin, ssl, buf, 4096); 792 bytes += len; 793 for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) { 794 if ((i = write(out, cp, wlen)) == -1) { 795 warn("Writing %s", savefile); 796 signal(SIGINFO, oldinti); 797 goto cleanup_url_get; 798 } 799 else if (i == 0) 800 break; 801 } 802 if (hash && !progress) { 803 while (bytes >= hashbytes) { 804 (void)putc('#', ttyout); 805 hashbytes += mark; 806 } 807 (void)fflush(ttyout); 808 } 809 } 810 signal(SIGINFO, oldinti); 811 if (hash && !progress && bytes > 0) { 812 if (bytes < mark) 813 (void)putc('#', ttyout); 814 (void)putc('\n', ttyout); 815 (void)fflush(ttyout); 816 } 817 if (len != 0) { 818 warn("Reading from socket"); 819 goto cleanup_url_get; 820 } 821 progressmeter(1, NULL); 822 if ( 823 #ifndef SMALL 824 !resume && 825 #endif /* !SMALL */ 826 filesize != -1 && len == 0 && bytes != filesize) { 827 if (verbose) 828 fputs("Read short file.\n", ttyout); 829 goto cleanup_url_get; 830 } 831 832 if (verbose) 833 ptransfer(0); 834 (void)signal(SIGINT, oldintr); 835 836 rval = 0; 837 goto cleanup_url_get; 838 839 noftpautologin: 840 warnx( 841 "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); 842 goto cleanup_url_get; 843 844 improper: 845 warnx("Improper response from %s", host); 846 847 cleanup_url_get: 848 #ifndef SMALL 849 if (ssl) { 850 SSL_shutdown(ssl); 851 SSL_free(ssl); 852 } 853 #endif /* !SMALL */ 854 if (fin != NULL) 855 fclose(fin); 856 else if (s != -1) 857 close(s); 858 free(buf); 859 free(proxyurl); 860 free(newline); 861 free(cookie); 862 return (rval); 863 } 864 865 /* 866 * Abort a http retrieval 867 */ 868 /* ARGSUSED */ 869 void 870 aborthttp(int signo) 871 { 872 873 alarmtimer(0); 874 fputs("\nhttp fetch aborted.\n", ttyout); 875 (void)fflush(ttyout); 876 longjmp(httpabort, 1); 877 } 878 879 /* 880 * Abort a http retrieval 881 */ 882 /* ARGSUSED */ 883 void 884 abortfile(int signo) 885 { 886 887 alarmtimer(0); 888 fputs("\nfile fetch aborted.\n", ttyout); 889 (void)fflush(ttyout); 890 longjmp(httpabort, 1); 891 } 892 893 /* 894 * Retrieve multiple files from the command line, transferring 895 * files of the form "host:path", "ftp://host/path" using the 896 * ftp protocol, and files of the form "http://host/path" using 897 * the http protocol. 898 * If path has a trailing "/", then return (-1); 899 * the path will be cd-ed into and the connection remains open, 900 * and the function will return -1 (to indicate the connection 901 * is alive). 902 * If an error occurs the return value will be the offset+1 in 903 * argv[] of the file that caused a problem (i.e, argv[x] 904 * returns x+1) 905 * Otherwise, 0 is returned if all files retrieved successfully. 906 */ 907 int 908 auto_fetch(int argc, char *argv[], char *outfile) 909 { 910 char *xargv[5]; 911 char *cp, *url, *host, *dir, *file, *portnum; 912 char *username, *pass, *pathstart; 913 char *ftpproxy, *httpproxy; 914 int rval, xargc; 915 volatile int argpos; 916 int dirhasglob, filehasglob, oautologin; 917 char rempath[MAXPATHLEN]; 918 919 argpos = 0; 920 921 if (setjmp(toplevel)) { 922 if (connected) 923 disconnect(0, NULL); 924 return (argpos + 1); 925 } 926 (void)signal(SIGINT, (sig_t)intr); 927 (void)signal(SIGPIPE, (sig_t)lostpeer); 928 929 if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0') 930 ftpproxy = NULL; 931 if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0') 932 httpproxy = NULL; 933 934 /* 935 * Loop through as long as there's files to fetch. 936 */ 937 for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) { 938 if (strchr(argv[argpos], ':') == NULL) 939 break; 940 host = dir = file = portnum = username = pass = NULL; 941 942 /* 943 * We muck with the string, so we make a copy. 944 */ 945 url = strdup(argv[argpos]); 946 if (url == NULL) 947 errx(1, "Can't allocate memory for auto-fetch."); 948 949 /* 950 * Try HTTP URL-style arguments first. 951 */ 952 if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 953 #ifndef SMALL 954 /* even if we compiled without SSL, url_get will check */ 955 strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || 956 #endif /* !SMALL */ 957 strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 958 redirect_loop = 0; 959 if (url_get(url, httpproxy, outfile) == -1) 960 rval = argpos + 1; 961 continue; 962 } 963 964 /* 965 * Try FTP URL-style arguments next. If ftpproxy is 966 * set, use url_get() instead of standard ftp. 967 * Finally, try host:file. 968 */ 969 host = url; 970 if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 971 char *passend, *passagain, *userend; 972 973 if (ftpproxy) { 974 if (url_get(url, ftpproxy, outfile) == -1) 975 rval = argpos + 1; 976 continue; 977 } 978 host += sizeof(FTP_URL) - 1; 979 dir = strchr(host, '/'); 980 981 /* Look for [user:pass@]host[:port] */ 982 983 /* check if we have "user:pass@" */ 984 userend = strchr(host, ':'); 985 passend = strchr(host, '@'); 986 if (passend && userend && userend < passend && 987 (!dir || passend < dir)) { 988 username = host; 989 pass = userend + 1; 990 host = passend + 1; 991 *userend = *passend = '\0'; 992 passagain = strchr(host, '@'); 993 if (strchr(pass, '@') != NULL || 994 (passagain != NULL && passagain < dir)) { 995 warnx(at_encoding_warning); 996 goto bad_ftp_url; 997 } 998 999 if (EMPTYSTRING(username)) { 1000 bad_ftp_url: 1001 warnx("Invalid URL: %s", argv[argpos]); 1002 rval = argpos + 1; 1003 continue; 1004 } 1005 username = urldecode(username); 1006 pass = urldecode(pass); 1007 } 1008 1009 #ifdef INET6 1010 /* check [host]:port, or [host] */ 1011 if (host[0] == '[') { 1012 cp = strchr(host, ']'); 1013 if (cp && (!dir || cp < dir)) { 1014 if (cp + 1 == dir || cp[1] == ':') { 1015 host++; 1016 *cp++ = '\0'; 1017 } else 1018 cp = NULL; 1019 } else 1020 cp = host; 1021 } else 1022 cp = host; 1023 #else 1024 cp = host; 1025 #endif 1026 1027 /* split off host[:port] if there is */ 1028 if (cp) { 1029 portnum = strchr(cp, ':'); 1030 pathstart = strchr(cp, '/'); 1031 /* : in path is not a port # indicator */ 1032 if (portnum && pathstart && 1033 pathstart < portnum) 1034 portnum = NULL; 1035 1036 if (!portnum) 1037 ; 1038 else { 1039 if (!dir) 1040 ; 1041 else if (portnum + 1 < dir) { 1042 *portnum++ = '\0'; 1043 /* 1044 * XXX should check if portnum 1045 * is decimal number 1046 */ 1047 } else { 1048 /* empty portnum */ 1049 goto bad_ftp_url; 1050 } 1051 } 1052 } else 1053 portnum = NULL; 1054 } else { /* classic style `host:file' */ 1055 dir = strchr(host, ':'); 1056 } 1057 if (EMPTYSTRING(host)) { 1058 rval = argpos + 1; 1059 continue; 1060 } 1061 1062 /* 1063 * If dir is NULL, the file wasn't specified 1064 * (URL looked something like ftp://host) 1065 */ 1066 if (dir != NULL) 1067 *dir++ = '\0'; 1068 1069 /* 1070 * Extract the file and (if present) directory name. 1071 */ 1072 if (!EMPTYSTRING(dir)) { 1073 cp = strrchr(dir, '/'); 1074 if (cp != NULL) { 1075 *cp++ = '\0'; 1076 file = cp; 1077 } else { 1078 file = dir; 1079 dir = NULL; 1080 } 1081 } 1082 #ifndef SMALL 1083 if (debug) 1084 fprintf(ttyout, 1085 "user %s:%s host %s port %s dir %s file %s\n", 1086 username, pass ? "XXXX" : NULL, host, portnum, 1087 dir, file); 1088 #endif /* !SMALL */ 1089 1090 /* 1091 * Set up the connection. 1092 */ 1093 if (connected) 1094 disconnect(0, NULL); 1095 xargv[0] = __progname; 1096 xargv[1] = host; 1097 xargv[2] = NULL; 1098 xargc = 2; 1099 if (!EMPTYSTRING(portnum)) { 1100 xargv[2] = portnum; 1101 xargv[3] = NULL; 1102 xargc = 3; 1103 } 1104 oautologin = autologin; 1105 if (username == NULL) 1106 anonftp = 1; 1107 else { 1108 anonftp = 0; 1109 autologin = 0; 1110 } 1111 setpeer(xargc, xargv); 1112 autologin = oautologin; 1113 if (connected == 0 || 1114 (connected == 1 && autologin && (username == NULL || 1115 !ftp_login(host, username, pass)))) { 1116 warnx("Can't connect or login to host `%s'", host); 1117 rval = argpos + 1; 1118 continue; 1119 } 1120 1121 /* Always use binary transfers. */ 1122 setbinary(0, NULL); 1123 1124 dirhasglob = filehasglob = 0; 1125 if (doglob) { 1126 if (!EMPTYSTRING(dir) && 1127 strpbrk(dir, "*?[]{}") != NULL) 1128 dirhasglob = 1; 1129 if (!EMPTYSTRING(file) && 1130 strpbrk(file, "*?[]{}") != NULL) 1131 filehasglob = 1; 1132 } 1133 1134 /* Change directories, if necessary. */ 1135 if (!EMPTYSTRING(dir) && !dirhasglob) { 1136 xargv[0] = "cd"; 1137 xargv[1] = dir; 1138 xargv[2] = NULL; 1139 cd(2, xargv); 1140 if (!dirchange) { 1141 rval = argpos + 1; 1142 continue; 1143 } 1144 } 1145 1146 if (EMPTYSTRING(file)) { 1147 #ifndef SMALL 1148 rval = -1; 1149 #else /* !SMALL */ 1150 recvrequest("NLST", "-", NULL, "w", 0, 0); 1151 rval = 0; 1152 #endif /* !SMALL */ 1153 continue; 1154 } 1155 1156 if (verbose) 1157 fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file); 1158 1159 if (dirhasglob) { 1160 snprintf(rempath, sizeof(rempath), "%s/%s", dir, file); 1161 file = rempath; 1162 } 1163 1164 /* Fetch the file(s). */ 1165 xargc = 2; 1166 xargv[0] = "get"; 1167 xargv[1] = file; 1168 xargv[2] = NULL; 1169 if (dirhasglob || filehasglob) { 1170 int ointeractive; 1171 1172 ointeractive = interactive; 1173 interactive = 0; 1174 xargv[0] = "mget"; 1175 #ifndef SMALL 1176 if (resume) { 1177 xargc = 3; 1178 xargv[1] = "-c"; 1179 xargv[2] = file; 1180 xargv[3] = NULL; 1181 } 1182 #endif /* !SMALL */ 1183 mget(xargc, xargv); 1184 interactive = ointeractive; 1185 } else { 1186 if (outfile != NULL) { 1187 xargv[2] = outfile; 1188 xargv[3] = NULL; 1189 xargc++; 1190 } 1191 #ifndef SMALL 1192 if (resume) 1193 reget(xargc, xargv); 1194 else 1195 #endif /* !SMALL */ 1196 get(xargc, xargv); 1197 } 1198 1199 if ((code / 100) != COMPLETE) 1200 rval = argpos + 1; 1201 } 1202 if (connected && rval != -1) 1203 disconnect(0, NULL); 1204 return (rval); 1205 } 1206 1207 char * 1208 urldecode(const char *str) 1209 { 1210 char *ret, c; 1211 int i, reallen; 1212 1213 if (str == NULL) 1214 return NULL; 1215 if ((ret = malloc(strlen(str)+1)) == NULL) 1216 err(1, "Can't allocate memory for URL decoding"); 1217 for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) { 1218 c = str[i]; 1219 if (c == '+') { 1220 *ret = ' '; 1221 continue; 1222 } 1223 1224 /* Cannot use strtol here because next char 1225 * after %xx may be a digit. 1226 */ 1227 if (c == '%' && isxdigit(str[i+1]) && isxdigit(str[i+2])) { 1228 *ret = hextochar(&str[i+1]); 1229 i+=2; 1230 continue; 1231 } 1232 *ret = c; 1233 } 1234 *ret = '\0'; 1235 1236 return ret-reallen; 1237 } 1238 1239 char 1240 hextochar(const char *str) 1241 { 1242 char c, ret; 1243 1244 c = str[0]; 1245 ret = c; 1246 if (isalpha(c)) 1247 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1248 else 1249 ret -= '0'; 1250 ret *= 16; 1251 1252 c = str[1]; 1253 ret += c; 1254 if (isalpha(c)) 1255 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1256 else 1257 ret -= '0'; 1258 return ret; 1259 } 1260 1261 int 1262 isurl(const char *p) 1263 { 1264 1265 if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || 1266 strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1267 #ifndef SMALL 1268 strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || 1269 #endif /* !SMALL */ 1270 strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || 1271 strstr(p, ":/")) 1272 return (1); 1273 return (0); 1274 } 1275 1276 char * 1277 ftp_readline(FILE *fp, SSL *ssl, size_t *lenp) 1278 { 1279 if (fp != NULL) 1280 return fparseln(fp, lenp, NULL, "\0\0\0", 0); 1281 #ifndef SMALL 1282 else if (ssl != NULL) 1283 return SSL_readline(ssl, lenp); 1284 #endif /* !SMALL */ 1285 else 1286 return NULL; 1287 } 1288 1289 size_t 1290 ftp_read(FILE *fp, SSL *ssl, char *buf, size_t len) 1291 { 1292 size_t ret; 1293 if (fp != NULL) 1294 ret = fread(buf, sizeof(char), len, fp); 1295 #ifndef SMALL 1296 else if (ssl != NULL) { 1297 int nr; 1298 1299 if (len > INT_MAX) 1300 len = INT_MAX; 1301 if ((nr = SSL_read(ssl, buf, (int)len)) <= 0) 1302 ret = 0; 1303 else 1304 ret = nr; 1305 } 1306 #endif /* !SMALL */ 1307 else 1308 ret = 0; 1309 return (ret); 1310 } 1311 1312 int 1313 ftp_printf(FILE *fp, SSL *ssl, const char *fmt, ...) 1314 { 1315 int ret; 1316 va_list ap; 1317 1318 va_start(ap, fmt); 1319 1320 if (fp != NULL) 1321 ret = vfprintf(fp, fmt, ap); 1322 #ifndef SMALL 1323 else if (ssl != NULL) 1324 ret = SSL_vprintf((SSL*)ssl, fmt, ap); 1325 #endif /* !SMALL */ 1326 else 1327 ret = 0; 1328 1329 va_end(ap); 1330 return (ret); 1331 } 1332 1333 #ifndef SMALL 1334 int 1335 SSL_vprintf(SSL *ssl, const char *fmt, va_list ap) 1336 { 1337 int ret; 1338 char *string; 1339 1340 if ((ret = vasprintf(&string, fmt, ap)) == -1) 1341 return ret; 1342 ret = SSL_write(ssl, string, ret); 1343 free(string); 1344 return ret; 1345 } 1346 1347 char * 1348 SSL_readline(SSL *ssl, size_t *lenp) 1349 { 1350 size_t i, len; 1351 char *buf, *q, c; 1352 1353 len = 128; 1354 if ((buf = malloc(len)) == NULL) 1355 errx(1, "Can't allocate memory for transfer buffer"); 1356 for (i = 0; ; i++) { 1357 if (i >= len - 1) { 1358 if ((q = realloc(buf, 2 * len)) == NULL) 1359 errx(1, "Can't expand transfer buffer"); 1360 buf = q; 1361 len *= 2; 1362 } 1363 if (SSL_read(ssl, &c, 1) <= 0) 1364 break; 1365 buf[i] = c; 1366 if (c == '\n') 1367 break; 1368 } 1369 *lenp = i; 1370 return (buf); 1371 } 1372 1373 int 1374 proxy_connect(int socket, char *host, char *cookie) 1375 { 1376 int l; 1377 char buf[1024]; 1378 char *connstr, *hosttail, *port; 1379 1380 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 1381 (hosttail[1] == '\0' || hosttail[1] == ':')) { 1382 host++; 1383 *hosttail++ = '\0'; 1384 } else 1385 hosttail = host; 1386 1387 port = strrchr(hosttail, ':'); /* find portnum */ 1388 if (port != NULL) 1389 *port++ = '\0'; 1390 if (!port) 1391 port = "443"; 1392 1393 if (cookie) { 1394 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n" 1395 "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n", 1396 host, port, cookie, HTTP_USER_AGENT); 1397 } else { 1398 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n", 1399 host, port, HTTP_USER_AGENT); 1400 } 1401 1402 if (l == -1) 1403 errx(1, "Could not allocate memory to assemble connect string!"); 1404 #ifndef SMALL 1405 if (debug) 1406 printf("%s", connstr); 1407 #endif /* !SMALL */ 1408 if (write(socket, connstr, l) != l) 1409 err(1, "Could not send connect string"); 1410 read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */ 1411 free(connstr); 1412 return(200); 1413 } 1414 #endif /* !SMALL */ 1415