1 /* $OpenBSD: fetch.c,v 1.73 2007/04/17 14:58:51 drahn Exp $ */ 2 /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ 3 4 /*- 5 * Copyright (c) 1997 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Jason Thorpe and Luke Mewburn. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the NetBSD 22 * Foundation, Inc. and its contributors. 23 * 4. Neither the name of The NetBSD Foundation nor the names of its 24 * contributors may be used to endorse or promote products derived 25 * from this software without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 28 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 29 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 30 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 31 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 37 * POSSIBILITY OF SUCH DAMAGE. 38 */ 39 40 #if !defined(lint) && !defined(SMALL) 41 static const char rcsid[] = "$OpenBSD: fetch.c,v 1.73 2007/04/17 14:58:51 drahn Exp $"; 42 #endif /* not lint and not SMALL */ 43 44 /* 45 * FTP User Program -- Command line file retrieval 46 */ 47 48 #include <sys/types.h> 49 #include <sys/param.h> 50 #include <sys/socket.h> 51 #include <sys/stat.h> 52 53 #include <netinet/in.h> 54 55 #include <arpa/ftp.h> 56 #include <arpa/inet.h> 57 58 #include <ctype.h> 59 #include <err.h> 60 #include <libgen.h> 61 #include <limits.h> 62 #include <netdb.h> 63 #include <fcntl.h> 64 #include <signal.h> 65 #include <stdio.h> 66 #include <stdarg.h> 67 #include <errno.h> 68 #include <stdlib.h> 69 #include <string.h> 70 #include <unistd.h> 71 #include <util.h> 72 #include <resolv.h> 73 74 #ifndef SMALL 75 #include <openssl/ssl.h> 76 #include <openssl/err.h> 77 #else 78 #define SSL void 79 #endif 80 81 #include "ftp_var.h" 82 83 static int url_get(const char *, const char *, const char *); 84 void aborthttp(int); 85 void abortfile(int); 86 char hextochar(const char *); 87 char *urldecode(const char *); 88 int ftp_printf(FILE *, SSL *, const char *, ...) __attribute__((format(printf, 3, 4))); 89 char *ftp_readline(FILE *, SSL *, size_t *); 90 size_t ftp_read(FILE *, SSL *, char *, size_t); 91 #ifndef SMALL 92 int proxy_connect(int, char *); 93 int SSL_vprintf(SSL *, const char *, va_list); 94 char *SSL_readline(SSL *, size_t *); 95 #endif 96 97 #define FTP_URL "ftp://" /* ftp URL prefix */ 98 #define HTTP_URL "http://" /* http URL prefix */ 99 #define HTTPS_URL "https://" /* https URL prefix */ 100 #define FILE_URL "file:" /* file URL prefix */ 101 #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */ 102 #define HTTP_PROXY "http_proxy" /* env var with http proxy location */ 103 104 #define COOKIE_MAX_LEN 42 105 106 #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0')) 107 108 static const char *at_encoding_warning = 109 "Extra `@' characters in usernames and passwords should be encoded as %%40"; 110 111 jmp_buf httpabort; 112 113 static int redirect_loop; 114 115 /* 116 * Retrieve URL, via the proxy in $proxyvar if necessary. 117 * Modifies the string argument given. 118 * Returns -1 on failure, 0 on success 119 */ 120 static int 121 url_get(const char *origline, const char *proxyenv, const char *outfile) 122 { 123 char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; 124 char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; 125 int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1; 126 struct addrinfo hints, *res0, *res; 127 const char * volatile savefile; 128 char * volatile proxyurl = NULL; 129 char *cookie = NULL; 130 volatile int s = -1, out; 131 volatile sig_t oldintr; 132 FILE *fin = NULL; 133 off_t hashbytes; 134 const char *errstr; 135 size_t len, wlen; 136 #ifndef SMALL 137 char *sslpath = NULL, *sslhost = NULL; 138 int ishttpsurl = 0; 139 SSL_CTX *ssl_ctx = NULL; 140 #endif 141 SSL *ssl = NULL; 142 int status; 143 144 newline = strdup(origline); 145 if (newline == NULL) 146 errx(1, "Can't allocate memory to parse URL"); 147 if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 148 host = newline + sizeof(HTTP_URL) - 1; 149 else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 150 host = newline + sizeof(FTP_URL) - 1; 151 isftpurl = 1; 152 } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 153 host = newline + sizeof(FILE_URL) - 1; 154 isfileurl = 1; 155 #ifndef SMALL 156 } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { 157 host = newline + sizeof(HTTPS_URL) - 1; 158 ishttpsurl = 1; 159 #endif 160 } else 161 errx(1, "url_get: Invalid URL '%s'", newline); 162 163 if (isfileurl) { 164 path = host; 165 } else { 166 path = strchr(host, '/'); /* find path */ 167 if (EMPTYSTRING(path)) { 168 if (isftpurl) 169 goto noftpautologin; 170 warnx("Invalid URL (no `/' after host): %s", origline); 171 goto cleanup_url_get; 172 } 173 *path++ = '\0'; 174 if (EMPTYSTRING(path)) { 175 if (isftpurl) 176 goto noftpautologin; 177 warnx("Invalid URL (no file after host): %s", origline); 178 goto cleanup_url_get; 179 } 180 } 181 182 if (outfile) 183 savefile = outfile; 184 else 185 savefile = basename(path); 186 187 if (EMPTYSTRING(savefile)) { 188 if (isftpurl) 189 goto noftpautologin; 190 warnx("Invalid URL (no file after directory): %s", origline); 191 goto cleanup_url_get; 192 } 193 194 if (!isfileurl && proxyenv != NULL) { /* use proxy */ 195 #ifndef SMALL 196 if (ishttpsurl) { 197 sslpath = strdup(path); 198 sslhost = strdup(host); 199 if (! sslpath || ! sslhost) 200 errx(1, "Can't allocate memory for https path/host."); 201 } 202 #endif 203 proxyurl = strdup(proxyenv); 204 if (proxyurl == NULL) 205 errx(1, "Can't allocate memory for proxy URL."); 206 if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 207 host = proxyurl + sizeof(HTTP_URL) - 1; 208 else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) 209 host = proxyurl + sizeof(FTP_URL) - 1; 210 else { 211 warnx("Malformed proxy URL: %s", proxyenv); 212 goto cleanup_url_get; 213 } 214 if (EMPTYSTRING(host)) { 215 warnx("Malformed proxy URL: %s", proxyenv); 216 goto cleanup_url_get; 217 } 218 *--path = '/'; /* add / back to real path */ 219 path = strchr(host, '/'); /* remove trailing / on host */ 220 if (!EMPTYSTRING(path)) 221 *path++ = '\0'; /* i guess this ++ is useless */ 222 223 path = strchr(host, '@'); /* look for credentials in proxy */ 224 if (!EMPTYSTRING(path)) { 225 *path++ = '\0'; 226 cookie = strchr(host, ':'); 227 if (EMPTYSTRING(cookie)) { 228 warnx("Malformed proxy URL: %s", proxyenv); 229 goto cleanup_url_get; 230 } 231 cookie = malloc(COOKIE_MAX_LEN); 232 b64_ntop(host, strlen(host), cookie, COOKIE_MAX_LEN); 233 /* 234 * This removes the password from proxyenv, 235 * filling with stars 236 */ 237 for (host = strchr(proxyenv + 5, ':'); *host != '@'; 238 host++) 239 *host = '*'; 240 241 host = path; 242 } 243 path = newline; 244 } 245 246 if (isfileurl) { 247 struct stat st; 248 249 s = open(path, O_RDONLY); 250 if (s == -1) { 251 warn("Can't open file %s", path); 252 goto cleanup_url_get; 253 } 254 255 if (fstat(s, &st) == -1) 256 filesize = -1; 257 else 258 filesize = st.st_size; 259 260 /* Open the output file. */ 261 if (strcmp(savefile, "-") != 0) { 262 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 263 0666); 264 if (out < 0) { 265 warn("Can't open %s", savefile); 266 goto cleanup_url_get; 267 } 268 } else 269 out = fileno(stdout); 270 271 /* Trap signals */ 272 oldintr = NULL; 273 if (setjmp(httpabort)) { 274 if (oldintr) 275 (void)signal(SIGINT, oldintr); 276 goto cleanup_url_get; 277 } 278 oldintr = signal(SIGINT, abortfile); 279 280 bytes = 0; 281 hashbytes = mark; 282 progressmeter(-1); 283 284 if ((buf = malloc(4096)) == NULL) 285 errx(1, "Can't allocate memory for transfer buffer"); 286 287 /* Finally, suck down the file. */ 288 i = 0; 289 while ((len = read(s, buf, 4096)) > 0) { 290 bytes += len; 291 for (cp = buf; len > 0; len -= i, cp += i) { 292 if ((i = write(out, cp, len)) == -1) { 293 warn("Writing %s", savefile); 294 goto cleanup_url_get; 295 } 296 else if (i == 0) 297 break; 298 } 299 if (hash && !progress) { 300 while (bytes >= hashbytes) { 301 (void)putc('#', ttyout); 302 hashbytes += mark; 303 } 304 (void)fflush(ttyout); 305 } 306 } 307 if (hash && !progress && bytes > 0) { 308 if (bytes < mark) 309 (void)putc('#', ttyout); 310 (void)putc('\n', ttyout); 311 (void)fflush(ttyout); 312 } 313 if (len != 0) { 314 warn("Reading from file"); 315 goto cleanup_url_get; 316 } 317 progressmeter(1); 318 if (verbose) 319 fputs("Successfully retrieved file.\n", ttyout); 320 (void)signal(SIGINT, oldintr); 321 322 rval = 0; 323 goto cleanup_url_get; 324 } 325 326 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 327 (hosttail[1] == '\0' || hosttail[1] == ':')) { 328 host++; 329 *hosttail++ = '\0'; 330 } else 331 hosttail = host; 332 333 portnum = strrchr(hosttail, ':'); /* find portnum */ 334 if (portnum != NULL) 335 *portnum++ = '\0'; 336 337 if (debug) 338 fprintf(ttyout, "host %s, port %s, path %s, save as %s.\n", 339 host, portnum, path, savefile); 340 341 memset(&hints, 0, sizeof(hints)); 342 hints.ai_family = family; 343 hints.ai_socktype = SOCK_STREAM; 344 #ifndef SMALL 345 port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); 346 #else 347 port = portnum ? portnum : httpport; 348 #endif 349 error = getaddrinfo(host, port, &hints, &res0); 350 /* 351 * If the services file is corrupt/missing, fall back 352 * on our hard-coded defines. 353 */ 354 if (error == EAI_SERVICE && port == httpport) { 355 snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); 356 error = getaddrinfo(host, pbuf, &hints, &res0); 357 #ifndef SMALL 358 } else if (error == EAI_SERVICE && port == httpsport) { 359 snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); 360 error = getaddrinfo(host, pbuf, &hints, &res0); 361 #endif 362 } 363 if (error) { 364 warnx("%s: %s", gai_strerror(error), host); 365 goto cleanup_url_get; 366 } 367 368 s = -1; 369 for (res = res0; res; res = res->ai_next) { 370 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, 371 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) 372 strlcpy(hbuf, "(unknown)", sizeof(hbuf)); 373 if (verbose) 374 fprintf(ttyout, "Trying %s...\n", hbuf); 375 376 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 377 if (s == -1) { 378 cause = "socket"; 379 continue; 380 } 381 382 again: 383 if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { 384 int save_errno; 385 386 if (errno == EINTR) 387 goto again; 388 save_errno = errno; 389 close(s); 390 errno = save_errno; 391 s = -1; 392 cause = "connect"; 393 continue; 394 } 395 396 /* get port in numeric */ 397 if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, 398 pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) 399 port = pbuf; 400 else 401 port = NULL; 402 403 #ifndef SMALL 404 if (proxyenv && sslhost) 405 proxy_connect(s, sslhost); 406 #endif 407 break; 408 } 409 freeaddrinfo(res0); 410 if (s < 0) { 411 warn("%s", cause); 412 goto cleanup_url_get; 413 } 414 415 #ifndef SMALL 416 if (ishttpsurl) { 417 if (proxyenv && sslpath) { 418 ishttpsurl = 0; 419 proxyurl = NULL; 420 path = sslpath; 421 } 422 SSL_library_init(); 423 SSL_load_error_strings(); 424 SSLeay_add_ssl_algorithms(); 425 ssl_ctx = SSL_CTX_new(SSLv23_client_method()); 426 ssl = SSL_new(ssl_ctx); 427 if (ssl == NULL || ssl_ctx == NULL) { 428 ERR_print_errors_fp(ttyout); 429 goto cleanup_url_get; 430 } 431 if (SSL_set_fd(ssl, s) == 0) { 432 ERR_print_errors_fp(ttyout); 433 goto cleanup_url_get; 434 } 435 if (SSL_connect(ssl) <= 0) { 436 ERR_print_errors_fp(ttyout); 437 goto cleanup_url_get; 438 } 439 } else { 440 fin = fdopen(s, "r+"); 441 } 442 #else 443 fin = fdopen(s, "r+"); 444 #endif 445 446 if (verbose) 447 fprintf(ttyout, "Requesting %s", origline); 448 /* 449 * Construct and send the request. Proxy requests don't want leading /. 450 */ 451 if (proxyurl) { 452 if (verbose) 453 fprintf(ttyout, " (via %s)\n", proxyenv); 454 /* 455 * Host: directive must use the destination host address for 456 * the original URI (path). We do not attach it at this moment. 457 */ 458 if (cookie) 459 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n" 460 "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n", 461 path, cookie, HTTP_USER_AGENT); 462 else 463 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s\r\n\r\n", 464 path, HTTP_USER_AGENT); 465 466 } else { 467 ftp_printf(fin, ssl, "GET /%s HTTP/1.0\r\nHost: ", path); 468 if (strchr(host, ':')) { 469 char *h, *p; 470 471 /* 472 * strip off scoped address portion, since it's 473 * local to node 474 */ 475 h = strdup(host); 476 if (h == NULL) 477 errx(1, "Can't allocate memory."); 478 if ((p = strchr(h, '%')) != NULL) 479 *p = '\0'; 480 ftp_printf(fin, ssl, "[%s]", h); 481 free(h); 482 } else 483 ftp_printf(fin, ssl, "%s", host); 484 485 /* 486 * Send port number only if it's specified and does not equal 487 * 80. Some broken HTTP servers get confused if you explicitly 488 * send them the port number. 489 */ 490 #ifndef SMALL 491 if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) 492 ftp_printf(fin, ssl, ":%s", port); 493 #else 494 if (port && strcmp(port, "80") != 0) 495 ftp_printf(fin, ssl, ":%s", port); 496 #endif 497 ftp_printf(fin, ssl, "\r\n%s\r\n\r\n", HTTP_USER_AGENT); 498 if (verbose) 499 fprintf(ttyout, "\n"); 500 } 501 if (fin != NULL && fflush(fin) == EOF) { 502 warn("Writing HTTP request"); 503 goto cleanup_url_get; 504 } 505 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 506 warn("Receiving HTTP reply"); 507 goto cleanup_url_get; 508 } 509 510 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 511 buf[--len] = '\0'; 512 if (debug) 513 fprintf(ttyout, "received '%s'\n", buf); 514 515 cp = strchr(buf, ' '); 516 if (cp == NULL) 517 goto improper; 518 else 519 cp++; 520 521 strlcpy(ststr, cp, sizeof(ststr)); 522 status = strtonum(ststr, 200, 307, &errstr); 523 if (errstr) { 524 warnx("Error retrieving file: %s", cp); 525 goto cleanup_url_get; 526 } 527 528 switch (status) { 529 case 200: /* OK */ 530 break; 531 case 301: /* Moved Permanently */ 532 case 302: /* Found */ 533 case 303: /* See Other */ 534 case 307: /* Temporary Redirect */ 535 isredirect++; 536 if (redirect_loop++ > 10) { 537 warnx("Too many redirections requested"); 538 goto cleanup_url_get; 539 } 540 break; 541 default: 542 warnx("Error retrieving file: %s", cp); 543 goto cleanup_url_get; 544 } 545 546 /* 547 * Read the rest of the header. 548 */ 549 free(buf); 550 filesize = -1; 551 552 for (;;) { 553 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 554 warn("Receiving HTTP reply"); 555 goto cleanup_url_get; 556 } 557 558 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 559 buf[--len] = '\0'; 560 if (len == 0) 561 break; 562 if (debug) 563 fprintf(ttyout, "received '%s'\n", buf); 564 565 /* Look for some headers */ 566 cp = buf; 567 #define CONTENTLEN "Content-Length: " 568 if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { 569 cp += sizeof(CONTENTLEN) - 1; 570 filesize = strtonum(cp, 0, LLONG_MAX, &errstr); 571 if (errstr != NULL) 572 goto improper; 573 #define LOCATION "Location: " 574 } else if (isredirect && 575 strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { 576 cp += sizeof(LOCATION) - 1; 577 if (verbose) 578 fprintf(ttyout, "Redirected to %s\n", cp); 579 if (fin != NULL) 580 fclose(fin); 581 else if (s != -1) 582 close(s); 583 free(proxyurl); 584 free(newline); 585 rval = url_get(cp, proxyenv, outfile); 586 free(buf); 587 return (rval); 588 } 589 } 590 591 /* Open the output file. */ 592 if (strcmp(savefile, "-") != 0) { 593 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666); 594 if (out < 0) { 595 warn("Can't open %s", savefile); 596 goto cleanup_url_get; 597 } 598 } else 599 out = fileno(stdout); 600 601 /* Trap signals */ 602 oldintr = NULL; 603 if (setjmp(httpabort)) { 604 if (oldintr) 605 (void)signal(SIGINT, oldintr); 606 goto cleanup_url_get; 607 } 608 oldintr = signal(SIGINT, aborthttp); 609 610 bytes = 0; 611 hashbytes = mark; 612 progressmeter(-1); 613 614 free(buf); 615 616 /* Finally, suck down the file. */ 617 if ((buf = malloc(4096)) == NULL) 618 errx(1, "Can't allocate memory for transfer buffer"); 619 i = 0; 620 len = 1; 621 while (len > 0) { 622 len = ftp_read(fin, ssl, buf, 4096); 623 bytes += len; 624 for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) { 625 if ((i = write(out, cp, wlen)) == -1) { 626 warn("Writing %s", savefile); 627 goto cleanup_url_get; 628 } 629 else if (i == 0) 630 break; 631 } 632 if (hash && !progress) { 633 while (bytes >= hashbytes) { 634 (void)putc('#', ttyout); 635 hashbytes += mark; 636 } 637 (void)fflush(ttyout); 638 } 639 } 640 if (hash && !progress && bytes > 0) { 641 if (bytes < mark) 642 (void)putc('#', ttyout); 643 (void)putc('\n', ttyout); 644 (void)fflush(ttyout); 645 } 646 if (len != 0) { 647 warn("Reading from socket"); 648 goto cleanup_url_get; 649 } 650 progressmeter(1); 651 if (filesize != -1 && len == 0 && bytes != filesize) { 652 if (verbose) 653 fputs("Read short file.\n", ttyout); 654 goto cleanup_url_get; 655 } 656 657 if (verbose) 658 fputs("Successfully retrieved file.\n", ttyout); 659 (void)signal(SIGINT, oldintr); 660 661 rval = 0; 662 goto cleanup_url_get; 663 664 noftpautologin: 665 warnx( 666 "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); 667 goto cleanup_url_get; 668 669 improper: 670 warnx("Improper response from %s", host); 671 672 cleanup_url_get: 673 #ifndef SMALL 674 if (ssl) { 675 SSL_shutdown(ssl); 676 SSL_free(ssl); 677 } 678 #endif 679 if (fin != NULL) 680 fclose(fin); 681 else if (s != -1) 682 close(s); 683 free(buf); 684 free(proxyurl); 685 free(newline); 686 return (rval); 687 } 688 689 /* 690 * Abort a http retrieval 691 */ 692 /* ARGSUSED */ 693 void 694 aborthttp(int signo) 695 { 696 697 alarmtimer(0); 698 fputs("\nhttp fetch aborted.\n", ttyout); 699 (void)fflush(ttyout); 700 longjmp(httpabort, 1); 701 } 702 703 /* 704 * Abort a http retrieval 705 */ 706 /* ARGSUSED */ 707 void 708 abortfile(int signo) 709 { 710 711 alarmtimer(0); 712 fputs("\nfile fetch aborted.\n", ttyout); 713 (void)fflush(ttyout); 714 longjmp(httpabort, 1); 715 } 716 717 /* 718 * Retrieve multiple files from the command line, transferring 719 * files of the form "host:path", "ftp://host/path" using the 720 * ftp protocol, and files of the form "http://host/path" using 721 * the http protocol. 722 * If path has a trailing "/", then return (-1); 723 * the path will be cd-ed into and the connection remains open, 724 * and the function will return -1 (to indicate the connection 725 * is alive). 726 * If an error occurs the return value will be the offset+1 in 727 * argv[] of the file that caused a problem (i.e, argv[x] 728 * returns x+1) 729 * Otherwise, 0 is returned if all files retrieved successfully. 730 */ 731 int 732 auto_fetch(int argc, char *argv[], char *outfile) 733 { 734 char *xargv[5]; 735 char *cp, *url, *host, *dir, *file, *portnum; 736 char *username, *pass, *pathstart; 737 char *ftpproxy, *httpproxy; 738 int rval, xargc; 739 volatile int argpos; 740 int dirhasglob, filehasglob, oautologin; 741 char rempath[MAXPATHLEN]; 742 743 argpos = 0; 744 745 if (setjmp(toplevel)) { 746 if (connected) 747 disconnect(0, NULL); 748 return (argpos + 1); 749 } 750 (void)signal(SIGINT, (sig_t)intr); 751 (void)signal(SIGPIPE, (sig_t)lostpeer); 752 753 if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0') 754 ftpproxy = NULL; 755 if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0') 756 httpproxy = NULL; 757 758 /* 759 * Loop through as long as there's files to fetch. 760 */ 761 for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) { 762 if (strchr(argv[argpos], ':') == NULL) 763 break; 764 host = dir = file = portnum = username = pass = NULL; 765 766 /* 767 * We muck with the string, so we make a copy. 768 */ 769 url = strdup(argv[argpos]); 770 if (url == NULL) 771 errx(1, "Can't allocate memory for auto-fetch."); 772 773 /* 774 * Try HTTP URL-style arguments first. 775 */ 776 if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 777 #ifndef SMALL 778 /* even if we compiled without SSL, url_get will check */ 779 strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || 780 #endif 781 strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 782 redirect_loop = 0; 783 if (url_get(url, httpproxy, outfile) == -1) 784 rval = argpos + 1; 785 continue; 786 } 787 788 /* 789 * Try FTP URL-style arguments next. If ftpproxy is 790 * set, use url_get() instead of standard ftp. 791 * Finally, try host:file. 792 */ 793 host = url; 794 if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 795 char *passend, *passagain, *userend; 796 797 if (ftpproxy) { 798 if (url_get(url, ftpproxy, outfile) == -1) 799 rval = argpos + 1; 800 continue; 801 } 802 host += sizeof(FTP_URL) - 1; 803 dir = strchr(host, '/'); 804 805 /* Look for [user:pass@]host[:port] */ 806 807 /* check if we have "user:pass@" */ 808 userend = strchr(host, ':'); 809 passend = strchr(host, '@'); 810 if (passend && userend && userend < passend && 811 (!dir || passend < dir)) { 812 username = host; 813 pass = userend + 1; 814 host = passend + 1; 815 *userend = *passend = '\0'; 816 passagain = strchr(host, '@'); 817 if (strchr(pass, '@') != NULL || 818 (passagain != NULL && passagain < dir)) { 819 warnx(at_encoding_warning); 820 goto bad_ftp_url; 821 } 822 823 if (EMPTYSTRING(username) || EMPTYSTRING(pass)) { 824 bad_ftp_url: 825 warnx("Invalid URL: %s", argv[argpos]); 826 rval = argpos + 1; 827 continue; 828 } 829 username = urldecode(username); 830 pass = urldecode(pass); 831 } 832 833 #ifdef INET6 834 /* check [host]:port, or [host] */ 835 if (host[0] == '[') { 836 cp = strchr(host, ']'); 837 if (cp && (!dir || cp < dir)) { 838 if (cp + 1 == dir || cp[1] == ':') { 839 host++; 840 *cp++ = '\0'; 841 } else 842 cp = NULL; 843 } else 844 cp = host; 845 } else 846 cp = host; 847 #else 848 cp = host; 849 #endif 850 851 /* split off host[:port] if there is */ 852 if (cp) { 853 portnum = strchr(cp, ':'); 854 pathstart = strchr(cp, '/'); 855 /* : in path is not a port # indicator */ 856 if (portnum && pathstart && 857 pathstart < portnum) 858 portnum = NULL; 859 860 if (!portnum) 861 ; 862 else { 863 if (!dir) 864 ; 865 else if (portnum + 1 < dir) { 866 *portnum++ = '\0'; 867 /* 868 * XXX should check if portnum 869 * is decimal number 870 */ 871 } else { 872 /* empty portnum */ 873 goto bad_ftp_url; 874 } 875 } 876 } else 877 portnum = NULL; 878 } else { /* classic style `host:file' */ 879 dir = strchr(host, ':'); 880 } 881 if (EMPTYSTRING(host)) { 882 rval = argpos + 1; 883 continue; 884 } 885 886 /* 887 * If dir is NULL, the file wasn't specified 888 * (URL looked something like ftp://host) 889 */ 890 if (dir != NULL) 891 *dir++ = '\0'; 892 893 /* 894 * Extract the file and (if present) directory name. 895 */ 896 if (!EMPTYSTRING(dir)) { 897 cp = strrchr(dir, '/'); 898 if (cp != NULL) { 899 *cp++ = '\0'; 900 file = cp; 901 } else { 902 file = dir; 903 dir = NULL; 904 } 905 } 906 if (debug) 907 fprintf(ttyout, 908 "user %s:%s host %s port %s dir %s file %s\n", 909 username, pass, host, portnum, dir, file); 910 911 /* 912 * Set up the connection. 913 */ 914 if (connected) 915 disconnect(0, NULL); 916 xargv[0] = __progname; 917 xargv[1] = host; 918 xargv[2] = NULL; 919 xargc = 2; 920 if (!EMPTYSTRING(portnum)) { 921 xargv[2] = portnum; 922 xargv[3] = NULL; 923 xargc = 3; 924 } 925 oautologin = autologin; 926 if (username != NULL) 927 autologin = 0; 928 setpeer(xargc, xargv); 929 autologin = oautologin; 930 if ((connected == 0) || 931 ((connected == 1) && !ftp_login(host, username, pass))) { 932 warnx("Can't connect or login to host `%s'", host); 933 rval = argpos + 1; 934 continue; 935 } 936 937 /* Always use binary transfers. */ 938 setbinary(0, NULL); 939 940 dirhasglob = filehasglob = 0; 941 if (doglob) { 942 if (!EMPTYSTRING(dir) && 943 strpbrk(dir, "*?[]{}") != NULL) 944 dirhasglob = 1; 945 if (!EMPTYSTRING(file) && 946 strpbrk(file, "*?[]{}") != NULL) 947 filehasglob = 1; 948 } 949 950 /* Change directories, if necessary. */ 951 if (!EMPTYSTRING(dir) && !dirhasglob) { 952 xargv[0] = "cd"; 953 xargv[1] = dir; 954 xargv[2] = NULL; 955 cd(2, xargv); 956 if (!dirchange) { 957 rval = argpos + 1; 958 continue; 959 } 960 } 961 962 if (EMPTYSTRING(file)) { 963 rval = -1; 964 continue; 965 } 966 967 if (verbose) 968 fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file); 969 970 if (dirhasglob) { 971 snprintf(rempath, sizeof(rempath), "%s/%s", dir, file); 972 file = rempath; 973 } 974 975 /* Fetch the file(s). */ 976 xargc = 2; 977 xargv[0] = "get"; 978 xargv[1] = file; 979 xargv[2] = NULL; 980 if (dirhasglob || filehasglob) { 981 int ointeractive; 982 983 ointeractive = interactive; 984 interactive = 0; 985 xargv[0] = "mget"; 986 mget(xargc, xargv); 987 interactive = ointeractive; 988 } else { 989 if (outfile != NULL) { 990 xargv[2] = outfile; 991 xargv[3] = NULL; 992 xargc++; 993 } 994 get(xargc, xargv); 995 } 996 997 if ((code / 100) != COMPLETE) 998 rval = argpos + 1; 999 } 1000 if (connected && rval != -1) 1001 disconnect(0, NULL); 1002 return (rval); 1003 } 1004 1005 char * 1006 urldecode(const char *str) 1007 { 1008 char *ret, c; 1009 int i, reallen; 1010 1011 if (str == NULL) 1012 return NULL; 1013 if ((ret = malloc(strlen(str)+1)) == NULL) 1014 err(1, "Can't allocate memory for URL decoding"); 1015 for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) { 1016 c = str[i]; 1017 if (c == '+') { 1018 *ret = ' '; 1019 continue; 1020 } 1021 1022 /* Cannot use strtol here because next char 1023 * after %xx may be a digit. 1024 */ 1025 if (c == '%' && isxdigit(str[i+1]) && isxdigit(str[i+2])) { 1026 *ret = hextochar(&str[i+1]); 1027 i+=2; 1028 continue; 1029 } 1030 *ret = c; 1031 } 1032 *ret = '\0'; 1033 1034 return ret-reallen; 1035 } 1036 1037 char 1038 hextochar(const char *str) 1039 { 1040 char c, ret; 1041 1042 c = str[0]; 1043 ret = c; 1044 if (isalpha(c)) 1045 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1046 else 1047 ret -= '0'; 1048 ret *= 16; 1049 1050 c = str[1]; 1051 ret += c; 1052 if (isalpha(c)) 1053 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1054 else 1055 ret -= '0'; 1056 return ret; 1057 } 1058 1059 int 1060 isurl(const char *p) 1061 { 1062 1063 if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || 1064 strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1065 #ifndef SMALL 1066 strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || 1067 #endif 1068 strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || 1069 strstr(p, ":/")) 1070 return (1); 1071 return (0); 1072 } 1073 1074 char * 1075 ftp_readline(FILE *fp, SSL *ssl, size_t *lenp) 1076 { 1077 if (fp != NULL) 1078 return fparseln(fp, lenp, NULL, "\0\0\0", 0); 1079 #ifndef SMALL 1080 else if (ssl != NULL) 1081 return SSL_readline(ssl, lenp); 1082 #endif 1083 else 1084 return NULL; 1085 } 1086 1087 size_t 1088 ftp_read(FILE *fp, SSL *ssl, char *buf, size_t len) 1089 { 1090 size_t ret; 1091 if (fp != NULL) 1092 ret = fread(buf, sizeof(char), len, fp); 1093 #ifndef SMALL 1094 else if (ssl != NULL) { 1095 int nr; 1096 1097 if (len > INT_MAX) 1098 len = INT_MAX; 1099 if ((nr = SSL_read(ssl, buf, (int)len)) <= 0) 1100 ret = 0; 1101 else 1102 ret = nr; 1103 } 1104 #endif 1105 else 1106 ret = 0; 1107 return (ret); 1108 } 1109 1110 int 1111 ftp_printf(FILE *fp, SSL *ssl, const char *fmt, ...) 1112 { 1113 int ret; 1114 va_list ap; 1115 1116 va_start(ap, fmt); 1117 1118 if (fp != NULL) 1119 ret = vfprintf(fp, fmt, ap); 1120 #ifndef SMALL 1121 else if (ssl != NULL) 1122 ret = SSL_vprintf((SSL*)ssl, fmt, ap); 1123 #endif 1124 else 1125 ret = NULL; 1126 1127 va_end(ap); 1128 return (ret); 1129 } 1130 1131 #ifndef SMALL 1132 int 1133 SSL_vprintf(SSL *ssl, const char *fmt, va_list ap) 1134 { 1135 int ret; 1136 char *string; 1137 1138 if ((ret = vasprintf(&string, fmt, ap)) == -1) 1139 return ret; 1140 ret = SSL_write(ssl, string, ret); 1141 free(string); 1142 return ret; 1143 } 1144 1145 char * 1146 SSL_readline(SSL *ssl, size_t *lenp) 1147 { 1148 size_t i, len; 1149 char *buf, *q, c; 1150 1151 len = 128; 1152 if ((buf = malloc(len)) == NULL) 1153 errx(1, "Can't allocate memory for transfer buffer"); 1154 for (i = 0; ; i++) { 1155 if (i >= len - 1) { 1156 if ((q = realloc(buf, 2 * len)) == NULL) 1157 errx(1, "Can't expand transfer buffer"); 1158 buf = q; 1159 len *= 2; 1160 } 1161 if (SSL_read(ssl, &c, 1) <= 0) 1162 break; 1163 buf[i] = c; 1164 if (c == '\n') 1165 break; 1166 } 1167 *lenp = i; 1168 return (buf); 1169 } 1170 1171 int 1172 proxy_connect(int socket, char *host) 1173 { 1174 int l; 1175 char buf[1024]; 1176 char *connstr, *hosttail, *port; 1177 1178 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 1179 (hosttail[1] == '\0' || hosttail[1] == ':')) { 1180 host++; 1181 *hosttail++ = '\0'; 1182 } else 1183 hosttail = host; 1184 1185 port = strrchr(hosttail, ':'); /* find portnum */ 1186 if (port != NULL) 1187 *port++ = '\0'; 1188 if (!port) 1189 port = "443"; 1190 1191 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\n\n", host, port); 1192 if (l == -1) 1193 errx(1, "Could not allocate memory to assemble connect string!"); 1194 if (debug) 1195 printf("%s", connstr); 1196 if (write(socket, connstr, l) != l) 1197 err(1, "Could not send connect string"); 1198 read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */ 1199 free(connstr); 1200 return(200); 1201 } 1202 #endif 1203