1 /* $OpenBSD: fetch.c,v 1.79 2008/06/26 05:42:20 ray Exp $ */ 2 /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */ 3 4 /*- 5 * Copyright (c) 1997 The NetBSD Foundation, Inc. 6 * All rights reserved. 7 * 8 * This code is derived from software contributed to The NetBSD Foundation 9 * by Jason Thorpe and Luke Mewburn. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #if !defined(lint) && !defined(SMALL) 34 static const char rcsid[] = "$OpenBSD: fetch.c,v 1.79 2008/06/26 05:42:20 ray Exp $"; 35 #endif /* not lint and not SMALL */ 36 37 /* 38 * FTP User Program -- Command line file retrieval 39 */ 40 41 #include <sys/types.h> 42 #include <sys/param.h> 43 #include <sys/socket.h> 44 #include <sys/stat.h> 45 46 #include <netinet/in.h> 47 48 #include <arpa/ftp.h> 49 #include <arpa/inet.h> 50 51 #include <ctype.h> 52 #include <err.h> 53 #include <libgen.h> 54 #include <limits.h> 55 #include <netdb.h> 56 #include <fcntl.h> 57 #include <signal.h> 58 #include <stdio.h> 59 #include <stdarg.h> 60 #include <errno.h> 61 #include <stdlib.h> 62 #include <string.h> 63 #include <unistd.h> 64 #include <util.h> 65 #include <resolv.h> 66 67 #ifndef SMALL 68 #include <openssl/ssl.h> 69 #include <openssl/err.h> 70 #else /* !SMALL */ 71 #define SSL void 72 #endif /* !SMALL */ 73 74 #include "ftp_var.h" 75 76 static int url_get(const char *, const char *, const char *); 77 void aborthttp(int); 78 void abortfile(int); 79 char hextochar(const char *); 80 char *urldecode(const char *); 81 int ftp_printf(FILE *, SSL *, const char *, ...) __attribute__((format(printf, 3, 4))); 82 char *ftp_readline(FILE *, SSL *, size_t *); 83 size_t ftp_read(FILE *, SSL *, char *, size_t); 84 #ifndef SMALL 85 int proxy_connect(int, char *); 86 int SSL_vprintf(SSL *, const char *, va_list); 87 char *SSL_readline(SSL *, size_t *); 88 #endif /* !SMALL */ 89 90 #define FTP_URL "ftp://" /* ftp URL prefix */ 91 #define HTTP_URL "http://" /* http URL prefix */ 92 #define HTTPS_URL "https://" /* https URL prefix */ 93 #define FILE_URL "file:" /* file URL prefix */ 94 #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */ 95 #define HTTP_PROXY "http_proxy" /* env var with http proxy location */ 96 97 #define COOKIE_MAX_LEN 42 98 99 #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0')) 100 101 static const char *at_encoding_warning = 102 "Extra `@' characters in usernames and passwords should be encoded as %%40"; 103 104 jmp_buf httpabort; 105 106 static int redirect_loop; 107 108 /* 109 * Retrieve URL, via the proxy in $proxyvar if necessary. 110 * Modifies the string argument given. 111 * Returns -1 on failure, 0 on success 112 */ 113 static int 114 url_get(const char *origline, const char *proxyenv, const char *outfile) 115 { 116 char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4]; 117 char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL; 118 int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1; 119 struct addrinfo hints, *res0, *res; 120 const char * volatile savefile; 121 char * volatile proxyurl = NULL; 122 char *cookie = NULL; 123 volatile int s = -1, out; 124 volatile sig_t oldintr; 125 FILE *fin = NULL; 126 off_t hashbytes; 127 const char *errstr; 128 size_t len, wlen; 129 #ifndef SMALL 130 char *sslpath = NULL, *sslhost = NULL; 131 int ishttpsurl = 0; 132 SSL_CTX *ssl_ctx = NULL; 133 #endif /* !SMALL */ 134 SSL *ssl = NULL; 135 int status; 136 137 newline = strdup(origline); 138 if (newline == NULL) 139 errx(1, "Can't allocate memory to parse URL"); 140 if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 141 host = newline + sizeof(HTTP_URL) - 1; 142 else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 143 host = newline + sizeof(FTP_URL) - 1; 144 isftpurl = 1; 145 } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 146 host = newline + sizeof(FILE_URL) - 1; 147 isfileurl = 1; 148 #ifndef SMALL 149 } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) { 150 host = newline + sizeof(HTTPS_URL) - 1; 151 ishttpsurl = 1; 152 #endif /* !SMALL */ 153 } else 154 errx(1, "url_get: Invalid URL '%s'", newline); 155 156 if (isfileurl) { 157 path = host; 158 } else { 159 path = strchr(host, '/'); /* find path */ 160 if (EMPTYSTRING(path)) { 161 if (isftpurl) 162 goto noftpautologin; 163 warnx("Invalid URL (no `/' after host): %s", origline); 164 goto cleanup_url_get; 165 } 166 *path++ = '\0'; 167 if (EMPTYSTRING(path)) { 168 if (isftpurl) 169 goto noftpautologin; 170 warnx("Invalid URL (no file after host): %s", origline); 171 goto cleanup_url_get; 172 } 173 } 174 175 if (outfile) 176 savefile = outfile; 177 else 178 savefile = basename(path); 179 180 #ifndef SMALL 181 if (resume && (strcmp(savefile, "-") == 0)) { 182 warnx("can't append to stdout"); 183 goto cleanup_url_get; 184 } 185 #endif /* !SMALL */ 186 187 if (EMPTYSTRING(savefile)) { 188 if (isftpurl) 189 goto noftpautologin; 190 warnx("Invalid URL (no file after directory): %s", origline); 191 goto cleanup_url_get; 192 } 193 194 if (!isfileurl && proxyenv != NULL) { /* use proxy */ 195 #ifndef SMALL 196 if (ishttpsurl) { 197 sslpath = strdup(path); 198 sslhost = strdup(host); 199 if (! sslpath || ! sslhost) 200 errx(1, "Can't allocate memory for https path/host."); 201 } 202 #endif /* !SMALL */ 203 proxyurl = strdup(proxyenv); 204 if (proxyurl == NULL) 205 errx(1, "Can't allocate memory for proxy URL."); 206 if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) 207 host = proxyurl + sizeof(HTTP_URL) - 1; 208 else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0) 209 host = proxyurl + sizeof(FTP_URL) - 1; 210 else { 211 warnx("Malformed proxy URL: %s", proxyenv); 212 goto cleanup_url_get; 213 } 214 if (EMPTYSTRING(host)) { 215 warnx("Malformed proxy URL: %s", proxyenv); 216 goto cleanup_url_get; 217 } 218 *--path = '/'; /* add / back to real path */ 219 path = strchr(host, '/'); /* remove trailing / on host */ 220 if (!EMPTYSTRING(path)) 221 *path++ = '\0'; /* i guess this ++ is useless */ 222 223 path = strchr(host, '@'); /* look for credentials in proxy */ 224 if (!EMPTYSTRING(path)) { 225 *path++ = '\0'; 226 cookie = strchr(host, ':'); 227 if (EMPTYSTRING(cookie)) { 228 warnx("Malformed proxy URL: %s", proxyenv); 229 goto cleanup_url_get; 230 } 231 cookie = malloc(COOKIE_MAX_LEN); 232 b64_ntop(host, strlen(host), cookie, COOKIE_MAX_LEN); 233 /* 234 * This removes the password from proxyenv, 235 * filling with stars 236 */ 237 for (host = strchr(proxyenv + 5, ':'); *host != '@'; 238 host++) 239 *host = '*'; 240 241 host = path; 242 } 243 path = newline; 244 } 245 246 if (isfileurl) { 247 struct stat st; 248 249 s = open(path, O_RDONLY); 250 if (s == -1) { 251 warn("Can't open file %s", path); 252 goto cleanup_url_get; 253 } 254 255 if (fstat(s, &st) == -1) 256 filesize = -1; 257 else 258 filesize = st.st_size; 259 260 /* Open the output file. */ 261 if (strcmp(savefile, "-") != 0) { 262 #ifndef SMALL 263 if (resume) 264 out = open(savefile, O_APPEND | O_WRONLY); 265 else 266 #endif /* !SMALL */ 267 out = open(savefile, O_CREAT | O_WRONLY | 268 O_TRUNC, 0666); 269 if (out < 0) { 270 warn("Can't open %s", savefile); 271 goto cleanup_url_get; 272 } 273 } else 274 out = fileno(stdout); 275 276 #ifndef SMALL 277 if (resume) { 278 if (fstat(out, &st) == -1) { 279 warn("Can't fstat %s", savefile); 280 goto cleanup_url_get; 281 } 282 if (lseek(s, st.st_size, SEEK_SET) == -1) { 283 warn("Can't lseek %s", path); 284 goto cleanup_url_get; 285 } 286 restart_point = st.st_size; 287 } 288 #endif /* !SMALL */ 289 290 /* Trap signals */ 291 oldintr = NULL; 292 if (setjmp(httpabort)) { 293 if (oldintr) 294 (void)signal(SIGINT, oldintr); 295 goto cleanup_url_get; 296 } 297 oldintr = signal(SIGINT, abortfile); 298 299 bytes = 0; 300 hashbytes = mark; 301 progressmeter(-1); 302 303 if ((buf = malloc(4096)) == NULL) 304 errx(1, "Can't allocate memory for transfer buffer"); 305 306 /* Finally, suck down the file. */ 307 i = 0; 308 while ((len = read(s, buf, 4096)) > 0) { 309 bytes += len; 310 for (cp = buf; len > 0; len -= i, cp += i) { 311 if ((i = write(out, cp, len)) == -1) { 312 warn("Writing %s", savefile); 313 goto cleanup_url_get; 314 } 315 else if (i == 0) 316 break; 317 } 318 if (hash && !progress) { 319 while (bytes >= hashbytes) { 320 (void)putc('#', ttyout); 321 hashbytes += mark; 322 } 323 (void)fflush(ttyout); 324 } 325 } 326 if (hash && !progress && bytes > 0) { 327 if (bytes < mark) 328 (void)putc('#', ttyout); 329 (void)putc('\n', ttyout); 330 (void)fflush(ttyout); 331 } 332 if (len != 0) { 333 warn("Reading from file"); 334 goto cleanup_url_get; 335 } 336 progressmeter(1); 337 if (verbose) 338 fputs("Successfully retrieved file.\n", ttyout); 339 (void)signal(SIGINT, oldintr); 340 341 rval = 0; 342 goto cleanup_url_get; 343 } 344 345 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 346 (hosttail[1] == '\0' || hosttail[1] == ':')) { 347 host++; 348 *hosttail++ = '\0'; 349 } else 350 hosttail = host; 351 352 portnum = strrchr(hosttail, ':'); /* find portnum */ 353 if (portnum != NULL) 354 *portnum++ = '\0'; 355 356 if (debug) 357 fprintf(ttyout, "host %s, port %s, path %s, save as %s.\n", 358 host, portnum, path, savefile); 359 360 memset(&hints, 0, sizeof(hints)); 361 hints.ai_family = family; 362 hints.ai_socktype = SOCK_STREAM; 363 #ifndef SMALL 364 port = portnum ? portnum : (ishttpsurl ? httpsport : httpport); 365 #else /* !SMALL */ 366 port = portnum ? portnum : httpport; 367 #endif /* !SMALL */ 368 error = getaddrinfo(host, port, &hints, &res0); 369 /* 370 * If the services file is corrupt/missing, fall back 371 * on our hard-coded defines. 372 */ 373 if (error == EAI_SERVICE && port == httpport) { 374 snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT); 375 error = getaddrinfo(host, pbuf, &hints, &res0); 376 #ifndef SMALL 377 } else if (error == EAI_SERVICE && port == httpsport) { 378 snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT); 379 error = getaddrinfo(host, pbuf, &hints, &res0); 380 #endif /* !SMALL */ 381 } 382 if (error) { 383 warnx("%s: %s", gai_strerror(error), host); 384 goto cleanup_url_get; 385 } 386 387 s = -1; 388 for (res = res0; res; res = res->ai_next) { 389 if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf, 390 sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0) 391 strlcpy(hbuf, "(unknown)", sizeof(hbuf)); 392 if (verbose) 393 fprintf(ttyout, "Trying %s...\n", hbuf); 394 395 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 396 if (s == -1) { 397 cause = "socket"; 398 continue; 399 } 400 401 again: 402 if (connect(s, res->ai_addr, res->ai_addrlen) < 0) { 403 int save_errno; 404 405 if (errno == EINTR) 406 goto again; 407 save_errno = errno; 408 close(s); 409 errno = save_errno; 410 s = -1; 411 cause = "connect"; 412 continue; 413 } 414 415 /* get port in numeric */ 416 if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0, 417 pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0) 418 port = pbuf; 419 else 420 port = NULL; 421 422 #ifndef SMALL 423 if (proxyenv && sslhost) 424 proxy_connect(s, sslhost); 425 #endif /* !SMALL */ 426 break; 427 } 428 freeaddrinfo(res0); 429 if (s < 0) { 430 warn("%s", cause); 431 goto cleanup_url_get; 432 } 433 434 #ifndef SMALL 435 if (ishttpsurl) { 436 if (proxyenv && sslpath) { 437 ishttpsurl = 0; 438 proxyurl = NULL; 439 path = sslpath; 440 } 441 SSL_library_init(); 442 SSL_load_error_strings(); 443 SSLeay_add_ssl_algorithms(); 444 ssl_ctx = SSL_CTX_new(SSLv23_client_method()); 445 ssl = SSL_new(ssl_ctx); 446 if (ssl == NULL || ssl_ctx == NULL) { 447 ERR_print_errors_fp(ttyout); 448 goto cleanup_url_get; 449 } 450 if (SSL_set_fd(ssl, s) == 0) { 451 ERR_print_errors_fp(ttyout); 452 goto cleanup_url_get; 453 } 454 if (SSL_connect(ssl) <= 0) { 455 ERR_print_errors_fp(ttyout); 456 goto cleanup_url_get; 457 } 458 } else { 459 fin = fdopen(s, "r+"); 460 } 461 #else /* !SMALL */ 462 fin = fdopen(s, "r+"); 463 #endif /* !SMALL */ 464 465 if (verbose) 466 fprintf(ttyout, "Requesting %s", origline); 467 /* 468 * Construct and send the request. Proxy requests don't want leading /. 469 */ 470 #ifndef SMALL 471 cookie_get(host, path, ishttpsurl, &buf); 472 #endif /* !SMALL */ 473 if (proxyurl) { 474 if (verbose) 475 fprintf(ttyout, " (via %s)\n", proxyenv); 476 /* 477 * Host: directive must use the destination host address for 478 * the original URI (path). We do not attach it at this moment. 479 */ 480 if (cookie) 481 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n" 482 "Proxy-Authorization: Basic %s%s\r\n%s\r\n\r\n", 483 path, cookie, buf ? buf : "", HTTP_USER_AGENT); 484 else 485 ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s%s\r\n\r\n", 486 path, buf ? buf : "", HTTP_USER_AGENT); 487 488 } else { 489 ftp_printf(fin, ssl, "GET /%s %s\r\nHost: ", path, 490 #ifndef SMALL 491 resume ? "HTTP/1.1" : 492 #endif /* !SMALL */ 493 "HTTP/1.0"); 494 if (strchr(host, ':')) { 495 char *h, *p; 496 497 /* 498 * strip off scoped address portion, since it's 499 * local to node 500 */ 501 h = strdup(host); 502 if (h == NULL) 503 errx(1, "Can't allocate memory."); 504 if ((p = strchr(h, '%')) != NULL) 505 *p = '\0'; 506 ftp_printf(fin, ssl, "[%s]", h); 507 free(h); 508 } else 509 ftp_printf(fin, ssl, "%s", host); 510 511 /* 512 * Send port number only if it's specified and does not equal 513 * 80. Some broken HTTP servers get confused if you explicitly 514 * send them the port number. 515 */ 516 #ifndef SMALL 517 if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0) 518 ftp_printf(fin, ssl, ":%s", port); 519 if (resume) { 520 int ret; 521 struct stat stbuf; 522 523 ret = stat(savefile, &stbuf); 524 if (ret < 0) { 525 if (verbose) 526 fprintf(ttyout, "\n"); 527 warn("Can't open %s", savefile); 528 goto cleanup_url_get; 529 } 530 restart_point = stbuf.st_size; 531 ftp_printf(fin, ssl, "\r\nRange: bytes=%lld-", 532 (long long)restart_point); 533 } 534 #else /* !SMALL */ 535 if (port && strcmp(port, "80") != 0) 536 ftp_printf(fin, ssl, ":%s", port); 537 #endif /* !SMALL */ 538 ftp_printf(fin, ssl, "\r\n%s%s\r\n\r\n", 539 buf ? buf : "", HTTP_USER_AGENT); 540 if (verbose) 541 fprintf(ttyout, "\n"); 542 } 543 544 545 #ifndef SMALL 546 free(buf); 547 #endif /* !SMALL */ 548 buf = NULL; 549 550 if (fin != NULL && fflush(fin) == EOF) { 551 warn("Writing HTTP request"); 552 goto cleanup_url_get; 553 } 554 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 555 warn("Receiving HTTP reply"); 556 goto cleanup_url_get; 557 } 558 559 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 560 buf[--len] = '\0'; 561 if (debug) 562 fprintf(ttyout, "received '%s'\n", buf); 563 564 cp = strchr(buf, ' '); 565 if (cp == NULL) 566 goto improper; 567 else 568 cp++; 569 570 strlcpy(ststr, cp, sizeof(ststr)); 571 status = strtonum(ststr, 200, 416, &errstr); 572 if (errstr) { 573 warnx("Error retrieving file: %s", cp); 574 goto cleanup_url_get; 575 } 576 577 switch (status) { 578 case 200: /* OK */ 579 #ifndef SMALL 580 case 206: /* Partial Content */ 581 break; 582 #endif /* !SMALL */ 583 case 301: /* Moved Permanently */ 584 case 302: /* Found */ 585 case 303: /* See Other */ 586 case 307: /* Temporary Redirect */ 587 isredirect++; 588 if (redirect_loop++ > 10) { 589 warnx("Too many redirections requested"); 590 goto cleanup_url_get; 591 } 592 break; 593 #ifndef SMALL 594 case 416: /* Requested Range Not Satisfiable */ 595 warnx("File is already fully retrieved."); 596 goto cleanup_url_get; 597 #endif /* !SMALL */ 598 default: 599 warnx("Error retrieving file: %s", cp); 600 goto cleanup_url_get; 601 } 602 603 /* 604 * Read the rest of the header. 605 */ 606 free(buf); 607 filesize = -1; 608 609 for (;;) { 610 if ((buf = ftp_readline(fin, ssl, &len)) == NULL) { 611 warn("Receiving HTTP reply"); 612 goto cleanup_url_get; 613 } 614 615 while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n')) 616 buf[--len] = '\0'; 617 if (len == 0) 618 break; 619 if (debug) 620 fprintf(ttyout, "received '%s'\n", buf); 621 622 /* Look for some headers */ 623 cp = buf; 624 #define CONTENTLEN "Content-Length: " 625 if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) { 626 cp += sizeof(CONTENTLEN) - 1; 627 filesize = strtonum(cp, 0, LLONG_MAX, &errstr); 628 if (errstr != NULL) 629 goto improper; 630 #ifndef SMALL 631 if (resume) 632 filesize += restart_point; 633 #endif /* !SMALL */ 634 #define LOCATION "Location: " 635 } else if (isredirect && 636 strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { 637 cp += sizeof(LOCATION) - 1; 638 if (verbose) 639 fprintf(ttyout, "Redirected to %s\n", cp); 640 if (fin != NULL) 641 fclose(fin); 642 else if (s != -1) 643 close(s); 644 free(proxyurl); 645 free(newline); 646 rval = url_get(cp, proxyenv, outfile); 647 free(buf); 648 return (rval); 649 } 650 } 651 652 /* Open the output file. */ 653 if (strcmp(savefile, "-") != 0) { 654 #ifndef SMALL 655 if (resume) 656 out = open(savefile, O_APPEND | O_WRONLY); 657 else 658 #endif /* !SMALL */ 659 out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 660 0666); 661 if (out < 0) { 662 warn("Can't open %s", savefile); 663 goto cleanup_url_get; 664 } 665 } else 666 out = fileno(stdout); 667 668 /* Trap signals */ 669 oldintr = NULL; 670 if (setjmp(httpabort)) { 671 if (oldintr) 672 (void)signal(SIGINT, oldintr); 673 goto cleanup_url_get; 674 } 675 oldintr = signal(SIGINT, aborthttp); 676 677 bytes = 0; 678 hashbytes = mark; 679 progressmeter(-1); 680 681 free(buf); 682 683 /* Finally, suck down the file. */ 684 if ((buf = malloc(4096)) == NULL) 685 errx(1, "Can't allocate memory for transfer buffer"); 686 i = 0; 687 len = 1; 688 while (len > 0) { 689 len = ftp_read(fin, ssl, buf, 4096); 690 bytes += len; 691 for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) { 692 if ((i = write(out, cp, wlen)) == -1) { 693 warn("Writing %s", savefile); 694 goto cleanup_url_get; 695 } 696 else if (i == 0) 697 break; 698 } 699 if (hash && !progress) { 700 while (bytes >= hashbytes) { 701 (void)putc('#', ttyout); 702 hashbytes += mark; 703 } 704 (void)fflush(ttyout); 705 } 706 } 707 if (hash && !progress && bytes > 0) { 708 if (bytes < mark) 709 (void)putc('#', ttyout); 710 (void)putc('\n', ttyout); 711 (void)fflush(ttyout); 712 } 713 if (len != 0) { 714 warn("Reading from socket"); 715 goto cleanup_url_get; 716 } 717 progressmeter(1); 718 if ( 719 #ifndef SMALL 720 !resume && 721 #endif /* !SMALL */ 722 filesize != -1 && len == 0 && bytes != filesize) { 723 if (verbose) 724 fputs("Read short file.\n", ttyout); 725 goto cleanup_url_get; 726 } 727 728 if (verbose) 729 fputs("Successfully retrieved file.\n", ttyout); 730 (void)signal(SIGINT, oldintr); 731 732 rval = 0; 733 goto cleanup_url_get; 734 735 noftpautologin: 736 warnx( 737 "Auto-login using ftp URLs isn't supported when using $ftp_proxy"); 738 goto cleanup_url_get; 739 740 improper: 741 warnx("Improper response from %s", host); 742 743 cleanup_url_get: 744 #ifndef SMALL 745 if (ssl) { 746 SSL_shutdown(ssl); 747 SSL_free(ssl); 748 } 749 #endif /* !SMALL */ 750 if (fin != NULL) 751 fclose(fin); 752 else if (s != -1) 753 close(s); 754 free(buf); 755 free(proxyurl); 756 free(newline); 757 return (rval); 758 } 759 760 /* 761 * Abort a http retrieval 762 */ 763 /* ARGSUSED */ 764 void 765 aborthttp(int signo) 766 { 767 768 alarmtimer(0); 769 fputs("\nhttp fetch aborted.\n", ttyout); 770 (void)fflush(ttyout); 771 longjmp(httpabort, 1); 772 } 773 774 /* 775 * Abort a http retrieval 776 */ 777 /* ARGSUSED */ 778 void 779 abortfile(int signo) 780 { 781 782 alarmtimer(0); 783 fputs("\nfile fetch aborted.\n", ttyout); 784 (void)fflush(ttyout); 785 longjmp(httpabort, 1); 786 } 787 788 /* 789 * Retrieve multiple files from the command line, transferring 790 * files of the form "host:path", "ftp://host/path" using the 791 * ftp protocol, and files of the form "http://host/path" using 792 * the http protocol. 793 * If path has a trailing "/", then return (-1); 794 * the path will be cd-ed into and the connection remains open, 795 * and the function will return -1 (to indicate the connection 796 * is alive). 797 * If an error occurs the return value will be the offset+1 in 798 * argv[] of the file that caused a problem (i.e, argv[x] 799 * returns x+1) 800 * Otherwise, 0 is returned if all files retrieved successfully. 801 */ 802 int 803 auto_fetch(int argc, char *argv[], char *outfile) 804 { 805 char *xargv[5]; 806 char *cp, *url, *host, *dir, *file, *portnum; 807 char *username, *pass, *pathstart; 808 char *ftpproxy, *httpproxy; 809 int rval, xargc; 810 volatile int argpos; 811 int dirhasglob, filehasglob, oautologin; 812 char rempath[MAXPATHLEN]; 813 814 argpos = 0; 815 816 if (setjmp(toplevel)) { 817 if (connected) 818 disconnect(0, NULL); 819 return (argpos + 1); 820 } 821 (void)signal(SIGINT, (sig_t)intr); 822 (void)signal(SIGPIPE, (sig_t)lostpeer); 823 824 if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0') 825 ftpproxy = NULL; 826 if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0') 827 httpproxy = NULL; 828 829 /* 830 * Loop through as long as there's files to fetch. 831 */ 832 for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) { 833 if (strchr(argv[argpos], ':') == NULL) 834 break; 835 host = dir = file = portnum = username = pass = NULL; 836 837 /* 838 * We muck with the string, so we make a copy. 839 */ 840 url = strdup(argv[argpos]); 841 if (url == NULL) 842 errx(1, "Can't allocate memory for auto-fetch."); 843 844 /* 845 * Try HTTP URL-style arguments first. 846 */ 847 if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 848 #ifndef SMALL 849 /* even if we compiled without SSL, url_get will check */ 850 strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 || 851 #endif /* !SMALL */ 852 strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) { 853 redirect_loop = 0; 854 if (url_get(url, httpproxy, outfile) == -1) 855 rval = argpos + 1; 856 continue; 857 } 858 859 /* 860 * Try FTP URL-style arguments next. If ftpproxy is 861 * set, use url_get() instead of standard ftp. 862 * Finally, try host:file. 863 */ 864 host = url; 865 if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) { 866 char *passend, *passagain, *userend; 867 868 if (ftpproxy) { 869 if (url_get(url, ftpproxy, outfile) == -1) 870 rval = argpos + 1; 871 continue; 872 } 873 host += sizeof(FTP_URL) - 1; 874 dir = strchr(host, '/'); 875 876 /* Look for [user:pass@]host[:port] */ 877 878 /* check if we have "user:pass@" */ 879 userend = strchr(host, ':'); 880 passend = strchr(host, '@'); 881 if (passend && userend && userend < passend && 882 (!dir || passend < dir)) { 883 username = host; 884 pass = userend + 1; 885 host = passend + 1; 886 *userend = *passend = '\0'; 887 passagain = strchr(host, '@'); 888 if (strchr(pass, '@') != NULL || 889 (passagain != NULL && passagain < dir)) { 890 warnx(at_encoding_warning); 891 goto bad_ftp_url; 892 } 893 894 if (EMPTYSTRING(username)) { 895 bad_ftp_url: 896 warnx("Invalid URL: %s", argv[argpos]); 897 rval = argpos + 1; 898 continue; 899 } 900 username = urldecode(username); 901 pass = urldecode(pass); 902 } 903 904 #ifdef INET6 905 /* check [host]:port, or [host] */ 906 if (host[0] == '[') { 907 cp = strchr(host, ']'); 908 if (cp && (!dir || cp < dir)) { 909 if (cp + 1 == dir || cp[1] == ':') { 910 host++; 911 *cp++ = '\0'; 912 } else 913 cp = NULL; 914 } else 915 cp = host; 916 } else 917 cp = host; 918 #else 919 cp = host; 920 #endif 921 922 /* split off host[:port] if there is */ 923 if (cp) { 924 portnum = strchr(cp, ':'); 925 pathstart = strchr(cp, '/'); 926 /* : in path is not a port # indicator */ 927 if (portnum && pathstart && 928 pathstart < portnum) 929 portnum = NULL; 930 931 if (!portnum) 932 ; 933 else { 934 if (!dir) 935 ; 936 else if (portnum + 1 < dir) { 937 *portnum++ = '\0'; 938 /* 939 * XXX should check if portnum 940 * is decimal number 941 */ 942 } else { 943 /* empty portnum */ 944 goto bad_ftp_url; 945 } 946 } 947 } else 948 portnum = NULL; 949 } else { /* classic style `host:file' */ 950 dir = strchr(host, ':'); 951 } 952 if (EMPTYSTRING(host)) { 953 rval = argpos + 1; 954 continue; 955 } 956 957 /* 958 * If dir is NULL, the file wasn't specified 959 * (URL looked something like ftp://host) 960 */ 961 if (dir != NULL) 962 *dir++ = '\0'; 963 964 /* 965 * Extract the file and (if present) directory name. 966 */ 967 if (!EMPTYSTRING(dir)) { 968 cp = strrchr(dir, '/'); 969 if (cp != NULL) { 970 *cp++ = '\0'; 971 file = cp; 972 } else { 973 file = dir; 974 dir = NULL; 975 } 976 } 977 if (debug) 978 fprintf(ttyout, 979 "user %s:%s host %s port %s dir %s file %s\n", 980 username, pass ? "XXXX" : NULL, host, portnum, 981 dir, file); 982 983 /* 984 * Set up the connection. 985 */ 986 if (connected) 987 disconnect(0, NULL); 988 xargv[0] = __progname; 989 xargv[1] = host; 990 xargv[2] = NULL; 991 xargc = 2; 992 if (!EMPTYSTRING(portnum)) { 993 xargv[2] = portnum; 994 xargv[3] = NULL; 995 xargc = 3; 996 } 997 oautologin = autologin; 998 if (username != NULL) 999 autologin = 0; 1000 setpeer(xargc, xargv); 1001 autologin = oautologin; 1002 if ((connected == 0) || 1003 ((connected == 1) && !ftp_login(host, username, pass))) { 1004 warnx("Can't connect or login to host `%s'", host); 1005 rval = argpos + 1; 1006 continue; 1007 } 1008 1009 /* Always use binary transfers. */ 1010 setbinary(0, NULL); 1011 1012 dirhasglob = filehasglob = 0; 1013 if (doglob) { 1014 if (!EMPTYSTRING(dir) && 1015 strpbrk(dir, "*?[]{}") != NULL) 1016 dirhasglob = 1; 1017 if (!EMPTYSTRING(file) && 1018 strpbrk(file, "*?[]{}") != NULL) 1019 filehasglob = 1; 1020 } 1021 1022 /* Change directories, if necessary. */ 1023 if (!EMPTYSTRING(dir) && !dirhasglob) { 1024 xargv[0] = "cd"; 1025 xargv[1] = dir; 1026 xargv[2] = NULL; 1027 cd(2, xargv); 1028 if (!dirchange) { 1029 rval = argpos + 1; 1030 continue; 1031 } 1032 } 1033 1034 if (EMPTYSTRING(file)) { 1035 rval = -1; 1036 continue; 1037 } 1038 1039 if (verbose) 1040 fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file); 1041 1042 if (dirhasglob) { 1043 snprintf(rempath, sizeof(rempath), "%s/%s", dir, file); 1044 file = rempath; 1045 } 1046 1047 /* Fetch the file(s). */ 1048 xargc = 2; 1049 xargv[0] = "get"; 1050 xargv[1] = file; 1051 xargv[2] = NULL; 1052 if (dirhasglob || filehasglob) { 1053 int ointeractive; 1054 1055 ointeractive = interactive; 1056 interactive = 0; 1057 xargv[0] = "mget"; 1058 #ifndef SMALL 1059 if (resume) { 1060 xargc = 3; 1061 xargv[1] = "-c"; 1062 xargv[2] = file; 1063 xargv[3] = NULL; 1064 } 1065 #endif /* !SMALL */ 1066 mget(xargc, xargv); 1067 interactive = ointeractive; 1068 } else { 1069 if (outfile != NULL) { 1070 xargv[2] = outfile; 1071 xargv[3] = NULL; 1072 xargc++; 1073 } 1074 #ifndef SMALL 1075 if (resume) 1076 reget(xargc, xargv); 1077 else 1078 #endif /* !SMALL */ 1079 get(xargc, xargv); 1080 } 1081 1082 if ((code / 100) != COMPLETE) 1083 rval = argpos + 1; 1084 } 1085 if (connected && rval != -1) 1086 disconnect(0, NULL); 1087 return (rval); 1088 } 1089 1090 char * 1091 urldecode(const char *str) 1092 { 1093 char *ret, c; 1094 int i, reallen; 1095 1096 if (str == NULL) 1097 return NULL; 1098 if ((ret = malloc(strlen(str)+1)) == NULL) 1099 err(1, "Can't allocate memory for URL decoding"); 1100 for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) { 1101 c = str[i]; 1102 if (c == '+') { 1103 *ret = ' '; 1104 continue; 1105 } 1106 1107 /* Cannot use strtol here because next char 1108 * after %xx may be a digit. 1109 */ 1110 if (c == '%' && isxdigit(str[i+1]) && isxdigit(str[i+2])) { 1111 *ret = hextochar(&str[i+1]); 1112 i+=2; 1113 continue; 1114 } 1115 *ret = c; 1116 } 1117 *ret = '\0'; 1118 1119 return ret-reallen; 1120 } 1121 1122 char 1123 hextochar(const char *str) 1124 { 1125 char c, ret; 1126 1127 c = str[0]; 1128 ret = c; 1129 if (isalpha(c)) 1130 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1131 else 1132 ret -= '0'; 1133 ret *= 16; 1134 1135 c = str[1]; 1136 ret += c; 1137 if (isalpha(c)) 1138 ret -= isupper(c) ? 'A' - 10 : 'a' - 10; 1139 else 1140 ret -= '0'; 1141 return ret; 1142 } 1143 1144 int 1145 isurl(const char *p) 1146 { 1147 1148 if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 || 1149 strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 || 1150 #ifndef SMALL 1151 strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 || 1152 #endif /* !SMALL */ 1153 strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 || 1154 strstr(p, ":/")) 1155 return (1); 1156 return (0); 1157 } 1158 1159 char * 1160 ftp_readline(FILE *fp, SSL *ssl, size_t *lenp) 1161 { 1162 if (fp != NULL) 1163 return fparseln(fp, lenp, NULL, "\0\0\0", 0); 1164 #ifndef SMALL 1165 else if (ssl != NULL) 1166 return SSL_readline(ssl, lenp); 1167 #endif /* !SMALL */ 1168 else 1169 return NULL; 1170 } 1171 1172 size_t 1173 ftp_read(FILE *fp, SSL *ssl, char *buf, size_t len) 1174 { 1175 size_t ret; 1176 if (fp != NULL) 1177 ret = fread(buf, sizeof(char), len, fp); 1178 #ifndef SMALL 1179 else if (ssl != NULL) { 1180 int nr; 1181 1182 if (len > INT_MAX) 1183 len = INT_MAX; 1184 if ((nr = SSL_read(ssl, buf, (int)len)) <= 0) 1185 ret = 0; 1186 else 1187 ret = nr; 1188 } 1189 #endif /* !SMALL */ 1190 else 1191 ret = 0; 1192 return (ret); 1193 } 1194 1195 int 1196 ftp_printf(FILE *fp, SSL *ssl, const char *fmt, ...) 1197 { 1198 int ret; 1199 va_list ap; 1200 1201 va_start(ap, fmt); 1202 1203 if (fp != NULL) 1204 ret = vfprintf(fp, fmt, ap); 1205 #ifndef SMALL 1206 else if (ssl != NULL) 1207 ret = SSL_vprintf((SSL*)ssl, fmt, ap); 1208 #endif /* !SMALL */ 1209 else 1210 ret = NULL; 1211 1212 va_end(ap); 1213 return (ret); 1214 } 1215 1216 #ifndef SMALL 1217 int 1218 SSL_vprintf(SSL *ssl, const char *fmt, va_list ap) 1219 { 1220 int ret; 1221 char *string; 1222 1223 if ((ret = vasprintf(&string, fmt, ap)) == -1) 1224 return ret; 1225 ret = SSL_write(ssl, string, ret); 1226 free(string); 1227 return ret; 1228 } 1229 1230 char * 1231 SSL_readline(SSL *ssl, size_t *lenp) 1232 { 1233 size_t i, len; 1234 char *buf, *q, c; 1235 1236 len = 128; 1237 if ((buf = malloc(len)) == NULL) 1238 errx(1, "Can't allocate memory for transfer buffer"); 1239 for (i = 0; ; i++) { 1240 if (i >= len - 1) { 1241 if ((q = realloc(buf, 2 * len)) == NULL) 1242 errx(1, "Can't expand transfer buffer"); 1243 buf = q; 1244 len *= 2; 1245 } 1246 if (SSL_read(ssl, &c, 1) <= 0) 1247 break; 1248 buf[i] = c; 1249 if (c == '\n') 1250 break; 1251 } 1252 *lenp = i; 1253 return (buf); 1254 } 1255 1256 int 1257 proxy_connect(int socket, char *host) 1258 { 1259 int l; 1260 char buf[1024]; 1261 char *connstr, *hosttail, *port; 1262 1263 if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL && 1264 (hosttail[1] == '\0' || hosttail[1] == ':')) { 1265 host++; 1266 *hosttail++ = '\0'; 1267 } else 1268 hosttail = host; 1269 1270 port = strrchr(hosttail, ':'); /* find portnum */ 1271 if (port != NULL) 1272 *port++ = '\0'; 1273 if (!port) 1274 port = "443"; 1275 1276 l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\n\n", host, port); 1277 if (l == -1) 1278 errx(1, "Could not allocate memory to assemble connect string!"); 1279 if (debug) 1280 printf("%s", connstr); 1281 if (write(socket, connstr, l) != l) 1282 err(1, "Could not send connect string"); 1283 read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */ 1284 free(connstr); 1285 return(200); 1286 } 1287 #endif /* !SMALL */ 1288