Annotation of src/usr.bin/ftp/fetch.c, Revision 1.157
1.157 ! deraadt 1: /* $OpenBSD: fetch.c,v 1.156 2017/01/07 12:10:11 tb Exp $ */
1.15 millert 2: /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
1.1 millert 3:
4: /*-
5: * Copyright (c) 1997 The NetBSD Foundation, Inc.
6: * All rights reserved.
7: *
8: * This code is derived from software contributed to The NetBSD Foundation
9: * by Jason Thorpe and Luke Mewburn.
10: *
11: * Redistribution and use in source and binary forms, with or without
12: * modification, are permitted provided that the following conditions
13: * are met:
14: * 1. Redistributions of source code must retain the above copyright
15: * notice, this list of conditions and the following disclaimer.
16: * 2. Redistributions in binary form must reproduce the above copyright
17: * notice, this list of conditions and the following disclaimer in the
18: * documentation and/or other materials provided with the distribution.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
1.15 millert 23: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
1.1 millert 25: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30: * POSSIBILITY OF SUCH DAMAGE.
31: */
32:
33: /*
34: * FTP User Program -- Command line file retrieval
35: */
36:
37: #include <sys/types.h>
38: #include <sys/socket.h>
1.22 deraadt 39: #include <sys/stat.h>
1.1 millert 40:
41: #include <netinet/in.h>
42:
43: #include <arpa/ftp.h>
44: #include <arpa/inet.h>
45:
46: #include <ctype.h>
47: #include <err.h>
1.17 millert 48: #include <libgen.h>
1.1 millert 49: #include <netdb.h>
50: #include <fcntl.h>
1.3 millert 51: #include <signal.h>
1.1 millert 52: #include <stdio.h>
1.61 deraadt 53: #include <stdarg.h>
1.19 deraadt 54: #include <errno.h>
1.1 millert 55: #include <stdlib.h>
56: #include <string.h>
57: #include <unistd.h>
1.40 fgsch 58: #include <util.h>
1.73 drahn 59: #include <resolv.h>
1.1 millert 60:
1.154 deraadt 61: #ifndef NOSSL
1.134 jsing 62: #include <tls.h>
1.154 deraadt 63: #else /* !NOSSL */
1.134 jsing 64: struct tls;
1.154 deraadt 65: #endif /* !NOSSL */
1.61 deraadt 66:
1.1 millert 67: #include "ftp_var.h"
1.86 martynas 68: #include "cmds.h"
1.1 millert 69:
1.157 ! deraadt 70: static int url_get(const char *, const char *, const char *, int);
1.38 millert 71: void aborthttp(int);
72: void abortfile(int);
1.42 deraadt 73: char hextochar(const char *);
74: char *urldecode(const char *);
1.123 guenther 75: char *recode_credentials(const char *_userinfo);
1.134 jsing 76: int ftp_printf(FILE *, struct tls *, const char *, ...) __attribute__((format(printf, 3, 4)));
77: char *ftp_readline(FILE *, struct tls *, size_t *);
78: size_t ftp_read(FILE *, struct tls *, char *, size_t);
1.61 deraadt 79: #ifndef SMALL
1.81 espie 80: int proxy_connect(int, char *, char *);
1.154 deraadt 81: #endif /* !SMALL */
82: #ifndef NOSSL
1.134 jsing 83: int SSL_vprintf(struct tls *, const char *, va_list);
84: char *SSL_readline(struct tls *, size_t *);
1.78 martynas 85: #endif /* !SMALL */
1.14 millert 86:
1.1 millert 87: #define FTP_URL "ftp://" /* ftp URL prefix */
88: #define HTTP_URL "http://" /* http URL prefix */
1.61 deraadt 89: #define HTTPS_URL "https://" /* https URL prefix */
1.22 deraadt 90: #define FILE_URL "file:" /* file URL prefix */
1.6 millert 91: #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */
1.1 millert 92: #define HTTP_PROXY "http_proxy" /* env var with http proxy location */
93:
94: #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0'))
95:
1.110 guenther 96: static const char at_encoding_warning[] =
1.53 deraadt 97: "Extra `@' characters in usernames and passwords should be encoded as %%40";
1.37 heko 98:
1.1 millert 99: jmp_buf httpabort;
100:
1.54 fgsch 101: static int redirect_loop;
102:
1.1 millert 103: /*
1.95 martynas 104: * Determine whether the character needs encoding, per RFC1738:
105: * - No corresponding graphic US-ASCII.
106: * - Unsafe characters.
107: */
108: static int
1.138 jca 109: unsafe_char(const char *c0)
1.95 martynas 110: {
111: const char *unsafe_chars = " <>\"#{}|\\^~[]`";
1.138 jca 112: const unsigned char *c = (const unsigned char *)c0;
1.95 martynas 113:
114: /*
115: * No corresponding graphic US-ASCII.
116: * Control characters and octets not used in US-ASCII.
117: */
118: return (iscntrl(*c) || !isascii(*c) ||
119:
120: /*
121: * Unsafe characters.
122: * '%' is also unsafe, if is not followed by two
123: * hexadecimal digits.
124: */
125: strchr(unsafe_chars, *c) != NULL ||
126: (*c == '%' && (!isxdigit(*++c) || !isxdigit(*++c))));
127: }
128:
129: /*
130: * Encode given URL, per RFC1738.
131: * Allocate and return string to the caller.
132: */
133: static char *
134: url_encode(const char *path)
135: {
136: size_t i, length, new_length;
137: char *epath, *epathp;
138:
139: length = new_length = strlen(path);
140:
141: /*
142: * First pass:
143: * Count unsafe characters, and determine length of the
144: * final URL.
145: */
146: for (i = 0; i < length; i++)
147: if (unsafe_char(path + i))
148: new_length += 2;
149:
150: epath = epathp = malloc(new_length + 1); /* One more for '\0'. */
151: if (epath == NULL)
1.102 halex 152: err(1, "Can't allocate memory for URL encoding");
1.95 martynas 153:
154: /*
155: * Second pass:
156: * Encode, and copy final URL.
157: */
158: for (i = 0; i < length; i++)
159: if (unsafe_char(path + i)) {
1.138 jca 160: snprintf(epathp, 4, "%%" "%02x",
161: (unsigned char)path[i]);
1.95 martynas 162: epathp += 3;
163: } else
164: *(epathp++) = path[i];
165:
166: *epathp = '\0';
167: return (epath);
168: }
169:
1.155 deraadt 170: /* ARGSUSED */
171: static void
172: tooslow(int signo)
173: {
174: dprintf(STDERR_FILENO, "%s: connect taking too long\n", __progname);
175: _exit(2);
176: }
177:
1.95 martynas 178: /*
1.6 millert 179: * Retrieve URL, via the proxy in $proxyvar if necessary.
1.1 millert 180: * Modifies the string argument given.
181: * Returns -1 on failure, 0 on success
182: */
1.14 millert 183: static int
1.157 ! deraadt 184: url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile)
1.1 millert 185: {
1.69 jsg 186: char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4];
1.62 ray 187: char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL;
1.106 haesbaer 188: char *epath, *redirurl, *loctail, *h, *p;
1.53 deraadt 189: int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1;
1.152 krw 190: struct addrinfo hints, *res0, *res;
1.34 millert 191: const char * volatile savefile;
1.62 ray 192: char * volatile proxyurl = NULL;
1.123 guenther 193: char *credentials = NULL;
1.53 deraadt 194: volatile int s = -1, out;
1.97 martynas 195: volatile sig_t oldintr, oldinti;
1.53 deraadt 196: FILE *fin = NULL;
1.1 millert 197: off_t hashbytes;
1.58 grunk 198: const char *errstr;
1.114 tedu 199: ssize_t len, wlen;
1.136 bluhm 200: char *proxyhost = NULL;
1.154 deraadt 201: #ifndef NOSSL
1.61 deraadt 202: char *sslpath = NULL, *sslhost = NULL;
1.123 guenther 203: char *locbase, *full_host = NULL;
1.102 halex 204: const char *scheme;
1.123 guenther 205: int ishttpurl = 0, ishttpsurl = 0;
1.152 krw 206: struct addrinfo *ares = NULL;
1.154 deraadt 207: #endif /* !NOSSL */
1.134 jsing 208: struct tls *tls = NULL;
1.70 deraadt 209: int status;
1.105 haesbaer 210: int save_errno;
1.113 tedu 211: const size_t buflen = 128 * 1024;
1.14 millert 212:
1.97 martynas 213: direction = "received";
214:
1.62 ray 215: newline = strdup(origline);
216: if (newline == NULL)
1.14 millert 217: errx(1, "Can't allocate memory to parse URL");
1.102 halex 218: if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) {
1.62 ray 219: host = newline + sizeof(HTTP_URL) - 1;
1.102 halex 220: #ifndef SMALL
1.123 guenther 221: ishttpurl = 1;
1.102 halex 222: scheme = HTTP_URL;
223: #endif /* !SMALL */
224: } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.62 ray 225: host = newline + sizeof(FTP_URL) - 1;
1.14 millert 226: isftpurl = 1;
1.102 halex 227: #ifndef SMALL
228: scheme = FTP_URL;
229: #endif /* !SMALL */
1.62 ray 230: } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
231: host = newline + sizeof(FILE_URL) - 1;
1.22 deraadt 232: isfileurl = 1;
1.154 deraadt 233: #ifndef NOSSL
1.102 halex 234: scheme = FILE_URL;
1.62 ray 235: } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) {
236: host = newline + sizeof(HTTPS_URL) - 1;
1.61 deraadt 237: ishttpsurl = 1;
1.102 halex 238: scheme = HTTPS_URL;
1.154 deraadt 239: #endif /* !NOSSL */
1.14 millert 240: } else
1.62 ray 241: errx(1, "url_get: Invalid URL '%s'", newline);
1.6 millert 242:
1.22 deraadt 243: if (isfileurl) {
244: path = host;
245: } else {
1.93 martynas 246: path = strchr(host, '/'); /* Find path */
1.22 deraadt 247: if (EMPTYSTRING(path)) {
1.93 martynas 248: if (outfile) { /* No slash, but */
249: path=strchr(host,'\0'); /* we have outfile. */
250: goto noslash;
251: }
1.22 deraadt 252: if (isftpurl)
253: goto noftpautologin;
1.94 martynas 254: warnx("No `/' after host (use -o): %s", origline);
1.22 deraadt 255: goto cleanup_url_get;
256: }
257: *path++ = '\0';
1.93 martynas 258: if (EMPTYSTRING(path) && !outfile) {
1.22 deraadt 259: if (isftpurl)
260: goto noftpautologin;
1.94 martynas 261: warnx("No filename after host (use -o): %s", origline);
1.22 deraadt 262: goto cleanup_url_get;
263: }
1.14 millert 264: }
1.1 millert 265:
1.93 martynas 266: noslash:
1.106 haesbaer 267:
1.154 deraadt 268: #ifndef NOSSL
1.106 haesbaer 269: /*
270: * Look for auth header in host, since now host does not
271: * contain the path. Basic auth from RFC 2617, valid
272: * characters for path are in RFC 3986 section 3.3.
273: */
1.123 guenther 274: if (proxyenv == NULL && (ishttpurl || ishttpsurl)) {
1.106 haesbaer 275: if ((p = strchr(host, '@')) != NULL) {
1.123 guenther 276: *p = '\0';
277: credentials = recode_credentials(host);
1.106 haesbaer 278: host = p + 1;
279: }
280: }
1.154 deraadt 281: #endif /* NOSSL */
1.106 haesbaer 282:
1.17 millert 283: if (outfile)
284: savefile = outfile;
1.93 martynas 285: else {
286: if (path[strlen(path) - 1] == '/') /* Consider no file */
287: savefile = NULL; /* after dir invalid. */
288: else
289: savefile = basename(path);
1.75 martynas 290: }
291:
1.14 millert 292: if (EMPTYSTRING(savefile)) {
293: if (isftpurl)
294: goto noftpautologin;
1.94 martynas 295: warnx("No filename after directory (use -o): %s", origline);
1.6 millert 296: goto cleanup_url_get;
1.14 millert 297: }
1.1 millert 298:
1.93 martynas 299: #ifndef SMALL
1.100 halex 300: if (resume && pipeout) {
1.93 martynas 301: warnx("can't append to stdout");
302: goto cleanup_url_get;
303: }
304: #endif /* !SMALL */
305:
1.59 uwe 306: if (!isfileurl && proxyenv != NULL) { /* use proxy */
1.154 deraadt 307: #ifndef NOSSL
1.61 deraadt 308: if (ishttpsurl) {
309: sslpath = strdup(path);
310: sslhost = strdup(host);
311: if (! sslpath || ! sslhost)
312: errx(1, "Can't allocate memory for https path/host.");
313: }
1.154 deraadt 314: #endif /* !NOSSL */
1.136 bluhm 315: proxyhost = strdup(host);
316: if (proxyhost == NULL)
317: errx(1, "Can't allocate memory for proxy host.");
1.62 ray 318: proxyurl = strdup(proxyenv);
319: if (proxyurl == NULL)
1.14 millert 320: errx(1, "Can't allocate memory for proxy URL.");
1.62 ray 321: if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0)
322: host = proxyurl + sizeof(HTTP_URL) - 1;
323: else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0)
324: host = proxyurl + sizeof(FTP_URL) - 1;
1.6 millert 325: else {
1.14 millert 326: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 327: goto cleanup_url_get;
328: }
1.14 millert 329: if (EMPTYSTRING(host)) {
330: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 331: goto cleanup_url_get;
1.14 millert 332: }
1.93 martynas 333: if (*--path == '\0')
334: *path = '/'; /* add / back to real path */
1.1 millert 335: path = strchr(host, '/'); /* remove trailing / on host */
1.42 deraadt 336: if (!EMPTYSTRING(path))
1.73 drahn 337: *path++ = '\0'; /* i guess this ++ is useless */
338:
339: path = strchr(host, '@'); /* look for credentials in proxy */
340: if (!EMPTYSTRING(path)) {
1.81 espie 341: *path = '\0';
1.123 guenther 342: if (strchr(host, ':') == NULL) {
1.73 drahn 343: warnx("Malformed proxy URL: %s", proxyenv);
344: goto cleanup_url_get;
345: }
1.123 guenther 346: credentials = recode_credentials(host);
1.81 espie 347: *path = '@'; /* restore @ in proxyurl */
1.123 guenther 348:
1.73 drahn 349: /*
1.81 espie 350: * This removes the password from proxyurl,
1.73 drahn 351: * filling with stars
352: */
1.81 espie 353: for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@';
1.73 drahn 354: host++)
355: *host = '*';
356:
1.81 espie 357: host = path + 1;
1.73 drahn 358: }
1.123 guenther 359:
1.62 ray 360: path = newline;
1.1 millert 361: }
362:
1.22 deraadt 363: if (isfileurl) {
364: struct stat st;
365:
366: s = open(path, O_RDONLY);
367: if (s == -1) {
368: warn("Can't open file %s", path);
369: goto cleanup_url_get;
370: }
371:
372: if (fstat(s, &st) == -1)
373: filesize = -1;
374: else
375: filesize = st.st_size;
376:
1.83 martynas 377: /* Open the output file. */
1.100 halex 378: if (!pipeout) {
1.75 martynas 379: #ifndef SMALL
380: if (resume)
1.82 deraadt 381: out = open(savefile, O_CREAT | O_WRONLY |
382: O_APPEND, 0666);
383:
1.75 martynas 384: else
1.78 martynas 385: #endif /* !SMALL */
1.75 martynas 386: out = open(savefile, O_CREAT | O_WRONLY |
387: O_TRUNC, 0666);
1.22 deraadt 388: if (out < 0) {
389: warn("Can't open %s", savefile);
390: goto cleanup_url_get;
391: }
392: } else
393: out = fileno(stdout);
394:
1.75 martynas 395: #ifndef SMALL
396: if (resume) {
397: if (fstat(out, &st) == -1) {
398: warn("Can't fstat %s", savefile);
399: goto cleanup_url_get;
400: }
401: if (lseek(s, st.st_size, SEEK_SET) == -1) {
402: warn("Can't lseek %s", path);
403: goto cleanup_url_get;
404: }
405: restart_point = st.st_size;
406: }
1.78 martynas 407: #endif /* !SMALL */
1.75 martynas 408:
1.22 deraadt 409: /* Trap signals */
410: oldintr = NULL;
1.97 martynas 411: oldinti = NULL;
1.22 deraadt 412: if (setjmp(httpabort)) {
413: if (oldintr)
414: (void)signal(SIGINT, oldintr);
1.97 martynas 415: if (oldinti)
416: (void)signal(SIGINFO, oldinti);
1.22 deraadt 417: goto cleanup_url_get;
418: }
419: oldintr = signal(SIGINT, abortfile);
1.42 deraadt 420:
1.22 deraadt 421: bytes = 0;
422: hashbytes = mark;
1.84 martynas 423: progressmeter(-1, path);
1.40 fgsch 424:
1.113 tedu 425: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 426: errx(1, "Can't allocate memory for transfer buffer");
1.42 deraadt 427:
1.22 deraadt 428: /* Finally, suck down the file. */
429: i = 0;
1.97 martynas 430: oldinti = signal(SIGINFO, psummary);
1.113 tedu 431: while ((len = read(s, buf, buflen)) > 0) {
1.22 deraadt 432: bytes += len;
433: for (cp = buf; len > 0; len -= i, cp += i) {
434: if ((i = write(out, cp, len)) == -1) {
435: warn("Writing %s", savefile);
1.97 martynas 436: signal(SIGINFO, oldinti);
1.22 deraadt 437: goto cleanup_url_get;
438: }
439: else if (i == 0)
440: break;
441: }
442: if (hash && !progress) {
443: while (bytes >= hashbytes) {
444: (void)putc('#', ttyout);
445: hashbytes += mark;
446: }
447: (void)fflush(ttyout);
448: }
449: }
1.97 martynas 450: signal(SIGINFO, oldinti);
1.22 deraadt 451: if (hash && !progress && bytes > 0) {
452: if (bytes < mark)
453: (void)putc('#', ttyout);
454: (void)putc('\n', ttyout);
455: (void)fflush(ttyout);
456: }
457: if (len != 0) {
458: warn("Reading from file");
459: goto cleanup_url_get;
460: }
1.84 martynas 461: progressmeter(1, NULL);
1.22 deraadt 462: if (verbose)
1.97 martynas 463: ptransfer(0);
1.22 deraadt 464: (void)signal(SIGINT, oldintr);
1.42 deraadt 465:
1.40 fgsch 466: rval = 0;
467: goto cleanup_url_get;
1.22 deraadt 468: }
469:
1.28 itojun 470: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
471: (hosttail[1] == '\0' || hosttail[1] == ':')) {
472: host++;
473: *hosttail++ = '\0';
1.102 halex 474: #ifndef SMALL
475: if (asprintf(&full_host, "[%s]", host) == -1)
476: errx(1, "Cannot allocate memory for hostname");
477: #endif /* !SMALL */
1.28 itojun 478: } else
479: hosttail = host;
480:
481: portnum = strrchr(hosttail, ':'); /* find portnum */
1.1 millert 482: if (portnum != NULL)
483: *portnum++ = '\0';
1.154 deraadt 484: #ifndef NOSSL
1.150 millert 485: port = portnum ? portnum : (ishttpsurl ? httpsport : httpport);
1.154 deraadt 486: #else /* !NOSSL */
1.150 millert 487: port = portnum ? portnum : httpport;
1.154 deraadt 488: #endif /* !NOSSL */
1.1 millert 489:
1.80 martynas 490: #ifndef SMALL
1.102 halex 491: if (full_host == NULL)
492: if ((full_host = strdup(host)) == NULL)
493: errx(1, "Cannot allocate memory for hostname");
1.1 millert 494: if (debug)
1.106 haesbaer 495: fprintf(ttyout, "host %s, port %s, path %s, "
1.150 millert 496: "save as %s, auth %s.\n", host, port, path,
497: savefile, credentials ? credentials : "none");
1.80 martynas 498: #endif /* !SMALL */
1.1 millert 499:
1.25 itojun 500: memset(&hints, 0, sizeof(hints));
1.39 deraadt 501: hints.ai_family = family;
1.25 itojun 502: hints.ai_socktype = SOCK_STREAM;
503: error = getaddrinfo(host, port, &hints, &res0);
1.61 deraadt 504: /*
505: * If the services file is corrupt/missing, fall back
506: * on our hard-coded defines.
507: */
1.30 deraadt 508: if (error == EAI_SERVICE && port == httpport) {
509: snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT);
510: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 511: #ifndef NOSSL
1.61 deraadt 512: } else if (error == EAI_SERVICE && port == httpsport) {
513: snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT);
514: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 515: #endif /* !NOSSL */
1.30 deraadt 516: }
1.25 itojun 517: if (error) {
1.122 guenther 518: warnx("%s: %s", host, gai_strerror(error));
1.25 itojun 519: goto cleanup_url_get;
1.1 millert 520: }
521:
1.105 haesbaer 522: #ifndef SMALL
523: if (srcaddr) {
524: hints.ai_flags |= AI_NUMERICHOST;
525: error = getaddrinfo(srcaddr, NULL, &hints, &ares);
526: if (error) {
1.122 guenther 527: warnx("%s: %s", srcaddr, gai_strerror(error));
1.105 haesbaer 528: goto cleanup_url_get;
529: }
530: }
531: #endif /* !SMALL */
1.135 deraadt 532:
533: /* ensure consistent order of the output */
534: if (verbose)
535: setvbuf(ttyout, NULL, _IOLBF, 0);
1.105 haesbaer 536:
1.25 itojun 537: s = -1;
538: for (res = res0; res; res = res->ai_next) {
1.44 itojun 539: if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
540: sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
541: strlcpy(hbuf, "(unknown)", sizeof(hbuf));
1.41 deraadt 542: if (verbose)
1.44 itojun 543: fprintf(ttyout, "Trying %s...\n", hbuf);
1.14 millert 544:
1.25 itojun 545: s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
546: if (s == -1) {
547: cause = "socket";
548: continue;
1.1 millert 549: }
550:
1.105 haesbaer 551: #ifndef SMALL
552: if (srcaddr) {
553: if (ares->ai_family != res->ai_family) {
554: close(s);
555: s = -1;
556: errno = EINVAL;
557: cause = "bind";
558: continue;
559: }
560: if (bind(s, ares->ai_addr, ares->ai_addrlen) < 0) {
561: save_errno = errno;
562: close(s);
563: errno = save_errno;
564: s = -1;
565: cause = "bind";
566: continue;
567: }
568: }
569: #endif /* !SMALL */
570:
1.155 deraadt 571: if (connect_timeout) {
572: (void)signal(SIGALRM, tooslow);
573: alarmtimer(connect_timeout);
574: }
575:
1.149 millert 576: for (error = connect(s, res->ai_addr, res->ai_addrlen);
577: error != 0 && errno == EINTR; error = connect_wait(s))
578: continue;
579: if (error != 0) {
1.57 otto 580: save_errno = errno;
1.25 itojun 581: close(s);
1.57 otto 582: errno = save_errno;
1.25 itojun 583: s = -1;
584: cause = "connect";
1.19 deraadt 585: continue;
586: }
1.25 itojun 587:
1.29 itojun 588: /* get port in numeric */
589: if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0,
590: pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0)
591: port = pbuf;
592: else
593: port = NULL;
594:
1.61 deraadt 595: #ifndef SMALL
596: if (proxyenv && sslhost)
1.123 guenther 597: proxy_connect(s, sslhost, credentials);
1.78 martynas 598: #endif /* !SMALL */
1.25 itojun 599: break;
600: }
601: freeaddrinfo(res0);
1.105 haesbaer 602: #ifndef SMALL
603: if (srcaddr)
604: freeaddrinfo(ares);
605: #endif /* !SMALL */
1.25 itojun 606: if (s < 0) {
1.33 millert 607: warn("%s", cause);
1.6 millert 608: goto cleanup_url_get;
1.1 millert 609: }
610:
1.154 deraadt 611: #ifndef NOSSL
1.61 deraadt 612: if (ishttpsurl) {
613: if (proxyenv && sslpath) {
614: ishttpsurl = 0;
1.62 ray 615: proxyurl = NULL;
1.61 deraadt 616: path = sslpath;
617: }
1.131 jca 618: if (sslhost == NULL) {
619: sslhost = strdup(host);
620: if (sslhost == NULL)
621: errx(1, "Can't allocate memory for https host.");
1.116 jca 622: }
1.134 jsing 623: if ((tls = tls_client()) == NULL) {
1.126 jsing 624: fprintf(ttyout, "failed to create SSL client\n");
1.61 deraadt 625: goto cleanup_url_get;
626: }
1.134 jsing 627: if (tls_configure(tls, tls_config) != 0) {
1.126 jsing 628: fprintf(ttyout, "SSL configuration failure: %s\n",
1.134 jsing 629: tls_error(tls));
1.61 deraadt 630: goto cleanup_url_get;
1.117 jca 631: }
1.134 jsing 632: if (tls_connect_socket(tls, s, sslhost) != 0) {
633: fprintf(ttyout, "SSL failure: %s\n", tls_error(tls));
1.72 ray 634: goto cleanup_url_get;
1.118 jca 635: }
1.61 deraadt 636: } else {
637: fin = fdopen(s, "r+");
638: }
1.154 deraadt 639: #else /* !NOSSL */
1.40 fgsch 640: fin = fdopen(s, "r+");
1.154 deraadt 641: #endif /* !NOSSL */
1.155 deraadt 642:
1.157 ! deraadt 643: #ifdef SMALL
! 644: if (lastfile) {
! 645: if (pipeout) {
! 646: if (pledge("stdio rpath inet dns tty", NULL) == -1)
! 647: err(1, "pledge");
! 648: } else {
! 649: if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1)
! 650: err(1, "pledge");
! 651: }
! 652: }
! 653: #endif
! 654:
1.155 deraadt 655: if (connect_timeout) {
656: signal(SIGALRM, SIG_DFL);
657: alarmtimer(0);
658: }
1.40 fgsch 659:
1.1 millert 660: /*
1.40 fgsch 661: * Construct and send the request. Proxy requests don't want leading /.
1.1 millert 662: */
1.154 deraadt 663: #ifndef NOSSL
1.74 pyr 664: cookie_get(host, path, ishttpsurl, &buf);
1.154 deraadt 665: #endif /* !NOSSL */
1.95 martynas 666:
667: epath = url_encode(path);
1.62 ray 668: if (proxyurl) {
1.151 millert 669: if (verbose) {
670: fprintf(ttyout, "Requesting %s (via %s)\n",
671: origline, proxyurl);
672: }
1.32 itojun 673: /*
674: * Host: directive must use the destination host address for
1.136 bluhm 675: * the original URI (path).
1.32 itojun 676: */
1.123 guenther 677: if (credentials)
1.134 jsing 678: ftp_printf(fin, tls, "GET %s HTTP/1.0\r\n"
1.136 bluhm 679: "Proxy-Authorization: Basic %s\r\n"
680: "Host: %s\r\n%s%s\r\n\r\n",
681: epath, credentials,
682: proxyhost, buf ? buf : "", httpuseragent);
1.73 drahn 683: else
1.136 bluhm 684: ftp_printf(fin, tls, "GET %s HTTP/1.0\r\n"
685: "Host: %s\r\n%s%s\r\n\r\n",
686: epath, proxyhost, buf ? buf : "", httpuseragent);
1.28 itojun 687: } else {
1.151 millert 688: if (verbose)
689: fprintf(ttyout, "Requesting %s\n", origline);
1.90 martynas 690: #ifndef SMALL
691: if (resume) {
692: struct stat stbuf;
693:
694: if (stat(savefile, &stbuf) == 0)
695: restart_point = stbuf.st_size;
696: else
697: restart_point = 0;
698: }
1.154 deraadt 699: #endif /* SMALL */
700: #ifndef NOSSL
1.123 guenther 701: if (credentials) {
1.134 jsing 702: ftp_printf(fin, tls,
1.106 haesbaer 703: "GET /%s %s\r\nAuthorization: Basic %s\r\nHost: ",
704: epath, restart_point ?
705: "HTTP/1.1\r\nConnection: close" : "HTTP/1.0",
1.123 guenther 706: credentials);
707: free(credentials);
708: credentials = NULL;
1.106 haesbaer 709: } else
1.154 deraadt 710: #endif /* NOSSL */
1.134 jsing 711: ftp_printf(fin, tls, "GET /%s %s\r\nHost: ", epath,
1.107 haesbaer 712: #ifndef SMALL
713: restart_point ? "HTTP/1.1\r\nConnection: close" :
714: #endif /* !SMALL */
715: "HTTP/1.0");
1.136 bluhm 716: if (proxyhost) {
717: ftp_printf(fin, tls, "%s", proxyhost);
718: port = NULL;
719: } else if (strchr(host, ':')) {
1.55 fgsch 720: /*
721: * strip off scoped address portion, since it's
722: * local to node
723: */
1.32 itojun 724: h = strdup(host);
725: if (h == NULL)
726: errx(1, "Can't allocate memory.");
727: if ((p = strchr(h, '%')) != NULL)
728: *p = '\0';
1.134 jsing 729: ftp_printf(fin, tls, "[%s]", h);
1.32 itojun 730: free(h);
1.55 fgsch 731: } else
1.134 jsing 732: ftp_printf(fin, tls, "%s", host);
1.55 fgsch 733:
734: /*
735: * Send port number only if it's specified and does not equal
736: * 80. Some broken HTTP servers get confused if you explicitly
737: * send them the port number.
738: */
1.154 deraadt 739: #ifndef NOSSL
1.61 deraadt 740: if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0)
1.134 jsing 741: ftp_printf(fin, tls, ":%s", port);
1.90 martynas 742: if (restart_point)
1.134 jsing 743: ftp_printf(fin, tls, "\r\nRange: bytes=%lld-",
1.75 martynas 744: (long long)restart_point);
1.154 deraadt 745: #else /* !NOSSL */
1.55 fgsch 746: if (port && strcmp(port, "80") != 0)
1.134 jsing 747: ftp_printf(fin, tls, ":%s", port);
1.154 deraadt 748: #endif /* !NOSSL */
1.134 jsing 749: ftp_printf(fin, tls, "\r\n%s%s\r\n\r\n",
1.124 lteo 750: buf ? buf : "", httpuseragent);
1.28 itojun 751: }
1.95 martynas 752: free(epath);
1.74 pyr 753:
1.154 deraadt 754: #ifndef NOSSL
1.74 pyr 755: free(buf);
1.156 tb 756: #endif /* !NOSSL */
1.74 pyr 757: buf = NULL;
758:
1.61 deraadt 759: if (fin != NULL && fflush(fin) == EOF) {
1.14 millert 760: warn("Writing HTTP request");
1.6 millert 761: goto cleanup_url_get;
1.1 millert 762: }
1.134 jsing 763: if ((buf = ftp_readline(fin, tls, &len)) == NULL) {
1.40 fgsch 764: warn("Receiving HTTP reply");
765: goto cleanup_url_get;
1.1 millert 766: }
1.40 fgsch 767:
768: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
769: buf[--len] = '\0';
1.80 martynas 770: #ifndef SMALL
1.40 fgsch 771: if (debug)
772: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 773: #endif /* !SMALL */
1.40 fgsch 774:
1.1 millert 775: cp = strchr(buf, ' ');
776: if (cp == NULL)
777: goto improper;
778: else
779: cp++;
1.69 jsg 780:
781: strlcpy(ststr, cp, sizeof(ststr));
1.75 martynas 782: status = strtonum(ststr, 200, 416, &errstr);
1.69 jsg 783: if (errstr) {
784: warnx("Error retrieving file: %s", cp);
785: goto cleanup_url_get;
786: }
787:
788: switch (status) {
789: case 200: /* OK */
1.75 martynas 790: #ifndef SMALL
1.109 sthen 791: /*
1.98 phessler 792: * When we request a partial file, and we receive an HTTP 200
793: * it is a good indication that the server doesn't support
794: * range requests, and is about to send us the entire file.
795: * If the restart_point == 0, then we are not actually
796: * requesting a partial file, and an HTTP 200 is appropriate.
797: */
798: if (resume && restart_point != 0) {
799: warnx("Server does not support resume.");
800: restart_point = resume = 0;
801: }
1.101 halex 802: /* FALLTHROUGH */
1.75 martynas 803: case 206: /* Partial Content */
1.91 halex 804: #endif /* !SMALL */
1.69 jsg 805: break;
806: case 301: /* Moved Permanently */
807: case 302: /* Found */
808: case 303: /* See Other */
809: case 307: /* Temporary Redirect */
1.40 fgsch 810: isredirect++;
1.54 fgsch 811: if (redirect_loop++ > 10) {
812: warnx("Too many redirections requested");
813: goto cleanup_url_get;
814: }
1.69 jsg 815: break;
1.75 martynas 816: #ifndef SMALL
817: case 416: /* Requested Range Not Satisfiable */
818: warnx("File is already fully retrieved.");
819: goto cleanup_url_get;
1.78 martynas 820: #endif /* !SMALL */
1.69 jsg 821: default:
1.1 millert 822: warnx("Error retrieving file: %s", cp);
1.6 millert 823: goto cleanup_url_get;
1.1 millert 824: }
825:
826: /*
827: * Read the rest of the header.
828: */
1.40 fgsch 829: free(buf);
830: filesize = -1;
831:
1.62 ray 832: for (;;) {
1.134 jsing 833: if ((buf = ftp_readline(fin, tls, &len)) == NULL) {
1.40 fgsch 834: warn("Receiving HTTP reply");
835: goto cleanup_url_get;
836: }
1.61 deraadt 837:
1.40 fgsch 838: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
839: buf[--len] = '\0';
840: if (len == 0)
1.1 millert 841: break;
1.80 martynas 842: #ifndef SMALL
1.40 fgsch 843: if (debug)
844: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 845: #endif /* !SMALL */
1.1 millert 846:
1.40 fgsch 847: /* Look for some headers */
848: cp = buf;
1.1 millert 849: #define CONTENTLEN "Content-Length: "
1.40 fgsch 850: if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {
1.104 sthen 851: size_t s;
1.40 fgsch 852: cp += sizeof(CONTENTLEN) - 1;
1.111 deraadt 853: if ((s = strcspn(cp, " \t")))
1.104 sthen 854: *(cp+s) = 0;
1.58 grunk 855: filesize = strtonum(cp, 0, LLONG_MAX, &errstr);
856: if (errstr != NULL)
1.40 fgsch 857: goto improper;
1.75 martynas 858: #ifndef SMALL
1.90 martynas 859: if (restart_point)
1.75 martynas 860: filesize += restart_point;
1.78 martynas 861: #endif /* !SMALL */
1.40 fgsch 862: #define LOCATION "Location: "
863: } else if (isredirect &&
864: strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) {
865: cp += sizeof(LOCATION) - 1;
1.144 sthen 866: /*
867: * If there is a colon before the first slash, this URI
868: * is not relative. RFC 3986 4.2
869: */
870: if (cp[strcspn(cp, ":/")] != ':') {
1.102 halex 871: #ifdef SMALL
872: errx(1, "Relative redirect not supported");
873: #else /* SMALL */
1.144 sthen 874: /* XXX doesn't handle protocol-relative URIs */
1.102 halex 875: if (*cp == '/') {
876: locbase = NULL;
877: cp++;
878: } else {
879: locbase = strdup(path);
880: if (locbase == NULL)
881: errx(1, "Can't allocate memory"
882: " for location base");
883: loctail = strchr(locbase, '#');
884: if (loctail != NULL)
885: *loctail = '\0';
886: loctail = strchr(locbase, '?');
887: if (loctail != NULL)
888: *loctail = '\0';
889: loctail = strrchr(locbase, '/');
890: if (loctail == NULL) {
891: free(locbase);
892: locbase = NULL;
893: } else
894: loctail[1] = '\0';
895: }
896: /* Contruct URL from relative redirect */
897: if (asprintf(&redirurl, "%s%s%s%s/%s%s",
898: scheme, full_host,
899: portnum ? ":" : "",
900: portnum ? portnum : "",
901: locbase ? locbase : "",
902: cp) == -1)
903: errx(1, "Cannot build "
904: "redirect URL");
905: free(locbase);
906: #endif /* SMALL */
907: } else if ((redirurl = strdup(cp)) == NULL)
908: errx(1, "Cannot allocate memory for URL");
909: loctail = strchr(redirurl, '#');
910: if (loctail != NULL)
911: *loctail = '\0';
1.40 fgsch 912: if (verbose)
1.102 halex 913: fprintf(ttyout, "Redirected to %s\n", redirurl);
1.40 fgsch 914: if (fin != NULL)
915: fclose(fin);
916: else if (s != -1)
917: close(s);
1.157 ! deraadt 918: rval = url_get(redirurl, proxyenv, savefile, lastfile);
1.102 halex 919: free(redirurl);
920: goto cleanup_url_get;
1.40 fgsch 921: }
1.108 tobias 922: free(buf);
1.1 millert 923: }
924:
1.17 millert 925: /* Open the output file. */
1.100 halex 926: if (!pipeout) {
1.75 martynas 927: #ifndef SMALL
928: if (resume)
1.83 martynas 929: out = open(savefile, O_CREAT | O_WRONLY | O_APPEND,
930: 0666);
1.75 martynas 931: else
1.78 martynas 932: #endif /* !SMALL */
1.75 martynas 933: out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC,
934: 0666);
1.10 deraadt 935: if (out < 0) {
936: warn("Can't open %s", savefile);
937: goto cleanup_url_get;
938: }
1.157 ! deraadt 939: } else {
1.17 millert 940: out = fileno(stdout);
1.157 ! deraadt 941: #ifdef SMALL
! 942: if (lastfile) {
! 943: if (pledge("stdio tty", NULL) == -1)
! 944: err(1, "pledge");
! 945: }
! 946: #endif
! 947: }
1.1 millert 948:
949: /* Trap signals */
950: oldintr = NULL;
1.97 martynas 951: oldinti = NULL;
1.1 millert 952: if (setjmp(httpabort)) {
953: if (oldintr)
1.2 millert 954: (void)signal(SIGINT, oldintr);
1.97 martynas 955: if (oldinti)
956: (void)signal(SIGINFO, oldinti);
1.6 millert 957: goto cleanup_url_get;
1.1 millert 958: }
959: oldintr = signal(SIGINT, aborthttp);
960:
961: bytes = 0;
962: hashbytes = mark;
1.84 martynas 963: progressmeter(-1, path);
1.43 millert 964:
965: free(buf);
1.1 millert 966:
967: /* Finally, suck down the file. */
1.113 tedu 968: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 969: errx(1, "Can't allocate memory for transfer buffer");
1.1 millert 970: i = 0;
1.61 deraadt 971: len = 1;
1.97 martynas 972: oldinti = signal(SIGINFO, psummary);
1.61 deraadt 973: while (len > 0) {
1.134 jsing 974: len = ftp_read(fin, tls, buf, buflen);
1.1 millert 975: bytes += len;
1.61 deraadt 976: for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) {
977: if ((i = write(out, cp, wlen)) == -1) {
1.1 millert 978: warn("Writing %s", savefile);
1.97 martynas 979: signal(SIGINFO, oldinti);
1.6 millert 980: goto cleanup_url_get;
1.1 millert 981: }
982: else if (i == 0)
983: break;
984: }
985: if (hash && !progress) {
986: while (bytes >= hashbytes) {
1.10 deraadt 987: (void)putc('#', ttyout);
1.1 millert 988: hashbytes += mark;
989: }
1.10 deraadt 990: (void)fflush(ttyout);
1.1 millert 991: }
992: }
1.97 martynas 993: signal(SIGINFO, oldinti);
1.1 millert 994: if (hash && !progress && bytes > 0) {
995: if (bytes < mark)
1.10 deraadt 996: (void)putc('#', ttyout);
997: (void)putc('\n', ttyout);
998: (void)fflush(ttyout);
1.1 millert 999: }
1000: if (len != 0) {
1001: warn("Reading from socket");
1.6 millert 1002: goto cleanup_url_get;
1.1 millert 1003: }
1.84 martynas 1004: progressmeter(1, NULL);
1.75 martynas 1005: if (
1006: #ifndef SMALL
1007: !resume &&
1.78 martynas 1008: #endif /* !SMALL */
1.75 martynas 1009: filesize != -1 && len == 0 && bytes != filesize) {
1.24 deraadt 1010: if (verbose)
1011: fputs("Read short file.\n", ttyout);
1012: goto cleanup_url_get;
1013: }
1014:
1.1 millert 1015: if (verbose)
1.97 martynas 1016: ptransfer(0);
1.2 millert 1017: (void)signal(SIGINT, oldintr);
1.1 millert 1018:
1.40 fgsch 1019: rval = 0;
1020: goto cleanup_url_get;
1.1 millert 1021:
1.14 millert 1022: noftpautologin:
1023: warnx(
1024: "Auto-login using ftp URLs isn't supported when using $ftp_proxy");
1025: goto cleanup_url_get;
1026:
1.1 millert 1027: improper:
1.8 millert 1028: warnx("Improper response from %s", host);
1.14 millert 1029:
1.6 millert 1030: cleanup_url_get:
1.154 deraadt 1031: #ifndef NOSSL
1.134 jsing 1032: if (tls != NULL) {
1033: tls_close(tls);
1034: tls_free(tls);
1.61 deraadt 1035: }
1.102 halex 1036: free(full_host);
1.128 jca 1037: free(sslhost);
1.154 deraadt 1038: #endif /* !NOSSL */
1.40 fgsch 1039: if (fin != NULL)
1040: fclose(fin);
1041: else if (s != -1)
1.1 millert 1042: close(s);
1.67 steven 1043: free(buf);
1.136 bluhm 1044: free(proxyhost);
1.67 steven 1045: free(proxyurl);
1.62 ray 1046: free(newline);
1.123 guenther 1047: free(credentials);
1.40 fgsch 1048: return (rval);
1.1 millert 1049: }
1050:
1051: /*
1052: * Abort a http retrieval
1053: */
1.51 deraadt 1054: /* ARGSUSED */
1.1 millert 1055: void
1.51 deraadt 1056: aborthttp(int signo)
1.1 millert 1057: {
1058:
1059: alarmtimer(0);
1.10 deraadt 1060: fputs("\nhttp fetch aborted.\n", ttyout);
1061: (void)fflush(ttyout);
1.1 millert 1062: longjmp(httpabort, 1);
1063: }
1064:
1065: /*
1.22 deraadt 1066: * Abort a http retrieval
1067: */
1.51 deraadt 1068: /* ARGSUSED */
1.22 deraadt 1069: void
1.51 deraadt 1070: abortfile(int signo)
1.22 deraadt 1071: {
1072:
1073: alarmtimer(0);
1074: fputs("\nfile fetch aborted.\n", ttyout);
1075: (void)fflush(ttyout);
1076: longjmp(httpabort, 1);
1077: }
1078:
1079: /*
1.1 millert 1080: * Retrieve multiple files from the command line, transferring
1081: * files of the form "host:path", "ftp://host/path" using the
1082: * ftp protocol, and files of the form "http://host/path" using
1083: * the http protocol.
1.2 millert 1084: * If path has a trailing "/", then return (-1);
1.1 millert 1085: * the path will be cd-ed into and the connection remains open,
1086: * and the function will return -1 (to indicate the connection
1087: * is alive).
1088: * If an error occurs the return value will be the offset+1 in
1089: * argv[] of the file that caused a problem (i.e, argv[x]
1090: * returns x+1)
1091: * Otherwise, 0 is returned if all files retrieved successfully.
1092: */
1093: int
1.50 deraadt 1094: auto_fetch(int argc, char *argv[], char *outfile)
1.1 millert 1095: {
1096: char *xargv[5];
1.62 ray 1097: char *cp, *url, *host, *dir, *file, *portnum;
1098: char *username, *pass, *pathstart;
1.6 millert 1099: char *ftpproxy, *httpproxy;
1.157 ! deraadt 1100: int rval, xargc, lastfile;
1.14 millert 1101: volatile int argpos;
1.49 krw 1102: int dirhasglob, filehasglob, oautologin;
1.137 deraadt 1103: char rempath[PATH_MAX];
1.1 millert 1104:
1105: argpos = 0;
1106:
1107: if (setjmp(toplevel)) {
1108: if (connected)
1109: disconnect(0, NULL);
1.2 millert 1110: return (argpos + 1);
1.1 millert 1111: }
1.3 millert 1112: (void)signal(SIGINT, (sig_t)intr);
1113: (void)signal(SIGPIPE, (sig_t)lostpeer);
1.1 millert 1114:
1.45 millert 1115: if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0')
1116: ftpproxy = NULL;
1117: if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
1118: httpproxy = NULL;
1.6 millert 1119:
1.1 millert 1120: /*
1121: * Loop through as long as there's files to fetch.
1122: */
1.123 guenther 1123: username = pass = NULL;
1.62 ray 1124: for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) {
1.1 millert 1125: if (strchr(argv[argpos], ':') == NULL)
1126: break;
1.123 guenther 1127:
1128: free(username);
1129: free(pass);
1.62 ray 1130: host = dir = file = portnum = username = pass = NULL;
1.1 millert 1131:
1.157 ! deraadt 1132: lastfile = (argv[argpos+1] == NULL);
! 1133:
1.1 millert 1134: /*
1135: * We muck with the string, so we make a copy.
1136: */
1.62 ray 1137: url = strdup(argv[argpos]);
1138: if (url == NULL)
1.1 millert 1139: errx(1, "Can't allocate memory for auto-fetch.");
1140:
1141: /*
1142: * Try HTTP URL-style arguments first.
1143: */
1.62 ray 1144: if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1145: #ifndef NOSSL
1.61 deraadt 1146: /* even if we compiled without SSL, url_get will check */
1.62 ray 1147: strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 ||
1.154 deraadt 1148: #endif /* !NOSSL */
1.62 ray 1149: strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
1.54 fgsch 1150: redirect_loop = 0;
1.157 ! deraadt 1151: if (url_get(url, httpproxy, outfile, lastfile) == -1)
1.1 millert 1152: rval = argpos + 1;
1153: continue;
1154: }
1155:
1156: /*
1.6 millert 1157: * Try FTP URL-style arguments next. If ftpproxy is
1158: * set, use url_get() instead of standard ftp.
1159: * Finally, try host:file.
1.1 millert 1160: */
1.62 ray 1161: host = url;
1162: if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.37 heko 1163: char *passend, *passagain, *userend;
1.31 itojun 1164:
1.6 millert 1165: if (ftpproxy) {
1.157 ! deraadt 1166: if (url_get(url, ftpproxy, outfile, lastfile) == -1)
1.6 millert 1167: rval = argpos + 1;
1168: continue;
1169: }
1.1 millert 1170: host += sizeof(FTP_URL) - 1;
1.8 millert 1171: dir = strchr(host, '/');
1.1 millert 1172:
1.8 millert 1173: /* Look for [user:pass@]host[:port] */
1.31 itojun 1174:
1175: /* check if we have "user:pass@" */
1.37 heko 1176: userend = strchr(host, ':');
1.31 itojun 1177: passend = strchr(host, '@');
1178: if (passend && userend && userend < passend &&
1179: (!dir || passend < dir)) {
1.62 ray 1180: username = host;
1.31 itojun 1181: pass = userend + 1;
1182: host = passend + 1;
1183: *userend = *passend = '\0';
1.37 heko 1184: passagain = strchr(host, '@');
1.42 deraadt 1185: if (strchr(pass, '@') != NULL ||
1.37 heko 1186: (passagain != NULL && passagain < dir)) {
1187: warnx(at_encoding_warning);
1.123 guenther 1188: username = pass = NULL;
1.37 heko 1189: goto bad_ftp_url;
1.42 deraadt 1190: }
1.31 itojun 1191:
1.77 martynas 1192: if (EMPTYSTRING(username)) {
1.11 millert 1193: bad_ftp_url:
1.31 itojun 1194: warnx("Invalid URL: %s", argv[argpos]);
1195: rval = argpos + 1;
1.123 guenther 1196: username = pass = NULL;
1.31 itojun 1197: continue;
1198: }
1.62 ray 1199: username = urldecode(username);
1.37 heko 1200: pass = urldecode(pass);
1.8 millert 1201: }
1.31 itojun 1202:
1203: /* check [host]:port, or [host] */
1204: if (host[0] == '[') {
1205: cp = strchr(host, ']');
1206: if (cp && (!dir || cp < dir)) {
1207: if (cp + 1 == dir || cp[1] == ':') {
1208: host++;
1209: *cp++ = '\0';
1210: } else
1211: cp = NULL;
1212: } else
1213: cp = host;
1.25 itojun 1214: } else
1215: cp = host;
1.31 itojun 1216:
1217: /* split off host[:port] if there is */
1218: if (cp) {
1219: portnum = strchr(cp, ':');
1.52 henning 1220: pathstart = strchr(cp, '/');
1221: /* : in path is not a port # indicator */
1222: if (portnum && pathstart &&
1223: pathstart < portnum)
1224: portnum = NULL;
1225:
1.31 itojun 1226: if (!portnum)
1227: ;
1228: else {
1229: if (!dir)
1230: ;
1231: else if (portnum + 1 < dir) {
1232: *portnum++ = '\0';
1233: /*
1234: * XXX should check if portnum
1235: * is decimal number
1236: */
1237: } else {
1238: /* empty portnum */
1239: goto bad_ftp_url;
1240: }
1241: }
1242: } else
1243: portnum = NULL;
1.8 millert 1244: } else { /* classic style `host:file' */
1245: dir = strchr(host, ':');
1246: }
1.1 millert 1247: if (EMPTYSTRING(host)) {
1248: rval = argpos + 1;
1249: continue;
1250: }
1251:
1252: /*
1.9 millert 1253: * If dir is NULL, the file wasn't specified
1.1 millert 1254: * (URL looked something like ftp://host)
1255: */
1.8 millert 1256: if (dir != NULL)
1257: *dir++ = '\0';
1.1 millert 1258:
1259: /*
1260: * Extract the file and (if present) directory name.
1261: */
1.42 deraadt 1262: if (!EMPTYSTRING(dir)) {
1.8 millert 1263: cp = strrchr(dir, '/');
1.1 millert 1264: if (cp != NULL) {
1265: *cp++ = '\0';
1266: file = cp;
1267: } else {
1268: file = dir;
1269: dir = NULL;
1270: }
1271: }
1.80 martynas 1272: #ifndef SMALL
1.1 millert 1273: if (debug)
1.42 deraadt 1274: fprintf(ttyout,
1275: "user %s:%s host %s port %s dir %s file %s\n",
1.76 martynas 1276: username, pass ? "XXXX" : NULL, host, portnum,
1277: dir, file);
1.80 martynas 1278: #endif /* !SMALL */
1.1 millert 1279:
1280: /*
1.49 krw 1281: * Set up the connection.
1.1 millert 1282: */
1.49 krw 1283: if (connected)
1284: disconnect(0, NULL);
1285: xargv[0] = __progname;
1286: xargv[1] = host;
1.8 millert 1287: xargv[2] = NULL;
1.49 krw 1288: xargc = 2;
1289: if (!EMPTYSTRING(portnum)) {
1290: xargv[2] = portnum;
1291: xargv[3] = NULL;
1292: xargc = 3;
1293: }
1294: oautologin = autologin;
1.88 martynas 1295: if (username == NULL)
1.89 halex 1296: anonftp = 1;
1297: else {
1298: anonftp = 0;
1.49 krw 1299: autologin = 0;
1.89 halex 1300: }
1.49 krw 1301: setpeer(xargc, xargv);
1302: autologin = oautologin;
1.87 martynas 1303: if (connected == 0 ||
1304: (connected == 1 && autologin && (username == NULL ||
1305: !ftp_login(host, username, pass)))) {
1.49 krw 1306: warnx("Can't connect or login to host `%s'", host);
1.8 millert 1307: rval = argpos + 1;
1308: continue;
1.1 millert 1309: }
1.49 krw 1310:
1311: /* Always use binary transfers. */
1312: setbinary(0, NULL);
1.1 millert 1313:
1.4 millert 1314: dirhasglob = filehasglob = 0;
1315: if (doglob) {
1.42 deraadt 1316: if (!EMPTYSTRING(dir) &&
1.4 millert 1317: strpbrk(dir, "*?[]{}") != NULL)
1318: dirhasglob = 1;
1.42 deraadt 1319: if (!EMPTYSTRING(file) &&
1.4 millert 1320: strpbrk(file, "*?[]{}") != NULL)
1321: filehasglob = 1;
1322: }
1323:
1.1 millert 1324: /* Change directories, if necessary. */
1.42 deraadt 1325: if (!EMPTYSTRING(dir) && !dirhasglob) {
1.1 millert 1326: xargv[0] = "cd";
1327: xargv[1] = dir;
1328: xargv[2] = NULL;
1329: cd(2, xargv);
1.42 deraadt 1330: if (!dirchange) {
1.1 millert 1331: rval = argpos + 1;
1332: continue;
1333: }
1334: }
1335:
1336: if (EMPTYSTRING(file)) {
1.86 martynas 1337: #ifndef SMALL
1.1 millert 1338: rval = -1;
1.86 martynas 1339: #else /* !SMALL */
1340: recvrequest("NLST", "-", NULL, "w", 0, 0);
1341: rval = 0;
1342: #endif /* !SMALL */
1.1 millert 1343: continue;
1344: }
1345:
1.21 marc 1346: if (verbose)
1.10 deraadt 1347: fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file);
1.1 millert 1348:
1.4 millert 1349: if (dirhasglob) {
1350: snprintf(rempath, sizeof(rempath), "%s/%s", dir, file);
1351: file = rempath;
1352: }
1353:
1354: /* Fetch the file(s). */
1.10 deraadt 1355: xargc = 2;
1.1 millert 1356: xargv[0] = "get";
1357: xargv[1] = file;
1358: xargv[2] = NULL;
1.4 millert 1359: if (dirhasglob || filehasglob) {
1360: int ointeractive;
1361:
1362: ointeractive = interactive;
1363: interactive = 0;
1364: xargv[0] = "mget";
1.78 martynas 1365: #ifndef SMALL
1366: if (resume) {
1367: xargc = 3;
1368: xargv[1] = "-c";
1369: xargv[2] = file;
1370: xargv[3] = NULL;
1371: }
1372: #endif /* !SMALL */
1.10 deraadt 1373: mget(xargc, xargv);
1.5 millert 1374: interactive = ointeractive;
1.10 deraadt 1375: } else {
1.17 millert 1376: if (outfile != NULL) {
1377: xargv[2] = outfile;
1378: xargv[3] = NULL;
1.10 deraadt 1379: xargc++;
1380: }
1.75 martynas 1381: #ifndef SMALL
1382: if (resume)
1383: reget(xargc, xargv);
1384: else
1.78 martynas 1385: #endif /* !SMALL */
1.75 martynas 1386: get(xargc, xargv);
1.10 deraadt 1387: }
1.1 millert 1388:
1.4 millert 1389: if ((code / 100) != COMPLETE)
1.1 millert 1390: rval = argpos + 1;
1391: }
1392: if (connected && rval != -1)
1393: disconnect(0, NULL);
1394: return (rval);
1.37 heko 1395: }
1396:
1397: char *
1.50 deraadt 1398: urldecode(const char *str)
1.37 heko 1399: {
1.53 deraadt 1400: char *ret, c;
1401: int i, reallen;
1.37 heko 1402:
1.53 deraadt 1403: if (str == NULL)
1404: return NULL;
1405: if ((ret = malloc(strlen(str)+1)) == NULL)
1406: err(1, "Can't allocate memory for URL decoding");
1407: for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) {
1408: c = str[i];
1409: if (c == '+') {
1410: *ret = ' ';
1411: continue;
1412: }
1.61 deraadt 1413:
1414: /* Cannot use strtol here because next char
1415: * after %xx may be a digit.
1416: */
1.143 guenther 1417: if (c == '%' && isxdigit((unsigned char)str[i+1]) &&
1418: isxdigit((unsigned char)str[i+2])) {
1.53 deraadt 1419: *ret = hextochar(&str[i+1]);
1420: i+=2;
1421: continue;
1422: }
1423: *ret = c;
1424: }
1425: *ret = '\0';
1426:
1427: return ret-reallen;
1.123 guenther 1428: }
1429:
1430: char *
1431: recode_credentials(const char *userinfo)
1432: {
1433: char *ui, *creds;
1434: size_t ulen, credsize;
1435:
1436: /* url-decode the user and pass */
1437: ui = urldecode(userinfo);
1438:
1439: ulen = strlen(ui);
1440: credsize = (ulen + 2) / 3 * 4 + 1;
1441: creds = malloc(credsize);
1442: if (creds == NULL)
1443: errx(1, "out of memory");
1444: if (b64_ntop(ui, ulen, creds, credsize) == -1)
1445: errx(1, "error in base64 encoding");
1446: free(ui);
1447: return (creds);
1.37 heko 1448: }
1449:
1450: char
1.50 deraadt 1451: hextochar(const char *str)
1.37 heko 1452: {
1.143 guenther 1453: unsigned char c, ret;
1.37 heko 1454:
1.53 deraadt 1455: c = str[0];
1456: ret = c;
1457: if (isalpha(c))
1458: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1459: else
1460: ret -= '0';
1461: ret *= 16;
1462:
1463: c = str[1];
1464: ret += c;
1465: if (isalpha(c))
1466: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1467: else
1468: ret -= '0';
1469: return ret;
1.25 itojun 1470: }
1471:
1472: int
1.50 deraadt 1473: isurl(const char *p)
1.25 itojun 1474: {
1.27 millert 1475:
1.26 deraadt 1476: if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 ||
1477: strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1478: #ifndef NOSSL
1.61 deraadt 1479: strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 ||
1.154 deraadt 1480: #endif /* !NOSSL */
1.27 millert 1481: strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 ||
1482: strstr(p, ":/"))
1483: return (1);
1484: return (0);
1.1 millert 1485: }
1.61 deraadt 1486:
1487: char *
1.134 jsing 1488: ftp_readline(FILE *fp, struct tls *tls, size_t *lenp)
1.61 deraadt 1489: {
1490: if (fp != NULL)
1491: return fparseln(fp, lenp, NULL, "\0\0\0", 0);
1.154 deraadt 1492: #ifndef NOSSL
1.134 jsing 1493: else if (tls != NULL)
1494: return SSL_readline(tls, lenp);
1.154 deraadt 1495: #endif /* !NOSSL */
1.61 deraadt 1496: else
1497: return NULL;
1498: }
1499:
1.65 ray 1500: size_t
1.134 jsing 1501: ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len)
1.61 deraadt 1502: {
1.154 deraadt 1503: #ifndef NOSSL
1.142 jsing 1504: ssize_t tls_ret;
1.152 krw 1505: #endif
1.142 jsing 1506: size_t ret = 0;
1507:
1.61 deraadt 1508: if (fp != NULL)
1509: ret = fread(buf, sizeof(char), len, fp);
1.154 deraadt 1510: #ifndef NOSSL
1.142 jsing 1511: else if (tls != NULL) {
1.153 jsing 1512: again:
1.142 jsing 1513: if ((tls_ret = tls_read(tls, buf, len)) >= 0)
1514: ret = (size_t)tls_ret;
1.153 jsing 1515: if (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT)
1516: goto again;
1517: if (ret < 0)
1518: errx(1, "SSL read error: %s", tls_error(tls));
1.65 ray 1519: }
1.154 deraadt 1520: #endif /* !NOSSL */
1.61 deraadt 1521: return (ret);
1522: }
1523:
1524: int
1.134 jsing 1525: ftp_printf(FILE *fp, struct tls *tls, const char *fmt, ...)
1.61 deraadt 1526: {
1527: int ret;
1528: va_list ap;
1529:
1530: va_start(ap, fmt);
1531:
1532: if (fp != NULL)
1533: ret = vfprintf(fp, fmt, ap);
1.154 deraadt 1534: #ifndef NOSSL
1.134 jsing 1535: else if (tls != NULL)
1536: ret = SSL_vprintf(tls, fmt, ap);
1.154 deraadt 1537: #endif /* !NOSSL */
1.61 deraadt 1538: else
1.92 jsg 1539: ret = 0;
1.61 deraadt 1540:
1541: va_end(ap);
1.136 bluhm 1542: #ifndef SMALL
1543: if (debug) {
1544: va_start(ap, fmt);
1545: ret = vfprintf(ttyout, fmt, ap);
1546: va_end(ap);
1547: }
1548: #endif /* !SMALL */
1.61 deraadt 1549: return (ret);
1550: }
1551:
1.154 deraadt 1552: #ifndef NOSSL
1.61 deraadt 1553: int
1.134 jsing 1554: SSL_vprintf(struct tls *tls, const char *fmt, va_list ap)
1.61 deraadt 1555: {
1.139 bluhm 1556: char *string, *buf;
1.141 beck 1557: size_t len;
1.61 deraadt 1558: int ret;
1559:
1560: if ((ret = vasprintf(&string, fmt, ap)) == -1)
1561: return ret;
1.139 bluhm 1562: buf = string;
1563: len = ret;
1564: while (len > 0) {
1.141 beck 1565: ret = tls_write(tls, buf, len);
1566: if (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT)
1.139 bluhm 1567: continue;
1568: if (ret < 0)
1.153 jsing 1569: errx(1, "SSL write error: %s", tls_error(tls));
1.141 beck 1570: buf += ret;
1571: len -= ret;
1.139 bluhm 1572: }
1.61 deraadt 1573: free(string);
1574: return ret;
1575: }
1576:
1577: char *
1.134 jsing 1578: SSL_readline(struct tls *tls, size_t *lenp)
1.61 deraadt 1579: {
1.141 beck 1580: size_t i, len;
1.61 deraadt 1581: char *buf, *q, c;
1.109 sthen 1582: int ret;
1.61 deraadt 1583:
1584: len = 128;
1585: if ((buf = malloc(len)) == NULL)
1586: errx(1, "Can't allocate memory for transfer buffer");
1587: for (i = 0; ; i++) {
1588: if (i >= len - 1) {
1.132 doug 1589: if ((q = reallocarray(buf, len, 2)) == NULL)
1.61 deraadt 1590: errx(1, "Can't expand transfer buffer");
1591: buf = q;
1592: len *= 2;
1593: }
1.109 sthen 1594: again:
1.141 beck 1595: ret = tls_read(tls, &c, 1);
1596: if (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT)
1.126 jsing 1597: goto again;
1.142 jsing 1598: if (ret < 0)
1.140 jsing 1599: errx(1, "SSL read error: %s", tls_error(tls));
1.126 jsing 1600:
1.61 deraadt 1601: buf[i] = c;
1.145 martijn 1602: if (c == '\n') {
1603: buf[i] = '\0';
1.61 deraadt 1604: break;
1.145 martijn 1605: }
1.61 deraadt 1606: }
1607: *lenp = i;
1608: return (buf);
1609: }
1610:
1611: int
1.81 espie 1612: proxy_connect(int socket, char *host, char *cookie)
1.61 deraadt 1613: {
1.66 ray 1614: int l;
1.61 deraadt 1615: char buf[1024];
1616: char *connstr, *hosttail, *port;
1617:
1618: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
1619: (hosttail[1] == '\0' || hosttail[1] == ':')) {
1620: host++;
1621: *hosttail++ = '\0';
1622: } else
1623: hosttail = host;
1624:
1625: port = strrchr(hosttail, ':'); /* find portnum */
1626: if (port != NULL)
1627: *port++ = '\0';
1628: if (!port)
1629: port = "443";
1630:
1.81 espie 1631: if (cookie) {
1632: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
1633: "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n",
1634: host, port, cookie, HTTP_USER_AGENT);
1635: } else {
1636: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n",
1637: host, port, HTTP_USER_AGENT);
1638: }
1639:
1.66 ray 1640: if (l == -1)
1.61 deraadt 1641: errx(1, "Could not allocate memory to assemble connect string!");
1.80 martynas 1642: #ifndef SMALL
1.68 ray 1643: if (debug)
1644: printf("%s", connstr);
1.80 martynas 1645: #endif /* !SMALL */
1.66 ray 1646: if (write(socket, connstr, l) != l)
1.68 ray 1647: err(1, "Could not send connect string");
1.61 deraadt 1648: read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */
1.71 ray 1649: free(connstr);
1.61 deraadt 1650: return(200);
1651: }
1.78 martynas 1652: #endif /* !SMALL */