Annotation of src/usr.bin/ftp/fetch.c, Revision 1.167.6.1
1.167.6.1! deraadt 1: /* $OpenBSD: fetch.c,v 1.167 2018/02/10 06:25:16 jsing Exp $ */
1.15 millert 2: /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
1.1 millert 3:
4: /*-
5: * Copyright (c) 1997 The NetBSD Foundation, Inc.
6: * All rights reserved.
7: *
8: * This code is derived from software contributed to The NetBSD Foundation
9: * by Jason Thorpe and Luke Mewburn.
10: *
11: * Redistribution and use in source and binary forms, with or without
12: * modification, are permitted provided that the following conditions
13: * are met:
14: * 1. Redistributions of source code must retain the above copyright
15: * notice, this list of conditions and the following disclaimer.
16: * 2. Redistributions in binary form must reproduce the above copyright
17: * notice, this list of conditions and the following disclaimer in the
18: * documentation and/or other materials provided with the distribution.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
1.15 millert 23: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
1.1 millert 25: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30: * POSSIBILITY OF SUCH DAMAGE.
31: */
32:
33: /*
34: * FTP User Program -- Command line file retrieval
35: */
36:
37: #include <sys/types.h>
38: #include <sys/socket.h>
1.22 deraadt 39: #include <sys/stat.h>
1.1 millert 40:
41: #include <netinet/in.h>
42:
43: #include <arpa/ftp.h>
44: #include <arpa/inet.h>
45:
46: #include <ctype.h>
47: #include <err.h>
1.17 millert 48: #include <libgen.h>
1.1 millert 49: #include <netdb.h>
50: #include <fcntl.h>
1.3 millert 51: #include <signal.h>
1.1 millert 52: #include <stdio.h>
1.61 deraadt 53: #include <stdarg.h>
1.19 deraadt 54: #include <errno.h>
1.1 millert 55: #include <stdlib.h>
56: #include <string.h>
57: #include <unistd.h>
1.40 fgsch 58: #include <util.h>
1.73 drahn 59: #include <resolv.h>
1.1 millert 60:
1.154 deraadt 61: #ifndef NOSSL
1.134 jsing 62: #include <tls.h>
1.154 deraadt 63: #else /* !NOSSL */
1.134 jsing 64: struct tls;
1.154 deraadt 65: #endif /* !NOSSL */
1.61 deraadt 66:
1.1 millert 67: #include "ftp_var.h"
1.86 martynas 68: #include "cmds.h"
1.1 millert 69:
1.157 deraadt 70: static int url_get(const char *, const char *, const char *, int);
1.38 millert 71: void aborthttp(int);
72: void abortfile(int);
1.42 deraadt 73: char hextochar(const char *);
74: char *urldecode(const char *);
1.123 guenther 75: char *recode_credentials(const char *_userinfo);
1.134 jsing 76: int ftp_printf(FILE *, struct tls *, const char *, ...) __attribute__((format(printf, 3, 4)));
77: char *ftp_readline(FILE *, struct tls *, size_t *);
78: size_t ftp_read(FILE *, struct tls *, char *, size_t);
1.158 jca 79: #ifndef NOSSL
1.81 espie 80: int proxy_connect(int, char *, char *);
1.134 jsing 81: int SSL_vprintf(struct tls *, const char *, va_list);
82: char *SSL_readline(struct tls *, size_t *);
1.158 jca 83: #endif /* !NOSSL */
1.14 millert 84:
1.1 millert 85: #define FTP_URL "ftp://" /* ftp URL prefix */
86: #define HTTP_URL "http://" /* http URL prefix */
1.61 deraadt 87: #define HTTPS_URL "https://" /* https URL prefix */
1.22 deraadt 88: #define FILE_URL "file:" /* file URL prefix */
1.6 millert 89: #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */
1.1 millert 90: #define HTTP_PROXY "http_proxy" /* env var with http proxy location */
91:
92: #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0'))
93:
1.110 guenther 94: static const char at_encoding_warning[] =
1.53 deraadt 95: "Extra `@' characters in usernames and passwords should be encoded as %%40";
1.37 heko 96:
1.1 millert 97: jmp_buf httpabort;
98:
1.54 fgsch 99: static int redirect_loop;
100:
1.1 millert 101: /*
1.95 martynas 102: * Determine whether the character needs encoding, per RFC1738:
1.160 krw 103: * - No corresponding graphic US-ASCII.
104: * - Unsafe characters.
1.95 martynas 105: */
106: static int
1.138 jca 107: unsafe_char(const char *c0)
1.95 martynas 108: {
109: const char *unsafe_chars = " <>\"#{}|\\^~[]`";
1.138 jca 110: const unsigned char *c = (const unsigned char *)c0;
1.95 martynas 111:
112: /*
113: * No corresponding graphic US-ASCII.
114: * Control characters and octets not used in US-ASCII.
115: */
116: return (iscntrl(*c) || !isascii(*c) ||
117:
118: /*
119: * Unsafe characters.
120: * '%' is also unsafe, if is not followed by two
121: * hexadecimal digits.
122: */
123: strchr(unsafe_chars, *c) != NULL ||
124: (*c == '%' && (!isxdigit(*++c) || !isxdigit(*++c))));
125: }
126:
127: /*
128: * Encode given URL, per RFC1738.
129: * Allocate and return string to the caller.
130: */
131: static char *
132: url_encode(const char *path)
133: {
134: size_t i, length, new_length;
135: char *epath, *epathp;
136:
137: length = new_length = strlen(path);
138:
139: /*
140: * First pass:
141: * Count unsafe characters, and determine length of the
142: * final URL.
143: */
144: for (i = 0; i < length; i++)
145: if (unsafe_char(path + i))
146: new_length += 2;
147:
148: epath = epathp = malloc(new_length + 1); /* One more for '\0'. */
149: if (epath == NULL)
1.102 halex 150: err(1, "Can't allocate memory for URL encoding");
1.95 martynas 151:
152: /*
153: * Second pass:
154: * Encode, and copy final URL.
155: */
156: for (i = 0; i < length; i++)
157: if (unsafe_char(path + i)) {
1.138 jca 158: snprintf(epathp, 4, "%%" "%02x",
159: (unsigned char)path[i]);
1.95 martynas 160: epathp += 3;
161: } else
162: *(epathp++) = path[i];
163:
164: *epathp = '\0';
165: return (epath);
166: }
167:
1.155 deraadt 168: /* ARGSUSED */
169: static void
170: tooslow(int signo)
171: {
172: dprintf(STDERR_FILENO, "%s: connect taking too long\n", __progname);
173: _exit(2);
174: }
175:
1.95 martynas 176: /*
1.6 millert 177: * Retrieve URL, via the proxy in $proxyvar if necessary.
1.1 millert 178: * Modifies the string argument given.
179: * Returns -1 on failure, 0 on success
180: */
1.14 millert 181: static int
1.157 deraadt 182: url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile)
1.1 millert 183: {
1.69 jsg 184: char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4];
1.62 ray 185: char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL;
1.106 haesbaer 186: char *epath, *redirurl, *loctail, *h, *p;
1.53 deraadt 187: int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1;
1.152 krw 188: struct addrinfo hints, *res0, *res;
1.34 millert 189: const char * volatile savefile;
1.62 ray 190: char * volatile proxyurl = NULL;
1.123 guenther 191: char *credentials = NULL;
1.166 procter 192: volatile int fd = -1, out = -1;
1.97 martynas 193: volatile sig_t oldintr, oldinti;
1.53 deraadt 194: FILE *fin = NULL;
1.1 millert 195: off_t hashbytes;
1.58 grunk 196: const char *errstr;
1.114 tedu 197: ssize_t len, wlen;
1.136 bluhm 198: char *proxyhost = NULL;
1.154 deraadt 199: #ifndef NOSSL
1.61 deraadt 200: char *sslpath = NULL, *sslhost = NULL;
1.159 krw 201: char *full_host = NULL;
1.102 halex 202: const char *scheme;
1.123 guenther 203: int ishttpurl = 0, ishttpsurl = 0;
1.159 krw 204: #endif /* !NOSSL */
205: #ifndef SMALL
206: char *locbase;
1.152 krw 207: struct addrinfo *ares = NULL;
1.159 krw 208: #endif
1.134 jsing 209: struct tls *tls = NULL;
1.70 deraadt 210: int status;
1.105 haesbaer 211: int save_errno;
1.113 tedu 212: const size_t buflen = 128 * 1024;
1.14 millert 213:
1.97 martynas 214: direction = "received";
215:
1.62 ray 216: newline = strdup(origline);
217: if (newline == NULL)
1.14 millert 218: errx(1, "Can't allocate memory to parse URL");
1.102 halex 219: if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) {
1.62 ray 220: host = newline + sizeof(HTTP_URL) - 1;
1.102 halex 221: #ifndef SMALL
1.123 guenther 222: ishttpurl = 1;
1.102 halex 223: scheme = HTTP_URL;
224: #endif /* !SMALL */
225: } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.62 ray 226: host = newline + sizeof(FTP_URL) - 1;
1.14 millert 227: isftpurl = 1;
1.102 halex 228: #ifndef SMALL
229: scheme = FTP_URL;
230: #endif /* !SMALL */
1.62 ray 231: } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
232: host = newline + sizeof(FILE_URL) - 1;
1.22 deraadt 233: isfileurl = 1;
1.154 deraadt 234: #ifndef NOSSL
1.102 halex 235: scheme = FILE_URL;
1.62 ray 236: } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) {
237: host = newline + sizeof(HTTPS_URL) - 1;
1.61 deraadt 238: ishttpsurl = 1;
1.102 halex 239: scheme = HTTPS_URL;
1.154 deraadt 240: #endif /* !NOSSL */
1.14 millert 241: } else
1.62 ray 242: errx(1, "url_get: Invalid URL '%s'", newline);
1.167.6.1! deraadt 243:
! 244: if (isfileurl && redirect_loop > 0)
! 245: errx(1, "Redirection to local file not permitted");
1.6 millert 246:
1.22 deraadt 247: if (isfileurl) {
248: path = host;
249: } else {
1.93 martynas 250: path = strchr(host, '/'); /* Find path */
1.22 deraadt 251: if (EMPTYSTRING(path)) {
1.93 martynas 252: if (outfile) { /* No slash, but */
253: path=strchr(host,'\0'); /* we have outfile. */
254: goto noslash;
255: }
1.22 deraadt 256: if (isftpurl)
257: goto noftpautologin;
1.94 martynas 258: warnx("No `/' after host (use -o): %s", origline);
1.22 deraadt 259: goto cleanup_url_get;
260: }
261: *path++ = '\0';
1.93 martynas 262: if (EMPTYSTRING(path) && !outfile) {
1.22 deraadt 263: if (isftpurl)
264: goto noftpautologin;
1.94 martynas 265: warnx("No filename after host (use -o): %s", origline);
1.22 deraadt 266: goto cleanup_url_get;
267: }
1.14 millert 268: }
1.1 millert 269:
1.93 martynas 270: noslash:
1.106 haesbaer 271:
1.154 deraadt 272: #ifndef NOSSL
1.106 haesbaer 273: /*
274: * Look for auth header in host, since now host does not
275: * contain the path. Basic auth from RFC 2617, valid
276: * characters for path are in RFC 3986 section 3.3.
277: */
1.123 guenther 278: if (proxyenv == NULL && (ishttpurl || ishttpsurl)) {
1.106 haesbaer 279: if ((p = strchr(host, '@')) != NULL) {
1.123 guenther 280: *p = '\0';
281: credentials = recode_credentials(host);
1.106 haesbaer 282: host = p + 1;
283: }
284: }
1.154 deraadt 285: #endif /* NOSSL */
1.106 haesbaer 286:
1.17 millert 287: if (outfile)
288: savefile = outfile;
1.93 martynas 289: else {
290: if (path[strlen(path) - 1] == '/') /* Consider no file */
291: savefile = NULL; /* after dir invalid. */
292: else
293: savefile = basename(path);
1.75 martynas 294: }
295:
1.14 millert 296: if (EMPTYSTRING(savefile)) {
297: if (isftpurl)
298: goto noftpautologin;
1.94 martynas 299: warnx("No filename after directory (use -o): %s", origline);
1.6 millert 300: goto cleanup_url_get;
1.14 millert 301: }
1.1 millert 302:
1.93 martynas 303: #ifndef SMALL
1.100 halex 304: if (resume && pipeout) {
1.93 martynas 305: warnx("can't append to stdout");
306: goto cleanup_url_get;
307: }
308: #endif /* !SMALL */
309:
1.59 uwe 310: if (!isfileurl && proxyenv != NULL) { /* use proxy */
1.154 deraadt 311: #ifndef NOSSL
1.61 deraadt 312: if (ishttpsurl) {
313: sslpath = strdup(path);
314: sslhost = strdup(host);
315: if (! sslpath || ! sslhost)
316: errx(1, "Can't allocate memory for https path/host.");
317: }
1.154 deraadt 318: #endif /* !NOSSL */
1.136 bluhm 319: proxyhost = strdup(host);
320: if (proxyhost == NULL)
321: errx(1, "Can't allocate memory for proxy host.");
1.62 ray 322: proxyurl = strdup(proxyenv);
323: if (proxyurl == NULL)
1.14 millert 324: errx(1, "Can't allocate memory for proxy URL.");
1.62 ray 325: if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0)
326: host = proxyurl + sizeof(HTTP_URL) - 1;
327: else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0)
328: host = proxyurl + sizeof(FTP_URL) - 1;
1.6 millert 329: else {
1.14 millert 330: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 331: goto cleanup_url_get;
332: }
1.14 millert 333: if (EMPTYSTRING(host)) {
334: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 335: goto cleanup_url_get;
1.14 millert 336: }
1.93 martynas 337: if (*--path == '\0')
338: *path = '/'; /* add / back to real path */
1.1 millert 339: path = strchr(host, '/'); /* remove trailing / on host */
1.42 deraadt 340: if (!EMPTYSTRING(path))
1.73 drahn 341: *path++ = '\0'; /* i guess this ++ is useless */
342:
343: path = strchr(host, '@'); /* look for credentials in proxy */
344: if (!EMPTYSTRING(path)) {
1.81 espie 345: *path = '\0';
1.123 guenther 346: if (strchr(host, ':') == NULL) {
1.73 drahn 347: warnx("Malformed proxy URL: %s", proxyenv);
348: goto cleanup_url_get;
349: }
1.123 guenther 350: credentials = recode_credentials(host);
1.81 espie 351: *path = '@'; /* restore @ in proxyurl */
1.123 guenther 352:
1.73 drahn 353: /*
1.81 espie 354: * This removes the password from proxyurl,
1.73 drahn 355: * filling with stars
356: */
1.81 espie 357: for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@';
1.73 drahn 358: host++)
359: *host = '*';
360:
1.81 espie 361: host = path + 1;
1.73 drahn 362: }
1.123 guenther 363:
1.62 ray 364: path = newline;
1.1 millert 365: }
366:
1.22 deraadt 367: if (isfileurl) {
368: struct stat st;
369:
1.166 procter 370: fd = open(path, O_RDONLY);
371: if (fd == -1) {
1.22 deraadt 372: warn("Can't open file %s", path);
373: goto cleanup_url_get;
374: }
375:
1.166 procter 376: if (fstat(fd, &st) == -1)
1.22 deraadt 377: filesize = -1;
378: else
379: filesize = st.st_size;
380:
1.83 martynas 381: /* Open the output file. */
1.100 halex 382: if (!pipeout) {
1.75 martynas 383: #ifndef SMALL
384: if (resume)
1.82 deraadt 385: out = open(savefile, O_CREAT | O_WRONLY |
386: O_APPEND, 0666);
387:
1.75 martynas 388: else
1.78 martynas 389: #endif /* !SMALL */
1.75 martynas 390: out = open(savefile, O_CREAT | O_WRONLY |
391: O_TRUNC, 0666);
1.22 deraadt 392: if (out < 0) {
393: warn("Can't open %s", savefile);
394: goto cleanup_url_get;
395: }
396: } else
397: out = fileno(stdout);
398:
1.75 martynas 399: #ifndef SMALL
400: if (resume) {
401: if (fstat(out, &st) == -1) {
402: warn("Can't fstat %s", savefile);
403: goto cleanup_url_get;
404: }
1.166 procter 405: if (lseek(fd, st.st_size, SEEK_SET) == -1) {
1.75 martynas 406: warn("Can't lseek %s", path);
407: goto cleanup_url_get;
408: }
409: restart_point = st.st_size;
410: }
1.78 martynas 411: #endif /* !SMALL */
1.75 martynas 412:
1.22 deraadt 413: /* Trap signals */
414: oldintr = NULL;
1.97 martynas 415: oldinti = NULL;
1.22 deraadt 416: if (setjmp(httpabort)) {
417: if (oldintr)
418: (void)signal(SIGINT, oldintr);
1.97 martynas 419: if (oldinti)
420: (void)signal(SIGINFO, oldinti);
1.22 deraadt 421: goto cleanup_url_get;
422: }
423: oldintr = signal(SIGINT, abortfile);
1.42 deraadt 424:
1.22 deraadt 425: bytes = 0;
426: hashbytes = mark;
1.84 martynas 427: progressmeter(-1, path);
1.40 fgsch 428:
1.113 tedu 429: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 430: errx(1, "Can't allocate memory for transfer buffer");
1.42 deraadt 431:
1.22 deraadt 432: /* Finally, suck down the file. */
433: i = 0;
1.97 martynas 434: oldinti = signal(SIGINFO, psummary);
1.166 procter 435: while ((len = read(fd, buf, buflen)) > 0) {
1.22 deraadt 436: bytes += len;
437: for (cp = buf; len > 0; len -= i, cp += i) {
438: if ((i = write(out, cp, len)) == -1) {
439: warn("Writing %s", savefile);
1.97 martynas 440: signal(SIGINFO, oldinti);
1.22 deraadt 441: goto cleanup_url_get;
442: }
443: else if (i == 0)
444: break;
445: }
446: if (hash && !progress) {
447: while (bytes >= hashbytes) {
448: (void)putc('#', ttyout);
449: hashbytes += mark;
450: }
451: (void)fflush(ttyout);
452: }
453: }
1.97 martynas 454: signal(SIGINFO, oldinti);
1.22 deraadt 455: if (hash && !progress && bytes > 0) {
456: if (bytes < mark)
457: (void)putc('#', ttyout);
458: (void)putc('\n', ttyout);
459: (void)fflush(ttyout);
460: }
461: if (len != 0) {
462: warn("Reading from file");
463: goto cleanup_url_get;
464: }
1.84 martynas 465: progressmeter(1, NULL);
1.22 deraadt 466: if (verbose)
1.97 martynas 467: ptransfer(0);
1.22 deraadt 468: (void)signal(SIGINT, oldintr);
1.42 deraadt 469:
1.40 fgsch 470: rval = 0;
471: goto cleanup_url_get;
1.22 deraadt 472: }
473:
1.28 itojun 474: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
475: (hosttail[1] == '\0' || hosttail[1] == ':')) {
476: host++;
477: *hosttail++ = '\0';
1.102 halex 478: #ifndef SMALL
479: if (asprintf(&full_host, "[%s]", host) == -1)
480: errx(1, "Cannot allocate memory for hostname");
481: #endif /* !SMALL */
1.28 itojun 482: } else
483: hosttail = host;
484:
485: portnum = strrchr(hosttail, ':'); /* find portnum */
1.1 millert 486: if (portnum != NULL)
487: *portnum++ = '\0';
1.154 deraadt 488: #ifndef NOSSL
1.150 millert 489: port = portnum ? portnum : (ishttpsurl ? httpsport : httpport);
1.154 deraadt 490: #else /* !NOSSL */
1.150 millert 491: port = portnum ? portnum : httpport;
1.154 deraadt 492: #endif /* !NOSSL */
1.1 millert 493:
1.80 martynas 494: #ifndef SMALL
1.102 halex 495: if (full_host == NULL)
496: if ((full_host = strdup(host)) == NULL)
497: errx(1, "Cannot allocate memory for hostname");
1.1 millert 498: if (debug)
1.106 haesbaer 499: fprintf(ttyout, "host %s, port %s, path %s, "
1.150 millert 500: "save as %s, auth %s.\n", host, port, path,
501: savefile, credentials ? credentials : "none");
1.80 martynas 502: #endif /* !SMALL */
1.1 millert 503:
1.25 itojun 504: memset(&hints, 0, sizeof(hints));
1.39 deraadt 505: hints.ai_family = family;
1.25 itojun 506: hints.ai_socktype = SOCK_STREAM;
507: error = getaddrinfo(host, port, &hints, &res0);
1.61 deraadt 508: /*
509: * If the services file is corrupt/missing, fall back
510: * on our hard-coded defines.
511: */
1.30 deraadt 512: if (error == EAI_SERVICE && port == httpport) {
513: snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT);
514: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 515: #ifndef NOSSL
1.61 deraadt 516: } else if (error == EAI_SERVICE && port == httpsport) {
517: snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT);
518: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 519: #endif /* !NOSSL */
1.30 deraadt 520: }
1.25 itojun 521: if (error) {
1.122 guenther 522: warnx("%s: %s", host, gai_strerror(error));
1.25 itojun 523: goto cleanup_url_get;
1.1 millert 524: }
525:
1.105 haesbaer 526: #ifndef SMALL
527: if (srcaddr) {
528: hints.ai_flags |= AI_NUMERICHOST;
529: error = getaddrinfo(srcaddr, NULL, &hints, &ares);
530: if (error) {
1.122 guenther 531: warnx("%s: %s", srcaddr, gai_strerror(error));
1.105 haesbaer 532: goto cleanup_url_get;
533: }
534: }
535: #endif /* !SMALL */
1.135 deraadt 536:
537: /* ensure consistent order of the output */
538: if (verbose)
539: setvbuf(ttyout, NULL, _IOLBF, 0);
1.105 haesbaer 540:
1.166 procter 541: fd = -1;
1.25 itojun 542: for (res = res0; res; res = res->ai_next) {
1.44 itojun 543: if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
544: sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
545: strlcpy(hbuf, "(unknown)", sizeof(hbuf));
1.41 deraadt 546: if (verbose)
1.44 itojun 547: fprintf(ttyout, "Trying %s...\n", hbuf);
1.14 millert 548:
1.166 procter 549: fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
550: if (fd == -1) {
1.25 itojun 551: cause = "socket";
552: continue;
1.1 millert 553: }
554:
1.105 haesbaer 555: #ifndef SMALL
556: if (srcaddr) {
557: if (ares->ai_family != res->ai_family) {
1.166 procter 558: close(fd);
559: fd = -1;
1.105 haesbaer 560: errno = EINVAL;
561: cause = "bind";
562: continue;
563: }
1.166 procter 564: if (bind(fd, ares->ai_addr, ares->ai_addrlen) < 0) {
1.105 haesbaer 565: save_errno = errno;
1.166 procter 566: close(fd);
1.105 haesbaer 567: errno = save_errno;
1.166 procter 568: fd = -1;
1.105 haesbaer 569: cause = "bind";
570: continue;
571: }
572: }
573: #endif /* !SMALL */
574:
1.155 deraadt 575: if (connect_timeout) {
576: (void)signal(SIGALRM, tooslow);
577: alarmtimer(connect_timeout);
578: }
579:
1.166 procter 580: for (error = connect(fd, res->ai_addr, res->ai_addrlen);
581: error != 0 && errno == EINTR; error = connect_wait(fd))
1.149 millert 582: continue;
583: if (error != 0) {
1.57 otto 584: save_errno = errno;
1.166 procter 585: close(fd);
1.57 otto 586: errno = save_errno;
1.166 procter 587: fd = -1;
1.25 itojun 588: cause = "connect";
1.19 deraadt 589: continue;
590: }
1.25 itojun 591:
1.29 itojun 592: /* get port in numeric */
593: if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0,
594: pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0)
595: port = pbuf;
596: else
597: port = NULL;
598:
1.158 jca 599: #ifndef NOSSL
1.61 deraadt 600: if (proxyenv && sslhost)
1.166 procter 601: proxy_connect(fd, sslhost, credentials);
1.158 jca 602: #endif /* !NOSSL */
1.25 itojun 603: break;
604: }
605: freeaddrinfo(res0);
1.105 haesbaer 606: #ifndef SMALL
607: if (srcaddr)
608: freeaddrinfo(ares);
609: #endif /* !SMALL */
1.166 procter 610: if (fd < 0) {
1.33 millert 611: warn("%s", cause);
1.6 millert 612: goto cleanup_url_get;
1.1 millert 613: }
614:
1.154 deraadt 615: #ifndef NOSSL
1.61 deraadt 616: if (ishttpsurl) {
617: if (proxyenv && sslpath) {
618: ishttpsurl = 0;
1.62 ray 619: proxyurl = NULL;
1.61 deraadt 620: path = sslpath;
621: }
1.131 jca 622: if (sslhost == NULL) {
623: sslhost = strdup(host);
624: if (sslhost == NULL)
625: errx(1, "Can't allocate memory for https host.");
1.116 jca 626: }
1.134 jsing 627: if ((tls = tls_client()) == NULL) {
1.126 jsing 628: fprintf(ttyout, "failed to create SSL client\n");
1.61 deraadt 629: goto cleanup_url_get;
630: }
1.134 jsing 631: if (tls_configure(tls, tls_config) != 0) {
1.126 jsing 632: fprintf(ttyout, "SSL configuration failure: %s\n",
1.134 jsing 633: tls_error(tls));
1.61 deraadt 634: goto cleanup_url_get;
1.117 jca 635: }
1.166 procter 636: if (tls_connect_socket(tls, fd, sslhost) != 0) {
1.134 jsing 637: fprintf(ttyout, "SSL failure: %s\n", tls_error(tls));
1.72 ray 638: goto cleanup_url_get;
1.118 jca 639: }
1.61 deraadt 640: } else {
1.166 procter 641: fin = fdopen(fd, "r+");
642: fd = -1;
1.61 deraadt 643: }
1.154 deraadt 644: #else /* !NOSSL */
1.166 procter 645: fin = fdopen(fd, "r+");
646: fd = -1;
1.154 deraadt 647: #endif /* !NOSSL */
1.155 deraadt 648:
1.157 deraadt 649: #ifdef SMALL
650: if (lastfile) {
651: if (pipeout) {
652: if (pledge("stdio rpath inet dns tty", NULL) == -1)
653: err(1, "pledge");
654: } else {
655: if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1)
656: err(1, "pledge");
657: }
658: }
659: #endif
660:
1.155 deraadt 661: if (connect_timeout) {
662: signal(SIGALRM, SIG_DFL);
663: alarmtimer(0);
664: }
1.40 fgsch 665:
1.1 millert 666: /*
1.40 fgsch 667: * Construct and send the request. Proxy requests don't want leading /.
1.1 millert 668: */
1.154 deraadt 669: #ifndef NOSSL
1.74 pyr 670: cookie_get(host, path, ishttpsurl, &buf);
1.154 deraadt 671: #endif /* !NOSSL */
1.95 martynas 672:
673: epath = url_encode(path);
1.62 ray 674: if (proxyurl) {
1.151 millert 675: if (verbose) {
676: fprintf(ttyout, "Requesting %s (via %s)\n",
677: origline, proxyurl);
678: }
1.32 itojun 679: /*
680: * Host: directive must use the destination host address for
1.136 bluhm 681: * the original URI (path).
1.32 itojun 682: */
1.123 guenther 683: if (credentials)
1.134 jsing 684: ftp_printf(fin, tls, "GET %s HTTP/1.0\r\n"
1.136 bluhm 685: "Proxy-Authorization: Basic %s\r\n"
686: "Host: %s\r\n%s%s\r\n\r\n",
687: epath, credentials,
688: proxyhost, buf ? buf : "", httpuseragent);
1.73 drahn 689: else
1.136 bluhm 690: ftp_printf(fin, tls, "GET %s HTTP/1.0\r\n"
691: "Host: %s\r\n%s%s\r\n\r\n",
692: epath, proxyhost, buf ? buf : "", httpuseragent);
1.28 itojun 693: } else {
1.151 millert 694: if (verbose)
695: fprintf(ttyout, "Requesting %s\n", origline);
1.90 martynas 696: #ifndef SMALL
697: if (resume) {
698: struct stat stbuf;
699:
700: if (stat(savefile, &stbuf) == 0)
701: restart_point = stbuf.st_size;
702: else
703: restart_point = 0;
704: }
1.154 deraadt 705: #endif /* SMALL */
706: #ifndef NOSSL
1.123 guenther 707: if (credentials) {
1.134 jsing 708: ftp_printf(fin, tls,
1.106 haesbaer 709: "GET /%s %s\r\nAuthorization: Basic %s\r\nHost: ",
710: epath, restart_point ?
711: "HTTP/1.1\r\nConnection: close" : "HTTP/1.0",
1.123 guenther 712: credentials);
713: free(credentials);
714: credentials = NULL;
1.106 haesbaer 715: } else
1.154 deraadt 716: #endif /* NOSSL */
1.134 jsing 717: ftp_printf(fin, tls, "GET /%s %s\r\nHost: ", epath,
1.107 haesbaer 718: #ifndef SMALL
719: restart_point ? "HTTP/1.1\r\nConnection: close" :
720: #endif /* !SMALL */
721: "HTTP/1.0");
1.136 bluhm 722: if (proxyhost) {
723: ftp_printf(fin, tls, "%s", proxyhost);
724: port = NULL;
725: } else if (strchr(host, ':')) {
1.55 fgsch 726: /*
727: * strip off scoped address portion, since it's
728: * local to node
729: */
1.32 itojun 730: h = strdup(host);
731: if (h == NULL)
732: errx(1, "Can't allocate memory.");
733: if ((p = strchr(h, '%')) != NULL)
734: *p = '\0';
1.134 jsing 735: ftp_printf(fin, tls, "[%s]", h);
1.32 itojun 736: free(h);
1.55 fgsch 737: } else
1.134 jsing 738: ftp_printf(fin, tls, "%s", host);
1.55 fgsch 739:
740: /*
741: * Send port number only if it's specified and does not equal
742: * 80. Some broken HTTP servers get confused if you explicitly
743: * send them the port number.
744: */
1.154 deraadt 745: #ifndef NOSSL
1.61 deraadt 746: if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0)
1.134 jsing 747: ftp_printf(fin, tls, ":%s", port);
1.90 martynas 748: if (restart_point)
1.134 jsing 749: ftp_printf(fin, tls, "\r\nRange: bytes=%lld-",
1.75 martynas 750: (long long)restart_point);
1.154 deraadt 751: #else /* !NOSSL */
1.55 fgsch 752: if (port && strcmp(port, "80") != 0)
1.134 jsing 753: ftp_printf(fin, tls, ":%s", port);
1.154 deraadt 754: #endif /* !NOSSL */
1.134 jsing 755: ftp_printf(fin, tls, "\r\n%s%s\r\n\r\n",
1.124 lteo 756: buf ? buf : "", httpuseragent);
1.28 itojun 757: }
1.95 martynas 758: free(epath);
1.74 pyr 759:
1.154 deraadt 760: #ifndef NOSSL
1.74 pyr 761: free(buf);
1.156 tb 762: #endif /* !NOSSL */
1.74 pyr 763: buf = NULL;
764:
1.61 deraadt 765: if (fin != NULL && fflush(fin) == EOF) {
1.14 millert 766: warn("Writing HTTP request");
1.6 millert 767: goto cleanup_url_get;
1.1 millert 768: }
1.134 jsing 769: if ((buf = ftp_readline(fin, tls, &len)) == NULL) {
1.40 fgsch 770: warn("Receiving HTTP reply");
771: goto cleanup_url_get;
1.1 millert 772: }
1.40 fgsch 773:
774: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
775: buf[--len] = '\0';
1.80 martynas 776: #ifndef SMALL
1.40 fgsch 777: if (debug)
778: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 779: #endif /* !SMALL */
1.40 fgsch 780:
1.1 millert 781: cp = strchr(buf, ' ');
782: if (cp == NULL)
783: goto improper;
784: else
785: cp++;
1.69 jsg 786:
787: strlcpy(ststr, cp, sizeof(ststr));
1.75 martynas 788: status = strtonum(ststr, 200, 416, &errstr);
1.69 jsg 789: if (errstr) {
790: warnx("Error retrieving file: %s", cp);
791: goto cleanup_url_get;
792: }
793:
794: switch (status) {
795: case 200: /* OK */
1.75 martynas 796: #ifndef SMALL
1.109 sthen 797: /*
1.98 phessler 798: * When we request a partial file, and we receive an HTTP 200
799: * it is a good indication that the server doesn't support
800: * range requests, and is about to send us the entire file.
801: * If the restart_point == 0, then we are not actually
802: * requesting a partial file, and an HTTP 200 is appropriate.
803: */
804: if (resume && restart_point != 0) {
805: warnx("Server does not support resume.");
806: restart_point = resume = 0;
807: }
1.101 halex 808: /* FALLTHROUGH */
1.75 martynas 809: case 206: /* Partial Content */
1.91 halex 810: #endif /* !SMALL */
1.69 jsg 811: break;
812: case 301: /* Moved Permanently */
813: case 302: /* Found */
814: case 303: /* See Other */
815: case 307: /* Temporary Redirect */
1.40 fgsch 816: isredirect++;
1.54 fgsch 817: if (redirect_loop++ > 10) {
818: warnx("Too many redirections requested");
819: goto cleanup_url_get;
820: }
1.69 jsg 821: break;
1.75 martynas 822: #ifndef SMALL
823: case 416: /* Requested Range Not Satisfiable */
824: warnx("File is already fully retrieved.");
825: goto cleanup_url_get;
1.78 martynas 826: #endif /* !SMALL */
1.69 jsg 827: default:
1.1 millert 828: warnx("Error retrieving file: %s", cp);
1.6 millert 829: goto cleanup_url_get;
1.1 millert 830: }
831:
832: /*
833: * Read the rest of the header.
834: */
1.40 fgsch 835: free(buf);
836: filesize = -1;
837:
1.62 ray 838: for (;;) {
1.134 jsing 839: if ((buf = ftp_readline(fin, tls, &len)) == NULL) {
1.40 fgsch 840: warn("Receiving HTTP reply");
841: goto cleanup_url_get;
842: }
1.61 deraadt 843:
1.40 fgsch 844: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
845: buf[--len] = '\0';
846: if (len == 0)
1.1 millert 847: break;
1.80 martynas 848: #ifndef SMALL
1.40 fgsch 849: if (debug)
850: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 851: #endif /* !SMALL */
1.1 millert 852:
1.40 fgsch 853: /* Look for some headers */
854: cp = buf;
1.1 millert 855: #define CONTENTLEN "Content-Length: "
1.40 fgsch 856: if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {
1.104 sthen 857: size_t s;
1.40 fgsch 858: cp += sizeof(CONTENTLEN) - 1;
1.111 deraadt 859: if ((s = strcspn(cp, " \t")))
1.104 sthen 860: *(cp+s) = 0;
1.58 grunk 861: filesize = strtonum(cp, 0, LLONG_MAX, &errstr);
862: if (errstr != NULL)
1.40 fgsch 863: goto improper;
1.75 martynas 864: #ifndef SMALL
1.90 martynas 865: if (restart_point)
1.75 martynas 866: filesize += restart_point;
1.78 martynas 867: #endif /* !SMALL */
1.40 fgsch 868: #define LOCATION "Location: "
869: } else if (isredirect &&
870: strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) {
871: cp += sizeof(LOCATION) - 1;
1.144 sthen 872: /*
873: * If there is a colon before the first slash, this URI
874: * is not relative. RFC 3986 4.2
875: */
876: if (cp[strcspn(cp, ":/")] != ':') {
1.102 halex 877: #ifdef SMALL
878: errx(1, "Relative redirect not supported");
879: #else /* SMALL */
1.144 sthen 880: /* XXX doesn't handle protocol-relative URIs */
1.102 halex 881: if (*cp == '/') {
882: locbase = NULL;
883: cp++;
884: } else {
885: locbase = strdup(path);
886: if (locbase == NULL)
887: errx(1, "Can't allocate memory"
888: " for location base");
889: loctail = strchr(locbase, '#');
890: if (loctail != NULL)
891: *loctail = '\0';
892: loctail = strchr(locbase, '?');
893: if (loctail != NULL)
894: *loctail = '\0';
895: loctail = strrchr(locbase, '/');
896: if (loctail == NULL) {
897: free(locbase);
898: locbase = NULL;
899: } else
900: loctail[1] = '\0';
901: }
902: /* Contruct URL from relative redirect */
903: if (asprintf(&redirurl, "%s%s%s%s/%s%s",
904: scheme, full_host,
905: portnum ? ":" : "",
906: portnum ? portnum : "",
907: locbase ? locbase : "",
908: cp) == -1)
909: errx(1, "Cannot build "
910: "redirect URL");
911: free(locbase);
912: #endif /* SMALL */
913: } else if ((redirurl = strdup(cp)) == NULL)
914: errx(1, "Cannot allocate memory for URL");
915: loctail = strchr(redirurl, '#');
916: if (loctail != NULL)
917: *loctail = '\0';
1.40 fgsch 918: if (verbose)
1.102 halex 919: fprintf(ttyout, "Redirected to %s\n", redirurl);
1.165 procter 920: if (fin != NULL) {
1.40 fgsch 921: fclose(fin);
1.165 procter 922: fin = NULL;
923: }
1.166 procter 924: if (fd != -1) {
925: close(fd);
926: fd = -1;
1.165 procter 927: }
1.157 deraadt 928: rval = url_get(redirurl, proxyenv, savefile, lastfile);
1.102 halex 929: free(redirurl);
930: goto cleanup_url_get;
1.40 fgsch 931: }
1.108 tobias 932: free(buf);
1.1 millert 933: }
934:
1.17 millert 935: /* Open the output file. */
1.100 halex 936: if (!pipeout) {
1.75 martynas 937: #ifndef SMALL
938: if (resume)
1.83 martynas 939: out = open(savefile, O_CREAT | O_WRONLY | O_APPEND,
940: 0666);
1.75 martynas 941: else
1.78 martynas 942: #endif /* !SMALL */
1.75 martynas 943: out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC,
944: 0666);
1.10 deraadt 945: if (out < 0) {
946: warn("Can't open %s", savefile);
947: goto cleanup_url_get;
948: }
1.157 deraadt 949: } else {
1.17 millert 950: out = fileno(stdout);
1.157 deraadt 951: #ifdef SMALL
952: if (lastfile) {
953: if (pledge("stdio tty", NULL) == -1)
954: err(1, "pledge");
955: }
956: #endif
957: }
1.1 millert 958:
959: /* Trap signals */
960: oldintr = NULL;
1.97 martynas 961: oldinti = NULL;
1.1 millert 962: if (setjmp(httpabort)) {
963: if (oldintr)
1.2 millert 964: (void)signal(SIGINT, oldintr);
1.97 martynas 965: if (oldinti)
966: (void)signal(SIGINFO, oldinti);
1.6 millert 967: goto cleanup_url_get;
1.1 millert 968: }
969: oldintr = signal(SIGINT, aborthttp);
970:
971: bytes = 0;
972: hashbytes = mark;
1.84 martynas 973: progressmeter(-1, path);
1.43 millert 974:
975: free(buf);
1.1 millert 976:
977: /* Finally, suck down the file. */
1.113 tedu 978: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 979: errx(1, "Can't allocate memory for transfer buffer");
1.1 millert 980: i = 0;
1.61 deraadt 981: len = 1;
1.97 martynas 982: oldinti = signal(SIGINFO, psummary);
1.61 deraadt 983: while (len > 0) {
1.134 jsing 984: len = ftp_read(fin, tls, buf, buflen);
1.1 millert 985: bytes += len;
1.61 deraadt 986: for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) {
987: if ((i = write(out, cp, wlen)) == -1) {
1.1 millert 988: warn("Writing %s", savefile);
1.97 martynas 989: signal(SIGINFO, oldinti);
1.6 millert 990: goto cleanup_url_get;
1.1 millert 991: }
992: else if (i == 0)
993: break;
994: }
995: if (hash && !progress) {
996: while (bytes >= hashbytes) {
1.10 deraadt 997: (void)putc('#', ttyout);
1.1 millert 998: hashbytes += mark;
999: }
1.10 deraadt 1000: (void)fflush(ttyout);
1.1 millert 1001: }
1002: }
1.97 martynas 1003: signal(SIGINFO, oldinti);
1.1 millert 1004: if (hash && !progress && bytes > 0) {
1005: if (bytes < mark)
1.10 deraadt 1006: (void)putc('#', ttyout);
1007: (void)putc('\n', ttyout);
1008: (void)fflush(ttyout);
1.1 millert 1009: }
1010: if (len != 0) {
1011: warn("Reading from socket");
1.6 millert 1012: goto cleanup_url_get;
1.1 millert 1013: }
1.84 martynas 1014: progressmeter(1, NULL);
1.75 martynas 1015: if (
1016: #ifndef SMALL
1017: !resume &&
1.78 martynas 1018: #endif /* !SMALL */
1.75 martynas 1019: filesize != -1 && len == 0 && bytes != filesize) {
1.24 deraadt 1020: if (verbose)
1021: fputs("Read short file.\n", ttyout);
1022: goto cleanup_url_get;
1023: }
1024:
1.1 millert 1025: if (verbose)
1.97 martynas 1026: ptransfer(0);
1.2 millert 1027: (void)signal(SIGINT, oldintr);
1.1 millert 1028:
1.40 fgsch 1029: rval = 0;
1030: goto cleanup_url_get;
1.1 millert 1031:
1.14 millert 1032: noftpautologin:
1033: warnx(
1034: "Auto-login using ftp URLs isn't supported when using $ftp_proxy");
1035: goto cleanup_url_get;
1036:
1.1 millert 1037: improper:
1.8 millert 1038: warnx("Improper response from %s", host);
1.14 millert 1039:
1.6 millert 1040: cleanup_url_get:
1.154 deraadt 1041: #ifndef NOSSL
1.134 jsing 1042: if (tls != NULL) {
1.167 jsing 1043: if (tls_session_fd != -1)
1044: dprintf(STDERR_FILENO, "tls session resumed: %s\n",
1045: tls_conn_session_resumed(tls) ? "yes" : "no");
1.163 sunil 1046: do {
1047: i = tls_close(tls);
1048: } while (i == TLS_WANT_POLLIN || i == TLS_WANT_POLLOUT);
1.134 jsing 1049: tls_free(tls);
1.61 deraadt 1050: }
1.102 halex 1051: free(full_host);
1.128 jca 1052: free(sslhost);
1.154 deraadt 1053: #endif /* !NOSSL */
1.165 procter 1054: if (fin != NULL) {
1.40 fgsch 1055: fclose(fin);
1.165 procter 1056: fin = NULL;
1057: }
1.166 procter 1058: if (fd != -1) {
1059: close(fd);
1060: fd = -1;
1.165 procter 1061: }
1.162 sthen 1062: if (out >= 0 && out != fileno(stdout))
1063: close(out);
1.67 steven 1064: free(buf);
1.136 bluhm 1065: free(proxyhost);
1.67 steven 1066: free(proxyurl);
1.62 ray 1067: free(newline);
1.123 guenther 1068: free(credentials);
1.40 fgsch 1069: return (rval);
1.1 millert 1070: }
1071:
1072: /*
1073: * Abort a http retrieval
1074: */
1.51 deraadt 1075: /* ARGSUSED */
1.1 millert 1076: void
1.51 deraadt 1077: aborthttp(int signo)
1.1 millert 1078: {
1079:
1080: alarmtimer(0);
1.10 deraadt 1081: fputs("\nhttp fetch aborted.\n", ttyout);
1082: (void)fflush(ttyout);
1.1 millert 1083: longjmp(httpabort, 1);
1084: }
1085:
1086: /*
1.22 deraadt 1087: * Abort a http retrieval
1088: */
1.51 deraadt 1089: /* ARGSUSED */
1.22 deraadt 1090: void
1.51 deraadt 1091: abortfile(int signo)
1.22 deraadt 1092: {
1093:
1094: alarmtimer(0);
1095: fputs("\nfile fetch aborted.\n", ttyout);
1096: (void)fflush(ttyout);
1097: longjmp(httpabort, 1);
1098: }
1099:
1100: /*
1.1 millert 1101: * Retrieve multiple files from the command line, transferring
1102: * files of the form "host:path", "ftp://host/path" using the
1103: * ftp protocol, and files of the form "http://host/path" using
1104: * the http protocol.
1.2 millert 1105: * If path has a trailing "/", then return (-1);
1.1 millert 1106: * the path will be cd-ed into and the connection remains open,
1107: * and the function will return -1 (to indicate the connection
1108: * is alive).
1109: * If an error occurs the return value will be the offset+1 in
1110: * argv[] of the file that caused a problem (i.e, argv[x]
1111: * returns x+1)
1112: * Otherwise, 0 is returned if all files retrieved successfully.
1113: */
1114: int
1.50 deraadt 1115: auto_fetch(int argc, char *argv[], char *outfile)
1.1 millert 1116: {
1117: char *xargv[5];
1.62 ray 1118: char *cp, *url, *host, *dir, *file, *portnum;
1119: char *username, *pass, *pathstart;
1.6 millert 1120: char *ftpproxy, *httpproxy;
1.157 deraadt 1121: int rval, xargc, lastfile;
1.14 millert 1122: volatile int argpos;
1.49 krw 1123: int dirhasglob, filehasglob, oautologin;
1.137 deraadt 1124: char rempath[PATH_MAX];
1.1 millert 1125:
1126: argpos = 0;
1127:
1128: if (setjmp(toplevel)) {
1129: if (connected)
1130: disconnect(0, NULL);
1.2 millert 1131: return (argpos + 1);
1.1 millert 1132: }
1.3 millert 1133: (void)signal(SIGINT, (sig_t)intr);
1134: (void)signal(SIGPIPE, (sig_t)lostpeer);
1.1 millert 1135:
1.45 millert 1136: if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0')
1137: ftpproxy = NULL;
1138: if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
1139: httpproxy = NULL;
1.6 millert 1140:
1.1 millert 1141: /*
1142: * Loop through as long as there's files to fetch.
1143: */
1.123 guenther 1144: username = pass = NULL;
1.62 ray 1145: for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) {
1.1 millert 1146: if (strchr(argv[argpos], ':') == NULL)
1147: break;
1.123 guenther 1148:
1149: free(username);
1150: free(pass);
1.62 ray 1151: host = dir = file = portnum = username = pass = NULL;
1.1 millert 1152:
1.157 deraadt 1153: lastfile = (argv[argpos+1] == NULL);
1154:
1.1 millert 1155: /*
1156: * We muck with the string, so we make a copy.
1157: */
1.62 ray 1158: url = strdup(argv[argpos]);
1159: if (url == NULL)
1.1 millert 1160: errx(1, "Can't allocate memory for auto-fetch.");
1161:
1162: /*
1163: * Try HTTP URL-style arguments first.
1164: */
1.62 ray 1165: if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1166: #ifndef NOSSL
1.61 deraadt 1167: /* even if we compiled without SSL, url_get will check */
1.62 ray 1168: strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 ||
1.154 deraadt 1169: #endif /* !NOSSL */
1.62 ray 1170: strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
1.54 fgsch 1171: redirect_loop = 0;
1.157 deraadt 1172: if (url_get(url, httpproxy, outfile, lastfile) == -1)
1.1 millert 1173: rval = argpos + 1;
1174: continue;
1175: }
1176:
1177: /*
1.6 millert 1178: * Try FTP URL-style arguments next. If ftpproxy is
1179: * set, use url_get() instead of standard ftp.
1180: * Finally, try host:file.
1.1 millert 1181: */
1.62 ray 1182: host = url;
1183: if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.37 heko 1184: char *passend, *passagain, *userend;
1.31 itojun 1185:
1.6 millert 1186: if (ftpproxy) {
1.157 deraadt 1187: if (url_get(url, ftpproxy, outfile, lastfile) == -1)
1.6 millert 1188: rval = argpos + 1;
1189: continue;
1190: }
1.1 millert 1191: host += sizeof(FTP_URL) - 1;
1.8 millert 1192: dir = strchr(host, '/');
1.1 millert 1193:
1.8 millert 1194: /* Look for [user:pass@]host[:port] */
1.31 itojun 1195:
1196: /* check if we have "user:pass@" */
1.37 heko 1197: userend = strchr(host, ':');
1.31 itojun 1198: passend = strchr(host, '@');
1199: if (passend && userend && userend < passend &&
1200: (!dir || passend < dir)) {
1.62 ray 1201: username = host;
1.31 itojun 1202: pass = userend + 1;
1203: host = passend + 1;
1204: *userend = *passend = '\0';
1.37 heko 1205: passagain = strchr(host, '@');
1.42 deraadt 1206: if (strchr(pass, '@') != NULL ||
1.37 heko 1207: (passagain != NULL && passagain < dir)) {
1208: warnx(at_encoding_warning);
1.123 guenther 1209: username = pass = NULL;
1.37 heko 1210: goto bad_ftp_url;
1.42 deraadt 1211: }
1.31 itojun 1212:
1.77 martynas 1213: if (EMPTYSTRING(username)) {
1.11 millert 1214: bad_ftp_url:
1.31 itojun 1215: warnx("Invalid URL: %s", argv[argpos]);
1216: rval = argpos + 1;
1.123 guenther 1217: username = pass = NULL;
1.31 itojun 1218: continue;
1219: }
1.62 ray 1220: username = urldecode(username);
1.37 heko 1221: pass = urldecode(pass);
1.8 millert 1222: }
1.31 itojun 1223:
1224: /* check [host]:port, or [host] */
1225: if (host[0] == '[') {
1226: cp = strchr(host, ']');
1227: if (cp && (!dir || cp < dir)) {
1228: if (cp + 1 == dir || cp[1] == ':') {
1229: host++;
1230: *cp++ = '\0';
1231: } else
1232: cp = NULL;
1233: } else
1234: cp = host;
1.25 itojun 1235: } else
1236: cp = host;
1.31 itojun 1237:
1238: /* split off host[:port] if there is */
1239: if (cp) {
1240: portnum = strchr(cp, ':');
1.52 henning 1241: pathstart = strchr(cp, '/');
1242: /* : in path is not a port # indicator */
1243: if (portnum && pathstart &&
1244: pathstart < portnum)
1245: portnum = NULL;
1246:
1.31 itojun 1247: if (!portnum)
1248: ;
1249: else {
1250: if (!dir)
1251: ;
1252: else if (portnum + 1 < dir) {
1253: *portnum++ = '\0';
1254: /*
1255: * XXX should check if portnum
1256: * is decimal number
1257: */
1258: } else {
1259: /* empty portnum */
1260: goto bad_ftp_url;
1261: }
1262: }
1263: } else
1264: portnum = NULL;
1.8 millert 1265: } else { /* classic style `host:file' */
1266: dir = strchr(host, ':');
1267: }
1.1 millert 1268: if (EMPTYSTRING(host)) {
1269: rval = argpos + 1;
1270: continue;
1271: }
1272:
1273: /*
1.9 millert 1274: * If dir is NULL, the file wasn't specified
1.1 millert 1275: * (URL looked something like ftp://host)
1276: */
1.8 millert 1277: if (dir != NULL)
1278: *dir++ = '\0';
1.1 millert 1279:
1280: /*
1281: * Extract the file and (if present) directory name.
1282: */
1.42 deraadt 1283: if (!EMPTYSTRING(dir)) {
1.8 millert 1284: cp = strrchr(dir, '/');
1.1 millert 1285: if (cp != NULL) {
1286: *cp++ = '\0';
1287: file = cp;
1288: } else {
1289: file = dir;
1290: dir = NULL;
1291: }
1292: }
1.80 martynas 1293: #ifndef SMALL
1.1 millert 1294: if (debug)
1.42 deraadt 1295: fprintf(ttyout,
1296: "user %s:%s host %s port %s dir %s file %s\n",
1.76 martynas 1297: username, pass ? "XXXX" : NULL, host, portnum,
1298: dir, file);
1.80 martynas 1299: #endif /* !SMALL */
1.1 millert 1300:
1301: /*
1.49 krw 1302: * Set up the connection.
1.1 millert 1303: */
1.49 krw 1304: if (connected)
1305: disconnect(0, NULL);
1306: xargv[0] = __progname;
1307: xargv[1] = host;
1.8 millert 1308: xargv[2] = NULL;
1.49 krw 1309: xargc = 2;
1310: if (!EMPTYSTRING(portnum)) {
1311: xargv[2] = portnum;
1312: xargv[3] = NULL;
1313: xargc = 3;
1314: }
1315: oautologin = autologin;
1.88 martynas 1316: if (username == NULL)
1.89 halex 1317: anonftp = 1;
1318: else {
1319: anonftp = 0;
1.49 krw 1320: autologin = 0;
1.89 halex 1321: }
1.49 krw 1322: setpeer(xargc, xargv);
1323: autologin = oautologin;
1.87 martynas 1324: if (connected == 0 ||
1325: (connected == 1 && autologin && (username == NULL ||
1326: !ftp_login(host, username, pass)))) {
1.49 krw 1327: warnx("Can't connect or login to host `%s'", host);
1.8 millert 1328: rval = argpos + 1;
1329: continue;
1.1 millert 1330: }
1.49 krw 1331:
1332: /* Always use binary transfers. */
1333: setbinary(0, NULL);
1.1 millert 1334:
1.4 millert 1335: dirhasglob = filehasglob = 0;
1336: if (doglob) {
1.42 deraadt 1337: if (!EMPTYSTRING(dir) &&
1.4 millert 1338: strpbrk(dir, "*?[]{}") != NULL)
1339: dirhasglob = 1;
1.42 deraadt 1340: if (!EMPTYSTRING(file) &&
1.4 millert 1341: strpbrk(file, "*?[]{}") != NULL)
1342: filehasglob = 1;
1343: }
1344:
1.1 millert 1345: /* Change directories, if necessary. */
1.42 deraadt 1346: if (!EMPTYSTRING(dir) && !dirhasglob) {
1.1 millert 1347: xargv[0] = "cd";
1348: xargv[1] = dir;
1349: xargv[2] = NULL;
1350: cd(2, xargv);
1.42 deraadt 1351: if (!dirchange) {
1.1 millert 1352: rval = argpos + 1;
1353: continue;
1354: }
1355: }
1356:
1357: if (EMPTYSTRING(file)) {
1.86 martynas 1358: #ifndef SMALL
1.1 millert 1359: rval = -1;
1.86 martynas 1360: #else /* !SMALL */
1361: recvrequest("NLST", "-", NULL, "w", 0, 0);
1362: rval = 0;
1363: #endif /* !SMALL */
1.1 millert 1364: continue;
1365: }
1366:
1.21 marc 1367: if (verbose)
1.10 deraadt 1368: fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file);
1.1 millert 1369:
1.4 millert 1370: if (dirhasglob) {
1371: snprintf(rempath, sizeof(rempath), "%s/%s", dir, file);
1372: file = rempath;
1373: }
1374:
1375: /* Fetch the file(s). */
1.10 deraadt 1376: xargc = 2;
1.1 millert 1377: xargv[0] = "get";
1378: xargv[1] = file;
1379: xargv[2] = NULL;
1.4 millert 1380: if (dirhasglob || filehasglob) {
1381: int ointeractive;
1382:
1383: ointeractive = interactive;
1384: interactive = 0;
1385: xargv[0] = "mget";
1.78 martynas 1386: #ifndef SMALL
1387: if (resume) {
1388: xargc = 3;
1389: xargv[1] = "-c";
1390: xargv[2] = file;
1391: xargv[3] = NULL;
1392: }
1393: #endif /* !SMALL */
1.10 deraadt 1394: mget(xargc, xargv);
1.5 millert 1395: interactive = ointeractive;
1.10 deraadt 1396: } else {
1.17 millert 1397: if (outfile != NULL) {
1398: xargv[2] = outfile;
1399: xargv[3] = NULL;
1.10 deraadt 1400: xargc++;
1401: }
1.75 martynas 1402: #ifndef SMALL
1403: if (resume)
1404: reget(xargc, xargv);
1405: else
1.78 martynas 1406: #endif /* !SMALL */
1.75 martynas 1407: get(xargc, xargv);
1.10 deraadt 1408: }
1.1 millert 1409:
1.4 millert 1410: if ((code / 100) != COMPLETE)
1.1 millert 1411: rval = argpos + 1;
1412: }
1413: if (connected && rval != -1)
1414: disconnect(0, NULL);
1415: return (rval);
1.37 heko 1416: }
1417:
1418: char *
1.50 deraadt 1419: urldecode(const char *str)
1.37 heko 1420: {
1.53 deraadt 1421: char *ret, c;
1422: int i, reallen;
1.37 heko 1423:
1.53 deraadt 1424: if (str == NULL)
1425: return NULL;
1426: if ((ret = malloc(strlen(str)+1)) == NULL)
1427: err(1, "Can't allocate memory for URL decoding");
1428: for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) {
1429: c = str[i];
1430: if (c == '+') {
1431: *ret = ' ';
1432: continue;
1433: }
1.61 deraadt 1434:
1435: /* Cannot use strtol here because next char
1436: * after %xx may be a digit.
1437: */
1.143 guenther 1438: if (c == '%' && isxdigit((unsigned char)str[i+1]) &&
1439: isxdigit((unsigned char)str[i+2])) {
1.53 deraadt 1440: *ret = hextochar(&str[i+1]);
1441: i+=2;
1442: continue;
1443: }
1444: *ret = c;
1445: }
1446: *ret = '\0';
1447:
1448: return ret-reallen;
1.123 guenther 1449: }
1450:
1451: char *
1452: recode_credentials(const char *userinfo)
1453: {
1454: char *ui, *creds;
1455: size_t ulen, credsize;
1456:
1457: /* url-decode the user and pass */
1458: ui = urldecode(userinfo);
1459:
1460: ulen = strlen(ui);
1461: credsize = (ulen + 2) / 3 * 4 + 1;
1462: creds = malloc(credsize);
1463: if (creds == NULL)
1464: errx(1, "out of memory");
1465: if (b64_ntop(ui, ulen, creds, credsize) == -1)
1466: errx(1, "error in base64 encoding");
1467: free(ui);
1468: return (creds);
1.37 heko 1469: }
1470:
1471: char
1.50 deraadt 1472: hextochar(const char *str)
1.37 heko 1473: {
1.143 guenther 1474: unsigned char c, ret;
1.37 heko 1475:
1.53 deraadt 1476: c = str[0];
1477: ret = c;
1478: if (isalpha(c))
1479: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1480: else
1481: ret -= '0';
1482: ret *= 16;
1483:
1484: c = str[1];
1485: ret += c;
1486: if (isalpha(c))
1487: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1488: else
1489: ret -= '0';
1490: return ret;
1.25 itojun 1491: }
1492:
1493: int
1.50 deraadt 1494: isurl(const char *p)
1.25 itojun 1495: {
1.27 millert 1496:
1.26 deraadt 1497: if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 ||
1498: strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1499: #ifndef NOSSL
1.61 deraadt 1500: strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 ||
1.154 deraadt 1501: #endif /* !NOSSL */
1.27 millert 1502: strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 ||
1503: strstr(p, ":/"))
1504: return (1);
1505: return (0);
1.1 millert 1506: }
1.61 deraadt 1507:
1508: char *
1.134 jsing 1509: ftp_readline(FILE *fp, struct tls *tls, size_t *lenp)
1.61 deraadt 1510: {
1511: if (fp != NULL)
1512: return fparseln(fp, lenp, NULL, "\0\0\0", 0);
1.154 deraadt 1513: #ifndef NOSSL
1.134 jsing 1514: else if (tls != NULL)
1515: return SSL_readline(tls, lenp);
1.154 deraadt 1516: #endif /* !NOSSL */
1.61 deraadt 1517: else
1518: return NULL;
1519: }
1520:
1.65 ray 1521: size_t
1.134 jsing 1522: ftp_read(FILE *fp, struct tls *tls, char *buf, size_t len)
1.61 deraadt 1523: {
1.154 deraadt 1524: #ifndef NOSSL
1.161 guenther 1525: ssize_t tret;
1.152 krw 1526: #endif
1.142 jsing 1527: size_t ret = 0;
1528:
1.61 deraadt 1529: if (fp != NULL)
1530: ret = fread(buf, sizeof(char), len, fp);
1.154 deraadt 1531: #ifndef NOSSL
1.142 jsing 1532: else if (tls != NULL) {
1.161 guenther 1533: do {
1534: tret = tls_read(tls, buf, len);
1535: } while (tret == TLS_WANT_POLLIN || tret == TLS_WANT_POLLOUT);
1536: if (tret < 0)
1.153 jsing 1537: errx(1, "SSL read error: %s", tls_error(tls));
1.161 guenther 1538: ret = (size_t)tret;
1.65 ray 1539: }
1.154 deraadt 1540: #endif /* !NOSSL */
1.61 deraadt 1541: return (ret);
1542: }
1543:
1544: int
1.134 jsing 1545: ftp_printf(FILE *fp, struct tls *tls, const char *fmt, ...)
1.61 deraadt 1546: {
1547: int ret;
1548: va_list ap;
1549:
1550: va_start(ap, fmt);
1551:
1552: if (fp != NULL)
1553: ret = vfprintf(fp, fmt, ap);
1.154 deraadt 1554: #ifndef NOSSL
1.134 jsing 1555: else if (tls != NULL)
1556: ret = SSL_vprintf(tls, fmt, ap);
1.154 deraadt 1557: #endif /* !NOSSL */
1.61 deraadt 1558: else
1.92 jsg 1559: ret = 0;
1.61 deraadt 1560:
1561: va_end(ap);
1.136 bluhm 1562: #ifndef SMALL
1563: if (debug) {
1564: va_start(ap, fmt);
1565: ret = vfprintf(ttyout, fmt, ap);
1566: va_end(ap);
1567: }
1568: #endif /* !SMALL */
1.61 deraadt 1569: return (ret);
1570: }
1571:
1.154 deraadt 1572: #ifndef NOSSL
1.61 deraadt 1573: int
1.134 jsing 1574: SSL_vprintf(struct tls *tls, const char *fmt, va_list ap)
1.61 deraadt 1575: {
1.139 bluhm 1576: char *string, *buf;
1.141 beck 1577: size_t len;
1.61 deraadt 1578: int ret;
1579:
1580: if ((ret = vasprintf(&string, fmt, ap)) == -1)
1581: return ret;
1.139 bluhm 1582: buf = string;
1583: len = ret;
1584: while (len > 0) {
1.141 beck 1585: ret = tls_write(tls, buf, len);
1586: if (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT)
1.139 bluhm 1587: continue;
1588: if (ret < 0)
1.153 jsing 1589: errx(1, "SSL write error: %s", tls_error(tls));
1.141 beck 1590: buf += ret;
1591: len -= ret;
1.139 bluhm 1592: }
1.61 deraadt 1593: free(string);
1594: return ret;
1595: }
1596:
1597: char *
1.134 jsing 1598: SSL_readline(struct tls *tls, size_t *lenp)
1.61 deraadt 1599: {
1.141 beck 1600: size_t i, len;
1.61 deraadt 1601: char *buf, *q, c;
1.109 sthen 1602: int ret;
1.61 deraadt 1603:
1604: len = 128;
1605: if ((buf = malloc(len)) == NULL)
1606: errx(1, "Can't allocate memory for transfer buffer");
1607: for (i = 0; ; i++) {
1608: if (i >= len - 1) {
1.132 doug 1609: if ((q = reallocarray(buf, len, 2)) == NULL)
1.61 deraadt 1610: errx(1, "Can't expand transfer buffer");
1611: buf = q;
1612: len *= 2;
1613: }
1.161 guenther 1614: do {
1615: ret = tls_read(tls, &c, 1);
1616: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1.142 jsing 1617: if (ret < 0)
1.140 jsing 1618: errx(1, "SSL read error: %s", tls_error(tls));
1.126 jsing 1619:
1.61 deraadt 1620: buf[i] = c;
1.145 martijn 1621: if (c == '\n') {
1622: buf[i] = '\0';
1.61 deraadt 1623: break;
1.145 martijn 1624: }
1.61 deraadt 1625: }
1626: *lenp = i;
1627: return (buf);
1628: }
1629:
1630: int
1.81 espie 1631: proxy_connect(int socket, char *host, char *cookie)
1.61 deraadt 1632: {
1.66 ray 1633: int l;
1.61 deraadt 1634: char buf[1024];
1635: char *connstr, *hosttail, *port;
1636:
1637: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
1638: (hosttail[1] == '\0' || hosttail[1] == ':')) {
1639: host++;
1640: *hosttail++ = '\0';
1641: } else
1642: hosttail = host;
1643:
1644: port = strrchr(hosttail, ':'); /* find portnum */
1645: if (port != NULL)
1646: *port++ = '\0';
1647: if (!port)
1648: port = "443";
1649:
1.81 espie 1650: if (cookie) {
1651: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
1652: "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n",
1653: host, port, cookie, HTTP_USER_AGENT);
1654: } else {
1655: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n",
1656: host, port, HTTP_USER_AGENT);
1657: }
1658:
1.66 ray 1659: if (l == -1)
1.61 deraadt 1660: errx(1, "Could not allocate memory to assemble connect string!");
1.80 martynas 1661: #ifndef SMALL
1.68 ray 1662: if (debug)
1663: printf("%s", connstr);
1.80 martynas 1664: #endif /* !SMALL */
1.66 ray 1665: if (write(socket, connstr, l) != l)
1.68 ray 1666: err(1, "Could not send connect string");
1.61 deraadt 1667: read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */
1.71 ray 1668: free(connstr);
1.61 deraadt 1669: return(200);
1670: }
1.158 jca 1671: #endif /* !NOSSL */