Annotation of src/usr.bin/ftp/fetch.c, Revision 1.179
1.179 ! deraadt 1: /* $OpenBSD: fetch.c,v 1.178 2019/11/14 23:48:37 jca Exp $ */
1.15 millert 2: /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
1.1 millert 3:
4: /*-
5: * Copyright (c) 1997 The NetBSD Foundation, Inc.
6: * All rights reserved.
7: *
8: * This code is derived from software contributed to The NetBSD Foundation
9: * by Jason Thorpe and Luke Mewburn.
10: *
11: * Redistribution and use in source and binary forms, with or without
12: * modification, are permitted provided that the following conditions
13: * are met:
14: * 1. Redistributions of source code must retain the above copyright
15: * notice, this list of conditions and the following disclaimer.
16: * 2. Redistributions in binary form must reproduce the above copyright
17: * notice, this list of conditions and the following disclaimer in the
18: * documentation and/or other materials provided with the distribution.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
1.15 millert 23: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
1.1 millert 25: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30: * POSSIBILITY OF SUCH DAMAGE.
31: */
32:
33: /*
34: * FTP User Program -- Command line file retrieval
35: */
36:
37: #include <sys/types.h>
38: #include <sys/socket.h>
1.22 deraadt 39: #include <sys/stat.h>
1.1 millert 40:
41: #include <netinet/in.h>
42:
43: #include <arpa/ftp.h>
44: #include <arpa/inet.h>
45:
46: #include <ctype.h>
47: #include <err.h>
1.17 millert 48: #include <libgen.h>
1.1 millert 49: #include <netdb.h>
50: #include <fcntl.h>
1.3 millert 51: #include <signal.h>
1.175 deraadt 52: #include <vis.h>
1.1 millert 53: #include <stdio.h>
1.61 deraadt 54: #include <stdarg.h>
1.19 deraadt 55: #include <errno.h>
1.1 millert 56: #include <stdlib.h>
57: #include <string.h>
58: #include <unistd.h>
1.40 fgsch 59: #include <util.h>
1.73 drahn 60: #include <resolv.h>
1.1 millert 61:
1.154 deraadt 62: #ifndef NOSSL
1.134 jsing 63: #include <tls.h>
1.154 deraadt 64: #else /* !NOSSL */
1.134 jsing 65: struct tls;
1.154 deraadt 66: #endif /* !NOSSL */
1.61 deraadt 67:
1.1 millert 68: #include "ftp_var.h"
1.86 martynas 69: #include "cmds.h"
1.1 millert 70:
1.157 deraadt 71: static int url_get(const char *, const char *, const char *, int);
1.178 jca 72: static int save_chunked(FILE *, struct tls *, int , char *, size_t);
1.177 jca 73: static void aborthttp(int);
74: static void abortfile(int);
75: static char hextochar(const char *);
76: static char *urldecode(const char *);
77: static char *recode_credentials(const char *_userinfo);
78: static char *ftp_readline(FILE *, size_t *);
79: static void ftp_close(FILE **, struct tls **, volatile int *);
80: static const char *sockerror(struct tls *);
1.158 jca 81: #ifndef NOSSL
1.177 jca 82: static int proxy_connect(int, char *, char *);
83: static int stdio_tls_write_wrapper(void *, const char *, int);
84: static int stdio_tls_read_wrapper(void *, char *, int);
1.158 jca 85: #endif /* !NOSSL */
1.14 millert 86:
1.1 millert 87: #define FTP_URL "ftp://" /* ftp URL prefix */
88: #define HTTP_URL "http://" /* http URL prefix */
1.61 deraadt 89: #define HTTPS_URL "https://" /* https URL prefix */
1.22 deraadt 90: #define FILE_URL "file:" /* file URL prefix */
1.6 millert 91: #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */
1.1 millert 92: #define HTTP_PROXY "http_proxy" /* env var with http proxy location */
93:
94: #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0'))
95:
1.110 guenther 96: static const char at_encoding_warning[] =
1.53 deraadt 97: "Extra `@' characters in usernames and passwords should be encoded as %%40";
1.37 heko 98:
1.177 jca 99: static jmp_buf httpabort;
1.1 millert 100:
1.54 fgsch 101: static int redirect_loop;
1.171 jca 102: static int retried;
1.54 fgsch 103:
1.1 millert 104: /*
1.95 martynas 105: * Determine whether the character needs encoding, per RFC1738:
1.160 krw 106: * - No corresponding graphic US-ASCII.
107: * - Unsafe characters.
1.95 martynas 108: */
109: static int
1.138 jca 110: unsafe_char(const char *c0)
1.95 martynas 111: {
112: const char *unsafe_chars = " <>\"#{}|\\^~[]`";
1.138 jca 113: const unsigned char *c = (const unsigned char *)c0;
1.95 martynas 114:
115: /*
116: * No corresponding graphic US-ASCII.
117: * Control characters and octets not used in US-ASCII.
118: */
119: return (iscntrl(*c) || !isascii(*c) ||
120:
121: /*
122: * Unsafe characters.
123: * '%' is also unsafe, if is not followed by two
124: * hexadecimal digits.
125: */
126: strchr(unsafe_chars, *c) != NULL ||
127: (*c == '%' && (!isxdigit(*++c) || !isxdigit(*++c))));
128: }
129:
130: /*
131: * Encode given URL, per RFC1738.
132: * Allocate and return string to the caller.
133: */
134: static char *
135: url_encode(const char *path)
136: {
137: size_t i, length, new_length;
138: char *epath, *epathp;
139:
140: length = new_length = strlen(path);
141:
142: /*
143: * First pass:
144: * Count unsafe characters, and determine length of the
145: * final URL.
146: */
147: for (i = 0; i < length; i++)
148: if (unsafe_char(path + i))
149: new_length += 2;
150:
151: epath = epathp = malloc(new_length + 1); /* One more for '\0'. */
152: if (epath == NULL)
1.102 halex 153: err(1, "Can't allocate memory for URL encoding");
1.95 martynas 154:
155: /*
156: * Second pass:
157: * Encode, and copy final URL.
158: */
159: for (i = 0; i < length; i++)
160: if (unsafe_char(path + i)) {
1.138 jca 161: snprintf(epathp, 4, "%%" "%02x",
162: (unsigned char)path[i]);
1.95 martynas 163: epathp += 3;
164: } else
165: *(epathp++) = path[i];
166:
167: *epathp = '\0';
168: return (epath);
169: }
170:
1.155 deraadt 171: /* ARGSUSED */
172: static void
173: tooslow(int signo)
174: {
175: dprintf(STDERR_FILENO, "%s: connect taking too long\n", __progname);
176: _exit(2);
177: }
178:
1.95 martynas 179: /*
1.6 millert 180: * Retrieve URL, via the proxy in $proxyvar if necessary.
1.1 millert 181: * Modifies the string argument given.
182: * Returns -1 on failure, 0 on success
183: */
1.14 millert 184: static int
1.157 deraadt 185: url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile)
1.1 millert 186: {
1.69 jsg 187: char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4];
1.62 ray 188: char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL;
1.175 deraadt 189: char *epath, *redirurl, *loctail, *h, *p, gerror[200];
1.53 deraadt 190: int error, i, isftpurl = 0, isfileurl = 0, isredirect = 0, rval = -1;
1.172 jca 191: int isunavail = 0, retryafter = -1;
1.152 krw 192: struct addrinfo hints, *res0, *res;
1.34 millert 193: const char * volatile savefile;
1.62 ray 194: char * volatile proxyurl = NULL;
1.123 guenther 195: char *credentials = NULL;
1.166 procter 196: volatile int fd = -1, out = -1;
1.97 martynas 197: volatile sig_t oldintr, oldinti;
1.53 deraadt 198: FILE *fin = NULL;
1.1 millert 199: off_t hashbytes;
1.58 grunk 200: const char *errstr;
1.114 tedu 201: ssize_t len, wlen;
1.136 bluhm 202: char *proxyhost = NULL;
1.154 deraadt 203: #ifndef NOSSL
1.61 deraadt 204: char *sslpath = NULL, *sslhost = NULL;
1.159 krw 205: char *full_host = NULL;
1.102 halex 206: const char *scheme;
1.123 guenther 207: int ishttpurl = 0, ishttpsurl = 0;
1.159 krw 208: #endif /* !NOSSL */
209: #ifndef SMALL
210: char *locbase;
1.152 krw 211: struct addrinfo *ares = NULL;
1.159 krw 212: #endif
1.134 jsing 213: struct tls *tls = NULL;
1.70 deraadt 214: int status;
1.105 haesbaer 215: int save_errno;
1.113 tedu 216: const size_t buflen = 128 * 1024;
1.178 jca 217: int chunked = 0;
1.14 millert 218:
1.97 martynas 219: direction = "received";
220:
1.62 ray 221: newline = strdup(origline);
222: if (newline == NULL)
1.14 millert 223: errx(1, "Can't allocate memory to parse URL");
1.102 halex 224: if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) {
1.62 ray 225: host = newline + sizeof(HTTP_URL) - 1;
1.102 halex 226: #ifndef SMALL
1.123 guenther 227: ishttpurl = 1;
1.102 halex 228: scheme = HTTP_URL;
229: #endif /* !SMALL */
230: } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.62 ray 231: host = newline + sizeof(FTP_URL) - 1;
1.14 millert 232: isftpurl = 1;
1.102 halex 233: #ifndef SMALL
234: scheme = FTP_URL;
235: #endif /* !SMALL */
1.62 ray 236: } else if (strncasecmp(newline, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
237: host = newline + sizeof(FILE_URL) - 1;
1.22 deraadt 238: isfileurl = 1;
1.154 deraadt 239: #ifndef NOSSL
1.102 halex 240: scheme = FILE_URL;
1.62 ray 241: } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) {
242: host = newline + sizeof(HTTPS_URL) - 1;
1.61 deraadt 243: ishttpsurl = 1;
1.102 halex 244: scheme = HTTPS_URL;
1.154 deraadt 245: #endif /* !NOSSL */
1.14 millert 246: } else
1.62 ray 247: errx(1, "url_get: Invalid URL '%s'", newline);
1.6 millert 248:
1.22 deraadt 249: if (isfileurl) {
250: path = host;
251: } else {
1.93 martynas 252: path = strchr(host, '/'); /* Find path */
1.22 deraadt 253: if (EMPTYSTRING(path)) {
1.93 martynas 254: if (outfile) { /* No slash, but */
255: path=strchr(host,'\0'); /* we have outfile. */
256: goto noslash;
257: }
1.22 deraadt 258: if (isftpurl)
259: goto noftpautologin;
1.94 martynas 260: warnx("No `/' after host (use -o): %s", origline);
1.22 deraadt 261: goto cleanup_url_get;
262: }
263: *path++ = '\0';
1.93 martynas 264: if (EMPTYSTRING(path) && !outfile) {
1.22 deraadt 265: if (isftpurl)
266: goto noftpautologin;
1.94 martynas 267: warnx("No filename after host (use -o): %s", origline);
1.22 deraadt 268: goto cleanup_url_get;
269: }
1.14 millert 270: }
1.1 millert 271:
1.93 martynas 272: noslash:
1.106 haesbaer 273:
1.154 deraadt 274: #ifndef NOSSL
1.106 haesbaer 275: /*
276: * Look for auth header in host, since now host does not
277: * contain the path. Basic auth from RFC 2617, valid
278: * characters for path are in RFC 3986 section 3.3.
279: */
1.123 guenther 280: if (proxyenv == NULL && (ishttpurl || ishttpsurl)) {
1.106 haesbaer 281: if ((p = strchr(host, '@')) != NULL) {
1.123 guenther 282: *p = '\0';
283: credentials = recode_credentials(host);
1.106 haesbaer 284: host = p + 1;
285: }
286: }
1.154 deraadt 287: #endif /* NOSSL */
1.106 haesbaer 288:
1.17 millert 289: if (outfile)
290: savefile = outfile;
1.93 martynas 291: else {
292: if (path[strlen(path) - 1] == '/') /* Consider no file */
293: savefile = NULL; /* after dir invalid. */
294: else
295: savefile = basename(path);
1.75 martynas 296: }
297:
1.14 millert 298: if (EMPTYSTRING(savefile)) {
299: if (isftpurl)
300: goto noftpautologin;
1.94 martynas 301: warnx("No filename after directory (use -o): %s", origline);
1.6 millert 302: goto cleanup_url_get;
1.14 millert 303: }
1.1 millert 304:
1.93 martynas 305: #ifndef SMALL
1.100 halex 306: if (resume && pipeout) {
1.93 martynas 307: warnx("can't append to stdout");
308: goto cleanup_url_get;
309: }
310: #endif /* !SMALL */
311:
1.59 uwe 312: if (!isfileurl && proxyenv != NULL) { /* use proxy */
1.154 deraadt 313: #ifndef NOSSL
1.61 deraadt 314: if (ishttpsurl) {
315: sslpath = strdup(path);
316: sslhost = strdup(host);
317: if (! sslpath || ! sslhost)
318: errx(1, "Can't allocate memory for https path/host.");
319: }
1.154 deraadt 320: #endif /* !NOSSL */
1.136 bluhm 321: proxyhost = strdup(host);
322: if (proxyhost == NULL)
323: errx(1, "Can't allocate memory for proxy host.");
1.62 ray 324: proxyurl = strdup(proxyenv);
325: if (proxyurl == NULL)
1.14 millert 326: errx(1, "Can't allocate memory for proxy URL.");
1.62 ray 327: if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0)
328: host = proxyurl + sizeof(HTTP_URL) - 1;
329: else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0)
330: host = proxyurl + sizeof(FTP_URL) - 1;
1.6 millert 331: else {
1.14 millert 332: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 333: goto cleanup_url_get;
334: }
1.14 millert 335: if (EMPTYSTRING(host)) {
336: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 337: goto cleanup_url_get;
1.14 millert 338: }
1.93 martynas 339: if (*--path == '\0')
340: *path = '/'; /* add / back to real path */
1.1 millert 341: path = strchr(host, '/'); /* remove trailing / on host */
1.42 deraadt 342: if (!EMPTYSTRING(path))
1.73 drahn 343: *path++ = '\0'; /* i guess this ++ is useless */
344:
345: path = strchr(host, '@'); /* look for credentials in proxy */
346: if (!EMPTYSTRING(path)) {
1.81 espie 347: *path = '\0';
1.123 guenther 348: if (strchr(host, ':') == NULL) {
1.73 drahn 349: warnx("Malformed proxy URL: %s", proxyenv);
350: goto cleanup_url_get;
351: }
1.123 guenther 352: credentials = recode_credentials(host);
1.81 espie 353: *path = '@'; /* restore @ in proxyurl */
1.123 guenther 354:
1.73 drahn 355: /*
1.81 espie 356: * This removes the password from proxyurl,
1.73 drahn 357: * filling with stars
358: */
1.81 espie 359: for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@';
1.179 ! deraadt 360: host++)
1.73 drahn 361: *host = '*';
362:
1.81 espie 363: host = path + 1;
1.73 drahn 364: }
1.123 guenther 365:
1.62 ray 366: path = newline;
1.1 millert 367: }
368:
1.22 deraadt 369: if (isfileurl) {
370: struct stat st;
371:
1.166 procter 372: fd = open(path, O_RDONLY);
373: if (fd == -1) {
1.22 deraadt 374: warn("Can't open file %s", path);
375: goto cleanup_url_get;
376: }
377:
1.166 procter 378: if (fstat(fd, &st) == -1)
1.22 deraadt 379: filesize = -1;
380: else
381: filesize = st.st_size;
382:
1.83 martynas 383: /* Open the output file. */
1.100 halex 384: if (!pipeout) {
1.75 martynas 385: #ifndef SMALL
386: if (resume)
1.82 deraadt 387: out = open(savefile, O_CREAT | O_WRONLY |
388: O_APPEND, 0666);
389:
1.75 martynas 390: else
1.78 martynas 391: #endif /* !SMALL */
1.75 martynas 392: out = open(savefile, O_CREAT | O_WRONLY |
393: O_TRUNC, 0666);
1.22 deraadt 394: if (out < 0) {
395: warn("Can't open %s", savefile);
396: goto cleanup_url_get;
397: }
398: } else
399: out = fileno(stdout);
400:
1.75 martynas 401: #ifndef SMALL
402: if (resume) {
403: if (fstat(out, &st) == -1) {
404: warn("Can't fstat %s", savefile);
405: goto cleanup_url_get;
406: }
1.166 procter 407: if (lseek(fd, st.st_size, SEEK_SET) == -1) {
1.75 martynas 408: warn("Can't lseek %s", path);
409: goto cleanup_url_get;
410: }
411: restart_point = st.st_size;
412: }
1.78 martynas 413: #endif /* !SMALL */
1.75 martynas 414:
1.22 deraadt 415: /* Trap signals */
416: oldintr = NULL;
1.97 martynas 417: oldinti = NULL;
1.22 deraadt 418: if (setjmp(httpabort)) {
419: if (oldintr)
420: (void)signal(SIGINT, oldintr);
1.97 martynas 421: if (oldinti)
422: (void)signal(SIGINFO, oldinti);
1.22 deraadt 423: goto cleanup_url_get;
424: }
425: oldintr = signal(SIGINT, abortfile);
1.42 deraadt 426:
1.22 deraadt 427: bytes = 0;
428: hashbytes = mark;
1.84 martynas 429: progressmeter(-1, path);
1.40 fgsch 430:
1.113 tedu 431: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 432: errx(1, "Can't allocate memory for transfer buffer");
1.42 deraadt 433:
1.22 deraadt 434: /* Finally, suck down the file. */
435: i = 0;
1.97 martynas 436: oldinti = signal(SIGINFO, psummary);
1.166 procter 437: while ((len = read(fd, buf, buflen)) > 0) {
1.22 deraadt 438: bytes += len;
439: for (cp = buf; len > 0; len -= i, cp += i) {
440: if ((i = write(out, cp, len)) == -1) {
441: warn("Writing %s", savefile);
1.97 martynas 442: signal(SIGINFO, oldinti);
1.22 deraadt 443: goto cleanup_url_get;
1.179 ! deraadt 444: } else if (i == 0)
1.22 deraadt 445: break;
446: }
447: if (hash && !progress) {
448: while (bytes >= hashbytes) {
449: (void)putc('#', ttyout);
450: hashbytes += mark;
451: }
452: (void)fflush(ttyout);
453: }
454: }
1.97 martynas 455: signal(SIGINFO, oldinti);
1.22 deraadt 456: if (hash && !progress && bytes > 0) {
457: if (bytes < mark)
458: (void)putc('#', ttyout);
459: (void)putc('\n', ttyout);
460: (void)fflush(ttyout);
461: }
462: if (len != 0) {
463: warn("Reading from file");
464: goto cleanup_url_get;
465: }
1.84 martynas 466: progressmeter(1, NULL);
1.22 deraadt 467: if (verbose)
1.97 martynas 468: ptransfer(0);
1.22 deraadt 469: (void)signal(SIGINT, oldintr);
1.42 deraadt 470:
1.40 fgsch 471: rval = 0;
472: goto cleanup_url_get;
1.22 deraadt 473: }
474:
1.28 itojun 475: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
476: (hosttail[1] == '\0' || hosttail[1] == ':')) {
477: host++;
478: *hosttail++ = '\0';
1.102 halex 479: #ifndef SMALL
480: if (asprintf(&full_host, "[%s]", host) == -1)
481: errx(1, "Cannot allocate memory for hostname");
482: #endif /* !SMALL */
1.28 itojun 483: } else
484: hosttail = host;
485:
486: portnum = strrchr(hosttail, ':'); /* find portnum */
1.1 millert 487: if (portnum != NULL)
488: *portnum++ = '\0';
1.154 deraadt 489: #ifndef NOSSL
1.150 millert 490: port = portnum ? portnum : (ishttpsurl ? httpsport : httpport);
1.154 deraadt 491: #else /* !NOSSL */
1.150 millert 492: port = portnum ? portnum : httpport;
1.154 deraadt 493: #endif /* !NOSSL */
1.1 millert 494:
1.80 martynas 495: #ifndef SMALL
1.102 halex 496: if (full_host == NULL)
497: if ((full_host = strdup(host)) == NULL)
498: errx(1, "Cannot allocate memory for hostname");
1.1 millert 499: if (debug)
1.106 haesbaer 500: fprintf(ttyout, "host %s, port %s, path %s, "
1.150 millert 501: "save as %s, auth %s.\n", host, port, path,
502: savefile, credentials ? credentials : "none");
1.80 martynas 503: #endif /* !SMALL */
1.1 millert 504:
1.25 itojun 505: memset(&hints, 0, sizeof(hints));
1.39 deraadt 506: hints.ai_family = family;
1.25 itojun 507: hints.ai_socktype = SOCK_STREAM;
508: error = getaddrinfo(host, port, &hints, &res0);
1.61 deraadt 509: /*
510: * If the services file is corrupt/missing, fall back
511: * on our hard-coded defines.
512: */
1.30 deraadt 513: if (error == EAI_SERVICE && port == httpport) {
514: snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT);
515: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 516: #ifndef NOSSL
1.61 deraadt 517: } else if (error == EAI_SERVICE && port == httpsport) {
518: snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT);
519: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 520: #endif /* !NOSSL */
1.30 deraadt 521: }
1.25 itojun 522: if (error) {
1.122 guenther 523: warnx("%s: %s", host, gai_strerror(error));
1.25 itojun 524: goto cleanup_url_get;
1.1 millert 525: }
526:
1.105 haesbaer 527: #ifndef SMALL
528: if (srcaddr) {
529: hints.ai_flags |= AI_NUMERICHOST;
530: error = getaddrinfo(srcaddr, NULL, &hints, &ares);
531: if (error) {
1.122 guenther 532: warnx("%s: %s", srcaddr, gai_strerror(error));
1.105 haesbaer 533: goto cleanup_url_get;
534: }
535: }
536: #endif /* !SMALL */
1.135 deraadt 537:
538: /* ensure consistent order of the output */
539: if (verbose)
540: setvbuf(ttyout, NULL, _IOLBF, 0);
1.105 haesbaer 541:
1.166 procter 542: fd = -1;
1.25 itojun 543: for (res = res0; res; res = res->ai_next) {
1.44 itojun 544: if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
545: sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
546: strlcpy(hbuf, "(unknown)", sizeof(hbuf));
1.41 deraadt 547: if (verbose)
1.44 itojun 548: fprintf(ttyout, "Trying %s...\n", hbuf);
1.14 millert 549:
1.166 procter 550: fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
551: if (fd == -1) {
1.25 itojun 552: cause = "socket";
553: continue;
1.1 millert 554: }
555:
1.105 haesbaer 556: #ifndef SMALL
557: if (srcaddr) {
558: if (ares->ai_family != res->ai_family) {
1.166 procter 559: close(fd);
560: fd = -1;
1.105 haesbaer 561: errno = EINVAL;
562: cause = "bind";
563: continue;
564: }
1.170 deraadt 565: if (bind(fd, ares->ai_addr, ares->ai_addrlen) == -1) {
1.105 haesbaer 566: save_errno = errno;
1.166 procter 567: close(fd);
1.105 haesbaer 568: errno = save_errno;
1.166 procter 569: fd = -1;
1.105 haesbaer 570: cause = "bind";
571: continue;
572: }
573: }
574: #endif /* !SMALL */
575:
1.155 deraadt 576: if (connect_timeout) {
577: (void)signal(SIGALRM, tooslow);
578: alarmtimer(connect_timeout);
579: }
580:
1.166 procter 581: for (error = connect(fd, res->ai_addr, res->ai_addrlen);
582: error != 0 && errno == EINTR; error = connect_wait(fd))
1.149 millert 583: continue;
584: if (error != 0) {
1.57 otto 585: save_errno = errno;
1.166 procter 586: close(fd);
1.57 otto 587: errno = save_errno;
1.166 procter 588: fd = -1;
1.25 itojun 589: cause = "connect";
1.19 deraadt 590: continue;
591: }
1.25 itojun 592:
1.29 itojun 593: /* get port in numeric */
594: if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0,
595: pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0)
596: port = pbuf;
597: else
598: port = NULL;
599:
1.158 jca 600: #ifndef NOSSL
1.61 deraadt 601: if (proxyenv && sslhost)
1.166 procter 602: proxy_connect(fd, sslhost, credentials);
1.158 jca 603: #endif /* !NOSSL */
1.25 itojun 604: break;
605: }
606: freeaddrinfo(res0);
1.105 haesbaer 607: #ifndef SMALL
608: if (srcaddr)
609: freeaddrinfo(ares);
610: #endif /* !SMALL */
1.166 procter 611: if (fd < 0) {
1.33 millert 612: warn("%s", cause);
1.6 millert 613: goto cleanup_url_get;
1.1 millert 614: }
615:
1.154 deraadt 616: #ifndef NOSSL
1.61 deraadt 617: if (ishttpsurl) {
618: if (proxyenv && sslpath) {
619: ishttpsurl = 0;
1.62 ray 620: proxyurl = NULL;
1.61 deraadt 621: path = sslpath;
622: }
1.131 jca 623: if (sslhost == NULL) {
624: sslhost = strdup(host);
625: if (sslhost == NULL)
626: errx(1, "Can't allocate memory for https host.");
1.116 jca 627: }
1.134 jsing 628: if ((tls = tls_client()) == NULL) {
1.126 jsing 629: fprintf(ttyout, "failed to create SSL client\n");
1.61 deraadt 630: goto cleanup_url_get;
631: }
1.134 jsing 632: if (tls_configure(tls, tls_config) != 0) {
1.126 jsing 633: fprintf(ttyout, "SSL configuration failure: %s\n",
1.134 jsing 634: tls_error(tls));
1.61 deraadt 635: goto cleanup_url_get;
1.117 jca 636: }
1.166 procter 637: if (tls_connect_socket(tls, fd, sslhost) != 0) {
1.134 jsing 638: fprintf(ttyout, "SSL failure: %s\n", tls_error(tls));
1.72 ray 639: goto cleanup_url_get;
1.118 jca 640: }
1.176 jca 641: if (tls_handshake(tls) != 0) {
642: fprintf(ttyout, "SSL failure: %s\n", tls_error(tls));
643: goto cleanup_url_get;
644: }
645: fin = funopen(tls, stdio_tls_read_wrapper,
646: stdio_tls_write_wrapper, NULL, NULL);
1.61 deraadt 647: } else {
1.166 procter 648: fin = fdopen(fd, "r+");
649: fd = -1;
1.61 deraadt 650: }
1.154 deraadt 651: #else /* !NOSSL */
1.166 procter 652: fin = fdopen(fd, "r+");
653: fd = -1;
1.154 deraadt 654: #endif /* !NOSSL */
1.155 deraadt 655:
1.157 deraadt 656: #ifdef SMALL
657: if (lastfile) {
658: if (pipeout) {
659: if (pledge("stdio rpath inet dns tty", NULL) == -1)
660: err(1, "pledge");
661: } else {
662: if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1)
663: err(1, "pledge");
664: }
665: }
666: #endif
667:
1.155 deraadt 668: if (connect_timeout) {
669: signal(SIGALRM, SIG_DFL);
670: alarmtimer(0);
671: }
1.40 fgsch 672:
1.1 millert 673: /*
1.40 fgsch 674: * Construct and send the request. Proxy requests don't want leading /.
1.1 millert 675: */
1.154 deraadt 676: #ifndef NOSSL
1.74 pyr 677: cookie_get(host, path, ishttpsurl, &buf);
1.154 deraadt 678: #endif /* !NOSSL */
1.95 martynas 679:
680: epath = url_encode(path);
1.62 ray 681: if (proxyurl) {
1.151 millert 682: if (verbose) {
683: fprintf(ttyout, "Requesting %s (via %s)\n",
684: origline, proxyurl);
685: }
1.32 itojun 686: /*
687: * Host: directive must use the destination host address for
1.136 bluhm 688: * the original URI (path).
1.32 itojun 689: */
1.123 guenther 690: if (credentials)
1.178 jca 691: fprintf(fin, "GET %s HTTP/1.1\r\n"
692: "Connection: close\r\n"
1.136 bluhm 693: "Proxy-Authorization: Basic %s\r\n"
694: "Host: %s\r\n%s%s\r\n\r\n",
695: epath, credentials,
696: proxyhost, buf ? buf : "", httpuseragent);
1.73 drahn 697: else
1.178 jca 698: fprintf(fin, "GET %s HTTP/1.1\r\n"
699: "Connection: close\r\n"
1.136 bluhm 700: "Host: %s\r\n%s%s\r\n\r\n",
701: epath, proxyhost, buf ? buf : "", httpuseragent);
1.28 itojun 702: } else {
1.151 millert 703: if (verbose)
704: fprintf(ttyout, "Requesting %s\n", origline);
1.90 martynas 705: #ifndef SMALL
706: if (resume) {
707: struct stat stbuf;
708:
709: if (stat(savefile, &stbuf) == 0)
710: restart_point = stbuf.st_size;
711: else
712: restart_point = 0;
713: }
1.154 deraadt 714: #endif /* SMALL */
715: #ifndef NOSSL
1.123 guenther 716: if (credentials) {
1.176 jca 717: fprintf(fin,
1.178 jca 718: "GET /%s HTTP/1.1\r\n"
719: "Connection: close\r\n"
720: "Authorization: Basic %s\r\n"
721: "Host: ", epath, credentials);
1.123 guenther 722: free(credentials);
723: credentials = NULL;
1.106 haesbaer 724: } else
1.154 deraadt 725: #endif /* NOSSL */
1.178 jca 726: fprintf(fin,
727: "GET /%s HTTP/1.1\r\n"
728: "Connection: close\r\n"
729: "Host: ", epath);
1.136 bluhm 730: if (proxyhost) {
1.176 jca 731: fprintf(fin, "%s", proxyhost);
1.136 bluhm 732: port = NULL;
733: } else if (strchr(host, ':')) {
1.55 fgsch 734: /*
735: * strip off scoped address portion, since it's
736: * local to node
737: */
1.32 itojun 738: h = strdup(host);
739: if (h == NULL)
740: errx(1, "Can't allocate memory.");
741: if ((p = strchr(h, '%')) != NULL)
742: *p = '\0';
1.176 jca 743: fprintf(fin, "[%s]", h);
1.32 itojun 744: free(h);
1.55 fgsch 745: } else
1.176 jca 746: fprintf(fin, "%s", host);
1.55 fgsch 747:
748: /*
749: * Send port number only if it's specified and does not equal
750: * 80. Some broken HTTP servers get confused if you explicitly
751: * send them the port number.
752: */
1.154 deraadt 753: #ifndef NOSSL
1.61 deraadt 754: if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0)
1.176 jca 755: fprintf(fin, ":%s", port);
1.90 martynas 756: if (restart_point)
1.176 jca 757: fprintf(fin, "\r\nRange: bytes=%lld-",
1.75 martynas 758: (long long)restart_point);
1.154 deraadt 759: #else /* !NOSSL */
1.55 fgsch 760: if (port && strcmp(port, "80") != 0)
1.176 jca 761: fprintf(fin, ":%s", port);
1.154 deraadt 762: #endif /* !NOSSL */
1.176 jca 763: fprintf(fin, "\r\n%s%s\r\n\r\n",
1.124 lteo 764: buf ? buf : "", httpuseragent);
1.28 itojun 765: }
1.95 martynas 766: free(epath);
1.74 pyr 767:
1.154 deraadt 768: #ifndef NOSSL
1.74 pyr 769: free(buf);
1.156 tb 770: #endif /* !NOSSL */
1.74 pyr 771: buf = NULL;
772:
1.176 jca 773: if (fflush(fin) == EOF) {
774: warnx("Writing HTTP request: %s", sockerror(tls));
1.6 millert 775: goto cleanup_url_get;
1.1 millert 776: }
1.176 jca 777: if ((buf = ftp_readline(fin, &len)) == NULL) {
778: warnx("Receiving HTTP reply: %s", sockerror(tls));
1.40 fgsch 779: goto cleanup_url_get;
1.1 millert 780: }
1.40 fgsch 781:
782: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
783: buf[--len] = '\0';
1.80 martynas 784: #ifndef SMALL
1.40 fgsch 785: if (debug)
786: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 787: #endif /* !SMALL */
1.40 fgsch 788:
1.1 millert 789: cp = strchr(buf, ' ');
790: if (cp == NULL)
791: goto improper;
792: else
793: cp++;
1.69 jsg 794:
795: strlcpy(ststr, cp, sizeof(ststr));
1.171 jca 796: status = strtonum(ststr, 200, 503, &errstr);
1.69 jsg 797: if (errstr) {
1.175 deraadt 798: strnvis(gerror, cp, sizeof gerror, VIS_SAFE);
799: warnx("Error retrieving %s: %s", origline, gerror);
1.69 jsg 800: goto cleanup_url_get;
801: }
802:
803: switch (status) {
804: case 200: /* OK */
1.75 martynas 805: #ifndef SMALL
1.109 sthen 806: /*
1.98 phessler 807: * When we request a partial file, and we receive an HTTP 200
808: * it is a good indication that the server doesn't support
809: * range requests, and is about to send us the entire file.
810: * If the restart_point == 0, then we are not actually
811: * requesting a partial file, and an HTTP 200 is appropriate.
812: */
813: if (resume && restart_point != 0) {
814: warnx("Server does not support resume.");
815: restart_point = resume = 0;
816: }
1.101 halex 817: /* FALLTHROUGH */
1.75 martynas 818: case 206: /* Partial Content */
1.91 halex 819: #endif /* !SMALL */
1.69 jsg 820: break;
821: case 301: /* Moved Permanently */
822: case 302: /* Found */
823: case 303: /* See Other */
824: case 307: /* Temporary Redirect */
1.40 fgsch 825: isredirect++;
1.54 fgsch 826: if (redirect_loop++ > 10) {
827: warnx("Too many redirections requested");
828: goto cleanup_url_get;
829: }
1.69 jsg 830: break;
1.75 martynas 831: #ifndef SMALL
832: case 416: /* Requested Range Not Satisfiable */
833: warnx("File is already fully retrieved.");
834: goto cleanup_url_get;
1.78 martynas 835: #endif /* !SMALL */
1.171 jca 836: case 503:
1.172 jca 837: isunavail = 1;
838: break;
1.69 jsg 839: default:
1.175 deraadt 840: strnvis(gerror, cp, sizeof gerror, VIS_SAFE);
841: warnx("Error retrieving %s: %s", origline, gerror);
1.6 millert 842: goto cleanup_url_get;
1.1 millert 843: }
844:
845: /*
846: * Read the rest of the header.
847: */
1.40 fgsch 848: free(buf);
849: filesize = -1;
850:
1.62 ray 851: for (;;) {
1.176 jca 852: if ((buf = ftp_readline(fin, &len)) == NULL) {
853: warnx("Receiving HTTP reply: %s", sockerror(tls));
1.40 fgsch 854: goto cleanup_url_get;
855: }
1.61 deraadt 856:
1.40 fgsch 857: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
858: buf[--len] = '\0';
859: if (len == 0)
1.1 millert 860: break;
1.80 martynas 861: #ifndef SMALL
1.40 fgsch 862: if (debug)
863: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 864: #endif /* !SMALL */
1.1 millert 865:
1.40 fgsch 866: /* Look for some headers */
867: cp = buf;
1.1 millert 868: #define CONTENTLEN "Content-Length: "
1.40 fgsch 869: if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {
1.104 sthen 870: size_t s;
1.40 fgsch 871: cp += sizeof(CONTENTLEN) - 1;
1.111 deraadt 872: if ((s = strcspn(cp, " \t")))
1.104 sthen 873: *(cp+s) = 0;
1.58 grunk 874: filesize = strtonum(cp, 0, LLONG_MAX, &errstr);
875: if (errstr != NULL)
1.40 fgsch 876: goto improper;
1.75 martynas 877: #ifndef SMALL
1.90 martynas 878: if (restart_point)
1.75 martynas 879: filesize += restart_point;
1.78 martynas 880: #endif /* !SMALL */
1.40 fgsch 881: #define LOCATION "Location: "
882: } else if (isredirect &&
883: strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) {
884: cp += sizeof(LOCATION) - 1;
1.144 sthen 885: /*
886: * If there is a colon before the first slash, this URI
887: * is not relative. RFC 3986 4.2
888: */
889: if (cp[strcspn(cp, ":/")] != ':') {
1.102 halex 890: #ifdef SMALL
891: errx(1, "Relative redirect not supported");
892: #else /* SMALL */
1.144 sthen 893: /* XXX doesn't handle protocol-relative URIs */
1.102 halex 894: if (*cp == '/') {
895: locbase = NULL;
896: cp++;
897: } else {
898: locbase = strdup(path);
899: if (locbase == NULL)
900: errx(1, "Can't allocate memory"
901: " for location base");
902: loctail = strchr(locbase, '#');
903: if (loctail != NULL)
904: *loctail = '\0';
905: loctail = strchr(locbase, '?');
906: if (loctail != NULL)
907: *loctail = '\0';
908: loctail = strrchr(locbase, '/');
909: if (loctail == NULL) {
910: free(locbase);
911: locbase = NULL;
912: } else
913: loctail[1] = '\0';
914: }
915: /* Contruct URL from relative redirect */
916: if (asprintf(&redirurl, "%s%s%s%s/%s%s",
917: scheme, full_host,
918: portnum ? ":" : "",
919: portnum ? portnum : "",
920: locbase ? locbase : "",
921: cp) == -1)
922: errx(1, "Cannot build "
923: "redirect URL");
924: free(locbase);
925: #endif /* SMALL */
926: } else if ((redirurl = strdup(cp)) == NULL)
927: errx(1, "Cannot allocate memory for URL");
928: loctail = strchr(redirurl, '#');
929: if (loctail != NULL)
930: *loctail = '\0';
1.40 fgsch 931: if (verbose)
1.102 halex 932: fprintf(ttyout, "Redirected to %s\n", redirurl);
1.173 jca 933: ftp_close(&fin, &tls, &fd);
1.157 deraadt 934: rval = url_get(redirurl, proxyenv, savefile, lastfile);
1.102 halex 935: free(redirurl);
936: goto cleanup_url_get;
1.172 jca 937: #define RETRYAFTER "Retry-After: "
938: } else if (isunavail &&
939: strncasecmp(cp, RETRYAFTER, sizeof(RETRYAFTER) - 1) == 0) {
940: size_t s;
941: cp += sizeof(RETRYAFTER) - 1;
942: if ((s = strcspn(cp, " \t")))
943: cp[s] = '\0';
944: retryafter = strtonum(cp, 0, 0, &errstr);
945: if (errstr != NULL)
946: retryafter = -1;
1.178 jca 947: #define TRANSFER_ENCODING "Transfer-Encoding: "
948: } else if (strncasecmp(cp, TRANSFER_ENCODING,
949: sizeof(TRANSFER_ENCODING) - 1) == 0) {
950: cp += sizeof(TRANSFER_ENCODING) - 1;
951: cp[strcspn(cp, " \t")] = '\0';
952: if (strcasecmp(cp, "chunked") == 0)
953: chunked = 1;
1.40 fgsch 954: }
1.108 tobias 955: free(buf);
1.172 jca 956: }
957:
1.178 jca 958: /* Content-Length should be ignored for Transfer-Encoding: chunked */
959: if (chunked)
960: filesize = -1;
961:
1.172 jca 962: if (isunavail) {
963: if (retried || retryafter != 0)
1.175 deraadt 964: warnx("Error retrieving %s: 503 Service Unavailable",
965: origline);
1.172 jca 966: else {
967: if (verbose)
968: fprintf(ttyout, "Retrying %s\n", origline);
969: retried = 1;
1.174 jca 970: ftp_close(&fin, &tls, &fd);
1.172 jca 971: rval = url_get(origline, proxyenv, savefile, lastfile);
972: }
973: goto cleanup_url_get;
1.1 millert 974: }
975:
1.17 millert 976: /* Open the output file. */
1.100 halex 977: if (!pipeout) {
1.75 martynas 978: #ifndef SMALL
979: if (resume)
1.83 martynas 980: out = open(savefile, O_CREAT | O_WRONLY | O_APPEND,
981: 0666);
1.75 martynas 982: else
1.78 martynas 983: #endif /* !SMALL */
1.75 martynas 984: out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC,
985: 0666);
1.170 deraadt 986: if (out == -1) {
1.10 deraadt 987: warn("Can't open %s", savefile);
988: goto cleanup_url_get;
989: }
1.157 deraadt 990: } else {
1.17 millert 991: out = fileno(stdout);
1.157 deraadt 992: #ifdef SMALL
993: if (lastfile) {
994: if (pledge("stdio tty", NULL) == -1)
995: err(1, "pledge");
996: }
997: #endif
998: }
1.1 millert 999:
1000: /* Trap signals */
1001: oldintr = NULL;
1.97 martynas 1002: oldinti = NULL;
1.1 millert 1003: if (setjmp(httpabort)) {
1004: if (oldintr)
1.2 millert 1005: (void)signal(SIGINT, oldintr);
1.97 martynas 1006: if (oldinti)
1007: (void)signal(SIGINFO, oldinti);
1.6 millert 1008: goto cleanup_url_get;
1.1 millert 1009: }
1010: oldintr = signal(SIGINT, aborthttp);
1011:
1012: bytes = 0;
1013: hashbytes = mark;
1.84 martynas 1014: progressmeter(-1, path);
1.43 millert 1015:
1016: free(buf);
1.1 millert 1017:
1018: /* Finally, suck down the file. */
1.113 tedu 1019: if ((buf = malloc(buflen)) == NULL)
1.47 deraadt 1020: errx(1, "Can't allocate memory for transfer buffer");
1.97 martynas 1021: oldinti = signal(SIGINFO, psummary);
1.178 jca 1022: if (chunked) {
1023: if (save_chunked(fin, tls, out, buf, buflen) == -1) {
1024: signal(SIGINFO, oldinti);
1025: goto cleanup_url_get;
1026: }
1027: } else {
1028: i = 0;
1029: len = 1;
1030: while (len > 0) {
1031: len = fread(buf, 1, buflen, fin);
1032: bytes += len;
1033: for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) {
1034: if ((i = write(out, cp, wlen)) == -1) {
1035: warn("Writing %s", savefile);
1036: signal(SIGINFO, oldinti);
1037: goto cleanup_url_get;
1.179 ! deraadt 1038: } else if (i == 0)
1.178 jca 1039: break;
1040: }
1041: if (hash && !progress) {
1042: while (bytes >= hashbytes) {
1043: (void)putc('#', ttyout);
1044: hashbytes += mark;
1045: }
1046: (void)fflush(ttyout);
1.1 millert 1047: }
1048: }
1.178 jca 1049: signal(SIGINFO, oldinti);
1050: if (hash && !progress && bytes > 0) {
1051: if (bytes < mark)
1.10 deraadt 1052: (void)putc('#', ttyout);
1.178 jca 1053: (void)putc('\n', ttyout);
1.10 deraadt 1054: (void)fflush(ttyout);
1.1 millert 1055: }
1.178 jca 1056: if (len != 0) {
1057: warnx("Reading from socket: %s", sockerror(tls));
1058: goto cleanup_url_get;
1059: }
1.1 millert 1060: }
1.84 martynas 1061: progressmeter(1, NULL);
1.75 martynas 1062: if (
1063: #ifndef SMALL
1064: !resume &&
1.78 martynas 1065: #endif /* !SMALL */
1.75 martynas 1066: filesize != -1 && len == 0 && bytes != filesize) {
1.24 deraadt 1067: if (verbose)
1068: fputs("Read short file.\n", ttyout);
1069: goto cleanup_url_get;
1070: }
1071:
1.1 millert 1072: if (verbose)
1.97 martynas 1073: ptransfer(0);
1.2 millert 1074: (void)signal(SIGINT, oldintr);
1.1 millert 1075:
1.40 fgsch 1076: rval = 0;
1077: goto cleanup_url_get;
1.1 millert 1078:
1.14 millert 1079: noftpautologin:
1080: warnx(
1081: "Auto-login using ftp URLs isn't supported when using $ftp_proxy");
1082: goto cleanup_url_get;
1083:
1.1 millert 1084: improper:
1.8 millert 1085: warnx("Improper response from %s", host);
1.14 millert 1086:
1.6 millert 1087: cleanup_url_get:
1.154 deraadt 1088: #ifndef NOSSL
1.102 halex 1089: free(full_host);
1.128 jca 1090: free(sslhost);
1.154 deraadt 1091: #endif /* !NOSSL */
1.173 jca 1092: ftp_close(&fin, &tls, &fd);
1.162 sthen 1093: if (out >= 0 && out != fileno(stdout))
1094: close(out);
1.67 steven 1095: free(buf);
1.136 bluhm 1096: free(proxyhost);
1.67 steven 1097: free(proxyurl);
1.62 ray 1098: free(newline);
1.123 guenther 1099: free(credentials);
1.40 fgsch 1100: return (rval);
1.178 jca 1101: }
1102:
1103: static int
1104: save_chunked(FILE *fin, struct tls *tls, int out, char *buf, size_t buflen)
1105: {
1106:
1107: char *header, *end, *cp;
1108: unsigned long chunksize;
1109: size_t hlen, rlen, wlen;
1110: ssize_t written;
1111: char cr, lf;
1112:
1113: for (;;) {
1114: header = ftp_readline(fin, &hlen);
1115: if (header == NULL)
1116: break;
1117: /* strip CRLF and any optional chunk extension */
1118: header[strcspn(header, ";\r\n")] = '\0';
1119: errno = 0;
1120: chunksize = strtoul(header, &end, 16);
1121: if (errno || header[0] == '\0' || *end != '\0' ||
1122: chunksize > INT_MAX) {
1123: warnx("Invalid chunk size '%s'", header);
1124: free(header);
1125: return -1;
1126: }
1127: free(header);
1128:
1129: if (chunksize == 0) {
1130: /* We're done. Ignore optional trailer. */
1131: return 0;
1132: }
1133:
1134: for (written = 0; chunksize != 0; chunksize -= rlen) {
1135: rlen = (chunksize < buflen) ? chunksize : buflen;
1136: rlen = fread(buf, 1, rlen, fin);
1137: if (rlen == 0)
1138: break;
1139: bytes += rlen;
1140: for (cp = buf, wlen = rlen; wlen > 0;
1.179 ! deraadt 1141: wlen -= written, cp += written) {
1.178 jca 1142: if ((written = write(out, cp, wlen)) == -1) {
1143: warn("Writing output file");
1144: return -1;
1145: }
1146: }
1147: }
1148:
1149: if (rlen == 0 ||
1150: fread(&cr, 1, 1, fin) != 1 ||
1151: fread(&lf, 1, 1, fin) != 1)
1152: break;
1153:
1154: if (cr != '\r' || lf != '\n') {
1155: warnx("Invalid chunked encoding");
1156: return -1;
1157: }
1158: }
1159:
1160: if (ferror(fin))
1161: warnx("Error while reading from socket: %s", sockerror(tls));
1162: else
1163: warnx("Invalid chunked encoding: short read");
1164:
1165: return -1;
1.1 millert 1166: }
1167:
1168: /*
1169: * Abort a http retrieval
1170: */
1.51 deraadt 1171: /* ARGSUSED */
1.177 jca 1172: static void
1.51 deraadt 1173: aborthttp(int signo)
1.1 millert 1174: {
1175:
1176: alarmtimer(0);
1.10 deraadt 1177: fputs("\nhttp fetch aborted.\n", ttyout);
1178: (void)fflush(ttyout);
1.1 millert 1179: longjmp(httpabort, 1);
1180: }
1181:
1182: /*
1.22 deraadt 1183: * Abort a http retrieval
1184: */
1.51 deraadt 1185: /* ARGSUSED */
1.177 jca 1186: static void
1.51 deraadt 1187: abortfile(int signo)
1.22 deraadt 1188: {
1189:
1190: alarmtimer(0);
1191: fputs("\nfile fetch aborted.\n", ttyout);
1192: (void)fflush(ttyout);
1193: longjmp(httpabort, 1);
1194: }
1195:
1196: /*
1.1 millert 1197: * Retrieve multiple files from the command line, transferring
1198: * files of the form "host:path", "ftp://host/path" using the
1199: * ftp protocol, and files of the form "http://host/path" using
1200: * the http protocol.
1.2 millert 1201: * If path has a trailing "/", then return (-1);
1.1 millert 1202: * the path will be cd-ed into and the connection remains open,
1203: * and the function will return -1 (to indicate the connection
1204: * is alive).
1205: * If an error occurs the return value will be the offset+1 in
1206: * argv[] of the file that caused a problem (i.e, argv[x]
1207: * returns x+1)
1208: * Otherwise, 0 is returned if all files retrieved successfully.
1209: */
1210: int
1.50 deraadt 1211: auto_fetch(int argc, char *argv[], char *outfile)
1.1 millert 1212: {
1213: char *xargv[5];
1.62 ray 1214: char *cp, *url, *host, *dir, *file, *portnum;
1215: char *username, *pass, *pathstart;
1.6 millert 1216: char *ftpproxy, *httpproxy;
1.157 deraadt 1217: int rval, xargc, lastfile;
1.14 millert 1218: volatile int argpos;
1.49 krw 1219: int dirhasglob, filehasglob, oautologin;
1.137 deraadt 1220: char rempath[PATH_MAX];
1.1 millert 1221:
1222: argpos = 0;
1223:
1224: if (setjmp(toplevel)) {
1225: if (connected)
1226: disconnect(0, NULL);
1.2 millert 1227: return (argpos + 1);
1.1 millert 1228: }
1.3 millert 1229: (void)signal(SIGINT, (sig_t)intr);
1230: (void)signal(SIGPIPE, (sig_t)lostpeer);
1.1 millert 1231:
1.45 millert 1232: if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0')
1233: ftpproxy = NULL;
1234: if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
1235: httpproxy = NULL;
1.6 millert 1236:
1.1 millert 1237: /*
1238: * Loop through as long as there's files to fetch.
1239: */
1.123 guenther 1240: username = pass = NULL;
1.62 ray 1241: for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) {
1.1 millert 1242: if (strchr(argv[argpos], ':') == NULL)
1243: break;
1.123 guenther 1244:
1245: free(username);
1246: free(pass);
1.62 ray 1247: host = dir = file = portnum = username = pass = NULL;
1.1 millert 1248:
1.157 deraadt 1249: lastfile = (argv[argpos+1] == NULL);
1250:
1.1 millert 1251: /*
1252: * We muck with the string, so we make a copy.
1253: */
1.62 ray 1254: url = strdup(argv[argpos]);
1255: if (url == NULL)
1.1 millert 1256: errx(1, "Can't allocate memory for auto-fetch.");
1257:
1258: /*
1259: * Try HTTP URL-style arguments first.
1260: */
1.62 ray 1261: if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1262: #ifndef NOSSL
1.61 deraadt 1263: /* even if we compiled without SSL, url_get will check */
1.62 ray 1264: strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0 ||
1.154 deraadt 1265: #endif /* !NOSSL */
1.62 ray 1266: strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
1.54 fgsch 1267: redirect_loop = 0;
1.171 jca 1268: retried = 0;
1.157 deraadt 1269: if (url_get(url, httpproxy, outfile, lastfile) == -1)
1.1 millert 1270: rval = argpos + 1;
1271: continue;
1272: }
1273:
1274: /*
1.6 millert 1275: * Try FTP URL-style arguments next. If ftpproxy is
1276: * set, use url_get() instead of standard ftp.
1277: * Finally, try host:file.
1.1 millert 1278: */
1.62 ray 1279: host = url;
1280: if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.37 heko 1281: char *passend, *passagain, *userend;
1.31 itojun 1282:
1.6 millert 1283: if (ftpproxy) {
1.157 deraadt 1284: if (url_get(url, ftpproxy, outfile, lastfile) == -1)
1.6 millert 1285: rval = argpos + 1;
1286: continue;
1287: }
1.1 millert 1288: host += sizeof(FTP_URL) - 1;
1.8 millert 1289: dir = strchr(host, '/');
1.1 millert 1290:
1.8 millert 1291: /* Look for [user:pass@]host[:port] */
1.31 itojun 1292:
1293: /* check if we have "user:pass@" */
1.37 heko 1294: userend = strchr(host, ':');
1.31 itojun 1295: passend = strchr(host, '@');
1296: if (passend && userend && userend < passend &&
1297: (!dir || passend < dir)) {
1.62 ray 1298: username = host;
1.31 itojun 1299: pass = userend + 1;
1300: host = passend + 1;
1301: *userend = *passend = '\0';
1.37 heko 1302: passagain = strchr(host, '@');
1.42 deraadt 1303: if (strchr(pass, '@') != NULL ||
1.37 heko 1304: (passagain != NULL && passagain < dir)) {
1305: warnx(at_encoding_warning);
1.123 guenther 1306: username = pass = NULL;
1.37 heko 1307: goto bad_ftp_url;
1.42 deraadt 1308: }
1.31 itojun 1309:
1.77 martynas 1310: if (EMPTYSTRING(username)) {
1.11 millert 1311: bad_ftp_url:
1.31 itojun 1312: warnx("Invalid URL: %s", argv[argpos]);
1313: rval = argpos + 1;
1.123 guenther 1314: username = pass = NULL;
1.31 itojun 1315: continue;
1316: }
1.62 ray 1317: username = urldecode(username);
1.37 heko 1318: pass = urldecode(pass);
1.8 millert 1319: }
1.31 itojun 1320:
1321: /* check [host]:port, or [host] */
1322: if (host[0] == '[') {
1323: cp = strchr(host, ']');
1324: if (cp && (!dir || cp < dir)) {
1325: if (cp + 1 == dir || cp[1] == ':') {
1326: host++;
1327: *cp++ = '\0';
1328: } else
1329: cp = NULL;
1330: } else
1331: cp = host;
1.25 itojun 1332: } else
1333: cp = host;
1.31 itojun 1334:
1335: /* split off host[:port] if there is */
1336: if (cp) {
1337: portnum = strchr(cp, ':');
1.52 henning 1338: pathstart = strchr(cp, '/');
1339: /* : in path is not a port # indicator */
1340: if (portnum && pathstart &&
1341: pathstart < portnum)
1342: portnum = NULL;
1343:
1.31 itojun 1344: if (!portnum)
1345: ;
1346: else {
1347: if (!dir)
1348: ;
1349: else if (portnum + 1 < dir) {
1350: *portnum++ = '\0';
1351: /*
1352: * XXX should check if portnum
1353: * is decimal number
1354: */
1355: } else {
1356: /* empty portnum */
1357: goto bad_ftp_url;
1358: }
1359: }
1360: } else
1361: portnum = NULL;
1.8 millert 1362: } else { /* classic style `host:file' */
1363: dir = strchr(host, ':');
1364: }
1.1 millert 1365: if (EMPTYSTRING(host)) {
1366: rval = argpos + 1;
1367: continue;
1368: }
1369:
1370: /*
1.9 millert 1371: * If dir is NULL, the file wasn't specified
1.1 millert 1372: * (URL looked something like ftp://host)
1373: */
1.8 millert 1374: if (dir != NULL)
1375: *dir++ = '\0';
1.1 millert 1376:
1377: /*
1378: * Extract the file and (if present) directory name.
1379: */
1.42 deraadt 1380: if (!EMPTYSTRING(dir)) {
1.8 millert 1381: cp = strrchr(dir, '/');
1.1 millert 1382: if (cp != NULL) {
1383: *cp++ = '\0';
1384: file = cp;
1385: } else {
1386: file = dir;
1387: dir = NULL;
1388: }
1389: }
1.80 martynas 1390: #ifndef SMALL
1.1 millert 1391: if (debug)
1.42 deraadt 1392: fprintf(ttyout,
1393: "user %s:%s host %s port %s dir %s file %s\n",
1.76 martynas 1394: username, pass ? "XXXX" : NULL, host, portnum,
1395: dir, file);
1.80 martynas 1396: #endif /* !SMALL */
1.1 millert 1397:
1398: /*
1.49 krw 1399: * Set up the connection.
1.1 millert 1400: */
1.49 krw 1401: if (connected)
1402: disconnect(0, NULL);
1403: xargv[0] = __progname;
1404: xargv[1] = host;
1.8 millert 1405: xargv[2] = NULL;
1.49 krw 1406: xargc = 2;
1407: if (!EMPTYSTRING(portnum)) {
1408: xargv[2] = portnum;
1409: xargv[3] = NULL;
1410: xargc = 3;
1411: }
1412: oautologin = autologin;
1.88 martynas 1413: if (username == NULL)
1.89 halex 1414: anonftp = 1;
1415: else {
1416: anonftp = 0;
1.49 krw 1417: autologin = 0;
1.89 halex 1418: }
1.49 krw 1419: setpeer(xargc, xargv);
1420: autologin = oautologin;
1.87 martynas 1421: if (connected == 0 ||
1422: (connected == 1 && autologin && (username == NULL ||
1423: !ftp_login(host, username, pass)))) {
1.49 krw 1424: warnx("Can't connect or login to host `%s'", host);
1.8 millert 1425: rval = argpos + 1;
1426: continue;
1.1 millert 1427: }
1.49 krw 1428:
1429: /* Always use binary transfers. */
1430: setbinary(0, NULL);
1.1 millert 1431:
1.4 millert 1432: dirhasglob = filehasglob = 0;
1433: if (doglob) {
1.42 deraadt 1434: if (!EMPTYSTRING(dir) &&
1.4 millert 1435: strpbrk(dir, "*?[]{}") != NULL)
1436: dirhasglob = 1;
1.42 deraadt 1437: if (!EMPTYSTRING(file) &&
1.4 millert 1438: strpbrk(file, "*?[]{}") != NULL)
1439: filehasglob = 1;
1440: }
1441:
1.1 millert 1442: /* Change directories, if necessary. */
1.42 deraadt 1443: if (!EMPTYSTRING(dir) && !dirhasglob) {
1.1 millert 1444: xargv[0] = "cd";
1445: xargv[1] = dir;
1446: xargv[2] = NULL;
1447: cd(2, xargv);
1.42 deraadt 1448: if (!dirchange) {
1.1 millert 1449: rval = argpos + 1;
1450: continue;
1451: }
1452: }
1453:
1454: if (EMPTYSTRING(file)) {
1.86 martynas 1455: #ifndef SMALL
1.1 millert 1456: rval = -1;
1.86 martynas 1457: #else /* !SMALL */
1458: recvrequest("NLST", "-", NULL, "w", 0, 0);
1459: rval = 0;
1460: #endif /* !SMALL */
1.1 millert 1461: continue;
1462: }
1463:
1.21 marc 1464: if (verbose)
1.10 deraadt 1465: fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file);
1.1 millert 1466:
1.4 millert 1467: if (dirhasglob) {
1468: snprintf(rempath, sizeof(rempath), "%s/%s", dir, file);
1469: file = rempath;
1470: }
1471:
1472: /* Fetch the file(s). */
1.10 deraadt 1473: xargc = 2;
1.1 millert 1474: xargv[0] = "get";
1475: xargv[1] = file;
1476: xargv[2] = NULL;
1.4 millert 1477: if (dirhasglob || filehasglob) {
1478: int ointeractive;
1479:
1480: ointeractive = interactive;
1481: interactive = 0;
1482: xargv[0] = "mget";
1.78 martynas 1483: #ifndef SMALL
1484: if (resume) {
1485: xargc = 3;
1486: xargv[1] = "-c";
1487: xargv[2] = file;
1488: xargv[3] = NULL;
1489: }
1490: #endif /* !SMALL */
1.10 deraadt 1491: mget(xargc, xargv);
1.5 millert 1492: interactive = ointeractive;
1.10 deraadt 1493: } else {
1.17 millert 1494: if (outfile != NULL) {
1495: xargv[2] = outfile;
1496: xargv[3] = NULL;
1.10 deraadt 1497: xargc++;
1498: }
1.75 martynas 1499: #ifndef SMALL
1500: if (resume)
1501: reget(xargc, xargv);
1502: else
1.78 martynas 1503: #endif /* !SMALL */
1.75 martynas 1504: get(xargc, xargv);
1.10 deraadt 1505: }
1.1 millert 1506:
1.4 millert 1507: if ((code / 100) != COMPLETE)
1.1 millert 1508: rval = argpos + 1;
1509: }
1510: if (connected && rval != -1)
1511: disconnect(0, NULL);
1512: return (rval);
1.37 heko 1513: }
1514:
1515: char *
1.50 deraadt 1516: urldecode(const char *str)
1.37 heko 1517: {
1.53 deraadt 1518: char *ret, c;
1519: int i, reallen;
1.37 heko 1520:
1.53 deraadt 1521: if (str == NULL)
1522: return NULL;
1523: if ((ret = malloc(strlen(str)+1)) == NULL)
1524: err(1, "Can't allocate memory for URL decoding");
1525: for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) {
1526: c = str[i];
1527: if (c == '+') {
1528: *ret = ' ';
1529: continue;
1530: }
1.61 deraadt 1531:
1532: /* Cannot use strtol here because next char
1533: * after %xx may be a digit.
1534: */
1.143 guenther 1535: if (c == '%' && isxdigit((unsigned char)str[i+1]) &&
1536: isxdigit((unsigned char)str[i+2])) {
1.53 deraadt 1537: *ret = hextochar(&str[i+1]);
1538: i+=2;
1539: continue;
1540: }
1541: *ret = c;
1542: }
1543: *ret = '\0';
1544:
1545: return ret-reallen;
1.123 guenther 1546: }
1547:
1.177 jca 1548: static char *
1.123 guenther 1549: recode_credentials(const char *userinfo)
1550: {
1551: char *ui, *creds;
1552: size_t ulen, credsize;
1553:
1554: /* url-decode the user and pass */
1555: ui = urldecode(userinfo);
1556:
1557: ulen = strlen(ui);
1558: credsize = (ulen + 2) / 3 * 4 + 1;
1559: creds = malloc(credsize);
1560: if (creds == NULL)
1561: errx(1, "out of memory");
1562: if (b64_ntop(ui, ulen, creds, credsize) == -1)
1563: errx(1, "error in base64 encoding");
1564: free(ui);
1565: return (creds);
1.37 heko 1566: }
1567:
1.177 jca 1568: static char
1.50 deraadt 1569: hextochar(const char *str)
1.37 heko 1570: {
1.143 guenther 1571: unsigned char c, ret;
1.37 heko 1572:
1.53 deraadt 1573: c = str[0];
1574: ret = c;
1575: if (isalpha(c))
1576: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1577: else
1578: ret -= '0';
1579: ret *= 16;
1580:
1581: c = str[1];
1582: ret += c;
1583: if (isalpha(c))
1584: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1585: else
1586: ret -= '0';
1587: return ret;
1.25 itojun 1588: }
1589:
1590: int
1.50 deraadt 1591: isurl(const char *p)
1.25 itojun 1592: {
1.27 millert 1593:
1.26 deraadt 1594: if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 ||
1595: strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1596: #ifndef NOSSL
1.61 deraadt 1597: strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 ||
1.154 deraadt 1598: #endif /* !NOSSL */
1.27 millert 1599: strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 ||
1600: strstr(p, ":/"))
1601: return (1);
1602: return (0);
1.1 millert 1603: }
1.61 deraadt 1604:
1.177 jca 1605: static char *
1.176 jca 1606: ftp_readline(FILE *fp, size_t *lenp)
1.61 deraadt 1607: {
1.176 jca 1608: return fparseln(fp, lenp, NULL, "\0\0\0", 0);
1.173 jca 1609: }
1610:
1.177 jca 1611: static void
1.173 jca 1612: ftp_close(FILE **fin, struct tls **tls, volatile int *fd)
1613: {
1614: #ifndef NOSSL
1615: int ret;
1616:
1617: if (*tls != NULL) {
1618: if (tls_session_fd != -1)
1619: dprintf(STDERR_FILENO, "tls session resumed: %s\n",
1620: tls_conn_session_resumed(*tls) ? "yes" : "no");
1621: do {
1622: ret = tls_close(*tls);
1623: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1624: tls_free(*tls);
1625: *tls = NULL;
1626: }
1.176 jca 1627: if (*fd != -1) {
1628: close(*fd);
1629: *fd = -1;
1630: }
1.173 jca 1631: #endif
1632: if (*fin != NULL) {
1633: fclose(*fin);
1634: *fin = NULL;
1635: }
1.61 deraadt 1636: }
1637:
1.177 jca 1638: static const char *
1.176 jca 1639: sockerror(struct tls *tls)
1640: {
1641: int save_errno = errno;
1.154 deraadt 1642: #ifndef NOSSL
1.176 jca 1643: if (tls != NULL) {
1644: const char *tlserr = tls_error(tls);
1645: if (tlserr != NULL)
1646: return tlserr;
1.139 bluhm 1647: }
1.176 jca 1648: #endif
1649: return strerror(save_errno);
1.61 deraadt 1650: }
1651:
1.176 jca 1652: #ifndef NOSSL
1.177 jca 1653: static int
1.81 espie 1654: proxy_connect(int socket, char *host, char *cookie)
1.61 deraadt 1655: {
1.66 ray 1656: int l;
1.61 deraadt 1657: char buf[1024];
1658: char *connstr, *hosttail, *port;
1659:
1660: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
1661: (hosttail[1] == '\0' || hosttail[1] == ':')) {
1662: host++;
1663: *hosttail++ = '\0';
1664: } else
1665: hosttail = host;
1666:
1.179 ! deraadt 1667: port = strrchr(hosttail, ':'); /* find portnum */
1.61 deraadt 1668: if (port != NULL)
1669: *port++ = '\0';
1670: if (!port)
1671: port = "443";
1672:
1.81 espie 1673: if (cookie) {
1674: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
1675: "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n",
1676: host, port, cookie, HTTP_USER_AGENT);
1677: } else {
1678: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n",
1679: host, port, HTTP_USER_AGENT);
1680: }
1681:
1.66 ray 1682: if (l == -1)
1.61 deraadt 1683: errx(1, "Could not allocate memory to assemble connect string!");
1.80 martynas 1684: #ifndef SMALL
1.68 ray 1685: if (debug)
1686: printf("%s", connstr);
1.80 martynas 1687: #endif /* !SMALL */
1.66 ray 1688: if (write(socket, connstr, l) != l)
1.68 ray 1689: err(1, "Could not send connect string");
1.61 deraadt 1690: read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */
1.71 ray 1691: free(connstr);
1.61 deraadt 1692: return(200);
1.176 jca 1693: }
1694:
1.177 jca 1695: static int
1.176 jca 1696: stdio_tls_write_wrapper(void *arg, const char *buf, int len)
1697: {
1698: struct tls *tls = arg;
1699: ssize_t ret;
1700:
1701: do {
1702: ret = tls_write(tls, buf, len);
1703: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1704:
1705: return ret;
1706: }
1707:
1.177 jca 1708: static int
1.176 jca 1709: stdio_tls_read_wrapper(void *arg, char *buf, int len)
1710: {
1711: struct tls *tls = arg;
1712: ssize_t ret;
1713:
1714: do {
1715: ret = tls_read(tls, buf, len);
1716: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1717:
1718: return ret;
1.61 deraadt 1719: }
1.158 jca 1720: #endif /* !NOSSL */