Annotation of src/usr.bin/ftp/fetch.c, Revision 1.209
1.209 ! claudio 1: /* $OpenBSD: fetch.c,v 1.208 2021/11/10 07:32:55 kn Exp $ */
1.15 millert 2: /* $NetBSD: fetch.c,v 1.14 1997/08/18 10:20:20 lukem Exp $ */
1.1 millert 3:
4: /*-
5: * Copyright (c) 1997 The NetBSD Foundation, Inc.
6: * All rights reserved.
7: *
8: * This code is derived from software contributed to The NetBSD Foundation
9: * by Jason Thorpe and Luke Mewburn.
10: *
11: * Redistribution and use in source and binary forms, with or without
12: * modification, are permitted provided that the following conditions
13: * are met:
14: * 1. Redistributions of source code must retain the above copyright
15: * notice, this list of conditions and the following disclaimer.
16: * 2. Redistributions in binary form must reproduce the above copyright
17: * notice, this list of conditions and the following disclaimer in the
18: * documentation and/or other materials provided with the distribution.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22: * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
1.15 millert 23: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
1.1 millert 25: * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28: * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29: * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30: * POSSIBILITY OF SUCH DAMAGE.
31: */
32:
33: /*
34: * FTP User Program -- Command line file retrieval
35: */
36:
37: #include <sys/types.h>
38: #include <sys/socket.h>
1.22 deraadt 39: #include <sys/stat.h>
1.1 millert 40:
41: #include <netinet/in.h>
42:
43: #include <arpa/ftp.h>
44: #include <arpa/inet.h>
45:
46: #include <ctype.h>
47: #include <err.h>
1.17 millert 48: #include <libgen.h>
1.1 millert 49: #include <netdb.h>
50: #include <fcntl.h>
1.3 millert 51: #include <signal.h>
1.175 deraadt 52: #include <vis.h>
1.1 millert 53: #include <stdio.h>
1.61 deraadt 54: #include <stdarg.h>
1.19 deraadt 55: #include <errno.h>
1.1 millert 56: #include <stdlib.h>
57: #include <string.h>
58: #include <unistd.h>
1.73 drahn 59: #include <resolv.h>
1.200 robert 60: #include <utime.h>
1.1 millert 61:
1.154 deraadt 62: #ifndef NOSSL
1.134 jsing 63: #include <tls.h>
1.154 deraadt 64: #else /* !NOSSL */
1.134 jsing 65: struct tls;
1.154 deraadt 66: #endif /* !NOSSL */
1.61 deraadt 67:
1.1 millert 68: #include "ftp_var.h"
1.86 martynas 69: #include "cmds.h"
1.1 millert 70:
1.186 jca 71: static int file_get(const char *, const char *);
1.157 deraadt 72: static int url_get(const char *, const char *, const char *, int);
1.178 jca 73: static int save_chunked(FILE *, struct tls *, int , char *, size_t);
1.177 jca 74: static void aborthttp(int);
75: static char hextochar(const char *);
76: static char *urldecode(const char *);
77: static char *recode_credentials(const char *_userinfo);
1.189 jca 78: static void ftp_close(FILE **, struct tls **, int *);
1.177 jca 79: static const char *sockerror(struct tls *);
1.184 jca 80: #ifdef SMALL
81: #define ftp_printf(fp, ...) fprintf(fp, __VA_ARGS__)
82: #else
83: static int ftp_printf(FILE *, const char *, ...);
84: #endif /* SMALL */
1.158 jca 85: #ifndef NOSSL
1.177 jca 86: static int proxy_connect(int, char *, char *);
87: static int stdio_tls_write_wrapper(void *, const char *, int);
88: static int stdio_tls_read_wrapper(void *, char *, int);
1.158 jca 89: #endif /* !NOSSL */
1.14 millert 90:
1.1 millert 91: #define FTP_URL "ftp://" /* ftp URL prefix */
92: #define HTTP_URL "http://" /* http URL prefix */
1.61 deraadt 93: #define HTTPS_URL "https://" /* https URL prefix */
1.22 deraadt 94: #define FILE_URL "file:" /* file URL prefix */
1.6 millert 95: #define FTP_PROXY "ftp_proxy" /* env var with ftp proxy location */
1.1 millert 96: #define HTTP_PROXY "http_proxy" /* env var with http proxy location */
97:
98: #define EMPTYSTRING(x) ((x) == NULL || (*(x) == '\0'))
99:
1.110 guenther 100: static const char at_encoding_warning[] =
1.53 deraadt 101: "Extra `@' characters in usernames and passwords should be encoded as %%40";
1.37 heko 102:
1.177 jca 103: static jmp_buf httpabort;
1.1 millert 104:
1.54 fgsch 105: static int redirect_loop;
1.171 jca 106: static int retried;
1.54 fgsch 107:
1.1 millert 108: /*
1.206 kn 109: * Determine whether the character needs encoding, per RFC2396.
1.95 martynas 110: */
111: static int
1.206 kn 112: to_encode(const char *c0)
1.95 martynas 113: {
1.206 kn 114: /* 2.4.3. Excluded US-ASCII Characters */
115: const char *excluded_chars =
116: " " /* space */
117: "<>#\"" /* delims (modulo "%", see below) */
118: "{}|\\^[]`" /* unwise */
119: ;
1.138 jca 120: const unsigned char *c = (const unsigned char *)c0;
1.95 martynas 121:
122: /*
123: * No corresponding graphic US-ASCII.
124: * Control characters and octets not used in US-ASCII.
125: */
126: return (iscntrl(*c) || !isascii(*c) ||
127:
128: /*
1.206 kn 129: * '%' is also reserved, if is not followed by two
1.95 martynas 130: * hexadecimal digits.
131: */
1.206 kn 132: strchr(excluded_chars, *c) != NULL ||
1.204 deraadt 133: (*c == '%' && (!isxdigit(c[1]) || !isxdigit(c[2]))));
1.95 martynas 134: }
135:
136: /*
1.206 kn 137: * Encode given URL, per RFC2396.
1.95 martynas 138: * Allocate and return string to the caller.
139: */
140: static char *
141: url_encode(const char *path)
142: {
143: size_t i, length, new_length;
144: char *epath, *epathp;
145:
146: length = new_length = strlen(path);
147:
148: /*
149: * First pass:
1.206 kn 150: * Count characters to encode and determine length of the final URL.
1.95 martynas 151: */
152: for (i = 0; i < length; i++)
1.206 kn 153: if (to_encode(path + i))
1.95 martynas 154: new_length += 2;
155:
156: epath = epathp = malloc(new_length + 1); /* One more for '\0'. */
157: if (epath == NULL)
1.102 halex 158: err(1, "Can't allocate memory for URL encoding");
1.95 martynas 159:
160: /*
161: * Second pass:
162: * Encode, and copy final URL.
163: */
164: for (i = 0; i < length; i++)
1.206 kn 165: if (to_encode(path + i)) {
1.138 jca 166: snprintf(epathp, 4, "%%" "%02x",
167: (unsigned char)path[i]);
1.95 martynas 168: epathp += 3;
169: } else
170: *(epathp++) = path[i];
171:
172: *epathp = '\0';
173: return (epath);
174: }
175:
1.155 deraadt 176: /* ARGSUSED */
177: static void
178: tooslow(int signo)
179: {
180: dprintf(STDERR_FILENO, "%s: connect taking too long\n", __progname);
181: _exit(2);
182: }
183:
1.95 martynas 184: /*
1.186 jca 185: * Copy a local file (used by the OpenBSD installer).
186: * Returns -1 on failure, 0 on success
187: */
188: static int
189: file_get(const char *path, const char *outfile)
190: {
191: struct stat st;
1.195 jca 192: int fd, out = -1, rval = -1, save_errno;
1.186 jca 193: volatile sig_t oldintr, oldinti;
194: const char *savefile;
1.198 naddy 195: char *buf = NULL, *cp, *pathbuf = NULL;
1.186 jca 196: const size_t buflen = 128 * 1024;
197: off_t hashbytes;
198: ssize_t len, wlen;
199:
200: direction = "received";
201:
202: fd = open(path, O_RDONLY);
203: if (fd == -1) {
204: warn("Can't open file %s", path);
205: return -1;
206: }
207:
208: if (fstat(fd, &st) == -1)
209: filesize = -1;
210: else
211: filesize = st.st_size;
212:
213: if (outfile != NULL)
214: savefile = outfile;
215: else {
216: if (path[strlen(path) - 1] == '/') /* Consider no file */
217: savefile = NULL; /* after dir invalid. */
1.198 naddy 218: else {
219: pathbuf = strdup(path);
220: if (pathbuf == NULL)
221: errx(1, "Can't allocate memory for filename");
222: savefile = basename(pathbuf);
223: }
1.186 jca 224: }
225:
226: if (EMPTYSTRING(savefile)) {
227: warnx("No filename after directory (use -o): %s", path);
228: goto cleanup_copy;
229: }
230:
231: /* Open the output file. */
232: if (!pipeout) {
233: out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666);
234: if (out == -1) {
235: warn("Can't open %s", savefile);
236: goto cleanup_copy;
237: }
238: } else
239: out = fileno(stdout);
240:
241: if ((buf = malloc(buflen)) == NULL)
242: errx(1, "Can't allocate memory for transfer buffer");
243:
244: /* Trap signals */
245: oldintr = NULL;
246: oldinti = NULL;
247: if (setjmp(httpabort)) {
248: if (oldintr)
249: (void)signal(SIGINT, oldintr);
250: if (oldinti)
251: (void)signal(SIGINFO, oldinti);
252: goto cleanup_copy;
253: }
1.197 kn 254: oldintr = signal(SIGINT, aborthttp);
1.186 jca 255:
256: bytes = 0;
257: hashbytes = mark;
258: progressmeter(-1, path);
259:
260: /* Finally, suck down the file. */
261: oldinti = signal(SIGINFO, psummary);
262: while ((len = read(fd, buf, buflen)) > 0) {
263: bytes += len;
264: for (cp = buf; len > 0; len -= wlen, cp += wlen) {
265: if ((wlen = write(out, cp, len)) == -1) {
266: warn("Writing %s", savefile);
1.196 jca 267: signal(SIGINT, oldintr);
1.186 jca 268: signal(SIGINFO, oldinti);
269: goto cleanup_copy;
270: }
271: }
272: if (hash && !progress) {
273: while (bytes >= hashbytes) {
274: (void)putc('#', ttyout);
275: hashbytes += mark;
276: }
277: (void)fflush(ttyout);
278: }
279: }
280: save_errno = errno;
1.196 jca 281: signal(SIGINT, oldintr);
1.186 jca 282: signal(SIGINFO, oldinti);
283: if (hash && !progress && bytes > 0) {
284: if (bytes < mark)
285: (void)putc('#', ttyout);
286: (void)putc('\n', ttyout);
287: (void)fflush(ttyout);
288: }
289: if (len == -1) {
290: warnc(save_errno, "Reading from file");
291: goto cleanup_copy;
292: }
293: progressmeter(1, NULL);
294: if (verbose)
295: ptransfer(0);
296:
297: rval = 0;
298:
299: cleanup_copy:
300: free(buf);
1.198 naddy 301: free(pathbuf);
1.186 jca 302: if (out >= 0 && out != fileno(stdout))
303: close(out);
304: close(fd);
305:
306: return rval;
307: }
308:
309: /*
1.6 millert 310: * Retrieve URL, via the proxy in $proxyvar if necessary.
1.1 millert 311: * Returns -1 on failure, 0 on success
312: */
1.14 millert 313: static int
1.157 deraadt 314: url_get(const char *origline, const char *proxyenv, const char *outfile, int lastfile)
1.1 millert 315: {
1.69 jsg 316: char pbuf[NI_MAXSERV], hbuf[NI_MAXHOST], *cp, *portnum, *path, ststr[4];
1.62 ray 317: char *hosttail, *cause = "unknown", *newline, *host, *port, *buf = NULL;
1.175 deraadt 318: char *epath, *redirurl, *loctail, *h, *p, gerror[200];
1.189 jca 319: int error, isftpurl = 0, isredirect = 0, rval = -1;
1.172 jca 320: int isunavail = 0, retryafter = -1;
1.152 krw 321: struct addrinfo hints, *res0, *res;
1.189 jca 322: const char *savefile;
1.198 naddy 323: char *pathbuf = NULL;
1.189 jca 324: char *proxyurl = NULL;
1.190 yasuoka 325: char *credentials = NULL, *proxy_credentials = NULL;
1.189 jca 326: int fd = -1, out = -1;
1.97 martynas 327: volatile sig_t oldintr, oldinti;
1.53 deraadt 328: FILE *fin = NULL;
1.1 millert 329: off_t hashbytes;
1.58 grunk 330: const char *errstr;
1.114 tedu 331: ssize_t len, wlen;
1.201 naddy 332: size_t bufsize;
1.136 bluhm 333: char *proxyhost = NULL;
1.154 deraadt 334: #ifndef NOSSL
1.61 deraadt 335: char *sslpath = NULL, *sslhost = NULL;
1.193 jca 336: int ishttpsurl = 0;
1.159 krw 337: #endif /* !NOSSL */
338: #ifndef SMALL
1.181 jca 339: char *full_host = NULL;
340: const char *scheme;
1.159 krw 341: char *locbase;
1.152 krw 342: struct addrinfo *ares = NULL;
1.200 robert 343: char tmbuf[32];
344: time_t mtime = 0;
345: struct stat stbuf;
346: struct tm lmt = { 0 };
347: struct timespec ts[2];
1.181 jca 348: #endif /* !SMALL */
1.134 jsing 349: struct tls *tls = NULL;
1.70 deraadt 350: int status;
1.105 haesbaer 351: int save_errno;
1.113 tedu 352: const size_t buflen = 128 * 1024;
1.178 jca 353: int chunked = 0;
1.14 millert 354:
1.97 martynas 355: direction = "received";
356:
1.62 ray 357: newline = strdup(origline);
358: if (newline == NULL)
1.14 millert 359: errx(1, "Can't allocate memory to parse URL");
1.102 halex 360: if (strncasecmp(newline, HTTP_URL, sizeof(HTTP_URL) - 1) == 0) {
1.62 ray 361: host = newline + sizeof(HTTP_URL) - 1;
1.102 halex 362: #ifndef SMALL
363: scheme = HTTP_URL;
364: #endif /* !SMALL */
365: } else if (strncasecmp(newline, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.62 ray 366: host = newline + sizeof(FTP_URL) - 1;
1.14 millert 367: isftpurl = 1;
1.102 halex 368: #ifndef SMALL
369: scheme = FTP_URL;
370: #endif /* !SMALL */
1.183 jca 371: } else if (strncasecmp(newline, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0) {
1.154 deraadt 372: #ifndef NOSSL
1.62 ray 373: host = newline + sizeof(HTTPS_URL) - 1;
1.61 deraadt 374: ishttpsurl = 1;
1.183 jca 375: #else
376: errx(1, "%s: No HTTPS support", newline);
377: #endif /* !NOSSL */
1.181 jca 378: #ifndef SMALL
1.102 halex 379: scheme = HTTPS_URL;
1.181 jca 380: #endif /* !SMALL */
1.14 millert 381: } else
1.186 jca 382: errx(1, "%s: URL not permitted", newline);
1.6 millert 383:
1.186 jca 384: path = strchr(host, '/'); /* Find path */
1.191 jca 385:
386: /*
387: * Look for auth header in host.
388: * Basic auth from RFC 2617, valid characters for path are in
389: * RFC 3986 section 3.3.
390: */
1.193 jca 391: if (!isftpurl) {
1.191 jca 392: p = strchr(host, '@');
393: if (p != NULL && (path == NULL || p < path)) {
394: *p++ = '\0';
395: credentials = recode_credentials(host);
396:
397: /* Overwrite userinfo */
398: memmove(host, p, strlen(p) + 1);
399: path = strchr(host, '/');
400: }
401: }
402:
1.186 jca 403: if (EMPTYSTRING(path)) {
404: if (outfile) { /* No slash, but */
405: path = strchr(host,'\0'); /* we have outfile. */
406: goto noslash;
1.22 deraadt 407: }
1.186 jca 408: if (isftpurl)
409: goto noftpautologin;
410: warnx("No `/' after host (use -o): %s", origline);
411: goto cleanup_url_get;
412: }
413: *path++ = '\0';
414: if (EMPTYSTRING(path) && !outfile) {
415: if (isftpurl)
416: goto noftpautologin;
417: warnx("No filename after host (use -o): %s", origline);
418: goto cleanup_url_get;
1.14 millert 419: }
1.1 millert 420:
1.93 martynas 421: noslash:
1.17 millert 422: if (outfile)
423: savefile = outfile;
1.93 martynas 424: else {
425: if (path[strlen(path) - 1] == '/') /* Consider no file */
426: savefile = NULL; /* after dir invalid. */
1.198 naddy 427: else {
428: pathbuf = strdup(path);
429: if (pathbuf == NULL)
430: errx(1, "Can't allocate memory for filename");
431: savefile = basename(pathbuf);
432: }
1.75 martynas 433: }
434:
1.14 millert 435: if (EMPTYSTRING(savefile)) {
436: if (isftpurl)
437: goto noftpautologin;
1.94 martynas 438: warnx("No filename after directory (use -o): %s", origline);
1.6 millert 439: goto cleanup_url_get;
1.14 millert 440: }
1.1 millert 441:
1.93 martynas 442: #ifndef SMALL
1.100 halex 443: if (resume && pipeout) {
1.93 martynas 444: warnx("can't append to stdout");
445: goto cleanup_url_get;
446: }
447: #endif /* !SMALL */
448:
1.186 jca 449: if (proxyenv != NULL) { /* use proxy */
1.154 deraadt 450: #ifndef NOSSL
1.61 deraadt 451: if (ishttpsurl) {
452: sslpath = strdup(path);
453: sslhost = strdup(host);
454: if (! sslpath || ! sslhost)
455: errx(1, "Can't allocate memory for https path/host.");
456: }
1.154 deraadt 457: #endif /* !NOSSL */
1.136 bluhm 458: proxyhost = strdup(host);
459: if (proxyhost == NULL)
460: errx(1, "Can't allocate memory for proxy host.");
1.62 ray 461: proxyurl = strdup(proxyenv);
462: if (proxyurl == NULL)
1.14 millert 463: errx(1, "Can't allocate memory for proxy URL.");
1.62 ray 464: if (strncasecmp(proxyurl, HTTP_URL, sizeof(HTTP_URL) - 1) == 0)
465: host = proxyurl + sizeof(HTTP_URL) - 1;
466: else if (strncasecmp(proxyurl, FTP_URL, sizeof(FTP_URL) - 1) == 0)
467: host = proxyurl + sizeof(FTP_URL) - 1;
1.6 millert 468: else {
1.14 millert 469: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 470: goto cleanup_url_get;
471: }
1.14 millert 472: if (EMPTYSTRING(host)) {
473: warnx("Malformed proxy URL: %s", proxyenv);
1.6 millert 474: goto cleanup_url_get;
1.14 millert 475: }
1.93 martynas 476: if (*--path == '\0')
477: *path = '/'; /* add / back to real path */
1.1 millert 478: path = strchr(host, '/'); /* remove trailing / on host */
1.42 deraadt 479: if (!EMPTYSTRING(path))
1.73 drahn 480: *path++ = '\0'; /* i guess this ++ is useless */
481:
482: path = strchr(host, '@'); /* look for credentials in proxy */
483: if (!EMPTYSTRING(path)) {
1.81 espie 484: *path = '\0';
1.123 guenther 485: if (strchr(host, ':') == NULL) {
1.73 drahn 486: warnx("Malformed proxy URL: %s", proxyenv);
487: goto cleanup_url_get;
488: }
1.190 yasuoka 489: proxy_credentials = recode_credentials(host);
1.81 espie 490: *path = '@'; /* restore @ in proxyurl */
1.123 guenther 491:
1.73 drahn 492: /*
1.81 espie 493: * This removes the password from proxyurl,
1.73 drahn 494: * filling with stars
495: */
1.81 espie 496: for (host = 1 + strchr(proxyurl + 5, ':'); *host != '@';
1.179 deraadt 497: host++)
1.73 drahn 498: *host = '*';
499:
1.81 espie 500: host = path + 1;
1.73 drahn 501: }
1.123 guenther 502:
1.62 ray 503: path = newline;
1.1 millert 504: }
505:
1.28 itojun 506: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
507: (hosttail[1] == '\0' || hosttail[1] == ':')) {
508: host++;
509: *hosttail++ = '\0';
1.102 halex 510: #ifndef SMALL
511: if (asprintf(&full_host, "[%s]", host) == -1)
512: errx(1, "Cannot allocate memory for hostname");
513: #endif /* !SMALL */
1.28 itojun 514: } else
515: hosttail = host;
516:
517: portnum = strrchr(hosttail, ':'); /* find portnum */
1.1 millert 518: if (portnum != NULL)
519: *portnum++ = '\0';
1.154 deraadt 520: #ifndef NOSSL
1.150 millert 521: port = portnum ? portnum : (ishttpsurl ? httpsport : httpport);
1.154 deraadt 522: #else /* !NOSSL */
1.150 millert 523: port = portnum ? portnum : httpport;
1.154 deraadt 524: #endif /* !NOSSL */
1.1 millert 525:
1.80 martynas 526: #ifndef SMALL
1.102 halex 527: if (full_host == NULL)
528: if ((full_host = strdup(host)) == NULL)
529: errx(1, "Cannot allocate memory for hostname");
1.1 millert 530: if (debug)
1.106 haesbaer 531: fprintf(ttyout, "host %s, port %s, path %s, "
1.150 millert 532: "save as %s, auth %s.\n", host, port, path,
533: savefile, credentials ? credentials : "none");
1.80 martynas 534: #endif /* !SMALL */
1.1 millert 535:
1.25 itojun 536: memset(&hints, 0, sizeof(hints));
1.39 deraadt 537: hints.ai_family = family;
1.25 itojun 538: hints.ai_socktype = SOCK_STREAM;
539: error = getaddrinfo(host, port, &hints, &res0);
1.61 deraadt 540: /*
541: * If the services file is corrupt/missing, fall back
542: * on our hard-coded defines.
543: */
1.30 deraadt 544: if (error == EAI_SERVICE && port == httpport) {
545: snprintf(pbuf, sizeof(pbuf), "%d", HTTP_PORT);
546: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 547: #ifndef NOSSL
1.61 deraadt 548: } else if (error == EAI_SERVICE && port == httpsport) {
549: snprintf(pbuf, sizeof(pbuf), "%d", HTTPS_PORT);
550: error = getaddrinfo(host, pbuf, &hints, &res0);
1.154 deraadt 551: #endif /* !NOSSL */
1.30 deraadt 552: }
1.25 itojun 553: if (error) {
1.122 guenther 554: warnx("%s: %s", host, gai_strerror(error));
1.25 itojun 555: goto cleanup_url_get;
1.1 millert 556: }
557:
1.105 haesbaer 558: #ifndef SMALL
559: if (srcaddr) {
560: hints.ai_flags |= AI_NUMERICHOST;
561: error = getaddrinfo(srcaddr, NULL, &hints, &ares);
562: if (error) {
1.122 guenther 563: warnx("%s: %s", srcaddr, gai_strerror(error));
1.105 haesbaer 564: goto cleanup_url_get;
565: }
566: }
567: #endif /* !SMALL */
1.135 deraadt 568:
569: /* ensure consistent order of the output */
570: if (verbose)
571: setvbuf(ttyout, NULL, _IOLBF, 0);
1.105 haesbaer 572:
1.166 procter 573: fd = -1;
1.25 itojun 574: for (res = res0; res; res = res->ai_next) {
1.44 itojun 575: if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
576: sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
577: strlcpy(hbuf, "(unknown)", sizeof(hbuf));
1.41 deraadt 578: if (verbose)
1.44 itojun 579: fprintf(ttyout, "Trying %s...\n", hbuf);
1.14 millert 580:
1.166 procter 581: fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
582: if (fd == -1) {
1.25 itojun 583: cause = "socket";
584: continue;
1.1 millert 585: }
586:
1.105 haesbaer 587: #ifndef SMALL
588: if (srcaddr) {
589: if (ares->ai_family != res->ai_family) {
1.166 procter 590: close(fd);
591: fd = -1;
1.105 haesbaer 592: errno = EINVAL;
593: cause = "bind";
594: continue;
595: }
1.170 deraadt 596: if (bind(fd, ares->ai_addr, ares->ai_addrlen) == -1) {
1.105 haesbaer 597: save_errno = errno;
1.166 procter 598: close(fd);
1.105 haesbaer 599: errno = save_errno;
1.166 procter 600: fd = -1;
1.105 haesbaer 601: cause = "bind";
602: continue;
603: }
604: }
605: #endif /* !SMALL */
606:
1.155 deraadt 607: if (connect_timeout) {
608: (void)signal(SIGALRM, tooslow);
609: alarmtimer(connect_timeout);
610: }
611:
1.166 procter 612: for (error = connect(fd, res->ai_addr, res->ai_addrlen);
613: error != 0 && errno == EINTR; error = connect_wait(fd))
1.149 millert 614: continue;
615: if (error != 0) {
1.57 otto 616: save_errno = errno;
1.166 procter 617: close(fd);
1.57 otto 618: errno = save_errno;
1.166 procter 619: fd = -1;
1.25 itojun 620: cause = "connect";
1.19 deraadt 621: continue;
622: }
1.25 itojun 623:
1.29 itojun 624: /* get port in numeric */
625: if (getnameinfo(res->ai_addr, res->ai_addrlen, NULL, 0,
626: pbuf, sizeof(pbuf), NI_NUMERICSERV) == 0)
627: port = pbuf;
628: else
629: port = NULL;
630:
1.158 jca 631: #ifndef NOSSL
1.61 deraadt 632: if (proxyenv && sslhost)
1.190 yasuoka 633: proxy_connect(fd, sslhost, proxy_credentials);
1.158 jca 634: #endif /* !NOSSL */
1.25 itojun 635: break;
636: }
637: freeaddrinfo(res0);
1.105 haesbaer 638: #ifndef SMALL
639: if (srcaddr)
640: freeaddrinfo(ares);
641: #endif /* !SMALL */
1.166 procter 642: if (fd < 0) {
1.33 millert 643: warn("%s", cause);
1.6 millert 644: goto cleanup_url_get;
1.1 millert 645: }
646:
1.154 deraadt 647: #ifndef NOSSL
1.61 deraadt 648: if (ishttpsurl) {
1.187 beck 649: ssize_t ret;
1.61 deraadt 650: if (proxyenv && sslpath) {
651: ishttpsurl = 0;
1.62 ray 652: proxyurl = NULL;
1.61 deraadt 653: path = sslpath;
654: }
1.131 jca 655: if (sslhost == NULL) {
656: sslhost = strdup(host);
657: if (sslhost == NULL)
658: errx(1, "Can't allocate memory for https host.");
1.116 jca 659: }
1.134 jsing 660: if ((tls = tls_client()) == NULL) {
1.126 jsing 661: fprintf(ttyout, "failed to create SSL client\n");
1.61 deraadt 662: goto cleanup_url_get;
663: }
1.134 jsing 664: if (tls_configure(tls, tls_config) != 0) {
1.187 beck 665: fprintf(ttyout, "TLS configuration failure: %s\n",
1.134 jsing 666: tls_error(tls));
1.61 deraadt 667: goto cleanup_url_get;
1.117 jca 668: }
1.166 procter 669: if (tls_connect_socket(tls, fd, sslhost) != 0) {
1.187 beck 670: fprintf(ttyout, "TLS connect failure: %s\n", tls_error(tls));
1.72 ray 671: goto cleanup_url_get;
1.118 jca 672: }
1.187 beck 673: do {
674: ret = tls_handshake(tls);
675: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
676: if (ret != 0) {
677: fprintf(ttyout, "TLS handshake failure: %s\n", tls_error(tls));
1.176 jca 678: goto cleanup_url_get;
679: }
680: fin = funopen(tls, stdio_tls_read_wrapper,
681: stdio_tls_write_wrapper, NULL, NULL);
1.61 deraadt 682: } else {
1.166 procter 683: fin = fdopen(fd, "r+");
684: fd = -1;
1.61 deraadt 685: }
1.154 deraadt 686: #else /* !NOSSL */
1.166 procter 687: fin = fdopen(fd, "r+");
688: fd = -1;
1.154 deraadt 689: #endif /* !NOSSL */
1.155 deraadt 690:
1.157 deraadt 691: #ifdef SMALL
692: if (lastfile) {
693: if (pipeout) {
694: if (pledge("stdio rpath inet dns tty", NULL) == -1)
695: err(1, "pledge");
696: } else {
697: if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1)
698: err(1, "pledge");
699: }
700: }
701: #endif
702:
1.155 deraadt 703: if (connect_timeout) {
704: signal(SIGALRM, SIG_DFL);
705: alarmtimer(0);
706: }
1.40 fgsch 707:
1.1 millert 708: /*
1.40 fgsch 709: * Construct and send the request. Proxy requests don't want leading /.
1.1 millert 710: */
1.154 deraadt 711: #ifndef NOSSL
1.74 pyr 712: cookie_get(host, path, ishttpsurl, &buf);
1.154 deraadt 713: #endif /* !NOSSL */
1.95 martynas 714:
715: epath = url_encode(path);
1.62 ray 716: if (proxyurl) {
1.151 millert 717: if (verbose) {
718: fprintf(ttyout, "Requesting %s (via %s)\n",
1.208 kn 719: origline, proxyurl);
1.151 millert 720: }
1.32 itojun 721: /*
722: * Host: directive must use the destination host address for
1.136 bluhm 723: * the original URI (path).
1.32 itojun 724: */
1.190 yasuoka 725: ftp_printf(fin, "GET %s HTTP/1.1\r\n"
726: "Connection: close\r\n"
727: "Host: %s\r\n%s%s\r\n",
728: epath, proxyhost, buf ? buf : "", httpuseragent);
1.123 guenther 729: if (credentials)
1.190 yasuoka 730: ftp_printf(fin, "Authorization: Basic %s\r\n",
731: credentials);
732: if (proxy_credentials)
733: ftp_printf(fin, "Proxy-Authorization: Basic %s\r\n",
734: proxy_credentials);
735: ftp_printf(fin, "\r\n");
1.28 itojun 736: } else {
1.208 kn 737: if (verbose)
738: fprintf(ttyout, "Requesting %s\n", origline);
1.207 kn 739: #ifndef SMALL
1.200 robert 740: if (resume || timestamp) {
741: if (stat(savefile, &stbuf) == 0) {
742: if (resume)
743: restart_point = stbuf.st_size;
744: if (timestamp)
745: mtime = stbuf.st_mtime;
746: } else {
1.90 martynas 747: restart_point = 0;
1.200 robert 748: mtime = 0;
749: }
1.90 martynas 750: }
1.154 deraadt 751: #endif /* SMALL */
1.194 jca 752: ftp_printf(fin,
753: "GET /%s HTTP/1.1\r\n"
754: "Connection: close\r\n"
755: "Host: ", epath);
1.136 bluhm 756: if (proxyhost) {
1.184 jca 757: ftp_printf(fin, "%s", proxyhost);
1.136 bluhm 758: port = NULL;
759: } else if (strchr(host, ':')) {
1.55 fgsch 760: /*
761: * strip off scoped address portion, since it's
762: * local to node
763: */
1.32 itojun 764: h = strdup(host);
765: if (h == NULL)
766: errx(1, "Can't allocate memory.");
767: if ((p = strchr(h, '%')) != NULL)
768: *p = '\0';
1.184 jca 769: ftp_printf(fin, "[%s]", h);
1.32 itojun 770: free(h);
1.55 fgsch 771: } else
1.184 jca 772: ftp_printf(fin, "%s", host);
1.55 fgsch 773:
774: /*
775: * Send port number only if it's specified and does not equal
776: * 80. Some broken HTTP servers get confused if you explicitly
777: * send them the port number.
778: */
1.154 deraadt 779: #ifndef NOSSL
1.61 deraadt 780: if (port && strcmp(port, (ishttpsurl ? "443" : "80")) != 0)
1.184 jca 781: ftp_printf(fin, ":%s", port);
1.90 martynas 782: if (restart_point)
1.184 jca 783: ftp_printf(fin, "\r\nRange: bytes=%lld-",
1.75 martynas 784: (long long)restart_point);
1.154 deraadt 785: #else /* !NOSSL */
1.55 fgsch 786: if (port && strcmp(port, "80") != 0)
1.184 jca 787: ftp_printf(fin, ":%s", port);
1.154 deraadt 788: #endif /* !NOSSL */
1.200 robert 789:
790: #ifndef SMALL
791: if (mtime && (http_time(mtime, tmbuf, sizeof(tmbuf)) != 0))
792: ftp_printf(fin, "\r\nIf-Modified-Since: %s", tmbuf);
793: #endif /* SMALL */
794:
1.194 jca 795: ftp_printf(fin, "\r\n%s%s\r\n",
1.124 lteo 796: buf ? buf : "", httpuseragent);
1.194 jca 797: if (credentials)
798: ftp_printf(fin, "Authorization: Basic %s\r\n",
799: credentials);
800: ftp_printf(fin, "\r\n");
1.28 itojun 801: }
1.95 martynas 802: free(epath);
1.74 pyr 803:
1.154 deraadt 804: #ifndef NOSSL
1.74 pyr 805: free(buf);
1.156 tb 806: #endif /* !NOSSL */
1.74 pyr 807: buf = NULL;
1.201 naddy 808: bufsize = 0;
1.74 pyr 809:
1.176 jca 810: if (fflush(fin) == EOF) {
811: warnx("Writing HTTP request: %s", sockerror(tls));
1.6 millert 812: goto cleanup_url_get;
1.1 millert 813: }
1.201 naddy 814: if ((len = getline(&buf, &bufsize, fin)) == -1) {
1.176 jca 815: warnx("Receiving HTTP reply: %s", sockerror(tls));
1.40 fgsch 816: goto cleanup_url_get;
1.1 millert 817: }
1.40 fgsch 818:
819: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
820: buf[--len] = '\0';
1.80 martynas 821: #ifndef SMALL
1.40 fgsch 822: if (debug)
823: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 824: #endif /* !SMALL */
1.40 fgsch 825:
1.1 millert 826: cp = strchr(buf, ' ');
827: if (cp == NULL)
828: goto improper;
829: else
830: cp++;
1.69 jsg 831:
832: strlcpy(ststr, cp, sizeof(ststr));
1.171 jca 833: status = strtonum(ststr, 200, 503, &errstr);
1.69 jsg 834: if (errstr) {
1.175 deraadt 835: strnvis(gerror, cp, sizeof gerror, VIS_SAFE);
836: warnx("Error retrieving %s: %s", origline, gerror);
1.69 jsg 837: goto cleanup_url_get;
838: }
839:
840: switch (status) {
841: case 200: /* OK */
1.75 martynas 842: #ifndef SMALL
1.109 sthen 843: /*
1.98 phessler 844: * When we request a partial file, and we receive an HTTP 200
845: * it is a good indication that the server doesn't support
846: * range requests, and is about to send us the entire file.
847: * If the restart_point == 0, then we are not actually
848: * requesting a partial file, and an HTTP 200 is appropriate.
849: */
850: if (resume && restart_point != 0) {
851: warnx("Server does not support resume.");
852: restart_point = resume = 0;
853: }
1.101 halex 854: /* FALLTHROUGH */
1.75 martynas 855: case 206: /* Partial Content */
1.91 halex 856: #endif /* !SMALL */
1.69 jsg 857: break;
858: case 301: /* Moved Permanently */
859: case 302: /* Found */
860: case 303: /* See Other */
861: case 307: /* Temporary Redirect */
1.199 chrisz 862: case 308: /* Permanent Redirect (RFC 7538) */
1.40 fgsch 863: isredirect++;
1.54 fgsch 864: if (redirect_loop++ > 10) {
865: warnx("Too many redirections requested");
866: goto cleanup_url_get;
867: }
1.69 jsg 868: break;
1.75 martynas 869: #ifndef SMALL
1.200 robert 870: case 304: /* Not Modified */
871: warnx("File is not modified on the server");
872: goto cleanup_url_get;
1.75 martynas 873: case 416: /* Requested Range Not Satisfiable */
874: warnx("File is already fully retrieved.");
875: goto cleanup_url_get;
1.78 martynas 876: #endif /* !SMALL */
1.171 jca 877: case 503:
1.172 jca 878: isunavail = 1;
879: break;
1.69 jsg 880: default:
1.175 deraadt 881: strnvis(gerror, cp, sizeof gerror, VIS_SAFE);
882: warnx("Error retrieving %s: %s", origline, gerror);
1.6 millert 883: goto cleanup_url_get;
1.1 millert 884: }
885:
886: /*
887: * Read the rest of the header.
888: */
1.40 fgsch 889: filesize = -1;
890:
1.62 ray 891: for (;;) {
1.201 naddy 892: if ((len = getline(&buf, &bufsize, fin)) == -1) {
1.176 jca 893: warnx("Receiving HTTP reply: %s", sockerror(tls));
1.40 fgsch 894: goto cleanup_url_get;
895: }
1.61 deraadt 896:
1.40 fgsch 897: while (len > 0 && (buf[len-1] == '\r' || buf[len-1] == '\n'))
898: buf[--len] = '\0';
899: if (len == 0)
1.1 millert 900: break;
1.80 martynas 901: #ifndef SMALL
1.40 fgsch 902: if (debug)
903: fprintf(ttyout, "received '%s'\n", buf);
1.80 martynas 904: #endif /* !SMALL */
1.1 millert 905:
1.40 fgsch 906: /* Look for some headers */
907: cp = buf;
1.209 ! claudio 908: #define CONTENTLEN "Content-Length:"
1.40 fgsch 909: if (strncasecmp(cp, CONTENTLEN, sizeof(CONTENTLEN) - 1) == 0) {
910: cp += sizeof(CONTENTLEN) - 1;
1.209 ! claudio 911: cp += strspn(cp, " \t");
! 912: cp[strcspn(cp, " \t")] = '\0';
1.58 grunk 913: filesize = strtonum(cp, 0, LLONG_MAX, &errstr);
914: if (errstr != NULL)
1.40 fgsch 915: goto improper;
1.75 martynas 916: #ifndef SMALL
1.90 martynas 917: if (restart_point)
1.75 martynas 918: filesize += restart_point;
1.78 martynas 919: #endif /* !SMALL */
1.209 ! claudio 920: #define LOCATION "Location:"
1.40 fgsch 921: } else if (isredirect &&
922: strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) {
923: cp += sizeof(LOCATION) - 1;
1.209 ! claudio 924: cp += strspn(cp, " \t");
1.144 sthen 925: /*
926: * If there is a colon before the first slash, this URI
927: * is not relative. RFC 3986 4.2
928: */
929: if (cp[strcspn(cp, ":/")] != ':') {
1.102 halex 930: #ifdef SMALL
931: errx(1, "Relative redirect not supported");
932: #else /* SMALL */
1.144 sthen 933: /* XXX doesn't handle protocol-relative URIs */
1.102 halex 934: if (*cp == '/') {
935: locbase = NULL;
936: cp++;
937: } else {
938: locbase = strdup(path);
939: if (locbase == NULL)
940: errx(1, "Can't allocate memory"
941: " for location base");
942: loctail = strchr(locbase, '#');
943: if (loctail != NULL)
944: *loctail = '\0';
945: loctail = strchr(locbase, '?');
946: if (loctail != NULL)
947: *loctail = '\0';
948: loctail = strrchr(locbase, '/');
949: if (loctail == NULL) {
950: free(locbase);
951: locbase = NULL;
952: } else
953: loctail[1] = '\0';
954: }
955: /* Contruct URL from relative redirect */
956: if (asprintf(&redirurl, "%s%s%s%s/%s%s",
957: scheme, full_host,
958: portnum ? ":" : "",
959: portnum ? portnum : "",
960: locbase ? locbase : "",
961: cp) == -1)
962: errx(1, "Cannot build "
963: "redirect URL");
964: free(locbase);
965: #endif /* SMALL */
966: } else if ((redirurl = strdup(cp)) == NULL)
967: errx(1, "Cannot allocate memory for URL");
968: loctail = strchr(redirurl, '#');
969: if (loctail != NULL)
970: *loctail = '\0';
1.40 fgsch 971: if (verbose)
1.102 halex 972: fprintf(ttyout, "Redirected to %s\n", redirurl);
1.173 jca 973: ftp_close(&fin, &tls, &fd);
1.157 deraadt 974: rval = url_get(redirurl, proxyenv, savefile, lastfile);
1.102 halex 975: free(redirurl);
976: goto cleanup_url_get;
1.209 ! claudio 977: #define RETRYAFTER "Retry-After:"
1.172 jca 978: } else if (isunavail &&
979: strncasecmp(cp, RETRYAFTER, sizeof(RETRYAFTER) - 1) == 0) {
980: size_t s;
981: cp += sizeof(RETRYAFTER) - 1;
1.209 ! claudio 982: cp += strspn(cp, " \t");
! 983: cp[strcspn(cp, " \t")] = '\0';
1.172 jca 984: retryafter = strtonum(cp, 0, 0, &errstr);
985: if (errstr != NULL)
986: retryafter = -1;
1.209 ! claudio 987: #define TRANSFER_ENCODING "Transfer-Encoding:"
1.178 jca 988: } else if (strncasecmp(cp, TRANSFER_ENCODING,
989: sizeof(TRANSFER_ENCODING) - 1) == 0) {
990: cp += sizeof(TRANSFER_ENCODING) - 1;
1.209 ! claudio 991: cp += strspn(cp, " \t");
1.178 jca 992: cp[strcspn(cp, " \t")] = '\0';
993: if (strcasecmp(cp, "chunked") == 0)
994: chunked = 1;
1.200 robert 995: #ifndef SMALL
1.209 ! claudio 996: #define LAST_MODIFIED "Last-Modified:"
1.200 robert 997: } else if (strncasecmp(cp, LAST_MODIFIED,
998: sizeof(LAST_MODIFIED) - 1) == 0) {
999: cp += sizeof(LAST_MODIFIED) - 1;
1000: cp[strcspn(cp, "\t")] = '\0';
1001: if (strptime(cp, "%a, %d %h %Y %T %Z", &lmt) == NULL)
1002: server_timestamps = 0;
1003: #endif /* !SMALL */
1.40 fgsch 1004: }
1.172 jca 1005: }
1.201 naddy 1006: free(buf);
1.202 naddy 1007: buf = NULL;
1.172 jca 1008:
1.178 jca 1009: /* Content-Length should be ignored for Transfer-Encoding: chunked */
1010: if (chunked)
1011: filesize = -1;
1012:
1.172 jca 1013: if (isunavail) {
1014: if (retried || retryafter != 0)
1.175 deraadt 1015: warnx("Error retrieving %s: 503 Service Unavailable",
1016: origline);
1.172 jca 1017: else {
1018: if (verbose)
1019: fprintf(ttyout, "Retrying %s\n", origline);
1020: retried = 1;
1.174 jca 1021: ftp_close(&fin, &tls, &fd);
1.172 jca 1022: rval = url_get(origline, proxyenv, savefile, lastfile);
1023: }
1024: goto cleanup_url_get;
1.1 millert 1025: }
1026:
1.17 millert 1027: /* Open the output file. */
1.100 halex 1028: if (!pipeout) {
1.75 martynas 1029: #ifndef SMALL
1030: if (resume)
1.83 martynas 1031: out = open(savefile, O_CREAT | O_WRONLY | O_APPEND,
1032: 0666);
1.75 martynas 1033: else
1.78 martynas 1034: #endif /* !SMALL */
1.75 martynas 1035: out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC,
1036: 0666);
1.170 deraadt 1037: if (out == -1) {
1.10 deraadt 1038: warn("Can't open %s", savefile);
1039: goto cleanup_url_get;
1040: }
1.157 deraadt 1041: } else {
1.17 millert 1042: out = fileno(stdout);
1.157 deraadt 1043: #ifdef SMALL
1044: if (lastfile) {
1045: if (pledge("stdio tty", NULL) == -1)
1046: err(1, "pledge");
1047: }
1048: #endif
1049: }
1.1 millert 1050:
1.189 jca 1051: if ((buf = malloc(buflen)) == NULL)
1052: errx(1, "Can't allocate memory for transfer buffer");
1053:
1.1 millert 1054: /* Trap signals */
1055: oldintr = NULL;
1.97 martynas 1056: oldinti = NULL;
1.1 millert 1057: if (setjmp(httpabort)) {
1058: if (oldintr)
1.2 millert 1059: (void)signal(SIGINT, oldintr);
1.97 martynas 1060: if (oldinti)
1061: (void)signal(SIGINFO, oldinti);
1.6 millert 1062: goto cleanup_url_get;
1.1 millert 1063: }
1064: oldintr = signal(SIGINT, aborthttp);
1065:
1066: bytes = 0;
1067: hashbytes = mark;
1.84 martynas 1068: progressmeter(-1, path);
1.43 millert 1069:
1.1 millert 1070: /* Finally, suck down the file. */
1.97 martynas 1071: oldinti = signal(SIGINFO, psummary);
1.178 jca 1072: if (chunked) {
1.182 jca 1073: error = save_chunked(fin, tls, out, buf, buflen);
1.196 jca 1074: signal(SIGINT, oldintr);
1.182 jca 1075: signal(SIGINFO, oldinti);
1076: if (error == -1)
1.178 jca 1077: goto cleanup_url_get;
1078: } else {
1.188 jca 1079: while ((len = fread(buf, 1, buflen, fin)) > 0) {
1.178 jca 1080: bytes += len;
1.188 jca 1081: for (cp = buf; len > 0; len -= wlen, cp += wlen) {
1082: if ((wlen = write(out, cp, len)) == -1) {
1.178 jca 1083: warn("Writing %s", savefile);
1.196 jca 1084: signal(SIGINT, oldintr);
1.178 jca 1085: signal(SIGINFO, oldinti);
1086: goto cleanup_url_get;
1.188 jca 1087: }
1.178 jca 1088: }
1089: if (hash && !progress) {
1090: while (bytes >= hashbytes) {
1091: (void)putc('#', ttyout);
1092: hashbytes += mark;
1093: }
1094: (void)fflush(ttyout);
1.1 millert 1095: }
1096: }
1.188 jca 1097: save_errno = errno;
1.196 jca 1098: signal(SIGINT, oldintr);
1.178 jca 1099: signal(SIGINFO, oldinti);
1100: if (hash && !progress && bytes > 0) {
1101: if (bytes < mark)
1.10 deraadt 1102: (void)putc('#', ttyout);
1.178 jca 1103: (void)putc('\n', ttyout);
1.10 deraadt 1104: (void)fflush(ttyout);
1.1 millert 1105: }
1.188 jca 1106: if (len == 0 && ferror(fin)) {
1107: errno = save_errno;
1.178 jca 1108: warnx("Reading from socket: %s", sockerror(tls));
1109: goto cleanup_url_get;
1110: }
1.1 millert 1111: }
1.84 martynas 1112: progressmeter(1, NULL);
1.75 martynas 1113: if (
1114: #ifndef SMALL
1115: !resume &&
1.78 martynas 1116: #endif /* !SMALL */
1.75 martynas 1117: filesize != -1 && len == 0 && bytes != filesize) {
1.24 deraadt 1118: if (verbose)
1119: fputs("Read short file.\n", ttyout);
1120: goto cleanup_url_get;
1121: }
1122:
1.1 millert 1123: if (verbose)
1.97 martynas 1124: ptransfer(0);
1.1 millert 1125:
1.40 fgsch 1126: rval = 0;
1127: goto cleanup_url_get;
1.1 millert 1128:
1.14 millert 1129: noftpautologin:
1130: warnx(
1131: "Auto-login using ftp URLs isn't supported when using $ftp_proxy");
1132: goto cleanup_url_get;
1133:
1.1 millert 1134: improper:
1.8 millert 1135: warnx("Improper response from %s", host);
1.14 millert 1136:
1.6 millert 1137: cleanup_url_get:
1.181 jca 1138: #ifndef SMALL
1139: free(full_host);
1140: #endif /* !SMALL */
1.154 deraadt 1141: #ifndef NOSSL
1.128 jca 1142: free(sslhost);
1.154 deraadt 1143: #endif /* !NOSSL */
1.173 jca 1144: ftp_close(&fin, &tls, &fd);
1.200 robert 1145: if (out >= 0 && out != fileno(stdout)) {
1146: #ifndef SMALL
1.203 sthen 1147: if (server_timestamps && lmt.tm_zone != 0 &&
1148: fstat(out, &stbuf) == 0 && S_ISREG(stbuf.st_mode) != 0) {
1.200 robert 1149: ts[0].tv_nsec = UTIME_NOW;
1150: ts[1].tv_nsec = 0;
1151: setenv("TZ", lmt.tm_zone, 1);
1152: if (((ts[1].tv_sec = mktime(&lmt)) != -1) &&
1153: (futimens(out, ts) == -1))
1154: warnx("Unable to set file modification time");
1155: }
1156: #endif /* !SMALL */
1.162 sthen 1157: close(out);
1.200 robert 1158: }
1.67 steven 1159: free(buf);
1.198 naddy 1160: free(pathbuf);
1.136 bluhm 1161: free(proxyhost);
1.67 steven 1162: free(proxyurl);
1.62 ray 1163: free(newline);
1.123 guenther 1164: free(credentials);
1.190 yasuoka 1165: free(proxy_credentials);
1.40 fgsch 1166: return (rval);
1.178 jca 1167: }
1168:
1169: static int
1170: save_chunked(FILE *fin, struct tls *tls, int out, char *buf, size_t buflen)
1171: {
1172:
1.201 naddy 1173: char *header = NULL, *end, *cp;
1.178 jca 1174: unsigned long chunksize;
1.201 naddy 1175: size_t hsize = 0, rlen, wlen;
1.178 jca 1176: ssize_t written;
1177: char cr, lf;
1178:
1179: for (;;) {
1.201 naddy 1180: if (getline(&header, &hsize, fin) == -1)
1.178 jca 1181: break;
1182: /* strip CRLF and any optional chunk extension */
1183: header[strcspn(header, ";\r\n")] = '\0';
1184: errno = 0;
1185: chunksize = strtoul(header, &end, 16);
1186: if (errno || header[0] == '\0' || *end != '\0' ||
1187: chunksize > INT_MAX) {
1188: warnx("Invalid chunk size '%s'", header);
1189: free(header);
1190: return -1;
1191: }
1192:
1193: if (chunksize == 0) {
1194: /* We're done. Ignore optional trailer. */
1.201 naddy 1195: free(header);
1.178 jca 1196: return 0;
1197: }
1198:
1199: for (written = 0; chunksize != 0; chunksize -= rlen) {
1200: rlen = (chunksize < buflen) ? chunksize : buflen;
1201: rlen = fread(buf, 1, rlen, fin);
1202: if (rlen == 0)
1203: break;
1204: bytes += rlen;
1205: for (cp = buf, wlen = rlen; wlen > 0;
1.179 deraadt 1206: wlen -= written, cp += written) {
1.178 jca 1207: if ((written = write(out, cp, wlen)) == -1) {
1208: warn("Writing output file");
1.201 naddy 1209: free(header);
1.178 jca 1210: return -1;
1211: }
1212: }
1213: }
1214:
1215: if (rlen == 0 ||
1216: fread(&cr, 1, 1, fin) != 1 ||
1217: fread(&lf, 1, 1, fin) != 1)
1218: break;
1219:
1220: if (cr != '\r' || lf != '\n') {
1221: warnx("Invalid chunked encoding");
1.201 naddy 1222: free(header);
1.178 jca 1223: return -1;
1224: }
1225: }
1.201 naddy 1226: free(header);
1.178 jca 1227:
1228: if (ferror(fin))
1229: warnx("Error while reading from socket: %s", sockerror(tls));
1230: else
1231: warnx("Invalid chunked encoding: short read");
1232:
1233: return -1;
1.1 millert 1234: }
1235:
1236: /*
1237: * Abort a http retrieval
1238: */
1.51 deraadt 1239: /* ARGSUSED */
1.177 jca 1240: static void
1.51 deraadt 1241: aborthttp(int signo)
1.1 millert 1242: {
1.197 kn 1243: const char errmsg[] = "\nfetch aborted.\n";
1.1 millert 1244:
1245: alarmtimer(0);
1.197 kn 1246: write(fileno(ttyout), errmsg, sizeof(errmsg) - 1);
1.22 deraadt 1247: longjmp(httpabort, 1);
1248: }
1249:
1250: /*
1.1 millert 1251: * Retrieve multiple files from the command line, transferring
1252: * files of the form "host:path", "ftp://host/path" using the
1253: * ftp protocol, and files of the form "http://host/path" using
1254: * the http protocol.
1.2 millert 1255: * If path has a trailing "/", then return (-1);
1.1 millert 1256: * the path will be cd-ed into and the connection remains open,
1257: * and the function will return -1 (to indicate the connection
1258: * is alive).
1259: * If an error occurs the return value will be the offset+1 in
1260: * argv[] of the file that caused a problem (i.e, argv[x]
1261: * returns x+1)
1262: * Otherwise, 0 is returned if all files retrieved successfully.
1263: */
1264: int
1.50 deraadt 1265: auto_fetch(int argc, char *argv[], char *outfile)
1.1 millert 1266: {
1267: char *xargv[5];
1.62 ray 1268: char *cp, *url, *host, *dir, *file, *portnum;
1269: char *username, *pass, *pathstart;
1.6 millert 1270: char *ftpproxy, *httpproxy;
1.157 deraadt 1271: int rval, xargc, lastfile;
1.14 millert 1272: volatile int argpos;
1.49 krw 1273: int dirhasglob, filehasglob, oautologin;
1.137 deraadt 1274: char rempath[PATH_MAX];
1.1 millert 1275:
1276: argpos = 0;
1277:
1278: if (setjmp(toplevel)) {
1279: if (connected)
1280: disconnect(0, NULL);
1.2 millert 1281: return (argpos + 1);
1.1 millert 1282: }
1.3 millert 1283: (void)signal(SIGINT, (sig_t)intr);
1284: (void)signal(SIGPIPE, (sig_t)lostpeer);
1.1 millert 1285:
1.45 millert 1286: if ((ftpproxy = getenv(FTP_PROXY)) != NULL && *ftpproxy == '\0')
1287: ftpproxy = NULL;
1288: if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
1289: httpproxy = NULL;
1.6 millert 1290:
1.1 millert 1291: /*
1292: * Loop through as long as there's files to fetch.
1293: */
1.123 guenther 1294: username = pass = NULL;
1.62 ray 1295: for (rval = 0; (rval == 0) && (argpos < argc); free(url), argpos++) {
1.1 millert 1296: if (strchr(argv[argpos], ':') == NULL)
1297: break;
1.123 guenther 1298:
1299: free(username);
1300: free(pass);
1.62 ray 1301: host = dir = file = portnum = username = pass = NULL;
1.1 millert 1302:
1.157 deraadt 1303: lastfile = (argv[argpos+1] == NULL);
1304:
1.1 millert 1305: /*
1306: * We muck with the string, so we make a copy.
1307: */
1.62 ray 1308: url = strdup(argv[argpos]);
1309: if (url == NULL)
1.1 millert 1310: errx(1, "Can't allocate memory for auto-fetch.");
1311:
1.186 jca 1312: if (strncasecmp(url, FILE_URL, sizeof(FILE_URL) - 1) == 0) {
1313: if (file_get(url + sizeof(FILE_URL) - 1, outfile) == -1)
1314: rval = argpos + 1;
1315: continue;
1316: }
1317:
1.1 millert 1318: /*
1.186 jca 1319: * Try HTTP URL-style arguments next.
1.1 millert 1320: */
1.62 ray 1321: if (strncasecmp(url, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.186 jca 1322: strncasecmp(url, HTTPS_URL, sizeof(HTTPS_URL) -1) == 0) {
1.54 fgsch 1323: redirect_loop = 0;
1.171 jca 1324: retried = 0;
1.157 deraadt 1325: if (url_get(url, httpproxy, outfile, lastfile) == -1)
1.1 millert 1326: rval = argpos + 1;
1327: continue;
1328: }
1329:
1330: /*
1.6 millert 1331: * Try FTP URL-style arguments next. If ftpproxy is
1332: * set, use url_get() instead of standard ftp.
1333: * Finally, try host:file.
1.1 millert 1334: */
1.62 ray 1335: host = url;
1336: if (strncasecmp(url, FTP_URL, sizeof(FTP_URL) - 1) == 0) {
1.37 heko 1337: char *passend, *passagain, *userend;
1.31 itojun 1338:
1.6 millert 1339: if (ftpproxy) {
1.157 deraadt 1340: if (url_get(url, ftpproxy, outfile, lastfile) == -1)
1.6 millert 1341: rval = argpos + 1;
1342: continue;
1343: }
1.1 millert 1344: host += sizeof(FTP_URL) - 1;
1.8 millert 1345: dir = strchr(host, '/');
1.1 millert 1346:
1.8 millert 1347: /* Look for [user:pass@]host[:port] */
1.31 itojun 1348:
1349: /* check if we have "user:pass@" */
1.37 heko 1350: userend = strchr(host, ':');
1.31 itojun 1351: passend = strchr(host, '@');
1352: if (passend && userend && userend < passend &&
1353: (!dir || passend < dir)) {
1.62 ray 1354: username = host;
1.31 itojun 1355: pass = userend + 1;
1356: host = passend + 1;
1357: *userend = *passend = '\0';
1.37 heko 1358: passagain = strchr(host, '@');
1.42 deraadt 1359: if (strchr(pass, '@') != NULL ||
1.37 heko 1360: (passagain != NULL && passagain < dir)) {
1361: warnx(at_encoding_warning);
1.123 guenther 1362: username = pass = NULL;
1.37 heko 1363: goto bad_ftp_url;
1.42 deraadt 1364: }
1.31 itojun 1365:
1.77 martynas 1366: if (EMPTYSTRING(username)) {
1.11 millert 1367: bad_ftp_url:
1.31 itojun 1368: warnx("Invalid URL: %s", argv[argpos]);
1369: rval = argpos + 1;
1.123 guenther 1370: username = pass = NULL;
1.31 itojun 1371: continue;
1372: }
1.62 ray 1373: username = urldecode(username);
1.37 heko 1374: pass = urldecode(pass);
1.8 millert 1375: }
1.31 itojun 1376:
1377: /* check [host]:port, or [host] */
1378: if (host[0] == '[') {
1379: cp = strchr(host, ']');
1380: if (cp && (!dir || cp < dir)) {
1381: if (cp + 1 == dir || cp[1] == ':') {
1382: host++;
1383: *cp++ = '\0';
1384: } else
1385: cp = NULL;
1386: } else
1387: cp = host;
1.25 itojun 1388: } else
1389: cp = host;
1.31 itojun 1390:
1391: /* split off host[:port] if there is */
1392: if (cp) {
1393: portnum = strchr(cp, ':');
1.52 henning 1394: pathstart = strchr(cp, '/');
1395: /* : in path is not a port # indicator */
1396: if (portnum && pathstart &&
1397: pathstart < portnum)
1398: portnum = NULL;
1399:
1.31 itojun 1400: if (!portnum)
1401: ;
1402: else {
1403: if (!dir)
1404: ;
1405: else if (portnum + 1 < dir) {
1406: *portnum++ = '\0';
1407: /*
1408: * XXX should check if portnum
1409: * is decimal number
1410: */
1411: } else {
1412: /* empty portnum */
1413: goto bad_ftp_url;
1414: }
1415: }
1416: } else
1417: portnum = NULL;
1.8 millert 1418: } else { /* classic style `host:file' */
1419: dir = strchr(host, ':');
1420: }
1.1 millert 1421: if (EMPTYSTRING(host)) {
1422: rval = argpos + 1;
1423: continue;
1424: }
1425:
1426: /*
1.9 millert 1427: * If dir is NULL, the file wasn't specified
1.1 millert 1428: * (URL looked something like ftp://host)
1429: */
1.8 millert 1430: if (dir != NULL)
1431: *dir++ = '\0';
1.1 millert 1432:
1433: /*
1434: * Extract the file and (if present) directory name.
1435: */
1.42 deraadt 1436: if (!EMPTYSTRING(dir)) {
1.8 millert 1437: cp = strrchr(dir, '/');
1.1 millert 1438: if (cp != NULL) {
1439: *cp++ = '\0';
1440: file = cp;
1441: } else {
1442: file = dir;
1443: dir = NULL;
1444: }
1445: }
1.80 martynas 1446: #ifndef SMALL
1.1 millert 1447: if (debug)
1.42 deraadt 1448: fprintf(ttyout,
1449: "user %s:%s host %s port %s dir %s file %s\n",
1.76 martynas 1450: username, pass ? "XXXX" : NULL, host, portnum,
1451: dir, file);
1.80 martynas 1452: #endif /* !SMALL */
1.1 millert 1453:
1454: /*
1.49 krw 1455: * Set up the connection.
1.1 millert 1456: */
1.49 krw 1457: if (connected)
1458: disconnect(0, NULL);
1459: xargv[0] = __progname;
1460: xargv[1] = host;
1.8 millert 1461: xargv[2] = NULL;
1.49 krw 1462: xargc = 2;
1463: if (!EMPTYSTRING(portnum)) {
1464: xargv[2] = portnum;
1465: xargv[3] = NULL;
1466: xargc = 3;
1467: }
1468: oautologin = autologin;
1.88 martynas 1469: if (username == NULL)
1.89 halex 1470: anonftp = 1;
1471: else {
1472: anonftp = 0;
1.49 krw 1473: autologin = 0;
1.89 halex 1474: }
1.49 krw 1475: setpeer(xargc, xargv);
1476: autologin = oautologin;
1.87 martynas 1477: if (connected == 0 ||
1478: (connected == 1 && autologin && (username == NULL ||
1479: !ftp_login(host, username, pass)))) {
1.49 krw 1480: warnx("Can't connect or login to host `%s'", host);
1.8 millert 1481: rval = argpos + 1;
1482: continue;
1.1 millert 1483: }
1.49 krw 1484:
1485: /* Always use binary transfers. */
1486: setbinary(0, NULL);
1.1 millert 1487:
1.4 millert 1488: dirhasglob = filehasglob = 0;
1489: if (doglob) {
1.42 deraadt 1490: if (!EMPTYSTRING(dir) &&
1.4 millert 1491: strpbrk(dir, "*?[]{}") != NULL)
1492: dirhasglob = 1;
1.42 deraadt 1493: if (!EMPTYSTRING(file) &&
1.4 millert 1494: strpbrk(file, "*?[]{}") != NULL)
1495: filehasglob = 1;
1496: }
1497:
1.1 millert 1498: /* Change directories, if necessary. */
1.42 deraadt 1499: if (!EMPTYSTRING(dir) && !dirhasglob) {
1.1 millert 1500: xargv[0] = "cd";
1501: xargv[1] = dir;
1502: xargv[2] = NULL;
1503: cd(2, xargv);
1.42 deraadt 1504: if (!dirchange) {
1.1 millert 1505: rval = argpos + 1;
1506: continue;
1507: }
1508: }
1509:
1510: if (EMPTYSTRING(file)) {
1.86 martynas 1511: #ifndef SMALL
1.1 millert 1512: rval = -1;
1.86 martynas 1513: #else /* !SMALL */
1514: recvrequest("NLST", "-", NULL, "w", 0, 0);
1515: rval = 0;
1516: #endif /* !SMALL */
1.1 millert 1517: continue;
1518: }
1519:
1.21 marc 1520: if (verbose)
1.10 deraadt 1521: fprintf(ttyout, "Retrieving %s/%s\n", dir ? dir : "", file);
1.1 millert 1522:
1.4 millert 1523: if (dirhasglob) {
1524: snprintf(rempath, sizeof(rempath), "%s/%s", dir, file);
1525: file = rempath;
1526: }
1527:
1528: /* Fetch the file(s). */
1.10 deraadt 1529: xargc = 2;
1.1 millert 1530: xargv[0] = "get";
1531: xargv[1] = file;
1532: xargv[2] = NULL;
1.4 millert 1533: if (dirhasglob || filehasglob) {
1534: int ointeractive;
1535:
1536: ointeractive = interactive;
1537: interactive = 0;
1538: xargv[0] = "mget";
1.78 martynas 1539: #ifndef SMALL
1540: if (resume) {
1541: xargc = 3;
1542: xargv[1] = "-c";
1543: xargv[2] = file;
1544: xargv[3] = NULL;
1545: }
1546: #endif /* !SMALL */
1.10 deraadt 1547: mget(xargc, xargv);
1.5 millert 1548: interactive = ointeractive;
1.10 deraadt 1549: } else {
1.17 millert 1550: if (outfile != NULL) {
1551: xargv[2] = outfile;
1552: xargv[3] = NULL;
1.10 deraadt 1553: xargc++;
1554: }
1.75 martynas 1555: #ifndef SMALL
1556: if (resume)
1557: reget(xargc, xargv);
1558: else
1.78 martynas 1559: #endif /* !SMALL */
1.75 martynas 1560: get(xargc, xargv);
1.10 deraadt 1561: }
1.1 millert 1562:
1.4 millert 1563: if ((code / 100) != COMPLETE)
1.1 millert 1564: rval = argpos + 1;
1565: }
1566: if (connected && rval != -1)
1567: disconnect(0, NULL);
1568: return (rval);
1.37 heko 1569: }
1570:
1571: char *
1.50 deraadt 1572: urldecode(const char *str)
1.37 heko 1573: {
1.53 deraadt 1574: char *ret, c;
1575: int i, reallen;
1.37 heko 1576:
1.53 deraadt 1577: if (str == NULL)
1578: return NULL;
1.205 claudio 1579: if ((ret = malloc(strlen(str) + 1)) == NULL)
1.53 deraadt 1580: err(1, "Can't allocate memory for URL decoding");
1581: for (i = 0, reallen = 0; str[i] != '\0'; i++, reallen++, ret++) {
1582: c = str[i];
1583: if (c == '+') {
1584: *ret = ' ';
1585: continue;
1586: }
1.61 deraadt 1587:
1588: /* Cannot use strtol here because next char
1589: * after %xx may be a digit.
1590: */
1.205 claudio 1591: if (c == '%' && isxdigit((unsigned char)str[i + 1]) &&
1592: isxdigit((unsigned char)str[i + 2])) {
1593: *ret = hextochar(&str[i + 1]);
1594: i += 2;
1.53 deraadt 1595: continue;
1596: }
1597: *ret = c;
1598: }
1599: *ret = '\0';
1600:
1.205 claudio 1601: return ret - reallen;
1.123 guenther 1602: }
1603:
1.177 jca 1604: static char *
1.123 guenther 1605: recode_credentials(const char *userinfo)
1606: {
1607: char *ui, *creds;
1608: size_t ulen, credsize;
1609:
1610: /* url-decode the user and pass */
1611: ui = urldecode(userinfo);
1612:
1613: ulen = strlen(ui);
1614: credsize = (ulen + 2) / 3 * 4 + 1;
1615: creds = malloc(credsize);
1616: if (creds == NULL)
1617: errx(1, "out of memory");
1618: if (b64_ntop(ui, ulen, creds, credsize) == -1)
1619: errx(1, "error in base64 encoding");
1620: free(ui);
1621: return (creds);
1.37 heko 1622: }
1623:
1.177 jca 1624: static char
1.50 deraadt 1625: hextochar(const char *str)
1.37 heko 1626: {
1.143 guenther 1627: unsigned char c, ret;
1.37 heko 1628:
1.53 deraadt 1629: c = str[0];
1630: ret = c;
1631: if (isalpha(c))
1632: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1633: else
1634: ret -= '0';
1635: ret *= 16;
1636:
1637: c = str[1];
1638: ret += c;
1639: if (isalpha(c))
1640: ret -= isupper(c) ? 'A' - 10 : 'a' - 10;
1641: else
1642: ret -= '0';
1643: return ret;
1.25 itojun 1644: }
1645:
1646: int
1.50 deraadt 1647: isurl(const char *p)
1.25 itojun 1648: {
1.27 millert 1649:
1.26 deraadt 1650: if (strncasecmp(p, FTP_URL, sizeof(FTP_URL) - 1) == 0 ||
1651: strncasecmp(p, HTTP_URL, sizeof(HTTP_URL) - 1) == 0 ||
1.154 deraadt 1652: #ifndef NOSSL
1.61 deraadt 1653: strncasecmp(p, HTTPS_URL, sizeof(HTTPS_URL) - 1) == 0 ||
1.154 deraadt 1654: #endif /* !NOSSL */
1.27 millert 1655: strncasecmp(p, FILE_URL, sizeof(FILE_URL) - 1) == 0 ||
1656: strstr(p, ":/"))
1657: return (1);
1658: return (0);
1.173 jca 1659: }
1.184 jca 1660:
1661: #ifndef SMALL
1662: static int
1663: ftp_printf(FILE *fp, const char *fmt, ...)
1664: {
1665: va_list ap;
1666: int ret;
1667:
1668: va_start(ap, fmt);
1669: ret = vfprintf(fp, fmt, ap);
1670: va_end(ap);
1671:
1672: if (debug) {
1673: va_start(ap, fmt);
1674: vfprintf(ttyout, fmt, ap);
1675: va_end(ap);
1676: }
1677:
1678: return ret;
1679: }
1680: #endif /* !SMALL */
1.173 jca 1681:
1.177 jca 1682: static void
1.189 jca 1683: ftp_close(FILE **fin, struct tls **tls, int *fd)
1.173 jca 1684: {
1685: #ifndef NOSSL
1686: int ret;
1687:
1688: if (*tls != NULL) {
1689: if (tls_session_fd != -1)
1690: dprintf(STDERR_FILENO, "tls session resumed: %s\n",
1691: tls_conn_session_resumed(*tls) ? "yes" : "no");
1692: do {
1693: ret = tls_close(*tls);
1694: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1695: tls_free(*tls);
1696: *tls = NULL;
1697: }
1.176 jca 1698: if (*fd != -1) {
1699: close(*fd);
1700: *fd = -1;
1701: }
1.173 jca 1702: #endif
1703: if (*fin != NULL) {
1704: fclose(*fin);
1705: *fin = NULL;
1706: }
1.61 deraadt 1707: }
1708:
1.177 jca 1709: static const char *
1.176 jca 1710: sockerror(struct tls *tls)
1711: {
1712: int save_errno = errno;
1.154 deraadt 1713: #ifndef NOSSL
1.176 jca 1714: if (tls != NULL) {
1715: const char *tlserr = tls_error(tls);
1716: if (tlserr != NULL)
1717: return tlserr;
1.139 bluhm 1718: }
1.176 jca 1719: #endif
1720: return strerror(save_errno);
1.61 deraadt 1721: }
1722:
1.176 jca 1723: #ifndef NOSSL
1.177 jca 1724: static int
1.81 espie 1725: proxy_connect(int socket, char *host, char *cookie)
1.61 deraadt 1726: {
1.66 ray 1727: int l;
1.61 deraadt 1728: char buf[1024];
1.192 yasuoka 1729: char *connstr, *hosttail, *port;
1.61 deraadt 1730:
1731: if (*host == '[' && (hosttail = strrchr(host, ']')) != NULL &&
1732: (hosttail[1] == '\0' || hosttail[1] == ':')) {
1733: host++;
1734: *hosttail++ = '\0';
1735: } else
1736: hosttail = host;
1737:
1.179 deraadt 1738: port = strrchr(hosttail, ':'); /* find portnum */
1.61 deraadt 1739: if (port != NULL)
1740: *port++ = '\0';
1741: if (!port)
1742: port = "443";
1743:
1.81 espie 1744: if (cookie) {
1745: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n"
1746: "Proxy-Authorization: Basic %s\r\n%s\r\n\r\n",
1747: host, port, cookie, HTTP_USER_AGENT);
1748: } else {
1749: l = asprintf(&connstr, "CONNECT %s:%s HTTP/1.1\r\n%s\r\n\r\n",
1750: host, port, HTTP_USER_AGENT);
1751: }
1752:
1.66 ray 1753: if (l == -1)
1.61 deraadt 1754: errx(1, "Could not allocate memory to assemble connect string!");
1.80 martynas 1755: #ifndef SMALL
1.68 ray 1756: if (debug)
1757: printf("%s", connstr);
1.80 martynas 1758: #endif /* !SMALL */
1.66 ray 1759: if (write(socket, connstr, l) != l)
1.68 ray 1760: err(1, "Could not send connect string");
1.192 yasuoka 1761: read(socket, &buf, sizeof(buf)); /* only proxy header XXX: error handling? */
1.71 ray 1762: free(connstr);
1.61 deraadt 1763: return(200);
1.176 jca 1764: }
1765:
1.177 jca 1766: static int
1.176 jca 1767: stdio_tls_write_wrapper(void *arg, const char *buf, int len)
1768: {
1769: struct tls *tls = arg;
1770: ssize_t ret;
1771:
1772: do {
1773: ret = tls_write(tls, buf, len);
1774: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1775:
1776: return ret;
1777: }
1778:
1.177 jca 1779: static int
1.176 jca 1780: stdio_tls_read_wrapper(void *arg, char *buf, int len)
1781: {
1782: struct tls *tls = arg;
1783: ssize_t ret;
1784:
1785: do {
1786: ret = tls_read(tls, buf, len);
1787: } while (ret == TLS_WANT_POLLIN || ret == TLS_WANT_POLLOUT);
1788:
1789: return ret;
1.61 deraadt 1790: }
1.158 jca 1791: #endif /* !NOSSL */