xref: /freebsd/contrib/tnftp/src/fetch.c (revision 8f0ea33f2bbf3a6aa80235f0a02fa5f2780c2b17)
1 /*	$NetBSD: fetch.c,v 1.18 2009/11/15 10:12:37 lukem Exp $	*/
2 /*	from	NetBSD: fetch.c,v 1.191 2009/08/17 09:08:16 christos Exp	*/
3 
4 /*-
5  * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
6  * All rights reserved.
7  *
8  * This code is derived from software contributed to The NetBSD Foundation
9  * by Luke Mewburn.
10  *
11  * This code is derived from software contributed to The NetBSD Foundation
12  * by Scott Aaron Bamford.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
24  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
27  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33  * POSSIBILITY OF SUCH DAMAGE.
34  */
35 
36 #include "tnftp.h"
37 
38 #if 0	/* tnftp */
39 
40 #include <sys/cdefs.h>
41 #ifndef lint
42 __RCSID(" NetBSD: fetch.c,v 1.191 2009/08/17 09:08:16 christos Exp  ");
43 #endif /* not lint */
44 
45 /*
46  * FTP User Program -- Command line file retrieval
47  */
48 
49 #include <sys/types.h>
50 #include <sys/param.h>
51 #include <sys/socket.h>
52 #include <sys/stat.h>
53 #include <sys/time.h>
54 
55 #include <netinet/in.h>
56 
57 #include <arpa/ftp.h>
58 #include <arpa/inet.h>
59 
60 #include <ctype.h>
61 #include <err.h>
62 #include <errno.h>
63 #include <netdb.h>
64 #include <fcntl.h>
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <string.h>
68 #include <unistd.h>
69 #include <time.h>
70 
71 #endif	/* tnftp */
72 
73 #include "ftp_var.h"
74 #include "version.h"
75 
76 typedef enum {
77 	UNKNOWN_URL_T=-1,
78 	HTTP_URL_T,
79 	FTP_URL_T,
80 	FILE_URL_T,
81 	CLASSIC_URL_T
82 } url_t;
83 
84 void		aborthttp(int);
85 #ifndef NO_AUTH
86 static int	auth_url(const char *, char **, const char *, const char *);
87 static void	base64_encode(const unsigned char *, size_t, unsigned char *);
88 #endif
89 static int	go_fetch(const char *);
90 static int	fetch_ftp(const char *);
91 static int	fetch_url(const char *, const char *, char *, char *);
92 static const char *match_token(const char **, const char *);
93 static int	parse_url(const char *, const char *, url_t *, char **,
94 			    char **, char **, char **, in_port_t *, char **);
95 static void	url_decode(char *);
96 
97 static int	redirect_loop;
98 
99 
100 #define	STRNEQUAL(a,b)	(strncasecmp((a), (b), sizeof((b))-1) == 0)
101 #define	ISLWS(x)	((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t')
102 #define	SKIPLWS(x)	do { while (ISLWS((*x))) x++; } while (0)
103 
104 
105 #define	ABOUT_URL	"about:"	/* propaganda */
106 #define	FILE_URL	"file://"	/* file URL prefix */
107 #define	FTP_URL		"ftp://"	/* ftp URL prefix */
108 #define	HTTP_URL	"http://"	/* http URL prefix */
109 
110 
111 /*
112  * Determine if token is the next word in buf (case insensitive).
113  * If so, advance buf past the token and any trailing LWS, and
114  * return a pointer to the token (in buf).  Otherwise, return NULL.
115  * token may be preceded by LWS.
116  * token must be followed by LWS or NUL.  (I.e, don't partial match).
117  */
118 static const char *
match_token(const char ** buf,const char * token)119 match_token(const char **buf, const char *token)
120 {
121 	const char	*p, *orig;
122 	size_t		tlen;
123 
124 	tlen = strlen(token);
125 	p = *buf;
126 	SKIPLWS(p);
127 	orig = p;
128 	if (strncasecmp(p, token, tlen) != 0)
129 		return NULL;
130 	p += tlen;
131 	if (*p != '\0' && !ISLWS(*p))
132 		return NULL;
133 	SKIPLWS(p);
134 	orig = *buf;
135 	*buf = p;
136 	return orig;
137 }
138 
139 #ifndef NO_AUTH
140 /*
141  * Generate authorization response based on given authentication challenge.
142  * Returns -1 if an error occurred, otherwise 0.
143  * Sets response to a malloc(3)ed string; caller should free.
144  */
145 static int
auth_url(const char * challenge,char ** response,const char * guser,const char * gpass)146 auth_url(const char *challenge, char **response, const char *guser,
147 	const char *gpass)
148 {
149 	const char	*cp, *scheme, *errormsg;
150 	char		*ep, *clear, *realm;
151 	char		 uuser[BUFSIZ], *gotpass;
152 	const char	*upass;
153 	int		 rval;
154 	size_t		 len, clen, rlen;
155 
156 	*response = NULL;
157 	clear = realm = NULL;
158 	rval = -1;
159 	cp = challenge;
160 	scheme = "Basic";	/* only support Basic authentication */
161 	gotpass = NULL;
162 
163 	DPRINTF("auth_url: challenge `%s'\n", challenge);
164 
165 	if (! match_token(&cp, scheme)) {
166 		warnx("Unsupported authentication challenge `%s'",
167 		    challenge);
168 		goto cleanup_auth_url;
169 	}
170 
171 #define	REALM "realm=\""
172 	if (STRNEQUAL(cp, REALM))
173 		cp += sizeof(REALM) - 1;
174 	else {
175 		warnx("Unsupported authentication challenge `%s'",
176 		    challenge);
177 		goto cleanup_auth_url;
178 	}
179 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */
180 	if ((ep = strchr(cp, '\"')) != NULL) {
181 		len = ep - cp;
182 		realm = (char *)ftp_malloc(len + 1);
183 		(void)strlcpy(realm, cp, len + 1);
184 	} else {
185 		warnx("Unsupported authentication challenge `%s'",
186 		    challenge);
187 		goto cleanup_auth_url;
188 	}
189 
190 	fprintf(ttyout, "Username for `%s': ", realm);
191 	if (guser != NULL) {
192 		(void)strlcpy(uuser, guser, sizeof(uuser));
193 		fprintf(ttyout, "%s\n", uuser);
194 	} else {
195 		(void)fflush(ttyout);
196 		if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) {
197 			warnx("%s; can't authenticate", errormsg);
198 			goto cleanup_auth_url;
199 		}
200 	}
201 	if (gpass != NULL)
202 		upass = gpass;
203 	else {
204 		gotpass = getpass("Password: ");
205 		if (gotpass == NULL) {
206 			warnx("Can't read password");
207 			goto cleanup_auth_url;
208 		}
209 		upass = gotpass;
210 	}
211 
212 	clen = strlen(uuser) + strlen(upass) + 2;	/* user + ":" + pass + "\0" */
213 	clear = (char *)ftp_malloc(clen);
214 	(void)strlcpy(clear, uuser, clen);
215 	(void)strlcat(clear, ":", clen);
216 	(void)strlcat(clear, upass, clen);
217 	if (gotpass)
218 		memset(gotpass, 0, strlen(gotpass));
219 
220 						/* scheme + " " + enc + "\0" */
221 	rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1;
222 	*response = (char *)ftp_malloc(rlen);
223 	(void)strlcpy(*response, scheme, rlen);
224 	len = strlcat(*response, " ", rlen);
225 			/* use  `clen - 1'  to not encode the trailing NUL */
226 	base64_encode((unsigned char *)clear, clen - 1,
227 	    (unsigned char *)*response + len);
228 	memset(clear, 0, clen);
229 	rval = 0;
230 
231  cleanup_auth_url:
232 	FREEPTR(clear);
233 	FREEPTR(realm);
234 	return (rval);
235 }
236 
237 /*
238  * Encode len bytes starting at clear using base64 encoding into encoded,
239  * which should be at least ((len + 2) * 4 / 3 + 1) in size.
240  */
241 static void
base64_encode(const unsigned char * clear,size_t len,unsigned char * encoded)242 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded)
243 {
244 	static const unsigned char enc[] =
245 	    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
246 	unsigned char	*cp;
247 	size_t	 i;
248 
249 	cp = encoded;
250 	for (i = 0; i < len; i += 3) {
251 		*(cp++) = enc[((clear[i + 0] >> 2))];
252 		*(cp++) = enc[((clear[i + 0] << 4) & 0x30)
253 			    | ((clear[i + 1] >> 4) & 0x0f)];
254 		*(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
255 			    | ((clear[i + 2] >> 6) & 0x03)];
256 		*(cp++) = enc[((clear[i + 2]     ) & 0x3f)];
257 	}
258 	*cp = '\0';
259 	while (i-- > len)
260 		*(--cp) = '=';
261 }
262 #endif
263 
264 /*
265  * Decode %xx escapes in given string, `in-place'.
266  */
267 static void
url_decode(char * url)268 url_decode(char *url)
269 {
270 	unsigned char *p, *q;
271 
272 	if (EMPTYSTRING(url))
273 		return;
274 	p = q = (unsigned char *)url;
275 
276 #define	HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10))
277 	while (*p) {
278 		if (p[0] == '%'
279 		    && p[1] && isxdigit((unsigned char)p[1])
280 		    && p[2] && isxdigit((unsigned char)p[2])) {
281 			*q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]);
282 			p+=3;
283 		} else
284 			*q++ = *p++;
285 	}
286 	*q = '\0';
287 }
288 
289 
290 /*
291  * Parse URL of form (per RFC3986):
292  *	<type>://[<user>[:<password>]@]<host>[:<port>][/<path>]
293  * Returns -1 if a parse error occurred, otherwise 0.
294  * It's the caller's responsibility to url_decode() the returned
295  * user, pass and path.
296  *
297  * Sets type to url_t, each of the given char ** pointers to a
298  * malloc(3)ed strings of the relevant section, and port to
299  * the number given, or ftpport if ftp://, or httpport if http://.
300  *
301  * XXX: this is not totally RFC3986 compliant; <path> will have the
302  * leading `/' unless it's an ftp:// URL, as this makes things easier
303  * for file:// and http:// URLs.  ftp:// URLs have the `/' between the
304  * host and the URL-path removed, but any additional leading slashes
305  * in the URL-path are retained (because they imply that we should
306  * later do "CWD" with a null argument).
307  *
308  * Examples:
309  *	 input URL			 output path
310  *	 ---------			 -----------
311  *	"http://host"			"/"
312  *	"http://host/"			"/"
313  *	"http://host/path"		"/path"
314  *	"file://host/dir/file"		"dir/file"
315  *	"ftp://host"			""
316  *	"ftp://host/"			""
317  *	"ftp://host//"			"/"
318  *	"ftp://host/dir/file"		"dir/file"
319  *	"ftp://host//dir/file"		"/dir/file"
320  */
321 static int
parse_url(const char * url,const char * desc,url_t * utype,char ** uuser,char ** pass,char ** host,char ** port,in_port_t * portnum,char ** path)322 parse_url(const char *url, const char *desc, url_t *utype,
323 		char **uuser, char **pass, char **host, char **port,
324 		in_port_t *portnum, char **path)
325 {
326 	const char	*origurl, *tport;
327 	char		*cp, *ep, *thost;
328 	size_t		 len;
329 
330 	if (url == NULL || desc == NULL || utype == NULL || uuser == NULL
331 	    || pass == NULL || host == NULL || port == NULL || portnum == NULL
332 	    || path == NULL)
333 		errx(1, "parse_url: invoked with NULL argument!");
334 	DPRINTF("parse_url: %s `%s'\n", desc, url);
335 
336 	origurl = url;
337 	*utype = UNKNOWN_URL_T;
338 	*uuser = *pass = *host = *port = *path = NULL;
339 	*portnum = 0;
340 	tport = NULL;
341 
342 	if (STRNEQUAL(url, HTTP_URL)) {
343 		url += sizeof(HTTP_URL) - 1;
344 		*utype = HTTP_URL_T;
345 		*portnum = HTTP_PORT;
346 		tport = httpport;
347 	} else if (STRNEQUAL(url, FTP_URL)) {
348 		url += sizeof(FTP_URL) - 1;
349 		*utype = FTP_URL_T;
350 		*portnum = FTP_PORT;
351 		tport = ftpport;
352 	} else if (STRNEQUAL(url, FILE_URL)) {
353 		url += sizeof(FILE_URL) - 1;
354 		*utype = FILE_URL_T;
355 	} else {
356 		warnx("Invalid %s `%s'", desc, url);
357  cleanup_parse_url:
358 		FREEPTR(*uuser);
359 		if (*pass != NULL)
360 			memset(*pass, 0, strlen(*pass));
361 		FREEPTR(*pass);
362 		FREEPTR(*host);
363 		FREEPTR(*port);
364 		FREEPTR(*path);
365 		return (-1);
366 	}
367 
368 	if (*url == '\0')
369 		return (0);
370 
371 			/* find [user[:pass]@]host[:port] */
372 	ep = strchr(url, '/');
373 	if (ep == NULL)
374 		thost = ftp_strdup(url);
375 	else {
376 		len = ep - url;
377 		thost = (char *)ftp_malloc(len + 1);
378 		(void)strlcpy(thost, url, len + 1);
379 		if (*utype == FTP_URL_T)	/* skip first / for ftp URLs */
380 			ep++;
381 		*path = ftp_strdup(ep);
382 	}
383 
384 	cp = strchr(thost, '@');	/* look for user[:pass]@ in URLs */
385 	if (cp != NULL) {
386 		if (*utype == FTP_URL_T)
387 			anonftp = 0;	/* disable anonftp */
388 		*uuser = thost;
389 		*cp = '\0';
390 		thost = ftp_strdup(cp + 1);
391 		cp = strchr(*uuser, ':');
392 		if (cp != NULL) {
393 			*cp = '\0';
394 			*pass = ftp_strdup(cp + 1);
395 		}
396 		url_decode(*uuser);
397 		if (*pass)
398 			url_decode(*pass);
399 	}
400 
401 #ifdef INET6
402 			/*
403 			 * Check if thost is an encoded IPv6 address, as per
404 			 * RFC3986:
405 			 *	`[' ipv6-address ']'
406 			 */
407 	if (*thost == '[') {
408 		cp = thost + 1;
409 		if ((ep = strchr(cp, ']')) == NULL ||
410 		    (ep[1] != '\0' && ep[1] != ':')) {
411 			warnx("Invalid address `%s' in %s `%s'",
412 			    thost, desc, origurl);
413 			goto cleanup_parse_url;
414 		}
415 		len = ep - cp;		/* change `[xyz]' -> `xyz' */
416 		memmove(thost, thost + 1, len);
417 		thost[len] = '\0';
418 		if (! isipv6addr(thost)) {
419 			warnx("Invalid IPv6 address `%s' in %s `%s'",
420 			    thost, desc, origurl);
421 			goto cleanup_parse_url;
422 		}
423 		cp = ep + 1;
424 		if (*cp == ':')
425 			cp++;
426 		else
427 			cp = NULL;
428 	} else
429 #endif /* INET6 */
430 		if ((cp = strchr(thost, ':')) != NULL)
431 			*cp++ = '\0';
432 	*host = thost;
433 
434 			/* look for [:port] */
435 	if (cp != NULL) {
436 		unsigned long	nport;
437 
438 		nport = strtoul(cp, &ep, 10);
439 		if (*cp == '\0' || *ep != '\0' ||
440 		    nport < 1 || nport > MAX_IN_PORT_T) {
441 			warnx("Unknown port `%s' in %s `%s'",
442 			    cp, desc, origurl);
443 			goto cleanup_parse_url;
444 		}
445 		*portnum = nport;
446 		tport = cp;
447 	}
448 
449 	if (tport != NULL)
450 		*port = ftp_strdup(tport);
451 	if (*path == NULL) {
452 		const char *emptypath = "/";
453 		if (*utype == FTP_URL_T)	/* skip first / for ftp URLs */
454 			emptypath++;
455 		*path = ftp_strdup(emptypath);
456 	}
457 
458 	DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
459 	    "path `%s'\n",
460 	    STRorNULL(*uuser), STRorNULL(*pass),
461 	    STRorNULL(*host), STRorNULL(*port),
462 	    *portnum ? *portnum : -1, STRorNULL(*path));
463 
464 	return (0);
465 }
466 
467 sigjmp_buf	httpabort;
468 
469 /*
470  * Retrieve URL, via a proxy if necessary, using HTTP.
471  * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or
472  * http_proxy as appropriate.
473  * Supports HTTP redirects.
474  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
475  * is still open (e.g, ftp xfer with trailing /)
476  */
477 static int
fetch_url(const char * url,const char * proxyenv,char * proxyauth,char * wwwauth)478 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth)
479 {
480 	struct addrinfo		hints, *res, *res0 = NULL;
481 	int			error;
482 	sigfunc volatile	oldintr;
483 	sigfunc volatile	oldintp;
484 	int volatile		s;
485 	struct stat		sb;
486 	int volatile		ischunked;
487 	int volatile		isproxy;
488 	int volatile		rval;
489 	int volatile		hcode;
490 	int			len;
491 	size_t			flen;
492 	static size_t		bufsize;
493 	static char		*xferbuf;
494 	const char		*cp, *token;
495 	char			*ep;
496 	char			buf[FTPBUFLEN];
497 	const char		*errormsg;
498 	char			*volatile savefile;
499 	char			*volatile auth;
500 	char			*volatile location;
501 	char			*volatile message;
502 	char			*uuser, *pass, *host, *port, *path;
503 	char			*volatile decodedpath;
504 	char			*puser, *ppass, *useragent;
505 	off_t			hashbytes, rangestart, rangeend, entitylen;
506 	int			(*volatile closefunc)(FILE *);
507 	FILE			*volatile fin;
508 	FILE			*volatile fout;
509 	time_t			mtime;
510 	url_t			urltype;
511 	in_port_t		portnum;
512 
513 	DPRINTF("fetch_url: `%s' proxyenv `%s'\n", url, STRorNULL(proxyenv));
514 
515 	oldintr = oldintp = NULL;
516 	closefunc = NULL;
517 	fin = fout = NULL;
518 	s = -1;
519 	savefile = NULL;
520 	auth = location = message = NULL;
521 	ischunked = isproxy = hcode = 0;
522 	rval = 1;
523 	uuser = pass = host = path = decodedpath = puser = ppass = NULL;
524 
525 	if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port,
526 	    &portnum, &path) == -1)
527 		goto cleanup_fetch_url;
528 
529 	if (urltype == FILE_URL_T && ! EMPTYSTRING(host)
530 	    && strcasecmp(host, "localhost") != 0) {
531 		warnx("No support for non local file URL `%s'", url);
532 		goto cleanup_fetch_url;
533 	}
534 
535 	if (EMPTYSTRING(path)) {
536 		if (urltype == FTP_URL_T) {
537 			rval = fetch_ftp(url);
538 			goto cleanup_fetch_url;
539 		}
540 		if (urltype != HTTP_URL_T || outfile == NULL)  {
541 			warnx("Invalid URL (no file after host) `%s'", url);
542 			goto cleanup_fetch_url;
543 		}
544 	}
545 
546 	decodedpath = ftp_strdup(path);
547 	url_decode(decodedpath);
548 
549 	if (outfile)
550 		savefile = outfile;
551 	else {
552 		cp = strrchr(decodedpath, '/');		/* find savefile */
553 		if (cp != NULL)
554 			savefile = ftp_strdup(cp + 1);
555 		else
556 			savefile = ftp_strdup(decodedpath);
557 	}
558 	DPRINTF("fetch_url: savefile `%s'\n", savefile);
559 	if (EMPTYSTRING(savefile)) {
560 		if (urltype == FTP_URL_T) {
561 			rval = fetch_ftp(url);
562 			goto cleanup_fetch_url;
563 		}
564 		warnx("No file after directory (you must specify an "
565 		    "output file) `%s'", url);
566 		goto cleanup_fetch_url;
567 	}
568 
569 	restart_point = 0;
570 	filesize = -1;
571 	rangestart = rangeend = entitylen = -1;
572 	mtime = -1;
573 	if (restartautofetch) {
574 		if (stat(savefile, &sb) == 0)
575 			restart_point = sb.st_size;
576 	}
577 	if (urltype == FILE_URL_T) {		/* file:// URLs */
578 		direction = "copied";
579 		fin = fopen(decodedpath, "r");
580 		if (fin == NULL) {
581 			warn("Can't open `%s'", decodedpath);
582 			goto cleanup_fetch_url;
583 		}
584 		if (fstat(fileno(fin), &sb) == 0) {
585 			mtime = sb.st_mtime;
586 			filesize = sb.st_size;
587 		}
588 		if (restart_point) {
589 			if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) {
590 				warn("Can't seek to restart `%s'",
591 				    decodedpath);
592 				goto cleanup_fetch_url;
593 			}
594 		}
595 		if (verbose) {
596 			fprintf(ttyout, "Copying %s", decodedpath);
597 			if (restart_point)
598 				fprintf(ttyout, " (restarting at " LLF ")",
599 				    (LLT)restart_point);
600 			fputs("\n", ttyout);
601 		}
602 	} else {				/* ftp:// or http:// URLs */
603 		const char *leading;
604 		int hasleading;
605 
606 		if (proxyenv == NULL) {
607 			if (urltype == HTTP_URL_T)
608 				proxyenv = getoptionvalue("http_proxy");
609 			else if (urltype == FTP_URL_T)
610 				proxyenv = getoptionvalue("ftp_proxy");
611 		}
612 		direction = "retrieved";
613 		if (! EMPTYSTRING(proxyenv)) {			/* use proxy */
614 			url_t purltype;
615 			char *phost, *ppath;
616 			char *pport, *no_proxy;
617 			in_port_t pportnum;
618 
619 			isproxy = 1;
620 
621 				/* check URL against list of no_proxied sites */
622 			no_proxy = getoptionvalue("no_proxy");
623 			if (! EMPTYSTRING(no_proxy)) {
624 				char *np, *np_copy, *np_iter;
625 				unsigned long np_port;
626 				size_t hlen, plen;
627 
628 				np_iter = np_copy = ftp_strdup(no_proxy);
629 				hlen = strlen(host);
630 				while ((cp = strsep(&np_iter, " ,")) != NULL) {
631 					if (*cp == '\0')
632 						continue;
633 					if ((np = strrchr(cp, ':')) != NULL) {
634 						*np++ =  '\0';
635 						np_port = strtoul(np, &ep, 10);
636 						if (*np == '\0' || *ep != '\0')
637 							continue;
638 						if (np_port != portnum)
639 							continue;
640 					}
641 					plen = strlen(cp);
642 					if (hlen < plen)
643 						continue;
644 					if (strncasecmp(host + hlen - plen,
645 					    cp, plen) == 0) {
646 						isproxy = 0;
647 						break;
648 					}
649 				}
650 				FREEPTR(np_copy);
651 				if (isproxy == 0 && urltype == FTP_URL_T) {
652 					rval = fetch_ftp(url);
653 					goto cleanup_fetch_url;
654 				}
655 			}
656 
657 			if (isproxy) {
658 				if (restart_point) {
659 					warnx("Can't restart via proxy URL `%s'",
660 					    proxyenv);
661 					goto cleanup_fetch_url;
662 				}
663 				if (parse_url(proxyenv, "proxy URL", &purltype,
664 				    &puser, &ppass, &phost, &pport, &pportnum,
665 				    &ppath) == -1)
666 					goto cleanup_fetch_url;
667 
668 				if ((purltype != HTTP_URL_T
669 				     && purltype != FTP_URL_T) ||
670 				    EMPTYSTRING(phost) ||
671 				    (! EMPTYSTRING(ppath)
672 				     && strcmp(ppath, "/") != 0)) {
673 					warnx("Malformed proxy URL `%s'",
674 					    proxyenv);
675 					FREEPTR(phost);
676 					FREEPTR(pport);
677 					FREEPTR(ppath);
678 					goto cleanup_fetch_url;
679 				}
680 				if (isipv6addr(host) &&
681 				    strchr(host, '%') != NULL) {
682 					warnx(
683 "Scoped address notation `%s' disallowed via web proxy",
684 					    host);
685 					FREEPTR(phost);
686 					FREEPTR(pport);
687 					FREEPTR(ppath);
688 					goto cleanup_fetch_url;
689 				}
690 
691 				FREEPTR(host);
692 				host = phost;
693 				FREEPTR(port);
694 				port = pport;
695 				FREEPTR(path);
696 				path = ftp_strdup(url);
697 				FREEPTR(ppath);
698 			}
699 		} /* ! EMPTYSTRING(proxyenv) */
700 
701 		memset(&hints, 0, sizeof(hints));
702 		hints.ai_flags = 0;
703 		hints.ai_family = family;
704 		hints.ai_socktype = SOCK_STREAM;
705 		hints.ai_protocol = 0;
706 		error = getaddrinfo(host, port, &hints, &res0);
707 		if (error) {
708 			warnx("Can't lookup `%s:%s': %s", host, port,
709 			    (error == EAI_SYSTEM) ? strerror(errno)
710 						  : gai_strerror(error));
711 			goto cleanup_fetch_url;
712 		}
713 		if (res0->ai_canonname)
714 			host = res0->ai_canonname;
715 
716 		s = -1;
717 		for (res = res0; res; res = res->ai_next) {
718 			char	hname[NI_MAXHOST], sname[NI_MAXSERV];
719 
720 			ai_unmapped(res);
721 			if (getnameinfo(res->ai_addr, res->ai_addrlen,
722 			    hname, sizeof(hname), sname, sizeof(sname),
723 			    NI_NUMERICHOST | NI_NUMERICSERV) != 0) {
724 				strlcpy(hname, "?", sizeof(hname));
725 				strlcpy(sname, "?", sizeof(sname));
726 			}
727 
728 			if (verbose && res0->ai_next) {
729 				fprintf(ttyout, "Trying %s:%s ...\n",
730 				    hname, sname);
731 			}
732 
733 			s = socket(res->ai_family, SOCK_STREAM,
734 			    res->ai_protocol);
735 			if (s < 0) {
736 				warn(
737 				    "Can't create socket for connection to "
738 				    "`%s:%s'", hname, sname);
739 				continue;
740 			}
741 
742 			if (ftp_connect(s, res->ai_addr, res->ai_addrlen) < 0) {
743 				close(s);
744 				s = -1;
745 				continue;
746 			}
747 
748 			/* success */
749 			break;
750 		}
751 
752 		if (s < 0) {
753 			warnx("Can't connect to `%s:%s'", host, port);
754 			goto cleanup_fetch_url;
755 		}
756 
757 		fin = fdopen(s, "r+");
758 		/*
759 		 * Construct and send the request.
760 		 */
761 		if (verbose)
762 			fprintf(ttyout, "Requesting %s\n", url);
763 		leading = "  (";
764 		hasleading = 0;
765 		if (isproxy) {
766 			if (verbose) {
767 				fprintf(ttyout, "%svia %s:%s", leading,
768 				    host, port);
769 				leading = ", ";
770 				hasleading++;
771 			}
772 			fprintf(fin, "GET %s HTTP/1.0\r\n", path);
773 			if (flushcache)
774 				fprintf(fin, "Pragma: no-cache\r\n");
775 		} else {
776 			fprintf(fin, "GET %s HTTP/1.1\r\n", path);
777 			if (strchr(host, ':')) {
778 				char *h, *p;
779 
780 				/*
781 				 * strip off IPv6 scope identifier, since it is
782 				 * local to the node
783 				 */
784 				h = ftp_strdup(host);
785 				if (isipv6addr(h) &&
786 				    (p = strchr(h, '%')) != NULL) {
787 					*p = '\0';
788 				}
789 				fprintf(fin, "Host: [%s]", h);
790 				free(h);
791 			} else
792 				fprintf(fin, "Host: %s", host);
793 			if (portnum != HTTP_PORT)
794 				fprintf(fin, ":%u", portnum);
795 			fprintf(fin, "\r\n");
796 			fprintf(fin, "Accept: */*\r\n");
797 			fprintf(fin, "Connection: close\r\n");
798 			if (restart_point) {
799 				fputs(leading, ttyout);
800 				fprintf(fin, "Range: bytes=" LLF "-\r\n",
801 				    (LLT)restart_point);
802 				fprintf(ttyout, "restarting at " LLF,
803 				    (LLT)restart_point);
804 				leading = ", ";
805 				hasleading++;
806 			}
807 			if (flushcache)
808 				fprintf(fin, "Cache-Control: no-cache\r\n");
809 		}
810 		if ((useragent=getenv("FTPUSERAGENT")) != NULL) {
811 			fprintf(fin, "User-Agent: %s\r\n", useragent);
812 		} else {
813 			fprintf(fin, "User-Agent: %s/%s\r\n",
814 			    FTP_PRODUCT, FTP_VERSION);
815 		}
816 		if (wwwauth) {
817 			if (verbose) {
818 				fprintf(ttyout, "%swith authorization",
819 				    leading);
820 				leading = ", ";
821 				hasleading++;
822 			}
823 			fprintf(fin, "Authorization: %s\r\n", wwwauth);
824 		}
825 		if (proxyauth) {
826 			if (verbose) {
827 				fprintf(ttyout,
828 				    "%swith proxy authorization", leading);
829 				leading = ", ";
830 				hasleading++;
831 			}
832 			fprintf(fin, "Proxy-Authorization: %s\r\n", proxyauth);
833 		}
834 		if (verbose && hasleading)
835 			fputs(")\n", ttyout);
836 		fprintf(fin, "\r\n");
837 		if (fflush(fin) == EOF) {
838 			warn("Writing HTTP request");
839 			goto cleanup_fetch_url;
840 		}
841 
842 				/* Read the response */
843 		len = get_line(fin, buf, sizeof(buf), &errormsg);
844 		if (len < 0) {
845 			if (*errormsg == '\n')
846 				errormsg++;
847 			warnx("Receiving HTTP reply: %s", errormsg);
848 			goto cleanup_fetch_url;
849 		}
850 		while (len > 0 && (ISLWS(buf[len-1])))
851 			buf[--len] = '\0';
852 		DPRINTF("fetch_url: received `%s'\n", buf);
853 
854 				/* Determine HTTP response code */
855 		cp = strchr(buf, ' ');
856 		if (cp == NULL)
857 			goto improper;
858 		else
859 			cp++;
860 		hcode = strtol(cp, &ep, 10);
861 		if (*ep != '\0' && !isspace((unsigned char)*ep))
862 			goto improper;
863 		message = ftp_strdup(cp);
864 
865 				/* Read the rest of the header. */
866 		while (1) {
867 			len = get_line(fin, buf, sizeof(buf), &errormsg);
868 			if (len < 0) {
869 				if (*errormsg == '\n')
870 					errormsg++;
871 				warnx("Receiving HTTP reply: %s", errormsg);
872 				goto cleanup_fetch_url;
873 			}
874 			while (len > 0 && (ISLWS(buf[len-1])))
875 				buf[--len] = '\0';
876 			if (len == 0)
877 				break;
878 			DPRINTF("fetch_url: received `%s'\n", buf);
879 
880 		/*
881 		 * Look for some headers
882 		 */
883 
884 			cp = buf;
885 
886 			if (match_token(&cp, "Content-Length:")) {
887 				filesize = STRTOLL(cp, &ep, 10);
888 				if (filesize < 0 || *ep != '\0')
889 					goto improper;
890 				DPRINTF("fetch_url: parsed len as: " LLF "\n",
891 				    (LLT)filesize);
892 
893 			} else if (match_token(&cp, "Content-Range:")) {
894 				if (! match_token(&cp, "bytes"))
895 					goto improper;
896 
897 				if (*cp == '*')
898 					cp++;
899 				else {
900 					rangestart = STRTOLL(cp, &ep, 10);
901 					if (rangestart < 0 || *ep != '-')
902 						goto improper;
903 					cp = ep + 1;
904 					rangeend = STRTOLL(cp, &ep, 10);
905 					if (rangeend < 0 || rangeend < rangestart)
906 						goto improper;
907 					cp = ep;
908 				}
909 				if (*cp != '/')
910 					goto improper;
911 				cp++;
912 				if (*cp == '*')
913 					cp++;
914 				else {
915 					entitylen = STRTOLL(cp, &ep, 10);
916 					if (entitylen < 0)
917 						goto improper;
918 					cp = ep;
919 				}
920 				if (*cp != '\0')
921 					goto improper;
922 
923 #ifndef NO_DEBUG
924 				if (ftp_debug) {
925 					fprintf(ttyout, "parsed range as: ");
926 					if (rangestart == -1)
927 						fprintf(ttyout, "*");
928 					else
929 						fprintf(ttyout, LLF "-" LLF,
930 						    (LLT)rangestart,
931 						    (LLT)rangeend);
932 					fprintf(ttyout, "/" LLF "\n", (LLT)entitylen);
933 				}
934 #endif
935 				if (! restart_point) {
936 					warnx(
937 				    "Received unexpected Content-Range header");
938 					goto cleanup_fetch_url;
939 				}
940 
941 			} else if (match_token(&cp, "Last-Modified:")) {
942 				struct tm parsed;
943 				char *t;
944 
945 				memset(&parsed, 0, sizeof(parsed));
946 							/* RFC1123 */
947 				if ((t = strptime(cp,
948 						"%a, %d %b %Y %H:%M:%S GMT",
949 						&parsed))
950 							/* RFC0850 */
951 				    || (t = strptime(cp,
952 						"%a, %d-%b-%y %H:%M:%S GMT",
953 						&parsed))
954 							/* asctime */
955 				    || (t = strptime(cp,
956 						"%a, %b %d %H:%M:%S %Y",
957 						&parsed))) {
958 					parsed.tm_isdst = -1;
959 					if (*t == '\0')
960 						mtime = timegm(&parsed);
961 #ifndef NO_DEBUG
962 					if (ftp_debug && mtime != -1) {
963 						fprintf(ttyout,
964 						    "parsed date as: %s",
965 						rfc2822time(localtime(&mtime)));
966 					}
967 #endif
968 				}
969 
970 			} else if (match_token(&cp, "Location:")) {
971 				location = ftp_strdup(cp);
972 				DPRINTF("fetch_url: parsed location as `%s'\n",
973 				    cp);
974 
975 			} else if (match_token(&cp, "Transfer-Encoding:")) {
976 				if (match_token(&cp, "binary")) {
977 					warnx(
978 			"Bogus transfer encoding `binary' (fetching anyway)");
979 					continue;
980 				}
981 				if (! (token = match_token(&cp, "chunked"))) {
982 					warnx(
983 				    "Unsupported transfer encoding `%s'",
984 					    token);
985 					goto cleanup_fetch_url;
986 				}
987 				ischunked++;
988 				DPRINTF("fetch_url: using chunked encoding\n");
989 
990 			} else if (match_token(&cp, "Proxy-Authenticate:")
991 				|| match_token(&cp, "WWW-Authenticate:")) {
992 				if (! (token = match_token(&cp, "Basic"))) {
993 					DPRINTF(
994 			"fetch_url: skipping unknown auth scheme `%s'\n",
995 						    token);
996 					continue;
997 				}
998 				FREEPTR(auth);
999 				auth = ftp_strdup(token);
1000 				DPRINTF("fetch_url: parsed auth as `%s'\n", cp);
1001 			}
1002 
1003 		}
1004 				/* finished parsing header */
1005 
1006 		switch (hcode) {
1007 		case 200:
1008 			break;
1009 		case 206:
1010 			if (! restart_point) {
1011 				warnx("Not expecting partial content header");
1012 				goto cleanup_fetch_url;
1013 			}
1014 			break;
1015 		case 300:
1016 		case 301:
1017 		case 302:
1018 		case 303:
1019 		case 305:
1020 		case 307:
1021 			if (EMPTYSTRING(location)) {
1022 				warnx(
1023 				"No redirection Location provided by server");
1024 				goto cleanup_fetch_url;
1025 			}
1026 			if (redirect_loop++ > 5) {
1027 				warnx("Too many redirections requested");
1028 				goto cleanup_fetch_url;
1029 			}
1030 			if (hcode == 305) {
1031 				if (verbose)
1032 					fprintf(ttyout, "Redirected via %s\n",
1033 					    location);
1034 				rval = fetch_url(url, location,
1035 				    proxyauth, wwwauth);
1036 			} else {
1037 				if (verbose)
1038 					fprintf(ttyout, "Redirected to %s\n",
1039 					    location);
1040 				rval = go_fetch(location);
1041 			}
1042 			goto cleanup_fetch_url;
1043 #ifndef NO_AUTH
1044 		case 401:
1045 		case 407:
1046 		    {
1047 			char **authp;
1048 			char *auser, *apass;
1049 
1050 			if (hcode == 401) {
1051 				authp = &wwwauth;
1052 				auser = uuser;
1053 				apass = pass;
1054 			} else {
1055 				authp = &proxyauth;
1056 				auser = puser;
1057 				apass = ppass;
1058 			}
1059 			if (verbose || *authp == NULL ||
1060 			    auser == NULL || apass == NULL)
1061 				fprintf(ttyout, "%s\n", message);
1062 			if (EMPTYSTRING(auth)) {
1063 				warnx(
1064 			    "No authentication challenge provided by server");
1065 				goto cleanup_fetch_url;
1066 			}
1067 			if (*authp != NULL) {
1068 				char reply[10];
1069 
1070 				fprintf(ttyout,
1071 				    "Authorization failed. Retry (y/n)? ");
1072 				if (get_line(stdin, reply, sizeof(reply), NULL)
1073 				    < 0) {
1074 					goto cleanup_fetch_url;
1075 				}
1076 				if (tolower((unsigned char)reply[0]) != 'y')
1077 					goto cleanup_fetch_url;
1078 				auser = NULL;
1079 				apass = NULL;
1080 			}
1081 			if (auth_url(auth, authp, auser, apass) == 0) {
1082 				rval = fetch_url(url, proxyenv,
1083 				    proxyauth, wwwauth);
1084 				memset(*authp, 0, strlen(*authp));
1085 				FREEPTR(*authp);
1086 			}
1087 			goto cleanup_fetch_url;
1088 		    }
1089 #endif
1090 		default:
1091 			if (message)
1092 				warnx("Error retrieving file `%s'", message);
1093 			else
1094 				warnx("Unknown error retrieving file");
1095 			goto cleanup_fetch_url;
1096 		}
1097 	}		/* end of ftp:// or http:// specific setup */
1098 
1099 			/* Open the output file. */
1100 
1101 	/*
1102 	 * Only trust filenames with special meaning if they came from
1103 	 * the command line
1104 	 */
1105 	if (outfile == savefile) {
1106 		if (strcmp(savefile, "-") == 0) {
1107 			fout = stdout;
1108 		} else if (*savefile == '|') {
1109 			oldintp = xsignal(SIGPIPE, SIG_IGN);
1110 			fout = popen(savefile + 1, "w");
1111 			if (fout == NULL) {
1112 				warn("Can't execute `%s'", savefile + 1);
1113 				goto cleanup_fetch_url;
1114 			}
1115 			closefunc = pclose;
1116 		}
1117 	}
1118 	if (fout == NULL) {
1119 		if ((rangeend != -1 && rangeend <= restart_point) ||
1120 		    (rangestart == -1 && filesize != -1 && filesize <= restart_point)) {
1121 			/* already done */
1122 			if (verbose)
1123 				fprintf(ttyout, "already done\n");
1124 			rval = 0;
1125 			goto cleanup_fetch_url;
1126 		}
1127 		if (restart_point && rangestart != -1) {
1128 			if (entitylen != -1)
1129 				filesize = entitylen;
1130 			if (rangestart != restart_point) {
1131 				warnx(
1132 				    "Size of `%s' differs from save file `%s'",
1133 				    url, savefile);
1134 				goto cleanup_fetch_url;
1135 			}
1136 			fout = fopen(savefile, "a");
1137 		} else
1138 			fout = fopen(savefile, "w");
1139 		if (fout == NULL) {
1140 			warn("Can't open `%s'", savefile);
1141 			goto cleanup_fetch_url;
1142 		}
1143 		closefunc = fclose;
1144 	}
1145 
1146 			/* Trap signals */
1147 	if (sigsetjmp(httpabort, 1))
1148 		goto cleanup_fetch_url;
1149 	(void)xsignal(SIGQUIT, psummary);
1150 	oldintr = xsignal(SIGINT, aborthttp);
1151 
1152 	if ((size_t)rcvbuf_size > bufsize) {
1153 		if (xferbuf)
1154 			(void)free(xferbuf);
1155 		bufsize = rcvbuf_size;
1156 		xferbuf = ftp_malloc(bufsize);
1157 	}
1158 
1159 	bytes = 0;
1160 	hashbytes = mark;
1161 	progressmeter(-1);
1162 
1163 			/* Finally, suck down the file. */
1164 	do {
1165 		long chunksize;
1166 		short lastchunk;
1167 
1168 		chunksize = 0;
1169 		lastchunk = 0;
1170 					/* read chunk-size */
1171 		if (ischunked) {
1172 			if (fgets(xferbuf, bufsize, fin) == NULL) {
1173 				warnx("Unexpected EOF reading chunk-size");
1174 				goto cleanup_fetch_url;
1175 			}
1176 			errno = 0;
1177 			chunksize = strtol(xferbuf, &ep, 16);
1178 			if (ep == xferbuf) {
1179 				warnx("Invalid chunk-size");
1180 				goto cleanup_fetch_url;
1181 			}
1182 			if (errno == ERANGE || chunksize < 0) {
1183 				errno = ERANGE;
1184 				warn("Chunk-size `%.*s'",
1185 				    (int)(ep-xferbuf), xferbuf);
1186 				goto cleanup_fetch_url;
1187 			}
1188 
1189 				/*
1190 				 * XXX:	Work around bug in Apache 1.3.9 and
1191 				 *	1.3.11, which incorrectly put trailing
1192 				 *	space after the chunk-size.
1193 				 */
1194 			while (*ep == ' ')
1195 				ep++;
1196 
1197 					/* skip [ chunk-ext ] */
1198 			if (*ep == ';') {
1199 				while (*ep && *ep != '\r')
1200 					ep++;
1201 			}
1202 
1203 			if (strcmp(ep, "\r\n") != 0) {
1204 				warnx("Unexpected data following chunk-size");
1205 				goto cleanup_fetch_url;
1206 			}
1207 			DPRINTF("fetch_url: got chunk-size of " LLF "\n",
1208 			    (LLT)chunksize);
1209 			if (chunksize == 0) {
1210 				lastchunk = 1;
1211 				goto chunkdone;
1212 			}
1213 		}
1214 					/* transfer file or chunk */
1215 		while (1) {
1216 			struct timeval then, now, td;
1217 			off_t bufrem;
1218 
1219 			if (rate_get)
1220 				(void)gettimeofday(&then, NULL);
1221 			bufrem = rate_get ? rate_get : (off_t)bufsize;
1222 			if (ischunked)
1223 				bufrem = MIN(chunksize, bufrem);
1224 			while (bufrem > 0) {
1225 				flen = fread(xferbuf, sizeof(char),
1226 				    MIN((off_t)bufsize, bufrem), fin);
1227 				if (flen <= 0)
1228 					goto chunkdone;
1229 				bytes += flen;
1230 				bufrem -= flen;
1231 				if (fwrite(xferbuf, sizeof(char), flen, fout)
1232 				    != flen) {
1233 					warn("Writing `%s'", savefile);
1234 					goto cleanup_fetch_url;
1235 				}
1236 				if (hash && !progress) {
1237 					while (bytes >= hashbytes) {
1238 						(void)putc('#', ttyout);
1239 						hashbytes += mark;
1240 					}
1241 					(void)fflush(ttyout);
1242 				}
1243 				if (ischunked) {
1244 					chunksize -= flen;
1245 					if (chunksize <= 0)
1246 						break;
1247 				}
1248 			}
1249 			if (rate_get) {
1250 				while (1) {
1251 					(void)gettimeofday(&now, NULL);
1252 					timersub(&now, &then, &td);
1253 					if (td.tv_sec > 0)
1254 						break;
1255 					usleep(1000000 - td.tv_usec);
1256 				}
1257 			}
1258 			if (ischunked && chunksize <= 0)
1259 				break;
1260 		}
1261 					/* read CRLF after chunk*/
1262  chunkdone:
1263 		if (ischunked) {
1264 			if (fgets(xferbuf, bufsize, fin) == NULL) {
1265 				warnx("Unexpected EOF reading chunk CRLF");
1266 				goto cleanup_fetch_url;
1267 			}
1268 			if (strcmp(xferbuf, "\r\n") != 0) {
1269 				warnx("Unexpected data following chunk");
1270 				goto cleanup_fetch_url;
1271 			}
1272 			if (lastchunk)
1273 				break;
1274 		}
1275 	} while (ischunked);
1276 
1277 /* XXX: deal with optional trailer & CRLF here? */
1278 
1279 	if (hash && !progress && bytes > 0) {
1280 		if (bytes < mark)
1281 			(void)putc('#', ttyout);
1282 		(void)putc('\n', ttyout);
1283 	}
1284 	if (ferror(fin)) {
1285 		warn("Reading file");
1286 		goto cleanup_fetch_url;
1287 	}
1288 	progressmeter(1);
1289 	(void)fflush(fout);
1290 	if (closefunc == fclose && mtime != -1) {
1291 		struct timeval tval[2];
1292 
1293 		(void)gettimeofday(&tval[0], NULL);
1294 		tval[1].tv_sec = mtime;
1295 		tval[1].tv_usec = 0;
1296 		(*closefunc)(fout);
1297 		fout = NULL;
1298 
1299 		if (utimes(savefile, tval) == -1) {
1300 			fprintf(ttyout,
1301 			    "Can't change modification time to %s",
1302 			    rfc2822time(localtime(&mtime)));
1303 		}
1304 	}
1305 	if (bytes > 0)
1306 		ptransfer(0);
1307 	bytes = 0;
1308 
1309 	rval = 0;
1310 	goto cleanup_fetch_url;
1311 
1312  improper:
1313 	warnx("Improper response from `%s:%s'", host, port);
1314 
1315  cleanup_fetch_url:
1316 	if (oldintr)
1317 		(void)xsignal(SIGINT, oldintr);
1318 	if (oldintp)
1319 		(void)xsignal(SIGPIPE, oldintp);
1320 	if (fin != NULL)
1321 		fclose(fin);
1322 	else if (s != -1)
1323 		close(s);
1324 	if (closefunc != NULL && fout != NULL)
1325 		(*closefunc)(fout);
1326 	if (res0)
1327 		freeaddrinfo(res0);
1328 	if (savefile != outfile)
1329 		FREEPTR(savefile);
1330 	FREEPTR(uuser);
1331 	if (pass != NULL)
1332 		memset(pass, 0, strlen(pass));
1333 	FREEPTR(pass);
1334 	FREEPTR(host);
1335 	FREEPTR(port);
1336 	FREEPTR(path);
1337 	FREEPTR(decodedpath);
1338 	FREEPTR(puser);
1339 	if (ppass != NULL)
1340 		memset(ppass, 0, strlen(ppass));
1341 	FREEPTR(ppass);
1342 	FREEPTR(auth);
1343 	FREEPTR(location);
1344 	FREEPTR(message);
1345 	return (rval);
1346 }
1347 
1348 /*
1349  * Abort a HTTP retrieval
1350  */
1351 void
aborthttp(int notused)1352 aborthttp(int notused)
1353 {
1354 	char msgbuf[100];
1355 	size_t len;
1356 
1357 	sigint_raised = 1;
1358 	alarmtimer(0);
1359 	len = strlcpy(msgbuf, "\nHTTP fetch aborted.\n", sizeof(msgbuf));
1360 	write(fileno(ttyout), msgbuf, len);
1361 	siglongjmp(httpabort, 1);
1362 }
1363 
1364 /*
1365  * Retrieve ftp URL or classic ftp argument using FTP.
1366  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1367  * is still open (e.g, ftp xfer with trailing /)
1368  */
1369 static int
fetch_ftp(const char * url)1370 fetch_ftp(const char *url)
1371 {
1372 	char		*cp, *xargv[5], rempath[MAXPATHLEN];
1373 	char		*host, *path, *dir, *file, *uuser, *pass;
1374 	char		*port;
1375 	char		 cmdbuf[MAXPATHLEN];
1376 	char		 dirbuf[4];
1377 	int		 dirhasglob, filehasglob, rval, transtype, xargc;
1378 	int		 oanonftp, oautologin;
1379 	in_port_t	 portnum;
1380 	url_t		 urltype;
1381 
1382 	DPRINTF("fetch_ftp: `%s'\n", url);
1383 	host = path = dir = file = uuser = pass = NULL;
1384 	port = NULL;
1385 	rval = 1;
1386 	transtype = TYPE_I;
1387 
1388 	if (STRNEQUAL(url, FTP_URL)) {
1389 		if ((parse_url(url, "URL", &urltype, &uuser, &pass,
1390 		    &host, &port, &portnum, &path) == -1) ||
1391 		    (uuser != NULL && *uuser == '\0') ||
1392 		    EMPTYSTRING(host)) {
1393 			warnx("Invalid URL `%s'", url);
1394 			goto cleanup_fetch_ftp;
1395 		}
1396 		/*
1397 		 * Note: Don't url_decode(path) here.  We need to keep the
1398 		 * distinction between "/" and "%2F" until later.
1399 		 */
1400 
1401 					/* check for trailing ';type=[aid]' */
1402 		if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) {
1403 			if (strcasecmp(cp, ";type=a") == 0)
1404 				transtype = TYPE_A;
1405 			else if (strcasecmp(cp, ";type=i") == 0)
1406 				transtype = TYPE_I;
1407 			else if (strcasecmp(cp, ";type=d") == 0) {
1408 				warnx(
1409 			    "Directory listing via a URL is not supported");
1410 				goto cleanup_fetch_ftp;
1411 			} else {
1412 				warnx("Invalid suffix `%s' in URL `%s'", cp,
1413 				    url);
1414 				goto cleanup_fetch_ftp;
1415 			}
1416 			*cp = 0;
1417 		}
1418 	} else {			/* classic style `[user@]host:[file]' */
1419 		urltype = CLASSIC_URL_T;
1420 		host = ftp_strdup(url);
1421 		cp = strchr(host, '@');
1422 		if (cp != NULL) {
1423 			*cp = '\0';
1424 			uuser = host;
1425 			anonftp = 0;	/* disable anonftp */
1426 			host = ftp_strdup(cp + 1);
1427 		}
1428 		cp = strchr(host, ':');
1429 		if (cp != NULL) {
1430 			*cp = '\0';
1431 			path = ftp_strdup(cp + 1);
1432 		}
1433 	}
1434 	if (EMPTYSTRING(host))
1435 		goto cleanup_fetch_ftp;
1436 
1437 			/* Extract the file and (if present) directory name. */
1438 	dir = path;
1439 	if (! EMPTYSTRING(dir)) {
1440 		/*
1441 		 * If we are dealing with classic `[user@]host:[path]' syntax,
1442 		 * then a path of the form `/file' (resulting from input of the
1443 		 * form `host:/file') means that we should do "CWD /" before
1444 		 * retrieving the file.  So we set dir="/" and file="file".
1445 		 *
1446 		 * But if we are dealing with URLs like `ftp://host/path' then
1447 		 * a path of the form `/file' (resulting from a URL of the form
1448 		 * `ftp://host//file') means that we should do `CWD ' (with an
1449 		 * empty argument) before retrieving the file.  So we set
1450 		 * dir="" and file="file".
1451 		 *
1452 		 * If the path does not contain / at all, we set dir=NULL.
1453 		 * (We get a path without any slashes if we are dealing with
1454 		 * classic `[user@]host:[file]' or URL `ftp://host/file'.)
1455 		 *
1456 		 * In all other cases, we set dir to a string that does not
1457 		 * include the final '/' that separates the dir part from the
1458 		 * file part of the path.  (This will be the empty string if
1459 		 * and only if we are dealing with a path of the form `/file'
1460 		 * resulting from an URL of the form `ftp://host//file'.)
1461 		 */
1462 		cp = strrchr(dir, '/');
1463 		if (cp == dir && urltype == CLASSIC_URL_T) {
1464 			file = cp + 1;
1465 			(void)strlcpy(dirbuf, "/", sizeof(dirbuf));
1466 			dir = dirbuf;
1467 		} else if (cp != NULL) {
1468 			*cp++ = '\0';
1469 			file = cp;
1470 		} else {
1471 			file = dir;
1472 			dir = NULL;
1473 		}
1474 	} else
1475 		dir = NULL;
1476 	if (urltype == FTP_URL_T && file != NULL) {
1477 		url_decode(file);
1478 		/* but still don't url_decode(dir) */
1479 	}
1480 	DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s "
1481 	    "path `%s' dir `%s' file `%s'\n",
1482 	    STRorNULL(uuser), STRorNULL(pass),
1483 	    STRorNULL(host), STRorNULL(port),
1484 	    STRorNULL(path), STRorNULL(dir), STRorNULL(file));
1485 
1486 	dirhasglob = filehasglob = 0;
1487 	if (doglob && urltype == CLASSIC_URL_T) {
1488 		if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL)
1489 			dirhasglob = 1;
1490 		if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL)
1491 			filehasglob = 1;
1492 	}
1493 
1494 			/* Set up the connection */
1495 	oanonftp = anonftp;
1496 	if (connected)
1497 		disconnect(0, NULL);
1498 	anonftp = oanonftp;
1499 	(void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf));
1500 	xargv[0] = cmdbuf;
1501 	xargv[1] = host;
1502 	xargv[2] = NULL;
1503 	xargc = 2;
1504 	if (port) {
1505 		xargv[2] = port;
1506 		xargv[3] = NULL;
1507 		xargc = 3;
1508 	}
1509 	oautologin = autologin;
1510 		/* don't autologin in setpeer(), use ftp_login() below */
1511 	autologin = 0;
1512 	setpeer(xargc, xargv);
1513 	autologin = oautologin;
1514 	if ((connected == 0) ||
1515 	    (connected == 1 && !ftp_login(host, uuser, pass))) {
1516 		warnx("Can't connect or login to host `%s:%s'",
1517 			host, port ? port : "?");
1518 		goto cleanup_fetch_ftp;
1519 	}
1520 
1521 	switch (transtype) {
1522 	case TYPE_A:
1523 		setascii(1, xargv);
1524 		break;
1525 	case TYPE_I:
1526 		setbinary(1, xargv);
1527 		break;
1528 	default:
1529 		errx(1, "fetch_ftp: unknown transfer type %d", transtype);
1530 	}
1531 
1532 		/*
1533 		 * Change directories, if necessary.
1534 		 *
1535 		 * Note: don't use EMPTYSTRING(dir) below, because
1536 		 * dir=="" means something different from dir==NULL.
1537 		 */
1538 	if (dir != NULL && !dirhasglob) {
1539 		char *nextpart;
1540 
1541 		/*
1542 		 * If we are dealing with a classic `[user@]host:[path]'
1543 		 * (urltype is CLASSIC_URL_T) then we have a raw directory
1544 		 * name (not encoded in any way) and we can change
1545 		 * directories in one step.
1546 		 *
1547 		 * If we are dealing with an `ftp://host/path' URL
1548 		 * (urltype is FTP_URL_T), then RFC3986 says we need to
1549 		 * send a separate CWD command for each unescaped "/"
1550 		 * in the path, and we have to interpret %hex escaping
1551 		 * *after* we find the slashes.  It's possible to get
1552 		 * empty components here, (from multiple adjacent
1553 		 * slashes in the path) and RFC3986 says that we should
1554 		 * still do `CWD ' (with a null argument) in such cases.
1555 		 *
1556 		 * Many ftp servers don't support `CWD ', so if there's an
1557 		 * error performing that command, bail out with a descriptive
1558 		 * message.
1559 		 *
1560 		 * Examples:
1561 		 *
1562 		 * host:			dir="", urltype=CLASSIC_URL_T
1563 		 *		logged in (to default directory)
1564 		 * host:file			dir=NULL, urltype=CLASSIC_URL_T
1565 		 *		"RETR file"
1566 		 * host:dir/			dir="dir", urltype=CLASSIC_URL_T
1567 		 *		"CWD dir", logged in
1568 		 * ftp://host/			dir="", urltype=FTP_URL_T
1569 		 *		logged in (to default directory)
1570 		 * ftp://host/dir/		dir="dir", urltype=FTP_URL_T
1571 		 *		"CWD dir", logged in
1572 		 * ftp://host/file		dir=NULL, urltype=FTP_URL_T
1573 		 *		"RETR file"
1574 		 * ftp://host//file		dir="", urltype=FTP_URL_T
1575 		 *		"CWD ", "RETR file"
1576 		 * host:/file			dir="/", urltype=CLASSIC_URL_T
1577 		 *		"CWD /", "RETR file"
1578 		 * ftp://host///file		dir="/", urltype=FTP_URL_T
1579 		 *		"CWD ", "CWD ", "RETR file"
1580 		 * ftp://host/%2F/file		dir="%2F", urltype=FTP_URL_T
1581 		 *		"CWD /", "RETR file"
1582 		 * ftp://host/foo/file		dir="foo", urltype=FTP_URL_T
1583 		 *		"CWD foo", "RETR file"
1584 		 * ftp://host/foo/bar/file	dir="foo/bar"
1585 		 *		"CWD foo", "CWD bar", "RETR file"
1586 		 * ftp://host//foo/bar/file	dir="/foo/bar"
1587 		 *		"CWD ", "CWD foo", "CWD bar", "RETR file"
1588 		 * ftp://host/foo//bar/file	dir="foo//bar"
1589 		 *		"CWD foo", "CWD ", "CWD bar", "RETR file"
1590 		 * ftp://host/%2F/foo/bar/file	dir="%2F/foo/bar"
1591 		 *		"CWD /", "CWD foo", "CWD bar", "RETR file"
1592 		 * ftp://host/%2Ffoo/bar/file	dir="%2Ffoo/bar"
1593 		 *		"CWD /foo", "CWD bar", "RETR file"
1594 		 * ftp://host/%2Ffoo%2Fbar/file	dir="%2Ffoo%2Fbar"
1595 		 *		"CWD /foo/bar", "RETR file"
1596 		 * ftp://host/%2Ffoo%2Fbar%2Ffile	dir=NULL
1597 		 *		"RETR /foo/bar/file"
1598 		 *
1599 		 * Note that we don't need `dir' after this point.
1600 		 */
1601 		do {
1602 			if (urltype == FTP_URL_T) {
1603 				nextpart = strchr(dir, '/');
1604 				if (nextpart) {
1605 					*nextpart = '\0';
1606 					nextpart++;
1607 				}
1608 				url_decode(dir);
1609 			} else
1610 				nextpart = NULL;
1611 			DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n",
1612 			    STRorNULL(dir), STRorNULL(nextpart));
1613 			if (urltype == FTP_URL_T || *dir != '\0') {
1614 				(void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf));
1615 				xargv[0] = cmdbuf;
1616 				xargv[1] = dir;
1617 				xargv[2] = NULL;
1618 				dirchange = 0;
1619 				cd(2, xargv);
1620 				if (! dirchange) {
1621 					if (*dir == '\0' && code == 500)
1622 						fprintf(stderr,
1623 "\n"
1624 "ftp: The `CWD ' command (without a directory), which is required by\n"
1625 "     RFC3986 to support the empty directory in the URL pathname (`//'),\n"
1626 "     conflicts with the server's conformance to RFC0959.\n"
1627 "     Try the same URL without the `//' in the URL pathname.\n"
1628 "\n");
1629 					goto cleanup_fetch_ftp;
1630 				}
1631 			}
1632 			dir = nextpart;
1633 		} while (dir != NULL);
1634 	}
1635 
1636 	if (EMPTYSTRING(file)) {
1637 		rval = -1;
1638 		goto cleanup_fetch_ftp;
1639 	}
1640 
1641 	if (dirhasglob) {
1642 		(void)strlcpy(rempath, dir,	sizeof(rempath));
1643 		(void)strlcat(rempath, "/",	sizeof(rempath));
1644 		(void)strlcat(rempath, file,	sizeof(rempath));
1645 		file = rempath;
1646 	}
1647 
1648 			/* Fetch the file(s). */
1649 	xargc = 2;
1650 	(void)strlcpy(cmdbuf, "get", sizeof(cmdbuf));
1651 	xargv[0] = cmdbuf;
1652 	xargv[1] = file;
1653 	xargv[2] = NULL;
1654 	if (dirhasglob || filehasglob) {
1655 		int ointeractive;
1656 
1657 		ointeractive = interactive;
1658 		interactive = 0;
1659 		if (restartautofetch)
1660 			(void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf));
1661 		else
1662 			(void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf));
1663 		xargv[0] = cmdbuf;
1664 		mget(xargc, xargv);
1665 		interactive = ointeractive;
1666 	} else {
1667 		if (outfile == NULL) {
1668 			cp = strrchr(file, '/');	/* find savefile */
1669 			if (cp != NULL)
1670 				outfile = cp + 1;
1671 			else
1672 				outfile = file;
1673 		}
1674 		xargv[2] = (char *)outfile;
1675 		xargv[3] = NULL;
1676 		xargc++;
1677 		if (restartautofetch)
1678 			reget(xargc, xargv);
1679 		else
1680 			get(xargc, xargv);
1681 	}
1682 
1683 	if ((code / 100) == COMPLETE)
1684 		rval = 0;
1685 
1686  cleanup_fetch_ftp:
1687 	FREEPTR(port);
1688 	FREEPTR(host);
1689 	FREEPTR(path);
1690 	FREEPTR(uuser);
1691 	if (pass)
1692 		memset(pass, 0, strlen(pass));
1693 	FREEPTR(pass);
1694 	return (rval);
1695 }
1696 
1697 /*
1698  * Retrieve the given file to outfile.
1699  * Supports arguments of the form:
1700  *	"host:path", "ftp://host/path"	if $ftpproxy, call fetch_url() else
1701  *					call fetch_ftp()
1702  *	"http://host/path"		call fetch_url() to use HTTP
1703  *	"file:///path"			call fetch_url() to copy
1704  *	"about:..."			print a message
1705  *
1706  * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1707  * is still open (e.g, ftp xfer with trailing /)
1708  */
1709 static int
go_fetch(const char * url)1710 go_fetch(const char *url)
1711 {
1712 	char *proxyenv;
1713 
1714 #ifndef NO_ABOUT
1715 	/*
1716 	 * Check for about:*
1717 	 */
1718 	if (STRNEQUAL(url, ABOUT_URL)) {
1719 		url += sizeof(ABOUT_URL) -1;
1720 		if (strcasecmp(url, "ftp") == 0 ||
1721 		    strcasecmp(url, "tnftp") == 0) {
1722 			fputs(
1723 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n"
1724 "for the NetBSD project.  Execute `man ftp' for more details.\n", ttyout);
1725 		} else if (strcasecmp(url, "lukem") == 0) {
1726 			fputs(
1727 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n"
1728 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout);
1729 		} else if (strcasecmp(url, "netbsd") == 0) {
1730 			fputs(
1731 "NetBSD is a freely available and redistributable UNIX-like operating system.\n"
1732 "For more information, see http://www.NetBSD.org/\n", ttyout);
1733 		} else if (strcasecmp(url, "version") == 0) {
1734 			fprintf(ttyout, "Version: %s %s%s\n",
1735 			    FTP_PRODUCT, FTP_VERSION,
1736 #ifdef INET6
1737 			    ""
1738 #else
1739 			    " (-IPv6)"
1740 #endif
1741 			);
1742 		} else {
1743 			fprintf(ttyout, "`%s' is an interesting topic.\n", url);
1744 		}
1745 		fputs("\n", ttyout);
1746 		return (0);
1747 	}
1748 #endif
1749 
1750 	/*
1751 	 * Check for file:// and http:// URLs.
1752 	 */
1753 	if (STRNEQUAL(url, HTTP_URL) || STRNEQUAL(url, FILE_URL))
1754 		return (fetch_url(url, NULL, NULL, NULL));
1755 
1756 	/*
1757 	 * Try FTP URL-style and host:file arguments next.
1758 	 * If ftpproxy is set with an FTP URL, use fetch_url()
1759 	 * Othewise, use fetch_ftp().
1760 	 */
1761 	proxyenv = getoptionvalue("ftp_proxy");
1762 	if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL))
1763 		return (fetch_url(url, NULL, NULL, NULL));
1764 
1765 	return (fetch_ftp(url));
1766 }
1767 
1768 /*
1769  * Retrieve multiple files from the command line,
1770  * calling go_fetch() for each file.
1771  *
1772  * If an ftp path has a trailing "/", the path will be cd-ed into and
1773  * the connection remains open, and the function will return -1
1774  * (to indicate the connection is alive).
1775  * If an error occurs the return value will be the offset+1 in
1776  * argv[] of the file that caused a problem (i.e, argv[x]
1777  * returns x+1)
1778  * Otherwise, 0 is returned if all files retrieved successfully.
1779  */
1780 int
auto_fetch(int argc,char * argv[])1781 auto_fetch(int argc, char *argv[])
1782 {
1783 	volatile int	argpos, rval;
1784 
1785 	argpos = rval = 0;
1786 
1787 	if (sigsetjmp(toplevel, 1)) {
1788 		if (connected)
1789 			disconnect(0, NULL);
1790 		if (rval > 0)
1791 			rval = argpos + 1;
1792 		return (rval);
1793 	}
1794 	(void)xsignal(SIGINT, intr);
1795 	(void)xsignal(SIGPIPE, lostpeer);
1796 
1797 	/*
1798 	 * Loop through as long as there's files to fetch.
1799 	 */
1800 	for (; (rval == 0) && (argpos < argc); argpos++) {
1801 		if (strchr(argv[argpos], ':') == NULL)
1802 			break;
1803 		redirect_loop = 0;
1804 		if (!anonftp)
1805 			anonftp = 2;	/* Handle "automatic" transfers. */
1806 		rval = go_fetch(argv[argpos]);
1807 		if (outfile != NULL && strcmp(outfile, "-") != 0
1808 		    && outfile[0] != '|')
1809 			outfile = NULL;
1810 		if (rval > 0)
1811 			rval = argpos + 1;
1812 	}
1813 
1814 	if (connected && rval != -1)
1815 		disconnect(0, NULL);
1816 	return (rval);
1817 }
1818 
1819 
1820 /*
1821  * Upload multiple files from the command line.
1822  *
1823  * If an error occurs the return value will be the offset+1 in
1824  * argv[] of the file that caused a problem (i.e, argv[x]
1825  * returns x+1)
1826  * Otherwise, 0 is returned if all files uploaded successfully.
1827  */
1828 int
auto_put(int argc,char ** argv,const char * uploadserver)1829 auto_put(int argc, char **argv, const char *uploadserver)
1830 {
1831 	char	*uargv[4], *path, *pathsep;
1832 	int	 uargc, rval, argpos;
1833 	size_t	 len;
1834 	char	 cmdbuf[MAX_C_NAME];
1835 
1836 	(void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf));
1837 	uargv[0] = cmdbuf;
1838 	uargv[1] = argv[0];
1839 	uargc = 2;
1840 	uargv[2] = uargv[3] = NULL;
1841 	pathsep = NULL;
1842 	rval = 1;
1843 
1844 	DPRINTF("auto_put: target `%s'\n", uploadserver);
1845 
1846 	path = ftp_strdup(uploadserver);
1847 	len = strlen(path);
1848 	if (path[len - 1] != '/' && path[len - 1] != ':') {
1849 			/*
1850 			 * make sure we always pass a directory to auto_fetch
1851 			 */
1852 		if (argc > 1) {		/* more than one file to upload */
1853 			len = strlen(uploadserver) + 2;	/* path + "/" + "\0" */
1854 			free(path);
1855 			path = (char *)ftp_malloc(len);
1856 			(void)strlcpy(path, uploadserver, len);
1857 			(void)strlcat(path, "/", len);
1858 		} else {		/* single file to upload */
1859 			(void)strlcpy(cmdbuf, "put", sizeof(cmdbuf));
1860 			uargv[0] = cmdbuf;
1861 			pathsep = strrchr(path, '/');
1862 			if (pathsep == NULL) {
1863 				pathsep = strrchr(path, ':');
1864 				if (pathsep == NULL) {
1865 					warnx("Invalid URL `%s'", path);
1866 					goto cleanup_auto_put;
1867 				}
1868 				pathsep++;
1869 				uargv[2] = ftp_strdup(pathsep);
1870 				pathsep[0] = '/';
1871 			} else
1872 				uargv[2] = ftp_strdup(pathsep + 1);
1873 			pathsep[1] = '\0';
1874 			uargc++;
1875 		}
1876 	}
1877 	DPRINTF("auto_put: URL `%s' argv[2] `%s'\n",
1878 	    path, STRorNULL(uargv[2]));
1879 
1880 			/* connect and cwd */
1881 	rval = auto_fetch(1, &path);
1882 	if(rval >= 0)
1883 		goto cleanup_auto_put;
1884 
1885 	rval = 0;
1886 
1887 			/* target filename provided; upload 1 file */
1888 			/* XXX : is this the best way? */
1889 	if (uargc == 3) {
1890 		uargv[1] = argv[0];
1891 		put(uargc, uargv);
1892 		if ((code / 100) != COMPLETE)
1893 			rval = 1;
1894 	} else {	/* otherwise a target dir: upload all files to it */
1895 		for(argpos = 0; argv[argpos] != NULL; argpos++) {
1896 			uargv[1] = argv[argpos];
1897 			mput(uargc, uargv);
1898 			if ((code / 100) != COMPLETE) {
1899 				rval = argpos + 1;
1900 				break;
1901 			}
1902 		}
1903 	}
1904 
1905  cleanup_auto_put:
1906 	free(path);
1907 	FREEPTR(uargv[2]);
1908 	return (rval);
1909 }
1910