1 /* $NetBSD: fetch.c,v 1.18 2009/11/15 10:12:37 lukem Exp $ */
2 /* from NetBSD: fetch.c,v 1.191 2009/08/17 09:08:16 christos Exp */
3
4 /*-
5 * Copyright (c) 1997-2009 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code is derived from software contributed to The NetBSD Foundation
9 * by Luke Mewburn.
10 *
11 * This code is derived from software contributed to The NetBSD Foundation
12 * by Scott Aaron Bamford.
13 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 * 1. Redistributions of source code must retain the above copyright
18 * notice, this list of conditions and the following disclaimer.
19 * 2. Redistributions in binary form must reproduce the above copyright
20 * notice, this list of conditions and the following disclaimer in the
21 * documentation and/or other materials provided with the distribution.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
24 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
25 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
27 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
30 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
31 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
32 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
33 * POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 #include "tnftp.h"
37
38 #if 0 /* tnftp */
39
40 #include <sys/cdefs.h>
41 #ifndef lint
42 __RCSID(" NetBSD: fetch.c,v 1.191 2009/08/17 09:08:16 christos Exp ");
43 #endif /* not lint */
44
45 /*
46 * FTP User Program -- Command line file retrieval
47 */
48
49 #include <sys/types.h>
50 #include <sys/param.h>
51 #include <sys/socket.h>
52 #include <sys/stat.h>
53 #include <sys/time.h>
54
55 #include <netinet/in.h>
56
57 #include <arpa/ftp.h>
58 #include <arpa/inet.h>
59
60 #include <ctype.h>
61 #include <err.h>
62 #include <errno.h>
63 #include <netdb.h>
64 #include <fcntl.h>
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <string.h>
68 #include <unistd.h>
69 #include <time.h>
70
71 #endif /* tnftp */
72
73 #include "ftp_var.h"
74 #include "version.h"
75
76 typedef enum {
77 UNKNOWN_URL_T=-1,
78 HTTP_URL_T,
79 FTP_URL_T,
80 FILE_URL_T,
81 CLASSIC_URL_T
82 } url_t;
83
84 void aborthttp(int);
85 #ifndef NO_AUTH
86 static int auth_url(const char *, char **, const char *, const char *);
87 static void base64_encode(const unsigned char *, size_t, unsigned char *);
88 #endif
89 static int go_fetch(const char *);
90 static int fetch_ftp(const char *);
91 static int fetch_url(const char *, const char *, char *, char *);
92 static const char *match_token(const char **, const char *);
93 static int parse_url(const char *, const char *, url_t *, char **,
94 char **, char **, char **, in_port_t *, char **);
95 static void url_decode(char *);
96
97 static int redirect_loop;
98
99
100 #define STRNEQUAL(a,b) (strncasecmp((a), (b), sizeof((b))-1) == 0)
101 #define ISLWS(x) ((x)=='\r' || (x)=='\n' || (x)==' ' || (x)=='\t')
102 #define SKIPLWS(x) do { while (ISLWS((*x))) x++; } while (0)
103
104
105 #define ABOUT_URL "about:" /* propaganda */
106 #define FILE_URL "file://" /* file URL prefix */
107 #define FTP_URL "ftp://" /* ftp URL prefix */
108 #define HTTP_URL "http://" /* http URL prefix */
109
110
111 /*
112 * Determine if token is the next word in buf (case insensitive).
113 * If so, advance buf past the token and any trailing LWS, and
114 * return a pointer to the token (in buf). Otherwise, return NULL.
115 * token may be preceded by LWS.
116 * token must be followed by LWS or NUL. (I.e, don't partial match).
117 */
118 static const char *
match_token(const char ** buf,const char * token)119 match_token(const char **buf, const char *token)
120 {
121 const char *p, *orig;
122 size_t tlen;
123
124 tlen = strlen(token);
125 p = *buf;
126 SKIPLWS(p);
127 orig = p;
128 if (strncasecmp(p, token, tlen) != 0)
129 return NULL;
130 p += tlen;
131 if (*p != '\0' && !ISLWS(*p))
132 return NULL;
133 SKIPLWS(p);
134 orig = *buf;
135 *buf = p;
136 return orig;
137 }
138
139 #ifndef NO_AUTH
140 /*
141 * Generate authorization response based on given authentication challenge.
142 * Returns -1 if an error occurred, otherwise 0.
143 * Sets response to a malloc(3)ed string; caller should free.
144 */
145 static int
auth_url(const char * challenge,char ** response,const char * guser,const char * gpass)146 auth_url(const char *challenge, char **response, const char *guser,
147 const char *gpass)
148 {
149 const char *cp, *scheme, *errormsg;
150 char *ep, *clear, *realm;
151 char uuser[BUFSIZ], *gotpass;
152 const char *upass;
153 int rval;
154 size_t len, clen, rlen;
155
156 *response = NULL;
157 clear = realm = NULL;
158 rval = -1;
159 cp = challenge;
160 scheme = "Basic"; /* only support Basic authentication */
161 gotpass = NULL;
162
163 DPRINTF("auth_url: challenge `%s'\n", challenge);
164
165 if (! match_token(&cp, scheme)) {
166 warnx("Unsupported authentication challenge `%s'",
167 challenge);
168 goto cleanup_auth_url;
169 }
170
171 #define REALM "realm=\""
172 if (STRNEQUAL(cp, REALM))
173 cp += sizeof(REALM) - 1;
174 else {
175 warnx("Unsupported authentication challenge `%s'",
176 challenge);
177 goto cleanup_auth_url;
178 }
179 /* XXX: need to improve quoted-string parsing to support \ quoting, etc. */
180 if ((ep = strchr(cp, '\"')) != NULL) {
181 len = ep - cp;
182 realm = (char *)ftp_malloc(len + 1);
183 (void)strlcpy(realm, cp, len + 1);
184 } else {
185 warnx("Unsupported authentication challenge `%s'",
186 challenge);
187 goto cleanup_auth_url;
188 }
189
190 fprintf(ttyout, "Username for `%s': ", realm);
191 if (guser != NULL) {
192 (void)strlcpy(uuser, guser, sizeof(uuser));
193 fprintf(ttyout, "%s\n", uuser);
194 } else {
195 (void)fflush(ttyout);
196 if (get_line(stdin, uuser, sizeof(uuser), &errormsg) < 0) {
197 warnx("%s; can't authenticate", errormsg);
198 goto cleanup_auth_url;
199 }
200 }
201 if (gpass != NULL)
202 upass = gpass;
203 else {
204 gotpass = getpass("Password: ");
205 if (gotpass == NULL) {
206 warnx("Can't read password");
207 goto cleanup_auth_url;
208 }
209 upass = gotpass;
210 }
211
212 clen = strlen(uuser) + strlen(upass) + 2; /* user + ":" + pass + "\0" */
213 clear = (char *)ftp_malloc(clen);
214 (void)strlcpy(clear, uuser, clen);
215 (void)strlcat(clear, ":", clen);
216 (void)strlcat(clear, upass, clen);
217 if (gotpass)
218 memset(gotpass, 0, strlen(gotpass));
219
220 /* scheme + " " + enc + "\0" */
221 rlen = strlen(scheme) + 1 + (clen + 2) * 4 / 3 + 1;
222 *response = (char *)ftp_malloc(rlen);
223 (void)strlcpy(*response, scheme, rlen);
224 len = strlcat(*response, " ", rlen);
225 /* use `clen - 1' to not encode the trailing NUL */
226 base64_encode((unsigned char *)clear, clen - 1,
227 (unsigned char *)*response + len);
228 memset(clear, 0, clen);
229 rval = 0;
230
231 cleanup_auth_url:
232 FREEPTR(clear);
233 FREEPTR(realm);
234 return (rval);
235 }
236
237 /*
238 * Encode len bytes starting at clear using base64 encoding into encoded,
239 * which should be at least ((len + 2) * 4 / 3 + 1) in size.
240 */
241 static void
base64_encode(const unsigned char * clear,size_t len,unsigned char * encoded)242 base64_encode(const unsigned char *clear, size_t len, unsigned char *encoded)
243 {
244 static const unsigned char enc[] =
245 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
246 unsigned char *cp;
247 size_t i;
248
249 cp = encoded;
250 for (i = 0; i < len; i += 3) {
251 *(cp++) = enc[((clear[i + 0] >> 2))];
252 *(cp++) = enc[((clear[i + 0] << 4) & 0x30)
253 | ((clear[i + 1] >> 4) & 0x0f)];
254 *(cp++) = enc[((clear[i + 1] << 2) & 0x3c)
255 | ((clear[i + 2] >> 6) & 0x03)];
256 *(cp++) = enc[((clear[i + 2] ) & 0x3f)];
257 }
258 *cp = '\0';
259 while (i-- > len)
260 *(--cp) = '=';
261 }
262 #endif
263
264 /*
265 * Decode %xx escapes in given string, `in-place'.
266 */
267 static void
url_decode(char * url)268 url_decode(char *url)
269 {
270 unsigned char *p, *q;
271
272 if (EMPTYSTRING(url))
273 return;
274 p = q = (unsigned char *)url;
275
276 #define HEXTOINT(x) (x - (isdigit(x) ? '0' : (islower(x) ? 'a' : 'A') - 10))
277 while (*p) {
278 if (p[0] == '%'
279 && p[1] && isxdigit((unsigned char)p[1])
280 && p[2] && isxdigit((unsigned char)p[2])) {
281 *q++ = HEXTOINT(p[1]) * 16 + HEXTOINT(p[2]);
282 p+=3;
283 } else
284 *q++ = *p++;
285 }
286 *q = '\0';
287 }
288
289
290 /*
291 * Parse URL of form (per RFC3986):
292 * <type>://[<user>[:<password>]@]<host>[:<port>][/<path>]
293 * Returns -1 if a parse error occurred, otherwise 0.
294 * It's the caller's responsibility to url_decode() the returned
295 * user, pass and path.
296 *
297 * Sets type to url_t, each of the given char ** pointers to a
298 * malloc(3)ed strings of the relevant section, and port to
299 * the number given, or ftpport if ftp://, or httpport if http://.
300 *
301 * XXX: this is not totally RFC3986 compliant; <path> will have the
302 * leading `/' unless it's an ftp:// URL, as this makes things easier
303 * for file:// and http:// URLs. ftp:// URLs have the `/' between the
304 * host and the URL-path removed, but any additional leading slashes
305 * in the URL-path are retained (because they imply that we should
306 * later do "CWD" with a null argument).
307 *
308 * Examples:
309 * input URL output path
310 * --------- -----------
311 * "http://host" "/"
312 * "http://host/" "/"
313 * "http://host/path" "/path"
314 * "file://host/dir/file" "dir/file"
315 * "ftp://host" ""
316 * "ftp://host/" ""
317 * "ftp://host//" "/"
318 * "ftp://host/dir/file" "dir/file"
319 * "ftp://host//dir/file" "/dir/file"
320 */
321 static int
parse_url(const char * url,const char * desc,url_t * utype,char ** uuser,char ** pass,char ** host,char ** port,in_port_t * portnum,char ** path)322 parse_url(const char *url, const char *desc, url_t *utype,
323 char **uuser, char **pass, char **host, char **port,
324 in_port_t *portnum, char **path)
325 {
326 const char *origurl, *tport;
327 char *cp, *ep, *thost;
328 size_t len;
329
330 if (url == NULL || desc == NULL || utype == NULL || uuser == NULL
331 || pass == NULL || host == NULL || port == NULL || portnum == NULL
332 || path == NULL)
333 errx(1, "parse_url: invoked with NULL argument!");
334 DPRINTF("parse_url: %s `%s'\n", desc, url);
335
336 origurl = url;
337 *utype = UNKNOWN_URL_T;
338 *uuser = *pass = *host = *port = *path = NULL;
339 *portnum = 0;
340 tport = NULL;
341
342 if (STRNEQUAL(url, HTTP_URL)) {
343 url += sizeof(HTTP_URL) - 1;
344 *utype = HTTP_URL_T;
345 *portnum = HTTP_PORT;
346 tport = httpport;
347 } else if (STRNEQUAL(url, FTP_URL)) {
348 url += sizeof(FTP_URL) - 1;
349 *utype = FTP_URL_T;
350 *portnum = FTP_PORT;
351 tport = ftpport;
352 } else if (STRNEQUAL(url, FILE_URL)) {
353 url += sizeof(FILE_URL) - 1;
354 *utype = FILE_URL_T;
355 } else {
356 warnx("Invalid %s `%s'", desc, url);
357 cleanup_parse_url:
358 FREEPTR(*uuser);
359 if (*pass != NULL)
360 memset(*pass, 0, strlen(*pass));
361 FREEPTR(*pass);
362 FREEPTR(*host);
363 FREEPTR(*port);
364 FREEPTR(*path);
365 return (-1);
366 }
367
368 if (*url == '\0')
369 return (0);
370
371 /* find [user[:pass]@]host[:port] */
372 ep = strchr(url, '/');
373 if (ep == NULL)
374 thost = ftp_strdup(url);
375 else {
376 len = ep - url;
377 thost = (char *)ftp_malloc(len + 1);
378 (void)strlcpy(thost, url, len + 1);
379 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */
380 ep++;
381 *path = ftp_strdup(ep);
382 }
383
384 cp = strchr(thost, '@'); /* look for user[:pass]@ in URLs */
385 if (cp != NULL) {
386 if (*utype == FTP_URL_T)
387 anonftp = 0; /* disable anonftp */
388 *uuser = thost;
389 *cp = '\0';
390 thost = ftp_strdup(cp + 1);
391 cp = strchr(*uuser, ':');
392 if (cp != NULL) {
393 *cp = '\0';
394 *pass = ftp_strdup(cp + 1);
395 }
396 url_decode(*uuser);
397 if (*pass)
398 url_decode(*pass);
399 }
400
401 #ifdef INET6
402 /*
403 * Check if thost is an encoded IPv6 address, as per
404 * RFC3986:
405 * `[' ipv6-address ']'
406 */
407 if (*thost == '[') {
408 cp = thost + 1;
409 if ((ep = strchr(cp, ']')) == NULL ||
410 (ep[1] != '\0' && ep[1] != ':')) {
411 warnx("Invalid address `%s' in %s `%s'",
412 thost, desc, origurl);
413 goto cleanup_parse_url;
414 }
415 len = ep - cp; /* change `[xyz]' -> `xyz' */
416 memmove(thost, thost + 1, len);
417 thost[len] = '\0';
418 if (! isipv6addr(thost)) {
419 warnx("Invalid IPv6 address `%s' in %s `%s'",
420 thost, desc, origurl);
421 goto cleanup_parse_url;
422 }
423 cp = ep + 1;
424 if (*cp == ':')
425 cp++;
426 else
427 cp = NULL;
428 } else
429 #endif /* INET6 */
430 if ((cp = strchr(thost, ':')) != NULL)
431 *cp++ = '\0';
432 *host = thost;
433
434 /* look for [:port] */
435 if (cp != NULL) {
436 unsigned long nport;
437
438 nport = strtoul(cp, &ep, 10);
439 if (*cp == '\0' || *ep != '\0' ||
440 nport < 1 || nport > MAX_IN_PORT_T) {
441 warnx("Unknown port `%s' in %s `%s'",
442 cp, desc, origurl);
443 goto cleanup_parse_url;
444 }
445 *portnum = nport;
446 tport = cp;
447 }
448
449 if (tport != NULL)
450 *port = ftp_strdup(tport);
451 if (*path == NULL) {
452 const char *emptypath = "/";
453 if (*utype == FTP_URL_T) /* skip first / for ftp URLs */
454 emptypath++;
455 *path = ftp_strdup(emptypath);
456 }
457
458 DPRINTF("parse_url: user `%s' pass `%s' host %s port %s(%d) "
459 "path `%s'\n",
460 STRorNULL(*uuser), STRorNULL(*pass),
461 STRorNULL(*host), STRorNULL(*port),
462 *portnum ? *portnum : -1, STRorNULL(*path));
463
464 return (0);
465 }
466
467 sigjmp_buf httpabort;
468
469 /*
470 * Retrieve URL, via a proxy if necessary, using HTTP.
471 * If proxyenv is set, use that for the proxy, otherwise try ftp_proxy or
472 * http_proxy as appropriate.
473 * Supports HTTP redirects.
474 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
475 * is still open (e.g, ftp xfer with trailing /)
476 */
477 static int
fetch_url(const char * url,const char * proxyenv,char * proxyauth,char * wwwauth)478 fetch_url(const char *url, const char *proxyenv, char *proxyauth, char *wwwauth)
479 {
480 struct addrinfo hints, *res, *res0 = NULL;
481 int error;
482 sigfunc volatile oldintr;
483 sigfunc volatile oldintp;
484 int volatile s;
485 struct stat sb;
486 int volatile ischunked;
487 int volatile isproxy;
488 int volatile rval;
489 int volatile hcode;
490 int len;
491 size_t flen;
492 static size_t bufsize;
493 static char *xferbuf;
494 const char *cp, *token;
495 char *ep;
496 char buf[FTPBUFLEN];
497 const char *errormsg;
498 char *volatile savefile;
499 char *volatile auth;
500 char *volatile location;
501 char *volatile message;
502 char *uuser, *pass, *host, *port, *path;
503 char *volatile decodedpath;
504 char *puser, *ppass, *useragent;
505 off_t hashbytes, rangestart, rangeend, entitylen;
506 int (*volatile closefunc)(FILE *);
507 FILE *volatile fin;
508 FILE *volatile fout;
509 time_t mtime;
510 url_t urltype;
511 in_port_t portnum;
512
513 DPRINTF("fetch_url: `%s' proxyenv `%s'\n", url, STRorNULL(proxyenv));
514
515 oldintr = oldintp = NULL;
516 closefunc = NULL;
517 fin = fout = NULL;
518 s = -1;
519 savefile = NULL;
520 auth = location = message = NULL;
521 ischunked = isproxy = hcode = 0;
522 rval = 1;
523 uuser = pass = host = path = decodedpath = puser = ppass = NULL;
524
525 if (parse_url(url, "URL", &urltype, &uuser, &pass, &host, &port,
526 &portnum, &path) == -1)
527 goto cleanup_fetch_url;
528
529 if (urltype == FILE_URL_T && ! EMPTYSTRING(host)
530 && strcasecmp(host, "localhost") != 0) {
531 warnx("No support for non local file URL `%s'", url);
532 goto cleanup_fetch_url;
533 }
534
535 if (EMPTYSTRING(path)) {
536 if (urltype == FTP_URL_T) {
537 rval = fetch_ftp(url);
538 goto cleanup_fetch_url;
539 }
540 if (urltype != HTTP_URL_T || outfile == NULL) {
541 warnx("Invalid URL (no file after host) `%s'", url);
542 goto cleanup_fetch_url;
543 }
544 }
545
546 decodedpath = ftp_strdup(path);
547 url_decode(decodedpath);
548
549 if (outfile)
550 savefile = outfile;
551 else {
552 cp = strrchr(decodedpath, '/'); /* find savefile */
553 if (cp != NULL)
554 savefile = ftp_strdup(cp + 1);
555 else
556 savefile = ftp_strdup(decodedpath);
557 }
558 DPRINTF("fetch_url: savefile `%s'\n", savefile);
559 if (EMPTYSTRING(savefile)) {
560 if (urltype == FTP_URL_T) {
561 rval = fetch_ftp(url);
562 goto cleanup_fetch_url;
563 }
564 warnx("No file after directory (you must specify an "
565 "output file) `%s'", url);
566 goto cleanup_fetch_url;
567 }
568
569 restart_point = 0;
570 filesize = -1;
571 rangestart = rangeend = entitylen = -1;
572 mtime = -1;
573 if (restartautofetch) {
574 if (stat(savefile, &sb) == 0)
575 restart_point = sb.st_size;
576 }
577 if (urltype == FILE_URL_T) { /* file:// URLs */
578 direction = "copied";
579 fin = fopen(decodedpath, "r");
580 if (fin == NULL) {
581 warn("Can't open `%s'", decodedpath);
582 goto cleanup_fetch_url;
583 }
584 if (fstat(fileno(fin), &sb) == 0) {
585 mtime = sb.st_mtime;
586 filesize = sb.st_size;
587 }
588 if (restart_point) {
589 if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) {
590 warn("Can't seek to restart `%s'",
591 decodedpath);
592 goto cleanup_fetch_url;
593 }
594 }
595 if (verbose) {
596 fprintf(ttyout, "Copying %s", decodedpath);
597 if (restart_point)
598 fprintf(ttyout, " (restarting at " LLF ")",
599 (LLT)restart_point);
600 fputs("\n", ttyout);
601 }
602 } else { /* ftp:// or http:// URLs */
603 const char *leading;
604 int hasleading;
605
606 if (proxyenv == NULL) {
607 if (urltype == HTTP_URL_T)
608 proxyenv = getoptionvalue("http_proxy");
609 else if (urltype == FTP_URL_T)
610 proxyenv = getoptionvalue("ftp_proxy");
611 }
612 direction = "retrieved";
613 if (! EMPTYSTRING(proxyenv)) { /* use proxy */
614 url_t purltype;
615 char *phost, *ppath;
616 char *pport, *no_proxy;
617 in_port_t pportnum;
618
619 isproxy = 1;
620
621 /* check URL against list of no_proxied sites */
622 no_proxy = getoptionvalue("no_proxy");
623 if (! EMPTYSTRING(no_proxy)) {
624 char *np, *np_copy, *np_iter;
625 unsigned long np_port;
626 size_t hlen, plen;
627
628 np_iter = np_copy = ftp_strdup(no_proxy);
629 hlen = strlen(host);
630 while ((cp = strsep(&np_iter, " ,")) != NULL) {
631 if (*cp == '\0')
632 continue;
633 if ((np = strrchr(cp, ':')) != NULL) {
634 *np++ = '\0';
635 np_port = strtoul(np, &ep, 10);
636 if (*np == '\0' || *ep != '\0')
637 continue;
638 if (np_port != portnum)
639 continue;
640 }
641 plen = strlen(cp);
642 if (hlen < plen)
643 continue;
644 if (strncasecmp(host + hlen - plen,
645 cp, plen) == 0) {
646 isproxy = 0;
647 break;
648 }
649 }
650 FREEPTR(np_copy);
651 if (isproxy == 0 && urltype == FTP_URL_T) {
652 rval = fetch_ftp(url);
653 goto cleanup_fetch_url;
654 }
655 }
656
657 if (isproxy) {
658 if (restart_point) {
659 warnx("Can't restart via proxy URL `%s'",
660 proxyenv);
661 goto cleanup_fetch_url;
662 }
663 if (parse_url(proxyenv, "proxy URL", &purltype,
664 &puser, &ppass, &phost, &pport, &pportnum,
665 &ppath) == -1)
666 goto cleanup_fetch_url;
667
668 if ((purltype != HTTP_URL_T
669 && purltype != FTP_URL_T) ||
670 EMPTYSTRING(phost) ||
671 (! EMPTYSTRING(ppath)
672 && strcmp(ppath, "/") != 0)) {
673 warnx("Malformed proxy URL `%s'",
674 proxyenv);
675 FREEPTR(phost);
676 FREEPTR(pport);
677 FREEPTR(ppath);
678 goto cleanup_fetch_url;
679 }
680 if (isipv6addr(host) &&
681 strchr(host, '%') != NULL) {
682 warnx(
683 "Scoped address notation `%s' disallowed via web proxy",
684 host);
685 FREEPTR(phost);
686 FREEPTR(pport);
687 FREEPTR(ppath);
688 goto cleanup_fetch_url;
689 }
690
691 FREEPTR(host);
692 host = phost;
693 FREEPTR(port);
694 port = pport;
695 FREEPTR(path);
696 path = ftp_strdup(url);
697 FREEPTR(ppath);
698 }
699 } /* ! EMPTYSTRING(proxyenv) */
700
701 memset(&hints, 0, sizeof(hints));
702 hints.ai_flags = 0;
703 hints.ai_family = family;
704 hints.ai_socktype = SOCK_STREAM;
705 hints.ai_protocol = 0;
706 error = getaddrinfo(host, port, &hints, &res0);
707 if (error) {
708 warnx("Can't lookup `%s:%s': %s", host, port,
709 (error == EAI_SYSTEM) ? strerror(errno)
710 : gai_strerror(error));
711 goto cleanup_fetch_url;
712 }
713 if (res0->ai_canonname)
714 host = res0->ai_canonname;
715
716 s = -1;
717 for (res = res0; res; res = res->ai_next) {
718 char hname[NI_MAXHOST], sname[NI_MAXSERV];
719
720 ai_unmapped(res);
721 if (getnameinfo(res->ai_addr, res->ai_addrlen,
722 hname, sizeof(hname), sname, sizeof(sname),
723 NI_NUMERICHOST | NI_NUMERICSERV) != 0) {
724 strlcpy(hname, "?", sizeof(hname));
725 strlcpy(sname, "?", sizeof(sname));
726 }
727
728 if (verbose && res0->ai_next) {
729 fprintf(ttyout, "Trying %s:%s ...\n",
730 hname, sname);
731 }
732
733 s = socket(res->ai_family, SOCK_STREAM,
734 res->ai_protocol);
735 if (s < 0) {
736 warn(
737 "Can't create socket for connection to "
738 "`%s:%s'", hname, sname);
739 continue;
740 }
741
742 if (ftp_connect(s, res->ai_addr, res->ai_addrlen) < 0) {
743 close(s);
744 s = -1;
745 continue;
746 }
747
748 /* success */
749 break;
750 }
751
752 if (s < 0) {
753 warnx("Can't connect to `%s:%s'", host, port);
754 goto cleanup_fetch_url;
755 }
756
757 fin = fdopen(s, "r+");
758 /*
759 * Construct and send the request.
760 */
761 if (verbose)
762 fprintf(ttyout, "Requesting %s\n", url);
763 leading = " (";
764 hasleading = 0;
765 if (isproxy) {
766 if (verbose) {
767 fprintf(ttyout, "%svia %s:%s", leading,
768 host, port);
769 leading = ", ";
770 hasleading++;
771 }
772 fprintf(fin, "GET %s HTTP/1.0\r\n", path);
773 if (flushcache)
774 fprintf(fin, "Pragma: no-cache\r\n");
775 } else {
776 fprintf(fin, "GET %s HTTP/1.1\r\n", path);
777 if (strchr(host, ':')) {
778 char *h, *p;
779
780 /*
781 * strip off IPv6 scope identifier, since it is
782 * local to the node
783 */
784 h = ftp_strdup(host);
785 if (isipv6addr(h) &&
786 (p = strchr(h, '%')) != NULL) {
787 *p = '\0';
788 }
789 fprintf(fin, "Host: [%s]", h);
790 free(h);
791 } else
792 fprintf(fin, "Host: %s", host);
793 if (portnum != HTTP_PORT)
794 fprintf(fin, ":%u", portnum);
795 fprintf(fin, "\r\n");
796 fprintf(fin, "Accept: */*\r\n");
797 fprintf(fin, "Connection: close\r\n");
798 if (restart_point) {
799 fputs(leading, ttyout);
800 fprintf(fin, "Range: bytes=" LLF "-\r\n",
801 (LLT)restart_point);
802 fprintf(ttyout, "restarting at " LLF,
803 (LLT)restart_point);
804 leading = ", ";
805 hasleading++;
806 }
807 if (flushcache)
808 fprintf(fin, "Cache-Control: no-cache\r\n");
809 }
810 if ((useragent=getenv("FTPUSERAGENT")) != NULL) {
811 fprintf(fin, "User-Agent: %s\r\n", useragent);
812 } else {
813 fprintf(fin, "User-Agent: %s/%s\r\n",
814 FTP_PRODUCT, FTP_VERSION);
815 }
816 if (wwwauth) {
817 if (verbose) {
818 fprintf(ttyout, "%swith authorization",
819 leading);
820 leading = ", ";
821 hasleading++;
822 }
823 fprintf(fin, "Authorization: %s\r\n", wwwauth);
824 }
825 if (proxyauth) {
826 if (verbose) {
827 fprintf(ttyout,
828 "%swith proxy authorization", leading);
829 leading = ", ";
830 hasleading++;
831 }
832 fprintf(fin, "Proxy-Authorization: %s\r\n", proxyauth);
833 }
834 if (verbose && hasleading)
835 fputs(")\n", ttyout);
836 fprintf(fin, "\r\n");
837 if (fflush(fin) == EOF) {
838 warn("Writing HTTP request");
839 goto cleanup_fetch_url;
840 }
841
842 /* Read the response */
843 len = get_line(fin, buf, sizeof(buf), &errormsg);
844 if (len < 0) {
845 if (*errormsg == '\n')
846 errormsg++;
847 warnx("Receiving HTTP reply: %s", errormsg);
848 goto cleanup_fetch_url;
849 }
850 while (len > 0 && (ISLWS(buf[len-1])))
851 buf[--len] = '\0';
852 DPRINTF("fetch_url: received `%s'\n", buf);
853
854 /* Determine HTTP response code */
855 cp = strchr(buf, ' ');
856 if (cp == NULL)
857 goto improper;
858 else
859 cp++;
860 hcode = strtol(cp, &ep, 10);
861 if (*ep != '\0' && !isspace((unsigned char)*ep))
862 goto improper;
863 message = ftp_strdup(cp);
864
865 /* Read the rest of the header. */
866 while (1) {
867 len = get_line(fin, buf, sizeof(buf), &errormsg);
868 if (len < 0) {
869 if (*errormsg == '\n')
870 errormsg++;
871 warnx("Receiving HTTP reply: %s", errormsg);
872 goto cleanup_fetch_url;
873 }
874 while (len > 0 && (ISLWS(buf[len-1])))
875 buf[--len] = '\0';
876 if (len == 0)
877 break;
878 DPRINTF("fetch_url: received `%s'\n", buf);
879
880 /*
881 * Look for some headers
882 */
883
884 cp = buf;
885
886 if (match_token(&cp, "Content-Length:")) {
887 filesize = STRTOLL(cp, &ep, 10);
888 if (filesize < 0 || *ep != '\0')
889 goto improper;
890 DPRINTF("fetch_url: parsed len as: " LLF "\n",
891 (LLT)filesize);
892
893 } else if (match_token(&cp, "Content-Range:")) {
894 if (! match_token(&cp, "bytes"))
895 goto improper;
896
897 if (*cp == '*')
898 cp++;
899 else {
900 rangestart = STRTOLL(cp, &ep, 10);
901 if (rangestart < 0 || *ep != '-')
902 goto improper;
903 cp = ep + 1;
904 rangeend = STRTOLL(cp, &ep, 10);
905 if (rangeend < 0 || rangeend < rangestart)
906 goto improper;
907 cp = ep;
908 }
909 if (*cp != '/')
910 goto improper;
911 cp++;
912 if (*cp == '*')
913 cp++;
914 else {
915 entitylen = STRTOLL(cp, &ep, 10);
916 if (entitylen < 0)
917 goto improper;
918 cp = ep;
919 }
920 if (*cp != '\0')
921 goto improper;
922
923 #ifndef NO_DEBUG
924 if (ftp_debug) {
925 fprintf(ttyout, "parsed range as: ");
926 if (rangestart == -1)
927 fprintf(ttyout, "*");
928 else
929 fprintf(ttyout, LLF "-" LLF,
930 (LLT)rangestart,
931 (LLT)rangeend);
932 fprintf(ttyout, "/" LLF "\n", (LLT)entitylen);
933 }
934 #endif
935 if (! restart_point) {
936 warnx(
937 "Received unexpected Content-Range header");
938 goto cleanup_fetch_url;
939 }
940
941 } else if (match_token(&cp, "Last-Modified:")) {
942 struct tm parsed;
943 char *t;
944
945 memset(&parsed, 0, sizeof(parsed));
946 /* RFC1123 */
947 if ((t = strptime(cp,
948 "%a, %d %b %Y %H:%M:%S GMT",
949 &parsed))
950 /* RFC0850 */
951 || (t = strptime(cp,
952 "%a, %d-%b-%y %H:%M:%S GMT",
953 &parsed))
954 /* asctime */
955 || (t = strptime(cp,
956 "%a, %b %d %H:%M:%S %Y",
957 &parsed))) {
958 parsed.tm_isdst = -1;
959 if (*t == '\0')
960 mtime = timegm(&parsed);
961 #ifndef NO_DEBUG
962 if (ftp_debug && mtime != -1) {
963 fprintf(ttyout,
964 "parsed date as: %s",
965 rfc2822time(localtime(&mtime)));
966 }
967 #endif
968 }
969
970 } else if (match_token(&cp, "Location:")) {
971 location = ftp_strdup(cp);
972 DPRINTF("fetch_url: parsed location as `%s'\n",
973 cp);
974
975 } else if (match_token(&cp, "Transfer-Encoding:")) {
976 if (match_token(&cp, "binary")) {
977 warnx(
978 "Bogus transfer encoding `binary' (fetching anyway)");
979 continue;
980 }
981 if (! (token = match_token(&cp, "chunked"))) {
982 warnx(
983 "Unsupported transfer encoding `%s'",
984 token);
985 goto cleanup_fetch_url;
986 }
987 ischunked++;
988 DPRINTF("fetch_url: using chunked encoding\n");
989
990 } else if (match_token(&cp, "Proxy-Authenticate:")
991 || match_token(&cp, "WWW-Authenticate:")) {
992 if (! (token = match_token(&cp, "Basic"))) {
993 DPRINTF(
994 "fetch_url: skipping unknown auth scheme `%s'\n",
995 token);
996 continue;
997 }
998 FREEPTR(auth);
999 auth = ftp_strdup(token);
1000 DPRINTF("fetch_url: parsed auth as `%s'\n", cp);
1001 }
1002
1003 }
1004 /* finished parsing header */
1005
1006 switch (hcode) {
1007 case 200:
1008 break;
1009 case 206:
1010 if (! restart_point) {
1011 warnx("Not expecting partial content header");
1012 goto cleanup_fetch_url;
1013 }
1014 break;
1015 case 300:
1016 case 301:
1017 case 302:
1018 case 303:
1019 case 305:
1020 case 307:
1021 if (EMPTYSTRING(location)) {
1022 warnx(
1023 "No redirection Location provided by server");
1024 goto cleanup_fetch_url;
1025 }
1026 if (redirect_loop++ > 5) {
1027 warnx("Too many redirections requested");
1028 goto cleanup_fetch_url;
1029 }
1030 if (hcode == 305) {
1031 if (verbose)
1032 fprintf(ttyout, "Redirected via %s\n",
1033 location);
1034 rval = fetch_url(url, location,
1035 proxyauth, wwwauth);
1036 } else {
1037 if (verbose)
1038 fprintf(ttyout, "Redirected to %s\n",
1039 location);
1040 rval = go_fetch(location);
1041 }
1042 goto cleanup_fetch_url;
1043 #ifndef NO_AUTH
1044 case 401:
1045 case 407:
1046 {
1047 char **authp;
1048 char *auser, *apass;
1049
1050 if (hcode == 401) {
1051 authp = &wwwauth;
1052 auser = uuser;
1053 apass = pass;
1054 } else {
1055 authp = &proxyauth;
1056 auser = puser;
1057 apass = ppass;
1058 }
1059 if (verbose || *authp == NULL ||
1060 auser == NULL || apass == NULL)
1061 fprintf(ttyout, "%s\n", message);
1062 if (EMPTYSTRING(auth)) {
1063 warnx(
1064 "No authentication challenge provided by server");
1065 goto cleanup_fetch_url;
1066 }
1067 if (*authp != NULL) {
1068 char reply[10];
1069
1070 fprintf(ttyout,
1071 "Authorization failed. Retry (y/n)? ");
1072 if (get_line(stdin, reply, sizeof(reply), NULL)
1073 < 0) {
1074 goto cleanup_fetch_url;
1075 }
1076 if (tolower((unsigned char)reply[0]) != 'y')
1077 goto cleanup_fetch_url;
1078 auser = NULL;
1079 apass = NULL;
1080 }
1081 if (auth_url(auth, authp, auser, apass) == 0) {
1082 rval = fetch_url(url, proxyenv,
1083 proxyauth, wwwauth);
1084 memset(*authp, 0, strlen(*authp));
1085 FREEPTR(*authp);
1086 }
1087 goto cleanup_fetch_url;
1088 }
1089 #endif
1090 default:
1091 if (message)
1092 warnx("Error retrieving file `%s'", message);
1093 else
1094 warnx("Unknown error retrieving file");
1095 goto cleanup_fetch_url;
1096 }
1097 } /* end of ftp:// or http:// specific setup */
1098
1099 /* Open the output file. */
1100
1101 /*
1102 * Only trust filenames with special meaning if they came from
1103 * the command line
1104 */
1105 if (outfile == savefile) {
1106 if (strcmp(savefile, "-") == 0) {
1107 fout = stdout;
1108 } else if (*savefile == '|') {
1109 oldintp = xsignal(SIGPIPE, SIG_IGN);
1110 fout = popen(savefile + 1, "w");
1111 if (fout == NULL) {
1112 warn("Can't execute `%s'", savefile + 1);
1113 goto cleanup_fetch_url;
1114 }
1115 closefunc = pclose;
1116 }
1117 }
1118 if (fout == NULL) {
1119 if ((rangeend != -1 && rangeend <= restart_point) ||
1120 (rangestart == -1 && filesize != -1 && filesize <= restart_point)) {
1121 /* already done */
1122 if (verbose)
1123 fprintf(ttyout, "already done\n");
1124 rval = 0;
1125 goto cleanup_fetch_url;
1126 }
1127 if (restart_point && rangestart != -1) {
1128 if (entitylen != -1)
1129 filesize = entitylen;
1130 if (rangestart != restart_point) {
1131 warnx(
1132 "Size of `%s' differs from save file `%s'",
1133 url, savefile);
1134 goto cleanup_fetch_url;
1135 }
1136 fout = fopen(savefile, "a");
1137 } else
1138 fout = fopen(savefile, "w");
1139 if (fout == NULL) {
1140 warn("Can't open `%s'", savefile);
1141 goto cleanup_fetch_url;
1142 }
1143 closefunc = fclose;
1144 }
1145
1146 /* Trap signals */
1147 if (sigsetjmp(httpabort, 1))
1148 goto cleanup_fetch_url;
1149 (void)xsignal(SIGQUIT, psummary);
1150 oldintr = xsignal(SIGINT, aborthttp);
1151
1152 if ((size_t)rcvbuf_size > bufsize) {
1153 if (xferbuf)
1154 (void)free(xferbuf);
1155 bufsize = rcvbuf_size;
1156 xferbuf = ftp_malloc(bufsize);
1157 }
1158
1159 bytes = 0;
1160 hashbytes = mark;
1161 progressmeter(-1);
1162
1163 /* Finally, suck down the file. */
1164 do {
1165 long chunksize;
1166 short lastchunk;
1167
1168 chunksize = 0;
1169 lastchunk = 0;
1170 /* read chunk-size */
1171 if (ischunked) {
1172 if (fgets(xferbuf, bufsize, fin) == NULL) {
1173 warnx("Unexpected EOF reading chunk-size");
1174 goto cleanup_fetch_url;
1175 }
1176 errno = 0;
1177 chunksize = strtol(xferbuf, &ep, 16);
1178 if (ep == xferbuf) {
1179 warnx("Invalid chunk-size");
1180 goto cleanup_fetch_url;
1181 }
1182 if (errno == ERANGE || chunksize < 0) {
1183 errno = ERANGE;
1184 warn("Chunk-size `%.*s'",
1185 (int)(ep-xferbuf), xferbuf);
1186 goto cleanup_fetch_url;
1187 }
1188
1189 /*
1190 * XXX: Work around bug in Apache 1.3.9 and
1191 * 1.3.11, which incorrectly put trailing
1192 * space after the chunk-size.
1193 */
1194 while (*ep == ' ')
1195 ep++;
1196
1197 /* skip [ chunk-ext ] */
1198 if (*ep == ';') {
1199 while (*ep && *ep != '\r')
1200 ep++;
1201 }
1202
1203 if (strcmp(ep, "\r\n") != 0) {
1204 warnx("Unexpected data following chunk-size");
1205 goto cleanup_fetch_url;
1206 }
1207 DPRINTF("fetch_url: got chunk-size of " LLF "\n",
1208 (LLT)chunksize);
1209 if (chunksize == 0) {
1210 lastchunk = 1;
1211 goto chunkdone;
1212 }
1213 }
1214 /* transfer file or chunk */
1215 while (1) {
1216 struct timeval then, now, td;
1217 off_t bufrem;
1218
1219 if (rate_get)
1220 (void)gettimeofday(&then, NULL);
1221 bufrem = rate_get ? rate_get : (off_t)bufsize;
1222 if (ischunked)
1223 bufrem = MIN(chunksize, bufrem);
1224 while (bufrem > 0) {
1225 flen = fread(xferbuf, sizeof(char),
1226 MIN((off_t)bufsize, bufrem), fin);
1227 if (flen <= 0)
1228 goto chunkdone;
1229 bytes += flen;
1230 bufrem -= flen;
1231 if (fwrite(xferbuf, sizeof(char), flen, fout)
1232 != flen) {
1233 warn("Writing `%s'", savefile);
1234 goto cleanup_fetch_url;
1235 }
1236 if (hash && !progress) {
1237 while (bytes >= hashbytes) {
1238 (void)putc('#', ttyout);
1239 hashbytes += mark;
1240 }
1241 (void)fflush(ttyout);
1242 }
1243 if (ischunked) {
1244 chunksize -= flen;
1245 if (chunksize <= 0)
1246 break;
1247 }
1248 }
1249 if (rate_get) {
1250 while (1) {
1251 (void)gettimeofday(&now, NULL);
1252 timersub(&now, &then, &td);
1253 if (td.tv_sec > 0)
1254 break;
1255 usleep(1000000 - td.tv_usec);
1256 }
1257 }
1258 if (ischunked && chunksize <= 0)
1259 break;
1260 }
1261 /* read CRLF after chunk*/
1262 chunkdone:
1263 if (ischunked) {
1264 if (fgets(xferbuf, bufsize, fin) == NULL) {
1265 warnx("Unexpected EOF reading chunk CRLF");
1266 goto cleanup_fetch_url;
1267 }
1268 if (strcmp(xferbuf, "\r\n") != 0) {
1269 warnx("Unexpected data following chunk");
1270 goto cleanup_fetch_url;
1271 }
1272 if (lastchunk)
1273 break;
1274 }
1275 } while (ischunked);
1276
1277 /* XXX: deal with optional trailer & CRLF here? */
1278
1279 if (hash && !progress && bytes > 0) {
1280 if (bytes < mark)
1281 (void)putc('#', ttyout);
1282 (void)putc('\n', ttyout);
1283 }
1284 if (ferror(fin)) {
1285 warn("Reading file");
1286 goto cleanup_fetch_url;
1287 }
1288 progressmeter(1);
1289 (void)fflush(fout);
1290 if (closefunc == fclose && mtime != -1) {
1291 struct timeval tval[2];
1292
1293 (void)gettimeofday(&tval[0], NULL);
1294 tval[1].tv_sec = mtime;
1295 tval[1].tv_usec = 0;
1296 (*closefunc)(fout);
1297 fout = NULL;
1298
1299 if (utimes(savefile, tval) == -1) {
1300 fprintf(ttyout,
1301 "Can't change modification time to %s",
1302 rfc2822time(localtime(&mtime)));
1303 }
1304 }
1305 if (bytes > 0)
1306 ptransfer(0);
1307 bytes = 0;
1308
1309 rval = 0;
1310 goto cleanup_fetch_url;
1311
1312 improper:
1313 warnx("Improper response from `%s:%s'", host, port);
1314
1315 cleanup_fetch_url:
1316 if (oldintr)
1317 (void)xsignal(SIGINT, oldintr);
1318 if (oldintp)
1319 (void)xsignal(SIGPIPE, oldintp);
1320 if (fin != NULL)
1321 fclose(fin);
1322 else if (s != -1)
1323 close(s);
1324 if (closefunc != NULL && fout != NULL)
1325 (*closefunc)(fout);
1326 if (res0)
1327 freeaddrinfo(res0);
1328 if (savefile != outfile)
1329 FREEPTR(savefile);
1330 FREEPTR(uuser);
1331 if (pass != NULL)
1332 memset(pass, 0, strlen(pass));
1333 FREEPTR(pass);
1334 FREEPTR(host);
1335 FREEPTR(port);
1336 FREEPTR(path);
1337 FREEPTR(decodedpath);
1338 FREEPTR(puser);
1339 if (ppass != NULL)
1340 memset(ppass, 0, strlen(ppass));
1341 FREEPTR(ppass);
1342 FREEPTR(auth);
1343 FREEPTR(location);
1344 FREEPTR(message);
1345 return (rval);
1346 }
1347
1348 /*
1349 * Abort a HTTP retrieval
1350 */
1351 void
aborthttp(int notused)1352 aborthttp(int notused)
1353 {
1354 char msgbuf[100];
1355 size_t len;
1356
1357 sigint_raised = 1;
1358 alarmtimer(0);
1359 len = strlcpy(msgbuf, "\nHTTP fetch aborted.\n", sizeof(msgbuf));
1360 write(fileno(ttyout), msgbuf, len);
1361 siglongjmp(httpabort, 1);
1362 }
1363
1364 /*
1365 * Retrieve ftp URL or classic ftp argument using FTP.
1366 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1367 * is still open (e.g, ftp xfer with trailing /)
1368 */
1369 static int
fetch_ftp(const char * url)1370 fetch_ftp(const char *url)
1371 {
1372 char *cp, *xargv[5], rempath[MAXPATHLEN];
1373 char *host, *path, *dir, *file, *uuser, *pass;
1374 char *port;
1375 char cmdbuf[MAXPATHLEN];
1376 char dirbuf[4];
1377 int dirhasglob, filehasglob, rval, transtype, xargc;
1378 int oanonftp, oautologin;
1379 in_port_t portnum;
1380 url_t urltype;
1381
1382 DPRINTF("fetch_ftp: `%s'\n", url);
1383 host = path = dir = file = uuser = pass = NULL;
1384 port = NULL;
1385 rval = 1;
1386 transtype = TYPE_I;
1387
1388 if (STRNEQUAL(url, FTP_URL)) {
1389 if ((parse_url(url, "URL", &urltype, &uuser, &pass,
1390 &host, &port, &portnum, &path) == -1) ||
1391 (uuser != NULL && *uuser == '\0') ||
1392 EMPTYSTRING(host)) {
1393 warnx("Invalid URL `%s'", url);
1394 goto cleanup_fetch_ftp;
1395 }
1396 /*
1397 * Note: Don't url_decode(path) here. We need to keep the
1398 * distinction between "/" and "%2F" until later.
1399 */
1400
1401 /* check for trailing ';type=[aid]' */
1402 if (! EMPTYSTRING(path) && (cp = strrchr(path, ';')) != NULL) {
1403 if (strcasecmp(cp, ";type=a") == 0)
1404 transtype = TYPE_A;
1405 else if (strcasecmp(cp, ";type=i") == 0)
1406 transtype = TYPE_I;
1407 else if (strcasecmp(cp, ";type=d") == 0) {
1408 warnx(
1409 "Directory listing via a URL is not supported");
1410 goto cleanup_fetch_ftp;
1411 } else {
1412 warnx("Invalid suffix `%s' in URL `%s'", cp,
1413 url);
1414 goto cleanup_fetch_ftp;
1415 }
1416 *cp = 0;
1417 }
1418 } else { /* classic style `[user@]host:[file]' */
1419 urltype = CLASSIC_URL_T;
1420 host = ftp_strdup(url);
1421 cp = strchr(host, '@');
1422 if (cp != NULL) {
1423 *cp = '\0';
1424 uuser = host;
1425 anonftp = 0; /* disable anonftp */
1426 host = ftp_strdup(cp + 1);
1427 }
1428 cp = strchr(host, ':');
1429 if (cp != NULL) {
1430 *cp = '\0';
1431 path = ftp_strdup(cp + 1);
1432 }
1433 }
1434 if (EMPTYSTRING(host))
1435 goto cleanup_fetch_ftp;
1436
1437 /* Extract the file and (if present) directory name. */
1438 dir = path;
1439 if (! EMPTYSTRING(dir)) {
1440 /*
1441 * If we are dealing with classic `[user@]host:[path]' syntax,
1442 * then a path of the form `/file' (resulting from input of the
1443 * form `host:/file') means that we should do "CWD /" before
1444 * retrieving the file. So we set dir="/" and file="file".
1445 *
1446 * But if we are dealing with URLs like `ftp://host/path' then
1447 * a path of the form `/file' (resulting from a URL of the form
1448 * `ftp://host//file') means that we should do `CWD ' (with an
1449 * empty argument) before retrieving the file. So we set
1450 * dir="" and file="file".
1451 *
1452 * If the path does not contain / at all, we set dir=NULL.
1453 * (We get a path without any slashes if we are dealing with
1454 * classic `[user@]host:[file]' or URL `ftp://host/file'.)
1455 *
1456 * In all other cases, we set dir to a string that does not
1457 * include the final '/' that separates the dir part from the
1458 * file part of the path. (This will be the empty string if
1459 * and only if we are dealing with a path of the form `/file'
1460 * resulting from an URL of the form `ftp://host//file'.)
1461 */
1462 cp = strrchr(dir, '/');
1463 if (cp == dir && urltype == CLASSIC_URL_T) {
1464 file = cp + 1;
1465 (void)strlcpy(dirbuf, "/", sizeof(dirbuf));
1466 dir = dirbuf;
1467 } else if (cp != NULL) {
1468 *cp++ = '\0';
1469 file = cp;
1470 } else {
1471 file = dir;
1472 dir = NULL;
1473 }
1474 } else
1475 dir = NULL;
1476 if (urltype == FTP_URL_T && file != NULL) {
1477 url_decode(file);
1478 /* but still don't url_decode(dir) */
1479 }
1480 DPRINTF("fetch_ftp: user `%s' pass `%s' host %s port %s "
1481 "path `%s' dir `%s' file `%s'\n",
1482 STRorNULL(uuser), STRorNULL(pass),
1483 STRorNULL(host), STRorNULL(port),
1484 STRorNULL(path), STRorNULL(dir), STRorNULL(file));
1485
1486 dirhasglob = filehasglob = 0;
1487 if (doglob && urltype == CLASSIC_URL_T) {
1488 if (! EMPTYSTRING(dir) && strpbrk(dir, "*?[]{}") != NULL)
1489 dirhasglob = 1;
1490 if (! EMPTYSTRING(file) && strpbrk(file, "*?[]{}") != NULL)
1491 filehasglob = 1;
1492 }
1493
1494 /* Set up the connection */
1495 oanonftp = anonftp;
1496 if (connected)
1497 disconnect(0, NULL);
1498 anonftp = oanonftp;
1499 (void)strlcpy(cmdbuf, getprogname(), sizeof(cmdbuf));
1500 xargv[0] = cmdbuf;
1501 xargv[1] = host;
1502 xargv[2] = NULL;
1503 xargc = 2;
1504 if (port) {
1505 xargv[2] = port;
1506 xargv[3] = NULL;
1507 xargc = 3;
1508 }
1509 oautologin = autologin;
1510 /* don't autologin in setpeer(), use ftp_login() below */
1511 autologin = 0;
1512 setpeer(xargc, xargv);
1513 autologin = oautologin;
1514 if ((connected == 0) ||
1515 (connected == 1 && !ftp_login(host, uuser, pass))) {
1516 warnx("Can't connect or login to host `%s:%s'",
1517 host, port ? port : "?");
1518 goto cleanup_fetch_ftp;
1519 }
1520
1521 switch (transtype) {
1522 case TYPE_A:
1523 setascii(1, xargv);
1524 break;
1525 case TYPE_I:
1526 setbinary(1, xargv);
1527 break;
1528 default:
1529 errx(1, "fetch_ftp: unknown transfer type %d", transtype);
1530 }
1531
1532 /*
1533 * Change directories, if necessary.
1534 *
1535 * Note: don't use EMPTYSTRING(dir) below, because
1536 * dir=="" means something different from dir==NULL.
1537 */
1538 if (dir != NULL && !dirhasglob) {
1539 char *nextpart;
1540
1541 /*
1542 * If we are dealing with a classic `[user@]host:[path]'
1543 * (urltype is CLASSIC_URL_T) then we have a raw directory
1544 * name (not encoded in any way) and we can change
1545 * directories in one step.
1546 *
1547 * If we are dealing with an `ftp://host/path' URL
1548 * (urltype is FTP_URL_T), then RFC3986 says we need to
1549 * send a separate CWD command for each unescaped "/"
1550 * in the path, and we have to interpret %hex escaping
1551 * *after* we find the slashes. It's possible to get
1552 * empty components here, (from multiple adjacent
1553 * slashes in the path) and RFC3986 says that we should
1554 * still do `CWD ' (with a null argument) in such cases.
1555 *
1556 * Many ftp servers don't support `CWD ', so if there's an
1557 * error performing that command, bail out with a descriptive
1558 * message.
1559 *
1560 * Examples:
1561 *
1562 * host: dir="", urltype=CLASSIC_URL_T
1563 * logged in (to default directory)
1564 * host:file dir=NULL, urltype=CLASSIC_URL_T
1565 * "RETR file"
1566 * host:dir/ dir="dir", urltype=CLASSIC_URL_T
1567 * "CWD dir", logged in
1568 * ftp://host/ dir="", urltype=FTP_URL_T
1569 * logged in (to default directory)
1570 * ftp://host/dir/ dir="dir", urltype=FTP_URL_T
1571 * "CWD dir", logged in
1572 * ftp://host/file dir=NULL, urltype=FTP_URL_T
1573 * "RETR file"
1574 * ftp://host//file dir="", urltype=FTP_URL_T
1575 * "CWD ", "RETR file"
1576 * host:/file dir="/", urltype=CLASSIC_URL_T
1577 * "CWD /", "RETR file"
1578 * ftp://host///file dir="/", urltype=FTP_URL_T
1579 * "CWD ", "CWD ", "RETR file"
1580 * ftp://host/%2F/file dir="%2F", urltype=FTP_URL_T
1581 * "CWD /", "RETR file"
1582 * ftp://host/foo/file dir="foo", urltype=FTP_URL_T
1583 * "CWD foo", "RETR file"
1584 * ftp://host/foo/bar/file dir="foo/bar"
1585 * "CWD foo", "CWD bar", "RETR file"
1586 * ftp://host//foo/bar/file dir="/foo/bar"
1587 * "CWD ", "CWD foo", "CWD bar", "RETR file"
1588 * ftp://host/foo//bar/file dir="foo//bar"
1589 * "CWD foo", "CWD ", "CWD bar", "RETR file"
1590 * ftp://host/%2F/foo/bar/file dir="%2F/foo/bar"
1591 * "CWD /", "CWD foo", "CWD bar", "RETR file"
1592 * ftp://host/%2Ffoo/bar/file dir="%2Ffoo/bar"
1593 * "CWD /foo", "CWD bar", "RETR file"
1594 * ftp://host/%2Ffoo%2Fbar/file dir="%2Ffoo%2Fbar"
1595 * "CWD /foo/bar", "RETR file"
1596 * ftp://host/%2Ffoo%2Fbar%2Ffile dir=NULL
1597 * "RETR /foo/bar/file"
1598 *
1599 * Note that we don't need `dir' after this point.
1600 */
1601 do {
1602 if (urltype == FTP_URL_T) {
1603 nextpart = strchr(dir, '/');
1604 if (nextpart) {
1605 *nextpart = '\0';
1606 nextpart++;
1607 }
1608 url_decode(dir);
1609 } else
1610 nextpart = NULL;
1611 DPRINTF("fetch_ftp: dir `%s', nextpart `%s'\n",
1612 STRorNULL(dir), STRorNULL(nextpart));
1613 if (urltype == FTP_URL_T || *dir != '\0') {
1614 (void)strlcpy(cmdbuf, "cd", sizeof(cmdbuf));
1615 xargv[0] = cmdbuf;
1616 xargv[1] = dir;
1617 xargv[2] = NULL;
1618 dirchange = 0;
1619 cd(2, xargv);
1620 if (! dirchange) {
1621 if (*dir == '\0' && code == 500)
1622 fprintf(stderr,
1623 "\n"
1624 "ftp: The `CWD ' command (without a directory), which is required by\n"
1625 " RFC3986 to support the empty directory in the URL pathname (`//'),\n"
1626 " conflicts with the server's conformance to RFC0959.\n"
1627 " Try the same URL without the `//' in the URL pathname.\n"
1628 "\n");
1629 goto cleanup_fetch_ftp;
1630 }
1631 }
1632 dir = nextpart;
1633 } while (dir != NULL);
1634 }
1635
1636 if (EMPTYSTRING(file)) {
1637 rval = -1;
1638 goto cleanup_fetch_ftp;
1639 }
1640
1641 if (dirhasglob) {
1642 (void)strlcpy(rempath, dir, sizeof(rempath));
1643 (void)strlcat(rempath, "/", sizeof(rempath));
1644 (void)strlcat(rempath, file, sizeof(rempath));
1645 file = rempath;
1646 }
1647
1648 /* Fetch the file(s). */
1649 xargc = 2;
1650 (void)strlcpy(cmdbuf, "get", sizeof(cmdbuf));
1651 xargv[0] = cmdbuf;
1652 xargv[1] = file;
1653 xargv[2] = NULL;
1654 if (dirhasglob || filehasglob) {
1655 int ointeractive;
1656
1657 ointeractive = interactive;
1658 interactive = 0;
1659 if (restartautofetch)
1660 (void)strlcpy(cmdbuf, "mreget", sizeof(cmdbuf));
1661 else
1662 (void)strlcpy(cmdbuf, "mget", sizeof(cmdbuf));
1663 xargv[0] = cmdbuf;
1664 mget(xargc, xargv);
1665 interactive = ointeractive;
1666 } else {
1667 if (outfile == NULL) {
1668 cp = strrchr(file, '/'); /* find savefile */
1669 if (cp != NULL)
1670 outfile = cp + 1;
1671 else
1672 outfile = file;
1673 }
1674 xargv[2] = (char *)outfile;
1675 xargv[3] = NULL;
1676 xargc++;
1677 if (restartautofetch)
1678 reget(xargc, xargv);
1679 else
1680 get(xargc, xargv);
1681 }
1682
1683 if ((code / 100) == COMPLETE)
1684 rval = 0;
1685
1686 cleanup_fetch_ftp:
1687 FREEPTR(port);
1688 FREEPTR(host);
1689 FREEPTR(path);
1690 FREEPTR(uuser);
1691 if (pass)
1692 memset(pass, 0, strlen(pass));
1693 FREEPTR(pass);
1694 return (rval);
1695 }
1696
1697 /*
1698 * Retrieve the given file to outfile.
1699 * Supports arguments of the form:
1700 * "host:path", "ftp://host/path" if $ftpproxy, call fetch_url() else
1701 * call fetch_ftp()
1702 * "http://host/path" call fetch_url() to use HTTP
1703 * "file:///path" call fetch_url() to copy
1704 * "about:..." print a message
1705 *
1706 * Returns 1 on failure, 0 on completed xfer, -1 if ftp connection
1707 * is still open (e.g, ftp xfer with trailing /)
1708 */
1709 static int
go_fetch(const char * url)1710 go_fetch(const char *url)
1711 {
1712 char *proxyenv;
1713
1714 #ifndef NO_ABOUT
1715 /*
1716 * Check for about:*
1717 */
1718 if (STRNEQUAL(url, ABOUT_URL)) {
1719 url += sizeof(ABOUT_URL) -1;
1720 if (strcasecmp(url, "ftp") == 0 ||
1721 strcasecmp(url, "tnftp") == 0) {
1722 fputs(
1723 "This version of ftp has been enhanced by Luke Mewburn <lukem@NetBSD.org>\n"
1724 "for the NetBSD project. Execute `man ftp' for more details.\n", ttyout);
1725 } else if (strcasecmp(url, "lukem") == 0) {
1726 fputs(
1727 "Luke Mewburn is the author of most of the enhancements in this ftp client.\n"
1728 "Please email feedback to <lukem@NetBSD.org>.\n", ttyout);
1729 } else if (strcasecmp(url, "netbsd") == 0) {
1730 fputs(
1731 "NetBSD is a freely available and redistributable UNIX-like operating system.\n"
1732 "For more information, see http://www.NetBSD.org/\n", ttyout);
1733 } else if (strcasecmp(url, "version") == 0) {
1734 fprintf(ttyout, "Version: %s %s%s\n",
1735 FTP_PRODUCT, FTP_VERSION,
1736 #ifdef INET6
1737 ""
1738 #else
1739 " (-IPv6)"
1740 #endif
1741 );
1742 } else {
1743 fprintf(ttyout, "`%s' is an interesting topic.\n", url);
1744 }
1745 fputs("\n", ttyout);
1746 return (0);
1747 }
1748 #endif
1749
1750 /*
1751 * Check for file:// and http:// URLs.
1752 */
1753 if (STRNEQUAL(url, HTTP_URL) || STRNEQUAL(url, FILE_URL))
1754 return (fetch_url(url, NULL, NULL, NULL));
1755
1756 /*
1757 * Try FTP URL-style and host:file arguments next.
1758 * If ftpproxy is set with an FTP URL, use fetch_url()
1759 * Othewise, use fetch_ftp().
1760 */
1761 proxyenv = getoptionvalue("ftp_proxy");
1762 if (!EMPTYSTRING(proxyenv) && STRNEQUAL(url, FTP_URL))
1763 return (fetch_url(url, NULL, NULL, NULL));
1764
1765 return (fetch_ftp(url));
1766 }
1767
1768 /*
1769 * Retrieve multiple files from the command line,
1770 * calling go_fetch() for each file.
1771 *
1772 * If an ftp path has a trailing "/", the path will be cd-ed into and
1773 * the connection remains open, and the function will return -1
1774 * (to indicate the connection is alive).
1775 * If an error occurs the return value will be the offset+1 in
1776 * argv[] of the file that caused a problem (i.e, argv[x]
1777 * returns x+1)
1778 * Otherwise, 0 is returned if all files retrieved successfully.
1779 */
1780 int
auto_fetch(int argc,char * argv[])1781 auto_fetch(int argc, char *argv[])
1782 {
1783 volatile int argpos, rval;
1784
1785 argpos = rval = 0;
1786
1787 if (sigsetjmp(toplevel, 1)) {
1788 if (connected)
1789 disconnect(0, NULL);
1790 if (rval > 0)
1791 rval = argpos + 1;
1792 return (rval);
1793 }
1794 (void)xsignal(SIGINT, intr);
1795 (void)xsignal(SIGPIPE, lostpeer);
1796
1797 /*
1798 * Loop through as long as there's files to fetch.
1799 */
1800 for (; (rval == 0) && (argpos < argc); argpos++) {
1801 if (strchr(argv[argpos], ':') == NULL)
1802 break;
1803 redirect_loop = 0;
1804 if (!anonftp)
1805 anonftp = 2; /* Handle "automatic" transfers. */
1806 rval = go_fetch(argv[argpos]);
1807 if (outfile != NULL && strcmp(outfile, "-") != 0
1808 && outfile[0] != '|')
1809 outfile = NULL;
1810 if (rval > 0)
1811 rval = argpos + 1;
1812 }
1813
1814 if (connected && rval != -1)
1815 disconnect(0, NULL);
1816 return (rval);
1817 }
1818
1819
1820 /*
1821 * Upload multiple files from the command line.
1822 *
1823 * If an error occurs the return value will be the offset+1 in
1824 * argv[] of the file that caused a problem (i.e, argv[x]
1825 * returns x+1)
1826 * Otherwise, 0 is returned if all files uploaded successfully.
1827 */
1828 int
auto_put(int argc,char ** argv,const char * uploadserver)1829 auto_put(int argc, char **argv, const char *uploadserver)
1830 {
1831 char *uargv[4], *path, *pathsep;
1832 int uargc, rval, argpos;
1833 size_t len;
1834 char cmdbuf[MAX_C_NAME];
1835
1836 (void)strlcpy(cmdbuf, "mput", sizeof(cmdbuf));
1837 uargv[0] = cmdbuf;
1838 uargv[1] = argv[0];
1839 uargc = 2;
1840 uargv[2] = uargv[3] = NULL;
1841 pathsep = NULL;
1842 rval = 1;
1843
1844 DPRINTF("auto_put: target `%s'\n", uploadserver);
1845
1846 path = ftp_strdup(uploadserver);
1847 len = strlen(path);
1848 if (path[len - 1] != '/' && path[len - 1] != ':') {
1849 /*
1850 * make sure we always pass a directory to auto_fetch
1851 */
1852 if (argc > 1) { /* more than one file to upload */
1853 len = strlen(uploadserver) + 2; /* path + "/" + "\0" */
1854 free(path);
1855 path = (char *)ftp_malloc(len);
1856 (void)strlcpy(path, uploadserver, len);
1857 (void)strlcat(path, "/", len);
1858 } else { /* single file to upload */
1859 (void)strlcpy(cmdbuf, "put", sizeof(cmdbuf));
1860 uargv[0] = cmdbuf;
1861 pathsep = strrchr(path, '/');
1862 if (pathsep == NULL) {
1863 pathsep = strrchr(path, ':');
1864 if (pathsep == NULL) {
1865 warnx("Invalid URL `%s'", path);
1866 goto cleanup_auto_put;
1867 }
1868 pathsep++;
1869 uargv[2] = ftp_strdup(pathsep);
1870 pathsep[0] = '/';
1871 } else
1872 uargv[2] = ftp_strdup(pathsep + 1);
1873 pathsep[1] = '\0';
1874 uargc++;
1875 }
1876 }
1877 DPRINTF("auto_put: URL `%s' argv[2] `%s'\n",
1878 path, STRorNULL(uargv[2]));
1879
1880 /* connect and cwd */
1881 rval = auto_fetch(1, &path);
1882 if(rval >= 0)
1883 goto cleanup_auto_put;
1884
1885 rval = 0;
1886
1887 /* target filename provided; upload 1 file */
1888 /* XXX : is this the best way? */
1889 if (uargc == 3) {
1890 uargv[1] = argv[0];
1891 put(uargc, uargv);
1892 if ((code / 100) != COMPLETE)
1893 rval = 1;
1894 } else { /* otherwise a target dir: upload all files to it */
1895 for(argpos = 0; argv[argpos] != NULL; argpos++) {
1896 uargv[1] = argv[argpos];
1897 mput(uargc, uargv);
1898 if ((code / 100) != COMPLETE) {
1899 rval = argpos + 1;
1900 break;
1901 }
1902 }
1903 }
1904
1905 cleanup_auto_put:
1906 free(path);
1907 FREEPTR(uargv[2]);
1908 return (rval);
1909 }
1910