xref: /freebsd/lib/libfetch/fetch.3 (revision 0957b409a90fd597c1e9124cbaf3edd2b488f4ac)
1.\"-
2.\" Copyright (c) 1998-2013 Dag-Erling Smørgrav
3.\" Copyright (c) 2013-2016 Michael Gmelin <freebsd@grem.de>
4.\" All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25.\" SUCH DAMAGE.
26.\"
27.\" $FreeBSD$
28.\"
29.Dd March 18, 2016
30.Dt FETCH 3
31.Os
32.Sh NAME
33.Nm fetchMakeURL ,
34.Nm fetchParseURL ,
35.Nm fetchFreeURL ,
36.Nm fetchXGetURL ,
37.Nm fetchGetURL ,
38.Nm fetchPutURL ,
39.Nm fetchStatURL ,
40.Nm fetchListURL ,
41.Nm fetchXGet ,
42.Nm fetchGet ,
43.Nm fetchPut ,
44.Nm fetchStat ,
45.Nm fetchList ,
46.Nm fetchXGetFile ,
47.Nm fetchGetFile ,
48.Nm fetchPutFile ,
49.Nm fetchStatFile ,
50.Nm fetchListFile ,
51.Nm fetchXGetHTTP ,
52.Nm fetchGetHTTP ,
53.Nm fetchPutHTTP ,
54.Nm fetchStatHTTP ,
55.Nm fetchListHTTP ,
56.Nm fetchXGetFTP ,
57.Nm fetchGetFTP ,
58.Nm fetchPutFTP ,
59.Nm fetchStatFTP ,
60.Nm fetchListFTP
61.Nd file transfer functions
62.Sh LIBRARY
63.Lb libfetch
64.Sh SYNOPSIS
65.In sys/param.h
66.In stdio.h
67.In fetch.h
68.Ft struct url *
69.Fn fetchMakeURL "const char *scheme" "const char *host" "int port" "const char *doc" "const char *user" "const char *pwd"
70.Ft struct url *
71.Fn fetchParseURL "const char *URL"
72.Ft void
73.Fn fetchFreeURL "struct url *u"
74.Ft FILE *
75.Fn fetchXGetURL "const char *URL" "struct url_stat *us" "const char *flags"
76.Ft FILE *
77.Fn fetchGetURL "const char *URL" "const char *flags"
78.Ft FILE *
79.Fn fetchPutURL "const char *URL" "const char *flags"
80.Ft int
81.Fn fetchStatURL "const char *URL" "struct url_stat *us" "const char *flags"
82.Ft struct url_ent *
83.Fn fetchListURL "const char *URL" "const char *flags"
84.Ft FILE *
85.Fn fetchXGet "struct url *u" "struct url_stat *us" "const char *flags"
86.Ft FILE *
87.Fn fetchGet "struct url *u" "const char *flags"
88.Ft FILE *
89.Fn fetchPut "struct url *u" "const char *flags"
90.Ft int
91.Fn fetchStat "struct url *u" "struct url_stat *us" "const char *flags"
92.Ft struct url_ent *
93.Fn fetchList "struct url *u" "const char *flags"
94.Ft FILE *
95.Fn fetchXGetFile "struct url *u" "struct url_stat *us" "const char *flags"
96.Ft FILE *
97.Fn fetchGetFile "struct url *u" "const char *flags"
98.Ft FILE *
99.Fn fetchPutFile "struct url *u" "const char *flags"
100.Ft int
101.Fn fetchStatFile "struct url *u" "struct url_stat *us" "const char *flags"
102.Ft struct url_ent *
103.Fn fetchListFile "struct url *u" "const char *flags"
104.Ft FILE *
105.Fn fetchXGetHTTP "struct url *u" "struct url_stat *us" "const char *flags"
106.Ft FILE *
107.Fn fetchGetHTTP "struct url *u" "const char *flags"
108.Ft FILE *
109.Fn fetchPutHTTP "struct url *u" "const char *flags"
110.Ft int
111.Fn fetchStatHTTP "struct url *u" "struct url_stat *us" "const char *flags"
112.Ft struct url_ent *
113.Fn fetchListHTTP "struct url *u" "const char *flags"
114.Ft FILE *
115.Fn fetchXGetFTP "struct url *u" "struct url_stat *us" "const char *flags"
116.Ft FILE *
117.Fn fetchGetFTP "struct url *u" "const char *flags"
118.Ft FILE *
119.Fn fetchPutFTP "struct url *u" "const char *flags"
120.Ft int
121.Fn fetchStatFTP "struct url *u" "struct url_stat *us" "const char *flags"
122.Ft struct url_ent *
123.Fn fetchListFTP "struct url *u" "const char *flags"
124.Sh DESCRIPTION
125These functions implement a high-level library for retrieving and
126uploading files using Uniform Resource Locators (URLs).
127.Pp
128.Fn fetchParseURL
129takes a URL in the form of a null-terminated string and splits it into
130its components function according to the Common Internet Scheme Syntax
131detailed in RFC1738.
132A regular expression which produces this syntax is:
133.Bd -literal
134    <scheme>:(//(<user>(:<pwd>)?@)?<host>(:<port>)?)?/(<document>)?
135.Ed
136.Pp
137If the URL does not seem to begin with a scheme name, the following
138syntax is assumed:
139.Bd -literal
140    ((<user>(:<pwd>)?@)?<host>(:<port>)?)?/(<document>)?
141.Ed
142.Pp
143Note that some components of the URL are not necessarily relevant to
144all URL schemes.
145For instance, the file scheme only needs the <scheme> and <document>
146components.
147.Pp
148.Fn fetchMakeURL
149and
150.Fn fetchParseURL
151return a pointer to a
152.Vt url
153structure, which is defined as follows in
154.In fetch.h :
155.Bd -literal
156#define URL_SCHEMELEN 16
157#define URL_USERLEN 256
158#define URL_PWDLEN 256
159
160struct url {
161    char	 scheme[URL_SCHEMELEN+1];
162    char	 user[URL_USERLEN+1];
163    char	 pwd[URL_PWDLEN+1];
164    char	 host[MAXHOSTNAMELEN+1];
165    int		 port;
166    char	*doc;
167    off_t	 offset;
168    size_t	 length;
169    time_t	 ims_time;
170};
171.Ed
172.Pp
173The
174.Va ims_time
175field stores the time value for
176.Li If-Modified-Since
177HTTP requests.
178.Pp
179The pointer returned by
180.Fn fetchMakeURL
181or
182.Fn fetchParseURL
183should be freed using
184.Fn fetchFreeURL .
185.Pp
186.Fn fetchXGetURL ,
187.Fn fetchGetURL ,
188and
189.Fn fetchPutURL
190constitute the recommended interface to the
191.Nm fetch
192library.
193They examine the URL passed to them to determine the transfer
194method, and call the appropriate lower-level functions to perform the
195actual transfer.
196.Fn fetchXGetURL
197also returns the remote document's metadata in the
198.Vt url_stat
199structure pointed to by the
200.Fa us
201argument.
202.Pp
203The
204.Fa flags
205argument is a string of characters which specify transfer options.
206The
207meaning of the individual flags is scheme-dependent, and is detailed
208in the appropriate section below.
209.Pp
210.Fn fetchStatURL
211attempts to obtain the requested document's metadata and fill in the
212structure pointed to by its second argument.
213The
214.Vt url_stat
215structure is defined as follows in
216.In fetch.h :
217.Bd -literal
218struct url_stat {
219    off_t	 size;
220    time_t	 atime;
221    time_t	 mtime;
222};
223.Ed
224.Pp
225If the size could not be obtained from the server, the
226.Fa size
227field is set to -1.
228If the modification time could not be obtained from the server, the
229.Fa mtime
230field is set to the epoch.
231If the access time could not be obtained from the server, the
232.Fa atime
233field is set to the modification time.
234.Pp
235.Fn fetchListURL
236attempts to list the contents of the directory pointed to by the URL
237provided.
238If successful, it returns a malloced array of
239.Vt url_ent
240structures.
241The
242.Vt url_ent
243structure is defined as follows in
244.In fetch.h :
245.Bd -literal
246struct url_ent {
247    char         name[PATH_MAX];
248    struct url_stat stat;
249};
250.Ed
251.Pp
252The list is terminated by an entry with an empty name.
253.Pp
254The pointer returned by
255.Fn fetchListURL
256should be freed using
257.Fn free .
258.Pp
259.Fn fetchXGet ,
260.Fn fetchGet ,
261.Fn fetchPut
262and
263.Fn fetchStat
264are similar to
265.Fn fetchXGetURL ,
266.Fn fetchGetURL ,
267.Fn fetchPutURL
268and
269.Fn fetchStatURL ,
270except that they expect a pre-parsed URL in the form of a pointer to
271a
272.Vt struct url
273rather than a string.
274.Pp
275All of the
276.Fn fetchXGetXXX ,
277.Fn fetchGetXXX
278and
279.Fn fetchPutXXX
280functions return a pointer to a stream which can be used to read or
281write data from or to the requested document, respectively.
282Note that
283although the implementation details of the individual access methods
284vary, it can generally be assumed that a stream returned by one of the
285.Fn fetchXGetXXX
286or
287.Fn fetchGetXXX
288functions is read-only, and that a stream returned by one of the
289.Fn fetchPutXXX
290functions is write-only.
291.Sh FILE SCHEME
292.Fn fetchXGetFile ,
293.Fn fetchGetFile
294and
295.Fn fetchPutFile
296provide access to documents which are files in a locally mounted file
297system.
298Only the <document> component of the URL is used.
299.Pp
300.Fn fetchXGetFile
301and
302.Fn fetchGetFile
303do not accept any flags.
304.Pp
305.Fn fetchPutFile
306accepts the
307.Ql a
308(append to file) flag.
309If that flag is specified, the data written to
310the stream returned by
311.Fn fetchPutFile
312will be appended to the previous contents of the file, instead of
313replacing them.
314.Sh FTP SCHEME
315.Fn fetchXGetFTP ,
316.Fn fetchGetFTP
317and
318.Fn fetchPutFTP
319implement the FTP protocol as described in RFC959.
320.Pp
321If the
322.Ql P
323(not passive) flag is specified, an active (rather than passive)
324connection will be attempted.
325.Pp
326The
327.Ql p
328flag is supported for compatibility with earlier versions where active
329connections were the default.
330It has precedence over the
331.Ql P
332flag, so if both are specified,
333.Nm
334will use a passive connection.
335.Pp
336If the
337.Ql l
338(low) flag is specified, data sockets will be allocated in the low (or
339default) port range instead of the high port range (see
340.Xr ip 4 ) .
341.Pp
342If the
343.Ql d
344(direct) flag is specified,
345.Fn fetchXGetFTP ,
346.Fn fetchGetFTP
347and
348.Fn fetchPutFTP
349will use a direct connection even if a proxy server is defined.
350.Pp
351If no user name or password is given, the
352.Nm fetch
353library will attempt an anonymous login, with user name "anonymous"
354and password "anonymous@<hostname>".
355.Sh HTTP SCHEME
356The
357.Fn fetchXGetHTTP ,
358.Fn fetchGetHTTP
359and
360.Fn fetchPutHTTP
361functions implement the HTTP/1.1 protocol.
362With a little luck, there is
363even a chance that they comply with RFC2616 and RFC2617.
364.Pp
365If the
366.Ql d
367(direct) flag is specified,
368.Fn fetchXGetHTTP ,
369.Fn fetchGetHTTP
370and
371.Fn fetchPutHTTP
372will use a direct connection even if a proxy server is defined.
373.Pp
374If the
375.Ql i
376(if-modified-since) flag is specified, and
377the
378.Va ims_time
379field is set in
380.Vt "struct url" ,
381then
382.Fn fetchXGetHTTP
383and
384.Fn fetchGetHTTP
385will send a conditional
386.Li If-Modified-Since
387HTTP header to only fetch the content if it is newer than
388.Va ims_time .
389.Pp
390Since there seems to be no good way of implementing the HTTP PUT
391method in a manner consistent with the rest of the
392.Nm fetch
393library,
394.Fn fetchPutHTTP
395is currently unimplemented.
396.Sh HTTPS SCHEME
397Based on HTTP SCHEME.
398By default the peer is verified using the CA bundle located in
399.Pa /usr/local/etc/ssl/cert.pem .
400If this file does not exist,
401.Pa /etc/ssl/cert.pem
402is used instead.
403If neither file exists, and
404.Ev SSL_CA_CERT_PATH
405has not been set,
406OpenSSL's default CA cert and path settings apply.
407The certificate bundle can contain multiple CA certificates.
408A common source of a current CA bundle is
409.Pa \%security/ca_root_nss .
410.Pp
411The CA bundle used for peer verification can be changed by setting the
412environment variables
413.Ev SSL_CA_CERT_FILE
414to point to a concatenated bundle of trusted certificates and
415.Ev SSL_CA_CERT_PATH
416to point to a directory containing hashes of trusted CAs (see
417.Xr verify 1 ) .
418.Pp
419A certificate revocation list (CRL) can be used by setting the
420environment variable
421.Ev SSL_CRL_FILE
422(see
423.Xr crl 1 ) .
424.Pp
425Peer verification can be disabled by setting the environment variable
426.Ev SSL_NO_VERIFY_PEER .
427Note that this also disables CRL checking.
428.Pp
429By default the service identity is verified according to the rules
430detailed in RFC6125 (also known as hostname verification).
431This feature can be disabled by setting the environment variable
432.Ev SSL_NO_VERIFY_HOSTNAME .
433.Pp
434Client certificate based authentication is supported.
435The environment variable
436.Ev SSL_CLIENT_CERT_FILE
437should be set to point to a file containing key and client certificate
438to be used in PEM format.
439When a PEM-format key is in a separate file from the client certificate,
440the environment variable
441.Ev SSL_CLIENT_KEY_FILE
442can be set to point to the key file.
443In case the key uses a password, the user will be prompted on standard
444input (see
445.Xr PEM 3 ) .
446.Pp
447By default
448.Nm libfetch
449allows TLSv1 and newer when negotiating the connecting with the remote
450peer.
451You can change this behavior by setting the
452.Ev SSL_ALLOW_SSL3
453environment variable to allow SSLv3 and
454.Ev SSL_NO_TLS1 ,
455.Ev SSL_NO_TLS1_1 and
456.Ev SSL_NO_TLS1_2
457to disable TLS 1.0, 1.1 and 1.2 respectively.
458.Sh AUTHENTICATION
459Apart from setting the appropriate environment variables and
460specifying the user name and password in the URL or the
461.Vt struct url ,
462the calling program has the option of defining an authentication
463function with the following prototype:
464.Pp
465.Ft int
466.Fn myAuthMethod "struct url *u"
467.Pp
468The callback function should fill in the
469.Fa user
470and
471.Fa pwd
472fields in the provided
473.Vt struct url
474and return 0 on success, or any other value to indicate failure.
475.Pp
476To register the authentication callback, simply set
477.Va fetchAuthMethod
478to point at it.
479The callback will be used whenever a site requires authentication and
480the appropriate environment variables are not set.
481.Pp
482This interface is experimental and may be subject to change.
483.Sh RETURN VALUES
484.Fn fetchParseURL
485returns a pointer to a
486.Vt struct url
487containing the individual components of the URL.
488If it is
489unable to allocate memory, or the URL is syntactically incorrect,
490.Fn fetchParseURL
491returns a NULL pointer.
492.Pp
493The
494.Fn fetchStat
495functions return 0 on success and -1 on failure.
496.Pp
497All other functions return a stream pointer which may be used to
498access the requested document, or NULL if an error occurred.
499.Pp
500The following error codes are defined in
501.In fetch.h :
502.Bl -tag -width 18n
503.It Bq Er FETCH_ABORT
504Operation aborted
505.It Bq Er FETCH_AUTH
506Authentication failed
507.It Bq Er FETCH_DOWN
508Service unavailable
509.It Bq Er FETCH_EXISTS
510File exists
511.It Bq Er FETCH_FULL
512File system full
513.It Bq Er FETCH_INFO
514Informational response
515.It Bq Er FETCH_MEMORY
516Insufficient memory
517.It Bq Er FETCH_MOVED
518File has moved
519.It Bq Er FETCH_NETWORK
520Network error
521.It Bq Er FETCH_OK
522No error
523.It Bq Er FETCH_PROTO
524Protocol error
525.It Bq Er FETCH_RESOLV
526Resolver error
527.It Bq Er FETCH_SERVER
528Server error
529.It Bq Er FETCH_TEMP
530Temporary error
531.It Bq Er FETCH_TIMEOUT
532Operation timed out
533.It Bq Er FETCH_UNAVAIL
534File is not available
535.It Bq Er FETCH_UNKNOWN
536Unknown error
537.It Bq Er FETCH_URL
538Invalid URL
539.El
540.Pp
541The accompanying error message includes a protocol-specific error code
542and message, like "File is not available (404 Not Found)"
543.Sh ENVIRONMENT
544.Bl -tag -width ".Ev FETCH_BIND_ADDRESS"
545.It Ev FETCH_BIND_ADDRESS
546Specifies a hostname or IP address to which sockets used for outgoing
547connections will be bound.
548.It Ev FTP_LOGIN
549Default FTP login if none was provided in the URL.
550.It Ev FTP_PASSIVE_MODE
551If set to
552.Ql no ,
553forces the FTP code to use active mode.
554If set to any other value, forces passive mode even if the application
555requested active mode.
556.It Ev FTP_PASSWORD
557Default FTP password if the remote server requests one and none was
558provided in the URL.
559.It Ev FTP_PROXY
560URL of the proxy to use for FTP requests.
561The document part is ignored.
562FTP and HTTP proxies are supported; if no scheme is specified, FTP is
563assumed.
564If the proxy is an FTP proxy,
565.Nm libfetch
566will send
567.Ql user@host
568as user name to the proxy, where
569.Ql user
570is the real user name, and
571.Ql host
572is the name of the FTP server.
573.Pp
574If this variable is set to an empty string, no proxy will be used for
575FTP requests, even if the
576.Ev HTTP_PROXY
577variable is set.
578.It Ev ftp_proxy
579Same as
580.Ev FTP_PROXY ,
581for compatibility.
582.It Ev HTTP_ACCEPT
583Specifies the value of the
584.Va Accept
585header for HTTP requests.
586If empty, no
587.Va Accept
588header is sent.
589The default is
590.Dq */* .
591.It Ev HTTP_AUTH
592Specifies HTTP authorization parameters as a colon-separated list of
593items.
594The first and second item are the authorization scheme and realm
595respectively; further items are scheme-dependent.
596Currently, the
597.Dq basic
598and
599.Dq digest
600authorization methods are supported.
601.Pp
602Both methods require two parameters: the user name and
603password, in that order.
604.Pp
605This variable is only used if the server requires authorization and
606no user name or password was specified in the URL.
607.It Ev HTTP_PROXY
608URL of the proxy to use for HTTP requests.
609The document part is ignored.
610Only HTTP proxies are supported for HTTP requests.
611If no port number is specified, the default is 3128.
612.Pp
613Note that this proxy will also be used for FTP documents, unless the
614.Ev FTP_PROXY
615variable is set.
616.It Ev http_proxy
617Same as
618.Ev HTTP_PROXY ,
619for compatibility.
620.It Ev HTTP_PROXY_AUTH
621Specifies authorization parameters for the HTTP proxy in the same
622format as the
623.Ev HTTP_AUTH
624variable.
625.Pp
626This variable is used if and only if connected to an HTTP proxy, and
627is ignored if a user and/or a password were specified in the proxy
628URL.
629.It Ev HTTP_REFERER
630Specifies the referrer URL to use for HTTP requests.
631If set to
632.Dq auto ,
633the document URL will be used as referrer URL.
634.It Ev HTTP_USER_AGENT
635Specifies the User-Agent string to use for HTTP requests.
636This can be useful when working with HTTP origin or proxy servers that
637differentiate between user agents.
638If defined but empty, no User-Agent header is sent.
639.It Ev NETRC
640Specifies a file to use instead of
641.Pa ~/.netrc
642to look up login names and passwords for FTP and HTTP sites as well as
643HTTP proxies.
644See
645.Xr ftp 1
646for a description of the file format.
647.It Ev NO_PROXY
648Either a single asterisk, which disables the use of proxies
649altogether, or a comma- or whitespace-separated list of hosts for
650which proxies should not be used.
651.It Ev no_proxy
652Same as
653.Ev NO_PROXY ,
654for compatibility.
655.It Ev SSL_ALLOW_SSL3
656Allow SSL version 3 when negotiating the connection (not recommended).
657.It Ev SSL_CA_CERT_FILE
658CA certificate bundle containing trusted CA certificates.
659Default value: See HTTPS SCHEME above.
660.It Ev SSL_CA_CERT_PATH
661Path containing trusted CA hashes.
662.It Ev SSL_CLIENT_CERT_FILE
663PEM encoded client certificate/key which will be used in
664client certificate authentication.
665.It Ev SSL_CLIENT_KEY_FILE
666PEM encoded client key in case key and client certificate
667are stored separately.
668.It Ev SSL_CRL_FILE
669File containing certificate revocation list.
670.It Ev SSL_NO_TLS1
671Do not allow TLS version 1.0 when negotiating the connection.
672.It Ev SSL_NO_TLS1_1
673Do not allow TLS version 1.1 when negotiating the connection.
674.It Ev SSL_NO_TLS1_2
675Do not allow TLS version 1.2 when negotiating the connection.
676.It Ev SSL_NO_VERIFY_HOSTNAME
677If set, do not verify that the hostname matches the subject of the
678certificate presented by the server.
679.It Ev SSL_NO_VERIFY_PEER
680If set, do not verify the peer certificate against trusted CAs.
681.El
682.Sh EXAMPLES
683To access a proxy server on
684.Pa proxy.example.com
685port 8080, set the
686.Ev HTTP_PROXY
687environment variable in a manner similar to this:
688.Pp
689.Dl HTTP_PROXY=http://proxy.example.com:8080
690.Pp
691If the proxy server requires authentication, there are
692two options available for passing the authentication data.
693The first method is by using the proxy URL:
694.Pp
695.Dl HTTP_PROXY=http://<user>:<pwd>@proxy.example.com:8080
696.Pp
697The second method is by using the
698.Ev HTTP_PROXY_AUTH
699environment variable:
700.Bd -literal -offset indent
701HTTP_PROXY=http://proxy.example.com:8080
702HTTP_PROXY_AUTH=basic:*:<user>:<pwd>
703.Ed
704.Pp
705To disable the use of a proxy for an HTTP server running on the local
706host, define
707.Ev NO_PROXY
708as follows:
709.Bd -literal -offset indent
710NO_PROXY=localhost,127.0.0.1
711.Ed
712.Pp
713Access HTTPS website without any certificate verification whatsoever:
714.Bd -literal -offset indent
715SSL_NO_VERIFY_PEER=1
716SSL_NO_VERIFY_HOSTNAME=1
717.Ed
718.Pp
719Access HTTPS website using client certificate based authentication
720and a private CA:
721.Bd -literal -offset indent
722SSL_CLIENT_CERT_FILE=/path/to/client.pem
723SSL_CA_CERT_FILE=/path/to/myca.pem
724.Ed
725.Sh SEE ALSO
726.Xr fetch 1 ,
727.Xr ip 4
728.Rs
729.%A J. Postel
730.%A J. K. Reynolds
731.%D October 1985
732.%B File Transfer Protocol
733.%O RFC959
734.Re
735.Rs
736.%A P. Deutsch
737.%A A. Emtage
738.%A A. Marine.
739.%D May 1994
740.%T How to Use Anonymous FTP
741.%O RFC1635
742.Re
743.Rs
744.%A T. Berners-Lee
745.%A L. Masinter
746.%A M. McCahill
747.%D December 1994
748.%T Uniform Resource Locators (URL)
749.%O RFC1738
750.Re
751.Rs
752.%A R. Fielding
753.%A J. Gettys
754.%A J. Mogul
755.%A H. Frystyk
756.%A L. Masinter
757.%A P. Leach
758.%A T. Berners-Lee
759.%D January 1999
760.%B Hypertext Transfer Protocol -- HTTP/1.1
761.%O RFC2616
762.Re
763.Rs
764.%A J. Franks
765.%A P. Hallam-Baker
766.%A J. Hostetler
767.%A S. Lawrence
768.%A P. Leach
769.%A A. Luotonen
770.%A L. Stewart
771.%D June 1999
772.%B HTTP Authentication: Basic and Digest Access Authentication
773.%O RFC2617
774.Re
775.Sh HISTORY
776The
777.Nm fetch
778library first appeared in
779.Fx 3.0 .
780.Sh AUTHORS
781.An -nosplit
782The
783.Nm fetch
784library was mostly written by
785.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org
786with numerous suggestions and contributions from
787.An Jordan K. Hubbard Aq Mt jkh@FreeBSD.org ,
788.An Eugene Skepner Aq Mt eu@qub.com ,
789.An Hajimu Umemoto Aq Mt ume@FreeBSD.org ,
790.An Henry Whincup Aq Mt henry@techiebod.com ,
791.An Jukka A. Ukkonen Aq Mt jau@iki.fi ,
792.An Jean-Fran\(,cois Dockes Aq Mt jf@dockes.org ,
793.An Michael Gmelin Aq Mt freebsd@grem.de
794and others.
795It replaces the older
796.Nm ftpio
797library written by
798.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org
799and
800.An Jordan K. Hubbard Aq Mt jkh@FreeBSD.org .
801.Pp
802This manual page was written by
803.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org
804and
805.An Michael Gmelin Aq Mt freebsd@grem.de .
806.Sh BUGS
807Some parts of the library are not yet implemented.
808The most notable
809examples of this are
810.Fn fetchPutHTTP ,
811.Fn fetchListHTTP ,
812.Fn fetchListFTP
813and FTP proxy support.
814.Pp
815There is no way to select a proxy at run-time other than setting the
816.Ev HTTP_PROXY
817or
818.Ev FTP_PROXY
819environment variables as appropriate.
820.Pp
821.Nm libfetch
822does not understand or obey 305 (Use Proxy) replies.
823.Pp
824Error numbers are unique only within a certain context; the error
825codes used for FTP and HTTP overlap, as do those used for resolver and
826system errors.
827For instance, error code 202 means "Command not
828implemented, superfluous at this site" in an FTP context and
829"Accepted" in an HTTP context.
830.Pp
831.Fn fetchStatFTP
832does not check that the result of an MDTM command is a valid date.
833.Pp
834In case password protected keys are used for client certificate based
835authentication the user is prompted for the password on each and every
836fetch operation.
837.Pp
838The man page is incomplete, poorly written and produces badly
839formatted text.
840.Pp
841The error reporting mechanism is unsatisfactory.
842.Pp
843Some parts of the code are not fully reentrant.
844