1.\"- 2.\" Copyright (c) 1998-2013 Dag-Erling Smørgrav 3.\" Copyright (c) 2013-2016 Michael Gmelin <freebsd@grem.de> 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.Dd January 22, 2026 28.Dt FETCH 3 29.Os 30.Sh NAME 31.Nm fetchMakeURL , 32.Nm fetchParseURL , 33.Nm fetchFreeURL , 34.Nm fetchXGetURL , 35.Nm fetchGetURL , 36.Nm fetchPutURL , 37.Nm fetchStatURL , 38.Nm fetchListURL , 39.Nm fetchXGet , 40.Nm fetchGet , 41.Nm fetchPut , 42.Nm fetchStat , 43.Nm fetchList , 44.Nm fetchXGetFile , 45.Nm fetchGetFile , 46.Nm fetchPutFile , 47.Nm fetchStatFile , 48.Nm fetchListFile , 49.Nm fetchXGetHTTP , 50.Nm fetchGetHTTP , 51.Nm fetchPutHTTP , 52.Nm fetchStatHTTP , 53.Nm fetchListHTTP , 54.Nm fetchReqHTTP , 55.Nm fetchXGetFTP , 56.Nm fetchGetFTP , 57.Nm fetchPutFTP , 58.Nm fetchStatFTP , 59.Nm fetchListFTP 60.Nd file transfer functions 61.Sh LIBRARY 62.Lb libfetch 63.Sh SYNOPSIS 64.In sys/param.h 65.In stdio.h 66.In fetch.h 67.Ft struct url * 68.Fn fetchMakeURL "const char *scheme" "const char *host" "int port" "const char *doc" "const char *user" "const char *pwd" 69.Ft struct url * 70.Fn fetchParseURL "const char *URL" 71.Ft void 72.Fn fetchFreeURL "struct url *u" 73.Ft FILE * 74.Fn fetchXGetURL "const char *URL" "struct url_stat *us" "const char *flags" 75.Ft FILE * 76.Fn fetchGetURL "const char *URL" "const char *flags" 77.Ft FILE * 78.Fn fetchPutURL "const char *URL" "const char *flags" 79.Ft int 80.Fn fetchStatURL "const char *URL" "struct url_stat *us" "const char *flags" 81.Ft struct url_ent * 82.Fn fetchListURL "const char *URL" "const char *flags" 83.Ft FILE * 84.Fn fetchXGet "struct url *u" "struct url_stat *us" "const char *flags" 85.Ft FILE * 86.Fn fetchGet "struct url *u" "const char *flags" 87.Ft FILE * 88.Fn fetchPut "struct url *u" "const char *flags" 89.Ft int 90.Fn fetchStat "struct url *u" "struct url_stat *us" "const char *flags" 91.Ft struct url_ent * 92.Fn fetchList "struct url *u" "const char *flags" 93.Ft FILE * 94.Fn fetchXGetFile "struct url *u" "struct url_stat *us" "const char *flags" 95.Ft FILE * 96.Fn fetchGetFile "struct url *u" "const char *flags" 97.Ft FILE * 98.Fn fetchPutFile "struct url *u" "const char *flags" 99.Ft int 100.Fn fetchStatFile "struct url *u" "struct url_stat *us" "const char *flags" 101.Ft struct url_ent * 102.Fn fetchListFile "struct url *u" "const char *flags" 103.Ft FILE * 104.Fn fetchXGetHTTP "struct url *u" "struct url_stat *us" "const char *flags" 105.Ft FILE * 106.Fn fetchGetHTTP "struct url *u" "const char *flags" 107.Ft FILE * 108.Fn fetchPutHTTP "struct url *u" "const char *flags" 109.Ft int 110.Fn fetchStatHTTP "struct url *u" "struct url_stat *us" "const char *flags" 111.Ft struct url_ent * 112.Fn fetchListHTTP "struct url *u" "const char *flags" 113.Ft FILE * 114.Fn fetchReqHTTP "struct url *u" "const char *method" "const char *flags" "const char *content_type" "const char *body" 115.Ft FILE * 116.Fn fetchXGetFTP "struct url *u" "struct url_stat *us" "const char *flags" 117.Ft FILE * 118.Fn fetchGetFTP "struct url *u" "const char *flags" 119.Ft FILE * 120.Fn fetchPutFTP "struct url *u" "const char *flags" 121.Ft int 122.Fn fetchStatFTP "struct url *u" "struct url_stat *us" "const char *flags" 123.Ft struct url_ent * 124.Fn fetchListFTP "struct url *u" "const char *flags" 125.Sh DESCRIPTION 126These functions implement a high-level library for retrieving and 127uploading files using Uniform Resource Locators (URLs). 128.Pp 129.Fn fetchParseURL 130takes a URL in the form of a null-terminated string and splits it into 131its components function according to the Common Internet Scheme Syntax 132detailed in RFC1738. 133A regular expression which produces this syntax is: 134.Bd -literal 135 <scheme>:(//(<user>(:<pwd>)?@)?<host>(:<port>)?)?/(<document>)? 136.Ed 137.Pp 138If the URL does not seem to begin with a scheme name, the following 139syntax is assumed: 140.Bd -literal 141 ((<user>(:<pwd>)?@)?<host>(:<port>)?)?/(<document>)? 142.Ed 143.Pp 144Note that some components of the URL are not necessarily relevant to 145all URL schemes. 146For instance, the file scheme only needs the <scheme> and <document> 147components. 148.Pp 149.Fn fetchMakeURL 150and 151.Fn fetchParseURL 152return a pointer to a 153.Vt url 154structure, which is defined as follows in 155.In fetch.h : 156.Bd -literal 157#define URL_SCHEMELEN 16 158#define URL_USERLEN 256 159#define URL_PWDLEN 256 160 161struct url { 162 char scheme[URL_SCHEMELEN+1]; 163 char user[URL_USERLEN+1]; 164 char pwd[URL_PWDLEN+1]; 165 char host[MAXHOSTNAMELEN+1]; 166 int port; 167 char *doc; 168 off_t offset; 169 size_t length; 170 time_t ims_time; 171}; 172.Ed 173.Pp 174The 175.Va ims_time 176field stores the time value for 177.Li If-Modified-Since 178HTTP requests. 179.Pp 180The pointer returned by 181.Fn fetchMakeURL 182or 183.Fn fetchParseURL 184should be freed using 185.Fn fetchFreeURL . 186.Pp 187.Fn fetchXGetURL , 188.Fn fetchGetURL , 189and 190.Fn fetchPutURL 191constitute the recommended interface to the 192.Nm fetch 193library. 194They examine the URL passed to them to determine the transfer 195method, and call the appropriate lower-level functions to perform the 196actual transfer. 197.Fn fetchXGetURL 198also returns the remote document's metadata in the 199.Vt url_stat 200structure pointed to by the 201.Fa us 202argument. 203.Pp 204The 205.Fa flags 206argument is a string of characters which specify transfer options. 207The 208meaning of the individual flags is scheme-dependent, and is detailed 209in the appropriate section below. 210.Pp 211.Fn fetchStatURL 212attempts to obtain the requested document's metadata and fill in the 213structure pointed to by its second argument. 214The 215.Vt url_stat 216structure is defined as follows in 217.In fetch.h : 218.Bd -literal 219struct url_stat { 220 off_t size; 221 time_t atime; 222 time_t mtime; 223}; 224.Ed 225.Pp 226If the size could not be obtained from the server, the 227.Fa size 228field is set to -1. 229If the modification time could not be obtained from the server, the 230.Fa mtime 231field is set to the epoch. 232If the access time could not be obtained from the server, the 233.Fa atime 234field is set to the modification time. 235.Pp 236.Fn fetchListURL 237attempts to list the contents of the directory pointed to by the URL 238provided. 239If successful, it returns a malloced array of 240.Vt url_ent 241structures. 242The 243.Vt url_ent 244structure is defined as follows in 245.In fetch.h : 246.Bd -literal 247struct url_ent { 248 char name[PATH_MAX]; 249 struct url_stat stat; 250}; 251.Ed 252.Pp 253The list is terminated by an entry with an empty name. 254.Pp 255The pointer returned by 256.Fn fetchListURL 257should be freed using 258.Fn free . 259.Pp 260.Fn fetchXGet , 261.Fn fetchGet , 262.Fn fetchPut 263and 264.Fn fetchStat 265are similar to 266.Fn fetchXGetURL , 267.Fn fetchGetURL , 268.Fn fetchPutURL 269and 270.Fn fetchStatURL , 271except that they expect a pre-parsed URL in the form of a pointer to 272a 273.Vt struct url 274rather than a string. 275.Pp 276All of the 277.Fn fetchXGetXXX , 278.Fn fetchGetXXX 279and 280.Fn fetchPutXXX 281functions return a pointer to a stream which can be used to read or 282write data from or to the requested document, respectively. 283Note that 284although the implementation details of the individual access methods 285vary, it can generally be assumed that a stream returned by one of the 286.Fn fetchXGetXXX 287or 288.Fn fetchGetXXX 289functions is read-only, and that a stream returned by one of the 290.Fn fetchPutXXX 291functions is write-only. 292.Sh FILE SCHEME 293.Fn fetchXGetFile , 294.Fn fetchGetFile 295and 296.Fn fetchPutFile 297provide access to documents which are files in a locally mounted file 298system. 299Only the <document> component of the URL is used. 300.Pp 301.Fn fetchXGetFile 302and 303.Fn fetchGetFile 304do not accept any flags. 305.Pp 306.Fn fetchPutFile 307accepts the 308.Ql a 309(append to file) flag. 310If that flag is specified, the data written to 311the stream returned by 312.Fn fetchPutFile 313will be appended to the previous contents of the file, instead of 314replacing them. 315.Sh FTP SCHEME 316.Fn fetchXGetFTP , 317.Fn fetchGetFTP 318and 319.Fn fetchPutFTP 320implement the FTP protocol as described in RFC959. 321.Pp 322If the 323.Ql P 324(not passive) flag is specified, an active (rather than passive) 325connection will be attempted. 326.Pp 327The 328.Ql p 329flag is supported for compatibility with earlier versions where active 330connections were the default. 331It has precedence over the 332.Ql P 333flag, so if both are specified, 334.Nm 335will use a passive connection. 336.Pp 337If the 338.Ql l 339(low) flag is specified, data sockets will be allocated in the low (or 340default) port range instead of the high port range (see 341.Xr ip 4 ) . 342.Pp 343If the 344.Ql d 345(direct) flag is specified, 346.Fn fetchXGetFTP , 347.Fn fetchGetFTP 348and 349.Fn fetchPutFTP 350will use a direct connection even if a proxy server is defined. 351.Pp 352If no user name or password is given, the 353.Nm fetch 354library will attempt an anonymous login, with user name "anonymous" 355and password "anonymous@<hostname>". 356.Sh HTTP SCHEME 357The 358.Fn fetchXGetHTTP , 359.Fn fetchGetHTTP , 360.Fn fetchPutHTTP 361and 362.Fn fetchReqHTTP 363functions implement the HTTP/1.1 protocol. 364With a little luck, there is 365even a chance that they comply with RFC2616 and RFC2617. 366.Pp 367If the 368.Ql d 369(direct) flag is specified, 370.Fn fetchXGetHTTP , 371.Fn fetchGetHTTP 372and 373.Fn fetchPutHTTP 374will use a direct connection even if a proxy server is defined. 375.Pp 376If the 377.Ql i 378(if-modified-since) flag is specified, and 379the 380.Va ims_time 381field is set in 382.Vt "struct url" , 383then 384.Fn fetchXGetHTTP 385and 386.Fn fetchGetHTTP 387will send a conditional 388.Li If-Modified-Since 389HTTP header to only fetch the content if it is newer than 390.Va ims_time . 391.Pp 392The function 393.Fn fetchReqHTTP 394can be used to make requests with an arbitrary HTTP verb, 395including POST, DELETE, CONNECT, OPTIONS, TRACE or PATCH. 396This can be done by setting the argument 397.Fa method 398to the intended verb, such as 399.Ql POST , 400and 401.Fa body 402to the content. 403.Pp 404Since there seems to be no good way of implementing the HTTP PUT 405method in a manner consistent with the rest of the 406.Nm fetch 407library, 408.Fn fetchPutHTTP 409is currently unimplemented. 410.Sh HTTPS SCHEME 411Based on HTTP SCHEME. 412The CA bundle used for peer verification can be changed by setting the 413environment variables 414.Ev SSL_CA_CERT_FILE 415to point to a concatenated bundle of trusted certificates and 416.Ev SSL_CA_CERT_PATH 417to point to a directory containing hashes of trusted CAs (see 418.Xr verify 1 ) . 419.Pp 420A certificate revocation list (CRL) can be used by setting the 421environment variable 422.Ev SSL_CRL_FILE 423(see 424.Xr crl 1 ) . 425.Pp 426Peer verification can be disabled by setting the environment variable 427.Ev SSL_NO_VERIFY_PEER . 428Note that this also disables CRL checking. 429.Pp 430By default the service identity is verified according to the rules 431detailed in RFC6125 (also known as hostname verification). 432This feature can be disabled by setting the environment variable 433.Ev SSL_NO_VERIFY_HOSTNAME . 434.Pp 435Client certificate based authentication is supported. 436The environment variable 437.Ev SSL_CLIENT_CERT_FILE 438should be set to point to a file containing key and client certificate 439to be used in PEM format. 440When a PEM-format key is in a separate file from the client certificate, 441the environment variable 442.Ev SSL_CLIENT_KEY_FILE 443can be set to point to the key file. 444In case the key uses a password, the user will be prompted on standard 445input. 446.Pp 447By default 448.Nm libfetch 449allows TLSv1 and newer when negotiating the connecting with the remote 450peer. 451You can change this behavior by setting the 452.Ev SSL_NO_TLS1 , 453.Ev SSL_NO_TLS1_1 , 454.Ev SSL_NO_TLS1_2 and 455.Ev SSL_NO_TLS1_3 456environment variables to disable TLS 1.0, 1.1, 1.2 and 1.3 457respectively. 458.Sh AUTHENTICATION 459Apart from setting the appropriate environment variables and 460specifying the user name and password in the URL or the 461.Vt struct url , 462the calling program has the option of defining an authentication 463function with the following prototype: 464.Pp 465.Ft int 466.Fn myAuthMethod "struct url *u" 467.Pp 468The callback function should fill in the 469.Fa user 470and 471.Fa pwd 472fields in the provided 473.Vt struct url 474and return 0 on success, or any other value to indicate failure. 475.Pp 476To register the authentication callback, simply set 477.Va fetchAuthMethod 478to point at it. 479The callback will be used whenever a site requires authentication and 480the appropriate environment variables are not set. 481.Pp 482This interface is experimental and may be subject to change. 483.Sh RETURN VALUES 484.Fn fetchParseURL 485returns a pointer to a 486.Vt struct url 487containing the individual components of the URL. 488If it is 489unable to allocate memory, or the URL is syntactically incorrect, 490.Fn fetchParseURL 491returns a NULL pointer. 492.Pp 493The 494.Fn fetchStat 495functions return 0 on success and -1 on failure. 496.Pp 497All other functions return a stream pointer which may be used to 498access the requested document, or NULL if an error occurred. 499.Pp 500The following error codes are defined in 501.In fetch.h : 502.Bl -tag -width 18n 503.It Bq Er FETCH_ABORT 504Operation aborted 505.It Bq Er FETCH_AUTH 506Authentication failed 507.It Bq Er FETCH_DOWN 508Service unavailable 509.It Bq Er FETCH_EXISTS 510File exists 511.It Bq Er FETCH_FULL 512File system full 513.It Bq Er FETCH_INFO 514Informational response 515.It Bq Er FETCH_MEMORY 516Insufficient memory 517.It Bq Er FETCH_MOVED 518File has moved 519.It Bq Er FETCH_NETWORK 520Network error 521.It Bq Er FETCH_OK 522No error 523.It Bq Er FETCH_PROTO 524Protocol error 525.It Bq Er FETCH_RESOLV 526Resolver error 527.It Bq Er FETCH_SERVER 528Server error 529.It Bq Er FETCH_TEMP 530Temporary error 531.It Bq Er FETCH_TIMEOUT 532Operation timed out 533.It Bq Er FETCH_UNAVAIL 534File is not available 535.It Bq Er FETCH_UNKNOWN 536Unknown error 537.It Bq Er FETCH_URL 538Invalid URL 539.El 540.Pp 541The accompanying error message includes a protocol-specific error code 542and message, like "File is not available (404 Not Found)" 543.Sh ENVIRONMENT 544.Bl -tag -width ".Ev FETCH_BIND_ADDRESS" 545.It Ev FETCH_BIND_ADDRESS 546Specifies a hostname or IP address to which sockets used for outgoing 547connections will be bound. 548.It Ev FTP_LOGIN 549Default FTP login if none was provided in the URL. 550.It Ev FTP_PASSIVE_MODE 551If set to 552.Ql no , 553forces the FTP code to use active mode. 554If set to any other value, forces passive mode even if the application 555requested active mode. 556.It Ev FTP_PASSWORD 557Default FTP password if the remote server requests one and none was 558provided in the URL. 559.It Ev FTP_PROXY 560URL of the proxy to use for FTP requests. 561The document part is ignored. 562FTP and HTTP proxies are supported; if no scheme is specified, FTP is 563assumed. 564If the proxy is an FTP proxy, 565.Nm libfetch 566will send 567.Ql user@host 568as user name to the proxy, where 569.Ql user 570is the real user name, and 571.Ql host 572is the name of the FTP server. 573.Pp 574If this variable is set to an empty string, no proxy will be used for 575FTP requests, even if the 576.Ev HTTP_PROXY 577variable is set. 578.It Ev ftp_proxy 579Same as 580.Ev FTP_PROXY , 581for compatibility. 582.It Ev HTTP_ACCEPT 583Specifies the value of the 584.Va Accept 585header for HTTP requests. 586If empty, no 587.Va Accept 588header is sent. 589The default is 590.Dq */* . 591.It Ev HTTP_AUTH 592Specifies HTTP authorization parameters as a colon-separated list of 593items. 594The first and second item are the authorization scheme and realm 595respectively; further items are scheme-dependent. 596Currently, the 597.Dq basic 598and 599.Dq digest 600authorization methods are supported. 601.Pp 602Both methods require two parameters: the user name and 603password, in that order. 604.Pp 605This variable is only used if the server requires authorization and 606no user name or password was specified in the URL. 607.It Ev HTTP_PROXY 608URL of the proxy to use for HTTP requests. 609The document part is ignored. 610Only HTTP proxies are supported for HTTP requests. 611If no port number is specified, the default is 3128. 612.Pp 613Note that this proxy will also be used for FTP documents, unless the 614.Ev FTP_PROXY 615variable is set. 616.It Ev http_proxy 617Same as 618.Ev HTTP_PROXY , 619for compatibility. 620.It Ev HTTP_PROXY_AUTH 621Specifies authorization parameters for the HTTP proxy in the same 622format as the 623.Ev HTTP_AUTH 624variable. 625.Pp 626This variable is used if and only if connected to an HTTP proxy, and 627is ignored if a user and/or a password were specified in the proxy 628URL. 629.It Ev HTTP_REFERER 630Specifies the referrer URL to use for HTTP requests. 631If set to 632.Dq auto , 633the document URL will be used as referrer URL. 634.It Ev HTTP_USER_AGENT 635Specifies the User-Agent string to use for HTTP requests. 636This can be useful when working with HTTP origin or proxy servers that 637differentiate between user agents. 638If defined but empty, no User-Agent header is sent. 639.It Ev NETRC 640Specifies a file to use instead of 641.Pa ~/.netrc 642to look up login names and passwords for FTP and HTTP sites as well as 643HTTP proxies. 644See 645.Xr ftp 1 646for a description of the file format. 647.It Ev NO_PROXY 648Either a single asterisk, which disables the use of proxies 649altogether, or a comma- or whitespace-separated list of hosts for 650which proxies should not be used. 651.It Ev no_proxy 652Same as 653.Ev NO_PROXY , 654for compatibility. 655.It Ev SOCKS5_PROXY 656Uses SOCKS version 5 to make connection. 657The format must be the IP or hostname followed by a colon for the port. 658IPv6 addresses must enclose the address in brackets. 659If no port is specified, the default is 1080. 660This setting will supercede a connection to an 661.Ev HTTP_PROXY . 662.It Ev SSL_CA_CERT_FILE 663CA certificate bundle containing trusted CA certificates. 664Default value: See HTTPS SCHEME above. 665.It Ev SSL_CA_CERT_PATH 666Path containing trusted CA hashes. 667.It Ev SSL_CLIENT_CERT_FILE 668PEM encoded client certificate/key which will be used in 669client certificate authentication. 670.It Ev SSL_CLIENT_KEY_FILE 671PEM encoded client key in case key and client certificate 672are stored separately. 673.It Ev SSL_CRL_FILE 674File containing certificate revocation list. 675.It Ev SSL_NO_TLS1 676Do not allow TLS version 1.0 when negotiating the connection. 677.It Ev SSL_NO_TLS1_1 678Do not allow TLS version 1.1 when negotiating the connection. 679.It Ev SSL_NO_TLS1_2 680Do not allow TLS version 1.2 when negotiating the connection. 681.It Ev SSL_NO_TLS1_3 682Do not allow TLS version 1.3 when negotiating the connection. 683.It Ev SSL_NO_VERIFY_HOSTNAME 684If set, do not verify that the hostname matches the subject of the 685certificate presented by the server. 686.It Ev SSL_NO_VERIFY_PEER 687If set, do not verify the peer certificate against trusted CAs. 688.El 689.Sh EXAMPLES 690To access a proxy server on 691.Pa proxy.example.com 692port 8080, set the 693.Ev HTTP_PROXY 694environment variable in a manner similar to this: 695.Pp 696.Dl HTTP_PROXY=http://proxy.example.com:8080 697.Pp 698If the proxy server requires authentication, there are 699two options available for passing the authentication data. 700The first method is by using the proxy URL: 701.Pp 702.Dl HTTP_PROXY=http://<user>:<pwd>@proxy.example.com:8080 703.Pp 704The second method is by using the 705.Ev HTTP_PROXY_AUTH 706environment variable: 707.Bd -literal -offset indent 708HTTP_PROXY=http://proxy.example.com:8080 709HTTP_PROXY_AUTH=basic:*:<user>:<pwd> 710.Ed 711.Pp 712To disable the use of a proxy for an HTTP server running on the local 713host, define 714.Ev NO_PROXY 715as follows: 716.Bd -literal -offset indent 717NO_PROXY=localhost,127.0.0.1 718.Ed 719.Pp 720To use a SOCKS5 proxy, set the 721.Ev SOCKS5_PROXY 722environment variable to a 723valid host or IP followed by an optional colon and the port. 724IPv6 addresses must be enclosed in brackets. 725The following are examples of valid settings: 726.Bd -literal -offset indent 727SOCKS5_PROXY=proxy.example.com 728SOCKS5_PROXY=proxy.example.com:1080 729SOCKS5_PROXY=192.0.2.0 730SOCKS5_PROXY=198.51.100.0:1080 731SOCKS5_PROXY=[2001:db8::1] 732SOCKS5_PROXY=[2001:db8::2]:1080 733.Ed 734.Pp 735Access HTTPS website without any certificate verification whatsoever: 736.Bd -literal -offset indent 737SSL_NO_VERIFY_PEER=1 738SSL_NO_VERIFY_HOSTNAME=1 739.Ed 740.Pp 741Access HTTPS website using client certificate based authentication 742and a private CA: 743.Bd -literal -offset indent 744SSL_CLIENT_CERT_FILE=/path/to/client.pem 745SSL_CA_CERT_FILE=/path/to/myca.pem 746.Ed 747.Sh SEE ALSO 748.Xr fetch 1 , 749.Xr ip 4 750.Rs 751.%A J. Postel 752.%A J. K. Reynolds 753.%D October 1985 754.%B File Transfer Protocol 755.%O RFC959 756.Re 757.Rs 758.%A P. Deutsch 759.%A A. Emtage 760.%A A. Marine. 761.%D May 1994 762.%T How to Use Anonymous FTP 763.%O RFC1635 764.Re 765.Rs 766.%A T. Berners-Lee 767.%A L. Masinter 768.%A M. McCahill 769.%D December 1994 770.%T Uniform Resource Locators (URL) 771.%O RFC1738 772.Re 773.Rs 774.%A R. Fielding 775.%A J. Gettys 776.%A J. Mogul 777.%A H. Frystyk 778.%A L. Masinter 779.%A P. Leach 780.%A T. Berners-Lee 781.%D January 1999 782.%B Hypertext Transfer Protocol -- HTTP/1.1 783.%O RFC2616 784.Re 785.Rs 786.%A J. Franks 787.%A P. Hallam-Baker 788.%A J. Hostetler 789.%A S. Lawrence 790.%A P. Leach 791.%A A. Luotonen 792.%A L. Stewart 793.%D June 1999 794.%B HTTP Authentication: Basic and Digest Access Authentication 795.%O RFC2617 796.Re 797.Sh HISTORY 798The 799.Nm fetch 800library first appeared in 801.Fx 3.0 . 802.Sh AUTHORS 803.An -nosplit 804The 805.Nm fetch 806library was mostly written by 807.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org 808with numerous suggestions and contributions from 809.An Jordan K. Hubbard Aq Mt jkh@FreeBSD.org , 810.An Eugene Skepner Aq Mt eu@qub.com , 811.An Hajimu Umemoto Aq Mt ume@FreeBSD.org , 812.An Henry Whincup Aq Mt henry@techiebod.com , 813.An Jukka A. Ukkonen Aq Mt jau@iki.fi , 814.An Jean-Fran\(,cois Dockes Aq Mt jf@dockes.org , 815.An Michael Gmelin Aq Mt freebsd@grem.de 816and others. 817It replaces the older 818.Nm ftpio 819library written by 820.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org 821and 822.An Jordan K. Hubbard Aq Mt jkh@FreeBSD.org . 823.Pp 824This manual page was written by 825.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org 826and 827.An Michael Gmelin Aq Mt freebsd@grem.de . 828.Sh BUGS 829Some parts of the library are not yet implemented. 830The most notable 831examples of this are 832.Fn fetchPutHTTP , 833.Fn fetchListHTTP , 834.Fn fetchListFTP 835and FTP proxy support. 836.Pp 837There is no way to select a proxy at run-time other than setting the 838.Ev HTTP_PROXY 839or 840.Ev FTP_PROXY 841environment variables as appropriate. 842.Pp 843.Nm libfetch 844does not understand or obey 305 (Use Proxy) replies. 845.Pp 846Error numbers are unique only within a certain context; the error 847codes used for FTP and HTTP overlap, as do those used for resolver and 848system errors. 849For instance, error code 202 means "Command not 850implemented, superfluous at this site" in an FTP context and 851"Accepted" in an HTTP context. 852.Pp 853.Fn fetchStatFTP 854does not check that the result of an MDTM command is a valid date. 855.Pp 856In case password protected keys are used for client certificate based 857authentication the user is prompted for the password on each and every 858fetch operation. 859.Pp 860The man page is incomplete, poorly written and produces badly 861formatted text. 862.Pp 863The error reporting mechanism is unsatisfactory. 864.Pp 865Some parts of the code are not fully reentrant. 866