1 /* vi: set sw=4 ts=4: */
3 * wget - retrieve a file using HTTP or FTP
5 * Chip Rosenthal Covad Communications <chip@laserlink.net>
6 * Licensed under GPLv2, see file LICENSE in this source tree.
8 * Copyright (C) 2010 Bradley M. Kuhn <bkuhn@ebb.org>
9 * Kuhn's copyrights are licensed GPLv2-or-later. File as a whole remains GPLv2.
12 //config: bool "wget (35 kb)"
15 //config: wget is a utility for non-interactive download of files from HTTP
16 //config: and FTP servers.
18 //config:config FEATURE_WGET_LONG_OPTIONS
19 //config: bool "Enable long options"
21 //config: depends on WGET && LONG_OPTS
23 //config:config FEATURE_WGET_STATUSBAR
24 //config: bool "Enable progress bar (+2k)"
26 //config: depends on WGET
28 //config:config FEATURE_WGET_AUTHENTICATION
29 //config: bool "Enable HTTP authentication"
31 //config: depends on WGET
33 //config: Support authenticated HTTP transfers.
35 //config:config FEATURE_WGET_TIMEOUT
36 //config: bool "Enable timeout option -T SEC"
38 //config: depends on WGET
40 //config: Supports network read and connect timeouts for wget,
41 //config: so that wget will give up and timeout, through the -T
42 //config: command line option.
44 //config: Currently only connect and network data read timeout are
45 //config: supported (i.e., timeout is not applied to the DNS query). When
46 //config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
47 //config: will work in addition to -T.
49 //config:config FEATURE_WGET_HTTPS
50 //config: bool "Support HTTPS using internal TLS code"
51 //it also enables FTPS support, but it's not well tested yet
53 //config: depends on WGET
56 //config: wget will use internal TLS code to connect to https:// URLs.
58 //config: On NOMMU machines, ssl_helper applet should be available
59 //config: in the $PATH for this to work. Make sure to select that applet.
61 //config: Note: currently, TLS code only makes TLS I/O work, it
62 //config: does *not* check that the peer is who it claims to be, etc.
63 //config: IOW: it uses peer-supplied public keys to establish encryption
64 //config: and signing keys, then encrypts and signs outgoing data and
65 //config: decrypts incoming data.
66 //config: It does not check signature hashes on the incoming data:
67 //config: this means that attackers manipulating TCP packets can
68 //config: send altered data and we unknowingly receive garbage.
69 //config: (This check might be relatively easy to add).
70 //config: It does not check public key's certificate:
71 //config: this means that the peer may be an attacker impersonating
72 //config: the server we think we are talking to.
74 //config: If you think this is unacceptable, consider this. As more and more
75 //config: servers switch to HTTPS-only operation, without such "crippled"
76 //config: TLS code it is *impossible* to simply download a kernel source
77 //config: from kernel.org. Which can in real world translate into
78 //config: "my small automatic tooling to build cross-compilers from sources
79 //config: no longer works, I need to additionally keep a local copy
80 //config: of ~4 megabyte source tarball of a SSL library and ~2 megabyte
81 //config: source of wget, need to compile and built both before I can
82 //config: download anything. All this despite the fact that the build
83 //config: is done in a QEMU sandbox on a machine with absolutely nothing
84 //config: worth stealing, so I don't care if someone would go to a lot
85 //config: of trouble to intercept my HTTPS download to send me an altered
86 //config: kernel tarball".
88 //config: If you still think this is unacceptable, send patches.
90 //config: If you still think this is unacceptable, do not want to send
91 //config: patches, but do want to waste bandwidth expaining how wrong
92 //config: it is, you will be ignored.
94 //config:config FEATURE_WGET_OPENSSL
95 //config: bool "Try to connect to HTTPS using openssl"
97 //config: depends on WGET
99 //config: Try to use openssl to handle HTTPS.
101 //config: OpenSSL has a simple SSL client for debug purposes.
102 //config: If you select this option, wget will effectively run:
103 //config: "openssl s_client -quiet -connect hostname:443
104 //config: -servername hostname 2>/dev/null" and pipe its data
105 //config: through it. -servername is not used if hostname is numeric.
106 //config: Note inconvenient API: host resolution is done twice,
107 //config: and there is no guarantee openssl's idea of IPv6 address
108 //config: format is the same as ours.
109 //config: Another problem is that s_client prints debug information
110 //config: to stderr, and it needs to be suppressed. This means
111 //config: all error messages get suppressed too.
112 //config: openssl is also a big binary, often dynamically linked
113 //config: against ~15 libraries.
115 //config: If openssl can't be executed, internal TLS code will be used
116 //config: (if you enabled it); if openssl can be executed but fails later,
117 //config: wget can't detect this, and download will fail.
119 //applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP))
121 //kbuild:lib-$(CONFIG_WGET) += wget.o
123 //usage:#define wget_trivial_usage
124 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
125 //usage: "[-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]\n"
126 //usage: " [--header 'header: value'] [-Y|--proxy on/off] [-P DIR]\n"
127 /* Since we ignore these opts, we don't show them in --help */
128 /* //usage: " [--no-check-certificate] [--no-cache] [--passive-ftp] [-t TRIES]" */
129 /* //usage: " [-nv] [-nc] [-nH] [-np]" */
130 //usage: " [-S|--server-response] [-U|--user-agent AGENT]" IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
132 //usage: IF_NOT_FEATURE_WGET_LONG_OPTIONS(
133 //usage: "[-cq] [-O FILE] [-Y on/off] [-P DIR] [-S] [-U AGENT]"
134 //usage: IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
136 //usage:#define wget_full_usage "\n\n"
137 //usage: "Retrieve files via HTTP or FTP\n"
138 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
139 //usage: "\n --spider Only check URL existence: $? is 0 if exists"
140 ///////: "\n --no-check-certificate Don't validate the server's certificate"
142 //usage: "\n -c Continue retrieval of aborted transfer"
143 //usage: "\n -q Quiet"
144 //usage: "\n -P DIR Save to DIR (default .)"
145 //usage: "\n -S Show server response"
146 //usage: IF_FEATURE_WGET_TIMEOUT(
147 //usage: "\n -T SEC Network read timeout is SEC seconds"
149 //usage: "\n -O FILE Save to FILE ('-' for stdout)"
150 //usage: "\n -U STR Use STR for User-Agent header"
151 //usage: "\n -Y on/off Use proxy"
156 # define log_io(...) bb_error_msg(__VA_ARGS__)
157 # define SENDFMT(fp, fmt, ...) \
159 log_io("> " fmt, ##__VA_ARGS__); \
160 fprintf(fp, fmt, ##__VA_ARGS__); \
163 # define log_io(...) ((void)0)
164 # define SENDFMT(fp, fmt, ...) fprintf(fp, fmt, ##__VA_ARGS__)
168 #define SSL_SUPPORTED (ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_HTTPS)
174 const char *protocol;
178 static const char P_FTP[] ALIGN1 = "ftp";
179 static const char P_HTTP[] ALIGN1 = "http";
181 # if ENABLE_FEATURE_WGET_HTTPS
182 static const char P_FTPS[] ALIGN1 = "ftps";
184 static const char P_HTTPS[] ALIGN1 = "https";
187 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
188 /* User-specified headers prevent using our corresponding built-in headers. */
191 HDR_USER_AGENT = (1<<1),
193 HDR_AUTH = (1<<3) * ENABLE_FEATURE_WGET_AUTHENTICATION,
194 HDR_PROXY_AUTH = (1<<4) * ENABLE_FEATURE_WGET_AUTHENTICATION,
196 static const char wget_user_headers[] ALIGN1 =
200 # if ENABLE_FEATURE_WGET_AUTHENTICATION
202 "Proxy-Authorization:\0"
205 # define USR_HEADER_HOST (G.user_headers & HDR_HOST)
206 # define USR_HEADER_USER_AGENT (G.user_headers & HDR_USER_AGENT)
207 # define USR_HEADER_RANGE (G.user_headers & HDR_RANGE)
208 # define USR_HEADER_AUTH (G.user_headers & HDR_AUTH)
209 # define USR_HEADER_PROXY_AUTH (G.user_headers & HDR_PROXY_AUTH)
210 #else /* No long options, no user-headers :( */
211 # define USR_HEADER_HOST 0
212 # define USR_HEADER_USER_AGENT 0
213 # define USR_HEADER_RANGE 0
214 # define USR_HEADER_AUTH 0
215 # define USR_HEADER_PROXY_AUTH 0
220 off_t content_len; /* Content-length of the file */
221 off_t beg_range; /* Range at which continue begins */
222 #if ENABLE_FEATURE_WGET_STATUSBAR
223 off_t transferred; /* Number of bytes transferred so far */
224 const char *curfile; /* Name of current file being transferred */
228 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
231 unsigned char user_headers; /* Headers mentioned by the user */
233 char *fname_out; /* where to direct output (-O) */
234 const char *proxy_flag; /* Use proxies if env vars are set */
235 const char *user_agent; /* "User-Agent" header field */
236 #if ENABLE_FEATURE_WGET_TIMEOUT
237 unsigned timeout_seconds;
238 bool die_if_timed_out;
242 smallint chunked; /* chunked transfer encoding */
243 smallint got_clen; /* got content-length: from server */
244 /* Local downloads do benefit from big buffer.
245 * With 512 byte buffer, it was measured to be
246 * an order of magnitude slower than with big one.
248 uint64_t just_to_align_next_member;
249 char wget_buf[CONFIG_FEATURE_COPYBUF_KB*1024];
251 #define G (*ptr_to_globals)
252 #define INIT_G() do { \
253 SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \
255 #define FINI_G() do { \
256 FREE_PTR_TO_GLOBALS(); \
260 /* Must match option string! */
262 WGET_OPT_CONTINUE = (1 << 0),
263 WGET_OPT_QUIET = (1 << 1),
264 WGET_OPT_SERVER_RESPONSE = (1 << 2),
265 WGET_OPT_OUTNAME = (1 << 3),
266 WGET_OPT_PREFIX = (1 << 4),
267 WGET_OPT_PROXY = (1 << 5),
268 WGET_OPT_USER_AGENT = (1 << 6),
269 WGET_OPT_NETWORK_READ_TIMEOUT = (1 << 7),
270 WGET_OPT_RETRIES = (1 << 8),
271 WGET_OPT_nsomething = (1 << 9),
272 WGET_OPT_HEADER = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
273 WGET_OPT_POST_DATA = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
274 WGET_OPT_SPIDER = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
275 WGET_OPT_NO_CHECK_CERT = (1 << 13) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
283 #if ENABLE_FEATURE_WGET_STATUSBAR
284 static void progress_meter(int flag)
286 if (option_mask32 & WGET_OPT_QUIET)
289 if (flag == PROGRESS_START)
290 bb_progress_init(&G.pmt, G.curfile);
292 bb_progress_update(&G.pmt,
295 (G.chunked || !G.got_clen) ? 0 : G.beg_range + G.transferred + G.content_len
298 if (flag == PROGRESS_END) {
299 bb_progress_free(&G.pmt);
300 bb_putchar_stderr('\n');
305 static ALWAYS_INLINE void progress_meter(int flag UNUSED_PARAM) { }
309 /* IPv6 knows scoped address types i.e. link and site local addresses. Link
310 * local addresses can have a scope identifier to specify the
311 * interface/link an address is valid on (e.g. fe80::1%eth0). This scope
312 * identifier is only valid on a single node.
314 * RFC 4007 says that the scope identifier MUST NOT be sent across the wire,
315 * unless all nodes agree on the semantic. Apache e.g. regards zone identifiers
316 * in the Host header as invalid requests, see
317 * https://issues.apache.org/bugzilla/show_bug.cgi?id=35122
319 static void strip_ipv6_scope_id(char *host)
323 /* bbox wget actually handles IPv6 addresses without [], like
324 * wget "http://::1/xxx", but this is not standard.
325 * To save code, _here_ we do not support it. */
328 return; /* not IPv6 */
330 scope = strchr(host, '%');
334 /* Remove the IPv6 zone identifier from the host address */
335 cp = strchr(host, ']');
336 if (!cp || (cp[1] != ':' && cp[1] != '\0')) {
337 /* malformed address (not "[xx]:nn" or "[xx]") */
341 /* cp points to "]...", scope points to "%eth0]..." */
342 overlapping_strcpy(scope, cp);
345 #if ENABLE_FEATURE_WGET_AUTHENTICATION
346 /* Base64-encode character string. */
347 static char *base64enc(const char *str)
349 unsigned len = strlen(str);
350 if (len > sizeof(G.wget_buf)/4*3 - 10) /* paranoia */
351 len = sizeof(G.wget_buf)/4*3 - 10;
352 bb_uuencode(G.wget_buf, str, len, bb_uuenc_tbl_base64);
357 #if ENABLE_FEATURE_WGET_TIMEOUT
358 static void alarm_handler(int sig UNUSED_PARAM)
360 /* This is theoretically unsafe (uses stdio and malloc in signal handler) */
361 if (G.die_if_timed_out)
362 bb_error_msg_and_die("download timed out");
364 static void set_alarm(void)
366 if (G.timeout_seconds) {
367 alarm(G.timeout_seconds);
368 G.die_if_timed_out = 1;
371 # define clear_alarm() ((void)(G.die_if_timed_out = 0))
373 # define set_alarm() ((void)0)
374 # define clear_alarm() ((void)0)
377 #if ENABLE_FEATURE_WGET_OPENSSL
379 * is_ip_address() attempts to verify whether or not a string
380 * contains an IPv4 or IPv6 address (vs. an FQDN). The result
381 * of inet_pton() can be used to determine this.
383 * TODO add proper error checking when inet_pton() returns -1
384 * (some form of system error has occurred, and errno is set)
386 static int is_ip_address(const char *string)
388 struct sockaddr_in sa;
390 int result = inet_pton(AF_INET, string, &(sa.sin_addr));
391 # if ENABLE_FEATURE_IPV6
393 struct sockaddr_in6 sa6;
394 result = inet_pton(AF_INET6, string, &(sa6.sin6_addr));
397 return (result == 1);
401 static FILE *open_socket(len_and_sockaddr *lsa)
407 fd = xconnect_stream(lsa);
410 /* glibc 2.4 seems to try seeking on it - ??! */
411 /* hopefully it understands what ESPIPE means... */
412 fp = fdopen(fd, "r+");
414 bb_die_memory_exhausted();
419 /* We balk at any control chars in other side's messages.
420 * This prevents nasty surprises (e.g. ESC sequences) in "Location:" URLs
421 * and error messages.
423 * The only exception is tabs, which are converted to (one) space:
424 * HTTP's "headers: <whitespace> values" may have those.
426 static char* sanitize_string(char *s)
428 unsigned char *p = (void *) s;
441 /* Returns '\n' if it was seen, else '\0'. Trims at first '\r' or '\n' */
442 static char fgets_trim_sanitize(FILE *fp, const char *fmt)
448 if (fgets(G.wget_buf, sizeof(G.wget_buf), fp) == NULL)
449 bb_perror_msg_and_die("error getting response");
452 buf_ptr = strchrnul(G.wget_buf, '\n');
455 /* Disallow any control chars: trim at first char < 0x20 */
456 sanitize_string(G.wget_buf);
459 buf_ptr = strchrnul(G.wget_buf, '\r');
463 log_io("< %s", G.wget_buf);
465 if (fmt && (option_mask32 & WGET_OPT_SERVER_RESPONSE))
466 fprintf(stderr, fmt, G.wget_buf);
471 static int ftpcmd(const char *s1, const char *s2, FILE *fp)
477 fprintf(fp, "%s%s\r\n", s1, s2);
478 /* With --server-response, wget also shows its ftp commands */
479 if (option_mask32 & WGET_OPT_SERVER_RESPONSE)
480 fprintf(stderr, "--> %s%s\n\n", s1, s2);
482 log_io("> %s%s", s1, s2);
485 /* Read until "Nxx something" is received */
488 fgets_trim_sanitize(fp, "%s\n");
489 } while (!isdigit(G.wget_buf[0]) || G.wget_buf[3] != ' ');
491 G.wget_buf[3] = '\0';
492 result = xatoi_positive(G.wget_buf);
497 static void parse_url(const char *src_url, struct host_info *h)
502 h->allocated = url = xstrdup(src_url);
505 p = strstr(url, "://");
509 if (strcmp(url, P_FTP) == 0) {
510 h->port = bb_lookup_std_port(P_FTP, "tcp", 21);
513 # if ENABLE_FEATURE_WGET_HTTPS
514 if (strcmp(url, P_FTPS) == 0) {
515 h->port = bb_lookup_std_port(P_FTPS, "tcp", 990);
516 h->protocol = P_FTPS;
519 if (strcmp(url, P_HTTPS) == 0) {
520 h->port = bb_lookup_std_port(P_HTTPS, "tcp", 443);
521 h->protocol = P_HTTPS;
524 if (strcmp(url, P_HTTP) == 0) {
526 h->port = bb_lookup_std_port(P_HTTP, "tcp", 80);
527 h->protocol = P_HTTP;
530 bb_error_msg_and_die("not an http or ftp url: %s", url);
533 // GNU wget is user-friendly and falls back to http://
539 // "Real" wget 'http://busybox.net?var=a/b' sends this request:
540 // 'GET /?var=a/b HTTP/1.0'
541 // and saves 'index.html?var=a%2Fb' (we save 'b')
542 // wget 'http://busybox.net?login=john@doe':
543 // request: 'GET /?login=john@doe HTTP/1.0'
544 // saves: 'index.html?login=john@doe' (we save 'login=john@doe')
545 // wget 'http://busybox.net#test/test':
546 // request: 'GET / HTTP/1.0'
547 // saves: 'index.html' (we save 'test')
549 // We also don't add unique .N suffix if file exists...
550 sp = strchr(h->host, '/');
551 p = strchr(h->host, '?'); if (!sp || (p && sp > p)) sp = p;
552 p = strchr(h->host, '#'); if (!sp || (p && sp > p)) sp = p;
555 } else if (*sp == '/') {
559 // sp points to '#' or '?'
561 // http://busybox.net?login=john@doe is a valid URL
562 // (without '/' between ".net" and "?"),
563 // can't store NUL at sp[-1] - this destroys hostname.
568 sp = strrchr(h->host, '@');
570 // URL-decode "user:password" string before base64-encoding:
571 // wget http://test:my%20pass@example.com should send
572 // Authorization: Basic dGVzdDpteSBwYXNz
573 // which decodes to "test:my pass".
574 // Standard wget and curl do this too.
577 h->user = xstrdup(percent_decode_in_place(h->host, /*strict:*/ 0));
580 /* else: h->user remains NULL, or as set by original request
581 * before redirect (if we are here after a redirect).
585 static char *get_sanitized_hdr(FILE *fp)
590 /* retrieve header line */
591 c = fgets_trim_sanitize(fp, " %s\n");
593 /* end of the headers? */
594 if (G.wget_buf[0] == '\0')
597 /* convert the header name to lower case */
598 for (s = G.wget_buf; isalnum(*s) || *s == '-' || *s == '.' || *s == '_'; ++s) {
600 * No-op for 20-3f and 60-7f. "0-9a-z-." are in these ranges.
601 * 40-5f range ("@A-Z[\]^_") maps to 60-7f.
602 * "A-Z" maps to "a-z".
603 * "@[\]" can't occur in header names.
604 * "^_" maps to "~,DEL" (which is wrong).
605 * "^" was never seen yet, "_" was seen from web.archive.org
606 * (x-archive-orig-x_commoncrawl_Signature: HEXSTRING).
611 /* verify we are at the end of the header name */
613 bb_error_msg_and_die("bad header line: %s", G.wget_buf);
615 /* locate the start of the header value */
617 hdrval = skip_whitespace(s);
620 /* Rats! The buffer isn't big enough to hold the entire header value */
621 while (c = getc(fp), c != EOF && c != '\n')
628 static void reset_beg_range_to_zero(void)
630 bb_error_msg("restart failed");
632 xlseek(G.output_fd, 0, SEEK_SET);
633 /* Done at the end instead: */
634 /* ftruncate(G.output_fd, 0); */
637 #if ENABLE_FEATURE_WGET_OPENSSL
638 static int spawn_https_helper_openssl(const char *host, unsigned port)
640 char *allocated = NULL;
644 IF_FEATURE_WGET_HTTPS(volatile int child_failed = 0;)
646 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
647 /* Kernel can have AF_UNIX support disabled */
648 bb_perror_msg_and_die("socketpair");
650 if (!strchr(host, ':'))
651 host = allocated = xasprintf("%s:%u", host, port);
652 servername = xstrdup(host);
653 strrchr(servername, ':')[0] = '\0';
665 * openssl s_client -quiet -connect www.kernel.org:443 2>/dev/null
666 * It prints some debug stuff on stderr, don't know how to suppress it.
667 * Work around by dev-nulling stderr. We lose all error messages :(
670 xopen("/dev/null", O_RDWR);
671 memset(&argv, 0, sizeof(argv));
672 argv[0] = (char*)"openssl";
673 argv[1] = (char*)"s_client";
674 argv[2] = (char*)"-quiet";
675 argv[3] = (char*)"-connect";
676 argv[4] = (char*)host;
678 * Per RFC 6066 Section 3, the only permitted values in the
679 * TLS server_name (SNI) field are FQDNs (DNS hostnames).
680 * IPv4 and IPv6 addresses, port numbers are not allowed.
682 if (!is_ip_address(servername)) {
683 argv[5] = (char*)"-servername";
684 argv[6] = (char*)servername;
687 BB_EXECVP(argv[0], argv);
689 # if ENABLE_FEATURE_WGET_HTTPS
693 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
702 # if ENABLE_FEATURE_WGET_HTTPS
712 #if ENABLE_FEATURE_WGET_HTTPS
713 static void spawn_ssl_client(const char *host, int network_fd, int flags)
717 char *servername, *p;
719 if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT))
720 bb_error_msg("note: TLS certificate validation not implemented");
722 servername = xstrdup(host);
723 p = strrchr(servername, ':');
726 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
727 /* Kernel can have AF_UNIX support disabled */
728 bb_perror_msg_and_die("socketpair");
731 pid = BB_MMU ? xfork() : xvfork();
738 tls_state_t *tls = new_tls_state();
739 tls->ifd = tls->ofd = network_fd;
740 tls_handshake(tls, servername);
741 tls_run_copy_loop(tls, flags);
746 xmove_fd(network_fd, 3);
747 argv[0] = (char*)"ssl_client";
748 argv[1] = (char*)"-s3";
749 //TODO: if (!is_ip_address(servername))...
750 argv[2] = (char*)"-n";
751 argv[3] = servername;
752 argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL);
754 BB_EXECVP(argv[0], argv);
755 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
763 xmove_fd(sp[0], network_fd);
767 static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_sockaddr *lsa)
773 sfp = open_socket(lsa);
774 #if ENABLE_FEATURE_WGET_HTTPS
775 if (target->protocol == P_FTPS)
776 spawn_ssl_client(target->host, fileno(sfp), TLSLOOP_EXIT_ON_LOCAL_EOF);
779 if (ftpcmd(NULL, NULL, sfp) != 220)
780 bb_error_msg_and_die("%s", G.wget_buf);
781 /* note: ftpcmd() sanitizes G.wget_buf, ok to print */
783 /* Split username:password pair */
784 pass = (char*)"busybox"; /* password for "anonymous" */
786 pass = strchr(target->user, ':');
792 switch (ftpcmd("USER ", target->user ?: "anonymous", sfp)) {
796 if (ftpcmd("PASS ", pass, sfp) == 230)
798 /* fall through (failed login) */
800 bb_error_msg_and_die("ftp login: %s", G.wget_buf);
803 ftpcmd("TYPE I", NULL, sfp);
805 /* Query file size */
806 if (ftpcmd("SIZE ", target->path, sfp) == 213) {
807 G.content_len = BB_STRTOOFF(G.wget_buf + 4, NULL, 10);
808 if (G.content_len < 0 || errno) {
809 bb_error_msg_and_die("bad SIZE value '%s'", G.wget_buf + 4);
814 /* Enter passive mode */
815 if (ENABLE_FEATURE_IPV6 && ftpcmd("EPSV", NULL, sfp) == 229) {
818 if (ftpcmd("PASV", NULL, sfp) != 227) {
820 bb_error_msg_and_die("bad response to %s: %s", "PASV", G.wget_buf);
822 port = parse_pasv_epsv(G.wget_buf);
826 set_nport(&lsa->u.sa, htons(port));
828 *dfpp = open_socket(lsa);
830 #if ENABLE_FEATURE_WGET_HTTPS
831 if (target->protocol == P_FTPS) {
832 /* "PROT P" enables encryption of data stream.
833 * Without it (or with "PROT C"), data is sent unencrypted.
835 if (ftpcmd("PROT P", NULL, sfp) == 200)
836 spawn_ssl_client(target->host, fileno(*dfpp), /*flags*/ 0);
840 if (G.beg_range != 0) {
841 sprintf(G.wget_buf, "REST %"OFF_FMT"u", G.beg_range);
842 if (ftpcmd(G.wget_buf, NULL, sfp) == 350)
843 G.content_len -= G.beg_range;
845 reset_beg_range_to_zero();
848 //TODO: needs ftp-escaping 0xff and '\n' bytes here.
849 //Or disallow '\n' altogether via sanitize_string() in parse_url().
850 //But 0xff's are possible in valid utf8 filenames.
851 if (ftpcmd("RETR ", target->path, sfp) > 150)
852 bb_error_msg_and_die("bad response to %s: %s", "RETR", G.wget_buf);
857 static void NOINLINE retrieve_file_data(FILE *dfp)
859 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
860 # if ENABLE_FEATURE_WGET_TIMEOUT
861 unsigned second_cnt = G.timeout_seconds;
863 struct pollfd polldata;
865 polldata.fd = fileno(dfp);
866 polldata.events = POLLIN | POLLPRI;
868 progress_meter(PROGRESS_START);
873 /* Loops only if chunked */
876 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
877 /* Must use nonblocking I/O, otherwise fread will loop
878 * and *block* until it reads full buffer,
879 * which messes up progress bar and/or timeout logic.
880 * Because of nonblocking I/O, we need to dance
881 * very carefully around EAGAIN. See explanation at
884 ndelay_on(polldata.fd);
890 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
891 /* fread internally uses read loop, which in our case
892 * is usually exited when we get EAGAIN.
893 * In this case, libc sets error marker on the stream.
894 * Need to clear it before next fread to avoid possible
895 * rare false positive ferror below. Rare because usually
896 * fread gets more than zero bytes, and we don't fall
897 * into if (n <= 0) ...
902 rdsz = sizeof(G.wget_buf);
904 if (G.content_len < (off_t)sizeof(G.wget_buf)) {
905 if ((int)G.content_len <= 0)
907 rdsz = (unsigned)G.content_len;
910 n = fread(G.wget_buf, 1, rdsz, dfp);
913 xwrite(G.output_fd, G.wget_buf, n);
914 #if ENABLE_FEATURE_WGET_STATUSBAR
919 if (G.content_len == 0)
922 #if ENABLE_FEATURE_WGET_TIMEOUT
923 second_cnt = G.timeout_seconds;
930 * If error occurs, or EOF is reached, the return value
931 * is a short item count (or zero).
932 * fread does not distinguish between EOF and error.
934 if (errno != EAGAIN) {
936 progress_meter(PROGRESS_END);
937 bb_perror_msg_and_die(bb_msg_read_error);
939 break; /* EOF, not error */
942 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
943 /* It was EAGAIN. There is no data. Wait up to one second
944 * then abort if timed out, or update the bar and try reading again.
946 if (safe_poll(&polldata, 1, 1000) == 0) {
947 # if ENABLE_FEATURE_WGET_TIMEOUT
948 if (second_cnt != 0 && --second_cnt == 0) {
949 progress_meter(PROGRESS_END);
950 bb_error_msg_and_die("download timed out");
953 /* We used to loop back to poll here,
954 * but there is no great harm in letting fread
955 * to try reading anyway.
960 /* Need to do it _every_ second for "stalled" indicator
961 * to be shown properly.
963 progress_meter(PROGRESS_BUMP);
964 } /* while (reading data) */
966 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
968 ndelay_off(polldata.fd); /* else fgets can get very unhappy */
973 /* Each chunk ends with "\r\n" - eat it */
974 fgets_trim_sanitize(dfp, NULL);
976 /* chunk size format is "HEXNUM[;name[=val]]\r\n" */
977 fgets_trim_sanitize(dfp, NULL);
979 G.content_len = STRTOOFF(G.wget_buf, NULL, 16);
981 * Had a bug with inputs like "ffffffff0001f400"
982 * smashing the heap later. Ensure >= 0.
984 if (G.content_len < 0 || errno)
985 bb_error_msg_and_die("bad chunk length '%s'", G.wget_buf);
986 if (G.content_len == 0)
987 break; /* all done! */
990 * Note that fgets may result in some data being buffered in dfp.
991 * We loop back to fread, which will retrieve this data.
992 * Also note that code has to be arranged so that fread
993 * is done _before_ one-second poll wait - poll doesn't know
994 * about stdio buffering and can result in spurious one second waits!
998 /* If -c failed, we restart from the beginning,
999 * but we do not truncate file then, we do it only now, at the end.
1000 * This lets user to ^C if his 99% complete 10 GB file download
1001 * failed to restart *without* losing the almost complete file.
1004 off_t pos = lseek(G.output_fd, 0, SEEK_CUR);
1005 if (pos != (off_t)-1)
1006 ftruncate(G.output_fd, pos);
1009 /* Draw full bar and free its resources */
1010 G.chunked = 0; /* makes it show 100% even for chunked download */
1011 G.got_clen = 1; /* makes it show 100% even for download of (formerly) unknown size */
1012 progress_meter(PROGRESS_END);
1015 static void download_one_url(const char *url)
1017 bool use_proxy; /* Use proxies if env vars are set */
1019 len_and_sockaddr *lsa;
1020 FILE *sfp; /* socket to web/ftp server */
1021 FILE *dfp; /* socket to ftp server (data) */
1022 char *fname_out_alloc;
1023 char *redirected_path = NULL;
1024 struct host_info server;
1025 struct host_info target;
1027 server.allocated = NULL;
1028 target.allocated = NULL;
1032 parse_url(url, &target);
1034 /* Use the proxy if necessary */
1035 use_proxy = (strcmp(G.proxy_flag, "off") != 0);
1037 char *proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy");
1038 //FIXME: what if protocol is https? Ok to use http_proxy?
1039 use_proxy = (proxy && proxy[0]);
1041 parse_url(proxy, &server);
1044 server.protocol = target.protocol;
1045 server.port = target.port;
1046 if (ENABLE_FEATURE_IPV6) {
1047 //free(server.allocated); - can't be non-NULL
1048 server.host = server.allocated = xstrdup(target.host);
1050 server.host = target.host;
1054 if (ENABLE_FEATURE_IPV6)
1055 strip_ipv6_scope_id(target.host);
1057 /* If there was no -O FILE, guess output filename */
1058 fname_out_alloc = NULL;
1059 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1060 G.fname_out = bb_get_last_path_component_nostrip(target.path);
1061 /* handle "wget http://kernel.org//" */
1062 if (G.fname_out[0] == '/' || !G.fname_out[0])
1063 G.fname_out = (char*)"index.html";
1064 /* -P DIR is considered only if there was no -O FILE */
1066 G.fname_out = fname_out_alloc = concat_path_file(G.dir_prefix, G.fname_out);
1068 /* redirects may free target.path later, need to make a copy */
1069 G.fname_out = fname_out_alloc = xstrdup(G.fname_out);
1072 #if ENABLE_FEATURE_WGET_STATUSBAR
1073 G.curfile = bb_get_last_path_component_nostrip(G.fname_out);
1076 /* Determine where to start transfer */
1078 if (option_mask32 & WGET_OPT_CONTINUE) {
1079 G.output_fd = open(G.fname_out, O_WRONLY);
1080 if (G.output_fd >= 0) {
1081 G.beg_range = xlseek(G.output_fd, 0, SEEK_END);
1083 /* File doesn't exist. We do not create file here yet.
1084 * We are not sure it exists on remote side */
1089 lsa = xhost2sockaddr(server.host, server.port);
1090 if (!(option_mask32 & WGET_OPT_QUIET)) {
1091 char *s = xmalloc_sockaddr2dotted(&lsa->u.sa);
1092 fprintf(stderr, "Connecting to %s (%s)\n", server.host, s);
1096 /*G.content_len = 0; - redundant, got_clen = 0 is enough */
1099 if (use_proxy || target.protocol[0] != 'f' /*not ftp[s]*/) {
1106 /* Open socket to http(s) server */
1107 #if ENABLE_FEATURE_WGET_OPENSSL
1108 /* openssl (and maybe internal TLS) support is configured */
1109 if (server.protocol == P_HTTPS) {
1110 /* openssl-based helper
1111 * Inconvenient API since we can't give it an open fd
1113 int fd = spawn_https_helper_openssl(server.host, server.port);
1114 # if ENABLE_FEATURE_WGET_HTTPS
1115 if (fd < 0) { /* no openssl? try internal */
1116 sfp = open_socket(lsa);
1117 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1121 /* We don't check for exec("openssl") failure in this case */
1123 sfp = fdopen(fd, "r+");
1125 bb_die_memory_exhausted();
1128 sfp = open_socket(lsa);
1130 #elif ENABLE_FEATURE_WGET_HTTPS
1131 /* Only internal TLS support is configured */
1132 sfp = open_socket(lsa);
1133 if (server.protocol == P_HTTPS)
1134 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1136 /* ssl (https) support is not configured */
1137 sfp = open_socket(lsa);
1139 /* Send HTTP request */
1141 SENDFMT(sfp, "GET %s://%s/%s HTTP/1.1\r\n",
1142 target.protocol, target.host,
1145 SENDFMT(sfp, "%s /%s HTTP/1.1\r\n",
1146 (option_mask32 & WGET_OPT_POST_DATA) ? "POST" : "GET",
1149 if (!USR_HEADER_HOST)
1150 SENDFMT(sfp, "Host: %s\r\n", target.host);
1151 if (!USR_HEADER_USER_AGENT)
1152 SENDFMT(sfp, "User-Agent: %s\r\n", G.user_agent);
1154 /* Ask server to close the connection as soon as we are done
1155 * (IOW: we do not intend to send more requests)
1157 SENDFMT(sfp, "Connection: close\r\n");
1159 #if ENABLE_FEATURE_WGET_AUTHENTICATION
1160 if (target.user && !USR_HEADER_AUTH) {
1161 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n"+6,
1162 base64enc(target.user));
1164 if (use_proxy && server.user && !USR_HEADER_PROXY_AUTH) {
1165 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n",
1166 base64enc(server.user));
1170 if (G.beg_range != 0 && !USR_HEADER_RANGE)
1171 SENDFMT(sfp, "Range: bytes=%"OFF_FMT"u-\r\n", G.beg_range);
1173 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1174 if (G.extra_headers) {
1175 log_io(G.extra_headers);
1176 fputs(G.extra_headers, sfp);
1179 if (option_mask32 & WGET_OPT_POST_DATA) {
1181 "Content-Type: application/x-www-form-urlencoded\r\n"
1182 "Content-Length: %u\r\n"
1185 (int) strlen(G.post_data), G.post_data
1190 SENDFMT(sfp, "\r\n");
1195 /* Tried doing this unconditionally.
1196 * Cloudflare and nginx/1.11.5 are shocked to see SHUT_WR on non-HTTPS.
1199 if (target.protocol == P_HTTPS) {
1200 /* If we use SSL helper, keeping our end of the socket open for writing
1201 * makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
1202 * even after child closes its copy of the fd.
1205 shutdown(fileno(sfp), SHUT_WR);
1210 * Retrieve HTTP response line and check for "200" status code.
1213 fgets_trim_sanitize(sfp, " %s\n");
1216 str = skip_non_whitespace(str);
1217 str = skip_whitespace(str);
1218 // FIXME: no error check
1219 // xatou wouldn't work: "200 OK"
1224 while (get_sanitized_hdr(sfp) != NULL)
1225 /* eat all remaining headers */;
1228 /* Success responses */
1231 case 201: /* 201 Created */
1232 /* "The request has been fulfilled and resulted in a new resource being created" */
1233 /* Standard wget is reported to treat this as success */
1235 case 202: /* 202 Accepted */
1236 /* "The request has been accepted for processing, but the processing has not been completed" */
1237 /* Treat as success: fall through */
1238 case 203: /* 203 Non-Authoritative Information */
1239 /* "Use of this response code is not required and is only appropriate when the response would otherwise be 200 (OK)" */
1241 case 204: /* 204 No Content */
1243 Response 204 doesn't say "null file", it says "metadata
1244 has changed but data didn't":
1246 "10.2.5 204 No Content
1247 The server has fulfilled the request but does not need to return
1248 an entity-body, and might want to return updated metainformation.
1249 The response MAY include new or updated metainformation in the form
1250 of entity-headers, which if present SHOULD be associated with
1251 the requested variant.
1253 If the client is a user agent, it SHOULD NOT change its document
1254 view from that which caused the request to be sent. This response
1255 is primarily intended to allow input for actions to take place
1256 without causing a change to the user agent's active document view,
1257 although any new or updated metainformation SHOULD be applied
1258 to the document currently in the user agent's active view.
1260 The 204 response MUST NOT include a message-body, and thus
1261 is always terminated by the first empty line after the header fields."
1263 However, in real world it was observed that some web servers
1264 (e.g. Boa/0.94.14rc21) simply use code 204 when file size is zero.
1266 if (G.beg_range != 0) {
1267 /* "Range:..." was not honored by the server.
1268 * Restart download from the beginning.
1270 reset_beg_range_to_zero();
1273 /* 205 Reset Content ?? what to do on this ?? */
1275 case 300: /* redirection */
1281 case 206: /* Partial Content */
1282 if (G.beg_range != 0)
1283 /* "Range:..." worked. Good. */
1285 /* Partial Content even though we did not ask for it??? */
1288 bb_error_msg_and_die("server returned error: %s", G.wget_buf);
1292 * Retrieve HTTP headers.
1294 while ((str = get_sanitized_hdr(sfp)) != NULL) {
1295 static const char keywords[] ALIGN1 =
1296 "content-length\0""transfer-encoding\0""location\0";
1298 KEY_content_length = 1, KEY_transfer_encoding, KEY_location
1302 /* get_sanitized_hdr converted "FOO:" string to lowercase */
1304 /* strip trailing whitespace */
1305 char *s = strchrnul(str, '\0') - 1;
1306 while (s >= str && (*s == ' ' || *s == '\t')) {
1310 key = index_in_strings(keywords, G.wget_buf) + 1;
1311 if (key == KEY_content_length) {
1312 G.content_len = BB_STRTOOFF(str, NULL, 10);
1313 if (G.content_len < 0 || errno) {
1314 bb_error_msg_and_die("content-length %s is garbage", str);
1319 if (key == KEY_transfer_encoding) {
1320 if (strcmp(str_tolower(str), "chunked") != 0)
1321 bb_error_msg_and_die("transfer encoding '%s' is not supported", str);
1324 if (key == KEY_location && status >= 300) {
1325 if (--redir_limit == 0)
1326 bb_error_msg_and_die("too many redirections");
1328 if (str[0] == '/') {
1329 free(redirected_path);
1330 target.path = redirected_path = xstrdup(str + 1);
1331 /* lsa stays the same: it's on the same server */
1333 parse_url(str, &target);
1335 /* server.user remains untouched */
1336 free(server.allocated);
1337 server.allocated = NULL;
1338 server.protocol = target.protocol;
1339 server.host = target.host;
1340 /* strip_ipv6_scope_id(target.host); - no! */
1341 /* we assume remote never gives us IPv6 addr with scope id */
1342 server.port = target.port;
1345 } /* else: lsa stays the same: we use proxy */
1347 goto establish_session;
1350 // if (status >= 300)
1351 // bb_error_msg_and_die("bad redirection (no Location: header from server)");
1353 /* For HTTP, data is pumped over the same connection */
1359 sfp = prepare_ftp_session(&dfp, &target, lsa);
1364 if (!(option_mask32 & WGET_OPT_SPIDER)) {
1365 if (G.output_fd < 0)
1366 G.output_fd = xopen(G.fname_out, G.o_flags);
1367 retrieve_file_data(dfp);
1368 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1369 xclose(G.output_fd);
1375 /* It's ftp. Close data connection properly */
1377 if (ftpcmd(NULL, NULL, sfp) != 226)
1378 bb_error_msg_and_die("ftp error: %s", G.wget_buf);
1379 /* ftpcmd("QUIT", NULL, sfp); - why bother? */
1383 free(server.allocated);
1384 free(target.allocated);
1387 free(fname_out_alloc);
1388 free(redirected_path);
1391 int wget_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
1392 int wget_main(int argc UNUSED_PARAM, char **argv)
1394 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1395 static const char wget_longopts[] ALIGN1 =
1396 /* name, has_arg, val */
1397 "continue\0" No_argument "c"
1398 "quiet\0" No_argument "q"
1399 "server-response\0" No_argument "S"
1400 "output-document\0" Required_argument "O"
1401 "directory-prefix\0" Required_argument "P"
1402 "proxy\0" Required_argument "Y"
1403 "user-agent\0" Required_argument "U"
1404 IF_FEATURE_WGET_TIMEOUT(
1405 "timeout\0" Required_argument "T")
1407 IF_DESKTOP( "tries\0" Required_argument "t")
1408 "header\0" Required_argument "\xff"
1409 "post-data\0" Required_argument "\xfe"
1410 "spider\0" No_argument "\xfd"
1411 "no-check-certificate\0" No_argument "\xfc"
1412 /* Ignored (we always use PASV): */
1413 IF_DESKTOP( "passive-ftp\0" No_argument "\xf0")
1414 /* Ignored (we don't support caching) */
1415 IF_DESKTOP( "no-cache\0" No_argument "\xf0")
1416 IF_DESKTOP( "no-verbose\0" No_argument "\xf0")
1417 IF_DESKTOP( "no-clobber\0" No_argument "\xf0")
1418 IF_DESKTOP( "no-host-directories\0" No_argument "\xf0")
1419 IF_DESKTOP( "no-parent\0" No_argument "\xf0")
1421 # define GETOPT32 getopt32long
1422 # define LONGOPTS ,wget_longopts
1424 # define GETOPT32 getopt32
1428 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1429 llist_t *headers_llist = NULL;
1434 #if ENABLE_FEATURE_WGET_TIMEOUT
1435 G.timeout_seconds = 900;
1436 signal(SIGALRM, alarm_handler);
1438 G.proxy_flag = "on"; /* use proxies if env vars are set */
1439 G.user_agent = "Wget"; /* "User-Agent" header field */
1441 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1447 /* wget has exactly four -n<letter> opts, all of which we can ignore:
1448 * -nv --no-verbose: be moderately quiet (-q is full quiet)
1449 * -nc --no-clobber: abort if exists, neither download to FILE.n nor overwrite FILE
1450 * -nH --no-host-directories: wget -r http://host/ won't create host/
1452 * "n::" above says that we accept -n[ARG].
1453 * Specifying "n:" would be a bug: "-n ARG" would eat ARG!
1456 "-1" /* at least one URL */
1457 IF_FEATURE_WGET_LONG_OPTIONS(":\xff::") /* --header is a list */
1459 , &G.fname_out, &G.dir_prefix,
1460 &G.proxy_flag, &G.user_agent,
1461 IF_FEATURE_WGET_TIMEOUT(&G.timeout_seconds) IF_NOT_FEATURE_WGET_TIMEOUT(NULL),
1462 NULL, /* -t RETRIES */
1464 IF_FEATURE_WGET_LONG_OPTIONS(, &headers_llist)
1465 IF_FEATURE_WGET_LONG_OPTIONS(, &G.post_data)
1467 #if 0 /* option bits debug */
1468 if (option_mask32 & WGET_OPT_RETRIES) bb_error_msg("-t NUM");
1469 if (option_mask32 & WGET_OPT_nsomething) bb_error_msg("-nsomething");
1470 if (option_mask32 & WGET_OPT_HEADER) bb_error_msg("--header");
1471 if (option_mask32 & WGET_OPT_POST_DATA) bb_error_msg("--post-data");
1472 if (option_mask32 & WGET_OPT_SPIDER) bb_error_msg("--spider");
1473 if (option_mask32 & WGET_OPT_NO_CHECK_CERT) bb_error_msg("--no-check-certificate");
1478 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1479 if (headers_llist) {
1482 llist_t *ll = headers_llist;
1484 size += strlen(ll->data) + 2;
1487 G.extra_headers = hdr = xmalloc(size + 1);
1488 while (headers_llist) {
1492 size = sprintf(hdr, "%s\r\n",
1493 (char*)llist_pop(&headers_llist));
1494 /* a bit like index_in_substrings but don't match full key */
1496 words = wget_user_headers;
1498 if (strstr(hdr, words) == hdr) {
1499 G.user_headers |= bit;
1503 words += strlen(words) + 1;
1511 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC | O_EXCL;
1512 if (G.fname_out) { /* -O FILE ? */
1513 if (LONE_DASH(G.fname_out)) { /* -O - ? */
1515 option_mask32 &= ~WGET_OPT_CONTINUE;
1517 /* compat with wget: -O FILE can overwrite */
1518 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC;
1522 download_one_url(*argv++);
1524 if (G.output_fd >= 0)
1525 xclose(G.output_fd);
1527 #if ENABLE_FEATURE_CLEAN_UP && ENABLE_FEATURE_WGET_LONG_OPTIONS
1528 free(G.extra_headers);
1532 return EXIT_SUCCESS;
projects / oweals / busybox.git / blob