1 /* vi: set sw=4 ts=4: */
3 * wget - retrieve a file using HTTP or FTP
5 * Chip Rosenthal Covad Communications <chip@laserlink.net>
6 * Licensed under GPLv2, see file LICENSE in this source tree.
8 * Copyright (C) 2010 Bradley M. Kuhn <bkuhn@ebb.org>
9 * Kuhn's copyrights are licensed GPLv2-or-later. File as a whole remains GPLv2.
12 //config: bool "wget (35 kb)"
15 //config: wget is a utility for non-interactive download of files from HTTP
16 //config: and FTP servers.
18 //config:config FEATURE_WGET_LONG_OPTIONS
19 //config: bool "Enable long options"
21 //config: depends on WGET && LONG_OPTS
23 //config:config FEATURE_WGET_STATUSBAR
24 //config: bool "Enable progress bar (+2k)"
26 //config: depends on WGET
28 //config:config FEATURE_WGET_AUTHENTICATION
29 //config: bool "Enable HTTP authentication"
31 //config: depends on WGET
33 //config: Support authenticated HTTP transfers.
35 //config:config FEATURE_WGET_TIMEOUT
36 //config: bool "Enable timeout option -T SEC"
38 //config: depends on WGET
40 //config: Supports network read and connect timeouts for wget,
41 //config: so that wget will give up and timeout, through the -T
42 //config: command line option.
44 //config: Currently only connect and network data read timeout are
45 //config: supported (i.e., timeout is not applied to the DNS query). When
46 //config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
47 //config: will work in addition to -T.
49 //config:config FEATURE_WGET_HTTPS
50 //config: bool "Support HTTPS using internal TLS code"
51 //it also enables FTPS support, but it's not well tested yet
53 //config: depends on WGET
56 //config: wget will use internal TLS code to connect to https:// URLs.
58 //config: On NOMMU machines, ssl_helper applet should be available
59 //config: in the $PATH for this to work. Make sure to select that applet.
61 //config: Note: currently, TLS code only makes TLS I/O work, it
62 //config: does *not* check that the peer is who it claims to be, etc.
63 //config: IOW: it uses peer-supplied public keys to establish encryption
64 //config: and signing keys, then encrypts and signs outgoing data and
65 //config: decrypts incoming data.
66 //config: It does not check signature hashes on the incoming data:
67 //config: this means that attackers manipulating TCP packets can
68 //config: send altered data and we unknowingly receive garbage.
69 //config: (This check might be relatively easy to add).
70 //config: It does not check public key's certificate:
71 //config: this means that the peer may be an attacker impersonating
72 //config: the server we think we are talking to.
74 //config: If you think this is unacceptable, consider this. As more and more
75 //config: servers switch to HTTPS-only operation, without such "crippled"
76 //config: TLS code it is *impossible* to simply download a kernel source
77 //config: from kernel.org. Which can in real world translate into
78 //config: "my small automatic tooling to build cross-compilers from sources
79 //config: no longer works, I need to additionally keep a local copy
80 //config: of ~4 megabyte source tarball of a SSL library and ~2 megabyte
81 //config: source of wget, need to compile and built both before I can
82 //config: download anything. All this despite the fact that the build
83 //config: is done in a QEMU sandbox on a machine with absolutely nothing
84 //config: worth stealing, so I don't care if someone would go to a lot
85 //config: of trouble to intercept my HTTPS download to send me an altered
86 //config: kernel tarball".
88 //config: If you still think this is unacceptable, send patches.
90 //config: If you still think this is unacceptable, do not want to send
91 //config: patches, but do want to waste bandwidth expaining how wrong
92 //config: it is, you will be ignored.
94 //config:config FEATURE_WGET_OPENSSL
95 //config: bool "Try to connect to HTTPS using openssl"
97 //config: depends on WGET
99 //config: Try to use openssl to handle HTTPS.
101 //config: OpenSSL has a simple SSL client for debug purposes.
102 //config: If you select this option, wget will effectively run:
103 //config: "openssl s_client -quiet -connect hostname:443
104 //config: -servername hostname 2>/dev/null" and pipe its data
105 //config: through it. -servername is not used if hostname is numeric.
106 //config: Note inconvenient API: host resolution is done twice,
107 //config: and there is no guarantee openssl's idea of IPv6 address
108 //config: format is the same as ours.
109 //config: Another problem is that s_client prints debug information
110 //config: to stderr, and it needs to be suppressed. This means
111 //config: all error messages get suppressed too.
112 //config: openssl is also a big binary, often dynamically linked
113 //config: against ~15 libraries.
115 //config: If openssl can't be executed, internal TLS code will be used
116 //config: (if you enabled it); if openssl can be executed but fails later,
117 //config: wget can't detect this, and download will fail.
119 //applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP))
121 //kbuild:lib-$(CONFIG_WGET) += wget.o
123 //usage:#define wget_trivial_usage
124 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
125 //usage: "[-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]\n"
126 //usage: " [--header 'header: value'] [-Y|--proxy on/off] [-P DIR]\n"
127 /* Since we ignore these opts, we don't show them in --help */
128 /* //usage: " [--no-check-certificate] [--no-cache] [--passive-ftp] [-t TRIES]" */
129 /* //usage: " [-nv] [-nc] [-nH] [-np]" */
130 //usage: " [-S|--server-response] [-U|--user-agent AGENT]" IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
132 //usage: IF_NOT_FEATURE_WGET_LONG_OPTIONS(
133 //usage: "[-cq] [-O FILE] [-Y on/off] [-P DIR] [-S] [-U AGENT]"
134 //usage: IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
136 //usage:#define wget_full_usage "\n\n"
137 //usage: "Retrieve files via HTTP or FTP\n"
138 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
139 //usage: "\n --spider Only check URL existence: $? is 0 if exists"
140 ///////: "\n --no-check-certificate Don't validate the server's certificate"
142 //usage: "\n -c Continue retrieval of aborted transfer"
143 //usage: "\n -q Quiet"
144 //usage: "\n -P DIR Save to DIR (default .)"
145 //usage: "\n -S Show server response"
146 //usage: IF_FEATURE_WGET_TIMEOUT(
147 //usage: "\n -T SEC Network read timeout is SEC seconds"
149 //usage: "\n -O FILE Save to FILE ('-' for stdout)"
150 //usage: "\n -U STR Use STR for User-Agent header"
151 //usage: "\n -Y on/off Use proxy"
156 # define log_io(...) bb_error_msg(__VA_ARGS__)
157 # define SENDFMT(fp, fmt, ...) \
159 log_io("> " fmt, ##__VA_ARGS__); \
160 fprintf(fp, fmt, ##__VA_ARGS__); \
163 # define log_io(...) ((void)0)
164 # define SENDFMT(fp, fmt, ...) fprintf(fp, fmt, ##__VA_ARGS__)
168 #define SSL_SUPPORTED (ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_HTTPS)
174 const char *protocol;
178 static const char P_FTP[] ALIGN1 = "ftp";
179 static const char P_HTTP[] ALIGN1 = "http";
181 # if ENABLE_FEATURE_WGET_HTTPS
182 static const char P_FTPS[] ALIGN1 = "ftps";
184 static const char P_HTTPS[] ALIGN1 = "https";
187 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
188 /* User-specified headers prevent using our corresponding built-in headers. */
191 HDR_USER_AGENT = (1<<1),
193 HDR_AUTH = (1<<3) * ENABLE_FEATURE_WGET_AUTHENTICATION,
194 HDR_PROXY_AUTH = (1<<4) * ENABLE_FEATURE_WGET_AUTHENTICATION,
196 static const char wget_user_headers[] ALIGN1 =
200 # if ENABLE_FEATURE_WGET_AUTHENTICATION
202 "Proxy-Authorization:\0"
205 # define USR_HEADER_HOST (G.user_headers & HDR_HOST)
206 # define USR_HEADER_USER_AGENT (G.user_headers & HDR_USER_AGENT)
207 # define USR_HEADER_RANGE (G.user_headers & HDR_RANGE)
208 # define USR_HEADER_AUTH (G.user_headers & HDR_AUTH)
209 # define USR_HEADER_PROXY_AUTH (G.user_headers & HDR_PROXY_AUTH)
210 #else /* No long options, no user-headers :( */
211 # define USR_HEADER_HOST 0
212 # define USR_HEADER_USER_AGENT 0
213 # define USR_HEADER_RANGE 0
214 # define USR_HEADER_AUTH 0
215 # define USR_HEADER_PROXY_AUTH 0
220 off_t content_len; /* Content-length of the file */
221 off_t beg_range; /* Range at which continue begins */
222 #if ENABLE_FEATURE_WGET_STATUSBAR
223 off_t transferred; /* Number of bytes transferred so far */
224 const char *curfile; /* Name of current file being transferred */
228 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
231 unsigned char user_headers; /* Headers mentioned by the user */
233 char *fname_out; /* where to direct output (-O) */
234 const char *proxy_flag; /* Use proxies if env vars are set */
235 const char *user_agent; /* "User-Agent" header field */
236 #if ENABLE_FEATURE_WGET_TIMEOUT
237 unsigned timeout_seconds;
238 bool die_if_timed_out;
242 smallint chunked; /* chunked transfer encoding */
243 smallint got_clen; /* got content-length: from server */
244 /* Local downloads do benefit from big buffer.
245 * With 512 byte buffer, it was measured to be
246 * an order of magnitude slower than with big one.
248 uint64_t just_to_align_next_member;
249 char wget_buf[CONFIG_FEATURE_COPYBUF_KB*1024];
251 #define G (*ptr_to_globals)
252 #define INIT_G() do { \
253 SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \
255 #define FINI_G() do { \
256 FREE_PTR_TO_GLOBALS(); \
260 /* Must match option string! */
262 WGET_OPT_CONTINUE = (1 << 0),
263 WGET_OPT_QUIET = (1 << 1),
264 WGET_OPT_SERVER_RESPONSE = (1 << 2),
265 WGET_OPT_OUTNAME = (1 << 3),
266 WGET_OPT_PREFIX = (1 << 4),
267 WGET_OPT_PROXY = (1 << 5),
268 WGET_OPT_USER_AGENT = (1 << 6),
269 WGET_OPT_NETWORK_READ_TIMEOUT = (1 << 7),
270 WGET_OPT_RETRIES = (1 << 8),
271 WGET_OPT_nsomething = (1 << 9),
272 WGET_OPT_HEADER = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
273 WGET_OPT_POST_DATA = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
274 WGET_OPT_SPIDER = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
275 WGET_OPT_NO_CHECK_CERT = (1 << 13) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
283 #if ENABLE_FEATURE_WGET_STATUSBAR
284 static void progress_meter(int flag)
286 if (option_mask32 & WGET_OPT_QUIET)
289 if (flag == PROGRESS_START)
290 bb_progress_init(&G.pmt, G.curfile);
292 bb_progress_update(&G.pmt,
295 (G.chunked || !G.got_clen) ? 0 : G.beg_range + G.transferred + G.content_len
298 if (flag == PROGRESS_END) {
299 bb_progress_free(&G.pmt);
300 bb_putchar_stderr('\n');
305 static ALWAYS_INLINE void progress_meter(int flag UNUSED_PARAM) { }
309 /* IPv6 knows scoped address types i.e. link and site local addresses. Link
310 * local addresses can have a scope identifier to specify the
311 * interface/link an address is valid on (e.g. fe80::1%eth0). This scope
312 * identifier is only valid on a single node.
314 * RFC 4007 says that the scope identifier MUST NOT be sent across the wire,
315 * unless all nodes agree on the semantic. Apache e.g. regards zone identifiers
316 * in the Host header as invalid requests, see
317 * https://issues.apache.org/bugzilla/show_bug.cgi?id=35122
319 static void strip_ipv6_scope_id(char *host)
323 /* bbox wget actually handles IPv6 addresses without [], like
324 * wget "http://::1/xxx", but this is not standard.
325 * To save code, _here_ we do not support it. */
328 return; /* not IPv6 */
330 scope = strchr(host, '%');
334 /* Remove the IPv6 zone identifier from the host address */
335 cp = strchr(host, ']');
336 if (!cp || (cp[1] != ':' && cp[1] != '\0')) {
337 /* malformed address (not "[xx]:nn" or "[xx]") */
341 /* cp points to "]...", scope points to "%eth0]..." */
342 overlapping_strcpy(scope, cp);
345 #if ENABLE_FEATURE_WGET_AUTHENTICATION
346 /* Base64-encode character string. */
347 static char *base64enc(const char *str)
349 unsigned len = strlen(str);
350 if (len > sizeof(G.wget_buf)/4*3 - 10) /* paranoia */
351 len = sizeof(G.wget_buf)/4*3 - 10;
352 bb_uuencode(G.wget_buf, str, len, bb_uuenc_tbl_base64);
357 #if ENABLE_FEATURE_WGET_TIMEOUT
358 static void alarm_handler(int sig UNUSED_PARAM)
360 /* This is theoretically unsafe (uses stdio and malloc in signal handler) */
361 if (G.die_if_timed_out)
362 bb_error_msg_and_die("download timed out");
364 static void set_alarm(void)
366 if (G.timeout_seconds) {
367 alarm(G.timeout_seconds);
368 G.die_if_timed_out = 1;
371 # define clear_alarm() ((void)(G.die_if_timed_out = 0))
373 # define set_alarm() ((void)0)
374 # define clear_alarm() ((void)0)
377 #if ENABLE_FEATURE_WGET_OPENSSL
379 * is_ip_address() attempts to verify whether or not a string
380 * contains an IPv4 or IPv6 address (vs. an FQDN). The result
381 * of inet_pton() can be used to determine this.
383 * TODO add proper error checking when inet_pton() returns -1
384 * (some form of system error has occurred, and errno is set)
386 static int is_ip_address(const char *string)
388 struct sockaddr_in sa;
390 int result = inet_pton(AF_INET, string, &(sa.sin_addr));
391 # if ENABLE_FEATURE_IPV6
393 struct sockaddr_in6 sa6;
394 result = inet_pton(AF_INET6, string, &(sa6.sin6_addr));
397 return (result == 1);
401 static FILE *open_socket(len_and_sockaddr *lsa)
407 fd = xconnect_stream(lsa);
410 /* glibc 2.4 seems to try seeking on it - ??! */
411 /* hopefully it understands what ESPIPE means... */
412 fp = fdopen(fd, "r+");
414 bb_die_memory_exhausted();
419 /* We balk at any control chars in other side's messages.
420 * This prevents nasty surprises (e.g. ESC sequences) in "Location:" URLs
421 * and error messages.
423 * The only exception is tabs, which are converted to (one) space:
424 * HTTP's "headers: <whitespace> values" may have those.
426 static char* sanitize_string(char *s)
428 unsigned char *p = (void *) s;
441 /* Returns '\n' if it was seen, else '\0'. Trims at first '\r' or '\n' */
442 static char fgets_trim_sanitize(FILE *fp, const char *fmt)
448 if (fgets(G.wget_buf, sizeof(G.wget_buf), fp) == NULL)
449 bb_perror_msg_and_die("error getting response");
452 buf_ptr = strchrnul(G.wget_buf, '\n');
455 /* Disallow any control chars: trim at first char < 0x20 */
456 sanitize_string(G.wget_buf);
459 buf_ptr = strchrnul(G.wget_buf, '\r');
463 log_io("< %s", G.wget_buf);
465 if (fmt && (option_mask32 & WGET_OPT_SERVER_RESPONSE))
466 fprintf(stderr, fmt, G.wget_buf);
471 static int ftpcmd(const char *s1, const char *s2, FILE *fp)
477 fprintf(fp, "%s%s\r\n", s1, s2);
478 /* With --server-response, wget also shows its ftp commands */
479 if (option_mask32 & WGET_OPT_SERVER_RESPONSE)
480 fprintf(stderr, "--> %s%s\n\n", s1, s2);
482 log_io("> %s%s", s1, s2);
485 /* Read until "Nxx something" is received */
488 fgets_trim_sanitize(fp, "%s\n");
489 } while (!isdigit(G.wget_buf[0]) || G.wget_buf[3] != ' ');
491 G.wget_buf[3] = '\0';
492 result = xatoi_positive(G.wget_buf);
497 static void parse_url(const char *src_url, struct host_info *h)
502 h->allocated = url = xstrdup(src_url);
505 p = strstr(url, "://");
509 if (strcmp(url, P_FTP) == 0) {
510 h->port = bb_lookup_std_port(P_FTP, "tcp", 21);
513 # if ENABLE_FEATURE_WGET_HTTPS
514 if (strcmp(url, P_FTPS) == 0) {
515 h->port = bb_lookup_std_port(P_FTPS, "tcp", 990);
516 h->protocol = P_FTPS;
519 if (strcmp(url, P_HTTPS) == 0) {
520 h->port = bb_lookup_std_port(P_HTTPS, "tcp", 443);
521 h->protocol = P_HTTPS;
524 if (strcmp(url, P_HTTP) == 0) {
526 h->port = bb_lookup_std_port(P_HTTP, "tcp", 80);
527 h->protocol = P_HTTP;
530 bb_error_msg_and_die("not an http or ftp url: %s", url);
533 // GNU wget is user-friendly and falls back to http://
539 // "Real" wget 'http://busybox.net?var=a/b' sends this request:
540 // 'GET /?var=a/b HTTP/1.0'
541 // and saves 'index.html?var=a%2Fb' (we save 'b')
542 // wget 'http://busybox.net?login=john@doe':
543 // request: 'GET /?login=john@doe HTTP/1.0'
544 // saves: 'index.html?login=john@doe' (we save 'login=john@doe')
545 // wget 'http://busybox.net#test/test':
546 // request: 'GET / HTTP/1.0'
547 // saves: 'index.html' (we save 'test')
549 // We also don't add unique .N suffix if file exists...
550 sp = strchr(h->host, '/');
551 p = strchr(h->host, '?'); if (!sp || (p && sp > p)) sp = p;
552 p = strchr(h->host, '#'); if (!sp || (p && sp > p)) sp = p;
555 } else if (*sp == '/') {
559 // sp points to '#' or '?'
561 // http://busybox.net?login=john@doe is a valid URL
562 // (without '/' between ".net" and "?"),
563 // can't store NUL at sp[-1] - this destroys hostname.
568 sp = strrchr(h->host, '@');
570 // URL-decode "user:password" string before base64-encoding:
571 // wget http://test:my%20pass@example.com should send
572 // Authorization: Basic dGVzdDpteSBwYXNz
573 // which decodes to "test:my pass".
574 // Standard wget and curl do this too.
577 h->user = xstrdup(percent_decode_in_place(h->host, /*strict:*/ 0));
580 /* else: h->user remains NULL, or as set by original request
581 * before redirect (if we are here after a redirect).
585 static char *get_sanitized_hdr(FILE *fp)
590 /* retrieve header line */
591 c = fgets_trim_sanitize(fp, " %s\n");
593 /* end of the headers? */
594 if (G.wget_buf[0] == '\0')
597 /* convert the header name to lower case */
598 for (s = G.wget_buf; isalnum(*s) || *s == '-' || *s == '.' || *s == '_'; ++s) {
600 * No-op for 20-3f and 60-7f. "0-9a-z-." are in these ranges.
601 * 40-5f range ("@A-Z[\]^_") maps to 60-7f.
602 * "A-Z" maps to "a-z".
603 * "@[\]" can't occur in header names.
604 * "^_" maps to "~,DEL" (which is wrong).
605 * "^" was never seen yet, "_" was seen from web.archive.org
606 * (x-archive-orig-x_commoncrawl_Signature: HEXSTRING).
611 /* verify we are at the end of the header name */
613 bb_error_msg_and_die("bad header line: %s", G.wget_buf);
615 /* locate the start of the header value */
617 hdrval = skip_whitespace(s);
620 /* Rats! The buffer isn't big enough to hold the entire header value */
621 while (c = getc(fp), c != EOF && c != '\n')
628 static void reset_beg_range_to_zero(void)
630 bb_error_msg("restart failed");
632 xlseek(G.output_fd, 0, SEEK_SET);
633 /* Done at the end instead: */
634 /* ftruncate(G.output_fd, 0); */
637 #if ENABLE_FEATURE_WGET_OPENSSL
638 static int spawn_https_helper_openssl(const char *host, unsigned port)
640 char *allocated = NULL;
644 IF_FEATURE_WGET_HTTPS(volatile int child_failed = 0;)
646 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
647 /* Kernel can have AF_UNIX support disabled */
648 bb_perror_msg_and_die("socketpair");
650 if (!strchr(host, ':'))
651 host = allocated = xasprintf("%s:%u", host, port);
652 servername = xstrdup(host);
653 strrchr(servername, ':')[0] = '\0';
665 * openssl s_client -quiet -connect www.kernel.org:443 2>/dev/null
666 * It prints some debug stuff on stderr, don't know how to suppress it.
667 * Work around by dev-nulling stderr. We lose all error messages :(
670 xopen("/dev/null", O_RDWR);
671 memset(&argv, 0, sizeof(argv));
672 argv[0] = (char*)"openssl";
673 argv[1] = (char*)"s_client";
674 argv[2] = (char*)"-quiet";
675 argv[3] = (char*)"-connect";
676 argv[4] = (char*)host;
678 * Per RFC 6066 Section 3, the only permitted values in the
679 * TLS server_name (SNI) field are FQDNs (DNS hostnames).
680 * IPv4 and IPv6 addresses, port numbers are not allowed.
682 if (!is_ip_address(servername)) {
683 argv[5] = (char*)"-servername";
684 argv[6] = (char*)servername;
687 BB_EXECVP(argv[0], argv);
689 # if ENABLE_FEATURE_WGET_HTTPS
693 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
702 # if ENABLE_FEATURE_WGET_HTTPS
712 #if ENABLE_FEATURE_WGET_HTTPS
713 static void spawn_ssl_client(const char *host, int network_fd, int flags)
717 char *servername, *p;
719 if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
720 option_mask32 |= WGET_OPT_NO_CHECK_CERT;
721 bb_error_msg("note: TLS certificate validation not implemented");
724 servername = xstrdup(host);
725 p = strrchr(servername, ':');
728 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
729 /* Kernel can have AF_UNIX support disabled */
730 bb_perror_msg_and_die("socketpair");
733 pid = BB_MMU ? xfork() : xvfork();
740 tls_state_t *tls = new_tls_state();
741 tls->ifd = tls->ofd = network_fd;
742 tls_handshake(tls, servername);
743 tls_run_copy_loop(tls, flags);
748 xmove_fd(network_fd, 3);
749 argv[0] = (char*)"ssl_client";
750 argv[1] = (char*)"-s3";
751 //TODO: if (!is_ip_address(servername))...
752 argv[2] = (char*)"-n";
753 argv[3] = servername;
754 argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL);
756 BB_EXECVP(argv[0], argv);
757 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
765 xmove_fd(sp[0], network_fd);
769 static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_sockaddr *lsa)
775 sfp = open_socket(lsa);
776 #if ENABLE_FEATURE_WGET_HTTPS
777 if (target->protocol == P_FTPS)
778 spawn_ssl_client(target->host, fileno(sfp), TLSLOOP_EXIT_ON_LOCAL_EOF);
781 if (ftpcmd(NULL, NULL, sfp) != 220)
782 bb_error_msg_and_die("%s", G.wget_buf);
783 /* note: ftpcmd() sanitizes G.wget_buf, ok to print */
785 /* Split username:password pair */
786 pass = (char*)"busybox"; /* password for "anonymous" */
788 pass = strchr(target->user, ':');
794 switch (ftpcmd("USER ", target->user ?: "anonymous", sfp)) {
798 if (ftpcmd("PASS ", pass, sfp) == 230)
800 /* fall through (failed login) */
802 bb_error_msg_and_die("ftp login: %s", G.wget_buf);
805 ftpcmd("TYPE I", NULL, sfp);
807 /* Query file size */
808 if (ftpcmd("SIZE ", target->path, sfp) == 213) {
809 G.content_len = BB_STRTOOFF(G.wget_buf + 4, NULL, 10);
810 if (G.content_len < 0 || errno) {
811 bb_error_msg_and_die("bad SIZE value '%s'", G.wget_buf + 4);
816 /* Enter passive mode */
817 if (ENABLE_FEATURE_IPV6 && ftpcmd("EPSV", NULL, sfp) == 229) {
820 if (ftpcmd("PASV", NULL, sfp) != 227) {
822 bb_error_msg_and_die("bad response to %s: %s", "PASV", G.wget_buf);
824 port = parse_pasv_epsv(G.wget_buf);
828 set_nport(&lsa->u.sa, htons(port));
830 *dfpp = open_socket(lsa);
832 #if ENABLE_FEATURE_WGET_HTTPS
833 if (target->protocol == P_FTPS) {
834 /* "PROT P" enables encryption of data stream.
835 * Without it (or with "PROT C"), data is sent unencrypted.
837 if (ftpcmd("PROT P", NULL, sfp) == 200)
838 spawn_ssl_client(target->host, fileno(*dfpp), /*flags*/ 0);
842 if (G.beg_range != 0) {
843 sprintf(G.wget_buf, "REST %"OFF_FMT"u", G.beg_range);
844 if (ftpcmd(G.wget_buf, NULL, sfp) == 350)
845 G.content_len -= G.beg_range;
847 reset_beg_range_to_zero();
850 //TODO: needs ftp-escaping 0xff and '\n' bytes here.
851 //Or disallow '\n' altogether via sanitize_string() in parse_url().
852 //But 0xff's are possible in valid utf8 filenames.
853 if (ftpcmd("RETR ", target->path, sfp) > 150)
854 bb_error_msg_and_die("bad response to %s: %s", "RETR", G.wget_buf);
859 static void NOINLINE retrieve_file_data(FILE *dfp)
861 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
862 # if ENABLE_FEATURE_WGET_TIMEOUT
863 unsigned second_cnt = G.timeout_seconds;
865 struct pollfd polldata;
867 polldata.fd = fileno(dfp);
868 polldata.events = POLLIN | POLLPRI;
870 progress_meter(PROGRESS_START);
875 /* Loops only if chunked */
878 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
879 /* Must use nonblocking I/O, otherwise fread will loop
880 * and *block* until it reads full buffer,
881 * which messes up progress bar and/or timeout logic.
882 * Because of nonblocking I/O, we need to dance
883 * very carefully around EAGAIN. See explanation at
886 ndelay_on(polldata.fd);
892 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
893 /* fread internally uses read loop, which in our case
894 * is usually exited when we get EAGAIN.
895 * In this case, libc sets error marker on the stream.
896 * Need to clear it before next fread to avoid possible
897 * rare false positive ferror below. Rare because usually
898 * fread gets more than zero bytes, and we don't fall
899 * into if (n <= 0) ...
904 rdsz = sizeof(G.wget_buf);
906 if (G.content_len < (off_t)sizeof(G.wget_buf)) {
907 if ((int)G.content_len <= 0)
909 rdsz = (unsigned)G.content_len;
912 n = fread(G.wget_buf, 1, rdsz, dfp);
915 xwrite(G.output_fd, G.wget_buf, n);
916 #if ENABLE_FEATURE_WGET_STATUSBAR
921 if (G.content_len == 0)
924 #if ENABLE_FEATURE_WGET_TIMEOUT
925 second_cnt = G.timeout_seconds;
932 * If error occurs, or EOF is reached, the return value
933 * is a short item count (or zero).
934 * fread does not distinguish between EOF and error.
936 if (errno != EAGAIN) {
938 progress_meter(PROGRESS_END);
939 bb_perror_msg_and_die(bb_msg_read_error);
941 break; /* EOF, not error */
944 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
945 /* It was EAGAIN. There is no data. Wait up to one second
946 * then abort if timed out, or update the bar and try reading again.
948 if (safe_poll(&polldata, 1, 1000) == 0) {
949 # if ENABLE_FEATURE_WGET_TIMEOUT
950 if (second_cnt != 0 && --second_cnt == 0) {
951 progress_meter(PROGRESS_END);
952 bb_error_msg_and_die("download timed out");
955 /* We used to loop back to poll here,
956 * but there is no great harm in letting fread
957 * to try reading anyway.
962 /* Need to do it _every_ second for "stalled" indicator
963 * to be shown properly.
965 progress_meter(PROGRESS_BUMP);
966 } /* while (reading data) */
968 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
970 ndelay_off(polldata.fd); /* else fgets can get very unhappy */
975 /* Each chunk ends with "\r\n" - eat it */
976 fgets_trim_sanitize(dfp, NULL);
978 /* chunk size format is "HEXNUM[;name[=val]]\r\n" */
979 fgets_trim_sanitize(dfp, NULL);
981 G.content_len = STRTOOFF(G.wget_buf, NULL, 16);
983 * Had a bug with inputs like "ffffffff0001f400"
984 * smashing the heap later. Ensure >= 0.
986 if (G.content_len < 0 || errno)
987 bb_error_msg_and_die("bad chunk length '%s'", G.wget_buf);
988 if (G.content_len == 0)
989 break; /* all done! */
992 * Note that fgets may result in some data being buffered in dfp.
993 * We loop back to fread, which will retrieve this data.
994 * Also note that code has to be arranged so that fread
995 * is done _before_ one-second poll wait - poll doesn't know
996 * about stdio buffering and can result in spurious one second waits!
1000 /* If -c failed, we restart from the beginning,
1001 * but we do not truncate file then, we do it only now, at the end.
1002 * This lets user to ^C if his 99% complete 10 GB file download
1003 * failed to restart *without* losing the almost complete file.
1006 off_t pos = lseek(G.output_fd, 0, SEEK_CUR);
1007 if (pos != (off_t)-1)
1008 ftruncate(G.output_fd, pos);
1011 /* Draw full bar and free its resources */
1012 G.chunked = 0; /* makes it show 100% even for chunked download */
1013 G.got_clen = 1; /* makes it show 100% even for download of (formerly) unknown size */
1014 progress_meter(PROGRESS_END);
1017 static void download_one_url(const char *url)
1019 bool use_proxy; /* Use proxies if env vars are set */
1021 len_and_sockaddr *lsa;
1022 FILE *sfp; /* socket to web/ftp server */
1023 FILE *dfp; /* socket to ftp server (data) */
1024 char *fname_out_alloc;
1025 char *redirected_path = NULL;
1026 struct host_info server;
1027 struct host_info target;
1029 server.allocated = NULL;
1030 target.allocated = NULL;
1034 parse_url(url, &target);
1036 /* Use the proxy if necessary */
1037 use_proxy = (strcmp(G.proxy_flag, "off") != 0);
1039 char *proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy");
1040 //FIXME: what if protocol is https? Ok to use http_proxy?
1041 use_proxy = (proxy && proxy[0]);
1043 parse_url(proxy, &server);
1046 server.protocol = target.protocol;
1047 server.port = target.port;
1048 if (ENABLE_FEATURE_IPV6) {
1049 //free(server.allocated); - can't be non-NULL
1050 server.host = server.allocated = xstrdup(target.host);
1052 server.host = target.host;
1056 if (ENABLE_FEATURE_IPV6)
1057 strip_ipv6_scope_id(target.host);
1059 /* If there was no -O FILE, guess output filename */
1060 fname_out_alloc = NULL;
1061 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1062 G.fname_out = bb_get_last_path_component_nostrip(target.path);
1063 /* handle "wget http://kernel.org//" */
1064 if (G.fname_out[0] == '/' || !G.fname_out[0])
1065 G.fname_out = (char*)"index.html";
1066 /* -P DIR is considered only if there was no -O FILE */
1068 G.fname_out = fname_out_alloc = concat_path_file(G.dir_prefix, G.fname_out);
1070 /* redirects may free target.path later, need to make a copy */
1071 G.fname_out = fname_out_alloc = xstrdup(G.fname_out);
1074 #if ENABLE_FEATURE_WGET_STATUSBAR
1075 G.curfile = bb_get_last_path_component_nostrip(G.fname_out);
1078 /* Determine where to start transfer */
1080 if (option_mask32 & WGET_OPT_CONTINUE) {
1081 G.output_fd = open(G.fname_out, O_WRONLY);
1082 if (G.output_fd >= 0) {
1083 G.beg_range = xlseek(G.output_fd, 0, SEEK_END);
1085 /* File doesn't exist. We do not create file here yet.
1086 * We are not sure it exists on remote side */
1091 lsa = xhost2sockaddr(server.host, server.port);
1092 if (!(option_mask32 & WGET_OPT_QUIET)) {
1093 char *s = xmalloc_sockaddr2dotted(&lsa->u.sa);
1094 fprintf(stderr, "Connecting to %s (%s)\n", server.host, s);
1098 /*G.content_len = 0; - redundant, got_clen = 0 is enough */
1101 if (use_proxy || target.protocol[0] != 'f' /*not ftp[s]*/) {
1108 /* Open socket to http(s) server */
1109 #if ENABLE_FEATURE_WGET_OPENSSL
1110 /* openssl (and maybe internal TLS) support is configured */
1111 if (server.protocol == P_HTTPS) {
1112 /* openssl-based helper
1113 * Inconvenient API since we can't give it an open fd
1115 int fd = spawn_https_helper_openssl(server.host, server.port);
1116 # if ENABLE_FEATURE_WGET_HTTPS
1117 if (fd < 0) { /* no openssl? try internal */
1118 sfp = open_socket(lsa);
1119 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1123 /* We don't check for exec("openssl") failure in this case */
1125 sfp = fdopen(fd, "r+");
1127 bb_die_memory_exhausted();
1130 sfp = open_socket(lsa);
1132 #elif ENABLE_FEATURE_WGET_HTTPS
1133 /* Only internal TLS support is configured */
1134 sfp = open_socket(lsa);
1135 if (server.protocol == P_HTTPS)
1136 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1138 /* ssl (https) support is not configured */
1139 sfp = open_socket(lsa);
1141 /* Send HTTP request */
1143 SENDFMT(sfp, "GET %s://%s/%s HTTP/1.1\r\n",
1144 target.protocol, target.host,
1147 SENDFMT(sfp, "%s /%s HTTP/1.1\r\n",
1148 (option_mask32 & WGET_OPT_POST_DATA) ? "POST" : "GET",
1151 if (!USR_HEADER_HOST)
1152 SENDFMT(sfp, "Host: %s\r\n", target.host);
1153 if (!USR_HEADER_USER_AGENT)
1154 SENDFMT(sfp, "User-Agent: %s\r\n", G.user_agent);
1156 /* Ask server to close the connection as soon as we are done
1157 * (IOW: we do not intend to send more requests)
1159 SENDFMT(sfp, "Connection: close\r\n");
1161 #if ENABLE_FEATURE_WGET_AUTHENTICATION
1162 if (target.user && !USR_HEADER_AUTH) {
1163 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n"+6,
1164 base64enc(target.user));
1166 if (use_proxy && server.user && !USR_HEADER_PROXY_AUTH) {
1167 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n",
1168 base64enc(server.user));
1172 if (G.beg_range != 0 && !USR_HEADER_RANGE)
1173 SENDFMT(sfp, "Range: bytes=%"OFF_FMT"u-\r\n", G.beg_range);
1175 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1176 if (G.extra_headers) {
1177 log_io(G.extra_headers);
1178 fputs(G.extra_headers, sfp);
1181 if (option_mask32 & WGET_OPT_POST_DATA) {
1183 "Content-Type: application/x-www-form-urlencoded\r\n"
1184 "Content-Length: %u\r\n"
1187 (int) strlen(G.post_data), G.post_data
1192 SENDFMT(sfp, "\r\n");
1197 /* Tried doing this unconditionally.
1198 * Cloudflare and nginx/1.11.5 are shocked to see SHUT_WR on non-HTTPS.
1201 if (target.protocol == P_HTTPS) {
1202 /* If we use SSL helper, keeping our end of the socket open for writing
1203 * makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
1204 * even after child closes its copy of the fd.
1207 shutdown(fileno(sfp), SHUT_WR);
1212 * Retrieve HTTP response line and check for "200" status code.
1215 fgets_trim_sanitize(sfp, " %s\n");
1218 str = skip_non_whitespace(str);
1219 str = skip_whitespace(str);
1220 // FIXME: no error check
1221 // xatou wouldn't work: "200 OK"
1226 while (get_sanitized_hdr(sfp) != NULL)
1227 /* eat all remaining headers */;
1230 /* Success responses */
1233 case 201: /* 201 Created */
1234 /* "The request has been fulfilled and resulted in a new resource being created" */
1235 /* Standard wget is reported to treat this as success */
1237 case 202: /* 202 Accepted */
1238 /* "The request has been accepted for processing, but the processing has not been completed" */
1239 /* Treat as success: fall through */
1240 case 203: /* 203 Non-Authoritative Information */
1241 /* "Use of this response code is not required and is only appropriate when the response would otherwise be 200 (OK)" */
1243 case 204: /* 204 No Content */
1245 Response 204 doesn't say "null file", it says "metadata
1246 has changed but data didn't":
1248 "10.2.5 204 No Content
1249 The server has fulfilled the request but does not need to return
1250 an entity-body, and might want to return updated metainformation.
1251 The response MAY include new or updated metainformation in the form
1252 of entity-headers, which if present SHOULD be associated with
1253 the requested variant.
1255 If the client is a user agent, it SHOULD NOT change its document
1256 view from that which caused the request to be sent. This response
1257 is primarily intended to allow input for actions to take place
1258 without causing a change to the user agent's active document view,
1259 although any new or updated metainformation SHOULD be applied
1260 to the document currently in the user agent's active view.
1262 The 204 response MUST NOT include a message-body, and thus
1263 is always terminated by the first empty line after the header fields."
1265 However, in real world it was observed that some web servers
1266 (e.g. Boa/0.94.14rc21) simply use code 204 when file size is zero.
1268 if (G.beg_range != 0) {
1269 /* "Range:..." was not honored by the server.
1270 * Restart download from the beginning.
1272 reset_beg_range_to_zero();
1275 /* 205 Reset Content ?? what to do on this ?? */
1277 case 300: /* redirection */
1283 case 206: /* Partial Content */
1284 if (G.beg_range != 0)
1285 /* "Range:..." worked. Good. */
1287 /* Partial Content even though we did not ask for it??? */
1290 bb_error_msg_and_die("server returned error: %s", G.wget_buf);
1294 * Retrieve HTTP headers.
1296 while ((str = get_sanitized_hdr(sfp)) != NULL) {
1297 static const char keywords[] ALIGN1 =
1298 "content-length\0""transfer-encoding\0""location\0";
1300 KEY_content_length = 1, KEY_transfer_encoding, KEY_location
1304 /* get_sanitized_hdr converted "FOO:" string to lowercase */
1306 /* strip trailing whitespace */
1307 char *s = strchrnul(str, '\0') - 1;
1308 while (s >= str && (*s == ' ' || *s == '\t')) {
1312 key = index_in_strings(keywords, G.wget_buf) + 1;
1313 if (key == KEY_content_length) {
1314 G.content_len = BB_STRTOOFF(str, NULL, 10);
1315 if (G.content_len < 0 || errno) {
1316 bb_error_msg_and_die("content-length %s is garbage", str);
1321 if (key == KEY_transfer_encoding) {
1322 if (strcmp(str_tolower(str), "chunked") != 0)
1323 bb_error_msg_and_die("transfer encoding '%s' is not supported", str);
1326 if (key == KEY_location && status >= 300) {
1327 if (--redir_limit == 0)
1328 bb_error_msg_and_die("too many redirections");
1330 if (str[0] == '/') {
1331 free(redirected_path);
1332 target.path = redirected_path = xstrdup(str + 1);
1333 /* lsa stays the same: it's on the same server */
1335 parse_url(str, &target);
1337 /* server.user remains untouched */
1338 free(server.allocated);
1339 server.allocated = NULL;
1340 server.protocol = target.protocol;
1341 server.host = target.host;
1342 /* strip_ipv6_scope_id(target.host); - no! */
1343 /* we assume remote never gives us IPv6 addr with scope id */
1344 server.port = target.port;
1347 } /* else: lsa stays the same: we use proxy */
1349 goto establish_session;
1352 // if (status >= 300)
1353 // bb_error_msg_and_die("bad redirection (no Location: header from server)");
1355 /* For HTTP, data is pumped over the same connection */
1361 sfp = prepare_ftp_session(&dfp, &target, lsa);
1366 if (!(option_mask32 & WGET_OPT_SPIDER)) {
1367 if (G.output_fd < 0)
1368 G.output_fd = xopen(G.fname_out, G.o_flags);
1369 retrieve_file_data(dfp);
1370 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1371 xclose(G.output_fd);
1377 /* It's ftp. Close data connection properly */
1379 if (ftpcmd(NULL, NULL, sfp) != 226)
1380 bb_error_msg_and_die("ftp error: %s", G.wget_buf);
1381 /* ftpcmd("QUIT", NULL, sfp); - why bother? */
1385 free(server.allocated);
1386 free(target.allocated);
1389 free(fname_out_alloc);
1390 free(redirected_path);
1393 int wget_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
1394 int wget_main(int argc UNUSED_PARAM, char **argv)
1396 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1397 static const char wget_longopts[] ALIGN1 =
1398 /* name, has_arg, val */
1399 "continue\0" No_argument "c"
1400 "quiet\0" No_argument "q"
1401 "server-response\0" No_argument "S"
1402 "output-document\0" Required_argument "O"
1403 "directory-prefix\0" Required_argument "P"
1404 "proxy\0" Required_argument "Y"
1405 "user-agent\0" Required_argument "U"
1406 IF_FEATURE_WGET_TIMEOUT(
1407 "timeout\0" Required_argument "T")
1409 IF_DESKTOP( "tries\0" Required_argument "t")
1410 "header\0" Required_argument "\xff"
1411 "post-data\0" Required_argument "\xfe"
1412 "spider\0" No_argument "\xfd"
1413 "no-check-certificate\0" No_argument "\xfc"
1414 /* Ignored (we always use PASV): */
1415 IF_DESKTOP( "passive-ftp\0" No_argument "\xf0")
1416 /* Ignored (we don't support caching) */
1417 IF_DESKTOP( "no-cache\0" No_argument "\xf0")
1418 IF_DESKTOP( "no-verbose\0" No_argument "\xf0")
1419 IF_DESKTOP( "no-clobber\0" No_argument "\xf0")
1420 IF_DESKTOP( "no-host-directories\0" No_argument "\xf0")
1421 IF_DESKTOP( "no-parent\0" No_argument "\xf0")
1423 # define GETOPT32 getopt32long
1424 # define LONGOPTS ,wget_longopts
1426 # define GETOPT32 getopt32
1430 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1431 llist_t *headers_llist = NULL;
1436 #if ENABLE_FEATURE_WGET_TIMEOUT
1437 G.timeout_seconds = 900;
1438 signal(SIGALRM, alarm_handler);
1440 G.proxy_flag = "on"; /* use proxies if env vars are set */
1441 G.user_agent = "Wget"; /* "User-Agent" header field */
1443 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1449 /* wget has exactly four -n<letter> opts, all of which we can ignore:
1450 * -nv --no-verbose: be moderately quiet (-q is full quiet)
1451 * -nc --no-clobber: abort if exists, neither download to FILE.n nor overwrite FILE
1452 * -nH --no-host-directories: wget -r http://host/ won't create host/
1454 * "n::" above says that we accept -n[ARG].
1455 * Specifying "n:" would be a bug: "-n ARG" would eat ARG!
1458 "-1" /* at least one URL */
1459 IF_FEATURE_WGET_LONG_OPTIONS(":\xff::") /* --header is a list */
1461 , &G.fname_out, &G.dir_prefix,
1462 &G.proxy_flag, &G.user_agent,
1463 IF_FEATURE_WGET_TIMEOUT(&G.timeout_seconds) IF_NOT_FEATURE_WGET_TIMEOUT(NULL),
1464 NULL, /* -t RETRIES */
1466 IF_FEATURE_WGET_LONG_OPTIONS(, &headers_llist)
1467 IF_FEATURE_WGET_LONG_OPTIONS(, &G.post_data)
1469 #if 0 /* option bits debug */
1470 if (option_mask32 & WGET_OPT_RETRIES) bb_error_msg("-t NUM");
1471 if (option_mask32 & WGET_OPT_nsomething) bb_error_msg("-nsomething");
1472 if (option_mask32 & WGET_OPT_HEADER) bb_error_msg("--header");
1473 if (option_mask32 & WGET_OPT_POST_DATA) bb_error_msg("--post-data");
1474 if (option_mask32 & WGET_OPT_SPIDER) bb_error_msg("--spider");
1475 if (option_mask32 & WGET_OPT_NO_CHECK_CERT) bb_error_msg("--no-check-certificate");
1480 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1481 if (headers_llist) {
1484 llist_t *ll = headers_llist;
1486 size += strlen(ll->data) + 2;
1489 G.extra_headers = hdr = xmalloc(size + 1);
1490 while (headers_llist) {
1494 size = sprintf(hdr, "%s\r\n",
1495 (char*)llist_pop(&headers_llist));
1496 /* a bit like index_in_substrings but don't match full key */
1498 words = wget_user_headers;
1500 if (strstr(hdr, words) == hdr) {
1501 G.user_headers |= bit;
1505 words += strlen(words) + 1;
1513 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC | O_EXCL;
1514 if (G.fname_out) { /* -O FILE ? */
1515 if (LONE_DASH(G.fname_out)) { /* -O - ? */
1517 option_mask32 &= ~WGET_OPT_CONTINUE;
1519 /* compat with wget: -O FILE can overwrite */
1520 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC;
1524 download_one_url(*argv++);
1526 if (G.output_fd >= 0)
1527 xclose(G.output_fd);
1529 #if ENABLE_FEATURE_CLEAN_UP && ENABLE_FEATURE_WGET_LONG_OPTIONS
1530 free(G.extra_headers);
1534 return EXIT_SUCCESS;