1 /* vi: set sw=4 ts=4: */
3 * wget - retrieve a file using HTTP or FTP
5 * Chip Rosenthal Covad Communications <chip@laserlink.net>
6 * Licensed under GPLv2, see file LICENSE in this source tree.
8 * Copyright (C) 2010 Bradley M. Kuhn <bkuhn@ebb.org>
9 * Kuhn's copyrights are licensed GPLv2-or-later. File as a whole remains GPLv2.
12 //config: bool "wget (35 kb)"
15 //config: wget is a utility for non-interactive download of files from HTTP
16 //config: and FTP servers.
18 //config:config FEATURE_WGET_LONG_OPTIONS
19 //config: bool "Enable long options"
21 //config: depends on WGET && LONG_OPTS
23 //config:config FEATURE_WGET_STATUSBAR
24 //config: bool "Enable progress bar (+2k)"
26 //config: depends on WGET
28 //config:config FEATURE_WGET_AUTHENTICATION
29 //config: bool "Enable HTTP authentication"
31 //config: depends on WGET
33 //config: Support authenticated HTTP transfers.
35 //config:config FEATURE_WGET_TIMEOUT
36 //config: bool "Enable timeout option -T SEC"
38 //config: depends on WGET
40 //config: Supports network read and connect timeouts for wget,
41 //config: so that wget will give up and timeout, through the -T
42 //config: command line option.
44 //config: Currently only connect and network data read timeout are
45 //config: supported (i.e., timeout is not applied to the DNS query). When
46 //config: FEATURE_WGET_LONG_OPTIONS is also enabled, the --timeout option
47 //config: will work in addition to -T.
49 //config:config FEATURE_WGET_HTTPS
50 //config: bool "Support HTTPS using internal TLS code"
51 //it also enables FTPS support, but it's not well tested yet
53 //config: depends on WGET
56 //config: wget will use internal TLS code to connect to https:// URLs.
58 //config: On NOMMU machines, ssl_helper applet should be available
59 //config: in the $PATH for this to work. Make sure to select that applet.
61 //config: Note: currently, TLS code only makes TLS I/O work, it
62 //config: does *not* check that the peer is who it claims to be, etc.
63 //config: IOW: it uses peer-supplied public keys to establish encryption
64 //config: and signing keys, then encrypts and signs outgoing data and
65 //config: decrypts incoming data.
66 //config: It does not check signature hashes on the incoming data:
67 //config: this means that attackers manipulating TCP packets can
68 //config: send altered data and we unknowingly receive garbage.
69 //config: (This check might be relatively easy to add).
70 //config: It does not check public key's certificate:
71 //config: this means that the peer may be an attacker impersonating
72 //config: the server we think we are talking to.
74 //config: If you think this is unacceptable, consider this. As more and more
75 //config: servers switch to HTTPS-only operation, without such "crippled"
76 //config: TLS code it is *impossible* to simply download a kernel source
77 //config: from kernel.org. Which can in real world translate into
78 //config: "my small automatic tooling to build cross-compilers from sources
79 //config: no longer works, I need to additionally keep a local copy
80 //config: of ~4 megabyte source tarball of a SSL library and ~2 megabyte
81 //config: source of wget, need to compile and built both before I can
82 //config: download anything. All this despite the fact that the build
83 //config: is done in a QEMU sandbox on a machine with absolutely nothing
84 //config: worth stealing, so I don't care if someone would go to a lot
85 //config: of trouble to intercept my HTTPS download to send me an altered
86 //config: kernel tarball".
88 //config: If you still think this is unacceptable, send patches.
90 //config: If you still think this is unacceptable, do not want to send
91 //config: patches, but do want to waste bandwidth expaining how wrong
92 //config: it is, you will be ignored.
94 //config:config FEATURE_WGET_OPENSSL
95 //config: bool "Try to connect to HTTPS using openssl"
97 //config: depends on WGET
99 //config: Try to use openssl to handle HTTPS.
101 //config: OpenSSL has a simple SSL client for debug purposes.
102 //config: If you select this option, wget will effectively run:
103 //config: "openssl s_client -quiet -connect hostname:443
104 //config: -servername hostname 2>/dev/null" and pipe its data
105 //config: through it. -servername is not used if hostname is numeric.
106 //config: Note inconvenient API: host resolution is done twice,
107 //config: and there is no guarantee openssl's idea of IPv6 address
108 //config: format is the same as ours.
109 //config: Another problem is that s_client prints debug information
110 //config: to stderr, and it needs to be suppressed. This means
111 //config: all error messages get suppressed too.
112 //config: openssl is also a big binary, often dynamically linked
113 //config: against ~15 libraries.
115 //config: If openssl can't be executed, internal TLS code will be used
116 //config: (if you enabled it); if openssl can be executed but fails later,
117 //config: wget can't detect this, and download will fail.
119 //applet:IF_WGET(APPLET(wget, BB_DIR_USR_BIN, BB_SUID_DROP))
121 //kbuild:lib-$(CONFIG_WGET) += wget.o
123 //usage:#define wget_trivial_usage
124 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
125 //usage: "[-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]\n"
126 //usage: " [--header 'header: value'] [-Y|--proxy on/off] [-P DIR]\n"
127 /* Since we ignore these opts, we don't show them in --help */
128 /* //usage: " [--no-check-certificate] [--no-cache] [--passive-ftp] [-t TRIES]" */
129 /* //usage: " [-nv] [-nc] [-nH] [-np]" */
130 //usage: " [-S|--server-response] [-U|--user-agent AGENT]" IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
132 //usage: IF_NOT_FEATURE_WGET_LONG_OPTIONS(
133 //usage: "[-cq] [-O FILE] [-Y on/off] [-P DIR] [-S] [-U AGENT]"
134 //usage: IF_FEATURE_WGET_TIMEOUT(" [-T SEC]") " URL..."
136 //usage:#define wget_full_usage "\n\n"
137 //usage: "Retrieve files via HTTP or FTP\n"
138 //usage: IF_FEATURE_WGET_LONG_OPTIONS(
139 //usage: "\n --spider Only check URL existence: $? is 0 if exists"
141 //usage: "\n -c Continue retrieval of aborted transfer"
142 //usage: "\n -q Quiet"
143 //usage: "\n -P DIR Save to DIR (default .)"
144 //usage: "\n -S Show server response"
145 //usage: IF_FEATURE_WGET_TIMEOUT(
146 //usage: "\n -T SEC Network read timeout is SEC seconds"
148 //usage: "\n -O FILE Save to FILE ('-' for stdout)"
149 //usage: "\n -U STR Use STR for User-Agent header"
150 //usage: "\n -Y on/off Use proxy"
155 # define log_io(...) bb_error_msg(__VA_ARGS__)
156 # define SENDFMT(fp, fmt, ...) \
158 log_io("> " fmt, ##__VA_ARGS__); \
159 fprintf(fp, fmt, ##__VA_ARGS__); \
162 # define log_io(...) ((void)0)
163 # define SENDFMT(fp, fmt, ...) fprintf(fp, fmt, ##__VA_ARGS__)
167 #define SSL_SUPPORTED (ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_HTTPS)
173 const char *protocol;
177 static const char P_FTP[] ALIGN1 = "ftp";
178 static const char P_HTTP[] ALIGN1 = "http";
180 # if ENABLE_FEATURE_WGET_HTTPS
181 static const char P_FTPS[] ALIGN1 = "ftps";
183 static const char P_HTTPS[] ALIGN1 = "https";
186 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
187 /* User-specified headers prevent using our corresponding built-in headers. */
190 HDR_USER_AGENT = (1<<1),
192 HDR_AUTH = (1<<3) * ENABLE_FEATURE_WGET_AUTHENTICATION,
193 HDR_PROXY_AUTH = (1<<4) * ENABLE_FEATURE_WGET_AUTHENTICATION,
195 static const char wget_user_headers[] ALIGN1 =
199 # if ENABLE_FEATURE_WGET_AUTHENTICATION
201 "Proxy-Authorization:\0"
204 # define USR_HEADER_HOST (G.user_headers & HDR_HOST)
205 # define USR_HEADER_USER_AGENT (G.user_headers & HDR_USER_AGENT)
206 # define USR_HEADER_RANGE (G.user_headers & HDR_RANGE)
207 # define USR_HEADER_AUTH (G.user_headers & HDR_AUTH)
208 # define USR_HEADER_PROXY_AUTH (G.user_headers & HDR_PROXY_AUTH)
209 #else /* No long options, no user-headers :( */
210 # define USR_HEADER_HOST 0
211 # define USR_HEADER_USER_AGENT 0
212 # define USR_HEADER_RANGE 0
213 # define USR_HEADER_AUTH 0
214 # define USR_HEADER_PROXY_AUTH 0
219 off_t content_len; /* Content-length of the file */
220 off_t beg_range; /* Range at which continue begins */
221 #if ENABLE_FEATURE_WGET_STATUSBAR
222 off_t transferred; /* Number of bytes transferred so far */
223 const char *curfile; /* Name of current file being transferred */
227 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
230 unsigned char user_headers; /* Headers mentioned by the user */
232 char *fname_out; /* where to direct output (-O) */
233 const char *proxy_flag; /* Use proxies if env vars are set */
234 const char *user_agent; /* "User-Agent" header field */
235 #if ENABLE_FEATURE_WGET_TIMEOUT
236 unsigned timeout_seconds;
237 bool die_if_timed_out;
241 smallint chunked; /* chunked transfer encoding */
242 smallint got_clen; /* got content-length: from server */
243 /* Local downloads do benefit from big buffer.
244 * With 512 byte buffer, it was measured to be
245 * an order of magnitude slower than with big one.
247 uint64_t just_to_align_next_member;
248 char wget_buf[CONFIG_FEATURE_COPYBUF_KB*1024];
250 #define G (*ptr_to_globals)
251 #define INIT_G() do { \
252 SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \
254 #define FINI_G() do { \
255 FREE_PTR_TO_GLOBALS(); \
259 /* Must match option string! */
261 WGET_OPT_CONTINUE = (1 << 0),
262 WGET_OPT_QUIET = (1 << 1),
263 WGET_OPT_SERVER_RESPONSE = (1 << 2),
264 WGET_OPT_OUTNAME = (1 << 3),
265 WGET_OPT_PREFIX = (1 << 4),
266 WGET_OPT_PROXY = (1 << 5),
267 WGET_OPT_USER_AGENT = (1 << 6),
268 WGET_OPT_NETWORK_READ_TIMEOUT = (1 << 7),
269 WGET_OPT_RETRIES = (1 << 8),
270 WGET_OPT_nsomething = (1 << 9),
271 WGET_OPT_HEADER = (1 << 10) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
272 WGET_OPT_POST_DATA = (1 << 11) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
273 WGET_OPT_SPIDER = (1 << 12) * ENABLE_FEATURE_WGET_LONG_OPTIONS,
281 #if ENABLE_FEATURE_WGET_STATUSBAR
282 static void progress_meter(int flag)
284 if (option_mask32 & WGET_OPT_QUIET)
287 if (flag == PROGRESS_START)
288 bb_progress_init(&G.pmt, G.curfile);
290 bb_progress_update(&G.pmt,
293 (G.chunked || !G.got_clen) ? 0 : G.beg_range + G.transferred + G.content_len
296 if (flag == PROGRESS_END) {
297 bb_progress_free(&G.pmt);
298 bb_putchar_stderr('\n');
303 static ALWAYS_INLINE void progress_meter(int flag UNUSED_PARAM) { }
307 /* IPv6 knows scoped address types i.e. link and site local addresses. Link
308 * local addresses can have a scope identifier to specify the
309 * interface/link an address is valid on (e.g. fe80::1%eth0). This scope
310 * identifier is only valid on a single node.
312 * RFC 4007 says that the scope identifier MUST NOT be sent across the wire,
313 * unless all nodes agree on the semantic. Apache e.g. regards zone identifiers
314 * in the Host header as invalid requests, see
315 * https://issues.apache.org/bugzilla/show_bug.cgi?id=35122
317 static void strip_ipv6_scope_id(char *host)
321 /* bbox wget actually handles IPv6 addresses without [], like
322 * wget "http://::1/xxx", but this is not standard.
323 * To save code, _here_ we do not support it. */
326 return; /* not IPv6 */
328 scope = strchr(host, '%');
332 /* Remove the IPv6 zone identifier from the host address */
333 cp = strchr(host, ']');
334 if (!cp || (cp[1] != ':' && cp[1] != '\0')) {
335 /* malformed address (not "[xx]:nn" or "[xx]") */
339 /* cp points to "]...", scope points to "%eth0]..." */
340 overlapping_strcpy(scope, cp);
343 #if ENABLE_FEATURE_WGET_AUTHENTICATION
344 /* Base64-encode character string. */
345 static char *base64enc(const char *str)
347 unsigned len = strlen(str);
348 if (len > sizeof(G.wget_buf)/4*3 - 10) /* paranoia */
349 len = sizeof(G.wget_buf)/4*3 - 10;
350 bb_uuencode(G.wget_buf, str, len, bb_uuenc_tbl_base64);
355 #if ENABLE_FEATURE_WGET_TIMEOUT
356 static void alarm_handler(int sig UNUSED_PARAM)
358 /* This is theoretically unsafe (uses stdio and malloc in signal handler) */
359 if (G.die_if_timed_out)
360 bb_error_msg_and_die("download timed out");
362 static void set_alarm(void)
364 if (G.timeout_seconds) {
365 alarm(G.timeout_seconds);
366 G.die_if_timed_out = 1;
369 # define clear_alarm() ((void)(G.die_if_timed_out = 0))
371 # define set_alarm() ((void)0)
372 # define clear_alarm() ((void)0)
375 #if ENABLE_FEATURE_WGET_OPENSSL
377 * is_ip_address() attempts to verify whether or not a string
378 * contains an IPv4 or IPv6 address (vs. an FQDN). The result
379 * of inet_pton() can be used to determine this.
381 * TODO add proper error checking when inet_pton() returns -1
382 * (some form of system error has occurred, and errno is set)
384 static int is_ip_address(const char *string)
386 struct sockaddr_in sa;
388 int result = inet_pton(AF_INET, string, &(sa.sin_addr));
389 # if ENABLE_FEATURE_IPV6
391 struct sockaddr_in6 sa6;
392 result = inet_pton(AF_INET6, string, &(sa6.sin6_addr));
395 return (result == 1);
399 static FILE *open_socket(len_and_sockaddr *lsa)
405 fd = xconnect_stream(lsa);
408 /* glibc 2.4 seems to try seeking on it - ??! */
409 /* hopefully it understands what ESPIPE means... */
410 fp = fdopen(fd, "r+");
412 bb_perror_msg_and_die(bb_msg_memory_exhausted);
417 /* We balk at any control chars in other side's messages.
418 * This prevents nasty surprises (e.g. ESC sequences) in "Location:" URLs
419 * and error messages.
421 * The only exception is tabs, which are converted to (one) space:
422 * HTTP's "headers: <whitespace> values" may have those.
424 static char* sanitize_string(char *s)
426 unsigned char *p = (void *) s;
439 /* Returns '\n' if it was seen, else '\0'. Trims at first '\r' or '\n' */
440 static char fgets_trim_sanitize(FILE *fp, const char *fmt)
446 if (fgets(G.wget_buf, sizeof(G.wget_buf), fp) == NULL)
447 bb_perror_msg_and_die("error getting response");
450 buf_ptr = strchrnul(G.wget_buf, '\n');
453 /* Disallow any control chars: trim at first char < 0x20 */
454 sanitize_string(G.wget_buf);
457 buf_ptr = strchrnul(G.wget_buf, '\r');
461 log_io("< %s", G.wget_buf);
463 if (fmt && (option_mask32 & WGET_OPT_SERVER_RESPONSE))
464 fprintf(stderr, fmt, G.wget_buf);
469 static int ftpcmd(const char *s1, const char *s2, FILE *fp)
475 fprintf(fp, "%s%s\r\n", s1, s2);
476 /* With --server-response, wget also shows its ftp commands */
477 if (option_mask32 & WGET_OPT_SERVER_RESPONSE)
478 fprintf(stderr, "--> %s%s\n\n", s1, s2);
480 log_io("> %s%s", s1, s2);
483 /* Read until "Nxx something" is received */
486 fgets_trim_sanitize(fp, "%s\n");
487 } while (!isdigit(G.wget_buf[0]) || G.wget_buf[3] != ' ');
489 G.wget_buf[3] = '\0';
490 result = xatoi_positive(G.wget_buf);
495 static void parse_url(const char *src_url, struct host_info *h)
500 h->allocated = url = xstrdup(src_url);
503 p = strstr(url, "://");
507 if (strcmp(url, P_FTP) == 0) {
508 h->port = bb_lookup_port(P_FTP, "tcp", 21);
511 # if ENABLE_FEATURE_WGET_HTTPS
512 if (strcmp(url, P_FTPS) == 0) {
513 h->port = bb_lookup_port(P_FTPS, "tcp", 990);
514 h->protocol = P_FTPS;
517 if (strcmp(url, P_HTTPS) == 0) {
518 h->port = bb_lookup_port(P_HTTPS, "tcp", 443);
519 h->protocol = P_HTTPS;
522 if (strcmp(url, P_HTTP) == 0) {
524 h->port = bb_lookup_port(P_HTTP, "tcp", 80);
525 h->protocol = P_HTTP;
528 bb_error_msg_and_die("not an http or ftp url: %s", url);
531 // GNU wget is user-friendly and falls back to http://
537 // "Real" wget 'http://busybox.net?var=a/b' sends this request:
538 // 'GET /?var=a/b HTTP/1.0'
539 // and saves 'index.html?var=a%2Fb' (we save 'b')
540 // wget 'http://busybox.net?login=john@doe':
541 // request: 'GET /?login=john@doe HTTP/1.0'
542 // saves: 'index.html?login=john@doe' (we save '?login=john@doe')
543 // wget 'http://busybox.net#test/test':
544 // request: 'GET / HTTP/1.0'
545 // saves: 'index.html' (we save 'test')
547 // We also don't add unique .N suffix if file exists...
548 sp = strchr(h->host, '/');
549 p = strchr(h->host, '?'); if (!sp || (p && sp > p)) sp = p;
550 p = strchr(h->host, '#'); if (!sp || (p && sp > p)) sp = p;
553 } else if (*sp == '/') {
556 } else { // '#' or '?'
557 // http://busybox.net?login=john@doe is a valid URL
558 // memmove converts to:
559 // http:/busybox.nett?login=john@doe...
560 memmove(h->host - 1, h->host, sp - h->host);
566 sp = strrchr(h->host, '@');
568 // URL-decode "user:password" string before base64-encoding:
569 // wget http://test:my%20pass@example.com should send
570 // Authorization: Basic dGVzdDpteSBwYXNz
571 // which decodes to "test:my pass".
572 // Standard wget and curl do this too.
575 h->user = xstrdup(percent_decode_in_place(h->host, /*strict:*/ 0));
578 /* else: h->user remains NULL, or as set by original request
579 * before redirect (if we are here after a redirect).
583 static char *get_sanitized_hdr(FILE *fp)
588 /* retrieve header line */
589 c = fgets_trim_sanitize(fp, " %s\n");
591 /* end of the headers? */
592 if (G.wget_buf[0] == '\0')
595 /* convert the header name to lower case */
596 for (s = G.wget_buf; isalnum(*s) || *s == '-' || *s == '.' || *s == '_'; ++s) {
598 * No-op for 20-3f and 60-7f. "0-9a-z-." are in these ranges.
599 * 40-5f range ("@A-Z[\]^_") maps to 60-7f.
600 * "A-Z" maps to "a-z".
601 * "@[\]" can't occur in header names.
602 * "^_" maps to "~,DEL" (which is wrong).
603 * "^" was never seen yet, "_" was seen from web.archive.org
604 * (x-archive-orig-x_commoncrawl_Signature: HEXSTRING).
609 /* verify we are at the end of the header name */
611 bb_error_msg_and_die("bad header line: %s", G.wget_buf);
613 /* locate the start of the header value */
615 hdrval = skip_whitespace(s);
618 /* Rats! The buffer isn't big enough to hold the entire header value */
619 while (c = getc(fp), c != EOF && c != '\n')
626 static void reset_beg_range_to_zero(void)
628 bb_error_msg("restart failed");
630 xlseek(G.output_fd, 0, SEEK_SET);
631 /* Done at the end instead: */
632 /* ftruncate(G.output_fd, 0); */
635 #if ENABLE_FEATURE_WGET_OPENSSL
636 static int spawn_https_helper_openssl(const char *host, unsigned port)
638 char *allocated = NULL;
642 IF_FEATURE_WGET_HTTPS(volatile int child_failed = 0;)
644 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
645 /* Kernel can have AF_UNIX support disabled */
646 bb_perror_msg_and_die("socketpair");
648 if (!strchr(host, ':'))
649 host = allocated = xasprintf("%s:%u", host, port);
650 servername = xstrdup(host);
651 strrchr(servername, ':')[0] = '\0';
663 * openssl s_client -quiet -connect www.kernel.org:443 2>/dev/null
664 * It prints some debug stuff on stderr, don't know how to suppress it.
665 * Work around by dev-nulling stderr. We lose all error messages :(
668 xopen("/dev/null", O_RDWR);
669 memset(&argv, 0, sizeof(argv));
670 argv[0] = (char*)"openssl";
671 argv[1] = (char*)"s_client";
672 argv[2] = (char*)"-quiet";
673 argv[3] = (char*)"-connect";
674 argv[4] = (char*)host;
676 * Per RFC 6066 Section 3, the only permitted values in the
677 * TLS server_name (SNI) field are FQDNs (DNS hostnames).
678 * IPv4 and IPv6 addresses, port numbers are not allowed.
680 if (!is_ip_address(servername)) {
681 argv[5] = (char*)"-servername";
682 argv[6] = (char*)servername;
685 BB_EXECVP(argv[0], argv);
687 # if ENABLE_FEATURE_WGET_HTTPS
691 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
700 # if ENABLE_FEATURE_WGET_HTTPS
710 #if ENABLE_FEATURE_WGET_HTTPS
711 static void spawn_ssl_client(const char *host, int network_fd, int flags)
715 char *servername, *p;
717 servername = xstrdup(host);
718 p = strrchr(servername, ':');
721 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
722 /* Kernel can have AF_UNIX support disabled */
723 bb_perror_msg_and_die("socketpair");
726 pid = BB_MMU ? xfork() : xvfork();
733 tls_state_t *tls = new_tls_state();
734 tls->ifd = tls->ofd = network_fd;
735 tls_handshake(tls, servername);
736 tls_run_copy_loop(tls, flags);
741 xmove_fd(network_fd, 3);
742 argv[0] = (char*)"ssl_client";
743 argv[1] = (char*)"-s3";
744 //TODO: if (!is_ip_address(servername))...
745 argv[2] = (char*)"-n";
746 argv[3] = servername;
747 argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL);
749 BB_EXECVP(argv[0], argv);
750 bb_perror_msg_and_die("can't execute '%s'", argv[0]);
758 xmove_fd(sp[0], network_fd);
762 static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_sockaddr *lsa)
769 target->user = xstrdup("anonymous:busybox@");
771 sfp = open_socket(lsa);
772 #if ENABLE_FEATURE_WGET_HTTPS
773 if (target->protocol == P_FTPS)
774 spawn_ssl_client(target->host, fileno(sfp), TLSLOOP_EXIT_ON_LOCAL_EOF);
777 if (ftpcmd(NULL, NULL, sfp) != 220)
778 bb_error_msg_and_die("%s", G.wget_buf);
779 /* note: ftpcmd() sanitizes G.wget_buf, ok to print */
782 * Splitting username:password pair,
785 str = strchr(target->user, ':');
788 switch (ftpcmd("USER ", target->user, sfp)) {
792 if (ftpcmd("PASS ", str, sfp) == 230)
794 /* fall through (failed login) */
796 bb_error_msg_and_die("ftp login: %s", G.wget_buf);
799 ftpcmd("TYPE I", NULL, sfp);
804 if (ftpcmd("SIZE ", target->path, sfp) == 213) {
805 G.content_len = BB_STRTOOFF(G.wget_buf + 4, NULL, 10);
806 if (G.content_len < 0 || errno) {
807 bb_error_msg_and_die("SIZE value is garbage");
813 * Entering passive mode
815 if (ENABLE_FEATURE_IPV6 && ftpcmd("EPSV", NULL, sfp) == 229) {
818 if (ftpcmd("PASV", NULL, sfp) != 227) {
820 bb_error_msg_and_die("bad response to %s: %s", "PASV", G.wget_buf);
822 port = parse_pasv_epsv(G.wget_buf);
826 set_nport(&lsa->u.sa, htons(port));
828 *dfpp = open_socket(lsa);
830 #if ENABLE_FEATURE_WGET_HTTPS
831 if (target->protocol == P_FTPS) {
832 /* "PROT P" enables encryption of data stream.
833 * Without it (or with "PROT C"), data is sent unencrypted.
835 if (ftpcmd("PROT P", NULL, sfp) == 200)
836 spawn_ssl_client(target->host, fileno(*dfpp), /*flags*/ 0);
840 if (G.beg_range != 0) {
841 sprintf(G.wget_buf, "REST %"OFF_FMT"u", G.beg_range);
842 if (ftpcmd(G.wget_buf, NULL, sfp) == 350)
843 G.content_len -= G.beg_range;
845 reset_beg_range_to_zero();
848 //TODO: needs ftp-escaping 0xff and '\n' bytes here.
849 //Or disallow '\n' altogether via sanitize_string() in parse_url().
850 //But 0xff's are possible in valid utf8 filenames.
851 if (ftpcmd("RETR ", target->path, sfp) > 150)
852 bb_error_msg_and_die("bad response to %s: %s", "RETR", G.wget_buf);
857 static void NOINLINE retrieve_file_data(FILE *dfp)
859 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
860 # if ENABLE_FEATURE_WGET_TIMEOUT
861 unsigned second_cnt = G.timeout_seconds;
863 struct pollfd polldata;
865 polldata.fd = fileno(dfp);
866 polldata.events = POLLIN | POLLPRI;
868 progress_meter(PROGRESS_START);
873 /* Loops only if chunked */
876 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
877 /* Must use nonblocking I/O, otherwise fread will loop
878 * and *block* until it reads full buffer,
879 * which messes up progress bar and/or timeout logic.
880 * Because of nonblocking I/O, we need to dance
881 * very carefully around EAGAIN. See explanation at
884 ndelay_on(polldata.fd);
890 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
891 /* fread internally uses read loop, which in our case
892 * is usually exited when we get EAGAIN.
893 * In this case, libc sets error marker on the stream.
894 * Need to clear it before next fread to avoid possible
895 * rare false positive ferror below. Rare because usually
896 * fread gets more than zero bytes, and we don't fall
897 * into if (n <= 0) ...
902 rdsz = sizeof(G.wget_buf);
904 if (G.content_len < (off_t)sizeof(G.wget_buf)) {
905 if ((int)G.content_len <= 0)
907 rdsz = (unsigned)G.content_len;
910 n = fread(G.wget_buf, 1, rdsz, dfp);
913 xwrite(G.output_fd, G.wget_buf, n);
914 #if ENABLE_FEATURE_WGET_STATUSBAR
919 if (G.content_len == 0)
922 #if ENABLE_FEATURE_WGET_TIMEOUT
923 second_cnt = G.timeout_seconds;
930 * If error occurs, or EOF is reached, the return value
931 * is a short item count (or zero).
932 * fread does not distinguish between EOF and error.
934 if (errno != EAGAIN) {
936 progress_meter(PROGRESS_END);
937 bb_perror_msg_and_die(bb_msg_read_error);
939 break; /* EOF, not error */
942 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
943 /* It was EAGAIN. There is no data. Wait up to one second
944 * then abort if timed out, or update the bar and try reading again.
946 if (safe_poll(&polldata, 1, 1000) == 0) {
947 # if ENABLE_FEATURE_WGET_TIMEOUT
948 if (second_cnt != 0 && --second_cnt == 0) {
949 progress_meter(PROGRESS_END);
950 bb_error_msg_and_die("download timed out");
953 /* We used to loop back to poll here,
954 * but there is no great harm in letting fread
955 * to try reading anyway.
960 /* Need to do it _every_ second for "stalled" indicator
961 * to be shown properly.
963 progress_meter(PROGRESS_BUMP);
964 } /* while (reading data) */
966 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
968 ndelay_off(polldata.fd); /* else fgets can get very unhappy */
973 fgets_trim_sanitize(dfp, NULL); /* Eat empty line */
975 fgets_trim_sanitize(dfp, NULL);
976 G.content_len = STRTOOFF(G.wget_buf, NULL, 16);
977 /* FIXME: error check? */
978 if (G.content_len == 0)
979 break; /* all done! */
982 * Note that fgets may result in some data being buffered in dfp.
983 * We loop back to fread, which will retrieve this data.
984 * Also note that code has to be arranged so that fread
985 * is done _before_ one-second poll wait - poll doesn't know
986 * about stdio buffering and can result in spurious one second waits!
990 /* If -c failed, we restart from the beginning,
991 * but we do not truncate file then, we do it only now, at the end.
992 * This lets user to ^C if his 99% complete 10 GB file download
993 * failed to restart *without* losing the almost complete file.
996 off_t pos = lseek(G.output_fd, 0, SEEK_CUR);
997 if (pos != (off_t)-1)
998 ftruncate(G.output_fd, pos);
1001 /* Draw full bar and free its resources */
1002 G.chunked = 0; /* makes it show 100% even for chunked download */
1003 G.got_clen = 1; /* makes it show 100% even for download of (formerly) unknown size */
1004 progress_meter(PROGRESS_END);
1007 static void download_one_url(const char *url)
1009 bool use_proxy; /* Use proxies if env vars are set */
1011 len_and_sockaddr *lsa;
1012 FILE *sfp; /* socket to web/ftp server */
1013 FILE *dfp; /* socket to ftp server (data) */
1014 char *fname_out_alloc;
1015 char *redirected_path = NULL;
1016 struct host_info server;
1017 struct host_info target;
1019 server.allocated = NULL;
1020 target.allocated = NULL;
1024 parse_url(url, &target);
1026 /* Use the proxy if necessary */
1027 use_proxy = (strcmp(G.proxy_flag, "off") != 0);
1029 char *proxy = getenv(target.protocol[0] == 'f' ? "ftp_proxy" : "http_proxy");
1030 //FIXME: what if protocol is https? Ok to use http_proxy?
1031 use_proxy = (proxy && proxy[0]);
1033 parse_url(proxy, &server);
1036 server.protocol = target.protocol;
1037 server.port = target.port;
1038 if (ENABLE_FEATURE_IPV6) {
1039 //free(server.allocated); - can't be non-NULL
1040 server.host = server.allocated = xstrdup(target.host);
1042 server.host = target.host;
1046 if (ENABLE_FEATURE_IPV6)
1047 strip_ipv6_scope_id(target.host);
1049 /* If there was no -O FILE, guess output filename */
1050 fname_out_alloc = NULL;
1051 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1052 G.fname_out = bb_get_last_path_component_nostrip(target.path);
1053 /* handle "wget http://kernel.org//" */
1054 if (G.fname_out[0] == '/' || !G.fname_out[0])
1055 G.fname_out = (char*)"index.html";
1056 /* -P DIR is considered only if there was no -O FILE */
1058 G.fname_out = fname_out_alloc = concat_path_file(G.dir_prefix, G.fname_out);
1060 /* redirects may free target.path later, need to make a copy */
1061 G.fname_out = fname_out_alloc = xstrdup(G.fname_out);
1064 #if ENABLE_FEATURE_WGET_STATUSBAR
1065 G.curfile = bb_get_last_path_component_nostrip(G.fname_out);
1068 /* Determine where to start transfer */
1070 if (option_mask32 & WGET_OPT_CONTINUE) {
1071 G.output_fd = open(G.fname_out, O_WRONLY);
1072 if (G.output_fd >= 0) {
1073 G.beg_range = xlseek(G.output_fd, 0, SEEK_END);
1075 /* File doesn't exist. We do not create file here yet.
1076 * We are not sure it exists on remote side */
1081 lsa = xhost2sockaddr(server.host, server.port);
1082 if (!(option_mask32 & WGET_OPT_QUIET)) {
1083 char *s = xmalloc_sockaddr2dotted(&lsa->u.sa);
1084 fprintf(stderr, "Connecting to %s (%s)\n", server.host, s);
1088 /*G.content_len = 0; - redundant, got_clen = 0 is enough */
1091 if (use_proxy || target.protocol[0] != 'f' /*not ftp[s]*/) {
1098 /* Open socket to http(s) server */
1099 #if ENABLE_FEATURE_WGET_OPENSSL
1100 /* openssl (and maybe internal TLS) support is configured */
1101 if (server.protocol == P_HTTPS) {
1102 /* openssl-based helper
1103 * Inconvenient API since we can't give it an open fd
1105 int fd = spawn_https_helper_openssl(server.host, server.port);
1106 # if ENABLE_FEATURE_WGET_HTTPS
1107 if (fd < 0) { /* no openssl? try internal */
1108 sfp = open_socket(lsa);
1109 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1113 /* We don't check for exec("openssl") failure in this case */
1115 sfp = fdopen(fd, "r+");
1117 bb_perror_msg_and_die(bb_msg_memory_exhausted);
1120 sfp = open_socket(lsa);
1122 #elif ENABLE_FEATURE_WGET_HTTPS
1123 /* Only internal TLS support is configured */
1124 sfp = open_socket(lsa);
1125 if (server.protocol == P_HTTPS)
1126 spawn_ssl_client(server.host, fileno(sfp), /*flags*/ 0);
1128 /* ssl (https) support is not configured */
1129 sfp = open_socket(lsa);
1131 /* Send HTTP request */
1133 SENDFMT(sfp, "GET %s://%s/%s HTTP/1.1\r\n",
1134 target.protocol, target.host,
1137 SENDFMT(sfp, "%s /%s HTTP/1.1\r\n",
1138 (option_mask32 & WGET_OPT_POST_DATA) ? "POST" : "GET",
1141 if (!USR_HEADER_HOST)
1142 SENDFMT(sfp, "Host: %s\r\n", target.host);
1143 if (!USR_HEADER_USER_AGENT)
1144 SENDFMT(sfp, "User-Agent: %s\r\n", G.user_agent);
1146 /* Ask server to close the connection as soon as we are done
1147 * (IOW: we do not intend to send more requests)
1149 SENDFMT(sfp, "Connection: close\r\n");
1151 #if ENABLE_FEATURE_WGET_AUTHENTICATION
1152 if (target.user && !USR_HEADER_AUTH) {
1153 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n"+6,
1154 base64enc(target.user));
1156 if (use_proxy && server.user && !USR_HEADER_PROXY_AUTH) {
1157 SENDFMT(sfp, "Proxy-Authorization: Basic %s\r\n",
1158 base64enc(server.user));
1162 if (G.beg_range != 0 && !USR_HEADER_RANGE)
1163 SENDFMT(sfp, "Range: bytes=%"OFF_FMT"u-\r\n", G.beg_range);
1165 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1166 if (G.extra_headers) {
1167 log_io(G.extra_headers);
1168 fputs(G.extra_headers, sfp);
1171 if (option_mask32 & WGET_OPT_POST_DATA) {
1173 "Content-Type: application/x-www-form-urlencoded\r\n"
1174 "Content-Length: %u\r\n"
1177 (int) strlen(G.post_data), G.post_data
1182 SENDFMT(sfp, "\r\n");
1187 /* Tried doing this unconditionally.
1188 * Cloudflare and nginx/1.11.5 are shocked to see SHUT_WR on non-HTTPS.
1191 if (target.protocol == P_HTTPS) {
1192 /* If we use SSL helper, keeping our end of the socket open for writing
1193 * makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
1194 * even after child closes its copy of the fd.
1197 shutdown(fileno(sfp), SHUT_WR);
1202 * Retrieve HTTP response line and check for "200" status code.
1205 fgets_trim_sanitize(sfp, " %s\n");
1208 str = skip_non_whitespace(str);
1209 str = skip_whitespace(str);
1210 // FIXME: no error check
1211 // xatou wouldn't work: "200 OK"
1216 while (get_sanitized_hdr(sfp) != NULL)
1217 /* eat all remaining headers */;
1220 /* Success responses */
1223 case 201: /* 201 Created */
1224 /* "The request has been fulfilled and resulted in a new resource being created" */
1225 /* Standard wget is reported to treat this as success */
1227 case 202: /* 202 Accepted */
1228 /* "The request has been accepted for processing, but the processing has not been completed" */
1229 /* Treat as success: fall through */
1230 case 203: /* 203 Non-Authoritative Information */
1231 /* "Use of this response code is not required and is only appropriate when the response would otherwise be 200 (OK)" */
1233 case 204: /* 204 No Content */
1235 Response 204 doesn't say "null file", it says "metadata
1236 has changed but data didn't":
1238 "10.2.5 204 No Content
1239 The server has fulfilled the request but does not need to return
1240 an entity-body, and might want to return updated metainformation.
1241 The response MAY include new or updated metainformation in the form
1242 of entity-headers, which if present SHOULD be associated with
1243 the requested variant.
1245 If the client is a user agent, it SHOULD NOT change its document
1246 view from that which caused the request to be sent. This response
1247 is primarily intended to allow input for actions to take place
1248 without causing a change to the user agent's active document view,
1249 although any new or updated metainformation SHOULD be applied
1250 to the document currently in the user agent's active view.
1252 The 204 response MUST NOT include a message-body, and thus
1253 is always terminated by the first empty line after the header fields."
1255 However, in real world it was observed that some web servers
1256 (e.g. Boa/0.94.14rc21) simply use code 204 when file size is zero.
1258 if (G.beg_range != 0) {
1259 /* "Range:..." was not honored by the server.
1260 * Restart download from the beginning.
1262 reset_beg_range_to_zero();
1265 /* 205 Reset Content ?? what to do on this ?? */
1267 case 300: /* redirection */
1273 case 206: /* Partial Content */
1274 if (G.beg_range != 0)
1275 /* "Range:..." worked. Good. */
1277 /* Partial Content even though we did not ask for it??? */
1280 bb_error_msg_and_die("server returned error: %s", G.wget_buf);
1284 * Retrieve HTTP headers.
1286 while ((str = get_sanitized_hdr(sfp)) != NULL) {
1287 static const char keywords[] ALIGN1 =
1288 "content-length\0""transfer-encoding\0""location\0";
1290 KEY_content_length = 1, KEY_transfer_encoding, KEY_location
1294 /* get_sanitized_hdr converted "FOO:" string to lowercase */
1296 /* strip trailing whitespace */
1297 char *s = strchrnul(str, '\0') - 1;
1298 while (s >= str && (*s == ' ' || *s == '\t')) {
1302 key = index_in_strings(keywords, G.wget_buf) + 1;
1303 if (key == KEY_content_length) {
1304 G.content_len = BB_STRTOOFF(str, NULL, 10);
1305 if (G.content_len < 0 || errno) {
1306 bb_error_msg_and_die("content-length %s is garbage", str);
1311 if (key == KEY_transfer_encoding) {
1312 if (strcmp(str_tolower(str), "chunked") != 0)
1313 bb_error_msg_and_die("transfer encoding '%s' is not supported", str);
1316 if (key == KEY_location && status >= 300) {
1317 if (--redir_limit == 0)
1318 bb_error_msg_and_die("too many redirections");
1320 if (str[0] == '/') {
1321 free(redirected_path);
1322 target.path = redirected_path = xstrdup(str + 1);
1323 /* lsa stays the same: it's on the same server */
1325 parse_url(str, &target);
1327 /* server.user remains untouched */
1328 free(server.allocated);
1329 server.allocated = NULL;
1330 server.host = target.host;
1331 /* strip_ipv6_scope_id(target.host); - no! */
1332 /* we assume remote never gives us IPv6 addr with scope id */
1333 server.port = target.port;
1336 } /* else: lsa stays the same: we use proxy */
1338 goto establish_session;
1341 // if (status >= 300)
1342 // bb_error_msg_and_die("bad redirection (no Location: header from server)");
1344 /* For HTTP, data is pumped over the same connection */
1350 sfp = prepare_ftp_session(&dfp, &target, lsa);
1355 if (!(option_mask32 & WGET_OPT_SPIDER)) {
1356 if (G.output_fd < 0)
1357 G.output_fd = xopen(G.fname_out, G.o_flags);
1358 retrieve_file_data(dfp);
1359 if (!(option_mask32 & WGET_OPT_OUTNAME)) {
1360 xclose(G.output_fd);
1366 /* It's ftp. Close data connection properly */
1368 if (ftpcmd(NULL, NULL, sfp) != 226)
1369 bb_error_msg_and_die("ftp error: %s", G.wget_buf);
1370 /* ftpcmd("QUIT", NULL, sfp); - why bother? */
1374 free(server.allocated);
1375 free(target.allocated);
1378 free(fname_out_alloc);
1379 free(redirected_path);
1382 int wget_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
1383 int wget_main(int argc UNUSED_PARAM, char **argv)
1385 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1386 static const char wget_longopts[] ALIGN1 =
1387 /* name, has_arg, val */
1388 "continue\0" No_argument "c"
1389 "quiet\0" No_argument "q"
1390 "server-response\0" No_argument "S"
1391 "output-document\0" Required_argument "O"
1392 "directory-prefix\0" Required_argument "P"
1393 "proxy\0" Required_argument "Y"
1394 "user-agent\0" Required_argument "U"
1395 IF_FEATURE_WGET_TIMEOUT(
1396 "timeout\0" Required_argument "T")
1398 IF_DESKTOP( "tries\0" Required_argument "t")
1399 "header\0" Required_argument "\xff"
1400 "post-data\0" Required_argument "\xfe"
1401 "spider\0" No_argument "\xfd"
1402 /* Ignored (we always use PASV): */
1403 IF_DESKTOP( "passive-ftp\0" No_argument "\xf0")
1404 /* Ignored (we don't do ssl) */
1405 IF_DESKTOP( "no-check-certificate\0" No_argument "\xf0")
1406 /* Ignored (we don't support caching) */
1407 IF_DESKTOP( "no-cache\0" No_argument "\xf0")
1408 IF_DESKTOP( "no-verbose\0" No_argument "\xf0")
1409 IF_DESKTOP( "no-clobber\0" No_argument "\xf0")
1410 IF_DESKTOP( "no-host-directories\0" No_argument "\xf0")
1411 IF_DESKTOP( "no-parent\0" No_argument "\xf0")
1413 # define GETOPT32 getopt32long
1414 # define LONGOPTS ,wget_longopts
1416 # define GETOPT32 getopt32
1420 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1421 llist_t *headers_llist = NULL;
1426 #if ENABLE_FEATURE_WGET_TIMEOUT
1427 G.timeout_seconds = 900;
1428 signal(SIGALRM, alarm_handler);
1430 G.proxy_flag = "on"; /* use proxies if env vars are set */
1431 G.user_agent = "Wget"; /* "User-Agent" header field */
1433 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1439 /* wget has exactly four -n<letter> opts, all of which we can ignore:
1440 * -nv --no-verbose: be moderately quiet (-q is full quiet)
1441 * -nc --no-clobber: abort if exists, neither download to FILE.n nor overwrite FILE
1442 * -nH --no-host-directories: wget -r http://host/ won't create host/
1444 * "n::" above says that we accept -n[ARG].
1445 * Specifying "n:" would be a bug: "-n ARG" would eat ARG!
1448 "-1" /* at least one URL */
1449 IF_FEATURE_WGET_LONG_OPTIONS(":\xff::") /* --header is a list */
1451 , &G.fname_out, &G.dir_prefix,
1452 &G.proxy_flag, &G.user_agent,
1453 IF_FEATURE_WGET_TIMEOUT(&G.timeout_seconds) IF_NOT_FEATURE_WGET_TIMEOUT(NULL),
1454 NULL, /* -t RETRIES */
1456 IF_FEATURE_WGET_LONG_OPTIONS(, &headers_llist)
1457 IF_FEATURE_WGET_LONG_OPTIONS(, &G.post_data)
1459 #if 0 /* option bits debug */
1460 if (option_mask32 & WGET_OPT_RETRIES) bb_error_msg("-t NUM");
1461 if (option_mask32 & WGET_OPT_nsomething) bb_error_msg("-nsomething");
1462 if (option_mask32 & WGET_OPT_HEADER) bb_error_msg("--header");
1463 if (option_mask32 & WGET_OPT_POST_DATA) bb_error_msg("--post-data");
1464 if (option_mask32 & WGET_OPT_SPIDER) bb_error_msg("--spider");
1469 #if ENABLE_FEATURE_WGET_LONG_OPTIONS
1470 if (headers_llist) {
1473 llist_t *ll = headers_llist;
1475 size += strlen(ll->data) + 2;
1478 G.extra_headers = hdr = xmalloc(size + 1);
1479 while (headers_llist) {
1483 size = sprintf(hdr, "%s\r\n",
1484 (char*)llist_pop(&headers_llist));
1485 /* a bit like index_in_substrings but don't match full key */
1487 words = wget_user_headers;
1489 if (strstr(hdr, words) == hdr) {
1490 G.user_headers |= bit;
1494 words += strlen(words) + 1;
1502 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC | O_EXCL;
1503 if (G.fname_out) { /* -O FILE ? */
1504 if (LONE_DASH(G.fname_out)) { /* -O - ? */
1506 option_mask32 &= ~WGET_OPT_CONTINUE;
1508 /* compat with wget: -O FILE can overwrite */
1509 G.o_flags = O_WRONLY | O_CREAT | O_TRUNC;
1513 download_one_url(*argv++);
1515 if (G.output_fd >= 0)
1516 xclose(G.output_fd);
1518 #if ENABLE_FEATURE_CLEAN_UP && ENABLE_FEATURE_WGET_LONG_OPTIONS
1519 free(G.extra_headers);
1523 return EXIT_SUCCESS;