parse http:// urls (and the $http_proxy variable) for [user:[pass]@]

elements, which are used for the initial authentication attempt (if requested by the server). in the case of $http_proxy, use the values for proxy authentication.
1999-05-12 11:16:43 +00:00 · 1999-05-12 11:16:43 +00:00 · 4494ebf448
commit 4494ebf448
parent 566466ff97
2 changed files with 76 additions and 34 deletions
--- a/usr.bin/ftp/fetch.c
+++ b/usr.bin/ftp/fetch.c
@ -1,11 +1,11 @@
-/*	$NetBSD: fetch.c,v 1.53 1999/04/28 13:35:40 lukem Exp $	*/
+/*	$NetBSD: fetch.c,v 1.54 1999/05/12 11:16:43 lukem Exp $	*/

 /*-
 * Copyright (c) 1997, 1998, 1999 The NetBSD Foundation, Inc.
 * All rights reserved.
 *
 * This code is derived from software contributed to The NetBSD Foundation
- * by Jason Thorpe and Luke Mewburn.
+ * by Luke Mewburn.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@ -38,7 +38,7 @@

 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: fetch.c,v 1.53 1999/04/28 13:35:40 lukem Exp $");
+__RCSID("$NetBSD: fetch.c,v 1.54 1999/05/12 11:16:43 lukem Exp $");
 #endif /* not lint */

 /*
@ -80,7 +80,8 @@ typedef enum {
 } url_t;

 void    	aborthttp __P((int));
-static int	auth_url __P((const char *, char **));
+static int	auth_url __P((const char *, char **, const char *,
+				const char *));
 static void	base64_encode __P((const char *, size_t, char *));
 static int	go_fetch __P((const char *));
 static int	fetch_ftp __P((const char *));
@ -107,9 +108,11 @@ static int	redirect_loop;
 * Sets response to a malloc(3)ed string; caller should free.
 */
 static int
-auth_url(challenge, response)
+auth_url(challenge, response, guser, gpass)
 	const char	 *challenge;
 	char		**response;
+	const char	 *guser;
+	const char	 *gpass;
 {
 	char		*cp, *ep, *clear, *line, *realm, *scheme;
 	char		user[BUFSIZ], *pass;
@ -154,23 +157,33 @@ auth_url(challenge, response)
 		goto cleanup_auth_url;
 	}

-	fprintf(ttyout, "Username for `%s': ", realm);
-	(void)fflush(ttyout);
-	if (fgets(user, sizeof(user) - 1, stdin) == NULL)
-		goto cleanup_auth_url;
-	user[strlen(user) - 1] = '\0';
-	pass = getpass("Password: ");
+	if (guser != NULL) {
+		strncpy(user, guser, sizeof(user) - 1);
+		user[sizeof(user) - 1] = '\0';
+	} else {
+		fprintf(ttyout, "Username for `%s': ", realm);
+		(void)fflush(ttyout);
+		if (fgets(user, sizeof(user) - 1, stdin) == NULL)
+			goto cleanup_auth_url;
+		user[strlen(user) - 1] = '\0';
+	}
+	if (gpass != NULL)
+		pass = (char *)gpass;
+	else
+		pass = getpass("Password: ");

 	len = strlen(user) + strlen(pass) + 1;		/* user + ":" + pass */
 	clear = (char *)xmalloc(len + 1);
 	sprintf(clear, "%s:%s", user, pass);
-	memset(pass, '\0', strlen(pass));
+	if (gpass == NULL)
+		memset(pass, '\0', strlen(pass));

 						/* scheme + " " + enc */
 	len = strlen(scheme) + 1 + (len + 2) * 4 / 3;
 	*response = (char *)xmalloc(len + 1);
 	len = sprintf(*response, "%s ", scheme);
 	base64_encode(clear, strlen(clear), *response + len);
+	memset(clear, '\0', strlen(clear));
 	rval = 0;

 cleanup_auth_url:
@ -324,9 +337,10 @@ cleanup_parse_url:
 	}

 	cp = strchr(thost, '@');
-					/* look for user[:pass]@ in ftp URLs */
-	if (*type == FTP_URL_T && cp != NULL) {
-		anonftp = 0;		/* disable anonftp */
+					/* look for user[:pass]@ in URLs */
+	if (cp != NULL) {
+		if (*type == FTP_URL_T)
+			anonftp = 0;	/* disable anonftp */
 		*user = thost;
 		*cp = '\0';
 		*host = xstrdup(cp + 1);
@ -389,6 +403,7 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 	char			*cp, *ep, *buf, *savefile;
 	char			*auth, *location, *message;
 	char			*user, *pass, *host, *path, *decodedpath;
+	char			*puser, *ppass;
 	off_t			hashbytes;
 	int			 (*closefunc) __P((FILE *));
 	FILE			*fin, *fout;
@ -404,7 +419,7 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 	ischunked = isproxy = hcode = 0;
 	rval = 1;
 	hp = NULL;
-	user = pass = host = path = decodedpath = NULL;
+	user = pass = host = path = decodedpath = puser = ppass = NULL;

 #ifdef __GNUC__			/* shut up gcc warnings */
 	(void)&closefunc;
@ -494,8 +509,7 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 		direction = "retrieved";
 		if (proxyenv != NULL) {				/* use proxy */
 			url_t purltype;
-			char *puser, *ppass, *phost;
-			char *ppath;
+			char *phost, *ppath;

 			isproxy = 1;

@ -543,22 +557,16 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 				     && strcmp(ppath, "/") != 0)) {
 					warnx("Malformed proxy URL `%s'",
 					    proxyenv);
-					FREEPTR(puser);
-					FREEPTR(ppass);
 					FREEPTR(phost);
 					FREEPTR(ppath);
 					goto cleanup_fetch_url;
 				}

-				FREEPTR(user);
-				user = puser;
-				FREEPTR(pass);
-				pass = ppass;
 				FREEPTR(host);
 				host = phost;
 				FREEPTR(path);
-				FREEPTR(ppath);
 				path = xstrdup(url);
+				FREEPTR(ppath);
 			}
 		} /* proxyenv != NULL */

@ -802,6 +810,7 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 			}

 		}
+				/* finished parsing header */
 		FREEPTR(buf);

 		switch (hcode) {
@ -838,6 +847,7 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 		case 407:
 		    {
 			char **authp;
+			char *auser, *apass;

 			fprintf(ttyout, "%s\n", message);
 			if (EMPTYSTRING(auth)) {
@ -845,7 +855,15 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 			    "No authentication challenge provided by server");
 				goto cleanup_fetch_url;
 			}
-			authp = (hcode == 401) ? &wwwauth : &proxyauth;
+			if (hcode == 401) {
+				authp = &wwwauth;
+				auser = user;
+				apass = pass;
+			} else {
+				authp = &proxyauth;
+				auser = puser;
+				apass = ppass;
+			}
 			if (*authp != NULL) {
 				char reply[10];

@ -854,8 +872,10 @@ fetch_url(url, proxyenv, proxyauth, wwwauth)
 				if (fgets(reply, sizeof(reply), stdin) != NULL
 				    && tolower(reply[0]) != 'y')
 					goto cleanup_fetch_url;
+				auser = NULL;
+				apass = NULL;
 			}
-			if (auth_url(auth, authp) == 0) {
+			if (auth_url(auth, authp, auser, apass) == 0) {
 				rval = fetch_url(url, proxyenv,
 				    proxyauth, wwwauth);
 				memset(*authp, '\0', strlen(*authp));
@ -1010,6 +1030,8 @@ cleanup_fetch_url:
 	FREEPTR(host);
 	FREEPTR(path);
 	FREEPTR(decodedpath);
+	FREEPTR(puser);
+	FREEPTR(ppass);
 	FREEPTR(buf);
 	FREEPTR(auth);
 	FREEPTR(location);
--- a/usr.bin/ftp/ftp.1
+++ b/usr.bin/ftp/ftp.1
@ -1,4 +1,4 @@
-.\" 	$NetBSD: ftp.1,v 1.38 1999/05/04 14:16:15 lukem Exp $
+.\" 	$NetBSD: ftp.1,v 1.39 1999/05/12 11:16:44 lukem Exp $
 .\"
 .\" Copyright (c) 1985, 1989, 1990, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@ -35,7 +35,7 @@
 .\"
 .\"	@(#)ftp.1	8.3 (Berkeley) 10/9/94
 .\"
-.Dd April 28, 1999
+.Dd May 12, 1999
 .Dt FTP 1
 .Os
 .Sh NAME
@ -77,16 +77,16 @@ file:///\fIfile\fR
 .Bk -words
 .Op Fl o Ar output
 .Ek
-ftp://[\fIuser\fR[:\fIpassword]\fR@]\fIhost\fR[:\fIport\fR]/\fIfile\fR[/]
+ftp://[\fIuser\fR[:\fIpassword\fR]@]\fIhost\fR[:\fIport\fR]/\fIfile\fR[/]
 .Nm ftp
 .Op Fl f
-.Op Fl R
 .Bk -words
 .Op Fl o Ar output
 .Ek
-http://\fIhost\fR[:\fIport\fR]/\fIfile\fR
+http://[\fIuser\fR[:\fIpassword\fR]@]\fIhost\fR[:\fIport\fR]/\fIfile\fR
 .Nm ftp
 .Op Fl f
+.Op Fl R
 .Bk -words
 .Op Fl o Ar output
 .Ek
@ -1191,11 +1191,17 @@ or
 is supplied, then the transfer type will take place as
 ascii or binary (respectively).
 The default transfer type is binary.
-.It http://host[:port]/file
+.It http://[user[:password]@]host[:port]/file
 An HTTP URL, retrieved using the HTTP protocol.
 If
 .Ev http_proxy
 is defined, it is used as a URL to an HTTP proxy server.
+If HTTP authorisation is required to retrieve the file,
+and
+.Sq user
+(and optionally
+.Sq password )
+is in the URL, use them for the first attempt to authenticate.
 .It file:///file
 A local URL, copied from /file.
 .El
@ -1225,6 +1231,9 @@ This is implemented by using
 .Nm reget
 instead of
 .Nm get .
+.Pp
+If WWW or proxy WWW authentication is required, you will be prompted
+to enter a username and password to authenticate with.
 .Sh ABORTING A FILE TRANSFER
 To abort a file transfer, use the terminal interrupt key
 (usually Ctrl-C).
@ -1528,6 +1537,15 @@ URL of FTP proxy to use when making FTP URL requests
 (if not defined, use the standard ftp protocol).
 .It Ev http_proxy
 URL of HTTP proxy to use when making HTTP URL requests.
+If proxy authentication is required and there is a username and
+password in this URL, they will automatically be used in the first
+attempt to authenticate to the proxy.
+.Pp
+Note that the use of a username and password in
+.Ev http_proxy
+may be incompatible with other programs that use it
+(such as
+.Xr lynx 1 ).
 .It Ev no_proxy
 A space or comma separated list of hosts (or domains) for which
 proxying is not to be used.
@ -1558,7 +1576,9 @@ command and file completion, dynamic progress bar, automatic
 fetching of files and URLs, and modification time
 preservation were implemented in
 .Nx 1.3
-by Luke Mewburn, with assistance from Jason Thorpe.
+(and later releases)
+by Luke Mewburn,
+with the original code for HTTP retrieval supplied by Jason Thorpe.
 .Sh BUGS
 Correct execution of many commands depends upon proper behavior
 by the remote server.