#include <stdio.h>
#include <stdlib.h>
-#include <sys/types.h>
-#ifdef HAVE_STRING_H
-# include <string.h>
-#else
-# include <strings.h>
-#endif
+#include <string.h>
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif
#include <assert.h>
#include <errno.h>
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-#ifndef errno
-extern int errno;
-#endif
+#include <time.h>
#include "wget.h"
#include "utils.h"
called before the request can be used. */
static struct request *
-request_new ()
+request_new (void)
{
struct request *req = xnew0 (struct request);
req->hcapacity = 8;
still hope -- read below. */
if (0 != strcasecmp (host, pconn.host))
{
- /* If pconn.socket is already talking to HOST, we needn't
- reconnect. This happens often when both sites are virtual
- hosts distinguished only by name and served by the same
- network interface, and hence the same web server (possibly
- set up by the ISP and serving many different web sites).
- This admittedly non-standard optimization does not contradict
+ /* Check if pconn.socket is talking to HOST under another name.
+ This happens often when both sites are virtual hosts
+ distinguished only by name and served by the same network
+ interface, and hence the same web server (possibly set up by
+ the ISP and serving many different web sites). This
+ admittedly unconventional optimization does not contradict
HTTP and works well with popular server software. */
int found;
if (ssl)
/* Don't try to talk to two different SSL sites over the same
- secure connection! (Besides, it's not clear if name-based
- virtual hosting is even possible with SSL.) */
+ secure connection! (Besides, it's not clear that
+ name-based virtual hosting is even possible with SSL.) */
return 0;
/* If pconn.socket's peer is one of the IP addresses HOST
hs->error = NULL;
}
-static char *create_authorization_line PARAMS ((const char *, const char *,
- const char *, const char *,
- const char *, int *));
-static char *basic_authentication_encode PARAMS ((const char *, const char *));
-static int known_authentication_scheme_p PARAMS ((const char *, const char *));
+static char *create_authorization_line (const char *, const char *,
+ const char *, const char *,
+ const char *, int *);
+static char *basic_authentication_encode (const char *, const char *);
+static int known_authentication_scheme_p (const char *, const char *);
-time_t http_atotm PARAMS ((const char *));
+time_t http_atotm (const char *);
#define BEGINS_WITH(line, string_constant) \
(!strncasecmp (line, string_constant, sizeof (string_constant) - 1) \
&& (ISSPACE (line[sizeof (string_constant) - 1]) \
|| !line[sizeof (string_constant) - 1]))
-#define SET_USER_AGENT(req) \
- if (opt.useragent) \
- request_set_header (req, "User-Agent", opt.useragent, rel_none); \
- else \
+#define SET_USER_AGENT(req) do { \
+ if (!opt.useragent) \
request_set_header (req, "User-Agent", \
- aprintf ("Wget/%s", version_string), rel_value);
+ aprintf ("Wget/%s", version_string), rel_value); \
+ else if (*opt.useragent) \
+ request_set_header (req, "User-Agent", opt.useragent, rel_none); \
+} while (0)
+/* The flags that allow clobbering the file (opening with "wb").
+ Defined here to avoid repetition later. #### This will require
+ rework. */
+#define ALLOW_CLOBBER (opt.noclobber || opt.always_rest || opt.timestamping \
+ || opt.dirstruct || opt.output_document)
/* Retrieve a document through HTTP protocol. It recognizes status
code, and correctly handles redirections. It closes the network
/* Whether our connection to the remote host is through SSL. */
int using_ssl = 0;
+ /* Whether a HEAD request will be issued (as opposed to GET or
+ POST). */
+ int head_only = *dt & HEAD_ONLY;
+
char *head;
struct response *resp;
char hdrval[256];
}
#endif /* HAVE_SSL */
- if (!(*dt & HEAD_ONLY))
+ if (!head_only)
/* If we're doing a GET on the URL, as opposed to just a HEAD, we need to
know the local filename so we can save to it. */
assert (*hs->local_file != NULL);
req = request_new ();
{
+ char *meth_arg;
const char *meth = "GET";
- if (*dt & HEAD_ONLY)
+ if (head_only)
meth = "HEAD";
else if (opt.post_file_name || opt.post_data)
meth = "POST";
/* Use the full path, i.e. one that includes the leading slash and
the query string. E.g. if u->path is "foo/bar" and u->query is
"param=value", full_path will be "/foo/bar?param=value". */
- request_set_method (req, meth,
- proxy ? xstrdup (u->url) : url_full_path (u));
+ if (proxy
+#ifdef HAVE_SSL
+ /* When using SSL over proxy, CONNECT establishes a direct
+ connection to the HTTPS server. Therefore use the same
+ argument as when talking to the server directly. */
+ && u->scheme != SCHEME_HTTPS
+#endif
+ )
+ meth_arg = xstrdup (u->url);
+ else
+ meth_arg = url_full_path (u);
+ request_set_method (req, meth, meth_arg);
}
request_set_header (req, "Referer", (char *) hs->referer, rel_none);
post_data_size = file_size (opt.post_file_name);
if (post_data_size == -1)
{
- logprintf (LOG_NOTQUIET, "POST data file missing: %s\n",
- opt.post_file_name);
+ logprintf (LOG_NOTQUIET, _("POST data file missing: %s (%s)\n"),
+ opt.post_file_name, strerror (errno));
post_data_size = 0;
}
}
if (conn->scheme == SCHEME_HTTPS)
{
- if (!ssl_connect (sock))
+ if (!ssl_connect (sock) || !ssl_check_certificate (sock, u->host))
{
fd_close (sock);
return CONSSLERR;
if (statcode == HTTP_STATUS_UNAUTHORIZED)
{
/* Authorization is required. */
- if (keep_alive)
- {
- if (skip_short_body (sock, contlen))
- CLOSE_FINISH (sock);
- else
- CLOSE_INVALIDATE (sock);
- }
- pconn.authorized = 0;
- if (auth_finished || !(user && passwd))
- {
- /* If we have tried it already, then there is not point
- retrying it. */
- logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
- }
+ if (keep_alive && !head_only && skip_short_body (sock, contlen))
+ CLOSE_FINISH (sock);
else
+ CLOSE_INVALIDATE (sock);
+ pconn.authorized = 0;
+ if (!auth_finished && (user && passwd))
{
- /* IIS sometimes sends two instances of WWW-Authenticate
- header, one with the keyword "negotiate", and other with
- useful data. Loop over all occurrences of this header
- and use the one we recognize. */
+ /* IIS sends multiple copies of WWW-Authenticate, one with
+ the value "negotiate", and other(s) with data. Loop over
+ all the occurrences and pick the one we recognize. */
int wapos;
const char *wabeg, *waend;
char *www_authenticate = NULL;
++wapos)
if (known_authentication_scheme_p (wabeg, waend))
{
- www_authenticate = strdupdelim (wabeg, waend);
+ BOUNDED_TO_ALLOCA (wabeg, waend, www_authenticate);
break;
}
- /* If the authentication header is missing or recognized, or
- if the authentication scheme is "Basic" (which we send by
- default), there's no sense in retrying. */
- if (!www_authenticate
- || BEGINS_WITH (www_authenticate, "Basic"))
- {
- xfree_null (www_authenticate);
- logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
- }
+
+ if (!www_authenticate)
+ /* If the authentication header is missing or
+ unrecognized, there's no sense in retrying. */
+ logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
+ else if (BEGINS_WITH (www_authenticate, "Basic"))
+ /* If the authentication scheme is "Basic", which we send
+ by default, there's no sense in retrying either. (This
+ should be changed when we stop sending "Basic" data by
+ default.) */
+ ;
else
{
char *pth;
if (BEGINS_WITH (www_authenticate, "NTLM"))
ntlm_seen = 1;
xfree (pth);
- xfree (www_authenticate);
goto retry_with_auth;
}
}
+ logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
request_free (req);
return AUTHFAILED;
}
contrange = first_byte_pos;
}
resp_free (resp);
- xfree (head);
/* 20x responses are counted among successful by default. */
if (H_20X (statcode))
_("Location: %s%s\n"),
hs->newloc ? escnonprint_uri (hs->newloc) : _("unspecified"),
hs->newloc ? _(" [following]") : "");
- if (keep_alive)
- {
- if (skip_short_body (sock, contlen))
- CLOSE_FINISH (sock);
- else
- CLOSE_INVALIDATE (sock);
- }
+ if (keep_alive && !head_only && skip_short_body (sock, contlen))
+ CLOSE_FINISH (sock);
+ else
+ CLOSE_INVALIDATE (sock);
xfree_null (type);
return NEWLOCATION;
}
text/html file. If some case-insensitive variation on ".htm[l]" isn't
already the file's suffix, tack on ".html". */
{
- char* last_period_in_local_filename = strrchr(*hs->local_file, '.');
+ char *last_period_in_local_filename = strrchr (*hs->local_file, '.');
if (last_period_in_local_filename == NULL
|| !(0 == strcasecmp (last_period_in_local_filename, ".htm")
|| 0 == strcasecmp (last_period_in_local_filename, ".html")))
{
- size_t local_filename_len = strlen(*hs->local_file);
-
- *hs->local_file = xrealloc(*hs->local_file,
- local_filename_len + sizeof(".html"));
+ int local_filename_len = strlen (*hs->local_file);
+ /* Resize the local file, allowing for ".html" preceded by
+ optional ".NUMBER". */
+ *hs->local_file = xrealloc (*hs->local_file,
+ local_filename_len + 24 + sizeof (".html"));
strcpy(*hs->local_file + local_filename_len, ".html");
-
+ /* If clobbering is not allowed and the file, as named,
+ exists, tack on ".NUMBER.html" instead. */
+ if (!ALLOW_CLOBBER)
+ {
+ int ext_num = 1;
+ do
+ sprintf (*hs->local_file + local_filename_len,
+ ".%d.html", ext_num++);
+ while (file_exists_p (*hs->local_file));
+ }
*dt |= ADDED_HTML_EXTENSION;
}
}
type = NULL; /* We don't need it any more. */
/* Return if we have no intention of further downloading. */
- if (!(*dt & RETROKF) || (*dt & HEAD_ONLY))
+ if (!(*dt & RETROKF) || head_only)
{
/* In case the caller cares to look... */
hs->len = 0;
rotate_backups (*hs->local_file);
if (hs->restval)
fp = fopen (*hs->local_file, "ab");
- else if (opt.noclobber || opt.always_rest || opt.timestamping || opt.dirstruct
- || opt.output_document)
+ else if (ALLOW_CLOBBER)
fp = fopen (*hs->local_file, "wb");
else
{
if (opt.save_headers)
fwrite (head, 1, strlen (head), fp);
+ /* Now we no longer need to store the response header. */
+ xfree (head);
+
/* Download the request body. */
flags = 0;
if (keep_alive)
*newloc = NULL;
- /* Warn on (likely bogus) wildcard usage in HTTP. Don't use
- has_wildcards_p because it would also warn on `?', and we know that
- shows up in CGI paths a *lot*. */
- if (strchr (u->url, '*'))
+ /* Warn on (likely bogus) wildcard usage in HTTP. */
+ if (has_wildcards_p (u->path))
logputs (LOG_VERBOSE, _("Warning: wildcards not supported in HTTP.\n"));
xzero (hstat);
/* If opt.noclobber is turned on and file already exists, do not
retrieve the file */
logprintf (LOG_VERBOSE, _("\
-File `%s' already there, will not retrieve.\n"), *hstat.local_file);
+File `%s' already there; not retrieving.\n\n"), *hstat.local_file);
/* If the file is there, we suppose it's retrieved OK. */
*dt |= RETROKF;
*dt &= ~HEAD_ONLY;
/* Decide whether or not to restart. */
- hstat.restval = 0;
- if (count > 1)
- hstat.restval = hstat.len; /* continue where we left off */
- else if (opt.always_rest
- && stat (locf, &st) == 0
- && S_ISREG (st.st_mode))
+ if (opt.always_rest
+ && stat (locf, &st) == 0
+ && S_ISREG (st.st_mode))
+ /* When -c is used, continue from on-disk size. (Can't use
+ hstat.len even if count>1 because we don't want a failed
+ first attempt to clobber existing data.) */
hstat.restval = st.st_size;
+ else if (count > 1)
+ /* otherwise, continue where the previous try left off */
+ hstat.restval = hstat.len;
+ else
+ hstat.restval = 0;
/* Decide whether to send the no-cache directive. We send it in
two cases:
return err;
case CONSSLERR:
/* Another fatal error. */
- logputs (LOG_VERBOSE, "\n");
logprintf (LOG_NOTQUIET, _("Unable to establish SSL connection.\n"));
free_hstat (&hstat);
xfree_null (dummy);
else if (!opt.kill_longer) /* meaning we got more than expected */
{
logprintf (LOG_VERBOSE,
- _("%s (%s) - `%s' saved [%s/%s])\n\n"),
+ _("%s (%s) - `%s' saved [%s/%s]\n\n"),
tms, tmrate, locf,
number_to_static_string (hstat.len),
number_to_static_string (hstat.contlen));
/* Convert the textual specification of time in TIME_STRING to the
number of seconds since the Epoch.
- TIME_STRING can be in any of the three formats RFC2068 allows the
- HTTP servers to emit -- RFC1123-date, RFC850-date or asctime-date.
+ TIME_STRING can be in any of the three formats RFC2616 allows the
+ HTTP servers to emit -- RFC1123-date, RFC850-date or asctime-date,
+ as well as the time format used in the Set-Cookie header.
Timezones are ignored, and should be GMT.
Return the computed time_t representation, or -1 if the conversion
implementations I've tested. */
static const char *time_formats[] = {
- "%a, %d %b %Y %T", /* RFC1123: Thu, 29 Jan 1998 22:12:57 */
- "%A, %d-%b-%y %T", /* RFC850: Thursday, 29-Jan-98 22:12:57 */
- "%a, %d-%b-%Y %T", /* pseudo-RFC850: Thu, 29-Jan-1998 22:12:57
- (google.com uses this for their cookies.) */
- "%a %b %d %T %Y" /* asctime: Thu Jan 29 22:12:57 1998 */
+ "%a, %d %b %Y %T", /* rfc1123: Thu, 29 Jan 1998 22:12:57 */
+ "%A, %d-%b-%y %T", /* rfc850: Thursday, 29-Jan-98 22:12:57 */
+ "%a %b %d %T %Y", /* asctime: Thu Jan 29 22:12:57 1998 */
+ "%a, %d-%b-%Y %T" /* cookies: Thu, 29-Jan-1998 22:12:57
+ (used in Set-Cookie, defined in the
+ Netscape cookie specification.) */
};
-
int i;
- struct tm t;
-
- /* According to Roger Beeman, we need to initialize tm_isdst, since
- strptime won't do it. */
- t.tm_isdst = 0;
-
- /* Note that under foreign locales Solaris strptime() fails to
- recognize English dates, which renders this function useless. We
- solve this by being careful not to affect LC_TIME when
- initializing locale.
-
- Another solution would be to temporarily set locale to C, invoke
- strptime(), and restore it back. This is slow and dirty,
- however, and locale support other than LC_MESSAGES can mess other
- things, so I rather chose to stick with just setting LC_MESSAGES.
-
- GNU strptime does not have this problem because it recognizes
- both international and local dates. */
for (i = 0; i < countof (time_formats); i++)
- if (check_end (strptime (time_string, time_formats[i], &t)))
- return mktime_from_utc (&t);
+ {
+ struct tm t;
+
+ /* Some versions of strptime use the existing contents of struct
+ tm to recalculate the date according to format. Zero it out
+ to prevent garbage from the stack influencing strptime. */
+ xzero (t);
+
+ /* Solaris strptime fails to recognize English month names in
+ non-English locales, which we work around by not setting the
+ LC_TIME category. Another way would be to temporarily set
+ locale to C before invoking strptime, but that's slow and
+ messy. GNU strptime does not have this problem because it
+ recognizes English month names along with the local ones. */
+
+ if (check_end (strptime (time_string, time_formats[i], &t)))
+ return mktime_from_utc (&t);
+ }
/* All formats have failed. */
return -1;
and Microsoft-specific. */
/* Create the authentication header contents for the `Basic' scheme.
- This is done by encoding the string `USER:PASS' in base64 and
- prepending `HEADER: Basic ' to it. */
+ This is done by encoding the string "USER:PASS" to base64 and
+ prepending the string "Basic " in front of it. */
static char *
basic_authentication_encode (const char *user, const char *passwd)
projects / wget / blobdiff