switch to blake2

[zpackage] / src / fetchurl.c

diff --git a/src/fetchurl.c b/src/fetchurl.c
index e09a43755d4aa03eb947e06577b19297753dce99..6d5958848ecdb9c2e9091824841cefa92b4229f3 100644 (file)
--- a/src/fetchurl.c
+++ b/src/fetchurl.c
@@ -22,9 +22,12 @@ struct tls_uri {
        char *host;
        char *port;
        char *path;
+       char *encoded_path;
        char *query;
+       char *encoded_query;
        char *fragment;
 };
+
 int tls_parse_uri(char *, struct tls_uri *);
 void tls_free_uri(struct tls_uri *);
 
@@ -206,12 +209,14 @@ int verify_first(struct TLSContext *context, struct TLSCertificate **chain, int
                }
 
                int match = (memcmp(certhash, fp, 64) == 0); 
-
-               close(trustdb);
-               tls_buffer_free(&tbuf);
                if (!match) {
                        fprintf(stderr, "host %s certificate changed\n", host);
+                       fprintf(stderr, "was %.64s\n", fp);
+                       fprintf(stderr, "now %.64s\n", certhash);
                }
+
+               close(trustdb);
+               tls_buffer_free(&tbuf);
                return match ? no_error : bad_certificate;
        } while (!tbuf.error);
 
@@ -581,6 +586,7 @@ int main(int ac, char *av[]) {
        struct tls_buffer request;
        char lmtime[80];
        char *eoh = 0;
+       char *user_agent = 0;
        size_t total = 0;
        size_t header_len;
        char *url = 0;
@@ -589,13 +595,14 @@ int main(int ac, char *av[]) {
 
        ltc_mp = tfm_desc;
 
-       while ((option = getopt(ac, av, "o:OrIfz:np#R:SkK")) != -1) {
+       while ((option = getopt(ac, av, "o:OrIfz:np#R:SkKU:")) != -1) {
                switch (option) {
                        case 'o': outfile = optarg; break;
                        case 'O': calcoutfile = 1; break;
                        case 'S': printstatus = 1; head = 1; break;
                        case 'k': verifypolicy = 0; break;
                        case 'K': verifypolicy = 2; break;
+                       case 'U': user_agent = optarg; break;
                        case 'I': head = 1;
                        case 'r': raw = 1; break;
                        case 'f': failsilent = 1; break;
@@ -678,10 +685,18 @@ int main(int ac, char *av[]) {
                } else {
                        tls_buffer_append(&request, "GET ", 4);
                }
-               tls_buffer_append(&request, uri.path, strlen(uri.path));
+               tls_buffer_append(&request, uri.encoded_path, strlen(uri.encoded_path));
+               if (uri.encoded_query) {
+                       tls_buffer_append(&request, "?", 1);
+                       tls_buffer_append(&request, uri.encoded_query, strlen(uri.encoded_query));
+               }
                tls_buffer_append(&request, " HTTP/1.1\r\n", 11);
 
                append_header(&request, "Host", host);
+               if (user_agent) {
+                       append_header(&request, "User-Agent", user_agent);
+               }
+               append_header(&request, "Accept", "*/*");
                append_header(&request, "Connection", "close");
                if (lmfile) {
                        append_header(&request, "If-Modified-Since", lmtime);
@@ -757,6 +772,7 @@ int main(int ac, char *av[]) {
 
                io.socket = sockfd;
 
+               eoh = 0;
                do {
                        if (io.response.len >= 4) {
                                eoh = strstr(io.response.buffer, "\r\n\r\n");
@@ -770,8 +786,10 @@ int main(int ac, char *av[]) {
                } while (!eoh);
 
                if (!eoh) {
-                       /* never got (complet) header */
-                       fprintf(stderr, "incomplete response to %s\n", av[optind]);
+                       /* never got (complete) header */
+                       fprintf(stderr, "incomplete response (ret = %zd) to %s\n", ret, url);
+                       fprintf(stderr, "have:\n");
+                       fwrite(io.response.buffer, io.response.len, 1, stderr);
                        exit(EXIT_FAILURE);
                }