2 .\" Copyright (c) 2000-2014 Dag-Erling Smørgrav
3 .\" Copyright (c) 2013 Michael Gmelin <freebsd@grem.de>
4 .\" All rights reserved.
5 .\" Portions Copyright (c) 1999 Massachusetts Institute of Technology; used
8 .\" Redistribution and use in source and binary forms, with or without
9 .\" modification, are permitted provided that the following conditions
11 .\" 1. Redistributions of source code must retain the above copyright
12 .\" notice, this list of conditions and the following disclaimer
13 .\" in this position and unchanged.
14 .\" 2. Redistributions in binary form must reproduce the above copyright
15 .\" notice, this list of conditions and the following disclaimer in the
16 .\" documentation and/or other materials provided with the distribution.
17 .\" 3. The name of the author may not be used to endorse or promote products
18 .\" derived from this software without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
21 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
22 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
23 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
24 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
25 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
29 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 .Nd retrieve a file by Uniform Resource Locator
41 .Op Fl 146AadFlMmnPpqRrsUv
43 .Op Fl -bind-address= Ns Ar host
44 .Op Fl -ca-cert= Ns Ar file
45 .Op Fl -ca-path= Ns Ar dir
46 .Op Fl -cert= Ns Ar file
47 .Op Fl -crl= Ns Ar file
49 .Op Fl -key= Ns Ar file
52 .Op Fl -no-proxy= Ns Ar list
55 .Op Fl -no-verify-hostname
56 .Op Fl -no-verify-peer
58 .Op Fl -referer= Ns Ar URL
61 .Op Fl -user-agent= Ns Ar agent-string
65 .Op Fl 146AadFlMmnPpqRrsUv
67 .Op Fl -bind-address= Ns Ar host
68 .Op Fl -ca-cert= Ns Ar file
69 .Op Fl -ca-path= Ns Ar dir
70 .Op Fl -cert= Ns Ar file
71 .Op Fl -crl= Ns Ar file
73 .Op Fl -key= Ns Ar file
76 .Op Fl -no-proxy= Ns Ar list
79 .Op Fl -no-verify-hostname
80 .Op Fl -no-verify-peer
82 .Op Fl -referer= Ns Ar URL
85 .Op Fl -user-agent= Ns Ar agent-string
87 .Fl h Ar host Fl f Ar file Oo Fl c Ar dir Oc
91 utility provides a command-line interface to the
94 Its purpose is to retrieve the file(s) pointed to by the URL(s) on the
97 The following options are available:
100 Stop and return exit code 0 at the first successfully retrieved file.
101 .It Fl 4 , -ipv4-only
104 to use IPv4 addresses only.
105 .It Fl 6 , -ipv6-only
108 to use IPv6 addresses only.
109 .It Fl A , -no-redirect
110 Do not automatically follow ``temporary'' (302) redirects.
111 Some broken Web sites will return a redirect instead of a not-found
112 error when the requested object does not exist.
114 Automatically retry the transfer upon soft failures.
115 .It Fl B Ar bytes , Fl -buffer-size= Ns Ar bytes
116 Specify the read buffer size in bytes.
117 The default is 16,384 bytes.
118 Attempts to set a buffer size lower than this will be silently
120 The number of reads actually performed is reported at verbosity level
121 two or higher (see the
124 .It Fl -bind-address= Ns Ar host
125 Specifies a hostname or IP address to which sockets used for outgoing
126 connections will be bound.
128 The file to retrieve is in directory
131 This option is deprecated and is provided for backward compatibility
133 .It Fl -ca-cert= Ns Ar file
135 Path to certificate bundle containing trusted CA certificates.
137 .Pa /etc/ssl/cert.pem
139 The file may contain multiple CA certificates. The port
140 .Pa security/ca_root_nss
141 is a common source of a current CA bundle.
142 .It Fl -ca-path= Ns Ar dir
146 contains trusted CA hashes.
147 .It Fl -cert= Ns Ar file
150 is a PEM encoded client certificate/key which will be used in
151 client certificate authentication.
152 .It Fl -crl= Ns Ar file
154 Points to certificate revocation list
156 which has to be in PEM format and may contain peer certificates that have
159 Use a direct connection even if a proxy is configured.
160 .It Fl F , -force-restart
161 In combination with the
163 flag, forces a restart even if the local and remote files have
164 different modification times.
168 The file to retrieve is named
171 This option is deprecated and is provided for backward compatibility
174 The file to retrieve is located on the host
176 This option is deprecated and is provided for backward compatibility
178 .It Fl i Ar file , Fl -if-modified-since= Ns Ar file
179 If-Modified-Since mode: the remote file will only be retrieved if it
184 .It Fl -key= Ns Ar file
187 is a PEM encoded client key that will be used in client certificate
188 authentication in case key and client certificate are stored separately.
190 If the target is a file-scheme URL, make a symbolic link to the target
191 rather than trying to copy it.
194 Mirror mode: if the file already exists locally and has the same size
195 and modification time as the remote file, it will not be fetched.
200 flags are mutually exclusive.
201 .It Fl N Ar file , Fl -netrc= Ns Ar file
206 to look up login names and passwords for FTP sites.
209 for a description of the file format.
210 This feature is experimental.
212 Do not preserve the modification time of the transferred file.
214 Forces the FTP code to use active mode.
215 .It Fl -no-proxy= Ns Ar list
216 Either a single asterisk, which disables the use of proxies
217 altogether, or a comma- or whitespace-separated list of hosts for
218 which proxies should not be used.
221 Don't allow SSL version 3 when negotiating the connection.
224 Don't allow TLS version 1 when negotiating the connection.
225 .It Fl -no-verify-hostname
227 Do not verify that the hostname matches the subject of the
228 certificate presented by the server.
229 .It Fl -no-verify-peer
231 Do not verify the peer certificate against trusted CAs.
232 .It Fl o Ar file , Fl output= Ns Ar file
233 Set the output file name to
235 By default, a ``pathname'' is extracted from the specified URI, and
236 its basename is used as the name of the output file.
241 indicates that results are to be directed to the standard output.
244 argument is a directory, fetched file(s) will be placed within the
245 directory, with name(s) selected as in the default behaviour.
249 These flags have no effect, since passive FTP is the default, but are
250 provided for compatibility with earlier versions where active FTP was
252 To force active mode, use the
256 environment variable to
258 .It Fl -referer= Ns Ar URL
259 Specifies the referrer URL to use for HTTP requests.
264 the document URL will be used as referrer URL.
267 .It Fl R , -keep-output
268 The output files are precious, and should not be deleted under any
269 circumstances, even if the transfer failed or was incomplete.
271 Restart a previously interrupted transfer.
276 flags are mutually exclusive.
277 .It Fl S Ar bytes , Fl -require-size= Ns Ar bytes
278 Require the file size reported by the server to match the specified
280 If it does not, a message is printed and the file is not fetched.
281 If the server does not support reporting file sizes, this option is
282 ignored and the file is fetched unconditionally.
283 .It Fl s , -print-size
284 Print the size in bytes of each requested file, without fetching it.
285 .It Fl T Ar seconds , Fl -timeout= Ns Ar seconds
288 Overrides the environment variables
292 for HTTP transfers if set.
293 .It Fl U , -passive-portrange-default
294 When using passive FTP, allocate the port for the data connection from
295 the low (default) port range.
298 for details on how to specify which port range this corresponds to.
299 .It Fl -user-agent= Ns Ar agent-string
300 Specifies the User-Agent string to use for HTTP requests.
301 This can be useful when working with HTTP origin or proxy servers that
302 differentiate between user agents.
304 Increase verbosity level.
305 .It Fl w Ar seconds , Fl -retry-delay= Ns Ar seconds
308 flag is specified, wait this many seconds between successive retries.
319 the current transfer rate statistics will be written to the
320 standard error output, in the same format as the standard completion
323 .Bl -tag -width HTTP_TIMEOUT
325 Maximum time, in seconds, to wait before aborting an FTP connection.
327 Maximum time, in seconds, to wait before aborting an HTTP connection.
332 for a description of additional environment variables, including
333 .Ev FETCH_BIND_ADDRESS ,
335 .Ev FTP_PASSIVE_MODE ,
343 .Ev HTTP_PROXY_AUTH ,
345 .Ev HTTP_USER_AGENT ,
349 .Ev SSL_CA_CERT_FILE ,
350 .Ev SSL_CA_CERT_PATH ,
351 .Ev SSL_CLIENT_CERT_FILE ,
352 .Ev SSL_CLIENT_KEY_FILE ,
356 .Ev SSL_NO_VERIFY_HOSTNAME
358 .Ev SSL_NO_VERIFY_PEER .
362 command returns zero on success, or one on failure.
363 If multiple URLs are listed on the command line,
365 will attempt to retrieve each one of them in turn, and will return
366 zero only if they were all successfully retrieved.
370 argument is used and the remote file is not newer than the
371 specified file then the command will still return success,
372 although no file is transferred.
380 This implementation first appeared in
384 The original implementation of
387 .An Jean-Marc Zucconi Aq jmz@FreeBSD.org .
388 It was extensively re-worked for
391 .An Garrett Wollman Aq wollman@FreeBSD.org ,
392 and later completely rewritten to use the
395 .An Dag-Erling Sm\(/orgrav Aq des@FreeBSD.org
397 .An Michael Gmelin Aq freebsd@grem.de .
403 options are no longer supported and will generate warnings.
404 They were workarounds for bugs in other OSes which this implementation
407 One cannot both use the
412 options and specify URLs on the command line.