1 /* $OpenBSD: sftp-server.c,v 1.78 2008/02/27 20:21:15 djm Exp $ */
3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 #include <sys/types.h>
21 #include <sys/param.h>
23 #ifdef HAVE_SYS_TIME_H
24 # include <sys/time.h>
46 #include "sftp-common.h"
49 #define get_int64() buffer_get_int64(&iqueue);
50 #define get_int() buffer_get_int(&iqueue);
51 #define get_string(lenp) buffer_get_string(&iqueue, lenp);
54 LogLevel log_level = SYSLOG_LEVEL_ERROR;
57 struct passwd *pw = NULL;
58 char *client_addr = NULL;
60 /* input and output queue */
64 /* Version of client */
67 /* portable attributes, etc. */
69 typedef struct Stat Stat;
78 errno_to_portable(int unixerrno)
90 ret = SSH2_FX_NO_SUCH_FILE;
95 ret = SSH2_FX_PERMISSION_DENIED;
99 ret = SSH2_FX_BAD_MESSAGE;
102 ret = SSH2_FX_FAILURE;
109 flags_from_portable(int pflags)
113 if ((pflags & SSH2_FXF_READ) &&
114 (pflags & SSH2_FXF_WRITE)) {
116 } else if (pflags & SSH2_FXF_READ) {
118 } else if (pflags & SSH2_FXF_WRITE) {
121 if (pflags & SSH2_FXF_CREAT)
123 if (pflags & SSH2_FXF_TRUNC)
125 if (pflags & SSH2_FXF_EXCL)
131 string_from_portable(int pflags)
133 static char ret[128];
137 #define PAPPEND(str) { \
139 strlcat(ret, ",", sizeof(ret)); \
140 strlcat(ret, str, sizeof(ret)); \
143 if (pflags & SSH2_FXF_READ)
145 if (pflags & SSH2_FXF_WRITE)
147 if (pflags & SSH2_FXF_CREAT)
149 if (pflags & SSH2_FXF_TRUNC)
151 if (pflags & SSH2_FXF_EXCL)
160 return decode_attrib(&iqueue);
165 typedef struct Handle Handle;
171 u_int64_t bytes_read, bytes_write;
181 Handle *handles = NULL;
182 u_int num_handles = 0;
183 int first_unused_handle = -1;
185 static void handle_unused(int i)
187 handles[i].use = HANDLE_UNUSED;
188 handles[i].next_unused = first_unused_handle;
189 first_unused_handle = i;
193 handle_new(int use, const char *name, int fd, DIR *dirp)
197 if (first_unused_handle == -1) {
198 if (num_handles + 1 <= num_handles)
201 handles = xrealloc(handles, num_handles, sizeof(Handle));
202 handle_unused(num_handles - 1);
205 i = first_unused_handle;
206 first_unused_handle = handles[i].next_unused;
208 handles[i].use = use;
209 handles[i].dirp = dirp;
211 handles[i].name = xstrdup(name);
212 handles[i].bytes_read = handles[i].bytes_write = 0;
218 handle_is_ok(int i, int type)
220 return i >= 0 && (u_int)i < num_handles && handles[i].use == type;
224 handle_to_string(int handle, char **stringp, int *hlenp)
226 if (stringp == NULL || hlenp == NULL)
228 *stringp = xmalloc(sizeof(int32_t));
229 put_u32(*stringp, handle);
230 *hlenp = sizeof(int32_t);
235 handle_from_string(const char *handle, u_int hlen)
239 if (hlen != sizeof(int32_t))
241 val = get_u32(handle);
242 if (handle_is_ok(val, HANDLE_FILE) ||
243 handle_is_ok(val, HANDLE_DIR))
249 handle_to_name(int handle)
251 if (handle_is_ok(handle, HANDLE_DIR)||
252 handle_is_ok(handle, HANDLE_FILE))
253 return handles[handle].name;
258 handle_to_dir(int handle)
260 if (handle_is_ok(handle, HANDLE_DIR))
261 return handles[handle].dirp;
266 handle_to_fd(int handle)
268 if (handle_is_ok(handle, HANDLE_FILE))
269 return handles[handle].fd;
274 handle_update_read(int handle, ssize_t bytes)
276 if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0)
277 handles[handle].bytes_read += bytes;
281 handle_update_write(int handle, ssize_t bytes)
283 if (handle_is_ok(handle, HANDLE_FILE) && bytes > 0)
284 handles[handle].bytes_write += bytes;
288 handle_bytes_read(int handle)
290 if (handle_is_ok(handle, HANDLE_FILE))
291 return (handles[handle].bytes_read);
296 handle_bytes_write(int handle)
298 if (handle_is_ok(handle, HANDLE_FILE))
299 return (handles[handle].bytes_write);
304 handle_close(int handle)
308 if (handle_is_ok(handle, HANDLE_FILE)) {
309 ret = close(handles[handle].fd);
310 xfree(handles[handle].name);
311 handle_unused(handle);
312 } else if (handle_is_ok(handle, HANDLE_DIR)) {
313 ret = closedir(handles[handle].dirp);
314 xfree(handles[handle].name);
315 handle_unused(handle);
323 handle_log_close(int handle, char *emsg)
325 if (handle_is_ok(handle, HANDLE_FILE)) {
326 logit("%s%sclose \"%s\" bytes read %llu written %llu",
327 emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
328 handle_to_name(handle),
329 (unsigned long long)handle_bytes_read(handle),
330 (unsigned long long)handle_bytes_write(handle));
332 logit("%s%sclosedir \"%s\"",
333 emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
334 handle_to_name(handle));
339 handle_log_exit(void)
343 for (i = 0; i < num_handles; i++)
344 if (handles[i].use != HANDLE_UNUSED)
345 handle_log_close(i, "forced");
355 handle = get_string(&hlen);
357 val = handle_from_string(handle, hlen);
367 int mlen = buffer_len(m);
369 buffer_put_int(&oqueue, mlen);
370 buffer_append(&oqueue, buffer_ptr(m), mlen);
371 buffer_consume(m, mlen);
375 status_to_message(u_int32_t status)
377 const char *status_messages[] = {
378 "Success", /* SSH_FX_OK */
379 "End of file", /* SSH_FX_EOF */
380 "No such file", /* SSH_FX_NO_SUCH_FILE */
381 "Permission denied", /* SSH_FX_PERMISSION_DENIED */
382 "Failure", /* SSH_FX_FAILURE */
383 "Bad message", /* SSH_FX_BAD_MESSAGE */
384 "No connection", /* SSH_FX_NO_CONNECTION */
385 "Connection lost", /* SSH_FX_CONNECTION_LOST */
386 "Operation unsupported", /* SSH_FX_OP_UNSUPPORTED */
387 "Unknown error" /* Others */
389 return (status_messages[MIN(status,SSH2_FX_MAX)]);
393 send_status(u_int32_t id, u_int32_t status)
397 debug3("request %u: sent status %u", id, status);
398 if (log_level > SYSLOG_LEVEL_VERBOSE ||
399 (status != SSH2_FX_OK && status != SSH2_FX_EOF))
400 logit("sent status %s", status_to_message(status));
402 buffer_put_char(&msg, SSH2_FXP_STATUS);
403 buffer_put_int(&msg, id);
404 buffer_put_int(&msg, status);
406 buffer_put_cstring(&msg, status_to_message(status));
407 buffer_put_cstring(&msg, "");
413 send_data_or_handle(char type, u_int32_t id, const char *data, int dlen)
418 buffer_put_char(&msg, type);
419 buffer_put_int(&msg, id);
420 buffer_put_string(&msg, data, dlen);
426 send_data(u_int32_t id, const char *data, int dlen)
428 debug("request %u: sent data len %d", id, dlen);
429 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
433 send_handle(u_int32_t id, int handle)
438 handle_to_string(handle, &string, &hlen);
439 debug("request %u: sent handle handle %d", id, handle);
440 send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
445 send_names(u_int32_t id, int count, const Stat *stats)
451 buffer_put_char(&msg, SSH2_FXP_NAME);
452 buffer_put_int(&msg, id);
453 buffer_put_int(&msg, count);
454 debug("request %u: sent names count %d", id, count);
455 for (i = 0; i < count; i++) {
456 buffer_put_cstring(&msg, stats[i].name);
457 buffer_put_cstring(&msg, stats[i].long_name);
458 encode_attrib(&msg, &stats[i].attrib);
465 send_attrib(u_int32_t id, const Attrib *a)
469 debug("request %u: sent attrib have 0x%x", id, a->flags);
471 buffer_put_char(&msg, SSH2_FXP_ATTRS);
472 buffer_put_int(&msg, id);
473 encode_attrib(&msg, a);
486 verbose("received client version %d", version);
488 buffer_put_char(&msg, SSH2_FXP_VERSION);
489 buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
490 /* POSIX rename extension */
491 buffer_put_cstring(&msg, "posix-rename@openssh.com");
492 buffer_put_cstring(&msg, "1"); /* version */
500 u_int32_t id, pflags;
503 int handle, fd, flags, mode, status = SSH2_FX_FAILURE;
506 name = get_string(NULL);
507 pflags = get_int(); /* portable flags */
508 debug3("request %u: open flags %d", id, pflags);
510 flags = flags_from_portable(pflags);
511 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
512 logit("open \"%s\" flags %s mode 0%o",
513 name, string_from_portable(pflags), mode);
514 fd = open(name, flags, mode);
516 status = errno_to_portable(errno);
518 handle = handle_new(HANDLE_FILE, name, fd, NULL);
522 send_handle(id, handle);
526 if (status != SSH2_FX_OK)
527 send_status(id, status);
535 int handle, ret, status = SSH2_FX_FAILURE;
538 handle = get_handle();
539 debug3("request %u: close handle %u", id, handle);
540 handle_log_close(handle, NULL);
541 ret = handle_close(handle);
542 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
543 send_status(id, status);
551 int handle, fd, ret, status = SSH2_FX_FAILURE;
555 handle = get_handle();
559 debug("request %u: read \"%s\" (handle %d) off %llu len %d",
560 id, handle_to_name(handle), handle, (unsigned long long)off, len);
561 if (len > sizeof buf) {
563 debug2("read change len %d", len);
565 fd = handle_to_fd(handle);
567 if (lseek(fd, off, SEEK_SET) < 0) {
568 error("process_read: seek failed");
569 status = errno_to_portable(errno);
571 ret = read(fd, buf, len);
573 status = errno_to_portable(errno);
574 } else if (ret == 0) {
575 status = SSH2_FX_EOF;
577 send_data(id, buf, ret);
579 handle_update_read(handle, ret);
583 if (status != SSH2_FX_OK)
584 send_status(id, status);
593 int handle, fd, ret, status = SSH2_FX_FAILURE;
597 handle = get_handle();
599 data = get_string(&len);
601 debug("request %u: write \"%s\" (handle %d) off %llu len %d",
602 id, handle_to_name(handle), handle, (unsigned long long)off, len);
603 fd = handle_to_fd(handle);
605 if (lseek(fd, off, SEEK_SET) < 0) {
606 status = errno_to_portable(errno);
607 error("process_write: seek failed");
610 ret = write(fd, data, len);
612 error("process_write: write failed");
613 status = errno_to_portable(errno);
614 } else if ((size_t)ret == len) {
616 handle_update_write(handle, ret);
618 debug2("nothing at all written");
622 send_status(id, status);
627 process_do_stat(int do_lstat)
633 int ret, status = SSH2_FX_FAILURE;
636 name = get_string(NULL);
637 debug3("request %u: %sstat", id, do_lstat ? "l" : "");
638 verbose("%sstat name \"%s\"", do_lstat ? "l" : "", name);
639 ret = do_lstat ? lstat(name, &st) : stat(name, &st);
641 status = errno_to_portable(errno);
643 stat_to_attrib(&st, &a);
647 if (status != SSH2_FX_OK)
648 send_status(id, status);
670 int fd, ret, handle, status = SSH2_FX_FAILURE;
673 handle = get_handle();
674 debug("request %u: fstat \"%s\" (handle %u)",
675 id, handle_to_name(handle), handle);
676 fd = handle_to_fd(handle);
678 ret = fstat(fd, &st);
680 status = errno_to_portable(errno);
682 stat_to_attrib(&st, &a);
687 if (status != SSH2_FX_OK)
688 send_status(id, status);
691 static struct timeval *
692 attrib_to_tv(const Attrib *a)
694 static struct timeval tv[2];
696 tv[0].tv_sec = a->atime;
698 tv[1].tv_sec = a->mtime;
704 process_setstat(void)
709 int status = SSH2_FX_OK, ret;
712 name = get_string(NULL);
714 debug("request %u: setstat name \"%s\"", id, name);
715 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
716 logit("set \"%s\" size %llu",
717 name, (unsigned long long)a->size);
718 ret = truncate(name, a->size);
720 status = errno_to_portable(errno);
722 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
723 logit("set \"%s\" mode %04o", name, a->perm);
724 ret = chmod(name, a->perm & 0777);
726 status = errno_to_portable(errno);
728 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
732 strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
734 logit("set \"%s\" modtime %s", name, buf);
735 ret = utimes(name, attrib_to_tv(a));
737 status = errno_to_portable(errno);
739 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
740 logit("set \"%s\" owner %lu group %lu", name,
741 (u_long)a->uid, (u_long)a->gid);
742 ret = chown(name, a->uid, a->gid);
744 status = errno_to_portable(errno);
746 send_status(id, status);
751 process_fsetstat(void)
756 int status = SSH2_FX_OK;
759 handle = get_handle();
761 debug("request %u: fsetstat handle %d", id, handle);
762 fd = handle_to_fd(handle);
764 status = SSH2_FX_FAILURE;
766 char *name = handle_to_name(handle);
768 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
769 logit("set \"%s\" size %llu",
770 name, (unsigned long long)a->size);
771 ret = ftruncate(fd, a->size);
773 status = errno_to_portable(errno);
775 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
776 logit("set \"%s\" mode %04o", name, a->perm);
778 ret = fchmod(fd, a->perm & 0777);
780 ret = chmod(name, a->perm & 0777);
783 status = errno_to_portable(errno);
785 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
789 strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
791 logit("set \"%s\" modtime %s", name, buf);
793 ret = futimes(fd, attrib_to_tv(a));
795 ret = utimes(name, attrib_to_tv(a));
798 status = errno_to_portable(errno);
800 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
801 logit("set \"%s\" owner %lu group %lu", name,
802 (u_long)a->uid, (u_long)a->gid);
804 ret = fchown(fd, a->uid, a->gid);
806 ret = chown(name, a->uid, a->gid);
809 status = errno_to_portable(errno);
812 send_status(id, status);
816 process_opendir(void)
820 int handle, status = SSH2_FX_FAILURE;
824 path = get_string(NULL);
825 debug3("request %u: opendir", id);
826 logit("opendir \"%s\"", path);
827 dirp = opendir(path);
829 status = errno_to_portable(errno);
831 handle = handle_new(HANDLE_DIR, path, 0, dirp);
835 send_handle(id, handle);
840 if (status != SSH2_FX_OK)
841 send_status(id, status);
846 process_readdir(void)
855 handle = get_handle();
856 debug("request %u: readdir \"%s\" (handle %d)", id,
857 handle_to_name(handle), handle);
858 dirp = handle_to_dir(handle);
859 path = handle_to_name(handle);
860 if (dirp == NULL || path == NULL) {
861 send_status(id, SSH2_FX_FAILURE);
864 char pathname[MAXPATHLEN];
866 int nstats = 10, count = 0, i;
868 stats = xcalloc(nstats, sizeof(Stat));
869 while ((dp = readdir(dirp)) != NULL) {
870 if (count >= nstats) {
872 stats = xrealloc(stats, nstats, sizeof(Stat));
875 snprintf(pathname, sizeof pathname, "%s%s%s", path,
876 strcmp(path, "/") ? "/" : "", dp->d_name);
877 if (lstat(pathname, &st) < 0)
879 stat_to_attrib(&st, &(stats[count].attrib));
880 stats[count].name = xstrdup(dp->d_name);
881 stats[count].long_name = ls_file(dp->d_name, &st, 0);
883 /* send up to 100 entries in one message */
884 /* XXX check packet size instead */
889 send_names(id, count, stats);
890 for (i = 0; i < count; i++) {
891 xfree(stats[i].name);
892 xfree(stats[i].long_name);
895 send_status(id, SSH2_FX_EOF);
906 int status = SSH2_FX_FAILURE;
910 name = get_string(NULL);
911 debug3("request %u: remove", id);
912 logit("remove name \"%s\"", name);
914 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
915 send_status(id, status);
925 int ret, mode, status = SSH2_FX_FAILURE;
928 name = get_string(NULL);
930 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
931 a->perm & 0777 : 0777;
932 debug3("request %u: mkdir", id);
933 logit("mkdir name \"%s\" mode 0%o", name, mode);
934 ret = mkdir(name, mode);
935 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
936 send_status(id, status);
948 name = get_string(NULL);
949 debug3("request %u: rmdir", id);
950 logit("rmdir name \"%s\"", name);
952 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
953 send_status(id, status);
958 process_realpath(void)
960 char resolvedname[MAXPATHLEN];
965 path = get_string(NULL);
966 if (path[0] == '\0') {
970 debug3("request %u: realpath", id);
971 verbose("realpath \"%s\"", path);
972 if (realpath(path, resolvedname) == NULL) {
973 send_status(id, errno_to_portable(errno));
976 attrib_clear(&s.attrib);
977 s.name = s.long_name = resolvedname;
978 send_names(id, 1, &s);
987 char *oldpath, *newpath;
992 oldpath = get_string(NULL);
993 newpath = get_string(NULL);
994 debug3("request %u: rename", id);
995 logit("rename old \"%s\" new \"%s\"", oldpath, newpath);
996 status = SSH2_FX_FAILURE;
997 if (lstat(oldpath, &sb) == -1)
998 status = errno_to_portable(errno);
999 else if (S_ISREG(sb.st_mode)) {
1000 /* Race-free rename of regular files */
1001 if (link(oldpath, newpath) == -1) {
1002 if (errno == EOPNOTSUPP
1003 #ifdef LINK_OPNOTSUPP_ERRNO
1004 || errno == LINK_OPNOTSUPP_ERRNO
1010 * fs doesn't support links, so fall back to
1011 * stat+rename. This is racy.
1013 if (stat(newpath, &st) == -1) {
1014 if (rename(oldpath, newpath) == -1)
1016 errno_to_portable(errno);
1018 status = SSH2_FX_OK;
1021 status = errno_to_portable(errno);
1023 } else if (unlink(oldpath) == -1) {
1024 status = errno_to_portable(errno);
1025 /* clean spare link */
1028 status = SSH2_FX_OK;
1029 } else if (stat(newpath, &sb) == -1) {
1030 if (rename(oldpath, newpath) == -1)
1031 status = errno_to_portable(errno);
1033 status = SSH2_FX_OK;
1035 send_status(id, status);
1041 process_readlink(void)
1045 char buf[MAXPATHLEN];
1049 path = get_string(NULL);
1050 debug3("request %u: readlink", id);
1051 verbose("readlink \"%s\"", path);
1052 if ((len = readlink(path, buf, sizeof(buf) - 1)) == -1)
1053 send_status(id, errno_to_portable(errno));
1058 attrib_clear(&s.attrib);
1059 s.name = s.long_name = buf;
1060 send_names(id, 1, &s);
1066 process_symlink(void)
1069 char *oldpath, *newpath;
1073 oldpath = get_string(NULL);
1074 newpath = get_string(NULL);
1075 debug3("request %u: symlink", id);
1076 logit("symlink old \"%s\" new \"%s\"", oldpath, newpath);
1077 /* this will fail if 'newpath' exists */
1078 ret = symlink(oldpath, newpath);
1079 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
1080 send_status(id, status);
1086 process_extended_posix_rename(u_int32_t id)
1088 char *oldpath, *newpath;
1090 oldpath = get_string(NULL);
1091 newpath = get_string(NULL);
1092 debug3("request %u: posix-rename", id);
1093 logit("posix-rename old \"%s\" new \"%s\"", oldpath, newpath);
1094 if (rename(oldpath, newpath) == -1)
1095 send_status(id, errno_to_portable(errno));
1097 send_status(id, SSH2_FX_OK);
1103 process_extended(void)
1109 request = get_string(NULL);
1110 if (strcmp(request, "posix-rename@openssh.com") == 0)
1111 process_extended_posix_rename(id);
1113 send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
1117 /* stolen from ssh-agent */
1128 buf_len = buffer_len(&iqueue);
1130 return; /* Incomplete message. */
1131 cp = buffer_ptr(&iqueue);
1132 msg_len = get_u32(cp);
1133 if (msg_len > SFTP_MAX_MSG_LENGTH) {
1134 error("bad message from %s local user %s",
1135 client_addr, pw->pw_name);
1136 sftp_server_cleanup_exit(11);
1138 if (buf_len < msg_len + 4)
1140 buffer_consume(&iqueue, 4);
1142 type = buffer_get_char(&iqueue);
1150 case SSH2_FXP_CLOSE:
1156 case SSH2_FXP_WRITE:
1159 case SSH2_FXP_LSTAT:
1162 case SSH2_FXP_FSTAT:
1165 case SSH2_FXP_SETSTAT:
1168 case SSH2_FXP_FSETSTAT:
1171 case SSH2_FXP_OPENDIR:
1174 case SSH2_FXP_READDIR:
1177 case SSH2_FXP_REMOVE:
1180 case SSH2_FXP_MKDIR:
1183 case SSH2_FXP_RMDIR:
1186 case SSH2_FXP_REALPATH:
1192 case SSH2_FXP_RENAME:
1195 case SSH2_FXP_READLINK:
1198 case SSH2_FXP_SYMLINK:
1201 case SSH2_FXP_EXTENDED:
1205 error("Unknown message %d", type);
1208 /* discard the remaining bytes from the current packet */
1209 if (buf_len < buffer_len(&iqueue)) {
1210 error("iqueue grew unexpectedly");
1211 sftp_server_cleanup_exit(255);
1213 consumed = buf_len - buffer_len(&iqueue);
1214 if (msg_len < consumed) {
1215 error("msg_len %d < consumed %d", msg_len, consumed);
1216 sftp_server_cleanup_exit(255);
1218 if (msg_len > consumed)
1219 buffer_consume(&iqueue, msg_len - consumed);
1222 /* Cleanup handler that logs active handles upon normal exit */
1224 sftp_server_cleanup_exit(int i)
1226 if (pw != NULL && client_addr != NULL) {
1228 logit("session closed for local user %s from [%s]",
1229 pw->pw_name, client_addr);
1235 sftp_server_usage(void)
1237 extern char *__progname;
1240 "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname);
1245 sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1247 fd_set *rset, *wset;
1248 int in, out, max, ch, skipargs = 0, log_stderr = 0;
1249 ssize_t len, olen, set_size;
1250 SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
1251 char *cp, buf[4*4096];
1253 extern char *optarg;
1254 extern char *__progname;
1256 __progname = ssh_get_progname(argv[0]);
1257 log_init(__progname, log_level, log_facility, log_stderr);
1259 while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
1263 * Ignore all arguments if we are invoked as a
1264 * shell using "sftp-server -c command"
1272 log_level = log_level_number(optarg);
1273 if (log_level == SYSLOG_LEVEL_NOT_SET)
1274 error("Invalid log level \"%s\"", optarg);
1277 log_facility = log_facility_number(optarg);
1278 if (log_facility == SYSLOG_FACILITY_NOT_SET)
1279 error("Invalid log facility \"%s\"", optarg);
1283 sftp_server_usage();
1287 log_init(__progname, log_level, log_facility, log_stderr);
1289 if ((cp = getenv("SSH_CONNECTION")) != NULL) {
1290 client_addr = xstrdup(cp);
1291 if ((cp = strchr(client_addr, ' ')) == NULL) {
1292 error("Malformed SSH_CONNECTION variable: \"%s\"",
1293 getenv("SSH_CONNECTION"));
1294 sftp_server_cleanup_exit(255);
1298 client_addr = xstrdup("UNKNOWN");
1300 pw = pwcopy(user_pw);
1302 logit("session opened for local user %s from [%s]",
1303 pw->pw_name, client_addr);
1305 in = dup(STDIN_FILENO);
1306 out = dup(STDOUT_FILENO);
1309 setmode(in, O_BINARY);
1310 setmode(out, O_BINARY);
1319 buffer_init(&iqueue);
1320 buffer_init(&oqueue);
1322 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
1323 rset = (fd_set *)xmalloc(set_size);
1324 wset = (fd_set *)xmalloc(set_size);
1327 memset(rset, 0, set_size);
1328 memset(wset, 0, set_size);
1331 * Ensure that we can read a full buffer and handle
1332 * the worst-case length packet it can generate,
1333 * otherwise apply backpressure by stopping reads.
1335 if (buffer_check_alloc(&iqueue, sizeof(buf)) &&
1336 buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
1339 olen = buffer_len(&oqueue);
1343 if (select(max+1, rset, wset, NULL, NULL) < 0) {
1346 error("select: %s", strerror(errno));
1347 sftp_server_cleanup_exit(2);
1350 /* copy stdin to iqueue */
1351 if (FD_ISSET(in, rset)) {
1352 len = read(in, buf, sizeof buf);
1355 sftp_server_cleanup_exit(0);
1356 } else if (len < 0) {
1357 error("read: %s", strerror(errno));
1358 sftp_server_cleanup_exit(1);
1360 buffer_append(&iqueue, buf, len);
1363 /* send oqueue to stdout */
1364 if (FD_ISSET(out, wset)) {
1365 len = write(out, buffer_ptr(&oqueue), olen);
1367 error("write: %s", strerror(errno));
1368 sftp_server_cleanup_exit(1);
1370 buffer_consume(&oqueue, len);
1375 * Process requests from client if we can fit the results
1376 * into the output buffer, otherwise stop processing input
1377 * and let the output queue drain.
1379 if (buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
andersk / gssapi-openssh.git / blob