2 * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 RCSID("$OpenBSD: sftp-server.c,v 1.41 2003/03/26 04:02:51 deraadt Exp $");
34 #include "sftp-common.h"
37 #define get_int64() buffer_get_int64(&iqueue);
38 #define get_int() buffer_get_int(&iqueue);
39 #define get_string(lenp) buffer_get_string(&iqueue, lenp);
42 #ifdef HAVE___PROGNAME
43 extern char *__progname;
48 /* input and output queue */
52 /* Version of client */
55 /* portable attibutes, etc. */
57 typedef struct Stat Stat;
66 errno_to_portable(int unixerrno)
78 ret = SSH2_FX_NO_SUCH_FILE;
83 ret = SSH2_FX_PERMISSION_DENIED;
87 ret = SSH2_FX_BAD_MESSAGE;
90 ret = SSH2_FX_FAILURE;
97 flags_from_portable(int pflags)
101 if ((pflags & SSH2_FXF_READ) &&
102 (pflags & SSH2_FXF_WRITE)) {
104 } else if (pflags & SSH2_FXF_READ) {
106 } else if (pflags & SSH2_FXF_WRITE) {
109 if (pflags & SSH2_FXF_CREAT)
111 if (pflags & SSH2_FXF_TRUNC)
113 if (pflags & SSH2_FXF_EXCL)
121 return decode_attrib(&iqueue);
126 typedef struct Handle Handle;
147 for (i = 0; i < sizeof(handles)/sizeof(Handle); i++)
148 handles[i].use = HANDLE_UNUSED;
152 handle_new(int use, char *name, int fd, DIR *dirp)
156 for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) {
157 if (handles[i].use == HANDLE_UNUSED) {
158 handles[i].use = use;
159 handles[i].dirp = dirp;
161 handles[i].name = xstrdup(name);
169 handle_is_ok(int i, int type)
171 return i >= 0 && i < sizeof(handles)/sizeof(Handle) &&
172 handles[i].use == type;
176 handle_to_string(int handle, char **stringp, int *hlenp)
178 if (stringp == NULL || hlenp == NULL)
180 *stringp = xmalloc(sizeof(int32_t));
181 PUT_32BIT(*stringp, handle);
182 *hlenp = sizeof(int32_t);
187 handle_from_string(char *handle, u_int hlen)
191 if (hlen != sizeof(int32_t))
193 val = GET_32BIT(handle);
194 if (handle_is_ok(val, HANDLE_FILE) ||
195 handle_is_ok(val, HANDLE_DIR))
201 handle_to_name(int handle)
203 if (handle_is_ok(handle, HANDLE_DIR)||
204 handle_is_ok(handle, HANDLE_FILE))
205 return handles[handle].name;
210 handle_to_dir(int handle)
212 if (handle_is_ok(handle, HANDLE_DIR))
213 return handles[handle].dirp;
218 handle_to_fd(int handle)
220 if (handle_is_ok(handle, HANDLE_FILE))
221 return handles[handle].fd;
226 handle_close(int handle)
230 if (handle_is_ok(handle, HANDLE_FILE)) {
231 ret = close(handles[handle].fd);
232 handles[handle].use = HANDLE_UNUSED;
233 xfree(handles[handle].name);
234 } else if (handle_is_ok(handle, HANDLE_DIR)) {
235 ret = closedir(handles[handle].dirp);
236 handles[handle].use = HANDLE_UNUSED;
237 xfree(handles[handle].name);
251 handle = get_string(&hlen);
253 val = handle_from_string(handle, hlen);
263 int mlen = buffer_len(m);
265 buffer_put_int(&oqueue, mlen);
266 buffer_append(&oqueue, buffer_ptr(m), mlen);
267 buffer_consume(m, mlen);
271 send_status(u_int32_t id, u_int32_t error)
274 const char *status_messages[] = {
275 "Success", /* SSH_FX_OK */
276 "End of file", /* SSH_FX_EOF */
277 "No such file", /* SSH_FX_NO_SUCH_FILE */
278 "Permission denied", /* SSH_FX_PERMISSION_DENIED */
279 "Failure", /* SSH_FX_FAILURE */
280 "Bad message", /* SSH_FX_BAD_MESSAGE */
281 "No connection", /* SSH_FX_NO_CONNECTION */
282 "Connection lost", /* SSH_FX_CONNECTION_LOST */
283 "Operation unsupported", /* SSH_FX_OP_UNSUPPORTED */
284 "Unknown error" /* Others */
287 TRACE("sent status id %u error %u", id, error);
289 buffer_put_char(&msg, SSH2_FXP_STATUS);
290 buffer_put_int(&msg, id);
291 buffer_put_int(&msg, error);
293 buffer_put_cstring(&msg,
294 status_messages[MIN(error,SSH2_FX_MAX)]);
295 buffer_put_cstring(&msg, "");
301 send_data_or_handle(char type, u_int32_t id, char *data, int dlen)
306 buffer_put_char(&msg, type);
307 buffer_put_int(&msg, id);
308 buffer_put_string(&msg, data, dlen);
314 send_data(u_int32_t id, char *data, int dlen)
316 TRACE("sent data id %u len %d", id, dlen);
317 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
321 send_handle(u_int32_t id, int handle)
326 handle_to_string(handle, &string, &hlen);
327 TRACE("sent handle id %u handle %d", id, handle);
328 send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
333 send_names(u_int32_t id, int count, Stat *stats)
339 buffer_put_char(&msg, SSH2_FXP_NAME);
340 buffer_put_int(&msg, id);
341 buffer_put_int(&msg, count);
342 TRACE("sent names id %u count %d", id, count);
343 for (i = 0; i < count; i++) {
344 buffer_put_cstring(&msg, stats[i].name);
345 buffer_put_cstring(&msg, stats[i].long_name);
346 encode_attrib(&msg, &stats[i].attrib);
353 send_attrib(u_int32_t id, Attrib *a)
357 TRACE("sent attrib id %u have 0x%x", id, a->flags);
359 buffer_put_char(&msg, SSH2_FXP_ATTRS);
360 buffer_put_int(&msg, id);
361 encode_attrib(&msg, a);
374 TRACE("client version %d", version);
376 buffer_put_char(&msg, SSH2_FXP_VERSION);
377 buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
385 u_int32_t id, pflags;
388 int handle, fd, flags, mode, status = SSH2_FX_FAILURE;
391 name = get_string(NULL);
392 pflags = get_int(); /* portable flags */
394 flags = flags_from_portable(pflags);
395 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
396 TRACE("open id %u name %s flags %d mode 0%o", id, name, pflags, mode);
397 fd = open(name, flags, mode);
399 status = errno_to_portable(errno);
401 handle = handle_new(HANDLE_FILE, name, fd, NULL);
405 send_handle(id, handle);
409 if (status != SSH2_FX_OK)
410 send_status(id, status);
418 int handle, ret, status = SSH2_FX_FAILURE;
421 handle = get_handle();
422 TRACE("close id %u handle %d", id, handle);
423 ret = handle_close(handle);
424 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
425 send_status(id, status);
433 int handle, fd, ret, status = SSH2_FX_FAILURE;
437 handle = get_handle();
441 TRACE("read id %u handle %d off %llu len %d", id, handle,
442 (u_int64_t)off, len);
443 if (len > sizeof buf) {
445 logit("read change len %d", len);
447 fd = handle_to_fd(handle);
449 if (lseek(fd, off, SEEK_SET) < 0) {
450 error("process_read: seek failed");
451 status = errno_to_portable(errno);
453 ret = read(fd, buf, len);
455 status = errno_to_portable(errno);
456 } else if (ret == 0) {
457 status = SSH2_FX_EOF;
459 send_data(id, buf, ret);
464 if (status != SSH2_FX_OK)
465 send_status(id, status);
474 int handle, fd, ret, status = SSH2_FX_FAILURE;
478 handle = get_handle();
480 data = get_string(&len);
482 TRACE("write id %u handle %d off %llu len %d", id, handle,
483 (u_int64_t)off, len);
484 fd = handle_to_fd(handle);
486 if (lseek(fd, off, SEEK_SET) < 0) {
487 status = errno_to_portable(errno);
488 error("process_write: seek failed");
491 ret = write(fd, data, len);
493 error("process_write: write failed");
494 status = errno_to_portable(errno);
495 } else if (ret == len) {
498 logit("nothing at all written");
502 send_status(id, status);
507 process_do_stat(int do_lstat)
513 int ret, status = SSH2_FX_FAILURE;
516 name = get_string(NULL);
517 TRACE("%sstat id %u name %s", do_lstat ? "l" : "", id, name);
518 ret = do_lstat ? lstat(name, &st) : stat(name, &st);
520 status = errno_to_portable(errno);
522 stat_to_attrib(&st, &a);
526 if (status != SSH2_FX_OK)
527 send_status(id, status);
549 int fd, ret, handle, status = SSH2_FX_FAILURE;
552 handle = get_handle();
553 TRACE("fstat id %u handle %d", id, handle);
554 fd = handle_to_fd(handle);
556 ret = fstat(fd, &st);
558 status = errno_to_portable(errno);
560 stat_to_attrib(&st, &a);
565 if (status != SSH2_FX_OK)
566 send_status(id, status);
569 static struct timeval *
570 attrib_to_tv(Attrib *a)
572 static struct timeval tv[2];
574 tv[0].tv_sec = a->atime;
576 tv[1].tv_sec = a->mtime;
582 process_setstat(void)
587 int status = SSH2_FX_OK, ret;
590 name = get_string(NULL);
592 TRACE("setstat id %u name %s", id, name);
593 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
594 ret = truncate(name, a->size);
596 status = errno_to_portable(errno);
598 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
599 ret = chmod(name, a->perm & 0777);
601 status = errno_to_portable(errno);
603 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
604 ret = utimes(name, attrib_to_tv(a));
606 status = errno_to_portable(errno);
608 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
609 ret = chown(name, a->uid, a->gid);
611 status = errno_to_portable(errno);
613 send_status(id, status);
618 process_fsetstat(void)
623 int status = SSH2_FX_OK;
627 handle = get_handle();
629 TRACE("fsetstat id %u handle %d", id, handle);
630 fd = handle_to_fd(handle);
631 name = handle_to_name(handle);
632 if (fd < 0 || name == NULL) {
633 status = SSH2_FX_FAILURE;
635 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
636 ret = ftruncate(fd, a->size);
638 status = errno_to_portable(errno);
640 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
642 ret = fchmod(fd, a->perm & 0777);
644 ret = chmod(name, a->perm & 0777);
647 status = errno_to_portable(errno);
649 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
651 ret = futimes(fd, attrib_to_tv(a));
653 ret = utimes(name, attrib_to_tv(a));
656 status = errno_to_portable(errno);
658 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
660 ret = fchown(fd, a->uid, a->gid);
662 ret = chown(name, a->uid, a->gid);
665 status = errno_to_portable(errno);
668 send_status(id, status);
672 process_opendir(void)
676 int handle, status = SSH2_FX_FAILURE;
680 path = get_string(NULL);
681 TRACE("opendir id %u path %s", id, path);
682 dirp = opendir(path);
684 status = errno_to_portable(errno);
686 handle = handle_new(HANDLE_DIR, path, 0, dirp);
690 send_handle(id, handle);
695 if (status != SSH2_FX_OK)
696 send_status(id, status);
701 process_readdir(void)
710 handle = get_handle();
711 TRACE("readdir id %u handle %d", id, handle);
712 dirp = handle_to_dir(handle);
713 path = handle_to_name(handle);
714 if (dirp == NULL || path == NULL) {
715 send_status(id, SSH2_FX_FAILURE);
720 int nstats = 10, count = 0, i;
722 stats = xmalloc(nstats * sizeof(Stat));
723 while ((dp = readdir(dirp)) != NULL) {
724 if (count >= nstats) {
726 stats = xrealloc(stats, nstats * sizeof(Stat));
729 snprintf(pathname, sizeof pathname, "%s%s%s", path,
730 strcmp(path, "/") ? "/" : "", dp->d_name);
731 if (lstat(pathname, &st) < 0)
733 stat_to_attrib(&st, &(stats[count].attrib));
734 stats[count].name = xstrdup(dp->d_name);
735 stats[count].long_name = ls_file(dp->d_name, &st, 0);
737 /* send up to 100 entries in one message */
738 /* XXX check packet size instead */
743 send_names(id, count, stats);
744 for (i = 0; i < count; i++) {
745 xfree(stats[i].name);
746 xfree(stats[i].long_name);
749 send_status(id, SSH2_FX_EOF);
760 int status = SSH2_FX_FAILURE;
764 name = get_string(NULL);
765 TRACE("remove id %u name %s", id, name);
767 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
768 send_status(id, status);
778 int ret, mode, status = SSH2_FX_FAILURE;
781 name = get_string(NULL);
783 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
784 a->perm & 0777 : 0777;
785 TRACE("mkdir id %u name %s mode 0%o", id, name, mode);
786 ret = mkdir(name, mode);
787 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
788 send_status(id, status);
800 name = get_string(NULL);
801 TRACE("rmdir id %u name %s", id, name);
803 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
804 send_status(id, status);
809 process_realpath(void)
811 char resolvedname[MAXPATHLEN];
816 path = get_string(NULL);
817 if (path[0] == '\0') {
821 TRACE("realpath id %u path %s", id, path);
822 if (realpath(path, resolvedname) == NULL) {
823 send_status(id, errno_to_portable(errno));
826 attrib_clear(&s.attrib);
827 s.name = s.long_name = resolvedname;
828 send_names(id, 1, &s);
837 char *oldpath, *newpath;
842 oldpath = get_string(NULL);
843 newpath = get_string(NULL);
844 TRACE("rename id %u old %s new %s", id, oldpath, newpath);
845 status = SSH2_FX_FAILURE;
846 if (lstat(oldpath, &sb) == -1)
847 status = errno_to_portable(errno);
848 else if (S_ISREG(sb.st_mode)) {
849 /* Race-free rename of regular files */
850 if (link(oldpath, newpath) == -1)
851 status = errno_to_portable(errno);
852 else if (unlink(oldpath) == -1) {
853 status = errno_to_portable(errno);
854 /* clean spare link */
858 } else if (stat(newpath, &sb) == -1) {
859 if (rename(oldpath, newpath) == -1)
860 status = errno_to_portable(errno);
864 send_status(id, status);
870 process_readlink(void)
874 char link[MAXPATHLEN];
878 path = get_string(NULL);
879 TRACE("readlink id %u path %s", id, path);
880 if ((len = readlink(path, link, sizeof(link) - 1)) == -1)
881 send_status(id, errno_to_portable(errno));
886 attrib_clear(&s.attrib);
887 s.name = s.long_name = link;
888 send_names(id, 1, &s);
894 process_symlink(void)
897 char *oldpath, *newpath;
901 oldpath = get_string(NULL);
902 newpath = get_string(NULL);
903 TRACE("symlink id %u old %s new %s", id, oldpath, newpath);
904 /* this will fail if 'newpath' exists */
905 ret = symlink(oldpath, newpath);
906 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
907 send_status(id, status);
913 process_extended(void)
919 request = get_string(NULL);
920 send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
924 /* stolen from ssh-agent */
935 buf_len = buffer_len(&iqueue);
937 return; /* Incomplete message. */
938 cp = buffer_ptr(&iqueue);
939 msg_len = GET_32BIT(cp);
940 if (msg_len > 256 * 1024) {
941 error("bad message ");
944 if (buf_len < msg_len + 4)
946 buffer_consume(&iqueue, 4);
948 type = buffer_get_char(&iqueue);
971 case SSH2_FXP_SETSTAT:
974 case SSH2_FXP_FSETSTAT:
977 case SSH2_FXP_OPENDIR:
980 case SSH2_FXP_READDIR:
983 case SSH2_FXP_REMOVE:
992 case SSH2_FXP_REALPATH:
998 case SSH2_FXP_RENAME:
1001 case SSH2_FXP_READLINK:
1004 case SSH2_FXP_SYMLINK:
1007 case SSH2_FXP_EXTENDED:
1011 error("Unknown message %d", type);
1014 /* discard the remaining bytes from the current packet */
1015 if (buf_len < buffer_len(&iqueue))
1016 fatal("iqueue grows");
1017 consumed = buf_len - buffer_len(&iqueue);
1018 if (msg_len < consumed)
1019 fatal("msg_len %d < consumed %d", msg_len, consumed);
1020 if (msg_len > consumed)
1021 buffer_consume(&iqueue, msg_len - consumed);
1025 main(int ac, char **av)
1027 fd_set *rset, *wset;
1029 ssize_t len, olen, set_size;
1031 /* XXX should use getopt */
1033 __progname = get_progname(av[0]);
1036 #ifdef DEBUG_SFTP_SERVER
1037 log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
1040 in = dup(STDIN_FILENO);
1041 out = dup(STDOUT_FILENO);
1044 setmode(in, O_BINARY);
1045 setmode(out, O_BINARY);
1054 buffer_init(&iqueue);
1055 buffer_init(&oqueue);
1057 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
1058 rset = (fd_set *)xmalloc(set_size);
1059 wset = (fd_set *)xmalloc(set_size);
1062 memset(rset, 0, set_size);
1063 memset(wset, 0, set_size);
1066 olen = buffer_len(&oqueue);
1070 if (select(max+1, rset, wset, NULL, NULL) < 0) {
1076 /* copy stdin to iqueue */
1077 if (FD_ISSET(in, rset)) {
1079 len = read(in, buf, sizeof buf);
1083 } else if (len < 0) {
1084 error("read error");
1087 buffer_append(&iqueue, buf, len);
1090 /* send oqueue to stdout */
1091 if (FD_ISSET(out, wset)) {
1092 len = write(out, buffer_ptr(&oqueue), olen);
1094 error("write error");
1097 buffer_consume(&oqueue, len);
1100 /* process requests from client */