2 * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 RCSID("$OpenBSD: sftp-server.c,v 1.33 2002/02/13 00:28:13 markus Exp $");
34 #include "sftp-common.h"
37 #define get_int64() buffer_get_int64(&iqueue);
38 #define get_int() buffer_get_int(&iqueue);
39 #define get_string(lenp) buffer_get_string(&iqueue, lenp);
42 #ifdef HAVE___PROGNAME
43 extern char *__progname;
48 /* input and output queue */
52 /* Version of client */
55 /* portable attibutes, etc. */
57 typedef struct Stat Stat;
66 errno_to_portable(int unixerrno)
78 ret = SSH2_FX_NO_SUCH_FILE;
83 ret = SSH2_FX_PERMISSION_DENIED;
87 ret = SSH2_FX_BAD_MESSAGE;
90 ret = SSH2_FX_FAILURE;
97 flags_from_portable(int pflags)
101 if ((pflags & SSH2_FXF_READ) &&
102 (pflags & SSH2_FXF_WRITE)) {
104 } else if (pflags & SSH2_FXF_READ) {
106 } else if (pflags & SSH2_FXF_WRITE) {
109 if (pflags & SSH2_FXF_CREAT)
111 if (pflags & SSH2_FXF_TRUNC)
113 if (pflags & SSH2_FXF_EXCL)
121 return decode_attrib(&iqueue);
126 typedef struct Handle Handle;
147 for (i = 0; i < sizeof(handles)/sizeof(Handle); i++)
148 handles[i].use = HANDLE_UNUSED;
152 handle_new(int use, char *name, int fd, DIR *dirp)
156 for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) {
157 if (handles[i].use == HANDLE_UNUSED) {
158 handles[i].use = use;
159 handles[i].dirp = dirp;
161 handles[i].name = name;
169 handle_is_ok(int i, int type)
171 return i >= 0 && i < sizeof(handles)/sizeof(Handle) &&
172 handles[i].use == type;
176 handle_to_string(int handle, char **stringp, int *hlenp)
178 if (stringp == NULL || hlenp == NULL)
180 *stringp = xmalloc(sizeof(int32_t));
181 PUT_32BIT(*stringp, handle);
182 *hlenp = sizeof(int32_t);
187 handle_from_string(char *handle, u_int hlen)
191 if (hlen != sizeof(int32_t))
193 val = GET_32BIT(handle);
194 if (handle_is_ok(val, HANDLE_FILE) ||
195 handle_is_ok(val, HANDLE_DIR))
201 handle_to_name(int handle)
203 if (handle_is_ok(handle, HANDLE_DIR)||
204 handle_is_ok(handle, HANDLE_FILE))
205 return handles[handle].name;
210 handle_to_dir(int handle)
212 if (handle_is_ok(handle, HANDLE_DIR))
213 return handles[handle].dirp;
218 handle_to_fd(int handle)
220 if (handle_is_ok(handle, HANDLE_FILE))
221 return handles[handle].fd;
226 handle_close(int handle)
230 if (handle_is_ok(handle, HANDLE_FILE)) {
231 ret = close(handles[handle].fd);
232 handles[handle].use = HANDLE_UNUSED;
233 } else if (handle_is_ok(handle, HANDLE_DIR)) {
234 ret = closedir(handles[handle].dirp);
235 handles[handle].use = HANDLE_UNUSED;
249 handle = get_string(&hlen);
251 val = handle_from_string(handle, hlen);
261 int mlen = buffer_len(m);
263 buffer_put_int(&oqueue, mlen);
264 buffer_append(&oqueue, buffer_ptr(m), mlen);
265 buffer_consume(m, mlen);
269 send_status(u_int32_t id, u_int32_t error)
272 const char *status_messages[] = {
273 "Success", /* SSH_FX_OK */
274 "End of file", /* SSH_FX_EOF */
275 "No such file", /* SSH_FX_NO_SUCH_FILE */
276 "Permission denied", /* SSH_FX_PERMISSION_DENIED */
277 "Failure", /* SSH_FX_FAILURE */
278 "Bad message", /* SSH_FX_BAD_MESSAGE */
279 "No connection", /* SSH_FX_NO_CONNECTION */
280 "Connection lost", /* SSH_FX_CONNECTION_LOST */
281 "Operation unsupported", /* SSH_FX_OP_UNSUPPORTED */
282 "Unknown error" /* Others */
285 TRACE("sent status id %d error %d", id, error);
287 buffer_put_char(&msg, SSH2_FXP_STATUS);
288 buffer_put_int(&msg, id);
289 buffer_put_int(&msg, error);
291 buffer_put_cstring(&msg,
292 status_messages[MIN(error,SSH2_FX_MAX)]);
293 buffer_put_cstring(&msg, "");
299 send_data_or_handle(char type, u_int32_t id, char *data, int dlen)
304 buffer_put_char(&msg, type);
305 buffer_put_int(&msg, id);
306 buffer_put_string(&msg, data, dlen);
312 send_data(u_int32_t id, char *data, int dlen)
314 TRACE("sent data id %d len %d", id, dlen);
315 send_data_or_handle(SSH2_FXP_DATA, id, data, dlen);
319 send_handle(u_int32_t id, int handle)
324 handle_to_string(handle, &string, &hlen);
325 TRACE("sent handle id %d handle %d", id, handle);
326 send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
331 send_names(u_int32_t id, int count, Stat *stats)
337 buffer_put_char(&msg, SSH2_FXP_NAME);
338 buffer_put_int(&msg, id);
339 buffer_put_int(&msg, count);
340 TRACE("sent names id %d count %d", id, count);
341 for (i = 0; i < count; i++) {
342 buffer_put_cstring(&msg, stats[i].name);
343 buffer_put_cstring(&msg, stats[i].long_name);
344 encode_attrib(&msg, &stats[i].attrib);
351 send_attrib(u_int32_t id, Attrib *a)
355 TRACE("sent attrib id %d have 0x%x", id, a->flags);
357 buffer_put_char(&msg, SSH2_FXP_ATTRS);
358 buffer_put_int(&msg, id);
359 encode_attrib(&msg, a);
371 version = buffer_get_int(&iqueue);
372 TRACE("client version %d", version);
374 buffer_put_char(&msg, SSH2_FXP_VERSION);
375 buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
383 u_int32_t id, pflags;
386 int handle, fd, flags, mode, status = SSH2_FX_FAILURE;
389 name = get_string(NULL);
390 pflags = get_int(); /* portable flags */
392 flags = flags_from_portable(pflags);
393 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
394 TRACE("open id %d name %s flags %d mode 0%o", id, name, pflags, mode);
395 fd = open(name, flags, mode);
397 status = errno_to_portable(errno);
399 handle = handle_new(HANDLE_FILE, xstrdup(name), fd, NULL);
403 send_handle(id, handle);
407 if (status != SSH2_FX_OK)
408 send_status(id, status);
416 int handle, ret, status = SSH2_FX_FAILURE;
419 handle = get_handle();
420 TRACE("close id %d handle %d", id, handle);
421 ret = handle_close(handle);
422 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
423 send_status(id, status);
431 int handle, fd, ret, status = SSH2_FX_FAILURE;
435 handle = get_handle();
439 TRACE("read id %d handle %d off %llu len %d", id, handle,
440 (u_int64_t)off, len);
441 if (len > sizeof buf) {
443 log("read change len %d", len);
445 fd = handle_to_fd(handle);
447 if (lseek(fd, off, SEEK_SET) < 0) {
448 error("process_read: seek failed");
449 status = errno_to_portable(errno);
451 ret = read(fd, buf, len);
453 status = errno_to_portable(errno);
454 } else if (ret == 0) {
455 status = SSH2_FX_EOF;
457 send_data(id, buf, ret);
462 if (status != SSH2_FX_OK)
463 send_status(id, status);
472 int handle, fd, ret, status = SSH2_FX_FAILURE;
476 handle = get_handle();
478 data = get_string(&len);
480 TRACE("write id %d handle %d off %llu len %d", id, handle,
481 (u_int64_t)off, len);
482 fd = handle_to_fd(handle);
484 if (lseek(fd, off, SEEK_SET) < 0) {
485 status = errno_to_portable(errno);
486 error("process_write: seek failed");
489 ret = write(fd, data, len);
491 error("process_write: write failed");
492 status = errno_to_portable(errno);
493 } else if (ret == len) {
496 log("nothing at all written");
500 send_status(id, status);
505 process_do_stat(int do_lstat)
511 int ret, status = SSH2_FX_FAILURE;
514 name = get_string(NULL);
515 TRACE("%sstat id %d name %s", do_lstat ? "l" : "", id, name);
516 ret = do_lstat ? lstat(name, &st) : stat(name, &st);
518 status = errno_to_portable(errno);
520 stat_to_attrib(&st, &a);
524 if (status != SSH2_FX_OK)
525 send_status(id, status);
547 int fd, ret, handle, status = SSH2_FX_FAILURE;
550 handle = get_handle();
551 TRACE("fstat id %d handle %d", id, handle);
552 fd = handle_to_fd(handle);
554 ret = fstat(fd, &st);
556 status = errno_to_portable(errno);
558 stat_to_attrib(&st, &a);
563 if (status != SSH2_FX_OK)
564 send_status(id, status);
567 static struct timeval *
568 attrib_to_tv(Attrib *a)
570 static struct timeval tv[2];
572 tv[0].tv_sec = a->atime;
574 tv[1].tv_sec = a->mtime;
580 process_setstat(void)
586 int status = SSH2_FX_OK;
589 name = get_string(NULL);
591 TRACE("setstat id %d name %s", id, name);
592 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
593 ret = truncate(name, a->size);
595 status = errno_to_portable(errno);
597 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
598 ret = chmod(name, a->perm & 0777);
600 status = errno_to_portable(errno);
602 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
603 ret = utimes(name, attrib_to_tv(a));
605 status = errno_to_portable(errno);
607 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
608 ret = chown(name, a->uid, a->gid);
610 status = errno_to_portable(errno);
612 send_status(id, status);
617 process_fsetstat(void)
622 int status = SSH2_FX_OK;
626 handle = get_handle();
628 TRACE("fsetstat id %d handle %d", id, handle);
629 fd = handle_to_fd(handle);
630 name = handle_to_name(handle);
631 if (fd < 0 || name == NULL) {
632 status = SSH2_FX_FAILURE;
634 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
635 ret = ftruncate(fd, a->size);
637 status = errno_to_portable(errno);
639 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
641 ret = fchmod(fd, a->perm & 0777);
643 ret = chmod(name, a->perm & 0777);
646 status = errno_to_portable(errno);
648 if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
650 ret = futimes(fd, attrib_to_tv(a));
652 ret = utimes(name, attrib_to_tv(a));
655 status = errno_to_portable(errno);
657 if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
659 ret = fchown(fd, a->uid, a->gid);
661 ret = chown(name, a->uid, a->gid);
664 status = errno_to_portable(errno);
667 send_status(id, status);
671 process_opendir(void)
675 int handle, status = SSH2_FX_FAILURE;
679 path = get_string(NULL);
680 TRACE("opendir id %d path %s", id, path);
681 dirp = opendir(path);
683 status = errno_to_portable(errno);
685 handle = handle_new(HANDLE_DIR, xstrdup(path), 0, dirp);
689 send_handle(id, handle);
694 if (status != SSH2_FX_OK)
695 send_status(id, status);
700 * drwxr-xr-x 5 markus markus 1024 Jan 13 18:39 .ssh
703 ls_file(char *name, struct stat *st)
705 int ulen, glen, sz = 0;
708 struct tm *ltime = localtime(&st->st_mtime);
710 char buf[1024], mode[11+1], tbuf[12+1], ubuf[11+1], gbuf[11+1];
712 strmode(st->st_mode, mode);
713 if ((pw = getpwuid(st->st_uid)) != NULL) {
716 snprintf(ubuf, sizeof ubuf, "%d", st->st_uid);
719 if ((gr = getgrgid(st->st_gid)) != NULL) {
722 snprintf(gbuf, sizeof gbuf, "%d", st->st_gid);
726 if (time(NULL) - st->st_mtime < (365*24*60*60)/2)
727 sz = strftime(tbuf, sizeof tbuf, "%b %e %H:%M", ltime);
729 sz = strftime(tbuf, sizeof tbuf, "%b %e %Y", ltime);
733 ulen = MAX(strlen(user), 8);
734 glen = MAX(strlen(group), 8);
735 snprintf(buf, sizeof buf, "%s %3d %-*s %-*s %8llu %s %s", mode,
736 st->st_nlink, ulen, user, glen, group,
737 (u_int64_t)st->st_size, tbuf, name);
742 process_readdir(void)
751 handle = get_handle();
752 TRACE("readdir id %d handle %d", id, handle);
753 dirp = handle_to_dir(handle);
754 path = handle_to_name(handle);
755 if (dirp == NULL || path == NULL) {
756 send_status(id, SSH2_FX_FAILURE);
761 int nstats = 10, count = 0, i;
762 stats = xmalloc(nstats * sizeof(Stat));
763 while ((dp = readdir(dirp)) != NULL) {
764 if (count >= nstats) {
766 stats = xrealloc(stats, nstats * sizeof(Stat));
769 snprintf(pathname, sizeof pathname, "%s%s%s", path,
770 strcmp(path, "/") ? "/" : "", dp->d_name);
771 if (lstat(pathname, &st) < 0)
773 stat_to_attrib(&st, &(stats[count].attrib));
774 stats[count].name = xstrdup(dp->d_name);
775 stats[count].long_name = ls_file(dp->d_name, &st);
777 /* send up to 100 entries in one message */
778 /* XXX check packet size instead */
783 send_names(id, count, stats);
784 for (i = 0; i < count; i++) {
785 xfree(stats[i].name);
786 xfree(stats[i].long_name);
789 send_status(id, SSH2_FX_EOF);
800 int status = SSH2_FX_FAILURE;
804 name = get_string(NULL);
805 TRACE("remove id %d name %s", id, name);
807 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
808 send_status(id, status);
818 int ret, mode, status = SSH2_FX_FAILURE;
821 name = get_string(NULL);
823 mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
824 a->perm & 0777 : 0777;
825 TRACE("mkdir id %d name %s mode 0%o", id, name, mode);
826 ret = mkdir(name, mode);
827 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
828 send_status(id, status);
840 name = get_string(NULL);
841 TRACE("rmdir id %d name %s", id, name);
843 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
844 send_status(id, status);
849 process_realpath(void)
851 char resolvedname[MAXPATHLEN];
856 path = get_string(NULL);
857 if (path[0] == '\0') {
861 TRACE("realpath id %d path %s", id, path);
862 if (realpath(path, resolvedname) == NULL) {
863 send_status(id, errno_to_portable(errno));
866 attrib_clear(&s.attrib);
867 s.name = s.long_name = resolvedname;
868 send_names(id, 1, &s);
878 char *oldpath, *newpath;
879 int ret, status = SSH2_FX_FAILURE;
882 oldpath = get_string(NULL);
883 newpath = get_string(NULL);
884 TRACE("rename id %d old %s new %s", id, oldpath, newpath);
885 /* fail if 'newpath' exists */
886 if (stat(newpath, &st) == -1) {
887 ret = rename(oldpath, newpath);
888 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
890 send_status(id, status);
896 process_readlink(void)
900 char link[MAXPATHLEN];
904 path = get_string(NULL);
905 TRACE("readlink id %d path %s", id, path);
906 if ((len = readlink(path, link, sizeof(link) - 1)) == -1)
907 send_status(id, errno_to_portable(errno));
912 attrib_clear(&s.attrib);
913 s.name = s.long_name = link;
914 send_names(id, 1, &s);
920 process_symlink(void)
924 char *oldpath, *newpath;
925 int ret, status = SSH2_FX_FAILURE;
928 oldpath = get_string(NULL);
929 newpath = get_string(NULL);
930 TRACE("symlink id %d old %s new %s", id, oldpath, newpath);
931 /* fail if 'newpath' exists */
932 if (stat(newpath, &st) == -1) {
933 ret = symlink(oldpath, newpath);
934 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
936 send_status(id, status);
942 process_extended(void)
948 request = get_string(NULL);
949 send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
953 /* stolen from ssh-agent */
962 if (buffer_len(&iqueue) < 5)
963 return; /* Incomplete message. */
964 cp = buffer_ptr(&iqueue);
965 msg_len = GET_32BIT(cp);
966 if (msg_len > 256 * 1024) {
967 error("bad message ");
970 if (buffer_len(&iqueue) < msg_len + 4)
972 buffer_consume(&iqueue, 4);
973 type = buffer_get_char(&iqueue);
996 case SSH2_FXP_SETSTAT:
999 case SSH2_FXP_FSETSTAT:
1002 case SSH2_FXP_OPENDIR:
1005 case SSH2_FXP_READDIR:
1008 case SSH2_FXP_REMOVE:
1011 case SSH2_FXP_MKDIR:
1014 case SSH2_FXP_RMDIR:
1017 case SSH2_FXP_REALPATH:
1023 case SSH2_FXP_RENAME:
1026 case SSH2_FXP_READLINK:
1029 case SSH2_FXP_SYMLINK:
1032 case SSH2_FXP_EXTENDED:
1036 error("Unknown message %d", type);
1042 main(int ac, char **av)
1044 fd_set *rset, *wset;
1046 ssize_t len, olen, set_size;
1048 /* XXX should use getopt */
1050 __progname = get_progname(av[0]);
1053 #ifdef DEBUG_SFTP_SERVER
1054 log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
1057 in = dup(STDIN_FILENO);
1058 out = dup(STDOUT_FILENO);
1061 setmode(in, O_BINARY);
1062 setmode(out, O_BINARY);
1071 buffer_init(&iqueue);
1072 buffer_init(&oqueue);
1074 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
1075 rset = (fd_set *)xmalloc(set_size);
1076 wset = (fd_set *)xmalloc(set_size);
1079 memset(rset, 0, set_size);
1080 memset(wset, 0, set_size);
1083 olen = buffer_len(&oqueue);
1087 if (select(max+1, rset, wset, NULL, NULL) < 0) {
1093 /* copy stdin to iqueue */
1094 if (FD_ISSET(in, rset)) {
1096 len = read(in, buf, sizeof buf);
1100 } else if (len < 0) {
1101 error("read error");
1104 buffer_append(&iqueue, buf, len);
1107 /* send oqueue to stdout */
1108 if (FD_ISSET(out, wset)) {
1109 len = write(out, buffer_ptr(&oqueue), olen);
1111 error("write error");
1114 buffer_consume(&oqueue, len);
1117 /* process requests from client */