+/* $OpenBSD: sftp.c,v 1.97 2007/10/24 03:30:02 djm Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
*
#include "includes.h"
-RCSID("$OpenBSD: sftp.c,v 1.60 2004/12/10 03:10:42 fgsch Exp $");
+#include <sys/types.h>
+#include <sys/ioctl.h>
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+
+#include <ctype.h>
+#include <errno.h>
+#ifdef HAVE_PATHS_H
+# include <paths.h>
+#endif
#ifdef USE_LIBEDIT
#include <histedit.h>
#else
typedef void EditLine;
#endif
+#include <signal.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdarg.h>
-#include "buffer.h"
#include "xmalloc.h"
#include "log.h"
#include "pathnames.h"
#include "misc.h"
#include "sftp.h"
+#include "buffer.h"
#include "sftp-common.h"
#include "sftp-client.h"
int interactive_loop(int fd_in, int fd_out, char *file1, char *file2);
+/* ARGSUSED */
static void
killchild(int signo)
{
- if (sshpid > 1)
+ if (sshpid > 1) {
kill(sshpid, SIGTERM);
+ waitpid(sshpid, NULL, 0);
+ }
_exit(1);
}
+/* ARGSUSED */
static void
cmd_interrupt(int signo)
{
if (errno != EINTR)
fatal("Couldn't wait for child: %s", strerror(errno));
if (!WIFEXITED(status))
- error("Shell exited abormally");
+ error("Shell exited abnormally");
else if (WEXITSTATUS(status))
error("Shell exited with status %d", WEXITSTATUS(status));
}
path_append(char *p1, char *p2)
{
char *ret;
- int len = strlen(p1) + strlen(p2) + 2;
+ size_t len = strlen(p1) + strlen(p2) + 2;
ret = xmalloc(len);
strlcpy(ret, p1, len);
- if (p1[strlen(p1) - 1] != '/')
+ if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/')
strlcat(ret, "/", len);
strlcat(ret, p2, len);
}
static int
-parse_getput_flags(const char **cpp, int *pflag)
+parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag)
{
- const char *cp = *cpp;
+ extern int optind, optreset, opterr;
+ int ch;
- /* Check for flags */
- if (cp[0] == '-' && cp[1] && strchr(WHITESPACE, cp[2])) {
- switch (cp[1]) {
+ optind = optreset = 1;
+ opterr = 0;
+
+ *pflag = 0;
+ while ((ch = getopt(argc, argv, "Pp")) != -1) {
+ switch (ch) {
case 'p':
case 'P':
*pflag = 1;
break;
default:
- error("Invalid flag -%c", cp[1]);
- return(-1);
- }
- cp += 2;
- *cpp = cp + strspn(cp, WHITESPACE);
- }
-
- return(0);
-}
-
-static int
-parse_ls_flags(const char **cpp, int *lflag)
-{
- const char *cp = *cpp;
-
- /* Defaults */
- *lflag = LS_NAME_SORT;
-
- /* Check for flags */
- if (cp++[0] == '-') {
- for(; strchr(WHITESPACE, *cp) == NULL; cp++) {
- switch (*cp) {
- case 'l':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_LONG_VIEW;
- break;
- case '1':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_SHORT_VIEW;
- break;
- case 'n':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_NUMERIC_VIEW|LS_LONG_VIEW;
- break;
- case 'S':
- *lflag &= ~SORT_FLAGS;
- *lflag |= LS_SIZE_SORT;
- break;
- case 't':
- *lflag &= ~SORT_FLAGS;
- *lflag |= LS_TIME_SORT;
- break;
- case 'r':
- *lflag |= LS_REVERSE_SORT;
- break;
- case 'f':
- *lflag &= ~SORT_FLAGS;
- break;
- case 'a':
- *lflag |= LS_SHOW_ALL;
- break;
- default:
- error("Invalid flag -%c", *cp);
- return(-1);
- }
+ error("%s: Invalid flag -%c", cmd, ch);
+ return -1;
}
- *cpp = cp + strspn(cp, WHITESPACE);
}
- return(0);
+ return optind;
}
static int
-get_pathname(const char **cpp, char **path)
+parse_ls_flags(char **argv, int argc, int *lflag)
{
- const char *cp = *cpp, *end;
- char quot;
- int i, j;
-
- cp += strspn(cp, WHITESPACE);
- if (!*cp) {
- *cpp = cp;
- *path = NULL;
- return (0);
- }
+ extern int optind, optreset, opterr;
+ int ch;
- *path = xmalloc(strlen(cp) + 1);
+ optind = optreset = 1;
+ opterr = 0;
- /* Check for quoted filenames */
- if (*cp == '\"' || *cp == '\'') {
- quot = *cp++;
-
- /* Search for terminating quote, unescape some chars */
- for (i = j = 0; i <= strlen(cp); i++) {
- if (cp[i] == quot) { /* Found quote */
- i++;
- (*path)[j] = '\0';
- break;
- }
- if (cp[i] == '\0') { /* End of string */
- error("Unterminated quote");
- goto fail;
- }
- if (cp[i] == '\\') { /* Escaped characters */
- i++;
- if (cp[i] != '\'' && cp[i] != '\"' &&
- cp[i] != '\\') {
- error("Bad escaped character '\\%c'",
- cp[i]);
- goto fail;
- }
- }
- (*path)[j++] = cp[i];
- }
-
- if (j == 0) {
- error("Empty quotes");
- goto fail;
+ *lflag = LS_NAME_SORT;
+ while ((ch = getopt(argc, argv, "1Saflnrt")) != -1) {
+ switch (ch) {
+ case '1':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_SHORT_VIEW;
+ break;
+ case 'S':
+ *lflag &= ~SORT_FLAGS;
+ *lflag |= LS_SIZE_SORT;
+ break;
+ case 'a':
+ *lflag |= LS_SHOW_ALL;
+ break;
+ case 'f':
+ *lflag &= ~SORT_FLAGS;
+ break;
+ case 'l':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_LONG_VIEW;
+ break;
+ case 'n':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_NUMERIC_VIEW|LS_LONG_VIEW;
+ break;
+ case 'r':
+ *lflag |= LS_REVERSE_SORT;
+ break;
+ case 't':
+ *lflag &= ~SORT_FLAGS;
+ *lflag |= LS_TIME_SORT;
+ break;
+ default:
+ error("ls: Invalid flag -%c", ch);
+ return -1;
}
- *cpp = cp + i + strspn(cp + i, WHITESPACE);
- } else {
- /* Read to end of filename */
- end = strpbrk(cp, WHITESPACE);
- if (end == NULL)
- end = strchr(cp, '\0');
- *cpp = end + strspn(end, WHITESPACE);
-
- memcpy(*path, cp, end - cp);
- (*path)[end - cp] = '\0';
}
- return (0);
- fail:
- xfree(*path);
- *path = NULL;
- return (-1);
+ return optind;
}
static int
if (stat(path, &sb) == -1)
return(0);
- return(sb.st_mode & S_IFDIR);
+ return(S_ISDIR(sb.st_mode));
}
static int
return(0);
if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS))
return(0);
- return(a->perm & S_IFDIR);
+ return(S_ISDIR(a->perm));
}
static int
if (g.gl_matchc == 1 && dst) {
/* If directory specified, append filename */
+ xfree(tmp);
if (is_dir(dst)) {
if (infer_path(g.gl_pathv[0], &tmp)) {
err = 1;
out:
xfree(abs_src);
- if (abs_dst)
- xfree(abs_dst);
globfree(&g);
return(err);
}
static int
do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
{
- int n, c = 1, colspace = 0, columns = 1;
+ int n;
+ u_int c = 1, colspace = 0, columns = 1;
SFTP_DIRENT **d;
if ((n = do_readdir(conn, path, &d)) != 0)
return (n);
if (!(lflag & LS_SHORT_VIEW)) {
- int m = 0, width = 80;
+ u_int m = 0, width = 80;
struct winsize ws;
char *tmp;
}
if (lflag & SORT_FLAGS) {
+ for (n = 0; d[n] != NULL; n++)
+ ; /* count entries */
sort_flag = lflag & (SORT_FLAGS|LS_REVERSE_SORT);
qsort(d, n, sizeof(*d), sdirent_comp);
}
int lflag)
{
glob_t g;
- int i, c = 1, colspace = 0, columns = 1;
+ u_int i, c = 1, colspace = 0, columns = 1;
Attrib *a = NULL;
memset(&g, 0, sizeof(g));
}
if (!(lflag & LS_SHORT_VIEW)) {
- int m = 0, width = 80;
+ u_int m = 0, width = 80;
struct winsize ws;
/* Count entries for sort and find longest filename */
return (0);
}
+/*
+ * Undo escaping of glob sequences in place. Used to undo extra escaping
+ * applied in makeargv() when the string is destined for a function that
+ * does not glob it.
+ */
+static void
+undo_glob_escape(char *s)
+{
+ size_t i, j;
+
+ for (i = j = 0;;) {
+ if (s[i] == '\0') {
+ s[j] = '\0';
+ return;
+ }
+ if (s[i] != '\\') {
+ s[j++] = s[i++];
+ continue;
+ }
+ /* s[i] == '\\' */
+ ++i;
+ switch (s[i]) {
+ case '?':
+ case '[':
+ case '*':
+ case '\\':
+ s[j++] = s[i++];
+ break;
+ case '\0':
+ s[j++] = '\\';
+ s[j] = '\0';
+ return;
+ default:
+ s[j++] = '\\';
+ s[j++] = s[i++];
+ break;
+ }
+ }
+}
+
+/*
+ * Split a string into an argument vector using sh(1)-style quoting,
+ * comment and escaping rules, but with some tweaks to handle glob(3)
+ * wildcards.
+ * Returns NULL on error or a NULL-terminated array of arguments.
+ */
+#define MAXARGS 128
+#define MAXARGLEN 8192
+static char **
+makeargv(const char *arg, int *argcp)
+{
+ int argc, quot;
+ size_t i, j;
+ static char argvs[MAXARGLEN];
+ static char *argv[MAXARGS + 1];
+ enum { MA_START, MA_SQUOTE, MA_DQUOTE, MA_UNQUOTED } state, q;
+
+ *argcp = argc = 0;
+ if (strlen(arg) > sizeof(argvs) - 1) {
+ args_too_longs:
+ error("string too long");
+ return NULL;
+ }
+ state = MA_START;
+ i = j = 0;
+ for (;;) {
+ if (isspace(arg[i])) {
+ if (state == MA_UNQUOTED) {
+ /* Terminate current argument */
+ argvs[j++] = '\0';
+ argc++;
+ state = MA_START;
+ } else if (state != MA_START)
+ argvs[j++] = arg[i];
+ } else if (arg[i] == '"' || arg[i] == '\'') {
+ q = arg[i] == '"' ? MA_DQUOTE : MA_SQUOTE;
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = q;
+ } else if (state == MA_UNQUOTED)
+ state = q;
+ else if (state == q)
+ state = MA_UNQUOTED;
+ else
+ argvs[j++] = arg[i];
+ } else if (arg[i] == '\\') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE) {
+ quot = state == MA_SQUOTE ? '\'' : '"';
+ /* Unescape quote we are in */
+ /* XXX support \n and friends? */
+ if (arg[i + 1] == quot) {
+ i++;
+ argvs[j++] = arg[i];
+ } else if (arg[i + 1] == '?' ||
+ arg[i + 1] == '[' || arg[i + 1] == '*') {
+ /*
+ * Special case for sftp: append
+ * double-escaped glob sequence -
+ * glob will undo one level of
+ * escaping. NB. string can grow here.
+ */
+ if (j >= sizeof(argvs) - 5)
+ goto args_too_longs;
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i++];
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i];
+ } else {
+ argvs[j++] = arg[i++];
+ argvs[j++] = arg[i];
+ }
+ } else {
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = MA_UNQUOTED;
+ }
+ if (arg[i + 1] == '?' || arg[i + 1] == '[' ||
+ arg[i + 1] == '*' || arg[i + 1] == '\\') {
+ /*
+ * Special case for sftp: append
+ * escaped glob sequence -
+ * glob will undo one level of
+ * escaping.
+ */
+ argvs[j++] = arg[i++];
+ argvs[j++] = arg[i];
+ } else {
+ /* Unescape everything */
+ /* XXX support \n and friends? */
+ i++;
+ argvs[j++] = arg[i];
+ }
+ }
+ } else if (arg[i] == '#') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE)
+ argvs[j++] = arg[i];
+ else
+ goto string_done;
+ } else if (arg[i] == '\0') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE) {
+ error("Unterminated quoted argument");
+ return NULL;
+ }
+ string_done:
+ if (state == MA_UNQUOTED) {
+ argvs[j++] = '\0';
+ argc++;
+ }
+ break;
+ } else {
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = MA_UNQUOTED;
+ }
+ if ((state == MA_SQUOTE || state == MA_DQUOTE) &&
+ (arg[i] == '?' || arg[i] == '[' || arg[i] == '*')) {
+ /*
+ * Special case for sftp: escape quoted
+ * glob(3) wildcards. NB. string can grow
+ * here.
+ */
+ if (j >= sizeof(argvs) - 3)
+ goto args_too_longs;
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i];
+ } else
+ argvs[j++] = arg[i];
+ }
+ i++;
+ }
+ *argcp = argc;
+ return argv;
+}
+
static int
parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
unsigned long *n_arg, char **path1, char **path2)
{
const char *cmd, *cp = *cpp;
- char *cp2;
+ char *cp2, **argv;
int base = 0;
long l;
- int i, cmdnum;
+ int i, cmdnum, optidx, argc;
/* Skip leading whitespace */
cp = cp + strspn(cp, WHITESPACE);
cp++;
}
+ if ((argv = makeargv(cp, &argc)) == NULL)
+ return -1;
+
/* Figure out which command we have */
- for (i = 0; cmds[i].c; i++) {
- int cmdlen = strlen(cmds[i].c);
-
- /* Check for command followed by whitespace */
- if (!strncasecmp(cp, cmds[i].c, cmdlen) &&
- strchr(WHITESPACE, cp[cmdlen])) {
- cp += cmdlen;
- cp = cp + strspn(cp, WHITESPACE);
+ for (i = 0; cmds[i].c != NULL; i++) {
+ if (strcasecmp(cmds[i].c, argv[0]) == 0)
break;
- }
}
cmdnum = cmds[i].n;
cmd = cmds[i].c;
cmdnum = I_SHELL;
} else if (cmdnum == -1) {
error("Invalid command.");
- return (-1);
+ return -1;
}
/* Get arguments and parse flags */
*lflag = *pflag = *n_arg = 0;
*path1 = *path2 = NULL;
+ optidx = 1;
switch (cmdnum) {
case I_GET:
case I_PUT:
- if (parse_getput_flags(&cp, pflag))
- return(-1);
+ if ((optidx = parse_getput_flags(cmd, argv, argc, pflag)) == -1)
+ return -1;
/* Get first pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 1) {
error("You must specify at least one path after a "
"%s command.", cmd);
- return(-1);
+ return -1;
+ }
+ *path1 = xstrdup(argv[optidx]);
+ /* Get second pathname (optional) */
+ if (argc - optidx > 1) {
+ *path2 = xstrdup(argv[optidx + 1]);
+ /* Destination is not globbed */
+ undo_glob_escape(*path2);
}
- /* Try to get second pathname (optional) */
- if (get_pathname(&cp, path2))
- return(-1);
break;
case I_RENAME:
case I_SYMLINK:
- if (get_pathname(&cp, path1))
- return(-1);
- if (get_pathname(&cp, path2))
- return(-1);
- if (!*path1 || !*path2) {
+ if (argc - optidx < 2) {
error("You must specify two paths after a %s "
"command.", cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx]);
+ *path2 = xstrdup(argv[optidx + 1]);
+ /* Paths are not globbed */
+ undo_glob_escape(*path1);
+ undo_glob_escape(*path2);
break;
case I_RM:
case I_MKDIR:
case I_LCHDIR:
case I_LMKDIR:
/* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 1) {
error("You must specify a path after a %s command.",
cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx]);
+ /* Only "rm" globs */
+ if (cmdnum != I_RM)
+ undo_glob_escape(*path1);
break;
case I_LS:
- if (parse_ls_flags(&cp, lflag))
+ if ((optidx = parse_ls_flags(argv, argc, lflag)) == -1)
return(-1);
/* Path is optional */
- if (get_pathname(&cp, path1))
- return(-1);
+ if (argc - optidx > 0)
+ *path1 = xstrdup(argv[optidx]);
break;
case I_LLS:
case I_SHELL:
/* Uses the rest of the line */
break;
case I_LUMASK:
- base = 8;
case I_CHMOD:
base = 8;
case I_CHOWN:
case I_CHGRP:
/* Get numeric arg (mandatory) */
- l = strtol(cp, &cp2, base);
- if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
- errno == ERANGE) || l < 0) {
+ if (argc - optidx < 1)
+ goto need_num_arg;
+ errno = 0;
+ l = strtol(argv[optidx], &cp2, base);
+ if (cp2 == argv[optidx] || *cp2 != '\0' ||
+ ((l == LONG_MIN || l == LONG_MAX) && errno == ERANGE) ||
+ l < 0) {
+ need_num_arg:
error("You must supply a numeric argument "
"to the %s command.", cmd);
- return(-1);
+ return -1;
}
- cp = cp2;
*n_arg = l;
- if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp))
+ if (cmdnum == I_LUMASK)
break;
- if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) {
- error("You must supply a numeric argument "
- "to the %s command.", cmd);
- return(-1);
- }
- cp += strspn(cp, WHITESPACE);
-
/* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 2) {
error("You must specify a path after a %s command.",
cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx + 1]);
break;
case I_QUIT:
case I_PWD:
char *dir = NULL;
char cmd[2048];
struct sftp_conn *conn;
- int err;
+ int err, interactive;
EditLine *el = NULL;
#ifdef USE_LIBEDIT
History *hl = NULL;
if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0) {
xfree(dir);
xfree(pwd);
+ xfree(conn);
return (-1);
}
} else {
err = parse_dispatch_command(conn, cmd, &pwd, 1);
xfree(dir);
xfree(pwd);
+ xfree(conn);
return (err);
}
xfree(dir);
}
-#if HAVE_SETVBUF
+#if defined(HAVE_SETVBUF) && !defined(BROKEN_SETVBUF)
setvbuf(stdout, NULL, _IOLBF, 0);
setvbuf(infile, NULL, _IOLBF, 0);
#else
- setlinebuf(stdout);
- setlinebuf(infile);
+ setlinebuf(stdout);
+ setlinebuf(infile);
#endif
+ interactive = !batchmode && isatty(STDIN_FILENO);
err = 0;
for (;;) {
char *cp;
signal(SIGINT, SIG_IGN);
if (el == NULL) {
- printf("sftp> ");
+ if (interactive)
+ printf("sftp> ");
if (fgets(cmd, sizeof(cmd), infile) == NULL) {
- printf("\n");
+ if (interactive)
+ printf("\n");
break;
}
- if (batchmode) /* Echo command */
- printf("%s", cmd);
+ if (!interactive) { /* Echo command */
+ printf("sftp> %s", cmd);
+ if (strlen(cmd) > 0 &&
+ cmd[strlen(cmd) - 1] != '\n')
+ printf("\n");
+ }
} else {
#ifdef USE_LIBEDIT
const char *line;
int count = 0;
- if ((line = el_gets(el, &count)) == NULL || count <= 0)
- break;
+ if ((line = el_gets(el, &count)) == NULL || count <= 0) {
+ printf("\n");
+ break;
+ }
history(hl, &hev, H_ENTER, line);
if (strlcpy(cmd, line, sizeof(cmd)) >= sizeof(cmd)) {
fprintf(stderr, "Error: input line too long\n");
break;
}
xfree(pwd);
+ xfree(conn);
+
+#ifdef USE_LIBEDIT
+ if (el != NULL)
+ el_end(el);
+#endif /* USE_LIBEDIT */
/* err == 1 signifies normal "quit" exit */
return (err >= 0 ? 0 : -1);
extern int optind;
extern char *optarg;
+ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
+ sanitise_stdfd();
+
__progname = ssh_get_progname(argv[0]);
+ memset(&args, '\0', sizeof(args));
args.list = NULL;
- addargs(&args, "ssh"); /* overwritten with ssh_program */
+ addargs(&args, "%s", ssh_program);
addargs(&args, "-oForwardX11 no");
addargs(&args, "-oForwardAgent no");
+ addargs(&args, "-oPermitLocalCommand no");
addargs(&args, "-oClearAllForwardings yes");
ll = SYSLOG_LEVEL_INFO;
break;
case 'S':
ssh_program = optarg;
+ replacearg(&args, 0, "%s", ssh_program);
break;
case 'b':
if (batchmode)
/* Allow "-" as stdin */
if (strcmp(optarg, "-") != 0 &&
- (infile = fopen(optarg, "r")) == NULL)
+ (infile = fopen(optarg, "r")) == NULL)
fatal("%s (%s).", strerror(errno), optarg);
showprogress = 0;
batchmode = 1;
+ addargs(&args, "-obatchmode yes");
break;
case 'P':
sftp_direct = optarg;
fprintf(stderr, "Missing username\n");
usage();
}
- addargs(&args, "-l%s",userhost);
+ addargs(&args, "-l%s", userhost);
}
if ((cp = colon(host)) != NULL) {
addargs(&args, "%s", host);
addargs(&args, "%s", (sftp_server != NULL ?
sftp_server : "sftp"));
- args.list[0] = ssh_program;
if (!batchmode)
fprintf(stderr, "Connecting to %s...\n", host);
fprintf(stderr, "Attaching to %s...\n", sftp_direct);
connect_to_server(sftp_direct, args.list, &in, &out);
}
+ freeargs(&args);
err = interactive_loop(in, out, file1, file2);
#if !defined(USE_PIPES)
- shutdown(in, SHUT_RDWR);
- shutdown(out, SHUT_RDWR);
+ shutdown(in, SHUT_RDWR);
+ shutdown(out, SHUT_RDWR);
#endif
close(in);