+/* $OpenBSD: sftp-client.c,v 1.90 2009/10/11 10:41:26 dtucker Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
*
/* XXX: copy between two remote sites */
#include "includes.h"
-RCSID("$OpenBSD: sftp-client.c,v 1.58 2006/01/02 01:20:31 djm Exp $");
+#include <sys/types.h>
+#include <sys/param.h>
+#ifdef HAVE_SYS_STATVFS_H
+#include <sys/statvfs.h>
+#endif
#include "openbsd-compat/sys-queue.h"
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+#endif
+#include <sys/uio.h>
+
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
-#include "buffer.h"
-#include "bufaux.h"
-#include "getput.h"
#include "xmalloc.h"
+#include "buffer.h"
#include "log.h"
#include "atomicio.h"
#include "progressmeter.h"
+#include "misc.h"
#include "sftp.h"
#include "sftp-common.h"
extern volatile sig_atomic_t interrupted;
extern int showprogress;
-/* Minimum amount of data to read at at time */
+/* Minimum amount of data to read at a time */
#define MIN_READ_SIZE 512
+/* Maximum depth to descend in directory trees */
+#define MAX_DIR_DEPTH 64
+
struct sftp_conn {
int fd_in;
int fd_out;
u_int num_requests;
u_int version;
u_int msg_id;
+#define SFTP_EXT_POSIX_RENAME 0x00000001
+#define SFTP_EXT_STATVFS 0x00000002
+#define SFTP_EXT_FSTATVFS 0x00000004
+ u_int exts;
};
+static char *
+get_handle(int fd, u_int expected_id, u_int *len, const char *errfmt, ...)
+ __attribute__((format(printf, 4, 5)));
+
static void
send_msg(int fd, Buffer *m)
{
u_char mlen[4];
+ struct iovec iov[2];
if (buffer_len(m) > SFTP_MAX_MSG_LENGTH)
fatal("Outbound message too long %u", buffer_len(m));
/* Send length first */
- PUT_32BIT(mlen, buffer_len(m));
- if (atomicio(vwrite, fd, mlen, sizeof(mlen)) != sizeof(mlen))
- fatal("Couldn't send packet: %s", strerror(errno));
+ put_u32(mlen, buffer_len(m));
+ iov[0].iov_base = mlen;
+ iov[0].iov_len = sizeof(mlen);
+ iov[1].iov_base = buffer_ptr(m);
+ iov[1].iov_len = buffer_len(m);
- if (atomicio(vwrite, fd, buffer_ptr(m), buffer_len(m)) != buffer_len(m))
+ if (atomiciov(writev, fd, iov, 2) != buffer_len(m) + sizeof(mlen))
fatal("Couldn't send packet: %s", strerror(errno));
buffer_clear(m);
}
static char *
-get_handle(int fd, u_int expected_id, u_int *len)
+get_handle(int fd, u_int expected_id, u_int *len, const char *errfmt, ...)
{
Buffer msg;
u_int type, id;
- char *handle;
+ char *handle, errmsg[256];
+ va_list args;
+ int status;
+
+ va_start(args, errfmt);
+ if (errfmt != NULL)
+ vsnprintf(errmsg, sizeof(errmsg), errfmt, args);
+ va_end(args);
buffer_init(&msg);
get_msg(fd, &msg);
id = buffer_get_int(&msg);
if (id != expected_id)
- fatal("ID mismatch (%u != %u)", id, expected_id);
+ fatal("%s: ID mismatch (%u != %u)",
+ errfmt == NULL ? __func__ : errmsg, id, expected_id);
if (type == SSH2_FXP_STATUS) {
- int status = buffer_get_int(&msg);
-
- error("Couldn't get handle: %s", fx2txt(status));
+ status = buffer_get_int(&msg);
+ if (errfmt != NULL)
+ error("%s: %s", errmsg, fx2txt(status));
buffer_free(&msg);
return(NULL);
} else if (type != SSH2_FXP_HANDLE)
- fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u",
- SSH2_FXP_HANDLE, type);
+ fatal("%s: Expected SSH2_FXP_HANDLE(%u) packet, got %u",
+ errfmt == NULL ? __func__ : errmsg, SSH2_FXP_HANDLE, type);
handle = buffer_get_string(&msg, len);
buffer_free(&msg);
return(a);
}
+static int
+get_decode_statvfs(int fd, struct sftp_statvfs *st, u_int expected_id,
+ int quiet)
+{
+ Buffer msg;
+ u_int type, id, flag;
+
+ buffer_init(&msg);
+ get_msg(fd, &msg);
+
+ type = buffer_get_char(&msg);
+ id = buffer_get_int(&msg);
+
+ debug3("Received statvfs reply T:%u I:%u", type, id);
+ if (id != expected_id)
+ fatal("ID mismatch (%u != %u)", id, expected_id);
+ if (type == SSH2_FXP_STATUS) {
+ int status = buffer_get_int(&msg);
+
+ if (quiet)
+ debug("Couldn't statvfs: %s", fx2txt(status));
+ else
+ error("Couldn't statvfs: %s", fx2txt(status));
+ buffer_free(&msg);
+ return -1;
+ } else if (type != SSH2_FXP_EXTENDED_REPLY) {
+ fatal("Expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u",
+ SSH2_FXP_EXTENDED_REPLY, type);
+ }
+
+ bzero(st, sizeof(*st));
+ st->f_bsize = buffer_get_int64(&msg);
+ st->f_frsize = buffer_get_int64(&msg);
+ st->f_blocks = buffer_get_int64(&msg);
+ st->f_bfree = buffer_get_int64(&msg);
+ st->f_bavail = buffer_get_int64(&msg);
+ st->f_files = buffer_get_int64(&msg);
+ st->f_ffree = buffer_get_int64(&msg);
+ st->f_favail = buffer_get_int64(&msg);
+ st->f_fsid = buffer_get_int64(&msg);
+ flag = buffer_get_int64(&msg);
+ st->f_namemax = buffer_get_int64(&msg);
+
+ st->f_flag = (flag & SSH2_FXE_STATVFS_ST_RDONLY) ? ST_RDONLY : 0;
+ st->f_flag |= (flag & SSH2_FXE_STATVFS_ST_NOSUID) ? ST_NOSUID : 0;
+
+ buffer_free(&msg);
+
+ return 0;
+}
+
struct sftp_conn *
do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests)
{
- u_int type;
+ u_int type, exts = 0;
int version;
Buffer msg;
struct sftp_conn *ret;
while (buffer_len(&msg) > 0) {
char *name = buffer_get_string(&msg, NULL);
char *value = buffer_get_string(&msg, NULL);
-
- debug2("Init extension: \"%s\"", name);
+ int known = 0;
+
+ if (strcmp(name, "posix-rename@openssh.com") == 0 &&
+ strcmp(value, "1") == 0) {
+ exts |= SFTP_EXT_POSIX_RENAME;
+ known = 1;
+ } else if (strcmp(name, "statvfs@openssh.com") == 0 &&
+ strcmp(value, "2") == 0) {
+ exts |= SFTP_EXT_STATVFS;
+ known = 1;
+ } if (strcmp(name, "fstatvfs@openssh.com") == 0 &&
+ strcmp(value, "2") == 0) {
+ exts |= SFTP_EXT_FSTATVFS;
+ known = 1;
+ }
+ if (known) {
+ debug2("Server supports extension \"%s\" revision %s",
+ name, value);
+ } else {
+ debug2("Unrecognised server extension \"%s\"", name);
+ }
xfree(name);
xfree(value);
}
ret->num_requests = num_requests;
ret->version = version;
ret->msg_id = 1;
+ ret->exts = exts;
/* Some filexfer v.0 servers don't support large packets */
if (version == 0)
buffer_clear(&msg);
- handle = get_handle(conn->fd_in, id, &handle_len);
+ handle = get_handle(conn->fd_in, id, &handle_len,
+ "remote readdir(\"%s\")", path);
if (handle == NULL)
return(-1);
if (printflag)
printf("%s\n", longname);
+ /*
+ * Directory entries should never contain '/'
+ * These can be used to attack recursive ops
+ * (e.g. send '../../../../etc/passwd')
+ */
+ if (strchr(filename, '/') != NULL) {
+ error("Server sent suspect path \"%s\" "
+ "during readdir of \"%s\"", filename, path);
+ goto next;
+ }
+
if (dir) {
- *dir = xrealloc(*dir, sizeof(**dir) *
- (ents + 2));
+ *dir = xrealloc(*dir, ents + 2, sizeof(**dir));
(*dir)[ents] = xmalloc(sizeof(***dir));
(*dir)[ents]->filename = xstrdup(filename);
(*dir)[ents]->longname = xstrdup(longname);
memcpy(&(*dir)[ents]->a, a, sizeof(*a));
(*dir)[++ents] = NULL;
}
-
+ next:
xfree(filename);
xfree(longname);
}
}
int
-do_mkdir(struct sftp_conn *conn, char *path, Attrib *a)
+do_mkdir(struct sftp_conn *conn, char *path, Attrib *a, int printflag)
{
u_int status, id;
strlen(path), a);
status = get_status(conn->fd_in, id);
- if (status != SSH2_FX_OK)
+ if (status != SSH2_FX_OK && printflag)
error("Couldn't create directory: %s", fx2txt(status));
return(status);
return(get_decode_stat(conn->fd_in, id, quiet));
}
+#ifdef notyet
Attrib *
do_fstat(struct sftp_conn *conn, char *handle, u_int handle_len, int quiet)
{
return(get_decode_stat(conn->fd_in, id, quiet));
}
+#endif
int
do_setstat(struct sftp_conn *conn, char *path, Attrib *a)
/* Send rename request */
id = conn->msg_id++;
- buffer_put_char(&msg, SSH2_FXP_RENAME);
- buffer_put_int(&msg, id);
+ if ((conn->exts & SFTP_EXT_POSIX_RENAME)) {
+ buffer_put_char(&msg, SSH2_FXP_EXTENDED);
+ buffer_put_int(&msg, id);
+ buffer_put_cstring(&msg, "posix-rename@openssh.com");
+ } else {
+ buffer_put_char(&msg, SSH2_FXP_RENAME);
+ buffer_put_int(&msg, id);
+ }
buffer_put_cstring(&msg, oldpath);
buffer_put_cstring(&msg, newpath);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_RENAME \"%s\" -> \"%s\"", oldpath,
- newpath);
+ debug3("Sent message %s \"%s\" -> \"%s\"",
+ (conn->exts & SFTP_EXT_POSIX_RENAME) ? "posix-rename@openssh.com" :
+ "SSH2_FXP_RENAME", oldpath, newpath);
buffer_free(&msg);
status = get_status(conn->fd_in, id);
return(status);
}
+#ifdef notyet
char *
do_readlink(struct sftp_conn *conn, char *path)
{
return(filename);
}
+#endif
+
+int
+do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st,
+ int quiet)
+{
+ Buffer msg;
+ u_int id;
+
+ if ((conn->exts & SFTP_EXT_STATVFS) == 0) {
+ error("Server does not support statvfs@openssh.com extension");
+ return -1;
+ }
+
+ id = conn->msg_id++;
+
+ buffer_init(&msg);
+ buffer_clear(&msg);
+ buffer_put_char(&msg, SSH2_FXP_EXTENDED);
+ buffer_put_int(&msg, id);
+ buffer_put_cstring(&msg, "statvfs@openssh.com");
+ buffer_put_cstring(&msg, path);
+ send_msg(conn->fd_out, &msg);
+ buffer_free(&msg);
+
+ return get_decode_statvfs(conn->fd_in, st, id, quiet);
+}
+
+#ifdef notyet
+int
+do_fstatvfs(struct sftp_conn *conn, const char *handle, u_int handle_len,
+ struct sftp_statvfs *st, int quiet)
+{
+ Buffer msg;
+ u_int id;
+
+ if ((conn->exts & SFTP_EXT_FSTATVFS) == 0) {
+ error("Server does not support fstatvfs@openssh.com extension");
+ return -1;
+ }
+
+ id = conn->msg_id++;
+
+ buffer_init(&msg);
+ buffer_clear(&msg);
+ buffer_put_char(&msg, SSH2_FXP_EXTENDED);
+ buffer_put_int(&msg, id);
+ buffer_put_cstring(&msg, "fstatvfs@openssh.com");
+ buffer_put_string(&msg, handle, handle_len);
+ send_msg(conn->fd_out, &msg);
+ buffer_free(&msg);
+
+ return get_decode_statvfs(conn->fd_in, st, id, quiet);
+}
+#endif
static void
send_read_request(int fd_out, u_int id, u_int64_t offset, u_int len,
int
do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
- int pflag)
+ Attrib *a, int pflag)
{
- Attrib junk, *a;
+ Attrib junk;
Buffer msg;
char *handle;
int local_fd, status = 0, write_error;
TAILQ_INIT(&requests);
- a = do_stat(conn, remote_path, 0);
- if (a == NULL)
- return(-1);
+ if (a == NULL && (a = do_stat(conn, remote_path, 0)) == NULL)
+ return -1;
- /* XXX: should we preserve set[ug]id? */
+ /* Do not preserve set[ug]id here, as we do not preserve ownership */
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
mode = a->perm & 0777;
else
send_msg(conn->fd_out, &msg);
debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
- handle = get_handle(conn->fd_in, id, &handle_len);
+ handle = get_handle(conn->fd_in, id, &handle_len,
+ "remote open(\"%s\")", remote_path);
if (handle == NULL) {
buffer_free(&msg);
return(-1);
if (local_fd == -1) {
error("Couldn't open local file \"%s\" for writing: %s",
local_path, strerror(errno));
+ do_close(conn, handle, handle_len);
buffer_free(&msg);
xfree(handle);
return(-1);
return(status);
}
+static int
+download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
+ Attrib *dirattrib, int pflag, int printflag, int depth)
+{
+ int i, ret = 0;
+ SFTP_DIRENT **dir_entries;
+ char *filename, *new_src, *new_dst;
+ mode_t mode = 0777;
+
+ if (depth >= MAX_DIR_DEPTH) {
+ error("Maximum directory depth exceeded: %d levels", depth);
+ return -1;
+ }
+
+ if (dirattrib == NULL &&
+ (dirattrib = do_stat(conn, src, 1)) == NULL) {
+ error("Unable to stat remote directory \"%s\"", src);
+ return -1;
+ }
+ if (!S_ISDIR(dirattrib->perm)) {
+ error("\"%s\" is not a directory", src);
+ return -1;
+ }
+ if (printflag)
+ printf("Retrieving %s\n", src);
+
+ if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
+ mode = dirattrib->perm & 01777;
+ else {
+ debug("Server did not send permissions for "
+ "directory \"%s\"", dst);
+ }
+
+ if (mkdir(dst, mode) == -1 && errno != EEXIST) {
+ error("mkdir %s: %s", dst, strerror(errno));
+ return -1;
+ }
+
+ if (do_readdir(conn, src, &dir_entries) == -1) {
+ error("%s: Failed to get directory contents", src);
+ return -1;
+ }
+
+ for (i = 0; dir_entries[i] != NULL && !interrupted; i++) {
+ filename = dir_entries[i]->filename;
+
+ new_dst = path_append(dst, filename);
+ new_src = path_append(src, filename);
+
+ if (S_ISDIR(dir_entries[i]->a.perm)) {
+ if (strcmp(filename, ".") == 0 ||
+ strcmp(filename, "..") == 0)
+ continue;
+ if (download_dir_internal(conn, new_src, new_dst,
+ &(dir_entries[i]->a), pflag, printflag,
+ depth + 1) == -1)
+ ret = -1;
+ } else if (S_ISREG(dir_entries[i]->a.perm) ) {
+ if (do_download(conn, new_src, new_dst,
+ &(dir_entries[i]->a), pflag) == -1) {
+ error("Download of file %s to %s failed",
+ new_src, new_dst);
+ ret = -1;
+ }
+ } else
+ logit("%s: not a regular file\n", new_src);
+
+ xfree(new_dst);
+ xfree(new_src);
+ }
+
+ if (pflag) {
+ if (dirattrib->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
+ struct timeval tv[2];
+ tv[0].tv_sec = dirattrib->atime;
+ tv[1].tv_sec = dirattrib->mtime;
+ tv[0].tv_usec = tv[1].tv_usec = 0;
+ if (utimes(dst, tv) == -1)
+ error("Can't set times on \"%s\": %s",
+ dst, strerror(errno));
+ } else
+ debug("Server did not send times for directory "
+ "\"%s\"", dst);
+ }
+
+ free_sftp_dirents(dir_entries);
+
+ return ret;
+}
+
+int
+download_dir(struct sftp_conn *conn, char *src, char *dst,
+ Attrib *dirattrib, int pflag, int printflag)
+{
+ char *src_canon;
+ int ret;
+
+ if ((src_canon = do_realpath(conn, src)) == NULL) {
+ error("Unable to canonicalise path \"%s\"", src);
+ return -1;
+ }
+
+ ret = download_dir_internal(conn, src_canon, dst,
+ dirattrib, pflag, printflag, 0);
+ xfree(src_canon);
+ return ret;
+}
+
int
do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
int pflag)
{
- int local_fd, status;
+ int local_fd;
+ int status = SSH2_FX_OK;
u_int handle_len, id, type;
- u_int64_t offset;
+ off_t offset;
char *handle, *data;
Buffer msg;
struct stat sb;
struct outstanding_ack {
u_int id;
u_int len;
- u_int64_t offset;
+ off_t offset;
TAILQ_ENTRY(outstanding_ack) tq;
};
TAILQ_HEAD(ackhead, outstanding_ack) acks;
buffer_clear(&msg);
- handle = get_handle(conn->fd_in, id, &handle_len);
+ handle = get_handle(conn->fd_in, id, &handle_len,
+ "remote open(\"%s\")", remote_path);
if (handle == NULL) {
close(local_fd);
buffer_free(&msg);
- return(-1);
+ return -1;
}
startid = ackid = id + 1;
* Simulate an EOF on interrupt, allowing ACKs from the
* server to drain.
*/
- if (interrupted)
+ if (interrupted || status != SSH2_FX_OK)
len = 0;
else do
len = read(local_fd, data, conn->transfer_buflen);
- while ((len == -1) && (errno == EINTR || errno == EAGAIN));
+ while ((len == -1) &&
+ (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK));
if (len == -1)
fatal("Couldn't read from \"%s\": %s", local_path,
if (ack == NULL)
fatal("Can't find request for ID %u", r_id);
TAILQ_REMOVE(&acks, ack, tq);
-
- if (status != SSH2_FX_OK) {
- error("Couldn't write to remote file \"%s\": %s",
- remote_path, fx2txt(status));
- do_close(conn, handle, handle_len);
- close(local_fd);
- xfree(data);
- xfree(ack);
- goto done;
- }
- debug3("In write loop, ack for %u %u bytes at %llu",
- ack->id, ack->len, (unsigned long long)ack->offset);
+ debug3("In write loop, ack for %u %u bytes at %lld",
+ ack->id, ack->len, (long long)ack->offset);
++ackid;
xfree(ack);
}
offset += len;
+ if (offset < 0)
+ fatal("%s: offset < 0", __func__);
}
+ buffer_free(&msg);
+
if (showprogress)
stop_progress_meter();
xfree(data);
+ if (status != SSH2_FX_OK) {
+ error("Couldn't write to remote file \"%s\": %s",
+ remote_path, fx2txt(status));
+ status = -1;
+ }
+
if (close(local_fd) == -1) {
error("Couldn't close local file \"%s\": %s", local_path,
strerror(errno));
- do_close(conn, handle, handle_len);
status = -1;
- goto done;
}
/* Override umask and utimes if asked */
if (pflag)
do_fsetstat(conn, handle, handle_len, &a);
- status = do_close(conn, handle, handle_len);
-
-done:
+ if (do_close(conn, handle, handle_len) != SSH2_FX_OK)
+ status = -1;
xfree(handle);
- buffer_free(&msg);
- return(status);
+
+ return status;
+}
+
+static int
+upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
+ int pflag, int printflag, int depth)
+{
+ int ret = 0, status;
+ DIR *dirp;
+ struct dirent *dp;
+ char *filename, *new_src, *new_dst;
+ struct stat sb;
+ Attrib a;
+
+ if (depth >= MAX_DIR_DEPTH) {
+ error("Maximum directory depth exceeded: %d levels", depth);
+ return -1;
+ }
+
+ if (stat(src, &sb) == -1) {
+ error("Couldn't stat directory \"%s\": %s",
+ src, strerror(errno));
+ return -1;
+ }
+ if (!S_ISDIR(sb.st_mode)) {
+ error("\"%s\" is not a directory", src);
+ return -1;
+ }
+ if (printflag)
+ printf("Entering %s\n", src);
+
+ attrib_clear(&a);
+ stat_to_attrib(&sb, &a);
+ a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
+ a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID;
+ a.perm &= 01777;
+ if (!pflag)
+ a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
+
+ status = do_mkdir(conn, dst, &a, 0);
+ /*
+ * we lack a portable status for errno EEXIST,
+ * so if we get a SSH2_FX_FAILURE back we must check
+ * if it was created successfully.
+ */
+ if (status != SSH2_FX_OK) {
+ if (status != SSH2_FX_FAILURE)
+ return -1;
+ if (do_stat(conn, dst, 0) == NULL)
+ return -1;
+ }
+
+ if ((dirp = opendir(src)) == NULL) {
+ error("Failed to open dir \"%s\": %s", src, strerror(errno));
+ return -1;
+ }
+
+ while (((dp = readdir(dirp)) != NULL) && !interrupted) {
+ if (dp->d_ino == 0)
+ continue;
+ filename = dp->d_name;
+ new_dst = path_append(dst, filename);
+ new_src = path_append(src, filename);
+
+ if (lstat(new_src, &sb) == -1) {
+ logit("%s: lstat failed: %s", filename,
+ strerror(errno));
+ ret = -1;
+ } else if (S_ISDIR(sb.st_mode)) {
+ if (strcmp(filename, ".") == 0 ||
+ strcmp(filename, "..") == 0)
+ continue;
+
+ if (upload_dir_internal(conn, new_src, new_dst,
+ pflag, depth + 1, printflag) == -1)
+ ret = -1;
+ } else if (S_ISREG(sb.st_mode)) {
+ if (do_upload(conn, new_src, new_dst, pflag) == -1) {
+ error("Uploading of file %s to %s failed!",
+ new_src, new_dst);
+ ret = -1;
+ }
+ } else
+ logit("%s: not a regular file\n", filename);
+ xfree(new_dst);
+ xfree(new_src);
+ }
+
+ do_setstat(conn, dst, &a);
+
+ (void) closedir(dirp);
+ return ret;
+}
+
+int
+upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag,
+ int pflag)
+{
+ char *dst_canon;
+ int ret;
+
+ if ((dst_canon = do_realpath(conn, dst)) == NULL) {
+ error("Unable to canonicalise path \"%s\"", dst);
+ return -1;
+ }
+
+ ret = upload_dir_internal(conn, src, dst_canon, pflag, printflag, 0);
+ xfree(dst_canon);
+ return ret;
}
+
+char *
+path_append(char *p1, char *p2)
+{
+ char *ret;
+ size_t len = strlen(p1) + strlen(p2) + 2;
+
+ ret = xmalloc(len);
+ strlcpy(ret, p1, len);
+ if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/')
+ strlcat(ret, "/", len);
+ strlcat(ret, p2, len);
+
+ return(ret);
+}
+