* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
+ * 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
*/
#include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.100 2003/01/23 14:06:15 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.128 2005/12/06 22:38:27 reyk Exp $");
#include "xmalloc.h"
#include "atomicio.h"
#include "misc.h"
#include "progressmeter.h"
-#ifdef HAVE___PROGNAME
extern char *__progname;
-#else
-char *__progname;
-#endif
void bwlimit(int);
arglist args;
/* Bandwidth limit */
-off_t limit = 0;
+off_t limit_rate = 0;
/* Name of current file being transferred. */
char *curfile;
char *ssh_program = _PATH_SSH_PROGRAM;
/* This is used to store the pid of ssh_program */
-pid_t do_cmd_pid;
+pid_t do_cmd_pid = -1;
+
+static void
+killchild(int signo)
+{
+ if (do_cmd_pid > 1) {
+ kill(do_cmd_pid, signo ? signo : SIGTERM);
+ waitpid(do_cmd_pid, NULL, 0);
+ }
+
+ if (signo)
+ _exit(1);
+ exit(1);
+}
/*
* This function executes the given command as the specified user on the
close(reserved[0]);
close(reserved[1]);
- /* For a child to execute the command on the remote host using ssh. */
+ /* Fork a child to execute the command on the remote host using ssh. */
do_cmd_pid = fork();
if (do_cmd_pid == 0) {
/* Child. */
*fdout = pin[1];
close(pout[1]);
*fdin = pout[0];
+ signal(SIGTERM, killchild);
+ signal(SIGINT, killchild);
+ signal(SIGHUP, killchild);
return 0;
}
typedef struct {
- int cnt;
+ size_t cnt;
char *buf;
} BUF;
void usage(void);
int
-main(argc, argv)
- int argc;
- char *argv[];
+main(int argc, char **argv)
{
int ch, fflag, tflag, status;
double speed;
extern char *optarg;
extern int optind;
- __progname = get_progname(argv[0]);
+ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
+ sanitise_stdfd();
+
+ __progname = ssh_get_progname(argv[0]);
args.list = NULL;
addargs(&args, "ssh"); /* overwritten with ssh_program */
addargs(&args, "-x");
addargs(&args, "-oForwardAgent no");
+ addargs(&args, "-oPermitLocalCommand no");
addargs(&args, "-oClearAllForwardings yes");
fflag = tflag = 0;
speed = strtod(optarg, &endp);
if (speed <= 0 || *endp != '\0')
usage();
- limit = speed * 1024;
+ limit_rate = speed * 1024;
break;
case 'p':
pflag = 1;
verbose_mode = 1;
break;
case 'q':
+ addargs(&args, "-q");
showprogress = 0;
break;
argv += optind;
if ((pwd = getpwuid(userid = getuid())) == NULL)
- fatal("unknown user %d", (int) userid);
+ fatal("unknown user %u", (u_int) userid);
if (!isatty(STDERR_FILENO))
showprogress = 0;
}
void
-toremote(targ, argc, argv)
- char *targ, *argv[];
- int argc;
+toremote(char *targ, int argc, char **argv)
{
int i, len;
- char *bp, *host, *src, *suser, *thost, *tuser;
+ char *bp, *host, *src, *suser, *thost, *tuser, *arg;
*targ++ = 0;
if (*targ == 0)
targ = ".";
- if ((thost = strrchr(argv[argc - 1], '@'))) {
+ arg = xstrdup(argv[argc - 1]);
+ if ((thost = strrchr(arg, '@'))) {
/* user@host */
*thost++ = 0;
- tuser = argv[argc - 1];
+ tuser = arg;
if (*tuser == '\0')
tuser = NULL;
- else if (!okname(tuser))
- exit(1);
} else {
- thost = argv[argc - 1];
+ thost = arg;
tuser = NULL;
}
suser = argv[i];
if (*suser == '\0')
suser = pwd->pw_name;
- else if (!okname(suser))
+ else if (!okname(suser)) {
+ xfree(bp);
+ continue;
+ }
+ if (tuser && !okname(tuser)) {
+ xfree(bp);
continue;
+ }
snprintf(bp, len,
"%s%s %s -n "
"-l %s %s %s %s '%s%s%s:%s'",
}
if (verbose_mode)
fprintf(stderr, "Executing: %s\n", bp);
- (void) system(bp);
+ if (system(bp) != 0)
+ errs = 1;
(void) xfree(bp);
} else { /* local to remote */
if (remin == -1) {
}
void
-tolocal(argc, argv)
- int argc;
- char *argv[];
+tolocal(int argc, char **argv)
{
int i, len;
char *bp, *host, *src, *suser;
suser = argv[i];
if (*suser == '\0')
suser = pwd->pw_name;
- else if (!okname(suser))
- continue;
}
host = cleanhostname(host);
len = strlen(src) + CMDNEEDS + 20;
}
void
-source(argc, argv)
- int argc;
- char *argv[];
+source(int argc, char **argv)
{
struct stat stb;
static BUF buffer;
BUF *bp;
- off_t i, amt, result, statbytes;
- int fd, haderr, indx;
+ off_t i, amt, statbytes;
+ size_t result;
+ int fd = -1, haderr, indx;
char *last, *name, buf[2048];
int len;
(void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n",
(u_long) stb.st_mtime,
(u_long) stb.st_atime);
- (void) atomicio(write, remout, buf, strlen(buf));
+ (void) atomicio(vwrite, remout, buf, strlen(buf));
if (response() < 0)
goto next;
}
#define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO)
-#ifdef HAVE_LONG_LONG_INT
snprintf(buf, sizeof buf, "C%04o %lld %s\n",
(u_int) (stb.st_mode & FILEMODEMASK),
(long long)stb.st_size, last);
-#else
- /* XXX: Handle integer overflow? */
- snprintf(buf, sizeof buf, "C%04o %lu %s\n",
- (u_int) (stb.st_mode & FILEMODEMASK),
- (u_long) stb.st_size, last);
-#endif
if (verbose_mode) {
fprintf(stderr, "Sending file modes: %s", buf);
}
- (void) atomicio(write, remout, buf, strlen(buf));
+ (void) atomicio(vwrite, remout, buf, strlen(buf));
if (response() < 0)
goto next;
if ((bp = allocbuf(&buffer, fd, 2048)) == NULL) {
-next: (void) close(fd);
+next: if (fd != -1) {
+ (void) close(fd);
+ fd = -1;
+ }
continue;
}
if (showprogress)
if (!haderr) {
result = atomicio(read, fd, bp->buf, amt);
if (result != amt)
- haderr = result >= 0 ? EIO : errno;
+ haderr = errno;
}
if (haderr)
- (void) atomicio(write, remout, bp->buf, amt);
+ (void) atomicio(vwrite, remout, bp->buf, amt);
else {
- result = atomicio(write, remout, bp->buf, amt);
+ result = atomicio(vwrite, remout, bp->buf, amt);
if (result != amt)
- haderr = result >= 0 ? EIO : errno;
+ haderr = errno;
statbytes += result;
}
- if (limit)
+ if (limit_rate)
bwlimit(amt);
}
if (showprogress)
stop_progress_meter();
- if (close(fd) < 0 && !haderr)
- haderr = errno;
+ if (fd != -1) {
+ if (close(fd) < 0 && !haderr)
+ haderr = errno;
+ fd = -1;
+ }
if (!haderr)
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
else
run_err("%s: %s", name, strerror(haderr));
(void) response();
}
void
-rsource(name, statp)
- char *name;
- struct stat *statp;
+rsource(char *name, struct stat *statp)
{
DIR *dirp;
struct dirent *dp;
(void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n",
(u_long) statp->st_mtime,
(u_long) statp->st_atime);
- (void) atomicio(write, remout, path, strlen(path));
+ (void) atomicio(vwrite, remout, path, strlen(path));
if (response() < 0) {
closedir(dirp);
return;
(u_int) (statp->st_mode & FILEMODEMASK), 0, last);
if (verbose_mode)
fprintf(stderr, "Entering directory: %s", path);
- (void) atomicio(write, remout, path, strlen(path));
+ (void) atomicio(vwrite, remout, path, strlen(path));
if (response() < 0) {
closedir(dirp);
return;
source(1, vect);
}
(void) closedir(dirp);
- (void) atomicio(write, remout, "E\n", 2);
+ (void) atomicio(vwrite, remout, "E\n", 2);
(void) response();
}
{
static struct timeval bwstart, bwend;
static int lamt, thresh = 16384;
- u_int64_t wait;
+ u_int64_t waitlen;
struct timespec ts, rm;
if (!timerisset(&bwstart)) {
return;
lamt *= 8;
- wait = (double)1000000L * lamt / limit;
+ waitlen = (double)1000000L * lamt / limit_rate;
- bwstart.tv_sec = wait / 1000000L;
- bwstart.tv_usec = wait % 1000000L;
+ bwstart.tv_sec = waitlen / 1000000L;
+ bwstart.tv_usec = waitlen % 1000000L;
if (timercmp(&bwstart, &bwend, >)) {
timersub(&bwstart, &bwend, &bwend);
}
void
-sink(argc, argv)
- int argc;
- char *argv[];
+sink(int argc, char **argv)
{
static BUF buffer;
struct stat stb;
YES, NO, DISPLAYED
} wrerr;
BUF *bp;
- off_t i, j;
- int amt, count, exists, first, mask, mode, ofd, omode;
+ off_t i;
+ size_t j, count;
+ int amt, exists, first, mask, mode, ofd, omode;
off_t size, statbytes;
int setimes, targisdir, wrerrno = 0;
char ch, *cp, *np, *targ, *why, *vect[1], buf[2048];
#define atime tv[0]
#define mtime tv[1]
-#define SCREWUP(str) do { why = str; goto screwup; } while (0)
+#define SCREWUP(str) { why = str; goto screwup; }
setimes = targisdir = 0;
mask = umask(0);
if (targetshouldbedirectory)
verifydir(targ);
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode))
targisdir = 1;
for (first = 1;; first = 0) {
cp = buf;
- if (atomicio(read, remin, cp, 1) <= 0)
+ if (atomicio(read, remin, cp, 1) != 1)
return;
if (*cp++ == '\n')
SCREWUP("unexpected <newline>");
*cp++ = ch;
} while (cp < &buf[sizeof(buf) - 1] && ch != '\n');
*cp = 0;
+ if (verbose_mode)
+ fprintf(stderr, "Sink: %s", buf);
if (buf[0] == '\01' || buf[0] == '\02') {
if (iamremote == 0)
- (void) atomicio(write, STDERR_FILENO,
+ (void) atomicio(vwrite, STDERR_FILENO,
buf + 1, strlen(buf + 1));
if (buf[0] == '\02')
exit(1);
continue;
}
if (buf[0] == 'E') {
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
return;
}
if (ch == '\n')
atime.tv_usec = strtol(cp, &cp, 10);
if (!cp || *cp++ != '\0')
SCREWUP("atime.usec not delimited");
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
continue;
}
if (*cp != 'C' && *cp != 'D') {
size = size * 10 + (*cp++ - '0');
if (*cp++ != ' ')
SCREWUP("size not delimited");
+ if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+ run_err("error: unexpected filename: %s", cp);
+ exit(1);
+ }
if (targisdir) {
static char *namebuf;
- static int cursize;
+ static size_t cursize;
size_t need;
need = strlen(targ) + strlen(cp) + 250;
exists = stat(np, &stb) == 0;
if (buf[0] == 'D') {
int mod_flag = pflag;
+ if (!iamrecursive)
+ SCREWUP("received directory without -r");
if (exists) {
if (!S_ISDIR(stb.st_mode)) {
errno = ENOTDIR;
bad: run_err("%s: %s", np, strerror(errno));
continue;
}
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
if ((bp = allocbuf(&buffer, ofd, 4096)) == NULL) {
(void) close(ofd);
continue;
amt = size - i;
count += amt;
do {
- j = read(remin, cp, amt);
- if (j == -1 && (errno == EINTR ||
- errno == EAGAIN)) {
- continue;
- } else if (j <= 0) {
+ j = atomicio(read, remin, cp, amt);
+ if (j == 0) {
run_err("%s", j ? strerror(errno) :
"dropped connection");
exit(1);
cp += j;
statbytes += j;
} while (amt > 0);
-
- if (limit)
+
+ if (limit_rate)
bwlimit(4096);
if (count == bp->cnt) {
/* Keep reading so we stay sync'd up. */
if (wrerr == NO) {
- j = atomicio(write, ofd, bp->buf, count);
- if (j != count) {
+ if (atomicio(vwrite, ofd, bp->buf,
+ count) != count) {
wrerr = YES;
- wrerrno = j >= 0 ? EIO : errno;
+ wrerrno = errno;
}
}
count = 0;
if (showprogress)
stop_progress_meter();
if (count != 0 && wrerr == NO &&
- (j = atomicio(write, ofd, bp->buf, count)) != count) {
+ atomicio(vwrite, ofd, bp->buf, count) != count) {
wrerr = YES;
- wrerrno = j >= 0 ? EIO : errno;
+ wrerrno = errno;
}
if (wrerr == NO && ftruncate(ofd, size) != 0) {
run_err("%s: truncate: %s", np, strerror(errno));
if (pflag) {
if (exists || omode != mode)
#ifdef HAVE_FCHMOD
- if (fchmod(ofd, omode))
+ if (fchmod(ofd, omode)) {
#else /* HAVE_FCHMOD */
- if (chmod(np, omode))
+ if (chmod(np, omode)) {
#endif /* HAVE_FCHMOD */
run_err("%s: set mode: %s",
np, strerror(errno));
+ wrerr = DISPLAYED;
+ }
} else {
if (!exists && omode != mode)
#ifdef HAVE_FCHMOD
- if (fchmod(ofd, omode & ~mask))
+ if (fchmod(ofd, omode & ~mask)) {
#else /* HAVE_FCHMOD */
- if (chmod(np, omode & ~mask))
+ if (chmod(np, omode & ~mask)) {
#endif /* HAVE_FCHMOD */
run_err("%s: set mode: %s",
np, strerror(errno));
+ wrerr = DISPLAYED;
+ }
}
if (close(ofd) == -1) {
wrerr = YES;
run_err("%s: %s", np, strerror(wrerrno));
break;
case NO:
- (void) atomicio(write, remout, "", 1);
+ (void) atomicio(vwrite, remout, "", 1);
break;
case DISPLAYED:
break;
} while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n');
if (!iamremote)
- (void) atomicio(write, STDERR_FILENO, rbuf, cp - rbuf);
+ (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf);
++errs;
if (resp == 1)
return (-1);
usage(void)
{
(void) fprintf(stderr,
- "usage: scp [-pqrvBC1246] [-F config] [-S program] [-P port]\n"
- " [-c cipher] [-i identity] [-l limit] [-o option]\n"
+ "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
+ " [-l limit] [-o ssh_option] [-P port] [-S program]\n"
" [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
exit(1);
}
}
void
-verifydir(cp)
- char *cp;
+verifydir(char *cp)
{
struct stat stb;
errno = ENOTDIR;
}
run_err("%s: %s", cp, strerror(errno));
- exit(1);
+ killchild(0);
}
int
-okname(cp0)
- char *cp0;
+okname(char *cp0)
{
int c;
char *cp;
c = (int)*cp;
if (c & 0200)
goto bad;
- if (!isalpha(c) && !isdigit(c) &&
- c != '@' && c != '_' && c != '-' && c != '.' && c != '+')
- goto bad;
+ if (!isalpha(c) && !isdigit(c)) {
+ switch (c) {
+ case '\'':
+ case '"':
+ case '`':
+ case ' ':
+ case '#':
+ goto bad;
+ default:
+ break;
+ }
+ }
} while (*++cp);
return (1);
}
BUF *
-allocbuf(bp, fd, blksize)
- BUF *bp;
- int fd, blksize;
+allocbuf(BUF *bp, int fd, int blksize)
{
size_t size;
#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
}
void
-lostconn(signo)
- int signo;
+lostconn(int signo)
{
if (!iamremote)
write(STDERR_FILENO, "lost connection\n", 16);