]> andersk Git - openssh.git/blobdiff - scp.c
andersk / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
[openssh.git] / scp.c
diff --git a/scp.c b/scp.c
index 35d4c5f7143e5a23bdf659f7a8200125fb7fdcab..5dced6ce4aa008e3bef063711e7a54a5ac7dee99 100644 (file)
--- a/scp.c
+++ b/scp.c
@@ -52,11 +52,7 @@
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *     This product includes software developed by the University of
- *     California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
+ * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  *
@@ -75,7 +71,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.102 2003/03/05 22:33:43 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.128 2005/12/06 22:38:27 reyk Exp $");
 
 #include "xmalloc.h"
 #include "atomicio.h"
@@ -84,11 +80,7 @@ RCSID("$OpenBSD: scp.c,v 1.102 2003/03/05 22:33:43 markus Exp $");
 #include "misc.h"
 #include "progressmeter.h"
 
-#ifdef HAVE___PROGNAME
 extern char *__progname;
-#else
-char *__progname;
-#endif
 
 void bwlimit(int);
 
@@ -96,7 +88,7 @@ void bwlimit(int);
 arglist args;
 
 /* Bandwidth limit */
-off_t limitbw = 0;
+off_t limit_rate = 0;
 
 /* Name of current file being transferred. */
 char *curfile;
@@ -111,7 +103,20 @@ int showprogress = 1;
 char *ssh_program = _PATH_SSH_PROGRAM;
 
 /* This is used to store the pid of ssh_program */
-pid_t do_cmd_pid;
+pid_t do_cmd_pid = -1;
+
+static void
+killchild(int signo)
+{
+       if (do_cmd_pid > 1) {
+               kill(do_cmd_pid, signo ? signo : SIGTERM);
+               waitpid(do_cmd_pid, NULL, 0);
+       }
+
+       if (signo)
+               _exit(1);
+       exit(1);
+}
 
 /*
  * This function executes the given command as the specified user on the
@@ -146,7 +151,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc)
        close(reserved[0]);
        close(reserved[1]);
 
-       /* For a child to execute the command on the remote host using ssh. */
+       /* Fork a child to execute the command on the remote host using ssh. */
        do_cmd_pid = fork();
        if (do_cmd_pid == 0) {
                /* Child. */
@@ -174,11 +179,14 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc)
        *fdout = pin[1];
        close(pout[1]);
        *fdin = pout[0];
+       signal(SIGTERM, killchild);
+       signal(SIGINT, killchild);
+       signal(SIGHUP, killchild);
        return 0;
 }
 
 typedef struct {
-       int cnt;
+       size_t cnt;
        char *buf;
 } BUF;
 
@@ -206,9 +214,7 @@ void toremote(char *, int, char *[]);
 void usage(void);
 
 int
-main(argc, argv)
-       int argc;
-       char *argv[];
+main(int argc, char **argv)
 {
        int ch, fflag, tflag, status;
        double speed;
@@ -216,12 +222,16 @@ main(argc, argv)
        extern char *optarg;
        extern int optind;
 
-       __progname = get_progname(argv[0]);
+       /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
+       sanitise_stdfd();
+
+       __progname = ssh_get_progname(argv[0]);
 
        args.list = NULL;
        addargs(&args, "ssh");          /* overwritten with ssh_program */
        addargs(&args, "-x");
        addargs(&args, "-oForwardAgent no");
+       addargs(&args, "-oPermitLocalCommand no");
        addargs(&args, "-oClearAllForwardings yes");
 
        fflag = tflag = 0;
@@ -251,7 +261,7 @@ main(argc, argv)
                        speed = strtod(optarg, &endp);
                        if (speed <= 0 || *endp != '\0')
                                usage();
-                       limitbw = speed * 1024;
+                       limit_rate = speed * 1024;
                        break;
                case 'p':
                        pflag = 1;
@@ -267,6 +277,7 @@ main(argc, argv)
                        verbose_mode = 1;
                        break;
                case 'q':
+                       addargs(&args, "-q");
                        showprogress = 0;
                        break;
 
@@ -292,7 +303,7 @@ main(argc, argv)
        argv += optind;
 
        if ((pwd = getpwuid(userid = getuid())) == NULL)
-               fatal("unknown user %d", (int) userid);
+               fatal("unknown user %u", (u_int) userid);
 
        if (!isatty(STDERR_FILENO))
                showprogress = 0;
@@ -353,25 +364,24 @@ main(argc, argv)
 }
 
 void
-toremote(targ, argc, argv)
-       char *targ, *argv[];
-       int argc;
+toremote(char *targ, int argc, char **argv)
 {
        int i, len;
-       char *bp, *host, *src, *suser, *thost, *tuser;
+       char *bp, *host, *src, *suser, *thost, *tuser, *arg;
 
        *targ++ = 0;
        if (*targ == 0)
                targ = ".";
 
-       if ((thost = strrchr(argv[argc - 1], '@'))) {
+       arg = xstrdup(argv[argc - 1]);
+       if ((thost = strrchr(arg, '@'))) {
                /* user@host */
                *thost++ = 0;
-               tuser = argv[argc - 1];
+               tuser = arg;
                if (*tuser == '\0')
                        tuser = NULL;
        } else {
-               thost = argv[argc - 1];
+               thost = arg;
                tuser = NULL;
        }
 
@@ -422,7 +432,8 @@ toremote(targ, argc, argv)
                        }
                        if (verbose_mode)
                                fprintf(stderr, "Executing: %s\n", bp);
-                       (void) system(bp);
+                       if (system(bp) != 0)
+                               errs = 1;
                        (void) xfree(bp);
                } else {        /* local to remote */
                        if (remin == -1) {
@@ -443,9 +454,7 @@ toremote(targ, argc, argv)
 }
 
 void
-tolocal(argc, argv)
-       int argc;
-       char *argv[];
+tolocal(int argc, char **argv)
 {
        int i, len;
        char *bp, *host, *src, *suser;
@@ -494,15 +503,14 @@ tolocal(argc, argv)
 }
 
 void
-source(argc, argv)
-       int argc;
-       char *argv[];
+source(int argc, char **argv)
 {
        struct stat stb;
        static BUF buffer;
        BUF *bp;
-       off_t i, amt, result, statbytes;
-       int fd, haderr, indx;
+       off_t i, amt, statbytes;
+       size_t result;
+       int fd = -1, haderr, indx;
        char *last, *name, buf[2048];
        int len;
 
@@ -549,29 +557,25 @@ syserr:                   run_err("%s: %s", name, strerror(errno));
                        (void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n",
                            (u_long) stb.st_mtime,
                            (u_long) stb.st_atime);
-                       (void) atomicio(write, remout, buf, strlen(buf));
+                       (void) atomicio(vwrite, remout, buf, strlen(buf));
                        if (response() < 0)
                                goto next;
                }
 #define        FILEMODEMASK    (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO)
-#ifdef HAVE_LONG_LONG_INT
                snprintf(buf, sizeof buf, "C%04o %lld %s\n",
                    (u_int) (stb.st_mode & FILEMODEMASK),
                    (long long)stb.st_size, last);
-#else
-               /* XXX: Handle integer overflow? */
-               snprintf(buf, sizeof buf, "C%04o %lu %s\n",
-                   (u_int) (stb.st_mode & FILEMODEMASK),
-                   (u_long) stb.st_size, last);
-#endif
                if (verbose_mode) {
                        fprintf(stderr, "Sending file modes: %s", buf);
                }
-               (void) atomicio(write, remout, buf, strlen(buf));
+               (void) atomicio(vwrite, remout, buf, strlen(buf));
                if (response() < 0)
                        goto next;
                if ((bp = allocbuf(&buffer, fd, 2048)) == NULL) {
-next:                  (void) close(fd);
+next:                  if (fd != -1) {
+                               (void) close(fd);
+                               fd = -1;
+                       }
                        continue;
                }
                if (showprogress)
@@ -584,26 +588,29 @@ next:                     (void) close(fd);
                        if (!haderr) {
                                result = atomicio(read, fd, bp->buf, amt);
                                if (result != amt)
-                                       haderr = result >= 0 ? EIO : errno;
+                                       haderr = errno;
                        }
                        if (haderr)
-                               (void) atomicio(write, remout, bp->buf, amt);
+                               (void) atomicio(vwrite, remout, bp->buf, amt);
                        else {
-                               result = atomicio(write, remout, bp->buf, amt);
+                               result = atomicio(vwrite, remout, bp->buf, amt);
                                if (result != amt)
-                                       haderr = result >= 0 ? EIO : errno;
+                                       haderr = errno;
                                statbytes += result;
                        }
-                       if (limitbw)
+                       if (limit_rate)
                                bwlimit(amt);
                }
                if (showprogress)
                        stop_progress_meter();
 
-               if (close(fd) < 0 && !haderr)
-                       haderr = errno;
+               if (fd != -1) {
+                       if (close(fd) < 0 && !haderr)
+                               haderr = errno;
+                       fd = -1;
+               }
                if (!haderr)
-                       (void) atomicio(write, remout, "", 1);
+                       (void) atomicio(vwrite, remout, "", 1);
                else
                        run_err("%s: %s", name, strerror(haderr));
                (void) response();
@@ -611,9 +618,7 @@ next:                       (void) close(fd);
 }
 
 void
-rsource(name, statp)
-       char *name;
-       struct stat *statp;
+rsource(char *name, struct stat *statp)
 {
        DIR *dirp;
        struct dirent *dp;
@@ -632,7 +637,7 @@ rsource(name, statp)
                (void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n",
                    (u_long) statp->st_mtime,
                    (u_long) statp->st_atime);
-               (void) atomicio(write, remout, path, strlen(path));
+               (void) atomicio(vwrite, remout, path, strlen(path));
                if (response() < 0) {
                        closedir(dirp);
                        return;
@@ -642,7 +647,7 @@ rsource(name, statp)
            (u_int) (statp->st_mode & FILEMODEMASK), 0, last);
        if (verbose_mode)
                fprintf(stderr, "Entering directory: %s", path);
-       (void) atomicio(write, remout, path, strlen(path));
+       (void) atomicio(vwrite, remout, path, strlen(path));
        if (response() < 0) {
                closedir(dirp);
                return;
@@ -661,7 +666,7 @@ rsource(name, statp)
                source(1, vect);
        }
        (void) closedir(dirp);
-       (void) atomicio(write, remout, "E\n", 2);
+       (void) atomicio(vwrite, remout, "E\n", 2);
        (void) response();
 }
 
@@ -670,7 +675,7 @@ bwlimit(int amount)
 {
        static struct timeval bwstart, bwend;
        static int lamt, thresh = 16384;
-       u_int64_t wait;
+       u_int64_t waitlen;
        struct timespec ts, rm;
 
        if (!timerisset(&bwstart)) {
@@ -688,10 +693,10 @@ bwlimit(int amount)
                return;
 
        lamt *= 8;
-       wait = (double)1000000L * lamt / limitbw;
+       waitlen = (double)1000000L * lamt / limit_rate;
 
-       bwstart.tv_sec = wait / 1000000L;
-       bwstart.tv_usec = wait % 1000000L;
+       bwstart.tv_sec = waitlen / 1000000L;
+       bwstart.tv_usec = waitlen % 1000000L;
 
        if (timercmp(&bwstart, &bwend, >)) {
                timersub(&bwstart, &bwend, &bwend);
@@ -720,9 +725,7 @@ bwlimit(int amount)
 }
 
 void
-sink(argc, argv)
-       int argc;
-       char *argv[];
+sink(int argc, char **argv)
 {
        static BUF buffer;
        struct stat stb;
@@ -730,8 +733,9 @@ sink(argc, argv)
                YES, NO, DISPLAYED
        } wrerr;
        BUF *bp;
-       off_t i, j;
-       int amt, count, exists, first, mask, mode, ofd, omode;
+       off_t i;
+       size_t j, count;
+       int amt, exists, first, mask, mode, ofd, omode;
        off_t size, statbytes;
        int setimes, targisdir, wrerrno = 0;
        char ch, *cp, *np, *targ, *why, *vect[1], buf[2048];
@@ -739,7 +743,7 @@ sink(argc, argv)
 
 #define        atime   tv[0]
 #define        mtime   tv[1]
-#define        SCREWUP(str)    do { why = str; goto screwup; } while (0)
+#define        SCREWUP(str)    { why = str; goto screwup; }
 
        setimes = targisdir = 0;
        mask = umask(0);
@@ -753,12 +757,12 @@ sink(argc, argv)
        if (targetshouldbedirectory)
                verifydir(targ);
 
-       (void) atomicio(write, remout, "", 1);
+       (void) atomicio(vwrite, remout, "", 1);
        if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode))
                targisdir = 1;
        for (first = 1;; first = 0) {
                cp = buf;
-               if (atomicio(read, remin, cp, 1) <= 0)
+               if (atomicio(read, remin, cp, 1) != 1)
                        return;
                if (*cp++ == '\n')
                        SCREWUP("unexpected <newline>");
@@ -768,10 +772,12 @@ sink(argc, argv)
                        *cp++ = ch;
                } while (cp < &buf[sizeof(buf) - 1] && ch != '\n');
                *cp = 0;
+               if (verbose_mode)
+                       fprintf(stderr, "Sink: %s", buf);
 
                if (buf[0] == '\01' || buf[0] == '\02') {
                        if (iamremote == 0)
-                               (void) atomicio(write, STDERR_FILENO,
+                               (void) atomicio(vwrite, STDERR_FILENO,
                                    buf + 1, strlen(buf + 1));
                        if (buf[0] == '\02')
                                exit(1);
@@ -779,7 +785,7 @@ sink(argc, argv)
                        continue;
                }
                if (buf[0] == 'E') {
-                       (void) atomicio(write, remout, "", 1);
+                       (void) atomicio(vwrite, remout, "", 1);
                        return;
                }
                if (ch == '\n')
@@ -801,7 +807,7 @@ sink(argc, argv)
                        atime.tv_usec = strtol(cp, &cp, 10);
                        if (!cp || *cp++ != '\0')
                                SCREWUP("atime.usec not delimited");
-                       (void) atomicio(write, remout, "", 1);
+                       (void) atomicio(vwrite, remout, "", 1);
                        continue;
                }
                if (*cp != 'C' && *cp != 'D') {
@@ -831,9 +837,13 @@ sink(argc, argv)
                        size = size * 10 + (*cp++ - '0');
                if (*cp++ != ' ')
                        SCREWUP("size not delimited");
+               if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+                       run_err("error: unexpected filename: %s", cp);
+                       exit(1);
+               }
                if (targisdir) {
                        static char *namebuf;
-                       static int cursize;
+                       static size_t cursize;
                        size_t need;
 
                        need = strlen(targ) + strlen(cp) + 250;
@@ -852,6 +862,8 @@ sink(argc, argv)
                exists = stat(np, &stb) == 0;
                if (buf[0] == 'D') {
                        int mod_flag = pflag;
+                       if (!iamrecursive)
+                               SCREWUP("received directory without -r");
                        if (exists) {
                                if (!S_ISDIR(stb.st_mode)) {
                                        errno = ENOTDIR;
@@ -886,7 +898,7 @@ sink(argc, argv)
 bad:                   run_err("%s: %s", np, strerror(errno));
                        continue;
                }
-               (void) atomicio(write, remout, "", 1);
+               (void) atomicio(vwrite, remout, "", 1);
                if ((bp = allocbuf(&buffer, ofd, 4096)) == NULL) {
                        (void) close(ofd);
                        continue;
@@ -903,11 +915,8 @@ bad:                       run_err("%s: %s", np, strerror(errno));
                                amt = size - i;
                        count += amt;
                        do {
-                               j = read(remin, cp, amt);
-                               if (j == -1 && (errno == EINTR ||
-                                   errno == EAGAIN)) {
-                                       continue;
-                               } else if (j <= 0) {
+                               j = atomicio(read, remin, cp, amt);
+                               if (j == 0) {
                                        run_err("%s", j ? strerror(errno) :
                                            "dropped connection");
                                        exit(1);
@@ -916,17 +925,17 @@ bad:                      run_err("%s: %s", np, strerror(errno));
                                cp += j;
                                statbytes += j;
                        } while (amt > 0);
-               
-                       if (limitbw)
+
+                       if (limit_rate)
                                bwlimit(4096);
 
                        if (count == bp->cnt) {
                                /* Keep reading so we stay sync'd up. */
                                if (wrerr == NO) {
-                                       j = atomicio(write, ofd, bp->buf, count);
-                                       if (j != count) {
+                                       if (atomicio(vwrite, ofd, bp->buf,
+                                           count) != count) {
                                                wrerr = YES;
-                                               wrerrno = j >= 0 ? EIO : errno;
+                                               wrerrno = errno;
                                        }
                                }
                                count = 0;
@@ -936,9 +945,9 @@ bad:                        run_err("%s: %s", np, strerror(errno));
                if (showprogress)
                        stop_progress_meter();
                if (count != 0 && wrerr == NO &&
-                   (j = atomicio(write, ofd, bp->buf, count)) != count) {
+                   atomicio(vwrite, ofd, bp->buf, count) != count) {
                        wrerr = YES;
-                       wrerrno = j >= 0 ? EIO : errno;
+                       wrerrno = errno;
                }
                if (wrerr == NO && ftruncate(ofd, size) != 0) {
                        run_err("%s: truncate: %s", np, strerror(errno));
@@ -947,21 +956,25 @@ bad:                      run_err("%s: %s", np, strerror(errno));
                if (pflag) {
                        if (exists || omode != mode)
 #ifdef HAVE_FCHMOD
-                               if (fchmod(ofd, omode))
+                               if (fchmod(ofd, omode)) {
 #else /* HAVE_FCHMOD */
-                               if (chmod(np, omode))
+                               if (chmod(np, omode)) {
 #endif /* HAVE_FCHMOD */
                                        run_err("%s: set mode: %s",
                                            np, strerror(errno));
+                                       wrerr = DISPLAYED;
+                               }
                } else {
                        if (!exists && omode != mode)
 #ifdef HAVE_FCHMOD
-                               if (fchmod(ofd, omode & ~mask))
+                               if (fchmod(ofd, omode & ~mask)) {
 #else /* HAVE_FCHMOD */
-                               if (chmod(np, omode & ~mask))
+                               if (chmod(np, omode & ~mask)) {
 #endif /* HAVE_FCHMOD */
                                        run_err("%s: set mode: %s",
                                            np, strerror(errno));
+                                       wrerr = DISPLAYED;
+                               }
                }
                if (close(ofd) == -1) {
                        wrerr = YES;
@@ -981,7 +994,7 @@ bad:                        run_err("%s: %s", np, strerror(errno));
                        run_err("%s: %s", np, strerror(wrerrno));
                        break;
                case NO:
-                       (void) atomicio(write, remout, "", 1);
+                       (void) atomicio(vwrite, remout, "", 1);
                        break;
                case DISPLAYED:
                        break;
@@ -1016,7 +1029,7 @@ response(void)
                } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n');
 
                if (!iamremote)
-                       (void) atomicio(write, STDERR_FILENO, rbuf, cp - rbuf);
+                       (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf);
                ++errs;
                if (resp == 1)
                        return (-1);
@@ -1029,8 +1042,8 @@ void
 usage(void)
 {
        (void) fprintf(stderr,
-           "usage: scp [-pqrvBC1246] [-F config] [-S program] [-P port]\n"
-           "           [-c cipher] [-i identity] [-l limit] [-o option]\n"
+           "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
+           "           [-l limit] [-o ssh_option] [-P port] [-S program]\n"
            "           [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
        exit(1);
 }
@@ -1061,8 +1074,7 @@ run_err(const char *fmt,...)
 }
 
 void
-verifydir(cp)
-       char *cp;
+verifydir(char *cp)
 {
        struct stat stb;
 
@@ -1072,12 +1084,11 @@ verifydir(cp)
                errno = ENOTDIR;
        }
        run_err("%s: %s", cp, strerror(errno));
-       exit(1);
+       killchild(0);
 }
 
 int
-okname(cp0)
-       char *cp0;
+okname(char *cp0)
 {
        int c;
        char *cp;
@@ -1107,9 +1118,7 @@ bad:      fprintf(stderr, "%s: invalid user name\n", cp0);
 }
 
 BUF *
-allocbuf(bp, fd, blksize)
-       BUF *bp;
-       int fd, blksize;
+allocbuf(BUF *bp, int fd, int blksize)
 {
        size_t size;
 #ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
@@ -1137,8 +1146,7 @@ allocbuf(bp, fd, blksize)
 }
 
 void
-lostconn(signo)
-       int signo;
+lostconn(int signo)
 {
        if (!iamremote)
                write(STDERR_FILENO, "lost connection\n", 16);
git-cvsimport mirror of OpenSSH
This page took 2.676699 seconds and 4 git commands to generate.