-/* $OpenBSD: sftp-server.c,v 1.80 2008/05/18 21:29:05 djm Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.91 2010/01/13 01:40:16 djm Exp $ */
/*
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
*
#ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
#endif
+#ifdef HAVE_SYS_MOUNT_H
#include <sys/mount.h>
+#endif
+#ifdef HAVE_SYS_STATVFS_H
#include <sys/statvfs.h>
+#endif
#include <dirent.h>
#include <errno.h>
/* Version of client */
int version;
+/* Disable writes */
+int readonly;
+
/* portable attributes, etc. */
typedef struct Stat Stat;
case EINVAL:
ret = SSH2_FX_BAD_MESSAGE;
break;
+ case ENOSYS:
+ ret = SSH2_FX_OP_UNSUPPORTED;
+ break;
default:
ret = SSH2_FX_FAILURE;
break;
buffer_init(&msg);
buffer_put_char(&msg, SSH2_FXP_EXTENDED_REPLY);
buffer_put_int(&msg, id);
- buffer_put_int(&msg, st->f_bsize);
- buffer_put_int(&msg, st->f_frsize);
+ buffer_put_int64(&msg, st->f_bsize);
+ buffer_put_int64(&msg, st->f_frsize);
buffer_put_int64(&msg, st->f_blocks);
buffer_put_int64(&msg, st->f_bfree);
buffer_put_int64(&msg, st->f_bavail);
buffer_put_int64(&msg, st->f_files);
buffer_put_int64(&msg, st->f_ffree);
buffer_put_int64(&msg, st->f_favail);
- buffer_put_int(&msg, st->f_fsid);
- buffer_put_int(&msg, flag);
- buffer_put_int(&msg, st->f_namemax);
+ buffer_put_int64(&msg, FSID_TO_ULONG(st->f_fsid));
+ buffer_put_int64(&msg, flag);
+ buffer_put_int64(&msg, st->f_namemax);
send_msg(&msg);
buffer_free(&msg);
}
buffer_put_cstring(&msg, "1"); /* version */
/* statvfs extension */
buffer_put_cstring(&msg, "statvfs@openssh.com");
- buffer_put_cstring(&msg, "1"); /* version */
+ buffer_put_cstring(&msg, "2"); /* version */
/* fstatvfs extension */
buffer_put_cstring(&msg, "fstatvfs@openssh.com");
- buffer_put_cstring(&msg, "1"); /* version */
+ buffer_put_cstring(&msg, "2"); /* version */
send_msg(&msg);
buffer_free(&msg);
}
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
logit("open \"%s\" flags %s mode 0%o",
name, string_from_portable(pflags), mode);
- fd = open(name, flags, mode);
- if (fd < 0) {
- status = errno_to_portable(errno);
- } else {
- handle = handle_new(HANDLE_FILE, name, fd, NULL);
- if (handle < 0) {
- close(fd);
+ if (readonly &&
+ ((flags & O_ACCMODE) == O_WRONLY || (flags & O_ACCMODE) == O_RDWR))
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ fd = open(name, flags, mode);
+ if (fd < 0) {
+ status = errno_to_portable(errno);
} else {
- send_handle(id, handle);
- status = SSH2_FX_OK;
+ handle = handle_new(HANDLE_FILE, name, fd, NULL);
+ if (handle < 0) {
+ close(fd);
+ } else {
+ send_handle(id, handle);
+ status = SSH2_FX_OK;
+ }
}
}
if (status != SSH2_FX_OK)
u_int32_t id;
u_int64_t off;
u_int len;
- int handle, fd, ret, status = SSH2_FX_FAILURE;
+ int handle, fd, ret, status;
char *data;
id = get_int();
debug("request %u: write \"%s\" (handle %d) off %llu len %d",
id, handle_to_name(handle), handle, (unsigned long long)off, len);
fd = handle_to_fd(handle);
- if (fd >= 0) {
+
+ if (fd < 0)
+ status = SSH2_FX_FAILURE;
+ else if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
if (lseek(fd, off, SEEK_SET) < 0) {
status = errno_to_portable(errno);
error("process_write: seek failed");
handle_update_write(handle, ret);
} else {
debug2("nothing at all written");
+ status = SSH2_FX_FAILURE;
}
}
}
name = get_string(NULL);
a = get_attrib();
debug("request %u: setstat name \"%s\"", id, name);
+ if (readonly) {
+ status = SSH2_FX_PERMISSION_DENIED;
+ a->flags = 0;
+ }
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
logit("set \"%s\" size %llu",
name, (unsigned long long)a->size);
}
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
logit("set \"%s\" mode %04o", name, a->perm);
- ret = chmod(name, a->perm & 0777);
+ ret = chmod(name, a->perm & 07777);
if (ret == -1)
status = errno_to_portable(errno);
}
a = get_attrib();
debug("request %u: fsetstat handle %d", id, handle);
fd = handle_to_fd(handle);
- if (fd < 0) {
+ if (fd < 0)
status = SSH2_FX_FAILURE;
- } else {
+ else if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
char *name = handle_to_name(handle);
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
logit("set \"%s\" mode %04o", name, a->perm);
#ifdef HAVE_FCHMOD
- ret = fchmod(fd, a->perm & 0777);
+ ret = fchmod(fd, a->perm & 07777);
#else
- ret = chmod(name, a->perm & 0777);
+ ret = chmod(name, a->perm & 07777);
#endif
if (ret == -1)
status = errno_to_portable(errno);
continue;
stat_to_attrib(&st, &(stats[count].attrib));
stats[count].name = xstrdup(dp->d_name);
- stats[count].long_name = ls_file(dp->d_name, &st, 0);
+ stats[count].long_name = ls_file(dp->d_name, &st, 0, 0);
count++;
/* send up to 100 entries in one message */
/* XXX check packet size instead */
name = get_string(NULL);
debug3("request %u: remove", id);
logit("remove name \"%s\"", name);
- ret = unlink(name);
- status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ ret = unlink(name);
+ status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ }
send_status(id, status);
xfree(name);
}
name = get_string(NULL);
a = get_attrib();
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
- a->perm & 0777 : 0777;
+ a->perm & 07777 : 0777;
debug3("request %u: mkdir", id);
logit("mkdir name \"%s\" mode 0%o", name, mode);
- ret = mkdir(name, mode);
- status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ ret = mkdir(name, mode);
+ status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ }
send_status(id, status);
xfree(name);
}
name = get_string(NULL);
debug3("request %u: rmdir", id);
logit("rmdir name \"%s\"", name);
- ret = rmdir(name);
- status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ ret = rmdir(name);
+ status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ }
send_status(id, status);
xfree(name);
}
debug3("request %u: rename", id);
logit("rename old \"%s\" new \"%s\"", oldpath, newpath);
status = SSH2_FX_FAILURE;
- if (lstat(oldpath, &sb) == -1)
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else if (lstat(oldpath, &sb) == -1)
status = errno_to_portable(errno);
else if (S_ISREG(sb.st_mode)) {
/* Race-free rename of regular files */
if (link(oldpath, newpath) == -1) {
- if (errno == EOPNOTSUPP
+ if (errno == EOPNOTSUPP || errno == ENOSYS
+#ifdef EXDEV
+ || errno == EXDEV
+#endif
#ifdef LINK_OPNOTSUPP_ERRNO
|| errno == LINK_OPNOTSUPP_ERRNO
#endif
debug3("request %u: symlink", id);
logit("symlink old \"%s\" new \"%s\"", oldpath, newpath);
/* this will fail if 'newpath' exists */
- ret = symlink(oldpath, newpath);
- status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ ret = symlink(oldpath, newpath);
+ status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ }
send_status(id, status);
xfree(oldpath);
xfree(newpath);
process_extended_posix_rename(u_int32_t id)
{
char *oldpath, *newpath;
+ int ret, status;
oldpath = get_string(NULL);
newpath = get_string(NULL);
debug3("request %u: posix-rename", id);
logit("posix-rename old \"%s\" new \"%s\"", oldpath, newpath);
- if (rename(oldpath, newpath) == -1)
- send_status(id, errno_to_portable(errno));
- else
- send_status(id, SSH2_FX_OK);
+ if (readonly)
+ status = SSH2_FX_PERMISSION_DENIED;
+ else {
+ ret = rename(oldpath, newpath);
+ status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
+ }
+ send_status(id, status);
xfree(oldpath);
xfree(newpath);
}
extern char *__progname;
fprintf(stderr,
- "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname);
+ "usage: %s [-ehR] [-f log_facility] [-l log_level] [-u umask]\n",
+ __progname);
exit(1);
}
ssize_t len, olen, set_size;
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
char *cp, buf[4*4096];
+ const char *errmsg;
+ mode_t mask;
extern char *optarg;
extern char *__progname;
__progname = ssh_get_progname(argv[0]);
log_init(__progname, log_level, log_facility, log_stderr);
- while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
+ while (!skipargs && (ch = getopt(argc, argv, "f:l:u:cehR")) != -1) {
switch (ch) {
+ case 'R':
+ readonly = 1;
+ break;
case 'c':
/*
* Ignore all arguments if we are invoked as a
if (log_facility == SYSLOG_FACILITY_NOT_SET)
error("Invalid log facility \"%s\"", optarg);
break;
+ case 'u':
+ mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg);
+ if (errmsg != NULL)
+ fatal("Invalid umask \"%s\": %s",
+ optarg, errmsg);
+ (void)umask(mask);
+ break;
case 'h':
default:
sftp_server_usage();
logit("session opened for local user %s from [%s]",
pw->pw_name, client_addr);
- in = dup(STDIN_FILENO);
- out = dup(STDOUT_FILENO);
+ in = STDIN_FILENO;
+ out = STDOUT_FILENO;
#ifdef HAVE_CYGWIN
setmode(in, O_BINARY);
andersk / openssh.git / blobdiff