* New upstream release (closes: #453367).

  - CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
    creation of an untrusted cookie fails; found and fixed by Jan Pechanec
    (closes: #444738).
  - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
    installations are unchanged.
  - The SSH channel window size has been increased, and both ssh(1)
    sshd(8) now send window updates more aggressively. These improves
    performance on high-BDP (Bandwidth Delay Product) networks.
  - ssh(1) and sshd(8) now preserve MAC contexts between packets, which
    saves 2 hash calls per packet and results in 12-16% speedup for
    arcfour256/hmac-md5.
  - A new MAC algorithm has been added, UMAC-64 (RFC4418) as
    "umac-64@openssh.com". UMAC-64 has been measured to be approximately
    20% faster than HMAC-MD5.
  - Failure to establish a ssh(1) TunnelForward is now treated as a fatal
    error when the ExitOnForwardFailure option is set.
  - ssh(1) returns a sensible exit status if the control master goes away
    without passing the full exit status.
  - When using a ProxyCommand in ssh(1), set the outgoing hostname with
    gethostname(2), allowing hostbased authentication to work.
  - Make scp(1) skip FIFOs rather than hanging (closes: #246774).
  - Encode non-printing characters in scp(1) filenames. These could cause
    copies to be aborted with a "protocol error".
  - Handle SIGINT in sshd(8) privilege separation child process to ensure
    that wtmp and lastlog records are correctly updated.
  - Report GSSAPI mechanism in errors, for libraries that support multiple
    mechanisms.
  - Improve documentation for ssh-add(1)'s -d option.
  - Rearrange and tidy GSSAPI code, removing server-only code being linked
    into the client.
  - Delay execution of ssh(1)'s LocalCommand until after all forwardings
    have been established.
  - In scp(1), do not truncate non-regular files.
  - Improve exit message from ControlMaster clients.
  - Prevent sftp-server(8) from reading until it runs out of buffer space,
    whereupon it would exit with a fatal error (closes: #365541).
  - pam_end() was not being called if authentication failed
    (closes: #405041).
  - Manual page datestamps updated (closes: #433181).

1 files changed, 13 insertions, 9 deletions

diff --git a/scp.c b/scp.c
index a52aaeb12..1765a44e6 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.156 2007/01/22 13:06:21 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.160 2007/08/06 19:16:06 sobrado Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -96,6 +96,9 @@
 #include <string.h>
 #include <time.h>
 #include <unistd.h>
+#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
+#include <vis.h>
+#endif
 
 #include "xmalloc.h"
 #include "atomicio.h"
@@ -582,7 +585,7 @@ source(int argc, char **argv)
         off_t i, amt, statbytes;
         size_t result;
         int fd = -1, haderr, indx;
-        char *last, *name, buf[2048];
+        char *last, *name, buf[2048], encname[MAXPATHLEN];
         int len;
 
         for (indx = 0; indx < argc; ++indx) {
@@ -591,17 +594,17 @@ source(int argc, char **argv)
                 len = strlen(name);
                 while (len > 1 && name[len-1] == '/')
                         name[--len] = '\0';
+                if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0)
+                        goto syserr;
                 if (strchr(name, '\n') != NULL) {
-                        run_err("%s: skipping, filename contains a newline",
-                            name);
-                        goto next;
+                        strnvis(encname, name, sizeof(encname), VIS_NL);
+                        name = encname;
                 }
-                if ((fd = open(name, O_RDONLY, 0)) < 0)
-                        goto syserr;
                 if (fstat(fd, &stb) < 0) {
 syserr:                 run_err("%s: %s", name, strerror(errno));
                         goto next;
                 }
+                unset_nonblock(fd);
                 switch (stb.st_mode & S_IFMT) {
                 case S_IFREG:
                         break;
@@ -1021,7 +1024,8 @@ bad:			run_err("%s: %s", np, strerror(errno));
                         wrerr = YES;
                         wrerrno = errno;
                 }
-                if (wrerr == NO && ftruncate(ofd, size) != 0) {
+                if (wrerr == NO && (!exists || S_ISREG(stb.st_mode)) &&
+                    ftruncate(ofd, size) != 0) {
                         run_err("%s: truncate: %s", np, strerror(errno));
                         wrerr = DISPLAYED;
                 }
@@ -1116,7 +1120,7 @@ usage(void)
         (void) fprintf(stderr,
             "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
             "           [-l limit] [-o ssh_option] [-P port] [-S program]\n"
-            "           [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
+            "           [[user@]host1:]file1 ... [[user@]host2:]file2\n");
         exit(1);
 }