diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2017-11-28 21:10:22 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2017-12-07 11:38:50 +1100 |
| commit | 3dde09ab38c8e1cfc28252be473541a81bc57097 (patch) | |
| tree | 79e56489b223ac1cc4649c6e8d7c2d06b3515c9f /sftp-client.c | |
| parent | 6c8a246437f612ada8541076be2414846d767319 (diff) | |
upstream commit
Have sftp print a warning about shell cleanliness when
decoding the first packet fails, which is usually caused by shells polluting
stdout of non-interactive starups. bz#2800, ok markus@ deraadt@.
OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
Diffstat (limited to 'sftp-client.c')
| -rw-r--r-- | sftp-client.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/sftp-client.c b/sftp-client.c index 626330262..0b53a2e68 100644 --- a/sftp-client.c +++ b/sftp-client.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sftp-client.c,v 1.127 2017/08/11 04:41:08 djm Exp $ */ | 1 | /* $OpenBSD: sftp-client.c,v 1.128 2017/11/28 21:10:22 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
| 4 | * | 4 | * |
| @@ -130,7 +130,7 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) | |||
| 130 | } | 130 | } |
| 131 | 131 | ||
| 132 | static void | 132 | static void |
| 133 | get_msg(struct sftp_conn *conn, struct sshbuf *m) | 133 | get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) |
| 134 | { | 134 | { |
| 135 | u_int msg_len; | 135 | u_int msg_len; |
| 136 | u_char *p; | 136 | u_char *p; |
| @@ -148,8 +148,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m) | |||
| 148 | 148 | ||
| 149 | if ((r = sshbuf_get_u32(m, &msg_len)) != 0) | 149 | if ((r = sshbuf_get_u32(m, &msg_len)) != 0) |
| 150 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 150 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| 151 | if (msg_len > SFTP_MAX_MSG_LENGTH) | 151 | if (msg_len > SFTP_MAX_MSG_LENGTH) { |
| 152 | fatal("Received message too long %u", msg_len); | 152 | do_log2(initial ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_FATAL, |
| 153 | "Received message too long %u", msg_len); | ||
| 154 | fatal("Ensure the remote shell produces no output " | ||
| 155 | "for non-interactive sessions."); | ||
| 156 | } | ||
| 153 | 157 | ||
| 154 | if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) | 158 | if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) |
| 155 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | 159 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); |
| @@ -164,6 +168,12 @@ get_msg(struct sftp_conn *conn, struct sshbuf *m) | |||
| 164 | } | 168 | } |
| 165 | 169 | ||
| 166 | static void | 170 | static void |
| 171 | get_msg(struct sftp_conn *conn, struct sshbuf *m) | ||
| 172 | { | ||
| 173 | get_msg_extended(conn, m, 0); | ||
| 174 | } | ||
| 175 | |||
| 176 | static void | ||
| 167 | send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, | 177 | send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, |
| 168 | u_int len) | 178 | u_int len) |
| 169 | { | 179 | { |
| @@ -406,7 +416,7 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, | |||
| 406 | 416 | ||
| 407 | sshbuf_reset(msg); | 417 | sshbuf_reset(msg); |
| 408 | 418 | ||
| 409 | get_msg(ret, msg); | 419 | get_msg_extended(ret, msg, 1); |
| 410 | 420 | ||
| 411 | /* Expecting a VERSION reply */ | 421 | /* Expecting a VERSION reply */ |
| 412 | if ((r = sshbuf_get_u8(msg, &type)) != 0) | 422 | if ((r = sshbuf_get_u8(msg, &type)) != 0) |