summaryrefslogtreecommitdiff
path: root/sftp-client.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2007-06-12 16:16:35 +0000
committerColin Watson <cjwatson@debian.org>2007-06-12 16:16:35 +0000
commitb7e40fa9da0b5491534a429dadb321eab5a77558 (patch)
treebed1da11e9f829925797aa093e379fc0b5868ecd /sftp-client.c
parent4f84beedf1005e44ff33c854abd6b711ffc0adb7 (diff)
parent086ea76990b1e6287c24b6db74adffd4605eb3b0 (diff)
* New upstream release (closes: #395507, #397961, #420035). Important
changes not previously backported to 4.3p2: - 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4): + On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. + Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post-authentication options are supported and more are expected to be added in future releases. + Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. + Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. + Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. + Add optional logging of transactions to sftp-server(8). + ssh(1) will now record port numbers for hosts stored in ~/.ssh/known_hosts when a non-standard port has been requested (closes: #50612). + Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. + Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. + Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. + Many manpage fixes and improvements. + Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. + Tokens in configuration files may be double-quoted in order to contain spaces (closes: #319639). + Move a debug() call out of a SIGCHLD handler, fixing a hang when the session exits very quickly (closes: #307890). + Fix some incorrect buffer allocation calculations (closes: #410599). + ssh-add doesn't ask for a passphrase if key file permissions are too liberal (closes: #103677). + Likewise, ssh doesn't ask either (closes: #99675). - 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6): + sshd now allows the enabling and disabling of authentication methods on a per user, group, host and network basis via the Match directive in sshd_config. + Fixed an inconsistent check for a terminal when displaying scp progress meter (closes: #257524). + Fix "hang on exit" when background processes are running at the time of exit on a ttyful/login session (closes: #88337). * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch; install ChangeLog.gssapi.
Diffstat (limited to 'sftp-client.c')
-rw-r--r--sftp-client.c43
1 files changed, 32 insertions, 11 deletions
diff --git a/sftp-client.c b/sftp-client.c
index 05bce3368..2746f3245 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,3 +1,4 @@
1/* $OpenBSD: sftp-client.c,v 1.76 2007/01/22 11:32:50 djm Exp $ */
1/* 2/*
2 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
3 * 4 *
@@ -20,17 +21,32 @@
20/* XXX: copy between two remote sites */ 21/* XXX: copy between two remote sites */
21 22
22#include "includes.h" 23#include "includes.h"
23RCSID("$OpenBSD: sftp-client.c,v 1.58 2006/01/02 01:20:31 djm Exp $");
24 24
25#include <sys/types.h>
26#include <sys/param.h>
25#include "openbsd-compat/sys-queue.h" 27#include "openbsd-compat/sys-queue.h"
28#ifdef HAVE_SYS_STAT_H
29# include <sys/stat.h>
30#endif
31#ifdef HAVE_SYS_TIME_H
32# include <sys/time.h>
33#endif
34#include <sys/uio.h>
35
36#include <errno.h>
37#include <fcntl.h>
38#include <signal.h>
39#include <stdarg.h>
40#include <stdio.h>
41#include <string.h>
42#include <unistd.h>
26 43
27#include "buffer.h"
28#include "bufaux.h"
29#include "getput.h"
30#include "xmalloc.h" 44#include "xmalloc.h"
45#include "buffer.h"
31#include "log.h" 46#include "log.h"
32#include "atomicio.h" 47#include "atomicio.h"
33#include "progressmeter.h" 48#include "progressmeter.h"
49#include "misc.h"
34 50
35#include "sftp.h" 51#include "sftp.h"
36#include "sftp-common.h" 52#include "sftp-common.h"
@@ -39,7 +55,7 @@ RCSID("$OpenBSD: sftp-client.c,v 1.58 2006/01/02 01:20:31 djm Exp $");
39extern volatile sig_atomic_t interrupted; 55extern volatile sig_atomic_t interrupted;
40extern int showprogress; 56extern int showprogress;
41 57
42/* Minimum amount of data to read at at time */ 58/* Minimum amount of data to read at a time */
43#define MIN_READ_SIZE 512 59#define MIN_READ_SIZE 512
44 60
45struct sftp_conn { 61struct sftp_conn {
@@ -55,16 +71,19 @@ static void
55send_msg(int fd, Buffer *m) 71send_msg(int fd, Buffer *m)
56{ 72{
57 u_char mlen[4]; 73 u_char mlen[4];
74 struct iovec iov[2];
58 75
59 if (buffer_len(m) > SFTP_MAX_MSG_LENGTH) 76 if (buffer_len(m) > SFTP_MAX_MSG_LENGTH)
60 fatal("Outbound message too long %u", buffer_len(m)); 77 fatal("Outbound message too long %u", buffer_len(m));
61 78
62 /* Send length first */ 79 /* Send length first */
63 PUT_32BIT(mlen, buffer_len(m)); 80 put_u32(mlen, buffer_len(m));
64 if (atomicio(vwrite, fd, mlen, sizeof(mlen)) != sizeof(mlen)) 81 iov[0].iov_base = mlen;
65 fatal("Couldn't send packet: %s", strerror(errno)); 82 iov[0].iov_len = sizeof(mlen);
83 iov[1].iov_base = buffer_ptr(m);
84 iov[1].iov_len = buffer_len(m);
66 85
67 if (atomicio(vwrite, fd, buffer_ptr(m), buffer_len(m)) != buffer_len(m)) 86 if (atomiciov(writev, fd, iov, 2) != buffer_len(m) + sizeof(mlen))
68 fatal("Couldn't send packet: %s", strerror(errno)); 87 fatal("Couldn't send packet: %s", strerror(errno));
69 88
70 buffer_clear(m); 89 buffer_clear(m);
@@ -388,8 +407,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
388 printf("%s\n", longname); 407 printf("%s\n", longname);
389 408
390 if (dir) { 409 if (dir) {
391 *dir = xrealloc(*dir, sizeof(**dir) * 410 *dir = xrealloc(*dir, ents + 2, sizeof(**dir));
392 (ents + 2));
393 (*dir)[ents] = xmalloc(sizeof(***dir)); 411 (*dir)[ents] = xmalloc(sizeof(***dir));
394 (*dir)[ents]->filename = xstrdup(filename); 412 (*dir)[ents]->filename = xstrdup(filename);
395 (*dir)[ents]->longname = xstrdup(longname); 413 (*dir)[ents]->longname = xstrdup(longname);
@@ -1116,10 +1134,13 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
1116 if (status != SSH2_FX_OK) { 1134 if (status != SSH2_FX_OK) {
1117 error("Couldn't write to remote file \"%s\": %s", 1135 error("Couldn't write to remote file \"%s\": %s",
1118 remote_path, fx2txt(status)); 1136 remote_path, fx2txt(status));
1137 if (showprogress)
1138 stop_progress_meter();
1119 do_close(conn, handle, handle_len); 1139 do_close(conn, handle, handle_len);
1120 close(local_fd); 1140 close(local_fd);
1121 xfree(data); 1141 xfree(data);
1122 xfree(ack); 1142 xfree(ack);
1143 status = -1;
1123 goto done; 1144 goto done;
1124 } 1145 }
1125 debug3("In write loop, ack for %u %u bytes at %llu", 1146 debug3("In write loop, ack for %u %u bytes at %llu",
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-30 18:33:19 +0000