- djm@cvs.openbsd.org 2013/10/09 23:42:17

[sftp-server.8 sftp-server.c] Add ability to whitelist and/or blacklist sftp protocol requests by name. Refactor dispatch loop and consolidate read-only mode checks. Make global variables static, since sftp-server is linked into sshd(8). ok dtucker@
author: Damien Miller <djm@mindrot.org> 2013-10-15 11:55:57 +1100
committer: Damien Miller <djm@mindrot.org> 2013-10-15 11:55:57 +1100
commit: 6eaeebf27d92f39a38c772aa3f20c2250af2dd29 (patch)
tree: 00c274ab9fbfaddd6c0a63881b1821c68b6c45da /sftp-server.8
parent: df62d71e64d29d1054e7a53d1a801075ef70335f (diff)
1 files changed, 36 insertions, 2 deletions
diff --git a/sftp-server.8 b/sftp-server.8
index cc925b96e..d7604b28d 100644
--- a/sftp-server.8
+++ b/sftp-server.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $
+.\" $OpenBSD: sftp-server.8,v 1.24 2013/10/09 23:42:17 djm Exp $
 .\"
 .\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 16 2013 $
+.Dd $Mdocdate: October 9 2013 $
 .Dt SFTP-SERVER 8
 .Os
 .Sh NAME
@@ -30,11 +30,15 @@
 .Nd SFTP server subsystem
 .Sh SYNOPSIS
 .Nm sftp-server
+.Bk -words
 .Op Fl ehR
 .Op Fl d Ar start_directory
 .Op Fl f Ar log_facility
 .Op Fl l Ar log_level
 .Op Fl u Ar umask
+.Ek
+.Nm
+.Fl Q Ar protocol_feature
 .Sh DESCRIPTION
 .Nm
 is a program that speaks the server side of SFTP protocol
@@ -93,6 +97,36 @@ performs on behalf of the client.
 DEBUG and DEBUG1 are equivalent.
 DEBUG2 and DEBUG3 each specify higher levels of debugging output.
 The default is ERROR.
+.It Fl P Ar blacklisted_requests
+Specify a comma-separated list of sftp protocol requests that are banned by
+the server.
+.Nm
+will reply to any blacklisted request with a failure.
+The
+.Fl Q
+flag allows querying
+.Nm
+to determine the supported request types.
+If both a blacklist and a whitelist are specified, then the blacklist is
+applied before the whitelist.
+.It Fl p Ar whitelisted_requests
+Specify a comma-separated list of sftp protocol requests that are permitted
+by the server.
+All request types that are not on the whitelist will be logged and replied
+to with a failure message.
+.Pp
+Care must be taken when using this feature to ensure that requests made
+implicitly by sftp clients are permitted.
+.It Fl Q Ar protocol_feature
+Query protocol features supported by
+.Nm .
+At present the only feature that may be queried is
+.Dq requests ,
+that may be used for whitelisting or blacklisting (flags
+.Fl p
+and
+.Fl P
+respectively.)
 .It Fl R
 Places this instance of
 .Nm
author	Damien Miller <djm@mindrot.org>	2013-10-15 11:55:57 +1100
committer	Damien Miller <djm@mindrot.org>	2013-10-15 11:55:57 +1100
commit	6eaeebf27d92f39a38c772aa3f20c2250af2dd29 (patch)
tree	00c274ab9fbfaddd6c0a63881b1821c68b6c45da /sftp-server.8
parent	df62d71e64d29d1054e7a53d1a801075ef70335f (diff)

diff --git a/sftp-server.8 b/sftp-server.8 index cc925b96e..d7604b28d 100644 --- a/sftp-server.8 +++ b/sftp-server.8
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $	1	.\" $OpenBSD: sftp-server.8,v 1.24 2013/10/09 23:42:17 djm Exp $
2	.\"	2	.\"
3	.\" Copyright (c) 2000 Markus Friedl. All rights reserved.	3	.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
4	.\"	4	.\"
@@ -22,7 +22,7 @@
22	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	22	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	23	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24	.\"	24	.\"
25	.Dd $Mdocdate: July 16 2013 $	25	.Dd $Mdocdate: October 9 2013 $
26	.Dt SFTP-SERVER 8	26	.Dt SFTP-SERVER 8
27	.Os	27	.Os
28	.Sh NAME	28	.Sh NAME
@@ -30,11 +30,15 @@
30	.Nd SFTP server subsystem	30	.Nd SFTP server subsystem
31	.Sh SYNOPSIS	31	.Sh SYNOPSIS
32	.Nm sftp-server	32	.Nm sftp-server
		33	.Bk -words
33	.Op Fl ehR	34	.Op Fl ehR
34	.Op Fl d Ar start_directory	35	.Op Fl d Ar start_directory
35	.Op Fl f Ar log_facility	36	.Op Fl f Ar log_facility
36	.Op Fl l Ar log_level	37	.Op Fl l Ar log_level
37	.Op Fl u Ar umask	38	.Op Fl u Ar umask
		39	.Ek
		40	.Nm
		41	.Fl Q Ar protocol_feature
38	.Sh DESCRIPTION	42	.Sh DESCRIPTION
39	.Nm	43	.Nm
40	is a program that speaks the server side of SFTP protocol	44	is a program that speaks the server side of SFTP protocol
@@ -93,6 +97,36 @@ performs on behalf of the client.
93	DEBUG and DEBUG1 are equivalent.	97	DEBUG and DEBUG1 are equivalent.
94	DEBUG2 and DEBUG3 each specify higher levels of debugging output.	98	DEBUG2 and DEBUG3 each specify higher levels of debugging output.
95	The default is ERROR.	99	The default is ERROR.
		100	.It Fl P Ar blacklisted_requests
		101	Specify a comma-separated list of sftp protocol requests that are banned by
		102	the server.
		103	.Nm
		104	will reply to any blacklisted request with a failure.
		105	The
		106	.Fl Q
		107	flag allows querying
		108	.Nm
		109	to determine the supported request types.
		110	If both a blacklist and a whitelist are specified, then the blacklist is
		111	applied before the whitelist.
		112	.It Fl p Ar whitelisted_requests
		113	Specify a comma-separated list of sftp protocol requests that are permitted
		114	by the server.
		115	All request types that are not on the whitelist will be logged and replied
		116	to with a failure message.
		117	.Pp
		118	Care must be taken when using this feature to ensure that requests made
		119	implicitly by sftp clients are permitted.
		120	.It Fl Q Ar protocol_feature
		121	Query protocol features supported by
		122	.Nm .
		123	At present the only feature that may be queried is
		124	.Dq requests ,
		125	that may be used for whitelisting or blacklisting (flags
		126	.Fl p
		127	and
		128	.Fl P
		129	respectively.)
96	.It Fl R	130	.It Fl R
97	Places this instance of	131	Places this instance of
98	.Nm	132	.Nm