diff options
Diffstat (limited to 'sftp-server.c')
-rw-r--r-- | sftp-server.c | 39 |
1 files changed, 20 insertions, 19 deletions
diff --git a/sftp-server.c b/sftp-server.c index 359204fa7..55386fa9a 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-server.c,v 1.117 2019/07/05 04:55:40 djm Exp $ */ | 1 | /* $OpenBSD: sftp-server.c,v 1.119 2020/07/17 03:51:32 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -74,7 +74,7 @@ static int init_done; | |||
74 | static int readonly; | 74 | static int readonly; |
75 | 75 | ||
76 | /* Requests that are allowed/denied */ | 76 | /* Requests that are allowed/denied */ |
77 | static char *request_whitelist, *request_blacklist; | 77 | static char *request_allowlist, *request_denylist; |
78 | 78 | ||
79 | /* portable attributes, etc. */ | 79 | /* portable attributes, etc. */ |
80 | typedef struct Stat Stat; | 80 | typedef struct Stat Stat; |
@@ -164,20 +164,20 @@ request_permitted(const struct sftp_handler *h) | |||
164 | verbose("Refusing %s request in read-only mode", h->name); | 164 | verbose("Refusing %s request in read-only mode", h->name); |
165 | return 0; | 165 | return 0; |
166 | } | 166 | } |
167 | if (request_blacklist != NULL && | 167 | if (request_denylist != NULL && |
168 | ((result = match_list(h->name, request_blacklist, NULL))) != NULL) { | 168 | ((result = match_list(h->name, request_denylist, NULL))) != NULL) { |
169 | free(result); | 169 | free(result); |
170 | verbose("Refusing blacklisted %s request", h->name); | 170 | verbose("Refusing denylisted %s request", h->name); |
171 | return 0; | 171 | return 0; |
172 | } | 172 | } |
173 | if (request_whitelist != NULL && | 173 | if (request_allowlist != NULL && |
174 | ((result = match_list(h->name, request_whitelist, NULL))) != NULL) { | 174 | ((result = match_list(h->name, request_allowlist, NULL))) != NULL) { |
175 | free(result); | 175 | free(result); |
176 | debug2("Permitting whitelisted %s request", h->name); | 176 | debug2("Permitting allowlisted %s request", h->name); |
177 | return 1; | 177 | return 1; |
178 | } | 178 | } |
179 | if (request_whitelist != NULL) { | 179 | if (request_allowlist != NULL) { |
180 | verbose("Refusing non-whitelisted %s request", h->name); | 180 | verbose("Refusing non-allowlisted %s request", h->name); |
181 | return 0; | 181 | return 0; |
182 | } | 182 | } |
183 | return 1; | 183 | return 1; |
@@ -799,18 +799,19 @@ process_write(u_int32_t id) | |||
799 | if (!(handle_to_flags(handle) & O_APPEND) && | 799 | if (!(handle_to_flags(handle) & O_APPEND) && |
800 | lseek(fd, off, SEEK_SET) == -1) { | 800 | lseek(fd, off, SEEK_SET) == -1) { |
801 | status = errno_to_portable(errno); | 801 | status = errno_to_portable(errno); |
802 | error("process_write: seek failed"); | 802 | error("%s: seek failed", __func__); |
803 | } else { | 803 | } else { |
804 | /* XXX ATOMICIO ? */ | 804 | /* XXX ATOMICIO ? */ |
805 | ret = write(fd, data, len); | 805 | ret = write(fd, data, len); |
806 | if (ret == -1) { | 806 | if (ret == -1) { |
807 | error("process_write: write failed"); | 807 | error("%s: write: %s", __func__, |
808 | strerror(errno)); | ||
808 | status = errno_to_portable(errno); | 809 | status = errno_to_portable(errno); |
809 | } else if ((size_t)ret == len) { | 810 | } else if ((size_t)ret == len) { |
810 | status = SSH2_FX_OK; | 811 | status = SSH2_FX_OK; |
811 | handle_update_write(handle, ret); | 812 | handle_update_write(handle, ret); |
812 | } else { | 813 | } else { |
813 | debug2("nothing at all written"); | 814 | debug2("%s: nothing at all written", __func__); |
814 | status = SSH2_FX_FAILURE; | 815 | status = SSH2_FX_FAILURE; |
815 | } | 816 | } |
816 | } | 817 | } |
@@ -1556,8 +1557,8 @@ sftp_server_usage(void) | |||
1556 | 1557 | ||
1557 | fprintf(stderr, | 1558 | fprintf(stderr, |
1558 | "usage: %s [-ehR] [-d start_directory] [-f log_facility] " | 1559 | "usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
1559 | "[-l log_level]\n\t[-P blacklisted_requests] " | 1560 | "[-l log_level]\n\t[-P denied_requests] " |
1560 | "[-p whitelisted_requests] [-u umask]\n" | 1561 | "[-p allowed_requests] [-u umask]\n" |
1561 | " %s -Q protocol_feature\n", | 1562 | " %s -Q protocol_feature\n", |
1562 | __progname, __progname); | 1563 | __progname, __progname); |
1563 | exit(1); | 1564 | exit(1); |
@@ -1627,14 +1628,14 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1627 | free(cp); | 1628 | free(cp); |
1628 | break; | 1629 | break; |
1629 | case 'p': | 1630 | case 'p': |
1630 | if (request_whitelist != NULL) | 1631 | if (request_allowlist != NULL) |
1631 | fatal("Permitted requests already set"); | 1632 | fatal("Permitted requests already set"); |
1632 | request_whitelist = xstrdup(optarg); | 1633 | request_allowlist = xstrdup(optarg); |
1633 | break; | 1634 | break; |
1634 | case 'P': | 1635 | case 'P': |
1635 | if (request_blacklist != NULL) | 1636 | if (request_denylist != NULL) |
1636 | fatal("Refused requests already set"); | 1637 | fatal("Refused requests already set"); |
1637 | request_blacklist = xstrdup(optarg); | 1638 | request_denylist = xstrdup(optarg); |
1638 | break; | 1639 | break; |
1639 | case 'u': | 1640 | case 'u': |
1640 | errno = 0; | 1641 | errno = 0; |