Age | Commit message (Collapse) | Author |
|
don't print verbose error message when ssh disconnects
under sftp; bz#2750; ok dtucker@
Upstream-ID: 6d83708aed77b933c47cf155a87dc753ec01f370
|
|
Pointed out by Jann Horn of Google Project Zero
|
|
check number of entries in SSH2_FXP_NAME response; avoids
unreachable overflow later. Reported by Jann Horn
Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f
|
|
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker
Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
|
|
To prevent screwing up terminal settings when printing to
the terminal, for ASCII and UTF-8, escape bytes not forming characters and
bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
character sets, abort printing of the current string in these cases. In
particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
sanitize data received from the remote host; * sanitize filenames, usernames,
and similar data even locally; * take character display widths into account
for the progressmeter.
This is believed to be sufficient to keep the local terminal safe
on OpenBSD, but bad things can still happen on other systems with
state-dependent locales because many places in the code print
unencoded ASCII characters into the output stream.
Using feedback from djm@ and martijn@,
various aspects discussed with many others.
deraadt@ says it should go in now, i probably already hesitated too long
Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
|
|
fix signed/unsigned errors reported by clang-3.7; add
sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
better safety checking; feedback and ok markus@
Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
|
|
whitespace at EOL
Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
|
|
fix regression in openssh-6.8 sftp client: existing
destination directories would incorrectly terminate recursive uploads;
bz#2528
Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
|
|
add error message on ftruncate failure; bz#2176
Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
|
|
fix a memory leak in an error path ok markus@ dtucker@
Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
|
|
rename xrealloc() to xreallocarray() since it follows
that form. ok djm
|
|
Reduce use of <sys/param.h> and transition to <limits.h>
throughout. ok djm markus
|
|
update sftp client and server to new buffer API. pretty
much just mechanical changes; with & ok markus
|
|
[sftp-client.c sftp-client.h sftp.c]
Implement sftp upload resume support.
OK from djm@, with input from guenther@, mlarkin@ and
okan@
|
|
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
[channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
[kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
[sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
[openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
replace most bzero with explicit_bzero, except a few that cna be memset
ok djm dtucker
|
|
[sftp-client.c]
signed/unsigned comparison warning fix; from portable (Id sync only)
|
|
|
|
[sftp-client.c]
needless and incorrect cast to size_t can break resumption of
large download; patch from tobias@
|
|
[sftp-client.c]
fix memory leak in error path in do_readdir(); pointed out by
Loganaden Velvindron @ AfriNIC in bz#2163
|
|
[sftp-client.c]
bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
AfriNIC
|
|
[bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
[uidswap.c] Include stdlib.h for free() as per the man page.
|
|
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
|
|
[PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
fsync@openssh.com protocol extension for sftp-server
client support to allow calling fsync() faster successful transfer
patch mostly by imorgan AT nas.nasa.gov; bz#1798
"fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
|
|
[sftp-client.c]
missed one arg reorder
|
|
[sftp-client.c]
rename flag arguments to be more clear and consistent.
reorder some internal function arguments to make adding additional flags
easier.
no functional change
|
|
[sftp-client.c]
fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
|
|
[sftp-client.c]
two problems found by a to-be-committed regress test: 1) msg_id was not
being initialised so was starting at a random value from the heap
(harmless, but confusing). 2) some error conditions were not being
propagated back to the caller
|
|
[sftp-client.c sftp-client.h sftp.c]
add a "-l" flag for the rename command to force it to use the silly
standard SSH_FXP_RENAME command instead of the POSIX-rename- like
posix-rename@openssh.com extension.
intended for use in regress tests, so no documentation.
|
|
Solaris and UnixWare. Feedback and OK djm@
|
|
[sftp-client.c sftp-client.h sftp.1 sftp.c]
sftp support for resuming partial downloads; patch mostly by Loganaden
Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
|
|
[sftp-client.c]
Update progressmeter when data is acked, not when it's sent. bz#2108, from
Debian via Colin Watson, ok djm@
|
|
[scp.c sftp-client.c]
Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch
from Nathan Osman via bz#2113. ok deraadt.
(note: corrected bug number from 2085)
|
|
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
|
|
[ssh-pkcs11-helper.c sftp-client.c]
fix a couple of "assigned but not used" warnings. ok markus@
|
|
[sftp-client.c]
fix leak in do_lsreaddir(); ok djm
|
|
[sftp-client.c]
fix leaks in do_hardlink() and do_readlink(); bz#1921
from Loganaden Velvindron
|
|
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
add a protocol extension to support a hard link operation. It is
available through the "ln" command in the client. The old "ln"
behaviour of creating a symlink is available using its "-s" option
or through the preexisting "symlink" command; based on a patch from
miklos AT szeredi.hu in bz#1555; ok markus@
|
|
[atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
[sftp-client.h sftp.1 sftp.c]
add an option per-read/write callback to atomicio
factor out bandwidth limiting code from scp(1) into a generic bandwidth
limiter that can be attached using the atomicio callback mechanism
add a bandwidth limit option to sftp(1) using the above
"very nice" markus@
|
|
[sftp-client.c]
bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
upload depth checks and causing verbose printing of transfers to always
be turned on; patch from imorgan AT nas.nasa.gov
|
|
[sftp-client.c]
fix memory leak in do_realpath() error path; bz#1771, patch from
anicka AT suse.cz
|
|
[sftp-client.c]
d_type isn't portable so use lstat to get dirent modes. Suggested by and
"looks sane" deraadt@
|
|
dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
lstat.
|
|
stat(), needed on at least cygwin.
|
|
least dragonflybsd.
|
|
[sftp-client.h sftp.1 sftp-client.c sftp.c]
recursive transfer support for get/put and on the commandline
work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code
with some tweaks by me; "go for it" deraadt@
|
|
[sftp-client.c]
make the "get_handle: ..." error messages vaguely useful by allowing
callers to specify their own error message strings.
|
|
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
alphabetize includes; reduces diff vs portable and style(9).
ok stevesk djm
(Id sync only; these were already in order in -portable)
|
|
[packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
[sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
some platforms (HP nonstop) it is a distinct errno;
bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
|
|
[sftp-client.c sftp-server.c]
allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
bits. Note that this only affects explicit setting of modes (e.g. via
sftp(1)'s chmod command) and not file transfers. (bz#1310)
ok deraadt@ at c2k8
|
|
[sftp-client.c]
print extension revisions for extensions that we understand
|