summaryrefslogtreecommitdiff
path: root/sftp-server.c
AgeCommit message (Collapse)Author
2015-11-17upstream commitlogan@openbsd.org
1) Use xcalloc() instead of xmalloc() to check for potential overflow. (Feedback from both mmcc@ and djm@) 2) move set_size just before the for loop. (suggested by djm@) OK djm@ Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
2015-08-21upstream commitderaadt@openbsd.org
Do not cast result of malloc/calloc/realloc* if stdlib.h is in scope ok krw millert Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
2015-04-29upstream commitderaadt@openbsd.org
rename xrealloc() to xreallocarray() since it follows that form. ok djm
2015-04-15Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits.Darren Tucker
2015-01-26upstream commitderaadt@openbsd.org
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
2015-01-15fix merge botchDamien Miller
2015-01-15upstream commitdjm@openbsd.org
update sftp client and server to new buffer API. pretty much just mechanical changes; with & ok markus
2014-08-24 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but notDamien Miller
PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
2014-04-01 - (djm) On platforms that support it, use prctl() to prevent sftp-serverDamien Miller
from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
2014-01-19 - dtucker@cvs.openbsd.org 2014/01/17 06:23:24Darren Tucker
[sftp-server.c] fix log message statvfs. ok djm
2013-10-17 - djm@cvs.openbsd.org 2013/10/17 00:30:13Damien Miller
[PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] fsync@openssh.com protocol extension for sftp-server client support to allow calling fsync() faster successful transfer patch mostly by imorgan AT nas.nasa.gov; bz#1798 "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
2013-10-15 - djm@cvs.openbsd.org 2013/10/14 23:28:23Damien Miller
[canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] refactor client config code a little: add multistate option partsing to readconf.c, similar to servconf.c's existing code. move checking of options that accept "none" as an argument to readconf.c add a lowercase() function and use it instead of explicit tolower() in loops part of a larger diff that was ok markus@
2013-10-15 - jmc@cvs.openbsd.org 2013/10/14 14:18:56Damien Miller
[sftp-server.8 sftp-server.c] tweak previous; ok djm
2013-10-15 - djm@cvs.openbsd.org 2013/10/10 00:53:25Damien Miller
[sftp-server.c] add -Q, -P and -p to usage() before jmc@ catches me
2013-10-15 - djm@cvs.openbsd.org 2013/10/09 23:42:17Damien Miller
[sftp-server.8 sftp-server.c] Add ability to whitelist and/or blacklist sftp protocol requests by name. Refactor dispatch loop and consolidate read-only mode checks. Make global variables static, since sftp-server is linked into sshd(8). ok dtucker@
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2013-01-09 - jmc@cvs.openbsd.org 2013/01/04 19:26:38Damien Miller
[sftp-server.8 sftp-server.c] sftp-server.8: add argument name to -d sftp-server.c: add -d to usage() ok djm
2013-01-09 - djm@cvs.openbsd.org 2013/01/03 12:54:49Damien Miller
[sftp-server.8 sftp-server.c] allow specification of an alternate start directory for sftp-server(8) "I like this" markus@
2011-06-20 - djm@cvs.openbsd.org 2011/06/17 21:46:16Damien Miller
[sftp-server.c] the protocol version should be unsigned; bz#1913 reported by mb AT smartftp.com
2010-12-05 - djm@cvs.openbsd.org 2010/12/04 00:18:01Darren Tucker
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c] add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command; based on a patch from miklos AT szeredi.hu in bz#1555; ok markus@
2010-11-05 - djm@cvs.openbsd.org 2010/11/04 02:45:34Damien Miller
[sftp-server.c] umask should be parsed as octal. reported by candland AT xmission.com; ok markus@
2010-01-13 - djm@cvs.openbsd.org 2010/01/13 01:40:16Darren Tucker
[sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h] support '-h' (human-readable units) for sftp's ls command, just like ls(1); ok dtucker@
2010-01-09 - djm@cvs.openbsd.org 2010/01/09 00:20:26Darren Tucker
[sftp-server.c sftp-server.8] add a 'read-only' mode to sftp-server(8) that disables open in write mode and all other fs-modifying protocol methods. bz#430 ok dtucker@
2010-01-08 - djm@cvs.openbsd.org 2010/01/04 02:25:15Darren Tucker
[sftp-server.c] bz#1566 don't unnecessarily dup() in and out fds for sftp-server; ok markus@
2009-10-24 - sobrado@cvs.openbsd.org 2009/10/17 12:10:39Darren Tucker
[sftp-server.c] sort flags.
2009-10-07 - djm@cvs.openbsd.org 2009/08/31 20:56:02Darren Tucker
[sftp-server.c] check correct variable for error message, spotted by martynas@
2009-10-07 - djm@cvs.openbsd.org 2009/08/27 17:28:52Darren Tucker
[sftp-server.c] allow setting an explicit umask on the commandline to override whatever default the user has. bz#1229; ok dtucker@ deraadt@ markus@
2009-08-28- (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error whenDamien Miller
attempting atomic rename(); ok dtucker@
2009-06-21 - stevesk@cvs.openbsd.org 2009/04/14 16:33:42Darren Tucker
[sftp-server.c] remove unused option character from getopt() optstring; ok markus@
2008-07-04 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if linkDarren Tucker
returns EXDEV. Patch from Mike Garrison, ok djm@
2008-06-29 - djm@cvs.openbsd.org 2008/06/26 06:10:09Damien Miller
[sftp-client.c sftp-server.c] allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky bits. Note that this only affects explicit setting of modes (e.g. via sftp(1)'s chmod command) and not file transfers. (bz#1310) ok deraadt@ at c2k8
2008-06-09 - dtucker@cvs.openbsd.org 2008/06/09 13:02:39Darren Tucker
Extend 32bit -> 64bit values for statvfs extension missed in previous commit.
2008-06-09 - dtucker@cvs.openbsd.org 2008/06/08 17:04:41Darren Tucker
[sftp-server.c] Add case for ENOSYS in errno_to_portable; ok deraadt
2008-06-09 - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add aDarren Tucker
macro to convert fsid to unsigned long for platforms where fsid is a 2-member array.
2008-06-09 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.cDarren Tucker
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and fstatvfs and remove #defines around statvfs code. ok djm@
2008-06-08 - djm@cvs.openbsd.org 2008/06/07 21:52:46Darren Tucker
[sftp-server.c sftp-client.c] statvfs member fsid needs to be wider, increase it to 64 bits and crank extension revision number to 2; prodded and ok dtucker@
2008-06-08 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c] Do ↵Darren Tucker
not enable statvfs extensions on platforms that do not have statvfs. ok djm@
2008-05-19 - djm@cvs.openbsd.org 2008/05/18 21:29:05Damien Miller
[sftp-server.c] comment extension announcement
2008-05-19 - djm@cvs.openbsd.org 2008/04/18 12:32:11Damien Miller
[sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h] introduce sftp extension methods statvfs@openssh.com and fstatvfs@openssh.com that implement statvfs(2)-like operations, based on a patch from miklos AT szeredi.hu (bz#1399) also add a "df" command to the sftp client that uses the statvfs@openssh.com to produce a df(1)-like display of filesystem space and inode utilisation ok markus@
2008-03-07 - djm@cvs.openbsd.org 2008/02/27 20:21:15Damien Miller
[sftp-server.c] add an extension method "posix-rename@openssh.com" to perform POSIX atomic rename() operations. based on patch from miklos AT szeredi.hu in bz#1400; ok dtucker@ markus@
2008-02-10 - djm@cvs.openbsd.org 2008/02/08 23:24:07Damien Miller
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config] [sshd_config.5] add sshd_config ChrootDirectory option to chroot(2) users to a directory and tweak internal sftp server to work with it (no special files in chroot required). ok markus@
2008-02-10 - djm@cvs.openbsd.org 2008/02/08 23:24:07Damien Miller
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config] [sshd_config.5] add sshd_config ChrootDirectory option to chroot(2) users to a directory and tweak internal sftp server to work with it (no special files in chroot required). ok markus@
2008-02-10 - markus@cvs.openbsd.org 2008/02/04 21:53:00Damien Miller
[session.c sftp-server.c sftp.h] link sftp-server into sshd; feedback and ok djm@
2008-02-10 - djm@cvs.openbsd.org 2008/01/21 17:24:30Damien Miller
[sftp-server.c] Remove the fixed 100 handle limit in sftp-server and allocate as many as we have available file descriptors. Patch from miklos AT szeredi.hu; ok dtucker@ markus@
2007-09-17 - djm@cvs.openbsd.org 2007/09/13 04:39:04Damien Miller
[sftp-server.c] fix incorrect test when setting syslog facility; from Jan Pechanec
2007-05-20 - djm@cvs.openbsd.org 2007/05/17 07:55:29Darren Tucker
[sftp-server.c] bz#1286 stop reading and processing commands when input or output buffer is nearly full, otherwise sftp-server would happily try to grow the input/output buffers past the maximum supported by the buffer API and promptly fatal() based on patch from Thue Janus Kristensen; feedback & ok dtucker@
2007-05-20 - stevesk@cvs.openbsd.org 2007/04/18 01:12:43Darren Tucker
[sftp-server.c] cast "%llu" format spec to (unsigned long long); do not assume a u_int64_t arg is the same as 'unsigned long long'. from Dmitry V. Levin <ldv@altlinux.org> ok markus@ 'Yes, that looks correct' millert@
2007-01-05 - stevesk@cvs.openbsd.org 2007/01/03 07:22:36Damien Miller
[sftp-server.c] spaces
2006-08-05 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42Damien Miller
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything *except* removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 - stevesk@cvs.openbsd.org 2006/08/01 23:22:48Damien Miller
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c] [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c] [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c] [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c] [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c] [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c] [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c] [uuencode.h xmalloc.c] move #include <stdio.h> out of includes.h