From 6eaeebf27d92f39a38c772aa3f20c2250af2dd29 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 15 Oct 2013 11:55:57 +1100 Subject: - djm@cvs.openbsd.org 2013/10/09 23:42:17 [sftp-server.8 sftp-server.c] Add ability to whitelist and/or blacklist sftp protocol requests by name. Refactor dispatch loop and consolidate read-only mode checks. Make global variables static, since sftp-server is linked into sshd(8). ok dtucker@ --- sftp-server.8 | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) (limited to 'sftp-server.8') diff --git a/sftp-server.8 b/sftp-server.8 index cc925b96e..d7604b28d 100644 --- a/sftp-server.8 +++ b/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $ +.\" $OpenBSD: sftp-server.8,v 1.24 2013/10/09 23:42:17 djm Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 16 2013 $ +.Dd $Mdocdate: October 9 2013 $ .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -30,11 +30,15 @@ .Nd SFTP server subsystem .Sh SYNOPSIS .Nm sftp-server +.Bk -words .Op Fl ehR .Op Fl d Ar start_directory .Op Fl f Ar log_facility .Op Fl l Ar log_level .Op Fl u Ar umask +.Ek +.Nm +.Fl Q Ar protocol_feature .Sh DESCRIPTION .Nm is a program that speaks the server side of SFTP protocol @@ -93,6 +97,36 @@ performs on behalf of the client. DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR. +.It Fl P Ar blacklisted_requests +Specify a comma-separated list of sftp protocol requests that are banned by +the server. +.Nm +will reply to any blacklisted request with a failure. +The +.Fl Q +flag allows querying +.Nm +to determine the supported request types. +If both a blacklist and a whitelist are specified, then the blacklist is +applied before the whitelist. +.It Fl p Ar whitelisted_requests +Specify a comma-separated list of sftp protocol requests that are permitted +by the server. +All request types that are not on the whitelist will be logged and replied +to with a failure message. +.Pp +Care must be taken when using this feature to ensure that requests made +implicitly by sftp clients are permitted. +.It Fl Q Ar protocol_feature +Query protocol features supported by +.Nm . +At present the only feature that may be queried is +.Dq requests , +that may be used for whitelisting or blacklisting (flags +.Fl p +and +.Fl P +respectively.) .It Fl R Places this instance of .Nm -- cgit v1.2.3 From 6efab27109b82820e8d32a5d811adb7bfc354f65 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 15 Oct 2013 12:07:05 +1100 Subject: - jmc@cvs.openbsd.org 2013/10/14 14:18:56 [sftp-server.8 sftp-server.c] tweak previous; ok djm --- ChangeLog | 4 ++++ sftp-server.8 | 24 ++++++++++++------------ sftp-server.c | 9 +++++---- 3 files changed, 21 insertions(+), 16 deletions(-) (limited to 'sftp-server.8') diff --git a/ChangeLog b/ChangeLog index 83b9b8866..3adcac5c8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -25,6 +25,10 @@ - djm@cvs.openbsd.org 2013/10/11 02:53:45 [sftp-client.h] obsolete comment + - jmc@cvs.openbsd.org 2013/10/14 14:18:56 + [sftp-server.8 sftp-server.c] + tweak previous; + ok djm 20131010 - (dtucker) OpenBSD CVS Sync diff --git a/sftp-server.8 b/sftp-server.8 index d7604b28d..1e0b277b4 100644 --- a/sftp-server.8 +++ b/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.24 2013/10/09 23:42:17 djm Exp $ +.\" $OpenBSD: sftp-server.8,v 1.25 2013/10/14 14:18:56 jmc Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 9 2013 $ +.Dd $Mdocdate: October 14 2013 $ .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -35,6 +35,8 @@ .Op Fl d Ar start_directory .Op Fl f Ar log_facility .Op Fl l Ar log_level +.Op Fl P Ar blacklisted_requests +.Op Fl p Ar whitelisted_requests .Op Fl u Ar umask .Ek .Nm @@ -98,35 +100,33 @@ DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging output. The default is ERROR. .It Fl P Ar blacklisted_requests -Specify a comma-separated list of sftp protocol requests that are banned by +Specify a comma-separated list of SFTP protocol requests that are banned by the server. .Nm will reply to any blacklisted request with a failure. The .Fl Q -flag allows querying -.Nm -to determine the supported request types. +flag can be used to determine the supported request types. If both a blacklist and a whitelist are specified, then the blacklist is applied before the whitelist. .It Fl p Ar whitelisted_requests -Specify a comma-separated list of sftp protocol requests that are permitted +Specify a comma-separated list of SFTP protocol requests that are permitted by the server. All request types that are not on the whitelist will be logged and replied to with a failure message. .Pp Care must be taken when using this feature to ensure that requests made -implicitly by sftp clients are permitted. +implicitly by SFTP clients are permitted. .It Fl Q Ar protocol_feature Query protocol features supported by .Nm . At present the only feature that may be queried is .Dq requests , -that may be used for whitelisting or blacklisting (flags -.Fl p -and +which may be used for black or whitelisting (flags .Fl P -respectively.) +and +.Fl p +respectively). .It Fl R Places this instance of .Nm diff --git a/sftp-server.c b/sftp-server.c index 52278148d..b62bd3510 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.99 2013/10/10 00:53:25 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.100 2013/10/14 14:18:56 jmc Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1392,9 +1392,10 @@ sftp_server_usage(void) fprintf(stderr, "usage: %s [-ehR] [-d start_directory] [-f log_facility] " - "[-l log_level]\n\t[-p request_whitelist] [-P request_blacklist] " - "[-Q feature] [-u umask]\n", - __progname); + "[-l log_level]\n\t[-P blacklisted_requests] " + "[-p whitelisted_requests] [-u umask]\n" + " %s -Q protocol_feature\n", + __progname, __progname); exit(1); } -- cgit v1.2.3