Commit Graph

119 Commits

Author SHA1 Message Date
Damien Miller f29238e674 - djm@cvs.openbsd.org 2013/10/17 00:30:13
[PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
     fsync@openssh.com protocol extension for sftp-server
     client support to allow calling fsync() faster successful transfer
     patch mostly by imorgan AT nas.nasa.gov; bz#1798
     "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
2013-10-17 11:48:52 +11:00
Damien Miller e9fc72edd6 - djm@cvs.openbsd.org 2013/10/14 23:28:23
[canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
     refactor client config code a little:
     add multistate option partsing to readconf.c, similar to servconf.c's
     existing code.
     move checking of options that accept "none" as an argument to readconf.c
     add a lowercase() function and use it instead of explicit tolower() in
     loops
     part of a larger diff that was ok markus@
2013-10-15 12:14:12 +11:00
Damien Miller 6efab27109 - jmc@cvs.openbsd.org 2013/10/14 14:18:56
[sftp-server.8 sftp-server.c]
     tweak previous;
     ok djm
2013-10-15 12:07:05 +11:00
Damien Miller 73600e51af - djm@cvs.openbsd.org 2013/10/10 00:53:25
[sftp-server.c]
     add -Q, -P and -p to usage() before jmc@ catches me
2013-10-15 11:56:25 +11:00
Damien Miller 6eaeebf27d - djm@cvs.openbsd.org 2013/10/09 23:42:17
[sftp-server.8 sftp-server.c]
     Add ability to whitelist and/or blacklist sftp protocol requests by name.
     Refactor dispatch loop and consolidate read-only mode checks.
     Make global variables static, since sftp-server is linked into sshd(8).
     ok dtucker@
2013-10-15 11:55:57 +11:00
Darren Tucker a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Damien Miller aa7ad3039c - jmc@cvs.openbsd.org 2013/01/04 19:26:38
[sftp-server.8 sftp-server.c]
     sftp-server.8: add argument name to -d
     sftp-server.c: add -d to usage()
     ok djm
2013-01-09 15:58:21 +11:00
Damien Miller 502ab0eff1 - djm@cvs.openbsd.org 2013/01/03 12:54:49
[sftp-server.8 sftp-server.c]
     allow specification of an alternate start directory for sftp-server(8)
     "I like this" markus@
2013-01-09 15:57:36 +11:00
Damien Miller f145a5be1c - djm@cvs.openbsd.org 2011/06/17 21:46:16
[sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
2011-06-20 14:42:51 +10:00
Darren Tucker af1f909254 - djm@cvs.openbsd.org 2010/12/04 00:18:01
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@
2010-12-05 09:02:47 +11:00
Damien Miller 0733121194 - djm@cvs.openbsd.org 2010/11/04 02:45:34
[sftp-server.c]
     umask should be parsed as octal. reported by candland AT xmission.com;
     ok markus@
2010-11-05 10:20:31 +11:00
Darren Tucker 2901e2daeb - djm@cvs.openbsd.org 2010/01/13 01:40:16
[sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
     support '-h' (human-readable units) for sftp's ls command, just like
     ls(1); ok dtucker@
2010-01-13 22:44:06 +11:00
Darren Tucker db7bf82544 - djm@cvs.openbsd.org 2010/01/09 00:20:26
[sftp-server.c sftp-server.8]
     add a 'read-only' mode to sftp-server(8) that disables open in write mode
     and all other fs-modifying protocol methods. bz#430 ok dtucker@
2010-01-09 22:24:33 +11:00
Darren Tucker aaf51d2d5b - djm@cvs.openbsd.org 2010/01/04 02:25:15
[sftp-server.c]
     bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
     ok markus@
2010-01-08 19:04:49 +11:00
Darren Tucker 49b7e23545 - sobrado@cvs.openbsd.org 2009/10/17 12:10:39
[sftp-server.c]
     sort flags.
2009-10-24 11:41:05 +11:00
Darren Tucker 30359e19ec - djm@cvs.openbsd.org 2009/08/31 20:56:02
[sftp-server.c]
     check correct variable for error message, spotted by martynas@
2009-10-07 08:47:24 +11:00
Darren Tucker 7dc4850ce8 - djm@cvs.openbsd.org 2009/08/27 17:28:52
[sftp-server.c]
     allow setting an explicit umask on the commandline to override whatever
     default the user has. bz#1229; ok dtucker@ deraadt@ markus@
2009-10-07 08:44:42 +11:00
Damien Miller 0e26551f7f - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when
attempting atomic rename(); ok dtucker@
2009-08-28 10:43:13 +10:00
Darren Tucker b62f1a856d - stevesk@cvs.openbsd.org 2009/04/14 16:33:42
[sftp-server.c]
     remove unused option character from getopt() optstring; ok markus@
2009-06-21 17:53:48 +10:00
Darren Tucker f7fa706e70 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
returns EXDEV.  Patch from Mike Garrison, ok djm@
2008-07-04 14:10:19 +10:00
Damien Miller 9e720284fe - djm@cvs.openbsd.org 2008/06/26 06:10:09
[sftp-client.c sftp-server.c]
     allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
     bits. Note that this only affects explicit setting of modes (e.g. via
     sftp(1)'s chmod command) and not file transfers. (bz#1310)
     ok deraadt@ at c2k8
2008-06-29 22:46:35 +10:00
Darren Tucker 3463acaebf - dtucker@cvs.openbsd.org 2008/06/09 13:02:39
Extend 32bit -> 64bit values for statvfs extension missed in previous
     commit.
2008-06-09 23:06:55 +10:00
Darren Tucker 422c34c96d - dtucker@cvs.openbsd.org 2008/06/08 17:04:41
[sftp-server.c]
     Add case for ENOSYS in errno_to_portable; ok deraadt
2008-06-09 22:48:31 +10:00
Darren Tucker 77001384cc - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
macro to convert fsid to unsigned long for platforms where fsid is a
   2-member array.
2008-06-09 06:17:53 +10:00
Darren Tucker 598eaa6c0c - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
   fstatvfs and remove #defines around statvfs code.  ok djm@
2008-06-09 03:32:29 +10:00
Darren Tucker 294b841832 - djm@cvs.openbsd.org 2008/06/07 21:52:46
[sftp-server.c sftp-client.c]
     statvfs member fsid needs to be wider, increase it to 64 bits and
     crank extension revision number to 2; prodded and ok dtucker@
2008-06-08 12:57:08 +10:00
Darren Tucker 5b2e2ba9e4 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c] Do not enable statvfs extensions on platforms that do not have statvfs. ok djm@ 2008-06-08 09:25:28 +10:00
Damien Miller a7e0d5a34a - djm@cvs.openbsd.org 2008/05/18 21:29:05
[sftp-server.c]
     comment extension announcement
2008-05-19 16:08:41 +10:00
Damien Miller d671e5a978 - djm@cvs.openbsd.org 2008/04/18 12:32:11
[sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
     introduce sftp extension methods statvfs@openssh.com and
     fstatvfs@openssh.com that implement statvfs(2)-like operations,
     based on a patch from miklos AT szeredi.hu (bz#1399)
     also add a "df" command to the sftp client that uses the
     statvfs@openssh.com to produce a df(1)-like display of filesystem
     space and inode utilisation
     ok markus@
2008-05-19 14:53:33 +10:00
Damien Miller 7c29661471 - djm@cvs.openbsd.org 2008/02/27 20:21:15
[sftp-server.c]
     add an extension method "posix-rename@openssh.com" to perform POSIX atomic
     rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
     ok dtucker@ markus@
2008-03-07 18:33:53 +11:00
Damien Miller 62ca18d12f - djm@cvs.openbsd.org 2008/02/08 23:24:07
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config]
     [sshd_config.5]
     add sshd_config ChrootDirectory option to chroot(2) users to a directory
     and tweak internal sftp server to work with it (no special files in chroot
     required). ok markus@
2008-02-10 22:44:20 +11:00
Damien Miller d8cb1f184f - djm@cvs.openbsd.org 2008/02/08 23:24:07
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config]
     [sshd_config.5]
     add sshd_config ChrootDirectory option to chroot(2) users to a directory
     and tweak internal sftp server to work with it (no special files in
     chroot required). ok markus@
2008-02-10 22:40:12 +11:00
Damien Miller dfc24258a7 - markus@cvs.openbsd.org 2008/02/04 21:53:00
[session.c sftp-server.c sftp.h]
     link sftp-server into sshd; feedback and ok djm@
2008-02-10 22:29:40 +11:00
Damien Miller 3397d0e0c5 - djm@cvs.openbsd.org 2008/01/21 17:24:30
[sftp-server.c]
     Remove the fixed 100 handle limit in sftp-server and allocate as many
     as we have available file descriptors. Patch from miklos AT szeredi.hu;
     ok dtucker@ markus@
2008-02-10 22:26:51 +11:00
Damien Miller 35e18dba89 - djm@cvs.openbsd.org 2007/09/13 04:39:04
[sftp-server.c]
     fix incorrect test when setting syslog facility; from Jan Pechanec
2007-09-17 16:11:33 +10:00
Darren Tucker e9405983dc - djm@cvs.openbsd.org 2007/05/17 07:55:29
[sftp-server.c]
     bz#1286 stop reading and processing commands when input or output buffer
     is nearly full, otherwise sftp-server would happily try to grow the
     input/output buffers past the maximum supported by the buffer API and
     promptly fatal()
     based on patch from Thue Janus Kristensen; feedback & ok dtucker@
2007-05-20 15:09:04 +10:00
Darren Tucker 86473c57a8 - stevesk@cvs.openbsd.org 2007/04/18 01:12:43
[sftp-server.c]
     cast "%llu" format spec to (unsigned long long); do not assume a
     u_int64_t arg is the same as 'unsigned long long'.
     from Dmitry V. Levin <ldv@altlinux.org>
     ok markus@ 'Yes, that looks correct' millert@
2007-05-20 14:59:32 +10:00
Damien Miller e2334d600b - stevesk@cvs.openbsd.org 2007/01/03 07:22:36
[sftp-server.c]
     spaces
2007-01-05 16:31:02 +11:00
Damien Miller d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller a7a73ee35d - stevesk@cvs.openbsd.org 2006/08/01 23:22:48
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
Damien Miller e7a1e5cf63 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
Damien Miller 8dbffe7904 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
Damien Miller 9aec91948d - stevesk@cvs.openbsd.org 2006/07/25 02:59:21
[channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
2006-08-05 10:57:45 +10:00
Damien Miller e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller 5598b4f125 - stevesk@cvs.openbsd.org 2006/07/22 19:08:54
[includes.h moduli.c progressmeter.c scp.c sftp-common.c]
     [sftp-server.c ssh-agent.c sshlogin.c]
     move #include <time.h> out of includes.h
2006-07-24 14:09:40 +10:00
Damien Miller e6b3b610ec - stevesk@cvs.openbsd.org 2006/07/17 01:31:10
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
Darren Tucker 3997249346 - stevesk@cvs.openbsd.org 2006/07/11 20:07:25
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
Damien Miller 6444fe996b - djm@cvs.openbsd.org 2006/07/10 11:25:53
[sftp-server.c]
     don't log variables that aren't yet set
2006-07-10 21:31:27 +10:00
Damien Miller c718c743c1 - djm@cvs.openbsd.org 2006/07/10 11:24:54
[sftp-server.c]
     remove optind - it isn't used here
2006-07-10 21:31:00 +10:00
Damien Miller 57cf638577 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00