Commit Graph

144 Commits

Author SHA1 Message Date
djm@openbsd.org
1a66079c06 upstream: fix some memory leaks spotted by Coverity via Jakub Jelen
in bz#2366 feedback and ok dtucker@

OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
2018-07-31 13:13:26 +10:00
djm@openbsd.org
f6a59a22b0 upstream: Fix return value confusion in several functions (readdir,
download and fsync). These should return -1 on error, not a sftp status code.

patch from Petr Cerny in bz#2871

OpenBSD-Commit-ID: 651aa0220ad23c9167d9297a436162d741f97a09
2018-05-25 14:27:50 +10:00
dtucker@openbsd.org
3dde09ab38 upstream commit
Have sftp print a warning about shell cleanliness when
decoding the first packet fails, which is usually caused by shells polluting
stdout of non-interactive starups.  bz#2800, ok markus@ deraadt@.

OpenBSD-Commit-ID: 88d6a9bf3470f9324b76ba1cbd53e50120f685b5
2017-12-07 11:38:50 +11:00
djm@openbsd.org
4b3ecbb663 upstream commit
don't print verbose error message when ssh disconnects
under sftp; bz#2750; ok dtucker@

Upstream-ID: 6d83708aed77b933c47cf155a87dc753ec01f370
2017-08-12 16:47:10 +10:00
Damien Miller
89f04852db on Cygwin, check paths from server for backslashes
Pointed out by Jann Horn of Google Project Zero
2017-03-20 11:53:34 +11:00
djm@openbsd.org
c7995f296b upstream commit
check number of entries in SSH2_FXP_NAME response; avoids
unreachable overflow later. Reported by Jann Horn

Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f
2017-01-04 13:23:04 +11:00
deraadt@openbsd.org
9136ec134c upstream commit
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker

Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
2016-09-12 13:46:29 +10:00
schwarze@openbsd.org
0e059cdf5f upstream commit
To prevent screwing up terminal settings when printing to
 the terminal, for ASCII and UTF-8, escape bytes not forming characters and
 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
 character sets, abort printing of the current string in these cases.  In
 particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
 sanitize data received from the remote host; * sanitize filenames, usernames,
 and similar data even locally; * take character display widths into account
 for the progressmeter.

This is believed to be sufficient to keep the local terminal safe
on OpenBSD, but bad things can still happen on other systems with
state-dependent locales because many places in the code print
unencoded ASCII characters into the output stream.

Using feedback from djm@ and martijn@,
various aspects discussed with many others.

deraadt@ says it should go in now, i probably already hesitated too long

Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
2016-06-06 11:27:38 +10:00
djm@openbsd.org
1a31d02b24 upstream commit
fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-05-02 20:35:04 +10:00
djm@openbsd.org
34a01b2cf7 upstream commit
whitespace at EOL

Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
2016-04-08 18:21:51 +10:00
djm@openbsd.org
e30cabfa4a upstream commit
fix regression in openssh-6.8 sftp client: existing
 destination directories would incorrectly terminate recursive uploads;
 bz#2528

Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
2016-02-11 13:22:05 +11:00
djm@openbsd.org
9cc6842493 upstream commit
add error message on ftruncate failure; bz#2176

Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
2015-05-28 18:54:55 +10:00
jsg@openbsd.org
64a89ec076 upstream commit
fix a memory leak in an error path ok markus@ dtucker@

Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
2015-05-25 09:49:46 +10:00
deraadt@openbsd.org
657a5fbc0d upstream commit
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
2015-04-29 18:15:23 +10:00
deraadt@openbsd.org
087266ec33 upstream commit
Reduce use of <sys/param.h> and transition to <limits.h>
 throughout. ok djm markus
2015-01-26 23:58:53 +11:00
djm@openbsd.org
7d845f4a0b upstream commit
update sftp client and server to new buffer API. pretty
 much just mechanical changes; with & ok markus
2015-01-15 02:22:18 +11:00
Damien Miller
d8accc0aa7 - logan@cvs.openbsd.org 2014/04/21 14:36:16
[sftp-client.c sftp-client.h sftp.c]
     Implement sftp upload resume support.
     OK from djm@, with input from guenther@, mlarkin@ and
     okan@
2014-05-15 13:46:25 +10:00
Damien Miller
1d2c456426 - tedu@cvs.openbsd.org 2014/01/31 16:39:19
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
     replace most bzero with explicit_bzero, except a few that cna be memset
     ok djm dtucker
2014-02-04 11:18:20 +11:00
Darren Tucker
5f1c57a7a7 - djm@cvs.openbsd.org 2014/01/17 00:21:06
[sftp-client.c]
     signed/unsigned comparison warning fix; from portable (Id sync only)
2014-01-17 16:29:45 +11:00
Damien Miller
c3d483f9a8 - (djm) [sftp-client.c] signed/unsigned comparison fix 2014-01-17 11:20:26 +11:00
Damien Miller
52c371cd6d - djm@cvs.openbsd.org 2014/01/16 07:31:09
[sftp-client.c]
     needless and incorrect cast to size_t can break resumption of
     large download; patch from tobias@
2014-01-16 18:42:10 +11:00
Damien Miller
393920745f - djm@cvs.openbsd.org 2013/12/05 22:59:45
[sftp-client.c]
     fix memory leak in error path in do_readdir(); pointed out by
     Loganaden Velvindron @ AfriNIC in bz#2163
2013-12-07 10:31:08 +11:00
Damien Miller
9275df3e0a - djm@cvs.openbsd.org 2013/12/04 04:20:01
[sftp-client.c]
     bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
     AfriNIC
2013-12-05 10:26:32 +11:00
Damien Miller
0600c7020f - dtucker@cvs.openbsd.org 2013/11/08 11:15:19
[bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
     [uidswap.c] Include stdlib.h for free() as per the man page.
2013-11-21 13:55:43 +11:00
Damien Miller
6c81fee693 - djm@cvs.openbsd.org 2013/11/08 00:39:15
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
     [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
     [sftp-client.c sftp-glob.c]
     use calloc for all structure allocations; from markus@
2013-11-08 12:19:55 +11:00
Damien Miller
f29238e674 - djm@cvs.openbsd.org 2013/10/17 00:30:13
[PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
     fsync@openssh.com protocol extension for sftp-server
     client support to allow calling fsync() faster successful transfer
     patch mostly by imorgan AT nas.nasa.gov; bz#1798
     "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
2013-10-17 11:48:52 +11:00
Damien Miller
2f93d0556e - djm@cvs.openbsd.org 2013/10/11 02:52:23
[sftp-client.c]
     missed one arg reorder
2013-10-15 12:06:27 +11:00
Damien Miller
bda5c84457 - djm@cvs.openbsd.org 2013/10/11 02:45:36
[sftp-client.c]
     rename flag arguments to be more clear and consistent.
     reorder some internal function arguments to make adding additional flags
     easier.
     no functional change
2013-10-15 12:05:58 +11:00
Darren Tucker
b59aaf3c4f - djm@cvs.openbsd.org 2013/09/19 00:49:12
[sftp-client.c]
     fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
2013-10-10 10:26:21 +11:00
Damien Miller
fec029f1dc - djm@cvs.openbsd.org 2013/08/09 03:39:13
[sftp-client.c]
     two problems found by a to-be-committed regress test: 1) msg_id was not
     being initialised so was starting at a random value from the heap
     (harmless, but confusing). 2) some error conditions were not being
     propagated back to the caller
2013-08-21 02:42:12 +10:00
Damien Miller
c7dba12bf9 - djm@cvs.openbsd.org 2013/08/08 05:04:03
[sftp-client.c sftp-client.h sftp.c]
     add a "-l" flag for the rename command to force it to use the silly
     standard SSH_FXP_RENAME command instead of the POSIX-rename- like
     posix-rename@openssh.com extension.

     intended for use in regress tests, so no documentation.
2013-08-21 02:41:15 +10:00
Tim Rice
ed899eb597 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on
Solaris and UnixWare. Feedback and OK djm@
2013-07-25 15:40:00 -07:00
Damien Miller
0d032419ee - djm@cvs.openbsd.org 2013/07/25 00:56:52
[sftp-client.c sftp-client.h sftp.1 sftp.c]
     sftp support for resuming partial downloads; patch mostly by Loganaden
     Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
2013-07-25 11:56:52 +10:00
Darren Tucker
c9a1991b95 - dtucker@cvs.openbsd.org 2013/06/01 22:34:50
[sftp-client.c]
     Update progressmeter when data is acked, not when it's sent.  bz#2108, from
     Debian via Colin Watson, ok djm@
2013-06-02 08:37:05 +10:00
Darren Tucker
3750fce6ac - dtucker@cvs.openbsd.org 2013/06/01 20:59:25
[scp.c sftp-client.c]
     Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is.  Patch
     from Nathan Osman via bz#2113.  ok deraadt.

(note: corrected bug number from 2085)
2013-06-02 07:52:21 +10:00
Darren Tucker
a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Darren Tucker
4908d44e67 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26
[ssh-pkcs11-helper.c sftp-client.c]
     fix a couple of "assigned but not used" warnings.  ok markus@
2012-07-02 22:15:38 +10:00
Damien Miller
57c38ac7d5 - markus@cvs.openbsd.org 2011/09/12 08:46:15
[sftp-client.c]
     fix leak in do_lsreaddir(); ok djm
2011-09-22 21:42:45 +10:00
Damien Miller
3decdba425 - markus@cvs.openbsd.org 2011/09/11 16:07:26
[sftp-client.c]
     fix leaks in do_hardlink() and do_readlink(); bz#1921
     from Loganaden Velvindron
2011-09-22 21:41:05 +10:00
Darren Tucker
af1f909254 - djm@cvs.openbsd.org 2010/12/04 00:18:01
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@
2010-12-05 09:02:47 +11:00
Damien Miller
65e42f87fe - djm@cvs.openbsd.org 2010/09/22 22:58:51
[atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@
2010-09-24 22:15:11 +10:00
Damien Miller
c4bb91c79c - djm@cvs.openbsd.org 2010/07/19 03:16:33
[sftp-client.c]
     bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
     upload depth checks and causing verbose printing of transfers to always
     be turned on; patch from imorgan AT nas.nasa.gov
2010-08-03 16:04:22 +10:00
Damien Miller
495663165f - djm@cvs.openbsd.org 2010/06/18 04:43:08
[sftp-client.c]
     fix memory leak in do_realpath() error path; bz#1771, patch from
     anicka AT suse.cz
2010-06-26 09:38:23 +10:00
Darren Tucker
438b47320c - dtucker@cvs.openbsd.org 2009/10/11 10:41:26
[sftp-client.c]
     d_type isn't portable so use lstat to get dirent modes.  Suggested by and
     "looks sane" deraadt@
2009-10-11 21:52:10 +11:00
Darren Tucker
c182d99376 - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
   lstat.
2009-10-11 21:50:20 +11:00
Darren Tucker
538738d861 - (dtucker) d_type is not mandated by POSIX, so add fallback code using
stat(), needed on at least cygwin.
2009-10-07 18:56:10 +11:00
Darren Tucker
4adeac764e - (dtucker) [configure.ac sftp-client.c] DOTTIF is in fs/ffs/dir.h on at
least dragonflybsd.
2009-10-07 15:49:48 +11:00
Darren Tucker
1b0dd17537 - djm@cvs.openbsd.org 2009/08/18 18:36:21
[sftp-client.h sftp.1 sftp-client.c sftp.c]
     recursive transfer support for get/put and on the commandline
     work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code
     with some tweaks by me; "go for it" deraadt@
2009-10-07 08:37:48 +11:00
Darren Tucker
c22f090a2f - djm@cvs.openbsd.org 2009/08/14 18:17:49
[sftp-client.c]
     make the "get_handle: ..." error messages vaguely useful by allowing
     callers to specify their own error message strings.
2009-10-07 08:24:19 +11:00
Darren Tucker
821d3dbe36 - dtucker@cvs.openbsd.org 2009/06/22 05:39:28
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
     alphabetize includes; reduces diff vs portable and style(9).
     ok stevesk djm
     (Id sync only; these were already in order in -portable)
2009-06-22 16:11:06 +10:00