1 /* $OpenBSD: sftp-client.c,v 1.176 2024/05/17 02:39:11 jsg Exp $ */ 2 /* 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 /* XXX: memleaks */ 19 /* XXX: signed vs unsigned */ 20 /* XXX: remove all logging, only return status codes */ 21 /* XXX: copy between two remote sites */ 22 23 #include <sys/types.h> 24 #include <sys/poll.h> 25 #include <sys/queue.h> 26 #include <sys/stat.h> 27 #include <sys/time.h> 28 #include <sys/statvfs.h> 29 #include <sys/uio.h> 30 31 #include <dirent.h> 32 #include <errno.h> 33 #include <fcntl.h> 34 #include <poll.h> 35 #include <signal.h> 36 #include <stdarg.h> 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include <string.h> 40 #include <unistd.h> 41 42 #include "xmalloc.h" 43 #include "ssherr.h" 44 #include "sshbuf.h" 45 #include "log.h" 46 #include "atomicio.h" 47 #include "progressmeter.h" 48 #include "misc.h" 49 #include "utf8.h" 50 51 #include "sftp.h" 52 #include "sftp-common.h" 53 #include "sftp-client.h" 54 55 extern volatile sig_atomic_t interrupted; 56 extern int showprogress; 57 58 /* Default size of buffer for up/download (fix sftp.1 scp.1 if changed) */ 59 #define DEFAULT_COPY_BUFLEN 32768 60 61 /* Default number of concurrent xfer requests (fix sftp.1 scp.1 if changed) */ 62 #define DEFAULT_NUM_REQUESTS 64 63 64 /* Minimum amount of data to read at a time */ 65 #define MIN_READ_SIZE 512 66 67 /* Maximum depth to descend in directory trees */ 68 #define MAX_DIR_DEPTH 64 69 70 struct sftp_conn { 71 int fd_in; 72 int fd_out; 73 u_int download_buflen; 74 u_int upload_buflen; 75 u_int num_requests; 76 u_int version; 77 u_int msg_id; 78 #define SFTP_EXT_POSIX_RENAME 0x00000001 79 #define SFTP_EXT_STATVFS 0x00000002 80 #define SFTP_EXT_FSTATVFS 0x00000004 81 #define SFTP_EXT_HARDLINK 0x00000008 82 #define SFTP_EXT_FSYNC 0x00000010 83 #define SFTP_EXT_LSETSTAT 0x00000020 84 #define SFTP_EXT_LIMITS 0x00000040 85 #define SFTP_EXT_PATH_EXPAND 0x00000080 86 #define SFTP_EXT_COPY_DATA 0x00000100 87 #define SFTP_EXT_GETUSERSGROUPS_BY_ID 0x00000200 88 u_int exts; 89 u_int64_t limit_kbps; 90 struct bwlimit bwlimit_in, bwlimit_out; 91 }; 92 93 /* Tracks in-progress requests during file transfers */ 94 struct request { 95 u_int id; 96 size_t len; 97 u_int64_t offset; 98 TAILQ_ENTRY(request) tq; 99 }; 100 TAILQ_HEAD(requests, request); 101 102 static u_char * 103 get_handle(struct sftp_conn *conn, u_int expected_id, size_t *len, 104 const char *errfmt, ...) __attribute__((format(printf, 4, 5))); 105 106 static struct request * 107 request_enqueue(struct requests *requests, u_int id, size_t len, 108 uint64_t offset) 109 { 110 struct request *req; 111 112 req = xcalloc(1, sizeof(*req)); 113 req->id = id; 114 req->len = len; 115 req->offset = offset; 116 TAILQ_INSERT_TAIL(requests, req, tq); 117 return req; 118 } 119 120 static struct request * 121 request_find(struct requests *requests, u_int id) 122 { 123 struct request *req; 124 125 for (req = TAILQ_FIRST(requests); 126 req != NULL && req->id != id; 127 req = TAILQ_NEXT(req, tq)) 128 ; 129 return req; 130 } 131 132 static int 133 sftpio(void *_bwlimit, size_t amount) 134 { 135 struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; 136 137 refresh_progress_meter(0); 138 if (bwlimit != NULL) 139 bandwidth_limit(bwlimit, amount); 140 return 0; 141 } 142 143 static void 144 send_msg(struct sftp_conn *conn, struct sshbuf *m) 145 { 146 u_char mlen[4]; 147 struct iovec iov[2]; 148 149 if (sshbuf_len(m) > SFTP_MAX_MSG_LENGTH) 150 fatal("Outbound message too long %zu", sshbuf_len(m)); 151 152 /* Send length first */ 153 put_u32(mlen, sshbuf_len(m)); 154 iov[0].iov_base = mlen; 155 iov[0].iov_len = sizeof(mlen); 156 iov[1].iov_base = (u_char *)sshbuf_ptr(m); 157 iov[1].iov_len = sshbuf_len(m); 158 159 if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, 160 conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != 161 sshbuf_len(m) + sizeof(mlen)) 162 fatal("Couldn't send packet: %s", strerror(errno)); 163 164 sshbuf_reset(m); 165 } 166 167 static void 168 get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) 169 { 170 u_int msg_len; 171 u_char *p; 172 int r; 173 174 sshbuf_reset(m); 175 if ((r = sshbuf_reserve(m, 4, &p)) != 0) 176 fatal_fr(r, "reserve"); 177 if (atomicio6(read, conn->fd_in, p, 4, sftpio, 178 conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { 179 if (errno == EPIPE || errno == ECONNRESET) 180 fatal("Connection closed"); 181 else 182 fatal("Couldn't read packet: %s", strerror(errno)); 183 } 184 185 if ((r = sshbuf_get_u32(m, &msg_len)) != 0) 186 fatal_fr(r, "sshbuf_get_u32"); 187 if (msg_len > SFTP_MAX_MSG_LENGTH) { 188 do_log2(initial ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_FATAL, 189 "Received message too long %u", msg_len); 190 fatal("Ensure the remote shell produces no output " 191 "for non-interactive sessions."); 192 } 193 194 if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) 195 fatal_fr(r, "reserve"); 196 if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, 197 conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) 198 != msg_len) { 199 if (errno == EPIPE) 200 fatal("Connection closed"); 201 else 202 fatal("Read packet: %s", strerror(errno)); 203 } 204 } 205 206 static void 207 get_msg(struct sftp_conn *conn, struct sshbuf *m) 208 { 209 get_msg_extended(conn, m, 0); 210 } 211 212 static void 213 send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s, 214 u_int len) 215 { 216 struct sshbuf *msg; 217 int r; 218 219 if ((msg = sshbuf_new()) == NULL) 220 fatal_f("sshbuf_new failed"); 221 if ((r = sshbuf_put_u8(msg, code)) != 0 || 222 (r = sshbuf_put_u32(msg, id)) != 0 || 223 (r = sshbuf_put_string(msg, s, len)) != 0) 224 fatal_fr(r, "compose"); 225 send_msg(conn, msg); 226 debug3("Sent message fd %d T:%u I:%u", conn->fd_out, code, id); 227 sshbuf_free(msg); 228 } 229 230 static void 231 send_string_attrs_request(struct sftp_conn *conn, u_int id, u_int code, 232 const void *s, u_int len, Attrib *a) 233 { 234 struct sshbuf *msg; 235 int r; 236 237 if ((msg = sshbuf_new()) == NULL) 238 fatal_f("sshbuf_new failed"); 239 if ((r = sshbuf_put_u8(msg, code)) != 0 || 240 (r = sshbuf_put_u32(msg, id)) != 0 || 241 (r = sshbuf_put_string(msg, s, len)) != 0 || 242 (r = encode_attrib(msg, a)) != 0) 243 fatal_fr(r, "compose"); 244 send_msg(conn, msg); 245 debug3("Sent message fd %d T:%u I:%u F:0x%04x M:%05o", 246 conn->fd_out, code, id, a->flags, a->perm); 247 sshbuf_free(msg); 248 } 249 250 static u_int 251 get_status(struct sftp_conn *conn, u_int expected_id) 252 { 253 struct sshbuf *msg; 254 u_char type; 255 u_int id, status; 256 int r; 257 258 if ((msg = sshbuf_new()) == NULL) 259 fatal_f("sshbuf_new failed"); 260 get_msg(conn, msg); 261 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 262 (r = sshbuf_get_u32(msg, &id)) != 0) 263 fatal_fr(r, "compose"); 264 265 if (id != expected_id) 266 fatal("ID mismatch (%u != %u)", id, expected_id); 267 if (type != SSH2_FXP_STATUS) 268 fatal("Expected SSH2_FXP_STATUS(%u) packet, got %u", 269 SSH2_FXP_STATUS, type); 270 271 if ((r = sshbuf_get_u32(msg, &status)) != 0) 272 fatal_fr(r, "parse"); 273 sshbuf_free(msg); 274 275 debug3("SSH2_FXP_STATUS %u", status); 276 277 return status; 278 } 279 280 static u_char * 281 get_handle(struct sftp_conn *conn, u_int expected_id, size_t *len, 282 const char *errfmt, ...) 283 { 284 struct sshbuf *msg; 285 u_int id, status; 286 u_char type; 287 u_char *handle; 288 char errmsg[256]; 289 va_list args; 290 int r; 291 292 va_start(args, errfmt); 293 if (errfmt != NULL) 294 vsnprintf(errmsg, sizeof(errmsg), errfmt, args); 295 va_end(args); 296 297 if ((msg = sshbuf_new()) == NULL) 298 fatal_f("sshbuf_new failed"); 299 get_msg(conn, msg); 300 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 301 (r = sshbuf_get_u32(msg, &id)) != 0) 302 fatal_fr(r, "parse"); 303 304 if (id != expected_id) 305 fatal("%s: ID mismatch (%u != %u)", 306 errfmt == NULL ? __func__ : errmsg, id, expected_id); 307 if (type == SSH2_FXP_STATUS) { 308 if ((r = sshbuf_get_u32(msg, &status)) != 0) 309 fatal_fr(r, "parse status"); 310 if (errfmt != NULL) 311 error("%s: %s", errmsg, fx2txt(status)); 312 sshbuf_free(msg); 313 return(NULL); 314 } else if (type != SSH2_FXP_HANDLE) 315 fatal("%s: Expected SSH2_FXP_HANDLE(%u) packet, got %u", 316 errfmt == NULL ? __func__ : errmsg, SSH2_FXP_HANDLE, type); 317 318 if ((r = sshbuf_get_string(msg, &handle, len)) != 0) 319 fatal_fr(r, "parse handle"); 320 sshbuf_free(msg); 321 322 return handle; 323 } 324 325 static int 326 get_decode_stat(struct sftp_conn *conn, u_int expected_id, int quiet, Attrib *a) 327 { 328 struct sshbuf *msg; 329 u_int id; 330 u_char type; 331 int r; 332 Attrib attr; 333 334 if (a != NULL) 335 memset(a, '\0', sizeof(*a)); 336 if ((msg = sshbuf_new()) == NULL) 337 fatal_f("sshbuf_new failed"); 338 get_msg(conn, msg); 339 340 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 341 (r = sshbuf_get_u32(msg, &id)) != 0) 342 fatal_fr(r, "parse"); 343 344 if (id != expected_id) 345 fatal("ID mismatch (%u != %u)", id, expected_id); 346 if (type == SSH2_FXP_STATUS) { 347 u_int status; 348 349 if ((r = sshbuf_get_u32(msg, &status)) != 0) 350 fatal_fr(r, "parse status"); 351 if (quiet) 352 debug("stat remote: %s", fx2txt(status)); 353 else 354 error("stat remote: %s", fx2txt(status)); 355 sshbuf_free(msg); 356 return -1; 357 } else if (type != SSH2_FXP_ATTRS) { 358 fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u", 359 SSH2_FXP_ATTRS, type); 360 } 361 if ((r = decode_attrib(msg, &attr)) != 0) { 362 error_fr(r, "decode_attrib"); 363 sshbuf_free(msg); 364 return -1; 365 } 366 /* success */ 367 if (a != NULL) 368 *a = attr; 369 debug3("Received stat reply T:%u I:%u F:0x%04x M:%05o", 370 type, id, attr.flags, attr.perm); 371 sshbuf_free(msg); 372 373 return 0; 374 } 375 376 static int 377 get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st, 378 u_int expected_id, int quiet) 379 { 380 struct sshbuf *msg; 381 u_char type; 382 u_int id; 383 u_int64_t flag; 384 int r; 385 386 if ((msg = sshbuf_new()) == NULL) 387 fatal_f("sshbuf_new failed"); 388 get_msg(conn, msg); 389 390 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 391 (r = sshbuf_get_u32(msg, &id)) != 0) 392 fatal_fr(r, "parse"); 393 394 debug3("Received statvfs reply T:%u I:%u", type, id); 395 if (id != expected_id) 396 fatal("ID mismatch (%u != %u)", id, expected_id); 397 if (type == SSH2_FXP_STATUS) { 398 u_int status; 399 400 if ((r = sshbuf_get_u32(msg, &status)) != 0) 401 fatal_fr(r, "parse status"); 402 if (quiet) 403 debug("remote statvfs: %s", fx2txt(status)); 404 else 405 error("remote statvfs: %s", fx2txt(status)); 406 sshbuf_free(msg); 407 return -1; 408 } else if (type != SSH2_FXP_EXTENDED_REPLY) { 409 fatal("Expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u", 410 SSH2_FXP_EXTENDED_REPLY, type); 411 } 412 413 memset(st, 0, sizeof(*st)); 414 if ((r = sshbuf_get_u64(msg, &st->f_bsize)) != 0 || 415 (r = sshbuf_get_u64(msg, &st->f_frsize)) != 0 || 416 (r = sshbuf_get_u64(msg, &st->f_blocks)) != 0 || 417 (r = sshbuf_get_u64(msg, &st->f_bfree)) != 0 || 418 (r = sshbuf_get_u64(msg, &st->f_bavail)) != 0 || 419 (r = sshbuf_get_u64(msg, &st->f_files)) != 0 || 420 (r = sshbuf_get_u64(msg, &st->f_ffree)) != 0 || 421 (r = sshbuf_get_u64(msg, &st->f_favail)) != 0 || 422 (r = sshbuf_get_u64(msg, &st->f_fsid)) != 0 || 423 (r = sshbuf_get_u64(msg, &flag)) != 0 || 424 (r = sshbuf_get_u64(msg, &st->f_namemax)) != 0) 425 fatal_fr(r, "parse statvfs"); 426 427 st->f_flag = (flag & SSH2_FXE_STATVFS_ST_RDONLY) ? ST_RDONLY : 0; 428 st->f_flag |= (flag & SSH2_FXE_STATVFS_ST_NOSUID) ? ST_NOSUID : 0; 429 430 sshbuf_free(msg); 431 432 return 0; 433 } 434 435 struct sftp_conn * 436 sftp_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests, 437 u_int64_t limit_kbps) 438 { 439 u_char type; 440 struct sshbuf *msg; 441 struct sftp_conn *ret; 442 int r; 443 444 ret = xcalloc(1, sizeof(*ret)); 445 ret->msg_id = 1; 446 ret->fd_in = fd_in; 447 ret->fd_out = fd_out; 448 ret->download_buflen = ret->upload_buflen = 449 transfer_buflen ? transfer_buflen : DEFAULT_COPY_BUFLEN; 450 ret->num_requests = 451 num_requests ? num_requests : DEFAULT_NUM_REQUESTS; 452 ret->exts = 0; 453 ret->limit_kbps = 0; 454 455 if ((msg = sshbuf_new()) == NULL) 456 fatal_f("sshbuf_new failed"); 457 if ((r = sshbuf_put_u8(msg, SSH2_FXP_INIT)) != 0 || 458 (r = sshbuf_put_u32(msg, SSH2_FILEXFER_VERSION)) != 0) 459 fatal_fr(r, "parse"); 460 461 send_msg(ret, msg); 462 463 get_msg_extended(ret, msg, 1); 464 465 /* Expecting a VERSION reply */ 466 if ((r = sshbuf_get_u8(msg, &type)) != 0) 467 fatal_fr(r, "parse type"); 468 if (type != SSH2_FXP_VERSION) { 469 error("Invalid packet back from SSH2_FXP_INIT (type %u)", 470 type); 471 sshbuf_free(msg); 472 free(ret); 473 return(NULL); 474 } 475 if ((r = sshbuf_get_u32(msg, &ret->version)) != 0) 476 fatal_fr(r, "parse version"); 477 478 debug2("Remote version: %u", ret->version); 479 480 /* Check for extensions */ 481 while (sshbuf_len(msg) > 0) { 482 char *name; 483 u_char *value; 484 size_t vlen; 485 int known = 0; 486 487 if ((r = sshbuf_get_cstring(msg, &name, NULL)) != 0 || 488 (r = sshbuf_get_string(msg, &value, &vlen)) != 0) 489 fatal_fr(r, "parse extension"); 490 if (strcmp(name, "posix-rename@openssh.com") == 0 && 491 strcmp((char *)value, "1") == 0) { 492 ret->exts |= SFTP_EXT_POSIX_RENAME; 493 known = 1; 494 } else if (strcmp(name, "statvfs@openssh.com") == 0 && 495 strcmp((char *)value, "2") == 0) { 496 ret->exts |= SFTP_EXT_STATVFS; 497 known = 1; 498 } else if (strcmp(name, "fstatvfs@openssh.com") == 0 && 499 strcmp((char *)value, "2") == 0) { 500 ret->exts |= SFTP_EXT_FSTATVFS; 501 known = 1; 502 } else if (strcmp(name, "hardlink@openssh.com") == 0 && 503 strcmp((char *)value, "1") == 0) { 504 ret->exts |= SFTP_EXT_HARDLINK; 505 known = 1; 506 } else if (strcmp(name, "fsync@openssh.com") == 0 && 507 strcmp((char *)value, "1") == 0) { 508 ret->exts |= SFTP_EXT_FSYNC; 509 known = 1; 510 } else if (strcmp(name, "lsetstat@openssh.com") == 0 && 511 strcmp((char *)value, "1") == 0) { 512 ret->exts |= SFTP_EXT_LSETSTAT; 513 known = 1; 514 } else if (strcmp(name, "limits@openssh.com") == 0 && 515 strcmp((char *)value, "1") == 0) { 516 ret->exts |= SFTP_EXT_LIMITS; 517 known = 1; 518 } else if (strcmp(name, "expand-path@openssh.com") == 0 && 519 strcmp((char *)value, "1") == 0) { 520 ret->exts |= SFTP_EXT_PATH_EXPAND; 521 known = 1; 522 } else if (strcmp(name, "copy-data") == 0 && 523 strcmp((char *)value, "1") == 0) { 524 ret->exts |= SFTP_EXT_COPY_DATA; 525 known = 1; 526 } else if (strcmp(name, 527 "users-groups-by-id@openssh.com") == 0 && 528 strcmp((char *)value, "1") == 0) { 529 ret->exts |= SFTP_EXT_GETUSERSGROUPS_BY_ID; 530 known = 1; 531 } 532 if (known) { 533 debug2("Server supports extension \"%s\" revision %s", 534 name, value); 535 } else { 536 debug2("Unrecognised server extension \"%s\"", name); 537 } 538 free(name); 539 free(value); 540 } 541 542 sshbuf_free(msg); 543 544 /* Query the server for its limits */ 545 if (ret->exts & SFTP_EXT_LIMITS) { 546 struct sftp_limits limits; 547 if (sftp_get_limits(ret, &limits) != 0) 548 fatal_f("limits failed"); 549 550 /* If the caller did not specify, find a good value */ 551 if (transfer_buflen == 0) { 552 ret->download_buflen = MINIMUM(limits.read_length, 553 SFTP_MAX_MSG_LENGTH - 1024); 554 ret->upload_buflen = MINIMUM(limits.write_length, 555 SFTP_MAX_MSG_LENGTH - 1024); 556 ret->download_buflen = MAXIMUM(ret->download_buflen, 64); 557 ret->upload_buflen = MAXIMUM(ret->upload_buflen, 64); 558 debug3("server upload/download buffer sizes " 559 "%llu / %llu; using %u / %u", 560 (unsigned long long)limits.write_length, 561 (unsigned long long)limits.read_length, 562 ret->upload_buflen, ret->download_buflen); 563 } 564 565 /* Use the server limit to scale down our value only */ 566 if (num_requests == 0 && limits.open_handles) { 567 ret->num_requests = 568 MINIMUM(DEFAULT_NUM_REQUESTS, limits.open_handles); 569 if (ret->num_requests == 0) 570 ret->num_requests = 1; 571 debug3("server handle limit %llu; using %u", 572 (unsigned long long)limits.open_handles, 573 ret->num_requests); 574 } 575 } 576 577 /* Some filexfer v.0 servers don't support large packets */ 578 if (ret->version == 0) { 579 ret->download_buflen = MINIMUM(ret->download_buflen, 20480); 580 ret->upload_buflen = MINIMUM(ret->upload_buflen, 20480); 581 } 582 583 ret->limit_kbps = limit_kbps; 584 if (ret->limit_kbps > 0) { 585 bandwidth_limit_init(&ret->bwlimit_in, ret->limit_kbps, 586 ret->download_buflen); 587 bandwidth_limit_init(&ret->bwlimit_out, ret->limit_kbps, 588 ret->upload_buflen); 589 } 590 591 return ret; 592 } 593 594 u_int 595 sftp_proto_version(struct sftp_conn *conn) 596 { 597 return conn->version; 598 } 599 600 int 601 sftp_get_limits(struct sftp_conn *conn, struct sftp_limits *limits) 602 { 603 u_int id, msg_id; 604 u_char type; 605 struct sshbuf *msg; 606 int r; 607 608 if ((conn->exts & SFTP_EXT_LIMITS) == 0) { 609 error("Server does not support limits@openssh.com extension"); 610 return -1; 611 } 612 613 if ((msg = sshbuf_new()) == NULL) 614 fatal_f("sshbuf_new failed"); 615 616 id = conn->msg_id++; 617 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 618 (r = sshbuf_put_u32(msg, id)) != 0 || 619 (r = sshbuf_put_cstring(msg, "limits@openssh.com")) != 0) 620 fatal_fr(r, "compose"); 621 send_msg(conn, msg); 622 debug3("Sent message limits@openssh.com I:%u", id); 623 624 get_msg(conn, msg); 625 626 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 627 (r = sshbuf_get_u32(msg, &msg_id)) != 0) 628 fatal_fr(r, "parse"); 629 630 debug3("Received limits reply T:%u I:%u", type, msg_id); 631 if (id != msg_id) 632 fatal("ID mismatch (%u != %u)", msg_id, id); 633 if (type != SSH2_FXP_EXTENDED_REPLY) { 634 debug_f("expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u", 635 SSH2_FXP_EXTENDED_REPLY, type); 636 /* Disable the limits extension */ 637 conn->exts &= ~SFTP_EXT_LIMITS; 638 sshbuf_free(msg); 639 return -1; 640 } 641 642 memset(limits, 0, sizeof(*limits)); 643 if ((r = sshbuf_get_u64(msg, &limits->packet_length)) != 0 || 644 (r = sshbuf_get_u64(msg, &limits->read_length)) != 0 || 645 (r = sshbuf_get_u64(msg, &limits->write_length)) != 0 || 646 (r = sshbuf_get_u64(msg, &limits->open_handles)) != 0) 647 fatal_fr(r, "parse limits"); 648 649 sshbuf_free(msg); 650 651 return 0; 652 } 653 654 int 655 sftp_close(struct sftp_conn *conn, const u_char *handle, u_int handle_len) 656 { 657 u_int id, status; 658 struct sshbuf *msg; 659 int r; 660 661 if ((msg = sshbuf_new()) == NULL) 662 fatal_f("sshbuf_new failed"); 663 664 id = conn->msg_id++; 665 if ((r = sshbuf_put_u8(msg, SSH2_FXP_CLOSE)) != 0 || 666 (r = sshbuf_put_u32(msg, id)) != 0 || 667 (r = sshbuf_put_string(msg, handle, handle_len)) != 0) 668 fatal_fr(r, "parse"); 669 send_msg(conn, msg); 670 debug3("Sent message SSH2_FXP_CLOSE I:%u", id); 671 672 status = get_status(conn, id); 673 if (status != SSH2_FX_OK) 674 error("close remote: %s", fx2txt(status)); 675 676 sshbuf_free(msg); 677 678 return status == SSH2_FX_OK ? 0 : -1; 679 } 680 681 682 static int 683 sftp_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag, 684 SFTP_DIRENT ***dir) 685 { 686 struct sshbuf *msg; 687 u_int count, id, i, expected_id, ents = 0; 688 size_t handle_len; 689 u_char type, *handle; 690 int status = SSH2_FX_FAILURE; 691 int r; 692 693 if (dir) 694 *dir = NULL; 695 696 id = conn->msg_id++; 697 698 if ((msg = sshbuf_new()) == NULL) 699 fatal_f("sshbuf_new failed"); 700 if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPENDIR)) != 0 || 701 (r = sshbuf_put_u32(msg, id)) != 0 || 702 (r = sshbuf_put_cstring(msg, path)) != 0) 703 fatal_fr(r, "compose OPENDIR"); 704 send_msg(conn, msg); 705 706 handle = get_handle(conn, id, &handle_len, 707 "remote readdir(\"%s\")", path); 708 if (handle == NULL) { 709 sshbuf_free(msg); 710 return -1; 711 } 712 713 if (dir) { 714 ents = 0; 715 *dir = xcalloc(1, sizeof(**dir)); 716 (*dir)[0] = NULL; 717 } 718 719 for (; !interrupted;) { 720 id = expected_id = conn->msg_id++; 721 722 debug3("Sending SSH2_FXP_READDIR I:%u", id); 723 724 sshbuf_reset(msg); 725 if ((r = sshbuf_put_u8(msg, SSH2_FXP_READDIR)) != 0 || 726 (r = sshbuf_put_u32(msg, id)) != 0 || 727 (r = sshbuf_put_string(msg, handle, handle_len)) != 0) 728 fatal_fr(r, "compose READDIR"); 729 send_msg(conn, msg); 730 731 sshbuf_reset(msg); 732 733 get_msg(conn, msg); 734 735 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 736 (r = sshbuf_get_u32(msg, &id)) != 0) 737 fatal_fr(r, "parse"); 738 739 debug3("Received reply T:%u I:%u", type, id); 740 741 if (id != expected_id) 742 fatal("ID mismatch (%u != %u)", id, expected_id); 743 744 if (type == SSH2_FXP_STATUS) { 745 u_int rstatus; 746 747 if ((r = sshbuf_get_u32(msg, &rstatus)) != 0) 748 fatal_fr(r, "parse status"); 749 debug3("Received SSH2_FXP_STATUS %d", rstatus); 750 if (rstatus == SSH2_FX_EOF) 751 break; 752 error("Couldn't read directory: %s", fx2txt(rstatus)); 753 goto out; 754 } else if (type != SSH2_FXP_NAME) 755 fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", 756 SSH2_FXP_NAME, type); 757 758 if ((r = sshbuf_get_u32(msg, &count)) != 0) 759 fatal_fr(r, "parse count"); 760 if (count > SSHBUF_SIZE_MAX) 761 fatal_f("nonsensical number of entries"); 762 if (count == 0) 763 break; 764 debug3("Received %d SSH2_FXP_NAME responses", count); 765 for (i = 0; i < count; i++) { 766 char *filename, *longname; 767 Attrib a; 768 769 if ((r = sshbuf_get_cstring(msg, &filename, 770 NULL)) != 0 || 771 (r = sshbuf_get_cstring(msg, &longname, 772 NULL)) != 0) 773 fatal_fr(r, "parse filenames"); 774 if ((r = decode_attrib(msg, &a)) != 0) { 775 error_fr(r, "couldn't decode attrib"); 776 free(filename); 777 free(longname); 778 goto out; 779 } 780 781 if (print_flag) 782 mprintf("%s\n", longname); 783 784 /* 785 * Directory entries should never contain '/' 786 * These can be used to attack recursive ops 787 * (e.g. send '../../../../etc/passwd') 788 */ 789 if (strchr(filename, '/') != NULL) { 790 error("Server sent suspect path \"%s\" " 791 "during readdir of \"%s\"", filename, path); 792 } else if (dir) { 793 *dir = xreallocarray(*dir, ents + 2, sizeof(**dir)); 794 (*dir)[ents] = xcalloc(1, sizeof(***dir)); 795 (*dir)[ents]->filename = xstrdup(filename); 796 (*dir)[ents]->longname = xstrdup(longname); 797 memcpy(&(*dir)[ents]->a, &a, sizeof(a)); 798 (*dir)[++ents] = NULL; 799 } 800 free(filename); 801 free(longname); 802 } 803 } 804 status = 0; 805 806 out: 807 sshbuf_free(msg); 808 sftp_close(conn, handle, handle_len); 809 free(handle); 810 811 if (status != 0 && dir != NULL) { 812 /* Don't return results on error */ 813 sftp_free_dirents(*dir); 814 *dir = NULL; 815 } else if (interrupted && dir != NULL && *dir != NULL) { 816 /* Don't return partial matches on interrupt */ 817 sftp_free_dirents(*dir); 818 *dir = xcalloc(1, sizeof(**dir)); 819 **dir = NULL; 820 } 821 822 return status == SSH2_FX_OK ? 0 : -1; 823 } 824 825 int 826 sftp_readdir(struct sftp_conn *conn, const char *path, SFTP_DIRENT ***dir) 827 { 828 return sftp_lsreaddir(conn, path, 0, dir); 829 } 830 831 void sftp_free_dirents(SFTP_DIRENT **s) 832 { 833 int i; 834 835 if (s == NULL) 836 return; 837 for (i = 0; s[i]; i++) { 838 free(s[i]->filename); 839 free(s[i]->longname); 840 free(s[i]); 841 } 842 free(s); 843 } 844 845 int 846 sftp_rm(struct sftp_conn *conn, const char *path) 847 { 848 u_int status, id; 849 850 debug2("Sending SSH2_FXP_REMOVE \"%s\"", path); 851 852 id = conn->msg_id++; 853 send_string_request(conn, id, SSH2_FXP_REMOVE, path, strlen(path)); 854 status = get_status(conn, id); 855 if (status != SSH2_FX_OK) 856 error("remote delete %s: %s", path, fx2txt(status)); 857 return status == SSH2_FX_OK ? 0 : -1; 858 } 859 860 int 861 sftp_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int print_flag) 862 { 863 u_int status, id; 864 865 debug2("Sending SSH2_FXP_MKDIR \"%s\"", path); 866 867 id = conn->msg_id++; 868 send_string_attrs_request(conn, id, SSH2_FXP_MKDIR, path, 869 strlen(path), a); 870 871 status = get_status(conn, id); 872 if (status != SSH2_FX_OK && print_flag) 873 error("remote mkdir \"%s\": %s", path, fx2txt(status)); 874 875 return status == SSH2_FX_OK ? 0 : -1; 876 } 877 878 int 879 sftp_rmdir(struct sftp_conn *conn, const char *path) 880 { 881 u_int status, id; 882 883 debug2("Sending SSH2_FXP_RMDIR \"%s\"", path); 884 885 id = conn->msg_id++; 886 send_string_request(conn, id, SSH2_FXP_RMDIR, path, 887 strlen(path)); 888 889 status = get_status(conn, id); 890 if (status != SSH2_FX_OK) 891 error("remote rmdir \"%s\": %s", path, fx2txt(status)); 892 893 return status == SSH2_FX_OK ? 0 : -1; 894 } 895 896 int 897 sftp_stat(struct sftp_conn *conn, const char *path, int quiet, Attrib *a) 898 { 899 u_int id; 900 901 debug2("Sending SSH2_FXP_STAT \"%s\"", path); 902 903 id = conn->msg_id++; 904 905 send_string_request(conn, id, 906 conn->version == 0 ? SSH2_FXP_STAT_VERSION_0 : SSH2_FXP_STAT, 907 path, strlen(path)); 908 909 return get_decode_stat(conn, id, quiet, a); 910 } 911 912 int 913 sftp_lstat(struct sftp_conn *conn, const char *path, int quiet, Attrib *a) 914 { 915 u_int id; 916 917 if (conn->version == 0) { 918 do_log2(quiet ? SYSLOG_LEVEL_DEBUG1 : SYSLOG_LEVEL_INFO, 919 "Server version does not support lstat operation"); 920 return sftp_stat(conn, path, quiet, a); 921 } 922 923 id = conn->msg_id++; 924 send_string_request(conn, id, SSH2_FXP_LSTAT, path, 925 strlen(path)); 926 927 return get_decode_stat(conn, id, quiet, a); 928 } 929 930 #ifdef notyet 931 int 932 sftp_fstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len, 933 int quiet, Attrib *a) 934 { 935 u_int id; 936 937 debug2("Sending SSH2_FXP_FSTAT \"%s\""); 938 939 id = conn->msg_id++; 940 send_string_request(conn, id, SSH2_FXP_FSTAT, handle, 941 handle_len); 942 943 return get_decode_stat(conn, id, quiet, a); 944 } 945 #endif 946 947 int 948 sftp_setstat(struct sftp_conn *conn, const char *path, Attrib *a) 949 { 950 u_int status, id; 951 952 debug2("Sending SSH2_FXP_SETSTAT \"%s\"", path); 953 954 id = conn->msg_id++; 955 send_string_attrs_request(conn, id, SSH2_FXP_SETSTAT, path, 956 strlen(path), a); 957 958 status = get_status(conn, id); 959 if (status != SSH2_FX_OK) 960 error("remote setstat \"%s\": %s", path, fx2txt(status)); 961 962 return status == SSH2_FX_OK ? 0 : -1; 963 } 964 965 int 966 sftp_fsetstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len, 967 Attrib *a) 968 { 969 u_int status, id; 970 971 debug2("Sending SSH2_FXP_FSETSTAT"); 972 973 id = conn->msg_id++; 974 send_string_attrs_request(conn, id, SSH2_FXP_FSETSTAT, handle, 975 handle_len, a); 976 977 status = get_status(conn, id); 978 if (status != SSH2_FX_OK) 979 error("remote fsetstat: %s", fx2txt(status)); 980 981 return status == SSH2_FX_OK ? 0 : -1; 982 } 983 984 /* Implements both the realpath and expand-path operations */ 985 static char * 986 sftp_realpath_expand(struct sftp_conn *conn, const char *path, int expand) 987 { 988 struct sshbuf *msg; 989 u_int expected_id, count, id; 990 char *filename, *longname; 991 Attrib a; 992 u_char type; 993 int r; 994 const char *what = "SSH2_FXP_REALPATH"; 995 996 if (expand) 997 what = "expand-path@openssh.com"; 998 if ((msg = sshbuf_new()) == NULL) 999 fatal_f("sshbuf_new failed"); 1000 1001 expected_id = id = conn->msg_id++; 1002 if (expand) { 1003 debug2("Sending SSH2_FXP_EXTENDED(expand-path@openssh.com) " 1004 "\"%s\"", path); 1005 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1006 (r = sshbuf_put_u32(msg, id)) != 0 || 1007 (r = sshbuf_put_cstring(msg, 1008 "expand-path@openssh.com")) != 0 || 1009 (r = sshbuf_put_cstring(msg, path)) != 0) 1010 fatal_fr(r, "compose %s", what); 1011 send_msg(conn, msg); 1012 } else { 1013 debug2("Sending SSH2_FXP_REALPATH \"%s\"", path); 1014 send_string_request(conn, id, SSH2_FXP_REALPATH, 1015 path, strlen(path)); 1016 } 1017 get_msg(conn, msg); 1018 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 1019 (r = sshbuf_get_u32(msg, &id)) != 0) 1020 fatal_fr(r, "parse"); 1021 1022 if (id != expected_id) 1023 fatal("ID mismatch (%u != %u)", id, expected_id); 1024 1025 if (type == SSH2_FXP_STATUS) { 1026 u_int status; 1027 char *errmsg; 1028 1029 if ((r = sshbuf_get_u32(msg, &status)) != 0 || 1030 (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) 1031 fatal_fr(r, "parse status"); 1032 error("%s %s: %s", expand ? "expand" : "realpath", 1033 path, *errmsg == '\0' ? fx2txt(status) : errmsg); 1034 free(errmsg); 1035 sshbuf_free(msg); 1036 return NULL; 1037 } else if (type != SSH2_FXP_NAME) 1038 fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", 1039 SSH2_FXP_NAME, type); 1040 1041 if ((r = sshbuf_get_u32(msg, &count)) != 0) 1042 fatal_fr(r, "parse count"); 1043 if (count != 1) 1044 fatal("Got multiple names (%d) from %s", count, what); 1045 1046 if ((r = sshbuf_get_cstring(msg, &filename, NULL)) != 0 || 1047 (r = sshbuf_get_cstring(msg, &longname, NULL)) != 0 || 1048 (r = decode_attrib(msg, &a)) != 0) 1049 fatal_fr(r, "parse filename/attrib"); 1050 1051 debug3("%s %s -> %s", what, path, filename); 1052 1053 free(longname); 1054 1055 sshbuf_free(msg); 1056 1057 return(filename); 1058 } 1059 1060 char * 1061 sftp_realpath(struct sftp_conn *conn, const char *path) 1062 { 1063 return sftp_realpath_expand(conn, path, 0); 1064 } 1065 1066 int 1067 sftp_can_expand_path(struct sftp_conn *conn) 1068 { 1069 return (conn->exts & SFTP_EXT_PATH_EXPAND) != 0; 1070 } 1071 1072 char * 1073 sftp_expand_path(struct sftp_conn *conn, const char *path) 1074 { 1075 if (!sftp_can_expand_path(conn)) { 1076 debug3_f("no server support, fallback to realpath"); 1077 return sftp_realpath_expand(conn, path, 0); 1078 } 1079 return sftp_realpath_expand(conn, path, 1); 1080 } 1081 1082 int 1083 sftp_copy(struct sftp_conn *conn, const char *oldpath, const char *newpath) 1084 { 1085 Attrib junk, attr; 1086 struct sshbuf *msg; 1087 u_char *old_handle, *new_handle; 1088 u_int mode, status, id; 1089 size_t old_handle_len, new_handle_len; 1090 int r; 1091 1092 /* Return if the extension is not supported */ 1093 if ((conn->exts & SFTP_EXT_COPY_DATA) == 0) { 1094 error("Server does not support copy-data extension"); 1095 return -1; 1096 } 1097 1098 /* Make sure the file exists, and we can copy its perms */ 1099 if (sftp_stat(conn, oldpath, 0, &attr) != 0) 1100 return -1; 1101 1102 /* Do not preserve set[ug]id here, as we do not preserve ownership */ 1103 if (attr.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { 1104 mode = attr.perm & 0777; 1105 1106 if (!S_ISREG(attr.perm)) { 1107 error("Cannot copy non-regular file: %s", oldpath); 1108 return -1; 1109 } 1110 } else { 1111 /* NB: The user's umask will apply to this */ 1112 mode = 0666; 1113 } 1114 1115 /* Set up the new perms for the new file */ 1116 attrib_clear(&attr); 1117 attr.perm = mode; 1118 attr.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; 1119 1120 if ((msg = sshbuf_new()) == NULL) 1121 fatal("%s: sshbuf_new failed", __func__); 1122 1123 attrib_clear(&junk); /* Send empty attributes */ 1124 1125 /* Open the old file for reading */ 1126 id = conn->msg_id++; 1127 if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 || 1128 (r = sshbuf_put_u32(msg, id)) != 0 || 1129 (r = sshbuf_put_cstring(msg, oldpath)) != 0 || 1130 (r = sshbuf_put_u32(msg, SSH2_FXF_READ)) != 0 || 1131 (r = encode_attrib(msg, &junk)) != 0) 1132 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1133 send_msg(conn, msg); 1134 debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, oldpath); 1135 1136 sshbuf_reset(msg); 1137 1138 old_handle = get_handle(conn, id, &old_handle_len, 1139 "remote open(\"%s\")", oldpath); 1140 if (old_handle == NULL) { 1141 sshbuf_free(msg); 1142 return -1; 1143 } 1144 1145 /* Open the new file for writing */ 1146 id = conn->msg_id++; 1147 if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 || 1148 (r = sshbuf_put_u32(msg, id)) != 0 || 1149 (r = sshbuf_put_cstring(msg, newpath)) != 0 || 1150 (r = sshbuf_put_u32(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| 1151 SSH2_FXF_TRUNC)) != 0 || 1152 (r = encode_attrib(msg, &attr)) != 0) 1153 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1154 send_msg(conn, msg); 1155 debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, newpath); 1156 1157 sshbuf_reset(msg); 1158 1159 new_handle = get_handle(conn, id, &new_handle_len, 1160 "remote open(\"%s\")", newpath); 1161 if (new_handle == NULL) { 1162 sshbuf_free(msg); 1163 free(old_handle); 1164 return -1; 1165 } 1166 1167 /* Copy the file data */ 1168 id = conn->msg_id++; 1169 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1170 (r = sshbuf_put_u32(msg, id)) != 0 || 1171 (r = sshbuf_put_cstring(msg, "copy-data")) != 0 || 1172 (r = sshbuf_put_string(msg, old_handle, old_handle_len)) != 0 || 1173 (r = sshbuf_put_u64(msg, 0)) != 0 || 1174 (r = sshbuf_put_u64(msg, 0)) != 0 || 1175 (r = sshbuf_put_string(msg, new_handle, new_handle_len)) != 0 || 1176 (r = sshbuf_put_u64(msg, 0)) != 0) 1177 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 1178 send_msg(conn, msg); 1179 debug3("Sent message copy-data \"%s\" 0 0 -> \"%s\" 0", 1180 oldpath, newpath); 1181 1182 status = get_status(conn, id); 1183 if (status != SSH2_FX_OK) 1184 error("Couldn't copy file \"%s\" to \"%s\": %s", oldpath, 1185 newpath, fx2txt(status)); 1186 1187 /* Clean up everything */ 1188 sshbuf_free(msg); 1189 sftp_close(conn, old_handle, old_handle_len); 1190 sftp_close(conn, new_handle, new_handle_len); 1191 free(old_handle); 1192 free(new_handle); 1193 1194 return status == SSH2_FX_OK ? 0 : -1; 1195 } 1196 1197 int 1198 sftp_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath, 1199 int force_legacy) 1200 { 1201 struct sshbuf *msg; 1202 u_int status, id; 1203 int r, use_ext = (conn->exts & SFTP_EXT_POSIX_RENAME) && !force_legacy; 1204 1205 if ((msg = sshbuf_new()) == NULL) 1206 fatal_f("sshbuf_new failed"); 1207 1208 /* Send rename request */ 1209 id = conn->msg_id++; 1210 if (use_ext) { 1211 debug2("Sending SSH2_FXP_EXTENDED(posix-rename@openssh.com) " 1212 "\"%s\" to \"%s\"", oldpath, newpath); 1213 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1214 (r = sshbuf_put_u32(msg, id)) != 0 || 1215 (r = sshbuf_put_cstring(msg, 1216 "posix-rename@openssh.com")) != 0) 1217 fatal_fr(r, "compose posix-rename"); 1218 } else { 1219 debug2("Sending SSH2_FXP_RENAME \"%s\" to \"%s\"", 1220 oldpath, newpath); 1221 if ((r = sshbuf_put_u8(msg, SSH2_FXP_RENAME)) != 0 || 1222 (r = sshbuf_put_u32(msg, id)) != 0) 1223 fatal_fr(r, "compose rename"); 1224 } 1225 if ((r = sshbuf_put_cstring(msg, oldpath)) != 0 || 1226 (r = sshbuf_put_cstring(msg, newpath)) != 0) 1227 fatal_fr(r, "compose paths"); 1228 send_msg(conn, msg); 1229 debug3("Sent message %s \"%s\" -> \"%s\"", 1230 use_ext ? "posix-rename@openssh.com" : 1231 "SSH2_FXP_RENAME", oldpath, newpath); 1232 sshbuf_free(msg); 1233 1234 status = get_status(conn, id); 1235 if (status != SSH2_FX_OK) 1236 error("remote rename \"%s\" to \"%s\": %s", oldpath, 1237 newpath, fx2txt(status)); 1238 1239 return status == SSH2_FX_OK ? 0 : -1; 1240 } 1241 1242 int 1243 sftp_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath) 1244 { 1245 struct sshbuf *msg; 1246 u_int status, id; 1247 int r; 1248 1249 if ((conn->exts & SFTP_EXT_HARDLINK) == 0) { 1250 error("Server does not support hardlink@openssh.com extension"); 1251 return -1; 1252 } 1253 debug2("Sending SSH2_FXP_EXTENDED(hardlink@openssh.com) " 1254 "\"%s\" to \"%s\"", oldpath, newpath); 1255 1256 if ((msg = sshbuf_new()) == NULL) 1257 fatal_f("sshbuf_new failed"); 1258 1259 /* Send link request */ 1260 id = conn->msg_id++; 1261 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1262 (r = sshbuf_put_u32(msg, id)) != 0 || 1263 (r = sshbuf_put_cstring(msg, "hardlink@openssh.com")) != 0 || 1264 (r = sshbuf_put_cstring(msg, oldpath)) != 0 || 1265 (r = sshbuf_put_cstring(msg, newpath)) != 0) 1266 fatal_fr(r, "compose"); 1267 send_msg(conn, msg); 1268 debug3("Sent message hardlink@openssh.com \"%s\" -> \"%s\"", 1269 oldpath, newpath); 1270 sshbuf_free(msg); 1271 1272 status = get_status(conn, id); 1273 if (status != SSH2_FX_OK) 1274 error("remote link \"%s\" to \"%s\": %s", oldpath, 1275 newpath, fx2txt(status)); 1276 1277 return status == SSH2_FX_OK ? 0 : -1; 1278 } 1279 1280 int 1281 sftp_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath) 1282 { 1283 struct sshbuf *msg; 1284 u_int status, id; 1285 int r; 1286 1287 if (conn->version < 3) { 1288 error("This server does not support the symlink operation"); 1289 return(SSH2_FX_OP_UNSUPPORTED); 1290 } 1291 debug2("Sending SSH2_FXP_SYMLINK \"%s\" to \"%s\"", oldpath, newpath); 1292 1293 if ((msg = sshbuf_new()) == NULL) 1294 fatal_f("sshbuf_new failed"); 1295 1296 /* Send symlink request */ 1297 id = conn->msg_id++; 1298 if ((r = sshbuf_put_u8(msg, SSH2_FXP_SYMLINK)) != 0 || 1299 (r = sshbuf_put_u32(msg, id)) != 0 || 1300 (r = sshbuf_put_cstring(msg, oldpath)) != 0 || 1301 (r = sshbuf_put_cstring(msg, newpath)) != 0) 1302 fatal_fr(r, "compose"); 1303 send_msg(conn, msg); 1304 debug3("Sent message SSH2_FXP_SYMLINK \"%s\" -> \"%s\"", oldpath, 1305 newpath); 1306 sshbuf_free(msg); 1307 1308 status = get_status(conn, id); 1309 if (status != SSH2_FX_OK) 1310 error("remote symlink file \"%s\" to \"%s\": %s", oldpath, 1311 newpath, fx2txt(status)); 1312 1313 return status == SSH2_FX_OK ? 0 : -1; 1314 } 1315 1316 int 1317 sftp_fsync(struct sftp_conn *conn, u_char *handle, u_int handle_len) 1318 { 1319 struct sshbuf *msg; 1320 u_int status, id; 1321 int r; 1322 1323 /* Silently return if the extension is not supported */ 1324 if ((conn->exts & SFTP_EXT_FSYNC) == 0) 1325 return -1; 1326 debug2("Sending SSH2_FXP_EXTENDED(fsync@openssh.com)"); 1327 1328 /* Send fsync request */ 1329 if ((msg = sshbuf_new()) == NULL) 1330 fatal_f("sshbuf_new failed"); 1331 id = conn->msg_id++; 1332 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1333 (r = sshbuf_put_u32(msg, id)) != 0 || 1334 (r = sshbuf_put_cstring(msg, "fsync@openssh.com")) != 0 || 1335 (r = sshbuf_put_string(msg, handle, handle_len)) != 0) 1336 fatal_fr(r, "compose"); 1337 send_msg(conn, msg); 1338 debug3("Sent message fsync@openssh.com I:%u", id); 1339 sshbuf_free(msg); 1340 1341 status = get_status(conn, id); 1342 if (status != SSH2_FX_OK) 1343 error("remote fsync: %s", fx2txt(status)); 1344 1345 return status == SSH2_FX_OK ? 0 : -1; 1346 } 1347 1348 #ifdef notyet 1349 char * 1350 sftp_readlink(struct sftp_conn *conn, const char *path) 1351 { 1352 struct sshbuf *msg; 1353 u_int expected_id, count, id; 1354 char *filename, *longname; 1355 Attrib a; 1356 u_char type; 1357 int r; 1358 1359 debug2("Sending SSH2_FXP_READLINK \"%s\"", path); 1360 1361 expected_id = id = conn->msg_id++; 1362 send_string_request(conn, id, SSH2_FXP_READLINK, path, strlen(path)); 1363 1364 if ((msg = sshbuf_new()) == NULL) 1365 fatal_f("sshbuf_new failed"); 1366 1367 get_msg(conn, msg); 1368 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 1369 (r = sshbuf_get_u32(msg, &id)) != 0) 1370 fatal_fr(r, "parse"); 1371 1372 if (id != expected_id) 1373 fatal("ID mismatch (%u != %u)", id, expected_id); 1374 1375 if (type == SSH2_FXP_STATUS) { 1376 u_int status; 1377 1378 if ((r = sshbuf_get_u32(msg, &status)) != 0) 1379 fatal_fr(r, "parse status"); 1380 error("Couldn't readlink: %s", fx2txt(status)); 1381 sshbuf_free(msg); 1382 return(NULL); 1383 } else if (type != SSH2_FXP_NAME) 1384 fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", 1385 SSH2_FXP_NAME, type); 1386 1387 if ((r = sshbuf_get_u32(msg, &count)) != 0) 1388 fatal_fr(r, "parse count"); 1389 if (count != 1) 1390 fatal("Got multiple names (%d) from SSH_FXP_READLINK", count); 1391 1392 if ((r = sshbuf_get_cstring(msg, &filename, NULL)) != 0 || 1393 (r = sshbuf_get_cstring(msg, &longname, NULL)) != 0 || 1394 (r = decode_attrib(msg, &a)) != 0) 1395 fatal_fr(r, "parse filenames/attrib"); 1396 1397 debug3("SSH_FXP_READLINK %s -> %s", path, filename); 1398 1399 free(longname); 1400 1401 sshbuf_free(msg); 1402 1403 return filename; 1404 } 1405 #endif 1406 1407 int 1408 sftp_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st, 1409 int quiet) 1410 { 1411 struct sshbuf *msg; 1412 u_int id; 1413 int r; 1414 1415 if ((conn->exts & SFTP_EXT_STATVFS) == 0) { 1416 error("Server does not support statvfs@openssh.com extension"); 1417 return -1; 1418 } 1419 1420 debug2("Sending SSH2_FXP_EXTENDED(statvfs@openssh.com) \"%s\"", path); 1421 1422 id = conn->msg_id++; 1423 1424 if ((msg = sshbuf_new()) == NULL) 1425 fatal_f("sshbuf_new failed"); 1426 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1427 (r = sshbuf_put_u32(msg, id)) != 0 || 1428 (r = sshbuf_put_cstring(msg, "statvfs@openssh.com")) != 0 || 1429 (r = sshbuf_put_cstring(msg, path)) != 0) 1430 fatal_fr(r, "compose"); 1431 send_msg(conn, msg); 1432 sshbuf_free(msg); 1433 1434 return get_decode_statvfs(conn, st, id, quiet); 1435 } 1436 1437 #ifdef notyet 1438 int 1439 sftp_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len, 1440 struct sftp_statvfs *st, int quiet) 1441 { 1442 struct sshbuf *msg; 1443 u_int id; 1444 1445 if ((conn->exts & SFTP_EXT_FSTATVFS) == 0) { 1446 error("Server does not support fstatvfs@openssh.com extension"); 1447 return -1; 1448 } 1449 1450 debug2("Sending SSH2_FXP_EXTENDED(fstatvfs@openssh.com)"); 1451 1452 id = conn->msg_id++; 1453 1454 if ((msg = sshbuf_new()) == NULL) 1455 fatal_f("sshbuf_new failed"); 1456 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1457 (r = sshbuf_put_u32(msg, id)) != 0 || 1458 (r = sshbuf_put_cstring(msg, "fstatvfs@openssh.com")) != 0 || 1459 (r = sshbuf_put_string(msg, handle, handle_len)) != 0) 1460 fatal_fr(r, "compose"); 1461 send_msg(conn, msg); 1462 sshbuf_free(msg); 1463 1464 return get_decode_statvfs(conn, st, id, quiet); 1465 } 1466 #endif 1467 1468 int 1469 sftp_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a) 1470 { 1471 struct sshbuf *msg; 1472 u_int status, id; 1473 int r; 1474 1475 if ((conn->exts & SFTP_EXT_LSETSTAT) == 0) { 1476 error("Server does not support lsetstat@openssh.com extension"); 1477 return -1; 1478 } 1479 1480 debug2("Sending SSH2_FXP_EXTENDED(lsetstat@openssh.com) \"%s\"", path); 1481 1482 id = conn->msg_id++; 1483 if ((msg = sshbuf_new()) == NULL) 1484 fatal_f("sshbuf_new failed"); 1485 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 1486 (r = sshbuf_put_u32(msg, id)) != 0 || 1487 (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 || 1488 (r = sshbuf_put_cstring(msg, path)) != 0 || 1489 (r = encode_attrib(msg, a)) != 0) 1490 fatal_fr(r, "compose"); 1491 send_msg(conn, msg); 1492 sshbuf_free(msg); 1493 1494 status = get_status(conn, id); 1495 if (status != SSH2_FX_OK) 1496 error("remote lsetstat \"%s\": %s", path, fx2txt(status)); 1497 1498 return status == SSH2_FX_OK ? 0 : -1; 1499 } 1500 1501 static void 1502 send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset, 1503 u_int len, const u_char *handle, u_int handle_len) 1504 { 1505 struct sshbuf *msg; 1506 int r; 1507 1508 if ((msg = sshbuf_new()) == NULL) 1509 fatal_f("sshbuf_new failed"); 1510 if ((r = sshbuf_put_u8(msg, SSH2_FXP_READ)) != 0 || 1511 (r = sshbuf_put_u32(msg, id)) != 0 || 1512 (r = sshbuf_put_string(msg, handle, handle_len)) != 0 || 1513 (r = sshbuf_put_u64(msg, offset)) != 0 || 1514 (r = sshbuf_put_u32(msg, len)) != 0) 1515 fatal_fr(r, "compose"); 1516 send_msg(conn, msg); 1517 sshbuf_free(msg); 1518 } 1519 1520 static int 1521 send_open(struct sftp_conn *conn, const char *path, const char *tag, 1522 u_int openmode, Attrib *a, u_char **handlep, size_t *handle_lenp) 1523 { 1524 Attrib junk; 1525 u_char *handle; 1526 size_t handle_len; 1527 struct sshbuf *msg; 1528 int r; 1529 u_int id; 1530 1531 debug2("Sending SSH2_FXP_OPEN \"%s\"", path); 1532 1533 *handlep = NULL; 1534 *handle_lenp = 0; 1535 1536 if (a == NULL) { 1537 attrib_clear(&junk); /* Send empty attributes */ 1538 a = &junk; 1539 } 1540 /* Send open request */ 1541 if ((msg = sshbuf_new()) == NULL) 1542 fatal_f("sshbuf_new failed"); 1543 id = conn->msg_id++; 1544 if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 || 1545 (r = sshbuf_put_u32(msg, id)) != 0 || 1546 (r = sshbuf_put_cstring(msg, path)) != 0 || 1547 (r = sshbuf_put_u32(msg, openmode)) != 0 || 1548 (r = encode_attrib(msg, a)) != 0) 1549 fatal_fr(r, "compose %s open", tag); 1550 send_msg(conn, msg); 1551 sshbuf_free(msg); 1552 debug3("Sent %s message SSH2_FXP_OPEN I:%u P:%s M:0x%04x", 1553 tag, id, path, openmode); 1554 if ((handle = get_handle(conn, id, &handle_len, 1555 "%s open \"%s\"", tag, path)) == NULL) 1556 return -1; 1557 /* success */ 1558 *handlep = handle; 1559 *handle_lenp = handle_len; 1560 return 0; 1561 } 1562 1563 static const char * 1564 progress_meter_path(const char *path) 1565 { 1566 const char *progresspath; 1567 1568 if ((progresspath = strrchr(path, '/')) == NULL) 1569 return path; 1570 progresspath++; 1571 if (*progresspath == '\0') 1572 return path; 1573 return progresspath; 1574 } 1575 1576 int 1577 sftp_download(struct sftp_conn *conn, const char *remote_path, 1578 const char *local_path, Attrib *a, int preserve_flag, int resume_flag, 1579 int fsync_flag, int inplace_flag) 1580 { 1581 struct sshbuf *msg; 1582 u_char *handle; 1583 int local_fd = -1, write_error; 1584 int read_error, write_errno, lmodified = 0, reordered = 0, r; 1585 u_int64_t offset = 0, size, highwater = 0, maxack = 0; 1586 u_int mode, id, buflen, num_req, max_req, status = SSH2_FX_OK; 1587 off_t progress_counter; 1588 size_t handle_len; 1589 struct stat st; 1590 struct requests requests; 1591 struct request *req; 1592 u_char type; 1593 Attrib attr; 1594 1595 debug2_f("download remote \"%s\" to local \"%s\"", 1596 remote_path, local_path); 1597 1598 TAILQ_INIT(&requests); 1599 1600 if (a == NULL) { 1601 if (sftp_stat(conn, remote_path, 0, &attr) != 0) 1602 return -1; 1603 a = &attr; 1604 } 1605 1606 /* Do not preserve set[ug]id here, as we do not preserve ownership */ 1607 if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) 1608 mode = a->perm & 0777; 1609 else 1610 mode = 0666; 1611 1612 if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && 1613 (!S_ISREG(a->perm))) { 1614 error("download %s: not a regular file", remote_path); 1615 return(-1); 1616 } 1617 1618 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) 1619 size = a->size; 1620 else 1621 size = 0; 1622 1623 buflen = conn->download_buflen; 1624 1625 /* Send open request */ 1626 if (send_open(conn, remote_path, "remote", SSH2_FXF_READ, NULL, 1627 &handle, &handle_len) != 0) 1628 return -1; 1629 1630 local_fd = open(local_path, O_WRONLY | O_CREAT | 1631 ((resume_flag || inplace_flag) ? 0 : O_TRUNC), mode | S_IWUSR); 1632 if (local_fd == -1) { 1633 error("open local \"%s\": %s", local_path, strerror(errno)); 1634 goto fail; 1635 } 1636 if (resume_flag) { 1637 if (fstat(local_fd, &st) == -1) { 1638 error("stat local \"%s\": %s", 1639 local_path, strerror(errno)); 1640 goto fail; 1641 } 1642 if (st.st_size < 0) { 1643 error("\"%s\" has negative size", local_path); 1644 goto fail; 1645 } 1646 if ((u_int64_t)st.st_size > size) { 1647 error("Unable to resume download of \"%s\": " 1648 "local file is larger than remote", local_path); 1649 fail: 1650 sftp_close(conn, handle, handle_len); 1651 free(handle); 1652 if (local_fd != -1) 1653 close(local_fd); 1654 return -1; 1655 } 1656 offset = highwater = maxack = st.st_size; 1657 } 1658 1659 /* Read from remote and write to local */ 1660 write_error = read_error = write_errno = num_req = 0; 1661 max_req = 1; 1662 progress_counter = offset; 1663 1664 if (showprogress && size != 0) { 1665 start_progress_meter(progress_meter_path(remote_path), 1666 size, &progress_counter); 1667 } 1668 1669 if ((msg = sshbuf_new()) == NULL) 1670 fatal_f("sshbuf_new failed"); 1671 1672 while (num_req > 0 || max_req > 0) { 1673 u_char *data; 1674 size_t len; 1675 1676 /* 1677 * Simulate EOF on interrupt: stop sending new requests and 1678 * allow outstanding requests to drain gracefully 1679 */ 1680 if (interrupted) { 1681 if (num_req == 0) /* If we haven't started yet... */ 1682 break; 1683 max_req = 0; 1684 } 1685 1686 /* Send some more requests */ 1687 while (num_req < max_req) { 1688 debug3("Request range %llu -> %llu (%d/%d)", 1689 (unsigned long long)offset, 1690 (unsigned long long)offset + buflen - 1, 1691 num_req, max_req); 1692 req = request_enqueue(&requests, conn->msg_id++, 1693 buflen, offset); 1694 offset += buflen; 1695 num_req++; 1696 send_read_request(conn, req->id, req->offset, 1697 req->len, handle, handle_len); 1698 } 1699 1700 sshbuf_reset(msg); 1701 get_msg(conn, msg); 1702 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 1703 (r = sshbuf_get_u32(msg, &id)) != 0) 1704 fatal_fr(r, "parse"); 1705 debug3("Received reply T:%u I:%u R:%d", type, id, max_req); 1706 1707 /* Find the request in our queue */ 1708 if ((req = request_find(&requests, id)) == NULL) 1709 fatal("Unexpected reply %u", id); 1710 1711 switch (type) { 1712 case SSH2_FXP_STATUS: 1713 if ((r = sshbuf_get_u32(msg, &status)) != 0) 1714 fatal_fr(r, "parse status"); 1715 if (status != SSH2_FX_EOF) 1716 read_error = 1; 1717 max_req = 0; 1718 TAILQ_REMOVE(&requests, req, tq); 1719 free(req); 1720 num_req--; 1721 break; 1722 case SSH2_FXP_DATA: 1723 if ((r = sshbuf_get_string(msg, &data, &len)) != 0) 1724 fatal_fr(r, "parse data"); 1725 debug3("Received data %llu -> %llu", 1726 (unsigned long long)req->offset, 1727 (unsigned long long)req->offset + len - 1); 1728 if (len > req->len) 1729 fatal("Received more data than asked for " 1730 "%zu > %zu", len, req->len); 1731 lmodified = 1; 1732 if ((lseek(local_fd, req->offset, SEEK_SET) == -1 || 1733 atomicio(vwrite, local_fd, data, len) != len) && 1734 !write_error) { 1735 write_errno = errno; 1736 write_error = 1; 1737 max_req = 0; 1738 } else { 1739 /* 1740 * Track both the highest offset acknowledged 1741 * and the highest *contiguous* offset 1742 * acknowledged. 1743 * We'll need the latter for ftruncate()ing 1744 * interrupted transfers. 1745 */ 1746 if (maxack < req->offset + len) 1747 maxack = req->offset + len; 1748 if (!reordered && req->offset <= highwater) 1749 highwater = maxack; 1750 else if (!reordered && req->offset > highwater) 1751 reordered = 1; 1752 } 1753 progress_counter += len; 1754 free(data); 1755 1756 if (len == req->len) { 1757 TAILQ_REMOVE(&requests, req, tq); 1758 free(req); 1759 num_req--; 1760 } else { 1761 /* Resend the request for the missing data */ 1762 debug3("Short data block, re-requesting " 1763 "%llu -> %llu (%2d)", 1764 (unsigned long long)req->offset + len, 1765 (unsigned long long)req->offset + 1766 req->len - 1, num_req); 1767 req->id = conn->msg_id++; 1768 req->len -= len; 1769 req->offset += len; 1770 send_read_request(conn, req->id, 1771 req->offset, req->len, handle, handle_len); 1772 /* Reduce the request size */ 1773 if (len < buflen) 1774 buflen = MAXIMUM(MIN_READ_SIZE, len); 1775 } 1776 if (max_req > 0) { /* max_req = 0 iff EOF received */ 1777 if (size > 0 && offset > size) { 1778 /* Only one request at a time 1779 * after the expected EOF */ 1780 debug3("Finish at %llu (%2d)", 1781 (unsigned long long)offset, 1782 num_req); 1783 max_req = 1; 1784 } else if (max_req < conn->num_requests) { 1785 ++max_req; 1786 } 1787 } 1788 break; 1789 default: 1790 fatal("Expected SSH2_FXP_DATA(%u) packet, got %u", 1791 SSH2_FXP_DATA, type); 1792 } 1793 } 1794 1795 if (showprogress && size) 1796 stop_progress_meter(); 1797 1798 /* Sanity check */ 1799 if (TAILQ_FIRST(&requests) != NULL) 1800 fatal("Transfer complete, but requests still in queue"); 1801 1802 if (!read_error && !write_error && !interrupted) { 1803 /* we got everything */ 1804 highwater = maxack; 1805 } 1806 1807 /* 1808 * Truncate at highest contiguous point to avoid holes on interrupt, 1809 * or unconditionally if writing in place. 1810 */ 1811 if (inplace_flag || read_error || write_error || interrupted) { 1812 if (reordered && resume_flag && 1813 (read_error || write_error || interrupted)) { 1814 error("Unable to resume download of \"%s\": " 1815 "server reordered requests", local_path); 1816 } 1817 debug("truncating at %llu", (unsigned long long)highwater); 1818 if (ftruncate(local_fd, highwater) == -1) 1819 error("local ftruncate \"%s\": %s", local_path, 1820 strerror(errno)); 1821 } 1822 if (read_error) { 1823 error("read remote \"%s\" : %s", remote_path, fx2txt(status)); 1824 status = -1; 1825 sftp_close(conn, handle, handle_len); 1826 } else if (write_error) { 1827 error("write local \"%s\": %s", local_path, 1828 strerror(write_errno)); 1829 status = SSH2_FX_FAILURE; 1830 sftp_close(conn, handle, handle_len); 1831 } else { 1832 if (sftp_close(conn, handle, handle_len) != 0 || interrupted) 1833 status = SSH2_FX_FAILURE; 1834 else 1835 status = SSH2_FX_OK; 1836 /* Override umask and utimes if asked */ 1837 if (preserve_flag && fchmod(local_fd, mode) == -1) 1838 error("local chmod \"%s\": %s", local_path, 1839 strerror(errno)); 1840 if (preserve_flag && 1841 (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) { 1842 struct timeval tv[2]; 1843 tv[0].tv_sec = a->atime; 1844 tv[1].tv_sec = a->mtime; 1845 tv[0].tv_usec = tv[1].tv_usec = 0; 1846 if (utimes(local_path, tv) == -1) 1847 error("local set times \"%s\": %s", 1848 local_path, strerror(errno)); 1849 } 1850 if (resume_flag && !lmodified) 1851 logit("File \"%s\" was not modified", local_path); 1852 else if (fsync_flag) { 1853 debug("syncing \"%s\"", local_path); 1854 if (fsync(local_fd) == -1) 1855 error("local sync \"%s\": %s", 1856 local_path, strerror(errno)); 1857 } 1858 } 1859 close(local_fd); 1860 sshbuf_free(msg); 1861 free(handle); 1862 1863 return status == SSH2_FX_OK ? 0 : -1; 1864 } 1865 1866 static int 1867 download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, 1868 int depth, Attrib *dirattrib, int preserve_flag, int print_flag, 1869 int resume_flag, int fsync_flag, int follow_link_flag, int inplace_flag) 1870 { 1871 int i, ret = 0; 1872 SFTP_DIRENT **dir_entries; 1873 char *filename, *new_src = NULL, *new_dst = NULL; 1874 mode_t mode = 0777, tmpmode = mode; 1875 Attrib *a, ldirattrib, lsym; 1876 1877 if (depth >= MAX_DIR_DEPTH) { 1878 error("Maximum directory depth exceeded: %d levels", depth); 1879 return -1; 1880 } 1881 1882 debug2_f("download dir remote \"%s\" to local \"%s\"", src, dst); 1883 1884 if (dirattrib == NULL) { 1885 if (sftp_stat(conn, src, 1, &ldirattrib) != 0) { 1886 error("stat remote \"%s\" directory failed", src); 1887 return -1; 1888 } 1889 dirattrib = &ldirattrib; 1890 } 1891 if (!S_ISDIR(dirattrib->perm)) { 1892 error("\"%s\" is not a directory", src); 1893 return -1; 1894 } 1895 if (print_flag && print_flag != SFTP_PROGRESS_ONLY) 1896 mprintf("Retrieving %s\n", src); 1897 1898 if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { 1899 mode = dirattrib->perm & 01777; 1900 tmpmode = mode | (S_IWUSR|S_IXUSR); 1901 } else { 1902 debug("download remote \"%s\": server " 1903 "did not send permissions", dst); 1904 } 1905 1906 if (mkdir(dst, tmpmode) == -1 && errno != EEXIST) { 1907 error("mkdir %s: %s", dst, strerror(errno)); 1908 return -1; 1909 } 1910 1911 if (sftp_readdir(conn, src, &dir_entries) == -1) { 1912 error("remote readdir \"%s\" failed", src); 1913 return -1; 1914 } 1915 1916 for (i = 0; dir_entries[i] != NULL && !interrupted; i++) { 1917 free(new_dst); 1918 free(new_src); 1919 1920 filename = dir_entries[i]->filename; 1921 new_dst = sftp_path_append(dst, filename); 1922 new_src = sftp_path_append(src, filename); 1923 1924 a = &dir_entries[i]->a; 1925 if (S_ISLNK(a->perm)) { 1926 if (!follow_link_flag) { 1927 logit("download \"%s\": not a regular file", 1928 new_src); 1929 continue; 1930 } 1931 /* Replace the stat contents with the symlink target */ 1932 if (sftp_stat(conn, new_src, 1, &lsym) != 0) { 1933 logit("remote stat \"%s\" failed", new_src); 1934 ret = -1; 1935 continue; 1936 } 1937 a = &lsym; 1938 } 1939 1940 if (S_ISDIR(a->perm)) { 1941 if (strcmp(filename, ".") == 0 || 1942 strcmp(filename, "..") == 0) 1943 continue; 1944 if (download_dir_internal(conn, new_src, new_dst, 1945 depth + 1, a, preserve_flag, 1946 print_flag, resume_flag, 1947 fsync_flag, follow_link_flag, inplace_flag) == -1) 1948 ret = -1; 1949 } else if (S_ISREG(a->perm)) { 1950 if (sftp_download(conn, new_src, new_dst, a, 1951 preserve_flag, resume_flag, fsync_flag, 1952 inplace_flag) == -1) { 1953 error("Download of file %s to %s failed", 1954 new_src, new_dst); 1955 ret = -1; 1956 } 1957 } else 1958 logit("download \"%s\": not a regular file", new_src); 1959 1960 } 1961 free(new_dst); 1962 free(new_src); 1963 1964 if (preserve_flag) { 1965 if (dirattrib->flags & SSH2_FILEXFER_ATTR_ACMODTIME) { 1966 struct timeval tv[2]; 1967 tv[0].tv_sec = dirattrib->atime; 1968 tv[1].tv_sec = dirattrib->mtime; 1969 tv[0].tv_usec = tv[1].tv_usec = 0; 1970 if (utimes(dst, tv) == -1) 1971 error("local set times on \"%s\": %s", 1972 dst, strerror(errno)); 1973 } else 1974 debug("Server did not send times for directory " 1975 "\"%s\"", dst); 1976 } 1977 1978 if (mode != tmpmode && chmod(dst, mode) == -1) 1979 error("local chmod directory \"%s\": %s", dst, 1980 strerror(errno)); 1981 1982 sftp_free_dirents(dir_entries); 1983 1984 return ret; 1985 } 1986 1987 int 1988 sftp_download_dir(struct sftp_conn *conn, const char *src, const char *dst, 1989 Attrib *dirattrib, int preserve_flag, int print_flag, int resume_flag, 1990 int fsync_flag, int follow_link_flag, int inplace_flag) 1991 { 1992 char *src_canon; 1993 int ret; 1994 1995 if ((src_canon = sftp_realpath(conn, src)) == NULL) { 1996 error("download \"%s\": path canonicalization failed", src); 1997 return -1; 1998 } 1999 2000 ret = download_dir_internal(conn, src_canon, dst, 0, 2001 dirattrib, preserve_flag, print_flag, resume_flag, fsync_flag, 2002 follow_link_flag, inplace_flag); 2003 free(src_canon); 2004 return ret; 2005 } 2006 2007 int 2008 sftp_upload(struct sftp_conn *conn, const char *local_path, 2009 const char *remote_path, int preserve_flag, int resume, 2010 int fsync_flag, int inplace_flag) 2011 { 2012 int r, local_fd; 2013 u_int openmode, id, status = SSH2_FX_OK, reordered = 0; 2014 off_t offset, progress_counter; 2015 u_char type, *handle, *data; 2016 struct sshbuf *msg; 2017 struct stat sb; 2018 Attrib a, t, c; 2019 u_int32_t startid, ackid; 2020 u_int64_t highwater = 0, maxack = 0; 2021 struct request *ack = NULL; 2022 struct requests acks; 2023 size_t handle_len; 2024 2025 debug2_f("upload local \"%s\" to remote \"%s\"", 2026 local_path, remote_path); 2027 2028 TAILQ_INIT(&acks); 2029 2030 if ((local_fd = open(local_path, O_RDONLY)) == -1) { 2031 error("open local \"%s\": %s", local_path, strerror(errno)); 2032 return(-1); 2033 } 2034 if (fstat(local_fd, &sb) == -1) { 2035 error("fstat local \"%s\": %s", local_path, strerror(errno)); 2036 close(local_fd); 2037 return(-1); 2038 } 2039 if (!S_ISREG(sb.st_mode)) { 2040 error("local \"%s\" is not a regular file", local_path); 2041 close(local_fd); 2042 return(-1); 2043 } 2044 stat_to_attrib(&sb, &a); 2045 2046 a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; 2047 a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID; 2048 a.perm &= 0777; 2049 if (!preserve_flag) 2050 a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME; 2051 2052 if (resume) { 2053 /* Get remote file size if it exists */ 2054 if (sftp_stat(conn, remote_path, 0, &c) != 0) { 2055 close(local_fd); 2056 return -1; 2057 } 2058 2059 if ((off_t)c.size >= sb.st_size) { 2060 error("resume \"%s\": destination file " 2061 "same size or larger", local_path); 2062 close(local_fd); 2063 return -1; 2064 } 2065 2066 if (lseek(local_fd, (off_t)c.size, SEEK_SET) == -1) { 2067 close(local_fd); 2068 return -1; 2069 } 2070 } 2071 2072 openmode = SSH2_FXF_WRITE|SSH2_FXF_CREAT; 2073 if (resume) 2074 openmode |= SSH2_FXF_APPEND; 2075 else if (!inplace_flag) 2076 openmode |= SSH2_FXF_TRUNC; 2077 2078 /* Send open request */ 2079 if (send_open(conn, remote_path, "dest", openmode, &a, 2080 &handle, &handle_len) != 0) { 2081 close(local_fd); 2082 return -1; 2083 } 2084 2085 id = conn->msg_id; 2086 startid = ackid = id + 1; 2087 data = xmalloc(conn->upload_buflen); 2088 2089 /* Read from local and write to remote */ 2090 offset = progress_counter = (resume ? c.size : 0); 2091 if (showprogress) { 2092 start_progress_meter(progress_meter_path(local_path), 2093 sb.st_size, &progress_counter); 2094 } 2095 2096 if ((msg = sshbuf_new()) == NULL) 2097 fatal_f("sshbuf_new failed"); 2098 for (;;) { 2099 int len; 2100 2101 /* 2102 * Can't use atomicio here because it returns 0 on EOF, 2103 * thus losing the last block of the file. 2104 * Simulate an EOF on interrupt, allowing ACKs from the 2105 * server to drain. 2106 */ 2107 if (interrupted || status != SSH2_FX_OK) 2108 len = 0; 2109 else do 2110 len = read(local_fd, data, conn->upload_buflen); 2111 while ((len == -1) && (errno == EINTR || errno == EAGAIN)); 2112 2113 if (len == -1) { 2114 fatal("read local \"%s\": %s", 2115 local_path, strerror(errno)); 2116 } else if (len != 0) { 2117 ack = request_enqueue(&acks, ++id, len, offset); 2118 sshbuf_reset(msg); 2119 if ((r = sshbuf_put_u8(msg, SSH2_FXP_WRITE)) != 0 || 2120 (r = sshbuf_put_u32(msg, ack->id)) != 0 || 2121 (r = sshbuf_put_string(msg, handle, 2122 handle_len)) != 0 || 2123 (r = sshbuf_put_u64(msg, offset)) != 0 || 2124 (r = sshbuf_put_string(msg, data, len)) != 0) 2125 fatal_fr(r, "compose"); 2126 send_msg(conn, msg); 2127 debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%u", 2128 id, (unsigned long long)offset, len); 2129 } else if (TAILQ_FIRST(&acks) == NULL) 2130 break; 2131 2132 if (ack == NULL) 2133 fatal("Unexpected ACK %u", id); 2134 2135 if (id == startid || len == 0 || 2136 id - ackid >= conn->num_requests) { 2137 u_int rid; 2138 2139 sshbuf_reset(msg); 2140 get_msg(conn, msg); 2141 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 2142 (r = sshbuf_get_u32(msg, &rid)) != 0) 2143 fatal_fr(r, "parse"); 2144 2145 if (type != SSH2_FXP_STATUS) 2146 fatal("Expected SSH2_FXP_STATUS(%d) packet, " 2147 "got %d", SSH2_FXP_STATUS, type); 2148 2149 if ((r = sshbuf_get_u32(msg, &status)) != 0) 2150 fatal_fr(r, "parse status"); 2151 debug3("SSH2_FXP_STATUS %u", status); 2152 2153 /* Find the request in our queue */ 2154 if ((ack = request_find(&acks, rid)) == NULL) 2155 fatal("Can't find request for ID %u", rid); 2156 TAILQ_REMOVE(&acks, ack, tq); 2157 debug3("In write loop, ack for %u %zu bytes at %lld", 2158 ack->id, ack->len, (unsigned long long)ack->offset); 2159 ++ackid; 2160 progress_counter += ack->len; 2161 /* 2162 * Track both the highest offset acknowledged and the 2163 * highest *contiguous* offset acknowledged. 2164 * We'll need the latter for ftruncate()ing 2165 * interrupted transfers. 2166 */ 2167 if (maxack < ack->offset + ack->len) 2168 maxack = ack->offset + ack->len; 2169 if (!reordered && ack->offset <= highwater) 2170 highwater = maxack; 2171 else if (!reordered && ack->offset > highwater) { 2172 debug3_f("server reordered ACKs"); 2173 reordered = 1; 2174 } 2175 free(ack); 2176 } 2177 offset += len; 2178 if (offset < 0) 2179 fatal_f("offset < 0"); 2180 } 2181 sshbuf_free(msg); 2182 2183 if (showprogress) 2184 stop_progress_meter(); 2185 free(data); 2186 2187 if (status == SSH2_FX_OK && !interrupted) { 2188 /* we got everything */ 2189 highwater = maxack; 2190 } 2191 if (status != SSH2_FX_OK) { 2192 error("write remote \"%s\": %s", remote_path, fx2txt(status)); 2193 status = SSH2_FX_FAILURE; 2194 } 2195 2196 if (inplace_flag || (resume && (status != SSH2_FX_OK || interrupted))) { 2197 debug("truncating at %llu", (unsigned long long)highwater); 2198 attrib_clear(&t); 2199 t.flags = SSH2_FILEXFER_ATTR_SIZE; 2200 t.size = highwater; 2201 sftp_fsetstat(conn, handle, handle_len, &t); 2202 } 2203 2204 if (close(local_fd) == -1) { 2205 error("close local \"%s\": %s", local_path, strerror(errno)); 2206 status = SSH2_FX_FAILURE; 2207 } 2208 2209 /* Override umask and utimes if asked */ 2210 if (preserve_flag) 2211 sftp_fsetstat(conn, handle, handle_len, &a); 2212 2213 if (fsync_flag) 2214 (void)sftp_fsync(conn, handle, handle_len); 2215 2216 if (sftp_close(conn, handle, handle_len) != 0) 2217 status = SSH2_FX_FAILURE; 2218 2219 free(handle); 2220 2221 return status == SSH2_FX_OK ? 0 : -1; 2222 } 2223 2224 static int 2225 upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, 2226 int depth, int preserve_flag, int print_flag, int resume, int fsync_flag, 2227 int follow_link_flag, int inplace_flag) 2228 { 2229 int ret = 0; 2230 DIR *dirp; 2231 struct dirent *dp; 2232 char *filename, *new_src = NULL, *new_dst = NULL; 2233 struct stat sb; 2234 Attrib a, dirattrib; 2235 u_int32_t saved_perm; 2236 2237 debug2_f("upload local dir \"%s\" to remote \"%s\"", src, dst); 2238 2239 if (depth >= MAX_DIR_DEPTH) { 2240 error("Maximum directory depth exceeded: %d levels", depth); 2241 return -1; 2242 } 2243 2244 if (stat(src, &sb) == -1) { 2245 error("stat local \"%s\": %s", src, strerror(errno)); 2246 return -1; 2247 } 2248 if (!S_ISDIR(sb.st_mode)) { 2249 error("\"%s\" is not a directory", src); 2250 return -1; 2251 } 2252 if (print_flag && print_flag != SFTP_PROGRESS_ONLY) 2253 mprintf("Entering %s\n", src); 2254 2255 stat_to_attrib(&sb, &a); 2256 a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; 2257 a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID; 2258 a.perm &= 01777; 2259 if (!preserve_flag) 2260 a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME; 2261 2262 /* 2263 * sftp lacks a portable status value to match errno EEXIST, 2264 * so if we get a failure back then we must check whether 2265 * the path already existed and is a directory. Ensure we can 2266 * write to the directory we create for the duration of the transfer. 2267 */ 2268 saved_perm = a.perm; 2269 a.perm |= (S_IWUSR|S_IXUSR); 2270 if (sftp_mkdir(conn, dst, &a, 0) != 0) { 2271 if (sftp_stat(conn, dst, 0, &dirattrib) != 0) 2272 return -1; 2273 if (!S_ISDIR(dirattrib.perm)) { 2274 error("\"%s\" exists but is not a directory", dst); 2275 return -1; 2276 } 2277 } 2278 a.perm = saved_perm; 2279 2280 if ((dirp = opendir(src)) == NULL) { 2281 error("local opendir \"%s\": %s", src, strerror(errno)); 2282 return -1; 2283 } 2284 2285 while (((dp = readdir(dirp)) != NULL) && !interrupted) { 2286 if (dp->d_ino == 0) 2287 continue; 2288 free(new_dst); 2289 free(new_src); 2290 filename = dp->d_name; 2291 new_dst = sftp_path_append(dst, filename); 2292 new_src = sftp_path_append(src, filename); 2293 2294 if (strcmp(filename, ".") == 0 || strcmp(filename, "..") == 0) 2295 continue; 2296 if (lstat(new_src, &sb) == -1) { 2297 logit("local lstat \"%s\": %s", filename, 2298 strerror(errno)); 2299 ret = -1; 2300 continue; 2301 } 2302 if (S_ISLNK(sb.st_mode)) { 2303 if (!follow_link_flag) { 2304 logit("%s: not a regular file", filename); 2305 continue; 2306 } 2307 /* Replace the stat contents with the symlink target */ 2308 if (stat(new_src, &sb) == -1) { 2309 logit("local stat \"%s\": %s", filename, 2310 strerror(errno)); 2311 ret = -1; 2312 continue; 2313 } 2314 } 2315 if (S_ISDIR(sb.st_mode)) { 2316 if (upload_dir_internal(conn, new_src, new_dst, 2317 depth + 1, preserve_flag, print_flag, resume, 2318 fsync_flag, follow_link_flag, inplace_flag) == -1) 2319 ret = -1; 2320 } else if (S_ISREG(sb.st_mode)) { 2321 if (sftp_upload(conn, new_src, new_dst, 2322 preserve_flag, resume, fsync_flag, 2323 inplace_flag) == -1) { 2324 error("upload \"%s\" to \"%s\" failed", 2325 new_src, new_dst); 2326 ret = -1; 2327 } 2328 } else 2329 logit("%s: not a regular file", filename); 2330 } 2331 free(new_dst); 2332 free(new_src); 2333 2334 sftp_setstat(conn, dst, &a); 2335 2336 (void) closedir(dirp); 2337 return ret; 2338 } 2339 2340 int 2341 sftp_upload_dir(struct sftp_conn *conn, const char *src, const char *dst, 2342 int preserve_flag, int print_flag, int resume, int fsync_flag, 2343 int follow_link_flag, int inplace_flag) 2344 { 2345 char *dst_canon; 2346 int ret; 2347 2348 if ((dst_canon = sftp_realpath(conn, dst)) == NULL) { 2349 error("upload \"%s\": path canonicalization failed", dst); 2350 return -1; 2351 } 2352 2353 ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, 2354 print_flag, resume, fsync_flag, follow_link_flag, inplace_flag); 2355 2356 free(dst_canon); 2357 return ret; 2358 } 2359 2360 static void 2361 handle_dest_replies(struct sftp_conn *to, const char *to_path, int synchronous, 2362 u_int *nreqsp, u_int *write_errorp) 2363 { 2364 struct sshbuf *msg; 2365 u_char type; 2366 u_int id, status; 2367 int r; 2368 struct pollfd pfd; 2369 2370 if ((msg = sshbuf_new()) == NULL) 2371 fatal_f("sshbuf_new failed"); 2372 2373 /* Try to eat replies from the upload side */ 2374 while (*nreqsp > 0) { 2375 debug3_f("%u outstanding replies", *nreqsp); 2376 if (!synchronous) { 2377 /* Bail out if no data is ready to be read */ 2378 pfd.fd = to->fd_in; 2379 pfd.events = POLLIN; 2380 if ((r = poll(&pfd, 1, 0)) == -1) { 2381 if (errno == EINTR) 2382 break; 2383 fatal_f("poll: %s", strerror(errno)); 2384 } else if (r == 0) 2385 break; /* fd not ready */ 2386 } 2387 sshbuf_reset(msg); 2388 get_msg(to, msg); 2389 2390 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 2391 (r = sshbuf_get_u32(msg, &id)) != 0) 2392 fatal_fr(r, "dest parse"); 2393 debug3("Received dest reply T:%u I:%u R:%u", type, id, *nreqsp); 2394 if (type != SSH2_FXP_STATUS) { 2395 fatal_f("Expected SSH2_FXP_STATUS(%d) packet, got %d", 2396 SSH2_FXP_STATUS, type); 2397 } 2398 if ((r = sshbuf_get_u32(msg, &status)) != 0) 2399 fatal_fr(r, "parse dest status"); 2400 debug3("dest SSH2_FXP_STATUS %u", status); 2401 if (status != SSH2_FX_OK) { 2402 /* record first error */ 2403 if (*write_errorp == 0) 2404 *write_errorp = status; 2405 } 2406 /* 2407 * XXX this doesn't do full reply matching like sftp_upload and 2408 * so cannot gracefully truncate terminated uploads at a 2409 * high-water mark. ATM the only caller of this function (scp) 2410 * doesn't support transfer resumption, so this doesn't matter 2411 * a whole lot. 2412 * 2413 * To be safe, sftp_crossload truncates the destination file to 2414 * zero length on upload failure, since we can't trust the 2415 * server not to have reordered replies that could have 2416 * inserted holes where none existed in the source file. 2417 * 2418 * XXX we could get a more accurate progress bar if we updated 2419 * the counter based on the reply from the destination... 2420 */ 2421 (*nreqsp)--; 2422 } 2423 debug3_f("done: %u outstanding replies", *nreqsp); 2424 sshbuf_free(msg); 2425 } 2426 2427 int 2428 sftp_crossload(struct sftp_conn *from, struct sftp_conn *to, 2429 const char *from_path, const char *to_path, 2430 Attrib *a, int preserve_flag) 2431 { 2432 struct sshbuf *msg; 2433 int write_error, read_error, r; 2434 u_int64_t offset = 0, size; 2435 u_int id, buflen, num_req, max_req, status = SSH2_FX_OK; 2436 u_int num_upload_req; 2437 off_t progress_counter; 2438 u_char *from_handle, *to_handle; 2439 size_t from_handle_len, to_handle_len; 2440 struct requests requests; 2441 struct request *req; 2442 u_char type; 2443 Attrib attr; 2444 2445 debug2_f("crossload src \"%s\" to dst \"%s\"", from_path, to_path); 2446 2447 TAILQ_INIT(&requests); 2448 2449 if (a == NULL) { 2450 if (sftp_stat(from, from_path, 0, &attr) != 0) 2451 return -1; 2452 a = &attr; 2453 } 2454 2455 if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && 2456 (!S_ISREG(a->perm))) { 2457 error("download \"%s\": not a regular file", from_path); 2458 return(-1); 2459 } 2460 if (a->flags & SSH2_FILEXFER_ATTR_SIZE) 2461 size = a->size; 2462 else 2463 size = 0; 2464 2465 buflen = from->download_buflen; 2466 if (buflen > to->upload_buflen) 2467 buflen = to->upload_buflen; 2468 2469 /* Send open request to read side */ 2470 if (send_open(from, from_path, "origin", SSH2_FXF_READ, NULL, 2471 &from_handle, &from_handle_len) != 0) 2472 return -1; 2473 2474 /* Send open request to write side */ 2475 a->flags &= ~SSH2_FILEXFER_ATTR_SIZE; 2476 a->flags &= ~SSH2_FILEXFER_ATTR_UIDGID; 2477 a->perm &= 0777; 2478 if (!preserve_flag) 2479 a->flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME; 2480 if (send_open(to, to_path, "dest", 2481 SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC, a, 2482 &to_handle, &to_handle_len) != 0) { 2483 sftp_close(from, from_handle, from_handle_len); 2484 return -1; 2485 } 2486 2487 /* Read from remote "from" and write to remote "to" */ 2488 offset = 0; 2489 write_error = read_error = num_req = num_upload_req = 0; 2490 max_req = 1; 2491 progress_counter = 0; 2492 2493 if (showprogress && size != 0) { 2494 start_progress_meter(progress_meter_path(from_path), 2495 size, &progress_counter); 2496 } 2497 if ((msg = sshbuf_new()) == NULL) 2498 fatal_f("sshbuf_new failed"); 2499 while (num_req > 0 || max_req > 0) { 2500 u_char *data; 2501 size_t len; 2502 2503 /* 2504 * Simulate EOF on interrupt: stop sending new requests and 2505 * allow outstanding requests to drain gracefully 2506 */ 2507 if (interrupted) { 2508 if (num_req == 0) /* If we haven't started yet... */ 2509 break; 2510 max_req = 0; 2511 } 2512 2513 /* Send some more requests */ 2514 while (num_req < max_req) { 2515 debug3("Request range %llu -> %llu (%d/%d)", 2516 (unsigned long long)offset, 2517 (unsigned long long)offset + buflen - 1, 2518 num_req, max_req); 2519 req = request_enqueue(&requests, from->msg_id++, 2520 buflen, offset); 2521 offset += buflen; 2522 num_req++; 2523 send_read_request(from, req->id, req->offset, 2524 req->len, from_handle, from_handle_len); 2525 } 2526 2527 /* Try to eat replies from the upload side (nonblocking) */ 2528 handle_dest_replies(to, to_path, 0, 2529 &num_upload_req, &write_error); 2530 2531 sshbuf_reset(msg); 2532 get_msg(from, msg); 2533 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 2534 (r = sshbuf_get_u32(msg, &id)) != 0) 2535 fatal_fr(r, "parse"); 2536 debug3("Received origin reply T:%u I:%u R:%d", 2537 type, id, max_req); 2538 2539 /* Find the request in our queue */ 2540 if ((req = request_find(&requests, id)) == NULL) 2541 fatal("Unexpected reply %u", id); 2542 2543 switch (type) { 2544 case SSH2_FXP_STATUS: 2545 if ((r = sshbuf_get_u32(msg, &status)) != 0) 2546 fatal_fr(r, "parse status"); 2547 if (status != SSH2_FX_EOF) 2548 read_error = 1; 2549 max_req = 0; 2550 TAILQ_REMOVE(&requests, req, tq); 2551 free(req); 2552 num_req--; 2553 break; 2554 case SSH2_FXP_DATA: 2555 if ((r = sshbuf_get_string(msg, &data, &len)) != 0) 2556 fatal_fr(r, "parse data"); 2557 debug3("Received data %llu -> %llu", 2558 (unsigned long long)req->offset, 2559 (unsigned long long)req->offset + len - 1); 2560 if (len > req->len) 2561 fatal("Received more data than asked for " 2562 "%zu > %zu", len, req->len); 2563 2564 /* Write this chunk out to the destination */ 2565 sshbuf_reset(msg); 2566 if ((r = sshbuf_put_u8(msg, SSH2_FXP_WRITE)) != 0 || 2567 (r = sshbuf_put_u32(msg, to->msg_id++)) != 0 || 2568 (r = sshbuf_put_string(msg, to_handle, 2569 to_handle_len)) != 0 || 2570 (r = sshbuf_put_u64(msg, req->offset)) != 0 || 2571 (r = sshbuf_put_string(msg, data, len)) != 0) 2572 fatal_fr(r, "compose write"); 2573 send_msg(to, msg); 2574 debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%zu", 2575 id, (unsigned long long)offset, len); 2576 num_upload_req++; 2577 progress_counter += len; 2578 free(data); 2579 2580 if (len == req->len) { 2581 TAILQ_REMOVE(&requests, req, tq); 2582 free(req); 2583 num_req--; 2584 } else { 2585 /* Resend the request for the missing data */ 2586 debug3("Short data block, re-requesting " 2587 "%llu -> %llu (%2d)", 2588 (unsigned long long)req->offset + len, 2589 (unsigned long long)req->offset + 2590 req->len - 1, num_req); 2591 req->id = from->msg_id++; 2592 req->len -= len; 2593 req->offset += len; 2594 send_read_request(from, req->id, 2595 req->offset, req->len, 2596 from_handle, from_handle_len); 2597 /* Reduce the request size */ 2598 if (len < buflen) 2599 buflen = MAXIMUM(MIN_READ_SIZE, len); 2600 } 2601 if (max_req > 0) { /* max_req = 0 iff EOF received */ 2602 if (size > 0 && offset > size) { 2603 /* Only one request at a time 2604 * after the expected EOF */ 2605 debug3("Finish at %llu (%2d)", 2606 (unsigned long long)offset, 2607 num_req); 2608 max_req = 1; 2609 } else if (max_req < from->num_requests) { 2610 ++max_req; 2611 } 2612 } 2613 break; 2614 default: 2615 fatal("Expected SSH2_FXP_DATA(%u) packet, got %u", 2616 SSH2_FXP_DATA, type); 2617 } 2618 } 2619 2620 if (showprogress && size) 2621 stop_progress_meter(); 2622 2623 /* Drain replies from the server (blocking) */ 2624 debug3_f("waiting for %u replies from destination", num_upload_req); 2625 handle_dest_replies(to, to_path, 1, &num_upload_req, &write_error); 2626 2627 /* Sanity check */ 2628 if (TAILQ_FIRST(&requests) != NULL) 2629 fatal("Transfer complete, but requests still in queue"); 2630 /* Truncate at 0 length on interrupt or error to avoid holes at dest */ 2631 if (read_error || write_error || interrupted) { 2632 debug("truncating \"%s\" at 0", to_path); 2633 sftp_close(to, to_handle, to_handle_len); 2634 free(to_handle); 2635 if (send_open(to, to_path, "dest", 2636 SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC, a, 2637 &to_handle, &to_handle_len) != 0) { 2638 error("dest truncate \"%s\" failed", to_path); 2639 to_handle = NULL; 2640 } 2641 } 2642 if (read_error) { 2643 error("read origin \"%s\": %s", from_path, fx2txt(status)); 2644 status = -1; 2645 sftp_close(from, from_handle, from_handle_len); 2646 if (to_handle != NULL) 2647 sftp_close(to, to_handle, to_handle_len); 2648 } else if (write_error) { 2649 error("write dest \"%s\": %s", to_path, fx2txt(write_error)); 2650 status = SSH2_FX_FAILURE; 2651 sftp_close(from, from_handle, from_handle_len); 2652 if (to_handle != NULL) 2653 sftp_close(to, to_handle, to_handle_len); 2654 } else { 2655 if (sftp_close(from, from_handle, from_handle_len) != 0 || 2656 interrupted) 2657 status = -1; 2658 else 2659 status = SSH2_FX_OK; 2660 if (to_handle != NULL) { 2661 /* Need to resend utimes after write */ 2662 if (preserve_flag) 2663 sftp_fsetstat(to, to_handle, to_handle_len, a); 2664 sftp_close(to, to_handle, to_handle_len); 2665 } 2666 } 2667 sshbuf_free(msg); 2668 free(from_handle); 2669 free(to_handle); 2670 2671 return status == SSH2_FX_OK ? 0 : -1; 2672 } 2673 2674 static int 2675 crossload_dir_internal(struct sftp_conn *from, struct sftp_conn *to, 2676 const char *from_path, const char *to_path, 2677 int depth, Attrib *dirattrib, int preserve_flag, int print_flag, 2678 int follow_link_flag) 2679 { 2680 int i, ret = 0; 2681 SFTP_DIRENT **dir_entries; 2682 char *filename, *new_from_path = NULL, *new_to_path = NULL; 2683 mode_t mode = 0777; 2684 Attrib *a, curdir, ldirattrib, newdir, lsym; 2685 2686 debug2_f("crossload dir src \"%s\" to dst \"%s\"", from_path, to_path); 2687 2688 if (depth >= MAX_DIR_DEPTH) { 2689 error("Maximum directory depth exceeded: %d levels", depth); 2690 return -1; 2691 } 2692 2693 if (dirattrib == NULL) { 2694 if (sftp_stat(from, from_path, 1, &ldirattrib) != 0) { 2695 error("stat remote \"%s\" failed", from_path); 2696 return -1; 2697 } 2698 dirattrib = &ldirattrib; 2699 } 2700 if (!S_ISDIR(dirattrib->perm)) { 2701 error("\"%s\" is not a directory", from_path); 2702 return -1; 2703 } 2704 if (print_flag && print_flag != SFTP_PROGRESS_ONLY) 2705 mprintf("Retrieving %s\n", from_path); 2706 2707 curdir = *dirattrib; /* dirattrib will be clobbered */ 2708 curdir.flags &= ~SSH2_FILEXFER_ATTR_SIZE; 2709 curdir.flags &= ~SSH2_FILEXFER_ATTR_UIDGID; 2710 if ((curdir.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) == 0) { 2711 debug("Origin did not send permissions for " 2712 "directory \"%s\"", to_path); 2713 curdir.perm = S_IWUSR|S_IXUSR; 2714 curdir.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; 2715 } 2716 /* We need to be able to write to the directory while we transfer it */ 2717 mode = curdir.perm & 01777; 2718 curdir.perm = mode | (S_IWUSR|S_IXUSR); 2719 2720 /* 2721 * sftp lacks a portable status value to match errno EEXIST, 2722 * so if we get a failure back then we must check whether 2723 * the path already existed and is a directory. Ensure we can 2724 * write to the directory we create for the duration of the transfer. 2725 */ 2726 if (sftp_mkdir(to, to_path, &curdir, 0) != 0) { 2727 if (sftp_stat(to, to_path, 0, &newdir) != 0) 2728 return -1; 2729 if (!S_ISDIR(newdir.perm)) { 2730 error("\"%s\" exists but is not a directory", to_path); 2731 return -1; 2732 } 2733 } 2734 curdir.perm = mode; 2735 2736 if (sftp_readdir(from, from_path, &dir_entries) == -1) { 2737 error("origin readdir \"%s\" failed", from_path); 2738 return -1; 2739 } 2740 2741 for (i = 0; dir_entries[i] != NULL && !interrupted; i++) { 2742 free(new_from_path); 2743 free(new_to_path); 2744 2745 filename = dir_entries[i]->filename; 2746 new_from_path = sftp_path_append(from_path, filename); 2747 new_to_path = sftp_path_append(to_path, filename); 2748 2749 a = &dir_entries[i]->a; 2750 if (S_ISLNK(a->perm)) { 2751 if (!follow_link_flag) { 2752 logit("%s: not a regular file", filename); 2753 continue; 2754 } 2755 /* Replace the stat contents with the symlink target */ 2756 if (sftp_stat(from, new_from_path, 1, &lsym) != 0) { 2757 logit("remote stat \"%s\" failed", 2758 new_from_path); 2759 ret = -1; 2760 continue; 2761 } 2762 a = &lsym; 2763 } 2764 if (S_ISDIR(a->perm)) { 2765 if (strcmp(filename, ".") == 0 || 2766 strcmp(filename, "..") == 0) 2767 continue; 2768 if (crossload_dir_internal(from, to, 2769 new_from_path, new_to_path, 2770 depth + 1, a, preserve_flag, 2771 print_flag, follow_link_flag) == -1) 2772 ret = -1; 2773 } else if (S_ISREG(a->perm)) { 2774 if (sftp_crossload(from, to, new_from_path, 2775 new_to_path, a, preserve_flag) == -1) { 2776 error("crossload \"%s\" to \"%s\" failed", 2777 new_from_path, new_to_path); 2778 ret = -1; 2779 } 2780 } else { 2781 logit("origin \"%s\": not a regular file", 2782 new_from_path); 2783 } 2784 } 2785 free(new_to_path); 2786 free(new_from_path); 2787 2788 sftp_setstat(to, to_path, &curdir); 2789 2790 sftp_free_dirents(dir_entries); 2791 2792 return ret; 2793 } 2794 2795 int 2796 sftp_crossload_dir(struct sftp_conn *from, struct sftp_conn *to, 2797 const char *from_path, const char *to_path, 2798 Attrib *dirattrib, int preserve_flag, int print_flag, int follow_link_flag) 2799 { 2800 char *from_path_canon; 2801 int ret; 2802 2803 if ((from_path_canon = sftp_realpath(from, from_path)) == NULL) { 2804 error("crossload \"%s\": path canonicalization failed", 2805 from_path); 2806 return -1; 2807 } 2808 2809 ret = crossload_dir_internal(from, to, from_path_canon, to_path, 0, 2810 dirattrib, preserve_flag, print_flag, follow_link_flag); 2811 free(from_path_canon); 2812 return ret; 2813 } 2814 2815 int 2816 sftp_can_get_users_groups_by_id(struct sftp_conn *conn) 2817 { 2818 return (conn->exts & SFTP_EXT_GETUSERSGROUPS_BY_ID) != 0; 2819 } 2820 2821 int 2822 sftp_get_users_groups_by_id(struct sftp_conn *conn, 2823 const u_int *uids, u_int nuids, 2824 const u_int *gids, u_int ngids, 2825 char ***usernamesp, char ***groupnamesp) 2826 { 2827 struct sshbuf *msg, *uidbuf, *gidbuf; 2828 u_int i, expected_id, id; 2829 char *name, **usernames = NULL, **groupnames = NULL; 2830 u_char type; 2831 int r; 2832 2833 *usernamesp = *groupnamesp = NULL; 2834 if (!sftp_can_get_users_groups_by_id(conn)) 2835 return SSH_ERR_FEATURE_UNSUPPORTED; 2836 2837 if ((msg = sshbuf_new()) == NULL || 2838 (uidbuf = sshbuf_new()) == NULL || 2839 (gidbuf = sshbuf_new()) == NULL) 2840 fatal_f("sshbuf_new failed"); 2841 expected_id = id = conn->msg_id++; 2842 debug2("Sending SSH2_FXP_EXTENDED(users-groups-by-id@openssh.com)"); 2843 for (i = 0; i < nuids; i++) { 2844 if ((r = sshbuf_put_u32(uidbuf, uids[i])) != 0) 2845 fatal_fr(r, "compose uids"); 2846 } 2847 for (i = 0; i < ngids; i++) { 2848 if ((r = sshbuf_put_u32(gidbuf, gids[i])) != 0) 2849 fatal_fr(r, "compose gids"); 2850 } 2851 if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 || 2852 (r = sshbuf_put_u32(msg, id)) != 0 || 2853 (r = sshbuf_put_cstring(msg, 2854 "users-groups-by-id@openssh.com")) != 0 || 2855 (r = sshbuf_put_stringb(msg, uidbuf)) != 0 || 2856 (r = sshbuf_put_stringb(msg, gidbuf)) != 0) 2857 fatal_fr(r, "compose"); 2858 send_msg(conn, msg); 2859 get_msg(conn, msg); 2860 if ((r = sshbuf_get_u8(msg, &type)) != 0 || 2861 (r = sshbuf_get_u32(msg, &id)) != 0) 2862 fatal_fr(r, "parse"); 2863 if (id != expected_id) 2864 fatal("ID mismatch (%u != %u)", id, expected_id); 2865 if (type == SSH2_FXP_STATUS) { 2866 u_int status; 2867 char *errmsg; 2868 2869 if ((r = sshbuf_get_u32(msg, &status)) != 0 || 2870 (r = sshbuf_get_cstring(msg, &errmsg, NULL)) != 0) 2871 fatal_fr(r, "parse status"); 2872 error("users-groups-by-id %s", 2873 *errmsg == '\0' ? fx2txt(status) : errmsg); 2874 free(errmsg); 2875 sshbuf_free(msg); 2876 sshbuf_free(uidbuf); 2877 sshbuf_free(gidbuf); 2878 return -1; 2879 } else if (type != SSH2_FXP_EXTENDED_REPLY) 2880 fatal("Expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u", 2881 SSH2_FXP_EXTENDED_REPLY, type); 2882 2883 /* reuse */ 2884 sshbuf_free(uidbuf); 2885 sshbuf_free(gidbuf); 2886 uidbuf = gidbuf = NULL; 2887 if ((r = sshbuf_froms(msg, &uidbuf)) != 0 || 2888 (r = sshbuf_froms(msg, &gidbuf)) != 0) 2889 fatal_fr(r, "parse response"); 2890 if (nuids > 0) { 2891 usernames = xcalloc(nuids, sizeof(*usernames)); 2892 for (i = 0; i < nuids; i++) { 2893 if ((r = sshbuf_get_cstring(uidbuf, &name, NULL)) != 0) 2894 fatal_fr(r, "parse user name"); 2895 /* Handle unresolved names */ 2896 if (*name == '\0') { 2897 free(name); 2898 name = NULL; 2899 } 2900 usernames[i] = name; 2901 } 2902 } 2903 if (ngids > 0) { 2904 groupnames = xcalloc(ngids, sizeof(*groupnames)); 2905 for (i = 0; i < ngids; i++) { 2906 if ((r = sshbuf_get_cstring(gidbuf, &name, NULL)) != 0) 2907 fatal_fr(r, "parse user name"); 2908 /* Handle unresolved names */ 2909 if (*name == '\0') { 2910 free(name); 2911 name = NULL; 2912 } 2913 groupnames[i] = name; 2914 } 2915 } 2916 if (sshbuf_len(uidbuf) != 0) 2917 fatal_f("unexpected extra username data"); 2918 if (sshbuf_len(gidbuf) != 0) 2919 fatal_f("unexpected extra groupname data"); 2920 sshbuf_free(uidbuf); 2921 sshbuf_free(gidbuf); 2922 sshbuf_free(msg); 2923 /* success */ 2924 *usernamesp = usernames; 2925 *groupnamesp = groupnames; 2926 return 0; 2927 } 2928 2929 char * 2930 sftp_path_append(const char *p1, const char *p2) 2931 { 2932 char *ret; 2933 size_t len = strlen(p1) + strlen(p2) + 2; 2934 2935 ret = xmalloc(len); 2936 strlcpy(ret, p1, len); 2937 if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/') 2938 strlcat(ret, "/", len); 2939 strlcat(ret, p2, len); 2940 2941 return(ret); 2942 } 2943 2944 /* 2945 * Arg p must be dynamically allocated. It will either be returned or 2946 * freed and a replacement allocated. Caller must free returned string. 2947 */ 2948 char * 2949 sftp_make_absolute(char *p, const char *pwd) 2950 { 2951 char *abs_str; 2952 2953 /* Derelativise */ 2954 if (p && !path_absolute(p)) { 2955 abs_str = sftp_path_append(pwd, p); 2956 free(p); 2957 return(abs_str); 2958 } else 2959 return(p); 2960 } 2961 2962 int 2963 sftp_remote_is_dir(struct sftp_conn *conn, const char *path) 2964 { 2965 Attrib a; 2966 2967 /* XXX: report errors? */ 2968 if (sftp_stat(conn, path, 1, &a) != 0) 2969 return(0); 2970 if (!(a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) 2971 return(0); 2972 return S_ISDIR(a.perm); 2973 } 2974 2975 2976 /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */ 2977 int 2978 sftp_globpath_is_dir(const char *pathname) 2979 { 2980 size_t l = strlen(pathname); 2981 2982 return l > 0 && pathname[l - 1] == '/'; 2983 } 2984 2985