search for: errno_to_port

...P_LOGGING + sflags_from_portable(&sflags[0], pflags); + #endif mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666; TRACE("open id %d name %s flags %d mode 0%o", id, name, pflags, mode); fd = open(name, flags, mode); if (fd < 0) { status = errno_to_portable(errno); + #ifdef SFTP_LOGGING + log("(%d/%d/%s) File/Dir open failed - %s: %s (%s,%04o)", ppid, cuid, CUNAME, status_to_logstr(status), name, sflags, mode); + #endif } else { handle = handle_new(HANDLE_FILE, xstrdup(name), fd, NULL); if (handle < 0) { close(fd); +...

...#39;/' else ~fred will allow access to ~freddy. + */ + if( ! strncmp(resolvedname, RestrictDirectory, restlen) && + resolvedname[restlen] == '/') + return(1); + + error("Restricted access, %s disallowed for %.100s", reason, path); + + return(0); +} + static int errno_to_portable(int unixerrno) { @@ -813,20 +948,24 @@ id = get_int(); path = get_string(NULL); debug3("request %u: opendir", id); - logit("opendir \"%s\"", path); - dirp = opendir(path); - if (dirp == NULL) { - status = errno_to_portable(errno); - } else { - handle = han...

...********** *** 554,560 **** a = get_attrib(); TRACE("setstat id %d name %s", id, name); if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { ! ret = chmod(name, a->perm & 0777); if (ret == -1) status = errno_to_portable(errno); } --- 554,572 ---- a = get_attrib(); TRACE("setstat id %d name %s", id, name); if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { ! /* ! * Filter it through umask as well. Some clients (most ! * n...

...free result */ ! char *do_readlink(struct sftp_conn *, char *, Attrib *); /* XXX: add callbacks to do_download/do_upload so we can do progress meter */ *** sftp-server.c@@\main\1 Tue Oct 1 17:27:26 2002 --- sftp-server.c Tue Nov 5 10:07:54 2002 *************** *** 604,610 **** status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { ! ret = chown(name, a->uid, a->gid); if (ret == -1) status = errno_to_portable(errno); } --- 618,624 ---- status = errno_to_portable(errno); } if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { !...

...status; id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL); TRACE("rename id %u old %s new %s", id, oldpath, newpath); /* fail if 'newpath' exists */ - if (stat(newpath, &st) == -1) { - ret = rename(oldpath, newpath); - status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; - } + if (link(oldpath, newpath) == -1) + status = errno_to_portable(errno); + else if (unlink(oldpath) == -1) { + status = errno_to_portable(errno); + /* clean spare link */ + unlink(newpath); + } else + status = SSH2_FX_OK; send_status(id, status); xfree(oldpath)...

Is there an alternative to using link(2) to rename files in sftp-server? Some users use sftp to upload files to a vfat partition on an sftp-server, and then renaming doesn't work. This breaks konqueror, for example (from KDE, which u), which upload files first with a ".part" extension and then renames them removing this extension.

Hi, I've discovered that on OpenSSH_3.6.1p1 (the latest SSH available on OSX, but I've also tried a couple of different linux distributions), when you 'sftp' to it, and try to 'chmod' some file or directory, only last three octal digits do actually matter. Example: sftp sshtest at localhost Connecting to localhost... sshtest at localhost's password: sftp> ls -l

I'm working on setting up a semi-trusted sftp service, and to get it working, I need chroot capability. I've taken the /./ wuftpd magic token code from contrib/chroot.diff and put it into the sftp server. The main problem is that privileges have been dropped by the time the subsystem is exec'ed, so my patch requires that sftp-server be setuid root. Not ideal, I know, but I drop all

...nt handle) return -1; } +static int +handle_to_flags(int handle) +{ + if (handle_is_ok(handle, HANDLE_FILE)) + return handles[handle].flags; + return -1; +} + static void handle_update_read(int handle, ssize_t bytes) { @@ -567,7 +581,7 @@ process_open(void) if (fd < 0) { status = errno_to_portable(errno); } else { - handle = handle_new(HANDLE_FILE, name, fd, NULL); + handle = handle_new(HANDLE_FILE, name, fd, flags, NULL); if (handle < 0) { close(fd); } else { @@ -660,7 +674,8 @@ process_write(void) else if (readonly) status = SSH2_FX_PERMISSION_DENIED; else...

...SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666; TRACE("open id %d name %s flags %d mode 0%o", id, name, pflags, mode); + log("(%d/%d/%s) File/Dir opened: %s (%s,%04o)", ppid, cuid, CUNAME, name, sflags, mode); fd = open(name, flags, mode); if (fd < 0) { status = errno_to_portable(errno); @@ -589,6 +620,7 @@ name = get_string(NULL); a = get_attrib(); TRACE("setstat id %d name %s", id, name); + log("(%d/%d/%s) Permissions altered: %s (%04o).", ppid, cuid, CUNAME, name, a->perm & 0777); if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS...

...******* *** 802,807 **** --- 816,826 ---- id = get_int(); name = get_string(NULL); + if (readonly) { + status = SSH2_FX_PERMISSION_DENIED; + send_status(id, status); + return; + } TRACE("remove id %u name %s", id, name); ret = unlink(name); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; *************** *** 820,825 **** --- 839,849 ---- id = get_int(); name = get_string(NULL); a = get_attrib(); + if (readonly) { + status = SSH2_FX_PERMISSION_DENIED; + send_status(id, status); + return; + } mode = (a->flags & SSH2_FILEXFER_ATTR_PER...

...penssh-4.3p2-kylie/sftp-server.c 2006-05-08 15:42:04.795120304 -0500 @@ -408,9 +408,12 @@ process_close(void) id = get_int(); handle = get_handle(); + if (handle < 0) + goto out; TRACE("close id %u handle %d", id, handle); ret = handle_close(handle); status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; +out: send_status(id, status); } @@ -424,6 +427,8 @@ process_read(void) id = get_int(); handle = get_handle(); + if (handle < 0) + goto out; off = get_int64(); len = get_int(); @@ -450,6 +455,7 @@ process_read(void) } } } +out: if (status !=...

...} static void +process_extended_statfs(u_int32_t id) +{ + char *path; + struct statfs st; + int ret; + + path = get_string(NULL); + debug3("request %u: statfs", id); + logit("statfs \"%s\"", path); + + ret = statfs(path, &st); + if (ret == -1) + send_status(id, errno_to_portable(errno)); + else + send_statfs(id, &st); + xfree(path); +} + +static void process_extended(void) { u_int32_t id; @@ -1056,7 +1094,10 @@ process_extended(void) id = get_int(); request = get_string(NULL); - send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */ + if (strcmp(req...

...and design it properly. Regards. Ren?. Patch below : Note : This patch was written to be used on Centos6.9 which is using an old openssh version. diff openssh-5.3p1/sftp-server.c openssh-5.3p1.patched/sftp-server.c 949a950 993,994c1001,1004 < ret = rmdir(name); < status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; --- > /*ret = rmdir(name); > status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK; > */ > status = SSH2_FX_OK; 1040a1051,1053 > else if (S_ISDIR(sb.st_mode)) { > status = SSH2_FX_OK; > }

This patch series consists of minor fixes and cleanups I made during update to openssh V_4_6 branch. openssh/auth-pam.c | 9 ++++----- openssh/auth2.c | 2 -- openssh/readconf.c | 7 ++++--- openssh/servconf.c | 14 ++++++++------ openssh/sftp-server.c | 9 ++++++--- openssh/sshd.c | 2 +- 6 files changed, 23 insertions(+), 20 deletions(-) -- ldv

...#39;/') > *(path+i) = '\0'; > else break; > } > } > 523d650 < 552d678 < 554a681,696 > name = jail_to_actual(name); > if (jail != NULL) { > char resolvedname[MAXPATHLEN]; > if (realpath(name, resolvedname) == NULL) { > send_status(id, errno_to_portable(errno)); > free(name); > return; > } > char* jailed_resolvedname = actual_to_jail(xstrdup(resolvedname)); > if (jailed_resolvedname == NULL) { > send_status(id,SSH2_FX_FAILURE); > free(name); > return; > } > > } 589d730 < 695a837 &...

It looks like something got broken in openbsd-compat/bsd-snprintf.c ... gcc -g -O2 -Wall -Dftruncate=chsize -I/usr/local/include -I/usr/local/ssl/includ e -I. -I.. -I../src/openbsd-compat -I../src/openbsd-compat/.. -DHAVE_CONFIG_H -c ../src/openbsd-compat/bsd-snprintf.c In file included from ../src/openbsd-compat/bsd-snprintf.c:72:

...rno)); + + gidset[0] = pw->pw_gid; + if (setgid(pw->pw_gid) < 0) + fatal("setgid failed for %u", (u_int)pw->pw_gid ); + if (setgroups(1, gidset) < 0) + fatal("setgroups: %.100s", strerror(errno)); + permanently_set_uid(pw); +} +#endif /* CHROOT */ + static int errno_to_portable(int unixerrno) { @@ -1028,15 +1082,19 @@ int in, out, max; ssize_t len, olen, set_size; +#ifdef DEBUG_SFTP-SERVER + log_init("sftp-server", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); +#endif + +#ifdef CHROOT + chroot_init(); +#endif + /* XXX should use getopt */ __pro...

...atic void +process_extended_statvfs(u_int32_t id) +{ + char *path; + struct statvfs st; + int ret; + + path = get_string(NULL); + debug3("request %u: statvfs", id); + verbose("statvfs \"%s\"", path); + + ret = statvfs(path, &st); + if (ret == -1) + send_status(id, errno_to_portable(errno)); + else + send_statvfs(id, &st); +} + +static void process_extended(void) { u_int32_t id; @@ -1056,7 +1104,10 @@ id = get_int(); request = get_string(NULL); - send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */ + if (strcmp(request, "statvfs at openssh.org") ==...

...dpath, *newpath; + + oldpath = get_string(NULL); + newpath = get_string(NULL); + debug3("request %u: posix-rename", id); + logit("posix-rename old \"%s\" new \"%s\"", oldpath, newpath); + if (rename(oldpath, newpath) == -1) + send_status(id, errno_to_portable(errno)); + else + send_status(id, SSH2_FX_OK); + xfree(oldpath); + xfree(newpath); +} + +static void process_extended(void) { u_int32_t id; @@ -1096,6 +1113,8 @@ process_extended(void) request = get_string(NULL); if (strcmp(request, "statfs at openssh.org") =...