xref: /openssh-portable/sftp-client.c (revision e4d1a0b4)
1 /* $OpenBSD: sftp-client.c,v 1.139 2020/12/04 02:41:10 djm Exp $ */
2 /*
3  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 /* XXX: memleaks */
19 /* XXX: signed vs unsigned */
20 /* XXX: remove all logging, only return status codes */
21 /* XXX: copy between two remote sites */
22 
23 #include "includes.h"
24 
25 #include <sys/types.h>
26 #ifdef HAVE_SYS_STATVFS_H
27 #include <sys/statvfs.h>
28 #endif
29 #include "openbsd-compat/sys-queue.h"
30 #ifdef HAVE_SYS_STAT_H
31 # include <sys/stat.h>
32 #endif
33 #ifdef HAVE_SYS_TIME_H
34 # include <sys/time.h>
35 #endif
36 #include <sys/uio.h>
37 
38 #include <dirent.h>
39 #include <errno.h>
40 #include <fcntl.h>
41 #include <signal.h>
42 #include <stdarg.h>
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <unistd.h>
47 
48 #include "xmalloc.h"
49 #include "ssherr.h"
50 #include "sshbuf.h"
51 #include "log.h"
52 #include "atomicio.h"
53 #include "progressmeter.h"
54 #include "misc.h"
55 #include "utf8.h"
56 
57 #include "sftp.h"
58 #include "sftp-common.h"
59 #include "sftp-client.h"
60 
61 extern volatile sig_atomic_t interrupted;
62 extern int showprogress;
63 
64 /* Minimum amount of data to read at a time */
65 #define MIN_READ_SIZE	512
66 
67 /* Maximum depth to descend in directory trees */
68 #define MAX_DIR_DEPTH 64
69 
70 /* Directory separator characters */
71 #ifdef HAVE_CYGWIN
72 # define SFTP_DIRECTORY_CHARS      "/\\"
73 #else /* HAVE_CYGWIN */
74 # define SFTP_DIRECTORY_CHARS      "/"
75 #endif /* HAVE_CYGWIN */
76 
77 struct sftp_conn {
78 	int fd_in;
79 	int fd_out;
80 	u_int transfer_buflen;
81 	u_int num_requests;
82 	u_int version;
83 	u_int msg_id;
84 #define SFTP_EXT_POSIX_RENAME	0x00000001
85 #define SFTP_EXT_STATVFS	0x00000002
86 #define SFTP_EXT_FSTATVFS	0x00000004
87 #define SFTP_EXT_HARDLINK	0x00000008
88 #define SFTP_EXT_FSYNC		0x00000010
89 #define SFTP_EXT_LSETSTAT	0x00000020
90 	u_int exts;
91 	u_int64_t limit_kbps;
92 	struct bwlimit bwlimit_in, bwlimit_out;
93 };
94 
95 static u_char *
96 get_handle(struct sftp_conn *conn, u_int expected_id, size_t *len,
97     const char *errfmt, ...) __attribute__((format(printf, 4, 5)));
98 
99 /* ARGSUSED */
100 static int
sftpio(void * _bwlimit,size_t amount)101 sftpio(void *_bwlimit, size_t amount)
102 {
103 	struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit;
104 
105 	refresh_progress_meter(0);
106 	if (bwlimit != NULL)
107 		bandwidth_limit(bwlimit, amount);
108 	return 0;
109 }
110 
111 static void
send_msg(struct sftp_conn * conn,struct sshbuf * m)112 send_msg(struct sftp_conn *conn, struct sshbuf *m)
113 {
114 	u_char mlen[4];
115 	struct iovec iov[2];
116 
117 	if (sshbuf_len(m) > SFTP_MAX_MSG_LENGTH)
118 		fatal("Outbound message too long %zu", sshbuf_len(m));
119 
120 	/* Send length first */
121 	put_u32(mlen, sshbuf_len(m));
122 	iov[0].iov_base = mlen;
123 	iov[0].iov_len = sizeof(mlen);
124 	iov[1].iov_base = (u_char *)sshbuf_ptr(m);
125 	iov[1].iov_len = sshbuf_len(m);
126 
127 	if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio,
128 	    conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) !=
129 	    sshbuf_len(m) + sizeof(mlen))
130 		fatal("Couldn't send packet: %s", strerror(errno));
131 
132 	sshbuf_reset(m);
133 }
134 
135 static void
get_msg_extended(struct sftp_conn * conn,struct sshbuf * m,int initial)136 get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial)
137 {
138 	u_int msg_len;
139 	u_char *p;
140 	int r;
141 
142 	if ((r = sshbuf_reserve(m, 4, &p)) != 0)
143 		fatal_fr(r, "reserve");
144 	if (atomicio6(read, conn->fd_in, p, 4, sftpio,
145 	    conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) {
146 		if (errno == EPIPE || errno == ECONNRESET)
147 			fatal("Connection closed");
148 		else
149 			fatal("Couldn't read packet: %s", strerror(errno));
150 	}
151 
152 	if ((r = sshbuf_get_u32(m, &msg_len)) != 0)
153 		fatal_fr(r, "sshbuf_get_u32");
154 	if (msg_len > SFTP_MAX_MSG_LENGTH) {
155 		do_log2(initial ? SYSLOG_LEVEL_ERROR : SYSLOG_LEVEL_FATAL,
156 		    "Received message too long %u", msg_len);
157 		fatal("Ensure the remote shell produces no output "
158 		    "for non-interactive sessions.");
159 	}
160 
161 	if ((r = sshbuf_reserve(m, msg_len, &p)) != 0)
162 		fatal_fr(r, "reserve");
163 	if (atomicio6(read, conn->fd_in, p, msg_len, sftpio,
164 	    conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL)
165 	    != msg_len) {
166 		if (errno == EPIPE)
167 			fatal("Connection closed");
168 		else
169 			fatal("Read packet: %s", strerror(errno));
170 	}
171 }
172 
173 static void
get_msg(struct sftp_conn * conn,struct sshbuf * m)174 get_msg(struct sftp_conn *conn, struct sshbuf *m)
175 {
176 	get_msg_extended(conn, m, 0);
177 }
178 
179 static void
send_string_request(struct sftp_conn * conn,u_int id,u_int code,const char * s,u_int len)180 send_string_request(struct sftp_conn *conn, u_int id, u_int code, const char *s,
181     u_int len)
182 {
183 	struct sshbuf *msg;
184 	int r;
185 
186 	if ((msg = sshbuf_new()) == NULL)
187 		fatal_f("sshbuf_new failed");
188 	if ((r = sshbuf_put_u8(msg, code)) != 0 ||
189 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
190 	    (r = sshbuf_put_string(msg, s, len)) != 0)
191 		fatal_fr(r, "compose");
192 	send_msg(conn, msg);
193 	debug3("Sent message fd %d T:%u I:%u", conn->fd_out, code, id);
194 	sshbuf_free(msg);
195 }
196 
197 static void
send_string_attrs_request(struct sftp_conn * conn,u_int id,u_int code,const void * s,u_int len,Attrib * a)198 send_string_attrs_request(struct sftp_conn *conn, u_int id, u_int code,
199     const void *s, u_int len, Attrib *a)
200 {
201 	struct sshbuf *msg;
202 	int r;
203 
204 	if ((msg = sshbuf_new()) == NULL)
205 		fatal_f("sshbuf_new failed");
206 	if ((r = sshbuf_put_u8(msg, code)) != 0 ||
207 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
208 	    (r = sshbuf_put_string(msg, s, len)) != 0 ||
209 	    (r = encode_attrib(msg, a)) != 0)
210 		fatal_fr(r, "compose");
211 	send_msg(conn, msg);
212 	debug3("Sent message fd %d T:%u I:%u", conn->fd_out, code, id);
213 	sshbuf_free(msg);
214 }
215 
216 static u_int
get_status(struct sftp_conn * conn,u_int expected_id)217 get_status(struct sftp_conn *conn, u_int expected_id)
218 {
219 	struct sshbuf *msg;
220 	u_char type;
221 	u_int id, status;
222 	int r;
223 
224 	if ((msg = sshbuf_new()) == NULL)
225 		fatal_f("sshbuf_new failed");
226 	get_msg(conn, msg);
227 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
228 	    (r = sshbuf_get_u32(msg, &id)) != 0)
229 		fatal_fr(r, "compose");
230 
231 	if (id != expected_id)
232 		fatal("ID mismatch (%u != %u)", id, expected_id);
233 	if (type != SSH2_FXP_STATUS)
234 		fatal("Expected SSH2_FXP_STATUS(%u) packet, got %u",
235 		    SSH2_FXP_STATUS, type);
236 
237 	if ((r = sshbuf_get_u32(msg, &status)) != 0)
238 		fatal_fr(r, "parse");
239 	sshbuf_free(msg);
240 
241 	debug3("SSH2_FXP_STATUS %u", status);
242 
243 	return status;
244 }
245 
246 static u_char *
get_handle(struct sftp_conn * conn,u_int expected_id,size_t * len,const char * errfmt,...)247 get_handle(struct sftp_conn *conn, u_int expected_id, size_t *len,
248     const char *errfmt, ...)
249 {
250 	struct sshbuf *msg;
251 	u_int id, status;
252 	u_char type;
253 	u_char *handle;
254 	char errmsg[256];
255 	va_list args;
256 	int r;
257 
258 	va_start(args, errfmt);
259 	if (errfmt != NULL)
260 		vsnprintf(errmsg, sizeof(errmsg), errfmt, args);
261 	va_end(args);
262 
263 	if ((msg = sshbuf_new()) == NULL)
264 		fatal_f("sshbuf_new failed");
265 	get_msg(conn, msg);
266 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
267 	    (r = sshbuf_get_u32(msg, &id)) != 0)
268 		fatal_fr(r, "parse");
269 
270 	if (id != expected_id)
271 		fatal("%s: ID mismatch (%u != %u)",
272 		    errfmt == NULL ? __func__ : errmsg, id, expected_id);
273 	if (type == SSH2_FXP_STATUS) {
274 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
275 			fatal_fr(r, "parse status");
276 		if (errfmt != NULL)
277 			error("%s: %s", errmsg, fx2txt(status));
278 		sshbuf_free(msg);
279 		return(NULL);
280 	} else if (type != SSH2_FXP_HANDLE)
281 		fatal("%s: Expected SSH2_FXP_HANDLE(%u) packet, got %u",
282 		    errfmt == NULL ? __func__ : errmsg, SSH2_FXP_HANDLE, type);
283 
284 	if ((r = sshbuf_get_string(msg, &handle, len)) != 0)
285 		fatal_fr(r, "parse handle");
286 	sshbuf_free(msg);
287 
288 	return handle;
289 }
290 
291 static Attrib *
get_decode_stat(struct sftp_conn * conn,u_int expected_id,int quiet)292 get_decode_stat(struct sftp_conn *conn, u_int expected_id, int quiet)
293 {
294 	struct sshbuf *msg;
295 	u_int id;
296 	u_char type;
297 	int r;
298 	static Attrib a;
299 
300 	if ((msg = sshbuf_new()) == NULL)
301 		fatal_f("sshbuf_new failed");
302 	get_msg(conn, msg);
303 
304 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
305 	    (r = sshbuf_get_u32(msg, &id)) != 0)
306 		fatal_fr(r, "parse");
307 
308 	debug3("Received stat reply T:%u I:%u", type, id);
309 	if (id != expected_id)
310 		fatal("ID mismatch (%u != %u)", id, expected_id);
311 	if (type == SSH2_FXP_STATUS) {
312 		u_int status;
313 
314 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
315 			fatal_fr(r, "parse status");
316 		if (quiet)
317 			debug("Couldn't stat remote file: %s", fx2txt(status));
318 		else
319 			error("Couldn't stat remote file: %s", fx2txt(status));
320 		sshbuf_free(msg);
321 		return(NULL);
322 	} else if (type != SSH2_FXP_ATTRS) {
323 		fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u",
324 		    SSH2_FXP_ATTRS, type);
325 	}
326 	if ((r = decode_attrib(msg, &a)) != 0) {
327 		error_fr(r, "decode_attrib");
328 		sshbuf_free(msg);
329 		return NULL;
330 	}
331 	sshbuf_free(msg);
332 
333 	return &a;
334 }
335 
336 static int
get_decode_statvfs(struct sftp_conn * conn,struct sftp_statvfs * st,u_int expected_id,int quiet)337 get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st,
338     u_int expected_id, int quiet)
339 {
340 	struct sshbuf *msg;
341 	u_char type;
342 	u_int id;
343 	u_int64_t flag;
344 	int r;
345 
346 	if ((msg = sshbuf_new()) == NULL)
347 		fatal_f("sshbuf_new failed");
348 	get_msg(conn, msg);
349 
350 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
351 	    (r = sshbuf_get_u32(msg, &id)) != 0)
352 		fatal_fr(r, "parse");
353 
354 	debug3("Received statvfs reply T:%u I:%u", type, id);
355 	if (id != expected_id)
356 		fatal("ID mismatch (%u != %u)", id, expected_id);
357 	if (type == SSH2_FXP_STATUS) {
358 		u_int status;
359 
360 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
361 			fatal_fr(r, "parse status");
362 		if (quiet)
363 			debug("Couldn't statvfs: %s", fx2txt(status));
364 		else
365 			error("Couldn't statvfs: %s", fx2txt(status));
366 		sshbuf_free(msg);
367 		return -1;
368 	} else if (type != SSH2_FXP_EXTENDED_REPLY) {
369 		fatal("Expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u",
370 		    SSH2_FXP_EXTENDED_REPLY, type);
371 	}
372 
373 	memset(st, 0, sizeof(*st));
374 	if ((r = sshbuf_get_u64(msg, &st->f_bsize)) != 0 ||
375 	    (r = sshbuf_get_u64(msg, &st->f_frsize)) != 0 ||
376 	    (r = sshbuf_get_u64(msg, &st->f_blocks)) != 0 ||
377 	    (r = sshbuf_get_u64(msg, &st->f_bfree)) != 0 ||
378 	    (r = sshbuf_get_u64(msg, &st->f_bavail)) != 0 ||
379 	    (r = sshbuf_get_u64(msg, &st->f_files)) != 0 ||
380 	    (r = sshbuf_get_u64(msg, &st->f_ffree)) != 0 ||
381 	    (r = sshbuf_get_u64(msg, &st->f_favail)) != 0 ||
382 	    (r = sshbuf_get_u64(msg, &st->f_fsid)) != 0 ||
383 	    (r = sshbuf_get_u64(msg, &flag)) != 0 ||
384 	    (r = sshbuf_get_u64(msg, &st->f_namemax)) != 0)
385 		fatal_fr(r, "parse statvfs");
386 
387 	st->f_flag = (flag & SSH2_FXE_STATVFS_ST_RDONLY) ? ST_RDONLY : 0;
388 	st->f_flag |= (flag & SSH2_FXE_STATVFS_ST_NOSUID) ? ST_NOSUID : 0;
389 
390 	sshbuf_free(msg);
391 
392 	return 0;
393 }
394 
395 struct sftp_conn *
do_init(int fd_in,int fd_out,u_int transfer_buflen,u_int num_requests,u_int64_t limit_kbps)396 do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests,
397     u_int64_t limit_kbps)
398 {
399 	u_char type;
400 	struct sshbuf *msg;
401 	struct sftp_conn *ret;
402 	int r;
403 
404 	ret = xcalloc(1, sizeof(*ret));
405 	ret->msg_id = 1;
406 	ret->fd_in = fd_in;
407 	ret->fd_out = fd_out;
408 	ret->transfer_buflen = transfer_buflen;
409 	ret->num_requests = num_requests;
410 	ret->exts = 0;
411 	ret->limit_kbps = 0;
412 
413 	if ((msg = sshbuf_new()) == NULL)
414 		fatal_f("sshbuf_new failed");
415 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_INIT)) != 0 ||
416 	    (r = sshbuf_put_u32(msg, SSH2_FILEXFER_VERSION)) != 0)
417 		fatal_fr(r, "parse");
418 
419 	send_msg(ret, msg);
420 
421 	sshbuf_reset(msg);
422 
423 	get_msg_extended(ret, msg, 1);
424 
425 	/* Expecting a VERSION reply */
426 	if ((r = sshbuf_get_u8(msg, &type)) != 0)
427 		fatal_fr(r, "parse type");
428 	if (type != SSH2_FXP_VERSION) {
429 		error("Invalid packet back from SSH2_FXP_INIT (type %u)",
430 		    type);
431 		sshbuf_free(msg);
432 		free(ret);
433 		return(NULL);
434 	}
435 	if ((r = sshbuf_get_u32(msg, &ret->version)) != 0)
436 		fatal_fr(r, "parse version");
437 
438 	debug2("Remote version: %u", ret->version);
439 
440 	/* Check for extensions */
441 	while (sshbuf_len(msg) > 0) {
442 		char *name;
443 		u_char *value;
444 		size_t vlen;
445 		int known = 0;
446 
447 		if ((r = sshbuf_get_cstring(msg, &name, NULL)) != 0 ||
448 		    (r = sshbuf_get_string(msg, &value, &vlen)) != 0)
449 			fatal_fr(r, "parse extension");
450 		if (strcmp(name, "posix-rename@openssh.com") == 0 &&
451 		    strcmp((char *)value, "1") == 0) {
452 			ret->exts |= SFTP_EXT_POSIX_RENAME;
453 			known = 1;
454 		} else if (strcmp(name, "statvfs@openssh.com") == 0 &&
455 		    strcmp((char *)value, "2") == 0) {
456 			ret->exts |= SFTP_EXT_STATVFS;
457 			known = 1;
458 		} else if (strcmp(name, "fstatvfs@openssh.com") == 0 &&
459 		    strcmp((char *)value, "2") == 0) {
460 			ret->exts |= SFTP_EXT_FSTATVFS;
461 			known = 1;
462 		} else if (strcmp(name, "hardlink@openssh.com") == 0 &&
463 		    strcmp((char *)value, "1") == 0) {
464 			ret->exts |= SFTP_EXT_HARDLINK;
465 			known = 1;
466 		} else if (strcmp(name, "fsync@openssh.com") == 0 &&
467 		    strcmp((char *)value, "1") == 0) {
468 			ret->exts |= SFTP_EXT_FSYNC;
469 			known = 1;
470 		} else if (strcmp(name, "lsetstat@openssh.com") == 0 &&
471 		    strcmp((char *)value, "1") == 0) {
472 			ret->exts |= SFTP_EXT_LSETSTAT;
473 			known = 1;
474 		}
475 		if (known) {
476 			debug2("Server supports extension \"%s\" revision %s",
477 			    name, value);
478 		} else {
479 			debug2("Unrecognised server extension \"%s\"", name);
480 		}
481 		free(name);
482 		free(value);
483 	}
484 
485 	sshbuf_free(msg);
486 
487 	/* Some filexfer v.0 servers don't support large packets */
488 	if (ret->version == 0)
489 		ret->transfer_buflen = MINIMUM(ret->transfer_buflen, 20480);
490 
491 	ret->limit_kbps = limit_kbps;
492 	if (ret->limit_kbps > 0) {
493 		bandwidth_limit_init(&ret->bwlimit_in, ret->limit_kbps,
494 		    ret->transfer_buflen);
495 		bandwidth_limit_init(&ret->bwlimit_out, ret->limit_kbps,
496 		    ret->transfer_buflen);
497 	}
498 
499 	return ret;
500 }
501 
502 u_int
sftp_proto_version(struct sftp_conn * conn)503 sftp_proto_version(struct sftp_conn *conn)
504 {
505 	return conn->version;
506 }
507 
508 int
do_close(struct sftp_conn * conn,const u_char * handle,u_int handle_len)509 do_close(struct sftp_conn *conn, const u_char *handle, u_int handle_len)
510 {
511 	u_int id, status;
512 	struct sshbuf *msg;
513 	int r;
514 
515 	if ((msg = sshbuf_new()) == NULL)
516 		fatal_f("sshbuf_new failed");
517 
518 	id = conn->msg_id++;
519 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_CLOSE)) != 0 ||
520 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
521 	    (r = sshbuf_put_string(msg, handle, handle_len)) != 0)
522 		fatal_fr(r, "parse");
523 	send_msg(conn, msg);
524 	debug3("Sent message SSH2_FXP_CLOSE I:%u", id);
525 
526 	status = get_status(conn, id);
527 	if (status != SSH2_FX_OK)
528 		error("Couldn't close file: %s", fx2txt(status));
529 
530 	sshbuf_free(msg);
531 
532 	return status == SSH2_FX_OK ? 0 : -1;
533 }
534 
535 
536 static int
do_lsreaddir(struct sftp_conn * conn,const char * path,int print_flag,SFTP_DIRENT *** dir)537 do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag,
538     SFTP_DIRENT ***dir)
539 {
540 	struct sshbuf *msg;
541 	u_int count, id, i, expected_id, ents = 0;
542 	size_t handle_len;
543 	u_char type, *handle;
544 	int status = SSH2_FX_FAILURE;
545 	int r;
546 
547 	if (dir)
548 		*dir = NULL;
549 
550 	id = conn->msg_id++;
551 
552 	if ((msg = sshbuf_new()) == NULL)
553 		fatal_f("sshbuf_new failed");
554 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPENDIR)) != 0 ||
555 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
556 	    (r = sshbuf_put_cstring(msg, path)) != 0)
557 		fatal_fr(r, "compose OPENDIR");
558 	send_msg(conn, msg);
559 
560 	handle = get_handle(conn, id, &handle_len,
561 	    "remote readdir(\"%s\")", path);
562 	if (handle == NULL) {
563 		sshbuf_free(msg);
564 		return -1;
565 	}
566 
567 	if (dir) {
568 		ents = 0;
569 		*dir = xcalloc(1, sizeof(**dir));
570 		(*dir)[0] = NULL;
571 	}
572 
573 	for (; !interrupted;) {
574 		id = expected_id = conn->msg_id++;
575 
576 		debug3("Sending SSH2_FXP_READDIR I:%u", id);
577 
578 		sshbuf_reset(msg);
579 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_READDIR)) != 0 ||
580 		    (r = sshbuf_put_u32(msg, id)) != 0 ||
581 		    (r = sshbuf_put_string(msg, handle, handle_len)) != 0)
582 			fatal_fr(r, "compose READDIR");
583 		send_msg(conn, msg);
584 
585 		sshbuf_reset(msg);
586 
587 		get_msg(conn, msg);
588 
589 		if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
590 		    (r = sshbuf_get_u32(msg, &id)) != 0)
591 			fatal_fr(r, "parse");
592 
593 		debug3("Received reply T:%u I:%u", type, id);
594 
595 		if (id != expected_id)
596 			fatal("ID mismatch (%u != %u)", id, expected_id);
597 
598 		if (type == SSH2_FXP_STATUS) {
599 			u_int rstatus;
600 
601 			if ((r = sshbuf_get_u32(msg, &rstatus)) != 0)
602 				fatal_fr(r, "parse status");
603 			debug3("Received SSH2_FXP_STATUS %d", rstatus);
604 			if (rstatus == SSH2_FX_EOF)
605 				break;
606 			error("Couldn't read directory: %s", fx2txt(rstatus));
607 			goto out;
608 		} else if (type != SSH2_FXP_NAME)
609 			fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
610 			    SSH2_FXP_NAME, type);
611 
612 		if ((r = sshbuf_get_u32(msg, &count)) != 0)
613 			fatal_fr(r, "parse count");
614 		if (count > SSHBUF_SIZE_MAX)
615 			fatal_f("nonsensical number of entries");
616 		if (count == 0)
617 			break;
618 		debug3("Received %d SSH2_FXP_NAME responses", count);
619 		for (i = 0; i < count; i++) {
620 			char *filename, *longname;
621 			Attrib a;
622 
623 			if ((r = sshbuf_get_cstring(msg, &filename,
624 			    NULL)) != 0 ||
625 			    (r = sshbuf_get_cstring(msg, &longname,
626 			    NULL)) != 0)
627 				fatal_fr(r, "parse filenames");
628 			if ((r = decode_attrib(msg, &a)) != 0) {
629 				error_fr(r, "couldn't decode attrib");
630 				free(filename);
631 				free(longname);
632 				goto out;
633 			}
634 
635 			if (print_flag)
636 				mprintf("%s\n", longname);
637 
638 			/*
639 			 * Directory entries should never contain '/'
640 			 * These can be used to attack recursive ops
641 			 * (e.g. send '../../../../etc/passwd')
642 			 */
643 			if (strpbrk(filename, SFTP_DIRECTORY_CHARS) != NULL) {
644 				error("Server sent suspect path \"%s\" "
645 				    "during readdir of \"%s\"", filename, path);
646 			} else if (dir) {
647 				*dir = xreallocarray(*dir, ents + 2, sizeof(**dir));
648 				(*dir)[ents] = xcalloc(1, sizeof(***dir));
649 				(*dir)[ents]->filename = xstrdup(filename);
650 				(*dir)[ents]->longname = xstrdup(longname);
651 				memcpy(&(*dir)[ents]->a, &a, sizeof(a));
652 				(*dir)[++ents] = NULL;
653 			}
654 			free(filename);
655 			free(longname);
656 		}
657 	}
658 	status = 0;
659 
660  out:
661 	sshbuf_free(msg);
662 	do_close(conn, handle, handle_len);
663 	free(handle);
664 
665 	if (status != 0 && dir != NULL) {
666 		/* Don't return results on error */
667 		free_sftp_dirents(*dir);
668 		*dir = NULL;
669 	} else if (interrupted && dir != NULL && *dir != NULL) {
670 		/* Don't return partial matches on interrupt */
671 		free_sftp_dirents(*dir);
672 		*dir = xcalloc(1, sizeof(**dir));
673 		**dir = NULL;
674 	}
675 
676 	return status == SSH2_FX_OK ? 0 : -1;
677 }
678 
679 int
do_readdir(struct sftp_conn * conn,const char * path,SFTP_DIRENT *** dir)680 do_readdir(struct sftp_conn *conn, const char *path, SFTP_DIRENT ***dir)
681 {
682 	return(do_lsreaddir(conn, path, 0, dir));
683 }
684 
free_sftp_dirents(SFTP_DIRENT ** s)685 void free_sftp_dirents(SFTP_DIRENT **s)
686 {
687 	int i;
688 
689 	if (s == NULL)
690 		return;
691 	for (i = 0; s[i]; i++) {
692 		free(s[i]->filename);
693 		free(s[i]->longname);
694 		free(s[i]);
695 	}
696 	free(s);
697 }
698 
699 int
do_rm(struct sftp_conn * conn,const char * path)700 do_rm(struct sftp_conn *conn, const char *path)
701 {
702 	u_int status, id;
703 
704 	debug2("Sending SSH2_FXP_REMOVE \"%s\"", path);
705 
706 	id = conn->msg_id++;
707 	send_string_request(conn, id, SSH2_FXP_REMOVE, path, strlen(path));
708 	status = get_status(conn, id);
709 	if (status != SSH2_FX_OK)
710 		error("Couldn't delete file: %s", fx2txt(status));
711 	return status == SSH2_FX_OK ? 0 : -1;
712 }
713 
714 int
do_mkdir(struct sftp_conn * conn,const char * path,Attrib * a,int print_flag)715 do_mkdir(struct sftp_conn *conn, const char *path, Attrib *a, int print_flag)
716 {
717 	u_int status, id;
718 
719 	id = conn->msg_id++;
720 	send_string_attrs_request(conn, id, SSH2_FXP_MKDIR, path,
721 	    strlen(path), a);
722 
723 	status = get_status(conn, id);
724 	if (status != SSH2_FX_OK && print_flag)
725 		error("Couldn't create directory: %s", fx2txt(status));
726 
727 	return status == SSH2_FX_OK ? 0 : -1;
728 }
729 
730 int
do_rmdir(struct sftp_conn * conn,const char * path)731 do_rmdir(struct sftp_conn *conn, const char *path)
732 {
733 	u_int status, id;
734 
735 	id = conn->msg_id++;
736 	send_string_request(conn, id, SSH2_FXP_RMDIR, path,
737 	    strlen(path));
738 
739 	status = get_status(conn, id);
740 	if (status != SSH2_FX_OK)
741 		error("Couldn't remove directory: %s", fx2txt(status));
742 
743 	return status == SSH2_FX_OK ? 0 : -1;
744 }
745 
746 Attrib *
do_stat(struct sftp_conn * conn,const char * path,int quiet)747 do_stat(struct sftp_conn *conn, const char *path, int quiet)
748 {
749 	u_int id;
750 
751 	id = conn->msg_id++;
752 
753 	send_string_request(conn, id,
754 	    conn->version == 0 ? SSH2_FXP_STAT_VERSION_0 : SSH2_FXP_STAT,
755 	    path, strlen(path));
756 
757 	return(get_decode_stat(conn, id, quiet));
758 }
759 
760 Attrib *
do_lstat(struct sftp_conn * conn,const char * path,int quiet)761 do_lstat(struct sftp_conn *conn, const char *path, int quiet)
762 {
763 	u_int id;
764 
765 	if (conn->version == 0) {
766 		if (quiet)
767 			debug("Server version does not support lstat operation");
768 		else
769 			logit("Server version does not support lstat operation");
770 		return(do_stat(conn, path, quiet));
771 	}
772 
773 	id = conn->msg_id++;
774 	send_string_request(conn, id, SSH2_FXP_LSTAT, path,
775 	    strlen(path));
776 
777 	return(get_decode_stat(conn, id, quiet));
778 }
779 
780 #ifdef notyet
781 Attrib *
do_fstat(struct sftp_conn * conn,const u_char * handle,u_int handle_len,int quiet)782 do_fstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
783     int quiet)
784 {
785 	u_int id;
786 
787 	id = conn->msg_id++;
788 	send_string_request(conn, id, SSH2_FXP_FSTAT, handle,
789 	    handle_len);
790 
791 	return(get_decode_stat(conn, id, quiet));
792 }
793 #endif
794 
795 int
do_setstat(struct sftp_conn * conn,const char * path,Attrib * a)796 do_setstat(struct sftp_conn *conn, const char *path, Attrib *a)
797 {
798 	u_int status, id;
799 
800 	id = conn->msg_id++;
801 	send_string_attrs_request(conn, id, SSH2_FXP_SETSTAT, path,
802 	    strlen(path), a);
803 
804 	status = get_status(conn, id);
805 	if (status != SSH2_FX_OK)
806 		error("Couldn't setstat on \"%s\": %s", path,
807 		    fx2txt(status));
808 
809 	return status == SSH2_FX_OK ? 0 : -1;
810 }
811 
812 int
do_fsetstat(struct sftp_conn * conn,const u_char * handle,u_int handle_len,Attrib * a)813 do_fsetstat(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
814     Attrib *a)
815 {
816 	u_int status, id;
817 
818 	id = conn->msg_id++;
819 	send_string_attrs_request(conn, id, SSH2_FXP_FSETSTAT, handle,
820 	    handle_len, a);
821 
822 	status = get_status(conn, id);
823 	if (status != SSH2_FX_OK)
824 		error("Couldn't fsetstat: %s", fx2txt(status));
825 
826 	return status == SSH2_FX_OK ? 0 : -1;
827 }
828 
829 char *
do_realpath(struct sftp_conn * conn,const char * path)830 do_realpath(struct sftp_conn *conn, const char *path)
831 {
832 	struct sshbuf *msg;
833 	u_int expected_id, count, id;
834 	char *filename, *longname;
835 	Attrib a;
836 	u_char type;
837 	int r;
838 
839 	expected_id = id = conn->msg_id++;
840 	send_string_request(conn, id, SSH2_FXP_REALPATH, path,
841 	    strlen(path));
842 
843 	if ((msg = sshbuf_new()) == NULL)
844 		fatal_f("sshbuf_new failed");
845 
846 	get_msg(conn, msg);
847 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
848 	    (r = sshbuf_get_u32(msg, &id)) != 0)
849 		fatal_fr(r, "parse");
850 
851 	if (id != expected_id)
852 		fatal("ID mismatch (%u != %u)", id, expected_id);
853 
854 	if (type == SSH2_FXP_STATUS) {
855 		u_int status;
856 
857 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
858 			fatal_fr(r, "parse status");
859 		error("Couldn't canonicalize: %s", fx2txt(status));
860 		sshbuf_free(msg);
861 		return NULL;
862 	} else if (type != SSH2_FXP_NAME)
863 		fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
864 		    SSH2_FXP_NAME, type);
865 
866 	if ((r = sshbuf_get_u32(msg, &count)) != 0)
867 		fatal_fr(r, "parse count");
868 	if (count != 1)
869 		fatal("Got multiple names (%d) from SSH_FXP_REALPATH", count);
870 
871 	if ((r = sshbuf_get_cstring(msg, &filename, NULL)) != 0 ||
872 	    (r = sshbuf_get_cstring(msg, &longname, NULL)) != 0 ||
873 	    (r = decode_attrib(msg, &a)) != 0)
874 		fatal_fr(r, "parse filename/attrib");
875 
876 	debug3("SSH_FXP_REALPATH %s -> %s size %lu", path, filename,
877 	    (unsigned long)a.size);
878 
879 	free(longname);
880 
881 	sshbuf_free(msg);
882 
883 	return(filename);
884 }
885 
886 int
do_rename(struct sftp_conn * conn,const char * oldpath,const char * newpath,int force_legacy)887 do_rename(struct sftp_conn *conn, const char *oldpath, const char *newpath,
888     int force_legacy)
889 {
890 	struct sshbuf *msg;
891 	u_int status, id;
892 	int r, use_ext = (conn->exts & SFTP_EXT_POSIX_RENAME) && !force_legacy;
893 
894 	if ((msg = sshbuf_new()) == NULL)
895 		fatal_f("sshbuf_new failed");
896 
897 	/* Send rename request */
898 	id = conn->msg_id++;
899 	if (use_ext) {
900 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
901 		    (r = sshbuf_put_u32(msg, id)) != 0 ||
902 		    (r = sshbuf_put_cstring(msg,
903 		    "posix-rename@openssh.com")) != 0)
904 			fatal_fr(r, "compose posix-rename");
905 	} else {
906 		if ((r = sshbuf_put_u8(msg, SSH2_FXP_RENAME)) != 0 ||
907 		    (r = sshbuf_put_u32(msg, id)) != 0)
908 			fatal_fr(r, "compose rename");
909 	}
910 	if ((r = sshbuf_put_cstring(msg, oldpath)) != 0 ||
911 	    (r = sshbuf_put_cstring(msg, newpath)) != 0)
912 		fatal_fr(r, "compose paths");
913 	send_msg(conn, msg);
914 	debug3("Sent message %s \"%s\" -> \"%s\"",
915 	    use_ext ? "posix-rename@openssh.com" :
916 	    "SSH2_FXP_RENAME", oldpath, newpath);
917 	sshbuf_free(msg);
918 
919 	status = get_status(conn, id);
920 	if (status != SSH2_FX_OK)
921 		error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath,
922 		    newpath, fx2txt(status));
923 
924 	return status == SSH2_FX_OK ? 0 : -1;
925 }
926 
927 int
do_hardlink(struct sftp_conn * conn,const char * oldpath,const char * newpath)928 do_hardlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
929 {
930 	struct sshbuf *msg;
931 	u_int status, id;
932 	int r;
933 
934 	if ((conn->exts & SFTP_EXT_HARDLINK) == 0) {
935 		error("Server does not support hardlink@openssh.com extension");
936 		return -1;
937 	}
938 
939 	if ((msg = sshbuf_new()) == NULL)
940 		fatal_f("sshbuf_new failed");
941 
942 	/* Send link request */
943 	id = conn->msg_id++;
944 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
945 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
946 	    (r = sshbuf_put_cstring(msg, "hardlink@openssh.com")) != 0 ||
947 	    (r = sshbuf_put_cstring(msg, oldpath)) != 0 ||
948 	    (r = sshbuf_put_cstring(msg, newpath)) != 0)
949 		fatal_fr(r, "compose");
950 	send_msg(conn, msg);
951 	debug3("Sent message hardlink@openssh.com \"%s\" -> \"%s\"",
952 	       oldpath, newpath);
953 	sshbuf_free(msg);
954 
955 	status = get_status(conn, id);
956 	if (status != SSH2_FX_OK)
957 		error("Couldn't link file \"%s\" to \"%s\": %s", oldpath,
958 		    newpath, fx2txt(status));
959 
960 	return status == SSH2_FX_OK ? 0 : -1;
961 }
962 
963 int
do_symlink(struct sftp_conn * conn,const char * oldpath,const char * newpath)964 do_symlink(struct sftp_conn *conn, const char *oldpath, const char *newpath)
965 {
966 	struct sshbuf *msg;
967 	u_int status, id;
968 	int r;
969 
970 	if (conn->version < 3) {
971 		error("This server does not support the symlink operation");
972 		return(SSH2_FX_OP_UNSUPPORTED);
973 	}
974 
975 	if ((msg = sshbuf_new()) == NULL)
976 		fatal_f("sshbuf_new failed");
977 
978 	/* Send symlink request */
979 	id = conn->msg_id++;
980 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_SYMLINK)) != 0 ||
981 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
982 	    (r = sshbuf_put_cstring(msg, oldpath)) != 0 ||
983 	    (r = sshbuf_put_cstring(msg, newpath)) != 0)
984 		fatal_fr(r, "compose");
985 	send_msg(conn, msg);
986 	debug3("Sent message SSH2_FXP_SYMLINK \"%s\" -> \"%s\"", oldpath,
987 	    newpath);
988 	sshbuf_free(msg);
989 
990 	status = get_status(conn, id);
991 	if (status != SSH2_FX_OK)
992 		error("Couldn't symlink file \"%s\" to \"%s\": %s", oldpath,
993 		    newpath, fx2txt(status));
994 
995 	return status == SSH2_FX_OK ? 0 : -1;
996 }
997 
998 int
do_fsync(struct sftp_conn * conn,u_char * handle,u_int handle_len)999 do_fsync(struct sftp_conn *conn, u_char *handle, u_int handle_len)
1000 {
1001 	struct sshbuf *msg;
1002 	u_int status, id;
1003 	int r;
1004 
1005 	/* Silently return if the extension is not supported */
1006 	if ((conn->exts & SFTP_EXT_FSYNC) == 0)
1007 		return -1;
1008 
1009 	/* Send fsync request */
1010 	if ((msg = sshbuf_new()) == NULL)
1011 		fatal_f("sshbuf_new failed");
1012 	id = conn->msg_id++;
1013 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
1014 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1015 	    (r = sshbuf_put_cstring(msg, "fsync@openssh.com")) != 0 ||
1016 	    (r = sshbuf_put_string(msg, handle, handle_len)) != 0)
1017 		fatal_fr(r, "compose");
1018 	send_msg(conn, msg);
1019 	debug3("Sent message fsync@openssh.com I:%u", id);
1020 	sshbuf_free(msg);
1021 
1022 	status = get_status(conn, id);
1023 	if (status != SSH2_FX_OK)
1024 		error("Couldn't sync file: %s", fx2txt(status));
1025 
1026 	return status == SSH2_FX_OK ? 0 : -1;
1027 }
1028 
1029 #ifdef notyet
1030 char *
do_readlink(struct sftp_conn * conn,const char * path)1031 do_readlink(struct sftp_conn *conn, const char *path)
1032 {
1033 	struct sshbuf *msg;
1034 	u_int expected_id, count, id;
1035 	char *filename, *longname;
1036 	Attrib a;
1037 	u_char type;
1038 	int r;
1039 
1040 	expected_id = id = conn->msg_id++;
1041 	send_string_request(conn, id, SSH2_FXP_READLINK, path, strlen(path));
1042 
1043 	if ((msg = sshbuf_new()) == NULL)
1044 		fatal_f("sshbuf_new failed");
1045 
1046 	get_msg(conn, msg);
1047 	if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
1048 	    (r = sshbuf_get_u32(msg, &id)) != 0)
1049 		fatal_fr(r, "parse");
1050 
1051 	if (id != expected_id)
1052 		fatal("ID mismatch (%u != %u)", id, expected_id);
1053 
1054 	if (type == SSH2_FXP_STATUS) {
1055 		u_int status;
1056 
1057 		if ((r = sshbuf_get_u32(msg, &status)) != 0)
1058 			fatal_fr(r, "parse status");
1059 		error("Couldn't readlink: %s", fx2txt(status));
1060 		sshbuf_free(msg);
1061 		return(NULL);
1062 	} else if (type != SSH2_FXP_NAME)
1063 		fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
1064 		    SSH2_FXP_NAME, type);
1065 
1066 	if ((r = sshbuf_get_u32(msg, &count)) != 0)
1067 		fatal_fr(r, "parse count");
1068 	if (count != 1)
1069 		fatal("Got multiple names (%d) from SSH_FXP_READLINK", count);
1070 
1071 	if ((r = sshbuf_get_cstring(msg, &filename, NULL)) != 0 ||
1072 	    (r = sshbuf_get_cstring(msg, &longname, NULL)) != 0 ||
1073 	    (r = decode_attrib(msg, &a)) != 0)
1074 		fatal_fr(r, "parse filenames/attrib");
1075 
1076 	debug3("SSH_FXP_READLINK %s -> %s", path, filename);
1077 
1078 	free(longname);
1079 
1080 	sshbuf_free(msg);
1081 
1082 	return filename;
1083 }
1084 #endif
1085 
1086 int
do_statvfs(struct sftp_conn * conn,const char * path,struct sftp_statvfs * st,int quiet)1087 do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st,
1088     int quiet)
1089 {
1090 	struct sshbuf *msg;
1091 	u_int id;
1092 	int r;
1093 
1094 	if ((conn->exts & SFTP_EXT_STATVFS) == 0) {
1095 		error("Server does not support statvfs@openssh.com extension");
1096 		return -1;
1097 	}
1098 
1099 	id = conn->msg_id++;
1100 
1101 	if ((msg = sshbuf_new()) == NULL)
1102 		fatal_f("sshbuf_new failed");
1103 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
1104 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1105 	    (r = sshbuf_put_cstring(msg, "statvfs@openssh.com")) != 0 ||
1106 	    (r = sshbuf_put_cstring(msg, path)) != 0)
1107 		fatal_fr(r, "compose");
1108 	send_msg(conn, msg);
1109 	sshbuf_free(msg);
1110 
1111 	return get_decode_statvfs(conn, st, id, quiet);
1112 }
1113 
1114 #ifdef notyet
1115 int
do_fstatvfs(struct sftp_conn * conn,const u_char * handle,u_int handle_len,struct sftp_statvfs * st,int quiet)1116 do_fstatvfs(struct sftp_conn *conn, const u_char *handle, u_int handle_len,
1117     struct sftp_statvfs *st, int quiet)
1118 {
1119 	struct sshbuf *msg;
1120 	u_int id;
1121 
1122 	if ((conn->exts & SFTP_EXT_FSTATVFS) == 0) {
1123 		error("Server does not support fstatvfs@openssh.com extension");
1124 		return -1;
1125 	}
1126 
1127 	id = conn->msg_id++;
1128 
1129 	if ((msg = sshbuf_new()) == NULL)
1130 		fatal_f("sshbuf_new failed");
1131 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
1132 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1133 	    (r = sshbuf_put_cstring(msg, "fstatvfs@openssh.com")) != 0 ||
1134 	    (r = sshbuf_put_string(msg, handle, handle_len)) != 0)
1135 		fatal_fr(r, "compose");
1136 	send_msg(conn, msg);
1137 	sshbuf_free(msg);
1138 
1139 	return get_decode_statvfs(conn, st, id, quiet);
1140 }
1141 #endif
1142 
1143 int
do_lsetstat(struct sftp_conn * conn,const char * path,Attrib * a)1144 do_lsetstat(struct sftp_conn *conn, const char *path, Attrib *a)
1145 {
1146 	struct sshbuf *msg;
1147 	u_int status, id;
1148 	int r;
1149 
1150 	if ((conn->exts & SFTP_EXT_LSETSTAT) == 0) {
1151 		error("Server does not support lsetstat@openssh.com extension");
1152 		return -1;
1153 	}
1154 
1155 	id = conn->msg_id++;
1156 	if ((msg = sshbuf_new()) == NULL)
1157 		fatal_f("sshbuf_new failed");
1158 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_EXTENDED)) != 0 ||
1159 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1160 	    (r = sshbuf_put_cstring(msg, "lsetstat@openssh.com")) != 0 ||
1161 	    (r = sshbuf_put_cstring(msg, path)) != 0 ||
1162 	    (r = encode_attrib(msg, a)) != 0)
1163 		fatal_fr(r, "compose");
1164 	send_msg(conn, msg);
1165 	sshbuf_free(msg);
1166 
1167 	status = get_status(conn, id);
1168 	if (status != SSH2_FX_OK)
1169 		error("Couldn't setstat on \"%s\": %s", path,
1170 		    fx2txt(status));
1171 
1172 	return status == SSH2_FX_OK ? 0 : -1;
1173 }
1174 
1175 static void
send_read_request(struct sftp_conn * conn,u_int id,u_int64_t offset,u_int len,const u_char * handle,u_int handle_len)1176 send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset,
1177     u_int len, const u_char *handle, u_int handle_len)
1178 {
1179 	struct sshbuf *msg;
1180 	int r;
1181 
1182 	if ((msg = sshbuf_new()) == NULL)
1183 		fatal_f("sshbuf_new failed");
1184 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_READ)) != 0 ||
1185 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1186 	    (r = sshbuf_put_string(msg, handle, handle_len)) != 0 ||
1187 	    (r = sshbuf_put_u64(msg, offset)) != 0 ||
1188 	    (r = sshbuf_put_u32(msg, len)) != 0)
1189 		fatal_fr(r, "compose");
1190 	send_msg(conn, msg);
1191 	sshbuf_free(msg);
1192 }
1193 
1194 int
do_download(struct sftp_conn * conn,const char * remote_path,const char * local_path,Attrib * a,int preserve_flag,int resume_flag,int fsync_flag)1195 do_download(struct sftp_conn *conn, const char *remote_path,
1196     const char *local_path, Attrib *a, int preserve_flag, int resume_flag,
1197     int fsync_flag)
1198 {
1199 	Attrib junk;
1200 	struct sshbuf *msg;
1201 	u_char *handle;
1202 	int local_fd = -1, write_error;
1203 	int read_error, write_errno, lmodified = 0, reordered = 0, r;
1204 	u_int64_t offset = 0, size, highwater;
1205 	u_int mode, id, buflen, num_req, max_req, status = SSH2_FX_OK;
1206 	off_t progress_counter;
1207 	size_t handle_len;
1208 	struct stat st;
1209 	struct request {
1210 		u_int id;
1211 		size_t len;
1212 		u_int64_t offset;
1213 		TAILQ_ENTRY(request) tq;
1214 	};
1215 	TAILQ_HEAD(reqhead, request) requests;
1216 	struct request *req;
1217 	u_char type;
1218 
1219 	TAILQ_INIT(&requests);
1220 
1221 	if (a == NULL && (a = do_stat(conn, remote_path, 0)) == NULL)
1222 		return -1;
1223 
1224 	/* Do not preserve set[ug]id here, as we do not preserve ownership */
1225 	if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
1226 		mode = a->perm & 0777;
1227 	else
1228 		mode = 0666;
1229 
1230 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
1231 	    (!S_ISREG(a->perm))) {
1232 		error("Cannot download non-regular file: %s", remote_path);
1233 		return(-1);
1234 	}
1235 
1236 	if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
1237 		size = a->size;
1238 	else
1239 		size = 0;
1240 
1241 	buflen = conn->transfer_buflen;
1242 	if ((msg = sshbuf_new()) == NULL)
1243 		fatal_f("sshbuf_new failed");
1244 
1245 	attrib_clear(&junk); /* Send empty attributes */
1246 
1247 	/* Send open request */
1248 	id = conn->msg_id++;
1249 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 ||
1250 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1251 	    (r = sshbuf_put_cstring(msg, remote_path)) != 0 ||
1252 	    (r = sshbuf_put_u32(msg, SSH2_FXF_READ)) != 0 ||
1253 	    (r = encode_attrib(msg, &junk)) != 0)
1254 		fatal_fr(r, "compose");
1255 	send_msg(conn, msg);
1256 	debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
1257 
1258 	handle = get_handle(conn, id, &handle_len,
1259 	    "remote open(\"%s\")", remote_path);
1260 	if (handle == NULL) {
1261 		sshbuf_free(msg);
1262 		return(-1);
1263 	}
1264 
1265 	local_fd = open(local_path,
1266 	    O_WRONLY | O_CREAT | (resume_flag ? 0 : O_TRUNC), mode | S_IWUSR);
1267 	if (local_fd == -1) {
1268 		error("Couldn't open local file \"%s\" for writing: %s",
1269 		    local_path, strerror(errno));
1270 		goto fail;
1271 	}
1272 	offset = highwater = 0;
1273 	if (resume_flag) {
1274 		if (fstat(local_fd, &st) == -1) {
1275 			error("Unable to stat local file \"%s\": %s",
1276 			    local_path, strerror(errno));
1277 			goto fail;
1278 		}
1279 		if (st.st_size < 0) {
1280 			error("\"%s\" has negative size", local_path);
1281 			goto fail;
1282 		}
1283 		if ((u_int64_t)st.st_size > size) {
1284 			error("Unable to resume download of \"%s\": "
1285 			    "local file is larger than remote", local_path);
1286  fail:
1287 			do_close(conn, handle, handle_len);
1288 			sshbuf_free(msg);
1289 			free(handle);
1290 			if (local_fd != -1)
1291 				close(local_fd);
1292 			return -1;
1293 		}
1294 		offset = highwater = st.st_size;
1295 	}
1296 
1297 	/* Read from remote and write to local */
1298 	write_error = read_error = write_errno = num_req = 0;
1299 	max_req = 1;
1300 	progress_counter = offset;
1301 
1302 	if (showprogress && size != 0)
1303 		start_progress_meter(remote_path, size, &progress_counter);
1304 
1305 	while (num_req > 0 || max_req > 0) {
1306 		u_char *data;
1307 		size_t len;
1308 
1309 		/*
1310 		 * Simulate EOF on interrupt: stop sending new requests and
1311 		 * allow outstanding requests to drain gracefully
1312 		 */
1313 		if (interrupted) {
1314 			if (num_req == 0) /* If we haven't started yet... */
1315 				break;
1316 			max_req = 0;
1317 		}
1318 
1319 		/* Send some more requests */
1320 		while (num_req < max_req) {
1321 			debug3("Request range %llu -> %llu (%d/%d)",
1322 			    (unsigned long long)offset,
1323 			    (unsigned long long)offset + buflen - 1,
1324 			    num_req, max_req);
1325 			req = xcalloc(1, sizeof(*req));
1326 			req->id = conn->msg_id++;
1327 			req->len = buflen;
1328 			req->offset = offset;
1329 			offset += buflen;
1330 			num_req++;
1331 			TAILQ_INSERT_TAIL(&requests, req, tq);
1332 			send_read_request(conn, req->id, req->offset,
1333 			    req->len, handle, handle_len);
1334 		}
1335 
1336 		sshbuf_reset(msg);
1337 		get_msg(conn, msg);
1338 		if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
1339 		    (r = sshbuf_get_u32(msg, &id)) != 0)
1340 			fatal_fr(r, "parse");
1341 		debug3("Received reply T:%u I:%u R:%d", type, id, max_req);
1342 
1343 		/* Find the request in our queue */
1344 		for (req = TAILQ_FIRST(&requests);
1345 		    req != NULL && req->id != id;
1346 		    req = TAILQ_NEXT(req, tq))
1347 			;
1348 		if (req == NULL)
1349 			fatal("Unexpected reply %u", id);
1350 
1351 		switch (type) {
1352 		case SSH2_FXP_STATUS:
1353 			if ((r = sshbuf_get_u32(msg, &status)) != 0)
1354 				fatal_fr(r, "parse status");
1355 			if (status != SSH2_FX_EOF)
1356 				read_error = 1;
1357 			max_req = 0;
1358 			TAILQ_REMOVE(&requests, req, tq);
1359 			free(req);
1360 			num_req--;
1361 			break;
1362 		case SSH2_FXP_DATA:
1363 			if ((r = sshbuf_get_string(msg, &data, &len)) != 0)
1364 				fatal_fr(r, "parse data");
1365 			debug3("Received data %llu -> %llu",
1366 			    (unsigned long long)req->offset,
1367 			    (unsigned long long)req->offset + len - 1);
1368 			if (len > req->len)
1369 				fatal("Received more data than asked for "
1370 				    "%zu > %zu", len, req->len);
1371 			lmodified = 1;
1372 			if ((lseek(local_fd, req->offset, SEEK_SET) == -1 ||
1373 			    atomicio(vwrite, local_fd, data, len) != len) &&
1374 			    !write_error) {
1375 				write_errno = errno;
1376 				write_error = 1;
1377 				max_req = 0;
1378 			}
1379 			else if (!reordered && req->offset <= highwater)
1380 				highwater = req->offset + len;
1381 			else if (!reordered && req->offset > highwater)
1382 				reordered = 1;
1383 			progress_counter += len;
1384 			free(data);
1385 
1386 			if (len == req->len) {
1387 				TAILQ_REMOVE(&requests, req, tq);
1388 				free(req);
1389 				num_req--;
1390 			} else {
1391 				/* Resend the request for the missing data */
1392 				debug3("Short data block, re-requesting "
1393 				    "%llu -> %llu (%2d)",
1394 				    (unsigned long long)req->offset + len,
1395 				    (unsigned long long)req->offset +
1396 				    req->len - 1, num_req);
1397 				req->id = conn->msg_id++;
1398 				req->len -= len;
1399 				req->offset += len;
1400 				send_read_request(conn, req->id,
1401 				    req->offset, req->len, handle, handle_len);
1402 				/* Reduce the request size */
1403 				if (len < buflen)
1404 					buflen = MAXIMUM(MIN_READ_SIZE, len);
1405 			}
1406 			if (max_req > 0) { /* max_req = 0 iff EOF received */
1407 				if (size > 0 && offset > size) {
1408 					/* Only one request at a time
1409 					 * after the expected EOF */
1410 					debug3("Finish at %llu (%2d)",
1411 					    (unsigned long long)offset,
1412 					    num_req);
1413 					max_req = 1;
1414 				} else if (max_req < conn->num_requests) {
1415 					++max_req;
1416 				}
1417 			}
1418 			break;
1419 		default:
1420 			fatal("Expected SSH2_FXP_DATA(%u) packet, got %u",
1421 			    SSH2_FXP_DATA, type);
1422 		}
1423 	}
1424 
1425 	if (showprogress && size)
1426 		stop_progress_meter();
1427 
1428 	/* Sanity check */
1429 	if (TAILQ_FIRST(&requests) != NULL)
1430 		fatal("Transfer complete, but requests still in queue");
1431 	/* Truncate at highest contiguous point to avoid holes on interrupt */
1432 	if (read_error || write_error || interrupted) {
1433 		if (reordered && resume_flag) {
1434 			error("Unable to resume download of \"%s\": "
1435 			    "server reordered requests", local_path);
1436 		}
1437 		debug("truncating at %llu", (unsigned long long)highwater);
1438 		if (ftruncate(local_fd, highwater) == -1)
1439 			error("ftruncate \"%s\": %s", local_path,
1440 			    strerror(errno));
1441 	}
1442 	if (read_error) {
1443 		error("Couldn't read from remote file \"%s\" : %s",
1444 		    remote_path, fx2txt(status));
1445 		status = -1;
1446 		do_close(conn, handle, handle_len);
1447 	} else if (write_error) {
1448 		error("Couldn't write to \"%s\": %s", local_path,
1449 		    strerror(write_errno));
1450 		status = SSH2_FX_FAILURE;
1451 		do_close(conn, handle, handle_len);
1452 	} else {
1453 		if (do_close(conn, handle, handle_len) != 0 || interrupted)
1454 			status = SSH2_FX_FAILURE;
1455 		else
1456 			status = SSH2_FX_OK;
1457 		/* Override umask and utimes if asked */
1458 #ifdef HAVE_FCHMOD
1459 		if (preserve_flag && fchmod(local_fd, mode) == -1)
1460 #else
1461 		if (preserve_flag && chmod(local_path, mode) == -1)
1462 #endif /* HAVE_FCHMOD */
1463 			error("Couldn't set mode on \"%s\": %s", local_path,
1464 			    strerror(errno));
1465 		if (preserve_flag &&
1466 		    (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) {
1467 			struct timeval tv[2];
1468 			tv[0].tv_sec = a->atime;
1469 			tv[1].tv_sec = a->mtime;
1470 			tv[0].tv_usec = tv[1].tv_usec = 0;
1471 			if (utimes(local_path, tv) == -1)
1472 				error("Can't set times on \"%s\": %s",
1473 				    local_path, strerror(errno));
1474 		}
1475 		if (resume_flag && !lmodified)
1476 			logit("File \"%s\" was not modified", local_path);
1477 		else if (fsync_flag) {
1478 			debug("syncing \"%s\"", local_path);
1479 			if (fsync(local_fd) == -1)
1480 				error("Couldn't sync file \"%s\": %s",
1481 				    local_path, strerror(errno));
1482 		}
1483 	}
1484 	close(local_fd);
1485 	sshbuf_free(msg);
1486 	free(handle);
1487 
1488 	return status == SSH2_FX_OK ? 0 : -1;
1489 }
1490 
1491 static int
download_dir_internal(struct sftp_conn * conn,const char * src,const char * dst,int depth,Attrib * dirattrib,int preserve_flag,int print_flag,int resume_flag,int fsync_flag)1492 download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1493     int depth, Attrib *dirattrib, int preserve_flag, int print_flag,
1494     int resume_flag, int fsync_flag)
1495 {
1496 	int i, ret = 0;
1497 	SFTP_DIRENT **dir_entries;
1498 	char *filename, *new_src = NULL, *new_dst = NULL;
1499 	mode_t mode = 0777, tmpmode = mode;
1500 
1501 	if (depth >= MAX_DIR_DEPTH) {
1502 		error("Maximum directory depth exceeded: %d levels", depth);
1503 		return -1;
1504 	}
1505 
1506 	if (dirattrib == NULL &&
1507 	    (dirattrib = do_stat(conn, src, 1)) == NULL) {
1508 		error("Unable to stat remote directory \"%s\"", src);
1509 		return -1;
1510 	}
1511 	if (!S_ISDIR(dirattrib->perm)) {
1512 		error("\"%s\" is not a directory", src);
1513 		return -1;
1514 	}
1515 	if (print_flag)
1516 		mprintf("Retrieving %s\n", src);
1517 
1518 	if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
1519 		mode = dirattrib->perm & 01777;
1520 		tmpmode = mode | (S_IWUSR|S_IXUSR);
1521 	} else {
1522 		debug("Server did not send permissions for "
1523 		    "directory \"%s\"", dst);
1524 	}
1525 
1526 	if (mkdir(dst, tmpmode) == -1 && errno != EEXIST) {
1527 		error("mkdir %s: %s", dst, strerror(errno));
1528 		return -1;
1529 	}
1530 
1531 	if (do_readdir(conn, src, &dir_entries) == -1) {
1532 		error("%s: Failed to get directory contents", src);
1533 		return -1;
1534 	}
1535 
1536 	for (i = 0; dir_entries[i] != NULL && !interrupted; i++) {
1537 		free(new_dst);
1538 		free(new_src);
1539 
1540 		filename = dir_entries[i]->filename;
1541 		new_dst = path_append(dst, filename);
1542 		new_src = path_append(src, filename);
1543 
1544 		if (S_ISDIR(dir_entries[i]->a.perm)) {
1545 			if (strcmp(filename, ".") == 0 ||
1546 			    strcmp(filename, "..") == 0)
1547 				continue;
1548 			if (download_dir_internal(conn, new_src, new_dst,
1549 			    depth + 1, &(dir_entries[i]->a), preserve_flag,
1550 			    print_flag, resume_flag, fsync_flag) == -1)
1551 				ret = -1;
1552 		} else if (S_ISREG(dir_entries[i]->a.perm) ) {
1553 			if (do_download(conn, new_src, new_dst,
1554 			    &(dir_entries[i]->a), preserve_flag,
1555 			    resume_flag, fsync_flag) == -1) {
1556 				error("Download of file %s to %s failed",
1557 				    new_src, new_dst);
1558 				ret = -1;
1559 			}
1560 		} else
1561 			logit("%s: not a regular file\n", new_src);
1562 
1563 	}
1564 	free(new_dst);
1565 	free(new_src);
1566 
1567 	if (preserve_flag) {
1568 		if (dirattrib->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
1569 			struct timeval tv[2];
1570 			tv[0].tv_sec = dirattrib->atime;
1571 			tv[1].tv_sec = dirattrib->mtime;
1572 			tv[0].tv_usec = tv[1].tv_usec = 0;
1573 			if (utimes(dst, tv) == -1)
1574 				error("Can't set times on \"%s\": %s",
1575 				    dst, strerror(errno));
1576 		} else
1577 			debug("Server did not send times for directory "
1578 			    "\"%s\"", dst);
1579 	}
1580 
1581 	if (mode != tmpmode && chmod(dst, mode) == -1)
1582 		error("Can't set final mode on \"%s\": %s", dst,
1583 		    strerror(errno));
1584 
1585 	free_sftp_dirents(dir_entries);
1586 
1587 	return ret;
1588 }
1589 
1590 int
download_dir(struct sftp_conn * conn,const char * src,const char * dst,Attrib * dirattrib,int preserve_flag,int print_flag,int resume_flag,int fsync_flag)1591 download_dir(struct sftp_conn *conn, const char *src, const char *dst,
1592     Attrib *dirattrib, int preserve_flag, int print_flag, int resume_flag,
1593     int fsync_flag)
1594 {
1595 	char *src_canon;
1596 	int ret;
1597 
1598 	if ((src_canon = do_realpath(conn, src)) == NULL) {
1599 		error("Unable to canonicalize path \"%s\"", src);
1600 		return -1;
1601 	}
1602 
1603 	ret = download_dir_internal(conn, src_canon, dst, 0,
1604 	    dirattrib, preserve_flag, print_flag, resume_flag, fsync_flag);
1605 	free(src_canon);
1606 	return ret;
1607 }
1608 
1609 int
do_upload(struct sftp_conn * conn,const char * local_path,const char * remote_path,int preserve_flag,int resume,int fsync_flag)1610 do_upload(struct sftp_conn *conn, const char *local_path,
1611     const char *remote_path, int preserve_flag, int resume, int fsync_flag)
1612 {
1613 	int r, local_fd;
1614 	u_int status = SSH2_FX_OK;
1615 	u_int id;
1616 	u_char type;
1617 	off_t offset, progress_counter;
1618 	u_char *handle, *data;
1619 	struct sshbuf *msg;
1620 	struct stat sb;
1621 	Attrib a, *c = NULL;
1622 	u_int32_t startid;
1623 	u_int32_t ackid;
1624 	struct outstanding_ack {
1625 		u_int id;
1626 		u_int len;
1627 		off_t offset;
1628 		TAILQ_ENTRY(outstanding_ack) tq;
1629 	};
1630 	TAILQ_HEAD(ackhead, outstanding_ack) acks;
1631 	struct outstanding_ack *ack = NULL;
1632 	size_t handle_len;
1633 
1634 	TAILQ_INIT(&acks);
1635 
1636 	if ((local_fd = open(local_path, O_RDONLY, 0)) == -1) {
1637 		error("Couldn't open local file \"%s\" for reading: %s",
1638 		    local_path, strerror(errno));
1639 		return(-1);
1640 	}
1641 	if (fstat(local_fd, &sb) == -1) {
1642 		error("Couldn't fstat local file \"%s\": %s",
1643 		    local_path, strerror(errno));
1644 		close(local_fd);
1645 		return(-1);
1646 	}
1647 	if (!S_ISREG(sb.st_mode)) {
1648 		error("%s is not a regular file", local_path);
1649 		close(local_fd);
1650 		return(-1);
1651 	}
1652 	stat_to_attrib(&sb, &a);
1653 
1654 	a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
1655 	a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID;
1656 	a.perm &= 0777;
1657 	if (!preserve_flag)
1658 		a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
1659 
1660 	if (resume) {
1661 		/* Get remote file size if it exists */
1662 		if ((c = do_stat(conn, remote_path, 0)) == NULL) {
1663 			close(local_fd);
1664 			return -1;
1665 		}
1666 
1667 		if ((off_t)c->size >= sb.st_size) {
1668 			error("destination file bigger or same size as "
1669 			      "source file");
1670 			close(local_fd);
1671 			return -1;
1672 		}
1673 
1674 		if (lseek(local_fd, (off_t)c->size, SEEK_SET) == -1) {
1675 			close(local_fd);
1676 			return -1;
1677 		}
1678 	}
1679 
1680 	if ((msg = sshbuf_new()) == NULL)
1681 		fatal_f("sshbuf_new failed");
1682 
1683 	/* Send open request */
1684 	id = conn->msg_id++;
1685 	if ((r = sshbuf_put_u8(msg, SSH2_FXP_OPEN)) != 0 ||
1686 	    (r = sshbuf_put_u32(msg, id)) != 0 ||
1687 	    (r = sshbuf_put_cstring(msg, remote_path)) != 0 ||
1688 	    (r = sshbuf_put_u32(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|
1689 	    (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC))) != 0 ||
1690 	    (r = encode_attrib(msg, &a)) != 0)
1691 		fatal_fr(r, "compose");
1692 	send_msg(conn, msg);
1693 	debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
1694 
1695 	sshbuf_reset(msg);
1696 
1697 	handle = get_handle(conn, id, &handle_len,
1698 	    "remote open(\"%s\")", remote_path);
1699 	if (handle == NULL) {
1700 		close(local_fd);
1701 		sshbuf_free(msg);
1702 		return -1;
1703 	}
1704 
1705 	startid = ackid = id + 1;
1706 	data = xmalloc(conn->transfer_buflen);
1707 
1708 	/* Read from local and write to remote */
1709 	offset = progress_counter = (resume ? c->size : 0);
1710 	if (showprogress)
1711 		start_progress_meter(local_path, sb.st_size,
1712 		    &progress_counter);
1713 
1714 	for (;;) {
1715 		int len;
1716 
1717 		/*
1718 		 * Can't use atomicio here because it returns 0 on EOF,
1719 		 * thus losing the last block of the file.
1720 		 * Simulate an EOF on interrupt, allowing ACKs from the
1721 		 * server to drain.
1722 		 */
1723 		if (interrupted || status != SSH2_FX_OK)
1724 			len = 0;
1725 		else do
1726 			len = read(local_fd, data, conn->transfer_buflen);
1727 		while ((len == -1) &&
1728 		    (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK));
1729 
1730 		if (len == -1)
1731 			fatal("Couldn't read from \"%s\": %s", local_path,
1732 			    strerror(errno));
1733 
1734 		if (len != 0) {
1735 			ack = xcalloc(1, sizeof(*ack));
1736 			ack->id = ++id;
1737 			ack->offset = offset;
1738 			ack->len = len;
1739 			TAILQ_INSERT_TAIL(&acks, ack, tq);
1740 
1741 			sshbuf_reset(msg);
1742 			if ((r = sshbuf_put_u8(msg, SSH2_FXP_WRITE)) != 0 ||
1743 			    (r = sshbuf_put_u32(msg, ack->id)) != 0 ||
1744 			    (r = sshbuf_put_string(msg, handle,
1745 			    handle_len)) != 0 ||
1746 			    (r = sshbuf_put_u64(msg, offset)) != 0 ||
1747 			    (r = sshbuf_put_string(msg, data, len)) != 0)
1748 				fatal_fr(r, "compose");
1749 			send_msg(conn, msg);
1750 			debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%u",
1751 			    id, (unsigned long long)offset, len);
1752 		} else if (TAILQ_FIRST(&acks) == NULL)
1753 			break;
1754 
1755 		if (ack == NULL)
1756 			fatal("Unexpected ACK %u", id);
1757 
1758 		if (id == startid || len == 0 ||
1759 		    id - ackid >= conn->num_requests) {
1760 			u_int rid;
1761 
1762 			sshbuf_reset(msg);
1763 			get_msg(conn, msg);
1764 			if ((r = sshbuf_get_u8(msg, &type)) != 0 ||
1765 			    (r = sshbuf_get_u32(msg, &rid)) != 0)
1766 				fatal_fr(r, "parse");
1767 
1768 			if (type != SSH2_FXP_STATUS)
1769 				fatal("Expected SSH2_FXP_STATUS(%d) packet, "
1770 				    "got %d", SSH2_FXP_STATUS, type);
1771 
1772 			if ((r = sshbuf_get_u32(msg, &status)) != 0)
1773 				fatal_fr(r, "parse status");
1774 			debug3("SSH2_FXP_STATUS %u", status);
1775 
1776 			/* Find the request in our queue */
1777 			for (ack = TAILQ_FIRST(&acks);
1778 			    ack != NULL && ack->id != rid;
1779 			    ack = TAILQ_NEXT(ack, tq))
1780 				;
1781 			if (ack == NULL)
1782 				fatal("Can't find request for ID %u", rid);
1783 			TAILQ_REMOVE(&acks, ack, tq);
1784 			debug3("In write loop, ack for %u %u bytes at %lld",
1785 			    ack->id, ack->len, (long long)ack->offset);
1786 			++ackid;
1787 			progress_counter += ack->len;
1788 			free(ack);
1789 		}
1790 		offset += len;
1791 		if (offset < 0)
1792 			fatal_f("offset < 0");
1793 	}
1794 	sshbuf_free(msg);
1795 
1796 	if (showprogress)
1797 		stop_progress_meter();
1798 	free(data);
1799 
1800 	if (status != SSH2_FX_OK) {
1801 		error("Couldn't write to remote file \"%s\": %s",
1802 		    remote_path, fx2txt(status));
1803 		status = SSH2_FX_FAILURE;
1804 	}
1805 
1806 	if (close(local_fd) == -1) {
1807 		error("Couldn't close local file \"%s\": %s", local_path,
1808 		    strerror(errno));
1809 		status = SSH2_FX_FAILURE;
1810 	}
1811 
1812 	/* Override umask and utimes if asked */
1813 	if (preserve_flag)
1814 		do_fsetstat(conn, handle, handle_len, &a);
1815 
1816 	if (fsync_flag)
1817 		(void)do_fsync(conn, handle, handle_len);
1818 
1819 	if (do_close(conn, handle, handle_len) != 0)
1820 		status = SSH2_FX_FAILURE;
1821 
1822 	free(handle);
1823 
1824 	return status == SSH2_FX_OK ? 0 : -1;
1825 }
1826 
1827 static int
upload_dir_internal(struct sftp_conn * conn,const char * src,const char * dst,int depth,int preserve_flag,int print_flag,int resume,int fsync_flag)1828 upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1829     int depth, int preserve_flag, int print_flag, int resume, int fsync_flag)
1830 {
1831 	int ret = 0;
1832 	DIR *dirp;
1833 	struct dirent *dp;
1834 	char *filename, *new_src = NULL, *new_dst = NULL;
1835 	struct stat sb;
1836 	Attrib a, *dirattrib;
1837 	u_int32_t saved_perm;
1838 
1839 	if (depth >= MAX_DIR_DEPTH) {
1840 		error("Maximum directory depth exceeded: %d levels", depth);
1841 		return -1;
1842 	}
1843 
1844 	if (stat(src, &sb) == -1) {
1845 		error("Couldn't stat directory \"%s\": %s",
1846 		    src, strerror(errno));
1847 		return -1;
1848 	}
1849 	if (!S_ISDIR(sb.st_mode)) {
1850 		error("\"%s\" is not a directory", src);
1851 		return -1;
1852 	}
1853 	if (print_flag)
1854 		mprintf("Entering %s\n", src);
1855 
1856 	attrib_clear(&a);
1857 	stat_to_attrib(&sb, &a);
1858 	a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
1859 	a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID;
1860 	a.perm &= 01777;
1861 	if (!preserve_flag)
1862 		a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
1863 
1864 	/*
1865 	 * sftp lacks a portable status value to match errno EEXIST,
1866 	 * so if we get a failure back then we must check whether
1867 	 * the path already existed and is a directory.  Ensure we can
1868 	 * write to the directory we create for the duration of the transfer.
1869 	 */
1870 	saved_perm = a.perm;
1871 	a.perm |= (S_IWUSR|S_IXUSR);
1872 	if (do_mkdir(conn, dst, &a, 0) != 0) {
1873 		if ((dirattrib = do_stat(conn, dst, 0)) == NULL)
1874 			return -1;
1875 		if (!S_ISDIR(dirattrib->perm)) {
1876 			error("\"%s\" exists but is not a directory", dst);
1877 			return -1;
1878 		}
1879 	}
1880 	a.perm = saved_perm;
1881 
1882 	if ((dirp = opendir(src)) == NULL) {
1883 		error("Failed to open dir \"%s\": %s", src, strerror(errno));
1884 		return -1;
1885 	}
1886 
1887 	while (((dp = readdir(dirp)) != NULL) && !interrupted) {
1888 		if (dp->d_ino == 0)
1889 			continue;
1890 		free(new_dst);
1891 		free(new_src);
1892 		filename = dp->d_name;
1893 		new_dst = path_append(dst, filename);
1894 		new_src = path_append(src, filename);
1895 
1896 		if (lstat(new_src, &sb) == -1) {
1897 			logit("%s: lstat failed: %s", filename,
1898 			    strerror(errno));
1899 			ret = -1;
1900 		} else if (S_ISDIR(sb.st_mode)) {
1901 			if (strcmp(filename, ".") == 0 ||
1902 			    strcmp(filename, "..") == 0)
1903 				continue;
1904 
1905 			if (upload_dir_internal(conn, new_src, new_dst,
1906 			    depth + 1, preserve_flag, print_flag, resume,
1907 			    fsync_flag) == -1)
1908 				ret = -1;
1909 		} else if (S_ISREG(sb.st_mode)) {
1910 			if (do_upload(conn, new_src, new_dst,
1911 			    preserve_flag, resume, fsync_flag) == -1) {
1912 				error("Uploading of file %s to %s failed!",
1913 				    new_src, new_dst);
1914 				ret = -1;
1915 			}
1916 		} else
1917 			logit("%s: not a regular file\n", filename);
1918 	}
1919 	free(new_dst);
1920 	free(new_src);
1921 
1922 	do_setstat(conn, dst, &a);
1923 
1924 	(void) closedir(dirp);
1925 	return ret;
1926 }
1927 
1928 int
upload_dir(struct sftp_conn * conn,const char * src,const char * dst,int preserve_flag,int print_flag,int resume,int fsync_flag)1929 upload_dir(struct sftp_conn *conn, const char *src, const char *dst,
1930     int preserve_flag, int print_flag, int resume, int fsync_flag)
1931 {
1932 	char *dst_canon;
1933 	int ret;
1934 
1935 	if ((dst_canon = do_realpath(conn, dst)) == NULL) {
1936 		error("Unable to canonicalize path \"%s\"", dst);
1937 		return -1;
1938 	}
1939 
1940 	ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag,
1941 	    print_flag, resume, fsync_flag);
1942 
1943 	free(dst_canon);
1944 	return ret;
1945 }
1946 
1947 char *
path_append(const char * p1,const char * p2)1948 path_append(const char *p1, const char *p2)
1949 {
1950 	char *ret;
1951 	size_t len = strlen(p1) + strlen(p2) + 2;
1952 
1953 	ret = xmalloc(len);
1954 	strlcpy(ret, p1, len);
1955 	if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/')
1956 		strlcat(ret, "/", len);
1957 	strlcat(ret, p2, len);
1958 
1959 	return(ret);
1960 }
1961 
1962 char *
make_absolute(char * p,const char * pwd)1963 make_absolute(char *p, const char *pwd)
1964 {
1965 	char *abs_str;
1966 
1967 	/* Derelativise */
1968 	if (p && !path_absolute(p)) {
1969 		abs_str = path_append(pwd, p);
1970 		free(p);
1971 		return(abs_str);
1972 	} else
1973 		return(p);
1974 }
1975 
1976 int
remote_is_dir(struct sftp_conn * conn,const char * path)1977 remote_is_dir(struct sftp_conn *conn, const char *path)
1978 {
1979 	Attrib *a;
1980 
1981 	/* XXX: report errors? */
1982 	if ((a = do_stat(conn, path, 1)) == NULL)
1983 		return(0);
1984 	if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS))
1985 		return(0);
1986 	return(S_ISDIR(a->perm));
1987 }
1988 
1989 
1990 int
local_is_dir(const char * path)1991 local_is_dir(const char *path)
1992 {
1993 	struct stat sb;
1994 
1995 	/* XXX: report errors? */
1996 	if (stat(path, &sb) == -1)
1997 		return(0);
1998 
1999 	return(S_ISDIR(sb.st_mode));
2000 }
2001 
2002 /* Check whether path returned from glob(..., GLOB_MARK, ...) is a directory */
2003 int
globpath_is_dir(const char * pathname)2004 globpath_is_dir(const char *pathname)
2005 {
2006 	size_t l = strlen(pathname);
2007 
2008 	return l > 0 && pathname[l - 1] == '/';
2009 }
2010 
2011