X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/37dfb97a93019ac86cce81f023cd8a33df69b2d8..86916870d36cb70e7ef0ea760e75a6ae8b2d83a5:/scp.c diff --git a/scp.c b/scp.c index 7b5dbe2a..20f97dd7 100644 --- a/scp.c +++ b/scp.c @@ -1,11 +1,15 @@ /* - * scp.c - Scp (Secure Copy) client for PuTTY. - * Joris van Rantwijk, Simon Tatham + * scp.c - Scp (Secure Copy) client for PuTTY. + * Joris van Rantwijk, Simon Tatham * - * This is mainly based on ssh-1.2.26/scp.c by Timo Rinne & Tatu Ylonen. - * They, in turn, used stuff from BSD rcp. - * - * Adaptations to enable connecting a GUI by L. Gunnarsson - Sept 2000 + * This is mainly based on ssh-1.2.26/scp.c by Timo Rinne & Tatu Ylonen. + * They, in turn, used stuff from BSD rcp. + * + * (SGT, 2001-09-10: Joris van Rantwijk assures me that although + * this file as originally submitted was inspired by, and + * _structurally_ based on, ssh-1.2.26's scp.c, there wasn't any + * actual code duplicated, so the above comment shouldn't give rise + * to licensing issues.) */ #include @@ -22,9 +26,6 @@ #include #include #include -/* GUI Adaptation - Sept 2000 */ -#include -#include #define PUTTY_DO_GLOBALS #include "putty.h" @@ -39,36 +40,68 @@ ((*(LONGLONG*)&(ft)) / (LONGLONG) 10000000 - (LONGLONG) 11644473600)) /* GUI Adaptation - Sept 2000 */ + +/* This is just a base value from which the main message numbers are + * derived. */ #define WM_APP_BASE 0x8000 + +/* These two pass a single character value in wParam. They represent + * the visible output from PSCP. */ #define WM_STD_OUT_CHAR ( WM_APP_BASE+400 ) #define WM_STD_ERR_CHAR ( WM_APP_BASE+401 ) + +/* These pass a transfer status update. WM_STATS_CHAR passes a single + * character in wParam, and is called repeatedly to pass the name of + * the file, terminated with "\n". WM_STATS_SIZE passes the size of + * the file being transferred in wParam. WM_STATS_ELAPSED is called + * to pass the elapsed time (in seconds) in wParam, and + * WM_STATS_PERCENT passes the percentage of the transfer which is + * complete, also in wParam. */ #define WM_STATS_CHAR ( WM_APP_BASE+402 ) #define WM_STATS_SIZE ( WM_APP_BASE+403 ) #define WM_STATS_PERCENT ( WM_APP_BASE+404 ) #define WM_STATS_ELAPSED ( WM_APP_BASE+405 ) + +/* These are used at the end of a run to pass an error code in + * wParam: zero means success, nonzero means failure. WM_RET_ERR_CNT + * is used after a copy, and WM_LS_RET_ERR_CNT is used after a file + * list operation. */ #define WM_RET_ERR_CNT ( WM_APP_BASE+406 ) #define WM_LS_RET_ERR_CNT ( WM_APP_BASE+407 ) +/* More transfer status update messages. WM_STATS_DONE passes the + * number of bytes sent so far in wParam. WM_STATS_ETA passes the + * estimated time to completion (in seconds). WM_STATS_RATEBS passes + * the average transfer rate (in bytes per second). */ +#define WM_STATS_DONE ( WM_APP_BASE+408 ) +#define WM_STATS_ETA ( WM_APP_BASE+409 ) +#define WM_STATS_RATEBS ( WM_APP_BASE+410 ) + static int list = 0; static int verbose = 0; static int recursive = 0; static int preserve = 0; static int targetshouldbedirectory = 0; static int statistics = 1; -static int portnumber = 0; static int prev_stats_len = 0; -static char *password = NULL; +static int scp_unsafe_mode = 0; static int errs = 0; /* GUI Adaptation - Sept 2000 */ #define NAME_STR_MAX 2048 static char statname[NAME_STR_MAX + 1]; static unsigned long statsize = 0; +static unsigned long statdone = 0; +static unsigned long stateta = 0; +static unsigned long statratebs = 0; static int statperct = 0; static unsigned long statelapsed = 0; static int gui_mode = 0; static char *gui_hwnd = NULL; static int using_sftp = 0; +static Backend *back; +static void *backhandle; + static void source(char *src); static void rsource(char *src); static void sink(char *targ, char *src); @@ -77,7 +110,9 @@ static void tell_char(FILE * stream, char c); static void tell_str(FILE * stream, char *str); static void tell_user(FILE * stream, char *fmt, ...); static void gui_update_stats(char *name, unsigned long size, - int percentage, unsigned long elapsed); + int percentage, unsigned long elapsed, + unsigned long done, unsigned long eta, + unsigned long ratebs); /* * The maximum amount of queued data we accept before we stop and @@ -85,11 +120,7 @@ static void gui_update_stats(char *name, unsigned long size, */ #define MAX_SCP_BUFSIZE 16384 -void logevent(char *string) -{ -} - -void ldisc_send(char *buf, int len) +void ldisc_send(void *handle, char *buf, int len, int interactive) { /* * This is only here because of the calls to ldisc_send(NULL, @@ -100,122 +131,6 @@ void ldisc_send(char *buf, int len) assert(len == 0); } -void verify_ssh_host_key(char *host, int port, char *keytype, - char *keystr, char *fingerprint) -{ - int ret; - HANDLE hin; - DWORD savemode, i; - - static const char absentmsg[] = - "The server's host key is not cached in the registry. You\n" - "have no guarantee that the server is the computer you\n" - "think it is.\n" - "The server's key fingerprint is:\n" - "%s\n" - "If you trust this host, enter \"y\" to add the key to\n" - "PuTTY's cache and carry on connecting.\n" - "If you want to carry on connecting just once, without\n" - "adding the key to the cache, enter \"n\".\n" - "If you do not trust this host, press Return to abandon the\n" - "connection.\n" - "Store key in cache? (y/n) "; - - static const char wrongmsg[] = - "WARNING - POTENTIAL SECURITY BREACH!\n" - "The server's host key does not match the one PuTTY has\n" - "cached in the registry. This means that either the\n" - "server administrator has changed the host key, or you\n" - "have actually connected to another computer pretending\n" - "to be the server.\n" - "The new key fingerprint is:\n" - "%s\n" - "If you were expecting this change and trust the new key,\n" - "enter \"y\" to update PuTTY's cache and continue connecting.\n" - "If you want to carry on connecting but without updating\n" - "the cache, enter \"n\".\n" - "If you want to abandon the connection completely, press\n" - "Return to cancel. Pressing Return is the ONLY guaranteed\n" - "safe choice.\n" - "Update cached key? (y/n, Return cancels connection) "; - - static const char abandoned[] = "Connection abandoned.\n"; - - char line[32]; - - /* - * Verify the key against the registry. - */ - ret = verify_host_key(host, port, keytype, keystr); - - if (ret == 0) /* success - key matched OK */ - return; - - if (ret == 2) { /* key was different */ - fprintf(stderr, wrongmsg, fingerprint); - fflush(stderr); - } - if (ret == 1) { /* key was absent */ - fprintf(stderr, absentmsg, fingerprint); - fflush(stderr); - } - - hin = GetStdHandle(STD_INPUT_HANDLE); - GetConsoleMode(hin, &savemode); - SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT | - ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT)); - ReadFile(hin, line, sizeof(line) - 1, &i, NULL); - SetConsoleMode(hin, savemode); - - if (line[0] != '\0' && line[0] != '\r' && line[0] != '\n') { - if (line[0] == 'y' || line[0] == 'Y') - store_host_key(host, port, keytype, keystr); - } else { - fprintf(stderr, abandoned); - exit(0); - } -} - -/* - * Ask whether the selected cipher is acceptable (since it was - * below the configured 'warn' threshold). - * cs: 0 = both ways, 1 = client->server, 2 = server->client - */ -void askcipher(char *ciphername, int cs) -{ - HANDLE hin; - DWORD savemode, i; - - static const char msg[] = - "The first %scipher supported by the server is\n" - "%s, which is below the configured warning threshold.\n" - "Continue with connection? (y/n) "; - static const char abandoned[] = "Connection abandoned.\n"; - - char line[32]; - - fprintf(stderr, msg, - (cs == 0) ? "" : - (cs == 1) ? "client-to-server " : - "server-to-client ", - ciphername); - fflush(stderr); - - hin = GetStdHandle(STD_INPUT_HANDLE); - GetConsoleMode(hin, &savemode); - SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT | - ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT)); - ReadFile(hin, line, sizeof(line) - 1, &i, NULL); - SetConsoleMode(hin, savemode); - - if (line[0] == 'y' || line[0] == 'Y') { - return; - } else { - fprintf(stderr, abandoned); - exit(0); - } -} - /* GUI Adaptation - Sept 2000 */ static void send_msg(HWND h, UINT message, WPARAM wParam) { @@ -245,17 +160,21 @@ static void tell_str(FILE * stream, char *str) static void tell_user(FILE * stream, char *fmt, ...) { - char str[0x100]; /* Make the size big enough */ + char *str, *str2; va_list ap; va_start(ap, fmt); - vsprintf(str, fmt, ap); + str = dupvprintf(fmt, ap); va_end(ap); - strcat(str, "\n"); - tell_str(stream, str); + str2 = dupcat(str, "\n", NULL); + sfree(str); + tell_str(stream, str2); + sfree(str2); } static void gui_update_stats(char *name, unsigned long size, - int percentage, unsigned long elapsed) + int percentage, unsigned long elapsed, + unsigned long done, unsigned long eta, + unsigned long ratebs) { unsigned int i; @@ -270,6 +189,18 @@ static void gui_update_stats(char *name, unsigned long size, send_msg((HWND) atoi(gui_hwnd), WM_STATS_SIZE, (WPARAM) size); statsize = size; } + if (statdone != done) { + send_msg((HWND) atoi(gui_hwnd), WM_STATS_DONE, (WPARAM) done); + statdone = done; + } + if (stateta != eta) { + send_msg((HWND) atoi(gui_hwnd), WM_STATS_ETA, (WPARAM) eta); + stateta = eta; + } + if (statratebs != ratebs) { + send_msg((HWND) atoi(gui_hwnd), WM_STATS_RATEBS, (WPARAM) ratebs); + statratebs = ratebs; + } if (statelapsed != elapsed) { send_msg((HWND) atoi(gui_hwnd), WM_STATS_ELAPSED, (WPARAM) elapsed); @@ -287,14 +218,15 @@ static void gui_update_stats(char *name, unsigned long size, */ void fatalbox(char *fmt, ...) { - char str[0x100]; /* Make the size big enough */ + char *str, *str2; va_list ap; va_start(ap, fmt); - strcpy(str, "Fatal: "); - vsprintf(str + strlen(str), fmt, ap); + str = dupvprintf(fmt, ap); + str2 = dupcat("Fatal: ", str, "\n", NULL); + sfree(str); va_end(ap); - strcat(str, "\n"); - tell_str(stderr, str); + tell_str(stderr, str2); + sfree(str2); errs++; if (gui_mode) { @@ -306,18 +238,19 @@ void fatalbox(char *fmt, ...) 0 /*lParam */ ))SleepEx(1000, TRUE); } - exit(1); + cleanup_exit(1); } -void connection_fatal(char *fmt, ...) +void modalfatalbox(char *fmt, ...) { - char str[0x100]; /* Make the size big enough */ + char *str, *str2; va_list ap; va_start(ap, fmt); - strcpy(str, "Fatal: "); - vsprintf(str + strlen(str), fmt, ap); + str = dupvprintf(fmt, ap); + str2 = dupcat("Fatal: ", str, "\n", NULL); + sfree(str); va_end(ap); - strcat(str, "\n"); - tell_str(stderr, str); + tell_str(stderr, str2); + sfree(str2); errs++; if (gui_mode) { @@ -329,7 +262,31 @@ void connection_fatal(char *fmt, ...) 0 /*lParam */ ))SleepEx(1000, TRUE); } - exit(1); + cleanup_exit(1); +} +void connection_fatal(void *frontend, char *fmt, ...) +{ + char *str, *str2; + va_list ap; + va_start(ap, fmt); + str = dupvprintf(fmt, ap); + str2 = dupcat("Fatal: ", str, "\n", NULL); + sfree(str); + va_end(ap); + tell_str(stderr, str2); + sfree(str2); + errs++; + + if (gui_mode) { + unsigned int msg_id = WM_RET_ERR_CNT; + if (list) + msg_id = WM_LS_RET_ERR_CNT; + while (!PostMessage + ((HWND) atoi(gui_hwnd), msg_id, (WPARAM) errs, + 0 /*lParam */ ))SleepEx(1000, TRUE); + } + + cleanup_exit(1); } /* @@ -359,11 +316,13 @@ static unsigned char *outptr; /* where to put the data */ static unsigned outlen; /* how much data required */ static unsigned char *pending = NULL; /* any spare data */ static unsigned pendlen = 0, pendsize = 0; /* length and phys. size of buffer */ -int from_backend(int is_stderr, char *data, int datalen) +int from_backend(void *frontend, int is_stderr, char *data, int datalen) { unsigned char *p = (unsigned char *) data; unsigned len = (unsigned) datalen; + assert(len > 0); + /* * stderr data is just spouted to local stderr and otherwise * ignored. @@ -373,8 +332,6 @@ int from_backend(int is_stderr, char *data, int datalen) return 0; } - inbuf_head = 0; - /* * If this is before the real session begins, just return. */ @@ -459,7 +416,7 @@ static void ssh_scp_init(void) { if (scp_ssh_socket == INVALID_SOCKET) return; - while (!back->sendok()) { + while (!back->sendok(backhandle)) { fd_set readfds; FD_ZERO(&readfds); FD_SET(scp_ssh_socket, &readfds); @@ -467,7 +424,7 @@ static void ssh_scp_init(void) return; /* doom */ select_result((WPARAM) scp_ssh_socket, (LPARAM) FD_READ); } - using_sftp = !ssh_fallback_cmd; + using_sftp = !ssh_fallback_cmd(backhandle); } /* @@ -475,19 +432,20 @@ static void ssh_scp_init(void) */ static void bump(char *fmt, ...) { - char str[0x100]; /* Make the size big enough */ + char *str, *str2; va_list ap; va_start(ap, fmt); - strcpy(str, "Fatal: "); - vsprintf(str + strlen(str), fmt, ap); + str = dupvprintf(fmt, ap); va_end(ap); - strcat(str, "\n"); - tell_str(stderr, str); + str2 = dupcat(str, "\n", NULL); + sfree(str); + tell_str(stderr, str2); + sfree(str2); errs++; - if (back != NULL && back->socket() != NULL) { + if (back != NULL && back->socket(backhandle) != NULL) { char ch; - back->special(TS_EOF); + back->special(backhandle, TS_EOF); ssh_scp_recv(&ch, 1); } @@ -500,61 +458,7 @@ static void bump(char *fmt, ...) 0 /*lParam */ ))SleepEx(1000, TRUE); } - exit(1); -} - -static int get_line(const char *prompt, char *str, int maxlen, int is_pw) -{ - HANDLE hin, hout; - DWORD savemode, newmode, i; - - if (is_pw && password) { - static int tried_once = 0; - - if (tried_once) { - return 0; - } else { - strncpy(str, password, maxlen); - str[maxlen - 1] = '\0'; - tried_once = 1; - return 1; - } - } - - /* GUI Adaptation - Sept 2000 */ - if (gui_mode) { - if (maxlen > 0) - str[0] = '\0'; - } else { - hin = GetStdHandle(STD_INPUT_HANDLE); - hout = GetStdHandle(STD_OUTPUT_HANDLE); - if (hin == INVALID_HANDLE_VALUE || hout == INVALID_HANDLE_VALUE) - bump("Cannot get standard input/output handles"); - - GetConsoleMode(hin, &savemode); - newmode = savemode | ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT; - if (is_pw) - newmode &= ~ENABLE_ECHO_INPUT; - else - newmode |= ENABLE_ECHO_INPUT; - SetConsoleMode(hin, newmode); - - WriteFile(hout, prompt, strlen(prompt), &i, NULL); - ReadFile(hin, str, maxlen - 1, &i, NULL); - - SetConsoleMode(hin, savemode); - - if ((int) i > maxlen) - i = maxlen - 1; - else - i = i - 2; - str[i] = '\0'; - - if (is_pw) - WriteFile(hout, "\r\n", 2, &i, NULL); - } - - return 1; + cleanup_exit(1); } /* @@ -575,7 +479,61 @@ static void do_cmd(char *host, char *user, char *cmd) do_defaults(NULL, &cfg); strncpy(cfg.host, host, sizeof(cfg.host) - 1); cfg.host[sizeof(cfg.host) - 1] = '\0'; - cfg.port = 22; + } + + /* + * Force use of SSH. (If they got the protocol wrong we assume the + * port is useless too.) + */ + if (cfg.protocol != PROT_SSH) { + cfg.protocol = PROT_SSH; + cfg.port = 22; + } + + /* + * Enact command-line overrides. + */ + cmdline_run_saved(&cfg); + + /* + * Trim leading whitespace off the hostname if it's there. + */ + { + int space = strspn(cfg.host, " \t"); + memmove(cfg.host, cfg.host+space, 1+strlen(cfg.host)-space); + } + + /* See if host is of the form user@host */ + if (cfg.host[0] != '\0') { + char *atsign = strchr(cfg.host, '@'); + /* Make sure we're not overflowing the user field */ + if (atsign) { + if (atsign - cfg.host < sizeof cfg.username) { + strncpy(cfg.username, cfg.host, atsign - cfg.host); + cfg.username[atsign - cfg.host] = '\0'; + } + memmove(cfg.host, atsign + 1, 1 + strlen(atsign + 1)); + } + } + + /* + * Trim a colon suffix off the hostname if it's there. + */ + cfg.host[strcspn(cfg.host, ":")] = '\0'; + + /* + * Remove any remaining whitespace from the hostname. + */ + { + int p1 = 0, p2 = 0; + while (cfg.host[p2] != '\0') { + if (cfg.host[p2] != ' ' && cfg.host[p2] != '\t') { + cfg.host[p1] = cfg.host[p2]; + p1++; + } + p2++; + } + cfg.host[p1] = '\0'; } /* Set username */ @@ -595,11 +553,14 @@ static void do_cmd(char *host, char *user, char *cmd) free(user); } - if (cfg.protocol != PROT_SSH) - cfg.port = 22; - - if (portnumber) - cfg.port = portnumber; + /* + * Disable scary things which shouldn't be enabled for simple + * things like SCP and SFTP: agent forwarding, port forwarding, + * X forwarding. + */ + cfg.x11_forward = 0; + cfg.agentfwd = 0; + cfg.portfwd[0] = cfg.portfwd[1] = '\0'; /* * Attempt to start the SFTP subsystem as a first choice, @@ -613,9 +574,11 @@ static void do_cmd(char *host, char *user, char *cmd) back = &ssh_backend; - err = back->init(cfg.host, cfg.port, &realhost); + err = back->init(NULL, &backhandle, &cfg, cfg.host, cfg.port, &realhost,0); if (err != NULL) bump("ssh_init: %s", err); + logctx = log_init(NULL); + back->provide_logctx(backhandle, logctx); ssh_scp_init(); if (verbose && realhost != NULL) tell_user(stderr, "Connected to %s\n", realhost); @@ -633,26 +596,29 @@ static void print_stats(char *name, unsigned long size, unsigned long done, char etastr[10]; int pct; int len; + int elap; - /* GUI Adaptation - Sept 2000 */ - if (gui_mode) - gui_update_stats(name, size, (int) (100 * (done * 1.0 / size)), - (unsigned long) difftime(now, start)); - else { - if (now > start) - ratebs = (float) done / (now - start); - else - ratebs = (float) done; + elap = (unsigned long) difftime(now, start); - if (ratebs < 1.0) - eta = size - done; - else - eta = (unsigned long) ((size - done) / ratebs); - sprintf(etastr, "%02ld:%02ld:%02ld", - eta / 3600, (eta % 3600) / 60, eta % 60); + if (now > start) + ratebs = (float) done / elap; + else + ratebs = (float) done; - pct = (int) (100.0 * (float) done / size); + if (ratebs < 1.0) + eta = size - done; + else + eta = (unsigned long) ((size - done) / ratebs); + sprintf(etastr, "%02ld:%02ld:%02ld", + eta / 3600, (eta % 3600) / 60, eta % 60); + pct = (int) (100 * (done * 1.0 / size)); + + if (gui_mode) + /* GUI Adaptation - Sept 2000 */ + gui_update_stats(name, size, pct, elap, done, eta, + (unsigned long) ratebs); + else { len = printf("\r%-25.25s | %10ld kB | %5.1f kB/s | ETA: %8s | %3d%%", name, done / 1024, ratebs / 1024.0, etastr, pct); if (len < prev_stats_len) @@ -685,12 +651,17 @@ static char *colon(char *str) /* * Return a pointer to the portion of str that comes after the last - * slash (or backslash, if `local' is TRUE). + * slash (or backslash or colon, if `local' is TRUE). */ static char *stripslashes(char *str, int local) { char *p; + if (local) { + p = strchr(str, ':'); + if (p) str = p+1; + } + p = strrchr(str, '/'); if (p) str = p+1; @@ -752,7 +723,7 @@ int sftp_recvdata(char *buf, int len) } int sftp_senddata(char *buf, int len) { - back->send((unsigned char *) buf, len); + back->send(backhandle, (unsigned char *) buf, len); return 1; } @@ -771,14 +742,19 @@ void scp_sftp_listdir(char *dirname) struct fxp_names *names; struct fxp_name *ournames; int nnames, namesize; - char *dir; int i; + if (!fxp_init()) { + tell_user(stderr, "unable to initialise SFTP: %s", fxp_error()); + errs++; + return; + } + printf("Listing directory %s\n", dirname); dirh = fxp_opendir(dirname); if (dirh == NULL) { - printf("Unable to open %s: %s\n", dir, fxp_error()); + printf("Unable to open %s: %s\n", dirname, fxp_error()); } else { nnames = namesize = 0; ournames = NULL; @@ -789,7 +765,7 @@ void scp_sftp_listdir(char *dirname) if (names == NULL) { if (fxp_error_type() == SSH_FX_EOF) break; - printf("Reading directory %s: %s\n", dir, fxp_error()); + printf("Reading directory %s: %s\n", dirname, fxp_error()); break; } if (names->nnames == 0) { @@ -836,6 +812,7 @@ static struct scp_sftp_dirstack { int namepos, namelen; char *dirpath; char *wildcard; + int matched_something; /* wildcard match set was non-empty */ } *scp_sftp_dirstack_head; static char *scp_sftp_remotepath, *scp_sftp_currentname; static char *scp_sftp_wildcard; @@ -855,6 +832,12 @@ void scp_source_setup(char *target, int shouldbedir) */ struct fxp_attrs attrs; + if (!fxp_init()) { + tell_user(stderr, "unable to initialise SFTP: %s", fxp_error()); + errs++; + return; + } + if (!fxp_stat(target, &attrs) || !(attrs.flags & SSH_FILEXFER_ATTR_PERMISSIONS)) scp_sftp_targetisdir = 0; @@ -878,8 +861,8 @@ int scp_send_errmsg(char *str) if (using_sftp) { /* do nothing; we never need to send our errors to the server */ } else { - back->send("\001", 1); /* scp protocol error prefix */ - back->send(str, strlen(str)); + back->send(backhandle, "\001", 1);/* scp protocol error prefix */ + back->send(backhandle, str, strlen(str)); } return 0; /* can't fail */ } @@ -894,7 +877,7 @@ int scp_send_filetimes(unsigned long mtime, unsigned long atime) } else { char buf[80]; sprintf(buf, "T%lu 0 %lu 0\n", mtime, atime); - back->send(buf, strlen(buf)); + back->send(backhandle, buf, strlen(buf)); return response(); } } @@ -922,9 +905,9 @@ int scp_send_filename(char *name, unsigned long size, int modes) } else { char buf[40]; sprintf(buf, "C%04o %lu ", modes, size); - back->send(buf, strlen(buf)); - back->send(name, strlen(name)); - back->send("\n", 1); + back->send(backhandle, buf, strlen(buf)); + back->send(backhandle, name, strlen(name)); + back->send(backhandle, "\n", 1); return response(); } } @@ -943,7 +926,7 @@ int scp_send_filedata(char *data, int len) scp_sftp_fileoffset = uint64_add32(scp_sftp_fileoffset, len); return 0; } else { - int bufsize = back->send(data, len); + int bufsize = back->send(backhandle, data, len); /* * If the network transfer is backing up - that is, the @@ -954,7 +937,7 @@ int scp_send_filedata(char *data, int len) while (bufsize > MAX_SCP_BUFSIZE) { if (!scp_process_network_event()) return 1; - bufsize = back->sendbuffer(); + bufsize = back->sendbuffer(backhandle); } return 0; @@ -981,7 +964,7 @@ int scp_send_finish(void) scp_has_times = 0; return 0; } else { - back->send("", 1); + back->send(backhandle, "", 1); return response(); } } @@ -1038,9 +1021,9 @@ int scp_send_dirname(char *name, int modes) } else { char buf[40]; sprintf(buf, "D%04o 0 ", modes); - back->send(buf, strlen(buf)); - back->send(name, strlen(name)); - back->send("\n", 1); + back->send(backhandle, buf, strlen(buf)); + back->send(backhandle, name, strlen(name)); + back->send(backhandle, "\n", 1); return response(); } } @@ -1051,7 +1034,7 @@ int scp_send_enddir(void) sfree(scp_sftp_remotepath); return 0; } else { - back->send("E\n", 2); + back->send(backhandle, "E\n", 2); return response(); } } @@ -1066,6 +1049,12 @@ int scp_sink_setup(char *source, int preserve, int recursive) { if (using_sftp) { char *newsource; + + if (!fxp_init()) { + tell_user(stderr, "unable to initialise SFTP: %s", fxp_error()); + errs++; + return 1; + } /* * It's possible that the source string we've been given * contains a wildcard. If so, we must split the directory @@ -1089,6 +1078,14 @@ int scp_sink_setup(char *source, int preserve, int recursive) * slash. */ lastpart[-1] = '\0'; + } else if (!*dupsource) { + /* + * The remains of dupsource are _empty_ - the whole + * pathname was a wildcard. Hence we need to + * replace it with ".". + */ + sfree(dupsource); + dupsource = dupstr("."); } /* @@ -1132,7 +1129,7 @@ int scp_sink_setup(char *source, int preserve, int recursive) int scp_sink_init(void) { if (!using_sftp) { - back->send("", 1); + back->send(backhandle, "", 1); } return 0; } @@ -1188,6 +1185,7 @@ int scp_get_sink_action(struct scp_sink_action *act) head->names[head->namepos].filename)))) head->namepos++; /* skip . and .. */ if (head->namepos < head->namelen) { + head->matched_something = 1; fname = dupcat(head->dirpath, "/", head->names[head->namepos++].filename, NULL); @@ -1200,7 +1198,13 @@ int scp_get_sink_action(struct scp_sink_action *act) */ if (head->wildcard) { act->action = SCP_SINK_RETRY; + if (!head->matched_something) { + tell_user(stderr, "pscp: wildcard '%s' matched " + "no files", head->wildcard); + errs++; + } sfree(head->wildcard); + } else { act->action = SCP_SINK_ENDDIR; } @@ -1321,6 +1325,7 @@ int scp_get_sink_action(struct scp_sink_action *act) newitem->dirpath = dupstr(fname); if (scp_sftp_wildcard) { newitem->wildcard = scp_sftp_wildcard; + newitem->matched_something = 0; scp_sftp_wildcard = NULL; } else { newitem->wildcard = NULL; @@ -1410,14 +1415,14 @@ int scp_get_sink_action(struct scp_sink_action *act) case '\02': /* fatal error */ bump("%s", act->buf); case 'E': - back->send("", 1); + back->send(backhandle, "", 1); act->action = SCP_SINK_ENDDIR; return 0; case 'T': if (sscanf(act->buf, "%ld %*d %ld %*d", &act->mtime, &act->atime) == 2) { act->settime = 1; - back->send("", 1); + back->send(backhandle, "", 1); continue; /* go round again */ } bump("Protocol error: Illegal time format"); @@ -1461,7 +1466,7 @@ int scp_accept_filexfer(void) sfree(scp_sftp_currentname); return 0; } else { - back->send("", 1); + back->send(backhandle, "", 1); return 0; /* can't fail */ } } @@ -1493,7 +1498,7 @@ int scp_finish_filerecv(void) fxp_close(scp_sftp_filehandle); return 0; } else { - back->send("", 1); + back->send(backhandle, "", 1); return response(); } } @@ -1504,16 +1509,17 @@ int scp_finish_filerecv(void) */ static void run_err(const char *fmt, ...) { - char str[2048]; + char *str, *str2; va_list ap; va_start(ap, fmt); errs++; - strcpy(str, "scp: "); - vsprintf(str + strlen(str), fmt, ap); - strcat(str, "\n"); - scp_send_errmsg(str); - tell_user(stderr, "%s", str); + str = dupvprintf(fmt, ap); + str2 = dupcat("scp: ", str, "\n", NULL); + sfree(str); + scp_send_errmsg(str2); + tell_user(stderr, "%s", str2); va_end(ap); + sfree(str2); } /* @@ -1680,9 +1686,7 @@ static void rsource(char *src) static void sink(char *targ, char *src) { char *destfname; - char ch; int targisdir = 0; - int settime; int exists; DWORD attr; HANDLE f; @@ -1716,9 +1720,10 @@ static void sink(char *targ, char *src) * Prevent the remote side from maliciously writing to * files outside the target area by sending a filename * containing `../'. In fact, it shouldn't be sending - * filenames with any slashes in at all; so we'll find - * the last slash or backslash in the filename and use - * only the part after that. (And warn!) + * filenames with any slashes or colons in at all; so + * we'll find the last slash, backslash or colon in the + * filename and use only the part after that. (And + * warn!) * * In addition, we also ensure here that if we're * copying a single file and the target is a directory @@ -1728,23 +1733,27 @@ static void sink(char *targ, char *src) * and the last component of that will fail to match * (the last component of) the name sent. * - * (Well, not always; if `src' is a wildcard, we do + * Well, not always; if `src' is a wildcard, we do * expect to get back filenames that don't correspond - * exactly to it. So we skip this check if `src' - * contains a *, a ? or a []. This is non-ideal - we - * would like to ensure that the returned filename - * actually matches the wildcard pattern - but one of - * SCP's protocol infelicities is that wildcard - * matching is done at the server end _by the server's - * rules_ and so in general this is infeasible. Live - * with it, or upgrade to SFTP.) + * exactly to it. Ideally in this case, we would like + * to ensure that the returned filename actually + * matches the wildcard pattern - but one of SCP's + * protocol infelicities is that wildcard matching is + * done at the server end _by the server's rules_ and + * so in general this is infeasible. Hence, we only + * accept filenames that don't correspond to `src' if + * unsafe mode is enabled or we are using SFTP (which + * resolves remote wildcards on the client side and can + * be trusted). */ char *striptarget, *stripsrc; striptarget = stripslashes(act.name, 1); if (striptarget != act.name) { tell_user(stderr, "warning: remote host sent a compound" - " pathname - possibly malicious! (ignored)"); + " pathname '%s'", act.name); + tell_user(stderr, " renaming local file to '%s'", + striptarget); } /* @@ -1759,10 +1768,16 @@ static void sink(char *targ, char *src) if (src) { stripsrc = stripslashes(src, 1); - if (!stripsrc[strcspn(stripsrc, "*?[]")] && - strcmp(striptarget, stripsrc)) { - tell_user(stderr, "warning: remote host attempted to" - " write to a different filename: disallowing"); + if (strcmp(striptarget, stripsrc) && + !using_sftp && !scp_unsafe_mode) { + tell_user(stderr, "warning: remote host tried to write " + "to a file called '%s'", striptarget); + tell_user(stderr, " when we requested a file " + "called '%s'.", stripsrc); + tell_user(stderr, " If this is a wildcard, " + "consider upgrading to SSH 2 or using"); + tell_user(stderr, " the '-unsafe' option. Renaming" + " of this file has been disallowed."); /* Override the name the server provided with our own. */ striptarget = stripsrc; } @@ -1861,7 +1876,7 @@ static void sink(char *targ, char *src) } (void) scp_finish_filerecv(); sfree(destfname); - sfree(act.name); + sfree(act.buf); } } @@ -1913,12 +1928,11 @@ static void toremote(int argc, char *argv[]) FindClose(fh); } - cmd = smalloc(strlen(targ) + 100); - sprintf(cmd, "scp%s%s%s%s -t %s", - verbose ? " -v" : "", - recursive ? " -r" : "", - preserve ? " -p" : "", - targetshouldbedirectory ? " -d" : "", targ); + cmd = dupprintf("scp%s%s%s%s -t %s", + verbose ? " -v" : "", + recursive ? " -r" : "", + preserve ? " -p" : "", + targetshouldbedirectory ? " -d" : "", targ); do_cmd(host, user, cmd); sfree(cmd); @@ -1942,13 +1956,6 @@ static void toremote(int argc, char *argv[]) */ srcpath = dupstr(src); last = stripslashes(srcpath, 1); - if (last == srcpath) { - last = strchr(srcpath, ':'); - if (last) - last++; - else - last = srcpath; - } *last = '\0'; dir = FindFirstFile(src, &fdat); @@ -1957,7 +1964,6 @@ static void toremote(int argc, char *argv[]) continue; } do { - char *last; char *filename; /* * Ensure that . and .. are never matched by wildcards, @@ -2025,12 +2031,11 @@ static void tolocal(int argc, char *argv[]) user = NULL; } - cmd = smalloc(strlen(src) + 100); - sprintf(cmd, "scp%s%s%s%s -f %s", - verbose ? " -v" : "", - recursive ? " -r" : "", - preserve ? " -p" : "", - targetshouldbedirectory ? " -d" : "", src); + cmd = dupprintf("scp%s%s%s%s -f %s", + verbose ? " -v" : "", + recursive ? " -r" : "", + preserve ? " -p" : "", + targetshouldbedirectory ? " -d" : "", src); do_cmd(host, user, cmd); sfree(cmd); @@ -2131,8 +2136,15 @@ static void usage(void) printf(" -q quiet, don't show statistics\n"); printf(" -r copy directories recursively\n"); printf(" -v show verbose messages\n"); + printf(" -load sessname Load settings from saved session\n"); printf(" -P port connect to specified port\n"); + printf(" -l user connect with specified username\n"); printf(" -pw passw login with specified password\n"); + printf(" -1 -2 force use of particular SSH protocol version\n"); + printf(" -C enable compression\n"); + printf(" -i key private key file for authentication\n"); + printf(" -batch disable all interactive prompts\n"); + printf(" -unsafe allow server-side wildcards (DANGEROUS)\n"); #if 0 /* * -gui is an internal option, used by GUI front ends to get @@ -2144,6 +2156,17 @@ static void usage(void) printf (" -gui hWnd GUI mode with the windows handle for receiving messages\n"); #endif + cleanup_exit(1); +} + +void cmdline_error(char *p, ...) +{ + va_list ap; + fprintf(stderr, "pscp: "); + va_start(ap, p); + vfprintf(stderr, p, ap); + va_end(ap); + fprintf(stderr, "\n try typing just \"pscp\" for help\n"); exit(1); } @@ -2157,37 +2180,48 @@ int main(int argc, char *argv[]) default_protocol = PROT_TELNET; flags = FLAG_STDERR; - ssh_get_line = &get_line; + cmdline_tooltype = TOOLTYPE_FILETRANSFER; + ssh_get_line = &console_get_line; init_winsock(); sk_init(); for (i = 1; i < argc; i++) { + int ret; if (argv[i][0] != '-') break; - if (strcmp(argv[i], "-v") == 0) - verbose = 1, flags |= FLAG_VERBOSE; - else if (strcmp(argv[i], "-r") == 0) + ret = cmdline_process_param(argv[i], i+1socket() != NULL) { + if (back != NULL && back->socket(backhandle) != NULL) { char ch; - back->special(TS_EOF); + back->special(backhandle, TS_EOF); ssh_scp_recv(&ch, 1); } WSACleanup();