1 /* $OpenBSD: scp.c,v 1.155 2006/08/03 03:34:42 deraadt Exp $ */ 2 /* 3 * scp - secure remote copy. This is basically patched BSD rcp which 4 * uses ssh to do the data transfer (instead of using rcmd). 5 * 6 * NOTE: This version should NOT be suid root. (This uses ssh to 7 * do the transfer and ssh has the necessary privileges.) 8 * 9 * 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi> 10 * 11 * As far as I am concerned, the code I have written for this software 12 * can be used freely for any purpose. Any derived versions of this 13 * software must be clearly marked as such, and if the derived work is 14 * incompatible with the protocol description in the RFC file, it must be 15 * called by a name other than "ssh" or "Secure Shell". 16 */ 17 /* 18 * Copyright (c) 1999 Theo de Raadt. All rights reserved. 19 * Copyright (c) 1999 Aaron Campbell. All rights reserved. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 40 */ 41 42 /* 43 * Parts from: 44 * 45 * Copyright (c) 1983, 1990, 1992, 1993, 1995 46 * The Regents of the University of California. All rights reserved. 47 * 48 * Redistribution and use in source and binary forms, with or without 49 * modification, are permitted provided that the following conditions 50 * are met: 51 * 1. Redistributions of source code must retain the above copyright 52 * notice, this list of conditions and the following disclaimer. 53 * 2. Redistributions in binary form must reproduce the above copyright 54 * notice, this list of conditions and the following disclaimer in the 55 * documentation and/or other materials provided with the distribution. 56 * 3. Neither the name of the University nor the names of its contributors 57 * may be used to endorse or promote products derived from this software 58 * without specific prior written permission. 59 * 60 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 61 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 63 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 64 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 65 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 66 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 70 * SUCH DAMAGE. 71 * 72 */ 73 74 #include "includes.h" 75 76 #include <sys/types.h> 77 #include <sys/param.h> 78 #ifdef HAVE_SYS_STAT_H 79 # include <sys/stat.h> 80 #endif 81 #ifdef HAVE_SYS_TIME_H 82 # include <sys/time.h> 83 #endif 84 #include <sys/wait.h> 85 #include <sys/uio.h> 86 87 #include <ctype.h> 88 #include <dirent.h> 89 #include <errno.h> 90 #include <fcntl.h> 91 #include <pwd.h> 92 #include <signal.h> 93 #include <stdarg.h> 94 #include <stdio.h> 95 #include <stdlib.h> 96 #include <string.h> 97 #include <time.h> 98 #include <unistd.h> 99 100 #include "xmalloc.h" 101 #include "atomicio.h" 102 #include "pathnames.h" 103 #include "log.h" 104 #include "misc.h" 105 #include "progressmeter.h" 106 107 extern char *__progname; 108 109 int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout); 110 111 void bwlimit(int); 112 113 /* Struct for addargs */ 114 arglist args; 115 116 /* Bandwidth limit */ 117 off_t limit_rate = 0; 118 119 /* Name of current file being transferred. */ 120 char *curfile; 121 122 /* This is set to non-zero to enable verbose mode. */ 123 int verbose_mode = 0; 124 125 /* This is set to zero if the progressmeter is not desired. */ 126 int showprogress = 1; 127 128 /* This is the program to execute for the secured connection. ("ssh" or -S) */ 129 char *ssh_program = _PATH_SSH_PROGRAM; 130 131 /* This is used to store the pid of ssh_program */ 132 pid_t do_cmd_pid = -1; 133 134 static void 135 killchild(int signo) 136 { 137 if (do_cmd_pid > 1) { 138 kill(do_cmd_pid, signo ? signo : SIGTERM); 139 waitpid(do_cmd_pid, NULL, 0); 140 } 141 142 if (signo) 143 _exit(1); 144 exit(1); 145 } 146 147 static int 148 do_local_cmd(arglist *a) 149 { 150 u_int i; 151 int status; 152 pid_t pid; 153 154 if (a->num == 0) 155 fatal("do_local_cmd: no arguments"); 156 157 if (verbose_mode) { 158 fprintf(stderr, "Executing:"); 159 for (i = 0; i < a->num; i++) 160 fprintf(stderr, " %s", a->list[i]); 161 fprintf(stderr, "\n"); 162 } 163 if ((pid = fork()) == -1) 164 fatal("do_local_cmd: fork: %s", strerror(errno)); 165 166 if (pid == 0) { 167 execvp(a->list[0], a->list); 168 perror(a->list[0]); 169 exit(1); 170 } 171 172 do_cmd_pid = pid; 173 signal(SIGTERM, killchild); 174 signal(SIGINT, killchild); 175 signal(SIGHUP, killchild); 176 177 while (waitpid(pid, &status, 0) == -1) 178 if (errno != EINTR) 179 fatal("do_local_cmd: waitpid: %s", strerror(errno)); 180 181 do_cmd_pid = -1; 182 183 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) 184 return (-1); 185 186 return (0); 187 } 188 189 /* 190 * This function executes the given command as the specified user on the 191 * given host. This returns < 0 if execution fails, and >= 0 otherwise. This 192 * assigns the input and output file descriptors on success. 193 */ 194 195 int 196 do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) 197 { 198 int pin[2], pout[2], reserved[2]; 199 200 if (verbose_mode) 201 fprintf(stderr, 202 "Executing: program %s host %s, user %s, command %s\n", 203 ssh_program, host, 204 remuser ? remuser : "(unspecified)", cmd); 205 206 /* 207 * Reserve two descriptors so that the real pipes won't get 208 * descriptors 0 and 1 because that will screw up dup2 below. 209 */ 210 if (pipe(reserved) < 0) 211 fatal("pipe: %s", strerror(errno)); 212 213 /* Create a socket pair for communicating with ssh. */ 214 if (pipe(pin) < 0) 215 fatal("pipe: %s", strerror(errno)); 216 if (pipe(pout) < 0) 217 fatal("pipe: %s", strerror(errno)); 218 219 /* Free the reserved descriptors. */ 220 close(reserved[0]); 221 close(reserved[1]); 222 223 /* Fork a child to execute the command on the remote host using ssh. */ 224 do_cmd_pid = fork(); 225 if (do_cmd_pid == 0) { 226 /* Child. */ 227 close(pin[1]); 228 close(pout[0]); 229 dup2(pin[0], 0); 230 dup2(pout[1], 1); 231 close(pin[0]); 232 close(pout[1]); 233 234 replacearg(&args, 0, "%s", ssh_program); 235 if (remuser != NULL) 236 addargs(&args, "-l%s", remuser); 237 addargs(&args, "%s", host); 238 addargs(&args, "%s", cmd); 239 240 execvp(ssh_program, args.list); 241 perror(ssh_program); 242 exit(1); 243 } else if (do_cmd_pid == -1) { 244 fatal("fork: %s", strerror(errno)); 245 } 246 /* Parent. Close the other side, and return the local side. */ 247 close(pin[0]); 248 *fdout = pin[1]; 249 close(pout[1]); 250 *fdin = pout[0]; 251 signal(SIGTERM, killchild); 252 signal(SIGINT, killchild); 253 signal(SIGHUP, killchild); 254 return 0; 255 } 256 257 typedef struct { 258 size_t cnt; 259 char *buf; 260 } BUF; 261 262 BUF *allocbuf(BUF *, int, int); 263 void lostconn(int); 264 int okname(char *); 265 void run_err(const char *,...); 266 void verifydir(char *); 267 268 struct passwd *pwd; 269 uid_t userid; 270 int errs, remin, remout; 271 int pflag, iamremote, iamrecursive, targetshouldbedirectory; 272 273 #define CMDNEEDS 64 274 char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ 275 276 int response(void); 277 void rsource(char *, struct stat *); 278 void sink(int, char *[]); 279 void source(int, char *[]); 280 void tolocal(int, char *[]); 281 void toremote(char *, int, char *[]); 282 void usage(void); 283 284 int 285 main(int argc, char **argv) 286 { 287 int ch, fflag, tflag, status, n; 288 double speed; 289 char *targ, *endp, **newargv; 290 extern char *optarg; 291 extern int optind; 292 293 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 294 sanitise_stdfd(); 295 296 /* Copy argv, because we modify it */ 297 newargv = xcalloc(MAX(argc + 1, 1), sizeof(*newargv)); 298 for (n = 0; n < argc; n++) 299 newargv[n] = xstrdup(argv[n]); 300 argv = newargv; 301 302 __progname = ssh_get_progname(argv[0]); 303 304 memset(&args, '\0', sizeof(args)); 305 args.list = NULL; 306 addargs(&args, "%s", ssh_program); 307 addargs(&args, "-x"); 308 addargs(&args, "-oForwardAgent no"); 309 addargs(&args, "-oPermitLocalCommand no"); 310 addargs(&args, "-oClearAllForwardings yes"); 311 312 fflag = tflag = 0; 313 while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:")) != -1) 314 switch (ch) { 315 /* User-visible flags. */ 316 case '1': 317 case '2': 318 case '4': 319 case '6': 320 case 'C': 321 addargs(&args, "-%c", ch); 322 break; 323 case 'o': 324 case 'c': 325 case 'i': 326 case 'F': 327 addargs(&args, "-%c%s", ch, optarg); 328 break; 329 case 'P': 330 addargs(&args, "-p%s", optarg); 331 break; 332 case 'B': 333 addargs(&args, "-oBatchmode yes"); 334 break; 335 case 'l': 336 speed = strtod(optarg, &endp); 337 if (speed <= 0 || *endp != '\0') 338 usage(); 339 limit_rate = speed * 1024; 340 break; 341 case 'p': 342 pflag = 1; 343 break; 344 case 'r': 345 iamrecursive = 1; 346 break; 347 case 'S': 348 ssh_program = xstrdup(optarg); 349 break; 350 case 'v': 351 addargs(&args, "-v"); 352 verbose_mode = 1; 353 break; 354 case 'q': 355 addargs(&args, "-q"); 356 showprogress = 0; 357 break; 358 359 /* Server options. */ 360 case 'd': 361 targetshouldbedirectory = 1; 362 break; 363 case 'f': /* "from" */ 364 iamremote = 1; 365 fflag = 1; 366 break; 367 case 't': /* "to" */ 368 iamremote = 1; 369 tflag = 1; 370 #ifdef HAVE_CYGWIN 371 setmode(0, O_BINARY); 372 #endif 373 break; 374 default: 375 usage(); 376 } 377 argc -= optind; 378 argv += optind; 379 380 if ((pwd = getpwuid(userid = getuid())) == NULL) 381 fatal("unknown user %u", (u_int) userid); 382 383 if (!isatty(STDERR_FILENO)) 384 showprogress = 0; 385 386 remin = STDIN_FILENO; 387 remout = STDOUT_FILENO; 388 389 if (fflag) { 390 /* Follow "protocol", send data. */ 391 (void) response(); 392 source(argc, argv); 393 exit(errs != 0); 394 } 395 if (tflag) { 396 /* Receive data. */ 397 sink(argc, argv); 398 exit(errs != 0); 399 } 400 if (argc < 2) 401 usage(); 402 if (argc > 2) 403 targetshouldbedirectory = 1; 404 405 remin = remout = -1; 406 do_cmd_pid = -1; 407 /* Command to be executed on remote system using "ssh". */ 408 (void) snprintf(cmd, sizeof cmd, "scp%s%s%s%s", 409 verbose_mode ? " -v" : "", 410 iamrecursive ? " -r" : "", pflag ? " -p" : "", 411 targetshouldbedirectory ? " -d" : ""); 412 413 (void) signal(SIGPIPE, lostconn); 414 415 if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ 416 toremote(targ, argc, argv); 417 else { 418 if (targetshouldbedirectory) 419 verifydir(argv[argc - 1]); 420 tolocal(argc, argv); /* Dest is local host. */ 421 } 422 /* 423 * Finally check the exit status of the ssh process, if one was forked 424 * and no error has occured yet 425 */ 426 if (do_cmd_pid != -1 && errs == 0) { 427 if (remin != -1) 428 (void) close(remin); 429 if (remout != -1) 430 (void) close(remout); 431 if (waitpid(do_cmd_pid, &status, 0) == -1) 432 errs = 1; 433 else { 434 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) 435 errs = 1; 436 } 437 } 438 exit(errs != 0); 439 } 440 441 void 442 toremote(char *targ, int argc, char **argv) 443 { 444 char *bp, *host, *src, *suser, *thost, *tuser, *arg; 445 arglist alist; 446 int i; 447 448 memset(&alist, '\0', sizeof(alist)); 449 alist.list = NULL; 450 451 *targ++ = 0; 452 if (*targ == 0) 453 targ = "."; 454 455 arg = xstrdup(argv[argc - 1]); 456 if ((thost = strrchr(arg, '@'))) { 457 /* user@host */ 458 *thost++ = 0; 459 tuser = arg; 460 if (*tuser == '\0') 461 tuser = NULL; 462 } else { 463 thost = arg; 464 tuser = NULL; 465 } 466 467 if (tuser != NULL && !okname(tuser)) { 468 xfree(arg); 469 return; 470 } 471 472 for (i = 0; i < argc - 1; i++) { 473 src = colon(argv[i]); 474 if (src) { /* remote to remote */ 475 freeargs(&alist); 476 addargs(&alist, "%s", ssh_program); 477 if (verbose_mode) 478 addargs(&alist, "-v"); 479 addargs(&alist, "-x"); 480 addargs(&alist, "-oClearAllForwardings yes"); 481 addargs(&alist, "-n"); 482 483 *src++ = 0; 484 if (*src == 0) 485 src = "."; 486 host = strrchr(argv[i], '@'); 487 488 if (host) { 489 *host++ = 0; 490 host = cleanhostname(host); 491 suser = argv[i]; 492 if (*suser == '\0') 493 suser = pwd->pw_name; 494 else if (!okname(suser)) 495 continue; 496 addargs(&alist, "-l"); 497 addargs(&alist, "%s", suser); 498 } else { 499 host = cleanhostname(argv[i]); 500 } 501 addargs(&alist, "%s", host); 502 addargs(&alist, "%s", cmd); 503 addargs(&alist, "%s", src); 504 addargs(&alist, "%s%s%s:%s", 505 tuser ? tuser : "", tuser ? "@" : "", 506 thost, targ); 507 if (do_local_cmd(&alist) != 0) 508 errs = 1; 509 } else { /* local to remote */ 510 if (remin == -1) { 511 xasprintf(&bp, "%s -t %s", cmd, targ); 512 host = cleanhostname(thost); 513 if (do_cmd(host, tuser, bp, &remin, 514 &remout) < 0) 515 exit(1); 516 if (response() < 0) 517 exit(1); 518 (void) xfree(bp); 519 } 520 source(1, argv + i); 521 } 522 } 523 xfree(arg); 524 } 525 526 void 527 tolocal(int argc, char **argv) 528 { 529 char *bp, *host, *src, *suser; 530 arglist alist; 531 int i; 532 533 memset(&alist, '\0', sizeof(alist)); 534 alist.list = NULL; 535 536 for (i = 0; i < argc - 1; i++) { 537 if (!(src = colon(argv[i]))) { /* Local to local. */ 538 freeargs(&alist); 539 addargs(&alist, "%s", _PATH_CP); 540 if (iamrecursive) 541 addargs(&alist, "-r"); 542 if (pflag) 543 addargs(&alist, "-p"); 544 addargs(&alist, "%s", argv[i]); 545 addargs(&alist, "%s", argv[argc-1]); 546 if (do_local_cmd(&alist)) 547 ++errs; 548 continue; 549 } 550 *src++ = 0; 551 if (*src == 0) 552 src = "."; 553 if ((host = strrchr(argv[i], '@')) == NULL) { 554 host = argv[i]; 555 suser = NULL; 556 } else { 557 *host++ = 0; 558 suser = argv[i]; 559 if (*suser == '\0') 560 suser = pwd->pw_name; 561 } 562 host = cleanhostname(host); 563 xasprintf(&bp, "%s -f %s", cmd, src); 564 if (do_cmd(host, suser, bp, &remin, &remout) < 0) { 565 (void) xfree(bp); 566 ++errs; 567 continue; 568 } 569 xfree(bp); 570 sink(1, argv + argc - 1); 571 (void) close(remin); 572 remin = remout = -1; 573 } 574 } 575 576 void 577 source(int argc, char **argv) 578 { 579 struct stat stb; 580 static BUF buffer; 581 BUF *bp; 582 off_t i, amt, statbytes; 583 size_t result; 584 int fd = -1, haderr, indx; 585 char *last, *name, buf[2048]; 586 int len; 587 588 for (indx = 0; indx < argc; ++indx) { 589 name = argv[indx]; 590 statbytes = 0; 591 len = strlen(name); 592 while (len > 1 && name[len-1] == '/') 593 name[--len] = '\0'; 594 if (strchr(name, '\n') != NULL) { 595 run_err("%s: skipping, filename contains a newline", 596 name); 597 goto next; 598 } 599 if ((fd = open(name, O_RDONLY, 0)) < 0) 600 goto syserr; 601 if (fstat(fd, &stb) < 0) { 602 syserr: run_err("%s: %s", name, strerror(errno)); 603 goto next; 604 } 605 switch (stb.st_mode & S_IFMT) { 606 case S_IFREG: 607 break; 608 case S_IFDIR: 609 if (iamrecursive) { 610 rsource(name, &stb); 611 goto next; 612 } 613 /* FALLTHROUGH */ 614 default: 615 run_err("%s: not a regular file", name); 616 goto next; 617 } 618 if ((last = strrchr(name, '/')) == NULL) 619 last = name; 620 else 621 ++last; 622 curfile = last; 623 if (pflag) { 624 /* 625 * Make it compatible with possible future 626 * versions expecting microseconds. 627 */ 628 (void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n", 629 (u_long) stb.st_mtime, 630 (u_long) stb.st_atime); 631 (void) atomicio(vwrite, remout, buf, strlen(buf)); 632 if (response() < 0) 633 goto next; 634 } 635 #define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) 636 snprintf(buf, sizeof buf, "C%04o %lld %s\n", 637 (u_int) (stb.st_mode & FILEMODEMASK), 638 (long long)stb.st_size, last); 639 if (verbose_mode) { 640 fprintf(stderr, "Sending file modes: %s", buf); 641 } 642 (void) atomicio(vwrite, remout, buf, strlen(buf)); 643 if (response() < 0) 644 goto next; 645 if ((bp = allocbuf(&buffer, fd, 2048)) == NULL) { 646 next: if (fd != -1) { 647 (void) close(fd); 648 fd = -1; 649 } 650 continue; 651 } 652 if (showprogress) 653 start_progress_meter(curfile, stb.st_size, &statbytes); 654 /* Keep writing after an error so that we stay sync'd up. */ 655 for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { 656 amt = bp->cnt; 657 if (i + amt > stb.st_size) 658 amt = stb.st_size - i; 659 if (!haderr) { 660 result = atomicio(read, fd, bp->buf, amt); 661 if (result != amt) 662 haderr = errno; 663 } 664 if (haderr) 665 (void) atomicio(vwrite, remout, bp->buf, amt); 666 else { 667 result = atomicio(vwrite, remout, bp->buf, amt); 668 if (result != amt) 669 haderr = errno; 670 statbytes += result; 671 } 672 if (limit_rate) 673 bwlimit(amt); 674 } 675 if (showprogress) 676 stop_progress_meter(); 677 678 if (fd != -1) { 679 if (close(fd) < 0 && !haderr) 680 haderr = errno; 681 fd = -1; 682 } 683 if (!haderr) 684 (void) atomicio(vwrite, remout, "", 1); 685 else 686 run_err("%s: %s", name, strerror(haderr)); 687 (void) response(); 688 } 689 } 690 691 void 692 rsource(char *name, struct stat *statp) 693 { 694 DIR *dirp; 695 struct dirent *dp; 696 char *last, *vect[1], path[1100]; 697 698 if (!(dirp = opendir(name))) { 699 run_err("%s: %s", name, strerror(errno)); 700 return; 701 } 702 last = strrchr(name, '/'); 703 if (last == 0) 704 last = name; 705 else 706 last++; 707 if (pflag) { 708 (void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n", 709 (u_long) statp->st_mtime, 710 (u_long) statp->st_atime); 711 (void) atomicio(vwrite, remout, path, strlen(path)); 712 if (response() < 0) { 713 closedir(dirp); 714 return; 715 } 716 } 717 (void) snprintf(path, sizeof path, "D%04o %d %.1024s\n", 718 (u_int) (statp->st_mode & FILEMODEMASK), 0, last); 719 if (verbose_mode) 720 fprintf(stderr, "Entering directory: %s", path); 721 (void) atomicio(vwrite, remout, path, strlen(path)); 722 if (response() < 0) { 723 closedir(dirp); 724 return; 725 } 726 while ((dp = readdir(dirp)) != NULL) { 727 if (dp->d_ino == 0) 728 continue; 729 if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) 730 continue; 731 if (strlen(name) + 1 + strlen(dp->d_name) >= sizeof(path) - 1) { 732 run_err("%s/%s: name too long", name, dp->d_name); 733 continue; 734 } 735 (void) snprintf(path, sizeof path, "%s/%s", name, dp->d_name); 736 vect[0] = path; 737 source(1, vect); 738 } 739 (void) closedir(dirp); 740 (void) atomicio(vwrite, remout, "E\n", 2); 741 (void) response(); 742 } 743 744 void 745 bwlimit(int amount) 746 { 747 static struct timeval bwstart, bwend; 748 static int lamt, thresh = 16384; 749 u_int64_t waitlen; 750 struct timespec ts, rm; 751 752 if (!timerisset(&bwstart)) { 753 gettimeofday(&bwstart, NULL); 754 return; 755 } 756 757 lamt += amount; 758 if (lamt < thresh) 759 return; 760 761 gettimeofday(&bwend, NULL); 762 timersub(&bwend, &bwstart, &bwend); 763 if (!timerisset(&bwend)) 764 return; 765 766 lamt *= 8; 767 waitlen = (double)1000000L * lamt / limit_rate; 768 769 bwstart.tv_sec = waitlen / 1000000L; 770 bwstart.tv_usec = waitlen % 1000000L; 771 772 if (timercmp(&bwstart, &bwend, >)) { 773 timersub(&bwstart, &bwend, &bwend); 774 775 /* Adjust the wait time */ 776 if (bwend.tv_sec) { 777 thresh /= 2; 778 if (thresh < 2048) 779 thresh = 2048; 780 } else if (bwend.tv_usec < 100) { 781 thresh *= 2; 782 if (thresh > 32768) 783 thresh = 32768; 784 } 785 786 TIMEVAL_TO_TIMESPEC(&bwend, &ts); 787 while (nanosleep(&ts, &rm) == -1) { 788 if (errno != EINTR) 789 break; 790 ts = rm; 791 } 792 } 793 794 lamt = 0; 795 gettimeofday(&bwstart, NULL); 796 } 797 798 void 799 sink(int argc, char **argv) 800 { 801 static BUF buffer; 802 struct stat stb; 803 enum { 804 YES, NO, DISPLAYED 805 } wrerr; 806 BUF *bp; 807 off_t i; 808 size_t j, count; 809 int amt, exists, first, ofd; 810 mode_t mode, omode, mask; 811 off_t size, statbytes; 812 int setimes, targisdir, wrerrno = 0; 813 char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; 814 struct timeval tv[2]; 815 816 #define atime tv[0] 817 #define mtime tv[1] 818 #define SCREWUP(str) { why = str; goto screwup; } 819 820 setimes = targisdir = 0; 821 mask = umask(0); 822 if (!pflag) 823 (void) umask(mask); 824 if (argc != 1) { 825 run_err("ambiguous target"); 826 exit(1); 827 } 828 targ = *argv; 829 if (targetshouldbedirectory) 830 verifydir(targ); 831 832 (void) atomicio(vwrite, remout, "", 1); 833 if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) 834 targisdir = 1; 835 for (first = 1;; first = 0) { 836 cp = buf; 837 if (atomicio(read, remin, cp, 1) != 1) 838 return; 839 if (*cp++ == '\n') 840 SCREWUP("unexpected <newline>"); 841 do { 842 if (atomicio(read, remin, &ch, sizeof(ch)) != sizeof(ch)) 843 SCREWUP("lost connection"); 844 *cp++ = ch; 845 } while (cp < &buf[sizeof(buf) - 1] && ch != '\n'); 846 *cp = 0; 847 if (verbose_mode) 848 fprintf(stderr, "Sink: %s", buf); 849 850 if (buf[0] == '\01' || buf[0] == '\02') { 851 if (iamremote == 0) 852 (void) atomicio(vwrite, STDERR_FILENO, 853 buf + 1, strlen(buf + 1)); 854 if (buf[0] == '\02') 855 exit(1); 856 ++errs; 857 continue; 858 } 859 if (buf[0] == 'E') { 860 (void) atomicio(vwrite, remout, "", 1); 861 return; 862 } 863 if (ch == '\n') 864 *--cp = 0; 865 866 cp = buf; 867 if (*cp == 'T') { 868 setimes++; 869 cp++; 870 mtime.tv_sec = strtol(cp, &cp, 10); 871 if (!cp || *cp++ != ' ') 872 SCREWUP("mtime.sec not delimited"); 873 mtime.tv_usec = strtol(cp, &cp, 10); 874 if (!cp || *cp++ != ' ') 875 SCREWUP("mtime.usec not delimited"); 876 atime.tv_sec = strtol(cp, &cp, 10); 877 if (!cp || *cp++ != ' ') 878 SCREWUP("atime.sec not delimited"); 879 atime.tv_usec = strtol(cp, &cp, 10); 880 if (!cp || *cp++ != '\0') 881 SCREWUP("atime.usec not delimited"); 882 (void) atomicio(vwrite, remout, "", 1); 883 continue; 884 } 885 if (*cp != 'C' && *cp != 'D') { 886 /* 887 * Check for the case "rcp remote:foo\* local:bar". 888 * In this case, the line "No match." can be returned 889 * by the shell before the rcp command on the remote is 890 * executed so the ^Aerror_message convention isn't 891 * followed. 892 */ 893 if (first) { 894 run_err("%s", cp); 895 exit(1); 896 } 897 SCREWUP("expected control record"); 898 } 899 mode = 0; 900 for (++cp; cp < buf + 5; cp++) { 901 if (*cp < '0' || *cp > '7') 902 SCREWUP("bad mode"); 903 mode = (mode << 3) | (*cp - '0'); 904 } 905 if (*cp++ != ' ') 906 SCREWUP("mode not delimited"); 907 908 for (size = 0; isdigit(*cp);) 909 size = size * 10 + (*cp++ - '0'); 910 if (*cp++ != ' ') 911 SCREWUP("size not delimited"); 912 if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { 913 run_err("error: unexpected filename: %s", cp); 914 exit(1); 915 } 916 if (targisdir) { 917 static char *namebuf; 918 static size_t cursize; 919 size_t need; 920 921 need = strlen(targ) + strlen(cp) + 250; 922 if (need > cursize) { 923 if (namebuf) 924 xfree(namebuf); 925 namebuf = xmalloc(need); 926 cursize = need; 927 } 928 (void) snprintf(namebuf, need, "%s%s%s", targ, 929 strcmp(targ, "/") ? "/" : "", cp); 930 np = namebuf; 931 } else 932 np = targ; 933 curfile = cp; 934 exists = stat(np, &stb) == 0; 935 if (buf[0] == 'D') { 936 int mod_flag = pflag; 937 if (!iamrecursive) 938 SCREWUP("received directory without -r"); 939 if (exists) { 940 if (!S_ISDIR(stb.st_mode)) { 941 errno = ENOTDIR; 942 goto bad; 943 } 944 if (pflag) 945 (void) chmod(np, mode); 946 } else { 947 /* Handle copying from a read-only 948 directory */ 949 mod_flag = 1; 950 if (mkdir(np, mode | S_IRWXU) < 0) 951 goto bad; 952 } 953 vect[0] = xstrdup(np); 954 sink(1, vect); 955 if (setimes) { 956 setimes = 0; 957 if (utimes(vect[0], tv) < 0) 958 run_err("%s: set times: %s", 959 vect[0], strerror(errno)); 960 } 961 if (mod_flag) 962 (void) chmod(vect[0], mode); 963 if (vect[0]) 964 xfree(vect[0]); 965 continue; 966 } 967 omode = mode; 968 mode |= S_IWRITE; 969 if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { 970 bad: run_err("%s: %s", np, strerror(errno)); 971 continue; 972 } 973 (void) atomicio(vwrite, remout, "", 1); 974 if ((bp = allocbuf(&buffer, ofd, 4096)) == NULL) { 975 (void) close(ofd); 976 continue; 977 } 978 cp = bp->buf; 979 wrerr = NO; 980 981 statbytes = 0; 982 if (showprogress) 983 start_progress_meter(curfile, size, &statbytes); 984 for (count = i = 0; i < size; i += 4096) { 985 amt = 4096; 986 if (i + amt > size) 987 amt = size - i; 988 count += amt; 989 do { 990 j = atomicio(read, remin, cp, amt); 991 if (j == 0) { 992 run_err("%s", j ? strerror(errno) : 993 "dropped connection"); 994 exit(1); 995 } 996 amt -= j; 997 cp += j; 998 statbytes += j; 999 } while (amt > 0); 1000 1001 if (limit_rate) 1002 bwlimit(4096); 1003 1004 if (count == bp->cnt) { 1005 /* Keep reading so we stay sync'd up. */ 1006 if (wrerr == NO) { 1007 if (atomicio(vwrite, ofd, bp->buf, 1008 count) != count) { 1009 wrerr = YES; 1010 wrerrno = errno; 1011 } 1012 } 1013 count = 0; 1014 cp = bp->buf; 1015 } 1016 } 1017 if (showprogress) 1018 stop_progress_meter(); 1019 if (count != 0 && wrerr == NO && 1020 atomicio(vwrite, ofd, bp->buf, count) != count) { 1021 wrerr = YES; 1022 wrerrno = errno; 1023 } 1024 if (wrerr == NO && ftruncate(ofd, size) != 0) { 1025 run_err("%s: truncate: %s", np, strerror(errno)); 1026 wrerr = DISPLAYED; 1027 } 1028 if (pflag) { 1029 if (exists || omode != mode) 1030 #ifdef HAVE_FCHMOD 1031 if (fchmod(ofd, omode)) { 1032 #else /* HAVE_FCHMOD */ 1033 if (chmod(np, omode)) { 1034 #endif /* HAVE_FCHMOD */ 1035 run_err("%s: set mode: %s", 1036 np, strerror(errno)); 1037 wrerr = DISPLAYED; 1038 } 1039 } else { 1040 if (!exists && omode != mode) 1041 #ifdef HAVE_FCHMOD 1042 if (fchmod(ofd, omode & ~mask)) { 1043 #else /* HAVE_FCHMOD */ 1044 if (chmod(np, omode & ~mask)) { 1045 #endif /* HAVE_FCHMOD */ 1046 run_err("%s: set mode: %s", 1047 np, strerror(errno)); 1048 wrerr = DISPLAYED; 1049 } 1050 } 1051 if (close(ofd) == -1) { 1052 wrerr = YES; 1053 wrerrno = errno; 1054 } 1055 (void) response(); 1056 if (setimes && wrerr == NO) { 1057 setimes = 0; 1058 if (utimes(np, tv) < 0) { 1059 run_err("%s: set times: %s", 1060 np, strerror(errno)); 1061 wrerr = DISPLAYED; 1062 } 1063 } 1064 switch (wrerr) { 1065 case YES: 1066 run_err("%s: %s", np, strerror(wrerrno)); 1067 break; 1068 case NO: 1069 (void) atomicio(vwrite, remout, "", 1); 1070 break; 1071 case DISPLAYED: 1072 break; 1073 } 1074 } 1075 screwup: 1076 run_err("protocol error: %s", why); 1077 exit(1); 1078 } 1079 1080 int 1081 response(void) 1082 { 1083 char ch, *cp, resp, rbuf[2048]; 1084 1085 if (atomicio(read, remin, &resp, sizeof(resp)) != sizeof(resp)) 1086 lostconn(0); 1087 1088 cp = rbuf; 1089 switch (resp) { 1090 case 0: /* ok */ 1091 return (0); 1092 default: 1093 *cp++ = resp; 1094 /* FALLTHROUGH */ 1095 case 1: /* error, followed by error msg */ 1096 case 2: /* fatal error, "" */ 1097 do { 1098 if (atomicio(read, remin, &ch, sizeof(ch)) != sizeof(ch)) 1099 lostconn(0); 1100 *cp++ = ch; 1101 } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); 1102 1103 if (!iamremote) 1104 (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf); 1105 ++errs; 1106 if (resp == 1) 1107 return (-1); 1108 exit(1); 1109 } 1110 /* NOTREACHED */ 1111 } 1112 1113 void 1114 usage(void) 1115 { 1116 (void) fprintf(stderr, 1117 "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n" 1118 " [-l limit] [-o ssh_option] [-P port] [-S program]\n" 1119 " [[user@]host1:]file1 [...] [[user@]host2:]file2\n"); 1120 exit(1); 1121 } 1122 1123 void 1124 run_err(const char *fmt,...) 1125 { 1126 static FILE *fp; 1127 va_list ap; 1128 1129 ++errs; 1130 if (fp != NULL || (remout != -1 && (fp = fdopen(remout, "w")))) { 1131 (void) fprintf(fp, "%c", 0x01); 1132 (void) fprintf(fp, "scp: "); 1133 va_start(ap, fmt); 1134 (void) vfprintf(fp, fmt, ap); 1135 va_end(ap); 1136 (void) fprintf(fp, "\n"); 1137 (void) fflush(fp); 1138 } 1139 1140 if (!iamremote) { 1141 va_start(ap, fmt); 1142 vfprintf(stderr, fmt, ap); 1143 va_end(ap); 1144 fprintf(stderr, "\n"); 1145 } 1146 } 1147 1148 void 1149 verifydir(char *cp) 1150 { 1151 struct stat stb; 1152 1153 if (!stat(cp, &stb)) { 1154 if (S_ISDIR(stb.st_mode)) 1155 return; 1156 errno = ENOTDIR; 1157 } 1158 run_err("%s: %s", cp, strerror(errno)); 1159 killchild(0); 1160 } 1161 1162 int 1163 okname(char *cp0) 1164 { 1165 int c; 1166 char *cp; 1167 1168 cp = cp0; 1169 do { 1170 c = (int)*cp; 1171 if (c & 0200) 1172 goto bad; 1173 if (!isalpha(c) && !isdigit(c)) { 1174 switch (c) { 1175 case '\'': 1176 case '"': 1177 case '`': 1178 case ' ': 1179 case '#': 1180 goto bad; 1181 default: 1182 break; 1183 } 1184 } 1185 } while (*++cp); 1186 return (1); 1187 1188 bad: fprintf(stderr, "%s: invalid user name\n", cp0); 1189 return (0); 1190 } 1191 1192 BUF * 1193 allocbuf(BUF *bp, int fd, int blksize) 1194 { 1195 size_t size; 1196 #ifdef HAVE_STRUCT_STAT_ST_BLKSIZE 1197 struct stat stb; 1198 1199 if (fstat(fd, &stb) < 0) { 1200 run_err("fstat: %s", strerror(errno)); 1201 return (0); 1202 } 1203 size = roundup(stb.st_blksize, blksize); 1204 if (size == 0) 1205 size = blksize; 1206 #else /* HAVE_STRUCT_STAT_ST_BLKSIZE */ 1207 size = blksize; 1208 #endif /* HAVE_STRUCT_STAT_ST_BLKSIZE */ 1209 if (bp->cnt >= size) 1210 return (bp); 1211 if (bp->buf == NULL) 1212 bp->buf = xmalloc(size); 1213 else 1214 bp->buf = xrealloc(bp->buf, 1, size); 1215 memset(bp->buf, 0, size); 1216 bp->cnt = size; 1217 return (bp); 1218 } 1219 1220 void 1221 lostconn(int signo) 1222 { 1223 if (!iamremote) 1224 write(STDERR_FILENO, "lost connection\n", 16); 1225 if (signo) 1226 _exit(1); 1227 else 1228 exit(1); 1229 } 1230