xref: /freebsd/crypto/openssh/sftp-client.c (revision 195ebc7e9e4b129de810833791a19dfb4349d6a9)
1 /* $OpenBSD: sftp-client.c,v 1.86 2008/06/26 06:10:09 djm Exp $ */
2 /*
3  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 /* XXX: memleaks */
19 /* XXX: signed vs unsigned */
20 /* XXX: remove all logging, only return status codes */
21 /* XXX: copy between two remote sites */
22 
23 #include "includes.h"
24 
25 #include <sys/types.h>
26 #include <sys/param.h>
27 #ifdef HAVE_SYS_STATVFS_H
28 #include <sys/statvfs.h>
29 #endif
30 #include "openbsd-compat/sys-queue.h"
31 #ifdef HAVE_SYS_STAT_H
32 # include <sys/stat.h>
33 #endif
34 #ifdef HAVE_SYS_TIME_H
35 # include <sys/time.h>
36 #endif
37 #include <sys/uio.h>
38 
39 #include <errno.h>
40 #include <fcntl.h>
41 #include <signal.h>
42 #include <stdarg.h>
43 #include <stdio.h>
44 #include <string.h>
45 #include <unistd.h>
46 
47 #include "xmalloc.h"
48 #include "buffer.h"
49 #include "log.h"
50 #include "atomicio.h"
51 #include "progressmeter.h"
52 #include "misc.h"
53 
54 #include "sftp.h"
55 #include "sftp-common.h"
56 #include "sftp-client.h"
57 
58 extern volatile sig_atomic_t interrupted;
59 extern int showprogress;
60 
61 /* Minimum amount of data to read at a time */
62 #define MIN_READ_SIZE	512
63 
64 struct sftp_conn {
65 	int fd_in;
66 	int fd_out;
67 	u_int transfer_buflen;
68 	u_int num_requests;
69 	u_int version;
70 	u_int msg_id;
71 #define SFTP_EXT_POSIX_RENAME	0x00000001
72 #define SFTP_EXT_STATVFS	0x00000002
73 #define SFTP_EXT_FSTATVFS	0x00000004
74 	u_int exts;
75 };
76 
77 static void
78 send_msg(int fd, Buffer *m)
79 {
80 	u_char mlen[4];
81 	struct iovec iov[2];
82 
83 	if (buffer_len(m) > SFTP_MAX_MSG_LENGTH)
84 		fatal("Outbound message too long %u", buffer_len(m));
85 
86 	/* Send length first */
87 	put_u32(mlen, buffer_len(m));
88 	iov[0].iov_base = mlen;
89 	iov[0].iov_len = sizeof(mlen);
90 	iov[1].iov_base = buffer_ptr(m);
91 	iov[1].iov_len = buffer_len(m);
92 
93 	if (atomiciov(writev, fd, iov, 2) != buffer_len(m) + sizeof(mlen))
94 		fatal("Couldn't send packet: %s", strerror(errno));
95 
96 	buffer_clear(m);
97 }
98 
99 static void
100 get_msg(int fd, Buffer *m)
101 {
102 	u_int msg_len;
103 
104 	buffer_append_space(m, 4);
105 	if (atomicio(read, fd, buffer_ptr(m), 4) != 4) {
106 		if (errno == EPIPE)
107 			fatal("Connection closed");
108 		else
109 			fatal("Couldn't read packet: %s", strerror(errno));
110 	}
111 
112 	msg_len = buffer_get_int(m);
113 	if (msg_len > SFTP_MAX_MSG_LENGTH)
114 		fatal("Received message too long %u", msg_len);
115 
116 	buffer_append_space(m, msg_len);
117 	if (atomicio(read, fd, buffer_ptr(m), msg_len) != msg_len) {
118 		if (errno == EPIPE)
119 			fatal("Connection closed");
120 		else
121 			fatal("Read packet: %s", strerror(errno));
122 	}
123 }
124 
125 static void
126 send_string_request(int fd, u_int id, u_int code, char *s,
127     u_int len)
128 {
129 	Buffer msg;
130 
131 	buffer_init(&msg);
132 	buffer_put_char(&msg, code);
133 	buffer_put_int(&msg, id);
134 	buffer_put_string(&msg, s, len);
135 	send_msg(fd, &msg);
136 	debug3("Sent message fd %d T:%u I:%u", fd, code, id);
137 	buffer_free(&msg);
138 }
139 
140 static void
141 send_string_attrs_request(int fd, u_int id, u_int code, char *s,
142     u_int len, Attrib *a)
143 {
144 	Buffer msg;
145 
146 	buffer_init(&msg);
147 	buffer_put_char(&msg, code);
148 	buffer_put_int(&msg, id);
149 	buffer_put_string(&msg, s, len);
150 	encode_attrib(&msg, a);
151 	send_msg(fd, &msg);
152 	debug3("Sent message fd %d T:%u I:%u", fd, code, id);
153 	buffer_free(&msg);
154 }
155 
156 static u_int
157 get_status(int fd, u_int expected_id)
158 {
159 	Buffer msg;
160 	u_int type, id, status;
161 
162 	buffer_init(&msg);
163 	get_msg(fd, &msg);
164 	type = buffer_get_char(&msg);
165 	id = buffer_get_int(&msg);
166 
167 	if (id != expected_id)
168 		fatal("ID mismatch (%u != %u)", id, expected_id);
169 	if (type != SSH2_FXP_STATUS)
170 		fatal("Expected SSH2_FXP_STATUS(%u) packet, got %u",
171 		    SSH2_FXP_STATUS, type);
172 
173 	status = buffer_get_int(&msg);
174 	buffer_free(&msg);
175 
176 	debug3("SSH2_FXP_STATUS %u", status);
177 
178 	return(status);
179 }
180 
181 static char *
182 get_handle(int fd, u_int expected_id, u_int *len)
183 {
184 	Buffer msg;
185 	u_int type, id;
186 	char *handle;
187 
188 	buffer_init(&msg);
189 	get_msg(fd, &msg);
190 	type = buffer_get_char(&msg);
191 	id = buffer_get_int(&msg);
192 
193 	if (id != expected_id)
194 		fatal("ID mismatch (%u != %u)", id, expected_id);
195 	if (type == SSH2_FXP_STATUS) {
196 		int status = buffer_get_int(&msg);
197 
198 		error("Couldn't get handle: %s", fx2txt(status));
199 		buffer_free(&msg);
200 		return(NULL);
201 	} else if (type != SSH2_FXP_HANDLE)
202 		fatal("Expected SSH2_FXP_HANDLE(%u) packet, got %u",
203 		    SSH2_FXP_HANDLE, type);
204 
205 	handle = buffer_get_string(&msg, len);
206 	buffer_free(&msg);
207 
208 	return(handle);
209 }
210 
211 static Attrib *
212 get_decode_stat(int fd, u_int expected_id, int quiet)
213 {
214 	Buffer msg;
215 	u_int type, id;
216 	Attrib *a;
217 
218 	buffer_init(&msg);
219 	get_msg(fd, &msg);
220 
221 	type = buffer_get_char(&msg);
222 	id = buffer_get_int(&msg);
223 
224 	debug3("Received stat reply T:%u I:%u", type, id);
225 	if (id != expected_id)
226 		fatal("ID mismatch (%u != %u)", id, expected_id);
227 	if (type == SSH2_FXP_STATUS) {
228 		int status = buffer_get_int(&msg);
229 
230 		if (quiet)
231 			debug("Couldn't stat remote file: %s", fx2txt(status));
232 		else
233 			error("Couldn't stat remote file: %s", fx2txt(status));
234 		buffer_free(&msg);
235 		return(NULL);
236 	} else if (type != SSH2_FXP_ATTRS) {
237 		fatal("Expected SSH2_FXP_ATTRS(%u) packet, got %u",
238 		    SSH2_FXP_ATTRS, type);
239 	}
240 	a = decode_attrib(&msg);
241 	buffer_free(&msg);
242 
243 	return(a);
244 }
245 
246 static int
247 get_decode_statvfs(int fd, struct sftp_statvfs *st, u_int expected_id,
248     int quiet)
249 {
250 	Buffer msg;
251 	u_int type, id, flag;
252 
253 	buffer_init(&msg);
254 	get_msg(fd, &msg);
255 
256 	type = buffer_get_char(&msg);
257 	id = buffer_get_int(&msg);
258 
259 	debug3("Received statvfs reply T:%u I:%u", type, id);
260 	if (id != expected_id)
261 		fatal("ID mismatch (%u != %u)", id, expected_id);
262 	if (type == SSH2_FXP_STATUS) {
263 		int status = buffer_get_int(&msg);
264 
265 		if (quiet)
266 			debug("Couldn't statvfs: %s", fx2txt(status));
267 		else
268 			error("Couldn't statvfs: %s", fx2txt(status));
269 		buffer_free(&msg);
270 		return -1;
271 	} else if (type != SSH2_FXP_EXTENDED_REPLY) {
272 		fatal("Expected SSH2_FXP_EXTENDED_REPLY(%u) packet, got %u",
273 		    SSH2_FXP_EXTENDED_REPLY, type);
274 	}
275 
276 	bzero(st, sizeof(*st));
277 	st->f_bsize = buffer_get_int64(&msg);
278 	st->f_frsize = buffer_get_int64(&msg);
279 	st->f_blocks = buffer_get_int64(&msg);
280 	st->f_bfree = buffer_get_int64(&msg);
281 	st->f_bavail = buffer_get_int64(&msg);
282 	st->f_files = buffer_get_int64(&msg);
283 	st->f_ffree = buffer_get_int64(&msg);
284 	st->f_favail = buffer_get_int64(&msg);
285 	st->f_fsid = buffer_get_int64(&msg);
286 	flag = buffer_get_int64(&msg);
287 	st->f_namemax = buffer_get_int64(&msg);
288 
289 	st->f_flag = (flag & SSH2_FXE_STATVFS_ST_RDONLY) ? ST_RDONLY : 0;
290 	st->f_flag |= (flag & SSH2_FXE_STATVFS_ST_NOSUID) ? ST_NOSUID : 0;
291 
292 	buffer_free(&msg);
293 
294 	return 0;
295 }
296 
297 struct sftp_conn *
298 do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests)
299 {
300 	u_int type, exts = 0;
301 	int version;
302 	Buffer msg;
303 	struct sftp_conn *ret;
304 
305 	buffer_init(&msg);
306 	buffer_put_char(&msg, SSH2_FXP_INIT);
307 	buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
308 	send_msg(fd_out, &msg);
309 
310 	buffer_clear(&msg);
311 
312 	get_msg(fd_in, &msg);
313 
314 	/* Expecting a VERSION reply */
315 	if ((type = buffer_get_char(&msg)) != SSH2_FXP_VERSION) {
316 		error("Invalid packet back from SSH2_FXP_INIT (type %u)",
317 		    type);
318 		buffer_free(&msg);
319 		return(NULL);
320 	}
321 	version = buffer_get_int(&msg);
322 
323 	debug2("Remote version: %d", version);
324 
325 	/* Check for extensions */
326 	while (buffer_len(&msg) > 0) {
327 		char *name = buffer_get_string(&msg, NULL);
328 		char *value = buffer_get_string(&msg, NULL);
329 		int known = 0;
330 
331 		if (strcmp(name, "posix-rename@openssh.com") == 0 &&
332 		    strcmp(value, "1") == 0) {
333 			exts |= SFTP_EXT_POSIX_RENAME;
334 			known = 1;
335 		} else if (strcmp(name, "statvfs@openssh.com") == 0 &&
336 		    strcmp(value, "2") == 0) {
337 			exts |= SFTP_EXT_STATVFS;
338 			known = 1;
339 		} if (strcmp(name, "fstatvfs@openssh.com") == 0 &&
340 		    strcmp(value, "2") == 0) {
341 			exts |= SFTP_EXT_FSTATVFS;
342 			known = 1;
343 		}
344 		if (known) {
345 			debug2("Server supports extension \"%s\" revision %s",
346 			    name, value);
347 		} else {
348 			debug2("Unrecognised server extension \"%s\"", name);
349 		}
350 		xfree(name);
351 		xfree(value);
352 	}
353 
354 	buffer_free(&msg);
355 
356 	ret = xmalloc(sizeof(*ret));
357 	ret->fd_in = fd_in;
358 	ret->fd_out = fd_out;
359 	ret->transfer_buflen = transfer_buflen;
360 	ret->num_requests = num_requests;
361 	ret->version = version;
362 	ret->msg_id = 1;
363 	ret->exts = exts;
364 
365 	/* Some filexfer v.0 servers don't support large packets */
366 	if (version == 0)
367 		ret->transfer_buflen = MIN(ret->transfer_buflen, 20480);
368 
369 	return(ret);
370 }
371 
372 u_int
373 sftp_proto_version(struct sftp_conn *conn)
374 {
375 	return(conn->version);
376 }
377 
378 int
379 do_close(struct sftp_conn *conn, char *handle, u_int handle_len)
380 {
381 	u_int id, status;
382 	Buffer msg;
383 
384 	buffer_init(&msg);
385 
386 	id = conn->msg_id++;
387 	buffer_put_char(&msg, SSH2_FXP_CLOSE);
388 	buffer_put_int(&msg, id);
389 	buffer_put_string(&msg, handle, handle_len);
390 	send_msg(conn->fd_out, &msg);
391 	debug3("Sent message SSH2_FXP_CLOSE I:%u", id);
392 
393 	status = get_status(conn->fd_in, id);
394 	if (status != SSH2_FX_OK)
395 		error("Couldn't close file: %s", fx2txt(status));
396 
397 	buffer_free(&msg);
398 
399 	return(status);
400 }
401 
402 
403 static int
404 do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
405     SFTP_DIRENT ***dir)
406 {
407 	Buffer msg;
408 	u_int count, type, id, handle_len, i, expected_id, ents = 0;
409 	char *handle;
410 
411 	id = conn->msg_id++;
412 
413 	buffer_init(&msg);
414 	buffer_put_char(&msg, SSH2_FXP_OPENDIR);
415 	buffer_put_int(&msg, id);
416 	buffer_put_cstring(&msg, path);
417 	send_msg(conn->fd_out, &msg);
418 
419 	buffer_clear(&msg);
420 
421 	handle = get_handle(conn->fd_in, id, &handle_len);
422 	if (handle == NULL)
423 		return(-1);
424 
425 	if (dir) {
426 		ents = 0;
427 		*dir = xmalloc(sizeof(**dir));
428 		(*dir)[0] = NULL;
429 	}
430 
431 	for (; !interrupted;) {
432 		id = expected_id = conn->msg_id++;
433 
434 		debug3("Sending SSH2_FXP_READDIR I:%u", id);
435 
436 		buffer_clear(&msg);
437 		buffer_put_char(&msg, SSH2_FXP_READDIR);
438 		buffer_put_int(&msg, id);
439 		buffer_put_string(&msg, handle, handle_len);
440 		send_msg(conn->fd_out, &msg);
441 
442 		buffer_clear(&msg);
443 
444 		get_msg(conn->fd_in, &msg);
445 
446 		type = buffer_get_char(&msg);
447 		id = buffer_get_int(&msg);
448 
449 		debug3("Received reply T:%u I:%u", type, id);
450 
451 		if (id != expected_id)
452 			fatal("ID mismatch (%u != %u)", id, expected_id);
453 
454 		if (type == SSH2_FXP_STATUS) {
455 			int status = buffer_get_int(&msg);
456 
457 			debug3("Received SSH2_FXP_STATUS %d", status);
458 
459 			if (status == SSH2_FX_EOF) {
460 				break;
461 			} else {
462 				error("Couldn't read directory: %s",
463 				    fx2txt(status));
464 				do_close(conn, handle, handle_len);
465 				xfree(handle);
466 				return(status);
467 			}
468 		} else if (type != SSH2_FXP_NAME)
469 			fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
470 			    SSH2_FXP_NAME, type);
471 
472 		count = buffer_get_int(&msg);
473 		if (count == 0)
474 			break;
475 		debug3("Received %d SSH2_FXP_NAME responses", count);
476 		for (i = 0; i < count; i++) {
477 			char *filename, *longname;
478 			Attrib *a;
479 
480 			filename = buffer_get_string(&msg, NULL);
481 			longname = buffer_get_string(&msg, NULL);
482 			a = decode_attrib(&msg);
483 
484 			if (printflag)
485 				printf("%s\n", longname);
486 
487 			if (dir) {
488 				*dir = xrealloc(*dir, ents + 2, sizeof(**dir));
489 				(*dir)[ents] = xmalloc(sizeof(***dir));
490 				(*dir)[ents]->filename = xstrdup(filename);
491 				(*dir)[ents]->longname = xstrdup(longname);
492 				memcpy(&(*dir)[ents]->a, a, sizeof(*a));
493 				(*dir)[++ents] = NULL;
494 			}
495 
496 			xfree(filename);
497 			xfree(longname);
498 		}
499 	}
500 
501 	buffer_free(&msg);
502 	do_close(conn, handle, handle_len);
503 	xfree(handle);
504 
505 	/* Don't return partial matches on interrupt */
506 	if (interrupted && dir != NULL && *dir != NULL) {
507 		free_sftp_dirents(*dir);
508 		*dir = xmalloc(sizeof(**dir));
509 		**dir = NULL;
510 	}
511 
512 	return(0);
513 }
514 
515 int
516 do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir)
517 {
518 	return(do_lsreaddir(conn, path, 0, dir));
519 }
520 
521 void free_sftp_dirents(SFTP_DIRENT **s)
522 {
523 	int i;
524 
525 	for (i = 0; s[i]; i++) {
526 		xfree(s[i]->filename);
527 		xfree(s[i]->longname);
528 		xfree(s[i]);
529 	}
530 	xfree(s);
531 }
532 
533 int
534 do_rm(struct sftp_conn *conn, char *path)
535 {
536 	u_int status, id;
537 
538 	debug2("Sending SSH2_FXP_REMOVE \"%s\"", path);
539 
540 	id = conn->msg_id++;
541 	send_string_request(conn->fd_out, id, SSH2_FXP_REMOVE, path,
542 	    strlen(path));
543 	status = get_status(conn->fd_in, id);
544 	if (status != SSH2_FX_OK)
545 		error("Couldn't delete file: %s", fx2txt(status));
546 	return(status);
547 }
548 
549 int
550 do_mkdir(struct sftp_conn *conn, char *path, Attrib *a)
551 {
552 	u_int status, id;
553 
554 	id = conn->msg_id++;
555 	send_string_attrs_request(conn->fd_out, id, SSH2_FXP_MKDIR, path,
556 	    strlen(path), a);
557 
558 	status = get_status(conn->fd_in, id);
559 	if (status != SSH2_FX_OK)
560 		error("Couldn't create directory: %s", fx2txt(status));
561 
562 	return(status);
563 }
564 
565 int
566 do_rmdir(struct sftp_conn *conn, char *path)
567 {
568 	u_int status, id;
569 
570 	id = conn->msg_id++;
571 	send_string_request(conn->fd_out, id, SSH2_FXP_RMDIR, path,
572 	    strlen(path));
573 
574 	status = get_status(conn->fd_in, id);
575 	if (status != SSH2_FX_OK)
576 		error("Couldn't remove directory: %s", fx2txt(status));
577 
578 	return(status);
579 }
580 
581 Attrib *
582 do_stat(struct sftp_conn *conn, char *path, int quiet)
583 {
584 	u_int id;
585 
586 	id = conn->msg_id++;
587 
588 	send_string_request(conn->fd_out, id,
589 	    conn->version == 0 ? SSH2_FXP_STAT_VERSION_0 : SSH2_FXP_STAT,
590 	    path, strlen(path));
591 
592 	return(get_decode_stat(conn->fd_in, id, quiet));
593 }
594 
595 Attrib *
596 do_lstat(struct sftp_conn *conn, char *path, int quiet)
597 {
598 	u_int id;
599 
600 	if (conn->version == 0) {
601 		if (quiet)
602 			debug("Server version does not support lstat operation");
603 		else
604 			logit("Server version does not support lstat operation");
605 		return(do_stat(conn, path, quiet));
606 	}
607 
608 	id = conn->msg_id++;
609 	send_string_request(conn->fd_out, id, SSH2_FXP_LSTAT, path,
610 	    strlen(path));
611 
612 	return(get_decode_stat(conn->fd_in, id, quiet));
613 }
614 
615 #ifdef notyet
616 Attrib *
617 do_fstat(struct sftp_conn *conn, char *handle, u_int handle_len, int quiet)
618 {
619 	u_int id;
620 
621 	id = conn->msg_id++;
622 	send_string_request(conn->fd_out, id, SSH2_FXP_FSTAT, handle,
623 	    handle_len);
624 
625 	return(get_decode_stat(conn->fd_in, id, quiet));
626 }
627 #endif
628 
629 int
630 do_setstat(struct sftp_conn *conn, char *path, Attrib *a)
631 {
632 	u_int status, id;
633 
634 	id = conn->msg_id++;
635 	send_string_attrs_request(conn->fd_out, id, SSH2_FXP_SETSTAT, path,
636 	    strlen(path), a);
637 
638 	status = get_status(conn->fd_in, id);
639 	if (status != SSH2_FX_OK)
640 		error("Couldn't setstat on \"%s\": %s", path,
641 		    fx2txt(status));
642 
643 	return(status);
644 }
645 
646 int
647 do_fsetstat(struct sftp_conn *conn, char *handle, u_int handle_len,
648     Attrib *a)
649 {
650 	u_int status, id;
651 
652 	id = conn->msg_id++;
653 	send_string_attrs_request(conn->fd_out, id, SSH2_FXP_FSETSTAT, handle,
654 	    handle_len, a);
655 
656 	status = get_status(conn->fd_in, id);
657 	if (status != SSH2_FX_OK)
658 		error("Couldn't fsetstat: %s", fx2txt(status));
659 
660 	return(status);
661 }
662 
663 char *
664 do_realpath(struct sftp_conn *conn, char *path)
665 {
666 	Buffer msg;
667 	u_int type, expected_id, count, id;
668 	char *filename, *longname;
669 	Attrib *a;
670 
671 	expected_id = id = conn->msg_id++;
672 	send_string_request(conn->fd_out, id, SSH2_FXP_REALPATH, path,
673 	    strlen(path));
674 
675 	buffer_init(&msg);
676 
677 	get_msg(conn->fd_in, &msg);
678 	type = buffer_get_char(&msg);
679 	id = buffer_get_int(&msg);
680 
681 	if (id != expected_id)
682 		fatal("ID mismatch (%u != %u)", id, expected_id);
683 
684 	if (type == SSH2_FXP_STATUS) {
685 		u_int status = buffer_get_int(&msg);
686 
687 		error("Couldn't canonicalise: %s", fx2txt(status));
688 		return(NULL);
689 	} else if (type != SSH2_FXP_NAME)
690 		fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
691 		    SSH2_FXP_NAME, type);
692 
693 	count = buffer_get_int(&msg);
694 	if (count != 1)
695 		fatal("Got multiple names (%d) from SSH_FXP_REALPATH", count);
696 
697 	filename = buffer_get_string(&msg, NULL);
698 	longname = buffer_get_string(&msg, NULL);
699 	a = decode_attrib(&msg);
700 
701 	debug3("SSH_FXP_REALPATH %s -> %s", path, filename);
702 
703 	xfree(longname);
704 
705 	buffer_free(&msg);
706 
707 	return(filename);
708 }
709 
710 int
711 do_rename(struct sftp_conn *conn, char *oldpath, char *newpath)
712 {
713 	Buffer msg;
714 	u_int status, id;
715 
716 	buffer_init(&msg);
717 
718 	/* Send rename request */
719 	id = conn->msg_id++;
720 	if ((conn->exts & SFTP_EXT_POSIX_RENAME)) {
721 		buffer_put_char(&msg, SSH2_FXP_EXTENDED);
722 		buffer_put_int(&msg, id);
723 		buffer_put_cstring(&msg, "posix-rename@openssh.com");
724 	} else {
725 		buffer_put_char(&msg, SSH2_FXP_RENAME);
726 		buffer_put_int(&msg, id);
727 	}
728 	buffer_put_cstring(&msg, oldpath);
729 	buffer_put_cstring(&msg, newpath);
730 	send_msg(conn->fd_out, &msg);
731 	debug3("Sent message %s \"%s\" -> \"%s\"",
732 	    (conn->exts & SFTP_EXT_POSIX_RENAME) ? "posix-rename@openssh.com" :
733 	    "SSH2_FXP_RENAME", oldpath, newpath);
734 	buffer_free(&msg);
735 
736 	status = get_status(conn->fd_in, id);
737 	if (status != SSH2_FX_OK)
738 		error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath,
739 		    newpath, fx2txt(status));
740 
741 	return(status);
742 }
743 
744 int
745 do_symlink(struct sftp_conn *conn, char *oldpath, char *newpath)
746 {
747 	Buffer msg;
748 	u_int status, id;
749 
750 	if (conn->version < 3) {
751 		error("This server does not support the symlink operation");
752 		return(SSH2_FX_OP_UNSUPPORTED);
753 	}
754 
755 	buffer_init(&msg);
756 
757 	/* Send symlink request */
758 	id = conn->msg_id++;
759 	buffer_put_char(&msg, SSH2_FXP_SYMLINK);
760 	buffer_put_int(&msg, id);
761 	buffer_put_cstring(&msg, oldpath);
762 	buffer_put_cstring(&msg, newpath);
763 	send_msg(conn->fd_out, &msg);
764 	debug3("Sent message SSH2_FXP_SYMLINK \"%s\" -> \"%s\"", oldpath,
765 	    newpath);
766 	buffer_free(&msg);
767 
768 	status = get_status(conn->fd_in, id);
769 	if (status != SSH2_FX_OK)
770 		error("Couldn't symlink file \"%s\" to \"%s\": %s", oldpath,
771 		    newpath, fx2txt(status));
772 
773 	return(status);
774 }
775 
776 #ifdef notyet
777 char *
778 do_readlink(struct sftp_conn *conn, char *path)
779 {
780 	Buffer msg;
781 	u_int type, expected_id, count, id;
782 	char *filename, *longname;
783 	Attrib *a;
784 
785 	expected_id = id = conn->msg_id++;
786 	send_string_request(conn->fd_out, id, SSH2_FXP_READLINK, path,
787 	    strlen(path));
788 
789 	buffer_init(&msg);
790 
791 	get_msg(conn->fd_in, &msg);
792 	type = buffer_get_char(&msg);
793 	id = buffer_get_int(&msg);
794 
795 	if (id != expected_id)
796 		fatal("ID mismatch (%u != %u)", id, expected_id);
797 
798 	if (type == SSH2_FXP_STATUS) {
799 		u_int status = buffer_get_int(&msg);
800 
801 		error("Couldn't readlink: %s", fx2txt(status));
802 		return(NULL);
803 	} else if (type != SSH2_FXP_NAME)
804 		fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
805 		    SSH2_FXP_NAME, type);
806 
807 	count = buffer_get_int(&msg);
808 	if (count != 1)
809 		fatal("Got multiple names (%d) from SSH_FXP_READLINK", count);
810 
811 	filename = buffer_get_string(&msg, NULL);
812 	longname = buffer_get_string(&msg, NULL);
813 	a = decode_attrib(&msg);
814 
815 	debug3("SSH_FXP_READLINK %s -> %s", path, filename);
816 
817 	xfree(longname);
818 
819 	buffer_free(&msg);
820 
821 	return(filename);
822 }
823 #endif
824 
825 int
826 do_statvfs(struct sftp_conn *conn, const char *path, struct sftp_statvfs *st,
827     int quiet)
828 {
829 	Buffer msg;
830 	u_int id;
831 
832 	if ((conn->exts & SFTP_EXT_STATVFS) == 0) {
833 		error("Server does not support statvfs@openssh.com extension");
834 		return -1;
835 	}
836 
837 	id = conn->msg_id++;
838 
839 	buffer_init(&msg);
840 	buffer_clear(&msg);
841 	buffer_put_char(&msg, SSH2_FXP_EXTENDED);
842 	buffer_put_int(&msg, id);
843 	buffer_put_cstring(&msg, "statvfs@openssh.com");
844 	buffer_put_cstring(&msg, path);
845 	send_msg(conn->fd_out, &msg);
846 	buffer_free(&msg);
847 
848 	return get_decode_statvfs(conn->fd_in, st, id, quiet);
849 }
850 
851 #ifdef notyet
852 int
853 do_fstatvfs(struct sftp_conn *conn, const char *handle, u_int handle_len,
854     struct sftp_statvfs *st, int quiet)
855 {
856 	Buffer msg;
857 	u_int id;
858 
859 	if ((conn->exts & SFTP_EXT_FSTATVFS) == 0) {
860 		error("Server does not support fstatvfs@openssh.com extension");
861 		return -1;
862 	}
863 
864 	id = conn->msg_id++;
865 
866 	buffer_init(&msg);
867 	buffer_clear(&msg);
868 	buffer_put_char(&msg, SSH2_FXP_EXTENDED);
869 	buffer_put_int(&msg, id);
870 	buffer_put_cstring(&msg, "fstatvfs@openssh.com");
871 	buffer_put_string(&msg, handle, handle_len);
872 	send_msg(conn->fd_out, &msg);
873 	buffer_free(&msg);
874 
875 	return get_decode_statvfs(conn->fd_in, st, id, quiet);
876 }
877 #endif
878 
879 static void
880 send_read_request(int fd_out, u_int id, u_int64_t offset, u_int len,
881     char *handle, u_int handle_len)
882 {
883 	Buffer msg;
884 
885 	buffer_init(&msg);
886 	buffer_clear(&msg);
887 	buffer_put_char(&msg, SSH2_FXP_READ);
888 	buffer_put_int(&msg, id);
889 	buffer_put_string(&msg, handle, handle_len);
890 	buffer_put_int64(&msg, offset);
891 	buffer_put_int(&msg, len);
892 	send_msg(fd_out, &msg);
893 	buffer_free(&msg);
894 }
895 
896 int
897 do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
898     int pflag)
899 {
900 	Attrib junk, *a;
901 	Buffer msg;
902 	char *handle;
903 	int local_fd, status = 0, write_error;
904 	int read_error, write_errno;
905 	u_int64_t offset, size;
906 	u_int handle_len, mode, type, id, buflen, num_req, max_req;
907 	off_t progress_counter;
908 	struct request {
909 		u_int id;
910 		u_int len;
911 		u_int64_t offset;
912 		TAILQ_ENTRY(request) tq;
913 	};
914 	TAILQ_HEAD(reqhead, request) requests;
915 	struct request *req;
916 
917 	TAILQ_INIT(&requests);
918 
919 	a = do_stat(conn, remote_path, 0);
920 	if (a == NULL)
921 		return(-1);
922 
923 	/* Do not preserve set[ug]id here, as we do not preserve ownership */
924 	if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
925 		mode = a->perm & 0777;
926 	else
927 		mode = 0666;
928 
929 	if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
930 	    (!S_ISREG(a->perm))) {
931 		error("Cannot download non-regular file: %s", remote_path);
932 		return(-1);
933 	}
934 
935 	if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
936 		size = a->size;
937 	else
938 		size = 0;
939 
940 	buflen = conn->transfer_buflen;
941 	buffer_init(&msg);
942 
943 	/* Send open request */
944 	id = conn->msg_id++;
945 	buffer_put_char(&msg, SSH2_FXP_OPEN);
946 	buffer_put_int(&msg, id);
947 	buffer_put_cstring(&msg, remote_path);
948 	buffer_put_int(&msg, SSH2_FXF_READ);
949 	attrib_clear(&junk); /* Send empty attributes */
950 	encode_attrib(&msg, &junk);
951 	send_msg(conn->fd_out, &msg);
952 	debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
953 
954 	handle = get_handle(conn->fd_in, id, &handle_len);
955 	if (handle == NULL) {
956 		buffer_free(&msg);
957 		return(-1);
958 	}
959 
960 	local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC,
961 	    mode | S_IWRITE);
962 	if (local_fd == -1) {
963 		error("Couldn't open local file \"%s\" for writing: %s",
964 		    local_path, strerror(errno));
965 		do_close(conn, handle, handle_len);
966 		buffer_free(&msg);
967 		xfree(handle);
968 		return(-1);
969 	}
970 
971 	/* Read from remote and write to local */
972 	write_error = read_error = write_errno = num_req = offset = 0;
973 	max_req = 1;
974 	progress_counter = 0;
975 
976 	if (showprogress && size != 0)
977 		start_progress_meter(remote_path, size, &progress_counter);
978 
979 	while (num_req > 0 || max_req > 0) {
980 		char *data;
981 		u_int len;
982 
983 		/*
984 		 * Simulate EOF on interrupt: stop sending new requests and
985 		 * allow outstanding requests to drain gracefully
986 		 */
987 		if (interrupted) {
988 			if (num_req == 0) /* If we haven't started yet... */
989 				break;
990 			max_req = 0;
991 		}
992 
993 		/* Send some more requests */
994 		while (num_req < max_req) {
995 			debug3("Request range %llu -> %llu (%d/%d)",
996 			    (unsigned long long)offset,
997 			    (unsigned long long)offset + buflen - 1,
998 			    num_req, max_req);
999 			req = xmalloc(sizeof(*req));
1000 			req->id = conn->msg_id++;
1001 			req->len = buflen;
1002 			req->offset = offset;
1003 			offset += buflen;
1004 			num_req++;
1005 			TAILQ_INSERT_TAIL(&requests, req, tq);
1006 			send_read_request(conn->fd_out, req->id, req->offset,
1007 			    req->len, handle, handle_len);
1008 		}
1009 
1010 		buffer_clear(&msg);
1011 		get_msg(conn->fd_in, &msg);
1012 		type = buffer_get_char(&msg);
1013 		id = buffer_get_int(&msg);
1014 		debug3("Received reply T:%u I:%u R:%d", type, id, max_req);
1015 
1016 		/* Find the request in our queue */
1017 		for (req = TAILQ_FIRST(&requests);
1018 		    req != NULL && req->id != id;
1019 		    req = TAILQ_NEXT(req, tq))
1020 			;
1021 		if (req == NULL)
1022 			fatal("Unexpected reply %u", id);
1023 
1024 		switch (type) {
1025 		case SSH2_FXP_STATUS:
1026 			status = buffer_get_int(&msg);
1027 			if (status != SSH2_FX_EOF)
1028 				read_error = 1;
1029 			max_req = 0;
1030 			TAILQ_REMOVE(&requests, req, tq);
1031 			xfree(req);
1032 			num_req--;
1033 			break;
1034 		case SSH2_FXP_DATA:
1035 			data = buffer_get_string(&msg, &len);
1036 			debug3("Received data %llu -> %llu",
1037 			    (unsigned long long)req->offset,
1038 			    (unsigned long long)req->offset + len - 1);
1039 			if (len > req->len)
1040 				fatal("Received more data than asked for "
1041 				    "%u > %u", len, req->len);
1042 			if ((lseek(local_fd, req->offset, SEEK_SET) == -1 ||
1043 			    atomicio(vwrite, local_fd, data, len) != len) &&
1044 			    !write_error) {
1045 				write_errno = errno;
1046 				write_error = 1;
1047 				max_req = 0;
1048 			}
1049 			progress_counter += len;
1050 			xfree(data);
1051 
1052 			if (len == req->len) {
1053 				TAILQ_REMOVE(&requests, req, tq);
1054 				xfree(req);
1055 				num_req--;
1056 			} else {
1057 				/* Resend the request for the missing data */
1058 				debug3("Short data block, re-requesting "
1059 				    "%llu -> %llu (%2d)",
1060 				    (unsigned long long)req->offset + len,
1061 				    (unsigned long long)req->offset +
1062 				    req->len - 1, num_req);
1063 				req->id = conn->msg_id++;
1064 				req->len -= len;
1065 				req->offset += len;
1066 				send_read_request(conn->fd_out, req->id,
1067 				    req->offset, req->len, handle, handle_len);
1068 				/* Reduce the request size */
1069 				if (len < buflen)
1070 					buflen = MAX(MIN_READ_SIZE, len);
1071 			}
1072 			if (max_req > 0) { /* max_req = 0 iff EOF received */
1073 				if (size > 0 && offset > size) {
1074 					/* Only one request at a time
1075 					 * after the expected EOF */
1076 					debug3("Finish at %llu (%2d)",
1077 					    (unsigned long long)offset,
1078 					    num_req);
1079 					max_req = 1;
1080 				} else if (max_req <= conn->num_requests) {
1081 					++max_req;
1082 				}
1083 			}
1084 			break;
1085 		default:
1086 			fatal("Expected SSH2_FXP_DATA(%u) packet, got %u",
1087 			    SSH2_FXP_DATA, type);
1088 		}
1089 	}
1090 
1091 	if (showprogress && size)
1092 		stop_progress_meter();
1093 
1094 	/* Sanity check */
1095 	if (TAILQ_FIRST(&requests) != NULL)
1096 		fatal("Transfer complete, but requests still in queue");
1097 
1098 	if (read_error) {
1099 		error("Couldn't read from remote file \"%s\" : %s",
1100 		    remote_path, fx2txt(status));
1101 		do_close(conn, handle, handle_len);
1102 	} else if (write_error) {
1103 		error("Couldn't write to \"%s\": %s", local_path,
1104 		    strerror(write_errno));
1105 		status = -1;
1106 		do_close(conn, handle, handle_len);
1107 	} else {
1108 		status = do_close(conn, handle, handle_len);
1109 
1110 		/* Override umask and utimes if asked */
1111 #ifdef HAVE_FCHMOD
1112 		if (pflag && fchmod(local_fd, mode) == -1)
1113 #else
1114 		if (pflag && chmod(local_path, mode) == -1)
1115 #endif /* HAVE_FCHMOD */
1116 			error("Couldn't set mode on \"%s\": %s", local_path,
1117 			    strerror(errno));
1118 		if (pflag && (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) {
1119 			struct timeval tv[2];
1120 			tv[0].tv_sec = a->atime;
1121 			tv[1].tv_sec = a->mtime;
1122 			tv[0].tv_usec = tv[1].tv_usec = 0;
1123 			if (utimes(local_path, tv) == -1)
1124 				error("Can't set times on \"%s\": %s",
1125 				    local_path, strerror(errno));
1126 		}
1127 	}
1128 	close(local_fd);
1129 	buffer_free(&msg);
1130 	xfree(handle);
1131 
1132 	return(status);
1133 }
1134 
1135 int
1136 do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
1137     int pflag)
1138 {
1139 	int local_fd;
1140 	int status = SSH2_FX_OK;
1141 	u_int handle_len, id, type;
1142 	off_t offset;
1143 	char *handle, *data;
1144 	Buffer msg;
1145 	struct stat sb;
1146 	Attrib a;
1147 	u_int32_t startid;
1148 	u_int32_t ackid;
1149 	struct outstanding_ack {
1150 		u_int id;
1151 		u_int len;
1152 		off_t offset;
1153 		TAILQ_ENTRY(outstanding_ack) tq;
1154 	};
1155 	TAILQ_HEAD(ackhead, outstanding_ack) acks;
1156 	struct outstanding_ack *ack = NULL;
1157 
1158 	TAILQ_INIT(&acks);
1159 
1160 	if ((local_fd = open(local_path, O_RDONLY, 0)) == -1) {
1161 		error("Couldn't open local file \"%s\" for reading: %s",
1162 		    local_path, strerror(errno));
1163 		return(-1);
1164 	}
1165 	if (fstat(local_fd, &sb) == -1) {
1166 		error("Couldn't fstat local file \"%s\": %s",
1167 		    local_path, strerror(errno));
1168 		close(local_fd);
1169 		return(-1);
1170 	}
1171 	if (!S_ISREG(sb.st_mode)) {
1172 		error("%s is not a regular file", local_path);
1173 		close(local_fd);
1174 		return(-1);
1175 	}
1176 	stat_to_attrib(&sb, &a);
1177 
1178 	a.flags &= ~SSH2_FILEXFER_ATTR_SIZE;
1179 	a.flags &= ~SSH2_FILEXFER_ATTR_UIDGID;
1180 	a.perm &= 0777;
1181 	if (!pflag)
1182 		a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
1183 
1184 	buffer_init(&msg);
1185 
1186 	/* Send open request */
1187 	id = conn->msg_id++;
1188 	buffer_put_char(&msg, SSH2_FXP_OPEN);
1189 	buffer_put_int(&msg, id);
1190 	buffer_put_cstring(&msg, remote_path);
1191 	buffer_put_int(&msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC);
1192 	encode_attrib(&msg, &a);
1193 	send_msg(conn->fd_out, &msg);
1194 	debug3("Sent message SSH2_FXP_OPEN I:%u P:%s", id, remote_path);
1195 
1196 	buffer_clear(&msg);
1197 
1198 	handle = get_handle(conn->fd_in, id, &handle_len);
1199 	if (handle == NULL) {
1200 		close(local_fd);
1201 		buffer_free(&msg);
1202 		return -1;
1203 	}
1204 
1205 	startid = ackid = id + 1;
1206 	data = xmalloc(conn->transfer_buflen);
1207 
1208 	/* Read from local and write to remote */
1209 	offset = 0;
1210 	if (showprogress)
1211 		start_progress_meter(local_path, sb.st_size, &offset);
1212 
1213 	for (;;) {
1214 		int len;
1215 
1216 		/*
1217 		 * Can't use atomicio here because it returns 0 on EOF,
1218 		 * thus losing the last block of the file.
1219 		 * Simulate an EOF on interrupt, allowing ACKs from the
1220 		 * server to drain.
1221 		 */
1222 		if (interrupted || status != SSH2_FX_OK)
1223 			len = 0;
1224 		else do
1225 			len = read(local_fd, data, conn->transfer_buflen);
1226 		while ((len == -1) &&
1227 		    (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK));
1228 
1229 		if (len == -1)
1230 			fatal("Couldn't read from \"%s\": %s", local_path,
1231 			    strerror(errno));
1232 
1233 		if (len != 0) {
1234 			ack = xmalloc(sizeof(*ack));
1235 			ack->id = ++id;
1236 			ack->offset = offset;
1237 			ack->len = len;
1238 			TAILQ_INSERT_TAIL(&acks, ack, tq);
1239 
1240 			buffer_clear(&msg);
1241 			buffer_put_char(&msg, SSH2_FXP_WRITE);
1242 			buffer_put_int(&msg, ack->id);
1243 			buffer_put_string(&msg, handle, handle_len);
1244 			buffer_put_int64(&msg, offset);
1245 			buffer_put_string(&msg, data, len);
1246 			send_msg(conn->fd_out, &msg);
1247 			debug3("Sent message SSH2_FXP_WRITE I:%u O:%llu S:%u",
1248 			    id, (unsigned long long)offset, len);
1249 		} else if (TAILQ_FIRST(&acks) == NULL)
1250 			break;
1251 
1252 		if (ack == NULL)
1253 			fatal("Unexpected ACK %u", id);
1254 
1255 		if (id == startid || len == 0 ||
1256 		    id - ackid >= conn->num_requests) {
1257 			u_int r_id;
1258 
1259 			buffer_clear(&msg);
1260 			get_msg(conn->fd_in, &msg);
1261 			type = buffer_get_char(&msg);
1262 			r_id = buffer_get_int(&msg);
1263 
1264 			if (type != SSH2_FXP_STATUS)
1265 				fatal("Expected SSH2_FXP_STATUS(%d) packet, "
1266 				    "got %d", SSH2_FXP_STATUS, type);
1267 
1268 			status = buffer_get_int(&msg);
1269 			debug3("SSH2_FXP_STATUS %d", status);
1270 
1271 			/* Find the request in our queue */
1272 			for (ack = TAILQ_FIRST(&acks);
1273 			    ack != NULL && ack->id != r_id;
1274 			    ack = TAILQ_NEXT(ack, tq))
1275 				;
1276 			if (ack == NULL)
1277 				fatal("Can't find request for ID %u", r_id);
1278 			TAILQ_REMOVE(&acks, ack, tq);
1279 			debug3("In write loop, ack for %u %u bytes at %lld",
1280 			    ack->id, ack->len, (long long)ack->offset);
1281 			++ackid;
1282 			xfree(ack);
1283 		}
1284 		offset += len;
1285 		if (offset < 0)
1286 			fatal("%s: offset < 0", __func__);
1287 	}
1288 	buffer_free(&msg);
1289 
1290 	if (showprogress)
1291 		stop_progress_meter();
1292 	xfree(data);
1293 
1294 	if (status != SSH2_FX_OK) {
1295 		error("Couldn't write to remote file \"%s\": %s",
1296 		    remote_path, fx2txt(status));
1297 		status = -1;
1298 	}
1299 
1300 	if (close(local_fd) == -1) {
1301 		error("Couldn't close local file \"%s\": %s", local_path,
1302 		    strerror(errno));
1303 		status = -1;
1304 	}
1305 
1306 	/* Override umask and utimes if asked */
1307 	if (pflag)
1308 		do_fsetstat(conn, handle, handle_len, &a);
1309 
1310 	if (do_close(conn, handle, handle_len) != SSH2_FX_OK)
1311 		status = -1;
1312 	xfree(handle);
1313 
1314 	return status;
1315 }
1316