1/* $OpenBSD: scp.c,v 1.170 2010/12/09 14:13:33 jmc Exp $ */ 2/* 3 * scp - secure remote copy. This is basically patched BSD rcp which 4 * uses ssh to do the data transfer (instead of using rcmd). 5 * 6 * NOTE: This version should NOT be suid root. (This uses ssh to 7 * do the transfer and ssh has the necessary privileges.) 8 * 9 * 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi> 10 * 11 * As far as I am concerned, the code I have written for this software 12 * can be used freely for any purpose. Any derived versions of this 13 * software must be clearly marked as such, and if the derived work is 14 * incompatible with the protocol description in the RFC file, it must be 15 * called by a name other than "ssh" or "Secure Shell". 16 */ 17/* 18 * Copyright (c) 1999 Theo de Raadt. All rights reserved. 19 * Copyright (c) 1999 Aaron Campbell. All rights reserved. 20 * 21 * Redistribution and use in source and binary forms, with or without 22 * modification, are permitted provided that the following conditions 23 * are met: 24 * 1. Redistributions of source code must retain the above copyright 25 * notice, this list of conditions and the following disclaimer. 26 * 2. Redistributions in binary form must reproduce the above copyright 27 * notice, this list of conditions and the following disclaimer in the 28 * documentation and/or other materials provided with the distribution. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 31 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 32 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 33 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 35 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 36 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 37 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 38 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 39 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 40 */ 41 42/* 43 * Parts from: 44 * 45 * Copyright (c) 1983, 1990, 1992, 1993, 1995 46 * The Regents of the University of California. All rights reserved. 47 * 48 * Redistribution and use in source and binary forms, with or without 49 * modification, are permitted provided that the following conditions 50 * are met: 51 * 1. Redistributions of source code must retain the above copyright 52 * notice, this list of conditions and the following disclaimer. 53 * 2. Redistributions in binary form must reproduce the above copyright 54 * notice, this list of conditions and the following disclaimer in the 55 * documentation and/or other materials provided with the distribution. 56 * 3. Neither the name of the University nor the names of its contributors 57 * may be used to endorse or promote products derived from this software 58 * without specific prior written permission. 59 * 60 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 61 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 62 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 63 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 64 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 65 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 66 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 70 * SUCH DAMAGE. 71 * 72 */ 73 74#include "includes.h" 75 76#include <sys/types.h> 77#include <sys/param.h> 78#ifdef HAVE_SYS_STAT_H 79# include <sys/stat.h> 80#endif 81#ifdef HAVE_POLL_H 82#include <poll.h> 83#else 84# ifdef HAVE_SYS_POLL_H 85# include <sys/poll.h> 86# endif 87#endif 88#ifdef HAVE_SYS_TIME_H 89# include <sys/time.h> 90#endif 91#include <sys/wait.h> 92#include <sys/uio.h> 93 94#include <ctype.h> 95#include <dirent.h> 96#include <errno.h> 97#include <fcntl.h> 98#include <pwd.h> 99#include <signal.h> 100#include <stdarg.h> 101#include <stdio.h> 102#include <stdlib.h> 103#include <string.h> 104#include <time.h> 105#include <unistd.h> 106#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) 107#include <vis.h> 108#endif 109 110#include "xmalloc.h" 111#include "atomicio.h" 112#include "pathnames.h" 113#include "log.h" 114#include "misc.h" 115#include "progressmeter.h" 116 117extern char *__progname; 118 119#define COPY_BUFLEN 16384 120 121int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout); 122int do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout); 123 124/* Struct for addargs */ 125arglist args; 126arglist remote_remote_args; 127 128/* Bandwidth limit */ 129long long limit_kbps = 0; 130struct bwlimit bwlimit; 131 132/* Name of current file being transferred. */ 133char *curfile; 134 135/* This is set to non-zero to enable verbose mode. */ 136int verbose_mode = 0; 137 138/* This is set to zero if the progressmeter is not desired. */ 139int showprogress = 1; 140 141/* 142 * This is set to non-zero if remote-remote copy should be piped 143 * through this process. 144 */ 145int throughlocal = 0; 146 147/* This is the program to execute for the secured connection. ("ssh" or -S) */ 148char *ssh_program = _PATH_SSH_PROGRAM; 149 150/* This is used to store the pid of ssh_program */ 151pid_t do_cmd_pid = -1; 152 153static void 154killchild(int signo) 155{ 156 if (do_cmd_pid > 1) { 157 kill(do_cmd_pid, signo ? signo : SIGTERM); 158 waitpid(do_cmd_pid, NULL, 0); 159 } 160 161 if (signo) 162 _exit(1); 163 exit(1); 164} 165 166static void 167suspchild(int signo) 168{ 169 int status; 170 171 if (do_cmd_pid > 1) { 172 kill(do_cmd_pid, signo); 173 while (waitpid(do_cmd_pid, &status, WUNTRACED) == -1 && 174 errno == EINTR) 175 ; 176 kill(getpid(), SIGSTOP); 177 } 178} 179 180static int 181do_local_cmd(arglist *a) 182{ 183 u_int i; 184 int status; 185 pid_t pid; 186 187 if (a->num == 0) 188 fatal("do_local_cmd: no arguments"); 189 190 if (verbose_mode) { 191 fprintf(stderr, "Executing:"); 192 for (i = 0; i < a->num; i++) 193 fprintf(stderr, " %s", a->list[i]); 194 fprintf(stderr, "\n"); 195 } 196 if ((pid = fork()) == -1) 197 fatal("do_local_cmd: fork: %s", strerror(errno)); 198 199 if (pid == 0) { 200 execvp(a->list[0], a->list); 201 perror(a->list[0]); 202 exit(1); 203 } 204 205 do_cmd_pid = pid; 206 signal(SIGTERM, killchild); 207 signal(SIGINT, killchild); 208 signal(SIGHUP, killchild); 209 210 while (waitpid(pid, &status, 0) == -1) 211 if (errno != EINTR) 212 fatal("do_local_cmd: waitpid: %s", strerror(errno)); 213 214 do_cmd_pid = -1; 215 216 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) 217 return (-1); 218 219 return (0); 220} 221 222/* 223 * This function executes the given command as the specified user on the 224 * given host. This returns < 0 if execution fails, and >= 0 otherwise. This 225 * assigns the input and output file descriptors on success. 226 */ 227 228int 229do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) 230{ 231 int pin[2], pout[2], reserved[2]; 232 233 if (verbose_mode) 234 fprintf(stderr, 235 "Executing: program %s host %s, user %s, command %s\n", 236 ssh_program, host, 237 remuser ? remuser : "(unspecified)", cmd); 238 239 /* 240 * Reserve two descriptors so that the real pipes won't get 241 * descriptors 0 and 1 because that will screw up dup2 below. 242 */ 243 if (pipe(reserved) < 0) 244 fatal("pipe: %s", strerror(errno)); 245 246 /* Create a socket pair for communicating with ssh. */ 247 if (pipe(pin) < 0) 248 fatal("pipe: %s", strerror(errno)); 249 if (pipe(pout) < 0) 250 fatal("pipe: %s", strerror(errno)); 251 252 /* Free the reserved descriptors. */ 253 close(reserved[0]); 254 close(reserved[1]); 255 256 signal(SIGTSTP, suspchild); 257 signal(SIGTTIN, suspchild); 258 signal(SIGTTOU, suspchild); 259 260 /* Fork a child to execute the command on the remote host using ssh. */ 261 do_cmd_pid = fork(); 262 if (do_cmd_pid == 0) { 263 /* Child. */ 264 close(pin[1]); 265 close(pout[0]); 266 dup2(pin[0], 0); 267 dup2(pout[1], 1); 268 close(pin[0]); 269 close(pout[1]); 270 271 replacearg(&args, 0, "%s", ssh_program); 272 if (remuser != NULL) { 273 addargs(&args, "-l"); 274 addargs(&args, "%s", remuser); 275 } 276 addargs(&args, "--"); 277 addargs(&args, "%s", host); 278 addargs(&args, "%s", cmd); 279 280 execvp(ssh_program, args.list); 281 perror(ssh_program); 282 exit(1); 283 } else if (do_cmd_pid == -1) { 284 fatal("fork: %s", strerror(errno)); 285 } 286 /* Parent. Close the other side, and return the local side. */ 287 close(pin[0]); 288 *fdout = pin[1]; 289 close(pout[1]); 290 *fdin = pout[0]; 291 signal(SIGTERM, killchild); 292 signal(SIGINT, killchild); 293 signal(SIGHUP, killchild); 294 return 0; 295} 296 297/* 298 * This functions executes a command simlar to do_cmd(), but expects the 299 * input and output descriptors to be setup by a previous call to do_cmd(). 300 * This way the input and output of two commands can be connected. 301 */ 302int 303do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) 304{ 305 pid_t pid; 306 int status; 307 308 if (verbose_mode) 309 fprintf(stderr, 310 "Executing: 2nd program %s host %s, user %s, command %s\n", 311 ssh_program, host, 312 remuser ? remuser : "(unspecified)", cmd); 313 314 /* Fork a child to execute the command on the remote host using ssh. */ 315 pid = fork(); 316 if (pid == 0) { 317 dup2(fdin, 0); 318 dup2(fdout, 1); 319 320 replacearg(&args, 0, "%s", ssh_program); 321 if (remuser != NULL) { 322 addargs(&args, "-l"); 323 addargs(&args, "%s", remuser); 324 } 325 addargs(&args, "--"); 326 addargs(&args, "%s", host); 327 addargs(&args, "%s", cmd); 328 329 execvp(ssh_program, args.list); 330 perror(ssh_program); 331 exit(1); 332 } else if (pid == -1) { 333 fatal("fork: %s", strerror(errno)); 334 } 335 while (waitpid(pid, &status, 0) == -1) 336 if (errno != EINTR) 337 fatal("do_cmd2: waitpid: %s", strerror(errno)); 338 return 0; 339} 340 341typedef struct { 342 size_t cnt; 343 char *buf; 344} BUF; 345 346BUF *allocbuf(BUF *, int, int); 347void lostconn(int); 348int okname(char *); 349void run_err(const char *,...); 350void verifydir(char *); 351 352struct passwd *pwd; 353uid_t userid; 354int errs, remin, remout; 355int pflag, iamremote, iamrecursive, targetshouldbedirectory; 356 357#define CMDNEEDS 64 358char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ 359 360int response(void); 361void rsource(char *, struct stat *); 362void sink(int, char *[]); 363void source(int, char *[]); 364void tolocal(int, char *[]); 365void toremote(char *, int, char *[]); 366void usage(void); 367 368int 369main(int argc, char **argv) 370{ 371 int ch, fflag, tflag, status, n; 372 char *targ, **newargv; 373 const char *errstr; 374 extern char *optarg; 375 extern int optind; 376 377 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 378 sanitise_stdfd(); 379 380 /* Copy argv, because we modify it */ 381 newargv = xcalloc(MAX(argc + 1, 1), sizeof(*newargv)); 382 for (n = 0; n < argc; n++) 383 newargv[n] = xstrdup(argv[n]); 384 argv = newargv; 385 386 __progname = ssh_get_progname(argv[0]); 387 388 memset(&args, '\0', sizeof(args)); 389 memset(&remote_remote_args, '\0', sizeof(remote_remote_args)); 390 args.list = remote_remote_args.list = NULL; 391 addargs(&args, "%s", ssh_program); 392 addargs(&args, "-x"); 393 addargs(&args, "-oForwardAgent=no"); 394 addargs(&args, "-oPermitLocalCommand=no"); 395 addargs(&args, "-oClearAllForwardings=yes"); 396 397 fflag = tflag = 0; 398 while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) 399 switch (ch) { 400 /* User-visible flags. */ 401 case '1': 402 case '2': 403 case '4': 404 case '6': 405 case 'C': 406 addargs(&args, "-%c", ch); 407 addargs(&remote_remote_args, "-%c", ch); 408 break; 409 case '3': 410 throughlocal = 1; 411 break; 412 case 'o': 413 case 'c': 414 case 'i': 415 case 'F': 416 addargs(&remote_remote_args, "-%c", ch); 417 addargs(&remote_remote_args, "%s", optarg); 418 addargs(&args, "-%c", ch); 419 addargs(&args, "%s", optarg); 420 break; 421 case 'P': 422 addargs(&remote_remote_args, "-p"); 423 addargs(&remote_remote_args, "%s", optarg); 424 addargs(&args, "-p"); 425 addargs(&args, "%s", optarg); 426 break; 427 case 'B': 428 addargs(&remote_remote_args, "-oBatchmode=yes"); 429 addargs(&args, "-oBatchmode=yes"); 430 break; 431 case 'l': 432 limit_kbps = strtonum(optarg, 1, 100 * 1024 * 1024, 433 &errstr); 434 if (errstr != NULL) 435 usage(); 436 limit_kbps *= 1024; /* kbps */ 437 bandwidth_limit_init(&bwlimit, limit_kbps, COPY_BUFLEN); 438 break; 439 case 'p': 440 pflag = 1; 441 break; 442 case 'r': 443 iamrecursive = 1; 444 break; 445 case 'S': 446 ssh_program = xstrdup(optarg); 447 break; 448 case 'v': 449 addargs(&args, "-v"); 450 addargs(&remote_remote_args, "-v"); 451 verbose_mode = 1; 452 break; 453 case 'q': 454 addargs(&args, "-q"); 455 addargs(&remote_remote_args, "-q"); 456 showprogress = 0; 457 break; 458 459 /* Server options. */ 460 case 'd': 461 targetshouldbedirectory = 1; 462 break; 463 case 'f': /* "from" */ 464 iamremote = 1; 465 fflag = 1; 466 break; 467 case 't': /* "to" */ 468 iamremote = 1; 469 tflag = 1; 470#ifdef HAVE_CYGWIN 471 setmode(0, O_BINARY); 472#endif 473 break; 474 default: 475 usage(); 476 } 477 argc -= optind; 478 argv += optind; 479 480 if ((pwd = getpwuid(userid = getuid())) == NULL) 481 fatal("unknown user %u", (u_int) userid); 482 483 if (!isatty(STDOUT_FILENO)) 484 showprogress = 0; 485 486 remin = STDIN_FILENO; 487 remout = STDOUT_FILENO; 488 489 if (fflag) { 490 /* Follow "protocol", send data. */ 491 (void) response(); 492 source(argc, argv); 493 exit(errs != 0); 494 } 495 if (tflag) { 496 /* Receive data. */ 497 sink(argc, argv); 498 exit(errs != 0); 499 } 500 if (argc < 2) 501 usage(); 502 if (argc > 2) 503 targetshouldbedirectory = 1; 504 505 remin = remout = -1; 506 do_cmd_pid = -1; 507 /* Command to be executed on remote system using "ssh". */ 508 (void) snprintf(cmd, sizeof cmd, "scp%s%s%s%s", 509 verbose_mode ? " -v" : "", 510 iamrecursive ? " -r" : "", pflag ? " -p" : "", 511 targetshouldbedirectory ? " -d" : ""); 512 513 (void) signal(SIGPIPE, lostconn); 514 515 if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ 516 toremote(targ, argc, argv); 517 else { 518 if (targetshouldbedirectory) 519 verifydir(argv[argc - 1]); 520 tolocal(argc, argv); /* Dest is local host. */ 521 } 522 /* 523 * Finally check the exit status of the ssh process, if one was forked 524 * and no error has occurred yet 525 */ 526 if (do_cmd_pid != -1 && errs == 0) { 527 if (remin != -1) 528 (void) close(remin); 529 if (remout != -1) 530 (void) close(remout); 531 if (waitpid(do_cmd_pid, &status, 0) == -1) 532 errs = 1; 533 else { 534 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) 535 errs = 1; 536 } 537 } 538 exit(errs != 0); 539} 540 541/* Callback from atomicio6 to update progress meter and limit bandwidth */ 542static int 543scpio(void *_cnt, size_t s) 544{ 545 off_t *cnt = (off_t *)_cnt; 546 547 *cnt += s; 548 if (limit_kbps > 0) 549 bandwidth_limit(&bwlimit, s); 550 return 0; 551} 552 553void 554toremote(char *targ, int argc, char **argv) 555{ 556 char *bp, *host, *src, *suser, *thost, *tuser, *arg; 557 arglist alist; 558 int i; 559 u_int j; 560 561 memset(&alist, '\0', sizeof(alist)); 562 alist.list = NULL; 563 564 *targ++ = 0; 565 if (*targ == 0) 566 targ = "."; 567 568 arg = xstrdup(argv[argc - 1]); 569 if ((thost = strrchr(arg, '@'))) { 570 /* user@host */ 571 *thost++ = 0; 572 tuser = arg; 573 if (*tuser == '\0') 574 tuser = NULL; 575 } else { 576 thost = arg; 577 tuser = NULL; 578 } 579 580 if (tuser != NULL && !okname(tuser)) { 581 xfree(arg); 582 return; 583 } 584 585 for (i = 0; i < argc - 1; i++) { 586 src = colon(argv[i]); 587 if (src && throughlocal) { /* extended remote to remote */ 588 *src++ = 0; 589 if (*src == 0) 590 src = "."; 591 host = strrchr(argv[i], '@'); 592 if (host) { 593 *host++ = 0; 594 host = cleanhostname(host); 595 suser = argv[i]; 596 if (*suser == '\0') 597 suser = pwd->pw_name; 598 else if (!okname(suser)) 599 continue; 600 } else { 601 host = cleanhostname(argv[i]); 602 suser = NULL; 603 } 604 xasprintf(&bp, "%s -f -- %s", cmd, src); 605 if (do_cmd(host, suser, bp, &remin, &remout) < 0) 606 exit(1); 607 (void) xfree(bp); 608 host = cleanhostname(thost); 609 xasprintf(&bp, "%s -t -- %s", cmd, targ); 610 if (do_cmd2(host, tuser, bp, remin, remout) < 0) 611 exit(1); 612 (void) xfree(bp); 613 (void) close(remin); 614 (void) close(remout); 615 remin = remout = -1; 616 } else if (src) { /* standard remote to remote */ 617 freeargs(&alist); 618 addargs(&alist, "%s", ssh_program); 619 addargs(&alist, "-x"); 620 addargs(&alist, "-oClearAllForwardings=yes"); 621 addargs(&alist, "-n"); 622 for (j = 0; j < remote_remote_args.num; j++) { 623 addargs(&alist, "%s", 624 remote_remote_args.list[j]); 625 } 626 *src++ = 0; 627 if (*src == 0) 628 src = "."; 629 host = strrchr(argv[i], '@'); 630 631 if (host) { 632 *host++ = 0; 633 host = cleanhostname(host); 634 suser = argv[i]; 635 if (*suser == '\0') 636 suser = pwd->pw_name; 637 else if (!okname(suser)) 638 continue; 639 addargs(&alist, "-l"); 640 addargs(&alist, "%s", suser); 641 } else { 642 host = cleanhostname(argv[i]); 643 } 644 addargs(&alist, "--"); 645 addargs(&alist, "%s", host); 646 addargs(&alist, "%s", cmd); 647 addargs(&alist, "%s", src); 648 addargs(&alist, "%s%s%s:%s", 649 tuser ? tuser : "", tuser ? "@" : "", 650 thost, targ); 651 if (do_local_cmd(&alist) != 0) 652 errs = 1; 653 } else { /* local to remote */ 654 if (remin == -1) { 655 xasprintf(&bp, "%s -t -- %s", cmd, targ); 656 host = cleanhostname(thost); 657 if (do_cmd(host, tuser, bp, &remin, 658 &remout) < 0) 659 exit(1); 660 if (response() < 0) 661 exit(1); 662 (void) xfree(bp); 663 } 664 source(1, argv + i); 665 } 666 } 667 xfree(arg); 668} 669 670void 671tolocal(int argc, char **argv) 672{ 673 char *bp, *host, *src, *suser; 674 arglist alist; 675 int i; 676 677 memset(&alist, '\0', sizeof(alist)); 678 alist.list = NULL; 679 680 for (i = 0; i < argc - 1; i++) { 681 if (!(src = colon(argv[i]))) { /* Local to local. */ 682 freeargs(&alist); 683 addargs(&alist, "%s", _PATH_CP); 684 if (iamrecursive) 685 addargs(&alist, "-r"); 686 if (pflag) 687 addargs(&alist, "-p"); 688 addargs(&alist, "--"); 689 addargs(&alist, "%s", argv[i]); 690 addargs(&alist, "%s", argv[argc-1]); 691 if (do_local_cmd(&alist)) 692 ++errs; 693 continue; 694 } 695 *src++ = 0; 696 if (*src == 0) 697 src = "."; 698 if ((host = strrchr(argv[i], '@')) == NULL) { 699 host = argv[i]; 700 suser = NULL; 701 } else { 702 *host++ = 0; 703 suser = argv[i]; 704 if (*suser == '\0') 705 suser = pwd->pw_name; 706 } 707 host = cleanhostname(host); 708 xasprintf(&bp, "%s -f -- %s", cmd, src); 709 if (do_cmd(host, suser, bp, &remin, &remout) < 0) { 710 (void) xfree(bp); 711 ++errs; 712 continue; 713 } 714 xfree(bp); 715 sink(1, argv + argc - 1); 716 (void) close(remin); 717 remin = remout = -1; 718 } 719} 720 721void 722source(int argc, char **argv) 723{ 724 struct stat stb; 725 static BUF buffer; 726 BUF *bp; 727 off_t i, statbytes; 728 size_t amt; 729 int fd = -1, haderr, indx; 730 char *last, *name, buf[2048], encname[MAXPATHLEN]; 731 int len; 732 733 for (indx = 0; indx < argc; ++indx) { 734 name = argv[indx]; 735 statbytes = 0; 736 len = strlen(name); 737 while (len > 1 && name[len-1] == '/') 738 name[--len] = '\0'; 739 if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0) 740 goto syserr; 741 if (strchr(name, '\n') != NULL) { 742 strnvis(encname, name, sizeof(encname), VIS_NL); 743 name = encname; 744 } 745 if (fstat(fd, &stb) < 0) { 746syserr: run_err("%s: %s", name, strerror(errno)); 747 goto next; 748 } 749 if (stb.st_size < 0) { 750 run_err("%s: %s", name, "Negative file size"); 751 goto next; 752 } 753 unset_nonblock(fd); 754 switch (stb.st_mode & S_IFMT) { 755 case S_IFREG: 756 break; 757 case S_IFDIR: 758 if (iamrecursive) { 759 rsource(name, &stb); 760 goto next; 761 } 762 /* FALLTHROUGH */ 763 default: 764 run_err("%s: not a regular file", name); 765 goto next; 766 } 767 if ((last = strrchr(name, '/')) == NULL) 768 last = name; 769 else 770 ++last; 771 curfile = last; 772 if (pflag) { 773 /* 774 * Make it compatible with possible future 775 * versions expecting microseconds. 776 */ 777 (void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n", 778 (u_long) (stb.st_mtime < 0 ? 0 : stb.st_mtime), 779 (u_long) (stb.st_atime < 0 ? 0 : stb.st_atime)); 780 if (verbose_mode) { 781 fprintf(stderr, "File mtime %ld atime %ld\n", 782 (long)stb.st_mtime, (long)stb.st_atime); 783 fprintf(stderr, "Sending file timestamps: %s", 784 buf); 785 } 786 (void) atomicio(vwrite, remout, buf, strlen(buf)); 787 if (response() < 0) 788 goto next; 789 } 790#define FILEMODEMASK (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO) 791 snprintf(buf, sizeof buf, "C%04o %lld %s\n", 792 (u_int) (stb.st_mode & FILEMODEMASK), 793 (long long)stb.st_size, last); 794 if (verbose_mode) { 795 fprintf(stderr, "Sending file modes: %s", buf); 796 } 797 (void) atomicio(vwrite, remout, buf, strlen(buf)); 798 if (response() < 0) 799 goto next; 800 if ((bp = allocbuf(&buffer, fd, COPY_BUFLEN)) == NULL) { 801next: if (fd != -1) { 802 (void) close(fd); 803 fd = -1; 804 } 805 continue; 806 } 807 if (showprogress) 808 start_progress_meter(curfile, stb.st_size, &statbytes); 809 set_nonblock(remout); 810 for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { 811 amt = bp->cnt; 812 if (i + (off_t)amt > stb.st_size) 813 amt = stb.st_size - i; 814 if (!haderr) { 815 if (atomicio(read, fd, bp->buf, amt) != amt) 816 haderr = errno; 817 } 818 /* Keep writing after error to retain sync */ 819 if (haderr) { 820 (void)atomicio(vwrite, remout, bp->buf, amt); 821 continue; 822 } 823 if (atomicio6(vwrite, remout, bp->buf, amt, scpio, 824 &statbytes) != amt) 825 haderr = errno; 826 } 827 unset_nonblock(remout); 828 if (showprogress) 829 stop_progress_meter(); 830 831 if (fd != -1) { 832 if (close(fd) < 0 && !haderr) 833 haderr = errno; 834 fd = -1; 835 } 836 if (!haderr) 837 (void) atomicio(vwrite, remout, "", 1); 838 else 839 run_err("%s: %s", name, strerror(haderr)); 840 (void) response(); 841 } 842} 843 844void 845rsource(char *name, struct stat *statp) 846{ 847 DIR *dirp; 848 struct dirent *dp; 849 char *last, *vect[1], path[1100]; 850 851 if (!(dirp = opendir(name))) { 852 run_err("%s: %s", name, strerror(errno)); 853 return; 854 } 855 last = strrchr(name, '/'); 856 if (last == 0) 857 last = name; 858 else 859 last++; 860 if (pflag) { 861 (void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n", 862 (u_long) statp->st_mtime, 863 (u_long) statp->st_atime); 864 (void) atomicio(vwrite, remout, path, strlen(path)); 865 if (response() < 0) { 866 closedir(dirp); 867 return; 868 } 869 } 870 (void) snprintf(path, sizeof path, "D%04o %d %.1024s\n", 871 (u_int) (statp->st_mode & FILEMODEMASK), 0, last); 872 if (verbose_mode) 873 fprintf(stderr, "Entering directory: %s", path); 874 (void) atomicio(vwrite, remout, path, strlen(path)); 875 if (response() < 0) { 876 closedir(dirp); 877 return; 878 } 879 while ((dp = readdir(dirp)) != NULL) { 880 if (dp->d_ino == 0) 881 continue; 882 if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) 883 continue; 884 if (strlen(name) + 1 + strlen(dp->d_name) >= sizeof(path) - 1) { 885 run_err("%s/%s: name too long", name, dp->d_name); 886 continue; 887 } 888 (void) snprintf(path, sizeof path, "%s/%s", name, dp->d_name); 889 vect[0] = path; 890 source(1, vect); 891 } 892 (void) closedir(dirp); 893 (void) atomicio(vwrite, remout, "E\n", 2); 894 (void) response(); 895} 896 897void 898sink(int argc, char **argv) 899{ 900 static BUF buffer; 901 struct stat stb; 902 enum { 903 YES, NO, DISPLAYED 904 } wrerr; 905 BUF *bp; 906 off_t i; 907 size_t j, count; 908 int amt, exists, first, ofd; 909 mode_t mode, omode, mask; 910 off_t size, statbytes; 911 int setimes, targisdir, wrerrno = 0; 912 char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; 913 struct timeval tv[2]; 914 915#define atime tv[0] 916#define mtime tv[1] 917#define SCREWUP(str) { why = str; goto screwup; } 918 919 setimes = targisdir = 0; 920 mask = umask(0); 921 if (!pflag) 922 (void) umask(mask); 923 if (argc != 1) { 924 run_err("ambiguous target"); 925 exit(1); 926 } 927 targ = *argv; 928 if (targetshouldbedirectory) 929 verifydir(targ); 930 931 (void) atomicio(vwrite, remout, "", 1); 932 if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) 933 targisdir = 1; 934 for (first = 1;; first = 0) { 935 cp = buf; 936 if (atomicio(read, remin, cp, 1) != 1) 937 return; 938 if (*cp++ == '\n') 939 SCREWUP("unexpected <newline>"); 940 do { 941 if (atomicio(read, remin, &ch, sizeof(ch)) != sizeof(ch)) 942 SCREWUP("lost connection"); 943 *cp++ = ch; 944 } while (cp < &buf[sizeof(buf) - 1] && ch != '\n'); 945 *cp = 0; 946 if (verbose_mode) 947 fprintf(stderr, "Sink: %s", buf); 948 949 if (buf[0] == '\01' || buf[0] == '\02') { 950 if (iamremote == 0) 951 (void) atomicio(vwrite, STDERR_FILENO, 952 buf + 1, strlen(buf + 1)); 953 if (buf[0] == '\02') 954 exit(1); 955 ++errs; 956 continue; 957 } 958 if (buf[0] == 'E') { 959 (void) atomicio(vwrite, remout, "", 1); 960 return; 961 } 962 if (ch == '\n') 963 *--cp = 0; 964 965 cp = buf; 966 if (*cp == 'T') { 967 setimes++; 968 cp++; 969 mtime.tv_sec = strtol(cp, &cp, 10); 970 if (!cp || *cp++ != ' ') 971 SCREWUP("mtime.sec not delimited"); 972 mtime.tv_usec = strtol(cp, &cp, 10); 973 if (!cp || *cp++ != ' ') 974 SCREWUP("mtime.usec not delimited"); 975 atime.tv_sec = strtol(cp, &cp, 10); 976 if (!cp || *cp++ != ' ') 977 SCREWUP("atime.sec not delimited"); 978 atime.tv_usec = strtol(cp, &cp, 10); 979 if (!cp || *cp++ != '\0') 980 SCREWUP("atime.usec not delimited"); 981 (void) atomicio(vwrite, remout, "", 1); 982 continue; 983 } 984 if (*cp != 'C' && *cp != 'D') { 985 /* 986 * Check for the case "rcp remote:foo\* local:bar". 987 * In this case, the line "No match." can be returned 988 * by the shell before the rcp command on the remote is 989 * executed so the ^Aerror_message convention isn't 990 * followed. 991 */ 992 if (first) { 993 run_err("%s", cp); 994 exit(1); 995 } 996 SCREWUP("expected control record"); 997 } 998 mode = 0; 999 for (++cp; cp < buf + 5; cp++) { 1000 if (*cp < '0' || *cp > '7') 1001 SCREWUP("bad mode"); 1002 mode = (mode << 3) | (*cp - '0'); 1003 } 1004 if (*cp++ != ' ') 1005 SCREWUP("mode not delimited"); 1006 1007 for (size = 0; isdigit(*cp);) 1008 size = size * 10 + (*cp++ - '0'); 1009 if (*cp++ != ' ') 1010 SCREWUP("size not delimited"); 1011 if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { 1012 run_err("error: unexpected filename: %s", cp); 1013 exit(1); 1014 } 1015 if (targisdir) { 1016 static char *namebuf; 1017 static size_t cursize; 1018 size_t need; 1019 1020 need = strlen(targ) + strlen(cp) + 250; 1021 if (need > cursize) { 1022 if (namebuf) 1023 xfree(namebuf); 1024 namebuf = xmalloc(need); 1025 cursize = need; 1026 } 1027 (void) snprintf(namebuf, need, "%s%s%s", targ, 1028 strcmp(targ, "/") ? "/" : "", cp); 1029 np = namebuf; 1030 } else 1031 np = targ; 1032 curfile = cp; 1033 exists = stat(np, &stb) == 0; 1034 if (buf[0] == 'D') { 1035 int mod_flag = pflag; 1036 if (!iamrecursive) 1037 SCREWUP("received directory without -r"); 1038 if (exists) { 1039 if (!S_ISDIR(stb.st_mode)) { 1040 errno = ENOTDIR; 1041 goto bad; 1042 } 1043 if (pflag) 1044 (void) chmod(np, mode); 1045 } else { 1046 /* Handle copying from a read-only 1047 directory */ 1048 mod_flag = 1; 1049 if (mkdir(np, mode | S_IRWXU) < 0) 1050 goto bad; 1051 } 1052 vect[0] = xstrdup(np); 1053 sink(1, vect); 1054 if (setimes) { 1055 setimes = 0; 1056 if (utimes(vect[0], tv) < 0) 1057 run_err("%s: set times: %s", 1058 vect[0], strerror(errno)); 1059 } 1060 if (mod_flag) 1061 (void) chmod(vect[0], mode); 1062 if (vect[0]) 1063 xfree(vect[0]); 1064 continue; 1065 } 1066 omode = mode; 1067 mode |= S_IWUSR; 1068 if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { 1069bad: run_err("%s: %s", np, strerror(errno)); 1070 continue; 1071 } 1072 (void) atomicio(vwrite, remout, "", 1); 1073 if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) { 1074 (void) close(ofd); 1075 continue; 1076 } 1077 cp = bp->buf; 1078 wrerr = NO; 1079 1080 statbytes = 0; 1081 if (showprogress) 1082 start_progress_meter(curfile, size, &statbytes); 1083 set_nonblock(remin); 1084 for (count = i = 0; i < size; i += bp->cnt) { 1085 amt = bp->cnt; 1086 if (i + amt > size) 1087 amt = size - i; 1088 count += amt; 1089 do { 1090 j = atomicio6(read, remin, cp, amt, 1091 scpio, &statbytes); 1092 if (j == 0) { 1093 run_err("%s", j != EPIPE ? 1094 strerror(errno) : 1095 "dropped connection"); 1096 exit(1); 1097 } 1098 amt -= j; 1099 cp += j; 1100 } while (amt > 0); 1101 1102 if (count == bp->cnt) { 1103 /* Keep reading so we stay sync'd up. */ 1104 if (wrerr == NO) { 1105 if (atomicio(vwrite, ofd, bp->buf, 1106 count) != count) { 1107 wrerr = YES; 1108 wrerrno = errno; 1109 } 1110 } 1111 count = 0; 1112 cp = bp->buf; 1113 } 1114 } 1115 unset_nonblock(remin); 1116 if (showprogress) 1117 stop_progress_meter(); 1118 if (count != 0 && wrerr == NO && 1119 atomicio(vwrite, ofd, bp->buf, count) != count) { 1120 wrerr = YES; 1121 wrerrno = errno; 1122 } 1123 if (wrerr == NO && (!exists || S_ISREG(stb.st_mode)) && 1124 ftruncate(ofd, size) != 0) { 1125 run_err("%s: truncate: %s", np, strerror(errno)); 1126 wrerr = DISPLAYED; 1127 } 1128 if (pflag) { 1129 if (exists || omode != mode) 1130#ifdef HAVE_FCHMOD 1131 if (fchmod(ofd, omode)) { 1132#else /* HAVE_FCHMOD */ 1133 if (chmod(np, omode)) { 1134#endif /* HAVE_FCHMOD */ 1135 run_err("%s: set mode: %s", 1136 np, strerror(errno)); 1137 wrerr = DISPLAYED; 1138 } 1139 } else { 1140 if (!exists && omode != mode) 1141#ifdef HAVE_FCHMOD 1142 if (fchmod(ofd, omode & ~mask)) { 1143#else /* HAVE_FCHMOD */ 1144 if (chmod(np, omode & ~mask)) { 1145#endif /* HAVE_FCHMOD */ 1146 run_err("%s: set mode: %s", 1147 np, strerror(errno)); 1148 wrerr = DISPLAYED; 1149 } 1150 } 1151 if (close(ofd) == -1) { 1152 wrerr = YES; 1153 wrerrno = errno; 1154 } 1155 (void) response(); 1156 if (setimes && wrerr == NO) { 1157 setimes = 0; 1158 if (utimes(np, tv) < 0) { 1159 run_err("%s: set times: %s", 1160 np, strerror(errno)); 1161 wrerr = DISPLAYED; 1162 } 1163 } 1164 switch (wrerr) { 1165 case YES: 1166 run_err("%s: %s", np, strerror(wrerrno)); 1167 break; 1168 case NO: 1169 (void) atomicio(vwrite, remout, "", 1); 1170 break; 1171 case DISPLAYED: 1172 break; 1173 } 1174 } 1175screwup: 1176 run_err("protocol error: %s", why); 1177 exit(1); 1178} 1179 1180int 1181response(void) 1182{ 1183 char ch, *cp, resp, rbuf[2048]; 1184 1185 if (atomicio(read, remin, &resp, sizeof(resp)) != sizeof(resp)) 1186 lostconn(0); 1187 1188 cp = rbuf; 1189 switch (resp) { 1190 case 0: /* ok */ 1191 return (0); 1192 default: 1193 *cp++ = resp; 1194 /* FALLTHROUGH */ 1195 case 1: /* error, followed by error msg */ 1196 case 2: /* fatal error, "" */ 1197 do { 1198 if (atomicio(read, remin, &ch, sizeof(ch)) != sizeof(ch)) 1199 lostconn(0); 1200 *cp++ = ch; 1201 } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); 1202 1203 if (!iamremote) 1204 (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf); 1205 ++errs; 1206 if (resp == 1) 1207 return (-1); 1208 exit(1); 1209 } 1210 /* NOTREACHED */ 1211} 1212 1213void 1214usage(void) 1215{ 1216 (void) fprintf(stderr, 1217 "usage: scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n" 1218 " [-l limit] [-o ssh_option] [-P port] [-S program]\n" 1219 " [[user@]host1:]file1 ... [[user@]host2:]file2\n"); 1220 exit(1); 1221} 1222 1223void 1224run_err(const char *fmt,...) 1225{ 1226 static FILE *fp; 1227 va_list ap; 1228 1229 ++errs; 1230 if (fp != NULL || (remout != -1 && (fp = fdopen(remout, "w")))) { 1231 (void) fprintf(fp, "%c", 0x01); 1232 (void) fprintf(fp, "scp: "); 1233 va_start(ap, fmt); 1234 (void) vfprintf(fp, fmt, ap); 1235 va_end(ap); 1236 (void) fprintf(fp, "\n"); 1237 (void) fflush(fp); 1238 } 1239 1240 if (!iamremote) { 1241 va_start(ap, fmt); 1242 vfprintf(stderr, fmt, ap); 1243 va_end(ap); 1244 fprintf(stderr, "\n"); 1245 } 1246} 1247 1248void 1249verifydir(char *cp) 1250{ 1251 struct stat stb; 1252 1253 if (!stat(cp, &stb)) { 1254 if (S_ISDIR(stb.st_mode)) 1255 return; 1256 errno = ENOTDIR; 1257 } 1258 run_err("%s: %s", cp, strerror(errno)); 1259 killchild(0); 1260} 1261 1262int 1263okname(char *cp0) 1264{ 1265 int c; 1266 char *cp; 1267 1268 cp = cp0; 1269 do { 1270 c = (int)*cp; 1271 if (c & 0200) 1272 goto bad; 1273 if (!isalpha(c) && !isdigit(c)) { 1274 switch (c) { 1275 case '\'': 1276 case '"': 1277 case '`': 1278 case ' ': 1279 case '#': 1280 goto bad; 1281 default: 1282 break; 1283 } 1284 } 1285 } while (*++cp); 1286 return (1); 1287 1288bad: fprintf(stderr, "%s: invalid user name\n", cp0); 1289 return (0); 1290} 1291 1292BUF * 1293allocbuf(BUF *bp, int fd, int blksize) 1294{ 1295 size_t size; 1296#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE 1297 struct stat stb; 1298 1299 if (fstat(fd, &stb) < 0) { 1300 run_err("fstat: %s", strerror(errno)); 1301 return (0); 1302 } 1303 size = roundup(stb.st_blksize, blksize); 1304 if (size == 0) 1305 size = blksize; 1306#else /* HAVE_STRUCT_STAT_ST_BLKSIZE */ 1307 size = blksize; 1308#endif /* HAVE_STRUCT_STAT_ST_BLKSIZE */ 1309 if (bp->cnt >= size) 1310 return (bp); 1311 if (bp->buf == NULL) 1312 bp->buf = xmalloc(size); 1313 else 1314 bp->buf = xrealloc(bp->buf, 1, size); 1315 memset(bp->buf, 0, size); 1316 bp->cnt = size; 1317 return (bp); 1318} 1319 1320void 1321lostconn(int signo) 1322{ 1323 if (!iamremote) 1324 write(STDERR_FILENO, "lost connection\n", 16); 1325 if (signo) 1326 _exit(1); 1327 else 1328 exit(1); 1329} 1330