Age | Commit message (Collapse) | Author |
|
|
|
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
|
client requested, be prepared to handle shell-style brace alternations,
e.g. "{foo,bar}".
"looks good to me" millert@ + in snaps for the last week courtesy
deraadt@
|
|
|
|
copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
|
|
transfer. Fixes the problem recently introduces where very quick
transfers do not display the progressmeter at all. Spotted by naddy@
|
|
progressmeter formatting outside of signal handler context and have
the atomicio callback called for EINTR too. bz#2434 with contributions
from djm and jjelen at redhat.com, ok djm@
|
|
to match ssh(1)'s interface.
ok djm
|
|
directory; based on report/patch from Harry Sintonen
|
|
This makes sure it gets applied to directories too, and prevents
a race where files get chmodded after creation. bz#2839, ok djm@
|
|
with codespell tool (https://github.com/lucasdemarchi/codespell)
|
|
scp. sftp is already doing this. From Camden Narzt via github;
ok dtucker
|
|
simply means ".". Also fix exit code and add warnings when an
invalid uri is encountered. OK otto@
|
|
or sftp://user@host/path. The connection parameters described in
draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the
ssh fingerprint format in the draft uses md5 with no way to specify
the hash function type. OK djm@
|
|
are handled safely, and there also is no need for preallocation dances.
Future changes in this area will be less error prone.
Review and one bug found by markus
|
|
|
|
ok markus@
|
|
whether the timestamp or file size overflowed. If time_t and
off_t are not either 32-bit or 64-bit scp will exit with an error.
OK djm@
|
|
Use strtoul() instead of parsing manually. OK djm@
|
|
rather than pulling <sys/param.h> and unknown namespace pollution.
ok djm markus dtucker
|
|
terminal, for ASCII and UTF-8, escape bytes not forming characters
and bytes forming non-printable characters with vis(3) VIS_OCTAL.
For other character sets, abort printing of the current string in
these cases. In particular,
* let scp(1) respect the local user's LC_CTYPE locale(1);
* sanitize data received from the remote host;
* sanitize filenames, usernames, and similar data even locally;
* take character display widths into account for the progressmeter.
This is believed to be sufficient to keep the local terminal safe
on OpenBSD, but bad things can still happen on other systems with
state-dependent locales because many places in the code print
unencoded ASCII characters into the output stream.
Using feedback from djm@ and martijn@,
various aspects discussed with many others.
deraadt@ says it should go in now, i probably already hesitated too long
|
|
the other end. Pointed out by mmcc@, ok deraadt@ markus@
|
|
-p option (which sadly has insane semantics...)
ok semarie dtucker
|
|
ok dtucker@, djm@.
|
|
ok djm
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
heap to the remote end. Reported by Jann Horn
|
|
ok guenther millert markus
|
|
|
|
|
|
parsing them from remote servers.
Improve error checking in parsing of 'T' lines.
ok dtucker@ deraadt@
|
|
|
|
from Nathan Osman via bz#2085. ok deraadt.
|
|
|
|
|
|
does not start with '-'. saves breakage on some difficult-to-upgrade
embedded/router platforms; feedback & ok dtucker ok markus
|
|
scp.c: add -3 to usage()
|
|
transferred through the local host. Without this option the data
is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
|
|
transfers, e.g. to enable agent forwarding which is particularly useful
in this case; bz#1837 ok dtucker@
|
|
factor out bandwidth limiting code from scp(1) into a generic bandwidth
limiter that can be attached using the atomicio callback mechanism
add a bandwidth limit option to sftp(1) using the above
"very nice" markus@
|
|
password/passphrase prompt the terminal mode is not restored.
OK djm@
|
|
pass the option and option argument as separate argv entries and
not smashed into one (e.g., as -l foo and not -lfoo). Also, always
pass a "--" argument to stop option parsing, so that a positional
argument that starts with a '-' isn't treated as an option. This
fixes some error cases as well as the handling of hostnames and
filenames that start with a '-'.
Based on a diff by halex@
ok halex@ djm@ deraadt@
|
|
|
|
|
|
as close as we can get given that it's used unsigned. Add a little
debugging while there. bz #828, ok djm@
|
|
to handle short reads, apply bandwidth limits and update counters.
make network IO non-blocking, so a small trickle of reads/writes has a
chance of updating the progress meter; bz #799
ok dtucker@
|
|
and synopsis of commands
lots of good ideas by jmc@
ok jmc@
|
|
ok dtucker@
|
|
be represented in the scp protocol), from bz #891. ok markus@
|
|
depends on the platform supporting sane O_NONBLOCK semantics for open
on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
bz #856; report by cjwatson AT debian.org; ok markus@
|