|
Lines 79-84
static int readonly;
Link Here
|
| 79 |
/* Requests that are allowed/denied */ |
79 |
/* Requests that are allowed/denied */ |
| 80 |
static char *request_whitelist, *request_blacklist; |
80 |
static char *request_whitelist, *request_blacklist; |
| 81 |
|
81 |
|
|
|
82 |
/* Force file permissions */ |
| 83 |
int permforce = 0; |
| 84 |
long permforcemode; |
| 85 |
|
| 82 |
/* portable attributes, etc. */ |
86 |
/* portable attributes, etc. */ |
| 83 |
typedef struct Stat Stat; |
87 |
typedef struct Stat Stat; |
| 84 |
|
88 |
|
|
Lines 693-698
process_open(u_int32_t id)
Link Here
|
| 693 |
debug3("request %u: open flags %d", id, pflags); |
697 |
debug3("request %u: open flags %d", id, pflags); |
| 694 |
flags = flags_from_portable(pflags); |
698 |
flags = flags_from_portable(pflags); |
| 695 |
mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; |
699 |
mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666; |
|
|
700 |
if (permforce == 1) { /* Force perm if -m is set */ |
| 701 |
mode = permforcemode; |
| 702 |
(void)umask(0); /* so umask does not interfere */ |
| 703 |
} |
| 696 |
logit("open \"%s\" flags %s mode 0%o", |
704 |
logit("open \"%s\" flags %s mode 0%o", |
| 697 |
name, string_from_portable(pflags), mode); |
705 |
name, string_from_portable(pflags), mode); |
| 698 |
if (readonly && |
706 |
if (readonly && |
|
Lines 1495-1501
sftp_server_usage(void)
Link Here
|
| 1495 |
fprintf(stderr, |
1503 |
fprintf(stderr, |
| 1496 |
"usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
1504 |
"usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
| 1497 |
"[-l log_level]\n\t[-P blacklisted_requests] " |
1505 |
"[-l log_level]\n\t[-P blacklisted_requests] " |
| 1498 |
"[-p whitelisted_requests] [-u umask]\n" |
1506 |
"[-p whitelisted_requests] [-u umask] [-m force_file_perms]\n" |
| 1499 |
" %s -Q protocol_feature\n", |
1507 |
" %s -Q protocol_feature\n", |
| 1500 |
__progname, __progname); |
1508 |
__progname, __progname); |
| 1501 |
exit(1); |
1509 |
exit(1); |
|
Lines 1520-1526
sftp_server_main(int argc, char **argv, struct passwd *user_pw)
Link Here
|
| 1520 |
pw = pwcopy(user_pw); |
1528 |
pw = pwcopy(user_pw); |
| 1521 |
|
1529 |
|
| 1522 |
while (!skipargs && (ch = getopt(argc, argv, |
1530 |
while (!skipargs && (ch = getopt(argc, argv, |
| 1523 |
"d:f:l:P:p:Q:u:cehR")) != -1) { |
1531 |
"d:f:l:P:p:Q:u:m:cehR")) != -1) { |
| 1524 |
switch (ch) { |
1532 |
switch (ch) { |
| 1525 |
case 'Q': |
1533 |
case 'Q': |
| 1526 |
if (strcasecmp(optarg, "requests") != 0) { |
1534 |
if (strcasecmp(optarg, "requests") != 0) { |
|
Lines 1580-1585
sftp_server_main(int argc, char **argv, struct passwd *user_pw)
Link Here
|
| 1580 |
fatal("Invalid umask \"%s\"", optarg); |
1588 |
fatal("Invalid umask \"%s\"", optarg); |
| 1581 |
(void)umask((mode_t)mask); |
1589 |
(void)umask((mode_t)mask); |
| 1582 |
break; |
1590 |
break; |
|
|
1591 |
case 'm': |
| 1592 |
/* Force permissions on file received via sftp */ |
| 1593 |
permforce = 1; |
| 1594 |
permforcemode = strtol(optarg, &cp, 8); |
| 1595 |
if (permforcemode < 0 || permforcemode > 0777 || |
| 1596 |
*cp != '\0' || (permforcemode == 0 && |
| 1597 |
errno != 0)) |
| 1598 |
fatal("Invalid file mode \"%s\"", optarg); |
| 1599 |
break; |
| 1583 |
case 'h': |
1600 |
case 'h': |
| 1584 |
default: |
1601 |
default: |
| 1585 |
sftp_server_usage(); |
1602 |
sftp_server_usage(); |
| 1586 |
- |
|
|