Attachment #3096 for bug #1844

Lines 38-43 Link Here

(-)original/sftp-server.8 (+5 lines)
38	.Op Fl P Ar blacklisted_requests	38	.Op Fl P Ar blacklisted_requests
39	.Op Fl p Ar whitelisted_requests	39	.Op Fl p Ar whitelisted_requests
40	.Op Fl u Ar umask	40	.Op Fl u Ar umask
		41	.Op Fl m Ar force_file_perms
41	.Ek	42	.Ek
42	.Nm	43	.Nm
43	.Fl Q Ar protocol_feature	44	.Fl Q Ar protocol_feature
Lines 138-143 Link Here
138	.Xr umask 2	139	.Xr umask 2
139	to be applied to newly-created files and directories, instead of the	140	to be applied to newly-created files and directories, instead of the
140	user's default mask.	141	user's default mask.
		142	.It Fl m Ar force_file_perms
		143	Sets explicit file permissions to be applied to newly-created files instead
		144	of the default or client requested mode. Numeric values include:
		145	777, 755, 750, 666, 644, 640, etc. Option -u is ineffective if -m is set.
141	.El	146	.El
142	.Pp	147	.Pp
143	On some systems,	148	On some systems,

Lines 65-70 Link Here

(-)original/sftp-server.c (-2 / +30 lines)
65	/* Version of client */	65	/* Version of client */
66	static u_int version;	66	static u_int version;
67		67
		68	/* Force file permissions */
		69	int permforce = 0;
		70	long permforcemode;
		71
68	/* SSH2_FXP_INIT received */	72	/* SSH2_FXP_INIT received */
69	static int init_done;	73	static int init_done;
70		74
Lines 679-684 Link Here
679	Attrib a;	683	Attrib a;
680	char *name;	684	char *name;
681	int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE;	685	int r, handle, fd, flags, mode, status = SSH2_FX_FAILURE;
		686	mode_t old_umask = 0;
682		687
683	if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 \|\|	688	if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 \|\|
684	(r = sshbuf_get_u32(iqueue, &pflags)) != 0 \|\| /* portable flags */	689	(r = sshbuf_get_u32(iqueue, &pflags)) != 0 \|\| /* portable flags */
Lines 688-693 Link Here
688	debug3("request %u: open flags %d", id, pflags);	693	debug3("request %u: open flags %d", id, pflags);
689	flags = flags_from_portable(pflags);	694	flags = flags_from_portable(pflags);
690	mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666;	695	mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a.perm : 0666;
		696	if (permforce == 1) { /* Force perm if -m is set */
		697	mode = permforcemode;
		698	old_umask = umask(0); /* so umask does not interfere */
		699	}
691	logit("open \"%s\" flags %s mode 0%o",	700	logit("open \"%s\" flags %s mode 0%o",
692	name, string_from_portable(pflags), mode);	701	name, string_from_portable(pflags), mode);
693	if (readonly &&	702	if (readonly &&
Lines 709-714 Link Here
709	}	718	}
710	}	719	}
711	}	720	}
		721	if (permforce == 1)
		722	(void) umask(old_umask); /* restore umask to something sane */
712	if (status != SSH2_FX_OK)	723	if (status != SSH2_FX_OK)
713	send_status(id, status);	724	send_status(id, status);
714	free(name);	725	free(name);
Lines 1110-1115 Link Here
1110	Attrib a;	1121	Attrib a;
1111	char *name;	1122	char *name;
1112	int r, mode, status = SSH2_FX_FAILURE;	1123	int r, mode, status = SSH2_FX_FAILURE;
		1124	mode_t old_umask = 0;
1113		1125
1114	if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 \|\|	1126	if ((r = sshbuf_get_cstring(iqueue, &name, NULL)) != 0 \|\|
1115	(r = decode_attrib(iqueue, &a)) != 0)	1127	(r = decode_attrib(iqueue, &a)) != 0)
Lines 1117-1125 Link Here
1117		1129
1118	mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?	1130	mode = (a.flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
1119	a.perm & 07777 : 0777;	1131	a.perm & 07777 : 0777;
		1132	if (permforce == 1) { /* Force perm if -m is set */
		1133	mode = permforcemode;
		1134	old_umask = umask(0); /* so umask does not interfere */
		1135	}
		1136
1120	debug3("request %u: mkdir", id);	1137	debug3("request %u: mkdir", id);
1121	logit("mkdir name \"%s\" mode 0%o", name, mode);	1138	logit("mkdir name \"%s\" mode 0%o", name, mode);
1122	r = mkdir(name, mode);	1139	r = mkdir(name, mode);
		1140	if (permforce == 1)
		1141	(void) umask(old_umask); /* restore umask to something sane */
1123	status = (r == -1) ? errno_to_portable(errno) : SSH2_FX_OK;	1142	status = (r == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
1124	send_status(id, status);	1143	send_status(id, status);
1125	free(name);	1144	free(name);
Lines 1490-1496 Link Here
1490	fprintf(stderr,	1509	fprintf(stderr,
1491	"usage: %s [-ehR] [-d start_directory] [-f log_facility] "	1510	"usage: %s [-ehR] [-d start_directory] [-f log_facility] "
1492	"[-l log_level]\n\t[-P blacklisted_requests] "	1511	"[-l log_level]\n\t[-P blacklisted_requests] "
1493	"[-p whitelisted_requests] [-u umask]\n"	1512	"[-p whitelisted_requests] [-u umask] [-m force_file_perms]\n"
1494	" %s -Q protocol_feature\n",	1513	" %s -Q protocol_feature\n",
1495	__progname, __progname);	1514	__progname, __progname);
1496	exit(1);	1515	exit(1);
Lines 1516-1522 Link Here
1516	pw = pwcopy(user_pw);	1535	pw = pwcopy(user_pw);
1517		1536
1518	while (!skipargs && (ch = getopt(argc, argv,	1537	while (!skipargs && (ch = getopt(argc, argv,
1519	"d:f:l:P:p:Q:u:cehR")) != -1) {	1538	"d:f:l:P:p:Q:u:m:cehR")) != -1) {
1520	switch (ch) {	1539	switch (ch) {
1521	case 'Q':	1540	case 'Q':
1522	if (strcasecmp(optarg, "requests") != 0) {	1541	if (strcasecmp(optarg, "requests") != 0) {
Lines 1576-1581 Link Here
1576	fatal("Invalid umask \"%s\"", optarg);	1595	fatal("Invalid umask \"%s\"", optarg);
1577	(void)umask((mode_t)mask);	1596	(void)umask((mode_t)mask);
1578	break;	1597	break;
		1598	case 'm':
		1599	/* Force permissions on file received via sftp */
		1600	permforce = 1;
		1601	permforcemode = strtol(optarg, &cp, 8);
		1602	if (permforcemode < 0 \|\| permforcemode > 0777 \|\|
		1603	*cp != '\0' \|\| (permforcemode == 0 &&
		1604	errno != 0))
		1605	fatal("Invalid file mode \"%s\"", optarg);
		1606	break;
1579	case 'h':	1607	case 'h':
1580	default:	1608	default:
1581	sftp_server_usage();	1609	sftp_server_usage();

Return to bug 1844