#include <stdio.h>
#include <string.h>
#include <time.h>
+#include <assert.h>
/* GUI Adaptation - Sept 2000 */
#include <winuser.h>
#include <winbase.h>
#define PUTTY_DO_GLOBALS
#include "putty.h"
-#include "scp.h"
+#include "winstuff.h"
+#include "storage.h"
#define TIME_POSIX_TO_WIN(t, ft) (*(LONGLONG*)&(ft) = \
((LONGLONG) (t) + (LONGLONG) 11644473600) * (LONGLONG) 10000000)
static int portnumber = 0;
static char *password = NULL;
static int errs = 0;
-static int connection_open = 0;
/* GUI Adaptation - Sept 2000 */
#define NAME_STR_MAX 2048
static char statname[NAME_STR_MAX+1];
static unsigned long statsize = 0;
static int statperct = 0;
-static time_t statelapsed = 0;
+static unsigned long statelapsed = 0;
static int gui_mode = 0;
static char *gui_hwnd = NULL;
static void source(char *src);
static void rsource(char *src);
-static void sink(char *targ);
+static void sink(char *targ, char *src);
/* GUI Adaptation - Sept 2000 */
static void tell_char(FILE *stream, char c);
static void tell_str(FILE *stream, char *str);
static void tell_user(FILE *stream, char *fmt, ...);
static void send_char_msg(unsigned int msg_id, char c);
static void send_str_msg(unsigned int msg_id, char *str);
-static void gui_update_stats(char *name, unsigned long size, int percentage, time_t elapsed);
+static void gui_update_stats(char *name, unsigned long size,
+ int percentage, unsigned long elapsed);
+
+void logevent(char *string) { }
+
+void ldisc_send(char *buf, int len) {
+ /*
+ * This is only here because of the calls to ldisc_send(NULL,
+ * 0) in ssh.c. Nothing in PSCP actually needs to use the ldisc
+ * as an ldisc. So if we get called with any real data, I want
+ * to know about it.
+ */
+ assert(len == 0);
+}
-/*
- * These functions are needed to link with other modules, but
- * (should) never get called.
- */
-void term_out(void) { abort(); }
-void begin_session(void) { }
-void write_clip (void *data, int len) { }
-void term_deselect(void) { }
+void verify_ssh_host_key(char *host, int port, char *keytype,
+ char *keystr, char *fingerprint) {
+ int ret;
+
+ static const char absentmsg[] =
+ "The server's host key is not cached in the registry. You\n"
+ "have no guarantee that the server is the computer you\n"
+ "think it is.\n"
+ "The server's key fingerprint is:\n"
+ "%s\n"
+ "If you trust this host, enter \"y\" to add the key to\n"
+ "PuTTY's cache and carry on connecting.\n"
+ "If you do not trust this host, enter \"n\" to abandon the\n"
+ "connection.\n"
+ "Continue connecting? (y/n) ";
+
+ static const char wrongmsg[] =
+ "WARNING - POTENTIAL SECURITY BREACH!\n"
+ "The server's host key does not match the one PuTTY has\n"
+ "cached in the registry. This means that either the\n"
+ "server administrator has changed the host key, or you\n"
+ "have actually connected to another computer pretending\n"
+ "to be the server.\n"
+ "The new key fingerprint is:\n"
+ "%s\n"
+ "If you were expecting this change and trust the new key,\n"
+ "enter Yes to update PuTTY's cache and continue connecting.\n"
+ "If you want to carry on connecting but without updating\n"
+ "the cache, enter No.\n"
+ "If you want to abandon the connection completely, press\n"
+ "Return to cancel. Pressing Return is the ONLY guaranteed\n"
+ "safe choice.\n"
+ "Update cached key? (y/n, Return cancels connection) ";
+
+ static const char abandoned[] = "Connection abandoned.\n";
+
+ char line[32];
+
+ /*
+ * Verify the key against the registry.
+ */
+ ret = verify_host_key(host, port, keytype, keystr);
+
+ if (ret == 0) /* success - key matched OK */
+ return;
+ if (ret == 2) { /* key was different */
+ fprintf(stderr, wrongmsg, fingerprint);
+ if (fgets(line, sizeof(line), stdin) &&
+ line[0] != '\0' && line[0] != '\n') {
+ if (line[0] == 'y' || line[0] == 'Y')
+ store_host_key(host, port, keytype, keystr);
+ } else {
+ fprintf(stderr, abandoned);
+ exit(0);
+ }
+ }
+ if (ret == 1) { /* key was absent */
+ fprintf(stderr, absentmsg, fingerprint);
+ if (fgets(line, sizeof(line), stdin) &&
+ (line[0] == 'y' || line[0] == 'Y'))
+ store_host_key(host, port, keytype, keystr);
+ else {
+ fprintf(stderr, abandoned);
+ exit(0);
+ }
+ }
+}
/* GUI Adaptation - Sept 2000 */
-void send_msg(HWND h, UINT message, WPARAM wParam)
+static void send_msg(HWND h, UINT message, WPARAM wParam)
{
while (!PostMessage( h, message, wParam, 0))
SleepEx(1000,TRUE);
}
-void tell_char(FILE *stream, char c)
+static void tell_char(FILE *stream, char c)
{
if (!gui_mode)
fputc(c, stream);
else
{
unsigned int msg_id = WM_STD_OUT_CHAR;
- if (stream = stderr) msg_id = WM_STD_ERR_CHAR;
+ if (stream == stderr) msg_id = WM_STD_ERR_CHAR;
send_msg( (HWND)atoi(gui_hwnd), msg_id, (WPARAM)c );
}
}
-void tell_str(FILE *stream, char *str)
+static void tell_str(FILE *stream, char *str)
{
unsigned int i;
tell_char(stream, str[i]);
}
-void tell_user(FILE *stream, char *fmt, ...)
+static void tell_user(FILE *stream, char *fmt, ...)
{
char str[0x100]; /* Make the size big enough */
va_list ap;
tell_str(stream, str);
}
-void gui_update_stats(char *name, unsigned long size, int percentage, time_t elapsed)
+static void gui_update_stats(char *name, unsigned long size, int percentage, unsigned long elapsed)
{
unsigned int i;
exit(1);
}
+/*
+ * Be told what socket we're supposed to be using.
+ */
+static SOCKET scp_ssh_socket;
+char *do_select(SOCKET skt, int startup) {
+ if (startup)
+ scp_ssh_socket = skt;
+ else
+ scp_ssh_socket = INVALID_SOCKET;
+ return NULL;
+}
+extern int select_result(WPARAM, LPARAM);
+
+/*
+ * Receive a block of data from the SSH link. Block until all data
+ * is available.
+ *
+ * To do this, we repeatedly call the SSH protocol module, with our
+ * own trap in from_backend() to catch the data that comes back. We
+ * do this until we have enough data.
+ */
+
+static unsigned char *outptr; /* where to put the data */
+static unsigned outlen; /* how much data required */
+static unsigned char *pending = NULL; /* any spare data */
+static unsigned pendlen=0, pendsize=0; /* length and phys. size of buffer */
+void from_backend(int is_stderr, char *data, int datalen) {
+ unsigned char *p = (unsigned char *)data;
+ unsigned len = (unsigned)datalen;
+
+ /*
+ * stderr data is just spouted to local stderr and otherwise
+ * ignored.
+ */
+ if (is_stderr) {
+ fwrite(data, 1, len, stderr);
+ return;
+ }
+
+ inbuf_head = 0;
+
+ /*
+ * If this is before the real session begins, just return.
+ */
+ if (!outptr)
+ return;
+
+ if (outlen > 0) {
+ unsigned used = outlen;
+ if (used > len) used = len;
+ memcpy(outptr, p, used);
+ outptr += used; outlen -= used;
+ p += used; len -= used;
+ }
+
+ if (len > 0) {
+ if (pendsize < pendlen + len) {
+ pendsize = pendlen + len + 4096;
+ pending = (pending ? srealloc(pending, pendsize) :
+ smalloc(pendsize));
+ if (!pending)
+ fatalbox("Out of memory");
+ }
+ memcpy(pending+pendlen, p, len);
+ pendlen += len;
+ }
+}
+static int ssh_scp_recv(unsigned char *buf, int len) {
+ outptr = buf;
+ outlen = len;
+
+ /*
+ * See if the pending-input block contains some of what we
+ * need.
+ */
+ if (pendlen > 0) {
+ unsigned pendused = pendlen;
+ if (pendused > outlen)
+ pendused = outlen;
+ memcpy(outptr, pending, pendused);
+ memmove(pending, pending+pendused, pendlen-pendused);
+ outptr += pendused;
+ outlen -= pendused;
+ pendlen -= pendused;
+ if (pendlen == 0) {
+ pendsize = 0;
+ sfree(pending);
+ pending = NULL;
+ }
+ if (outlen == 0)
+ return len;
+ }
+
+ while (outlen > 0) {
+ fd_set readfds;
+
+ FD_ZERO(&readfds);
+ FD_SET(scp_ssh_socket, &readfds);
+ if (select(1, &readfds, NULL, NULL, NULL) < 0)
+ return 0; /* doom */
+ select_result((WPARAM)scp_ssh_socket, (LPARAM)FD_READ);
+ }
+
+ return len;
+}
+
+/*
+ * Loop through the ssh connection and authentication process.
+ */
+static void ssh_scp_init(void) {
+ if (scp_ssh_socket == INVALID_SOCKET)
+ return;
+ while (!back->sendok()) {
+ fd_set readfds;
+ FD_ZERO(&readfds);
+ FD_SET(scp_ssh_socket, &readfds);
+ if (select(1, &readfds, NULL, NULL, NULL) < 0)
+ return; /* doom */
+ select_result((WPARAM)scp_ssh_socket, (LPARAM)FD_READ);
+ }
+}
+
/*
* Print an error message and exit after closing the SSH link.
*/
strcat(str, "\n");
tell_str(stderr, str);
- if (connection_open) {
+ if (back != NULL && back->socket() != NULL) {
char ch;
- ssh_scp_send_eof();
+ back->special(TS_EOF);
ssh_scp_recv(&ch, 1);
}
exit(1);
static void do_cmd(char *host, char *user, char *cmd)
{
char *err, *realhost;
+ DWORD namelen;
if (host == NULL || host[0] == '\0')
bump("Empty host name");
/* Try to load settings for this host */
- do_defaults(host);
+ do_defaults(host, &cfg);
if (cfg.host[0] == '\0') {
/* No settings for this host; use defaults */
+ do_defaults(NULL, &cfg);
strncpy(cfg.host, host, sizeof(cfg.host)-1);
cfg.host[sizeof(cfg.host)-1] = '\0';
cfg.port = 22;
strncpy(cfg.username, user, sizeof(cfg.username)-1);
cfg.username[sizeof(cfg.username)-1] = '\0';
} else if (cfg.username[0] == '\0') {
- bump("Empty user name");
+ namelen = 0;
+ if (GetUserName(user, &namelen) == FALSE)
+ bump("Empty user name");
+ user = smalloc(namelen * sizeof(char));
+ GetUserName(user, &namelen);
+ if (verbose) tell_user(stderr, "Guessing user name: %s", user);
+ strncpy(cfg.username, user, sizeof(cfg.username)-1);
+ cfg.username[sizeof(cfg.username)-1] = '\0';
+ free(user);
}
if (cfg.protocol != PROT_SSH)
if (portnumber)
cfg.port = portnumber;
- err = ssh_scp_init(cfg.host, cfg.port, cmd, &realhost);
+ strncpy(cfg.remote_cmd, cmd, sizeof(cfg.remote_cmd));
+ cfg.remote_cmd[sizeof(cfg.remote_cmd)-1] = '\0';
+ cfg.nopty = TRUE;
+
+ back = &ssh_backend;
+
+ err = back->init(cfg.host, cfg.port, &realhost);
if (err != NULL)
bump("ssh_init: %s", err);
+ ssh_scp_init();
if (verbose && realhost != NULL)
tell_user(stderr, "Connected to %s\n", realhost);
-
- connection_open = 1;
}
/*
/* GUI Adaptation - Sept 2000 */
if (gui_mode)
- gui_update_stats(name, size, ((done *100) / size), now-start);
+ gui_update_stats(name, size, (int)(100 * (done*1.0/size)),
+ (unsigned long)difftime(now, start));
else {
if (now > start)
ratebs = (float) done / (now - start);
va_list ap;
va_start(ap, fmt);
errs++;
- strcpy(str, "\01scp: ");
+ strcpy(str, "scp: ");
vsprintf(str+strlen(str), fmt, ap);
strcat(str, "\n");
- ssh_scp_send(str, strlen(str));
+ back->send(str, strlen(str));
tell_user(stderr, "%s",str);
va_end(ap);
}
TIME_WIN_TO_POSIX(actime, atime);
TIME_WIN_TO_POSIX(wrtime, mtime);
sprintf(buf, "T%lu 0 %lu 0\n", mtime, atime);
- ssh_scp_send(buf, strlen(buf));
+ back->send(buf, strlen(buf));
if (response())
return;
}
sprintf(buf, "C0644 %lu %s\n", size, last);
if (verbose)
tell_user(stderr, "Sending file modes: %s", buf);
- ssh_scp_send(buf, strlen(buf));
+ back->send(buf, strlen(buf));
if (response())
return;
if (statistics) printf("\n");
bump("%s: Read error", src);
}
- ssh_scp_send(transbuf, k);
+ back->send(transbuf, k);
if (statistics) {
stat_bytes += k;
if (time(NULL) != stat_lasttime ||
}
CloseHandle(f);
- ssh_scp_send("", 1);
+ back->send("", 1);
(void) response();
}
sprintf(buf, "D0755 0 %s\n", last);
if (verbose)
tell_user(stderr, "Entering directory: %s", buf);
- ssh_scp_send(buf, strlen(buf));
+ back->send(buf, strlen(buf));
if (response())
return;
FindClose(dir);
sprintf(buf, "E\n");
- ssh_scp_send(buf, strlen(buf));
+ back->send(buf, strlen(buf));
(void) response();
}
/*
* Execute the sink part of the SCP protocol.
*/
-static void sink(char *targ)
+static void sink(char *targ, char *src)
{
char buf[2048];
char namebuf[2048];
if (targetshouldbedirectory && !targisdir)
bump("%s: Not a directory", targ);
- ssh_scp_send("", 1);
+ back->send("", 1);
while (1) {
settime = 0;
gottime:
case '\02': /* fatal error */
bump("%s", buf+1);
case 'E':
- ssh_scp_send("", 1);
+ back->send("", 1);
return;
case 'T':
if (sscanf(buf, "T%ld %*d %ld %*d",
&mtime, &atime) == 2) {
settime = 1;
- ssh_scp_send("", 1);
+ back->send("", 1);
goto gottime;
}
bump("Protocol error: Illegal time format");
if (sscanf(buf+1, "%u %lu %[^\n]", &mode, &size, namebuf) != 3)
bump("Protocol error: Illegal file descriptor format");
+ /* Security fix: ensure the file ends up where we asked for it. */
if (targisdir) {
char t[2048];
+ char *p;
strcpy(t, targ);
if (targ[0] != '\0')
strcat(t, "/");
- strcat(t, namebuf);
+ p = namebuf + strlen(namebuf);
+ while (p > namebuf && p[-1] != '/' && p[-1] != '\\')
+ p--;
+ strcat(t, p);
strcpy(namebuf, t);
} else {
strcpy(namebuf, targ);
continue;
}
}
- sink(namebuf);
+ sink(namebuf, NULL);
/* can we set the timestamp for directories ? */
continue;
}
continue;
}
- ssh_scp_send("", 1);
+ back->send("", 1);
if (statistics) {
stat_bytes = 0;
run_err("%s: Write error", namebuf);
continue;
}
- ssh_scp_send("", 1);
+ back->send("", 1);
}
}
do {
char *last;
char namebuf[2048];
+ /*
+ * Ensure that . and .. are never matched by wildcards,
+ * but only by deliberate action.
+ */
+ if (!strcmp(fdat.cFileName, ".") ||
+ !strcmp(fdat.cFileName, "..")) {
+ /*
+ * Find*File has returned a special dir. We require
+ * that _either_ `src' ends in a backslash followed
+ * by that string, _or_ `src' is precisely that
+ * string.
+ */
+ int len = strlen(src), dlen = strlen(fdat.cFileName);
+ if (len == dlen && !strcmp(src, fdat.cFileName)) {
+ /* ok */;
+ } else if (len > dlen+1 && src[len-dlen-1] == '\\' &&
+ !strcmp(src+len-dlen, fdat.cFileName)) {
+ /* ok */;
+ } else
+ continue; /* ignore this one */
+ }
if (strlen(src) + strlen(fdat.cFileName) >=
sizeof(namebuf)) {
tell_user(stderr, "%s: Name too long", src);
do_cmd(host, user, cmd);
sfree(cmd);
- sink(targ);
+ sink(targ, src);
}
/*
printf(" -v show verbose messages\n");
printf(" -P port connect to specified port\n");
printf(" -pw passw login with specified password\n");
- /* GUI Adaptation - Sept 2000 */
+#if 0
+ /*
+ * -gui is an internal option, used by GUI front ends to get
+ * pscp to pass progress reports back to them. It's not an
+ * ordinary user-accessible option, so it shouldn't be part of
+ * the command-line help. The only people who need to know
+ * about it are programmers, and they can read the source.
+ */
printf(" -gui hWnd GUI mode with the windows handle for receiving messages\n");
+#endif
exit(1);
}
flags = FLAG_STDERR;
ssh_get_password = &get_password;
init_winsock();
+ sk_init();
for (i = 1; i < argc; i++) {
if (argv[i][0] != '-')
}
argc -= i;
argv += i;
+ back = NULL;
if (list) {
if (argc != 1)
tolocal(argc, argv);
}
- if (connection_open) {
+ if (back != NULL && back->socket() != NULL) {
char ch;
- ssh_scp_send_eof();
+ back->special(TS_EOF);
ssh_scp_recv(&ch, 1);
}
WSACleanup();