mirror of
https://abf.rosa.ru/djam/openssh.git
synced 2025-02-24 10:13:00 +00:00
711 lines
23 KiB
Diff
711 lines
23 KiB
Diff
diff -Naurp openssh-4.9p1/servconf.c openssh-4.9p1.oden/servconf.c
|
|
--- openssh-4.9p1/servconf.c 2008-02-10 12:48:55.000000000 +0100
|
|
+++ openssh-4.9p1.oden/servconf.c 2008-04-01 13:21:17.000000000 +0200
|
|
@@ -118,6 +118,15 @@ initialize_server_options(ServerOptions
|
|
options->client_alive_count_max = -1;
|
|
options->authorized_keys_file = NULL;
|
|
options->authorized_keys_file2 = NULL;
|
|
+ options->log_sftp = LOG_SFTP_NOT_SET;
|
|
+ options->sftp_log_facility = SYSLOG_FACILITY_NOT_SET;
|
|
+ options->sftp_log_level = SYSLOG_LEVEL_NOT_SET;
|
|
+
|
|
+ memset(options->sftp_umask, 0, SFTP_UMASK_LENGTH);
|
|
+
|
|
+ options->sftp_permit_chmod = SFTP_PERMIT_NOT_SET;
|
|
+ options->sftp_permit_chown = SFTP_PERMIT_NOT_SET;
|
|
+
|
|
options->num_accept_env = 0;
|
|
options->permit_tun = -1;
|
|
options->num_permitted_opens = -1;
|
|
@@ -251,6 +260,24 @@ fill_default_server_options(ServerOption
|
|
if (options->permit_tun == -1)
|
|
options->permit_tun = SSH_TUNMODE_NO;
|
|
|
|
+ /* Turn sftp-server logging off by default */
|
|
+ if (options->log_sftp == LOG_SFTP_NOT_SET)
|
|
+ options->log_sftp = LOG_SFTP_NO;
|
|
+ if (options->sftp_log_facility == SYSLOG_FACILITY_NOT_SET)
|
|
+ options->sftp_log_facility = SYSLOG_FACILITY_AUTH;
|
|
+ if (options->sftp_log_level == SYSLOG_LEVEL_NOT_SET)
|
|
+ options->sftp_log_level = SYSLOG_LEVEL_INFO;
|
|
+
|
|
+ /* Don't set sftp-server umask */
|
|
+ if (!options->sftp_umask)
|
|
+ memset(options->sftp_umask, 0, SFTP_UMASK_LENGTH);
|
|
+
|
|
+ /* allow sftp client to issue chmod, chown / chgrp commands */
|
|
+ if (options->sftp_permit_chmod == SFTP_PERMIT_NOT_SET)
|
|
+ options->sftp_permit_chmod = SFTP_PERMIT_YES;
|
|
+ if (options->sftp_permit_chown == SFTP_PERMIT_NOT_SET)
|
|
+ options->sftp_permit_chown = SFTP_PERMIT_YES;
|
|
+
|
|
/* Turn privilege separation on by default */
|
|
if (use_privsep == -1)
|
|
use_privsep = 1;
|
|
@@ -294,6 +321,9 @@ typedef enum {
|
|
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
|
|
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
|
|
sUsePrivilegeSeparation,
|
|
+ sLogSftp, sSftpLogFacility, sSftpLogLevel,
|
|
+ sSftpUmask,
|
|
+ sSftpPermitChown, sSftpPermitChmod,
|
|
sDeprecated, sUnsupported
|
|
} ServerOpCodes;
|
|
|
|
@@ -400,6 +430,12 @@ static struct {
|
|
{ "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL },
|
|
{ "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL },
|
|
{ "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
|
|
+ { "logsftp", sLogSftp},
|
|
+ { "sftplogfacility", sSftpLogFacility},
|
|
+ { "sftploglevel", sSftpLogLevel},
|
|
+ { "sftpumask", sSftpUmask},
|
|
+ { "sftppermitchmod", sSftpPermitChmod},
|
|
+ { "sftppermitchown", sSftpPermitChown},
|
|
{ "permittunnel", sPermitTunnel, SSHCFG_GLOBAL },
|
|
{ "match", sMatch, SSHCFG_ALL },
|
|
{ "permitopen", sPermitOpen, SSHCFG_ALL },
|
|
@@ -626,6 +662,8 @@ process_server_config_line(ServerOptions
|
|
SyslogFacility *log_facility_ptr;
|
|
LogLevel *log_level_ptr;
|
|
ServerOpCodes opcode;
|
|
+ unsigned int umaskvalue = 0;
|
|
+ char *umaskptr;
|
|
u_short port;
|
|
u_int i, flags = 0;
|
|
size_t len;
|
|
@@ -1150,6 +1188,57 @@ parse_flag:
|
|
charptr = &options->banner;
|
|
goto parse_filename;
|
|
|
|
+ case sLogSftp:
|
|
+ intptr = &options->log_sftp;
|
|
+ goto parse_flag;
|
|
+
|
|
+ case sSftpLogFacility:
|
|
+ intptr = (int *) &options->sftp_log_facility;
|
|
+ arg = strdelim(&cp);
|
|
+ value = log_facility_number(arg);
|
|
+ if (value == SYSLOG_FACILITY_NOT_SET)
|
|
+ fatal("%.200s line %d: unsupported log facility '%s'",
|
|
+ filename, linenum, arg ? arg : "<NONE>");
|
|
+ if (*intptr == -1)
|
|
+ *intptr = (SyslogFacility) value;
|
|
+ break;
|
|
+
|
|
+ case sSftpLogLevel:
|
|
+ intptr = (int *) &options->sftp_log_level;
|
|
+ arg = strdelim(&cp);
|
|
+ value = log_level_number(arg);
|
|
+ if (value == SYSLOG_LEVEL_NOT_SET)
|
|
+ fatal("%.200s line %d: unsupported log level '%s'",
|
|
+ filename, linenum, arg ? arg : "<NONE>");
|
|
+ if (*intptr == -1)
|
|
+ *intptr = (LogLevel) value;
|
|
+ break;
|
|
+
|
|
+ case sSftpUmask:
|
|
+ arg = strdelim(&cp);
|
|
+ umaskptr = arg;
|
|
+ while (*arg && *arg >= '0' && *arg <= '9')
|
|
+ umaskvalue = umaskvalue * 8 + *arg++ - '0';
|
|
+ if (*arg || umaskvalue > 0777)
|
|
+ fatal("%s line %d: bad value for umask",
|
|
+ filename, linenum);
|
|
+ else {
|
|
+ while (*umaskptr && *umaskptr == '0')
|
|
+ *umaskptr++;
|
|
+ strncpy(options->sftp_umask, umaskptr,
|
|
+ SFTP_UMASK_LENGTH);
|
|
+ }
|
|
+
|
|
+ break;
|
|
+
|
|
+ case sSftpPermitChmod:
|
|
+ intptr = &options->sftp_permit_chmod;
|
|
+ goto parse_flag;
|
|
+
|
|
+ case sSftpPermitChown:
|
|
+ intptr = &options->sftp_permit_chown;
|
|
+ goto parse_flag;
|
|
+
|
|
/*
|
|
* These options can contain %X options expanded at
|
|
* connect time, so that you can specify paths like:
|
|
diff -Naurp openssh-4.9p1/servconf.h openssh-4.9p1.oden/servconf.h
|
|
--- openssh-4.9p1/servconf.h 2008-03-07 08:31:24.000000000 +0100
|
|
+++ openssh-4.9p1.oden/servconf.h 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -34,6 +34,18 @@
|
|
#define PERMIT_NO_PASSWD 2
|
|
#define PERMIT_YES 3
|
|
|
|
+/* sftp-server logging */
|
|
+#define LOG_SFTP_NOT_SET -1
|
|
+#define LOG_SFTP_NO 0
|
|
+#define LOG_SFTP_YES 1
|
|
+
|
|
+/* sftp-server umask control */
|
|
+#define SFTP_UMASK_LENGTH 5
|
|
+
|
|
+/* sftp-server client priviledge */
|
|
+#define SFTP_PERMIT_NOT_SET -1
|
|
+#define SFTP_PERMIT_NO 0
|
|
+#define SFTP_PERMIT_YES 1
|
|
#define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */
|
|
|
|
/* Magic name for internal sftp-server */
|
|
@@ -137,6 +149,12 @@ typedef struct {
|
|
char *authorized_keys_file; /* File containing public keys */
|
|
char *authorized_keys_file2;
|
|
|
|
+ int log_sftp; /* perform sftp-server logging */
|
|
+ SyslogFacility sftp_log_facility; /* Facility for sftp subsystem logging. */
|
|
+ LogLevel sftp_log_level; /* Level for sftp subsystem logging. */
|
|
+ char sftp_umask[SFTP_UMASK_LENGTH]; /* Sftp Umask */
|
|
+ int sftp_permit_chmod;
|
|
+ int sftp_permit_chown;
|
|
char *adm_forced_command;
|
|
|
|
int use_pam; /* Enable auth via PAM */
|
|
diff -Naurp openssh-4.9p1/session.c openssh-4.9p1.oden/session.c
|
|
--- openssh-4.9p1/session.c 2008-03-27 01:03:05.000000000 +0100
|
|
+++ openssh-4.9p1.oden/session.c 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -144,6 +144,15 @@ login_cap_t *lc;
|
|
|
|
static int is_child = 0;
|
|
|
|
+/* so SFTP_LOG_FACILITY and SFTP_LOG_LEVEL can be passed through the
|
|
+ environment to the sftp-server subsystem. */
|
|
+static const char *sysfac_to_int[] = { "0", "1", "2", "3", "4", "5", "6",
|
|
+ "7", "8", "9", "10", "11", "-1" };
|
|
+static const char *syslevel_to_int[] = { "0", "1", "2", "3", "4", "5", "6",
|
|
+ "7", "-1" };
|
|
+
|
|
+static char *sftpumask;
|
|
+
|
|
/* Name and directory of socket for authentication agent forwarding. */
|
|
static char *auth_sock_name = NULL;
|
|
static char *auth_sock_dir = NULL;
|
|
@@ -1172,6 +1181,67 @@ do_setup_env(Session *s, const char *she
|
|
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
|
|
auth_sock_name);
|
|
|
|
+ /* LOG_SFTP */
|
|
+ if (options.log_sftp == -1 )
|
|
+ child_set_env(&env, &envsize, "LOG_SFTP", "-1");
|
|
+ else if (options.log_sftp == 0)
|
|
+ child_set_env(&env, &envsize, "LOG_SFTP", "0");
|
|
+ else
|
|
+ child_set_env(&env, &envsize, "LOG_SFTP", "1");
|
|
+
|
|
+ /* SFTP_LOG_FACILITY */
|
|
+ if (options.sftp_log_facility < 0)
|
|
+ child_set_env(&env, &envsize, "SFTP_LOG_FACILITY",
|
|
+ "-1");
|
|
+ else
|
|
+ child_set_env(&env, &envsize, "SFTP_LOG_FACILITY",
|
|
+ sysfac_to_int[options.sftp_log_facility]);
|
|
+
|
|
+ /* SFTP_LOG_LEVEL */
|
|
+ if (options.sftp_log_level < 0)
|
|
+ child_set_env(&env, &envsize, "SFTP_LOG_LEVEL",
|
|
+ "-1");
|
|
+ else
|
|
+ child_set_env(&env, &envsize, "SFTP_LOG_LEVEL",
|
|
+ syslevel_to_int[options.sftp_log_level]);
|
|
+
|
|
+ /* SFTP_UMASK */
|
|
+
|
|
+ if (options.sftp_umask[0] == '\0')
|
|
+ child_set_env(&env, &envsize, "SFTP_UMASK",
|
|
+ "" );
|
|
+ else {
|
|
+ if (!(sftpumask = calloc(SFTP_UMASK_LENGTH,1))) {
|
|
+
|
|
+logit("session.c: unabled to allocate memory for SftpUmask. SftpUmask control \
|
|
+will be turned off.");
|
|
+
|
|
+ child_set_env(&env, &envsize, "SFTP_UMASK",
|
|
+ "" );
|
|
+ } else {
|
|
+ strncpy(sftpumask, options.sftp_umask,
|
|
+ SFTP_UMASK_LENGTH);
|
|
+ child_set_env(&env, &envsize, "SFTP_UMASK",
|
|
+ sftpumask );
|
|
+ }
|
|
+ }
|
|
+
|
|
+ /* SFTP_PERMIT_CHMOD */
|
|
+ if (options.sftp_permit_chmod == -1 )
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHMOD", "-1");
|
|
+ else if (options.sftp_permit_chmod == 0)
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHMOD", "0");
|
|
+ else
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHMOD", "1");
|
|
+
|
|
+ /* SFTP_PERMIT_CHOWN */
|
|
+ if (options.sftp_permit_chown == -1 )
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHOWN", "-1");
|
|
+ else if (options.sftp_permit_chown == 0)
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHOWN", "0");
|
|
+ else
|
|
+ child_set_env(&env, &envsize, "SFTP_PERMIT_CHOWN", "1");
|
|
+
|
|
/* read $HOME/.ssh/environment. */
|
|
if (options.permit_user_env && !options.use_login) {
|
|
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
|
|
diff -Naurp openssh-4.9p1/sftp-server.8 openssh-4.9p1.oden/sftp-server.8
|
|
--- openssh-4.9p1/sftp-server.8 2007-06-05 10:27:13.000000000 +0200
|
|
+++ openssh-4.9p1.oden/sftp-server.8 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -50,6 +50,20 @@ should be specified in the
|
|
declaration.
|
|
See
|
|
.Xr sshd_config 5
|
|
+for more information. Sftp-server transactions may be logged
|
|
+using the
|
|
+.Cm LogSftp ,
|
|
+.Cm SftpLogFacility ,
|
|
+and
|
|
+.Cm SftpLogLevel
|
|
+options. The administrator may exert control over the file and directory
|
|
+permission and ownership, with
|
|
+.Cm SftpUmask ,
|
|
+.Cm SftpPermitChmod ,
|
|
+and
|
|
+.Cm SftpPermitChown
|
|
+. See
|
|
+.Xr sshd_config 5
|
|
for more information.
|
|
.Pp
|
|
Valid options are:
|
|
@@ -76,7 +90,8 @@ The default is ERROR.
|
|
.Xr sftp 1 ,
|
|
.Xr ssh 1 ,
|
|
.Xr sshd_config 5 ,
|
|
-.Xr sshd 8
|
|
+.Xr sshd 8,
|
|
+.Xr sshd_config 5
|
|
.Rs
|
|
.%A T. Ylonen
|
|
.%A S. Lehtinen
|
|
diff -Naurp openssh-4.9p1/sftp-server.c openssh-4.9p1.oden/sftp-server.c
|
|
--- openssh-4.9p1/sftp-server.c 2008-03-07 08:33:53.000000000 +0100
|
|
+++ openssh-4.9p1.oden/sftp-server.c 2008-04-01 13:27:43.000000000 +0200
|
|
@@ -50,6 +50,13 @@
|
|
#define get_int() buffer_get_int(&iqueue);
|
|
#define get_string(lenp) buffer_get_string(&iqueue, lenp);
|
|
|
|
+/* SFTP_UMASK */
|
|
+static mode_t setumask = 0;
|
|
+
|
|
+static int permit_chmod = 1;
|
|
+static int permit_chown = 1;
|
|
+static int permit_logging = 0;
|
|
+
|
|
/* Our verbosity */
|
|
LogLevel log_level = SYSLOG_LEVEL_ERROR;
|
|
|
|
@@ -509,6 +516,14 @@ process_open(void)
|
|
a = get_attrib();
|
|
flags = flags_from_portable(pflags);
|
|
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ? a->perm : 0666;
|
|
+
|
|
+ if (setumask != 0) {
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("setting file creation mode to 0666 and umask to %o", setumask);
|
|
+ mode = 0666;
|
|
+ umask(setumask);
|
|
+ }
|
|
+
|
|
logit("open \"%s\" flags %s mode 0%o",
|
|
name, string_from_portable(pflags), mode);
|
|
fd = open(name, flags, mode);
|
|
@@ -523,6 +538,8 @@ process_open(void)
|
|
status = SSH2_FX_OK;
|
|
}
|
|
}
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("open %s", name);
|
|
if (status != SSH2_FX_OK)
|
|
send_status(id, status);
|
|
xfree(name);
|
|
@@ -560,7 +577,8 @@ process_read(void)
|
|
id, handle_to_name(handle), handle, (unsigned long long)off, len);
|
|
if (len > sizeof buf) {
|
|
len = sizeof buf;
|
|
- debug2("read change len %d", len);
|
|
+ if (permit_logging == 1)
|
|
+ logit("read change len %d", len);
|
|
}
|
|
fd = handle_to_fd(handle);
|
|
if (fd >= 0) {
|
|
@@ -580,6 +598,8 @@ process_read(void)
|
|
}
|
|
}
|
|
}
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("reading %d bytes from file", ret);
|
|
if (status != SSH2_FX_OK)
|
|
send_status(id, status);
|
|
}
|
|
@@ -615,10 +635,13 @@ process_write(void)
|
|
status = SSH2_FX_OK;
|
|
handle_update_write(handle, ret);
|
|
} else {
|
|
- debug2("nothing at all written");
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("nothing at all written");
|
|
}
|
|
}
|
|
}
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("writing %d bytes to file", ret);
|
|
send_status(id, status);
|
|
xfree(data);
|
|
}
|
|
@@ -720,15 +743,25 @@ process_setstat(void)
|
|
status = errno_to_portable(errno);
|
|
}
|
|
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
|
|
- logit("set \"%s\" mode %04o", name, a->perm);
|
|
- ret = chmod(name, a->perm & 0777);
|
|
- if (ret == -1)
|
|
- status = errno_to_portable(errno);
|
|
+ if (permit_chmod == 1) {
|
|
+ ret = chmod(name, a->perm & 0777);
|
|
+ if (ret == -1)
|
|
+ status = errno_to_portable(errno);
|
|
+ else
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chmod'ed %s", name);
|
|
+ } else {
|
|
+ status = SSH2_FX_PERMISSION_DENIED;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chmod %s: operation prohibited by sftp-server configuration.", name);
|
|
+ }
|
|
}
|
|
if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
|
|
char buf[64];
|
|
time_t t = a->mtime;
|
|
|
|
+if ( permit_logging == 1 )
|
|
+logit("process_setstat: utimes");
|
|
strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
|
|
localtime(&t));
|
|
logit("set \"%s\" modtime %s", name, buf);
|
|
@@ -737,11 +770,18 @@ process_setstat(void)
|
|
status = errno_to_portable(errno);
|
|
}
|
|
if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
|
|
- logit("set \"%s\" owner %lu group %lu", name,
|
|
- (u_long)a->uid, (u_long)a->gid);
|
|
- ret = chown(name, a->uid, a->gid);
|
|
- if (ret == -1)
|
|
- status = errno_to_portable(errno);
|
|
+ if (permit_chown == 1) {
|
|
+ ret = chown(name, a->uid, a->gid);
|
|
+ if (ret == -1)
|
|
+ status = errno_to_portable(errno);
|
|
+ else
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chown'ed %s.", name);
|
|
+ } else {
|
|
+ status = SSH2_FX_PERMISSION_DENIED;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chown %s: operation prohibited by sftp-server configuration.", name);
|
|
+ }
|
|
}
|
|
send_status(id, status);
|
|
xfree(name);
|
|
@@ -755,8 +795,13 @@ process_fsetstat(void)
|
|
int handle, fd, ret;
|
|
int status = SSH2_FX_OK;
|
|
|
|
+if ( permit_logging == 1 )
|
|
+logit("process_fsetstat");
|
|
+
|
|
id = get_int();
|
|
handle = get_handle();
|
|
+if ( permit_logging == 1 )
|
|
+logit("process_fsetstat: ftruncate");
|
|
a = get_attrib();
|
|
debug("request %u: fsetstat handle %d", id, handle);
|
|
fd = handle_to_fd(handle);
|
|
@@ -766,6 +811,8 @@ process_fsetstat(void)
|
|
char *name = handle_to_name(handle);
|
|
|
|
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("process_setstat: truncate");
|
|
logit("set \"%s\" size %llu",
|
|
name, (unsigned long long)a->size);
|
|
ret = ftruncate(fd, a->size);
|
|
@@ -773,7 +820,9 @@ process_fsetstat(void)
|
|
status = errno_to_portable(errno);
|
|
}
|
|
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) {
|
|
+if ( permit_logging == 1 )
|
|
logit("set \"%s\" mode %04o", name, a->perm);
|
|
+ if (permit_chmod == 1) {
|
|
#ifdef HAVE_FCHMOD
|
|
ret = fchmod(fd, a->perm & 0777);
|
|
#else
|
|
@@ -781,11 +830,21 @@ process_fsetstat(void)
|
|
#endif
|
|
if (ret == -1)
|
|
status = errno_to_portable(errno);
|
|
+ else
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chmod: succeeded.");
|
|
+ } else { // permit_chmod
|
|
+ status = SSH2_FX_PERMISSION_DENIED;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chmod: operation prohibited by sftp-server configuration.");
|
|
+ } // permit_chmod
|
|
}
|
|
if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
|
|
char buf[64];
|
|
time_t t = a->mtime;
|
|
|
|
+if ( permit_logging == 1 )
|
|
+logit("process_fsetstat: utimes");
|
|
strftime(buf, sizeof(buf), "%Y%m%d-%H:%M:%S",
|
|
localtime(&t));
|
|
logit("set \"%s\" modtime %s", name, buf);
|
|
@@ -800,6 +859,7 @@ process_fsetstat(void)
|
|
if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
|
|
logit("set \"%s\" owner %lu group %lu", name,
|
|
(u_long)a->uid, (u_long)a->gid);
|
|
+ if (permit_chown == 1) {
|
|
#ifdef HAVE_FCHOWN
|
|
ret = fchown(fd, a->uid, a->gid);
|
|
#else
|
|
@@ -807,6 +867,14 @@ process_fsetstat(void)
|
|
#endif
|
|
if (ret == -1)
|
|
status = errno_to_portable(errno);
|
|
+ else
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chown: succeeded");
|
|
+ } else { // permit_chown
|
|
+ status = SSH2_FX_PERMISSION_DENIED;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("chown: operation prohibited by sftp-server configuration.");
|
|
+ } // permit_chown
|
|
}
|
|
}
|
|
send_status(id, status);
|
|
@@ -929,6 +997,14 @@ process_mkdir(void)
|
|
a = get_attrib();
|
|
mode = (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) ?
|
|
a->perm & 0777 : 0777;
|
|
+
|
|
+ if (setumask != 0) {
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("setting directory creation mode to 0777 and umask to %o.", setumask);
|
|
+ mode = 0777;
|
|
+ umask(setumask);
|
|
+ }
|
|
+
|
|
debug3("request %u: mkdir", id);
|
|
logit("mkdir name \"%s\" mode 0%o", name, mode);
|
|
ret = mkdir(name, mode);
|
|
@@ -977,6 +1053,8 @@ process_realpath(void)
|
|
s.name = s.long_name = resolvedname;
|
|
send_names(id, 1, &s);
|
|
}
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("realpath %s", path);
|
|
xfree(path);
|
|
}
|
|
|
|
@@ -1059,6 +1137,8 @@ process_readlink(void)
|
|
s.name = s.long_name = buf;
|
|
send_names(id, 1, &s);
|
|
}
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("readlink %s", path);
|
|
xfree(path);
|
|
}
|
|
|
|
@@ -1246,6 +1326,8 @@ sftp_server_main(int argc, char **argv,
|
|
{
|
|
fd_set *rset, *wset;
|
|
int in, out, max, ch, skipargs = 0, log_stderr = 0;
|
|
+ unsigned int val = 0;
|
|
+ char *umask_env;
|
|
ssize_t len, olen, set_size;
|
|
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
|
|
char *cp, buf[4*4096];
|
|
@@ -1254,7 +1336,16 @@ sftp_server_main(int argc, char **argv,
|
|
extern char *__progname;
|
|
|
|
__progname = ssh_get_progname(argv[0]);
|
|
- log_init(__progname, log_level, log_facility, log_stderr);
|
|
+ /* sftplogging */
|
|
+
|
|
+ if ( (getenv("LOG_SFTP") != NULL) && (atoi(getenv("LOG_SFTP")) == 1) )
|
|
+ {
|
|
+ permit_logging = 1;
|
|
+ log_init("sftp-server", (getenv("SFTP_LOG_LEVEL") != NULL) ? atoi(getenv("SFTP_LOG_LEVEL")) : SYSLOG_LEVEL_DEBUG1,
|
|
+ (getenv("SFTP_LOG_FACILITY") != NULL) ? atoi(getenv("SFTP_LOG_FACILITY")) : SYSLOG_FACILITY_AUTH, 0);
|
|
+ };
|
|
+
|
|
+
|
|
|
|
while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
|
|
switch (ch) {
|
|
@@ -1284,7 +1375,6 @@ sftp_server_main(int argc, char **argv,
|
|
}
|
|
}
|
|
|
|
- log_init(__progname, log_level, log_facility, log_stderr);
|
|
|
|
if ((cp = getenv("SSH_CONNECTION")) != NULL) {
|
|
client_addr = xstrdup(cp);
|
|
@@ -1302,6 +1392,41 @@ sftp_server_main(int argc, char **argv,
|
|
logit("session opened for local user %s from [%s]",
|
|
pw->pw_name, client_addr);
|
|
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("Starting sftp-server logging for user %s.", getenv("USER"));
|
|
+
|
|
+ /* Umask control */
|
|
+
|
|
+ if ( (umask_env = getenv("SFTP_UMASK")) != NULL )
|
|
+ {
|
|
+ while (*umask_env && *umask_env >= '0' && *umask_env <= '9')
|
|
+ val = val * 8 + *umask_env++ - '0';
|
|
+
|
|
+ if (*umask_env || val > 0777 || val == 0) {
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("bad value %o for SFTP_UMASK, turning umask control off.", val);
|
|
+ setumask = 0;
|
|
+ } else {
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("umask control is on.");
|
|
+ setumask = val;
|
|
+ };
|
|
+ } else setumask = 0;
|
|
+
|
|
+
|
|
+ /* Sensitive client commands */
|
|
+
|
|
+ if ( (getenv("SFTP_PERMIT_CHMOD") != NULL) && (atoi(getenv("SFTP_PERMIT_CHMOD")) != 1) ) {
|
|
+ permit_chmod = 0;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("client is not permitted to chmod.");
|
|
+ };
|
|
+ if ( (getenv("SFTP_PERMIT_CHOWN") != NULL) && (atoi(getenv("SFTP_PERMIT_CHOWN")) != 1) ) {
|
|
+ permit_chown = 0;
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("client is not permitted to chown.");
|
|
+ };
|
|
+
|
|
in = dup(STDIN_FILENO);
|
|
out = dup(STDOUT_FILENO);
|
|
|
|
@@ -1352,6 +1477,8 @@ sftp_server_main(int argc, char **argv,
|
|
len = read(in, buf, sizeof buf);
|
|
if (len == 0) {
|
|
debug("read eof");
|
|
+ if ( permit_logging == 1 )
|
|
+ logit("sftp-server finished.");
|
|
sftp_server_cleanup_exit(0);
|
|
} else if (len < 0) {
|
|
error("read: %s", strerror(errno));
|
|
diff -Naurp openssh-4.9p1/sshd.c openssh-4.9p1.oden/sshd.c
|
|
--- openssh-4.9p1/sshd.c 2008-03-11 12:58:25.000000000 +0100
|
|
+++ openssh-4.9p1.oden/sshd.c 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -421,7 +421,7 @@ sshd_exchange_identification(int sock_in
|
|
major = PROTOCOL_MAJOR_1;
|
|
minor = PROTOCOL_MINOR_1;
|
|
}
|
|
- snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION);
|
|
+ snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_RELEASE);
|
|
server_version_string = xstrdup(buf);
|
|
|
|
/* Send our protocol version identification. */
|
|
diff -Naurp openssh-4.9p1/sshd_config openssh-4.9p1.oden/sshd_config
|
|
--- openssh-4.9p1/sshd_config 2008-02-10 12:40:12.000000000 +0100
|
|
+++ openssh-4.9p1.oden/sshd_config 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -110,6 +110,17 @@ Protocol 2
|
|
# override default of no subsystems
|
|
Subsystem sftp /usr/libexec/sftp-server
|
|
|
|
+# sftp-server logging
|
|
+#LogSftp no
|
|
+#SftpLogFacility AUTH
|
|
+#SftpLogLevel INFO
|
|
+
|
|
+# sftp-server umask control
|
|
+#SftpUmask
|
|
+
|
|
+#SftpPermitChmod yes
|
|
+#SftpPermitChown yes
|
|
+
|
|
# Example of overriding settings on a per-user basis
|
|
#Match User anoncvs
|
|
# X11Forwarding no
|
|
diff -Naurp openssh-4.9p1/sshd_config.5 openssh-4.9p1.oden/sshd_config.5
|
|
--- openssh-4.9p1/sshd_config.5 2008-03-27 01:02:02.000000000 +0100
|
|
+++ openssh-4.9p1.oden/sshd_config.5 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -530,6 +530,10 @@ The default is INFO.
|
|
DEBUG and DEBUG1 are equivalent.
|
|
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
|
|
Logging with a DEBUG level violates the privacy of users and is not recommended.
|
|
+.It Cm LogSftp
|
|
+Specifies whether to perform logging of
|
|
+.Nm sftp-server
|
|
+subsystem transactions. Must be "yes" or "no." The default value is "no."
|
|
.It Cm MACs
|
|
Specifies the available MAC (message authentication code) algorithms.
|
|
The MAC algorithm is used in protocol version 2
|
|
@@ -773,6 +777,37 @@ This option applies to protocol version
|
|
.It Cm ServerKeyBits
|
|
Defines the number of bits in the ephemeral protocol version 1 server key.
|
|
The minimum value is 512, and the default is 768.
|
|
+.It Cm SftpLogFacility
|
|
+Gives the facility code that is used when logging
|
|
+.Nm sftp-server .
|
|
+transactions. The possible values are: DAEMON, USER, AUTH, LOCAL0,
|
|
+LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
|
|
+The default is AUTH.
|
|
+.It Cm SftpLogLevel
|
|
+Gives the verbosity level that is used when logging messages from
|
|
+.Nm sftp-server .
|
|
+The possible values are:
|
|
+QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
|
|
+The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2
|
|
+and DEBUG3 each specify higher levels of debugging output.
|
|
+Logging with a DEBUG level violates the privacy of users
|
|
+and is not recommended.
|
|
+.It Cm SftpPermitChmod
|
|
+Specifies whether the sftp-server allows the sftp client to execute chmod
|
|
+commands on the server. The default is yes.
|
|
+.It Cm SftpPermitChown
|
|
+Specifies whether the sftp-server allows the sftp client to execute chown
|
|
+or chgrp commands on the server. Turning this value on means that the client
|
|
+is allowed to execute both chown and chgrp commands. Turning it off means that
|
|
+the client is prohibited from executing either chown or chgrp.
|
|
+ The default is yes.
|
|
+.It Cm SftpUmask
|
|
+Specifies an optional umask for
|
|
+.Nm sftp-server
|
|
+subsystem transactions. If a umask is given, this umask will override all system,
|
|
+environment or sftp client permission modes. If
|
|
+no umask or an invalid umask is given, file creation mode defaults to the permission
|
|
+mode specified by the sftp client. The default is for no umask.
|
|
.It Cm StrictModes
|
|
Specifies whether
|
|
.Xr sshd 8
|
|
diff -Naurp openssh-4.9p1/version.h openssh-4.9p1.oden/version.h
|
|
--- openssh-4.9p1/version.h 2008-03-27 01:18:13.000000000 +0100
|
|
+++ openssh-4.9p1.oden/version.h 2008-04-01 13:18:51.000000000 +0200
|
|
@@ -2,5 +2,5 @@
|
|
|
|
#define SSH_VERSION "OpenSSH_4.9"
|
|
|
|
-#define SSH_PORTABLE "p1"
|
|
+#define SSH_PORTABLE "p1+sftplogging-v1.5"
|
|
#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
|