Handle terminal control characters in scp progressmeter (#1247204)
This commit is contained in:
parent
c4cc2d9a05
commit
5804c90187
|
@ -168,15 +168,6 @@ diff --git a/progressmeter.c b/progressmeter.c
|
|||
index bbbc706..ae6d1aa 100644
|
||||
--- a/progressmeter.c
|
||||
+++ b/progressmeter.c
|
||||
@@ -65,7 +65,7 @@ static void update_progress_meter(int);
|
||||
|
||||
static time_t start; /* start progress */
|
||||
static time_t last_update; /* last progress update */
|
||||
-static char *file; /* name of the file being transferred */
|
||||
+static const char *file; /* name of the file being transferred */
|
||||
static off_t start_pos; /* initial position of transfer */
|
||||
static off_t end_pos; /* ending position of transfer */
|
||||
static off_t cur_pos; /* transfer position as of last refresh */
|
||||
@@ -248,7 +248,7 @@ update_progress_meter(int ignore)
|
||||
}
|
||||
|
||||
|
@ -185,7 +176,7 @@ index bbbc706..ae6d1aa 100644
|
|||
+start_progress_meter(const char *f, off_t filesize, off_t *ctr)
|
||||
{
|
||||
start = last_update = monotime();
|
||||
file = f;
|
||||
if (strlen(f) > file_len) {
|
||||
diff --git a/progressmeter.h b/progressmeter.h
|
||||
index 10bab99..e9ca8f0 100644
|
||||
--- a/progressmeter.h
|
||||
|
|
|
@ -15,78 +15,24 @@ diff --git a/misc.h b/misc.h
|
|||
index d4df619..d98b83d 100644
|
||||
--- a/misc.h
|
||||
+++ b/misc.h
|
||||
@@ -106,4 +106,7 @@ char *read_passphrase(const char *, int);
|
||||
@@ -135,4 +135,8 @@ char *read_passphrase(const char *, int)
|
||||
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
|
||||
|
||||
+/* utf8_stringprep.c */
|
||||
+int utf8_stringprep(const char *, char *, size_t);
|
||||
+void sanitize_utf8(char *, const char *, size_t);
|
||||
+
|
||||
#endif /* _MISC_H */
|
||||
diff --git a/sshconnect2.c b/sshconnect2.c
|
||||
index b00658b..08064f4 100644
|
||||
--- a/sshconnect2.c
|
||||
+++ b/sshconnect2.c
|
||||
@@ -33,6 +33,8 @@
|
||||
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
+#include <langinfo.h>
|
||||
+#include <locale.h>
|
||||
#include <netdb.h>
|
||||
#include <pwd.h>
|
||||
#include <signal.h>
|
||||
@@ -519,21 +521,51 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt)
|
||||
"type %d", type);
|
||||
}
|
||||
|
||||
+/* Check whether we can display UTF-8 safely */
|
||||
+static int
|
||||
+utf8_ok(void)
|
||||
+{
|
||||
+ static int ret = -1;
|
||||
+ char *cp;
|
||||
+
|
||||
+ if (ret == -1) {
|
||||
+ setlocale(LC_CTYPE, "");
|
||||
+ cp = nl_langinfo(CODESET);
|
||||
+ ret = strcmp(cp, "UTF-8") == 0;
|
||||
+ }
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
/* ARGSUSED */
|
||||
void
|
||||
input_userauth_banner(int type, u_int32_t seq, void *ctxt)
|
||||
{
|
||||
char *msg, *raw, *lang;
|
||||
- u_int len;
|
||||
+ u_int done, len;
|
||||
|
||||
debug3("input_userauth_banner");
|
||||
+
|
||||
raw = packet_get_string(&len);
|
||||
lang = packet_get_string(NULL);
|
||||
if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) {
|
||||
diff -up openssh-6.8p1/sshconnect2.c.utf8-banner openssh-6.8p1/sshconnect2.c
|
||||
--- openssh-6.8p1/sshconnect2.c.utf8-banner 2015-03-18 12:41:28.161713220 +0100
|
||||
+++ openssh-6.8p1/sshconnect2.c 2015-03-18 12:44:05.483317714 +0100
|
||||
@@ -532,7 +534,7 @@ input_userauth_error(int type, u_int32_t
|
||||
if (len > 65536)
|
||||
len = 65536;
|
||||
msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
|
||||
- strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
|
||||
+ done = 0;
|
||||
+ if (utf8_ok()) {
|
||||
+ if (utf8_stringprep(raw, msg, len * 4 + 1) == 0)
|
||||
+ done = 1;
|
||||
+ else
|
||||
+ debug2("%s: UTF8 stringprep failed", __func__);
|
||||
+ }
|
||||
+ /*
|
||||
+ * Fallback to strnvis if UTF8 display not supported or
|
||||
+ * conversion failed.
|
||||
+ */
|
||||
+ if (!done) {
|
||||
+ strnvis(msg, raw, len * 4 + 1,
|
||||
+ VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
|
||||
+ }
|
||||
+ sanitize_utf8(msg, raw, len);
|
||||
fprintf(stderr, "%s", msg);
|
||||
free(msg);
|
||||
}
|
||||
|
@ -757,12 +703,10 @@ index 0000000..49f4d9d
|
|||
+ { 0xE0020, 0xE007F },
|
||||
+};
|
||||
+
|
||||
diff --git a/utf8_stringprep.c b/utf8_stringprep.c
|
||||
new file mode 100644
|
||||
index 0000000..bcafae7
|
||||
--- /dev/null
|
||||
+++ b/utf8_stringprep.c
|
||||
@@ -0,0 +1,229 @@
|
||||
diff -up openssh-6.8p1/utf8_stringprep.c.utf8-banner openssh-6.8p1/utf8_stringprep.c
|
||||
--- openssh-6.8p1/utf8_stringprep.c.utf8-banner 2015-03-18 12:41:28.175713185 +0100
|
||||
+++ openssh-6.8p1/utf8_stringprep.c 2015-03-18 12:41:28.175713185 +0100
|
||||
@@ -0,0 +1,265 @@
|
||||
+/*
|
||||
+ * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
|
||||
+ *
|
||||
|
@ -803,8 +747,12 @@ index 0000000..bcafae7
|
|||
+#include <string.h>
|
||||
+#include <limits.h>
|
||||
+#include <ctype.h>
|
||||
+#include <langinfo.h>
|
||||
+#include <locale.h>
|
||||
+
|
||||
+#include "includes.h"
|
||||
+#include "misc.h"
|
||||
+#include "log.h"
|
||||
+
|
||||
+struct u32_range {
|
||||
+ u_int32_t lo, hi; /* Inclusive */
|
||||
|
@ -992,3 +940,35 @@ index 0000000..bcafae7
|
|||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/* Check whether we can display UTF-8 safely */
|
||||
+int
|
||||
+utf8_ok(void)
|
||||
+{
|
||||
+ static int ret = -1;
|
||||
+ char *cp;
|
||||
+
|
||||
+ if (ret == -1) {
|
||||
+ setlocale(LC_CTYPE, "");
|
||||
+ cp = nl_langinfo(CODESET);
|
||||
+ ret = strcmp(cp, "UTF-8") == 0;
|
||||
+ }
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+sanitize_utf8(char *target, const char *source, size_t length)
|
||||
+{
|
||||
+ u_int done = 0;
|
||||
+ if (utf8_ok()) {
|
||||
+ if (utf8_stringprep(source, target, length * 4 + 1) == 0)
|
||||
+ done = 1;
|
||||
+ else
|
||||
+ debug2("%s: UTF8 stringprep failed", __func__);
|
||||
+ }
|
||||
+ /*
|
||||
+ * Fallback to strnvis if UTF8 display not supported or
|
||||
+ * conversion failed.
|
||||
+ */
|
||||
+ if (!done)
|
||||
+ strnvis(target, source, length * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
|
||||
+}
|
||||
|
|
|
@ -13,8 +13,8 @@ index 3bb7f00..294bef5 100644
|
|||
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
|
||||
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
|
||||
|
||||
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
|
||||
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o utf8_stringprep.o
|
||||
$(LD) -o $@ scp.o progressmeter.o bufaux.o utf8_stringprep.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
|
||||
- $(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
diff -up openssh-6.6p1/Makefile.in.progressmeter openssh-6.6p1/Makefile.in
|
||||
--- openssh-6.6p1/Makefile.in.progressmeter 2015-07-28 14:22:08.740278100 +0200
|
||||
+++ openssh-6.6p1/Makefile.in 2015-07-28 14:22:08.769278063 +0200
|
||||
@@ -158,8 +158,8 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
|
||||
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
|
||||
$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
|
||||
|
||||
-scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
|
||||
- $(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
+scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o utf8_stringprep.o
|
||||
+ $(LD) -o $@ scp.o progressmeter.o bufaux.o utf8_stringprep.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
|
||||
$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
diff -up openssh-6.6p1/progressmeter.c.progressmeter openssh-6.6p1/progressmeter.c
|
||||
--- openssh-6.6p1/progressmeter.c.progressmeter 2015-07-28 14:22:08.768278064 +0200
|
||||
+++ openssh-6.6p1/progressmeter.c 2015-07-28 14:23:51.464143827 +0200
|
||||
@@ -66,6 +66,7 @@ static void update_progress_meter(int);
|
||||
static time_t start; /* start progress */
|
||||
static time_t last_update; /* last progress update */
|
||||
static char *file; /* name of the file being transferred */
|
||||
+static size_t file_len = 0; /* allocated length of file */
|
||||
static off_t start_pos; /* initial position of transfer */
|
||||
static off_t end_pos; /* ending position of transfer */
|
||||
static off_t cur_pos; /* transfer position as of last refresh */
|
||||
@@ -251,7 +252,11 @@ void
|
||||
start_progress_meter(char *f, off_t filesize, off_t *ctr)
|
||||
{
|
||||
start = last_update = monotime();
|
||||
- file = f;
|
||||
+ if (strlen(f) > file_len) {
|
||||
+ file_len = strlen(f);
|
||||
+ file = realloc(file, file_len * 4 + 1);
|
||||
+ }
|
||||
+ sanitize_utf8(file, f, file_len);
|
||||
start_pos = *ctr;
|
||||
end_pos = filesize;
|
||||
cur_pos = 0;
|
|
@ -232,6 +232,8 @@ Patch922: openssh-6.7p1-ssh-copy-id-truncated-keys.patch
|
|||
Patch923: openssh-6.6p1-security-from-6.9.patch
|
||||
# authentication limits (MaxAuthTries) bypass [security] (#1245971)
|
||||
Patch924: openssh-6.6p1-authentication-limits-bypass.patch
|
||||
# Handle terminal control characters in scp progressmeter (#1247204)
|
||||
Patch925: openssh-6.6p1-scp-progressmeter.patch
|
||||
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
|
@ -449,6 +451,7 @@ popd
|
|||
%patch922 -p1 -b .newline
|
||||
%patch923 -p1 -b .security
|
||||
%patch924 -p1 -b .kbd
|
||||
%patch925 -p1 -b .progressmeter
|
||||
|
||||
%patch200 -p1 -b .audit
|
||||
%patch201 -p1 -b .audit-fps
|
||||
|
|
Loading…
Reference in New Issue