| version 1.117, 2019/07/05 04:55:40 |
version 1.118, 2020/06/22 05:52:05 |
|
|
| static int readonly; |
static int readonly; |
| |
|
| /* Requests that are allowed/denied */ |
/* Requests that are allowed/denied */ |
| static char *request_whitelist, *request_blacklist; |
static char *request_allowlist, *request_denylist; |
| |
|
| /* portable attributes, etc. */ |
/* portable attributes, etc. */ |
| typedef struct Stat Stat; |
typedef struct Stat Stat; |
|
|
| verbose("Refusing %s request in read-only mode", h->name); |
verbose("Refusing %s request in read-only mode", h->name); |
| return 0; |
return 0; |
| } |
} |
| if (request_blacklist != NULL && |
if (request_denylist != NULL && |
| ((result = match_list(h->name, request_blacklist, NULL))) != NULL) { |
((result = match_list(h->name, request_denylist, NULL))) != NULL) { |
| free(result); |
free(result); |
| verbose("Refusing blacklisted %s request", h->name); |
verbose("Refusing denylisted %s request", h->name); |
| return 0; |
return 0; |
| } |
} |
| if (request_whitelist != NULL && |
if (request_allowlist != NULL && |
| ((result = match_list(h->name, request_whitelist, NULL))) != NULL) { |
((result = match_list(h->name, request_allowlist, NULL))) != NULL) { |
| free(result); |
free(result); |
| debug2("Permitting whitelisted %s request", h->name); |
debug2("Permitting allowlisted %s request", h->name); |
| return 1; |
return 1; |
| } |
} |
| if (request_whitelist != NULL) { |
if (request_allowlist != NULL) { |
| verbose("Refusing non-whitelisted %s request", h->name); |
verbose("Refusing non-allowlisted %s request", h->name); |
| return 0; |
return 0; |
| } |
} |
| return 1; |
return 1; |
|
|
| |
|
| fprintf(stderr, |
fprintf(stderr, |
| "usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
"usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
| "[-l log_level]\n\t[-P blacklisted_requests] " |
"[-l log_level]\n\t[-P denied_requests] " |
| "[-p whitelisted_requests] [-u umask]\n" |
"[-p allowed_requests] [-u umask]\n" |
| " %s -Q protocol_feature\n", |
" %s -Q protocol_feature\n", |
| __progname, __progname); |
__progname, __progname); |
| exit(1); |
exit(1); |
|
|
| free(cp); |
free(cp); |
| break; |
break; |
| case 'p': |
case 'p': |
| if (request_whitelist != NULL) |
if (request_allowlist != NULL) |
| fatal("Permitted requests already set"); |
fatal("Permitted requests already set"); |
| request_whitelist = xstrdup(optarg); |
request_allowlist = xstrdup(optarg); |
| break; |
break; |
| case 'P': |
case 'P': |
| if (request_blacklist != NULL) |
if (request_denylist != NULL) |
| fatal("Refused requests already set"); |
fatal("Refused requests already set"); |
| request_blacklist = xstrdup(optarg); |
request_denylist = xstrdup(optarg); |
| break; |
break; |
| case 'u': |
case 'u': |
| errno = 0; |
errno = 0; |
![[BACK]](/icons/back.gif){kind=icon}
Return to sftp-server.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh