ssimpson89 · January 19, 2016 21:34
diff --git a/scpsftprsynconly.c b/scpsftprsynconly.c
 #include <unistd.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>

 /*
 ***  Original by Patric Draper <http://www.pdrap.org/about/>
 ***
 ***  Changes on 13-Mar-2004 by Msquared <http://www.msquared.id.au/>
 ***
 ***    * fixed bug in args to realloc()
 ***    * fixed bug in parameter checks (validates entire command name)
 ***    * Modified to work with OpenSSH SFTP
 ***    * Added rsync support
 ***
 ***  This code is in the public domain.  No warranty.  If it breaks,
 ***  you can dispose of it as you see fit.
 ***
 ***  Build with DEBUG to save calling arguments to /tmp/scpshell.log
 ***  This is useful to add new protocols, debug existing calls, etc.
 ***
 ***  Put the new scpsftprsynconly shell in /etc/shells for ftp to work
 **/

 char * restrictmsg = "\nThis account is currently not allowed to login"
 " using this method.\nPlease contact the server admin with any questions.\n\n";

 int main (int argc, char *argv []) {
         char **newargs = NULL;
         char *newbuff = NULL;
         int i;
         char *s;

 #ifdef DEBUG

         FILE * log = fopen("/tmp/scpshell.log","a+");
         if ( log ) {
                 char **par = argv;
                 while ( *par )
                         fprintf ( log, "[%s] ", *par++ );
                 fprintf ( log, "\n" );
                 fclose(log);
         }

 #endif

         if (argc < 3) {
                 printf (restrictmsg);
                 return 1;
         }
         if ((strncmp (argv [2], "scp ", 4) != 0) &&
             (strncmp (argv [2], "/usr/libexec/openssh/sftp-server", 33) != 0) &&
             (strncmp (argv [2], "rsync ", 6) != 0)) {
                 printf (restrictmsg);
                 return 2;
         }
         i = 0;
         newbuff = strdup(argv[2]);
         s = strtok (newbuff, " ");
         do {
                 newargs = (char **) realloc (newargs, ++i*sizeof(*newargs));
                 newargs [i - 1] = strdup (s);
         } while ((s = strtok (NULL, " ")) != NULL);

         newargs = (char **) realloc (newargs, ++i*sizeof(*newargs));
         newargs [i - 1] = NULL;

         execvp (newargs [0], newargs);

         return 0;
 }
	#include <unistd.h>
	#include <stdlib.h>
	#include <stdio.h>
	#include <string.h>

	/*
	*** Original by Patric Draper <http://www.pdrap.org/about/>
	***
	*** Changes on 13-Mar-2004 by Msquared <http://www.msquared.id.au/>
	***
	*** * fixed bug in args to realloc()
	*** * fixed bug in parameter checks (validates entire command name)
	*** * Modified to work with OpenSSH SFTP
	*** * Added rsync support
	***
	*** This code is in the public domain. No warranty. If it breaks,
	*** you can dispose of it as you see fit.
	***
	*** Build with DEBUG to save calling arguments to /tmp/scpshell.log
	*** This is useful to add new protocols, debug existing calls, etc.
	***
	*** Put the new scpsftprsynconly shell in /etc/shells for ftp to work
	**/

	char * restrictmsg = "\nThis account is currently not allowed to login"
	" using this method.\nPlease contact the server admin with any questions.\n\n";

	int main (int argc, char *argv []) {
	char **newargs = NULL;
	char *newbuff = NULL;
	int i;
	char *s;

	#ifdef DEBUG

	FILE * log = fopen("/tmp/scpshell.log","a+");
	if ( log ) {
	char **par = argv;
	while ( *par )
	fprintf ( log, "[%s] ", *par++ );
	fprintf ( log, "\n" );
	fclose(log);
	}

	#endif

	if (argc < 3) {
	printf (restrictmsg);
	return 1;
	}
	if ((strncmp (argv [2], "scp ", 4) != 0) &&
	(strncmp (argv [2], "/usr/libexec/openssh/sftp-server", 33) != 0) &&
	(strncmp (argv [2], "rsync ", 6) != 0)) {
	printf (restrictmsg);
	return 2;
	}
	i = 0;
	newbuff = strdup(argv[2]);
	s = strtok (newbuff, " ");
	do {
	newargs = (char *) realloc (newargs, ++isizeof(*newargs));
	newargs [i - 1] = strdup (s);
	} while ((s = strtok (NULL, " ")) != NULL);

	newargs = (char *) realloc (newargs, ++isizeof(*newargs));
	newargs [i - 1] = NULL;

	execvp (newargs [0], newargs);

	return 0;
	}