diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2019-03-01 09:15:30 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-03-04 12:21:06 +0100 |
| commit | 6df59aea4486cca6f0c089f72e404ee097b49a02 (patch) | |
| tree | 28926bf3d6292cb4699759282c77eca5a3239e35 /main/openssh | |
| parent | 3242c7c12aa035bc6a043df6ef4b1d2c4da99083 (diff) | |
| download | aports-6df59aea4486cca6f0c089f72e404ee097b49a02.tar.bz2 aports-6df59aea4486cca6f0c089f72e404ee097b49a02.tar.xz | |
main/openssh: security fixes
Diffstat (limited to 'main/openssh')
| -rw-r--r-- | main/openssh/APKBUILD | 16 | ||||
| -rw-r--r-- | main/openssh/CVE-2018-20685.patch | 27 | ||||
| -rw-r--r-- | main/openssh/CVE-2019-6109.patch | 276 | ||||
| -rw-r--r-- | main/openssh/CVE-2019-6111.patch | 187 | ||||
| -rw-r--r-- | main/openssh/openssh7.4-peaktput.patch | 19 |
5 files changed, 513 insertions, 12 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD index 107aab8c89..eb28307e64 100644 --- a/main/openssh/APKBUILD +++ b/main/openssh/APKBUILD @@ -4,7 +4,7 @@ pkgname=openssh pkgver=7.7_p1 _myver=${pkgver%_*}${pkgver#*_} -pkgrel=3 +pkgrel=4 pkgdesc="Port of OpenBSD's free SSH release" url="http://www.openssh.org/portable.html" arch="all" @@ -29,7 +29,10 @@ for _flavour in $_pkgsupport; do subpackages="$subpackages ${pkgname}-server-$_flavour:_pkg_flavour" done -source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz +source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz + CVE-2018-20685.patch + CVE-2019-6109.patch + CVE-2019-6111.patch openssh7.4-peaktput.patch fix-utmp.patch bsd-compatible-realpath.patch @@ -39,6 +42,10 @@ source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar sshd.confd " # secfixes: +# 7.7_p1-r4: +# - CVE-2018-20685 +# - CVE-2019-6109 +# - CVE-2019-6111 # 7.7_p1-r3: # - CVE-2018-15473 # 7.5_p1-r8: @@ -196,7 +203,10 @@ _pkg_flavour() { } sha512sums="597252cb48209a0cb98ca1928a67e8d63e4275252f25bc37269204c108f034baade6ba0634e32ae63422fddd280f73096a6b31ad2f2e7a848dde75ca30e14261 openssh-7.7p1.tar.gz -398096a89aa104abeff31aa043ac406a6348e0fdd4d313b7888ee0b931d38fd71fc21bceee46145e88f03bc27e00890e068442faee2d33f86cfbc04d58ffa4b6 openssh7.4-peaktput.patch +500149bcd6f2818bd56983e6a5ffe7cad9126fbd331fea63e321327b3786817235aaac673efad1169e5d2da3154a89092b47f0efe54b40dab628862e8c7d1dc1 CVE-2018-20685.patch +299e24dbe73d170d16769fa46e52045e034ff8eb2e7ed26bf2e29d941f067ebbe7e66f4a1253576d13ef689922ac2948215ecd744f57a362cb175549080f41ca CVE-2019-6109.patch +7b321e7ff7cff7fb956efd30d3ee770eb553e2db8d0d5e613624859f877efe55da8989f03cdf9e206b397bbc9b6b584c4374073af1a524981e8420c72daf648c CVE-2019-6111.patch +7b5ec0c18117437d8ed5132e13b29d604b49a11c571ee89316d1adeb457092379130b9af6b97effa6b2d05d5d5512cf82ebf76803c29cbc5ab387bf87bafd7b9 openssh7.4-peaktput.patch f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 fix-utmp.patch f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch diff --git a/main/openssh/CVE-2018-20685.patch b/main/openssh/CVE-2018-20685.patch new file mode 100644 index 0000000000..aeb06dda10 --- /dev/null +++ b/main/openssh/CVE-2018-20685.patch @@ -0,0 +1,27 @@ +From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" <djm@openbsd.org> +Date: Fri, 16 Nov 2018 03:03:10 +0000 +Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer + to the + +current directory; based on report/patch from Harry Sintonen + +OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 +--- + scp.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/scp.c b/scp.c +index 60682c687..4f3fdcd3d 100644 +--- a/scp.c ++++ b/scp.c +@@ -1106,7 +1106,8 @@ sink(int argc, char **argv) + SCREWUP("size out of range"); + size = (off_t)ull; + +- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { ++ if (*cp == '\0' || strchr(cp, '/') != NULL || ++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + } diff --git a/main/openssh/CVE-2019-6109.patch b/main/openssh/CVE-2019-6109.patch new file mode 100644 index 0000000000..e58b8b1bd5 --- /dev/null +++ b/main/openssh/CVE-2019-6109.patch @@ -0,0 +1,276 @@ +From 11b88754cadcad0ba79b4ffcc127223248dccb54 Mon Sep 17 00:00:00 2001 +From: "dtucker@openbsd.org" <dtucker@openbsd.org> +Date: Wed, 23 Jan 2019 08:01:46 +0000 +Subject: upstream: Sanitize scp filenames via snmprintf. To do this we move + +the progressmeter formatting outside of signal handler context and have the +atomicio callback called for EINTR too. bz#2434 with contributions from djm +and jjelen at redhat.com, ok djm@ + +OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 + +CVE-2019-6109 + +Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=8976f1c4b2721c26e878151f52bdf346dfe2d54c +Bug-Debian: https://bugs.debian.org/793412 +Last-Update: 2019-02-08 + +Patch-Name: sanitize-scp-filenames-via-snmprintf.patch +--- + atomicio.c | 20 ++++++++++++++----- + progressmeter.c | 53 ++++++++++++++++++++++--------------------------- + progressmeter.h | 3 ++- + scp.c | 1 + + sftp-client.c | 16 ++++++++------- + 5 files changed, 51 insertions(+), 42 deletions(-) + +diff --git a/atomicio.c b/atomicio.c +index f854a06f5..d91bd7621 100644 +--- a/atomicio.c ++++ b/atomicio.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: atomicio.c,v 1.28 2016/07/27 23:18:12 djm Exp $ */ ++/* $OpenBSD: atomicio.c,v 1.29 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2006 Damien Miller. All rights reserved. + * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved. +@@ -65,9 +65,14 @@ atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, + res = (f) (fd, s + pos, n - pos); + switch (res) { + case -1: +- if (errno == EINTR) ++ if (errno == EINTR) { ++ /* possible SIGALARM, update callback */ ++ if (cb != NULL && cb(cb_arg, 0) == -1) { ++ errno = EINTR; ++ return pos; ++ } + continue; +- if (errno == EAGAIN || errno == EWOULDBLOCK) { ++ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { + #ifndef BROKEN_READ_COMPARISON + (void)poll(&pfd, 1, -1); + #endif +@@ -122,9 +127,14 @@ atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, + res = (f) (fd, iov, iovcnt); + switch (res) { + case -1: +- if (errno == EINTR) ++ if (errno == EINTR) { ++ /* possible SIGALARM, update callback */ ++ if (cb != NULL && cb(cb_arg, 0) == -1) { ++ errno = EINTR; ++ return pos; ++ } + continue; +- if (errno == EAGAIN || errno == EWOULDBLOCK) { ++ } else if (errno == EAGAIN || errno == EWOULDBLOCK) { + #ifndef BROKEN_READV_COMPARISON + (void)poll(&pfd, 1, -1); + #endif +diff --git a/progressmeter.c b/progressmeter.c +index fe9bf52e4..add462dde 100644 +--- a/progressmeter.c ++++ b/progressmeter.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: progressmeter.c,v 1.45 2016/06/30 05:17:05 dtucker Exp $ */ ++/* $OpenBSD: progressmeter.c,v 1.46 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2003 Nils Nordman. All rights reserved. + * +@@ -31,6 +31,7 @@ + + #include <errno.h> + #include <signal.h> ++#include <stdarg.h> + #include <stdio.h> + #include <string.h> + #include <time.h> +@@ -39,6 +40,7 @@ + #include "progressmeter.h" + #include "atomicio.h" + #include "misc.h" ++#include "utf8.h" + + #define DEFAULT_WINSIZE 80 + #define MAX_WINSIZE 512 +@@ -61,7 +63,7 @@ static void setscreensize(void); + void refresh_progress_meter(void); + + /* signal handler for updating the progress meter */ +-static void update_progress_meter(int); ++static void sig_alarm(int); + + static double start; /* start progress */ + static double last_update; /* last progress update */ +@@ -74,6 +76,7 @@ static long stalled; /* how long we have been stalled */ + static int bytes_per_second; /* current speed in bytes per second */ + static int win_size; /* terminal window size */ + static volatile sig_atomic_t win_resized; /* for window resizing */ ++static volatile sig_atomic_t alarm_fired; + + /* units for format_size */ + static const char unit[] = " KMGT"; +@@ -126,9 +129,17 @@ refresh_progress_meter(void) + off_t bytes_left; + int cur_speed; + int hours, minutes, seconds; +- int i, len; + int file_len; + ++ if ((!alarm_fired && !win_resized) || !can_output()) ++ return; ++ alarm_fired = 0; ++ ++ if (win_resized) { ++ setscreensize(); ++ win_resized = 0; ++ } ++ + transferred = *counter - (cur_pos ? cur_pos : start_pos); + cur_pos = *counter; + now = monotime_double(); +@@ -158,16 +169,11 @@ refresh_progress_meter(void) + + /* filename */ + buf[0] = '\0'; +- file_len = win_size - 35; ++ file_len = win_size - 36; + if (file_len > 0) { +- len = snprintf(buf, file_len + 1, "\r%s", file); +- if (len < 0) +- len = 0; +- if (len >= file_len + 1) +- len = file_len; +- for (i = len; i < file_len; i++) +- buf[i] = ' '; +- buf[file_len] = '\0'; ++ buf[0] = '\r'; ++ snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", ++ file_len * -1, file); + } + + /* percent of transfer done */ +@@ -228,22 +234,11 @@ refresh_progress_meter(void) + + /*ARGSUSED*/ + static void +-update_progress_meter(int ignore) ++sig_alarm(int ignore) + { +- int save_errno; +- +- save_errno = errno; +- +- if (win_resized) { +- setscreensize(); +- win_resized = 0; +- } +- if (can_output()) +- refresh_progress_meter(); +- +- signal(SIGALRM, update_progress_meter); ++ signal(SIGALRM, sig_alarm); ++ alarm_fired = 1; + alarm(UPDATE_INTERVAL); +- errno = save_errno; + } + + void +@@ -259,10 +254,9 @@ start_progress_meter(const char *f, off_t filesize, off_t *ctr) + bytes_per_second = 0; + + setscreensize(); +- if (can_output()) +- refresh_progress_meter(); ++ refresh_progress_meter(); + +- signal(SIGALRM, update_progress_meter); ++ signal(SIGALRM, sig_alarm); + signal(SIGWINCH, sig_winch); + alarm(UPDATE_INTERVAL); + } +@@ -286,6 +280,7 @@ stop_progress_meter(void) + static void + sig_winch(int sig) + { ++ signal(SIGWINCH, sig_winch); + win_resized = 1; + } + +diff --git a/progressmeter.h b/progressmeter.h +index bf179dca6..8f6678060 100644 +--- a/progressmeter.h ++++ b/progressmeter.h +@@ -1,4 +1,4 @@ +-/* $OpenBSD: progressmeter.h,v 1.3 2015/01/14 13:54:13 djm Exp $ */ ++/* $OpenBSD: progressmeter.h,v 1.4 2019/01/23 08:01:46 dtucker Exp $ */ + /* + * Copyright (c) 2002 Nils Nordman. All rights reserved. + * +@@ -24,4 +24,5 @@ + */ + + void start_progress_meter(const char *, off_t, off_t *); ++void refresh_progress_meter(void); + void stop_progress_meter(void); +diff --git a/scp.c b/scp.c +index 7163d33dc..80308573c 100644 +--- a/scp.c ++++ b/scp.c +@@ -593,6 +593,7 @@ scpio(void *_cnt, size_t s) + off_t *cnt = (off_t *)_cnt; + + *cnt += s; ++ refresh_progress_meter(); + if (limit_kbps > 0) + bandwidth_limit(&bwlimit, s); + return 0; +diff --git a/sftp-client.c b/sftp-client.c +index 4986d6d8d..2bc698f86 100644 +--- a/sftp-client.c ++++ b/sftp-client.c +@@ -101,7 +101,9 @@ sftpio(void *_bwlimit, size_t amount) + { + struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; + +- bandwidth_limit(bwlimit, amount); ++ refresh_progress_meter(); ++ if (bwlimit != NULL) ++ bandwidth_limit(bwlimit, amount); + return 0; + } + +@@ -121,8 +123,8 @@ send_msg(struct sftp_conn *conn, struct sshbuf *m) + iov[1].iov_base = (u_char *)sshbuf_ptr(m); + iov[1].iov_len = sshbuf_len(m); + +- if (atomiciov6(writev, conn->fd_out, iov, 2, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != ++ if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != + sshbuf_len(m) + sizeof(mlen)) + fatal("Couldn't send packet: %s", strerror(errno)); + +@@ -138,8 +140,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) + + if ((r = sshbuf_reserve(m, 4, &p)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- if (atomicio6(read, conn->fd_in, p, 4, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { ++ if (atomicio6(read, conn->fd_in, p, 4, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { + if (errno == EPIPE || errno == ECONNRESET) + fatal("Connection closed"); + else +@@ -157,8 +159,8 @@ get_msg_extended(struct sftp_conn *conn, struct sshbuf *m, int initial) + + if ((r = sshbuf_reserve(m, msg_len, &p)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); +- if (atomicio6(read, conn->fd_in, p, msg_len, +- conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) ++ if (atomicio6(read, conn->fd_in, p, msg_len, sftpio, ++ conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) + != msg_len) { + if (errno == EPIPE) + fatal("Connection closed"); diff --git a/main/openssh/CVE-2019-6111.patch b/main/openssh/CVE-2019-6111.patch new file mode 100644 index 0000000000..519358ce6c --- /dev/null +++ b/main/openssh/CVE-2019-6111.patch @@ -0,0 +1,187 @@ +From 125924e47db3713a85a70e0f8d6c23818d2ea054 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" <djm@openbsd.org> +Date: Sat, 26 Jan 2019 22:41:28 +0000 +Subject: upstream: check in scp client that filenames sent during + +remote->local directory copies satisfy the wildcard specified by the user. + +This checking provides some protection against a malicious server +sending unexpected filenames, but it comes at a risk of rejecting wanted +files due to differences between client and server wildcard expansion rules. + +For this reason, this also adds a new -T flag to disable the check. + +reported by Harry Sintonen +fix approach suggested by markus@; +has been in snaps for ~1wk courtesy deraadt@ + +OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda + +CVE-2019-6111 + +Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=391ffc4b9d31fa1f4ad566499fef9176ff8a07dc +Last-Update: 2019-02-08 + +Patch-Name: check-filenames-in-scp-client.patch +--- + scp.1 | 12 +++++++++++- + scp.c | 37 +++++++++++++++++++++++++++++-------- + 2 files changed, 40 insertions(+), 9 deletions(-) + +diff --git a/scp.1 b/scp.1 +index 0e5cc1b2d..397e77091 100644 +--- a/scp.1 ++++ b/scp.1 +@@ -18,7 +18,7 @@ + .Nd secure copy (remote file copy program) + .Sh SYNOPSIS + .Nm scp +-.Op Fl 346BCpqrv ++.Op Fl 346BCpqrTv + .Op Fl c Ar cipher + .Op Fl F Ar ssh_config + .Op Fl i Ar identity_file +@@ -208,6 +208,16 @@ to use for the encrypted connection. + The program must understand + .Xr ssh 1 + options. ++.It Fl T ++Disable strict filename checking. ++By default when copying files from a remote host to a local directory ++.Nm ++checks that the received filenames match those requested on the command-line ++to prevent the remote end from sending unexpected or unwanted files. ++Because of differences in how various operating systems and shells interpret ++filename wildcards, these checks may cause wanted files to be rejected. ++This option disables these checks at the expense of fully trusting that ++the server will not send unexpected filenames. + .It Fl v + Verbose mode. + Causes +diff --git a/scp.c b/scp.c +index 1971c80cd..035037bcc 100644 +--- a/scp.c ++++ b/scp.c +@@ -94,6 +94,7 @@ + #include <dirent.h> + #include <errno.h> + #include <fcntl.h> ++#include <fnmatch.h> + #include <limits.h> + #include <locale.h> + #include <pwd.h> +@@ -383,14 +384,14 @@ void verifydir(char *); + struct passwd *pwd; + uid_t userid; + int errs, remin, remout; +-int pflag, iamremote, iamrecursive, targetshouldbedirectory; ++int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; + + #define CMDNEEDS 64 + char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ + + int response(void); + void rsource(char *, struct stat *); +-void sink(int, char *[]); ++void sink(int, char *[], const char *); + void source(int, char *[]); + void tolocal(int, char *[]); + void toremote(int, char *[]); +@@ -429,8 +430,9 @@ main(int argc, char **argv) + addargs(&args, "-oRemoteCommand=none"); + addargs(&args, "-oRequestTTY=no"); + +- fflag = tflag = 0; +- while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) ++ fflag = Tflag = tflag = 0; ++ while ((ch = getopt(argc, argv, ++ "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { + switch (ch) { + /* User-visible flags. */ + case '1': +@@ -509,9 +511,13 @@ main(int argc, char **argv) + setmode(0, O_BINARY); + #endif + break; ++ case 'T': ++ Tflag = 1; ++ break; + default: + usage(); + } ++ } + argc -= optind; + argv += optind; + +@@ -542,7 +548,7 @@ main(int argc, char **argv) + } + if (tflag) { + /* Receive data. */ +- sink(argc, argv); ++ sink(argc, argv, NULL); + exit(errs != 0); + } + if (argc < 2) +@@ -800,7 +806,7 @@ tolocal(int argc, char **argv) + continue; + } + free(bp); +- sink(1, argv + argc - 1); ++ sink(1, argv + argc - 1, src); + (void) close(remin); + remin = remout = -1; + } +@@ -976,7 +982,7 @@ rsource(char *name, struct stat *statp) + (sizeof(type) != 4 && sizeof(type) != 8)) + + void +-sink(int argc, char **argv) ++sink(int argc, char **argv, const char *src) + { + static BUF buffer; + struct stat stb; +@@ -992,6 +998,7 @@ sink(int argc, char **argv) + unsigned long long ull; + int setimes, targisdir, wrerrno = 0; + char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; ++ char *src_copy = NULL, *restrict_pattern = NULL; + struct timeval tv[2]; + + #define atime tv[0] +@@ -1016,6 +1023,17 @@ sink(int argc, char **argv) + (void) atomicio(vwrite, remout, "", 1); + if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) + targisdir = 1; ++ if (src != NULL && !iamrecursive && !Tflag) { ++ /* ++ * Prepare to try to restrict incoming filenames to match ++ * the requested destination file glob. ++ */ ++ if ((src_copy = strdup(src)) == NULL) ++ fatal("strdup failed"); ++ if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { ++ *restrict_pattern++ = '\0'; ++ } ++ } + for (first = 1;; first = 0) { + cp = buf; + if (atomicio(read, remin, cp, 1) != 1) +@@ -1120,6 +1138,9 @@ sink(int argc, char **argv) + run_err("error: unexpected filename: %s", cp); + exit(1); + } ++ if (restrict_pattern != NULL && ++ fnmatch(restrict_pattern, cp, 0) != 0) ++ SCREWUP("filename does not match request"); + if (targisdir) { + static char *namebuf; + static size_t cursize; +@@ -1157,7 +1178,7 @@ sink(int argc, char **argv) + goto bad; + } + vect[0] = xstrdup(np); +- sink(1, vect); ++ sink(1, vect, src); + if (setimes) { + setimes = 0; + if (utimes(vect[0], tv) < 0) diff --git a/main/openssh/openssh7.4-peaktput.patch b/main/openssh/openssh7.4-peaktput.patch index 6fc6140a6e..ec76deb3b4 100644 --- a/main/openssh/openssh7.4-peaktput.patch +++ b/main/openssh/openssh7.4-peaktput.patch @@ -9,14 +9,15 @@ static volatile off_t *counter; /* progress counter */ static long stalled; /* how long we have been stalled */ static int bytes_per_second; /* current speed in bytes per second */ -@@ -128,12 +130,17 @@ +@@ -132,6 +132,7 @@ refresh_progress_meter(void) + int cur_speed; int hours, minutes, seconds; - int i, len; int file_len; + off_t delta_pos; - transferred = *counter - (cur_pos ? cur_pos : start_pos); - cur_pos = *counter; + if ((!alarm_fired && !win_resized) || !can_output()) + return; +@@ -147,6 +148,10 @@ refresh_progress_meter(void) now = monotime_double(); bytes_left = end_pos - cur_pos; @@ -27,15 +28,15 @@ if (bytes_left > 0) elapsed = now - last_update; else { -@@ -158,7 +165,7 @@ +@@ -171,7 +176,7 @@ refresh_progress_meter(void) /* filename */ buf[0] = '\0'; -- file_len = win_size - 35; -+ file_len = win_size - 45; +- file_len = win_size - 36; ++ file_len = win_size - 46; if (file_len > 0) { - len = snprintf(buf, file_len + 1, "\r%s", file); - if (len < 0) + buf[0] = '\r'; + snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", @@ -188,6 +195,15 @@ (off_t)bytes_per_second); strlcat(buf, "/s ", win_size); |