--- openssh-5.1p1.orig/session.c 2008-06-16 03:29:18.000000000 -1000 +++ openssh-5.1p1/session.c 2009-01-08 15:52:47.000000000 -1000 @@ -781,7 +781,7 @@ if (options.adm_forced_command) { original_command = command; command = options.adm_forced_command; - if (strcmp(INTERNAL_SFTP_NAME, command) == 0) + if (strstr(command, INTERNAL_SFTP_NAME) == command) s->is_subsystem = SUBSYSTEM_INT_SFTP; else if (s->is_subsystem) s->is_subsystem = SUBSYSTEM_EXT; @@ -789,7 +789,7 @@ } else if (forced_command) { original_command = command; command = forced_command; - if (strcmp(INTERNAL_SFTP_NAME, command) == 0) + if (strstr(command, INTERNAL_SFTP_NAME) == command) s->is_subsystem = SUBSYSTEM_INT_SFTP; else if (s->is_subsystem) s->is_subsystem = SUBSYSTEM_EXT; --- openssh-5.1p1.orig/sftp-server.c 2008-07-03 18:10:19.000000000 -1000 +++ openssh-5.1p1/sftp-server.c 2009-01-08 15:47:18.000000000 -1000 @@ -1322,7 +1322,7 @@ extern char *__progname; fprintf(stderr, - "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname); + "usage: %s [-he] [-l log_level] [-f log_facility] [-u umask]\n", __progname); exit(1); } @@ -1333,7 +1333,8 @@ int in, out, max, ch, skipargs = 0, log_stderr = 0; ssize_t len, olen, set_size; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; - char *cp, buf[4*4096]; + char *cp, *endofnumber, buf[4*4096]; + mode_t umask_val; extern char *optarg; extern char *__progname; @@ -1341,7 +1342,7 @@ __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); - while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) { + while (!skipargs && (ch = getopt(argc, argv, "C:f:l:u:che")) != -1) { switch (ch) { case 'c': /* @@ -1353,6 +1354,12 @@ case 'e': log_stderr = 1; break; + case 'u': + umask_val = (mode_t) strtol(optarg, &endofnumber, 0); + if (optarg == endofnumber) + error("Invalid umask \"%s\"", optarg); + umask(umask_val); + break; case 'l': log_level = log_level_number(optarg); if (log_level == SYSLOG_LEVEL_NOT_SET)