dropbear: svr-runopts.c annotate

annotate svr-runopts.c @ 1306:34e6127ef02e

merge fixes from PuTTY import.c toint() from misc.c (revids are from hggit conversion) changeset: 4620:60a336a6c85c user: Simon Tatham <[email protected]> date: Thu Feb 25 20:26:33 2016 +0000 files: import.c description: Fix potential segfaults in reading OpenSSH's ASN.1 key format. The length coming back from ber_read_id_len might have overflowed, so treat it as potentially negative. Also, while I'm here, accumulate it inside ber_read_id_len as an unsigned, so as to avoid undefined behaviour on integer overflow, and toint() it before return. Thanks to Hanno Böck for spotting this, with the aid of AFL. (cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1) Conflicts: import.c (cherry-picker's note: resolving the conflict involved removing an entire section of the original commit which fixed ECDSA code not present on this branch) changeset: 4619:9c6c638d98d8 user: Simon Tatham <[email protected]> date: Sun Jul 14 10:45:54 2013 +0000 files: import.c ssh.c sshdss.c sshpubk.c sshrsa.c description: Tighten up a lot of casts from unsigned to int which are read by one of the GET_32BIT macros and then used as length fields. Missing bounds checks against zero have been added, and also I've introduced a helper function toint() which casts from unsigned to int in such a way as to avoid C undefined behaviour, since I'm not sure I trust compilers any more to do the obviously sensible thing. [originally from svn r9918] changeset: 4618:3957829f24d3 user: Simon Tatham <[email protected]> date: Mon Jul 08 22:36:04 2013 +0000 files: import.c sshdss.c sshrsa.c description: Add an assortment of extra safety checks. [originally from svn r9896] changeset: 4617:2cddee0bce12 user: Jacob Nevins <[email protected]> date: Wed Dec 07 00:24:45 2005 +0000 files: import.c description: Institutional failure to memset() things pointed at rather than pointers. Things should now be zeroed and memory not leaked. Spotted by Brant Thomsen. [originally from svn r6476] changeset: 4616:24ac78a9c71d user: Simon Tatham <[email protected]> date: Wed Feb 11 13:58:27 2004 +0000 files: import.c description: Jacob's last-minute testing found a couple of trivial bugs in import.c, and my attempts to reproduce them in cmdgen found another one there :-) [originally from svn r3847] changeset: 4615:088d39a73db0 user: Simon Tatham <[email protected]> date: Thu Jan 22 18:52:49 2004 +0000 files: import.c description: Placate some gcc warnings. [originally from svn r3761] changeset: 4614:e4288bad4d93 parent: 1758:108b8924593d user: Simon Tatham <[email protected]> date: Fri Oct 03 21:21:23 2003 +0000 files: import.c description: My ASN.1 decoder returned wrong IDs for anything above 0x1E! Good job it's never had to yet. Ahem. [originally from svn r3479]

author	Matt Johnston <matt@ucc.asn.au>
date	Tue, 12 Jul 2016 23:00:01 +0800
parents	64a50eac1030
children	a23386821e9f b28624698130

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 /*
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2 * Dropbear - a SSH2 server
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	3 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	5 * All rights reserved.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	6 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	7 * Permission is hereby granted, free of charge, to any person obtaining a copy
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	8 * of this software and associated documentation files (the "Software"), to deal
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	9 * in the Software without restriction, including without limitation the rights
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	11 * copies of the Software, and to permit persons to whom the Software is
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	12 * furnished to do so, subject to the following conditions:
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	13 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 * The above copyright notice and this permission notice shall be included in
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15 * all copies or substantial portions of the Software.
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	16 *
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	23 * SOFTWARE. */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	24
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	25 #include "includes.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 #include "runopts.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 #include "signkey.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	28 #include "buffer.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 #include "dbutil.h"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30 #include "algo.h"
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	31 #include "ecdsa.h"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	33 svr_runopts svr_opts; /* GLOBAL */
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	34
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	35 static void printhelp(const char * progname);
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	36 static void addportandaddress(const char* spec);
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	37 static void loadhostkey(const char *keyfile, int fatal_duplicate);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	38 static void addhostkey(const char *keyfile);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	40 static void printhelp(const char * progname) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	41
716 af4ef98b8591 Add URL to usage text Matt Johnston <matt@ucc.asn.au> parents: 706 diff changeset	42 fprintf(stderr, "Dropbear server v%s https://matt.ucc.asn.au/dropbear/dropbear.html\n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	43 "Usage: %s [options]\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44 "-b bannerfile Display the contents of bannerfile"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	45 " before user login\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	46 " (default: none)\n"
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	47 "-r keyfile Specify hostkeys (repeatable)\n"
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	48 " defaults: \n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	49 #ifdef DROPBEAR_DSS
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	50 " dss %s\n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	51 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	52 #ifdef DROPBEAR_RSA
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	53 " rsa %s\n"
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	54 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	55 #ifdef DROPBEAR_ECDSA
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	56 " ecdsa %s\n"
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	57 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	58 #ifdef DROPBEAR_DELAY_HOSTKEY
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	59 "-R Create hostkeys as required\n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	60 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61 "-F Don't fork into background\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	62 #ifdef DISABLE_SYSLOG
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 "(Syslog support not compiled in, using stderr)\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	64 #else
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 "-E Log to stderr rather than syslog\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	66 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 #ifdef DO_MOTD
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 "-m Don't display the motd on login\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	69 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70 "-w Disallow root logins\n"
121 9337c9f9a607 PAM improvements Matt Johnston <matt@ucc.asn.au> parents: 104 diff changeset	71 #if defined(ENABLE_SVR_PASSWORD_AUTH) \|\| defined(ENABLE_SVR_PAM_AUTH)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	72 "-s Disable password logins\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73 "-g Disable password logins for root\n"
692 c58a15983808 Allow configuring "allow blank password option" at runtime Paul Eggleton <paul.eggleton@linux.intel.com> parents: 671 diff changeset	74 "-B Allow blank password logins\n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75 #endif
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	76 #ifdef ENABLE_SVR_LOCALTCPFWD
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	77 "-j Disable local port forwarding\n"
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	78 #endif
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	79 #ifdef ENABLE_SVR_REMOTETCPFWD
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	80 "-k Disable remote port forwarding\n"
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	81 "-a Allow connections to forwarded ports from any host\n"
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82 #endif
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	83 "-p [address:]port\n"
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	84 " Listen on specified tcp port (and optionally address),\n"
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	85 " up to %d can be specified\n"
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	86 " (default port is %s if none specified)\n"
323 3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	87 "-P PidFile Create pid file PidFile\n"
3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	88 " (default %s)\n"
71 ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	89 #ifdef INETD_MODE
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	90 "-i Start for inetd\n"
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	91 #endif
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	92 "-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n"
622 e27d7fb23376 Mention that the value is in seconds Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	93 "-K <keepalive> (0 is never, default %d, in seconds)\n"
e27d7fb23376 Mention that the value is in seconds Matt Johnston <matt@ucc.asn.au> parents: 594 diff changeset	94 "-I <idle_timeout> (0 is never, default %d, in seconds)\n"
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 876 diff changeset	95 "-V Version\n"
94 c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	96 #ifdef DEBUG_TRACE
510 b85507ade010 - Update manuals, include section on authorized_keys Matt Johnston <matt@ucc.asn.au> parents: 492 diff changeset	97 "-v verbose (compiled with DEBUG_TRACE)\n"
94 c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	98 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	99 ,DROPBEAR_VERSION, progname,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	100 #ifdef DROPBEAR_DSS
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	101 DSS_PRIV_FILENAME,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	102 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	103 #ifdef DROPBEAR_RSA
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	104 RSA_PRIV_FILENAME,
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	105 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	106 #ifdef DROPBEAR_ECDSA
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	107 ECDSA_PRIV_FILENAME,
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	108 #endif
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	109 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE,
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	110 DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	111 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	112
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	113 void svr_getopts(int argc, char ** argv) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	114
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	115 unsigned int i, j;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	116 char ** next = 0;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	117 int nextisport = 0;
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	118 char* recv_window_arg = NULL;
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	119 char* keepalive_arg = NULL;
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	120 char* idle_timeout_arg = NULL;
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	121 char* keyfile = NULL;
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	122 char c;
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	123
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	124
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	125 /* see printhelp() for options */
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	126 svr_opts.bannerfile = NULL;
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	127 svr_opts.banner = NULL;
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	128 svr_opts.forkbg = 1;
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	129 svr_opts.norootlogin = 0;
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	130 svr_opts.noauthpass = 0;
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	131 svr_opts.norootpass = 0;
692 c58a15983808 Allow configuring "allow blank password option" at runtime Paul Eggleton <paul.eggleton@linux.intel.com> parents: 671 diff changeset	132 svr_opts.allowblankpass = 0;
71 ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	133 svr_opts.inetdmode = 0;
101 72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	134 svr_opts.portcount = 0;
72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	135 svr_opts.hostkey = NULL;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	136 svr_opts.delay_hostkey = 0;
323 3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	137 svr_opts.pidfile = DROPBEAR_PIDFILE;
271 be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	138 #ifdef ENABLE_SVR_LOCALTCPFWD
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	139 svr_opts.nolocaltcp = 0;
271 be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	140 #endif
be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	141 #ifdef ENABLE_SVR_REMOTETCPFWD
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	142 svr_opts.noremotetcp = 0;
271 be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	143 #endif
996 47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	144
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 568 diff changeset	145 #ifndef DISABLE_ZLIB
996 47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	146 #if DROPBEAR_SERVER_DELAY_ZLIB
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	147 opts.compress_mode = DROPBEAR_COMPRESS_DELAYED;
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	148 #else
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	149 opts.compress_mode = DROPBEAR_COMPRESS_ON;
575 f9b5dc0cba61 - Disable compression for non-final multihops Matt Johnston <matt@ucc.asn.au> parents: 568 diff changeset	150 #endif
996 47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	151 #endif
47643024fc90 Disable non-delayed zlib for server Matt Johnston <matt@ucc.asn.au> parents: 976 diff changeset	152
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	153 /* not yet
33 f789045062e6 Progressing client support Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	154 opts.ipv4 = 1;
f789045062e6 Progressing client support Matt Johnston <matt@ucc.asn.au> parents: 24 diff changeset	155 opts.ipv6 = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	156 */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	157 #ifdef DO_MOTD
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	158 svr_opts.domotd = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	159 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	160 #ifndef DISABLE_SYSLOG
1210 64a50eac1030 Moved usingsyslog from svr_runopts to runopts. Konstantin Tokarev <ktokarev@smartlabs.tv> parents: 1197 diff changeset	161 opts.usingsyslog = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	162 #endif
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	163 opts.recv_window = DEFAULT_RECV_WINDOW;
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	164 opts.keepalive_secs = DEFAULT_KEEPALIVE;
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	165 opts.idle_timeout_secs = DEFAULT_IDLE_TIMEOUT;
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	166
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	167 #ifdef ENABLE_SVR_REMOTETCPFWD
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	168 opts.listen_fwd_all = 0;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	169 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	170
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	171 for (i = 1; i < (unsigned int)argc; i++) {
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	172 if (argv[i][0] != '-' \|\| argv[i][1] == '\0')
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	173 dropbear_exit("Invalid argument: %s", argv[i]);
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	174
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	175 for (j = 1; (c = argv[i][j]) != '\0' && !next && !nextisport; j++) {
1153 67d8a904f5a9 don't silently ignore extra flag arguments Matt Johnston <matt@ucc.asn.au> parents: 996 diff changeset	176 switch (c) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	177 case 'b':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	178 next = &svr_opts.bannerfile;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	179 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	180 case 'd':
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	181 case 'r':
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	182 next = &keyfile;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	183 break;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	184 case 'R':
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	185 svr_opts.delay_hostkey = 1;
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	186 break;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	187 case 'F':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	188 svr_opts.forkbg = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	189 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	190 #ifndef DISABLE_SYSLOG
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	191 case 'E':
1210 64a50eac1030 Moved usingsyslog from svr_runopts to runopts. Konstantin Tokarev <ktokarev@smartlabs.tv> parents: 1197 diff changeset	192 opts.usingsyslog = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	193 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	194 #endif
271 be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	195 #ifdef ENABLE_SVR_LOCALTCPFWD
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	196 case 'j':
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	197 svr_opts.nolocaltcp = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	198 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	199 #endif
271 be18c7dd486e Fix up #ifdefs for tcp forwarding Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	200 #ifdef ENABLE_SVR_REMOTETCPFWD
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	201 case 'k':
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	202 svr_opts.noremotetcp = 1;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	203 break;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	204 case 'a':
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	205 opts.listen_fwd_all = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	206 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	207 #endif
71 ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	208 #ifdef INETD_MODE
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	209 case 'i':
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	210 svr_opts.inetdmode = 1;
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	211 break;
ac96bc733e71 adding inetd mode back from 0.43 Matt Johnston <matt@ucc.asn.au> parents: 68 diff changeset	212 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	213 case 'p':
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	214 nextisport = 1;
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	215 break;
323 3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	216 case 'P':
3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	217 next = &svr_opts.pidfile;
3bfbe95f9a14 Add -P pidfile patch from Swen Schillig Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	218 break;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	219 #ifdef DO_MOTD
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	220 /* motd is displayed by default, -m turns it off */
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	221 case 'm':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	222 svr_opts.domotd = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	223 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	224 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	225 case 'w':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	226 svr_opts.norootlogin = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	227 break;
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	228 case 'W':
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	229 next = &recv_window_arg;
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	230 break;
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	231 case 'K':
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	232 next = &keepalive_arg;
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	233 break;
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	234 case 'I':
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	235 next = &idle_timeout_arg;
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	236 break;
121 9337c9f9a607 PAM improvements Matt Johnston <matt@ucc.asn.au> parents: 104 diff changeset	237 #if defined(ENABLE_SVR_PASSWORD_AUTH) \|\| defined(ENABLE_SVR_PAM_AUTH)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	238 case 's':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	239 svr_opts.noauthpass = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	240 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	241 case 'g':
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	242 svr_opts.norootpass = 1;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	243 break;
692 c58a15983808 Allow configuring "allow blank password option" at runtime Paul Eggleton <paul.eggleton@linux.intel.com> parents: 671 diff changeset	244 case 'B':
c58a15983808 Allow configuring "allow blank password option" at runtime Paul Eggleton <paul.eggleton@linux.intel.com> parents: 671 diff changeset	245 svr_opts.allowblankpass = 1;
c58a15983808 Allow configuring "allow blank password option" at runtime Paul Eggleton <paul.eggleton@linux.intel.com> parents: 671 diff changeset	246 break;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	247 #endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	248 case 'h':
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	249 printhelp(argv[0]);
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 876 diff changeset	250 exit(EXIT_SUCCESS);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	251 break;
442 d82a2a44c684 Add -u option to specify /dev/urandom instead Matt Johnston <matt@ucc.asn.au> parents: 435 diff changeset	252 case 'u':
446 2cd2edfa11ee Just use /dev/urandom since that's what everyone ends up using anyway. Matt Johnston <matt@ucc.asn.au> parents: 442 diff changeset	253 /* backwards compatibility with old urandom option */
442 d82a2a44c684 Add -u option to specify /dev/urandom instead Matt Johnston <matt@ucc.asn.au> parents: 435 diff changeset	254 break;
94 c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	255 #ifdef DEBUG_TRACE
c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	256 case 'v':
c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	257 debug_trace = 1;
c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	258 break;
c85c88500ea6 DEBUG_TRACE now only triggers with -v on the cmdline Matt Johnston <matt@ucc.asn.au> parents: 91 diff changeset	259 #endif
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 876 diff changeset	260 case 'V':
948 f92eb625c48d - Don't use multichar constants since recent gcc complains Matt Johnston <matt@ucc.asn.au> parents: 946 diff changeset	261 print_version();
946 17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 876 diff changeset	262 exit(EXIT_SUCCESS);
17d874ae93a1 Add '-V' for version Matt Johnston <matt@ucc.asn.au> parents: 876 diff changeset	263 break;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	264 default:
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	265 fprintf(stderr, "Invalid option -%c\n", c);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	266 printhelp(argv[0]);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	267 exit(EXIT_FAILURE);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	268 break;
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	269 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	270 }
1164 8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	271
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	272 if (!next && !nextisport)
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	273 continue;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	274
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	275 if (c == '\0') {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	276 i++;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	277 j = 0;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	278 if (!argv[i]) {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	279 dropbear_exit("Missing argument");
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	280 }
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	281 }
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	282
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	283 if (nextisport) {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	284 addportandaddress(&argv[i][j]);
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	285 nextisport = 0;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	286 } else if (next) {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	287 *next = &argv[i][j];
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	288 if (*next == NULL) {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	289 dropbear_exit("Invalid null argument");
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	290 }
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	291 next = 0x00;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	292
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	293 if (keyfile) {
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	294 addhostkey(keyfile);
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	295 keyfile = NULL;
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	296 }
8b6cba298768 Enable bundling Guilhem Moulin <guilhem@fripost.org> parents: 1160 diff changeset	297 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	298 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	299
101 72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	300 /* Set up listening ports */
72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	301 if (svr_opts.portcount == 0) {
72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	302 svr_opts.ports[0] = m_strdup(DROPBEAR_DEFPORT);
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	303 svr_opts.addresses[0] = m_strdup(DROPBEAR_DEFADDRESS);
101 72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	304 svr_opts.portcount = 1;
72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	305 }
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	306
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	307 if (svr_opts.bannerfile) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	308 struct stat buf;
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	309 if (stat(svr_opts.bannerfile, &buf) != 0) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	310 dropbear_exit("Error opening banner file '%s'",
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	311 svr_opts.bannerfile);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	312 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	313
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	314 if (buf.st_size > MAX_BANNER_SIZE) {
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	315 dropbear_exit("Banner file too large, max is %d bytes",
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	316 MAX_BANNER_SIZE);
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	317 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	318
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	319 svr_opts.banner = buf_new(buf.st_size);
469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	320 if (buf_readfile(svr_opts.banner, svr_opts.bannerfile)!=DROPBEAR_SUCCESS) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	321 dropbear_exit("Error reading banner file '%s'",
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	322 svr_opts.bannerfile);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	323 }
24 469950e86d0f switching to global vars Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	324 buf_setpos(svr_opts.banner, 0);
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	325 }
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	326
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	327 if (recv_window_arg) {
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	328 opts.recv_window = atol(recv_window_arg);
492 b956d6151600 Replace calls to strtoul() with a helper m_str_to_uint() Matt Johnston <matt@ucc.asn.au> parents: 454 diff changeset	329 if (opts.recv_window == 0 \|\| opts.recv_window > MAX_RECV_WINDOW) {
449 3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	330 dropbear_exit("Bad recv window '%s'", recv_window_arg);
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	331 }
3e6c536bc023 Add -W <windowsize> argument and document it. Matt Johnston <matt@ucc.asn.au> parents: 446 diff changeset	332 }
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	333
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	334 if (keepalive_arg) {
568 005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	335 unsigned int val;
005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	336 if (m_str_to_uint(keepalive_arg, &val) == DROPBEAR_FAILURE) {
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	337 dropbear_exit("Bad keepalive '%s'", keepalive_arg);
7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	338 }
568 005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	339 opts.keepalive_secs = val;
454 7e43f5e473b9 - Add -K keepalive flag for dropbear and dbclient Matt Johnston <matt@ucc.asn.au> parents: 449 diff changeset	340 }
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	341
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	342 if (idle_timeout_arg) {
568 005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	343 unsigned int val;
005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	344 if (m_str_to_uint(idle_timeout_arg, &val) == DROPBEAR_FAILURE) {
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	345 dropbear_exit("Bad idle_timeout '%s'", idle_timeout_arg);
a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	346 }
568 005530560594 Rearrange getaddrstring() etc Matt Johnston <matt@ucc.asn.au> parents: 513 diff changeset	347 opts.idle_timeout_secs = val;
513 a3748e54273c Idle timeout patch from Farrell Aultman. Needs testing, unsure if server Matt Johnston <matt@ucc.asn.au> parents: 510 diff changeset	348 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	349 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	350
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	351 static void addportandaddress(const char* spec) {
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	352 char spec_copy = NULL, myspec = NULL, port = NULL, address = NULL;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	353
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	354 if (svr_opts.portcount < DROPBEAR_MAX_PORTS) {
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	355
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	356 /* We don't free it, it becomes part of the runopt state */
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	357 spec_copy = m_strdup(spec);
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	358 myspec = spec_copy;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	359
706 002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	360 if (myspec[0] == '[') {
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	361 myspec++;
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	362 port = strchr(myspec, ']');
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	363 if (!port) {
706 002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	364 /* Unmatched [ -> exit */
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	365 dropbear_exit("Bad listen address");
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	366 }
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	367 port[0] = '\0';
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	368 port++;
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	369 if (port[0] != ':') {
706 002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	370 /* Missing port -> exit */
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	371 dropbear_exit("Missing port");
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	372 }
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	373 } else {
002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	374 /* search for ':', that separates address and port */
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	375 port = strrchr(myspec, ':');
706 002cf09827c0 Allow specifying server "-p" options with ipv6 bracket notation, Matt Johnston <matt@ucc.asn.au> parents: 692 diff changeset	376 }
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	377
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	378 if (!port) {
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	379 /* no ':' -> the whole string specifies just a port */
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	380 port = myspec;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	381 } else {
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	382 /* Split the address/port */
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	383 port[0] = '\0';
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	384 port++;
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	385 address = myspec;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	386 }
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	387
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	388 if (!address) {
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	389 /* no address given -> fill in the default address */
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	390 address = DROPBEAR_DEFADDRESS;
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	391 }
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	392
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	393 if (port[0] == '\0') {
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	394 /* empty port -> exit */
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	395 dropbear_exit("Bad port");
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	396 }
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	397 svr_opts.ports[svr_opts.portcount] = m_strdup(port);
86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	398 svr_opts.addresses[svr_opts.portcount] = m_strdup(address);
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	399 svr_opts.portcount++;
1197 86a9e0204c03 ports and addresses must be malloced to avoid segfault on exit Matt Johnston <matt@ucc.asn.au> parents: 1177 diff changeset	400 m_free(spec_copy);
434 0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	401 }
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	402 }
0aaaf68e97dc Add -p [address:]port option for binding to addresses, patch from Matt Johnston <matt@ucc.asn.au> parents: 271 diff changeset	403
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	404 static void disablekey(int type) {
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	405 int i;
802 4029d3432a4f Fix broken disablekey() Matt Johnston <matt@ucc.asn.au> parents: 795 diff changeset	406 TRACE(("Disabling key type %d", type))
47 4b53a43f0082 - client pubkey auth works Matt Johnston <matt@ucc.asn.au> parents: 33 diff changeset	407 for (i = 0; sshhostkey[i].name != NULL; i++) {
4b53a43f0082 - client pubkey auth works Matt Johnston <matt@ucc.asn.au> parents: 33 diff changeset	408 if (sshhostkey[i].val == type) {
802 4029d3432a4f Fix broken disablekey() Matt Johnston <matt@ucc.asn.au> parents: 795 diff changeset	409 sshhostkey[i].usable = 0;
47 4b53a43f0082 - client pubkey auth works Matt Johnston <matt@ucc.asn.au> parents: 33 diff changeset	410 break;
4b53a43f0082 - client pubkey auth works Matt Johnston <matt@ucc.asn.au> parents: 33 diff changeset	411 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	412 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	413 }
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	414
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	415 static void loadhostkey_helper(const char name, void* src, void** dst, int fatal_duplicate) {
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	416 if (*dst) {
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	417 if (fatal_duplicate) {
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	418 dropbear_exit("Only one %s key can be specified", name);
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	419 }
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	420 } else {
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	421 dst = src;
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	422 *src = NULL;
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	423 }
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	424
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	425 }
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	426
101 72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	427 /* Must be called after syslog/etc is working */
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	428 static void loadhostkey(const char *keyfile, int fatal_duplicate) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	429 sign_key * read_key = new_sign_key();
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	430 enum signkey_type type = DROPBEAR_SIGNKEY_ANY;
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	431 if (readhostkey(keyfile, read_key, &type) == DROPBEAR_FAILURE) {
976 964d41e3aeb2 Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled Steven Honeyman <stevenhoneyman@gmail.com> parents: 948 diff changeset	432 if (!svr_opts.delay_hostkey) {
964d41e3aeb2 Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled Steven Honeyman <stevenhoneyman@gmail.com> parents: 948 diff changeset	433 dropbear_log(LOG_WARNING, "Failed loading %s", keyfile);
964d41e3aeb2 Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled Steven Honeyman <stevenhoneyman@gmail.com> parents: 948 diff changeset	434 }
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	435 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	436
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	437 #ifdef DROPBEAR_RSA
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	438 if (type == DROPBEAR_SIGNKEY_RSA) {
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 847 diff changeset	439 loadhostkey_helper("RSA", (void)&read_key->rsakey, (void)&svr_opts.hostkey->rsakey, fatal_duplicate);
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	440 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	441 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	442
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	443 #ifdef DROPBEAR_DSS
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	444 if (type == DROPBEAR_SIGNKEY_DSS) {
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 847 diff changeset	445 loadhostkey_helper("DSS", (void)&read_key->dsskey, (void)&svr_opts.hostkey->dsskey, fatal_duplicate);
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	446 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	447 #endif
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	448
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	449 #ifdef DROPBEAR_ECDSA
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	450 #ifdef DROPBEAR_ECC_256
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	451 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256) {
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 847 diff changeset	452 loadhostkey_helper("ECDSA256", (void)&read_key->ecckey256, (void)&svr_opts.hostkey->ecckey256, fatal_duplicate);
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	453 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	454 #endif
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	455 #ifdef DROPBEAR_ECC_384
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	456 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP384) {
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 847 diff changeset	457 loadhostkey_helper("ECDSA384", (void)&read_key->ecckey384, (void)&svr_opts.hostkey->ecckey384, fatal_duplicate);
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	458 }
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	459 #endif
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	460 #ifdef DROPBEAR_ECC_521
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	461 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
852 7540c0822374 Various cleanups and fixes for warnings Matt Johnston <matt@ucc.asn.au> parents: 847 diff changeset	462 loadhostkey_helper("ECDSA521", (void)&read_key->ecckey521, (void)&svr_opts.hostkey->ecckey521, fatal_duplicate);
807 75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	463 }
75509065db53 have separate ecdsa keys for each size Matt Johnston <matt@ucc.asn.au> parents: 802 diff changeset	464 #endif
857 c19acba28590 use oldstyle comments Matt Johnston <matt@ucc.asn.au> parents: 852 diff changeset	465 #endif /* DROPBEAR_ECDSA */
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	466 sign_key_free(read_key);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	467 TRACE(("leave loadhostkey"))
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	468 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	469
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	470 static void addhostkey(const char *keyfile) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	471 if (svr_opts.num_hostkey_files >= MAX_HOSTKEYS) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	472 dropbear_exit("Too many hostkeys");
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	473 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	474 svr_opts.hostkey_files[svr_opts.num_hostkey_files] = m_strdup(keyfile);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	475 svr_opts.num_hostkey_files++;
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	476 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	477
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	478 void load_all_hostkeys() {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	479 int i;
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	480 int disable_unset_keys = 1;
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	481 int any_keys = 0;
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	482
101 72dc22f56858 Change the way we load keys/ports so we don't print error messages into our Matt Johnston <matt@ucc.asn.au> parents: 94 diff changeset	483 svr_opts.hostkey = new_sign_key();
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	484
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	485 for (i = 0; i < svr_opts.num_hostkey_files; i++) {
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	486 char *hostkey_file = svr_opts.hostkey_files[i];
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	487 loadhostkey(hostkey_file, 1);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	488 m_free(hostkey_file);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	489 }
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	490
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	491 #ifdef DROPBEAR_RSA
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	492 loadhostkey(RSA_PRIV_FILENAME, 0);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	493 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	494
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	495 #ifdef DROPBEAR_DSS
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	496 loadhostkey(DSS_PRIV_FILENAME, 0);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	497 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	498
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	499 #ifdef DROPBEAR_ECDSA
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	500 loadhostkey(ECDSA_PRIV_FILENAME, 0);
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	501 #endif
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	502
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	503 #ifdef DROPBEAR_DELAY_HOSTKEY
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	504 if (svr_opts.delay_hostkey) {
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	505 disable_unset_keys = 0;
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	506 }
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	507 #endif
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	508
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	509 #ifdef DROPBEAR_RSA
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	510 if (disable_unset_keys && !svr_opts.hostkey->rsakey) {
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	511 disablekey(DROPBEAR_SIGNKEY_RSA);
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	512 } else {
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	513 any_keys = 1;
17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	514 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	515 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	516
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	517 #ifdef DROPBEAR_DSS
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	518 if (disable_unset_keys && !svr_opts.hostkey->dsskey) {
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	519 disablekey(DROPBEAR_SIGNKEY_DSS);
5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	520 } else {
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	521 any_keys = 1;
17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	522 }
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	523 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	524
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	525
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	526 #ifdef DROPBEAR_ECDSA
7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	527 #ifdef DROPBEAR_ECC_256
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	528 if ((disable_unset_keys \|\| ECDSA_DEFAULT_SIZE != 256)
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	529 && !svr_opts.hostkey->ecckey256) {
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	530 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP256);
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	531 } else {
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	532 any_keys = 1;
17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	533 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	534 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	535
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	536 #ifdef DROPBEAR_ECC_384
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	537 if ((disable_unset_keys \|\| ECDSA_DEFAULT_SIZE != 384)
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	538 && !svr_opts.hostkey->ecckey384) {
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	539 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP384);
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	540 } else {
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	541 any_keys = 1;
17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	542 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	543 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	544
795 7f604f9b3756 ecdsa is working Matt Johnston <matt@ucc.asn.au> parents: 716 diff changeset	545 #ifdef DROPBEAR_ECC_521
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	546 if ((disable_unset_keys \|\| ECDSA_DEFAULT_SIZE != 521)
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	547 && !svr_opts.hostkey->ecckey521) {
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	548 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521);
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	549 } else {
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	550 any_keys = 1;
17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	551 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	552 #endif
847 f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	553 #endif /* DROPBEAR_ECDSA */
f4bb964c8678 Add '-R' for delayed hostkey option Matt Johnston <matt@ucc.asn.au> parents: 846 diff changeset	554
876 5bfce5dcd461 Fix disabling DSS key Matt Johnston <matt@ucc.asn.au> parents: 873 diff changeset	555 if (!any_keys) {
1177 53751952ed95 mention dropbearkey too Matt Johnston <matt@ucc.asn.au> parents: 1176 diff changeset	556 dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey.");
873 17b15683648d Exit if we don't have keys and -R wasn't specified Matt Johnston <matt@ucc.asn.au> parents: 857 diff changeset	557 }
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	558 }

Mercurial > dropbear

annotate svr-runopts.c @ 1306:34e6127ef02e