Mercurial > dropbear
annotate svr-runopts.c @ 1306:34e6127ef02e
merge fixes from PuTTY import.c
toint() from misc.c
(revids are from hggit conversion)
changeset: 4620:60a336a6c85c
user: Simon Tatham <[email protected]>
date: Thu Feb 25 20:26:33 2016 +0000
files: import.c
description:
Fix potential segfaults in reading OpenSSH's ASN.1 key format.
The length coming back from ber_read_id_len might have overflowed, so
treat it as potentially negative. Also, while I'm here, accumulate it
inside ber_read_id_len as an unsigned, so as to avoid undefined
behaviour on integer overflow, and toint() it before return.
Thanks to Hanno Böck for spotting this, with the aid of AFL.
(cherry picked from commit 5b7833cd474a24ec098654dcba8cb9509f3bf2c1)
Conflicts:
import.c
(cherry-picker's note: resolving the conflict involved removing an
entire section of the original commit which fixed ECDSA code not
present on this branch)
changeset: 4619:9c6c638d98d8
user: Simon Tatham <[email protected]>
date: Sun Jul 14 10:45:54 2013 +0000
files: import.c ssh.c sshdss.c sshpubk.c sshrsa.c
description:
Tighten up a lot of casts from unsigned to int which are read by one
of the GET_32BIT macros and then used as length fields. Missing bounds
checks against zero have been added, and also I've introduced a helper
function toint() which casts from unsigned to int in such a way as to
avoid C undefined behaviour, since I'm not sure I trust compilers any
more to do the obviously sensible thing.
[originally from svn r9918]
changeset: 4618:3957829f24d3
user: Simon Tatham <[email protected]>
date: Mon Jul 08 22:36:04 2013 +0000
files: import.c sshdss.c sshrsa.c
description:
Add an assortment of extra safety checks.
[originally from svn r9896]
changeset: 4617:2cddee0bce12
user: Jacob Nevins <[email protected]>
date: Wed Dec 07 00:24:45 2005 +0000
files: import.c
description:
Institutional failure to memset() things pointed at rather than pointers.
Things should now be zeroed and memory not leaked. Spotted by Brant Thomsen.
[originally from svn r6476]
changeset: 4616:24ac78a9c71d
user: Simon Tatham <[email protected]>
date: Wed Feb 11 13:58:27 2004 +0000
files: import.c
description:
Jacob's last-minute testing found a couple of trivial bugs in
import.c, and my attempts to reproduce them in cmdgen found another
one there :-)
[originally from svn r3847]
changeset: 4615:088d39a73db0
user: Simon Tatham <[email protected]>
date: Thu Jan 22 18:52:49 2004 +0000
files: import.c
description:
Placate some gcc warnings.
[originally from svn r3761]
changeset: 4614:e4288bad4d93
parent: 1758:108b8924593d
user: Simon Tatham <[email protected]>
date: Fri Oct 03 21:21:23 2003 +0000
files: import.c
description:
My ASN.1 decoder returned wrong IDs for anything above 0x1E! Good
job it's never had to yet. Ahem.
[originally from svn r3479]
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 12 Jul 2016 23:00:01 +0800 |
parents | 64a50eac1030 |
children | a23386821e9f b28624698130 |
rev | line source |
---|---|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 #include "includes.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #include "runopts.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 #include "signkey.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "buffer.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 #include "dbutil.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
30 #include "algo.h" |
795 | 31 #include "ecdsa.h" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 |
24 | 33 svr_runopts svr_opts; /* GLOBAL */ |
34 | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 static void printhelp(const char * progname); |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
36 static void addportandaddress(const char* spec); |
795 | 37 static void loadhostkey(const char *keyfile, int fatal_duplicate); |
38 static void addhostkey(const char *keyfile); | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
39 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 static void printhelp(const char * progname) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
41 |
716 | 42 fprintf(stderr, "Dropbear server v%s https://matt.ucc.asn.au/dropbear/dropbear.html\n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
43 "Usage: %s [options]\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
44 "-b bannerfile Display the contents of bannerfile" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
45 " before user login\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
46 " (default: none)\n" |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
47 "-r keyfile Specify hostkeys (repeatable)\n" |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
48 " defaults: \n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
49 #ifdef DROPBEAR_DSS |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
50 " dss %s\n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
51 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
52 #ifdef DROPBEAR_RSA |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
53 " rsa %s\n" |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
54 #endif |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
55 #ifdef DROPBEAR_ECDSA |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
56 " ecdsa %s\n" |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
57 #endif |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
58 #ifdef DROPBEAR_DELAY_HOSTKEY |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
59 "-R Create hostkeys as required\n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
60 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
61 "-F Don't fork into background\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
62 #ifdef DISABLE_SYSLOG |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
63 "(Syslog support not compiled in, using stderr)\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 #else |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
65 "-E Log to stderr rather than syslog\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 #ifdef DO_MOTD |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 "-m Don't display the motd on login\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 "-w Disallow root logins\n" |
121 | 71 #if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH) |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
72 "-s Disable password logins\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
73 "-g Disable password logins for root\n" |
692
c58a15983808
Allow configuring "allow blank password option" at runtime
Paul Eggleton <paul.eggleton@linux.intel.com>
parents:
671
diff
changeset
|
74 "-B Allow blank password logins\n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 #endif |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
76 #ifdef ENABLE_SVR_LOCALTCPFWD |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
77 "-j Disable local port forwarding\n" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
78 #endif |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
79 #ifdef ENABLE_SVR_REMOTETCPFWD |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 "-k Disable remote port forwarding\n" |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
81 "-a Allow connections to forwarded ports from any host\n" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 #endif |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
83 "-p [address:]port\n" |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
84 " Listen on specified tcp port (and optionally address),\n" |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
85 " up to %d can be specified\n" |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
86 " (default port is %s if none specified)\n" |
323
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
87 "-P PidFile Create pid file PidFile\n" |
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
88 " (default %s)\n" |
71
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
89 #ifdef INETD_MODE |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
90 "-i Start for inetd\n" |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
91 #endif |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
92 "-W <receive_window_buffer> (default %d, larger may be faster, max 1MB)\n" |
622
e27d7fb23376
Mention that the value is in seconds
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
93 "-K <keepalive> (0 is never, default %d, in seconds)\n" |
e27d7fb23376
Mention that the value is in seconds
Matt Johnston <matt@ucc.asn.au>
parents:
594
diff
changeset
|
94 "-I <idle_timeout> (0 is never, default %d, in seconds)\n" |
946 | 95 "-V Version\n" |
94
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
96 #ifdef DEBUG_TRACE |
510
b85507ade010
- Update manuals, include section on authorized_keys
Matt Johnston <matt@ucc.asn.au>
parents:
492
diff
changeset
|
97 "-v verbose (compiled with DEBUG_TRACE)\n" |
94
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
98 #endif |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
99 ,DROPBEAR_VERSION, progname, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
100 #ifdef DROPBEAR_DSS |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
101 DSS_PRIV_FILENAME, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
102 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
103 #ifdef DROPBEAR_RSA |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
104 RSA_PRIV_FILENAME, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
105 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
106 #ifdef DROPBEAR_ECDSA |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
107 ECDSA_PRIV_FILENAME, |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
108 #endif |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
109 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE, |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
110 DEFAULT_RECV_WINDOW, DEFAULT_KEEPALIVE, DEFAULT_IDLE_TIMEOUT); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
112 |
24 | 113 void svr_getopts(int argc, char ** argv) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
114 |
1164 | 115 unsigned int i, j; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
116 char ** next = 0; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
117 int nextisport = 0; |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
118 char* recv_window_arg = NULL; |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
119 char* keepalive_arg = NULL; |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
120 char* idle_timeout_arg = NULL; |
795 | 121 char* keyfile = NULL; |
1164 | 122 char c; |
795 | 123 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
124 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
125 /* see printhelp() for options */ |
24 | 126 svr_opts.bannerfile = NULL; |
127 svr_opts.banner = NULL; | |
128 svr_opts.forkbg = 1; | |
129 svr_opts.norootlogin = 0; | |
130 svr_opts.noauthpass = 0; | |
131 svr_opts.norootpass = 0; | |
692
c58a15983808
Allow configuring "allow blank password option" at runtime
Paul Eggleton <paul.eggleton@linux.intel.com>
parents:
671
diff
changeset
|
132 svr_opts.allowblankpass = 0; |
71
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
133 svr_opts.inetdmode = 0; |
101
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
134 svr_opts.portcount = 0; |
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
135 svr_opts.hostkey = NULL; |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
136 svr_opts.delay_hostkey = 0; |
323
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
137 svr_opts.pidfile = DROPBEAR_PIDFILE; |
271
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
138 #ifdef ENABLE_SVR_LOCALTCPFWD |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
139 svr_opts.nolocaltcp = 0; |
271
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
140 #endif |
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
141 #ifdef ENABLE_SVR_REMOTETCPFWD |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
142 svr_opts.noremotetcp = 0; |
271
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
143 #endif |
996
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
144 |
575
f9b5dc0cba61
- Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
145 #ifndef DISABLE_ZLIB |
996
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
146 #if DROPBEAR_SERVER_DELAY_ZLIB |
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
147 opts.compress_mode = DROPBEAR_COMPRESS_DELAYED; |
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
148 #else |
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
149 opts.compress_mode = DROPBEAR_COMPRESS_ON; |
575
f9b5dc0cba61
- Disable compression for non-final multihops
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
150 #endif |
996
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
151 #endif |
47643024fc90
Disable non-delayed zlib for server
Matt Johnston <matt@ucc.asn.au>
parents:
976
diff
changeset
|
152 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
153 /* not yet |
33 | 154 opts.ipv4 = 1; |
155 opts.ipv6 = 1; | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
156 */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
157 #ifdef DO_MOTD |
24 | 158 svr_opts.domotd = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
159 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
160 #ifndef DISABLE_SYSLOG |
1210
64a50eac1030
Moved usingsyslog from svr_runopts to runopts.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1197
diff
changeset
|
161 opts.usingsyslog = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
162 #endif |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
163 opts.recv_window = DEFAULT_RECV_WINDOW; |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
164 opts.keepalive_secs = DEFAULT_KEEPALIVE; |
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
165 opts.idle_timeout_secs = DEFAULT_IDLE_TIMEOUT; |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
166 |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
167 #ifdef ENABLE_SVR_REMOTETCPFWD |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
168 opts.listen_fwd_all = 0; |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
169 #endif |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
170 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
171 for (i = 1; i < (unsigned int)argc; i++) { |
1164 | 172 if (argv[i][0] != '-' || argv[i][1] == '\0') |
173 dropbear_exit("Invalid argument: %s", argv[i]); | |
795 | 174 |
1164 | 175 for (j = 1; (c = argv[i][j]) != '\0' && !next && !nextisport; j++) { |
1153
67d8a904f5a9
don't silently ignore extra flag arguments
Matt Johnston <matt@ucc.asn.au>
parents:
996
diff
changeset
|
176 switch (c) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
177 case 'b': |
24 | 178 next = &svr_opts.bannerfile; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
179 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
180 case 'd': |
795 | 181 case 'r': |
182 next = &keyfile; | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
183 break; |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
184 case 'R': |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
185 svr_opts.delay_hostkey = 1; |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
186 break; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
187 case 'F': |
24 | 188 svr_opts.forkbg = 0; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
189 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
190 #ifndef DISABLE_SYSLOG |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
191 case 'E': |
1210
64a50eac1030
Moved usingsyslog from svr_runopts to runopts.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1197
diff
changeset
|
192 opts.usingsyslog = 0; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
193 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
194 #endif |
271
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
195 #ifdef ENABLE_SVR_LOCALTCPFWD |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
196 case 'j': |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
197 svr_opts.nolocaltcp = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
198 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
199 #endif |
271
be18c7dd486e
Fix up #ifdefs for tcp forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
200 #ifdef ENABLE_SVR_REMOTETCPFWD |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
201 case 'k': |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
202 svr_opts.noremotetcp = 1; |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
203 break; |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
204 case 'a': |
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
205 opts.listen_fwd_all = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
206 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
207 #endif |
71
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
208 #ifdef INETD_MODE |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
209 case 'i': |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
210 svr_opts.inetdmode = 1; |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
211 break; |
ac96bc733e71
adding inetd mode back from 0.43
Matt Johnston <matt@ucc.asn.au>
parents:
68
diff
changeset
|
212 #endif |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
213 case 'p': |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
214 nextisport = 1; |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
215 break; |
323
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
216 case 'P': |
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
217 next = &svr_opts.pidfile; |
3bfbe95f9a14
Add -P pidfile patch from Swen Schillig
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
218 break; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
219 #ifdef DO_MOTD |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
220 /* motd is displayed by default, -m turns it off */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
221 case 'm': |
24 | 222 svr_opts.domotd = 0; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
223 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
224 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
225 case 'w': |
24 | 226 svr_opts.norootlogin = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
227 break; |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
228 case 'W': |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
229 next = &recv_window_arg; |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
230 break; |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
231 case 'K': |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
232 next = &keepalive_arg; |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
233 break; |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
234 case 'I': |
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
235 next = &idle_timeout_arg; |
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
236 break; |
121 | 237 #if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH) |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
238 case 's': |
24 | 239 svr_opts.noauthpass = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
240 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
241 case 'g': |
24 | 242 svr_opts.norootpass = 1; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
243 break; |
692
c58a15983808
Allow configuring "allow blank password option" at runtime
Paul Eggleton <paul.eggleton@linux.intel.com>
parents:
671
diff
changeset
|
244 case 'B': |
c58a15983808
Allow configuring "allow blank password option" at runtime
Paul Eggleton <paul.eggleton@linux.intel.com>
parents:
671
diff
changeset
|
245 svr_opts.allowblankpass = 1; |
c58a15983808
Allow configuring "allow blank password option" at runtime
Paul Eggleton <paul.eggleton@linux.intel.com>
parents:
671
diff
changeset
|
246 break; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
247 #endif |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
248 case 'h': |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
249 printhelp(argv[0]); |
946 | 250 exit(EXIT_SUCCESS); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
251 break; |
442
d82a2a44c684
Add -u option to specify /dev/urandom instead
Matt Johnston <matt@ucc.asn.au>
parents:
435
diff
changeset
|
252 case 'u': |
446
2cd2edfa11ee
Just use /dev/urandom since that's what everyone ends up using anyway.
Matt Johnston <matt@ucc.asn.au>
parents:
442
diff
changeset
|
253 /* backwards compatibility with old urandom option */ |
442
d82a2a44c684
Add -u option to specify /dev/urandom instead
Matt Johnston <matt@ucc.asn.au>
parents:
435
diff
changeset
|
254 break; |
94
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
255 #ifdef DEBUG_TRACE |
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
256 case 'v': |
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
257 debug_trace = 1; |
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
258 break; |
c85c88500ea6
DEBUG_TRACE now only triggers with -v on the cmdline
Matt Johnston <matt@ucc.asn.au>
parents:
91
diff
changeset
|
259 #endif |
946 | 260 case 'V': |
948
f92eb625c48d
- Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
946
diff
changeset
|
261 print_version(); |
946 | 262 exit(EXIT_SUCCESS); |
263 break; | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
264 default: |
1164 | 265 fprintf(stderr, "Invalid option -%c\n", c); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
266 printhelp(argv[0]); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
267 exit(EXIT_FAILURE); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
268 break; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
269 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
270 } |
1164 | 271 |
272 if (!next && !nextisport) | |
273 continue; | |
274 | |
275 if (c == '\0') { | |
276 i++; | |
277 j = 0; | |
278 if (!argv[i]) { | |
279 dropbear_exit("Missing argument"); | |
280 } | |
281 } | |
282 | |
283 if (nextisport) { | |
284 addportandaddress(&argv[i][j]); | |
285 nextisport = 0; | |
286 } else if (next) { | |
287 *next = &argv[i][j]; | |
288 if (*next == NULL) { | |
289 dropbear_exit("Invalid null argument"); | |
290 } | |
291 next = 0x00; | |
292 | |
293 if (keyfile) { | |
294 addhostkey(keyfile); | |
295 keyfile = NULL; | |
296 } | |
297 } | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
298 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
299 |
101
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
300 /* Set up listening ports */ |
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
301 if (svr_opts.portcount == 0) { |
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
302 svr_opts.ports[0] = m_strdup(DROPBEAR_DEFPORT); |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
303 svr_opts.addresses[0] = m_strdup(DROPBEAR_DEFADDRESS); |
101
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
304 svr_opts.portcount = 1; |
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
305 } |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
306 |
24 | 307 if (svr_opts.bannerfile) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
308 struct stat buf; |
24 | 309 if (stat(svr_opts.bannerfile, &buf) != 0) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
310 dropbear_exit("Error opening banner file '%s'", |
24 | 311 svr_opts.bannerfile); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
312 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
313 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
314 if (buf.st_size > MAX_BANNER_SIZE) { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
315 dropbear_exit("Banner file too large, max is %d bytes", |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
316 MAX_BANNER_SIZE); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
317 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
318 |
24 | 319 svr_opts.banner = buf_new(buf.st_size); |
320 if (buf_readfile(svr_opts.banner, svr_opts.bannerfile)!=DROPBEAR_SUCCESS) { | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
321 dropbear_exit("Error reading banner file '%s'", |
24 | 322 svr_opts.bannerfile); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
323 } |
24 | 324 buf_setpos(svr_opts.banner, 0); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
325 } |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
326 |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
327 if (recv_window_arg) { |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
328 opts.recv_window = atol(recv_window_arg); |
492
b956d6151600
Replace calls to strtoul() with a helper m_str_to_uint()
Matt Johnston <matt@ucc.asn.au>
parents:
454
diff
changeset
|
329 if (opts.recv_window == 0 || opts.recv_window > MAX_RECV_WINDOW) { |
449
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
330 dropbear_exit("Bad recv window '%s'", recv_window_arg); |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
331 } |
3e6c536bc023
Add -W <windowsize> argument and document it.
Matt Johnston <matt@ucc.asn.au>
parents:
446
diff
changeset
|
332 } |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
333 |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
334 if (keepalive_arg) { |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
335 unsigned int val; |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
336 if (m_str_to_uint(keepalive_arg, &val) == DROPBEAR_FAILURE) { |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
337 dropbear_exit("Bad keepalive '%s'", keepalive_arg); |
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
338 } |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
339 opts.keepalive_secs = val; |
454
7e43f5e473b9
- Add -K keepalive flag for dropbear and dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
449
diff
changeset
|
340 } |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
341 |
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
342 if (idle_timeout_arg) { |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
343 unsigned int val; |
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
344 if (m_str_to_uint(idle_timeout_arg, &val) == DROPBEAR_FAILURE) { |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
345 dropbear_exit("Bad idle_timeout '%s'", idle_timeout_arg); |
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
346 } |
568
005530560594
Rearrange getaddrstring() etc
Matt Johnston <matt@ucc.asn.au>
parents:
513
diff
changeset
|
347 opts.idle_timeout_secs = val; |
513
a3748e54273c
Idle timeout patch from Farrell Aultman. Needs testing, unsure if server
Matt Johnston <matt@ucc.asn.au>
parents:
510
diff
changeset
|
348 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
349 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
350 |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
351 static void addportandaddress(const char* spec) { |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
352 char *spec_copy = NULL, *myspec = NULL, *port = NULL, *address = NULL; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
353 |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
354 if (svr_opts.portcount < DROPBEAR_MAX_PORTS) { |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
355 |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
356 /* We don't free it, it becomes part of the runopt state */ |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
357 spec_copy = m_strdup(spec); |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
358 myspec = spec_copy; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
359 |
706
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
360 if (myspec[0] == '[') { |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
361 myspec++; |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
362 port = strchr(myspec, ']'); |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
363 if (!port) { |
706
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
364 /* Unmatched [ -> exit */ |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
365 dropbear_exit("Bad listen address"); |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
366 } |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
367 port[0] = '\0'; |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
368 port++; |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
369 if (port[0] != ':') { |
706
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
370 /* Missing port -> exit */ |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
371 dropbear_exit("Missing port"); |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
372 } |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
373 } else { |
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
374 /* search for ':', that separates address and port */ |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
375 port = strrchr(myspec, ':'); |
706
002cf09827c0
Allow specifying server "-p" options with ipv6 bracket notation,
Matt Johnston <matt@ucc.asn.au>
parents:
692
diff
changeset
|
376 } |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
377 |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
378 if (!port) { |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
379 /* no ':' -> the whole string specifies just a port */ |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
380 port = myspec; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
381 } else { |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
382 /* Split the address/port */ |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
383 port[0] = '\0'; |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
384 port++; |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
385 address = myspec; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
386 } |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
387 |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
388 if (!address) { |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
389 /* no address given -> fill in the default address */ |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
390 address = DROPBEAR_DEFADDRESS; |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
391 } |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
392 |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
393 if (port[0] == '\0') { |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
394 /* empty port -> exit */ |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
395 dropbear_exit("Bad port"); |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
396 } |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
397 svr_opts.ports[svr_opts.portcount] = m_strdup(port); |
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
398 svr_opts.addresses[svr_opts.portcount] = m_strdup(address); |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
399 svr_opts.portcount++; |
1197
86a9e0204c03
ports and addresses must be malloced to avoid segfault on exit
Matt Johnston <matt@ucc.asn.au>
parents:
1177
diff
changeset
|
400 m_free(spec_copy); |
434
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
401 } |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
402 } |
0aaaf68e97dc
Add -p [address:]port option for binding to addresses, patch from
Matt Johnston <matt@ucc.asn.au>
parents:
271
diff
changeset
|
403 |
795 | 404 static void disablekey(int type) { |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
405 int i; |
802 | 406 TRACE(("Disabling key type %d", type)) |
47 | 407 for (i = 0; sshhostkey[i].name != NULL; i++) { |
408 if (sshhostkey[i].val == type) { | |
802 | 409 sshhostkey[i].usable = 0; |
47 | 410 break; |
411 } | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
412 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
413 } |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
414 |
807
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
415 static void loadhostkey_helper(const char *name, void** src, void** dst, int fatal_duplicate) { |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
416 if (*dst) { |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
417 if (fatal_duplicate) { |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
418 dropbear_exit("Only one %s key can be specified", name); |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
419 } |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
420 } else { |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
421 *dst = *src; |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
422 *src = NULL; |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
423 } |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
424 |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
425 } |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
426 |
101
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
427 /* Must be called after syslog/etc is working */ |
795 | 428 static void loadhostkey(const char *keyfile, int fatal_duplicate) { |
429 sign_key * read_key = new_sign_key(); | |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
430 enum signkey_type type = DROPBEAR_SIGNKEY_ANY; |
795 | 431 if (readhostkey(keyfile, read_key, &type) == DROPBEAR_FAILURE) { |
976
964d41e3aeb2
Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled
Steven Honeyman <stevenhoneyman@gmail.com>
parents:
948
diff
changeset
|
432 if (!svr_opts.delay_hostkey) { |
964d41e3aeb2
Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled
Steven Honeyman <stevenhoneyman@gmail.com>
parents:
948
diff
changeset
|
433 dropbear_log(LOG_WARNING, "Failed loading %s", keyfile); |
964d41e3aeb2
Don't print "Failed loading hostkey" when -R delayed hostkey option is enabled
Steven Honeyman <stevenhoneyman@gmail.com>
parents:
948
diff
changeset
|
434 } |
795 | 435 } |
436 | |
437 #ifdef DROPBEAR_RSA | |
438 if (type == DROPBEAR_SIGNKEY_RSA) { | |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
439 loadhostkey_helper("RSA", (void**)&read_key->rsakey, (void**)&svr_opts.hostkey->rsakey, fatal_duplicate); |
795 | 440 } |
441 #endif | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
442 |
795 | 443 #ifdef DROPBEAR_DSS |
444 if (type == DROPBEAR_SIGNKEY_DSS) { | |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
445 loadhostkey_helper("DSS", (void**)&read_key->dsskey, (void**)&svr_opts.hostkey->dsskey, fatal_duplicate); |
795 | 446 } |
447 #endif | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
448 |
795 | 449 #ifdef DROPBEAR_ECDSA |
807
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
450 #ifdef DROPBEAR_ECC_256 |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
451 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256) { |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
452 loadhostkey_helper("ECDSA256", (void**)&read_key->ecckey256, (void**)&svr_opts.hostkey->ecckey256, fatal_duplicate); |
795 | 453 } |
454 #endif | |
807
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
455 #ifdef DROPBEAR_ECC_384 |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
456 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP384) { |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
457 loadhostkey_helper("ECDSA384", (void**)&read_key->ecckey384, (void**)&svr_opts.hostkey->ecckey384, fatal_duplicate); |
807
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
458 } |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
459 #endif |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
460 #ifdef DROPBEAR_ECC_521 |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
461 if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) { |
852
7540c0822374
Various cleanups and fixes for warnings
Matt Johnston <matt@ucc.asn.au>
parents:
847
diff
changeset
|
462 loadhostkey_helper("ECDSA521", (void**)&read_key->ecckey521, (void**)&svr_opts.hostkey->ecckey521, fatal_duplicate); |
807
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
463 } |
75509065db53
have separate ecdsa keys for each size
Matt Johnston <matt@ucc.asn.au>
parents:
802
diff
changeset
|
464 #endif |
857 | 465 #endif /* DROPBEAR_ECDSA */ |
795 | 466 sign_key_free(read_key); |
467 TRACE(("leave loadhostkey")) | |
468 } | |
469 | |
470 static void addhostkey(const char *keyfile) { | |
471 if (svr_opts.num_hostkey_files >= MAX_HOSTKEYS) { | |
472 dropbear_exit("Too many hostkeys"); | |
473 } | |
474 svr_opts.hostkey_files[svr_opts.num_hostkey_files] = m_strdup(keyfile); | |
475 svr_opts.num_hostkey_files++; | |
476 } | |
477 | |
478 void load_all_hostkeys() { | |
479 int i; | |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
480 int disable_unset_keys = 1; |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
481 int any_keys = 0; |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
482 |
101
72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
Matt Johnston <matt@ucc.asn.au>
parents:
94
diff
changeset
|
483 svr_opts.hostkey = new_sign_key(); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
484 |
795 | 485 for (i = 0; i < svr_opts.num_hostkey_files; i++) { |
486 char *hostkey_file = svr_opts.hostkey_files[i]; | |
487 loadhostkey(hostkey_file, 1); | |
488 m_free(hostkey_file); | |
489 } | |
490 | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
491 #ifdef DROPBEAR_RSA |
795 | 492 loadhostkey(RSA_PRIV_FILENAME, 0); |
493 #endif | |
494 | |
495 #ifdef DROPBEAR_DSS | |
496 loadhostkey(DSS_PRIV_FILENAME, 0); | |
497 #endif | |
498 | |
499 #ifdef DROPBEAR_ECDSA | |
500 loadhostkey(ECDSA_PRIV_FILENAME, 0); | |
501 #endif | |
502 | |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
503 #ifdef DROPBEAR_DELAY_HOSTKEY |
876 | 504 if (svr_opts.delay_hostkey) { |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
505 disable_unset_keys = 0; |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
506 } |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
507 #endif |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
508 |
795 | 509 #ifdef DROPBEAR_RSA |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
510 if (disable_unset_keys && !svr_opts.hostkey->rsakey) { |
795 | 511 disablekey(DROPBEAR_SIGNKEY_RSA); |
876 | 512 } else { |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
513 any_keys = 1; |
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
514 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
515 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
516 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
517 #ifdef DROPBEAR_DSS |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
518 if (disable_unset_keys && !svr_opts.hostkey->dsskey) { |
876 | 519 disablekey(DROPBEAR_SIGNKEY_DSS); |
520 } else { | |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
521 any_keys = 1; |
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
522 } |
795 | 523 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
524 |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
525 |
795 | 526 #ifdef DROPBEAR_ECDSA |
527 #ifdef DROPBEAR_ECC_256 | |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
528 if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 256) |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
529 && !svr_opts.hostkey->ecckey256) { |
795 | 530 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP256); |
876 | 531 } else { |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
532 any_keys = 1; |
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
533 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
534 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
535 |
795 | 536 #ifdef DROPBEAR_ECC_384 |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
537 if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 384) |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
538 && !svr_opts.hostkey->ecckey384) { |
795 | 539 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP384); |
876 | 540 } else { |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
541 any_keys = 1; |
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
542 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
543 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
544 |
795 | 545 #ifdef DROPBEAR_ECC_521 |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
546 if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 521) |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
547 && !svr_opts.hostkey->ecckey521) { |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
548 disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521); |
876 | 549 } else { |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
550 any_keys = 1; |
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
551 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
552 #endif |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
553 #endif /* DROPBEAR_ECDSA */ |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
846
diff
changeset
|
554 |
876 | 555 if (!any_keys) { |
1177 | 556 dropbear_exit("No hostkeys available. 'dropbear -R' may be useful or run dropbearkey."); |
873
17b15683648d
Exit if we don't have keys and -R wasn't specified
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
557 } |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
558 } |