Mercurial > dropbear
annotate common-runopts.c @ 1520:84578193ef47
draft CHANGES
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 18 Feb 2018 23:48:32 +0800 |
parents | 750ec4ec4cbe |
children | b9a466b43de0 |
rev | line source |
---|---|
33 | 1 /* |
2 * Dropbear - a SSH2 server | |
3 * | |
4 * Copyright (c) 2002,2003 Matt Johnston | |
5 * All rights reserved. | |
6 * | |
7 * Permission is hereby granted, free of charge, to any person obtaining a copy | |
8 * of this software and associated documentation files (the "Software"), to deal | |
9 * in the Software without restriction, including without limitation the rights | |
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
11 * copies of the Software, and to permit persons to whom the Software is | |
12 * furnished to do so, subject to the following conditions: | |
13 * | |
14 * The above copyright notice and this permission notice shall be included in | |
15 * all copies or substantial portions of the Software. | |
16 * | |
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
23 * SOFTWARE. */ | |
24 | |
25 #include "includes.h" | |
26 #include "runopts.h" | |
47 | 27 #include "signkey.h" |
28 #include "buffer.h" | |
29 #include "dbutil.h" | |
30 #include "auth.h" | |
682
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
31 #include "algo.h" |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
841
diff
changeset
|
32 #include "dbrandom.h" |
33 | 33 |
34 runopts opts; /* GLOBAL */ | |
47 | 35 |
36 /* returns success or failure, and the keytype in *type. If we want | |
37 * to restrict the type, type can contain a type to return */ | |
841
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
713
diff
changeset
|
38 int readhostkey(const char * filename, sign_key * hostkey, |
d4ce5269a439
Fix specifying a keysize for key generation, fix key name arguments
Matt Johnston <matt@ucc.asn.au>
parents:
713
diff
changeset
|
39 enum signkey_type *type) { |
47 | 40 |
41 int ret = DROPBEAR_FAILURE; | |
42 buffer *buf; | |
43 | |
44 buf = buf_new(MAX_PRIVKEY_SIZE); | |
45 | |
46 if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) { | |
47 goto out; | |
48 } | |
49 buf_setpos(buf, 0); | |
687 | 50 |
51 addrandom(buf_getptr(buf, buf->len), buf->len); | |
52 | |
47 | 53 if (buf_get_priv_key(buf, hostkey, type) == DROPBEAR_FAILURE) { |
54 goto out; | |
55 } | |
56 | |
57 ret = DROPBEAR_SUCCESS; | |
58 out: | |
59 | |
60 buf_burn(buf); | |
61 buf_free(buf); | |
62 return ret; | |
63 } | |
682
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
64 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
948
diff
changeset
|
65 #if DROPBEAR_USER_ALGO_LIST |
682
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
66 void |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
67 parse_ciphers_macs() |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
68 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
69 if (opts.cipher_list) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
70 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
71 if (strcmp(opts.cipher_list, "help") == 0) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
72 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
73 char *ciphers = algolist_string(sshciphers); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
74 dropbear_log(LOG_INFO, "Available ciphers:\n%s\n", ciphers); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
75 m_free(ciphers); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
76 dropbear_exit("."); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
77 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
78 |
713
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
79 if (strcmp(opts.cipher_list, "none") == 0) |
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
80 { |
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
81 /* Encryption is required during authentication */ |
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
82 opts.cipher_list = "none,aes128-ctr"; |
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
83 } |
e22d5f5f6e37
Fix "-c none" so that it allows aes during authentication
Matt Johnston <matt@ucc.asn.au>
parents:
687
diff
changeset
|
84 |
682
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
85 if (check_user_algos(opts.cipher_list, sshciphers, "cipher") == 0) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
86 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
87 dropbear_exit("No valid ciphers specified for '-c'"); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
88 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
89 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
90 |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
91 if (opts.mac_list) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
92 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
93 if (strcmp(opts.mac_list, "help") == 0) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
94 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
95 char *macs = algolist_string(sshhashes); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
96 dropbear_log(LOG_INFO, "Available MACs:\n%s\n", macs); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
97 m_free(macs); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
98 dropbear_exit("."); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
99 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
100 |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
101 if (check_user_algos(opts.mac_list, sshhashes, "MAC") == 0) |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
102 { |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
103 dropbear_exit("No valid MACs specified for '-m'"); |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
104 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
105 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
106 } |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
107 #endif |
4edea9f363d0
Add rough support for choosing ciphers/hashes with "-c" or "-m"
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
108 |
948
f92eb625c48d
- Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
946
diff
changeset
|
109 void print_version() { |
f92eb625c48d
- Don't use multichar constants since recent gcc complains
Matt Johnston <matt@ucc.asn.au>
parents:
946
diff
changeset
|
110 fprintf(stderr, "Dropbear v%s\n", DROPBEAR_VERSION); |
946 | 111 } |
112 | |
113 |