Mercurial > dropbear
comparison cli-runopts.c @ 285:1b9e69c058d2
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 20dccfc09627970a312d77fb41dc2970b62689c3)
to branch 'au.asn.ucc.matt.dropbear' (head fdf4a7a3b97ae5046139915de7e40399cceb2c01)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 08 Mar 2006 13:23:58 +0000 |
parents | 306499676384 |
children | 79bf1023cf11 740e782679be 0e4f225b7e07 ea0929224294 |
comparison
equal
deleted
inserted
replaced
281:997e6f7dc01e | 285:1b9e69c058d2 |
---|---|
1 /* | |
2 * Dropbear - a SSH2 server | |
3 * | |
4 * Copyright (c) 2002,2003 Matt Johnston | |
5 * All rights reserved. | |
6 * | |
7 * Permission is hereby granted, free of charge, to any person obtaining a copy | |
8 * of this software and associated documentation files (the "Software"), to deal | |
9 * in the Software without restriction, including without limitation the rights | |
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
11 * copies of the Software, and to permit persons to whom the Software is | |
12 * furnished to do so, subject to the following conditions: | |
13 * | |
14 * The above copyright notice and this permission notice shall be included in | |
15 * all copies or substantial portions of the Software. | |
16 * | |
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
23 * SOFTWARE. */ | |
24 | |
25 #include "includes.h" | |
26 #include "runopts.h" | |
27 #include "signkey.h" | |
28 #include "buffer.h" | |
29 #include "dbutil.h" | |
30 #include "algo.h" | |
31 #include "tcpfwd.h" | |
32 | |
33 cli_runopts cli_opts; /* GLOBAL */ | |
34 | |
35 static void printhelp(); | |
36 static void parsehostname(char* userhostarg); | |
37 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
38 static void loadidentityfile(const char* filename); | |
39 #endif | |
40 #ifdef ENABLE_CLI_ANYTCPFWD | |
41 static void addforward(char* str, struct TCPFwdList** fwdlist); | |
42 #endif | |
43 | |
44 static void printhelp() { | |
45 | |
46 fprintf(stderr, "Dropbear client v%s\n" | |
47 "Usage: %s [options] [user@]host\n" | |
48 "Options are:\n" | |
49 "-p <remoteport>\n" | |
50 "-l <username>\n" | |
51 "-t Allocate a pty\n" | |
52 "-T Don't allocate a pty\n" | |
53 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
54 "-i <identityfile> (multiple allowed)\n" | |
55 #endif | |
56 #ifdef ENABLE_CLI_LOCALTCPFWD | |
57 "-L <listenport:remotehost:remoteport> Local port forwarding\n" | |
58 "-g Allow remote hosts to connect to forwarded ports\n" | |
59 #endif | |
60 #ifdef ENABLE_CLI_REMOTETCPFWD | |
61 "-R <listenport:remotehost:remoteport> Remote port forwarding\n" | |
62 #endif | |
63 #ifdef DEBUG_TRACE | |
64 "-v verbose\n" | |
65 #endif | |
66 ,DROPBEAR_VERSION, cli_opts.progname); | |
67 } | |
68 | |
69 void cli_getopts(int argc, char ** argv) { | |
70 | |
71 unsigned int i, j; | |
72 char ** next = 0; | |
73 unsigned int cmdlen; | |
74 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
75 int nextiskey = 0; /* A flag if the next argument is a keyfile */ | |
76 #endif | |
77 #ifdef ENABLE_CLI_LOCALTCPFWD | |
78 int nextislocal = 0; | |
79 #endif | |
80 #ifdef ENABLE_CLI_REMOTETCPFWD | |
81 int nextisremote = 0; | |
82 #endif | |
83 char* dummy = NULL; /* Not used for anything real */ | |
84 | |
85 /* see printhelp() for options */ | |
86 cli_opts.progname = argv[0]; | |
87 cli_opts.remotehost = NULL; | |
88 cli_opts.remoteport = NULL; | |
89 cli_opts.username = NULL; | |
90 cli_opts.cmd = NULL; | |
91 cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */ | |
92 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
93 cli_opts.privkeys = NULL; | |
94 #endif | |
95 #ifdef ENABLE_CLI_LOCALTCPFWD | |
96 cli_opts.localfwds = NULL; | |
97 opts.listen_fwd_all = 0; | |
98 #endif | |
99 #ifdef ENABLE_CLI_REMOTETCPFWD | |
100 cli_opts.remotefwds = NULL; | |
101 #endif | |
102 /* not yet | |
103 opts.ipv4 = 1; | |
104 opts.ipv6 = 1; | |
105 */ | |
106 | |
107 /* Iterate all the arguments */ | |
108 for (i = 1; i < (unsigned int)argc; i++) { | |
109 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
110 if (nextiskey) { | |
111 /* Load a hostkey since the previous argument was "-i" */ | |
112 loadidentityfile(argv[i]); | |
113 nextiskey = 0; | |
114 continue; | |
115 } | |
116 #endif | |
117 #ifdef ENABLE_CLI_REMOTETCPFWD | |
118 if (nextisremote) { | |
119 TRACE(("nextisremote true")) | |
120 addforward(argv[i], &cli_opts.remotefwds); | |
121 nextisremote = 0; | |
122 continue; | |
123 } | |
124 #endif | |
125 #ifdef ENABLE_CLI_LOCALTCPFWD | |
126 if (nextislocal) { | |
127 TRACE(("nextislocal true")) | |
128 addforward(argv[i], &cli_opts.localfwds); | |
129 nextislocal = 0; | |
130 continue; | |
131 } | |
132 #endif | |
133 if (next) { | |
134 /* The previous flag set a value to assign */ | |
135 *next = argv[i]; | |
136 if (*next == NULL) { | |
137 dropbear_exit("Invalid null argument"); | |
138 } | |
139 next = NULL; | |
140 continue; | |
141 } | |
142 | |
143 if (argv[i][0] == '-') { | |
144 /* A flag *waves* */ | |
145 | |
146 switch (argv[i][1]) { | |
147 case 'p': /* remoteport */ | |
148 next = &cli_opts.remoteport; | |
149 break; | |
150 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
151 case 'i': /* an identityfile */ | |
152 /* Keep scp happy when it changes "-i file" to "-ifile" */ | |
153 if (strlen(argv[i]) > 2) { | |
154 loadidentityfile(&argv[i][2]); | |
155 } else { | |
156 nextiskey = 1; | |
157 } | |
158 break; | |
159 #endif | |
160 case 't': /* we want a pty */ | |
161 cli_opts.wantpty = 1; | |
162 break; | |
163 case 'T': /* don't want a pty */ | |
164 cli_opts.wantpty = 0; | |
165 break; | |
166 #ifdef ENABLE_CLI_LOCALTCPFWD | |
167 case 'L': | |
168 nextislocal = 1; | |
169 break; | |
170 case 'g': | |
171 opts.listen_fwd_all = 1; | |
172 break; | |
173 #endif | |
174 #ifdef ENABLE_CLI_REMOTETCPFWD | |
175 case 'R': | |
176 nextisremote = 1; | |
177 break; | |
178 #endif | |
179 case 'l': | |
180 next = &cli_opts.username; | |
181 break; | |
182 case 'h': | |
183 printhelp(); | |
184 exit(EXIT_SUCCESS); | |
185 break; | |
186 #ifdef DEBUG_TRACE | |
187 case 'v': | |
188 debug_trace = 1; | |
189 break; | |
190 #endif | |
191 case 'F': | |
192 case 'e': | |
193 case 'c': | |
194 case 'm': | |
195 case 'D': | |
196 #ifndef ENABLE_CLI_REMOTETCPFWD | |
197 case 'R': | |
198 #endif | |
199 #ifndef ENABLE_CLI_LOCALTCPFWD | |
200 case 'L': | |
201 #endif | |
202 case 'o': | |
203 case 'b': | |
204 next = &dummy; | |
205 default: | |
206 fprintf(stderr, | |
207 "WARNING: Ignoring unknown argument '%s'\n", argv[i]); | |
208 break; | |
209 } /* Switch */ | |
210 | |
211 /* Now we handle args where they might be "-luser" (no spaces)*/ | |
212 if (next && strlen(argv[i]) > 2) { | |
213 *next = &argv[i][2]; | |
214 next = NULL; | |
215 } | |
216 | |
217 continue; /* next argument */ | |
218 | |
219 } else { | |
220 TRACE(("non-flag arg: '%s'", argv[i])) | |
221 | |
222 /* Either the hostname or commands */ | |
223 | |
224 if (cli_opts.remotehost == NULL) { | |
225 | |
226 parsehostname(argv[i]); | |
227 | |
228 } else { | |
229 | |
230 /* this is part of the commands to send - after this we | |
231 * don't parse any more options, and flags are sent as the | |
232 * command */ | |
233 cmdlen = 0; | |
234 for (j = i; j < (unsigned int)argc; j++) { | |
235 cmdlen += strlen(argv[j]) + 1; /* +1 for spaces */ | |
236 } | |
237 /* Allocate the space */ | |
238 cli_opts.cmd = (char*)m_malloc(cmdlen); | |
239 cli_opts.cmd[0] = '\0'; | |
240 | |
241 /* Append all the bits */ | |
242 for (j = i; j < (unsigned int)argc; j++) { | |
243 strlcat(cli_opts.cmd, argv[j], cmdlen); | |
244 strlcat(cli_opts.cmd, " ", cmdlen); | |
245 } | |
246 /* It'll be null-terminated here */ | |
247 | |
248 /* We've eaten all the options and flags */ | |
249 break; | |
250 } | |
251 } | |
252 } | |
253 | |
254 if (cli_opts.remotehost == NULL) { | |
255 printhelp(); | |
256 exit(EXIT_FAILURE); | |
257 } | |
258 | |
259 if (cli_opts.remoteport == NULL) { | |
260 cli_opts.remoteport = "22"; | |
261 } | |
262 | |
263 /* If not explicitly specified with -t or -T, we don't want a pty if | |
264 * there's a command, but we do otherwise */ | |
265 if (cli_opts.wantpty == 9) { | |
266 if (cli_opts.cmd == NULL) { | |
267 cli_opts.wantpty = 1; | |
268 } else { | |
269 cli_opts.wantpty = 0; | |
270 } | |
271 } | |
272 } | |
273 | |
274 #ifdef ENABLE_CLI_PUBKEY_AUTH | |
275 static void loadidentityfile(const char* filename) { | |
276 | |
277 struct SignKeyList * nextkey; | |
278 sign_key *key; | |
279 int keytype; | |
280 | |
281 key = new_sign_key(); | |
282 keytype = DROPBEAR_SIGNKEY_ANY; | |
283 if ( readhostkey(filename, key, &keytype) != DROPBEAR_SUCCESS ) { | |
284 | |
285 fprintf(stderr, "Failed loading keyfile '%s'\n", filename); | |
286 sign_key_free(key); | |
287 | |
288 } else { | |
289 | |
290 nextkey = (struct SignKeyList*)m_malloc(sizeof(struct SignKeyList)); | |
291 nextkey->key = key; | |
292 nextkey->next = cli_opts.privkeys; | |
293 nextkey->type = keytype; | |
294 cli_opts.privkeys = nextkey; | |
295 } | |
296 } | |
297 #endif | |
298 | |
299 | |
300 /* Parses a [user@]hostname argument. userhostarg is the argv[i] corresponding | |
301 * - note that it will be modified */ | |
302 static void parsehostname(char* orighostarg) { | |
303 | |
304 uid_t uid; | |
305 struct passwd *pw = NULL; | |
306 char *userhostarg = NULL; | |
307 | |
308 /* We probably don't want to be editing argvs */ | |
309 userhostarg = m_strdup(orighostarg); | |
310 | |
311 cli_opts.remotehost = strchr(userhostarg, '@'); | |
312 if (cli_opts.remotehost == NULL) { | |
313 /* no username portion, the cli-auth.c code can figure the | |
314 * local user's name */ | |
315 cli_opts.remotehost = userhostarg; | |
316 } else { | |
317 cli_opts.remotehost[0] = '\0'; /* Split the user/host */ | |
318 cli_opts.remotehost++; | |
319 cli_opts.username = userhostarg; | |
320 } | |
321 | |
322 if (cli_opts.username == NULL) { | |
323 uid = getuid(); | |
324 | |
325 pw = getpwuid(uid); | |
326 if (pw == NULL || pw->pw_name == NULL) { | |
327 dropbear_exit("Unknown own user"); | |
328 } | |
329 | |
330 cli_opts.username = m_strdup(pw->pw_name); | |
331 } | |
332 | |
333 if (cli_opts.remotehost[0] == '\0') { | |
334 dropbear_exit("Bad hostname"); | |
335 } | |
336 } | |
337 | |
338 #ifdef ENABLE_CLI_ANYTCPFWD | |
339 /* Turn a "listenport:remoteaddr:remoteport" string into into a forwarding | |
340 * set, and add it to the forwarding list */ | |
341 static void addforward(char* origstr, struct TCPFwdList** fwdlist) { | |
342 | |
343 char * listenport = NULL; | |
344 char * connectport = NULL; | |
345 char * connectaddr = NULL; | |
346 struct TCPFwdList* newfwd = NULL; | |
347 char * str = NULL; | |
348 | |
349 TRACE(("enter addforward")) | |
350 | |
351 /* We probably don't want to be editing argvs */ | |
352 str = m_strdup(origstr); | |
353 | |
354 listenport = str; | |
355 | |
356 connectaddr = strchr(str, ':'); | |
357 if (connectaddr == NULL) { | |
358 TRACE(("connectaddr == NULL")) | |
359 goto fail; | |
360 } | |
361 | |
362 connectaddr[0] = '\0'; | |
363 connectaddr++; | |
364 | |
365 connectport = strchr(connectaddr, ':'); | |
366 if (connectport == NULL) { | |
367 TRACE(("connectport == NULL")) | |
368 goto fail; | |
369 } | |
370 | |
371 connectport[0] = '\0'; | |
372 connectport++; | |
373 | |
374 newfwd = (struct TCPFwdList*)m_malloc(sizeof(struct TCPFwdList)); | |
375 | |
376 /* Now we check the ports - note that the port ints are unsigned, | |
377 * the check later only checks for >= MAX_PORT */ | |
378 newfwd->listenport = strtol(listenport, NULL, 10); | |
379 if (errno != 0) { | |
380 TRACE(("bad listenport strtol")) | |
381 goto fail; | |
382 } | |
383 | |
384 newfwd->connectport = strtol(connectport, NULL, 10); | |
385 if (errno != 0) { | |
386 TRACE(("bad connectport strtol")) | |
387 goto fail; | |
388 } | |
389 | |
390 newfwd->connectaddr = connectaddr; | |
391 | |
392 if (newfwd->listenport > 65535) { | |
393 TRACE(("listenport > 65535")) | |
394 goto badport; | |
395 } | |
396 | |
397 if (newfwd->connectport > 65535) { | |
398 TRACE(("connectport > 65535")) | |
399 goto badport; | |
400 } | |
401 | |
402 newfwd->next = *fwdlist; | |
403 *fwdlist = newfwd; | |
404 | |
405 TRACE(("leave addforward: done")) | |
406 return; | |
407 | |
408 fail: | |
409 dropbear_exit("Bad TCP forward '%s'", origstr); | |
410 | |
411 badport: | |
412 dropbear_exit("Bad TCP port in '%s'", origstr); | |
413 } | |
414 #endif |