Mercurial > dropbear

comparison svr-runopts.c @ 101:72dc22f56858

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Change the way we load keys/ports so we don't print error messages into our socket.
author Matt Johnston <matt@ucc.asn.au>
date Mon, 23 Aug 2004 05:27:34 +0000
parents c85c88500ea6
children 298098b2a61e
comparison
equal deleted inserted replaced
100:c72f5c10125d 101:72dc22f56858
29 #include "dbutil.h" 29 #include "dbutil.h"
30 #include "algo.h" 30 #include "algo.h"
31 31
32 svr_runopts svr_opts; /* GLOBAL */ 32 svr_runopts svr_opts; /* GLOBAL */
33 33
34 static sign_key * loadhostkeys(const char * dsskeyfile,
35 const char * rsakeyfile);
36 static void printhelp(const char * progname); 34 static void printhelp(const char * progname);
37 35
38 static void printhelp(const char * progname) { 36 static void printhelp(const char * progname) {
39 37
40 fprintf(stderr, "Dropbear sshd v%s\n" 38 fprintf(stderr, "Dropbear sshd v%s\n"
84 DSS_PRIV_FILENAME, 82 DSS_PRIV_FILENAME,
85 #endif 83 #endif
86 #ifdef DROPBEAR_RSA 84 #ifdef DROPBEAR_RSA
87 RSA_PRIV_FILENAME, 85 RSA_PRIV_FILENAME,
88 #endif 86 #endif
89 DROPBEAR_MAX_PORTS, DROPBEAR_PORT); 87 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT);
90 } 88 }
91 89
92 void svr_getopts(int argc, char ** argv) { 90 void svr_getopts(int argc, char ** argv) {
93 91
94 unsigned int i; 92 unsigned int i;
95 char ** next = 0; 93 char ** next = 0;
96 unsigned int portnum = 0;
97 char *portstring[DROPBEAR_MAX_PORTS];
98 unsigned int longport;
99 94
100 /* see printhelp() for options */ 95 /* see printhelp() for options */
101 svr_opts.rsakeyfile = NULL; 96 svr_opts.rsakeyfile = NULL;
102 svr_opts.dsskeyfile = NULL; 97 svr_opts.dsskeyfile = NULL;
103 svr_opts.bannerfile = NULL; 98 svr_opts.bannerfile = NULL;
105 svr_opts.forkbg = 1; 100 svr_opts.forkbg = 1;
106 svr_opts.norootlogin = 0; 101 svr_opts.norootlogin = 0;
107 svr_opts.noauthpass = 0; 102 svr_opts.noauthpass = 0;
108 svr_opts.norootpass = 0; 103 svr_opts.norootpass = 0;
109 svr_opts.inetdmode = 0; 104 svr_opts.inetdmode = 0;
105 svr_opts.portcount = 0;
106 svr_opts.hostkey = NULL;
110 opts.nolocaltcp = 0; 107 opts.nolocaltcp = 0;
111 opts.noremotetcp = 0; 108 opts.noremotetcp = 0;
112 /* not yet 109 /* not yet
113 opts.ipv4 = 1; 110 opts.ipv4 = 1;
114 opts.ipv6 = 1; 111 opts.ipv6 = 1;
167 case 'i': 164 case 'i':
168 svr_opts.inetdmode = 1; 165 svr_opts.inetdmode = 1;
169 break; 166 break;
170 #endif 167 #endif
171 case 'p': 168 case 'p':
172 if (portnum < DROPBEAR_MAX_PORTS) { 169 if (svr_opts.portcount < DROPBEAR_MAX_PORTS) {
173 portstring[portnum] = NULL; 170 svr_opts.ports[svr_opts.portcount] = NULL;
174 next = &portstring[portnum]; 171 next = &svr_opts.ports[svr_opts.portcount];
175 portnum++; 172 /* Note: if it doesn't actually get set, we'll
173 * decrement it after the loop */
174 svr_opts.portcount++;
176 } 175 }
177 break; 176 break;
178 #ifdef DO_MOTD 177 #ifdef DO_MOTD
179 /* motd is displayed by default, -m turns it off */ 178 /* motd is displayed by default, -m turns it off */
180 case 'm': 179 case 'm':
199 #ifdef DEBUG_TRACE 198 #ifdef DEBUG_TRACE
200 case 'v': 199 case 'v':
201 debug_trace = 1; 200 debug_trace = 1;
202 break; 201 break;
203 #endif 202 #endif
204 /*
205 case '4':
206 svr_opts.ipv4 = 0;
207 break;
208 case '6':
209 svr_opts.ipv6 = 0;
210 break;
211 */
212 default: 203 default:
213 fprintf(stderr, "Unknown argument %s\n", argv[i]); 204 fprintf(stderr, "Unknown argument %s\n", argv[i]);
214 printhelp(argv[0]); 205 printhelp(argv[0]);
215 exit(EXIT_FAILURE); 206 exit(EXIT_FAILURE);
216 break; 207 break;
217 } 208 }
218 } 209 }
219 } 210 }
220 211
212 /* Set up listening ports */
213 if (svr_opts.portcount == 0) {
214 svr_opts.ports[0] = m_strdup(DROPBEAR_DEFPORT);
215 svr_opts.portcount = 1;
216 } else {
217 /* we may have been given a -p option but no argument to go with
218 * it */
219 if (svr_opts.ports[svr_opts.portcount-1] == NULL) {
220 svr_opts.portcount--;
221 }
222 }
223
221 if (svr_opts.dsskeyfile == NULL) { 224 if (svr_opts.dsskeyfile == NULL) {
222 svr_opts.dsskeyfile = DSS_PRIV_FILENAME; 225 svr_opts.dsskeyfile = DSS_PRIV_FILENAME;
223 } 226 }
224 if (svr_opts.rsakeyfile == NULL) { 227 if (svr_opts.rsakeyfile == NULL) {
225 svr_opts.rsakeyfile = RSA_PRIV_FILENAME; 228 svr_opts.rsakeyfile = RSA_PRIV_FILENAME;
226 } 229 }
227 svr_opts.hostkey = loadhostkeys(svr_opts.dsskeyfile, svr_opts.rsakeyfile);
228 230
229 if (svr_opts.bannerfile) { 231 if (svr_opts.bannerfile) {
230 struct stat buf; 232 struct stat buf;
231 if (stat(svr_opts.bannerfile, &buf) != 0) { 233 if (stat(svr_opts.bannerfile, &buf) != 0) {
232 dropbear_exit("Error opening banner file '%s'", 234 dropbear_exit("Error opening banner file '%s'",
244 svr_opts.bannerfile); 246 svr_opts.bannerfile);
245 } 247 }
246 buf_setpos(svr_opts.banner, 0); 248 buf_setpos(svr_opts.banner, 0);
247 } 249 }
248 250
249 /* not yet
250 if (!(svr_opts.ipv4 || svr_opts.ipv6)) {
251 fprintf(stderr, "You can't disable ipv4 and ipv6.\n");
252 exit(1);
253 }
254 */
255
256 /* create the array of listening ports */
257 if (portnum == 0) {
258 /* non specified */
259 svr_opts.portcount = 1;
260 svr_opts.ports = m_malloc(sizeof(uint16_t));
261 svr_opts.ports[0] = DROPBEAR_PORT;
262 } else {
263 svr_opts.portcount = portnum;
264 svr_opts.ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum);
265 for (i = 0; i < portnum; i++) {
266 if (portstring[i]) {
267 longport = atoi(portstring[i]);
268 if (longport <= 65535 && longport > 0) {
269 svr_opts.ports[i] = (uint16_t)longport;
270 continue;
271 }
272 }
273 fprintf(stderr, "Bad port '%s'\n",
274 portstring[i] ? portstring[i] : "null");
275 }
276 }
277
278 } 251 }
279 252
280 static void disablekey(int type, const char* filename) { 253 static void disablekey(int type, const char* filename) {
281 254
282 int i; 255 int i;
285 if (sshhostkey[i].val == type) { 258 if (sshhostkey[i].val == type) {
286 sshhostkey[i].usable = 0; 259 sshhostkey[i].usable = 0;
287 break; 260 break;
288 } 261 }
289 } 262 }
290 fprintf(stderr, "Failed reading '%s', disabling %s\n", filename, 263 dropbear_log(LOG_WARNING, "Failed reading '%s', disabling %s", filename,
291 type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA"); 264 type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA");
292 } 265 }
293 266
294 static sign_key * loadhostkeys(const char * dsskeyfile, 267 /* Must be called after syslog/etc is working */
295 const char * rsakeyfile) { 268 void loadhostkeys() {
296 269
297 sign_key * hostkey;
298 int ret; 270 int ret;
299 int type; 271 int type;
300 272
301 TRACE(("enter loadhostkeys")); 273 TRACE(("enter loadhostkeys"));
302 274
303 hostkey = new_sign_key(); 275 svr_opts.hostkey = new_sign_key();
304 276
305 #ifdef DROPBEAR_RSA 277 #ifdef DROPBEAR_RSA
306 type = DROPBEAR_SIGNKEY_RSA; 278 type = DROPBEAR_SIGNKEY_RSA;
307 ret = readhostkey(rsakeyfile, hostkey, &type); 279 ret = readhostkey(svr_opts.rsakeyfile, svr_opts.hostkey, &type);
308 if (ret == DROPBEAR_FAILURE) { 280 if (ret == DROPBEAR_FAILURE) {
309 disablekey(DROPBEAR_SIGNKEY_RSA, rsakeyfile); 281 disablekey(DROPBEAR_SIGNKEY_RSA, svr_opts.rsakeyfile);
310 } 282 }
311 #endif 283 #endif
312 #ifdef DROPBEAR_DSS 284 #ifdef DROPBEAR_DSS
313 type = DROPBEAR_SIGNKEY_DSS; 285 type = DROPBEAR_SIGNKEY_DSS;
314 ret = readhostkey(dsskeyfile, hostkey, &type); 286 ret = readhostkey(svr_opts.dsskeyfile, svr_opts.hostkey, &type);
315 if (ret == DROPBEAR_FAILURE) { 287 if (ret == DROPBEAR_FAILURE) {
316 disablekey(DROPBEAR_SIGNKEY_DSS, dsskeyfile); 288 disablekey(DROPBEAR_SIGNKEY_DSS, svr_opts.dsskeyfile);
317 } 289 }
318 #endif 290 #endif
319 291
320 if ( 1 292 if ( 1
321 #ifdef DROPBEAR_DSS 293 #ifdef DROPBEAR_DSS
322 && hostkey->dsskey == NULL 294 && svr_opts.hostkey->dsskey == NULL
323 #endif 295 #endif
324 #ifdef DROPBEAR_RSA 296 #ifdef DROPBEAR_RSA
325 && hostkey->rsakey == NULL 297 && svr_opts.hostkey->rsakey == NULL
326 #endif 298 #endif
327 ) { 299 ) {
328 dropbear_exit("No hostkeys available"); 300 dropbear_exit("No hostkeys available");
329 } 301 }
330 302
331 TRACE(("leave loadhostkeys")); 303 TRACE(("leave loadhostkeys"));
332 return hostkey;
333 } 304 }