Mercurial > dropbear
comparison svr-runopts.c @ 101:72dc22f56858
Change the way we load keys/ports so we don't print error messages into our
socket.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 23 Aug 2004 05:27:34 +0000 |
parents | c85c88500ea6 |
children | 298098b2a61e |
comparison
equal
deleted
inserted
replaced
100:c72f5c10125d | 101:72dc22f56858 |
---|---|
29 #include "dbutil.h" | 29 #include "dbutil.h" |
30 #include "algo.h" | 30 #include "algo.h" |
31 | 31 |
32 svr_runopts svr_opts; /* GLOBAL */ | 32 svr_runopts svr_opts; /* GLOBAL */ |
33 | 33 |
34 static sign_key * loadhostkeys(const char * dsskeyfile, | |
35 const char * rsakeyfile); | |
36 static void printhelp(const char * progname); | 34 static void printhelp(const char * progname); |
37 | 35 |
38 static void printhelp(const char * progname) { | 36 static void printhelp(const char * progname) { |
39 | 37 |
40 fprintf(stderr, "Dropbear sshd v%s\n" | 38 fprintf(stderr, "Dropbear sshd v%s\n" |
84 DSS_PRIV_FILENAME, | 82 DSS_PRIV_FILENAME, |
85 #endif | 83 #endif |
86 #ifdef DROPBEAR_RSA | 84 #ifdef DROPBEAR_RSA |
87 RSA_PRIV_FILENAME, | 85 RSA_PRIV_FILENAME, |
88 #endif | 86 #endif |
89 DROPBEAR_MAX_PORTS, DROPBEAR_PORT); | 87 DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT); |
90 } | 88 } |
91 | 89 |
92 void svr_getopts(int argc, char ** argv) { | 90 void svr_getopts(int argc, char ** argv) { |
93 | 91 |
94 unsigned int i; | 92 unsigned int i; |
95 char ** next = 0; | 93 char ** next = 0; |
96 unsigned int portnum = 0; | |
97 char *portstring[DROPBEAR_MAX_PORTS]; | |
98 unsigned int longport; | |
99 | 94 |
100 /* see printhelp() for options */ | 95 /* see printhelp() for options */ |
101 svr_opts.rsakeyfile = NULL; | 96 svr_opts.rsakeyfile = NULL; |
102 svr_opts.dsskeyfile = NULL; | 97 svr_opts.dsskeyfile = NULL; |
103 svr_opts.bannerfile = NULL; | 98 svr_opts.bannerfile = NULL; |
105 svr_opts.forkbg = 1; | 100 svr_opts.forkbg = 1; |
106 svr_opts.norootlogin = 0; | 101 svr_opts.norootlogin = 0; |
107 svr_opts.noauthpass = 0; | 102 svr_opts.noauthpass = 0; |
108 svr_opts.norootpass = 0; | 103 svr_opts.norootpass = 0; |
109 svr_opts.inetdmode = 0; | 104 svr_opts.inetdmode = 0; |
105 svr_opts.portcount = 0; | |
106 svr_opts.hostkey = NULL; | |
110 opts.nolocaltcp = 0; | 107 opts.nolocaltcp = 0; |
111 opts.noremotetcp = 0; | 108 opts.noremotetcp = 0; |
112 /* not yet | 109 /* not yet |
113 opts.ipv4 = 1; | 110 opts.ipv4 = 1; |
114 opts.ipv6 = 1; | 111 opts.ipv6 = 1; |
167 case 'i': | 164 case 'i': |
168 svr_opts.inetdmode = 1; | 165 svr_opts.inetdmode = 1; |
169 break; | 166 break; |
170 #endif | 167 #endif |
171 case 'p': | 168 case 'p': |
172 if (portnum < DROPBEAR_MAX_PORTS) { | 169 if (svr_opts.portcount < DROPBEAR_MAX_PORTS) { |
173 portstring[portnum] = NULL; | 170 svr_opts.ports[svr_opts.portcount] = NULL; |
174 next = &portstring[portnum]; | 171 next = &svr_opts.ports[svr_opts.portcount]; |
175 portnum++; | 172 /* Note: if it doesn't actually get set, we'll |
173 * decrement it after the loop */ | |
174 svr_opts.portcount++; | |
176 } | 175 } |
177 break; | 176 break; |
178 #ifdef DO_MOTD | 177 #ifdef DO_MOTD |
179 /* motd is displayed by default, -m turns it off */ | 178 /* motd is displayed by default, -m turns it off */ |
180 case 'm': | 179 case 'm': |
199 #ifdef DEBUG_TRACE | 198 #ifdef DEBUG_TRACE |
200 case 'v': | 199 case 'v': |
201 debug_trace = 1; | 200 debug_trace = 1; |
202 break; | 201 break; |
203 #endif | 202 #endif |
204 /* | |
205 case '4': | |
206 svr_opts.ipv4 = 0; | |
207 break; | |
208 case '6': | |
209 svr_opts.ipv6 = 0; | |
210 break; | |
211 */ | |
212 default: | 203 default: |
213 fprintf(stderr, "Unknown argument %s\n", argv[i]); | 204 fprintf(stderr, "Unknown argument %s\n", argv[i]); |
214 printhelp(argv[0]); | 205 printhelp(argv[0]); |
215 exit(EXIT_FAILURE); | 206 exit(EXIT_FAILURE); |
216 break; | 207 break; |
217 } | 208 } |
218 } | 209 } |
219 } | 210 } |
220 | 211 |
212 /* Set up listening ports */ | |
213 if (svr_opts.portcount == 0) { | |
214 svr_opts.ports[0] = m_strdup(DROPBEAR_DEFPORT); | |
215 svr_opts.portcount = 1; | |
216 } else { | |
217 /* we may have been given a -p option but no argument to go with | |
218 * it */ | |
219 if (svr_opts.ports[svr_opts.portcount-1] == NULL) { | |
220 svr_opts.portcount--; | |
221 } | |
222 } | |
223 | |
221 if (svr_opts.dsskeyfile == NULL) { | 224 if (svr_opts.dsskeyfile == NULL) { |
222 svr_opts.dsskeyfile = DSS_PRIV_FILENAME; | 225 svr_opts.dsskeyfile = DSS_PRIV_FILENAME; |
223 } | 226 } |
224 if (svr_opts.rsakeyfile == NULL) { | 227 if (svr_opts.rsakeyfile == NULL) { |
225 svr_opts.rsakeyfile = RSA_PRIV_FILENAME; | 228 svr_opts.rsakeyfile = RSA_PRIV_FILENAME; |
226 } | 229 } |
227 svr_opts.hostkey = loadhostkeys(svr_opts.dsskeyfile, svr_opts.rsakeyfile); | |
228 | 230 |
229 if (svr_opts.bannerfile) { | 231 if (svr_opts.bannerfile) { |
230 struct stat buf; | 232 struct stat buf; |
231 if (stat(svr_opts.bannerfile, &buf) != 0) { | 233 if (stat(svr_opts.bannerfile, &buf) != 0) { |
232 dropbear_exit("Error opening banner file '%s'", | 234 dropbear_exit("Error opening banner file '%s'", |
244 svr_opts.bannerfile); | 246 svr_opts.bannerfile); |
245 } | 247 } |
246 buf_setpos(svr_opts.banner, 0); | 248 buf_setpos(svr_opts.banner, 0); |
247 } | 249 } |
248 | 250 |
249 /* not yet | |
250 if (!(svr_opts.ipv4 || svr_opts.ipv6)) { | |
251 fprintf(stderr, "You can't disable ipv4 and ipv6.\n"); | |
252 exit(1); | |
253 } | |
254 */ | |
255 | |
256 /* create the array of listening ports */ | |
257 if (portnum == 0) { | |
258 /* non specified */ | |
259 svr_opts.portcount = 1; | |
260 svr_opts.ports = m_malloc(sizeof(uint16_t)); | |
261 svr_opts.ports[0] = DROPBEAR_PORT; | |
262 } else { | |
263 svr_opts.portcount = portnum; | |
264 svr_opts.ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum); | |
265 for (i = 0; i < portnum; i++) { | |
266 if (portstring[i]) { | |
267 longport = atoi(portstring[i]); | |
268 if (longport <= 65535 && longport > 0) { | |
269 svr_opts.ports[i] = (uint16_t)longport; | |
270 continue; | |
271 } | |
272 } | |
273 fprintf(stderr, "Bad port '%s'\n", | |
274 portstring[i] ? portstring[i] : "null"); | |
275 } | |
276 } | |
277 | |
278 } | 251 } |
279 | 252 |
280 static void disablekey(int type, const char* filename) { | 253 static void disablekey(int type, const char* filename) { |
281 | 254 |
282 int i; | 255 int i; |
285 if (sshhostkey[i].val == type) { | 258 if (sshhostkey[i].val == type) { |
286 sshhostkey[i].usable = 0; | 259 sshhostkey[i].usable = 0; |
287 break; | 260 break; |
288 } | 261 } |
289 } | 262 } |
290 fprintf(stderr, "Failed reading '%s', disabling %s\n", filename, | 263 dropbear_log(LOG_WARNING, "Failed reading '%s', disabling %s", filename, |
291 type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA"); | 264 type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA"); |
292 } | 265 } |
293 | 266 |
294 static sign_key * loadhostkeys(const char * dsskeyfile, | 267 /* Must be called after syslog/etc is working */ |
295 const char * rsakeyfile) { | 268 void loadhostkeys() { |
296 | 269 |
297 sign_key * hostkey; | |
298 int ret; | 270 int ret; |
299 int type; | 271 int type; |
300 | 272 |
301 TRACE(("enter loadhostkeys")); | 273 TRACE(("enter loadhostkeys")); |
302 | 274 |
303 hostkey = new_sign_key(); | 275 svr_opts.hostkey = new_sign_key(); |
304 | 276 |
305 #ifdef DROPBEAR_RSA | 277 #ifdef DROPBEAR_RSA |
306 type = DROPBEAR_SIGNKEY_RSA; | 278 type = DROPBEAR_SIGNKEY_RSA; |
307 ret = readhostkey(rsakeyfile, hostkey, &type); | 279 ret = readhostkey(svr_opts.rsakeyfile, svr_opts.hostkey, &type); |
308 if (ret == DROPBEAR_FAILURE) { | 280 if (ret == DROPBEAR_FAILURE) { |
309 disablekey(DROPBEAR_SIGNKEY_RSA, rsakeyfile); | 281 disablekey(DROPBEAR_SIGNKEY_RSA, svr_opts.rsakeyfile); |
310 } | 282 } |
311 #endif | 283 #endif |
312 #ifdef DROPBEAR_DSS | 284 #ifdef DROPBEAR_DSS |
313 type = DROPBEAR_SIGNKEY_DSS; | 285 type = DROPBEAR_SIGNKEY_DSS; |
314 ret = readhostkey(dsskeyfile, hostkey, &type); | 286 ret = readhostkey(svr_opts.dsskeyfile, svr_opts.hostkey, &type); |
315 if (ret == DROPBEAR_FAILURE) { | 287 if (ret == DROPBEAR_FAILURE) { |
316 disablekey(DROPBEAR_SIGNKEY_DSS, dsskeyfile); | 288 disablekey(DROPBEAR_SIGNKEY_DSS, svr_opts.dsskeyfile); |
317 } | 289 } |
318 #endif | 290 #endif |
319 | 291 |
320 if ( 1 | 292 if ( 1 |
321 #ifdef DROPBEAR_DSS | 293 #ifdef DROPBEAR_DSS |
322 && hostkey->dsskey == NULL | 294 && svr_opts.hostkey->dsskey == NULL |
323 #endif | 295 #endif |
324 #ifdef DROPBEAR_RSA | 296 #ifdef DROPBEAR_RSA |
325 && hostkey->rsakey == NULL | 297 && svr_opts.hostkey->rsakey == NULL |
326 #endif | 298 #endif |
327 ) { | 299 ) { |
328 dropbear_exit("No hostkeys available"); | 300 dropbear_exit("No hostkeys available"); |
329 } | 301 } |
330 | 302 |
331 TRACE(("leave loadhostkeys")); | 303 TRACE(("leave loadhostkeys")); |
332 return hostkey; | |
333 } | 304 } |