Mercurial > dropbear

comparison svr-runopts.c @ 4:fe6bca95afa7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Makefile.in contains updated files required
author Matt Johnston <matt@ucc.asn.au>
date Tue, 01 Jun 2004 02:46:09 +0000
parents
children 469950e86d0f
comparison
equal deleted inserted replaced
-1:000000000000 4:fe6bca95afa7
1 /*
2 * Dropbear - a SSH2 server
3 *
4 * Copyright (c) 2002,2003 Matt Johnston
5 * All rights reserved.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 * SOFTWARE. */
24
25 #include "includes.h"
26 #include "runopts.h"
27 #include "signkey.h"
28 #include "buffer.h"
29 #include "dbutil.h"
30 #include "algo.h"
31
32 static sign_key * loadhostkeys(const char * dsskeyfile,
33 const char * rsakeyfile);
34 static int readhostkey(const char * filename, sign_key * hostkey, int type);
35 static void printhelp(const char * progname);
36
37 static void printhelp(const char * progname) {
38
39 fprintf(stderr, "Dropbear sshd v%s\n"
40 "Usage: %s [options]\n"
41 "Options are:\n"
42 "-b bannerfile Display the contents of bannerfile"
43 " before user login\n"
44 " (default: none)\n"
45 #ifdef DROPBEAR_DSS
46 "-d dsskeyfile Use dsskeyfile for the dss host key\n"
47 " (default: %s)\n"
48 #endif
49 #ifdef DROPBEAR_RSA
50 "-r rsakeyfile Use rsakeyfile for the rsa host key\n"
51 " (default: %s)\n"
52 #endif
53 "-F Don't fork into background\n"
54 #ifdef DISABLE_SYSLOG
55 "(Syslog support not compiled in, using stderr)\n"
56 #else
57 "-E Log to stderr rather than syslog\n"
58 #endif
59 #ifdef DO_MOTD
60 "-m Don't display the motd on login\n"
61 #endif
62 "-w Disallow root logins\n"
63 #ifdef DROPBEAR_PASSWORD_AUTH
64 "-s Disable password logins\n"
65 "-g Disable password logins for root\n"
66 #endif
67 #ifndef DISABLE_LOCALTCPFWD
68 "-j Disable local port forwarding\n"
69 #endif
70 #ifndef DISABLE_REMOTETCPFWD
71 "-k Disable remote port forwarding\n"
72 #endif
73 "-p port Listen on specified tcp port, up to %d can be specified\n"
74 " (default %d if none specified)\n"
75 /* "-4/-6 Disable listening on ipv4/ipv6 respectively\n"*/
76
77 ,DROPBEAR_VERSION, progname,
78 #ifdef DROPBEAR_DSS
79 DSS_PRIV_FILENAME,
80 #endif
81 #ifdef DROPBEAR_RSA
82 RSA_PRIV_FILENAME,
83 #endif
84 DROPBEAR_MAX_PORTS, DROPBEAR_PORT);
85 }
86
87 /* returns NULL on failure, or a pointer to a freshly allocated
88 * runopts structure */
89 runopts * svr_getopts(int argc, char ** argv) {
90
91 unsigned int i;
92 char ** next = 0;
93 runopts * opts;
94 unsigned int portnum = 0;
95 char *portstring[DROPBEAR_MAX_PORTS];
96 unsigned int longport;
97
98 /* see printhelp() for options */
99 opts = (runopts*)m_malloc(sizeof(runopts));
100 opts->rsakeyfile = NULL;
101 opts->dsskeyfile = NULL;
102 opts->bannerfile = NULL;
103 opts->banner = NULL;
104 opts->forkbg = 1;
105 opts->norootlogin = 0;
106 opts->noauthpass = 0;
107 opts->norootpass = 0;
108 opts->nolocaltcp = 0;
109 opts->noremotetcp = 0;
110 /* not yet
111 opts->ipv4 = 1;
112 opts->ipv6 = 1;
113 */
114 #ifdef DO_MOTD
115 opts->domotd = 1;
116 #endif
117 #ifndef DISABLE_SYSLOG
118 usingsyslog = 1;
119 #endif
120
121 for (i = 1; i < (unsigned int)argc; i++) {
122 if (next) {
123 *next = argv[i];
124 if (*next == NULL) {
125 dropbear_exit("Invalid null argument");
126 }
127 next = 0x00;
128 continue;
129 }
130
131 if (argv[i][0] == '-') {
132 switch (argv[i][1]) {
133 case 'b':
134 next = &opts->bannerfile;
135 break;
136 #ifdef DROPBEAR_DSS
137 case 'd':
138 next = &opts->dsskeyfile;
139 break;
140 #endif
141 #ifdef DROPBEAR_RSA
142 case 'r':
143 next = &opts->rsakeyfile;
144 break;
145 #endif
146 case 'F':
147 opts->forkbg = 0;
148 break;
149 #ifndef DISABLE_SYSLOG
150 case 'E':
151 usingsyslog = 0;
152 break;
153 #endif
154 #ifndef DISABLE_LOCALTCPFWD
155 case 'j':
156 opts->nolocaltcp = 1;
157 break;
158 #endif
159 #ifndef DISABLE_REMOTETCPFWD
160 case 'k':
161 opts->noremotetcp = 1;
162 break;
163 #endif
164 case 'p':
165 if (portnum < DROPBEAR_MAX_PORTS) {
166 portstring[portnum] = NULL;
167 next = &portstring[portnum];
168 portnum++;
169 }
170 break;
171 #ifdef DO_MOTD
172 /* motd is displayed by default, -m turns it off */
173 case 'm':
174 opts->domotd = 0;
175 break;
176 #endif
177 case 'w':
178 opts->norootlogin = 1;
179 break;
180 #ifdef DROPBEAR_PASSWORD_AUTH
181 case 's':
182 opts->noauthpass = 1;
183 break;
184 case 'g':
185 opts->norootpass = 1;
186 break;
187 #endif
188 case 'h':
189 printhelp(argv[0]);
190 exit(EXIT_FAILURE);
191 break;
192 /*
193 case '4':
194 opts->ipv4 = 0;
195 break;
196 case '6':
197 opts->ipv6 = 0;
198 break;
199 */
200 default:
201 fprintf(stderr, "Unknown argument %s\n", argv[i]);
202 printhelp(argv[0]);
203 exit(EXIT_FAILURE);
204 break;
205 }
206 }
207 }
208
209 if (opts->dsskeyfile == NULL) {
210 opts->dsskeyfile = DSS_PRIV_FILENAME;
211 }
212 if (opts->rsakeyfile == NULL) {
213 opts->rsakeyfile = RSA_PRIV_FILENAME;
214 }
215 opts->hostkey = loadhostkeys(opts->dsskeyfile, opts->rsakeyfile);
216
217 if (opts->bannerfile) {
218 struct stat buf;
219 if (stat(opts->bannerfile, &buf) != 0) {
220 dropbear_exit("Error opening banner file '%s'",
221 opts->bannerfile);
222 }
223
224 if (buf.st_size > MAX_BANNER_SIZE) {
225 dropbear_exit("Banner file too large, max is %d bytes",
226 MAX_BANNER_SIZE);
227 }
228
229 opts->banner = buf_new(buf.st_size);
230 if (buf_readfile(opts->banner, opts->bannerfile)!=DROPBEAR_SUCCESS) {
231 dropbear_exit("Error reading banner file '%s'",
232 opts->bannerfile);
233 }
234 buf_setpos(opts->banner, 0);
235 }
236
237 /* not yet
238 if (!(opts->ipv4 || opts->ipv6)) {
239 fprintf(stderr, "You can't disable ipv4 and ipv6.\n");
240 exit(1);
241 }
242 */
243
244 /* create the array of listening ports */
245 if (portnum == 0) {
246 /* non specified */
247 opts->portcount = 1;
248 opts->ports = m_malloc(sizeof(uint16_t));
249 opts->ports[0] = DROPBEAR_PORT;
250 } else {
251 opts->portcount = portnum;
252 opts->ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum);
253 for (i = 0; i < portnum; i++) {
254 if (portstring[i]) {
255 longport = atoi(portstring[i]);
256 if (longport <= 65535 && longport > 0) {
257 opts->ports[i] = (uint16_t)longport;
258 continue;
259 }
260 }
261 fprintf(stderr, "Bad port '%s'\n",
262 portstring[i] ? portstring[i] : "null");
263 }
264 }
265
266 return opts;
267 }
268
269 void freerunopts(runopts* opts) {
270
271 if (!opts) {
272 return;
273 }
274
275 if (opts->hostkey) {
276 sign_key_free(opts->hostkey);
277 opts->hostkey = NULL;
278 }
279
280 m_free(opts->ports);
281 m_free(opts);
282 }
283
284 /* returns success or failure */
285 static int readhostkey(const char * filename, sign_key * hostkey, int type) {
286
287 int ret = DROPBEAR_FAILURE;
288 int i;
289 buffer *buf;
290
291 buf = buf_new(2000);
292
293 if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) {
294 goto out;
295 }
296 buf_setpos(buf, 0);
297 if (buf_get_priv_key(buf, hostkey, &type) == DROPBEAR_FAILURE) {
298 goto out;
299 }
300
301 ret = DROPBEAR_SUCCESS;
302 out:
303 if (ret == DROPBEAR_FAILURE) {
304 for (i = 0; sshhostkey[i].name != NULL; i++) {
305 if (sshhostkey[i].val == type) {
306 sshhostkey[i].usable = 0;
307 break;
308 }
309 }
310 fprintf(stderr, "Failed reading '%s', disabling %s\n", filename,
311 type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA");
312 }
313
314 buf_burn(buf);
315 buf_free(buf);
316 return ret;
317 }
318
319 static sign_key * loadhostkeys(const char * dsskeyfile,
320 const char * rsakeyfile) {
321
322 sign_key * hostkey;
323
324 TRACE(("enter loadhostkeys"));
325
326 hostkey = new_sign_key();
327
328 #ifdef DROPBEAR_RSA
329 (void)readhostkey(rsakeyfile, hostkey, DROPBEAR_SIGNKEY_RSA);
330 #endif
331
332 #ifdef DROPBEAR_DSS
333 (void)readhostkey(dsskeyfile, hostkey, DROPBEAR_SIGNKEY_DSS);
334 #endif
335
336 if ( 1
337 #ifdef DROPBEAR_DSS
338 && hostkey->dsskey == NULL
339 #endif
340 #ifdef DROPBEAR_RSA
341 && hostkey->rsakey == NULL
342 #endif
343 ) {
344 dropbear_exit("No hostkeys available");
345 }
346
347 TRACE(("leave loadhostkeys"));
348 return hostkey;
349 }