Mercurial > dropbear

diff svr-runopts.c @ 1355:3fdd8c5a0195 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge main to fuzz
author Matt Johnston <matt@ucc.asn.au>
date Thu, 18 May 2017 23:45:10 +0800
parents 5c2899e35b63 750ec4ec4cbe
children 798854f62430
line wrap: on
line diff
--- a/svr-runopts.c	Thu May 18 23:38:30 2017 +0800
+++ b/svr-runopts.c	Thu May 18 23:45:10 2017 +0800
@@ -46,16 +46,16 @@
 					"		(default: none)\n"
 					"-r keyfile  Specify hostkeys (repeatable)\n"
 					"		defaults: \n"
-#ifdef DROPBEAR_DSS
+#if DROPBEAR_DSS
 					"		dss %s\n"
 #endif
-#ifdef DROPBEAR_RSA
+#if DROPBEAR_RSA
 					"		rsa %s\n"
 #endif
-#ifdef DROPBEAR_ECDSA
+#if DROPBEAR_ECDSA
 					"		ecdsa %s\n"
 #endif
-#ifdef DROPBEAR_DELAY_HOSTKEY
+#if DROPBEAR_DELAY_HOSTKEY
 					"-R		Create hostkeys as required\n" 
 #endif
 					"-F		Don't fork into background\n"
@@ -68,17 +68,18 @@
 					"-m		Don't display the motd on login\n"
 #endif
 					"-w		Disallow root logins\n"
-#if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH)
+#if DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH
 					"-s		Disable password logins\n"
 					"-g		Disable password logins for root\n"
 					"-B		Allow blank password logins\n"
 #endif
-#ifdef ENABLE_SVR_LOCALTCPFWD
+#if DROPBEAR_SVR_LOCALTCPFWD
 					"-j		Disable local port forwarding\n"
 #endif
-#ifdef ENABLE_SVR_REMOTETCPFWD
+#if DROPBEAR_SVR_REMOTETCPFWD
 					"-k		Disable remote port forwarding\n"
 					"-a		Allow connections to forwarded ports from any host\n"
+					"-c command	Force executed command\n"
 #endif
 					"-p [address:]port\n"
 					"		Listen on specified tcp port (and optionally address),\n"
@@ -93,17 +94,17 @@
 					"-K <keepalive>  (0 is never, default %d, in seconds)\n"
 					"-I <idle_timeout>  (0 is never, default %d, in seconds)\n"
 					"-V    Version\n"
-#ifdef DEBUG_TRACE
+#if DEBUG_TRACE
 					"-v		verbose (compiled with DEBUG_TRACE)\n"
 #endif
 					,DROPBEAR_VERSION, progname,
-#ifdef DROPBEAR_DSS
+#if DROPBEAR_DSS
 					DSS_PRIV_FILENAME,
 #endif
-#ifdef DROPBEAR_RSA
+#if DROPBEAR_RSA
 					RSA_PRIV_FILENAME,
 #endif
-#ifdef DROPBEAR_ECDSA
+#if DROPBEAR_ECDSA
 					ECDSA_PRIV_FILENAME,
 #endif
 					DROPBEAR_MAX_PORTS, DROPBEAR_DEFPORT, DROPBEAR_PIDFILE,
@@ -125,6 +126,7 @@
 	/* see printhelp() for options */
 	svr_opts.bannerfile = NULL;
 	svr_opts.banner = NULL;
+	svr_opts.forced_command = NULL;
 	svr_opts.forkbg = 1;
 	svr_opts.norootlogin = 0;
 	svr_opts.noauthpass = 0;
@@ -135,19 +137,15 @@
 	svr_opts.hostkey = NULL;
 	svr_opts.delay_hostkey = 0;
 	svr_opts.pidfile = DROPBEAR_PIDFILE;
-#ifdef ENABLE_SVR_LOCALTCPFWD
+#if DROPBEAR_SVR_LOCALTCPFWD
 	svr_opts.nolocaltcp = 0;
 #endif
-#ifdef ENABLE_SVR_REMOTETCPFWD
+#if DROPBEAR_SVR_REMOTETCPFWD
 	svr_opts.noremotetcp = 0;
 #endif
 
 #ifndef DISABLE_ZLIB
-#if DROPBEAR_SERVER_DELAY_ZLIB
 	opts.compress_mode = DROPBEAR_COMPRESS_DELAYED;
-#else
-	opts.compress_mode = DROPBEAR_COMPRESS_ON;
-#endif
 #endif 
 
 	/* not yet
@@ -164,7 +162,7 @@
 	opts.keepalive_secs = DEFAULT_KEEPALIVE;
 	opts.idle_timeout_secs = DEFAULT_IDLE_TIMEOUT;
 	
-#ifdef ENABLE_SVR_REMOTETCPFWD
+#if DROPBEAR_SVR_REMOTETCPFWD
 	opts.listen_fwd_all = 0;
 #endif
 
@@ -177,6 +175,9 @@
 				case 'b':
 					next = &svr_opts.bannerfile;
 					break;
+				case 'c':
+					next = &svr_opts.forced_command;
+					break;
 				case 'd':
 				case 'r':
 					next = &keyfile;
@@ -192,12 +193,12 @@
 					opts.usingsyslog = 0;
 					break;
 #endif
-#ifdef ENABLE_SVR_LOCALTCPFWD
+#if DROPBEAR_SVR_LOCALTCPFWD
 				case 'j':
 					svr_opts.nolocaltcp = 1;
 					break;
 #endif
-#ifdef ENABLE_SVR_REMOTETCPFWD
+#if DROPBEAR_SVR_REMOTETCPFWD
 				case 'k':
 					svr_opts.noremotetcp = 1;
 					break;
@@ -234,7 +235,7 @@
 				case 'I':
 					next = &idle_timeout_arg;
 					break;
-#if defined(ENABLE_SVR_PASSWORD_AUTH) || defined(ENABLE_SVR_PAM_AUTH)
+#if DROPBEAR_SVR_PASSWORD_AUTH || DROPBEAR_SVR_PAM_AUTH
 				case 's':
 					svr_opts.noauthpass = 1;
 					break;
@@ -252,7 +253,7 @@
 				case 'u':
 					/* backwards compatibility with old urandom option */
 					break;
-#ifdef DEBUG_TRACE
+#if DEBUG_TRACE
 				case 'v':
 					debug_trace = 1;
 					break;
@@ -346,6 +347,10 @@
 		}
 		opts.idle_timeout_secs = val;
 	}
+
+	if (svr_opts.forced_command) {
+		dropbear_log(LOG_INFO, "Forced command set to '%s'", svr_opts.forced_command);
+	}
 }
 
 static void addportandaddress(const char* spec) {
@@ -434,30 +439,30 @@
 		}
 	}
 
-#ifdef DROPBEAR_RSA
+#if DROPBEAR_RSA
 	if (type == DROPBEAR_SIGNKEY_RSA) {
 		loadhostkey_helper("RSA", (void**)&read_key->rsakey, (void**)&svr_opts.hostkey->rsakey, fatal_duplicate);
 	}
 #endif
 
-#ifdef DROPBEAR_DSS
+#if DROPBEAR_DSS
 	if (type == DROPBEAR_SIGNKEY_DSS) {
 		loadhostkey_helper("DSS", (void**)&read_key->dsskey, (void**)&svr_opts.hostkey->dsskey, fatal_duplicate);
 	}
 #endif
 
-#ifdef DROPBEAR_ECDSA
-#ifdef DROPBEAR_ECC_256
+#if DROPBEAR_ECDSA
+#if DROPBEAR_ECC_256
 	if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP256) {
 		loadhostkey_helper("ECDSA256", (void**)&read_key->ecckey256, (void**)&svr_opts.hostkey->ecckey256, fatal_duplicate);
 	}
 #endif
-#ifdef DROPBEAR_ECC_384
+#if DROPBEAR_ECC_384
 	if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP384) {
 		loadhostkey_helper("ECDSA384", (void**)&read_key->ecckey384, (void**)&svr_opts.hostkey->ecckey384, fatal_duplicate);
 	}
 #endif
-#ifdef DROPBEAR_ECC_521
+#if DROPBEAR_ECC_521
 	if (type == DROPBEAR_SIGNKEY_ECDSA_NISTP521) {
 		loadhostkey_helper("ECDSA521", (void**)&read_key->ecckey521, (void**)&svr_opts.hostkey->ecckey521, fatal_duplicate);
 	}
@@ -489,25 +494,25 @@
 		m_free(hostkey_file);
 	}
 
-#ifdef DROPBEAR_RSA
+#if DROPBEAR_RSA
 	loadhostkey(RSA_PRIV_FILENAME, 0);
 #endif
 
-#ifdef DROPBEAR_DSS
+#if DROPBEAR_DSS
 	loadhostkey(DSS_PRIV_FILENAME, 0);
 #endif
 
-#ifdef DROPBEAR_ECDSA
+#if DROPBEAR_ECDSA
 	loadhostkey(ECDSA_PRIV_FILENAME, 0);
 #endif
 
-#ifdef DROPBEAR_DELAY_HOSTKEY
+#if DROPBEAR_DELAY_HOSTKEY
 	if (svr_opts.delay_hostkey) {
 		disable_unset_keys = 0;
 	}
 #endif
 
-#ifdef DROPBEAR_RSA
+#if DROPBEAR_RSA
 	if (disable_unset_keys && !svr_opts.hostkey->rsakey) {
 		disablekey(DROPBEAR_SIGNKEY_RSA);
 	} else {
@@ -515,7 +520,7 @@
 	}
 #endif
 
-#ifdef DROPBEAR_DSS
+#if DROPBEAR_DSS
 	if (disable_unset_keys && !svr_opts.hostkey->dsskey) {
 		disablekey(DROPBEAR_SIGNKEY_DSS);
 	} else {
@@ -524,8 +529,8 @@
 #endif
 
 
-#ifdef DROPBEAR_ECDSA
-#ifdef DROPBEAR_ECC_256
+#if DROPBEAR_ECDSA
+#if DROPBEAR_ECC_256
 	if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 256)
 		&& !svr_opts.hostkey->ecckey256) {
 		disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP256);
@@ -534,7 +539,7 @@
 	}
 #endif
 
-#ifdef DROPBEAR_ECC_384
+#if DROPBEAR_ECC_384
 	if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 384)
 		&& !svr_opts.hostkey->ecckey384) {
 		disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP384);
@@ -543,7 +548,7 @@
 	}
 #endif
 
-#ifdef DROPBEAR_ECC_521
+#if DROPBEAR_ECC_521
 	if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 521)
 		&& !svr_opts.hostkey->ecckey521) {
 		disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521);