Mercurial > dropbear
view dbutil.c @ 742:cd201dc2da9a kexguess
merge
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 31 Mar 2013 00:41:15 +0800 |
| parents | fc7ae88e63b3 |
| children | 9a5438271556 2202e854d187 |
line wrap: on
line source
/* * Dropbear - a SSH2 server * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. * * strlcat() is copyright as follows: * Copyright (c) 1998 Todd C. Miller <[email protected]> * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" #include "dbutil.h" #include "buffer.h" #include "session.h" #include "atomicio.h" #define MAX_FMT 100 static void generic_dropbear_exit(int exitcode, const char* format, va_list param) ATTRIB_NORETURN; static void generic_dropbear_log(int priority, const char* format, va_list param); void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN = generic_dropbear_exit; void (*_dropbear_log)(int priority, const char* format, va_list param) = generic_dropbear_log; #ifdef DEBUG_TRACE int debug_trace = 0; #endif #ifndef DISABLE_SYSLOG void startsyslog() { openlog(PROGNAME, LOG_PID, LOG_AUTHPRIV); } #endif /* DISABLE_SYSLOG */ /* the "format" string must be <= 100 characters */ void dropbear_close(const char* format, ...) { va_list param; va_start(param, format); _dropbear_exit(EXIT_SUCCESS, format, param); va_end(param); } void dropbear_exit(const char* format, ...) { va_list param; va_start(param, format); _dropbear_exit(EXIT_FAILURE, format, param); va_end(param); } static void generic_dropbear_exit(int exitcode, const char* format, va_list param) { char fmtbuf[300]; snprintf(fmtbuf, sizeof(fmtbuf), "Exited: %s", format); _dropbear_log(LOG_INFO, fmtbuf, param); exit(exitcode); } void fail_assert(const char* expr, const char* file, int line) { dropbear_exit("Failed assertion (%s:%d): `%s'", file, line, expr); } static void generic_dropbear_log(int UNUSED(priority), const char* format, va_list param) { char printbuf[1024]; vsnprintf(printbuf, sizeof(printbuf), format, param); fprintf(stderr, "%s\n", printbuf); } /* this is what can be called to write arbitrary log messages */ void dropbear_log(int priority, const char* format, ...) { va_list param; va_start(param, format); _dropbear_log(priority, format, param); va_end(param); } #ifdef DEBUG_TRACE void dropbear_trace(const char* format, ...) { va_list param; if (!debug_trace) { return; } va_start(param, format); fprintf(stderr, "TRACE (%d): ", getpid()); vfprintf(stderr, format, param); fprintf(stderr, "\n"); va_end(param); } #endif /* DEBUG_TRACE */ static void set_sock_priority(int sock) { int val; /* disable nagle */ val = 1; setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void*)&val, sizeof(val)); /* set the TOS bit for either ipv4 or ipv6 */ #ifdef IPTOS_LOWDELAY val = IPTOS_LOWDELAY; #if defined(IPPROTO_IPV6) && defined(IPV6_TCLASS) setsockopt(sock, IPPROTO_IPV6, IPV6_TCLASS, (void*)&val, sizeof(val)); #endif setsockopt(sock, IPPROTO_IP, IP_TOS, (void*)&val, sizeof(val)); #endif #ifdef SO_PRIORITY /* linux specific, sets QoS class. * 6 looks to be optimal for interactive traffic (see tc-prio(8) ). */ val = 6; setsockopt(sock, SOL_SOCKET, SO_PRIORITY, (void*) &val, sizeof(val)); #endif } /* Listen on address:port. * Special cases are address of "" listening on everything, * and address of NULL listening on localhost only. * Returns the number of sockets bound on success, or -1 on failure. On * failure, if errstring wasn't NULL, it'll be a newly malloced error * string.*/ int dropbear_listen(const char* address, const char* port, int *socks, unsigned int sockcount, char **errstring, int *maxfd) { struct addrinfo hints, *res = NULL, *res0 = NULL; int err; unsigned int nsock; struct linger linger; int val; int sock; TRACE(("enter dropbear_listen")) memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; /* TODO: let them flag v4 only etc */ hints.ai_socktype = SOCK_STREAM; /* for calling getaddrinfo: address == NULL and !AI_PASSIVE: local loopback address == NULL and AI_PASSIVE: all interfaces address != NULL: whatever the address says */ if (!address) { TRACE(("dropbear_listen: local loopback")) } else { if (address[0] == '\0') { TRACE(("dropbear_listen: all interfaces")) address = NULL; } hints.ai_flags = AI_PASSIVE; } err = getaddrinfo(address, port, &hints, &res0); if (err) { if (errstring != NULL && *errstring == NULL) { int len; len = 20 + strlen(gai_strerror(err)); *errstring = (char*)m_malloc(len); snprintf(*errstring, len, "Error resolving: %s", gai_strerror(err)); } if (res0) { freeaddrinfo(res0); res0 = NULL; } TRACE(("leave dropbear_listen: failed resolving")) return -1; } nsock = 0; for (res = res0; res != NULL && nsock < sockcount; res = res->ai_next) { /* Get a socket */ socks[nsock] = socket(res->ai_family, res->ai_socktype, res->ai_protocol); sock = socks[nsock]; /* For clarity */ if (sock < 0) { err = errno; TRACE(("socket() failed")) continue; } /* Various useful socket options */ val = 1; /* set to reuse, quick timeout */ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &val, sizeof(val)); linger.l_onoff = 1; linger.l_linger = 5; setsockopt(sock, SOL_SOCKET, SO_LINGER, (void*)&linger, sizeof(linger)); #if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY) if (res->ai_family == AF_INET6) { int on = 1; if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1) { dropbear_log(LOG_WARNING, "Couldn't set IPV6_V6ONLY"); } } #endif set_sock_priority(sock); if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { err = errno; close(sock); TRACE(("bind(%s) failed", port)) continue; } if (listen(sock, 20) < 0) { err = errno; close(sock); TRACE(("listen() failed")) continue; } *maxfd = MAX(*maxfd, sock); nsock++; } if (res0) { freeaddrinfo(res0); res0 = NULL; } if (nsock == 0) { if (errstring != NULL && *errstring == NULL) { int len; len = 20 + strlen(strerror(err)); *errstring = (char*)m_malloc(len); snprintf(*errstring, len, "Error listening: %s", strerror(err)); } TRACE(("leave dropbear_listen: failure, %s", strerror(err))) return -1; } TRACE(("leave dropbear_listen: success, %d socks bound", nsock)) return nsock; } /* Connect to a given unix socket. The socket is blocking */ #ifdef ENABLE_CONNECT_UNIX int connect_unix(const char* path) { struct sockaddr_un addr; int fd = -1; memset((void*)&addr, 0x0, sizeof(addr)); addr.sun_family = AF_UNIX; strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); fd = socket(PF_UNIX, SOCK_STREAM, 0); if (fd < 0) { TRACE(("Failed to open unix socket")) return -1; } if (connect(fd, (struct sockaddr*)&addr, sizeof(addr)) < 0) { TRACE(("Failed to connect to '%s' socket", path)) m_close(fd); return -1; } return fd; } #endif /* Connect via TCP to a host. Connection will try ipv4 or ipv6, will * return immediately if nonblocking is set. On failure, if errstring * wasn't null, it will be a newly malloced error message */ /* TODO: maxfd */ int connect_remote(const char* remotehost, const char* remoteport, int nonblocking, char ** errstring) { struct addrinfo *res0 = NULL, *res = NULL, hints; int sock; int err; TRACE(("enter connect_remote")) if (errstring != NULL) { *errstring = NULL; } memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_STREAM; hints.ai_family = PF_UNSPEC; err = getaddrinfo(remotehost, remoteport, &hints, &res0); if (err) { if (errstring != NULL && *errstring == NULL) { int len; len = 100 + strlen(gai_strerror(err)); *errstring = (char*)m_malloc(len); snprintf(*errstring, len, "Error resolving '%s' port '%s'. %s", remotehost, remoteport, gai_strerror(err)); } TRACE(("Error resolving: %s", gai_strerror(err))) return -1; } sock = -1; err = EADDRNOTAVAIL; for (res = res0; res; res = res->ai_next) { sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol); if (sock < 0) { err = errno; continue; } if (nonblocking) { setnonblocking(sock);