Mercurial > dropbear
view svr-runopts.c @ 11:f76c9389e9e0
Mostly done with the listener changeover
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 03 Jun 2004 17:22:48 +0000 |
parents | fe6bca95afa7 |
children | 469950e86d0f |
line wrap: on
line source
/* * Dropbear - a SSH2 server * * Copyright (c) 2002,2003 Matt Johnston * All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ #include "includes.h" #include "runopts.h" #include "signkey.h" #include "buffer.h" #include "dbutil.h" #include "algo.h" static sign_key * loadhostkeys(const char * dsskeyfile, const char * rsakeyfile); static int readhostkey(const char * filename, sign_key * hostkey, int type); static void printhelp(const char * progname); static void printhelp(const char * progname) { fprintf(stderr, "Dropbear sshd v%s\n" "Usage: %s [options]\n" "Options are:\n" "-b bannerfile Display the contents of bannerfile" " before user login\n" " (default: none)\n" #ifdef DROPBEAR_DSS "-d dsskeyfile Use dsskeyfile for the dss host key\n" " (default: %s)\n" #endif #ifdef DROPBEAR_RSA "-r rsakeyfile Use rsakeyfile for the rsa host key\n" " (default: %s)\n" #endif "-F Don't fork into background\n" #ifdef DISABLE_SYSLOG "(Syslog support not compiled in, using stderr)\n" #else "-E Log to stderr rather than syslog\n" #endif #ifdef DO_MOTD "-m Don't display the motd on login\n" #endif "-w Disallow root logins\n" #ifdef DROPBEAR_PASSWORD_AUTH "-s Disable password logins\n" "-g Disable password logins for root\n" #endif #ifndef DISABLE_LOCALTCPFWD "-j Disable local port forwarding\n" #endif #ifndef DISABLE_REMOTETCPFWD "-k Disable remote port forwarding\n" #endif "-p port Listen on specified tcp port, up to %d can be specified\n" " (default %d if none specified)\n" /* "-4/-6 Disable listening on ipv4/ipv6 respectively\n"*/ ,DROPBEAR_VERSION, progname, #ifdef DROPBEAR_DSS DSS_PRIV_FILENAME, #endif #ifdef DROPBEAR_RSA RSA_PRIV_FILENAME, #endif DROPBEAR_MAX_PORTS, DROPBEAR_PORT); } /* returns NULL on failure, or a pointer to a freshly allocated * runopts structure */ runopts * svr_getopts(int argc, char ** argv) { unsigned int i; char ** next = 0; runopts * opts; unsigned int portnum = 0; char *portstring[DROPBEAR_MAX_PORTS]; unsigned int longport; /* see printhelp() for options */ opts = (runopts*)m_malloc(sizeof(runopts)); opts->rsakeyfile = NULL; opts->dsskeyfile = NULL; opts->bannerfile = NULL; opts->banner = NULL; opts->forkbg = 1; opts->norootlogin = 0; opts->noauthpass = 0; opts->norootpass = 0; opts->nolocaltcp = 0; opts->noremotetcp = 0; /* not yet opts->ipv4 = 1; opts->ipv6 = 1; */ #ifdef DO_MOTD opts->domotd = 1; #endif #ifndef DISABLE_SYSLOG usingsyslog = 1; #endif for (i = 1; i < (unsigned int)argc; i++) { if (next) { *next = argv[i]; if (*next == NULL) { dropbear_exit("Invalid null argument"); } next = 0x00; continue; } if (argv[i][0] == '-') { switch (argv[i][1]) { case 'b': next = &opts->bannerfile; break; #ifdef DROPBEAR_DSS case 'd': next = &opts->dsskeyfile; break; #endif #ifdef DROPBEAR_RSA case 'r': next = &opts->rsakeyfile; break; #endif case 'F': opts->forkbg = 0; break; #ifndef DISABLE_SYSLOG case 'E': usingsyslog = 0; break; #endif #ifndef DISABLE_LOCALTCPFWD case 'j': opts->nolocaltcp = 1; break; #endif #ifndef DISABLE_REMOTETCPFWD case 'k': opts->noremotetcp = 1; break; #endif case 'p': if (portnum < DROPBEAR_MAX_PORTS) { portstring[portnum] = NULL; next = &portstring[portnum]; portnum++; } break; #ifdef DO_MOTD /* motd is displayed by default, -m turns it off */ case 'm': opts->domotd = 0; break; #endif case 'w': opts->norootlogin = 1; break; #ifdef DROPBEAR_PASSWORD_AUTH case 's': opts->noauthpass = 1; break; case 'g': opts->norootpass = 1; break; #endif case 'h': printhelp(argv[0]); exit(EXIT_FAILURE); break; /* case '4': opts->ipv4 = 0; break; case '6': opts->ipv6 = 0; break; */ default: fprintf(stderr, "Unknown argument %s\n", argv[i]); printhelp(argv[0]); exit(EXIT_FAILURE); break; } } } if (opts->dsskeyfile == NULL) { opts->dsskeyfile = DSS_PRIV_FILENAME; } if (opts->rsakeyfile == NULL) { opts->rsakeyfile = RSA_PRIV_FILENAME; } opts->hostkey = loadhostkeys(opts->dsskeyfile, opts->rsakeyfile); if (opts->bannerfile) { struct stat buf; if (stat(opts->bannerfile, &buf) != 0) { dropbear_exit("Error opening banner file '%s'", opts->bannerfile); } if (buf.st_size > MAX_BANNER_SIZE) { dropbear_exit("Banner file too large, max is %d bytes", MAX_BANNER_SIZE); } opts->banner = buf_new(buf.st_size); if (buf_readfile(opts->banner, opts->bannerfile)!=DROPBEAR_SUCCESS) { dropbear_exit("Error reading banner file '%s'", opts->bannerfile); } buf_setpos(opts->banner, 0); } /* not yet if (!(opts->ipv4 || opts->ipv6)) { fprintf(stderr, "You can't disable ipv4 and ipv6.\n"); exit(1); } */ /* create the array of listening ports */ if (portnum == 0) { /* non specified */ opts->portcount = 1; opts->ports = m_malloc(sizeof(uint16_t)); opts->ports[0] = DROPBEAR_PORT; } else { opts->portcount = portnum; opts->ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum); for (i = 0; i < portnum; i++) { if (portstring[i]) { longport = atoi(portstring[i]); if (longport <= 65535 && longport > 0) { opts->ports[i] = (uint16_t)longport; continue; } } fprintf(stderr, "Bad port '%s'\n", portstring[i] ? portstring[i] : "null"); } } return opts; } void freerunopts(runopts* opts) { if (!opts) { return; } if (opts->hostkey) { sign_key_free(opts->hostkey); opts->hostkey = NULL; } m_free(opts->ports); m_free(opts); } /* returns success or failure */ static int readhostkey(const char * filename, sign_key * hostkey, int type) { int ret = DROPBEAR_FAILURE; int i; buffer *buf; buf = buf_new(2000); if (buf_readfile(buf, filename) == DROPBEAR_FAILURE) { goto out; } buf_setpos(buf, 0); if (buf_get_priv_key(buf, hostkey, &type) == DROPBEAR_FAILURE) { goto out; } ret = DROPBEAR_SUCCESS; out: if (ret == DROPBEAR_FAILURE) { for (i = 0; sshhostkey[i].name != NULL; i++) { if (sshhostkey[i].val == type) { sshhostkey[i].usable = 0; break; } } fprintf(stderr, "Failed reading '%s', disabling %s\n", filename, type == DROPBEAR_SIGNKEY_DSS ? "DSS" : "RSA"); } buf_burn(buf); buf_free(buf); return ret; } static sign_key * loadhostkeys(const char * dsskeyfile, const char * rsakeyfile) { sign_key * hostkey; TRACE(("enter loadhostkeys")); hostkey = new_sign_key(); #ifdef DROPBEAR_RSA (void)readhostkey(rsakeyfile, hostkey, DROPBEAR_SIGNKEY_RSA); #endif #ifdef DROPBEAR_DSS (void)readhostkey(dsskeyfile, hostkey, DROPBEAR_SIGNKEY_DSS); #endif if ( 1 #ifdef DROPBEAR_DSS && hostkey->dsskey == NULL #endif #ifdef DROPBEAR_RSA && hostkey->rsakey == NULL #endif ) { dropbear_exit("No hostkeys available"); } TRACE(("leave loadhostkeys")); return hostkey; }