Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / openssh / refs/tags/fp2-sibon-17.10.1 / . / misc.c
blob: d208b4460d00cd6065f67b4fd031bdf4cbab6789 [file] [log] [blame]
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]1/* $OpenBSD: misc.c,v 1.96 2015/01/16 06:40:12 deraadt Exp $ */
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27#include "includes.h"
28
29#include <sys/types.h>
30#include <sys/ioctl.h>
31#include <sys/socket.h>
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]32#include <sys/un.h>
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]33
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]34#include <limits.h>
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]35#include <stdarg.h>
36#include <stdio.h>
37#include <stdlib.h>
38#include <string.h>
39#include <time.h>
40#include <unistd.h>
41
42#include <netinet/in.h>
43#include <netinet/in_systm.h>
44#include <netinet/ip.h>
45#include <netinet/tcp.h>
46
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]47#include <ctype.h>
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]48#include <errno.h>
49#include <fcntl.h>
50#include <netdb.h>
51#ifdef HAVE_PATHS_H
52# include <paths.h>
53#include <pwd.h>
54#endif
55#ifdef SSH_TUN_OPENBSD
56#include <net/if.h>
57#endif
58
59#include "xmalloc.h"
60#include "misc.h"
61#include "log.h"
62#include "ssh.h"
63
64/* remove newline at end of string */
65char *
66chop(char *s)
67{
68 char *t = s;
69 while (*t) {
70 if (*t == '\n' || *t == '\r') {
71 *t = '\0';
72 return s;
73 }
74 t++;
75 }
76 return s;
77
78}
79
80/* set/unset filedescriptor to non-blocking */
81int
82set_nonblock(int fd)
83{
84 int val;
85
86 val = fcntl(fd, F_GETFL, 0);
87 if (val < 0) {
88 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
89 return (-1);
90 }
91 if (val & O_NONBLOCK) {
92 debug3("fd %d is O_NONBLOCK", fd);
93 return (0);
94 }
95 debug2("fd %d setting O_NONBLOCK", fd);
96 val |= O_NONBLOCK;
97 if (fcntl(fd, F_SETFL, val) == -1) {
98 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
99 strerror(errno));
100 return (-1);
101 }
102 return (0);
103}
104
105int
106unset_nonblock(int fd)
107{
108 int val;
109
110 val = fcntl(fd, F_GETFL, 0);
111 if (val < 0) {
112 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
113 return (-1);
114 }
115 if (!(val & O_NONBLOCK)) {
116 debug3("fd %d is not O_NONBLOCK", fd);
117 return (0);
118 }
119 debug("fd %d clearing O_NONBLOCK", fd);
120 val &= ~O_NONBLOCK;
121 if (fcntl(fd, F_SETFL, val) == -1) {
122 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
123 fd, strerror(errno));
124 return (-1);
125 }
126 return (0);
127}
128
129const char *
130ssh_gai_strerror(int gaierr)
131{
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]132 if (gaierr == EAI_SYSTEM && errno != 0)
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]133 return strerror(errno);
134 return gai_strerror(gaierr);
135}
136
137/* disable nagle on socket */
138void
139set_nodelay(int fd)
140{
141 int opt;
142 socklen_t optlen;
143
144 optlen = sizeof opt;
145 if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
146 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
147 return;
148 }
149 if (opt == 1) {
150 debug2("fd %d is TCP_NODELAY", fd);
151 return;
152 }
153 opt = 1;
154 debug2("fd %d setting TCP_NODELAY", fd);
155 if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
156 error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
157}
158
159/* Characters considered whitespace in strsep calls. */
160#define WHITESPACE " \t\r\n"
161#define QUOTE "\""
162
163/* return next token in configuration line */
164char *
165strdelim(char **s)
166{
167 char *old;
168 int wspace = 0;
169
170 if (*s == NULL)
171 return NULL;
172
173 old = *s;
174
175 *s = strpbrk(*s, WHITESPACE QUOTE "=");
176 if (*s == NULL)
177 return (old);
178
179 if (*s[0] == '\"') {
180 memmove(*s, *s + 1, strlen(*s)); /* move nul too */
181 /* Find matching quote */
182 if ((*s = strpbrk(*s, QUOTE)) == NULL) {
183 return (NULL); /* no matching quote */
184 } else {
185 *s[0] = '\0';
186 *s += strspn(*s + 1, WHITESPACE) + 1;
187 return (old);
188 }
189 }
190
191 /* Allow only one '=' to be skipped */
192 if (*s[0] == '=')
193 wspace = 1;
194 *s[0] = '\0';
195
196 /* Skip any extra whitespace after first token */
197 *s += strspn(*s + 1, WHITESPACE) + 1;
198 if (*s[0] == '=' && !wspace)
199 *s += strspn(*s + 1, WHITESPACE) + 1;
200
201 return (old);
202}
203
204struct passwd *
205pwcopy(struct passwd *pw)
206{
207 struct passwd *copy = xcalloc(1, sizeof(*copy));
208
209 copy->pw_name = xstrdup(pw->pw_name);
210 copy->pw_passwd = pw->pw_passwd ? xstrdup(pw->pw_passwd) : NULL;
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]211#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]212 copy->pw_gecos = xstrdup(pw->pw_gecos);
213#endif
214 copy->pw_uid = pw->pw_uid;
215 copy->pw_gid = pw->pw_gid;
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]216#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]217 copy->pw_expire = pw->pw_expire;
218#endif
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]219#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]220 copy->pw_change = pw->pw_change;
221#endif
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]222#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]223 copy->pw_class = xstrdup(pw->pw_class);
224#endif
225 copy->pw_dir = xstrdup(pw->pw_dir);
226 copy->pw_shell = xstrdup(pw->pw_shell);
227 return copy;
228}
229
230/*
231 * Convert ASCII string to TCP/IP port number.
232 * Port must be >=0 and <=65535.
233 * Return -1 if invalid.
234 */
235int
236a2port(const char *s)
237{
238 long long port;
239 const char *errstr;
240
241 port = strtonum(s, 0, 65535, &errstr);
242 if (errstr != NULL)
243 return -1;
244 return (int)port;
245}
246
247int
248a2tun(const char *s, int *remote)
249{
250 const char *errstr = NULL;
251 char *sp, *ep;
252 int tun;
253
254 if (remote != NULL) {
255 *remote = SSH_TUNID_ANY;
256 sp = xstrdup(s);
257 if ((ep = strchr(sp, ':')) == NULL) {
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]258 free(sp);
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]259 return (a2tun(s, NULL));
260 }
261 ep[0] = '\0'; ep++;
262 *remote = a2tun(ep, NULL);
263 tun = a2tun(sp, NULL);
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]264 free(sp);
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]265 return (*remote == SSH_TUNID_ERR ? *remote : tun);
266 }
267
268 if (strcasecmp(s, "any") == 0)
269 return (SSH_TUNID_ANY);
270
271 tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
272 if (errstr != NULL)
273 return (SSH_TUNID_ERR);
274
275 return (tun);
276}
277
278#define SECONDS 1
279#define MINUTES (SECONDS * 60)
280#define HOURS (MINUTES * 60)
281#define DAYS (HOURS * 24)
282#define WEEKS (DAYS * 7)
283
284/*
285 * Convert a time string into seconds; format is
286 * a sequence of:
287 * time[qualifier]
288 *
289 * Valid time qualifiers are:
290 * <none> seconds
291 * s|S seconds
292 * m|M minutes
293 * h|H hours
294 * d|D days
295 * w|W weeks
296 *
297 * Examples:
298 * 90m 90 minutes
299 * 1h30m 90 minutes
300 * 2d 2 days
301 * 1w 1 week
302 *
303 * Return -1 if time string is invalid.
304 */
305long
306convtime(const char *s)
307{
308 long total, secs;
309 const char *p;
310 char *endp;
311
312 errno = 0;
313 total = 0;
314 p = s;
315
316 if (p == NULL || *p == '\0')
317 return -1;
318
319 while (*p) {
320 secs = strtol(p, &endp, 10);
321 if (p == endp ||
322 (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
323 secs < 0)
324 return -1;
325
326 switch (*endp++) {
327 case '\0':
328 endp--;
329 break;
330 case 's':
331 case 'S':
332 break;
333 case 'm':
334 case 'M':
335 secs *= MINUTES;
336 break;
337 case 'h':
338 case 'H':
339 secs *= HOURS;
340 break;
341 case 'd':
342 case 'D':
343 secs *= DAYS;
344 break;
345 case 'w':
346 case 'W':
347 secs *= WEEKS;
348 break;
349 default:
350 return -1;
351 }
352 total += secs;
353 if (total < 0)
354 return -1;
355 p = endp;
356 }
357
358 return total;
359}
360
361/*
362 * Returns a standardized host+port identifier string.
363 * Caller must free returned string.
364 */
365char *
366put_host_port(const char *host, u_short port)
367{
368 char *hoststr;
369
370 if (port == 0 || port == SSH_DEFAULT_PORT)
371 return(xstrdup(host));
372 if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
373 fatal("put_host_port: asprintf: %s", strerror(errno));
374 debug3("put_host_port: %s", hoststr);
375 return hoststr;
376}
377
378/*
379 * Search for next delimiter between hostnames/addresses and ports.
380 * Argument may be modified (for termination).
381 * Returns *cp if parsing succeeds.
382 * *cp is set to the start of the next delimiter, if one was found.
383 * If this is the last field, *cp is set to NULL.
384 */
385char *
386hpdelim(char **cp)
387{
388 char *s, *old;
389
390 if (cp == NULL || *cp == NULL)
391 return NULL;
392
393 old = s = *cp;
394 if (*s == '[') {
395 if ((s = strchr(s, ']')) == NULL)
396 return NULL;
397 else
398 s++;
399 } else if ((s = strpbrk(s, ":/")) == NULL)
400 s = *cp + strlen(*cp); /* skip to end (see first case below) */
401
402 switch (*s) {
403 case '\0':
404 *cp = NULL; /* no more fields*/
405 break;
406
407 case ':':
408 case '/':
409 *s = '\0'; /* terminate */
410 *cp = s + 1;
411 break;
412
413 default:
414 return NULL;
415 }
416
417 return old;
418}
419
420char *
421cleanhostname(char *host)
422{
423 if (*host == '[' && host[strlen(host) - 1] == ']') {
424 host[strlen(host) - 1] = '\0';
425 return (host + 1);
426 } else
427 return host;
428}
429
430char *
431colon(char *cp)
432{
433 int flag = 0;
434
435 if (*cp == ':') /* Leading colon is part of file name. */
436 return NULL;
437 if (*cp == '[')
438 flag = 1;
439
440 for (; *cp; ++cp) {
441 if (*cp == '@' && *(cp+1) == '[')
442 flag = 1;
443 if (*cp == ']' && *(cp+1) == ':' && flag)
444 return (cp+1);
445 if (*cp == ':' && !flag)
446 return (cp);
447 if (*cp == '/')
448 return NULL;
449 }
450 return NULL;
451}
452
453/* function to assist building execv() arguments */
454void
455addargs(arglist *args, char *fmt, ...)
456{
457 va_list ap;
458 char *cp;
459 u_int nalloc;
460 int r;
461
462 va_start(ap, fmt);
463 r = vasprintf(&cp, fmt, ap);
464 va_end(ap);
465 if (r == -1)
466 fatal("addargs: argument too long");
467
468 nalloc = args->nalloc;
469 if (args->list == NULL) {
470 nalloc = 32;
471 args->num = 0;
472 } else if (args->num+2 >= nalloc)
473 nalloc *= 2;
474
475 args->list = xrealloc(args->list, nalloc, sizeof(char *));
476 args->nalloc = nalloc;
477 args->list[args->num++] = cp;
478 args->list[args->num] = NULL;
479}
480
481void
482replacearg(arglist *args, u_int which, char *fmt, ...)
483{
484 va_list ap;
485 char *cp;
486 int r;
487
488 va_start(ap, fmt);
489 r = vasprintf(&cp, fmt, ap);
490 va_end(ap);
491 if (r == -1)
492 fatal("replacearg: argument too long");
493
494 if (which >= args->num)
495 fatal("replacearg: tried to replace invalid arg %d >= %d",
496 which, args->num);
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]497 free(args->list[which]);
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]498 args->list[which] = cp;
499}
500
501void
502freeargs(arglist *args)
503{
504 u_int i;
505
506 if (args->list != NULL) {
507 for (i = 0; i < args->num; i++)
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]508 free(args->list[i]);
509 free(args->list);
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]510 args->nalloc = args->num = 0;
511 args->list = NULL;
512 }
513}
514
515/*
516 * Expands tildes in the file name. Returns data allocated by xmalloc.
517 * Warning: this calls getpw*.
518 */
519char *
520tilde_expand_filename(const char *filename, uid_t uid)
521{
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]522 const char *path, *sep;
523 char user[128], *ret;
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]524 struct passwd *pw;
525 u_int len, slash;
526
527 if (*filename != '~')
528 return (xstrdup(filename));
529 filename++;
530
531 path = strchr(filename, '/');
532 if (path != NULL && path > filename) { /* ~user/path */
533 slash = path - filename;
534 if (slash > sizeof(user) - 1)
535 fatal("tilde_expand_filename: ~username too long");
536 memcpy(user, filename, slash);
537 user[slash] = '\0';
538 if ((pw = getpwnam(user)) == NULL)
539 fatal("tilde_expand_filename: No such user %s", user);
540 } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */
541 fatal("tilde_expand_filename: No such uid %ld", (long)uid);
542
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]543 /* Make sure directory has a trailing '/' */
544 len = strlen(pw->pw_dir);
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]545 if (len == 0 || pw->pw_dir[len - 1] != '/')
546 sep = "/";
547 else
548 sep = "";
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]549
550 /* Skip leading '/' from specified path */
551 if (path != NULL)
552 filename = path + 1;
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]553
554 if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX)
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]555 fatal("tilde_expand_filename: Path too long");
556
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]557 return (ret);
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]558}
559
560/*
561 * Expand a string with a set of %[char] escapes. A number of escapes may be
562 * specified as (char *escape_chars, char *replacement) pairs. The list must
563 * be terminated by a NULL escape_char. Returns replaced string in memory
564 * allocated by xmalloc.
565 */
566char *
567percent_expand(const char *string, ...)
568{
569#define EXPAND_MAX_KEYS 16
570 u_int num_keys, i, j;
571 struct {
572 const char *key;
573 const char *repl;
574 } keys[EXPAND_MAX_KEYS];
575 char buf[4096];
576 va_list ap;
577
578 /* Gather keys */
579 va_start(ap, string);
580 for (num_keys = 0; num_keys < EXPAND_MAX_KEYS; num_keys++) {
581 keys[num_keys].key = va_arg(ap, char *);
582 if (keys[num_keys].key == NULL)
583 break;
584 keys[num_keys].repl = va_arg(ap, char *);
585 if (keys[num_keys].repl == NULL)
586 fatal("%s: NULL replacement", __func__);
587 }
588 if (num_keys == EXPAND_MAX_KEYS && va_arg(ap, char *) != NULL)
589 fatal("%s: too many keys", __func__);
590 va_end(ap);
591
592 /* Expand string */
593 *buf = '\0';
594 for (i = 0; *string != '\0'; string++) {
595 if (*string != '%') {
596 append:
597 buf[i++] = *string;
598 if (i >= sizeof(buf))
599 fatal("%s: string too long", __func__);
600 buf[i] = '\0';
601 continue;
602 }
603 string++;
604 /* %% case */
605 if (*string == '%')
606 goto append;
607 for (j = 0; j < num_keys; j++) {
608 if (strchr(keys[j].key, *string) != NULL) {
609 i = strlcat(buf, keys[j].repl, sizeof(buf));
610 if (i >= sizeof(buf))
611 fatal("%s: string too long", __func__);
612 break;
613 }
614 }
615 if (j >= num_keys)
616 fatal("%s: unknown key %%%c", __func__, *string);
617 }
618 return (xstrdup(buf));
619#undef EXPAND_MAX_KEYS
620}
621
622/*
623 * Read an entire line from a public key file into a static buffer, discarding
624 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
625 */
626int
627read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
628 u_long *lineno)
629{
630 while (fgets(buf, bufsz, f) != NULL) {
631 if (buf[0] == '\0')
632 continue;
633 (*lineno)++;
634 if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
635 return 0;
636 } else {
637 debug("%s: %s line %lu exceeds size limit", __func__,
638 filename, *lineno);
639 /* discard remainder of line */
640 while (fgetc(f) != '\n' && !feof(f))
641 ; /* nothing */
642 }
643 }
644 return -1;
645}
646
647int
648tun_open(int tun, int mode)
649{
650#if defined(CUSTOM_SYS_TUN_OPEN)
651 return (sys_tun_open(tun, mode));
652#elif defined(SSH_TUN_OPENBSD)
653 struct ifreq ifr;
654 char name[100];
655 int fd = -1, sock;
656
657 /* Open the tunnel device */
658 if (tun <= SSH_TUNID_MAX) {
659 snprintf(name, sizeof(name), "/dev/tun%d", tun);
660 fd = open(name, O_RDWR);
661 } else if (tun == SSH_TUNID_ANY) {
662 for (tun = 100; tun >= 0; tun--) {
663 snprintf(name, sizeof(name), "/dev/tun%d", tun);
664 if ((fd = open(name, O_RDWR)) >= 0)
665 break;
666 }
667 } else {
668 debug("%s: invalid tunnel %u", __func__, tun);
669 return (-1);
670 }
671
672 if (fd < 0) {
673 debug("%s: %s open failed: %s", __func__, name, strerror(errno));
674 return (-1);
675 }
676
677 debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
678
679 /* Set the tunnel device operation mode */
680 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
681 if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
682 goto failed;
683
684 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
685 goto failed;
686
687 /* Set interface mode */
688 ifr.ifr_flags &= ~IFF_UP;
689 if (mode == SSH_TUNMODE_ETHERNET)
690 ifr.ifr_flags |= IFF_LINK0;
691 else
692 ifr.ifr_flags &= ~IFF_LINK0;
693 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
694 goto failed;
695
696 /* Bring interface up */
697 ifr.ifr_flags |= IFF_UP;
698 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
699 goto failed;
700
701 close(sock);
702 return (fd);
703
704 failed:
705 if (fd >= 0)
706 close(fd);
707 if (sock >= 0)
708 close(sock);
709 debug("%s: failed to set %s mode %d: %s", __func__, name,
710 mode, strerror(errno));
711 return (-1);
712#else
713 error("Tunnel interfaces are not supported on this platform");
714 return (-1);
715#endif
716}
717
718void
719sanitise_stdfd(void)
720{
721 int nullfd, dupfd;
722
723 if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
724 fprintf(stderr, "Couldn't open /dev/null: %s\n",
725 strerror(errno));
726 exit(1);
727 }
728 while (++dupfd <= 2) {
729 /* Only clobber closed fds */
730 if (fcntl(dupfd, F_GETFL, 0) >= 0)
731 continue;
732 if (dup2(nullfd, dupfd) == -1) {
733 fprintf(stderr, "dup2: %s\n", strerror(errno));
734 exit(1);
735 }
736 }
737 if (nullfd > 2)
738 close(nullfd);
739}
740
741char *
742tohex(const void *vp, size_t l)
743{
744 const u_char *p = (const u_char *)vp;
745 char b[3], *r;
746 size_t i, hl;
747
748 if (l > 65536)
749 return xstrdup("tohex: length > 65536");
750
751 hl = l * 2 + 1;
752 r = xcalloc(1, hl);
753 for (i = 0; i < l; i++) {
754 snprintf(b, sizeof(b), "%02x", p[i]);
755 strlcat(r, b, hl);
756 }
757 return (r);
758}
759
760u_int64_t
761get_u64(const void *vp)
762{
763 const u_char *p = (const u_char *)vp;
764 u_int64_t v;
765
766 v = (u_int64_t)p[0] << 56;
767 v |= (u_int64_t)p[1] << 48;
768 v |= (u_int64_t)p[2] << 40;
769 v |= (u_int64_t)p[3] << 32;
770 v |= (u_int64_t)p[4] << 24;
771 v |= (u_int64_t)p[5] << 16;
772 v |= (u_int64_t)p[6] << 8;
773 v |= (u_int64_t)p[7];
774
775 return (v);
776}
777
778u_int32_t
779get_u32(const void *vp)
780{
781 const u_char *p = (const u_char *)vp;
782 u_int32_t v;
783
784 v = (u_int32_t)p[0] << 24;
785 v |= (u_int32_t)p[1] << 16;
786 v |= (u_int32_t)p[2] << 8;
787 v |= (u_int32_t)p[3];
788
789 return (v);
790}
791
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]792u_int32_t
793get_u32_le(const void *vp)
794{
795 const u_char *p = (const u_char *)vp;
796 u_int32_t v;
797
798 v = (u_int32_t)p[0];
799 v |= (u_int32_t)p[1] << 8;
800 v |= (u_int32_t)p[2] << 16;
801 v |= (u_int32_t)p[3] << 24;
802
803 return (v);
804}
805
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]806u_int16_t
807get_u16(const void *vp)
808{
809 const u_char *p = (const u_char *)vp;
810 u_int16_t v;
811
812 v = (u_int16_t)p[0] << 8;
813 v |= (u_int16_t)p[1];
814
815 return (v);
816}
817
818void
819put_u64(void *vp, u_int64_t v)
820{
821 u_char *p = (u_char *)vp;
822
823 p[0] = (u_char)(v >> 56) & 0xff;
824 p[1] = (u_char)(v >> 48) & 0xff;
825 p[2] = (u_char)(v >> 40) & 0xff;
826 p[3] = (u_char)(v >> 32) & 0xff;
827 p[4] = (u_char)(v >> 24) & 0xff;
828 p[5] = (u_char)(v >> 16) & 0xff;
829 p[6] = (u_char)(v >> 8) & 0xff;
830 p[7] = (u_char)v & 0xff;
831}
832
833void
834put_u32(void *vp, u_int32_t v)
835{
836 u_char *p = (u_char *)vp;
837
838 p[0] = (u_char)(v >> 24) & 0xff;
839 p[1] = (u_char)(v >> 16) & 0xff;
840 p[2] = (u_char)(v >> 8) & 0xff;
841 p[3] = (u_char)v & 0xff;
842}
843
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]844void
845put_u32_le(void *vp, u_int32_t v)
846{
847 u_char *p = (u_char *)vp;
848
849 p[0] = (u_char)v & 0xff;
850 p[1] = (u_char)(v >> 8) & 0xff;
851 p[2] = (u_char)(v >> 16) & 0xff;
852 p[3] = (u_char)(v >> 24) & 0xff;
853}
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]854
855void
856put_u16(void *vp, u_int16_t v)
857{
858 u_char *p = (u_char *)vp;
859
860 p[0] = (u_char)(v >> 8) & 0xff;
861 p[1] = (u_char)v & 0xff;
862}
863
864void
865ms_subtract_diff(struct timeval *start, int *ms)
866{
867 struct timeval diff, finish;
868
869 gettimeofday(&finish, NULL);
870 timersub(&finish, start, &diff);
871 *ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000);
872}
873
874void
875ms_to_timeval(struct timeval *tv, int ms)
876{
877 if (ms < 0)
878 ms = 0;
879 tv->tv_sec = ms / 1000;
880 tv->tv_usec = (ms % 1000) * 1000;
881}
882
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]883time_t
884monotime(void)
885{
886#if defined(HAVE_CLOCK_GETTIME) && \
887 (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME))
888 struct timespec ts;
889 static int gettime_failed = 0;
890
891 if (!gettime_failed) {
892#if defined(CLOCK_BOOTTIME)
893 if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0)
894 return (ts.tv_sec);
895#endif
896#if defined(CLOCK_MONOTONIC)
897 if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
898 return (ts.tv_sec);
899#endif
900 debug3("clock_gettime: %s", strerror(errno));
901 gettime_failed = 1;
902 }
903#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */
904
905 return time(NULL);
906}
907
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]908void
909bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen)
910{
911 bw->buflen = buflen;
912 bw->rate = kbps;
913 bw->thresh = bw->rate;
914 bw->lamt = 0;
915 timerclear(&bw->bwstart);
916 timerclear(&bw->bwend);
917}
918
919/* Callback from read/write loop to insert bandwidth-limiting delays */
920void
921bandwidth_limit(struct bwlimit *bw, size_t read_len)
922{
923 u_int64_t waitlen;
924 struct timespec ts, rm;
925
926 if (!timerisset(&bw->bwstart)) {
927 gettimeofday(&bw->bwstart, NULL);
928 return;
929 }
930
931 bw->lamt += read_len;
932 if (bw->lamt < bw->thresh)
933 return;
934
935 gettimeofday(&bw->bwend, NULL);
936 timersub(&bw->bwend, &bw->bwstart, &bw->bwend);
937 if (!timerisset(&bw->bwend))
938 return;
939
940 bw->lamt *= 8;
941 waitlen = (double)1000000L * bw->lamt / bw->rate;
942
943 bw->bwstart.tv_sec = waitlen / 1000000L;
944 bw->bwstart.tv_usec = waitlen % 1000000L;
945
946 if (timercmp(&bw->bwstart, &bw->bwend, >)) {
947 timersub(&bw->bwstart, &bw->bwend, &bw->bwend);
948
949 /* Adjust the wait time */
950 if (bw->bwend.tv_sec) {
951 bw->thresh /= 2;
952 if (bw->thresh < bw->buflen / 4)
953 bw->thresh = bw->buflen / 4;
954 } else if (bw->bwend.tv_usec < 10000) {
955 bw->thresh *= 2;
956 if (bw->thresh > bw->buflen * 8)
957 bw->thresh = bw->buflen * 8;
958 }
959
960 TIMEVAL_TO_TIMESPEC(&bw->bwend, &ts);
961 while (nanosleep(&ts, &rm) == -1) {
962 if (errno != EINTR)
963 break;
964 ts = rm;
965 }
966 }
967
968 bw->lamt = 0;
969 gettimeofday(&bw->bwstart, NULL);
970}
971
972/* Make a template filename for mk[sd]temp() */
973void
974mktemp_proto(char *s, size_t len)
975{
976 const char *tmpdir;
977 int r;
978
979 if ((tmpdir = getenv("TMPDIR")) != NULL) {
980 r = snprintf(s, len, "%s/ssh-XXXXXXXXXXXX", tmpdir);
981 if (r > 0 && (size_t)r < len)
982 return;
983 }
984 r = snprintf(s, len, "/tmp/ssh-XXXXXXXXXXXX");
985 if (r < 0 || (size_t)r >= len)
986 fatal("%s: template string too short", __func__);
987}
988
989static const struct {
990 const char *name;
991 int value;
992} ipqos[] = {
993 { "af11", IPTOS_DSCP_AF11 },
994 { "af12", IPTOS_DSCP_AF12 },
995 { "af13", IPTOS_DSCP_AF13 },
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]996 { "af21", IPTOS_DSCP_AF21 },
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]997 { "af22", IPTOS_DSCP_AF22 },
998 { "af23", IPTOS_DSCP_AF23 },
999 { "af31", IPTOS_DSCP_AF31 },
1000 { "af32", IPTOS_DSCP_AF32 },
1001 { "af33", IPTOS_DSCP_AF33 },
1002 { "af41", IPTOS_DSCP_AF41 },
1003 { "af42", IPTOS_DSCP_AF42 },
1004 { "af43", IPTOS_DSCP_AF43 },
1005 { "cs0", IPTOS_DSCP_CS0 },
1006 { "cs1", IPTOS_DSCP_CS1 },
1007 { "cs2", IPTOS_DSCP_CS2 },
1008 { "cs3", IPTOS_DSCP_CS3 },
1009 { "cs4", IPTOS_DSCP_CS4 },
1010 { "cs5", IPTOS_DSCP_CS5 },
1011 { "cs6", IPTOS_DSCP_CS6 },
1012 { "cs7", IPTOS_DSCP_CS7 },
1013 { "ef", IPTOS_DSCP_EF },
1014 { "lowdelay", IPTOS_LOWDELAY },
1015 { "throughput", IPTOS_THROUGHPUT },
1016 { "reliability", IPTOS_RELIABILITY },
1017 { NULL, -1 }
1018};
1019
1020int
1021parse_ipqos(const char *cp)
1022{
1023 u_int i;
1024 char *ep;
1025 long val;
1026
1027 if (cp == NULL)
1028 return -1;
1029 for (i = 0; ipqos[i].name != NULL; i++) {
1030 if (strcasecmp(cp, ipqos[i].name) == 0)
1031 return ipqos[i].value;
1032 }
1033 /* Try parsing as an integer */
1034 val = strtol(cp, &ep, 0);
1035 if (*cp == '\0' || *ep != '\0' || val < 0 || val > 255)
1036 return -1;
1037 return val;
1038}
1039
1040const char *
1041iptos2str(int iptos)
1042{
1043 int i;
1044 static char iptos_str[sizeof "0xff"];
1045
1046 for (i = 0; ipqos[i].name != NULL; i++) {
1047 if (ipqos[i].value == iptos)
1048 return ipqos[i].name;
1049 }
1050 snprintf(iptos_str, sizeof iptos_str, "0x%02x", iptos);
1051 return iptos_str;
1052}
Adam Langleyd0592972015-03-30 14:49:51 -0700[diff] [blame]1053
1054void
1055lowercase(char *s)
1056{
1057 for (; *s; s++)
1058 *s = tolower((u_char)*s);
1059}
1060
1061int
1062unix_listener(const char *path, int backlog, int unlink_first)
1063{
1064 struct sockaddr_un sunaddr;
1065 int saved_errno, sock;
1066
1067 memset(&sunaddr, 0, sizeof(sunaddr));
1068 sunaddr.sun_family = AF_UNIX;
1069 if (strlcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)) >= sizeof(sunaddr.sun_path)) {
1070 error("%s: \"%s\" too long for Unix domain socket", __func__,
1071 path);
1072 errno = ENAMETOOLONG;
1073 return -1;
1074 }
1075
1076 sock = socket(PF_UNIX, SOCK_STREAM, 0);
1077 if (sock < 0) {
1078 saved_errno = errno;
1079 error("socket: %.100s", strerror(errno));
1080 errno = saved_errno;
1081 return -1;
1082 }
1083 if (unlink_first == 1) {
1084 if (unlink(path) != 0 && errno != ENOENT)
1085 error("unlink(%s): %.100s", path, strerror(errno));
1086 }
1087 if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
1088 saved_errno = errno;
1089 error("bind: %.100s", strerror(errno));
1090 close(sock);
1091 error("%s: cannot bind to path: %s", __func__, path);
1092 errno = saved_errno;
1093 return -1;
1094 }
1095 if (listen(sock, backlog) < 0) {
1096 saved_errno = errno;
1097 error("listen: %.100s", strerror(errno));
1098 close(sock);
1099 unlink(path);
1100 error("%s: cannot listen on path: %s", __func__, path);
1101 errno = saved_errno;
1102 return -1;
1103 }
1104 return sock;
1105}
1106
Greg Hartmanbd77cf72015-02-25 13:21:06 -0800[diff] [blame]1107void
1108sock_set_v6only(int s)
1109{
1110#ifdef IPV6_V6ONLY
1111 int on = 1;
1112
1113 debug3("%s: set socket %d IPV6_V6ONLY", __func__, s);
1114 if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1)
1115 error("setsockopt IPV6_V6ONLY: %s", strerror(errno));
1116#endif
1117}