blob: 662480e9e1fa3e560066d8fe1396e7b4c8a26b24 [file] [log] [blame]
Damien Millere4340be2000-09-16 13:29:08 +11001/*
2 * Copyright (c) 2000 Markus Friedl. All rights reserved.
Damien Miller6476cad2005-06-16 13:18:34 +10003 * Copyright (c) 2005 Damien Miller. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +11004 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
Damien Miller61c51502000-08-18 14:01:04 +100026#include "includes.h"
Damien Miller306d1182006-03-15 12:05:59 +110027RCSID("$OpenBSD: misc.c,v 1.46 2006/03/13 10:14:29 dtucker Exp $");
Damien Miller17e91c02006-03-15 11:28:34 +110028
29#include <sys/ioctl.h>
Damien Miller3a4051e2006-03-15 11:19:42 +110030#include <netinet/tcp.h>
Damien Miller03e20032006-03-15 11:16:59 +110031#ifdef HAVE_PATHS_H
Damien Millera9263d02006-03-15 11:18:26 +110032# include <paths.h>
Damien Miller03e20032006-03-15 11:16:59 +110033#endif
Damien Miller3beb8522006-01-02 23:40:10 +110034#ifdef SSH_TUN_OPENBSD
35#include <net/if.h>
36#endif
Damien Miller61c51502000-08-18 14:01:04 +100037
Kevin Stevesb6e773a2001-02-04 13:20:36 +000038#include "misc.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000039#include "log.h"
Ben Lindstrom06909012001-03-05 06:09:31 +000040#include "xmalloc.h"
Damien Miller61c51502000-08-18 14:01:04 +100041
Ben Lindstrom4cc240d2001-07-04 04:46:56 +000042/* remove newline at end of string */
Damien Miller61c51502000-08-18 14:01:04 +100043char *
44chop(char *s)
45{
46 char *t = s;
47 while (*t) {
Ben Lindstrom1c37c6a2001-12-06 18:00:18 +000048 if (*t == '\n' || *t == '\r') {
Damien Miller61c51502000-08-18 14:01:04 +100049 *t = '\0';
50 return s;
51 }
52 t++;
53 }
54 return s;
55
56}
57
Ben Lindstrom4cc240d2001-07-04 04:46:56 +000058/* set/unset filedescriptor to non-blocking */
Damien Miller232711f2004-06-15 10:35:30 +100059int
Damien Miller61c51502000-08-18 14:01:04 +100060set_nonblock(int fd)
61{
62 int val;
Ben Lindstromc93e84c2001-05-12 00:08:37 +000063
Damien Miller61c51502000-08-18 14:01:04 +100064 val = fcntl(fd, F_GETFL, 0);
65 if (val < 0) {
66 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +100067 return (-1);
Damien Miller61c51502000-08-18 14:01:04 +100068 }
Damien Miller69b69aa2000-10-28 14:19:58 +110069 if (val & O_NONBLOCK) {
Damien Miller232711f2004-06-15 10:35:30 +100070 debug3("fd %d is O_NONBLOCK", fd);
71 return (0);
Damien Miller69b69aa2000-10-28 14:19:58 +110072 }
Damien Milleref095ce2003-05-14 13:41:39 +100073 debug2("fd %d setting O_NONBLOCK", fd);
Damien Miller61c51502000-08-18 14:01:04 +100074 val |= O_NONBLOCK;
Damien Miller232711f2004-06-15 10:35:30 +100075 if (fcntl(fd, F_SETFL, val) == -1) {
76 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
77 strerror(errno));
78 return (-1);
79 }
80 return (0);
Damien Miller61c51502000-08-18 14:01:04 +100081}
82
Damien Miller232711f2004-06-15 10:35:30 +100083int
Ben Lindstromc93e84c2001-05-12 00:08:37 +000084unset_nonblock(int fd)
85{
86 int val;
87
88 val = fcntl(fd, F_GETFL, 0);
89 if (val < 0) {
90 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +100091 return (-1);
Ben Lindstromc93e84c2001-05-12 00:08:37 +000092 }
93 if (!(val & O_NONBLOCK)) {
Damien Miller232711f2004-06-15 10:35:30 +100094 debug3("fd %d is not O_NONBLOCK", fd);
95 return (0);
Ben Lindstromc93e84c2001-05-12 00:08:37 +000096 }
Ben Lindstrom352b1c22001-06-21 03:04:37 +000097 debug("fd %d clearing O_NONBLOCK", fd);
Ben Lindstromc93e84c2001-05-12 00:08:37 +000098 val &= ~O_NONBLOCK;
Damien Miller232711f2004-06-15 10:35:30 +100099 if (fcntl(fd, F_SETFL, val) == -1) {
100 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
Ben Lindstrom84fcb312002-03-05 01:48:09 +0000101 fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +1000102 return (-1);
103 }
104 return (0);
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000105}
106
Damien Miller398e1cf2002-02-05 11:52:13 +1100107/* disable nagle on socket */
108void
109set_nodelay(int fd)
110{
Ben Lindstrome86de512002-03-05 01:28:14 +0000111 int opt;
112 socklen_t optlen;
Damien Miller398e1cf2002-02-05 11:52:13 +1100113
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000114 optlen = sizeof opt;
115 if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
Darren Tucker6db8f932003-11-03 20:07:14 +1100116 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000117 return;
118 }
119 if (opt == 1) {
120 debug2("fd %d is TCP_NODELAY", fd);
121 return;
122 }
123 opt = 1;
Ben Lindstrom1d568f92002-12-23 02:44:36 +0000124 debug2("fd %d setting TCP_NODELAY", fd);
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000125 if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
Damien Miller398e1cf2002-02-05 11:52:13 +1100126 error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
127}
128
Damien Miller61c51502000-08-18 14:01:04 +1000129/* Characters considered whitespace in strsep calls. */
130#define WHITESPACE " \t\r\n"
Damien Miller306d1182006-03-15 12:05:59 +1100131#define QUOTE "\""
Damien Miller61c51502000-08-18 14:01:04 +1000132
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000133/* return next token in configuration line */
Damien Miller61c51502000-08-18 14:01:04 +1000134char *
135strdelim(char **s)
136{
137 char *old;
138 int wspace = 0;
139
140 if (*s == NULL)
141 return NULL;
142
143 old = *s;
144
Damien Miller306d1182006-03-15 12:05:59 +1100145 *s = strpbrk(*s, WHITESPACE QUOTE "=");
Damien Miller61c51502000-08-18 14:01:04 +1000146 if (*s == NULL)
147 return (old);
148
Damien Miller306d1182006-03-15 12:05:59 +1100149 if (*s[0] == '\"') {
150 memmove(*s, *s + 1, strlen(*s)); /* move nul too */
151 /* Find matching quote */
152 if ((*s = strpbrk(*s, QUOTE)) == NULL) {
153 return (NULL); /* no matching quote */
154 } else {
155 *s[0] = '\0';
156 return (old);
157 }
158 }
159
Damien Miller61c51502000-08-18 14:01:04 +1000160 /* Allow only one '=' to be skipped */
161 if (*s[0] == '=')
162 wspace = 1;
163 *s[0] = '\0';
164
Damien Miller306d1182006-03-15 12:05:59 +1100165 /* Skip any extra whitespace after first token */
Damien Miller61c51502000-08-18 14:01:04 +1000166 *s += strspn(*s + 1, WHITESPACE) + 1;
167 if (*s[0] == '=' && !wspace)
168 *s += strspn(*s + 1, WHITESPACE) + 1;
169
170 return (old);
171}
Kevin Stevesb6e773a2001-02-04 13:20:36 +0000172
Ben Lindstrom086cf212001-03-05 05:56:40 +0000173struct passwd *
174pwcopy(struct passwd *pw)
175{
176 struct passwd *copy = xmalloc(sizeof(*copy));
Ben Lindstrom40304422001-03-05 06:22:01 +0000177
Ben Lindstrom086cf212001-03-05 05:56:40 +0000178 memset(copy, 0, sizeof(*copy));
179 copy->pw_name = xstrdup(pw->pw_name);
180 copy->pw_passwd = xstrdup(pw->pw_passwd);
Ben Lindstrom40304422001-03-05 06:22:01 +0000181 copy->pw_gecos = xstrdup(pw->pw_gecos);
Ben Lindstrom086cf212001-03-05 05:56:40 +0000182 copy->pw_uid = pw->pw_uid;
183 copy->pw_gid = pw->pw_gid;
Kevin Steves82456952001-06-22 21:14:18 +0000184#ifdef HAVE_PW_EXPIRE_IN_PASSWD
Ben Lindstrom3af4d462001-06-21 03:11:27 +0000185 copy->pw_expire = pw->pw_expire;
Kevin Steves82456952001-06-22 21:14:18 +0000186#endif
187#ifdef HAVE_PW_CHANGE_IN_PASSWD
Ben Lindstrom3af4d462001-06-21 03:11:27 +0000188 copy->pw_change = pw->pw_change;
Kevin Steves82456952001-06-22 21:14:18 +0000189#endif
Ben Lindstrom0f68db42001-03-05 07:57:09 +0000190#ifdef HAVE_PW_CLASS_IN_PASSWD
Ben Lindstrom086cf212001-03-05 05:56:40 +0000191 copy->pw_class = xstrdup(pw->pw_class);
Ben Lindstrom0f68db42001-03-05 07:57:09 +0000192#endif
Ben Lindstrom086cf212001-03-05 05:56:40 +0000193 copy->pw_dir = xstrdup(pw->pw_dir);
194 copy->pw_shell = xstrdup(pw->pw_shell);
195 return copy;
196}
197
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000198/*
199 * Convert ASCII string to TCP/IP port number.
200 * Port must be >0 and <=65535.
201 * Return 0 if invalid.
202 */
203int
204a2port(const char *s)
Ben Lindstrom19066a12001-04-12 23:39:26 +0000205{
206 long port;
207 char *endp;
208
209 errno = 0;
210 port = strtol(s, &endp, 0);
211 if (s == endp || *endp != '\0' ||
212 (errno == ERANGE && (port == LONG_MIN || port == LONG_MAX)) ||
213 port <= 0 || port > 65535)
214 return 0;
215
216 return port;
217}
218
Damien Millerd27b9472005-12-13 19:29:02 +1100219int
220a2tun(const char *s, int *remote)
221{
222 const char *errstr = NULL;
223 char *sp, *ep;
224 int tun;
225
226 if (remote != NULL) {
Damien Miller7b58e802005-12-13 19:33:19 +1100227 *remote = SSH_TUNID_ANY;
Damien Millerd27b9472005-12-13 19:29:02 +1100228 sp = xstrdup(s);
229 if ((ep = strchr(sp, ':')) == NULL) {
230 xfree(sp);
231 return (a2tun(s, NULL));
232 }
233 ep[0] = '\0'; ep++;
234 *remote = a2tun(ep, NULL);
235 tun = a2tun(sp, NULL);
236 xfree(sp);
Damien Miller7b58e802005-12-13 19:33:19 +1100237 return (*remote == SSH_TUNID_ERR ? *remote : tun);
Damien Millerd27b9472005-12-13 19:29:02 +1100238 }
239
240 if (strcasecmp(s, "any") == 0)
Damien Miller7b58e802005-12-13 19:33:19 +1100241 return (SSH_TUNID_ANY);
Damien Millerd27b9472005-12-13 19:29:02 +1100242
Damien Miller7b58e802005-12-13 19:33:19 +1100243 tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
244 if (errstr != NULL)
245 return (SSH_TUNID_ERR);
Damien Millerd27b9472005-12-13 19:29:02 +1100246
247 return (tun);
248}
249
Ben Lindstrom1bda4c82001-06-05 19:59:08 +0000250#define SECONDS 1
251#define MINUTES (SECONDS * 60)
252#define HOURS (MINUTES * 60)
253#define DAYS (HOURS * 24)
254#define WEEKS (DAYS * 7)
255
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000256/*
257 * Convert a time string into seconds; format is
258 * a sequence of:
259 * time[qualifier]
260 *
261 * Valid time qualifiers are:
262 * <none> seconds
263 * s|S seconds
264 * m|M minutes
265 * h|H hours
266 * d|D days
267 * w|W weeks
268 *
269 * Examples:
270 * 90m 90 minutes
271 * 1h30m 90 minutes
272 * 2d 2 days
273 * 1w 1 week
274 *
275 * Return -1 if time string is invalid.
276 */
277long
278convtime(const char *s)
Ben Lindstrom1bda4c82001-06-05 19:59:08 +0000279{
280 long total, secs;
281 const char *p;
282 char *endp;
283
284 errno = 0;
285 total = 0;
286 p = s;
287
288 if (p == NULL || *p == '\0')
289 return -1;
290
291 while (*p) {
292 secs = strtol(p, &endp, 10);
293 if (p == endp ||
294 (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
295 secs < 0)
296 return -1;
297
298 switch (*endp++) {
299 case '\0':
300 endp--;
301 case 's':
302 case 'S':
303 break;
304 case 'm':
305 case 'M':
306 secs *= MINUTES;
307 break;
308 case 'h':
309 case 'H':
310 secs *= HOURS;
311 break;
312 case 'd':
313 case 'D':
314 secs *= DAYS;
315 break;
316 case 'w':
317 case 'W':
318 secs *= WEEKS;
319 break;
320 default:
321 return -1;
322 }
323 total += secs;
324 if (total < 0)
325 return -1;
326 p = endp;
327 }
328
329 return total;
330}
331
Damien Millerf91ee4c2005-03-01 21:24:33 +1100332/*
333 * Search for next delimiter between hostnames/addresses and ports.
334 * Argument may be modified (for termination).
335 * Returns *cp if parsing succeeds.
336 * *cp is set to the start of the next delimiter, if one was found.
337 * If this is the last field, *cp is set to NULL.
338 */
339char *
340hpdelim(char **cp)
341{
342 char *s, *old;
343
344 if (cp == NULL || *cp == NULL)
345 return NULL;
346
347 old = s = *cp;
348 if (*s == '[') {
349 if ((s = strchr(s, ']')) == NULL)
350 return NULL;
351 else
352 s++;
353 } else if ((s = strpbrk(s, ":/")) == NULL)
354 s = *cp + strlen(*cp); /* skip to end (see first case below) */
355
356 switch (*s) {
357 case '\0':
358 *cp = NULL; /* no more fields*/
359 break;
Darren Tucker47eede72005-03-14 23:08:12 +1100360
Damien Millerf91ee4c2005-03-01 21:24:33 +1100361 case ':':
362 case '/':
363 *s = '\0'; /* terminate */
364 *cp = s + 1;
365 break;
Darren Tucker47eede72005-03-14 23:08:12 +1100366
Damien Millerf91ee4c2005-03-01 21:24:33 +1100367 default:
368 return NULL;
369 }
370
371 return old;
372}
373
Ben Lindstrom4529b702001-05-03 23:39:53 +0000374char *
375cleanhostname(char *host)
376{
377 if (*host == '[' && host[strlen(host) - 1] == ']') {
378 host[strlen(host) - 1] = '\0';
379 return (host + 1);
380 } else
381 return host;
382}
383
384char *
385colon(char *cp)
386{
387 int flag = 0;
388
389 if (*cp == ':') /* Leading colon is part of file name. */
390 return (0);
391 if (*cp == '[')
392 flag = 1;
393
394 for (; *cp; ++cp) {
395 if (*cp == '@' && *(cp+1) == '[')
396 flag = 1;
397 if (*cp == ']' && *(cp+1) == ':' && flag)
398 return (cp+1);
399 if (*cp == ':' && !flag)
400 return (cp);
401 if (*cp == '/')
402 return (0);
403 }
404 return (0);
405}
406
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000407/* function to assist building execv() arguments */
Ben Lindstrom387c4722001-05-08 20:27:25 +0000408void
409addargs(arglist *args, char *fmt, ...)
410{
411 va_list ap;
Damien Miller3eec6b72006-01-31 21:49:27 +1100412 char *cp;
Darren Tuckerc7a6fc42004-08-13 21:18:00 +1000413 u_int nalloc;
Damien Miller3eec6b72006-01-31 21:49:27 +1100414 int r;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000415
416 va_start(ap, fmt);
Damien Miller3eec6b72006-01-31 21:49:27 +1100417 r = vasprintf(&cp, fmt, ap);
Ben Lindstrom387c4722001-05-08 20:27:25 +0000418 va_end(ap);
Damien Miller3eec6b72006-01-31 21:49:27 +1100419 if (r == -1)
420 fatal("addargs: argument too long");
Ben Lindstrom387c4722001-05-08 20:27:25 +0000421
Darren Tuckerfb16b242003-09-22 21:04:23 +1000422 nalloc = args->nalloc;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000423 if (args->list == NULL) {
Darren Tuckerfb16b242003-09-22 21:04:23 +1000424 nalloc = 32;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000425 args->num = 0;
Darren Tuckerfb16b242003-09-22 21:04:23 +1000426 } else if (args->num+2 >= nalloc)
427 nalloc *= 2;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000428
Darren Tuckerfb16b242003-09-22 21:04:23 +1000429 args->list = xrealloc(args->list, nalloc * sizeof(char *));
430 args->nalloc = nalloc;
Damien Miller3eec6b72006-01-31 21:49:27 +1100431 args->list[args->num++] = cp;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000432 args->list[args->num] = NULL;
433}
Darren Tucker22cc7412004-12-06 22:47:41 +1100434
Damien Miller3eec6b72006-01-31 21:49:27 +1100435void
436replacearg(arglist *args, u_int which, char *fmt, ...)
437{
438 va_list ap;
439 char *cp;
440 int r;
441
442 va_start(ap, fmt);
443 r = vasprintf(&cp, fmt, ap);
444 va_end(ap);
445 if (r == -1)
446 fatal("replacearg: argument too long");
447
448 if (which >= args->num)
449 fatal("replacearg: tried to replace invalid arg %d >= %d",
450 which, args->num);
451 xfree(args->list[which]);
452 args->list[which] = cp;
453}
454
455void
456freeargs(arglist *args)
457{
458 u_int i;
459
460 if (args->list != NULL) {
461 for (i = 0; i < args->num; i++)
462 xfree(args->list[i]);
463 xfree(args->list);
464 args->nalloc = args->num = 0;
465 args->list = NULL;
466 }
467}
468
Darren Tucker22cc7412004-12-06 22:47:41 +1100469/*
Damien Miller5fd38c02005-05-26 12:02:14 +1000470 * Expands tildes in the file name. Returns data allocated by xmalloc.
471 * Warning: this calls getpw*.
472 */
473char *
474tilde_expand_filename(const char *filename, uid_t uid)
475{
476 const char *path;
477 char user[128], ret[MAXPATHLEN];
478 struct passwd *pw;
Damien Millereccb9de2005-06-17 12:59:34 +1000479 u_int len, slash;
Damien Miller5fd38c02005-05-26 12:02:14 +1000480
481 if (*filename != '~')
482 return (xstrdup(filename));
483 filename++;
484
485 path = strchr(filename, '/');
486 if (path != NULL && path > filename) { /* ~user/path */
Damien Millereccb9de2005-06-17 12:59:34 +1000487 slash = path - filename;
488 if (slash > sizeof(user) - 1)
Damien Miller5fd38c02005-05-26 12:02:14 +1000489 fatal("tilde_expand_filename: ~username too long");
Damien Millereccb9de2005-06-17 12:59:34 +1000490 memcpy(user, filename, slash);
491 user[slash] = '\0';
Damien Miller5fd38c02005-05-26 12:02:14 +1000492 if ((pw = getpwnam(user)) == NULL)
493 fatal("tilde_expand_filename: No such user %s", user);
494 } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */
495 fatal("tilde_expand_filename: No such uid %d", uid);
496
497 if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
498 fatal("tilde_expand_filename: Path too long");
499
500 /* Make sure directory has a trailing '/' */
501 len = strlen(pw->pw_dir);
502 if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
503 strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
504 fatal("tilde_expand_filename: Path too long");
505
506 /* Skip leading '/' from specified path */
507 if (path != NULL)
508 filename = path + 1;
509 if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret))
510 fatal("tilde_expand_filename: Path too long");
511
512 return (xstrdup(ret));
513}
514
515/*
Damien Miller6476cad2005-06-16 13:18:34 +1000516 * Expand a string with a set of %[char] escapes. A number of escapes may be
517 * specified as (char *escape_chars, char *replacement) pairs. The list must
Darren Tuckerbee73d52005-07-14 17:05:02 +1000518 * be terminated by a NULL escape_char. Returns replaced string in memory
Damien Miller6476cad2005-06-16 13:18:34 +1000519 * allocated by xmalloc.
520 */
521char *
522percent_expand(const char *string, ...)
523{
524#define EXPAND_MAX_KEYS 16
525 struct {
526 const char *key;
527 const char *repl;
528 } keys[EXPAND_MAX_KEYS];
Damien Millereccb9de2005-06-17 12:59:34 +1000529 u_int num_keys, i, j;
Damien Miller6476cad2005-06-16 13:18:34 +1000530 char buf[4096];
531 va_list ap;
532
533 /* Gather keys */
534 va_start(ap, string);
535 for (num_keys = 0; num_keys < EXPAND_MAX_KEYS; num_keys++) {
536 keys[num_keys].key = va_arg(ap, char *);
537 if (keys[num_keys].key == NULL)
538 break;
539 keys[num_keys].repl = va_arg(ap, char *);
540 if (keys[num_keys].repl == NULL)
541 fatal("percent_expand: NULL replacement");
542 }
543 va_end(ap);
544
545 if (num_keys >= EXPAND_MAX_KEYS)
546 fatal("percent_expand: too many keys");
547
548 /* Expand string */
549 *buf = '\0';
550 for (i = 0; *string != '\0'; string++) {
551 if (*string != '%') {
552 append:
553 buf[i++] = *string;
554 if (i >= sizeof(buf))
555 fatal("percent_expand: string too long");
556 buf[i] = '\0';
557 continue;
558 }
559 string++;
560 if (*string == '%')
561 goto append;
562 for (j = 0; j < num_keys; j++) {
563 if (strchr(keys[j].key, *string) != NULL) {
564 i = strlcat(buf, keys[j].repl, sizeof(buf));
565 if (i >= sizeof(buf))
566 fatal("percent_expand: string too long");
567 break;
568 }
569 }
570 if (j >= num_keys)
571 fatal("percent_expand: unknown key %%%c", *string);
572 }
573 return (xstrdup(buf));
574#undef EXPAND_MAX_KEYS
575}
576
577/*
Darren Tucker22cc7412004-12-06 22:47:41 +1100578 * Read an entire line from a public key file into a static buffer, discarding
579 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
580 */
581int
582read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
Darren Tuckerf0f90982004-12-11 13:39:50 +1100583 u_long *lineno)
Darren Tucker22cc7412004-12-06 22:47:41 +1100584{
585 while (fgets(buf, bufsz, f) != NULL) {
586 (*lineno)++;
587 if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
588 return 0;
589 } else {
Darren Tuckerf0f90982004-12-11 13:39:50 +1100590 debug("%s: %s line %lu exceeds size limit", __func__,
591 filename, *lineno);
Darren Tucker22cc7412004-12-06 22:47:41 +1100592 /* discard remainder of line */
Darren Tucker47eede72005-03-14 23:08:12 +1100593 while (fgetc(f) != '\n' && !feof(f))
Darren Tucker22cc7412004-12-06 22:47:41 +1100594 ; /* nothing */
595 }
596 }
597 return -1;
598}
Damien Miller13390022005-07-06 09:44:19 +1000599
Damien Millerd27b9472005-12-13 19:29:02 +1100600int
Damien Miller7b58e802005-12-13 19:33:19 +1100601tun_open(int tun, int mode)
Damien Millerd27b9472005-12-13 19:29:02 +1100602{
Damien Miller62a31c92005-12-13 20:44:13 +1100603#if defined(CUSTOM_SYS_TUN_OPEN)
604 return (sys_tun_open(tun, mode));
Damien Miller2dcddbf2006-01-01 19:47:05 +1100605#elif defined(SSH_TUN_OPENBSD)
Damien Miller7b58e802005-12-13 19:33:19 +1100606 struct ifreq ifr;
Damien Millerd27b9472005-12-13 19:29:02 +1100607 char name[100];
Damien Miller7b58e802005-12-13 19:33:19 +1100608 int fd = -1, sock;
Damien Millerd27b9472005-12-13 19:29:02 +1100609
Damien Miller7b58e802005-12-13 19:33:19 +1100610 /* Open the tunnel device */
611 if (tun <= SSH_TUNID_MAX) {
Damien Millerd27b9472005-12-13 19:29:02 +1100612 snprintf(name, sizeof(name), "/dev/tun%d", tun);
Damien Miller7b58e802005-12-13 19:33:19 +1100613 fd = open(name, O_RDWR);
614 } else if (tun == SSH_TUNID_ANY) {
615 for (tun = 100; tun >= 0; tun--) {
616 snprintf(name, sizeof(name), "/dev/tun%d", tun);
617 if ((fd = open(name, O_RDWR)) >= 0)
618 break;
Damien Millerd27b9472005-12-13 19:29:02 +1100619 }
620 } else {
Damien Millera210d522006-01-02 23:40:30 +1100621 debug("%s: invalid tunnel %u", __func__, tun);
Damien Miller7b58e802005-12-13 19:33:19 +1100622 return (-1);
Damien Millerd27b9472005-12-13 19:29:02 +1100623 }
Damien Miller7b58e802005-12-13 19:33:19 +1100624
625 if (fd < 0) {
626 debug("%s: %s open failed: %s", __func__, name, strerror(errno));
627 return (-1);
628 }
629
630 debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
631
632 /* Set the tunnel device operation mode */
633 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
634 if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
635 goto failed;
636
637 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
638 goto failed;
Damien Millera1d9a182006-01-02 23:41:21 +1100639
640 /* Set interface mode */
641 ifr.ifr_flags &= ~IFF_UP;
642 if (mode == SSH_TUNMODE_ETHERNET)
Damien Miller7b58e802005-12-13 19:33:19 +1100643 ifr.ifr_flags |= IFF_LINK0;
Damien Millera1d9a182006-01-02 23:41:21 +1100644 else
645 ifr.ifr_flags &= ~IFF_LINK0;
646 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
647 goto failed;
648
649 /* Bring interface up */
Damien Miller7b58e802005-12-13 19:33:19 +1100650 ifr.ifr_flags |= IFF_UP;
651 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
652 goto failed;
653
654 close(sock);
655 return (fd);
656
657 failed:
658 if (fd >= 0)
659 close(fd);
660 if (sock >= 0)
661 close(sock);
662 debug("%s: failed to set %s mode %d: %s", __func__, name,
663 mode, strerror(errno));
Damien Millerd27b9472005-12-13 19:29:02 +1100664 return (-1);
Damien Miller62a31c92005-12-13 20:44:13 +1100665#else
666 error("Tunnel interfaces are not supported on this platform");
667 return (-1);
668#endif
Damien Millerd27b9472005-12-13 19:29:02 +1100669}
670
Darren Tuckerce321d82005-10-03 18:11:24 +1000671void
672sanitise_stdfd(void)
673{
Damien Miller72c5b7d2006-01-06 14:50:44 +1100674 int nullfd, dupfd;
Darren Tuckerce321d82005-10-03 18:11:24 +1000675
Damien Miller72c5b7d2006-01-06 14:50:44 +1100676 if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
Darren Tuckerce321d82005-10-03 18:11:24 +1000677 fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
678 exit(1);
679 }
Damien Miller72c5b7d2006-01-06 14:50:44 +1100680 while (++dupfd <= 2) {
681 /* Only clobber closed fds */
682 if (fcntl(dupfd, F_GETFL, 0) >= 0)
683 continue;
684 if (dup2(nullfd, dupfd) == -1) {
Darren Tuckerce321d82005-10-03 18:11:24 +1000685 fprintf(stderr, "dup2: %s", strerror(errno));
686 exit(1);
687 }
Darren Tuckerce321d82005-10-03 18:11:24 +1000688 }
689 if (nullfd > 2)
690 close(nullfd);
691}
692
Damien Miller13390022005-07-06 09:44:19 +1000693char *
694tohex(const u_char *d, u_int l)
695{
696 char b[3], *r;
697 u_int i, hl;
698
699 hl = l * 2 + 1;
700 r = xmalloc(hl);
701 *r = '\0';
702 for (i = 0; i < l; i++) {
703 snprintf(b, sizeof(b), "%02x", d[i]);
704 strlcat(r, b, hl);
705 }
706 return (r);
707}
708