Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 3a4051e88b18b4290b07db7aec99adfffe566c96 / . / misc.c
blob: e4a47e6104086c7bd644145061ff57354e6bc6f1 [file] [log] [blame]
Damien Millere4340be2000-09-16 13:29:08 +1100[diff] [blame]1/*
2 * Copyright (c) 2000 Markus Friedl. All rights reserved.
Damien Miller6476cad2005-06-16 13:18:34 +1000[diff] [blame]3 * Copyright (c) 2005 Damien Miller. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +1100[diff] [blame]4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]26#include "includes.h"
Damien Miller3a4051e2006-03-15 11:19:42 +1100[diff] [blame^]27RCSID("$OpenBSD: misc.c,v 1.44 2006/02/08 12:32:49 stevesk Exp $");
28
29#include <netinet/tcp.h>
Damien Miller03e20032006-03-15 11:16:59 +1100[diff] [blame]30#ifdef HAVE_PATHS_H
Damien Millera9263d02006-03-15 11:18:26 +1100[diff] [blame]31# include <paths.h>
Damien Miller03e20032006-03-15 11:16:59 +1100[diff] [blame]32#endif
Damien Miller3beb8522006-01-02 23:40:10 +1100[diff] [blame]33#ifdef SSH_TUN_OPENBSD
34#include <net/if.h>
35#endif
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]36
Kevin Stevesb6e773a2001-02-04 13:20:36 +0000[diff] [blame]37#include "misc.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000[diff] [blame]38#include "log.h"
Ben Lindstrom06909012001-03-05 06:09:31 +0000[diff] [blame]39#include "xmalloc.h"
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]40
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]41/* remove newline at end of string */
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]42char *
43chop(char *s)
44{
45 char *t = s;
46 while (*t) {
Ben Lindstrom1c37c6a2001-12-06 18:00:18 +0000[diff] [blame]47 if (*t == '\n' || *t == '\r') {
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]48 *t = '\0';
49 return s;
50 }
51 t++;
52 }
53 return s;
54
55}
56
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]57/* set/unset filedescriptor to non-blocking */
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]58int
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]59set_nonblock(int fd)
60{
61 int val;
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]62
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]63 val = fcntl(fd, F_GETFL, 0);
64 if (val < 0) {
65 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]66 return (-1);
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]67 }
Damien Miller69b69aa2000-10-28 14:19:58 +1100[diff] [blame]68 if (val & O_NONBLOCK) {
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]69 debug3("fd %d is O_NONBLOCK", fd);
70 return (0);
Damien Miller69b69aa2000-10-28 14:19:58 +1100[diff] [blame]71 }
Damien Milleref095ce2003-05-14 13:41:39 +1000[diff] [blame]72 debug2("fd %d setting O_NONBLOCK", fd);
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]73 val |= O_NONBLOCK;
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]74 if (fcntl(fd, F_SETFL, val) == -1) {
75 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
76 strerror(errno));
77 return (-1);
78 }
79 return (0);
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]80}
81
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]82int
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]83unset_nonblock(int fd)
84{
85 int val;
86
87 val = fcntl(fd, F_GETFL, 0);
88 if (val < 0) {
89 error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]90 return (-1);
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]91 }
92 if (!(val & O_NONBLOCK)) {
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]93 debug3("fd %d is not O_NONBLOCK", fd);
94 return (0);
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]95 }
Ben Lindstrom352b1c22001-06-21 03:04:37 +0000[diff] [blame]96 debug("fd %d clearing O_NONBLOCK", fd);
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]97 val &= ~O_NONBLOCK;
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]98 if (fcntl(fd, F_SETFL, val) == -1) {
99 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
Ben Lindstrom84fcb312002-03-05 01:48:09 +0000[diff] [blame]100 fd, strerror(errno));
Damien Miller232711f2004-06-15 10:35:30 +1000[diff] [blame]101 return (-1);
102 }
103 return (0);
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000[diff] [blame]104}
105
Damien Miller398e1cf2002-02-05 11:52:13 +1100[diff] [blame]106/* disable nagle on socket */
107void
108set_nodelay(int fd)
109{
Ben Lindstrome86de512002-03-05 01:28:14 +0000[diff] [blame]110 int opt;
111 socklen_t optlen;
Damien Miller398e1cf2002-02-05 11:52:13 +1100[diff] [blame]112
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000[diff] [blame]113 optlen = sizeof opt;
114 if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
Darren Tucker6db8f932003-11-03 20:07:14 +1100[diff] [blame]115 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000[diff] [blame]116 return;
117 }
118 if (opt == 1) {
119 debug2("fd %d is TCP_NODELAY", fd);
120 return;
121 }
122 opt = 1;
Ben Lindstrom1d568f92002-12-23 02:44:36 +0000[diff] [blame]123 debug2("fd %d setting TCP_NODELAY", fd);
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000[diff] [blame]124 if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
Damien Miller398e1cf2002-02-05 11:52:13 +1100[diff] [blame]125 error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
126}
127
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]128/* Characters considered whitespace in strsep calls. */
129#define WHITESPACE " \t\r\n"
130
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]131/* return next token in configuration line */
Damien Miller61c51502000-08-18 14:01:04 +1000[diff] [blame]132char *
133strdelim(char **s)
134{
135 char *old;
136 int wspace = 0;
137
138 if (*s == NULL)
139 return NULL;
140
141 old = *s;
142
143 *s = strpbrk(*s, WHITESPACE "=");
144 if (*s == NULL)
145 return (old);
146
147 /* Allow only one '=' to be skipped */
148 if (*s[0] == '=')
149 wspace = 1;
150 *s[0] = '\0';
151
152 *s += strspn(*s + 1, WHITESPACE) + 1;
153 if (*s[0] == '=' && !wspace)
154 *s += strspn(*s + 1, WHITESPACE) + 1;
155
156 return (old);
157}
Kevin Stevesb6e773a2001-02-04 13:20:36 +0000[diff] [blame]158
Ben Lindstrom086cf212001-03-05 05:56:40 +0000[diff] [blame]159struct passwd *
160pwcopy(struct passwd *pw)
161{
162 struct passwd *copy = xmalloc(sizeof(*copy));
Ben Lindstrom40304422001-03-05 06:22:01 +0000[diff] [blame]163
Ben Lindstrom086cf212001-03-05 05:56:40 +0000[diff] [blame]164 memset(copy, 0, sizeof(*copy));
165 copy->pw_name = xstrdup(pw->pw_name);
166 copy->pw_passwd = xstrdup(pw->pw_passwd);
Ben Lindstrom40304422001-03-05 06:22:01 +0000[diff] [blame]167 copy->pw_gecos = xstrdup(pw->pw_gecos);
Ben Lindstrom086cf212001-03-05 05:56:40 +0000[diff] [blame]168 copy->pw_uid = pw->pw_uid;
169 copy->pw_gid = pw->pw_gid;
Kevin Steves82456952001-06-22 21:14:18 +0000[diff] [blame]170#ifdef HAVE_PW_EXPIRE_IN_PASSWD
Ben Lindstrom3af4d462001-06-21 03:11:27 +0000[diff] [blame]171 copy->pw_expire = pw->pw_expire;
Kevin Steves82456952001-06-22 21:14:18 +0000[diff] [blame]172#endif
173#ifdef HAVE_PW_CHANGE_IN_PASSWD
Ben Lindstrom3af4d462001-06-21 03:11:27 +0000[diff] [blame]174 copy->pw_change = pw->pw_change;
Kevin Steves82456952001-06-22 21:14:18 +0000[diff] [blame]175#endif
Ben Lindstrom0f68db42001-03-05 07:57:09 +0000[diff] [blame]176#ifdef HAVE_PW_CLASS_IN_PASSWD
Ben Lindstrom086cf212001-03-05 05:56:40 +0000[diff] [blame]177 copy->pw_class = xstrdup(pw->pw_class);
Ben Lindstrom0f68db42001-03-05 07:57:09 +0000[diff] [blame]178#endif
Ben Lindstrom086cf212001-03-05 05:56:40 +0000[diff] [blame]179 copy->pw_dir = xstrdup(pw->pw_dir);
180 copy->pw_shell = xstrdup(pw->pw_shell);
181 return copy;
182}
183
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]184/*
185 * Convert ASCII string to TCP/IP port number.
186 * Port must be >0 and <=65535.
187 * Return 0 if invalid.
188 */
189int
190a2port(const char *s)
Ben Lindstrom19066a12001-04-12 23:39:26 +0000[diff] [blame]191{
192 long port;
193 char *endp;
194
195 errno = 0;
196 port = strtol(s, &endp, 0);
197 if (s == endp || *endp != '\0' ||
198 (errno == ERANGE && (port == LONG_MIN || port == LONG_MAX)) ||
199 port <= 0 || port > 65535)
200 return 0;
201
202 return port;
203}
204
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]205int
206a2tun(const char *s, int *remote)
207{
208 const char *errstr = NULL;
209 char *sp, *ep;
210 int tun;
211
212 if (remote != NULL) {
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]213 *remote = SSH_TUNID_ANY;
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]214 sp = xstrdup(s);
215 if ((ep = strchr(sp, ':')) == NULL) {
216 xfree(sp);
217 return (a2tun(s, NULL));
218 }
219 ep[0] = '\0'; ep++;
220 *remote = a2tun(ep, NULL);
221 tun = a2tun(sp, NULL);
222 xfree(sp);
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]223 return (*remote == SSH_TUNID_ERR ? *remote : tun);
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]224 }
225
226 if (strcasecmp(s, "any") == 0)
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]227 return (SSH_TUNID_ANY);
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]228
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]229 tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
230 if (errstr != NULL)
231 return (SSH_TUNID_ERR);
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]232
233 return (tun);
234}
235
Ben Lindstrom1bda4c82001-06-05 19:59:08 +0000[diff] [blame]236#define SECONDS 1
237#define MINUTES (SECONDS * 60)
238#define HOURS (MINUTES * 60)
239#define DAYS (HOURS * 24)
240#define WEEKS (DAYS * 7)
241
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]242/*
243 * Convert a time string into seconds; format is
244 * a sequence of:
245 * time[qualifier]
246 *
247 * Valid time qualifiers are:
248 * <none> seconds
249 * s|S seconds
250 * m|M minutes
251 * h|H hours
252 * d|D days
253 * w|W weeks
254 *
255 * Examples:
256 * 90m 90 minutes
257 * 1h30m 90 minutes
258 * 2d 2 days
259 * 1w 1 week
260 *
261 * Return -1 if time string is invalid.
262 */
263long
264convtime(const char *s)
Ben Lindstrom1bda4c82001-06-05 19:59:08 +0000[diff] [blame]265{
266 long total, secs;
267 const char *p;
268 char *endp;
269
270 errno = 0;
271 total = 0;
272 p = s;
273
274 if (p == NULL || *p == '\0')
275 return -1;
276
277 while (*p) {
278 secs = strtol(p, &endp, 10);
279 if (p == endp ||
280 (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
281 secs < 0)
282 return -1;
283
284 switch (*endp++) {
285 case '\0':
286 endp--;
287 case 's':
288 case 'S':
289 break;
290 case 'm':
291 case 'M':
292 secs *= MINUTES;
293 break;
294 case 'h':
295 case 'H':
296 secs *= HOURS;
297 break;
298 case 'd':
299 case 'D':
300 secs *= DAYS;
301 break;
302 case 'w':
303 case 'W':
304 secs *= WEEKS;
305 break;
306 default:
307 return -1;
308 }
309 total += secs;
310 if (total < 0)
311 return -1;
312 p = endp;
313 }
314
315 return total;
316}
317
Damien Millerf91ee4c2005-03-01 21:24:33 +1100[diff] [blame]318/*
319 * Search for next delimiter between hostnames/addresses and ports.
320 * Argument may be modified (for termination).
321 * Returns *cp if parsing succeeds.
322 * *cp is set to the start of the next delimiter, if one was found.
323 * If this is the last field, *cp is set to NULL.
324 */
325char *
326hpdelim(char **cp)
327{
328 char *s, *old;
329
330 if (cp == NULL || *cp == NULL)
331 return NULL;
332
333 old = s = *cp;
334 if (*s == '[') {
335 if ((s = strchr(s, ']')) == NULL)
336 return NULL;
337 else
338 s++;
339 } else if ((s = strpbrk(s, ":/")) == NULL)
340 s = *cp + strlen(*cp); /* skip to end (see first case below) */
341
342 switch (*s) {
343 case '\0':
344 *cp = NULL; /* no more fields*/
345 break;
Darren Tucker47eede72005-03-14 23:08:12 +1100[diff] [blame]346
Damien Millerf91ee4c2005-03-01 21:24:33 +1100[diff] [blame]347 case ':':
348 case '/':
349 *s = '\0'; /* terminate */
350 *cp = s + 1;
351 break;
Darren Tucker47eede72005-03-14 23:08:12 +1100[diff] [blame]352
Damien Millerf91ee4c2005-03-01 21:24:33 +1100[diff] [blame]353 default:
354 return NULL;
355 }
356
357 return old;
358}
359
Ben Lindstrom4529b702001-05-03 23:39:53 +0000[diff] [blame]360char *
361cleanhostname(char *host)
362{
363 if (*host == '[' && host[strlen(host) - 1] == ']') {
364 host[strlen(host) - 1] = '\0';
365 return (host + 1);
366 } else
367 return host;
368}
369
370char *
371colon(char *cp)
372{
373 int flag = 0;
374
375 if (*cp == ':') /* Leading colon is part of file name. */
376 return (0);
377 if (*cp == '[')
378 flag = 1;
379
380 for (; *cp; ++cp) {
381 if (*cp == '@' && *(cp+1) == '[')
382 flag = 1;
383 if (*cp == ']' && *(cp+1) == ':' && flag)
384 return (cp+1);
385 if (*cp == ':' && !flag)
386 return (cp);
387 if (*cp == '/')
388 return (0);
389 }
390 return (0);
391}
392
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000[diff] [blame]393/* function to assist building execv() arguments */
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]394void
395addargs(arglist *args, char *fmt, ...)
396{
397 va_list ap;
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]398 char *cp;
Darren Tuckerc7a6fc42004-08-13 21:18:00 +1000[diff] [blame]399 u_int nalloc;
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]400 int r;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]401
402 va_start(ap, fmt);
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]403 r = vasprintf(&cp, fmt, ap);
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]404 va_end(ap);
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]405 if (r == -1)
406 fatal("addargs: argument too long");
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]407
Darren Tuckerfb16b242003-09-22 21:04:23 +1000[diff] [blame]408 nalloc = args->nalloc;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]409 if (args->list == NULL) {
Darren Tuckerfb16b242003-09-22 21:04:23 +1000[diff] [blame]410 nalloc = 32;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]411 args->num = 0;
Darren Tuckerfb16b242003-09-22 21:04:23 +1000[diff] [blame]412 } else if (args->num+2 >= nalloc)
413 nalloc *= 2;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]414
Darren Tuckerfb16b242003-09-22 21:04:23 +1000[diff] [blame]415 args->list = xrealloc(args->list, nalloc * sizeof(char *));
416 args->nalloc = nalloc;
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]417 args->list[args->num++] = cp;
Ben Lindstrom387c4722001-05-08 20:27:25 +0000[diff] [blame]418 args->list[args->num] = NULL;
419}
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]420
Damien Miller3eec6b72006-01-31 21:49:27 +1100[diff] [blame]421void
422replacearg(arglist *args, u_int which, char *fmt, ...)
423{
424 va_list ap;
425 char *cp;
426 int r;
427
428 va_start(ap, fmt);
429 r = vasprintf(&cp, fmt, ap);
430 va_end(ap);
431 if (r == -1)
432 fatal("replacearg: argument too long");
433
434 if (which >= args->num)
435 fatal("replacearg: tried to replace invalid arg %d >= %d",
436 which, args->num);
437 xfree(args->list[which]);
438 args->list[which] = cp;
439}
440
441void
442freeargs(arglist *args)
443{
444 u_int i;
445
446 if (args->list != NULL) {
447 for (i = 0; i < args->num; i++)
448 xfree(args->list[i]);
449 xfree(args->list);
450 args->nalloc = args->num = 0;
451 args->list = NULL;
452 }
453}
454
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]455/*
Damien Miller5fd38c02005-05-26 12:02:14 +1000[diff] [blame]456 * Expands tildes in the file name. Returns data allocated by xmalloc.
457 * Warning: this calls getpw*.
458 */
459char *
460tilde_expand_filename(const char *filename, uid_t uid)
461{
462 const char *path;
463 char user[128], ret[MAXPATHLEN];
464 struct passwd *pw;
Damien Millereccb9de2005-06-17 12:59:34 +1000[diff] [blame]465 u_int len, slash;
Damien Miller5fd38c02005-05-26 12:02:14 +1000[diff] [blame]466
467 if (*filename != '~')
468 return (xstrdup(filename));
469 filename++;
470
471 path = strchr(filename, '/');
472 if (path != NULL && path > filename) { /* ~user/path */
Damien Millereccb9de2005-06-17 12:59:34 +1000[diff] [blame]473 slash = path - filename;
474 if (slash > sizeof(user) - 1)
Damien Miller5fd38c02005-05-26 12:02:14 +1000[diff] [blame]475 fatal("tilde_expand_filename: ~username too long");
Damien Millereccb9de2005-06-17 12:59:34 +1000[diff] [blame]476 memcpy(user, filename, slash);
477 user[slash] = '\0';
Damien Miller5fd38c02005-05-26 12:02:14 +1000[diff] [blame]478 if ((pw = getpwnam(user)) == NULL)
479 fatal("tilde_expand_filename: No such user %s", user);
480 } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */
481 fatal("tilde_expand_filename: No such uid %d", uid);
482
483 if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
484 fatal("tilde_expand_filename: Path too long");
485
486 /* Make sure directory has a trailing '/' */
487 len = strlen(pw->pw_dir);
488 if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
489 strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
490 fatal("tilde_expand_filename: Path too long");
491
492 /* Skip leading '/' from specified path */
493 if (path != NULL)
494 filename = path + 1;
495 if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret))
496 fatal("tilde_expand_filename: Path too long");
497
498 return (xstrdup(ret));
499}
500
501/*
Damien Miller6476cad2005-06-16 13:18:34 +1000[diff] [blame]502 * Expand a string with a set of %[char] escapes. A number of escapes may be
503 * specified as (char *escape_chars, char *replacement) pairs. The list must
Darren Tuckerbee73d52005-07-14 17:05:02 +1000[diff] [blame]504 * be terminated by a NULL escape_char. Returns replaced string in memory
Damien Miller6476cad2005-06-16 13:18:34 +1000[diff] [blame]505 * allocated by xmalloc.
506 */
507char *
508percent_expand(const char *string, ...)
509{
510#define EXPAND_MAX_KEYS 16
511 struct {
512 const char *key;
513 const char *repl;
514 } keys[EXPAND_MAX_KEYS];
Damien Millereccb9de2005-06-17 12:59:34 +1000[diff] [blame]515 u_int num_keys, i, j;
Damien Miller6476cad2005-06-16 13:18:34 +1000[diff] [blame]516 char buf[4096];
517 va_list ap;
518
519 /* Gather keys */
520 va_start(ap, string);
521 for (num_keys = 0; num_keys < EXPAND_MAX_KEYS; num_keys++) {
522 keys[num_keys].key = va_arg(ap, char *);
523 if (keys[num_keys].key == NULL)
524 break;
525 keys[num_keys].repl = va_arg(ap, char *);
526 if (keys[num_keys].repl == NULL)
527 fatal("percent_expand: NULL replacement");
528 }
529 va_end(ap);
530
531 if (num_keys >= EXPAND_MAX_KEYS)
532 fatal("percent_expand: too many keys");
533
534 /* Expand string */
535 *buf = '\0';
536 for (i = 0; *string != '\0'; string++) {
537 if (*string != '%') {
538 append:
539 buf[i++] = *string;
540 if (i >= sizeof(buf))
541 fatal("percent_expand: string too long");
542 buf[i] = '\0';
543 continue;
544 }
545 string++;
546 if (*string == '%')
547 goto append;
548 for (j = 0; j < num_keys; j++) {
549 if (strchr(keys[j].key, *string) != NULL) {
550 i = strlcat(buf, keys[j].repl, sizeof(buf));
551 if (i >= sizeof(buf))
552 fatal("percent_expand: string too long");
553 break;
554 }
555 }
556 if (j >= num_keys)
557 fatal("percent_expand: unknown key %%%c", *string);
558 }
559 return (xstrdup(buf));
560#undef EXPAND_MAX_KEYS
561}
562
563/*
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]564 * Read an entire line from a public key file into a static buffer, discarding
565 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
566 */
567int
568read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
Darren Tuckerf0f90982004-12-11 13:39:50 +1100[diff] [blame]569 u_long *lineno)
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]570{
571 while (fgets(buf, bufsz, f) != NULL) {
572 (*lineno)++;
573 if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
574 return 0;
575 } else {
Darren Tuckerf0f90982004-12-11 13:39:50 +1100[diff] [blame]576 debug("%s: %s line %lu exceeds size limit", __func__,
577 filename, *lineno);
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]578 /* discard remainder of line */
Darren Tucker47eede72005-03-14 23:08:12 +1100[diff] [blame]579 while (fgetc(f) != '\n' && !feof(f))
Darren Tucker22cc7412004-12-06 22:47:41 +1100[diff] [blame]580 ; /* nothing */
581 }
582 }
583 return -1;
584}
Damien Miller13390022005-07-06 09:44:19 +1000[diff] [blame]585
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]586int
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]587tun_open(int tun, int mode)
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]588{
Damien Miller62a31c92005-12-13 20:44:13 +1100[diff] [blame]589#if defined(CUSTOM_SYS_TUN_OPEN)
590 return (sys_tun_open(tun, mode));
Damien Miller2dcddbf2006-01-01 19:47:05 +1100[diff] [blame]591#elif defined(SSH_TUN_OPENBSD)
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]592 struct ifreq ifr;
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]593 char name[100];
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]594 int fd = -1, sock;
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]595
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]596 /* Open the tunnel device */
597 if (tun <= SSH_TUNID_MAX) {
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]598 snprintf(name, sizeof(name), "/dev/tun%d", tun);
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]599 fd = open(name, O_RDWR);
600 } else if (tun == SSH_TUNID_ANY) {
601 for (tun = 100; tun >= 0; tun--) {
602 snprintf(name, sizeof(name), "/dev/tun%d", tun);
603 if ((fd = open(name, O_RDWR)) >= 0)
604 break;
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]605 }
606 } else {
Damien Millera210d522006-01-02 23:40:30 +1100[diff] [blame]607 debug("%s: invalid tunnel %u", __func__, tun);
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]608 return (-1);
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]609 }
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]610
611 if (fd < 0) {
612 debug("%s: %s open failed: %s", __func__, name, strerror(errno));
613 return (-1);
614 }
615
616 debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
617
618 /* Set the tunnel device operation mode */
619 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
620 if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
621 goto failed;
622
623 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
624 goto failed;
Damien Millera1d9a182006-01-02 23:41:21 +1100[diff] [blame]625
626 /* Set interface mode */
627 ifr.ifr_flags &= ~IFF_UP;
628 if (mode == SSH_TUNMODE_ETHERNET)
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]629 ifr.ifr_flags |= IFF_LINK0;
Damien Millera1d9a182006-01-02 23:41:21 +1100[diff] [blame]630 else
631 ifr.ifr_flags &= ~IFF_LINK0;
632 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
633 goto failed;
634
635 /* Bring interface up */
Damien Miller7b58e802005-12-13 19:33:19 +1100[diff] [blame]636 ifr.ifr_flags |= IFF_UP;
637 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
638 goto failed;
639
640 close(sock);
641 return (fd);
642
643 failed:
644 if (fd >= 0)
645 close(fd);
646 if (sock >= 0)
647 close(sock);
648 debug("%s: failed to set %s mode %d: %s", __func__, name,
649 mode, strerror(errno));
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]650 return (-1);
Damien Miller62a31c92005-12-13 20:44:13 +1100[diff] [blame]651#else
652 error("Tunnel interfaces are not supported on this platform");
653 return (-1);
654#endif
Damien Millerd27b9472005-12-13 19:29:02 +1100[diff] [blame]655}
656
Darren Tuckerce321d82005-10-03 18:11:24 +1000[diff] [blame]657void
658sanitise_stdfd(void)
659{
Damien Miller72c5b7d2006-01-06 14:50:44 +1100[diff] [blame]660 int nullfd, dupfd;
Darren Tuckerce321d82005-10-03 18:11:24 +1000[diff] [blame]661
Damien Miller72c5b7d2006-01-06 14:50:44 +1100[diff] [blame]662 if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
Darren Tuckerce321d82005-10-03 18:11:24 +1000[diff] [blame]663 fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
664 exit(1);
665 }
Damien Miller72c5b7d2006-01-06 14:50:44 +1100[diff] [blame]666 while (++dupfd <= 2) {
667 /* Only clobber closed fds */
668 if (fcntl(dupfd, F_GETFL, 0) >= 0)
669 continue;
670 if (dup2(nullfd, dupfd) == -1) {
Darren Tuckerce321d82005-10-03 18:11:24 +1000[diff] [blame]671 fprintf(stderr, "dup2: %s", strerror(errno));
672 exit(1);
673 }
Darren Tuckerce321d82005-10-03 18:11:24 +1000[diff] [blame]674 }
675 if (nullfd > 2)
676 close(nullfd);
677}
678
Damien Miller13390022005-07-06 09:44:19 +1000[diff] [blame]679char *
680tohex(const u_char *d, u_int l)
681{
682 char b[3], *r;
683 u_int i, hl;
684
685 hl = l * 2 + 1;
686 r = xmalloc(hl);
687 *r = '\0';
688 for (i = 0; i < l; i++) {
689 snprintf(b, sizeof(b), "%02x", d[i]);
690 strlcat(r, b, hl);
691 }
692 return (r);
693}
694