1 /* $OpenBSD: misc.c,v 1.67 2008/01/01 08:47:04 dtucker Exp $ */
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #include <sys/types.h>
30 #include <sys/ioctl.h>
31 #include <sys/socket.h>
32 #include <sys/param.h>
40 #include <netinet/in.h>
41 #include <netinet/tcp.h>
50 #ifdef SSH_TUN_OPENBSD
59 /* remove newline at end of string */
65 if (*t
== '\n' || *t
== '\r') {
75 /* set/unset filedescriptor to non-blocking */
81 val
= fcntl(fd
, F_GETFL
, 0);
83 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
86 if (val
& O_NONBLOCK
) {
87 debug3("fd %d is O_NONBLOCK", fd
);
90 debug2("fd %d setting O_NONBLOCK", fd
);
92 if (fcntl(fd
, F_SETFL
, val
) == -1) {
93 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd
,
101 unset_nonblock(int fd
)
105 val
= fcntl(fd
, F_GETFL
, 0);
107 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
110 if (!(val
& O_NONBLOCK
)) {
111 debug3("fd %d is not O_NONBLOCK", fd
);
114 debug("fd %d clearing O_NONBLOCK", fd
);
116 if (fcntl(fd
, F_SETFL
, val
) == -1) {
117 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
118 fd
, strerror(errno
));
125 ssh_gai_strerror(int gaierr
)
127 if (gaierr
== EAI_SYSTEM
)
128 return strerror(errno
);
129 return gai_strerror(gaierr
);
132 /* disable nagle on socket */
140 if (getsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, &optlen
) == -1) {
141 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno
));
145 debug2("fd %d is TCP_NODELAY", fd
);
149 debug2("fd %d setting TCP_NODELAY", fd
);
150 if (setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, sizeof opt
) == -1)
151 error("setsockopt TCP_NODELAY: %.100s", strerror(errno
));
154 /* Characters considered whitespace in strsep calls. */
155 #define WHITESPACE " \t\r\n"
158 /* return next token in configuration line */
170 *s
= strpbrk(*s
, WHITESPACE QUOTE
"=");
175 memmove(*s
, *s
+ 1, strlen(*s
)); /* move nul too */
176 /* Find matching quote */
177 if ((*s
= strpbrk(*s
, QUOTE
)) == NULL
) {
178 return (NULL
); /* no matching quote */
185 /* Allow only one '=' to be skipped */
190 /* Skip any extra whitespace after first token */
191 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
192 if (*s
[0] == '=' && !wspace
)
193 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
199 pwcopy(struct passwd
*pw
)
201 struct passwd
*copy
= xcalloc(1, sizeof(*copy
));
203 copy
->pw_name
= xstrdup(pw
->pw_name
);
204 copy
->pw_passwd
= xstrdup(pw
->pw_passwd
);
205 copy
->pw_gecos
= xstrdup(pw
->pw_gecos
);
206 copy
->pw_uid
= pw
->pw_uid
;
207 copy
->pw_gid
= pw
->pw_gid
;
208 #ifdef HAVE_PW_EXPIRE_IN_PASSWD
209 copy
->pw_expire
= pw
->pw_expire
;
211 #ifdef HAVE_PW_CHANGE_IN_PASSWD
212 copy
->pw_change
= pw
->pw_change
;
214 #ifdef HAVE_PW_CLASS_IN_PASSWD
215 copy
->pw_class
= xstrdup(pw
->pw_class
);
217 copy
->pw_dir
= xstrdup(pw
->pw_dir
);
218 copy
->pw_shell
= xstrdup(pw
->pw_shell
);
223 * Convert ASCII string to TCP/IP port number.
224 * Port must be >0 and <=65535.
225 * Return 0 if invalid.
228 a2port(const char *s
)
234 port
= strtol(s
, &endp
, 0);
235 if (s
== endp
|| *endp
!= '\0' ||
236 (errno
== ERANGE
&& (port
== LONG_MIN
|| port
== LONG_MAX
)) ||
237 port
<= 0 || port
> 65535)
244 a2tun(const char *s
, int *remote
)
246 const char *errstr
= NULL
;
250 if (remote
!= NULL
) {
251 *remote
= SSH_TUNID_ANY
;
253 if ((ep
= strchr(sp
, ':')) == NULL
) {
255 return (a2tun(s
, NULL
));
258 *remote
= a2tun(ep
, NULL
);
259 tun
= a2tun(sp
, NULL
);
261 return (*remote
== SSH_TUNID_ERR
? *remote
: tun
);
264 if (strcasecmp(s
, "any") == 0)
265 return (SSH_TUNID_ANY
);
267 tun
= strtonum(s
, 0, SSH_TUNID_MAX
, &errstr
);
269 return (SSH_TUNID_ERR
);
275 #define MINUTES (SECONDS * 60)
276 #define HOURS (MINUTES * 60)
277 #define DAYS (HOURS * 24)
278 #define WEEKS (DAYS * 7)
281 * Convert a time string into seconds; format is
285 * Valid time qualifiers are:
299 * Return -1 if time string is invalid.
302 convtime(const char *s
)
312 if (p
== NULL
|| *p
== '\0')
316 secs
= strtol(p
, &endp
, 10);
318 (errno
== ERANGE
&& (secs
== LONG_MIN
|| secs
== LONG_MAX
)) ||
358 * Returns a standardized host+port identifier string.
359 * Caller must free returned string.
362 put_host_port(const char *host
, u_short port
)
366 if (port
== 0 || port
== SSH_DEFAULT_PORT
)
367 return(xstrdup(host
));
368 if (asprintf(&hoststr
, "[%s]:%d", host
, (int)port
) < 0)
369 fatal("put_host_port: asprintf: %s", strerror(errno
));
370 debug3("put_host_port: %s", hoststr
);
375 * Search for next delimiter between hostnames/addresses and ports.
376 * Argument may be modified (for termination).
377 * Returns *cp if parsing succeeds.
378 * *cp is set to the start of the next delimiter, if one was found.
379 * If this is the last field, *cp is set to NULL.
386 if (cp
== NULL
|| *cp
== NULL
)
391 if ((s
= strchr(s
, ']')) == NULL
)
395 } else if ((s
= strpbrk(s
, ":/")) == NULL
)
396 s
= *cp
+ strlen(*cp
); /* skip to end (see first case below) */
400 *cp
= NULL
; /* no more fields*/
405 *s
= '\0'; /* terminate */
417 cleanhostname(char *host
)
419 if (*host
== '[' && host
[strlen(host
) - 1] == ']') {
420 host
[strlen(host
) - 1] = '\0';
431 if (*cp
== ':') /* Leading colon is part of file name. */
437 if (*cp
== '@' && *(cp
+1) == '[')
439 if (*cp
== ']' && *(cp
+1) == ':' && flag
)
441 if (*cp
== ':' && !flag
)
449 /* function to assist building execv() arguments */
451 addargs(arglist
*args
, char *fmt
, ...)
459 r
= vasprintf(&cp
, fmt
, ap
);
462 fatal("addargs: argument too long");
464 nalloc
= args
->nalloc
;
465 if (args
->list
== NULL
) {
468 } else if (args
->num
+2 >= nalloc
)
471 args
->list
= xrealloc(args
->list
, nalloc
, sizeof(char *));
472 args
->nalloc
= nalloc
;
473 args
->list
[args
->num
++] = cp
;
474 args
->list
[args
->num
] = NULL
;
478 replacearg(arglist
*args
, u_int which
, char *fmt
, ...)
485 r
= vasprintf(&cp
, fmt
, ap
);
488 fatal("replacearg: argument too long");
490 if (which
>= args
->num
)
491 fatal("replacearg: tried to replace invalid arg %d >= %d",
493 xfree(args
->list
[which
]);
494 args
->list
[which
] = cp
;
498 freeargs(arglist
*args
)
502 if (args
->list
!= NULL
) {
503 for (i
= 0; i
< args
->num
; i
++)
504 xfree(args
->list
[i
]);
506 args
->nalloc
= args
->num
= 0;
512 * Expands tildes in the file name. Returns data allocated by xmalloc.
513 * Warning: this calls getpw*.
516 tilde_expand_filename(const char *filename
, uid_t uid
)
519 char user
[128], ret
[MAXPATHLEN
];
523 if (*filename
!= '~')
524 return (xstrdup(filename
));
527 path
= strchr(filename
, '/');
528 if (path
!= NULL
&& path
> filename
) { /* ~user/path */
529 slash
= path
- filename
;
530 if (slash
> sizeof(user
) - 1)
531 fatal("tilde_expand_filename: ~username too long");
532 memcpy(user
, filename
, slash
);
534 if ((pw
= getpwnam(user
)) == NULL
)
535 fatal("tilde_expand_filename: No such user %s", user
);
536 } else if ((pw
= getpwuid(uid
)) == NULL
) /* ~/path */
537 fatal("tilde_expand_filename: No such uid %d", uid
);
539 if (strlcpy(ret
, pw
->pw_dir
, sizeof(ret
)) >= sizeof(ret
))
540 fatal("tilde_expand_filename: Path too long");
542 /* Make sure directory has a trailing '/' */
543 len
= strlen(pw
->pw_dir
);
544 if ((len
== 0 || pw
->pw_dir
[len
- 1] != '/') &&
545 strlcat(ret
, "/", sizeof(ret
)) >= sizeof(ret
))
546 fatal("tilde_expand_filename: Path too long");
548 /* Skip leading '/' from specified path */
551 if (strlcat(ret
, filename
, sizeof(ret
)) >= sizeof(ret
))
552 fatal("tilde_expand_filename: Path too long");
554 return (xstrdup(ret
));
558 * Expand a string with a set of %[char] escapes. A number of escapes may be
559 * specified as (char *escape_chars, char *replacement) pairs. The list must
560 * be terminated by a NULL escape_char. Returns replaced string in memory
561 * allocated by xmalloc.
564 percent_expand(const char *string
, ...)
566 #define EXPAND_MAX_KEYS 16
570 } keys
[EXPAND_MAX_KEYS
];
571 u_int num_keys
, i
, j
;
576 va_start(ap
, string
);
577 for (num_keys
= 0; num_keys
< EXPAND_MAX_KEYS
; num_keys
++) {
578 keys
[num_keys
].key
= va_arg(ap
, char *);
579 if (keys
[num_keys
].key
== NULL
)
581 keys
[num_keys
].repl
= va_arg(ap
, char *);
582 if (keys
[num_keys
].repl
== NULL
)
583 fatal("percent_expand: NULL replacement");
587 if (num_keys
>= EXPAND_MAX_KEYS
)
588 fatal("percent_expand: too many keys");
592 for (i
= 0; *string
!= '\0'; string
++) {
593 if (*string
!= '%') {
596 if (i
>= sizeof(buf
))
597 fatal("percent_expand: string too long");
604 for (j
= 0; j
< num_keys
; j
++) {
605 if (strchr(keys
[j
].key
, *string
) != NULL
) {
606 i
= strlcat(buf
, keys
[j
].repl
, sizeof(buf
));
607 if (i
>= sizeof(buf
))
608 fatal("percent_expand: string too long");
613 fatal("percent_expand: unknown key %%%c", *string
);
615 return (xstrdup(buf
));
616 #undef EXPAND_MAX_KEYS
620 * Read an entire line from a public key file into a static buffer, discarding
621 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
624 read_keyfile_line(FILE *f
, const char *filename
, char *buf
, size_t bufsz
,
627 while (fgets(buf
, bufsz
, f
) != NULL
) {
631 if (buf
[strlen(buf
) - 1] == '\n' || feof(f
)) {
634 debug("%s: %s line %lu exceeds size limit", __func__
,
636 /* discard remainder of line */
637 while (fgetc(f
) != '\n' && !feof(f
))
645 tun_open(int tun
, int mode
)
647 #if defined(CUSTOM_SYS_TUN_OPEN)
648 return (sys_tun_open(tun
, mode
));
649 #elif defined(SSH_TUN_OPENBSD)
654 /* Open the tunnel device */
655 if (tun
<= SSH_TUNID_MAX
) {
656 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
657 fd
= open(name
, O_RDWR
);
658 } else if (tun
== SSH_TUNID_ANY
) {
659 for (tun
= 100; tun
>= 0; tun
--) {
660 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
661 if ((fd
= open(name
, O_RDWR
)) >= 0)
665 debug("%s: invalid tunnel %u", __func__
, tun
);
670 debug("%s: %s open failed: %s", __func__
, name
, strerror(errno
));
674 debug("%s: %s mode %d fd %d", __func__
, name
, mode
, fd
);
676 /* Set the tunnel device operation mode */
677 snprintf(ifr
.ifr_name
, sizeof(ifr
.ifr_name
), "tun%d", tun
);
678 if ((sock
= socket(PF_UNIX
, SOCK_STREAM
, 0)) == -1)
681 if (ioctl(sock
, SIOCGIFFLAGS
, &ifr
) == -1)
684 /* Set interface mode */
685 ifr
.ifr_flags
&= ~IFF_UP
;
686 if (mode
== SSH_TUNMODE_ETHERNET
)
687 ifr
.ifr_flags
|= IFF_LINK0
;
689 ifr
.ifr_flags
&= ~IFF_LINK0
;
690 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
693 /* Bring interface up */
694 ifr
.ifr_flags
|= IFF_UP
;
695 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
706 debug("%s: failed to set %s mode %d: %s", __func__
, name
,
707 mode
, strerror(errno
));
710 error("Tunnel interfaces are not supported on this platform");
720 if ((nullfd
= dupfd
= open(_PATH_DEVNULL
, O_RDWR
)) == -1) {
721 fprintf(stderr
, "Couldn't open /dev/null: %s", strerror(errno
));
724 while (++dupfd
<= 2) {
725 /* Only clobber closed fds */
726 if (fcntl(dupfd
, F_GETFL
, 0) >= 0)
728 if (dup2(nullfd
, dupfd
) == -1) {
729 fprintf(stderr
, "dup2: %s", strerror(errno
));
738 tohex(const void *vp
, size_t l
)
740 const u_char
*p
= (const u_char
*)vp
;
745 return xstrdup("tohex: length > 65536");
749 for (i
= 0; i
< l
; i
++) {
750 snprintf(b
, sizeof(b
), "%02x", p
[i
]);
757 get_u64(const void *vp
)
759 const u_char
*p
= (const u_char
*)vp
;
762 v
= (u_int64_t
)p
[0] << 56;
763 v
|= (u_int64_t
)p
[1] << 48;
764 v
|= (u_int64_t
)p
[2] << 40;
765 v
|= (u_int64_t
)p
[3] << 32;
766 v
|= (u_int64_t
)p
[4] << 24;
767 v
|= (u_int64_t
)p
[5] << 16;
768 v
|= (u_int64_t
)p
[6] << 8;
769 v
|= (u_int64_t
)p
[7];
775 get_u32(const void *vp
)
777 const u_char
*p
= (const u_char
*)vp
;
780 v
= (u_int32_t
)p
[0] << 24;
781 v
|= (u_int32_t
)p
[1] << 16;
782 v
|= (u_int32_t
)p
[2] << 8;
783 v
|= (u_int32_t
)p
[3];
789 get_u16(const void *vp
)
791 const u_char
*p
= (const u_char
*)vp
;
794 v
= (u_int16_t
)p
[0] << 8;
795 v
|= (u_int16_t
)p
[1];
801 put_u64(void *vp
, u_int64_t v
)
803 u_char
*p
= (u_char
*)vp
;
805 p
[0] = (u_char
)(v
>> 56) & 0xff;
806 p
[1] = (u_char
)(v
>> 48) & 0xff;
807 p
[2] = (u_char
)(v
>> 40) & 0xff;
808 p
[3] = (u_char
)(v
>> 32) & 0xff;
809 p
[4] = (u_char
)(v
>> 24) & 0xff;
810 p
[5] = (u_char
)(v
>> 16) & 0xff;
811 p
[6] = (u_char
)(v
>> 8) & 0xff;
812 p
[7] = (u_char
)v
& 0xff;
816 put_u32(void *vp
, u_int32_t v
)
818 u_char
*p
= (u_char
*)vp
;
820 p
[0] = (u_char
)(v
>> 24) & 0xff;
821 p
[1] = (u_char
)(v
>> 16) & 0xff;
822 p
[2] = (u_char
)(v
>> 8) & 0xff;
823 p
[3] = (u_char
)v
& 0xff;
828 put_u16(void *vp
, u_int16_t v
)
830 u_char
*p
= (u_char
*)vp
;
832 p
[0] = (u_char
)(v
>> 8) & 0xff;
833 p
[1] = (u_char
)v
& 0xff;