1 /* $OpenBSD: misc.c,v 1.71 2009/02/21 19:32:04 tobias Exp $ */
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #include <sys/types.h>
30 #include <sys/ioctl.h>
31 #include <sys/socket.h>
32 #include <sys/param.h>
40 #include <netinet/in.h>
41 #include <netinet/tcp.h>
50 #ifdef SSH_TUN_OPENBSD
59 /* remove newline at end of string */
65 if (*t
== '\n' || *t
== '\r') {
75 /* set/unset filedescriptor to non-blocking */
81 val
= fcntl(fd
, F_GETFL
, 0);
83 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
86 if (val
& O_NONBLOCK
) {
87 debug3("fd %d is O_NONBLOCK", fd
);
90 debug2("fd %d setting O_NONBLOCK", fd
);
92 if (fcntl(fd
, F_SETFL
, val
) == -1) {
93 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd
,
101 unset_nonblock(int fd
)
105 val
= fcntl(fd
, F_GETFL
, 0);
107 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
110 if (!(val
& O_NONBLOCK
)) {
111 debug3("fd %d is not O_NONBLOCK", fd
);
114 debug("fd %d clearing O_NONBLOCK", fd
);
116 if (fcntl(fd
, F_SETFL
, val
) == -1) {
117 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
118 fd
, strerror(errno
));
125 ssh_gai_strerror(int gaierr
)
127 if (gaierr
== EAI_SYSTEM
)
128 return strerror(errno
);
129 return gai_strerror(gaierr
);
132 /* disable nagle on socket */
140 if (getsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, &optlen
) == -1) {
141 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno
));
145 debug2("fd %d is TCP_NODELAY", fd
);
149 debug2("fd %d setting TCP_NODELAY", fd
);
150 if (setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, sizeof opt
) == -1)
151 error("setsockopt TCP_NODELAY: %.100s", strerror(errno
));
154 /* Characters considered whitespace in strsep calls. */
155 #define WHITESPACE " \t\r\n"
158 /* return next token in configuration line */
170 *s
= strpbrk(*s
, WHITESPACE QUOTE
"=");
175 memmove(*s
, *s
+ 1, strlen(*s
)); /* move nul too */
176 /* Find matching quote */
177 if ((*s
= strpbrk(*s
, QUOTE
)) == NULL
) {
178 return (NULL
); /* no matching quote */
185 /* Allow only one '=' to be skipped */
190 /* Skip any extra whitespace after first token */
191 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
192 if (*s
[0] == '=' && !wspace
)
193 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
199 pwcopy(struct passwd
*pw
)
201 struct passwd
*copy
= xcalloc(1, sizeof(*copy
));
203 copy
->pw_name
= xstrdup(pw
->pw_name
);
204 copy
->pw_passwd
= xstrdup(pw
->pw_passwd
);
205 copy
->pw_gecos
= xstrdup(pw
->pw_gecos
);
206 copy
->pw_uid
= pw
->pw_uid
;
207 copy
->pw_gid
= pw
->pw_gid
;
208 #ifdef HAVE_PW_EXPIRE_IN_PASSWD
209 copy
->pw_expire
= pw
->pw_expire
;
211 #ifdef HAVE_PW_CHANGE_IN_PASSWD
212 copy
->pw_change
= pw
->pw_change
;
214 #ifdef HAVE_PW_CLASS_IN_PASSWD
215 copy
->pw_class
= xstrdup(pw
->pw_class
);
217 copy
->pw_dir
= xstrdup(pw
->pw_dir
);
218 copy
->pw_shell
= xstrdup(pw
->pw_shell
);
223 * Convert ASCII string to TCP/IP port number.
224 * Port must be >=0 and <=65535.
225 * Return -1 if invalid.
228 a2port(const char *s
)
233 port
= strtonum(s
, 0, 65535, &errstr
);
240 a2tun(const char *s
, int *remote
)
242 const char *errstr
= NULL
;
246 if (remote
!= NULL
) {
247 *remote
= SSH_TUNID_ANY
;
249 if ((ep
= strchr(sp
, ':')) == NULL
) {
251 return (a2tun(s
, NULL
));
254 *remote
= a2tun(ep
, NULL
);
255 tun
= a2tun(sp
, NULL
);
257 return (*remote
== SSH_TUNID_ERR
? *remote
: tun
);
260 if (strcasecmp(s
, "any") == 0)
261 return (SSH_TUNID_ANY
);
263 tun
= strtonum(s
, 0, SSH_TUNID_MAX
, &errstr
);
265 return (SSH_TUNID_ERR
);
271 #define MINUTES (SECONDS * 60)
272 #define HOURS (MINUTES * 60)
273 #define DAYS (HOURS * 24)
274 #define WEEKS (DAYS * 7)
277 * Convert a time string into seconds; format is
281 * Valid time qualifiers are:
295 * Return -1 if time string is invalid.
298 convtime(const char *s
)
308 if (p
== NULL
|| *p
== '\0')
312 secs
= strtol(p
, &endp
, 10);
314 (errno
== ERANGE
&& (secs
== LONG_MIN
|| secs
== LONG_MAX
)) ||
354 * Returns a standardized host+port identifier string.
355 * Caller must free returned string.
358 put_host_port(const char *host
, u_short port
)
362 if (port
== 0 || port
== SSH_DEFAULT_PORT
)
363 return(xstrdup(host
));
364 if (asprintf(&hoststr
, "[%s]:%d", host
, (int)port
) < 0)
365 fatal("put_host_port: asprintf: %s", strerror(errno
));
366 debug3("put_host_port: %s", hoststr
);
371 * Search for next delimiter between hostnames/addresses and ports.
372 * Argument may be modified (for termination).
373 * Returns *cp if parsing succeeds.
374 * *cp is set to the start of the next delimiter, if one was found.
375 * If this is the last field, *cp is set to NULL.
382 if (cp
== NULL
|| *cp
== NULL
)
387 if ((s
= strchr(s
, ']')) == NULL
)
391 } else if ((s
= strpbrk(s
, ":/")) == NULL
)
392 s
= *cp
+ strlen(*cp
); /* skip to end (see first case below) */
396 *cp
= NULL
; /* no more fields*/
401 *s
= '\0'; /* terminate */
413 cleanhostname(char *host
)
415 if (*host
== '[' && host
[strlen(host
) - 1] == ']') {
416 host
[strlen(host
) - 1] = '\0';
427 if (*cp
== ':') /* Leading colon is part of file name. */
433 if (*cp
== '@' && *(cp
+1) == '[')
435 if (*cp
== ']' && *(cp
+1) == ':' && flag
)
437 if (*cp
== ':' && !flag
)
445 /* function to assist building execv() arguments */
447 addargs(arglist
*args
, char *fmt
, ...)
455 r
= vasprintf(&cp
, fmt
, ap
);
458 fatal("addargs: argument too long");
460 nalloc
= args
->nalloc
;
461 if (args
->list
== NULL
) {
464 } else if (args
->num
+2 >= nalloc
)
467 args
->list
= xrealloc(args
->list
, nalloc
, sizeof(char *));
468 args
->nalloc
= nalloc
;
469 args
->list
[args
->num
++] = cp
;
470 args
->list
[args
->num
] = NULL
;
474 replacearg(arglist
*args
, u_int which
, char *fmt
, ...)
481 r
= vasprintf(&cp
, fmt
, ap
);
484 fatal("replacearg: argument too long");
486 if (which
>= args
->num
)
487 fatal("replacearg: tried to replace invalid arg %d >= %d",
489 xfree(args
->list
[which
]);
490 args
->list
[which
] = cp
;
494 freeargs(arglist
*args
)
498 if (args
->list
!= NULL
) {
499 for (i
= 0; i
< args
->num
; i
++)
500 xfree(args
->list
[i
]);
502 args
->nalloc
= args
->num
= 0;
508 * Expands tildes in the file name. Returns data allocated by xmalloc.
509 * Warning: this calls getpw*.
512 tilde_expand_filename(const char *filename
, uid_t uid
)
515 char user
[128], ret
[MAXPATHLEN
];
519 if (*filename
!= '~')
520 return (xstrdup(filename
));
523 path
= strchr(filename
, '/');
524 if (path
!= NULL
&& path
> filename
) { /* ~user/path */
525 slash
= path
- filename
;
526 if (slash
> sizeof(user
) - 1)
527 fatal("tilde_expand_filename: ~username too long");
528 memcpy(user
, filename
, slash
);
530 if ((pw
= getpwnam(user
)) == NULL
)
531 fatal("tilde_expand_filename: No such user %s", user
);
532 } else if ((pw
= getpwuid(uid
)) == NULL
) /* ~/path */
533 fatal("tilde_expand_filename: No such uid %ld", (long)uid
);
535 if (strlcpy(ret
, pw
->pw_dir
, sizeof(ret
)) >= sizeof(ret
))
536 fatal("tilde_expand_filename: Path too long");
538 /* Make sure directory has a trailing '/' */
539 len
= strlen(pw
->pw_dir
);
540 if ((len
== 0 || pw
->pw_dir
[len
- 1] != '/') &&
541 strlcat(ret
, "/", sizeof(ret
)) >= sizeof(ret
))
542 fatal("tilde_expand_filename: Path too long");
544 /* Skip leading '/' from specified path */
547 if (strlcat(ret
, filename
, sizeof(ret
)) >= sizeof(ret
))
548 fatal("tilde_expand_filename: Path too long");
550 return (xstrdup(ret
));
554 * Expand a string with a set of %[char] escapes. A number of escapes may be
555 * specified as (char *escape_chars, char *replacement) pairs. The list must
556 * be terminated by a NULL escape_char. Returns replaced string in memory
557 * allocated by xmalloc.
560 percent_expand(const char *string
, ...)
562 #define EXPAND_MAX_KEYS 16
566 } keys
[EXPAND_MAX_KEYS
];
567 u_int num_keys
, i
, j
;
572 va_start(ap
, string
);
573 for (num_keys
= 0; num_keys
< EXPAND_MAX_KEYS
; num_keys
++) {
574 keys
[num_keys
].key
= va_arg(ap
, char *);
575 if (keys
[num_keys
].key
== NULL
)
577 keys
[num_keys
].repl
= va_arg(ap
, char *);
578 if (keys
[num_keys
].repl
== NULL
)
579 fatal("percent_expand: NULL replacement");
583 if (num_keys
>= EXPAND_MAX_KEYS
)
584 fatal("percent_expand: too many keys");
588 for (i
= 0; *string
!= '\0'; string
++) {
589 if (*string
!= '%') {
592 if (i
>= sizeof(buf
))
593 fatal("percent_expand: string too long");
600 for (j
= 0; j
< num_keys
; j
++) {
601 if (strchr(keys
[j
].key
, *string
) != NULL
) {
602 i
= strlcat(buf
, keys
[j
].repl
, sizeof(buf
));
603 if (i
>= sizeof(buf
))
604 fatal("percent_expand: string too long");
609 fatal("percent_expand: unknown key %%%c", *string
);
611 return (xstrdup(buf
));
612 #undef EXPAND_MAX_KEYS
616 * Read an entire line from a public key file into a static buffer, discarding
617 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
620 read_keyfile_line(FILE *f
, const char *filename
, char *buf
, size_t bufsz
,
623 while (fgets(buf
, bufsz
, f
) != NULL
) {
627 if (buf
[strlen(buf
) - 1] == '\n' || feof(f
)) {
630 debug("%s: %s line %lu exceeds size limit", __func__
,
632 /* discard remainder of line */
633 while (fgetc(f
) != '\n' && !feof(f
))
641 tun_open(int tun
, int mode
)
643 #if defined(CUSTOM_SYS_TUN_OPEN)
644 return (sys_tun_open(tun
, mode
));
645 #elif defined(SSH_TUN_OPENBSD)
650 /* Open the tunnel device */
651 if (tun
<= SSH_TUNID_MAX
) {
652 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
653 fd
= open(name
, O_RDWR
);
654 } else if (tun
== SSH_TUNID_ANY
) {
655 for (tun
= 100; tun
>= 0; tun
--) {
656 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
657 if ((fd
= open(name
, O_RDWR
)) >= 0)
661 debug("%s: invalid tunnel %u", __func__
, tun
);
666 debug("%s: %s open failed: %s", __func__
, name
, strerror(errno
));
670 debug("%s: %s mode %d fd %d", __func__
, name
, mode
, fd
);
672 /* Set the tunnel device operation mode */
673 snprintf(ifr
.ifr_name
, sizeof(ifr
.ifr_name
), "tun%d", tun
);
674 if ((sock
= socket(PF_UNIX
, SOCK_STREAM
, 0)) == -1)
677 if (ioctl(sock
, SIOCGIFFLAGS
, &ifr
) == -1)
680 /* Set interface mode */
681 ifr
.ifr_flags
&= ~IFF_UP
;
682 if (mode
== SSH_TUNMODE_ETHERNET
)
683 ifr
.ifr_flags
|= IFF_LINK0
;
685 ifr
.ifr_flags
&= ~IFF_LINK0
;
686 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
689 /* Bring interface up */
690 ifr
.ifr_flags
|= IFF_UP
;
691 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
702 debug("%s: failed to set %s mode %d: %s", __func__
, name
,
703 mode
, strerror(errno
));
706 error("Tunnel interfaces are not supported on this platform");
716 if ((nullfd
= dupfd
= open(_PATH_DEVNULL
, O_RDWR
)) == -1) {
717 fprintf(stderr
, "Couldn't open /dev/null: %s\n",
721 while (++dupfd
<= 2) {
722 /* Only clobber closed fds */
723 if (fcntl(dupfd
, F_GETFL
, 0) >= 0)
725 if (dup2(nullfd
, dupfd
) == -1) {
726 fprintf(stderr
, "dup2: %s\n", strerror(errno
));
735 tohex(const void *vp
, size_t l
)
737 const u_char
*p
= (const u_char
*)vp
;
742 return xstrdup("tohex: length > 65536");
746 for (i
= 0; i
< l
; i
++) {
747 snprintf(b
, sizeof(b
), "%02x", p
[i
]);
754 get_u64(const void *vp
)
756 const u_char
*p
= (const u_char
*)vp
;
759 v
= (u_int64_t
)p
[0] << 56;
760 v
|= (u_int64_t
)p
[1] << 48;
761 v
|= (u_int64_t
)p
[2] << 40;
762 v
|= (u_int64_t
)p
[3] << 32;
763 v
|= (u_int64_t
)p
[4] << 24;
764 v
|= (u_int64_t
)p
[5] << 16;
765 v
|= (u_int64_t
)p
[6] << 8;
766 v
|= (u_int64_t
)p
[7];
772 get_u32(const void *vp
)
774 const u_char
*p
= (const u_char
*)vp
;
777 v
= (u_int32_t
)p
[0] << 24;
778 v
|= (u_int32_t
)p
[1] << 16;
779 v
|= (u_int32_t
)p
[2] << 8;
780 v
|= (u_int32_t
)p
[3];
786 get_u16(const void *vp
)
788 const u_char
*p
= (const u_char
*)vp
;
791 v
= (u_int16_t
)p
[0] << 8;
792 v
|= (u_int16_t
)p
[1];
798 put_u64(void *vp
, u_int64_t v
)
800 u_char
*p
= (u_char
*)vp
;
802 p
[0] = (u_char
)(v
>> 56) & 0xff;
803 p
[1] = (u_char
)(v
>> 48) & 0xff;
804 p
[2] = (u_char
)(v
>> 40) & 0xff;
805 p
[3] = (u_char
)(v
>> 32) & 0xff;
806 p
[4] = (u_char
)(v
>> 24) & 0xff;
807 p
[5] = (u_char
)(v
>> 16) & 0xff;
808 p
[6] = (u_char
)(v
>> 8) & 0xff;
809 p
[7] = (u_char
)v
& 0xff;
813 put_u32(void *vp
, u_int32_t v
)
815 u_char
*p
= (u_char
*)vp
;
817 p
[0] = (u_char
)(v
>> 24) & 0xff;
818 p
[1] = (u_char
)(v
>> 16) & 0xff;
819 p
[2] = (u_char
)(v
>> 8) & 0xff;
820 p
[3] = (u_char
)v
& 0xff;
825 put_u16(void *vp
, u_int16_t v
)
827 u_char
*p
= (u_char
*)vp
;
829 p
[0] = (u_char
)(v
>> 8) & 0xff;
830 p
[1] = (u_char
)v
& 0xff;
834 ms_subtract_diff(struct timeval
*start
, int *ms
)
836 struct timeval diff
, finish
;
838 gettimeofday(&finish
, NULL
);
839 timersub(&finish
, start
, &diff
);
840 *ms
-= (diff
.tv_sec
* 1000) + (diff
.tv_usec
/ 1000);
844 ms_to_timeval(struct timeval
*tv
, int ms
)
848 tv
->tv_sec
= ms
/ 1000;
849 tv
->tv_usec
= (ms
% 1000) * 1000;