1 /* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */
3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #include <sys/types.h>
30 #include <sys/ioctl.h>
31 #include <sys/socket.h>
32 #include <sys/param.h>
40 #include <netinet/in.h>
41 #include <netinet/tcp.h>
49 #ifdef SSH_TUN_OPENBSD
58 /* remove newline at end of string */
64 if (*t
== '\n' || *t
== '\r') {
74 /* set/unset filedescriptor to non-blocking */
80 val
= fcntl(fd
, F_GETFL
, 0);
82 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
85 if (val
& O_NONBLOCK
) {
86 debug3("fd %d is O_NONBLOCK", fd
);
89 debug2("fd %d setting O_NONBLOCK", fd
);
91 if (fcntl(fd
, F_SETFL
, val
) == -1) {
92 debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd
,
100 unset_nonblock(int fd
)
104 val
= fcntl(fd
, F_GETFL
, 0);
106 error("fcntl(%d, F_GETFL, 0): %s", fd
, strerror(errno
));
109 if (!(val
& O_NONBLOCK
)) {
110 debug3("fd %d is not O_NONBLOCK", fd
);
113 debug("fd %d clearing O_NONBLOCK", fd
);
115 if (fcntl(fd
, F_SETFL
, val
) == -1) {
116 debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
117 fd
, strerror(errno
));
123 /* disable nagle on socket */
131 if (getsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, &optlen
) == -1) {
132 debug("getsockopt TCP_NODELAY: %.100s", strerror(errno
));
136 debug2("fd %d is TCP_NODELAY", fd
);
140 debug2("fd %d setting TCP_NODELAY", fd
);
141 if (setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, &opt
, sizeof opt
) == -1)
142 error("setsockopt TCP_NODELAY: %.100s", strerror(errno
));
145 /* Characters considered whitespace in strsep calls. */
146 #define WHITESPACE " \t\r\n"
149 /* return next token in configuration line */
161 *s
= strpbrk(*s
, WHITESPACE QUOTE
"=");
166 memmove(*s
, *s
+ 1, strlen(*s
)); /* move nul too */
167 /* Find matching quote */
168 if ((*s
= strpbrk(*s
, QUOTE
)) == NULL
) {
169 return (NULL
); /* no matching quote */
176 /* Allow only one '=' to be skipped */
181 /* Skip any extra whitespace after first token */
182 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
183 if (*s
[0] == '=' && !wspace
)
184 *s
+= strspn(*s
+ 1, WHITESPACE
) + 1;
190 pwcopy(struct passwd
*pw
)
192 struct passwd
*copy
= xcalloc(1, sizeof(*copy
));
194 copy
->pw_name
= xstrdup(pw
->pw_name
);
195 copy
->pw_passwd
= xstrdup(pw
->pw_passwd
);
196 copy
->pw_gecos
= xstrdup(pw
->pw_gecos
);
197 copy
->pw_uid
= pw
->pw_uid
;
198 copy
->pw_gid
= pw
->pw_gid
;
199 #ifdef HAVE_PW_EXPIRE_IN_PASSWD
200 copy
->pw_expire
= pw
->pw_expire
;
202 #ifdef HAVE_PW_CHANGE_IN_PASSWD
203 copy
->pw_change
= pw
->pw_change
;
205 #ifdef HAVE_PW_CLASS_IN_PASSWD
206 copy
->pw_class
= xstrdup(pw
->pw_class
);
208 copy
->pw_dir
= xstrdup(pw
->pw_dir
);
209 copy
->pw_shell
= xstrdup(pw
->pw_shell
);
214 * Convert ASCII string to TCP/IP port number.
215 * Port must be >0 and <=65535.
216 * Return 0 if invalid.
219 a2port(const char *s
)
225 port
= strtol(s
, &endp
, 0);
226 if (s
== endp
|| *endp
!= '\0' ||
227 (errno
== ERANGE
&& (port
== LONG_MIN
|| port
== LONG_MAX
)) ||
228 port
<= 0 || port
> 65535)
235 a2tun(const char *s
, int *remote
)
237 const char *errstr
= NULL
;
241 if (remote
!= NULL
) {
242 *remote
= SSH_TUNID_ANY
;
244 if ((ep
= strchr(sp
, ':')) == NULL
) {
246 return (a2tun(s
, NULL
));
249 *remote
= a2tun(ep
, NULL
);
250 tun
= a2tun(sp
, NULL
);
252 return (*remote
== SSH_TUNID_ERR
? *remote
: tun
);
255 if (strcasecmp(s
, "any") == 0)
256 return (SSH_TUNID_ANY
);
258 tun
= strtonum(s
, 0, SSH_TUNID_MAX
, &errstr
);
260 return (SSH_TUNID_ERR
);
266 #define MINUTES (SECONDS * 60)
267 #define HOURS (MINUTES * 60)
268 #define DAYS (HOURS * 24)
269 #define WEEKS (DAYS * 7)
272 * Convert a time string into seconds; format is
276 * Valid time qualifiers are:
290 * Return -1 if time string is invalid.
293 convtime(const char *s
)
303 if (p
== NULL
|| *p
== '\0')
307 secs
= strtol(p
, &endp
, 10);
309 (errno
== ERANGE
&& (secs
== LONG_MIN
|| secs
== LONG_MAX
)) ||
349 * Returns a standardized host+port identifier string.
350 * Caller must free returned string.
353 put_host_port(const char *host
, u_short port
)
357 if (port
== 0 || port
== SSH_DEFAULT_PORT
)
358 return(xstrdup(host
));
359 if (asprintf(&hoststr
, "[%s]:%d", host
, (int)port
) < 0)
360 fatal("put_host_port: asprintf: %s", strerror(errno
));
361 debug3("put_host_port: %s", hoststr
);
366 * Search for next delimiter between hostnames/addresses and ports.
367 * Argument may be modified (for termination).
368 * Returns *cp if parsing succeeds.
369 * *cp is set to the start of the next delimiter, if one was found.
370 * If this is the last field, *cp is set to NULL.
377 if (cp
== NULL
|| *cp
== NULL
)
382 if ((s
= strchr(s
, ']')) == NULL
)
386 } else if ((s
= strpbrk(s
, ":/")) == NULL
)
387 s
= *cp
+ strlen(*cp
); /* skip to end (see first case below) */
391 *cp
= NULL
; /* no more fields*/
396 *s
= '\0'; /* terminate */
408 cleanhostname(char *host
)
410 if (*host
== '[' && host
[strlen(host
) - 1] == ']') {
411 host
[strlen(host
) - 1] = '\0';
422 if (*cp
== ':') /* Leading colon is part of file name. */
428 if (*cp
== '@' && *(cp
+1) == '[')
430 if (*cp
== ']' && *(cp
+1) == ':' && flag
)
432 if (*cp
== ':' && !flag
)
440 /* function to assist building execv() arguments */
442 addargs(arglist
*args
, char *fmt
, ...)
450 r
= vasprintf(&cp
, fmt
, ap
);
453 fatal("addargs: argument too long");
455 nalloc
= args
->nalloc
;
456 if (args
->list
== NULL
) {
459 } else if (args
->num
+2 >= nalloc
)
462 args
->list
= xrealloc(args
->list
, nalloc
, sizeof(char *));
463 args
->nalloc
= nalloc
;
464 args
->list
[args
->num
++] = cp
;
465 args
->list
[args
->num
] = NULL
;
469 replacearg(arglist
*args
, u_int which
, char *fmt
, ...)
476 r
= vasprintf(&cp
, fmt
, ap
);
479 fatal("replacearg: argument too long");
481 if (which
>= args
->num
)
482 fatal("replacearg: tried to replace invalid arg %d >= %d",
484 xfree(args
->list
[which
]);
485 args
->list
[which
] = cp
;
489 freeargs(arglist
*args
)
493 if (args
->list
!= NULL
) {
494 for (i
= 0; i
< args
->num
; i
++)
495 xfree(args
->list
[i
]);
497 args
->nalloc
= args
->num
= 0;
503 * Expands tildes in the file name. Returns data allocated by xmalloc.
504 * Warning: this calls getpw*.
507 tilde_expand_filename(const char *filename
, uid_t uid
)
510 char user
[128], ret
[MAXPATHLEN
];
514 if (*filename
!= '~')
515 return (xstrdup(filename
));
518 path
= strchr(filename
, '/');
519 if (path
!= NULL
&& path
> filename
) { /* ~user/path */
520 slash
= path
- filename
;
521 if (slash
> sizeof(user
) - 1)
522 fatal("tilde_expand_filename: ~username too long");
523 memcpy(user
, filename
, slash
);
525 if ((pw
= getpwnam(user
)) == NULL
)
526 fatal("tilde_expand_filename: No such user %s", user
);
527 } else if ((pw
= getpwuid(uid
)) == NULL
) /* ~/path */
528 fatal("tilde_expand_filename: No such uid %d", uid
);
530 if (strlcpy(ret
, pw
->pw_dir
, sizeof(ret
)) >= sizeof(ret
))
531 fatal("tilde_expand_filename: Path too long");
533 /* Make sure directory has a trailing '/' */
534 len
= strlen(pw
->pw_dir
);
535 if ((len
== 0 || pw
->pw_dir
[len
- 1] != '/') &&
536 strlcat(ret
, "/", sizeof(ret
)) >= sizeof(ret
))
537 fatal("tilde_expand_filename: Path too long");
539 /* Skip leading '/' from specified path */
542 if (strlcat(ret
, filename
, sizeof(ret
)) >= sizeof(ret
))
543 fatal("tilde_expand_filename: Path too long");
545 return (xstrdup(ret
));
549 * Expand a string with a set of %[char] escapes. A number of escapes may be
550 * specified as (char *escape_chars, char *replacement) pairs. The list must
551 * be terminated by a NULL escape_char. Returns replaced string in memory
552 * allocated by xmalloc.
555 percent_expand(const char *string
, ...)
557 #define EXPAND_MAX_KEYS 16
561 } keys
[EXPAND_MAX_KEYS
];
562 u_int num_keys
, i
, j
;
567 va_start(ap
, string
);
568 for (num_keys
= 0; num_keys
< EXPAND_MAX_KEYS
; num_keys
++) {
569 keys
[num_keys
].key
= va_arg(ap
, char *);
570 if (keys
[num_keys
].key
== NULL
)
572 keys
[num_keys
].repl
= va_arg(ap
, char *);
573 if (keys
[num_keys
].repl
== NULL
)
574 fatal("percent_expand: NULL replacement");
578 if (num_keys
>= EXPAND_MAX_KEYS
)
579 fatal("percent_expand: too many keys");
583 for (i
= 0; *string
!= '\0'; string
++) {
584 if (*string
!= '%') {
587 if (i
>= sizeof(buf
))
588 fatal("percent_expand: string too long");
595 for (j
= 0; j
< num_keys
; j
++) {
596 if (strchr(keys
[j
].key
, *string
) != NULL
) {
597 i
= strlcat(buf
, keys
[j
].repl
, sizeof(buf
));
598 if (i
>= sizeof(buf
))
599 fatal("percent_expand: string too long");
604 fatal("percent_expand: unknown key %%%c", *string
);
606 return (xstrdup(buf
));
607 #undef EXPAND_MAX_KEYS
611 * Read an entire line from a public key file into a static buffer, discarding
612 * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
615 read_keyfile_line(FILE *f
, const char *filename
, char *buf
, size_t bufsz
,
618 while (fgets(buf
, bufsz
, f
) != NULL
) {
620 if (buf
[strlen(buf
) - 1] == '\n' || feof(f
)) {
623 debug("%s: %s line %lu exceeds size limit", __func__
,
625 /* discard remainder of line */
626 while (fgetc(f
) != '\n' && !feof(f
))
634 tun_open(int tun
, int mode
)
636 #if defined(CUSTOM_SYS_TUN_OPEN)
637 return (sys_tun_open(tun
, mode
));
638 #elif defined(SSH_TUN_OPENBSD)
643 /* Open the tunnel device */
644 if (tun
<= SSH_TUNID_MAX
) {
645 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
646 fd
= open(name
, O_RDWR
);
647 } else if (tun
== SSH_TUNID_ANY
) {
648 for (tun
= 100; tun
>= 0; tun
--) {
649 snprintf(name
, sizeof(name
), "/dev/tun%d", tun
);
650 if ((fd
= open(name
, O_RDWR
)) >= 0)
654 debug("%s: invalid tunnel %u", __func__
, tun
);
659 debug("%s: %s open failed: %s", __func__
, name
, strerror(errno
));
663 debug("%s: %s mode %d fd %d", __func__
, name
, mode
, fd
);
665 /* Set the tunnel device operation mode */
666 snprintf(ifr
.ifr_name
, sizeof(ifr
.ifr_name
), "tun%d", tun
);
667 if ((sock
= socket(PF_UNIX
, SOCK_STREAM
, 0)) == -1)
670 if (ioctl(sock
, SIOCGIFFLAGS
, &ifr
) == -1)
673 /* Set interface mode */
674 ifr
.ifr_flags
&= ~IFF_UP
;
675 if (mode
== SSH_TUNMODE_ETHERNET
)
676 ifr
.ifr_flags
|= IFF_LINK0
;
678 ifr
.ifr_flags
&= ~IFF_LINK0
;
679 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
682 /* Bring interface up */
683 ifr
.ifr_flags
|= IFF_UP
;
684 if (ioctl(sock
, SIOCSIFFLAGS
, &ifr
) == -1)
695 debug("%s: failed to set %s mode %d: %s", __func__
, name
,
696 mode
, strerror(errno
));
699 error("Tunnel interfaces are not supported on this platform");
709 if ((nullfd
= dupfd
= open(_PATH_DEVNULL
, O_RDWR
)) == -1) {
710 fprintf(stderr
, "Couldn't open /dev/null: %s", strerror(errno
));
713 while (++dupfd
<= 2) {
714 /* Only clobber closed fds */
715 if (fcntl(dupfd
, F_GETFL
, 0) >= 0)
717 if (dup2(nullfd
, dupfd
) == -1) {
718 fprintf(stderr
, "dup2: %s", strerror(errno
));
727 tohex(const void *vp
, size_t l
)
729 const u_char
*p
= (const u_char
*)vp
;
734 return xstrdup("tohex: length > 65536");
738 for (i
= 0; i
< l
; i
++) {
739 snprintf(b
, sizeof(b
), "%02x", p
[i
]);
746 get_u64(const void *vp
)
748 const u_char
*p
= (const u_char
*)vp
;
751 v
= (u_int64_t
)p
[0] << 56;
752 v
|= (u_int64_t
)p
[1] << 48;
753 v
|= (u_int64_t
)p
[2] << 40;
754 v
|= (u_int64_t
)p
[3] << 32;
755 v
|= (u_int64_t
)p
[4] << 24;
756 v
|= (u_int64_t
)p
[5] << 16;
757 v
|= (u_int64_t
)p
[6] << 8;
758 v
|= (u_int64_t
)p
[7];
764 get_u32(const void *vp
)
766 const u_char
*p
= (const u_char
*)vp
;
769 v
= (u_int32_t
)p
[0] << 24;
770 v
|= (u_int32_t
)p
[1] << 16;
771 v
|= (u_int32_t
)p
[2] << 8;
772 v
|= (u_int32_t
)p
[3];
778 get_u16(const void *vp
)
780 const u_char
*p
= (const u_char
*)vp
;
783 v
= (u_int16_t
)p
[0] << 8;
784 v
|= (u_int16_t
)p
[1];
790 put_u64(void *vp
, u_int64_t v
)
792 u_char
*p
= (u_char
*)vp
;
794 p
[0] = (u_char
)(v
>> 56) & 0xff;
795 p
[1] = (u_char
)(v
>> 48) & 0xff;
796 p
[2] = (u_char
)(v
>> 40) & 0xff;
797 p
[3] = (u_char
)(v
>> 32) & 0xff;
798 p
[4] = (u_char
)(v
>> 24) & 0xff;
799 p
[5] = (u_char
)(v
>> 16) & 0xff;
800 p
[6] = (u_char
)(v
>> 8) & 0xff;
801 p
[7] = (u_char
)v
& 0xff;
805 put_u32(void *vp
, u_int32_t v
)
807 u_char
*p
= (u_char
*)vp
;
809 p
[0] = (u_char
)(v
>> 24) & 0xff;
810 p
[1] = (u_char
)(v
>> 16) & 0xff;
811 p
[2] = (u_char
)(v
>> 8) & 0xff;
812 p
[3] = (u_char
)v
& 0xff;
817 put_u16(void *vp
, u_int16_t v
)
819 u_char
*p
= (u_char
*)vp
;
821 p
[0] = (u_char
)(v
>> 8) & 0xff;
822 p
[1] = (u_char
)v
& 0xff;