/* Load processes using zone-aware ps * to obtain solaris list of global * process ids for root and non-root * users to lookup later */ int ZLoadProcesstable(Seq *pidlist, Seq *rootpidlist) { char *names[CF_PROCCOLS]; int start[CF_PROCCOLS]; int end[CF_PROCCOLS]; int index = 0; const char *pscmd = "/usr/bin/ps -Aleo zone,user,pid"; FILE *psf = cf_popen(pscmd, "r", false); if (psf == NULL) { Log(LOG_LEVEL_ERR, "ZLoadProcesstable: Couldn't open the process list with command %s.", pscmd); return false; } size_t pbuff_size = CF_BUFSIZE; char *pbuff = xmalloc(pbuff_size); while (true) { ssize_t res = CfReadLine(&pbuff, &pbuff_size, psf); if (res == -1) { if (!feof(psf)) { Log(LOG_LEVEL_ERR, "IsGlobalProcess(char **, int): Unable to read process list with command '%s'. (fread: %s)", pscmd, GetErrorStr()); cf_pclose(psf); free(pbuff); return false; } else { break; } } Chop(pbuff, pbuff_size); if (strstr(pbuff, "PID")) /* This line is the header. */ { GetProcessColumnNames(pbuff, &names[0], start, end); } else { int pid = ExtractPid(pbuff, &names[0], end); size_t zone_offset = strspn(pbuff, " "); size_t zone_end_offset = strcspn(pbuff + zone_offset, " ") + zone_offset; size_t user_offset = strspn(pbuff + zone_end_offset, " ") + zone_end_offset; size_t user_end_offset = strcspn(pbuff + user_offset, " ") + user_offset; bool is_global = (zone_end_offset - zone_offset == 6 && strncmp(pbuff + zone_offset, "global", 6) == 0); bool is_root = (user_end_offset - user_offset == 4 && strncmp(pbuff + user_offset, "root", 4) == 0); if (is_global && is_root) { SeqAppend(rootpidlist, (void*)(intptr_t)pid); } else if (is_global && !is_root) { SeqAppend(pidlist, (void*)(intptr_t)pid); } } } cf_pclose(psf); free(pbuff); return true; }
static void read_cf(void) { char tmp[0x100], lv[0x20], rv[0x20]; struct conf_item *ci = NULL; FILE *fd; size_t len; int lnum, found, v_int; char *lp, *conv_err; bool file_needs_update = false; char *cfname = get_confname(); if (access(cfname, F_OK) != 0) goto done; fd = fopen(cfname, "r"); if (fd == NULL) err_sys("can not read configuration file '%s'", cfname); for (lnum = 1; fgets(tmp, sizeof(tmp), fd); lnum++) { lp = tmp + strspn(tmp, " "); if (*lp == '#' || *lp == '\n') continue; len = strcspn(lp, " ="); if (len > sizeof(lv)) err_quit("parse error in %s, line %d: identifier too long", cfname, lnum); strncpy(lv, lp, len); lv[len] = '\0'; lp += len; ll_reset(conf_items); for (found = 0; !found && (ci = ll_getall(conf_items)); ) found = (ci->type != t_sep && ci->type != t_func && strcasecmp(ci->cfname, lv) == 0); if (!found) { err_msg("%s, line %d: ignoring unknown identifier '%s'", cfname, lnum, lv); file_needs_update = true; continue; } lp += strspn(lp, " "); if (*lp++ != '=') err_quit("parse error in %s, line %d: missing '=' operator in assignment", cfname, lnum); lp += strspn(lp, " "); len = strcspn(lp, " \n"); if (len > sizeof(rv)) err_quit("parse error in %s, line %d: argument too long", cfname, lnum); else if (*lp == '\n') err_quit("parse error in %s, line %d: argument expected", cfname, lnum); strncpy(rv, lp, len); rv[len] = '\0'; switch (ci->type) { case t_int: v_int = strtol(rv, &conv_err, 10); if (*conv_err != '\0') { err_quit("parse error in %s, line %d: integer value expected, '%s' found instead", cfname, lnum, rv); } else if (v_int > ci->max) { err_msg("%s, line %d: value exceeds maximum of %d - using maximum", cfname, lnum, (int)ci->max); *ci->v.i = ci->max; file_needs_update = true; } else if (v_int < ci->min) { err_msg("%s, line %d: value is below minimum of %d - using minimum", cfname, lnum, (int)ci->min); *ci->v.i = ci->min; file_needs_update = true; } else { *ci->v.i = v_int; } break; case t_list: assert(ci->list != NULL); if (!argv_count(ci->list)) err_quit("no usable %s candidates available for '%s'", ci->name, rv); v_int = argv_find(ci->list, rv); if (v_int < 0) { err_msg("%s, line %d: '%s = %s' is not valid - using defaults", cfname, lnum, lv, rv); file_needs_update = true; } else { *ci->v.i = v_int; } case t_sep: case t_func: break; } } fclose(fd); done: free(cfname); if (file_needs_update) { write_cf(); } }
U32 dStrspn(const char *str, const char *set) { return(strspn(str, set)); }
/* drops privileges */ int drop_privileges(char *user, char *group){ uid_t uid=-1; gid_t gid=-1; struct group *grp; struct passwd *pw; /* set effective group ID */ if(group!=NULL){ /* see if this is a group name */ if(strspn(group,"0123456789")<strlen(group)){ grp=(struct group *)getgrnam(group); if(grp!=NULL) gid=(gid_t)(grp->gr_gid); else syslog(LOG_ERR,"Warning: Could not get group entry for '%s'",group); endgrent(); } /* else we were passed the GID */ else gid=(gid_t)atoi(group); /* set effective group ID if other than current EGID */ if(gid!=getegid()){ if(setgid(gid)==-1) syslog(LOG_ERR,"Warning: Could not set effective GID=%d",(int)gid); } } /* set effective user ID */ if(user!=NULL){ /* see if this is a user name */ if(strspn(user,"0123456789")<strlen(user)){ pw=(struct passwd *)getpwnam(user); if(pw!=NULL) uid=(uid_t)(pw->pw_uid); else syslog(LOG_ERR,"Warning: Could not get passwd entry for '%s'",user); endpwent(); } /* else we were passed the UID */ else uid=(uid_t)atoi(user); /* set effective user ID if other than current EUID */ if(uid!=geteuid()){ #ifdef HAVE_INITGROUPS /* initialize supplementary groups */ if(initgroups(user,gid)==-1){ if(errno==EPERM) syslog(LOG_ERR,"Warning: Unable to change supplementary groups using initgroups()"); else{ syslog(LOG_ERR,"Warning: Possibly root user failed dropping privileges with initgroups()"); return ERROR; } } #endif if(setuid(uid)==-1) syslog(LOG_ERR,"Warning: Could not set effective UID=%d",(int)uid); } } return OK; }
int process_server_config_line(ServerOptions *options, char *line, const char *filename, int linenum, int *activep, const char *user, const char *host, const char *address) { char *cp, **charptr, *arg, *p; int cmdline = 0, *intptr, value, n; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; ServerOpCodes opcode; u_short port; u_int i, flags = 0; size_t len; cp = line; if ((arg = strdelim(&cp)) == NULL) return 0; /* Ignore leading whitespace */ if (*arg == '\0') arg = strdelim(&cp); if (!arg || !*arg || *arg == '#') return 0; intptr = NULL; charptr = NULL; opcode = parse_token(arg, filename, linenum, &flags); if (activep == NULL) { /* We are processing a command line directive */ cmdline = 1; activep = &cmdline; } if (*activep && opcode != sMatch) debug3("%s:%d setting %s %s", filename, linenum, arg, cp); if (*activep == 0 && !(flags & SSHCFG_MATCH)) { if (user == NULL) { fatal("%s line %d: Directive '%s' is not allowed " "within a Match block", filename, linenum, arg); } else { /* this is a directive we have already processed */ while (arg) arg = strdelim(&cp); return 0; } } switch (opcode) { /* Portable-specific options */ case sUsePAM: intptr = &options->use_pam; goto parse_flag; /* Standard Options */ case sBadOption: return -1; case sPort: /* ignore ports from configfile if cmdline specifies ports */ if (options->ports_from_cmdline) return 0; if (options->listen_addrs != NULL) fatal("%s line %d: ports must be specified before " "ListenAddress.", filename, linenum); if (options->num_ports >= MAX_PORTS) fatal("%s line %d: too many ports.", filename, linenum); arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing port number.", filename, linenum); options->ports[options->num_ports++] = a2port(arg); if (options->ports[options->num_ports-1] == 0) fatal("%s line %d: Badly formatted port number.", filename, linenum); break; case sServerKeyBits: intptr = &options->server_key_bits; parse_int: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing integer value.", filename, linenum); value = atoi(arg); if (*activep && *intptr == -1) *intptr = value; break; case sLoginGraceTime: intptr = &options->login_grace_time; parse_time: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing time value.", filename, linenum); if ((value = convtime(arg)) == -1) fatal("%s line %d: invalid time value.", filename, linenum); if (*intptr == -1) *intptr = value; break; case sKeyRegenerationTime: intptr = &options->key_regeneration_time; goto parse_time; case sListenAddress: arg = strdelim(&cp); if (arg == NULL || *arg == '\0') fatal("%s line %d: missing address", filename, linenum); /* check for bare IPv6 address: no "[]" and 2 or more ":" */ if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL && strchr(p+1, ':') != NULL) { add_listen_addr(options, arg, 0); break; } p = hpdelim(&arg); if (p == NULL) fatal("%s line %d: bad address:port usage", filename, linenum); p = cleanhostname(p); if (arg == NULL) port = 0; else if ((port = a2port(arg)) == 0) fatal("%s line %d: bad port number", filename, linenum); add_listen_addr(options, p, port); break; case sAddressFamily: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing address family.", filename, linenum); intptr = &options->address_family; if (options->listen_addrs != NULL) fatal("%s line %d: address family must be specified before " "ListenAddress.", filename, linenum); if (strcasecmp(arg, "inet") == 0) value = AF_INET; else if (strcasecmp(arg, "inet6") == 0) value = AF_INET6; else if (strcasecmp(arg, "any") == 0) value = AF_UNSPEC; else fatal("%s line %d: unsupported address family \"%s\".", filename, linenum, arg); if (*intptr == -1) *intptr = value; break; case sHostKeyFile: intptr = &options->num_host_key_files; if (*intptr >= MAX_HOSTKEYS) fatal("%s line %d: too many host keys specified (max %d).", filename, linenum, MAX_HOSTKEYS); charptr = &options->host_key_files[*intptr]; parse_filename: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing file name.", filename, linenum); if (*activep && *charptr == NULL) { *charptr = tilde_expand_filename(arg, getuid()); /* increase optional counter */ if (intptr != NULL) *intptr = *intptr + 1; } break; case sPidFile: charptr = &options->pid_file; goto parse_filename; case sPermitRootLogin: intptr = &options->permit_root_login; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing yes/" "without-password/forced-commands-only/no " "argument.", filename, linenum); value = 0; /* silence compiler */ if (strcmp(arg, "without-password") == 0) value = PERMIT_NO_PASSWD; else if (strcmp(arg, "forced-commands-only") == 0) value = PERMIT_FORCED_ONLY; else if (strcmp(arg, "yes") == 0) value = PERMIT_YES; else if (strcmp(arg, "no") == 0) value = PERMIT_NO; else fatal("%s line %d: Bad yes/" "without-password/forced-commands-only/no " "argument: %s", filename, linenum, arg); if (*activep && *intptr == -1) *intptr = value; break; case sIgnoreRhosts: intptr = &options->ignore_rhosts; parse_flag: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing yes/no argument.", filename, linenum); value = 0; /* silence compiler */ if (strcmp(arg, "yes") == 0) value = 1; else if (strcmp(arg, "no") == 0) value = 0; else fatal("%s line %d: Bad yes/no argument: %s", filename, linenum, arg); if (*activep && *intptr == -1) *intptr = value; break; case sIgnoreUserKnownHosts: intptr = &options->ignore_user_known_hosts; goto parse_flag; case sRhostsRSAAuthentication: intptr = &options->rhosts_rsa_authentication; goto parse_flag; case sHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; case sHostbasedUsesNameFromPacketOnly: intptr = &options->hostbased_uses_name_from_packet_only; goto parse_flag; case sRSAAuthentication: intptr = &options->rsa_authentication; goto parse_flag; case sPubkeyAuthentication: intptr = &options->pubkey_authentication; goto parse_flag; case sKerberosAuthentication: intptr = &options->kerberos_authentication; goto parse_flag; case sKerberosOrLocalPasswd: intptr = &options->kerberos_or_local_passwd; goto parse_flag; case sKerberosTicketCleanup: intptr = &options->kerberos_ticket_cleanup; goto parse_flag; case sKerberosGetAFSToken: intptr = &options->kerberos_get_afs_token; goto parse_flag; case sGssAuthentication: intptr = &options->gss_authentication; goto parse_flag; case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; case sKbdInteractiveAuthentication: intptr = &options->kbd_interactive_authentication; goto parse_flag; case sChallengeResponseAuthentication: intptr = &options->challenge_response_authentication; goto parse_flag; case sPrintMotd: intptr = &options->print_motd; goto parse_flag; case sPrintLastLog: intptr = &options->print_lastlog; goto parse_flag; case sX11Forwarding: intptr = &options->x11_forwarding; goto parse_flag; case sX11DisplayOffset: intptr = &options->x11_display_offset; goto parse_int; case sX11UseLocalhost: intptr = &options->x11_use_localhost; goto parse_flag; case sXAuthLocation: charptr = &options->xauth_location; goto parse_filename; case sStrictModes: intptr = &options->strict_modes; goto parse_flag; case sTCPKeepAlive: intptr = &options->tcp_keep_alive; goto parse_flag; case sEmptyPasswd: intptr = &options->permit_empty_passwd; goto parse_flag; case sPermitUserEnvironment: intptr = &options->permit_user_env; goto parse_flag; case sUseLogin: intptr = &options->use_login; goto parse_flag; case sCompression: intptr = &options->compression; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing yes/no/delayed " "argument.", filename, linenum); value = 0; /* silence compiler */ if (strcmp(arg, "delayed") == 0) value = COMP_DELAYED; else if (strcmp(arg, "yes") == 0) value = COMP_ZLIB; else if (strcmp(arg, "no") == 0) value = COMP_NONE; else fatal("%s line %d: Bad yes/no/delayed " "argument: %s", filename, linenum, arg); if (*intptr == -1) *intptr = value; break; case sGatewayPorts: intptr = &options->gateway_ports; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing yes/no/clientspecified " "argument.", filename, linenum); value = 0; /* silence compiler */ if (strcmp(arg, "clientspecified") == 0) value = 2; else if (strcmp(arg, "yes") == 0) value = 1; else if (strcmp(arg, "no") == 0) value = 0; else fatal("%s line %d: Bad yes/no/clientspecified " "argument: %s", filename, linenum, arg); if (*activep && *intptr == -1) *intptr = value; break; case sUseDNS: intptr = &options->use_dns; goto parse_flag; case sLogFacility: log_facility_ptr = &options->log_facility; arg = strdelim(&cp); value = log_facility_number(arg); if (value == SYSLOG_FACILITY_NOT_SET) fatal("%.200s line %d: unsupported log facility '%s'", filename, linenum, arg ? arg : "<NONE>"); if (*log_facility_ptr == -1) *log_facility_ptr = (SyslogFacility) value; break; case sLogLevel: log_level_ptr = &options->log_level; arg = strdelim(&cp); value = log_level_number(arg); if (value == SYSLOG_LEVEL_NOT_SET) fatal("%.200s line %d: unsupported log level '%s'", filename, linenum, arg ? arg : "<NONE>"); if (*log_level_ptr == -1) *log_level_ptr = (LogLevel) value; break; case sAllowTcpForwarding: intptr = &options->allow_tcp_forwarding; goto parse_flag; case sAllowAgentForwarding: intptr = &options->allow_agent_forwarding; goto parse_flag; case sUsePrivilegeSeparation: intptr = &use_privsep; goto parse_flag; case sAllowUsers: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_users >= MAX_ALLOW_USERS) fatal("%s line %d: too many allow users.", filename, linenum); options->allow_users[options->num_allow_users++] = xstrdup(arg); } break; case sDenyUsers: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_deny_users >= MAX_DENY_USERS) fatal("%s line %d: too many deny users.", filename, linenum); options->deny_users[options->num_deny_users++] = xstrdup(arg); } break; case sAllowGroups: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_allow_groups >= MAX_ALLOW_GROUPS) fatal("%s line %d: too many allow groups.", filename, linenum); options->allow_groups[options->num_allow_groups++] = xstrdup(arg); } break; case sDenyGroups: while ((arg = strdelim(&cp)) && *arg != '\0') { if (options->num_deny_groups >= MAX_DENY_GROUPS) fatal("%s line %d: too many deny groups.", filename, linenum); options->deny_groups[options->num_deny_groups++] = xstrdup(arg); } break; case sCiphers: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) fatal("%s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (options->ciphers == NULL) options->ciphers = xstrdup(arg); break; case sMacs: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); if (!mac_valid(arg)) fatal("%s line %d: Bad SSH2 mac spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (options->macs == NULL) options->macs = xstrdup(arg); break; case sProtocol: intptr = &options->protocol; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing argument.", filename, linenum); value = proto_spec(arg); if (value == SSH_PROTO_UNKNOWN) fatal("%s line %d: Bad protocol spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*intptr == SSH_PROTO_UNKNOWN) *intptr = value; break; case sSubsystem: if (options->num_subsystems >= MAX_SUBSYSTEMS) { fatal("%s line %d: too many subsystems defined.", filename, linenum); } arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing subsystem name.", filename, linenum); if (!*activep) { arg = strdelim(&cp); break; } for (i = 0; i < options->num_subsystems; i++) if (strcmp(arg, options->subsystem_name[i]) == 0) fatal("%s line %d: Subsystem '%s' already defined.", filename, linenum, arg); options->subsystem_name[options->num_subsystems] = xstrdup(arg); arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing subsystem command.", filename, linenum); options->subsystem_command[options->num_subsystems] = xstrdup(arg); /* Collect arguments (separate to executable) */ p = xstrdup(arg); len = strlen(p) + 1; while ((arg = strdelim(&cp)) != NULL && *arg != '\0') { len += 1 + strlen(arg); p = xrealloc(p, 1, len); strlcat(p, " ", len); strlcat(p, arg, len); } options->subsystem_args[options->num_subsystems] = p; options->num_subsystems++; break; case sMaxStartups: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing MaxStartups spec.", filename, linenum); if ((n = sscanf(arg, "%d:%d:%d", &options->max_startups_begin, &options->max_startups_rate, &options->max_startups)) == 3) { if (options->max_startups_begin > options->max_startups || options->max_startups_rate > 100 || options->max_startups_rate < 1) fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum); } else if (n != 1) fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum); else options->max_startups = options->max_startups_begin; break; case sMaxAuthTries: intptr = &options->max_authtries; goto parse_int; case sMaxSessions: intptr = &options->max_sessions; goto parse_int; case sBanner: charptr = &options->banner; goto parse_filename; /* * These options can contain %X options expanded at * connect time, so that you can specify paths like: * * AuthorizedKeysFile /etc/ssh_keys/%u */ case sAuthorizedKeysFile: case sAuthorizedKeysFile2: charptr = (opcode == sAuthorizedKeysFile) ? &options->authorized_keys_file : &options->authorized_keys_file2; goto parse_filename; case sClientAliveInterval: intptr = &options->client_alive_interval; goto parse_time; case sClientAliveCountMax: intptr = &options->client_alive_count_max; goto parse_int; case sAcceptEnv: while ((arg = strdelim(&cp)) && *arg != '\0') { if (strchr(arg, '=') != NULL) fatal("%s line %d: Invalid environment name.", filename, linenum); if (options->num_accept_env >= MAX_ACCEPT_ENV) fatal("%s line %d: too many allow env.", filename, linenum); if (!*activep) break; options->accept_env[options->num_accept_env++] = xstrdup(arg); } break; case sPermitTunnel: intptr = &options->permit_tun; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: Missing yes/point-to-point/" "ethernet/no argument.", filename, linenum); value = -1; for (i = 0; tunmode_desc[i].val != -1; i++) if (strcmp(tunmode_desc[i].text, arg) == 0) { value = tunmode_desc[i].val; break; } if (value == -1) fatal("%s line %d: Bad yes/point-to-point/ethernet/" "no argument: %s", filename, linenum, arg); if (*intptr == -1) *intptr = value; break; case sMatch: if (cmdline) fatal("Match directive not supported as a command-line " "option"); value = match_cfg_line(&cp, linenum, user, host, address); if (value < 0) fatal("%s line %d: Bad Match condition", filename, linenum); *activep = value; break; case sPermitOpen: arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing PermitOpen specification", filename, linenum); n = options->num_permitted_opens; /* modified later */ if (strcmp(arg, "any") == 0) { if (*activep && n == -1) { channel_clear_adm_permitted_opens(); options->num_permitted_opens = 0; } break; } if (*activep && n == -1) channel_clear_adm_permitted_opens(); for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) { p = hpdelim(&arg); if (p == NULL) fatal("%s line %d: missing host in PermitOpen", filename, linenum); p = cleanhostname(p); if (arg == NULL || (port = a2port(arg)) == 0) fatal("%s line %d: bad port number in " "PermitOpen", filename, linenum); if (*activep && n == -1) options->num_permitted_opens = channel_add_adm_permitted_opens(p, port); } break; case sForceCommand: if (cp == NULL) fatal("%.200s line %d: Missing argument.", filename, linenum); len = strspn(cp, WHITESPACE); if (*activep && options->adm_forced_command == NULL) options->adm_forced_command = xstrdup(cp + len); return 0; case sChrootDirectory: charptr = &options->chroot_directory; arg = strdelim(&cp); if (!arg || *arg == '\0') fatal("%s line %d: missing file name.", filename, linenum); if (*activep && *charptr == NULL) *charptr = xstrdup(arg); break; case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); while (arg) arg = strdelim(&cp); break; case sUnsupported: logit("%s line %d: Unsupported option %s", filename, linenum, arg); while (arg) arg = strdelim(&cp); break; default: fatal("%s line %d: Missing handler for opcode %s (%d)", filename, linenum, arg, opcode); } if ((arg = strdelim(&cp)) != NULL && *arg != '\0') fatal("%s line %d: garbage at end of line; \"%.200s\".", filename, linenum, arg); return 0; }
char* _ngx_process_memguard_trim_ws(char *line) { return line + strspn(line, " \t"); }
/* **************************************************************************** * * versionParse - */ bool versionParse(std::string version, int& mayor, int& minor, std::string& bugFix) { char* copy = strdup(version.c_str()); char* s = wsStrip(copy); char* dotP; // // mayor number // dotP = strchr(s, '.'); if (dotP == NULL) { free(copy); return false; } *dotP = 0; ++dotP; s = wsStrip(s); mayor = atoi(s); if (strspn(s, "0123456789") != strlen(s)) { free(copy); return false; } s = dotP; // // minor number // If no dot is found, no bugFix 'version' is present. // Just zero the 'bugFix' and keep the remaining string in minor. // bool bugFixEmpty = false; dotP = strchr(s, '.'); if (dotP != NULL) { *dotP = 0; ++dotP; } else { bugFix = ""; bugFixEmpty = true; } s = wsStrip(s); minor = atoi(s); if (strspn(s, "0123456789") != strlen(s)) { free(copy); return false; } if (bugFixEmpty == true) { free(copy); return true; } s = dotP; // // bugfix // s = wsStrip(s); bugFix = s; free(copy); return true; }
static void CustomizableCleanupPriorWALFiles(void) { /* * Work out name of prior file from current filename */ if (nextWALFileType == XLOG_DATA) { int rc; DIR *xldir; struct dirent *xlde; /* * Assume its OK to keep failing. The failure situation may change * over time, so we'd rather keep going on the main processing than * fail because we couldnt clean up yet. */ if ((xldir = opendir(archiveLocation)) != NULL) { while ((xlde = readdir(xldir)) != NULL) { /* * We ignore the timeline part of the XLOG segment identifiers * in deciding whether a segment is still needed. This * ensures that we won't prematurely remove a segment from a * parent timeline. We could probably be a little more * proactive about removing segments of non-parent timelines, * but that would be a whole lot more complicated. * * We use the alphanumeric sorting property of the filenames * to decide which ones are earlier than the * exclusiveCleanupFileName file. Note that this means files * are not removed in the order they were originally written, * in case this worries you. */ if (strlen(xlde->d_name) == XLOG_DATA_FNAME_LEN && strspn(xlde->d_name, "0123456789ABCDEF") == XLOG_DATA_FNAME_LEN && strcmp(xlde->d_name + 8, exclusiveCleanupFileName + 8) < 0) { #ifdef WIN32 snprintf(WALFilePath, MAXPGPATH, "%s\\%s", archiveLocation, xlde->d_name); #else snprintf(WALFilePath, MAXPGPATH, "%s/%s", archiveLocation, xlde->d_name); #endif if (debug) fprintf(stderr, "\nremoving \"%s\"", WALFilePath); rc = unlink(WALFilePath); if (rc != 0) { fprintf(stderr, "\n%s: ERROR failed to remove \"%s\": %s", progname, WALFilePath, strerror(errno)); break; } } } if (debug) fprintf(stderr, "\n"); } else fprintf(stderr, "%s: archiveLocation \"%s\" open error\n", progname, archiveLocation); closedir(xldir); fflush(stderr); } }
/*------------ MAIN ----------------------------------------*/ int main(int argc, char **argv) { int c; progname = get_progname(argv[0]); if (argc > 1) { if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0) { usage(); exit(0); } if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0) { puts("pg_standby (PostgreSQL) " PG_VERSION); exit(0); } } #ifndef WIN32 /* * You can send SIGUSR1 to trigger failover. * * Postmaster uses SIGQUIT to request immediate shutdown. The default * action is to core dump, but we don't want that, so trap it and commit * suicide without core dump. * * We used to use SIGINT and SIGQUIT to trigger failover, but that turned * out to be a bad idea because postmaster uses SIGQUIT to request * immediate shutdown. We still trap SIGINT, but that may change in a * future release. * * There's no way to trigger failover via signal on Windows. */ (void) signal(SIGUSR1, sighandler); (void) signal(SIGINT, sighandler); /* deprecated, use SIGUSR1 */ (void) signal(SIGQUIT, sigquit_handler); #endif while ((c = getopt(argc, argv, "cdk:lr:s:t:w:")) != -1) { switch (c) { case 'c': /* Use copy */ restoreCommandType = RESTORE_COMMAND_COPY; break; case 'd': /* Debug mode */ debug = true; break; case 'k': /* keepfiles */ keepfiles = atoi(optarg); if (keepfiles < 0) { fprintf(stderr, "%s: -k keepfiles must be >= 0\n", progname); exit(2); } break; case 'l': /* Use link */ /* * Link feature disabled, possibly permanently. Linking * causes a problem after recovery ends that is not currently * resolved by PostgreSQL. 25 Jun 2009 */ #ifdef NOT_USED restoreCommandType = RESTORE_COMMAND_LINK; #endif break; case 'r': /* Retries */ maxretries = atoi(optarg); if (maxretries < 0) { fprintf(stderr, "%s: -r maxretries must be >= 0\n", progname); exit(2); } break; case 's': /* Sleep time */ sleeptime = atoi(optarg); if (sleeptime <= 0 || sleeptime > 60) { fprintf(stderr, "%s: -s sleeptime incorrectly set\n", progname); exit(2); } break; case 't': /* Trigger file */ triggerPath = optarg; break; case 'w': /* Max wait time */ maxwaittime = atoi(optarg); if (maxwaittime < 0) { fprintf(stderr, "%s: -w maxwaittime incorrectly set\n", progname); exit(2); } break; default: fprintf(stderr, "Try \"%s --help\" for more information.\n", progname); exit(2); break; } } /* * Parameter checking - after checking to see if trigger file present */ if (argc == 1) { fprintf(stderr, "%s: not enough command-line arguments\n", progname); exit(2); } /* * We will go to the archiveLocation to get nextWALFileName. * nextWALFileName may not exist yet, which would not be an error, so we * separate the archiveLocation and nextWALFileName so we can check * separately whether archiveLocation exists, if not that is an error */ if (optind < argc) { archiveLocation = argv[optind]; optind++; } else { fprintf(stderr, "%s: must specify archive location\n", progname); fprintf(stderr, "Try \"%s --help\" for more information.\n", progname); exit(2); } if (optind < argc) { nextWALFileName = argv[optind]; optind++; } else { fprintf(stderr, "%s: use %%f to specify nextWALFileName\n", progname); fprintf(stderr, "Try \"%s --help\" for more information.\n", progname); exit(2); } if (optind < argc) { xlogFilePath = argv[optind]; optind++; } else { fprintf(stderr, "%s: use %%p to specify xlogFilePath\n", progname); fprintf(stderr, "Try \"%s --help\" for more information.\n", progname); exit(2); } if (optind < argc) { restartWALFileName = argv[optind]; optind++; } CustomizableInitialize(); need_cleanup = SetWALFileNameForCleanup(); if (debug) { fprintf(stderr, "Trigger file : %s\n", triggerPath ? triggerPath : "<not set>"); fprintf(stderr, "Waiting for WAL file : %s\n", nextWALFileName); fprintf(stderr, "WAL file path : %s\n", WALFilePath); fprintf(stderr, "Restoring to : %s\n", xlogFilePath); fprintf(stderr, "Sleep interval : %d second%s\n", sleeptime, (sleeptime > 1 ? "s" : " ")); fprintf(stderr, "Max wait interval : %d %s\n", maxwaittime, (maxwaittime > 0 ? "seconds" : "forever")); fprintf(stderr, "Command for restore : %s\n", restoreCommand); fprintf(stderr, "Keep archive history : "); if (need_cleanup) fprintf(stderr, "%s and later\n", exclusiveCleanupFileName); else fprintf(stderr, "No cleanup required\n"); fflush(stderr); } /* * Check for initial history file: always the first file to be requested * It's OK if the file isn't there - all other files need to wait */ if (strlen(nextWALFileName) > 8 && strspn(nextWALFileName, "0123456789ABCDEF") == 8 && strcmp(nextWALFileName + strlen(nextWALFileName) - strlen(".history"), ".history") == 0) { nextWALFileType = XLOG_HISTORY; if (RestoreWALFileForRecovery()) exit(0); else { if (debug) { fprintf(stderr, "history file not found\n"); fflush(stderr); } exit(1); } } /* * Main wait loop */ for (;;) { /* Check for trigger file or signal first */ CheckForExternalTrigger(); #ifndef WIN32 if (signaled) { Failover = FastFailover; if (debug) { fprintf(stderr, "signaled to exit: fast failover\n"); fflush(stderr); } } #endif /* * Check for fast failover immediately, before checking if the * requested WAL file is available */ if (Failover == FastFailover) exit(1); if (CustomizableNextWALFileReady()) { /* * Once we have restored this file successfully we can remove some * prior WAL files. If this restore fails we musn't remove any * file because some of them will be requested again immediately * after the failed restore, or when we restart recovery. */ if (RestoreWALFileForRecovery()) { if (need_cleanup) CustomizableCleanupPriorWALFiles(); exit(0); } else { /* Something went wrong in copying the file */ exit(1); } } /* Check for smart failover if the next WAL file was not available */ if (Failover == SmartFailover) exit(1); if (sleeptime <= 60) pg_usleep(sleeptime * 1000000L); waittime += sleeptime; if (waittime >= maxwaittime && maxwaittime > 0) { Failover = FastFailover; if (debug) { fprintf(stderr, "Timed out after %d seconds: fast failover\n", waittime); fflush(stderr); } } if (debug) { fprintf(stderr, "WAL file not present yet."); if (triggerPath) fprintf(stderr, " Checking for trigger file..."); fprintf(stderr, "\n"); fflush(stderr); } } }
{ #if 1 if (strspn(pszColor, "0123456789ABCDEFabcdef") == 6) { // Interpret the hexadecimal value as "RRGGBB" (compatible with XHTML). unsigned nBigEndian = strtoul(pszColor, const_cast<char **>(ppsz), 16); unsigned nBlue = (nBigEndian & 0xFF) << 16; unsigned nGreen = (nBigEndian & 0xFF00); unsigned nRed = (nBigEndian & 0xFF0000) >> 16; return nBlue | nGreen | nRed; } else { // Maintain compatibility with our old hexadecimal format, which was zero-padded to // 8 digits. Assert(strspn(pszColor, "0123456789ABCDEFabcdef") == 8); Assert(pszColor[0] == '0' && pszColor[1] == '0'); return strtoul(pszColor, const_cast<char **>(ppsz), 16); } #else return strtoul(pszColor, const_cast<char **>(ppsz), 16); #endif } } /*---------------------------------------------------------------------------------------------- Decode the superscript value represented by the input string, which must either be a standard English superscript type name, or a decimal number. @param pszSuperscript String containing a superscript type, either a name or a decimal value.
/*---------------------------------------------------------------------------------------------- Decode the color value represented by the input string, which must either be a standard English color name, or a 6/8-digit hexadecimal number. @param pszColor String containing a color value, either a name or a hexadecimal (RGB?) value. @param ppsz Address of pointer to the end of the comparison or computation. @return The color value represented by the input string. ----------------------------------------------------------------------------------------------*/ int FwXml::DecodeTextColor(const char * pszColor, const char ** ppsz) { AssertPtr(pszColor); AssertPtrN(ppsz); if (!_strnicmp(pszColor, "white", 5)) { if (ppsz) *ppsz = pszColor + 5; return kclrWhite; } else if (!_strnicmp(pszColor, "black", 5)) { if (ppsz) *ppsz = pszColor + 5; return kclrBlack; } else if (!_strnicmp(pszColor, "red", 3)) { if (ppsz) *ppsz = pszColor + 3; return kclrRed; } else if (!_strnicmp(pszColor, "green", 5)) { if (ppsz) *ppsz = pszColor + 5; return kclrGreen; } else if (!_strnicmp(pszColor, "blue", 4)) { if (ppsz) *ppsz = pszColor + 4; return kclrBlue; } else if (!_strnicmp(pszColor, "yellow", 6)) { if (ppsz) *ppsz = pszColor + 6; return kclrYellow; } else if (!_strnicmp(pszColor, "magenta", 7)) { if (ppsz) *ppsz = pszColor + 7; return kclrMagenta; } else if (!_strnicmp(pszColor, "cyan", 4)) { if (ppsz) *ppsz = pszColor + 4; return kclrCyan; } else if (!_strnicmp(pszColor, "transparent", 11)) { if (ppsz) *ppsz = pszColor + 11; return kclrTransparent; } else { #if 1 if (strspn(pszColor, "0123456789ABCDEFabcdef") == 6) { // Interpret the hexadecimal value as "RRGGBB" (compatible with XHTML). unsigned nBigEndian = strtoul(pszColor, const_cast<char **>(ppsz), 16); unsigned nBlue = (nBigEndian & 0xFF) << 16; unsigned nGreen = (nBigEndian & 0xFF00); unsigned nRed = (nBigEndian & 0xFF0000) >> 16; return nBlue | nGreen | nRed; } else {
bool CPatch::FindTarget(const char *strConfigFilename, const char *strCommandLine) { FILE *hFile = fopen(strConfigFilename, "rb"); if(hFile == 0) return false; while(true) { char buffer[PATCH_LINE_MAX]; fgets(buffer, PATCH_LINE_MAX, hFile); if(feof(hFile)) break; char *pToken = &buffer[strspn(buffer, " \t\n\r")]; if(*pToken++ != '!') continue; char strTarget[_MAX_PATH]; if(strncmp(pToken, "commandline", 11) == 0) { if(strCommandLine && (strlen(strCommandLine) > 0)) { strcpy(strTarget, (char *)(LPCTSTR)strCommandLine); } else continue; } else if(strncmp(pToken, "file", 4) == 0) { pToken += 4; pToken = &pToken[strspn(pToken, " \t\n\r")]; if(*pToken++ != '\"') continue; char *strFilename = pToken; if((pToken = strchr(pToken, '\"')) == 0) continue; *pToken++ = 0; strcpy(strTarget, strFilename); } else if(strncmp(pToken, "registry", 8) == 0) { pToken += 8; pToken = &pToken[strspn(pToken, " \t\n\r")]; if(*pToken++ != '\"') continue; char *strKey = pToken; if((pToken = strchr(pToken, '\"')) == 0) continue; *pToken++ = 0; HKEY tempKey; if(RegOpenKeyEx(HKEY_LOCAL_MACHINE, strKey, NULL, KEY_READ, &tempKey) != ERROR_SUCCESS) continue; pToken = &pToken[strspn(pToken, " \t\n\r")]; if(*pToken++ != '\"') continue; char *strValue = pToken; if((pToken = strchr(pToken, '\"')) == 0) continue; *pToken++ = 0; DWORD pathLength = _MAX_PATH; if(RegQueryValueEx(tempKey, strValue, NULL, NULL, (LPBYTE)strTarget, &pathLength) != ERROR_SUCCESS) continue; RegCloseKey(tempKey); pToken = &pToken[strspn(pToken, " \t\n\r")]; if(*pToken++ != '\"') continue; char *strAdd = pToken; if((pToken = strchr(pToken, '\"')) == 0) continue; *pToken++ = 0; strcat(strTarget, strAdd); } FILE *hTargetFile = fopen(strTarget, "rb"); if(hTargetFile != 0) { fclose(hTargetFile); delete [] m_strTarget; m_strTarget = new char[strlen(strTarget) + 1]; strcpy(m_strTarget, strTarget); fclose(hFile); return true; } } fclose(hFile); return false; }
static int parse_args(const char **cpp, int *pflag, int *lflag, int *iflag, unsigned long *n_arg, char **path1, char **path2) { const char *cmd, *cp = *cpp; char *cp2; int base = 0; long l; int i, cmdnum; /* Skip leading whitespace */ cp = cp + strspn(cp, WHITESPACE); /* Ignore blank lines and lines which begin with comment '#' char */ if (*cp == '\0' || *cp == '#') return (0); /* Check for leading '-' (disable error processing) */ *iflag = 0; if (*cp == '-') { *iflag = 1; cp++; } /* Figure out which command we have */ for (i = 0; cmds[i].c; i++) { int cmdlen = strlen(cmds[i].c); /* Check for command followed by whitespace */ if (!strncasecmp(cp, cmds[i].c, cmdlen) && strchr(WHITESPACE, cp[cmdlen])) { cp += cmdlen; cp = cp + strspn(cp, WHITESPACE); break; } } cmdnum = cmds[i].n; cmd = cmds[i].c; /* Special case */ if (*cp == '!') { cp++; cmdnum = I_SHELL; } else if (cmdnum == -1) { error("Invalid command."); return (-1); } /* Get arguments and parse flags */ *lflag = *pflag = *n_arg = 0; *path1 = *path2 = NULL; switch (cmdnum) { case I_GET: case I_PUT: if (parse_getput_flags(&cp, pflag)) return(-1); /* Get first pathname (mandatory) */ if (get_pathname(&cp, path1)) return(-1); if (*path1 == NULL) { error("You must specify at least one path after a " "%s command.", cmd); return(-1); } /* Try to get second pathname (optional) */ if (get_pathname(&cp, path2)) return(-1); break; case I_RENAME: case I_SYMLINK: if (get_pathname(&cp, path1)) return(-1); if (get_pathname(&cp, path2)) return(-1); if (!*path1 || !*path2) { error("You must specify two paths after a %s " "command.", cmd); return(-1); } break; case I_RM: case I_MKDIR: case I_RMDIR: case I_CHDIR: case I_LCHDIR: case I_LMKDIR: /* Get pathname (mandatory) */ if (get_pathname(&cp, path1)) return(-1); if (*path1 == NULL) { error("You must specify a path after a %s command.", cmd); return(-1); } break; case I_LS: if (parse_ls_flags(&cp, lflag)) return(-1); /* Path is optional */ if (get_pathname(&cp, path1)) return(-1); break; case I_LLS: case I_SHELL: /* Uses the rest of the line */ break; case I_LUMASK: base = 8; case I_CHMOD: base = 8; case I_CHOWN: case I_CHGRP: /* Get numeric arg (mandatory) */ l = strtol(cp, &cp2, base); if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) && errno == ERANGE) || l < 0) { error("You must supply a numeric argument " "to the %s command.", cmd); return(-1); } cp = cp2; *n_arg = l; if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp)) break; if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) { error("You must supply a numeric argument " "to the %s command.", cmd); return(-1); } cp += strspn(cp, WHITESPACE); /* Get pathname (mandatory) */ if (get_pathname(&cp, path1)) return(-1); if (*path1 == NULL) { error("You must specify a path after a %s command.", cmd); return(-1); } break; case I_QUIT: case I_PWD: case I_LPWD: case I_HELP: case I_VERSION: case I_PROGRESS: break; default: fatal("Command not implemented"); } *cpp = cp; return(cmdnum); }
static int get_pathname(const char **cpp, char **path) { const char *cp = *cpp, *end; char quot; u_int i, j; cp += strspn(cp, WHITESPACE); if (!*cp) { *cpp = cp; *path = NULL; return (0); } *path = xmalloc(strlen(cp) + 1); /* Check for quoted filenames */ if (*cp == '\"' || *cp == '\'') { quot = *cp++; /* Search for terminating quote, unescape some chars */ for (i = j = 0; i <= strlen(cp); i++) { if (cp[i] == quot) { /* Found quote */ i++; (*path)[j] = '\0'; break; } if (cp[i] == '\0') { /* End of string */ error("Unterminated quote"); goto fail; } if (cp[i] == '\\') { /* Escaped characters */ i++; if (cp[i] != '\'' && cp[i] != '\"' && cp[i] != '\\') { error("Bad escaped character '\\%c'", cp[i]); goto fail; } } (*path)[j++] = cp[i]; } if (j == 0) { error("Empty quotes"); goto fail; } *cpp = cp + i + strspn(cp + i, WHITESPACE); } else { /* Read to end of filename */ end = strpbrk(cp, WHITESPACE); if (end == NULL) end = strchr(cp, '\0'); *cpp = end + strspn(end, WHITESPACE); memcpy(*path, cp, end - cp); (*path)[end - cp] = '\0'; } return (0); fail: xfree(*path); *path = NULL; return (-1); }
static bool finalize_join(void) { char *name = xstrdup(get_value(data, "Name")); if(!name) { fprintf(stderr, "No Name found in invitation!\n"); return false; } if(!check_id(name)) { fprintf(stderr, "Invalid Name found in invitation: %s!\n", name); return false; } if(!netname) netname = grep(data, "NetName"); bool ask_netname = false; char temp_netname[32]; make_names: if(!confbasegiven) { free(confbase); confbase = NULL; } make_names(false); free(tinc_conf); free(hosts_dir); xasprintf(&tinc_conf, "%s" SLASH "tinc.conf", confbase); xasprintf(&hosts_dir, "%s" SLASH "hosts", confbase); if(!access(tinc_conf, F_OK)) { fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf); if(confbasegiven) return false; // Generate a random netname, ask for a better one later. ask_netname = true; snprintf(temp_netname, sizeof temp_netname, "join_%x", rand()); netname = temp_netname; goto make_names; } if(mkdir(confbase, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); return false; } if(mkdir(hosts_dir, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", hosts_dir, strerror(errno)); return false; } FILE *f = fopen(tinc_conf, "w"); if(!f) { fprintf(stderr, "Could not create file %s: %s\n", tinc_conf, strerror(errno)); return false; } fprintf(f, "Name = %s\n", name); char filename[PATH_MAX]; snprintf(filename, sizeof filename, "%s" SLASH "%s", hosts_dir, name); FILE *fh = fopen(filename, "w"); if(!fh) { fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); fclose(f); return false; } // Filter first chunk on approved keywords, split between tinc.conf and hosts/Name // Other chunks go unfiltered to their respective host config files const char *p = data; char *l, *value; while((l = get_line(&p))) { // Ignore comments if(*l == '#') continue; // Split line into variable and value int len = strcspn(l, "\t ="); value = l + len; value += strspn(value, "\t "); if(*value == '=') { value++; value += strspn(value, "\t "); } l[len] = 0; // Is it a Name? if(!strcasecmp(l, "Name")) if(strcmp(value, name)) break; else continue; else if(!strcasecmp(l, "NetName")) continue; // Check the list of known variables bool found = false; int i; for(i = 0; variables[i].name; i++) { if(strcasecmp(l, variables[i].name)) continue; found = true; break; } // Ignore unknown and unsafe variables if(!found) { fprintf(stderr, "Ignoring unknown variable '%s' in invitation.\n", l); continue; } else if(!(variables[i].type & VAR_SAFE)) { fprintf(stderr, "Ignoring unsafe variable '%s' in invitation.\n", l); continue; } // Copy the safe variable to the right config file fprintf(variables[i].type & VAR_HOST ? fh : f, "%s = %s\n", l, value); } fclose(f); while(l && !strcasecmp(l, "Name")) { if(!check_id(value)) { fprintf(stderr, "Invalid Name found in invitation.\n"); return false; } if(!strcmp(value, name)) { fprintf(stderr, "Secondary chunk would overwrite our own host config file.\n"); return false; } snprintf(filename, sizeof filename, "%s" SLASH "%s", hosts_dir, value); f = fopen(filename, "w"); if(!f) { fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno)); return false; } while((l = get_line(&p))) { if(!strcmp(l, "#---------------------------------------------------------------#")) continue; int len = strcspn(l, "\t ="); if(len == 4 && !strncasecmp(l, "Name", 4)) { value = l + len; value += strspn(value, "\t "); if(*value == '=') { value++; value += strspn(value, "\t "); } l[len] = 0; break; } fputs(l, f); fputc('\n', f); } fclose(f); } // Generate our key and send a copy to the server ecdsa_t *key = ecdsa_generate(); if(!key) return false; char *b64key = ecdsa_get_base64_public_key(key); if(!b64key) return false; snprintf(filename, sizeof filename, "%s" SLASH "ed25519_key.priv", confbase); f = fopenmask(filename, "w", 0600); if(!f) return false; if(!ecdsa_write_pem_private_key(key, f)) { fprintf(stderr, "Error writing private key!\n"); ecdsa_free(key); fclose(f); return false; } fclose(f); fprintf(fh, "Ed25519PublicKey = %s\n", b64key); sptps_send_record(&sptps, 1, b64key, strlen(b64key)); free(b64key); ecdsa_free(key); check_port(name); ask_netname: if(ask_netname && tty) { fprintf(stderr, "Enter a new netname: "); if(!fgets(line, sizeof line, stdin)) { fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno)); return false; } if(!*line || *line == '\n') goto ask_netname; line[strlen(line) - 1] = 0; char newbase[PATH_MAX]; snprintf(newbase, sizeof newbase, CONFDIR SLASH "tinc" SLASH "%s", line); if(rename(confbase, newbase)) { fprintf(stderr, "Error trying to rename %s to %s: %s\n", confbase, newbase, strerror(errno)); goto ask_netname; } netname = line; make_names(false); } fprintf(stderr, "Configuration stored in: %s\n", confbase); return true; }
int main(int argc, char *argv[]) { FILE *in = stdin; FILE *out = stdout; FILE *orig = NULL; FILE *sig = NULL; gray **input_image; gray **orig_image; char signature_name[MAXPATHLEN]; char output_name[MAXPATHLEN] = "(stdout)"; char input_name[MAXPATHLEN] = "(stdin)"; char orig_name[MAXPATHLEN]; int c; int n = 0; int method = -1; int filter = 0; char filter_name[MAXPATHLEN] = ""; int level = 0; double alpha = 0.0; int in_rows, in_cols, in_format; gray in_maxval; int orig_rows, orig_cols, orig_format; gray orig_maxval; int rows, cols; int row, col; Image_tree input_dwts; Image_tree orig_dwts; int verbose = 0; progname = argv[0]; pgm_init(&argc, argv); wm_init2(); while ((c = getopt(argc, argv, "a:e:f:F:h?i:n:o:s:v:")) != EOF) { switch (c) { case 'a': alpha = atof(optarg); if (alpha <= 0.0) { fprintf(stderr, "%s: alpha factor %f out of range\n", progname, alpha); exit(1); } break; case 'e': method = atoi(optarg); if (method < 0) { fprintf(stderr, "%s: wavelet filtering method %d out of range\n", progname, method); exit(1); } break; case 'f': filter = atoi(optarg); if (filter <= 0) { fprintf(stderr, "%s: filter number %d out of range\n", progname, filter); exit(1); } break; case 'F': strcpy(filter_name, optarg); break; case 'h': case '?': usage(); break; case 'i': if ((orig = fopen(optarg, "rb")) == NULL) { fprintf(stderr, "%s: unable to open original image file %s\n", progname, optarg); exit(1); } strcpy(orig_name, optarg); break; case 'n': n = atoi(optarg); if (n < 1 || n > 1000) { fprintf(stderr, "%s: watermark length %d out of range\n", progname, n); exit(1); } break; case 'o': if ((out = fopen(optarg, "w")) == NULL) { fprintf(stderr, "%s: unable to open output file %s\n", progname, optarg); exit(1); } strcpy(output_name, optarg); break; case 's': if ((sig = fopen(optarg, "r")) == NULL) { fprintf(stderr, "%s: unable to open signature file %s\n", progname, optarg); exit(1); } strcpy(signature_name, optarg); break; case 'v': verbose = atoi(optarg); if (verbose < 0) { fprintf(stderr, "%s: verbosity level %d out of range\n", progname, verbose); exit(1); } break; } } argc -= optind; argv += optind; if (argc > 1) { usage(); exit(1); } if (argc == 1 && *argv[0] != '-') { if ((in = fopen(argv[0], "rb")) == NULL) { fprintf(stderr, "%s: unable to open input file %s\n", progname, argv[0]); exit(1); } else strcpy(input_name, argv[0]); } if (!orig) { fprintf(stderr, "%s: original image file not specified, use -i file option\n", progname); exit(1); } if (sig) { char line[32]; fgets(line, sizeof(line), sig); if (strspn(line, "CVSG") >= 4) { fscanf(sig, "%d\n", &n); if (alpha == 0.0) fscanf(sig, "%lf\n", &alpha); else fscanf(sig, "%*f\n"); if (method < 0) fscanf(sig, "%d\n", &method); else fscanf(sig, "%*d\n"); if (filter == 0) fscanf(sig, "%d\n", &filter); else fscanf(sig, "%*d\n"); if (!strcmp(filter_name, "")) fscanf(sig, "%[^\n\r]\n", filter_name); else fscanf(sig, "%*[^\n\r]\n"); } else { fprintf(stderr, "%s: invalid signature file %s\n", progname, signature_name); exit(1); } fclose(sig); } else { fprintf(stderr, "%s: signature file not specified, use -s file option\n", progname); exit(1); } pgm_readpgminit(in, &in_cols, &in_rows, &in_maxval, &in_format); pgm_readpgminit(orig, &orig_cols, &orig_rows, &orig_maxval, &orig_format); if (in_cols != orig_cols || in_rows != orig_rows) { fprintf(stderr, "%s: input image %s does not match dimensions of original image %s\n", progname, input_name, orig_name); exit(1); } cols = in_cols; rows = in_rows; input_image = pgm_allocarray(in_cols, in_rows); orig_image = pgm_allocarray(orig_cols, orig_rows); for (row = 0; row < in_rows; row++) pgm_readpgmrow(in, input_image[row], in_cols, in_maxval, in_format); fclose(in); for (row = 0; row < orig_rows; row++) pgm_readpgmrow(orig, orig_image[row], orig_cols, orig_maxval, orig_format); fclose(orig); level = 0; row = rows; col = cols; while (n < row * col / 4.0 && row >= 2 && col >= 2) { row /= 2; col /= 2; level++; } if (verbose >= 2) { fprintf(stderr, "%s: extracting from coarse image (x %d/y %d) at level %d\n", progname, col, row, level); } init_dwt(cols, rows, filter_name, filter, level, method); #ifdef POLLEN_STUFF #include "pollen_stuff.c" #endif #ifdef PARAM_STUFF #include "param_stuff.c" #endif input_dwts = fdwt(input_image); orig_dwts = fdwt(orig_image); fprintf(out, "CVWM\n"); fprintf(out, "%d\n", n); { Image_tree p = input_dwts; Image_tree q = orig_dwts; Image input_img; Image orig_img; double input_med; double orig_med; double input_var; double orig_var; while (!p->image) p = p->coarse; while (!q->image) q = q->coarse; input_img = p->image; orig_img = q->image; input_med = 0.0; for (row = 0; row < input_img->height; row++) for (col = 0; col < input_img->width; col++) input_med += get_pixel(input_img, col, row); input_med /= (double) (input_img->height * input_img->width); orig_med = 0.0; for (row = 0; row < orig_img->height; row++) for (col = 0; col < orig_img->width; col++) orig_med += get_pixel(orig_img, col, row); orig_med /= (double) (orig_img->height * orig_img->width); orig_var = 0.0; for (row = 0; row < orig_img->height; row++) for (col = 0; col < orig_img->width; col++) orig_var += sqr(get_pixel(orig_img, col, row) - orig_med); orig_var /= (double) (orig_img->height * orig_img->width); input_var = 0.0; for (row = 0; row < input_img->height; row++) for (col = 0; col < input_img->width; col++) input_var += sqr(get_pixel(input_img, col, row) - input_med); input_var /= (double) (input_img->height * input_img->width); orig_var = sqrt(orig_var); input_var = sqrt(input_var); if (verbose > 3) fprintf(stderr, "%s: mean (input, orig): %f, %f,\n variance (input, orig): %f, %f\n", progname, input_med, orig_med, input_var, orig_var); row = 0; col = 0; while (n > 0) { double input_pix; double orig_pix; double x; input_pix = get_pixel(input_img, col, row); orig_pix = get_pixel(orig_img, col, row); x = (((input_pix - input_med) * (orig_var / input_var) - (orig_pix / orig_med)) / (orig_pix - orig_med) - 1.0) / alpha; fprintf(out, "%f\n", x); if (++col == orig_img->width) { col = 0; row++; } n--; } } fclose(out); pgm_freearray(input_image, rows); pgm_freearray(orig_image, rows); exit(0); }
/* Tokenizes strings given argument s, using the given delimiters, * and stores the results in argvp. * If there is an error, -1 is returned, otherwise, the number of tokens * is returned. */ int makeargv(const char *s, const char *delimiters, char ***argvp) { int error; int i; int numtokens; const char *snew; char *t; /* Ensure that s, delimiters, and argvp are not NULL */ if ((s == NULL) || (delimiters == NULL) || (argvp == NULL)) { /* If they are, set errno to indicate the error */ errno = EINVAL; /* and return -1 to report the error condition back to the * caller */ return -1; } /* Dereferencing the triple pointer argvp, we get the value * of the double pointer passed in, and set it to NULL. * I don't see why this is necessary, since we are allocating * it new memory with malloc() later. */ *argvp = NULL; /* Here we increment the pointer s, by the number of bytes needed to * reach the first character not in the delimiter set. */ snew = s + strspn(s, delimiters); /* snew is real start of string */ /* Then we allocate, in t, enough bytes to hold snew and a null character. */ if ((t = malloc(strlen(snew) + 1)) == NULL) { /* Problem allocating memory, so let the caller know */ return -1; } /* Once allocated, we can copy snew to t */ strcpy(t, snew); /* Initialize automatic variable numtokens */ numtokens = 0; /* Check if there is at least one token. */ if (strtok(t, delimiters) != NULL) { /* count the number of tokens in s */ /* Loop through until there are no more tokens, counting each one. */ for (numtokens = 1; strtok(NULL, delimiters) != NULL; numtokens++); } /* create argument array for ptrs to the tokens */ if ((*argvp = malloc((numtokens + 1) * sizeof(char *))) == NULL) { /* Save errno, in case it is set by free() */ error = errno; free(t); errno = error; return -1; } /* insert pointers to tokens into the argument array */ if (numtokens == 0) { /* There were no tokens, so free t. */ free(t); } else { /* Reset t to original snew value, since strtok() modified it. */ strcpy(t, snew); /* Put the first token in it's place in the array. */ **argvp = strtok(t, delimiters); for (i = 1; i < numtokens; i++) { /* Put a token into each char* in argvp* * incrementing the pointer each time to * point to the next location in memory with i. */ *((*argvp) + i) = strtok(NULL, delimiters); } } /* Put in final NULL pointer to mark the end of the array. */ *((*argvp) + numtokens) = NULL; return numtokens; }
int process_config_line(Options *options, const char *host, char *line, const char *filename, int linenum, int *activep) { char *s, **charptr, *endofnumber, *keyword, *arg, *arg2; char **cpptr, fwdarg[256]; u_int *uintptr, max_entries = 0; int negated, opcode, *intptr, value, value2, scale; LogLevel *log_level_ptr; long long orig, val64; size_t len; Forward fwd; /* Strip trailing whitespace */ for (len = strlen(line) - 1; len > 0; len--) { if (strchr(WHITESPACE, line[len]) == NULL) break; line[len] = '\0'; } s = line; /* Get the keyword. (Each line is supposed to begin with a keyword). */ if ((keyword = strdelim(&s)) == NULL) return 0; /* Ignore leading whitespace. */ if (*keyword == '\0') keyword = strdelim(&s); if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#') return 0; opcode = parse_token(keyword, filename, linenum); switch (opcode) { case oBadOption: /* don't panic, but count bad options */ return -1; /* NOTREACHED */ case oConnectTimeout: intptr = &options->connection_timeout; parse_time: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%s line %d: missing time value.", filename, linenum); if ((value = convtime(arg)) == -1) fatal("%s line %d: invalid time value.", filename, linenum); if (*activep && *intptr == -1) *intptr = value; break; case oForwardAgent: intptr = &options->forward_agent; parse_flag: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = 1; else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) value = 0; else fatal("%.200s line %d: Bad yes/no argument.", filename, linenum); if (*activep && *intptr == -1) *intptr = value; break; case oForwardX11: intptr = &options->forward_x11; goto parse_flag; case oForwardX11Trusted: intptr = &options->forward_x11_trusted; goto parse_flag; case oForwardX11Timeout: intptr = &options->forward_x11_timeout; goto parse_time; case oGatewayPorts: intptr = &options->gateway_ports; goto parse_flag; case oExitOnForwardFailure: intptr = &options->exit_on_forward_failure; goto parse_flag; case oUsePrivilegedPort: intptr = &options->use_privileged_port; goto parse_flag; case oPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; case oZeroKnowledgePasswordAuthentication: intptr = &options->zero_knowledge_password_authentication; goto parse_flag; case oKbdInteractiveAuthentication: intptr = &options->kbd_interactive_authentication; goto parse_flag; case oKbdInteractiveDevices: charptr = &options->kbd_interactive_devices; goto parse_string; case oPubkeyAuthentication: intptr = &options->pubkey_authentication; goto parse_flag; case oRSAAuthentication: intptr = &options->rsa_authentication; goto parse_flag; case oRhostsRSAAuthentication: intptr = &options->rhosts_rsa_authentication; goto parse_flag; case oHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; case oChallengeResponseAuthentication: intptr = &options->challenge_response_authentication; goto parse_flag; case oGssAuthentication: intptr = &options->gss_authentication; goto parse_flag; case oGssDelegateCreds: intptr = &options->gss_deleg_creds; goto parse_flag; case oBatchMode: intptr = &options->batch_mode; goto parse_flag; case oCheckHostIP: intptr = &options->check_host_ip; goto parse_flag; case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; goto parse_yesnoask; case oStrictHostKeyChecking: intptr = &options->strict_host_key_checking; parse_yesnoask: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing yes/no/ask argument.", filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = 1; else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) value = 0; else if (strcmp(arg, "ask") == 0) value = 2; else fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum); if (*activep && *intptr == -1) *intptr = value; break; case oCompression: intptr = &options->compression; goto parse_flag; case oTCPKeepAlive: intptr = &options->tcp_keep_alive; goto parse_flag; case oNoHostAuthenticationForLocalhost: intptr = &options->no_host_authentication_for_localhost; goto parse_flag; case oNumberOfPasswordPrompts: intptr = &options->number_of_password_prompts; goto parse_int; case oCompressionLevel: intptr = &options->compression_level; goto parse_int; case oRekeyLimit: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] < '0' || arg[0] > '9') fatal("%.200s line %d: Bad number.", filename, linenum); orig = val64 = strtoll(arg, &endofnumber, 10); if (arg == endofnumber) fatal("%.200s line %d: Bad number.", filename, linenum); switch (toupper(*endofnumber)) { case '\0': scale = 1; break; case 'K': scale = 1<<10; break; case 'M': scale = 1<<20; break; case 'G': scale = 1<<30; break; default: fatal("%.200s line %d: Invalid RekeyLimit suffix", filename, linenum); } val64 *= scale; /* detect integer wrap and too-large limits */ if ((val64 / scale) != orig || val64 > UINT_MAX) fatal("%.200s line %d: RekeyLimit too large", filename, linenum); if (val64 < 16) fatal("%.200s line %d: RekeyLimit too small", filename, linenum); if (*activep && options->rekey_limit == -1) options->rekey_limit = (u_int32_t)val64; break; case oIdentityFile: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep) { intptr = &options->num_identity_files; if (*intptr >= SSH_MAX_IDENTITY_FILES) fatal("%.200s line %d: Too many identity files specified (max %d).", filename, linenum, SSH_MAX_IDENTITY_FILES); charptr = &options->identity_files[*intptr]; *charptr = xstrdup(arg); *intptr = *intptr + 1; } break; case oXAuthLocation: charptr=&options->xauth_location; goto parse_string; case oUser: charptr = &options->user; parse_string: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (*activep && *charptr == NULL) *charptr = xstrdup(arg); break; case oGlobalKnownHostsFile: cpptr = (char **)&options->system_hostfiles; uintptr = &options->num_system_hostfiles; max_entries = SSH_MAX_HOSTS_FILES; parse_char_array: if (*activep && *uintptr == 0) { while ((arg = strdelim(&s)) != NULL && *arg != '\0') { if ((*uintptr) >= max_entries) fatal("%s line %d: " "too many authorized keys files.", filename, linenum); cpptr[(*uintptr)++] = xstrdup(arg); } } return 0; case oUserKnownHostsFile: cpptr = (char **)&options->user_hostfiles; uintptr = &options->num_user_hostfiles; max_entries = SSH_MAX_HOSTS_FILES; goto parse_char_array; case oHostName: charptr = &options->hostname; goto parse_string; case oHostKeyAlias: charptr = &options->host_key_alias; goto parse_string; case oPreferredAuthentications: charptr = &options->preferred_authentications; goto parse_string; case oBindAddress: charptr = &options->bind_address; goto parse_string; case oPKCS11Provider: charptr = &options->pkcs11_provider; goto parse_string; case oProxyCommand: charptr = &options->proxy_command; parse_command: if (s == NULL) fatal("%.200s line %d: Missing argument.", filename, linenum); len = strspn(s, WHITESPACE "="); if (*activep && *charptr == NULL) *charptr = xstrdup(s + len); return 0; case oPort: intptr = &options->port; parse_int: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] < '0' || arg[0] > '9') fatal("%.200s line %d: Bad number.", filename, linenum); /* Octal, decimal, or hex format? */ value = strtol(arg, &endofnumber, 0); if (arg == endofnumber) fatal("%.200s line %d: Bad number.", filename, linenum); if (*activep && *intptr == -1) *intptr = value; break; case oConnectionAttempts: intptr = &options->connection_attempts; goto parse_int; case oCipher: intptr = &options->cipher; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); value = cipher_number(arg); if (value == -1) fatal("%.200s line %d: Bad cipher '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *intptr == -1) *intptr = value; break; case oCiphers: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->ciphers == NULL) options->ciphers = xstrdup(arg); break; case oMacs: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (!mac_valid(arg)) fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->macs == NULL) options->macs = xstrdup(arg); break; case oKexAlgorithms: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (!kex_names_valid(arg)) fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->kex_algorithms == NULL) options->kex_algorithms = xstrdup(arg); break; case oHostKeyAlgorithms: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (!key_names_valid2(arg)) fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->hostkeyalgorithms == NULL) options->hostkeyalgorithms = xstrdup(arg); break; case oProtocol: intptr = &options->protocol; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); value = proto_spec(arg); if (value == SSH_PROTO_UNKNOWN) fatal("%.200s line %d: Bad protocol spec '%s'.", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *intptr == SSH_PROTO_UNKNOWN) *intptr = value; break; case oLogLevel: log_level_ptr = &options->log_level; arg = strdelim(&s); value = log_level_number(arg); if (value == SYSLOG_LEVEL_NOT_SET) fatal("%.200s line %d: unsupported log level '%s'", filename, linenum, arg ? arg : "<NONE>"); if (*activep && *log_level_ptr == SYSLOG_LEVEL_NOT_SET) *log_level_ptr = (LogLevel) value; break; case oLocalForward: case oRemoteForward: case oDynamicForward: arg = strdelim(&s); if (arg == NULL || *arg == '\0') fatal("%.200s line %d: Missing port argument.", filename, linenum); if (opcode == oLocalForward || opcode == oRemoteForward) { arg2 = strdelim(&s); if (arg2 == NULL || *arg2 == '\0') fatal("%.200s line %d: Missing target argument.", filename, linenum); /* construct a string for parse_forward */ snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); } else if (opcode == oDynamicForward) { strlcpy(fwdarg, arg, sizeof(fwdarg)); } if (parse_forward(&fwd, fwdarg, opcode == oDynamicForward ? 1 : 0, opcode == oRemoteForward ? 1 : 0) == 0) fatal("%.200s line %d: Bad forwarding specification.", filename, linenum); if (*activep) { if (opcode == oLocalForward || opcode == oDynamicForward) add_local_forward(options, &fwd); else if (opcode == oRemoteForward) add_remote_forward(options, &fwd); } break; case oClearAllForwardings: intptr = &options->clear_forwardings; goto parse_flag; case oHost: *activep = 0; arg2 = NULL; while ((arg = strdelim(&s)) != NULL && *arg != '\0') { negated = *arg == '!'; if (negated) arg++; if (match_pattern(host, arg)) { if (negated) { debug("%.200s line %d: Skipping Host " "block because of negated match " "for %.100s", filename, linenum, arg); *activep = 0; break; } if (!*activep) arg2 = arg; /* logged below */ *activep = 1; } } if (*activep) debug("%.200s line %d: Applying options for %.100s", filename, linenum, arg2); /* Avoid garbage check below, as strdelim is done. */ return 0; case oEscapeChar: intptr = &options->escape_char; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); if (arg[0] == '^' && arg[2] == 0 && (u_char) arg[1] >= 64 && (u_char) arg[1] < 128) value = (u_char) arg[1] & 31; else if (strlen(arg) == 1) value = (u_char) arg[0]; else if (strcmp(arg, "none") == 0) value = SSH_ESCAPECHAR_NONE; else { fatal("%.200s line %d: Bad escape character.", filename, linenum); /* NOTREACHED */ value = 0; /* Avoid compiler warning. */ } if (*activep && *intptr == -1) *intptr = value; break; case oAddressFamily: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%s line %d: missing address family.", filename, linenum); intptr = &options->address_family; if (strcasecmp(arg, "inet") == 0) value = AF_INET; else if (strcasecmp(arg, "inet6") == 0) value = AF_INET6; else if (strcasecmp(arg, "any") == 0) value = AF_UNSPEC; else fatal("Unsupported AddressFamily \"%s\"", arg); if (*activep && *intptr == -1) *intptr = value; break; case oEnableSSHKeysign: intptr = &options->enable_ssh_keysign; goto parse_flag; case oIdentitiesOnly: intptr = &options->identities_only; goto parse_flag; case oServerAliveInterval: intptr = &options->server_alive_interval; goto parse_time; case oServerAliveCountMax: intptr = &options->server_alive_count_max; goto parse_int; case oSendEnv: while ((arg = strdelim(&s)) != NULL && *arg != '\0') { if (strchr(arg, '=') != NULL) fatal("%s line %d: Invalid environment name.", filename, linenum); if (!*activep) continue; if (options->num_send_env >= MAX_SEND_ENV) fatal("%s line %d: too many send env.", filename, linenum); options->send_env[options->num_send_env++] = xstrdup(arg); } break; case oControlPath: charptr = &options->control_path; goto parse_string; case oControlMaster: intptr = &options->control_master; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing ControlMaster argument.", filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = SSHCTL_MASTER_YES; else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) value = SSHCTL_MASTER_NO; else if (strcmp(arg, "auto") == 0) value = SSHCTL_MASTER_AUTO; else if (strcmp(arg, "ask") == 0) value = SSHCTL_MASTER_ASK; else if (strcmp(arg, "autoask") == 0) value = SSHCTL_MASTER_AUTO_ASK; else fatal("%.200s line %d: Bad ControlMaster argument.", filename, linenum); if (*activep && *intptr == -1) *intptr = value; break; case oControlPersist: /* no/false/yes/true, or a time spec */ intptr = &options->control_persist; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing ControlPersist" " argument.", filename, linenum); value = 0; value2 = 0; /* timeout */ if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) value = 0; else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = 1; else if ((value2 = convtime(arg)) >= 0) value = 1; else fatal("%.200s line %d: Bad ControlPersist argument.", filename, linenum); if (*activep && *intptr == -1) { *intptr = value; options->control_persist_timeout = value2; } break; case oHashKnownHosts: intptr = &options->hash_known_hosts; goto parse_flag; case oTunnel: intptr = &options->tun_open; arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%s line %d: Missing yes/point-to-point/" "ethernet/no argument.", filename, linenum); value = 0; /* silence compiler */ if (strcasecmp(arg, "ethernet") == 0) value = SSH_TUNMODE_ETHERNET; else if (strcasecmp(arg, "point-to-point") == 0) value = SSH_TUNMODE_POINTOPOINT; else if (strcasecmp(arg, "yes") == 0) value = SSH_TUNMODE_DEFAULT; else if (strcasecmp(arg, "no") == 0) value = SSH_TUNMODE_NO; else fatal("%s line %d: Bad yes/point-to-point/ethernet/" "no argument: %s", filename, linenum, arg); if (*activep) *intptr = value; break; case oTunnelDevice: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing argument.", filename, linenum); value = a2tun(arg, &value2); if (value == SSH_TUNID_ERR) fatal("%.200s line %d: Bad tun device.", filename, linenum); if (*activep) { options->tun_local = value; options->tun_remote = value2; } break; case oLocalCommand: charptr = &options->local_command; goto parse_command; case oPermitLocalCommand: intptr = &options->permit_local_command; goto parse_flag; case oVisualHostKey: intptr = &options->visual_host_key; goto parse_flag; case oIPQoS: arg = strdelim(&s); if ((value = parse_ipqos(arg)) == -1) fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg); arg = strdelim(&s); if (arg == NULL) value2 = value; else if ((value2 = parse_ipqos(arg)) == -1) fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg); if (*activep) { options->ip_qos_interactive = value; options->ip_qos_bulk = value2; } break; case oUseRoaming: intptr = &options->use_roaming; goto parse_flag; case oRequestTTY: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%s line %d: missing argument.", filename, linenum); intptr = &options->request_tty; if (strcasecmp(arg, "yes") == 0) value = REQUEST_TTY_YES; else if (strcasecmp(arg, "no") == 0) value = REQUEST_TTY_NO; else if (strcasecmp(arg, "force") == 0) value = REQUEST_TTY_FORCE; else if (strcasecmp(arg, "auto") == 0) value = REQUEST_TTY_AUTO; else fatal("Unsupported RequestTTY \"%s\"", arg); if (*activep && *intptr == -1) *intptr = value; break; case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); return 0; case oUnsupported: error("%s line %d: Unsupported option \"%s\"", filename, linenum, keyword); return 0; default: fatal("process_config_line: Unimplemented opcode %d", opcode); } /* Check that there is no garbage at end of line. */ if ((arg = strdelim(&s)) != NULL && *arg != '\0') { fatal("%.200s line %d: garbage at end of line; \"%.200s\".", filename, linenum, arg); } return 0; }
size_t sinsp_filter_value_parser::string_to_rawval(const char* str, uint32_t len, uint8_t *storage, string::size_type max_len, ppm_param_type ptype) { size_t parsed_len; switch(ptype) { case PT_INT8: *(int8_t*)storage = sinsp_numparser::parsed8(str); parsed_len = sizeof(int8_t); break; case PT_INT16: *(int16_t*)storage = sinsp_numparser::parsed16(str); parsed_len = sizeof(int16_t); break; case PT_INT32: *(int32_t*)storage = sinsp_numparser::parsed32(str); parsed_len = sizeof(int32_t); break; case PT_INT64: case PT_FD: case PT_ERRNO: *(int64_t*)storage = sinsp_numparser::parsed64(str); parsed_len = sizeof(int64_t); break; case PT_L4PROTO: // This can be resolved in the future case PT_FLAGS8: case PT_UINT8: *(uint8_t*)storage = sinsp_numparser::parseu8(str); parsed_len = sizeof(int8_t); break; case PT_PORT: { string in(str); if(in.empty()) { *(uint16_t*)storage = 0; } else { // if the string is made only of numbers if(strspn(in.c_str(), "0123456789") == in.size()) { *(uint16_t*)storage = stoi(in); } else { struct servent* se = getservbyname(in.c_str(), NULL); if(se == NULL) { throw sinsp_exception("unrecognized protocol " + in); } else { *(uint16_t*)storage = ntohs(getservbyname(in.c_str(), NULL)->s_port); } } } parsed_len = sizeof(int16_t); break; } case PT_FLAGS16: case PT_UINT16: *(uint16_t*)storage = sinsp_numparser::parseu16(str); parsed_len = sizeof(uint16_t); break; case PT_FLAGS32: case PT_UINT32: *(uint32_t*)storage = sinsp_numparser::parseu32(str); parsed_len = sizeof(uint32_t); break; case PT_UINT64: *(uint64_t*)storage = sinsp_numparser::parseu64(str); parsed_len = sizeof(uint64_t); break; case PT_RELTIME: case PT_ABSTIME: *(uint64_t*)storage = sinsp_numparser::parseu64(str); parsed_len = sizeof(uint64_t); break; case PT_CHARBUF: case PT_SOCKADDR: case PT_SOCKFAMILY: { len = (uint32_t)strlen(str); if(len >= max_len) { throw sinsp_exception("filter parameter too long:" + string(str)); } memcpy(storage, str, len); *(uint8_t*)(&storage[len]) = 0; parsed_len = len; } break; case PT_BOOL: parsed_len = sizeof(uint32_t); if(string(str) == "true") { *(uint32_t*)storage = 1; } else if(string(str) == "false") { *(uint32_t*)storage = 0; } else { throw sinsp_exception("filter error: unrecognized boolean value " + string(str)); } break; case PT_IPADDR: if(memchr(str, '.', len) != NULL) { return string_to_rawval(str, len, storage, max_len, PT_IPV4ADDR); } else { return string_to_rawval(str, len, storage, max_len, PT_IPV6ADDR); } break; case PT_IPV4ADDR: if(inet_pton(AF_INET, str, storage) != 1) { throw sinsp_exception("unrecognized IPv4 address " + string(str)); } parsed_len = sizeof(struct in_addr); break; case PT_IPV6ADDR: case PT_IPV6NET: { ipv6addr *addr = (ipv6addr*) storage; if(inet_pton(AF_INET6, str, addr->m_b) != 1) { throw sinsp_exception("unrecognized IPv6 address " + string(str)); } parsed_len = sizeof(ipv6addr); break; } case PT_IPNET: if(memchr(str, '.', len) != NULL) { return string_to_rawval(str, len, storage, max_len, PT_IPV4NET); } else { return string_to_rawval(str, len, storage, max_len, PT_IPV6NET); } break; case PT_IPV4NET: { stringstream ss(str); string ip, mask; ipv4net* net = (ipv4net*)storage; if (strchr(str, '/') == NULL) { throw sinsp_exception("unrecognized IP network " + string(str)); } getline(ss, ip, '/'); getline(ss, mask); if(inet_pton(AF_INET, ip.c_str(), &net->m_ip) != 1) { throw sinsp_exception("unrecognized IP address " + string(str)); } uint32_t cidrlen = sinsp_numparser::parseu8(mask); if (cidrlen > 32) { throw sinsp_exception("invalid netmask " + mask); } uint32_t j; net->m_netmask = 0; for(j = 0; j < cidrlen; j++) { net->m_netmask |= 1<<(31-j); } net->m_netmask = htonl(net->m_netmask); parsed_len = sizeof(ipv4net); break; } default: ASSERT(false); throw sinsp_exception("wrong parameter type " + to_string((long long) ptype)); } return parsed_len; }
static const char *set_attr(const char *str) { const char *func; size_t len = strspn(str, "0123456789;"); func = str + len; switch (*func) { case 'm': do { long val = strtol(str, (char **)&str, 10); switch (val) { case 0: /* reset */ attr = plain_attr; negative = 0; break; case 1: /* bold */ attr |= FOREGROUND_INTENSITY; break; case 2: /* faint */ case 22: /* normal */ attr &= ~FOREGROUND_INTENSITY; break; case 3: /* italic */ /* Unsupported */ break; case 4: /* underline */ case 21: /* double underline */ /* Wikipedia says this flag does nothing */ /* Furthermore, mingw doesn't define this flag attr |= COMMON_LVB_UNDERSCORE; */ break; case 24: /* no underline */ /* attr &= ~COMMON_LVB_UNDERSCORE; */ break; case 5: /* slow blink */ case 6: /* fast blink */ /* We don't have blink, but we do have background intensity */ attr |= BACKGROUND_INTENSITY; break; case 25: /* no blink */ attr &= ~BACKGROUND_INTENSITY; break; case 7: /* negative */ negative = 1; break; case 27: /* positive */ negative = 0; break; case 8: /* conceal */ case 28: /* reveal */ /* Unsupported */ break; case 30: /* Black */ attr &= ~FOREGROUND_ALL; break; case 31: /* Red */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_RED; break; case 32: /* Green */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_GREEN; break; case 33: /* Yellow */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_RED | FOREGROUND_GREEN; break; case 34: /* Blue */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_BLUE; break; case 35: /* Magenta */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_RED | FOREGROUND_BLUE; break; case 36: /* Cyan */ attr &= ~FOREGROUND_ALL; attr |= FOREGROUND_GREEN | FOREGROUND_BLUE; break; case 37: /* White */ attr |= FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE; break; case 38: /* Unknown */ break; case 39: /* reset */ attr &= ~FOREGROUND_ALL; attr |= (plain_attr & FOREGROUND_ALL); break; case 40: /* Black */ attr &= ~BACKGROUND_ALL; break; case 41: /* Red */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_RED; break; case 42: /* Green */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_GREEN; break; case 43: /* Yellow */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_RED | BACKGROUND_GREEN; break; case 44: /* Blue */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_BLUE; break; case 45: /* Magenta */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_RED | BACKGROUND_BLUE; break; case 46: /* Cyan */ attr &= ~BACKGROUND_ALL; attr |= BACKGROUND_GREEN | BACKGROUND_BLUE; break; case 47: /* White */ attr |= BACKGROUND_RED | BACKGROUND_GREEN | BACKGROUND_BLUE; break; case 48: /* Unknown */ break; case 49: /* reset */ attr &= ~BACKGROUND_ALL; attr |= (plain_attr & BACKGROUND_ALL); break; default: /* Unsupported code */ break; } str++; } while (*(str - 1) == ';'); set_console_attr(); break; case 'K': erase_in_line(); break; default: /* Unsupported code */ break; } return func + 1; }
int main(int argc, char **argv) { char server[STRING_SIZE]; char port[STRING_SIZE]; char opt_port[STRING_SIZE]; char user[STRING_SIZE]; char opt_user[STRING_SIZE]; char password[STRING_SIZE]; char opt_password[STRING_SIZE]; char from[STRING_SIZE]; char to[STRING_SIZE]; char hostname[STRING_SIZE]; char domainname[STRING_SIZE]; char subject[STRING_SIZE]; char subject_prefix[STRING_SIZE]; char message[STRING_SIZE]; char attachment[STRING_SIZE]; char *opt_subject = NULL; char *opt_messagefile = NULL; char *opt_attachment = NULL; char date[STRING_SIZE]; NODEKV *kv = NULL; NODEKV *main_kv = NULL; int rc; time_t curtime; struct tm *loctime; static struct option long_options[] = { { "subject", required_argument, 0, 's'}, { "messagefile", required_argument, 0, 'm'}, { "delete", no_argument, 0, 'd'}, { "attachment", required_argument, 0, 'a'}, { "verbose", no_argument, 0, 'v'}, { "help", no_argument, 0, 'h'}, {0, 0, 0, 0} }; int c; int option_index = 0; if (!(initsetuid())) exit(1); while ((c = getopt_long(argc, argv, "s:m:da:vh", long_options, &option_index)) != -1) { switch (c) { case 0: break; case 's': verbose_printf(3, "Option s ... \n"); flag_subject = 1; /* check a valid subject */ int len = 0; len = strlen(optarg); if (len > STRING_SIZE - 1) { fprintf(stdout, "Subject too long: %s\n", optarg); exit(EMAIL_ERR_SUBJECT); } if (strspn(optarg, LETTERS_NUMBERS "-_:.+, ") != len) { fprintf(stdout, "Invalid character in subject (%s)\n", optarg); exit(EMAIL_ERR_SUBJECT); } opt_subject = strdup(optarg); break; case 'm': verbose_printf(3, "Option m ... \n"); flag_messagefile = 1; opt_messagefile = strdup(optarg); break; case 'd': verbose_printf(3, "Option d ... \n"); flag_delete_messagefile = 1; break; case 'a': verbose_printf(3, "Option a ... \n"); flag_attachment = 1; opt_attachment = strdup(optarg); break; case 'v': /* verbose */ flag_verbose++; break; case 'h': usage(argv[0], EMAIL_SUCCESS); default: fprintf(stdout, "unknown option\n"); usage(argv[0], EMAIL_ERR_ANY); } } verbose_printf(1, "Reading email settings ... \n"); if (read_kv_from_file(&kv, "/var/ipcop/email/settings") != SUCCESS) { fprintf(stdout, "Cannot read email settings\n"); exit(EMAIL_ERR_ANY); } strcpy(server, ""); verbose_printf(2, "Reading EMAIL_SERVER ... \n"); if (find_kv_default(kv, "EMAIL_SERVER", server) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_SERVER\n"); exit(EMAIL_ERR_SERVER); } verbose_printf(2, "Validate EMAIL_SERVER ... \n"); if (!(strlen(server))) { fprintf(stdout, "Email server cannot be empty\n"); exit(EMAIL_ERR_SERVER); } else if (strchr(server, ' ')) { fprintf(stdout, "Email server cannot contain spaces\n"); exit(EMAIL_ERR_SERVER); } else if (strlen(server) != strspn(server, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-.")) { fprintf(stdout, "Email server contains non valid chars\n"); exit(EMAIL_ERR_SERVER); } strcpy(opt_port, ""); verbose_printf(2, "Reading EMAIL_SERVER_PORT ... \n"); if (find_kv_default(kv, "EMAIL_SERVER_PORT", opt_port) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_SERVER_PORT\n"); exit(EMAIL_ERR_PORT); } verbose_printf(2, "Validate EMAIL_SERVER_PORT ... \n"); if (strchr(opt_port, ' ')) { fprintf(stdout, "Email server port cannot contain spaces\n"); exit(EMAIL_ERR_PORT); } else if (strlen(opt_port) != strspn(opt_port, NUMBERS)) { fprintf(stdout, "Email server port contains non valid chars\n"); exit(EMAIL_ERR_PORT); } else if (strlen(opt_port)) { verbose_printf(2, "Use EMAIL_SERVER_PORT from settings... \n"); snprintf(port, STRING_SIZE, ":%s", opt_port); } else { verbose_printf(2, "No EMAIL_SERVER_PORT in settings... \n"); strcpy(port, ""); } strcpy(opt_user, ""); verbose_printf(2, "Reading EMAIL_USR ... \n"); if (find_kv_default(kv, "EMAIL_USR", opt_user) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_USR\n"); exit(EMAIL_ERR_USR); } verbose_printf(2, "Validate EMAIL_USR ... \n"); if (strchr(opt_user, ' ')) { fprintf(stdout, "Username cannot contain spaces\n"); exit(EMAIL_ERR_USR); } else if (strlen(opt_user) != strspn(opt_user, LETTERS_NUMBERS "-_.@")) { fprintf(stdout, "Username contains non valid chars\n"); exit(EMAIL_ERR_USR); } else if (strlen(opt_user)) { verbose_printf(2, "Use EMAIL_USR from settings... \n"); snprintf(user, STRING_SIZE, "-xu %s", opt_user); } else { verbose_printf(2, "No EMAIL_USR in settings... \n"); strcpy(user, ""); } strcpy(opt_password, ""); verbose_printf(2, "Reading EMAIL_PW ... \n"); if (find_kv_default(kv, "EMAIL_PW", opt_password) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_PW\n"); exit(EMAIL_ERR_PW); } verbose_printf(2, "Validate EMAIL_PW ... \n"); if (strchr(opt_password, ' ')) { fprintf(stdout, "Password cannot contain spaces\n"); exit(EMAIL_ERR_PW); } else if (strchr(opt_password, '"') || strstr(opt_password, "'")) { fprintf(stdout, "Password cannot contain single or double quotes\n"); exit(EMAIL_ERR_PW); } else if (strlen(opt_password)) { verbose_printf(2, "Use EMAIL_PW from settings... \n"); snprintf(password, STRING_SIZE, "-xp %s", opt_password); } else { verbose_printf(2, "No EMAIL_PW in settings... \n"); strcpy(password, ""); } strcpy(from, ""); verbose_printf(2, "Reading EMAIL_FROM ... \n"); if (find_kv_default(kv, "EMAIL_FROM", from) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_FROM\n"); exit(EMAIL_ERR_FROM); } verbose_printf(2, "Validate EMAIL_FROM ... \n"); if (!(strlen(from))) { fprintf(stdout, "From email cannot be empty\n"); exit(EMAIL_ERR_FROM); } else if (strchr(from, ' ')) { fprintf(stdout, "From email cannot contain spaces\n"); exit(EMAIL_ERR_FROM); } else if (strlen(from) != strspn(from, LETTERS_NUMBERS "-_.@=+#")) { fprintf(stdout, "From email contains non valid chars\n"); exit(EMAIL_ERR_FROM); } strcpy(to, ""); verbose_printf(2, "Reading EMAIL_TO ... \n"); if (find_kv_default(kv, "EMAIL_TO", to) != SUCCESS) { fprintf(stdout, "Cannot read EMAIL_TO\n"); exit(EMAIL_ERR_TO); } verbose_printf(2, "Validate EMAIL_TO ... \n"); if (!(strlen(to))) { fprintf(stdout, "To email cannot be empty\n"); exit(EMAIL_ERR_TO); } else if (strlen(to) != strspn(to, LETTERS_NUMBERS "-_.@=+# ")) { fprintf(stdout, "To email contains non valid chars\n"); exit(EMAIL_ERR_TO); } verbose_printf(1, "Reading main settings ... \n"); if (read_kv_from_file(&main_kv, "/var/ipcop/main/settings") != SUCCESS) { fprintf(stdout, "Cannot read main settings\n"); exit(EMAIL_ERR_ANY); } strcpy(hostname, ""); verbose_printf(2, "Reading HOSTNAME ... \n"); if (find_kv_default(main_kv, "HOSTNAME", hostname) != SUCCESS) { fprintf(stdout, "Cannot read HOSTNAME\n"); exit(EMAIL_ERR_HOSTNAME); } strcpy(domainname, ""); verbose_printf(2, "Reading DOMAINNAME ... \n"); if (find_kv_default(main_kv, "DOMAINNAME", domainname) != SUCCESS) { fprintf(stdout, "Cannot read DOMAINNAME\n"); exit(EMAIL_ERR_DOMAINNAME); } snprintf(subject_prefix, STRING_SIZE, "[IPCop] %s.%s:", hostname, domainname); if (flag_subject) { verbose_printf(1, "Have subject: %s \n", opt_subject); snprintf(subject, STRING_SIZE, "-u \"%s %s\"", subject_prefix, opt_subject); } else { verbose_printf(2, "No subject... \n"); snprintf(subject, STRING_SIZE, "-u \"%s\"", subject_prefix); } if (flag_messagefile) { if (access(opt_messagefile, 0) == -1) { verbose_printf(2, "Messagefile is not available \n"); exit(EMAIL_ERR_MESSAGE); } else { verbose_printf(1, "Use messagefile: %s \n", opt_messagefile); snprintf(message, STRING_SIZE, "-o message-file=%s", tmpEmailFile); verbose_printf(2, "Replace placeholders in messagefile\n"); curtime = time (NULL); loctime = localtime (&curtime); strftime (date, STRING_SIZE, "%Y-%m-%d, %H:%M", loctime); snprintf(sed, STRING_SIZE_LARGE, "/bin/sed -e 's/__HOSTNAME__/%s.%s/;s/__CURRENT_DATE__/%s/;' %s > %s", hostname, domainname, date, opt_messagefile, tmpEmailFile); verbose_printf(2, "sed: %s\n", sed); rc = safe_system(sed); if (rc) { fprintf(stdout, "Couldn't replace placeholders in messagefile: %d\n", rc); exit(EMAIL_ERR_SED); } } } else { verbose_printf(2, "No message... \n"); strcpy(message, "-m \" \""); } if (flag_attachment) { if (access(opt_attachment, 0) == -1) { verbose_printf(2, "Attachment is not available \n"); exit(EMAIL_ERR_ATTACH); } else { verbose_printf(1, "Use attachment: %s \n", opt_attachment); snprintf(attachment, STRING_SIZE, "-a %s", opt_attachment); } } else { verbose_printf(2, "No attachment... \n"); strcpy(attachment, ""); } snprintf(command, STRING_SIZE_LARGE, "/usr/bin/sendEmail -s %s%s %s %s -f %s -t %s %s %s %s -o message-charset=utf-8", server, port, user, password, from, to, subject, message, attachment); verbose_printf(2, "Command: %s\n", command); rc = safe_system(command); if (rc) { fprintf(stdout, "Couldn't send Email, sendEmail exitcode: %d\n", rc); exit(EMAIL_ERR_SENDEMAIL); } unlink(tmpEmailFile); if (flag_messagefile && flag_delete_messagefile) { verbose_printf(1, "Delete messagefile: %s \n", opt_messagefile); unlink(opt_messagefile); } return EMAIL_SUCCESS; }
/* * -- parse_timestr() * * This function parse the time string of a query. The string is made of * two parts representing the two extreme of the time window. They two * parts are separated by a colon (:). * Valid formats for the start and end times are as follows: * * . 0, to indicate the time the query is received; * . @[cc[yy[mm[dd[hhmmss]]]]], to indicate an exact time; * . [+|-][[^0-9]d][[^0-9]h][[^0-9]m][[^0-9]s], to indicate an offset * from the time the query is received. * */ static uint32_t parse_timestr(char * str, timestamp_t * base) { struct tm timeinfo; time_t ts; char * wh; size_t len; int adding; assert(str != NULL); assert(base != NULL); ts = TS2SEC(*base); gmtime_r(&ts, &timeinfo); /* look if this is a start or end */ wh = index(str, ':'); len = (wh == NULL)? strlen(str) : (size_t) (wh - str); adding = 0; switch (str[0]) { case '@': /* absolute timestamp */ for (str++, len--; len > 0; str += 2, len -= 2) { char val[3] = {0}; /* get two digits */ bcopy(str, val, 2); if (len == 14) /* century */ timeinfo.tm_year = (atoi(val) * 100) - 1900; else if (len == 12) /* year */ timeinfo.tm_year = atoi(val) + 100*(timeinfo.tm_year/100); else if (len == 10) /* month */ timeinfo.tm_mon = atoi(val) - 1; else if (len == 8) /* day */ timeinfo.tm_mday = atoi(val); else if (len == 6) /* hour */ timeinfo.tm_hour = atoi(val); else if (len == 4) /* minute */ timeinfo.tm_min = atoi(val); else if (len == 2) /* second */ timeinfo.tm_sec = atoi(val); else /* error */ break; } if (len > 0) { logmsg(LOGWARN, "time %s incorrect, using current time\n", str); return TS2SEC(*base); } ts = timegm(&timeinfo); *base = TIME2TS(ts, 0); break; case '+': /* relative timestamp (after current time) */ adding = 2; /* pass thru */ case '-': /* relative timestamp (before current time) */ adding--; /* skip first character */ str++; len--; /* check for one letter (in [dhms]) at a time */ while (len > 0) { int x; int val; val = atoi(str); x = strspn(str, "1234567890"); str += x; len -= x; if (str[0] == 'd') /* day */ timeinfo.tm_mday += adding*val; else if (str[0] == 'h') /* hour */ timeinfo.tm_hour += adding*val; else if (str[0] == 'm') /* minute */ timeinfo.tm_min += adding*val; else if (str[0] == 's') /* seconds */ timeinfo.tm_sec += adding*val; else /* error */ break; /* skip letter */ str++; len--; } if (len > 0) { logmsg(LOGWARN, "time %s incorrect, using current time\n", str); return (uint32_t) timegm(&timeinfo); } ts = timegm(&timeinfo); break; default: /* nothing set, use current time */ break; } return (uint32_t) ts; }
static int cmd_dr_run( chain_t *chain, char *params[] ) { int dir = 1; tap_register *r; if (cmd_params( params ) < 1 || cmd_params( params ) > 2) return -1; if (!cmd_test_cable( chain )) return 1; if (!chain->parts) { printf( _("Run \"detect\" first.\n") ); return 1; } if (chain->active_part >= chain->parts->len) { printf( _("%s: no active part\n"), "dr" ); return 1; } if (chain->parts->parts[chain->active_part]->active_instruction == NULL) { printf( _("%s: part without active instruction\n"), "dr" ); return 1; } if (chain->parts->parts[chain->active_part]->active_instruction->data_register == NULL) { printf( _("%s: part without active data register\n"), "dr" ); return 1; } if (params[1]) { if (strcasecmp( params[1], "in" ) == 0) dir = 0; else if (strcasecmp( params[1], "out" ) == 0) dir = 1; else { unsigned int bit; if (strspn(params[1], "01") != strlen(params[1])) { return -1; } r = chain->parts->parts[chain->active_part]->active_instruction->data_register->in; if (r->len != strlen(params[1])) { printf( _("%s: register length mismatch\n"), "dr" ); return 1; } for (bit = 0; params[1][bit]; bit++) { r->data[r->len - 1 - bit] = (params[1][bit] == '1'); } dir = 0; } } if (dir) r = chain->parts->parts[chain->active_part]->active_instruction->data_register->out; else r = chain->parts->parts[chain->active_part]->active_instruction->data_register->in; printf( _("%s\n"), register_get_string( r ) ); return 1; }
int MAIN(int argc, char **argv) { int ret=1,i; const char **pp; int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0; ENGINE *e; STACK *engines = sk_new_null(); STACK *pre_cmds = sk_new_null(); STACK *post_cmds = sk_new_null(); int badops=1; BIO *bio_out=NULL; const char *indent = " "; apps_startup(); SSL_load_error_strings(); if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); if (!load_config(bio_err, NULL)) goto end; bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); #ifdef OPENSSL_SYS_VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); bio_out = BIO_push(tmpbio, bio_out); } #endif argc--; argv++; while (argc >= 1) { if (strncmp(*argv,"-v",2) == 0) { if(strspn(*argv + 1, "v") < strlen(*argv + 1)) goto skip_arg_loop; if((verbose=strlen(*argv + 1)) > 4) goto skip_arg_loop; } else if (strcmp(*argv,"-c") == 0) list_cap=1; else if (strncmp(*argv,"-t",2) == 0) { test_avail=1; if(strspn(*argv + 1, "t") < strlen(*argv + 1)) goto skip_arg_loop; if((test_avail_noise = strlen(*argv + 1) - 1) > 1) goto skip_arg_loop; } else if (strcmp(*argv,"-pre") == 0) { argc--; argv++; if (argc == 0) goto skip_arg_loop; sk_push(pre_cmds,*argv); } else if (strcmp(*argv,"-post") == 0) { argc--; argv++; if (argc == 0) goto skip_arg_loop; sk_push(post_cmds,*argv); } else if ((strncmp(*argv,"-h",2) == 0) || (strcmp(*argv,"-?") == 0)) goto skip_arg_loop; else sk_push(engines,*argv); argc--; argv++; } /* Looks like everything went OK */ badops = 0; skip_arg_loop: if (badops) { for (pp=engine_usage; (*pp != NULL); pp++) BIO_printf(bio_err,"%s",*pp); goto end; } if (sk_num(engines) == 0) { for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) { sk_push(engines,(char *)ENGINE_get_id(e)); } } for (i=0; i<sk_num(engines); i++) { const char *id = sk_value(engines,i); if ((e = ENGINE_by_id(id)) != NULL) { const char *name = ENGINE_get_name(e); /* Do "id" first, then "name". Easier to auto-parse. */ BIO_printf(bio_out, "(%s) %s\n", id, name); util_do_cmds(e, pre_cmds, bio_out, indent); if (strcmp(ENGINE_get_id(e), id) != 0) { BIO_printf(bio_out, "Loaded: (%s) %s\n", ENGINE_get_id(e), ENGINE_get_name(e)); } if (list_cap) { int cap_size = 256; char *cap_buf = NULL; int k,n; const int *nids; ENGINE_CIPHERS_PTR fn_c; ENGINE_DIGESTS_PTR fn_d; if (ENGINE_get_RSA(e) != NULL && !append_buf(&cap_buf, "RSA", &cap_size, 256)) goto end; if (ENGINE_get_DSA(e) != NULL && !append_buf(&cap_buf, "DSA", &cap_size, 256)) goto end; if (ENGINE_get_DH(e) != NULL && !append_buf(&cap_buf, "DH", &cap_size, 256)) goto end; if (ENGINE_get_RAND(e) != NULL && !append_buf(&cap_buf, "RAND", &cap_size, 256)) goto end; fn_c = ENGINE_get_ciphers(e); if(!fn_c) goto skip_ciphers; n = fn_c(e, NULL, &nids, 0); for(k=0 ; k < n ; ++k) if(!append_buf(&cap_buf, OBJ_nid2sn(nids[k]), &cap_size, 256)) goto end; skip_ciphers: fn_d = ENGINE_get_digests(e); if(!fn_d) goto skip_digests; n = fn_d(e, NULL, &nids, 0); for(k=0 ; k < n ; ++k) if(!append_buf(&cap_buf, OBJ_nid2sn(nids[k]), &cap_size, 256)) goto end; skip_digests: if (cap_buf && (*cap_buf != '\0')) BIO_printf(bio_out, " [%s]\n", cap_buf); OPENSSL_free(cap_buf); } if(test_avail) { BIO_printf(bio_out, "%s", indent); if (ENGINE_init(e)) { BIO_printf(bio_out, "[ available ]\n"); util_do_cmds(e, post_cmds, bio_out, indent); ENGINE_finish(e); } else { BIO_printf(bio_out, "[ unavailable ]\n"); if(test_avail_noise) ERR_print_errors_fp(stdout); ERR_clear_error(); } } if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent)) goto end; ENGINE_free(e); } else ERR_print_errors(bio_err); } ret=0; end: ERR_print_errors(bio_err); sk_pop_free(engines, identity); sk_pop_free(pre_cmds, identity); sk_pop_free(post_cmds, identity); if (bio_out != NULL) BIO_free_all(bio_out); apps_shutdown(); OPENSSL_EXIT(ret); }
static void write_cf(void) { char tmp[0x100], rv[0x40]; struct conf_item *ci = NULL; char *lp, *cp; int add, i; char *cfname = get_confname(); int cfld = ll_create(); FILE *fd = fopen(cfname, "w"); if (fd == NULL) err_sys("failed to open configuration file '%s'", cfname); for (ll_reset(conf_items); (ci = ll_getall(conf_items)); ) { if (ci->type != t_sep && ci->type != t_func && (!ci->dep || (ci->dep && *ci->dep))) { switch (ci->type) { case t_int: sprintf(rv, "%d", *ci->v.i); break; case t_list: if (!argv_count(ci->list)) continue; sprintf(rv, "%s", ci->list[*ci->v.i]); str_tolower(rv); break; case t_sep: case t_func: break; } add = 1; for (i = 0; i < ll_size(cfld); i++) { lp = ll_get(cfld, i); cp = lp += strspn(lp, " "); if (!strncasecmp(cp, ci->cfname, strcspn(cp, " =")) && strlen(ci->cfname) == strcspn(cp, " =")) { add = 0; cp += strcspn(cp, "=") + 1; cp += strspn(cp, " "); strncpy(tmp, cp, strcspn(cp, " #\n")); if (strcasecmp(tmp, rv)) { strncpy(tmp, lp, strcspn(lp, " =")); tmp[strcspn(lp, " =")] = '\0'; strcat(tmp, " = "); strcat(tmp, rv); strcat(tmp, "\n"); ll_replace(cfld, i, "s", tmp); } } } if (add) { strcpy(tmp, ci->cfname); strcat(tmp, " = "); strcat(tmp, rv); strcat(tmp, "\n"); ll_push(cfld, "s", tmp); } } } for (ll_reset(cfld); (lp = ll_getall(cfld)); ) fputs(lp, fd); fclose(fd); ll_destroy(cfld); free(cfname); }
gfarm_error_t add_line(char *line, int lineno) { gfarm_error_t e; long port, ncpu, flags; int len, nhostaliases; char *s, *hostname, *architecture; char *hostaliases[MAX_HOSTALIASES + 1]; /* parse architecture */ line += strspn(line, space); /* skip space */ len = strcspn(line, space); if (len == 0 || line[len] == '\0') return (invalid_input(lineno)); line[len] = '\0'; architecture = line; line += len + 1; s = validate_architecture(architecture); if (s != NULL) { fprintf(stderr, "line %d: invalid character '%c' in architecture \"%s\"\n", lineno, *s, architecture); return (GFARM_ERR_INVALID_ARGUMENT); } e = parse_string_long(&line, lineno, "ncpu", &ncpu); if (e != GFARM_ERR_NO_ERROR) return (e); /* parse hostname */ line += strspn(line, space); /* skip space */ len = strcspn(line, space); if (len == 0) return (invalid_input(lineno)); hostname = line; if (line[len] == '\0') { line += len; } else { line[len] = '\0'; line += len + 1; } s = validate_hostname(hostname); if (s != NULL) { fprintf(stderr, "line %d: invalid character '%c' in hostname \"%s\"\n", lineno, *s, hostname); return (GFARM_ERR_INVALID_ARGUMENT); } e = parse_string_long(&line, lineno, "port", &port); if (e != GFARM_ERR_NO_ERROR) return (e); e = parse_string_long(&line, lineno, "flags", &flags); if (e != GFARM_ERR_NO_ERROR) return (e); /* parse hostaliases */ for (nhostaliases = 0;; nhostaliases++) { line += strspn(line, space); /* skip space */ if (*line == '\0') break; len = strcspn(line, space); /* assert(len > 0); */ if (nhostaliases >= MAX_HOSTALIASES) { fprintf(stderr, "line %d: " "number of hostaliases exceeds %d\n", lineno, nhostaliases); return (GFARM_ERR_INVALID_ARGUMENT); } hostaliases[nhostaliases] = line; if (line[len] == '\0') { line += len; } else { line[len] = '\0'; line += len + 1; } s = validate_hostname(hostaliases[nhostaliases]); if (s != NULL) { fprintf(stderr, "line %d: " "invalid character '%c' in hostalias \"%s\"\n", lineno, *s, hostaliases[nhostaliases]); return (GFARM_ERR_INVALID_ARGUMENT); } } hostaliases[nhostaliases] = NULL; e = add_host(hostname, port, hostaliases, architecture, ncpu, flags); if (e != GFARM_ERR_NO_ERROR) fprintf(stderr, "line %d: %s\n", lineno, gfarm_error_string(e)); return (e); }
static av_cold int concat_open(URLContext *h, const char *uri, int flags) { char *node_uri = NULL; int err = 0; int64_t size; size_t len, i; URLContext *uc; struct concat_data *data = h->priv_data; struct concat_nodes *nodes; av_strstart(uri, "concat:", &uri); for (i = 0, len = 1; uri[i]; i++) { if (uri[i] == *AV_CAT_SEPARATOR) { /* integer overflow */ if (++len == UINT_MAX / sizeof(*nodes)) { av_freep(&h->priv_data); return AVERROR(ENAMETOOLONG); } } } if (!(nodes = av_realloc(NULL, sizeof(*nodes) * len))) return AVERROR(ENOMEM); else data->nodes = nodes; /* handle input */ if (!*uri) err = AVERROR(ENOENT); for (i = 0; *uri; i++) { /* parsing uri */ len = strcspn(uri, AV_CAT_SEPARATOR); if ((err = av_reallocp(&node_uri, len + 1)) < 0) break; av_strlcpy(node_uri, uri, len + 1); uri += len + strspn(uri + len, AV_CAT_SEPARATOR); /* creating URLContext */ if ((err = ffurl_open(&uc, node_uri, flags, &h->interrupt_callback, NULL)) < 0) break; /* creating size */ if ((size = ffurl_size(uc)) < 0) { ffurl_close(uc); err = AVERROR(ENOSYS); break; } /* assembling */ nodes[i].uc = uc; nodes[i].size = size; } av_free(node_uri); data->length = i; if (err < 0) concat_close(h); else if ((err = av_reallocp(&nodes, data->length * sizeof(*nodes))) < 0) concat_close(h); else data->nodes = nodes; return err; }
int main(int argc, char *argv[]) { FILE *in = stdin; FILE *out = stdout; FILE *sig = NULL; char signature_name[MAXPATHLEN]; char output_name[MAXPATHLEN] = "(stdout)"; char input_name[MAXPATHLEN] = "(stdin)"; int correlation_only = 0; int c, i; int corr1 = 0, match1 = 0; int corr2 = 0, match2 = 0; int verbose = 0; char line[1024]; progname = argv[0]; while ((c = getopt(argc, argv, "h?Co:s:v:")) != EOF) { switch (c) { case 'h': case '?': usage(); break; case 'C': correlation_only = 1; break; case 'o': if ((out = fopen(optarg, "w")) == NULL) { fprintf(stderr, "%s: unable to open output file %s\n", progname, optarg); exit(1); } strcpy(output_name, optarg); break; case 's': if ((sig = fopen(optarg, "r")) == NULL) { fprintf(stderr, "%s: unable to open signature file %s\n", progname, optarg); exit(1); } strcpy(signature_name, optarg); break; case 'v': verbose = atoi(optarg); if (verbose < 0) { fprintf(stderr, "%s: verbosity level %d out of range\n", progname, verbose); exit(1); } break; } } argc -= optind; argv += optind; if (argc > 1) { usage(); exit(1); } if (argc == 1 && *argv[0] != '-') { if ((in = fopen(argv[0], "r")) == NULL) { fprintf(stderr, "%s: unable to open input file %s\n", progname, argv[0]); exit(1); } else strcpy(input_name, argv[0]); } if (sig) { fgets(line, sizeof(line), sig); if (strspn(line, "FR2SG") >= 5) { fscanf(sig, "%d\n", &nbit_signature); fscanf(sig, "%*f\n"); fscanf(sig, "%*f\n"); fscanf(sig, "%*d\n"); n_signature = NBITSTOBYTES(nbit_signature); fread(signature, sizeof(char), n_signature, sig); fscanf(sig, "\n"); } else { fprintf(stderr, "%s: invalid signature file %s\n", progname, signature_name); exit(1); } fclose(sig); } else { fprintf(stderr, "%s: original signature file not specified, use -s file option\n", progname); exit(1); } fgets(line, sizeof(line), in); if (strspn(line, "FR2WM") >= 5) { fscanf(in, "%d\n", &nbit_signature1); n_signature1 = NBITSTOBYTES(nbit_signature1); fread(signature1, sizeof(char), n_signature1, in); // fscanf(in, "\n"); fscanf(in, "%d\n", &nbit_signature2); n_signature2 = NBITSTOBYTES(nbit_signature2); fread(signature2, sizeof(char), n_signature2, in); fscanf(in, "\n"); } else { fprintf(stderr, "%s: invalid watermark file %s\n", progname, input_name); exit(1); } if (verbose > 0) { fprintf(stderr, "signature length: %d\n", nbit_signature); fprintf(stderr, "watermark length (low. freq.): %d\n", nbit_signature1); fprintf(stderr, "watermark length (med. freq.): %d\n", nbit_signature2); } for (i = 0; i < nbit_signature; i++) { if (get_signature_bit(i) == get_signature1_bit(i)) corr1++, match1++; else corr1--; if (get_signature_bit(i) == get_signature2_bit(i)) corr2++, match2++; else corr2--; } if (correlation_only) fprintf(out, "%lf\n", (double) (corr1 + corr2) / (nbit_signature1 + nbit_signature2)); else { fprintf(out, "bit matches (low freq.): %d/%d\n", match1, nbit_signature1); fprintf(out, "correlation (low. freq.): %lf\n", (double) corr1 / nbit_signature1); fprintf(out, "bit matches (med. freq.): %d/%d\n", match2, nbit_signature2); fprintf(out, "correlation (med. freq.): %lf\n", (double) corr2 / nbit_signature2); fprintf(out, "total correlation: %lf\n", (double) (corr1 + corr2) / (nbit_signature1 + nbit_signature2)); } exit(0); }
/* * Append the given string to the shell command being built in the buffer, * with shell-style quoting as needed to create exactly one argument. * * Forbid LF or CR characters, which have scant practical use beyond designing * security breaches. The Windows command shell is unusable as a conduit for * arguments containing LF or CR characters. A future major release should * reject those characters in CREATE ROLE and CREATE DATABASE, because use * there eventually leads to errors here. */ void appendShellString(PQExpBuffer buf, const char *str) { #ifdef WIN32 int backslash_run_length = 0; #endif const char *p; /* * Don't bother with adding quotes if the string is nonempty and clearly * contains only safe characters. */ if (*str != '\0' && strspn(str, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_./:") == strlen(str)) { appendPQExpBufferStr(buf, str); return; } #ifndef WIN32 appendPQExpBufferChar(buf, '\''); for (p = str; *p; p++) { if (*p == '\n' || *p == '\r') { fprintf(stderr, _("shell command argument contains a newline or carriage return: \"%s\"\n"), str); exit(EXIT_FAILURE); } if (*p == '\'') appendPQExpBufferStr(buf, "'\"'\"'"); else appendPQExpBufferChar(buf, *p); } appendPQExpBufferChar(buf, '\''); #else /* WIN32 */ /* * A Windows system() argument experiences two layers of interpretation. * First, cmd.exe interprets the string. Its behavior is undocumented, * but a caret escapes any byte except LF or CR that would otherwise have * special meaning. Handling of a caret before LF or CR differs between * "cmd.exe /c" and other modes, and it is unusable here. * * Second, the new process parses its command line to construct argv (see * https://msdn.microsoft.com/en-us/library/17w5ykft.aspx). This treats * backslash-double quote sequences specially. */ appendPQExpBufferStr(buf, "^\""); for (p = str; *p; p++) { if (*p == '\n' || *p == '\r') { fprintf(stderr, _("shell command argument contains a newline or carriage return: \"%s\"\n"), str); exit(EXIT_FAILURE); } /* Change N backslashes before a double quote to 2N+1 backslashes. */ if (*p == '"') { while (backslash_run_length) { appendPQExpBufferStr(buf, "^\\"); backslash_run_length--; } appendPQExpBufferStr(buf, "^\\"); } else if (*p == '\\') backslash_run_length++; else backslash_run_length = 0; /* * Decline to caret-escape the most mundane characters, to ease * debugging and lest we approach the command length limit. */ if (!((*p >= 'a' && *p <= 'z') || (*p >= 'A' && *p <= 'Z') || (*p >= '0' && *p <= '9'))) appendPQExpBufferChar(buf, '^'); appendPQExpBufferChar(buf, *p); } /* * Change N backslashes at end of argument to 2N backslashes, because they * precede the double quote that terminates the argument. */ while (backslash_run_length) { appendPQExpBufferStr(buf, "^\\"); backslash_run_length--; } appendPQExpBufferStr(buf, "^\""); #endif /* WIN32 */ }
/* * This implements a very limited PEM header parser that does not support the * full grammar of rfc1421. In particular, folded headers are not supported, * nor is additional whitespace. * * A robust implementation would make use of a library that turns the headers * into a BIO from which one folded line is read at a time, and is then split * into a header label and content. We would then parse the content of the * headers we care about. This is overkill for just this limited use-case, but * presumably we also parse rfc822-style headers for S/MIME, so a common * abstraction might well be more generally useful. */ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) { static const char ProcType[] = "Proc-Type:"; static const char ENCRYPTED[] = "ENCRYPTED"; static const char DEKInfo[] = "DEK-Info:"; const EVP_CIPHER *enc = NULL; int ivlen; char *dekinfostart, c; cipher->cipher = NULL; if ((header == NULL) || (*header == '\0') || (*header == '\n')) return 1; if (strncmp(header, ProcType, sizeof(ProcType)-1) != 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); return 0; } header += sizeof(ProcType)-1; header += strspn(header, " \t"); if (*header++ != '4' || *header++ != ',') return 0; header += strspn(header, " \t"); /* We expect "ENCRYPTED" followed by optional white-space + line break */ if (strncmp(header, ENCRYPTED, sizeof(ENCRYPTED)-1) != 0 || strspn(header+sizeof(ENCRYPTED)-1, " \t\r\n") == 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); return 0; } header += sizeof(ENCRYPTED)-1; header += strspn(header, " \t\r"); if (*header++ != '\n') { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); return 0; } /*- * https://tools.ietf.org/html/rfc1421#section-4.6.1.3 * We expect "DEK-Info: algo[,hex-parameters]" */ if (strncmp(header, DEKInfo, sizeof(DEKInfo)-1) != 0) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); return 0; } header += sizeof(DEKInfo)-1; header += strspn(header, " \t"); /* * DEK-INFO is a comma-separated combination of algorithm name and optional * parameters. */ dekinfostart = header; header += strcspn(header, " \t,"); c = *header; *header = '\0'; cipher->cipher = enc = EVP_get_cipherbyname(dekinfostart); *header = c; header += strspn(header, " \t"); if (enc == NULL) { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION); return 0; } ivlen = EVP_CIPHER_iv_length(enc); if (ivlen > 0 && *header++ != ',') { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_MISSING_DEK_IV); return 0; } else if (ivlen == 0 && *header == ',') { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNEXPECTED_DEK_IV); return 0; } if (!load_iv(&header, cipher->iv, EVP_CIPHER_iv_length(enc))) return 0; return 1; }