/** * @short Returns the current flags. */ Flags flags() { return onion_flags(ptr); }
int main(int argc, char **argv){ char *port="8080"; char *serverip="::"; const char *command="/bin/bash"; const char *certificatefile="/etc/pki/tls/certs/pound.pem"; const char *keyfile="/etc/pki/tls/certs/pound.key"; int error; int i; int ssl=1; #ifdef HAVE_PAM int use_pam=1; #endif for (i=1;i<argc;i++){ if (strcmp(argv[i],"--help")==0){ show_help(); exit(0); } else if(strcmp(argv[i],"-p")==0 || strcmp(argv[i],"--port")==0){ if (i+1>argc){ ONION_ERROR("Need to set the port number."); show_help(); exit(1); } port=argv[++i]; fprintf(stderr, "Using port %s\n",port); } else if(strcmp(argv[i],"-i")==0 || strcmp(argv[i],"--ip")==0){ if (i+1>argc){ ONION_ERROR("Need to set the ip address or hostname."); show_help(); exit(1); } serverip=argv[++i]; fprintf(stderr, "Using ip %s\n",serverip); } else if(strcmp(argv[i],"-c")==0 || strcmp(argv[i],"--cert")==0){ if (i+1>argc){ ONION_ERROR("Need to set the certificate filename"); show_help(); exit(1); } certificatefile=argv[++i]; ONION_INFO("Using certificate %s",certificatefile); } else if(strcmp(argv[i],"-k")==0 || strcmp(argv[i],"--key")==0){ if (i+1>argc){ ONION_ERROR("Need to set the certificate key filename."); show_help(); exit(1); } keyfile=argv[++i]; ONION_INFO("Using certificate key %s",keyfile); } else if(strcmp(argv[i],"-x")==0 || strcmp(argv[i],"--exec")==0){ if (i+1>argc){ ONION_ERROR("Need the command to execute."); show_help(); exit(1); } command=argv[++i]; ONION_INFO("New terminal execute the command %s",command); } else if(strcmp(argv[i],"--no-ssl")==0){ ssl=0; ONION_INFO("Disabling SSL!"); } #ifdef HAVE_PAM else if(strcmp(argv[i],"--no-pam")==0){ use_pam=0; ONION_INFO("Disabling PAM!"); } #endif } o=onion_new(O_POOL|O_SYSTEMD); // I prepare the url handler, with static, uuid and term. Also added the empty rule that redirects to static/index.html onion_url *url=onion_url_new(); onion_handler *term_handler=oterm_handler(o,command); #ifdef HAVE_PAM if (use_pam){ onion_url_add_handler(url, "^term/", onion_handler_auth_pam("Onion Terminal", "login", term_handler)); } else #endif { onion_url_add_with_data(url, "^term/", oterm_nopam, term_handler, NULL); } onion_url_add_with_data(url, "^uuid/", oterm_uuid, onion_handler_get_private_data(term_handler), NULL); #ifdef __DEBUG__ if (getenv("OTERM_DEBUG")) onion_url_add_handler(url, "^static/", onion_handler_export_local_new("static")); else #endif { onion_url_add(url, "^static/", opack_static); } onion_url_add_with_data(url, "", onion_shortcut_internal_redirect, "static/index.html", NULL); srand(time(NULL)); onion_set_root_handler(o, onion_url_to_handler(url)); if (!(onion_flags(o)&O_SSL_AVAILABLE)){ ONION_WARNING("SSL support is not available. Oterm is in unsecure mode!"); } else if (ssl){ // Not necesary the else, as onion_use_certificate would just return an error. But then it will exit. error=onion_set_certificate(o, O_SSL_CERTIFICATE_KEY, certificatefile, keyfile); if (error){ ONION_ERROR("Cant set certificate and key files (%s, %s)",certificatefile, keyfile); show_help(); exit(1); } } onion_set_port(o, port); onion_set_hostname(o, serverip); onion_set_timeout(o,5000); signal(SIGINT, free_onion); signal(SIGPIPE, SIG_IGN); fprintf(stderr, "Listening at %s\n",port); error=onion_listen(o); if (error){ ONION_ERROR("Cant create the server: %s", strerror(errno)); } onion_free(o); return 0; }