/**
* @short Returns the current flags.
*/
Flags flags() {
return onion_flags(ptr);
}
int main(int argc, char **argv){
char *port="8080";
char *serverip="::";
const char *command="/bin/bash";
const char *certificatefile="/etc/pki/tls/certs/pound.pem";
const char *keyfile="/etc/pki/tls/certs/pound.key";
int error;
int i;
int ssl=1;
#ifdef HAVE_PAM
int use_pam=1;
#endif
for (i=1;i<argc;i++){
if (strcmp(argv[i],"--help")==0){
show_help();
exit(0);
}
else if(strcmp(argv[i],"-p")==0 || strcmp(argv[i],"--port")==0){
if (i+1>argc){
ONION_ERROR("Need to set the port number.");
show_help();
exit(1);
}
port=argv[++i];
fprintf(stderr, "Using port %s\n",port);
}
else if(strcmp(argv[i],"-i")==0 || strcmp(argv[i],"--ip")==0){
if (i+1>argc){
ONION_ERROR("Need to set the ip address or hostname.");
show_help();
exit(1);
}
serverip=argv[++i];
fprintf(stderr, "Using ip %s\n",serverip);
}
else if(strcmp(argv[i],"-c")==0 || strcmp(argv[i],"--cert")==0){
if (i+1>argc){
ONION_ERROR("Need to set the certificate filename");
show_help();
exit(1);
}
certificatefile=argv[++i];
ONION_INFO("Using certificate %s",certificatefile);
}
else if(strcmp(argv[i],"-k")==0 || strcmp(argv[i],"--key")==0){
if (i+1>argc){
ONION_ERROR("Need to set the certificate key filename.");
show_help();
exit(1);
}
keyfile=argv[++i];
ONION_INFO("Using certificate key %s",keyfile);
}
else if(strcmp(argv[i],"-x")==0 || strcmp(argv[i],"--exec")==0){
if (i+1>argc){
ONION_ERROR("Need the command to execute.");
show_help();
exit(1);
}
command=argv[++i];
ONION_INFO("New terminal execute the command %s",command);
}
else if(strcmp(argv[i],"--no-ssl")==0){
ssl=0;
ONION_INFO("Disabling SSL!");
}
#ifdef HAVE_PAM
else if(strcmp(argv[i],"--no-pam")==0){
use_pam=0;
ONION_INFO("Disabling PAM!");
}
#endif
}
o=onion_new(O_POOL|O_SYSTEMD);
// I prepare the url handler, with static, uuid and term. Also added the empty rule that redirects to static/index.html
onion_url *url=onion_url_new();
onion_handler *term_handler=oterm_handler(o,command);
#ifdef HAVE_PAM
if (use_pam){
onion_url_add_handler(url, "^term/", onion_handler_auth_pam("Onion Terminal", "login", term_handler));
}
else
#endif
{
onion_url_add_with_data(url, "^term/", oterm_nopam, term_handler, NULL);
}
onion_url_add_with_data(url, "^uuid/", oterm_uuid, onion_handler_get_private_data(term_handler), NULL);
#ifdef __DEBUG__
if (getenv("OTERM_DEBUG"))
onion_url_add_handler(url, "^static/", onion_handler_export_local_new("static"));
else
#endif
{
onion_url_add(url, "^static/", opack_static);
}
onion_url_add_with_data(url, "", onion_shortcut_internal_redirect, "static/index.html", NULL);
srand(time(NULL));
onion_set_root_handler(o, onion_url_to_handler(url));
if (!(onion_flags(o)&O_SSL_AVAILABLE)){
ONION_WARNING("SSL support is not available. Oterm is in unsecure mode!");
}
else if (ssl){ // Not necesary the else, as onion_use_certificate would just return an error. But then it will exit.
error=onion_set_certificate(o, O_SSL_CERTIFICATE_KEY, certificatefile, keyfile);
if (error){
ONION_ERROR("Cant set certificate and key files (%s, %s)",certificatefile, keyfile);
show_help();
exit(1);
}
}
onion_set_port(o, port);
onion_set_hostname(o, serverip);
onion_set_timeout(o,5000);
signal(SIGINT, free_onion);
signal(SIGPIPE, SIG_IGN);
fprintf(stderr, "Listening at %s\n",port);
error=onion_listen(o);
if (error){
ONION_ERROR("Cant create the server: %s", strerror(errno));
}
onion_free(o);
return 0;
}
