static void
parse_debug_list (const gchar * list)
{
gchar **split;
gchar **walk;
g_assert (list);
split = g_strsplit (list, ",", 0);
for (walk = split; *walk; walk++) {
if (strchr (*walk, ':')) {
gchar **values = g_strsplit (*walk, ":", 2);
if (values[0] && values[1]) {
gint level;
const gchar *category;
if (parse_debug_category (values[0], &category)
&& parse_debug_level (values[1], &level))
gst_debug_set_threshold_for_name (category, level);
}
g_strfreev (values);
} else {
gint level;
if (parse_debug_level (*walk, &level))
gst_debug_set_default_threshold (level);
}
}
g_strfreev (split);
}
static char *global_options(CMD cmd, char *opt, char *arg) {
if(cmd==CMD_DEFAULT || cmd==CMD_HELP) {
log_raw("Global options");
}
/* CApath */
switch(cmd) {
case CMD_INIT:
#if 0
options.ca_dir=(char *)X509_get_default_cert_dir();
#endif
options.ca_dir=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "CApath"))
break;
if(arg[0]) /* not empty */
options.ca_dir=stralloc(arg);
else
options.ca_dir=NULL;
return NULL; /* OK */
case CMD_DEFAULT:
#if 0
log_raw("%-15s = %s", "CApath",
options.ca_dir ? options.ca_dir : "(none)");
#endif
break;
case CMD_HELP:
log_raw("%-15s = CA certificate directory for 'verify' option",
"CApath");
break;
}
/* CAfile */
switch(cmd) {
case CMD_INIT:
#if 0
options.ca_file=(char *)X509_get_default_certfile();
#endif
options.ca_file=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "CAfile"))
break;
if(arg[0]) /* not empty */
options.ca_file=stralloc(arg);
else
options.ca_file=NULL;
return NULL; /* OK */
case CMD_DEFAULT:
#if 0
log_raw("%-15s = %s", "CAfile",
options.ca_file ? options.ca_file : "(none)");
#endif
break;
case CMD_HELP:
log_raw("%-15s = CA certificate file for 'verify' option",
"CAfile");
break;
}
/* cert */
switch(cmd) {
case CMD_INIT:
#ifdef CONFDIR
options.cert=CONFDIR "/stunnel.pem";
#else
options.cert="stunnel.pem";
#endif
break;
case CMD_EXEC:
if(strcasecmp(opt, "cert"))
break;
options.cert=stralloc(arg);
options.option.cert=1;
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %s", "cert", options.cert);
break;
case CMD_HELP:
log_raw("%-15s = certificate chain", "cert");
break;
}
/* chroot */
#ifdef HAVE_CHROOT
switch(cmd) {
case CMD_INIT:
options.chroot_dir=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "chroot"))
break;
options.chroot_dir=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = directory to chroot stunnel process", "chroot");
break;
}
#endif /* HAVE_CHROOT */
/* ciphers */
switch(cmd) {
case CMD_INIT:
options.cipher_list=SSL_DEFAULT_CIPHER_LIST;
break;
case CMD_EXEC:
if(strcasecmp(opt, "ciphers"))
break;
options.cipher_list=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %s", "ciphers", SSL_DEFAULT_CIPHER_LIST);
break;
case CMD_HELP:
log_raw("%-15s = list of permitted SSL ciphers", "ciphers");
break;
}
/* client */
switch(cmd) {
case CMD_INIT:
options.option.client=0;
break;
case CMD_EXEC:
if(strcasecmp(opt, "client"))
break;
if(!strcasecmp(arg, "yes"))
options.option.client=1;
else if(!strcasecmp(arg, "no"))
options.option.client=0;
else
return "argument should be either 'yes' or 'no'";
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = yes|no client mode (remote service uses SSL)",
"client");
break;
}
/* CRLpath */
switch(cmd) {
case CMD_INIT:
options.crl_dir=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "CRLpath"))
break;
if(arg[0]) /* not empty */
options.crl_dir=stralloc(arg);
else
options.crl_dir=NULL;
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = CRL directory", "CRLpath");
break;
}
/* CRLfile */
switch(cmd) {
case CMD_INIT:
options.crl_file=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "CRLfile"))
break;
if(arg[0]) /* not empty */
options.crl_file=stralloc(arg);
else
options.crl_file=NULL;
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = CRL file", "CRLfile");
break;
}
/* debug */
switch(cmd) {
case CMD_INIT:
options.debug_level=5;
#if !defined (USE_WIN32) && !defined (__vms)
options.facility=LOG_DAEMON;
#endif
break;
case CMD_EXEC:
if(strcasecmp(opt, "debug"))
break;
if(!parse_debug_level(arg))
return "Illegal debug argument";
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %d", "debug", options.debug_level);
break;
case CMD_HELP:
log_raw("%-15s = [facility].level (e.g. daemon.info)", "debug");
break;
}
/* EGD is only supported when compiled with OpenSSL 0.9.5a or later */
#if SSLEAY_VERSION_NUMBER >= 0x0090581fL
switch(cmd) {
case CMD_INIT:
options.egd_sock=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "EGD"))
break;
options.egd_sock=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
#ifdef EGD_SOCKET
log_raw("%-15s = %s", "EGD", EGD_SOCKET);
#endif
break;
case CMD_HELP:
log_raw("%-15s = path to Entropy Gathering Daemon socket", "EGD");
break;
}
#endif /* OpenSSL 0.9.5a */
/* foreground */
#ifndef USE_WIN32
switch(cmd) {
case CMD_INIT:
options.option.syslog=0;
options.option.foreground=0;
break;
case CMD_EXEC:
if(strcasecmp(opt, "foreground"))
break;
if(!strcasecmp(arg, "yes"))
options.option.foreground=1;
else if(!strcasecmp(arg, "no"))
options.option.foreground=0;
else
return "argument should be either 'yes' or 'no'";
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = yes|no foreground mode (don't fork, log to stderr)",
"foreground");
break;
}
#endif
/* key */
switch(cmd) {
case CMD_INIT:
options.key=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "key"))
break;
options.key=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %s", "key", options.cert); /* set in stunnel.c */
break;
case CMD_HELP:
log_raw("%-15s = certificate private key", "key");
break;
}
/* options */
switch(cmd) {
case CMD_INIT:
options.ssl_options=0;
break;
case CMD_EXEC:
if(strcasecmp(opt, "options"))
break;
if(!parse_ssl_option(arg))
return "Illegal SSL option";
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = SSL option", "options");
log_raw("%18sset an SSL option", "");
break;
}
/* output */
switch(cmd) {
case CMD_INIT:
options.output_file=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "output"))
break;
options.output_file=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = file to append log messages", "output");
break;
}
/* pid */
#ifndef USE_WIN32
switch(cmd) {
case CMD_INIT:
options.pidfile=PIDFILE;
break;
case CMD_EXEC:
if(strcasecmp(opt, "pid"))
break;
if(arg[0]) /* is argument not empty? */
options.pidfile=stralloc(arg);
else
options.pidfile=NULL; /* empty -> do not create a pid file */
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %s", "pid", PIDFILE);
break;
case CMD_HELP:
log_raw("%-15s = pid file (empty to disable creating)", "pid");
break;
}
#endif
/* RNDbytes */
switch(cmd) {
case CMD_INIT:
options.random_bytes=RANDOM_BYTES;
break;
case CMD_EXEC:
if(strcasecmp(opt, "RNDbytes"))
break;
options.random_bytes=atoi(arg);
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %d", "RNDbytes", RANDOM_BYTES);
break;
case CMD_HELP:
log_raw("%-15s = bytes to read from random seed files", "RNDbytes");
break;
}
/* RNDfile */
switch(cmd) {
case CMD_INIT:
options.rand_file=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "RNDfile"))
break;
options.rand_file=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
#ifdef RANDOM_FILE
log_raw("%-15s = %s", "RNDfile", RANDOM_FILE);
#endif
break;
case CMD_HELP:
log_raw("%-15s = path to file with random seed data", "RNDfile");
break;
}
/* RNDoverwrite */
switch(cmd) {
case CMD_INIT:
options.option.rand_write=1;
break;
case CMD_EXEC:
if(strcasecmp(opt, "RNDoverwrite"))
break;
if(!strcasecmp(arg, "yes"))
options.option.rand_write=1;
else if(!strcasecmp(arg, "no"))
options.option.rand_write=0;
else
return "argument should be either 'yes' or 'no'";
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = yes", "RNDoverwrite");
break;
case CMD_HELP:
log_raw("%-15s = yes|no overwrite seed datafiles with new random data",
"RNDoverwrite");
break;
}
/* service */
switch(cmd) {
case CMD_INIT:
local_options.servname=stralloc("stunnel");
#ifdef USE_WIN32
options.win32_service="stunnel";
options.win32_name="stunnel " VERSION " on Win32";
#endif
break;
case CMD_EXEC:
if(strcasecmp(opt, "service"))
break;
local_options.servname=stralloc(arg);
#ifdef USE_WIN32
options.win32_service=stralloc(arg);
{
char tmpstr[STRLEN];
safecopy(tmpstr, "stunnel " VERSION " on Win32 (");
safeconcat(tmpstr, arg);
safeconcat(tmpstr, ")");
options.win32_name=stralloc(tmpstr);
}
#endif
return NULL; /* OK */
case CMD_DEFAULT:
#ifdef USE_WIN32
log_raw("%-15s = %s", "service", options.win32_service);
#endif
break;
case CMD_HELP:
log_raw("%-15s = service name", "service");
break;
}
/* session */
switch(cmd) {
case CMD_INIT:
options.session_timeout=300;
break;
case CMD_EXEC:
if(strcasecmp(opt, "session"))
break;
if(atoi(arg)>0)
options.session_timeout=atoi(arg);
else
return "Illegal session timeout";
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = %ld seconds", "session", options.session_timeout);
break;
case CMD_HELP:
log_raw("%-15s = session cache timeout (in seconds)", "session");
break;
}
#ifndef USE_WIN32
/* setgid */
switch(cmd) {
case CMD_INIT:
options.setgid_group=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "setgid"))
break;
options.setgid_group=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = groupname for setgid()", "setgid");
break;
}
#endif
#ifndef USE_WIN32
/* setuid */
switch(cmd) {
case CMD_INIT:
options.setuid_user=NULL;
break;
case CMD_EXEC:
if(strcasecmp(opt, "setuid"))
break;
options.setuid_user=stralloc(arg);
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = username for setuid()", "setuid");
break;
}
#endif
/* socket */
switch(cmd) {
case CMD_INIT:
break;
case CMD_EXEC:
if(strcasecmp(opt, "socket"))
break;
if(!parse_socket_option(arg))
return "Illegal socket option";
return NULL; /* OK */
case CMD_DEFAULT:
break;
case CMD_HELP:
log_raw("%-15s = a|l|r:option=value[:value]", "socket");
log_raw("%18sset an option on accept/local/remote socket", "");
break;
}
/* taskbar */
#ifdef USE_WIN32
switch(cmd) {
case CMD_INIT:
options.option.taskbar=1;
break;
case CMD_EXEC:
if(strcasecmp(opt, "taskbar"))
break;
if(!strcasecmp(arg, "yes"))
options.option.taskbar=1;
else if(!strcasecmp(arg, "no"))
options.option.taskbar=0;
else
return "argument should be either 'yes' or 'no'";
return NULL; /* OK */
case CMD_DEFAULT:
log_raw("%-15s = yes", "taskbar");
break;
case CMD_HELP:
log_raw("%-15s = yes|no enable the taskbar icon", "taskbar");
break;
}
#endif
/* verify */
switch(cmd) {
case CMD_INIT:
options.verify_level=-1;
options.verify_use_only_my=0;
break;
case CMD_EXEC:
if(strcasecmp(opt, "verify"))
break;
options.verify_level=SSL_VERIFY_NONE;
switch(atoi(arg)) {
case 3:
options.verify_use_only_my=1;
case 2:
options.verify_level|=SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
case 1:
options.verify_level|=SSL_VERIFY_PEER;
case 0:
return NULL; /* OK */
default:
return "Bad verify level";
}
case CMD_DEFAULT:
log_raw("%-15s = none", "verify");
break;
case CMD_HELP:
log_raw("%-15s = level of peer certificate verification", "verify");
log_raw("%18slevel 1 - verify peer certificate if present", "");
log_raw("%18slevel 2 - require valid peer certificate always", "");
log_raw("%18slevel 3 - verify peer with locally installed certificate",
"");
break;
}
if(cmd==CMD_EXEC)
return option_not_found;
return NULL; /* OK */
}
