/* Loads a list of allowed hostnames and ports from file. Format is hostname:port*/
void load_rules()
{
char *ahost=NULL;
int aport=0;
char line[100 + 1] = "";
FILE *file = NULL;
rule *rule_obj = NULL;
int valid_rules = 0;
file = fopen(rules_file, "r");
if (file == NULL) {
log_printf(L_WARNING, "Could not open rules file (%s)\n", rules_file);
return;
}
while (fgets(line, sizeof(line), file)) {
/* allow comments & white lines */
if (line[0]=='#'||line[0]=='\n') {
continue;
}
if (parse_pipe_port_forward(line, &ahost, &aport) >= 0) {
if (aport > 0 && aport < 65535) {
rule_obj = (rule *)calloc(sizeof(rule), 1);
if(!rule_obj)
{
log_printf(L_ERROR, "Could not allocate memory for rule");
exit(1);
}
rule_obj->port = aport;
rule_obj->host = strdup(ahost);
LL_APPEND(rules, rule_obj);
valid_rules++;
} else {
log_printf(L_WARNING, "Invalid port in line: %s\n", line);
}
} else {
log_printf(L_WARNING, "Could not parse line: %s\n", line);
}
}
fclose(file);
/* save valid rules in global variable */
nrules = valid_rules;
log_printf(L_INFO, "Loaded %d rules\n", nrules);
if (nrules==0 && rules_policy != NONE){
log_printf(L_WARNING, "No rules loaded! NO CONNECTIONS WILL BE ALLOWED!\n");
}
}
int main(int argc, char *argv[])
{
unsigned char tox_id[TOX_ADDRESS_SIZE];
unsigned char tox_printable_id[TOX_ADDRESS_SIZE * 2 + 1];
TOX_ERR_NEW tox_new_err;
int oc;
size_t save_size = 0;
uint8_t *save_data = NULL;
allowed_toxid *allowed_toxid_obj = NULL;
log_init();
while ((oc = getopt(argc, argv, "L:pi:C:s:P:dqhSF:DU:")) != -1)
{
switch(oc)
{
case 'L':
/* Local port forwarding */
client_mode = 1;
client_local_port_mode = 1;
if(parse_local_port_forward(optarg, &local_port, &remote_host, &remote_port) < 0)
{
log_printf(L_ERROR, "Invalid value for -L option - use something like -L 22:127.0.0.1:22\n");
exit(1);
}
if(min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
log_printf(L_DEBUG, "Forwarding remote port %d to local port %d\n", remote_port, local_port);
break;
case 'P':
/* Pipe forwarding */
client_mode = 1;
client_pipe_mode = 1;
if(parse_pipe_port_forward(optarg, &remote_host, &remote_port) < 0)
{
log_printf(L_ERROR, "Invalid value for -P option - use something like -P 127.0.0.1:22\n");
exit(1);
}
if(min_log_level == L_UNSET)
{
min_log_level = L_ERROR;
}
log_printf(L_INFO, "Forwarding remote port %d to stdin/out\n", remote_port);
break;
case 'p':
/* Ping */
client_mode = 1;
ping_mode = 1;
if(min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
break;
case 'i':
/* Tox ID */
server_whitelist_mode = 1;
log_printf(L_DEBUG, "Server whitelist mode enabled");
allowed_toxid_obj = (allowed_toxid *)calloc(sizeof(allowed_toxid), 1);
if(!allowed_toxid_obj)
{
log_printf(L_ERROR, "Could not allocate memory for allowed_toxid");
exit(1);
}
remote_tox_id = optarg;
if(!string_to_id(allowed_toxid_obj->toxid, optarg))
{
log_printf(L_ERROR, "Invalid Tox ID");
exit(1);
}
LL_APPEND(allowed_toxids, allowed_toxid_obj);
break;
case 'C':
/* Config directory */
strncpy(config_path, optarg, sizeof(config_path) - 1);
if(optarg[strlen(optarg) - 1] != '/')
{
int optarg_len = strlen(optarg);
config_path[optarg_len] = '/';
config_path[optarg_len + 1] = '\0';
}
load_saved_toxid_in_client_mode = 1;
break;
case 's':
/* Shared secret */
use_shared_secret = 1;
memset(shared_secret, 0, TOX_MAX_FRIEND_REQUEST_LENGTH);
strncpy(shared_secret, optarg, TOX_MAX_FRIEND_REQUEST_LENGTH-1);
break;
case 'd':
min_log_level = L_DEBUG;
break;
case 'q':
min_log_level = L_ERROR;
break;
case 'S':
use_syslog = 1;
break;
case 'D':
daemonize = 1;
use_syslog = 1;
break;
case 'F':
pidfile = optarg;
break;
case 'U':
daemon_username = optarg;
break;
case '?':
case 'h':
default:
print_version();
help();
exit(1);
}
}
if(!client_mode && min_log_level == L_UNSET)
{
min_log_level = L_INFO;
}
if(!client_mode && server_whitelist_mode)
{
log_printf(L_INFO, "Server in ToxID whitelisting mode - only clients listed with -i can connect");
}
if(daemonize)
{
do_daemonize();
}
atexit(cleanup);
print_version();
/* Bootstrap tox */
tox_options_default(&tox_options);
if((!client_mode) || load_saved_toxid_in_client_mode)
{
uint8_t *save_data = NULL;
save_size = load_save(&save_data);
if(save_data && save_size)
{
tox_options.savedata_type = TOX_SAVEDATA_TYPE_TOX_SAVE;
tox_options.savedata_data = save_data;
tox_options.savedata_length = save_size;
}
}
tox = tox_new(&tox_options, &tox_new_err);
if(tox == NULL)
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying without proxy\n", tox_new_err);
if((tox_options.proxy_type != TOX_PROXY_TYPE_NONE) || (tox_options.proxy_type = TOX_PROXY_TYPE_NONE, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying without IPv6\n", tox_new_err);
if(!tox_options.ipv6_enabled || (tox_options.ipv6_enabled = 0, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_DEBUG, "tox_new() failed (%u) - trying with Tor\n", tox_new_err);
if((tox_options.proxy_type = TOX_PROXY_TYPE_SOCKS5, tox_options.proxy_host="127.0.0.1", tox_options.proxy_port=9050, (tox = tox_new(&tox_options, &tox_new_err)) == NULL))
{
log_printf(L_ERROR, "tox_new() failed (%u) - exiting\n", tox_new_err);
exit(1);
}
}
}
}
if(save_size && save_data)
{
free(save_data);
}
set_tox_username(tox);
tox_callback_self_connection_status(tox, handle_connection_status_change, NULL);
do_bootstrap(tox);
if(client_mode)
{
tox_self_get_address(tox, tox_id);
id_to_string(tox_printable_id, tox_id);
tox_printable_id[TOX_ADDRESS_SIZE * 2] = '\0';
log_printf(L_DEBUG, "Generated Tox ID: %s\n", tox_printable_id);
if(!remote_tox_id)
{
log_printf(L_ERROR, "Tox id is required in client mode. Use -i 58435984ABCDEF475...\n");
exit(1);
}
do_client_loop(remote_tox_id);
}
else
{
write_save(tox);
if(!use_shared_secret)
{
log_printf(L_WARNING, "Shared secret authentication is not used - skilled attackers may connect to your tuntox server");
}
tox_self_get_address(tox, tox_id);
memset(tox_printable_id, '\0', sizeof(tox_printable_id));
id_to_string(tox_printable_id, tox_id);
tox_printable_id[TOX_ADDRESS_SIZE * 2] = '\0';
log_printf(L_INFO, "Using Tox ID: %s\n", tox_printable_id);
tox_callback_friend_request(tox, accept_friend_request, NULL);
do_server_loop();
}
return 0;
}
