[openssh.git] / misc.c

/* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */
/*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "includes.h"

#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/param.h>

#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include <netinet/in.h>
#include <netinet/tcp.h>

#include <errno.h>
#include <fcntl.h>
#ifdef HAVE_PATHS_H
# include <paths.h>
#include <pwd.h>
#endif
#ifdef SSH_TUN_OPENBSD
#include <net/if.h>
#endif

#include "xmalloc.h"
#include "misc.h"
#include "log.h"
#include "ssh.h"

/* remove newline at end of string */
char *
chop(char *s)
{
	char *t = s;
	while (*t) {
		if (*t == '\n' || *t == '\r') {
			*t = '\0';
			return s;
		}
		t++;
	}
	return s;

}

/* set/unset filedescriptor to non-blocking */
int
set_nonblock(int fd)
{
	int val;

	val = fcntl(fd, F_GETFL, 0);
	if (val < 0) {
		error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
		return (-1);
	}
	if (val & O_NONBLOCK) {
		debug3("fd %d is O_NONBLOCK", fd);
		return (0);
	}
	debug2("fd %d setting O_NONBLOCK", fd);
	val |= O_NONBLOCK;
	if (fcntl(fd, F_SETFL, val) == -1) {
		debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
		    strerror(errno));
		return (-1);
	}
	return (0);
}

int
unset_nonblock(int fd)
{
	int val;

	val = fcntl(fd, F_GETFL, 0);
	if (val < 0) {
		error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
		return (-1);
	}
	if (!(val & O_NONBLOCK)) {
		debug3("fd %d is not O_NONBLOCK", fd);
		return (0);
	}
	debug("fd %d clearing O_NONBLOCK", fd);
	val &= ~O_NONBLOCK;
	if (fcntl(fd, F_SETFL, val) == -1) {
		debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
		    fd, strerror(errno));
		return (-1);
	}
	return (0);
}

/* disable nagle on socket */
void
set_nodelay(int fd)
{
	int opt;
	socklen_t optlen;

	optlen = sizeof opt;
	if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
		debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
		return;
	}
	if (opt == 1) {
		debug2("fd %d is TCP_NODELAY", fd);
		return;
	}
	opt = 1;
	debug2("fd %d setting TCP_NODELAY", fd);
	if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
		error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
}

/* Characters considered whitespace in strsep calls. */
#define WHITESPACE " \t\r\n"
#define QUOTE	"\""

/* return next token in configuration line */
char *
strdelim(char **s)
{
	char *old;
	int wspace = 0;

	if (*s == NULL)
		return NULL;

	old = *s;

	*s = strpbrk(*s, WHITESPACE QUOTE "=");
	if (*s == NULL)
		return (old);

	if (*s[0] == '\"') {
		memmove(*s, *s + 1, strlen(*s)); /* move nul too */
		/* Find matching quote */
		if ((*s = strpbrk(*s, QUOTE)) == NULL) {
			return (NULL);		/* no matching quote */
		} else {
			*s[0] = '\0';
			return (old);
		}
	}

	/* Allow only one '=' to be skipped */
	if (*s[0] == '=')
		wspace = 1;
	*s[0] = '\0';

	/* Skip any extra whitespace after first token */
	*s += strspn(*s + 1, WHITESPACE) + 1;
	if (*s[0] == '=' && !wspace)
		*s += strspn(*s + 1, WHITESPACE) + 1;

	return (old);
}

struct passwd *
pwcopy(struct passwd *pw)
{
	struct passwd *copy = xcalloc(1, sizeof(*copy));

	copy->pw_name = xstrdup(pw->pw_name);
	copy->pw_passwd = xstrdup(pw->pw_passwd);
	copy->pw_gecos = xstrdup(pw->pw_gecos);
	copy->pw_uid = pw->pw_uid;
	copy->pw_gid = pw->pw_gid;
#ifdef HAVE_PW_EXPIRE_IN_PASSWD
	copy->pw_expire = pw->pw_expire;
#endif
#ifdef HAVE_PW_CHANGE_IN_PASSWD
	copy->pw_change = pw->pw_change;
#endif
#ifdef HAVE_PW_CLASS_IN_PASSWD
	copy->pw_class = xstrdup(pw->pw_class);
#endif
	copy->pw_dir = xstrdup(pw->pw_dir);
	copy->pw_shell = xstrdup(pw->pw_shell);
	return copy;
}

/*
 * Convert ASCII string to TCP/IP port number.
 * Port must be >0 and <=65535.
 * Return 0 if invalid.
 */
int
a2port(const char *s)
{
	long port;
	char *endp;

	errno = 0;
	port = strtol(s, &endp, 0);
	if (s == endp || *endp != '\0' ||
	    (errno == ERANGE && (port == LONG_MIN || port == LONG_MAX)) ||
	    port <= 0 || port > 65535)
		return 0;

	return port;
}

int
a2tun(const char *s, int *remote)
{
	const char *errstr = NULL;
	char *sp, *ep;
	int tun;

	if (remote != NULL) {
		*remote = SSH_TUNID_ANY;
		sp = xstrdup(s);
		if ((ep = strchr(sp, ':')) == NULL) {
			xfree(sp);
			return (a2tun(s, NULL));
		}
		ep[0] = '\0'; ep++;
		*remote = a2tun(ep, NULL);
		tun = a2tun(sp, NULL);
		xfree(sp);
		return (*remote == SSH_TUNID_ERR ? *remote : tun);
	}

	if (strcasecmp(s, "any") == 0)
		return (SSH_TUNID_ANY);

	tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
	if (errstr != NULL)
		return (SSH_TUNID_ERR);

	return (tun);
}

#define SECONDS		1
#define MINUTES		(SECONDS * 60)
#define HOURS		(MINUTES * 60)
#define DAYS		(HOURS * 24)
#define WEEKS		(DAYS * 7)

/*
 * Convert a time string into seconds; format is
 * a sequence of:
 *      time[qualifier]
 *
 * Valid time qualifiers are:
 *      <none>  seconds
 *      s|S     seconds
 *      m|M     minutes
 *      h|H     hours
 *      d|D     days
 *      w|W     weeks
 *
 * Examples:
 *      90m     90 minutes
 *      1h30m   90 minutes
 *      2d      2 days
 *      1w      1 week
 *
 * Return -1 if time string is invalid.
 */
long
convtime(const char *s)
{
	long total, secs;
	const char *p;
	char *endp;

	errno = 0;
	total = 0;
	p = s;

	if (p == NULL || *p == '\0')
		return -1;

	while (*p) {
		secs = strtol(p, &endp, 10);
		if (p == endp ||
		    (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
		    secs < 0)
			return -1;

		switch (*endp++) {
		case '\0':
			endp--;
			break;
		case 's':
		case 'S':
			break;
		case 'm':
		case 'M':
			secs *= MINUTES;
			break;
		case 'h':
		case 'H':
			secs *= HOURS;
			break;
		case 'd':
		case 'D':
			secs *= DAYS;
			break;
		case 'w':
		case 'W':
			secs *= WEEKS;
			break;
		default:
			return -1;
		}
		total += secs;
		if (total < 0)
			return -1;
		p = endp;
	}

	return total;
}

/*
 * Returns a standardized host+port identifier string.
 * Caller must free returned string.
 */
char *
put_host_port(const char *host, u_short port)
{
	char *hoststr;

	if (port == 0 || port == SSH_DEFAULT_PORT)
		return(xstrdup(host));
	if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
		fatal("put_host_port: asprintf: %s", strerror(errno));
	debug3("put_host_port: %s", hoststr);
	return hoststr;
}

/*
 * Search for next delimiter between hostnames/addresses and ports.
 * Argument may be modified (for termination).
 * Returns *cp if parsing succeeds.
 * *cp is set to the start of the next delimiter, if one was found.
 * If this is the last field, *cp is set to NULL.
 */
char *
hpdelim(char **cp)
{
	char *s, *old;

	if (cp == NULL || *cp == NULL)
		return NULL;

	old = s = *cp;
	if (*s == '[') {
		if ((s = strchr(s, ']')) == NULL)
			return NULL;
		else
			s++;
	} else if ((s = strpbrk(s, ":/")) == NULL)
		s = *cp + strlen(*cp); /* skip to end (see first case below) */

	switch (*s) {
	case '\0':
		*cp = NULL;	/* no more fields*/
		break;

	case ':':
	case '/':
		*s = '\0';	/* terminate */
		*cp = s + 1;
		break;

	default:
		return NULL;
	}

	return old;
}

char *
cleanhostname(char *host)
{
	if (*host == '[' && host[strlen(host) - 1] == ']') {
		host[strlen(host) - 1] = '\0';
		return (host + 1);
	} else
		return host;
}

char *
colon(char *cp)
{
	int flag = 0;

	if (*cp == ':')		/* Leading colon is part of file name. */
		return (0);
	if (*cp == '[')
		flag = 1;

	for (; *cp; ++cp) {
		if (*cp == '@' && *(cp+1) == '[')
			flag = 1;
		if (*cp == ']' && *(cp+1) == ':' && flag)
			return (cp+1);
		if (*cp == ':' && !flag)
			return (cp);
		if (*cp == '/')
			return (0);
	}
	return (0);
}

/* function to assist building execv() arguments */
void
addargs(arglist *args, char *fmt, ...)
{
	va_list ap;
	char *cp;
	u_int nalloc;
	int r;

	va_start(ap, fmt);
	r = vasprintf(&cp, fmt, ap);
	va_end(ap);
	if (r == -1)
		fatal("addargs: argument too long");

	nalloc = args->nalloc;
	if (args->list == NULL) {
		nalloc = 32;
		args->num = 0;
	} else if (args->num+2 >= nalloc)
		nalloc *= 2;

	args->list = xrealloc(args->list, nalloc, sizeof(char *));
	args->nalloc = nalloc;
	args->list[args->num++] = cp;
	args->list[args->num] = NULL;
}

void
replacearg(arglist *args, u_int which, char *fmt, ...)
{
	va_list ap;
	char *cp;
	int r;

	va_start(ap, fmt);
	r = vasprintf(&cp, fmt, ap);
	va_end(ap);
	if (r == -1)
		fatal("replacearg: argument too long");

	if (which >= args->num)
		fatal("replacearg: tried to replace invalid arg %d >= %d",
		    which, args->num);
	xfree(args->list[which]);
	args->list[which] = cp;
}

void
freeargs(arglist *args)
{
	u_int i;

	if (args->list != NULL) {
		for (i = 0; i < args->num; i++)
			xfree(args->list[i]);
		xfree(args->list);
		args->nalloc = args->num = 0;
		args->list = NULL;
	}
}

/*
 * Expands tildes in the file name.  Returns data allocated by xmalloc.
 * Warning: this calls getpw*.
 */
char *
tilde_expand_filename(const char *filename, uid_t uid)
{
	const char *path;
	char user[128], ret[MAXPATHLEN];
	struct passwd *pw;
	u_int len, slash;

	if (*filename != '~')
		return (xstrdup(filename));
	filename++;

	path = strchr(filename, '/');
	if (path != NULL && path > filename) {		/* ~user/path */
		slash = path - filename;
		if (slash > sizeof(user) - 1)
			fatal("tilde_expand_filename: ~username too long");
		memcpy(user, filename, slash);
		user[slash] = '\0';
		if ((pw = getpwnam(user)) == NULL)
			fatal("tilde_expand_filename: No such user %s", user);
	} else if ((pw = getpwuid(uid)) == NULL)	/* ~/path */
		fatal("tilde_expand_filename: No such uid %d", uid);

	if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
		fatal("tilde_expand_filename: Path too long");

	/* Make sure directory has a trailing '/' */
	len = strlen(pw->pw_dir);
	if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
	    strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
		fatal("tilde_expand_filename: Path too long");

	/* Skip leading '/' from specified path */
	if (path != NULL)
		filename = path + 1;
	if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret))
		fatal("tilde_expand_filename: Path too long");

	return (xstrdup(ret));
}

/*
 * Expand a string with a set of %[char] escapes. A number of escapes may be
 * specified as (char *escape_chars, char *replacement) pairs. The list must
 * be terminated by a NULL escape_char. Returns replaced string in memory
 * allocated by xmalloc.
 */
char *
percent_expand(const char *string, ...)
{
#define EXPAND_MAX_KEYS	16
	struct {
		const char *key;
		const char *repl;
	} keys[EXPAND_MAX_KEYS];
	u_int num_keys, i, j;
	char buf[4096];
	va_list ap;

	/* Gather keys */
	va_start(ap, string);
	for (num_keys = 0; num_keys < EXPAND_MAX_KEYS; num_keys++) {
		keys[num_keys].key = va_arg(ap, char *);
		if (keys[num_keys].key == NULL)
			break;
		keys[num_keys].repl = va_arg(ap, char *);
		if (keys[num_keys].repl == NULL)
			fatal("percent_expand: NULL replacement");
	}
	va_end(ap);

	if (num_keys >= EXPAND_MAX_KEYS)
		fatal("percent_expand: too many keys");

	/* Expand string */
	*buf = '\0';
	for (i = 0; *string != '\0'; string++) {
		if (*string != '%') {
 append:
			buf[i++] = *string;
			if (i >= sizeof(buf))
				fatal("percent_expand: string too long");
			buf[i] = '\0';
			continue;
		}
		string++;
		if (*string == '%')
			goto append;
		for (j = 0; j < num_keys; j++) {
			if (strchr(keys[j].key, *string) != NULL) {
				i = strlcat(buf, keys[j].repl, sizeof(buf));
				if (i >= sizeof(buf))
					fatal("percent_expand: string too long");
				break;
			}
		}
		if (j >= num_keys)
			fatal("percent_expand: unknown key %%%c", *string);
	}
	return (xstrdup(buf));
#undef EXPAND_MAX_KEYS
}

/*
 * Read an entire line from a public key file into a static buffer, discarding
 * lines that exceed the buffer size.  Returns 0 on success, -1 on failure.
 */
int
read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
   u_long *lineno)
{
	while (fgets(buf, bufsz, f) != NULL) {
		(*lineno)++;
		if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
			return 0;
		} else {
			debug("%s: %s line %lu exceeds size limit", __func__,
			    filename, *lineno);
			/* discard remainder of line */
			while (fgetc(f) != '\n' && !feof(f))
				;	/* nothing */
		}
	}
	return -1;
}

int
tun_open(int tun, int mode)
{
#if defined(CUSTOM_SYS_TUN_OPEN)
	return (sys_tun_open(tun, mode));
#elif defined(SSH_TUN_OPENBSD)
	struct ifreq ifr;
	char name[100];
	int fd = -1, sock;

	/* Open the tunnel device */
	if (tun <= SSH_TUNID_MAX) {
		snprintf(name, sizeof(name), "/dev/tun%d", tun);
		fd = open(name, O_RDWR);
	} else if (tun == SSH_TUNID_ANY) {
		for (tun = 100; tun >= 0; tun--) {
			snprintf(name, sizeof(name), "/dev/tun%d", tun);
			if ((fd = open(name, O_RDWR)) >= 0)
				break;
		}
	} else {
		debug("%s: invalid tunnel %u", __func__, tun);
		return (-1);
	}

	if (fd < 0) {
		debug("%s: %s open failed: %s", __func__, name, strerror(errno));
		return (-1);
	}

	debug("%s: %s mode %d fd %d", __func__, name, mode, fd);

	/* Set the tunnel device operation mode */
	snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
	if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
		goto failed;

	if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
		goto failed;

	/* Set interface mode */
	ifr.ifr_flags &= ~IFF_UP;
	if (mode == SSH_TUNMODE_ETHERNET)
		ifr.ifr_flags |= IFF_LINK0;
	else
		ifr.ifr_flags &= ~IFF_LINK0;
	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
		goto failed;

	/* Bring interface up */
	ifr.ifr_flags |= IFF_UP;
	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
		goto failed;

	close(sock);
	return (fd);

 failed:
	if (fd >= 0)
		close(fd);
	if (sock >= 0)
		close(sock);
	debug("%s: failed to set %s mode %d: %s", __func__, name,
	    mode, strerror(errno));
	return (-1);
#else
	error("Tunnel interfaces are not supported on this platform");
	return (-1);
#endif
}

void
sanitise_stdfd(void)
{
	int nullfd, dupfd;

	if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
		fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
		exit(1);
	}
	while (++dupfd <= 2) {
		/* Only clobber closed fds */
		if (fcntl(dupfd, F_GETFL, 0) >= 0)
			continue;
		if (dup2(nullfd, dupfd) == -1) {
			fprintf(stderr, "dup2: %s", strerror(errno));
			exit(1);
		}
	}
	if (nullfd > 2)
		close(nullfd);
}

char *
tohex(const void *vp, size_t l)
{
	const u_char *p = (const u_char *)vp;
	char b[3], *r;
	size_t i, hl;

	if (l > 65536)
		return xstrdup("tohex: length > 65536");

	hl = l * 2 + 1;
	r = xcalloc(1, hl);
	for (i = 0; i < l; i++) {
		snprintf(b, sizeof(b), "%02x", p[i]);
		strlcat(r, b, hl);
	}
	return (r);
}

u_int64_t
get_u64(const void *vp)
{
	const u_char *p = (const u_char *)vp;
	u_int64_t v;

	v  = (u_int64_t)p[0] << 56;
	v |= (u_int64_t)p[1] << 48;
	v |= (u_int64_t)p[2] << 40;
	v |= (u_int64_t)p[3] << 32;
	v |= (u_int64_t)p[4] << 24;
	v |= (u_int64_t)p[5] << 16;
	v |= (u_int64_t)p[6] << 8;
	v |= (u_int64_t)p[7];

	return (v);
}

u_int32_t
get_u32(const void *vp)
{
	const u_char *p = (const u_char *)vp;
	u_int32_t v;

	v  = (u_int32_t)p[0] << 24;
	v |= (u_int32_t)p[1] << 16;
	v |= (u_int32_t)p[2] << 8;
	v |= (u_int32_t)p[3];

	return (v);
}

u_int16_t
get_u16(const void *vp)
{
	const u_char *p = (const u_char *)vp;
	u_int16_t v;

	v  = (u_int16_t)p[0] << 8;
	v |= (u_int16_t)p[1];

	return (v);
}

void
put_u64(void *vp, u_int64_t v)
{
	u_char *p = (u_char *)vp;

	p[0] = (u_char)(v >> 56) & 0xff;
	p[1] = (u_char)(v >> 48) & 0xff;
	p[2] = (u_char)(v >> 40) & 0xff;
	p[3] = (u_char)(v >> 32) & 0xff;
	p[4] = (u_char)(v >> 24) & 0xff;
	p[5] = (u_char)(v >> 16) & 0xff;
	p[6] = (u_char)(v >> 8) & 0xff;
	p[7] = (u_char)v & 0xff;
}

void
put_u32(void *vp, u_int32_t v)
{
	u_char *p = (u_char *)vp;

	p[0] = (u_char)(v >> 24) & 0xff;
	p[1] = (u_char)(v >> 16) & 0xff;
	p[2] = (u_char)(v >> 8) & 0xff;
	p[3] = (u_char)v & 0xff;
}


void
put_u16(void *vp, u_int16_t v)
{
	u_char *p = (u_char *)vp;

	p[0] = (u_char)(v >> 8) & 0xff;
	p[1] = (u_char)v & 0xff;
}
Commit	Line	Data
31652869	1	/* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */
bcbf86ec	2	/*
bcbf86ec	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
51e7a012	4	* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
bcbf86ec	5	*
	6	* Redistribution and use in source and binary forms, with or without
	7	* modification, are permitted provided that the following conditions
	8	* are met:
	9	* 1. Redistributions of source code must retain the above copyright
	10	* notice, this list of conditions and the following disclaimer.
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in the
	13	* documentation and/or other materials provided with the distribution.
	14	*
	15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	25	*/
	26
6d24277f	27	#include "includes.h"
bd7c69ea	28
b1842393	29	#include <sys/types.h>
31652869	30	#include <sys/ioctl.h>
9794d008	31	#include <sys/socket.h>
536c14e8	32	#include <sys/param.h>
9794d008	33
4c72fcfd	34	#include <stdarg.h>
cf851879	35	#include <stdio.h>
ffa517a8	36	#include <stdlib.h>
00146caa	37	#include <string.h>
5188ba17	38	#include <unistd.h>
4c72fcfd	39
9794d008	40	#include <netinet/in.h>
6425cf65	41	#include <netinet/tcp.h>
9794d008	42
028094f4	43	#include <errno.h>
d3221cca	44	#include <fcntl.h>
a75f5360	45	#ifdef HAVE_PATHS_H
6f61e0ec	46	# include <paths.h>
b1842393	47	#include <pwd.h>
a75f5360	48	#endif
1f1fbbd8	49	#ifdef SSH_TUN_OPENBSD
	50	#include <net/if.h>
	51	#endif
6d24277f	52
31652869	53	#include "xmalloc.h"
1aa00dcb	54	#include "misc.h"
42f11eb2	55	#include "log.h"
d4530052	56	#include "ssh.h"
6d24277f	57
255cabd9	58	/* remove newline at end of string */
6d24277f	59	char *
	60	chop(char *s)
	61	{
	62	char *t = s;
	63	while (*t) {
6aacefa7	64	if (t == '\n' \|\| t == '\r') {
6d24277f	65	*t = '\0';
	66	return s;
	67	}
	68	t++;
	69	}
	70	return s;
	71
	72	}
	73
255cabd9	74	/* set/unset filedescriptor to non-blocking */
170694d7	75	int
6d24277f	76	set_nonblock(int fd)
	77	{
	78	int val;
89aa792b	79
6d24277f	80	val = fcntl(fd, F_GETFL, 0);
	81	if (val < 0) {
	82	error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
170694d7	83	return (-1);
6d24277f	84	}
a22aff1f	85	if (val & O_NONBLOCK) {
170694d7	86	debug3("fd %d is O_NONBLOCK", fd);
170694d7	87	return (0);
a22aff1f	88	}
45c42d58	89	debug2("fd %d setting O_NONBLOCK", fd);
6d24277f	90	val \|= O_NONBLOCK;
170694d7	91	if (fcntl(fd, F_SETFL, val) == -1) {
	92	debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
	93	strerror(errno));
	94	return (-1);
	95	}
	96	return (0);
6d24277f	97	}
6d24277f	98
170694d7	99	int
89aa792b	100	unset_nonblock(int fd)
	101	{
	102	int val;
	103
	104	val = fcntl(fd, F_GETFL, 0);
	105	if (val < 0) {
	106	error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
170694d7	107	return (-1);
89aa792b	108	}
89aa792b	109	if (!(val & O_NONBLOCK)) {
170694d7	110	debug3("fd %d is not O_NONBLOCK", fd);
170694d7	111	return (0);
89aa792b	112	}
e04e7a19	113	debug("fd %d clearing O_NONBLOCK", fd);
89aa792b	114	val &= ~O_NONBLOCK;
170694d7	115	if (fcntl(fd, F_SETFL, val) == -1) {
170694d7	116	debug("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
c92ec40b	117	fd, strerror(errno));
170694d7	118	return (-1);
	119	}
	120	return (0);
89aa792b	121	}
89aa792b	122
bcc0381e	123	/* disable nagle on socket */
	124	void
	125	set_nodelay(int fd)
	126	{
3c05447a	127	int opt;
3c05447a	128	socklen_t optlen;
bcc0381e	129
811a6342	130	optlen = sizeof opt;
811a6342	131	if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
f7fb35fe	132	debug("getsockopt TCP_NODELAY: %.100s", strerror(errno));
811a6342	133	return;
	134	}
	135	if (opt == 1) {
	136	debug2("fd %d is TCP_NODELAY", fd);
	137	return;
	138	}
	139	opt = 1;
6226a8f8	140	debug2("fd %d setting TCP_NODELAY", fd);
811a6342	141	if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
bcc0381e	142	error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
	143	}
	144
6d24277f	145	/* Characters considered whitespace in strsep calls. */
6d24277f	146	#define WHITESPACE " \t\r\n"
533b9133	147	#define QUOTE "\""
6d24277f	148
255cabd9	149	/* return next token in configuration line */
6d24277f	150	char *
	151	strdelim(char **s)
	152	{
	153	char *old;
	154	int wspace = 0;
	155
	156	if (*s == NULL)
	157	return NULL;
	158
	159	old = *s;
	160
533b9133	161	s = strpbrk(s, WHITESPACE QUOTE "=");
6d24277f	162	if (*s == NULL)
	163	return (old);
	164
533b9133	165	if (*s[0] == '\"') {
	166	memmove(s, s + 1, strlen(s)); / move nul too */
	167	/* Find matching quote */
	168	if ((s = strpbrk(s, QUOTE)) == NULL) {
	169	return (NULL); /* no matching quote */
	170	} else {
	171	*s[0] = '\0';
	172	return (old);
	173	}
	174	}
	175
6d24277f	176	/* Allow only one '=' to be skipped */
	177	if (*s[0] == '=')
	178	wspace = 1;
	179	*s[0] = '\0';
	180
533b9133	181	/* Skip any extra whitespace after first token */
6d24277f	182	s += strspn(s + 1, WHITESPACE) + 1;
	183	if (*s[0] == '=' && !wspace)
	184	s += strspn(s + 1, WHITESPACE) + 1;
	185
	186	return (old);
	187	}
1aa00dcb	188
3b1a83df	189	struct passwd *
	190	pwcopy(struct passwd *pw)
	191	{
52e3daed	192	struct passwd copy = xcalloc(1, sizeof(copy));
5649fbbe	193
3b1a83df	194	copy->pw_name = xstrdup(pw->pw_name);
3b1a83df	195	copy->pw_passwd = xstrdup(pw->pw_passwd);
5649fbbe	196	copy->pw_gecos = xstrdup(pw->pw_gecos);
3b1a83df	197	copy->pw_uid = pw->pw_uid;
3b1a83df	198	copy->pw_gid = pw->pw_gid;
7751d4eb	199	#ifdef HAVE_PW_EXPIRE_IN_PASSWD
c4d49b85	200	copy->pw_expire = pw->pw_expire;
7751d4eb	201	#endif
7751d4eb	202	#ifdef HAVE_PW_CHANGE_IN_PASSWD
c4d49b85	203	copy->pw_change = pw->pw_change;
7751d4eb	204	#endif
2605addd	205	#ifdef HAVE_PW_CLASS_IN_PASSWD
3b1a83df	206	copy->pw_class = xstrdup(pw->pw_class);
2605addd	207	#endif
3b1a83df	208	copy->pw_dir = xstrdup(pw->pw_dir);
	209	copy->pw_shell = xstrdup(pw->pw_shell);
	210	return copy;
	211	}
	212
255cabd9	213	/*
	214	* Convert ASCII string to TCP/IP port number.
	215	* Port must be >0 and <=65535.
	216	* Return 0 if invalid.
	217	*/
	218	int
	219	a2port(const char *s)
2d2a2c65	220	{
	221	long port;
	222	char *endp;
	223
	224	errno = 0;
	225	port = strtol(s, &endp, 0);
	226	if (s == endp \|\| *endp != '\0' \|\|
	227	(errno == ERANGE && (port == LONG_MIN \|\| port == LONG_MAX)) \|\|
	228	port <= 0 \|\| port > 65535)
	229	return 0;
	230
	231	return port;
	232	}
	233
d20f3c9e	234	int
	235	a2tun(const char s, int remote)
	236	{
	237	const char *errstr = NULL;
	238	char sp, ep;
	239	int tun;
	240
	241	if (remote != NULL) {
a4f24bf8	242	*remote = SSH_TUNID_ANY;
d20f3c9e	243	sp = xstrdup(s);
	244	if ((ep = strchr(sp, ':')) == NULL) {
	245	xfree(sp);
	246	return (a2tun(s, NULL));
	247	}
	248	ep[0] = '\0'; ep++;
	249	*remote = a2tun(ep, NULL);
	250	tun = a2tun(sp, NULL);
	251	xfree(sp);
a4f24bf8	252	return (remote == SSH_TUNID_ERR ? remote : tun);
d20f3c9e	253	}
	254
	255	if (strcasecmp(s, "any") == 0)
a4f24bf8	256	return (SSH_TUNID_ANY);
d20f3c9e	257
a4f24bf8	258	tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
	259	if (errstr != NULL)
	260	return (SSH_TUNID_ERR);
d20f3c9e	261
	262	return (tun);
	263	}
	264
e2b1fb42	265	#define SECONDS 1
	266	#define MINUTES (SECONDS * 60)
	267	#define HOURS (MINUTES * 60)
	268	#define DAYS (HOURS * 24)
	269	#define WEEKS (DAYS * 7)
	270
255cabd9	271	/*
	272	* Convert a time string into seconds; format is
	273	* a sequence of:
	274	* time[qualifier]
	275	*
	276	* Valid time qualifiers are:
	277	* <none> seconds
	278	* s\|S seconds
	279	* m\|M minutes
	280	* h\|H hours
	281	* d\|D days
	282	* w\|W weeks
	283	*
	284	* Examples:
	285	* 90m 90 minutes
	286	* 1h30m 90 minutes
	287	* 2d 2 days
	288	* 1w 1 week
	289	*
	290	* Return -1 if time string is invalid.
	291	*/
	292	long
	293	convtime(const char *s)
e2b1fb42	294	{
	295	long total, secs;
	296	const char *p;
	297	char *endp;
	298
	299	errno = 0;
	300	total = 0;
	301	p = s;
	302
	303	if (p == NULL \|\| *p == '\0')
	304	return -1;
	305
	306	while (*p) {
	307	secs = strtol(p, &endp, 10);
	308	if (p == endp \|\|
	309	(errno == ERANGE && (secs == LONG_MIN \|\| secs == LONG_MAX)) \|\|
	310	secs < 0)
	311	return -1;
	312
	313	switch (*endp++) {
	314	case '\0':
	315	endp--;
5ef36928	316	break;
e2b1fb42	317	case 's':
	318	case 'S':
	319	break;
	320	case 'm':
	321	case 'M':
	322	secs *= MINUTES;
	323	break;
	324	case 'h':
	325	case 'H':
	326	secs *= HOURS;
	327	break;
	328	case 'd':
	329	case 'D':
	330	secs *= DAYS;
	331	break;
	332	case 'w':
	333	case 'W':
	334	secs *= WEEKS;
	335	break;
	336	default:
	337	return -1;
	338	}
	339	total += secs;
	340	if (total < 0)
	341	return -1;
	342	p = endp;
	343	}
	344
	345	return total;
	346	}
	347
d4530052	348	/*
	349	* Returns a standardized host+port identifier string.
	350	* Caller must free returned string.
	351	*/
	352	char *
	353	put_host_port(const char *host, u_short port)
	354	{
	355	char *hoststr;
	356
	357	if (port == 0 \|\| port == SSH_DEFAULT_PORT)
	358	return(xstrdup(host));
	359	if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
	360	fatal("put_host_port: asprintf: %s", strerror(errno));
	361	debug3("put_host_port: %s", hoststr);
	362	return hoststr;
	363	}
	364
3867aa0a	365	/*
	366	* Search for next delimiter between hostnames/addresses and ports.
	367	* Argument may be modified (for termination).
	368	* Returns *cp if parsing succeeds.
	369	* *cp is set to the start of the next delimiter, if one was found.
	370	* If this is the last field, *cp is set to NULL.
	371	*/
	372	char *
	373	hpdelim(char **cp)
	374	{
	375	char s, old;
	376
	377	if (cp == NULL \|\| *cp == NULL)
	378	return NULL;
	379
	380	old = s = *cp;
	381	if (*s == '[') {
	382	if ((s = strchr(s, ']')) == NULL)
	383	return NULL;
	384	else
	385	s++;
	386	} else if ((s = strpbrk(s, ":/")) == NULL)
	387	s = cp + strlen(cp); /* skip to end (see first case below) */
	388
	389	switch (*s) {
	390	case '\0':
	391	cp = NULL; / no more fields*/
	392	break;
f8cc7664	393
3867aa0a	394	case ':':
	395	case '/':
	396	s = '\0'; / terminate */
	397	*cp = s + 1;
	398	break;
f8cc7664	399
3867aa0a	400	default:
	401	return NULL;
	402	}
	403
	404	return old;
	405	}
	406
1fcde3fe	407	char *
	408	cleanhostname(char *host)
	409	{
	410	if (*host == '[' && host[strlen(host) - 1] == ']') {
	411	host[strlen(host) - 1] = '\0';
	412	return (host + 1);
	413	} else
	414	return host;
	415	}
	416
	417	char *
	418	colon(char *cp)
	419	{
	420	int flag = 0;
	421
	422	if (cp == ':') / Leading colon is part of file name. */
	423	return (0);
	424	if (*cp == '[')
	425	flag = 1;
	426
	427	for (; *cp; ++cp) {
	428	if (cp == '@' && (cp+1) == '[')
	429	flag = 1;
	430	if (cp == ']' && (cp+1) == ':' && flag)
	431	return (cp+1);
	432	if (*cp == ':' && !flag)
	433	return (cp);
	434	if (*cp == '/')
	435	return (0);
	436	}
	437	return (0);
	438	}
	439
255cabd9	440	/* function to assist building execv() arguments */
8a624ebf	441	void
	442	addargs(arglist args, char fmt, ...)
	443	{
	444	va_list ap;
4116f5c0	445	char *cp;
9a995072	446	u_int nalloc;
4116f5c0	447	int r;
8a624ebf	448
8a624ebf	449	va_start(ap, fmt);
4116f5c0	450	r = vasprintf(&cp, fmt, ap);
8a624ebf	451	va_end(ap);
4116f5c0	452	if (r == -1)
4116f5c0	453	fatal("addargs: argument too long");
8a624ebf	454
c46e584f	455	nalloc = args->nalloc;
8a624ebf	456	if (args->list == NULL) {
c46e584f	457	nalloc = 32;
8a624ebf	458	args->num = 0;
c46e584f	459	} else if (args->num+2 >= nalloc)
c46e584f	460	nalloc *= 2;
8a624ebf	461
c5d10563	462	args->list = xrealloc(args->list, nalloc, sizeof(char *));
c46e584f	463	args->nalloc = nalloc;
4116f5c0	464	args->list[args->num++] = cp;
8a624ebf	465	args->list[args->num] = NULL;
8a624ebf	466	}
ea067773	467
4116f5c0	468	void
	469	replacearg(arglist args, u_int which, char fmt, ...)
	470	{
	471	va_list ap;
	472	char *cp;
	473	int r;
	474
	475	va_start(ap, fmt);
	476	r = vasprintf(&cp, fmt, ap);
	477	va_end(ap);
	478	if (r == -1)
	479	fatal("replacearg: argument too long");
	480
	481	if (which >= args->num)
	482	fatal("replacearg: tried to replace invalid arg %d >= %d",
	483	which, args->num);
	484	xfree(args->list[which]);
	485	args->list[which] = cp;
	486	}
	487
	488	void
	489	freeargs(arglist *args)
	490	{
	491	u_int i;
	492
	493	if (args->list != NULL) {
	494	for (i = 0; i < args->num; i++)
	495	xfree(args->list[i]);
	496	xfree(args->list);
	497	args->nalloc = args->num = 0;
	498	args->list = NULL;
	499	}
	500	}
	501
49e71137	502	/*
	503	* Expands tildes in the file name. Returns data allocated by xmalloc.
	504	* Warning: this calls getpw*.
	505	*/
	506	char *
	507	tilde_expand_filename(const char *filename, uid_t uid)
	508	{
	509	const char *path;
	510	char user[128], ret[MAXPATHLEN];
	511	struct passwd *pw;
2ceb8101	512	u_int len, slash;
49e71137	513
	514	if (*filename != '~')
	515	return (xstrdup(filename));
	516	filename++;
	517
	518	path = strchr(filename, '/');
	519	if (path != NULL && path > filename) { /* ~user/path */
2ceb8101	520	slash = path - filename;
2ceb8101	521	if (slash > sizeof(user) - 1)
49e71137	522	fatal("tilde_expand_filename: ~username too long");
2ceb8101	523	memcpy(user, filename, slash);
2ceb8101	524	user[slash] = '\0';
49e71137	525	if ((pw = getpwnam(user)) == NULL)
	526	fatal("tilde_expand_filename: No such user %s", user);
	527	} else if ((pw = getpwuid(uid)) == NULL) /* ~/path */
	528	fatal("tilde_expand_filename: No such uid %d", uid);
	529
	530	if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
	531	fatal("tilde_expand_filename: Path too long");
	532
	533	/* Make sure directory has a trailing '/' */
	534	len = strlen(pw->pw_dir);
	535	if ((len == 0 \|\| pw->pw_dir[len - 1] != '/') &&
	536	strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
	537	fatal("tilde_expand_filename: Path too long");
	538
	539	/* Skip leading '/' from specified path */
	540	if (path != NULL)
	541	filename = path + 1;
	542	if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret))
	543	fatal("tilde_expand_filename: Path too long");
	544
	545	return (xstrdup(ret));
	546	}
	547
a980cbd7	548	/*
	549	* Expand a string with a set of %[char] escapes. A number of escapes may be
	550	* specified as (char escape_chars, char replacement) pairs. The list must
6381acf0	551	* be terminated by a NULL escape_char. Returns replaced string in memory
a980cbd7	552	* allocated by xmalloc.
	553	*/
	554	char *
	555	percent_expand(const char *string, ...)
	556	{
	557	#define EXPAND_MAX_KEYS 16
	558	struct {
	559	const char *key;
	560	const char *repl;
	561	} keys[EXPAND_MAX_KEYS];
2ceb8101	562	u_int num_keys, i, j;
a980cbd7	563	char buf[4096];
	564	va_list ap;
	565
	566	/* Gather keys */
	567	va_start(ap, string);
	568	for (num_keys = 0; num_keys < EXPAND_MAX_KEYS; num_keys++) {
	569	keys[num_keys].key = va_arg(ap, char *);
	570	if (keys[num_keys].key == NULL)
	571	break;
	572	keys[num_keys].repl = va_arg(ap, char *);
	573	if (keys[num_keys].repl == NULL)
	574	fatal("percent_expand: NULL replacement");
	575	}
	576	va_end(ap);
	577
	578	if (num_keys >= EXPAND_MAX_KEYS)
	579	fatal("percent_expand: too many keys");
	580
	581	/* Expand string */
	582	*buf = '\0';
	583	for (i = 0; *string != '\0'; string++) {
	584	if (*string != '%') {
	585	append:
	586	buf[i++] = *string;
	587	if (i >= sizeof(buf))
	588	fatal("percent_expand: string too long");
	589	buf[i] = '\0';
	590	continue;
	591	}
	592	string++;
	593	if (*string == '%')
	594	goto append;
	595	for (j = 0; j < num_keys; j++) {
	596	if (strchr(keys[j].key, *string) != NULL) {
	597	i = strlcat(buf, keys[j].repl, sizeof(buf));
	598	if (i >= sizeof(buf))
	599	fatal("percent_expand: string too long");
	600	break;
	601	}
	602	}
	603	if (j >= num_keys)
	604	fatal("percent_expand: unknown key %%%c", *string);
	605	}
	606	return (xstrdup(buf));
	607	#undef EXPAND_MAX_KEYS
	608	}
	609
ea067773	610	/*
	611	* Read an entire line from a public key file into a static buffer, discarding
	612	* lines that exceed the buffer size. Returns 0 on success, -1 on failure.
	613	*/
	614	int
	615	read_keyfile_line(FILE f, const char filename, char *buf, size_t bufsz,
41feb690	616	u_long *lineno)
ea067773	617	{
	618	while (fgets(buf, bufsz, f) != NULL) {
	619	(*lineno)++;
	620	if (buf[strlen(buf) - 1] == '\n' \|\| feof(f)) {
	621	return 0;
	622	} else {
41feb690	623	debug("%s: %s line %lu exceeds size limit", __func__,
41feb690	624	filename, *lineno);
ea067773	625	/* discard remainder of line */
f8cc7664	626	while (fgetc(f) != '\n' && !feof(f))
ea067773	627	; /* nothing */
	628	}
	629	}
	630	return -1;
	631	}
ef07103c	632
d20f3c9e	633	int
a4f24bf8	634	tun_open(int tun, int mode)
d20f3c9e	635	{
6306853a	636	#if defined(CUSTOM_SYS_TUN_OPEN)
6306853a	637	return (sys_tun_open(tun, mode));
0f6cb079	638	#elif defined(SSH_TUN_OPENBSD)
a4f24bf8	639	struct ifreq ifr;
d20f3c9e	640	char name[100];
a4f24bf8	641	int fd = -1, sock;
d20f3c9e	642
a4f24bf8	643	/* Open the tunnel device */
a4f24bf8	644	if (tun <= SSH_TUNID_MAX) {
d20f3c9e	645	snprintf(name, sizeof(name), "/dev/tun%d", tun);
a4f24bf8	646	fd = open(name, O_RDWR);
	647	} else if (tun == SSH_TUNID_ANY) {
	648	for (tun = 100; tun >= 0; tun--) {
	649	snprintf(name, sizeof(name), "/dev/tun%d", tun);
	650	if ((fd = open(name, O_RDWR)) >= 0)
	651	break;
d20f3c9e	652	}
d20f3c9e	653	} else {
81c042a3	654	debug("%s: invalid tunnel %u", __func__, tun);
a4f24bf8	655	return (-1);
	656	}
	657
	658	if (fd < 0) {
	659	debug("%s: %s open failed: %s", __func__, name, strerror(errno));
	660	return (-1);
	661	}
	662
	663	debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
	664
	665	/* Set the tunnel device operation mode */
	666	snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
	667	if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
	668	goto failed;
	669
	670	if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
	671	goto failed;
b1b65311	672
	673	/* Set interface mode */
	674	ifr.ifr_flags &= ~IFF_UP;
	675	if (mode == SSH_TUNMODE_ETHERNET)
a4f24bf8	676	ifr.ifr_flags \|= IFF_LINK0;
b1b65311	677	else
	678	ifr.ifr_flags &= ~IFF_LINK0;
	679	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
	680	goto failed;
	681
	682	/* Bring interface up */
a4f24bf8	683	ifr.ifr_flags \|= IFF_UP;
	684	if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
	685	goto failed;
	686
	687	close(sock);
	688	return (fd);
	689
	690	failed:
	691	if (fd >= 0)
	692	close(fd);
	693	if (sock >= 0)
	694	close(sock);
	695	debug("%s: failed to set %s mode %d: %s", __func__, name,
	696	mode, strerror(errno));
d20f3c9e	697	return (-1);
6306853a	698	#else
	699	error("Tunnel interfaces are not supported on this platform");
	700	return (-1);
	701	#endif
d20f3c9e	702	}
d20f3c9e	703
fd6168c1	704	void
	705	sanitise_stdfd(void)
	706	{
db382686	707	int nullfd, dupfd;
fd6168c1	708
db382686	709	if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
fd6168c1	710	fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
	711	exit(1);
	712	}
db382686	713	while (++dupfd <= 2) {
	714	/* Only clobber closed fds */
	715	if (fcntl(dupfd, F_GETFL, 0) >= 0)
	716	continue;
	717	if (dup2(nullfd, dupfd) == -1) {
fd6168c1	718	fprintf(stderr, "dup2: %s", strerror(errno));
	719	exit(1);
	720	}
fd6168c1	721	}
	722	if (nullfd > 2)
	723	close(nullfd);
	724	}
	725
ef07103c	726	char *
51e7a012	727	tohex(const void *vp, size_t l)
ef07103c	728	{
51e7a012	729	const u_char p = (const u_char )vp;
ef07103c	730	char b[3], *r;
51e7a012	731	size_t i, hl;
	732
	733	if (l > 65536)
	734	return xstrdup("tohex: length > 65536");
ef07103c	735
ef07103c	736	hl = l * 2 + 1;
52e3daed	737	r = xcalloc(1, hl);
ef07103c	738	for (i = 0; i < l; i++) {
51e7a012	739	snprintf(b, sizeof(b), "%02x", p[i]);
ef07103c	740	strlcat(r, b, hl);
	741	}
	742	return (r);
	743	}
	744
51e7a012	745	u_int64_t
	746	get_u64(const void *vp)
	747	{
	748	const u_char p = (const u_char )vp;
	749	u_int64_t v;
	750
	751	v = (u_int64_t)p[0] << 56;
	752	v \|= (u_int64_t)p[1] << 48;
	753	v \|= (u_int64_t)p[2] << 40;
	754	v \|= (u_int64_t)p[3] << 32;
	755	v \|= (u_int64_t)p[4] << 24;
	756	v \|= (u_int64_t)p[5] << 16;
	757	v \|= (u_int64_t)p[6] << 8;
	758	v \|= (u_int64_t)p[7];
	759
	760	return (v);
	761	}
	762
	763	u_int32_t
	764	get_u32(const void *vp)
	765	{
	766	const u_char p = (const u_char )vp;
	767	u_int32_t v;
	768
	769	v = (u_int32_t)p[0] << 24;
	770	v \|= (u_int32_t)p[1] << 16;
	771	v \|= (u_int32_t)p[2] << 8;
	772	v \|= (u_int32_t)p[3];
	773
	774	return (v);
	775	}
	776
	777	u_int16_t
	778	get_u16(const void *vp)
	779	{
	780	const u_char p = (const u_char )vp;
	781	u_int16_t v;
	782
	783	v = (u_int16_t)p[0] << 8;
	784	v \|= (u_int16_t)p[1];
	785
	786	return (v);
	787	}
	788
	789	void
	790	put_u64(void *vp, u_int64_t v)
	791	{
	792	u_char p = (u_char )vp;
	793
	794	p[0] = (u_char)(v >> 56) & 0xff;
	795	p[1] = (u_char)(v >> 48) & 0xff;
	796	p[2] = (u_char)(v >> 40) & 0xff;
	797	p[3] = (u_char)(v >> 32) & 0xff;
	798	p[4] = (u_char)(v >> 24) & 0xff;
	799	p[5] = (u_char)(v >> 16) & 0xff;
	800	p[6] = (u_char)(v >> 8) & 0xff;
	801	p[7] = (u_char)v & 0xff;
	802	}
	803
	804	void
	805	put_u32(void *vp, u_int32_t v)
	806	{
	807	u_char p = (u_char )vp;
	808
809	p[0] = (u_char)(v >> 24) & 0xff;
810	p[1] = (u_char)(v >> 16) & 0xff;
811	p[2] = (u_char)(v >> 8) & 0xff;
812	p[3] = (u_char)v & 0xff;
813	}
814
815
816	void
817	put_u16(void *vp, u_int16_t v)
818	{
819	u_char p = (u_char )vp;
820
821	p[0] = (u_char)(v >> 8) & 0xff;
822	p[1] = (u_char)v & 0xff;
823	}