third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-13 07:37:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

Moved command line parsing to conf2struct

Browse Source
This commit is contained in:
yrutschle 2019-01-12 21:33:44 +01:00
parent dbc0667ad3
commit 530acc7c72
7 changed files with 6060 additions and 285 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -25,7 +25,7 @@ CC ?= gcc
CFLAGS ?=-Wall -g $(CFLAGS_COV)
LIBS=
OBJS=sslh-conf.o common.o sslh-main.o probe.o tls.o
OBJS=sslh-conf.o common.o sslh-main.o probe.o tls.o argtable3.o
CONDITIONAL_TARGETS=

5018
argtable3.c Normal file
View File

File diff suppressed because it is too large Load Diff

305
argtable3.h Normal file
View File

@ -0,0 +1,305 @@
/*******************************************************************************
* This file is part of the argtable3 library.
*
* Copyright (C) 1998-2001,2003-2011,2013 Stewart Heitmann
* <sheitmann@users.sourceforge.net>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of STEWART HEITMANN nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL STEWART HEITMANN BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
******************************************************************************/
#ifndef ARGTABLE3
#define ARGTABLE3
#include <stdio.h> /* FILE */
#include <time.h> /* struct tm */
#ifdef __cplusplus
extern "C" {
#endif
#define ARG_REX_ICASE 1
/* bit masks for arg_hdr.flag */
enum
{
ARG_TERMINATOR=0x1,
ARG_HASVALUE=0x2,
ARG_HASOPTVALUE=0x4
};
typedef void (arg_resetfn)(void *parent);
typedef int (arg_scanfn)(void *parent, const char *argval);
typedef int (arg_checkfn)(void *parent);
typedef void (arg_errorfn)(void *parent, FILE *fp, int error, const char *argval, const char *progname);
/*
* The arg_hdr struct defines properties that are common to all arg_xxx structs.
* The argtable library requires each arg_xxx struct to have an arg_hdr
* struct as its first data member.
* The argtable library functions then use this data to identify the
* properties of the command line option, such as its option tags,
* datatype string, and glossary strings, and so on.
* Moreover, the arg_hdr struct contains pointers to custom functions that
* are provided by each arg_xxx struct which perform the tasks of parsing
* that particular arg_xxx arguments, performing post-parse checks, and
* reporting errors.
* These functions are private to the individual arg_xxx source code
* and are the pointer to them are initiliased by that arg_xxx struct's
* constructor function. The user could alter them after construction
* if desired, but the original intention is for them to be set by the
* constructor and left unaltered.
*/
struct arg_hdr
{
char flag; /* Modifier flags: ARG_TERMINATOR, ARG_HASVALUE. */
const char *shortopts; /* String defining the short options */
const char *longopts; /* String defiing the long options */
const char *datatype; /* Description of the argument data type */
const char *glossary; /* Description of the option as shown by arg_print_glossary function */
int mincount; /* Minimum number of occurences of this option accepted */
int maxcount; /* Maximum number of occurences if this option accepted */
void *parent; /* Pointer to parent arg_xxx struct */
arg_resetfn *resetfn; /* Pointer to parent arg_xxx reset function */
arg_scanfn *scanfn; /* Pointer to parent arg_xxx scan function */
arg_checkfn *checkfn; /* Pointer to parent arg_xxx check function */
arg_errorfn *errorfn; /* Pointer to parent arg_xxx error function */
void *priv; /* Pointer to private header data for use by arg_xxx functions */
};
struct arg_rem
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
};
struct arg_lit
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args */
};
struct arg_int
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args */
int *ival; /* Array of parsed argument values */
};
struct arg_dbl
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args */
double *dval; /* Array of parsed argument values */
};
struct arg_str
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args */
const char **sval; /* Array of parsed argument values */
};
struct arg_rex
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args */
const char **sval; /* Array of parsed argument values */
};
struct arg_file
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of matching command line args*/
const char **filename; /* Array of parsed filenames (eg: /home/foo.bar) */
const char **basename; /* Array of parsed basenames (eg: foo.bar) */
const char **extension; /* Array of parsed extensions (eg: .bar) */
};
struct arg_date
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
const char *format; /* strptime format string used to parse the date */
int count; /* Number of matching command line args */
struct tm *tmval; /* Array of parsed time values */
};
enum {ARG_ELIMIT=1, ARG_EMALLOC, ARG_ENOMATCH, ARG_ELONGOPT, ARG_EMISSARG};
struct arg_end
{
struct arg_hdr hdr; /* The mandatory argtable header struct */
int count; /* Number of errors encountered */
int *error; /* Array of error codes */
void **parent; /* Array of pointers to offending arg_xxx struct */
const char **argval; /* Array of pointers to offending argv[] string */
};
/**** arg_xxx constructor functions *********************************/
struct arg_rem* arg_rem(const char* datatype, const char* glossary);
struct arg_lit* arg_lit0(const char* shortopts,
const char* longopts,
const char* glossary);
struct arg_lit* arg_lit1(const char* shortopts,
const char* longopts,
const char *glossary);
struct arg_lit* arg_litn(const char* shortopts,
const char* longopts,
int mincount,
int maxcount,
const char *glossary);
struct arg_key* arg_key0(const char* keyword,
int flags,
const char* glossary);
struct arg_key* arg_key1(const char* keyword,
int flags,
const char* glossary);
struct arg_key* arg_keyn(const char* keyword,
int flags,
int mincount,
int maxcount,
const char* glossary);
struct arg_int* arg_int0(const char* shortopts,
const char* longopts,
const char* datatype,
const char* glossary);
struct arg_int* arg_int1(const char* shortopts,
const char* longopts,
const char* datatype,
const char *glossary);
struct arg_int* arg_intn(const char* shortopts,
const char* longopts,
const char *datatype,
int mincount,
int maxcount,
const char *glossary);
struct arg_dbl* arg_dbl0(const char* shortopts,
const char* longopts,
const char* datatype,
const char* glossary);
struct arg_dbl* arg_dbl1(const char* shortopts,
const char* longopts,
const char* datatype,
const char *glossary);
struct arg_dbl* arg_dbln(const char* shortopts,
const char* longopts,
const char *datatype,
int mincount,
int maxcount,
const char *glossary);
struct arg_str* arg_str0(const char* shortopts,
const char* longopts,
const char* datatype,
const char* glossary);
struct arg_str* arg_str1(const char* shortopts,
const char* longopts,
const char* datatype,
const char *glossary);
struct arg_str* arg_strn(const char* shortopts,
const char* longopts,
const char* datatype,
int mincount,
int maxcount,
const char *glossary);
struct arg_rex* arg_rex0(const char* shortopts,
const char* longopts,
const char* pattern,
const char* datatype,
int flags,
const char* glossary);
struct arg_rex* arg_rex1(const char* shortopts,
const char* longopts,
const char* pattern,
const char* datatype,
int flags,
const char *glossary);
struct arg_rex* arg_rexn(const char* shortopts,
const char* longopts,
const char* pattern,
const char* datatype,
int mincount,
int maxcount,
int flags,
const char *glossary);
struct arg_file* arg_file0(const char* shortopts,
const char* longopts,
const char* datatype,
const char* glossary);
struct arg_file* arg_file1(const char* shortopts,
const char* longopts,
const char* datatype,
const char *glossary);
struct arg_file* arg_filen(const char* shortopts,
const char* longopts,
const char* datatype,
int mincount,
int maxcount,
const char *glossary);
struct arg_date* arg_date0(const char* shortopts,
const char* longopts,
const char* format,
const char* datatype,
const char* glossary);
struct arg_date* arg_date1(const char* shortopts,
const char* longopts,
const char* format,
const char* datatype,
const char *glossary);
struct arg_date* arg_daten(const char* shortopts,
const char* longopts,
const char* format,
const char* datatype,
int mincount,
int maxcount,
const char *glossary);
struct arg_end* arg_end(int maxerrors);
/**** other functions *******************************************/
int arg_nullcheck(void **argtable);
int arg_parse(int argc, char **argv, void **argtable);
void arg_print_option(FILE *fp, const char *shortopts, const char *longopts, const char *datatype, const char *suffix);
void arg_print_syntax(FILE *fp, void **argtable, const char *suffix);
void arg_print_syntaxv(FILE *fp, void **argtable, const char *suffix);
void arg_print_glossary(FILE *fp, void **argtable, const char *format);
void arg_print_glossary_gnu(FILE *fp, void **argtable);
void arg_print_errors(FILE* fp, struct arg_end* end, const char* progname);
void arg_freetable(void **argtable, size_t n);
/**** deprecated functions, for back-compatibility only ********/
void arg_free(void **argtable);
#ifdef __cplusplus
}
#endif
#endif

606
sslh-conf.c
View File

@ -1,7 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct)
* on Fri Dec 7 08:27:14 2018. */
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sat Jan 12 21:31:24 2019. */
#define _GNU_SOURCE
#include <string.h>
@ -9,6 +7,39 @@
#include <stdlib.h>
#include "sslh-conf.h"
static void sslhcfg_protocols_init(struct sslhcfg_protocols_item* cfg) {
memset(cfg, 0, sizeof(*cfg));
cfg->name = "";
cfg->host = "";
cfg->port = "";
cfg->service = NULL;
cfg->fork = 0;
cfg->log_level = 1;
cfg->keepalive = 0;
}
static void sslhcfg_listen_init(struct sslhcfg_listen_item* cfg) {
memset(cfg, 0, sizeof(*cfg));
cfg->host = "";
cfg->port = "";
cfg->keepalive = 0;
}
static void sslhcfg_init(struct sslhcfg_item* cfg) {
memset(cfg, 0, sizeof(*cfg));
cfg->verbose = 0;
cfg->foreground = 0;
cfg->inetd = 0;
cfg->numeric = 0;
cfg->transparent = 0;
cfg->timeout = 5;
cfg->user = NULL;
cfg->pidfile = NULL;
cfg->chroot = NULL;
cfg->syslog_facility = "auth";
cfg->on_timeout = "ssh";
}
static int sslhcfg_protocols_parser(
config_setting_t* cfg,
struct sslhcfg_protocols_item* sslhcfg_protocols,
@ -18,6 +49,8 @@ static int sslhcfg_protocols_parser(
char* tmp;
*errmsg = NULL;
sslhcfg_protocols_init(sslhcfg_protocols);
if (config_setting_lookup(cfg, "name")) {
if (config_setting_lookup_string(cfg, "name", &sslhcfg_protocols->name) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"name\" failed";
@ -55,7 +88,6 @@ static int sslhcfg_protocols_parser(
return 0;
}
sslhcfg_protocols->port = tmp;
sslhcfg_protocols->service = NULL;
if (config_setting_lookup(cfg, "service")) {
if (config_setting_lookup_string(cfg, "service", &sslhcfg_protocols->service) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"service\" failed";
@ -65,21 +97,18 @@ static int sslhcfg_protocols_parser(
}
;
}
sslhcfg_protocols->fork = 0;
if (config_setting_lookup(cfg, "fork")) {
if (config_setting_lookup_bool(cfg, "fork", &sslhcfg_protocols->fork) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"fork\" failed";
return 0;
} ;
}
sslhcfg_protocols->log_level = 1;
if (config_setting_lookup(cfg, "log_level")) {
if (config_setting_lookup_int(cfg, "log_level", &sslhcfg_protocols->log_level) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"log_level\" failed";
return 0;
} ;
}
sslhcfg_protocols->keepalive = 0;
if (config_setting_lookup(cfg, "keepalive")) {
if (config_setting_lookup_bool(cfg, "keepalive", &sslhcfg_protocols->keepalive) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"keepalive\" failed";
@ -131,6 +160,8 @@ static int sslhcfg_listen_parser(
char* tmp;
*errmsg = NULL;
sslhcfg_listen_init(sslhcfg_listen);
if (config_setting_lookup(cfg, "host")) {
if (config_setting_lookup_string(cfg, "host", &sslhcfg_listen->host) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"host\" failed";
@ -159,7 +190,6 @@ static int sslhcfg_listen_parser(
return 0;
}
sslhcfg_listen->port = tmp;
sslhcfg_listen->keepalive = 0;
if (config_setting_lookup(cfg, "keepalive")) {
if (config_setting_lookup_bool(cfg, "keepalive", &sslhcfg_listen->keepalive) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"keepalive\" failed";
@ -178,49 +208,44 @@ static int sslhcfg_parser(
char* tmp;
*errmsg = NULL;
sslhcfg->verbose = 0;
sslhcfg_init(sslhcfg);
if (config_setting_lookup(cfg, "verbose")) {
if (config_setting_lookup_int(cfg, "verbose", &sslhcfg->verbose) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"verbose\" failed";
return 0;
} ;
}
sslhcfg->foreground = 0;
if (config_setting_lookup(cfg, "foreground")) {
if (config_setting_lookup_bool(cfg, "foreground", &sslhcfg->foreground) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"foreground\" failed";
return 0;
} ;
}
sslhcfg->inetd = 0;
if (config_setting_lookup(cfg, "inetd")) {
if (config_setting_lookup_bool(cfg, "inetd", &sslhcfg->inetd) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"inetd\" failed";
return 0;
} ;
}
sslhcfg->numeric = 0;
if (config_setting_lookup(cfg, "numeric")) {
if (config_setting_lookup_bool(cfg, "numeric", &sslhcfg->numeric) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"numeric\" failed";
return 0;
} ;
}
sslhcfg->transparent = 0;
if (config_setting_lookup(cfg, "transparent")) {
if (config_setting_lookup_bool(cfg, "transparent", &sslhcfg->transparent) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"transparent\" failed";
return 0;
} ;
}
sslhcfg->timeout = 2;
if (config_setting_lookup(cfg, "timeout")) {
if (config_setting_lookup_int(cfg, "timeout", &sslhcfg->timeout) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"timeout\" failed";
return 0;
} ;
}
sslhcfg->user = NULL;
if (config_setting_lookup(cfg, "user")) {
if (config_setting_lookup_string(cfg, "user", &sslhcfg->user) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"user\" failed";
@ -230,7 +255,6 @@ static int sslhcfg_parser(
}
;
}
sslhcfg->pidfile = NULL;
if (config_setting_lookup(cfg, "pidfile")) {
if (config_setting_lookup_string(cfg, "pidfile", &sslhcfg->pidfile) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"pidfile\" failed";
@ -240,7 +264,6 @@ static int sslhcfg_parser(
}
;
}
sslhcfg->chroot = NULL;
if (config_setting_lookup(cfg, "chroot")) {
if (config_setting_lookup_string(cfg, "chroot", &sslhcfg->chroot) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"chroot\" failed";
@ -250,14 +273,12 @@ static int sslhcfg_parser(
}
;
}
sslhcfg->syslog_facility = "auth";
if (config_setting_lookup(cfg, "syslog_facility")) {
if (config_setting_lookup_string(cfg, "syslog_facility", &sslhcfg->syslog_facility) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"syslog_facility\" failed";
return 0;
} ;
}
sslhcfg->on_timeout = "ssh";
if (config_setting_lookup(cfg, "on_timeout")) {
if (config_setting_lookup_string(cfg, "on_timeout", &sslhcfg->on_timeout) == CONFIG_FALSE) {
*errmsg = "Parsing of option \"on_timeout\" failed";
@ -412,3 +433,548 @@ void sslhcfg_print(
sslhcfg_protocols_print(&sslhcfg->protocols[i], depth+1);
}
}
#include "argtable3.h"
#include <regex.h>
struct arg_file* sslhcfg_conffile;
struct arg_int* sslhcfg_verbose;
struct arg_lit* sslhcfg_foreground;
struct arg_lit* sslhcfg_inetd;
struct arg_lit* sslhcfg_numeric;
struct arg_lit* sslhcfg_transparent;
struct arg_int* sslhcfg_timeout;
struct arg_str* sslhcfg_user;
struct arg_str* sslhcfg_pidfile;
struct arg_str* sslhcfg_chroot;
struct arg_str* sslhcfg_syslog_facility;
struct arg_str* sslhcfg_on_timeout;
struct arg_str* sslhcfg_listen;
struct arg_str* sslhcfg_ssh;
struct arg_str* sslhcfg_tls;
struct arg_str* sslhcfg_openvpn;
struct arg_str* sslhcfg_tinc;
struct arg_str* sslhcfg_xmpp;
struct arg_str* sslhcfg_http;
struct arg_str* sslhcfg_adb;
struct arg_str* sslhcfg_socks5;
struct arg_end* sslhcfg_end;
static void sslhcfg_cl_c2s(int arg_index, struct sslhcfg_item* cfg) {
int i, len;
if (sslhcfg_verbose->count) {
cfg->verbose = sslhcfg_verbose->ival [arg_index];
}
if (sslhcfg_foreground->count) {
cfg->foreground = sslhcfg_foreground->count;
}
if (sslhcfg_inetd->count) {
cfg->inetd = sslhcfg_inetd->count;
}
if (sslhcfg_numeric->count) {
cfg->numeric = sslhcfg_numeric->count;
}
if (sslhcfg_transparent->count) {
cfg->transparent = sslhcfg_transparent->count;
}
if (sslhcfg_timeout->count) {
cfg->timeout = sslhcfg_timeout->ival [arg_index];
}
if (sslhcfg_user->count) {
cfg->user_is_present = 1;
cfg->user = sslhcfg_user->sval [arg_index];
}
if (sslhcfg_pidfile->count) {
cfg->pidfile_is_present = 1;
cfg->pidfile = sslhcfg_pidfile->sval [arg_index];
}
if (sslhcfg_chroot->count) {
cfg->chroot_is_present = 1;
cfg->chroot = sslhcfg_chroot->sval [arg_index];
}
if (sslhcfg_syslog_facility->count) {
cfg->syslog_facility = sslhcfg_syslog_facility->sval [arg_index];
}
if (sslhcfg_on_timeout->count) {
cfg->on_timeout = sslhcfg_on_timeout->sval [arg_index];
}
}
int sslhcfg_cl_parse(int argc, char* argv[], struct sslhcfg_item* cfg) {
void* argtable[] = {
sslhcfg_conffile = arg_filen("F", "conffile", "<file>", 0, 1, "Specify configuration file"),
sslhcfg_verbose = arg_intn("v", "verbose", "<n>", 0, 1, ""),
sslhcfg_foreground = arg_litn("f", "foreground", 0, 1, "Run in foreground instead of as a daemon"),
sslhcfg_inetd = arg_litn("i", "inetd", 0, 1, "Run in inetd mode: use stdin/stdout instead of network listen"),
sslhcfg_numeric = arg_litn("n", "numeric", 0, 1, "Print IP addresses and ports as numbers"),
sslhcfg_transparent = arg_litn(NULL, "transparent", 0, 1, "Set up as a transparent proxy"),
sslhcfg_timeout = arg_intn("t", "timeout", "<n>", 0, 1, "Set up timeout before connecting to default target"),
sslhcfg_user = arg_strn("u", "user", "<str>", 0, 1, "Username to change to after set-up"),
sslhcfg_pidfile = arg_strn("P", "pidfile", "<file>", 0, 1, "Path to file to store PID of current instance"),
sslhcfg_chroot = arg_strn("C", "chroot", "<path>", 0, 1, "Root to change to after set-up"),
sslhcfg_syslog_facility = arg_strn(NULL, "syslog-facility", "<str>", 0, 1, "Facility to syslog to"),
sslhcfg_on_timeout = arg_strn(NULL, "on-timeout", "<str>", 0, 1, "Target to connect to when timing out"),
sslhcfg_listen = arg_strn("p", "listen", "<host:port>", 0, 10, "Listen on host:port"),
sslhcfg_ssh = arg_strn(NULL, "ssh", "<host:port>", 0, 10, "Set up ssh target"),
sslhcfg_tls = arg_strn(NULL, "tls", "<host:port>", 0, 10, "Set up TLS/SSL target"),
sslhcfg_openvpn = arg_strn(NULL, "openvpn", "<host:port>", 0, 10, "Set up OpenVPN target"),
sslhcfg_tinc = arg_strn(NULL, "tinc", "<host:port>", 0, 10, "Set up tinc target"),
sslhcfg_xmpp = arg_strn(NULL, "xmpp", "<host:port>", 0, 10, "Set up XMPP target"),
sslhcfg_http = arg_strn(NULL, "http", "<host:port>", 0, 10, "Set up HTTP (plain) target"),
sslhcfg_adb = arg_strn(NULL, "adb", "<host:port>", 0, 10, "Set up ADB (Android Debug) target"),
sslhcfg_socks5 = arg_strn(NULL, "socks5", "<host:port>", 0, 10, "Set up socks5 target"),
sslhcfg_end = arg_end(10)
};
const char* errmsg;
int nerrors, cl_i;
nerrors = arg_parse(argc, argv, argtable);
if (nerrors) {
arg_print_errors(stdout, sslhcfg_end, "sslhcfg");
arg_print_syntax(stdout, argtable, "\n");
arg_print_glossary(stdout, argtable, " %-25s %s\n");
return 0;
}
if (sslhcfg_conffile->count) {
if (!sslhcfg_parse_file(sslhcfg_conffile->filename[0], cfg, &errmsg)) {
fprintf(stderr, "%s\n", errmsg);
exit(1);
}
}
sslhcfg_cl_c2s(0, cfg);
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_listen->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_listen->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_listen_item* group;
/* No search for override */
if (!found) {
cfg->listen_len++;
cfg->listen = realloc(cfg->listen, cfg->listen_len * sizeof(*cfg->listen));
group = & cfg->listen [cfg->listen_len - 1];
} else {
group = & cfg->listen [found];
}
sslhcfg_listen_init(group);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_listen->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_listen->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--listen %s: Illegal argument\n", sslhcfg_listen->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_ssh->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_ssh->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "ssh")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 3;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "ssh", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_ssh->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_ssh->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--ssh %s: Illegal argument\n", sslhcfg_ssh->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_tls->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_tls->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "tls")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 3;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "tls", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_tls->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_tls->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--tls %s: Illegal argument\n", sslhcfg_tls->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_openvpn->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_openvpn->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "openvpn")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 7;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "openvpn", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_openvpn->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_openvpn->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--openvpn %s: Illegal argument\n", sslhcfg_openvpn->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_tinc->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_tinc->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "openvpn")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 7;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "openvpn", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_tinc->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_tinc->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--tinc %s: Illegal argument\n", sslhcfg_tinc->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_xmpp->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_xmpp->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "xmpp")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 4;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "xmpp", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_xmpp->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_xmpp->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--xmpp %s: Illegal argument\n", sslhcfg_xmpp->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_http->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_http->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "http")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 4;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "http", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_http->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_http->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--http %s: Illegal argument\n", sslhcfg_http->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_adb->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_adb->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "adb")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 3;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "adb", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_adb->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_adb->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--adb %s: Illegal argument\n", sslhcfg_adb->sval [cl_i]);
exit(1);
}
}
#define MAX_MATCH 10
for (cl_i = 0; cl_i < sslhcfg_socks5->count; cl_i++) {
regex_t preg;
regmatch_t pmatch[MAX_MATCH];
int res = regcomp(&preg, "(\\w+):(\\w+)", REG_EXTENDED);
if (res) {
int errlen = regerror(res, &preg, NULL, 0);
char* errmsg = malloc(errlen);
regerror(res, &preg, errmsg, errlen);
fprintf(stderr, "(\\w+):(\\w+): %s\n", errmsg);
exit(1);
}
res = regexec(&preg, sslhcfg_socks5->sval [cl_i], MAX_MATCH, &pmatch[0], 0);
if (!res) {
int param_len, i, found = 0;
struct sslhcfg_protocols_item* group;
for (i = 0; i < cfg->protocols_len; i++) {
if (!strcmp(cfg->protocols [i].name, "socks5")) {
found = i;
break;
}
}
if (!found) {
cfg->protocols_len++;
cfg->protocols = realloc(cfg->protocols, cfg->protocols_len * sizeof(*cfg->protocols));
group = & cfg->protocols [cfg->protocols_len - 1];
} else {
group = & cfg->protocols [found];
}
sslhcfg_protocols_init(group);
param_len = 6;
group->name = calloc(1, param_len + 1);
memcpy(group->name, "socks5", param_len);
param_len = pmatch[1].rm_eo - pmatch[1].rm_so;
group->host = calloc(1, param_len + 1);
memcpy(group->host, sslhcfg_socks5->sval [cl_i]+pmatch[1].rm_so, param_len);
param_len = pmatch[2].rm_eo - pmatch[2].rm_so;
group->port = calloc(1, param_len + 1);
memcpy(group->port, sslhcfg_socks5->sval [cl_i]+pmatch[2].rm_so, param_len);
} else {
fprintf(stderr, "--socks5 %s: Illegal argument\n", sslhcfg_socks5->sval [cl_i]);
exit(1);
}
}
return 1;
}

10
sslh-conf.h
View File

@ -1,6 +1,5 @@
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct)
* on Fri Dec 7 08:27:14 2018. */
/* Generated by conf2struct (https://www.rutschle.net/tech/conf2struct/README)
* on Sat Jan 12 21:31:24 2019. */
#ifndef C2S_SSLHCFG_H
#define C2S_SSLHCFG_H
@ -67,4 +66,9 @@ void sslhcfg_print(
struct sslhcfg_item *sslhcfg,
int depth);
int sslhcfg_cl_parse(
int argc,
char* argv[],
struct sslhcfg_item *sslhcfg);
#endif

261
sslh-main.c
View File

@ -62,44 +62,6 @@ const char* USAGE_STRING =
/* Constants for options that have no one-character shorthand */
#define OPT_ONTIMEOUT 257
static struct option const_options[] = {
{ "inetd", no_argument, &cfg.inetd, 1 },
{ "foreground", no_argument, &cfg.foreground, 1 },
{ "transparent", no_argument, &cfg.transparent, 1 },
{ "numeric", no_argument, &cfg.numeric, 1 },
{ "verbose", no_argument, &cfg.verbose, 1 },
{ "user", required_argument, 0, 'u' },
{ "config", optional_argument, 0, 'F' },
{ "pidfile", required_argument, 0, 'P' },
{ "chroot", required_argument, 0, 'C' },
{ "timeout", required_argument, 0, 't' },
{ "on-timeout", required_argument, 0, OPT_ONTIMEOUT },
{ "listen", required_argument, 0, 'p' },
{}
};
static struct option* all_options;
static struct protocol_probe_desc* builtins;
static const char *optstr = "vt:T:p:VP:C:F::";
static void print_usage(void)
{
struct protocol_probe_desc *p;
int i;
int res;
char *prots = "";
p = get_builtins();
for (i = 0; i < get_num_builtins(); i++) {
res = asprintf(&prots, "%s\t[--%s <addr>]\n", prots, p[i].name);
CHECK_RES_DIE(res, "asprintf");
}
fprintf(stderr, USAGE_STRING, prots);
}
static void printcaps(void) {
#ifdef LIBCAP
cap_t caps;
@ -234,8 +196,7 @@ static void setup_regex_probe(struct sslhcfg_protocols_item *p)
/* For each protocol in the configuration, resolve address and set up protocol
* options if required
*/
#ifdef LIBCONFIG
static int config_protocols()
static void config_protocols()
{
int i;
for (i = 0; i < cfg.protocols_len; i++) {
@ -268,239 +229,39 @@ static int config_protocols()
}
}
}
#endif
/* Parses a config file
* in: *filename
* out: *listen, a newly-allocated linked list of listen addrinfo
* 1 on error, 0 on success
*/
#ifdef LIBCONFIG
static int config_parse(char *filename, struct addrinfo **listen)
{
int res;
const char* err;
if (!sslhcfg_parse_file(filename, &cfg, &err)) {
fprintf(stderr, err);
return 1;
}
config_resolve_listen(listen);
config_protocols();
return 0;
}
#endif
/* Adds protocols to the list of options, so command-line parsing uses the
* protocol definition array
* options: array of options to add to; must be big enough
* n_opts: number of options in *options before calling (i.e. where to append)
* prot: array of protocols
* n_prots: number of protocols in *prot
* */
static void append_protocols(struct option *options, int n_opts, struct protocol_probe_desc* prot , int n_prots)
{
int o, p;
for (o = n_opts, p = 0; p < n_prots; o++, p++) {
options[o].name = prot[p].name;
options[o].has_arg = required_argument;
options[o].flag = 0;
options[o].val = p + PROT_SHIFT;
}
}
static void make_alloptions(void)
{
builtins = get_builtins();
/* Create all_options, composed of const_options followed by one option per
* known protocol */
all_options = calloc(ARRAY_SIZE(const_options) + get_num_builtins(), sizeof(struct option));
CHECK_ALLOC(all_options, "calloc");
memcpy(all_options, const_options, sizeof(const_options));
append_protocols(all_options, ARRAY_SIZE(const_options) - 1, builtins, get_num_builtins());
}
/* Performs a first scan of command line options to see if a configuration file
* is specified. If there is one, parse it now before all other options (so
* configuration file settings can be overridden from the command line).
*
* prots: newly-allocated list of configured protocols, if any.
*/
static void cmdline_config(int argc, char* argv[], struct sslhcfg_protocols_item** prots)
{
#ifdef LIBCONFIG
int c, res;
char *config_filename;
#endif
cmd_ssl_to_tls(argc, argv); /* To remove in v1.21 */
make_alloptions();
#ifdef LIBCONFIG
optind = 1;
opterr = 0; /* we're missing protocol options at this stage so don't output errors */
while ((c = getopt_long_only(argc, argv, optstr, all_options, NULL)) != -1) {
if (c == 'v') {
cfg.verbose++;
}
if (c == 'F') {
config_filename = optarg;
if (config_filename) {
res = config_parse(config_filename, &addr_listen);
} else {
/* No configuration file specified -- try default file locations */
res = config_parse("/etc/sslh/sslh.cfg", &addr_listen);
if (!res && cfg.verbose) fprintf(stderr, "Using /etc/sslh/sslh.cfg\n");
if (res) {
res = config_parse("/etc/sslh.cfg", &addr_listen);
if (!res && cfg.verbose) fprintf(stderr, "Using /etc/sslh.cfg\n");
}
}
if (res)
exit(4);
break;
}
}
#endif
}
/* Parse command-line options. prots points to a list of configured protocols,
* potentially non-allocated */
static void parse_cmdline(int argc, char* argv[], struct sslhcfg_protocols_item* prots)
{
int c;
struct addrinfo **a;
int background, i;
optind = 1;
opterr = 1;
next_arg:
while ((c = getopt_long_only(argc, argv, optstr, all_options, NULL)) != -1) {
if (c == 0) continue;
if (c >= PROT_SHIFT) {
int prot_num = c - PROT_SHIFT;
for (i = 0; i < cfg.protocols_len; i++) {
/* override if protocol was already defined by config file */
if (!strcmp(cfg.protocols[i].name, builtins[prot_num].name)) {
resolve_name(&(cfg.protocols[i].saddr), optarg);
goto next_arg;
}
}
/* At this stage, it's a new protocol: add it to the end of the
* list */
cfg.protocols_len++;
cfg.protocols = realloc(cfg.protocols, cfg.protocols_len * sizeof(*cfg.protocols));
CHECK_ALLOC(cfg.protocols, "realloc");
/* set up name, target and probe. everything else defaults to 0 */
memset(&cfg.protocols[cfg.protocols_len-1], 0, sizeof(cfg.protocols[0]));
cfg.protocols[cfg.protocols_len-1].probe = get_probe(builtins[prot_num].name);
cfg.protocols[cfg.protocols_len-1].name = builtins[prot_num].name;
resolve_name(&cfg.protocols[cfg.protocols_len-1].saddr, optarg);
continue;
}
switch (c) {
case 'F':
/* Legal option, but do nothing, it was already processed in
* cmdline_config() */
#ifndef LIBCONFIG
fprintf(stderr, "Built without libconfig support: configuration file not available.\n");
exit(1);
#endif
break;
case 't':
cfg.timeout = atoi(optarg);
break;
case OPT_ONTIMEOUT:
set_ontimeout(optarg);
break;
case 'p':
/* find the end of the listen list */
for (a = &addr_listen; *a; a = &((*a)->ai_next));
/* append the specified addresses */
resolve_name(a, optarg);
break;
case 'V':
printf("%s %s\n", server_type, VERSION);
exit(0);
case 'u':
cfg.user = optarg;
break;
case 'P':
cfg.pidfile = optarg;
break;
case 'C':
cfg.chroot = optarg;
break;
case 'v':
cfg.verbose++;
break;
default:
print_usage();
exit(2);
}
}
return;
if (!cfg.protocols_len) {
void config_sanity_check(struct sslhcfg_item* cfg) {
if (!cfg->protocols_len) {
fprintf(stderr, "At least one target protocol must be specified.\n");
exit(2);
}
/* If compiling with systemd socket support no need to require listen address */
#ifndef SYSTEMD
if (!addr_listen && !cfg.inetd) {
if (!addr_listen && !cfg->inetd) {
fprintf(stderr, "No listening address specified; use at least one -p option\n");
exit(1);
}
#endif
/* Did command-line override foreground setting? */
if (background)
cfg.foreground = 0;
}
int main(int argc, char *argv[])
{
extern char *optarg;
extern int optind;
int res, num_addr_listen;
struct sslhcfg_protocols_item* protocols = NULL;
int *listen_sockets;
/* Init defaults -- conf2struct sets them when parsing a config file
* but we may configure entirely from the command line */
cfg.pidfile = NULL;
cfg.user = NULL;
cfg.chroot = NULL;
cfg.syslog_facility = "auth";
cfg.timeout = 2;
cmdline_config(argc, argv, &protocols);
parse_cmdline(argc, argv, protocols);
memset(&cfg, 0, sizeof(cfg));
sslhcfg_cl_parse(argc, argv, &cfg);
sslhcfg_print(&cfg, 0);
config_resolve_listen(&addr_listen);
config_protocols();
config_sanity_check(&cfg);
if (cfg.inetd)
{

143
sslhconf.cfg
View File

@ -1,6 +1,8 @@
header: "sslh-conf.h";
parser: "sslh-conf.c";
conffile_option: ("F", "conffile");
# List of includes to define runtime types
# (bug in libconfig? if swallows the brackets if they start
# the string)
@ -15,20 +17,38 @@ config: {
name : "sslhcfg",
type: "list",
items: (
{ name: "verbose"; type: "int"; default: 0; },
{ name: "foreground"; type: "boolean"; default: false; },
{ name: "inetd"; type: "boolean"; default: false; },
{ name: "numeric"; type: "boolean"; default: false; },
{ name: "transparent"; type: "boolean"; default: false; },
{ name: "timeout"; type: "int"; default: 2; },
{ name: "user"; type: "string"; optional: true; },
{ name: "pidfile"; type: "string"; optional: true; },
{ name: "chroot"; type: "string"; optional: true; },
{ name: "syslog_facility"; type: "string"; default: "auth"; },
{ name: "verbose"; type: "int"; default: 0; short: "v"; },
{ name: "foreground"; type: "boolean"; default: false;
short: "f";
description: "Run in foreground instead of as a daemon"; },
{ name: "inetd"; type: "boolean"; default: false;
short: "i";
description: "Run in inetd mode: use stdin/stdout instead of network listen"; },
{ name: "numeric"; type: "boolean"; default: false;
short: "n";
description: "Print IP addresses and ports as numbers"; },
{ name: "transparent"; type: "boolean"; default: false;
description: "Set up as a transparent proxy"; },
{ name: "timeout"; type: "int"; default: 5;
short: "t";
description: "Set up timeout before connecting to default target"; },
{ name: "user"; type: "string"; optional: true;
short: "u";
description: "Username to change to after set-up"; },
{ name: "pidfile"; type: "string"; optional: true;
short: "P"; argdesc: "<file>";
description: "Path to file to store PID of current instance"; },
{ name: "chroot"; type: "string"; optional: true;
short: "C"; argdesc: "<path>";
description: "Root to change to after set-up"; },
{ name: "syslog_facility"; type: "string"; default: "auth";
description: "Facility to syslog to"; },
{name: "on-timeout"; type: "string"; default: "ssh"; },
{ name: "on-timeout"; type: "string"; default: "ssh";
description: "Target to connect to when timing out"; },
{ name: "listen",
no_cl_accessors: true; # disable generation of individual cl options for each group element (we create a specific --listen option further below)
type: "list",
items: (
{ name: "host"; type: "string"; var: true; },
@ -38,6 +58,7 @@ config: {
},
{ name: "protocols",
no_cl_accessors: true;
type: "list",
items: (
{ name: "name"; type: "string"; },
@ -69,3 +90,103 @@ config: {
)
}
# Command line for list settings: additional options that
# can set up several settings at once. Each option will
# create a new group setting entry if required (with
# defaults set up)
# This only works with string targets
# This may not be the right abstraction at all and way too
# sslh-centric
cl_groups: (
{ name: "listen"; pattern: "(\w+):(\w+)"; description: "Listen on host:port";
short: "p"; argdesc: "<host:port>";
list: "listen";
# no override, this just adds to the list (and thus can be specified several times)
targets: (
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "ssh"; pattern: "(\w+):(\w+)"; description: "Set up ssh target";
list: "protocols"; # List name that we're defining with this command line option
override: "name"; # Field in the group to override. If not found in list, add an item
# (it's mandatory to have that field as one of the targets
# below)
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "ssh" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "tls"; pattern: "(\w+):(\w+)"; description: "Set up TLS/SSL target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "tls" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "openvpn"; pattern: "(\w+):(\w+)"; description: "Set up OpenVPN target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "openvpn" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "tinc"; pattern: "(\w+):(\w+)"; description: "Set up tinc target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "openvpn" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "xmpp"; pattern: "(\w+):(\w+)"; description: "Set up XMPP target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "xmpp" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "http"; pattern: "(\w+):(\w+)"; description: "Set up HTTP (plain) target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "http" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "adb"; pattern: "(\w+):(\w+)"; description: "Set up ADB (Android Debug) target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "adb" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
},
{ name: "socks5"; pattern: "(\w+):(\w+)"; description: "Set up socks5 target";
list: "protocols";
override: "name";
argdesc: "<host:port>";
targets: (
{ path: "name"; value: "socks5" },
{ path: "host"; value: "$1" },
{ path: "port"; value: "$2" }
);
}
)