1 #include "config.h"
2 
3 #include <fcntl.h>
4 #include <stdio.h>
5 #include <stdlib.h>
6 #include <string.h>
7 #ifdef WIN32
8 #include <io.h>
9 #define F_OK 00
10 #define snprintf _snprintf
11 #define access _access
12 #else
13 #include <unistd.h>
14 #endif
15 
16 #include "tlswrap.h"
17 
18 #ifndef HAVE_STRLCPY
19 #include "misc.h"
20 #endif
21 
22 /*
23 extern char *optarg;
24 extern int optind;
25 extern int optopt;
26 extern int opterr;
27 extern int optreset;
28 */
29 
30 /*
31 	Check the "default" egd-pool locations.
32 */
33 
egd_check(char * cfg_egdsock,int cfg_egdsock_max)34 void 	egd_check(char *cfg_egdsock, int cfg_egdsock_max)
35 {
36 	const char std_loc[3][18]= {"/var/run/egd-pool",
37 		"/dev/egd-pool", "/etc/egd-pool"};
38 	int i;
39 
40 	for (i = 0; i < 3; i++) {
41 		if (access(std_loc[i], F_OK) == 0) {
42 			strlcpy(cfg_egdsock, std_loc[i], cfg_egdsock_max);
43 			return;
44 		}
45 	}
46 
47 	cfg_egdsock[0] = '\0';
48 }
49 
50 /*
51 	Configure everything.
52 */
53 
read_config(int argc,char * const * argv,unsigned int * users,char * listenport,int listenmax,int * debug,char * cfg_egdsock,int cfg_egdsock_max,char * tlsciphers,int tlsciphersmax,unsigned int * tcpbufsize,unsigned int * tcpsndlowat,char * listenhost,int listenhostmax,char * token,int tokenmax,int * sec_mode,char * certspath,int certspathmax,int * serv_install,int * serv_remove,int * key_wait,char * serv_install_opt,int serv_install_max,char * ucertspath,int ucertspathmax,char * cafile,int cafilemax,char * crlfile,int crlfilemax)54 void	read_config(int argc, char * const *argv, unsigned int *users,
55 	char *listenport, int listenmax, int *debug, char *cfg_egdsock,
56 	int cfg_egdsock_max, char *tlsciphers, int tlsciphersmax,
57 	unsigned int *tcpbufsize, unsigned int *tcpsndlowat, char
58 	*listenhost, int listenhostmax, char *token, int tokenmax, int *sec_mode,
59 	char *certspath, int certspathmax, int *serv_install, int *serv_remove,
60 	int *key_wait, char *serv_install_opt, int serv_install_max,
61 	char *ucertspath, int ucertspathmax, char *cafile, int cafilemax,
62 	char *crlfile, int crlfilemax)
63 {
64 	signed char ch; /* StrongARM fix */
65 	char *ep;
66 
67 	/* Set defaults first */
68 
69 	*users = 5;
70 	*certspath = '\0';
71 	*ucertspath = '\0';
72 	*cafile = '\0';
73 	*crlfile = '\0';
74 	strlcpy(listenport, "7000", listenmax);
75 	strlcpy(listenhost, "127.0.0.1", listenhostmax);
76 	strlcpy(token, "#@:%+", tokenmax);
77 	*debug = 0;
78 	*sec_mode = 0;
79 	*tcpbufsize = 32768;
80 	*tcpsndlowat = DBUF_SIZE;
81 	egd_check(cfg_egdsock, cfg_egdsock_max);
82 	*serv_remove = *serv_install = 0;
83 	*key_wait = 0;
84 
85 	strlcpy(tlsciphers,"DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:RC4-SHA:RC4-MD5:DHE-DSS-RC4-SHA:DES-CBC3-SHA:DES-CBC3-MD5:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA",
86 	    tlsciphersmax);
87 
88 	while ((ch = getopt(argc, argv, "a:b:B:c:C:dE:h:I:kl:p:P:r:Rs:St:")) != -1)
89 		switch (ch) {
90 		case 'a':
91 			strlcpy(cafile, optarg, cafilemax);
92 			break;
93 		case 'b':
94 			*tcpbufsize = strtol(optarg, &ep, 10);
95 			if (*tcpbufsize <= 0 || *ep != '\0') {
96 				fprintf(stderr,"illegal number -- %s", optarg);
97 				exit(1);
98 			}
99 		case 'B':
100 			*tcpsndlowat = strtol(optarg, &ep, 10);
101 			if (*tcpsndlowat <= 0 || *ep != '\0') {
102 				fprintf(stderr, "illegal number -- %s", optarg);
103 				exit(1);
104 			}
105 		case 'c':
106 			*users = strtol(optarg, &ep, 10);
107 			if (*users <= 0 || *ep != '\0') {
108 				fprintf(stderr, "illegal number -- %s", optarg);
109 				exit(1);
110 			}
111 			break;
112 		case 'C':
113 			strlcpy(tlsciphers, optarg, tlsciphersmax);
114 			break;
115 		case 'd':
116 			*debug = 1;
117 			break;
118 		case 'E':
119 			strlcpy(cfg_egdsock, optarg, cfg_egdsock_max);
120 			break;
121 		case 'h':
122 			strlcpy(listenhost, optarg, listenhostmax);
123 			break;
124 		case 'I':
125 			*serv_install = 1;
126 			strlcpy(serv_install_opt, optarg, serv_install_max);
127 			break;
128 		case 'k':
129 			*key_wait = 1;
130 			break;
131 		case 'l':
132 			strlcpy(listenport, optarg, listenmax);
133 			break;
134 		case 'p':
135 			strlcpy(certspath, optarg, certspathmax);
136 			break;
137 		case 'P':
138 			strlcpy(ucertspath, optarg, ucertspathmax);
139 			break;
140 		case 's':
141 			*sec_mode = strtol(optarg, &ep, 10);
142 			if (*sec_mode < 0 || *ep != '\0') {
143 				fprintf(stderr, "illegal number -- %s", optarg);
144 				exit(1);
145 			}
146 			break;
147 		case 'r':
148 			strlcpy(crlfile, optarg, crlfilemax);
149 			break;
150 		case 'R':
151 			*serv_remove = 1;
152 			break;
153 		case 'S': break; /* empty for WIN32 service */
154 		case 't':
155 			if (strlen(optarg) == (tokenmax - 1))
156 				strlcpy(token, optarg, tokenmax);
157 			else {
158 				fprintf(stderr, "tokens must be %d characters\n", tokenmax - 1);
159 				exit(1);
160 			}
161 			break;
162 		default:
163 			usage();
164 		}
165 
166 	argc -= optind;
167      	argv += optind;
168 
169 }
usage()170 void usage()
171 {
172 	(void)fprintf(stderr, "usage: %s [-c max] [-C list] [-d] [-E socket] [-h host] [-l port] [-p certs_path] [-s mode] [-t tokens]\n","tlswrap");
173 	exit(1);
174 }
175