1 #include "config.h"
2
3 #include <fcntl.h>
4 #include <stdio.h>
5 #include <stdlib.h>
6 #include <string.h>
7 #ifdef WIN32
8 #include <io.h>
9 #define F_OK 00
10 #define snprintf _snprintf
11 #define access _access
12 #else
13 #include <unistd.h>
14 #endif
15
16 #include "tlswrap.h"
17
18 #ifndef HAVE_STRLCPY
19 #include "misc.h"
20 #endif
21
22 /*
23 extern char *optarg;
24 extern int optind;
25 extern int optopt;
26 extern int opterr;
27 extern int optreset;
28 */
29
30 /*
31 Check the "default" egd-pool locations.
32 */
33
egd_check(char * cfg_egdsock,int cfg_egdsock_max)34 void egd_check(char *cfg_egdsock, int cfg_egdsock_max)
35 {
36 const char std_loc[3][18]= {"/var/run/egd-pool",
37 "/dev/egd-pool", "/etc/egd-pool"};
38 int i;
39
40 for (i = 0; i < 3; i++) {
41 if (access(std_loc[i], F_OK) == 0) {
42 strlcpy(cfg_egdsock, std_loc[i], cfg_egdsock_max);
43 return;
44 }
45 }
46
47 cfg_egdsock[0] = '\0';
48 }
49
50 /*
51 Configure everything.
52 */
53
read_config(int argc,char * const * argv,unsigned int * users,char * listenport,int listenmax,int * debug,char * cfg_egdsock,int cfg_egdsock_max,char * tlsciphers,int tlsciphersmax,unsigned int * tcpbufsize,unsigned int * tcpsndlowat,char * listenhost,int listenhostmax,char * token,int tokenmax,int * sec_mode,char * certspath,int certspathmax,int * serv_install,int * serv_remove,int * key_wait,char * serv_install_opt,int serv_install_max,char * ucertspath,int ucertspathmax,char * cafile,int cafilemax,char * crlfile,int crlfilemax)54 void read_config(int argc, char * const *argv, unsigned int *users,
55 char *listenport, int listenmax, int *debug, char *cfg_egdsock,
56 int cfg_egdsock_max, char *tlsciphers, int tlsciphersmax,
57 unsigned int *tcpbufsize, unsigned int *tcpsndlowat, char
58 *listenhost, int listenhostmax, char *token, int tokenmax, int *sec_mode,
59 char *certspath, int certspathmax, int *serv_install, int *serv_remove,
60 int *key_wait, char *serv_install_opt, int serv_install_max,
61 char *ucertspath, int ucertspathmax, char *cafile, int cafilemax,
62 char *crlfile, int crlfilemax)
63 {
64 signed char ch; /* StrongARM fix */
65 char *ep;
66
67 /* Set defaults first */
68
69 *users = 5;
70 *certspath = '\0';
71 *ucertspath = '\0';
72 *cafile = '\0';
73 *crlfile = '\0';
74 strlcpy(listenport, "7000", listenmax);
75 strlcpy(listenhost, "127.0.0.1", listenhostmax);
76 strlcpy(token, "#@:%+", tokenmax);
77 *debug = 0;
78 *sec_mode = 0;
79 *tcpbufsize = 32768;
80 *tcpsndlowat = DBUF_SIZE;
81 egd_check(cfg_egdsock, cfg_egdsock_max);
82 *serv_remove = *serv_install = 0;
83 *key_wait = 0;
84
85 strlcpy(tlsciphers,"DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:RC4-SHA:RC4-MD5:DHE-DSS-RC4-SHA:DES-CBC3-SHA:DES-CBC3-MD5:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA",
86 tlsciphersmax);
87
88 while ((ch = getopt(argc, argv, "a:b:B:c:C:dE:h:I:kl:p:P:r:Rs:St:")) != -1)
89 switch (ch) {
90 case 'a':
91 strlcpy(cafile, optarg, cafilemax);
92 break;
93 case 'b':
94 *tcpbufsize = strtol(optarg, &ep, 10);
95 if (*tcpbufsize <= 0 || *ep != '\0') {
96 fprintf(stderr,"illegal number -- %s", optarg);
97 exit(1);
98 }
99 case 'B':
100 *tcpsndlowat = strtol(optarg, &ep, 10);
101 if (*tcpsndlowat <= 0 || *ep != '\0') {
102 fprintf(stderr, "illegal number -- %s", optarg);
103 exit(1);
104 }
105 case 'c':
106 *users = strtol(optarg, &ep, 10);
107 if (*users <= 0 || *ep != '\0') {
108 fprintf(stderr, "illegal number -- %s", optarg);
109 exit(1);
110 }
111 break;
112 case 'C':
113 strlcpy(tlsciphers, optarg, tlsciphersmax);
114 break;
115 case 'd':
116 *debug = 1;
117 break;
118 case 'E':
119 strlcpy(cfg_egdsock, optarg, cfg_egdsock_max);
120 break;
121 case 'h':
122 strlcpy(listenhost, optarg, listenhostmax);
123 break;
124 case 'I':
125 *serv_install = 1;
126 strlcpy(serv_install_opt, optarg, serv_install_max);
127 break;
128 case 'k':
129 *key_wait = 1;
130 break;
131 case 'l':
132 strlcpy(listenport, optarg, listenmax);
133 break;
134 case 'p':
135 strlcpy(certspath, optarg, certspathmax);
136 break;
137 case 'P':
138 strlcpy(ucertspath, optarg, ucertspathmax);
139 break;
140 case 's':
141 *sec_mode = strtol(optarg, &ep, 10);
142 if (*sec_mode < 0 || *ep != '\0') {
143 fprintf(stderr, "illegal number -- %s", optarg);
144 exit(1);
145 }
146 break;
147 case 'r':
148 strlcpy(crlfile, optarg, crlfilemax);
149 break;
150 case 'R':
151 *serv_remove = 1;
152 break;
153 case 'S': break; /* empty for WIN32 service */
154 case 't':
155 if (strlen(optarg) == (tokenmax - 1))
156 strlcpy(token, optarg, tokenmax);
157 else {
158 fprintf(stderr, "tokens must be %d characters\n", tokenmax - 1);
159 exit(1);
160 }
161 break;
162 default:
163 usage();
164 }
165
166 argc -= optind;
167 argv += optind;
168
169 }
usage()170 void usage()
171 {
172 (void)fprintf(stderr, "usage: %s [-c max] [-C list] [-d] [-E socket] [-h host] [-l port] [-p certs_path] [-s mode] [-t tokens]\n","tlswrap");
173 exit(1);
174 }
175