projects / u / mdw / putty / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Attempt to scrub -pw's argument in argv[], to make it less obvious.
[u/mdw/putty] / cmdline.c
1 /*
2 * cmdline.c - command-line parsing shared between many of the
3 * PuTTY applications
4 */
5
6 #include <stdio.h>
7 #include <assert.h>
8 #include <stdlib.h>
9 #include "putty.h"
10
11 /*
12 * Some command-line parameters need to be saved up until after
13 * we've loaded the saved session which will form the basis of our
14 * eventual running configuration. For this we use the macro
15 * SAVEABLE, which notices if the `need_save' parameter is set and
16 * saves the parameter and value on a list.
17 *
18 * We also assign priorities to saved parameters, just to slightly
19 * ameliorate silly ordering problems. For example, if you specify
20 * a saved session to load, it will be loaded _before_ all your
21 * local modifications such as -L are evaluated; and if you specify
22 * a protocol and a port, the protocol is set up first so that the
23 * port can override its choice of port number.
24 *
25 * (In fact -load is not saved at all, since in at least Plink the
26 * processing of further command-line options depends on whether or
27 * not the loaded session contained a hostname. So it must be
28 * executed immediately.)
29 */
30
31 #define NPRIORITIES 2
32
33 struct cmdline_saved_param {
34 char *p, *value;
35 };
36 struct cmdline_saved_param_set {
37 struct cmdline_saved_param *params;
38 int nsaved, savesize;
39 };
40
41 /*
42 * C guarantees this structure will be initialised to all zero at
43 * program start, which is exactly what we want.
44 */
45 static struct cmdline_saved_param_set saves[NPRIORITIES];
46
47 static void cmdline_save_param(char *p, char *value, int pri)
48 {
49 if (saves[pri].nsaved >= saves[pri].savesize) {
50 saves[pri].savesize = saves[pri].nsaved + 32;
51 saves[pri].params = sresize(saves[pri].params, saves[pri].savesize,
52 struct cmdline_saved_param);
53 }
54 saves[pri].params[saves[pri].nsaved].p = p;
55 saves[pri].params[saves[pri].nsaved].value = value;
56 saves[pri].nsaved++;
57 }
58
59 void cmdline_cleanup(void)
60 {
61 int pri;
62
63 for (pri = 0; pri < NPRIORITIES; pri++)
64 sfree(saves[pri].params);
65 }
66
67 #define SAVEABLE(pri) do { \
68 if (need_save) { cmdline_save_param(p, value, pri); return ret; } \
69 } while (0)
70
71 static char *cmdline_password = NULL;
72
73 /*
74 * Similar interface to get_userpass_input(), except that here a -1
75 * return means that we aren't capable of processing the prompt and
76 * someone else should do it.
77 */
78 int cmdline_get_passwd_input(prompts_t *p, unsigned char *in, int inlen) {
79
80 static int tried_once = 0;
81
82 /*
83 * We only handle prompts which don't echo (which we assume to be
84 * passwords), and (currently) we only cope with a password prompt
85 * that comes in a prompt-set on its own.
86 */
87 if (!cmdline_password || in || p->n_prompts != 1 || p->prompts[0]->echo) {
88 return -1;
89 }
90
91 /*
92 * If we've tried once, return utter failure (no more passwords left
93 * to try).
94 */
95 if (tried_once)
96 return 0;
97
98 strncpy(p->prompts[0]->result, cmdline_password,
99 p->prompts[0]->result_len);
100 p->prompts[0]->result[p->prompts[0]->result_len-1] = '\0';
101 memset(cmdline_password, 0, strlen(cmdline_password));
102 tried_once = 1;
103 return 1;
104
105 }
106
107 /*
108 * Here we have a flags word which describes the capabilities of
109 * the particular tool on whose behalf we're running. We will
110 * refuse certain command-line options if a particular tool
111 * inherently can't do anything sensible. For example, the file
112 * transfer tools (psftp, pscp) can't do a great deal with protocol
113 * selections (ever tried running scp over telnet?) or with port
114 * forwarding (even if it wasn't a hideously bad idea, they don't
115 * have the select() infrastructure to make them work).
116 */
117 int cmdline_tooltype = 0;
118
119 static int cmdline_check_unavailable(int flag, char *p)
120 {
121 if (cmdline_tooltype & flag) {
122 cmdline_error("option \"%s\" not available in this tool", p);
123 return 1;
124 }
125 return 0;
126 }
127
128 #define UNAVAILABLE_IN(flag) do { \
129 if (cmdline_check_unavailable(flag, p)) return ret; \
130 } while (0)
131
132 /*
133 * Process a standard command-line parameter. `p' is the parameter
134 * in question; `value' is the subsequent element of argv, which
135 * may or may not be required as an operand to the parameter.
136 * If `need_save' is 1, arguments which need to be saved as
137 * described at this top of this file are, for later execution;
138 * if 0, they are processed normally. (-1 is a special value used
139 * by pterm to count arguments for a preliminary pass through the
140 * argument list; it causes immediate return with an appropriate
141 * value with no action taken.)
142 * Return value is 2 if both arguments were used; 1 if only p was
143 * used; 0 if the parameter wasn't one we recognised; -2 if it
144 * should have been 2 but value was NULL.
145 */
146
147 #define RETURN(x) do { \
148 if ((x) == 2 && !value) return -2; \
149 ret = x; \
150 if (need_save < 0) return x; \
151 } while (0)
152
153 int cmdline_process_param(char *p, char *value, int need_save, Config *cfg)
154 {
155 int ret = 0;
156
157 if (!strcmp(p, "-load")) {
158 RETURN(2);
159 /* This parameter must be processed immediately rather than being
160 * saved. */
161 do_defaults(value, cfg);
162 loaded_session = TRUE;
163 return 2;
164 }
165 if (!strcmp(p, "-ssh")) {
166 RETURN(1);
167 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
168 SAVEABLE(0);
169 default_protocol = cfg->protocol = PROT_SSH;
170 default_port = cfg->port = 22;
171 return 1;
172 }
173 if (!strcmp(p, "-telnet")) {
174 RETURN(1);
175 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
176 SAVEABLE(0);
177 default_protocol = cfg->protocol = PROT_TELNET;
178 default_port = cfg->port = 23;
179 return 1;
180 }
181 if (!strcmp(p, "-rlogin")) {
182 RETURN(1);
183 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
184 SAVEABLE(0);
185 default_protocol = cfg->protocol = PROT_RLOGIN;
186 default_port = cfg->port = 513;
187 return 1;
188 }
189 if (!strcmp(p, "-raw")) {
190 RETURN(1);
191 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
192 SAVEABLE(0);
193 default_protocol = cfg->protocol = PROT_RAW;
194 }
195 if (!strcmp(p, "-v")) {
196 RETURN(1);
197 flags |= FLAG_VERBOSE;
198 }
199 if (!strcmp(p, "-l")) {
200 RETURN(2);
201 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
202 SAVEABLE(0);
203 strncpy(cfg->username, value, sizeof(cfg->username));
204 cfg->username[sizeof(cfg->username) - 1] = '\0';
205 }
206 if ((!strcmp(p, "-L") || !strcmp(p, "-R") || !strcmp(p, "-D"))) {
207 char *fwd, *ptr, *q, *qq;
208 int dynamic, i=0;
209 RETURN(2);
210 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
211 SAVEABLE(0);
212 dynamic = !strcmp(p, "-D");
213 fwd = value;
214 ptr = cfg->portfwd;
215 /* if existing forwards, find end of list */
216 while (*ptr) {
217 while (*ptr)
218 ptr++;
219 ptr++;
220 }
221 i = ptr - cfg->portfwd;
222 ptr[0] = p[1]; /* insert a 'L', 'R' or 'D' at the start */
223 ptr++;
224 if (1 + strlen(fwd) + 2 > sizeof(cfg->portfwd) - i) {
225 cmdline_error("out of space for port forwardings");
226 return ret;
227 }
228 strncpy(ptr, fwd, sizeof(cfg->portfwd) - i - 2);
229 if (!dynamic) {
230 /*
231 * We expect _at least_ two colons in this string. The
232 * possible formats are `sourceport:desthost:destport',
233 * or `sourceip:sourceport:desthost:destport' if you're
234 * specifying a particular loopback address. We need to
235 * replace the one between source and dest with a \t;
236 * this means we must find the second-to-last colon in
237 * the string.
238 */
239 q = qq = strchr(ptr, ':');
240 while (qq) {
241 char *qqq = strchr(qq+1, ':');
242 if (qqq)
243 q = qq;
244 qq = qqq;
245 }
246 if (q) *q = '\t'; /* replace second-last colon with \t */
247 }
248 cfg->portfwd[sizeof(cfg->portfwd) - 1] = '\0';
249 cfg->portfwd[sizeof(cfg->portfwd) - 2] = '\0';
250 ptr[strlen(ptr)+1] = '\000'; /* append 2nd '\000' */
251 }
252 if ((!strcmp(p, "-nc"))) {
253 char *host, *portp;
254
255 RETURN(2);
256 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
257 SAVEABLE(0);
258
259 host = portp = value;
260 while (*portp && *portp != ':')
261 portp++;
262 if (*portp) {
263 unsigned len = portp - host;
264 if (len >= sizeof(cfg->ssh_nc_host))
265 len = sizeof(cfg->ssh_nc_host) - 1;
266 strncpy(cfg->ssh_nc_host, value, len);
267 cfg->ssh_nc_host[sizeof(cfg->ssh_nc_host) - 1] = '\0';
268 cfg->ssh_nc_port = atoi(portp+1);
269 } else {
270 cmdline_error("-nc expects argument of form 'host:port'");
271 return ret;
272 }
273 }
274 if (!strcmp(p, "-m")) {
275 char *filename, *command;
276 int cmdlen, cmdsize;
277 FILE *fp;
278 int c, d;
279
280 RETURN(2);
281 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
282 SAVEABLE(0);
283
284 filename = value;
285
286 cmdlen = cmdsize = 0;
287 command = NULL;
288 fp = fopen(filename, "r");
289 if (!fp) {
290 cmdline_error("unable to open command "
291 "file \"%s\"", filename);
292 return ret;
293 }
294 do {
295 c = fgetc(fp);
296 d = c;
297 if (c == EOF)
298 d = 0;
299 if (cmdlen >= cmdsize) {
300 cmdsize = cmdlen + 512;
301 command = sresize(command, cmdsize, char);
302 }
303 command[cmdlen++] = d;
304 } while (c != EOF);
305 cfg->remote_cmd_ptr = command;
306 cfg->remote_cmd_ptr2 = NULL;
307 cfg->nopty = TRUE; /* command => no terminal */
308 }
309 if (!strcmp(p, "-P")) {
310 RETURN(2);
311 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
312 SAVEABLE(1); /* lower priority than -ssh,-telnet */
313 cfg->port = atoi(value);
314 }
315 if (!strcmp(p, "-pw")) {
316 RETURN(2);
317 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
318 SAVEABLE(1);
319 /* We delay evaluating this until after the protocol is decided,
320 * so that we can warn if it's of no use with the selected protocol */
321 if (cfg->protocol != PROT_SSH)
322 cmdline_error("the -pw option can only be used with the "
323 "SSH protocol");
324 else {
325 cmdline_password = dupstr(value);
326 /* Assuming that `value' is directly from argv, make a good faith
327 * attempt to trample it, to stop it showing up in `ps' output
328 * on Unix-like systems. Not guaranteed, of course. */
329 memset(value, 0, strlen(value));
330 }
331 }
332
333 if (!strcmp(p, "-agent") || !strcmp(p, "-pagent") ||
334 !strcmp(p, "-pageant")) {
335 RETURN(1);
336 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
337 SAVEABLE(0);
338 cfg->tryagent = TRUE;
339 }
340 if (!strcmp(p, "-noagent") || !strcmp(p, "-nopagent") ||
341 !strcmp(p, "-nopageant")) {
342 RETURN(1);
343 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
344 SAVEABLE(0);
345 cfg->tryagent = FALSE;
346 }
347
348 if (!strcmp(p, "-A")) {
349 RETURN(1);
350 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
351 SAVEABLE(0);
352 cfg->agentfwd = 1;
353 }
354 if (!strcmp(p, "-a")) {
355 RETURN(1);
356 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
357 SAVEABLE(0);
358 cfg->agentfwd = 0;
359 }
360
361 if (!strcmp(p, "-X")) {
362 RETURN(1);
363 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
364 SAVEABLE(0);
365 cfg->x11_forward = 1;
366 }
367 if (!strcmp(p, "-x")) {
368 RETURN(1);
369 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
370 SAVEABLE(0);
371 cfg->x11_forward = 0;
372 }
373
374 if (!strcmp(p, "-t")) {
375 RETURN(1);
376 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
377 SAVEABLE(0);
378 cfg->nopty = 0;
379 }
380 if (!strcmp(p, "-T")) {
381 RETURN(1);
382 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
383 SAVEABLE(0);
384 cfg->nopty = 1;
385 }
386
387 if (!strcmp(p, "-N")) {
388 RETURN(1);
389 UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
390 SAVEABLE(0);
391 cfg->ssh_no_shell = 1;
392 }
393
394 if (!strcmp(p, "-C")) {
395 RETURN(1);
396 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
397 SAVEABLE(0);
398 cfg->compression = 1;
399 }
400
401 if (!strcmp(p, "-1")) {
402 RETURN(1);
403 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
404 SAVEABLE(0);
405 cfg->sshprot = 0; /* ssh protocol 1 only */
406 }
407 if (!strcmp(p, "-2")) {
408 RETURN(1);
409 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
410 SAVEABLE(0);
411 cfg->sshprot = 3; /* ssh protocol 2 only */
412 }
413
414 if (!strcmp(p, "-i")) {
415 RETURN(2);
416 UNAVAILABLE_IN(TOOLTYPE_NONNETWORK);
417 SAVEABLE(0);
418 cfg->keyfile = filename_from_str(value);
419 }
420
421 if (!strcmp(p, "-4") || !strcmp(p, "-ipv4")) {
422 RETURN(1);
423 SAVEABLE(1);
424 cfg->addressfamily = ADDRTYPE_IPV4;
425 }
426 if (!strcmp(p, "-6") || !strcmp(p, "-ipv6")) {
427 RETURN(1);
428 SAVEABLE(1);
429 cfg->addressfamily = ADDRTYPE_IPV6;
430 }
431
432 return ret; /* unrecognised */
433 }
434
435 void cmdline_run_saved(Config *cfg)
436 {
437 int pri, i;
438 for (pri = 0; pri < NPRIORITIES; pri++)
439 for (i = 0; i < saves[pri].nsaved; i++)
440 cmdline_process_param(saves[pri].params[i].p,
441 saves[pri].params[i].value, 0, cfg);
442 }
Local modifications for Simon Tatham's `PuTTY' SSH client and terminal emulator