/* * ľAnytun * * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full * featured implementation ľAnytun has no support for multiple connections * or synchronisation. It is a small single threaded implementation intended * to act as a client on small platforms. * The secure anycast tunneling protocol (satp) defines a protocol used * for communication between any combination of unicast and anycast * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel * mode and allows tunneling of every ETHER TYPE protocol (e.g. * ethernet, ip, arp ...). satp directly includes cryptography and * message authentication based on the methodes used by SRTP. It is * intended to deliver a generic, scaleable and secure solution for * tunneling and relaying of packets of any protocol. * * * Copyright (C) 2007-2008 Christian Pointner * * This file is part of ľAnytun. * * ľAnytun is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License version 3 as * published by the Free Software Foundation. * * ľAnytun is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with ľAnytun. If not, see . */ #include "datatypes.h" #include "options.h" #include #include #include #define PARSE_BOOL_PARAM(SHORT, LONG, VALUE) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ VALUE = 1; #define PARSE_INVERSE_BOOL_PARAM(SHORT, LONG, VALUE) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ VALUE = 0; #define PARSE_INT_PARAM(SHORT, LONG, VALUE) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ { \ if(argc < 1) \ return i; \ VALUE = atoi(argv[i+1]); \ argc--; \ i++; \ } #define PARSE_STRING_PARAM(SHORT, LONG, VALUE) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ { \ if(argc < 1 || argv[i+1][0] == '-') \ return i; \ if(VALUE) free(VALUE); \ VALUE = strdup(argv[i+1]); \ if(!VALUE) \ return -2; \ argc--; \ i++; \ } #define PARSE_STRING_PARAM2(SHORT, LONG, VALUE1, VALUE2) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ { \ if(argc < 2 || \ argv[i+1][0] == '-' || argv[i+2][0] == '-') \ return i; \ if(VALUE1) free(VALUE1); \ VALUE1 = strdup(argv[i+1]); \ if(!VALUE1) \ return -2; \ if(VALUE2) free(VALUE2); \ VALUE2 = strdup(argv[i+2]); \ if(!VALUE2) \ return -2; \ argc-=2; \ i+=2; \ } #define PARSE_HEXSTRING_PARAM_SEC(SHORT, LONG, VALUE) \ else if(!strcmp(str,SHORT) || !strcmp(str,LONG)) \ { \ if(argc < 1 || argv[i+1][0] == '-') \ return i; \ if(VALUE.buf_) free(VALUE.buf_); \ VALUE = options_parse_hex_string(argv[i+1]); \ if(!VALUE.buf_) \ return -2; \ size_t j; \ for(j=0; j < strlen(argv[i+1]); ++j) \ argv[i+1][j] = '#'; \ argc--; \ i++; \ } buffer_t options_parse_hex_string(const char* hex) { u_int32_t hex_len = strlen(hex); buffer_t buffer; buffer.length_ = 0; buffer.buf_ = NULL; if(hex_len%2) return buffer; buffer.length_ = hex_len/2; buffer.buf_ = malloc(buffer.length_); if(!buffer.buf_) { buffer.length_ = 0; return buffer; } const char* ptr = hex; int i; for(i=0;iprogname_) free(opt->progname_); opt->progname_ = strdup(argv[0]); if(!opt->progname_) return -2; argc--; int i; for(i=1; argc > 0; ++i) { char* str = argv[i]; argc--; if(!strcmp(str,"-h") || !strcmp(str,"--help")) return -1; PARSE_INVERSE_BOOL_PARAM("-D","--nodaemonize", opt->daemonize_) PARSE_BOOL_PARAM("-C","--chroot", opt->chroot_) PARSE_STRING_PARAM("-u","--username", opt->username_) PARSE_STRING_PARAM("-H","--chroot-dir", opt->chroot_dir_) PARSE_STRING_PARAM("-P","--write-pid", opt->pid_file_) PARSE_STRING_PARAM("-i","--interface", opt->local_addr_) PARSE_STRING_PARAM("-p","--port", opt->local_port_) PARSE_STRING_PARAM("-r","--remote-host", opt->remote_addr_) PARSE_STRING_PARAM("-o","--remote-port", opt->remote_port_) PARSE_STRING_PARAM("-d","--dev", opt->dev_name_) PARSE_STRING_PARAM("-t","--type", opt->dev_type_) PARSE_STRING_PARAM2("-n","--ifconfig", opt->ifconfig_param_local_, opt->ifconfig_param_remote_netmask_) PARSE_STRING_PARAM("-x","--post-up-script", opt->post_up_script_) PARSE_INT_PARAM("-s","--sender-id", opt->sender_id_) PARSE_INT_PARAM("-m","--mux", opt->mux_) PARSE_INT_PARAM("-w","--window-size", opt->seq_window_size_) PARSE_STRING_PARAM("-c","--cipher", opt->cipher_) PARSE_STRING_PARAM("-k","--kd-prf", opt->kd_prf_) PARSE_INT_PARAM("-l","--ld-kdr", opt->ld_kdr_) PARSE_STRING_PARAM("-a","--auth-algo", opt->auth_algo_) PARSE_HEXSTRING_PARAM_SEC("-K","--key", opt->key_) PARSE_HEXSTRING_PARAM_SEC("-A","--salt", opt->salt_) else return i; } if(!strcmp(opt->cipher_, "null") && !strcmp(opt->auth_algo_, "null")) { if(opt->kd_prf_) free(opt->kd_prf_); opt->kd_prf_ = strdup("null"); } if((strcmp(opt->cipher_, "null") || strcmp(opt->auth_algo_, "null")) && !strcmp(opt->kd_prf_, "null")) { if(opt->kd_prf_) free(opt->kd_prf_); opt->kd_prf_ = strdup("aes-ctr"); } if(!(opt->dev_name_) && !(opt->dev_type_)) opt->dev_type_ = strdup("tun"); return 0; } void options_default(options_t* opt) { if(!opt) return; opt->progname_ = strdup("uanytun"); opt->daemonize_ = 1; opt->chroot_ = 0; opt->username_ = strdup("nobody"); opt->chroot_dir_ = strdup("/var/run/uanytun"); opt->pid_file_ = NULL; opt->sender_id_ = 0; opt->local_addr_ = NULL; opt->local_port_ = strdup("4444"); opt->remote_addr_ = NULL; opt->remote_port_ = strdup("4444"); opt->dev_name_ = NULL; opt->dev_type_ = NULL; opt->ifconfig_param_local_ = NULL; opt->ifconfig_param_remote_netmask_ = NULL; opt->post_up_script_ = NULL; opt->seq_window_size_ = 100; opt->cipher_ = strdup("aes-ctr"); opt->kd_prf_ = strdup("aes-ctr"); opt->ld_kdr_ = 0; opt->auth_algo_ = strdup("sha1"); opt->mux_ = 0; opt->key_.buf_ = NULL; opt->key_.length_ = 0; opt->salt_.buf_ = NULL; opt->salt_.length_ = 0; } void options_clear(options_t* opt) { if(!opt) return; if(opt->progname_) free(opt->progname_); if(opt->username_) free(opt->username_); if(opt->chroot_dir_) free(opt->chroot_dir_); if(opt->pid_file_) free(opt->pid_file_); if(opt->local_addr_) free(opt->local_addr_); if(opt->local_port_) free(opt->local_port_); if(opt->remote_addr_) free(opt->remote_addr_); if(opt->remote_port_) free(opt->remote_port_); if(opt->dev_name_) free(opt->dev_name_); if(opt->dev_type_) free(opt->dev_type_); if(opt->ifconfig_param_local_) free(opt->ifconfig_param_local_); if(opt->ifconfig_param_remote_netmask_) free(opt->ifconfig_param_remote_netmask_); if(opt->post_up_script_) free(opt->post_up_script_); if(opt->cipher_) free(opt->cipher_); if(opt->kd_prf_) free(opt->kd_prf_); if(opt->auth_algo_) free(opt->auth_algo_); if(opt->key_.buf_) free(opt->key_.buf_); if(opt->salt_.buf_) free(opt->salt_.buf_); } void options_print_usage() { printf("USAGE:\n"); printf("uanytun [-h|--help] prints this...\n"); // printf(" [-f|--config] the config file\n"); printf(" [-D|--nodaemonize] don't run in background\n"); printf(" [-C|--chroot] chroot and drop privileges\n"); printf(" [-u|--username] if chroot change to this user\n"); printf(" [-H|--chroot-dir] chroot to this directory\n"); printf(" [-P|--write-pid] write pid to this file\n"); printf(" [-i|--interface] local ip address to bind to\n"); printf(" [-p|--port] local port to bind to\n"); printf(" [-r|--remote-host] remote host\n"); printf(" [-o|--remote-port] remote port\n"); printf(" [-d|--dev] device name\n"); printf(" [-t|--type] device type\n"); printf(" [-n|--ifconfig] the local address for the tun/tap device\n"); printf(" the remote address(tun) or netmask(tap)\n"); printf(" [-x|--post-up-script]