]>
git.ipfire.org Git - ipfire-3.x.git/blob - src/misc-progs/restartssh.c
1 /* SmoothWall helper program - restartssh
3 * This program is distributed under the terms of the GNU General Public
4 * Licence. See the file COPYING for details.
6 * (c) Mark Wormgoor, 2001
7 * Simple program intended to be installed setuid(0) that can be used for
10 * $Id: restartssh.c,v 1.3 2003/12/11 10:57:34 riddles Exp $
18 #include <sys/types.h>
22 #include "libsmooth.h"
25 int main(int argc
, char *argv
[])
27 if (strcmp(argv
[1], "tempstart15") == 0) {
28 safe_system("/usr/local/bin/restartssh");
30 unlink("/var/ipfire/remote/enablessh");
31 safe_system("cat /var/ipfire/remote/settings | sed 's/ENABLE_SSH=on/ENABLE_SSH=off/' > /var/ipfire/remote/settings2 && mv /var/ipfire/remote/settings2 /var/ipfire/remote/settings");
32 safe_system("sleep 900 && /usr/local/bin/restartssh &");
34 else if (strcmp(argv
[1], "tempstart30") == 0) {
35 safe_system("/usr/local/bin/restartssh");
37 unlink("/var/ipfire/remote/enablessh");
38 safe_system("cat /var/ipfire/remote/settings | sed 's/ENABLE_SSH=on/ENABLE_SSH=off/' > /var/ipfire/remote/settings2 && mv /var/ipfire/remote/settings2 /var/ipfire/remote/settings");
39 safe_system("sleep 1800 && /usr/local/bin/restartssh &");
41 int fd
, config_fd
, rc
, pid
;
42 char buffer
[STRING_SIZE
], command
[STRING_SIZE
] = "/bin/sed -e '";
43 struct keyvalue
*kv
= NULL
;
49 if (!readkeyvalues(kv
, CONFIG_ROOT
"/remote/settings"))
51 fprintf(stderr
, "Cannot read remote access settings\n");
55 /* By using O_CREAT with O_EXCL open() will fail if the file already exists,
56 * this prevents 2 copies of restartssh both trying to edit the config file
57 * at once. It also prevents race conditions, but these shouldn't be
58 * possible as /etc/ssh/ should only be writable by root anyhow
61 if ((config_fd
= open( "/etc/ssh/sshd_config.new", O_WRONLY
|O_CREAT
|O_EXCL
, 0644 )) == -1 )
63 perror("Unable to open new config file");
68 if(findkey(kv
, "ENABLE_SSH_PROTOCOL1", buffer
) && !strcmp(buffer
,"on"))
69 strlcat(command
, "s/^Protocol .*$/Protocol 2,1/;", STRING_SIZE
- 1 );
71 strlcat(command
, "s/^Protocol .*$/Protocol 2/;", STRING_SIZE
- 1 );
73 if(findkey(kv
, "ENABLE_SSH_KEYS", buffer
) && !strcmp(buffer
,"off"))
74 strlcat(command
, "s/^RSAAuthentication .*$/RSAAuthentication no/;"
75 "s/^PubkeyAuthentication .*$/PubkeyAuthentication no/;",
78 strlcat(command
, "s/^RSAAuthentication .*$/RSAAuthentication yes/;"
79 "s/^PubkeyAuthentication .*$/PubkeyAuthentication yes/;",
82 if(findkey(kv
, "ENABLE_SSH_PASSWORDS", buffer
) && !strcmp(buffer
,"off"))
83 strlcat(command
, "s/^PasswordAuthentication .*$/PasswordAuthentication no/;", STRING_SIZE
- 1 );
85 strlcat(command
, "s/^PasswordAuthentication .*$/PasswordAuthentication yes/;", STRING_SIZE
- 1 );
87 if(findkey(kv
, "ENABLE_SSH_PORTFW", buffer
) && !strcmp(buffer
,"on"))
88 strlcat(command
, "s/^AllowTcpForwarding .*$/AllowTcpForwarding yes/", STRING_SIZE
- 1 );
90 strlcat(command
, "s/^AllowTcpForwarding .*$/AllowTcpForwarding no/", STRING_SIZE
- 1 );
94 snprintf(buffer
, STRING_SIZE
- 1, "' /etc/ssh/sshd_config >&%d", config_fd
);
95 strlcat(command
, buffer
, STRING_SIZE
- 1);
97 if((rc
= unpriv_system(command
,99,99)) != 0)
99 fprintf(stderr
, "sed returned bad exit code: %d\n", rc
);
101 unlink("/etc/ssh/sshd_config.new");
105 if (rename("/etc/ssh/sshd_config.new","/etc/ssh/sshd_config") != 0)
107 perror("Unable to replace old config file");
108 unlink("/etc/ssh/sshd_config.new");
112 memset(buffer
, 0, STRING_SIZE
);
114 if ((fd
= open("/var/run/sshd.pid", O_RDONLY
)) != -1)
116 if (read(fd
, buffer
, STRING_SIZE
- 1) == -1)
117 fprintf(stderr
, "Couldn't read from pid file\n");
122 fprintf(stderr
, "Bad pid value\n");
125 if (kill(pid
, SIGTERM
) == -1)
126 fprintf(stderr
, "Unable to send SIGTERM\n");
128 unlink("/var/run/sshd.pid");
137 perror("Unable to open pid file");
142 if ((fd
= open(CONFIG_ROOT
"/remote/enablessh", O_RDONLY
)) != -1)
145 safe_system("/usr/sbin/sshd");