2016-11-25 17:18:40 +01:00
|
|
|
/*
|
|
|
|
* This file is part of the UCB release of Plan 9. It is subject to the license
|
|
|
|
* terms in the LICENSE file found in the top-level directory of this
|
|
|
|
* distribution and at http://akaros.cs.berkeley.edu/files/Plan9License. No
|
|
|
|
* part of the UCB release of Plan 9, including this file, may be copied,
|
|
|
|
* modified, propagated, or distributed except according to the terms contained
|
|
|
|
* in the LICENSE file.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <u.h>
|
|
|
|
#include <libc.h>
|
|
|
|
#include <auth.h>
|
|
|
|
#include <libsec.h>
|
|
|
|
|
|
|
|
enum {
|
|
|
|
Encnone,
|
|
|
|
Encssl,
|
|
|
|
Enctls,
|
|
|
|
};
|
|
|
|
|
|
|
|
static char *encprotos[] = {
|
|
|
|
[Encnone] = "clear",
|
|
|
|
[Encssl] = "ssl",
|
|
|
|
[Enctls] = "tls",
|
|
|
|
nil,
|
|
|
|
};
|
|
|
|
|
|
|
|
char *keyspec = "";
|
|
|
|
char *filterp;
|
|
|
|
char *ealgs = "rc4_256 sha1";
|
|
|
|
int encproto = Encnone;
|
|
|
|
char *aan = "/cmd/aan";
|
|
|
|
AuthInfo *ai;
|
|
|
|
int debug;
|
|
|
|
int doauth = 1;
|
|
|
|
int timedout;
|
|
|
|
|
|
|
|
int connect(char*, char*, int);
|
|
|
|
int passive(void);
|
|
|
|
int old9p(int);
|
|
|
|
void catcher(void *c, char*);
|
|
|
|
void usage(void);
|
|
|
|
int filter(int, char *, char *);
|
|
|
|
|
|
|
|
static void mksecret(char *, uint8_t *);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* based on libthread's threadsetname, but drags in less library code.
|
|
|
|
* actually just sets the arguments displayed.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
procsetname(char *fmt, ...)
|
|
|
|
{
|
|
|
|
int fd;
|
|
|
|
char *cmdname;
|
|
|
|
char buf[128];
|
|
|
|
va_list arg;
|
|
|
|
|
|
|
|
va_start(arg, fmt);
|
|
|
|
cmdname = vsmprint(fmt, arg);
|
|
|
|
va_end(arg);
|
|
|
|
if (cmdname == nil)
|
|
|
|
return;
|
|
|
|
snprint(buf, sizeof buf, "#p/%d/args", getpid());
|
|
|
|
if((fd = open(buf, OWRITE)) >= 0){
|
|
|
|
write(fd, cmdname, strlen(cmdname)+1);
|
|
|
|
close(fd);
|
|
|
|
}
|
|
|
|
free(cmdname);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
post(char *name, char *envname, int srvfd)
|
|
|
|
{
|
|
|
|
int fd;
|
|
|
|
char buf[32];
|
|
|
|
|
2016-12-24 21:25:20 +01:00
|
|
|
fd = ocreate(name, OWRITE, 0600);
|
2016-11-25 17:18:40 +01:00
|
|
|
if(fd < 0)
|
|
|
|
return;
|
|
|
|
sprint(buf, "%d",srvfd);
|
|
|
|
if(write(fd, buf, strlen(buf)) != strlen(buf))
|
|
|
|
sysfatal("srv write: %r");
|
|
|
|
close(fd);
|
|
|
|
putenv(envname, name);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
lookup(char *s, char *l[])
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; l[i] != 0; i++)
|
|
|
|
if (strcmp(l[i], s) == 0)
|
|
|
|
return i;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
main(int argc, char **argv)
|
|
|
|
{
|
|
|
|
char *mntpt, *srvpost, srvfile[64];
|
|
|
|
int backwards = 0, fd, mntflags, oldserver, notree;
|
|
|
|
|
|
|
|
quotefmtinstall();
|
|
|
|
srvpost = nil;
|
|
|
|
oldserver = 0;
|
|
|
|
notree = 0;
|
|
|
|
mntflags = MREPL;
|
|
|
|
ARGBEGIN{
|
|
|
|
case 'A':
|
|
|
|
doauth = 0;
|
|
|
|
break;
|
|
|
|
case 'a':
|
|
|
|
mntflags = MAFTER;
|
|
|
|
break;
|
|
|
|
case 'b':
|
|
|
|
mntflags = MBEFORE;
|
|
|
|
break;
|
|
|
|
case 'c':
|
|
|
|
mntflags |= MCREATE;
|
|
|
|
break;
|
|
|
|
case 'C':
|
|
|
|
mntflags |= MCACHE;
|
|
|
|
break;
|
|
|
|
case 'd':
|
|
|
|
debug++;
|
|
|
|
break;
|
|
|
|
case 'f':
|
|
|
|
/* ignored but allowed for compatibility */
|
|
|
|
break;
|
|
|
|
case 'O':
|
|
|
|
case 'o':
|
|
|
|
oldserver = 1;
|
|
|
|
break;
|
|
|
|
case 'E':
|
|
|
|
if ((encproto = lookup(EARGF(usage()), encprotos)) < 0)
|
|
|
|
usage();
|
|
|
|
break;
|
|
|
|
case 'e':
|
|
|
|
ealgs = EARGF(usage());
|
|
|
|
if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
|
|
|
|
ealgs = nil;
|
|
|
|
break;
|
|
|
|
case 'k':
|
|
|
|
keyspec = EARGF(usage());
|
|
|
|
break;
|
|
|
|
case 'p':
|
|
|
|
filterp = aan;
|
|
|
|
break;
|
|
|
|
case 's':
|
|
|
|
srvpost = EARGF(usage());
|
|
|
|
break;
|
|
|
|
case 'B':
|
|
|
|
backwards = 1;
|
|
|
|
break;
|
|
|
|
case 'm':
|
|
|
|
notree = 1;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
usage();
|
|
|
|
}ARGEND;
|
|
|
|
|
|
|
|
mntpt = 0; /* to shut up compiler */
|
|
|
|
if(backwards){
|
|
|
|
switch(argc) {
|
|
|
|
default:
|
|
|
|
mntpt = argv[0];
|
|
|
|
break;
|
|
|
|
case 0:
|
|
|
|
usage();
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
switch(argc) {
|
|
|
|
case 2:
|
|
|
|
mntpt = argv[1];
|
|
|
|
break;
|
|
|
|
case 3:
|
|
|
|
if(notree)
|
|
|
|
usage();
|
|
|
|
mntpt = argv[2];
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
usage();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (encproto == Enctls)
|
|
|
|
sysfatal("%s: tls has not yet been implemented", argv[0]);
|
|
|
|
|
|
|
|
notify(catcher);
|
|
|
|
alarm(60*1000);
|
|
|
|
|
|
|
|
if(backwards)
|
|
|
|
fd = passive();
|
|
|
|
else if(notree)
|
|
|
|
fd = connect(argv[0], nil, oldserver);
|
|
|
|
else
|
|
|
|
fd = connect(argv[0], argv[1], oldserver);
|
|
|
|
|
|
|
|
if (!oldserver)
|
|
|
|
fprint(fd, "impo %s %s\n", filterp? "aan": "nofilter",
|
|
|
|
encprotos[encproto]);
|
|
|
|
|
|
|
|
if (encproto != Encnone && ealgs && ai) {
|
|
|
|
unsigned char key[16];
|
|
|
|
unsigned char digest[SHA1dlen];
|
|
|
|
char fromclientsecret[21];
|
|
|
|
char fromserversecret[21];
|
|
|
|
int i;
|
|
|
|
|
|
|
|
memmove(key+4, ai->secret, ai->nsecret);
|
|
|
|
|
|
|
|
/* exchange random numbers */
|
|
|
|
srand(truerand());
|
|
|
|
for(i = 0; i < 4; i++)
|
|
|
|
key[i] = rand();
|
|
|
|
if(write(fd, key, 4) != 4)
|
|
|
|
sysfatal("can't write key part: %r");
|
|
|
|
if(readn(fd, key+12, 4) != 4)
|
|
|
|
sysfatal("can't read key part: %r");
|
|
|
|
|
|
|
|
/* scramble into two secrets */
|
|
|
|
sha1(key, sizeof(key), digest, nil);
|
|
|
|
mksecret(fromclientsecret, digest);
|
|
|
|
mksecret(fromserversecret, digest+10);
|
|
|
|
|
|
|
|
if (filterp)
|
|
|
|
fd = filter(fd, filterp, argv[0]);
|
|
|
|
|
|
|
|
/* set up encryption */
|
|
|
|
procsetname("pushssl");
|
|
|
|
fd = pushssl(fd, ealgs, fromclientsecret, fromserversecret, nil);
|
|
|
|
if(fd < 0)
|
|
|
|
sysfatal("can't establish ssl connection: %r");
|
|
|
|
}
|
|
|
|
else if (filterp)
|
|
|
|
fd = filter(fd, filterp, argv[0]);
|
|
|
|
|
|
|
|
if(srvpost){
|
|
|
|
sprint(srvfile, "/srv/%s", srvpost);
|
|
|
|
remove(srvfile);
|
|
|
|
post(srvfile, srvpost, fd);
|
|
|
|
}
|
|
|
|
procsetname("mount on %s", mntpt);
|
2016-12-01 00:09:42 +01:00
|
|
|
if(mount(fd, -1, mntpt, mntflags, "", '9') < 0)
|
2016-11-25 17:18:40 +01:00
|
|
|
sysfatal("can't mount %s: %r", argv[1]);
|
|
|
|
alarm(0);
|
|
|
|
|
|
|
|
if(backwards && argc > 1){
|
|
|
|
exec(argv[1], &argv[1]);
|
|
|
|
sysfatal("exec: %r");
|
|
|
|
}
|
|
|
|
exits(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
catcher(void *v, char *msg)
|
|
|
|
{
|
|
|
|
timedout = 1;
|
|
|
|
if(strcmp(msg, "alarm") == 0)
|
|
|
|
noted(NCONT);
|
|
|
|
noted(NDFLT);
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
old9p(int fd)
|
|
|
|
{
|
|
|
|
int p[2];
|
|
|
|
|
|
|
|
procsetname("old9p");
|
|
|
|
if(pipe(p) < 0)
|
|
|
|
sysfatal("pipe: %r");
|
|
|
|
|
|
|
|
switch(rfork(RFPROC|RFFDG|RFNAMEG)) {
|
|
|
|
case -1:
|
|
|
|
sysfatal("rfork srvold9p: %r");
|
|
|
|
case 0:
|
|
|
|
if(fd != 1){
|
|
|
|
dup(fd, 1);
|
|
|
|
close(fd);
|
|
|
|
}
|
|
|
|
if(p[0] != 0){
|
|
|
|
dup(p[0], 0);
|
|
|
|
close(p[0]);
|
|
|
|
}
|
|
|
|
close(p[1]);
|
|
|
|
if(0){
|
|
|
|
fd = open("/sys/log/cpu", OWRITE);
|
|
|
|
if(fd != 2){
|
|
|
|
dup(fd, 2);
|
|
|
|
close(fd);
|
|
|
|
}
|
|
|
|
execl("/cmd/srvold9p", "srvold9p", "-ds", nil);
|
|
|
|
} else
|
|
|
|
execl("/cmd/srvold9p", "srvold9p", "-s", nil);
|
|
|
|
sysfatal("exec srvold9p: %r");
|
|
|
|
default:
|
|
|
|
close(fd);
|
|
|
|
close(p[0]);
|
|
|
|
}
|
|
|
|
return p[1];
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
connect(char *system, char *tree, int oldserver)
|
|
|
|
{
|
|
|
|
char buf[ERRMAX], dir[128], *na;
|
|
|
|
int fd, n;
|
|
|
|
char *authp;
|
|
|
|
|
|
|
|
na = netmkaddr(system, 0, "exportfs");
|
|
|
|
procsetname("dial %s", na);
|
|
|
|
if((fd = dial(na, 0, dir, 0)) < 0)
|
|
|
|
sysfatal("can't dial %s: %r", system);
|
|
|
|
|
|
|
|
if(doauth){
|
|
|
|
if(oldserver)
|
|
|
|
authp = "p9sk2";
|
|
|
|
else
|
|
|
|
authp = "p9any";
|
|
|
|
|
|
|
|
procsetname("auth_proxy auth_getkey proto=%q role=client %s",
|
|
|
|
authp, keyspec);
|
|
|
|
ai = auth_proxy(fd, auth_getkey, "proto=%q role=client %s",
|
|
|
|
authp, keyspec);
|
|
|
|
if(ai == nil)
|
|
|
|
sysfatal("%r: %s", system);
|
|
|
|
}
|
|
|
|
|
|
|
|
if(tree != nil){
|
|
|
|
procsetname("writing tree name %s", tree);
|
|
|
|
n = write(fd, tree, strlen(tree));
|
|
|
|
if(n < 0)
|
|
|
|
sysfatal("can't write tree: %r");
|
|
|
|
|
|
|
|
strcpy(buf, "can't read tree");
|
|
|
|
|
|
|
|
procsetname("awaiting OK for %s", tree);
|
|
|
|
n = read(fd, buf, sizeof buf - 1);
|
|
|
|
if(n!=2 || buf[0]!='O' || buf[1]!='K'){
|
|
|
|
if (timedout)
|
|
|
|
sysfatal("timed out connecting to %s", na);
|
|
|
|
buf[sizeof buf - 1] = '\0';
|
|
|
|
sysfatal("bad remote tree: %s", buf);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if(oldserver)
|
|
|
|
return old9p(fd);
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
passive(void)
|
|
|
|
{
|
|
|
|
int fd;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Ignore doauth==0 on purpose. Is it useful here?
|
|
|
|
*/
|
|
|
|
|
|
|
|
procsetname("auth_proxy auth_getkey proto=p9any role=server");
|
|
|
|
ai = auth_proxy(0, auth_getkey, "proto=p9any role=server");
|
|
|
|
if(ai == nil)
|
|
|
|
sysfatal("auth_proxy: %r");
|
|
|
|
if(auth_chuid(ai, nil) < 0)
|
|
|
|
sysfatal("auth_chuid: %r");
|
|
|
|
putenv("service", "import");
|
|
|
|
|
|
|
|
fd = dup(0, -1);
|
|
|
|
close(0);
|
|
|
|
open("/dev/null", ORDWR);
|
|
|
|
close(1);
|
|
|
|
open("/dev/null", ORDWR);
|
|
|
|
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
usage(void)
|
|
|
|
{
|
|
|
|
fprint(2, "usage: import [-abcCm] [-A] [-E clear|ssl|tls] "
|
|
|
|
"[-e 'crypt auth'|clear] [-k keypattern] [-p] host remotefs [mountpoint]\n");
|
|
|
|
exits("usage");
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Network on fd1, mount driver on fd0 */
|
|
|
|
int
|
|
|
|
filter(int fd, char *cmd, char *host)
|
|
|
|
{
|
|
|
|
int p[2], len, argc;
|
|
|
|
char newport[256], buf[256], *s;
|
|
|
|
char *argv[16], *file, *pbuf;
|
|
|
|
|
|
|
|
if ((len = read(fd, newport, sizeof newport - 1)) < 0)
|
|
|
|
sysfatal("filter: cannot write port; %r");
|
|
|
|
newport[len] = '\0';
|
|
|
|
|
|
|
|
if ((s = strchr(newport, '!')) == nil)
|
|
|
|
sysfatal("filter: illegally formatted port %s", newport);
|
|
|
|
|
|
|
|
strecpy(buf, buf+sizeof buf, netmkaddr(host, "tcp", "0"));
|
|
|
|
pbuf = strrchr(buf, '!');
|
|
|
|
strecpy(pbuf, buf+sizeof buf, s);
|
|
|
|
|
|
|
|
if(debug)
|
|
|
|
fprint(2, "filter: remote port %s\n", newport);
|
|
|
|
|
|
|
|
argc = tokenize(cmd, argv, nelem(argv)-2);
|
|
|
|
if (argc == 0)
|
|
|
|
sysfatal("filter: empty command");
|
|
|
|
argv[argc++] = "-c";
|
|
|
|
argv[argc++] = buf;
|
|
|
|
argv[argc] = nil;
|
|
|
|
file = argv[0];
|
|
|
|
if (s = strrchr(argv[0], '/'))
|
|
|
|
argv[0] = s+1;
|
|
|
|
|
|
|
|
if(pipe(p) < 0)
|
|
|
|
sysfatal("pipe: %r");
|
|
|
|
|
|
|
|
switch(rfork(RFNOWAIT|RFPROC|RFFDG)) {
|
|
|
|
case -1:
|
|
|
|
sysfatal("rfork record module: %r");
|
|
|
|
case 0:
|
|
|
|
dup(p[0], 1);
|
|
|
|
dup(p[0], 0);
|
|
|
|
close(p[0]);
|
|
|
|
close(p[1]);
|
|
|
|
exec(file, argv);
|
|
|
|
sysfatal("exec record module: %r");
|
|
|
|
default:
|
|
|
|
close(fd);
|
|
|
|
close(p[0]);
|
|
|
|
}
|
|
|
|
return p[1];
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
mksecret(char *t, uint8_t *f)
|
|
|
|
{
|
|
|
|
sprint(t, "%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux",
|
|
|
|
f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7], f[8], f[9]);
|
|
|
|
}
|