2 * oexportfs - legacy exportfs for cpu and import
21 char *ealgs = "rc4_256 sha1";
22 char *aanfilter = "/bin/aan";
23 int encproto = Encnone;
26 static char *anstring = "tcp!*!0";
29 filter(int fd, char *cmd, char *host)
31 char addr[128], buf[256], *s, *file, *argv[16];
32 int lfd, p[2], len, argc;
35 /* Get a free port and post it to the client. */
36 if (announce(anstring, addr) < 0)
37 fatal("filter: Cannot announce %s: %r", anstring);
39 snprint(buf, sizeof(buf), "%s/local", addr);
40 if ((lfd = open(buf, OREAD)) < 0)
41 fatal("filter: Cannot open %s: %r", buf);
42 if ((len = read(lfd, buf, sizeof buf - 1)) < 0)
43 fatal("filter: Cannot read %s: %r", buf);
46 if ((s = strchr(buf, '\n')) != nil)
48 if (write(fd, buf, len) != len)
49 fatal("filter: cannot write port; %r");
51 /* Read address string from connection */
52 if ((len = read(fd, buf, sizeof buf - 1)) < 0)
53 sysfatal("filter: cannot write port; %r");
56 if ((s = strrchr(buf, '!')) == nil)
57 sysfatal("filter: illegally formatted port %s", buf);
58 strecpy(addr, addr+sizeof(addr), netmkaddr(host, "tcp", s+1));
59 strecpy(strrchr(addr, '!'), addr+sizeof(addr), s);
62 DEBUG(DFD, "filter: %s\n", addr);
64 snprint(buf, sizeof(buf), "%s", cmd);
65 argc = tokenize(buf, argv, nelem(argv)-3);
67 sysfatal("filter: empty command");
75 if((s = strrchr(argv[0], '/')) != nil)
81 switch(rfork(RFNOWAIT|RFPROC|RFMEM|RFFDG|RFREND)) {
83 fatal("filter: rfork; %r\n");
87 fatal("filter: Cannot dup to 1; %r");
89 fatal("filter: Cannot dup to 0; %r");
93 fatal("filter: exec; %r");
102 mksecret(char *t, uchar *f)
104 sprint(t, "%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux",
105 f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7], f[8], f[9]);
111 fprint(2, "usage: %s [-adnsR] [-f dbgfile] [-m msize] [-r root] "
112 "[-S srvfile] [-e 'crypt hash'] [-P exclusion-file] "
113 "[-A announce-string] [-B address]\n", argv0);
118 main(int argc, char **argv)
120 char buf[ERRMAX], ebuf[ERRMAX], initial[4], *ini, *srvfdfile;
121 char *dbfile, *srv, *na, *nsfile, *keyspec;
126 dbfile = "/tmp/exportdb";
146 ealgs = EARGF(usage());
147 if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
152 dbfile = EARGF(usage());
156 keyspec = EARGF(usage());
160 messagesize = strtoul(EARGF(usage()), nil, 0);
168 srv = EARGF(usage());
176 anstring = EARGF(usage());
184 /* accepted but ignored, for backwards compatibility */
188 nsfile = EARGF(usage());
192 patternfile = EARGF(usage());
202 srvfdfile = EARGF(usage());
210 if(na == nil && doauth){
212 * We use p9any so we don't have to visit this code again, with the
213 * cost that this code is incompatible with the old world, which
214 * requires p9sk2. (The two differ in who talks first, so compatibility
217 ai = auth_proxy(0, auth_getkey, "proto=p9any role=server %s", keyspec);
219 fatal("auth_proxy: %r");
220 if(nonone && strcmp(ai->cuid, "none") == 0)
221 fatal("exportfs by none disallowed");
222 if(auth_chuid(ai, nsfile) < 0)
223 fatal("auth_chuid: %r");
224 else { /* chown network connection */
231 putenv("service", "exportfs");
234 if(srvfdfile != nil){
235 if((srvfd = open(srvfdfile, ORDWR)) < 0)
236 fatal("open %s: %r", srvfdfile);
241 fatal("-B requires -s");
243 if((fd = dial(netmkaddr(na, 0, "importfs"), 0, 0, 0)) < 0)
244 fatal("can't dial %s: %r", na);
246 ai = auth_proxy(fd, auth_getkey, "proto=p9any role=client %s", keyspec);
258 n = create(dbfile, OWRITE|OTRUNC, 0666);
263 if(srvfd >= 0 && srv != nil){
264 fprint(2, "%s: -S cannot be used with -r or -s\n", argv0);
268 DEBUG(DFD, "%s: started\n", argv0);
270 rfork(RFNOTEG|RFREND);
272 if(messagesize == 0){
273 messagesize = iounit(0);
275 messagesize = 8192+IOHDRSZ;
277 fhash = emallocz(sizeof(Fid*)*FHASHSIZE);
279 fmtinstall('F', fcallfmt);
282 * Get tree to serve from network connection,
283 * check we can get there and ack the connection
288 else if(srv != nil) {
291 errstr(ebuf, sizeof ebuf);
292 DEBUG(DFD, "chdir(\"%s\"): %s\n", srv, ebuf);
295 DEBUG(DFD, "invoked as server for %s", srv);
296 strncpy(buf, srv, sizeof buf);
300 n = read(0, buf, sizeof(buf)-1);
302 errstr(buf, sizeof buf);
303 fprint(0, "read(0): %s\n", buf);
304 DEBUG(DFD, "read(0): %s\n", buf);
309 errstr(ebuf, sizeof ebuf);
310 fprint(0, "chdir(%d:\"%s\"): %s\n", n, buf, ebuf);
311 DEBUG(DFD, "chdir(%d:\"%s\"): %s\n", n, buf, ebuf);
316 DEBUG(DFD, "\niniting root\n");
319 DEBUG(DFD, "%s: %s\n", argv0, buf);
321 if(srv == nil && srvfd == -1 && write(0, "OK", 2) != 2)
322 fatal("open ack write");
325 n = readn(0, initial, sizeof(initial));
327 fatal(nil); /* port scan or spurious open/close on exported /srv file (unmount) */
328 if(n < sizeof(initial))
329 fatal("can't read initial string: %r");
331 if(memcmp(ini, "impo", 4) == 0) {
332 char buf[128], *p, *args[3];
337 if((n = read(0, p, 1)) < 0)
338 fatal("can't read impo arguments: %r");
340 fatal("connection closed while reading arguments");
345 if(p >= buf + sizeof(buf))
346 fatal("import parameters too long");
349 if(tokenize(buf, args, nelem(args)) != 2)
350 fatal("impo arguments invalid: impo%s...", buf);
352 if(strcmp(args[0], "aan") == 0)
354 else if(strcmp(args[0], "nofilter") != 0)
355 fatal("import filter argument unsupported: %s", args[0]);
357 if(strcmp(args[1], "ssl") == 0)
359 else if(strcmp(args[1], "tls") == 0)
361 else if(strcmp(args[1], "clear") != 0)
362 fatal("import encryption proto unsupported: %s", args[1]);
364 if(encproto == Enctls)
365 fatal("%s: tls has not yet been implemented", argv[0]);
368 if(encproto != Encnone && ealgs != nil && ai != nil) {
369 uchar key[16], digest[SHA1dlen];
370 char fromclientsecret[21];
371 char fromserversecret[21];
375 fatal("secret too small for ssl");
376 memmove(key+4, ai->secret, 8);
378 /* exchange random numbers */
380 for(i = 0; i < 4; i++)
384 fatal("Protocol botch: old import");
385 if(readn(0, key, 4) != 4)
386 fatal("can't read key part; %r");
388 if(write(0, key+12, 4) != 4)
389 fatal("can't write key part; %r");
391 /* scramble into two secrets */
392 sha1(key, sizeof(key), digest, nil);
393 mksecret(fromclientsecret, digest);
394 mksecret(fromserversecret, digest+10);
397 filter(0, filterp, na);
401 fd = pushssl(0, ealgs, fromserversecret, fromclientsecret, nil);
403 fatal("can't establish ssl connection: %r");
411 fatal("Unsupported encryption protocol");
414 else if(filterp != nil) {
416 fatal("Protocol botch: don't know how to deal with this");
417 filter(0, filterp, na);
425 extern void (*fcalls[])(Fsrpc*);
428 memmove(r->buf, ini, BIT32SZ);
430 if(n <= BIT32SZ || n > messagesize)
431 fatal("bad length in 9P2000 message header");
433 if(readn(0, r->buf+BIT32SZ, n) != n)
437 if(convM2S(r->buf, n, &r->work) != n)
438 fatal("convM2S format error");
439 DEBUG(DFD, "%F\n", &r->work);
440 (fcalls[r->work.type])(r);