12 static char *encprotos[] = {
21 char *ealgs = "rc4_256 sha1";
22 int encproto = Encnone;
23 char *aan = "/bin/aan";
24 char *anstring = "tcp!*!0";
31 int connect(char*, char*);
33 void catcher(void*, char*);
34 void sysfatal(char*, ...);
36 int filter(int, char *, char *);
38 static void mksecret(char *, uchar *);
41 post(char *name, char *envname, int srvfd)
46 fd = create(name, OWRITE, 0600);
49 snprint(buf, sizeof(buf), "%d", srvfd);
50 if(write(fd, buf, strlen(buf)) != strlen(buf))
51 sysfatal("srv write: %r");
53 putenv(envname, name);
57 lookup(char *s, char *l[])
61 for (i = 0; l[i] != 0; i++)
62 if (strcmp(l[i], s) == 0)
68 main(int argc, char **argv)
70 char *mntpt, *srvpost, srvfile[64];
71 int backwards = 0, fd, mntflags;
96 /* ignored but allowed for compatibility */
99 if ((encproto = lookup(EARGF(usage()), encprotos)) < 0)
103 ealgs = EARGF(usage());
104 if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
108 keyspec = EARGF(usage());
114 anstring = EARGF(usage());
117 srvpost = EARGF(usage());
129 mntpt = 0; /* to shut up compiler */
151 if (encproto == Enctls)
152 sysfatal("%s: tls has not yet been implemented", argv[0]);
160 fd = connect(argv[0], argv[1]);
162 fprint(fd, "impo %s %s\n", filterp? "aan": "nofilter", encprotos[encproto]);
164 if (encproto != Encnone && ealgs && ai) {
165 uchar key[16], digest[SHA1dlen];
166 char fromclientsecret[21];
167 char fromserversecret[21];
171 sysfatal("secret too small to ssl");
172 memmove(key+4, ai->secret, 8);
174 /* exchange random numbers */
176 for(i = 0; i < 4; i++)
178 if(write(fd, key, 4) != 4)
179 sysfatal("can't write key part: %r");
180 if(readn(fd, key+12, 4) != 4)
181 sysfatal("can't read key part: %r");
183 /* scramble into two secrets */
184 sha1(key, sizeof(key), digest, nil);
185 mksecret(fromclientsecret, digest);
186 mksecret(fromserversecret, digest+10);
189 fd = filter(fd, filterp, backwards ? nil : argv[0]);
191 /* set up encryption */
192 procsetname("pushssl");
193 fd = pushssl(fd, ealgs, fromclientsecret, fromserversecret, nil);
195 sysfatal("can't establish ssl connection: %r");
198 fd = filter(fd, filterp, backwards ? nil : argv[0]);
204 snprint(srvfile, sizeof(srvfile), "/srv/%s", srvpost);
206 post(srvfile, srvpost, fd);
208 procsetname("mount on %s", mntpt);
209 if(mount(fd, -1, mntpt, mntflags, "") == -1)
210 sysfatal("can't mount %s: %r", argv[1]);
213 if(backwards && argc > 1){
214 exec(argv[1], &argv[1]);
215 sysfatal("exec: %r");
221 catcher(void*, char *msg)
224 if(strcmp(msg, "alarm") == 0)
230 connect(char *system, char *tree)
232 char buf[ERRMAX], dir[128], *na;
235 na = netmkaddr(system, 0, "exportfs");
236 procsetname("dial %s", na);
237 if((fd = dial(na, 0, dir, 0)) < 0)
238 sysfatal("can't dial %s: %r", system);
241 procsetname("auth_proxy auth_getkey proto=p9any role=client %s", keyspec);
242 ai = auth_proxy(fd, auth_getkey, "proto=p9any role=client %s", keyspec);
244 sysfatal("%r: %s", system);
248 procsetname("writing tree name %s", tree);
249 n = write(fd, tree, strlen(tree));
251 sysfatal("can't write tree: %r");
253 strcpy(buf, "can't read tree");
255 procsetname("awaiting OK for %s", tree);
256 n = read(fd, buf, sizeof buf - 1);
257 if(n!=2 || buf[0]!='O' || buf[1]!='K'){
259 sysfatal("timed out connecting to %s", na);
260 buf[sizeof buf - 1] = '\0';
261 sysfatal("bad remote tree: %s", buf);
273 * Ignore doauth==0 on purpose. Is it useful here?
276 procsetname("auth_proxy auth_getkey proto=p9any role=server");
277 ai = auth_proxy(0, auth_getkey, "proto=p9any role=server");
279 sysfatal("auth_proxy: %r");
280 if(auth_chuid(ai, nil) < 0)
281 sysfatal("auth_chuid: %r");
282 putenv("service", "import");
286 open("/dev/null", ORDWR);
288 open("/dev/null", ORDWR);
296 fprint(2, "usage: import [-abcC] [-A] [-E clear|ssl|tls] "
297 "[-e 'crypt auth'|clear] [-k keypattern] [-p] [-n address ] [-z] host remotefs [mountpoint]\n");
302 filter(int fd, char *cmd, char *host)
304 char addr[128], buf[256], *s, *file, *argv[16];
305 int lfd, p[2], len, argc;
308 /* Get a free port and post it to the client. */
309 if (announce(anstring, addr) < 0)
310 sysfatal("filter: Cannot announce %s: %r", anstring);
312 snprint(buf, sizeof(buf), "%s/local", addr);
313 if ((lfd = open(buf, OREAD)) < 0)
314 sysfatal("filter: Cannot open %s: %r", buf);
315 if ((len = read(lfd, buf, sizeof buf - 1)) < 0)
316 sysfatal("filter: Cannot read %s: %r", buf);
319 if ((s = strchr(buf, '\n')) != nil)
321 if (write(fd, buf, len) != len)
322 sysfatal("filter: cannot write port; %r");
324 /* Read address string from connection */
325 if ((len = read(fd, buf, sizeof buf - 1)) < 0)
326 sysfatal("filter: cannot write port; %r");
329 if ((s = strrchr(buf, '!')) == nil)
330 sysfatal("filter: illegally formatted port %s", buf);
331 strecpy(addr, addr+sizeof(addr), netmkaddr(host, "tcp", s+1));
332 strecpy(strrchr(addr, '!'), addr+sizeof(addr), s);
336 fprint(2, "filter: %s\n", addr);
338 snprint(buf, sizeof(buf), "%s", cmd);
339 argc = tokenize(buf, argv, nelem(argv)-3);
341 sysfatal("filter: empty command");
349 if((s = strrchr(argv[0], '/')) != nil)
353 sysfatal("pipe: %r");
355 switch(rfork(RFNOWAIT|RFPROC|RFMEM|RFFDG|RFREND)) {
357 sysfatal("filter: rfork; %r\n");
360 if (dup(p[0], 1) < 0)
361 sysfatal("filter: Cannot dup to 1; %r");
362 if (dup(p[0], 0) < 0)
363 sysfatal("filter: Cannot dup to 0; %r");
367 sysfatal("filter: exec; %r");
377 mksecret(char *t, uchar *f)
379 sprint(t, "%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux",
380 f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7], f[8], f[9]);