12 static char *encprotos[] = {
21 char *ealgs = "rc4_256 sha1";
22 int encproto = Encnone;
23 char *aan = "/bin/aan";
29 int connect(char*, char*, int);
32 void catcher(void*, char*);
33 void sysfatal(char*, ...);
35 int filter(int, char *, char *);
37 static void mksecret(char *, uchar *);
40 * based on libthread's threadsetname, but drags in less library code.
41 * actually just sets the arguments displayed.
44 procsetname(char *fmt, ...)
52 cmdname = vsmprint(fmt, arg);
56 snprint(buf, sizeof buf, "#p/%d/args", getpid());
57 if((fd = open(buf, OWRITE)) >= 0){
58 write(fd, cmdname, strlen(cmdname)+1);
65 post(char *name, char *envname, int srvfd)
70 fd = create(name, OWRITE, 0600);
73 sprint(buf, "%d",srvfd);
74 if(write(fd, buf, strlen(buf)) != strlen(buf))
75 sysfatal("srv write: %r");
77 putenv(envname, name);
81 lookup(char *s, char *l[])
85 for (i = 0; l[i] != 0; i++)
86 if (strcmp(l[i], s) == 0)
92 main(int argc, char **argv)
94 char *mntpt, *srvpost, srvfile[64];
95 int backwards = 0, fd, mntflags, oldserver;
121 /* ignored but allowed for compatibility */
128 if ((encproto = lookup(EARGF(usage()), encprotos)) < 0)
132 ealgs = EARGF(usage());
133 if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
137 keyspec = EARGF(usage());
143 srvpost = EARGF(usage());
152 mntpt = 0; /* to shut up compiler */
174 if (encproto == Enctls)
175 sysfatal("%s: tls has not yet been implemented", argv[0]);
183 fd = connect(argv[0], argv[1], oldserver);
186 fprint(fd, "impo %s %s\n", filterp? "aan": "nofilter",
187 encprotos[encproto]);
189 if (encproto != Encnone && ealgs && ai) {
191 uchar digest[SHA1dlen];
192 char fromclientsecret[21];
193 char fromserversecret[21];
196 memmove(key+4, ai->secret, ai->nsecret);
198 /* exchange random numbers */
200 for(i = 0; i < 4; i++)
202 if(write(fd, key, 4) != 4)
203 sysfatal("can't write key part: %r");
204 if(readn(fd, key+12, 4) != 4)
205 sysfatal("can't read key part: %r");
207 /* scramble into two secrets */
208 sha1(key, sizeof(key), digest, nil);
209 mksecret(fromclientsecret, digest);
210 mksecret(fromserversecret, digest+10);
213 fd = filter(fd, filterp, argv[0]);
215 /* set up encryption */
216 procsetname("pushssl");
217 fd = pushssl(fd, ealgs, fromclientsecret, fromserversecret, nil);
219 sysfatal("can't establish ssl connection: %r");
222 fd = filter(fd, filterp, argv[0]);
225 sprint(srvfile, "/srv/%s", srvpost);
227 post(srvfile, srvpost, fd);
229 procsetname("mount on %s", mntpt);
230 if(mount(fd, -1, mntpt, mntflags, "") < 0)
231 sysfatal("can't mount %s: %r", argv[1]);
234 if(backwards && argc > 1){
235 exec(argv[1], &argv[1]);
236 sysfatal("exec: %r");
242 catcher(void*, char *msg)
245 if(strcmp(msg, "alarm") == 0)
255 procsetname("old9p");
257 sysfatal("pipe: %r");
259 switch(rfork(RFPROC|RFFDG|RFNAMEG)) {
261 sysfatal("rfork srvold9p: %r");
273 fd = open("/sys/log/cpu", OWRITE);
278 execl("/bin/srvold9p", "srvold9p", "-ds", nil);
280 execl("/bin/srvold9p", "srvold9p", "-s", nil);
281 sysfatal("exec srvold9p: %r");
290 connect(char *system, char *tree, int oldserver)
292 char buf[ERRMAX], dir[128], *na;
296 na = netmkaddr(system, 0, "exportfs");
297 procsetname("dial %s", na);
298 if((fd = dial(na, 0, dir, 0)) < 0)
299 sysfatal("can't dial %s: %r", system);
307 procsetname("auth_proxy auth_getkey proto=%q role=client %s",
309 ai = auth_proxy(fd, auth_getkey, "proto=%q role=client %s",
312 sysfatal("%r: %s", system);
315 procsetname("writing tree name %s", tree);
316 n = write(fd, tree, strlen(tree));
318 sysfatal("can't write tree: %r");
320 strcpy(buf, "can't read tree");
322 procsetname("awaiting OK for %s", tree);
323 n = read(fd, buf, sizeof buf - 1);
324 if(n!=2 || buf[0]!='O' || buf[1]!='K'){
326 sysfatal("timed out connecting to %s", na);
327 buf[sizeof buf - 1] = '\0';
328 sysfatal("bad remote tree: %s", buf);
342 * Ignore doauth==0 on purpose. Is it useful here?
345 procsetname("auth_proxy auth_getkey proto=p9any role=server");
346 ai = auth_proxy(0, auth_getkey, "proto=p9any role=server");
348 sysfatal("auth_proxy: %r");
349 if(auth_chuid(ai, nil) < 0)
350 sysfatal("auth_chuid: %r");
351 putenv("service", "import");
355 open("/dev/null", ORDWR);
357 open("/dev/null", ORDWR);
365 fprint(2, "usage: import [-abcC] [-A] [-E clear|ssl|tls] "
366 "[-e 'crypt auth'|clear] [-k keypattern] [-p] host remotefs [mountpoint]\n");
370 /* Network on fd1, mount driver on fd0 */
372 filter(int fd, char *cmd, char *host)
375 char newport[256], buf[256], *s;
376 char *argv[16], *file, *pbuf;
378 if ((len = read(fd, newport, sizeof newport - 1)) < 0)
379 sysfatal("filter: cannot write port; %r");
382 if ((s = strchr(newport, '!')) == nil)
383 sysfatal("filter: illegally formatted port %s", newport);
385 strecpy(buf, buf+sizeof buf, netmkaddr(host, "tcp", "0"));
386 pbuf = strrchr(buf, '!');
387 strecpy(pbuf, buf+sizeof buf, s);
390 fprint(2, "filter: remote port %s\n", newport);
392 argc = tokenize(cmd, argv, nelem(argv)-2);
394 sysfatal("filter: empty command");
399 if (s = strrchr(argv[0], '/'))
403 sysfatal("pipe: %r");
405 switch(rfork(RFNOWAIT|RFPROC|RFFDG)) {
407 sysfatal("rfork record module: %r");
414 sysfatal("exec record module: %r");
423 mksecret(char *t, uchar *f)
425 sprint(t, "%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux",
426 f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7], f[8], f[9]);