14 reporter(char *fmt, ...)
21 vsnprint(buf, sizeof buf, fmt, ap);
22 syslog(0, logfile, "%s tls reports %s", remotesys, buf);
24 fprint(2, "%s: %s tls reports ", argv0, remotesys);
35 fprint(2, "usage: tlssrv [-D] -[aA] [-k keyspec]] [-c cert] [-l logfile] [-r remotesys] cmd [args...]\n");
36 fprint(2, " after auth/secretpem key.pem > /mnt/factotum/ctl\n");
41 main(int argc, char *argv[])
56 auth = -1; /* authenticate, but dont change user */
59 keyspec = EARGF(usage());
62 cert = EARGF(usage());
65 logfile = EARGF(usage());
68 remotesys = EARGF(usage());
77 conn = (TLSconn*)mallocz(sizeof *conn, 1);
79 sysfatal("out of memory");
84 ai = auth_proxy(0, nil, "proto=p9any role=server %s", keyspec);
86 sysfatal("auth_proxy: %r");
89 if(auth_chuid(ai, nil) < 0)
90 sysfatal("auth_chuid: %r");
92 conn->pskID = "p9secret";
93 conn->psk = ai->secret;
94 conn->psklen = ai->nsecret;
98 conn->chain = readcertchain(cert);
99 if(conn->chain == nil)
101 conn->cert = conn->chain->pem;
102 conn->certlen = conn->chain->pemlen;
103 conn->chain = conn->chain->next;
106 if(conn->cert == nil && conn->psklen == 0)
107 sysfatal("no certificate or shared secret");
110 conn->trace = reporter;
112 fd = tlsServer(0, conn);
114 reporter("failed: %r");
126 reporter("can't exec %s: %r", *argv);