]> git.lizzy.rs Git - plan9front.git/blob - sys/src/cmd/tlssrv.c
projects / plan9front.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
amd64, vmx: support avx/avx2 for host/guest; use *noavx= in plan9.ini to disable
[plan9front.git] / sys / src / cmd / tlssrv.c
1 #include <u.h>
2 #include <libc.h>
3 #include <bio.h>
4 #include <mp.h>
5 #include <libsec.h>
6 #include <auth.h>
7
8 int debug, auth;
9 char *keyspec = "";
10 char *remotesys = "";
11 char *logfile = nil;
12
13 static int
14 reporter(char *fmt, ...)
15 {
16         va_list ap;
17         char buf[2000];
18
19         va_start(ap, fmt);
20         if(logfile){
21                 vsnprint(buf, sizeof buf, fmt, ap);
22                 syslog(0, logfile, "%s tls reports %s", remotesys, buf);
23         }else{
24                 fprint(2, "%s: %s tls reports ", argv0, remotesys);
25                 vfprint(2, fmt, ap);
26                 fprint(2, "\n");
27         }
28         va_end(ap);
29         return 0;
30 }
31
32 void
33 usage(void)
34 {
35         fprint(2, "usage: tlssrv [-D] -[aA] [-k keyspec]] [-c cert] [-l logfile] [-r remotesys] cmd [args...]\n");
36         exits("usage");
37 }
38
39 void
40 main(int argc, char *argv[])
41 {
42         TLSconn *conn;
43         char *cert;
44         int fd;
45
46         cert = nil;
47         ARGBEGIN{
48         case 'D':
49                 debug++;
50                 break;
51         case 'a':
52                 auth = 1;
53                 break;
54         case 'A':
55                 auth = -1;      /* authenticate, but dont change user */
56                 break;
57         case 'k':
58                 keyspec = EARGF(usage());
59                 break;
60         case 'c':
61                 cert = EARGF(usage());
62                 break;
63         case 'l':
64                 logfile = EARGF(usage());
65                 break;
66         case 'r':
67                 remotesys = EARGF(usage());
68                 break;
69         default:
70                 usage();
71         }ARGEND
72
73         if(*argv == nil)
74                 usage();
75
76         conn = (TLSconn*)mallocz(sizeof *conn, 1);
77         if(conn == nil)
78                 sysfatal("out of memory");
79
80         if(auth){
81                 AuthInfo *ai;
82
83                 ai = auth_proxy(0, nil, "proto=p9any role=server %s", keyspec);
84                 if(ai == nil)
85                         sysfatal("auth_proxy: %r");
86
87                 if(auth == 1){
88                         Dir nd;
89
90                         if(auth_chuid(ai, nil) < 0)
91                                 sysfatal("auth_chuid: %r");
92
93                         /* chown network connection */
94                         nulldir(&nd);
95                         nd.mode = 0660;
96                         nd.uid = ai->cuid;
97                         dirfwstat(0, &nd);
98                 }
99
100                 conn->pskID = "p9secret";
101                 conn->psk = ai->secret;
102                 conn->psklen = ai->nsecret;
103         }
104
105         if(cert){
106                 conn->chain = readcertchain(cert);
107                 if(conn->chain == nil)
108                         sysfatal("%r");
109                 conn->cert = conn->chain->pem;
110                 conn->certlen = conn->chain->pemlen;
111                 conn->chain = conn->chain->next;
112         }
113
114         if(conn->cert == nil && conn->psklen == 0)
115                 sysfatal("no certificate or shared secret");
116
117         if(debug)
118                 conn->trace = reporter;
119
120         fd = tlsServer(0, conn);
121         if(fd < 0){
122                 reporter("failed: %r");
123                 exits(0);
124         }
125         if(debug)
126                 reporter("open");
127
128         dup(fd, 0);
129         dup(fd, 1);
130         if(fd > 1)
131                 close(fd);
132
133         exec(*argv, argv);
134         reporter("can't exec %s: %r", *argv);
135         exits("exec");
136 }
some kind of operating system. [Forked from http://git.9front.org/plan9front/plan9front/HEAD/info.html]