import.c 6.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334
  1. #include <u.h>
  2. #include <libc.h>
  3. #include <auth.h>
  4. #include <libsec.h>
  5. enum {
  6. Encnone,
  7. Encssl,
  8. Enctls,
  9. };
  10. static char *encprotos[] = {
  11. [Encnone] = "clear",
  12. [Encssl] = "ssl",
  13. [Enctls] = "tls",
  14. nil,
  15. };
  16. char *keyspec = "";
  17. char *filterp;
  18. char *ealgs = "rc4_256 sha1";
  19. int encproto = Encnone;
  20. char *aan = "/bin/aan";
  21. AuthInfo *ai;
  22. int debug;
  23. int connect(char*, char*, int);
  24. int old9p(int);
  25. void catcher(void*, char*);
  26. void sysfatal(char*, ...);
  27. void usage(void);
  28. int filter(int, char *, char *);
  29. static void mksecret(char *, uchar *);
  30. void
  31. post(char *name, char *envname, int srvfd)
  32. {
  33. int fd;
  34. char buf[32];
  35. fd = create(name, OWRITE, 0600);
  36. if(fd < 0)
  37. return;
  38. sprint(buf, "%d",srvfd);
  39. if(write(fd, buf, strlen(buf)) != strlen(buf))
  40. sysfatal("srv write: %r");
  41. close(fd);
  42. putenv(envname, name);
  43. }
  44. static int
  45. lookup(char *s, char *l[])
  46. {
  47. int i;
  48. for (i = 0; l[i] != 0; i++)
  49. if (strcmp(l[i], s) == 0)
  50. return i;
  51. return -1;
  52. }
  53. void
  54. main(int argc, char **argv)
  55. {
  56. char *mntpt;
  57. int fd, mntflags;
  58. int oldserver;
  59. char *srvpost, srvfile[64];
  60. srvpost = nil;
  61. oldserver = 0;
  62. mntflags = MREPL;
  63. ARGBEGIN{
  64. case 'a':
  65. mntflags = MAFTER;
  66. break;
  67. case 'b':
  68. mntflags = MBEFORE;
  69. break;
  70. case 'c':
  71. mntflags |= MCREATE;
  72. break;
  73. case 'C':
  74. mntflags |= MCACHE;
  75. break;
  76. case 'd':
  77. debug++;
  78. break;
  79. case 'f':
  80. /* ignored but allowed for compatibility */
  81. break;
  82. case 'O':
  83. case 'o':
  84. oldserver = 1;
  85. break;
  86. case 'E':
  87. if ((encproto = lookup(EARGF(usage()), encprotos)) < 0)
  88. usage();
  89. break;
  90. case 'e':
  91. ealgs = EARGF(usage());
  92. if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
  93. ealgs = nil;
  94. break;
  95. case 'k':
  96. keyspec = EARGF(usage());
  97. break;
  98. case 'p':
  99. filterp = aan;
  100. break;
  101. case 's':
  102. srvpost = EARGF(usage());
  103. break;
  104. default:
  105. usage();
  106. }ARGEND;
  107. switch(argc) {
  108. case 2:
  109. mntpt = argv[1];
  110. break;
  111. case 3:
  112. mntpt = argv[2];
  113. break;
  114. default:
  115. mntpt = 0; /* to shut up compiler */
  116. usage();
  117. }
  118. if (encproto == Enctls)
  119. sysfatal("%s: tls has not yet been implemented\n", argv[0]);
  120. notify(catcher);
  121. alarm(60*1000);
  122. fd = connect(argv[0], argv[1], oldserver);
  123. if (!oldserver)
  124. fprint(fd, "impo %s %s\n", filterp? "aan": "nofilter", encprotos[encproto]);
  125. if (encproto != Encnone && ealgs && ai) {
  126. uchar key[16];
  127. uchar digest[SHA1dlen];
  128. char fromclientsecret[21];
  129. char fromserversecret[21];
  130. int i;
  131. memmove(key+4, ai->secret, ai->nsecret);
  132. /* exchange random numbers */
  133. srand(truerand());
  134. for(i = 0; i < 4; i++)
  135. key[i] = rand();
  136. if(write(fd, key, 4) != 4)
  137. sysfatal("can't write key part: %r");
  138. if(readn(fd, key+12, 4) != 4)
  139. sysfatal("can't read key part: %r");
  140. /* scramble into two secrets */
  141. sha1(key, sizeof(key), digest, nil);
  142. mksecret(fromclientsecret, digest);
  143. mksecret(fromserversecret, digest+10);
  144. if (filterp)
  145. fd = filter(fd, filterp, argv[0]);
  146. /* set up encryption */
  147. fd = pushssl(fd, ealgs, fromclientsecret, fromserversecret, nil);
  148. if(fd < 0)
  149. sysfatal("can't establish ssl connection: %r");
  150. }
  151. else if (filterp)
  152. fd = filter(fd, filterp, argv[0]);
  153. if(srvpost){
  154. sprint(srvfile, "/srv/%s", srvpost);
  155. remove(srvfile);
  156. post(srvfile, srvpost, fd);
  157. }
  158. if(mount(fd, -1, mntpt, mntflags, "") < 0)
  159. sysfatal("can't mount %s: %r", argv[1]);
  160. alarm(0);
  161. exits(0);
  162. }
  163. void
  164. catcher(void*, char *msg)
  165. {
  166. if(strcmp(msg, "alarm") == 0)
  167. noted(NCONT);
  168. noted(NDFLT);
  169. }
  170. int
  171. old9p(int fd)
  172. {
  173. int p[2];
  174. if(pipe(p) < 0)
  175. sysfatal("pipe: %r");
  176. switch(rfork(RFPROC|RFFDG|RFNAMEG)) {
  177. case -1:
  178. sysfatal("rfork srvold9p: %r");
  179. case 0:
  180. if(fd != 1){
  181. dup(fd, 1);
  182. close(fd);
  183. }
  184. if(p[0] != 0){
  185. dup(p[0], 0);
  186. close(p[0]);
  187. }
  188. close(p[1]);
  189. if(0){
  190. fd = open("/sys/log/cpu", OWRITE);
  191. if(fd != 2){
  192. dup(fd, 2);
  193. close(fd);
  194. }
  195. execl("/bin/srvold9p", "srvold9p", "-ds", 0);
  196. } else
  197. execl("/bin/srvold9p", "srvold9p", "-s", 0);
  198. sysfatal("exec srvold9p: %r");
  199. default:
  200. close(fd);
  201. close(p[0]);
  202. }
  203. return p[1];
  204. }
  205. int
  206. connect(char *system, char *tree, int oldserver)
  207. {
  208. char buf[ERRMAX], dir[128], *na;
  209. int fd, n;
  210. char *authp;
  211. na = netmkaddr(system, 0, "exportfs");
  212. if((fd = dial(na, 0, dir, 0)) < 0)
  213. sysfatal("can't dial %s: %r", system);
  214. if(oldserver)
  215. authp = "p9sk2";
  216. else
  217. authp = "p9any";
  218. ai = auth_proxy(fd, auth_getkey, "proto=%q role=client %s", authp, keyspec);
  219. if(ai == nil)
  220. sysfatal("%r: %s", system);
  221. n = write(fd, tree, strlen(tree));
  222. if(n < 0)
  223. sysfatal("can't write tree: %r");
  224. strcpy(buf, "can't read tree");
  225. n = read(fd, buf, sizeof buf - 1);
  226. if(n!=2 || buf[0]!='O' || buf[1]!='K'){
  227. buf[sizeof buf - 1] = '\0';
  228. sysfatal("bad remote tree: %s", buf);
  229. }
  230. if(oldserver)
  231. return old9p(fd);
  232. return fd;
  233. }
  234. void
  235. usage(void)
  236. {
  237. fprint(2, "usage: import [-abcC] [-E clear|ssl|tls] [-e 'crypt auth'|clear] [-k keypattern] [-p] host remotefs [mountpoint]\n");
  238. exits("usage");
  239. }
  240. /* Network on fd1, mount driver on fd0 */
  241. int
  242. filter(int fd, char *cmd, char *host)
  243. {
  244. int p[2], len, argc;
  245. char newport[256], buf[256], *s;
  246. char *argv[16], *file, *pbuf;
  247. if ((len = read(fd, newport, sizeof newport - 1)) < 0)
  248. sysfatal("filter: cannot write port; %r\n");
  249. newport[len] = '\0';
  250. if ((s = strchr(newport, '!')) == nil)
  251. sysfatal("filter: illegally formatted port %s\n", newport);
  252. strcpy(buf, netmkaddr(host, "il", "0"));
  253. pbuf = strrchr(buf, '!');
  254. strcpy(pbuf, s);
  255. if(debug)
  256. fprint(2, "filter: remote port %s\n", newport);
  257. argc = tokenize(cmd, argv, nelem(argv)-2);
  258. if (argc == 0)
  259. sysfatal("filter: empty command");
  260. argv[argc++] = "-c";
  261. argv[argc++] = buf;
  262. argv[argc] = nil;
  263. file = argv[0];
  264. if (s = strrchr(argv[0], '/'))
  265. argv[0] = s+1;
  266. if(pipe(p) < 0)
  267. sysfatal("pipe: %r");
  268. switch(rfork(RFNOWAIT|RFPROC|RFFDG)) {
  269. case -1:
  270. sysfatal("rfork record module: %r");
  271. case 0:
  272. dup(p[0], 1);
  273. dup(p[0], 0);
  274. close(p[0]);
  275. close(p[1]);
  276. exec(file, argv);
  277. sysfatal("exec record module: %r");
  278. default:
  279. close(fd);
  280. close(p[0]);
  281. }
  282. return p[1];
  283. }
  284. static void
  285. mksecret(char *t, uchar *f)
  286. {
  287. sprint(t, "%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux%2.2ux",
  288. f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7], f[8], f[9]);
  289. }