Warning: Attempt to read property "date" on null in /usr/local/www/websvn.planix.org/blame.php on line 247

Warning: Attempt to read property "msg" on null in /usr/local/www/websvn.planix.org/blame.php on line 247

Warning: Attempt to read property "date" on null in /usr/local/www/websvn.planix.org/blame.php on line 247

Warning: Attempt to read property "msg" on null in /usr/local/www/websvn.planix.org/blame.php on line 247
WebSVN – planix.SVN – Blame – /os/branches/feature_unix/sys/src/cmd/tlsclient.c – Rev 33

Subversion Repositories planix.SVN

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 - 1 
#include <u.h>
2 
#include <libc.h>
3 
#include <mp.h>
4 
#include <libsec.h>
33 7u83 5 
#include <auth.h>
2 - 6 
 
33 7u83 7 
int debug, auth, dialfile;
8 
char *keyspec = "";
9 
char *servername, *file, *filex, *ccert, *dumpcert;
10 
 
2 - 11 
void
12 
usage(void)
13 
{
33 7u83 14 
	fprint(2, "usage: tlsclient [-D] [-a [-k keyspec] ] [-c clientcert.pem] [-d servercert] [-t /sys/lib/tls/xxx] [-x /sys/lib/tls/xxx.exclude] [-n servername] [-o] dialstring [cmd [args...]]\n");
2 - 15 
	exits("usage");
16 
}
17 
 
18 
void
19 
xfer(int from, int to)
20 
{
21 
	char buf[12*1024];
22 
	int n;
23 
 
24 
	while((n = read(from, buf, sizeof buf)) > 0)
25 
		if(write(to, buf, n) < 0)
26 
			break;
27 
}
28 
 
33 7u83 29 
static int
30 
reporter(char *fmt, ...)
31 
{
32 
	va_list ap;
33 
 
34 
	va_start(ap, fmt);
35 
	fprint(2, "%s:  tls reports ", argv0);
36 
	vfprint(2, fmt, ap);
37 
	fprint(2, "\n");
38 
 
39 
	va_end(ap);
40 
	return 0;
41 
}
42 
 
2 - 43 
void
44 
main(int argc, char **argv)
45 
{
33 7u83 46 
	int fd, dfd;
47 
	char *addr;
48 
	TLSconn *conn;
2 - 49 
	Thumbprint *thumb;
33 7u83 50 
	AuthInfo *ai = nil;
2 - 51 
 
33 7u83 52 
	fmtinstall('[', encodefmt);
53 
	fmtinstall('H', encodefmt);
54 
 
2 - 55 
	ARGBEGIN{
33 7u83 56 
	case 'D':
57 
		debug++;
58 
		break;
59 
	case 'a':
60 
		auth++;
61 
		break;
62 
	case 'k':
63 
		keyspec = EARGF(usage());
64 
		break;
2 - 65 
	case 't':
66 
		file = EARGF(usage());
67 
		break;
68 
	case 'x':
69 
		filex = EARGF(usage());
70 
		break;
33 7u83 71 
	case 'c':
72 
		ccert = EARGF(usage());
73 
		break;
74 
	case 'd':
75 
		dumpcert = EARGF(usage());
76 
		break;
77 
	case 'n':
78 
		servername = EARGF(usage());
79 
		break;
80 
	case 'o':
81 
		dialfile = 1;
82 
		break;
2 - 83 
	default:
84 
		usage();
85 
	}ARGEND
86 
 
33 7u83 87 
	if(argc < 1)
2 - 88 
		usage();
89 
 
90 
	if(filex && !file)
91 
		sysfatal("specifying -x without -t is useless");
33 7u83 92 
 
2 - 93 
	if(file){
33 7u83 94 
		thumb = initThumbprints(file, filex, "x509");
2 - 95 
		if(thumb == nil)
96 
			sysfatal("initThumbprints: %r");
33 7u83 97 
	} else
98 
		thumb = nil;
2 - 99 
 
33 7u83 100 
	addr = *argv++;
101 
	if((fd = dialfile? open(addr, ORDWR): dial(addr, 0, 0, 0)) < 0)
2 - 102 
		sysfatal("dial %s: %r", addr);
103 
 
33 7u83 104 
	conn = (TLSconn*)mallocz(sizeof *conn, 1);
105 
	conn->serverName = servername;
106 
	if(ccert){
107 
		conn->cert = readcert(ccert, &conn->certlen);
108 
		if(conn->cert == nil)
109 
			sysfatal("readcert: %r");
110 
	}
111 
 
112 
	if(auth){
113 
		ai = auth_proxy(fd, auth_getkey, "proto=p9any role=client %s", keyspec);
114 
		if(ai == nil)
115 
			sysfatal("auth_proxy: %r");
116 
 
117 
		conn->pskID = "p9secret";
118 
		conn->psk = ai->secret;
119 
		conn->psklen = ai->nsecret;
120 
	}
121 
 
122 
	if(debug)
123 
		conn->trace = reporter;
124 
 
125 
	fd = tlsClient(fd, conn);
2 - 126 
	if(fd < 0)
127 
		sysfatal("tlsclient: %r");
33 7u83 128 
 
129 
	if(dumpcert){
130 
		if((dfd = create(dumpcert, OWRITE, 0666)) < 0)
131 
			sysfatal("create: %r");
132 
		if(conn->cert != nil)
133 
			write(dfd, conn->cert, conn->certlen);
134 
		write(dfd, "", 0);
135 
		close(dfd);
136 
	}
137 
 
2 - 138 
	if(thumb){
33 7u83 139 
		if(!okCertificate(conn->cert, conn->certlen, thumb))
140 
			sysfatal("cert for %s not recognized: %r", servername ? servername : addr);
141 
		freeThumbprints(thumb);
2 - 142 
	}
143 
 
33 7u83 144 
	free(conn->cert);
145 
	free(conn->sessionID);
146 
	free(conn);
147 
	if(ai != nil)
148 
		auth_freeAI(ai);
149 
 
150 
	if(*argv){
151 
		dup(fd, 0);
152 
		dup(fd, 1);
153 
		if(fd > 1)
154 
			close(fd);
155 
		exec(*argv, argv);
156 
		sysfatal("exec: %r");
157 
	}
158 
 
2 - 159 
	rfork(RFNOTEG);
160 
	switch(fork()){
161 
	case -1:
33 7u83 162 
		sysfatal("fork: %r");
2 - 163 
	case 0:
164 
		xfer(0, fd);
165 
		break;
166 
	default:
167 
		xfer(fd, 1);
168 
		break;
169 
	}
170 
	postnote(PNGROUP, getpid(), "die yankee pig dog");
171 
	exits(0);
172 
}