#
# Usage:
#
-# .../ipif1 <v1config> <real-service-program> -- <service-args>...
+# .../ipif1 <v1config> <real-service-program> <v0config> -- <service-args>...
#
# Config file is a series of lines, or a directory. If a directory,
# all files with names matching ^[-A-Za-z0-9_]+$ are processed.
#
# include <other-config-file-or-directory>
#
-# v0config <v0configfile>
+# <v0config>
#
-# If none of the `permit' lines match, will read <v0configfile>
-# in old format. Must come after all `permit' lines.
+# If none of the `permit' lines match, will process <v0config> in
+# old format. See service.c head comment. <v0config> may be
+# `' or `#' or `/dev/null' to process new-style config only.
#
# <config> --
use POSIX;
use Carp;
use NetAddr::IP::Lite qw(:nofqdn :lower);
+use File::Basename;
our $default_ifname = 'userv%d';
$$ar = $x;
}
-@ARGV == 5 or badusage "wrong number of arguments";
-our ($v1config, $realservice, $sep, $addrsarg, $rnets) = @ARGV;
+@ARGV == 6 or badusage "wrong number of arguments";
+our ($v1config, $realservice, $v0config, $sep, $addrsarg, $rnets) = @ARGV;
$sep eq '--' or badusage "separator should be \`--'";
my ($local_addr, $peer_addr, $mtu, $protocol, $ifname) =
or die "exec $realservice: $!\n";
}
-our $v0config;
-
our $cfgpath;
sub badcfg ($) {
next if m/^\#/;
next unless m/\S/;
if (s{^permit\s+}{}) {
- badcfg "v0config before permit" if defined $v0config;
%need_allow = ();
need_allow_singleton 'Caller', allowent 'caller';
need_allow_singleton 'Local',
my $net = $hn->network() or die;
maybe_allow_addrs 'Local', $host;
maybe_allow_addrs 'Remote', $net;
- } elsif (s{^(local|remote|addrs)\s+(\S+)\ s+}{}) {
+ } elsif (s{^(local|remote|addrs)\s+(\S+)\s+}{}) {
my $h = $1;
my $s = new NetAddr::IP::Lite $2 or
badcfg "invalid ip address or mask in $h";
print "config $cfgpath:$.: mismatch: $_\n"
foreach @wrong;
}
- } elsif (m{^v0config\s+(\S+)$}) {
- badcfg "repeated v0config" if defined $v0config;
- $v0config = $1;
} elsif (m{^include\s+(\S+)$}) {
- readconfig $1;
+ my $include = $1;
+ $include =~ s{^(?!/)}{ dirname($cfgpath)."/" }e;
+ readconfig $include;
} else {
badcfg "unknown config directive or bad syntax";
}
}
$cfgfh->error and die $!;
close $cfgfh;
+}
- if (defined $v0config) {
- $v0config =~ s{^}{./} unless $v0config =~ m{^/};
- print "trying v0 config $v0config...\n" if $protocol eq 'debug';
- execreal $v0config;
+sub try_v0config() {
+ return unless $v0config;
+ return unless $v0config =~ m{^[^#]};
+ return if $v0config eq '/dev/null';
+ if ($v0config =~ m{^/}) {
+ if (!stat $v0config) {
+ die "v0 config $v0config: $!\n" unless $!==ENOENT;
+ return;
+ }
}
- die "permission denied\n";
+ print "trying v0 config $v0config...\n" if $protocol eq 'debug';
+ execreal $v0config;
}
readconfig $v1config;
+try_v0config();
+
+die "permission denied\n";