global netlink
global ports
global extra
+ global netlinkfh
+ set pipefp test/$which.netlink
+ foreach tr {t r} {
+ file delete $pipefp.$tr
+ exec mkfifo -m600 $pipefp.$tr
+ set netlinkfh($which.$tr) [set fh [open $pipefp.$tr r+]]
+ fconfigure $fh -blocking 0 -buffering none -translation binary
+ }
+ fileevent $netlinkfh($which.r) readable [list netlink-readable $which]
+ set fakeuf test/$which.fake-userv
+ set fakeuh [open $fakeuf w 0755]
+ puts $fakeuh "#!/bin/sh
+set -e
+exec 3<&0
+cat <&3 3<&- >$pipefp.r &
+exec 3<>$pipefp.t
+exec <$pipefp.t
+exec 3<&-
+exec cat
+"
+ close $fakeuh
set cfg "
- netlink tun {
- name \"netlink-tun\";
+ netlink userv-ipif {
+ name \"netlink\";
+ userv-path \"$fakeuf\";
$netlink($which)
mtu 1400;
buffer sysbuffer(2048);
class "info","notice","warning","error","security","fatal";
};
system {
- userid "secnet";
};
resolver adns {
};
}
proc spawn-secnet {which} {
+ global netlinkfh
upvar #0 pids($which) pid
set cf test/$which.conf
set ch [open $cf w]
puts $ch [mkconf $which]
close $ch
- set argl [list ./secnet -dvnc $cf]
+ set argl [list -dvnc $cf]
set pid [fork]
if {!$pid} {
- execl really $argl
+ execl ./secnet $argl
+ }
+ puts -nonewline $netlinkfh($which.t) "\xc0"
+}
+
+proc netlink-readable {which} {
+ global ok
+ upvar #0 netlinkfh($which.r) fh
+ read $fh; # empty the buffer
+ switch -exact $which {
+ outside {
+ puts OK
+ set ok 1; # what a bodge
+ return
+ }
+ inside {
+ error "inside rx'd!"
+ }
}
}
+proc bgerror {message} {
+ global errorInfo errorCode
+ catch {
+ puts stderr "
+----------------------------------------
+$errorInfo
+
+$errorCode
+$message
+----------------------------------------
+ "
+ }
+ exit 1
+}
+
spawn-secnet inside
spawn-secnet outside
+
+vwait ok