X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=make-secnet-sites;h=c49467a19f687c5f1fb78dfb15ebe44a5790c9ae;hp=4c6f0f4f41914bd5aed5a70a1e685f373c3eb114;hb=26f727b913e16936c8f319fde9d7e06b677345f6;hpb=040040f336aa9d52c4288e5d2edd08a216dd8a24

diff --git a/make-secnet-sites b/make-secnet-sites
index 4c6f0f4..c49467a 100755
--- a/make-secnet-sites
+++ b/make-secnet-sites
@@ -267,12 +267,12 @@ class sitelevel(level):
 	 'networks':None,
 	 'peer':None,
 	 'pubkey':(lambda n,v:"key %s;\n"%v),
+	 'address':None,
 	 'mobile':sp,
 	})
 	require_properties={
 	 'dh':"Diffie-Hellman group",
 	 'contact':"Site admin contact address",
-	 'address':"Site external access address",
 	 'networks':"Networks claimed by the site",
 	 'hash':"hash function",
 	 'peer':"Gateway address of the site",
@@ -320,6 +320,7 @@ def moan(msg):
 root=level(['root','root'])   # All vpns are children of this node
 obstack=[root]
 allow_defs=0   # Level above which new definitions are permitted
+prefix=''
 
 def set_property(obj,w):
 	"Set a property on a configuration node"
@@ -329,7 +330,7 @@ def set_property(obj,w):
 	else:
 		obj.properties[w[0]]=keywords[w[0]][0](w)
 
-def pline(i):
+def pline(i,allow_include=False):
 	"Process a configuration file line"
 	global allow_defs, obstack, root
 	w=string.split(i)
@@ -340,6 +341,16 @@ def pline(i):
 		allow_defs=sitelevel.depth
 		obstack=[root]
 		return
+	if keyword=='include':
+		if not allow_include:
+			complain("include not permitted here")
+			return
+		if len(w) != 2:
+			complain("include requires one argument")
+			return
+		newfile=os.path.join(os.path.dirname(file),w[1])
+		pfilepath(newfile,allow_include=allow_include)
+		return
 	if levels.has_key(keyword):
 		# We may go up any number of levels, but only down by one
 		newdepth=levels[keyword].depth
@@ -379,7 +390,14 @@ def pline(i):
 
 	complain("unknown keyword '%s'"%(keyword))
 
-def pfile(name,lines):
+def pfilepath(pathname,allow_include=False):
+	f=open(pathname)
+	lines=f.readlines()
+	pfile(pathname,lines,allow_include=allow_include)
+	f.close()
+	return lines
+
+def pfile(name,lines,allow_include=False):
 	"Process a file"
 	global file,line
 	file=name
@@ -388,7 +406,7 @@ def pfile(name,lines):
 		line=line+1
 		if (i[0]=='#'): continue
 		if (i[len(i)-1]=='\n'):	i=i[:len(i)-1] # strip trailing LF
-		pline(i)
+		pline(i,allow_include=allow_include)
 
 def outputsites(w):
 	"Output include file for secnet configuration"
@@ -398,20 +416,21 @@ def outputsites(w):
 	w.write("# Command line: %s\n\n"%string.join(sys.argv))
 
 	# Raw VPN data section of file
-	w.write("vpn-data {\n")
+	w.write(prefix+"vpn-data {\n")
 	for i in root.children.values():
 		i.output_data(w,2,"")
 	w.write("};\n")
 
 	# Per-VPN flattened lists
-	w.write("vpn {\n")
+	w.write(prefix+"vpn {\n")
 	for i in root.children.values():
-		i.output_vpnflat(w,2,"vpn-data")
+		i.output_vpnflat(w,2,prefix+"vpn-data")
 	w.write("};\n")
 
 	# Flattened list of sites
-	w.write("all-sites %s;\n"%string.join(map(lambda x:"vpn/%s/all-sites"%
-		x,root.children.keys()),","))
+	w.write(prefix+"all-sites %s;\n"%string.join(
+		map(lambda x:"%svpn/%s/all-sites"%(prefix,x),
+			root.children.keys()),","))
 
 # Are we being invoked from userv?
 service=0
@@ -450,19 +469,17 @@ else:
 		if not ok:
 			print "caller not in group %s"%group
 			sys.exit(1)
-		f=open(header)
-		headerinput=f.readlines()
-		f.close()
-		pfile(header,headerinput)
+		headerinput=pfilepath(header,allow_include=True)
 		userinput=sys.stdin.readlines()
 		pfile("user input",userinput)
 	else:
+		if sys.argv[1]=='-P':
+			prefix=sys.argv[2]
+			sys.argv[1:3]=[]
 		if len(sys.argv)>3:
 			print "Too many arguments"
 			sys.exit(1)
-		f=open(sys.argv[1])
-		pfile(sys.argv[1],f.readlines())
-		f.close()
+		pfilepath(sys.argv[1],allow_include=True)
 		of=sys.stdout
 		if len(sys.argv)>2:
 			of=open(sys.argv[2],'w')