X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=slip.c;h=60152c9a984deea96a8839e89d6222fd346660a4;hp=cff8f63df63788c966428b4c0dc6b43facdc8d37;hb=794f2398b8fe84bf398bb10d6eeca6fe6737f65f;hpb=042a8da9053c205ea74ec1785c93ca4bcf4ea5e0 diff --git a/slip.c b/slip.c index cff8f63..60152c9 100644 --- a/slip.c +++ b/slip.c @@ -91,8 +91,7 @@ static void slip_unstuff(struct slip *st, uint8_t *buf, uint32_t l) switch (buf[i]) { case SLIP_END: if (st->buff->size>0) { - st->netlink_to_tunnel(&st->nl,NULL, - st->buff); + st->netlink_to_tunnel(&st->nl,st->buff); BUF_ALLOC(st->buff,"userv_afterpoll"); } buffer_init(st->buff,st->nl.max_start_pad); @@ -115,7 +114,7 @@ static void slip_init(struct slip *st, struct cloc loc, dict_t *dict, netlink_init(&st->nl,st,loc,dict, "netlink-userv-ipif",NULL,to_host); st->buff=find_cl_if(dict,"buffer",CL_BUFFER,True,"name",loc); - st->local_address=string_to_ipaddr( + st->local_address=string_item_to_ipaddr( dict_find_item(dict,"local-address", True, name, loc),"netlink"); BUF_ALLOC(st->buff,"slip_init"); st->pending_esc=False; @@ -162,7 +161,7 @@ static void userv_afterpoll(void *sst, struct pollfd *fds, int nfds, if (nfds==0) return; if (fds[1].revents&POLLERR) { - Message(M_ERROR,"%s: userv_afterpoll: POLLERR!\n",st->slip.nl.name); + Message(M_ERR,"%s: userv_afterpoll: POLLERR!\n",st->slip.nl.name); } if (fds[1].revents&POLLIN) { l=read(st->rxfd,rxbuf,DEFAULT_BUFSIZE); @@ -178,8 +177,7 @@ static void userv_afterpoll(void *sst, struct pollfd *fds, int nfds, } /* Send buf to the kernel. Free buf before returning. */ -static void userv_deliver_to_kernel(void *sst, void *cid, - struct buffer_if *buf) +static void userv_deliver_to_kernel(void *sst, struct buffer_if *buf) { struct userv *st=sst; @@ -214,8 +212,8 @@ static void userv_userv_callback(void *sst, pid_t pid, int status) struct userv_entry_rec { string_t path; char **argv; - int stdin; - int stdout; + int in; + int out; /* XXX perhaps we should collect and log stderr? */ }; @@ -223,8 +221,8 @@ static void userv_entry(void *sst) { struct userv_entry_rec *st=sst; - dup2(st->stdin,0); - dup2(st->stdout,1); + dup2(st->in,0); + dup2(st->out,1); /* XXX close all other fds */ setsid(); @@ -242,6 +240,8 @@ static void userv_invoke_userv(struct userv *st) string_t nets; string_t s; struct netlink_route *r; + struct ipset *isnets; + struct subnet_list *snets; int i; uint8_t confirm; @@ -257,19 +257,31 @@ static void userv_invoke_userv(struct userv *st) ipaddr_to_string(st->slip.local_address), ipaddr_to_string(st->slip.nl.secnet_address),st->slip.nl.mtu); - nets=safe_malloc(1024,"userv_invoke_userv:nets"); - *nets=0; r=st->slip.nl.routes; + isnets=ipset_new(); for (i=0; islip.nl.n_routes; i++) { if (r[i].up) { + struct ipset *sn,*nis; r[i].kup=True; - s=subnet_to_string(&r[i].net); - strcat(nets,s); - strcat(nets,","); - free(s); + sn=ipset_from_subnet(r[i].net); + nis=ipset_union(isnets,sn); + ipset_free(sn); + ipset_free(isnets); + isnets=nis; } } + snets=ipset_to_subnet_list(isnets); + ipset_free(isnets); + nets=safe_malloc(20*snets->entries,"userv_invoke_userv:nets"); + *nets=0; + for (i=0; ientries; i++) { + s=subnet_to_string(snets->list[i]); + strcat(nets,s); + strcat(nets,","); + free(s); + } nets[strlen(nets)-1]=0; + subnet_list_free(snets); Message(M_INFO,"%s: about to invoke: %s %s %s %s %s\n",st->slip.nl.name, st->userv_path,st->service_user,st->service_name,addrs,nets); @@ -288,8 +300,8 @@ static void userv_invoke_userv(struct userv *st) er=safe_malloc(sizeof(*r),"userv_invoke_userv: er"); - er->stdin=c_stdin[0]; - er->stdout=c_stdout[1]; + er->in=c_stdin[0]; + er->out=c_stdout[1]; /* The arguments are: userv service-user @@ -307,8 +319,8 @@ static void userv_invoke_userv(struct userv *st) st->pid=makesubproc(userv_entry, userv_userv_callback, er, st, st->slip.nl.name); - close(er->stdin); - close(er->stdout); + close(er->in); + close(er->out); free(er->argv); free(er); free(addrs);