www-cgi: Introduce `?DEFAULTS' pattern to match the default set.

[userv-utils.git] / ipif / udptunnel-reconf.pl

diff --git a/ipif/udptunnel-reconf.pl b/ipif/udptunnel-reconf.pl
index 7fd14bc59643fe360cb6885b2fe2cddf2fd185ca..6b77f97b7369a327f935ed8fbf7746234eb154c4 100755 (executable)
--- a/ipif/udptunnel-reconf.pl
+++ b/ipif/udptunnel-reconf.pl
@@ -3,6 +3,9 @@
 # Set up the relevant stuff in /etc/userv/vpn, and then run
 # this.  It should tell you what to do to inittab and ipif-networks.
 
+# Copyright (C) 1999-2000,2003 Ian Jackson
+# This file is part of ipif, part of userv-utils
+#
 # This is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
@@ -55,7 +58,7 @@ sub run_m4 ($$$) {
     undef $/;
     $m4out= <X>;
     $/= "\n";
-    close X; $? and exit -1;
+    $!=0; close X; $? and die "m4 failed with code $? $!";
     $m4out =~ s/^\s+//;
     $m4out =~ s/\n+/\n/g;
     $m4out =~ s/\s+$//;
@@ -94,14 +97,6 @@ sub parse_addr_mask ($) {
     return ($iaddr, $mask);
 }
 
-$forbid_remote= var_global('forbid_remote');
-@forbid_remote= ();
-if ($forbid_remote ne '-') {
-    foreach $r (split /[, \t]+/, $forbid_remote) {
-       push @forbid_remote, [ parse_addr_mask($r) ];
-    }
-}
-
 sub ipif_permit ($$$$) {
     my ($group,$local,$net,$why) = @_;
     my ($pmask,$piaddr,$fmask,$fiaddr,@lgroup,$lgid);
@@ -133,6 +128,14 @@ if ($glend !~ m/^V_/ && $glgroup !~ m/^V_/ &&
 }
 
 foreach $site (@actives, @passives) {
+    $forbid_remote= var_site('forbid_remote');
+    @forbid_remote= ();
+    if ($forbid_remote ne '-') {
+       foreach $r (split /[, \t]+/, $forbid_remote) {
+           push @forbid_remote, [ parse_addr_mask($r) ];
+       }
+    }
+
     $tlend= var_site('lend')."/32";
     $tlgroup= var_site('lgroup');
     if ($tlend ne $glend || $tlgroup ne $glgroup) {
@@ -163,16 +166,21 @@ $ipifnetsfile= var_global(ipifnetsfile);
 write_file($ipifnetsfile,'ipifnetsfile','', $ipif_file);
 
 $active_file= '';
+$knownhosts_file= '';
 $inittab= '';
 $ix= 0;
 foreach $site (@actives) {
     $active_file.= "$site\t".var_site('activesxinfo')."\n";
     $inittab.= sprintf("t%d", $ix++).':'.var_site('inittab_line')."\n";
+    $hostkey= var_site('rhostkey');
+    $knownhosts_file.= var_site('sshdest').' '.$hostkey."\n"
+       if length $hostkey;
     $invoke_file= var_site('invoke_file');
     write_file($invoke_file, 'invoke_file',
-              var_site('invoke_head'), var_site('invoke_body'));
+              var_site('invoke_head')."\n", var_site('invoke_body'));
     chmod 0777&~umask, $invoke_file or die $!;
 }
+write_file(var_global('knownhostsfile'),'knownhostsfile', '',$knownhosts_file);
 write_file(var_global('activesfile'),'activesfile', '',$active_file);
 
 print