Add a wrapper around the "console" program to get the acl from the

XMLRPC server on boss.

configure

@@ -2283,7 +2283,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
 	tbsetup/panic tbsetup/webpanic \
         tbsetup/tbrsync \
-	tip/GNUmakefile \
+	tip/GNUmakefile tip/console \
 	tmcd/GNUmakefile tmcd/tmcd.restart \
 	tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
 	tmcd/freebsd/GNUmakefile \
@@ -2305,6 +2305,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	utils/grabwebcams utils/loghole utils/webcopy \
 	utils/setdest utils/websetdest utils/grabswitchconfig \
         utils/backupswitches utils/setbuildinfo utils/checkquota \
+	utils/spewconlog utils/webspewconlog \
 	www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
 	www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
 	vis/GNUmakefile vis/webvistopology vis/dbvistopology \

configure.in

@@ -721,7 +721,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	tbsetup/ipassign/ipassign_wrapper tbsetup/assign_prepass \
 	tbsetup/panic tbsetup/webpanic \
         tbsetup/tbrsync \
-	tip/GNUmakefile \
+	tip/GNUmakefile tip/console \
 	tmcd/GNUmakefile tmcd/tmcd.restart \
 	tmcd/common/GNUmakefile tmcd/common/config/GNUmakefile \
 	tmcd/freebsd/GNUmakefile \
@@ -743,6 +743,7 @@ outfiles="$outfiles Makeconf GNUmakefile \
 	utils/grabwebcams utils/loghole utils/webcopy \
 	utils/setdest utils/websetdest utils/grabswitchconfig \
         utils/backupswitches utils/setbuildinfo utils/checkquota \
+	utils/spewconlog utils/webspewconlog \
 	www/GNUmakefile www/defs.php3 www/dbdefs.php3 www/xmlrpc.php3 \
 	www/swish.conf www/websearch www/garcia-telemetry/GNUmakefile \
 	vis/GNUmakefile vis/webvistopology vis/dbvistopology \

tip/GNUmakefile.in

@@ -5,7 +5,7 @@ SUBDIR		= tip
 
 include $(OBJDIR)/Makeconf
 
-all:	tip tiptunnel console tippty
+all:	tip tiptunnel console.bin console tippty
 client: tippty
 
 include $(TESTBED_SRCDIR)/GNUmakerules
@@ -49,11 +49,11 @@ tiptunnel: tiptunnel.o
 
 # 'console' is tiptunnel, without SSL, and with localmode on by default.
 
-console.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
-	$(CC) -DLOCALBYDEFAULT -o console.o -c $<
+console.bin.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
+	$(CC) -DLOCALBYDEFAULT -o console.bin.o -c $<
 
-console: console.o
-	$(CC) -o console console.o
+console.bin: console.bin.o
+	$(CC) -o console.bin console.bin.o
 
 tippty.o: tiptunnel.c $(TESTBED_SRCDIR)/capture/capdecls.h
 	$(CC) -DTIPPTY -o $@ -c $<
@@ -66,13 +66,14 @@ $(OBJS): tipconf.h tip.h
 client-install: client
 	$(INSTALL_PROGRAM) tippty$(EXE) $(DESTDIR)$(CLIENT_BINDIR)/tippty$(EXE)
 
-control-install tipserv-install:	all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console
+control-install tipserv-install:	all $(INSTALL_BINDIR)/tip $(INSTALL_BINDIR)/tiptunnel $(INSTALL_BINDIR)/console.bin $(INSTALL_BINDIR)/console
 
 install:	control-install
 	-mkdir -p $(INSTALL_DIR)/opsdir/bin
 	$(INSTALL_PROGRAM) tiptunnel $(INSTALL_DIR)/opsdir/bin/tiptunnel
 	$(INSTALL_PROGRAM) tip $(INSTALL_DIR)/opsdir/bin/tip
 	$(INSTALL_PROGRAM) console $(INSTALL_DIR)/opsdir/bin/console
+	$(INSTALL_PROGRAM) console.bin $(INSTALL_DIR)/opsdir/bin/console.bin
 
 clean:
-	rm -f $(OBJS) tiptunnel.o console.o tip tiptunnel console tippty.o tippty
+	rm -f $(OBJS) *.o tip tiptunnel console console.bin tippty

tip/console.in

+#!/usr/bin/perl -w
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2005 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use English;
+use Getopt::Std;
+use POSIX qw(setsid);
+
+#
+# Wrapper for console program; grab tipacl from XMLRPC server, and feed it
+# to the console binary.
+#
+sub usage()
+{
+    print(STDOUT "Usage: console pcXXX\n");
+    exit(-1);
+}
+my $optlist  = "";
+
+#
+# Configure variables
+#
+my $TB		= "@prefix@";
+my $TBOPS       = "@TBOPSEMAIL@";
+my $WRAPPER     = "$TB/bin/script_wrapper.py";
+my $CONSOLEBIN  = "$TB/bin/console.bin";
+my $aclfile;
+
+# un-taint path
+$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin';
+delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+
+#
+# Turn off line buffering on output. Very important for this script!
+#
+$| = 1; 
+
+#
+# Parse command arguments. Once we return from getopts, all that should be
+# left are the required arguments.
+#
+%options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+usage()
+    if (@ARGV != 1);
+my $node = $ARGV[0];
+
+#
+# Make a temp file for the acl.
+#
+$ENV{'TMPDIR'} = "/tmp";
+
+my $tempfile = `mktemp -t tipacl`;
+if ($?) {
+    die("*** $0:\n".
+	"    Could not create a temporary file!\n");
+}
+if ($tempfile =~ /^([-\w\/\.]*)$/) {
+    $tempfile = $1;
+}
+else {
+    die("*** $0:\n".
+	"    Bad data in tag: $tempfile\n");
+}
+
+#
+# Ask the XMLRPC server for the tipacl. The current user has to have proper
+# permission of course.
+#
+system("$WRAPPER tipacl $node >> $tempfile");
+
+#
+# Do not want to leave the acl file around, and do not want to wait for
+# the user to quit the program, so fork a child to wait a moment and remove
+# the file. We have the child do it so as to avoid messing with the session
+# and tty goo.
+#
+my $syspid = fork();
+
+# Child delays a moment and exits. 
+if (!$syspid) {
+    sleep(1);
+    unlink($tempfile);
+    exit(0);
+}
+my @cmdargs = ($CONSOLEBIN, "-a", "$tempfile", "$node");
+exec(@cmdargs);
+die("*** $0:\n".
+    "    Exec failure: '@cmdargs'\n");

tip/tiptunnel.c

@@ -136,6 +136,7 @@ static void sigquit(int sig)
 int main( int argc, char ** argv )
 {
   const char * name = argv[0];
+  char * aclfile = (char *) NULL;
   int op;
 
 #if defined(LOCALBYDEFAULT) || defined(TIPPTY)
@@ -145,11 +146,14 @@ int main( int argc, char ** argv )
 #endif
 #endif
 
-  while ((op = getopt( argc, argv, "hlp:rdu:c:" )) != -1) {
+  while ((op = getopt( argc, argv, "hlp:rdu:c:a:" )) != -1) {
     switch (op) {
       case 'h':
         usage(name);
         break;
+      case 'a':
+	aclfile = optarg;
+        break;
       case 'l':
 	localmode++;
 	break;
@@ -189,9 +193,13 @@ int main( int argc, char ** argv )
   }
 
   if (localmode) {
-    char localAclName[1024];
-    sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] );
-    loadAcl( localAclName );
+    if (aclfile)
+      loadAcl( aclfile );
+    else {
+      char localAclName[1024];
+      sprintf( localAclName, "%s/%s.acl", ACLDIR, argv[0] );
+      loadAcl( localAclName );
+    }
   } else {
     loadAcl( argv[0] );
   }
@@ -400,15 +408,15 @@ void loadAcl( const char * filename )
   bzero( &key, sizeof( key ) );
 
   while (fscanf(aclFile, "%s %s\n", &b1, &b2) != EOF) {
-    if ( strcmp(b1, "host:") == 0 ) {
+    if ( strcmp(b1, "host:") == 0 || strcmp(b1, "server:") == 0 ) {
       if (!uploadmode)
 	hostname = strdup( b2 );
-    } else if ( strcmp(b1, "port:") == 0 ) {
+    } else if ( strcmp(b1, "port:") == 0 || strcmp(b1, "portnum:") == 0 ) {
       if (!uploadmode)
 	port = atoi( b2 );
     } else if ( strcmp(b1, "keylen:") == 0 ) {
       key.keylen = atoi( b2 );
-    } else if ( strcmp(b1, "key:") == 0 ) {
+    } else if ( strcmp(b1, "key:") == 0 || strcmp(b1, "keydata:") == 0) {
       strcpy( key.key, b2 );
 #ifdef WITHSSL
     } else if ( strcmp(b1, "uphost:") == 0 ) {
@@ -423,11 +431,15 @@ void loadAcl( const char * filename )
       usingSSL++;
 #endif /* WITHSSL */
     } else {
-      fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2);
+      /* fprintf(stderr, "Ignored unknown ACL: %s %s\n", b1, b2); */
     }
   }
+  fclose(aclFile);
+
+  if (!key.keylen)
+    key.keylen = strlen(key.key);
 
-  if (!port || !hostname || !key.keylen || !strlen(key.key)) {
+  if (!port || !hostname || !strlen(key.key)) {
     fprintf(stderr, "Incomplete ACL\n");
     exit(-1);
   }