Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
247fd7a1
Commit
247fd7a1
authored
Apr 10, 2002
by
Leigh B. Stoller
Browse files
A bit more cleanup. Installed and running on minibed with SSL enabled.
parent
4f9b11e8
Changes
3
Hide whitespace changes
Inline
Side-by-side
tmcd/GNUmakefile.in
View file @
247fd7a1
...
...
@@ -20,9 +20,9 @@ TMLIBS = ${OBJDIR}/lib/libtb/libtb.a
#
# For SSL enabled tmcd/tmcc
#
#
CFLAGS += -DWITHSSL -DETCDIR='"$(INSTALL_ETCDIR)"'
#
TMLIBS += -lssl -lcrypto
#
SSLOBJ = ssl.o
CFLAGS += -DWITHSSL -DETCDIR='"$(INSTALL_ETCDIR)"'
TMLIBS += -lssl -lcrypto
SSLOBJ = ssl.o
ifeq ($(EVENTSYS),1)
TMCDCFLAGS = `elvin-config --cflags vin4c` \
...
...
tmcd/ssl.c
View file @
247fd7a1
...
...
@@ -34,6 +34,10 @@
#define SERVER_CERTFILE "server.pem"
#define CLIENT_CERTFILE "client.pem"
#ifdef linux
#define EAUTH EPERM
#endif
/*
* This is used by tmcd to determine if the connection is ssl or not.
*/
...
...
@@ -120,7 +124,7 @@ int
tmcd_client_sslinit
(
void
)
{
char
buf
[
BUFSIZ
],
**
cp
;
client
=
1
;
SSL_library_init
();
SSL_load_error_strings
();
...
...
@@ -249,7 +253,7 @@ tmcd_sslconnect(int sock, const struct sockaddr *name, socklen_t namelen)
X509
*
peer
;
char
cname
[
256
];
struct
hostent
*
he
;
struct
in_addr
ipaddr
;
struct
in_addr
ipaddr
,
cnameip
;
if
(
connect
(
sock
,
name
,
namelen
)
<
0
)
return
-
1
;
...
...
@@ -306,14 +310,19 @@ tmcd_sslconnect(int sock, const struct sockaddr *name, socklen_t namelen)
*/
ipaddr
=
((
struct
sockaddr_in
*
)
name
)
->
sin_addr
;
if
(
!
(
he
=
gethostbyaddr
((
char
*
)
&
ipaddr
,
sizeof
(
ipaddr
),
AF_INET
)))
{
error
(
"Could not reverse map %s: %s
\n
"
,
inet_ntoa
(
ipaddr
),
hstrerror
(
h_errno
));
if
(
!
(
he
=
gethostbyname
(
cname
)))
{
error
(
"Could not map %s: %s
\n
"
,
cname
,
hstrerror
(
h_errno
));
goto
badauth
;
}
if
(
strcmp
(
he
->
h_name
,
cname
))
{
error
(
"Certificate commonname mismatch: %s!=%s
\n
"
,
he
->
h_name
,
cname
);
memcpy
((
char
*
)
&
cnameip
,
he
->
h_addr
,
he
->
h_length
);
if
(
ipaddr
.
s_addr
!=
cnameip
.
s_addr
)
{
char
buf
[
BUFSIZ
];
strcpy
(
buf
,
inet_ntoa
(
ipaddr
));
error
(
"Certificate mismatch: %s mapped to %s instead of %s
\n
"
,
cname
,
buf
,
inet_ntoa
(
cnameip
));
goto
badauth
;
}
...
...
tmcd/tmcd.c
View file @
247fd7a1
...
...
@@ -438,7 +438,7 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
{
struct
sockaddr_in
redirect_client
;
int
redirect
=
0
;
char
buf
[
BUFSIZ
],
*
bp
;
char
buf
[
BUFSIZ
],
*
bp
,
*
cp
;
char
nodeid
[
TBDB_FLEN_NODEID
];
char
class
[
TBDB_FLEN_NODECLASS
];
char
type
[
TBDB_FLEN_NODETYPE
];
...
...
@@ -567,15 +567,20 @@ handle_request(int sock, struct sockaddr_in *client, char *rdata, int istcp)
*/
bp
+=
strlen
(
command_array
[
i
].
cmdname
);
#ifdef WITHSSL
cp
=
isssl
?
"ssl:yes"
:
"ssl:no"
;
#else
cp
=
""
;
#endif
/*
* XXX hack, don't log "log" contents,
* both for privacy and to keep our syslog smaller.
*/
if
(
command_array
[
i
].
func
==
dolog
)
info
(
"%s: log %d chars
\n
"
,
nodeid
,
strlen
(
bp
));
info
(
"%s:
%s
log %d chars
\n
"
,
nodeid
,
cp
,
strlen
(
bp
));
else
info
(
"%s: vers:%d %s
\n
"
,
nodeid
,
version
,
command_array
[
i
].
cmdname
);
info
(
"%s: vers:%d
%s
%s
\n
"
,
nodeid
,
version
,
cp
,
command_array
[
i
].
cmdname
);
err
=
command_array
[
i
].
func
(
sock
,
nodeid
,
bp
,
istcp
,
version
);
...
...
@@ -807,7 +812,7 @@ COMMAND_PROTOTYPE(doifconfig)
strcat
(
buf
,
"
\n
"
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"IFCONFIG: %s
\n
"
,
buf
);
info
(
"IFCONFIG: %s"
,
buf
);
}
skipit:
nrows
--
;
...
...
@@ -887,7 +892,7 @@ COMMAND_PROTOTYPE(doaccounts)
gidint
=
atoi
(
row
[
1
]);
sprintf
(
buf
,
"ADDGROUP NAME=%s GID=%d
\n
"
,
row
[
0
],
gidint
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"ACCOUNTS: %s
\n
"
,
buf
);
info
(
"ACCOUNTS: %s"
,
buf
);
nrows
--
;
}
...
...
@@ -1182,7 +1187,7 @@ COMMAND_PROTOTYPE(dodelay)
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
nrows
--
;
info
(
"DELAY: %s
\n
"
,
buf
);
info
(
"DELAY: %s"
,
buf
);
}
mysql_free_result
(
res
);
...
...
@@ -1407,7 +1412,7 @@ COMMAND_PROTOTYPE(dohosts)
host
->
vname
:
" "
);
}
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"HOSTNAMES: %s
\n
"
,
buf
);
info
(
"HOSTNAMES: %s"
,
buf
);
host
=
host
->
next
;
}
...
...
@@ -1471,7 +1476,7 @@ COMMAND_PROTOTYPE(dorpms)
sprintf
(
buf
,
"RPM=%s
\n
"
,
bp
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"RPM: %s
\n
"
,
buf
);
info
(
"RPM: %s"
,
buf
);
}
while
((
bp
=
sp
));
...
...
@@ -1532,7 +1537,7 @@ COMMAND_PROTOTYPE(dotarballs)
sprintf
(
buf
,
"DIR=%s TARBALL=%s
\n
"
,
bp
,
tp
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"TARBALLS: %s
\n
"
,
buf
);
info
(
"TARBALLS: %s"
,
buf
);
}
while
((
bp
=
sp
));
...
...
@@ -1590,7 +1595,7 @@ COMMAND_PROTOTYPE(dodeltas)
sprintf
(
buf
,
"DELTA=%s
\n
"
,
bp
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"DELTAS: %s
\n
"
,
buf
);
info
(
"DELTAS: %s"
,
buf
);
}
while
((
bp
=
sp
));
...
...
@@ -1668,7 +1673,7 @@ COMMAND_PROTOTYPE(dostartcmd)
mysql_free_result
(
res
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"STARTUPCMD: %s
\n
"
,
buf
);
info
(
"STARTUPCMD: %s"
,
buf
);
return
0
;
}
...
...
@@ -1804,7 +1809,7 @@ COMMAND_PROTOTYPE(doreadycount)
sprintf
(
buf
,
"READY=%d TOTAL=%d
\n
"
,
ready
,
total
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"READYCOUNT: %s: %s
\n
"
,
nodeid
,
buf
);
info
(
"READYCOUNT: %s: %s"
,
nodeid
,
buf
);
return
0
;
}
...
...
@@ -1955,7 +1960,7 @@ COMMAND_PROTOTYPE(domounts)
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
nrows
--
;
info
(
"MOUNTS: %s
\n
"
,
buf
);
info
(
"MOUNTS: %s"
,
buf
);
}
mysql_free_result
(
res
);
...
...
@@ -2012,7 +2017,7 @@ COMMAND_PROTOTYPE(dorouting)
mysql_free_result
(
res
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"ROUTES: %s
\n
"
,
buf
);
info
(
"ROUTES: %s"
,
buf
);
return
0
;
}
...
...
@@ -2058,7 +2063,7 @@ COMMAND_PROTOTYPE(doloadinfo)
mysql_free_result
(
res
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"doloadinfo: %s
\n
"
,
buf
);
info
(
"doloadinfo: %s"
,
buf
);
return
0
;
}
...
...
@@ -2191,7 +2196,7 @@ COMMAND_PROTOTYPE(dotrafgens)
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
nrows
--
;
info
(
"TRAFGENS: %s
\n
"
,
buf
);
info
(
"TRAFGENS: %s"
,
buf
);
}
mysql_free_result
(
res
);
return
0
;
...
...
@@ -2300,7 +2305,8 @@ COMMAND_PROTOTYPE(dostate)
address_tuple_free
(
tuple
);
#endif
/* EVENTSYS */
info
(
"STATE: %s
\n
"
,
newstate
);
return
0
;
}
...
...
@@ -2344,7 +2350,7 @@ COMMAND_PROTOTYPE(docreator)
mysql_free_result
(
res
);
client_writeback
(
sock
,
buf
,
strlen
(
buf
),
tcp
);
info
(
"CREATOR: %s
\n
"
,
buf
);
info
(
"CREATOR: %s"
,
buf
);
return
0
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment