diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 2e56df6bf1d46c81adb1cc1c4160b38b7320db50..0000000000000000000000000000000000000000 --- a/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -event/trafgen/tg2.0 -event/linktest/iperf/iperf-2.0.2 -event/linktest/rude/rude-0.70 -sensors/nfstrace/nfsdump2/Makefile -sensors/nfstrace/nfsdump2/config.h -sensors/nfstrace/nfsdump2/config.log -protogeni/demo/.metadata -protogeni/demo/map/.metadata diff --git a/account/mksyscert.in b/account/mksyscert.in index 1c177804613e58811bd9296859167ffd6886f7d9..5114dc14e7cf918992050d2252e0df08bd2ff9bf 100644 --- a/account/mksyscert.in +++ b/account/mksyscert.in @@ -1,7 +1,7 @@ #!/usr/bin/perl -w # # EMULAB-COPYRIGHT -# Copyright (c) 2000-2009 University of Utah and the Flux Group. +# Copyright (c) 2000-2010 University of Utah and the Flux Group. # All rights reserved. # use strict; @@ -271,7 +271,6 @@ system("$OPENSSL ca -batch -policy policy_sslxmlrpc ". " -infiles syscert_req.pem $outline") == 0 or fatal("Could not sign certificate request"); $UID = $SAVEUID; -TBScriptUnlock(); # # Combine the key and the certificate into one file @@ -288,6 +287,7 @@ else { system("cat syscert_key.pem syscert_cert.pem") == 0 or fatal("Could not combine cert and key"); } +TBScriptUnlock(); exit(0); sub fatal($) { diff --git a/apache/httpd.conf.in b/apache/httpd.conf.in index 1d4c502fb28d47800ce460aaebd561ca513ee72b..ff84518c56b480b5b0eeb89044ccf3e5a655b6e2 100644 --- a/apache/httpd.conf.in +++ b/apache/httpd.conf.in @@ -1344,13 +1344,8 @@ SSLVerifyDepth 10 SSLRequire ( %{SSL_CLIENT_S_DN_OU} ne "sslxmlrpc" ) -ScriptAlias /protogeni/xmlrpc/ch @prefix@/protogeni/xmlrpc/protogeni-ch.pl -ScriptAlias /protogeni/xmlrpc/cm @prefix@/protogeni/xmlrpc/protogeni-cm.pl -ScriptAlias /protogeni/xmlrpc/sa @prefix@/protogeni/xmlrpc/protogeni-sa.pl -ScriptAlias /protogeni/xmlrpc/ses @prefix@/protogeni/xmlrpc/protogeni-ses.pl - -ScriptAlias /protogeni/xmlrpc/am @prefix@/protogeni/xmlrpc/geni-am.pl - +ScriptAlias /protogeni/xmlrpc @prefix@/protogeni/xmlrpc/protogeni-wrapper.pl + SSLRequireSSL Order deny,allow diff --git a/db/Experiment.pm.in b/db/Experiment.pm.in index d41c01d9979e028fcc98a680019d51419cc31ac8..dfa0e2efe27b9927533a81f2f035febabee18a42 100644 --- a/db/Experiment.pm.in +++ b/db/Experiment.pm.in @@ -2076,6 +2076,8 @@ sub PreSwap($$$$) $swapper->BumpActivity(); $self->GetProject()->BumpActivity(); $self->GetGroup()->BumpActivity(); + $self->Refresh() == 0 + or goto failed; return 0; failed: @@ -2157,16 +2159,7 @@ sub SwapFail($$$$;$) "where idx='$rsrcidx'") or return -1; - if ($which eq $EXPT_SWAPMOD && - $self->state() eq libdb::EXPTSTATE_ACTIVE()) { - DBQueryWarn("update experiment_resources set ". - ($flags & libdb::TBDB_STATS_FLAGS_MODHOSED() ? - "swapout_time=swapmod_time, " : " ") . - "swapmod_time=0 ". - "where idx='$lastrsrc'") - or return -1; - } - + # Delete it. DBQueryWarn("delete from experiment_resources ". "where idx=$rsrcidx") or return -1; @@ -2225,6 +2218,21 @@ sub PostSwap($$$$) my $prev_swapper = $swapper; my $query_result; + # + # Need to update the previous record with the swapmod_time. + # + if ($which eq $EXPT_SWAPMOD) { + my $when = "UNIX_TIMESTAMP(now())"; + # unless its active, in which case pick up swapin time. + $when = $self->swapin_time() + if ($self->state() eq libdb::EXPTSTATE_ACTIVE()); + + DBQueryWarn("update experiment_resources set ". + " swapmod_time=$when ". + "where idx='$lastrsrc'") + or return -1; + } + if ($which eq $EXPT_SWAPOUT || ($which eq $EXPT_SWAPMOD && $self->state() eq libdb::EXPTSTATE_ACTIVE())) { @@ -2246,7 +2254,7 @@ sub PostSwap($$$$) DBQueryWarn("select r.pnodes,r.vnodes,r.uid_idx, ". " r.swapmod_time - r.swapin_time ". " from experiment_resources as r ". - "where r.idx='$rsrcidx'"); + "where r.idx='$lastrsrc'"); } return -1 if (!$query_result); @@ -2264,18 +2272,6 @@ sub PostSwap($$$$) } } - if ($which eq $EXPT_SWAPMOD) { - my $when = "UNIX_TIMESTAMP(now())"; - # unless its active, in which case pick up swapin time. - $when = $self->swapin_time() - if ($self->state() eq libdb::EXPTSTATE_ACTIVE()); - - DBQueryWarn("update experiment_resources set ". - " swapmod_time=$when ". - "where idx='$lastrsrc'") - or return -1; - } - # Special case for initial record. Needs to be fixed. if ($which eq $EXPT_SWAPIN && !$self->lastidx()) { DBQueryWarn("update experiment_resources set byswapin=1 ". diff --git a/db/Interface.pm.in b/db/Interface.pm.in index b62dfd7c787e0f6d31724e4afb82ebd352e085bf..21bb5257c0d54332534a0db5af1c464cad06a397 100644 --- a/db/Interface.pm.in +++ b/db/Interface.pm.in @@ -322,14 +322,38 @@ sub Create($$$) print STDERR Dumper($argref); return undef; } - DBQueryWarn("insert into interfaces set ". + + # + # Lock the tables to prevent concurrent creation + # + DBQueryWarn("lock tables interfaces write, ". + " interface_state write, ". + " wires write") + or return undef; + + # + # See if we have a record; if we do, we can stop now. This is + # not actually correct, since creating a node is not atomic. + # + my $query_result = + DBQueryWarn("select node_id from interfaces ". + "where node_id='$node_id' and ". + " card='$card' and port='$port'"); + if ($query_result->numrows) { + DBQueryWarn("unlock tables"); + return Interface->Lookup($node_id, $card, $port); + } + + if (!DBQueryWarn("insert into interfaces set ". " node_id='$node_id', " . " card=$card, port=$port, role='$ifrole', ". " mac='$MAC', IP='$IP', mask='$mask', " . " interface_type='$iftype', iface='$iface', " . " current_speed='$max_speed', duplex='$duplex', ". - " uuid='$uuid'") - or return undef; + " uuid='$uuid'")) { + DBQueryWarn("unlock tables"); + return undef; + } if (!DBQueryWarn("insert into interface_state set ". " node_id='$node_id', " . @@ -337,6 +361,7 @@ sub Create($$$) DBQueryWarn("delete from interfaces ". "where node_id='$node_id' and card='$card' ". " and port='$port'"); + DBQueryWarn("unlock tables"); return undef; } @@ -359,9 +384,11 @@ sub Create($$$) DBQueryWarn("delete from interfaces ". "where node_id='$node_id' and card='$card' ". " and port='$port'"); + DBQueryWarn("unlock tables"); return undef; } } + DBQueryWarn("unlock tables"); return Interface->Lookup($node_id, $card, $port); } diff --git a/db/Node.pm.in b/db/Node.pm.in index a097bb9821e84ec7bb42ec4ddbc187222351dcde..863ea949fed1a0247858e1e42b6469f21aaf0d73 100644 --- a/db/Node.pm.in +++ b/db/Node.pm.in @@ -338,8 +338,11 @@ sub Create($$$$) # # Lock the tables to prevent concurrent creation # - DBQueryWarn("lock tables nodes write, widearea_nodeinfo write") - or return -1; + DBQueryWarn("lock tables nodes write, widearea_nodeinfo write, ". + "node_hostkeys write, node_status write, ". + "node_utilization write, ". + "node_activity write, reserved write, node_auxtypes write") + or return undef; # # Make up a priority (just used for sorting) @@ -351,6 +354,17 @@ sub Create($$$$) $priority = 1; } + # + # See if we have a record; if we do, we can stop now and get the + # existing record. + # + my $query_result = + DBQueryWarn("select node_id from nodes where node_id='$node_id'"); + if ($query_result->numrows) { + DBQueryWarn("unlock tables"); + return Node->Lookup($node_id); + } + if (!DBQueryWarn("insert into nodes set ". " node_id='$node_id', type='$type', " . " phys_nodeid='$node_id', role='$role', ". @@ -378,7 +392,6 @@ sub Create($$$$) return undef; } } - DBQueryWarn("unlock tables"); if ($role eq "testnode") { DBQueryWarn("insert into node_hostkeys (node_id) ". @@ -435,12 +448,14 @@ sub Create($$$$) "type='$vtype', count=$virtnode_capacity") or goto bad; } + DBQueryWarn("unlock tables"); return Node->Lookup($node_id); bad: foreach my $table (@cleantables) { DBQueryWarn("delete from $table where node_id='$node_id'"); } + DBQueryWarn("unlock tables"); return undef; } diff --git a/db/emdbi.pm.in b/db/emdbi.pm.in index 0e552fe78c97252c671965f2dd5a411f3600b461..203c6ea66ade1151b6f6d379b86d870d7ff7afb2 100644 --- a/db/emdbi.pm.in +++ b/db/emdbi.pm.in @@ -193,7 +193,6 @@ sub TBDBDisconnect() for (my $i = 0; $i < @DB; $i++) { undef($DB[$i]); } - select(undef, undef, undef, 0.2); } # Create a new DB handle and return the handle number diff --git a/db/libGeni.pm.in b/db/libGeni.pm.in index 3de903bcb02db32c91454c768d0cbed8450b825e..8234025dd84c2038715a7a86def4104535755ca2 100644 --- a/db/libGeni.pm.in +++ b/db/libGeni.pm.in @@ -76,22 +76,49 @@ sub MapResources($$$$) or return -1; foreach my $ref (@{ $rspec->{'node'} }) { + my $resource; my %copy = %{ $ref }; my $copy = \%copy; - my $node_urn = $copy->{'component_urn'}; + my $node_urn = $copy->{'request_urn'}; my ($auth,$type,$node_id) = GeniHRN::Parse($node_urn); my $cm = GeniHRN::Generate($auth, "authority", "cm"); - $copy->{'component_manager_uuid'} = $cm; - if ($node_id eq "*") { - # assign will use this, but its format is bogus. Kill it. - delete($copy->{'component_urn'}); + + # + # Get the resource object. + # + if (!exists($cm_urns{$cm})) { + $resource = GeniResource->Lookup($experiment->idx(), $cm); + if (!defined($resource)) { + $resource = GeniResource->Create($experiment, $cm); + if (!defined($resource)) { + print STDERR "Could not create GeniResource for $cm\n"; + return -1; + } + } + $cm_urns{$cm} = $resource; } - else { - $copy->{'component_uuid'} = $node_urn; + $resource = $cm_urns{$cm}; + + # + # request_urn means nothing to assign; kill that from the copy. + # + delete($copy->{'request_urn'}); + # Ditto + delete($copy->{'tarfiles'}); + + # + # If already have the ticket, then leave the urn alone. + # We do not run assign again, but we need the rspec to be + # complete for loops below. + # + if (!$resource->HaveTicket()) { + if ($node_id ne "*") { + $copy->{'component_uuid'} = $node_urn; + $copy->{'component_urn'} = $node_urn; + } } - $cm_urns{$cm} = $cm; # # The point of this is to split the rspec apart, since at present @@ -125,6 +152,9 @@ sub MapResources($$$$) foreach my $ref (@{ $rspec->{'link'} }) { my $linkname = $ref->{'virtual_id'}; + # means nothing to assign; added again below. + delete($ref->{'component_manager'}); + # Skip tunnels until rspec stitching in place. next if (exists($ref->{'link_type'}) && @@ -156,21 +186,6 @@ sub MapResources($$$$) } } - # - # Get the resource objects. - # - foreach my $cm (keys(%cm_urns)) { - my $resource = GeniResource->Lookup($experiment->idx(), $cm); - if (!defined($resource)) { - $resource = GeniResource->Create($experiment, $cm); - if (!defined($resource)) { - print STDERR "Could not create GeniResource for $cm\n"; - return -1; - } - } - $cm_urns{$cm} = $resource; - } - # # Discover resources at the component and run assign. # @@ -179,6 +194,14 @@ sub MapResources($$$$) my $fragment = $fragments{$cm}; my $advertisement; + # + # We got the ticket on a previous loop. + # + if ($resource->HaveTicket()) { + print STDERR "Already have a ticket for $resource; skipping ...\n"; + next; + } + print STDERR "Asking for resource list from $resource\n"; if ($resource->Discover($user, \$advertisement)) { print STDERR "Could not get resource list for $resource\n"; @@ -316,6 +339,7 @@ sub GetTickets($$$$) { my ($experiment, $verbose, $user, $rspec) = @_; my %cm_urns = (); + my %nodemap = (); Register($experiment, $user) == 0 or return -1; @@ -331,33 +355,39 @@ sub GetTickets($$$$) $ref->{'node_type'}->{'type_name'} eq "lan") { next; } + my $virtual_id = $ref->{'virtual_id'}; my $node_urn = $ref->{'component_urn'}; my ($auth,$type,$node_id) = GeniHRN::Parse($node_urn); my $cm = GeniHRN::Generate($auth, "authority", "cm"); - $cm_urns{$cm} = $cm; - # - # This is how we get the client side to do cooked mode properly. + # Get the resource objects for below. # - $ref->{'tarfiles'} = "/usr/local/etc/emulab ". - "$TBDOCBASE/downloads/geniclient.tar"; - } - - # - # Get the resource objects. - # - foreach my $cm (keys(%cm_urns)) { - my $resource = GeniResource->Lookup($experiment->idx(), $cm); - if (!defined($resource)) { - $resource = GeniResource->Create($experiment, $cm); + if (!exists($cm_urns{$cm})) { + my $resource = GeniResource->Lookup($experiment->idx(), $cm); if (!defined($resource)) { - print STDERR "Could not create GeniResource for $cm\n"; + print STDERR "Could not get GeniResource for $cm\n"; return -1; } + $nodemap{$virtual_id} = $resource; + + # + # We got the ticket on a previous loop. + # + next + if ($resource->HaveTicket()); + + $cm_urns{$cm} = $resource; } - $cm_urns{$cm} = $resource; + # + # This is how we get the client side to do cooked mode properly. + # + $ref->{'tarfiles'} = "/usr/local/etc/emulab ". + "$TBDOCBASE/downloads/geniclient.tar"; } + # No tickets needed, return now. + return 0 + if (! scalar(keys(%cm_urns))); # # XXX Convert to a proper XML looking thing. This is just a temporay @@ -390,6 +420,9 @@ sub GetTickets($$$$) $resource->last_rpc_value()) { print STDERR $resource->last_rpc_value() . "\n"; } + # Return indicator of possible forward progress. + return 1 + if ($resource->last_rpc_output() =~ /Could not map to/i); return -1; } return 0; @@ -409,8 +442,9 @@ sub GetTickets($$$$) # # Check the exit codes. Eventually return specific error info. # - my $errors = 0; - my $count = 0; + my $errors = 0; + my $count = 0; + my $progress = 0; foreach my $result (@results) { my $resource = $resources[$count]; @@ -425,11 +459,41 @@ sub GetTickets($$$$) elsif ($result != 0) { print STDERR "*** Error getting ticket for $resource\n"; $errors++; + + # Watch for forward progress. Not being able to map actually + # means forward progress since we want to try again with + # different resources. The mapper will try a few times before + $progress++ + if ($result > 1); + } + else { + $progress++; + + # + # Got a ticket; mark the proxy nodes so that libvtop knows. + # Failure to get a ticket means we need to release the node + # up in libvtop. Probably need a state variable instead. + # + foreach my $virtual_id (keys(%nodemap)) { + next + if (!$resource->SameResource($nodemap{$virtual_id})); + + my $node = $experiment->VnameToNode($virtual_id); + if (defined($node)) { + $node->ModifyReservation({"external_resource_index" => + $resource->idx()}) + == 0 or return -1; + } + } } $count++; } + return 0 + if (!$errors); + print STDERR Dumper($rspec) if ($errors); - return $errors; + # Return indication of forward progress so caller knows to to stop. + return ($progress ? 1 : -1); } # diff --git a/db/libdb.pm.in b/db/libdb.pm.in index 2d8bc392f369a64436f4d7030177d225ad3e97a2..7d1b33dd139ae9595914755bd13215e8caf53059 100644 --- a/db/libdb.pm.in +++ b/db/libdb.pm.in @@ -136,6 +136,7 @@ use vars qw(@ISA @EXPORT); TBDB_STATS_FLAGS_IDLESWAP TBDB_STATS_FLAGS_PREMODIFY TBDB_STATS_FLAGS_START TBDB_STATS_FLAGS_PRESWAPIN TBDB_STATS_FLAGS_MODHOSED TBDB_STATS_SWAPUPDATE + TBDB_STATS_FLAGS_MODSWAPOUT TBDB_JAILIPBASE TBDB_JAILIPMASK @@ -580,6 +581,7 @@ sub TBDB_STATS_FLAGS_START() { 0x04; } sub TBDB_STATS_FLAGS_PRESWAPIN(){ 0x08; } sub TBDB_STATS_FLAGS_BATCHCTRL(){ 0x10; } sub TBDB_STATS_FLAGS_MODHOSED() { 0x20; } +sub TBDB_STATS_FLAGS_MODSWAPOUT() { 0x40; } # Do not export these variables! my $TBDB_STATS_STARTCLOCK; my $TBDB_STATS_SAVEDSWAPUID; diff --git a/event/lib/event.c b/event/lib/event.c index f888c481480b5b99bd9b391aa06262a67542b917..af92f81663c07cfb70e09c0286b5909917e18809 100644 --- a/event/lib/event.c +++ b/event/lib/event.c @@ -1608,7 +1608,7 @@ event_notification_insert_hmac(event_handle_t handle, HMAC_Final(&ctx, mac, &len); HMAC_cleanup(&ctx); - if (1) { + if (0) { unsigned char *up; INFO("event_notification_insert_hmac: "); @@ -1737,7 +1737,7 @@ event_notification_check_hmac(event_handle_t handle, assert(srclen <= EVP_MAX_MD_SIZE); memcpy(srcmac, pmac, srclen); - if (1) { + if (0) { unsigned char *up; INFO("event_notification_check_hmac __hmac__: "); @@ -1813,7 +1813,7 @@ event_notification_check_hmac(event_handle_t handle, HMAC_Final(&ctx, mac, &len); HMAC_cleanup(&ctx); - if (1) { + if (0) { unsigned char *up; INFO("event_notification_check_hmac (elvin): "); @@ -1847,7 +1847,7 @@ event_notification_check_hmac(event_handle_t handle, HMAC_Final(&ctx, mac, &len); HMAC_cleanup(&ctx); - if (1) { + if (0) { unsigned char *up; INFO("event_notification_check_hmac plain: "); diff --git a/install/updates/5/7 b/install/updates/5/7 new file mode 100644 index 0000000000000000000000000000000000000000..3a9b04366de3ad74ed86bb2b92d8d78f49fdfc91 --- /dev/null +++ b/install/updates/5/7 @@ -0,0 +1,53 @@ +# +# Note that all actions *MUST* be idempotent; if this script is run +# again, it should always do the right thing, not break if something +# was already done. See boss-install for lots of example of how to use +# libinstall to help with this. +# +use strict; +use libinstall; + +my $APACHECONF = "/usr/local/etc/apache/httpd.conf"; + +sub InstallUpdate($$) +{ + my ($version, $phase) = @_; + + # + # If something should run in the pre-install phase. + # + if ($phase eq "pre") { + } + + # + # If something should run in the post-install phase. + # + if ($phase eq "post") { + if ($PGENISUPPORT) { + Phase "httpd.conf", "Updating apache config file", sub { + # + # This might be a rare case. + # + DoneIfIdentical("$TOP_OBJDIR/apache/httpd.conf", $APACHECONF); + + # + # Check to see if SSLVerifyClient has been set to optional + # + PhaseSkip("Already updated") + if `grep ' protogeni-wrapper.pl\$' $APACHECONF`; + + BackUpFileFatal($APACHECONF); + # For impotent mode. + DiffFiles("$TOP_OBJDIR/apache/httpd.conf", $APACHECONF); + ExecQuietFatal("$GMAKE -C $TOP_OBJDIR/apache install"); + }; + Phase "httpd", "Restarting apache", sub { + DoneIfDoesntExist("$VARRUN/httpd.pid"); + ExecQuietFatal("$RCDIR/apache.sh restart"); + }; + } + } + + return 0; +} +1; diff --git a/mfs/linux_mfs/Makefile b/mfs/linux_mfs/Makefile index 36cb1094ef04788d1a04e446172af2853baa65e6..aed47c1ec0195588da46fb13bce2b37c27760d58 100644 --- a/mfs/linux_mfs/Makefile +++ b/mfs/linux_mfs/Makefile @@ -13,7 +13,8 @@ INITRAMFS = $(BOOT_PATH)/initramfs.gz #FAKEROOT_BIN = $(STAGING_DIR)/usr/bin/fakeroot FAKEROOT_BIN = fakeroot -MODULES := busybox zlib linux dropbear testbed hdparm target_template sudo e2fsprogs openssl wget perl portmap file ethtool +MODULES := busybox zlib linux dropbear testbed hdparm target_template sudo \ + e2fsprogs openssl wget perl portmap file ethtool ncurses jove tcsh #MODULES := busybox zlib linux dropbear testbed hdparm target_template sudo e2fsprogs openssl wget portmap file INSTALL_MODULES := $(addsuffix -install,$(MODULES)) EXTRACT_MODULES := $(addsuffix -extract,$(MODULES) toolchain) @@ -38,10 +39,14 @@ clean: rm -rf $(TARGET_BUILD_PATH) rm -rf $(BOOT_PATH) -toolchain: - $(MAKE) -C $(SOURCE_PATH)/$@ all +toolchain: $(BUILDROOT_PATH)/toolchain-built + +$(BUILDROOT_PATH)/toolchain-built: + $(MAKE) -C $(SOURCE_PATH)/toolchain all $(MAKE) -C $(SOURCE_PATH)/zlib install-sysroot $(MAKE) -C $(SOURCE_PATH)/openssl install + $(MAKE) -C $(SOURCE_PATH)/ncurses install + touch $(BUILDROOT_PATH)/toolchain-built $(MODULES): toolchain $(MAKE) -C $(SOURCE_PATH)/$@ all @@ -70,18 +75,6 @@ uclibc-install: $(TARGET_PATH)/lib/libc.so.0 $(FAKEROOT_ENVIRONMENT): touch $@ -devices: $(FAKEROOT_ENVIRONMENT) - rm -rf $(TARGET_PATH)/dev - $(FAKEROOT_BIN) -s $(FAKEROOT_ENVIRONMENT) \ - -i $(FAKEROOT_ENVIRONMENT) \ - $(SCRIPTS_PATH)/makedevs.sh \ - $(SCRIPTS_PATH)/devices $(TARGET_PATH) - -permissions: $(FAKEROOT_ENVIRONMENT) devices install - $(FAKEROOT_BIN) -s $(FAKEROOT_ENVIRONMENT) \ - -i $(FAKEROOT_ENVIRONMENT) \ - $(SCRIPTS_PATH)/fixperms.sh $(TARGET_PATH) - initramfs: install rm -rf $(INITRAMFS_PATH) cp -dpR $(TARGET_PATH) $(INITRAMFS_PATH) @@ -94,6 +87,9 @@ initramfs: install $(FAKEROOT_BIN) -s $(FAKEROOT_ENVIRONMENT) \ -i $(FAKEROOT_ENVIRONMENT) \ $(SCRIPTS_PATH)/fixperms.sh $(INITRAMFS_PATH) + $(FAKEROOT_BIN) -s $(FAKEROOT_ENVIRONMENT) \ + -i $(FAKEROOT_ENVIRONMENT) \ + $(SCRIPTS_PATH)/misc_fixup.sh $(TARGET_PATH) $(FAKEROOT_BIN) -i $(FAKEROOT_ENVIRONMENT) \ $(SCRIPTS_PATH)/gen_initramfs.sh $(INITRAMFS_PATH) $(INITRAMFS) rm -f $(FAKEROOT_ENVIRONMENT) diff --git a/mfs/linux_mfs/scripts/misc_fixup.sh b/mfs/linux_mfs/scripts/misc_fixup.sh new file mode 100755 index 0000000000000000000000000000000000000000..45d9e6a41457e374f3ada6cfebe2aa7d6a81161a --- /dev/null +++ b/mfs/linux_mfs/scripts/misc_fixup.sh @@ -0,0 +1,13 @@ +#! /bin/sh + +target_dir="$1" + +if [ -z "$target_dir" ] || ! [ -d "$target_dir" ]; then + echo "${0##*/}: invalid target directory \"$target_dir\"" + exit 1 +fi + +if ! [ -f "$target_dir/bin/tcsh" ]; then + ln -sf /bin/tcsh.fake "$target_dir/bin/tcsh" + ln -sf /bin/tcsh.fake "$target_dir/bin/csh" +fi diff --git a/mfs/linux_mfs/source/e2fsprogs/Makefile b/mfs/linux_mfs/source/e2fsprogs/Makefile index dda6dcbebff2c1d9eb5351ab70ba581417684ebc..4329f99af14afb5c38044b1ae7a7fea1627e891a 100644 --- a/mfs/linux_mfs/source/e2fsprogs/Makefile +++ b/mfs/linux_mfs/source/e2fsprogs/Makefile @@ -23,7 +23,7 @@ clean: LIBS := $(addprefix $(TARGET_PATH)/lib/, libext2fs.so libe2p.so libcom_err.so libblkid.so libuuid.so) -install: $(TARGET_PATH)/sbin/mke2fs $(TARGET_PATH)/sbin/tune2fs $(TARGET_PATH)/sbin/e2fsck $(TARGET_PATH)/usr/bin/uuidgen $(LIBS) +install: $(TARGET_PATH)/sbin/mke2fs $(TARGET_PATH)/sbin/tune2fs $(TARGET_PATH)/sbin/e2fsck $(TARGET_PATH)/usr/bin/uuidgen $(TARGET_PATH)/usr/sbin/resize2fs $(LIBS) $(E2FSPROGS_PATH)/.extract-stamp: mkdir -p $(TARGET_BUILD_PATH) @@ -60,7 +60,7 @@ $(E2FSPROGS_PATH)/.config-stamp: $(E2FSPROGS_PATH)/.patch-stamp --infodir=/usr/share/info \ --disable-debugfs --disable-imager \ --disable-tls \ - --disable-resizer --enable-fsck \ + --enable-fsck \ --disable-e2initrd-helper \ --enable-elf-shlibs \ --without-catgets \ @@ -91,6 +91,11 @@ $(E2FSPROGS_PATH)/misc/uuidgen: $(E2FSPROGS_PATH)/.config-stamp $(TARGET_CONFIGURE_OPTS) LD=$(MFS_ARCH)-linux-uclibc-gcc touch $@ +$(E2FSPROGS_PATH)/resize/resize2fs: $(E2FSPROGS_PATH)/.config-stamp + LDFLAGS="-rpath ../lib" PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) -C $(E2FSPROGS_PATH) \ + $(TARGET_CONFIGURE_OPTS) LD=$(MFS_ARCH)-linux-uclibc-gcc + touch $@ + $(E2FSPROGS_PATH)/lib/%.so: $(E2FSPROGS_PATH)/.config-stamp LDFLAGS="-rpath ../lib" PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) -C $(E2FSPROGS_PATH) \ $(TARGET_CONFIGURE_OPTS) LD=$(MFS_ARCH)-linux-uclibc-gcc @@ -119,6 +124,13 @@ $(TARGET_PATH)/sbin/e2fsck: $(E2FSPROGS_PATH)/e2fsck/e2fsck ln -sf $(notdir $@) $(dir $@)/fsck.ext3 touch -c $@ +$(TARGET_PATH)/usr/sbin/resize2fs: $(E2FSPROGS_PATH)/resize/resize2fs + install -d -m 755 $(TARGET_PATH)/sbin + install -m 755 $< \ + $(TARGET_PATH)/usr/sbin/resize2fs + $(STRIPCMD) --strip-unneeded $(TARGET_PATH)/usr/sbin/resize2fs + touch -c $@ + $(TARGET_PATH)/sbin/tune2fs: $(E2FSPROGS_PATH)/misc/tune2fs install -d -m 755 $(TARGET_PATH)/sbin install -m 755 $(E2FSPROGS_PATH)/misc/tune2fs \ diff --git a/mfs/linux_mfs/source/jove/Makefile b/mfs/linux_mfs/source/jove/Makefile new file mode 100644 index 0000000000000000000000000000000000000000..5d27406d5b9083d5695e18e102f0261674876acc --- /dev/null +++ b/mfs/linux_mfs/source/jove/Makefile @@ -0,0 +1,56 @@ +include ../../variables.mk + +JOVE_VERSION = 4.16.0.72 +JOVE_PATH = $(TARGET_BUILD_PATH)/jove$(JOVE_VERSION) + +.PHONY: extract patch config \ + jove install clean all + +all: jove + +extract: $(JOVE_PATH)/.extract-stamp + +patch: $(JOVE_PATH)/.patch-stamp + +config: $(JOVE_PATH)/.config-stamp + +jove: $(JOVE_PATH)/jjove + +install: $(TARGET_PATH)/usr/bin/jove + +clean: + PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) -C $(JOVE_PATH) clean + rm -f $(JOVE_PATH)/.build-stamp $(JOVE_PATH)/.config-stamp + +$(JOVE_PATH)/.extract-stamp: + mkdir -p $(TARGET_BUILD_PATH) + cd $(TARGET_BUILD_PATH); tar xzf $(TARBALL_PATH)/jove-$(JOVE_VERSION).tar.gz + touch $@ + +$(JOVE_PATH)/.patch-stamp: $(JOVE_PATH)/.extract-stamp + $(SCRIPTS_PATH)/patch-kernel.sh $(JOVE_PATH) $(SOURCE_PATH)/jove '*.patch' + touch $@ + +$(JOVE_PATH)/.config-stamp: $(JOVE_PATH)/.patch-stamp + cp $(SOURCE_PATH)/jove/jove.mk $(JOVE_PATH)/Makefile + touch $@ + +#--enable-elf-shlibs --enable-dynamic-e2fsck --disable-swapfs \ + +#--enable-elf-shlibs \ + +$(JOVE_PATH)/jjove: $(JOVE_PATH)/.config-stamp + PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ + CC=$(TARGET_CC) \ + $(MAKE) -C $(JOVE_PATH) \ + $(TARGET_CONFIGURE_OPTS) LD=$(MFS_ARCH)-linux-uclibc-gcc \ + jjove + touch $@ + +$(TARGET_PATH)/usr/bin/jove: $(JOVE_PATH)/jjove + install -d -m 755 $(TARGET_PATH)/usr + install -d -m 755 $(TARGET_PATH)/usr/bin + install -m 755 $< $@ + $(STRIPCMD) --strip-unneeded $@ + touch -c $@ + diff --git a/mfs/linux_mfs/source/jove/jove.mk b/mfs/linux_mfs/source/jove/jove.mk new file mode 100644 index 0000000000000000000000000000000000000000..fc97ed7f92213858c75ff8370c94e75680a30a15 --- /dev/null +++ b/mfs/linux_mfs/source/jove/jove.mk @@ -0,0 +1,673 @@ +########################################################################## +# This program is Copyright (C) 1986-2002 by Jonathan Payne. JOVE is # +# provided by Jonathan and Jovehacks without charge and without # +# warranty. You may copy, modify, and/or distribute JOVE, provided that # +# this notice is included in all the source files and documentation. # +########################################################################## + +# SHELL for this Makefile (csh won't work!) +SHELL = /bin/sh + +# JOVEHOME is the directory in which pieces of JOVE are kept. It is only used +# in the default definitions of SHAREDIR, LIBDIR, BINDIR, and MANDIR. +# SHAREDIR is for online documentation, and the system-wide jove.rc file. +# LIBDIR is for the PORTSRV and RECOVER programs. +# BINDIR is where to put the executables JOVE and TEACHJOVE. +# XEXT is the extension for executables (empty for UNIX; .exe for CYGWIN32) +# MANDIR is where the manual pages go for JOVE, RECOVER and TEACHJOVE. +# MANEXT is the extension for the man pages, e.g., jove.1 or jove.l or jove.m. +# Must not be "nr". +# +# If they don't exist, this makefile will try to create the directories +# LIBDIR and SHAREDIR. All others must already exist. + +JOVEHOME = /usr +SHAREDIR = $(JOVEHOME)/lib/jove +LIBDIR = $(JOVEHOME)/lib/jove +BINDIR = $(JOVEHOME)/bin +XEXT= +MANDIR = $(JOVEHOME)/man/man$(MANEXT) +MANEXT = 1 + +# TMPDIR is where the tmp files get stored, usually /tmp, /var/tmp, or +# /usr/tmp. If you wish to be able to recover buffers after a system +# crash, this needs to be a directory that isn't cleaned out on reboot. +# You would probably want to clean out that directory periodically with +# /etc/cron. +# RECDIR is the directory in which RECOVER looks for JOVE's tempfiles +# (in case the system startup salvages tempfiles by moving them, +# which is probably a good idea). + +TMPDIR = /tmp +RECDIR = /var/preserve + +# DFLTSHELL is the default shell invoked by JOVE and TEACHJOVE. +DFLTSHELL = /bin/sh + +# The install commands of BSD and System V differ in unpleasant ways: +# -c: copy (BSD); -c dir: destination directory (SysV) +# -s: strip (BSD); -s: suppress messages (SysV) +# Also, the destination specification is very different. +# The result is that the System V install command must not be used. +# If you know that /bin/install is the BSD program, you can use it. +# "cp" will work reasonably well, but be aware that any links continue +# referencing the old file with new contents. + +INSTALLFLAGS = # -g bin -o root + +# to install executable files +XINSTALL=cp +#XINSTALL=/usr/ucb/install $(INSTALLFLAGS) -c -m 755 # -s +#CYGWIN32: XINSTALL=install $(INSTALLFLAGS) -c -m 755 + +# to install text files +TINSTALL=cp +#TINSTALL=/usr/ucb/install $(INSTALLFLAGS) -c -m 644 +#CYGWIN32: TINSTALL=install $(INSTALLFLAGS) -c -m 644 + +# These should all just be right if the above ones are. +# You will confuse JOVE if you move anything from LIBDIR or SHAREDIR. + +JOVE = $(BINDIR)/jove$(XEXT) +TEACHJOVE = $(BINDIR)/teachjove$(XEXT) +RECOVER = $(LIBDIR)/recover$(XEXT) +PORTSRV = $(LIBDIR)/portsrv$(XEXT) +JOVERC = $(SHAREDIR)/jove.rc +TERMSDIR = $(SHAREDIR) +CMDS.DOC = $(SHAREDIR)/cmds.doc +TEACH-JOVE = $(SHAREDIR)/teach-jove +JOVEM = $(MANDIR)/jove.$(MANEXT) +TEACHJOVEM = $(MANDIR)/teachjove.$(MANEXT) +XJOVEM = $(MANDIR)/xjove.$(MANEXT) +JOVETOOLM = $(MANDIR)/jovetool.$(MANEXT) + +# SYSDEFS: specify system characteristics. +# The default is -DBSDPOSIX_STDC, which describes a number of modern +# systems (but not Solaris!). If this isn't suitable for your system, +# you will need to change it. You may need to define a new symbol for +# your OS if we haven't created a suitable one. See sysdep.h. +# +# Apple A/UX on macIIs SYSDEFS=-DA_UX +# BSD4.2,4.3 SYSDEFS=-DBSD4 +# BSDI, 386BSD, BSD4.4 SYSDEFS=-DBSDPOSIX +# Consensys V4 SYSDEFS="-DSYSVR4 -DGRANTPT_BUG" +# Cygwin32 see README.c32 +# Compaq Tru64 UNIX V4.0g, 5.1 SYSDEFS=-DSYSVR4 +# DEC OSF R1.3MK SYSDEFS=-DSYSVR4 +# DEC OSF/1 V1.3 SYSDEFS="-DBSDPOSIX -DNO_TIOCREMOTE -DNO_TIOCSIGNAL" +# DEC OSF/1 V2.0 and later SYSDEFS=-DSYSVR4 +# DEC Ultrix 4.2 SYSDEFS=-DBSDPOSIX +# DEC Ultrix 4.3 SYSDEFS="-DBSDPOSIX -DJVDISABLE=255" +# Digital UNIX V4.0 and later SYSDEFS="-DSYSVR4 -DGRANTPT_BUG" +# DG AViiON 5.3R4 SYSDEFS="-DSYSVR4 -DBSD_SIGS" +# FreeBSD 4.2 SYSDEFS="-DBSDPOSIX -DUSE_OPENPTY -DHAVE_LIBUTIL_H" EXTRALIBS=-lutil +# HP/UX 8 or 9 SYSDEFS="-DHPUX -Ac" +# HP/UX 11 (-Ac redundant) SYSDEFS=-DHPUX +# IBM AIX 3.2 SYSDEFS=-DAIX3_2 +# IBM AIX 4.2, 5.2 SYSDEFS="-DAIX4_2" TERMCAPLIB="-lcurses -ls" +# Irix 3.3-4.0.5 SYSDEFS="-DIRIX -DIRIX4" +# Irix 5.0 onwards SYSDEFS="-DIRIX -prototypes" +# LINUX (older, eg. RedHat 4, 5) SYSDEFS=-DBSDPOSIX +# LINUX (with UNIX98 PTYS) SYSDEFS="-DSYSVR4 -D_XOPEN_SOURCE=500" +# some need TERMCAPLIB=-lcurses or TERMCAPLIB=-lncurses +# MIPS RiscOS4.x SYSDEFS="-systype bsd43 -DBSD4" +# NetBSD 1.5 SYSDEFS="-DBSDPOSIX -DUSE_OPENPTY" EXTRALIBS=-lutil +# OpenBSD 2.x SYSDEFS="-DBSDPOSIX -DUSE_OPENPTY" EXTRALIBS=-lutil +# SCO Unix SYSDEFS=-DSCO +# SunOS3.x SYSDEFS=-DSUNOS3 +# SunOS4.0* SYSDEFS=-DSUNOS40 +# SunOS4.1* SYSDEFS=-DSUNOS41 +# SunOS5.0 (Solaris 2.0) SYSDEFS="-DSYSVR4 -DGRANTPT_BUG" +# SunOS5.[12345678] (Solaris) SYSDEFS=-DSYSVR4 +# Sys III, Sys V R 2,3 SYSDEFS=-DSYSV PORTSRVINST='$(PORTSRV)' +# Sys V Release 4.0 SYSDEFS="-DSYSVR4 -DGRANTPT_BUG" +# Sys V Release 4.x SYSDEFS=-DSYSVR4 +# +# Some systems based on System V release 4 have a bug affecting interactive +# processes. This bug can be worked around by defining GRANTPT_BUG. +# Read the explanation of GRANTPT_BUG in sysdep.doc. +# +# Some of the MIPS based Ultrix (up to 4.2 at least), RiscOS and Irix (up to +# 3.3 at least) also need -DMIPS_CC_BUG. +# +# Some old versions of the HPUX C compiler have a bug in handling forward +# struct tag declarations. Using the -Ac flag in place of -Ae will avoid +# this problem (and reduce the compiler's error checking, unfortunately). +# +# Add -DUSE_EXIT if you're profiling or using purify (this causes Jove +# to exit using exit(), instead of _exit()). + +SYSDEFS = -DBSDPOSIX_STDC + +# Select optimization level (flags passed to compiling and linking steps). +# On most systems: -g for debugging, -O for optimization. +# On the official Sun ANSI C compiler and the standard System V Release 4 +# compiler, adding -Xa -v will increase compiler checking. +# On DEC OSF/1 and Digital UNIX VV4.0, add -std1 to enable ANSI C features +# and perhaps -g3 for more debugging info with optimization. + +OPTFLAGS = -O + +# For making dependencies under BSD systems +DEPENDFLAG = -M +# or, using the official Sun ANSI C compiler +# DEPENDFLAG = -xM + +# Flags for Library to provide termcap functions. +# Some systems have dropped termcap: use -lcurses (fatter!) or -lncurses +# Cygwin32: TERMCAPLIB = -L/usr/local/lib -lcurses +# SysV Rel. 2: TERMCAPLIB = -lcurses +# SCO UNIX: TERMCAPLIB = -lcurses +# AIX on the R6000s: TERMCAPLIB = -lcurses -ltermcap -ls + +TERMCAPLIB = -lncurses + +# Extra libraries flags needed by oddball systems. +# Modern BSD systems using openpty need its library. +# 4.1BSD: EXTRALIBS = -ljobs +# FreeBSD 4.2: EXTRALIBS = -lutil +# FreeBSD 4.2, NetBSD 1.5, OpenBSD 2.x: EXTRALIBS = -lutil + +EXTRALIBS = + +# Flags of linker (LDFLAGS) +# Most systems do not need any flags. +# Known exceptions: +# SysV Rel. 2: LDFLAGS = -Ml +# SCO Xenix: LDFLAGS = -Ml -F 3000 +# AIX Unix: LDFLAGS = -bloadmap:$@.map # only if loadmap +# +# To optimize the use of the address spaces, add to the LDFLAGS: +# PDP-11 with separate I&D: -i +# PDP-11 without separate I&D: -n + +LDFLAGS = + +# for SCO Xenix, set +# MEMFLAGS = -Mle +# CFLAGS = -LARGE -O -F 3000 -K -Mle (say -Mle2 for an 80286) + +CFLAGS = $(OPTFLAGS) $(SYSDEFS) + +# For SYSVR4 (/usr/ucb/cc will NOT work because of setjmp.h): +# CC = /usr/bin/cc +# To use the SunPro compiler under SunOS 4.n: +# CC = acc +# To use the official Sun compiler under Solaris 2.n: +# CC = /opt/SUNWspro/bin/cc +# For DG AViiON, expect compile errors unless you use the GNU C compiler: +# CC=gcc + +# Load invocation of cc. +# to use Purify(TM): LDCC = purify $(CC) + +LDCC = $(CC) + +# For cross compiling Jove, set CC to the cross compiler, and LOCALCC +# to the local C compiler. LOCALCC will be used for compiling setmaps, +# which is run as part of the compilation to generate the keymaps. +# Set LOCALCFLAGS and LOCALLDFLAGS appropriately too. For Xenix, note +# that LOCALCFLAGS must be set to $(MEMFLAGS) + +LOCALCC = $(CC) +LOCALCFLAGS = $(CFLAGS) # $(MEMFLAGS) +LOCALLDFLAGS = $(LDFLAGS) + +# Objects are grouped into overlays for the benefit of (at least) 2.xBSD. + +BASESEG = commands.o keys.o argcount.o ask.o buf.o jctype.o delete.o \ + disp.o insert.o io.o jove.o marks.o misc.o re.o \ + screen.o termcap.o unix.o util.o vars.o list.o keymaps.o \ + mouse.o +OVLAY1 = abbrev.o rec.o paragraph.o fmt.o +OVLAY2 = c.o wind.o fp.o move.o +OVLAY3 = extend.o macros.o +OVLAY4 = iproc.o reapp.o +OVLAY5 = proc.o scandir.o term.o case.o + +OBJECTS = $(BASESEG) $(OVLAY1) $(OVLAY2) $(OVLAY3) $(OVLAY4) $(OVLAY5) + +# These TROFF and TROFFPOST settings work with ditroff. +# For groff: +# TROFF = groff +# TROFFPOST = +NROFF = nroff +TROFF = troff -Tpost +TROFFPOST = | /usr/lib/lp/postscript/dpost - + +MANUALS = $(JOVEM) $(TEACHJOVEM) $(XJOVEM) $(JOVETOOLM) + +C_SRC = commands.c commands.tab abbrev.c argcount.c ask.c buf.c c.c case.c jctype.c \ + delete.c disp.c extend.c fp.c fmt.c insert.c io.c iproc.c \ + jove.c list.c macros.c marks.c misc.c move.c paragraph.c \ + proc.c re.c reapp.c rec.c scandir.c screen.c term.c termcap.c unix.c \ + util.c vars.c vars.tab wind.c msgetch.c mac.c keymaps.c ibmpcdos.c \ + mouse.c win32.c + +SOURCES = $(C_SRC) portsrv.c recover.c setmaps.c teachjove.c + +HEADERS = abbrev.h argcount.h ask.h buf.h c.h case.h chars.h commands.h \ + jctype.h dataobj.h delete.h disp.h extend.h externs.h \ + fmt.h fp.h insert.h io.h iproc.h jove.h \ + keymaps.h list.h mac.h macros.h marks.h \ + misc.h mouse.h move.h paragraph.h proc.h \ + re.h reapp.h rec.h recover.h resource.h scandir.h screen.h \ + select.h sysdep.h sysprocs.h temp.h term.h ttystate.h \ + tune.h util.h vars.h version.h wind.h + +DOCTERMS = doc/jove.rc.sun doc/keychart.sun \ + doc/jove.rc.sun-cmd doc/keychart.sun-cmd \ + doc/jove.rc.vt100 doc/keychart.vt100 \ + doc/jove.rc.wyse doc/keychart.wyse \ + doc/jove.rc.xterm doc/keychart.xterm \ + doc/jove.rc.z29 doc/keychart.z29 \ + doc/jove.rc.3022 doc/keychart.3022 \ + doc/keychart. \ + doc/XTermresource + +DOCS = doc/README doc/teach-jove doc/jove.qref \ + doc/intro.nr doc/cmds.macros.nr doc/cmds.nr doc/contents.nr \ + doc/jove.nr doc/teachjove.nr doc/xjove.nr doc/jovetool.nr \ + doc/jove.rc doc/example.rc $(DOCTERMS) + +MISC = Makefile Makefile.bcc Makefile.msc Makefile.wat Makefile.zor \ + README README.dos README.mac README.w32 README.c32 \ + sysdep.doc tune.doc style.doc jove.spec + +SUPPORT = teachjove.c recover.c setmaps.c portsrv.c keys.txt \ + menumaps.txt mjovers.Hqx jjoveico.uue jjove.rc + +BACKUPS = $(HEADERS) $(C_SRC) $(SUPPORT) $(MISC) + +# all: default target. +# Builds everything that "install" needs. +all: jjove$(XEXT) recover$(XEXT) teachjove$(XEXT) portsrv$(XEXT) \ + doc/cmds.doc doc/jove.$(MANEXT) doc/teachjove.$(MANEXT) \ + doc/jovetool.$(MANEXT) + +jjove$(XEXT): $(OBJECTS) + $(LDCC) $(LDFLAGS) $(OPTFLAGS) -o jjove$(XEXT) $(OBJECTS) $(TERMCAPLIB) $(EXTRALIBS) + @-size jjove$(XEXT) + +# For 2.xBSD: link jove as a set of overlays. Not tested recently. + +ovjove: $(OBJECTS) + ld $(LDFLAGS) $(OPTFLAGS) -X /lib/crt0.o \ + -Z $(OVLAY1) \ + -Z $(OVLAY2) \ + -Z $(OVLAY3) \ + -Z $(OVLAY4) \ + -Z $(OVLAY5) \ + -Y $(BASESEG) \ + -o jjove$(XEXT) $(TERMCAPLIB) $(EXTRALIBS) -lc + @-size jjove$(XEXT) + +# portsrv is only needed if IPROCS are implemented using PIPEPROCS +# (modern systems use PTYPROCS). +# Making PORTSRVINST null supresses building and installing portsrv. + +# PORTSRVINST=$(PORTSRV) +PORTSRVINST= + +portsrv$(XEXT): portsrv.o + $(LDCC) $(LDFLAGS) $(OPTFLAGS) -o portsrv$(XEXT) portsrv.o $(EXTRALIBS) + +recover$(XEXT): recover.o + $(LDCC) $(LDFLAGS) $(OPTFLAGS) -o recover$(XEXT) recover.o $(EXTRALIBS) + +teachjove$(XEXT): teachjove.o + $(LDCC) $(LDFLAGS) $(OPTFLAGS) -o teachjove$(XEXT) teachjove.o $(EXTRALIBS) + +# don't optimize setmaps.c because it produces bad code in some places +# for some reason + +setmaps: setmaps.o + $(LOCALCC) $(LOCALLDFLAGS) -o setmaps setmaps.o + +setmaps.o: setmaps.c + $(LOCALCC) $(LOCALCFLAGS) -c setmaps.c + +keys.c: setmaps keys.txt + ./setmaps < keys.txt > keys.c + +keys.o: keys.c tune.h sysdep.h jove.h keymaps.h dataobj.h commands.h + +paths.h: Makefile + @echo "/* Changes should be made in Makefile, not to this file! */" > paths.h + @echo "" >> paths.h + @echo \#define TMPDIR \"$(TMPDIR)\" >> paths.h + @echo \#define RECDIR \"$(RECDIR)\" >> paths.h + @echo \#define LIBDIR \"$(LIBDIR)\" >> paths.h + @echo \#define SHAREDIR \"$(SHAREDIR)\" >> paths.h + @echo \#define DFLTSHELL \"$(DFLTSHELL)\" >> paths.h + +makexjove: + ( cd xjove ; make CC="$(CC)" OPTFLAGS="$(OPTFLAGS)" SYSDEFS="$(SYSDEFS)" $(TOOLMAKEEXTRAS) xjove ) + +installxjove: + ( cd xjove ; make CC="$(CC)" OPTFLAGS="$(OPTFLAGS)" SYSDEFS="$(SYSDEFS)" XINSTALL="$(XINSTALL)" BINDIR="$(BINDIR)" INSTALLFLAGS="$(INSTALLFLAGS)" $(TOOLMAKEEXTRAS) installxjove ) + +makejovetool: + ( cd xjove ; make CC="$(CC)" OPTFLAGS="$(OPTFLAGS)" SYSDEFS="$(SYSDEFS)" DEFINES=-DSUNVIEW $(TOOLMAKEEXTRAS) jovetool ) + +installjovetool: + ( cd xjove ; make CC="$(CC)" OPTFLAGS="$(OPTFLAGS)" SYSDEFS="$(SYSDEFS)" DEFINES=-DSUNVIEW XINSTALL="$(XINSTALL)" BINDIR="$(BINDIR)" INSTALLFLAGS="$(INSTALLFLAGS)" $(TOOLMAKEEXTRAS) installjovetool ) + +# Note: everything needed by "install" should be built by "all". +# Thus, if "all" is done first, "install" can be invoked with +# JOVEHOME pointing at a playpen where files are to be marshalled. +# This property is fragile. +install: $(LIBDIR) $(SHAREDIR) \ + $(TEACH-JOVE) $(CMDS.DOC) $(TERMSDIR)docs \ + $(PORTSRVINST) $(RECOVER) $(JOVE) $(TEACHJOVE) $(MANUALS) + $(TINSTALL) doc/jove.rc $(JOVERC) + @echo See the README about changes to /etc/rc or /etc/rc.local + @echo so that the system recovers jove files on reboot after a crash + +$(LIBDIR):: + test -d $(LIBDIR) || mkdir -p $(LIBDIR) + +$(SHAREDIR):: + test -d $(SHAREDIR) || mkdir -p $(SHAREDIR) + +$(TEACH-JOVE): doc/teach-jove + $(TINSTALL) doc/teach-jove $(TEACH-JOVE) + +doc/cmds.doc: doc/cmds.macros.nr doc/cmds.nr + $(NROFF) doc/cmds.macros.nr doc/cmds.nr > doc/cmds.doc + +doc/jove.man: doc/intro.nr doc/cmds.nr + ( cd doc; tbl intro.nr | $(NROFF) -ms - cmds.nr >jove.man ) + +doc/jove.man.ps: + ( cd doc; tbl intro.nr | $(TROFF) -ms - cmds.nr contents.nr $(TROFFPOST) >jove.man.ps ) + +$(CMDS.DOC): doc/cmds.doc + $(TINSTALL) doc/cmds.doc $(CMDS.DOC) + +$(JOVERC): doc/jove.rc + $(TINSTALL) doc/jove.rc $(JOVERC) + +$(TERMSDIR)docs: $(DOCTERMS) + $(TINSTALL) $(DOCTERMS) $(TERMSDIR) + +$(PORTSRV): portsrv$(XEXT) + $(XINSTALL) portsrv$(XEXT) $(PORTSRV) + +$(RECOVER): recover$(XEXT) + $(XINSTALL) recover$(XEXT) $(RECOVER) + +$(JOVE): jjove$(XEXT) + $(XINSTALL) jjove$(XEXT) $(JOVE) + +$(TEACHJOVE): teachjove$(XEXT) + $(XINSTALL) teachjove$(XEXT) $(TEACHJOVE) + +doc/jove.$(MANEXT): doc/jove.nr + sed -e 's;;$(TMPDIR);' \ + -e 's;;$(LIBDIR);' \ + -e 's;;$(SHAREDIR);' \ + -e 's;;$(DFLTSHELL);' doc/jove.nr > doc/jove.$(MANEXT) + +$(JOVEM): doc/jove.$(MANEXT) + $(TINSTALL) doc/jove.$(MANEXT) $(JOVEM) + +# doc/jove.doc is the formatted manpage (only needed by DOS) +# Building it should be like building $(JOVEM) except that we +# don't know what to substitue for etc. because they +# are not fixed yet, and because we must do the formatting. + +doc/jove.doc: doc/jove.nr + $(NROFF) -man doc/jove.nr >doc/jove.doc + +doc/teachjove.$(MANEXT): doc/teachjove.nr + sed -e 's;;$(TMPDIR);' \ + -e 's;;$(LIBDIR);' \ + -e 's;;$(SHAREDIR);' \ + -e 's;;$(DFLTSHELL);' doc/teachjove.nr > doc/teachjove.$(MANEXT) + +$(TEACHJOVEM): doc/teachjove.$(MANEXT) + $(TINSTALL) doc/teachjove.$(MANEXT) $(TEACHJOVEM) + +$(XJOVEM): doc/xjove.nr + $(TINSTALL) doc/xjove.nr $(XJOVEM) + +doc/jovetool.$(MANEXT): doc/jovetool.nr + sed -e 's;;$(MANDIR);' \ + -e 's;;$(MANEXT);' doc/jovetool.nr > doc/jovetool.$(MANEXT) + +$(JOVETOOLM): doc/jovetool.$(MANEXT) + $(TINSTALL) doc/jovetool.$(MANEXT) $(JOVETOOLM) + +echo: + @echo $(C-FILES) $(HEADERS) + +# note: $(C_SRC) contains commands.tab and vars.tab +# These should not be linted, but they will probably be ignored. + +lint: keys.c + lint $(SYSDEFS) $(C_SRC) keys.c + lint $(SYSDEFS) portsrv.c + lint $(SYSDEFS) recover.c + lint $(SYSDEFS) setmaps.c + lint $(SYSDEFS) teachjove.c + @echo Done + +# CTAGSFLAGS = -N --format=1 # fishy options required for Exuberant Ctags +# since this is inconvenient to specify, you can use target extags instead. +CTAGSFLAGS = -w + +tags: $(C_SRC) $(HEADERS) + ctags $(CTAGSFLAGS) $(C_SRC) $(HEADERS) + +extags: $(C_SRC) $(HEADERS) + ctags -N --format=1 $(C_SRC) $(HEADERS) + + +# .filelist is a trick to get around a make limit: +# the list of files is too long to fit in a command generated by make +# The actual contents of the file depend only on Makefile, but by +# adding extra dependencies, dependants of .filelist can have shorter +# dependency lists. Note: since we have no list of xjove files, +# we alway force a make of xjove/.filelist. This forces .filelist +# to be rebuilt every time it is needed. + +.filelist: $(BACKUPS) $(DOCS) .xjfilelist + @ls $(BACKUPS) >.filelist + @ls $(DOCS) >>.filelist + @sed -e 's=^=xjove/=' xjove/.filelist >>.filelist + +.xjfilelist: + @( cd xjove ; make .filelist ) + +# override CIFLAGS with something like: +# CIFLAGS="-m'some reason for change' -u4.14.10.n -q" + +ciall: .filelist + ci $(CIFLAGS) `cat .filelist` + +coall: .filelist + co $(BACKUPS) `cat .filelist` + +jove.shar: .filelist + shar .filelist > jove.shar + +backup.Z: .filelist + rm -f backup backup.Z + tar cf backup `cat .filelist` + compress backup + +backup.tgz: .filelist + # GNU tar only: z + tar czf backup.tgz `cat .filelist` + +tape-backup: .filelist + tar cf /dev/rst8 `cat .filelist` + +# Extract version number from version.h +# At same time, check that all copies agree. +.version: version.h jove.spec + sed -n -e '/^#define[ ]*jversion[ ]*"\([0-9.]*\)".*/s//\1/p' version.h >.version || rm -f .version + sed -n -e '/^#define[ ]*jversion_lnum[ ]*\([0-9,]*\).*/s//\1/p' version.h | sed -e 's/,/./g' | diff - .version + sed -n -e '/^%define[ ]*jversion[ ]*\([0-9.]*\).*/s//\1/p' jove.spec | diff - .version + +# Build a distribution: a gzipped tar file with a name "jove.tgz" +# The tar will unpack into a directory with the name jove +# Beware: old files with these names will be blown away. +distrib: .filelist .version + set -u ; set -e ; \ + BN=jove`cat .version` ; \ + rm -rf $$BN $$BN.tgz* ; \ + mkdir $$BN ; \ + tar cf - `cat .filelist` | ( cd $$BN ; tar xf - ) ; \ + tar czf $$BN.tgz $$BN ; \ + rm -rf $$BN ; \ + ls -l $$BN.tgz + +# create a distribution and a separate PGP signature for it +signeddistrib: distrib + pgp -sba jove`cat .version`.tgz + chmod a+r jove`cat .version`.tgz.asc + +# System V sum can be made to match BSD with a -r flag. +# To get this effect, override with SUM = sum -r +SUM = sum + +checksum: .filelist + $(SUM) `cat .filelist` + +# MSDOS isn't a full-fledged development environment. +# Preparing a distribution for MSDOS involves discarding some things +# and pre-building others. All should have \n converted to CR LF +# but zoo doesn't do this. +# From SUPPORT: only setmaps.c and keys.txt [would like teachjove.c, recover.c] +# From MISC: all but Makefile and README.mac +# Preformatted documentation. [would like a joverc] +# tags + +DOSSRC = $(HEADERS) $(C_SRC) setmaps.c keys.txt \ + Makefile.bcc Makefile.msc Makefile.wat Makefile.zor \ + README README.dos README.w32 README.c32 sysdep.doc tune.doc style.doc \ + jjoveico.uue jjove.rc \ + doc/cmds.doc doc/jove.man doc/jove.doc tags + +jovedoss.zoo: $(DOSSRC) jjove.ico + -rm -f jovedoss.zoo + zoo a jovedoss.zoo $(DOSSRC) jjove.ico + +jovedoss.zip: $(DOSSRC) jjove.ico + -rm -f jovedoss.zip + zip -k jovedoss.zip jjove.ico -l $(DOSSRC) + +jjove.ico: jjoveico.uue + uudecode jjoveico.uue + +touch: + touch $(OBJECTS) + +# Note: does not clean jove*: too dangerous +clean: + rm -f a.out core *.o keys.c jjove$(XEXT) portsrv$(XEXT) recover$(XEXT) setmaps \ + teachjove$(XEXT) paths.h \#* *~ make.log *.map jjove.ico \ + doc/cmds.doc doc/jove.man doc/jove.doc doc/jove.man.ps \ + doc/jove.$(MANEXT) doc/teachjove.$(MANEXT) \ + doc/jovetool.$(MANEXT) \ + jjove.pure_* tags ID .filelist .version + +cleanall: clean + ( cd xjove ; make clean ) + +clobber: clean + rm -f *.orig *.rej + ( cd xjove ; make clobber ) + +# This version only works under 4.3BSD +dependbsd: + @echo '"make depend" only works under 4.3BSD' + sed -e '/^# DO NOT DELETE THIS LINE/q' Makefile >Makefile.new + for i in ${SOURCES} ; do \ + $(CC) ${CFLAGS} ${DEPENDFLAG} $$i | \ + awk ' /[/]usr[/]include/ { next } \ + { if ($$1 != prev) \ + { if (rec != "") print rec; rec = $$0; prev = $$1; } \ + else { if (length(rec $$2) > 78) { print rec; rec = $$0; } \ + else rec = rec " " $$2 } } \ + END { print rec } ' >>Makefile.new; \ + done + echo '# DEPENDENCIES MUST END AT END OF FILE' >>Makefile.new + echo '# IF YOU PUT STUFF HERE IT WILL GO AWAY' >>Makefile.new + echo '# see "make depend" above' >>Makefile.new + @echo 'New makefile is in "Makefile.new". Move it to "Makefile".' + +# This version should work with any UNIX +# It records all dependencies, including ones that are #ifdef'ed out. +# It assumes that only jove.h and tune.h include other headers + +depend: + @sed -e '/^# DO NOT DELETE THIS LINE/q' Makefile >Makefile.new + for i in tune.h jove.h ${SOURCES} ; do \ + ( ( echo "$$i:"; sed -n -e 's/^#[ ]*include[ ]*"\([^"]*\)".*/\1/p' $$i ) | \ + sed -e 's/^jove\.h$$/$$(JOVE_H)/' -e 's/^tune\.h$$/$$(TUNE_H)/' \ + -e 's/^jove\.h:$$/JOVE_H = jove.h/' -e 's/^tune\.h:$$/TUNE_H = tune.h/' \ + -e 's/\.c:$$/.o:/' | \ + tr "\012" "\040" ; echo ) | sed -e 's/ $$//' -e '/:$$/d' >>Makefile.new ; \ + done + @echo '# DEPENDENCIES MUST END AT END OF FILE' >>Makefile.new + @echo '# IF YOU PUT STUFF HERE IT WILL GO AWAY' >>Makefile.new + @echo '# see "make depend" above' >>Makefile.new + @if cmp -s Makefile Makefile.new ; \ + then echo '*** Makefile is already up to date' ; \ + else echo '*** New makefile is in "Makefile.new". Move it to "Makefile".' ; \ + fi + +# DO NOT DELETE THIS LINE -- "make depend" uses it +TUNE_H = tune.h sysdep.h +JOVE_H = jove.h $(TUNE_H) buf.h io.h dataobj.h keymaps.h argcount.h util.h externs.h +commands.o: $(JOVE_H) jctype.h extend.h macros.h mouse.h abbrev.h c.h case.h commands.h delete.h disp.h insert.h sysprocs.h iproc.h marks.h misc.h move.h paragraph.h proc.h reapp.h wind.h commands.tab +abbrev.o: $(JOVE_H) fp.h jctype.h abbrev.h ask.h commands.h delete.h insert.h disp.h fmt.h move.h wind.h +argcount.o: $(JOVE_H) jctype.h +ask.o: $(JOVE_H) jctype.h chars.h disp.h fp.h scandir.h screen.h ask.h delete.h insert.h extend.h fmt.h marks.h move.h mac.h +buf.o: $(JOVE_H) jctype.h disp.h ask.h extend.h fmt.h insert.h macros.h marks.h move.h sysprocs.h proc.h wind.h fp.h iproc.h mac.h +c.o: $(JOVE_H) re.h c.h jctype.h disp.h delete.h insert.h fmt.h marks.h misc.h move.h paragraph.h +case.o: $(JOVE_H) disp.h case.h jctype.h marks.h move.h +jctype.o: $(JOVE_H) jctype.h +delete.o: $(JOVE_H) jctype.h disp.h delete.h insert.h marks.h move.h +disp.o: $(JOVE_H) jctype.h chars.h fp.h disp.h ask.h extend.h fmt.h insert.h sysprocs.h iproc.h move.h macros.h screen.h term.h wind.h mac.h +extend.o: $(JOVE_H) fp.h jctype.h chars.h commands.h disp.h re.h ask.h extend.h fmt.h insert.h move.h sysprocs.h proc.h vars.h mac.h +fp.o: $(JOVE_H) fp.h jctype.h disp.h fmt.h mac.h +fmt.o: $(JOVE_H) chars.h fp.h jctype.h disp.h extend.h fmt.h mac.h +insert.o: $(JOVE_H) jctype.h list.h chars.h disp.h abbrev.h ask.h c.h delete.h insert.h fmt.h macros.h marks.h misc.h move.h paragraph.h screen.h sysprocs.h proc.h wind.h re.h +io.o: $(JOVE_H) list.h fp.h jctype.h disp.h ask.h fmt.h insert.h marks.h sysprocs.h proc.h wind.h rec.h mac.h re.h temp.h +iproc.o: $(JOVE_H) re.h jctype.h disp.h fp.h sysprocs.h iproc.h ask.h extend.h fmt.h insert.h marks.h move.h proc.h wind.h select.h ttystate.h +jove.o: $(JOVE_H) fp.h jctype.h chars.h disp.h re.h reapp.h sysprocs.h rec.h ask.h extend.h fmt.h macros.h marks.h mouse.h paths.h proc.h screen.h term.h version.h wind.h iproc.h select.h mac.h +list.o: $(JOVE_H) list.h +macros.o: $(JOVE_H) jctype.h fp.h chars.h disp.h ask.h commands.h macros.h extend.h fmt.h +marks.o: $(JOVE_H) fmt.h marks.h disp.h +misc.o: $(JOVE_H) jctype.h disp.h ask.h c.h delete.h insert.h extend.h fmt.h marks.h misc.h move.h paragraph.h +move.o: $(JOVE_H) re.h chars.h jctype.h disp.h move.h screen.h +paragraph.o: $(JOVE_H) jctype.h disp.h delete.h insert.h fmt.h marks.h misc.h move.h paragraph.h re.h +proc.o: $(JOVE_H) jctype.h fp.h re.h disp.h sysprocs.h ask.h delete.h extend.h fmt.h insert.h iproc.h marks.h misc.h move.h proc.h wind.h +re.o: $(JOVE_H) re.h jctype.h ask.h disp.h fmt.h marks.h +reapp.o: $(JOVE_H) fp.h re.h jctype.h chars.h disp.h ask.h extend.h fmt.h marks.h reapp.h wind.h mac.h +rec.o: $(JOVE_H) fp.h sysprocs.h rec.h fmt.h recover.h +scandir.o: $(JOVE_H) scandir.h +screen.o: $(JOVE_H) fp.h chars.h jctype.h disp.h extend.h fmt.h term.h mac.h screen.h wind.h +term.o: $(JOVE_H) term.h fp.h +termcap.o: $(JOVE_H) term.h disp.h fmt.h fp.h jctype.h screen.h +unix.o: $(JOVE_H) fp.h chars.h term.h ttystate.h util.h +util.o: $(JOVE_H) jctype.h disp.h fp.h ask.h chars.h fmt.h insert.h macros.h marks.h move.h rec.h mac.h +vars.o: $(JOVE_H) extend.h vars.h abbrev.h ask.h c.h jctype.h disp.h insert.h sysprocs.h iproc.h mac.h mouse.h paragraph.h proc.h re.h reapp.h rec.h screen.h term.h ttystate.h wind.h vars.tab +wind.o: $(JOVE_H) chars.h disp.h ask.h extend.h commands.h mac.h reapp.h wind.h screen.h +msgetch.o: $(JOVE_H) chars.h disp.h +mac.o: $(TUNE_H) $(JOVE_H) mac.h ask.h chars.h disp.h extend.h fp.h commands.h fmt.h marks.h misc.h move.h screen.h scandir.h term.h vars.h version.h wind.h +keymaps.o: $(JOVE_H) list.h fp.h jctype.h chars.h disp.h re.h ask.h commands.h macros.h extend.h fmt.h screen.h vars.h sysprocs.h iproc.h +ibmpcdos.o: $(JOVE_H) fp.h chars.h screen.h term.h +mouse.o: $(JOVE_H) disp.h misc.h ask.h chars.h delete.h fmt.h insert.h marks.h move.h wind.h term.h jctype.h mouse.h xjove/mousemsg.h fp.h +win32.o: $(JOVE_H) fp.h chars.h screen.h disp.h +portsrv.o: $(JOVE_H) sysprocs.h iproc.h +recover.o: $(JOVE_H) temp.h sysprocs.h rec.h paths.h recover.h scandir.c jctype.h +setmaps.o: $(JOVE_H) chars.h commands.h vars.h commands.tab vars.tab +teachjove.o: $(TUNE_H) paths.h +# DEPENDENCIES MUST END AT END OF FILE +# IF YOU PUT STUFF HERE IT WILL GO AWAY +# see "make depend" above diff --git a/mfs/linux_mfs/source/jove/jove_getline.patch b/mfs/linux_mfs/source/jove/jove_getline.patch new file mode 100644 index 0000000000000000000000000000000000000000..a3ac7dbf4701d20012894276fbf49b54cebff598 --- /dev/null +++ b/mfs/linux_mfs/source/jove/jove_getline.patch @@ -0,0 +1,96 @@ +diff -ur jove4.16.0.72.orig/insert.c jove4.16.0.72/insert.c +--- jove4.16.0.72.orig/insert.c 2002-03-20 14:49:38.000000000 -0700 ++++ jove4.16.0.72/insert.c 2010-07-21 11:58:51.000000000 -0600 +@@ -504,7 +504,7 @@ + atchar = 0; + } + +- getline(atline->l_dline, genbuf); ++ jove_getline(atline->l_dline, genbuf); + atchar += tchar; + linecopy(genbuf, atchar, save); + atline->l_dline = putline(genbuf); +diff -ur jove4.16.0.72.orig/io.c jove4.16.0.72/io.c +--- jove4.16.0.72.orig/io.c 2010-04-15 23:41:46.000000000 -0600 ++++ jove4.16.0.72/io.c 2010-07-21 11:58:51.000000000 -0600 +@@ -1356,9 +1356,9 @@ + + void + #ifdef USE_PROTOTYPES +-getline proto((daddr addr, register char *buf)) ++jove_getline proto((daddr addr, register char *buf)) + #else +-getline(addr, buf) ++jove_getline(addr, buf) + daddr addr; + register char *buf; + #endif +diff -ur jove4.16.0.72.orig/io.h jove4.16.0.72/io.h +--- jove4.16.0.72.orig/io.h 2002-03-20 14:49:38.000000000 -0700 ++++ jove4.16.0.72/io.h 2010-07-21 11:58:51.000000000 -0600 +@@ -40,7 +40,7 @@ + close_file proto((File *fp)), + d_cache_init proto((void)), + file_write proto((char *fname, bool app)), +- getline proto((daddr addr, char *buf)), ++ jove_getline proto((daddr addr, char *buf)), + lsave proto((void)), + putreg proto((File *fp,LinePtr line1,int char1,LinePtr line2,int char2,bool makesure)), + read_file proto((char *file, bool is_insert)), +diff -ur jove4.16.0.72.orig/recover.c jove4.16.0.72/recover.c +--- jove4.16.0.72.orig/recover.c 2010-05-16 19:53:38.000000000 -0600 ++++ jove4.16.0.72/recover.c 2010-07-21 11:58:51.000000000 -0600 +@@ -166,7 +166,7 @@ + private char *getblock proto((daddr atl)); + + void +-getline(tl, buf) ++jove_getline(tl, buf) + daddr tl; + char *buf; + { +@@ -597,7 +597,7 @@ + Nchars = Nlines = 0L; + while (--nlines >= 0) { + addr = getaddr(ptrs_fp); +- getline(addr, buf); ++ jove_getline(addr, buf); + Nlines += 1; + Nchars += 1 + strlen(buf); + fputs(buf, out); +diff -ur jove4.16.0.72.orig/temp.h jove4.16.0.72/temp.h +--- jove4.16.0.72.orig/temp.h 2002-03-20 14:49:39.000000000 -0700 ++++ jove4.16.0.72/temp.h 2010-07-21 11:58:51.000000000 -0600 +@@ -12,7 +12,7 @@ + * Yank and Kill are really easy; basically all we do is make copies + * of the disk addresses of the lines (as opposed to the contents). + * So, putline(char *buf) writes buf to the disk and returns a new +- * disk address. getline(daddr addr, char *buf) is the opposite of ++ * disk address. jove_getline(daddr addr, char *buf) is the opposite of + * putline(). f_getputl(LinePtr line, File fp) reads from open fp + * directly into the tmp file (into the buffer cache (see below)) + * and stores the address in line. This is used during read_file to +diff -ur jove4.16.0.72.orig/util.c jove4.16.0.72/util.c +--- jove4.16.0.72.orig/util.c 2004-02-01 12:38:29.000000000 -0700 ++++ jove4.16.0.72/util.c 2010-07-21 11:58:51.000000000 -0600 +@@ -280,7 +280,7 @@ + strcpy(buf, linebuf); + Jr_Len = strlen(linebuf); + } else +- getline(line->l_dline, buf); ++ jove_getline(line->l_dline, buf); + return buf; + } + +diff -ur jove4.16.0.72.orig/util.h jove4.16.0.72/util.h +--- jove4.16.0.72.orig/util.h 2004-02-01 12:38:29.000000000 -0700 ++++ jove4.16.0.72/util.h 2010-07-21 11:58:51.000000000 -0600 +@@ -18,7 +18,7 @@ + #define eobp() (lastp(curline) && eolp()) + #define eolp() (linebuf[curchar] == '\0') + #define firstp(line) ((line) == curbuf->b_first) +-#define getDOT() getline(curline->l_dline, linebuf) ++#define getDOT() jove_getline(curline->l_dline, linebuf) + #define lastp(line) ((line) == curbuf->b_last) + + extern UnivPtr diff --git a/mfs/linux_mfs/source/ncurses/Makefile b/mfs/linux_mfs/source/ncurses/Makefile new file mode 100644 index 0000000000000000000000000000000000000000..bdca099325a6a67b1bce03f67c2f338f7e90a3b9 --- /dev/null +++ b/mfs/linux_mfs/source/ncurses/Makefile @@ -0,0 +1,118 @@ +include ../../variables.mk + +NCURSES_VERSION = 5.7+20100313 +NCURSES_PATH = $(TARGET_BUILD_PATH)/ncurses-$(NCURSES_VERSION) + +.PHONY: extract patch config \ + ncurses install clean all + +all: ncurses + +extract: $(NCURSES_PATH)/.extract-stamp + +patch: $(NCURSES_PATH)/.patch-stamp + +config: $(NCURSES_PATH)/.config-stamp + +ncurses: $(NCURSES_PATH)/lib/libncurses.a + +install: $(STAGING_DIR)/lib/libncurses.a $(TARGET_PATH)/lib/libncurses.so.5.7 + +clean: + PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) -C $(NCURSES_PATH) clean + rm -f $(NCURSES_PATH)/.build-stamp $(NCURSES_PATH)/.config-stamp + +$(NCURSES_PATH)/.extract-stamp: + mkdir -p $(TARGET_BUILD_PATH) + cd $(TARGET_BUILD_PATH); tar xzf $(TARBALL_PATH)/ncurses-$(NCURSES_VERSION).tar.gz + touch $@ + +$(NCURSES_PATH)/.patch-stamp: $(NCURSES_PATH)/.extract-stamp + $(SCRIPTS_PATH)/patch-kernel.sh $(NCURSES_PATH) $(SOURCE_PATH)/ncurses '*.patch' + touch $@ + +$(NCURSES_PATH)/.config-stamp: $(NCURSES_PATH)/.patch-stamp + rm -f $(NCURSES_PATH)/config.cache + (cd $(NCURSES_PATH); \ + CC=$(TARGET_CC) \ + PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ + $(HOST_CONFIGURE_OPTS) \ + ./configure \ + --target=$(MFS_ARCH)-linux-uclibc \ + --host=$(MFS_ARCH)-linux-uclibc \ + --build=$(MFS_ARCH)-linux-gnu \ + --prefix=$(STAGING_DIR) \ + --exec-prefix=/usr \ + --bindir=/usr/bin \ + --libdir=/lib \ + --libexecdir=/usr/lib \ + --sbindir=/usr/sbin \ + --sysconfdir=/etc \ + --datadir=/usr/share \ + --with-shared \ + --without-gpm \ + --without-cxx \ + --without-manpages \ + --without-progs \ + --without-cxx-binding \ + --localstatedir=/var \ + --mandir=/usr/man \ + --infodir=/usr/info \ + ) + touch $@ + +#--enable-elf-shlibs --enable-dynamic-e2fsck --disable-swapfs \ + +#--enable-elf-shlibs \ + +$(NCURSES_PATH)/lib/libncurses.a: $(NCURSES_PATH)/.config-stamp + PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ + CC=$(TARGET_CC) \ + CXX=$(TARGET_CC) \ + $(MAKE) -C $(NCURSES_PATH) \ + $(TARGET_CONFIGURE_OPTS) + +$(TARGET_PATH)/lib/libncurses.so.5.7: $(STAGING_DIR)/lib/libncurses.so.5.7 + mkdir -p $(TARGET_PATH)/usr/share/terminfo + mkdir -p $(TARGET_PATH)/usr/share/terminfo/l + mkdir -p $(TARGET_PATH)/usr/share/terminfo/v + mkdir -p $(TARGET_PATH)/usr/share/terminfo/s + mkdir -p $(TARGET_PATH)/usr/share/terminfo/x + mkdir -p $(TARGET_PATH)/usr/share/tabset + cp -fa $(STAGING_DIR)/usr/share/tabset/* $(TARGET_PATH)/usr/share/tabset + cp -fa $(STAGING_DIR)/usr/share/terminfo/v/vt{100,220} \ + $(TARGET_PATH)/usr/share/terminfo/v + cp -fa $(STAGING_DIR)/usr/share/terminfo/l/linux \ + $(TARGET_PATH)/usr/share/terminfo/l + cp -fa $(STAGING_DIR)/usr/share/terminfo/s/screen* \ + $(TARGET_PATH)/usr/share/terminfo/s + cp -fa $(STAGING_DIR)/usr/share/terminfo/x/xterm \ + $(TARGET_PATH)/usr/share/terminfo/x + mkdir -p $(TARGET_PATH)/lib + cp -fa $(STAGING_DIR)/lib/libncurses*.so* $(TARGET_PATH)/lib + $(STRIPCMD) $@ + touch -c $@ + +$(STAGING_DIR)/lib/libncurses.a: $(NCURSES_PATH)/lib/libncurses.a + $(MAKE) -C $(NCURSES_PATH)/include install + (cd $(NCURSES_PATH)/misc; \ + prefix=$(STAGING_DIR) \ + exec_prefix=/usr \ + bindir=/usr/bin \ + top_srcdir=.. \ + srcdir=. \ + datadir=/usr/share \ + ticdir=$(STAGING_DIR)/usr/share/terminfo \ + source=terminfo.tmp \ + cross_compiling=yes \ + /bin/sh ./run_tic.sh) + mkdir -p $(STAGING_DIR)/usr/share/tabset + (cd $(NCURSES_PATH)/misc/tabset; \ + /bin/sh -c 'for i in * ; do \ + if test -f $$i ; then \ + echo installing $$i; \ + /usr/bin/install -c -m 644 $$i $(STAGING_DIR)/usr/share/tabset/$$i; \ + fi; done' \ + ) + + cp -dp $(NCURSES_PATH)/lib/lib* $(STAGING_DIR)/lib diff --git a/mfs/linux_mfs/source/openssl/Makefile b/mfs/linux_mfs/source/openssl/Makefile index 82be1375cc3f664f8d58b6c7b0fd382c4f8e31c6..72a0bc27d4700d03980bc5574414b9b0251ed732 100644 --- a/mfs/linux_mfs/source/openssl/Makefile +++ b/mfs/linux_mfs/source/openssl/Makefile @@ -3,11 +3,11 @@ include ../../variables.mk .PHONY: extract patch config \ openssl install clean all -OPENSSL_VERSION = 0.9.7m +OPENSSL_VERSION = 0.9.8n OPENSSL_PATH = $(TARGET_BUILD_PATH)/openssl-$(OPENSSL_VERSION) SYSROOT_OPENSSL_SHARED = $(STAGING_DIR)/usr/lib/libcrypto.a -TARGET_OPENSSL_SHARED = $(TARGET_PATH)/usr/lib/libcrypto.so.0.9.7 +TARGET_OPENSSL_SHARED = $(TARGET_PATH)/usr/lib/libcrypto.so.0.9.8 all: openssl @@ -45,10 +45,12 @@ $(OPENSSL_PATH)/.config-stamp: $(OPENSSL_PATH)/.patch-stamp (cd $(OPENSSL_PATH); \ CFLAGS="-DOPENSSL_NO_KRB5 -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 $(TARGET_CFLAGS)" \ PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ - ./Configure linux-$(MFS_ARCH) --prefix=/ \ - --openssldir=/lib/ssl -L$(STAGING_DIR)/lib -ldl \ + MACHINE=i386 \ + ./config 386 --prefix=/usr \ + --openssldir=/usr/lib/ssl -L$(STAGING_DIR)/lib -ldl \ -I$(STAGING_DIR)/usr/include $(OPENSSL_OPTS) threads \ shared no-idea no-mdc2 no-rc5) + PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) CC=$(MFS_ARCH)-linux-uclibc-gcc -C $(OPENSSL_PATH) depend touch $@ $(OPENSSL_PATH)/apps/openssl: $(OPENSSL_PATH)/.config-stamp @@ -64,26 +66,28 @@ $(STAGING_DIR)/usr/lib/libcrypto.a: $(OPENSSL_PATH)/apps/openssl CC=$(TARGET_CC) INSTALL_PREFIX=$(STAGING_DIR)/usr \ -C $(OPENSSL_PATH) install cp -fa $(OPENSSL_PATH)/libcrypto.so* $(STAGING_DIR)/usr/lib/ - chmod a-x $(STAGING_DIR)/usr/lib/libcrypto.so.0.9.7 + chmod a-x $(STAGING_DIR)/usr/lib/libcrypto.so.0.9.8 (cd $(STAGING_DIR)/usr/lib; \ - ln -fs libcrypto.so.0.9.7 libcrypto.so; \ - ln -fs libcrypto.so.0.9.7 libcrypto.so.0; \ + ln -fs libcrypto.so.0.9.8 libcrypto.so; \ + ln -fs libcrypto.so.0.9.8 libcrypto.so.0; \ ) cp -fa $(OPENSSL_PATH)/libssl.so* $(STAGING_DIR)/usr/lib/ - chmod a-x $(STAGING_DIR)/usr/lib/libssl.so.0.9.7 + chmod a-x $(STAGING_DIR)/usr/lib/libssl.so.0.9.8 (cd $(STAGING_DIR)/usr/lib; \ - ln -fs libssl.so.0.9.7 libssl.so; \ - ln -fs libssl.so.0.9.7 libssl.so.0; \ + ln -fs libssl.so.0.9.8 libssl.so; \ + ln -fs libssl.so.0.9.8 libssl.so.0; \ ) touch -c $@ -$(TARGET_PATH)/usr/lib/libcrypto.so.0.9.7: $(STAGING_DIR)/usr/lib/libcrypto.a +$(TARGET_PATH)/usr/lib/libcrypto.so.0.9.8: $(STAGING_DIR)/usr/lib/libcrypto.a mkdir -p $(TARGET_PATH)/usr/lib + mkdir -p $(TARGET_PATH)/usr/lib/ssl + mkdir -p $(TARGET_PATH)/usr/lib/engines cp -fa $(STAGING_DIR)/usr/lib/libcrypto.so* $(TARGET_PATH)/usr/lib/ cp -fa $(STAGING_DIR)/usr/lib/libssl.so* $(TARGET_PATH)/usr/lib/ #cp -fa $(STAGING_DIR)/bin/openssl $(TARGET_PATH)/bin/ - $(STRIPCMD) $(TARGET_PATH)/usr/lib/libssl.so.0.9.7 - $(STRIPCMD) $(TARGET_PATH)/usr/lib/libcrypto.so.0.9.7 + $(STRIPCMD) $(TARGET_PATH)/usr/lib/libssl.so.0.9.8 + $(STRIPCMD) $(TARGET_PATH)/usr/lib/libcrypto.so.0.9.8 $(TARGET_DIR)/usr/lib/libssl.a: $(STAGING_DIR)/usr/lib/libcrypto.a mkdir -p $(TARGET_DIR)/usr/include diff --git a/mfs/linux_mfs/source/openssl/openssl.patch b/mfs/linux_mfs/source/openssl/openssl.patch index 7a3563228f9e15ee245534a51b756a3f92b3d0b1..a68938021e27fe1063461fdc310a1f76d027f752 100644 --- a/mfs/linux_mfs/source/openssl/openssl.patch +++ b/mfs/linux_mfs/source/openssl/openssl.patch @@ -1,130 +1,13 @@ -diff -ruN openssl-0.9.7m.orig/Configure openssl-0.9.7m/Configure ---- openssl-0.9.7m.orig/Configure 2007-02-22 17:30:49.000000000 -0500 -+++ openssl-0.9.7m/Configure 2007-07-23 21:10:15.000000000 -0400 -@@ -1,4 +1,4 @@ --: -+#!/usr/bin/perl - eval 'exec perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ## -@@ -390,6 +390,41 @@ - # assembler versions -- currently defunct: - ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", - -+# Sane Linux configuration values, stolen from the Debian package.... -+"linux-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-freebsd-i386", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+#"linux-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC", -+"linux-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-cris", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the - # bn86-elf.o file file since it is hand tweaked assembler. - "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -@@ -437,6 +472,7 @@ - # ARM comes in both little- and big-endian flavors. The following line is - # endian neutral, but ./config is free to throw in -D[BL]_ENDIAN... - "linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-elf-armeb","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - - # SCO/Caldera targets. - # -diff -ruN openssl-0.9.7m.orig/crypto/md5/asm/md5-sparcv9.S openssl-0.9.7m/crypto/md5/asm/md5-sparcv9.S ---- openssl-0.9.7m.orig/crypto/md5/asm/md5-sparcv9.S 2003-05-29 18:22:34.000000000 -0400 -+++ openssl-0.9.7m/crypto/md5/asm/md5-sparcv9.S 2007-07-23 21:09:34.000000000 -0400 -@@ -74,14 +74,14 @@ - #define Dval R8 - - #if defined(MD5_BLOCK_DATA_ORDER) --# if defined(OPENSSL_SYSNAME_ULTRASPARC) -+/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/ - # define LOAD lda - # define X(i) [%i1+i*4]%asi - # define md5_block md5_block_asm_data_order_aligned - # define ASI_PRIMARY_LITTLE 0x88 --# else -+/*# else - # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!" --# endif -+# endif*/ - #else - # define LOAD ld - # define X(i) [%i1+i*4] diff -ruN openssl-0.9.7m.orig/include/openssl/opensslconf.h openssl-0.9.7m/include/openssl/opensslconf.h --- openssl-0.9.7m.orig/include/openssl/opensslconf.h 2007-02-23 07:52:32.000000000 -0500 +++ openssl-0.9.7m/include/openssl/opensslconf.h 2007-07-23 21:09:34.000000000 -0400 -@@ -4,17 +4,38 @@ - /* OpenSSL was configured with the following options: */ - #ifndef OPENSSL_DOING_MAKEDEPEND - -+#ifndef OPENSSL_NO_IDEA -+# define OPENSSL_NO_IDEA -+#endif -+#ifndef OPENSSL_NO_MDC2 -+# define OPENSSL_NO_MDC2 -+#endif -+#ifndef OPENSSL_NO_RC5 -+# define OPENSSL_NO_RC5 -+#endif - #ifndef OPENSSL_NO_KRB5 - # define OPENSSL_NO_KRB5 - #endif - - #endif /* OPENSSL_DOING_MAKEDEPEND */ -+#ifndef OPENSSL_THREADS -+# define OPENSSL_THREADS -+#endif - - /* The OPENSSL_NO_* macros are also defined as NO_* if the application - asks for it. This is a transient feature that is provided for those - who haven't had the time to do the appropriate changes in their - applications. */ - #ifdef OPENSSL_ALGORITHM_DEFINES -+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA) -+# define NO_IDEA -+# endif -+# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) -+# define NO_MDC2 -+# endif -+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) -+# define NO_RC5 -+# endif - # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) - # define NO_KRB5 - # endif @@ -27,7 +48,7 @@ #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +-#define ENGINESDIR "/usr/local/ssl/lib/engines" -#define OPENSSLDIR "/usr/local/ssl" ++#define ENGINESDIR "/usr/lib/ssl/engines" +#define OPENSSLDIR "/usr/lib/ssl" #endif #endif diff --git a/mfs/linux_mfs/source/target_template/template/bin/tcsh b/mfs/linux_mfs/source/target_template/template/bin/tcsh.fake similarity index 100% rename from mfs/linux_mfs/source/target_template/template/bin/tcsh rename to mfs/linux_mfs/source/target_template/template/bin/tcsh.fake diff --git a/mfs/linux_mfs/source/target_template/template/etc/shells b/mfs/linux_mfs/source/target_template/template/etc/shells index e54f807945d2e5d20a27fc0bafbd2b7c79216a78..001f33eb879a0c5a1d2c8014f04ffd4bd86e46ea 100644 --- a/mfs/linux_mfs/source/target_template/template/etc/shells +++ b/mfs/linux_mfs/source/target_template/template/etc/shells @@ -1,3 +1,3 @@ /bin/sh +/bin/csh /bin/tcsh -/bin/bash diff --git a/mfs/linux_mfs/source/tcsh/Makefile b/mfs/linux_mfs/source/tcsh/Makefile new file mode 100644 index 0000000000000000000000000000000000000000..30549c9199e36908a1b4df50d702f4ad09420bf1 --- /dev/null +++ b/mfs/linux_mfs/source/tcsh/Makefile @@ -0,0 +1,76 @@ +include ../../variables.mk + +TCSH_VERSION = 6.14.00 +TCSH_PATH = $(TARGET_BUILD_PATH)/tcsh-$(TCSH_VERSION) + +.PHONY: extract patch config \ + tcsh install clean all + +all: tcsh + +extract: $(TCSH_PATH)/.extract-stamp + +patch: $(TCSH_PATH)/.patch-stamp + +config: $(TCSH_PATH)/.config-stamp + +tcsh: $(TCSH_PATH)/tcsh + +install: $(TARGET_PATH)/bin/tcsh + +clean: + PATH=$(STAGING_DIR)/usr/bin:$(PATH) $(MAKE) -C $(TCSH_PATH) clean + rm -f $(TCSH_PATH)/.build-stamp $(TCSH_PATH)/.config-stamp + +$(TCSH_PATH)/.extract-stamp: + mkdir -p $(TARGET_BUILD_PATH) + cd $(TARGET_BUILD_PATH); tar xzf $(TARBALL_PATH)/tcsh-$(TCSH_VERSION).tar.gz + touch $@ + +$(TCSH_PATH)/.patch-stamp: $(TCSH_PATH)/.extract-stamp + $(SCRIPTS_PATH)/patch-kernel.sh $(TCSH_PATH) $(SOURCE_PATH)/tcsh '*.patch' + touch $@ + +$(TCSH_PATH)/.config-stamp: $(TCSH_PATH)/.patch-stamp + rm -f $(TCSH_PATH)/config.cache + (cd $(TCSH_PATH); \ + PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ + $(HOST_CONFIGURE_OPTS) \ + ./configure \ + --target=$(MFS_ARCH)-linux-uclibc \ + --host=$(MFS_ARCH)-linux-uclibc \ + --build=$(MFS_ARCH)-linux-gnu \ + --prefix=/usr \ + --exec-prefix=/usr \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --libdir=/lib \ + --libexecdir=/usr/lib \ + --sysconfdir=/etc \ + --datadir=/usr/share \ + --localstatedir=/var \ + --mandir=/usr/man \ + --infodir=/usr/info \ + ) + touch $@ + +#--enable-elf-shlibs --enable-dynamic-e2fsck --disable-swapfs \ + +#--enable-elf-shlibs \ + +$(TCSH_PATH)/tcsh: $(TCSH_PATH)/.config-stamp + PATH=$(STAGING_DIR)/usr/bin:$(PATH) \ + CC=$(TARGET_CC) \ + $(MAKE) -C $(TCSH_PATH) \ + $(TARGET_CONFIGURE_OPTS) LD=$(MFS_ARCH)-linux-uclibc-gcc + touch $@ + +$(TARGET_PATH)/bin/tcsh: $(TCSH_PATH)/tcsh + install -d -m 755 $(TARGET_PATH)/bin + rm -f $(TARGET_PATH)/bin/tcsh + rm -f $(TARGET_PATH)/bin/csh + install -m 755 $< $@ + $(STRIPCMD) --strip-unneeded $@ + ln -sf /bin/tcsh $(TARGET_PATH)/bin/csh + touch -c $@ + diff --git a/mfs/linux_mfs/source/tcsh/configure_cross_compile.patch b/mfs/linux_mfs/source/tcsh/configure_cross_compile.patch new file mode 100644 index 0000000000000000000000000000000000000000..84a4a6d1e6bb6cc01715bf74a91da97930b9e9bd --- /dev/null +++ b/mfs/linux_mfs/source/tcsh/configure_cross_compile.patch @@ -0,0 +1,149 @@ +diff -ur tcsh-6.14.00.orig/config.sub tcsh-6.14.00/config.sub +--- tcsh-6.14.00.orig/config.sub 2002-07-12 07:14:20.000000000 -0600 ++++ tcsh-6.14.00/config.sub 2010-07-21 12:51:55.000000000 -0600 +@@ -1216,6 +1216,9 @@ + ;; + -none) + ;; ++ -uclibc) ++ os=-linux-gnu ++ ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` +diff -ur tcsh-6.14.00.orig/configure tcsh-6.14.00/configure +--- tcsh-6.14.00.orig/configure 2005-03-23 06:20:30.000000000 -0700 ++++ tcsh-6.14.00/configure 2010-07-21 13:33:28.000000000 -0600 +@@ -7110,72 +7110,75 @@ + + fi + +-echo "$as_me:$LINENO: checking whether setpgrp takes no argument" >&5 +-echo $ECHO_N "checking whether setpgrp takes no argument... $ECHO_C" >&6 +-if test "${ac_cv_func_setpgrp_void+set}" = set; then +- echo $ECHO_N "(cached) $ECHO_C" >&6 +-else +- if test "$cross_compiling" = yes; then +- { { echo "$as_me:$LINENO: error: cannot check setpgrp when cross compiling" >&5 +-echo "$as_me: error: cannot check setpgrp when cross compiling" >&2;} +- { (exit 1); exit 1; }; } +-else +- cat >conftest.$ac_ext <<_ACEOF +-/* confdefs.h. */ +-_ACEOF +-cat confdefs.h >>conftest.$ac_ext +-cat >>conftest.$ac_ext <<_ACEOF +-/* end confdefs.h. */ +-#if HAVE_UNISTD_H +-# include +-#endif +- +-int +-main () +-{ +-/* If this system has a BSD-style setpgrp which takes arguments, +- setpgrp(1, 1) will fail with ESRCH and return -1, in that case +- exit successfully. */ +- exit (setpgrp (1,1) == -1 ? 0 : 1); +- ; +- return 0; +-} +-_ACEOF +-rm -f conftest$ac_exeext +-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 +- (eval $ac_link) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); } && { ac_try='./conftest$ac_exeext' +- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 +- (eval $ac_try) 2>&5 +- ac_status=$? +- echo "$as_me:$LINENO: \$? = $ac_status" >&5 +- (exit $ac_status); }; }; then +- ac_cv_func_setpgrp_void=no +-else +- echo "$as_me: program exited with status $ac_status" >&5 +-echo "$as_me: failed program was:" >&5 +-sed 's/^/| /' conftest.$ac_ext >&5 ++#echo "$as_me:$LINENO: checking whether setpgrp takes no argument" >&5 ++#echo $ECHO_N "checking whether setpgrp takes no argument... $ECHO_C" >&6 ++#if test "${ac_cv_func_setpgrp_void+set}" = set; then ++# echo $ECHO_N "(cached) $ECHO_C" >&6 ++#else ++# if test "$cross_compiling" = yes; then ++# { { echo "$as_me:$LINENO: error: cannot check setpgrp when cross compiling" >&5 ++#echo "$as_me: error: cannot check setpgrp when cross compiling" >&2;} ++# { (exit 1); exit 1; }; } ++#else ++# cat >conftest.$ac_ext <<_ACEOF ++#/* confdefs.h. */ ++#_ACEOF ++#cat confdefs.h >>conftest.$ac_ext ++#cat >>conftest.$ac_ext <<_ACEOF ++#/* end confdefs.h. */ ++##if HAVE_UNISTD_H ++## include ++##endif ++ ++#int ++#main () ++#{ ++#/* If this system has a BSD-style setpgrp which takes arguments, ++# setpgrp(1, 1) will fail with ESRCH and return -1, in that case ++# exit successfully. */ ++# exit (setpgrp (1,1) == -1 ? 0 : 1); ++# ; ++# return 0; ++#} ++#_ACEOF ++#rm -f conftest$ac_exeext ++#if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 ++# (eval $ac_link) 2>&5 ++# ac_status=$? ++# echo "$as_me:$LINENO: \$? = $ac_status" >&5 ++# (exit $ac_status); } && { ac_try='./conftest$ac_exeext' ++# { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 ++# (eval $ac_try) 2>&5 ++# ac_status=$? ++# echo "$as_me:$LINENO: \$? = $ac_status" >&5 ++# (exit $ac_status); }; }; then ++# ac_cv_func_setpgrp_void=no ++#else ++# echo "$as_me: program exited with status $ac_status" >&5 ++#echo "$as_me: failed program was:" >&5 ++#sed 's/^/| /' conftest.$ac_ext >&5 ++ ++#( exit $ac_status ) ++#ac_cv_func_setpgrp_void=yes ++#fi ++#rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext ++#fi ++#fi ++#echo "$as_me:$LINENO: result: $ac_cv_func_setpgrp_void" >&5 ++#echo "${ECHO_T}$ac_cv_func_setpgrp_void" >&6 ++#if test $ac_cv_func_setpgrp_void = yes; then ++ ++#cat >>confdefs.h <<\_ACEOF ++##define SETPGRP_VOID 1 ++#_ACEOF + +-( exit $ac_status ) +-ac_cv_func_setpgrp_void=yes +-fi +-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +-fi +-fi +-echo "$as_me:$LINENO: result: $ac_cv_func_setpgrp_void" >&5 +-echo "${ECHO_T}$ac_cv_func_setpgrp_void" >&6 +-if test $ac_cv_func_setpgrp_void = yes; then ++#fi + ++# XXX hack + cat >>confdefs.h <<\_ACEOF + #define SETPGRP_VOID 1 + _ACEOF + +-fi +- +- +- diff --git a/mfs/linux_mfs/source/toolchain/uClibc-0.9.30.config b/mfs/linux_mfs/source/toolchain/uClibc-0.9.30.config index 6daafb9848e6cb45743cd72ab79ad66d91ad3e4a..2d8cb2a6aa5ab354dd5a8e4f92274da73021e39d 100644 --- a/mfs/linux_mfs/source/toolchain/uClibc-0.9.30.config +++ b/mfs/linux_mfs/source/toolchain/uClibc-0.9.30.config @@ -240,3 +240,5 @@ WARNINGS="-Wall" # CONFIG_ARM_XSCALE is not set # CONFIG_ARM_IWMMXT is not set +UCLIBC_HAS_OBSOLETE_BSD_SIGNAL=y +UCLIBC_HAS_OBSOLETE_SYSV_SIGNAL=y diff --git a/protogeni/lib/GeniCM.pm.in b/protogeni/lib/GeniCM.pm.in index 9640ef7141abcb58e6993128d93a44dfe86ecaf9..d72194c33700abd224633664fa2f2a1d9245e12d 100644 --- a/protogeni/lib/GeniCM.pm.in +++ b/protogeni/lib/GeniCM.pm.in @@ -992,7 +992,7 @@ sub GetTicketAuxAux($$$$$$$$$) "vport" => $vport}; # This is used after the mapper runs since it uses vname:vport. - $vportmap{"$node_nickname:$vport"} = $linkref; + $vportmap{"$node_nickname:$vport"} = {"rspec" => $linkref}; } } @@ -1151,8 +1151,9 @@ sub GetTicketAuxAux($$$$$$$$$) if (defined($user_bandwidth)) { $bandwidth = $user_bandwidth; } - - $virtexperiment->NewTableRow("virt_lans", + + my $virtlan = + $virtexperiment->NewTableRow("virt_lans", {"vname" => $lanname, "vnode" => $node_nickname, "vport" => $iface_vport, @@ -1167,6 +1168,7 @@ sub GetTicketAuxAux($$$$$$$$$) "rbandwidth" => $bandwidth, # kbps "rlossrate" => 0.0, "fixed_iface" => $iface_name}); + $vportmap{$member}->{"virtlan"} = $virtlan; $ifacenum++; } $linknum++; @@ -1352,12 +1354,16 @@ sub GetTicketAuxAux($$$$$$$$$) "Virtual node ID or virtual interface ID missing on interface"); goto bad; } - my $linkref = $vportmap{"$virtual_node_id:$virtual_port_id"}; + my $vportp = $vportmap{"$virtual_node_id:$virtual_port_id"}; + my $linkref = $vportp->{'rspec'}; + my $virtlan = $vportp->{'virtlan'}; + $virtlan->fixed_iface($component_id) + if (defined($component_id)); $component_id = "lo0" if (!defined($component_id)); if (! GeniXML::SetText("component_id", $linkref, $component_id)) { $response = GeniResponse->Create(GENIRESPONSE_ERROR, undef, - "Bad XML: Failed to add component_id"); + "Bad XML: Failed to add component_id"); goto bad; } } diff --git a/protogeni/lib/GeniCredential.pm.in b/protogeni/lib/GeniCredential.pm.in old mode 100644 new mode 100755 index 6ec682c37b9350304624141ab450277bcac494f8..b82c3ae311169c6d6f72e7e59674145710a9d283 --- a/protogeni/lib/GeniCredential.pm.in +++ b/protogeni/lib/GeniCredential.pm.in @@ -513,9 +513,12 @@ sub Sign($$) # # Create a template xml file to sign. # + my $id = sprintf( "%04X%04X%04X%04X", int( rand( 0x10000 ) ), + int( rand( 0x10000 ) ), int( rand( 0x10000 ) ), + int( rand( 0x10000 ) ) ); my $template = "\n". - "\n". + "\n". " privilege\n". " $idx\n". " $owner_cert\n". diff --git a/protogeni/lib/GeniResource.pm.in b/protogeni/lib/GeniResource.pm.in index 7b0350ba104d163d1459cd208bac48c5f7138f8e..c888cd381ef2d4ff6af7b82001a92daba3bd4d3e 100644 --- a/protogeni/lib/GeniResource.pm.in +++ b/protogeni/lib/GeniResource.pm.in @@ -358,6 +358,13 @@ sub Ticket($) $self->{'NEWTICKET'} = $ticket; return $ticket; } +# Got a ticket? +sub HaveTicket($) +{ + my ($self) = @_; + + return $self->newticket_idx(); +} sub Manifest($) { @@ -696,7 +703,7 @@ sub GetTicket($$$$) print STDERR "Could not update ticket $ticket. Error: "; } else { - print STDERR "Could not get new ticket. Error: "; + print STDERR "Could not get new ticket from $self. Error: "; } print STDERR " " . $response->output() . "\n"; return -1; diff --git a/protogeni/lib/GeniSA.pm.in b/protogeni/lib/GeniSA.pm.in index 0a5cb398dede419ce5b21fea1c181f6cb94ec81b..8ad54a6f62f94329f8f067001112b25198e4480a 100644 --- a/protogeni/lib/GeniSA.pm.in +++ b/protogeni/lib/GeniSA.pm.in @@ -248,8 +248,7 @@ sub Resolve($) } my @slices = GeniSlice->LookupByCreator( $geniuser ); - my @sliceURNs = map( GeniHRN::Generate( $OURDOMAIN, "slice", - $_->slicename() ), @slices ); + my @sliceURNs = map( $_->urn(), @slices ); # Return a blob. my $blob = { "uid" => $geniuser->uid(), @@ -285,9 +284,7 @@ sub Resolve($) "creator_uuid" => $slice->creator_uuid(), "creator_urn" => $slice->creator_urn(), "gid" => $slice->cert(), - "urn" => GeniHRN::Generate($OURDOMAIN, - "slice", - $slice->slicename()), + "urn" => $slice->urn(), "component_managers" => \@managers }; $slice->UnLock(); diff --git a/protogeni/lib/GeniTicket.pm.in b/protogeni/lib/GeniTicket.pm.in index cad07fa707e223558c161634d1f5c87221900134..6203fd6fc4f462b6b1de80246ef429f451a05c95 100755 --- a/protogeni/lib/GeniTicket.pm.in +++ b/protogeni/lib/GeniTicket.pm.in @@ -244,9 +244,9 @@ sub Stringify($) $idx = "S$seqno"; } my $owner_hrn = $self->owner_hrn(); - my $target_uuid = $self->target_uuid(); + my $target_urn = $self->target_urn(); - return "[GeniTicket: $idx, owner:$owner_hrn, target_uuid:$target_uuid]"; + return "[GeniTicket: $idx, owner:$owner_hrn, target:$target_urn]"; } # diff --git a/protogeni/lib/GeniUser.pm.in b/protogeni/lib/GeniUser.pm.in index dc255bd86ab4982cb976c40cbbd9d4b1612ba9f0..d7a8694406f1ca1cbd40483476ccd4de8f135c82 100755 --- a/protogeni/lib/GeniUser.pm.in +++ b/protogeni/lib/GeniUser.pm.in @@ -333,8 +333,11 @@ sub Create($$$$;$) } # Insert the sshkey if we got one. - if (defined($keys)) { + if (defined($keys) && ref($keys)) { foreach my $keyref (@{ $keys }) { + next + if (!ref($keyref)); + my $key = $keyref->{'key'}; my $type = $keyref->{'type'}; @@ -385,11 +388,14 @@ sub Modify($$$$) "where idx='$idx'")); } - if (defined($keys)) { + if (defined($keys) && ref($keys)) { return -1 if (!DBQueryWarn("delete from geni_userkeys where uuid='$uuid'")); foreach my $keyref (@{ $keys }) { + next + if (!ref($keyref)); + my $key = $keyref->{'key'}; my $type = $keyref->{'type'}; diff --git a/protogeni/scripts/createcerts.in b/protogeni/scripts/createcerts.in deleted file mode 100755 index 7b6628cec20d16fb6e2ced1859264a6f1130dd14..0000000000000000000000000000000000000000 --- a/protogeni/scripts/createcerts.in +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl -w -# -# GENIPUBLIC-COPYRIGHT -# Copyright (c) 2008-2009 University of Utah and the Flux Group. -# All rights reserved. -# -use strict; -use English; -use Getopt::Std; - -# -# Create the certs for a new protogeni emulab. Add optional -c option if -# this is a clearinghouse. -# -sub usage() -{ - print "Usage: createpgenicerts [-c]\n"; - exit(1); -} -my $optlist = "c"; -my $asch = 0; - -# -# Configure variables -# -my $TB = "@prefix@"; -my $TBOPS = "@TBOPSEMAIL@"; -my $TBLOGS = "@TBLOGSEMAIL@"; -my $PGENIDOMAIN = "@PROTOGENI_DOMAIN@"; -my $PGENISUPPORT = @PROTOGENI_SUPPORT@; -my $TBBASE = "@TBBASE@"; -my $mksyscert = "$TB/sbin/mksyscert"; - -# un-taint path -$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin'; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - -# Protos -sub fatal($); - -# -# Turn off line buffering on output -# -$| = 1; - -# Load the Testbed support stuff. -use lib "@prefix@/lib"; -use libdb; -use libtestbed; - -if ($UID != 0) { - fatal("Must be root to run this script\n"); -} - -# -# Check args. -# -my %options = (); -if (! getopts($optlist, \%options)) { - usage(); -} -if (defined($options{"c"})) { - $asch = 1; -} - -# -# Generate the certs we need. -# -system("$mksyscert -o /tmp/genicm.pem ". - " -u $TBBASE/protogeni/xmlrpc/cm $PGENIDOMAIN.cm") == 0 - or fatal("Could not generate CM certificate"); -system("$mksyscert -o /tmp/genisa.pem ". - " -u $TBBASE/protogeni/xmlrpc/sa $PGENIDOMAIN.sa") == 0 - or fatal("Could not generate SA certificate"); -if ($asch) { - system("$mksyscert -o /tmp/genich.pem ". - " -u $TBBASE/protogeni/xmlrpc/ch $PGENIDOMAIN.ch") == 0 - or fatal("Could not generate CH certificate"); -} - -exit(0); - -sub fatal($) -{ - my ($msg) = @_; - - die("*** $0:\n". - " $msg\n"); -} diff --git a/protogeni/test/delegate.py b/protogeni/test/delegate.py index 45062bf22a7e08082a27dd3c88ef5cfd783c7942..1940b8fd88d51354a9a0772e7eba98c697aa5e88 100755 --- a/protogeni/test/delegate.py +++ b/protogeni/test/delegate.py @@ -16,6 +16,7 @@ import datetime import getopt import os +import random import re import sys import tempfile @@ -200,11 +201,14 @@ old = Lookup( doc.documentElement, "credential" ) c = doc.createElement( "credential" ) -id = 1 -while filter( lambda x: x.getAttribute( "xml:id" ) == "ref" + str( id ), - doc.getElementsByTagName( "credential" ) ): - id = id + 1 -c.setAttribute( "xml:id", "ref" + str( id ) ) +# I really want do loops in Python... +while True: + id = "ref" + '%016X' % random.getrandbits( 64 ) + if not filter( lambda x: x.getAttribute( "xml:id" ) == "ref" + str( id ), + doc.getElementsByTagName( "credential" ) ): + break + +c.setAttribute( "xml:id", str( id ) ) c.appendChild( Lookup( old, "type" ).cloneNode( True ) ) c.appendChild( SimpleNode( doc, "serial", "1" ) ) @@ -258,7 +262,7 @@ p.appendChild( old ) c.appendChild( p ) signature = doc.createElement( "Signature" ); -signature.setAttribute( "xml:id", "Sig_ref" + str( id ) ) +signature.setAttribute( "xml:id", "Sig_" + str( id ) ) signature.setAttribute( "xmlns", "http://www.w3.org/2000/09/xmldsig#" ) Lookup( doc.documentElement, "signatures" ).appendChild( signature ) signedinfo = doc.createElement( "SignedInfo" ) @@ -272,7 +276,7 @@ sigmeth.setAttribute( "Algorithm", "http://www.w3.org/2000/09/xmldsig#rsa-sha1" ) signedinfo.appendChild( sigmeth ) reference = doc.createElement( "Reference" ); -reference.setAttribute( "URI", "#ref" + str( id ) ) +reference.setAttribute( "URI", "#" + str( id ) ) signedinfo.appendChild( reference ) transforms = doc.createElement( "Transforms" ) reference.appendChild( transforms ) @@ -309,7 +313,7 @@ doc.writexml( tmpfile ) tmpfile.flush() ret = os.spawnlp( os.P_WAIT, XMLSEC1, XMLSEC1, "--sign", "--node-id", - "Sig_ref" + str( id ), "--privkey-pem", + "Sig_" + str( id ), "--privkey-pem", CERTIFICATE + "," + CERTIFICATE, tmpfile.name ) if ret == 127: print >> sys.stderr, XMLSEC1 + ": invocation error\n" diff --git a/protogeni/test/getticket.py b/protogeni/test/getticket.py index 41a57e12a1a5b95b75282b6ddb3a66ff81fc2336..d175c7570a91e2ab74bdb9fe9afc020f172602f2 100755 --- a/protogeni/test/getticket.py +++ b/protogeni/test/getticket.py @@ -107,7 +107,9 @@ ticket = response["value"] #print str(ticket) # -# Update the ticket. +# Update the ticket. Send back the original rspec, but technically wrong. +# Proper to dig out the rspec from the ticket and use that, modified if +# desired. # print "Got the ticket, doing a update on it. " params = {} diff --git a/protogeni/xmlrpc/GNUmakefile.in b/protogeni/xmlrpc/GNUmakefile.in index da3e4f9e78c7f4c827ac32715a05f202c1f361f6..08091764259fecfe455fb64352c8f86cd8f2c880 100644 --- a/protogeni/xmlrpc/GNUmakefile.in +++ b/protogeni/xmlrpc/GNUmakefile.in @@ -20,31 +20,26 @@ SETUID_LIBX_SCRIPTS = # Force dependencies on the scripts so that they will be rerun through # configure if the .in file is changed. # -all: protogeni-cm.pl protogeni-ch.pl protogeni-sa.pl protogeni-ses.pl \ - Genixmlrpc.pm GeniResponse.pm geni-am.pl +all: Genixmlrpc.pm GeniResponse.pm \ + protogeni-ch.pm protogeni-sa.pm protogeni-cm.pm \ + protogeni-ses.pm geni-am.pm \ + protogeni-wrapper.pl include $(TESTBED_SRCDIR)/GNUmakerules install-libs: $(INSTALL_LIBDIR)/Genixmlrpc.pm \ $(INSTALL_LIBDIR)/GeniResponse.pm \ + $(INSTALL_LIBDIR)/protogeni-ch.pm \ + $(INSTALL_LIBDIR)/protogeni-sa.pm \ + $(INSTALL_LIBDIR)/protogeni-cm.pm \ + $(INSTALL_LIBDIR)/protogeni-ses.pm \ + $(INSTALL_LIBDIR)/geni-am.pm \ $(INSTALL_DIR)/opsdir/lib/Genixmlrpc.pm \ $(INSTALL_DIR)/opsdir/lib/GeniResponse.pm -install-scripts: $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl \ - $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl \ - $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ch.pl \ - $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl \ - $(INSTALL_DIR)/protogeni/xmlrpc/geni-am.pl - $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl - $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-sa.pl - $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ch.pl - $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ch.pl - $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl - $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-cm.pl - $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl - $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-ses.pl - $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/geni-am.pl - $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/geni-am.pl +install-scripts: $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-wrapper.pl + $(SUDO) chown root $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-wrapper.pl + $(SUDO) chmod u+s $(INSTALL_DIR)/protogeni/xmlrpc/protogeni-wrapper.pl install: install-libs install-scripts diff --git a/protogeni/xmlrpc/geni-am.pl.in b/protogeni/xmlrpc/geni-am.pl.in deleted file mode 100644 index 5088af34686eb72b7b53910d992b28fd8406c127..0000000000000000000000000000000000000000 --- a/protogeni/xmlrpc/geni-am.pl.in +++ /dev/null @@ -1,290 +0,0 @@ -#!/usr/bin/perl -w -# -# GENIPUBLIC-COPYRIGHT -# Copyright (c) 2008-2010 University of Utah and the Flux Group. -# All rights reserved. -# - -# -# Simple CGI interface to the GENI xmlrpc interface. This script is invoked -# from the web server. The certificate information is in the environment -# set up by apache. -# -use strict; -use English; -use Frontier::Responder; -use Frontier::RPC2; -use Data::Dumper; -use POSIX; -use Crypt::X509; -use Crypt::OpenSSL::X509; - -# Yack. apache does not close fds before the exec, and if this dies -# we are left with a giant mess. -BEGIN { - no warnings; - for (my $i = 3; $i < 1024; $i++) { - POSIX:close($i); - } -} - -# Do this early so that we talk to the right DB. -use vars qw($GENI_DBNAME); -BEGIN { $GENI_DBNAME = "geni-cm"; } - -# Configure variables -my $EMULAB_PEMFILE = "@prefix@/etc/genicm.pem"; -my $MAINSITE = @TBMAINSITE@; -my $VERSION = "1.0"; - -# Testbed libraries. -use lib '@prefix@/lib'; -use GeniAM; -use Genixmlrpc; -use GeniResponse; -use libaudit; - -# Geniuser. -my $user = "geniuser"; -my $group = "GeniSlices"; - -# Need a command line option. -my $debug = 0; - -# Determined by version. -my $responder; - -# -# Turn off line buffering on output -# -$| = 1; - -# -# Untaint the path -# -$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - -# -# So we know who/what we are acting as. -# -my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); -if (!defined($certificate)) { - die("*** $0:\n". - " Could not get uuid from $EMULAB_PEMFILE\n"); -} -$ENV{'MYUUID'} = $certificate->uuid(); -# The URN could also come from the certificate, and that might be preferable -# in some ways (if anybody is doing something silly like authenticating -# with somebody else's certificate). But that would require everybody to -# upgrade to URNs in their certificates, so we can't assume it yet. -$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+cm"; - -# -# Helper function to return a properly formated XML error. -# -sub XMLError($$) -{ - my ($code, $string) = @_; - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault($code, $string); - exit(0); -} - -# -# Make sure the client presented a valid certificate that apache says -# is okay. -# -# THIS HAS TO BE HERE! Why? Cause recent security patches disable SSL -# renegotiation, which is needed when a subdir turns on ssl client -# verification (as httpd.conf used to). Now, we set it to "optional", -# which avoids the renegotiation problem, but we have to make that -# this interface is always invoked by a client supplying a verifiable -# certificate. -# -if (! (exists($ENV{'SSL_CLIENT_VERIFY'}) && - $ENV{'SSL_CLIENT_VERIFY'} eq "SUCCESS")) { - XMLError(-1, "Invalid or missing certificate"); -} - -# -# In the prototype, we accept certificate signed by trusted roots -# (CA certs we have locally cached). This script runs as "geniuser" -# so that there is an emulab user context, or many of the scripts we -# invoke will complain and croak. -# -my $unix_uid = getpwnam("$user") or - die("*** $0:\n". - " No such user $user\n"); -my $unix_gid = getgrnam("$group") or - die("*** $0:\n". - " No such group $group\n"); - -# Flip to user and never go back -$GID = $unix_gid; -$EGID = "$unix_gid $unix_gid"; -$EUID = $UID = $unix_uid; -$ENV{'USER'} = $user; -$ENV{'LOGNAME'} = $user; - -# -# The UUID of the client certificate is in the env var SSL_CLIENT_S_DN_CN. -# If it actually looks like a UUID, then this correponds to an actual user, -# and the supplied credentials/tickets must match. At present, if there is -# no UUID, it is another emulab making a request directly, with no user -# context, and we just let that pass for now. -# -if (exists($ENV{'SSL_CLIENT_S_DN_CN'}) && - $ENV{'SSL_CLIENT_S_DN_CN'} =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) { - $ENV{'GENIUSER'} = $ENV{'SSL_CLIENT_S_DN_CN'}; - $ENV{'GENIUUID'} = $ENV{'SSL_CLIENT_S_DN_CN'}; -} -# Ignore the lack of UUID, they are going away. -#else { -# XMLError(-1, "Invalid certificate; no UUID"); -#} - -# Furthermore, disable UUID checks in GeniCredential -use GeniCredential; -$GeniCredential::CHECK_UUID = 0; - -# -# The CERT data from apache holds the URN of the caller. -# -if (exists($ENV{'SSL_CLIENT_CERT'})) { - my $x509 = eval { - Crypt::OpenSSL::X509->new_from_string($ENV{'SSL_CLIENT_CERT'}); }; - if ($@) { - XMLError(-1, "Invalid certificate: $@"); - } - my $cert = $x509->as_string(Crypt::OpenSSL::X509::FORMAT_ASN1); - XMLError(-1, "Could not convert certificate to ASN1") - if (!defined($cert) || $cert eq ''); - my $decoded = Crypt::X509->new( cert => $cert ); - if ($decoded->error) { - XMLError(-1, "Error decoding certificate:" . $decoded->error); - } - foreach my $tmp (@{ $decoded->SubjectAltName }) { - if ($tmp =~ /^uniformResourceIdentifier=(urn:publicid:.*)$/ || - $tmp =~ /^(urn:publicid:.*)$/) { - $ENV{'GENIURN'} = $1; - } - } -} -XMLError(-1, "Invalid authentication certificate; no URN. Please regenerate.") - if (!exists($ENV{'GENIURN'})); - -# -# Reaching into the Frontier code so I can debug this crap. -# -my $request = Frontier::Responder::get_cgi_request(); -if (!defined($request)) { - print "Content-Type: text/txt\n\n"; - exit(0); -} - -if (exists($ENV{'PATH_INFO'}) && $ENV{'PATH_INFO'} ne "") { - my $pathinfo = $ENV{'PATH_INFO'}; - $pathinfo =~ s/^\///; - my @parts = split(/\//, $pathinfo); - if (@parts) { - my $v = $parts[0]; - if ($v =~ /^[\d\.]+$/) { - $VERSION = "$v"; - } - } -} - -# -# Create and set our RPC context for any calls we end up making. -# -Genixmlrpc->SetContext(Genixmlrpc->Context($certificate)); - -if ($VERSION eq "1.0") { - $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniAM::GetVersion, - "ListResources" => \&GeniAM::ListResources, - "CreateSliver" => \&GeniAM::CreateSliver, - "DeleteSliver" => \&GeniAM::DeleteSliver, - "SliverStatus" => \&GeniAM::SliverStatus, - "RenewSliver" => \&GeniAM::RenewSliver, - "Shutdown" => \&GeniAM::Shutdown, - },); -} -else { - XMLError(-3, "Invalid API Version"); -} - -# -# Use libaudit to capture any output from libraries and programs. -# Send that to tbops so they can be fixed. -# -if ($MAINSITE) { - LogStart(0); - AddAuditInfo("to", "protogeni-errors\@flux.utah.edu") -} -else { - LogStart(0, undef, LIBAUDIT_LOGTBOPS()); -} - -# Add stuff for log message if sent. -AddAuditInfo("message", $request); -# CC errors to Utah for now. -AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu") - if (!$MAINSITE); - -my $response = $responder->{'_decode'}->serve($request, - $responder->{'methods'}); - -# Add stuff for log message if sent. -AddAuditInfo("message", $response . "\n\n" . $request); - -#---------------------------------------------------------------------- -# Morph the ProtoGENI response (a hash with three keys; a -# GeniResponse) into a GENI AM response (a single value or a fault if -# there is an error). -# -# $response is an XML RPC response, which is a three element hash. The -# value element is the GeniResponse hash. -#---------------------------------------------------------------------- -my $decoder = Frontier::RPC2->new(); -my $object = $decoder->decode($response); -my $geni_response = $object->{'value'}[0]; -if (GeniResponse::IsError($geni_response)) { - # An error result gets mapped to an XML RPC fault - $response = $decoder->encode_fault(GeniResponse::code($geni_response), - GeniResponse::output($geni_response)); -} else { - # A successful result means return the value - $response = $decoder->encode_response(GeniResponse::value($geni_response)); -} - -# -# Terminate the log capture so that we can print the response to STDOUT -# for the web server. -# -LogEnd(0); - -print "Content-Type: text/xml \n\n" . $response; -exit(0); - -# -# Want to prevent bad exit. -# -END { - my $exitcode = $?; - - if ($exitcode) { - LogEnd(0); - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault(-2, "XMLRPC Server Error"); - - # Since we converted to a normal error and sent the log message. - $? = 0; - } -} - diff --git a/protogeni/xmlrpc/geni-am.pm.in b/protogeni/xmlrpc/geni-am.pm.in new file mode 100644 index 0000000000000000000000000000000000000000..454ff576fbe0b51615f194d3ccec4956f29f9f77 --- /dev/null +++ b/protogeni/xmlrpc/geni-am.pm.in @@ -0,0 +1,68 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; +use Frontier::Responder; +use Frontier::RPC2; + +# Do this early so that we talk to the right DB. +use vars qw($GENI_DBNAME $GENI_METHODS $EMULAB_PEMFILE + $GENI_RESPONSE_CONVERTER); +BEGIN { $GENI_DBNAME = "geni"; } + +# Configure variables +my $ETCDIR = "@prefix@/etc"; +$EMULAB_PEMFILE = "$ETCDIR/genisa.pem"; + +# Testbed libraries. +use lib '@prefix@/lib'; +use GeniAM; +use GeniResponse; + +if (!defined($GENI_VERSION) || $GENI_VERSION eq "1.0") { + $GENI_METHODS = { + "GetVersion" => \&GeniAM::GetVersion, + "ListResources" => \&GeniAM::ListResources, + "CreateSliver" => \&GeniAM::CreateSliver, + "DeleteSliver" => \&GeniAM::DeleteSliver, + "SliverStatus" => \&GeniAM::SliverStatus, + "RenewSliver" => \&GeniAM::RenewSliver, + "Shutdown" => \&GeniAM::Shutdown, + }; +} + +#---------------------------------------------------------------------- +# Morph the ProtoGENI response (a hash with three keys; a +# GeniResponse) into a GENI AM response (a single value or a fault if +# there is an error). +# +# $response is an XML RPC response, which is a three element hash. The +# value element is the GeniResponse hash. +#---------------------------------------------------------------------- +sub ConvertResponse($) +{ + my ($geni_response) = @_; + + my $decoder = Frontier::RPC2->new(); + my $response; + + if (GeniResponse::IsError($geni_response)) { + # An error result gets mapped to an XML RPC fault + $response = + $decoder->encode_fault(GeniResponse::code($geni_response), + GeniResponse::output($geni_response)); + } else { + # A successful result means return the value + $response = + $decoder->encode_response(GeniResponse::value($geni_response)); + } + return $response; +} +$GENI_RESPONSE_CONVERTER = \&ConvertResponse; + +1; + diff --git a/protogeni/xmlrpc/protogeni-ch.pl.in b/protogeni/xmlrpc/protogeni-ch.pl.in deleted file mode 100755 index 1f5dcba861f2c934111571a825ff6e4d4d1a7b17..0000000000000000000000000000000000000000 --- a/protogeni/xmlrpc/protogeni-ch.pl.in +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/perl -w -# -# GENIPUBLIC-COPYRIGHT -# Copyright (c) 2008-2010 University of Utah and the Flux Group. -# All rights reserved. -# - -# -# Simple CGI interface to the GENI xmlrpc interface. This script is invoked -# from the web server. The certificate information is in the environment -# set up by apache. -# -use strict; -use English; -use Frontier::Responder; -use Data::Dumper; -use POSIX; -use Crypt::X509; -use Crypt::OpenSSL::X509; - -# Yack. apache does not close fds before the exec, and if this dies -# we are left with a giant mess. -BEGIN { - no warnings; - for (my $i = 3; $i < 2048; $i++) { - POSIX:close($i); - } -} - -# Do this early so that we talk to the right DB. -use vars qw($GENI_DBNAME $GENI_ISCLRHOUSE $GENI_CHPEMFILE); -BEGIN { $GENI_DBNAME = "geni-ch"; $GENI_ISCLRHOUSE = 1; } - -# Configure variables -my $ETCDIR = "@prefix@/etc"; -my $EMULAB_PEMFILE = ((-s "$ETCDIR/genich-local.pem") ? - "$ETCDIR/genich-local.pem" : "$ETCDIR/genich.pem"); -# See GeniCredential; a helpful debugging aid. -$GENI_CHPEMFILE = $EMULAB_PEMFILE; - -# Testbed libraries. -use lib '@prefix@/lib'; -use GeniCH; -use GeniCertificate; -use GeniResponse; -use libaudit; - -# Geniuser. -my $user = "geniuser"; -my $group = "GeniSlices"; - -# -# Turn off line buffering on output -# -$| = 1; - -# -# Untaint the path -# -$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - -# -# So we know who/what we are acting as. -# -my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); -if (!defined($certificate)) { - die("*** $0:\n". - " Could not get uuid from $EMULAB_PEMFILE\n"); -} -$ENV{'MYUUID'} = $certificate->uuid(); -# The URN could also come from the certificate, and that might be preferable -# in some ways (if anybody is doing something silly like authenticating -# with somebody else's certificate). But that would require everybody to -# upgrade to URNs in their certificates, so we can't assume it yet. -$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+ch"; - -# -# Helper function to return a properly formated XML error. -# -sub XMLError($$) -{ - my ($code, $string) = @_; - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault($code, $string); - exit(0); -} - -# -# Make sure the client presented a valid certificate that apache says -# is okay. -# -# THIS HAS TO BE HERE! Why? Cause recent security patches disable SSL -# renegotiation, which is needed when a subdir turns on ssl client -# verification (as httpd.conf used to). Now, we set it to "optional", -# which avoids the renegotiation problem, but we have to make that -# this interface is always invoked by a client supplying a verifiable -# certificate. -# -if (! (exists($ENV{'SSL_CLIENT_VERIFY'}) && - $ENV{'SSL_CLIENT_VERIFY'} eq "SUCCESS")) { - XMLError(-1, "Invalid or missing certificate"); -} - -# -# In the prototype, we accept certificate signed by trusted roots -# (CA certs we have locally cached). This script runs as "geniuser" -# so that there is an emulab user context, or many of the scripts we -# invoke will complain and croak. -# -my $unix_uid = getpwnam("$user") or - die("*** $0:\n". - " No such user $user\n"); -my $unix_gid = getgrnam("$group") or - die("*** $0:\n". - " No such group $group\n"); - -# Flip to user and never go back -$GID = $unix_gid; -$EGID = "$unix_gid $unix_gid"; -$EUID = $UID = $unix_uid; -$ENV{'USER'} = $user; -$ENV{'LOGNAME'} = $user; - -# -# The UUID of the client certificate is in the env var SSL_CLIENT_S_DN_CN. -# If it actually looks like a UUID, then this correponds to an actual user, -# and the supplied credentials/tickets must match. At present, if there is -# no UUID, it is another emulab making a request directly, with no user -# context, and we just let that pass for now. -# -if (exists($ENV{'SSL_CLIENT_S_DN_CN'}) && - $ENV{'SSL_CLIENT_S_DN_CN'} =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) { - $ENV{'GENIUSER'} = $ENV{'SSL_CLIENT_S_DN_CN'}; - $ENV{'GENIUUID'} = $ENV{'SSL_CLIENT_S_DN_CN'}; -} -else { - XMLError(-1, "Invalid certificate; no UUID"); -} - -# -# The CERT data from apache holds the URN of the caller. -# -if (exists($ENV{'SSL_CLIENT_CERT'})) { - my $x509 = eval { - Crypt::OpenSSL::X509->new_from_string($ENV{'SSL_CLIENT_CERT'}); }; - if ($@) { - XMLError(-1, "Invalid certificate: $@"); - } - my $cert = $x509->as_string(Crypt::OpenSSL::X509::FORMAT_ASN1); - XMLError(-1, "Could not convert certificate to ASN1") - if (!defined($cert) || $cert eq ''); - my $decoded = Crypt::X509->new( cert => $cert ); - if ($decoded->error) { - XMLError(-1, "Error decoding certificate:" . $decoded->error); - } - foreach my $tmp (@{ $decoded->SubjectAltName }) { - if ($tmp =~ /^uniformResourceIdentifier=(.*)$/ || - $tmp =~ /^(urn:.*)$/) { - $ENV{'GENIURN'} = $1; - } - } -} -XMLError(-1, "Invalid authentication certificate; no URN. Please regenerate.") - if (!exists($ENV{'GENIURN'})); - -# -# Reaching into the Frontier code so I can debug this crap. -# -my $request = Frontier::Responder::get_cgi_request(); -if (!defined($request)) { - print "Content-Type: text/txt\n\n"; - exit(0); -} - -# -# Use libaudit to capture any output from libraries and programs. -# Send that to tbops so they can be fixed. -# -LogStart(0, undef, LIBAUDIT_LOGTBOPS()); - -my $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniCH::GetVersion, - "GetCredential" => \&GeniCH::GetCredential, - "Resolve" => \&GeniCH::Resolve, - "Register" => \&GeniCH::Register, - "Remove" => \&GeniCH::Remove, - "ListComponents" => \&GeniCH::ListComponents, - "PostCRL" => \&GeniCH::PostCRL, - "Shutdown" => \&GeniCH::Shutdown, - "List" => \&GeniCH::List, - }, -); - -my $response = $responder->{'_decode'}->serve($request, - $responder->{'methods'}); - -# Add stuff for log message if sent. -AddAuditInfo("message", $response . "\n\n" . $request); -# CC errors to Utah for now. -AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu"); - -# -# Terminate the log capture so that we can print the response to STDOUT -# for the web server. -# -LogEnd(); - -print "Content-Type: text/xml\n\n" . $response; -exit(0); - -# -# Want to prevent bad exit. -# -END { - my $exitcode = $?; - - if ($exitcode) { - LogEnd(0); - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault(-2, "XMLRPC Server Error"); - - # Since we converted to a normal error and sent the log message. - $? = 0; - } -} diff --git a/protogeni/xmlrpc/protogeni-ch.pm.in b/protogeni/xmlrpc/protogeni-ch.pm.in new file mode 100644 index 0000000000000000000000000000000000000000..a0efa22a179e21c988ff6eb9325c04fccd712137 --- /dev/null +++ b/protogeni/xmlrpc/protogeni-ch.pm.in @@ -0,0 +1,40 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; + +# Do this early so that we talk to the right DB. +use vars qw($GENI_DBNAME $GENI_ISCLRHOUSE $GENI_METHODS + $GENI_CHPEMFILE $EMULAB_PEMFILE); +BEGIN { $GENI_DBNAME = "geni-ch"; $GENI_ISCLRHOUSE = 1; } + +# Configure variables +my $ETCDIR = "@prefix@/etc"; + +$EMULAB_PEMFILE = ((-s "$ETCDIR/genich-local.pem") ? + "$ETCDIR/genich-local.pem" : "$ETCDIR/genich.pem"); +# See GeniCredential; a helpful debugging aid. +$GENI_CHPEMFILE = $EMULAB_PEMFILE; + +# Testbed libraries. +use lib '@prefix@/lib'; +use GeniCH; + +$GENI_METHODS = { + "GetVersion" => \&GeniCH::GetVersion, + "GetCredential" => \&GeniCH::GetCredential, + "Resolve" => \&GeniCH::Resolve, + "Register" => \&GeniCH::Register, + "Remove" => \&GeniCH::Remove, + "ListComponents" => \&GeniCH::ListComponents, + "PostCRL" => \&GeniCH::PostCRL, + "Shutdown" => \&GeniCH::Shutdown, + "List" => \&GeniCH::List, +}; + +1; + diff --git a/protogeni/xmlrpc/protogeni-cm.pm.in b/protogeni/xmlrpc/protogeni-cm.pm.in new file mode 100644 index 0000000000000000000000000000000000000000..318b4c5804b2657f3df5534b6c3e0e87c91ba4a4 --- /dev/null +++ b/protogeni/xmlrpc/protogeni-cm.pm.in @@ -0,0 +1,81 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; + +# Do this early so that we talk to the right DB. +use vars qw($GENI_DBNAME $GENI_METHODS $EMULAB_PEMFILE $GENI_VERSION); +BEGIN { $GENI_DBNAME = "geni-cm"; } + +# Configure variables +my $ETCDIR = "@prefix@/etc"; +$EMULAB_PEMFILE = "$ETCDIR/genicm.pem"; + +# Testbed libraries. +use lib '@prefix@/lib'; +use GeniCM; +use GeniCMV2; + +# Default +if (!defined($GENI_VERSION)) { + $GENI_VERSION = "2.0"; +} + +if ($GENI_VERSION eq "1.0") { + $GENI_METHODS = { + "GetVersion" => \&GeniCM::GetVersion, + "Resolve" => \&GeniCM::Resolve, + "DiscoverResources" => \&GeniCM::DiscoverResources, + "GetTicket" => \&GeniCM::GetTicket, + "UpdateTicket" => \&GeniCM::UpdateTicket, + "ReleaseTicket" => \&GeniCM::ReleaseTicket, + "RedeemTicket" => \&GeniCM::RedeemTicket, + "StartSliver" => \&GeniCM::StartSliver, + "DeleteSliver" => \&GeniCM::DeleteSliver, + "DeleteSlice" => \&GeniCM::DeleteSlice, + "SplitSliver" => \&GeniCM::SplitSliver, + "UpdateSliver" => \&GeniCM::UpdateSliver, + "GetSliver" => \&GeniCM::GetSliver, + "BindToSlice" => \&GeniCM::BindToSlice, + "Shutdown" => \&GeniCM::Shutdown, + "ListUsage" => \&GeniCM::ListUsage, + "SliceStatus" => \&GeniCM::SliceStatus, + "SliverStatus" => \&GeniCM::SliverStatus, + "SliverTicket" => \&GeniCM::SliverTicket, + "ListTickets" => \&GeniCM::ListTickets, + "ListHistory" => \&GeniCM::ListHistory, + "RenewSlice" => \&GeniCM::RenewSlice, + }; +} +elsif ($GENI_VERSION eq "2.0") { + $GENI_METHODS = { + "GetVersion" => \&GeniCMV2::GetVersion, + "Resolve" => \&GeniCMV2::Resolve, + "DiscoverResources" => \&GeniCMV2::DiscoverResources, + "CreateSliver" => \&GeniCMV2::CreateSliver, + "UpdateSliver" => \&GeniCMV2::UpdateSliver, + "DeleteSliver" => \&GeniCMV2::DeleteSliver, + "GetSliver" => \&GeniCMV2::GetSliver, + "Shutdown" => \&GeniCMV2::Shutdown, + "SliverStatus" => \&GeniCMV2::SliverStatus, + "RenewSlice" => \&GeniCMV2::RenewSlice, + "GetTicket" => \&GeniCMV2::GetTicket, + "ReleaseTicket" => \&GeniCMV2::ReleaseTicket, + "UpdateTicket" => \&GeniCMV2::UpdateTicket, + "RedeemTicket" => \&GeniCMV2::RedeemTicket, + "DeleteSlice" => \&GeniCMV2::DeleteSlice, + "StartSliver" => \&GeniCMV2::StartSliver, + "StopSliver" => \&GeniCMV2::StopSliver, + "RestartSliver" => \&GeniCMV2::RestartSliver, + "BindToSlice" => \&GeniCMV2::BindToSlice, + "ListUsage" => \&GeniCMV2::ListUsage, + "ListHistory" => \&GeniCMV2::ListHistory, + }; +} + +1; + diff --git a/protogeni/xmlrpc/protogeni-sa.pl.in b/protogeni/xmlrpc/protogeni-sa.pl.in deleted file mode 100755 index cd23c21e9b60227766643f02c7acb4941eb30212..0000000000000000000000000000000000000000 --- a/protogeni/xmlrpc/protogeni-sa.pl.in +++ /dev/null @@ -1,249 +0,0 @@ -#!/usr/bin/perl -w -# -# GENIPUBLIC-COPYRIGHT -# Copyright (c) 2008-2010 University of Utah and the Flux Group. -# All rights reserved. -# - -# -# Simple CGI interfce to the GENI xmlrpc interface. This script is invoked -# from the web server. The certificate information is in the environment -# set up by apache. -# -use strict; -use English; -use Frontier::Responder; -use Data::Dumper; -use POSIX; -use Crypt::X509; -use Crypt::OpenSSL::X509; - -# Yack. apache does not close fds before the exec, and if this dies -# we are left with a giant mess. -BEGIN { - no warnings; - for (my $i = 3; $i < 1024; $i++) { - POSIX:close($i); - } -} - -# Do this early so that we talk to the right DB. -use vars qw($GENI_DBNAME); -BEGIN { $GENI_DBNAME = "geni"; } - -# Configure variables -my $TBOPS = "@TBOPSEMAIL@"; -my $EMULAB_PEMFILE = "@prefix@/etc/genisa.pem"; -my $MAINSITE = @TBMAINSITE@; -my $VERSION = "1.0"; - -# Testbed libraries. -use lib '@prefix@/lib'; -use GeniSA; -use Genixmlrpc; -use GeniResponse; -use libaudit; -use libtestbed; - -# Geniuser. -my $user = "geniuser"; -my $group = "GeniSlices"; - -# -# Turn off line buffering on output -# -$| = 1; - -# -# Untaint the path -# -$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - -# -# So we know who/what we are acting as. -# -my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); -if (!defined($certificate)) { - die("*** $0:\n". - " Could not get uuid from $EMULAB_PEMFILE\n"); -} -$ENV{'MYUUID'} = $certificate->uuid(); -# The URN could also come from the certificate, and that might be preferable -# in some ways (if anybody is doing something silly like authenticating -# with somebody else's certificate). But that would require everybody to -# upgrade to URNs in their certificates, so we can't assume it yet. -$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+sa"; - -# -# Helper function to return a properly formated XML error. -# -sub XMLError($$) -{ - my ($code, $string) = @_; - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault($code, $string); - exit(0); -} - -# -# Make sure the client presented a valid certificate that apache says -# is okay. -# -# THIS HAS TO BE HERE! Why? Cause recent security patches disable SSL -# renegotiation, which is needed when a subdir turns on ssl client -# verification (as httpd.conf used to). Now, we set it to "optional", -# which avoids the renegotiation problem, but we have to make that -# this interface is always invoked by a client supplying a verifiable -# certificate. -# -if (! (exists($ENV{'SSL_CLIENT_VERIFY'}) && - $ENV{'SSL_CLIENT_VERIFY'} eq "SUCCESS")) { - XMLError(-1, "Invalid or missing certificate"); -} - -# -# In the prototype, we accept certificate signed by trusted roots -# (CA certs we have locally cached). This script runs as "geniuser" -# so that there is an emulab user context, or many of the scripts we -# invoke will complain and croak. -# -my $unix_uid = getpwnam("$user") or - die("*** $0:\n". - " No such user $user\n"); -my $unix_gid = getgrnam("$group") or - die("*** $0:\n". - " No such group $group\n"); - -# Flip to user and never go back -$GID = $unix_gid; -$EGID = "$unix_gid $unix_gid"; -$EUID = $UID = $unix_uid; -$ENV{'USER'} = $user; -$ENV{'LOGNAME'} = $user; - -# -# The UUID of the client certificate is in the env var SSL_CLIENT_S_DN_CN. -# If it actually looks like a UUID, then this correponds to an actual user, -# and the supplied credentials/tickets must match. At present, if there is -# no UUID, it is another emulab making a request directly, with no user -# context, and we just let that pass for now. -# -if (exists($ENV{'SSL_CLIENT_S_DN_CN'}) && - $ENV{'SSL_CLIENT_S_DN_CN'} =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) { - $ENV{'GENIUSER'} = $ENV{'SSL_CLIENT_S_DN_CN'}; - $ENV{'GENIUUID'} = $ENV{'SSL_CLIENT_S_DN_CN'}; -} -else { - XMLError(-1, "Invalid certificate; no UUID"); -} - -# -# The CERT data from apache holds the URN of the caller. -# -if (exists($ENV{'SSL_CLIENT_CERT'})) { - my $x509 = eval { - Crypt::OpenSSL::X509->new_from_string($ENV{'SSL_CLIENT_CERT'}); }; - if ($@) { - XMLError(-1, "Invalid certificate: $@"); - } - my $cert = $x509->as_string(Crypt::OpenSSL::X509::FORMAT_ASN1); - XMLError(-1, "Could not convert certificate to ASN1") - if (!defined($cert) || $cert eq ''); - my $decoded = Crypt::X509->new( cert => $cert ); - if ($decoded->error) { - XMLError(-1, "Error decoding certificate:" . $decoded->error); - } - foreach my $tmp (@{ $decoded->SubjectAltName }) { - if ($tmp =~ /^uniformResourceIdentifier=(.*)$/ || - $tmp =~ /^(urn:.*)$/) { - $ENV{'GENIURN'} = $1; - } - } -} -XMLError(-1, "Invalid authentication certificate; no URN. Please regenerate.") - if (!exists($ENV{'GENIURN'})); - -# -# Reaching into the Frontier code so I can debug this crap. -# -my $request = Frontier::Responder::get_cgi_request(); -if (!defined($request)) { - print "Content-Type: text/txt\n\n"; - exit(0); -} - -# -# Use libaudit to capture any output from libraries and programs. -# Send that to tbops so they can be fixed. -# -LogStart(0, undef, LIBAUDIT_LOGTBOPS()); - -if (exists($ENV{'PATH_INFO'}) && $ENV{'PATH_INFO'} ne "") { - my $pathinfo = $ENV{'PATH_INFO'}; - $pathinfo =~ s/^\///; - my @parts = split(/\//, $pathinfo); - if (@parts) { - my $v = $parts[0]; - if ($v =~ /^[\d\.]+$/) { - $VERSION = "$v"; - } - } -} - -# -# Create and set our RPC context for any calls we end up making. -# -Genixmlrpc->SetContext(Genixmlrpc->Context($certificate)); - -my $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniSA::GetVersion, - "GetCredential" => \&GeniSA::GetCredential, - "Resolve" => \&GeniSA::Resolve, - "Register" => \&GeniSA::Register, - "Remove" => \&GeniSA::Remove, - "GetKeys" => \&GeniSA::GetKeys, - "BindToSlice" => \&GeniSA::BindToSlice, - "Shutdown" => \&GeniSA::Shutdown, - "RenewSlice" => \&GeniSA::RenewSlice, - "RegisterSliver" => \&GeniSA::RegisterSliver, - "UnRegisterSliver" => \&GeniSA::UnRegisterSliver, - }, -); - -my $response = $responder->{'_decode'}->serve($request, - $responder->{'methods'}); - -# Add stuff for log message if sent. -AddAuditInfo("message", $response . "\n\n" . $request); -# CC errors to Utah for now. -AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu"); - -# -# Terminate the log capture so that we can print the response to STDOUT -# for the web server. -# -LogEnd(); - -print "Content-Type: text/xml \n\n" . $response; -exit(0); - -# -# Want to prevent bad exit. -# -END { - my $exitcode = $?; - - if ($exitcode) { - LogEnd(0); - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault(-2, "XMLRPC Server Error"); - - # Since we converted to a normal error and sent the log message. - $? = 0; - } -} diff --git a/protogeni/xmlrpc/protogeni-sa.pm.in b/protogeni/xmlrpc/protogeni-sa.pm.in new file mode 100644 index 0000000000000000000000000000000000000000..62b5b64c99417b29ca332f19177ab31c81ae61a2 --- /dev/null +++ b/protogeni/xmlrpc/protogeni-sa.pm.in @@ -0,0 +1,37 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; + +# Do this early so that we talk to the right DB. +use vars qw($GENI_DBNAME $GENI_METHODS $EMULAB_PEMFILE); +BEGIN { $GENI_DBNAME = "geni"; } + +# Configure variables +my $ETCDIR = "@prefix@/etc"; +$EMULAB_PEMFILE = "$ETCDIR/genisa.pem"; + +# Testbed libraries. +use lib '@prefix@/lib'; +use GeniSA; + +$GENI_METHODS = { + "GetVersion" => \&GeniSA::GetVersion, + "GetCredential" => \&GeniSA::GetCredential, + "Resolve" => \&GeniSA::Resolve, + "Register" => \&GeniSA::Register, + "Remove" => \&GeniSA::Remove, + "GetKeys" => \&GeniSA::GetKeys, + "BindToSlice" => \&GeniSA::BindToSlice, + "Shutdown" => \&GeniSA::Shutdown, + "RenewSlice" => \&GeniSA::RenewSlice, + "RegisterSliver" => \&GeniSA::RegisterSliver, + "UnRegisterSliver" => \&GeniSA::UnRegisterSliver, +}; + +1; + diff --git a/protogeni/xmlrpc/protogeni-ses.pl.in b/protogeni/xmlrpc/protogeni-ses.pl.in deleted file mode 100755 index c1d511409b6b8583512f0a1f8ac605cab19fe983..0000000000000000000000000000000000000000 --- a/protogeni/xmlrpc/protogeni-ses.pl.in +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/perl -w -# -# GENIPUBLIC-COPYRIGHT -# Copyright (c) 2008-2010 University of Utah and the Flux Group. -# All rights reserved. -# - -# -# Simple CGI interfce to the GENI xmlrpc interface. This script is invoked -# from the web server. The certificate information is in the environment -# set up by apache. -# -use strict; -use English; -use Frontier::Responder; -use Data::Dumper; -use POSIX; -use Crypt::X509; -use Crypt::OpenSSL::X509; - -# Yack. apache does not close fds before the exec, and if this dies -# we are left with a giant mess. -BEGIN { - no warnings; - for (my $i = 3; $i < 2048; $i++) { - POSIX:close($i); - } -} - -# Do this early so that we talk to the right DB. -use vars qw($GENI_DBNAME); -BEGIN { $GENI_DBNAME = "geni"; } - -# Configure variables -my $EMULAB_PEMFILE = "@prefix@/etc/genises.pem"; -my $MAINSITE = @TBMAINSITE@; - -# Testbed libraries. -use lib '@prefix@/lib'; -use GeniSES; -use Genixmlrpc; -use GeniResponse; -use libaudit; - -# Geniuser. -my $user = "geniuser"; -my $group = "GeniSlices"; - -# -# Turn off line buffering on output -# -$| = 1; - -# -# Untaint the path -# -$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; -delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; - -# -# So we know who/what we are acting as. -# -my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); -if (!defined($certificate)) { - die("*** $0:\n". - " Could not get uuid from $EMULAB_PEMFILE\n"); -} -$ENV{'MYUUID'} = $certificate->uuid(); -# The URN could also come from the certificate, and that might be preferable -# in some ways (if anybody is doing something silly like authenticating -# with somebody else's certificate). But that would require everybody to -# upgrade to URNs in their certificates, so we can't assume it yet. -$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+ses"; - -# -# Helper function to return a properly formated XML error. -# -sub XMLError($$) -{ - my ($code, $string) = @_; - - my $decoder = Frontier::RPC2->new(); - print "Content-Type: text/xml \n\n"; - print $decoder->encode_fault($code, $string); - exit(0); -} - -# -# Make sure the client presented a valid certificate that apache says -# is okay. -# -# THIS HAS TO BE HERE! Why? Cause recent security patches disable SSL -# renegotiation, which is needed when a subdir turns on ssl client -# verification (as httpd.conf used to). Now, we set it to "optional", -# which avoids the renegotiation problem, but we have to make that -# this interface is always invoked by a client supplying a verifiable -# certificate. -# -if (! (exists($ENV{'SSL_CLIENT_VERIFY'}) && - $ENV{'SSL_CLIENT_VERIFY'} eq "SUCCESS")) { - XMLError(-1, "Invalid or missing certificate"); -} - -# -# In the prototype, we accept certificate signed by trusted roots -# (CA certs we have locally cached). This script runs as "geniuser" -# so that there is an emulab user context, or many of the scripts we -# invoke will complain and croak. -# -my $unix_uid = getpwnam("$user") or - die("*** $0:\n". - " No such user $user\n"); -my $unix_gid = getgrnam("$group") or - die("*** $0:\n". - " No such group $group\n"); - -# Flip to user and never go back -$GID = $unix_gid; -$EGID = "$unix_gid $unix_gid"; -$EUID = $UID = $unix_uid; -$ENV{'USER'} = $user; -$ENV{'LOGNAME'} = $user; - -# -# The UUID of the client certificate is in the env var SSL_CLIENT_S_DN_CN. -# If it actually looks like a UUID, then this correponds to an actual user, -# and the supplied credentials/tickets must match. At present, if there is -# no UUID, it is another emulab making a request directly, with no user -# context, and we just let that pass for now. -# -if (exists($ENV{'SSL_CLIENT_S_DN_CN'}) && - $ENV{'SSL_CLIENT_S_DN_CN'} =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) { - $ENV{'GENIUSER'} = $ENV{'SSL_CLIENT_S_DN_CN'}; - $ENV{'GENIUUID'} = $ENV{'SSL_CLIENT_S_DN_CN'}; -} -else { - XMLError(-1, "Invalid certificate; no UUID"); -} - -# -# The CERT data from apache holds the URN of the caller. -# -if (exists($ENV{'SSL_CLIENT_CERT'})) { - my $x509 = eval { - Crypt::OpenSSL::X509->new_from_string($ENV{'SSL_CLIENT_CERT'}); }; - if ($@) { - XMLError(-1, "Invalid certificate: $@"); - } - my $cert = $x509->as_string(Crypt::OpenSSL::X509::FORMAT_ASN1); - XMLError(-1, "Could not convert certificate to ASN1") - if (!defined($cert) || $cert eq ''); - my $decoded = Crypt::X509->new( cert => $cert ); - if ($decoded->error) { - XMLError(-1, "Error decoding certificate:" . $decoded->error); - } - foreach my $tmp (@{ $decoded->SubjectAltName }) { - if ($tmp =~ /^uniformResourceIdentifier=(.*)$/ || - $tmp =~ /^(urn:.*)$/) { - $ENV{'GENIURN'} = $1; - } - } -} -XMLError(-1, "Invalid authentication certificate; no URN. Please regenerate.") - if (!exists($ENV{'GENIURN'})); - -# -# Reaching into the Frontier code so I can debug this crap. -# -my $request = Frontier::Responder::get_cgi_request(); -if (!defined($request)) { - print "Content-Type: text/txt\n\n"; - exit(0); -} - -# -# Use libaudit to capture any output from libraries and programs. -# Send that to tbops so they can be fixed. -# -LogStart(0, undef, LIBAUDIT_LOGTBOPS()); - -# -# Create and set our RPC context for any calls we end up making. -# -Genixmlrpc->SetContext(Genixmlrpc->Context($certificate)); - -my $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniSES::GetVersion, - "Map" => \&GeniSES::Map - } -); - -my $response = $responder->{'_decode'}->serve($request, - $responder->{'methods'}); - -# Add stuff for log message if sent. -AddAuditInfo("message", $response . "\n\n" . $request); -# CC errors to Utah for now. -AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu"); - -# -# Terminate the log capture so that we can print the response to STDOUT -# for the web server. -# -LogEnd(); - -print "Content-Type: text/xml \n\n" . $response; diff --git a/protogeni/xmlrpc/protogeni-ses.pm.in b/protogeni/xmlrpc/protogeni-ses.pm.in new file mode 100644 index 0000000000000000000000000000000000000000..28bb84de331025da9962294747fd954eb3d63eb4 --- /dev/null +++ b/protogeni/xmlrpc/protogeni-ses.pm.in @@ -0,0 +1,28 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; + +# Do this early so that we talk to the right DB. +use vars qw($GENI_DBNAME $GENI_METHODS $EMULAB_PEMFILE); +BEGIN { $GENI_DBNAME = "geni"; } + +# Configure variables +my $ETCDIR = "@prefix@/etc"; +$EMULAB_PEMFILE = "$ETCDIR/genises.pem"; + +# Testbed libraries. +use lib '@prefix@/lib'; +use GeniSES; + +$GENI_METHODS = { + "GetVersion" => \&GeniSES::GetVersion, + "Map" => \&GeniSES::Map +}; + +1; + diff --git a/protogeni/xmlrpc/protogeni-cm.pl.in b/protogeni/xmlrpc/protogeni-wrapper.pl.in similarity index 63% rename from protogeni/xmlrpc/protogeni-cm.pl.in rename to protogeni/xmlrpc/protogeni-wrapper.pl.in index 86de8575c15bf2f2ebb6d43880d2973c1e99c36d..6281fc11a79710e4369d3814db9c820f827bd5dd 100644 --- a/protogeni/xmlrpc/protogeni-cm.pl.in +++ b/protogeni/xmlrpc/protogeni-wrapper.pl.in @@ -28,30 +28,38 @@ BEGIN { } } -# Do this early so that we talk to the right DB. -use vars qw($GENI_DBNAME); -BEGIN { $GENI_DBNAME = "geni-cm"; } - # Configure variables -my $EMULAB_PEMFILE = "@prefix@/etc/genicm.pem"; my $MAINSITE = @TBMAINSITE@; -my $VERSION = "2.0"; +my $TBOPS = "@TBOPSEMAIL@"; +my $MODULE; +my $GENIURN; + +# These are the modules we load for each service. +my %GENI_MODULES = ( "cm" => "@prefix@/lib/protogeni-cm.pm", + "am" => "@prefix@/lib/geni-am.pm", + "sa" => "@prefix@/lib/protogeni-sa.pm", + "ch" => "@prefix@/lib/protogeni-ch.pm", + "ses" => "@prefix@/lib/protogeni-ses.pm" ); + +# These variables are shared with the loaded module. +use vars qw($EMULAB_PEMFILE $GENI_METHODS $GENI_VERSION + $GENI_RESPONSE_CONVERTER); # Testbed libraries. use lib '@prefix@/lib'; -use GeniCM; -use GeniCMV2; use Genixmlrpc; use GeniResponse; use libaudit; use emutil; +use libtestbed; # Geniuser. my $user = "geniuser"; my $group = "GeniSlices"; # Need a command line option. -my $debug = 0; +my $debug = 0; +my $mailerrors = 1; # Determined by version. my $responder; @@ -67,21 +75,6 @@ $| = 1; $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin'; delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; -# -# So we know who/what we are acting as. -# -my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); -if (!defined($certificate)) { - die("*** $0:\n". - " Could not get uuid from $EMULAB_PEMFILE\n"); -} -$ENV{'MYUUID'} = $certificate->uuid(); -# The URN could also come from the certificate, and that might be preferable -# in some ways (if anybody is doing something silly like authenticating -# with somebody else's certificate). But that would require everybody to -# upgrade to URNs in their certificates, so we can't assume it yet. -$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+cm"; - # # Helper function to return a properly formated XML error. # @@ -173,7 +166,7 @@ if (exists($ENV{'SSL_CLIENT_CERT'})) { foreach my $tmp (@{ $decoded->SubjectAltName }) { if ($tmp =~ /^uniformResourceIdentifier=(.*)$/ || $tmp =~ /^(urn:.*)$/) { - $ENV{'GENIURN'} = $1; + $GENIURN = $ENV{'GENIURN'} = $1; } } } @@ -194,73 +187,57 @@ if (exists($ENV{'PATH_INFO'}) && $ENV{'PATH_INFO'} ne "") { $pathinfo =~ s/^\///; my @parts = split(/\//, $pathinfo); if (@parts) { - my $v = $parts[0]; - if ($v =~ /^[\d\.]+$/) { - $VERSION = "$v"; + my $m = shift(@parts); + if ($m =~ /^[-\w]+$/) { + $MODULE = $m; + if (@parts) { + my $v = shift(@parts); + if ($v =~ /^[\d\.]+$/) { + $GENI_VERSION = "$v"; + } + } } } } +if (!defined($MODULE) || !exists($GENI_MODULES{$MODULE})) { + XMLError(-1, "Invalid module specification") +} +my $file = $GENI_MODULES{$MODULE}; + +# This just loads the file. +my $return = do $file; +if (!defined($return)) { + SENDMAIL($TBOPS, "Error loading module", + ($@ ? $@ : ($! ? $! : Dumper(%ENV)))); + XMLError(-1, "Internal error loading module"); +} +if (!(defined($GENI_METHODS) && defined($EMULAB_PEMFILE))) { + SENDMAIL($TBOPS, "Error loading module $MODULE", + "No definition for GENI_METHODS or EMULAB_PEMFILE"); + XMLError(-1, "Internal error loading module; missing definitions"); +} + +# +# So we know who/what we are acting as. +# +my $certificate = GeniCertificate->LoadFromFile($EMULAB_PEMFILE); +if (!defined($certificate)) { + die("*** $0:\n". + " Could not get uuid from $EMULAB_PEMFILE\n"); +} +$ENV{'MYUUID'} = $certificate->uuid(); +# The URN could also come from the certificate, and that might be preferable +# in some ways (if anybody is doing something silly like authenticating +# with somebody else's certificate). But that would require everybody to +# upgrade to URNs in their certificates, so we can't assume it yet. +$ENV{'MYURN'} = "urn:publicid:IDN+@OURDOMAIN@+authority+$MODULE"; + # # Create and set our RPC context for any calls we end up making. # Genixmlrpc->SetContext(Genixmlrpc->Context($certificate)); -if ($VERSION eq "1.0") { - $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniCM::GetVersion, - "Resolve" => \&GeniCM::Resolve, - "DiscoverResources" => \&GeniCM::DiscoverResources, - "GetTicket" => \&GeniCM::GetTicket, - "UpdateTicket" => \&GeniCM::UpdateTicket, - "ReleaseTicket" => \&GeniCM::ReleaseTicket, - "RedeemTicket" => \&GeniCM::RedeemTicket, - "StartSliver" => \&GeniCM::StartSliver, - "DeleteSliver" => \&GeniCM::DeleteSliver, - "DeleteSlice" => \&GeniCM::DeleteSlice, - "SplitSliver" => \&GeniCM::SplitSliver, - "UpdateSliver" => \&GeniCM::UpdateSliver, - "GetSliver" => \&GeniCM::GetSliver, - "BindToSlice" => \&GeniCM::BindToSlice, - "Shutdown" => \&GeniCM::Shutdown, - "ListUsage" => \&GeniCM::ListUsage, - "SliceStatus" => \&GeniCM::SliceStatus, - "SliverStatus" => \&GeniCM::SliverStatus, - "SliverTicket" => \&GeniCM::SliverTicket, - "ListTickets" => \&GeniCM::ListTickets, - "ListHistory" => \&GeniCM::ListHistory, - "RenewSlice" => \&GeniCM::RenewSlice, - },); -} -elsif ($VERSION eq "2.0") { - $responder = Frontier::Responder->new( "methods" => { - "GetVersion" => \&GeniCMV2::GetVersion, - "Resolve" => \&GeniCMV2::Resolve, - "DiscoverResources" => \&GeniCMV2::DiscoverResources, - "CreateSliver" => \&GeniCMV2::CreateSliver, - "UpdateSliver" => \&GeniCMV2::UpdateSliver, - "DeleteSliver" => \&GeniCMV2::DeleteSliver, - "GetSliver" => \&GeniCMV2::GetSliver, - "Shutdown" => \&GeniCMV2::Shutdown, - "SliverStatus" => \&GeniCMV2::SliverStatus, - "RenewSlice" => \&GeniCMV2::RenewSlice, - "GetTicket" => \&GeniCMV2::GetTicket, - "ReleaseTicket" => \&GeniCMV2::ReleaseTicket, - "UpdateTicket" => \&GeniCMV2::UpdateTicket, - "RedeemTicket" => \&GeniCMV2::RedeemTicket, - "DeleteSlice" => \&GeniCMV2::DeleteSlice, - "StartSliver" => \&GeniCMV2::StartSliver, - "StopSliver" => \&GeniCMV2::StopSliver, - "RestartSliver" => \&GeniCMV2::RestartSliver, - "BindToSlice" => \&GeniCMV2::BindToSlice, - "ListUsage" => \&GeniCMV2::ListUsage, - "ListHistory" => \&GeniCMV2::ListHistory, - },); -} -else { - XMLError(-3, "Invalid API Version"); -} - # # Use libaudit to capture any output from libraries and programs. # Send that to tbops so they can be fixed. @@ -273,17 +250,82 @@ else { LogStart(0, undef, LIBAUDIT_LOGTBOPS()); } -# Add stuff for log message if sent. -AddAuditInfo("message", $request); # CC errors to Utah for now. -AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu") - if (!$MAINSITE); +AddAuditInfo("cc", "protogeni-errors\@flux.utah.edu"); -my $response = $responder->{'_decode'}->serve($request, - $responder->{'methods'}); +# +# This is lifted from the Frontier code. I want the actual response +# object, not the XML. +# +my $decoder = Frontier::RPC2->new(); +my $call; +my $response; -# Add stuff for log message if sent. -AddAuditInfo("message", $response . "\n\n" . $request); +$request =~ s/(<\?XML\s+VERSION)/\L$1\E/; +eval { $call = $decoder->decode($request) }; +if ($@) { + XMLError(1, "error decoding RPC:\n" . $@); +} +if ($call->{'type'} ne 'call') { + XMLError(1, "expected RPC methodCall, got $call->{'type'}"); +} +my $method = $call->{'method_name'}; +if (!defined($GENI_METHODS->{$method})) { + XMLError(3, "no such method $method\n"); +} +my $result; +my $message = + "URN: $GENIURN\n". + "Module: $MODULE\n". + "Method: $method\n"; +$message .= + "Version: $GENI_VERSION\n" if (defined($GENI_VERSION)); + + +eval { $result = &{ $GENI_METHODS->{$method} }(@{ $call->{'value'} }) }; +if ($@) { + # + # These errors should get mailed to tbops. + # + print STDERR "Error executing RPC method $method:\n" . $@ . "\n"; + AddAuditInfo("to", $TBOPS); + $response = $decoder->encode_fault(4, "Internal Error executing $method"); + + AddAuditInfo("message", $message . + "Error executing RPC:\n" . $@ . "\n\n" . $request); +} +else { + if (GeniResponse::IsError($result)) { + $message .= "Error: " . $result->{'code'} . "\n"; + if ($mailerrors) { + print STDERR "Mail Errors is on.\n"; + } + } + else { + $message .= "Code: " . $result->{'code'} . "\n"; + } + $message .= "Output: " . $result->{'output'} . "\n" + if (defined($result->{'output'})); + + $message .= "Result:\n" . Dumper($result->{'value'}) . "\n\n"; + $message .= "Request:\n" . $request . "\n"; + + AddAuditInfo("message", $message); + + # + # Added this for geni-am ... + # + if (defined($GENI_RESPONSE_CONVERTER)) { + $response = &$GENI_RESPONSE_CONVERTER($result); + } + else { + $response = $decoder->encode_response($result); + } +} + +if ($debug) { + print STDERR "Debugging is on.\n"; +} # # Terminate the log capture so that we can print the response to STDOUT diff --git a/ssl/GNUmakefile.in b/ssl/GNUmakefile.in index df80858f0f4f91bca75b0b4b574c5e1027852099..68c7d4f5a043340c02171a3e17833f3484c87047 100644 --- a/ssl/GNUmakefile.in +++ b/ssl/GNUmakefile.in @@ -1,6 +1,6 @@ # # EMULAB-COPYRIGHT -# Copyright (c) 2000-2009 University of Utah and the Flux Group. +# Copyright (c) 2000-2010 University of Utah and the Flux Group. # All rights reserved. # @@ -14,11 +14,11 @@ include $(OBJDIR)/Makeconf all: emulab.pem server.pem localnode.pem ronnode.pem pcwa.pem ctrlnode.pem \ capture.pem capture.fingerprint capture.sha1fingerprint \ - keys mksig jabber.pem + keys mksig jabber.pem updatecert remote-site: emulab.pem capture.pem capture.fingerprint server.pem \ localnode.pem capture.sha1fingerprint apache.pem apache-ops.pem \ - ctrlnode.pem jabber.pem + ctrlnode.pem jabber.pem updatecert clearinghouse: emulab.pem apache.pem @@ -254,6 +254,7 @@ boss-installX: $(INSTALL_ETCDIR)/emulab.pem \ $(INSTALL_ETCDIR)/capture.sha1fingerprint \ $(INSTALL_ETCDIR)/emulab_privkey.pem \ $(INSTALL_ETCDIR)/emulab_pubkey.pem \ + $(INSTALL_SBINDIR)/updatecert \ install-conf $(INSTALL_DATA) localnode.pem $(INSTALL_ETCDIR)/client.pem chmod 640 $(INSTALL_ETCDIR)/emulab.pem @@ -282,6 +283,7 @@ remote-site-boss-install: install-dirs \ $(INSTALL_ETCDIR)/capture.sha1fingerprint \ $(INSTALL_ETCDIR)/ctrlnode.pem \ $(INSTALL_ETCDIR)/server.pem \ + $(INSTALL_SBINDIR)/updatecert \ install-conf $(INSTALL_DATA) localnode.pem $(INSTALL_ETCDIR)/client.pem chmod 640 $(INSTALL_ETCDIR)/emulab.pem diff --git a/ssl/ca.cnf.in b/ssl/ca.cnf.in index 166cbd15a86b07019d73595f8388bf5a2a0f0d92..11c9ff1078339f335ee5671c473dd82cb9f01a54 100644 --- a/ssl/ca.cnf.in +++ b/ssl/ca.cnf.in @@ -126,3 +126,8 @@ RANDFILE = $dir/.rand # private random number file default_crl_days= 30 # how long before next CRL preserve = no # keep passed DN ordering unique_subject = no + +[ typical_extensions ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints = CA:false diff --git a/ssl/updatecert.in b/ssl/updatecert.in new file mode 100644 index 0000000000000000000000000000000000000000..db8cf646671b229d766573ecd2923cc9d29b8bdc --- /dev/null +++ b/ssl/updatecert.in @@ -0,0 +1,179 @@ +#!/usr/bin/perl -w +# +# GENIPUBLIC-COPYRIGHT +# Copyright (c) 2008-2010 University of Utah and the Flux Group. +# All rights reserved. +# +use strict; +use English; +use Getopt::Std; + +# +# Initialize an emulab to act as a protogeni emulab. Add optional -c +# option if this is a clearinghouse. +# +sub usage() +{ + print "Usage: updatecert [-d] \n"; + exit(1); +} +my $optlist = "d"; +my $debug = 0; + +# +# Configure variables +# +my $TB = "@prefix@"; +my $TBOPS = "@TBOPSEMAIL@"; +my $OPENSSL = "/usr/bin/openssl"; +my $SSLDIR = "$TB/lib/ssl"; +my $CACONFIG = "$SSLDIR/ca.cnf"; +my $EMULAB_CERT = "$TB/etc/emulab.pem"; +my $EMULAB_KEY = "$TB/etc/emulab.key"; +my $WORKDIR = "$TB/ssl"; + +# un-taint path +$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin:/usr/site/bin'; +delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'}; + +# Protos +sub fatal($); +sub UpdateCert($); + +# +# Turn off line buffering on output +# +$| = 1; + +# Load the Testbed support stuff. +use lib "@prefix@/lib"; +use libtestbed; +use emutil qw(TBGetUniqueIndex); + +if ($UID != 0) { + fatal("Must be root to run this script\n"); +} + +# +# Check args. +# +my %options = (); +if (! getopts($optlist, \%options)) { + usage(); +} +if (defined($options{"d"})) { + $debug++; +} +usage() + if (!@ARGV); +my $certfile = $ARGV[0]; + +fatal("No such file: $certfile") + if (! -e $certfile); + +exit(UpdateCert($certfile)); + +# +# Update a certificate using the installed CA. +# +sub UpdateCert($) +{ + my ($file) = @_; + + # Update by changing serial. + my $serial = TBGetUniqueIndex( "user_sslcerts" ); + + # + # Make sure we can get find the private key in the file, and + # save it for later. + # + my $privkey; + my $string; + + open(CERT, $file) + or fatal("Could not open $file"); + while () { + my $line = $_; + if ($line =~ /^-----BEGIN RSA/) { + $string = $line; + next; + } + if ($line =~ /^-----END RSA/) { + $string = $string .= $line; + $privkey = $string; + next; + } + $string .= $line + if (defined($string)); + } + close(CERT); + if (!defined($privkey)) { + fatal("Could not find private key in $file"); + } + $file = `realpath $file`; + chomp($file); + + # + # CD to the workdir, and then serialize on the lock file since + # there is some shared goop that the ssl tools muck with (serial + # number, index, etc.). + # + chdir("$WORKDIR") or + fatal("Could not chdir to $WORKDIR: $!"); + + TBScriptLock("mkusercert") == 0 or + fatal("Could not get the lock!"); + + # + # Need an index file, which is the openssl version of the DB. + # + if (! -e "index.txt") { + open(IND, ">index.txt") + or fatal("Could not create index.txt"); + close(IND); + } + + # + # Save the new certificate to a temporary file: OpenSSL will reuse the + # plain text from the old certificate instead of the current version, + # so we regenerate the whole thing to avoid confusion. + # + my $newcert = "/tmp/$$.pem"; + my $newreq = "/tmp/$$.req"; + + # Need a serial number file. + open(SER, ">serial") + or fatal("Could not open serial for writing"); + printf SER "%08x\n", $serial; + close(SER); + + system("$OPENSSL x509 -x509toreq -in $file -signkey $file >$newreq"); + if ($?) { + fatal("Could not create new certificate request"); + } + system("$OPENSSL ca -batch -policy policy_match -days 2000 ". + " -name CA_syscerts -config $CACONFIG -in $newreq ". + " -extensions typical_extensions ". + " -cert $EMULAB_CERT -keyfile $EMULAB_KEY -out $newcert"); + if ($?) { + fatal("Could not create new certificate"); + } + + # Put the private key back into the new file. + open(CERT, ">>$newcert") + or fatal("Could not open $newcert for writing"); + print CERT $privkey; + close(CERT); + print "New certificate written to $newcert\n"; + TBScriptUnlock(); + + return 0; +} + +sub fatal($) +{ + my ($msg) = @_; + + die("*** $0:\n". + " $msg\n"); +} diff --git a/tbsetup/libossetup.pm.in b/tbsetup/libossetup.pm.in index 13f919fb4a5a431068e2e297573e8304be46827b..16d608aff2aa81f1ef73ffecf5a4d298149ba183 100644 --- a/tbsetup/libossetup.pm.in +++ b/tbsetup/libossetup.pm.in @@ -1155,6 +1155,19 @@ sub Retry($$) return $?; } +##################################################################### +package libossetup_pcRemote; +use base qw(libossetup_pc); + +use libdb; +use libtestbed; +use libossetup; +use libtblog; +use Node; +use English; +use Data::Dumper; +use overload ('""' => 'Stringify'); + ##################################################################### # # This is a wrapper for virtnodes; hopefully most virtnodes can share diff --git a/tbsetup/libvtop.pm.in b/tbsetup/libvtop.pm.in index 7d795c6c19c8b1bf39827808232c4307ffac151a..a5495024e7eee94f725c23a616470ffd8d7bf53b 100644 --- a/tbsetup/libvtop.pm.in +++ b/tbsetup/libvtop.pm.in @@ -247,9 +247,11 @@ sub Create($$$) my $self = {}; bless($self, $class); - $self->{'VIRTNODE'} = $virt_node; - $self->{'VTOP'} = $vtop; - $self->{'HASH'} = {}; + $self->{'VIRTNODE'} = $virt_node; + $self->{'VTOP'} = $vtop; + $self->{'HASH'} = {}; + # The virtlans this virtnode is a member of. + $self->{'MEMBERSHIP'} = {}; return $self; } @@ -257,6 +259,8 @@ sub Create($$$) sub virt_node($) { return $_[0]->{'VIRTNODE'}; } sub vtop($) { return $_[0]->{'VTOP'}; } sub hash($) { return $_[0]->{'HASH'}; } +sub membership($) { return $_[0]->{'MEMBERSHIP'}; } +sub memberlist($) { return values(%{ $_[0]->{'MEMBERSHIP'} }); } # Break circular reference someplace to avoid exit errors. sub DESTROY { @@ -265,6 +269,7 @@ sub DESTROY { $self->{'VIRTNODE'} = undef; $self->{'VTOP'} = undef; $self->{'HASH'} = undef; + $self->{'MEMBERSHIP'} = undef; } sub Stringify($) @@ -1036,6 +1041,9 @@ sub LoadVirtLans($) # Global map from vnode:port back to the lan object $self->memberof()->{$vlanmember->member()} = $virtlan; + # Each virt_node has a list of all virt_lans it belongs to. + $vlanmember->virt_node()->membership()->{"$virtlan"} = $virtlan; + # Other fields we need below my $delay = $vlanmember->delay(); my $bandwidth = $vlanmember->bandwidth(); @@ -1234,7 +1242,7 @@ sub GenVirtNodes($) return -1; } my $ref = { 'virtual_id' => $vname, - 'component_urn' => $vnode->fixed(), + 'request_urn' => $vnode->fixed() }; if ($vnode->_isvirtnode()) { $ref->{'virtualization_type'} = 'emulab-vnode'; @@ -1410,7 +1418,7 @@ sub GenFixNodes($) tbwarn("GenFixNodes: No fixed node for $vname\n"); } - # Normal nodes have a vnodem but delay nodes do not. + # Normal nodes have a vnode but delay nodes do not. if (!defined($vnode) && !$self->isadelaynode($vname)) { tbwarn("GenFixNodes: No vnode for $vname\n"); } @@ -1894,46 +1902,25 @@ sub GenVirtLans($) $trivial_ok = $vlan->_trivial_ok(); if ($sharednodes) { - my $newencap; - - if ($sharednodes != $allnodes || $vlan->_needvlan()) { - # - # Change the encap type to vlan since that is supported. - # - if ($nodesdo{"vlan"} == $allnodes) { - $newencap = "vlan"; - } - # Force this on. - $emulated = 1; - } - else { - if ($nodesdo{"veth-en"} == $allnodes) { - # Veth means encapsulated. - $newencap = "veth"; - } - elsif ($nodesdo{"veth-ne"} == $allnodes) { - $newencap = "veth-ne"; - } - elsif ($nodesdo{"vlan"} == $allnodes) { - $newencap = "vlan"; - } - # Force this on. - $emulated = 1; - } - if (defined($newencap)) { - $encapval = $newencap; - $vlan->_emulated($emulated); - $vlan->_encapstyle($newencap); - - $self->printdb("Converting encapstyle to ". - "$encapval on $vname\n"); - } - else { - tberror("Cannot find a common encapstyle for $vname\n"); + # + # All nodes must support vlan encapsulation since that is how we + # create the links. Even if only one node in the link or + # lan is on a shared node, they must all do vlan encap. + # If none of the nodes land on a shared node, then use the + # requested vlan encap. Right, this decision is actually made + # later after assign maps the resources. + # + if ($nodesdo{"vlan"} != $allnodes) { + tberror("Shared nodes requested for $vname, but vlan encapsulation\n". + "not supported on all nodes.\n"); $errors++; } } - elsif ($nodesdo{$encapval} == $allnodes) { + # + # Regardless of shared nodes, there must be a common encapsulation style + # in case no shared nodes are used (and vlan encap is not needed). + # + if ($nodesdo{$encapval} == $allnodes) { # # All members support the encapsulation style, use it. # @@ -2340,7 +2327,7 @@ sub GenVirtLans($) if (defined($fixed) && $fixed ne "") { my ($authority,$type,$nodeid) = GeniHRN::Parse($fixed); - $noderef->{'component_urn'} = + $noderef->{'request_urn'} = GeniHRN::Generate($authority, "node", "*"); } my $ref = { @@ -3189,7 +3176,7 @@ sub AddLinkToSolution($$$$$$$$) tberror("Bad vlink in solution: $vlink\n"); return -1; } - + $self->solution_plinks()->{$vlink} = [$linktag,$virtlan,$trivial,$direct,$member0,$member1]; if (!$trivial) { @@ -3678,14 +3665,15 @@ sub AllocNodes($) $self->fixednodes()->{$vname} = $nodeid; # And add to the results for the next vtop print. - $self->addfixed("$vname $nodeid"); + $self->addfixed("$vname $nodeid") + if (!$pnode->isfednode()); } } } if ($exitval > 0) { # - # We got some but no all the nodes. + # We got some but not all the nodes. # my $rcount = scalar(@reserved); my $tcount = scalar(@nodeids); @@ -3726,7 +3714,8 @@ sub AllocNodes($) $self->fixednodes()->{$vname} = $nodeid; # And add to the results for the next vtop print. - $self->addfixed("$vname $nodeid"); + $self->addfixed("$vname $nodeid") + if (!$pnode->isfednode()); } } } @@ -3799,11 +3788,45 @@ sub AllocNodes($) if (defined($self->rspec()) && !($self->impotent() || $self->alloconly())) { $self->printdb("Requesting geni tickets ...\n"); - - if (libGeni::GetTickets($self->experiment(), $self->verbose(), - $self->user(), $self->rspec())) { - tberror("Could not allocate Geni Tickets\n"); - return -1; + + my $progress = libGeni::GetTickets($self->experiment(), + $self->verbose(), + $self->user(), $self->rspec()); + if ($progress) { + tberror("Error allocating (some) Geni Tickets\n"); + # + # Need to find out what geni nodes we could not get tickets for. + # The local proxy nodes for them need to be released, and if we + # made forward progress, we try again in another loop through. + # The rest of the solution state will get cleared before + # the next loop, but calling nfree is easiest here. + # + my @tofree = (); + + foreach my $pnode (@reserved) { + my $nodeid = $pnode->node_id(); + + # + # XXX See libGeni; it sets external_resource_index if the + # if we get a ticket. Need a state variable instead. + # + if (exists($self->solution()->{'TORESERVE'}->{$nodeid}) && + !defined($pnode->external_resource_index())) { + push(@tofree, $nodeid); + } + } + if (@tofree) { + tbinfo("Releasing unticketed nodes: @tofree\n"); + system("$NFREE $pid $eid @tofree"); + if ($?) { + tberror("Could not free unticketed nodes\n"); + return -1; + } + foreach my $nodeid (@tofree) { + delete($self->newreserved()->{$nodeid}); + } + } + return $progress; } tbinfo("Successfully got all geni tickets we needed.\n"); } @@ -3891,6 +3914,18 @@ sub AllocNodes($) $self->pnodes()->{$vpnode->node_id()} = $vpnode; $virtnode->_onsharednode($pnode->_sharedhost()); $virtnode->_pnode($vpnode); + + # + # Minor post processing; Whenever a shared node is + # selected by assign, must reset the encap style of + # the lans it is a memberof, to vlan encap. + # + if ($virtnode->_onsharednode()) { + foreach my $virtlan ($virtnode->memberlist()) { + $virtlan->_needvlan(1); + $virtlan->_encapstyle("vlan"); + } + } } else { # Default this for physnodes. @@ -4444,14 +4479,9 @@ sub InterpLinks($) # there is a postpass to merge the vlans into a single # supervlan since a nodeport can be in just a single vlan. # - # If both nodes shared, do not need the vlan. - # If only one of the nodes is shared, must still create - # an underlying vlan. - # # - if ((!($virtnodeA->_onsharednode() && - $virtnodeB->_onsharednode())) || - $virtlan->_needvlan()) { + if ($virtnodeA->_onsharednode() || + $virtnodeB->_onsharednode() || $virtlan->_needvlan()) { my $lanid = "v" . "$lan" . $vlanid++; $protovlan = ProtoLan->Create($experiment, $lanid, @@ -4561,7 +4591,7 @@ sub InterpLinks($) "$nodeA:$portA,$nodeB:$portB\n"); $protolink = ProtoLan->Create($experiment, $lan, - $self->impotent(), + $self->impotent() || $self->alloconly()); $protolink->SetType("trivial"); $protolink->SetRole("link/lan"); @@ -4619,9 +4649,7 @@ sub InterpLinks($) # my $protovlan; - if (!$virtlan->_sharednodes() || - $virtlan->_sharednodes() != $virtlan->memberlist() || - $virtlan->_needvlan()) { + if (!$virtlan->_sharednodes() || $virtlan->_needvlan()) { if (exists($protovlans{$lan})) { $protovlan = $protovlans{$lan}; } @@ -4966,6 +4994,8 @@ sub InterpLinks($) # Write the vlans to the DB. $self->UploadVlans() == 0 or return -1; + $self->UpLoadIPAddresses() == 0 + or return -1; $self->UpLoadTunnels() == 0 or return -1; $self->UpLoadInterfaceSettings() == 0 @@ -5396,7 +5426,7 @@ sub NewVirtIface($$$$;$) my $ip = $member->ip(); my $mask = $member->mask(); my $encap = $virtlan->_encapstyle(); - my $isveth = ($encap eq "veth" || $encap eq "veth-ne"); + my $isveth = (($encap eq "veth" || $encap eq "veth-ne") ? 1 : 0); my $vllidx = $virtlan->idx(); my $rtabid = $self->getrtabid($pnode, $member); my $exptidx = $self->experiment()->idx(); @@ -6054,8 +6084,6 @@ sub UploadVlans($) } } } - $self->UpLoadIPAddresses() == 0 - or return -1; return 0; } diff --git a/tbsetup/pool_daemon.in b/tbsetup/pool_daemon.in index 680571893845b9ced70a4ece84c83e675a2a65e3..caf767a68aeab98fcab9d12eac0e587278875779 100644 --- a/tbsetup/pool_daemon.in +++ b/tbsetup/pool_daemon.in @@ -222,7 +222,7 @@ while (!$killme) { notify("Cannot get the lock after a really long time"); $tries = 0; } - chat("Waiting for pool daemon lock ...\n"); + print "Waiting for pool daemon lock ...\n"; sleep(10); } } diff --git a/tbsetup/swapexp.in b/tbsetup/swapexp.in index 505ef47e7de66a6523173fae0c4dfba42e2b9786..0cb51dfbbc26945a096785a131f237729d439e4a 100644 --- a/tbsetup/swapexp.in +++ b/tbsetup/swapexp.in @@ -1402,14 +1402,19 @@ sub cleanup() } elsif ($inout eq "modify") { # - # If the modify fails, and the experiment is swapped out, then - # insert a record for that since that is different then a modify - # that fails, but results in the experiment being restored the - # way it was. + # If the modify fails, must clean up the record (remove it). + # + $experiment->SwapFail($this_user, TBDB_STATS_SWAPMODIFY, $errorstat); + + # + # If it got swapped out, then force this into the record. The + # time stamps will be funky, but no big deal. Just looks like a + # really fast swapout. # - $experiment->SwapFail($this_user, TBDB_STATS_SWAPMODIFY, $errorstat, - ($modifyHosed ? TBDB_STATS_FLAGS_MODHOSED() :0)); if ($modifySwapped) { + $experiment->PreSwap($this_user, + TBDB_STATS_SWAPOUT, EXPTSTATE_ACTIVE); + sleep(1); $experiment->PostSwap($this_user, TBDB_STATS_SWAPOUT); } } diff --git a/tbsetup/tbprerun.in b/tbsetup/tbprerun.in index 6c6883eca8b94ee42466c92eb35101975d16a8c3..2ecd5a38eb9735cd99a853ead351ee5ad740e4ae 100644 --- a/tbsetup/tbprerun.in +++ b/tbsetup/tbprerun.in @@ -1,7 +1,7 @@ #!/usr/bin/perl -w # # EMULAB-COPYRIGHT -# Copyright (c) 2000-2009 University of Utah and the Flux Group. +# Copyright (c) 2000-2010 University of Utah and the Flux Group. # All rights reserved. # use strict; @@ -350,12 +350,8 @@ if (!$experiment->elabinelab()) { # This is the only DB state that is modified during a top only run. # if (!$zeemode) { - my $cmd = "$wrapper -t $pid $eid"; + my $cmd = "$vtopgen -p $pid $eid"; - if ($pid eq "testbed" || $pid eq "tbres" || $pid eq "emulab-ops" || - $this_user->stud()) { - $cmd = "$vtopgen -p $pid $eid"; - } TBDebugTimeStamp("assign prerun started"); print "Doing a pre-assign: '$cmd' ...\n"; diff --git a/tbsetup/tbreport.in b/tbsetup/tbreport.in index f8d1b7c2b88e36ef2e2c6dc5c412cb7bcf43c7df..48a337f62f6ac9dc5099c10f74618361164c8839 100644 --- a/tbsetup/tbreport.in +++ b/tbsetup/tbreport.in @@ -397,6 +397,9 @@ if ($showlinks) { my $rbackfill = $row{"rbackfill"}; my $rlossrate = $row{"rlossrate"}; my $protocol = $row{"protocol"}; + my $fixed_iface = $row{"fixed_iface"}; + $protocol .= " ($fixed_iface)" + if (defined($fixed_iface) && $fixed_iface ne ""); push @data, [$vname, $member, $ipmap{$member}, $delay, $bandwidth, $backfill, $lossrate]; push @data, ["", $protocol, $mask, $rdelay, $rbandwidth, $rbackfill, $rlossrate]; diff --git a/tmcd/tmcd.c b/tmcd/tmcd.c index bcbae65e0fbe505290548e74abd5135f874275a7..61c1706873628db18d9b15f51b87eb5d5dba2f74 100644 --- a/tmcd/tmcd.c +++ b/tmcd/tmcd.c @@ -1672,12 +1672,16 @@ COMMAND_PROTOTYPE(doifconfig) * Find all the virtual interfaces. */ res = mydb_query("select v.unit,v.IP,v.mac,i.mac,v.mask,v.rtabid, " - " v.type,vll.vname,v.virtlanidx,la.attrvalue " + " v.type,vll.vname,v.virtlanidx,la.attrvalue, " + " l.lanid " " from vinterfaces as v " "left join interfaces as i on " " i.node_id=v.node_id and i.iface=v.iface " "left join virt_lan_lans as vll on " " vll.idx=v.virtlanidx and vll.exptidx=v.exptidx " + "left join lans as l on " + " l.exptidx=vll.exptidx and l.vname=vll.vname and " + " l.link is null " "left join lan_attributes as la on " " la.lanid=v.vlanid and la.attrkey='vlantag' " "left join lan_attributes as la2 on " @@ -1686,7 +1690,7 @@ COMMAND_PROTOTYPE(doifconfig) " (la2.attrvalue='Experimental' or " " la2.attrvalue is null) " " and %s", - 10, reqp->exptidx, reqp->pnodeid, buf); + 11, reqp->exptidx, reqp->pnodeid, buf); if (!res) { error("%s: IFCONFIG: DB Error getting veth interfaces!\n", reqp->nodeid); @@ -1703,20 +1707,32 @@ COMMAND_PROTOTYPE(doifconfig) } while (nrows) { char *bufp = buf; + char *ifacetype; int isveth, doencap; row = mysql_fetch_row(res); nrows--; - if (strcmp(row[6], "veth") == 0) { + if (strcmp(row[6], "vlan") == 0 && !row[3]) { + /* + * Convert to a loopback lan, however the client + * is able to do it. + */ + isveth = 0; + doencap = 0; + ifacetype = "loop"; + } else if (strcmp(row[6], "veth") == 0) { isveth = 1; doencap = 1; + ifacetype = "veth"; } else if (strcmp(row[6], "veth-ne") == 0) { isveth = 1; doencap = 0; + ifacetype = "veth"; } else { isveth = 0; doencap = 0; + ifacetype = row[6]; } /* @@ -1739,7 +1755,7 @@ COMMAND_PROTOTYPE(doifconfig) bufp += OUTPUT(bufp, ebufp - bufp, "IFACETYPE=%s " "INET=%s MASK=%s ID=%s VMAC=%s PMAC=%s", - isveth ? "veth" : row[6], + ifacetype, row[1], CHECKMASK(row[4]), row[0], row[2], row[3] ? row[3] : "none"); @@ -1765,7 +1781,9 @@ COMMAND_PROTOTYPE(doifconfig) char *tag = "0"; if (isveth) tag = row[8]; - else if (strcmp(row[6], "vlan") == 0) + else if (strcmp(ifacetype, "loop") == 0) + tag = row[10]; + else if (strcmp(ifacetype, "vlan") == 0) tag = row[9] ? row[9] : "0"; /* sanity check the tag */ @@ -1776,7 +1794,6 @@ COMMAND_PROTOTYPE(doifconfig) bufp += OUTPUT(bufp, ebufp - bufp, " VTAG=%s", tag); } - OUTPUT(bufp, ebufp - bufp, "\n"); client_writeback(sock, buf, strlen(buf), tcp); if (verbose) diff --git a/www/defs.php3.in b/www/defs.php3.in index 8d50e47d05e8462bb20473f1ab5da8b18fcc689f..acdda373a673a2d1ae9387d0a613ae8a81bceb6d 100644 --- a/www/defs.php3.in +++ b/www/defs.php3.in @@ -486,6 +486,11 @@ function CHECKPASSWORD($uid, $password, $name, $email, &$error) $error = ""; return 0; } + # Ascii only. + if (! TBvalid_userdata($password)) { + $error = "Invalid characters; ascii only please"; + return 0; + } $uid = escapeshellarg($uid); $password = escapeshellarg($password); diff --git a/www/pub_defs.php b/www/pub_defs.php index 60501f493c01f8430ec88325707ced294a92d4aa..c2af13a28ffe2ea9e20ecd77c42d6032239387c8 100644 --- a/www/pub_defs.php +++ b/www/pub_defs.php @@ -20,6 +20,8 @@ function MayEditPub($user, $isadmin, $row) { if ($pid == '') return false; $proj = Project::LookupByPid($pid); + if (!$proj) + return false; return TBMinTrust($proj->UserTrust($user), $TBDB_TRUST_LOCALROOT); } diff --git a/www/pubs.html b/www/pubs.html index 5e5a4d8ffe995cd8a0194ea56cce40c6db4fe416..5755f8f87f3f813c23411e75b4972cef49bf2f8a 100644 --- a/www/pubs.html +++ b/www/pubs.html @@ -34,6 +34,20 @@ August 2010.

+

  • + <NEW> + + Toward Replayable Research in Networking and Systems. + Eric Eide. + Position paper presented at + Archive '10, the + NSF Workshop on Archiving Experiments to Raise Scientific + Standards, + Salt Lake City, UT, + May 2010. +

    +