From: Xiao-Yong Jin <meta.jxy@gmail.com>
To: 9front@9front.org
Subject: tls boot over aan
Date: Fri, 11 Sep 2020 01:02:05 -0500 [thread overview]
Message-ID: <78B5176C-F05B-43F1-8421-B4CBA620AD3A@gmail.com> (raw)
I made the following changes so that I can boot with tls over aan.
srvtlsaan connects to rcpu and start aan that trampolines to net!$fs!9fs.
diff -r d8b6a8706f51 rc/bin/srvtlsaan
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/rc/bin/srvtlsaan Fri Sep 11 00:50:11 2020 -0500
@@ -0,0 +1,82 @@
+#!/bin/rc
+rfork e
+
+fn usage {
+ echo 'usage: srvtlsaan [ -abcCnq ] [ -m aanto ] [ -p aanport ] [ -k keyspec ] [net!]system[!service] [ srvname [ mtpt ] ]' >[1=2]
+ exit usage
+}
+
+aanto=86400
+aanport=0
+mopt=()
+mtpt=()
+client=(/bin/tlsclient -a)
+
+while(~ $1 -*){
+ switch($1){
+ case -[abcCnq]*; mopt=($mopt $1)
+ case *
+ ~ $#* 1 && usage
+ switch($1){
+ case -m; aanto=$2
+ case -p; aanport=$2
+ case -k; client=($client $1 $2)
+ case *; usage
+ }
+ shift
+ }
+ shift
+}
+
+switch($#*){
+case 1; srv=/srv/$1
+case 2; srv=/srv/$2
+case 3; srv=/srv/$2; mtpt=$3
+case *; usage
+}
+
+switch($1){
+case *!*!*; host=$1
+case *!*; host=$1!rcpu
+case *; host=net!$1!rcpu
+}
+
+script='
+aanport='$aanport'
+aanto='$aanto'
+aanpipe=aan9fs
+~ $#netdir 1 || netdir=/net/tcp/clone
+netdir=`{basename -d $netdir} || exit netdir
+<>$netdir/clone {
+ netdir=$netdir/^`{read} || exit clone
+ >[3] $netdir/ctl {
+ echo -n ''announce *!''$aanport >[1=3]
+ cat $netdir/local || exit local
+ bind ''#|'' /mnt/$aanpipe || exit pipe
+ exec aan -m $aanto $netdir <>/mnt/$aanpipe/data1 >[1=0] >[2]/dev/null &
+ }
+}
+<>/mnt/$aanpipe/data >[1=0] >[2]/dev/null {
+ rm -f /env/^(''fn#server'' aanport aanto aanpipe)
+ exec tlssrv -A /bin/aux/trampoline ''net!$fs!9fs''
+}
+'
+
+aanpipe=aan9fsc
+bind '#|' /mnt/$aanpipe || exit pipe
+
+fn startaan {
+ echo $script | wc -c
+ echo $script
+ na=`{echo -n $host | sed 's|![^!]*$|!|'}^`{read | sed 's|.*!||'}
+ exec aan -c -m $aanto $na <>/mnt/$aanpipe/data1 >[1=0] >[2]/dev/null &
+}
+
+$client $host /bin/rc -c startaan
+
+fn post {
+ echo 0 >$srv
+}
+if(test -f $srv || $client -o /mnt/$aanpipe/data /bin/rc -c post){
+ ~ $#mtpt 0 || mount $mopt $srv $mtpt
+}
diff -r d8b6a8706f51 sys/src/9/boot/bootfs.proto
--- a/sys/src/9/boot/bootfs.proto Mon Sep 07 19:32:50 2020 -0700
+++ b/sys/src/9/boot/bootfs.proto Fri Sep 11 00:50:11 2020 -0500
@@ -1,6 +1,7 @@
$objtype
bin
9660srv
+ aan
awk
auth
secstore
@@ -32,6 +33,7 @@
dnsgetip
hjfs
rc
+ read
rm
sed
sleep
@@ -44,6 +46,7 @@
ether
disk
kb
+ wc
xd
rc
lib
@@ -55,6 +58,7 @@
fstype
diskparts
srvtls
+ srvtlsaan
nusbrc 555 sys sys ../boot/nusbrc
bootrc 555 sys sys ../boot/bootrc
tmp
diff -r d8b6a8706f51 sys/src/9/boot/net.rc
--- a/sys/src/9/boot/net.rc Mon Sep 07 19:32:50 2020 -0700
+++ b/sys/src/9/boot/net.rc Fri Sep 11 00:50:11 2020 -0500
@@ -65,25 +65,32 @@
}
fn connecttcp{
- while(! ~ $#fs 0 && ! srv -q tcp!$fs(1)^!564 boot)
+ while(! ~ $#fs 0 && ! srv -q $srvopt tcp!$fs(1)^!564 boot)
fs=$fs(2-);
fs=$fs(1)
}
fn connecttls{
- while(! ~ $#fs 0 && ! srvtls -q tcp!$fs(1)^!17020 boot)
+ while(! ~ $#fs 0 && ! srvtls -q $srvopt tcp!$fs(1)^!17020 boot)
+ fs=$fs(2-);
+ fs=$fs(1)
+}
+
+fn connecttlsaan{
+ while(! ~ $#fs 0 && ! srvtlsaan -q $srvopt tcp!$fs(1)^!17019 boot)
fs=$fs(2-);
fs=$fs(1)
}
fn connectil{
- while(! ~ $#fs 0 && ! srv -q il!$fs(1)^!17008 boot)
+ while(! ~ $#fs 0 && ! srv -q $srvopt il!$fs(1)^!17008 boot)
fs=$fs(2-);
fs=$fs(1)
}
mtcp=(confignet connecttcp)
mtls=(confignet connecttls)
+mtlsaan=(confignet connecttlsaan)
mil=(confignet connectil)
-mt=(mtcp mtls mil $mt)
+mt=(mtcp mtls mtlsaan mil $mt)
next reply other threads:[~2020-09-11 6:02 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-11 6:02 Xiao-Yong Jin [this message]
2020-09-11 17:24 ` Xiao-Yong Jin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=78B5176C-F05B-43F1-8421-B4CBA620AD3A@gmail.com \
--to=meta.jxy@gmail.com \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).