X-Git-Url: https://git.distorted.org.uk/~mdw/userv-utils/blobdiff_plain/62ccb81a567f14d36a0c62964ca70c5e035f573e..8bb9d875e22b456711478e9d9972d458e8eb0d48:/ipif/udptunnel diff --git a/ipif/udptunnel b/ipif/udptunnel index 6b3d1ea..0698d87 100755 --- a/ipif/udptunnel +++ b/ipif/udptunnel @@ -8,6 +8,7 @@ # | -m (`masquerade support': subcommand gets `Wait' instead of our addr/port) # | -d (`dump keys': when no subcmd, spew keys rather than reading them; # we always send keys to our subcmd if there is one) +# | -Dcrypto (debug crypto - use with care, prints keys, packets &c on screen!) # | -f # ... # ] @@ -97,7 +98,7 @@ # along with userv-utils; if not, write to the Free Software # Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # -# $Id: udptunnel,v 1.11 2000/05/30 22:49:36 ian Exp $ +# $Id: udptunnel,v 1.14 2000/05/31 00:58:53 ian Exp $ use Socket; use POSIX; @@ -158,7 +159,7 @@ sub show_addr_port ($) { return show_addr($s).','.show_port($s); } sub arg_value ($$) { - my ($val,$opt); + my ($val,$opt) = @_; $_= '-'; return $val if length $val; @ARGV or quit("$opt needs value"); @@ -172,6 +173,7 @@ $|=1; $masq= 0; $dump= 0; $fcmd= 'udptunnel-forwarder'; +$xfwdopts= ''; while ($ARGV[0] =~ m/^-/) { $_= shift @ARGV; @@ -185,12 +187,17 @@ while ($ARGV[0] =~ m/^-/) { $fcmd= arg_value($_,'-f'); } elsif (s/^-e//) { $encrarg= arg_value($_,'-e'); - push @encrargs, "-e$encrarg"; - push @encryption, split m#/#, $encrarg; + push @remoteopts, "-e$encrarg"; + @thisencryption= split m#/#, $encrarg; + $thisencryption[0] =~ s/^/\|/; + push @encryption, @thisencryption; } elsif (s/^-m/-/) { $masq= 1; } elsif (s/^-d/-/) { $dump= 1; + } elsif (s/^-Dcrypto$/-/) { + $xfwdopts.= 'K'; + push @remoteopts, '-Dcrypto'; } else { quit("unknown option \`$_'"); } @@ -255,7 +262,7 @@ if (@ARGV) { $rad= xform_remote(show_addr($rs),$ras); $rpd= xform_remote(show_port($rs),$rps); @rcmd= (@ARGV, - @encrargs, + @remoteopts, "$rad,$rpd", $masq ? 'Wait,Wait' : $lapd, "$rva,$lva,$mtu,$proto", @@ -267,10 +274,10 @@ if (@ARGV) { pipe(RAPREAD,RCMDREADSUB) or fail("pipe"); select(RCMDREADSUB); $|=1; select(STDOUT); } - pipe(DUMPKEYS,RCMDWRITESUB) or fail("pipe"); + pipe(RCMDWRITESUB,DUMPKEYS) or fail("pipe"); defined($c_rcmd= fork) or fail("fork for remote"); if (!$c_rcmd) { - open STDIN, ">&RCMDWRITESUB" or fail("reopen stdin for remote command"); + open STDIN, "<&RCMDWRITESUB" or fail("reopen stdin for remote command"); open STDOUT, ">&RCMDREADSUB" or fail("reopen stdout for remote command") if $rapcmd; close RAPREAD if $rapcmd; @@ -345,17 +352,18 @@ if (!$c_lcmd) { close UW; close DR; -@fcmd= ($fcmd, - fileno(L), fileno(DW), fileno(UR), +$xfwdopts.= 'w' if $dump; + +@fcmd= ($fcmd, $xfwdopts, + fileno(L), fileno(DW), fileno(UR), fileno(DUMPKEYS), $mtu, $keepalive, $timeout, @rapf, - fileno(DUMPKEYS), $dump ? 'y' : '', @encryption); debug("forwarding command @fcmd."); defined($c_fwd= fork) or fail("fork for udptunnel-forwarder"); if (!$c_fwd) { - foreach $fd (qw(L DW UR)) { + foreach $fd (qw(L DW UR DUMPKEYS)) { fcntl($fd, F_SETFD, 0) or fail("set no-close-on-exec $fd"); } exec @fcmd; fail("cannot execute $fcmd[0]"); @@ -376,11 +384,12 @@ $estatus= 0; while (keys %procs) { ($c= wait) >0 or fail("wait failed (expecting ". join('; ',keys %procs). ")"); - warning("unexpected child reaped: pid $c, code $?"), next + $status= $?; + warning("unexpected child reaped: pid $c, code $status"), next unless exists $procs{$c}; $str= $procs{$c}; delete $procs{$c}; - $? ? warning("subprocess $str failed with code $?") + $status ? warning("subprocess $str failed with code $status") : debug("subprocess $str finished"); if ($c==$c_lcmd || $c==$c_fwd || $c==$c_rcmd) { kill 15, grep (exists $procs{$_}, $c_fwd, $c_rcmd);