Initial version of glue - going to abandon -alloc stuff.

5 files changed, 116 insertions, 1 deletions

diff --git a/ipif/Makefile b/ipif/Makefile
index 2bcea8c..c8f6673 100644
--- a/ipif/Makefile
+++ b/ipif/Makefile
@@ -3,4 +3,16 @@
 CFLAGS=		-Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith \
 		-Wwrite-strings -g -D_GNU_SOURCE
 
-all:		service
+etc=		/etc
+prefix=		/usr/local
+libipif=	$(prefix)/lib/userv-ipif
+etcipif=	$(etc)/userv/ipif
+
+TARGETS=	service
+
+all:		$(TARGETS)
+
+install:	all
+		mkdir -p $(libipif) $(etcipif)
+		cp service alloc.pl $(libdir)/.
+		touch $(etcipif)/networks
diff --git a/ipif/alloc.pl b/ipif/alloc.pl
new file mode 100644
index 0000000..15d7615
--- /dev/null
+++ b/ipif/alloc.pl
@@ -0,0 +1,81 @@
+#!/usr/bin/perl
+
+$etcdir= '/etc/userv/ipif';
+chdir($etcdir) or die "$0: chdir $etcdir: $!\n";
+
+$descallowd= '-][()+_\'":=;,./|';
+
+sub usage () {
+    die <<END;
+Allocates an RFC1918 address and records it
+usage: userv ipif-alloc <group|gid> [<prefix>]/<size> <description>
+<description> may contain alphanums, spaces and $descallowed
+END
+}
+
+@ARGV==3 or usage();
+($group, $pfxsize, $desc) = @ARGV;
+
+$super= 0;
+
+open X, "config" or die "$0: open config: $!\n";
+while (<X>) {
+    next if m/^\#/;
+    next if !m/\S/;
+    chomp; s/\s+$//;
+    if (m/^supergroup\s+(\w+)$/) {
+	$super= am_gid($1);
+    } elsif (m/^maxpergid\s+(\d+)$/) {
+	$maxpergid= $1;
+    } elsif (m,^range\s+([.0-9]+)/(\d+)$,) {
+	($allow_p, $allow_m, $allow_l) = parse_range($1,$2);
+    } else {
+	die "$0: config:$.: unknown directive: $_\n";
+    }
+}
+close X or die "$0: read config: $!\n";
+
+if ($pfxsize =~ m,^([.0-9]+)/(\d+)$,) {
+    ($want_p, $want_m, $want_l) = parse_range($1,$2);
+    if (!$super && !overlap($want_p,$want_m, $allow_p,$allow_m)) {
+	die "$0: permission denied (out of required range)\n";
+    }
+} elsif ($pfxsize =~ m,^/(\d+)$,) {
+    undef $want_p;
+    undef $want_m;
+    $want_l= $1;
+} else {
+    die "$0: bad request: $pfxsize\n";
+}
+
+$gid= get_gid($group);
+if (!am_gid($gid)) {
+    die "$0: you are not gid $gid\n";
+}
+
+$op.= '';
+$max_p= 0; $max_m= 0;
+
+open Y, "auto-nets" or die "$0: open auto-nets: $!\n";
+for (;;) {
+    $!= 0; chomp($_= <Y>);
+    length or die "$0: read auto-nets: $!\n";
+    last if m/^\#end/;
+    next if m/^\#/;
+    $op.= $_."\n";
+    m:^(\d+),([.0-9]+)/(\d+),.*: or die "$0: auto-nets:$.: syntax error: $_\n";
+    $this_gid= $1;
+    ($this_p, $this_m, $this_l) = parse_range($2,$3);
+    if (defined($want_p)) {
+	if (overlap($want_p,$want_m, $this_p,$this_m)) {
+	    die "$0: overlaps with existing allocation (auto-nets:$.)\n";
+	}
+    } else {
+	if ($this_p > $max_p) {
+	    ($this_p,$this_m) = ($max_p,$max_m);
+	}
+    }
+    
+    
+    next if $1 ne $gid;
+    
diff --git a/ipif/config b/ipif/config
new file mode 100644
index 0000000..52a3958
--- /dev/null
+++ b/ipif/config
@@ -0,0 +1,3 @@
+supergroup	0
+maxpergid	256
+range		10.232.0.0/15
diff --git a/ipif/ipif b/ipif/ipif
new file mode 100644
index 0000000..a019469
--- /dev/null
+++ b/ipif/ipif
@@ -0,0 +1,9 @@
+if ( grep calling-user-shell /etc/shells
+   & glob service-user root
+   )
+	reset
+	no-set-environment
+	no-suppress-args
+	no-disconnect-hup
+	execute /usr/local/lib/userv/ipif /etc/userv/ipif/networks --
+fi
diff --git a/ipif/ipif-alloc b/ipif/ipif-alloc
new file mode 100644
index 0000000..4bfa131
--- /dev/null
+++ b/ipif/ipif-alloc
@@ -0,0 +1,10 @@
+if ( grep calling-user-shell /etc/shells
+   & glob service-user root
+   )
+	reset
+	no-set-environment
+	no-suppress-args
+	no-disconnect-hup
+	execute with-lock-ex -w /etc/userv/ipif/lockfile \
+		/usr/local/lib/userv-ipif/alloc.pl
+fi