- Support the multi-ip jail patch that's floating around.

3 files changed, 79 insertions, 6 deletions

diff --git a/ChangeLog b/ChangeLog
index f4734c6..0dbaa53 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+1.3
+ - Support the multi-ip jail patch that's floating around.
+
 1.2
  - Fix bugs which prevented jkill from working properly in a jail
    as advertized.
diff --git a/configure.ac b/configure.ac
index de431d4..3d97868 100644
--- a/configure.ac
+++ b/configure.ac
@@ -74,6 +74,13 @@ AC_CHECK_LIB([c], [jail], ,
 	[ echo "ERROR: Must have jail capabilities (FreeBSD 4.x or higher)"; exit 1])
 AC_CHECK_LIB([c], [jail_attach],
 	[ JAIL_ATTACH=yes; ], )
+AC_CHECK_MEMBER([struct jail.ips],
+	[ JAIL_MULTIPATCH=yes; AC_DEFINE_UNQUOTED(JAIL_MULTIPATCH, 1, [Patched Multiple IP support])], [],
+[[
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/jail.h>
+]])
 
 # Checks for typedefs, structures, and compiler characteristics.
 AC_C_CONST
@@ -103,3 +110,8 @@ if test "$JAIL_ATTACH" = "yes"; then
 else
     echo "Your version of FreeBSD (4.0 - 5.0) only supports the old utilities"
 fi
+
+if test "$JAIL_MULTIPATCH" = "yes"; then
+    echo "Your version of FreeBSD supports multiple IPs per jail via the patch."
+fi
+
diff --git a/srcx/jstart.c b/srcx/jstart.c
index aa119f8..6360f06 100644
--- a/srcx/jstart.c
+++ b/srcx/jstart.c
@@ -53,6 +53,7 @@
 #include <err.h>
 #include <unistd.h>
 #include <limits.h>
+#include <string.h>
 
 #include "util.h"
 
@@ -65,12 +66,66 @@ static char* START_ARGS[] = { _PATH_BSHELL, START_SCRIPT, NULL };
 
 static void usage();
 
+#ifdef JAIL_MULTIPATCH
+
+static void allocate_address(char* arg, struct jail* j)
+{
+    struct in_addr in;
+    char *ip;
+    int i = 0;
+
+    /* Count number of ips */
+    for(i = 1, ip = arg; *ip; ip++)
+    {
+        if(*ip == ',')
+            i++;
+    }
+
+    /* Allocate memory */
+    if((j->ips = (u_int32_t*)malloc(sizeof(u_int32_t) * i)) == NULL)
+        errx(1, "out of memory");
+
+    for(i = 0, ip = strtok(arg, ","); ip; i++, ip = strtok(NULL, ","))
+    {
+        if(inet_aton(ip, &in) == 0)
+            errx(1, "invalid ip address: %s", ip);
+        j->ips[i] = ntohl(in.s_addr);
+    }
+
+    j->nips = i;
+    j->version = 1;
+}
+
+static void free_address(struct jail* j)
+{
+    free(j->ips);
+}
+
+#else /* !JAIL_MULTIPATCH */
+
+static void allocate_address(char* arg, struct jail* j)
+{
+    struct in_addr in;
+
+    if(inet_aton(arg, &in) != 1)
+        errx(1, "invalid ip address: %s", arg);
+    j->ip_number = ntohl(in.s_addr);
+    j->version = 0;
+}
+
+static void free_address(struct jail* j)
+{
+    /* Nothing to do */
+}
+
+#endif /* !JAIL_MULTIPATCH */
+
+
 int main(int argc, char* argv[])
 {
     int ch, jid;
     struct jail j;
     int printjid = 0;
-    struct in_addr in;
 
     while((ch = getopt(argc, argv, "i")) != -1)
     {
@@ -98,20 +153,19 @@ int main(int argc, char* argv[])
     if(chdir(argv[0]) != 0)
         err(1, "couldn't change to jail directory: %s", argv[0]);
 
-    if(inet_aton(argv[2], &in) != 1)
-        errx(1, "invalid ip address: %s", argv[2]);
-
     memset(&j, 0, sizeof(j));
-    j.version = 0;
     j.path = argv[0];
     j.hostname = argv[1];
-    j.ip_number = ntohl(in.s_addr);
+
+    allocate_address(argv[2], &j);
 
     /* Here's where we actually go into the jail */
     jid = jail(&j);
     if(jid == -1)
         err(1, "couldn't create jail");
 
+    free_address(&j);
+
     if(printjid)
     {
         printf("%d\n", jid);
@@ -144,7 +198,11 @@ int main(int argc, char* argv[])
 
 static void usage()
 {
+#ifdef JAIL_MULTIPATCH
+    fprintf(stderr, "usage: jstart [-i] path hostname ip[,ip...] [command ...]\n");
+#else
     fprintf(stderr, "usage: jstart [-i] path hostname ip-number [command ...]\n");
+#endif
     exit(2);
 }