bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
1 |
/* -*- coding: utf-8 -*- */
|
2 |
/*
|
|
237.2.24
by Teddy Hogeborn
* plugins.d/askpass-fifo.c: Fix name in header. |
3 |
* Mandos-client - get and decrypt data from a Mandos server
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
4 |
*
|
5 |
* This program is partly derived from an example program for an Avahi
|
|
6 |
* service browser, downloaded from
|
|
7 |
* <http://avahi.org/browser/examples/core-browse-services.c>. This
|
|
8 |
* includes the following functions: "resolve_callback",
|
|
9 |
* "browse_callback", and parts of "main".
|
|
10 |
*
|
|
28
by Teddy Hogeborn
* server.conf: New file. |
11 |
* Everything else is
|
237.7.14
by Teddy Hogeborn
Update copyright year to "2011" wherever appropriate. |
12 |
* Copyright © 2008-2011 Teddy Hogeborn
|
13 |
* Copyright © 2008-2011 Björn Påhlsson
|
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
14 |
*
|
15 |
* This program is free software: you can redistribute it and/or
|
|
16 |
* modify it under the terms of the GNU General Public License as
|
|
17 |
* published by the Free Software Foundation, either version 3 of the
|
|
18 |
* License, or (at your option) any later version.
|
|
19 |
*
|
|
20 |
* This program is distributed in the hope that it will be useful, but
|
|
21 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
22 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
23 |
* General Public License for more details.
|
|
24 |
*
|
|
25 |
* You should have received a copy of the GNU General Public License
|
|
26 |
* along with this program. If not, see
|
|
27 |
* <http://www.gnu.org/licenses/>.
|
|
28 |
*
|
|
237.11.2
by Teddy Hogeborn
Change "fukt.bsnet.se" to "recompile.se" throughout. |
29 |
* Contact the authors at <mandos@recompile.se>.
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
30 |
*/
|
31 |
||
28
by Teddy Hogeborn
* server.conf: New file. |
32 |
/* Needed by GPGME, specifically gpgme_data_seek() */
|
237.2.80
by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags. |
33 |
#ifndef _LARGEFILE_SOURCE
|
13
by Björn Påhlsson
Added following support: |
34 |
#define _LARGEFILE_SOURCE
|
237.2.80
by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags. |
35 |
#endif
|
36 |
#ifndef _FILE_OFFSET_BITS
|
|
13
by Björn Påhlsson
Added following support: |
37 |
#define _FILE_OFFSET_BITS 64
|
237.2.80
by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags. |
38 |
#endif
|
13
by Björn Påhlsson
Added following support: |
39 |
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
40 |
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */ |
24.1.10
by Björn Påhlsson
merge commit |
41 |
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
42 |
#include <stdio.h> /* fprintf(), stderr, fwrite(), |
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
43 |
stdout, ferror(), remove() */ |
24.1.26
by Björn Påhlsson
tally count of used symbols |
44 |
#include <stdint.h> /* uint16_t, uint32_t */ |
45 |
#include <stddef.h> /* NULL, size_t, ssize_t */ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
46 |
#include <stdlib.h> /* free(), EXIT_SUCCESS, srand(), |
47 |
strtof(), abort() */ |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
48 |
#include <stdbool.h> /* bool, false, true */ |
24.1.29
by Björn Påhlsson
Added more header file comments |
49 |
#include <string.h> /* memset(), strcmp(), strlen(), |
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
50 |
strerror(), asprintf(), strcpy() */ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
51 |
#include <sys/ioctl.h> /* ioctl */ |
24.1.26
by Björn Påhlsson
tally count of used symbols |
52 |
#include <sys/types.h> /* socket(), inet_pton(), sockaddr, |
24.1.29
by Björn Påhlsson
Added more header file comments |
53 |
sockaddr_in6, PF_INET6, |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
54 |
SOCK_STREAM, uid_t, gid_t, open(), |
55 |
opendir(), DIR */ |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
56 |
#include <sys/stat.h> /* open() */ |
24.1.26
by Björn Påhlsson
tally count of used symbols |
57 |
#include <sys/socket.h> /* socket(), struct sockaddr_in6, |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
58 |
inet_pton(), connect() */ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
59 |
#include <fcntl.h> /* open() */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
60 |
#include <dirent.h> /* opendir(), struct dirent, readdir() |
61 |
*/ |
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
62 |
#include <inttypes.h> /* PRIu16, PRIdMAX, intmax_t, |
63 |
strtoimax() */ |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
64 |
#include <assert.h> /* assert() */ |
237.7.33
by Teddy Hogeborn
Merge from Björn. |
65 |
#include <errno.h> /* perror(), errno, |
66 |
program_invocation_short_name */ |
|
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
67 |
#include <time.h> /* nanosleep(), time(), sleep() */ |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
68 |
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP, |
24.1.26
by Björn Påhlsson
tally count of used symbols |
69 |
SIOCSIFFLAGS, if_indextoname(), |
70 |
if_nametoindex(), IF_NAMESIZE */ |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
71 |
#include <netinet/in.h> /* IN6_IS_ADDR_LINKLOCAL, |
72 |
INET_ADDRSTRLEN, INET6_ADDRSTRLEN |
|
73 |
*/ |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
74 |
#include <unistd.h> /* close(), SEEK_SET, off_t, write(), |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
75 |
getuid(), getgid(), seteuid(), |
237.2.137
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Try harder to raise signal on |
76 |
setgid(), pause() */ |
237.7.32
by Teddy Hogeborn
* Makefile (plugins.d/mandos-client): Bug fix: Put $^ before all |
77 |
#include <arpa/inet.h> /* inet_pton(), htons, inet_ntop() */ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
78 |
#include <iso646.h> /* not, or, and */ |
24.1.29
by Björn Påhlsson
Added more header file comments |
79 |
#include <argp.h> /* struct argp_option, error_t, struct |
80 |
argp_state, struct argp, |
|
81 |
argp_parse(), ARGP_KEY_ARG, |
|
82 |
ARGP_KEY_END, ARGP_ERR_UNKNOWN */ |
|
237.2.70
by Teddy Hogeborn
Merge from Björn: |
83 |
#include <signal.h> /* sigemptyset(), sigaddset(), |
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
84 |
sigaction(), SIGTERM, sig_atomic_t, |
85 |
raise() */ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
86 |
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_UNAVAILABLE, |
87 |
EX_NOHOST, EX_IOERR, EX_PROTOCOL */ |
|
237.2.70
by Teddy Hogeborn
Merge from Björn: |
88 |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
89 |
#ifdef __linux__
|
24.1.124
by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console. |
90 |
#include <sys/klog.h> /* klogctl() */ |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
91 |
#endif /* __linux__ */ |
24.1.26
by Björn Påhlsson
tally count of used symbols |
92 |
|
93 |
/* Avahi */
|
|
24.1.29
by Björn Påhlsson
Added more header file comments |
94 |
/* All Avahi types, constants and functions
|
95 |
Avahi*, avahi_*,
|
|
96 |
AVAHI_* */
|
|
97 |
#include <avahi-core/core.h> |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
98 |
#include <avahi-core/lookup.h> |
24.1.29
by Björn Påhlsson
Added more header file comments |
99 |
#include <avahi-core/log.h> |
24.1.26
by Björn Påhlsson
tally count of used symbols |
100 |
#include <avahi-common/simple-watch.h> |
101 |
#include <avahi-common/malloc.h> |
|
102 |
#include <avahi-common/error.h> |
|
103 |
||
104 |
/* GnuTLS */
|
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
105 |
#include <gnutls/gnutls.h> /* All GnuTLS types, constants and |
106 |
functions: |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
107 |
gnutls_* |
24.1.26
by Björn Påhlsson
tally count of used symbols |
108 |
init_gnutls_session(), |
24.1.29
by Björn Påhlsson
Added more header file comments |
109 |
GNUTLS_* */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
110 |
#include <gnutls/openpgp.h> |
111 |
/* gnutls_certificate_set_openpgp_key_file(), |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
112 |
GNUTLS_OPENPGP_FMT_BASE64 */
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
113 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
114 |
/* GPGME */
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
115 |
#include <gpgme.h> /* All GPGME types, constants and |
116 |
functions: |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
117 |
gpgme_* |
24.1.26
by Björn Påhlsson
tally count of used symbols |
118 |
GPGME_PROTOCOL_OpenPGP, |
24.1.29
by Björn Påhlsson
Added more header file comments |
119 |
GPG_ERR_NO_* */ |
13
by Björn Påhlsson
Added following support: |
120 |
|
121 |
#define BUFFER_SIZE 256
|
|
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
122 |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
123 |
#define PATHDIR "/conf/conf.d/mandos"
|
124 |
#define SECKEY "seckey.txt"
|
|
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
125 |
#define PUBKEY "pubkey.txt"
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
126 |
|
15.1.2
by Björn Påhlsson
Added debug options from passprompt as --debug and --debug=passprompt |
127 |
bool debug = false; |
43
by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes. |
128 |
static const char mandos_protocol_version[] = "1"; |
217
by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html"). |
129 |
const char *argp_program_version = "mandos-client " VERSION; |
237.11.2
by Teddy Hogeborn
Change "fukt.bsnet.se" to "recompile.se" throughout. |
130 |
const char *argp_program_bug_address = "<mandos@recompile.se>"; |
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
131 |
static const char sys_class_net[] = "/sys/class/net"; |
132 |
char *connect_to = NULL; |
|
24.1.10
by Björn Påhlsson
merge commit |
133 |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
134 |
/* Doubly linked list that need to be circularly linked when used */
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
135 |
typedef struct server{ |
136 |
const char *ip; |
|
137 |
uint16_t port; |
|
138 |
AvahiIfIndex if_index; |
|
139 |
int af; |
|
140 |
struct timespec last_seen; |
|
141 |
struct server *next; |
|
142 |
struct server *prev; |
|
143 |
} server; |
|
144 |
||
42
by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to" |
145 |
/* Used for passing in values through the Avahi callback functions */
|
13
by Björn Påhlsson
Added following support: |
146 |
typedef struct { |
24.1.9
by Björn Påhlsson
not working midwork... |
147 |
AvahiSimplePoll *simple_poll; |
148 |
AvahiServer *server; |
|
13
by Björn Påhlsson
Added following support: |
149 |
gnutls_certificate_credentials_t cred; |
24.1.9
by Björn Påhlsson
not working midwork... |
150 |
unsigned int dh_bits; |
24.1.13
by Björn Påhlsson
mandosclient |
151 |
gnutls_dh_params_t dh_params; |
24.1.9
by Björn Påhlsson
not working midwork... |
152 |
const char *priority; |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
153 |
gpgme_ctx_t ctx; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
154 |
server *current_server; |
24.1.9
by Björn Påhlsson
not working midwork... |
155 |
} mandos_context; |
13
by Björn Påhlsson
Added following support: |
156 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
157 |
/* global context so signal handler can reach it*/
|
24.1.135
by Björn Påhlsson
Earlier signal handling |
158 |
mandos_context mc = { .simple_poll = NULL, .server = NULL, |
159 |
.dh_bits = 1024, .priority = "SECURE256" |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
160 |
":!CTYPE-X.509:+CTYPE-OPENPGP", |
161 |
.current_server = NULL }; |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
162 |
|
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
163 |
sig_atomic_t quit_now = 0; |
164 |
int signal_received = 0; |
|
165 |
||
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
166 |
/* Function to use when printing errors */
|
167 |
void perror_plus(const char *print_text){ |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
168 |
fprintf(stderr, "Mandos plugin %s: ", |
169 |
program_invocation_short_name); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
170 |
perror(print_text); |
171 |
}
|
|
172 |
||
43
by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes. |
173 |
/*
|
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
174 |
* Make additional room in "buffer" for at least BUFFER_SIZE more
|
175 |
* bytes. "buffer_capacity" is how much is currently allocated,
|
|
176 |
* "buffer_length" is how much is already used.
|
|
43
by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes. |
177 |
*/
|
24.1.132
by Björn Påhlsson
Fixed a bug in fallback handling |
178 |
size_t incbuffer(char **buffer, size_t buffer_length, |
24.1.10
by Björn Påhlsson
merge commit |
179 |
size_t buffer_capacity){ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
180 |
if(buffer_length + BUFFER_SIZE > buffer_capacity){ |
24.1.12
by Björn Påhlsson
merge + |
181 |
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
182 |
if(buffer == NULL){ |
24.1.10
by Björn Påhlsson
merge commit |
183 |
return 0; |
184 |
} |
|
185 |
buffer_capacity += BUFFER_SIZE; |
|
186 |
} |
|
187 |
return buffer_capacity; |
|
188 |
}
|
|
189 |
||
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
190 |
/* Add server to set of servers to retry periodically */
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
191 |
int add_server(const char *ip, uint16_t port, |
192 |
AvahiIfIndex if_index, |
|
193 |
int af){ |
|
194 |
int ret; |
|
195 |
server *new_server = malloc(sizeof(server)); |
|
196 |
if(new_server == NULL){ |
|
197 |
perror_plus("malloc"); |
|
198 |
return -1; |
|
199 |
} |
|
200 |
*new_server = (server){ .ip = strdup(ip), |
|
201 |
.port = port, |
|
202 |
.if_index = if_index, |
|
203 |
.af = af }; |
|
204 |
if(new_server->ip == NULL){ |
|
205 |
perror_plus("strdup"); |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
206 |
return -1; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
207 |
} |
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
208 |
/* Special case of first server */ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
209 |
if (mc.current_server == NULL){ |
210 |
new_server->next = new_server; |
|
211 |
new_server->prev = new_server; |
|
212 |
mc.current_server = new_server; |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
213 |
/* Place the new server last in the list */ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
214 |
} else { |
215 |
new_server->next = mc.current_server; |
|
216 |
new_server->prev = mc.current_server->prev; |
|
217 |
new_server->prev->next = new_server; |
|
218 |
mc.current_server->prev = new_server; |
|
219 |
} |
|
220 |
ret = clock_gettime(CLOCK_MONOTONIC, &mc.current_server->last_seen); |
|
221 |
if(ret == -1){ |
|
222 |
perror_plus("clock_gettime"); |
|
223 |
return -1; |
|
224 |
} |
|
225 |
return 0; |
|
226 |
}
|
|
227 |
||
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
228 |
/*
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
229 |
* Initialize GPGME.
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
230 |
*/
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
231 |
static bool init_gpgme(const char *seckey, |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
232 |
const char *pubkey, const char *tempdir){ |
13
by Björn Påhlsson
Added following support: |
233 |
gpgme_error_t rc; |
234 |
gpgme_engine_info_t engine_info; |
|
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
235 |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
236 |
|
237 |
/* |
|
237.2.51
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Use separate bool variable instead |
238 |
* Helper function to insert pub and seckey to the engine keyring.
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
239 |
*/
|
240 |
bool import_key(const char *filename){ |
|
237.2.124
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gpgme): Move variable "ret" into the |
241 |
int ret; |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
242 |
int fd; |
243 |
gpgme_data_t pgp_data; |
|
244 |
|
|
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
245 |
fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY)); |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
246 |
if(fd == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
247 |
perror_plus("open"); |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
248 |
return false; |
249 |
} |
|
250 |
|
|
251 |
rc = gpgme_data_new_from_fd(&pgp_data, fd); |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
252 |
if(rc != GPG_ERR_NO_ERROR){ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
253 |
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n", |
254 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
255 |
return false; |
|
256 |
} |
|
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
257 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
258 |
rc = gpgme_op_import(mc.ctx, pgp_data); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
259 |
if(rc != GPG_ERR_NO_ERROR){ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
260 |
fprintf(stderr, "bad gpgme_op_import: %s: %s\n", |
261 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
262 |
return false; |
|
263 |
} |
|
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
264 |
|
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
265 |
ret = (int)TEMP_FAILURE_RETRY(close(fd)); |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
266 |
if(ret == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
267 |
perror_plus("close"); |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
268 |
} |
269 |
gpgme_data_release(pgp_data); |
|
270 |
return true; |
|
271 |
} |
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
272 |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
273 |
if(debug){ |
237.2.70
by Teddy Hogeborn
Merge from Björn: |
274 |
fprintf(stderr, "Initializing GPGME\n"); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
275 |
} |
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
276 |
|
13
by Björn Påhlsson
Added following support: |
277 |
/* Init GPGME */ |
278 |
gpgme_check_version(NULL); |
|
24.1.4
by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line. |
279 |
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
280 |
if(rc != GPG_ERR_NO_ERROR){ |
24.1.4
by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line. |
281 |
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n", |
282 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
283 |
return false; |
24.1.4
by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line. |
284 |
} |
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
285 |
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
286 |
/* Set GPGME home directory for the OpenPGP engine only */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
287 |
rc = gpgme_get_engine_info(&engine_info); |
288 |
if(rc != GPG_ERR_NO_ERROR){ |
|
13
by Björn Påhlsson
Added following support: |
289 |
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n", |
290 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
291 |
return false; |
13
by Björn Påhlsson
Added following support: |
292 |
} |
293 |
while(engine_info != NULL){ |
|
294 |
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){ |
|
295 |
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP, |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
296 |
engine_info->file_name, tempdir); |
13
by Björn Påhlsson
Added following support: |
297 |
break; |
298 |
} |
|
299 |
engine_info = engine_info->next; |
|
300 |
} |
|
301 |
if(engine_info == NULL){ |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
302 |
fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir); |
303 |
return false; |
|
304 |
} |
|
168
by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only |
305 |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
306 |
/* Create new GPGME "context" */ |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
307 |
rc = gpgme_new(&(mc.ctx)); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
308 |
if(rc != GPG_ERR_NO_ERROR){ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
309 |
fprintf(stderr, "bad gpgme_new: %s: %s\n", |
310 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
311 |
return false; |
|
312 |
} |
|
313 |
|
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
314 |
if(not import_key(pubkey) or not import_key(seckey)){ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
315 |
return false; |
316 |
} |
|
317 |
|
|
237.2.118
by Teddy Hogeborn
* mandos: White-space fixes only. |
318 |
return true; |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
319 |
}
|
320 |
||
321 |
/*
|
|
322 |
* Decrypt OpenPGP data.
|
|
323 |
* Returns -1 on error
|
|
324 |
*/
|
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
325 |
static ssize_t pgp_packet_decrypt(const char *cryptotext, |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
326 |
size_t crypto_size, |
327 |
char **plaintext){ |
|
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
328 |
gpgme_data_t dh_crypto, dh_plain; |
329 |
gpgme_error_t rc; |
|
330 |
ssize_t ret; |
|
331 |
size_t plaintext_capacity = 0; |
|
332 |
ssize_t plaintext_length = 0; |
|
333 |
|
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
334 |
if(debug){ |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
335 |
fprintf(stderr, "Trying to decrypt OpenPGP data\n"); |
13
by Björn Påhlsson
Added following support: |
336 |
} |
337 |
|
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
338 |
/* Create new GPGME data buffer from memory cryptotext */ |
339 |
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size, |
|
340 |
0); |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
341 |
if(rc != GPG_ERR_NO_ERROR){ |
13
by Björn Påhlsson
Added following support: |
342 |
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n", |
343 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
344 |
return -1; |
|
345 |
} |
|
346 |
|
|
347 |
/* Create new empty GPGME data buffer for the plaintext */ |
|
348 |
rc = gpgme_data_new(&dh_plain); |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
349 |
if(rc != GPG_ERR_NO_ERROR){ |
13
by Björn Påhlsson
Added following support: |
350 |
fprintf(stderr, "bad gpgme_data_new: %s: %s\n", |
351 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
352 |
gpgme_data_release(dh_crypto); |
13
by Björn Påhlsson
Added following support: |
353 |
return -1; |
354 |
} |
|
355 |
|
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
356 |
/* Decrypt data from the cryptotext data buffer to the plaintext |
357 |
data buffer */
|
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
358 |
rc = gpgme_op_decrypt(mc.ctx, dh_crypto, dh_plain); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
359 |
if(rc != GPG_ERR_NO_ERROR){ |
13
by Björn Påhlsson
Added following support: |
360 |
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n", |
361 |
gpgme_strsource(rc), gpgme_strerror(rc)); |
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
362 |
plaintext_length = -1; |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
363 |
if(debug){ |
99
by Teddy Hogeborn
* mandos (fingerprint): Bug fix: Check crtverify.value, not crtverify. |
364 |
gpgme_decrypt_result_t result; |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
365 |
result = gpgme_op_decrypt_result(mc.ctx); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
366 |
if(result == NULL){ |
99
by Teddy Hogeborn
* mandos (fingerprint): Bug fix: Check crtverify.value, not crtverify. |
367 |
fprintf(stderr, "gpgme_op_decrypt_result failed\n"); |
368 |
} else { |
|
369 |
fprintf(stderr, "Unsupported algorithm: %s\n", |
|
370 |
result->unsupported_algorithm); |
|
371 |
fprintf(stderr, "Wrong key usage: %u\n", |
|
372 |
result->wrong_key_usage); |
|
373 |
if(result->file_name != NULL){ |
|
374 |
fprintf(stderr, "File name: %s\n", result->file_name); |
|
375 |
} |
|
376 |
gpgme_recipient_t recipient; |
|
377 |
recipient = result->recipients; |
|
237.2.112
by Teddy Hogeborn
* plugins.d/mandos-client.c (pgp_packet_decrypt): Remove redundant |
378 |
while(recipient != NULL){ |
379 |
fprintf(stderr, "Public key algorithm: %s\n", |
|
380 |
gpgme_pubkey_algo_name(recipient->pubkey_algo)); |
|
381 |
fprintf(stderr, "Key ID: %s\n", recipient->keyid); |
|
382 |
fprintf(stderr, "Secret key available: %s\n", |
|
383 |
recipient->status == GPG_ERR_NO_SECKEY |
|
384 |
? "No" : "Yes"); |
|
385 |
recipient = recipient->next; |
|
99
by Teddy Hogeborn
* mandos (fingerprint): Bug fix: Check crtverify.value, not crtverify. |
386 |
} |
387 |
} |
|
388 |
} |
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
389 |
goto decrypt_end; |
13
by Björn Påhlsson
Added following support: |
390 |
} |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
391 |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
392 |
if(debug){ |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
393 |
fprintf(stderr, "Decryption of OpenPGP data succeeded\n"); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
394 |
} |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
395 |
|
13
by Björn Påhlsson
Added following support: |
396 |
/* Seek back to the beginning of the GPGME plaintext data buffer */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
397 |
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
398 |
perror_plus("gpgme_data_seek"); |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
399 |
plaintext_length = -1; |
400 |
goto decrypt_end; |
|
24.1.5
by Björn Påhlsson
plugbasedclient: |
401 |
} |
402 |
|
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
403 |
*plaintext = NULL; |
13
by Björn Påhlsson
Added following support: |
404 |
while(true){ |
24.1.132
by Björn Påhlsson
Fixed a bug in fallback handling |
405 |
plaintext_capacity = incbuffer(plaintext, |
42
by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to" |
406 |
(size_t)plaintext_length, |
24.1.12
by Björn Påhlsson
merge + |
407 |
plaintext_capacity); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
408 |
if(plaintext_capacity == 0){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
409 |
perror_plus("incbuffer"); |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
410 |
plaintext_length = -1; |
411 |
goto decrypt_end; |
|
13
by Björn Påhlsson
Added following support: |
412 |
} |
413 |
|
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
414 |
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length, |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
415 |
BUFFER_SIZE); |
13
by Björn Påhlsson
Added following support: |
416 |
/* Print the data, if any */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
417 |
if(ret == 0){ |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
418 |
/* EOF */ |
13
by Björn Påhlsson
Added following support: |
419 |
break; |
420 |
} |
|
421 |
if(ret < 0){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
422 |
perror_plus("gpgme_data_read"); |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
423 |
plaintext_length = -1; |
424 |
goto decrypt_end; |
|
13
by Björn Påhlsson
Added following support: |
425 |
} |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
426 |
plaintext_length += ret; |
13
by Björn Påhlsson
Added following support: |
427 |
} |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
428 |
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
429 |
if(debug){ |
430 |
fprintf(stderr, "Decrypted password is: "); |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
431 |
for(ssize_t i = 0; i < plaintext_length; i++){ |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
432 |
fprintf(stderr, "%02hhX ", (*plaintext)[i]); |
433 |
} |
|
434 |
fprintf(stderr, "\n"); |
|
435 |
} |
|
436 |
|
|
437 |
decrypt_end: |
|
438 |
|
|
439 |
/* Delete the GPGME cryptotext data buffer */ |
|
440 |
gpgme_data_release(dh_crypto); |
|
15.1.3
by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt |
441 |
|
442 |
/* Delete the GPGME plaintext data buffer */ |
|
13
by Björn Påhlsson
Added following support: |
443 |
gpgme_data_release(dh_plain); |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
444 |
return plaintext_length; |
13
by Björn Påhlsson
Added following support: |
445 |
}
|
446 |
||
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
447 |
static const char * safer_gnutls_strerror(int value){ |
237.2.30
by Teddy Hogeborn
* plugins.d/mandos-client.c: Only comment changes. |
448 |
const char *ret = gnutls_strerror(value); /* Spurious warning from |
449 |
-Wunreachable-code */
|
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
450 |
if(ret == NULL) |
13
by Björn Påhlsson
Added following support: |
451 |
ret = "(unknown)"; |
452 |
return ret; |
|
453 |
}
|
|
454 |
||
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
455 |
/* GnuTLS log function callback */
|
36
by Teddy Hogeborn
* TODO: Converted to org-mode style |
456 |
static void debuggnutls(__attribute__((unused)) int level, |
457 |
const char* string){ |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
458 |
fprintf(stderr, "GnuTLS: %s", string); |
13
by Björn Påhlsson
Added following support: |
459 |
}
|
460 |
||
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
461 |
static int init_gnutls_global(const char *pubkeyfilename, |
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
462 |
const char *seckeyfilename){ |
13
by Björn Påhlsson
Added following support: |
463 |
int ret; |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
464 |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
465 |
if(debug){ |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
466 |
fprintf(stderr, "Initializing GnuTLS\n"); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
467 |
} |
24.1.29
by Björn Påhlsson
Added more header file comments |
468 |
|
469 |
ret = gnutls_global_init(); |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
470 |
if(ret != GNUTLS_E_SUCCESS){ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
471 |
fprintf(stderr, "GnuTLS global_init: %s\n", |
472 |
safer_gnutls_strerror(ret)); |
|
13
by Björn Påhlsson
Added following support: |
473 |
return -1; |
474 |
} |
|
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
475 |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
476 |
if(debug){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
477 |
/* "Use a log level over 10 to enable all debugging options." |
478 |
* - GnuTLS manual
|
|
479 |
*/
|
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
480 |
gnutls_global_set_log_level(11); |
481 |
gnutls_global_set_log_function(debuggnutls); |
|
482 |
} |
|
483 |
|
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
484 |
/* OpenPGP credentials */ |
237.7.32
by Teddy Hogeborn
* Makefile (plugins.d/mandos-client): Bug fix: Put $^ before all |
485 |
ret = gnutls_certificate_allocate_credentials(&mc.cred); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
486 |
if(ret != GNUTLS_E_SUCCESS){ |
237.7.32
by Teddy Hogeborn
* Makefile (plugins.d/mandos-client): Bug fix: Put $^ before all |
487 |
fprintf(stderr, "GnuTLS memory error: %s\n", |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
488 |
safer_gnutls_strerror(ret)); |
489 |
gnutls_global_deinit(); |
|
13
by Björn Påhlsson
Added following support: |
490 |
return -1; |
491 |
} |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
492 |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
493 |
if(debug){ |
147
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Improved wording |
494 |
fprintf(stderr, "Attempting to use OpenPGP public key %s and" |
495 |
" secret key %s as GnuTLS credentials\n", pubkeyfilename, |
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
496 |
seckeyfilename); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
497 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
498 |
|
13
by Björn Påhlsson
Added following support: |
499 |
ret = gnutls_certificate_set_openpgp_key_file |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
500 |
(mc.cred, pubkeyfilename, seckeyfilename, |
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
501 |
GNUTLS_OPENPGP_FMT_BASE64); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
502 |
if(ret != GNUTLS_E_SUCCESS){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
503 |
fprintf(stderr, |
504 |
"Error[%d] while reading the OpenPGP key pair ('%s'," |
|
76
by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed |
505 |
" '%s')\n", ret, pubkeyfilename, seckeyfilename); |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
506 |
fprintf(stderr, "The GnuTLS error is: %s\n", |
13
by Björn Påhlsson
Added following support: |
507 |
safer_gnutls_strerror(ret)); |
24.1.20
by Björn Påhlsson
mandosclient |
508 |
goto globalfail; |
13
by Björn Påhlsson
Added following support: |
509 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
510 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
511 |
/* GnuTLS server initialization */ |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
512 |
ret = gnutls_dh_params_init(&mc.dh_params); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
513 |
if(ret != GNUTLS_E_SUCCESS){ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
514 |
fprintf(stderr, "Error in GnuTLS DH parameter initialization:" |
515 |
" %s\n", safer_gnutls_strerror(ret)); |
|
24.1.20
by Björn Påhlsson
mandosclient |
516 |
goto globalfail; |
13
by Björn Påhlsson
Added following support: |
517 |
} |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
518 |
ret = gnutls_dh_params_generate2(mc.dh_params, mc.dh_bits); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
519 |
if(ret != GNUTLS_E_SUCCESS){ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
520 |
fprintf(stderr, "Error in GnuTLS prime generation: %s\n", |
521 |
safer_gnutls_strerror(ret)); |
|
24.1.20
by Björn Påhlsson
mandosclient |
522 |
goto globalfail; |
13
by Björn Påhlsson
Added following support: |
523 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
524 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
525 |
gnutls_certificate_set_dh_params(mc.cred, mc.dh_params); |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
526 |
|
24.1.13
by Björn Påhlsson
mandosclient |
527 |
return 0; |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
528 |
|
24.1.20
by Björn Påhlsson
mandosclient |
529 |
globalfail: |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
530 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
531 |
gnutls_certificate_free_credentials(mc.cred); |
24.1.26
by Björn Påhlsson
tally count of used symbols |
532 |
gnutls_global_deinit(); |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
533 |
gnutls_dh_params_deinit(mc.dh_params); |
24.1.20
by Björn Påhlsson
mandosclient |
534 |
return -1; |
24.1.13
by Björn Påhlsson
mandosclient |
535 |
}
|
536 |
||
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
537 |
static int init_gnutls_session(gnutls_session_t *session){ |
24.1.13
by Björn Påhlsson
mandosclient |
538 |
int ret; |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
539 |
/* GnuTLS session creation */ |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
540 |
do { |
541 |
ret = gnutls_init(session, GNUTLS_SERVER); |
|
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
542 |
if(quit_now){ |
543 |
return -1; |
|
544 |
} |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
545 |
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
546 |
if(ret != GNUTLS_E_SUCCESS){ |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
547 |
fprintf(stderr, "Error in GnuTLS session initialization: %s\n", |
13
by Björn Påhlsson
Added following support: |
548 |
safer_gnutls_strerror(ret)); |
549 |
} |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
550 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
551 |
{ |
552 |
const char *err; |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
553 |
do { |
554 |
ret = gnutls_priority_set_direct(*session, mc.priority, &err); |
|
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
555 |
if(quit_now){ |
556 |
gnutls_deinit(*session); |
|
557 |
return -1; |
|
558 |
} |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
559 |
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
560 |
if(ret != GNUTLS_E_SUCCESS){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
561 |
fprintf(stderr, "Syntax error at: %s\n", err); |
562 |
fprintf(stderr, "GnuTLS error: %s\n", |
|
563 |
safer_gnutls_strerror(ret)); |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
564 |
gnutls_deinit(*session); |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
565 |
return -1; |
566 |
} |
|
13
by Björn Påhlsson
Added following support: |
567 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
568 |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
569 |
do { |
570 |
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE, |
|
571 |
mc.cred); |
|
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
572 |
if(quit_now){ |
573 |
gnutls_deinit(*session); |
|
574 |
return -1; |
|
575 |
} |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
576 |
} while(ret == GNUTLS_E_INTERRUPTED or ret == GNUTLS_E_AGAIN); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
577 |
if(ret != GNUTLS_E_SUCCESS){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
578 |
fprintf(stderr, "Error setting GnuTLS credentials: %s\n", |
13
by Björn Påhlsson
Added following support: |
579 |
safer_gnutls_strerror(ret)); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
580 |
gnutls_deinit(*session); |
13
by Björn Påhlsson
Added following support: |
581 |
return -1; |
582 |
} |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
583 |
|
13
by Björn Påhlsson
Added following support: |
584 |
/* ignore client certificate if any. */ |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
585 |
gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE); |
13
by Björn Påhlsson
Added following support: |
586 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
587 |
gnutls_dh_set_prime_bits(*session, mc.dh_bits); |
13
by Björn Påhlsson
Added following support: |
588 |
|
589 |
return 0; |
|
590 |
}
|
|
591 |
||
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
592 |
/* Avahi log function callback */
|
36
by Teddy Hogeborn
* TODO: Converted to org-mode style |
593 |
static void empty_log(__attribute__((unused)) AvahiLogLevel level, |
594 |
__attribute__((unused)) const char *txt){} |
|
13
by Björn Påhlsson
Added following support: |
595 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
596 |
/* Called when a Mandos server is found */
|
36
by Teddy Hogeborn
* TODO: Converted to org-mode style |
597 |
static int start_mandos_communication(const char *ip, uint16_t port, |
24.1.9
by Björn Påhlsson
not working midwork... |
598 |
AvahiIfIndex if_index, |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
599 |
int af){ |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
600 |
int ret, tcp_sd = -1; |
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
601 |
ssize_t sret; |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
602 |
union { |
603 |
struct sockaddr_in in; |
|
604 |
struct sockaddr_in6 in6; |
|
605 |
} to; |
|
13
by Björn Påhlsson
Added following support: |
606 |
char *buffer = NULL; |
237.2.135
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Bug fix: |
607 |
char *decrypted_buffer = NULL; |
13
by Björn Påhlsson
Added following support: |
608 |
size_t buffer_length = 0; |
609 |
size_t buffer_capacity = 0; |
|
24.1.10
by Björn Påhlsson
merge commit |
610 |
size_t written; |
237.2.135
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Bug fix: |
611 |
int retval = -1; |
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
612 |
gnutls_session_t session; |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
613 |
int pf; /* Protocol family */ |
614 |
|
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
615 |
errno = 0; |
616 |
|
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
617 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
618 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
619 |
return -1; |
620 |
} |
|
621 |
|
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
622 |
switch(af){ |
623 |
case AF_INET6: |
|
624 |
pf = PF_INET6; |
|
625 |
break; |
|
626 |
case AF_INET: |
|
627 |
pf = PF_INET; |
|
628 |
break; |
|
629 |
default: |
|
630 |
fprintf(stderr, "Bad address family: %d\n", af); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
631 |
errno = EINVAL; |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
632 |
return -1; |
633 |
} |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
634 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
635 |
ret = init_gnutls_session(&session); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
636 |
if(ret != 0){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
637 |
return -1; |
638 |
} |
|
639 |
|
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
640 |
if(debug){ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
641 |
fprintf(stderr, "Setting up a TCP connection to %s, port %" PRIu16 |
60
by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing. |
642 |
"\n", ip, port); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
643 |
} |
13
by Björn Påhlsson
Added following support: |
644 |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
645 |
tcp_sd = socket(pf, SOCK_STREAM, 0); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
646 |
if(tcp_sd < 0){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
647 |
int e = errno; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
648 |
perror_plus("socket"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
649 |
errno = e; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
650 |
goto mandos_end; |
651 |
} |
|
652 |
|
|
653 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
654 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
655 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
656 |
} |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
657 |
|
84
by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do |
658 |
memset(&to, 0, sizeof(to)); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
659 |
if(af == AF_INET6){ |
237.2.88
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): "sin6_family" |
660 |
to.in6.sin6_family = (sa_family_t)af; |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
661 |
ret = inet_pton(af, ip, &to.in6.sin6_addr); |
662 |
} else { /* IPv4 */ |
|
663 |
to.in.sin_family = (sa_family_t)af; |
|
664 |
ret = inet_pton(af, ip, &to.in.sin_addr); |
|
665 |
} |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
666 |
if(ret < 0 ){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
667 |
int e = errno; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
668 |
perror_plus("inet_pton"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
669 |
errno = e; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
670 |
goto mandos_end; |
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
671 |
} |
13
by Björn Påhlsson
Added following support: |
672 |
if(ret == 0){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
673 |
int e = errno; |
13
by Björn Påhlsson
Added following support: |
674 |
fprintf(stderr, "Bad address: %s\n", ip); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
675 |
errno = e; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
676 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
677 |
} |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
678 |
if(af == AF_INET6){ |
679 |
to.in6.sin6_port = htons(port); /* Spurious warnings from |
|
680 |
-Wconversion and
|
|
681 |
-Wunreachable-code */
|
|
682 |
|
|
683 |
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */ |
|
684 |
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and |
|
685 |
-Wunreachable-code*/
|
|
686 |
if(if_index == AVAHI_IF_UNSPEC){ |
|
687 |
fprintf(stderr, "An IPv6 link-local address is incomplete" |
|
688 |
" without a network interface\n"); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
689 |
errno = EINVAL; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
690 |
goto mandos_end; |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
691 |
} |
692 |
/* Set the network interface number as scope */ |
|
693 |
to.in6.sin6_scope_id = (uint32_t)if_index; |
|
694 |
} |
|
695 |
} else { |
|
696 |
to.in.sin_port = htons(port); /* Spurious warnings from |
|
237.2.30
by Teddy Hogeborn
* plugins.d/mandos-client.c: Only comment changes. |
697 |
-Wconversion and
|
698 |
-Wunreachable-code */
|
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
699 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
700 |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
701 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
702 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
703 |
goto mandos_end; |
704 |
} |
|
705 |
|
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
706 |
if(debug){ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
707 |
if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){ |
708 |
char interface[IF_NAMESIZE]; |
|
709 |
if(if_indextoname((unsigned int)if_index, interface) == NULL){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
710 |
perror_plus("if_indextoname"); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
711 |
} else { |
712 |
fprintf(stderr, "Connection to: %s%%%s, port %" PRIu16 "\n", |
|
713 |
ip, interface, port); |
|
714 |
} |
|
715 |
} else { |
|
716 |
fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip, |
|
717 |
port); |
|
718 |
} |
|
719 |
char addrstr[(INET_ADDRSTRLEN > INET6_ADDRSTRLEN) ? |
|
720 |
INET_ADDRSTRLEN : INET6_ADDRSTRLEN] = ""; |
|
721 |
const char *pcret; |
|
722 |
if(af == AF_INET6){ |
|
723 |
pcret = inet_ntop(af, &(to.in6.sin6_addr), addrstr, |
|
724 |
sizeof(addrstr)); |
|
725 |
} else { |
|
726 |
pcret = inet_ntop(af, &(to.in.sin_addr), addrstr, |
|
727 |
sizeof(addrstr)); |
|
728 |
} |
|
729 |
if(pcret == NULL){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
730 |
perror_plus("inet_ntop"); |
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
731 |
} else { |
732 |
if(strcmp(addrstr, ip) != 0){ |
|
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
733 |
fprintf(stderr, "Canonical address form: %s\n", addrstr); |
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
734 |
} |
735 |
} |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
736 |
} |
13
by Björn Påhlsson
Added following support: |
737 |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
738 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
739 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
740 |
goto mandos_end; |
741 |
} |
|
742 |
|
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
743 |
if(af == AF_INET6){ |
744 |
ret = connect(tcp_sd, &to.in6, sizeof(to)); |
|
745 |
} else { |
|
746 |
ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */ |
|
747 |
} |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
748 |
if(ret < 0){ |
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
749 |
if ((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){ |
750 |
int e = errno; |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
751 |
perror_plus("connect"); |
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
752 |
errno = e; |
753 |
} |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
754 |
goto mandos_end; |
755 |
} |
|
756 |
|
|
757 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
758 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
759 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
760 |
} |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
761 |
|
24.1.12
by Björn Påhlsson
merge + |
762 |
const char *out = mandos_protocol_version; |
24.1.10
by Björn Påhlsson
merge commit |
763 |
written = 0; |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
764 |
while(true){ |
24.1.10
by Björn Påhlsson
merge commit |
765 |
size_t out_size = strlen(out); |
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
766 |
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written, |
24.1.10
by Björn Påhlsson
merge commit |
767 |
out_size - written)); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
768 |
if(ret == -1){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
769 |
int e = errno; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
770 |
perror_plus("write"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
771 |
errno = e; |
24.1.12
by Björn Påhlsson
merge + |
772 |
goto mandos_end; |
24.1.10
by Björn Påhlsson
merge commit |
773 |
} |
24.1.12
by Björn Påhlsson
merge + |
774 |
written += (size_t)ret; |
24.1.10
by Björn Påhlsson
merge commit |
775 |
if(written < out_size){ |
776 |
continue; |
|
777 |
} else { |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
778 |
if(out == mandos_protocol_version){ |
24.1.10
by Björn Påhlsson
merge commit |
779 |
written = 0; |
780 |
out = "\r\n"; |
|
781 |
} else { |
|
782 |
break; |
|
783 |
} |
|
784 |
} |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
785 |
|
786 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
787 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
788 |
goto mandos_end; |
789 |
} |
|
24.1.10
by Björn Påhlsson
merge commit |
790 |
} |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
791 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
792 |
if(debug){ |
793 |
fprintf(stderr, "Establishing TLS session with %s\n", ip); |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
794 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
795 |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
796 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
797 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
798 |
goto mandos_end; |
799 |
} |
|
800 |
|
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
801 |
/* Spurious warning from -Wint-to-pointer-cast */ |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
802 |
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd); |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
803 |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
804 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
805 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
806 |
goto mandos_end; |
807 |
} |
|
808 |
|
|
237.2.126
by Teddy Hogeborn
* plugin-runner.c: Minor stylistic changes. |
809 |
do { |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
810 |
ret = gnutls_handshake(session); |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
811 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
812 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
813 |
goto mandos_end; |
814 |
} |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
815 |
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED); |
13
by Björn Påhlsson
Added following support: |
816 |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
817 |
if(ret != GNUTLS_E_SUCCESS){ |
25
by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section. |
818 |
if(debug){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
819 |
fprintf(stderr, "*** GnuTLS Handshake failed ***\n"); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
820 |
gnutls_perror(ret); |
25
by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section. |
821 |
} |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
822 |
errno = EPROTO; |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
823 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
824 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
825 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
826 |
/* Read OpenPGP packet that contains the wanted password */ |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
827 |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
828 |
if(debug){ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
829 |
fprintf(stderr, "Retrieving OpenPGP encrypted password from %s\n", |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
830 |
ip); |
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
831 |
} |
143
by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and |
832 |
|
13
by Björn Påhlsson
Added following support: |
833 |
while(true){ |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
834 |
|
835 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
836 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
837 |
goto mandos_end; |
838 |
} |
|
839 |
|
|
24.1.132
by Björn Påhlsson
Fixed a bug in fallback handling |
840 |
buffer_capacity = incbuffer(&buffer, buffer_length, |
42
by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to" |
841 |
buffer_capacity); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
842 |
if(buffer_capacity == 0){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
843 |
int e = errno; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
844 |
perror_plus("incbuffer"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
845 |
errno = e; |
24.1.12
by Björn Påhlsson
merge + |
846 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
847 |
} |
848 |
|
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
849 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
850 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
851 |
goto mandos_end; |
852 |
} |
|
853 |
|
|
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
854 |
sret = gnutls_record_recv(session, buffer+buffer_length, |
855 |
BUFFER_SIZE); |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
856 |
if(sret == 0){ |
13
by Björn Påhlsson
Added following support: |
857 |
break; |
858 |
} |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
859 |
if(sret < 0){ |
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
860 |
switch(sret){ |
13
by Björn Påhlsson
Added following support: |
861 |
case GNUTLS_E_INTERRUPTED: |
862 |
case GNUTLS_E_AGAIN: |
|
863 |
break; |
|
864 |
case GNUTLS_E_REHANDSHAKE: |
|
237.2.126
by Teddy Hogeborn
* plugin-runner.c: Minor stylistic changes. |
865 |
do { |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
866 |
ret = gnutls_handshake(session); |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
867 |
|
868 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
869 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
870 |
goto mandos_end; |
871 |
} |
|
24.1.29
by Björn Påhlsson
Added more header file comments |
872 |
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
873 |
if(ret < 0){ |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
874 |
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n"); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
875 |
gnutls_perror(ret); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
876 |
errno = EPROTO; |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
877 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
878 |
} |
879 |
break; |
|
880 |
default: |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
881 |
fprintf(stderr, "Unknown error while reading data from" |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
882 |
" encrypted session with Mandos server\n"); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
883 |
gnutls_bye(session, GNUTLS_SHUT_RDWR); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
884 |
errno = EIO; |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
885 |
goto mandos_end; |
13
by Björn Påhlsson
Added following support: |
886 |
} |
887 |
} else { |
|
237.3.2
by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for |
888 |
buffer_length += (size_t) sret; |
13
by Björn Påhlsson
Added following support: |
889 |
} |
890 |
} |
|
15.1.1
by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient |
891 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
892 |
if(debug){ |
893 |
fprintf(stderr, "Closing TLS session\n"); |
|
894 |
} |
|
895 |
|
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
896 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
897 |
errno = EINTR; |
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
898 |
goto mandos_end; |
899 |
} |
|
900 |
|
|
901 |
do { |
|
902 |
ret = gnutls_bye(session, GNUTLS_SHUT_RDWR); |
|
903 |
if(quit_now){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
904 |
errno = EINTR; |
237.2.134
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Always fail and |
905 |
goto mandos_end; |
906 |
} |
|
907 |
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED); |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
908 |
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
909 |
if(buffer_length > 0){ |
237.2.125
by Teddy Hogeborn
* plugin-runner.c (getplugin, add_environment, main): Handle EINTR |
910 |
ssize_t decrypted_buffer_size; |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
911 |
decrypted_buffer_size = pgp_packet_decrypt(buffer, |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
912 |
buffer_length, |
24.1.81
by Björn Påhlsson
removed keyring pre-requirement for starting password-request. |
913 |
&decrypted_buffer); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
914 |
if(decrypted_buffer_size >= 0){ |
237.2.124
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gpgme): Move variable "ret" into the |
915 |
|
24.1.10
by Björn Påhlsson
merge commit |
916 |
written = 0; |
28
by Teddy Hogeborn
* server.conf: New file. |
917 |
while(written < (size_t) decrypted_buffer_size){ |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
918 |
if(quit_now){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
919 |
errno = EINTR; |
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
920 |
goto mandos_end; |
921 |
} |
|
922 |
|
|
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
923 |
ret = (int)fwrite(decrypted_buffer + written, 1, |
924 |
(size_t)decrypted_buffer_size - written, |
|
925 |
stdout); |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
926 |
if(ret == 0 and ferror(stdout)){ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
927 |
int e = errno; |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
928 |
if(debug){ |
929 |
fprintf(stderr, "Error writing encrypted data: %s\n", |
|
930 |
strerror(errno)); |
|
931 |
} |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
932 |
errno = e; |
237.2.135
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Bug fix: |
933 |
goto mandos_end; |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
934 |
} |
22
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to |
935 |
written += (size_t)ret; |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
936 |
} |
237.2.135
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Bug fix: |
937 |
retval = 0; |
13
by Björn Påhlsson
Added following support: |
938 |
} |
939 |
} |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
940 |
|
941 |
/* Shutdown procedure */ |
|
942 |
|
|
943 |
mandos_end: |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
944 |
{ |
945 |
int e = errno; |
|
946 |
free(decrypted_buffer); |
|
947 |
free(buffer); |
|
948 |
if(tcp_sd >= 0){ |
|
949 |
ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd)); |
|
950 |
} |
|
951 |
if(ret == -1){ |
|
952 |
if(e == 0){ |
|
953 |
e = errno; |
|
954 |
} |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
955 |
perror_plus("close"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
956 |
} |
957 |
gnutls_deinit(session); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
958 |
errno = e; |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
959 |
if(quit_now){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
960 |
errno = EINTR; |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
961 |
retval = -1; |
962 |
} |
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
963 |
} |
13
by Björn Påhlsson
Added following support: |
964 |
return retval; |
965 |
}
|
|
966 |
||
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
967 |
static void resolve_callback(AvahiSServiceResolver *r, |
968 |
AvahiIfIndex interface, |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
969 |
AvahiProtocol proto, |
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
970 |
AvahiResolverEvent event, |
971 |
const char *name, |
|
972 |
const char *type, |
|
973 |
const char *domain, |
|
974 |
const char *host_name, |
|
975 |
const AvahiAddress *address, |
|
976 |
uint16_t port, |
|
977 |
AVAHI_GCC_UNUSED AvahiStringList *txt, |
|
978 |
AVAHI_GCC_UNUSED AvahiLookupResultFlags |
|
979 |
flags, |
|
237.2.70
by Teddy Hogeborn
Merge from Björn: |
980 |
AVAHI_GCC_UNUSED void* userdata){ |
84
by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do |
981 |
assert(r); |
22
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to |
982 |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
983 |
/* Called whenever a service has been resolved successfully or |
984 |
timed out */
|
|
22
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to |
985 |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
986 |
if(quit_now){ |
987 |
return; |
|
988 |
} |
|
989 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
990 |
switch(event){ |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
991 |
default: |
992 |
case AVAHI_RESOLVER_FAILURE: |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
993 |
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'" |
994 |
" of type '%s' in domain '%s': %s\n", name, type, domain, |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
995 |
avahi_strerror(avahi_server_errno(mc.server))); |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
996 |
break; |
22
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to |
997 |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
998 |
case AVAHI_RESOLVER_FOUND: |
999 |
{ |
|
1000 |
char ip[AVAHI_ADDRESS_STR_MAX]; |
|
1001 |
avahi_address_snprint(ip, sizeof(ip), address); |
|
1002 |
if(debug){ |
|
60
by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing. |
1003 |
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %" |
237.2.31
by Teddy Hogeborn
Fixes for sscanf usage: |
1004 |
PRIdMAX ") on port %" PRIu16 "\n", name, host_name, |
1005 |
ip, (intmax_t)interface, port); |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
1006 |
} |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1007 |
int ret = start_mandos_communication(ip, port, interface, |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1008 |
avahi_proto_to_af(proto)); |
237.2.29
by Teddy Hogeborn
* plugin-runner.c: Only space changes. |
1009 |
if(ret == 0){ |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1010 |
avahi_simple_poll_quit(mc.simple_poll); |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1011 |
} else { |
1012 |
ret = add_server(ip, port, interface, |
|
1013 |
avahi_proto_to_af(proto)); |
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
1014 |
} |
13
by Björn Påhlsson
Added following support: |
1015 |
} |
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
1016 |
} |
1017 |
avahi_s_service_resolver_free(r); |
|
13
by Björn Påhlsson
Added following support: |
1018 |
}
|
1019 |
||
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1020 |
static void browse_callback(AvahiSServiceBrowser *b, |
1021 |
AvahiIfIndex interface, |
|
1022 |
AvahiProtocol protocol, |
|
1023 |
AvahiBrowserEvent event, |
|
1024 |
const char *name, |
|
1025 |
const char *type, |
|
1026 |
const char *domain, |
|
1027 |
AVAHI_GCC_UNUSED AvahiLookupResultFlags |
|
1028 |
flags, |
|
237.2.70
by Teddy Hogeborn
Merge from Björn: |
1029 |
AVAHI_GCC_UNUSED void* userdata){ |
84
by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do |
1030 |
assert(b); |
24.1.9
by Björn Påhlsson
not working midwork... |
1031 |
|
1032 |
/* Called whenever a new services becomes available on the LAN or |
|
1033 |
is removed from the LAN */
|
|
1034 |
|
|
237.2.121
by Teddy Hogeborn
* plugins.d/mandos-client.c (start_mandos_communication): Check |
1035 |
if(quit_now){ |
1036 |
return; |
|
1037 |
} |
|
1038 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1039 |
switch(event){ |
24.1.9
by Björn Påhlsson
not working midwork... |
1040 |
default: |
1041 |
case AVAHI_BROWSER_FAILURE: |
|
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
1042 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1043 |
fprintf(stderr, "(Avahi browser) %s\n", |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1044 |
avahi_strerror(avahi_server_errno(mc.server))); |
1045 |
avahi_simple_poll_quit(mc.simple_poll); |
|
24.1.9
by Björn Påhlsson
not working midwork... |
1046 |
return; |
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
1047 |
|
24.1.9
by Björn Påhlsson
not working midwork... |
1048 |
case AVAHI_BROWSER_NEW: |
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1049 |
/* We ignore the returned Avahi resolver object. In the callback |
1050 |
function we free it. If the Avahi server is terminated before
|
|
1051 |
the callback function is called the Avahi server will free the
|
|
1052 |
resolver for us. */
|
|
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
1053 |
|
237.2.76
by Teddy Hogeborn
* plugins.d/mandos-client.c (browse_callback, main): Do not require |
1054 |
if(avahi_s_service_resolver_new(mc.server, interface, protocol, |
1055 |
name, type, domain, protocol, 0, |
|
1056 |
resolve_callback, NULL) == NULL) |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1057 |
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n", |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1058 |
name, avahi_strerror(avahi_server_errno(mc.server))); |
24.1.9
by Björn Påhlsson
not working midwork... |
1059 |
break; |
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
1060 |
|
24.1.9
by Björn Påhlsson
not working midwork... |
1061 |
case AVAHI_BROWSER_REMOVE: |
1062 |
break; |
|
38
by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options. |
1063 |
|
24.1.9
by Björn Påhlsson
not working midwork... |
1064 |
case AVAHI_BROWSER_ALL_FOR_NOW: |
1065 |
case AVAHI_BROWSER_CACHE_EXHAUSTED: |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1066 |
if(debug){ |
1067 |
fprintf(stderr, "No Mandos server found, still searching...\n"); |
|
1068 |
} |
|
24.1.9
by Björn Påhlsson
not working midwork... |
1069 |
break; |
1070 |
} |
|
13
by Björn Påhlsson
Added following support: |
1071 |
}
|
1072 |
||
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1073 |
/* Signal handler that stops main loop after SIGTERM */
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
1074 |
static void handle_sigterm(int sig){ |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1075 |
if(quit_now){ |
1076 |
return; |
|
1077 |
} |
|
1078 |
quit_now = 1; |
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
1079 |
signal_received = sig; |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1080 |
int old_errno = errno; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1081 |
/* set main loop to exit */ |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1082 |
if(mc.simple_poll != NULL){ |
1083 |
avahi_simple_poll_quit(mc.simple_poll); |
|
1084 |
} |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1085 |
errno = old_errno; |
1086 |
}
|
|
1087 |
||
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1088 |
/*
|
1089 |
* This function determines if a directory entry in /sys/class/net
|
|
1090 |
* corresponds to an acceptable network device.
|
|
1091 |
* (This function is passed to scandir(3) as a filter function.)
|
|
1092 |
*/
|
|
1093 |
int good_interface(const struct dirent *if_entry){ |
|
1094 |
ssize_t ssret; |
|
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1095 |
int ret; |
237.7.28
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Check if the interface |
1096 |
if(if_entry->d_name[0] == '.'){ |
1097 |
return 0; |
|
1098 |
} |
|
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1099 |
int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP); |
1100 |
if(s < 0){ |
|
1101 |
perror_plus("socket"); |
|
1102 |
return 0; |
|
1103 |
} |
|
1104 |
struct ifreq ifr; |
|
1105 |
strcpy(ifr.ifr_name, if_entry->d_name); |
|
1106 |
ret = ioctl(s, SIOCGIFFLAGS, &ifr); |
|
1107 |
if(ret == -1){ |
|
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1108 |
if(debug){ |
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1109 |
perror_plus("ioctl SIOCGIFFLAGS"); |
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1110 |
} |
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1111 |
return 0; |
1112 |
} |
|
1113 |
/* Reject the loopback device */ |
|
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1114 |
if(ifr.ifr_flags & IFF_LOOPBACK){ |
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1115 |
if(debug){ |
1116 |
fprintf(stderr, "Rejecting loopback interface \"%s\"\n", |
|
1117 |
if_entry->d_name); |
|
1118 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1119 |
return 0; |
1120 |
} |
|
1121 |
/* Accept point-to-point devices only if connect_to is specified */ |
|
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1122 |
if(connect_to != NULL and (ifr.ifr_flags & IFF_POINTOPOINT)){ |
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1123 |
if(debug){ |
1124 |
fprintf(stderr, "Accepting point-to-point interface \"%s\"\n", |
|
1125 |
if_entry->d_name); |
|
1126 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1127 |
return 1; |
1128 |
} |
|
1129 |
/* Otherwise, reject non-broadcast-capable devices */ |
|
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1130 |
if(not (ifr.ifr_flags & IFF_BROADCAST)){ |
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1131 |
if(debug){ |
1132 |
fprintf(stderr, "Rejecting non-broadcast interface \"%s\"\n", |
|
1133 |
if_entry->d_name); |
|
1134 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1135 |
return 0; |
1136 |
} |
|
237.7.29
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Reject non-ARP |
1137 |
/* Reject non-ARP interfaces (including dummy interfaces) */ |
237.15.1
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Use SIOCGIFFLAGS instead |
1138 |
if(ifr.ifr_flags & IFF_NOARP){ |
237.7.29
by teddy at bsnet
* plugins.d/mandos-client.c (good_interface): Reject non-ARP |
1139 |
if(debug){ |
1140 |
fprintf(stderr, "Rejecting non-ARP interface \"%s\"\n", |
|
1141 |
if_entry->d_name); |
|
1142 |
} |
|
1143 |
return 0; |
|
1144 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1145 |
/* Accept this device */ |
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1146 |
if(debug){ |
1147 |
fprintf(stderr, "Interface \"%s\" is acceptable\n", |
|
1148 |
if_entry->d_name); |
|
1149 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1150 |
return 1; |
1151 |
}
|
|
1152 |
||
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1153 |
int notdotentries(const struct dirent *direntry){ |
1154 |
/* Skip "." and ".." */ |
|
1155 |
if(direntry->d_name[0] == '.' |
|
1156 |
and (direntry->d_name[1] == '\0' |
|
1157 |
or (direntry->d_name[1] == '.' |
|
1158 |
and direntry->d_name[2] == '\0'))){ |
|
1159 |
return 0; |
|
1160 |
} |
|
1161 |
return 1; |
|
1162 |
}
|
|
1163 |
||
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1164 |
int avahi_loop_with_timeout(AvahiSimplePoll *s, int retry_interval){ |
1165 |
int ret; |
|
1166 |
struct timespec now; |
|
1167 |
struct timespec waited_time; |
|
1168 |
intmax_t block_time; |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1169 |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1170 |
while(true){ |
1171 |
if(mc.current_server == NULL){ |
|
1172 |
if (debug){ |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1173 |
fprintf(stderr, |
1174 |
"Wait until first server is found. No timeout!\n"); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1175 |
} |
1176 |
ret = avahi_simple_poll_iterate(s, -1); |
|
1177 |
} else { |
|
1178 |
if (debug){ |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1179 |
fprintf(stderr, "Check current_server if we should run it," |
1180 |
" or wait\n"); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1181 |
} |
1182 |
/* the current time */ |
|
1183 |
ret = clock_gettime(CLOCK_MONOTONIC, &now); |
|
1184 |
if(ret == -1){ |
|
1185 |
perror_plus("clock_gettime"); |
|
1186 |
return -1; |
|
1187 |
} |
|
1188 |
/* Calculating in ms how long time between now and server |
|
1189 |
who we visted longest time ago. Now - last seen. */
|
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1190 |
waited_time.tv_sec = (now.tv_sec |
1191 |
- mc.current_server->last_seen.tv_sec); |
|
1192 |
waited_time.tv_nsec = (now.tv_nsec |
|
1193 |
- mc.current_server->last_seen.tv_nsec); |
|
1194 |
/* total time is 10s/10,000ms. |
|
1195 |
Converting to s from ms by dividing by 1,000,
|
|
1196 |
and ns to ms by dividing by 1,000,000. */
|
|
1197 |
block_time = ((retry_interval |
|
1198 |
- ((intmax_t)waited_time.tv_sec * 1000)) |
|
1199 |
- ((intmax_t)waited_time.tv_nsec / 1000000)); |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1200 |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1201 |
if (debug){ |
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1202 |
fprintf(stderr, "Blocking for %" PRIdMAX " ms\n", block_time); |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1203 |
} |
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1204 |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1205 |
if(block_time <= 0){ |
1206 |
ret = start_mandos_communication(mc.current_server->ip, |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1207 |
mc.current_server->port, |
1208 |
mc.current_server->if_index, |
|
1209 |
mc.current_server->af); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1210 |
if(ret == 0){ |
1211 |
avahi_simple_poll_quit(mc.simple_poll); |
|
1212 |
return 0; |
|
1213 |
} |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1214 |
ret = clock_gettime(CLOCK_MONOTONIC, |
1215 |
&mc.current_server->last_seen); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1216 |
if(ret == -1){ |
1217 |
perror_plus("clock_gettime"); |
|
1218 |
return -1; |
|
1219 |
} |
|
1220 |
mc.current_server = mc.current_server->next; |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1221 |
block_time = 0; /* Call avahi to find new Mandos |
1222 |
servers, but don't block */
|
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1223 |
} |
1224 |
|
|
1225 |
ret = avahi_simple_poll_iterate(s, (int)block_time); |
|
1226 |
} |
|
1227 |
if(ret != 0){ |
|
1228 |
if (ret > 0 or errno != EINTR) { |
|
1229 |
return (ret != 1) ? ret : 0; |
|
1230 |
} |
|
1231 |
} |
|
1232 |
} |
|
1233 |
}
|
|
1234 |
||
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1235 |
int main(int argc, char *argv[]){ |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1236 |
AvahiSServiceBrowser *sb = NULL; |
1237 |
int error; |
|
1238 |
int ret; |
|
1239 |
intmax_t tmpmax; |
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1240 |
char *tmp; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1241 |
int exitcode = EXIT_SUCCESS; |
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1242 |
const char *interface = ""; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1243 |
struct ifreq network; |
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1244 |
int sd = -1; |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1245 |
bool take_down_interface = false; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1246 |
uid_t uid; |
1247 |
gid_t gid; |
|
1248 |
char tempdir[] = "/tmp/mandosXXXXXX"; |
|
1249 |
bool tempdir_created = false; |
|
1250 |
AvahiIfIndex if_index = AVAHI_IF_UNSPEC; |
|
1251 |
const char *seckey = PATHDIR "/" SECKEY; |
|
1252 |
const char *pubkey = PATHDIR "/" PUBKEY; |
|
1253 |
|
|
1254 |
bool gnutls_initialized = false; |
|
1255 |
bool gpgme_initialized = false; |
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1256 |
float delay = 2.5f; |
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1257 |
double retry_interval = 10; /* 10s between trying a server and |
1258 |
retrying the same server again */
|
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1259 |
|
237.2.132
by Teddy Hogeborn
* init.d-mandos (Required-Start, Required-Stop): Bug fix: Added |
1260 |
struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL }; |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1261 |
struct sigaction sigterm_action = { .sa_handler = handle_sigterm }; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1262 |
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1263 |
uid = getuid(); |
1264 |
gid = getgid(); |
|
1265 |
|
|
1266 |
/* Lower any group privileges we might have, just to be safe */ |
|
1267 |
errno = 0; |
|
1268 |
ret = setgid(gid); |
|
1269 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1270 |
perror_plus("setgid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1271 |
} |
1272 |
|
|
1273 |
/* Lower user privileges (temporarily) */ |
|
1274 |
errno = 0; |
|
1275 |
ret = seteuid(uid); |
|
1276 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1277 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1278 |
} |
1279 |
|
|
1280 |
if(quit_now){ |
|
1281 |
goto end; |
|
1282 |
} |
|
1283 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1284 |
{ |
1285 |
struct argp_option options[] = { |
|
1286 |
{ .name = "debug", .key = 128, |
|
1287 |
.doc = "Debug mode", .group = 3 }, |
|
1288 |
{ .name = "connect", .key = 'c', |
|
1289 |
.arg = "ADDRESS:PORT", |
|
1290 |
.doc = "Connect directly to a specific Mandos server", |
|
1291 |
.group = 1 }, |
|
1292 |
{ .name = "interface", .key = 'i', |
|
1293 |
.arg = "NAME", |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1294 |
.doc = "Network interface that will be used to search for" |
1295 |
" Mandos servers", |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1296 |
.group = 1 }, |
1297 |
{ .name = "seckey", .key = 's', |
|
1298 |
.arg = "FILE", |
|
1299 |
.doc = "OpenPGP secret key file base name", |
|
1300 |
.group = 1 }, |
|
1301 |
{ .name = "pubkey", .key = 'p', |
|
1302 |
.arg = "FILE", |
|
1303 |
.doc = "OpenPGP public key file base name", |
|
1304 |
.group = 2 }, |
|
1305 |
{ .name = "dh-bits", .key = 129, |
|
1306 |
.arg = "BITS", |
|
1307 |
.doc = "Bit length of the prime number used in the" |
|
1308 |
" Diffie-Hellman key exchange", |
|
1309 |
.group = 2 }, |
|
1310 |
{ .name = "priority", .key = 130, |
|
1311 |
.arg = "STRING", |
|
1312 |
.doc = "GnuTLS priority string for the TLS handshake", |
|
1313 |
.group = 1 }, |
|
1314 |
{ .name = "delay", .key = 131, |
|
1315 |
.arg = "SECONDS", |
|
1316 |
.doc = "Maximum delay to wait for interface startup", |
|
1317 |
.group = 2 }, |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1318 |
{ .name = "retry", .key = 132, |
1319 |
.arg = "SECONDS", |
|
1320 |
.doc = "Retry interval used when denied by the mandos server", |
|
1321 |
.group = 2 }, |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1322 |
/* |
1323 |
* These reproduce what we would get without ARGP_NO_HELP
|
|
1324 |
*/
|
|
1325 |
{ .name = "help", .key = '?', |
|
1326 |
.doc = "Give this help list", .group = -1 }, |
|
1327 |
{ .name = "usage", .key = -3, |
|
1328 |
.doc = "Give a short usage message", .group = -1 }, |
|
1329 |
{ .name = "version", .key = 'V', |
|
1330 |
.doc = "Print program version", .group = -1 }, |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1331 |
{ .name = NULL } |
1332 |
}; |
|
1333 |
|
|
1334 |
error_t parse_opt(int key, char *arg, |
|
1335 |
struct argp_state *state){ |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1336 |
errno = 0; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1337 |
switch(key){ |
1338 |
case 128: /* --debug */ |
|
1339 |
debug = true; |
|
1340 |
break; |
|
1341 |
case 'c': /* --connect */ |
|
1342 |
connect_to = arg; |
|
1343 |
break; |
|
1344 |
case 'i': /* --interface */ |
|
1345 |
interface = arg; |
|
1346 |
break; |
|
1347 |
case 's': /* --seckey */ |
|
1348 |
seckey = arg; |
|
1349 |
break; |
|
1350 |
case 'p': /* --pubkey */ |
|
1351 |
pubkey = arg; |
|
1352 |
break; |
|
1353 |
case 129: /* --dh-bits */ |
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1354 |
errno = 0; |
1355 |
tmpmax = strtoimax(arg, &tmp, 10); |
|
1356 |
if(errno != 0 or tmp == arg or *tmp != '\0' |
|
1357 |
or tmpmax != (typeof(mc.dh_bits))tmpmax){ |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1358 |
argp_error(state, "Bad number of DH bits"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1359 |
} |
1360 |
mc.dh_bits = (typeof(mc.dh_bits))tmpmax; |
|
1361 |
break; |
|
1362 |
case 130: /* --priority */ |
|
1363 |
mc.priority = arg; |
|
1364 |
break; |
|
1365 |
case 131: /* --delay */ |
|
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1366 |
errno = 0; |
1367 |
delay = strtof(arg, &tmp); |
|
1368 |
if(errno != 0 or tmp == arg or *tmp != '\0'){ |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1369 |
argp_error(state, "Bad delay"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1370 |
} |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1371 |
case 132: /* --retry */ |
1372 |
errno = 0; |
|
1373 |
retry_interval = strtod(arg, &tmp); |
|
1374 |
if(errno != 0 or tmp == arg or *tmp != '\0' |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1375 |
or (retry_interval * 1000) > INT_MAX |
1376 |
or retry_interval < 0){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1377 |
argp_error(state, "Bad retry interval"); |
1378 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1379 |
break; |
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1380 |
/* |
1381 |
* These reproduce what we would get without ARGP_NO_HELP
|
|
1382 |
*/
|
|
1383 |
case '?': /* --help */ |
|
1384 |
argp_state_help(state, state->out_stream, |
|
1385 |
(ARGP_HELP_STD_HELP | ARGP_HELP_EXIT_ERR) |
|
1386 |
& ~(unsigned int)ARGP_HELP_EXIT_OK); |
|
1387 |
case -3: /* --usage */ |
|
1388 |
argp_state_help(state, state->out_stream, |
|
1389 |
ARGP_HELP_USAGE | ARGP_HELP_EXIT_ERR); |
|
1390 |
case 'V': /* --version */ |
|
1391 |
fprintf(state->out_stream, "%s\n", argp_program_version); |
|
1392 |
exit(argp_err_exit_status); |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1393 |
break; |
1394 |
default: |
|
1395 |
return ARGP_ERR_UNKNOWN; |
|
1396 |
} |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1397 |
return errno; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1398 |
} |
1399 |
|
|
1400 |
struct argp argp = { .options = options, .parser = parse_opt, |
|
1401 |
.args_doc = "", |
|
1402 |
.doc = "Mandos client -- Get and decrypt" |
|
1403 |
" passwords from a Mandos server" }; |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1404 |
ret = argp_parse(&argp, argc, argv, |
1405 |
ARGP_IN_ORDER | ARGP_NO_HELP, 0, NULL); |
|
1406 |
switch(ret){ |
|
1407 |
case 0: |
|
1408 |
break; |
|
1409 |
case ENOMEM: |
|
1410 |
default: |
|
1411 |
errno = ret; |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1412 |
perror_plus("argp_parse"); |
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1413 |
exitcode = EX_OSERR; |
1414 |
goto end; |
|
1415 |
case EINVAL: |
|
1416 |
exitcode = EX_USAGE; |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1417 |
goto end; |
1418 |
} |
|
1419 |
} |
|
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1420 |
|
1421 |
{ |
|
1422 |
/* Work around Debian bug #633582: |
|
1423 |
<http://bugs.debian.org/633582> */
|
|
1424 |
struct stat st; |
|
1425 |
|
|
1426 |
/* Re-raise priviliges */ |
|
1427 |
errno = 0; |
|
1428 |
ret = seteuid(0); |
|
1429 |
if(ret == -1){ |
|
1430 |
perror_plus("seteuid"); |
|
1431 |
} |
|
1432 |
|
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1433 |
if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){ |
1434 |
int seckey_fd = open(seckey, O_RDONLY); |
|
1435 |
if(seckey_fd == -1){ |
|
1436 |
perror_plus("open"); |
|
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1437 |
} else { |
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1438 |
ret = (int)TEMP_FAILURE_RETRY(fstat(seckey_fd, &st)); |
1439 |
if(ret == -1){ |
|
1440 |
perror_plus("fstat"); |
|
1441 |
} else { |
|
1442 |
if(S_ISREG(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){ |
|
1443 |
ret = fchown(seckey_fd, uid, gid); |
|
1444 |
if(ret == -1){ |
|
1445 |
perror_plus("fchown"); |
|
1446 |
} |
|
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1447 |
} |
1448 |
} |
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1449 |
TEMP_FAILURE_RETRY(close(seckey_fd)); |
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1450 |
} |
1451 |
} |
|
1452 |
|
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1453 |
if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){ |
1454 |
int pubkey_fd = open(pubkey, O_RDONLY); |
|
1455 |
if(pubkey_fd == -1){ |
|
1456 |
perror_plus("open"); |
|
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1457 |
} else { |
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1458 |
ret = (int)TEMP_FAILURE_RETRY(fstat(pubkey_fd, &st)); |
1459 |
if(ret == -1){ |
|
1460 |
perror_plus("fstat"); |
|
1461 |
} else { |
|
1462 |
if(S_ISREG(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){ |
|
1463 |
ret = fchown(pubkey_fd, uid, gid); |
|
1464 |
if(ret == -1){ |
|
1465 |
perror_plus("fchown"); |
|
1466 |
} |
|
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1467 |
} |
1468 |
} |
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1469 |
TEMP_FAILURE_RETRY(close(pubkey_fd)); |
237.7.35
by Teddy Hogeborn
* initramfs-tools-script: Abort if plugin-runner is missing. Removed |
1470 |
} |
1471 |
} |
|
1472 |
|
|
1473 |
/* Lower privileges */ |
|
1474 |
errno = 0; |
|
1475 |
ret = seteuid(uid); |
|
1476 |
if(ret == -1){ |
|
1477 |
perror_plus("seteuid"); |
|
1478 |
} |
|
1479 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1480 |
|
24.1.135
by Björn Påhlsson
Earlier signal handling |
1481 |
if(not debug){ |
1482 |
avahi_set_log_function(empty_log); |
|
1483 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1484 |
|
1485 |
if(interface[0] == '\0'){ |
|
1486 |
struct dirent **direntries; |
|
1487 |
ret = scandir(sys_class_net, &direntries, good_interface, |
|
1488 |
alphasort); |
|
1489 |
if(ret >= 1){ |
|
1490 |
/* Pick the first good interface */ |
|
1491 |
interface = strdup(direntries[0]->d_name); |
|
269.1.2
by teddy at bsnet
* plugins.d/mandos-client.c: Added debug output. |
1492 |
if(debug){ |
1493 |
fprintf(stderr, "Using interface \"%s\"\n", interface); |
|
1494 |
} |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1495 |
if(interface == NULL){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1496 |
perror_plus("malloc"); |
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1497 |
free(direntries); |
1498 |
exitcode = EXIT_FAILURE; |
|
1499 |
goto end; |
|
1500 |
} |
|
1501 |
free(direntries); |
|
1502 |
} else { |
|
1503 |
free(direntries); |
|
1504 |
fprintf(stderr, "Could not find a network interface\n"); |
|
1505 |
exitcode = EXIT_FAILURE; |
|
1506 |
goto end; |
|
1507 |
} |
|
1508 |
} |
|
237.2.72
by Teddy Hogeborn
Merge from Björn: |
1509 |
|
24.1.135
by Björn Påhlsson
Earlier signal handling |
1510 |
/* Initialize Avahi early so avahi_simple_poll_quit() can be called |
1511 |
from the signal handler */
|
|
1512 |
/* Initialize the pseudo-RNG for Avahi */ |
|
1513 |
srand((unsigned int) time(NULL)); |
|
1514 |
mc.simple_poll = avahi_simple_poll_new(); |
|
1515 |
if(mc.simple_poll == NULL){ |
|
1516 |
fprintf(stderr, "Avahi: Failed to create simple poll object.\n"); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1517 |
exitcode = EX_UNAVAILABLE; |
24.1.135
by Björn Påhlsson
Earlier signal handling |
1518 |
goto end; |
1519 |
} |
|
237.2.72
by Teddy Hogeborn
Merge from Björn: |
1520 |
|
24.1.135
by Björn Påhlsson
Earlier signal handling |
1521 |
sigemptyset(&sigterm_action.sa_mask); |
237.2.72
by Teddy Hogeborn
Merge from Björn: |
1522 |
ret = sigaddset(&sigterm_action.sa_mask, SIGINT); |
1523 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1524 |
perror_plus("sigaddset"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1525 |
exitcode = EX_OSERR; |
237.2.72
by Teddy Hogeborn
Merge from Björn: |
1526 |
goto end; |
1527 |
} |
|
1528 |
ret = sigaddset(&sigterm_action.sa_mask, SIGHUP); |
|
1529 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1530 |
perror_plus("sigaddset"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1531 |
exitcode = EX_OSERR; |
237.2.72
by Teddy Hogeborn
Merge from Björn: |
1532 |
goto end; |
1533 |
} |
|
24.1.135
by Björn Påhlsson
Earlier signal handling |
1534 |
ret = sigaddset(&sigterm_action.sa_mask, SIGTERM); |
1535 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1536 |
perror_plus("sigaddset"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1537 |
exitcode = EX_OSERR; |
24.1.135
by Björn Påhlsson
Earlier signal handling |
1538 |
goto end; |
1539 |
} |
|
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1540 |
/* Need to check if the handler is SIG_IGN before handling: |
1541 |
| [[info:libc:Initial Signal Actions]] |
|
|
1542 |
| [[info:libc:Basic Signal Handling]] |
|
|
1543 |
*/
|
|
1544 |
ret = sigaction(SIGINT, NULL, &old_sigterm_action); |
|
1545 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1546 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1547 |
return EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1548 |
} |
1549 |
if(old_sigterm_action.sa_handler != SIG_IGN){ |
|
1550 |
ret = sigaction(SIGINT, &sigterm_action, NULL); |
|
1551 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1552 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1553 |
exitcode = EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1554 |
goto end; |
1555 |
} |
|
1556 |
} |
|
1557 |
ret = sigaction(SIGHUP, NULL, &old_sigterm_action); |
|
1558 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1559 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1560 |
return EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1561 |
} |
1562 |
if(old_sigterm_action.sa_handler != SIG_IGN){ |
|
1563 |
ret = sigaction(SIGHUP, &sigterm_action, NULL); |
|
1564 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1565 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1566 |
exitcode = EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1567 |
goto end; |
1568 |
} |
|
1569 |
} |
|
1570 |
ret = sigaction(SIGTERM, NULL, &old_sigterm_action); |
|
1571 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1572 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1573 |
return EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1574 |
} |
1575 |
if(old_sigterm_action.sa_handler != SIG_IGN){ |
|
1576 |
ret = sigaction(SIGTERM, &sigterm_action, NULL); |
|
1577 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1578 |
perror_plus("sigaction"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1579 |
exitcode = EX_OSERR; |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
1580 |
goto end; |
1581 |
} |
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
1582 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1583 |
|
1584 |
/* If the interface is down, bring it up */ |
|
269.1.1
by teddy at bsnet
* plugins.d/mandos-client.c: An empty interface name now means to |
1585 |
if(strcmp(interface, "none") != 0){ |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1586 |
if_index = (AvahiIfIndex) if_nametoindex(interface); |
1587 |
if(if_index == 0){ |
|
1588 |
fprintf(stderr, "No such interface: \"%s\"\n", interface); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1589 |
exitcode = EX_UNAVAILABLE; |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1590 |
goto end; |
1591 |
} |
|
1592 |
|
|
1593 |
if(quit_now){ |
|
1594 |
goto end; |
|
1595 |
} |
|
1596 |
|
|
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1597 |
/* Re-raise priviliges */ |
1598 |
errno = 0; |
|
1599 |
ret = seteuid(0); |
|
1600 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1601 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1602 |
} |
1603 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1604 |
#ifdef __linux__
|
1605 |
/* Lower kernel loglevel to KERN_NOTICE to avoid KERN_INFO |
|
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1606 |
messages about the network interface to mess up the prompt */
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1607 |
ret = klogctl(8, NULL, 5); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1608 |
bool restore_loglevel = true; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1609 |
if(ret == -1){ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1610 |
restore_loglevel = false; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1611 |
perror_plus("klogctl"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1612 |
} |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1613 |
#endif /* __linux__ */ |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1614 |
|
1615 |
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP); |
|
1616 |
if(sd < 0){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1617 |
perror_plus("socket"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1618 |
exitcode = EX_OSERR; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1619 |
#ifdef __linux__
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1620 |
if(restore_loglevel){ |
1621 |
ret = klogctl(7, NULL, 0); |
|
1622 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1623 |
perror_plus("klogctl"); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1624 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1625 |
} |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1626 |
#endif /* __linux__ */ |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1627 |
/* Lower privileges */ |
1628 |
errno = 0; |
|
1629 |
ret = seteuid(uid); |
|
1630 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1631 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1632 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1633 |
goto end; |
1634 |
} |
|
1635 |
strcpy(network.ifr_name, interface); |
|
1636 |
ret = ioctl(sd, SIOCGIFFLAGS, &network); |
|
1637 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1638 |
perror_plus("ioctl SIOCGIFFLAGS"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1639 |
#ifdef __linux__
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1640 |
if(restore_loglevel){ |
1641 |
ret = klogctl(7, NULL, 0); |
|
1642 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1643 |
perror_plus("klogctl"); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1644 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1645 |
} |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1646 |
#endif /* __linux__ */ |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1647 |
exitcode = EX_OSERR; |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1648 |
/* Lower privileges */ |
1649 |
errno = 0; |
|
1650 |
ret = seteuid(uid); |
|
1651 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1652 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1653 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1654 |
goto end; |
1655 |
} |
|
1656 |
if((network.ifr_flags & IFF_UP) == 0){ |
|
1657 |
network.ifr_flags |= IFF_UP; |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1658 |
take_down_interface = true; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1659 |
ret = ioctl(sd, SIOCSIFFLAGS, &network); |
1660 |
if(ret == -1){ |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1661 |
take_down_interface = false; |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1662 |
perror_plus("ioctl SIOCSIFFLAGS +IFF_UP"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1663 |
exitcode = EX_OSERR; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1664 |
#ifdef __linux__
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1665 |
if(restore_loglevel){ |
1666 |
ret = klogctl(7, NULL, 0); |
|
1667 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1668 |
perror_plus("klogctl"); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1669 |
} |
24.1.124
by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console. |
1670 |
} |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1671 |
#endif /* __linux__ */ |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1672 |
/* Lower privileges */ |
1673 |
errno = 0; |
|
1674 |
ret = seteuid(uid); |
|
1675 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1676 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1677 |
} |
65
by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network |
1678 |
goto end; |
1679 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1680 |
} |
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1681 |
/* Sleep checking until interface is running. |
1682 |
Check every 0.25s, up to total time of delay */
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1683 |
for(int i=0; i < delay * 4; i++){ |
65
by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network |
1684 |
ret = ioctl(sd, SIOCGIFFLAGS, &network); |
1685 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1686 |
perror_plus("ioctl SIOCGIFFLAGS"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1687 |
} else if(network.ifr_flags & IFF_RUNNING){ |
1688 |
break; |
|
1689 |
} |
|
1690 |
struct timespec sleeptime = { .tv_nsec = 250000000 }; |
|
1691 |
ret = nanosleep(&sleeptime, NULL); |
|
1692 |
if(ret == -1 and errno != EINTR){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1693 |
perror_plus("nanosleep"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1694 |
} |
1695 |
} |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1696 |
if(not take_down_interface){ |
1697 |
/* We won't need the socket anymore */ |
|
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1698 |
ret = (int)TEMP_FAILURE_RETRY(close(sd)); |
1699 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1700 |
perror_plus("close"); |
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1701 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1702 |
} |
1703 |
#ifdef __linux__
|
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1704 |
if(restore_loglevel){ |
1705 |
/* Restores kernel loglevel to default */ |
|
1706 |
ret = klogctl(7, NULL, 0); |
|
1707 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1708 |
perror_plus("klogctl"); |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1709 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1710 |
} |
237.2.71
by Teddy Hogeborn
* plugin-runner.c: Comment change. |
1711 |
#endif /* __linux__ */ |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1712 |
/* Lower privileges */ |
1713 |
errno = 0; |
|
1714 |
if(take_down_interface){ |
|
1715 |
/* Lower privileges */ |
|
1716 |
ret = seteuid(uid); |
|
1717 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1718 |
perror_plus("seteuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1719 |
} |
1720 |
} else { |
|
1721 |
/* Lower privileges permanently */ |
|
1722 |
ret = setuid(uid); |
|
1723 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1724 |
perror_plus("setuid"); |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1725 |
} |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1726 |
} |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1727 |
} |
1728 |
|
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1729 |
if(quit_now){ |
1730 |
goto end; |
|
1731 |
} |
|
1732 |
|
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1733 |
ret = init_gnutls_global(pubkey, seckey); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1734 |
if(ret == -1){ |
1735 |
fprintf(stderr, "init_gnutls_global failed\n"); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1736 |
exitcode = EX_UNAVAILABLE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1737 |
goto end; |
1738 |
} else { |
|
1739 |
gnutls_initialized = true; |
|
1740 |
} |
|
1741 |
|
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1742 |
if(quit_now){ |
1743 |
goto end; |
|
1744 |
} |
|
1745 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1746 |
if(mkdtemp(tempdir) == NULL){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1747 |
perror_plus("mkdtemp"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1748 |
goto end; |
1749 |
} |
|
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1750 |
tempdir_created = true; |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1751 |
|
1752 |
if(quit_now){ |
|
1753 |
goto end; |
|
1754 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1755 |
|
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1756 |
if(not init_gpgme(pubkey, seckey, tempdir)){ |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1757 |
fprintf(stderr, "init_gpgme failed\n"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1758 |
exitcode = EX_UNAVAILABLE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1759 |
goto end; |
1760 |
} else { |
|
1761 |
gpgme_initialized = true; |
|
1762 |
} |
|
1763 |
|
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1764 |
if(quit_now){ |
1765 |
goto end; |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1766 |
} |
1767 |
|
|
1768 |
if(connect_to != NULL){ |
|
1769 |
/* Connect directly, do not use Zeroconf */ |
|
1770 |
/* (Mainly meant for debugging) */ |
|
1771 |
char *address = strrchr(connect_to, ':'); |
|
1772 |
if(address == NULL){ |
|
1773 |
fprintf(stderr, "No colon in address\n"); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1774 |
exitcode = EX_USAGE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1775 |
goto end; |
1776 |
} |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1777 |
|
1778 |
if(quit_now){ |
|
1779 |
goto end; |
|
1780 |
} |
|
1781 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1782 |
uint16_t port; |
237.2.74
by Teddy Hogeborn
Overflows are not detected by sscanf(), so stop using it: |
1783 |
errno = 0; |
1784 |
tmpmax = strtoimax(address+1, &tmp, 10); |
|
1785 |
if(errno != 0 or tmp == address+1 or *tmp != '\0' |
|
1786 |
or tmpmax != (uint16_t)tmpmax){ |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1787 |
fprintf(stderr, "Bad port number\n"); |
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1788 |
exitcode = EX_USAGE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1789 |
goto end; |
1790 |
} |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1791 |
|
1792 |
if(quit_now){ |
|
1793 |
goto end; |
|
1794 |
} |
|
1795 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1796 |
port = (uint16_t)tmpmax; |
1797 |
*address = '\0'; |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1798 |
/* Colon in address indicates IPv6 */ |
1799 |
int af; |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1800 |
if(strchr(connect_to, ':') != NULL){ |
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1801 |
af = AF_INET6; |
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1802 |
/* Accept [] around IPv6 address - see RFC 5952 */ |
1803 |
if(connect_to[0] == '[' and address[-1] == ']') |
|
1804 |
{ |
|
1805 |
connect_to++; |
|
1806 |
address[-1] = '\0'; |
|
1807 |
} |
|
237.2.67
by Teddy Hogeborn
Four new interrelated features: |
1808 |
} else { |
1809 |
af = AF_INET; |
|
1810 |
} |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1811 |
address = connect_to; |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1812 |
|
1813 |
if(quit_now){ |
|
1814 |
goto end; |
|
1815 |
} |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1816 |
|
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
1817 |
while(not quit_now){ |
1818 |
ret = start_mandos_communication(address, port, if_index, af); |
|
1819 |
if(quit_now or ret == 0){ |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1820 |
break; |
1821 |
} |
|
237.7.39
by teddy at bsnet
* plugins.d/mandos-client.c (avahi_loop_with_timeout): Fix warning. |
1822 |
if(debug){ |
1823 |
fprintf(stderr, "Retrying in %d seconds\n", |
|
1824 |
(int)retry_interval); |
|
1825 |
} |
|
1826 |
sleep((int)retry_interval); |
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1827 |
} |
1828 |
|
|
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
1829 |
if (not quit_now){ |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1830 |
exitcode = EXIT_SUCCESS; |
1831 |
} |
|
24.1.163
by Björn Påhlsson
mandos-client: Added never ending loop for --connect |
1832 |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1833 |
goto end; |
1834 |
} |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1835 |
|
1836 |
if(quit_now){ |
|
1837 |
goto end; |
|
1838 |
} |
|
1839 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1840 |
{ |
1841 |
AvahiServerConfig config; |
|
1842 |
/* Do not publish any local Zeroconf records */ |
|
1843 |
avahi_server_config_init(&config); |
|
1844 |
config.publish_hinfo = 0; |
|
1845 |
config.publish_addresses = 0; |
|
1846 |
config.publish_workstation = 0; |
|
1847 |
config.publish_domain = 0; |
|
1848 |
|
|
1849 |
/* Allocate a new server */ |
|
1850 |
mc.server = avahi_server_new(avahi_simple_poll_get |
|
1851 |
(mc.simple_poll), &config, NULL, |
|
1852 |
NULL, &error); |
|
1853 |
|
|
1854 |
/* Free the Avahi configuration data */ |
|
1855 |
avahi_server_config_free(&config); |
|
1856 |
} |
|
1857 |
|
|
1858 |
/* Check if creating the Avahi server object succeeded */ |
|
1859 |
if(mc.server == NULL){ |
|
1860 |
fprintf(stderr, "Failed to create Avahi server: %s\n", |
|
1861 |
avahi_strerror(error)); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1862 |
exitcode = EX_UNAVAILABLE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1863 |
goto end; |
1864 |
} |
|
1865 |
|
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1866 |
if(quit_now){ |
1867 |
goto end; |
|
1868 |
} |
|
1869 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1870 |
/* Create the Avahi service browser */ |
1871 |
sb = avahi_s_service_browser_new(mc.server, if_index, |
|
237.2.76
by Teddy Hogeborn
* plugins.d/mandos-client.c (browse_callback, main): Do not require |
1872 |
AVAHI_PROTO_UNSPEC, "_mandos._tcp", |
24.1.134
by Björn Påhlsson
plugin-runner: Added support for empty string arguments |
1873 |
NULL, 0, browse_callback, NULL); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1874 |
if(sb == NULL){ |
1875 |
fprintf(stderr, "Failed to create service browser: %s\n", |
|
1876 |
avahi_strerror(avahi_server_errno(mc.server))); |
|
237.2.162
by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment. |
1877 |
exitcode = EX_UNAVAILABLE; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1878 |
goto end; |
1879 |
} |
|
237.2.70
by Teddy Hogeborn
Merge from Björn: |
1880 |
|
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1881 |
if(quit_now){ |
1882 |
goto end; |
|
1883 |
} |
|
1884 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1885 |
/* Run the main loop */ |
1886 |
|
|
1887 |
if(debug){ |
|
1888 |
fprintf(stderr, "Starting Avahi loop search\n"); |
|
1889 |
} |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1890 |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1891 |
ret = avahi_loop_with_timeout(mc.simple_poll, |
1892 |
(int)(retry_interval * 1000)); |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1893 |
if(debug){ |
1894 |
fprintf(stderr, "avahi_loop_with_timeout exited %s\n", |
|
1895 |
(ret == 0) ? "successfully" : "with error"); |
|
1896 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1897 |
|
40
by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its |
1898 |
end: |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1899 |
|
1900 |
if(debug){ |
|
1901 |
fprintf(stderr, "%s exiting\n", argv[0]); |
|
1902 |
} |
|
1903 |
|
|
1904 |
/* Cleanup things */ |
|
1905 |
if(sb != NULL) |
|
1906 |
avahi_s_service_browser_free(sb); |
|
1907 |
|
|
1908 |
if(mc.server != NULL) |
|
1909 |
avahi_server_free(mc.server); |
|
1910 |
|
|
1911 |
if(mc.simple_poll != NULL) |
|
1912 |
avahi_simple_poll_free(mc.simple_poll); |
|
1913 |
|
|
1914 |
if(gnutls_initialized){ |
|
1915 |
gnutls_certificate_free_credentials(mc.cred); |
|
1916 |
gnutls_global_deinit(); |
|
1917 |
gnutls_dh_params_deinit(mc.dh_params); |
|
1918 |
} |
|
1919 |
|
|
1920 |
if(gpgme_initialized){ |
|
1921 |
gpgme_release(mc.ctx); |
|
1922 |
} |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1923 |
|
237.7.33
by Teddy Hogeborn
Merge from Björn. |
1924 |
/* Cleans up the circular linked list of Mandos servers the client |
1925 |
has seen */
|
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1926 |
if(mc.current_server != NULL){ |
1927 |
mc.current_server->prev->next = NULL; |
|
1928 |
while(mc.current_server != NULL){ |
|
1929 |
server *next = mc.current_server->next; |
|
1930 |
free(mc.current_server); |
|
1931 |
mc.current_server = next; |
|
1932 |
} |
|
1933 |
} |
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1934 |
|
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1935 |
/* Take down the network interface */ |
237.2.116
by Teddy Hogeborn
* plugins.d/mandos-client.c (quit_now): Move up declaration before |
1936 |
if(take_down_interface){ |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1937 |
/* Re-raise priviliges */ |
1938 |
errno = 0; |
|
1939 |
ret = seteuid(0); |
|
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1940 |
if(ret == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1941 |
perror_plus("seteuid"); |
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1942 |
} |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1943 |
if(geteuid() == 0){ |
1944 |
ret = ioctl(sd, SIOCGIFFLAGS, &network); |
|
1945 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1946 |
perror_plus("ioctl SIOCGIFFLAGS"); |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1947 |
} else if(network.ifr_flags & IFF_UP) { |
237.2.157
by Teddy Hogeborn
Convert some programs to use the exit codes from <sysexits.h>. Change |
1948 |
network.ifr_flags &= ~(short)IFF_UP; /* clear flag */ |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1949 |
ret = ioctl(sd, SIOCSIFFLAGS, &network); |
1950 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1951 |
perror_plus("ioctl SIOCSIFFLAGS -IFF_UP"); |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1952 |
} |
1953 |
} |
|
1954 |
ret = (int)TEMP_FAILURE_RETRY(close(sd)); |
|
1955 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1956 |
perror_plus("close"); |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1957 |
} |
237.2.131
by Teddy Hogeborn
* plugins.d/mandos-client.c (init_gnutls_session): Retry interrupted |
1958 |
/* Lower privileges permanently */ |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1959 |
errno = 0; |
1960 |
ret = setuid(uid); |
|
1961 |
if(ret == -1){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1962 |
perror_plus("setuid"); |
237.2.128
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid(). |
1963 |
} |
237.2.113
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Take down network interface on |
1964 |
} |
1965 |
} |
|
1966 |
|
|
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1967 |
/* Removes the GPGME temp directory and all files inside */ |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1968 |
if(tempdir_created){ |
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1969 |
struct dirent **direntries = NULL; |
1970 |
struct dirent *direntry = NULL; |
|
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1971 |
int numentries = scandir(tempdir, &direntries, notdotentries, |
1972 |
alphasort); |
|
1973 |
if (numentries > 0){ |
|
1974 |
for(int i = 0; i < numentries; i++){ |
|
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1975 |
direntry = direntries[i]; |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1976 |
char *fullname = NULL; |
1977 |
ret = asprintf(&fullname, "%s/%s", tempdir, |
|
1978 |
direntry->d_name); |
|
1979 |
if(ret < 0){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1980 |
perror_plus("asprintf"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1981 |
continue; |
1982 |
} |
|
1983 |
ret = remove(fullname); |
|
1984 |
if(ret == -1){ |
|
1985 |
fprintf(stderr, "remove(\"%s\"): %s\n", fullname, |
|
1986 |
strerror(errno)); |
|
1987 |
} |
|
1988 |
free(fullname); |
|
1989 |
} |
|
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1990 |
} |
1991 |
||
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1992 |
/* need to clean even if 0 because man page doesn't specify */ |
24.1.172
by Björn Påhlsson
using scandir instead of readdir |
1993 |
free(direntries); |
237.7.40
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not even try to work around |
1994 |
if (numentries == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1995 |
perror_plus("scandir"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
1996 |
} |
1997 |
ret = rmdir(tempdir); |
|
1998 |
if(ret == -1 and errno != ENOENT){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
1999 |
perror_plus("rmdir"); |
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
2000 |
} |
2001 |
} |
|
2002 |
|
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
2003 |
if(quit_now){ |
237.2.120
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Do not handle ignored signals. |
2004 |
sigemptyset(&old_sigterm_action.sa_mask); |
2005 |
old_sigterm_action.sa_handler = SIG_DFL; |
|
237.2.137
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Try harder to raise signal on |
2006 |
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received, |
2007 |
&old_sigterm_action, |
|
2008 |
NULL)); |
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
2009 |
if(ret == -1){ |
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
2010 |
perror_plus("sigaction"); |
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
2011 |
} |
237.2.137
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Try harder to raise signal on |
2012 |
do { |
2013 |
ret = raise(signal_received); |
|
2014 |
} while(ret != 0 and errno == EINTR); |
|
2015 |
if(ret != 0){ |
|
24.1.174
by Björn Påhlsson
* Makefile (CFLAGS): Added "-lrt" to include real time library. |
2016 |
perror_plus("raise"); |
237.2.137
by Teddy Hogeborn
* plugins.d/mandos-client.c (main): Try harder to raise signal on |
2017 |
abort(); |
2018 |
} |
|
2019 |
TEMP_FAILURE_RETRY(pause()); |
|
237.2.117
by Teddy Hogeborn
* plugins.d/mandos-client.c (signal_received): New. |
2020 |
} |
2021 |
|
|
237.2.56
by Teddy Hogeborn
* plugin-runner.c: Whitespace changes only. |
2022 |
return exitcode; |
13
by Björn Påhlsson
Added following support: |
2023 |
}
|