/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1
/*  -*- coding: utf-8 -*- */
2
/*
237.2.24 by Teddy Hogeborn
* plugins.d/askpass-fifo.c: Fix name in header.
3
 * Mandos-client - get and decrypt data from a Mandos server
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
4
 *
5
 * This program is partly derived from an example program for an Avahi
6
 * service browser, downloaded from
7
 * <http://avahi.org/browser/examples/core-browse-services.c>.  This
8
 * includes the following functions: "resolve_callback",
9
 * "browse_callback", and parts of "main".
10
 * 
28 by Teddy Hogeborn
* server.conf: New file.
11
 * Everything else is
237.2.9 by Teddy Hogeborn
* README: Update copyright year; add "2009".
12
 * Copyright © 2008,2009 Teddy Hogeborn
13
 * Copyright © 2008,2009 Björn Påhlsson
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
14
 * 
15
 * This program is free software: you can redistribute it and/or
16
 * modify it under the terms of the GNU General Public License as
17
 * published by the Free Software Foundation, either version 3 of the
18
 * License, or (at your option) any later version.
19
 * 
20
 * This program is distributed in the hope that it will be useful, but
21
 * WITHOUT ANY WARRANTY; without even the implied warranty of
22
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
23
 * General Public License for more details.
24
 * 
25
 * You should have received a copy of the GNU General Public License
26
 * along with this program.  If not, see
27
 * <http://www.gnu.org/licenses/>.
28
 * 
31 by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments.
29
 * Contact the authors at <mandos@fukt.bsnet.se>.
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
30
 */
31
28 by Teddy Hogeborn
* server.conf: New file.
32
/* Needed by GPGME, specifically gpgme_data_seek() */
13 by Björn Påhlsson
Added following support:
33
#define _LARGEFILE_SOURCE
34
#define _FILE_OFFSET_BITS 64
35
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
36
#define _GNU_SOURCE		/* TEMP_FAILURE_RETRY(), asprintf() */
24.1.10 by Björn Påhlsson
merge commit
37
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
38
#include <stdio.h>		/* fprintf(), stderr, fwrite(),
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
39
				   stdout, ferror(), sscanf */
24.1.26 by Björn Påhlsson
tally count of used symbols
40
#include <stdint.h> 		/* uint16_t, uint32_t */
41
#include <stddef.h>		/* NULL, size_t, ssize_t */
24.1.29 by Björn Påhlsson
Added more header file comments
42
#include <stdlib.h> 		/* free(), EXIT_SUCCESS, EXIT_FAILURE,
43
				   srand() */
24.1.26 by Björn Påhlsson
tally count of used symbols
44
#include <stdbool.h>		/* bool, true */
24.1.29 by Björn Påhlsson
Added more header file comments
45
#include <string.h>		/* memset(), strcmp(), strlen(),
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
46
				   strerror(), asprintf(), strcpy() */
24.1.29 by Björn Påhlsson
Added more header file comments
47
#include <sys/ioctl.h>          /* ioctl */
24.1.26 by Björn Påhlsson
tally count of used symbols
48
#include <sys/types.h>		/* socket(), inet_pton(), sockaddr,
24.1.29 by Björn Påhlsson
Added more header file comments
49
				   sockaddr_in6, PF_INET6,
50
				   SOCK_STREAM, INET6_ADDRSTRLEN,
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
51
				   uid_t, gid_t, open(), opendir(),
52
				   DIR */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
53
#include <sys/stat.h>		/* open() */
24.1.26 by Björn Påhlsson
tally count of used symbols
54
#include <sys/socket.h>		/* socket(), struct sockaddr_in6,
55
				   struct in6_addr, inet_pton(),
56
				   connect() */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
57
#include <fcntl.h>		/* open() */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
58
#include <dirent.h>		/* opendir(), struct dirent, readdir()
59
				 */
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
60
#include <inttypes.h>		/* PRIu16, intmax_t, SCNdMAX */
24.1.29 by Björn Påhlsson
Added more header file comments
61
#include <assert.h>		/* assert() */
62
#include <errno.h>		/* perror(), errno */
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
63
#include <time.h>		/* time(), nanosleep() */
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
64
#include <net/if.h>		/* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
24.1.26 by Björn Påhlsson
tally count of used symbols
65
				   SIOCSIFFLAGS, if_indextoname(),
66
				   if_nametoindex(), IF_NAMESIZE */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
67
#include <netinet/in.h>
24.1.29 by Björn Påhlsson
Added more header file comments
68
#include <unistd.h>		/* close(), SEEK_SET, off_t, write(),
69
				   getuid(), getgid(), setuid(),
70
				   setgid() */
24.1.26 by Björn Påhlsson
tally count of used symbols
71
#include <arpa/inet.h>		/* inet_pton(), htons */
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
72
#include <iso646.h>		/* not, and, or */
24.1.29 by Björn Påhlsson
Added more header file comments
73
#include <argp.h>		/* struct argp_option, error_t, struct
74
				   argp_state, struct argp,
75
				   argp_parse(), ARGP_KEY_ARG,
76
				   ARGP_KEY_END, ARGP_ERR_UNKNOWN */
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
77
#include <sys/klog.h> 		/* klogctl() */
24.1.26 by Björn Påhlsson
tally count of used symbols
78
79
/* Avahi */
24.1.29 by Björn Påhlsson
Added more header file comments
80
/* All Avahi types, constants and functions
81
 Avahi*, avahi_*,
82
 AVAHI_* */
83
#include <avahi-core/core.h>
24.1.26 by Björn Påhlsson
tally count of used symbols
84
#include <avahi-core/lookup.h>
24.1.29 by Björn Påhlsson
Added more header file comments
85
#include <avahi-core/log.h>
24.1.26 by Björn Påhlsson
tally count of used symbols
86
#include <avahi-common/simple-watch.h>
87
#include <avahi-common/malloc.h>
88
#include <avahi-common/error.h>
89
90
/* GnuTLS */
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
91
#include <gnutls/gnutls.h>	/* All GnuTLS types, constants and
92
				   functions:
24.1.29 by Björn Påhlsson
Added more header file comments
93
				   gnutls_*
24.1.26 by Björn Påhlsson
tally count of used symbols
94
				   init_gnutls_session(),
24.1.29 by Björn Påhlsson
Added more header file comments
95
				   GNUTLS_* */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
96
#include <gnutls/openpgp.h>
97
			  /* gnutls_certificate_set_openpgp_key_file(),
24.1.29 by Björn Påhlsson
Added more header file comments
98
				   GNUTLS_OPENPGP_FMT_BASE64 */
24.1.26 by Björn Påhlsson
tally count of used symbols
99
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
100
/* GPGME */
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
101
#include <gpgme.h> 		/* All GPGME types, constants and
102
				   functions:
24.1.29 by Björn Påhlsson
Added more header file comments
103
				   gpgme_*
24.1.26 by Björn Påhlsson
tally count of used symbols
104
				   GPGME_PROTOCOL_OpenPGP,
24.1.29 by Björn Påhlsson
Added more header file comments
105
				   GPG_ERR_NO_* */
13 by Björn Påhlsson
Added following support:
106
107
#define BUFFER_SIZE 256
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
108
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
109
#define PATHDIR "/conf/conf.d/mandos"
110
#define SECKEY "seckey.txt"
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
111
#define PUBKEY "pubkey.txt"
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
112
15.1.2 by Björn Påhlsson
Added debug options from passprompt as --debug and --debug=passprompt
113
bool debug = false;
43 by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes.
114
static const char mandos_protocol_version[] = "1";
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
115
const char *argp_program_version = "mandos-client " VERSION;
24.1.14 by Björn Påhlsson
mandosclient
116
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
24.1.10 by Björn Påhlsson
merge commit
117
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
118
/* Used for passing in values through the Avahi callback functions */
13 by Björn Påhlsson
Added following support:
119
typedef struct {
24.1.9 by Björn Påhlsson
not working midwork...
120
  AvahiSimplePoll *simple_poll;
121
  AvahiServer *server;
13 by Björn Påhlsson
Added following support:
122
  gnutls_certificate_credentials_t cred;
24.1.9 by Björn Påhlsson
not working midwork...
123
  unsigned int dh_bits;
24.1.13 by Björn Påhlsson
mandosclient
124
  gnutls_dh_params_t dh_params;
24.1.9 by Björn Påhlsson
not working midwork...
125
  const char *priority;
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
126
  gpgme_ctx_t ctx;
24.1.9 by Björn Påhlsson
not working midwork...
127
} mandos_context;
13 by Björn Påhlsson
Added following support:
128
43 by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes.
129
/*
130
 * Make room in "buffer" for at least BUFFER_SIZE additional bytes.
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
131
 * "buffer_capacity" is how much is currently allocated,
43 by Teddy Hogeborn
* plugins.d/mandosclient.c: Cosmetic changes.
132
 * "buffer_length" is how much is already used.
133
 */
24.1.12 by Björn Påhlsson
merge +
134
size_t adjustbuffer(char **buffer, size_t buffer_length,
24.1.10 by Björn Påhlsson
merge commit
135
		  size_t buffer_capacity){
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
136
  if(buffer_length + BUFFER_SIZE > buffer_capacity){
24.1.12 by Björn Påhlsson
merge +
137
    *buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
138
    if(buffer == NULL){
24.1.10 by Björn Påhlsson
merge commit
139
      return 0;
140
    }
141
    buffer_capacity += BUFFER_SIZE;
142
  }
143
  return buffer_capacity;
144
}
145
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
146
/* 
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
147
 * Initialize GPGME.
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
148
 */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
149
static bool init_gpgme(mandos_context *mc, const char *seckey,
150
		       const char *pubkey, const char *tempdir){
151
  int ret;
13 by Björn Påhlsson
Added following support:
152
  gpgme_error_t rc;
153
  gpgme_engine_info_t engine_info;
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
154
  
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
155
  
156
  /*
157
   * Helper function to insert pub and seckey to the enigne keyring.
158
   */
159
  bool import_key(const char *filename){
160
    int fd;
161
    gpgme_data_t pgp_data;
162
    
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
163
    fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
164
    if(fd == -1){
165
      perror("open");
166
      return false;
167
    }
168
    
169
    rc = gpgme_data_new_from_fd(&pgp_data, fd);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
170
    if(rc != GPG_ERR_NO_ERROR){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
171
      fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
172
	      gpgme_strsource(rc), gpgme_strerror(rc));
173
      return false;
174
    }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
175
    
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
176
    rc = gpgme_op_import(mc->ctx, pgp_data);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
177
    if(rc != GPG_ERR_NO_ERROR){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
178
      fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
179
	      gpgme_strsource(rc), gpgme_strerror(rc));
180
      return false;
181
    }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
182
    
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
183
    ret = (int)TEMP_FAILURE_RETRY(close(fd));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
184
    if(ret == -1){
185
      perror("close");
186
    }
187
    gpgme_data_release(pgp_data);
188
    return true;
189
  }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
190
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
191
  if(debug){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
192
    fprintf(stderr, "Initialize gpgme\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
193
  }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
194
  
13 by Björn Påhlsson
Added following support:
195
  /* Init GPGME */
196
  gpgme_check_version(NULL);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
197
  rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
198
  if(rc != GPG_ERR_NO_ERROR){
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
199
    fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
200
	    gpgme_strsource(rc), gpgme_strerror(rc));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
201
    return false;
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
202
  }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
203
  
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
204
    /* Set GPGME home directory for the OpenPGP engine only */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
205
  rc = gpgme_get_engine_info(&engine_info);
206
  if(rc != GPG_ERR_NO_ERROR){
13 by Björn Påhlsson
Added following support:
207
    fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
208
	    gpgme_strsource(rc), gpgme_strerror(rc));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
209
    return false;
13 by Björn Påhlsson
Added following support:
210
  }
211
  while(engine_info != NULL){
212
    if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
213
      gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
214
			    engine_info->file_name, tempdir);
13 by Björn Påhlsson
Added following support:
215
      break;
216
    }
217
    engine_info = engine_info->next;
218
  }
219
  if(engine_info == NULL){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
220
    fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);
221
    return false;
222
  }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
223
  
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
224
  /* Create new GPGME "context" */
225
  rc = gpgme_new(&(mc->ctx));
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
226
  if(rc != GPG_ERR_NO_ERROR){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
227
    fprintf(stderr, "bad gpgme_new: %s: %s\n",
228
	    gpgme_strsource(rc), gpgme_strerror(rc));
229
    return false;
230
  }
231
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
232
  if(not import_key(pubkey) or not import_key(seckey)){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
233
    return false;
234
  }
235
  
236
  return true; 
237
}
238
239
/* 
240
 * Decrypt OpenPGP data.
241
 * Returns -1 on error
242
 */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
243
static ssize_t pgp_packet_decrypt(const mandos_context *mc,
244
				  const char *cryptotext,
245
				  size_t crypto_size,
246
				  char **plaintext){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
247
  gpgme_data_t dh_crypto, dh_plain;
248
  gpgme_error_t rc;
249
  ssize_t ret;
250
  size_t plaintext_capacity = 0;
251
  ssize_t plaintext_length = 0;
252
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
253
  if(debug){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
254
    fprintf(stderr, "Trying to decrypt OpenPGP data\n");
13 by Björn Påhlsson
Added following support:
255
  }
256
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
257
  /* Create new GPGME data buffer from memory cryptotext */
258
  rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
259
			       0);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
260
  if(rc != GPG_ERR_NO_ERROR){
13 by Björn Påhlsson
Added following support:
261
    fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
262
	    gpgme_strsource(rc), gpgme_strerror(rc));
263
    return -1;
264
  }
265
  
266
  /* Create new empty GPGME data buffer for the plaintext */
267
  rc = gpgme_data_new(&dh_plain);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
268
  if(rc != GPG_ERR_NO_ERROR){
13 by Björn Påhlsson
Added following support:
269
    fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
270
	    gpgme_strsource(rc), gpgme_strerror(rc));
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
271
    gpgme_data_release(dh_crypto);
13 by Björn Påhlsson
Added following support:
272
    return -1;
273
  }
274
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
275
  /* Decrypt data from the cryptotext data buffer to the plaintext
276
     data buffer */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
277
  rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
278
  if(rc != GPG_ERR_NO_ERROR){
13 by Björn Påhlsson
Added following support:
279
    fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
280
	    gpgme_strsource(rc), gpgme_strerror(rc));
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
281
    plaintext_length = -1;
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
282
    if(debug){
99 by Teddy Hogeborn
* mandos (fingerprint): Bug fix: Check crtverify.value, not crtverify.
283
      gpgme_decrypt_result_t result;
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
284
      result = gpgme_op_decrypt_result(mc->ctx);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
285
      if(result == NULL){
99 by Teddy Hogeborn
* mandos (fingerprint): Bug fix: Check crtverify.value, not crtverify.
286
	fprintf(stderr, "gpgme_op_decrypt_result failed\n");
287
      } else {
288
	fprintf(stderr, "Unsupported algorithm: %s\n",
289
		result->unsupported_algorithm);
290
	fprintf(stderr, "Wrong key usage: %u\n",
291
		result->wrong_key_usage);
292
	if(result->file_name != NULL){
293
	  fprintf(stderr, "File name: %s\n", result->file_name);
294
	}
295
	gpgme_recipient_t recipient;
296
	recipient = result->recipients;
297
	if(recipient){
298
	  while(recipient != NULL){
299
	    fprintf(stderr, "Public key algorithm: %s\n",
300
		    gpgme_pubkey_algo_name(recipient->pubkey_algo));
301
	    fprintf(stderr, "Key ID: %s\n", recipient->keyid);
302
	    fprintf(stderr, "Secret key available: %s\n",
303
		    recipient->status == GPG_ERR_NO_SECKEY
304
		    ? "No" : "Yes");
305
	    recipient = recipient->next;
306
	  }
307
	}
308
      }
309
    }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
310
    goto decrypt_end;
13 by Björn Påhlsson
Added following support:
311
  }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
312
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
313
  if(debug){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
314
    fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
315
  }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
316
  
13 by Björn Påhlsson
Added following support:
317
  /* Seek back to the beginning of the GPGME plaintext data buffer */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
318
  if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
319
    perror("gpgme_data_seek");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
320
    plaintext_length = -1;
321
    goto decrypt_end;
24.1.5 by Björn Påhlsson
plugbasedclient:
322
  }
323
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
324
  *plaintext = NULL;
13 by Björn Påhlsson
Added following support:
325
  while(true){
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
326
    plaintext_capacity = adjustbuffer(plaintext,
327
				      (size_t)plaintext_length,
24.1.12 by Björn Påhlsson
merge +
328
				      plaintext_capacity);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
329
    if(plaintext_capacity == 0){
24.1.10 by Björn Påhlsson
merge commit
330
	perror("adjustbuffer");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
331
	plaintext_length = -1;
332
	goto decrypt_end;
13 by Björn Påhlsson
Added following support:
333
    }
334
    
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
335
    ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
336
			  BUFFER_SIZE);
13 by Björn Påhlsson
Added following support:
337
    /* Print the data, if any */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
338
    if(ret == 0){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
339
      /* EOF */
13 by Björn Påhlsson
Added following support:
340
      break;
341
    }
342
    if(ret < 0){
343
      perror("gpgme_data_read");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
344
      plaintext_length = -1;
345
      goto decrypt_end;
13 by Björn Påhlsson
Added following support:
346
    }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
347
    plaintext_length += ret;
13 by Björn Påhlsson
Added following support:
348
  }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
349
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
350
  if(debug){
351
    fprintf(stderr, "Decrypted password is: ");
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
352
    for(ssize_t i = 0; i < plaintext_length; i++){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
353
      fprintf(stderr, "%02hhX ", (*plaintext)[i]);
354
    }
355
    fprintf(stderr, "\n");
356
  }
357
  
358
 decrypt_end:
359
  
360
  /* Delete the GPGME cryptotext data buffer */
361
  gpgme_data_release(dh_crypto);
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
362
  
363
  /* Delete the GPGME plaintext data buffer */
13 by Björn Påhlsson
Added following support:
364
  gpgme_data_release(dh_plain);
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
365
  return plaintext_length;
13 by Björn Påhlsson
Added following support:
366
}
367
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
368
static const char * safer_gnutls_strerror(int value) {
237.2.30 by Teddy Hogeborn
* plugins.d/mandos-client.c: Only comment changes.
369
  const char *ret = gnutls_strerror(value); /* Spurious warning from
370
					       -Wunreachable-code */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
371
  if(ret == NULL)
13 by Björn Påhlsson
Added following support:
372
    ret = "(unknown)";
373
  return ret;
374
}
375
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
376
/* GnuTLS log function callback */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
377
static void debuggnutls(__attribute__((unused)) int level,
378
			const char* string){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
379
  fprintf(stderr, "GnuTLS: %s", string);
13 by Björn Påhlsson
Added following support:
380
}
381
24.1.14 by Björn Påhlsson
mandosclient
382
static int init_gnutls_global(mandos_context *mc,
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
383
			      const char *pubkeyfilename,
384
			      const char *seckeyfilename){
13 by Björn Påhlsson
Added following support:
385
  int ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
386
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
387
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
388
    fprintf(stderr, "Initializing GnuTLS\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
389
  }
24.1.29 by Björn Påhlsson
Added more header file comments
390
  
391
  ret = gnutls_global_init();
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
392
  if(ret != GNUTLS_E_SUCCESS) {
393
    fprintf(stderr, "GnuTLS global_init: %s\n",
394
	    safer_gnutls_strerror(ret));
13 by Björn Påhlsson
Added following support:
395
    return -1;
396
  }
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
397
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
398
  if(debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
399
    /* "Use a log level over 10 to enable all debugging options."
400
     * - GnuTLS manual
401
     */
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
402
    gnutls_global_set_log_level(11);
403
    gnutls_global_set_log_function(debuggnutls);
404
  }
405
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
406
  /* OpenPGP credentials */
24.1.29 by Björn Påhlsson
Added more header file comments
407
  gnutls_certificate_allocate_credentials(&mc->cred);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
408
  if(ret != GNUTLS_E_SUCCESS){
237.2.30 by Teddy Hogeborn
* plugins.d/mandos-client.c: Only comment changes.
409
    fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning
410
						  * from
411
						  * -Wunreachable-code
412
						  */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
413
	    safer_gnutls_strerror(ret));
414
    gnutls_global_deinit();
13 by Björn Påhlsson
Added following support:
415
    return -1;
416
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
417
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
418
  if(debug){
147 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Improved wording
419
    fprintf(stderr, "Attempting to use OpenPGP public key %s and"
420
	    " secret key %s as GnuTLS credentials\n", pubkeyfilename,
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
421
	    seckeyfilename);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
422
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
423
  
13 by Björn Påhlsson
Added following support:
424
  ret = gnutls_certificate_set_openpgp_key_file
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
425
    (mc->cred, pubkeyfilename, seckeyfilename,
426
     GNUTLS_OPENPGP_FMT_BASE64);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
427
  if(ret != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
428
    fprintf(stderr,
429
	    "Error[%d] while reading the OpenPGP key pair ('%s',"
76 by Teddy Hogeborn
* plugins.d/password-request.c (init_gnutls_global): Renamed
430
	    " '%s')\n", ret, pubkeyfilename, seckeyfilename);
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
431
    fprintf(stderr, "The GnuTLS error is: %s\n",
13 by Björn Påhlsson
Added following support:
432
	    safer_gnutls_strerror(ret));
24.1.20 by Björn Påhlsson
mandosclient
433
    goto globalfail;
13 by Björn Påhlsson
Added following support:
434
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
435
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
436
  /* GnuTLS server initialization */
24.1.13 by Björn Påhlsson
mandosclient
437
  ret = gnutls_dh_params_init(&mc->dh_params);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
438
  if(ret != GNUTLS_E_SUCCESS) {
439
    fprintf(stderr, "Error in GnuTLS DH parameter initialization:"
440
	    " %s\n", safer_gnutls_strerror(ret));
24.1.20 by Björn Påhlsson
mandosclient
441
    goto globalfail;
13 by Björn Påhlsson
Added following support:
442
  }
24.1.13 by Björn Påhlsson
mandosclient
443
  ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
444
  if(ret != GNUTLS_E_SUCCESS) {
445
    fprintf(stderr, "Error in GnuTLS prime generation: %s\n",
446
	    safer_gnutls_strerror(ret));
24.1.20 by Björn Påhlsson
mandosclient
447
    goto globalfail;
13 by Björn Påhlsson
Added following support:
448
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
449
  
24.1.13 by Björn Påhlsson
mandosclient
450
  gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
451
  
24.1.13 by Björn Påhlsson
mandosclient
452
  return 0;
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
453
  
24.1.20 by Björn Påhlsson
mandosclient
454
 globalfail:
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
455
  
24.1.26 by Björn Påhlsson
tally count of used symbols
456
  gnutls_certificate_free_credentials(mc->cred);
457
  gnutls_global_deinit();
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
458
  gnutls_dh_params_deinit(mc->dh_params);
24.1.20 by Björn Påhlsson
mandosclient
459
  return -1;
24.1.13 by Björn Påhlsson
mandosclient
460
}
461
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
462
static int init_gnutls_session(mandos_context *mc,
463
			       gnutls_session_t *session){
24.1.13 by Björn Påhlsson
mandosclient
464
  int ret;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
465
  /* GnuTLS session creation */
466
  ret = gnutls_init(session, GNUTLS_SERVER);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
467
  if(ret != GNUTLS_E_SUCCESS){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
468
    fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
13 by Björn Påhlsson
Added following support:
469
	    safer_gnutls_strerror(ret));
470
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
471
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
472
  {
473
    const char *err;
474
    ret = gnutls_priority_set_direct(*session, mc->priority, &err);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
475
    if(ret != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
476
      fprintf(stderr, "Syntax error at: %s\n", err);
477
      fprintf(stderr, "GnuTLS error: %s\n",
478
	      safer_gnutls_strerror(ret));
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
479
      gnutls_deinit(*session);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
480
      return -1;
481
    }
13 by Björn Påhlsson
Added following support:
482
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
483
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
484
  ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
485
			       mc->cred);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
486
  if(ret != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
487
    fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
13 by Björn Påhlsson
Added following support:
488
	    safer_gnutls_strerror(ret));
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
489
    gnutls_deinit(*session);
13 by Björn Påhlsson
Added following support:
490
    return -1;
491
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
492
  
13 by Björn Påhlsson
Added following support:
493
  /* ignore client certificate if any. */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
494
  gnutls_certificate_server_set_request(*session,
495
					GNUTLS_CERT_IGNORE);
13 by Björn Påhlsson
Added following support:
496
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
497
  gnutls_dh_set_prime_bits(*session, mc->dh_bits);
13 by Björn Påhlsson
Added following support:
498
  
499
  return 0;
500
}
501
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
502
/* Avahi log function callback */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
503
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
504
		      __attribute__((unused)) const char *txt){}
13 by Björn Påhlsson
Added following support:
505
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
506
/* Called when a Mandos server is found */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
507
static int start_mandos_communication(const char *ip, uint16_t port,
24.1.9 by Björn Påhlsson
not working midwork...
508
				      AvahiIfIndex if_index,
509
				      mandos_context *mc){
13 by Björn Påhlsson
Added following support:
510
  int ret, tcp_sd;
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
511
  ssize_t sret;
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
512
  union { struct sockaddr in; struct sockaddr_in6 in6; } to;
13 by Björn Påhlsson
Added following support:
513
  char *buffer = NULL;
514
  char *decrypted_buffer;
515
  size_t buffer_length = 0;
516
  size_t buffer_capacity = 0;
517
  ssize_t decrypted_buffer_size;
24.1.10 by Björn Påhlsson
merge commit
518
  size_t written;
13 by Björn Påhlsson
Added following support:
519
  int retval = 0;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
520
  char interface[IF_NAMESIZE];
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
521
  gnutls_session_t session;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
522
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
523
  ret = init_gnutls_session(mc, &session);
524
  if(ret != 0){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
525
    return -1;
526
  }
527
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
528
  if(debug){
60 by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing.
529
    fprintf(stderr, "Setting up a tcp connection to %s, port %" PRIu16
530
	    "\n", ip, port);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
531
  }
13 by Björn Påhlsson
Added following support:
532
  
533
  tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
534
  if(tcp_sd < 0) {
535
    perror("socket");
536
    return -1;
537
  }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
538
  
24.1.6 by Björn Påhlsson
plugbasedclient
539
  if(debug){
24.1.7 by Björn Påhlsson
merge
540
    if(if_indextoname((unsigned int)if_index, interface) == NULL){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
541
      perror("if_indextoname");
24.1.6 by Björn Påhlsson
plugbasedclient
542
      return -1;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
543
    }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
544
    fprintf(stderr, "Binding to interface %s\n", interface);
545
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
546
  
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
547
  memset(&to, 0, sizeof(to));
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
548
  to.in6.sin6_family = AF_INET6;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
549
  /* It would be nice to have a way to detect if we were passed an
550
     IPv4 address here.   Now we assume an IPv6 address. */
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
551
  ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
552
  if(ret < 0 ){
13 by Björn Påhlsson
Added following support:
553
    perror("inet_pton");
554
    return -1;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
555
  }
13 by Björn Påhlsson
Added following support:
556
  if(ret == 0){
557
    fprintf(stderr, "Bad address: %s\n", ip);
558
    return -1;
559
  }
237.2.30 by Teddy Hogeborn
* plugins.d/mandos-client.c: Only comment changes.
560
  to.in6.sin6_port = htons(port); /* Spurious warnings from
561
				     -Wconversion and
562
				     -Wunreachable-code */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
563
  
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
564
  to.in6.sin6_scope_id = (uint32_t)if_index;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
565
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
566
  if(debug){
60 by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing.
567
    fprintf(stderr, "Connection to: %s, port %" PRIu16 "\n", ip,
568
	    port);
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
569
    char addrstr[INET6_ADDRSTRLEN] = "";
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
570
    if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
571
		 sizeof(addrstr)) == NULL){
572
      perror("inet_ntop");
573
    } else {
574
      if(strcmp(addrstr, ip) != 0){
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
575
	fprintf(stderr, "Canonical address form: %s\n", addrstr);
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
576
      }
577
    }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
578
  }
13 by Björn Påhlsson
Added following support:
579
  
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
580
  ret = connect(tcp_sd, &to.in, sizeof(to));
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
581
  if(ret < 0){
13 by Björn Påhlsson
Added following support:
582
    perror("connect");
583
    return -1;
584
  }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
585
  
24.1.12 by Björn Påhlsson
merge +
586
  const char *out = mandos_protocol_version;
24.1.10 by Björn Påhlsson
merge commit
587
  written = 0;
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
588
  while(true){
24.1.10 by Björn Påhlsson
merge commit
589
    size_t out_size = strlen(out);
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
590
    ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
24.1.10 by Björn Påhlsson
merge commit
591
				   out_size - written));
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
592
    if(ret == -1){
24.1.10 by Björn Påhlsson
merge commit
593
      perror("write");
594
      retval = -1;
24.1.12 by Björn Påhlsson
merge +
595
      goto mandos_end;
24.1.10 by Björn Påhlsson
merge commit
596
    }
24.1.12 by Björn Påhlsson
merge +
597
    written += (size_t)ret;
24.1.10 by Björn Påhlsson
merge commit
598
    if(written < out_size){
599
      continue;
600
    } else {
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
601
      if(out == mandos_protocol_version){
24.1.10 by Björn Påhlsson
merge commit
602
	written = 0;
603
	out = "\r\n";
604
      } else {
605
	break;
606
      }
607
    }
608
  }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
609
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
610
  if(debug){
611
    fprintf(stderr, "Establishing TLS session with %s\n", ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
612
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
613
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
614
  gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
615
  
24.1.29 by Björn Påhlsson
Added more header file comments
616
  do{
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
617
    ret = gnutls_handshake(session);
24.1.29 by Björn Påhlsson
Added more header file comments
618
  } while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
13 by Björn Påhlsson
Added following support:
619
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
620
  if(ret != GNUTLS_E_SUCCESS){
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
621
    if(debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
622
      fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
623
      gnutls_perror(ret);
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
624
    }
13 by Björn Påhlsson
Added following support:
625
    retval = -1;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
626
    goto mandos_end;
13 by Björn Påhlsson
Added following support:
627
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
628
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
629
  /* Read OpenPGP packet that contains the wanted password */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
630
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
631
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
632
    fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
633
	    ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
634
  }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
635
  
13 by Björn Påhlsson
Added following support:
636
  while(true){
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
637
    buffer_capacity = adjustbuffer(&buffer, buffer_length,
638
				   buffer_capacity);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
639
    if(buffer_capacity == 0){
24.1.10 by Björn Påhlsson
merge commit
640
      perror("adjustbuffer");
641
      retval = -1;
24.1.12 by Björn Påhlsson
merge +
642
      goto mandos_end;
13 by Björn Påhlsson
Added following support:
643
    }
644
    
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
645
    sret = gnutls_record_recv(session, buffer+buffer_length,
646
			      BUFFER_SIZE);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
647
    if(sret == 0){
13 by Björn Påhlsson
Added following support:
648
      break;
649
    }
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
650
    if(sret < 0){
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
651
      switch(sret){
13 by Björn Påhlsson
Added following support:
652
      case GNUTLS_E_INTERRUPTED:
653
      case GNUTLS_E_AGAIN:
654
	break;
655
      case GNUTLS_E_REHANDSHAKE:
24.1.29 by Björn Påhlsson
Added more header file comments
656
	do{
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
657
	  ret = gnutls_handshake(session);
24.1.29 by Björn Påhlsson
Added more header file comments
658
	} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
659
	if(ret < 0){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
660
	  fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
661
	  gnutls_perror(ret);
13 by Björn Påhlsson
Added following support:
662
	  retval = -1;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
663
	  goto mandos_end;
13 by Björn Påhlsson
Added following support:
664
	}
665
	break;
666
      default:
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
667
	fprintf(stderr, "Unknown error while reading data from"
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
668
		" encrypted session with Mandos server\n");
13 by Björn Påhlsson
Added following support:
669
	retval = -1;
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
670
	gnutls_bye(session, GNUTLS_SHUT_RDWR);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
671
	goto mandos_end;
13 by Björn Påhlsson
Added following support:
672
      }
673
    } else {
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
674
      buffer_length += (size_t) sret;
13 by Björn Påhlsson
Added following support:
675
    }
676
  }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
677
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
678
  if(debug){
679
    fprintf(stderr, "Closing TLS session\n");
680
  }
681
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
682
  gnutls_bye(session, GNUTLS_SHUT_RDWR);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
683
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
684
  if(buffer_length > 0){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
685
    decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
686
					       buffer_length,
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
687
					       &decrypted_buffer);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
688
    if(decrypted_buffer_size >= 0){
24.1.10 by Björn Påhlsson
merge commit
689
      written = 0;
28 by Teddy Hogeborn
* server.conf: New file.
690
      while(written < (size_t) decrypted_buffer_size){
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
691
	ret = (int)fwrite(decrypted_buffer + written, 1,
692
			  (size_t)decrypted_buffer_size - written,
693
			  stdout);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
694
	if(ret == 0 and ferror(stdout)){
695
	  if(debug){
696
	    fprintf(stderr, "Error writing encrypted data: %s\n",
697
		    strerror(errno));
698
	  }
699
	  retval = -1;
700
	  break;
701
	}
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
702
	written += (size_t)ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
703
      }
13 by Björn Påhlsson
Added following support:
704
      free(decrypted_buffer);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
705
    } else {
706
      retval = -1;
13 by Björn Påhlsson
Added following support:
707
    }
24.1.63 by Björn Påhlsson
merge + fallback bugg
708
  } else {
709
    retval = -1;
13 by Björn Påhlsson
Added following support:
710
  }
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
711
  
712
  /* Shutdown procedure */
713
  
714
 mandos_end:
13 by Björn Påhlsson
Added following support:
715
  free(buffer);
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
716
  ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
717
  if(ret == -1){
718
    perror("close");
719
  }
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
720
  gnutls_deinit(session);
13 by Björn Påhlsson
Added following support:
721
  return retval;
722
}
723
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
724
static void resolve_callback(AvahiSServiceResolver *r,
725
			     AvahiIfIndex interface,
726
			     AVAHI_GCC_UNUSED AvahiProtocol protocol,
727
			     AvahiResolverEvent event,
728
			     const char *name,
729
			     const char *type,
730
			     const char *domain,
731
			     const char *host_name,
732
			     const AvahiAddress *address,
733
			     uint16_t port,
734
			     AVAHI_GCC_UNUSED AvahiStringList *txt,
735
			     AVAHI_GCC_UNUSED AvahiLookupResultFlags
736
			     flags,
737
			     void* userdata) {
24.1.9 by Björn Påhlsson
not working midwork...
738
  mandos_context *mc = userdata;
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
739
  assert(r);
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
740
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
741
  /* Called whenever a service has been resolved successfully or
742
     timed out */
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
743
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
744
  switch(event) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
745
  default:
746
  case AVAHI_RESOLVER_FAILURE:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
747
    fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
748
	    " of type '%s' in domain '%s': %s\n", name, type, domain,
24.1.9 by Björn Påhlsson
not working midwork...
749
	    avahi_strerror(avahi_server_errno(mc->server)));
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
750
    break;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
751
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
752
  case AVAHI_RESOLVER_FOUND:
753
    {
754
      char ip[AVAHI_ADDRESS_STR_MAX];
755
      avahi_address_snprint(ip, sizeof(ip), address);
756
      if(debug){
60 by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing.
757
	fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
758
		PRIdMAX ") on port %" PRIu16 "\n", name, host_name,
759
		ip, (intmax_t)interface, port);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
760
      }
24.1.9 by Björn Påhlsson
not working midwork...
761
      int ret = start_mandos_communication(ip, port, interface, mc);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
762
      if(ret == 0){
24.1.46 by Björn Påhlsson
mandos-client
763
	avahi_simple_poll_quit(mc->simple_poll);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
764
      }
13 by Björn Påhlsson
Added following support:
765
    }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
766
  }
767
  avahi_s_service_resolver_free(r);
13 by Björn Påhlsson
Added following support:
768
}
769
24.1.9 by Björn Påhlsson
not working midwork...
770
static void browse_callback( AvahiSServiceBrowser *b,
771
			     AvahiIfIndex interface,
772
			     AvahiProtocol protocol,
773
			     AvahiBrowserEvent event,
774
			     const char *name,
775
			     const char *type,
776
			     const char *domain,
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
777
			     AVAHI_GCC_UNUSED AvahiLookupResultFlags
778
			     flags,
24.1.9 by Björn Påhlsson
not working midwork...
779
			     void* userdata) {
780
  mandos_context *mc = userdata;
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
781
  assert(b);
24.1.9 by Björn Påhlsson
not working midwork...
782
  
783
  /* Called whenever a new services becomes available on the LAN or
784
     is removed from the LAN */
785
  
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
786
  switch(event) {
24.1.9 by Björn Påhlsson
not working midwork...
787
  default:
788
  case AVAHI_BROWSER_FAILURE:
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
789
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
790
    fprintf(stderr, "(Avahi browser) %s\n",
24.1.9 by Björn Påhlsson
not working midwork...
791
	    avahi_strerror(avahi_server_errno(mc->server)));
792
    avahi_simple_poll_quit(mc->simple_poll);
793
    return;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
794
    
24.1.9 by Björn Påhlsson
not working midwork...
795
  case AVAHI_BROWSER_NEW:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
796
    /* We ignore the returned Avahi resolver object. In the callback
797
       function we free it. If the Avahi server is terminated before
798
       the callback function is called the Avahi server will free the
799
       resolver for us. */
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
800
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
801
    if(!(avahi_s_service_resolver_new(mc->server, interface,
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
802
				       protocol, name, type, domain,
24.1.9 by Björn Påhlsson
not working midwork...
803
				       AVAHI_PROTO_INET6, 0,
804
				       resolve_callback, mc)))
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
805
      fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
806
	      name, avahi_strerror(avahi_server_errno(mc->server)));
24.1.9 by Björn Påhlsson
not working midwork...
807
    break;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
808
    
24.1.9 by Björn Påhlsson
not working midwork...
809
  case AVAHI_BROWSER_REMOVE:
810
    break;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
811
    
24.1.9 by Björn Påhlsson
not working midwork...
812
  case AVAHI_BROWSER_ALL_FOR_NOW:
813
  case AVAHI_BROWSER_CACHE_EXHAUSTED:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
814
    if(debug){
815
      fprintf(stderr, "No Mandos server found, still searching...\n");
816
    }
24.1.9 by Björn Påhlsson
not working midwork...
817
    break;
818
  }
13 by Björn Påhlsson
Added following support:
819
}
820
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
821
int main(int argc, char *argv[]){
13 by Björn Påhlsson
Added following support:
822
    AvahiSServiceBrowser *sb = NULL;
823
    int error;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
824
    int ret;
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
825
    intmax_t tmpmax;
826
    int numchars;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
827
    int exitcode = EXIT_SUCCESS;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
828
    const char *interface = "eth0";
24.1.6 by Björn Påhlsson
plugbasedclient
829
    struct ifreq network;
830
    int sd;
24.1.13 by Björn Påhlsson
mandosclient
831
    uid_t uid;
832
    gid_t gid;
24.1.7 by Björn Påhlsson
merge
833
    char *connect_to = NULL;
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
834
    char tempdir[] = "/tmp/mandosXXXXXX";
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
835
    AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
836
    const char *seckey = PATHDIR "/" SECKEY;
837
    const char *pubkey = PATHDIR "/" PUBKEY;
838
    
24.1.9 by Björn Påhlsson
not working midwork...
839
    mandos_context mc = { .simple_poll = NULL, .server = NULL,
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
840
			  .dh_bits = 1024, .priority = "SECURE256"
841
			  ":!CTYPE-X.509:+CTYPE-OPENPGP" };
24.1.20 by Björn Påhlsson
mandosclient
842
    bool gnutls_initalized = false;
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
843
    bool gpgme_initalized = false;
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
844
    double delay = 2.5;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
845
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
846
    {
24.1.14 by Björn Påhlsson
mandosclient
847
      struct argp_option options[] = {
848
	{ .name = "debug", .key = 128,
849
	  .doc = "Debug mode", .group = 3 },
850
	{ .name = "connect", .key = 'c',
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
851
	  .arg = "ADDRESS:PORT",
852
	  .doc = "Connect directly to a specific Mandos server",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
853
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
854
	{ .name = "interface", .key = 'i',
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
855
	  .arg = "NAME",
856
	  .doc = "Interface that will be used to search for Mandos"
857
	  " servers",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
858
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
859
	{ .name = "seckey", .key = 's',
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
860
	  .arg = "FILE",
861
	  .doc = "OpenPGP secret key file base name",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
862
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
863
	{ .name = "pubkey", .key = 'p',
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
864
	  .arg = "FILE",
865
	  .doc = "OpenPGP public key file base name",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
866
	  .group = 2 },
24.1.14 by Björn Påhlsson
mandosclient
867
	{ .name = "dh-bits", .key = 129,
868
	  .arg = "BITS",
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
869
	  .doc = "Bit length of the prime number used in the"
870
	  " Diffie-Hellman key exchange",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
871
	  .group = 2 },
24.1.14 by Björn Påhlsson
mandosclient
872
	{ .name = "priority", .key = 130,
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
873
	  .arg = "STRING",
874
	  .doc = "GnuTLS priority string for the TLS handshake",
875
	  .group = 1 },
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
876
	{ .name = "delay", .key = 131,
877
	  .arg = "SECONDS",
878
	  .doc = "Maximum delay to wait for interface startup",
879
	  .group = 2 },
24.1.14 by Björn Påhlsson
mandosclient
880
	{ .name = NULL }
881
      };
882
      
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
883
      error_t parse_opt(int key, char *arg,
884
			struct argp_state *state) {
885
	switch(key) {
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
886
	case 128:		/* --debug */
24.1.14 by Björn Påhlsson
mandosclient
887
	  debug = true;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
888
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
889
	case 'c':		/* --connect */
24.1.14 by Björn Påhlsson
mandosclient
890
	  connect_to = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
891
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
892
	case 'i':		/* --interface */
24.1.14 by Björn Påhlsson
mandosclient
893
	  interface = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
894
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
895
	case 's':		/* --seckey */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
896
	  seckey = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
897
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
898
	case 'p':		/* --pubkey */
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
899
	  pubkey = arg;
24.1.14 by Björn Påhlsson
mandosclient
900
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
901
	case 129:		/* --dh-bits */
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
902
	  ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);
903
	  if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax
904
	     or arg[numchars] != '\0'){
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
905
	    fprintf(stderr, "Bad number of DH bits\n");
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
906
	    exit(EXIT_FAILURE);
907
	  }
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
908
	  mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
909
	  break;
142 by Teddy Hogeborn
* plugins.d/password-request.c (main): Change default GnuTLS priority
910
	case 130:		/* --priority */
24.1.14 by Björn Påhlsson
mandosclient
911
	  mc.priority = arg;
912
	  break;
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
913
	case 131:		/* --delay */
914
	  ret = sscanf(arg, "%lf%n", &delay, &numchars);
915
	  if(ret < 1 or arg[numchars] != '\0'){
916
	    fprintf(stderr, "Bad delay\n");
917
	    exit(EXIT_FAILURE);
918
	  }
919
	  break;
24.1.14 by Björn Påhlsson
mandosclient
920
	case ARGP_KEY_ARG:
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
921
	  argp_usage(state);
24.1.46 by Björn Påhlsson
mandos-client
922
	case ARGP_KEY_END:
24.1.14 by Björn Påhlsson
mandosclient
923
	  break;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
924
	default:
24.1.14 by Björn Påhlsson
mandosclient
925
	  return ARGP_ERR_UNKNOWN;
24.1.9 by Björn Påhlsson
not working midwork...
926
	}
24.1.14 by Björn Påhlsson
mandosclient
927
	return 0;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
928
      }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
929
      
24.1.14 by Björn Påhlsson
mandosclient
930
      struct argp argp = { .options = options, .parser = parse_opt,
931
			   .args_doc = "",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
932
			   .doc = "Mandos client -- Get and decrypt"
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
933
			   " passwords from a Mandos server" };
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
934
      ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
935
      if(ret == ARGP_ERR_UNKNOWN){
24.1.43 by Björn Påhlsson
merge
936
	fprintf(stderr, "Unknown error while parsing arguments\n");
24.1.29 by Björn Påhlsson
Added more header file comments
937
	exitcode = EXIT_FAILURE;
938
	goto end;
939
      }
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
940
    }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
941
    
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
942
    /* If the interface is down, bring it up */
943
    {
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
944
      // Lower kernel loglevel to KERN_NOTICE to avoid
945
      // KERN_INFO messages to mess up the prompt
946
      ret = klogctl(8, NULL, 5);
947
      if(ret == -1){
948
	perror("klogctl");
949
      }
950
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
951
      sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
952
      if(sd < 0) {
953
	perror("socket");
954
	exitcode = EXIT_FAILURE;
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
955
	ret = klogctl(7, NULL, 0);
956
	if(ret == -1){
957
	  perror("klogctl");
958
	}
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
959
	goto end;
960
      }
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
961
      strcpy(network.ifr_name, interface);
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
962
      ret = ioctl(sd, SIOCGIFFLAGS, &network);
963
      if(ret == -1){
964
	perror("ioctl SIOCGIFFLAGS");
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
965
	ret = klogctl(7, NULL, 0);
966
	if(ret == -1){
967
	  perror("klogctl");
968
	}
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
969
	exitcode = EXIT_FAILURE;
970
	goto end;
971
      }
972
      if((network.ifr_flags & IFF_UP) == 0){
973
	network.ifr_flags |= IFF_UP;
974
	ret = ioctl(sd, SIOCSIFFLAGS, &network);
975
	if(ret == -1){
976
	  perror("ioctl SIOCSIFFLAGS");
977
	  exitcode = EXIT_FAILURE;
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
978
	  ret = klogctl(7, NULL, 0);
979
	  if(ret == -1){
980
	    perror("klogctl");
981
	  }
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
982
	  goto end;
983
	}
984
      }
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
985
      // sleep checking until interface is running
986
      for(int i=0; i < delay * 4; i++){
987
	ret = ioctl(sd, SIOCGIFFLAGS, &network);
988
	if(ret == -1){
989
	  perror("ioctl SIOCGIFFLAGS");
990
	} else if(network.ifr_flags & IFF_RUNNING){
991
	  break;
992
	}
993
	struct timespec sleeptime = { .tv_nsec = 250000000 };
994
	nanosleep(&sleeptime, NULL);
995
      }
237.3.2 by Mooie
Fixed warnings in the 64 bit build. Added explicit cast to int for
996
      ret = (int)TEMP_FAILURE_RETRY(close(sd));
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
997
      if(ret == -1){
998
	perror("close");
999
      }
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
1000
      // Restores kernel loglevel to default
1001
      ret = klogctl(7, NULL, 0);
1002
      if(ret == -1){
1003
	perror("klogctl");
1004
      }
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
1005
    }
1006
    
24.1.13 by Björn Påhlsson
mandosclient
1007
    uid = getuid();
1008
    gid = getgid();
65 by Teddy Hogeborn
* plugins.d/password-request.c (main): Bug fix: Bring up network
1009
    
24.1.13 by Björn Påhlsson
mandosclient
1010
    ret = setuid(uid);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1011
    if(ret == -1){
24.1.13 by Björn Påhlsson
mandosclient
1012
      perror("setuid");
1013
    }
1014
    
1015
    setgid(gid);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1016
    if(ret == -1){
24.1.13 by Björn Påhlsson
mandosclient
1017
      perror("setgid");
1018
    }
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
1019
    
167 by Teddy Hogeborn
* plugins.d/password-prompt.c (main): If successful, output an extra
1020
    ret = init_gnutls_global(&mc, pubkey, seckey);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1021
    if(ret == -1){
167 by Teddy Hogeborn
* plugins.d/password-prompt.c (main): If successful, output an extra
1022
      fprintf(stderr, "init_gnutls_global failed\n");
1023
      exitcode = EXIT_FAILURE;
1024
      goto end;
1025
    } else {
1026
      gnutls_initalized = true;
1027
    }
1028
    
1029
    if(mkdtemp(tempdir) == NULL){
1030
      perror("mkdtemp");
1031
      tempdir[0] = '\0';
1032
      goto end;
1033
    }
1034
    
1035
    if(not init_gpgme(&mc, pubkey, seckey, tempdir)){
176 by Teddy Hogeborn
Merge & resolve.
1036
      fprintf(stderr, "gpgme_initalized failed\n");
167 by Teddy Hogeborn
* plugins.d/password-prompt.c (main): If successful, output an extra
1037
      exitcode = EXIT_FAILURE;
1038
      goto end;
1039
    } else {
176 by Teddy Hogeborn
Merge & resolve.
1040
      gpgme_initalized = true;
167 by Teddy Hogeborn
* plugins.d/password-prompt.c (main): If successful, output an extra
1041
    }
1042
    
24.1.7 by Björn Påhlsson
merge
1043
    if_index = (AvahiIfIndex) if_nametoindex(interface);
1044
    if(if_index == 0){
1045
      fprintf(stderr, "No such interface: \"%s\"\n", interface);
1046
      exit(EXIT_FAILURE);
28 by Teddy Hogeborn
* server.conf: New file.
1047
    }
1048
    
1049
    if(connect_to != NULL){
1050
      /* Connect directly, do not use Zeroconf */
1051
      /* (Mainly meant for debugging) */
1052
      char *address = strrchr(connect_to, ':');
1053
      if(address == NULL){
1054
        fprintf(stderr, "No colon in address\n");
24.1.13 by Björn Påhlsson
mandosclient
1055
	exitcode = EXIT_FAILURE;
1056
	goto end;
28 by Teddy Hogeborn
* server.conf: New file.
1057
      }
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
1058
      uint16_t port;
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
1059
      ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);
1060
      if(ret < 1 or tmpmax != (uint16_t)tmpmax
1061
	 or address[numchars+1] != '\0'){
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
1062
	fprintf(stderr, "Bad port number\n");
24.1.13 by Björn Påhlsson
mandosclient
1063
	exitcode = EXIT_FAILURE;
1064
	goto end;
28 by Teddy Hogeborn
* server.conf: New file.
1065
      }
237.2.31 by Teddy Hogeborn
Fixes for sscanf usage:
1066
      port = (uint16_t)tmpmax;
28 by Teddy Hogeborn
* server.conf: New file.
1067
      *address = '\0';
1068
      address = connect_to;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
1069
      ret = start_mandos_communication(address, port, if_index, &mc);
28 by Teddy Hogeborn
* server.conf: New file.
1070
      if(ret < 0){
24.1.13 by Björn Påhlsson
mandosclient
1071
	exitcode = EXIT_FAILURE;
28 by Teddy Hogeborn
* server.conf: New file.
1072
      } else {
24.1.13 by Björn Påhlsson
mandosclient
1073
	exitcode = EXIT_SUCCESS;
28 by Teddy Hogeborn
* server.conf: New file.
1074
      }
24.1.13 by Björn Påhlsson
mandosclient
1075
      goto end;
28 by Teddy Hogeborn
* server.conf: New file.
1076
    }
1077
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1078
    if(not debug){
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
1079
      avahi_set_log_function(empty_log);
1080
    }
13 by Björn Påhlsson
Added following support:
1081
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1082
    /* Initialize the pseudo-RNG for Avahi */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1083
    srand((unsigned int) time(NULL));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1084
    
1085
    /* Allocate main Avahi loop object */
1086
    mc.simple_poll = avahi_simple_poll_new();
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1087
    if(mc.simple_poll == NULL) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1088
        fprintf(stderr, "Avahi: Failed to create simple poll"
1089
		" object.\n");
1090
	exitcode = EXIT_FAILURE;
1091
        goto end;
1092
    }
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1093
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1094
    {
1095
      AvahiServerConfig config;
1096
      /* Do not publish any local Zeroconf records */
1097
      avahi_server_config_init(&config);
1098
      config.publish_hinfo = 0;
1099
      config.publish_addresses = 0;
1100
      config.publish_workstation = 0;
1101
      config.publish_domain = 0;
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1102
      
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1103
      /* Allocate a new server */
1104
      mc.server = avahi_server_new(avahi_simple_poll_get
1105
				   (mc.simple_poll), &config, NULL,
1106
				   NULL, &error);
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1107
      
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1108
      /* Free the Avahi configuration data */
1109
      avahi_server_config_free(&config);
1110
    }
1111
    
1112
    /* Check if creating the Avahi server object succeeded */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1113
    if(mc.server == NULL) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1114
        fprintf(stderr, "Failed to create Avahi server: %s\n",
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1115
		avahi_strerror(error));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1116
	exitcode = EXIT_FAILURE;
1117
        goto end;
13 by Björn Påhlsson
Added following support:
1118
    }
1119
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1120
    /* Create the Avahi service browser */
24.1.9 by Björn Påhlsson
not working midwork...
1121
    sb = avahi_s_service_browser_new(mc.server, if_index,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1122
				     AVAHI_PROTO_INET6,
1123
				     "_mandos._tcp", NULL, 0,
24.1.9 by Björn Påhlsson
not working midwork...
1124
				     browse_callback, &mc);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1125
    if(sb == NULL) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1126
        fprintf(stderr, "Failed to create service browser: %s\n",
24.1.9 by Björn Påhlsson
not working midwork...
1127
		avahi_strerror(avahi_server_errno(mc.server)));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1128
	exitcode = EXIT_FAILURE;
1129
        goto end;
13 by Björn Påhlsson
Added following support:
1130
    }
1131
    
1132
    /* Run the main loop */
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1133
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1134
    if(debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1135
      fprintf(stderr, "Starting Avahi loop search\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
1136
    }
24.1.124 by Björn Påhlsson
Added lower kernel loglevel to reduce clutter on system console.
1137
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
1138
    avahi_simple_poll_loop(mc.simple_poll);
13 by Björn Påhlsson
Added following support:
1139
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1140
 end:
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1141
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1142
    if(debug){
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
1143
      fprintf(stderr, "%s exiting\n", argv[0]);
1144
    }
13 by Björn Påhlsson
Added following support:
1145
    
1146
    /* Cleanup things */
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1147
    if(sb != NULL)
13 by Björn Påhlsson
Added following support:
1148
        avahi_s_service_browser_free(sb);
1149
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1150
    if(mc.server != NULL)
24.1.9 by Björn Påhlsson
not working midwork...
1151
        avahi_server_free(mc.server);
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1152
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1153
    if(mc.simple_poll != NULL)
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
1154
        avahi_simple_poll_free(mc.simple_poll);
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
1155
    
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1156
    if(gnutls_initalized){
24.1.29 by Björn Påhlsson
Added more header file comments
1157
      gnutls_certificate_free_credentials(mc.cred);
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1158
      gnutls_global_deinit();
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
1159
      gnutls_dh_params_deinit(mc.dh_params);
24.1.20 by Björn Påhlsson
mandosclient
1160
    }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
1161
    
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
1162
    if(gpgme_initalized){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1163
      gpgme_release(mc.ctx);
1164
    }
168 by Teddy Hogeborn
* initramfs-tools-hook: Use long options where available. Use only
1165
    
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1166
    /* Removes the temp directory used by GPGME */
1167
    if(tempdir[0] != '\0'){
1168
      DIR *d;
1169
      struct dirent *direntry;
1170
      d = opendir(tempdir);
1171
      if(d == NULL){
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
1172
	if(errno != ENOENT){
1173
	  perror("opendir");
1174
	}
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1175
      } else {
1176
	while(true){
1177
	  direntry = readdir(d);
1178
	  if(direntry == NULL){
1179
	    break;
1180
	  }
237.2.29 by Teddy Hogeborn
* plugin-runner.c: Only space changes.
1181
	  if(direntry->d_type == DT_REG){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1182
	    char *fullname = NULL;
1183
	    ret = asprintf(&fullname, "%s/%s", tempdir,
1184
			   direntry->d_name);
1185
	    if(ret < 0){
1186
	      perror("asprintf");
1187
	      continue;
1188
	    }
1189
	    ret = unlink(fullname);
1190
	    if(ret == -1){
1191
	      fprintf(stderr, "unlink(\"%s\"): %s",
1192
		      fullname, strerror(errno));
1193
	    }
1194
	    free(fullname);
1195
	  }
1196
	}
24.1.92 by Björn Påhlsson
Several memory leaks detected by valgrind fixed
1197
	closedir(d);
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1198
      }
1199
      ret = rmdir(tempdir);
237.2.26 by Teddy Hogeborn
* README (The Plugin System): Removed redundant text about options and
1200
      if(ret == -1 and errno != ENOENT){
24.1.81 by Björn Påhlsson
removed keyring pre-requirement for starting password-request.
1201
	perror("rmdir");
1202
      }
1203
    }
1204
	  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1205
    return exitcode;
13 by Björn Påhlsson
Added following support:
1206
}