/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1
/*  -*- coding: utf-8 -*- */
2
/*
3
 * Mandos client - get and decrypt data from a Mandos server
4
 *
5
 * This program is partly derived from an example program for an Avahi
6
 * service browser, downloaded from
7
 * <http://avahi.org/browser/examples/core-browse-services.c>.  This
8
 * includes the following functions: "resolve_callback",
9
 * "browse_callback", and parts of "main".
10
 * 
28 by Teddy Hogeborn
* server.conf: New file.
11
 * Everything else is
12
 * Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
13
 * 
14
 * This program is free software: you can redistribute it and/or
15
 * modify it under the terms of the GNU General Public License as
16
 * published by the Free Software Foundation, either version 3 of the
17
 * License, or (at your option) any later version.
18
 * 
19
 * This program is distributed in the hope that it will be useful, but
20
 * WITHOUT ANY WARRANTY; without even the implied warranty of
21
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22
 * General Public License for more details.
23
 * 
24
 * You should have received a copy of the GNU General Public License
25
 * along with this program.  If not, see
26
 * <http://www.gnu.org/licenses/>.
27
 * 
31 by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments.
28
 * Contact the authors at <mandos@fukt.bsnet.se>.
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
29
 */
30
28 by Teddy Hogeborn
* server.conf: New file.
31
/* Needed by GPGME, specifically gpgme_data_seek() */
13 by Björn Påhlsson
Added following support:
32
#define _LARGEFILE_SOURCE
33
#define _FILE_OFFSET_BITS 64
34
24.1.10 by Björn Påhlsson
merge commit
35
#define _GNU_SOURCE		/* TEMP_FAILURE_RETRY() */
36
13 by Björn Påhlsson
Added following support:
37
#include <stdio.h>
38
#include <assert.h>
39
#include <stdlib.h>
40
#include <time.h>
41
#include <net/if.h>		/* if_nametoindex */
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
42
#include <sys/ioctl.h>          /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
43
				   SIOCSIFFLAGS */
44
#include <net/if.h>		/* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
45
				   SIOCSIFFLAGS */
13 by Björn Påhlsson
Added following support:
46
47
#include <avahi-core/core.h>
48
#include <avahi-core/lookup.h>
49
#include <avahi-core/log.h>
50
#include <avahi-common/simple-watch.h>
51
#include <avahi-common/malloc.h>
52
#include <avahi-common/error.h>
53
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
54
/* Mandos client part */
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
55
#include <sys/types.h>		/* socket(), inet_pton() */
56
#include <sys/socket.h>		/* socket(), struct sockaddr_in6,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
57
				   struct in6_addr, inet_pton() */
58
#include <gnutls/gnutls.h>	/* All GnuTLS stuff */
59
#include <gnutls/openpgp.h>	/* GnuTLS with openpgp stuff */
13 by Björn Påhlsson
Added following support:
60
61
#include <unistd.h>		/* close() */
62
#include <netinet/in.h>
63
#include <stdbool.h>		/* true */
64
#include <string.h>		/* memset */
65
#include <arpa/inet.h>		/* inet_pton() */
66
#include <iso646.h>		/* not */
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
67
#include <net/if.h>		/* IF_NAMESIZE */
24.1.14 by Björn Påhlsson
mandosclient
68
#include <argp.h>		/* struct argp_option,
69
				   struct argp_state, struct argp,
70
				   argp_parse() */
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
71
/* GPGME */
13 by Björn Påhlsson
Added following support:
72
#include <errno.h>		/* perror() */
73
#include <gpgme.h>
74
75
#define BUFFER_SIZE 256
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
76
15.1.2 by Björn Påhlsson
Added debug options from passprompt as --debug and --debug=passprompt
77
bool debug = false;
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
78
static const char *keydir = "/conf/conf.d/mandos";
24.1.14 by Björn Påhlsson
mandosclient
79
const char *argp_program_version = "mandosclient 0.9";
80
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
81
static const char mandos_protocol_version[] = "1";
24.1.10 by Björn Påhlsson
merge commit
82
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
83
/* Used for passing in values through the Avahi callback functions */
13 by Björn Påhlsson
Added following support:
84
typedef struct {
24.1.9 by Björn Påhlsson
not working midwork...
85
  AvahiSimplePoll *simple_poll;
86
  AvahiServer *server;
13 by Björn Påhlsson
Added following support:
87
  gnutls_certificate_credentials_t cred;
24.1.9 by Björn Påhlsson
not working midwork...
88
  unsigned int dh_bits;
24.1.13 by Björn Påhlsson
mandosclient
89
  gnutls_dh_params_t dh_params;
24.1.9 by Björn Påhlsson
not working midwork...
90
  const char *priority;
91
} mandos_context;
13 by Björn Påhlsson
Added following support:
92
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
93
/* Make room in "buffer" for at least BUFFER_SIZE additional bytes.
94
 * "buffer_capacity" is how much is currently allocated,
95
 * "buffer_length" is how much is already used. */
24.1.12 by Björn Påhlsson
merge +
96
size_t adjustbuffer(char **buffer, size_t buffer_length,
24.1.10 by Björn Påhlsson
merge commit
97
		  size_t buffer_capacity){
98
  if (buffer_length + BUFFER_SIZE > buffer_capacity){
24.1.12 by Björn Påhlsson
merge +
99
    *buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
24.1.10 by Björn Påhlsson
merge commit
100
    if (buffer == NULL){
101
      return 0;
102
    }
103
    buffer_capacity += BUFFER_SIZE;
104
  }
105
  return buffer_capacity;
106
}
107
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
108
/* 
109
 * Decrypt OpenPGP data using keyrings in HOMEDIR.
110
 * Returns -1 on error
111
 */
112
static ssize_t pgp_packet_decrypt (const char *cryptotext,
113
				   size_t crypto_size,
114
				   char **plaintext,
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
115
				   const char *homedir){
13 by Björn Påhlsson
Added following support:
116
  gpgme_data_t dh_crypto, dh_plain;
117
  gpgme_ctx_t ctx;
118
  gpgme_error_t rc;
119
  ssize_t ret;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
120
  size_t plaintext_capacity = 0;
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
121
  ssize_t plaintext_length = 0;
13 by Björn Påhlsson
Added following support:
122
  gpgme_engine_info_t engine_info;
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
123
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
124
  if (debug){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
125
    fprintf(stderr, "Trying to decrypt OpenPGP data\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
126
  }
127
  
13 by Björn Påhlsson
Added following support:
128
  /* Init GPGME */
129
  gpgme_check_version(NULL);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
130
  rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
131
  if (rc != GPG_ERR_NO_ERROR){
132
    fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
133
	    gpgme_strsource(rc), gpgme_strerror(rc));
134
    return -1;
135
  }
13 by Björn Påhlsson
Added following support:
136
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
137
  /* Set GPGME home directory for the OpenPGP engine only */
13 by Björn Påhlsson
Added following support:
138
  rc = gpgme_get_engine_info (&engine_info);
139
  if (rc != GPG_ERR_NO_ERROR){
140
    fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
141
	    gpgme_strsource(rc), gpgme_strerror(rc));
142
    return -1;
143
  }
144
  while(engine_info != NULL){
145
    if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
146
      gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
147
			    engine_info->file_name, homedir);
148
      break;
149
    }
150
    engine_info = engine_info->next;
151
  }
152
  if(engine_info == NULL){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
153
    fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);
13 by Björn Påhlsson
Added following support:
154
    return -1;
155
  }
156
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
157
  /* Create new GPGME data buffer from memory cryptotext */
158
  rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
159
			       0);
13 by Björn Påhlsson
Added following support:
160
  if (rc != GPG_ERR_NO_ERROR){
161
    fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
162
	    gpgme_strsource(rc), gpgme_strerror(rc));
163
    return -1;
164
  }
165
  
166
  /* Create new empty GPGME data buffer for the plaintext */
167
  rc = gpgme_data_new(&dh_plain);
168
  if (rc != GPG_ERR_NO_ERROR){
169
    fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
170
	    gpgme_strsource(rc), gpgme_strerror(rc));
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
171
    gpgme_data_release(dh_crypto);
13 by Björn Påhlsson
Added following support:
172
    return -1;
173
  }
174
  
175
  /* Create new GPGME "context" */
176
  rc = gpgme_new(&ctx);
177
  if (rc != GPG_ERR_NO_ERROR){
178
    fprintf(stderr, "bad gpgme_new: %s: %s\n",
179
	    gpgme_strsource(rc), gpgme_strerror(rc));
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
180
    plaintext_length = -1;
181
    goto decrypt_end;
13 by Björn Påhlsson
Added following support:
182
  }
183
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
184
  /* Decrypt data from the cryptotext data buffer to the plaintext
185
     data buffer */
13 by Björn Påhlsson
Added following support:
186
  rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
187
  if (rc != GPG_ERR_NO_ERROR){
188
    fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
189
	    gpgme_strsource(rc), gpgme_strerror(rc));
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
190
    plaintext_length = -1;
191
    goto decrypt_end;
13 by Björn Påhlsson
Added following support:
192
  }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
193
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
194
  if(debug){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
195
    fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
196
  }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
197
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
198
  if (debug){
199
    gpgme_decrypt_result_t result;
200
    result = gpgme_op_decrypt_result(ctx);
201
    if (result == NULL){
202
      fprintf(stderr, "gpgme_op_decrypt_result failed\n");
203
    } else {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
204
      fprintf(stderr, "Unsupported algorithm: %s\n",
205
	      result->unsupported_algorithm);
206
      fprintf(stderr, "Wrong key usage: %d\n",
207
	      result->wrong_key_usage);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
208
      if(result->file_name != NULL){
209
	fprintf(stderr, "File name: %s\n", result->file_name);
210
      }
211
      gpgme_recipient_t recipient;
212
      recipient = result->recipients;
213
      if(recipient){
214
	while(recipient != NULL){
215
	  fprintf(stderr, "Public key algorithm: %s\n",
216
		  gpgme_pubkey_algo_name(recipient->pubkey_algo));
217
	  fprintf(stderr, "Key ID: %s\n", recipient->keyid);
218
	  fprintf(stderr, "Secret key available: %s\n",
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
219
		  recipient->status == GPG_ERR_NO_SECKEY
220
		  ? "No" : "Yes");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
221
	  recipient = recipient->next;
222
	}
223
      }
224
    }
225
  }
13 by Björn Påhlsson
Added following support:
226
  
227
  /* Seek back to the beginning of the GPGME plaintext data buffer */
24.1.5 by Björn Påhlsson
plugbasedclient:
228
  if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
229
    perror("pgpme_data_seek");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
230
    plaintext_length = -1;
231
    goto decrypt_end;
24.1.5 by Björn Påhlsson
plugbasedclient:
232
  }
233
  
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
234
  *plaintext = NULL;
13 by Björn Påhlsson
Added following support:
235
  while(true){
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
236
    plaintext_capacity = adjustbuffer(plaintext,
237
				      (size_t)plaintext_length,
24.1.12 by Björn Påhlsson
merge +
238
				      plaintext_capacity);
239
    if (plaintext_capacity == 0){
24.1.10 by Björn Påhlsson
merge commit
240
	perror("adjustbuffer");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
241
	plaintext_length = -1;
242
	goto decrypt_end;
13 by Björn Påhlsson
Added following support:
243
    }
244
    
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
245
    ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
246
			  BUFFER_SIZE);
13 by Björn Påhlsson
Added following support:
247
    /* Print the data, if any */
248
    if (ret == 0){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
249
      /* EOF */
13 by Björn Påhlsson
Added following support:
250
      break;
251
    }
252
    if(ret < 0){
253
      perror("gpgme_data_read");
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
254
      plaintext_length = -1;
255
      goto decrypt_end;
13 by Björn Påhlsson
Added following support:
256
    }
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
257
    plaintext_length += ret;
13 by Björn Påhlsson
Added following support:
258
  }
259
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
260
  if(debug){
261
    fprintf(stderr, "Decrypted password is: ");
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
262
    for(ssize_t i = 0; i < plaintext_length; i++){
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
263
      fprintf(stderr, "%02hhX ", (*plaintext)[i]);
264
    }
265
    fprintf(stderr, "\n");
266
  }
267
  
268
 decrypt_end:
269
  
270
  /* Delete the GPGME cryptotext data buffer */
271
  gpgme_data_release(dh_crypto);
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
272
  
273
  /* Delete the GPGME plaintext data buffer */
13 by Björn Påhlsson
Added following support:
274
  gpgme_data_release(dh_plain);
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
275
  return plaintext_length;
13 by Björn Påhlsson
Added following support:
276
}
277
278
static const char * safer_gnutls_strerror (int value) {
279
  const char *ret = gnutls_strerror (value);
280
  if (ret == NULL)
281
    ret = "(unknown)";
282
  return ret;
283
}
284
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
285
/* GnuTLS log function callback */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
286
static void debuggnutls(__attribute__((unused)) int level,
287
			const char* string){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
288
  fprintf(stderr, "GnuTLS: %s", string);
13 by Björn Påhlsson
Added following support:
289
}
290
24.1.14 by Björn Påhlsson
mandosclient
291
static int init_gnutls_global(mandos_context *mc,
292
			      const char *pubkeyfile,
293
			      const char *seckeyfile){
13 by Björn Påhlsson
Added following support:
294
  int ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
295
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
296
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
297
    fprintf(stderr, "Initializing GnuTLS\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
298
  }
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
299
13 by Björn Påhlsson
Added following support:
300
  if ((ret = gnutls_global_init ())
301
      != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
302
    fprintf (stderr, "GnuTLS global_init: %s\n",
303
	     safer_gnutls_strerror(ret));
13 by Björn Påhlsson
Added following support:
304
    return -1;
305
  }
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
306
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
307
  if (debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
308
    /* "Use a log level over 10 to enable all debugging options."
309
     * - GnuTLS manual
310
     */
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
311
    gnutls_global_set_log_level(11);
312
    gnutls_global_set_log_function(debuggnutls);
313
  }
314
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
315
  /* OpenPGP credentials */
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
316
  if ((ret = gnutls_certificate_allocate_credentials (&mc->cred))
13 by Björn Påhlsson
Added following support:
317
      != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
318
    fprintf (stderr, "GnuTLS memory error: %s\n",
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
319
	     safer_gnutls_strerror(ret));
13 by Björn Påhlsson
Added following support:
320
    return -1;
321
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
322
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
323
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
324
    fprintf(stderr, "Attempting to use OpenPGP certificate %s"
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
325
	    " and keyfile %s as GnuTLS credentials\n", pubkeyfile,
326
	    seckeyfile);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
327
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
328
  
13 by Björn Påhlsson
Added following support:
329
  ret = gnutls_certificate_set_openpgp_key_file
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
330
    (mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);
13 by Björn Påhlsson
Added following support:
331
  if (ret != GNUTLS_E_SUCCESS) {
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
332
    fprintf(stderr,
333
	    "Error[%d] while reading the OpenPGP key pair ('%s',"
334
	    " '%s')\n", ret, pubkeyfile, seckeyfile);
335
    fprintf(stdout, "The GnuTLS error is: %s\n",
13 by Björn Påhlsson
Added following support:
336
	    safer_gnutls_strerror(ret));
337
    return -1;
338
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
339
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
340
  /* GnuTLS server initialization */
24.1.13 by Björn Påhlsson
mandosclient
341
  ret = gnutls_dh_params_init(&mc->dh_params);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
342
  if (ret != GNUTLS_E_SUCCESS) {
343
    fprintf (stderr, "Error in GnuTLS DH parameter initialization:"
344
	     " %s\n", safer_gnutls_strerror(ret));
13 by Björn Påhlsson
Added following support:
345
    return -1;
346
  }
24.1.13 by Björn Påhlsson
mandosclient
347
  ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
348
  if (ret != GNUTLS_E_SUCCESS) {
349
    fprintf (stderr, "Error in GnuTLS prime generation: %s\n",
13 by Björn Påhlsson
Added following support:
350
	     safer_gnutls_strerror(ret));
351
    return -1;
352
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
353
  
24.1.13 by Björn Påhlsson
mandosclient
354
  gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
355
356
  return 0;
357
}
358
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
359
static int init_gnutls_session(mandos_context *mc,
360
			       gnutls_session_t *session){
24.1.13 by Björn Påhlsson
mandosclient
361
  int ret;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
362
  /* GnuTLS session creation */
363
  ret = gnutls_init(session, GNUTLS_SERVER);
364
  if (ret != GNUTLS_E_SUCCESS){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
365
    fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
13 by Björn Påhlsson
Added following support:
366
	    safer_gnutls_strerror(ret));
367
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
368
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
369
  {
370
    const char *err;
371
    ret = gnutls_priority_set_direct(*session, mc->priority, &err);
372
    if (ret != GNUTLS_E_SUCCESS) {
373
      fprintf(stderr, "Syntax error at: %s\n", err);
374
      fprintf(stderr, "GnuTLS error: %s\n",
375
	      safer_gnutls_strerror(ret));
376
      return -1;
377
    }
13 by Björn Påhlsson
Added following support:
378
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
379
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
380
  ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
381
			       mc->cred);
382
  if (ret != GNUTLS_E_SUCCESS) {
383
    fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
13 by Björn Påhlsson
Added following support:
384
	    safer_gnutls_strerror(ret));
385
    return -1;
386
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
387
  
13 by Björn Påhlsson
Added following support:
388
  /* ignore client certificate if any. */
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
389
  gnutls_certificate_server_set_request (*session,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
390
					 GNUTLS_CERT_IGNORE);
13 by Björn Påhlsson
Added following support:
391
  
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
392
  gnutls_dh_set_prime_bits (*session, mc->dh_bits);
13 by Björn Påhlsson
Added following support:
393
  
394
  return 0;
395
}
396
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
397
/* Avahi log function callback */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
398
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
399
		      __attribute__((unused)) const char *txt){}
13 by Björn Påhlsson
Added following support:
400
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
401
/* Called when a Mandos server is found */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
402
static int start_mandos_communication(const char *ip, uint16_t port,
24.1.9 by Björn Påhlsson
not working midwork...
403
				      AvahiIfIndex if_index,
404
				      mandos_context *mc){
13 by Björn Påhlsson
Added following support:
405
  int ret, tcp_sd;
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
406
  union { struct sockaddr in; struct sockaddr_in6 in6; } to;
13 by Björn Påhlsson
Added following support:
407
  char *buffer = NULL;
408
  char *decrypted_buffer;
409
  size_t buffer_length = 0;
410
  size_t buffer_capacity = 0;
411
  ssize_t decrypted_buffer_size;
24.1.10 by Björn Påhlsson
merge commit
412
  size_t written;
13 by Björn Påhlsson
Added following support:
413
  int retval = 0;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
414
  char interface[IF_NAMESIZE];
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
415
  gnutls_session_t session;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
416
  
24.1.13 by Björn Påhlsson
mandosclient
417
  ret = init_gnutls_session (mc, &session);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
418
  if (ret != 0){
419
    return -1;
420
  }
421
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
422
  if(debug){
28 by Teddy Hogeborn
* server.conf: New file.
423
    fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
424
	    ip, port);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
425
  }
13 by Björn Påhlsson
Added following support:
426
  
427
  tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
428
  if(tcp_sd < 0) {
429
    perror("socket");
430
    return -1;
431
  }
24.1.6 by Björn Påhlsson
plugbasedclient
432
433
  if(debug){
24.1.7 by Björn Påhlsson
merge
434
    if(if_indextoname((unsigned int)if_index, interface) == NULL){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
435
      perror("if_indextoname");
24.1.6 by Björn Påhlsson
plugbasedclient
436
      return -1;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
437
    }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
438
    fprintf(stderr, "Binding to interface %s\n", interface);
439
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
440
  
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
441
  memset(&to,0,sizeof(to));	/* Spurious warning */
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
442
  to.in6.sin6_family = AF_INET6;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
443
  /* It would be nice to have a way to detect if we were passed an
444
     IPv4 address here.   Now we assume an IPv6 address. */
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
445
  ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
13 by Björn Påhlsson
Added following support:
446
  if (ret < 0 ){
447
    perror("inet_pton");
448
    return -1;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
449
  }
13 by Björn Påhlsson
Added following support:
450
  if(ret == 0){
451
    fprintf(stderr, "Bad address: %s\n", ip);
452
    return -1;
453
  }
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
454
  to.in6.sin6_port = htons(port);	/* Spurious warning */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
455
  
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
456
  to.in6.sin6_scope_id = (uint32_t)if_index;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
457
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
458
  if(debug){
28 by Teddy Hogeborn
* server.conf: New file.
459
    fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
460
    char addrstr[INET6_ADDRSTRLEN] = "";
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
461
    if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
462
		 sizeof(addrstr)) == NULL){
463
      perror("inet_ntop");
464
    } else {
465
      if(strcmp(addrstr, ip) != 0){
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
466
	fprintf(stderr, "Canonical address form: %s\n", addrstr);
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
467
      }
468
    }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
469
  }
13 by Björn Påhlsson
Added following support:
470
  
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
471
  ret = connect(tcp_sd, &to.in, sizeof(to));
13 by Björn Påhlsson
Added following support:
472
  if (ret < 0){
473
    perror("connect");
474
    return -1;
475
  }
24.1.10 by Björn Påhlsson
merge commit
476
24.1.12 by Björn Påhlsson
merge +
477
  const char *out = mandos_protocol_version;
24.1.10 by Björn Påhlsson
merge commit
478
  written = 0;
479
  while (true){
480
    size_t out_size = strlen(out);
481
    ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
482
				   out_size - written));
483
    if (ret == -1){
484
      perror("write");
485
      retval = -1;
24.1.12 by Björn Påhlsson
merge +
486
      goto mandos_end;
24.1.10 by Björn Påhlsson
merge commit
487
    }
24.1.12 by Björn Påhlsson
merge +
488
    written += (size_t)ret;
24.1.10 by Björn Påhlsson
merge commit
489
    if(written < out_size){
490
      continue;
491
    } else {
492
      if (out == mandos_protocol_version){
493
	written = 0;
494
	out = "\r\n";
495
      } else {
496
	break;
497
      }
498
    }
499
  }
500
 
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
501
  if(debug){
502
    fprintf(stderr, "Establishing TLS session with %s\n", ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
503
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
504
  
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
505
  gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
506
  
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
507
  ret = gnutls_handshake (session);
13 by Björn Påhlsson
Added following support:
508
  
509
  if (ret != GNUTLS_E_SUCCESS){
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
510
    if(debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
511
      fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
512
      gnutls_perror (ret);
513
    }
13 by Björn Påhlsson
Added following support:
514
    retval = -1;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
515
    goto mandos_end;
13 by Björn Påhlsson
Added following support:
516
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
517
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
518
  /* Read OpenPGP packet that contains the wanted password */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
519
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
520
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
521
    fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
522
	    ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
523
  }
524
13 by Björn Påhlsson
Added following support:
525
  while(true){
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
526
    buffer_capacity = adjustbuffer(&buffer, buffer_length,
527
				   buffer_capacity);
24.1.10 by Björn Påhlsson
merge commit
528
    if (buffer_capacity == 0){
529
      perror("adjustbuffer");
530
      retval = -1;
24.1.12 by Björn Påhlsson
merge +
531
      goto mandos_end;
13 by Björn Påhlsson
Added following support:
532
    }
533
    
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
534
    ret = gnutls_record_recv(session, buffer+buffer_length,
535
			     BUFFER_SIZE);
13 by Björn Påhlsson
Added following support:
536
    if (ret == 0){
537
      break;
538
    }
539
    if (ret < 0){
540
      switch(ret){
541
      case GNUTLS_E_INTERRUPTED:
542
      case GNUTLS_E_AGAIN:
543
	break;
544
      case GNUTLS_E_REHANDSHAKE:
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
545
	ret = gnutls_handshake (session);
13 by Björn Påhlsson
Added following support:
546
	if (ret < 0){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
547
	  fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
13 by Björn Påhlsson
Added following support:
548
	  gnutls_perror (ret);
549
	  retval = -1;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
550
	  goto mandos_end;
13 by Björn Påhlsson
Added following support:
551
	}
552
	break;
553
      default:
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
554
	fprintf(stderr, "Unknown error while reading data from"
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
555
		" encrypted session with Mandos server\n");
13 by Björn Påhlsson
Added following support:
556
	retval = -1;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
557
	gnutls_bye (session, GNUTLS_SHUT_RDWR);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
558
	goto mandos_end;
13 by Björn Påhlsson
Added following support:
559
      }
560
    } else {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
561
      buffer_length += (size_t) ret;
13 by Björn Påhlsson
Added following support:
562
    }
563
  }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
564
  
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
565
  if(debug){
566
    fprintf(stderr, "Closing TLS session\n");
567
  }
568
  
569
  gnutls_bye (session, GNUTLS_SHUT_RDWR);
570
  
13 by Björn Påhlsson
Added following support:
571
  if (buffer_length > 0){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
572
    decrypted_buffer_size = pgp_packet_decrypt(buffer,
573
					       buffer_length,
574
					       &decrypted_buffer,
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
575
					       keydir);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
576
    if (decrypted_buffer_size >= 0){
24.1.10 by Björn Påhlsson
merge commit
577
      written = 0;
28 by Teddy Hogeborn
* server.conf: New file.
578
      while(written < (size_t) decrypted_buffer_size){
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
579
	ret = (int)fwrite (decrypted_buffer + written, 1,
580
			   (size_t)decrypted_buffer_size - written,
581
			   stdout);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
582
	if(ret == 0 and ferror(stdout)){
583
	  if(debug){
584
	    fprintf(stderr, "Error writing encrypted data: %s\n",
585
		    strerror(errno));
586
	  }
587
	  retval = -1;
588
	  break;
589
	}
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
590
	written += (size_t)ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
591
      }
13 by Björn Påhlsson
Added following support:
592
      free(decrypted_buffer);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
593
    } else {
594
      retval = -1;
13 by Björn Påhlsson
Added following support:
595
    }
596
  }
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
597
  
598
  /* Shutdown procedure */
599
  
600
 mandos_end:
13 by Björn Påhlsson
Added following support:
601
  free(buffer);
602
  close(tcp_sd);
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
603
  gnutls_deinit (session);
604
  gnutls_certificate_free_credentials (mc->cred);
13 by Björn Påhlsson
Added following support:
605
  gnutls_global_deinit ();
606
  return retval;
607
}
608
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
609
static void resolve_callback(AvahiSServiceResolver *r,
610
			     AvahiIfIndex interface,
611
			     AVAHI_GCC_UNUSED AvahiProtocol protocol,
612
			     AvahiResolverEvent event,
613
			     const char *name,
614
			     const char *type,
615
			     const char *domain,
616
			     const char *host_name,
617
			     const AvahiAddress *address,
618
			     uint16_t port,
619
			     AVAHI_GCC_UNUSED AvahiStringList *txt,
620
			     AVAHI_GCC_UNUSED AvahiLookupResultFlags
621
			     flags,
622
			     void* userdata) {
24.1.9 by Björn Påhlsson
not working midwork...
623
  mandos_context *mc = userdata;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
624
  assert(r);			/* Spurious warning */
625
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
626
  /* Called whenever a service has been resolved successfully or
627
     timed out */
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
628
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
629
  switch (event) {
630
  default:
631
  case AVAHI_RESOLVER_FAILURE:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
632
    fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
633
	    " of type '%s' in domain '%s': %s\n", name, type, domain,
24.1.9 by Björn Påhlsson
not working midwork...
634
	    avahi_strerror(avahi_server_errno(mc->server)));
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
635
    break;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
636
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
637
  case AVAHI_RESOLVER_FOUND:
638
    {
639
      char ip[AVAHI_ADDRESS_STR_MAX];
640
      avahi_address_snprint(ip, sizeof(ip), address);
641
      if(debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
642
	fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %d) on"
643
		" port %d\n", name, host_name, ip, interface, port);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
644
      }
24.1.9 by Björn Påhlsson
not working midwork...
645
      int ret = start_mandos_communication(ip, port, interface, mc);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
646
      if (ret == 0){
647
	exit(EXIT_SUCCESS);
648
      }
13 by Björn Påhlsson
Added following support:
649
    }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
650
  }
651
  avahi_s_service_resolver_free(r);
13 by Björn Påhlsson
Added following support:
652
}
653
24.1.9 by Björn Påhlsson
not working midwork...
654
static void browse_callback( AvahiSServiceBrowser *b,
655
			     AvahiIfIndex interface,
656
			     AvahiProtocol protocol,
657
			     AvahiBrowserEvent event,
658
			     const char *name,
659
			     const char *type,
660
			     const char *domain,
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
661
			     AVAHI_GCC_UNUSED AvahiLookupResultFlags
662
			     flags,
24.1.9 by Björn Påhlsson
not working midwork...
663
			     void* userdata) {
664
  mandos_context *mc = userdata;
665
  assert(b);			/* Spurious warning */
666
  
667
  /* Called whenever a new services becomes available on the LAN or
668
     is removed from the LAN */
669
  
670
  switch (event) {
671
  default:
672
  case AVAHI_BROWSER_FAILURE:
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
673
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
674
    fprintf(stderr, "(Avahi browser) %s\n",
24.1.9 by Björn Påhlsson
not working midwork...
675
	    avahi_strerror(avahi_server_errno(mc->server)));
676
    avahi_simple_poll_quit(mc->simple_poll);
677
    return;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
678
    
24.1.9 by Björn Påhlsson
not working midwork...
679
  case AVAHI_BROWSER_NEW:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
680
    /* We ignore the returned Avahi resolver object. In the callback
681
       function we free it. If the Avahi server is terminated before
682
       the callback function is called the Avahi server will free the
683
       resolver for us. */
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
684
    
39 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables.
685
    if (!(avahi_s_service_resolver_new(mc->server, interface,
686
				       protocol, name, type, domain,
24.1.9 by Björn Påhlsson
not working midwork...
687
				       AVAHI_PROTO_INET6, 0,
688
				       resolve_callback, mc)))
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
689
      fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
690
	      name, avahi_strerror(avahi_server_errno(mc->server)));
24.1.9 by Björn Påhlsson
not working midwork...
691
    break;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
692
    
24.1.9 by Björn Påhlsson
not working midwork...
693
  case AVAHI_BROWSER_REMOVE:
694
    break;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
695
    
24.1.9 by Björn Påhlsson
not working midwork...
696
  case AVAHI_BROWSER_ALL_FOR_NOW:
697
  case AVAHI_BROWSER_CACHE_EXHAUSTED:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
698
    if(debug){
699
      fprintf(stderr, "No Mandos server found, still searching...\n");
700
    }
24.1.9 by Björn Påhlsson
not working midwork...
701
    break;
702
  }
13 by Björn Påhlsson
Added following support:
703
}
704
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
705
/* Combines file name and path and returns the malloced new
706
   string. some sane checks could/should be added */
707
static const char *combinepath(const char *first, const char *second){
708
  size_t f_len = strlen(first);
709
  size_t s_len = strlen(second);
710
  char *tmp = malloc(f_len + s_len + 2);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
711
  if (tmp == NULL){
712
    return NULL;
713
  }
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
714
  if(f_len > 0){
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
715
    memcpy(tmp, first, f_len);	/* Spurious warning */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
716
  }
717
  tmp[f_len] = '/';
718
  if(s_len > 0){
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
719
    memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
720
  }
721
  tmp[f_len + 1 + s_len] = '\0';
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
722
  return tmp;
723
}
724
725
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
726
int main(int argc, char *argv[]){
13 by Björn Påhlsson
Added following support:
727
    AvahiSServiceBrowser *sb = NULL;
728
    int error;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
729
    int ret;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
730
    int exitcode = EXIT_SUCCESS;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
731
    const char *interface = "eth0";
24.1.6 by Björn Påhlsson
plugbasedclient
732
    struct ifreq network;
733
    int sd;
24.1.13 by Björn Påhlsson
mandosclient
734
    uid_t uid;
735
    gid_t gid;
24.1.7 by Björn Påhlsson
merge
736
    char *connect_to = NULL;
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
737
    AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
24.1.14 by Björn Påhlsson
mandosclient
738
    const char *pubkeyfile = "pubkey.txt";
739
    const char *seckeyfile = "seckey.txt";
24.1.9 by Björn Påhlsson
not working midwork...
740
    mandos_context mc = { .simple_poll = NULL, .server = NULL,
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
741
			  .dh_bits = 1024, .priority = "SECURE256"};
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
742
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
743
    {
24.1.14 by Björn Påhlsson
mandosclient
744
      struct argp_option options[] = {
745
	{ .name = "debug", .key = 128,
746
	  .doc = "Debug mode", .group = 3 },
747
	{ .name = "connect", .key = 'c',
748
	  .arg = "IP",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
749
	  .doc = "Connect directly to a sepcified mandos server",
750
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
751
	{ .name = "interface", .key = 'i',
752
	  .arg = "INTERFACE",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
753
	  .doc = "Interface that Avahi will conntect through",
754
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
755
	{ .name = "keydir", .key = 'd',
756
	  .arg = "KEYDIR",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
757
	  .doc = "Directory where the openpgp keyring is",
758
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
759
	{ .name = "seckey", .key = 's',
760
	  .arg = "SECKEY",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
761
	  .doc = "Secret openpgp key for gnutls authentication",
762
	  .group = 1 },
24.1.14 by Björn Påhlsson
mandosclient
763
	{ .name = "pubkey", .key = 'p',
764
	  .arg = "PUBKEY",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
765
	  .doc = "Public openpgp key for gnutls authentication",
766
	  .group = 2 },
24.1.14 by Björn Påhlsson
mandosclient
767
	{ .name = "dh-bits", .key = 129,
768
	  .arg = "BITS",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
769
	  .doc = "dh-bits to use in gnutls communication",
770
	  .group = 2 },
24.1.14 by Björn Påhlsson
mandosclient
771
	{ .name = "priority", .key = 130,
772
	  .arg = "PRIORITY",
773
	  .doc = "GNUTLS priority", .group = 1 },
774
	{ .name = NULL }
775
      };
776
777
      
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
778
      error_t parse_opt (int key, char *arg,
779
			 struct argp_state *state) {
780
	/* Get the INPUT argument from `argp_parse', which we know is
781
	   a pointer to our plugin list pointer. */
24.1.14 by Björn Påhlsson
mandosclient
782
	switch (key) {
783
	case 128:
784
	  debug = true;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
785
	  break;
24.1.14 by Björn Påhlsson
mandosclient
786
	case 'c':
787
	  connect_to = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
788
	  break;
789
	case 'i':
24.1.14 by Björn Påhlsson
mandosclient
790
	  interface = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
791
	  break;
792
	case 'd':
24.1.14 by Björn Påhlsson
mandosclient
793
	  keydir = arg;
794
	  break;
795
	case 's':
796
	  seckeyfile = arg;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
797
	  break;
798
	case 'p':
24.1.14 by Björn Påhlsson
mandosclient
799
	  pubkeyfile = arg;
800
	  break;
801
	case 129:
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
802
	  errno = 0;
24.1.14 by Björn Påhlsson
mandosclient
803
	  mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
804
	  if (errno){
805
	    perror("strtol");
806
	    exit(EXIT_FAILURE);
807
	  }
808
	  break;
24.1.14 by Björn Påhlsson
mandosclient
809
	case 130:
810
	  mc.priority = arg;
811
	  break;
812
	case ARGP_KEY_ARG:
813
	  argp_usage (state);
814
	  break;
815
	  case ARGP_KEY_END:
816
	    break;
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
817
	default:
24.1.14 by Björn Påhlsson
mandosclient
818
	  return ARGP_ERR_UNKNOWN;
24.1.9 by Björn Påhlsson
not working midwork...
819
	}
24.1.14 by Björn Påhlsson
mandosclient
820
	return 0;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
821
      }
24.1.14 by Björn Påhlsson
mandosclient
822
823
      struct argp argp = { .options = options, .parser = parse_opt,
824
			   .args_doc = "",
42 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Change "to"
825
			   .doc = "Mandos client -- Get and decrypt"
826
			   " passwords from mandos server" };
24.1.14 by Björn Påhlsson
mandosclient
827
      argp_parse (&argp, argc, argv, 0, 0, NULL);
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
828
    }
24.1.14 by Björn Påhlsson
mandosclient
829
      
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
830
    pubkeyfile = combinepath(keydir, pubkeyfile);
831
    if (pubkeyfile == NULL){
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
832
      perror("combinepath");
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
833
      exitcode = EXIT_FAILURE;
834
      goto end;
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
835
    }
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
836
    
837
    seckeyfile = combinepath(keydir, seckeyfile);
838
    if (seckeyfile == NULL){
24.1.7 by Björn Påhlsson
merge
839
      perror("combinepath");
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
840
      goto end;
24.1.6 by Björn Påhlsson
plugbasedclient
841
    }
24.1.13 by Björn Påhlsson
mandosclient
842
24.1.14 by Björn Påhlsson
mandosclient
843
    ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);
24.1.13 by Björn Påhlsson
mandosclient
844
    if (ret == -1){
845
      fprintf(stderr, "init_gnutls_global\n");
846
      goto end;
847
    }
848
849
    uid = getuid();
850
    gid = getgid();
851
852
    ret = setuid(uid);
853
    if (ret == -1){
854
      perror("setuid");
855
    }
856
    
857
    setgid(gid);
858
    if (ret == -1){
859
      perror("setgid");
860
    }
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
861
    
24.1.7 by Björn Påhlsson
merge
862
    if_index = (AvahiIfIndex) if_nametoindex(interface);
863
    if(if_index == 0){
864
      fprintf(stderr, "No such interface: \"%s\"\n", interface);
865
      exit(EXIT_FAILURE);
28 by Teddy Hogeborn
* server.conf: New file.
866
    }
867
    
868
    if(connect_to != NULL){
869
      /* Connect directly, do not use Zeroconf */
870
      /* (Mainly meant for debugging) */
871
      char *address = strrchr(connect_to, ':');
872
      if(address == NULL){
873
        fprintf(stderr, "No colon in address\n");
24.1.13 by Björn Påhlsson
mandosclient
874
	exitcode = EXIT_FAILURE;
875
	goto end;
28 by Teddy Hogeborn
* server.conf: New file.
876
      }
877
      errno = 0;
878
      uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
879
      if(errno){
880
	perror("Bad port number");
24.1.13 by Björn Påhlsson
mandosclient
881
	exitcode = EXIT_FAILURE;
882
	goto end;
28 by Teddy Hogeborn
* server.conf: New file.
883
      }
884
      *address = '\0';
885
      address = connect_to;
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
886
      ret = start_mandos_communication(address, port, if_index, &mc);
28 by Teddy Hogeborn
* server.conf: New file.
887
      if(ret < 0){
24.1.13 by Björn Påhlsson
mandosclient
888
	exitcode = EXIT_FAILURE;
28 by Teddy Hogeborn
* server.conf: New file.
889
      } else {
24.1.13 by Björn Påhlsson
mandosclient
890
	exitcode = EXIT_SUCCESS;
28 by Teddy Hogeborn
* server.conf: New file.
891
      }
24.1.13 by Björn Påhlsson
mandosclient
892
      goto end;
28 by Teddy Hogeborn
* server.conf: New file.
893
    }
894
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
895
    /* If the interface is down, bring it up */
896
    {
897
      sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
898
      if(sd < 0) {
899
	perror("socket");
900
	exitcode = EXIT_FAILURE;
901
	goto end;
902
      }
903
      strcpy(network.ifr_name, interface); /* Spurious warning */
904
      ret = ioctl(sd, SIOCGIFFLAGS, &network);
24.1.6 by Björn Påhlsson
plugbasedclient
905
      if(ret == -1){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
906
	perror("ioctl SIOCGIFFLAGS");
907
	exitcode = EXIT_FAILURE;
908
	goto end;
909
      }
910
      if((network.ifr_flags & IFF_UP) == 0){
911
	network.ifr_flags |= IFF_UP;
912
	ret = ioctl(sd, SIOCSIFFLAGS, &network);
913
	if(ret == -1){
914
	  perror("ioctl SIOCSIFFLAGS");
915
	  exitcode = EXIT_FAILURE;
916
	  goto end;
917
	}
918
      }
919
      close(sd);
24.1.6 by Björn Påhlsson
plugbasedclient
920
    }
921
    
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
922
    if (not debug){
923
      avahi_set_log_function(empty_log);
924
    }
13 by Björn Påhlsson
Added following support:
925
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
926
    /* Initialize the pseudo-RNG for Avahi */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
927
    srand((unsigned int) time(NULL));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
928
    
929
    /* Allocate main Avahi loop object */
930
    mc.simple_poll = avahi_simple_poll_new();
931
    if (mc.simple_poll == NULL) {
932
        fprintf(stderr, "Avahi: Failed to create simple poll"
933
		" object.\n");
934
	exitcode = EXIT_FAILURE;
935
        goto end;
936
    }
937
938
    {
939
      AvahiServerConfig config;
940
      /* Do not publish any local Zeroconf records */
941
      avahi_server_config_init(&config);
942
      config.publish_hinfo = 0;
943
      config.publish_addresses = 0;
944
      config.publish_workstation = 0;
945
      config.publish_domain = 0;
946
947
      /* Allocate a new server */
948
      mc.server = avahi_server_new(avahi_simple_poll_get
949
				   (mc.simple_poll), &config, NULL,
950
				   NULL, &error);
951
    
952
      /* Free the Avahi configuration data */
953
      avahi_server_config_free(&config);
954
    }
955
    
956
    /* Check if creating the Avahi server object succeeded */
957
    if (mc.server == NULL) {
958
        fprintf(stderr, "Failed to create Avahi server: %s\n",
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
959
		avahi_strerror(error));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
960
	exitcode = EXIT_FAILURE;
961
        goto end;
13 by Björn Påhlsson
Added following support:
962
    }
963
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
964
    /* Create the Avahi service browser */
24.1.9 by Björn Påhlsson
not working midwork...
965
    sb = avahi_s_service_browser_new(mc.server, if_index,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
966
				     AVAHI_PROTO_INET6,
967
				     "_mandos._tcp", NULL, 0,
24.1.9 by Björn Påhlsson
not working midwork...
968
				     browse_callback, &mc);
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
969
    if (sb == NULL) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
970
        fprintf(stderr, "Failed to create service browser: %s\n",
24.1.9 by Björn Påhlsson
not working midwork...
971
		avahi_strerror(avahi_server_errno(mc.server)));
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
972
	exitcode = EXIT_FAILURE;
973
        goto end;
13 by Björn Påhlsson
Added following support:
974
    }
975
    
976
    /* Run the main loop */
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
977
978
    if (debug){
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
979
      fprintf(stderr, "Starting Avahi loop search\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
980
    }
981
    
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
982
    avahi_simple_poll_loop(mc.simple_poll);
13 by Björn Påhlsson
Added following support:
983
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
984
 end:
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
985
986
    if (debug){
987
      fprintf(stderr, "%s exiting\n", argv[0]);
988
    }
13 by Björn Påhlsson
Added following support:
989
    
990
    /* Cleanup things */
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
991
    if (sb != NULL)
13 by Björn Påhlsson
Added following support:
992
        avahi_s_service_browser_free(sb);
993
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
994
    if (mc.server != NULL)
24.1.9 by Björn Påhlsson
not working midwork...
995
        avahi_server_free(mc.server);
13 by Björn Påhlsson
Added following support:
996
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
997
    if (mc.simple_poll != NULL)
38 by Teddy Hogeborn
* plugbasedclient.c (main): New "--userid" and "--groupid" options.
998
        avahi_simple_poll_free(mc.simple_poll);
37 by Teddy Hogeborn
Non-tested commit for merge purposes.
999
    free(pubkeyfile);
1000
    free(seckeyfile);
24.1.5 by Björn Påhlsson
plugbasedclient:
1001
    
40 by Teddy Hogeborn
* plugins.d/mandosclient.c (initgnutls): Moved "err" variable into its
1002
    return exitcode;
13 by Björn Påhlsson
Added following support:
1003
}