/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
1
/*  -*- coding: utf-8 -*- */
2
/*
3
 * Mandos client - get and decrypt data from a Mandos server
4
 *
5
 * This program is partly derived from an example program for an Avahi
6
 * service browser, downloaded from
7
 * <http://avahi.org/browser/examples/core-browse-services.c>.  This
8
 * includes the following functions: "resolve_callback",
9
 * "browse_callback", and parts of "main".
10
 * 
28 by Teddy Hogeborn
* server.conf: New file.
11
 * Everything else is
12
 * Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
13
 * 
14
 * This program is free software: you can redistribute it and/or
15
 * modify it under the terms of the GNU General Public License as
16
 * published by the Free Software Foundation, either version 3 of the
17
 * License, or (at your option) any later version.
18
 * 
19
 * This program is distributed in the hope that it will be useful, but
20
 * WITHOUT ANY WARRANTY; without even the implied warranty of
21
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22
 * General Public License for more details.
23
 * 
24
 * You should have received a copy of the GNU General Public License
25
 * along with this program.  If not, see
26
 * <http://www.gnu.org/licenses/>.
27
 * 
31 by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments.
28
 * Contact the authors at <mandos@fukt.bsnet.se>.
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
29
 */
30
28 by Teddy Hogeborn
* server.conf: New file.
31
/* Needed by GPGME, specifically gpgme_data_seek() */
13 by Björn Påhlsson
Added following support:
32
#define _LARGEFILE_SOURCE
33
#define _FILE_OFFSET_BITS 64
34
35
#include <stdio.h>
36
#include <assert.h>
37
#include <stdlib.h>
38
#include <time.h>
39
#include <net/if.h>		/* if_nametoindex */
40
41
#include <avahi-core/core.h>
42
#include <avahi-core/lookup.h>
43
#include <avahi-core/log.h>
44
#include <avahi-common/simple-watch.h>
45
#include <avahi-common/malloc.h>
46
#include <avahi-common/error.h>
47
48
//mandos client part
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
49
#include <sys/types.h>		/* socket(), inet_pton() */
50
#include <sys/socket.h>		/* socket(), struct sockaddr_in6,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
51
				   struct in6_addr, inet_pton() */
52
#include <gnutls/gnutls.h>	/* All GnuTLS stuff */
53
#include <gnutls/openpgp.h>	/* GnuTLS with openpgp stuff */
13 by Björn Påhlsson
Added following support:
54
55
#include <unistd.h>		/* close() */
56
#include <netinet/in.h>
57
#include <stdbool.h>		/* true */
58
#include <string.h>		/* memset */
59
#include <arpa/inet.h>		/* inet_pton() */
60
#include <iso646.h>		/* not */
61
62
// gpgme
63
#include <errno.h>		/* perror() */
64
#include <gpgme.h>
65
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
66
// getopt long
67
#include <getopt.h>
13 by Björn Påhlsson
Added following support:
68
69
#define BUFFER_SIZE 256
70
#define DH_BITS 1024
71
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
72
static const char *certdir = "/conf/conf.d/mandos";
73
static const char *certfile = "openpgp-client.txt";
74
static const char *certkey = "openpgp-client-key.txt";
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
75
15.1.2 by Björn Påhlsson
Added debug options from passprompt as --debug and --debug=passprompt
76
bool debug = false;
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
77
13 by Björn Påhlsson
Added following support:
78
typedef struct {
79
  gnutls_session_t session;
80
  gnutls_certificate_credentials_t cred;
81
  gnutls_dh_params_t dh_params;
82
} encrypted_session;
83
84
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
85
static ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
86
				   char **new_packet,
87
				   const char *homedir){
13 by Björn Påhlsson
Added following support:
88
  gpgme_data_t dh_crypto, dh_plain;
89
  gpgme_ctx_t ctx;
90
  gpgme_error_t rc;
91
  ssize_t ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
92
  ssize_t new_packet_capacity = 0;
93
  ssize_t new_packet_length = 0;
13 by Björn Påhlsson
Added following support:
94
  gpgme_engine_info_t engine_info;
95
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
96
  if (debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
97
    fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
98
  }
99
  
13 by Björn Påhlsson
Added following support:
100
  /* Init GPGME */
101
  gpgme_check_version(NULL);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
102
  rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
103
  if (rc != GPG_ERR_NO_ERROR){
104
    fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
105
	    gpgme_strsource(rc), gpgme_strerror(rc));
106
    return -1;
107
  }
13 by Björn Påhlsson
Added following support:
108
  
109
  /* Set GPGME home directory */
110
  rc = gpgme_get_engine_info (&engine_info);
111
  if (rc != GPG_ERR_NO_ERROR){
112
    fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
113
	    gpgme_strsource(rc), gpgme_strerror(rc));
114
    return -1;
115
  }
116
  while(engine_info != NULL){
117
    if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
118
      gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
119
			    engine_info->file_name, homedir);
120
      break;
121
    }
122
    engine_info = engine_info->next;
123
  }
124
  if(engine_info == NULL){
125
    fprintf(stderr, "Could not set home dir to %s\n", homedir);
126
    return -1;
127
  }
128
  
129
  /* Create new GPGME data buffer from packet buffer */
130
  rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
131
  if (rc != GPG_ERR_NO_ERROR){
132
    fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
133
	    gpgme_strsource(rc), gpgme_strerror(rc));
134
    return -1;
135
  }
136
  
137
  /* Create new empty GPGME data buffer for the plaintext */
138
  rc = gpgme_data_new(&dh_plain);
139
  if (rc != GPG_ERR_NO_ERROR){
140
    fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
141
	    gpgme_strsource(rc), gpgme_strerror(rc));
142
    return -1;
143
  }
144
  
145
  /* Create new GPGME "context" */
146
  rc = gpgme_new(&ctx);
147
  if (rc != GPG_ERR_NO_ERROR){
148
    fprintf(stderr, "bad gpgme_new: %s: %s\n",
149
	    gpgme_strsource(rc), gpgme_strerror(rc));
150
    return -1;
151
  }
152
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
153
  /* Decrypt data from the FILE pointer to the plaintext data
154
     buffer */
13 by Björn Påhlsson
Added following support:
155
  rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
156
  if (rc != GPG_ERR_NO_ERROR){
157
    fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
158
	    gpgme_strsource(rc), gpgme_strerror(rc));
159
    return -1;
160
  }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
161
162
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
163
    fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
164
  }
165
166
  if (debug){
167
    gpgme_decrypt_result_t result;
168
    result = gpgme_op_decrypt_result(ctx);
169
    if (result == NULL){
170
      fprintf(stderr, "gpgme_op_decrypt_result failed\n");
171
    } else {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
172
      fprintf(stderr, "Unsupported algorithm: %s\n",
173
	      result->unsupported_algorithm);
174
      fprintf(stderr, "Wrong key usage: %d\n",
175
	      result->wrong_key_usage);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
176
      if(result->file_name != NULL){
177
	fprintf(stderr, "File name: %s\n", result->file_name);
178
      }
179
      gpgme_recipient_t recipient;
180
      recipient = result->recipients;
181
      if(recipient){
182
	while(recipient != NULL){
183
	  fprintf(stderr, "Public key algorithm: %s\n",
184
		  gpgme_pubkey_algo_name(recipient->pubkey_algo));
185
	  fprintf(stderr, "Key ID: %s\n", recipient->keyid);
186
	  fprintf(stderr, "Secret key available: %s\n",
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
187
		  recipient->status == GPG_ERR_NO_SECKEY
188
		  ? "No" : "Yes");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
189
	  recipient = recipient->next;
190
	}
191
      }
192
    }
193
  }
13 by Björn Påhlsson
Added following support:
194
  
195
  /* Delete the GPGME FILE pointer cryptotext data buffer */
196
  gpgme_data_release(dh_crypto);
197
  
198
  /* Seek back to the beginning of the GPGME plaintext data buffer */
24.1.5 by Björn Påhlsson
plugbasedclient:
199
  if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
200
    perror("pgpme_data_seek");
201
  }
202
  
13 by Björn Påhlsson
Added following support:
203
  *new_packet = 0;
204
  while(true){
205
    if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
206
      *new_packet = realloc(*new_packet,
207
			    (unsigned int)new_packet_capacity
208
			    + BUFFER_SIZE);
13 by Björn Påhlsson
Added following support:
209
      if (*new_packet == NULL){
210
	perror("realloc");
211
	return -1;
212
      }
213
      new_packet_capacity += BUFFER_SIZE;
214
    }
215
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
216
    ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
217
			  BUFFER_SIZE);
13 by Björn Påhlsson
Added following support:
218
    /* Print the data, if any */
219
    if (ret == 0){
220
      break;
221
    }
222
    if(ret < 0){
223
      perror("gpgme_data_read");
224
      return -1;
225
    }
226
    new_packet_length += ret;
227
  }
228
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
229
  /* FIXME: check characters before printing to screen so to not print
230
     terminal control characters */
231
  /*   if(debug){ */
232
  /*     fprintf(stderr, "decrypted password is: "); */
233
  /*     fwrite(*new_packet, 1, new_packet_length, stderr); */
234
  /*     fprintf(stderr, "\n"); */
235
  /*   } */
236
  
237
  /* Delete the GPGME plaintext data buffer */
13 by Björn Påhlsson
Added following support:
238
  gpgme_data_release(dh_plain);
239
  return new_packet_length;
240
}
241
242
static const char * safer_gnutls_strerror (int value) {
243
  const char *ret = gnutls_strerror (value);
244
  if (ret == NULL)
245
    ret = "(unknown)";
246
  return ret;
247
}
248
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
249
static void debuggnutls(__attribute__((unused)) int level,
250
			const char* string){
13 by Björn Påhlsson
Added following support:
251
  fprintf(stderr, "%s", string);
252
}
253
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
254
static int initgnutls(encrypted_session *es){
13 by Björn Påhlsson
Added following support:
255
  const char *err;
256
  int ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
257
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
258
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
259
    fprintf(stderr, "Initializing GnuTLS\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
260
  }
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
261
13 by Björn Påhlsson
Added following support:
262
  if ((ret = gnutls_global_init ())
263
      != GNUTLS_E_SUCCESS) {
264
    fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
265
    return -1;
266
  }
267
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
268
  if (debug){
269
    gnutls_global_set_log_level(11);
270
    gnutls_global_set_log_function(debuggnutls);
271
  }
272
  
13 by Björn Påhlsson
Added following support:
273
  /* openpgp credentials */
274
  if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
275
      != GNUTLS_E_SUCCESS) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
276
    fprintf (stderr, "memory error: %s\n",
277
	     safer_gnutls_strerror(ret));
13 by Björn Påhlsson
Added following support:
278
    return -1;
279
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
280
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
281
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
282
    fprintf(stderr, "Attempting to use OpenPGP certificate %s"
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
283
	    " and keyfile %s as GnuTLS credentials\n", certfile,
284
	    certkey);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
285
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
286
  
13 by Björn Påhlsson
Added following support:
287
  ret = gnutls_certificate_set_openpgp_key_file
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
288
    (es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
13 by Björn Påhlsson
Added following support:
289
  if (ret != GNUTLS_E_SUCCESS) {
290
    fprintf
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
291
      (stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
292
       " '%s')\n",
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
293
       ret, certfile, certkey);
13 by Björn Påhlsson
Added following support:
294
    fprintf(stdout, "The Error is: %s\n",
295
	    safer_gnutls_strerror(ret));
296
    return -1;
297
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
298
  
299
  //GnuTLS server initialization
13 by Björn Påhlsson
Added following support:
300
  if ((ret = gnutls_dh_params_init (&es->dh_params))
301
      != GNUTLS_E_SUCCESS) {
302
    fprintf (stderr, "Error in dh parameter initialization: %s\n",
303
	     safer_gnutls_strerror(ret));
304
    return -1;
305
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
306
  
13 by Björn Påhlsson
Added following support:
307
  if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
308
      != GNUTLS_E_SUCCESS) {
309
    fprintf (stderr, "Error in prime generation: %s\n",
310
	     safer_gnutls_strerror(ret));
311
    return -1;
312
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
313
  
13 by Björn Påhlsson
Added following support:
314
  gnutls_certificate_set_dh_params (es->cred, es->dh_params);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
315
  
316
  // GnuTLS session creation
13 by Björn Påhlsson
Added following support:
317
  if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
318
      != GNUTLS_E_SUCCESS){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
319
    fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
13 by Björn Påhlsson
Added following support:
320
	    safer_gnutls_strerror(ret));
321
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
322
  
13 by Björn Påhlsson
Added following support:
323
  if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
324
      != GNUTLS_E_SUCCESS) {
325
    fprintf(stderr, "Syntax error at: %s\n", err);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
326
    fprintf(stderr, "GnuTLS error: %s\n",
13 by Björn Påhlsson
Added following support:
327
	    safer_gnutls_strerror(ret));
328
    return -1;
329
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
330
  
13 by Björn Påhlsson
Added following support:
331
  if ((ret = gnutls_credentials_set
332
       (es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
333
      != GNUTLS_E_SUCCESS) {
334
    fprintf(stderr, "Error setting a credentials set: %s\n",
335
	    safer_gnutls_strerror(ret));
336
    return -1;
337
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
338
  
13 by Björn Påhlsson
Added following support:
339
  /* ignore client certificate if any. */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
340
  gnutls_certificate_server_set_request (es->session,
341
					 GNUTLS_CERT_IGNORE);
13 by Björn Påhlsson
Added following support:
342
  
343
  gnutls_dh_set_prime_bits (es->session, DH_BITS);
344
  
345
  return 0;
346
}
347
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
348
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
349
		      __attribute__((unused)) const char *txt){}
13 by Björn Påhlsson
Added following support:
350
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
351
static int start_mandos_communication(const char *ip, uint16_t port,
352
				      AvahiIfIndex if_index){
13 by Björn Påhlsson
Added following support:
353
  int ret, tcp_sd;
354
  struct sockaddr_in6 to;
355
  encrypted_session es;
356
  char *buffer = NULL;
357
  char *decrypted_buffer;
358
  size_t buffer_length = 0;
359
  size_t buffer_capacity = 0;
360
  ssize_t decrypted_buffer_size;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
361
  size_t written = 0;
13 by Björn Påhlsson
Added following support:
362
  int retval = 0;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
363
  char interface[IF_NAMESIZE];
364
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
365
  if(debug){
28 by Teddy Hogeborn
* server.conf: New file.
366
    fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
367
	    ip, port);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
368
  }
13 by Björn Påhlsson
Added following support:
369
  
370
  tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
371
  if(tcp_sd < 0) {
372
    perror("socket");
373
    return -1;
374
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
375
  
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
376
  if(if_indextoname((unsigned int)if_index, interface) == NULL){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
377
    if(debug){
378
      perror("if_indextoname");
379
    }
380
    return -1;
381
  }
382
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
383
  if(debug){
384
    fprintf(stderr, "Binding to interface %s\n", interface);
385
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
386
  
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
387
  memset(&to,0,sizeof(to));	/* Spurious warning */
13 by Björn Påhlsson
Added following support:
388
  to.sin6_family = AF_INET6;
18 by Teddy Hogeborn
* plugins.d/Makefile: Removed
389
  ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
13 by Björn Påhlsson
Added following support:
390
  if (ret < 0 ){
391
    perror("inet_pton");
392
    return -1;
393
  }  
394
  if(ret == 0){
395
    fprintf(stderr, "Bad address: %s\n", ip);
396
    return -1;
397
  }
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
398
  to.sin6_port = htons(port);	/* Spurious warning */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
399
  
400
  to.sin6_scope_id = (uint32_t)if_index;
401
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
402
  if(debug){
28 by Teddy Hogeborn
* server.conf: New file.
403
    fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
404
/*     char addrstr[INET6_ADDRSTRLEN]; */
405
/*     if(inet_ntop(to.sin6_family, &(to.sin6_addr), addrstr, */
406
/* 		 sizeof(addrstr)) == NULL){ */
407
/*       perror("inet_ntop"); */
408
/*     } else { */
409
/*       fprintf(stderr, "Really connecting to: %s, port %d\n", */
410
/* 	      addrstr, ntohs(to.sin6_port)); */
411
/*     } */
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
412
  }
13 by Björn Påhlsson
Added following support:
413
  
414
  ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
415
  if (ret < 0){
416
    perror("connect");
417
    return -1;
418
  }
419
  
420
  ret = initgnutls (&es);
421
  if (ret != 0){
422
    retval = -1;
423
    return -1;
424
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
425
  
426
  gnutls_transport_set_ptr (es.session,
427
			    (gnutls_transport_ptr_t) tcp_sd);
428
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
429
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
430
    fprintf(stderr, "Establishing TLS session with %s\n", ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
431
  }
432
  
13 by Björn Påhlsson
Added following support:
433
  ret = gnutls_handshake (es.session);
434
  
435
  if (ret != GNUTLS_E_SUCCESS){
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
436
    if(debug){
437
      fprintf(stderr, "\n*** Handshake failed ***\n");
438
      gnutls_perror (ret);
439
    }
13 by Björn Påhlsson
Added following support:
440
    retval = -1;
441
    goto exit;
442
  }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
443
  
444
  //Retrieve OpenPGP packet that contains the wanted password
445
  
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
446
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
447
    fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
448
	    ip);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
449
  }
450
13 by Björn Påhlsson
Added following support:
451
  while(true){
452
    if (buffer_length + BUFFER_SIZE > buffer_capacity){
453
      buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
454
      if (buffer == NULL){
455
	perror("realloc");
456
	goto exit;
457
      }
458
      buffer_capacity += BUFFER_SIZE;
459
    }
460
    
461
    ret = gnutls_record_recv
462
      (es.session, buffer+buffer_length, BUFFER_SIZE);
463
    if (ret == 0){
464
      break;
465
    }
466
    if (ret < 0){
467
      switch(ret){
468
      case GNUTLS_E_INTERRUPTED:
469
      case GNUTLS_E_AGAIN:
470
	break;
471
      case GNUTLS_E_REHANDSHAKE:
472
	ret = gnutls_handshake (es.session);
473
	if (ret < 0){
474
	  fprintf(stderr, "\n*** Handshake failed ***\n");
475
	  gnutls_perror (ret);
476
	  retval = -1;
477
	  goto exit;
478
	}
479
	break;
480
      default:
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
481
	fprintf(stderr, "Unknown error while reading data from"
482
		" encrypted session with mandos server\n");
13 by Björn Påhlsson
Added following support:
483
	retval = -1;
484
	gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
485
	goto exit;
486
      }
487
    } else {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
488
      buffer_length += (size_t) ret;
13 by Björn Påhlsson
Added following support:
489
    }
490
  }
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
491
  
13 by Björn Påhlsson
Added following support:
492
  if (buffer_length > 0){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
493
    decrypted_buffer_size = pgp_packet_decrypt(buffer,
494
					       buffer_length,
495
					       &decrypted_buffer,
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
496
					       certdir);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
497
    if (decrypted_buffer_size >= 0){
28 by Teddy Hogeborn
* server.conf: New file.
498
      while(written < (size_t) decrypted_buffer_size){
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
499
	ret = (int)fwrite (decrypted_buffer + written, 1,
500
			   (size_t)decrypted_buffer_size - written,
501
			   stdout);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
502
	if(ret == 0 and ferror(stdout)){
503
	  if(debug){
504
	    fprintf(stderr, "Error writing encrypted data: %s\n",
505
		    strerror(errno));
506
	  }
507
	  retval = -1;
508
	  break;
509
	}
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
510
	written += (size_t)ret;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
511
      }
13 by Björn Påhlsson
Added following support:
512
      free(decrypted_buffer);
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
513
    } else {
514
      retval = -1;
13 by Björn Påhlsson
Added following support:
515
    }
516
  }
517
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
518
  //shutdown procedure
519
520
  if(debug){
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
521
    fprintf(stderr, "Closing TLS session\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
522
  }
523
13 by Björn Påhlsson
Added following support:
524
  free(buffer);
525
  gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
526
 exit:
527
  close(tcp_sd);
528
  gnutls_deinit (es.session);
529
  gnutls_certificate_free_credentials (es.cred);
530
  gnutls_global_deinit ();
531
  return retval;
532
}
533
534
static AvahiSimplePoll *simple_poll = NULL;
535
static AvahiServer *server = NULL;
536
537
static void resolve_callback(
538
    AvahiSServiceResolver *r,
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
539
    AvahiIfIndex interface,
13 by Björn Påhlsson
Added following support:
540
    AVAHI_GCC_UNUSED AvahiProtocol protocol,
541
    AvahiResolverEvent event,
542
    const char *name,
543
    const char *type,
544
    const char *domain,
545
    const char *host_name,
546
    const AvahiAddress *address,
547
    uint16_t port,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
548
    AVAHI_GCC_UNUSED AvahiStringList *txt,
549
    AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
13 by Björn Påhlsson
Added following support:
550
    AVAHI_GCC_UNUSED void* userdata) {
551
    
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
552
  assert(r);			/* Spurious warning */
553
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
554
  /* Called whenever a service has been resolved successfully or
555
     timed out */
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
556
  
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
557
  switch (event) {
558
  default:
559
  case AVAHI_RESOLVER_FAILURE:
560
    fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
561
	    " type '%s' in domain '%s': %s\n", name, type, domain,
562
	    avahi_strerror(avahi_server_errno(server)));
563
    break;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
564
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
565
  case AVAHI_RESOLVER_FOUND:
566
    {
567
      char ip[AVAHI_ADDRESS_STR_MAX];
568
      avahi_address_snprint(ip, sizeof(ip), address);
569
      if(debug){
25 by Teddy Hogeborn
* mandos-clients.conf ([DEFAULT]): New section.
570
	fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
571
		" port %d\n", name, host_name, ip, port);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
572
      }
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
573
      int ret = start_mandos_communication(ip, port, interface);
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
574
      if (ret == 0){
575
	exit(EXIT_SUCCESS);
576
      }
13 by Björn Påhlsson
Added following support:
577
    }
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
578
  }
579
  avahi_s_service_resolver_free(r);
13 by Björn Påhlsson
Added following support:
580
}
581
582
static void browse_callback(
583
    AvahiSServiceBrowser *b,
584
    AvahiIfIndex interface,
585
    AvahiProtocol protocol,
586
    AvahiBrowserEvent event,
587
    const char *name,
588
    const char *type,
589
    const char *domain,
590
    AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
591
    void* userdata) {
592
    
593
    AvahiServer *s = userdata;
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
594
    assert(b);			/* Spurious warning */
595
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
596
    /* Called whenever a new services becomes available on the LAN or
597
       is removed from the LAN */
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
598
    
13 by Björn Påhlsson
Added following support:
599
    switch (event) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
600
    default:
601
    case AVAHI_BROWSER_FAILURE:
602
      
603
      fprintf(stderr, "(Browser) %s\n",
604
	      avahi_strerror(avahi_server_errno(server)));
605
      avahi_simple_poll_quit(simple_poll);
606
      return;
607
      
608
    case AVAHI_BROWSER_NEW:
609
      /* We ignore the returned resolver object. In the callback
610
	 function we free it. If the server is terminated before
611
	 the callback function is called the server will free
612
	 the resolver for us. */
613
      
614
      if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
615
					 type, domain,
616
					 AVAHI_PROTO_INET6, 0,
617
					 resolve_callback, s)))
618
	fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
619
		avahi_strerror(avahi_server_errno(s)));
620
      break;
621
      
622
    case AVAHI_BROWSER_REMOVE:
623
      break;
624
      
625
    case AVAHI_BROWSER_ALL_FOR_NOW:
626
    case AVAHI_BROWSER_CACHE_EXHAUSTED:
627
      break;
13 by Björn Påhlsson
Added following support:
628
    }
629
}
630
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
631
/* Combines file name and path and returns the malloced new
632
   string. some sane checks could/should be added */
633
static const char *combinepath(const char *first, const char *second){
634
  size_t f_len = strlen(first);
635
  size_t s_len = strlen(second);
636
  char *tmp = malloc(f_len + s_len + 2);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
637
  if (tmp == NULL){
638
    return NULL;
639
  }
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
640
  if(f_len > 0){
641
    memcpy(tmp, first, f_len);
642
  }
643
  tmp[f_len] = '/';
644
  if(s_len > 0){
645
    memcpy(tmp + f_len + 1, second, s_len);
646
  }
647
  tmp[f_len + 1 + s_len] = '\0';
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
648
  return tmp;
649
}
650
651
13 by Björn Påhlsson
Added following support:
652
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
653
    AvahiServerConfig config;
654
    AvahiSServiceBrowser *sb = NULL;
655
    int error;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
656
    int ret;
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
657
    int returncode = EXIT_SUCCESS;
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
658
    const char *interface = NULL;
659
    AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
28 by Teddy Hogeborn
* server.conf: New file.
660
    char *connect_to = NULL;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
661
    
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
662
    while (true){
663
      static struct option long_options[] = {
664
	{"debug", no_argument, (int *)&debug, 1},
30 by Teddy Hogeborn
Merge.
665
	{"connect", required_argument, 0, 'C'},
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
666
	{"interface", required_argument, 0, 'i'},
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
667
	{"certdir", required_argument, 0, 'd'},
668
	{"certkey", required_argument, 0, 'c'},
669
	{"certfile", required_argument, 0, 'k'},
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
670
	{0, 0, 0, 0} };
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
671
      
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
672
      int option_index = 0;
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
673
      ret = getopt_long (argc, argv, "i:", long_options,
674
			 &option_index);
22 by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Cast "0" argument to
675
      
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
676
      if (ret == -1){
677
	break;
678
      }
679
      
680
      switch(ret){
681
      case 0:
682
	break;
683
      case 'i':
684
	interface = optarg;
685
	break;
30 by Teddy Hogeborn
Merge.
686
      case 'C':
687
	connect_to = optarg;
688
	break;
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
689
      case 'd':
690
	certdir = optarg;
691
	break;
692
      case 'c':
693
	certfile = optarg;
694
	break;
695
      case 'k':
696
	certkey = optarg;
697
	break;
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
698
      default:
699
	exit(EXIT_FAILURE);
700
      }
701
    }
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
702
    
24.1.5 by Björn Påhlsson
plugbasedclient:
703
    certfile = combinepath(certdir, certfile);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
704
    if (certfile == NULL){
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
705
      perror("combinepath");
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
706
      goto exit;
707
    }
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
708
    
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
709
    if(interface != NULL){
710
      if_index = (AvahiIfIndex) if_nametoindex(interface);
711
      if(if_index == 0){
712
	fprintf(stderr, "No such interface: \"%s\"\n", interface);
713
	exit(EXIT_FAILURE);
714
      }
28 by Teddy Hogeborn
* server.conf: New file.
715
    }
716
    
717
    if(connect_to != NULL){
718
      /* Connect directly, do not use Zeroconf */
719
      /* (Mainly meant for debugging) */
720
      char *address = strrchr(connect_to, ':');
721
      if(address == NULL){
722
        fprintf(stderr, "No colon in address\n");
723
	exit(EXIT_FAILURE);
724
      }
725
      errno = 0;
726
      uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
727
      if(errno){
728
	perror("Bad port number");
729
	exit(EXIT_FAILURE);
730
      }
731
      *address = '\0';
732
      address = connect_to;
733
      ret = start_mandos_communication(address, port, if_index);
734
      if(ret < 0){
735
	exit(EXIT_FAILURE);
736
      } else {
737
	exit(EXIT_SUCCESS);
738
      }
739
    }
740
    
24.1.5 by Björn Påhlsson
plugbasedclient:
741
    certkey = combinepath(certdir, certkey);
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
742
    if (certkey == NULL){
36 by Teddy Hogeborn
* TODO: Converted to org-mode style
743
      perror("combinepath");
24.1.4 by Björn Påhlsson
Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.
744
      goto exit;
745
    }
30 by Teddy Hogeborn
Merge.
746
    
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
747
    if (not debug){
748
      avahi_set_log_function(empty_log);
749
    }
13 by Björn Påhlsson
Added following support:
750
    
751
    /* Initialize the psuedo-RNG */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
752
    srand((unsigned int) time(NULL));
13 by Björn Påhlsson
Added following support:
753
754
    /* Allocate main loop object */
755
    if (!(simple_poll = avahi_simple_poll_new())) {
756
        fprintf(stderr, "Failed to create simple poll object.\n");
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
757
	
758
        goto exit;
13 by Björn Påhlsson
Added following support:
759
    }
760
761
    /* Do not publish any local records */
762
    avahi_server_config_init(&config);
763
    config.publish_hinfo = 0;
764
    config.publish_addresses = 0;
765
    config.publish_workstation = 0;
766
    config.publish_domain = 0;
767
768
    /* Allocate a new server */
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
769
    server = avahi_server_new(avahi_simple_poll_get(simple_poll),
770
			      &config, NULL, NULL, &error);
13 by Björn Påhlsson
Added following support:
771
772
    /* Free the configuration data */
773
    avahi_server_config_free(&config);
774
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
775
    /* Check if creating the server object succeeded */
13 by Björn Påhlsson
Added following support:
776
    if (!server) {
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
777
        fprintf(stderr, "Failed to create server: %s\n",
778
		avahi_strerror(error));
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
779
	returncode = EXIT_FAILURE;
780
        goto exit;
13 by Björn Påhlsson
Added following support:
781
    }
782
    
783
    /* Create the service browser */
29 by Teddy Hogeborn
* plugins.d/mandosclient.c (start_mandos_communication): Changed
784
    sb = avahi_s_service_browser_new(server, if_index,
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
785
				     AVAHI_PROTO_INET6,
786
				     "_mandos._tcp", NULL, 0,
787
				     browse_callback, server);
788
    if (!sb) {
789
        fprintf(stderr, "Failed to create service browser: %s\n",
790
		avahi_strerror(avahi_server_errno(server)));
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
791
	returncode = EXIT_FAILURE;
792
        goto exit;
13 by Björn Påhlsson
Added following support:
793
    }
794
    
795
    /* Run the main loop */
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
796
797
    if (debug){
798
      fprintf(stderr, "Starting avahi loop search\n");
799
    }
800
    
13 by Björn Påhlsson
Added following support:
801
    avahi_simple_poll_loop(simple_poll);
802
    
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
803
 exit:
15.1.1 by Björn Påhlsson
Added debugg support in form off --debug and --debug=mandosclient
804
805
    if (debug){
806
      fprintf(stderr, "%s exiting\n", argv[0]);
807
    }
13 by Björn Påhlsson
Added following support:
808
    
809
    /* Cleanup things */
810
    if (sb)
811
        avahi_s_service_browser_free(sb);
812
    
813
    if (server)
814
        avahi_server_free(server);
815
816
    if (simple_poll)
817
        avahi_simple_poll_free(simple_poll);
24.1.5 by Björn Påhlsson
plugbasedclient:
818
    free(certfile);
819
    free(certkey);
820
    
15.1.3 by Björn Påhlsson
Added getopt_long support for mandosclient and passprompt
821
    return returncode;
13 by Björn Påhlsson
Added following support:
822
}