To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugins.d/password-request.c
- browse files at revision 110
- compare with another revision
- download diff
- download tarball
- view history from revision 110
- Committer: Teddy Hogeborn
- Date: 2008-08-29 05:53:59 UTC
- Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus
* mandos.xml (EXAMPLE): Replaced all occurences of command name with
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
- files added:
- plugins.d/usplash
- files removed:
- .bzr-builddeb
- debian
- debian/po
- files renamed:
- plugins.d/mandos-client.c => plugins.d/password-request.c
- plugins.d/mandos-client.xml => plugins.d/password-request.xml
- files modified:
- .bzrignore
added
removed
plugins.d/password-request.c
9
9
* "browse_callback", and parts of "main".
10
10
*
11
11
* Everything else is
12
* Copyright © 2008,2009 Teddy Hogeborn
13
* Copyright © 2008,2009 Björn Påhlsson
12
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
14
13
*
15
14
* This program is free software: you can redistribute it and/or
16
15
* modify it under the terms of the GNU General Public License as
48
47
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
49
48
sockaddr_in6, PF_INET6,
50
49
SOCK_STREAM, INET6_ADDRSTRLEN,
51
uid_t, gid_t, open(), opendir(), DIR */
52
#include <sys/stat.h> /* open() */
50
uid_t, gid_t */
51
#include <inttypes.h> /* PRIu16 */
53
52
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
54
53
struct in6_addr, inet_pton(),
55
54
connect() */
56
#include <fcntl.h> /* open() */
57
#include <dirent.h> /* opendir(), struct dirent, readdir() */
58
#include <inttypes.h> /* PRIu16 */
59
55
#include <assert.h> /* assert() */
60
56
#include <errno.h> /* perror(), errno */
61
57
#include <time.h> /* time() */
62
58
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
63
59
SIOCSIFFLAGS, if_indextoname(),
64
60
if_nametoindex(), IF_NAMESIZE */
65
#include <netinet/in.h>
66
61
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
67
62
getuid(), getgid(), setuid(),
68
63
setgid() */
64
#include <netinet/in.h>
69
65
#include <arpa/inet.h> /* inet_pton(), htons */
70
66
#include <iso646.h> /* not, and */
71
67
#include <argp.h> /* struct argp_option, error_t, struct
102
98
103
99
#define BUFFER_SIZE 256
104
100
105
#define PATHDIR "/conf/conf.d/mandos"
106
#define SECKEY "seckey.txt"
107
#define PUBKEY "pubkey.txt"
108
109
101
bool debug = false;
102
static const char *keydir = "/conf/conf.d/mandos";
110
103
static const char mandos_protocol_version[] = "1";
111
const char *argp_program_version = "mandos-client " VERSION;
104
const char *argp_program_version = "password-request 1.0";
112
105
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
113
106
114
107
/* Used for passing in values through the Avahi callback functions */
119
112
unsigned int dh_bits;
120
113
gnutls_dh_params_t dh_params;
121
114
const char *priority;
122
gpgme_ctx_t ctx;
123
115
} mandos_context;
124
116
125
117
/*
140
132
}
141
133
142
134
/*
143
* Initialize GPGME.
135
* Decrypt OpenPGP data using keyrings in HOMEDIR.
136
* Returns -1 on error
144
137
*/
145
static bool init_gpgme(mandos_context *mc, const char *seckey,
146
const char *pubkey, const char *tempdir){
147
int ret;
138
static ssize_t pgp_packet_decrypt (const char *cryptotext,
139
size_t crypto_size,
140
char **plaintext,
141
const char *homedir){
142
gpgme_data_t dh_crypto, dh_plain;
143
gpgme_ctx_t ctx;
148
144
gpgme_error_t rc;
145
ssize_t ret;
146
size_t plaintext_capacity = 0;
147
ssize_t plaintext_length = 0;
149
148
gpgme_engine_info_t engine_info;
150
149
151
152
/*
153
* Helper function to insert pub and seckey to the enigne keyring.
154
*/
155
bool import_key(const char *filename){
156
int fd;
157
gpgme_data_t pgp_data;
158
159
fd = TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
160
if(fd == -1){
161
perror("open");
162
return false;
163
}
164
165
rc = gpgme_data_new_from_fd(&pgp_data, fd);
166
if (rc != GPG_ERR_NO_ERROR){
167
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
168
gpgme_strsource(rc), gpgme_strerror(rc));
169
return false;
170
}
171
172
rc = gpgme_op_import(mc->ctx, pgp_data);
173
if (rc != GPG_ERR_NO_ERROR){
174
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
175
gpgme_strsource(rc), gpgme_strerror(rc));
176
return false;
177
}
178
179
ret = TEMP_FAILURE_RETRY(close(fd));
180
if(ret == -1){
181
perror("close");
182
}
183
gpgme_data_release(pgp_data);
184
return true;
185
}
186
187
150
if (debug){
188
fprintf(stderr, "Initialize gpgme\n");
151
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
189
152
}
190
153
191
154
/* Init GPGME */
194
157
if (rc != GPG_ERR_NO_ERROR){
195
158
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
196
159
gpgme_strsource(rc), gpgme_strerror(rc));
197
return false;
160
return -1;
198
161
}
199
162
200
/* Set GPGME home directory for the OpenPGP engine only */
163
/* Set GPGME home directory for the OpenPGP engine only */
201
164
rc = gpgme_get_engine_info (&engine_info);
202
165
if (rc != GPG_ERR_NO_ERROR){
203
166
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
204
167
gpgme_strsource(rc), gpgme_strerror(rc));
205
return false;
168
return -1;
206
169
}
207
170
while(engine_info != NULL){
208
171
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
209
172
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
210
engine_info->file_name, tempdir);
173
engine_info->file_name, homedir);
211
174
break;
212
175
}
213
176
engine_info = engine_info->next;
214
177
}
215
178
if(engine_info == NULL){
216
fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);
217
return false;
218
}
219
220
/* Create new GPGME "context" */
221
rc = gpgme_new(&(mc->ctx));
222
if (rc != GPG_ERR_NO_ERROR){
223
fprintf(stderr, "bad gpgme_new: %s: %s\n",
224
gpgme_strsource(rc), gpgme_strerror(rc));
225
return false;
226
}
227
228
if (not import_key(pubkey) or not import_key(seckey)){
229
return false;
230
}
231
232
return true;
233
}
234
235
/*
236
* Decrypt OpenPGP data.
237
* Returns -1 on error
238
*/
239
static ssize_t pgp_packet_decrypt (const mandos_context *mc,
240
const char *cryptotext,
241
size_t crypto_size,
242
char **plaintext){
243
gpgme_data_t dh_crypto, dh_plain;
244
gpgme_error_t rc;
245
ssize_t ret;
246
size_t plaintext_capacity = 0;
247
ssize_t plaintext_length = 0;
248
249
if (debug){
250
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
179
fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);
180
return -1;
251
181
}
252
182
253
183
/* Create new GPGME data buffer from memory cryptotext */
268
198
return -1;
269
199
}
270
200
201
/* Create new GPGME "context" */
202
rc = gpgme_new(&ctx);
203
if (rc != GPG_ERR_NO_ERROR){
204
fprintf(stderr, "bad gpgme_new: %s: %s\n",
205
gpgme_strsource(rc), gpgme_strerror(rc));
206
plaintext_length = -1;
207
goto decrypt_end;
208
}
209
271
210
/* Decrypt data from the cryptotext data buffer to the plaintext
272
211
data buffer */
273
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
212
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
274
213
if (rc != GPG_ERR_NO_ERROR){
275
214
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
276
215
gpgme_strsource(rc), gpgme_strerror(rc));
277
216
plaintext_length = -1;
278
217
if (debug){
279
218
gpgme_decrypt_result_t result;
280
result = gpgme_op_decrypt_result(mc->ctx);
219
result = gpgme_op_decrypt_result(ctx);
281
220
if (result == NULL){
282
221
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
283
222
} else {
312
251
313
252
/* Seek back to the beginning of the GPGME plaintext data buffer */
314
253
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
315
perror("gpgme_data_seek");
254
perror("pgpme_data_seek");
316
255
plaintext_length = -1;
317
256
goto decrypt_end;
318
257
}
342
281
}
343
282
plaintext_length += ret;
344
283
}
345
284
346
285
if(debug){
347
286
fprintf(stderr, "Decrypted password is: ");
348
287
for(ssize_t i = 0; i < plaintext_length; i++){
409
348
}
410
349
411
350
if(debug){
412
fprintf(stderr, "Attempting to use OpenPGP public key %s and"
413
" secret key %s as GnuTLS credentials\n", pubkeyfilename,
351
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
352
" and keyfile %s as GnuTLS credentials\n", pubkeyfilename,
414
353
seckeyfilename);
415
354
}
416
355
421
360
fprintf(stderr,
422
361
"Error[%d] while reading the OpenPGP key pair ('%s',"
423
362
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
424
fprintf(stderr, "The GnuTLS error is: %s\n",
363
fprintf(stdout, "The GnuTLS error is: %s\n",
425
364
safer_gnutls_strerror(ret));
426
365
goto globalfail;
427
366
}
441
380
}
442
381
443
382
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
444
383
445
384
return 0;
446
385
447
386
globalfail:
448
387
449
388
gnutls_certificate_free_credentials(mc->cred);
450
389
gnutls_global_deinit();
451
gnutls_dh_params_deinit(mc->dh_params);
452
390
return -1;
391
453
392
}
454
393
455
394
static int init_gnutls_session(mandos_context *mc,
527
466
perror("socket");
528
467
return -1;
529
468
}
530
469
531
470
if(debug){
532
471
if(if_indextoname((unsigned int)if_index, interface) == NULL){
533
472
perror("if_indextoname");
572
511
perror("connect");
573
512
return -1;
574
513
}
575
514
576
515
const char *out = mandos_protocol_version;
577
516
written = 0;
578
517
while (true){
596
535
}
597
536
}
598
537
}
599
538
600
539
if(debug){
601
540
fprintf(stderr, "Establishing TLS session with %s\n", ip);
602
541
}
603
542
604
543
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
605
544
606
545
do{
607
546
ret = gnutls_handshake (session);
608
547
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
622
561
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
623
562
ip);
624
563
}
625
564
626
565
while(true){
627
566
buffer_capacity = adjustbuffer(&buffer, buffer_length,
628
567
buffer_capacity);
672
611
gnutls_bye (session, GNUTLS_SHUT_RDWR);
673
612
674
613
if (buffer_length > 0){
675
decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,
614
decrypted_buffer_size = pgp_packet_decrypt(buffer,
676
615
buffer_length,
677
&decrypted_buffer);
616
&decrypted_buffer,
617
keydir);
678
618
if (decrypted_buffer_size >= 0){
679
619
written = 0;
680
620
while(written < (size_t) decrypted_buffer_size){
703
643
704
644
mandos_end:
705
645
free(buffer);
706
ret = TEMP_FAILURE_RETRY(close(tcp_sd));
707
if(ret == -1){
708
perror("close");
709
}
646
close(tcp_sd);
710
647
gnutls_deinit (session);
711
648
return retval;
712
649
}
808
745
}
809
746
}
810
747
748
/* Combines file name and path and returns the malloced new
749
string. some sane checks could/should be added */
750
static char *combinepath(const char *first, const char *second){
751
char *tmp;
752
int ret = asprintf(&tmp, "%s/%s", first, second);
753
if(ret < 0){
754
return NULL;
755
}
756
return tmp;
757
}
758
759
811
760
int main(int argc, char *argv[]){
812
761
AvahiSServiceBrowser *sb = NULL;
813
762
int error;
819
768
uid_t uid;
820
769
gid_t gid;
821
770
char *connect_to = NULL;
822
char tempdir[] = "/tmp/mandosXXXXXX";
823
771
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
824
const char *seckey = PATHDIR "/" SECKEY;
825
const char *pubkey = PATHDIR "/" PUBKEY;
826
772
char *pubkeyfilename = NULL;
773
char *seckeyfilename = NULL;
774
const char *pubkeyname = "pubkey.txt";
775
const char *seckeyname = "seckey.txt";
827
776
mandos_context mc = { .simple_poll = NULL, .server = NULL,
828
.dh_bits = 1024, .priority = "SECURE256"
829
":!CTYPE-X.509:+CTYPE-OPENPGP" };
777
.dh_bits = 1024, .priority = "SECURE256"};
830
778
bool gnutls_initalized = false;
831
bool gpgme_initalized = false;
832
779
833
780
{
834
781
struct argp_option options[] = {
835
782
{ .name = "debug", .key = 128,
836
783
.doc = "Debug mode", .group = 3 },
837
784
{ .name = "connect", .key = 'c',
838
.arg = "ADDRESS:PORT",
839
.doc = "Connect directly to a specific Mandos server",
785
.arg = "IP",
786
.doc = "Connect directly to a sepcified mandos server",
840
787
.group = 1 },
841
788
{ .name = "interface", .key = 'i',
842
.arg = "NAME",
843
.doc = "Interface that will be used to search for Mandos"
844
" servers",
789
.arg = "INTERFACE",
790
.doc = "Interface that Avahi will conntect through",
791
.group = 1 },
792
{ .name = "keydir", .key = 'd',
793
.arg = "KEYDIR",
794
.doc = "Directory where the openpgp keyring is",
845
795
.group = 1 },
846
796
{ .name = "seckey", .key = 's',
847
.arg = "FILE",
848
.doc = "OpenPGP secret key file base name",
797
.arg = "SECKEY",
798
.doc = "Secret openpgp key for gnutls authentication",
849
799
.group = 1 },
850
800
{ .name = "pubkey", .key = 'p',
851
.arg = "FILE",
852
.doc = "OpenPGP public key file base name",
801
.arg = "PUBKEY",
802
.doc = "Public openpgp key for gnutls authentication",
853
803
.group = 2 },
854
804
{ .name = "dh-bits", .key = 129,
855
805
.arg = "BITS",
856
.doc = "Bit length of the prime number used in the"
857
" Diffie-Hellman key exchange",
806
.doc = "dh-bits to use in gnutls communication",
858
807
.group = 2 },
859
808
{ .name = "priority", .key = 130,
860
.arg = "STRING",
861
.doc = "GnuTLS priority string for the TLS handshake",
862
.group = 1 },
809
.arg = "PRIORITY",
810
.doc = "GNUTLS priority", .group = 1 },
863
811
{ .name = NULL }
864
812
};
813
865
814
866
815
error_t parse_opt (int key, char *arg,
867
816
struct argp_state *state) {
868
817
/* Get the INPUT argument from `argp_parse', which we know is
869
818
a pointer to our plugin list pointer. */
870
819
switch (key) {
871
case 128: /* --debug */
820
case 128:
872
821
debug = true;
873
822
break;
874
case 'c': /* --connect */
823
case 'c':
875
824
connect_to = arg;
876
825
break;
877
case 'i': /* --interface */
826
case 'i':
878
827
interface = arg;
879
828
break;
880
case 's': /* --seckey */
881
seckey = arg;
882
break;
883
case 'p': /* --pubkey */
884
pubkey = arg;
885
break;
886
case 129: /* --dh-bits */
829
case 'd':
830
keydir = arg;
831
break;
832
case 's':
833
seckeyname = arg;
834
break;
835
case 'p':
836
pubkeyname = arg;
837
break;
838
case 129:
887
839
errno = 0;
888
840
mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
889
841
if (errno){
891
843
exit(EXIT_FAILURE);
892
844
}
893
845
break;
894
case 130: /* --priority */
846
case 130:
895
847
mc.priority = arg;
896
848
break;
897
849
case ARGP_KEY_ARG:
903
855
}
904
856
return 0;
905
857
}
906
858
907
859
struct argp argp = { .options = options, .parser = parse_opt,
908
860
.args_doc = "",
909
861
.doc = "Mandos client -- Get and decrypt"
910
" passwords from a Mandos server" };
862
" passwords from mandos server" };
911
863
ret = argp_parse (&argp, argc, argv, 0, 0, NULL);
912
864
if (ret == ARGP_ERR_UNKNOWN){
913
865
fprintf(stderr, "Unknown error while parsing arguments\n");
915
867
goto end;
916
868
}
917
869
}
870
871
pubkeyfilename = combinepath(keydir, pubkeyname);
872
if (pubkeyfilename == NULL){
873
perror("combinepath");
874
exitcode = EXIT_FAILURE;
875
goto end;
876
}
877
878
seckeyfilename = combinepath(keydir, seckeyname);
879
if (seckeyfilename == NULL){
880
perror("combinepath");
881
exitcode = EXIT_FAILURE;
882
goto end;
883
}
884
885
ret = init_gnutls_global(&mc, pubkeyfilename, seckeyfilename);
886
if (ret == -1){
887
fprintf(stderr, "init_gnutls_global failed\n");
888
exitcode = EXIT_FAILURE;
889
goto end;
890
} else {
891
gnutls_initalized = true;
892
}
918
893
919
894
/* If the interface is down, bring it up */
920
895
{
940
915
goto end;
941
916
}
942
917
}
943
ret = TEMP_FAILURE_RETRY(close(sd));
944
if(ret == -1){
945
perror("close");
946
}
918
close(sd);
947
919
}
948
920
949
921
uid = getuid();
959
931
perror("setgid");
960
932
}
961
933
962
ret = init_gnutls_global(&mc, pubkey, seckey);
963
if (ret == -1){
964
fprintf(stderr, "init_gnutls_global failed\n");
965
exitcode = EXIT_FAILURE;
966
goto end;
967
} else {
968
gnutls_initalized = true;
969
}
970
971
if(mkdtemp(tempdir) == NULL){
972
perror("mkdtemp");
973
tempdir[0] = '\0';
974
goto end;
975
}
976
977
if(not init_gpgme(&mc, pubkey, seckey, tempdir)){
978
fprintf(stderr, "gpgme_initalized failed\n");
979
exitcode = EXIT_FAILURE;
980
goto end;
981
} else {
982
gpgme_initalized = true;
983
}
984
985
934
if_index = (AvahiIfIndex) if_nametoindex(interface);
986
935
if(if_index == 0){
987
936
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1030
979
exitcode = EXIT_FAILURE;
1031
980
goto end;
1032
981
}
1033
982
1034
983
{
1035
984
AvahiServerConfig config;
1036
985
/* Do not publish any local Zeroconf records */
1039
988
config.publish_addresses = 0;
1040
989
config.publish_workstation = 0;
1041
990
config.publish_domain = 0;
1042
991
1043
992
/* Allocate a new server */
1044
993
mc.server = avahi_server_new(avahi_simple_poll_get
1045
994
(mc.simple_poll), &config, NULL,
1046
995
NULL, &error);
1047
996
1048
997
/* Free the Avahi configuration data */
1049
998
avahi_server_config_free(&config);
1050
999
}
1070
1019
}
1071
1020
1072
1021
/* Run the main loop */
1073
1022
1074
1023
if (debug){
1075
1024
fprintf(stderr, "Starting Avahi loop search\n");
1076
1025
}
1078
1027
avahi_simple_poll_loop(mc.simple_poll);
1079
1028
1080
1029
end:
1081
1030
1082
1031
if (debug){
1083
1032
fprintf(stderr, "%s exiting\n", argv[0]);
1084
1033
}
1089
1038
1090
1039
if (mc.server != NULL)
1091
1040
avahi_server_free(mc.server);
1092
1041
1093
1042
if (mc.simple_poll != NULL)
1094
1043
avahi_simple_poll_free(mc.simple_poll);
1095
1044
free(pubkeyfilename);
1045
free(seckeyfilename);
1046
1096
1047
if (gnutls_initalized){
1097
1048
gnutls_certificate_free_credentials(mc.cred);
1098
1049
gnutls_global_deinit ();
1099
gnutls_dh_params_deinit(mc.dh_params);
1100
}
1101
1102
if(gpgme_initalized){
1103
gpgme_release(mc.ctx);
1104
}
1105
1106
/* Removes the temp directory used by GPGME */
1107
if(tempdir[0] != '\0'){
1108
DIR *d;
1109
struct dirent *direntry;
1110
d = opendir(tempdir);
1111
if(d == NULL){
1112
perror("opendir");
1113
} else {
1114
while(true){
1115
direntry = readdir(d);
1116
if(direntry == NULL){
1117
break;
1118
}
1119
if (direntry->d_type == DT_REG){
1120
char *fullname = NULL;
1121
ret = asprintf(&fullname, "%s/%s", tempdir,
1122
direntry->d_name);
1123
if(ret < 0){
1124
perror("asprintf");
1125
continue;
1126
}
1127
ret = unlink(fullname);
1128
if(ret == -1){
1129
fprintf(stderr, "unlink(\"%s\"): %s",
1130
fullname, strerror(errno));
1131
}
1132
free(fullname);
1133
}
1134
}
1135
closedir(d);
1136
}
1137
ret = rmdir(tempdir);
1138
if(ret == -1){
1139
perror("rmdir");
1140
}
1141
}
1142
1050
}
1051
1143
1052
return exitcode;
1144
1053
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0