To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugins.d/mandosclient.c
- browse files at revision 20
- compare with another revision
- download diff
- download tarball
- view history from revision 20
- Committer: Teddy Hogeborn
- Date: 2008-07-21 04:42:08 UTC
- mfrom: (15.1.3 mandos)
- Revision ID: teddy@fukt.bsnet.se-20080721044208-y8v1sjmvalfiehrv
Merge.
- files removed:
- server.conf
- files renamed:
- clients.conf => mandos-clients.conf
- files modified:
- Makefile
added
removed
plugins.d/mandosclient.c
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Mandos client - get and decrypt data from a Mandos server
4
*
5
* This program is partly derived from an example program for an Avahi
6
* service browser, downloaded from
7
* <http://avahi.org/browser/examples/core-browse-services.c>. This
8
* includes the following functions: "resolve_callback",
9
* "browse_callback", and parts of "main".
10
*
11
* Everything else is
12
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
13
*
14
* This program is free software: you can redistribute it and/or
15
* modify it under the terms of the GNU General Public License as
16
* published by the Free Software Foundation, either version 3 of the
17
* License, or (at your option) any later version.
18
*
19
* This program is distributed in the hope that it will be useful, but
20
* WITHOUT ANY WARRANTY; without even the implied warranty of
21
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22
* General Public License for more details.
23
*
24
* You should have received a copy of the GNU General Public License
25
* along with this program. If not, see
26
* <http://www.gnu.org/licenses/>.
27
*
28
* Contact the authors at <mandos@fukt.bsnet.se>.
29
*/
1
/***
2
This file is part of avahi.
3
4
avahi is free software; you can redistribute it and/or modify it
5
under the terms of the GNU Lesser General Public License as
6
published by the Free Software Foundation; either version 2.1 of the
7
License, or (at your option) any later version.
8
9
avahi is distributed in the hope that it will be useful, but WITHOUT
10
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
12
Public License for more details.
13
14
You should have received a copy of the GNU Lesser General Public
15
License along with avahi; if not, write to the Free Software
16
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
17
USA.
18
***/
30
19
31
/* Needed by GPGME, specifically gpgme_data_seek() */
32
20
#define _LARGEFILE_SOURCE
33
21
#define _FILE_OFFSET_BITS 64
34
22
35
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */
36
37
23
#include <stdio.h>
38
24
#include <assert.h>
39
25
#include <stdlib.h>
40
26
#include <time.h>
41
27
#include <net/if.h> /* if_nametoindex */
42
#include <sys/ioctl.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
43
SIOCSIFFLAGS */
44
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
45
SIOCSIFFLAGS */
46
28
47
29
#include <avahi-core/core.h>
48
30
#include <avahi-core/lookup.h>
51
33
#include <avahi-common/malloc.h>
52
34
#include <avahi-common/error.h>
53
35
54
/* Mandos client part */
55
#include <sys/types.h> /* socket(), inet_pton() */
56
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
57
struct in6_addr, inet_pton() */
58
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
59
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
36
//mandos client part
37
#include <sys/types.h> /* socket(), setsockopt(), inet_pton() */
38
#include <sys/socket.h> /* socket(), setsockopt(), struct sockaddr_in6, struct in6_addr, inet_pton() */
39
#include <gnutls/gnutls.h> /* ALL GNUTLS STUFF */
40
#include <gnutls/openpgp.h> /* gnutls with openpgp stuff */
60
41
61
42
#include <unistd.h> /* close() */
62
43
#include <netinet/in.h>
64
45
#include <string.h> /* memset */
65
46
#include <arpa/inet.h> /* inet_pton() */
66
47
#include <iso646.h> /* not */
67
#include <net/if.h> /* IF_NAMESIZE */
68
#include <argp.h> /* struct argp_option,
69
struct argp_state, struct argp,
70
argp_parse() */
71
/* GPGME */
48
49
// gpgme
72
50
#include <errno.h> /* perror() */
73
51
#include <gpgme.h>
74
52
53
// getopt long
54
#include <getopt.h>
55
56
#ifndef CERT_ROOT
57
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
58
#endif
59
#define CERTFILE CERT_ROOT "openpgp-client.txt"
60
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
75
61
#define BUFFER_SIZE 256
62
#define DH_BITS 1024
76
63
77
64
bool debug = false;
78
static const char *keydir = "/conf/conf.d/mandos";
79
const char *argp_program_version = "mandosclient 0.9";
80
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
81
static const char mandos_protocol_version[] = "1";
65
char *interface = "eth0";
82
66
83
/* Used for passing in values through the Avahi callback functions */
84
67
typedef struct {
85
AvahiSimplePoll *simple_poll;
86
AvahiServer *server;
68
gnutls_session_t session;
87
69
gnutls_certificate_credentials_t cred;
88
unsigned int dh_bits;
89
70
gnutls_dh_params_t dh_params;
90
const char *priority;
91
} mandos_context;
92
93
/* Make room in "buffer" for at least BUFFER_SIZE additional bytes.
94
* "buffer_capacity" is how much is currently allocated,
95
* "buffer_length" is how much is already used. */
96
size_t adjustbuffer(char **buffer, size_t buffer_length,
97
size_t buffer_capacity){
98
if (buffer_length + BUFFER_SIZE > buffer_capacity){
99
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
100
if (buffer == NULL){
101
return 0;
102
}
103
buffer_capacity += BUFFER_SIZE;
104
}
105
return buffer_capacity;
106
}
107
108
/*
109
* Decrypt OpenPGP data using keyrings in HOMEDIR.
110
* Returns -1 on error
111
*/
112
static ssize_t pgp_packet_decrypt (const char *cryptotext,
113
size_t crypto_size,
114
char **plaintext,
115
const char *homedir){
71
} encrypted_session;
72
73
74
ssize_t gpg_packet_decrypt (char *packet, size_t packet_size, char **new_packet, char *homedir){
116
75
gpgme_data_t dh_crypto, dh_plain;
117
76
gpgme_ctx_t ctx;
118
77
gpgme_error_t rc;
119
78
ssize_t ret;
120
size_t plaintext_capacity = 0;
121
ssize_t plaintext_length = 0;
79
size_t new_packet_capacity = 0;
80
size_t new_packet_length = 0;
122
81
gpgme_engine_info_t engine_info;
123
82
124
83
if (debug){
125
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
84
fprintf(stderr, "Attempting to decrypt password from gpg packet\n");
126
85
}
127
86
128
87
/* Init GPGME */
129
88
gpgme_check_version(NULL);
130
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
131
if (rc != GPG_ERR_NO_ERROR){
132
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
133
gpgme_strsource(rc), gpgme_strerror(rc));
134
return -1;
135
}
89
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
136
90
137
/* Set GPGME home directory for the OpenPGP engine only */
91
/* Set GPGME home directory */
138
92
rc = gpgme_get_engine_info (&engine_info);
139
93
if (rc != GPG_ERR_NO_ERROR){
140
94
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
150
104
engine_info = engine_info->next;
151
105
}
152
106
if(engine_info == NULL){
153
fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);
107
fprintf(stderr, "Could not set home dir to %s\n", homedir);
154
108
return -1;
155
109
}
156
110
157
/* Create new GPGME data buffer from memory cryptotext */
158
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
159
0);
111
/* Create new GPGME data buffer from packet buffer */
112
rc = gpgme_data_new_from_mem(&dh_crypto, packet, packet_size, 0);
160
113
if (rc != GPG_ERR_NO_ERROR){
161
114
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
162
115
gpgme_strsource(rc), gpgme_strerror(rc));
168
121
if (rc != GPG_ERR_NO_ERROR){
169
122
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
170
123
gpgme_strsource(rc), gpgme_strerror(rc));
171
gpgme_data_release(dh_crypto);
172
124
return -1;
173
125
}
174
126
177
129
if (rc != GPG_ERR_NO_ERROR){
178
130
fprintf(stderr, "bad gpgme_new: %s: %s\n",
179
131
gpgme_strsource(rc), gpgme_strerror(rc));
180
plaintext_length = -1;
181
goto decrypt_end;
132
return -1;
182
133
}
183
134
184
/* Decrypt data from the cryptotext data buffer to the plaintext
185
data buffer */
135
/* Decrypt data from the FILE pointer to the plaintext data buffer */
186
136
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
187
137
if (rc != GPG_ERR_NO_ERROR){
188
138
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
189
139
gpgme_strsource(rc), gpgme_strerror(rc));
190
plaintext_length = -1;
191
goto decrypt_end;
140
return -1;
192
141
}
193
142
194
143
if(debug){
195
fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
144
fprintf(stderr, "decryption of gpg packet succeeded\n");
196
145
}
197
146
198
147
if (debug){
199
148
gpgme_decrypt_result_t result;
200
149
result = gpgme_op_decrypt_result(ctx);
201
150
if (result == NULL){
202
151
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
203
152
} else {
204
fprintf(stderr, "Unsupported algorithm: %s\n",
205
result->unsupported_algorithm);
206
fprintf(stderr, "Wrong key usage: %d\n",
207
result->wrong_key_usage);
153
fprintf(stderr, "Unsupported algorithm: %s\n", result->unsupported_algorithm);
154
fprintf(stderr, "Wrong key usage: %d\n", result->wrong_key_usage);
208
155
if(result->file_name != NULL){
209
156
fprintf(stderr, "File name: %s\n", result->file_name);
210
157
}
216
163
gpgme_pubkey_algo_name(recipient->pubkey_algo));
217
164
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
218
165
fprintf(stderr, "Secret key available: %s\n",
219
recipient->status == GPG_ERR_NO_SECKEY
220
? "No" : "Yes");
166
recipient->status == GPG_ERR_NO_SECKEY ? "No" : "Yes");
221
167
recipient = recipient->next;
222
168
}
223
169
}
224
170
}
225
171
}
226
172
173
/* Delete the GPGME FILE pointer cryptotext data buffer */
174
gpgme_data_release(dh_crypto);
175
227
176
/* Seek back to the beginning of the GPGME plaintext data buffer */
228
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
229
perror("pgpme_data_seek");
230
plaintext_length = -1;
231
goto decrypt_end;
232
}
233
234
*plaintext = NULL;
177
gpgme_data_seek(dh_plain, 0, SEEK_SET);
178
179
*new_packet = 0;
235
180
while(true){
236
plaintext_capacity = adjustbuffer(plaintext,
237
(size_t)plaintext_length,
238
plaintext_capacity);
239
if (plaintext_capacity == 0){
240
perror("adjustbuffer");
241
plaintext_length = -1;
242
goto decrypt_end;
181
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
182
*new_packet = realloc(*new_packet, new_packet_capacity + BUFFER_SIZE);
183
if (*new_packet == NULL){
184
perror("realloc");
185
return -1;
186
}
187
new_packet_capacity += BUFFER_SIZE;
243
188
}
244
189
245
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
246
BUFFER_SIZE);
190
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length, BUFFER_SIZE);
247
191
/* Print the data, if any */
248
192
if (ret == 0){
249
/* EOF */
193
/* If password is empty, then a incorrect error will be printed */
250
194
break;
251
195
}
252
196
if(ret < 0){
253
197
perror("gpgme_data_read");
254
plaintext_length = -1;
255
goto decrypt_end;
198
return -1;
256
199
}
257
plaintext_length += ret;
200
new_packet_length += ret;
258
201
}
259
202
260
if(debug){
261
fprintf(stderr, "Decrypted password is: ");
262
for(ssize_t i = 0; i < plaintext_length; i++){
263
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
264
}
265
fprintf(stderr, "\n");
266
}
267
268
decrypt_end:
269
270
/* Delete the GPGME cryptotext data buffer */
271
gpgme_data_release(dh_crypto);
203
/* FIXME: check characters before printing to screen so to not print
204
terminal control characters */
205
/* if(debug){ */
206
/* fprintf(stderr, "decrypted password is: "); */
207
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
208
/* fprintf(stderr, "\n"); */
209
/* } */
272
210
273
211
/* Delete the GPGME plaintext data buffer */
274
212
gpgme_data_release(dh_plain);
275
return plaintext_length;
213
return new_packet_length;
276
214
}
277
215
278
216
static const char * safer_gnutls_strerror (int value) {
282
220
return ret;
283
221
}
284
222
285
/* GnuTLS log function callback */
286
static void debuggnutls(__attribute__((unused)) int level,
287
const char* string){
288
fprintf(stderr, "GnuTLS: %s", string);
223
void debuggnutls(int level, const char* string){
224
fprintf(stderr, "%s", string);
289
225
}
290
226
291
static int init_gnutls_global(mandos_context *mc,
292
const char *pubkeyfile,
293
const char *seckeyfile){
227
int initgnutls(encrypted_session *es){
228
const char *err;
294
229
int ret;
295
230
296
231
if(debug){
297
fprintf(stderr, "Initializing GnuTLS\n");
232
fprintf(stderr, "Initializing gnutls\n");
298
233
}
299
234
235
300
236
if ((ret = gnutls_global_init ())
301
237
!= GNUTLS_E_SUCCESS) {
302
fprintf (stderr, "GnuTLS global_init: %s\n",
303
safer_gnutls_strerror(ret));
238
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
304
239
return -1;
305
240
}
306
241
307
242
if (debug){
308
/* "Use a log level over 10 to enable all debugging options."
309
* - GnuTLS manual
310
*/
311
243
gnutls_global_set_log_level(11);
312
244
gnutls_global_set_log_function(debuggnutls);
313
245
}
314
246
315
/* OpenPGP credentials */
316
if ((ret = gnutls_certificate_allocate_credentials (&mc->cred))
247
248
/* openpgp credentials */
249
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
317
250
!= GNUTLS_E_SUCCESS) {
318
fprintf (stderr, "GnuTLS memory error: %s\n",
319
safer_gnutls_strerror(ret));
251
fprintf (stderr, "memory error: %s\n", safer_gnutls_strerror(ret));
320
252
return -1;
321
253
}
322
254
323
255
if(debug){
324
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
325
" and keyfile %s as GnuTLS credentials\n", pubkeyfile,
326
seckeyfile);
256
fprintf(stderr, "Attempting to use openpgp certificate %s"
257
" and keyfile %s as gnutls credentials\n", CERTFILE, KEYFILE);
327
258
}
328
259
329
260
ret = gnutls_certificate_set_openpgp_key_file
330
(mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);
331
if (ret != GNUTLS_E_SUCCESS) {
332
fprintf(stderr,
333
"Error[%d] while reading the OpenPGP key pair ('%s',"
334
" '%s')\n", ret, pubkeyfile, seckeyfile);
335
fprintf(stdout, "The GnuTLS error is: %s\n",
336
safer_gnutls_strerror(ret));
337
return -1;
338
}
339
340
/* GnuTLS server initialization */
341
ret = gnutls_dh_params_init(&mc->dh_params);
342
if (ret != GNUTLS_E_SUCCESS) {
343
fprintf (stderr, "Error in GnuTLS DH parameter initialization:"
344
" %s\n", safer_gnutls_strerror(ret));
345
return -1;
346
}
347
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
348
if (ret != GNUTLS_E_SUCCESS) {
349
fprintf (stderr, "Error in GnuTLS prime generation: %s\n",
350
safer_gnutls_strerror(ret));
351
return -1;
352
}
353
354
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
355
356
return 0;
357
}
358
359
static int init_gnutls_session(mandos_context *mc,
360
gnutls_session_t *session){
361
int ret;
362
/* GnuTLS session creation */
363
ret = gnutls_init(session, GNUTLS_SERVER);
364
if (ret != GNUTLS_E_SUCCESS){
365
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
366
safer_gnutls_strerror(ret));
367
}
368
369
{
370
const char *err;
371
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
372
if (ret != GNUTLS_E_SUCCESS) {
373
fprintf(stderr, "Syntax error at: %s\n", err);
374
fprintf(stderr, "GnuTLS error: %s\n",
375
safer_gnutls_strerror(ret));
376
return -1;
377
}
378
}
379
380
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
381
mc->cred);
382
if (ret != GNUTLS_E_SUCCESS) {
383
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
384
safer_gnutls_strerror(ret));
385
return -1;
386
}
387
261
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
262
if (ret != GNUTLS_E_SUCCESS) {
263
fprintf
264
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
265
ret, CERTFILE, KEYFILE);
266
fprintf(stdout, "The Error is: %s\n",
267
safer_gnutls_strerror(ret));
268
return -1;
269
}
270
271
//Gnutls server initialization
272
if ((ret = gnutls_dh_params_init (&es->dh_params))
273
!= GNUTLS_E_SUCCESS) {
274
fprintf (stderr, "Error in dh parameter initialization: %s\n",
275
safer_gnutls_strerror(ret));
276
return -1;
277
}
278
279
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
280
!= GNUTLS_E_SUCCESS) {
281
fprintf (stderr, "Error in prime generation: %s\n",
282
safer_gnutls_strerror(ret));
283
return -1;
284
}
285
286
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
287
288
// Gnutls session creation
289
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
290
!= GNUTLS_E_SUCCESS){
291
fprintf(stderr, "Error in gnutls session initialization: %s\n",
292
safer_gnutls_strerror(ret));
293
}
294
295
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
296
!= GNUTLS_E_SUCCESS) {
297
fprintf(stderr, "Syntax error at: %s\n", err);
298
fprintf(stderr, "Gnutls error: %s\n",
299
safer_gnutls_strerror(ret));
300
return -1;
301
}
302
303
if ((ret = gnutls_credentials_set
304
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
305
!= GNUTLS_E_SUCCESS) {
306
fprintf(stderr, "Error setting a credentials set: %s\n",
307
safer_gnutls_strerror(ret));
308
return -1;
309
}
310
388
311
/* ignore client certificate if any. */
389
gnutls_certificate_server_set_request (*session,
390
GNUTLS_CERT_IGNORE);
312
gnutls_certificate_server_set_request (es->session, GNUTLS_CERT_IGNORE);
391
313
392
gnutls_dh_set_prime_bits (*session, mc->dh_bits);
314
gnutls_dh_set_prime_bits (es->session, DH_BITS);
393
315
394
316
return 0;
395
317
}
396
318
397
/* Avahi log function callback */
398
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
399
__attribute__((unused)) const char *txt){}
319
void empty_log(AvahiLogLevel level, const char *txt){}
400
320
401
/* Called when a Mandos server is found */
402
static int start_mandos_communication(const char *ip, uint16_t port,
403
AvahiIfIndex if_index,
404
mandos_context *mc){
321
int start_mandos_communication(char *ip, uint16_t port){
405
322
int ret, tcp_sd;
406
union { struct sockaddr in; struct sockaddr_in6 in6; } to;
323
struct sockaddr_in6 to;
324
encrypted_session es;
407
325
char *buffer = NULL;
408
326
char *decrypted_buffer;
409
327
size_t buffer_length = 0;
410
328
size_t buffer_capacity = 0;
411
329
ssize_t decrypted_buffer_size;
412
size_t written;
413
330
int retval = 0;
414
char interface[IF_NAMESIZE];
415
gnutls_session_t session;
416
417
ret = init_gnutls_session (mc, &session);
418
if (ret != 0){
419
return -1;
420
}
421
331
422
332
if(debug){
423
fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
424
ip, port);
333
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
425
334
}
426
335
427
336
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
431
340
}
432
341
433
342
if(debug){
434
if(if_indextoname((unsigned int)if_index, interface) == NULL){
435
perror("if_indextoname");
436
return -1;
437
}
438
343
fprintf(stderr, "Binding to interface %s\n", interface);
439
344
}
345
346
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);
347
if(tcp_sd < 0) {
348
perror("setsockopt bindtodevice");
349
return -1;
350
}
440
351
441
memset(&to,0,sizeof(to)); /* Spurious warning */
442
to.in6.sin6_family = AF_INET6;
443
/* It would be nice to have a way to detect if we were passed an
444
IPv4 address here. Now we assume an IPv6 address. */
445
ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
352
memset(&to,0,sizeof(to));
353
to.sin6_family = AF_INET6;
354
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
446
355
if (ret < 0 ){
447
356
perror("inet_pton");
448
357
return -1;
449
}
358
}
450
359
if(ret == 0){
451
360
fprintf(stderr, "Bad address: %s\n", ip);
452
361
return -1;
453
362
}
454
to.in6.sin6_port = htons(port); /* Spurious warning */
455
456
to.in6.sin6_scope_id = (uint32_t)if_index;
457
363
to.sin6_port = htons(port);
364
to.sin6_scope_id = if_nametoindex(interface);
365
458
366
if(debug){
459
fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
460
char addrstr[INET6_ADDRSTRLEN] = "";
461
if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
462
sizeof(addrstr)) == NULL){
463
perror("inet_ntop");
464
} else {
465
if(strcmp(addrstr, ip) != 0){
466
fprintf(stderr, "Canonical address form: %s\n", addrstr);
467
}
468
}
367
fprintf(stderr, "Connection to: %s\n", ip);
469
368
}
470
369
471
ret = connect(tcp_sd, &to.in, sizeof(to));
370
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
472
371
if (ret < 0){
473
372
perror("connect");
474
373
return -1;
475
374
}
375
376
ret = initgnutls (&es);
377
if (ret != 0){
378
retval = -1;
379
return -1;
380
}
381
382
383
gnutls_transport_set_ptr (es.session, (gnutls_transport_ptr_t) tcp_sd);
476
384
477
const char *out = mandos_protocol_version;
478
written = 0;
479
while (true){
480
size_t out_size = strlen(out);
481
ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
482
out_size - written));
483
if (ret == -1){
484
perror("write");
485
retval = -1;
486
goto mandos_end;
487
}
488
written += (size_t)ret;
489
if(written < out_size){
490
continue;
491
} else {
492
if (out == mandos_protocol_version){
493
written = 0;
494
out = "\r\n";
495
} else {
496
break;
497
}
498
}
499
}
500
501
385
if(debug){
502
fprintf(stderr, "Establishing TLS session with %s\n", ip);
386
fprintf(stderr, "Establishing tls session with %s\n", ip);
503
387
}
504
505
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
506
507
ret = gnutls_handshake (session);
388
389
390
ret = gnutls_handshake (es.session);
508
391
509
392
if (ret != GNUTLS_E_SUCCESS){
510
if(debug){
511
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
512
gnutls_perror (ret);
513
}
393
fprintf(stderr, "\n*** Handshake failed ***\n");
394
gnutls_perror (ret);
514
395
retval = -1;
515
goto mandos_end;
396
goto exit;
516
397
}
517
518
/* Read OpenPGP packet that contains the wanted password */
519
398
399
//Retrieve gpg packet that contains the wanted password
400
520
401
if(debug){
521
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
522
ip);
402
fprintf(stderr, "Retrieving pgp encrypted password from %s\n", ip);
523
403
}
524
404
525
405
while(true){
526
buffer_capacity = adjustbuffer(&buffer, buffer_length,
527
buffer_capacity);
528
if (buffer_capacity == 0){
529
perror("adjustbuffer");
530
retval = -1;
531
goto mandos_end;
406
if (buffer_length + BUFFER_SIZE > buffer_capacity){
407
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
408
if (buffer == NULL){
409
perror("realloc");
410
goto exit;
411
}
412
buffer_capacity += BUFFER_SIZE;
532
413
}
533
414
534
ret = gnutls_record_recv(session, buffer+buffer_length,
535
BUFFER_SIZE);
415
ret = gnutls_record_recv
416
(es.session, buffer+buffer_length, BUFFER_SIZE);
536
417
if (ret == 0){
537
418
break;
538
419
}
542
423
case GNUTLS_E_AGAIN:
543
424
break;
544
425
case GNUTLS_E_REHANDSHAKE:
545
ret = gnutls_handshake (session);
426
ret = gnutls_handshake (es.session);
546
427
if (ret < 0){
547
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
428
fprintf(stderr, "\n*** Handshake failed ***\n");
548
429
gnutls_perror (ret);
549
430
retval = -1;
550
goto mandos_end;
431
goto exit;
551
432
}
552
433
break;
553
434
default:
554
fprintf(stderr, "Unknown error while reading data from"
555
" encrypted session with Mandos server\n");
435
fprintf(stderr, "Unknown error while reading data from encrypted session with mandos server\n");
556
436
retval = -1;
557
gnutls_bye (session, GNUTLS_SHUT_RDWR);
558
goto mandos_end;
437
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
438
goto exit;
559
439
}
560
440
} else {
561
buffer_length += (size_t) ret;
441
buffer_length += ret;
562
442
}
563
443
}
564
444
565
if(debug){
566
fprintf(stderr, "Closing TLS session\n");
567
}
568
569
gnutls_bye (session, GNUTLS_SHUT_RDWR);
570
571
445
if (buffer_length > 0){
572
decrypted_buffer_size = pgp_packet_decrypt(buffer,
573
buffer_length,
574
&decrypted_buffer,
575
keydir);
576
if (decrypted_buffer_size >= 0){
577
written = 0;
578
while(written < (size_t) decrypted_buffer_size){
579
ret = (int)fwrite (decrypted_buffer + written, 1,
580
(size_t)decrypted_buffer_size - written,
581
stdout);
582
if(ret == 0 and ferror(stdout)){
583
if(debug){
584
fprintf(stderr, "Error writing encrypted data: %s\n",
585
strerror(errno));
586
}
587
retval = -1;
588
break;
589
}
590
written += (size_t)ret;
591
}
446
if ((decrypted_buffer_size = gpg_packet_decrypt(buffer, buffer_length, &decrypted_buffer, CERT_ROOT)) >= 0){
447
fwrite (decrypted_buffer, 1, decrypted_buffer_size, stdout);
592
448
free(decrypted_buffer);
593
449
} else {
594
450
retval = -1;
595
451
}
596
452
}
597
598
/* Shutdown procedure */
599
600
mandos_end:
453
454
//shutdown procedure
455
456
if(debug){
457
fprintf(stderr, "Closing tls session\n");
458
}
459
601
460
free(buffer);
461
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
462
exit:
602
463
close(tcp_sd);
603
gnutls_deinit (session);
604
gnutls_certificate_free_credentials (mc->cred);
464
gnutls_deinit (es.session);
465
gnutls_certificate_free_credentials (es.cred);
605
466
gnutls_global_deinit ();
606
467
return retval;
607
468
}
608
469
609
static void resolve_callback(AvahiSServiceResolver *r,
610
AvahiIfIndex interface,
611
AVAHI_GCC_UNUSED AvahiProtocol protocol,
612
AvahiResolverEvent event,
613
const char *name,
614
const char *type,
615
const char *domain,
616
const char *host_name,
617
const AvahiAddress *address,
618
uint16_t port,
619
AVAHI_GCC_UNUSED AvahiStringList *txt,
620
AVAHI_GCC_UNUSED AvahiLookupResultFlags
621
flags,
622
void* userdata) {
623
mandos_context *mc = userdata;
624
assert(r); /* Spurious warning */
625
626
/* Called whenever a service has been resolved successfully or
627
timed out */
628
629
switch (event) {
630
default:
631
case AVAHI_RESOLVER_FAILURE:
632
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
633
" of type '%s' in domain '%s': %s\n", name, type, domain,
634
avahi_strerror(avahi_server_errno(mc->server)));
635
break;
636
637
case AVAHI_RESOLVER_FOUND:
638
{
639
char ip[AVAHI_ADDRESS_STR_MAX];
640
avahi_address_snprint(ip, sizeof(ip), address);
641
if(debug){
642
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %d) on"
643
" port %d\n", name, host_name, ip, interface, port);
644
}
645
int ret = start_mandos_communication(ip, port, interface, mc);
646
if (ret == 0){
647
exit(EXIT_SUCCESS);
648
}
649
}
650
}
651
avahi_s_service_resolver_free(r);
652
}
653
654
static void browse_callback( AvahiSServiceBrowser *b,
655
AvahiIfIndex interface,
656
AvahiProtocol protocol,
657
AvahiBrowserEvent event,
658
const char *name,
659
const char *type,
660
const char *domain,
661
AVAHI_GCC_UNUSED AvahiLookupResultFlags
662
flags,
663
void* userdata) {
664
mandos_context *mc = userdata;
665
assert(b); /* Spurious warning */
666
667
/* Called whenever a new services becomes available on the LAN or
668
is removed from the LAN */
669
670
switch (event) {
671
default:
672
case AVAHI_BROWSER_FAILURE:
673
674
fprintf(stderr, "(Avahi browser) %s\n",
675
avahi_strerror(avahi_server_errno(mc->server)));
676
avahi_simple_poll_quit(mc->simple_poll);
677
return;
678
679
case AVAHI_BROWSER_NEW:
680
/* We ignore the returned Avahi resolver object. In the callback
681
function we free it. If the Avahi server is terminated before
682
the callback function is called the Avahi server will free the
683
resolver for us. */
684
685
if (!(avahi_s_service_resolver_new(mc->server, interface,
686
protocol, name, type, domain,
687
AVAHI_PROTO_INET6, 0,
688
resolve_callback, mc)))
689
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
690
name, avahi_strerror(avahi_server_errno(mc->server)));
691
break;
692
693
case AVAHI_BROWSER_REMOVE:
694
break;
695
696
case AVAHI_BROWSER_ALL_FOR_NOW:
697
case AVAHI_BROWSER_CACHE_EXHAUSTED:
698
if(debug){
699
fprintf(stderr, "No Mandos server found, still searching...\n");
700
}
701
break;
702
}
703
}
704
705
/* Combines file name and path and returns the malloced new
706
string. some sane checks could/should be added */
707
static const char *combinepath(const char *first, const char *second){
708
size_t f_len = strlen(first);
709
size_t s_len = strlen(second);
710
char *tmp = malloc(f_len + s_len + 2);
711
if (tmp == NULL){
712
return NULL;
713
}
714
if(f_len > 0){
715
memcpy(tmp, first, f_len); /* Spurious warning */
716
}
717
tmp[f_len] = '/';
718
if(s_len > 0){
719
memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */
720
}
721
tmp[f_len + 1 + s_len] = '\0';
722
return tmp;
723
}
724
725
726
int main(int argc, char *argv[]){
470
static AvahiSimplePoll *simple_poll = NULL;
471
static AvahiServer *server = NULL;
472
473
static void resolve_callback(
474
AvahiSServiceResolver *r,
475
AVAHI_GCC_UNUSED AvahiIfIndex interface,
476
AVAHI_GCC_UNUSED AvahiProtocol protocol,
477
AvahiResolverEvent event,
478
const char *name,
479
const char *type,
480
const char *domain,
481
const char *host_name,
482
const AvahiAddress *address,
483
uint16_t port,
484
AvahiStringList *txt,
485
AvahiLookupResultFlags flags,
486
AVAHI_GCC_UNUSED void* userdata) {
487
488
assert(r);
489
490
/* Called whenever a service has been resolved successfully or timed out */
491
492
switch (event) {
493
case AVAHI_RESOLVER_FAILURE:
494
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of type '%s' in domain '%s': %s\n", name, type, domain, avahi_strerror(avahi_server_errno(server)));
495
break;
496
497
case AVAHI_RESOLVER_FOUND: {
498
char ip[AVAHI_ADDRESS_STR_MAX];
499
avahi_address_snprint(ip, sizeof(ip), address);
500
if(debug){
501
fprintf(stderr, "Mandos server found at %s on port %d\n", ip, port);
502
}
503
int ret = start_mandos_communication(ip, port);
504
if (ret == 0){
505
exit(EXIT_SUCCESS);
506
} else {
507
exit(EXIT_FAILURE);
508
}
509
}
510
}
511
avahi_s_service_resolver_free(r);
512
}
513
514
static void browse_callback(
515
AvahiSServiceBrowser *b,
516
AvahiIfIndex interface,
517
AvahiProtocol protocol,
518
AvahiBrowserEvent event,
519
const char *name,
520
const char *type,
521
const char *domain,
522
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
523
void* userdata) {
524
525
AvahiServer *s = userdata;
526
assert(b);
527
528
/* Called whenever a new services becomes available on the LAN or is removed from the LAN */
529
530
switch (event) {
531
532
case AVAHI_BROWSER_FAILURE:
533
534
fprintf(stderr, "(Browser) %s\n", avahi_strerror(avahi_server_errno(server)));
535
avahi_simple_poll_quit(simple_poll);
536
return;
537
538
case AVAHI_BROWSER_NEW:
539
/* We ignore the returned resolver object. In the callback
540
function we free it. If the server is terminated before
541
the callback function is called the server will free
542
the resolver for us. */
543
544
if (!(avahi_s_service_resolver_new(s, interface, protocol, name, type, domain, AVAHI_PROTO_INET6, 0, resolve_callback, s)))
545
fprintf(stderr, "Failed to resolve service '%s': %s\n", name, avahi_strerror(avahi_server_errno(s)));
546
547
break;
548
549
case AVAHI_BROWSER_REMOVE:
550
break;
551
552
case AVAHI_BROWSER_ALL_FOR_NOW:
553
case AVAHI_BROWSER_CACHE_EXHAUSTED:
554
break;
555
}
556
}
557
558
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
559
AvahiServerConfig config;
727
560
AvahiSServiceBrowser *sb = NULL;
728
561
int error;
729
562
int ret;
730
int exitcode = EXIT_SUCCESS;
731
const char *interface = "eth0";
732
struct ifreq network;
733
int sd;
734
uid_t uid;
735
gid_t gid;
736
char *connect_to = NULL;
737
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
738
const char *pubkeyfile = "pubkey.txt";
739
const char *seckeyfile = "seckey.txt";
740
mandos_context mc = { .simple_poll = NULL, .server = NULL,
741
.dh_bits = 1024, .priority = "SECURE256"};
742
743
{
744
struct argp_option options[] = {
745
{ .name = "debug", .key = 128,
746
.doc = "Debug mode", .group = 3 },
747
{ .name = "connect", .key = 'c',
748
.arg = "IP",
749
.doc = "Connect directly to a sepcified mandos server",
750
.group = 1 },
751
{ .name = "interface", .key = 'i',
752
.arg = "INTERFACE",
753
.doc = "Interface that Avahi will conntect through",
754
.group = 1 },
755
{ .name = "keydir", .key = 'd',
756
.arg = "KEYDIR",
757
.doc = "Directory where the openpgp keyring is",
758
.group = 1 },
759
{ .name = "seckey", .key = 's',
760
.arg = "SECKEY",
761
.doc = "Secret openpgp key for gnutls authentication",
762
.group = 1 },
763
{ .name = "pubkey", .key = 'p',
764
.arg = "PUBKEY",
765
.doc = "Public openpgp key for gnutls authentication",
766
.group = 2 },
767
{ .name = "dh-bits", .key = 129,
768
.arg = "BITS",
769
.doc = "dh-bits to use in gnutls communication",
770
.group = 2 },
771
{ .name = "priority", .key = 130,
772
.arg = "PRIORITY",
773
.doc = "GNUTLS priority", .group = 1 },
774
{ .name = NULL }
775
};
776
777
778
error_t parse_opt (int key, char *arg,
779
struct argp_state *state) {
780
/* Get the INPUT argument from `argp_parse', which we know is
781
a pointer to our plugin list pointer. */
782
switch (key) {
783
case 128:
784
debug = true;
785
break;
786
case 'c':
787
connect_to = arg;
788
break;
789
case 'i':
790
interface = arg;
791
break;
792
case 'd':
793
keydir = arg;
794
break;
795
case 's':
796
seckeyfile = arg;
797
break;
798
case 'p':
799
pubkeyfile = arg;
800
break;
801
case 129:
802
errno = 0;
803
mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
804
if (errno){
805
perror("strtol");
806
exit(EXIT_FAILURE);
807
}
808
break;
809
case 130:
810
mc.priority = arg;
811
break;
812
case ARGP_KEY_ARG:
813
argp_usage (state);
814
break;
815
case ARGP_KEY_END:
816
break;
817
default:
818
return ARGP_ERR_UNKNOWN;
819
}
820
return 0;
821
}
822
823
struct argp argp = { .options = options, .parser = parse_opt,
824
.args_doc = "",
825
.doc = "Mandos client -- Get and decrypt"
826
" passwords from mandos server" };
827
argp_parse (&argp, argc, argv, 0, 0, NULL);
828
}
829
830
pubkeyfile = combinepath(keydir, pubkeyfile);
831
if (pubkeyfile == NULL){
832
perror("combinepath");
833
exitcode = EXIT_FAILURE;
834
goto end;
835
}
836
837
seckeyfile = combinepath(keydir, seckeyfile);
838
if (seckeyfile == NULL){
839
perror("combinepath");
840
goto end;
841
}
842
843
ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);
844
if (ret == -1){
845
fprintf(stderr, "init_gnutls_global\n");
846
goto end;
847
}
848
849
uid = getuid();
850
gid = getgid();
851
852
ret = setuid(uid);
853
if (ret == -1){
854
perror("setuid");
855
}
856
857
setgid(gid);
858
if (ret == -1){
859
perror("setgid");
860
}
861
862
if_index = (AvahiIfIndex) if_nametoindex(interface);
863
if(if_index == 0){
864
fprintf(stderr, "No such interface: \"%s\"\n", interface);
865
exit(EXIT_FAILURE);
866
}
867
868
if(connect_to != NULL){
869
/* Connect directly, do not use Zeroconf */
870
/* (Mainly meant for debugging) */
871
char *address = strrchr(connect_to, ':');
872
if(address == NULL){
873
fprintf(stderr, "No colon in address\n");
874
exitcode = EXIT_FAILURE;
875
goto end;
876
}
877
errno = 0;
878
uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
879
if(errno){
880
perror("Bad port number");
881
exitcode = EXIT_FAILURE;
882
goto end;
883
}
884
*address = '\0';
885
address = connect_to;
886
ret = start_mandos_communication(address, port, if_index, &mc);
887
if(ret < 0){
888
exitcode = EXIT_FAILURE;
889
} else {
890
exitcode = EXIT_SUCCESS;
891
}
892
goto end;
893
}
894
895
/* If the interface is down, bring it up */
896
{
897
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
898
if(sd < 0) {
899
perror("socket");
900
exitcode = EXIT_FAILURE;
901
goto end;
902
}
903
strcpy(network.ifr_name, interface); /* Spurious warning */
904
ret = ioctl(sd, SIOCGIFFLAGS, &network);
905
if(ret == -1){
906
perror("ioctl SIOCGIFFLAGS");
907
exitcode = EXIT_FAILURE;
908
goto end;
909
}
910
if((network.ifr_flags & IFF_UP) == 0){
911
network.ifr_flags |= IFF_UP;
912
ret = ioctl(sd, SIOCSIFFLAGS, &network);
913
if(ret == -1){
914
perror("ioctl SIOCSIFFLAGS");
915
exitcode = EXIT_FAILURE;
916
goto end;
917
}
918
}
919
close(sd);
563
int returncode = EXIT_SUCCESS;
564
565
while (true){
566
static struct option long_options[] = {
567
{"debug", no_argument, (int *)&debug, 1},
568
{"interface", required_argument, 0, 'i'},
569
{0, 0, 0, 0} };
570
571
int option_index = 0;
572
ret = getopt_long (argc, argv, "i:", long_options, &option_index);
573
574
if (ret == -1){
575
break;
576
}
577
578
switch(ret){
579
case 0:
580
break;
581
case 'i':
582
interface = optarg;
583
break;
584
default:
585
exit(EXIT_FAILURE);
586
}
920
587
}
921
588
922
589
if (not debug){
923
590
avahi_set_log_function(empty_log);
924
591
}
925
592
926
/* Initialize the pseudo-RNG for Avahi */
927
srand((unsigned int) time(NULL));
928
929
/* Allocate main Avahi loop object */
930
mc.simple_poll = avahi_simple_poll_new();
931
if (mc.simple_poll == NULL) {
932
fprintf(stderr, "Avahi: Failed to create simple poll"
933
" object.\n");
934
exitcode = EXIT_FAILURE;
935
goto end;
936
}
937
938
{
939
AvahiServerConfig config;
940
/* Do not publish any local Zeroconf records */
941
avahi_server_config_init(&config);
942
config.publish_hinfo = 0;
943
config.publish_addresses = 0;
944
config.publish_workstation = 0;
945
config.publish_domain = 0;
946
947
/* Allocate a new server */
948
mc.server = avahi_server_new(avahi_simple_poll_get
949
(mc.simple_poll), &config, NULL,
950
NULL, &error);
951
952
/* Free the Avahi configuration data */
953
avahi_server_config_free(&config);
954
}
955
956
/* Check if creating the Avahi server object succeeded */
957
if (mc.server == NULL) {
958
fprintf(stderr, "Failed to create Avahi server: %s\n",
959
avahi_strerror(error));
960
exitcode = EXIT_FAILURE;
961
goto end;
962
}
963
964
/* Create the Avahi service browser */
965
sb = avahi_s_service_browser_new(mc.server, if_index,
966
AVAHI_PROTO_INET6,
967
"_mandos._tcp", NULL, 0,
968
browse_callback, &mc);
969
if (sb == NULL) {
970
fprintf(stderr, "Failed to create service browser: %s\n",
971
avahi_strerror(avahi_server_errno(mc.server)));
972
exitcode = EXIT_FAILURE;
973
goto end;
593
/* Initialize the psuedo-RNG */
594
srand(time(NULL));
595
596
/* Allocate main loop object */
597
if (!(simple_poll = avahi_simple_poll_new())) {
598
fprintf(stderr, "Failed to create simple poll object.\n");
599
600
goto exit;
601
}
602
603
/* Do not publish any local records */
604
avahi_server_config_init(&config);
605
config.publish_hinfo = 0;
606
config.publish_addresses = 0;
607
config.publish_workstation = 0;
608
config.publish_domain = 0;
609
610
/* Allocate a new server */
611
server = avahi_server_new(avahi_simple_poll_get(simple_poll), &config, NULL, NULL, &error);
612
613
/* Free the configuration data */
614
avahi_server_config_free(&config);
615
616
/* Check if creating the server object succeeded */
617
if (!server) {
618
fprintf(stderr, "Failed to create server: %s\n", avahi_strerror(error));
619
returncode = EXIT_FAILURE;
620
goto exit;
621
}
622
623
/* Create the service browser */
624
if (!(sb = avahi_s_service_browser_new(server, if_nametoindex("eth0"), AVAHI_PROTO_INET6, "_mandos._tcp", NULL, 0, browse_callback, server))) {
625
fprintf(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_server_errno(server)));
626
returncode = EXIT_FAILURE;
627
goto exit;
974
628
}
975
629
976
630
/* Run the main loop */
977
631
978
632
if (debug){
979
fprintf(stderr, "Starting Avahi loop search\n");
633
fprintf(stderr, "Starting avahi loop search\n");
980
634
}
981
635
982
avahi_simple_poll_loop(mc.simple_poll);
636
avahi_simple_poll_loop(simple_poll);
983
637
984
end:
638
exit:
985
639
986
640
if (debug){
987
641
fprintf(stderr, "%s exiting\n", argv[0]);
988
642
}
989
643
990
644
/* Cleanup things */
991
if (sb != NULL)
645
if (sb)
992
646
avahi_s_service_browser_free(sb);
993
647
994
if (mc.server != NULL)
995
avahi_server_free(mc.server);
996
997
if (mc.simple_poll != NULL)
998
avahi_simple_poll_free(mc.simple_poll);
999
free(pubkeyfile);
1000
free(seckeyfile);
1001
1002
return exitcode;
648
if (server)
649
avahi_server_free(server);
650
651
if (simple_poll)
652
avahi_simple_poll_free(simple_poll);
653
654
return returncode;
1003
655
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0