/mandos/release : revision 237.2.120

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2009-09-05 01:05:25 UTC
mto: (24.1.139 mandos) (237.12.2 mandos-persistent) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 264.
Revision ID: teddy@fukt.bsnet.se-20090905010525-7qeq05ztwc2ddhuv

* plugins.d/mandos-client.c (main): Do not handle ignored signals.
                                    Bug fix: remove signal handler
                                    before re-raising signal.

* plugins.d/password-prompt.c (main): Check return values from
                                      "sigaddset()".

files modified:
TODO

plugins.d/mandos-client.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

521

static int start_mandos_communication(const char *ip, uint16_t port,

522

AvahiIfIndex if_index,

523

int af){

524

int ret, tcp_sd = -1;

524

int ret, tcp_sd;

525

ssize_t sret;

526

union {

527

struct sockaddr_in in;

537

gnutls_session_t session;

538

int pf; /* Protocol family */

539

540

if(quit_now){

541

return -1;

542

}

543

544

540

switch(af){

545

541

case AF_INET6:

546

542

pf = PF_INET6;

566

562

tcp_sd = socket(pf, SOCK_STREAM, 0);

567

563

if(tcp_sd < 0){

568

564

perror("socket");

569

retval = -1;

570

goto mandos_end;

571

}

572

573

if(quit_now){

574

goto mandos_end;

565

return -1;

575

566

}

576

567

577

568

memset(&to, 0, sizeof(to));

584

575

}

585

576

if(ret < 0 ){

586

577

perror("inet_pton");

587

retval = -1;

588

goto mandos_end;

578

return -1;

589

579

}

590

580

if(ret == 0){

591

581

fprintf(stderr, "Bad address: %s\n", ip);

592

retval = -1;

593

goto mandos_end;

582

return -1;

594

583

}

595

584

if(af == AF_INET6){

596

585

to.in6.sin6_port = htons(port); /* Spurious warnings from

603

592

if(if_index == AVAHI_IF_UNSPEC){

604

593

fprintf(stderr, "An IPv6 link-local address is incomplete"

605

594

" without a network interface\n");

606

retval = -1;

607

goto mandos_end;

595

return -1;

608

596

}

609

597

/* Set the network interface number as scope */

610

598

to.in6.sin6_scope_id = (uint32_t)if_index;

615

603

-Wunreachable-code */

616

604

}

617

605

618

if(quit_now){

619

goto mandos_end;

620

}

621

622

606

if(debug){

623

607

if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){

624

608

char interface[IF_NAMESIZE];

651

635

}

652

636

}

653

637

654

if(quit_now){

655

goto mandos_end;

656

}

657

658

638

if(af == AF_INET6){

659

639

ret = connect(tcp_sd, &to.in6, sizeof(to));

660

640

} else {

662

642

}

663

643

if(ret < 0){

664

644

perror("connect");

665

retval = -1;

666

goto mandos_end;

667

}

668

669

if(quit_now){

670

goto mandos_end;

645

return -1;

671

646

}

672

647

673

648

const char *out = mandos_protocol_version;

692

667

break;

693

668

}

694

669

}

695

696

if(quit_now){

697

goto mandos_end;

698

}

699

670

}

700

671

701

672

if(debug){

702

673

fprintf(stderr, "Establishing TLS session with %s\n", ip);

703

674

}

704

675

705

if(quit_now){

706

goto mandos_end;

707

}

708

709

676

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

710

677

711

if(quit_now){

712

goto mandos_end;

713

}

714

715

678

do{

716

679

ret = gnutls_handshake(session);

717

if(quit_now){

718

goto mandos_end;

719

}

720

680

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

721

681

722

682

if(ret != GNUTLS_E_SUCCESS){

736

696

}

737

697

738

698

while(true){

739

740

if(quit_now){

741

goto mandos_end;

742

}

743

744

699

buffer_capacity = incbuffer(&buffer, buffer_length,

745

700

buffer_capacity);

746

701

if(buffer_capacity == 0){

749

704

goto mandos_end;

750

705

}

751

706

752

if(quit_now){

753

goto mandos_end;

754

}

755

756

707

sret = gnutls_record_recv(session, buffer+buffer_length,

757

708

BUFFER_SIZE);

758

709

if(sret == 0){

766

717

case GNUTLS_E_REHANDSHAKE:

767

718

do{

768

719

ret = gnutls_handshake(session);

769

770

if(quit_now){

771

goto mandos_end;

772

}

773

720

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

774

721

if(ret < 0){

775

722

fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");

794

741

fprintf(stderr, "Closing TLS session\n");

795

742

}

796

743

797

if(quit_now){

798

goto mandos_end;

799

}

800

801

744

gnutls_bye(session, GNUTLS_SHUT_RDWR);

802

745

803

if(quit_now){

804

goto mandos_end;

805

}

806

807

746

if(buffer_length > 0){

808

747

decrypted_buffer_size = pgp_packet_decrypt(buffer,

809

748

buffer_length,

811

750

if(decrypted_buffer_size >= 0){

812

751

written = 0;

813

752

while(written < (size_t) decrypted_buffer_size){

814

if(quit_now){

815

goto mandos_end;

816

}

817

818

753

ret = (int)fwrite(decrypted_buffer + written, 1,

819

754

(size_t)decrypted_buffer_size - written,

820

755

stdout);

840

775

841

776

mandos_end:

842

777

free(buffer);

843

if(tcp_sd >= 0){

844

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

845

}

778

ret = (int)TEMP_FAILURE_RETRY(close(tcp_sd));

846

779

if(ret == -1){

847

780

perror("close");

848

781

}

849

782

gnutls_deinit(session);

850

if(quit_now){

851

retval = -1;

852

}

853

783

return retval;

854

784

}

855

785

918

848

/* Called whenever a new services becomes available on the LAN or

919

849

is removed from the LAN */

920

850

921

if(quit_now){

922

return;

923

}

924

925

851

switch(event){

926

852

default:

927

853

case AVAHI_BROWSER_FAILURE:

Older »