To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugins.d/mandosclient.c
- browse files at revision 24.1.5
- compare with another revision
- download diff
- download tarball
- view history from revision 24.1.5
- Committer: Björn Påhlsson
- Date: 2008-07-31 16:20:47 UTC
- mto: (237.7.1 mandos) (24.1.154 mandos)
- mto: This revision was merged to the branch mainline in revision 30.
- Revision ID: belorn@braxen-20080731162047-lahe2b2prwjw8b2l
plugbasedclient:
Added support to disable plugins
Added support to change plugin directory
mandosclient.c
Fixed some funtion calls that lacked error handling
small bugfix
Added support to disable plugins
Added support to change plugin directory
mandosclient.c
Fixed some funtion calls that lacked error handling
small bugfix
- files removed:
- plugins.d/Makefile
- files modified:
- Makefile
added
removed
plugins.d/mandosclient.c
1
/* $Id$ */
2
3
/* PLEASE NOTE *
4
* This file demonstrates how to use Avahi's core API, this is
5
* the embeddable mDNS stack for embedded applications.
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Mandos client - get and decrypt data from a Mandos server
6
4
*
7
* End user applications should *not* use this API and should use
8
* the D-Bus or C APIs, please see
9
* client-browse-services.c and glib-integration.c
10
*
11
* I repeat, you probably do *not* want to use this example.
5
* This program is partly derived from an example program for an Avahi
6
* service browser, downloaded from
7
* <http://avahi.org/browser/examples/core-browse-services.c>. This
8
* includes the following functions: "resolve_callback",
9
* "browse_callback", and parts of "main".
10
*
11
* Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
12
* Påhlsson.
13
*
14
* This program is free software: you can redistribute it and/or
15
* modify it under the terms of the GNU General Public License as
16
* published by the Free Software Foundation, either version 3 of the
17
* License, or (at your option) any later version.
18
*
19
* This program is distributed in the hope that it will be useful, but
20
* WITHOUT ANY WARRANTY; without even the implied warranty of
21
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22
* General Public License for more details.
23
*
24
* You should have received a copy of the GNU General Public License
25
* along with this program. If not, see
26
* <http://www.gnu.org/licenses/>.
27
*
28
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
29
* <https://www.fukt.bsnet.se/~teddy/>.
12
30
*/
13
31
14
/***
15
This file is part of avahi.
16
17
avahi is free software; you can redistribute it and/or modify it
18
under the terms of the GNU Lesser General Public License as
19
published by the Free Software Foundation; either version 2.1 of the
20
License, or (at your option) any later version.
21
22
avahi is distributed in the hope that it will be useful, but WITHOUT
23
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
24
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
25
Public License for more details.
26
27
You should have received a copy of the GNU Lesser General Public
28
License along with avahi; if not, write to the Free Software
29
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
30
USA.
31
***/
32
#define _FORTIFY_SOURCE 2
32
33
33
34
#define _LARGEFILE_SOURCE
34
35
#define _FILE_OFFSET_BITS 64
47
48
#include <avahi-common/error.h>
48
49
49
50
//mandos client part
50
#include <sys/types.h> /* socket(), setsockopt(), inet_pton() */
51
#include <sys/socket.h> /* socket(), setsockopt(), struct sockaddr_in6, struct in6_addr, inet_pton() */
52
#include <gnutls/gnutls.h> /* ALL GNUTLS STUFF */
53
#include <gnutls/openpgp.h> /* gnutls with openpgp stuff */
51
#include <sys/types.h> /* socket(), inet_pton() */
52
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
53
struct in6_addr, inet_pton() */
54
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
55
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
54
56
55
57
#include <unistd.h> /* close() */
56
58
#include <netinet/in.h>
63
65
#include <errno.h> /* perror() */
64
66
#include <gpgme.h>
65
67
68
// getopt long
69
#include <getopt.h>
66
70
67
#ifndef CERT_ROOT
68
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
69
#endif
70
#define CERTFILE CERT_ROOT "openpgp-client.txt"
71
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
72
71
#define BUFFER_SIZE 256
73
72
#define DH_BITS 1024
74
73
74
const char *certdir = "/conf/conf.d/cryptkeyreq/";
75
const char *certfile = "openpgp-client.txt";
76
const char *certkey = "openpgp-client-key.txt";
77
78
bool debug = false;
79
75
80
typedef struct {
76
81
gnutls_session_t session;
77
82
gnutls_certificate_credentials_t cred;
79
84
} encrypted_session;
80
85
81
86
82
ssize_t gpg_packet_decrypt (char *packet, size_t packet_size, char **new_packet, char *homedir){
87
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
88
char **new_packet, const char *homedir){
83
89
gpgme_data_t dh_crypto, dh_plain;
84
90
gpgme_ctx_t ctx;
85
91
gpgme_error_t rc;
86
92
ssize_t ret;
87
size_t new_packet_capacity = 0;
88
size_t new_packet_length = 0;
93
ssize_t new_packet_capacity = 0;
94
ssize_t new_packet_length = 0;
89
95
gpgme_engine_info_t engine_info;
90
96
97
if (debug){
98
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
99
}
100
91
101
/* Init GPGME */
92
102
gpgme_check_version(NULL);
93
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
103
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
104
if (rc != GPG_ERR_NO_ERROR){
105
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
106
gpgme_strsource(rc), gpgme_strerror(rc));
107
return -1;
108
}
94
109
95
110
/* Set GPGME home directory */
96
111
rc = gpgme_get_engine_info (&engine_info);
136
151
return -1;
137
152
}
138
153
139
/* Decrypt data from the FILE pointer to the plaintext data buffer */
154
/* Decrypt data from the FILE pointer to the plaintext data
155
buffer */
140
156
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
141
157
if (rc != GPG_ERR_NO_ERROR){
142
158
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
143
159
gpgme_strsource(rc), gpgme_strerror(rc));
144
160
return -1;
145
161
}
162
163
if(debug){
164
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
165
}
166
167
if (debug){
168
gpgme_decrypt_result_t result;
169
result = gpgme_op_decrypt_result(ctx);
170
if (result == NULL){
171
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
172
} else {
173
fprintf(stderr, "Unsupported algorithm: %s\n",
174
result->unsupported_algorithm);
175
fprintf(stderr, "Wrong key usage: %d\n",
176
result->wrong_key_usage);
177
if(result->file_name != NULL){
178
fprintf(stderr, "File name: %s\n", result->file_name);
179
}
180
gpgme_recipient_t recipient;
181
recipient = result->recipients;
182
if(recipient){
183
while(recipient != NULL){
184
fprintf(stderr, "Public key algorithm: %s\n",
185
gpgme_pubkey_algo_name(recipient->pubkey_algo));
186
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
187
fprintf(stderr, "Secret key available: %s\n",
188
recipient->status == GPG_ERR_NO_SECKEY
189
? "No" : "Yes");
190
recipient = recipient->next;
191
}
192
}
193
}
194
}
146
195
147
/* gpgme_decrypt_result_t result; */
148
/* result = gpgme_op_decrypt_result(ctx); */
149
/* fprintf(stderr, "Unsupported algorithm: %s\n", result->unsupported_algorithm); */
150
/* fprintf(stderr, "Wrong key usage: %d\n", result->wrong_key_usage); */
151
/* if(result->file_name != NULL){ */
152
/* fprintf(stderr, "File name: %s\n", result->file_name); */
153
/* } */
154
/* gpgme_recipient_t recipient; */
155
/* recipient = result->recipients; */
156
/* if(recipient){ */
157
/* while(recipient != NULL){ */
158
/* fprintf(stderr, "Public key algorithm: %s\n", */
159
/* gpgme_pubkey_algo_name(recipient->pubkey_algo)); */
160
/* fprintf(stderr, "Key ID: %s\n", recipient->keyid); */
161
/* fprintf(stderr, "Secret key available: %s\n", */
162
/* recipient->status == GPG_ERR_NO_SECKEY ? "No" : "Yes"); */
163
/* recipient = recipient->next; */
164
/* } */
165
/* } */
166
167
196
/* Delete the GPGME FILE pointer cryptotext data buffer */
168
197
gpgme_data_release(dh_crypto);
169
198
170
199
/* Seek back to the beginning of the GPGME plaintext data buffer */
171
gpgme_data_seek(dh_plain, 0, SEEK_SET);
172
200
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
201
perror("pgpme_data_seek");
202
}
203
173
204
*new_packet = 0;
174
205
while(true){
175
206
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
176
*new_packet = realloc(*new_packet, new_packet_capacity + BUFFER_SIZE);
207
*new_packet = realloc(*new_packet,
208
(unsigned int)new_packet_capacity
209
+ BUFFER_SIZE);
177
210
if (*new_packet == NULL){
178
211
perror("realloc");
179
212
return -1;
181
214
new_packet_capacity += BUFFER_SIZE;
182
215
}
183
216
184
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length, BUFFER_SIZE);
217
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
218
BUFFER_SIZE);
185
219
/* Print the data, if any */
186
220
if (ret == 0){
187
/* If password is empty, then a incorrect error will be printed */
188
221
break;
189
222
}
190
223
if(ret < 0){
194
227
new_packet_length += ret;
195
228
}
196
229
197
/* Delete the GPGME plaintext data buffer */
230
/* FIXME: check characters before printing to screen so to not print
231
terminal control characters */
232
/* if(debug){ */
233
/* fprintf(stderr, "decrypted password is: "); */
234
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
235
/* fprintf(stderr, "\n"); */
236
/* } */
237
238
/* Delete the GPGME plaintext data buffer */
198
239
gpgme_data_release(dh_plain);
199
240
return new_packet_length;
200
241
}
206
247
return ret;
207
248
}
208
249
209
void debuggnutls(int level, const char* string){
250
void debuggnutls(__attribute__((unused)) int level,
251
const char* string){
210
252
fprintf(stderr, "%s", string);
211
253
}
212
254
214
256
const char *err;
215
257
int ret;
216
258
259
if(debug){
260
fprintf(stderr, "Initializing GnuTLS\n");
261
}
262
217
263
if ((ret = gnutls_global_init ())
218
264
!= GNUTLS_E_SUCCESS) {
219
265
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
220
266
return -1;
221
267
}
222
268
223
/* Uncomment to enable full debuggin on the gnutls library */
224
/* gnutls_global_set_log_level(11); */
225
/* gnutls_global_set_log_function(debuggnutls); */
226
227
269
if (debug){
270
gnutls_global_set_log_level(11);
271
gnutls_global_set_log_function(debuggnutls);
272
}
273
228
274
/* openpgp credentials */
229
275
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
230
276
!= GNUTLS_E_SUCCESS) {
231
fprintf (stderr, "memory error: %s\n", safer_gnutls_strerror(ret));
277
fprintf (stderr, "memory error: %s\n",
278
safer_gnutls_strerror(ret));
232
279
return -1;
233
280
}
234
281
282
if(debug){
283
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
284
" and keyfile %s as GnuTLS credentials\n", certfile,
285
certkey);
286
}
287
235
288
ret = gnutls_certificate_set_openpgp_key_file
236
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
289
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
237
290
if (ret != GNUTLS_E_SUCCESS) {
238
291
fprintf
239
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
240
ret, CERTFILE, KEYFILE);
292
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
293
" '%s')\n",
294
ret, certfile, certkey);
241
295
fprintf(stdout, "The Error is: %s\n",
242
296
safer_gnutls_strerror(ret));
243
297
return -1;
244
298
}
245
246
//Gnutls server initialization
299
300
//GnuTLS server initialization
247
301
if ((ret = gnutls_dh_params_init (&es->dh_params))
248
302
!= GNUTLS_E_SUCCESS) {
249
303
fprintf (stderr, "Error in dh parameter initialization: %s\n",
250
304
safer_gnutls_strerror(ret));
251
305
return -1;
252
306
}
253
307
254
308
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
255
309
!= GNUTLS_E_SUCCESS) {
256
310
fprintf (stderr, "Error in prime generation: %s\n",
257
311
safer_gnutls_strerror(ret));
258
312
return -1;
259
313
}
260
314
261
315
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
262
263
// Gnutls session creation
316
317
// GnuTLS session creation
264
318
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
265
319
!= GNUTLS_E_SUCCESS){
266
fprintf(stderr, "Error in gnutls session initialization: %s\n",
320
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
267
321
safer_gnutls_strerror(ret));
268
322
}
269
323
270
324
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
271
325
!= GNUTLS_E_SUCCESS) {
272
326
fprintf(stderr, "Syntax error at: %s\n", err);
273
fprintf(stderr, "Gnutls error: %s\n",
327
fprintf(stderr, "GnuTLS error: %s\n",
274
328
safer_gnutls_strerror(ret));
275
329
return -1;
276
330
}
277
331
278
332
if ((ret = gnutls_credentials_set
279
333
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
280
334
!= GNUTLS_E_SUCCESS) {
282
336
safer_gnutls_strerror(ret));
283
337
return -1;
284
338
}
285
339
286
340
/* ignore client certificate if any. */
287
gnutls_certificate_server_set_request (es->session, GNUTLS_CERT_IGNORE);
341
gnutls_certificate_server_set_request (es->session,
342
GNUTLS_CERT_IGNORE);
288
343
289
344
gnutls_dh_set_prime_bits (es->session, DH_BITS);
290
345
291
346
return 0;
292
347
}
293
348
294
void empty_log(AvahiLogLevel level, const char *txt){}
349
void empty_log(__attribute__((unused)) AvahiLogLevel level,
350
__attribute__((unused)) const char *txt){}
295
351
296
int start_mandos_communcation(char *ip, uint16_t port){
352
int start_mandos_communication(const char *ip, uint16_t port,
353
unsigned int if_index){
297
354
int ret, tcp_sd;
298
355
struct sockaddr_in6 to;
299
struct in6_addr ip_addr;
300
356
encrypted_session es;
301
357
char *buffer = NULL;
302
358
char *decrypted_buffer;
303
359
size_t buffer_length = 0;
304
360
size_t buffer_capacity = 0;
305
361
ssize_t decrypted_buffer_size;
362
size_t written = 0;
306
363
int retval = 0;
307
364
char interface[IF_NAMESIZE];
365
366
if(debug){
367
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
368
}
308
369
309
370
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
310
371
if(tcp_sd < 0) {
312
373
return -1;
313
374
}
314
375
315
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, "eth0", 5);
316
if(tcp_sd < 0) {
317
perror("setsockopt bindtodevice");
376
if(if_indextoname(if_index, interface) == NULL){
377
if(debug){
378
perror("if_indextoname");
379
}
318
380
return -1;
319
381
}
320
382
321
memset(&to,0,sizeof(to));
383
if(debug){
384
fprintf(stderr, "Binding to interface %s\n", interface);
385
}
386
387
memset(&to,0,sizeof(to)); /* Spurious warning */
322
388
to.sin6_family = AF_INET6;
323
ret = inet_pton(AF_INET6, ip, &ip_addr);
389
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
324
390
if (ret < 0 ){
325
391
perror("inet_pton");
326
392
return -1;
329
395
fprintf(stderr, "Bad address: %s\n", ip);
330
396
return -1;
331
397
}
332
to.sin6_port = htons(port);
333
to.sin6_scope_id = if_nametoindex("eth0");
398
to.sin6_port = htons(port); /* Spurious warning */
399
400
to.sin6_scope_id = (uint32_t)if_index;
401
402
if(debug){
403
fprintf(stderr, "Connection to: %s\n", ip);
404
}
334
405
335
406
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
336
407
if (ret < 0){
343
414
retval = -1;
344
415
return -1;
345
416
}
346
347
348
gnutls_transport_set_ptr (es.session, (gnutls_transport_ptr_t) tcp_sd);
349
417
418
gnutls_transport_set_ptr (es.session,
419
(gnutls_transport_ptr_t) tcp_sd);
420
421
if(debug){
422
fprintf(stderr, "Establishing TLS session with %s\n", ip);
423
}
424
350
425
ret = gnutls_handshake (es.session);
351
426
352
427
if (ret != GNUTLS_E_SUCCESS){
353
fprintf(stderr, "\n*** Handshake failed ***\n");
354
gnutls_perror (ret);
428
if(debug){
429
fprintf(stderr, "\n*** Handshake failed ***\n");
430
gnutls_perror (ret);
431
}
355
432
retval = -1;
356
433
goto exit;
357
434
}
435
436
//Retrieve OpenPGP packet that contains the wanted password
437
438
if(debug){
439
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
440
ip);
441
}
358
442
359
//retrive password
360
443
while(true){
361
444
if (buffer_length + BUFFER_SIZE > buffer_capacity){
362
445
buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);
387
470
}
388
471
break;
389
472
default:
390
fprintf(stderr, "Unknown error while reading data from encrypted session with mandos server\n");
473
fprintf(stderr, "Unknown error while reading data from"
474
" encrypted session with mandos server\n");
391
475
retval = -1;
392
476
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
393
477
goto exit;
394
478
}
395
479
} else {
396
buffer_length += ret;
480
buffer_length += (size_t) ret;
397
481
}
398
482
}
399
483
400
484
if (buffer_length > 0){
401
if ((decrypted_buffer_size = gpg_packet_decrypt(buffer, buffer_length, &decrypted_buffer, CERT_ROOT)) == 0){
485
decrypted_buffer_size = pgp_packet_decrypt(buffer,
486
buffer_length,
487
&decrypted_buffer,
488
certdir);
489
if (decrypted_buffer_size >= 0){
490
while(written < decrypted_buffer_size){
491
ret = (int)fwrite (decrypted_buffer + written, 1,
492
(size_t)decrypted_buffer_size - written,
493
stdout);
494
if(ret == 0 and ferror(stdout)){
495
if(debug){
496
fprintf(stderr, "Error writing encrypted data: %s\n",
497
strerror(errno));
498
}
499
retval = -1;
500
break;
501
}
502
written += (size_t)ret;
503
}
504
free(decrypted_buffer);
505
} else {
402
506
retval = -1;
403
} else {
404
fwrite (decrypted_buffer, 1, decrypted_buffer_size, stdout);
405
free(decrypted_buffer);
406
507
}
407
508
}
408
509
510
//shutdown procedure
511
512
if(debug){
513
fprintf(stderr, "Closing TLS session\n");
514
}
515
409
516
free(buffer);
410
411
//shutdown procedure
412
517
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
413
518
exit:
414
519
close(tcp_sd);
423
528
424
529
static void resolve_callback(
425
530
AvahiSServiceResolver *r,
426
AVAHI_GCC_UNUSED AvahiIfIndex interface,
531
AvahiIfIndex interface,
427
532
AVAHI_GCC_UNUSED AvahiProtocol protocol,
428
533
AvahiResolverEvent event,
429
534
const char *name,
432
537
const char *host_name,
433
538
const AvahiAddress *address,
434
539
uint16_t port,
435
AvahiStringList *txt,
436
AvahiLookupResultFlags flags,
540
AVAHI_GCC_UNUSED AvahiStringList *txt,
541
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
437
542
AVAHI_GCC_UNUSED void* userdata) {
438
543
439
assert(r);
440
441
/* Called whenever a service has been resolved successfully or timed out */
442
443
switch (event) {
444
case AVAHI_RESOLVER_FAILURE:
445
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of type '%s' in domain '%s': %s\n", name, type, domain, avahi_strerror(avahi_server_errno(server)));
446
break;
447
448
case AVAHI_RESOLVER_FOUND: {
449
char ip[AVAHI_ADDRESS_STR_MAX];
450
avahi_address_snprint(ip, sizeof(ip), address);
451
int ret = start_mandos_communcation(ip, port);
452
if (ret == 0){
453
exit(EXIT_SUCCESS);
454
} else {
455
exit(EXIT_FAILURE);
456
}
457
}
544
assert(r); /* Spurious warning */
545
546
/* Called whenever a service has been resolved successfully or
547
timed out */
548
549
switch (event) {
550
default:
551
case AVAHI_RESOLVER_FAILURE:
552
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
553
" type '%s' in domain '%s': %s\n", name, type, domain,
554
avahi_strerror(avahi_server_errno(server)));
555
break;
556
557
case AVAHI_RESOLVER_FOUND:
558
{
559
char ip[AVAHI_ADDRESS_STR_MAX];
560
avahi_address_snprint(ip, sizeof(ip), address);
561
if(debug){
562
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
563
" port %d\n", name, host_name, ip, port);
564
}
565
int ret = start_mandos_communication(ip, port,
566
(unsigned int) interface);
567
if (ret == 0){
568
exit(EXIT_SUCCESS);
569
}
458
570
}
459
avahi_s_service_resolver_free(r);
571
}
572
avahi_s_service_resolver_free(r);
460
573
}
461
574
462
575
static void browse_callback(
471
584
void* userdata) {
472
585
473
586
AvahiServer *s = userdata;
474
assert(b);
475
476
/* Called whenever a new services becomes available on the LAN or is removed from the LAN */
477
587
assert(b); /* Spurious warning */
588
589
/* Called whenever a new services becomes available on the LAN or
590
is removed from the LAN */
591
478
592
switch (event) {
479
480
case AVAHI_BROWSER_FAILURE:
481
482
fprintf(stderr, "(Browser) %s\n", avahi_strerror(avahi_server_errno(server)));
483
avahi_simple_poll_quit(simple_poll);
484
return;
485
486
case AVAHI_BROWSER_NEW:
487
/* We ignore the returned resolver object. In the callback
488
function we free it. If the server is terminated before
489
the callback function is called the server will free
490
the resolver for us. */
491
492
if (!(avahi_s_service_resolver_new(s, interface, protocol, name, type, domain, AVAHI_PROTO_INET6, 0, resolve_callback, s)))
493
fprintf(stderr, "Failed to resolve service '%s': %s\n", name, avahi_strerror(avahi_server_errno(s)));
494
495
break;
496
497
case AVAHI_BROWSER_REMOVE:
498
break;
499
500
case AVAHI_BROWSER_ALL_FOR_NOW:
501
case AVAHI_BROWSER_CACHE_EXHAUSTED:
502
break;
593
default:
594
case AVAHI_BROWSER_FAILURE:
595
596
fprintf(stderr, "(Browser) %s\n",
597
avahi_strerror(avahi_server_errno(server)));
598
avahi_simple_poll_quit(simple_poll);
599
return;
600
601
case AVAHI_BROWSER_NEW:
602
/* We ignore the returned resolver object. In the callback
603
function we free it. If the server is terminated before
604
the callback function is called the server will free
605
the resolver for us. */
606
607
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
608
type, domain,
609
AVAHI_PROTO_INET6, 0,
610
resolve_callback, s)))
611
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
612
avahi_strerror(avahi_server_errno(s)));
613
break;
614
615
case AVAHI_BROWSER_REMOVE:
616
break;
617
618
case AVAHI_BROWSER_ALL_FOR_NOW:
619
case AVAHI_BROWSER_CACHE_EXHAUSTED:
620
break;
503
621
}
504
622
}
505
623
624
/* combinds file name and path and returns the malloced new string. som sane checks could/should be added */
625
const char *combinepath(const char *first, const char *second){
626
char *tmp;
627
tmp = malloc(strlen(first) + strlen(second) + 2);
628
if (tmp == NULL){
629
perror("malloc");
630
return NULL;
631
}
632
strcpy(tmp, first);
633
if (first[0] != '\0' and first[strlen(first) - 1] != '/'){
634
strcat(tmp, "/");
635
}
636
strcat(tmp, second);
637
return tmp;
638
}
639
640
506
641
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
507
642
AvahiServerConfig config;
508
643
AvahiSServiceBrowser *sb = NULL;
509
644
int error;
510
int ret = 1;
645
int ret;
646
int returncode = EXIT_SUCCESS;
647
const char *interface = "eth0";
648
649
while (true){
650
static struct option long_options[] = {
651
{"debug", no_argument, (int *)&debug, 1},
652
{"interface", required_argument, 0, 'i'},
653
{"certdir", required_argument, 0, 'd'},
654
{"certkey", required_argument, 0, 'c'},
655
{"certfile", required_argument, 0, 'k'},
656
{0, 0, 0, 0} };
657
658
int option_index = 0;
659
ret = getopt_long (argc, argv, "i:", long_options,
660
&option_index);
661
662
if (ret == -1){
663
break;
664
}
665
666
switch(ret){
667
case 0:
668
break;
669
case 'i':
670
interface = optarg;
671
break;
672
case 'd':
673
certdir = optarg;
674
break;
675
case 'c':
676
certfile = optarg;
677
break;
678
case 'k':
679
certkey = optarg;
680
break;
681
default:
682
exit(EXIT_FAILURE);
683
}
684
}
511
685
512
avahi_set_log_function(empty_log);
686
certfile = combinepath(certdir, certfile);
687
if (certfile == NULL){
688
goto exit;
689
}
690
691
certkey = combinepath(certdir, certkey);
692
if (certkey == NULL){
693
goto exit;
694
}
695
696
if (not debug){
697
avahi_set_log_function(empty_log);
698
}
513
699
514
700
/* Initialize the psuedo-RNG */
515
srand(time(NULL));
701
srand((unsigned int) time(NULL));
516
702
517
703
/* Allocate main loop object */
518
704
if (!(simple_poll = avahi_simple_poll_new())) {
519
705
fprintf(stderr, "Failed to create simple poll object.\n");
520
goto fail;
706
707
goto exit;
521
708
}
522
709
523
710
/* Do not publish any local records */
527
714
config.publish_workstation = 0;
528
715
config.publish_domain = 0;
529
716
530
/* /\* Set a unicast DNS server for wide area DNS-SD *\/ */
531
/* avahi_address_parse("193.11.177.11", AVAHI_PROTO_UNSPEC, &config.wide_area_servers[0]); */
532
/* config.n_wide_area_servers = 1; */
533
/* config.enable_wide_area = 1; */
534
535
717
/* Allocate a new server */
536
server = avahi_server_new(avahi_simple_poll_get(simple_poll), &config, NULL, NULL, &error);
718
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
719
&config, NULL, NULL, &error);
537
720
538
721
/* Free the configuration data */
539
722
avahi_server_config_free(&config);
540
723
541
/* Check wether creating the server object succeeded */
724
/* Check if creating the server object succeeded */
542
725
if (!server) {
543
fprintf(stderr, "Failed to create server: %s\n", avahi_strerror(error));
544
goto fail;
726
fprintf(stderr, "Failed to create server: %s\n",
727
avahi_strerror(error));
728
returncode = EXIT_FAILURE;
729
goto exit;
545
730
}
546
731
547
732
/* Create the service browser */
548
if (!(sb = avahi_s_service_browser_new(server, if_nametoindex("eth0"), AVAHI_PROTO_INET6, "_mandos._tcp", NULL, 0, browse_callback, server))) {
549
fprintf(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_server_errno(server)));
550
goto fail;
733
sb = avahi_s_service_browser_new(server,
734
(AvahiIfIndex)
735
if_nametoindex(interface),
736
AVAHI_PROTO_INET6,
737
"_mandos._tcp", NULL, 0,
738
browse_callback, server);
739
if (!sb) {
740
fprintf(stderr, "Failed to create service browser: %s\n",
741
avahi_strerror(avahi_server_errno(server)));
742
returncode = EXIT_FAILURE;
743
goto exit;
551
744
}
552
745
553
746
/* Run the main loop */
747
748
if (debug){
749
fprintf(stderr, "Starting avahi loop search\n");
750
}
751
554
752
avahi_simple_poll_loop(simple_poll);
555
753
556
ret = 0;
557
558
fail:
754
exit:
755
756
if (debug){
757
fprintf(stderr, "%s exiting\n", argv[0]);
758
}
559
759
560
760
/* Cleanup things */
561
761
if (sb)
566
766
567
767
if (simple_poll)
568
768
avahi_simple_poll_free(simple_poll);
569
570
return ret;
769
free(certfile);
770
free(certkey);
771
772
return returncode;
571
773
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0