To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugins.d/mandosclient.c
- browse files at revision 24.1.5
- compare with another revision
- download diff
- download tarball
- view history from revision 24.1.5
- Committer: Björn Påhlsson
- Date: 2008-07-31 16:20:47 UTC
- mto: (237.7.1 mandos) (24.1.154 mandos)
- mto: This revision was merged to the branch mainline in revision 30.
- Revision ID: belorn@braxen-20080731162047-lahe2b2prwjw8b2l
plugbasedclient:
Added support to disable plugins
Added support to change plugin directory
mandosclient.c
Fixed some funtion calls that lacked error handling
small bugfix
Added support to disable plugins
Added support to change plugin directory
mandosclient.c
Fixed some funtion calls that lacked error handling
small bugfix
added
removed
plugins.d/mandosclient.c
1
/***
2
This file is part of avahi.
3
4
avahi is free software; you can redistribute it and/or modify it
5
under the terms of the GNU Lesser General Public License as
6
published by the Free Software Foundation; either version 2.1 of the
7
License, or (at your option) any later version.
8
9
avahi is distributed in the hope that it will be useful, but WITHOUT
10
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
12
Public License for more details.
13
14
You should have received a copy of the GNU Lesser General Public
15
License along with avahi; if not, write to the Free Software
16
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
17
USA.
18
***/
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Mandos client - get and decrypt data from a Mandos server
4
*
5
* This program is partly derived from an example program for an Avahi
6
* service browser, downloaded from
7
* <http://avahi.org/browser/examples/core-browse-services.c>. This
8
* includes the following functions: "resolve_callback",
9
* "browse_callback", and parts of "main".
10
*
11
* Everything else is Copyright © 2007-2008 Teddy Hogeborn and Björn
12
* Påhlsson.
13
*
14
* This program is free software: you can redistribute it and/or
15
* modify it under the terms of the GNU General Public License as
16
* published by the Free Software Foundation, either version 3 of the
17
* License, or (at your option) any later version.
18
*
19
* This program is distributed in the hope that it will be useful, but
20
* WITHOUT ANY WARRANTY; without even the implied warranty of
21
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22
* General Public License for more details.
23
*
24
* You should have received a copy of the GNU General Public License
25
* along with this program. If not, see
26
* <http://www.gnu.org/licenses/>.
27
*
28
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
29
* <https://www.fukt.bsnet.se/~teddy/>.
30
*/
31
32
#define _FORTIFY_SOURCE 2
19
33
20
34
#define _LARGEFILE_SOURCE
21
35
#define _FILE_OFFSET_BITS 64
34
48
#include <avahi-common/error.h>
35
49
36
50
//mandos client part
37
#include <sys/types.h> /* socket(), setsockopt(), inet_pton() */
38
#include <sys/socket.h> /* socket(), setsockopt(), struct sockaddr_in6, struct in6_addr, inet_pton() */
39
#include <gnutls/gnutls.h> /* ALL GNUTLS STUFF */
40
#include <gnutls/openpgp.h> /* gnutls with openpgp stuff */
51
#include <sys/types.h> /* socket(), inet_pton() */
52
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
53
struct in6_addr, inet_pton() */
54
#include <gnutls/gnutls.h> /* All GnuTLS stuff */
55
#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */
41
56
42
57
#include <unistd.h> /* close() */
43
58
#include <netinet/in.h>
53
68
// getopt long
54
69
#include <getopt.h>
55
70
56
#ifndef CERT_ROOT
57
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
58
#endif
59
#define CERTFILE CERT_ROOT "openpgp-client.txt"
60
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
61
71
#define BUFFER_SIZE 256
62
72
#define DH_BITS 1024
63
73
74
const char *certdir = "/conf/conf.d/cryptkeyreq/";
75
const char *certfile = "openpgp-client.txt";
76
const char *certkey = "openpgp-client-key.txt";
77
64
78
bool debug = false;
65
char *interface = "eth0";
66
79
67
80
typedef struct {
68
81
gnutls_session_t session;
71
84
} encrypted_session;
72
85
73
86
74
ssize_t gpg_packet_decrypt (char *packet, size_t packet_size, char **new_packet, char *homedir){
87
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
88
char **new_packet, const char *homedir){
75
89
gpgme_data_t dh_crypto, dh_plain;
76
90
gpgme_ctx_t ctx;
77
91
gpgme_error_t rc;
78
92
ssize_t ret;
79
size_t new_packet_capacity = 0;
80
size_t new_packet_length = 0;
93
ssize_t new_packet_capacity = 0;
94
ssize_t new_packet_length = 0;
81
95
gpgme_engine_info_t engine_info;
82
96
83
97
if (debug){
84
fprintf(stderr, "Attempting to decrypt password from gpg packet\n");
98
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
85
99
}
86
100
87
101
/* Init GPGME */
88
102
gpgme_check_version(NULL);
89
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
103
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
104
if (rc != GPG_ERR_NO_ERROR){
105
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
106
gpgme_strsource(rc), gpgme_strerror(rc));
107
return -1;
108
}
90
109
91
110
/* Set GPGME home directory */
92
111
rc = gpgme_get_engine_info (&engine_info);
132
151
return -1;
133
152
}
134
153
135
/* Decrypt data from the FILE pointer to the plaintext data buffer */
154
/* Decrypt data from the FILE pointer to the plaintext data
155
buffer */
136
156
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
137
157
if (rc != GPG_ERR_NO_ERROR){
138
158
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
141
161
}
142
162
143
163
if(debug){
144
fprintf(stderr, "decryption of gpg packet succeeded\n");
164
fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");
145
165
}
146
166
147
167
if (debug){
150
170
if (result == NULL){
151
171
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
152
172
} else {
153
fprintf(stderr, "Unsupported algorithm: %s\n", result->unsupported_algorithm);
154
fprintf(stderr, "Wrong key usage: %d\n", result->wrong_key_usage);
173
fprintf(stderr, "Unsupported algorithm: %s\n",
174
result->unsupported_algorithm);
175
fprintf(stderr, "Wrong key usage: %d\n",
176
result->wrong_key_usage);
155
177
if(result->file_name != NULL){
156
178
fprintf(stderr, "File name: %s\n", result->file_name);
157
179
}
163
185
gpgme_pubkey_algo_name(recipient->pubkey_algo));
164
186
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
165
187
fprintf(stderr, "Secret key available: %s\n",
166
recipient->status == GPG_ERR_NO_SECKEY ? "No" : "Yes");
188
recipient->status == GPG_ERR_NO_SECKEY
189
? "No" : "Yes");
167
190
recipient = recipient->next;
168
191
}
169
192
}
174
197
gpgme_data_release(dh_crypto);
175
198
176
199
/* Seek back to the beginning of the GPGME plaintext data buffer */
177
gpgme_data_seek(dh_plain, 0, SEEK_SET);
178
200
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
201
perror("pgpme_data_seek");
202
}
203
179
204
*new_packet = 0;
180
205
while(true){
181
206
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
182
*new_packet = realloc(*new_packet, new_packet_capacity + BUFFER_SIZE);
207
*new_packet = realloc(*new_packet,
208
(unsigned int)new_packet_capacity
209
+ BUFFER_SIZE);
183
210
if (*new_packet == NULL){
184
211
perror("realloc");
185
212
return -1;
187
214
new_packet_capacity += BUFFER_SIZE;
188
215
}
189
216
190
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length, BUFFER_SIZE);
217
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
218
BUFFER_SIZE);
191
219
/* Print the data, if any */
192
220
if (ret == 0){
193
/* If password is empty, then a incorrect error will be printed */
194
221
break;
195
222
}
196
223
if(ret < 0){
220
247
return ret;
221
248
}
222
249
223
void debuggnutls(int level, const char* string){
250
void debuggnutls(__attribute__((unused)) int level,
251
const char* string){
224
252
fprintf(stderr, "%s", string);
225
253
}
226
254
227
255
int initgnutls(encrypted_session *es){
228
256
const char *err;
229
257
int ret;
230
258
231
259
if(debug){
232
fprintf(stderr, "Initializing gnutls\n");
260
fprintf(stderr, "Initializing GnuTLS\n");
233
261
}
234
262
235
236
263
if ((ret = gnutls_global_init ())
237
264
!= GNUTLS_E_SUCCESS) {
238
265
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
244
271
gnutls_global_set_log_function(debuggnutls);
245
272
}
246
273
247
248
274
/* openpgp credentials */
249
275
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
250
276
!= GNUTLS_E_SUCCESS) {
251
fprintf (stderr, "memory error: %s\n", safer_gnutls_strerror(ret));
277
fprintf (stderr, "memory error: %s\n",
278
safer_gnutls_strerror(ret));
252
279
return -1;
253
280
}
254
281
255
282
if(debug){
256
fprintf(stderr, "Attempting to use openpgp certificate %s"
257
" and keyfile %s as gnutls credentials\n", CERTFILE, KEYFILE);
283
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
284
" and keyfile %s as GnuTLS credentials\n", certfile,
285
certkey);
258
286
}
259
287
260
288
ret = gnutls_certificate_set_openpgp_key_file
261
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
289
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
262
290
if (ret != GNUTLS_E_SUCCESS) {
263
291
fprintf
264
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",
265
ret, CERTFILE, KEYFILE);
292
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
293
" '%s')\n",
294
ret, certfile, certkey);
266
295
fprintf(stdout, "The Error is: %s\n",
267
296
safer_gnutls_strerror(ret));
268
297
return -1;
269
298
}
270
271
//Gnutls server initialization
299
300
//GnuTLS server initialization
272
301
if ((ret = gnutls_dh_params_init (&es->dh_params))
273
302
!= GNUTLS_E_SUCCESS) {
274
303
fprintf (stderr, "Error in dh parameter initialization: %s\n",
275
304
safer_gnutls_strerror(ret));
276
305
return -1;
277
306
}
278
307
279
308
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
280
309
!= GNUTLS_E_SUCCESS) {
281
310
fprintf (stderr, "Error in prime generation: %s\n",
282
311
safer_gnutls_strerror(ret));
283
312
return -1;
284
313
}
285
314
286
315
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
287
288
// Gnutls session creation
316
317
// GnuTLS session creation
289
318
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
290
319
!= GNUTLS_E_SUCCESS){
291
fprintf(stderr, "Error in gnutls session initialization: %s\n",
320
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
292
321
safer_gnutls_strerror(ret));
293
322
}
294
323
295
324
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
296
325
!= GNUTLS_E_SUCCESS) {
297
326
fprintf(stderr, "Syntax error at: %s\n", err);
298
fprintf(stderr, "Gnutls error: %s\n",
327
fprintf(stderr, "GnuTLS error: %s\n",
299
328
safer_gnutls_strerror(ret));
300
329
return -1;
301
330
}
302
331
303
332
if ((ret = gnutls_credentials_set
304
333
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
305
334
!= GNUTLS_E_SUCCESS) {
307
336
safer_gnutls_strerror(ret));
308
337
return -1;
309
338
}
310
339
311
340
/* ignore client certificate if any. */
312
gnutls_certificate_server_set_request (es->session, GNUTLS_CERT_IGNORE);
341
gnutls_certificate_server_set_request (es->session,
342
GNUTLS_CERT_IGNORE);
313
343
314
344
gnutls_dh_set_prime_bits (es->session, DH_BITS);
315
345
316
346
return 0;
317
347
}
318
348
319
void empty_log(AvahiLogLevel level, const char *txt){}
349
void empty_log(__attribute__((unused)) AvahiLogLevel level,
350
__attribute__((unused)) const char *txt){}
320
351
321
int start_mandos_communication(char *ip, uint16_t port){
352
int start_mandos_communication(const char *ip, uint16_t port,
353
unsigned int if_index){
322
354
int ret, tcp_sd;
323
355
struct sockaddr_in6 to;
324
356
encrypted_session es;
327
359
size_t buffer_length = 0;
328
360
size_t buffer_capacity = 0;
329
361
ssize_t decrypted_buffer_size;
362
size_t written = 0;
330
363
int retval = 0;
331
364
char interface[IF_NAMESIZE];
365
332
366
if(debug){
333
367
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
334
368
}
338
372
perror("socket");
339
373
return -1;
340
374
}
341
375
376
if(if_indextoname(if_index, interface) == NULL){
377
if(debug){
378
perror("if_indextoname");
379
}
380
return -1;
381
}
382
342
383
if(debug){
343
384
fprintf(stderr, "Binding to interface %s\n", interface);
344
385
}
345
346
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);
347
if(tcp_sd < 0) {
348
perror("setsockopt bindtodevice");
349
return -1;
350
}
351
386
352
memset(&to,0,sizeof(to));
387
memset(&to,0,sizeof(to)); /* Spurious warning */
353
388
to.sin6_family = AF_INET6;
354
389
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
355
390
if (ret < 0 ){
360
395
fprintf(stderr, "Bad address: %s\n", ip);
361
396
return -1;
362
397
}
363
to.sin6_port = htons(port);
364
to.sin6_scope_id = if_nametoindex(interface);
365
398
to.sin6_port = htons(port); /* Spurious warning */
399
400
to.sin6_scope_id = (uint32_t)if_index;
401
366
402
if(debug){
367
403
fprintf(stderr, "Connection to: %s\n", ip);
368
404
}
378
414
retval = -1;
379
415
return -1;
380
416
}
381
382
383
gnutls_transport_set_ptr (es.session, (gnutls_transport_ptr_t) tcp_sd);
384
417
418
gnutls_transport_set_ptr (es.session,
419
(gnutls_transport_ptr_t) tcp_sd);
420
385
421
if(debug){
386
fprintf(stderr, "Establishing tls session with %s\n", ip);
422
fprintf(stderr, "Establishing TLS session with %s\n", ip);
387
423
}
388
389
424
390
425
ret = gnutls_handshake (es.session);
391
426
392
427
if (ret != GNUTLS_E_SUCCESS){
393
fprintf(stderr, "\n*** Handshake failed ***\n");
394
gnutls_perror (ret);
428
if(debug){
429
fprintf(stderr, "\n*** Handshake failed ***\n");
430
gnutls_perror (ret);
431
}
395
432
retval = -1;
396
433
goto exit;
397
434
}
398
399
//Retrieve gpg packet that contains the wanted password
400
435
436
//Retrieve OpenPGP packet that contains the wanted password
437
401
438
if(debug){
402
fprintf(stderr, "Retrieving pgp encrypted password from %s\n", ip);
439
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
440
ip);
403
441
}
404
442
405
443
while(true){
432
470
}
433
471
break;
434
472
default:
435
fprintf(stderr, "Unknown error while reading data from encrypted session with mandos server\n");
473
fprintf(stderr, "Unknown error while reading data from"
474
" encrypted session with mandos server\n");
436
475
retval = -1;
437
476
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
438
477
goto exit;
439
478
}
440
479
} else {
441
buffer_length += ret;
480
buffer_length += (size_t) ret;
442
481
}
443
482
}
444
483
445
484
if (buffer_length > 0){
446
if ((decrypted_buffer_size = gpg_packet_decrypt(buffer, buffer_length, &decrypted_buffer, CERT_ROOT)) >= 0){
447
fwrite (decrypted_buffer, 1, decrypted_buffer_size, stdout);
485
decrypted_buffer_size = pgp_packet_decrypt(buffer,
486
buffer_length,
487
&decrypted_buffer,
488
certdir);
489
if (decrypted_buffer_size >= 0){
490
while(written < decrypted_buffer_size){
491
ret = (int)fwrite (decrypted_buffer + written, 1,
492
(size_t)decrypted_buffer_size - written,
493
stdout);
494
if(ret == 0 and ferror(stdout)){
495
if(debug){
496
fprintf(stderr, "Error writing encrypted data: %s\n",
497
strerror(errno));
498
}
499
retval = -1;
500
break;
501
}
502
written += (size_t)ret;
503
}
448
504
free(decrypted_buffer);
449
505
} else {
450
506
retval = -1;
454
510
//shutdown procedure
455
511
456
512
if(debug){
457
fprintf(stderr, "Closing tls session\n");
513
fprintf(stderr, "Closing TLS session\n");
458
514
}
459
515
460
516
free(buffer);
472
528
473
529
static void resolve_callback(
474
530
AvahiSServiceResolver *r,
475
AVAHI_GCC_UNUSED AvahiIfIndex interface,
531
AvahiIfIndex interface,
476
532
AVAHI_GCC_UNUSED AvahiProtocol protocol,
477
533
AvahiResolverEvent event,
478
534
const char *name,
481
537
const char *host_name,
482
538
const AvahiAddress *address,
483
539
uint16_t port,
484
AvahiStringList *txt,
485
AvahiLookupResultFlags flags,
540
AVAHI_GCC_UNUSED AvahiStringList *txt,
541
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
486
542
AVAHI_GCC_UNUSED void* userdata) {
487
543
488
assert(r);
489
490
/* Called whenever a service has been resolved successfully or timed out */
491
492
switch (event) {
493
case AVAHI_RESOLVER_FAILURE:
494
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of type '%s' in domain '%s': %s\n", name, type, domain, avahi_strerror(avahi_server_errno(server)));
495
break;
496
497
case AVAHI_RESOLVER_FOUND: {
498
char ip[AVAHI_ADDRESS_STR_MAX];
499
avahi_address_snprint(ip, sizeof(ip), address);
500
if(debug){
501
fprintf(stderr, "Mandos server found at %s on port %d\n", ip, port);
502
}
503
int ret = start_mandos_communication(ip, port);
504
if (ret == 0){
505
exit(EXIT_SUCCESS);
506
} else {
507
exit(EXIT_FAILURE);
508
}
509
}
544
assert(r); /* Spurious warning */
545
546
/* Called whenever a service has been resolved successfully or
547
timed out */
548
549
switch (event) {
550
default:
551
case AVAHI_RESOLVER_FAILURE:
552
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
553
" type '%s' in domain '%s': %s\n", name, type, domain,
554
avahi_strerror(avahi_server_errno(server)));
555
break;
556
557
case AVAHI_RESOLVER_FOUND:
558
{
559
char ip[AVAHI_ADDRESS_STR_MAX];
560
avahi_address_snprint(ip, sizeof(ip), address);
561
if(debug){
562
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
563
" port %d\n", name, host_name, ip, port);
564
}
565
int ret = start_mandos_communication(ip, port,
566
(unsigned int) interface);
567
if (ret == 0){
568
exit(EXIT_SUCCESS);
569
}
510
570
}
511
avahi_s_service_resolver_free(r);
571
}
572
avahi_s_service_resolver_free(r);
512
573
}
513
574
514
575
static void browse_callback(
523
584
void* userdata) {
524
585
525
586
AvahiServer *s = userdata;
526
assert(b);
527
528
/* Called whenever a new services becomes available on the LAN or is removed from the LAN */
529
587
assert(b); /* Spurious warning */
588
589
/* Called whenever a new services becomes available on the LAN or
590
is removed from the LAN */
591
530
592
switch (event) {
531
532
case AVAHI_BROWSER_FAILURE:
533
534
fprintf(stderr, "(Browser) %s\n", avahi_strerror(avahi_server_errno(server)));
535
avahi_simple_poll_quit(simple_poll);
536
return;
537
538
case AVAHI_BROWSER_NEW:
539
/* We ignore the returned resolver object. In the callback
540
function we free it. If the server is terminated before
541
the callback function is called the server will free
542
the resolver for us. */
543
544
if (!(avahi_s_service_resolver_new(s, interface, protocol, name, type, domain, AVAHI_PROTO_INET6, 0, resolve_callback, s)))
545
fprintf(stderr, "Failed to resolve service '%s': %s\n", name, avahi_strerror(avahi_server_errno(s)));
546
547
break;
548
549
case AVAHI_BROWSER_REMOVE:
550
break;
551
552
case AVAHI_BROWSER_ALL_FOR_NOW:
553
case AVAHI_BROWSER_CACHE_EXHAUSTED:
554
break;
593
default:
594
case AVAHI_BROWSER_FAILURE:
595
596
fprintf(stderr, "(Browser) %s\n",
597
avahi_strerror(avahi_server_errno(server)));
598
avahi_simple_poll_quit(simple_poll);
599
return;
600
601
case AVAHI_BROWSER_NEW:
602
/* We ignore the returned resolver object. In the callback
603
function we free it. If the server is terminated before
604
the callback function is called the server will free
605
the resolver for us. */
606
607
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
608
type, domain,
609
AVAHI_PROTO_INET6, 0,
610
resolve_callback, s)))
611
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
612
avahi_strerror(avahi_server_errno(s)));
613
break;
614
615
case AVAHI_BROWSER_REMOVE:
616
break;
617
618
case AVAHI_BROWSER_ALL_FOR_NOW:
619
case AVAHI_BROWSER_CACHE_EXHAUSTED:
620
break;
555
621
}
556
622
}
557
623
624
/* combinds file name and path and returns the malloced new string. som sane checks could/should be added */
625
const char *combinepath(const char *first, const char *second){
626
char *tmp;
627
tmp = malloc(strlen(first) + strlen(second) + 2);
628
if (tmp == NULL){
629
perror("malloc");
630
return NULL;
631
}
632
strcpy(tmp, first);
633
if (first[0] != '\0' and first[strlen(first) - 1] != '/'){
634
strcat(tmp, "/");
635
}
636
strcat(tmp, second);
637
return tmp;
638
}
639
640
558
641
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
559
642
AvahiServerConfig config;
560
643
AvahiSServiceBrowser *sb = NULL;
561
644
int error;
562
645
int ret;
563
646
int returncode = EXIT_SUCCESS;
564
647
const char *interface = "eth0";
648
565
649
while (true){
566
650
static struct option long_options[] = {
567
651
{"debug", no_argument, (int *)&debug, 1},
568
652
{"interface", required_argument, 0, 'i'},
653
{"certdir", required_argument, 0, 'd'},
654
{"certkey", required_argument, 0, 'c'},
655
{"certfile", required_argument, 0, 'k'},
569
656
{0, 0, 0, 0} };
570
657
571
658
int option_index = 0;
572
ret = getopt_long (argc, argv, "i:", long_options, &option_index);
573
659
ret = getopt_long (argc, argv, "i:", long_options,
660
&option_index);
661
574
662
if (ret == -1){
575
663
break;
576
664
}
581
669
case 'i':
582
670
interface = optarg;
583
671
break;
672
case 'd':
673
certdir = optarg;
674
break;
675
case 'c':
676
certfile = optarg;
677
break;
678
case 'k':
679
certkey = optarg;
680
break;
584
681
default:
585
682
exit(EXIT_FAILURE);
586
683
}
587
684
}
685
686
certfile = combinepath(certdir, certfile);
687
if (certfile == NULL){
688
goto exit;
689
}
588
690
691
certkey = combinepath(certdir, certkey);
692
if (certkey == NULL){
693
goto exit;
694
}
695
589
696
if (not debug){
590
697
avahi_set_log_function(empty_log);
591
698
}
592
699
593
700
/* Initialize the psuedo-RNG */
594
srand(time(NULL));
701
srand((unsigned int) time(NULL));
595
702
596
703
/* Allocate main loop object */
597
704
if (!(simple_poll = avahi_simple_poll_new())) {
608
715
config.publish_domain = 0;
609
716
610
717
/* Allocate a new server */
611
server = avahi_server_new(avahi_simple_poll_get(simple_poll), &config, NULL, NULL, &error);
718
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
719
&config, NULL, NULL, &error);
612
720
613
721
/* Free the configuration data */
614
722
avahi_server_config_free(&config);
615
723
616
724
/* Check if creating the server object succeeded */
617
725
if (!server) {
618
fprintf(stderr, "Failed to create server: %s\n", avahi_strerror(error));
726
fprintf(stderr, "Failed to create server: %s\n",
727
avahi_strerror(error));
619
728
returncode = EXIT_FAILURE;
620
729
goto exit;
621
730
}
622
731
623
732
/* Create the service browser */
624
if (!(sb = avahi_s_service_browser_new(server, if_nametoindex("eth0"), AVAHI_PROTO_INET6, "_mandos._tcp", NULL, 0, browse_callback, server))) {
625
fprintf(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_server_errno(server)));
733
sb = avahi_s_service_browser_new(server,
734
(AvahiIfIndex)
735
if_nametoindex(interface),
736
AVAHI_PROTO_INET6,
737
"_mandos._tcp", NULL, 0,
738
browse_callback, server);
739
if (!sb) {
740
fprintf(stderr, "Failed to create service browser: %s\n",
741
avahi_strerror(avahi_server_errno(server)));
626
742
returncode = EXIT_FAILURE;
627
743
goto exit;
628
744
}
635
751
636
752
avahi_simple_poll_loop(simple_poll);
637
753
638
exit:
754
exit:
639
755
640
756
if (debug){
641
757
fprintf(stderr, "%s exiting\n", argv[0]);
650
766
651
767
if (simple_poll)
652
768
avahi_simple_poll_free(simple_poll);
653
769
free(certfile);
770
free(certkey);
771
654
772
return returncode;
655
773
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0