=== modified file 'TODO' --- TODO 2008-08-14 02:24:59 +0000 +++ TODO 2008-08-14 21:03:26 +0000 @@ -56,7 +56,6 @@ Create this section *** SEE ALSO Refer to mandos-client(8mandos) and password-prompt(8mandos) -** Use asprintf instead of malloc and memcpy? ** IPv4 support ** use strsep instead of strtok? ** Do not depend on GnuPG key rings on disk === modified file 'mandos' --- mandos 2008-08-10 16:13:23 +0000 +++ mandos 2008-08-14 21:03:26 +0000 @@ -119,17 +119,18 @@ self.domain = domain self.host = host self.rename_count = 0 + self.max_renames = max_renames def rename(self): """Derived from the Avahi example code""" if self.rename_count >= self.max_renames: logger.critical(u"No suitable service name found after %i" u" retries, exiting.", rename_count) raise AvahiServiceError("Too many renames") - name = server.GetAlternativeServiceName(name) - logger.error(u"Changing name to %r ...", name) + self.name = server.GetAlternativeServiceName(self.name) + logger.info(u"Changing name to %r ...", str(self.name)) syslogger.setFormatter(logging.Formatter\ ('Mandos (%s): %%(levelname)s:' - ' %%(message)s' % name)) + ' %%(message)s' % self.name)) self.remove() self.add() self.rename_count += 1 === modified file 'plugins.d/password-request.c' --- plugins.d/password-request.c 2008-08-12 16:29:05 +0000 +++ plugins.d/password-request.c 2008-08-14 21:03:26 +0000 @@ -32,17 +32,17 @@ #define _LARGEFILE_SOURCE #define _FILE_OFFSET_BITS 64 -#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */ +#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */ -#include /* fprintf(), stderr, fwrite(), stdout, - ferror() */ +#include /* fprintf(), stderr, fwrite(), + stdout, ferror() */ #include /* uint16_t, uint32_t */ #include /* NULL, size_t, ssize_t */ #include /* free(), EXIT_SUCCESS, EXIT_FAILURE, srand() */ #include /* bool, true */ #include /* memset(), strcmp(), strlen(), - strerror(), memcpy(), strcpy() */ + strerror(), asprintf(), strcpy() */ #include /* ioctl */ #include /* socket(), inet_pton(), sockaddr, sockaddr_in6, PF_INET6, @@ -81,7 +81,8 @@ #include /* GnuTLS */ -#include /* All GnuTLS types, constants and functions +#include /* All GnuTLS types, constants and + functions: gnutls_* init_gnutls_session(), GNUTLS_* */ @@ -89,7 +90,8 @@ GNUTLS_OPENPGP_FMT_BASE64 */ /* GPGME */ -#include /* All GPGME types, constants and functions +#include /* All GPGME types, constants and + functions: gpgme_* GPGME_PROTOCOL_OpenPGP, GPG_ERR_NO_* */ @@ -313,8 +315,8 @@ } static int init_gnutls_global(mandos_context *mc, - const char *pubkeyfile, - const char *seckeyfile){ + const char *pubkeyfilename, + const char *seckeyfilename){ int ret; if(debug){ @@ -347,16 +349,17 @@ if(debug){ fprintf(stderr, "Attempting to use OpenPGP certificate %s" - " and keyfile %s as GnuTLS credentials\n", pubkeyfile, - seckeyfile); + " and keyfile %s as GnuTLS credentials\n", pubkeyfilename, + seckeyfilename); } ret = gnutls_certificate_set_openpgp_key_file - (mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64); + (mc->cred, pubkeyfilename, seckeyfilename, + GNUTLS_OPENPGP_FMT_BASE64); if (ret != GNUTLS_E_SUCCESS) { fprintf(stderr, "Error[%d] while reading the OpenPGP key pair ('%s'," - " '%s')\n", ret, pubkeyfile, seckeyfile); + " '%s')\n", ret, pubkeyfilename, seckeyfilename); fprintf(stdout, "The GnuTLS error is: %s\n", safer_gnutls_strerror(ret)); goto globalfail; @@ -472,7 +475,7 @@ fprintf(stderr, "Binding to interface %s\n", interface); } - memset(&to,0,sizeof(to)); /* Spurious warning */ + memset(&to, 0, sizeof(to)); /* Spurious warning */ to.in6.sin6_family = AF_INET6; /* It would be nice to have a way to detect if we were passed an IPv4 address here. Now we assume an IPv6 address. */ @@ -742,21 +745,12 @@ /* Combines file name and path and returns the malloced new string. some sane checks could/should be added */ -static const char *combinepath(const char *first, const char *second){ - size_t f_len = strlen(first); - size_t s_len = strlen(second); - char *tmp = malloc(f_len + s_len + 2); - if (tmp == NULL){ +static char *combinepath(const char *first, const char *second){ + char *tmp; + int ret = asprintf(&tmp, "%s/%s", first, second); + if(ret < 0){ return NULL; } - if(f_len > 0){ - memcpy(tmp, first, f_len); /* Spurious warning */ - } - tmp[f_len] = '/'; - if(s_len > 0){ - memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */ - } - tmp[f_len + 1 + s_len] = '\0'; return tmp; } @@ -773,8 +767,10 @@ gid_t gid; char *connect_to = NULL; AvahiIfIndex if_index = AVAHI_IF_UNSPEC; - const char *pubkeyfile = "pubkey.txt"; - const char *seckeyfile = "seckey.txt"; + char *pubkeyfilename = NULL; + char *seckeyfilename = NULL; + const char *pubkeyname = "pubkey.txt"; + const char *seckeyname = "seckey.txt"; mandos_context mc = { .simple_poll = NULL, .server = NULL, .dh_bits = 1024, .priority = "SECURE256"}; bool gnutls_initalized = false; @@ -832,10 +828,10 @@ keydir = arg; break; case 's': - seckeyfile = arg; + seckeyname = arg; break; case 'p': - pubkeyfile = arg; + pubkeyname = arg; break; case 129: errno = 0; @@ -870,21 +866,21 @@ } } - pubkeyfile = combinepath(keydir, pubkeyfile); - if (pubkeyfile == NULL){ + pubkeyfilename = combinepath(keydir, pubkeyname); + if (pubkeyfilename == NULL){ perror("combinepath"); exitcode = EXIT_FAILURE; goto end; } - seckeyfile = combinepath(keydir, seckeyfile); - if (seckeyfile == NULL){ + seckeyfilename = combinepath(keydir, seckeyname); + if (seckeyfilename == NULL){ perror("combinepath"); exitcode = EXIT_FAILURE; goto end; } - ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile); + ret = init_gnutls_global(&mc, pubkeyfilename, seckeyfilename); if (ret == -1){ fprintf(stderr, "init_gnutls_global failed\n"); exitcode = EXIT_FAILURE; @@ -1043,8 +1039,8 @@ if (mc.simple_poll != NULL) avahi_simple_poll_free(mc.simple_poll); - free(pubkeyfile); - free(seckeyfile); + free(pubkeyfilename); + free(seckeyfilename); if (gnutls_initalized){ gnutls_certificate_free_credentials(mc.cred);