/mandos/trunk : revision 1331

233

int fprintf_plus(FILE *stream, const char *format, ...){

234

va_list ap;

235

va_start (ap, format);

236

237

TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",

238

program_invocation_short_name));

239

return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));

372

mandos_context *mc){

373

gpgme_error_t rc;

374

gpgme_engine_info_t engine_info;

375

376

/*

377

* Helper function to insert pub and seckey to the engine keyring.

378

*/

380

int ret;

381

int fd;

382

gpgme_data_t pgp_data;

383

384

fd = (int)TEMP_FAILURE_RETRY(open(filename, O_RDONLY));

385

if(fd == -1){

386

perror_plus("open");

387

return false;

388

}

389

390

/* Workaround for systems without a real-time clock; see also

391

Debian bug #894495: <https://bugs.debian.org/894495> */

392

do {

442

gpgme_strsource(rc), gpgme_strerror(rc));

443

return false;

444

}

445

446

rc = gpgme_op_import(mc->ctx, pgp_data);

447

if(rc != GPG_ERR_NO_ERROR){

448

fprintf_plus(stderr, "bad gpgme_op_import: %s: %s\n",

524

return false;

525

}

526

}

527

528

ret = close(fd);

529

if(ret == -1){

530

perror_plus("close");

532

gpgme_data_release(pgp_data);

533

return true;

534

}

535

536

if(debug){

537

fprintf_plus(stderr, "Initializing GPGME\n");

538

}

539

540

/* Init GPGME */

541

gpgme_check_version(NULL);

542

rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

545

gpgme_strsource(rc), gpgme_strerror(rc));

546

return false;

547

}

548

549

/* Set GPGME home directory for the OpenPGP engine only */

550

rc = gpgme_get_engine_info(&engine_info);

551

if(rc != GPG_ERR_NO_ERROR){

566

tempdir);

567

return false;

568

}

569

570

/* Create new GPGME "context" */

571

rc = gpgme_new(&(mc->ctx));

572

if(rc != GPG_ERR_NO_ERROR){

574

gpgme_strsource(rc), gpgme_strerror(rc));

575

return false;

576

}

577

578

if(not import_key(pubkey) or not import_key(seckey)){

579

return false;

580

}

581

582

return true;

583

}

584

596

ssize_t ret;

597

size_t plaintext_capacity = 0;

598

ssize_t plaintext_length = 0;

599

600

if(debug){

601

fprintf_plus(stderr, "Trying to decrypt OpenPGP data\n");

602

}

603

604

/* Create new GPGME data buffer from memory cryptotext */

605

rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,

606

0);

609

gpgme_strsource(rc), gpgme_strerror(rc));

610

return -1;

611

}

612

613

/* Create new empty GPGME data buffer for the plaintext */

614

rc = gpgme_data_new(&dh_plain);

615

if(rc != GPG_ERR_NO_ERROR){

618

gpgme_data_release(dh_crypto);

619

return -1;

620

}

621

622

/* Decrypt data from the cryptotext data buffer to the plaintext

623

data buffer */

624

rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);

654

}

655

goto decrypt_end;

656

}

657

658

if(debug){

659

fprintf_plus(stderr, "Decryption of OpenPGP data succeeded\n");

660

}

661

662

/* Seek back to the beginning of the GPGME plaintext data buffer */

663

if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){

664

perror_plus("gpgme_data_seek");

665

plaintext_length = -1;

666

goto decrypt_end;

667

}

668

669

*plaintext = NULL;

670

while(true){

671

plaintext_capacity = incbuffer(plaintext,

676

plaintext_length = -1;

677

goto decrypt_end;

678

}

679

680

ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,

681

BUFFER_SIZE);

682

/* Print the data, if any */

691

}

692

plaintext_length += ret;

693

}

694

695

if(debug){

696

fprintf_plus(stderr, "Decrypted password is: ");

697

for(ssize_t i = 0; i < plaintext_length; i++){

699

}

700

fprintf(stderr, "\n");

701

}

702

703

decrypt_end:

704

705

/* Delete the GPGME cryptotext data buffer */

706

gpgme_data_release(dh_crypto);

707

708

/* Delete the GPGME plaintext data buffer */

709

gpgme_data_release(dh_plain);

710

return plaintext_length;

736

const char *dhparamsfilename,

737

mandos_context *mc){

738

int ret;

739

740

if(debug){

741

fprintf_plus(stderr, "Initializing GnuTLS\n");

742

}

743

744

if(debug){

745

/* "Use a log level over 10 to enable all debugging options."

746

* - GnuTLS manual

748

gnutls_global_set_log_level(11);

749

gnutls_global_set_log_function(debuggnutls);

750

}

751

752

/* OpenPGP credentials */

753

ret = gnutls_certificate_allocate_credentials(&mc->cred);

754

if(ret != GNUTLS_E_SUCCESS){

756

safer_gnutls_strerror(ret));

757

return -1;

758

}

759

760

if(debug){

761

fprintf_plus(stderr, "Attempting to use public key %s and"

762

" private key %s as GnuTLS credentials\n",

763

pubkeyfilename,

764

seckeyfilename);

765

}

766

767

#if GNUTLS_VERSION_NUMBER >= 0x030606

768

ret = gnutls_certificate_set_rawpk_key_file

769

(mc->cred, pubkeyfilename, seckeyfilename,

791

safer_gnutls_strerror(ret));

792

goto globalfail;

793

}

794

795

/* GnuTLS server initialization */

796

ret = gnutls_dh_params_init(&mc->dh_params);

797

if(ret != GNUTLS_E_SUCCESS){

982

gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);

983

}

984

}

985

986

return 0;

987

988

globalfail:

989

990

gnutls_certificate_free_credentials(mc->cred);

991

gnutls_dh_params_deinit(mc->dh_params);

992

return -1;

1015

"Error in GnuTLS session initialization: %s\n",

1016

safer_gnutls_strerror(ret));

1017

}

1018

1019

{

1020

const char *err;

1021

do {

1033

return -1;

1034

}

1035

}

1036

1037

do {

1038

ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,

1039

mc->cred);

1048

gnutls_deinit(*session);

1049

return -1;

1050

}

1051

1052

/* ignore client certificate if any. */

1053

gnutls_certificate_server_set_request(*session, GNUTLS_CERT_IGNORE);

1054

1055

return 0;

1056

}

1057

1077

}

1078

return false;

1079

}

1080

1081

char interface[IF_NAMESIZE];

1082

if(if_indextoname((unsigned int)if_index, interface) == NULL){

1083

perror_plus("if_indextoname");

1084

return false;

1085

}

1086

1087

int devnull = (int)TEMP_FAILURE_RETRY(open("/dev/null", O_RDONLY));

1088

if(devnull == -1){

1089

perror_plus("open(\"/dev/null\", O_RDONLY)");

1249

gnutls_session_t session;

1250

int pf; /* Protocol family */

1251

bool route_added = false;

1252

1253

errno = 0;

1254

1255

if(quit_now){

1256

errno = EINTR;

1257

return -1;

1258

}

1259

1260

switch(af){

1261

case AF_INET6:

1262

pf = PF_INET6;

1269

errno = EINVAL;

1270

return -1;

1271

}

1272

1273

/* If the interface is specified and we have a list of interfaces */

1274

if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){

1275

/* Check if the interface is one of the interfaces we are using */

1302

return -1;

1303

}

1304

}

1305

1306

ret = init_gnutls_session(&session, mc);

1307

if(ret != 0){

1308

return -1;

1309

}

1310

1311

if(debug){

1312

fprintf_plus(stderr, "Setting up a TCP connection to %s, port %"

1313

PRIuMAX "\n", ip, (uintmax_t)port);

1314

}

1315

1316

tcp_sd = socket(pf, SOCK_STREAM | SOCK_CLOEXEC, 0);

1317

if(tcp_sd < 0){

1318

int e = errno;

1320

errno = e;

1321

goto mandos_end;

1322

}

1323

1324

if(quit_now){

1325

errno = EINTR;

1326

goto mandos_end;

1327

}

1328

1329

if(af == AF_INET6){

1330

struct sockaddr_in6 *to6 = (struct sockaddr_in6 *)&to;

1331

*to6 = (struct sockaddr_in6){ .sin6_family = (sa_family_t)af };

1363

} else {

1364

((struct sockaddr_in *)&to)->sin_port = htons(port);

1365

}

1366

1367

if(quit_now){

1368

errno = EINTR;

1369

goto mandos_end;

1370

}

1371

1372

if(debug){

1373

if(af == AF_INET6 and if_index != AVAHI_IF_UNSPEC){

1374

char interface[IF_NAMESIZE];

1403

fprintf_plus(stderr, "Canonical address form: %s\n", addrstr);

1404

}

1405

}

1406

1407

if(quit_now){

1408

errno = EINTR;

1409

goto mandos_end;

1410

}

1411

1412

while(true){

1413

if(af == AF_INET6){

1414

ret = connect(tcp_sd, (struct sockaddr *)&to,

1435

connect to a Mandos server announced by Avahi on a server

1436

host with a global address. Work around this by retrying

1437

with an explicit route added with the server's address.

1438

1439

Avahi bug reference:

1440

https://lists.freedesktop.org/archives/avahi/2010-February/001833.html

1441

https://bugs.debian.org/587961

1458

}

1459

goto mandos_end;

1460

}

1461

1462

if(quit_now){

1463

errno = EINTR;

1464

goto mandos_end;

1465

}

1466

break;

1467

}

1468

1469

const char *out = mandos_protocol_version;

1470

written = 0;

1471

while(true){

1489

break;

1490

}

1491

}

1492

1493

if(quit_now){

1494

errno = EINTR;

1495

goto mandos_end;

1496

}

1497

}

1498

1499

if(debug){

1500

fprintf_plus(stderr, "Establishing TLS session with %s\n", ip);

1501

}

1502

1503

if(quit_now){

1504

errno = EINTR;

1505

goto mandos_end;

1506

}

1507

1508

/* This casting via intptr_t is to eliminate warning about casting

1509

an int to a pointer type. This is exactly how the Guile-GnuTLS

1510

function "set-session-transport-fd!" does it. */

1511

gnutls_transport_set_ptr(session,

1512

(gnutls_transport_ptr_t)(intptr_t)tcp_sd);

1513

1514

if(quit_now){

1515

errno = EINTR;

1516

goto mandos_end;

1517

}

1518

1519

do {

1520

ret = gnutls_handshake(session);

1521

if(quit_now){

1523

goto mandos_end;

1524

}

1525

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

1526

1527

if(ret != GNUTLS_E_SUCCESS){

1528

if(debug){

1529

fprintf_plus(stderr, "*** GnuTLS Handshake failed ***\n");

1532

errno = EPROTO;

1533

goto mandos_end;

1534

}

1535

1536

/* Read OpenPGP packet that contains the wanted password */

1537

1538

if(debug){

1539

fprintf_plus(stderr, "Retrieving OpenPGP encrypted password from"

1540

" %s\n", ip);

1541

}

1542

1543

while(true){

1544

1545

if(quit_now){

1546

errno = EINTR;

1547

goto mandos_end;

1548

}

1549

1550

buffer_capacity = incbuffer(&buffer, buffer_length,

1551

buffer_capacity);

1552

if(buffer_capacity == 0){

1555

errno = e;

1556

goto mandos_end;

1557

}

1558

1559

if(quit_now){

1560

errno = EINTR;

1561

goto mandos_end;

1562

}

1563

1564

sret = gnutls_record_recv(session, buffer+buffer_length,

1565

BUFFER_SIZE);

1566

if(sret == 0){

1574

case GNUTLS_E_REHANDSHAKE:

1575

do {

1576

ret = gnutls_handshake(session);

1577

1578

if(quit_now){

1579

errno = EINTR;

1580

goto mandos_end;

1599

buffer_length += (size_t) sret;

1600

}

1601

}

1602

1603

if(debug){

1604

fprintf_plus(stderr, "Closing TLS session\n");

1605

}

1606

1607

if(quit_now){

1608

errno = EINTR;

1609

goto mandos_end;

1610

}

1611

1612

do {

1613

ret = gnutls_bye(session, GNUTLS_SHUT_RDWR);

1614

if(quit_now){

1616

goto mandos_end;

1617

}

1618

} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);

1619

1620

if(buffer_length > 0){

1621

ssize_t decrypted_buffer_size;

1622

decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,

1623

&decrypted_buffer, mc);

1624

if(decrypted_buffer_size >= 0){

1625

1626

clearerr(stdout);

1627

written = 0;

1628

while(written < (size_t) decrypted_buffer_size){

1630

errno = EINTR;

1631

goto mandos_end;

1632

}

1633

1634

ret = (int)fwrite(decrypted_buffer + written, 1,

1635

(size_t)decrypted_buffer_size - written,

1636

stdout);

1658

retval = 0;

1659

}

1660

}

1661

1662

/* Shutdown procedure */

1663

1664

mandos_end:

1665

{

1666

if(route_added){

1708

if(r == NULL){

1709

return;

1710

}

1711

1712

/* Called whenever a service has been resolved successfully or

1713

timed out */

1714

1715

if(quit_now){

1716

avahi_s_service_resolver_free(r);

1717

return;

1718

}

1719

1720

switch(event){

1721

default:

1722

case AVAHI_RESOLVER_FAILURE:

1726

avahi_strerror(avahi_server_errno

1727

(((mandos_context*)mc)->server)));

1728

break;

1729

1730

case AVAHI_RESOLVER_FOUND:

1731

{

1732

char ip[AVAHI_ADDRESS_STR_MAX];

1768

if(b == NULL){

1769

return;

1770

}

1771

1772

/* Called whenever a new services becomes available on the LAN or

1773

is removed from the LAN */

1774

1775

if(quit_now){

1776

return;

1777

}

1778

1779

switch(event){

1780

default:

1781

case AVAHI_BROWSER_FAILURE:

1782

1783

fprintf_plus(stderr, "(Avahi browser) %s\n",

1784

avahi_strerror(avahi_server_errno

1785

(((mandos_context*)mc)->server)));

1786

avahi_simple_poll_quit(simple_poll);

1787

return;

1788

1789

case AVAHI_BROWSER_NEW:

1790

/* We ignore the returned Avahi resolver object. In the callback

1791

function we free it. If the Avahi server is terminated before

1792

the callback function is called the Avahi server will free the

1793

resolver for us. */

1794

1795

if(avahi_s_service_resolver_new(((mandos_context*)mc)->server,

1796

interface, protocol, name, type,

1797

domain, protocol, 0,

1801

avahi_strerror(avahi_server_errno

1802

(((mandos_context*)mc)->server)));

1803

break;

1804

1805

case AVAHI_BROWSER_REMOVE:

1806

break;

1807

1808

case AVAHI_BROWSER_ALL_FOR_NOW:

1809

case AVAHI_BROWSER_CACHE_EXHAUSTED:

1810

if(debug){

1834

bool get_flags(const char *ifname, struct ifreq *ifr){

1835

int ret;

1836

int old_errno;

1837

1838

int s = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

1839

if(s < 0){

1840

old_errno = errno;

1868

1869

__attribute__((nonnull, warn_unused_result))

1870

bool good_flags(const char *ifname, const struct ifreq *ifr){

1871

1872

/* Reject the loopback device */

1873

if(ifr->ifr_flags & IFF_LOOPBACK){

1874

if(debug){

1901

}

1902

return false;

1903

}

1904

1905

/* Accept this device */

1906

if(debug){

1907

fprintf_plus(stderr, "Interface \"%s\" is good\n", ifname);

1919

if(if_entry->d_name[0] == '.'){

1920

return 0;

1921

}

1922

1923

struct ifreq ifr;

1924

if(not get_flags(if_entry->d_name, &ifr)){

1925

if(debug){

1928

}

1929

return 0;

1930

}

1931

1932

if(not good_flags(if_entry->d_name, &ifr)){

1933

return 0;

1934

}

1948

}

1949

return false;

1950

}

1951

1952

return (bool)(ifr.ifr_flags & IFF_UP);

1953

}

1954

1965

}

1966

return false;

1967

}

1968

1969

return (bool)(ifr.ifr_flags & IFF_RUNNING);

1970

}

1971

1987

int ret;

1988

size_t sret;

1989

struct stat st;

1990

1991

if((direntry->d_name)[0] == '\0'){

1992

/* Empty name? */

1993

return 0;

1994

}

1995

1996

sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"

1997

"abcdefghijklmnopqrstuvwxyz"

1998

"0123456789"

2005

}

2006

return 0;

2007

}

2008

2009

ret = fstatat(hookdir_fd, direntry->d_name, &st, 0);

2010

if(ret == -1){

2011

if(debug){

2043

struct timespec now;

2044

struct timespec waited_time;

2045

intmax_t block_time;

2046

2047

while(true){

2048

if(mc->current_server == NULL){

2049

if(debug){

2074

block_time = ((retry_interval

2075

- ((intmax_t)waited_time.tv_sec * 1000))

2076

- ((intmax_t)waited_time.tv_nsec / 1000000));

2077

2078

if(debug){

2079

fprintf_plus(stderr, "Blocking for %" PRIdMAX " ms\n",

2080

block_time);

2081

}

2082

2083

if(block_time <= 0){

2084

ret = start_mandos_communication(mc->current_server->ip,

2085

mc->current_server->port,

2099

block_time = 0; /* Call avahi to find new Mandos

2100

servers, but don't block */

2101

}

2102

2103

ret = avahi_simple_poll_iterate(s, (int)block_time);

2104

}

2105

if(ret != 0){

2303

errno = old_errno;

2304

return ENXIO;

2305

}

2306

2307

if(quit_now){

2308

errno = old_errno;

2309

return EINTR;

2310

}

2311

2312

if(not interface_is_up(interface)){

2313

int ret_errno = 0;

2314

int ioctl_errno = 0;

2320

return ret_errno;

2321

}

2322

network.ifr_flags |= IFF_UP; /* set flag */

2323

2324

int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

2325

if(sd == -1){

2326

ret_errno = errno;

2328

errno = old_errno;

2329

return ret_errno;

2330

}

2331

2332

if(quit_now){

2333

ret = close(sd);

2334

if(ret == -1){

2337

errno = old_errno;

2338

return EINTR;

2339

}

2340

2341

if(debug){

2342

fprintf_plus(stderr, "Bringing up interface \"%s\"\n",

2343

interface);

2344

}

2345

2346

/* Raise privileges */

2347

ret_errno = raise_privileges();

2348

if(ret_errno != 0){

2349

errno = ret_errno;

2350

perror_plus("Failed to raise privileges");

2351

}

2352

2353

#ifdef __linux__

2354

int ret_linux;

2355

bool restore_loglevel = false;

2374

}

2375

}

2376

#endif /* __linux__ */

2377

2378

/* If raise_privileges() succeeded above */

2379

if(ret_errno == 0){

2380

/* Lower privileges */

2384

perror_plus("Failed to lower privileges");

2385

}

2386

}

2387

2388

/* Close the socket */

2389

ret = close(sd);

2390

if(ret == -1){

2391

perror_plus("close");

2392

}

2393

2394

if(ret_setflags == -1){

2395

errno = ioctl_errno;

2396

perror_plus("ioctl SIOCSIFFLAGS +IFF_UP");

2401

fprintf_plus(stderr, "Interface \"%s\" is already up; good\n",

2402

interface);

2403

}

2404

2405

/* Sleep checking until interface is running.

2406

Check every 0.25s, up to total time of delay */

2407

for(int i = 0; i < delay * 4; i++){

2414

perror_plus("nanosleep");

2415

}

2416

}

2417

2418

errno = old_errno;

2419

return 0;

2420

}

2440

return ret_errno;

2441

}

2442

network.ifr_flags &= ~(short)IFF_UP; /* clear flag */

2443

2444

int sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);

2445

if(sd == -1){

2446

ret_errno = errno;

2448

errno = old_errno;

2449

return ret_errno;

2450

}

2451

2452

if(debug){

2453

fprintf_plus(stderr, "Taking down interface \"%s\"\n",

2454

interface);

2455

}

2456

2457

/* Raise privileges */

2458

ret_errno = raise_privileges();

2459

if(ret_errno != 0){

2460

errno = ret_errno;

2461

perror_plus("Failed to raise privileges");

2462

}

2463

2464

int ret_setflags = ioctl(sd, SIOCSIFFLAGS, &network);

2465

ioctl_errno = errno;

2466

2467

/* If raise_privileges() succeeded above */

2468

if(ret_errno == 0){

2469

/* Lower privileges */

2473

perror_plus("Failed to lower privileges");

2474

}

2475

}

2476

2477

/* Close the socket */

2478

int ret = close(sd);

2479

if(ret == -1){

2480

perror_plus("close");

2481

}

2482

2483

if(ret_setflags == -1){

2484

errno = ioctl_errno;

2485

perror_plus("ioctl SIOCSIFFLAGS -IFF_UP");

2490

fprintf_plus(stderr, "Interface \"%s\" is already down; odd\n",

2491

interface);

2492

}

2493

2494

errno = old_errno;

2495

return 0;

2496

}

2529

#endif

2530

const char *dh_params_file = NULL;

2531

char *interfaces_hooks = NULL;

2532

2533

bool gnutls_initialized = false;

2534

bool gpgme_initialized = false;

2535

float delay = 2.5f;

2536

double retry_interval = 10; /* 10s between trying a server and

2537

retrying the same server again */

2538

2539

struct sigaction old_sigterm_action = { .sa_handler = SIG_DFL };

2540

struct sigaction sigterm_action = { .sa_handler = handle_sigterm };

2541

2542

uid = getuid();

2543

gid = getgid();

2544

2545

/* Lower any group privileges we might have, just to be safe */

2546

errno = 0;

2547

ret = setgid(gid);

2548

if(ret == -1){

2549

perror_plus("setgid");

2550

}

2551

2552

/* Lower user privileges (temporarily) */

2553

errno = 0;

2554

ret = seteuid(uid);

2555

if(ret == -1){

2556

perror_plus("seteuid");

2557

}

2558

2559

if(quit_now){

2560

goto end;

2561

}

2562

2563

{

2564

struct argp_option options[] = {

2565

{ .name = "debug", .key = 128,

2634

.doc = "Print program version", .group = -1 },

2635

{ .name = NULL }

2636

};

2637

2638

error_t parse_opt(int key, char *arg,

2639

struct argp_state *state){

2640

errno = 0;

2722

}

2723

return errno;

2724

}

2725

2726

struct argp argp = { .options = options, .parser = parse_opt,

2727

.args_doc = "",

2728

.doc = "Mandos client -- Get and decrypt"

2743

goto end;

2744

}

2745

}

2746

2747

{

2748

/* Re-raise privileges */

2749

ret = raise_privileges();

2752

perror_plus("Failed to raise privileges");

2753

} else {

2754

struct stat st;

2755

2756

/* Work around Debian bug #633582:

2757

<https://bugs.debian.org/633582> */

2758

2776

close(seckey_fd);

2777

}

2778

}

2779

2780

if(strcmp(pubkey, PATHDIR "/" PUBKEY) == 0){

2781

int pubkey_fd = open(pubkey, O_RDONLY);

2782

if(pubkey_fd == -1){

2797

close(pubkey_fd);

2798

}

2799

}

2800

2801

if(dh_params_file != NULL

2802

and strcmp(dh_params_file, PATHDIR "/dhparams.pem" ) == 0){

2803

int dhparams_fd = open(dh_params_file, O_RDONLY);

2819

close(dhparams_fd);

2820

}

2821

}

2822

2823

/* Work around Debian bug #981302

2824

<https://bugs.debian.org/981302> */

2825

if(lstat("/dev/fd", &st) != 0 and errno == ENOENT){

2837

}

2838

}

2839

}

2840

2841

/* Remove invalid interface names (except "none") */

2842

{

2843

char *interface = NULL;

2854

}

2855

}

2856

}

2857

2858

/* Run network hooks */

2859

{

2860

if(mc.interfaces != NULL){

2869

run_network_hooks("start", interfaces_hooks != NULL ?

2870

interfaces_hooks : "", delay);

2871

}

2872

2873

if(not debug){

2874

avahi_set_log_function(empty_log);

2875

}

2876

2877

/* Initialize Avahi early so avahi_simple_poll_quit() can be called

2878

from the signal handler */

2879

/* Initialize the pseudo-RNG for Avahi */

2885

exitcode = EX_UNAVAILABLE;

2886

goto end;

2887

}

2888

2889

sigemptyset(&sigterm_action.sa_mask);

2890

ret = sigaddset(&sigterm_action.sa_mask, SIGINT);

2891

if(ret == -1){

2948

goto end;

2949

}

2950

}

2951

2952

/* If no interfaces were specified, make a list */

2953

if(mc.interfaces == NULL){

2954

struct dirent **direntries = NULL;

2982

goto end;

2983

}

2984

}

2985

2986

/* Bring up interfaces which are down, and remove any "none"s */

2987

{

2988

char *interface = NULL;

3024

fprintf_plus(stderr, "No interfaces were brought up\n");

3025

}

3026

}

3027

3028

/* If we only got one interface, explicitly use only that one */

3029

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

3030

if(debug){

3033

}

3034

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

3035

}

3036

3037

if(quit_now){

3038

goto end;

3039

}

3040

3041

#if GNUTLS_VERSION_NUMBER >= 0x030606

3042

ret = init_gnutls_global(tls_pubkey, tls_privkey, dh_params_file, &mc);

3043

#elif GNUTLS_VERSION_NUMBER < 0x030600

3052

} else {

3053

gnutls_initialized = true;

3054

}

3055

3056

if(quit_now){

3057

goto end;

3058

}

3059

3060

/* Try /run/tmp before /tmp */

3061

tempdir = mkdtemp(run_tempdir);

3062

if(tempdir == NULL and errno == ENOENT){

3070

perror_plus("mkdtemp");

3071

goto end;

3072

}

3073

3074

if(quit_now){

3075

goto end;

3076

}

3077

3078

if(not init_gpgme(pubkey, seckey, tempdir, &mc)){

3079

fprintf_plus(stderr, "init_gpgme failed\n");

3080

exitcode = EX_UNAVAILABLE;

3082

} else {

3083

gpgme_initialized = true;

3084

}

3085

3086

if(quit_now){

3087

goto end;

3088

}

3089

3090

if(connect_to != NULL){

3091

/* Connect directly, do not use Zeroconf */

3092

/* (Mainly meant for debugging) */

3093

char *address = strrchr(connect_to, ':');

3094

3095

if(address == NULL){

3096

fprintf_plus(stderr, "No colon in address\n");

3097

exitcode = EX_USAGE;

3098

goto end;

3099

}

3100

3101

if(quit_now){

3102

goto end;

3103

}

3104

3105

in_port_t port;

3106

errno = 0;

3107

tmpmax = strtoimax(address+1, &tmp, 10);

3111

exitcode = EX_USAGE;

3112

goto end;

3113

}

3114

3115

if(quit_now){

3116

goto end;

3117

}

3118

3119

port = (in_port_t)tmpmax;

3120

*address = '\0';

3121

/* Colon in address indicates IPv6 */

3132

af = AF_INET;

3133

}

3134

address = connect_to;

3135

3136

if(quit_now){

3137

goto end;

3138

}

3139

3140

while(not quit_now){

3141

ret = start_mandos_communication(address, port, if_index, af,

3142

&mc);

3149

}

3150

sleep((unsigned int)retry_interval);

3151

}

3152

3153

if(not quit_now){

3154

exitcode = EXIT_SUCCESS;

3155

}

3156

3157

goto end;

3158

}

3159

3160

if(quit_now){

3161

goto end;

3162

}

3163

3164

{

3165

AvahiServerConfig config;

3166

/* Do not publish any local Zeroconf records */

3169

config.publish_addresses = 0;

3170

config.publish_workstation = 0;

3171

config.publish_domain = 0;

3172

3173

/* Allocate a new server */

3174

mc.server = avahi_server_new(avahi_simple_poll_get(simple_poll),

3175

&config, NULL, NULL, &ret);

3176

3177

/* Free the Avahi configuration data */

3178

avahi_server_config_free(&config);

3179

}

3180

3181

/* Check if creating the Avahi server object succeeded */

3182

if(mc.server == NULL){

3183

fprintf_plus(stderr, "Failed to create Avahi server: %s\n",

3185

exitcode = EX_UNAVAILABLE;

3186

goto end;

3187

}

3188

3189

if(quit_now){

3190

goto end;

3191

}

3192

3193

/* Create the Avahi service browser */

3194

sb = avahi_s_service_browser_new(mc.server, if_index,

3195

AVAHI_PROTO_UNSPEC, "_mandos._tcp",

3201

exitcode = EX_UNAVAILABLE;

3202

goto end;

3203

}

3204

3205

if(quit_now){

3206

goto end;

3207

}

3208

3209

/* Run the main loop */

3210

3211

if(debug){

3212

fprintf_plus(stderr, "Starting Avahi loop search\n");

3213

}

3214

3215

ret = avahi_loop_with_timeout(simple_poll,

3216

(int)(retry_interval * 1000), &mc);

3217

if(debug){

3218

fprintf_plus(stderr, "avahi_loop_with_timeout exited %s\n",

3219

(ret == 0) ? "successfully" : "with error");

3220

}

3221

3222

end:

3223

3224

if(debug){

3225

if(signal_received){

3226

fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",

3230

fprintf_plus(stderr, "%s exiting\n", argv[0]);

3231

}

3232

}

3233

3234

/* Cleanup things */

3235

free(mc.interfaces);

3236

3237

if(sb != NULL)

3238

avahi_s_service_browser_free(sb);

3239

3240

if(mc.server != NULL)

3241

avahi_server_free(mc.server);

3242

3243

if(simple_poll != NULL)

3244

avahi_simple_poll_free(simple_poll);

3245

3246

if(gnutls_initialized){

3247

gnutls_certificate_free_credentials(mc.cred);

3248

gnutls_dh_params_deinit(mc.dh_params);

3249

}

3250

3251

if(gpgme_initialized){

3252

gpgme_release(mc.ctx);

3253

}

3254

3255

/* Cleans up the circular linked list of Mandos servers the client

3256

has seen */

3257

if(mc.current_server != NULL){

3270

mc.current_server = next;

3271

}

3272

}

3273

3274

/* Re-raise privileges */

3275

{

3276

ret = raise_privileges();

3278

errno = ret;

3279

perror_plus("Failed to raise privileges");

3280

} else {

3281

3282

/* Run network hooks */

3283

run_network_hooks("stop", interfaces_hooks != NULL ?

3284

interfaces_hooks : "", delay);

3285

3286

/* Take down the network interfaces which were brought up */

3287

{

3288

char *interface = NULL;

3301

}

3302

}

3303

}

3304

3305

ret = lower_privileges_permanently();

3306

if(ret != 0){

3307

errno = ret;

3308

perror_plus("Failed to lower privileges permanently");

3309

}

3310

}

3311

3312

free(interfaces_to_take_down);

3313

free(interfaces_hooks);

3314

3315

void clean_dir_at(int base, const char * const dirname,

3316

uintmax_t level){

3317

struct dirent **direntries = NULL;

3338

if(errno == EISDIR){

3339

dret = unlinkat(dir_fd, direntries[i]->d_name,

3340

AT_REMOVEDIR);

3341

}

3341

}

3342

if((dret == -1) and (errno == ENOTEMPTY)

3343

and (strcmp(direntries[i]->d_name, "private-keys-v1.d")

3344

== 0) and (level == 0)){

3353

}

3354

free(direntries[i]);

3355

}

3356

3357

/* need to clean even if 0 because man page doesn't specify */

3358

free(direntries);

3359

dret = unlinkat(base, dirname, AT_REMOVEDIR);

3365

}

3366

close(dir_fd);

3367

}

3368

3369

/* Removes the GPGME temp directory and all files inside */

3370

if(tempdir != NULL){

3371

clean_dir_at(-1, tempdir, 0);

3372

}

3373

3374

if(quit_now){

3375

sigemptyset(&old_sigterm_action.sa_mask);

3376

old_sigterm_action.sa_handler = SIG_DFL;

3389

}

3390

TEMP_FAILURE_RETRY(pause());

3391

}

3392

3393

return exitcode;

3394

}