/mandos/trunk : revision 21

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandosclient.c

Committer: Teddy Hogeborn
Date: 2008-07-21 15:34:44 UTC
Revision ID: teddy@fukt.bsnet.se-20080721153444-lugbjkj1oq65ugq3

* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
                     $(LANGUAGE).
  (WARN, DEBUG, COVERAGE, LANGUAGE): New.
  (LDFLAGS): New; use $(COVERAGE)

* plugbasedclient.c: Added copyright header.
  (process.buffer_size, process.buffer_length): Changed to "size_t".
  (main): Cast arguments to malloc and realloc.  Detect read errors
          from processes.

* mandosclient.c: Added copyright header.
  (interface): Moved to inside "main".
  (gpg_packet_decrypt): Renamed to "pgp_packet_decrypt"; all callers
                        changed.  Changed "new_packet_capacity" and
                        "new_packet_length" to be ssize_t.  Cast
                        arguments to realloc.
  (debuggnutls): Attribute "level" argument as unused.
  (empty_log): Attribute "level" and "txt" arguments as unused.
  (start_mandos_communication): New argument "if_index".  Bug fix:
                                check ret, no tcp_sd, for errors from
                                setsockopt.  Use "if_index" directly
                                instead of looking up the index.  Loop
                                around fwrite until all data is written.
  (resolve_callback): Attribute "txt", and "flags" as usused.  Added
                      default case to switch.  Also show server host
                      name.  Call start_mandos_communication with
                      "interface".
  (browse_callback): Added default case to switch.
  (main): Variable "interface" moved here.  Cast "srand" argument.
          Bug fix: Call avahi_s_service_browser_new with index of
          "interface", not "eth0".

* passprompt.c: Added copyright header.
  (termination_handler): Attribute "signum" argument as unused.

files removed:
plugins.d/Makefile

files modified:
Makefile

plugbasedclient.c

plugins.d/mandosclient.c

plugins.d/passprompt.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandosclient.c

/* $Id$ */

/* PLEASE NOTE *

* This file demonstrates how to use Avahi's core API, this is

* the embeddable mDNS stack for embedded applications.

/* -*- coding: utf-8 -*- */

* Mandos client - get and decrypt data from a Mandos server

* End user applications should *not* use this API and should use

* the D-Bus or C APIs, please see

* client-browse-services.c and glib-integration.c

* I repeat, you probably do *not* want to use this example.

* This program is partly derived from an example program for an Avahi

* service browser, downloaded from

* <http://avahi.org/browser/examples/core-browse-services.c>. This

* includes the following functions: "resolve_callback",

* "browse_callback", and parts of "main".

* Påhlsson.

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

/***

This file is part of avahi.

avahi is free software; you can redistribute it and/or modify it

under the terms of the GNU Lesser General Public License as

published by the Free Software Foundation; either version 2.1 of the

License, or (at your option) any later version.

avahi is distributed in the hope that it will be useful, but WITHOUT

ANY WARRANTY; without even the implied warranty of MERCHANTABILITY

or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General

Public License for more details.

You should have received a copy of the GNU Lesser General Public

License along with avahi; if not, write to the Free Software

Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307

USA.

***/

#define _FORTIFY_SOURCE 2

#define _LARGEFILE_SOURCE

#define _FILE_OFFSET_BITS 64

#include <avahi-common/error.h>

//mandos client part

#include <sys/types.h> /* socket(), setsockopt(), inet_pton() */

#include <sys/socket.h> /* socket(), setsockopt(), struct sockaddr_in6, struct in6_addr, inet_pton() */

#include <gnutls/gnutls.h> /* ALL GNUTLS STUFF */

#include <gnutls/openpgp.h> /* gnutls with openpgp stuff */

#include <sys/types.h> /* socket(), setsockopt(),

inet_pton() */

#include <sys/socket.h> /* socket(), setsockopt(),

struct sockaddr_in6,

struct in6_addr, inet_pton() */

#include <gnutls/gnutls.h> /* All GnuTLS stuff */

#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */

#include <unistd.h> /* close() */

#include <netinet/in.h>

#include <errno.h> /* perror() */

#include <gpgme.h>

// getopt long

#include <getopt.h>

#ifndef CERT_ROOT

#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"

#define BUFFER_SIZE 256

#define DH_BITS 1024

bool debug = false;

typedef struct {

gnutls_session_t session;

gnutls_certificate_credentials_t cred;

} encrypted_session;

ssize_t gpg_packet_decrypt (char *packet, size_t packet_size, char **new_packet, char *homedir){

ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,

char **new_packet, const char *homedir){

gpgme_data_t dh_crypto, dh_plain;

gpgme_ctx_t ctx;

gpgme_error_t rc;

ssize_t ret;

size_t new_packet_capacity = 0;

size_t new_packet_length = 0;

ssize_t new_packet_capacity = 0;

ssize_t new_packet_length = 0;

gpgme_engine_info_t engine_info;

100

if (debug){

101

fprintf(stderr, "Trying to decrypt OpenPGP packet\n");

102

}

103

104

/* Init GPGME */

105

gpgme_check_version(NULL);

106

gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);

136

149

return -1;

137

150

}

138

151

139

/* Decrypt data from the FILE pointer to the plaintext data buffer */

152

/* Decrypt data from the FILE pointer to the plaintext data

153

buffer */

140

154

rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);

141

155

if (rc != GPG_ERR_NO_ERROR){

142

156

fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",

143

157

gpgme_strsource(rc), gpgme_strerror(rc));

144

158

return -1;

145

159

}

160

161

if(debug){

162

fprintf(stderr, "Decryption of OpenPGP packet succeeded\n");

163

}

164

165

if (debug){

166

gpgme_decrypt_result_t result;

167

result = gpgme_op_decrypt_result(ctx);

168

if (result == NULL){

169

fprintf(stderr, "gpgme_op_decrypt_result failed\n");

170

} else {

171

fprintf(stderr, "Unsupported algorithm: %s\n",

172

result->unsupported_algorithm);

173

fprintf(stderr, "Wrong key usage: %d\n",

174

result->wrong_key_usage);

175

if(result->file_name != NULL){

176

fprintf(stderr, "File name: %s\n", result->file_name);

177

}

178

gpgme_recipient_t recipient;

179

recipient = result->recipients;

180

if(recipient){

181

while(recipient != NULL){

182

fprintf(stderr, "Public key algorithm: %s\n",

183

gpgme_pubkey_algo_name(recipient->pubkey_algo));

184

fprintf(stderr, "Key ID: %s\n", recipient->keyid);

185

fprintf(stderr, "Secret key available: %s\n",

186

recipient->status == GPG_ERR_NO_SECKEY

187

? "No" : "Yes");

188

recipient = recipient->next;

189

}

190

}

191

}

192

}

146

193

147

/* gpgme_decrypt_result_t result; */

148

/* result = gpgme_op_decrypt_result(ctx); */

149

/* fprintf(stderr, "Unsupported algorithm: %s\n", result->unsupported_algorithm); */

150

/* fprintf(stderr, "Wrong key usage: %d\n", result->wrong_key_usage); */

151

/* if(result->file_name != NULL){ */

152

/* fprintf(stderr, "File name: %s\n", result->file_name); */

153

/* } */

154

/* gpgme_recipient_t recipient; */

155

/* recipient = result->recipients; */

156

/* if(recipient){ */

157

/* while(recipient != NULL){ */

158

/* fprintf(stderr, "Public key algorithm: %s\n", */

159

/* gpgme_pubkey_algo_name(recipient->pubkey_algo)); */

160

/* fprintf(stderr, "Key ID: %s\n", recipient->keyid); */

161

/* fprintf(stderr, "Secret key available: %s\n", */

162

/* recipient->status == GPG_ERR_NO_SECKEY ? "No" : "Yes"); */

163

/* recipient = recipient->next; */

164

/* } */

165

/* } */

166

167

194

/* Delete the GPGME FILE pointer cryptotext data buffer */

168

195

gpgme_data_release(dh_crypto);

169

196

173

200

*new_packet = 0;

174

201

while(true){

175

202

if (new_packet_length + BUFFER_SIZE > new_packet_capacity){

176

*new_packet = realloc(*new_packet, new_packet_capacity + BUFFER_SIZE);

203

*new_packet = realloc(*new_packet,

204

(unsigned int)new_packet_capacity

205

+ BUFFER_SIZE);

177

206

if (*new_packet == NULL){

178

207

perror("realloc");

179

208

return -1;

181

210

new_packet_capacity += BUFFER_SIZE;

182

211

}

183

212

184

ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length, BUFFER_SIZE);

213

ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,

214

BUFFER_SIZE);

185

215

/* Print the data, if any */

186

216

if (ret == 0){

187

/* If password is empty, then a incorrect error will be printed */

188

217

break;

189

218

}

190

219

if(ret < 0){

194

223

new_packet_length += ret;

195

224

}

196

225

197

/* Delete the GPGME plaintext data buffer */

226

/* FIXME: check characters before printing to screen so to not print

227

terminal control characters */

228

/* if(debug){ */

229

/* fprintf(stderr, "decrypted password is: "); */

230

/* fwrite(*new_packet, 1, new_packet_length, stderr); */

231

/* fprintf(stderr, "\n"); */

232

/* } */

233

234

/* Delete the GPGME plaintext data buffer */

198

235

gpgme_data_release(dh_plain);

199

236

return new_packet_length;

200

237

}

206

243

return ret;

207

244

}

208

245

209

void debuggnutls(int level, const char* string){

246

void debuggnutls(__attribute__((unused)) int level,

247

const char* string){

210

248

fprintf(stderr, "%s", string);

211

249

}

212

250

214

252

const char *err;

215

253

int ret;

216

254

255

if(debug){

256

fprintf(stderr, "Initializing GnuTLS\n");

257

}

258

217

259

if ((ret = gnutls_global_init ())

218

260

!= GNUTLS_E_SUCCESS) {

219

261

fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));

220

262

return -1;

221

263

}

222

264

223

/* Uncomment to enable full debuggin on the gnutls library */

224

/* gnutls_global_set_log_level(11); */

225

/* gnutls_global_set_log_function(debuggnutls); */

226

227

265

if (debug){

266

gnutls_global_set_log_level(11);

267

gnutls_global_set_log_function(debuggnutls);

268

}

269

228

270

/* openpgp credentials */

229

271

if ((ret = gnutls_certificate_allocate_credentials (&es->cred))

230

272

!= GNUTLS_E_SUCCESS) {

231

fprintf (stderr, "memory error: %s\n", safer_gnutls_strerror(ret));

273

fprintf (stderr, "memory error: %s\n",

274

safer_gnutls_strerror(ret));

232

275

return -1;

233

276

}

234

277

278

if(debug){

279

fprintf(stderr, "Attempting to use OpenPGP certificate %s"

280

" and keyfile %s as GnuTLS credentials\n", CERTFILE,

281

KEYFILE);

282

}

283

235

284

ret = gnutls_certificate_set_openpgp_key_file

236

285

(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);

237

286

if (ret != GNUTLS_E_SUCCESS) {

238

287

fprintf

239

(stderr, "Error[%d] while reading the OpenPGP key pair ('%s', '%s')\n",

288

(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"

289

" '%s')\n",

240

290

ret, CERTFILE, KEYFILE);

241

291

fprintf(stdout, "The Error is: %s\n",

242

292

safer_gnutls_strerror(ret));

243

293

return -1;

244

294

}

245

246

//Gnutls server initialization

295

296

//GnuTLS server initialization

247

297

if ((ret = gnutls_dh_params_init (&es->dh_params))

248

298

!= GNUTLS_E_SUCCESS) {

249

299

fprintf (stderr, "Error in dh parameter initialization: %s\n",

250

300

safer_gnutls_strerror(ret));

251

301

return -1;

252

302

}

253

303

254

304

if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))

255

305

!= GNUTLS_E_SUCCESS) {

256

306

fprintf (stderr, "Error in prime generation: %s\n",

257

307

safer_gnutls_strerror(ret));

258

308

return -1;

259

309

}

260

310

261

311

gnutls_certificate_set_dh_params (es->cred, es->dh_params);

262

263

// Gnutls session creation

312

313

// GnuTLS session creation

264

314

if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))

265

315

!= GNUTLS_E_SUCCESS){

266

fprintf(stderr, "Error in gnutls session initialization: %s\n",

316

fprintf(stderr, "Error in GnuTLS session initialization: %s\n",

267

317

safer_gnutls_strerror(ret));

268

318

}

269

319

270

320

if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))

271

321

!= GNUTLS_E_SUCCESS) {

272

322

fprintf(stderr, "Syntax error at: %s\n", err);

273

fprintf(stderr, "Gnutls error: %s\n",

323

fprintf(stderr, "GnuTLS error: %s\n",

274

324

safer_gnutls_strerror(ret));

275

325

return -1;

276

326

}

277

327

278

328

if ((ret = gnutls_credentials_set

279

329

(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))

280

330

!= GNUTLS_E_SUCCESS) {

282

332

safer_gnutls_strerror(ret));

283

333

return -1;

284

334

}

285

335

286

336

/* ignore client certificate if any. */

287

gnutls_certificate_server_set_request (es->session, GNUTLS_CERT_IGNORE);

337

gnutls_certificate_server_set_request (es->session,

338

GNUTLS_CERT_IGNORE);

288

339

289

340

gnutls_dh_set_prime_bits (es->session, DH_BITS);

290

341

291

342

return 0;

292

343

}

293

344

294

void empty_log(AvahiLogLevel level, const char *txt){}

345

void empty_log(__attribute__((unused)) AvahiLogLevel level,

346

__attribute__((unused)) const char *txt){}

295

347

296

int start_mandos_communcation(char *ip, uint16_t port){

348

int start_mandos_communication(char *ip, uint16_t port,

349

unsigned int if_index){

297

350

int ret, tcp_sd;

298

351

struct sockaddr_in6 to;

299

struct in6_addr ip_addr;

300

352

encrypted_session es;

301

353

char *buffer = NULL;

302

354

char *decrypted_buffer;

304

356

size_t buffer_capacity = 0;

305

357

ssize_t decrypted_buffer_size;

306

358

int retval = 0;

307

359

char interface[IF_NAMESIZE];

360

361

if(debug){

362

fprintf(stderr, "Setting up a tcp connection to %s\n", ip);

363

}

308

364

309

365

tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);

310

366

if(tcp_sd < 0) {

312

368

return -1;

313

369

}

314

370

315

ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, "eth0", 5);

316

if(tcp_sd < 0) {

371

if(if_indextoname(if_index, interface) == NULL){

372

if(debug){

373

perror("if_indextoname");

374

}

375

return -1;

376

}

377

378

if(debug){

379

fprintf(stderr, "Binding to interface %s\n", interface);

380

}

381

382

ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);

383

if(ret < 0) {

317

384

perror("setsockopt bindtodevice");

318

385

return -1;

319

386

}

320

387

321

388

memset(&to,0,sizeof(to));

322

389

to.sin6_family = AF_INET6;

323

ret = inet_pton(AF_INET6, ip, &ip_addr);

390

ret = inet_pton(AF_INET6, ip, &to.sin6_addr);

324

391

if (ret < 0 ){

325

392

perror("inet_pton");

326

393

return -1;

329

396

fprintf(stderr, "Bad address: %s\n", ip);

330

397

return -1;

331

398

}

399

/* Spurious warnings for the next line, see for instance

400

<http://bugs.debian.org/488884> */

332

401

to.sin6_port = htons(port);

333

to.sin6_scope_id = if_nametoindex("eth0");

402

403

to.sin6_scope_id = (uint32_t)if_index;

404

405

if(debug){

406

fprintf(stderr, "Connection to: %s\n", ip);

407

}

334

408

335

409

ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));

336

410

if (ret < 0){

343

417

retval = -1;

344

418

return -1;

345

419

}

346

347

348

gnutls_transport_set_ptr (es.session, (gnutls_transport_ptr_t) tcp_sd);

349

420

421

gnutls_transport_set_ptr (es.session,

422

(gnutls_transport_ptr_t) tcp_sd);

423

424

if(debug){

425

fprintf(stderr, "Establishing TLS session with %s\n", ip);

426

}

427

350

428

ret = gnutls_handshake (es.session);

351

429

352

430

if (ret != GNUTLS_E_SUCCESS){

355

433

retval = -1;

356

434

goto exit;

357

435

}

436

437

//Retrieve OpenPGP packet that contains the wanted password

438

439

if(debug){

440

fprintf(stderr, "Retrieving pgp encrypted password from %s\n",

441

ip);

442

}

358

443

359

//retrive password

360

444

while(true){

361

445

if (buffer_length + BUFFER_SIZE > buffer_capacity){

362

446

buffer = realloc(buffer, buffer_capacity + BUFFER_SIZE);

387

471

}

388

472

break;

389

473

default:

390

fprintf(stderr, "Unknown error while reading data from encrypted session with mandos server\n");

474

fprintf(stderr, "Unknown error while reading data from"

475

" encrypted session with mandos server\n");

391

476

retval = -1;

392

477

gnutls_bye (es.session, GNUTLS_SHUT_RDWR);

393

478

goto exit;

394

479

}

395

480

} else {

396

buffer_length += ret;

481

buffer_length += (size_t) ret;

397

482

}

398

483

}

399

484

400

485

if (buffer_length > 0){

401

if ((decrypted_buffer_size = gpg_packet_decrypt(buffer, buffer_length, &decrypted_buffer, CERT_ROOT)) == 0){

486

decrypted_buffer_size = pgp_packet_decrypt(buffer,

487

buffer_length,

488

&decrypted_buffer,

489

CERT_ROOT);

490

if (decrypted_buffer_size >= 0){

491

while(decrypted_buffer_size > 0){

492

ret = fwrite (decrypted_buffer, 1, (size_t)decrypted_buffer_size,

493

stdout);

494

if(ret == 0 and ferror(stdout)){

495

if(debug){

496

fprintf(stderr, "Error writing encrypted data: %s\n",

497

strerror(errno));

498

}

499

retval = -1;

500

break;

501

}

502

decrypted_buffer += ret;

503

decrypted_buffer_size -= ret;

504

}

505

free(decrypted_buffer);

506

} else {

402

507

retval = -1;

403

} else {

404

fwrite (decrypted_buffer, 1, decrypted_buffer_size, stdout);

405

free(decrypted_buffer);

406

508

}

407

509

}

408

510

511

//shutdown procedure

512

513

if(debug){

514

fprintf(stderr, "Closing TLS session\n");

515

}

516

409

517

free(buffer);

410

411

//shutdown procedure

412

518

gnutls_bye (es.session, GNUTLS_SHUT_RDWR);

413

519

exit:

414

520

close(tcp_sd);

432

538

const char *host_name,

433

539

const AvahiAddress *address,

434

540

uint16_t port,

435

AvahiStringList *txt,

436

AvahiLookupResultFlags flags,

541

AVAHI_GCC_UNUSED AvahiStringList *txt,

542

AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,

437

543

AVAHI_GCC_UNUSED void* userdata) {

438

544

439

assert(r);

440

441

/* Called whenever a service has been resolved successfully or timed out */

442

443

switch (event) {

444

case AVAHI_RESOLVER_FAILURE:

445

fprintf(stderr, "(Resolver) Failed to resolve service '%s' of type '%s' in domain '%s': %s\n", name, type, domain, avahi_strerror(avahi_server_errno(server)));

446

break;

447

448

case AVAHI_RESOLVER_FOUND: {

449

char ip[AVAHI_ADDRESS_STR_MAX];

450

avahi_address_snprint(ip, sizeof(ip), address);

451

int ret = start_mandos_communcation(ip, port);

452

if (ret == 0){

453

exit(EXIT_SUCCESS);

454

} else {

455

exit(EXIT_FAILURE);

456

}

457

}

545

assert(r);

546

547

/* Called whenever a service has been resolved successfully or

548

timed out */

549

550

switch (event) {

551

default:

552

case AVAHI_RESOLVER_FAILURE:

553

fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"

554

" type '%s' in domain '%s': %s\n", name, type, domain,

555

avahi_strerror(avahi_server_errno(server)));

556

break;

557

558

case AVAHI_RESOLVER_FOUND:

559

{

560

char ip[AVAHI_ADDRESS_STR_MAX];

561

avahi_address_snprint(ip, sizeof(ip), address);

562

if(debug){

563

fprintf(stderr, "Mandos server found on %s (%s) on port %d\n",

564

host_name, ip, port);

565

}

566

int ret = start_mandos_communication(ip, port,

567

(unsigned int)

568

interface);

569

if (ret == 0){

570

exit(EXIT_SUCCESS);

571

} else {

572

exit(EXIT_FAILURE);

573

}

458

574

}

459

avahi_s_service_resolver_free(r);

575

}

576

avahi_s_service_resolver_free(r);

460

577

}

461

578

462

579

static void browse_callback(

473

590

AvahiServer *s = userdata;

474

591

assert(b);

475

592

476

/* Called whenever a new services becomes available on the LAN or is removed from the LAN */

593

/* Called whenever a new services becomes available on the LAN or

594

is removed from the LAN */

477

595

478

596

switch (event) {

479

480

case AVAHI_BROWSER_FAILURE:

481

482

fprintf(stderr, "(Browser) %s\n", avahi_strerror(avahi_server_errno(server)));

483

avahi_simple_poll_quit(simple_poll);

484

return;

485

486

case AVAHI_BROWSER_NEW:

487

/* We ignore the returned resolver object. In the callback

488

function we free it. If the server is terminated before

489

the callback function is called the server will free

490

the resolver for us. */

491

492

if (!(avahi_s_service_resolver_new(s, interface, protocol, name, type, domain, AVAHI_PROTO_INET6, 0, resolve_callback, s)))

493

fprintf(stderr, "Failed to resolve service '%s': %s\n", name, avahi_strerror(avahi_server_errno(s)));

494

495

break;

496

497

case AVAHI_BROWSER_REMOVE:

498

break;

499

500

case AVAHI_BROWSER_ALL_FOR_NOW:

501

case AVAHI_BROWSER_CACHE_EXHAUSTED:

502

break;

597

default:

598

case AVAHI_BROWSER_FAILURE:

599

600

fprintf(stderr, "(Browser) %s\n",

601

avahi_strerror(avahi_server_errno(server)));

602

avahi_simple_poll_quit(simple_poll);

603

return;

604

605

case AVAHI_BROWSER_NEW:

606

/* We ignore the returned resolver object. In the callback

607

function we free it. If the server is terminated before

608

the callback function is called the server will free

609

the resolver for us. */

610

611

if (!(avahi_s_service_resolver_new(s, interface, protocol, name,

612

type, domain,

613

AVAHI_PROTO_INET6, 0,

614

resolve_callback, s)))

615

fprintf(stderr, "Failed to resolve service '%s': %s\n", name,

616

avahi_strerror(avahi_server_errno(s)));

617

break;

618

619

case AVAHI_BROWSER_REMOVE:

620

break;

621

622

case AVAHI_BROWSER_ALL_FOR_NOW:

623

case AVAHI_BROWSER_CACHE_EXHAUSTED:

624

break;

503

625

}

504

626

}

505

627

507

629

AvahiServerConfig config;

508

630

AvahiSServiceBrowser *sb = NULL;

509

631

int error;

510

int ret = 1;

511

512

avahi_set_log_function(empty_log);

632

int ret;

633

int returncode = EXIT_SUCCESS;

634

const char *interface = "eth0";

635

636

while (true){

637

static struct option long_options[] = {

638

{"debug", no_argument, (int *)&debug, 1},

639

{"interface", required_argument, 0, 'i'},

640

{0, 0, 0, 0} };

641

642

int option_index = 0;

643

ret = getopt_long (argc, argv, "i:", long_options,

644

&option_index);

645

646

if (ret == -1){

647

break;

648

}

649

650

switch(ret){

651

case 0:

652

break;

653

case 'i':

654

interface = optarg;

655

break;

656

default:

657

exit(EXIT_FAILURE);

658

}

659

}

660

661

if (not debug){

662

avahi_set_log_function(empty_log);

663

}

513

664

514

665

/* Initialize the psuedo-RNG */

515

srand(time(NULL));

666

srand((unsigned int) time(NULL));

516

667

517

668

/* Allocate main loop object */

518

669

if (!(simple_poll = avahi_simple_poll_new())) {

519

670

fprintf(stderr, "Failed to create simple poll object.\n");

520

goto fail;

671

672

goto exit;

521

673

}

522

674

523

675

/* Do not publish any local records */

527

679

config.publish_workstation = 0;

528

680

config.publish_domain = 0;

529

681

530

/* /\* Set a unicast DNS server for wide area DNS-SD *\/ */

531

/* avahi_address_parse("193.11.177.11", AVAHI_PROTO_UNSPEC, &config.wide_area_servers[0]); */

532

/* config.n_wide_area_servers = 1; */

533

/* config.enable_wide_area = 1; */

534

535

682

/* Allocate a new server */

536

server = avahi_server_new(avahi_simple_poll_get(simple_poll), &config, NULL, NULL, &error);

683

server = avahi_server_new(avahi_simple_poll_get(simple_poll),

684

&config, NULL, NULL, &error);

537

685

538

686

/* Free the configuration data */

539

687

avahi_server_config_free(&config);

540

688

541

/* Check wether creating the server object succeeded */

689

/* Check if creating the server object succeeded */

542

690

if (!server) {

543

fprintf(stderr, "Failed to create server: %s\n", avahi_strerror(error));

544

goto fail;

691

fprintf(stderr, "Failed to create server: %s\n",

692

avahi_strerror(error));

693

returncode = EXIT_FAILURE;

694

goto exit;

545

695

}

546

696

547

697

/* Create the service browser */

548

if (!(sb = avahi_s_service_browser_new(server, if_nametoindex("eth0"), AVAHI_PROTO_INET6, "_mandos._tcp", NULL, 0, browse_callback, server))) {

549

fprintf(stderr, "Failed to create service browser: %s\n", avahi_strerror(avahi_server_errno(server)));

550

goto fail;

698

sb = avahi_s_service_browser_new(server,

699

(AvahiIfIndex)

700

if_nametoindex(interface),

701

AVAHI_PROTO_INET6,

702

"_mandos._tcp", NULL, 0,

703

browse_callback, server);

704

if (!sb) {

705

fprintf(stderr, "Failed to create service browser: %s\n",

706

avahi_strerror(avahi_server_errno(server)));

707

returncode = EXIT_FAILURE;

708

goto exit;

551

709

}

552

710

553

711

/* Run the main loop */

712

713

if (debug){

714

fprintf(stderr, "Starting avahi loop search\n");

715

}

716

554

717

avahi_simple_poll_loop(simple_poll);

555

718

556

ret = 0;

557

558

fail:

719

exit:

720

721

if (debug){

722

fprintf(stderr, "%s exiting\n", argv[0]);

723

}

559

724

560

725

/* Cleanup things */

561

726

if (sb)

567

732

if (simple_poll)

568

733

avahi_simple_poll_free(simple_poll);

569

734

570

return ret;

735

return returncode;

571

736

}

Older »