/mandos/trunk : revision 21

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandosclient.c

Committer: Teddy Hogeborn
Date: 2008-07-21 15:34:44 UTC
Revision ID: teddy@fukt.bsnet.se-20080721153444-lugbjkj1oq65ugq3

* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
                     $(LANGUAGE).
  (WARN, DEBUG, COVERAGE, LANGUAGE): New.
  (LDFLAGS): New; use $(COVERAGE)

* plugbasedclient.c: Added copyright header.
  (process.buffer_size, process.buffer_length): Changed to "size_t".
  (main): Cast arguments to malloc and realloc.  Detect read errors
          from processes.

* mandosclient.c: Added copyright header.
  (interface): Moved to inside "main".
  (gpg_packet_decrypt): Renamed to "pgp_packet_decrypt"; all callers
                        changed.  Changed "new_packet_capacity" and
                        "new_packet_length" to be ssize_t.  Cast
                        arguments to realloc.
  (debuggnutls): Attribute "level" argument as unused.
  (empty_log): Attribute "level" and "txt" arguments as unused.
  (start_mandos_communication): New argument "if_index".  Bug fix:
                                check ret, no tcp_sd, for errors from
                                setsockopt.  Use "if_index" directly
                                instead of looking up the index.  Loop
                                around fwrite until all data is written.
  (resolve_callback): Attribute "txt", and "flags" as usused.  Added
                      default case to switch.  Also show server host
                      name.  Call start_mandos_communication with
                      "interface".
  (browse_callback): Added default case to switch.
  (main): Variable "interface" moved here.  Cast "srand" argument.
          Bug fix: Call avahi_s_service_browser_new with index of
          "interface", not "eth0".

* passprompt.c: Added copyright header.
  (termination_handler): Attribute "signum" argument as unused.

files modified:
Makefile

TODO

mandos-clients.conf

plugins.d/mandosclient.c

server.py

Show diffs side-by-side

added added

removed removed

plugins.d/mandosclient.c

#include <avahi-common/error.h>

//mandos client part

#include <sys/types.h> /* socket(), inet_pton() */

#include <sys/socket.h> /* socket(), struct sockaddr_in6,

#include <sys/types.h> /* socket(), setsockopt(),

inet_pton() */

#include <sys/socket.h> /* socket(), setsockopt(),

struct sockaddr_in6,

struct in6_addr, inet_pton() */

#include <gnutls/gnutls.h> /* All GnuTLS stuff */

#include <gnutls/openpgp.h> /* GnuTLS with openpgp stuff */

193

195

gpgme_data_release(dh_crypto);

194

196

195

197

/* Seek back to the beginning of the GPGME plaintext data buffer */

196

gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET);

198

gpgme_data_seek(dh_plain, 0, SEEK_SET);

197

199

198

200

*new_packet = 0;

199

201

while(true){

343

345

void empty_log(__attribute__((unused)) AvahiLogLevel level,

344

346

__attribute__((unused)) const char *txt){}

345

347

346

int start_mandos_communication(const char *ip, uint16_t port,

348

int start_mandos_communication(char *ip, uint16_t port,

347

349

unsigned int if_index){

348

350

int ret, tcp_sd;

349

351

struct sockaddr_in6 to;

353

355

size_t buffer_length = 0;

354

356

size_t buffer_capacity = 0;

355

357

ssize_t decrypted_buffer_size;

356

size_t written = 0;

357

358

int retval = 0;

358

359

char interface[IF_NAMESIZE];

359

360

378

379

fprintf(stderr, "Binding to interface %s\n", interface);

379

380

}

380

381

memset(&to,0,sizeof(to)); /* Spurious warning */

382

ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);

383

if(ret < 0) {

384

perror("setsockopt bindtodevice");

385

return -1;

386

}

387

388

memset(&to,0,sizeof(to));

382

389

to.sin6_family = AF_INET6;

383

390

ret = inet_pton(AF_INET6, ip, &to.sin6_addr);

384

391

if (ret < 0 ){

389

396

fprintf(stderr, "Bad address: %s\n", ip);

390

397

return -1;

391

398

}

392

to.sin6_port = htons(port); /* Spurious warning */

399

/* Spurious warnings for the next line, see for instance

400

<http://bugs.debian.org/488884> */

401

to.sin6_port = htons(port);

393

402

394

403

to.sin6_scope_id = (uint32_t)if_index;

395

404

419

428

ret = gnutls_handshake (es.session);

420

429

421

430

if (ret != GNUTLS_E_SUCCESS){

422

if(debug){

423

fprintf(stderr, "\n*** Handshake failed ***\n");

424

gnutls_perror (ret);

425

}

431

fprintf(stderr, "\n*** Handshake failed ***\n");

432

gnutls_perror (ret);

426

433

retval = -1;

427

434

goto exit;

428

435

}

481

488

&decrypted_buffer,

482

489

CERT_ROOT);

483

490

if (decrypted_buffer_size >= 0){

484

while(written < decrypted_buffer_size){

485

ret = (int)fwrite (decrypted_buffer + written, 1,

486

(size_t)decrypted_buffer_size - written,

487

stdout);

491

while(decrypted_buffer_size > 0){

492

ret = fwrite (decrypted_buffer, 1, (size_t)decrypted_buffer_size,

493

stdout);

488

494

if(ret == 0 and ferror(stdout)){

489

495

if(debug){

490

496

fprintf(stderr, "Error writing encrypted data: %s\n",

493

499

retval = -1;

494

500

break;

495

501

}

496

written += (size_t)ret;

502

decrypted_buffer += ret;

503

decrypted_buffer_size -= ret;

497

504

}

498

505

free(decrypted_buffer);

499

506

} else {

522

529

523

530

static void resolve_callback(

524

531

AvahiSServiceResolver *r,

525

AvahiIfIndex interface,

532

AVAHI_GCC_UNUSED AvahiIfIndex interface,

526

533

AVAHI_GCC_UNUSED AvahiProtocol protocol,

527

534

AvahiResolverEvent event,

528

535

const char *name,

535

542

AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,

536

543

AVAHI_GCC_UNUSED void* userdata) {

537

544

538

assert(r); /* Spurious warning */

539

545

assert(r);

546

540

547

/* Called whenever a service has been resolved successfully or

541

548

timed out */

542

549

543

550

switch (event) {

544

551

default:

545

552

case AVAHI_RESOLVER_FAILURE:

547

554

" type '%s' in domain '%s': %s\n", name, type, domain,

548

555

avahi_strerror(avahi_server_errno(server)));

549

556

break;

550

557

551

558

case AVAHI_RESOLVER_FOUND:

552

559

{

553

560

char ip[AVAHI_ADDRESS_STR_MAX];

554

561

avahi_address_snprint(ip, sizeof(ip), address);

555

562

if(debug){

556

fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"

557

" port %d\n", name, host_name, ip, port);

563

fprintf(stderr, "Mandos server found on %s (%s) on port %d\n",

564

host_name, ip, port);

558

565

}

559

566

int ret = start_mandos_communication(ip, port,

560

(unsigned int) interface);

567

(unsigned int)

568

interface);

561

569

if (ret == 0){

562

570

exit(EXIT_SUCCESS);

571

} else {

572

exit(EXIT_FAILURE);

563

573

}

564

574

}

565

575

}

578

588

void* userdata) {

579

589

580

590

AvahiServer *s = userdata;

581

assert(b); /* Spurious warning */

582

591

assert(b);

592

583

593

/* Called whenever a new services becomes available on the LAN or

584

594

is removed from the LAN */

585

595

586

596

switch (event) {

587

597

default:

588

598

case AVAHI_BROWSER_FAILURE:

628

638

{"debug", no_argument, (int *)&debug, 1},

629

639

{"interface", required_argument, 0, 'i'},

630

640

{0, 0, 0, 0} };

631

641

632

642

int option_index = 0;

633

643

ret = getopt_long (argc, argv, "i:", long_options,

634

644

&option_index);

635

645

636

646

if (ret == -1){

637

647

break;

638

648

}

Older »