62
64
#include <string.h> /* memset */
63
65
#include <arpa/inet.h> /* inet_pton() */
64
66
#include <iso646.h> /* not */
67
#include <net/if.h> /* IF_NAMESIZE */
68
#include <argp.h> /* struct argp_option,
69
struct argp_state, struct argp,
67
72
#include <errno.h> /* perror() */
74
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
76
#define CERTFILE CERT_ROOT "openpgp-client.txt"
77
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
78
75
#define BUFFER_SIZE 256
81
77
bool debug = false;
78
static const char *keydir = "/conf/conf.d/mandos";
79
const char *argp_program_version = "mandosclient 0.9";
80
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
81
static const char mandos_protocol_version[] = "1";
83
/* Used for passing in values through the Avahi callback functions */
84
gnutls_session_t session;
85
AvahiSimplePoll *simple_poll;
85
87
gnutls_certificate_credentials_t cred;
86
89
gnutls_dh_params_t dh_params;
90
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
91
char **new_packet, const char *homedir){
93
/* Make room in "buffer" for at least BUFFER_SIZE additional bytes.
94
* "buffer_capacity" is how much is currently allocated,
95
* "buffer_length" is how much is already used. */
96
size_t adjustbuffer(char **buffer, size_t buffer_length,
97
size_t buffer_capacity){
98
if (buffer_length + BUFFER_SIZE > buffer_capacity){
99
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
103
buffer_capacity += BUFFER_SIZE;
105
return buffer_capacity;
109
* Decrypt OpenPGP data using keyrings in HOMEDIR.
110
* Returns -1 on error
112
static ssize_t pgp_packet_decrypt (const char *cryptotext,
115
const char *homedir){
92
116
gpgme_data_t dh_crypto, dh_plain;
96
ssize_t new_packet_capacity = 0;
97
ssize_t new_packet_length = 0;
120
size_t plaintext_capacity = 0;
121
ssize_t plaintext_length = 0;
98
122
gpgme_engine_info_t engine_info;
101
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
125
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
105
129
gpgme_check_version(NULL);
106
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
130
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
131
if (rc != GPG_ERR_NO_ERROR){
132
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
133
gpgme_strsource(rc), gpgme_strerror(rc));
108
/* Set GPGME home directory */
137
/* Set GPGME home directory for the OpenPGP engine only */
109
138
rc = gpgme_get_engine_info (&engine_info);
110
139
if (rc != GPG_ERR_NO_ERROR){
111
140
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
246
void debuggnutls(__attribute__((unused)) int level,
248
fprintf(stderr, "%s", string);
285
/* GnuTLS log function callback */
286
static void debuggnutls(__attribute__((unused)) int level,
288
fprintf(stderr, "GnuTLS: %s", string);
251
int initgnutls(encrypted_session *es){
291
static int init_gnutls_global(mandos_context *mc,
292
const char *pubkeyfile,
293
const char *seckeyfile){
256
297
fprintf(stderr, "Initializing GnuTLS\n");
259
300
if ((ret = gnutls_global_init ())
260
301
!= GNUTLS_E_SUCCESS) {
261
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
302
fprintf (stderr, "GnuTLS global_init: %s\n",
303
safer_gnutls_strerror(ret));
308
/* "Use a log level over 10 to enable all debugging options."
266
311
gnutls_global_set_log_level(11);
267
312
gnutls_global_set_log_function(debuggnutls);
270
/* openpgp credentials */
271
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
315
/* OpenPGP credentials */
316
if ((ret = gnutls_certificate_allocate_credentials (&mc->cred))
272
317
!= GNUTLS_E_SUCCESS) {
273
fprintf (stderr, "memory error: %s\n",
318
fprintf (stderr, "GnuTLS memory error: %s\n",
274
319
safer_gnutls_strerror(ret));
279
324
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
280
" and keyfile %s as GnuTLS credentials\n", CERTFILE,
325
" and keyfile %s as GnuTLS credentials\n", pubkeyfile,
284
329
ret = gnutls_certificate_set_openpgp_key_file
285
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
330
(mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);
286
331
if (ret != GNUTLS_E_SUCCESS) {
288
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
290
ret, CERTFILE, KEYFILE);
291
fprintf(stdout, "The Error is: %s\n",
333
"Error[%d] while reading the OpenPGP key pair ('%s',"
334
" '%s')\n", ret, pubkeyfile, seckeyfile);
335
fprintf(stdout, "The GnuTLS error is: %s\n",
292
336
safer_gnutls_strerror(ret));
296
//GnuTLS server initialization
297
if ((ret = gnutls_dh_params_init (&es->dh_params))
298
!= GNUTLS_E_SUCCESS) {
299
fprintf (stderr, "Error in dh parameter initialization: %s\n",
300
safer_gnutls_strerror(ret));
304
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
305
!= GNUTLS_E_SUCCESS) {
306
fprintf (stderr, "Error in prime generation: %s\n",
307
safer_gnutls_strerror(ret));
311
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
313
// GnuTLS session creation
314
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
315
!= GNUTLS_E_SUCCESS){
340
/* GnuTLS server initialization */
341
ret = gnutls_dh_params_init(&mc->dh_params);
342
if (ret != GNUTLS_E_SUCCESS) {
343
fprintf (stderr, "Error in GnuTLS DH parameter initialization:"
344
" %s\n", safer_gnutls_strerror(ret));
347
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
348
if (ret != GNUTLS_E_SUCCESS) {
349
fprintf (stderr, "Error in GnuTLS prime generation: %s\n",
350
safer_gnutls_strerror(ret));
354
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
359
static int init_gnutls_session(mandos_context *mc,
360
gnutls_session_t *session){
362
/* GnuTLS session creation */
363
ret = gnutls_init(session, GNUTLS_SERVER);
364
if (ret != GNUTLS_E_SUCCESS){
316
365
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
317
366
safer_gnutls_strerror(ret));
320
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
321
!= GNUTLS_E_SUCCESS) {
322
fprintf(stderr, "Syntax error at: %s\n", err);
323
fprintf(stderr, "GnuTLS error: %s\n",
324
safer_gnutls_strerror(ret));
371
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
372
if (ret != GNUTLS_E_SUCCESS) {
373
fprintf(stderr, "Syntax error at: %s\n", err);
374
fprintf(stderr, "GnuTLS error: %s\n",
375
safer_gnutls_strerror(ret));
328
if ((ret = gnutls_credentials_set
329
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
330
!= GNUTLS_E_SUCCESS) {
331
fprintf(stderr, "Error setting a credentials set: %s\n",
380
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
382
if (ret != GNUTLS_E_SUCCESS) {
383
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
332
384
safer_gnutls_strerror(ret));
336
388
/* ignore client certificate if any. */
337
gnutls_certificate_server_set_request (es->session,
389
gnutls_certificate_server_set_request (*session,
338
390
GNUTLS_CERT_IGNORE);
340
gnutls_dh_set_prime_bits (es->session, DH_BITS);
392
gnutls_dh_set_prime_bits (*session, mc->dh_bits);
345
void empty_log(__attribute__((unused)) AvahiLogLevel level,
346
__attribute__((unused)) const char *txt){}
397
/* Avahi log function callback */
398
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
399
__attribute__((unused)) const char *txt){}
348
int start_mandos_communication(char *ip, uint16_t port,
349
unsigned int if_index){
401
/* Called when a Mandos server is found */
402
static int start_mandos_communication(const char *ip, uint16_t port,
403
AvahiIfIndex if_index,
351
struct sockaddr_in6 to;
352
encrypted_session es;
406
union { struct sockaddr in; struct sockaddr_in6 in6; } to;
353
407
char *buffer = NULL;
354
408
char *decrypted_buffer;
355
409
size_t buffer_length = 0;
356
410
size_t buffer_capacity = 0;
357
411
ssize_t decrypted_buffer_size;
359
414
char interface[IF_NAMESIZE];
415
gnutls_session_t session;
417
ret = init_gnutls_session (mc, &session);
362
fprintf(stderr, "Setting up a tcp connection to %s\n", ip);
423
fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
365
427
tcp_sd = socket(PF_INET6, SOCK_STREAM, 0);
367
429
perror("socket");
371
if(if_indextoname(if_index, interface) == NULL){
434
if(if_indextoname((unsigned int)if_index, interface) == NULL){
373
435
perror("if_indextoname");
379
438
fprintf(stderr, "Binding to interface %s\n", interface);
382
ret = setsockopt(tcp_sd, SOL_SOCKET, SO_BINDTODEVICE, interface, 5);
384
perror("setsockopt bindtodevice");
388
memset(&to,0,sizeof(to));
389
to.sin6_family = AF_INET6;
390
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
441
memset(&to,0,sizeof(to)); /* Spurious warning */
442
to.in6.sin6_family = AF_INET6;
443
/* It would be nice to have a way to detect if we were passed an
444
IPv4 address here. Now we assume an IPv6 address. */
445
ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
392
447
perror("inet_pton");
396
451
fprintf(stderr, "Bad address: %s\n", ip);
399
/* Spurious warnings for the next line, see for instance
400
<http://bugs.debian.org/488884> */
401
to.sin6_port = htons(port);
454
to.in6.sin6_port = htons(port); /* Spurious warning */
403
to.sin6_scope_id = (uint32_t)if_index;
456
to.in6.sin6_scope_id = (uint32_t)if_index;
406
fprintf(stderr, "Connection to: %s\n", ip);
459
fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
460
char addrstr[INET6_ADDRSTRLEN] = "";
461
if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
462
sizeof(addrstr)) == NULL){
465
if(strcmp(addrstr, ip) != 0){
466
fprintf(stderr, "Canonical address form: %s\n", addrstr);
409
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
471
ret = connect(tcp_sd, &to.in, sizeof(to));
411
473
perror("connect");
415
ret = initgnutls (&es);
477
const char *out = mandos_protocol_version;
480
size_t out_size = strlen(out);
481
ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
482
out_size - written));
488
written += (size_t)ret;
489
if(written < out_size){
492
if (out == mandos_protocol_version){
421
gnutls_transport_set_ptr (es.session,
422
(gnutls_transport_ptr_t) tcp_sd);
425
502
fprintf(stderr, "Establishing TLS session with %s\n", ip);
428
ret = gnutls_handshake (es.session);
505
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
507
ret = gnutls_handshake (session);
430
509
if (ret != GNUTLS_E_SUCCESS){
431
fprintf(stderr, "\n*** Handshake failed ***\n");
511
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
437
//Retrieve OpenPGP packet that contains the wanted password
518
/* Read OpenPGP packet that contains the wanted password */
440
521
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
502
decrypted_buffer += ret;
503
decrypted_buffer_size -= ret;
590
written += (size_t)ret;
505
592
free(decrypted_buffer);
514
fprintf(stderr, "Closing TLS session\n");
598
/* Shutdown procedure */
518
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
521
gnutls_deinit (es.session);
522
gnutls_certificate_free_credentials (es.cred);
603
gnutls_deinit (session);
604
gnutls_certificate_free_credentials (mc->cred);
523
605
gnutls_global_deinit ();
527
static AvahiSimplePoll *simple_poll = NULL;
528
static AvahiServer *server = NULL;
530
static void resolve_callback(
531
AvahiSServiceResolver *r,
532
AVAHI_GCC_UNUSED AvahiIfIndex interface,
533
AVAHI_GCC_UNUSED AvahiProtocol protocol,
534
AvahiResolverEvent event,
538
const char *host_name,
539
const AvahiAddress *address,
541
AVAHI_GCC_UNUSED AvahiStringList *txt,
542
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
543
AVAHI_GCC_UNUSED void* userdata) {
609
static void resolve_callback(AvahiSServiceResolver *r,
610
AvahiIfIndex interface,
611
AVAHI_GCC_UNUSED AvahiProtocol protocol,
612
AvahiResolverEvent event,
616
const char *host_name,
617
const AvahiAddress *address,
619
AVAHI_GCC_UNUSED AvahiStringList *txt,
620
AVAHI_GCC_UNUSED AvahiLookupResultFlags
623
mandos_context *mc = userdata;
624
assert(r); /* Spurious warning */
547
626
/* Called whenever a service has been resolved successfully or
552
631
case AVAHI_RESOLVER_FAILURE:
553
fprintf(stderr, "(Resolver) Failed to resolve service '%s' of"
554
" type '%s' in domain '%s': %s\n", name, type, domain,
555
avahi_strerror(avahi_server_errno(server)));
632
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
633
" of type '%s' in domain '%s': %s\n", name, type, domain,
634
avahi_strerror(avahi_server_errno(mc->server)));
558
637
case AVAHI_RESOLVER_FOUND:
560
639
char ip[AVAHI_ADDRESS_STR_MAX];
561
640
avahi_address_snprint(ip, sizeof(ip), address);
563
fprintf(stderr, "Mandos server found on %s (%s) on port %d\n",
564
host_name, ip, port);
642
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %d) on"
643
" port %d\n", name, host_name, ip, interface, port);
566
int ret = start_mandos_communication(ip, port,
645
int ret = start_mandos_communication(ip, port, interface, mc);
570
647
exit(EXIT_SUCCESS);
576
651
avahi_s_service_resolver_free(r);
579
static void browse_callback(
580
AvahiSServiceBrowser *b,
581
AvahiIfIndex interface,
582
AvahiProtocol protocol,
583
AvahiBrowserEvent event,
587
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
590
AvahiServer *s = userdata;
593
/* Called whenever a new services becomes available on the LAN or
594
is removed from the LAN */
598
case AVAHI_BROWSER_FAILURE:
600
fprintf(stderr, "(Browser) %s\n",
601
avahi_strerror(avahi_server_errno(server)));
602
avahi_simple_poll_quit(simple_poll);
605
case AVAHI_BROWSER_NEW:
606
/* We ignore the returned resolver object. In the callback
607
function we free it. If the server is terminated before
608
the callback function is called the server will free
609
the resolver for us. */
611
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
613
AVAHI_PROTO_INET6, 0,
614
resolve_callback, s)))
615
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
616
avahi_strerror(avahi_server_errno(s)));
619
case AVAHI_BROWSER_REMOVE:
622
case AVAHI_BROWSER_ALL_FOR_NOW:
623
case AVAHI_BROWSER_CACHE_EXHAUSTED:
654
static void browse_callback( AvahiSServiceBrowser *b,
655
AvahiIfIndex interface,
656
AvahiProtocol protocol,
657
AvahiBrowserEvent event,
661
AVAHI_GCC_UNUSED AvahiLookupResultFlags
664
mandos_context *mc = userdata;
665
assert(b); /* Spurious warning */
667
/* Called whenever a new services becomes available on the LAN or
668
is removed from the LAN */
672
case AVAHI_BROWSER_FAILURE:
674
fprintf(stderr, "(Avahi browser) %s\n",
675
avahi_strerror(avahi_server_errno(mc->server)));
676
avahi_simple_poll_quit(mc->simple_poll);
679
case AVAHI_BROWSER_NEW:
680
/* We ignore the returned Avahi resolver object. In the callback
681
function we free it. If the Avahi server is terminated before
682
the callback function is called the Avahi server will free the
685
if (!(avahi_s_service_resolver_new(mc->server, interface,
686
protocol, name, type, domain,
687
AVAHI_PROTO_INET6, 0,
688
resolve_callback, mc)))
689
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
690
name, avahi_strerror(avahi_server_errno(mc->server)));
693
case AVAHI_BROWSER_REMOVE:
696
case AVAHI_BROWSER_ALL_FOR_NOW:
697
case AVAHI_BROWSER_CACHE_EXHAUSTED:
699
fprintf(stderr, "No Mandos server found, still searching...\n");
628
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
629
AvahiServerConfig config;
705
/* Combines file name and path and returns the malloced new
706
string. some sane checks could/should be added */
707
static const char *combinepath(const char *first, const char *second){
708
size_t f_len = strlen(first);
709
size_t s_len = strlen(second);
710
char *tmp = malloc(f_len + s_len + 2);
715
memcpy(tmp, first, f_len); /* Spurious warning */
719
memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */
721
tmp[f_len + 1 + s_len] = '\0';
726
int main(int argc, char *argv[]){
630
727
AvahiSServiceBrowser *sb = NULL;
633
int returncode = EXIT_SUCCESS;
730
int exitcode = EXIT_SUCCESS;
634
731
const char *interface = "eth0";
637
static struct option long_options[] = {
638
{"debug", no_argument, (int *)&debug, 1},
639
{"interface", required_argument, 0, 'i'},
642
int option_index = 0;
643
ret = getopt_long (argc, argv, "i:", long_options,
732
struct ifreq network;
736
char *connect_to = NULL;
737
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
738
const char *pubkeyfile = "pubkey.txt";
739
const char *seckeyfile = "seckey.txt";
740
mandos_context mc = { .simple_poll = NULL, .server = NULL,
741
.dh_bits = 1024, .priority = "SECURE256"};
744
struct argp_option options[] = {
745
{ .name = "debug", .key = 128,
746
.doc = "Debug mode", .group = 3 },
747
{ .name = "connect", .key = 'c',
749
.doc = "Connect directly to a sepcified mandos server",
751
{ .name = "interface", .key = 'i',
753
.doc = "Interface that Avahi will conntect through",
755
{ .name = "keydir", .key = 'd',
757
.doc = "Directory where the openpgp keyring is",
759
{ .name = "seckey", .key = 's',
761
.doc = "Secret openpgp key for gnutls authentication",
763
{ .name = "pubkey", .key = 'p',
765
.doc = "Public openpgp key for gnutls authentication",
767
{ .name = "dh-bits", .key = 129,
769
.doc = "dh-bits to use in gnutls communication",
771
{ .name = "priority", .key = 130,
773
.doc = "GNUTLS priority", .group = 1 },
778
error_t parse_opt (int key, char *arg,
779
struct argp_state *state) {
780
/* Get the INPUT argument from `argp_parse', which we know is
781
a pointer to our plugin list pointer. */
803
mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
818
return ARGP_ERR_UNKNOWN;
823
struct argp argp = { .options = options, .parser = parse_opt,
825
.doc = "Mandos client -- Get and decrypt"
826
" passwords from mandos server" };
827
argp_parse (&argp, argc, argv, 0, 0, NULL);
830
pubkeyfile = combinepath(keydir, pubkeyfile);
831
if (pubkeyfile == NULL){
832
perror("combinepath");
833
exitcode = EXIT_FAILURE;
837
seckeyfile = combinepath(keydir, seckeyfile);
838
if (seckeyfile == NULL){
839
perror("combinepath");
843
ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);
845
fprintf(stderr, "init_gnutls_global\n");
862
if_index = (AvahiIfIndex) if_nametoindex(interface);
864
fprintf(stderr, "No such interface: \"%s\"\n", interface);
868
if(connect_to != NULL){
869
/* Connect directly, do not use Zeroconf */
870
/* (Mainly meant for debugging) */
871
char *address = strrchr(connect_to, ':');
873
fprintf(stderr, "No colon in address\n");
874
exitcode = EXIT_FAILURE;
878
uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
880
perror("Bad port number");
881
exitcode = EXIT_FAILURE;
885
address = connect_to;
886
ret = start_mandos_communication(address, port, if_index, &mc);
888
exitcode = EXIT_FAILURE;
890
exitcode = EXIT_SUCCESS;
895
/* If the interface is down, bring it up */
897
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
900
exitcode = EXIT_FAILURE;
903
strcpy(network.ifr_name, interface); /* Spurious warning */
904
ret = ioctl(sd, SIOCGIFFLAGS, &network);
906
perror("ioctl SIOCGIFFLAGS");
907
exitcode = EXIT_FAILURE;
910
if((network.ifr_flags & IFF_UP) == 0){
911
network.ifr_flags |= IFF_UP;
912
ret = ioctl(sd, SIOCSIFFLAGS, &network);
914
perror("ioctl SIOCSIFFLAGS");
915
exitcode = EXIT_FAILURE;
662
923
avahi_set_log_function(empty_log);
665
/* Initialize the psuedo-RNG */
926
/* Initialize the pseudo-RNG for Avahi */
666
927
srand((unsigned int) time(NULL));
668
/* Allocate main loop object */
669
if (!(simple_poll = avahi_simple_poll_new())) {
670
fprintf(stderr, "Failed to create simple poll object.\n");
675
/* Do not publish any local records */
676
avahi_server_config_init(&config);
677
config.publish_hinfo = 0;
678
config.publish_addresses = 0;
679
config.publish_workstation = 0;
680
config.publish_domain = 0;
682
/* Allocate a new server */
683
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
684
&config, NULL, NULL, &error);
686
/* Free the configuration data */
687
avahi_server_config_free(&config);
689
/* Check if creating the server object succeeded */
691
fprintf(stderr, "Failed to create server: %s\n",
929
/* Allocate main Avahi loop object */
930
mc.simple_poll = avahi_simple_poll_new();
931
if (mc.simple_poll == NULL) {
932
fprintf(stderr, "Avahi: Failed to create simple poll"
934
exitcode = EXIT_FAILURE;
939
AvahiServerConfig config;
940
/* Do not publish any local Zeroconf records */
941
avahi_server_config_init(&config);
942
config.publish_hinfo = 0;
943
config.publish_addresses = 0;
944
config.publish_workstation = 0;
945
config.publish_domain = 0;
947
/* Allocate a new server */
948
mc.server = avahi_server_new(avahi_simple_poll_get
949
(mc.simple_poll), &config, NULL,
952
/* Free the Avahi configuration data */
953
avahi_server_config_free(&config);
956
/* Check if creating the Avahi server object succeeded */
957
if (mc.server == NULL) {
958
fprintf(stderr, "Failed to create Avahi server: %s\n",
692
959
avahi_strerror(error));
693
returncode = EXIT_FAILURE;
960
exitcode = EXIT_FAILURE;
697
/* Create the service browser */
698
sb = avahi_s_service_browser_new(server,
700
if_nametoindex(interface),
964
/* Create the Avahi service browser */
965
sb = avahi_s_service_browser_new(mc.server, if_index,
701
966
AVAHI_PROTO_INET6,
702
967
"_mandos._tcp", NULL, 0,
703
browse_callback, server);
968
browse_callback, &mc);
705
970
fprintf(stderr, "Failed to create service browser: %s\n",
706
avahi_strerror(avahi_server_errno(server)));
707
returncode = EXIT_FAILURE;
971
avahi_strerror(avahi_server_errno(mc.server)));
972
exitcode = EXIT_FAILURE;
711
976
/* Run the main loop */
714
fprintf(stderr, "Starting avahi loop search\n");
979
fprintf(stderr, "Starting Avahi loop search\n");
717
avahi_simple_poll_loop(simple_poll);
982
avahi_simple_poll_loop(mc.simple_poll);
722
987
fprintf(stderr, "%s exiting\n", argv[0]);
725
990
/* Cleanup things */
727
992
avahi_s_service_browser_free(sb);
730
avahi_server_free(server);
733
avahi_simple_poll_free(simple_poll);
994
if (mc.server != NULL)
995
avahi_server_free(mc.server);
997
if (mc.simple_poll != NULL)
998
avahi_simple_poll_free(mc.simple_poll);