To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 263
- compare with another revision
- download diff
- download tarball
- view history from revision 263
- Committer: Teddy Hogeborn
- Date: 2009-01-12 22:02:33 UTC
- Revision ID: teddy@fukt.bsnet.se-20090112220233-lawxo4uvyzb38u1f
* README (The Plugin System): Removed redundant text about options and
files for the plugins, this is now
documented in the manuals for the
plugins.
* plugins.d/mandos-client.c (main): Remove comment which was copied
from another program by mistake.
Use "sscanf" instead of "strtol"
to parse numbers; this uses the
correct type instead of casting.
Don't report errors when removing
temporary directory if directory
is already gone.
files for the plugins, this is now
documented in the manuals for the
plugins.
* plugins.d/mandos-client.c (main): Remove comment which was copied
from another program by mistake.
Use "sscanf" instead of "strtol"
to parse numbers; this uses the
correct type instead of casting.
Don't report errors when removing
temporary directory if directory
is already gone.
- files removed:
- debian/watch
- files renamed:
- mandos-ctl => mandos-list *
- files modified:
- Makefile
added
removed
plugins.d/mandos-client.c
48
48
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
49
49
sockaddr_in6, PF_INET6,
50
50
SOCK_STREAM, INET6_ADDRSTRLEN,
51
uid_t, gid_t, open(), opendir(),
52
DIR */
51
uid_t, gid_t, open(), opendir(), DIR */
53
52
#include <sys/stat.h> /* open() */
54
53
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
55
54
struct in6_addr, inet_pton(),
56
55
connect() */
57
56
#include <fcntl.h> /* open() */
58
#include <dirent.h> /* opendir(), struct dirent, readdir()
59
*/
60
#include <inttypes.h> /* PRIu16, intmax_t, SCNdMAX */
57
#include <dirent.h> /* opendir(), struct dirent, readdir() */
58
#include <inttypes.h> /* PRIu16, SCNu16 */
61
59
#include <assert.h> /* assert() */
62
60
#include <errno.h> /* perror(), errno */
63
61
#include <time.h> /* time() */
92
90
gnutls_*
93
91
init_gnutls_session(),
94
92
GNUTLS_* */
95
#include <gnutls/openpgp.h>
96
/* gnutls_certificate_set_openpgp_key_file(),
93
#include <gnutls/openpgp.h> /* gnutls_certificate_set_openpgp_key_file(),
97
94
GNUTLS_OPENPGP_FMT_BASE64 */
98
95
99
96
/* GPGME */
132
129
*/
133
130
size_t adjustbuffer(char **buffer, size_t buffer_length,
134
131
size_t buffer_capacity){
135
if(buffer_length + BUFFER_SIZE > buffer_capacity){
132
if (buffer_length + BUFFER_SIZE > buffer_capacity){
136
133
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
137
if(buffer == NULL){
134
if (buffer == NULL){
138
135
return 0;
139
136
}
140
137
buffer_capacity += BUFFER_SIZE;
166
163
}
167
164
168
165
rc = gpgme_data_new_from_fd(&pgp_data, fd);
169
if(rc != GPG_ERR_NO_ERROR){
166
if (rc != GPG_ERR_NO_ERROR){
170
167
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
171
168
gpgme_strsource(rc), gpgme_strerror(rc));
172
169
return false;
173
170
}
174
171
175
172
rc = gpgme_op_import(mc->ctx, pgp_data);
176
if(rc != GPG_ERR_NO_ERROR){
173
if (rc != GPG_ERR_NO_ERROR){
177
174
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
178
175
gpgme_strsource(rc), gpgme_strerror(rc));
179
176
return false;
187
184
return true;
188
185
}
189
186
190
if(debug){
187
if (debug){
191
188
fprintf(stderr, "Initialize gpgme\n");
192
189
}
193
190
194
191
/* Init GPGME */
195
192
gpgme_check_version(NULL);
196
193
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
197
if(rc != GPG_ERR_NO_ERROR){
194
if (rc != GPG_ERR_NO_ERROR){
198
195
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
199
196
gpgme_strsource(rc), gpgme_strerror(rc));
200
197
return false;
201
198
}
202
199
203
200
/* Set GPGME home directory for the OpenPGP engine only */
204
rc = gpgme_get_engine_info(&engine_info);
205
if(rc != GPG_ERR_NO_ERROR){
201
rc = gpgme_get_engine_info (&engine_info);
202
if (rc != GPG_ERR_NO_ERROR){
206
203
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
207
204
gpgme_strsource(rc), gpgme_strerror(rc));
208
205
return false;
222
219
223
220
/* Create new GPGME "context" */
224
221
rc = gpgme_new(&(mc->ctx));
225
if(rc != GPG_ERR_NO_ERROR){
222
if (rc != GPG_ERR_NO_ERROR){
226
223
fprintf(stderr, "bad gpgme_new: %s: %s\n",
227
224
gpgme_strsource(rc), gpgme_strerror(rc));
228
225
return false;
229
226
}
230
227
231
if(not import_key(pubkey) or not import_key(seckey)){
228
if (not import_key(pubkey) or not import_key(seckey)){
232
229
return false;
233
230
}
234
231
239
236
* Decrypt OpenPGP data.
240
237
* Returns -1 on error
241
238
*/
242
static ssize_t pgp_packet_decrypt(const mandos_context *mc,
243
const char *cryptotext,
244
size_t crypto_size,
245
char **plaintext){
239
static ssize_t pgp_packet_decrypt (const mandos_context *mc,
240
const char *cryptotext,
241
size_t crypto_size,
242
char **plaintext){
246
243
gpgme_data_t dh_crypto, dh_plain;
247
244
gpgme_error_t rc;
248
245
ssize_t ret;
249
246
size_t plaintext_capacity = 0;
250
247
ssize_t plaintext_length = 0;
251
248
252
if(debug){
249
if (debug){
253
250
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
254
251
}
255
252
256
253
/* Create new GPGME data buffer from memory cryptotext */
257
254
rc = gpgme_data_new_from_mem(&dh_crypto, cryptotext, crypto_size,
258
255
0);
259
if(rc != GPG_ERR_NO_ERROR){
256
if (rc != GPG_ERR_NO_ERROR){
260
257
fprintf(stderr, "bad gpgme_data_new_from_mem: %s: %s\n",
261
258
gpgme_strsource(rc), gpgme_strerror(rc));
262
259
return -1;
264
261
265
262
/* Create new empty GPGME data buffer for the plaintext */
266
263
rc = gpgme_data_new(&dh_plain);
267
if(rc != GPG_ERR_NO_ERROR){
264
if (rc != GPG_ERR_NO_ERROR){
268
265
fprintf(stderr, "bad gpgme_data_new: %s: %s\n",
269
266
gpgme_strsource(rc), gpgme_strerror(rc));
270
267
gpgme_data_release(dh_crypto);
274
271
/* Decrypt data from the cryptotext data buffer to the plaintext
275
272
data buffer */
276
273
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
277
if(rc != GPG_ERR_NO_ERROR){
274
if (rc != GPG_ERR_NO_ERROR){
278
275
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
279
276
gpgme_strsource(rc), gpgme_strerror(rc));
280
277
plaintext_length = -1;
281
if(debug){
278
if (debug){
282
279
gpgme_decrypt_result_t result;
283
280
result = gpgme_op_decrypt_result(mc->ctx);
284
if(result == NULL){
281
if (result == NULL){
285
282
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
286
283
} else {
287
284
fprintf(stderr, "Unsupported algorithm: %s\n",
314
311
}
315
312
316
313
/* Seek back to the beginning of the GPGME plaintext data buffer */
317
if(gpgme_data_seek(dh_plain, (off_t)0, SEEK_SET) == -1){
314
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
318
315
perror("gpgme_data_seek");
319
316
plaintext_length = -1;
320
317
goto decrypt_end;
325
322
plaintext_capacity = adjustbuffer(plaintext,
326
323
(size_t)plaintext_length,
327
324
plaintext_capacity);
328
if(plaintext_capacity == 0){
325
if (plaintext_capacity == 0){
329
326
perror("adjustbuffer");
330
327
plaintext_length = -1;
331
328
goto decrypt_end;
334
331
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
335
332
BUFFER_SIZE);
336
333
/* Print the data, if any */
337
if(ret == 0){
334
if (ret == 0){
338
335
/* EOF */
339
336
break;
340
337
}
364
361
return plaintext_length;
365
362
}
366
363
367
static const char * safer_gnutls_strerror(int value) {
368
const char *ret = gnutls_strerror(value); /* Spurious warning from
369
-Wunreachable-code */
370
if(ret == NULL)
364
static const char * safer_gnutls_strerror (int value) {
365
const char *ret = gnutls_strerror (value); /* Spurious warning */
366
if (ret == NULL)
371
367
ret = "(unknown)";
372
368
return ret;
373
369
}
388
384
}
389
385
390
386
ret = gnutls_global_init();
391
if(ret != GNUTLS_E_SUCCESS) {
392
fprintf(stderr, "GnuTLS global_init: %s\n",
393
safer_gnutls_strerror(ret));
387
if (ret != GNUTLS_E_SUCCESS) {
388
fprintf (stderr, "GnuTLS global_init: %s\n",
389
safer_gnutls_strerror(ret));
394
390
return -1;
395
391
}
396
392
397
if(debug){
393
if (debug){
398
394
/* "Use a log level over 10 to enable all debugging options."
399
395
* - GnuTLS manual
400
396
*/
404
400
405
401
/* OpenPGP credentials */
406
402
gnutls_certificate_allocate_credentials(&mc->cred);
407
if(ret != GNUTLS_E_SUCCESS){
408
fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning
409
* from
410
* -Wunreachable-code
411
*/
412
safer_gnutls_strerror(ret));
413
gnutls_global_deinit();
403
if (ret != GNUTLS_E_SUCCESS){
404
fprintf (stderr, "GnuTLS memory error: %s\n", /* Spurious
405
warning */
406
safer_gnutls_strerror(ret));
407
gnutls_global_deinit ();
414
408
return -1;
415
409
}
416
410
423
417
ret = gnutls_certificate_set_openpgp_key_file
424
418
(mc->cred, pubkeyfilename, seckeyfilename,
425
419
GNUTLS_OPENPGP_FMT_BASE64);
426
if(ret != GNUTLS_E_SUCCESS) {
420
if (ret != GNUTLS_E_SUCCESS) {
427
421
fprintf(stderr,
428
422
"Error[%d] while reading the OpenPGP key pair ('%s',"
429
423
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
434
428
435
429
/* GnuTLS server initialization */
436
430
ret = gnutls_dh_params_init(&mc->dh_params);
437
if(ret != GNUTLS_E_SUCCESS) {
438
fprintf(stderr, "Error in GnuTLS DH parameter initialization:"
439
" %s\n", safer_gnutls_strerror(ret));
431
if (ret != GNUTLS_E_SUCCESS) {
432
fprintf (stderr, "Error in GnuTLS DH parameter initialization:"
433
" %s\n", safer_gnutls_strerror(ret));
440
434
goto globalfail;
441
435
}
442
436
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
443
if(ret != GNUTLS_E_SUCCESS) {
444
fprintf(stderr, "Error in GnuTLS prime generation: %s\n",
445
safer_gnutls_strerror(ret));
437
if (ret != GNUTLS_E_SUCCESS) {
438
fprintf (stderr, "Error in GnuTLS prime generation: %s\n",
439
safer_gnutls_strerror(ret));
446
440
goto globalfail;
447
441
}
448
442
463
457
int ret;
464
458
/* GnuTLS session creation */
465
459
ret = gnutls_init(session, GNUTLS_SERVER);
466
if(ret != GNUTLS_E_SUCCESS){
460
if (ret != GNUTLS_E_SUCCESS){
467
461
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
468
462
safer_gnutls_strerror(ret));
469
463
}
471
465
{
472
466
const char *err;
473
467
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
474
if(ret != GNUTLS_E_SUCCESS) {
468
if (ret != GNUTLS_E_SUCCESS) {
475
469
fprintf(stderr, "Syntax error at: %s\n", err);
476
470
fprintf(stderr, "GnuTLS error: %s\n",
477
471
safer_gnutls_strerror(ret));
478
gnutls_deinit(*session);
472
gnutls_deinit (*session);
479
473
return -1;
480
474
}
481
475
}
482
476
483
477
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
484
478
mc->cred);
485
if(ret != GNUTLS_E_SUCCESS) {
479
if (ret != GNUTLS_E_SUCCESS) {
486
480
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
487
481
safer_gnutls_strerror(ret));
488
gnutls_deinit(*session);
482
gnutls_deinit (*session);
489
483
return -1;
490
484
}
491
485
492
486
/* ignore client certificate if any. */
493
gnutls_certificate_server_set_request(*session,
494
GNUTLS_CERT_IGNORE);
487
gnutls_certificate_server_set_request (*session,
488
GNUTLS_CERT_IGNORE);
495
489
496
gnutls_dh_set_prime_bits(*session, mc->dh_bits);
490
gnutls_dh_set_prime_bits (*session, mc->dh_bits);
497
491
498
492
return 0;
499
493
}
519
513
char interface[IF_NAMESIZE];
520
514
gnutls_session_t session;
521
515
522
ret = init_gnutls_session(mc, &session);
523
if(ret != 0){
516
ret = init_gnutls_session (mc, &session);
517
if (ret != 0){
524
518
return -1;
525
519
}
526
520
548
542
/* It would be nice to have a way to detect if we were passed an
549
543
IPv4 address here. Now we assume an IPv6 address. */
550
544
ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
551
if(ret < 0 ){
545
if (ret < 0 ){
552
546
perror("inet_pton");
553
547
return -1;
554
548
}
556
550
fprintf(stderr, "Bad address: %s\n", ip);
557
551
return -1;
558
552
}
559
to.in6.sin6_port = htons(port); /* Spurious warnings from
560
-Wconversion and
561
-Wunreachable-code */
553
to.in6.sin6_port = htons(port); /* Spurious warning */
562
554
563
555
to.in6.sin6_scope_id = (uint32_t)if_index;
564
556
577
569
}
578
570
579
571
ret = connect(tcp_sd, &to.in, sizeof(to));
580
if(ret < 0){
572
if (ret < 0){
581
573
perror("connect");
582
574
return -1;
583
575
}
584
576
585
577
const char *out = mandos_protocol_version;
586
578
written = 0;
587
while(true){
579
while (true){
588
580
size_t out_size = strlen(out);
589
581
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
590
582
out_size - written));
591
if(ret == -1){
583
if (ret == -1){
592
584
perror("write");
593
585
retval = -1;
594
586
goto mandos_end;
597
589
if(written < out_size){
598
590
continue;
599
591
} else {
600
if(out == mandos_protocol_version){
592
if (out == mandos_protocol_version){
601
593
written = 0;
602
594
out = "\r\n";
603
595
} else {
610
602
fprintf(stderr, "Establishing TLS session with %s\n", ip);
611
603
}
612
604
613
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);
605
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
614
606
615
607
do{
616
ret = gnutls_handshake(session);
608
ret = gnutls_handshake (session);
617
609
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
618
610
619
if(ret != GNUTLS_E_SUCCESS){
611
if (ret != GNUTLS_E_SUCCESS){
620
612
if(debug){
621
613
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
622
gnutls_perror(ret);
614
gnutls_perror (ret);
623
615
}
624
616
retval = -1;
625
617
goto mandos_end;
635
627
while(true){
636
628
buffer_capacity = adjustbuffer(&buffer, buffer_length,
637
629
buffer_capacity);
638
if(buffer_capacity == 0){
630
if (buffer_capacity == 0){
639
631
perror("adjustbuffer");
640
632
retval = -1;
641
633
goto mandos_end;
643
635
644
636
sret = gnutls_record_recv(session, buffer+buffer_length,
645
637
BUFFER_SIZE);
646
if(sret == 0){
638
if (sret == 0){
647
639
break;
648
640
}
649
if(sret < 0){
641
if (sret < 0){
650
642
switch(sret){
651
643
case GNUTLS_E_INTERRUPTED:
652
644
case GNUTLS_E_AGAIN:
653
645
break;
654
646
case GNUTLS_E_REHANDSHAKE:
655
647
do{
656
ret = gnutls_handshake(session);
648
ret = gnutls_handshake (session);
657
649
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
658
if(ret < 0){
650
if (ret < 0){
659
651
fprintf(stderr, "*** GnuTLS Re-handshake failed ***\n");
660
gnutls_perror(ret);
652
gnutls_perror (ret);
661
653
retval = -1;
662
654
goto mandos_end;
663
655
}
666
658
fprintf(stderr, "Unknown error while reading data from"
667
659
" encrypted session with Mandos server\n");
668
660
retval = -1;
669
gnutls_bye(session, GNUTLS_SHUT_RDWR);
661
gnutls_bye (session, GNUTLS_SHUT_RDWR);
670
662
goto mandos_end;
671
663
}
672
664
} else {
678
670
fprintf(stderr, "Closing TLS session\n");
679
671
}
680
672
681
gnutls_bye(session, GNUTLS_SHUT_RDWR);
673
gnutls_bye (session, GNUTLS_SHUT_RDWR);
682
674
683
if(buffer_length > 0){
675
if (buffer_length > 0){
684
676
decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,
685
677
buffer_length,
686
678
&decrypted_buffer);
687
if(decrypted_buffer_size >= 0){
679
if (decrypted_buffer_size >= 0){
688
680
written = 0;
689
681
while(written < (size_t) decrypted_buffer_size){
690
ret = (int)fwrite(decrypted_buffer + written, 1,
691
(size_t)decrypted_buffer_size - written,
692
stdout);
682
ret = (int)fwrite (decrypted_buffer + written, 1,
683
(size_t)decrypted_buffer_size - written,
684
stdout);
693
685
if(ret == 0 and ferror(stdout)){
694
686
if(debug){
695
687
fprintf(stderr, "Error writing encrypted data: %s\n",
716
708
if(ret == -1){
717
709
perror("close");
718
710
}
719
gnutls_deinit(session);
711
gnutls_deinit (session);
720
712
return retval;
721
713
}
722
714
740
732
/* Called whenever a service has been resolved successfully or
741
733
timed out */
742
734
743
switch(event) {
735
switch (event) {
744
736
default:
745
737
case AVAHI_RESOLVER_FAILURE:
746
738
fprintf(stderr, "(Avahi Resolver) Failed to resolve service '%s'"
754
746
avahi_address_snprint(ip, sizeof(ip), address);
755
747
if(debug){
756
748
fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"
757
PRIdMAX ") on port %" PRIu16 "\n", name, host_name,
758
ip, (intmax_t)interface, port);
749
PRIu16 ") on port %d\n", name, host_name, ip,
750
interface, port);
759
751
}
760
752
int ret = start_mandos_communication(ip, port, interface, mc);
761
if(ret == 0){
753
if (ret == 0){
762
754
avahi_simple_poll_quit(mc->simple_poll);
763
755
}
764
756
}
782
774
/* Called whenever a new services becomes available on the LAN or
783
775
is removed from the LAN */
784
776
785
switch(event) {
777
switch (event) {
786
778
default:
787
779
case AVAHI_BROWSER_FAILURE:
788
780
797
789
the callback function is called the Avahi server will free the
798
790
resolver for us. */
799
791
800
if(!(avahi_s_service_resolver_new(mc->server, interface,
792
if (!(avahi_s_service_resolver_new(mc->server, interface,
801
793
protocol, name, type, domain,
802
794
AVAHI_PROTO_INET6, 0,
803
795
resolve_callback, mc)))
821
813
AvahiSServiceBrowser *sb = NULL;
822
814
int error;
823
815
int ret;
824
intmax_t tmpmax;
825
int numchars;
826
816
int exitcode = EXIT_SUCCESS;
827
817
const char *interface = "eth0";
828
818
struct ifreq network;
874
864
{ .name = NULL }
875
865
};
876
866
877
error_t parse_opt(int key, char *arg,
878
struct argp_state *state) {
879
switch(key) {
867
error_t parse_opt (int key, char *arg,
868
struct argp_state *state) {
869
switch (key) {
880
870
case 128: /* --debug */
881
871
debug = true;
882
872
break;
893
883
pubkey = arg;
894
884
break;
895
885
case 129: /* --dh-bits */
896
ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);
897
if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax
898
or arg[numchars] != '\0'){
886
ret = sscanf(arg, "%u", &mc.dh_bits);
887
if(ret == 0 or mc.dh_bits == 0){
899
888
fprintf(stderr, "Bad number of DH bits\n");
900
889
exit(EXIT_FAILURE);
901
890
}
902
mc.dh_bits = (typeof(mc.dh_bits))tmpmax;
903
891
break;
904
892
case 130: /* --priority */
905
893
mc.priority = arg;
906
894
break;
907
895
case ARGP_KEY_ARG:
908
argp_usage(state);
896
argp_usage (state);
909
897
case ARGP_KEY_END:
910
898
break;
911
899
default:
918
906
.args_doc = "",
919
907
.doc = "Mandos client -- Get and decrypt"
920
908
" passwords from a Mandos server" };
921
ret = argp_parse(&argp, argc, argv, 0, 0, NULL);
922
if(ret == ARGP_ERR_UNKNOWN){
909
ret = argp_parse (&argp, argc, argv, 0, 0, NULL);
910
if (ret == ARGP_ERR_UNKNOWN){
923
911
fprintf(stderr, "Unknown error while parsing arguments\n");
924
912
exitcode = EXIT_FAILURE;
925
913
goto end;
960
948
gid = getgid();
961
949
962
950
ret = setuid(uid);
963
if(ret == -1){
951
if (ret == -1){
964
952
perror("setuid");
965
953
}
966
954
967
955
setgid(gid);
968
if(ret == -1){
956
if (ret == -1){
969
957
perror("setgid");
970
958
}
971
959
972
960
ret = init_gnutls_global(&mc, pubkey, seckey);
973
if(ret == -1){
961
if (ret == -1){
974
962
fprintf(stderr, "init_gnutls_global failed\n");
975
963
exitcode = EXIT_FAILURE;
976
964
goto end;
1008
996
goto end;
1009
997
}
1010
998
uint16_t port;
1011
ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);
1012
if(ret < 1 or tmpmax != (uint16_t)tmpmax
1013
or address[numchars+1] != '\0'){
999
ret = sscanf(address+1, "%" SCNu16, &port);
1000
if(ret == 0 or port == 0){
1014
1001
fprintf(stderr, "Bad port number\n");
1015
1002
exitcode = EXIT_FAILURE;
1016
1003
goto end;
1017
1004
}
1018
port = (uint16_t)tmpmax;
1019
1005
*address = '\0';
1020
1006
address = connect_to;
1021
1007
ret = start_mandos_communication(address, port, if_index, &mc);
1027
1013
goto end;
1028
1014
}
1029
1015
1030
if(not debug){
1016
if (not debug){
1031
1017
avahi_set_log_function(empty_log);
1032
1018
}
1033
1019
1036
1022
1037
1023
/* Allocate main Avahi loop object */
1038
1024
mc.simple_poll = avahi_simple_poll_new();
1039
if(mc.simple_poll == NULL) {
1025
if (mc.simple_poll == NULL) {
1040
1026
fprintf(stderr, "Avahi: Failed to create simple poll"
1041
1027
" object.\n");
1042
1028
exitcode = EXIT_FAILURE;
1062
1048
}
1063
1049
1064
1050
/* Check if creating the Avahi server object succeeded */
1065
if(mc.server == NULL) {
1051
if (mc.server == NULL) {
1066
1052
fprintf(stderr, "Failed to create Avahi server: %s\n",
1067
1053
avahi_strerror(error));
1068
1054
exitcode = EXIT_FAILURE;
1074
1060
AVAHI_PROTO_INET6,
1075
1061
"_mandos._tcp", NULL, 0,
1076
1062
browse_callback, &mc);
1077
if(sb == NULL) {
1063
if (sb == NULL) {
1078
1064
fprintf(stderr, "Failed to create service browser: %s\n",
1079
1065
avahi_strerror(avahi_server_errno(mc.server)));
1080
1066
exitcode = EXIT_FAILURE;
1083
1069
1084
1070
/* Run the main loop */
1085
1071
1086
if(debug){
1072
if (debug){
1087
1073
fprintf(stderr, "Starting Avahi loop search\n");
1088
1074
}
1089
1075
1091
1077
1092
1078
end:
1093
1079
1094
if(debug){
1080
if (debug){
1095
1081
fprintf(stderr, "%s exiting\n", argv[0]);
1096
1082
}
1097
1083
1098
1084
/* Cleanup things */
1099
if(sb != NULL)
1085
if (sb != NULL)
1100
1086
avahi_s_service_browser_free(sb);
1101
1087
1102
if(mc.server != NULL)
1088
if (mc.server != NULL)
1103
1089
avahi_server_free(mc.server);
1104
1090
1105
if(mc.simple_poll != NULL)
1091
if (mc.simple_poll != NULL)
1106
1092
avahi_simple_poll_free(mc.simple_poll);
1107
1093
1108
if(gnutls_initalized){
1094
if (gnutls_initalized){
1109
1095
gnutls_certificate_free_credentials(mc.cred);
1110
gnutls_global_deinit();
1096
gnutls_global_deinit ();
1111
1097
gnutls_dh_params_deinit(mc.dh_params);
1112
1098
}
1113
1099
1130
1116
if(direntry == NULL){
1131
1117
break;
1132
1118
}
1133
if(direntry->d_type == DT_REG){
1119
if (direntry->d_type == DT_REG){
1134
1120
char *fullname = NULL;
1135
1121
ret = asprintf(&fullname, "%s/%s", tempdir,
1136
1122
direntry->d_name);
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0