64
59
#include <string.h> /* memset */
65
60
#include <arpa/inet.h> /* inet_pton() */
66
61
#include <iso646.h> /* not */
67
#include <net/if.h> /* IF_NAMESIZE */
68
#include <argp.h> /* struct argp_option,
69
struct argp_state, struct argp,
72
64
#include <errno.h> /* perror() */
71
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
73
#define CERTFILE CERT_ROOT "openpgp-client.txt"
74
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
75
75
#define BUFFER_SIZE 256
77
78
bool debug = false;
78
static const char *keydir = "/conf/conf.d/mandos";
79
const char *argp_program_version = "mandosclient 0.9";
80
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
81
static const char mandos_protocol_version[] = "1";
83
/* Used for passing in values through the Avahi callback functions */
85
AvahiSimplePoll *simple_poll;
81
gnutls_session_t session;
87
82
gnutls_certificate_credentials_t cred;
89
83
gnutls_dh_params_t dh_params;
93
/* Make room in "buffer" for at least BUFFER_SIZE additional bytes.
94
* "buffer_capacity" is how much is currently allocated,
95
* "buffer_length" is how much is already used. */
96
size_t adjustbuffer(char **buffer, size_t buffer_length,
97
size_t buffer_capacity){
98
if (buffer_length + BUFFER_SIZE > buffer_capacity){
99
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
103
buffer_capacity += BUFFER_SIZE;
105
return buffer_capacity;
109
* Decrypt OpenPGP data using keyrings in HOMEDIR.
110
* Returns -1 on error
112
static ssize_t pgp_packet_decrypt (const char *cryptotext,
115
const char *homedir){
87
ssize_t pgp_packet_decrypt (char *packet, size_t packet_size,
88
char **new_packet, const char *homedir){
116
89
gpgme_data_t dh_crypto, dh_plain;
120
size_t plaintext_capacity = 0;
121
ssize_t plaintext_length = 0;
93
ssize_t new_packet_capacity = 0;
94
ssize_t new_packet_length = 0;
122
95
gpgme_engine_info_t engine_info;
125
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
98
fprintf(stderr, "Trying to decrypt OpenPGP packet\n");
129
102
gpgme_check_version(NULL);
130
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
131
if (rc != GPG_ERR_NO_ERROR){
132
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
133
gpgme_strsource(rc), gpgme_strerror(rc));
103
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
137
/* Set GPGME home directory for the OpenPGP engine only */
105
/* Set GPGME home directory */
138
106
rc = gpgme_get_engine_info (&engine_info);
139
107
if (rc != GPG_ERR_NO_ERROR){
140
108
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
191
/* Delete the GPGME FILE pointer cryptotext data buffer */
192
gpgme_data_release(dh_crypto);
227
194
/* Seek back to the beginning of the GPGME plaintext data buffer */
228
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
229
perror("pgpme_data_seek");
230
plaintext_length = -1;
195
gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET);
236
plaintext_capacity = adjustbuffer(plaintext,
237
(size_t)plaintext_length,
239
if (plaintext_capacity == 0){
240
perror("adjustbuffer");
241
plaintext_length = -1;
199
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
200
*new_packet = realloc(*new_packet,
201
(unsigned int)new_packet_capacity
203
if (*new_packet == NULL){
207
new_packet_capacity += BUFFER_SIZE;
245
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
210
ret = gpgme_data_read(dh_plain, *new_packet + new_packet_length,
247
212
/* Print the data, if any */
253
217
perror("gpgme_data_read");
254
plaintext_length = -1;
257
plaintext_length += ret;
220
new_packet_length += ret;
261
fprintf(stderr, "Decrypted password is: ");
262
for(ssize_t i = 0; i < plaintext_length; i++){
263
fprintf(stderr, "%02hhX ", (*plaintext)[i]);
265
fprintf(stderr, "\n");
270
/* Delete the GPGME cryptotext data buffer */
271
gpgme_data_release(dh_crypto);
223
/* FIXME: check characters before printing to screen so to not print
224
terminal control characters */
226
/* fprintf(stderr, "decrypted password is: "); */
227
/* fwrite(*new_packet, 1, new_packet_length, stderr); */
228
/* fprintf(stderr, "\n"); */
273
231
/* Delete the GPGME plaintext data buffer */
274
232
gpgme_data_release(dh_plain);
275
return plaintext_length;
233
return new_packet_length;
278
236
static const char * safer_gnutls_strerror (int value) {
285
/* GnuTLS log function callback */
286
static void debuggnutls(__attribute__((unused)) int level,
288
fprintf(stderr, "GnuTLS: %s", string);
243
void debuggnutls(__attribute__((unused)) int level,
245
fprintf(stderr, "%s", string);
291
static int init_gnutls_global(mandos_context *mc,
292
const char *pubkeyfile,
293
const char *seckeyfile){
248
int initgnutls(encrypted_session *es){
297
253
fprintf(stderr, "Initializing GnuTLS\n");
300
256
if ((ret = gnutls_global_init ())
301
257
!= GNUTLS_E_SUCCESS) {
302
fprintf (stderr, "GnuTLS global_init: %s\n",
303
safer_gnutls_strerror(ret));
258
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
308
/* "Use a log level over 10 to enable all debugging options."
311
263
gnutls_global_set_log_level(11);
312
264
gnutls_global_set_log_function(debuggnutls);
315
/* OpenPGP credentials */
316
if ((ret = gnutls_certificate_allocate_credentials (&mc->cred))
267
/* openpgp credentials */
268
if ((ret = gnutls_certificate_allocate_credentials (&es->cred))
317
269
!= GNUTLS_E_SUCCESS) {
318
fprintf (stderr, "GnuTLS memory error: %s\n",
270
fprintf (stderr, "memory error: %s\n",
319
271
safer_gnutls_strerror(ret));
324
276
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
325
" and keyfile %s as GnuTLS credentials\n", pubkeyfile,
277
" and keyfile %s as GnuTLS credentials\n", CERTFILE,
329
281
ret = gnutls_certificate_set_openpgp_key_file
330
(mc->cred, pubkeyfile, seckeyfile, GNUTLS_OPENPGP_FMT_BASE64);
282
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
331
283
if (ret != GNUTLS_E_SUCCESS) {
333
"Error[%d] while reading the OpenPGP key pair ('%s',"
334
" '%s')\n", ret, pubkeyfile, seckeyfile);
335
fprintf(stdout, "The GnuTLS error is: %s\n",
285
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
287
ret, CERTFILE, KEYFILE);
288
fprintf(stdout, "The Error is: %s\n",
336
289
safer_gnutls_strerror(ret));
340
/* GnuTLS server initialization */
341
ret = gnutls_dh_params_init(&mc->dh_params);
342
if (ret != GNUTLS_E_SUCCESS) {
343
fprintf (stderr, "Error in GnuTLS DH parameter initialization:"
344
" %s\n", safer_gnutls_strerror(ret));
347
ret = gnutls_dh_params_generate2(mc->dh_params, mc->dh_bits);
348
if (ret != GNUTLS_E_SUCCESS) {
349
fprintf (stderr, "Error in GnuTLS prime generation: %s\n",
350
safer_gnutls_strerror(ret));
354
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
359
static int init_gnutls_session(mandos_context *mc,
360
gnutls_session_t *session){
362
/* GnuTLS session creation */
363
ret = gnutls_init(session, GNUTLS_SERVER);
364
if (ret != GNUTLS_E_SUCCESS){
293
//GnuTLS server initialization
294
if ((ret = gnutls_dh_params_init (&es->dh_params))
295
!= GNUTLS_E_SUCCESS) {
296
fprintf (stderr, "Error in dh parameter initialization: %s\n",
297
safer_gnutls_strerror(ret));
301
if ((ret = gnutls_dh_params_generate2 (es->dh_params, DH_BITS))
302
!= GNUTLS_E_SUCCESS) {
303
fprintf (stderr, "Error in prime generation: %s\n",
304
safer_gnutls_strerror(ret));
308
gnutls_certificate_set_dh_params (es->cred, es->dh_params);
310
// GnuTLS session creation
311
if ((ret = gnutls_init (&es->session, GNUTLS_SERVER))
312
!= GNUTLS_E_SUCCESS){
365
313
fprintf(stderr, "Error in GnuTLS session initialization: %s\n",
366
314
safer_gnutls_strerror(ret));
371
ret = gnutls_priority_set_direct(*session, mc->priority, &err);
372
if (ret != GNUTLS_E_SUCCESS) {
373
fprintf(stderr, "Syntax error at: %s\n", err);
374
fprintf(stderr, "GnuTLS error: %s\n",
375
safer_gnutls_strerror(ret));
317
if ((ret = gnutls_priority_set_direct (es->session, "NORMAL", &err))
318
!= GNUTLS_E_SUCCESS) {
319
fprintf(stderr, "Syntax error at: %s\n", err);
320
fprintf(stderr, "GnuTLS error: %s\n",
321
safer_gnutls_strerror(ret));
380
ret = gnutls_credentials_set(*session, GNUTLS_CRD_CERTIFICATE,
382
if (ret != GNUTLS_E_SUCCESS) {
383
fprintf(stderr, "Error setting GnuTLS credentials: %s\n",
325
if ((ret = gnutls_credentials_set
326
(es->session, GNUTLS_CRD_CERTIFICATE, es->cred))
327
!= GNUTLS_E_SUCCESS) {
328
fprintf(stderr, "Error setting a credentials set: %s\n",
384
329
safer_gnutls_strerror(ret));
388
333
/* ignore client certificate if any. */
389
gnutls_certificate_server_set_request (*session,
334
gnutls_certificate_server_set_request (es->session,
390
335
GNUTLS_CERT_IGNORE);
392
gnutls_dh_set_prime_bits (*session, mc->dh_bits);
337
gnutls_dh_set_prime_bits (es->session, DH_BITS);
397
/* Avahi log function callback */
398
static void empty_log(__attribute__((unused)) AvahiLogLevel level,
399
__attribute__((unused)) const char *txt){}
342
void empty_log(__attribute__((unused)) AvahiLogLevel level,
343
__attribute__((unused)) const char *txt){}
401
/* Called when a Mandos server is found */
402
static int start_mandos_communication(const char *ip, uint16_t port,
403
AvahiIfIndex if_index,
345
int start_mandos_communication(const char *ip, uint16_t port,
346
unsigned int if_index){
406
union { struct sockaddr in; struct sockaddr_in6 in6; } to;
348
struct sockaddr_in6 to;
349
encrypted_session es;
407
350
char *buffer = NULL;
408
351
char *decrypted_buffer;
409
352
size_t buffer_length = 0;
410
353
size_t buffer_capacity = 0;
411
354
ssize_t decrypted_buffer_size;
414
357
char interface[IF_NAMESIZE];
415
gnutls_session_t session;
417
ret = init_gnutls_session (mc, &session);
423
360
fprintf(stderr, "Setting up a tcp connection to %s, port %d\n",
429
366
perror("socket");
434
if(if_indextoname((unsigned int)if_index, interface) == NULL){
370
if(if_indextoname(if_index, interface) == NULL){
435
372
perror("if_indextoname");
438
378
fprintf(stderr, "Binding to interface %s\n", interface);
441
381
memset(&to,0,sizeof(to)); /* Spurious warning */
442
to.in6.sin6_family = AF_INET6;
443
/* It would be nice to have a way to detect if we were passed an
444
IPv4 address here. Now we assume an IPv6 address. */
445
ret = inet_pton(AF_INET6, ip, &to.in6.sin6_addr);
382
to.sin6_family = AF_INET6;
383
ret = inet_pton(AF_INET6, ip, &to.sin6_addr);
447
385
perror("inet_pton");
451
389
fprintf(stderr, "Bad address: %s\n", ip);
454
to.in6.sin6_port = htons(port); /* Spurious warning */
392
to.sin6_port = htons(port); /* Spurious warning */
456
to.in6.sin6_scope_id = (uint32_t)if_index;
394
to.sin6_scope_id = (uint32_t)if_index;
459
397
fprintf(stderr, "Connection to: %s, port %d\n", ip, port);
460
char addrstr[INET6_ADDRSTRLEN] = "";
461
if(inet_ntop(to.in6.sin6_family, &(to.in6.sin6_addr), addrstr,
462
sizeof(addrstr)) == NULL){
465
if(strcmp(addrstr, ip) != 0){
466
fprintf(stderr, "Canonical address form: %s\n", addrstr);
398
/* char addrstr[INET6_ADDRSTRLEN]; */
399
/* if(inet_ntop(to.sin6_family, &(to.sin6_addr), addrstr, */
400
/* sizeof(addrstr)) == NULL){ */
401
/* perror("inet_ntop"); */
403
/* fprintf(stderr, "Really connecting to: %s, port %d\n", */
404
/* addrstr, ntohs(to.sin6_port)); */
471
ret = connect(tcp_sd, &to.in, sizeof(to));
408
ret = connect(tcp_sd, (struct sockaddr *) &to, sizeof(to));
473
410
perror("connect");
477
const char *out = mandos_protocol_version;
480
size_t out_size = strlen(out);
481
ret = TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
482
out_size - written));
488
written += (size_t)ret;
489
if(written < out_size){
492
if (out == mandos_protocol_version){
414
ret = initgnutls (&es);
420
gnutls_transport_set_ptr (es.session,
421
(gnutls_transport_ptr_t) tcp_sd);
502
424
fprintf(stderr, "Establishing TLS session with %s\n", ip);
505
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
507
ret = gnutls_handshake (session);
427
ret = gnutls_handshake (es.session);
509
429
if (ret != GNUTLS_E_SUCCESS){
511
fprintf(stderr, "*** GnuTLS Handshake failed ***\n");
431
fprintf(stderr, "\n*** Handshake failed ***\n");
512
432
gnutls_perror (ret);
518
/* Read OpenPGP packet that contains the wanted password */
438
//Retrieve OpenPGP packet that contains the wanted password
521
441
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
598
/* Shutdown procedure */
515
fprintf(stderr, "Closing TLS session\n");
519
gnutls_bye (es.session, GNUTLS_SHUT_RDWR);
603
gnutls_deinit (session);
604
gnutls_certificate_free_credentials (mc->cred);
522
gnutls_deinit (es.session);
523
gnutls_certificate_free_credentials (es.cred);
605
524
gnutls_global_deinit ();
609
static void resolve_callback(AvahiSServiceResolver *r,
610
AvahiIfIndex interface,
611
AVAHI_GCC_UNUSED AvahiProtocol protocol,
612
AvahiResolverEvent event,
616
const char *host_name,
617
const AvahiAddress *address,
619
AVAHI_GCC_UNUSED AvahiStringList *txt,
620
AVAHI_GCC_UNUSED AvahiLookupResultFlags
623
mandos_context *mc = userdata;
528
static AvahiSimplePoll *simple_poll = NULL;
529
static AvahiServer *server = NULL;
531
static void resolve_callback(
532
AvahiSServiceResolver *r,
533
AvahiIfIndex interface,
534
AVAHI_GCC_UNUSED AvahiProtocol protocol,
535
AvahiResolverEvent event,
539
const char *host_name,
540
const AvahiAddress *address,
542
AVAHI_GCC_UNUSED AvahiStringList *txt,
543
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
544
AVAHI_GCC_UNUSED void* userdata) {
624
546
assert(r); /* Spurious warning */
626
548
/* Called whenever a service has been resolved successfully or
651
574
avahi_s_service_resolver_free(r);
654
static void browse_callback( AvahiSServiceBrowser *b,
655
AvahiIfIndex interface,
656
AvahiProtocol protocol,
657
AvahiBrowserEvent event,
661
AVAHI_GCC_UNUSED AvahiLookupResultFlags
664
mandos_context *mc = userdata;
665
assert(b); /* Spurious warning */
667
/* Called whenever a new services becomes available on the LAN or
668
is removed from the LAN */
672
case AVAHI_BROWSER_FAILURE:
674
fprintf(stderr, "(Avahi browser) %s\n",
675
avahi_strerror(avahi_server_errno(mc->server)));
676
avahi_simple_poll_quit(mc->simple_poll);
679
case AVAHI_BROWSER_NEW:
680
/* We ignore the returned Avahi resolver object. In the callback
681
function we free it. If the Avahi server is terminated before
682
the callback function is called the Avahi server will free the
685
if (!(avahi_s_service_resolver_new(mc->server, interface,
686
protocol, name, type, domain,
687
AVAHI_PROTO_INET6, 0,
688
resolve_callback, mc)))
689
fprintf(stderr, "Avahi: Failed to resolve service '%s': %s\n",
690
name, avahi_strerror(avahi_server_errno(mc->server)));
693
case AVAHI_BROWSER_REMOVE:
696
case AVAHI_BROWSER_ALL_FOR_NOW:
697
case AVAHI_BROWSER_CACHE_EXHAUSTED:
699
fprintf(stderr, "No Mandos server found, still searching...\n");
577
static void browse_callback(
578
AvahiSServiceBrowser *b,
579
AvahiIfIndex interface,
580
AvahiProtocol protocol,
581
AvahiBrowserEvent event,
585
AVAHI_GCC_UNUSED AvahiLookupResultFlags flags,
588
AvahiServer *s = userdata;
589
assert(b); /* Spurious warning */
591
/* Called whenever a new services becomes available on the LAN or
592
is removed from the LAN */
596
case AVAHI_BROWSER_FAILURE:
598
fprintf(stderr, "(Browser) %s\n",
599
avahi_strerror(avahi_server_errno(server)));
600
avahi_simple_poll_quit(simple_poll);
603
case AVAHI_BROWSER_NEW:
604
/* We ignore the returned resolver object. In the callback
605
function we free it. If the server is terminated before
606
the callback function is called the server will free
607
the resolver for us. */
609
if (!(avahi_s_service_resolver_new(s, interface, protocol, name,
611
AVAHI_PROTO_INET6, 0,
612
resolve_callback, s)))
613
fprintf(stderr, "Failed to resolve service '%s': %s\n", name,
614
avahi_strerror(avahi_server_errno(s)));
617
case AVAHI_BROWSER_REMOVE:
620
case AVAHI_BROWSER_ALL_FOR_NOW:
621
case AVAHI_BROWSER_CACHE_EXHAUSTED:
705
/* Combines file name and path and returns the malloced new
706
string. some sane checks could/should be added */
707
static const char *combinepath(const char *first, const char *second){
708
size_t f_len = strlen(first);
709
size_t s_len = strlen(second);
710
char *tmp = malloc(f_len + s_len + 2);
715
memcpy(tmp, first, f_len); /* Spurious warning */
719
memcpy(tmp + f_len + 1, second, s_len); /* Spurious warning */
721
tmp[f_len + 1 + s_len] = '\0';
726
int main(int argc, char *argv[]){
626
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
627
AvahiServerConfig config;
727
628
AvahiSServiceBrowser *sb = NULL;
730
int exitcode = EXIT_SUCCESS;
631
int returncode = EXIT_SUCCESS;
731
632
const char *interface = "eth0";
732
struct ifreq network;
633
unsigned int if_index;
736
634
char *connect_to = NULL;
737
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
738
const char *pubkeyfile = "pubkey.txt";
739
const char *seckeyfile = "seckey.txt";
740
mandos_context mc = { .simple_poll = NULL, .server = NULL,
741
.dh_bits = 1024, .priority = "SECURE256"};
744
struct argp_option options[] = {
745
{ .name = "debug", .key = 128,
746
.doc = "Debug mode", .group = 3 },
747
{ .name = "connect", .key = 'c',
749
.doc = "Connect directly to a sepcified mandos server",
751
{ .name = "interface", .key = 'i',
753
.doc = "Interface that Avahi will conntect through",
755
{ .name = "keydir", .key = 'd',
757
.doc = "Directory where the openpgp keyring is",
759
{ .name = "seckey", .key = 's',
761
.doc = "Secret openpgp key for gnutls authentication",
763
{ .name = "pubkey", .key = 'p',
765
.doc = "Public openpgp key for gnutls authentication",
767
{ .name = "dh-bits", .key = 129,
769
.doc = "dh-bits to use in gnutls communication",
771
{ .name = "priority", .key = 130,
773
.doc = "GNUTLS priority", .group = 1 },
778
error_t parse_opt (int key, char *arg,
779
struct argp_state *state) {
780
/* Get the INPUT argument from `argp_parse', which we know is
781
a pointer to our plugin list pointer. */
803
mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
818
return ARGP_ERR_UNKNOWN;
823
struct argp argp = { .options = options, .parser = parse_opt,
825
.doc = "Mandos client -- Get and decrypt"
826
" passwords from mandos server" };
827
argp_parse (&argp, argc, argv, 0, 0, NULL);
830
pubkeyfile = combinepath(keydir, pubkeyfile);
831
if (pubkeyfile == NULL){
832
perror("combinepath");
833
exitcode = EXIT_FAILURE;
837
seckeyfile = combinepath(keydir, seckeyfile);
838
if (seckeyfile == NULL){
839
perror("combinepath");
843
ret = init_gnutls_global(&mc, pubkeyfile, seckeyfile);
845
fprintf(stderr, "init_gnutls_global\n");
862
if_index = (AvahiIfIndex) if_nametoindex(interface);
637
static struct option long_options[] = {
638
{"debug", no_argument, (int *)&debug, 1},
639
{"connect", required_argument, 0, 'c'},
640
{"interface", required_argument, 0, 'i'},
643
int option_index = 0;
644
ret = getopt_long (argc, argv, "i:", long_options,
665
if_index = if_nametoindex(interface);
863
666
if(if_index == 0){
864
667
fprintf(stderr, "No such interface: \"%s\"\n", interface);
865
668
exit(EXIT_FAILURE);
871
674
char *address = strrchr(connect_to, ':');
872
675
if(address == NULL){
873
676
fprintf(stderr, "No colon in address\n");
874
exitcode = EXIT_FAILURE;
878
680
uint16_t port = (uint16_t) strtol(address+1, NULL, 10);
880
682
perror("Bad port number");
881
exitcode = EXIT_FAILURE;
885
686
address = connect_to;
886
ret = start_mandos_communication(address, port, if_index, &mc);
687
ret = start_mandos_communication(address, port, if_index);
888
exitcode = EXIT_FAILURE;
890
exitcode = EXIT_SUCCESS;
895
/* If the interface is down, bring it up */
897
sd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP);
900
exitcode = EXIT_FAILURE;
903
strcpy(network.ifr_name, interface); /* Spurious warning */
904
ret = ioctl(sd, SIOCGIFFLAGS, &network);
906
perror("ioctl SIOCGIFFLAGS");
907
exitcode = EXIT_FAILURE;
910
if((network.ifr_flags & IFF_UP) == 0){
911
network.ifr_flags |= IFF_UP;
912
ret = ioctl(sd, SIOCSIFFLAGS, &network);
914
perror("ioctl SIOCSIFFLAGS");
915
exitcode = EXIT_FAILURE;
923
696
avahi_set_log_function(empty_log);
926
/* Initialize the pseudo-RNG for Avahi */
699
/* Initialize the psuedo-RNG */
927
700
srand((unsigned int) time(NULL));
929
/* Allocate main Avahi loop object */
930
mc.simple_poll = avahi_simple_poll_new();
931
if (mc.simple_poll == NULL) {
932
fprintf(stderr, "Avahi: Failed to create simple poll"
934
exitcode = EXIT_FAILURE;
939
AvahiServerConfig config;
940
/* Do not publish any local Zeroconf records */
941
avahi_server_config_init(&config);
942
config.publish_hinfo = 0;
943
config.publish_addresses = 0;
944
config.publish_workstation = 0;
945
config.publish_domain = 0;
947
/* Allocate a new server */
948
mc.server = avahi_server_new(avahi_simple_poll_get
949
(mc.simple_poll), &config, NULL,
952
/* Free the Avahi configuration data */
953
avahi_server_config_free(&config);
956
/* Check if creating the Avahi server object succeeded */
957
if (mc.server == NULL) {
958
fprintf(stderr, "Failed to create Avahi server: %s\n",
702
/* Allocate main loop object */
703
if (!(simple_poll = avahi_simple_poll_new())) {
704
fprintf(stderr, "Failed to create simple poll object.\n");
709
/* Do not publish any local records */
710
avahi_server_config_init(&config);
711
config.publish_hinfo = 0;
712
config.publish_addresses = 0;
713
config.publish_workstation = 0;
714
config.publish_domain = 0;
716
/* Allocate a new server */
717
server = avahi_server_new(avahi_simple_poll_get(simple_poll),
718
&config, NULL, NULL, &error);
720
/* Free the configuration data */
721
avahi_server_config_free(&config);
723
/* Check if creating the server object succeeded */
725
fprintf(stderr, "Failed to create server: %s\n",
959
726
avahi_strerror(error));
960
exitcode = EXIT_FAILURE;
727
returncode = EXIT_FAILURE;
964
/* Create the Avahi service browser */
965
sb = avahi_s_service_browser_new(mc.server, if_index,
731
/* Create the service browser */
732
sb = avahi_s_service_browser_new(server, (AvahiIfIndex)if_index,
966
733
AVAHI_PROTO_INET6,
967
734
"_mandos._tcp", NULL, 0,
968
browse_callback, &mc);
735
browse_callback, server);
970
737
fprintf(stderr, "Failed to create service browser: %s\n",
971
avahi_strerror(avahi_server_errno(mc.server)));
972
exitcode = EXIT_FAILURE;
738
avahi_strerror(avahi_server_errno(server)));
739
returncode = EXIT_FAILURE;
976
743
/* Run the main loop */
979
fprintf(stderr, "Starting Avahi loop search\n");
746
fprintf(stderr, "Starting avahi loop search\n");
982
avahi_simple_poll_loop(mc.simple_poll);
749
avahi_simple_poll_loop(simple_poll);
987
754
fprintf(stderr, "%s exiting\n", argv[0]);
990
757
/* Cleanup things */
992
759
avahi_s_service_browser_free(sb);
994
if (mc.server != NULL)
995
avahi_server_free(mc.server);
997
if (mc.simple_poll != NULL)
998
avahi_simple_poll_free(mc.simple_poll);
762
avahi_server_free(server);
765
avahi_simple_poll_free(simple_poll);