25
25
* along with this program. If not, see
26
26
* <http://www.gnu.org/licenses/>.
28
* Contact the authors at <mandos@fukt.bsnet.se>.
28
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
29
* <https://www.fukt.bsnet.se/~teddy/>.
31
32
/* Needed by GPGME, specifically gpgme_data_seek() */
67
68
#include <getopt.h>
71
#define CERT_ROOT "/conf/conf.d/cryptkeyreq/"
73
#define CERTFILE CERT_ROOT "openpgp-client.txt"
74
#define KEYFILE CERT_ROOT "openpgp-client-key.txt"
69
75
#define BUFFER_SIZE 256
70
76
#define DH_BITS 1024
72
const char *certdir = "/conf/conf.d/cryptkeyreq/";
73
const char *certfile = "openpgp-client.txt";
74
const char *certkey = "openpgp-client-key.txt";
76
78
bool debug = false;
100
102
gpgme_check_version(NULL);
101
rc = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
102
if (rc != GPG_ERR_NO_ERROR){
103
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
104
gpgme_strsource(rc), gpgme_strerror(rc));
103
gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP);
108
105
/* Set GPGME home directory */
109
106
rc = gpgme_get_engine_info (&engine_info);
195
192
gpgme_data_release(dh_crypto);
197
194
/* Seek back to the beginning of the GPGME plaintext data buffer */
198
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
199
perror("pgpme_data_seek");
195
gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET);
204
199
if (new_packet_length + BUFFER_SIZE > new_packet_capacity){
258
253
fprintf(stderr, "Initializing GnuTLS\n");
261
256
if ((ret = gnutls_global_init ())
262
257
!= GNUTLS_E_SUCCESS) {
263
258
fprintf (stderr, "global_init: %s\n", safer_gnutls_strerror(ret));
281
276
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
282
" and keyfile %s as GnuTLS credentials\n", certfile,
277
" and keyfile %s as GnuTLS credentials\n", CERTFILE,
286
281
ret = gnutls_certificate_set_openpgp_key_file
287
(es->cred, certfile, certkey, GNUTLS_OPENPGP_FMT_BASE64);
282
(es->cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64);
288
283
if (ret != GNUTLS_E_SUCCESS) {
290
285
(stderr, "Error[%d] while reading the OpenPGP key pair ('%s',"
292
ret, certfile, certkey);
287
ret, CERTFILE, KEYFILE);
293
288
fprintf(stdout, "The Error is: %s\n",
294
289
safer_gnutls_strerror(ret));
492
487
decrypted_buffer_size = pgp_packet_decrypt(buffer,
494
489
&decrypted_buffer,
496
491
if (decrypted_buffer_size >= 0){
497
492
while(written < (size_t) decrypted_buffer_size){
498
493
ret = (int)fwrite (decrypted_buffer + written, 1,
569
564
fprintf(stderr, "Mandos server \"%s\" found on %s (%s) on"
570
565
" port %d\n", name, host_name, ip, port);
572
int ret = start_mandos_communication(ip, port, interface);
567
int ret = start_mandos_communication(ip, port,
568
(unsigned int) interface);
574
570
exit(EXIT_SUCCESS);
630
/* combinds file name and path and returns the malloced new string. som sane checks could/should be added */
631
const char *combinepath(const char *first, const char *second){
633
tmp = malloc(strlen(first) + strlen(second) + 2);
639
if (first[0] != '\0' and first[strlen(first) - 1] != '/'){
647
626
int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char*argv[]) {
648
627
AvahiServerConfig config;
649
628
AvahiSServiceBrowser *sb = NULL;
652
631
int returncode = EXIT_SUCCESS;
653
const char *interface = NULL;
654
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
632
const char *interface = "eth0";
633
unsigned int if_index;
655
634
char *connect_to = NULL;
658
637
static struct option long_options[] = {
659
638
{"debug", no_argument, (int *)&debug, 1},
660
{"connect", required_argument, 0, 'C'},
639
{"connect", required_argument, 0, 'c'},
661
640
{"interface", required_argument, 0, 'i'},
662
{"certdir", required_argument, 0, 'd'},
663
{"certkey", required_argument, 0, 'c'},
664
{"certfile", required_argument, 0, 'k'},
667
643
int option_index = 0;
679
655
interface = optarg;
682
658
connect_to = optarg;
694
661
exit(EXIT_FAILURE);
698
certfile = combinepath(certdir, certfile);
699
if (certfile == NULL){
703
if(interface != NULL){
704
if_index = (AvahiIfIndex) if_nametoindex(interface);
706
fprintf(stderr, "No such interface: \"%s\"\n", interface);
665
if_index = if_nametoindex(interface);
667
fprintf(stderr, "No such interface: \"%s\"\n", interface);
711
671
if(connect_to != NULL){
776
731
/* Create the service browser */
777
sb = avahi_s_service_browser_new(server, if_index,
732
sb = avahi_s_service_browser_new(server, (AvahiIfIndex)if_index,
778
733
AVAHI_PROTO_INET6,
779
734
"_mandos._tcp", NULL, 0,
780
735
browse_callback, server);