/mandos/trunk : revision 286

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2009-01-26 23:47:44 UTC
Revision ID: teddy@fukt.bsnet.se-20090126234744-c19lb7zn1qsrcwmv

* debian/control (mandos/Depends): Added "python-gobject".

files added:
debian/watch

files renamed:
mandos-list => mandos-ctl *

files modified:
Makefile

NEWS

TODO

debian/changelog

debian/control

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.postinst

debian/mandos.prerm

debian/rules

initramfs-tools-script

mandos

mandos-keygen

mandos.lsm

plugin-runner.c

plugin-runner.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */

#include <stdio.h> /* fprintf(), stderr, fwrite(),

stdout, ferror(), sscanf */

stdout, ferror(), sscanf(),

remove() */

#include <stdint.h> /* uint16_t, uint32_t */

#include <stddef.h> /* NULL, size_t, ssize_t */

#include <stdlib.h> /* free(), EXIT_SUCCESS, EXIT_FAILURE,

#include <fcntl.h> /* open() */

#include <dirent.h> /* opendir(), struct dirent, readdir()

#include <inttypes.h> /* PRIu16, SCNu16 */

#include <inttypes.h> /* PRIu16, intmax_t, SCNdMAX */

#include <assert.h> /* assert() */

#include <errno.h> /* perror(), errno */

#include <time.h> /* time() */

365

366

}

366

367

368

static const char * safer_gnutls_strerror(int value) {

368

const char *ret = gnutls_strerror(value); /* Spurious warning */

369

const char *ret = gnutls_strerror(value); /* Spurious warning from

370

-Wunreachable-code */

369

371

if(ret == NULL)

370

372

ret = "(unknown)";

371

373

return ret;

404

406

/* OpenPGP credentials */

405

407

gnutls_certificate_allocate_credentials(&mc->cred);

406

408

if(ret != GNUTLS_E_SUCCESS){

407

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious

408

warning */

409

fprintf(stderr, "GnuTLS memory error: %s\n", /* Spurious warning

410

* from

411

* -Wunreachable-code

412

409

413

safer_gnutls_strerror(ret));

410

414

gnutls_global_deinit();

411

415

return -1;

553

557

fprintf(stderr, "Bad address: %s\n", ip);

554

558

return -1;

555

559

}

556

to.in6.sin6_port = htons(port); /* Spurious warning */

560

to.in6.sin6_port = htons(port); /* Spurious warnings from

561

-Wconversion and

562

-Wunreachable-code */

557

563

558

564

to.in6.sin6_scope_id = (uint32_t)if_index;

559

565

749

755

avahi_address_snprint(ip, sizeof(ip), address);

750

756

if(debug){

751

757

fprintf(stderr, "Mandos server \"%s\" found on %s (%s, %"

752

PRIu16 ") on port %d\n", name, host_name, ip,

753

interface, port);

758

PRIdMAX ") on port %" PRIu16 "\n", name, host_name,

759

ip, (intmax_t)interface, port);

754

760

}

755

761

int ret = start_mandos_communication(ip, port, interface, mc);

756

762

if(ret == 0){

816

822

AvahiSServiceBrowser *sb = NULL;

817

823

int error;

818

824

int ret;

825

intmax_t tmpmax;

826

int numchars;

819

827

int exitcode = EXIT_SUCCESS;

820

828

const char *interface = "eth0";

821

829

struct ifreq network;

831

839

mandos_context mc = { .simple_poll = NULL, .server = NULL,

832

840

.dh_bits = 1024, .priority = "SECURE256"

833

841

":!CTYPE-X.509:+CTYPE-OPENPGP" };

834

bool gnutls_initalized = false;

835

bool gpgme_initalized = false;

842

bool gnutls_initialized = false;

843

bool gpgme_initialized = false;

836

844

837

845

{

838

846

struct argp_option options[] = {

886

894

pubkey = arg;

887

895

break;

888

896

case 129: /* --dh-bits */

889

ret = sscanf(arg, "%u", &mc.dh_bits);

890

if(ret != 1){

897

ret = sscanf(arg, "%" SCNdMAX "%n", &tmpmax, &numchars);

898

if(ret < 1 or tmpmax != (typeof(mc.dh_bits))tmpmax

899

or arg[numchars] != '\0'){

891

900

fprintf(stderr, "Bad number of DH bits\n");

892

901

exit(EXIT_FAILURE);

893

902

}

903

mc.dh_bits = (typeof(mc.dh_bits))tmpmax;

894

904

break;

895

905

case 130: /* --priority */

896

906

mc.priority = arg;

966

976

exitcode = EXIT_FAILURE;

967

977

goto end;

968

978

} else {

969

gnutls_initalized = true;

979

gnutls_initialized = true;

970

980

}

971

981

972

982

if(mkdtemp(tempdir) == NULL){

976

986

}

977

987

978

988

if(not init_gpgme(&mc, pubkey, seckey, tempdir)){

979

fprintf(stderr, "gpgme_initalized failed\n");

989

fprintf(stderr, "init_gpgme failed\n");

980

990

exitcode = EXIT_FAILURE;

981

991

goto end;

982

992

} else {

983

gpgme_initalized = true;

993

gpgme_initialized = true;

984

994

}

985

995

986

996

if_index = (AvahiIfIndex) if_nametoindex(interface);

999

1009

goto end;

1000

1010

}

1001

1011

uint16_t port;

1002

ret = sscanf(address+1, "%" SCNu16, &port);

1003

if(ret != 1){

1012

ret = sscanf(address+1, "%" SCNdMAX "%n", &tmpmax, &numchars);

1013

if(ret < 1 or tmpmax != (uint16_t)tmpmax

1014

or address[numchars+1] != '\0'){

1004

1015

fprintf(stderr, "Bad port number\n");

1005

1016

exitcode = EXIT_FAILURE;

1006

1017

goto end;

1007

1018

}

1019

port = (uint16_t)tmpmax;

1008

1020

*address = '\0';

1009

1021

address = connect_to;

1010

1022

ret = start_mandos_communication(address, port, if_index, &mc);

1094

1106

if(mc.simple_poll != NULL)

1095

1107

avahi_simple_poll_free(mc.simple_poll);

1096

1108

1097

if(gnutls_initalized){

1109

if(gnutls_initialized){

1098

1110

gnutls_certificate_free_credentials(mc.cred);

1099

1111

gnutls_global_deinit();

1100

1112

gnutls_dh_params_deinit(mc.dh_params);

1101

1113

}

1102

1114

1103

if(gpgme_initalized){

1115

if(gpgme_initialized){

1104

1116

gpgme_release(mc.ctx);

1105

1117

}

1106

1118

1119

1131

if(direntry == NULL){

1120

1132

break;

1121

1133

}

1122

if(direntry->d_type == DT_REG){

1123

char *fullname = NULL;

1124

ret = asprintf(&fullname, "%s/%s", tempdir,

1125

direntry->d_name);

1126

if(ret < 0){

1127

perror("asprintf");

1128

continue;

1129

}

1130

ret = unlink(fullname);

1131

if(ret == -1){

1132

fprintf(stderr, "unlink(\"%s\"): %s",

1133

fullname, strerror(errno));

1134

}

1135

free(fullname);

1136

}

1134

/* Skip "." and ".." */

1135

if(direntry->d_name[0] == '.'

1136

and (direntry->d_name[1] == '\0'

1137

or (direntry->d_name[1] == '.'

1138

and direntry->d_name[2] == '\0'))){

1139

continue;

1140

}

1141

char *fullname = NULL;

1142

ret = asprintf(&fullname, "%s/%s", tempdir,

1143

direntry->d_name);

1144

if(ret < 0){

1145

perror("asprintf");

1146

continue;

1147

}

1148

ret = remove(fullname);

1149

if(ret == -1){

1150

fprintf(stderr, "remove(\"%s\"): %s\n", fullname,

1151

strerror(errno));

1152

}

1153

free(fullname);

1137

1154

}

1138

1155

closedir(d);

1139

1156

}

1142

1159

perror("rmdir");

1143

1160

}

1144

1161

}

1145

1162

1146

1163

return exitcode;

1147

1164

}

Older »