/mandos/trunk : revision 423

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2010-09-12 03:00:40 UTC
Revision ID: teddy@fukt.bsnet.se-20100912030040-b0uopyennste9fdh

Documentation changes:

* DBUS-API: New file documenting the server D-Bus interface.

* clients.conf: Add examples of new approval settings.

* debian/mandos.docs: Added "DBUS-API".

* mandos-clients.conf.xml (OPTIONS): Added "approved_by_default",
                                     "approval_delay", and
                                     "approval_duration".
* mandos.xml (D-BUS INTERFACE): Refer to the "DBUS-API" file.
  (BUGS): Remove mention of lack of a remote query interface.

files removed:
debian/source

debian/source/format

mandos-ctl.xml

mandos-monitor.xml

plugins.d/plymouth.xml

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postrm

debian/mandos.dirs

debian/watch

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-monitor

mandos.lsm

mandos.xml

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

* "browse_callback", and parts of "main".

* Everything else is

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

strtoimax() */

#include <assert.h> /* assert() */

#include <errno.h> /* perror(), errno */

#include <time.h> /* nanosleep(), time(), sleep() */

#include <time.h> /* nanosleep(), time() */

#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,

SIOCSIFFLAGS, if_indextoname(),

if_nametoindex(), IF_NAMESIZE */

690

ret = connect(tcp_sd, &to.in, sizeof(to)); /* IPv4 */

691

}

692

if(ret < 0){

693

if ((errno != ECONNREFUSED and errno != ENETUNREACH) or debug){

694

int e = errno;

695

perror("connect");

696

errno = e;

697

}

693

int e = errno;

694

perror("connect");

695

errno = e;

698

696

goto mandos_end;

699

697

}

700

698

741

739

errno = EINTR;

742

740

goto mandos_end;

743

741

}

744

745

/* Spurious warnings from -Wint-to-pointer-cast */

742

746

743

gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) tcp_sd);

747

744

748

745

if(quit_now){

1033

1030

int good_interface(const struct dirent *if_entry){

1034

1031

ssize_t ssret;

1035

1032

char *flagname = NULL;

1036

if(if_entry->d_name[0] == '.'){

1037

return 0;

1038

}

1039

1033

int ret = asprintf(&flagname, "%s/%s/flags", sys_class_net,

1040

1034

if_entry->d_name);

1041

1035

if(ret < 0){

1042

1036

perror("asprintf");

1043

1037

return 0;

1044

1038

}

1039

if(if_entry->d_name[0] == '.'){

1040

return 0;

1041

}

1045

1042

int flags_fd = (int)TEMP_FAILURE_RETRY(open(flagname, O_RDONLY));

1046

1043

if(flags_fd == -1){

1047

1044

perror("open");

1048

free(flagname);

1049

1045

return 0;

1050

1046

}

1051

free(flagname);

1052

1047

typedef short ifreq_flags; /* ifreq.ifr_flags in netdevice(7) */

1053

1048

/* read line from flags_fd */

1054

1049

ssize_t to_read = (sizeof(ifreq_flags)*2)+3; /* "0x1003\n" */

1114

1109

}

1115

1110

return 0;

1116

1111

}

1117

/* Reject non-ARP interfaces (including dummy interfaces) */

1118

if(flags & IFF_NOARP){

1119

if(debug){

1120

fprintf(stderr, "Rejecting non-ARP interface \"%s\"\n",

1121

if_entry->d_name);

1122

}

1123

return 0;

1124

}

1125

1112

/* Accept this device */

1126

1113

if(debug){

1127

1114

fprintf(stderr, "Interface \"%s\" is acceptable\n",

1130

1117

return 1;

1131

1118

}

1132

1119

1133

int notdotentries(const struct dirent *direntry){

1134

/* Skip "." and ".." */

1135

if(direntry->d_name[0] == '.'

1136

and (direntry->d_name[1] == '\0'

1137

or (direntry->d_name[1] == '.'

1138

and direntry->d_name[2] == '\0'))){

1139

return 0;

1140

}

1141

return 1;

1142

}

1143

1144

1120

int main(int argc, char *argv[]){

1145

1121

AvahiSServiceBrowser *sb = NULL;

1146

1122

int error;

1577

1553

goto end;

1578

1554

}

1579

1555

1556

tempdir_created = true;

1580

1557

if(mkdtemp(tempdir) == NULL){

1558

tempdir_created = false;

1581

1559

perror("mkdtemp");

1582

1560

goto end;

1583

1561

}

1584

tempdir_created = true;

1585

1562

1586

1563

if(quit_now){

1587

1564

goto end;

1641

1618

if(quit_now){

1642

1619

goto end;

1643

1620

}

1644

1645

while(not quit_now){

1646

ret = start_mandos_communication(address, port, if_index, af);

1647

if(quit_now or ret == 0){

1621

1622

ret = start_mandos_communication(address, port, if_index, af);

1623

if(ret < 0){

1624

switch(errno){

1625

case ENETUNREACH:

1626

case EHOSTDOWN:

1627

case EHOSTUNREACH:

1628

exitcode = EX_NOHOST;

1629

break;

1630

case EINVAL:

1631

exitcode = EX_USAGE;

1632

break;

1633

case EIO:

1634

exitcode = EX_IOERR;

1635

break;

1636

case EPROTO:

1637

exitcode = EX_PROTOCOL;

1638

break;

1639

default:

1640

exitcode = EX_OSERR;

1648

1641

break;

1649

1642

}

1650

sleep(15);

1651

};

1652

1653

if (not quit_now){

1643

} else {

1654

1644

exitcode = EXIT_SUCCESS;

1655

1645

}

1656

1657

1646

goto end;

1658

1647

}

1659

1648

1772

1761

}

1773

1762

}

1774

1763

1775

/* Removes the GPGME temp directory and all files inside */

1764

/* Removes the temp directory used by GPGME */

1776

1765

if(tempdir_created){

1777

struct dirent **direntries = NULL;

1778

struct dirent *direntry = NULL;

1779

ret = scandir(tempdir, &direntries, notdotentries, alphasort);

1780

if (ret > 0){

1781

for(int i = 0; i < ret; i++){

1782

direntry = direntries[i];

1766

DIR *d;

1767

struct dirent *direntry;

1768

d = opendir(tempdir);

1769

if(d == NULL){

1770

if(errno != ENOENT){

1771

perror("opendir");

1772

}

1773

} else {

1774

while(true){

1775

direntry = readdir(d);

1776

if(direntry == NULL){

1777

break;

1778

}

1779

/* Skip "." and ".." */

1780

if(direntry->d_name[0] == '.'

1781

and (direntry->d_name[1] == '\0'

1782

or (direntry->d_name[1] == '.'

1783

and direntry->d_name[2] == '\0'))){

1784

continue;

1785

}

1783

1786

char *fullname = NULL;

1784

1787

ret = asprintf(&fullname, "%s/%s", tempdir,

1785

1788

direntry->d_name);

1794

1797

}

1795

1798

free(fullname);

1796

1799

}

1797

}

1798

1799

/* need to be cleaned even if ret == 0 because man page dont specify */

1800

free(direntries);

1801

if (ret == -1){

1802

perror("scandir");

1800

closedir(d);

1803

1801

}

1804

1802

ret = rmdir(tempdir);

1805

1803

if(ret == -1 and errno != ENOENT){

Older »