/mandos/trunk : revision 609

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2012-06-23 00:58:49 UTC
Revision ID: teddy@recompile.se-20120623005849-02wj82cng433rt2k

* clients.conf: Convert all time intervals to new RFC 3339 syntax.
* mandos: All client options for time intervals now take an RFC 3339
          duration.
  (rfc3339_duration_to_delta): New function.
  (string_to_delta): Try rfc3339_duration_to_delta first.
* mandos-clients.conf.xml (OPTIONS/timeout): Document new format.
  (EXAMPLE): Update to new interval format.
  (SEE ALSO): Reference RFC 3339.

files modified:
Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-monitor

mandos-options.xml

mandos.conf

mandos.lsm

mandos.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

659

return -1;

660

}

661

662

/* If the interface is specified and we have a list of interfaces */

663

if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){

664

/* Check if the interface is one of the interfaces we are using */

665

bool match = false;

666

{

667

char *interface = NULL;

668

while((interface=argz_next(mc->interfaces, mc->interfaces_size,

669

interface))){

670

if(if_nametoindex(interface) == (unsigned int)if_index){

671

match = true;

672

break;

673

}

674

}

675

}

676

if(not match){

677

/* This interface does not match any in the list, so we don't

678

connect to the server */

679

if(debug){

680

char interface[IF_NAMESIZE];

681

if(if_indextoname((unsigned int)if_index, interface) == NULL){

682

perror_plus("if_indextoname");

683

} else {

684

fprintf_plus(stderr, "Skipping server on non-used interface"

685

" \"%s\"\n",

686

if_indextoname((unsigned int)if_index,

687

interface));

688

}

689

}

690

return -1;

691

}

692

}

693

662

694

ret = init_gnutls_session(&session, mc);

663

695

if(ret != 0){

664

696

return -1;

2004

2036

}

2005

2037

2006

2038

/* Lower privileges */

2007

errno = 0;

2008

ret = seteuid(uid);

2009

if(ret == -1){

2010

perror_plus("seteuid");

2011

}

2039

lower_privileges();

2012

2040

}

2013

2041

}

2014

2042

2015

/* Remove empty interface names */

2043

/* Remove invalid interface names (except "none") */

2016

2044

{

2017

2045

char *interface = NULL;

2018

2046

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2019

2047

interface))){

2020

if(if_nametoindex(interface) == 0){

2021

if(interface[0] != '\0' and strcmp(interface, "none") != 0){

2048

if(strcmp(interface, "none") != 0

2049

and if_nametoindex(interface) == 0){

2050

if(interface[0] != '\0'){

2022

2051

fprintf_plus(stderr, "Not using nonexisting interface"

2023

2052

" \"%s\"\n", interface);

2024

2053

}

2030

2059

2031

2060

/* Run network hooks */

2032

2061

{

2033

2034

2062

if(mc.interfaces != NULL){

2035

2063

interfaces_hooks = malloc(mc.interfaces_size);

2036

2064

if(interfaces_hooks == NULL){

2156

2184

}

2157

2185

}

2158

2186

2159

/* If we only got one interface, explicitly use only that one */

2160

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2161

if(debug){

2162

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2163

mc.interfaces);

2164

}

2165

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2166

}

2167

2168

/* Bring up interfaces which are down */

2169

if(not (argz_count(mc.interfaces, mc.interfaces_size) == 1

2170

and strcmp(mc.interfaces, "none") == 0)){

2187

/* Bring up interfaces which are down, and remove any "none"s */

2188

{

2171

2189

char *interface = NULL;

2172

2190

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2173

2191

interface))){

2192

/* If interface name is "none", stop bringing up interfaces.

2193

Also remove all instances of "none" from the list */

2194

if(strcmp(interface, "none") == 0){

2195

argz_delete(&mc.interfaces, &mc.interfaces_size,

2196

interface);

2197

interface = NULL;

2198

while((interface = argz_next(mc.interfaces,

2199

mc.interfaces_size, interface))){

2200

if(strcmp(interface, "none") == 0){

2201

argz_delete(&mc.interfaces, &mc.interfaces_size,

2202

interface);

2203

interface = NULL;

2204

}

2205

}

2206

break;

2207

}

2174

2208

bool interface_was_up = interface_is_up(interface);

2175

2209

ret = bring_up_interface(interface, delay);

2176

2210

if(not interface_was_up){

2184

2218

}

2185

2219

}

2186

2220

}

2187

free(mc.interfaces);

2188

mc.interfaces = NULL;

2189

mc.interfaces_size = 0;

2190

2221

if(debug and (interfaces_to_take_down == NULL)){

2191

2222

fprintf_plus(stderr, "No interfaces were brought up\n");

2192

2223

}

2193

2224

}

2194

2225

2226

/* If we only got one interface, explicitly use only that one */

2227

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2228

if(debug){

2229

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2230

mc.interfaces);

2231

}

2232

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2233

}

2234

2195

2235

if(quit_now){

2196

2236

goto end;

2197

2237

}

2255

2295

exitcode = EX_USAGE;

2256

2296

goto end;

2257

2297

}

2258

2298

2259

2299

if(quit_now){

2260

2300

goto end;

2261

2301

}

2370

2410

}

2371

2411

2372

2412

/* Cleanup things */

2413

free(mc.interfaces);

2414

2373

2415

if(sb != NULL)

2374

2416

avahi_s_service_browser_free(sb);

2375

2417

Older »