/mandos/trunk : revision 659

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2014-03-01 09:39:25 UTC
Revision ID: teddy@recompile.se-20140301093925-0x6nwf21f0zljk6e

* debian/copyright: Change year to "2014".
* mandos-ctl: - '' -
* mandos-monitor: - '' -
* plugins.d/mandos-client.xml: - '' -

files added:
initramfs-unpack

mandos.service

files modified:
INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos.dirs

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

* "browse_callback", and parts of "main".

* Everything else is

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

187

188

TEMP_FAILURE_RETRY(fprintf(stream, "Mandos plugin %s: ",

189

program_invocation_short_name));

190

return TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));

190

return (int)TEMP_FAILURE_RETRY(vfprintf(stream, format, ap));

191

}

192

193

659

return -1;

660

}

661

662

/* If the interface is specified and we have a list of interfaces */

663

if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){

664

/* Check if the interface is one of the interfaces we are using */

665

bool match = false;

666

{

667

char *interface = NULL;

668

while((interface=argz_next(mc->interfaces, mc->interfaces_size,

669

interface))){

670

if(if_nametoindex(interface) == (unsigned int)if_index){

671

match = true;

672

break;

673

}

674

}

675

}

676

if(not match){

677

/* This interface does not match any in the list, so we don't

678

connect to the server */

679

if(debug){

680

char interface[IF_NAMESIZE];

681

if(if_indextoname((unsigned int)if_index, interface) == NULL){

682

perror_plus("if_indextoname");

683

} else {

684

fprintf_plus(stderr, "Skipping server on non-used interface"

685

" \"%s\"\n",

686

if_indextoname((unsigned int)if_index,

687

interface));

688

}

689

}

690

return -1;

691

}

692

}

693

662

694

ret = init_gnutls_session(&session, mc);

663

695

if(ret != 0){

664

696

return -1;

704

736

}

705

737

if(af == AF_INET6){

706

738

to.in6.sin6_port = htons(port);

739

#ifdef __GNUC__

740

#pragma GCC diagnostic push

741

#pragma GCC diagnostic ignored "-Wstrict-aliasing"

742

#endif

707

743

if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */

708

(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and

709

-Wunreachable-code*/

744

(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower */

745

#ifdef __GNUC__

746

#pragma GCC diagnostic pop

747

#endif

710

748

if(if_index == AVAHI_IF_UNSPEC){

711

749

fprintf_plus(stderr, "An IPv6 link-local address is"

712

750

" incomplete without a network interface\n");

717

755

to.in6.sin6_scope_id = (uint32_t)if_index;

718

756

}

719

757

} else {

720

to.in.sin_port = htons(port); /* Spurious warnings from

721

-Wconversion and

722

-Wunreachable-code */

758

to.in.sin_port = htons(port);

723

759

}

724

760

725

761

if(quit_now){

2004

2040

}

2005

2041

2006

2042

/* Lower privileges */

2007

errno = 0;

2008

ret = seteuid(uid);

2009

if(ret == -1){

2010

perror_plus("seteuid");

2011

}

2043

lower_privileges();

2012

2044

}

2013

2045

}

2014

2046

2015

/* Remove empty interface names */

2047

/* Remove invalid interface names (except "none") */

2016

2048

{

2017

2049

char *interface = NULL;

2018

2050

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2019

2051

interface))){

2020

if(if_nametoindex(interface) == 0){

2021

if(interface[0] != '\0' and strcmp(interface, "none") != 0){

2052

if(strcmp(interface, "none") != 0

2053

and if_nametoindex(interface) == 0){

2054

if(interface[0] != '\0'){

2022

2055

fprintf_plus(stderr, "Not using nonexisting interface"

2023

2056

" \"%s\"\n", interface);

2024

2057

}

2030

2063

2031

2064

/* Run network hooks */

2032

2065

{

2033

2034

2066

if(mc.interfaces != NULL){

2035

2067

interfaces_hooks = malloc(mc.interfaces_size);

2036

2068

if(interfaces_hooks == NULL){

2156

2188

}

2157

2189

}

2158

2190

2159

/* If we only got one interface, explicitly use only that one */

2160

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2161

if(debug){

2162

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2163

mc.interfaces);

2164

}

2165

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2166

}

2167

2168

/* Bring up interfaces which are down */

2169

if(not (argz_count(mc.interfaces, mc.interfaces_size) == 1

2170

and strcmp(mc.interfaces, "none") == 0)){

2191

/* Bring up interfaces which are down, and remove any "none"s */

2192

{

2171

2193

char *interface = NULL;

2172

2194

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2173

2195

interface))){

2196

/* If interface name is "none", stop bringing up interfaces.

2197

Also remove all instances of "none" from the list */

2198

if(strcmp(interface, "none") == 0){

2199

argz_delete(&mc.interfaces, &mc.interfaces_size,

2200

interface);

2201

interface = NULL;

2202

while((interface = argz_next(mc.interfaces,

2203

mc.interfaces_size, interface))){

2204

if(strcmp(interface, "none") == 0){

2205

argz_delete(&mc.interfaces, &mc.interfaces_size,

2206

interface);

2207

interface = NULL;

2208

}

2209

}

2210

break;

2211

}

2174

2212

bool interface_was_up = interface_is_up(interface);

2175

2213

ret = bring_up_interface(interface, delay);

2176

2214

if(not interface_was_up){

2184

2222

}

2185

2223

}

2186

2224

}

2187

free(mc.interfaces);

2188

mc.interfaces = NULL;

2189

mc.interfaces_size = 0;

2190

2225

if(debug and (interfaces_to_take_down == NULL)){

2191

2226

fprintf_plus(stderr, "No interfaces were brought up\n");

2192

2227

}

2193

2228

}

2194

2229

2230

/* If we only got one interface, explicitly use only that one */

2231

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2232

if(debug){

2233

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2234

mc.interfaces);

2235

}

2236

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2237

}

2238

2195

2239

if(quit_now){

2196

2240

goto end;

2197

2241

}

2255

2299

exitcode = EX_USAGE;

2256

2300

goto end;

2257

2301

}

2258

2302

2259

2303

if(quit_now){

2260

2304

goto end;

2261

2305

}

2291

2335

fprintf_plus(stderr, "Retrying in %d seconds\n",

2292

2336

(int)retry_interval);

2293

2337

}

2294

sleep((int)retry_interval);

2338

sleep((unsigned int)retry_interval);

2295

2339

}

2296

2340

2297

2341

if (not quit_now){

2370

2414

}

2371

2415

2372

2416

/* Cleanup things */

2417

free(mc.interfaces);

2418

2373

2419

if(sb != NULL)

2374

2420

avahi_s_service_browser_free(sb);

2375

2421

Older »