To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/password-request.c
- browse files at revision 78
- compare with another revision
- download diff
- download tarball
- view history from revision 78
- Committer: Teddy Hogeborn
- Date: 2008-08-16 03:29:08 UTC
- Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
- files added:
- network-protocol.txt
- files removed:
- .bzrignore
- files modified:
- Makefile
added
removed
plugins.d/password-request.c
47
47
#include <sys/types.h> /* socket(), inet_pton(), sockaddr,
48
48
sockaddr_in6, PF_INET6,
49
49
SOCK_STREAM, INET6_ADDRSTRLEN,
50
uid_t, gid_t, open(), opendir(), DIR */
51
#include <sys/stat.h> /* open() */
50
uid_t, gid_t */
51
#include <inttypes.h> /* PRIu16 */
52
52
#include <sys/socket.h> /* socket(), struct sockaddr_in6,
53
53
struct in6_addr, inet_pton(),
54
54
connect() */
55
#include <fcntl.h> /* open() */
56
#include <dirent.h> /* opendir(), struct dirent, readdir() */
57
#include <inttypes.h> /* PRIu16 */
58
55
#include <assert.h> /* assert() */
59
56
#include <errno.h> /* perror(), errno */
60
57
#include <time.h> /* time() */
61
58
#include <net/if.h> /* ioctl, ifreq, SIOCGIFFLAGS, IFF_UP,
62
59
SIOCSIFFLAGS, if_indextoname(),
63
60
if_nametoindex(), IF_NAMESIZE */
64
#include <netinet/in.h>
65
61
#include <unistd.h> /* close(), SEEK_SET, off_t, write(),
66
62
getuid(), getgid(), setuid(),
67
63
setgid() */
64
#include <netinet/in.h>
68
65
#include <arpa/inet.h> /* inet_pton(), htons */
69
66
#include <iso646.h> /* not, and */
70
67
#include <argp.h> /* struct argp_option, error_t, struct
101
98
102
99
#define BUFFER_SIZE 256
103
100
104
/*
105
#define PATHDIR "/conf/conf.d/mandos"
106
*/
107
108
#define PATHDIR "/conf/conf.d/mandos"
109
#define SECKEY "seckey.txt"
110
#define PUBKEY "pubkey.txt"
111
112
101
bool debug = false;
102
static const char *keydir = "/conf/conf.d/mandos";
113
103
static const char mandos_protocol_version[] = "1";
114
104
const char *argp_program_version = "password-request 1.0";
115
105
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
122
112
unsigned int dh_bits;
123
113
gnutls_dh_params_t dh_params;
124
114
const char *priority;
125
gpgme_ctx_t ctx;
126
115
} mandos_context;
127
116
128
117
/*
143
132
}
144
133
145
134
/*
146
* Initialize GPGME.
135
* Decrypt OpenPGP data using keyrings in HOMEDIR.
136
* Returns -1 on error
147
137
*/
148
static bool init_gpgme(mandos_context *mc, const char *seckey,
149
const char *pubkey, const char *tempdir){
150
int ret;
138
static ssize_t pgp_packet_decrypt (const char *cryptotext,
139
size_t crypto_size,
140
char **plaintext,
141
const char *homedir){
142
gpgme_data_t dh_crypto, dh_plain;
143
gpgme_ctx_t ctx;
151
144
gpgme_error_t rc;
145
ssize_t ret;
146
size_t plaintext_capacity = 0;
147
ssize_t plaintext_length = 0;
152
148
gpgme_engine_info_t engine_info;
153
149
154
155
/*
156
* Helper function to insert pub and seckey to the enigne keyring.
157
*/
158
bool import_key(const char *filename){
159
int fd;
160
gpgme_data_t pgp_data;
161
162
fd = TEMP_FAILURE_RETRY(open(filename, O_RDONLY));
163
if(fd == -1){
164
perror("open");
165
return false;
166
}
167
168
rc = gpgme_data_new_from_fd(&pgp_data, fd);
169
if (rc != GPG_ERR_NO_ERROR){
170
fprintf(stderr, "bad gpgme_data_new_from_fd: %s: %s\n",
171
gpgme_strsource(rc), gpgme_strerror(rc));
172
return false;
173
}
174
175
rc = gpgme_op_import(mc->ctx, pgp_data);
176
if (rc != GPG_ERR_NO_ERROR){
177
fprintf(stderr, "bad gpgme_op_import: %s: %s\n",
178
gpgme_strsource(rc), gpgme_strerror(rc));
179
return false;
180
}
181
182
ret = TEMP_FAILURE_RETRY(close(fd));
183
if(ret == -1){
184
perror("close");
185
}
186
gpgme_data_release(pgp_data);
187
return true;
188
}
189
190
150
if (debug){
191
fprintf(stderr, "Initialize gpgme\n");
151
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
192
152
}
193
153
194
154
/* Init GPGME */
197
157
if (rc != GPG_ERR_NO_ERROR){
198
158
fprintf(stderr, "bad gpgme_engine_check_version: %s: %s\n",
199
159
gpgme_strsource(rc), gpgme_strerror(rc));
200
return false;
160
return -1;
201
161
}
202
162
203
/* Set GPGME home directory for the OpenPGP engine only */
163
/* Set GPGME home directory for the OpenPGP engine only */
204
164
rc = gpgme_get_engine_info (&engine_info);
205
165
if (rc != GPG_ERR_NO_ERROR){
206
166
fprintf(stderr, "bad gpgme_get_engine_info: %s: %s\n",
207
167
gpgme_strsource(rc), gpgme_strerror(rc));
208
return false;
168
return -1;
209
169
}
210
170
while(engine_info != NULL){
211
171
if(engine_info->protocol == GPGME_PROTOCOL_OpenPGP){
212
172
gpgme_set_engine_info(GPGME_PROTOCOL_OpenPGP,
213
engine_info->file_name, tempdir);
173
engine_info->file_name, homedir);
214
174
break;
215
175
}
216
176
engine_info = engine_info->next;
217
177
}
218
178
if(engine_info == NULL){
219
fprintf(stderr, "Could not set GPGME home dir to %s\n", tempdir);
220
return false;
221
}
222
223
/* Create new GPGME "context" */
224
rc = gpgme_new(&(mc->ctx));
225
if (rc != GPG_ERR_NO_ERROR){
226
fprintf(stderr, "bad gpgme_new: %s: %s\n",
227
gpgme_strsource(rc), gpgme_strerror(rc));
228
return false;
229
}
230
231
if (not import_key(pubkey) or not import_key(seckey)){
232
return false;
233
}
234
235
return true;
236
}
237
238
/*
239
* Decrypt OpenPGP data.
240
* Returns -1 on error
241
*/
242
static ssize_t pgp_packet_decrypt (const mandos_context *mc,
243
const char *cryptotext,
244
size_t crypto_size,
245
char **plaintext){
246
gpgme_data_t dh_crypto, dh_plain;
247
gpgme_error_t rc;
248
ssize_t ret;
249
size_t plaintext_capacity = 0;
250
ssize_t plaintext_length = 0;
251
252
if (debug){
253
fprintf(stderr, "Trying to decrypt OpenPGP data\n");
179
fprintf(stderr, "Could not set GPGME home dir to %s\n", homedir);
180
return -1;
254
181
}
255
182
256
183
/* Create new GPGME data buffer from memory cryptotext */
271
198
return -1;
272
199
}
273
200
201
/* Create new GPGME "context" */
202
rc = gpgme_new(&ctx);
203
if (rc != GPG_ERR_NO_ERROR){
204
fprintf(stderr, "bad gpgme_new: %s: %s\n",
205
gpgme_strsource(rc), gpgme_strerror(rc));
206
plaintext_length = -1;
207
goto decrypt_end;
208
}
209
274
210
/* Decrypt data from the cryptotext data buffer to the plaintext
275
211
data buffer */
276
rc = gpgme_op_decrypt(mc->ctx, dh_crypto, dh_plain);
212
rc = gpgme_op_decrypt(ctx, dh_crypto, dh_plain);
277
213
if (rc != GPG_ERR_NO_ERROR){
278
214
fprintf(stderr, "bad gpgme_op_decrypt: %s: %s\n",
279
215
gpgme_strsource(rc), gpgme_strerror(rc));
280
216
plaintext_length = -1;
281
if (debug){
282
gpgme_decrypt_result_t result;
283
result = gpgme_op_decrypt_result(mc->ctx);
284
if (result == NULL){
285
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
286
} else {
287
fprintf(stderr, "Unsupported algorithm: %s\n",
288
result->unsupported_algorithm);
289
fprintf(stderr, "Wrong key usage: %u\n",
290
result->wrong_key_usage);
291
if(result->file_name != NULL){
292
fprintf(stderr, "File name: %s\n", result->file_name);
293
}
294
gpgme_recipient_t recipient;
295
recipient = result->recipients;
296
if(recipient){
297
while(recipient != NULL){
298
fprintf(stderr, "Public key algorithm: %s\n",
299
gpgme_pubkey_algo_name(recipient->pubkey_algo));
300
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
301
fprintf(stderr, "Secret key available: %s\n",
302
recipient->status == GPG_ERR_NO_SECKEY
303
? "No" : "Yes");
304
recipient = recipient->next;
305
}
306
}
307
}
308
}
309
217
goto decrypt_end;
310
218
}
311
219
313
221
fprintf(stderr, "Decryption of OpenPGP data succeeded\n");
314
222
}
315
223
224
if (debug){
225
gpgme_decrypt_result_t result;
226
result = gpgme_op_decrypt_result(ctx);
227
if (result == NULL){
228
fprintf(stderr, "gpgme_op_decrypt_result failed\n");
229
} else {
230
fprintf(stderr, "Unsupported algorithm: %s\n",
231
result->unsupported_algorithm);
232
fprintf(stderr, "Wrong key usage: %u\n",
233
result->wrong_key_usage);
234
if(result->file_name != NULL){
235
fprintf(stderr, "File name: %s\n", result->file_name);
236
}
237
gpgme_recipient_t recipient;
238
recipient = result->recipients;
239
if(recipient){
240
while(recipient != NULL){
241
fprintf(stderr, "Public key algorithm: %s\n",
242
gpgme_pubkey_algo_name(recipient->pubkey_algo));
243
fprintf(stderr, "Key ID: %s\n", recipient->keyid);
244
fprintf(stderr, "Secret key available: %s\n",
245
recipient->status == GPG_ERR_NO_SECKEY
246
? "No" : "Yes");
247
recipient = recipient->next;
248
}
249
}
250
}
251
}
252
316
253
/* Seek back to the beginning of the GPGME plaintext data buffer */
317
254
if (gpgme_data_seek(dh_plain, (off_t) 0, SEEK_SET) == -1){
318
255
perror("pgpme_data_seek");
345
282
}
346
283
plaintext_length += ret;
347
284
}
348
285
349
286
if(debug){
350
287
fprintf(stderr, "Decrypted password is: ");
351
288
for(ssize_t i = 0; i < plaintext_length; i++){
365
302
}
366
303
367
304
static const char * safer_gnutls_strerror (int value) {
368
const char *ret = gnutls_strerror (value); /* Spurious warning */
305
const char *ret = gnutls_strerror (value);
369
306
if (ret == NULL)
370
307
ret = "(unknown)";
371
308
return ret;
404
341
/* OpenPGP credentials */
405
342
gnutls_certificate_allocate_credentials(&mc->cred);
406
343
if (ret != GNUTLS_E_SUCCESS){
407
fprintf (stderr, "GnuTLS memory error: %s\n", /* Spurious
408
warning */
344
fprintf (stderr, "GnuTLS memory error: %s\n",
409
345
safer_gnutls_strerror(ret));
410
346
gnutls_global_deinit ();
411
347
return -1;
412
348
}
413
349
414
350
if(debug){
415
fprintf(stderr, "Attempting to use OpenPGP public key %s and"
416
" secret key %s as GnuTLS credentials\n", pubkeyfilename,
351
fprintf(stderr, "Attempting to use OpenPGP certificate %s"
352
" and keyfile %s as GnuTLS credentials\n", pubkeyfilename,
417
353
seckeyfilename);
418
354
}
419
355
424
360
fprintf(stderr,
425
361
"Error[%d] while reading the OpenPGP key pair ('%s',"
426
362
" '%s')\n", ret, pubkeyfilename, seckeyfilename);
427
fprintf(stderr, "The GnuTLS error is: %s\n",
363
fprintf(stdout, "The GnuTLS error is: %s\n",
428
364
safer_gnutls_strerror(ret));
429
365
goto globalfail;
430
366
}
444
380
}
445
381
446
382
gnutls_certificate_set_dh_params(mc->cred, mc->dh_params);
447
383
448
384
return 0;
449
385
450
386
globalfail:
451
387
452
388
gnutls_certificate_free_credentials(mc->cred);
453
389
gnutls_global_deinit();
454
390
return -1;
391
455
392
}
456
393
457
394
static int init_gnutls_session(mandos_context *mc,
529
466
perror("socket");
530
467
return -1;
531
468
}
532
469
533
470
if(debug){
534
471
if(if_indextoname((unsigned int)if_index, interface) == NULL){
535
472
perror("if_indextoname");
538
475
fprintf(stderr, "Binding to interface %s\n", interface);
539
476
}
540
477
541
memset(&to, 0, sizeof(to));
478
memset(&to, 0, sizeof(to)); /* Spurious warning */
542
479
to.in6.sin6_family = AF_INET6;
543
480
/* It would be nice to have a way to detect if we were passed an
544
481
IPv4 address here. Now we assume an IPv6 address. */
574
511
perror("connect");
575
512
return -1;
576
513
}
577
514
578
515
const char *out = mandos_protocol_version;
579
516
written = 0;
580
517
while (true){
598
535
}
599
536
}
600
537
}
601
538
602
539
if(debug){
603
540
fprintf(stderr, "Establishing TLS session with %s\n", ip);
604
541
}
605
542
606
543
gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) tcp_sd);
607
544
608
545
do{
609
546
ret = gnutls_handshake (session);
610
547
} while(ret == GNUTLS_E_AGAIN or ret == GNUTLS_E_INTERRUPTED);
624
561
fprintf(stderr, "Retrieving pgp encrypted password from %s\n",
625
562
ip);
626
563
}
627
564
628
565
while(true){
629
566
buffer_capacity = adjustbuffer(&buffer, buffer_length,
630
567
buffer_capacity);
674
611
gnutls_bye (session, GNUTLS_SHUT_RDWR);
675
612
676
613
if (buffer_length > 0){
677
decrypted_buffer_size = pgp_packet_decrypt(mc, buffer,
614
decrypted_buffer_size = pgp_packet_decrypt(buffer,
678
615
buffer_length,
679
&decrypted_buffer);
616
&decrypted_buffer,
617
keydir);
680
618
if (decrypted_buffer_size >= 0){
681
619
written = 0;
682
620
while(written < (size_t) decrypted_buffer_size){
697
635
} else {
698
636
retval = -1;
699
637
}
700
} else {
701
retval = -1;
702
638
}
703
639
704
640
/* Shutdown procedure */
705
641
706
642
mandos_end:
707
643
free(buffer);
708
ret = TEMP_FAILURE_RETRY(close(tcp_sd));
709
if(ret == -1){
710
perror("close");
711
}
644
close(tcp_sd);
712
645
gnutls_deinit (session);
713
646
return retval;
714
647
}
728
661
flags,
729
662
void* userdata) {
730
663
mandos_context *mc = userdata;
731
assert(r);
664
assert(r); /* Spurious warning */
732
665
733
666
/* Called whenever a service has been resolved successfully or
734
667
timed out */
770
703
flags,
771
704
void* userdata) {
772
705
mandos_context *mc = userdata;
773
assert(b);
706
assert(b); /* Spurious warning */
774
707
775
708
/* Called whenever a new services becomes available on the LAN or
776
709
is removed from the LAN */
810
743
}
811
744
}
812
745
746
/* Combines file name and path and returns the malloced new
747
string. some sane checks could/should be added */
748
static char *combinepath(const char *first, const char *second){
749
char *tmp;
750
int ret = asprintf(&tmp, "%s/%s", first, second);
751
if(ret < 0){
752
return NULL;
753
}
754
return tmp;
755
}
756
757
813
758
int main(int argc, char *argv[]){
814
759
AvahiSServiceBrowser *sb = NULL;
815
760
int error;
821
766
uid_t uid;
822
767
gid_t gid;
823
768
char *connect_to = NULL;
824
char tempdir[] = "/tmp/mandosXXXXXX";
825
769
AvahiIfIndex if_index = AVAHI_IF_UNSPEC;
826
const char *seckey = PATHDIR "/" SECKEY;
827
const char *pubkey = PATHDIR "/" PUBKEY;
828
770
char *pubkeyfilename = NULL;
771
char *seckeyfilename = NULL;
772
const char *pubkeyname = "pubkey.txt";
773
const char *seckeyname = "seckey.txt";
829
774
mandos_context mc = { .simple_poll = NULL, .server = NULL,
830
.dh_bits = 1024, .priority = "SECURE256"
831
":!CTYPE-X.509:+CTYPE-OPENPGP" };
775
.dh_bits = 1024, .priority = "SECURE256"};
832
776
bool gnutls_initalized = false;
833
bool pgpme_initalized = false;
834
777
835
778
{
836
779
struct argp_option options[] = {
837
780
{ .name = "debug", .key = 128,
838
781
.doc = "Debug mode", .group = 3 },
839
782
{ .name = "connect", .key = 'c',
840
.arg = "ADDRESS:PORT",
841
.doc = "Connect directly to a specific Mandos server",
783
.arg = "IP",
784
.doc = "Connect directly to a sepcified mandos server",
842
785
.group = 1 },
843
786
{ .name = "interface", .key = 'i',
844
.arg = "NAME",
845
.doc = "Interface that will be used to search for Mandos"
846
" servers",
787
.arg = "INTERFACE",
788
.doc = "Interface that Avahi will conntect through",
789
.group = 1 },
790
{ .name = "keydir", .key = 'd',
791
.arg = "KEYDIR",
792
.doc = "Directory where the openpgp keyring is",
847
793
.group = 1 },
848
794
{ .name = "seckey", .key = 's',
849
.arg = "FILE",
850
.doc = "OpenPGP secret key file base name",
795
.arg = "SECKEY",
796
.doc = "Secret openpgp key for gnutls authentication",
851
797
.group = 1 },
852
798
{ .name = "pubkey", .key = 'p',
853
.arg = "FILE",
854
.doc = "OpenPGP public key file base name",
799
.arg = "PUBKEY",
800
.doc = "Public openpgp key for gnutls authentication",
855
801
.group = 2 },
856
802
{ .name = "dh-bits", .key = 129,
857
803
.arg = "BITS",
858
.doc = "Bit length of the prime number used in the"
859
" Diffie-Hellman key exchange",
804
.doc = "dh-bits to use in gnutls communication",
860
805
.group = 2 },
861
806
{ .name = "priority", .key = 130,
862
.arg = "STRING",
863
.doc = "GnuTLS priority string for the TLS handshake",
864
.group = 1 },
807
.arg = "PRIORITY",
808
.doc = "GNUTLS priority", .group = 1 },
865
809
{ .name = NULL }
866
810
};
811
867
812
868
813
error_t parse_opt (int key, char *arg,
869
814
struct argp_state *state) {
870
815
/* Get the INPUT argument from `argp_parse', which we know is
871
816
a pointer to our plugin list pointer. */
872
817
switch (key) {
873
case 128: /* --debug */
818
case 128:
874
819
debug = true;
875
820
break;
876
case 'c': /* --connect */
821
case 'c':
877
822
connect_to = arg;
878
823
break;
879
case 'i': /* --interface */
824
case 'i':
880
825
interface = arg;
881
826
break;
882
case 's': /* --seckey */
883
seckey = arg;
884
break;
885
case 'p': /* --pubkey */
886
pubkey = arg;
887
break;
888
case 129: /* --dh-bits */
827
case 'd':
828
keydir = arg;
829
break;
830
case 's':
831
seckeyname = arg;
832
break;
833
case 'p':
834
pubkeyname = arg;
835
break;
836
case 129:
889
837
errno = 0;
890
838
mc.dh_bits = (unsigned int) strtol(arg, NULL, 10);
891
839
if (errno){
893
841
exit(EXIT_FAILURE);
894
842
}
895
843
break;
896
case 130: /* --priority */
844
case 130:
897
845
mc.priority = arg;
898
846
break;
899
847
case ARGP_KEY_ARG:
905
853
}
906
854
return 0;
907
855
}
908
856
909
857
struct argp argp = { .options = options, .parser = parse_opt,
910
858
.args_doc = "",
911
859
.doc = "Mandos client -- Get and decrypt"
912
" passwords from a Mandos server" };
860
" passwords from mandos server" };
913
861
ret = argp_parse (&argp, argc, argv, 0, 0, NULL);
914
862
if (ret == ARGP_ERR_UNKNOWN){
915
863
fprintf(stderr, "Unknown error while parsing arguments\n");
917
865
goto end;
918
866
}
919
867
}
868
869
pubkeyfilename = combinepath(keydir, pubkeyname);
870
if (pubkeyfilename == NULL){
871
perror("combinepath");
872
exitcode = EXIT_FAILURE;
873
goto end;
874
}
875
876
seckeyfilename = combinepath(keydir, seckeyname);
877
if (seckeyfilename == NULL){
878
perror("combinepath");
879
exitcode = EXIT_FAILURE;
880
goto end;
881
}
882
883
ret = init_gnutls_global(&mc, pubkeyfilename, seckeyfilename);
884
if (ret == -1){
885
fprintf(stderr, "init_gnutls_global failed\n");
886
exitcode = EXIT_FAILURE;
887
goto end;
888
} else {
889
gnutls_initalized = true;
890
}
920
891
921
892
/* If the interface is down, bring it up */
922
893
{
926
897
exitcode = EXIT_FAILURE;
927
898
goto end;
928
899
}
929
strcpy(network.ifr_name, interface);
900
strcpy(network.ifr_name, interface); /* Spurious warning */
930
901
ret = ioctl(sd, SIOCGIFFLAGS, &network);
931
902
if(ret == -1){
932
903
perror("ioctl SIOCGIFFLAGS");
942
913
goto end;
943
914
}
944
915
}
945
ret = TEMP_FAILURE_RETRY(close(sd));
946
if(ret == -1){
947
perror("close");
948
}
916
close(sd);
949
917
}
950
918
951
919
uid = getuid();
961
929
perror("setgid");
962
930
}
963
931
964
ret = init_gnutls_global(&mc, pubkey, seckey);
965
if (ret == -1){
966
fprintf(stderr, "init_gnutls_global failed\n");
967
exitcode = EXIT_FAILURE;
968
goto end;
969
} else {
970
gnutls_initalized = true;
971
}
972
973
if(mkdtemp(tempdir) == NULL){
974
perror("mkdtemp");
975
tempdir[0] = '\0';
976
goto end;
977
}
978
979
if(not init_gpgme(&mc, pubkey, seckey, tempdir)){
980
fprintf(stderr, "pgpme_initalized failed\n");
981
exitcode = EXIT_FAILURE;
982
goto end;
983
} else {
984
pgpme_initalized = true;
985
}
986
987
932
if_index = (AvahiIfIndex) if_nametoindex(interface);
988
933
if(if_index == 0){
989
934
fprintf(stderr, "No such interface: \"%s\"\n", interface);
1032
977
exitcode = EXIT_FAILURE;
1033
978
goto end;
1034
979
}
1035
980
1036
981
{
1037
982
AvahiServerConfig config;
1038
983
/* Do not publish any local Zeroconf records */
1041
986
config.publish_addresses = 0;
1042
987
config.publish_workstation = 0;
1043
988
config.publish_domain = 0;
1044
989
1045
990
/* Allocate a new server */
1046
991
mc.server = avahi_server_new(avahi_simple_poll_get
1047
992
(mc.simple_poll), &config, NULL,
1048
993
NULL, &error);
1049
994
1050
995
/* Free the Avahi configuration data */
1051
996
avahi_server_config_free(&config);
1052
997
}
1072
1017
}
1073
1018
1074
1019
/* Run the main loop */
1075
1020
1076
1021
if (debug){
1077
1022
fprintf(stderr, "Starting Avahi loop search\n");
1078
1023
}
1080
1025
avahi_simple_poll_loop(mc.simple_poll);
1081
1026
1082
1027
end:
1083
1028
1084
1029
if (debug){
1085
1030
fprintf(stderr, "%s exiting\n", argv[0]);
1086
1031
}
1091
1036
1092
1037
if (mc.server != NULL)
1093
1038
avahi_server_free(mc.server);
1094
1039
1095
1040
if (mc.simple_poll != NULL)
1096
1041
avahi_simple_poll_free(mc.simple_poll);
1097
1042
free(pubkeyfilename);
1043
free(seckeyfilename);
1044
1098
1045
if (gnutls_initalized){
1099
1046
gnutls_certificate_free_credentials(mc.cred);
1100
1047
gnutls_global_deinit ();
1101
1048
}
1102
1049
1103
if(pgpme_initalized){
1104
gpgme_release(mc.ctx);
1105
}
1106
1107
/* Removes the temp directory used by GPGME */
1108
if(tempdir[0] != '\0'){
1109
DIR *d;
1110
struct dirent *direntry;
1111
d = opendir(tempdir);
1112
if(d == NULL){
1113
perror("opendir");
1114
} else {
1115
while(true){
1116
direntry = readdir(d);
1117
if(direntry == NULL){
1118
break;
1119
}
1120
if (direntry->d_type == DT_REG){
1121
char *fullname = NULL;
1122
ret = asprintf(&fullname, "%s/%s", tempdir,
1123
direntry->d_name);
1124
if(ret < 0){
1125
perror("asprintf");
1126
continue;
1127
}
1128
ret = unlink(fullname);
1129
if(ret == -1){
1130
fprintf(stderr, "unlink(\"%s\"): %s",
1131
fullname, strerror(errno));
1132
}
1133
free(fullname);
1134
}
1135
}
1136
}
1137
ret = rmdir(tempdir);
1138
if(ret == -1){
1139
perror("rmdir");
1140
}
1141
}
1142
1143
1050
return exitcode;
1144
1051
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0