To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/mandos-client.c
- browse files at revision 505.3.6
- compare with another revision
- download diff
- download tarball
- view history from revision 505.3.6
- Committer: teddy at bsnet
- Date: 2011-11-13 13:55:45 UTC
- mto: (505.2.5 mandos-client-network-hooks)
- mto: This revision was merged to the branch mainline in revision 525.
- Revision ID: teddy@fukt.bsnet.se-20111113135545-hyb59g1q2icwdcte
* plugins.d/mandos-client.c: Some white space fixes.
(runnable_hook): Simplify name rule. More debug messages.
(runnable_hook): Simplify name rule. More debug messages.
- files modified:
- TODO
added
removed
plugins.d/mandos-client.c
110
110
init_gnutls_session(),
111
111
GNUTLS_* */
112
112
#include <gnutls/openpgp.h>
113
/* gnutls_certificate_set_openpgp_key_file(),
114
GNUTLS_OPENPGP_FMT_BASE64 */
113
/* gnutls_certificate_set_openpgp_key_file(),
114
GNUTLS_OPENPGP_FMT_BASE64 */
115
115
116
116
/* GPGME */
117
117
#include <gpgme.h> /* All GPGME types, constants and
180
180
* "buffer_length" is how much is already used.
181
181
*/
182
182
size_t incbuffer(char **buffer, size_t buffer_length,
183
size_t buffer_capacity){
183
size_t buffer_capacity){
184
184
if(buffer_length + BUFFER_SIZE > buffer_capacity){
185
185
*buffer = realloc(*buffer, buffer_capacity + BUFFER_SIZE);
186
186
if(buffer == NULL){
192
192
}
193
193
194
194
/* Add server to set of servers to retry periodically */
195
int add_server(const char *ip, uint16_t port,
196
AvahiIfIndex if_index,
197
int af){
195
int add_server(const char *ip, uint16_t port, AvahiIfIndex if_index,
196
int af){
198
197
int ret;
199
198
server *new_server = malloc(sizeof(server));
200
199
if(new_server == NULL){
202
201
return -1;
203
202
}
204
203
*new_server = (server){ .ip = strdup(ip),
205
.port = port,
206
.if_index = if_index,
207
.af = af };
204
.port = port,
205
.if_index = if_index,
206
.af = af };
208
207
if(new_server->ip == NULL){
209
208
perror_plus("strdup");
210
209
return -1;
232
231
/*
233
232
* Initialize GPGME.
234
233
*/
235
static bool init_gpgme(const char *seckey,
236
const char *pubkey, const char *tempdir){
234
static bool init_gpgme(const char *seckey, const char *pubkey,
235
const char *tempdir){
237
236
gpgme_error_t rc;
238
237
gpgme_engine_info_t engine_info;
239
238
426
425
*plaintext = NULL;
427
426
while(true){
428
427
plaintext_capacity = incbuffer(plaintext,
429
(size_t)plaintext_length,
430
plaintext_capacity);
428
(size_t)plaintext_length,
429
plaintext_capacity);
431
430
if(plaintext_capacity == 0){
432
perror_plus("incbuffer");
433
plaintext_length = -1;
434
goto decrypt_end;
431
perror_plus("incbuffer");
432
plaintext_length = -1;
433
goto decrypt_end;
435
434
}
436
435
437
436
ret = gpgme_data_read(dh_plain, *plaintext + plaintext_length,
717
716
718
717
if(IN6_IS_ADDR_LINKLOCAL /* Spurious warnings from */
719
718
(&to.in6.sin6_addr)){ /* -Wstrict-aliasing=2 or lower and
720
-Wunreachable-code*/
719
-Wunreachable-code*/
721
720
if(if_index == AVAHI_IF_UNSPEC){
722
721
fprintf(stderr, "Mandos plugin mandos-client: "
723
722
"An IPv6 link-local address is incomplete"
802
801
while(true){
803
802
size_t out_size = strlen(out);
804
803
ret = (int)TEMP_FAILURE_RETRY(write(tcp_sd, out + written,
805
out_size - written));
804
out_size - written));
806
805
if(ret == -1){
807
806
int e = errno;
808
807
perror_plus("write");
878
877
}
879
878
880
879
buffer_capacity = incbuffer(&buffer, buffer_length,
881
buffer_capacity);
880
buffer_capacity);
882
881
if(buffer_capacity == 0){
883
882
int e = errno;
884
883
perror_plus("incbuffer");
951
950
952
951
if(buffer_length > 0){
953
952
ssize_t decrypted_buffer_size;
954
decrypted_buffer_size = pgp_packet_decrypt(buffer,
955
buffer_length,
953
decrypted_buffer_size = pgp_packet_decrypt(buffer, buffer_length,
956
954
&decrypted_buffer);
957
955
if(decrypted_buffer_size >= 0){
958
956
1282
1280
/* Is this directory entry a runnable program? */
1283
1281
int runnable_hook(const struct dirent *direntry){
1284
1282
int ret;
1283
size_t sret;
1285
1284
struct stat st;
1286
1285
1287
1286
if((direntry->d_name)[0] == '\0'){
1289
1288
return 0;
1290
1289
}
1291
1290
1292
/* Save pointer to last character */
1293
char *end = strchr(direntry->d_name, '\0')-1;
1294
1295
if(*end == '~'){
1296
/* Backup name~ */
1297
return 0;
1298
}
1299
1300
if(((direntry->d_name)[0] == '#')
1301
and (*end == '#')){
1302
/* Temporary #name# */
1303
return 0;
1304
}
1305
1306
/* XXX more rules here */
1291
sret = strspn(direntry->d_name, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
1292
"abcdefghijklmnopqrstuvwxyz"
1293
"0123456789"
1294
"_-");
1295
if((direntry->d_name)[sret] != '\0'){
1296
/* Contains non-allowed characters */
1297
if(debug){
1298
fprintf(stderr, "Mandos plugin mandos-client: "
1299
"Ignoring hook \"%s\" with bad name\n",
1300
direntry->d_name);
1301
}
1302
return 0;
1303
}
1307
1304
1308
1305
char *fullname = NULL;
1309
ret = asprintf(&fullname, "%s/%s", hookdir,
1310
direntry->d_name);
1306
ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1311
1307
if(ret < 0){
1312
1308
perror_plus("asprintf");
1313
1309
return 0;
1316
1312
ret = stat(fullname, &st);
1317
1313
if(ret == -1){
1318
1314
if(debug){
1319
perror_plus("Could not stat plugin");
1315
perror_plus("Could not stat hook");
1320
1316
}
1321
1317
return 0;
1322
1318
}
1323
1319
if(not (S_ISREG(st.st_mode))){
1324
1320
/* Not a regular file */
1321
if(debug){
1322
fprintf(stderr, "Mandos plugin mandos-client: "
1323
"Ignoring hook \"%s\" - not a file\n",
1324
direntry->d_name);
1325
}
1325
1326
return 0;
1326
1327
}
1327
1328
if(not (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))){
1328
1329
/* Not executable */
1330
if(debug){
1331
fprintf(stderr, "Mandos plugin mandos-client: "
1332
"Ignoring hook \"%s\" - not executable\n",
1333
direntry->d_name);
1334
}
1329
1335
return 0;
1330
1336
}
1331
1337
return 1;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0