/mandos/trunk : revision 604

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

Committer: Teddy Hogeborn
Date: 2012-06-17 02:30:59 UTC
Revision ID: teddy@recompile.se-20120617023059-em4nfnxg1tsn64xj

* plugins.d/mandos-client (start_mandos_communication): Bug fix; skip
                                                        non-specified
                                                        interfaces.
  (main): Use lower_privileges() consistently.  Bug fix: Don't remove
          "none" from list of interfaces.  Make --interface=none work
          again by not bringing up interfaces specified after "none".
* plugins.d/mandos-client.xml (OPTIONS): Document new meaning of
                                         specifying --interface=none
                                         together with other
                                         interface names,

files modified:
plugins.d/mandos-client.c

plugins.d/mandos-client.xml

Show diffs side-by-side

added added

removed removed

plugins.d/mandos-client.c

659

return -1;

660

}

661

662

if(if_index != AVAHI_IF_UNSPEC and mc->interfaces != NULL){

663

/* Check if the interface is one of the interfaces we are using */

664

bool match = false;

665

{

666

char *interface = NULL;

667

while((interface=argz_next(mc->interfaces, mc->interfaces_size,

668

interface))){

669

if(if_nametoindex(interface) == (unsigned int)if_index){

670

match = true;

671

break;

672

}

673

}

674

}

675

if(not match){

676

if(debug){

677

char interface[IF_NAMESIZE];

678

if(if_indextoname((unsigned int)if_index, interface) == NULL){

679

perror_plus("if_indextoname");

680

} else {

681

fprintf_plus(stderr, "Skipping server on non-used interface"

682

" \"%s\"\n",

683

if_indextoname((unsigned int)if_index,

684

interface));

685

}

686

}

687

return -1;

688

}

689

}

690

662

691

ret = init_gnutls_session(&session, mc);

663

692

if(ret != 0){

664

693

return -1;

2004

2033

}

2005

2034

2006

2035

/* Lower privileges */

2007

errno = 0;

2008

ret = seteuid(uid);

2009

if(ret == -1){

2010

perror_plus("seteuid");

2011

}

2036

lower_privileges();

2012

2037

}

2013

2038

}

2014

2039

2015

/* Remove empty interface names */

2040

/* Remove invalid interface names (except "none") */

2016

2041

{

2017

2042

char *interface = NULL;

2018

2043

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2019

2044

interface))){

2020

if(if_nametoindex(interface) == 0){

2021

if(interface[0] != '\0' and strcmp(interface, "none") != 0){

2045

if(strcmp(interface, "none") != 0

2046

and if_nametoindex(interface) == 0){

2047

if(interface[0] != '\0'){

2022

2048

fprintf_plus(stderr, "Not using nonexisting interface"

2023

2049

" \"%s\"\n", interface);

2024

2050

}

2030

2056

2031

2057

/* Run network hooks */

2032

2058

{

2033

2034

2059

if(mc.interfaces != NULL){

2035

2060

interfaces_hooks = malloc(mc.interfaces_size);

2036

2061

if(interfaces_hooks == NULL){

2156

2181

}

2157

2182

}

2158

2183

2159

/* If we only got one interface, explicitly use only that one */

2160

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2161

if(debug){

2162

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2163

mc.interfaces);

2164

}

2165

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2166

}

2167

2168

2184

/* Bring up interfaces which are down */

2169

if(not (argz_count(mc.interfaces, mc.interfaces_size) == 1

2170

and strcmp(mc.interfaces, "none") == 0)){

2185

{

2171

2186

char *interface = NULL;

2172

2187

while((interface = argz_next(mc.interfaces, mc.interfaces_size,

2173

2188

interface))){

2189

/* If interface name is "none", stop bringing up interfaces.

2190

Also remove all instances of "none" from the list */

2191

if(strcmp(interface, "none") == 0){

2192

argz_delete(&mc.interfaces, &mc.interfaces_size,

2193

interface);

2194

interface = NULL;

2195

while((interface = argz_next(mc.interfaces,

2196

mc.interfaces_size, interface))){

2197

if(strcmp(interface, "none") == 0){

2198

argz_delete(&mc.interfaces, &mc.interfaces_size,

2199

interface);

2200

interface = NULL;

2201

}

2202

}

2203

break;

2204

}

2174

2205

bool interface_was_up = interface_is_up(interface);

2175

2206

ret = bring_up_interface(interface, delay);

2176

2207

if(not interface_was_up){

2184

2215

}

2185

2216

}

2186

2217

}

2187

free(mc.interfaces);

2188

mc.interfaces = NULL;

2189

mc.interfaces_size = 0;

2190

2218

if(debug and (interfaces_to_take_down == NULL)){

2191

2219

fprintf_plus(stderr, "No interfaces were brought up\n");

2192

2220

}

2193

2221

}

2194

2222

2223

/* If we only got one interface, explicitly use only that one */

2224

if(argz_count(mc.interfaces, mc.interfaces_size) == 1){

2225

if(debug){

2226

fprintf_plus(stderr, "Using only interface \"%s\"\n",

2227

mc.interfaces);

2228

}

2229

if_index = (AvahiIfIndex)if_nametoindex(mc.interfaces);

2230

}

2231

2195

2232

if(quit_now){

2196

2233

goto end;

2197

2234

}

2255

2292

exitcode = EX_USAGE;

2256

2293

goto end;

2257

2294

}

2258

2295

2259

2296

if(quit_now){

2260

2297

goto end;

2261

2298

}

2370

2407

}

2371

2408

2372

2409

/* Cleanup things */

2410

free(mc.interfaces);

2411

2373

2412

if(sb != NULL)

2374

2413

avahi_s_service_browser_free(sb);

2375

2414

Older »