search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixup for Coverity issue #101137.
[libpwmd.git] / src / pinentry.c
bloba3c690eb67441e141d31bda93f97a0a59948a535
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of libpwmd.
6
7 Libpwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Libpwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <sys/types.h>
25 #include <errno.h>
26 #include <stdlib.h>
27 #include <limits.h>
28
29 #ifdef HAVE_STRING_H
30 #include <string.h>
31 #endif
32
33 #include "pinentry.h"
34 #include "misc.h"
35
36 #ifdef WITH_QUALITY
37 #include <crack.h>
38 #endif
39
40 static gpg_error_t set_pinentry_strings (pwm_t * pwm, pwmd_pinentry_t which);
41
42 static gpg_error_t
43 launch_pinentry (pwm_t * pwm)
44 {
45 int rc;
46 assuan_context_t ctx;
47 int child_list[] = { -1 };
48 const char *argv[10];
49 const char **p = argv;
50 static struct assuan_malloc_hooks mhooks = {
51 pwmd_malloc, pwmd_realloc, pwmd_free
52 };
53
54 update_pinentry_settings (pwm);
55 if (!pwm->pinentry_display && !pwm->pinentry_tty)
56 return GPG_ERR_ENOTTY;
57
58 *p++ = "pinentry";
59 *p++ = pwm->pinentry_display ? "--display" : "--ttyname";
60 *p++ = pwm->pinentry_display ? pwm->pinentry_display : pwm->pinentry_tty;
61
62 if (pwm->pinentry_lcctype)
63 {
64 *p++ = "--lc-ctype";
65 *p++ = pwm->pinentry_lcctype;
66 }
67
68 if (pwm->pinentry_lcmessages)
69 {
70 *p++ = "--lc-messages";
71 *p++ = pwm->pinentry_lcmessages;
72 }
73
74 *p = NULL;
75
76 if (!pwm->pinentry_display)
77 {
78 *p++ = "--ttytype";
79 *p++ = pwm->pinentry_term ? pwm->pinentry_term : getenv ("TERM");
80 *p = NULL;
81 }
82
83 rc = assuan_new_ext (&ctx, GPG_ERR_SOURCE_PINENTRY, &mhooks, NULL, NULL);
84 if (rc)
85 return rc;
86
87 rc = assuan_pipe_connect (ctx,
88 pwm->pinentry_path ? pwm->
89 pinentry_path : PINENTRY_PATH, argv, child_list,
90 NULL, NULL, 0);
91 if (rc)
92 {
93 assuan_release (ctx);
94 return rc;
95 }
96
97 pwm->pinentry_pid = assuan_get_pid (ctx);
98 pwm->pctx = ctx;
99 rc = set_pinentry_strings (pwm, 0);
100 if (rc)
101 _pinentry_disconnect (pwm);
102
103 return rc;
104 }
105
106 static gpg_error_t
107 pinentry_command (pwm_t * pwm, char **result, size_t * len, const char *cmd)
108 {
109 if (len)
110 *len = 0;
111
112 if (result)
113 *result = NULL;
114
115 if (!pwm->pctx)
116 {
117 gpg_error_t rc = launch_pinentry (pwm);
118
119 if (rc)
120 return rc;
121 }
122
123 return _assuan_command (pwm, pwm->pctx, result, len, cmd);
124 }
125
126 #ifdef WITH_QUALITY
127 static gpg_error_t
128 quality_cb (void *data, const char *line)
129 {
130 pwm_t *pwm = data;
131 int score = 0;
132 char buf[5];
133 const char *tmp;
134
135 if (strncmp (line, "QUALITY ", 8))
136 return GPG_ERR_INV_ARG;
137
138 if (!(tmp = FascistCheck (line + 8, CRACKLIB_DICT)))
139 return assuan_send_data (pwm->pctx, "100", 3);
140
141 if (!strcmp (tmp, N_("it is WAY too short")))
142 score = 10;
143 else if (!strcmp (tmp, N_("it is too short")))
144 score = 20;
145 else if (!strcmp (tmp, N_("it is all whitespace")))
146 score = 25;
147 else if (!strcmp (tmp, N_("it is based on your username")))
148 score = 30;
149 else if (!strcmp (tmp, N_("it does not contain enough DIFFERENT characters")))
150 score = 35;
151 else if (!strcmp (tmp, N_("it is based on a dictionary word")))
152 score = 40;
153 else if (!strcmp (tmp, N_("it is based upon your password entry")))
154 score = 50;
155 else if (!strcmp (tmp, N_("it's derived from your password entry")))
156 score = 50;
157 else if (!strcmp (tmp, N_("it is derived from your password entry")))
158 score = 50;
159 else if (!strcmp (tmp, N_("it is based on a (reversed) dictionary word")))
160 score = 60;
161 else if (!strcmp (tmp, N_("it is derivable from your password entry")))
162 score = 70;
163 else if (!strcmp (tmp, N_("it's derivable from your password entry")))
164 score = 70;
165 else if (!strcmp (tmp, N_("it looks like a National Insurance number.")))
166 score = 80;
167 else if (!strcmp (tmp, N_("it is too simplistic/systematic")))
168 score = 90;
169 else
170 score = 0;
171
172 snprintf (buf, sizeof (buf), "%i", score);
173 return assuan_send_data (pwm->pctx, buf, strlen (buf));
174 }
175 #endif
176
177 static gpg_error_t
178 set_pinentry_strings (pwm_t * pwm, pwmd_pinentry_t which)
179 {
180 char *tmp, *desc = NULL;
181 gpg_error_t rc;
182
183 if (which != PWMD_PINENTRY_USER)
184 {
185 rc = pinentry_command (pwm, NULL, NULL, "SETERROR ");
186 if (rc)
187 return rc;
188 }
189
190 tmp = pwmd_malloc (ASSUAN_LINELENGTH + 1);
191 if (!tmp)
192 return gpg_error_from_errno (ENOMEM);
193
194 if (!pwm->pinentry_prompt)
195 {
196 pwm->pinentry_prompt = pwmd_strdup (N_("Passphrase:"));
197 if (!pwm->pinentry_prompt)
198 {
199 pwmd_free (tmp);
200 return GPG_ERR_ENOMEM;
201 }
202 }
203
204 if (!pwm->pinentry_desc)
205 {
206 if (which == PWMD_PINENTRY_OPEN || which == PWMD_PINENTRY_OPEN_FAILED)
207 {
208 if (pwm->version >= 0x030100)
209 {
210 char *hint = pwmd_strdup (pwm->passphrase_hint), *hintp = hint;
211 char *info = pwmd_strdup (pwm->passphrase_info), *infop = info;
212 char *userid = strchr (hint, ' ');
213
214 if (userid && *userid)
215 *userid++ = 0;
216
217 infop = strchr (info, ' ');
218 if (infop && *infop)
219 {
220 char *p = strchr (++infop, ' ');
221
222 if (p)
223 infop[strlen(infop)-strlen(p)] = 0;
224 }
225
226 hintp += 8;
227 infop += 8;
228 desc = pwmd_strdup_printf (N_
229 ("Please enter the passphrase to unlock the OpenPGP secret key:%%0A%%0AClient: %s%%0AData file: %s%%0AKey id: %s (0x%s)%%0AMain key ID: 0x%s"), pwm->name ? pwm->name : N_("unknown"), pwm->filename, userid, hintp, infop);
230 pwmd_free (hint);
231 pwmd_free (info);
232 }
233 else
234 {
235 desc = pwmd_strdup_printf (N_ ("A passphrase is required to unlock the secret key for the encrypted data file \"%s\". Please enter the passphrase below."), pwm->filename);
236 }
237 }
238 else if (which == PWMD_PINENTRY_SAVE
239 || which == PWMD_PINENTRY_SAVE_FAILED)
240 desc =
241 pwmd_strdup_printf (N_
242 ("Please enter the passphrase to use to encrypt the data file \"%s\"."),
243 pwm->filename);
244 else if (which == PWMD_PINENTRY_SAVE_CONFIRM)
245 desc =
246 pwmd_strdup_printf (N_
247 ("Please re-enter the passphrase for confirmation."),
248 pwm->filename);
249
250 if (!desc)
251 {
252 pwmd_free (tmp);
253 return GPG_ERR_ENOMEM;
254 }
255 }
256
257 if (pwm->pinentry_desc)
258 desc = pwm->pinentry_desc;
259
260 if (which == PWMD_PINENTRY_USER)
261 {
262 snprintf (tmp, ASSUAN_LINELENGTH, "SETERROR %s",
263 pwm->pinentry_error ? pwm->pinentry_error : "");
264 rc = pinentry_command (pwm, NULL, NULL, tmp);
265 if (rc)
266 {
267 pwmd_free (tmp);
268 return rc;
269 }
270
271 snprintf (tmp, ASSUAN_LINELENGTH, "SETDESC %s",
272 pwm->pinentry_desc ? pwm->pinentry_desc : "");
273 }
274 else
275 {
276 if (which == PWMD_PINENTRY_SAVE_FAILED
277 || which == PWMD_PINENTRY_OPEN_FAILED)
278 {
279 if (which == PWMD_PINENTRY_SAVE_FAILED)
280 snprintf (tmp, ASSUAN_LINELENGTH, "SETERROR %s",
281 N_("Passphrases do not match, try again."));
282 else
283 {
284 if (pwm->pinentry_tries)
285 {
286 strcpy (tmp, "SETERROR ");
287 snprintf (tmp + strlen ("SETERROR "), ASSUAN_LINELENGTH,
288 N_("Bad passphrase (try %i of %i)"),
289 pwm->pinentry_try + 1, pwm->pinentry_tries);
290 }
291 else
292 snprintf (tmp, ASSUAN_LINELENGTH, "SETERROR %s",
293 N_("Bad passphrase, try again"));
294 }
295
296 rc = pinentry_command (pwm, NULL, NULL, tmp);
297 if (rc)
298 {
299 pwmd_free (tmp);
300 return rc;
301 }
302 }
303
304 snprintf (tmp, ASSUAN_LINELENGTH, "SETDESC %s", desc);
305
306 if (pwm->pinentry_desc != desc)
307 pwmd_free (desc);
308 }
309
310 rc = pinentry_command (pwm, NULL, NULL, tmp);
311 if (rc)
312 {
313 pwmd_free (tmp);
314 return rc;
315 }
316
317 snprintf (tmp, ASSUAN_LINELENGTH, "SETPROMPT %s", pwm->pinentry_prompt);
318 rc = pinentry_command (pwm, NULL, NULL, tmp);
319 pwmd_free (tmp);
320
321 #ifdef WITH_QUALITY
322 if (!rc && (which == PWMD_PINENTRY_SAVE ||
323 which == PWMD_PINENTRY_SAVE_FAILED))
324 {
325 rc = pinentry_command (pwm, NULL, NULL, "SETQUALITYBAR");
326 if (!rc)
327 {
328 pwm->_inquire_func = quality_cb;
329 pwm->_inquire_data = pwm;
330 }
331 }
332 #endif
333
334 if (pwm->pinentry_timeout >= 0)
335 {
336 char buf[32];
337
338 snprintf(buf, sizeof(buf), "SETTIMEOUT %i", pwm->pinentry_timeout);
339 rc = pinentry_command(pwm, NULL, NULL, buf);
340 }
341
342 return rc;
343 }
344
345 void
346 _pinentry_disconnect (pwm_t * pwm)
347 {
348 if (pwm->pctx)
349 assuan_release (pwm->pctx);
350
351 pwm->pctx = NULL;
352 pwm->pinentry_pid = -1;
353 }
354
355 gpg_error_t
356 _getpin (pwm_t * pwm, char **result, size_t * len, pwmd_pinentry_t which)
357 {
358 gpg_error_t rc = set_pinentry_strings (pwm, which);
359
360 if (rc)
361 {
362 _pinentry_disconnect (pwm);
363 return rc;
364 }
365
366 rc = pinentry_command (pwm, result, len,
367 which == PWMD_PINENTRY_CONFIRM ? "CONFIRM" : "GETPIN");
368 if (rc)
369 {
370 _pinentry_disconnect (pwm);
371
372 /* This lets PWMD_OPTION_PINENTRY_TIMEOUT work. Note that it is not
373 * thread safe do to the global variables. */
374 if (gpg_err_code (rc) == GPG_ERR_EOF)
375 rc = GPG_ERR_CANCELED;
376 }
377 else if (which != PWMD_PINENTRY_CONFIRM && len && result)
378 {
379 if (*len)
380 *len = strlen (*result); // remove the null byte
381 else
382 {
383 *result = pwmd_malloc (1);
384 *(*result) = 0;
385 *len = 1;
386 }
387 }
388
389 return rc;
390 }
391
392 gpg_error_t
393 _pwmd_getpin (pwm_t * pwm, const char *filename, char **result,
394 size_t * len, pwmd_pinentry_t which)
395 {
396 gpg_error_t rc;
397 char *p;
398
399 if (!pwm)
400 return GPG_ERR_INV_ARG;
401
402 p = pwm->filename;
403 if (which == PWMD_PINENTRY_CLOSE)
404 {
405 _pinentry_disconnect (pwm);
406 return 0;
407 }
408
409 if (!result && which != PWMD_PINENTRY_CONFIRM)
410 return GPG_ERR_INV_ARG;
411
412 pwm->filename = (char *) filename;
413 rc = _getpin (pwm, result, len, which);
414 pwm->filename = p;
415 return rc;
416 }
An API for pwmd.