1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
26 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <sys/select.h>
60 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
);
61 static gpg_error_t
_pwmd_process(pwm_t
*pwm
);
62 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
);
63 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
);
65 static const char *_pwmd_strerror(gpg_error_t e
)
67 gpg_err_code_t code
= gpg_err_code(e
);
69 if (code
>= GPG_ERR_USER_1
&& code
< gpg_err_code(EPWMD_MAX
)) {
72 return N_("No file is open");
74 return N_("General LibXML error");
76 return N_("File modified");
78 return N_("Unknown error");
85 const char *pwmd_strerror(gpg_error_t code
)
87 const char *p
= _pwmd_strerror(code
);
89 return p
? p
: gpg_strerror(code
);
92 int pwmd_strerror_r(gpg_error_t code
, char *buf
, size_t size
)
94 const char *p
= _pwmd_strerror(code
);
97 snprintf(buf
, size
, "%s", p
);
105 return gpg_strerror_r(code
, buf
, size
);
108 gpg_error_t
pwmd_init()
110 static int initialized
;
119 bindtextdomain("libpwmd", LOCALEDIR
);
122 assuan_set_malloc_hooks(pwmd_malloc
, pwmd_realloc
, pwmd_free
);
123 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT
);
128 gpg_error_t
_connect_finalize(pwm_t
*pwm
)
131 int n
= assuan_get_active_fds(pwm
->ctx
, 0, active
, N_ARRAY(active
));
135 return GPG_ERR_EBADFD
;
141 assuan_set_pointer(pwm
->ctx
, pwm
);
144 // Until X11 forwarding is supported, disable the remote pwmd pinentry.
146 pwm
->tcp_conn
->state
= SSH_NONE
;
147 rc
= pwmd_command(pwm
, NULL
, "SET ENABLE_PINENTRY=0");
155 rc
= pwmd_command(pwm
, NULL
, "SET NAME=%s", pwm
->name
);
164 static gpg_error_t
_pwmd_connect_url(pwm_t
*pwm
, const char *url
, int async
)
166 char *p
= (char *)url
;
170 return GPG_ERR_INV_ARG
;
172 if (!p
|| !strncmp(p
, "file://", 7) || !strncmp(p
, "local://", 8)) {
174 if (!strncmp(p
, "file://", 7))
182 else if (!strncmp(p
, "ssh://", 6) || !strncmp(p
, "ssh6://", 7) ||
183 !strncmp(p
, "ssh4://", 7)) {
185 return GPG_ERR_NOT_IMPLEMENTED
;
189 char *identity
= NULL
;
190 char *known_hosts
= NULL
;
191 char *username
= NULL
;
193 if (!strncmp(p
, "ssh6://", 7)) {
194 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV6
);
197 else if (!strncmp(p
, "ssh4://", 7)) {
198 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV4
);
202 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IP_ANY
);
209 rc
= _parse_ssh_url(p
, &host
, &port
, &username
, &identity
,
216 rc
= pwmd_ssh_connect_async(pwm
, host
, port
, identity
, username
,
219 rc
= pwmd_ssh_connect(pwm
, host
, port
, identity
, username
,
233 pwmd_free(known_hosts
);
240 rc
= pwmd_connect(pwm
, p
);
241 pwm
->state
= ASYNC_DONE
;
245 gpg_error_t
pwmd_connect_url(pwm_t
*pwm
, const char *url
)
247 return _pwmd_connect_url(pwm
, url
, 0);
250 gpg_error_t
pwmd_connect_url_async(pwm_t
*pwm
, const char *url
)
252 return _pwmd_connect_url(pwm
, url
, 1);
255 gpg_error_t
pwmd_connect(pwm_t
*pwm
, const char *path
)
257 char *socketpath
= NULL
;
258 assuan_context_t ctx
;
264 return GPG_ERR_INV_ARG
;
266 pwbuf
= _getpwuid(&pw
);
269 return gpg_error_from_errno(errno
);
272 socketpath
= pwmd_strdup_printf("%s/.pwmd/socket", pw
.pw_dir
);
274 socketpath
= _expand_homedir((char *)path
, &pw
);
279 return gpg_error_from_errno(ENOMEM
);
281 rc
= assuan_socket_connect_ext(&ctx
, socketpath
, -1, 0);
282 pwmd_free(socketpath
);
285 return gpg_err_code(rc
);
288 return _connect_finalize(pwm
);
291 static void disconnect(pwm_t
*pwm
)
293 if (!pwm
|| !pwm
->ctx
)
296 assuan_disconnect(pwm
->ctx
);
301 void pwmd_close(pwm_t
*pwm
)
309 pwmd_free(pwm
->password
);
312 pwmd_free(pwm
->title
);
315 pwmd_free(pwm
->desc
);
318 pwmd_free(pwm
->prompt
);
320 if (pwm
->pinentry_tty
)
321 pwmd_free(pwm
->pinentry_tty
);
323 if (pwm
->pinentry_display
)
324 pwmd_free(pwm
->pinentry_display
);
326 if (pwm
->pinentry_term
)
327 pwmd_free(pwm
->pinentry_term
);
330 pwmd_free(pwm
->lcctype
);
333 pwmd_free(pwm
->lcmessages
);
336 pwmd_free(pwm
->filename
);
339 pwmd_free(pwm
->name
);
343 _free_ssh_conn(pwm
->tcp_conn
);
348 _pinentry_disconnect(pwm
);
354 static gpg_error_t
do_async_command(pwm_t
*pwm
, char **result
)
360 s
= pwmd_process(pwm
, &rc
, result
);
362 if (s
!= ASYNC_DONE
) {
369 } while (s
!= ASYNC_DONE
);
374 gpg_error_t
pwmd_ssh_connect_async(pwm_t
*pwm
, const char *host
, int port
,
375 const char *identity
, const char *user
, const char *known_hosts
)
378 return GPG_ERR_NOT_IMPLEMENTED
;
380 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, identity
, user
,
381 known_hosts
, ASYNC_CMD_CONNECT
);
385 gpg_error_t
pwmd_ssh_connect(pwm_t
*pwm
, const char *host
, int port
,
386 const char *identity
, const char *user
, const char *known_hosts
)
389 return GPG_ERR_NOT_IMPLEMENTED
;
393 rc
= _do_pwmd_ssh_connect_async(pwm
, host
, port
, identity
, user
,
394 known_hosts
, ASYNC_CMD_CONNECT
);
395 return rc
|| do_async_command(pwm
, NULL
);
399 gpg_error_t
pwmd_get_hostkey(pwm_t
*pwm
, const char *host
, int port
,
403 return GPG_ERR_NOT_IMPLEMENTED
;
407 rc
= _do_pwmd_ssh_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
410 return rc
|| do_async_command(pwm
, result
);
414 gpg_error_t
pwmd_get_hostkey_async(pwm_t
*pwm
, const char *host
, int port
)
417 return GPG_ERR_NOT_IMPLEMENTED
;
419 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
424 static int inquire_realloc_cb(void *data
, const void *buffer
, size_t len
)
426 membuf_t
*mem
= (membuf_t
*)data
;
432 if ((p
= pwmd_realloc(mem
->buf
, mem
->len
+ len
)) == NULL
)
433 return gpg_error_from_errno(ENOMEM
);
436 memcpy((char *)mem
->buf
+ mem
->len
, buffer
, len
);
441 static int inquire_cb(void *data
, const char *keyword
)
443 pwm_t
*pwm
= (pwm_t
*)data
;
446 /* Shouldn't get this far without a callback. */
447 if (!pwm
->inquire_func
)
448 return GPG_ERR_INV_ARG
;
455 rc
= pwm
->inquire_func(pwm
->inquire_data
, keyword
, rc
, &result
, &len
);
456 rc
= gpg_err_code(rc
);
458 if (rc
== GPG_ERR_EOF
|| !rc
) {
459 if (len
<= 0 || !result
) {
464 arc
= assuan_send_data(pwm
->ctx
, result
, len
);
465 arc
= gpg_err_code(arc
);
467 if (rc
== GPG_ERR_EOF
) {
478 pwm
->inquire_sent
+= len
;
480 if (pwm
->status_func
) {
481 char buf
[ASSUAN_LINELENGTH
];
483 snprintf(buf
, sizeof(buf
), "XFER %u %u", pwm
->inquire_sent
,
485 rc
= pwm
->status_func(pwm
->status_data
, buf
);
491 rc
= _pwmd_process(pwm
);
493 if (rc
== GPG_ERR_EAGAIN
) {
504 return gpg_err_code(rc
);
507 static gpg_error_t
do_nb_command(pwm_t
*pwm
, const char *cmd
, ...)
514 if (pwm
->state
== ASYNC_DONE
)
515 pwm
->state
= ASYNC_INIT
;
517 if (pwm
->state
!= ASYNC_INIT
)
518 return GPG_ERR_INV_STATE
;
520 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
523 return gpg_error_from_errno(ENOMEM
);
526 len
= vsnprintf(buf
, ASSUAN_LINELENGTH
+1, cmd
, ap
);
529 if (len
>= ASSUAN_LINELENGTH
+1) {
531 return GPG_ERR_LINE_TOO_LONG
;
534 rc
= assuan_write_line(pwm
->ctx
, buf
);
538 pwm
->state
= ASYNC_PROCESS
;
540 return gpg_err_code(rc
);
543 gpg_error_t
pwmd_open_async(pwm_t
*pwm
, const char *filename
)
546 const char *f
= NULL
;
549 if (!pwm
|| !filename
)
550 return GPG_ERR_INV_ARG
;
553 return GPG_ERR_INV_STATE
;
555 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
556 return GPG_ERR_ASS_NESTED_COMMANDS
;
558 if (pwm
->lastcmd
== ASYNC_CMD_NONE
) {
562 pwmd_free(pwm
->filename
);
564 pwm
->filename
= pwmd_strdup(filename
);
567 return gpg_error_from_errno(ENOMEM
);
569 gpg_error_t rc
= send_pinentry_options(pwm
);
574 rc
= get_custom_passphrase(pwm
, &p
);
576 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
582 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN2
) {
587 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN
) {
588 rc
= set_pinentry_retry(pwm
);
597 return GPG_ERR_INV_STATE
;
599 pwm
->cmd
= ASYNC_CMD_OPEN
;
600 return do_nb_command(pwm
, "OPEN %s %s", f
, p
? p
: "");
603 gpg_error_t
pwmd_save_async(pwm_t
*pwm
)
608 return GPG_ERR_INV_ARG
;
611 return GPG_ERR_INV_STATE
;
613 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
614 return GPG_ERR_ASS_NESTED_COMMANDS
;
616 if (pwm
->lastcmd
!= ASYNC_CMD_SAVE2
) {
617 gpg_error_t rc
= send_pinentry_options(pwm
);
622 rc
= get_custom_passphrase(pwm
, &p
);
624 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
632 pwm
->cmd
= ASYNC_CMD_SAVE
;
633 return do_nb_command(pwm
, "SAVE %s", p
? p
: "");
636 static gpg_error_t
parse_assuan_line(pwm_t
*pwm
)
642 rc
= assuan_read_line(pwm
->ctx
, &line
, &len
);
645 if (line
[0] == 'O' && line
[1] == 'K' &&
646 (line
[2] == 0 || line
[2] == ' ')) {
647 pwm
->state
= ASYNC_DONE
;
649 else if (line
[0] == '#') {
651 else if (line
[0] == 'S' && (line
[1] == 0 || line
[1] == ' ')) {
652 if (pwm
->status_func
) {
653 rc
= pwm
->status_func(pwm
->status_data
,
654 line
[1] == 0 ? line
+1 : line
+2);
657 else if (line
[0] == 'E' && line
[1] == 'R' && line
[2] == 'R' &&
658 (line
[3] == 0 || line
[3] == ' ')) {
661 pwm
->state
= ASYNC_DONE
;
665 return gpg_err_code(rc
);
668 gpg_error_t
pwmd_pending_line(pwm_t
*pwm
)
671 return GPG_ERR_INV_ARG
;
674 return GPG_ERR_INV_STATE
;
676 return assuan_pending_line(pwm
->ctx
) ? 0 : GPG_ERR_NO_DATA
;
679 static pwmd_async_t
reset_async(pwm_t
*pwm
, int done
)
681 pwm
->state
= ASYNC_INIT
;
682 pwm
->cmd
= pwm
->lastcmd
= ASYNC_CMD_NONE
;
685 if (pwm
->nb_fd
!= -1) {
690 if (pwm
->_password
) {
691 pwmd_free(pwm
->_password
);
692 pwm
->_password
= NULL
;
697 pwm
->tcp_conn
->rc
= 0;
699 if (done
&& pwm
->tcp_conn
) {
700 _free_ssh_conn(pwm
->tcp_conn
);
701 pwm
->tcp_conn
= NULL
;
709 * Used for processing status messages when not in an async command and for
710 * waiting for the result from pwmd_open_async() and pwmd_save_async().
712 static gpg_error_t
_pwmd_process(pwm_t
*pwm
)
716 struct timeval tv
= {0, 0};
720 FD_SET(pwm
->fd
, &fds
);
722 n
= pth_select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
724 n
= select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
728 return gpg_error_from_syserror();
731 if (FD_ISSET(pwm
->fd
, &fds
))
732 rc
= parse_assuan_line(pwm
);
735 while (!rc
&& assuan_pending_line(pwm
->ctx
))
736 rc
= parse_assuan_line(pwm
);
738 return gpg_err_code(rc
);
741 static void reset_handle(pwm_t
*h
)
746 _pinentry_disconnect(h
);
754 gpg_error_t
pwmd_disconnect(pwm_t
*pwm
)
757 return GPG_ERR_INV_ARG
;
760 if (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1)
764 return GPG_ERR_INV_STATE
;
770 _ssh_disconnect(pwm
);
777 pwmd_async_t
pwmd_process(pwm_t
*pwm
, gpg_error_t
*rc
, char **result
)
779 #if defined(WITH_PINENTRY) || defined(WITH_TCP)
782 struct timeval tv
= {0, 0};
789 return GPG_ERR_INV_ARG
;
794 *rc
= GPG_ERR_INV_ARG
;
797 else if (!pwm
->ctx
) {
800 *rc
= GPG_ERR_INV_STATE
;
804 case ASYNC_CMD_CONNECT
:
805 case ASYNC_CMD_HOSTKEY
:
811 /* When not in a command, this will let libassuan process status messages
812 * by calling PWMD_OPTION_STATUS_FUNC. The client can poll the file
813 * descriptor returned by pwmd_get_fd() to determine when this should be
814 * called or call pwmd_pending_line() to determine whether a buffered line
815 * needs to be processed. */
816 if (pwm
->cmd
== ASYNC_CMD_NONE
) {
817 *rc
= _pwmd_process(pwm
);
821 /* Fixes pwmd_open/save_async2() when there is a cached or new file. */
822 if (pwm
->state
== ASYNC_DONE
) {
823 *rc
= _pwmd_process(pwm
);
824 return reset_async(pwm
, 0);
827 if (pwm
->state
!= ASYNC_PROCESS
) {
828 *rc
= GPG_ERR_INV_STATE
;
833 if (pwm
->cmd
== ASYNC_CMD_DNS
) {
836 if (pwm
->tcp_conn
->rc
) {
837 *rc
= pwm
->tcp_conn
->rc
;
838 return reset_async(pwm
, 1);
843 n
= ares_fds(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
845 /* Shouldn't happen. */
850 n
= pth_select(n
, &rfds
, &wfds
, NULL
, &tv
);
852 n
= select(n
, &rfds
, &wfds
, NULL
, &tv
);
856 *rc
= gpg_error_from_syserror();
857 return reset_async(pwm
, 1);
861 ares_process(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
865 else if (pwm
->cmd
== ASYNC_CMD_CONNECT
) {
866 if (pwm
->tcp_conn
->rc
== GPG_ERR_EINPROGRESS
) {
868 socklen_t len
= sizeof(int);
871 FD_SET(pwm
->tcp_conn
->fd
, &fds
);
873 n
= pth_select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
875 n
= select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
878 if (!n
|| !FD_ISSET(pwm
->tcp_conn
->fd
, &fds
))
881 *rc
= gpg_error_from_syserror();
882 return reset_async(pwm
, 1);
885 ret
= getsockopt(pwm
->tcp_conn
->fd
, SOL_SOCKET
, SO_ERROR
, &n
, &len
);
888 *rc
= ret
? gpg_error_from_syserror() : gpg_error_from_errno(n
);
889 return reset_async(pwm
, 1);
892 pwm
->tcp_conn
->state
= SSH_NONE
;
893 pwm
->tcp_conn
->rc
= 0;
894 *rc
= _setup_ssh_session(pwm
);
896 if (*rc
&& *rc
!= GPG_ERR_EAGAIN
)
897 return reset_async(pwm
, 1);
899 else if (pwm
->tcp_conn
->rc
) {
900 *rc
= pwm
->tcp_conn
->rc
;
901 return reset_async(pwm
, 1);
904 switch (pwm
->tcp_conn
->state
) {
906 *rc
= _setup_ssh_init(pwm
);
909 *rc
= _setup_ssh_authlist(pwm
);
912 *rc
= _setup_ssh_auth(pwm
);
915 *rc
= _setup_ssh_channel(pwm
);
918 *rc
= _setup_ssh_shell(pwm
);
924 if (*rc
== GPG_ERR_EAGAIN
) {
926 return ASYNC_PROCESS
;
930 switch (pwm
->tcp_conn
->cmd
) {
931 case ASYNC_CMD_HOSTKEY
:
932 *result
= pwmd_strdup(pwm
->tcp_conn
->hostkey
);
935 *rc
= GPG_ERR_ENOMEM
;
942 return reset_async(pwm
, *rc
? 1 : 0);
947 if (pwm
->cmd
== ASYNC_CMD_OPEN2
|| pwm
->cmd
== ASYNC_CMD_SAVE2
) {
950 if (pwm
->nb_fd
== -1) {
951 *rc
= GPG_ERR_INV_STATE
;
952 return reset_async(pwm
, 0);
956 FD_SET(pwm
->nb_fd
, &fds
);
957 FD_SET(pwm
->fd
, &fds
);
959 n
= pth_select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
961 n
= select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
964 *rc
= gpg_error_from_syserror();
965 return reset_async(pwm
, 0);
968 if (n
> 0 && FD_ISSET(pwm
->nb_fd
, &fds
)) {
971 size_t len
= pth_read(pwm
->nb_fd
, &nb
, sizeof(nb
));
973 size_t len
= read(pwm
->nb_fd
, &nb
, sizeof(nb
));
975 waitpid(pwm
->nb_pid
, &status
, WNOHANG
);
977 if (len
!= sizeof(nb
)) {
978 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
979 *rc
= gpg_error_from_syserror();
980 return reset_async(pwm
, 0);
986 return reset_async(pwm
, 0);
988 /* Since the non-blocking pinentry returned a success, do a
989 * non-blocking OPEN or SAVE. */
990 pwmd_async_cmd_t c
= pwm
->cmd
;
992 pwm
->_password
= pwmd_strdup(nb
.password
);
993 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
996 if (!pwm
->_password
) {
997 *rc
= gpg_error_from_errno(ENOMEM
);
998 return reset_async(pwm
, 0);
1001 if (c
== ASYNC_CMD_SAVE2
)
1002 *rc
= pwmd_save_async(pwm
);
1004 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1007 reset_async(pwm
, 0);
1011 return ASYNC_PROCESS
;
1014 /* Fall through so status messages can be processed during the
1020 *rc
= GPG_ERR_INV_STATE
;
1021 return reset_async(pwm
, 0);
1024 /* This is for pwmd_open_async() and pwmd_save_async(). For pinentry
1026 *rc
= _pwmd_process(pwm
);
1028 if (*rc
&& *rc
!= GPG_ERR_INV_PASSPHRASE
)
1029 return reset_async(pwm
, 0);
1031 if (pwm
->cmd
== ASYNC_CMD_OPEN
&&
1032 *rc
== GPG_ERR_INV_PASSPHRASE
&&
1034 (!pwm
->tcp_conn
|| (pwm
->tcp_conn
&& pwm
->lastcmd
== ASYNC_CMD_OPEN2
)) &&
1036 ++pwm
->pin_try
< pwm
->pinentry_tries
) {
1037 if (!get_custom_passphrase(pwm
, NULL
))
1040 #ifdef WITH_PINENTRY
1041 if (pwm
->_password
) {
1042 reset_async(pwm
, 0);
1043 pwm
->lastcmd
= ASYNC_CMD_OPEN2
;
1044 *rc
= pwmd_open_async2(pwm
, pwm
->filename
);
1048 reset_async(pwm
, 0);
1049 pwm
->lastcmd
= ASYNC_CMD_OPEN
;
1050 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1051 #ifdef WITH_PINENTRY
1057 if (*rc
|| pwm
->state
== ASYNC_DONE
)
1058 return reset_async(pwm
, 0);
1063 gpg_error_t
_assuan_command(pwm_t
*pwm
, assuan_context_t ctx
,
1064 char **result
, const char *cmd
)
1070 return GPG_ERR_INV_ARG
;
1072 if (strlen(cmd
) >= ASSUAN_LINELENGTH
+1)
1073 return GPG_ERR_LINE_TOO_LONG
;
1077 rc
= assuan_transact(ctx
, cmd
, inquire_realloc_cb
, &data
,
1079 pwm
->pctx
== ctx
? pwm
->_inquire_func
: inquire_cb
,
1080 pwm
->pctx
== ctx
? pwm
->_inquire_data
: pwm
,
1084 pwm
->status_func
, pwm
->status_data
);
1088 pwmd_free(data
.buf
);
1094 inquire_realloc_cb(&data
, "", 1);
1097 pwmd_free(data
.buf
);
1098 rc
= GPG_ERR_INV_ARG
;
1101 *result
= (char *)data
.buf
;
1105 return gpg_err_code(rc
);
1108 gpg_error_t
pwmd_inquire(pwm_t
*pwm
, const char *cmd
, pwmd_inquire_cb_t fn
,
1111 if (!pwm
|| !cmd
|| !fn
)
1112 return GPG_ERR_INV_ARG
;
1115 return GPG_ERR_INV_STATE
;
1117 pwm
->inquire_func
= fn
;
1118 pwm
->inquire_data
= data
;
1119 pwm
->inquire_sent
= 0;
1120 return _assuan_command(pwm
, pwm
->ctx
, NULL
, cmd
);
1123 gpg_error_t
pwmd_command_ap(pwm_t
*pwm
, char **result
, const char *cmd
,
1131 return GPG_ERR_INV_ARG
;
1134 return GPG_ERR_INV_STATE
;
1137 * C99 allows the dst pointer to be null which will calculate the length
1138 * of the would-be result and return it.
1141 len
= vsnprintf(NULL
, 0, cmd
, ap
)+1;
1142 buf
= (char *)pwmd_malloc(len
);
1146 return gpg_error_from_errno(ENOMEM
);
1149 len
= vsnprintf(buf
, len
, cmd
, ap2
);
1152 if (buf
[strlen(buf
)-1] == '\n')
1153 buf
[strlen(buf
)-1] = 0;
1155 if (buf
[strlen(buf
)-1] == '\r')
1156 buf
[strlen(buf
)-1] = 0;
1158 gpg_error_t rc
= _assuan_command(pwm
, pwm
->ctx
, result
, buf
);
1163 gpg_error_t
pwmd_command(pwm_t
*pwm
, char **result
, const char *cmd
, ...)
1168 return GPG_ERR_INV_ARG
;
1171 return GPG_ERR_INV_STATE
;
1177 gpg_error_t rc
= pwmd_command_ap(pwm
, result
, cmd
, ap
);
1182 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
)
1186 if (pwm
->pinentry_path
) {
1187 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_PATH=%s",
1188 pwm
->pinentry_path
);
1194 if (pwm
->pinentry_tty
) {
1195 rc
= pwmd_command(pwm
, NULL
, "SET TTYNAME=%s", pwm
->pinentry_tty
);
1201 if (pwm
->pinentry_term
) {
1202 rc
= pwmd_command(pwm
, NULL
, "SET TTYTYPE=%s", pwm
->pinentry_term
);
1208 if (pwm
->pinentry_display
) {
1209 rc
= pwmd_command(pwm
, NULL
, "SET DISPLAY=%s",
1210 pwm
->pinentry_display
);
1217 rc
= pwmd_command(pwm
, NULL
, "SET TITLE=%s", pwm
->title
);
1224 rc
= pwmd_command(pwm
, NULL
, "SET DESC=%s", pwm
->desc
);
1231 rc
= pwmd_command(pwm
, NULL
, "SET PROMPT=%s", pwm
->prompt
);
1238 rc
= pwmd_command(pwm
, NULL
, "SET LC_CTYPE=%s", pwm
->lcctype
);
1244 if (pwm
->lcmessages
) {
1245 rc
= pwmd_command(pwm
, NULL
, "SET LC_MESSAGES=%s", pwm
->lcmessages
);
1251 if (pwm
->pinentry_timeout
>= 0 && !pwm
->pin_try
) {
1252 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_TIMEOUT=%i",
1253 pwm
->pinentry_timeout
);
1262 gpg_error_t
pwmd_socket_type(pwm_t
*pwm
, pwmd_socket_t
*result
)
1264 if (!pwm
|| !result
)
1265 return GPG_ERR_INV_ARG
;
1268 if ((pwm
->fd
== -1 && !pwm
->tcp_conn
) ||
1269 (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1))
1273 return GPG_ERR_INV_STATE
;
1276 *result
= pwm
->tcp_conn
? PWMD_SOCKET_SSH
: PWMD_SOCKET_LOCAL
;
1278 *result
= PWMD_SOCKET_LOCAL
;
1283 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
)
1287 if (pwm
->pin_try
== 1) {
1288 rc
= pwmd_command(pwm
, NULL
, "SET TITLE=%s",
1289 N_("Invalid passphrase, please try again."));
1294 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_TIMEOUT=0");
1300 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
)
1302 gpg_error_t rc
= GPG_ERR_NO_DATA
;
1307 if (pwm
->password
|| pwm
->passfunc
)
1311 if (pwm
->password
) {
1313 *result
= pwm
->password
;
1315 else if (pwm
->passfunc
)
1316 rc
= pwm
->passfunc(pwm
->passdata
, result
);
1321 static gpg_error_t
do_pwmd_open(pwm_t
*pwm
, const char *filename
, int nb
,
1324 char *result
= NULL
;
1325 char *password
= NULL
;
1328 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1331 if (!pwm
|| !filename
|| !*filename
)
1332 return GPG_ERR_INV_ARG
;
1335 return GPG_ERR_INV_STATE
;
1338 * Avoid calling pinentry if the password is cached on the server or if
1339 * this is a new file.
1341 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", filename
);
1343 if (rc
== GPG_ERR_ENOENT
)
1346 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1349 if (rc
== GPG_ERR_NOT_FOUND
) {
1350 rc
= get_custom_passphrase(pwm
, &password
);
1352 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1354 else if (rc
== GPG_ERR_NO_DATA
)
1355 rc
= GPG_ERR_NOT_FOUND
;
1360 #ifdef WITH_PINENTRY
1361 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1362 /* Prevent pwmd from using it's pinentry if the passphrase fails. */
1363 if (!pwm
->pin_try
) {
1364 rc
= pwmd_command(pwm
, NULL
, "SET ENABLE_PINENTRY=0");
1370 rc
= _pinentry_open(pwm
, filename
, &password
, nb
);
1372 /* pwmd_process() should be called if using a non-blocking local
1374 if (rc
|| (!rc
&& nb
))
1380 reset_async(pwm
, 0);
1383 if (!local_pinentry
&& !pwm
->tcp_conn
&& !pwm
->pin_try
) {
1385 if (!local_pinentry
&& !pwm
->pin_try
) {
1387 rc
= send_pinentry_options(pwm
);
1393 rc
= pwmd_command(pwm
, NULL
, "OPEN %s %s", filename
,
1394 password
? password
: "");
1397 * Keep the user defined password set with pwmd_setopt(). The password may
1398 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
1400 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1401 pwmd_free(password
);
1403 if (rc
== GPG_ERR_INV_PASSPHRASE
) {
1404 if (++pwm
->pin_try
< pwm
->pinentry_tries
) {
1405 if (!get_custom_passphrase(pwm
, NULL
))
1408 #ifdef WITH_PINENTRY
1410 if (pwm
->tcp_conn
&& !local_pinentry
)
1412 else if (local_pinentry
)
1413 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1417 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1427 rc
= set_pinentry_retry(pwm
);
1434 #ifdef WITH_PINENTRY
1435 else if (local_pinentry
)
1436 _pinentry_disconnect(pwm
);
1442 #ifdef WITH_PINENTRY
1443 else if (rc
&& local_pinentry
)
1444 _pinentry_disconnect(pwm
);
1449 pwmd_free(pwm
->filename
);
1451 pwm
->filename
= pwmd_strdup(filename
);
1457 gpg_error_t
pwmd_open2(pwm_t
*pwm
, const char *filename
)
1459 #ifndef WITH_PINENTRY
1460 return GPG_ERR_NOT_IMPLEMENTED
;
1462 return do_pwmd_open(pwm
, filename
, 0, 1);
1466 gpg_error_t
pwmd_open(pwm_t
*pwm
, const char *filename
)
1468 return do_pwmd_open(pwm
, filename
, 0, 0);
1471 gpg_error_t
pwmd_open_async2(pwm_t
*pwm
, const char *filename
)
1473 #ifndef WITH_PINENTRY
1474 return GPG_ERR_NOT_IMPLEMENTED
;
1476 if (!pwm
|| !filename
)
1477 return GPG_ERR_INV_ARG
;
1480 return GPG_ERR_INV_STATE
;
1482 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1483 return GPG_ERR_ASS_NESTED_COMMANDS
;
1485 /* Initialize a new command since this is not a pinentry retry. */
1486 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1489 pwm
->cmd
= ASYNC_CMD_OPEN2
;
1490 pwm
->state
= ASYNC_PROCESS
;
1491 gpg_error_t rc
= do_pwmd_open(pwm
, filename
, 1, 1);
1494 reset_async(pwm
, 0);
1500 static gpg_error_t
do_pwmd_save(pwm_t
*pwm
, int nb
, int local_pinentry
)
1502 char *result
= NULL
;
1503 char *password
= NULL
;
1507 return GPG_ERR_INV_ARG
;
1510 return GPG_ERR_INV_STATE
;
1512 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", pwm
->filename
);
1514 if (rc
== GPG_ERR_ENOENT
)
1515 rc
= GPG_ERR_NOT_FOUND
;
1517 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1520 if (rc
== GPG_ERR_NOT_FOUND
) {
1521 rc
= get_custom_passphrase(pwm
, &password
);
1523 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1525 else if (rc
== GPG_ERR_NO_DATA
)
1526 rc
= GPG_ERR_NOT_FOUND
;
1531 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1532 #ifdef WITH_PINENTRY
1533 /* Get the password using the LOCAL pinentry. */
1537 pwmd_nb_status_t pw
;
1540 return gpg_error_from_syserror();
1553 pw
.error
= _do_save_getpin(pwm
, &password
);
1556 snprintf(pw
.password
, sizeof(pw
.password
), "%s",
1558 pwmd_free(password
);
1561 pth_write(p
[1], &pw
, sizeof(pw
));
1563 write(p
[1], &pw
, sizeof(pw
));
1565 memset(&pw
, 0, sizeof(pw
));
1570 rc
= gpg_error_from_syserror();
1584 rc
= _do_save_getpin(pwm
, &password
);
1591 pwm
->state
= ASYNC_DONE
;
1594 reset_async(pwm
, 0);
1597 if (!local_pinentry
&& !pwm
->tcp_conn
) {
1599 if (!local_pinentry
) {
1601 rc
= send_pinentry_options(pwm
);
1607 rc
= pwmd_command(pwm
, NULL
, "SAVE %s", password
? password
: "");
1609 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1610 pwmd_free(password
);
1615 gpg_error_t
pwmd_save_async2(pwm_t
*pwm
)
1617 #ifndef WITH_PINENTRY
1618 return GPG_ERR_NOT_IMPLEMENTED
;
1621 return GPG_ERR_INV_ARG
;
1624 return GPG_ERR_INV_STATE
;
1626 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1627 return GPG_ERR_ASS_NESTED_COMMANDS
;
1629 pwm
->cmd
= ASYNC_CMD_SAVE2
;
1630 pwm
->state
= ASYNC_PROCESS
;
1631 gpg_error_t rc
= do_pwmd_save(pwm
, 1, 1);
1634 reset_async(pwm
, 0);
1640 gpg_error_t
pwmd_save2(pwm_t
*pwm
)
1642 #ifndef WITH_PINENTRY
1643 return GPG_ERR_NOT_IMPLEMENTED
;
1645 return do_pwmd_save(pwm
, 0, 1);
1649 gpg_error_t
pwmd_save(pwm_t
*pwm
)
1651 return do_pwmd_save(pwm
, 0, 0);
1654 gpg_error_t
pwmd_setopt(pwm_t
*pwm
, pwmd_option_t opt
, ...)
1657 int n
= va_arg(ap
, int);
1662 return GPG_ERR_INV_ARG
;
1667 case PWMD_OPTION_INQUIRE_TOTAL
:
1668 n
= va_arg(ap
, size_t);
1669 pwm
->inquire_total
= n
;
1671 case PWMD_OPTION_STATUS_CB
:
1672 pwm
->status_func
= va_arg(ap
, pwmd_status_cb_t
);
1674 case PWMD_OPTION_STATUS_DATA
:
1675 pwm
->status_data
= va_arg(ap
, void *);
1677 case PWMD_OPTION_PASSPHRASE_CB
:
1678 pwm
->passfunc
= va_arg(ap
, pwmd_passphrase_cb_t
);
1680 case PWMD_OPTION_PASSPHRASE_DATA
:
1681 pwm
->passdata
= va_arg(ap
, void *);
1683 case PWMD_OPTION_PASSPHRASE
:
1684 arg1
= va_arg(ap
, char *);
1687 pwmd_free(pwm
->password
);
1689 pwm
->password
= arg1
? pwmd_strdup(arg1
) : NULL
;
1691 case PWMD_OPTION_PINENTRY_TRIES
:
1692 n
= va_arg(ap
, int);
1696 rc
= GPG_ERR_INV_VALUE
;
1699 pwm
->pinentry_tries
= n
;
1701 case PWMD_OPTION_PINENTRY_TIMEOUT
:
1702 n
= va_arg(ap
, int);
1706 rc
= GPG_ERR_INV_VALUE
;
1709 pwm
->pinentry_timeout
= n
;
1711 case PWMD_OPTION_PINENTRY_PATH
:
1712 if (pwm
->pinentry_path
)
1713 pwmd_free(pwm
->pinentry_path
);
1715 pwm
->pinentry_path
= _expand_homedir(va_arg(ap
, char *), NULL
);
1717 case PWMD_OPTION_PINENTRY_TTY
:
1718 arg1
= va_arg(ap
, char *);
1720 if (pwm
->pinentry_tty
)
1721 pwmd_free(pwm
->pinentry_tty
);
1723 pwm
->pinentry_tty
= arg1
? pwmd_strdup(arg1
) : NULL
;
1725 case PWMD_OPTION_PINENTRY_DISPLAY
:
1726 if (pwm
->pinentry_display
)
1727 pwmd_free(pwm
->pinentry_display
);
1729 pwm
->pinentry_display
= pwmd_strdup(va_arg(ap
, char *));
1731 case PWMD_OPTION_PINENTRY_TERM
:
1732 arg1
= va_arg(ap
, char *);
1734 if (pwm
->pinentry_term
)
1735 pwmd_free(pwm
->pinentry_term
);
1737 pwm
->pinentry_term
= arg1
? pwmd_strdup(arg1
) : NULL
;
1739 case PWMD_OPTION_PINENTRY_TITLE
:
1741 pwmd_free(pwm
->title
);
1743 pwm
->title
= _percent_escape(va_arg(ap
, char *));
1745 case PWMD_OPTION_PINENTRY_PROMPT
:
1747 pwmd_free(pwm
->prompt
);
1749 pwm
->prompt
= _percent_escape(va_arg(ap
, char *));
1751 case PWMD_OPTION_PINENTRY_DESC
:
1753 pwmd_free(pwm
->desc
);
1755 pwm
->desc
= _percent_escape(va_arg(ap
, char *));
1757 case PWMD_OPTION_PINENTRY_LC_CTYPE
:
1758 arg1
= va_arg(ap
, char *);
1761 pwmd_free(pwm
->lcctype
);
1763 pwm
->lcctype
= arg1
? pwmd_strdup(arg1
) : NULL
;
1765 case PWMD_OPTION_PINENTRY_LC_MESSAGES
:
1766 arg1
= va_arg(ap
, char *);
1768 if (pwm
->lcmessages
)
1769 pwmd_free(pwm
->lcmessages
);
1771 pwm
->lcmessages
= arg1
? pwmd_strdup(arg1
) : NULL
;
1773 case PWMD_OPTION_IP_VERSION
:
1775 n
= va_arg(ap
, int);
1784 rc
= GPG_ERR_INV_VALUE
;
1790 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1793 case PWMD_OPTION_KNOWNHOST_CB
:
1795 pwm
->kh_cb
= va_arg(ap
, pwmd_knownhost_cb_t
);
1797 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1800 case PWMD_OPTION_KNOWNHOST_DATA
:
1802 pwm
->kh_data
= va_arg(ap
, void *);
1804 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1808 rc
= GPG_ERR_UNKNOWN_OPTION
;
1816 gpg_error_t
pwmd_get_fds(pwm_t
*pwm
, pwmd_fd_t
*fds
, int *n_fds
)
1821 int afds
[ARES_GETSOCK_MAXNUM
];
1826 if (!pwm
|| !fds
|| !n_fds
|| *n_fds
<= 0)
1827 return GPG_ERR_INV_ARG
;
1831 memset(afds
, 0, sizeof(int)*ARES_GETSOCK_MAXNUM
);
1833 memset(fds
, 0, sizeof(pwmd_fd_t
)*in_total
);
1838 case ASYNC_CMD_NONE
:
1839 case ASYNC_CMD_OPEN
:
1840 case ASYNC_CMD_SAVE
:
1841 #ifdef WITH_PINENTRY
1845 return GPG_ERR_INV_STATE
;
1848 fds
[fd
].fd
= pwm
->fd
;
1849 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1851 #ifdef WITH_PINENTRY
1852 case ASYNC_CMD_OPEN2
:
1853 case ASYNC_CMD_SAVE2
:
1854 /* The command has already completed (cached or new). */
1855 if (pwm
->state
== ASYNC_DONE
)
1858 if (pwm
->nb_fd
== -1)
1859 return GPG_ERR_INV_STATE
;
1862 fds
[fd
].fd
= pwm
->nb_fd
;
1863 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1868 if (!pwm
->tcp_conn
|| !pwm
->tcp_conn
->chan
)
1869 return GPG_ERR_INV_STATE
;
1871 n
= ares_getsock(pwm
->tcp_conn
->chan
, afds
, ARES_GETSOCK_MAXNUM
);
1873 for (i
= 0; i
< ARES_GETSOCK_MAXNUM
; i
++) {
1876 if (fd
> in_total
) {
1878 return GPG_ERR_ERANGE
;
1881 if (ARES_GETSOCK_READABLE(n
, i
)) {
1883 fds
[fd
].flags
|= PWMD_FD_READABLE
;
1886 if (ARES_GETSOCK_WRITABLE(n
, i
)) {
1888 fds
[fd
].flags
|= PWMD_FD_WRITABLE
;
1892 fds
[fd
++].fd
= afds
[i
];
1897 case ASYNC_CMD_CONNECT
:
1898 case ASYNC_CMD_HOSTKEY
:
1899 if (!pwm
->tcp_conn
|| pwm
->tcp_conn
->fd
== -1)
1900 return GPG_ERR_INV_STATE
;
1903 fds
[fd
].fd
= pwm
->tcp_conn
->fd
;
1904 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1909 return GPG_ERR_INV_STATE
;
1912 pwm_t
*pwmd_new(const char *name
)
1914 pwm_t
*h
= pwmd_calloc(1, sizeof(pwm_t
));
1920 h
->name
= pwmd_strdup(name
);
1929 h
->pinentry_timeout
= -30;
1930 h
->pinentry_tries
= 3;
1932 h
->prot
= PWMD_IP_ANY
;
1935 if (ttyname(STDOUT_FILENO
)) {
1938 ttyname_r(STDOUT_FILENO
, buf
, sizeof(buf
));
1939 h
->pinentry_tty
= pwmd_strdup(buf
);
1941 if (!h
->pinentry_tty
)
1945 if (getenv("TERM") && h
->pinentry_tty
) {
1946 h
->pinentry_term
= pwmd_strdup(getenv("TERM"));
1948 if (!h
->pinentry_term
)
1952 if (getenv("DISPLAY")) {
1953 h
->pinentry_display
= pwmd_strdup(getenv("DISPLAY"));
1955 if (!h
->pinentry_display
)
1966 void pwmd_free(void *ptr
)
1971 void *pwmd_malloc(size_t size
)
1973 return _xmalloc(size
);
1976 void *pwmd_calloc(size_t nmemb
, size_t size
)
1978 return _xcalloc(nmemb
, size
);
1981 void *pwmd_realloc(void *ptr
, size_t size
)
1983 return _xrealloc(ptr
, size
);
1986 char *pwmd_strdup(const char *str
)
1988 return _xstrdup(str
);
1991 char *pwmd_strdup_printf(const char *fmt
, ...)
2002 len
= vsnprintf(NULL
, 0, fmt
, ap
);
2004 buf
= pwmd_malloc(++len
);
2007 vsnprintf(buf
, len
, fmt
, ap2
);
2013 gpg_error_t
pwmd_getpin(pwm_t
*pwm
, const char *filename
, char **result
,
2014 pwmd_pinentry_t which
)
2016 #ifndef WITH_PINENTRY
2017 return GPG_ERR_NOT_IMPLEMENTED
;
2019 return _pwmd_getpin(pwm
, filename
, result
, which
);