1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
26 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <sys/select.h>
60 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
);
61 static gpg_error_t
_pwmd_process(pwm_t
*pwm
);
62 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
);
63 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
);
65 static const char *_pwmd_strerror(gpg_error_t e
)
67 gpg_err_code_t code
= gpg_err_code(e
);
69 if (code
>= GPG_ERR_USER_1
&& code
< gpg_err_code(EPWMD_MAX
)) {
72 return N_("No file is open");
74 return N_("General LibXML error");
76 return N_("File modified");
78 return N_("Unknown error");
85 const char *pwmd_strerror(gpg_error_t code
)
87 const char *p
= _pwmd_strerror(code
);
89 return p
? p
: gpg_strerror(code
);
92 int pwmd_strerror_r(gpg_error_t code
, char *buf
, size_t size
)
94 const char *p
= _pwmd_strerror(code
);
97 snprintf(buf
, size
, "%s", p
);
105 return gpg_strerror_r(code
, buf
, size
);
108 gpg_error_t
pwmd_init()
110 static int initialized
;
119 bindtextdomain("libpwmd", LOCALEDIR
);
122 assuan_set_malloc_hooks(pwmd_malloc
, pwmd_realloc
, pwmd_free
);
123 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT
);
128 gpg_error_t
_connect_finalize(pwm_t
*pwm
)
131 int n
= assuan_get_active_fds(pwm
->ctx
, 0, active
, N_ARRAY(active
));
135 return GPG_ERR_EBADFD
;
141 assuan_set_pointer(pwm
->ctx
, pwm
);
144 // Until X11 forwarding is supported, disable the remote pwmd pinentry.
146 pwm
->tcp_conn
->state
= SSH_NONE
;
147 rc
= pwmd_command(pwm
, NULL
, "SET ENABLE_PINENTRY=0");
155 rc
= pwmd_command(pwm
, NULL
, "SET NAME=%s", pwm
->name
);
164 static gpg_error_t
_pwmd_connect_url(pwm_t
*pwm
, const char *url
, int async
)
166 char *p
= (char *)url
;
170 return GPG_ERR_INV_ARG
;
172 if (!p
|| !strncmp(p
, "file://", 7) || !strncmp(p
, "local://", 8)) {
174 if (!strncmp(p
, "file://", 7))
182 else if (!strncmp(p
, "ssh://", 6) || !strncmp(p
, "ssh6://", 7) ||
183 !strncmp(p
, "ssh4://", 7)) {
185 return GPG_ERR_NOT_IMPLEMENTED
;
189 char *identity
= NULL
;
190 char *known_hosts
= NULL
;
191 char *username
= NULL
;
193 if (!strncmp(p
, "ssh6://", 7)) {
194 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV6
);
197 else if (!strncmp(p
, "ssh4://", 7)) {
198 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV4
);
202 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IP_ANY
);
209 rc
= _parse_ssh_url(p
, &host
, &port
, &username
, &identity
,
216 rc
= pwmd_ssh_connect_async(pwm
, host
, port
, identity
, username
,
219 rc
= pwmd_ssh_connect(pwm
, host
, port
, identity
, username
,
233 pwmd_free(known_hosts
);
240 rc
= pwmd_connect(pwm
, p
);
241 pwm
->state
= ASYNC_DONE
;
245 gpg_error_t
pwmd_connect_url(pwm_t
*pwm
, const char *url
)
247 return _pwmd_connect_url(pwm
, url
, 0);
250 gpg_error_t
pwmd_connect_url_async(pwm_t
*pwm
, const char *url
)
252 return _pwmd_connect_url(pwm
, url
, 1);
255 gpg_error_t
pwmd_connect(pwm_t
*pwm
, const char *path
)
257 char *socketpath
= NULL
;
258 assuan_context_t ctx
;
264 return GPG_ERR_INV_ARG
;
266 pwbuf
= _getpwuid(&pw
);
269 return gpg_error_from_errno(errno
);
272 socketpath
= pwmd_strdup_printf("%s/.pwmd/socket", pw
.pw_dir
);
274 socketpath
= _expand_homedir((char *)path
, &pw
);
279 return gpg_error_from_errno(ENOMEM
);
281 rc
= assuan_socket_connect_ext(&ctx
, socketpath
, -1, 0);
282 pwmd_free(socketpath
);
285 return gpg_err_code(rc
);
288 return _connect_finalize(pwm
);
291 static void disconnect(pwm_t
*pwm
)
293 if (!pwm
|| !pwm
->ctx
)
296 assuan_disconnect(pwm
->ctx
);
301 void pwmd_close(pwm_t
*pwm
)
309 pwmd_free(pwm
->password
);
312 pwmd_free(pwm
->title
);
315 pwmd_free(pwm
->desc
);
318 pwmd_free(pwm
->prompt
);
320 if (pwm
->pinentry_tty
)
321 pwmd_free(pwm
->pinentry_tty
);
323 if (pwm
->pinentry_display
)
324 pwmd_free(pwm
->pinentry_display
);
326 if (pwm
->pinentry_term
)
327 pwmd_free(pwm
->pinentry_term
);
330 pwmd_free(pwm
->lcctype
);
333 pwmd_free(pwm
->lcmessages
);
336 pwmd_free(pwm
->filename
);
339 pwmd_free(pwm
->name
);
343 _free_ssh_conn(pwm
->tcp_conn
);
348 _pinentry_disconnect(pwm
);
354 static gpg_error_t
do_async_command(pwm_t
*pwm
, char **result
)
360 s
= pwmd_process(pwm
, &rc
, result
);
362 if (s
!= ASYNC_DONE
) {
369 } while (s
!= ASYNC_DONE
);
374 gpg_error_t
pwmd_ssh_connect_async(pwm_t
*pwm
, const char *host
, int port
,
375 const char *identity
, const char *user
, const char *known_hosts
)
378 return GPG_ERR_NOT_IMPLEMENTED
;
380 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, identity
, user
,
381 known_hosts
, ASYNC_CMD_CONNECT
);
385 gpg_error_t
pwmd_ssh_connect(pwm_t
*pwm
, const char *host
, int port
,
386 const char *identity
, const char *user
, const char *known_hosts
)
389 return GPG_ERR_NOT_IMPLEMENTED
;
393 rc
= _do_pwmd_ssh_connect_async(pwm
, host
, port
, identity
, user
,
394 known_hosts
, ASYNC_CMD_CONNECT
);
395 return rc
|| do_async_command(pwm
, NULL
);
399 gpg_error_t
pwmd_get_hostkey(pwm_t
*pwm
, const char *host
, int port
,
403 return GPG_ERR_NOT_IMPLEMENTED
;
407 rc
= _do_pwmd_ssh_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
410 return rc
|| do_async_command(pwm
, result
);
414 gpg_error_t
pwmd_get_hostkey_async(pwm_t
*pwm
, const char *host
, int port
)
417 return GPG_ERR_NOT_IMPLEMENTED
;
419 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
424 static int inquire_realloc_cb(void *data
, const void *buffer
, size_t len
)
426 membuf_t
*mem
= (membuf_t
*)data
;
432 if ((p
= pwmd_realloc(mem
->buf
, mem
->len
+ len
)) == NULL
)
433 return gpg_error_from_errno(ENOMEM
);
436 memcpy((char *)mem
->buf
+ mem
->len
, buffer
, len
);
441 static int inquire_cb(void *data
, const char *keyword
)
443 pwm_t
*pwm
= (pwm_t
*)data
;
447 /* Shouldn't get this far without a callback. */
448 if (!pwm
->inquire_func
)
449 return GPG_ERR_INV_ARG
;
456 rc
= pwm
->inquire_func(pwm
->inquire_data
, keyword
, rc
, &result
, &len
);
457 rc
= gpg_err_code(rc
);
459 if (rc
== GPG_ERR_EOF
|| !rc
) {
460 if (len
<= 0 && !result
) {
464 else if ((len
<= 0 && result
) || (len
&& !result
)) {
465 rc
= GPG_ERR_INV_ARG
;
471 arc
= assuan_send_data(pwm
->ctx
, result
, len
);
472 arc
= gpg_err_code(arc
);
474 if (rc
== GPG_ERR_EOF
) {
481 if (rc
== GPG_ERR_EAGAIN
) {
491 pwm
->inquire_sent
+= len
;
493 if (pwm
->status_func
) {
494 char buf
[ASSUAN_LINELENGTH
];
496 snprintf(buf
, sizeof(buf
), "XFER %u %u", pwm
->inquire_sent
,
498 rc
= pwm
->status_func(pwm
->status_data
, buf
);
505 rc
= _pwmd_process(pwm
);
507 if (rc
== GPG_ERR_EAGAIN
)
511 if (!rc
&& is_eagain
)
515 return gpg_err_code(rc
);
518 static gpg_error_t
do_nb_command(pwm_t
*pwm
, const char *cmd
, ...)
525 if (pwm
->state
== ASYNC_DONE
)
526 pwm
->state
= ASYNC_INIT
;
528 if (pwm
->state
!= ASYNC_INIT
)
529 return GPG_ERR_INV_STATE
;
531 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
534 return gpg_error_from_errno(ENOMEM
);
537 len
= vsnprintf(buf
, ASSUAN_LINELENGTH
+1, cmd
, ap
);
540 if (len
>= ASSUAN_LINELENGTH
+1) {
542 return GPG_ERR_LINE_TOO_LONG
;
545 rc
= assuan_write_line(pwm
->ctx
, buf
);
549 pwm
->state
= ASYNC_PROCESS
;
551 return gpg_err_code(rc
);
554 gpg_error_t
pwmd_open_async(pwm_t
*pwm
, const char *filename
)
557 const char *f
= NULL
;
560 if (!pwm
|| !filename
)
561 return GPG_ERR_INV_ARG
;
564 return GPG_ERR_INV_STATE
;
566 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
567 return GPG_ERR_ASS_NESTED_COMMANDS
;
569 if (pwm
->lastcmd
== ASYNC_CMD_NONE
) {
573 pwmd_free(pwm
->filename
);
575 pwm
->filename
= pwmd_strdup(filename
);
578 return gpg_error_from_errno(ENOMEM
);
580 gpg_error_t rc
= send_pinentry_options(pwm
);
585 rc
= get_custom_passphrase(pwm
, &p
);
587 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
593 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN2
) {
598 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN
) {
599 rc
= set_pinentry_retry(pwm
);
608 return GPG_ERR_INV_STATE
;
610 pwm
->cmd
= ASYNC_CMD_OPEN
;
611 return do_nb_command(pwm
, "OPEN %s %s", f
, p
? p
: "");
614 gpg_error_t
pwmd_save_async(pwm_t
*pwm
)
619 return GPG_ERR_INV_ARG
;
622 return GPG_ERR_INV_STATE
;
624 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
625 return GPG_ERR_ASS_NESTED_COMMANDS
;
627 if (pwm
->lastcmd
!= ASYNC_CMD_SAVE2
) {
628 gpg_error_t rc
= send_pinentry_options(pwm
);
633 rc
= get_custom_passphrase(pwm
, &p
);
635 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
643 pwm
->cmd
= ASYNC_CMD_SAVE
;
644 return do_nb_command(pwm
, "SAVE %s", p
? p
: "");
647 static gpg_error_t
parse_assuan_line(pwm_t
*pwm
)
653 rc
= assuan_read_line(pwm
->ctx
, &line
, &len
);
656 if (line
[0] == 'O' && line
[1] == 'K' &&
657 (line
[2] == 0 || line
[2] == ' ')) {
658 pwm
->state
= ASYNC_DONE
;
660 else if (line
[0] == '#') {
662 else if (line
[0] == 'S' && (line
[1] == 0 || line
[1] == ' ')) {
663 if (pwm
->status_func
) {
664 rc
= pwm
->status_func(pwm
->status_data
,
665 line
[1] == 0 ? line
+1 : line
+2);
668 else if (line
[0] == 'E' && line
[1] == 'R' && line
[2] == 'R' &&
669 (line
[3] == 0 || line
[3] == ' ')) {
672 pwm
->state
= ASYNC_DONE
;
676 return gpg_err_code(rc
);
679 gpg_error_t
pwmd_pending_line(pwm_t
*pwm
)
682 return GPG_ERR_INV_ARG
;
685 return GPG_ERR_INV_STATE
;
687 return assuan_pending_line(pwm
->ctx
) ? 0 : GPG_ERR_NO_DATA
;
690 static pwmd_async_t
reset_async(pwm_t
*pwm
, int done
)
692 pwm
->state
= ASYNC_INIT
;
693 pwm
->cmd
= pwm
->lastcmd
= ASYNC_CMD_NONE
;
696 if (pwm
->nb_fd
!= -1) {
701 if (pwm
->_password
) {
702 pwmd_free(pwm
->_password
);
703 pwm
->_password
= NULL
;
708 pwm
->tcp_conn
->rc
= 0;
710 if (done
&& pwm
->tcp_conn
) {
711 _free_ssh_conn(pwm
->tcp_conn
);
712 pwm
->tcp_conn
= NULL
;
720 * Used for processing status messages when not in an async command and for
721 * waiting for the result from pwmd_open_async() and pwmd_save_async().
723 static gpg_error_t
_pwmd_process(pwm_t
*pwm
)
727 struct timeval tv
= {0, 0};
731 FD_SET(pwm
->fd
, &fds
);
733 n
= pth_select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
735 n
= select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
739 return gpg_error_from_syserror();
742 if (FD_ISSET(pwm
->fd
, &fds
))
743 rc
= parse_assuan_line(pwm
);
746 while (!rc
&& assuan_pending_line(pwm
->ctx
))
747 rc
= parse_assuan_line(pwm
);
749 return gpg_err_code(rc
);
752 static void reset_handle(pwm_t
*h
)
757 _pinentry_disconnect(h
);
765 gpg_error_t
pwmd_disconnect(pwm_t
*pwm
)
768 return GPG_ERR_INV_ARG
;
771 if (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1)
775 return GPG_ERR_INV_STATE
;
781 _ssh_disconnect(pwm
);
788 pwmd_async_t
pwmd_process(pwm_t
*pwm
, gpg_error_t
*rc
, char **result
)
790 #if defined(WITH_PINENTRY) || defined(WITH_TCP)
793 struct timeval tv
= {0, 0};
800 return GPG_ERR_INV_ARG
;
805 *rc
= GPG_ERR_INV_ARG
;
808 else if (!pwm
->ctx
) {
811 *rc
= GPG_ERR_INV_STATE
;
815 case ASYNC_CMD_CONNECT
:
816 case ASYNC_CMD_HOSTKEY
:
822 /* When not in a command, this will let libassuan process status messages
823 * by calling PWMD_OPTION_STATUS_FUNC. The client can poll the file
824 * descriptor returned by pwmd_get_fd() to determine when this should be
825 * called or call pwmd_pending_line() to determine whether a buffered line
826 * needs to be processed. */
827 if (pwm
->cmd
== ASYNC_CMD_NONE
) {
828 *rc
= _pwmd_process(pwm
);
832 /* Fixes pwmd_open/save_async2() when there is a cached or new file. */
833 if (pwm
->state
== ASYNC_DONE
) {
834 *rc
= _pwmd_process(pwm
);
835 return reset_async(pwm
, 0);
838 if (pwm
->state
!= ASYNC_PROCESS
) {
839 *rc
= GPG_ERR_INV_STATE
;
844 if (pwm
->cmd
== ASYNC_CMD_DNS
) {
847 if (pwm
->tcp_conn
->rc
) {
848 *rc
= pwm
->tcp_conn
->rc
;
849 return reset_async(pwm
, 1);
854 n
= ares_fds(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
856 /* Shouldn't happen. */
861 n
= pth_select(n
, &rfds
, &wfds
, NULL
, &tv
);
863 n
= select(n
, &rfds
, &wfds
, NULL
, &tv
);
867 *rc
= gpg_error_from_syserror();
868 return reset_async(pwm
, 1);
872 ares_process(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
876 else if (pwm
->cmd
== ASYNC_CMD_CONNECT
) {
877 if (pwm
->tcp_conn
->rc
== GPG_ERR_EINPROGRESS
) {
879 socklen_t len
= sizeof(int);
882 FD_SET(pwm
->tcp_conn
->fd
, &fds
);
884 n
= pth_select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
886 n
= select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
889 if (!n
|| !FD_ISSET(pwm
->tcp_conn
->fd
, &fds
))
892 *rc
= gpg_error_from_syserror();
893 return reset_async(pwm
, 1);
896 ret
= getsockopt(pwm
->tcp_conn
->fd
, SOL_SOCKET
, SO_ERROR
, &n
, &len
);
899 *rc
= ret
? gpg_error_from_syserror() : gpg_error_from_errno(n
);
900 return reset_async(pwm
, 1);
903 pwm
->tcp_conn
->state
= SSH_NONE
;
904 pwm
->tcp_conn
->rc
= 0;
905 *rc
= _setup_ssh_session(pwm
);
907 if (*rc
&& *rc
!= GPG_ERR_EAGAIN
)
908 return reset_async(pwm
, 1);
910 else if (pwm
->tcp_conn
->rc
) {
911 *rc
= pwm
->tcp_conn
->rc
;
912 return reset_async(pwm
, 1);
915 switch (pwm
->tcp_conn
->state
) {
917 *rc
= _setup_ssh_init(pwm
);
920 *rc
= _setup_ssh_authlist(pwm
);
923 *rc
= _setup_ssh_auth(pwm
);
926 *rc
= _setup_ssh_channel(pwm
);
929 *rc
= _setup_ssh_shell(pwm
);
935 if (*rc
== GPG_ERR_EAGAIN
) {
937 return ASYNC_PROCESS
;
941 switch (pwm
->tcp_conn
->cmd
) {
942 case ASYNC_CMD_HOSTKEY
:
943 *result
= pwmd_strdup(pwm
->tcp_conn
->hostkey
);
946 *rc
= GPG_ERR_ENOMEM
;
953 return reset_async(pwm
, *rc
? 1 : 0);
958 if (pwm
->cmd
== ASYNC_CMD_OPEN2
|| pwm
->cmd
== ASYNC_CMD_SAVE2
) {
961 if (pwm
->nb_fd
== -1) {
962 *rc
= GPG_ERR_INV_STATE
;
963 return reset_async(pwm
, 0);
967 FD_SET(pwm
->nb_fd
, &fds
);
968 FD_SET(pwm
->fd
, &fds
);
970 n
= pth_select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
972 n
= select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
975 *rc
= gpg_error_from_syserror();
976 return reset_async(pwm
, 0);
979 if (n
> 0 && FD_ISSET(pwm
->nb_fd
, &fds
)) {
982 size_t len
= pth_read(pwm
->nb_fd
, &nb
, sizeof(nb
));
984 size_t len
= read(pwm
->nb_fd
, &nb
, sizeof(nb
));
986 waitpid(pwm
->nb_pid
, &status
, WNOHANG
);
988 if (len
!= sizeof(nb
)) {
989 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
990 *rc
= gpg_error_from_syserror();
991 return reset_async(pwm
, 0);
997 return reset_async(pwm
, 0);
999 /* Since the non-blocking pinentry returned a success, do a
1000 * non-blocking OPEN or SAVE. */
1001 pwmd_async_cmd_t c
= pwm
->cmd
;
1002 reset_async(pwm
, 0);
1003 pwm
->_password
= pwmd_strdup(nb
.password
);
1004 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
1007 if (!pwm
->_password
) {
1008 *rc
= gpg_error_from_errno(ENOMEM
);
1009 return reset_async(pwm
, 0);
1012 if (c
== ASYNC_CMD_SAVE2
)
1013 *rc
= pwmd_save_async(pwm
);
1015 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1018 reset_async(pwm
, 0);
1022 return ASYNC_PROCESS
;
1025 /* Fall through so status messages can be processed during the
1031 *rc
= GPG_ERR_INV_STATE
;
1032 return reset_async(pwm
, 0);
1035 /* This is for pwmd_open_async() and pwmd_save_async(). For pinentry
1037 *rc
= _pwmd_process(pwm
);
1039 if (*rc
&& *rc
!= GPG_ERR_INV_PASSPHRASE
)
1040 return reset_async(pwm
, 0);
1042 if (pwm
->cmd
== ASYNC_CMD_OPEN
&&
1043 *rc
== GPG_ERR_INV_PASSPHRASE
&&
1045 (!pwm
->tcp_conn
|| (pwm
->tcp_conn
&& pwm
->lastcmd
== ASYNC_CMD_OPEN2
)) &&
1047 ++pwm
->pin_try
< pwm
->pinentry_tries
) {
1048 if (!get_custom_passphrase(pwm
, NULL
))
1051 #ifdef WITH_PINENTRY
1052 if (pwm
->_password
) {
1053 reset_async(pwm
, 0);
1054 pwm
->lastcmd
= ASYNC_CMD_OPEN2
;
1055 *rc
= pwmd_open_async2(pwm
, pwm
->filename
);
1059 reset_async(pwm
, 0);
1060 pwm
->lastcmd
= ASYNC_CMD_OPEN
;
1061 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1062 #ifdef WITH_PINENTRY
1068 if (*rc
|| pwm
->state
== ASYNC_DONE
)
1069 return reset_async(pwm
, 0);
1074 gpg_error_t
_assuan_command(pwm_t
*pwm
, assuan_context_t ctx
,
1075 char **result
, const char *cmd
)
1081 return GPG_ERR_INV_ARG
;
1083 if (strlen(cmd
) >= ASSUAN_LINELENGTH
+1)
1084 return GPG_ERR_LINE_TOO_LONG
;
1088 rc
= assuan_transact(ctx
, cmd
, inquire_realloc_cb
, &data
,
1090 pwm
->pctx
== ctx
? pwm
->_inquire_func
: inquire_cb
,
1091 pwm
->pctx
== ctx
? pwm
->_inquire_data
: pwm
,
1095 pwm
->status_func
, pwm
->status_data
);
1099 pwmd_free(data
.buf
);
1105 inquire_realloc_cb(&data
, "", 1);
1108 pwmd_free(data
.buf
);
1109 rc
= GPG_ERR_INV_ARG
;
1112 *result
= (char *)data
.buf
;
1116 return gpg_err_code(rc
);
1119 gpg_error_t
pwmd_inquire(pwm_t
*pwm
, const char *cmd
, pwmd_inquire_cb_t fn
,
1122 if (!pwm
|| !cmd
|| !fn
)
1123 return GPG_ERR_INV_ARG
;
1126 return GPG_ERR_INV_STATE
;
1128 pwm
->inquire_func
= fn
;
1129 pwm
->inquire_data
= data
;
1130 pwm
->inquire_sent
= 0;
1131 return _assuan_command(pwm
, pwm
->ctx
, NULL
, cmd
);
1134 gpg_error_t
pwmd_command_ap(pwm_t
*pwm
, char **result
, const char *cmd
,
1142 return GPG_ERR_INV_ARG
;
1145 return GPG_ERR_INV_STATE
;
1148 * C99 allows the dst pointer to be null which will calculate the length
1149 * of the would-be result and return it.
1152 len
= vsnprintf(NULL
, 0, cmd
, ap
)+1;
1153 buf
= (char *)pwmd_malloc(len
);
1157 return gpg_error_from_errno(ENOMEM
);
1160 len
= vsnprintf(buf
, len
, cmd
, ap2
);
1163 if (buf
[strlen(buf
)-1] == '\n')
1164 buf
[strlen(buf
)-1] = 0;
1166 if (buf
[strlen(buf
)-1] == '\r')
1167 buf
[strlen(buf
)-1] = 0;
1169 gpg_error_t rc
= _assuan_command(pwm
, pwm
->ctx
, result
, buf
);
1174 gpg_error_t
pwmd_command(pwm_t
*pwm
, char **result
, const char *cmd
, ...)
1179 return GPG_ERR_INV_ARG
;
1182 return GPG_ERR_INV_STATE
;
1188 gpg_error_t rc
= pwmd_command_ap(pwm
, result
, cmd
, ap
);
1193 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
)
1197 if (pwm
->pinentry_path
) {
1198 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_PATH=%s",
1199 pwm
->pinentry_path
);
1205 if (pwm
->pinentry_tty
) {
1206 rc
= pwmd_command(pwm
, NULL
, "SET TTYNAME=%s", pwm
->pinentry_tty
);
1212 if (pwm
->pinentry_term
) {
1213 rc
= pwmd_command(pwm
, NULL
, "SET TTYTYPE=%s", pwm
->pinentry_term
);
1219 if (pwm
->pinentry_display
) {
1220 rc
= pwmd_command(pwm
, NULL
, "SET DISPLAY=%s",
1221 pwm
->pinentry_display
);
1228 rc
= pwmd_command(pwm
, NULL
, "SET TITLE=%s", pwm
->title
);
1235 rc
= pwmd_command(pwm
, NULL
, "SET DESC=%s", pwm
->desc
);
1242 rc
= pwmd_command(pwm
, NULL
, "SET PROMPT=%s", pwm
->prompt
);
1249 rc
= pwmd_command(pwm
, NULL
, "SET LC_CTYPE=%s", pwm
->lcctype
);
1255 if (pwm
->lcmessages
) {
1256 rc
= pwmd_command(pwm
, NULL
, "SET LC_MESSAGES=%s", pwm
->lcmessages
);
1262 if (pwm
->pinentry_timeout
>= 0 && !pwm
->pin_try
) {
1263 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_TIMEOUT=%i",
1264 pwm
->pinentry_timeout
);
1273 gpg_error_t
pwmd_socket_type(pwm_t
*pwm
, pwmd_socket_t
*result
)
1275 if (!pwm
|| !result
)
1276 return GPG_ERR_INV_ARG
;
1279 if ((pwm
->fd
== -1 && !pwm
->tcp_conn
) ||
1280 (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1))
1284 return GPG_ERR_INV_STATE
;
1287 *result
= pwm
->tcp_conn
? PWMD_SOCKET_SSH
: PWMD_SOCKET_LOCAL
;
1289 *result
= PWMD_SOCKET_LOCAL
;
1294 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
)
1298 if (pwm
->pin_try
== 1) {
1299 rc
= pwmd_command(pwm
, NULL
, "SET TITLE=%s",
1300 N_("Invalid passphrase, please try again."));
1305 rc
= pwmd_command(pwm
, NULL
, "SET PINENTRY_TIMEOUT=0");
1311 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
)
1313 gpg_error_t rc
= GPG_ERR_NO_DATA
;
1318 if (pwm
->password
|| pwm
->passfunc
)
1322 if (pwm
->password
) {
1324 *result
= pwm
->password
;
1326 else if (pwm
->passfunc
)
1327 rc
= pwm
->passfunc(pwm
->passdata
, result
);
1332 static gpg_error_t
do_pwmd_open(pwm_t
*pwm
, const char *filename
, int nb
,
1335 char *result
= NULL
;
1336 char *password
= NULL
;
1339 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1342 if (!pwm
|| !filename
|| !*filename
)
1343 return GPG_ERR_INV_ARG
;
1346 return GPG_ERR_INV_STATE
;
1349 * Avoid calling pinentry if the password is cached on the server or if
1350 * this is a new file.
1352 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", filename
);
1354 if (rc
== GPG_ERR_ENOENT
)
1357 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1360 if (rc
== GPG_ERR_NOT_FOUND
) {
1361 rc
= get_custom_passphrase(pwm
, &password
);
1363 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1365 else if (rc
== GPG_ERR_NO_DATA
)
1366 rc
= GPG_ERR_NOT_FOUND
;
1371 #ifdef WITH_PINENTRY
1372 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1373 /* Prevent pwmd from using it's pinentry if the passphrase fails. */
1374 if (!pwm
->pin_try
) {
1375 rc
= pwmd_command(pwm
, NULL
, "SET ENABLE_PINENTRY=0");
1381 rc
= _pinentry_open(pwm
, filename
, &password
, nb
);
1383 /* pwmd_process() should be called if using a non-blocking local
1385 if (rc
|| (!rc
&& nb
))
1391 reset_async(pwm
, 0);
1394 if (!local_pinentry
&& !pwm
->tcp_conn
&& !pwm
->pin_try
) {
1396 if (!local_pinentry
&& !pwm
->pin_try
) {
1398 rc
= send_pinentry_options(pwm
);
1404 rc
= pwmd_command(pwm
, NULL
, "OPEN %s %s", filename
,
1405 password
? password
: "");
1408 * Keep the user defined password set with pwmd_setopt(). The password may
1409 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
1411 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1412 pwmd_free(password
);
1414 if (rc
== GPG_ERR_INV_PASSPHRASE
) {
1415 if (++pwm
->pin_try
< pwm
->pinentry_tries
) {
1416 if (!get_custom_passphrase(pwm
, NULL
))
1419 #ifdef WITH_PINENTRY
1421 if (pwm
->tcp_conn
&& !local_pinentry
)
1423 else if (local_pinentry
)
1424 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1428 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1438 rc
= set_pinentry_retry(pwm
);
1445 #ifdef WITH_PINENTRY
1446 else if (local_pinentry
)
1447 _pinentry_disconnect(pwm
);
1453 #ifdef WITH_PINENTRY
1454 else if (rc
&& local_pinentry
)
1455 _pinentry_disconnect(pwm
);
1460 pwmd_free(pwm
->filename
);
1462 pwm
->filename
= pwmd_strdup(filename
);
1468 gpg_error_t
pwmd_open2(pwm_t
*pwm
, const char *filename
)
1470 #ifndef WITH_PINENTRY
1471 return GPG_ERR_NOT_IMPLEMENTED
;
1473 return do_pwmd_open(pwm
, filename
, 0, 1);
1477 gpg_error_t
pwmd_open(pwm_t
*pwm
, const char *filename
)
1479 return do_pwmd_open(pwm
, filename
, 0, 0);
1482 gpg_error_t
pwmd_open_async2(pwm_t
*pwm
, const char *filename
)
1484 #ifndef WITH_PINENTRY
1485 return GPG_ERR_NOT_IMPLEMENTED
;
1487 if (!pwm
|| !filename
)
1488 return GPG_ERR_INV_ARG
;
1491 return GPG_ERR_INV_STATE
;
1493 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1494 return GPG_ERR_ASS_NESTED_COMMANDS
;
1496 /* Initialize a new command since this is not a pinentry retry. */
1497 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1500 pwm
->cmd
= ASYNC_CMD_OPEN2
;
1501 pwm
->state
= ASYNC_PROCESS
;
1502 gpg_error_t rc
= do_pwmd_open(pwm
, filename
, 1, 1);
1505 reset_async(pwm
, 0);
1511 static gpg_error_t
do_pwmd_save(pwm_t
*pwm
, int nb
, int local_pinentry
)
1513 char *result
= NULL
;
1514 char *password
= NULL
;
1518 return GPG_ERR_INV_ARG
;
1521 return GPG_ERR_INV_STATE
;
1523 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", pwm
->filename
);
1525 if (rc
== GPG_ERR_ENOENT
)
1526 rc
= GPG_ERR_NOT_FOUND
;
1528 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1531 if (rc
== GPG_ERR_NOT_FOUND
) {
1532 rc
= get_custom_passphrase(pwm
, &password
);
1534 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1536 else if (rc
== GPG_ERR_NO_DATA
)
1537 rc
= GPG_ERR_NOT_FOUND
;
1542 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1543 #ifdef WITH_PINENTRY
1544 /* Get the password using the LOCAL pinentry. */
1548 pwmd_nb_status_t pw
;
1551 return gpg_error_from_syserror();
1564 pw
.error
= _do_save_getpin(pwm
, &password
);
1567 snprintf(pw
.password
, sizeof(pw
.password
), "%s",
1569 pwmd_free(password
);
1572 pth_write(p
[1], &pw
, sizeof(pw
));
1574 write(p
[1], &pw
, sizeof(pw
));
1576 memset(&pw
, 0, sizeof(pw
));
1581 rc
= gpg_error_from_syserror();
1595 rc
= _do_save_getpin(pwm
, &password
);
1602 pwm
->state
= ASYNC_DONE
;
1605 reset_async(pwm
, 0);
1608 if (!local_pinentry
&& !pwm
->tcp_conn
) {
1610 if (!local_pinentry
) {
1612 rc
= send_pinentry_options(pwm
);
1618 rc
= pwmd_command(pwm
, NULL
, "SAVE %s", password
? password
: "");
1620 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1621 pwmd_free(password
);
1626 gpg_error_t
pwmd_save_async2(pwm_t
*pwm
)
1628 #ifndef WITH_PINENTRY
1629 return GPG_ERR_NOT_IMPLEMENTED
;
1632 return GPG_ERR_INV_ARG
;
1635 return GPG_ERR_INV_STATE
;
1637 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1638 return GPG_ERR_ASS_NESTED_COMMANDS
;
1640 pwm
->cmd
= ASYNC_CMD_SAVE2
;
1641 pwm
->state
= ASYNC_PROCESS
;
1642 gpg_error_t rc
= do_pwmd_save(pwm
, 1, 1);
1645 reset_async(pwm
, 0);
1651 gpg_error_t
pwmd_save2(pwm_t
*pwm
)
1653 #ifndef WITH_PINENTRY
1654 return GPG_ERR_NOT_IMPLEMENTED
;
1656 return do_pwmd_save(pwm
, 0, 1);
1660 gpg_error_t
pwmd_save(pwm_t
*pwm
)
1662 return do_pwmd_save(pwm
, 0, 0);
1665 gpg_error_t
pwmd_setopt(pwm_t
*pwm
, pwmd_option_t opt
, ...)
1668 int n
= va_arg(ap
, int);
1673 return GPG_ERR_INV_ARG
;
1678 case PWMD_OPTION_INQUIRE_TOTAL
:
1679 n
= va_arg(ap
, size_t);
1680 pwm
->inquire_total
= n
;
1682 case PWMD_OPTION_STATUS_CB
:
1683 pwm
->status_func
= va_arg(ap
, pwmd_status_cb_t
);
1685 case PWMD_OPTION_STATUS_DATA
:
1686 pwm
->status_data
= va_arg(ap
, void *);
1688 case PWMD_OPTION_PASSPHRASE_CB
:
1689 pwm
->passfunc
= va_arg(ap
, pwmd_passphrase_cb_t
);
1691 case PWMD_OPTION_PASSPHRASE_DATA
:
1692 pwm
->passdata
= va_arg(ap
, void *);
1694 case PWMD_OPTION_PASSPHRASE
:
1695 arg1
= va_arg(ap
, char *);
1698 pwmd_free(pwm
->password
);
1700 pwm
->password
= arg1
? pwmd_strdup(arg1
) : NULL
;
1702 case PWMD_OPTION_PINENTRY_TRIES
:
1703 n
= va_arg(ap
, int);
1707 rc
= GPG_ERR_INV_VALUE
;
1710 pwm
->pinentry_tries
= n
;
1712 case PWMD_OPTION_PINENTRY_TIMEOUT
:
1713 n
= va_arg(ap
, int);
1717 rc
= GPG_ERR_INV_VALUE
;
1720 pwm
->pinentry_timeout
= n
;
1722 case PWMD_OPTION_PINENTRY_PATH
:
1723 if (pwm
->pinentry_path
)
1724 pwmd_free(pwm
->pinentry_path
);
1726 pwm
->pinentry_path
= _expand_homedir(va_arg(ap
, char *), NULL
);
1728 case PWMD_OPTION_PINENTRY_TTY
:
1729 arg1
= va_arg(ap
, char *);
1731 if (pwm
->pinentry_tty
)
1732 pwmd_free(pwm
->pinentry_tty
);
1734 pwm
->pinentry_tty
= arg1
? pwmd_strdup(arg1
) : NULL
;
1736 case PWMD_OPTION_PINENTRY_DISPLAY
:
1737 if (pwm
->pinentry_display
)
1738 pwmd_free(pwm
->pinentry_display
);
1740 pwm
->pinentry_display
= pwmd_strdup(va_arg(ap
, char *));
1742 case PWMD_OPTION_PINENTRY_TERM
:
1743 arg1
= va_arg(ap
, char *);
1745 if (pwm
->pinentry_term
)
1746 pwmd_free(pwm
->pinentry_term
);
1748 pwm
->pinentry_term
= arg1
? pwmd_strdup(arg1
) : NULL
;
1750 case PWMD_OPTION_PINENTRY_TITLE
:
1752 pwmd_free(pwm
->title
);
1754 pwm
->title
= _percent_escape(va_arg(ap
, char *));
1756 case PWMD_OPTION_PINENTRY_PROMPT
:
1758 pwmd_free(pwm
->prompt
);
1760 pwm
->prompt
= _percent_escape(va_arg(ap
, char *));
1762 case PWMD_OPTION_PINENTRY_DESC
:
1764 pwmd_free(pwm
->desc
);
1766 pwm
->desc
= _percent_escape(va_arg(ap
, char *));
1768 case PWMD_OPTION_PINENTRY_LC_CTYPE
:
1769 arg1
= va_arg(ap
, char *);
1772 pwmd_free(pwm
->lcctype
);
1774 pwm
->lcctype
= arg1
? pwmd_strdup(arg1
) : NULL
;
1776 case PWMD_OPTION_PINENTRY_LC_MESSAGES
:
1777 arg1
= va_arg(ap
, char *);
1779 if (pwm
->lcmessages
)
1780 pwmd_free(pwm
->lcmessages
);
1782 pwm
->lcmessages
= arg1
? pwmd_strdup(arg1
) : NULL
;
1784 case PWMD_OPTION_IP_VERSION
:
1786 n
= va_arg(ap
, int);
1795 rc
= GPG_ERR_INV_VALUE
;
1801 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1804 case PWMD_OPTION_KNOWNHOST_CB
:
1806 pwm
->kh_cb
= va_arg(ap
, pwmd_knownhost_cb_t
);
1808 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1811 case PWMD_OPTION_KNOWNHOST_DATA
:
1813 pwm
->kh_data
= va_arg(ap
, void *);
1815 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1819 rc
= GPG_ERR_UNKNOWN_OPTION
;
1827 gpg_error_t
pwmd_get_fds(pwm_t
*pwm
, pwmd_fd_t
*fds
, int *n_fds
)
1832 int afds
[ARES_GETSOCK_MAXNUM
];
1837 if (!pwm
|| !fds
|| !n_fds
|| *n_fds
<= 0)
1838 return GPG_ERR_INV_ARG
;
1842 memset(afds
, 0, sizeof(int)*ARES_GETSOCK_MAXNUM
);
1844 memset(fds
, 0, sizeof(pwmd_fd_t
)*in_total
);
1849 case ASYNC_CMD_NONE
:
1850 case ASYNC_CMD_OPEN
:
1851 case ASYNC_CMD_SAVE
:
1852 #ifdef WITH_PINENTRY
1856 return GPG_ERR_INV_STATE
;
1859 fds
[fd
].fd
= pwm
->fd
;
1860 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1862 #ifdef WITH_PINENTRY
1863 case ASYNC_CMD_OPEN2
:
1864 case ASYNC_CMD_SAVE2
:
1865 /* The command has already completed (cached or new). */
1866 if (pwm
->state
== ASYNC_DONE
)
1869 if (pwm
->nb_fd
== -1)
1870 return GPG_ERR_INV_STATE
;
1873 fds
[fd
].fd
= pwm
->nb_fd
;
1874 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1879 if (!pwm
->tcp_conn
|| !pwm
->tcp_conn
->chan
)
1880 return GPG_ERR_INV_STATE
;
1882 n
= ares_getsock(pwm
->tcp_conn
->chan
, afds
, ARES_GETSOCK_MAXNUM
);
1884 for (i
= 0; i
< ARES_GETSOCK_MAXNUM
; i
++) {
1887 if (fd
> in_total
) {
1889 return GPG_ERR_ERANGE
;
1892 if (ARES_GETSOCK_READABLE(n
, i
)) {
1894 fds
[fd
].flags
|= PWMD_FD_READABLE
;
1897 if (ARES_GETSOCK_WRITABLE(n
, i
)) {
1899 fds
[fd
].flags
|= PWMD_FD_WRITABLE
;
1903 fds
[fd
++].fd
= afds
[i
];
1908 case ASYNC_CMD_CONNECT
:
1909 case ASYNC_CMD_HOSTKEY
:
1910 if (!pwm
->tcp_conn
|| pwm
->tcp_conn
->fd
== -1)
1911 return GPG_ERR_INV_STATE
;
1914 fds
[fd
].fd
= pwm
->tcp_conn
->fd
;
1915 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1920 return GPG_ERR_INV_STATE
;
1923 pwm_t
*pwmd_new(const char *name
)
1925 pwm_t
*h
= pwmd_calloc(1, sizeof(pwm_t
));
1931 h
->name
= pwmd_strdup(name
);
1940 h
->pinentry_timeout
= -30;
1941 h
->pinentry_tries
= 3;
1943 h
->prot
= PWMD_IP_ANY
;
1946 if (ttyname(STDOUT_FILENO
)) {
1949 ttyname_r(STDOUT_FILENO
, buf
, sizeof(buf
));
1950 h
->pinentry_tty
= pwmd_strdup(buf
);
1952 if (!h
->pinentry_tty
)
1956 if (getenv("TERM") && h
->pinentry_tty
) {
1957 h
->pinentry_term
= pwmd_strdup(getenv("TERM"));
1959 if (!h
->pinentry_term
)
1963 if (getenv("DISPLAY")) {
1964 h
->pinentry_display
= pwmd_strdup(getenv("DISPLAY"));
1966 if (!h
->pinentry_display
)
1977 void pwmd_free(void *ptr
)
1982 void *pwmd_malloc(size_t size
)
1984 return _xmalloc(size
);
1987 void *pwmd_calloc(size_t nmemb
, size_t size
)
1989 return _xcalloc(nmemb
, size
);
1992 void *pwmd_realloc(void *ptr
, size_t size
)
1994 return _xrealloc(ptr
, size
);
1997 char *pwmd_strdup(const char *str
)
1999 return _xstrdup(str
);
2002 char *pwmd_strdup_printf(const char *fmt
, ...)
2013 len
= vsnprintf(NULL
, 0, fmt
, ap
);
2015 buf
= pwmd_malloc(++len
);
2018 vsnprintf(buf
, len
, fmt
, ap2
);
2024 gpg_error_t
pwmd_getpin(pwm_t
*pwm
, const char *filename
, char **result
,
2025 pwmd_pinentry_t which
)
2027 #ifndef WITH_PINENTRY
2028 return GPG_ERR_NOT_IMPLEMENTED
;
2030 return _pwmd_getpin(pwm
, filename
, result
, which
);