1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
26 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <sys/select.h>
60 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
);
61 static gpg_error_t
_pwmd_process(pwm_t
*pwm
);
62 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
);
63 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
);
65 static const char *_pwmd_strerror(gpg_error_t e
)
67 gpg_err_code_t code
= gpg_err_code(e
);
69 if (code
>= GPG_ERR_USER_1
&& code
< gpg_err_code(EPWMD_MAX
)) {
74 return N_("Unknown error");
76 return N_("No cache slots available");
78 return N_("Recursion loop");
80 return N_("No file is open");
82 return N_("General LibXML error");
84 return N_("File modified");
91 const char *pwmd_strerror(gpg_error_t code
)
93 const char *p
= _pwmd_strerror(code
);
95 return p
? p
: gpg_strerror(code
);
98 int pwmd_strerror_r(gpg_error_t code
, char *buf
, size_t size
)
100 const char *p
= _pwmd_strerror(code
);
103 snprintf(buf
, size
, "%s", p
);
105 if (strlen(p
) > size
)
111 return gpg_strerror_r(code
, buf
, size
);
114 gpg_error_t
pwmd_init()
116 static int initialized
;
125 bindtextdomain("libpwmd", LOCALEDIR
);
128 assuan_set_malloc_hooks(pwmd_malloc
, pwmd_realloc
, pwmd_free
);
129 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT
);
134 gpg_error_t
_connect_finalize(pwm_t
*pwm
)
137 int n
= assuan_get_active_fds(pwm
->ctx
, 0, active
, N_ARRAY(active
));
142 return GPG_ERR_EBADFD
;
148 assuan_set_pointer(pwm
->ctx
, pwm
);
151 // Until X11 forwarding is supported, disable the remote pwmd pinentry.
153 rc
= pwmd_command(pwm
, NULL
, "OPTION PINENTRY=0");
161 rc
= pwmd_command(pwm
, NULL
, "OPTION CLIENT NAME=%s", pwm
->name
);
167 rc
= pwmd_command(pwm
, &result
, "VERSION");
169 if (rc
&& rc
!= GPG_ERR_ASS_UNKNOWN_CMD
)
173 pwm
->version
= PWMD_V1
;
175 pwm
->version
= PWMD_V2
;
181 static gpg_error_t
_pwmd_connect_url(pwm_t
*pwm
, const char *url
, int async
)
183 char *p
= (char *)url
;
187 return GPG_ERR_INV_ARG
;
189 if (!p
|| !strncmp(p
, "socket://", 9)) {
195 else if (!strncmp(p
, "ssh://", 6) || !strncmp(p
, "ssh6://", 7) ||
196 !strncmp(p
, "ssh4://", 7)) {
198 return GPG_ERR_NOT_IMPLEMENTED
;
202 char *identity
= NULL
;
203 char *known_hosts
= NULL
;
204 char *username
= NULL
;
206 if (!strncmp(p
, "ssh6://", 7)) {
207 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV6
);
210 else if (!strncmp(p
, "ssh4://", 7)) {
211 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IPV4
);
215 rc
= pwmd_setopt(pwm
, PWMD_OPTION_IP_VERSION
, PWMD_IP_ANY
);
222 rc
= _parse_ssh_url(p
, &host
, &port
, &username
, &identity
,
229 rc
= pwmd_ssh_connect_async(pwm
, host
, port
, identity
, username
,
232 rc
= pwmd_ssh_connect(pwm
, host
, port
, identity
, username
,
246 pwmd_free(known_hosts
);
253 rc
= pwmd_connect(pwm
, p
);
254 pwm
->state
= ASYNC_DONE
;
258 gpg_error_t
pwmd_connect_url(pwm_t
*pwm
, const char *url
)
260 return _pwmd_connect_url(pwm
, url
, 0);
263 gpg_error_t
pwmd_connect_url_async(pwm_t
*pwm
, const char *url
)
265 return _pwmd_connect_url(pwm
, url
, 1);
268 gpg_error_t
pwmd_connect(pwm_t
*pwm
, const char *path
)
270 char *socketpath
= NULL
;
271 assuan_context_t ctx
;
277 return GPG_ERR_INV_ARG
;
279 pwbuf
= _getpwuid(&pw
);
282 return gpg_error_from_errno(errno
);
285 socketpath
= pwmd_strdup_printf("%s/.pwmd/socket", pw
.pw_dir
);
287 socketpath
= _expand_homedir((char *)path
, &pw
);
292 return gpg_error_from_errno(ENOMEM
);
294 rc
= assuan_socket_connect_ext(&ctx
, socketpath
, -1, 0);
295 pwmd_free(socketpath
);
298 return gpg_err_code(rc
);
301 return _connect_finalize(pwm
);
304 static void disconnect(pwm_t
*pwm
)
306 if (!pwm
|| !pwm
->ctx
)
309 assuan_disconnect(pwm
->ctx
);
314 void pwmd_close(pwm_t
*pwm
)
322 pwmd_free(pwm
->password
);
325 pwmd_free(pwm
->title
);
328 pwmd_free(pwm
->desc
);
331 pwmd_free(pwm
->prompt
);
333 if (pwm
->pinentry_tty
)
334 pwmd_free(pwm
->pinentry_tty
);
336 if (pwm
->pinentry_display
)
337 pwmd_free(pwm
->pinentry_display
);
339 if (pwm
->pinentry_term
)
340 pwmd_free(pwm
->pinentry_term
);
343 pwmd_free(pwm
->lcctype
);
346 pwmd_free(pwm
->lcmessages
);
349 pwmd_free(pwm
->filename
);
352 pwmd_free(pwm
->name
);
356 _free_ssh_conn(pwm
->tcp_conn
);
361 _pinentry_disconnect(pwm
);
367 gpg_error_t
pwmd_ssh_connect_async(pwm_t
*pwm
, const char *host
, int port
,
368 const char *identity
, const char *user
, const char *known_hosts
)
371 return GPG_ERR_NOT_IMPLEMENTED
;
373 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, identity
, user
,
374 known_hosts
, ASYNC_CMD_CONNECT
);
378 gpg_error_t
pwmd_ssh_connect(pwm_t
*pwm
, const char *host
, int port
,
379 const char *identity
, const char *user
, const char *known_hosts
)
382 return GPG_ERR_NOT_IMPLEMENTED
;
384 return _do_pwmd_ssh_connect(pwm
, host
, port
, identity
, user
, known_hosts
, 0);
388 gpg_error_t
pwmd_get_hostkey(pwm_t
*pwm
, const char *host
, int port
,
392 return GPG_ERR_NOT_IMPLEMENTED
;
397 rc
= _do_pwmd_ssh_connect(pwm
, host
, port
, NULL
, NULL
, NULL
, 1);
402 hostkey
= pwmd_strdup(pwm
->tcp_conn
->hostkey
);
405 rc
= gpg_error_from_errno(ENOMEM
);
412 gpg_error_t
pwmd_get_hostkey_async(pwm_t
*pwm
, const char *host
, int port
)
415 return GPG_ERR_NOT_IMPLEMENTED
;
417 return _do_pwmd_ssh_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
422 static int inquire_realloc_cb(void *data
, const void *buffer
, size_t len
)
424 membuf_t
*mem
= (membuf_t
*)data
;
430 if ((p
= pwmd_realloc(mem
->buf
, mem
->len
+ len
)) == NULL
)
431 return gpg_error_from_errno(ENOMEM
);
434 memcpy((char *)mem
->buf
+ mem
->len
, buffer
, len
);
439 static int inquire_cb(void *data
, const char *keyword
)
441 pwm_t
*pwm
= (pwm_t
*)data
;
444 int flags
= pth_fdmode(pwm
->fd
, PTH_FDMODE_POLL
);
446 int flags
= fcntl(pwm
->fd
, F_GETFL
);
449 /* Shouldn't get this far without a callback. */
450 if (!pwm
->inquire_func
)
451 return GPG_ERR_INV_ARG
;
458 rc
= pwm
->inquire_func(pwm
->inquire_data
, keyword
, rc
, &result
, &len
);
459 rc
= gpg_err_code(rc
);
461 if (rc
== GPG_ERR_EOF
|| !rc
) {
462 if (len
<= 0 || !result
) {
467 arc
= assuan_send_data(pwm
->ctx
, result
, len
);
468 arc
= gpg_err_code(arc
);
470 if (rc
== GPG_ERR_EOF
) {
481 /* Set to non-blocking so _pwmd_process() can return. */
483 pth_fdmode(pwm
->fd
, PTH_FDMODE_NONBLOCK
);
485 fcntl(pwm
->fd
, F_SETFL
, O_NONBLOCK
);
487 rc
= _pwmd_process(pwm
);
489 pth_fdmode(pwm
->fd
, flags
);
491 fcntl(pwm
->fd
, F_SETFL
, flags
);
497 pth_fdmode(pwm
->fd
, flags
);
499 fcntl(pwm
->fd
, F_SETFL
, flags
);
501 return gpg_err_code(rc
);
504 static gpg_error_t
do_nb_command(pwm_t
*pwm
, const char *cmd
, ...)
511 if (pwm
->state
== ASYNC_DONE
)
512 pwm
->state
= ASYNC_INIT
;
514 if (pwm
->state
!= ASYNC_INIT
)
515 return GPG_ERR_INV_STATE
;
517 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
520 return gpg_error_from_errno(ENOMEM
);
523 len
= vsnprintf(buf
, ASSUAN_LINELENGTH
+1, cmd
, ap
);
526 if (len
>= ASSUAN_LINELENGTH
+1) {
528 return GPG_ERR_LINE_TOO_LONG
;
531 rc
= assuan_write_line(pwm
->ctx
, buf
);
535 pwm
->state
= ASYNC_PROCESS
;
537 return gpg_err_code(rc
);
540 gpg_error_t
pwmd_open_async(pwm_t
*pwm
, const char *filename
)
543 const char *f
= NULL
;
546 if (!pwm
|| !filename
)
547 return GPG_ERR_INV_ARG
;
550 return GPG_ERR_INV_STATE
;
552 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
553 return GPG_ERR_ASS_NESTED_COMMANDS
;
555 if (pwm
->lastcmd
== ASYNC_CMD_NONE
) {
559 pwmd_free(pwm
->filename
);
561 pwm
->filename
= pwmd_strdup(filename
);
564 return gpg_error_from_errno(ENOMEM
);
566 gpg_error_t rc
= send_pinentry_options(pwm
);
571 rc
= get_custom_passphrase(pwm
, &p
);
573 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
579 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN2
) {
584 else if (pwm
->lastcmd
== ASYNC_CMD_OPEN
) {
585 rc
= set_pinentry_retry(pwm
);
594 return GPG_ERR_INV_STATE
;
596 pwm
->cmd
= ASYNC_CMD_OPEN
;
597 return do_nb_command(pwm
, "OPEN %s %s", f
, p
? p
: "");
600 gpg_error_t
pwmd_save_async(pwm_t
*pwm
)
605 return GPG_ERR_INV_ARG
;
608 return GPG_ERR_INV_STATE
;
610 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
611 return GPG_ERR_ASS_NESTED_COMMANDS
;
613 if (pwm
->lastcmd
!= ASYNC_CMD_SAVE2
) {
614 gpg_error_t rc
= send_pinentry_options(pwm
);
619 rc
= get_custom_passphrase(pwm
, &p
);
621 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
629 pwm
->cmd
= ASYNC_CMD_SAVE
;
630 return do_nb_command(pwm
, "SAVE %s", p
? p
: "");
633 static gpg_error_t
parse_assuan_line(pwm_t
*pwm
)
639 rc
= assuan_read_line(pwm
->ctx
, &line
, &len
);
642 if (line
[0] == 'O' && line
[1] == 'K' &&
643 (line
[2] == 0 || line
[2] == ' ')) {
644 pwm
->state
= ASYNC_DONE
;
646 else if (line
[0] == '#') {
648 else if (line
[0] == 'S' && (line
[1] == 0 || line
[1] == ' ')) {
649 if (pwm
->status_func
) {
650 rc
= pwm
->status_func(pwm
->status_data
,
651 line
[1] == 0 ? line
+1 : line
+2);
654 else if (line
[0] == 'E' && line
[1] == 'R' && line
[2] == 'R' &&
655 (line
[3] == 0 || line
[3] == ' ')) {
658 pwm
->state
= ASYNC_DONE
;
662 return gpg_err_code(rc
);
665 gpg_error_t
pwmd_pending_line(pwm_t
*pwm
)
668 return GPG_ERR_INV_ARG
;
671 return GPG_ERR_INV_STATE
;
673 return assuan_pending_line(pwm
->ctx
) ? 0 : GPG_ERR_NO_DATA
;
676 static pwmd_async_t
reset_async(pwm_t
*pwm
, int done
)
678 pwm
->state
= ASYNC_INIT
;
679 pwm
->cmd
= pwm
->lastcmd
= ASYNC_CMD_NONE
;
682 if (pwm
->nb_fd
!= -1) {
687 if (pwm
->_password
) {
688 pwmd_free(pwm
->_password
);
689 pwm
->_password
= NULL
;
693 if (done
&& pwm
->tcp_conn
) {
694 _free_ssh_conn(pwm
->tcp_conn
);
695 pwm
->tcp_conn
= NULL
;
703 * Used for processing status messages when not in an async command and for
704 * waiting for the result from pwmd_open_async() and pwmd_save_async().
706 static gpg_error_t
_pwmd_process(pwm_t
*pwm
)
710 struct timeval tv
= {0, 0};
714 FD_SET(pwm
->fd
, &fds
);
716 n
= pth_select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
718 n
= select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
722 return gpg_error_from_syserror();
725 if (FD_ISSET(pwm
->fd
, &fds
))
726 rc
= parse_assuan_line(pwm
);
729 while (!rc
&& assuan_pending_line(pwm
->ctx
))
730 rc
= parse_assuan_line(pwm
);
732 return gpg_err_code(rc
);
735 static void reset_handle(pwm_t
*h
)
740 _pinentry_disconnect(h
);
748 gpg_error_t
pwmd_disconnect(pwm_t
*pwm
)
751 return GPG_ERR_INV_ARG
;
754 if (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1)
758 return GPG_ERR_INV_STATE
;
764 _ssh_disconnect(pwm
);
771 pwmd_async_t
pwmd_process(pwm_t
*pwm
, gpg_error_t
*rc
, char **result
)
773 #if defined(WITH_PINENTRY) || defined(WITH_TCP)
776 struct timeval tv
= {0, 0};
783 return GPG_ERR_INV_ARG
;
788 *rc
= GPG_ERR_INV_ARG
;
791 else if (!pwm
->ctx
) {
794 *rc
= GPG_ERR_INV_STATE
;
798 case ASYNC_CMD_CONNECT
:
799 case ASYNC_CMD_HOSTKEY
:
805 /* When not in a command, this will let libassuan process status messages
806 * by calling PWMD_OPTION_STATUS_FUNC. The client can poll the file
807 * descriptor returned by pwmd_get_fd() to determine when this should be
808 * called or call pwmd_pending_line() to determine whether a buffered line
809 * needs to be processed. */
810 if (pwm
->cmd
== ASYNC_CMD_NONE
) {
811 *rc
= _pwmd_process(pwm
);
815 /* Fixes pwmd_open/save_async2() when there is a cached or new file. */
816 if (pwm
->state
== ASYNC_DONE
) {
817 *rc
= _pwmd_process(pwm
);
818 return reset_async(pwm
, 0);
821 if (pwm
->state
!= ASYNC_PROCESS
) {
822 *rc
= GPG_ERR_INV_STATE
;
827 if (pwm
->cmd
== ASYNC_CMD_DNS
) {
830 if (pwm
->tcp_conn
->rc
) {
831 *rc
= pwm
->tcp_conn
->rc
;
832 return reset_async(pwm
, 1);
837 n
= ares_fds(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
839 /* Shouldn't happen. */
844 n
= pth_select(n
, &rfds
, &wfds
, NULL
, &tv
);
846 n
= select(n
, &rfds
, &wfds
, NULL
, &tv
);
850 *rc
= gpg_error_from_syserror();
851 return reset_async(pwm
, 1);
855 ares_process(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
859 else if (pwm
->cmd
== ASYNC_CMD_CONNECT
) {
860 if (pwm
->tcp_conn
->rc
== GPG_ERR_EINPROGRESS
) {
862 socklen_t len
= sizeof(int);
865 FD_SET(pwm
->tcp_conn
->fd
, &fds
);
867 n
= pth_select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
869 n
= select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
872 if (!n
|| !FD_ISSET(pwm
->tcp_conn
->fd
, &fds
))
875 *rc
= gpg_error_from_syserror();
876 return reset_async(pwm
, 1);
879 ret
= getsockopt(pwm
->tcp_conn
->fd
, SOL_SOCKET
, SO_ERROR
, &n
, &len
);
882 *rc
= ret
? gpg_error_from_syserror() : gpg_error_from_errno(n
);
883 return reset_async(pwm
, 1);
886 else if (pwm
->tcp_conn
->rc
) {
887 *rc
= pwm
->tcp_conn
->rc
;
888 return reset_async(pwm
, 1);
891 fcntl(pwm
->tcp_conn
->fd
, F_SETFL
, 0);
892 *rc
= _setup_ssh_session(pwm
);
895 switch (pwm
->tcp_conn
->cmd
) {
896 case ASYNC_CMD_HOSTKEY
:
897 *result
= pwm
->result
;
904 return reset_async(pwm
, *rc
? 1 : 0);
909 if (pwm
->cmd
== ASYNC_CMD_OPEN2
|| pwm
->cmd
== ASYNC_CMD_SAVE2
) {
912 if (pwm
->nb_fd
== -1) {
913 *rc
= GPG_ERR_INV_STATE
;
914 return reset_async(pwm
, 0);
918 FD_SET(pwm
->nb_fd
, &fds
);
919 FD_SET(pwm
->fd
, &fds
);
921 n
= pth_select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
923 n
= select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
926 *rc
= gpg_error_from_syserror();
927 return reset_async(pwm
, 0);
930 if (n
> 0 && FD_ISSET(pwm
->nb_fd
, &fds
)) {
933 size_t len
= pth_read(pwm
->nb_fd
, &nb
, sizeof(nb
));
935 size_t len
= read(pwm
->nb_fd
, &nb
, sizeof(nb
));
937 waitpid(pwm
->nb_pid
, &status
, WNOHANG
);
939 if (len
!= sizeof(nb
)) {
940 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
941 *rc
= gpg_error_from_syserror();
942 return reset_async(pwm
, 0);
948 return reset_async(pwm
, 0);
950 /* Since the non-blocking pinentry returned a success, do a
951 * non-blocking OPEN or SAVE. */
952 pwmd_async_cmd_t c
= pwm
->cmd
;
954 pwm
->_password
= pwmd_strdup(nb
.password
);
955 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
958 if (!pwm
->_password
) {
959 *rc
= gpg_error_from_errno(ENOMEM
);
960 return reset_async(pwm
, 0);
963 if (c
== ASYNC_CMD_SAVE2
)
964 *rc
= pwmd_save_async(pwm
);
966 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
973 return ASYNC_PROCESS
;
976 /* Fall through so status messages can be processed during the
982 *rc
= GPG_ERR_INV_STATE
;
983 return reset_async(pwm
, 0);
986 /* This is for pwmd_open_async() and pwmd_save_async(). For pinentry
988 *rc
= _pwmd_process(pwm
);
990 if (*rc
&& *rc
!= GPG_ERR_INV_PASSPHRASE
)
991 return reset_async(pwm
, 0);
993 if (pwm
->cmd
== ASYNC_CMD_OPEN
&&
994 *rc
== GPG_ERR_INV_PASSPHRASE
&&
996 (!pwm
->tcp_conn
|| (pwm
->tcp_conn
&& pwm
->lastcmd
== ASYNC_CMD_OPEN2
)) &&
998 ++pwm
->pin_try
< pwm
->pinentry_tries
) {
999 if (!get_custom_passphrase(pwm
, NULL
))
1002 #ifdef WITH_PINENTRY
1003 if (pwm
->_password
) {
1004 reset_async(pwm
, 0);
1005 pwm
->lastcmd
= ASYNC_CMD_OPEN2
;
1006 *rc
= pwmd_open_async2(pwm
, pwm
->filename
);
1010 reset_async(pwm
, 0);
1011 pwm
->lastcmd
= ASYNC_CMD_OPEN
;
1012 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1013 #ifdef WITH_PINENTRY
1019 if (*rc
|| pwm
->state
== ASYNC_DONE
)
1020 return reset_async(pwm
, 0);
1025 gpg_error_t
_assuan_command(pwm_t
*pwm
, assuan_context_t ctx
,
1026 char **result
, const char *cmd
)
1032 return GPG_ERR_INV_ARG
;
1034 if (strlen(cmd
) >= ASSUAN_LINELENGTH
+1)
1035 return GPG_ERR_LINE_TOO_LONG
;
1039 rc
= assuan_transact(ctx
, cmd
, inquire_realloc_cb
, &data
,
1041 pwm
->pctx
== ctx
? pwm
->_inquire_func
: inquire_cb
,
1042 pwm
->pctx
== ctx
? pwm
->_inquire_data
: pwm
,
1046 pwm
->status_func
, pwm
->status_data
);
1050 pwmd_free(data
.buf
);
1056 inquire_realloc_cb(&data
, "", 1);
1059 pwmd_free(data
.buf
);
1060 rc
= GPG_ERR_INV_ARG
;
1063 *result
= (char *)data
.buf
;
1067 return gpg_err_code(rc
);
1070 gpg_error_t
pwmd_inquire(pwm_t
*pwm
, const char *cmd
, pwmd_inquire_cb_t fn
,
1073 if (!pwm
|| !cmd
|| !fn
)
1074 return GPG_ERR_INV_ARG
;
1077 return GPG_ERR_INV_STATE
;
1079 pwm
->inquire_func
= fn
;
1080 pwm
->inquire_data
= data
;
1081 return _assuan_command(pwm
, pwm
->ctx
, NULL
, cmd
);
1084 gpg_error_t
pwmd_command_ap(pwm_t
*pwm
, char **result
, const char *cmd
,
1092 return GPG_ERR_INV_ARG
;
1095 return GPG_ERR_INV_STATE
;
1098 * C99 allows the dst pointer to be null which will calculate the length
1099 * of the would-be result and return it.
1102 len
= vsnprintf(NULL
, 0, cmd
, ap
)+1;
1103 buf
= (char *)pwmd_malloc(len
);
1107 return gpg_error_from_errno(ENOMEM
);
1110 len
= vsnprintf(buf
, len
, cmd
, ap2
);
1113 if (buf
[strlen(buf
)-1] == '\n')
1114 buf
[strlen(buf
)-1] = 0;
1116 if (buf
[strlen(buf
)-1] == '\r')
1117 buf
[strlen(buf
)-1] = 0;
1119 gpg_error_t rc
= _assuan_command(pwm
, pwm
->ctx
, result
, buf
);
1124 gpg_error_t
pwmd_command(pwm_t
*pwm
, char **result
, const char *cmd
, ...)
1129 return GPG_ERR_INV_ARG
;
1132 return GPG_ERR_INV_STATE
;
1138 gpg_error_t rc
= pwmd_command_ap(pwm
, result
, cmd
, ap
);
1143 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
)
1147 if (pwm
->pinentry_path
) {
1148 rc
= pwmd_command(pwm
, NULL
, "OPTION PATH=%s", pwm
->pinentry_path
);
1154 if (pwm
->pinentry_tty
) {
1155 rc
= pwmd_command(pwm
, NULL
, "OPTION TTYNAME=%s", pwm
->pinentry_tty
);
1161 if (pwm
->pinentry_term
) {
1162 rc
= pwmd_command(pwm
, NULL
, "OPTION TTYTYPE=%s", pwm
->pinentry_term
);
1168 if (pwm
->pinentry_display
) {
1169 rc
= pwmd_command(pwm
, NULL
, "OPTION DISPLAY=%s",
1170 pwm
->pinentry_display
);
1177 rc
= pwmd_command(pwm
, NULL
, "OPTION TITLE=%s", pwm
->title
);
1184 rc
= pwmd_command(pwm
, NULL
, "OPTION DESC=%s", pwm
->desc
);
1191 rc
= pwmd_command(pwm
, NULL
, "OPTION PROMPT=%s", pwm
->prompt
);
1198 rc
= pwmd_command(pwm
, NULL
, "OPTION LC_CTYPE=%s", pwm
->lcctype
);
1204 if (pwm
->lcmessages
) {
1205 rc
= pwmd_command(pwm
, NULL
, "OPTION LC_MESSAGES=%s", pwm
->lcmessages
);
1211 if (pwm
->pinentry_timeout
>= 0 && !pwm
->pin_try
) {
1212 rc
= pwmd_command(pwm
, NULL
, "OPTION TIMEOUT=%i", pwm
->pinentry_timeout
);
1221 gpg_error_t
pwmd_socket_type(pwm_t
*pwm
, pwmd_socket_t
*result
)
1223 if (!pwm
|| !result
)
1224 return GPG_ERR_INV_ARG
;
1227 if (pwm
->fd
== -1 && pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
== -1)
1231 return GPG_ERR_INV_STATE
;
1234 *result
= pwm
->tcp_conn
? PWMD_SOCKET_SSH
: PWMD_SOCKET_UDS
;
1236 *result
= PWMD_SOCKET_UDS
;
1241 static gpg_error_t
set_pinentry_retry(pwm_t
*pwm
)
1245 if (pwm
->pin_try
== 1) {
1246 rc
= pwmd_command(pwm
, NULL
, "OPTION TITLE=%s",
1247 N_("Invalid passphrase, please try again."));
1252 rc
= pwmd_command(pwm
, NULL
, "OPTION TIMEOUT=0");
1258 static gpg_error_t
get_custom_passphrase(pwm_t
*pwm
, char **result
)
1260 gpg_error_t rc
= GPG_ERR_NO_DATA
;
1265 if (pwm
->password
|| pwm
->passfunc
)
1269 if (pwm
->password
) {
1271 *result
= pwm
->password
;
1273 else if (pwm
->passfunc
)
1274 rc
= pwm
->passfunc(pwm
->passdata
, result
);
1279 static gpg_error_t
do_pwmd_open(pwm_t
*pwm
, const char *filename
, int nb
,
1282 char *result
= NULL
;
1283 char *password
= NULL
;
1287 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1290 if (!pwm
|| !filename
|| !*filename
)
1291 return GPG_ERR_INV_ARG
;
1294 return GPG_ERR_INV_STATE
;
1297 * Avoid calling pinentry if the password is cached on the server or if
1298 * this is a new file. pwmd version 2 adds a VERSION command which is
1299 * determined in _connect_finalize(). If the server is version 2,
1300 * ISCACHED will return GPG_ERR_ENOENT if it doesn't exist.
1303 /* Don't try a local filesystem lookup of the data file over a remote
1305 if (!pwm
->tcp_conn
&& pwm
->version
== PWMD_V1
) {
1307 if (pwm
->version
== PWMD_V1
) {
1309 rc
= pwmd_command(pwm
, &result
, "GETCONFIG data_directory");
1314 path
= pwmd_strdup_printf("%s/%s", result
, filename
);
1318 return gpg_error_from_errno(ENOMEM
);
1320 if (access(path
, R_OK
) == -1) {
1321 if (errno
== ENOENT
) {
1330 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", filename
);
1332 /* pwmd >= 2.0 specific. This is a new file which doesn't require a
1334 if (rc
== GPG_ERR_ENOENT
)
1337 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1340 if (rc
== GPG_ERR_NOT_FOUND
) {
1341 rc
= get_custom_passphrase(pwm
, &password
);
1343 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1345 else if (rc
== GPG_ERR_NO_DATA
)
1346 rc
= GPG_ERR_NOT_FOUND
;
1351 #ifdef WITH_PINENTRY
1352 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1353 /* Prevent pwmd from using it's pinentry if the passphrase fails. */
1354 if (!pwm
->pin_try
) {
1355 rc
= pwmd_command(pwm
, NULL
, "OPTION PINENTRY=0");
1361 rc
= _pinentry_open(pwm
, filename
, &password
, nb
);
1363 /* pwmd_process() should be called if using a non-blocking local
1365 if (rc
|| (!rc
&& nb
))
1371 reset_async(pwm
, 0);
1374 if (!local_pinentry
&& !pwm
->tcp_conn
&& !pwm
->pin_try
) {
1376 if (!local_pinentry
&& !pwm
->pin_try
) {
1378 rc
= send_pinentry_options(pwm
);
1384 rc
= pwmd_command(pwm
, NULL
, "OPEN %s %s", filename
,
1385 password
? password
: "");
1388 * Keep the user defined password set with pwmd_setopt(). The password may
1389 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
1391 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1392 pwmd_free(password
);
1394 if (rc
== GPG_ERR_INV_PASSPHRASE
) {
1395 if (++pwm
->pin_try
< pwm
->pinentry_tries
) {
1396 if (!get_custom_passphrase(pwm
, NULL
))
1399 #ifdef WITH_PINENTRY
1401 if (pwm
->tcp_conn
&& !local_pinentry
)
1403 else if (local_pinentry
)
1404 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1408 rc
= _getpin(pwm
, &password
, PWMD_PINENTRY_OPEN_FAILED
);
1418 rc
= set_pinentry_retry(pwm
);
1425 #ifdef WITH_PINENTRY
1426 else if (local_pinentry
)
1427 _pinentry_disconnect(pwm
);
1433 #ifdef WITH_PINENTRY
1434 else if (rc
&& local_pinentry
)
1435 _pinentry_disconnect(pwm
);
1440 pwmd_free(pwm
->filename
);
1442 pwm
->filename
= pwmd_strdup(filename
);
1448 gpg_error_t
pwmd_open2(pwm_t
*pwm
, const char *filename
)
1450 #ifndef WITH_PINENTRY
1451 return GPG_ERR_NOT_IMPLEMENTED
;
1453 return do_pwmd_open(pwm
, filename
, 0, 1);
1457 gpg_error_t
pwmd_open(pwm_t
*pwm
, const char *filename
)
1459 return do_pwmd_open(pwm
, filename
, 0, 0);
1462 gpg_error_t
pwmd_open_async2(pwm_t
*pwm
, const char *filename
)
1464 #ifndef WITH_PINENTRY
1465 return GPG_ERR_NOT_IMPLEMENTED
;
1467 if (!pwm
|| !filename
)
1468 return GPG_ERR_INV_ARG
;
1471 return GPG_ERR_INV_STATE
;
1473 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1474 return GPG_ERR_ASS_NESTED_COMMANDS
;
1476 /* Initialize a new command since this is not a pinentry retry. */
1477 if (pwm
->lastcmd
!= ASYNC_CMD_OPEN2
)
1480 pwm
->cmd
= ASYNC_CMD_OPEN2
;
1481 pwm
->state
= ASYNC_PROCESS
;
1482 gpg_error_t rc
= do_pwmd_open(pwm
, filename
, 1, 1);
1485 reset_async(pwm
, 0);
1491 static gpg_error_t
do_pwmd_save(pwm_t
*pwm
, int nb
, int local_pinentry
)
1493 char *result
= NULL
;
1494 char *password
= NULL
;
1498 return GPG_ERR_INV_ARG
;
1501 return GPG_ERR_INV_STATE
;
1503 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", pwm
->filename
);
1505 if (rc
== GPG_ERR_ENOENT
)
1506 rc
= GPG_ERR_NOT_FOUND
;
1508 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1511 if (rc
== GPG_ERR_NOT_FOUND
) {
1512 rc
= get_custom_passphrase(pwm
, &password
);
1514 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
1516 else if (rc
== GPG_ERR_NO_DATA
)
1517 rc
= GPG_ERR_NOT_FOUND
;
1522 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1523 #ifdef WITH_PINENTRY
1524 /* Get the password using the LOCAL pinentry. */
1528 pwmd_nb_status_t pw
;
1531 return gpg_error_from_syserror();
1544 pw
.error
= _do_save_getpin(pwm
, &password
);
1547 snprintf(pw
.password
, sizeof(pw
.password
), "%s",
1549 pwmd_free(password
);
1552 pth_write(p
[1], &pw
, sizeof(pw
));
1554 write(p
[1], &pw
, sizeof(pw
));
1556 memset(&pw
, 0, sizeof(pw
));
1561 rc
= gpg_error_from_syserror();
1575 rc
= _do_save_getpin(pwm
, &password
);
1582 pwm
->state
= ASYNC_DONE
;
1585 reset_async(pwm
, 0);
1588 if (!local_pinentry
&& !pwm
->tcp_conn
) {
1590 if (!local_pinentry
) {
1592 rc
= send_pinentry_options(pwm
);
1598 rc
= pwmd_command(pwm
, NULL
, "SAVE %s", password
? password
: "");
1600 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
1601 pwmd_free(password
);
1606 gpg_error_t
pwmd_save_async2(pwm_t
*pwm
)
1608 #ifndef WITH_PINENTRY
1609 return GPG_ERR_NOT_IMPLEMENTED
;
1612 return GPG_ERR_INV_ARG
;
1615 return GPG_ERR_INV_STATE
;
1617 if (pwm
->cmd
!= ASYNC_CMD_NONE
)
1618 return GPG_ERR_ASS_NESTED_COMMANDS
;
1620 pwm
->cmd
= ASYNC_CMD_SAVE2
;
1621 pwm
->state
= ASYNC_PROCESS
;
1622 gpg_error_t rc
= do_pwmd_save(pwm
, 1, 1);
1625 reset_async(pwm
, 0);
1631 gpg_error_t
pwmd_save2(pwm_t
*pwm
)
1633 #ifndef WITH_PINENTRY
1634 return GPG_ERR_NOT_IMPLEMENTED
;
1636 return do_pwmd_save(pwm
, 0, 1);
1640 gpg_error_t
pwmd_save(pwm_t
*pwm
)
1642 return do_pwmd_save(pwm
, 0, 0);
1645 gpg_error_t
pwmd_setopt(pwm_t
*pwm
, pwmd_option_t opt
, ...)
1648 int n
= va_arg(ap
, int);
1653 return GPG_ERR_INV_ARG
;
1658 case PWMD_OPTION_STATUS_CB
:
1659 pwm
->status_func
= va_arg(ap
, pwmd_status_cb_t
);
1661 case PWMD_OPTION_STATUS_DATA
:
1662 pwm
->status_data
= va_arg(ap
, void *);
1664 case PWMD_OPTION_PASSPHRASE_CB
:
1665 pwm
->passfunc
= va_arg(ap
, pwmd_passphrase_cb_t
);
1667 case PWMD_OPTION_PASSPHRASE_DATA
:
1668 pwm
->passdata
= va_arg(ap
, void *);
1670 case PWMD_OPTION_PASSPHRASE
:
1671 arg1
= va_arg(ap
, char *);
1674 pwmd_free(pwm
->password
);
1676 pwm
->password
= pwmd_strdup(arg1
);
1678 case PWMD_OPTION_PINENTRY_TRIES
:
1679 n
= va_arg(ap
, int);
1683 rc
= GPG_ERR_INV_VALUE
;
1686 pwm
->pinentry_tries
= n
;
1688 case PWMD_OPTION_PINENTRY_TIMEOUT
:
1689 n
= va_arg(ap
, int);
1693 rc
= GPG_ERR_INV_VALUE
;
1696 pwm
->pinentry_timeout
= n
;
1698 case PWMD_OPTION_PINENTRY_PATH
:
1699 if (pwm
->pinentry_path
)
1700 pwmd_free(pwm
->pinentry_path
);
1702 pwm
->pinentry_path
= _expand_homedir(va_arg(ap
, char *), NULL
);
1704 case PWMD_OPTION_PINENTRY_TTY
:
1705 if (pwm
->pinentry_tty
)
1706 pwmd_free(pwm
->pinentry_tty
);
1708 pwm
->pinentry_tty
= pwmd_strdup(va_arg(ap
, char *));
1710 case PWMD_OPTION_PINENTRY_DISPLAY
:
1711 if (pwm
->pinentry_display
)
1712 pwmd_free(pwm
->pinentry_display
);
1714 pwm
->pinentry_display
= pwmd_strdup(va_arg(ap
, char *));
1716 case PWMD_OPTION_PINENTRY_TERM
:
1717 if (pwm
->pinentry_term
)
1718 pwmd_free(pwm
->pinentry_term
);
1720 pwm
->pinentry_term
= pwmd_strdup(va_arg(ap
, char *));
1722 case PWMD_OPTION_PINENTRY_TITLE
:
1724 pwmd_free(pwm
->title
);
1726 pwm
->title
= _percent_escape(va_arg(ap
, char *));
1728 case PWMD_OPTION_PINENTRY_PROMPT
:
1730 pwmd_free(pwm
->prompt
);
1732 pwm
->prompt
= _percent_escape(va_arg(ap
, char *));
1734 case PWMD_OPTION_PINENTRY_DESC
:
1736 pwmd_free(pwm
->desc
);
1738 pwm
->desc
= _percent_escape(va_arg(ap
, char *));
1740 case PWMD_OPTION_PINENTRY_LC_CTYPE
:
1742 pwmd_free(pwm
->lcctype
);
1744 pwm
->lcctype
= pwmd_strdup(va_arg(ap
, char *));
1746 case PWMD_OPTION_PINENTRY_LC_MESSAGES
:
1747 if (pwm
->lcmessages
)
1748 pwmd_free(pwm
->lcmessages
);
1750 pwm
->lcmessages
= pwmd_strdup(va_arg(ap
, char *));
1752 case PWMD_OPTION_IP_VERSION
:
1754 n
= va_arg(ap
, int);
1763 rc
= GPG_ERR_INV_VALUE
;
1769 rc
= GPG_ERR_NOT_IMPLEMENTED
;
1773 rc
= GPG_ERR_UNKNOWN_OPTION
;
1781 gpg_error_t
pwmd_get_fds(pwm_t
*pwm
, pwmd_fd_t
*fds
, int *n_fds
)
1786 int afds
[ARES_GETSOCK_MAXNUM
];
1791 if (!pwm
|| !fds
|| !n_fds
|| *n_fds
<= 0)
1792 return GPG_ERR_INV_ARG
;
1796 memset(afds
, 0, sizeof(int)*ARES_GETSOCK_MAXNUM
);
1798 memset(fds
, 0, sizeof(pwmd_fd_t
)*in_total
);
1803 case ASYNC_CMD_NONE
:
1804 case ASYNC_CMD_OPEN
:
1805 case ASYNC_CMD_SAVE
:
1806 #ifdef WITH_PINENTRY
1810 return GPG_ERR_INV_STATE
;
1813 fds
[fd
].fd
= pwm
->fd
;
1814 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1816 #ifdef WITH_PINENTRY
1817 case ASYNC_CMD_OPEN2
:
1818 case ASYNC_CMD_SAVE2
:
1819 /* The command has already completed (cached or new). */
1820 if (pwm
->state
== ASYNC_DONE
)
1823 if (pwm
->nb_fd
== -1)
1824 return GPG_ERR_INV_STATE
;
1827 fds
[fd
].fd
= pwm
->nb_fd
;
1828 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1833 if (!pwm
->tcp_conn
|| !pwm
->tcp_conn
->chan
)
1834 return GPG_ERR_INV_STATE
;
1836 n
= ares_getsock(pwm
->tcp_conn
->chan
, afds
, ARES_GETSOCK_MAXNUM
);
1838 for (i
= 0; i
< ARES_GETSOCK_MAXNUM
; i
++) {
1841 if (fd
> in_total
) {
1843 return GPG_ERR_ERANGE
;
1846 if (ARES_GETSOCK_READABLE(n
, i
)) {
1848 fds
[fd
].flags
|= PWMD_FD_READABLE
;
1851 if (ARES_GETSOCK_WRITABLE(n
, i
)) {
1853 fds
[fd
].flags
|= PWMD_FD_WRITABLE
;
1857 fds
[fd
++].fd
= afds
[i
];
1862 case ASYNC_CMD_CONNECT
:
1863 case ASYNC_CMD_HOSTKEY
:
1864 if (!pwm
->tcp_conn
|| pwm
->tcp_conn
->fd
== -1)
1865 return GPG_ERR_INV_STATE
;
1868 fds
[fd
].fd
= pwm
->tcp_conn
->fd
;
1869 fds
[fd
++].flags
= PWMD_FD_READABLE
;
1874 return GPG_ERR_INV_STATE
;
1877 pwm_t
*pwmd_new(const char *name
)
1879 pwm_t
*h
= pwmd_calloc(1, sizeof(pwm_t
));
1885 h
->name
= pwmd_strdup(name
);
1894 h
->pinentry_timeout
= -30;
1895 h
->pinentry_tries
= 3;
1897 h
->prot
= PWMD_IP_ANY
;
1900 if (ttyname(STDOUT_FILENO
)) {
1903 ttyname_r(STDOUT_FILENO
, buf
, sizeof(buf
));
1904 h
->pinentry_tty
= pwmd_strdup(buf
);
1906 if (!h
->pinentry_tty
)
1910 if (getenv("TERM") && h
->pinentry_tty
) {
1911 h
->pinentry_term
= pwmd_strdup(getenv("TERM"));
1913 if (!h
->pinentry_term
)
1917 if (getenv("DISPLAY")) {
1918 h
->pinentry_display
= pwmd_strdup(getenv("DISPLAY"));
1920 if (!h
->pinentry_display
)
1931 void pwmd_free(void *ptr
)
1936 void *pwmd_malloc(size_t size
)
1938 return _xmalloc(size
);
1941 void *pwmd_calloc(size_t nmemb
, size_t size
)
1943 return _xcalloc(nmemb
, size
);
1946 void *pwmd_realloc(void *ptr
, size_t size
)
1948 return _xrealloc(ptr
, size
);
1951 char *pwmd_strdup(const char *str
)
1953 return _xstrdup(str
);
1956 char *pwmd_strdup_printf(const char *fmt
, ...)
1967 len
= vsnprintf(NULL
, 0, fmt
, ap
);
1969 buf
= pwmd_malloc(++len
);
1972 vsnprintf(buf
, len
, fmt
, ap2
);
1978 gpg_error_t
pwmd_getpin(pwm_t
*pwm
, const char *filename
, char **result
,
1979 pwmd_pinentry_t which
)
1981 #ifndef WITH_PINENTRY
1982 return GPG_ERR_NOT_IMPLEMENTED
;
1984 return _pwmd_getpin(pwm
, filename
, result
, which
);