search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Unofficial pwmd_tcp_connect() to a remote server. GnuTLS is used for
[libpwmd.git] / libpwmd.c
blobfc15efdb85d08f93515574eeab2fbac7970104af
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2008 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <ctype.h>
25 #include <string.h>
26 #include <sys/socket.h>
27 #include <sys/un.h>
28 #include <signal.h>
29 #include <stdarg.h>
30 #include <string.h>
31 #include <sys/wait.h>
32 #include <fcntl.h>
33 #include <pwd.h>
34 #include <time.h>
35 #include <sys/types.h>
36 #include <limits.h>
37 #include <sys/select.h>
38 #include <netdb.h>
39 #include <netinet/in.h>
40 #include <sys/socket.h>
41 #include <libpwmd.h>
42
43 #ifdef HAVE_CONFIG_H
44 #include <config.h>
45 #endif
46
47 #ifdef WITH_GNUTLS
48 #include <gnutls/gnutls.h>
49 #include <gnutls/x509.h>
50 #endif
51
52 #ifdef HAVE_ASSUAN_H
53 #include <assuan.h>
54 #endif
55
56 #ifdef HAVE_SETLOCALE
57 #include <locale.h>
58 #endif
59
60 #include "gettext.h"
61 #define N_(msgid) dgettext("libpwmd", msgid)
62
63 #ifndef MEM_DEBUG
64 #include "mem.h"
65 #else
66 #define xfree free
67 #define xrealloc realloc
68 #define xmalloc malloc
69 #define xstrdup strdup
70 #define xcalloc calloc
71 #endif
72
73 #include "types.h"
74
75 #ifdef USE_PINENTRY
76 static pwm_t *gpwm;
77 static int gelapsed, gtimeout;
78 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd);
79 static gpg_error_t global_error;
80 #endif
81
82 const char *pwmd_strerror(gpg_error_t e)
83 {
84 gpg_err_code_t code = gpg_err_code(e);
85
86 if (code >= GPG_ERR_USER_1 && code < gpg_err_code(EPWMD_MAX)) {
87 switch (code) {
88 case GPG_ERR_USER_1:
89 default:
90 return N_("Unknown error");
91 case GPG_ERR_USER_2:
92 return N_("No cache slots available");
93 case GPG_ERR_USER_3:
94 return N_("Recursion loop");
95 case GPG_ERR_USER_4:
96 return N_("No file is open");
97 case GPG_ERR_USER_5:
98 return N_("General LibXML error");
99 case GPG_ERR_USER_6:
100 return N_("File modified");
101 }
102 }
103
104 return gpg_strerror(e);
105 }
106
107 gpg_error_t pwmd_init()
108 {
109 #ifdef WITH_GNUTLS
110 gnutls_global_set_mem_functions(xmalloc, xmalloc, NULL, xrealloc, xfree);
111 gnutls_global_init ();
112 #endif
113 #ifdef ENABLE_NLS
114 bindtextdomain("libpwmd", LOCALEDIR);
115 #endif
116 gpg_err_init();
117 assuan_set_malloc_hooks(xmalloc, xrealloc, xfree);
118 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT);
119 return 0;
120 }
121
122 static pwm_t *_socket_connect_finalize(pwm_t *pwm, assuan_context_t ctx)
123 {
124 int active[2];
125 int n = assuan_get_active_fds(ctx, 0, active, sizeof(active));
126
127 pwm->fd = n <= 0 ? -1 : dup(active[0]);
128 pwm->ctx = ctx;
129 #ifdef USE_PINENTRY
130 pwm->pid = -1;
131 pwm->pinentry_tries = 3;
132 #endif
133 assuan_set_pointer(ctx, pwm);
134 return pwm;
135 }
136
137 #ifdef WITH_GNUTLS
138 static int read_hook(assuan_context_t ctx, assuan_fd_t fd, void *data,
139 size_t len, ssize_t *ret)
140 {
141 pwm_t *pwm = assuan_get_pointer(ctx);
142
143 if (!pwm || !pwm->session)
144 *ret = read((int)fd, data, len);
145 else {
146 do {
147 *ret = gnutls_record_recv(pwm->session, data, len);
148
149 if (*ret == GNUTLS_E_REHANDSHAKE) {
150 *ret = gnutls_rehandshake(pwm->session);
151
152 if (*ret == GNUTLS_E_WARNING_ALERT_RECEIVED ||
153 *ret == GNUTLS_A_NO_RENEGOTIATION) {
154 fprintf(stderr, "%s", gnutls_strerror(*ret));
155 continue;
156 }
157
158 if (*ret != GNUTLS_E_SUCCESS) {
159 fprintf(stderr, "%s", gnutls_strerror(*ret));
160 *ret = 0;
161 break;
162 }
163
164 *ret = gnutls_handshake(pwm->session);
165
166 if (*ret != GNUTLS_E_SUCCESS) {
167 fprintf(stderr, "%s", gnutls_strerror(*ret));
168 *ret = 0;
169 break;
170 }
171
172 continue;
173 }
174 } while (*ret == GNUTLS_E_INTERRUPTED || *ret == GNUTLS_E_AGAIN);
175 }
176
177 return *ret <= 0 ? 0 : 1;
178 }
179
180 static int write_hook(assuan_context_t ctx, assuan_fd_t fd, const void *data,
181 size_t len, ssize_t *ret)
182 {
183 pwm_t *pwm = assuan_get_pointer(ctx);
184
185 if (!pwm || !pwm->session)
186 *ret = write((int)fd, data, len);
187 else {
188 do {
189 *ret = gnutls_record_send(pwm->session, data, len);
190 } while (*ret == GNUTLS_E_INTERRUPTED || *ret == GNUTLS_E_AGAIN);
191 }
192
193 return *ret <= 0 ? 0 : 1;
194 }
195
196 static void _tls_deinit(pwm_t *pwm)
197 {
198 //FIXME hangs when missing cert
199 gnutls_bye(pwm->session, GNUTLS_SHUT_RDWR);
200 gnutls_deinit(pwm->session);
201 gnutls_certificate_free_credentials(pwm->x509);
202 }
203
204 static gpg_error_t verify_certificate(pwm_t *pwm)
205 {
206 unsigned int status;
207 const gnutls_datum_t *cert_list;
208 unsigned int cert_list_size;
209 int i;
210 gnutls_x509_crt_t cert;
211 gpg_error_t rc;
212
213 rc = gnutls_certificate_verify_peers2(pwm->session, &status);
214
215 if (rc < 0)
216 return GPG_ERR_UNKNOWN_ERRNO;
217
218 if (status & GNUTLS_CERT_INVALID)
219 return GPG_ERR_MISSING_CERT;
220
221 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
222 return GPG_ERR_BAD_SIGNATURE;
223
224 if (status & GNUTLS_CERT_REVOKED)
225 return GPG_ERR_CERT_REVOKED;
226
227 if (gnutls_certificate_type_get(pwm->session) != GNUTLS_CRT_X509)
228 return GPG_ERR_UNSUPPORTED_CERT;
229
230 if (gnutls_x509_crt_init(&cert) < 0)
231 return gpg_error_from_errno(ENOMEM);
232
233 cert_list = gnutls_certificate_get_peers (pwm->session, &cert_list_size);
234
235 if (!cert_list) {
236 rc = GPG_ERR_MISSING_CERT;
237 goto done;
238 }
239
240 for (i = 0; i < cert_list_size; i++) {
241 if (gnutls_x509_crt_import(cert, &cert_list[i], GNUTLS_X509_FMT_DER) < 0) {
242 rc = GPG_ERR_BAD_CERT_CHAIN;
243 goto done;
244 }
245 }
246
247 /* Beware here we do not check for errors.
248 */
249 if (gnutls_x509_crt_get_expiration_time(cert) < time (0)) {
250 rc = GPG_ERR_CERT_EXPIRED;
251 goto done;
252 }
253
254 if (gnutls_x509_crt_get_activation_time(cert) > time (0)) {
255 rc = GPG_ERR_CERT_TOO_YOUNG;
256 goto done;
257 }
258
259 #if 0
260 if (!gnutls_x509_crt_check_hostname (cert, hostname))
261 {
262 printf ("The certificate's owner does not match hostname '%s'\n",
263 hostname);
264 return 1;
265 }
266 #endif
267
268 done:
269 gnutls_x509_crt_deinit(cert);
270 return rc;
271 }
272
273 static gpg_error_t _tls_init(pwm_t *pwm, int fd, const char *cert,
274 const char *key, const char *ca)
275 {
276 gpg_error_t rc;
277 const char *errstr;
278
279 rc = gnutls_certificate_allocate_credentials(&pwm->x509);
280
281 if (rc)
282 return gpg_error_from_errno(ENOMEM);
283
284 /* The client certificate must be signed by the CA of the pwmd server
285 * certificate in order for the client to authenticate successfully. Man in
286 * the middle attacks are still possible if the attacker is running a pwmd
287 * that doesn't require client certificate authentication. So require the
288 * client to verify the server certificate.
289 */
290 gnutls_certificate_set_x509_trust_file (pwm->x509, ca, GNUTLS_X509_FMT_PEM);
291
292 rc = gnutls_certificate_set_x509_key_file(pwm->x509, cert, key,
293 GNUTLS_X509_FMT_PEM);
294 rc = gnutls_init(&pwm->session, GNUTLS_CLIENT);
295 rc = gnutls_priority_set_direct(pwm->session, "SECURE256", &errstr);
296 rc = gnutls_credentials_set(pwm->session, GNUTLS_CRD_CERTIFICATE, pwm->x509);
297 gnutls_transport_set_ptr(pwm->session, (gnutls_transport_ptr_t) fd);
298 rc = gnutls_handshake(pwm->session);
299
300 if (rc < 0) {
301 gnutls_perror (rc);
302 rc = GPG_ERR_INV_CIPHER_MODE;
303 _tls_deinit(pwm);
304 return rc;
305 }
306
307 rc = verify_certificate(pwm);
308 if (rc)
309 _tls_deinit(pwm);
310 return rc;
311 }
312
313 static void _tls_assuan_deinit(assuan_context_t ctx)
314 {
315 pwm_t *pwm = assuan_get_pointer(ctx);
316
317 _tls_deinit(pwm);
318 }
319
320 pwm_t *pwmd_tcp_connect(const char *host, gpg_error_t *rc, const char *cert,
321 const char *key, const char *ca)
322 {
323 char *p;
324 int port = 6466;
325 int fd;
326 struct hostent *he;
327 struct sockaddr_in their_addr;
328 assuan_context_t ctx;
329 char *tcert, *tkey, *tca;
330 char buf[PATH_MAX];
331 struct passwd *pw = getpwuid(getuid());
332 pwm_t *pwm;
333 struct assuan_io_hooks io_hooks = {read_hook, write_hook};
334
335 if (!host) {
336 *rc = GPG_ERR_INV_ARG;
337 return NULL;
338 }
339
340 p = strchr(host, ':');
341
342 if (p) {
343 char *pp;
344
345 port = strtol(++p, &pp, 10);
346
347 if (pp) {
348 *rc = GPG_ERR_INV_ARG;
349 return NULL;
350 }
351 }
352
353 if ((he = gethostbyname(host)) == NULL) {
354 *rc = gpg_error_from_syserror();
355 return NULL;
356 }
357
358 fd = socket(PF_INET, SOCK_STREAM, 0);
359
360 if (fd == -1) {
361 *rc = gpg_error_from_syserror();
362 return NULL;
363 }
364
365 their_addr.sin_family = PF_INET;
366 their_addr.sin_port = htons(port);
367 their_addr.sin_addr = *((struct in_addr *)he->h_addr);
368 memset(their_addr.sin_zero, '\0', sizeof their_addr.sin_zero);
369
370 if (connect(fd, (struct sockaddr *)&their_addr, sizeof(their_addr)) == -1) {
371 *rc = gpg_error_from_syserror();
372 return NULL;
373 }
374
375 if (!cert) {
376 snprintf(buf, sizeof(buf), "%s/.pwmd/client-cert.pem", pw->pw_dir);
377 tcert = xstrdup(buf);
378 }
379 else
380 tcert = xstrdup(cert);
381
382 if (!tcert) {
383 *rc = gpg_error_from_syserror();
384 return NULL;
385 }
386
387 if (!key) {
388 snprintf(buf, sizeof(buf), "%s/.pwmd/client-key.pem", pw->pw_dir);
389 tkey = xstrdup(buf);
390 }
391 else
392 tkey = xstrdup(key);
393
394 if (!tkey) {
395 *rc = gpg_error_from_syserror();
396 xfree(tcert);
397 return NULL;
398 }
399
400 if (!ca) {
401 snprintf(buf, sizeof(buf), "%s/.pwmd/ca-cert.pem", pw->pw_dir);
402 tca = xstrdup(buf);
403 }
404 else
405 tca = xstrdup(ca);
406
407 if (!tca) {
408 *rc = gpg_error_from_syserror();
409 xfree(tcert);
410 xfree(tkey);
411 return NULL;
412 }
413
414 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
415 *rc = gpg_error_from_syserror();
416 xfree(tcert);
417 xfree(tkey);
418 xfree(tca);
419 return NULL;
420 }
421
422 *rc = _tls_init(pwm, fd, tcert, tkey, tca);
423 xfree(tcert);
424 xfree(tkey);
425 xfree(tca);
426
427 if (*rc) {
428 close(fd);
429 xfree(pwm);
430 return NULL;
431 }
432
433 assuan_set_io_hooks(&io_hooks);
434 *rc = assuan_socket_connect_fd(&ctx, fd, 0, pwm);
435
436 if (*rc) {
437 xfree(pwm);
438 return NULL;
439 }
440
441 assuan_set_finish_handler(ctx, _tls_assuan_deinit);
442 return _socket_connect_finalize(pwm, ctx);
443 }
444 #endif
445
446 pwm_t *pwmd_connect(const char *path, gpg_error_t *rc)
447 {
448 pwm_t *pwm = NULL;
449 char *socketpath = NULL;
450 struct passwd *pw;
451 assuan_context_t ctx;
452
453 if (!path) {
454 pw = getpwuid(getuid());
455 socketpath = (char *)xmalloc(strlen(pw->pw_dir) + strlen("/.pwmd/socket") + 1);
456 sprintf(socketpath, "%s/.pwmd/socket", pw->pw_dir);
457 }
458 else
459 socketpath = xstrdup(path);
460
461 *rc = assuan_socket_connect_ext(&ctx, socketpath, -1, 0);
462 xfree(socketpath);
463
464 if (*rc)
465 return NULL;
466
467 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
468 *rc = gpg_error_from_syserror();
469 return NULL;
470 }
471
472 return _socket_connect_finalize(pwm, ctx);
473 }
474
475 gpg_error_t pwmd_pending_line(pwm_t *pwm, char **line, size_t *len)
476 {
477 if (!pwm)
478 return GPG_ERR_INV_ARG;
479
480 if (assuan_pending_line(pwm->ctx))
481 return assuan_read_line(pwm->ctx, line, len);
482
483 return GPG_ERR_NO_DATA;
484 }
485
486 void pwmd_close(pwm_t *pwm)
487 {
488 if (!pwm)
489 return;
490
491 if (pwm->ctx)
492 assuan_disconnect(pwm->ctx);
493
494 if (pwm->password)
495 xfree(pwm->password);
496
497 if (pwm->title)
498 xfree(pwm->title);
499
500 if (pwm->desc)
501 xfree(pwm->desc);
502
503 if (pwm->prompt)
504 xfree(pwm->prompt);
505
506 if (pwm->pinentry_tty)
507 xfree(pwm->pinentry_tty);
508
509 if (pwm->pinentry_display)
510 xfree(pwm->pinentry_display);
511
512 if (pwm->pinentry_term)
513 xfree(pwm->pinentry_term);
514
515 if (pwm->filename)
516 xfree(pwm->filename);
517
518 xfree(pwm);
519 }
520
521 static int mem_realloc_cb(void *data, const void *buffer, size_t len)
522 {
523 membuf_t *mem = (membuf_t *)data;
524 void *p;
525
526 if (!buffer)
527 return 0;
528
529 if ((p = xrealloc(mem->buf, mem->len + len)) == NULL)
530 return 1;
531
532 mem->buf = p;
533 memcpy((char *)mem->buf + mem->len, buffer, len);
534 mem->len += len;
535 return 0;
536 }
537
538 void pwmd_free_result(void *data)
539 {
540 xfree(data);
541 }
542
543 static int _inquire_cb(void *data, const char *keyword)
544 {
545 pwm_t *pwm = (pwm_t *)data;
546 gpg_error_t rc = 0;
547 int flags = fcntl(pwm->fd, F_GETFL);
548
549 /* Shouldn't get this far without a callback. */
550 if (!pwm->inquire_func)
551 return GPG_ERR_INV_ARG;
552
553 /*
554 * Since the socket file descriptor is probably set to non-blocking, set to
555 * blocking to prevent GPG_ERR_EAGAIN errors. This should be fixes when
556 * asynchronous INQUIRE is supported by either libassuan or a later
557 * libpwmd.
558 */
559 fcntl(pwm->fd, F_SETFL, 0);
560
561 for (;;) {
562 char *result = NULL;
563 size_t len;
564 gpg_error_t arc;
565
566 rc = pwm->inquire_func(pwm->inquire_data, keyword, rc, &result, &len);
567 rc = gpg_err_code(rc);
568
569 if (rc == GPG_ERR_EOF || !rc) {
570 if (len <= 0 || !result || !*result) {
571 rc = 0;
572 break;
573 }
574
575 arc = assuan_send_data(pwm->ctx, result, len);
576
577 if (rc == GPG_ERR_EOF) {
578 rc = arc;
579 break;
580 }
581
582 rc = arc;
583 }
584 else if (rc)
585 break;
586 }
587
588 fcntl(pwm->fd, F_SETFL, flags);
589 return rc;
590 }
591
592 gpg_error_t pwmd_finalize(pwm_t *pwm)
593 {
594 if (!pwm || pwm->fd < 0)
595 return GPG_ERR_INV_ARG;
596
597 pwm->state = ASYNC_INIT;
598 pwm->ntries = 0;
599 pwm->is_open_cmd = 0;
600 return 0;
601 }
602
603 static gpg_error_t do_nb_command(pwm_t *pwm, const char *cmd, const char *arg)
604 {
605 char *buf;
606 gpg_error_t rc;
607 size_t len = strlen(cmd) + 2;
608
609 len += arg ? strlen(arg) : 0;
610
611 if (pwm->state != ASYNC_INIT)
612 return GPG_ERR_UNEXPECTED;
613
614 buf = (char *)xmalloc(len);
615
616 if (!buf) {
617 rc = gpg_error_from_errno(ENOMEM);
618 goto fail;
619 }
620
621 snprintf(buf, len, "%s %s", cmd, arg ? arg : "");
622 rc = assuan_write_line(pwm->ctx, buf);
623 xfree(buf);
624
625 if (!rc)
626 pwm->state = ASYNC_PROCESS;
627
628 fail:
629 return rc;
630 }
631
632 gpg_error_t pwmd_open_async(pwm_t *pwm, const char *filename)
633 {
634 if (!pwm || !filename)
635 return GPG_ERR_INV_ARG;
636
637 /* For pinentry retries. */
638 if (!pwm->is_open_cmd) {
639 if (pwm->filename)
640 xfree(pwm->filename);
641
642 pwm->filename = xstrdup(filename);
643 }
644
645 pwm->is_open_cmd = 1;
646 return do_nb_command(pwm, "OPEN", filename);
647 }
648
649 gpg_error_t pwmd_save_async(pwm_t *pwm)
650 {
651 if (!pwm)
652 return GPG_ERR_INV_ARG;
653
654 return do_nb_command(pwm, "SAVE", NULL);
655 }
656
657 static gpg_error_t parse_assuan_line(pwm_t *pwm)
658 {
659 gpg_error_t rc;
660 char *line;
661 size_t len;
662
663 rc = assuan_read_line(pwm->ctx, &line, &len);
664
665 if (!rc) {
666 if (line[0] == 'O' && line[1] == 'K' &&
667 (line[2] == 0 || line[2] == ' ')) {
668 pwm->state = ASYNC_DONE;
669 }
670 else if (line[0] == '#') {
671 }
672 else if (line[0] == 'S' && (line[1] == 0 || line[1] == ' ')) {
673 if (pwm->status_func) {
674 pwm->status_func(pwm->status_data,
675 line[1] == 0 ? line+1 : line+2);
676 }
677 }
678 else if (line[0] == 'E' && line[1] == 'R' && line[2] == 'R' &&
679 (line[3] == 0 || line[3] == ' ')) {
680 line += 4;
681 rc = atoi(line);
682 pwm->state = ASYNC_DONE;
683 }
684 }
685
686 return rc;
687 }
688
689 pwmd_async_t pwmd_process(pwm_t *pwm, gpg_error_t *rc)
690 {
691 fd_set rfds;
692 int n;
693 struct timeval tv = {0, 0};
694
695 *rc = 0;
696
697 if (!pwm || pwm->fd < 0) {
698 *rc = GPG_ERR_INV_ARG;
699 return ASYNC_DONE;
700 }
701 else if (pwm->state == ASYNC_DONE)
702 return pwm->state;
703 else if (pwm->state == ASYNC_INIT) {
704 *rc = GPG_ERR_UNEXPECTED;
705 return ASYNC_DONE;
706 }
707
708 FD_ZERO(&rfds);
709 FD_SET(pwm->fd, &rfds);
710 n = select(pwm->fd+1, &rfds, NULL, NULL, &tv);
711
712 if (n > 0) {
713 if (FD_ISSET(pwm->fd, &rfds))
714 *rc = parse_assuan_line(pwm);
715 }
716
717 while (!*rc && assuan_pending_line(pwm->ctx))
718 *rc = parse_assuan_line(pwm);
719
720 if (pwm->is_open_cmd && gpg_err_code(*rc) == EPWMD_BADKEY &&
721 ++pwm->ntries < pwm->pinentry_tries) {
722 pwm->state = ASYNC_INIT;
723 *rc = pwmd_open_async(pwm, pwm->filename);
724 }
725
726 return pwm->state;
727 }
728
729 static gpg_error_t assuan_command(pwm_t *pwm, assuan_context_t ctx,
730 char **result, const char *cmd)
731 {
732 membuf_t data;
733 gpg_error_t rc;
734
735 data.len = 0;
736 data.buf = NULL;
737
738 rc = assuan_transact(ctx, cmd, mem_realloc_cb, &data, _inquire_cb, pwm,
739 pwm->status_func, pwm->status_data);
740
741 if (rc) {
742 if (data.buf) {
743 xfree(data.buf);
744 data.buf = NULL;
745 }
746 }
747 else {
748 if (data.buf) {
749 mem_realloc_cb(&data, "", 1);
750 *result = (char *)data.buf;
751 }
752 }
753
754 return gpg_err_code(rc);
755 }
756
757 gpg_error_t pwmd_inquire(pwm_t *pwm, const char *cmd, pwmd_inquire_fn fn,
758 void *data)
759 {
760 if (!pwm || !cmd || !fn)
761 return GPG_ERR_INV_ARG;
762
763 pwm->inquire_func = fn;
764 pwm->inquire_data = data;
765 return assuan_command(pwm, pwm->ctx, NULL, cmd);
766 }
767
768 gpg_error_t pwmd_terminate_pinentry(pwm_t *pwm)
769 {
770 #ifndef USE_PINENTRY
771 return GPG_ERR_NOT_IMPLEMENTED;
772 #else
773 if (!pwm || pwm->pid == -1)
774 return GPG_ERR_INV_ARG;
775
776 if (kill(pwm->pid, 0) == 0) {
777 if (kill(pwm->pid, SIGTERM) == -1) {
778 if (kill(pwm->pid, SIGKILL) == -1)
779 return gpg_error_from_errno(errno);
780 }
781
782 pwm->pin_error = GPG_ERR_TIMEOUT;
783 }
784 else
785 return gpg_error_from_errno(errno);
786
787 return 0;
788 #endif
789 }
790
791 #ifdef USE_PINENTRY
792 static gpg_error_t set_pinentry_strings(pwm_t *pwm, int which)
793 {
794 char *buf;
795 char tmp[ASSUAN_LINELENGTH];
796 gpg_error_t error;
797
798 if (!pwm->title)
799 pwm->title = xstrdup(N_("LibPWMD"));
800
801 if (!pwm->prompt)
802 pwm->prompt = xstrdup(N_("Password:"));
803
804 if (!pwm->desc && !which)
805 pwm->desc = xstrdup(N_("Enter a password."));
806
807 if (which == 1) {
808 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Invalid password, please try again."));
809 buf = xstrdup(tmp);
810 }
811 else if (which == 2) {
812 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Please type the password again for confirmation."));
813 buf = xstrdup(tmp);
814 }
815 else {
816 buf = (char *)xmalloc(strlen("SETERROR ") + strlen(pwm->desc) + 1);
817 sprintf(buf, "SETERROR %s", pwm->desc);
818 }
819
820 error = pinentry_command(pwm, NULL, buf);
821 xfree(buf);
822
823 if (error)
824 return error;
825
826 buf = (char *)xmalloc(strlen("SETPROMPT ") + strlen(pwm->prompt) + 1);
827 sprintf(buf, "SETPROMPT %s", pwm->prompt);
828 error = pinentry_command(pwm, NULL, buf);
829 xfree(buf);
830
831 if (error)
832 return error;
833
834 buf = (char *)xmalloc(strlen("SETDESC ") + strlen(pwm->title) + 1);
835 sprintf(buf, "SETDESC %s", pwm->title);
836 error = pinentry_command(pwm, NULL, buf);
837 xfree(buf);
838 return error;
839 }
840
841 static void update_pinentry_settings(pwm_t *pwm)
842 {
843 FILE *fp;
844 char buf[LINE_MAX];
845 struct passwd *pw = getpwuid(getuid());
846 char *p;
847
848 snprintf(buf, sizeof(buf), "%s/.pwmd/pinentry.conf", pw->pw_dir);
849
850 if ((fp = fopen(buf, "r")) == NULL)
851 return;
852
853 while ((p = fgets(buf, sizeof(buf), fp)) != NULL) {
854 char name[32], val[256];
855
856 if (sscanf(p, " %31[a-zA-Z] = %255s", name, val) != 2)
857 continue;
858
859 if (strcasecmp(name, "TTYNAME") == 0) {
860 xfree(pwm->pinentry_tty);
861 pwm->pinentry_tty = xstrdup(val);
862 }
863 else if (strcasecmp(name, "TTYTYPE") == 0) {
864 xfree(pwm->pinentry_term);
865 pwm->pinentry_term = xstrdup(val);
866 }
867 else if (strcasecmp(name, "DISPLAY") == 0) {
868 xfree(pwm->pinentry_display);
869 pwm->pinentry_display = xstrdup(val);
870 }
871 else if (strcasecmp(name, "PATH") == 0) {
872 xfree(pwm->pinentry_path);
873 pwm->pinentry_path = xstrdup(val);
874 }
875 }
876
877 fclose(fp);
878 }
879
880 static gpg_error_t launch_pinentry(pwm_t *pwm)
881 {
882 int rc;
883 assuan_context_t ctx;
884 int child_list[] = {-1};
885 char *display = getenv("DISPLAY");
886 const char *argv[6];
887 int have_display = 0;
888 char *tty = NULL;
889
890 update_pinentry_settings(pwm);
891
892 if (pwm->pinentry_display || display)
893 have_display = 1;
894 else {
895 tty = pwm->pinentry_tty ? pwm->pinentry_tty : ttyname(STDOUT_FILENO);
896
897 if (!tty)
898 return gpg_error_from_errno(errno);
899 }
900
901 if (!have_display && !tty)
902 return GPG_ERR_ENOTTY;
903
904 argv[0] = "pinentry";
905 argv[1] = have_display ? "--display" : "--ttyname";
906 argv[2] = have_display ? pwm->pinentry_display ? pwm->pinentry_display : display : tty;
907 argv[3] = NULL;
908
909 if (!have_display) {
910 argv[3] = "--ttytype";
911 argv[4] = pwm->pinentry_term ? pwm->pinentry_term : getenv("TERM");
912 argv[5] = NULL;
913 }
914
915 rc = assuan_pipe_connect(&ctx, pwm->pinentry_path ? pwm->pinentry_path : PINENTRY_PATH, argv, child_list);
916
917 if (rc)
918 return rc;
919
920 pwm->pid = assuan_get_pid(ctx);
921 pwm->pctx = ctx;
922 return set_pinentry_strings(pwm, 0);
923 }
924
925 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd)
926 {
927 gpg_error_t n;
928
929 if (!pwm->pctx) {
930 n = launch_pinentry(pwm);
931
932 if (n)
933 return n;
934 }
935
936 return assuan_command(pwm, pwm->pctx, result, cmd);
937 }
938
939 static void pinentry_disconnect(pwm_t *pwm)
940 {
941 if (pwm->pctx)
942 assuan_disconnect(pwm->pctx);
943
944 pwm->pctx = NULL;
945 pwm->pid = -1;
946 }
947
948 /*
949 * Only called from a child process.
950 */
951 static void catchsig(int sig)
952 {
953 switch (sig) {
954 case SIGALRM:
955 if (gelapsed++ >= gtimeout) {
956 global_error = pwmd_terminate_pinentry(gpwm);
957
958 if (!global_error)
959 global_error = GPG_ERR_TIMEOUT;
960
961 break;
962 }
963
964 alarm(1);
965 break;
966 default:
967 break;
968 }
969 }
970
971 /*
972 * Borrowed from libassuan.
973 */
974 static char *percent_escape(const char *atext)
975 {
976 const unsigned char *s;
977 int len = strlen(atext) * 3 + 1;
978 char *buf = (char *)xmalloc(len), *p = buf;
979
980 if (!buf)
981 return NULL;
982
983 for (s=(const unsigned char *)atext; *s; s++) {
984 if (*s < ' ') {
985 sprintf (p, "%%%02X", *s);
986 p += 3;
987 }
988 else
989 *p++ = *s;
990 }
991
992 *p = 0;
993 return buf;
994 }
995 #endif
996
997 static gpg_error_t send_command(pwm_t *pwm, char **result, const char *cmd)
998 {
999 if (!cmd)
1000 return GPG_ERR_INV_ARG;
1001
1002 return assuan_command(pwm, pwm->ctx, result, cmd);
1003 }
1004
1005 /*
1006 * Avoid sending the BYE command here. libassuan will close the file
1007 * descriptor and release the assuan context. Use pwmd_close() instead.
1008 */
1009 gpg_error_t pwmd_command(pwm_t *pwm, char **result, const char *cmd, ...)
1010 {
1011 va_list ap;
1012 char *buf;
1013 size_t len;
1014 gpg_error_t error;
1015
1016 if (!pwm || !cmd)
1017 return GPG_ERR_INV_ARG;
1018
1019 *result = NULL;
1020 va_start(ap, cmd);
1021 /*
1022 * C99 allows the dst pointer to be null which will calculate the length
1023 * of the result and return it.
1024 */
1025 len = vsnprintf(NULL, 0, cmd, ap);
1026 buf = (char *)xmalloc(len + 1);
1027 len = vsnprintf(buf, len + 1, cmd, ap);
1028 va_end(ap);
1029 error = send_command(pwm, result, buf);
1030 xfree(buf);
1031 return error;
1032 }
1033
1034 #ifdef USE_PINENTRY
1035 static gpg_error_t do_getpin(pwm_t *pwm, char **result)
1036 {
1037 if (gtimeout) {
1038 signal(SIGALRM, catchsig);
1039 alarm(1);
1040 }
1041
1042 *result = NULL;
1043 return pinentry_command(pwm, result, "GETPIN");
1044 }
1045
1046 static gpg_error_t getpin(pwm_t *pwm, char **result, int *try_n, int which)
1047 {
1048 int pin_try = *try_n;
1049 gpg_error_t error;
1050
1051 getpin_again:
1052 *try_n = pin_try;
1053
1054 if (pin_try == -1) {
1055 error = set_pinentry_strings(pwm, which);
1056
1057 if (error) {
1058 pinentry_disconnect(pwm);
1059 return error;
1060 }
1061 }
1062 else {
1063 if (pwm->pinentry_tries-1 != pin_try) {
1064 error = set_pinentry_strings(pwm, 1);
1065
1066 if (error) {
1067 pinentry_disconnect(pwm);
1068 return error;
1069 }
1070 }
1071 }
1072
1073 error = do_getpin(pwm, result);
1074
1075 /*
1076 * Since there was input cancel any timeout setting.
1077 */
1078 alarm(0);
1079
1080 if (error) {
1081 if (error == GPG_ERR_CANCELED)
1082 return GPG_ERR_CANCELED;
1083
1084 if (pin_try != -1 && pin_try--)
1085 goto getpin_again;
1086
1087 if (pwm->pctx)
1088 pinentry_disconnect(pwm);
1089
1090 *try_n = pin_try;
1091 return error;
1092 }
1093
1094 return 0;
1095 }
1096 #endif
1097
1098 gpg_error_t pwmd_open_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
1099 {
1100 gpg_error_t error;
1101
1102 #ifndef USE_PINENTRY
1103 return GPG_ERR_NOT_IMPLEMENTED;
1104 #endif
1105
1106 if (!pwm || !pw || !pw->filename[0])
1107 return GPG_ERR_INV_ARG;
1108
1109 close(pw->fd);
1110
1111 if (pw->error) {
1112 error = pw->error;
1113 goto fail;
1114 }
1115
1116 if (pwm->filename)
1117 xfree(pwm->filename);
1118
1119 pwm->filename = xstrdup(pw->filename);
1120 memset(pw, 0, sizeof(pwmd_nb_status_t));
1121 return 0;
1122
1123 fail:
1124 memset(pw, 0, sizeof(pwmd_nb_status_t));
1125 return error;
1126 }
1127
1128 static gpg_error_t do_open_command(pwm_t *pwm, const char *filename, char *password)
1129 {
1130 char buf[ASSUAN_LINELENGTH];
1131 gpg_error_t error;
1132 char *result = NULL;
1133
1134 snprintf(buf, sizeof(buf), "OPEN %s %s", filename, password ? password : "");
1135 error = send_command(pwm, &result, buf);
1136 memset(buf, 0, sizeof(buf));
1137
1138 if (error && result)
1139 xfree(result);
1140
1141 return error;
1142 }
1143
1144 static int do_pwmd_open(pwm_t *pwm, gpg_error_t *error, const char *filename,
1145 int nb, int timeout)
1146 {
1147 char *result = NULL;
1148 char *password = NULL;
1149 char path[PATH_MAX];
1150 #ifdef USE_PINENTRY
1151 int pin_try;
1152 #endif
1153
1154 if (!pwm || !filename || !*filename) {
1155 *error = GPG_ERR_INV_ARG;
1156 return nb ? -1 : 1;
1157 }
1158
1159 #ifdef USE_PINENTRY
1160 pin_try = pwm->pinentry_tries - 1;
1161 #endif
1162
1163 /*
1164 * Avoid calling pinentry if the password is cached on the server or if
1165 * this is a new file.
1166 */
1167 *error = pwmd_command(pwm, &result, "GETCONFIG data_directory");
1168
1169 if (*error)
1170 return nb ? -1 : 1;
1171
1172 snprintf(path, sizeof(path), "%s/%s", result, filename);
1173 pwmd_free_result(result);
1174
1175 if (access(path, R_OK) == -1) {
1176 if (errno == ENOENT)
1177 goto gotpassword;
1178 }
1179
1180 *error = pwmd_command(pwm, &result, "ISCACHED %s", filename);
1181
1182 if (*error == EPWMD_CACHE_NOT_FOUND) {
1183 if (pwm->passfunc) {
1184 password = pwm->passfunc(pwm, pwm->passdata);
1185 goto gotpassword;
1186 }
1187
1188 #ifdef USE_PINENTRY
1189 /*
1190 * Get the password from pinentry.
1191 */
1192 if (pwm->use_pinentry) {
1193 /*
1194 * Nonblocking is wanted. fork() then return a file descriptor
1195 * that the client can use to read() from.
1196 */
1197 if (nb) {
1198 int p[2];
1199 pid_t pid;
1200 pwmd_nb_status_t pw;
1201
1202 if (pipe(p) == -1) {
1203 *error = gpg_error_from_syserror();
1204 return -1;
1205 }
1206
1207 pid = fork();
1208
1209 switch (pid) {
1210 case 0:
1211 close(p[0]);
1212 strncpy(pw.filename, filename, sizeof(pw.filename));
1213 pw.filename[sizeof(pw.filename)-1] = 0;
1214 pw.fd = p[0];
1215
1216 if (timeout > 0) {
1217 gpwm = pwm;
1218 gtimeout = timeout;
1219 gelapsed = 0;
1220 }
1221
1222 getpin_nb_again:
1223 *error = getpin(pwm, &password, &pin_try, 0);
1224
1225 if (*error) {
1226 getpin_nb_fail:
1227 if (pwm->pctx)
1228 pinentry_disconnect(pwm);
1229
1230 if (gtimeout && gelapsed >= gtimeout)
1231 *error = GPG_ERR_TIMEOUT;
1232
1233 pw.error = *error;
1234 write(p[1], &pw, sizeof(pw));
1235 close(p[1]);
1236 _exit(1);
1237 }
1238
1239 /*
1240 * Don't count the time it takes to open the file
1241 * which may have many iterations.
1242 */
1243 signal(SIGALRM, SIG_DFL);
1244 *error = do_open_command(pwm, filename, password);
1245
1246 if (timeout)
1247 signal(SIGALRM, catchsig);
1248
1249 if (pwm->pctx && *error == EPWMD_BADKEY) {
1250 if (pin_try-- > 0)
1251 goto getpin_nb_again;
1252
1253 goto getpin_nb_fail;
1254 }
1255
1256 pinentry_disconnect(pwm);
1257 pw.error = 0;
1258 write(p[1], &pw, sizeof(pw));
1259 close(p[1]);
1260 _exit(0);
1261 break;
1262 case -1:
1263 *error = gpg_error_from_syserror();
1264 close(p[0]);
1265 close(p[1]);
1266 return -1;
1267 default:
1268 break;
1269 }
1270
1271 close(p[1]);
1272 return p[0];
1273 }
1274 }
1275 else {
1276 #endif
1277 /*
1278 * Not using pinentry and the file was not found
1279 * in the cache.
1280 */
1281 password = pwm->password;
1282 #ifdef USE_PINENTRY
1283 }
1284 #endif
1285 }
1286 else if (*error)
1287 return nb ? -1 : 1;
1288
1289 gotpassword:
1290 *error = do_open_command(pwm, filename, password);
1291
1292 /*
1293 * Keep the user defined password set with pwmd_setopt(). The password may
1294 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
1295 */
1296 if (password && password != pwm->password)
1297 xfree(password);
1298
1299 #ifdef USE_PINENTRY
1300 if (*error == EPWMD_BADKEY) {
1301 if (pin_try-- > 0 && !nb) {
1302 *error = pwmd_command(pwm, &result, "OPTION TITLE=%s",
1303 N_("Invalid password, please try again."));
1304
1305 if (*error)
1306 return 1;
1307
1308 goto gotpassword;
1309 }
1310
1311 if (nb)
1312 pinentry_disconnect(pwm);
1313
1314 return nb ? -1 : 1;
1315 }
1316 #endif
1317
1318 if (!*error) {
1319 if (pwm->filename)
1320 xfree(pwm->filename);
1321
1322 pwm->filename = xstrdup(filename);
1323 }
1324
1325 /*
1326 * The file is cached or the file is a new file.
1327 */
1328 if (nb)
1329 return *error ? -1 : -2;
1330
1331 return *error ? 1 : 0;
1332 }
1333
1334 gpg_error_t pwmd_open(pwm_t *pwm, const char *filename)
1335 {
1336 gpg_error_t error;
1337
1338 do_pwmd_open(pwm, &error, filename, 0, 0);
1339 return error;
1340 }
1341
1342 int pwmd_open_nb(pwm_t *pwm, gpg_error_t *error, const char *filename,
1343 int timeout)
1344 {
1345 #ifndef USE_PINENTRY
1346 *error = GPG_ERR_NOT_IMPLEMENTED;
1347 return -1;
1348 #else
1349 return do_pwmd_open(pwm, error, filename, 1, timeout);
1350 #endif
1351 }
1352
1353 #ifdef USE_PINENTRY
1354 static gpg_error_t do_save_getpin(pwm_t *pwm, char **password)
1355 {
1356 int confirm = 0;
1357 gpg_error_t error;
1358 char *result = NULL;
1359 int pin_try = -1;
1360
1361 again:
1362 error = getpin(pwm, &result, &pin_try, confirm ? 2 : 0);
1363
1364 if (error) {
1365 if (pwm->pctx)
1366 pinentry_disconnect(pwm);
1367
1368 if (*password)
1369 xfree(*password);
1370
1371 return error;
1372 }
1373
1374 if (!confirm++) {
1375 *password = result;
1376 goto again;
1377 }
1378
1379 if (strcmp(*password, result)) {
1380 xfree(*password);
1381 xfree(result);
1382 pinentry_disconnect(pwm);
1383 error = EPWMD_BADKEY;
1384 return error;
1385 }
1386
1387 xfree(result);
1388 pinentry_disconnect(pwm);
1389 return 0;
1390 }
1391 #endif
1392
1393 static gpg_error_t do_save_command(pwm_t *pwm, char *password)
1394 {
1395 char buf[ASSUAN_LINELENGTH];
1396 gpg_error_t error;
1397 char *result = NULL;
1398
1399 snprintf(buf, sizeof(buf), "SAVE %s", password ? password : "");
1400 error = send_command(pwm, &result, buf);
1401 memset(&buf, 0, sizeof(buf));
1402
1403 if (error && result)
1404 xfree(result);
1405
1406 return error;
1407 }
1408
1409 gpg_error_t pwmd_save_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
1410 {
1411 gpg_error_t rc;
1412
1413 #ifndef USE_PINENTRY
1414 return GPG_ERR_NOT_IMPLEMENTED;
1415 #endif
1416
1417 if (!pwm || !pw || !pw->filename[0])
1418 return GPG_ERR_INV_ARG;
1419
1420 close(pw->fd);
1421 rc = pw->error;
1422 memset(pw, 0, sizeof(pwmd_nb_status_t));
1423 return rc;
1424 }
1425
1426 static int do_pwmd_save(pwm_t *pwm, gpg_error_t *error, int nb)
1427 {
1428 char *result = NULL;
1429 char *password = NULL;
1430
1431 if (!pwm) {
1432 *error = GPG_ERR_INV_ARG;
1433 return nb ? -1 : 1;
1434 }
1435
1436 if (pwm->use_pinentry || pwm->passfunc) {
1437 *error = pwmd_command(pwm, &result, "ISCACHED %s", pwm->filename);
1438
1439 if (*error == EPWMD_CACHE_NOT_FOUND) {
1440 #ifdef USE_PINENTRY
1441 if (pwm->use_pinentry) {
1442 if (nb) {
1443 int p[2];
1444 pid_t pid;
1445 pwmd_nb_status_t pw;
1446
1447 if (pipe(p) == -1) {
1448 *error = gpg_error_from_syserror();
1449 return -1;
1450 }
1451
1452 pid = fork();
1453
1454 switch (pid) {
1455 case 0:
1456 close(p[0]);
1457 strncpy(pw.filename, pwm->filename, sizeof(pw.filename));
1458 pw.filename[sizeof(pw.filename)-1] = 0;
1459 pw.fd = p[0];
1460
1461 do {
1462 password = NULL;
1463 *error = do_save_getpin(pwm, &password);
1464 } while (*error == EPWMD_BADKEY);
1465
1466 if (*error) {
1467 if (pwm->pctx)
1468 pinentry_disconnect(pwm);
1469
1470 pw.error = *error;
1471 write(p[1], &pw, sizeof(pw));
1472 close(p[1]);
1473 _exit(1);
1474 }
1475
1476 *error = do_save_command(pwm, password);
1477 pinentry_disconnect(pwm);
1478 pw.error = *error;
1479 write(p[1], &pw, sizeof(pw));
1480 close(p[1]);
1481 _exit(0);
1482 break;
1483 case -1:
1484 *error = gpg_error_from_syserror();
1485 close(p[0]);
1486 close(p[1]);
1487 return -1;
1488 default:
1489 break;
1490 }
1491
1492 close(p[1]);
1493 return p[0];
1494 }
1495
1496 *error = do_save_getpin(pwm, &password);
1497
1498 if (*error)
1499 return 1;
1500 }
1501 else {
1502 #endif
1503 if (pwm->passfunc)
1504 password = (*pwm->passfunc)(pwm, pwm->passdata);
1505 #ifdef USE_PINENTRY
1506 }
1507 #endif
1508 }
1509 else {
1510 if (*error)
1511 return nb ? -1 : 1;
1512 }
1513 }
1514 else
1515 password = pwm->password;
1516
1517 *error = do_save_command(pwm, password);
1518
1519 if (password && password != pwm->password)
1520 xfree(password);
1521
1522 if (nb)
1523 return *error ? -1 : -2;
1524
1525 return *error ? 1 : 0;
1526 }
1527
1528 int pwmd_save_nb(pwm_t *pwm, gpg_error_t *error)
1529 {
1530 #ifndef USE_PINENTRY
1531 *error = GPG_ERR_NOT_IMPLEMENTED;
1532 return -1;
1533 #else
1534 return do_pwmd_save(pwm, error, 1);
1535 #endif
1536 }
1537
1538 gpg_error_t pwmd_save(pwm_t *pwm)
1539 {
1540 gpg_error_t error;
1541
1542 do_pwmd_save(pwm, &error, 0);
1543 return error;
1544 }
1545
1546 gpg_error_t pwmd_setopt(pwm_t *pwm, pwmd_option_t opt, ...)
1547 {
1548 va_list ap;
1549 #ifdef USE_PINENTRY
1550 int n = va_arg(ap, int);
1551 char *result;
1552 #endif
1553 char *arg1;
1554 gpg_error_t error = 0;
1555
1556 if (!pwm)
1557 return GPG_ERR_INV_ARG;
1558
1559 va_start(ap, opt);
1560
1561 switch (opt) {
1562 case PWMD_OPTION_STATUS_FUNC:
1563 pwm->status_func = va_arg(ap, pwmd_status_fn);
1564 break;
1565 case PWMD_OPTION_STATUS_DATA:
1566 pwm->status_data = va_arg(ap, void *);
1567 break;
1568 case PWMD_OPTION_PASSWORD_FUNC:
1569 pwm->passfunc = va_arg(ap, pwmd_password_fn);
1570 break;
1571 case PWMD_OPTION_PASSWORD_DATA:
1572 pwm->passdata = va_arg(ap, void *);
1573 break;
1574 case PWMD_OPTION_PASSWORD:
1575 arg1 = va_arg(ap, char *);
1576
1577 if (pwm->password)
1578 xfree(pwm->password);
1579
1580 pwm->password = xstrdup(arg1);
1581 break;
1582 #ifdef USE_PINENTRY
1583 case PWMD_OPTION_PINENTRY:
1584 n = va_arg(ap, int);
1585
1586 if (n != 0 && n != 1) {
1587 va_end(ap);
1588 error = GPG_ERR_INV_VALUE;
1589 }
1590 else {
1591 pwm->use_pinentry = n;
1592 error = pwmd_command(pwm, &result, "OPTION PINENTRY=%i",
1593 !pwm->use_pinentry);
1594 }
1595 break;
1596 case PWMD_OPTION_PINENTRY_TRIES:
1597 n = va_arg(ap, int);
1598
1599 if (n <= 0) {
1600 va_end(ap);
1601 error = GPG_ERR_INV_VALUE;
1602 }
1603 else
1604 pwm->pinentry_tries = n;
1605 break;
1606 case PWMD_OPTION_PINENTRY_PATH:
1607 if (pwm->pinentry_path)
1608 xfree(pwm->pinentry_path);
1609
1610 pwm->pinentry_path = xstrdup(va_arg(ap, char *));
1611 break;
1612 case PWMD_OPTION_PINENTRY_TTY:
1613 if (pwm->pinentry_tty)
1614 xfree(pwm->pinentry_tty);
1615
1616 pwm->pinentry_tty = xstrdup(va_arg(ap, char *));
1617 break;
1618 case PWMD_OPTION_PINENTRY_DISPLAY:
1619 if (pwm->pinentry_display)
1620 xfree(pwm->pinentry_display);
1621
1622 pwm->pinentry_display = xstrdup(va_arg(ap, char *));
1623 break;
1624 case PWMD_OPTION_PINENTRY_TERM:
1625 if (pwm->pinentry_term)
1626 xfree(pwm->pinentry_term);
1627
1628 pwm->pinentry_term = xstrdup(va_arg(ap, char *));
1629 break;
1630 case PWMD_OPTION_PINENTRY_TITLE:
1631 if (pwm->title)
1632 xfree(pwm->title);
1633 pwm->title = percent_escape(va_arg(ap, char *));
1634 break;
1635 case PWMD_OPTION_PINENTRY_PROMPT:
1636 if (pwm->prompt)
1637 xfree(pwm->prompt);
1638 pwm->prompt = percent_escape(va_arg(ap, char *));
1639 break;
1640 case PWMD_OPTION_PINENTRY_DESC:
1641 if (pwm->desc)
1642 xfree(pwm->desc);
1643 pwm->desc = percent_escape(va_arg(ap, char *));
1644 break;
1645 #else
1646 case PWMD_OPTION_PINENTRY:
1647 case PWMD_OPTION_PINENTRY_TRIES:
1648 case PWMD_OPTION_PINENTRY_PATH:
1649 case PWMD_OPTION_PINENTRY_TTY:
1650 case PWMD_OPTION_PINENTRY_DISPLAY:
1651 case PWMD_OPTION_PINENTRY_TERM:
1652 case PWMD_OPTION_PINENTRY_TITLE:
1653 case PWMD_OPTION_PINENTRY_PROMPT:
1654 case PWMD_OPTION_PINENTRY_DESC:
1655 error = GPG_ERR_NOT_IMPLEMENTED;
1656 break;
1657 #endif
1658 default:
1659 error = GPG_ERR_NOT_IMPLEMENTED;
1660 break;
1661 }
1662
1663 va_end(ap);
1664 return error;
1665 }
1666
1667 gpg_error_t pwmd_assuan_ctx(pwm_t *pwm, assuan_context_t *ctx, int *fd)
1668 {
1669 if (!pwm)
1670 return GPG_ERR_INV_ARG;
1671
1672 *ctx = pwm->ctx;
1673 *fd = pwm->fd;
1674 return 0;
1675 }
An API for pwmd.