search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New memory allocators.
[libpwmd.git] / src / libpwmd.c
blobeb41c24394ab5012121260d11199f77fe14db2d6
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
3 2016
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of libpwmd.
7
8 Libpwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Libpwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <unistd.h>
28 #include <err.h>
29 #include <errno.h>
30 #include <ctype.h>
31 #include <string.h>
32 #include <sys/types.h>
33 #include <sys/socket.h>
34 #include <sys/un.h>
35 #include <signal.h>
36 #include <stdarg.h>
37 #include <string.h>
38 #include <sys/wait.h>
39 #include <fcntl.h>
40 #include <pwd.h>
41 #include <time.h>
42 #include <limits.h>
43 #include <sys/select.h>
44 #include <termios.h>
45 #include <libpwmd.h>
46
47 #ifdef HAVE_STRINGS_H
48 #include <strings.h>
49 #endif
50
51 #ifndef LINE_MAX
52 #define LINE_MAX 2048
53 #endif
54
55 #include "mem.h"
56 #include "misc.h"
57 #include "types.h"
58
59 #ifdef WITH_PINENTRY
60 #include "pinentry.h"
61 #endif
62
63 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
64 #include <sys/types.h>
65 #include <sys/socket.h>
66 #include <netdb.h>
67 #include <netinet/in.h>
68 #endif
69
70 #define FINISH(rc) (gpg_err_source(rc) == GPG_ERR_SOURCE_UNKNOWN) \
71 ? gpg_error(rc) : rc
72
73 typedef struct
74 {
75 size_t len;
76 void *buf;
77 } membuf_t;
78
79 ssize_t
80 hook_read (assuan_context_t ctx, assuan_fd_t fd, void *data, size_t len)
81 {
82 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
83 pwm_t *pwm = assuan_get_pointer (ctx);
84
85 #ifdef WITH_SSH
86 if (pwm && pwm->tcp && pwm->tcp->ssh)
87 return read_hook_ssh (pwm->tcp->ssh, fd, data, len);
88 #endif
89 #ifdef WITH_GNUTLS
90 if (pwm && pwm->tcp && pwm->tcp->tls)
91 return read_hook_tls (pwm, fd, data, len);
92 #endif
93 #endif
94
95 return read ((int) fd, data, len);
96 }
97
98 ssize_t
99 hook_write (assuan_context_t ctx, assuan_fd_t fd, const void *data,
100 size_t len)
101 {
102 ssize_t wrote;
103 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
104 pwm_t *pwm = assuan_get_pointer (ctx);
105
106 #ifdef WITH_SSH
107 if (pwm && pwm->tcp && pwm->tcp->ssh)
108 return write_hook_ssh (pwm->tcp->ssh, fd, data, len);
109 #endif
110 #ifdef WITH_GNUTLS
111 if (pwm && pwm->tcp && pwm->tcp->tls)
112 return write_hook_tls (pwm, fd, data, len);
113 #endif
114 #endif
115
116 /* libassuan cannot handle EAGAIN when doing writes. */
117 do
118 {
119 wrote = write ((int) fd, data, len);
120 if (wrote == -1 && errno == EAGAIN)
121 usleep (50000);
122 }
123 while (wrote == -1 && errno == EAGAIN);
124
125 return wrote;
126 }
127
128 pid_t
129 hook_waitpid (assuan_context_t ctx, pid_t pid, int action, int *status,
130 int options)
131 {
132 return waitpid (pid, status, options);
133 }
134
135 gpg_error_t
136 pwmd_init ()
137 {
138 static int initialized;
139
140 #ifdef WITH_GNUTLS
141 // May be called more than once.
142 gnutls_global_init ();
143 #endif
144
145 if (initialized)
146 return 0;
147
148 #ifdef ENABLE_NLS
149 bindtextdomain ("libpwmd", LOCALEDIR);
150 #endif
151 #ifdef WITH_SSH
152 libssh2_init (0);
153 #endif
154 gpgrt_init ();
155 gpgrt_set_alloc_func (_xrealloc_gpgrt);
156 initialized = 1;
157 return 0;
158 }
159
160 void
161 pwmd_deinit ()
162 {
163 #ifdef WITH_GNUTLS
164 gnutls_global_deinit ();
165 #endif
166 }
167
168 gpg_error_t
169 _connect_finalize (pwm_t * pwm)
170 {
171 gpg_error_t rc = 0;
172 char *result = NULL;
173 int active[2];
174 int n = assuan_get_active_fds (pwm->ctx, 0, active, N_ARRAY (active));
175
176 if (n <= 0)
177 return GPG_ERR_EBADFD;
178
179 pwm->fd = active[0];
180 #ifdef WITH_PINENTRY
181 pwm->pinentry_pid = -1;
182 #endif
183
184 rc = pwmd_command (pwm, &result, NULL, NULL, NULL, "GETINFO VERSION");
185 if (!rc)
186 {
187 pwm->version = strtoul (result, NULL, 16);
188 pwmd_free (result);
189 }
190
191 if (!rc && pwm->name)
192 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION NAME=%s",
193 pwm->name);
194
195 return rc;
196 }
197
198 static gpg_error_t
199 connect_uds (pwm_t * pwm, const char *path)
200 {
201 char *socketpath = NULL;
202 struct passwd pw;
203 char *pwbuf;
204 gpg_error_t rc;
205
206 if (!pwm)
207 return GPG_ERR_INV_ARG;
208
209 pwbuf = _getpwuid (&pw);
210 if (!pwbuf)
211 return gpg_error_from_syserror ();
212
213 if (!path || !*path)
214 socketpath = pwmd_strdup_printf ("%s/.pwmd/socket", pw.pw_dir);
215 else
216 socketpath = _expand_homedir ((char *) path, &pw);
217
218 pwmd_free (pwbuf);
219 if (!socketpath)
220 return GPG_ERR_ENOMEM;
221
222 rc = assuan_socket_connect (pwm->ctx, socketpath, ASSUAN_INVALID_FD, 0);
223 pwmd_free (socketpath);
224 return rc ? rc : _connect_finalize (pwm);
225 }
226
227 static gpg_error_t
228 init_handle (pwm_t * pwm)
229 {
230 gpg_error_t rc;
231 static struct assuan_malloc_hooks mhooks = {
232 pwmd_malloc, pwmd_realloc, pwmd_free
233 };
234 static struct assuan_system_hooks shooks = {
235 ASSUAN_SYSTEM_HOOKS_VERSION,
236 __assuan_usleep,
237 __assuan_pipe,
238 __assuan_close,
239 hook_read,
240 hook_write,
241 //FIXME
242 NULL, //recvmsg
243 NULL, //sendmsg both are used for FD passing
244 __assuan_spawn,
245 hook_waitpid,
246 __assuan_socketpair,
247 __assuan_socket,
248 __assuan_connect
249 };
250
251 rc = assuan_new_ext (&pwm->ctx, GPG_ERR_SOURCE_DEFAULT, &mhooks, NULL,
252 NULL);
253 if (rc)
254 return rc;
255
256 assuan_set_pointer (pwm->ctx, pwm);
257 assuan_ctx_set_system_hooks (pwm->ctx, &shooks);
258 return 0;
259 }
260
261 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
262 void
263 free_tcp (pwm_t *pwm)
264 {
265 struct tcp_s *tcp = pwm->tcp;
266
267 if (!tcp)
268 return;
269
270 #ifdef WITH_SSH
271 _free_ssh_conn (tcp->ssh);
272 #endif
273 #ifdef WITH_GNUTLS
274 tls_free (pwm);
275 #endif
276
277 pwmd_free (tcp->host);
278 if (tcp->addrs)
279 {
280 freeaddrinfo (tcp->addrs);
281 tcp->addrs = NULL;
282 }
283
284 pthread_cond_destroy (&tcp->dns_cond);
285 pthread_mutex_destroy (&tcp->dns_mutex);
286 pwmd_free (tcp);
287 pwm->tcp = NULL;
288 }
289 #endif
290
291 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
292 static void *
293 resolve_host_thread (void *arg)
294 {
295 pwm_t *pwm = arg;
296 struct addrinfo hints = { 0 };
297 char portstr[6];
298
299 switch (pwm->prot)
300 {
301 case PWMD_IP_ANY:
302 hints.ai_family = AF_UNSPEC;
303 break;
304 case PWMD_IPV4:
305 hints.ai_family = AF_INET;
306 break;
307 case PWMD_IPV6:
308 hints.ai_family = AF_INET6;
309 break;
310 }
311
312 hints.ai_socktype = SOCK_STREAM;
313 snprintf (portstr, sizeof (portstr), "%i", pwm->tcp->port);
314 int *n = pwmd_malloc (sizeof (int));
315 pthread_cleanup_push (pwmd_free, n);
316 *n = getaddrinfo (pwm->tcp->host, portstr, &hints, &pwm->tcp->addrs);
317 pthread_cleanup_pop (0);
318 pthread_cond_broadcast (&pwm->tcp->dns_cond);
319 pthread_exit (n);
320 return NULL;
321 }
322
323 gpg_error_t
324 tcp_connect_common (pwm_t * pwm)
325 {
326 #define TS_TIMEOUT 50000000L
327 int n;
328 gpg_error_t rc = 0;
329 pthread_t tid;
330 time_t now;
331
332 time (&now);
333 n = pthread_create (&tid, NULL, resolve_host_thread, pwm);
334 if (n)
335 return gpg_error_from_errno (n);
336
337 pthread_mutex_lock (&pwm->tcp->dns_mutex);
338
339 for (;;)
340 {
341 struct timespec ts;
342 int *result = NULL;
343
344 clock_gettime (CLOCK_REALTIME, &ts);
345 if (ts.tv_nsec + TS_TIMEOUT >= 1000000000LL) {
346 ts.tv_sec++;
347 ts.tv_nsec = 0;
348 }
349 else
350 ts.tv_nsec += TS_TIMEOUT;
351
352 if (pwm->cancel)
353 {
354 #ifdef HAVE_PTHREAD_CANCEL
355 pthread_cancel (tid);
356 pthread_join (tid, NULL);
357 #else
358 pthread_join (tid, (void **)&result);
359 pwmd_free (result);
360 #endif
361 return GPG_ERR_CANCELED;
362 }
363
364 n = pthread_cond_timedwait (&pwm->tcp->dns_cond, &pwm->tcp->dns_mutex,
365 &ts);
366 if (n == ETIMEDOUT)
367 {
368 if (pwm->socket_timeout && ts.tv_sec - now >= pwm->socket_timeout)
369 {
370 #ifdef HAVE_PTHREAD_CANCEL
371 pthread_cancel (tid);
372 pthread_join (tid, NULL);
373 #else
374 pthread_join (tid, (void **)&result);
375 pwmd_free (result);
376 #endif
377 return GPG_ERR_ETIMEDOUT;
378 }
379
380 continue;
381 }
382 else if (n)
383 {
384 #ifdef HAVE_PTHREAD_CANCEL
385 pthread_cancel (tid);
386 pthread_join (tid, NULL);
387 #else
388 pthread_join (tid, (void **)&result);
389 pwmd_free (result);
390 #endif
391 return gpg_error_from_errno (n);
392 }
393
394 pthread_join (tid, (void **)&result);
395 n = *result;
396 pwmd_free (result);
397 break;
398 }
399
400 if (n)
401 return GPG_ERR_UNKNOWN_HOST; //FIXME
402
403 for (pwm->tcp->addr = pwm->tcp->addrs; pwm->tcp->addr;
404 pwm->tcp->addr = pwm->tcp->addrs->ai_next)
405 {
406 pwm->fd = socket (pwm->tcp->addr->ai_family, SOCK_STREAM, 0);
407 if (pwm->fd == -1)
408 {
409 rc = gpg_error_from_syserror ();
410 if (pwm->tcp->addr == pwm->tcp->addrs->ai_next)
411 break;
412 continue;
413 }
414
415 if (fcntl (pwm->fd, F_SETFL, O_NONBLOCK) == -1)
416 {
417 rc = gpg_error_from_syserror ();
418 break;
419 }
420
421 if (connect (pwm->fd, pwm->tcp->addr->ai_addr,
422 pwm->tcp->addr->ai_family == AF_INET6
423 ? sizeof (struct sockaddr_in6)
424 : sizeof (struct sockaddr)) == -1)
425 {
426 int n;
427 struct timeval tv;
428 fd_set wfds;
429 unsigned elapsed = 0;
430
431 rc = gpg_error_from_syserror ();
432 if (gpg_err_code (rc) != GPG_ERR_EINPROGRESS)
433 {
434 close (pwm->fd);
435 pwm->fd = -1;
436 if (pwm->tcp->addr == pwm->tcp->addrs->ai_next)
437 return rc;
438 continue;
439 }
440
441 again:
442 tv.tv_sec = 1;
443 tv.tv_usec = 0;
444 FD_ZERO (&wfds);
445 FD_SET (pwm->fd, &wfds);
446 n = select (pwm->fd+1, NULL, &wfds, NULL, &tv);
447 rc = 0;
448 if (!n || pwm->cancel)
449 {
450 if (pwm->cancel)
451 rc = gpg_error (GPG_ERR_CANCELED);
452 else if (++elapsed >= pwm->socket_timeout)
453 rc = gpg_error (GPG_ERR_ETIMEDOUT);
454 else
455 goto again;
456 }
457 else if (n != -1)
458 {
459 socklen_t len = sizeof(int);
460
461 getsockopt (pwm->fd, SOL_SOCKET, SO_ERROR, &n, &len);
462 if (n)
463 rc = gpg_error_from_errno (n);
464 }
465 else if (n == -1)
466 rc = gpg_error_from_syserror ();
467
468 if (rc)
469 {
470 close (pwm->fd);
471 pwm->fd = -1;
472 if (pwm->tcp->addr == pwm->tcp->addrs->ai_next
473 || gpg_err_code (rc) == GPG_ERR_ETIMEDOUT
474 || pwm->cancel)
475 return rc;
476 }
477 else
478 break;
479 }
480 else
481 break;
482 }
483
484 if (!rc)
485 if (fcntl (pwm->fd, F_SETFL, 0) == -1)
486 rc = gpg_error_from_syserror ();
487
488 return rc;
489 }
490 #endif
491
492 static void
493 command_start (pwm_t *pwm)
494 {
495 pwm->cancel = 0;
496 }
497
498 gpg_error_t
499 pwmd_connect (pwm_t * pwm, const char *url, ...)
500 {
501 const char *p = url;
502 gpg_error_t rc;
503
504 if (!pwm)
505 return FINISH (GPG_ERR_INV_ARG);
506 else if (!pwm->ctx)
507 {
508 rc = init_handle (pwm);
509 if (rc)
510 return rc;
511 }
512
513 command_start (pwm);
514
515 if (!(pwm->opts & OPT_SIGPIPE))
516 signal (SIGPIPE, SIG_IGN);
517
518 #ifdef WITH_GNUTLS
519 pwm->tls_error = 0;
520 #endif
521 rc = GPG_ERR_UNSUPPORTED_PROTOCOL;
522
523 if (p && (*p == '/' || *p == '~'))
524 rc = connect_uds (pwm, p);
525 else if (!p || !strncmp (p, "file://", 7))
526 {
527 if (p)
528 p += 7;
529 #ifdef DEFAULT_PWMD_SOCKET
530 else
531 p = DEFAULT_PWMD_SOCKET;
532 #endif
533 rc = connect_uds (pwm, p);
534 }
535 else if (!strncmp (p, "ssh://", 6) || !strncmp (p, "ssh6://", 7) ||
536 !strncmp (p, "ssh4://", 7))
537 {
538 #ifndef WITH_SSH
539 return FINISH (GPG_ERR_NOT_IMPLEMENTED);
540 #else
541 char *host = NULL;
542 int port;
543 char *username = NULL;
544
545 if (!strncmp (p, "ssh6://", 7))
546 {
547 pwm->prot = PWMD_IPV6;
548 p += 7;
549 }
550 else if (!strncmp (p, "ssh4://", 7))
551 {
552 pwm->prot = PWMD_IPV4;
553 p += 7;
554 }
555 else
556 {
557 pwm->prot = PWMD_IP_ANY;
558 p += 6;
559 }
560
561 rc = _parse_ssh_url (p, &host, &port, &username);
562 if (!rc)
563 {
564 va_list ap;
565 char *identity = NULL;
566 char *knownhosts = NULL;
567
568 va_start (ap, url);
569 identity = va_arg (ap, char *);
570
571 if (!identity && !pwm->use_agent)
572 rc = GPG_ERR_INV_ARG;
573 else
574 knownhosts = va_arg (ap, char *);
575
576 va_end (ap);
577
578 if (!rc)
579 rc = _do_ssh_connect (pwm, host, port, identity, username,
580 knownhosts);
581 if (!rc)
582 {
583 rc = _connect_finalize (pwm);
584 if (rc)
585 free_tcp (pwm);
586 }
587 }
588
589 pwmd_free (host);
590 pwmd_free (username);
591 pwm->local_pinentry = 1;
592 #endif
593 }
594 else if (!strncmp (p, "tls://", 6) || !strncmp (p, "tls6://", 7) ||
595 !strncmp (p, "tls4://", 7))
596 {
597 #ifndef WITH_GNUTLS
598 return FINISH (GPG_ERR_NOT_IMPLEMENTED);
599 #else
600 char *host = NULL;
601 int port;
602
603 if (!strncmp (p, "tls6://", 7))
604 {
605 pwm->prot = PWMD_IPV6;
606 p += 7;
607 }
608 else if (!strncmp (p, "tls4://", 7))
609 {
610 pwm->prot = PWMD_IPV4;
611 p += 7;
612 }
613 else
614 {
615 pwm->prot = PWMD_IP_ANY;
616 p += 6;
617 }
618
619 rc = _parse_tls_url (p, &host, &port);
620 if (!rc)
621 {
622 va_list ap;
623 char *clientcert = NULL;
624 char *clientkey = NULL;
625 char *cacert = NULL;
626 char *prio = NULL;
627 char *server_fp = NULL;
628
629 va_start (ap, url);
630 clientcert = va_arg (ap, char *);
631
632 if (!clientcert)
633 rc = GPG_ERR_INV_ARG;
634 else
635 {
636 clientkey = va_arg (ap, char *);
637 if (!clientkey)
638 rc = GPG_ERR_INV_ARG;
639 else
640 {
641 cacert = va_arg (ap, char *);
642 if (!cacert)
643 rc = GPG_ERR_INV_ARG;
644 else
645 {
646 prio = va_arg (ap, char *);
647 server_fp = va_arg (ap, char *);
648 }
649 }
650 }
651
652 va_end (ap);
653
654 if (!rc)
655 rc = _do_tls_connect (pwm, host, port, clientcert, clientkey,
656 cacert, prio, server_fp, pwm->tls_verify);
657 if (!rc)
658 {
659 rc = _connect_finalize (pwm);
660 if (rc)
661 free_tcp (pwm);
662 }
663 }
664
665 pwmd_free (host);
666 pwm->local_pinentry = 1;
667 #endif
668 }
669
670 if (!rc)
671 pwm->connected = 1;
672
673 return FINISH (rc);
674 }
675
676 static void
677 disconnect (pwm_t * pwm)
678 {
679 if (!pwm)
680 return;
681
682 if (pwm->ctx)
683 assuan_release (pwm->ctx);
684
685 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
686 free_tcp (pwm);
687 #endif
688 pwm->ctx = NULL;
689 pwm->fd = -1;
690 pwm->connected = 0;
691 }
692
693 void
694 pwmd_close (pwm_t * pwm)
695 {
696 if (!pwm)
697 return;
698
699 disconnect (pwm);
700 pwmd_free (pwm->pinentry_error);
701 pwmd_free (pwm->pinentry_desc);
702 pwmd_free (pwm->pinentry_prompt);
703 pwmd_free (pwm->pinentry_tty);
704 pwmd_free (pwm->pinentry_display);
705 pwmd_free (pwm->pinentry_term);
706 pwmd_free (pwm->pinentry_lcctype);
707 pwmd_free (pwm->pinentry_lcmessages);
708 pwmd_free (pwm->filename);
709 pwmd_free (pwm->name);
710 pwmd_free (pwm->passphrase_info);
711 pwmd_free (pwm->passphrase_hint);
712
713 #ifdef WITH_PINENTRY
714 if (pwm->pctx)
715 _pinentry_disconnect (pwm);
716 #endif
717
718 pwmd_free (pwm);
719 }
720
721 static gpg_error_t
722 inquire_realloc_cb (void *data, const void *buffer, size_t len)
723 {
724 membuf_t *mem = (membuf_t *) data;
725 void *p;
726
727 if (!buffer)
728 return 0;
729
730 if ((p = pwmd_realloc (mem->buf, mem->len + len)) == NULL)
731 return gpg_error (GPG_ERR_ENOMEM);
732
733 mem->buf = p;
734 memcpy ((char *) mem->buf + mem->len, buffer, len);
735 mem->len += len;
736 return 0;
737 }
738
739 static gpg_error_t
740 get_password (pwm_t * pwm, char **result, size_t * len,
741 pwmd_pinentry_t w, int echo)
742 {
743 char buf[LINE_MAX] = { 0 }, *p;
744 struct termios told, tnew;
745 char *key = NULL;
746
747 if (result)
748 *result = NULL;
749
750 if (len)
751 *len = 0;
752
753 if (!isatty (STDIN_FILENO))
754 {
755 fprintf (stderr, N_("Input is not from a terminal! Failing.\n"));
756 return GPG_ERR_ENOTTY;
757 }
758
759 if (!echo)
760 {
761 if (tcgetattr (STDIN_FILENO, &told) == -1)
762 return gpg_error_from_syserror ();
763
764 memcpy (&tnew, &told, sizeof (struct termios));
765 tnew.c_lflag &= ~(ECHO);
766 tnew.c_lflag |= ICANON | ECHONL;
767
768 if (tcsetattr (STDIN_FILENO, TCSANOW, &tnew) == -1)
769 {
770 int n = errno;
771
772 tcsetattr (STDIN_FILENO, TCSANOW, &told);
773 return gpg_error_from_errno (n);
774 }
775 }
776
777 if (pwm->passphrase_hint)
778 fprintf(stderr, N_("Key info: %s\n"), pwm->passphrase_hint);
779
780 switch (w)
781 {
782 case PWMD_PINENTRY_OPEN:
783 fprintf (stderr, N_("Password for %s: "), pwm->filename);
784 break;
785 case PWMD_PINENTRY_OPEN_FAILED:
786 fprintf (stderr, N_("Invalid password. Password for %s: "),
787 pwm->filename);
788 break;
789 case PWMD_PINENTRY_SAVE:
790 fprintf (stderr, N_("New password for %s: "), pwm->filename);
791 break;
792 case PWMD_PINENTRY_SAVE_CONFIRM:
793 fprintf (stderr, N_("Confirm password: "));
794 break;
795 default:
796 break;
797 }
798
799 if ((p = fgets (buf, sizeof (buf), stdin)) == NULL)
800 {
801 if (!echo)
802 tcsetattr (STDIN_FILENO, TCSANOW, &told);
803 return 0;
804 }
805
806 if (!echo)
807 tcsetattr (STDIN_FILENO, TCSANOW, &told);
808
809 if (feof (stdin))
810 {
811 clearerr (stdin);
812 return GPG_ERR_CANCELED;
813 }
814
815 /* Strip the newline character. */
816 p[strlen (p) - 1] = 0;
817
818 if (buf[0])
819 {
820 key = pwmd_strdup_printf ("%s", p);
821 memset (buf, 0, sizeof (buf));
822 if (!key)
823 return GPG_ERR_ENOMEM;
824
825 if (result)
826 *result = key;
827
828 if (len)
829 *len = strlen (key);
830 }
831 else
832 {
833 if (result)
834 *result = pwmd_strdup ("");
835
836 if (len)
837 *len = 1;
838 }
839
840 return 0;
841 }
842
843 gpg_error_t
844 pwmd_password (pwm_t * pwm, const char *keyword, char **data, size_t * size)
845 {
846 gpg_error_t rc;
847 int new_password = 0;
848 char *password = NULL, *newpass = NULL;
849 int error = 0;
850
851 command_start (pwm);
852
853 if (data)
854 *data = NULL;
855
856 if (size)
857 *size = 0;
858
859 if (!strcmp (keyword, "NEW_PASSPHRASE"))
860 new_password = 1;
861
862 if (!new_password && pwm->pinentry_try)
863 error = 1;
864
865 again:
866 if (pwm->disable_pinentry)
867 {
868 rc = get_password (pwm, &password, size,
869 new_password ? PWMD_PINENTRY_SAVE :
870 error ? PWMD_PINENTRY_OPEN_FAILED :
871 PWMD_PINENTRY_OPEN, 0);
872 if (!rc && new_password)
873 rc = get_password (pwm, &newpass, size, PWMD_PINENTRY_SAVE_CONFIRM,
874 0);
875 }
876 else
877 {
878 pwmd_pinentry_t which;
879
880 if (error)
881 which = new_password
882 ? PWMD_PINENTRY_SAVE_FAILED : PWMD_PINENTRY_OPEN_FAILED;
883 else
884 which = new_password ? PWMD_PINENTRY_SAVE : PWMD_PINENTRY_OPEN;
885
886 rc = pwmd_getpin (pwm, pwm->filename, &password, size, which);
887 if (!rc && new_password)
888 rc = pwmd_getpin (pwm, pwm->filename, &newpass, size,
889 PWMD_PINENTRY_SAVE_CONFIRM);
890 }
891
892 if (!rc && new_password)
893 {
894 if ((!password && newpass) || (!newpass && password)
895 || (newpass && password && strcmp (newpass, password)))
896 {
897 if (pwm->disable_pinentry)
898 fprintf (stderr, N_("Passphrases do not match.\n"));
899
900 pwmd_free (password);
901 pwmd_free (newpass);
902 password = newpass = NULL;
903 error = 1;
904 goto again;
905 }
906 }
907
908 (void) pwmd_getpin (pwm, pwm->filename, NULL, NULL, PWMD_PINENTRY_CLOSE);
909 pwmd_free (newpass);
910 if (!rc && data)
911 *data = password;
912
913 return rc;
914 }
915
916 static gpg_error_t
917 inquire_cb (void *data, const char *keyword)
918 {
919 pwm_t *pwm = (pwm_t *) data;
920 gpg_error_t rc = 0;
921 int free_result = 0;
922 char *result = NULL;
923 int is_password = 0;
924 int new_password = 0;
925
926 if (!strcmp (keyword, "PASSPHRASE") || !strcmp (keyword, "SIGN_PASSPHRASE"))
927 is_password = 1;
928 else if (!strcmp (keyword, "NEW_PASSPHRASE") || !strcmp (keyword, "GENKEY"))
929 new_password = 1;
930
931 /* Shouldn't get this far without a callback. */
932 if (!pwm->override_inquire && !pwm->inquire_func
933 && !is_password && !new_password)
934 return gpg_error (GPG_ERR_ASS_NO_INQUIRE_CB);
935
936 for (;;)
937 {
938 size_t len = 0;
939 gpg_error_t arc;
940
941 result = NULL;
942
943 if (!pwm->override_inquire && (is_password || new_password))
944 {
945 free_result = 1;
946 rc = pwmd_password (data, keyword, &result, &len);
947 if (!rc)
948 rc = GPG_ERR_EOF;
949 }
950 else
951 rc = pwm->inquire_func (pwm->inquire_data, keyword, rc, &result,
952 &len);
953
954 /* gpg will truncate a passphrase at the first nil byte which may be bad
955 * for generated key files. */
956 if ((!rc || gpg_err_code (rc) == GPG_ERR_EOF)
957 && (is_password || new_password))
958 {
959 if (len && result && *result)
960 {
961 for (size_t n = 0; n < len; n++)
962 {
963 if (result[n] == 0 && n+1 != len)
964 rc = GPG_ERR_INV_PASSPHRASE;
965 }
966 }
967 }
968
969 cancel:
970 if (rc && gpg_err_code (rc) != GPG_ERR_EOF)
971 {
972 #ifndef LIBASSUAN_2_1_0
973 gpg_error_t trc = rc;
974
975 /* Cancel this inquire. */
976 rc = assuan_send_data (pwm->ctx, NULL, 1);
977 if (!rc)
978 {
979 char *line;
980 size_t len;
981
982 /* There is a bug (or feature?) in assuan_send_data() that
983 * when cancelling an inquire the next read from the server is
984 * not done until the next command making the next command
985 * fail with GPG_ERR_ASS_UNEXPECTED_CMD.
986 */
987 rc = assuan_read_line (pwm->ctx, &line, &len);
988
989 /* Restore the original error. This differs from the error
990 * returned from the pwmd command (GPG_ERR_CANCELED). This
991 * error is returned to the calling function.
992 */
993 if (!rc)
994 rc = trc;
995 }
996 #endif
997 break;
998 }
999
1000 if (gpg_err_code (rc) == GPG_ERR_EOF || !rc)
1001 {
1002 if (len <= 0 && !result)
1003 {
1004 rc = 0;
1005 break;
1006 }
1007 else if ((len <= 0 && result) || (len && !result))
1008 {
1009 rc = gpg_error (GPG_ERR_INV_ARG);
1010 break;
1011 }
1012
1013 if (pwm->inquire_maxlen
1014 && pwm->inquire_sent + len > pwm->inquire_maxlen)
1015 {
1016 rc = gpg_error (GPG_ERR_TOO_LARGE);
1017 if (!free_result)
1018 rc = pwm->inquire_func (pwm->inquire_data, keyword, rc,
1019 &result, &len);
1020 goto cancel;
1021 }
1022
1023 arc = assuan_send_data (pwm->ctx, result, len);
1024 if (gpg_err_code (rc) == GPG_ERR_EOF)
1025 {
1026 rc = arc;
1027 break;
1028 }
1029
1030 rc = arc;
1031 }
1032 else if (rc)
1033 break;
1034
1035 if (!rc)
1036 {
1037 pwm->inquire_sent += len;
1038
1039 if (pwm->status_func)
1040 {
1041 char buf[ASSUAN_LINELENGTH];
1042
1043 snprintf (buf, sizeof (buf), "XFER %zu %zu", pwm->inquire_sent,
1044 pwm->inquire_total);
1045 rc = pwm->status_func (pwm->status_data, buf);
1046 if (rc)
1047 continue;
1048 }
1049 }
1050 }
1051
1052 if (free_result)
1053 pwmd_free (result);
1054
1055 pwm->inquire_maxlen = pwm->inquire_sent = 0;
1056 return rc;
1057 }
1058
1059 static gpg_error_t
1060 parse_assuan_line (pwm_t * pwm)
1061 {
1062 gpg_error_t rc;
1063 char *line;
1064 size_t len;
1065
1066 rc = assuan_read_line (pwm->ctx, &line, &len);
1067 if (!rc)
1068 {
1069 if (line[0] == 'O' && line[1] == 'K' &&
1070 (line[2] == 0 || line[2] == ' '))
1071 {
1072 }
1073 else if (line[0] == '#')
1074 {
1075 }
1076 else if (line[0] == 'S' && (line[1] == 0 || line[1] == ' '))
1077 {
1078 if (pwm->status_func)
1079 {
1080 rc = pwm->status_func (pwm->status_data,
1081 line[1] == 0 ? line + 1 : line + 2);
1082 }
1083 }
1084 else if (line[0] == 'E' && line[1] == 'R' && line[2] == 'R' &&
1085 (line[3] == 0 || line[3] == ' '))
1086 {
1087 line += 4;
1088 rc = strtol (line, NULL, 10);
1089 }
1090 }
1091
1092 return rc;
1093 }
1094
1095 static void
1096 reset_handle (pwm_t *pwm)
1097 {
1098 pwm->fd = -1;
1099 pwm->cancel = 0;
1100 pwm->pinentry_disabled = 0;
1101 #ifdef WITH_PINENTRY
1102 if (pwm->pctx)
1103 _pinentry_disconnect (pwm);
1104 #endif
1105 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
1106 #ifdef WITH_GNUTLS
1107 pwm->tls_error = 0;
1108 #endif
1109
1110 if (pwm->tcp)
1111 pwm->tcp->rc = 0;
1112 #endif
1113 }
1114
1115 gpg_error_t
1116 pwmd_disconnect (pwm_t * pwm)
1117 {
1118 if (!pwm)
1119 return FINISH (GPG_ERR_INV_ARG);
1120
1121 command_start (pwm);
1122
1123 if (pwm->fd == -1)
1124 return FINISH (GPG_ERR_INV_STATE);
1125
1126 disconnect (pwm);
1127 reset_handle (pwm);
1128 return 0;
1129 }
1130
1131 /* Note that this should only be called when not in a command. */
1132 gpg_error_t
1133 pwmd_process (pwm_t * pwm)
1134 {
1135 gpg_error_t rc = 0;
1136 fd_set fds;
1137 struct timeval tv = { 0, 0 };
1138 int n;
1139
1140 if (!pwm || pwm->fd == -1)
1141 return FINISH (GPG_ERR_INV_ARG);
1142 else if (!pwm->ctx)
1143 return FINISH (GPG_ERR_INV_STATE);
1144
1145 FD_ZERO (&fds);
1146 FD_SET (pwm->fd, &fds);
1147 n = select (pwm->fd + 1, &fds, NULL, NULL, &tv);
1148
1149 if (n == -1)
1150 return FINISH (gpg_error_from_syserror ());
1151
1152 if (n > 0)
1153 {
1154 if (FD_ISSET (pwm->fd, &fds))
1155 rc = parse_assuan_line (pwm);
1156 }
1157
1158 while (!rc && assuan_pending_line (pwm->ctx))
1159 rc = parse_assuan_line (pwm);
1160
1161 #if defined (WITH_SSH) || defined (WITH_GNUTLS)
1162 if (gpg_err_code (rc) == GPG_ERR_EOF && pwm->tcp)
1163 {
1164 close (pwm->fd);
1165 pwm->fd = -1;
1166 }
1167 #endif
1168
1169 return FINISH (rc);
1170 }
1171
1172 static gpg_error_t
1173 status_cb (void *data, const char *line)
1174 {
1175 pwm_t *pwm = data;
1176
1177 if (!strncmp (line, "INQUIRE_MAXLEN ", 15))
1178 pwm->inquire_maxlen = strtol (line + 15, NULL, 10);
1179 else if (!strncmp (line, "PASSPHRASE_HINT ", 16))
1180 {
1181 pwmd_free (pwm->passphrase_hint);
1182 pwm->passphrase_hint = pwmd_strdup (line+16);
1183 }
1184 else if (!strncmp (line, "PASSPHRASE_INFO ", 16))
1185 {
1186 pwmd_free (pwm->passphrase_info);
1187 pwm->passphrase_info = pwmd_strdup (line+16);
1188 }
1189
1190 if (pwm->status_func)
1191 return pwm->status_func (pwm->status_data, line);
1192
1193 return 0;
1194 }
1195
1196 gpg_error_t
1197 _assuan_command (pwm_t * pwm, assuan_context_t ctx,
1198 char **result, size_t * len, const char *cmd)
1199 {
1200 membuf_t data;
1201 gpg_error_t rc;
1202
1203 if (!cmd || !*cmd)
1204 return FINISH (GPG_ERR_INV_ARG);
1205
1206 if (strlen (cmd) >= ASSUAN_LINELENGTH + 1)
1207 return FINISH (GPG_ERR_LINE_TOO_LONG);
1208
1209 data.len = 0;
1210 data.buf = NULL;
1211 rc = assuan_transact (ctx, cmd, inquire_realloc_cb, &data,
1212 #ifdef WITH_QUALITY
1213 pwm->pctx == ctx ? pwm->_inquire_func : inquire_cb,
1214 pwm->pctx == ctx ? pwm->_inquire_data : pwm,
1215 #else
1216 inquire_cb, pwm,
1217 #endif
1218 status_cb, pwm);
1219
1220 if (rc)
1221 {
1222 if (data.buf)
1223 {
1224 pwmd_free (data.buf);
1225 data.buf = NULL;
1226 }
1227 }
1228 else
1229 {
1230 if (data.buf)
1231 {
1232 inquire_realloc_cb (&data, "", 1);
1233
1234 if (result)
1235 *result = (char *) data.buf;
1236 else
1237 pwmd_free (data.buf);
1238
1239 if (len)
1240 *len = data.len;
1241 }
1242 }
1243
1244 pwm->inquire_maxlen = 0;
1245 return rc;
1246 }
1247
1248 gpg_error_t
1249 pwmd_command_ap (pwm_t * pwm, char **result, size_t * rlen,
1250 pwmd_inquire_cb_t func, void *user, const char *cmd,
1251 va_list ap)
1252 {
1253 char *buf;
1254 size_t len;
1255 va_list ap2;
1256
1257 command_start (pwm);
1258
1259 if (result)
1260 *result = NULL;
1261
1262 if (rlen)
1263 *rlen = 0;
1264
1265 if (!pwm || !cmd)
1266 return FINISH (GPG_ERR_INV_ARG);
1267 if (!pwm->ctx)
1268 return FINISH (GPG_ERR_INV_STATE);
1269
1270 /*
1271 * C99 allows the dst pointer to be null which will calculate the length
1272 * of the would-be result and return it.
1273 */
1274 va_copy (ap2, ap);
1275 len = vsnprintf (NULL, 0, cmd, ap) + 1;
1276 buf = (char *) pwmd_malloc (len);
1277 if (!buf)
1278 {
1279 va_end (ap2);
1280 return FINISH (GPG_ERR_ENOMEM);
1281 }
1282
1283 len = vsnprintf (buf, len, cmd, ap2);
1284 va_end (ap2);
1285
1286 if (buf[strlen (buf) - 1] == '\n')
1287 buf[strlen (buf) - 1] = 0;
1288 if (buf[strlen (buf) - 1] == '\r')
1289 buf[strlen (buf) - 1] = 0;
1290
1291 pwm->inquire_func = func;
1292 pwm->inquire_data = user;
1293 pwm->inquire_sent = 0;
1294 gpg_error_t rc = _assuan_command (pwm, pwm->ctx, result, rlen, buf);
1295 pwmd_free (buf);
1296 return rc;
1297 }
1298
1299 gpg_error_t
1300 pwmd_command (pwm_t * pwm, char **result, size_t * len,
1301 pwmd_inquire_cb_t func, void *user, const char *cmd, ...)
1302 {
1303 va_list ap;
1304
1305 if (result)
1306 *result = NULL;
1307
1308 if (len)
1309 *len = 0;
1310
1311 if (!pwm || !cmd)
1312 return FINISH (GPG_ERR_INV_ARG);
1313 if (!pwm->ctx)
1314 return FINISH (GPG_ERR_INV_STATE);
1315
1316 va_start (ap, cmd);
1317 gpg_error_t rc = pwmd_command_ap (pwm, result, len, func, user, cmd, ap);
1318 va_end (ap);
1319 return rc;
1320 }
1321
1322 static gpg_error_t
1323 send_pinentry_timeout (pwm_t *pwm)
1324 {
1325 gpg_error_t rc = 0;
1326
1327 if ((pwm->pinentry_timeout >= 0
1328 && pwm->pinentry_timeout != pwm->current_pinentry_timeout)
1329 || (pwm->pinentry_timeout == -1
1330 && pwm->pinentry_timeout != pwm->current_pinentry_timeout))
1331 {
1332 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL,
1333 "OPTION pinentry-timeout=%i",
1334 pwm->pinentry_timeout);
1335 if (!rc)
1336 pwm->current_pinentry_timeout = pwm->pinentry_timeout;
1337 }
1338
1339 return rc;
1340 }
1341
1342 static gpg_error_t
1343 send_pinentry_options (pwm_t * pwm)
1344 {
1345 gpg_error_t rc;
1346
1347 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL,
1348 "OPTION disable-pinentry=0");
1349 if (!rc && pwm->pinentry_tty)
1350 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION TTYNAME=%s",
1351 pwm->pinentry_tty);
1352
1353 if (!rc && pwm->pinentry_term)
1354 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION TTYTYPE=%s",
1355 pwm->pinentry_term);
1356
1357 if (!rc && pwm->pinentry_display)
1358 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION DISPLAY=%s",
1359 pwm->pinentry_display);
1360
1361 if (!rc && pwm->pinentry_desc)
1362 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION DESC=%s",
1363 pwm->pinentry_desc);
1364
1365 if (!rc && pwm->pinentry_lcctype)
1366 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION LC_CTYPE=%s",
1367 pwm->pinentry_lcctype);
1368
1369 if (!rc && pwm->pinentry_lcmessages)
1370 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION LC_MESSAGES=%s",
1371 pwm->pinentry_lcmessages);
1372
1373 if (!rc)
1374 rc = send_pinentry_timeout (pwm);
1375
1376 return rc;
1377 }
1378
1379 gpg_error_t
1380 pwmd_socket_type (pwm_t * pwm, pwmd_socket_t * result)
1381 {
1382 if (!pwm || !result)
1383 return FINISH (GPG_ERR_INV_ARG);
1384
1385 *result = PWMD_SOCKET_LOCAL;
1386
1387 if (pwm->fd == -1)
1388 return FINISH (GPG_ERR_INV_STATE);
1389
1390 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
1391 #ifdef WITH_SSH
1392 if (pwm->tcp && pwm->tcp->ssh)
1393 *result = PWMD_SOCKET_SSH;
1394 #endif
1395 #ifdef WITH_GNUTLS
1396 if (pwm->tcp && pwm->tcp->tls)
1397 *result = PWMD_SOCKET_TLS;
1398 #endif
1399 #endif
1400 return 0;
1401 }
1402
1403 static gpg_error_t
1404 disable_pinentry (pwm_t *pwm, int *disable)
1405 {
1406 gpg_error_t rc;
1407 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
1408 int no_pinentry = pwm->disable_pinentry || pwm->tcp || pwm->local_pinentry;
1409 #else
1410 int no_pinentry = pwm->disable_pinentry || pwm->local_pinentry;
1411 #endif
1412
1413 if (disable)
1414 *disable = no_pinentry;
1415
1416 if (pwm->pinentry_disabled && no_pinentry)
1417 return 0;
1418 else if (!pwm->pinentry_disabled && !no_pinentry)
1419 return 0;
1420
1421 rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION disable-pinentry=%i",
1422 no_pinentry);
1423 if (!rc)
1424 pwm->pinentry_disabled = no_pinentry;
1425
1426 return rc;
1427 }
1428
1429 gpg_error_t
1430 pwmd_open (pwm_t * pwm, const char *filename, pwmd_inquire_cb_t cb,
1431 void *data)
1432 {
1433 gpg_error_t rc = 0;
1434 int no_pinentry = 0;
1435
1436 if (!pwm || !filename || !*filename)
1437 return FINISH (GPG_ERR_INV_ARG);
1438
1439 if (!pwm->ctx)
1440 return FINISH (GPG_ERR_INV_STATE);
1441
1442 command_start (pwm);
1443 rc = disable_pinentry (pwm, &no_pinentry);
1444 if (!rc && !no_pinentry)
1445 rc = send_pinentry_options (pwm);
1446
1447 if (!rc)
1448 {
1449 pwm->pinentry_try = 0;
1450 pwmd_free (pwm->filename);
1451 pwm->filename = pwmd_strdup (filename);
1452
1453 do
1454 {
1455 rc = pwmd_command (pwm, NULL, NULL, cb, data, "OPEN %s%s",
1456 (pwm->opts & OPT_LOCK_ON_OPEN) ? "--lock " : "",
1457 filename);
1458 }
1459 while (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
1460 && pwm->pinentry_disabled
1461 && ++pwm->pinentry_try < pwm->pinentry_tries);
1462
1463 pwm->pinentry_try = 0;
1464
1465 if (rc)
1466 {
1467 pwmd_free (pwm->filename);
1468 pwm->filename = NULL;
1469 }
1470 }
1471
1472 pwmd_free (pwm->passphrase_hint);
1473 pwmd_free (pwm->passphrase_info);
1474 pwm->passphrase_info = pwm->passphrase_hint = NULL;
1475 return FINISH (rc);
1476 }
1477
1478 static gpg_error_t
1479 do_pwmd_save_passwd (pwm_t * pwm, const char *args, pwmd_inquire_cb_t cb,
1480 void *data, int save)
1481 {
1482 gpg_error_t rc = 0;
1483 int no_pinentry = 0;
1484
1485 if (!pwm)
1486 return FINISH (GPG_ERR_INV_ARG);
1487 if (!pwm->ctx)
1488 return FINISH (GPG_ERR_INV_STATE);
1489
1490 command_start (pwm);
1491 rc = disable_pinentry (pwm, &no_pinentry);
1492 if (!rc && !no_pinentry)
1493 rc = send_pinentry_options (pwm);
1494
1495 if (!rc)
1496 rc = pwmd_command (pwm, NULL, NULL, cb, data,
1497 save ? "SAVE %s" : "PASSWD %s", args ? args : "");
1498
1499 pwmd_free (pwm->passphrase_hint);
1500 pwmd_free (pwm->passphrase_info);
1501 pwm->passphrase_info = pwm->passphrase_hint = NULL;
1502 return FINISH (rc);
1503 }
1504
1505 gpg_error_t
1506 pwmd_passwd (pwm_t * pwm, const char *args, pwmd_inquire_cb_t cb, void *data)
1507 {
1508 return do_pwmd_save_passwd (pwm, args, cb, data, 0);
1509 }
1510
1511 gpg_error_t
1512 pwmd_save (pwm_t * pwm, const char *args, pwmd_inquire_cb_t cb, void *data)
1513 {
1514 return do_pwmd_save_passwd (pwm, args, cb, data, 1);
1515 }
1516
1517 static gpg_error_t
1518 pwmd_get_set_opt (pwm_t *pwm, pwmd_option_t opt, int get, va_list ap)
1519 {
1520 int n, *intp;
1521 size_t *sizetp;
1522 char *arg1, **charpp;
1523 gpg_error_t rc = 0;
1524
1525 if (!pwm)
1526 return GPG_ERR_INV_ARG;
1527
1528 command_start (pwm);
1529 switch (opt)
1530 {
1531 case PWMD_OPTION_SERVER_VERSION:
1532 if (!get)
1533 return GPG_ERR_NOT_SUPPORTED;
1534
1535 if (!pwm)
1536 rc = GPG_ERR_INV_ARG;
1537 else if (!pwm->ctx)
1538 rc = GPG_ERR_INV_STATE;
1539 else
1540 {
1541 unsigned *u = va_arg (ap, unsigned *);
1542 *u = pwm->version;
1543 }
1544
1545 break;
1546 case PWMD_OPTION_SIGPIPE:
1547 if (get)
1548 {
1549 intp = va_arg (ap, int *);
1550 *intp = pwm->opts & OPT_SIGPIPE ? 1 : 0;
1551 break;
1552 }
1553
1554 n = va_arg (ap, int);
1555 if (n < 0 || n > 1)
1556 rc = GPG_ERR_INV_VALUE;
1557
1558 if (n)
1559 pwm->opts |= OPT_SIGPIPE;
1560 else
1561 pwm->opts &= ~OPT_SIGPIPE;
1562
1563 break;
1564 case PWMD_OPTION_LOCK_ON_OPEN:
1565 if (get)
1566 {
1567 intp = va_arg (ap, int *);
1568 *intp = pwm->opts & OPT_LOCK_ON_OPEN ? 1 : 0;
1569 break;
1570 }
1571
1572 n = va_arg (ap, int);
1573
1574 if (n < 0 || n > 1)
1575 rc = GPG_ERR_INV_VALUE;
1576
1577 if (n)
1578 pwm->opts |= OPT_LOCK_ON_OPEN;
1579 else
1580 pwm->opts &= ~OPT_LOCK_ON_OPEN;
1581
1582 break;
1583 case PWMD_OPTION_INQUIRE_TOTAL:
1584 if (get)
1585 {
1586 sizetp = va_arg (ap, size_t *);
1587 *sizetp = pwm->inquire_total;
1588 break;
1589 }
1590
1591 pwm->inquire_total = va_arg (ap, size_t);
1592 break;
1593 case PWMD_OPTION_STATUS_CB:
1594 if (get)
1595 {
1596 pwmd_status_cb_t *cb = va_arg (ap, pwmd_status_cb_t *);
1597
1598 *cb = pwm->status_func;
1599 break;
1600 }
1601
1602 pwm->status_func = va_arg (ap, pwmd_status_cb_t);
1603 break;
1604 case PWMD_OPTION_STATUS_DATA:
1605 if (get)
1606 {
1607 void **data = va_arg (ap, void **);
1608
1609 *data = pwm->status_data;
1610 break;
1611 }
1612
1613 pwm->status_data = va_arg (ap, void *);
1614 break;
1615 case PWMD_OPTION_NO_PINENTRY:
1616 if (get)
1617 {
1618 intp = va_arg (ap, int *);
1619 *intp = pwm->disable_pinentry;
1620 break;
1621 }
1622
1623 n = va_arg (ap, int);
1624
1625 if (n < 0 || n > 1)
1626 rc = GPG_ERR_INV_VALUE;
1627 else
1628 pwm->disable_pinentry = n;
1629 break;
1630 case PWMD_OPTION_LOCAL_PINENTRY:
1631 if (get)
1632 {
1633 intp = va_arg (ap, int *);
1634 *intp = pwm->local_pinentry;
1635 break;
1636 }
1637
1638 n = va_arg (ap, int);
1639
1640 if (n < 0 || n > 1)
1641 rc = GPG_ERR_INV_VALUE;
1642 else
1643 pwm->local_pinentry = n;
1644
1645 break;
1646 case PWMD_OPTION_PINENTRY_TIMEOUT:
1647 if (get)
1648 {
1649 intp = va_arg (ap, int *);
1650 *intp = pwm->pinentry_timeout;
1651 break;
1652 }
1653
1654 n = va_arg (ap, int);
1655
1656 if (n < 0)
1657 rc = GPG_ERR_INV_VALUE;
1658 else
1659 pwm->pinentry_timeout = n;
1660 break;
1661 case PWMD_OPTION_PINENTRY_TRIES:
1662 if (get)
1663 {
1664 intp = va_arg (ap, int *);
1665 *intp = pwm->pinentry_tries;
1666 break;
1667 }
1668
1669 n = va_arg (ap, int);
1670 pwm->pinentry_tries = n;
1671 break;
1672 case PWMD_OPTION_PINENTRY_PATH:
1673 if (get)
1674 {
1675 charpp = va_arg (ap, char **);
1676 *charpp = pwm->pinentry_path;
1677 break;
1678 }
1679
1680 arg1 = va_arg (ap, char *);
1681 pwmd_free (pwm->pinentry_path);
1682 pwm->pinentry_path = arg1 ? _expand_homedir (arg1, NULL) : NULL;
1683 break;
1684 case PWMD_OPTION_PINENTRY_TTY:
1685 if (get)
1686 {
1687 charpp = va_arg (ap, char **);
1688 *charpp = pwm->pinentry_tty;
1689 break;
1690 }
1691
1692 arg1 = va_arg (ap, char *);
1693 pwmd_free (pwm->pinentry_tty);
1694 pwm->pinentry_tty = arg1 ? pwmd_strdup (arg1) : NULL;
1695 break;
1696 case PWMD_OPTION_PINENTRY_DISPLAY:
1697 if (get)
1698 {
1699 charpp = va_arg (ap, char **);
1700 *charpp = pwm->pinentry_display;
1701 break;
1702 }
1703
1704 arg1 = va_arg (ap, char *);
1705 pwmd_free (pwm->pinentry_display);
1706 pwm->pinentry_display = arg1 ? pwmd_strdup (arg1) : NULL;
1707 break;
1708 case PWMD_OPTION_PINENTRY_TERM:
1709 if (get)
1710 {
1711 charpp = va_arg (ap, char **);
1712 *charpp = pwm->pinentry_term;
1713 break;
1714 }
1715
1716 arg1 = va_arg (ap, char *);
1717 pwmd_free (pwm->pinentry_term);
1718 pwm->pinentry_term = arg1 ? pwmd_strdup (arg1) : NULL;
1719 break;
1720 case PWMD_OPTION_PINENTRY_ERROR:
1721 if (get)
1722 {
1723 charpp = va_arg (ap, char **);
1724 *charpp = pwm->pinentry_error;
1725 break;
1726 }
1727
1728 arg1 = va_arg (ap, char *);
1729 pwmd_free (pwm->pinentry_error);
1730 pwm->pinentry_error = arg1 ? _percent_escape (arg1) : NULL;
1731 break;
1732 case PWMD_OPTION_PINENTRY_PROMPT:
1733 if (get)
1734 {
1735 charpp = va_arg (ap, char **);
1736 *charpp = pwm->pinentry_prompt;
1737 break;
1738 }
1739
1740 arg1 = va_arg (ap, char *);
1741 pwmd_free (pwm->pinentry_prompt);
1742 pwm->pinentry_prompt = arg1 ? _percent_escape (arg1) : NULL;
1743 break;
1744 case PWMD_OPTION_PINENTRY_DESC:
1745 if (get)
1746 {
1747 charpp = va_arg (ap, char **);
1748 *charpp = pwm->pinentry_desc;
1749 break;
1750 }
1751
1752 arg1 = va_arg (ap, char *);
1753 pwmd_free (pwm->pinentry_desc);
1754 pwm->pinentry_desc = arg1 ? _percent_escape (arg1) : NULL;
1755 break;
1756 case PWMD_OPTION_PINENTRY_LC_CTYPE:
1757 if (get)
1758 {
1759 charpp = va_arg (ap, char **);
1760 *charpp = pwm->pinentry_lcctype;
1761 break;
1762 }
1763
1764 arg1 = va_arg (ap, char *);
1765 pwmd_free (pwm->pinentry_lcctype);
1766 pwm->pinentry_lcctype = arg1 ? pwmd_strdup (arg1) : NULL;
1767 break;
1768 case PWMD_OPTION_PINENTRY_LC_MESSAGES:
1769 if (get)
1770 {
1771 charpp = va_arg (ap, char **);
1772 *charpp = pwm->pinentry_lcmessages;
1773 break;
1774 }
1775
1776 arg1 = va_arg (ap, char *);
1777 pwmd_free (pwm->pinentry_lcmessages);
1778 pwm->pinentry_lcmessages = arg1 ? pwmd_strdup (arg1) : NULL;
1779 break;
1780 case PWMD_OPTION_KNOWNHOST_CB:
1781 if (get)
1782 {
1783 pwmd_knownhost_cb_t *cb = va_arg (ap, pwmd_knownhost_cb_t *);
1784
1785 *cb = pwm->kh_cb;
1786 break;
1787 }
1788
1789 pwm->kh_cb = va_arg (ap, pwmd_knownhost_cb_t);
1790 break;
1791 case PWMD_OPTION_KNOWNHOST_DATA:
1792 if (get)
1793 {
1794 void **data = va_arg (ap, void **);
1795
1796 *data = pwm->kh_data;
1797 break;
1798 }
1799
1800 pwm->kh_data = va_arg (ap, void *);
1801 break;
1802 case PWMD_OPTION_SSH_AGENT:
1803 if (get)
1804 {
1805 intp = va_arg (ap, int *);
1806 *intp = pwm->use_agent;
1807 break;
1808 }
1809
1810 pwm->use_agent = va_arg (ap, int);
1811
1812 if (pwm->use_agent < 0 || pwm->use_agent > 1)
1813 {
1814 pwm->use_agent = 0;
1815 rc = GPG_ERR_INV_VALUE;
1816 }
1817 break;
1818 case PWMD_OPTION_SSH_NEEDS_PASSPHRASE:
1819 if (get)
1820 {
1821 intp = va_arg (ap, int *);
1822 *intp = pwm->needs_passphrase;
1823 break;
1824 }
1825
1826 pwm->needs_passphrase = va_arg (ap, int);
1827
1828 if (pwm->needs_passphrase < 0 || pwm->needs_passphrase > 1)
1829 {
1830 pwm->needs_passphrase = 0;
1831 rc = GPG_ERR_INV_VALUE;
1832 }
1833 break;
1834 case PWMD_OPTION_TLS_VERIFY:
1835 if (get)
1836 {
1837 intp = va_arg (ap, int *);
1838 *intp = pwm->tls_verify;
1839 break;
1840 }
1841
1842 pwm->tls_verify = va_arg (ap, int);
1843
1844 if (pwm->tls_verify < 0 || pwm->tls_verify > 1)
1845 {
1846 pwm->tls_verify = 0;
1847 rc = GPG_ERR_INV_VALUE;
1848 }
1849 break;
1850 case PWMD_OPTION_SOCKET_TIMEOUT:
1851 if (get)
1852 {
1853 intp = va_arg (ap, int *);
1854 *intp = pwm->socket_timeout;
1855 break;
1856 }
1857
1858 pwm->socket_timeout = va_arg (ap, int);
1859 if (pwm->socket_timeout < 0)
1860 {
1861 pwm->socket_timeout = 0;
1862 rc = GPG_ERR_INV_VALUE;
1863 }
1864
1865 #ifdef WITH_SSH
1866 if (pwm->tcp && pwm->tcp->ssh && pwm->tcp->ssh->session)
1867 {
1868 pwm->tcp->ssh->timeout = pwm->socket_timeout;
1869 libssh2_session_set_timeout (pwm->tcp->ssh->session,
1870 pwm->socket_timeout * 1000);
1871 }
1872 #endif
1873 #ifdef WITH_GNUTLS
1874 if (pwm->tcp && pwm->tcp->tls && pwm->tcp->tls->session)
1875 pwm->tcp->tls->timeout = pwm->socket_timeout;
1876 #endif
1877 break;
1878 case PWMD_OPTION_OVERRIDE_INQUIRE:
1879 if (get)
1880 {
1881 intp = va_arg (ap, int *);
1882 *intp = pwm->override_inquire;
1883 break;
1884 }
1885
1886 pwm->override_inquire = va_arg (ap, int);
1887
1888 if (pwm->override_inquire < 0 || pwm->override_inquire > 1)
1889 {
1890 pwm->override_inquire = 0;
1891 rc = GPG_ERR_INV_VALUE;
1892 }
1893 break;
1894 default:
1895 rc = GPG_ERR_UNKNOWN_OPTION;
1896 break;
1897 }
1898
1899 return FINISH (rc);
1900 }
1901
1902 gpg_error_t
1903 pwmd_setopt (pwm_t * pwm, pwmd_option_t opt, ...)
1904 {
1905 va_list ap;
1906 gpg_error_t rc = 0;
1907
1908 va_start (ap, opt);
1909 rc = pwmd_get_set_opt (pwm, opt, 0, ap);
1910 va_end (ap);
1911 return FINISH (rc);
1912 }
1913
1914 gpg_error_t
1915 pwmd_getopt (pwm_t *pwm, pwmd_option_t opt, ...)
1916 {
1917 va_list ap;
1918 gpg_error_t rc = 0;
1919
1920 va_start (ap, opt);
1921 rc = pwmd_get_set_opt (pwm, opt, 1, ap);
1922 va_end (ap);
1923 return FINISH (rc);
1924 }
1925
1926 gpg_error_t
1927 pwmd_new (const char *name, pwm_t ** pwm)
1928 {
1929 pwm_t *h = pwmd_calloc (1, sizeof (pwm_t));
1930 gpg_error_t rc;
1931
1932 if (!h)
1933 return FINISH (GPG_ERR_ENOMEM);
1934
1935 if (name)
1936 {
1937 h->name = pwmd_strdup (name);
1938 if (!h->name)
1939 {
1940 pwmd_free (h);
1941 return FINISH (GPG_ERR_ENOMEM);
1942 }
1943 }
1944
1945 reset_handle (h);
1946 h->pinentry_timeout = -1;
1947 h->current_pinentry_timeout = -1;
1948 h->pinentry_tries = 3;
1949 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
1950 h->prot = PWMD_IP_ANY;
1951 #endif
1952
1953 if (isatty (STDOUT_FILENO))
1954 {
1955 char buf[256];
1956 int err = ttyname_r (STDOUT_FILENO, buf, sizeof (buf));
1957
1958 if (!err)
1959 {
1960 h->pinentry_tty = pwmd_strdup (buf);
1961 if (!h->pinentry_tty)
1962 {
1963 rc = GPG_ERR_ENOMEM;
1964 goto fail;
1965 }
1966 }
1967 }
1968
1969 if (getenv ("TERM") && h->pinentry_tty)
1970 {
1971 h->pinentry_term = pwmd_strdup (getenv ("TERM"));
1972 if (!h->pinentry_term)
1973 {
1974 rc = GPG_ERR_ENOMEM;
1975 goto fail;
1976 }
1977 }
1978
1979 if (getenv ("DISPLAY"))
1980 {
1981 h->pinentry_display = pwmd_strdup (getenv ("DISPLAY"));
1982 if (!h->pinentry_display)
1983 {
1984 rc = GPG_ERR_ENOMEM;
1985 goto fail;
1986 }
1987 }
1988
1989 *pwm = h;
1990 return 0;
1991
1992 fail:
1993 pwmd_close (h);
1994 return FINISH (rc);
1995 }
1996
1997 void
1998 pwmd_free (void *ptr)
1999 {
2000 _xfree (ptr);
2001 }
2002
2003 void *
2004 pwmd_malloc (size_t size)
2005 {
2006 return _xmalloc (size);
2007 }
2008
2009 void *
2010 pwmd_calloc (size_t nmemb, size_t size)
2011 {
2012 return _xcalloc (nmemb, size);
2013 }
2014
2015 void *
2016 pwmd_realloc (void *ptr, size_t size)
2017 {
2018 return _xrealloc (ptr, size);
2019 }
2020
2021 char *
2022 pwmd_strdup (const char *str)
2023 {
2024 char *t;
2025 size_t len;
2026 register size_t c;
2027
2028 len = strlen (str);
2029 t = _xmalloc ((len + 1) * sizeof (char));
2030 if (!t)
2031 return NULL;
2032
2033 for (c = 0; c < len; c++)
2034 t[c] = str[c];
2035
2036 t[c] = 0;
2037 return t;
2038 }
2039
2040 char *
2041 pwmd_strdup_printf (const char *fmt, ...)
2042 {
2043 va_list ap, ap2;
2044 int len;
2045 char *buf;
2046
2047 if (!fmt)
2048 return NULL;
2049
2050 va_start (ap, fmt);
2051 va_copy (ap2, ap);
2052 len = vsnprintf (NULL, 0, fmt, ap);
2053 va_end (ap);
2054 buf = pwmd_malloc (++len);
2055 if (buf)
2056 vsnprintf (buf, len, fmt, ap2);
2057
2058 va_end (ap2);
2059 return buf;
2060 }
2061
2062 gpg_error_t
2063 pwmd_getpin (pwm_t * pwm, const char *filename, char **result,
2064 size_t * len, pwmd_pinentry_t which)
2065 {
2066 #ifndef WITH_PINENTRY
2067 return FINISH (GPG_ERR_NOT_IMPLEMENTED);
2068 #else
2069 command_start (pwm);
2070 gpg_error_t rc = _pwmd_getpin (pwm, filename, result, len, which);
2071
2072 return FINISH (rc);
2073 #endif
2074 }
2075
2076 const char *
2077 pwmd_version ()
2078 {
2079 return LIBPWMD_VERSION_STR;
2080 }
2081
2082 unsigned int
2083 pwmd_features ()
2084 {
2085 unsigned int n = 0;
2086
2087 #ifdef WITH_PINENTRY
2088 n |= PWMD_FEATURE_PINENTRY;
2089 #endif
2090 #ifdef WITH_SSH
2091 n |= PWMD_FEATURE_SSH;
2092 #endif
2093 #ifdef WITH_QUALITY
2094 n |= PWMD_FEATURE_CRACK;
2095 #endif
2096 #ifdef WITH_GNUTLS
2097 n |= PWMD_FEATURE_GNUTLS;
2098 #endif
2099 return n;
2100 }
2101
2102 gpg_error_t
2103 pwmd_fd (pwm_t * pwm, int *fd)
2104 {
2105 if (!pwm || !fd)
2106 return FINISH (GPG_ERR_INV_ARG);
2107
2108 if (pwm->fd == -1)
2109 return FINISH (GPG_ERR_INV_STATE);
2110
2111 *fd = pwm->fd;
2112 return 0;
2113 }
2114
2115 void
2116 pwmd_set_pointer (pwm_t *pwm, void *data)
2117 {
2118 pwm->user_data = data;
2119 }
2120
2121 void *
2122 pwmd_get_pointer (pwm_t *pwm)
2123 {
2124 return pwm->user_data;
2125 }
2126
2127 int
2128 pwmd_tls_error (pwm_t *pwm)
2129 {
2130 #ifndef WITH_GNUTLS
2131 return 0;
2132 #else
2133 return pwm ? pwm->tls_error : 0;
2134 #endif
2135 }
2136
2137 gpg_error_t
2138 pwmd_cancel (pwm_t *pwm)
2139 {
2140 if (!pwm)
2141 return FINISH (GPG_ERR_INV_ARG);
2142
2143 #if defined(WITH_SSH) || defined(WITH_GNUTLS)
2144 if (pwm->fd == -1 && !pwm->tcp)
2145 #else
2146 if (pwm->fd == -1)
2147 #endif
2148 return FINISH (GPG_ERR_INV_STATE);
2149
2150 /* Can only cancel the connection for the time being. */
2151 if (pwm->connected)
2152 return FINISH (GPG_ERR_INV_STATE);
2153
2154 pwm->cancel = 1;
2155 return 0;
2156 }
An API for pwmd.