2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
4 Ben Kibbey <bjk@luxsci.net>
6 This file is part of pwmd.
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
31 #include "pwmd-error.h"
37 #include "util-misc.h"
38 #include "util-string.h"
45 static pthread_mutex_t cache_mutex
;
46 static struct slist_s
*key_cache
;
47 static unsigned char *cache_iv
;
48 static unsigned char *cache_key
;
49 static size_t cache_blocksize
;
50 static size_t cache_keysize
;
51 struct agent_s
*cache_agent
;
53 extern void log_write (const char *fmt
, ...);
55 static gpg_error_t
clear_once (file_cache_t
* p
, int agent
);
56 static int remove_entry (const char *);
57 static void free_entry (file_cache_t
* p
, int agent
);
60 get_entry (const char *filename
)
62 int t
= slist_length (key_cache
);
68 for (i
= 0; i
< t
; i
++)
70 file_cache_t
*p
= slist_nth_data (key_cache
, i
);
72 if (!strcmp (p
->filename
, filename
))
80 cache_lock_mutex (void *ctx
, const char *filename
, long lock_timeout
, int add
,
83 MUTEX_LOCK (&cache_mutex
);
85 file_cache_t
*p
= get_entry (filename
);
89 MUTEX_UNLOCK (&cache_mutex
);
90 MUTEX_TRYLOCK (ctx
, p
->mutex
, rc
, lock_timeout
);
94 rc
= cache_add_file (filename
, NULL
, timeout
);
97 p
= get_entry (filename
);
98 MUTEX_UNLOCK (&cache_mutex
);
99 MUTEX_TRYLOCK (ctx
, p
->mutex
, rc
, lock_timeout
);
103 MUTEX_UNLOCK (&cache_mutex
);
108 MUTEX_UNLOCK (&cache_mutex
);
111 return !p
&& !rc
? GPG_ERR_NO_DATA
: rc
;
115 remove_entry (const char *filename
)
117 MUTEX_LOCK (&cache_mutex
);
118 file_cache_t
*p
= get_entry (filename
);
120 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
123 /* Keep a refcount because another client maybe editing this same new
124 * file. The entry needs to be kept in case the other client SAVE's.
131 pthread_cleanup_pop (1);
136 free_cache_data (file_cache_t
* cache
)
138 gpg_error_t rc
= GPG_ERR_NO_DATA
;
140 struct client_thread_s
*found
= NULL
;
147 MUTEX_LOCK (&cn_mutex
);
148 pthread_cleanup_push (cleanup_mutex_cb
, &cn_mutex
);
149 t
= slist_length (cn_thread_list
);
151 for (i
= 0; i
< t
; i
++)
153 struct client_thread_s
*thd
= slist_nth_data (cn_thread_list
, i
);
158 self
= pthread_equal (pthread_self (), thd
->tid
);
160 if (thd
->cl
->filename
&& !strcmp (thd
->cl
->filename
, cache
->filename
))
168 /* Continue trying to find a client who has the same file open and
169 * also has a lock. */
170 rc
= cache_lock_mutex (thd
->cl
->ctx
, thd
->cl
->filename
, -1, 0, -1);
179 if (self
&& (!rc
|| rc
== GPG_ERR_NO_DATA
) && found
)
180 rc
= cache_lock_mutex (found
->cl
->ctx
, found
->cl
->filename
, -1, 0, -1);
182 if (exiting
|| !rc
|| rc
== GPG_ERR_NO_DATA
)
184 free_cache_data_once (cache
->data
);
186 cache
->defer_clear
= 0;
190 cache_unlock_mutex (found
->cl
->filename
, 0);
196 cache
->defer_clear
= 1;
198 pthread_cleanup_pop (1);
204 cache_unlock_mutex (const char *filename
, int remove
)
206 MUTEX_LOCK (&cache_mutex
);
207 file_cache_t
*p
= get_entry (filename
);
211 MUTEX_UNLOCK (p
->mutex
);
213 remove_entry (filename
);
216 MUTEX_UNLOCK (&cache_mutex
);
217 return p
? 0 : GPG_ERR_NO_DATA
;
221 test_agent_cache_once (file_cache_t
*p
, const char *grip
)
226 rc
= agent_command (cache_agent
, &line
, NULL
, "KEYINFO --data %s", grip
);
229 char **fields
= str_split (line
, " ", 0);
232 if (*fields
[1] == 'T')
233 rc
= GPG_ERR_NO_DATA
;
235 rc
= isdigit (*fields
[4]) || *fields
[5] == 'C' ? 0 : GPG_ERR_NO_DATA
;
244 /* Test each keygrip in data->(sig)grip for gpg-agent cache status. The file is
245 * considered cached if at least one grip is cached in the agent or one siggrip
246 * is cached in the case of 'sign'.
249 test_agent_cache (file_cache_t
*data
, int sign
)
254 if ((!data
->grip
&& !sign
) || (!data
->siggrip
&& sign
))
255 return GPG_ERR_NO_DATA
;
257 for (p
= data
->grip
; !sign
&& p
&& *p
; p
++)
259 rc
= test_agent_cache_once (data
, *p
);
260 if (!rc
|| rc
!= GPG_ERR_NO_DATA
)
266 for (p
= data
->siggrip
; p
&& *p
; p
++)
268 rc
= test_agent_cache_once (data
, *p
);
269 if (!rc
|| rc
!= GPG_ERR_NO_DATA
)
278 extract_keygrip_once (struct crypto_s
*crypto
, char **keyids
, int sign
,
286 rc
= crypto_list_keys (crypto
, keyids
, sign
, &result
);
290 for (i
= 0; result
[i
]; i
++)
294 for (s
= result
[i
]->subkeys
; s
; s
= s
->next
)
298 if (sign
&& !s
->can_sign
)
301 for (k
= keyids
; *k
; k
++)
303 if (!strcmp (*k
, s
->keyid
) && s
->keygrip
)
306 size_t len
= strv_length (grips
);
308 tmp
= xrealloc (grips
, len
+2 * sizeof (char *));
316 grips
[len
] = str_dup (s
->keygrip
);
340 crypto_free_key_list (result
);
341 return rc
? rc
: grips
? rc
: GPG_ERR_NO_DATA
;
345 extract_keygrips (file_cache_t
*data
)
348 struct crypto_s
*crypto
;
349 char **grips
= NULL
, **siggrips
= NULL
;
351 if (!data
|| !data
->data
)
354 rc
= crypto_init (&crypto
, NULL
, NULL
, 0, NULL
);
358 pthread_cleanup_push ((void *)crypto_free
, crypto
);
360 if (data
->data
->pubkey
)
361 rc
= extract_keygrip_once (crypto
, data
->data
->pubkey
, 0, &grips
);
363 if (!rc
&& data
->data
->sigkey
)
364 rc
= extract_keygrip_once (crypto
, data
->data
->sigkey
, 1, &siggrips
);
368 strv_free (data
->grip
);
370 strv_free (data
->siggrip
);
371 data
->siggrip
= siggrips
;
376 strv_free (siggrips
);
379 pthread_cleanup_pop (1);
384 iscached (const char *filename
, int *defer
, int agent
, int sign
)
386 file_cache_t
*p
= get_entry (filename
);
392 return GPG_ERR_NO_DATA
;
395 *defer
= p
->defer_clear
;
401 return GPG_ERR_NO_DATA
;
404 *defer
= p
->defer_clear
;
406 if (!rc
&& (p
->grip
|| p
->siggrip
))
407 rc
= test_agent_cache (p
, sign
);
409 rc
= GPG_ERR_NO_DATA
;
417 MUTEX_LOCK (&cache_mutex
);
418 unsigned total
= 0, i
, n
;
420 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
421 n
= slist_length (key_cache
);
422 for (i
= 0; i
< n
; i
++)
424 file_cache_t
*p
= slist_nth_data (key_cache
, i
);
426 if (!iscached (p
->filename
, NULL
, 0, 0))
430 pthread_cleanup_pop (1);
435 cache_adjust_timeout ()
437 MUTEX_LOCK (&cache_mutex
);
438 int t
= slist_length (key_cache
);
441 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
443 for (i
= 0; i
< t
; i
++)
445 file_cache_t
*p
= slist_nth_data (key_cache
, i
);
450 if (!p
->timeout
|| (p
->defer_clear
&& p
->timeout
!= -1))
452 /* The file associated with this cache entry may be locked by a
453 * client. Defer freeing this cache entry until the next timeout
455 if (!clear_once (p
, 1))
456 send_status_all (STATUS_CACHE
, NULL
);
460 pthread_cleanup_pop (1);
464 set_timeout (const char *filename
, int timeout
, int defer
, int force
)
466 MUTEX_LOCK (&cache_mutex
);
467 file_cache_t
*p
= get_entry (filename
);
472 MUTEX_UNLOCK (&cache_mutex
);
473 return GPG_ERR_NOT_FOUND
;
477 if (!p
->defer_clear
&& (p
->timeout
== -1 || force
))
478 p
->timeout
= timeout
;
480 if (!timeout
|| defer
)
482 rc
= clear_once (p
, 1);
484 send_status_all (STATUS_CACHE
, NULL
);
487 MUTEX_UNLOCK (&cache_mutex
);
492 cache_set_data (const char *filename
, struct cache_data_s
* data
)
494 MUTEX_LOCK (&cache_mutex
);
495 gpg_error_t rc
= GPG_ERR_NO_DATA
;
496 file_cache_t
*p
= get_entry (filename
);
501 rc
= set_timeout (filename
, p
->reset
, p
->defer_clear
, 0);
502 if (!rc
&& !p
->reset
)
505 send_status_all (STATUS_CACHE
, NULL
);
508 rc
= extract_keygrips (p
);
511 MUTEX_UNLOCK (&cache_mutex
);
512 return p
&& !rc
? 0 : rc
;
515 struct cache_data_s
*
516 cache_get_data (const char *filename
)
518 MUTEX_LOCK (&cache_mutex
);
519 file_cache_t
*p
= get_entry (filename
);
521 MUTEX_UNLOCK (&cache_mutex
);
522 return p
? p
->data
: NULL
;
526 cache_add_file (const char *filename
, struct cache_data_s
*data
, int timeout
)
528 MUTEX_LOCK (&cache_mutex
);
529 file_cache_t
*p
= get_entry (filename
);
537 rc
= set_timeout (filename
, timeout
, p
->defer_clear
, 0);
538 MUTEX_UNLOCK (&cache_mutex
);
539 send_status_all (STATUS_CACHE
, NULL
);
542 rc
= extract_keygrips (p
);
547 p
= xcalloc (1, sizeof (file_cache_t
));
550 MUTEX_UNLOCK (&cache_mutex
);
551 return GPG_ERR_ENOMEM
;
554 p
->mutex
= (pthread_mutex_t
*) xmalloc (sizeof (pthread_mutex_t
));
558 MUTEX_UNLOCK (&cache_mutex
);
559 return GPG_ERR_ENOMEM
;
562 pthread_mutexattr_t attr
;
563 pthread_mutexattr_init (&attr
);
564 pthread_mutexattr_settype (&attr
, PTHREAD_MUTEX_RECURSIVE
);
565 pthread_mutex_init (p
->mutex
, &attr
);
566 pthread_mutexattr_destroy (&attr
);
567 p
->filename
= str_dup (filename
);
570 new = slist_append (key_cache
, p
);
573 pthread_mutex_destroy (p
->mutex
);
576 MUTEX_UNLOCK (&cache_mutex
);
577 return GPG_ERR_ENOMEM
;
581 rc
= cache_set_timeout(filename
, timeout
);
582 MUTEX_UNLOCK (&cache_mutex
);
583 send_status_all (STATUS_CACHE
, NULL
);
586 rc
= extract_keygrips (p
);
592 cache_clear_agent_keys (const char *filename
, int decrypt
, int sign
)
594 MUTEX_LOCK (&cache_mutex
);
597 file_cache_t
*p
= get_entry (filename
);
601 MUTEX_UNLOCK (&cache_mutex
);
602 return GPG_ERR_NOT_FOUND
;
605 for (key
= p
->grip
; decrypt
&& key
&& *key
; key
++)
607 rc
= agent_command (cache_agent
, NULL
, NULL
,
608 "CLEAR_PASSPHRASE --mode=normal %s", *key
);
613 for (key
= p
->siggrip
; sign
&& key
&& *key
; key
++)
615 rc
= agent_command (cache_agent
, NULL
, NULL
,
616 "CLEAR_PASSPHRASE --mode=normal %s", *key
);
621 MUTEX_UNLOCK (&cache_mutex
);
626 clear_once (file_cache_t
*p
, int agent
)
628 gpg_error_t rc
= 0, trc
;
631 rc
= cache_clear_agent_keys (p
->filename
, 1, 1);
633 trc
= free_cache_data (p
);
634 return rc
? rc
: trc
;
638 free_entry (file_cache_t
*p
, int agent
)
645 rc
= clear_once (p
, agent
);
647 log_write ("%s(): %s", __FUNCTION__
, pwmd_strerror (rc
));
651 pthread_mutex_destroy (p
->mutex
);
656 strv_free (p
->siggrip
);
658 key_cache
= slist_remove (key_cache
, p
);
663 cache_clear (struct client_s
*client
, const char *filename
, int agent
)
666 gpg_error_t rc
= 0, all_rc
= 0;
669 MUTEX_LOCK (&cache_mutex
);
673 p
= get_entry (filename
);
676 MUTEX_UNLOCK (&cache_mutex
);
680 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
681 rc
= clear_once (p
, agent
);
682 pthread_cleanup_pop (1);
684 log_write ("%s(): %s", __FUNCTION__
, pwmd_strerror (rc
));
689 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
690 t
= slist_length (key_cache
);
691 for (i
= 0; i
< t
; i
++)
693 p
= slist_nth_data (key_cache
, i
);
697 assuan_peercred_t peer
;
698 int n
= client
->no_access_param
;
700 client
->no_access_param
= 1;
701 rc
= do_validate_peer (client
->ctx
, p
->filename
, &peer
);
702 client
->no_access_param
= n
;
703 if (rc
== GPG_ERR_FORBIDDEN
)
704 rc
= peer_is_invoker (client
);
708 all_rc
= !all_rc
? rc
: all_rc
;
713 clear_once (p
, agent
);
716 pthread_cleanup_pop (1);
721 cache_iscached (const char *filename
, int *defer
, int agent
, int sign
)
726 return GPG_ERR_INV_PARAMETER
;
728 MUTEX_LOCK (&cache_mutex
);
729 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
730 rc
= iscached (filename
, defer
, agent
, sign
);
731 pthread_cleanup_pop (1);
733 /* Test if the data file disappeared from the filesystem. */
734 if ((!rc
|| gpg_err_code (rc
) == GPG_ERR_NO_DATA
)
735 && access (filename
, R_OK
) == -1)
737 rc
= gpg_error_from_errno (errno
);
738 if (gpg_err_code (rc
) == GPG_ERR_ENOENT
)
740 /* Fixes clearing the cache entry that was created during OPEN when
741 * SAVE'ing a new file. */
742 if ((defer
&& *defer
== 1) || !defer
)
744 rc
= cache_defer_clear (filename
);
757 cache_defer_clear (const char *filename
)
759 MUTEX_LOCK (&cache_mutex
);
760 file_cache_t
*p
= get_entry (filename
);
764 rc
= GPG_ERR_NOT_FOUND
;
768 MUTEX_UNLOCK (&cache_mutex
);
773 cache_set_timeout (const char *filename
, int timeout
)
775 return set_timeout (filename
, timeout
, 0, 1);
781 MUTEX_LOCK (&cache_mutex
);
782 int i
, t
= slist_length (key_cache
);
784 pthread_cleanup_push (cleanup_mutex_cb
, &cache_mutex
);
785 for (i
= 0; i
< t
; i
++)
787 file_cache_t
*p
= slist_nth_data (key_cache
, i
);
790 t
= slist_length (key_cache
);
794 gcry_free (cache_key
);
798 agent_free (cache_agent
);
800 pthread_cleanup_pop (1);
801 pthread_mutex_destroy (&cache_mutex
);
807 pthread_mutexattr_t attr
;
809 pthread_mutexattr_init (&attr
);
810 pthread_mutexattr_settype (&attr
, PTHREAD_MUTEX_RECURSIVE
);
811 pthread_mutex_init (&cache_mutex
, &attr
);
812 pthread_mutexattr_destroy (&attr
);
820 rc
= agent_init (&cache_agent
);
829 rc
= gcry_cipher_algo_info (GCRY_CIPHER_AES
, GCRYCTL_GET_BLKLEN
, NULL
,
834 rc
= gcry_cipher_algo_info (GCRY_CIPHER_AES
, GCRYCTL_GET_KEYLEN
, NULL
,
839 cache_key
= gcry_malloc (cache_keysize
);
841 return GPG_ERR_ENOMEM
;
843 cache_iv
= xmalloc (cache_blocksize
);
846 gcry_free (cache_key
);
848 return GPG_ERR_ENOMEM
;
851 gcry_create_nonce (cache_key
, cache_keysize
);
852 gcry_create_nonce (cache_iv
, cache_blocksize
);
863 MUTEX_LOCK (&cache_mutex
);
869 MUTEX_UNLOCK (&cache_mutex
);
873 free_cache_data_once (struct cache_data_s
*data
)
878 strv_free (data
->pubkey
);
879 strv_free (data
->sigkey
);
886 cleanup_cipher (void *arg
)
888 gcry_cipher_close ((gcry_cipher_hd_t
) arg
);
892 cache_encrypt (struct crypto_s
*crypto
)
896 size_t len
= crypto
->plaintext_size
;
898 rc
= gcry_cipher_open (&h
, GCRY_CIPHER_AES128
, GCRY_CIPHER_MODE_CBC
, 0);
902 if (len
% cache_blocksize
)
906 len
+= cache_blocksize
- (len
% cache_blocksize
);
907 p
= xrealloc (crypto
->plaintext
, len
* sizeof (unsigned char));
910 gcry_cipher_close (h
);
911 return GPG_ERR_ENOMEM
;
914 crypto
->plaintext
= p
;
915 memset (&crypto
->plaintext
[crypto
->plaintext_size
], 0,
916 len
- crypto
->plaintext_size
);
919 pthread_cleanup_push (cleanup_cipher
, h
);
920 rc
= gcry_cipher_setiv (h
, cache_iv
, cache_blocksize
);
923 rc
= gcry_cipher_setkey (h
, cache_key
, cache_keysize
);
926 unsigned char *buf
= xmalloc (len
);
928 pthread_cleanup_push (xfree
, buf
);
935 rc
= gcry_cipher_encrypt (h
, buf
, len
, crypto
->plaintext
, len
);
938 xfree (crypto
->plaintext
);
939 crypto
->plaintext
= buf
;
940 crypto
->plaintext_size
= len
;
944 pthread_cleanup_pop (rc
!= 0);
948 pthread_cleanup_pop (1);
953 cache_decrypt (struct crypto_s
*crypto
)
955 gcry_cipher_hd_t h
= NULL
;
958 rc
= gcry_cipher_open (&h
, GCRY_CIPHER_AES
, GCRY_CIPHER_MODE_CBC
, 0);
963 rc
= gcry_cipher_setiv (h
, cache_iv
, cache_blocksize
);
966 rc
= gcry_cipher_setkey (h
, cache_key
, cache_keysize
);
968 pthread_cleanup_push (cleanup_cipher
, h
);
972 rc
= gcry_cipher_decrypt (h
, crypto
->plaintext
, crypto
->plaintext_size
,
974 if (rc
|| strncmp ((char *)crypto
->plaintext
, "<?xml ", 6))
977 rc
= GPG_ERR_BAD_DATA
;
981 pthread_cleanup_pop (1);
990 MUTEX_LOCK (&cache_mutex
);
991 rc
= agent_kill_scd (cache_agent
);
992 MUTEX_UNLOCK (&cache_mutex
);