search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Commit 1b59e7d contained a typo that didn't really fix pwmd_command().
[libpwmd.git] / src / libpwmd.c
blob59035c39501e0ed078b616db798826c4a285d384
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <ctype.h>
25 #include <string.h>
26 #include <sys/socket.h>
27 #include <sys/un.h>
28 #include <signal.h>
29 #include <stdarg.h>
30 #include <string.h>
31 #include <sys/wait.h>
32 #include <fcntl.h>
33 #include <pwd.h>
34 #include <time.h>
35 #include <sys/types.h>
36 #include <limits.h>
37 #include <sys/select.h>
38 #include <netdb.h>
39 #include <netinet/in.h>
40 #include <sys/socket.h>
41 #include <libpwmd.h>
42
43 #ifdef HAVE_CONFIG_H
44 #include <config.h>
45 #endif
46
47 #ifdef WITH_LIBPTH
48 #include <pth.h>
49 #endif
50
51 #ifdef WITH_TCP
52 #define DNS_USE_GETTIMEOFDAY_FOR_ID 1
53 #include <ares.h>
54 #include <arpa/nameser.h>
55 #endif
56
57 #ifdef HAVE_ASSUAN_H
58 #include <assuan.h>
59 #endif
60
61 #ifdef HAVE_SETLOCALE
62 #include <locale.h>
63 #endif
64
65 #include "gettext.h"
66 #define N_(msgid) dgettext("libpwmd", msgid)
67
68 #include "mem.h"
69 #include "types.h"
70
71 static char *_getpwuid(struct passwd *pwd)
72 {
73 size_t size = sysconf(_SC_GETPW_R_SIZE_MAX);
74 struct passwd *result;
75 char *buf;
76 int n;
77
78 if (size == -1)
79 size = 16384;
80
81 buf = pwmd_malloc(size);
82
83 if (!buf)
84 return NULL;
85
86 n = getpwuid_r(getuid(), pwd, buf, size, &result);
87
88 if (n) {
89 pwmd_free(buf);
90 errno = n;
91 return NULL;
92 }
93
94 if (!result) {
95 pwmd_free(buf);
96 return NULL;
97 }
98
99 errno = n;
100 return buf;
101 }
102
103 static const char *_pwmd_strerror(gpg_error_t e)
104 {
105 gpg_err_code_t code = gpg_err_code(e);
106
107 if (code >= GPG_ERR_USER_1 && code < gpg_err_code(EPWMD_MAX)) {
108 switch (code) {
109 default:
110 return NULL;
111 case GPG_ERR_USER_1:
112 return N_("Unknown error");
113 case GPG_ERR_USER_2:
114 return N_("No cache slots available");
115 case GPG_ERR_USER_3:
116 return N_("Recursion loop");
117 case GPG_ERR_USER_4:
118 return N_("No file is open");
119 case GPG_ERR_USER_5:
120 return N_("General LibXML error");
121 case GPG_ERR_USER_6:
122 return N_("File modified");
123 }
124 }
125
126 return NULL;
127 }
128
129 const char *pwmd_strerror(gpg_error_t code)
130 {
131 const char *p = _pwmd_strerror(code);
132
133 return p ? p : gpg_strerror(code);
134 }
135
136 int pwmd_strerror_r(gpg_error_t code, char *buf, size_t size)
137 {
138 const char *p = _pwmd_strerror(code);
139
140 if (p) {
141 snprintf(buf, size, "%s", p);
142
143 if (strlen(p) > size)
144 return ERANGE;
145
146 return 0;
147 }
148
149 return gpg_strerror_r(code, buf, size);
150 }
151
152 gpg_error_t pwmd_init()
153 {
154 static int initialized;
155
156 if (initialized)
157 return 0;
158
159 #ifndef MEM_DEBUG
160 xmem_init();
161 #endif
162 #ifdef ENABLE_NLS
163 bindtextdomain("libpwmd", LOCALEDIR);
164 #endif
165 gpg_err_init();
166 assuan_set_malloc_hooks(pwmd_malloc, pwmd_realloc, pwmd_free);
167 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT);
168 initialized = 1;
169 return 0;
170 }
171
172 static gpg_error_t _socket_connect_finalize(pwm_t *pwm)
173 {
174 int active[2];
175 int n = assuan_get_active_fds(pwm->ctx, 0, active, N_ARRAY(active));
176 gpg_error_t rc;
177 char *result;
178
179 if (n <= 0)
180 return GPG_ERR_EBADFD;
181
182 pwm->fd = active[0];
183 #ifdef WITH_PINENTRY
184 pwm->pid = -1;
185 #endif
186 assuan_set_pointer(pwm->ctx, pwm);
187
188 if (pwm->name) {
189 rc = pwmd_command(pwm, NULL, "OPTION CLIENT NAME=%s", pwm->name);
190
191 if (rc)
192 return rc;
193 }
194
195 rc = pwmd_command(pwm, &result, "VERSION");
196
197 if (rc && rc != GPG_ERR_ASS_UNKNOWN_CMD)
198 return rc;
199
200 if (rc)
201 pwm->version = PWMD_V1;
202 else
203 pwm->version = PWMD_V2;
204
205 pwmd_free(result);
206 return 0;
207 }
208
209 #ifdef WITH_TCP
210 static int read_hook(assuan_context_t ctx, assuan_fd_t fd, void *data,
211 size_t len, ssize_t *ret)
212 {
213 pwm_t *pwm = assuan_get_pointer(ctx);
214 int n = 0;
215
216 if (!pwm || !pwm->tcp_conn)
217 #ifdef WITH_LIBPTH
218 *ret = pth_read((int)fd, data, len);
219 #else
220 *ret = read((int)fd, data, len);
221 #endif
222 else {
223 do {
224 *ret = libssh2_channel_read(pwm->tcp_conn->channel, data, len);
225 n = libssh2_session_last_errno(pwm->tcp_conn->session);
226 } while (n == LIBSSH2_ERROR_EAGAIN);
227 }
228
229 return !n && *ret != -1 ? 1 : 0;
230 }
231
232 static int write_hook(assuan_context_t ctx, assuan_fd_t fd, const void *data,
233 size_t len, ssize_t *ret)
234 {
235 pwm_t *pwm = assuan_get_pointer(ctx);
236 int n = 0;
237
238 if (!pwm || !pwm->tcp_conn)
239 #ifdef WITH_LIBPTH
240 *ret = pth_write((int)fd, data, len);
241 #else
242 *ret = write((int)fd, data, len);
243 #endif
244 else {
245 do {
246 *ret = libssh2_channel_write(pwm->tcp_conn->channel, data, len);
247 n = libssh2_session_last_errno(pwm->tcp_conn->session);
248 } while (n == LIBSSH2_ERROR_EAGAIN);
249 }
250
251 return !n && *ret != -1 ? 1 : 0;
252 }
253
254 static void _ssh_deinit(pwmd_tcp_conn_t *conn);
255 static void free_tcp_conn(pwmd_tcp_conn_t *conn)
256 {
257 if (!conn)
258 return;
259
260 if (conn->username) {
261 pwmd_free(conn->username);
262 conn->username = NULL;
263 }
264
265 if (conn->known_hosts) {
266 pwmd_free(conn->known_hosts);
267 conn->known_hosts = NULL;
268 }
269
270 if (conn->identity) {
271 pwmd_free(conn->identity);
272 conn->identity = NULL;
273 }
274
275 if (conn->identity_pub) {
276 pwmd_free(conn->identity_pub);
277 conn->identity_pub = NULL;
278 }
279
280 if (conn->host) {
281 pwmd_free(conn->host);
282 conn->host = NULL;
283 }
284
285 if (conn->hostkey) {
286 pwmd_free(conn->hostkey);
287 conn->hostkey = NULL;
288 }
289
290 if (conn->chan) {
291 ares_destroy(conn->chan);
292 conn->chan = NULL;
293 }
294
295 if (conn->he) {
296 ares_free_hostent(conn->he);
297 conn->he = NULL;
298 }
299
300 if (conn->fd >= 0) {
301 close(conn->fd);
302 conn->fd = -1;
303 }
304
305 if (conn->session)
306 _ssh_deinit(conn);
307 else
308 pwmd_free(conn);
309 }
310
311 static void _ssh_deinit(pwmd_tcp_conn_t *conn)
312 {
313 if (!conn)
314 return;
315
316 if (conn->channel)
317 libssh2_channel_free(conn->channel);
318
319 if (conn->session) {
320 libssh2_session_disconnect(conn->session, "Bye!");
321 libssh2_session_free(conn->session);
322 }
323
324 conn->session = NULL;
325 conn->channel = NULL;
326 free_tcp_conn(conn);
327 }
328
329 static void _ssh_assuan_deinit(assuan_context_t ctx)
330 {
331 pwm_t *pwm = assuan_get_pointer(ctx);
332
333 pwm->tcp_conn->fd = -1;
334 _ssh_deinit(pwm->tcp_conn);
335 pwm->tcp_conn = NULL;
336 }
337
338 /*
339 * Sets common options from both pwmd_ssh_connect() and
340 * pwmd_ssh_connect_async().
341 */
342 static gpg_error_t init_tcp_conn(pwmd_tcp_conn_t **dst, const char *host,
343 int port, const char *identity, const char *user, const char *hosts,
344 int get)
345 {
346 pwmd_tcp_conn_t *conn;
347 gpg_error_t rc = 0;
348
349 if (get) {
350 if (!host)
351 return GPG_ERR_INV_ARG;
352 }
353 else {
354 if (!host || !identity || !hosts)
355 return GPG_ERR_INV_ARG;
356 }
357
358 conn = pwmd_calloc(1, sizeof(pwmd_tcp_conn_t));
359
360 if (!conn)
361 return gpg_error_from_errno(ENOMEM);
362
363 conn->port = port == -1 ? 22 : port;
364 conn->host = pwmd_strdup(host);
365
366 if (!conn->host) {
367 rc = gpg_error_from_errno(ENOMEM);
368 goto fail;
369 }
370
371 if (!get) {
372 struct passwd pw;
373 char *pwbuf = _getpwuid(&pw);
374
375 if (!pwbuf) {
376 rc = gpg_error_from_errno(errno);
377 goto fail;
378 }
379
380 conn->username = pwmd_strdup(user ? user : pw.pw_name);
381 pwmd_free(pwbuf);
382
383 if (!conn->username) {
384 rc = gpg_error_from_errno(ENOMEM);
385 goto fail;
386 }
387
388 conn->identity = pwmd_strdup(identity);
389
390 if (!conn->identity) {
391 rc = gpg_error_from_errno(ENOMEM);
392 goto fail;
393 }
394
395 conn->identity_pub = pwmd_malloc(strlen(conn->identity)+5);
396
397 if (!conn->identity_pub) {
398 rc = gpg_error_from_errno(ENOMEM);
399 goto fail;
400 }
401
402 sprintf(conn->identity_pub, "%s.pub", conn->identity);
403 conn->known_hosts = pwmd_strdup(hosts);
404
405 if (!conn->known_hosts) {
406 rc = gpg_error_from_errno(ENOMEM);
407 goto fail;
408 }
409 }
410
411 *dst = conn;
412 return 0;
413
414 fail:
415 free_tcp_conn(conn);
416 return rc;
417 }
418
419 static gpg_error_t do_connect(pwm_t *pwm, int prot, void *addr)
420 {
421 struct sockaddr_in their_addr;
422
423 pwm->tcp_conn->fd = socket(prot, SOCK_STREAM, 0);
424
425 if (pwm->tcp_conn->fd == -1)
426 return gpg_error_from_syserror();
427
428 if (pwm->tcp_conn->async)
429 fcntl(pwm->tcp_conn->fd, F_SETFL, O_NONBLOCK);
430
431 pwm->cmd = ASYNC_CMD_CONNECT;
432 their_addr.sin_family = prot;
433 their_addr.sin_port = htons(pwm->tcp_conn->port);
434 their_addr.sin_addr = *((struct in_addr *)addr);
435 memset(their_addr.sin_zero, '\0', sizeof their_addr.sin_zero);
436
437 #ifdef WITH_LIBPTH
438 if (pth_connect(pwm->tcp_conn->fd, (struct sockaddr *)&their_addr,
439 sizeof(their_addr)) == -1)
440 #else
441 if (connect(pwm->tcp_conn->fd, (struct sockaddr *)&their_addr,
442 sizeof(their_addr)) == -1)
443 #endif
444 return gpg_error_from_syserror();
445
446 return 0;
447 }
448
449 static gpg_error_t ares_error_to_pwmd(int status)
450 {
451 if (status != ARES_SUCCESS)
452 warnx("%s", ares_strerror(status));
453
454 switch (status) {
455 case ARES_ENODATA:
456 case ARES_EFORMERR:
457 case ARES_ENOTFOUND:
458 return GPG_ERR_UNKNOWN_HOST;
459 case ARES_ESERVFAIL:
460 return GPG_ERR_EHOSTDOWN;
461 case ARES_ETIMEOUT:
462 return GPG_ERR_TIMEOUT;
463 case ARES_ENOMEM:
464 return gpg_error_from_errno(ENOMEM);
465 case ARES_ECONNREFUSED:
466 return GPG_ERR_ECONNREFUSED;
467 default:
468 /* FIXME ??? */
469 return GPG_ERR_EHOSTUNREACH;
470 }
471
472 return ARES_SUCCESS;
473 }
474
475 static void dns_resolve_cb(void *arg, int status, int timeouts,
476 unsigned char *abuf, int alen)
477 {
478 pwm_t *pwm = arg;
479 int rc;
480 struct hostent *he;
481
482 if (status == ARES_EDESTRUCTION)
483 return;
484
485 if (status != ARES_SUCCESS) {
486 pwm->tcp_conn->rc = ares_error_to_pwmd(status);
487 return;
488 }
489
490 /* Check for an IPv6 address first. */
491 if (pwm->prot == PWMD_IP_ANY || pwm->prot == PWMD_IPV6)
492 rc = ares_parse_aaaa_reply(abuf, alen, &he, NULL, NULL);
493 else
494 rc = ares_parse_a_reply(abuf, alen, &he, NULL, NULL);
495
496 if (rc != ARES_SUCCESS) {
497 if (pwm->prot != PWMD_IP_ANY || rc != ARES_ENODATA) {
498 pwm->tcp_conn->rc = ares_error_to_pwmd(status);
499 return;
500 }
501
502 rc = ares_parse_a_reply(abuf, alen, &he, NULL, NULL);
503
504 if (rc != ARES_SUCCESS) {
505 pwm->tcp_conn->rc = ares_error_to_pwmd(status);
506 return;
507 }
508 }
509
510 pwm->tcp_conn->he = he;
511 pwm->tcp_conn->rc = do_connect(pwm, he->h_addrtype, he->h_addr);
512 }
513
514 static gpg_error_t _do_pwmd_tcp_connect_async(pwm_t *pwm, const char *host,
515 int port, const char *identity, const char *user,
516 const char *known_hosts, pwmd_async_cmd_t which)
517 {
518 pwmd_tcp_conn_t *conn;
519 gpg_error_t rc;
520
521 if (!pwm)
522 return GPG_ERR_INV_ARG;
523
524 rc = init_tcp_conn(&conn, host, port, identity, user, known_hosts,
525 which == ASYNC_CMD_HOSTKEY ? 1 : 0);
526
527 if (rc)
528 return rc;
529
530 conn->async = 1;
531 pwm->tcp_conn = conn;
532 pwm->tcp_conn->cmd = which;
533
534 if (pwm->tcp_conn->cmd == ASYNC_CMD_HOSTKEY)
535 pwm->tcp_conn->get_only = 1;
536
537 pwm->cmd = ASYNC_CMD_DNS;
538 pwm->state = ASYNC_PROCESS;
539 ares_init(&pwm->tcp_conn->chan);
540 ares_query(pwm->tcp_conn->chan, pwm->tcp_conn->host, ns_c_any, ns_t_any,
541 dns_resolve_cb, pwm);
542 return 0;
543 }
544
545 gpg_error_t pwmd_ssh_connect_async(pwm_t *pwm, const char *host, int port,
546 const char *identity, const char *user, const char *known_hosts)
547 {
548 return _do_pwmd_tcp_connect_async(pwm, host, port, identity, user,
549 known_hosts, ASYNC_CMD_CONNECT);
550 }
551
552 static void *_ssh_malloc(size_t size, void **data)
553 {
554 return pwmd_malloc(size);
555 }
556
557 static void _ssh_free(void *ptr, void **data)
558 {
559 pwmd_free(ptr);
560 }
561
562 static void *_ssh_realloc(void *ptr, size_t size, void **data)
563 {
564 return pwmd_realloc(ptr, size);
565 }
566
567 static char *to_hex(const char *str, size_t slen)
568 {
569 int i;
570 char *buf = pwmd_malloc(slen*2+1);
571
572 if (!buf)
573 return NULL;
574
575 for (i = 0, buf[0] = 0; i < slen; i++) {
576 char tmp[3];
577
578 sprintf(tmp, "%02x", (unsigned char)str[i]);
579 strcat(buf, tmp);
580 }
581
582 return buf;
583 }
584
585 static int verify_host_key(pwm_t *pwm)
586 {
587 FILE *fp = fopen(pwm->tcp_conn->known_hosts, "r");
588 char *buf, *p;
589
590 if (!fp)
591 return 1;
592
593 buf = pwmd_malloc(LINE_MAX);
594
595 if (!buf)
596 goto fail;
597
598 while ((p = fgets(buf, LINE_MAX, fp))) {
599 if (*p == '#' || isspace(*p))
600 continue;
601
602 if (p[strlen(p)-1] == '\n')
603 p[strlen(p)-1] = 0;
604
605 if (!strcmp(buf, pwm->tcp_conn->hostkey))
606 goto done;
607 }
608
609 fail:
610 if (buf)
611 pwmd_free(buf);
612
613 fclose(fp);
614 return 1;
615
616 done:
617 pwmd_free(buf);
618 fclose(fp);
619 return 0;
620 }
621
622 static gpg_error_t authenticate_ssh(pwm_t *pwm)
623 {
624 const char *fp = libssh2_hostkey_hash(pwm->tcp_conn->session,
625 LIBSSH2_HOSTKEY_HASH_SHA1);
626 char *userauth;
627
628 pwm->tcp_conn->hostkey = to_hex(fp, 20);
629
630 if (!pwm->tcp_conn->hostkey)
631 return gpg_error_from_errno(ENOMEM);
632
633 if (pwm->tcp_conn->get_only)
634 return 0;
635
636 if (!fp || verify_host_key(pwm))
637 return GPG_ERR_CHECKSUM;
638
639 userauth = libssh2_userauth_list(pwm->tcp_conn->session,
640 pwm->tcp_conn->username, strlen(pwm->tcp_conn->username));
641
642 if (!userauth || !strstr(userauth, "publickey"))
643 return GPG_ERR_BAD_PIN_METHOD;
644
645 if (libssh2_userauth_publickey_fromfile(pwm->tcp_conn->session,
646 pwm->tcp_conn->username, pwm->tcp_conn->identity_pub,
647 pwm->tcp_conn->identity, NULL))
648 return GPG_ERR_BAD_SECKEY;
649
650 return 0;
651 }
652
653 static gpg_error_t setup_tcp_session(pwm_t *pwm)
654 {
655 assuan_context_t ctx;
656 struct assuan_io_hooks io_hooks = {read_hook, write_hook};
657 gpg_error_t rc;
658
659 pwm->tcp_conn->session = libssh2_session_init_ex(_ssh_malloc, _ssh_free,
660 _ssh_realloc, NULL);
661
662 if (!pwm->tcp_conn->session) {
663 rc = gpg_error_from_errno(ENOMEM);
664 goto fail;
665 }
666
667 if (libssh2_session_startup(pwm->tcp_conn->session, pwm->tcp_conn->fd)) {
668 rc = GPG_ERR_ASSUAN_SERVER_FAULT;
669 goto fail;
670 }
671
672 rc = authenticate_ssh(pwm);
673
674 if (rc)
675 goto fail;
676
677 /* pwmd_get_hostkey(). */
678 if (pwm->tcp_conn->get_only) {
679 pwm->result = pwmd_strdup(pwm->tcp_conn->hostkey);
680
681 if (!pwm->result) {
682 rc = gpg_error_from_errno(ENOMEM);
683 goto fail;
684 }
685
686 return 0;
687 }
688
689 pwm->tcp_conn->channel = libssh2_channel_open_session(pwm->tcp_conn->session);
690
691 if (!pwm->tcp_conn->channel) {
692 rc = GPG_ERR_ASSUAN_SERVER_FAULT;
693 goto fail;
694 }
695
696 if (libssh2_channel_shell(pwm->tcp_conn->channel)) {
697 rc = GPG_ERR_ASSUAN_SERVER_FAULT;
698 goto fail;
699 }
700
701 assuan_set_io_hooks(&io_hooks);
702 rc = assuan_socket_connect_fd(&ctx, pwm->tcp_conn->fd, 0, pwm);
703
704 if (rc)
705 goto fail;
706
707 assuan_set_finish_handler(ctx, _ssh_assuan_deinit);
708 pwm->ctx = ctx;
709 return _socket_connect_finalize(pwm);
710
711 fail:
712 free_tcp_conn(pwm->tcp_conn);
713 pwm->tcp_conn = NULL;
714 return rc;
715 }
716
717 static gpg_error_t _do_pwmd_tcp_connect(pwm_t *pwm, const char *host, int port,
718 const char *identity, const char *user, const char *known_hosts, int get)
719 {
720 pwmd_tcp_conn_t *conn;
721 gpg_error_t rc;
722
723 if (!pwm)
724 return GPG_ERR_INV_ARG;
725
726 rc = init_tcp_conn(&conn, host, port, identity, user, known_hosts, get);
727
728 if (rc)
729 return rc;
730
731 pwm->tcp_conn = conn;
732 pwm->tcp_conn->get_only = get;
733 pwm->cmd = ASYNC_CMD_DNS;
734 ares_init(&pwm->tcp_conn->chan);
735 ares_query(pwm->tcp_conn->chan, pwm->tcp_conn->host, ns_c_any, ns_t_any,
736 dns_resolve_cb, pwm);
737
738 /* dns_resolve_cb() may have already been called. */
739 if (pwm->tcp_conn->rc) {
740 rc = pwm->tcp_conn->rc;
741 goto fail;
742 }
743
744 /*
745 * Fake a blocking DNS lookup. libcares does a better job than
746 * getaddrinfo().
747 */
748 do {
749 fd_set rfds, wfds;
750 int n;
751 struct timeval tv;
752
753 FD_ZERO(&rfds);
754 FD_ZERO(&wfds);
755 n = ares_fds(pwm->tcp_conn->chan, &rfds, &wfds);
756 ares_timeout(pwm->tcp_conn->chan, NULL, &tv);
757 #ifdef WITH_LIBPTH
758 n = pth_select(n, &rfds, &wfds, NULL, &tv);
759 #else
760 n = select(n, &rfds, &wfds, NULL, &tv);
761 #endif
762
763 if (n == -1) {
764 rc = gpg_error_from_syserror();
765 goto fail;
766 }
767 else if (n == 0) {
768 rc = GPG_ERR_TIMEOUT;
769 goto fail;
770 }
771
772 ares_process(pwm->tcp_conn->chan, &rfds, &wfds);
773
774 if (pwm->tcp_conn->rc)
775 break;
776 } while (pwm->cmd == ASYNC_CMD_DNS);
777
778 if (pwm->tcp_conn->rc) {
779 rc = pwm->tcp_conn->rc;
780 goto fail;
781 }
782
783 return setup_tcp_session(pwm);
784
785 fail:
786 return rc;
787 }
788
789 gpg_error_t pwmd_ssh_connect(pwm_t *pwm, const char *host, int port,
790 const char *identity, const char *user, const char *known_hosts)
791 {
792 return _do_pwmd_tcp_connect(pwm, host, port, identity, user, known_hosts, 0);
793 }
794
795 gpg_error_t pwmd_get_hostkey(pwm_t *pwm, const char *host, int port,
796 char **result)
797 {
798 char *hostkey;
799 gpg_error_t rc;
800
801 rc = _do_pwmd_tcp_connect(pwm, host, port, NULL, NULL, NULL, 1);
802
803 if (rc)
804 return rc;
805
806 hostkey = pwmd_strdup(pwm->tcp_conn->hostkey);
807
808 if (!hostkey)
809 rc = gpg_error_from_errno(ENOMEM);
810
811 *result = hostkey;
812 return rc;
813 }
814
815 gpg_error_t pwmd_get_hostkey_async(pwm_t *pwm, const char *host, int port)
816 {
817 return _do_pwmd_tcp_connect_async(pwm, host, port, NULL, NULL, NULL,
818 ASYNC_CMD_HOSTKEY);
819 }
820 #endif
821
822 gpg_error_t pwmd_connect(pwm_t *pwm, const char *path)
823 {
824 char *socketpath = NULL;
825 assuan_context_t ctx;
826 struct passwd pw;
827 char *pwbuf;
828 gpg_error_t rc;
829
830 if (!pwm)
831 return GPG_ERR_INV_ARG;
832
833 pwbuf = _getpwuid(&pw);
834
835 if (!pwbuf)
836 return gpg_error_from_errno(errno);
837
838 if (!path) {
839 socketpath = (char *)pwmd_malloc(strlen(pw.pw_dir) + strlen("/.pwmd/socket") + 1);
840 sprintf(socketpath, "%s/.pwmd/socket", pw.pw_dir);
841 }
842 else
843 socketpath = pwmd_strdup(path);
844
845 pwmd_free(pwbuf);
846 rc = assuan_socket_connect_ext(&ctx, socketpath, -1, 0);
847 pwmd_free(socketpath);
848
849 if (rc)
850 return rc;
851
852 pwm->ctx = ctx;
853 return _socket_connect_finalize(pwm);
854 }
855
856 void pwmd_close(pwm_t *pwm)
857 {
858 if (!pwm)
859 return;
860
861 if (pwm->ctx)
862 assuan_disconnect(pwm->ctx);
863
864 if (pwm->password)
865 pwmd_free(pwm->password);
866
867 if (pwm->title)
868 pwmd_free(pwm->title);
869
870 if (pwm->desc)
871 pwmd_free(pwm->desc);
872
873 if (pwm->prompt)
874 pwmd_free(pwm->prompt);
875
876 if (pwm->pinentry_tty)
877 pwmd_free(pwm->pinentry_tty);
878
879 if (pwm->pinentry_display)
880 pwmd_free(pwm->pinentry_display);
881
882 if (pwm->pinentry_term)
883 pwmd_free(pwm->pinentry_term);
884
885 if (pwm->lcctype)
886 pwmd_free(pwm->lcctype);
887
888 if (pwm->lcmessages)
889 pwmd_free(pwm->lcmessages);
890
891 if (pwm->filename)
892 pwmd_free(pwm->filename);
893
894 if (pwm->name)
895 pwmd_free(pwm->name);
896
897 #ifdef WITH_TCP
898 if (pwm->tcp_conn)
899 free_tcp_conn(pwm->tcp_conn);
900 #endif
901
902 pwmd_free(pwm);
903 }
904
905 static int mem_realloc_cb(void *data, const void *buffer, size_t len)
906 {
907 membuf_t *mem = (membuf_t *)data;
908 void *p;
909
910 if (!buffer)
911 return 0;
912
913 if ((p = pwmd_realloc(mem->buf, mem->len + len)) == NULL)
914 return 1;
915
916 mem->buf = p;
917 memcpy((char *)mem->buf + mem->len, buffer, len);
918 mem->len += len;
919 return 0;
920 }
921
922 static int _inquire_cb(void *data, const char *keyword)
923 {
924 pwm_t *pwm = (pwm_t *)data;
925 gpg_error_t rc = 0;
926 int flags = fcntl(pwm->fd, F_GETFL);
927
928 /* Shouldn't get this far without a callback. */
929 if (!pwm->inquire_func)
930 return GPG_ERR_INV_ARG;
931
932 /*
933 * Since the socket file descriptor is probably set to non-blocking, set to
934 * blocking to prevent GPG_ERR_EAGAIN errors. This should be fixed when
935 * asynchronous INQUIRE is supported by either libassuan or a later
936 * libpwmd.
937 */
938 fcntl(pwm->fd, F_SETFL, 0);
939
940 for (;;) {
941 char *result = NULL;
942 size_t len;
943 gpg_error_t arc;
944
945 rc = pwm->inquire_func(pwm->inquire_data, keyword, rc, &result, &len);
946 rc = gpg_err_code(rc);
947
948 if (rc == GPG_ERR_EOF || !rc) {
949 if (len <= 0 || !result) {
950 rc = 0;
951 break;
952 }
953
954 arc = assuan_send_data(pwm->ctx, result, len);
955
956 if (rc == GPG_ERR_EOF) {
957 rc = arc;
958 break;
959 }
960
961 rc = arc;
962 }
963 else if (rc)
964 break;
965 }
966
967 fcntl(pwm->fd, F_SETFL, flags);
968 return rc;
969 }
970
971 static gpg_error_t do_nb_command(pwm_t *pwm, const char *cmd, ...)
972 {
973 char *buf;
974 gpg_error_t rc;
975 va_list ap;
976
977 if (pwm->state == ASYNC_DONE)
978 pwm->state = ASYNC_INIT;
979
980 if (pwm->state != ASYNC_INIT)
981 return GPG_ERR_INV_STATE;
982
983 buf = pwmd_malloc(ASSUAN_LINELENGTH+1);
984
985 if (!buf)
986 return gpg_error_from_errno(ENOMEM);
987
988 va_start(ap, cmd);
989 vsnprintf(buf, ASSUAN_LINELENGTH, cmd, ap);
990 va_end(ap);
991 rc = assuan_write_line(pwm->ctx, buf);
992 pwmd_free(buf);
993
994 if (!rc)
995 pwm->state = ASYNC_PROCESS;
996
997 return rc;
998 }
999
1000 gpg_error_t pwmd_open_async(pwm_t *pwm, const char *filename)
1001 {
1002 if (!pwm || !filename)
1003 return GPG_ERR_INV_ARG;
1004
1005 if (!pwm->ctx)
1006 return GPG_ERR_INV_STATE;
1007
1008 if (pwm->cmd != ASYNC_CMD_OPEN) {
1009 gpg_error_t rc;
1010
1011 pwm->pin_try = 0;
1012
1013 if (pwm->filename)
1014 pwmd_free(pwm->filename);
1015
1016 pwm->filename = pwmd_strdup(filename);
1017
1018 rc = send_pinentry_options(pwm);
1019
1020 if (rc)
1021 return rc;
1022 }
1023
1024 pwm->cmd = ASYNC_CMD_OPEN;
1025 return do_nb_command(pwm, "OPEN %s %s", filename,
1026 pwm->password ? pwm->password : "");
1027 }
1028
1029 gpg_error_t pwmd_save_async(pwm_t *pwm)
1030 {
1031 gpg_error_t rc;
1032
1033 if (!pwm)
1034 return GPG_ERR_INV_ARG;
1035
1036 if (!pwm->ctx)
1037 return GPG_ERR_INV_STATE;
1038
1039 rc = send_pinentry_options(pwm);
1040
1041 if (rc)
1042 return rc;
1043
1044 pwm->cmd = ASYNC_CMD_SAVE;
1045 return do_nb_command(pwm, "SAVE %s", pwm->password ? pwm->password : "");
1046 }
1047
1048 static gpg_error_t parse_assuan_line(pwm_t *pwm)
1049 {
1050 gpg_error_t rc;
1051 char *line;
1052 size_t len;
1053
1054 rc = assuan_read_line(pwm->ctx, &line, &len);
1055
1056 if (!rc) {
1057 if (line[0] == 'O' && line[1] == 'K' &&
1058 (line[2] == 0 || line[2] == ' ')) {
1059 pwm->state = ASYNC_DONE;
1060 }
1061 else if (line[0] == '#') {
1062 }
1063 else if (line[0] == 'S' && (line[1] == 0 || line[1] == ' ')) {
1064 if (pwm->status_func) {
1065 pwm->status_func(pwm->status_data,
1066 line[1] == 0 ? line+1 : line+2);
1067 }
1068 }
1069 else if (line[0] == 'E' && line[1] == 'R' && line[2] == 'R' &&
1070 (line[3] == 0 || line[3] == ' ')) {
1071 line += 4;
1072 rc = atoi(line);
1073 pwm->state = ASYNC_DONE;
1074 }
1075 }
1076
1077 return rc;
1078 }
1079
1080 gpg_error_t pwmd_pending_line(pwm_t *pwm)
1081 {
1082 if (!pwm)
1083 return GPG_ERR_INV_ARG;
1084
1085 if (!pwm->ctx)
1086 return GPG_ERR_INV_STATE;
1087
1088 return assuan_pending_line(pwm->ctx) ? 0 : GPG_ERR_NO_DATA;
1089 }
1090
1091 static pwmd_async_t reset_async(pwm_t *pwm, int done)
1092 {
1093 pwm->state = ASYNC_INIT;
1094 pwm->cmd = ASYNC_CMD_NONE;
1095
1096 #ifdef WITH_PINENTRY
1097 if (pwm->nb_fd != -1) {
1098 close(pwm->nb_fd);
1099 pwm->nb_fd = -1;
1100 }
1101 #endif
1102 #ifdef WITH_TCP
1103 if (done && pwm->tcp_conn && pwm->tcp_conn->fd != -1) {
1104 close(pwm->tcp_conn->fd);
1105 pwm->tcp_conn->fd = -1;
1106 }
1107 #endif
1108
1109 return ASYNC_DONE;
1110 };
1111
1112 pwmd_async_t pwmd_process(pwm_t *pwm, gpg_error_t *rc, char **result)
1113 {
1114 fd_set fds;
1115 int n;
1116 struct timeval tv = {0, 0};
1117
1118 if (result)
1119 *result = NULL;
1120
1121 if (!rc)
1122 return GPG_ERR_INV_ARG;
1123
1124 *rc = 0;
1125
1126 if (!pwm) {
1127 *rc = GPG_ERR_INV_ARG;
1128 return ASYNC_DONE;
1129 }
1130 else if (!pwm->ctx) {
1131 switch (pwm->cmd) {
1132 default:
1133 *rc = GPG_ERR_INV_STATE;
1134 return ASYNC_DONE;
1135 #ifdef WITH_TCP
1136 case ASYNC_CMD_DNS:
1137 case ASYNC_CMD_CONNECT:
1138 case ASYNC_CMD_HOSTKEY:
1139 break;
1140 #endif
1141 }
1142 }
1143
1144 /* When not in a command, this will let libassuan process status messages
1145 * by calling PWMD_OPTION_STATUS_FUNC. The client can poll the file
1146 * descriptor returned by pwmd_get_fd() to determine when this should be
1147 * called or call pwmd_pending_line() to determine whether a buffered line
1148 * needs to be processed. */
1149 if (pwm->cmd == ASYNC_CMD_NONE) {
1150 *rc = assuan_command(pwm, pwm->ctx, NULL, "NOP");
1151 return ASYNC_DONE;
1152 }
1153
1154 /* Fixes pwmd_open/save_async2() when there is a cached or new file. */
1155 if (pwm->state == ASYNC_DONE) {
1156 reset_async(pwm, 0);
1157 return ASYNC_DONE;
1158 }
1159
1160 if (pwm->state != ASYNC_PROCESS) {
1161 *rc = GPG_ERR_INV_STATE;
1162 return ASYNC_DONE;
1163 }
1164
1165 #ifdef WITH_TCP
1166 if (pwm->cmd == ASYNC_CMD_DNS) {
1167 fd_set rfds, wfds;
1168
1169 if (pwm->tcp_conn->rc) {
1170 *rc = pwm->tcp_conn->rc;
1171 reset_async(pwm, 1);
1172 return ASYNC_DONE;
1173 }
1174
1175 FD_ZERO(&rfds);
1176 FD_ZERO(&wfds);
1177 n = ares_fds(pwm->tcp_conn->chan, &rfds, &wfds);
1178
1179 /* Shouldn't happen. */
1180 if (!n)
1181 return pwm->state;
1182
1183 #ifdef WITH_LIBPTH
1184 n = pth_select(n, &rfds, &wfds, NULL, &tv);
1185 #else
1186 n = select(n, &rfds, &wfds, NULL, &tv);
1187 #endif
1188
1189 if (n > 0)
1190 ares_process(pwm->tcp_conn->chan, &rfds, &wfds);
1191
1192 return pwm->state;
1193 }
1194 else if (pwm->cmd == ASYNC_CMD_CONNECT) {
1195 if (pwm->tcp_conn->rc == GPG_ERR_EINPROGRESS) {
1196 int ret;
1197 socklen_t len = sizeof(int);
1198
1199 FD_ZERO(&fds);
1200 FD_SET(pwm->tcp_conn->fd, &fds);
1201 #ifdef WITH_LIBPTH
1202 n = pth_select(pwm->tcp_conn->fd+1, NULL, &fds, NULL, &tv);
1203 #else
1204 n = select(pwm->tcp_conn->fd+1, NULL, &fds, NULL, &tv);
1205 #endif
1206
1207 if (!n || !FD_ISSET(pwm->tcp_conn->fd, &fds))
1208 return pwm->state;
1209 else if (n == -1) {
1210 *rc = gpg_error_from_syserror();
1211 reset_async(pwm, 1);
1212 return ASYNC_DONE;
1213 }
1214
1215 ret = getsockopt(pwm->tcp_conn->fd, SOL_SOCKET, SO_ERROR, &n, &len);
1216
1217 if (ret || n) {
1218 *rc = ret ? gpg_error_from_syserror() : gpg_error_from_errno(n);
1219 reset_async(pwm, 1);
1220 return ASYNC_DONE;
1221 }
1222 }
1223 else if (pwm->tcp_conn->rc) {
1224 *rc = pwm->tcp_conn->rc;
1225 reset_async(pwm, 1);
1226 return ASYNC_DONE;
1227 }
1228
1229 fcntl(pwm->tcp_conn->fd, F_SETFL, 0);
1230 *rc = setup_tcp_session(pwm);
1231
1232 if (!*rc) {
1233 switch (pwm->tcp_conn->cmd) {
1234 case ASYNC_CMD_HOSTKEY:
1235 if (!*rc)
1236 *result = pwm->result;
1237 break;
1238 default:
1239 break;
1240 }
1241 }
1242
1243 return reset_async(pwm, *rc ? 1 : 0);
1244 }
1245 #endif
1246
1247 #ifdef WITH_PINENTRY
1248 if (pwm->cmd == ASYNC_CMD_OPEN2 || pwm->cmd == ASYNC_CMD_SAVE2) {
1249 int status;
1250
1251 if (pwm->nb_fd == -1) {
1252 *rc = GPG_ERR_INV_STATE;
1253 return reset_async(pwm, 0);
1254 }
1255
1256 FD_ZERO(&fds);
1257 FD_SET(pwm->nb_fd, &fds);
1258 FD_SET(pwm->fd, &fds);
1259 #ifdef WITH_LIBPTH
1260 n = pth_select(pwm->nb_fd+1, &fds, NULL, NULL, &tv);
1261 #else
1262 n = select(pwm->nb_fd+1, &fds, NULL, NULL, &tv);
1263 #endif
1264 if (n == -1) {
1265 *rc = gpg_error_from_syserror();
1266 return reset_async(pwm, 0);
1267 }
1268
1269 if (n > 0 && FD_ISSET(pwm->nb_fd, &fds)) {
1270 pwmd_nb_status_t nb;
1271 #ifdef WITH_LIBPTH
1272 size_t len = pth_read(pwm->nb_fd, &nb, sizeof(nb));
1273 #else
1274 size_t len = read(pwm->nb_fd, &nb, sizeof(nb));
1275 #endif
1276 waitpid(pwm->nb_pid, &status, WNOHANG);
1277
1278 if (len != sizeof(nb)) {
1279 *rc = gpg_error_from_syserror();
1280 return reset_async(pwm, pwm->cmd == ASYNC_CMD_OPEN2 ? 1 : 0);
1281 }
1282
1283 *rc = nb.error;
1284
1285 if (*rc == GPG_ERR_INV_PASSPHRASE && pwm->cmd == ASYNC_CMD_SAVE2) {
1286 reset_async(pwm, 0);
1287 *rc = pwmd_save_async2(pwm);
1288 return ASYNC_PROCESS;
1289 }
1290 else if (*rc)
1291 return reset_async(pwm, pwm->cmd == ASYNC_CMD_OPEN2 ? 1 : 0);
1292
1293 if (pwm->cmd == ASYNC_CMD_SAVE2) {
1294 *rc = do_save_command(pwm, nb.password);
1295 memset(&nb, 0, sizeof(pwmd_nb_status_t));
1296 return reset_async(pwm, 0);
1297 }
1298
1299 if (pwm->cmd == ASYNC_CMD_OPEN2) {
1300 *rc = do_open_command(pwm, pwm->filename, nb.password);
1301 memset(&nb, 0, sizeof(pwmd_nb_status_t));
1302
1303 if (*rc == GPG_ERR_INV_PASSPHRASE) {
1304 if (++pwm->pin_try < pwm->pinentry_tries) {
1305 int n = pwm->pin_try;
1306
1307 reset_async(pwm, 0);
1308 pwm->pin_try = n;
1309 pwm->cmd = ASYNC_CMD_OPEN2;
1310 *rc = pwmd_open_async2(pwm, pwm->filename);
1311
1312 if (*rc)
1313 return reset_async(pwm, 1);
1314
1315 return pwm->state;
1316 }
1317 }
1318
1319 return reset_async(pwm, *rc ? 1 : 0);
1320 }
1321 }
1322
1323 /* Fall through so status messages can be processed during the
1324 * pinentry. */
1325 }
1326 #endif
1327
1328 if (pwm->fd < 0) {
1329 *rc = GPG_ERR_INV_STATE;
1330 return reset_async(pwm, 0);
1331 }
1332
1333 /* This is for the non-blocking OPEN and SAVE commands. */
1334 FD_ZERO(&fds);
1335 FD_SET(pwm->fd, &fds);
1336 #ifdef WITH_LIBPTH
1337 n = pth_select(pwm->fd+1, &fds, NULL, NULL, &tv);
1338 #else
1339 n = select(pwm->fd+1, &fds, NULL, NULL, &tv);
1340 #endif
1341
1342 if (n == -1) {
1343 *rc = gpg_error_from_syserror();
1344 return reset_async(pwm, 0);
1345 }
1346
1347 if (n > 0) {
1348 if (FD_ISSET(pwm->fd, &fds))
1349 *rc = parse_assuan_line(pwm);
1350 }
1351
1352 while (!*rc && assuan_pending_line(pwm->ctx))
1353 *rc = parse_assuan_line(pwm);
1354
1355 /* For pinentry retries. */
1356 if (pwm->cmd == ASYNC_CMD_OPEN &&
1357 gpg_err_code(*rc) == GPG_ERR_INV_PASSPHRASE &&
1358 ++pwm->pin_try < pwm->pinentry_tries) {
1359 pwm->state = ASYNC_INIT;
1360 *rc = pwmd_open_async(pwm, pwm->filename);
1361 }
1362
1363 if (*rc)
1364 return reset_async(pwm, pwm->cmd == ASYNC_CMD_OPEN ? 1 : 0);
1365
1366 if (pwm->state == ASYNC_DONE) {
1367 reset_async(pwm, 0);
1368 return ASYNC_DONE;
1369 }
1370
1371 return pwm->state;
1372 }
1373
1374 static gpg_error_t assuan_command(pwm_t *pwm, assuan_context_t ctx,
1375 char **result, const char *cmd)
1376 {
1377 membuf_t data;
1378 gpg_error_t rc;
1379
1380 data.len = 0;
1381 data.buf = NULL;
1382
1383 rc = assuan_transact(ctx, cmd, mem_realloc_cb, &data, _inquire_cb, pwm,
1384 pwm->status_func, pwm->status_data);
1385
1386 if (rc) {
1387 if (data.buf) {
1388 pwmd_free(data.buf);
1389 data.buf = NULL;
1390 }
1391 }
1392 else {
1393 if (data.buf) {
1394 mem_realloc_cb(&data, "", 1);
1395
1396 if (!result) {
1397 pwmd_free(data.buf);
1398 rc = GPG_ERR_INV_ARG;
1399 }
1400 else
1401 *result = (char *)data.buf;
1402 }
1403 }
1404
1405 return gpg_err_code(rc);
1406 }
1407
1408 gpg_error_t pwmd_inquire(pwm_t *pwm, const char *cmd, pwmd_inquire_cb_t fn,
1409 void *data)
1410 {
1411 if (!pwm || !cmd || !fn)
1412 return GPG_ERR_INV_ARG;
1413
1414 if (!pwm->ctx)
1415 return GPG_ERR_INV_STATE;
1416
1417 pwm->inquire_func = fn;
1418 pwm->inquire_data = data;
1419 return assuan_command(pwm, pwm->ctx, NULL, cmd);
1420 }
1421
1422 #ifdef WITH_PINENTRY
1423 static gpg_error_t terminate_pinentry(pwm_t *pwm)
1424 {
1425 pid_t pid = pwm->pid;
1426
1427 pwm->pid = -1;
1428
1429 if (!pwm || pid == -1)
1430 return GPG_ERR_INV_ARG;
1431
1432 if (kill(pid, 0) == 0) {
1433 if (kill(pid, SIGTERM) == -1) {
1434 if (kill(pid, SIGKILL) == -1)
1435 return gpg_error_from_errno(errno);
1436 }
1437 }
1438 else
1439 return gpg_error_from_errno(errno);
1440
1441 return 0;
1442 }
1443
1444 static gpg_error_t set_pinentry_strings(pwm_t *pwm, int which)
1445 {
1446 char *tmp, *desc;
1447 gpg_error_t error;
1448
1449 tmp = pwmd_malloc(ASSUAN_LINELENGTH+1);
1450
1451 if (!tmp)
1452 return gpg_error_from_errno(ENOMEM);
1453
1454 if (!pwm->title)
1455 pwm->title = pwmd_strdup(N_("Password Manager Daemon"));
1456
1457 if (!pwm->title)
1458 goto fail_no_mem;
1459
1460 if (!pwm->prompt)
1461 pwm->prompt = pwmd_strdup(N_("Passphrase:"));
1462
1463 if (!pwm->prompt)
1464 goto fail_no_mem;
1465
1466 if (!pwm->desc && (which == PINENTRY_OPEN || which == PINENTRY_SAVE)) {
1467 if (which == PINENTRY_OPEN)
1468 desc = pwmd_strdup_printf(N_("A passphrase is required to open the file \"%s\". Please%%0Aenter the passphrase below."), pwm->filename);
1469 else
1470 desc = pwmd_strdup_printf(N_("A passphrase is required to save to the file \"%s\". Please%%0Aenter the passphrase below."), pwm->filename);
1471
1472 if (!desc)
1473 goto fail_no_mem;
1474 }
1475
1476 if (pwm->desc)
1477 desc = pwm->desc;
1478
1479 switch (which) {
1480 case PINENTRY_OPEN:
1481 case PINENTRY_SAVE:
1482 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s", desc);
1483
1484 if (pwm->desc != desc)
1485 pwmd_free(desc);
1486 break;
1487 case PINENTRY_OPEN_FAILED:
1488 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s",
1489 N_("Invalid passphrase, please try again."));
1490 break;
1491 case PINENTRY_SAVE_CONFIRM:
1492 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s",
1493 N_("Please type the passphrase again for confirmation."));
1494 break;
1495 }
1496
1497 error = pinentry_command(pwm, NULL, tmp);
1498
1499 if (error) {
1500 pwmd_free(tmp);
1501 return error;
1502 }
1503
1504 snprintf(tmp, ASSUAN_LINELENGTH, "SETPROMPT %s", pwm->prompt);
1505 error = pinentry_command(pwm, NULL, tmp);
1506
1507 if (error) {
1508 pwmd_free(tmp);
1509 return error;
1510 }
1511
1512 snprintf(tmp, ASSUAN_LINELENGTH, "SETDESC %s", pwm->title);
1513 error = pinentry_command(pwm, NULL, tmp);
1514 pwmd_free(tmp);
1515 return error;
1516
1517 fail_no_mem:
1518 pwmd_free(tmp);
1519 return gpg_error_from_errno(ENOMEM);
1520 }
1521
1522 static void update_pinentry_settings(pwm_t *pwm)
1523 {
1524 FILE *fp;
1525 char buf[LINE_MAX];
1526 char *p;
1527 struct passwd pw;
1528 char *pwbuf = _getpwuid(&pw);
1529
1530 if (!pwbuf)
1531 return;
1532
1533 snprintf(buf, sizeof(buf), "%s/.pwmd/pinentry.conf", pw.pw_dir);
1534 pwmd_free(pwbuf);
1535
1536 if ((fp = fopen(buf, "r")) == NULL)
1537 return;
1538
1539 while ((p = fgets(buf, sizeof(buf), fp)) != NULL) {
1540 char name[32], val[256];
1541
1542 if (sscanf(p, " %31[a-zA-Z] = %255s", name, val) != 2)
1543 continue;
1544
1545 if (strcasecmp(name, "TTYNAME") == 0) {
1546 pwmd_free(pwm->pinentry_tty);
1547 pwm->pinentry_tty = pwmd_strdup(val);
1548 }
1549 else if (strcasecmp(name, "TTYTYPE") == 0) {
1550 pwmd_free(pwm->pinentry_term);
1551 pwm->pinentry_term = pwmd_strdup(val);
1552 }
1553 else if (strcasecmp(name, "DISPLAY") == 0) {
1554 pwmd_free(pwm->pinentry_display);
1555 pwm->pinentry_display = pwmd_strdup(val);
1556 }
1557 else if (strcasecmp(name, "PATH") == 0) {
1558 pwmd_free(pwm->pinentry_path);
1559 pwm->pinentry_path = pwmd_strdup(val);
1560 }
1561 }
1562
1563 fclose(fp);
1564 }
1565
1566 static gpg_error_t launch_pinentry(pwm_t *pwm)
1567 {
1568 int rc;
1569 assuan_context_t ctx;
1570 int child_list[] = {-1};
1571 char *display = getenv("DISPLAY");
1572 const char *argv[10];
1573 const char **p = argv;
1574 int have_display = 0;
1575 char *tty = NULL;
1576 char *ttybuf = NULL;
1577
1578 update_pinentry_settings(pwm);
1579
1580 if (pwm->pinentry_display || display)
1581 have_display = 1;
1582 else {
1583 if (!pwm->pinentry_tty) {
1584 ttybuf = pwmd_malloc(255);
1585
1586 if (!ttybuf)
1587 return gpg_error_from_errno(ENOMEM);
1588
1589 rc = ttyname_r(STDOUT_FILENO, ttybuf, 255);
1590
1591 if (rc) {
1592 pwmd_free(ttybuf);
1593 return gpg_error_from_errno(rc);
1594 }
1595
1596 tty = ttybuf;
1597 }
1598 else
1599 tty = pwm->pinentry_tty;
1600 }
1601
1602 if (!have_display && !tty)
1603 return GPG_ERR_ENOTTY;
1604
1605 *p++ = "pinentry";
1606 *p++ = have_display ? "--display" : "--ttyname";
1607 *p++ = have_display ? pwm->pinentry_display ? pwm->pinentry_display : display : tty;
1608
1609 if (pwm->lcctype) {
1610 *p++ = "--lc-ctype";
1611 *p++ = pwm->lcctype;
1612 }
1613
1614 if (pwm->lcmessages) {
1615 *p++ = "--lc-messages";
1616 *p++ = pwm->lcmessages;
1617 }
1618
1619 *p = NULL;
1620
1621 if (!have_display) {
1622 *p++ = "--ttytype";
1623 *p++ = pwm->pinentry_term ? pwm->pinentry_term : getenv("TERM");
1624 *p = NULL;
1625 }
1626
1627 rc = assuan_pipe_connect(&ctx, pwm->pinentry_path ? pwm->pinentry_path : PINENTRY_PATH, argv, child_list);
1628
1629 if (ttybuf)
1630 pwmd_free(ttybuf);
1631
1632 if (rc)
1633 return rc;
1634
1635 pwm->pid = assuan_get_pid(ctx);
1636 pwm->pctx = ctx;
1637 return set_pinentry_strings(pwm, 0);
1638 }
1639
1640 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd)
1641 {
1642 gpg_error_t n;
1643
1644 if (!pwm->pctx) {
1645 n = launch_pinentry(pwm);
1646
1647 if (n)
1648 return n;
1649 }
1650
1651 return assuan_command(pwm, pwm->pctx, result, cmd);
1652 }
1653
1654 static void pinentry_disconnect(pwm_t *pwm)
1655 {
1656 if (pwm->pctx)
1657 assuan_disconnect(pwm->pctx);
1658
1659 pwm->pctx = NULL;
1660 pwm->pid = -1;
1661 }
1662
1663 /*
1664 * Only called from a child process.
1665 */
1666 static void catchsig(int sig)
1667 {
1668 switch (sig) {
1669 case SIGALRM:
1670 if (gelapsed++ >= gtimeout) {
1671 terminate_pinentry(gpwm);
1672 gerror = GPG_ERR_TIMEOUT;
1673 }
1674 else
1675 alarm(1);
1676 break;
1677 default:
1678 break;
1679 }
1680 }
1681 #endif
1682
1683 /*
1684 * Borrowed from libassuan.
1685 */
1686 static char *percent_escape(const char *atext)
1687 {
1688 const unsigned char *s;
1689 int len = strlen(atext) * 3 + 1;
1690 char *buf = (char *)pwmd_malloc(len), *p = buf;
1691
1692 if (!buf)
1693 return NULL;
1694
1695 for (s=(const unsigned char *)atext; *s; s++) {
1696 if (*s < ' ') {
1697 sprintf (p, "%%%02X", *s);
1698 p += 3;
1699 }
1700 else
1701 *p++ = *s;
1702 }
1703
1704 *p = 0;
1705 return buf;
1706 }
1707
1708 static gpg_error_t send_command(pwm_t *pwm, char **result, const char *cmd)
1709 {
1710 if (!cmd)
1711 return GPG_ERR_INV_ARG;
1712
1713 return assuan_command(pwm, pwm->ctx, result, cmd);
1714 }
1715
1716 gpg_error_t pwmd_command_ap(pwm_t *pwm, char **result, const char *cmd,
1717 va_list ap)
1718 {
1719 char *buf;
1720 size_t len;
1721 gpg_error_t error;
1722 va_list ap2;
1723
1724 if (!pwm || !cmd)
1725 return GPG_ERR_INV_ARG;
1726
1727 if (!pwm->ctx)
1728 return GPG_ERR_INV_STATE;
1729
1730 /*
1731 * C99 allows the dst pointer to be null which will calculate the length
1732 * of the would-be result and return it.
1733 */
1734 va_copy(ap2, ap);
1735 len = vsnprintf(NULL, 0, cmd, ap)+1;
1736 buf = (char *)pwmd_malloc(len);
1737
1738 if (!buf) {
1739 va_end(ap2);
1740 return gpg_error_from_errno(ENOMEM);
1741 }
1742
1743 len = vsnprintf(buf, len, cmd, ap2);
1744 va_end(ap2);
1745
1746 if (buf[strlen(buf)-1] == '\n')
1747 buf[strlen(buf)-1] = 0;
1748
1749 if (buf[strlen(buf)-1] == '\r')
1750 buf[strlen(buf)-1] = 0;
1751
1752 error = send_command(pwm, result, buf);
1753 pwmd_free(buf);
1754 return error;
1755 }
1756
1757 gpg_error_t pwmd_command(pwm_t *pwm, char **result, const char *cmd, ...)
1758 {
1759 va_list ap;
1760 gpg_error_t error;
1761
1762 if (!pwm || !cmd)
1763 return GPG_ERR_INV_ARG;
1764
1765 if (!pwm->ctx)
1766 return GPG_ERR_INV_STATE;
1767
1768 if (result)
1769 *result = NULL;
1770
1771 va_start(ap, cmd);
1772 error = pwmd_command_ap(pwm, result, cmd, ap);
1773 va_end(ap);
1774 return error;
1775 }
1776
1777 #ifdef WITH_PINENTRY
1778 static gpg_error_t do_getpin(pwm_t *pwm, char **result)
1779 {
1780 if (gtimeout) {
1781 signal(SIGALRM, catchsig);
1782 alarm(1);
1783 }
1784
1785 *result = NULL;
1786 return pinentry_command(pwm, result, "GETPIN");
1787 }
1788
1789 static gpg_error_t getpin(pwm_t *pwm, char **result, int which)
1790 {
1791 gpg_error_t rc;
1792
1793 gerror = 0;
1794 rc = set_pinentry_strings(pwm, which);
1795
1796 if (rc) {
1797 pinentry_disconnect(pwm);
1798 return rc;
1799 }
1800
1801 rc = do_getpin(pwm, result);
1802
1803 /*
1804 * Since there was input cancel any timeout setting.
1805 */
1806 alarm(0);
1807 signal(SIGALRM, SIG_DFL);
1808
1809 if (rc) {
1810 if (pwm->pctx)
1811 pinentry_disconnect(pwm);
1812
1813 /* This lets pwmd_open2() with PWMD_OPTION_PINENTRY_TIMEOUT work. */
1814 if (rc== GPG_ERR_EOF && gerror == GPG_ERR_TIMEOUT)
1815 return gerror;
1816
1817 return rc;
1818 }
1819
1820 return 0;
1821 }
1822 #endif
1823
1824 static gpg_error_t do_open_command(pwm_t *pwm, const char *filename, char *password)
1825 {
1826 char *buf;
1827 gpg_error_t error;
1828 char *result = NULL;
1829
1830 buf = pwmd_malloc(ASSUAN_LINELENGTH+1);
1831
1832 if (!buf)
1833 return gpg_error_from_errno(ENOMEM);
1834
1835 snprintf(buf, ASSUAN_LINELENGTH, "OPEN %s %s", filename,
1836 password ? password : "");
1837 error = send_command(pwm, &result, buf);
1838 pwmd_free(buf);
1839
1840 if (error && result)
1841 pwmd_free(result);
1842
1843 return error;
1844 }
1845
1846 static gpg_error_t send_pinentry_options(pwm_t *pwm)
1847 {
1848 gpg_error_t rc;
1849
1850 if (pwm->pinentry_path) {
1851 rc = pwmd_command(pwm, NULL, "OPTION PATH=%s", pwm->pinentry_path);
1852
1853 if (rc)
1854 return rc;
1855 }
1856
1857 if (pwm->pinentry_tty) {
1858 rc = pwmd_command(pwm, NULL, "OPTION TTYNAME=%s", pwm->pinentry_tty);
1859
1860 if (rc)
1861 return rc;
1862 }
1863
1864 if (pwm->pinentry_term) {
1865 rc = pwmd_command(pwm, NULL, "OPTION TTYTYPE=%s", pwm->pinentry_term);
1866
1867 if (rc)
1868 return rc;
1869 }
1870
1871 if (pwm->pinentry_display) {
1872 rc = pwmd_command(pwm, NULL, "OPTION TITLE=%s", pwm->pinentry_display);
1873
1874 if (rc)
1875 return rc;
1876 }
1877
1878 if (pwm->title) {
1879 rc = pwmd_command(pwm, NULL, "OPTION TITLE=%s", pwm->title);
1880
1881 if (rc)
1882 return rc;
1883 }
1884
1885 if (pwm->desc) {
1886 rc = pwmd_command(pwm, NULL, "OPTION DESC=%s", pwm->desc);
1887
1888 if (rc)
1889 return rc;
1890 }
1891
1892 if (pwm->prompt) {
1893 rc = pwmd_command(pwm, NULL, "OPTION PROMPT=%s", pwm->prompt);
1894
1895 if (rc)
1896 return rc;
1897 }
1898
1899 if (pwm->lcctype) {
1900 rc = pwmd_command(pwm, NULL, "OPTION LC_CTYPE=%s", pwm->lcctype);
1901
1902 if (rc)
1903 return rc;
1904 }
1905
1906 if (pwm->lcmessages) {
1907 rc = pwmd_command(pwm, NULL, "OPTION LC_MESSAGES=%s", pwm->lcmessages);
1908
1909 if (rc)
1910 return rc;
1911 }
1912
1913 if (pwm->pinentry_timeout >= 0) {
1914 rc = pwmd_command(pwm, NULL, "OPTION TIMEOUT=%i", pwm->pinentry_timeout);
1915
1916 if (rc)
1917 return rc;
1918 }
1919
1920 return 0;
1921 }
1922
1923 static gpg_error_t do_pwmd_open(pwm_t *pwm, const char *filename, int nb,
1924 int local_pinentry)
1925 {
1926 char *result = NULL;
1927 char *password = NULL;
1928 char *path;
1929 int pin_try;
1930 gpg_error_t rc;
1931 size_t len;
1932
1933 if (!pwm || !filename || !*filename)
1934 return GPG_ERR_INV_ARG;
1935
1936 if (!pwm->ctx)
1937 return GPG_ERR_INV_STATE;
1938
1939 pin_try = pwm->pinentry_tries - 1;
1940
1941 /*
1942 * Avoid calling pinentry if the password is cached on the server or if
1943 * this is a new file. pwmd version 2 adds a VERSION command which is
1944 * determined in _socket_connect_finalize(). If the server is version 2,
1945 * ISCACHED can determine if a file exists.
1946 */
1947 #ifdef WITH_TCP
1948 if (!pwm->tcp_conn && pwm->version == PWMD_V1) {
1949 #else
1950 if (pwm->version == PWMD_V1) {
1951 #endif
1952 rc = pwmd_command(pwm, &result, "GETCONFIG data_directory");
1953
1954 if (rc)
1955 return rc;
1956
1957 len = strlen(result)+strlen(filename)+2;
1958 path = pwmd_malloc(len);
1959
1960 if (!path) {
1961 pwmd_free(result);
1962 return gpg_error_from_errno(ENOMEM);
1963 }
1964
1965 snprintf(path, len, "%s/%s", result, filename);
1966 pwmd_free(result);
1967
1968 if (access(path, R_OK) == -1) {
1969 if (errno == ENOENT) {
1970 pwmd_free(path);
1971 goto gotpassword;
1972 }
1973 }
1974
1975 pwmd_free(path);
1976 }
1977
1978 rc = pwmd_command(pwm, &result, "ISCACHED %s", filename);
1979
1980 if (gpg_err_code(rc) == GPG_ERR_ENOENT)
1981 goto gotpassword;
1982
1983 if (rc && rc != GPG_ERR_NOT_FOUND)
1984 return rc;
1985
1986 if (!nb && rc == GPG_ERR_NOT_FOUND) {
1987 if (pwm->password) {
1988 password = pwm->password;
1989 goto gotpassword;
1990 }
1991
1992 if (pwm->passfunc) {
1993 rc = pwm->passfunc(pwm->passdata, &password);
1994
1995 if (rc)
1996 return rc;
1997
1998 goto gotpassword;
1999 }
2000 }
2001
2002 #ifdef WITH_PINENTRY
2003 if (rc == GPG_ERR_NOT_FOUND && local_pinentry) {
2004 rc = pwmd_command(pwm, NULL, "OPTION PINENTRY=0");
2005
2006 if (rc)
2007 return rc;
2008
2009 if (!pwm->filename)
2010 pwm->filename = pwmd_strdup(filename);
2011
2012 if (!pwm->filename)
2013 return gpg_error_from_errno(ENOMEM);
2014
2015 /* Get the passphrase using the LOCAL pinentry. */
2016 if (nb) {
2017 int p[2];
2018 pid_t pid;
2019 pwmd_nb_status_t pw;
2020
2021 if (pipe(p) == -1)
2022 return gpg_error_from_syserror();
2023
2024 #ifdef WITH_LIBPTH
2025 pid = pth_fork();
2026 #else
2027 pid = fork();
2028 #endif
2029
2030 switch (pid) {
2031 case 0:
2032 close(p[0]);
2033 pw.fd = p[0];
2034
2035 if (pwm->pinentry_timeout != 0) {
2036 gpwm = pwm;
2037 gtimeout = abs(pwm->pinentry_timeout);
2038 gelapsed = 0;
2039 }
2040
2041 pw.error = getpin(pwm, &password, PINENTRY_OPEN);
2042
2043 if (gtimeout && gelapsed >= gtimeout)
2044 pw.error = GPG_ERR_TIMEOUT;
2045
2046 if (!pw.error)
2047 snprintf(pw.password, sizeof(pw.password), "%s",
2048 password);
2049
2050 pinentry_disconnect(pwm);
2051 #ifdef WITH_LIBPTH
2052 pth_write(p[1], &pw, sizeof(pw));
2053 #else
2054 write(p[1], &pw, sizeof(pw));
2055 #endif
2056 memset(&pw, 0, sizeof(pw));
2057 close(p[1]);
2058 _exit(0);
2059 break;
2060 case -1:
2061 rc = gpg_error_from_syserror();
2062 close(p[0]);
2063 close(p[1]);
2064 return rc;
2065 default:
2066 break;
2067 }
2068
2069 close(p[1]);
2070 pwm->nb_fd = p[0];
2071 pwm->nb_pid = pid;
2072 return 0;
2073 }
2074
2075 if (pwm->pinentry_timeout != 0) {
2076 gpwm = pwm;
2077 gtimeout = abs(pwm->pinentry_timeout);
2078 gelapsed = 0;
2079 }
2080
2081 rc = getpin(pwm, &password, PINENTRY_OPEN);
2082
2083 /* Don't timeout when an invalid passphrase was entered. */
2084 gtimeout = 0;
2085
2086 if (rc)
2087 return rc;
2088 }
2089 #endif
2090
2091 gotpassword:
2092 pwm->state = ASYNC_DONE;
2093
2094 if (!local_pinentry) {
2095 rc = send_pinentry_options(pwm);
2096
2097 if (rc)
2098 return rc;
2099 }
2100
2101 rc = do_open_command(pwm, filename, password);
2102
2103 /*
2104 * Keep the user defined password set with pwmd_setopt(). The password may
2105 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
2106 */
2107 if (!pwm->passfunc && password && password != pwm->password)
2108 pwmd_free(password);
2109
2110 if (rc == GPG_ERR_INV_PASSPHRASE) {
2111 if (pin_try-- > 0 && !nb) {
2112
2113 #ifdef WITH_PINENTRY
2114 if (local_pinentry)
2115 rc = getpin(pwm, &password, PINENTRY_OPEN_FAILED);
2116 else
2117 #endif
2118 rc = pwmd_command(pwm, &result, "OPTION TITLE=%s",
2119 N_("Invalid passphrase, please try again."));
2120
2121 if (rc)
2122 return rc;
2123
2124 goto gotpassword;
2125 }
2126
2127 #ifdef WITH_PINENTRY
2128 if (nb)
2129 pinentry_disconnect(pwm);
2130 #endif
2131
2132 return rc;
2133 }
2134
2135 if (!rc) {
2136 if (pwm->filename)
2137 pwmd_free(pwm->filename);
2138
2139 pwm->filename = pwmd_strdup(filename);
2140 }
2141
2142 return rc;
2143 }
2144
2145 gpg_error_t pwmd_open2(pwm_t *pwm, const char *filename)
2146 {
2147 #ifndef WITH_PINENTRY
2148 return GPG_ERR_NOT_IMPLEMENTED;
2149 #else
2150 return do_pwmd_open(pwm, filename, 0, 1);
2151 #endif
2152 }
2153
2154 gpg_error_t pwmd_open(pwm_t *pwm, const char *filename)
2155 {
2156 return do_pwmd_open(pwm, filename, 0, 0);
2157 }
2158
2159 gpg_error_t pwmd_open_async2(pwm_t *pwm, const char *filename)
2160 {
2161 #ifndef WITH_PINENTRY
2162 return GPG_ERR_NOT_IMPLEMENTED;
2163 #else
2164 gpg_error_t rc;
2165
2166 if (!pwm || !filename)
2167 return GPG_ERR_INV_ARG;
2168
2169 if (!pwm->ctx)
2170 return GPG_ERR_INV_STATE;
2171
2172 if (pwm->cmd != ASYNC_CMD_OPEN2)
2173 pwm->pin_try = 0;
2174
2175 pwm->cmd = ASYNC_CMD_OPEN2;
2176 pwm->state = ASYNC_PROCESS;
2177 rc = do_pwmd_open(pwm, filename, 1, 1);
2178
2179 if (rc)
2180 reset_async(pwm, 1);
2181
2182 return rc;
2183 #endif
2184 }
2185
2186 #ifdef WITH_PINENTRY
2187 static gpg_error_t do_save_getpin(pwm_t *pwm, char **password)
2188 {
2189 int confirm = 0;
2190 gpg_error_t error;
2191 char *result = NULL;
2192
2193 again:
2194 error = getpin(pwm, &result, confirm ? PINENTRY_SAVE_CONFIRM : PINENTRY_SAVE);
2195
2196 if (error) {
2197 if (pwm->pctx)
2198 pinentry_disconnect(pwm);
2199
2200 if (*password)
2201 pwmd_free(*password);
2202
2203 return error;
2204 }
2205
2206 if (!confirm++) {
2207 *password = result;
2208 goto again;
2209 }
2210
2211 if (strcmp(*password, result)) {
2212 pwmd_free(*password);
2213 pwmd_free(result);
2214 confirm = 0;
2215 *password = NULL;
2216 goto again;
2217 }
2218
2219 pwmd_free(result);
2220 pinentry_disconnect(pwm);
2221 return 0;
2222 }
2223 #endif
2224
2225 static gpg_error_t do_save_command(pwm_t *pwm, char *password)
2226 {
2227 char *buf;
2228 gpg_error_t error;
2229 char *result = NULL;
2230
2231 buf = pwmd_malloc(ASSUAN_LINELENGTH+1);
2232
2233 if (!buf)
2234 return gpg_error_from_errno(ENOMEM);
2235
2236 snprintf(buf, ASSUAN_LINELENGTH, "SAVE %s", password ? password : "");
2237 error = send_command(pwm, &result, buf);
2238 pwmd_free(buf);
2239
2240 if (error && result)
2241 pwmd_free(result);
2242
2243 return error;
2244 }
2245
2246 static gpg_error_t do_pwmd_save(pwm_t *pwm, int nb, int local_pinentry)
2247 {
2248 char *result = NULL;
2249 char *password = NULL;
2250 gpg_error_t rc;
2251
2252 if (!pwm)
2253 return GPG_ERR_INV_ARG;
2254
2255 if (!pwm->ctx)
2256 return GPG_ERR_INV_STATE;
2257
2258 rc = pwmd_command(pwm, &result, "ISCACHED %s", pwm->filename);
2259
2260 if (rc && rc != GPG_ERR_NOT_FOUND)
2261 return rc;
2262
2263 if (!nb && rc == GPG_ERR_NOT_FOUND) {
2264 if (pwm->password) {
2265 password = pwm->password;
2266 goto gotpassword;
2267 }
2268
2269 if (pwm->passfunc) {
2270 rc = pwm->passfunc(pwm->passdata, &password);
2271
2272 if (rc)
2273 return rc;
2274
2275 goto gotpassword;
2276 }
2277 }
2278
2279 if (rc == GPG_ERR_NOT_FOUND && local_pinentry) {
2280 #ifdef WITH_PINENTRY
2281 /* Get the password using the LOCAL pinentry. */
2282 if (nb) {
2283 int p[2];
2284 pid_t pid;
2285 pwmd_nb_status_t pw;
2286
2287 if (pipe(p) == -1)
2288 return gpg_error_from_syserror();
2289
2290 #ifdef WITH_LIBPTH
2291 pid = pth_fork();
2292 #else
2293 pid = fork();
2294 #endif
2295
2296 switch (pid) {
2297 case 0:
2298 close(p[0]);
2299 pw.fd = p[0];
2300 password = NULL;
2301 pw.error = do_save_getpin(pwm, &password);
2302 pinentry_disconnect(pwm);
2303 snprintf(pw.password, sizeof(pw.password), "%s",
2304 password);
2305 #ifdef WITH_LIBPTH
2306 pth_write(p[1], &pw, sizeof(pw));
2307 #else
2308 write(p[1], &pw, sizeof(pw));
2309 #endif
2310 memset(&pw, 0, sizeof(pw));
2311 close(p[1]);
2312 _exit(0);
2313 break;
2314 case -1:
2315 rc = gpg_error_from_syserror();
2316 close(p[0]);
2317 close(p[1]);
2318 return rc;
2319 default:
2320 break;
2321 }
2322
2323 close(p[1]);
2324 pwm->nb_fd = p[0];
2325 pwm->nb_pid = pid;
2326 return 0;
2327 }
2328
2329 rc = do_save_getpin(pwm, &password);
2330
2331 if (rc)
2332 return rc;
2333 #endif
2334 }
2335 else
2336 pwm->state = ASYNC_DONE;
2337
2338 gotpassword:
2339 if (!local_pinentry) {
2340 rc = send_pinentry_options(pwm);
2341
2342 if (rc)
2343 return rc;
2344 }
2345
2346 rc = do_save_command(pwm, password);
2347
2348 if (!pwm->passfunc && password && password != pwm->password)
2349 pwmd_free(password);
2350
2351 return rc;
2352 }
2353
2354 gpg_error_t pwmd_save_async2(pwm_t *pwm)
2355 {
2356 #ifndef WITH_PINENTRY
2357 return GPG_ERR_NOT_IMPLEMENTED;
2358 #else
2359 gpg_error_t rc;
2360
2361 if (!pwm)
2362 return GPG_ERR_INV_ARG;
2363
2364 if (!pwm->ctx)
2365 return GPG_ERR_INV_STATE;
2366
2367 pwm->cmd = ASYNC_CMD_SAVE2;
2368 pwm->state = ASYNC_PROCESS;
2369 rc = do_pwmd_save(pwm, 1, 1);
2370
2371 if (rc)
2372 reset_async(pwm, 0);
2373
2374 return rc;
2375 #endif
2376 }
2377
2378 gpg_error_t pwmd_save2(pwm_t *pwm)
2379 {
2380 #ifndef WITH_PINENTRY
2381 return GPG_ERR_NOT_IMPLEMENTED;
2382 #else
2383 return do_pwmd_save(pwm, 0, 1);
2384 #endif
2385 }
2386
2387 gpg_error_t pwmd_save(pwm_t *pwm)
2388 {
2389 return do_pwmd_save(pwm, 0, 0);
2390 }
2391
2392 gpg_error_t pwmd_setopt(pwm_t *pwm, pwmd_option_t opt, ...)
2393 {
2394 va_list ap;
2395 int n = va_arg(ap, int);
2396 char *arg1;
2397 gpg_error_t error = 0;
2398
2399 if (!pwm)
2400 return GPG_ERR_INV_ARG;
2401
2402 va_start(ap, opt);
2403
2404 switch (opt) {
2405 case PWMD_OPTION_STATUS_CB:
2406 pwm->status_func = va_arg(ap, pwmd_status_cb_t);
2407 break;
2408 case PWMD_OPTION_STATUS_DATA:
2409 pwm->status_data = va_arg(ap, void *);
2410 break;
2411 case PWMD_OPTION_PASSPHRASE_CB:
2412 pwm->passfunc = va_arg(ap, pwmd_passphrase_cb_t);
2413 break;
2414 case PWMD_OPTION_PASSPHRASE_DATA:
2415 pwm->passdata = va_arg(ap, void *);
2416 break;
2417 case PWMD_OPTION_PASSPHRASE:
2418 arg1 = va_arg(ap, char *);
2419
2420 if (pwm->password)
2421 pwmd_free(pwm->password);
2422
2423 pwm->password = pwmd_strdup(arg1);
2424 break;
2425 case PWMD_OPTION_PINENTRY_TRIES:
2426 n = va_arg(ap, int);
2427
2428 if (n <= 0) {
2429 va_end(ap);
2430 error = GPG_ERR_INV_VALUE;
2431 }
2432 else
2433 pwm->pinentry_tries = n;
2434 break;
2435 case PWMD_OPTION_PINENTRY_TIMEOUT:
2436 n = va_arg(ap, int);
2437
2438 if (n < 0) {
2439 va_end(ap);
2440 error = GPG_ERR_INV_VALUE;
2441 }
2442 else
2443 pwm->pinentry_timeout = n;
2444 break;
2445 case PWMD_OPTION_PINENTRY_PATH:
2446 if (pwm->pinentry_path)
2447 pwmd_free(pwm->pinentry_path);
2448
2449 pwm->pinentry_path = pwmd_strdup(va_arg(ap, char *));
2450 break;
2451 case PWMD_OPTION_PINENTRY_TTY:
2452 if (pwm->pinentry_tty)
2453 pwmd_free(pwm->pinentry_tty);
2454
2455 pwm->pinentry_tty = pwmd_strdup(va_arg(ap, char *));
2456 break;
2457 case PWMD_OPTION_PINENTRY_DISPLAY:
2458 if (pwm->pinentry_display)
2459 pwmd_free(pwm->pinentry_display);
2460
2461 pwm->pinentry_display = pwmd_strdup(va_arg(ap, char *));
2462 break;
2463 case PWMD_OPTION_PINENTRY_TERM:
2464 if (pwm->pinentry_term)
2465 pwmd_free(pwm->pinentry_term);
2466
2467 pwm->pinentry_term = pwmd_strdup(va_arg(ap, char *));
2468 break;
2469 case PWMD_OPTION_PINENTRY_TITLE:
2470 if (pwm->title)
2471 pwmd_free(pwm->title);
2472
2473 pwm->title = percent_escape(va_arg(ap, char *));
2474 break;
2475 case PWMD_OPTION_PINENTRY_PROMPT:
2476 if (pwm->prompt)
2477 pwmd_free(pwm->prompt);
2478
2479 pwm->prompt = percent_escape(va_arg(ap, char *));
2480 break;
2481 case PWMD_OPTION_PINENTRY_DESC:
2482 if (pwm->desc)
2483 pwmd_free(pwm->desc);
2484
2485 pwm->desc = percent_escape(va_arg(ap, char *));
2486 break;
2487 case PWMD_OPTION_PINENTRY_LC_CTYPE:
2488 if (pwm->lcctype)
2489 pwmd_free(pwm->lcctype);
2490
2491 pwm->lcctype = pwmd_strdup(va_arg(ap, char *));
2492 break;
2493 case PWMD_OPTION_PINENTRY_LC_MESSAGES:
2494 if (pwm->lcmessages)
2495 pwmd_free(pwm->lcmessages);
2496
2497 pwm->lcmessages = pwmd_strdup(va_arg(ap, char *));
2498 break;
2499 #ifdef WITH_TCP
2500 case PWMD_OPTION_IP_VERSION:
2501 n = va_arg(ap, int);
2502
2503 switch (n) {
2504 case PWMD_IP_ANY:
2505 case PWMD_IPV4:
2506 case PWMD_IPV6:
2507 pwm->prot = n;
2508 break;
2509 default:
2510 error = GPG_ERR_INV_VALUE;
2511 break;
2512 }
2513
2514 va_end(ap);
2515 break;
2516 #endif
2517 default:
2518 error = GPG_ERR_NOT_IMPLEMENTED;
2519 break;
2520 }
2521
2522 va_end(ap);
2523 return error;
2524 }
2525
2526 gpg_error_t pwmd_get_fds(pwm_t *pwm, pwmd_fd_t *fds, int *n_fds)
2527 {
2528 int in_total;
2529 int fd = 0;
2530 #ifdef WITH_TCP
2531 int afds[ARES_GETSOCK_MAXNUM];
2532 int got_sock = 0;
2533 int n, i;
2534 #endif
2535
2536 if (!pwm || !fds || !n_fds || *n_fds <= 0)
2537 return GPG_ERR_INV_ARG;
2538
2539 in_total = *n_fds;
2540 #ifdef WITH_TCP
2541 memset(afds, 0, sizeof(int)*ARES_GETSOCK_MAXNUM);
2542 #endif
2543 memset(fds, 0, sizeof(pwmd_fd_t)*in_total);
2544 *n_fds = 0;
2545
2546 switch (pwm->cmd) {
2547 default:
2548 case ASYNC_CMD_NONE:
2549 case ASYNC_CMD_OPEN:
2550 case ASYNC_CMD_SAVE:
2551 #ifdef WITH_PINENTRY
2552 async1:
2553 #endif
2554 if (pwm->fd == -1)
2555 return GPG_ERR_INV_STATE;
2556
2557 (*n_fds)++;
2558 fds[fd].fd = pwm->fd;
2559 fds[fd++].flags = PWMD_FD_READABLE;
2560 return 0;
2561 #ifdef WITH_PINENTRY
2562 case ASYNC_CMD_OPEN2:
2563 case ASYNC_CMD_SAVE2:
2564 if (pwm->nb_fd == -1)
2565 return GPG_ERR_INV_STATE;
2566
2567 (*n_fds)++;
2568 fds[fd].fd = pwm->nb_fd;
2569 fds[fd++].flags = PWMD_FD_READABLE;
2570 goto async1;
2571 #endif
2572 #ifdef WITH_TCP
2573 case ASYNC_CMD_DNS:
2574 if (!pwm->tcp_conn || !pwm->tcp_conn->chan)
2575 return GPG_ERR_INV_STATE;
2576
2577 n = ares_getsock(pwm->tcp_conn->chan, afds, ARES_GETSOCK_MAXNUM);
2578
2579 for (i = 0; i < ARES_GETSOCK_MAXNUM; i++) {
2580 got_sock = 0;
2581
2582 if (fd > in_total) {
2583 *n_fds = fd;
2584 return GPG_ERR_ERANGE;
2585 }
2586
2587 if (ARES_GETSOCK_READABLE(n, i)) {
2588 got_sock++;
2589 fds[fd].flags |= PWMD_FD_READABLE;
2590 }
2591
2592 if (ARES_GETSOCK_WRITABLE(n, i)) {
2593 got_sock++;
2594 fds[fd].flags |= PWMD_FD_WRITABLE;
2595 }
2596
2597 if (got_sock)
2598 fds[fd++].fd = afds[i];
2599 }
2600
2601 *n_fds = fd;
2602 return 0;
2603 case ASYNC_CMD_CONNECT:
2604 case ASYNC_CMD_HOSTKEY:
2605 if (!pwm->tcp_conn || pwm->tcp_conn->fd == -1)
2606 return GPG_ERR_INV_STATE;
2607
2608 (*n_fds)++;
2609 fds[fd].fd = pwm->tcp_conn->fd;
2610 fds[fd++].flags = PWMD_FD_READABLE;
2611 return 0;
2612 #endif
2613 }
2614
2615 return GPG_ERR_INV_STATE;
2616 }
2617
2618 pwm_t *pwmd_new(const char *name)
2619 {
2620 pwm_t *h = pwmd_calloc(1, sizeof(pwm_t));
2621
2622 if (!h)
2623 return NULL;
2624
2625 if (name) {
2626 h->name = pwmd_strdup(name);
2627
2628 if (!h->name) {
2629 pwmd_free(h);
2630 return NULL;
2631 }
2632 }
2633
2634 h->fd = -1;
2635 #ifdef WITH_PINENTRY
2636 h->nb_fd = -1;
2637 #endif
2638 h->pinentry_timeout = -30;
2639 h->pinentry_tries = 3;
2640 #ifdef WITH_TCP
2641 h->prot = PWMD_IP_ANY;
2642 #endif
2643 return h;
2644 }
2645
2646 void pwmd_free(void *ptr)
2647 {
2648 xfree(ptr);
2649 }
2650
2651 void *pwmd_malloc(size_t size)
2652 {
2653 return xmalloc(size);
2654 }
2655
2656 void *pwmd_calloc(size_t nmemb, size_t size)
2657 {
2658 return xcalloc(nmemb, size);
2659 }
2660
2661 void *pwmd_realloc(void *ptr, size_t size)
2662 {
2663 return xrealloc(ptr, size);
2664 }
2665
2666 char *pwmd_strdup(const char *str)
2667 {
2668 return xstrdup(str);
2669 }
2670
2671 char *pwmd_strdup_printf(const char *fmt, ...)
2672 {
2673 va_list ap;
2674 int len;
2675 char *buf;
2676
2677 if (!fmt)
2678 return NULL;
2679
2680 va_start(ap, fmt);
2681 len = vsnprintf(NULL, 0, fmt, ap);
2682 buf = pwmd_malloc(++len);
2683
2684 if (!buf) {
2685 va_end(ap);
2686 return NULL;
2687 }
2688
2689 vsnprintf(buf, len, fmt, ap);
2690 va_end(ap);
2691 return buf;
2692 }
An API for pwmd.