search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix compile time warning.
[libpwmd.git] / src / pinentry.c
blobb1bfa59caa539b841d0d2f4f656c7c5ec2d8478c
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of libpwmd.
7
8 Libpwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Libpwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Libpwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <sys/types.h>
26 #include <signal.h>
27 #include <errno.h>
28 #include <stdlib.h>
29 #include <limits.h>
30
31 #ifdef HAVE_STRING_H
32 #include <string.h>
33 #endif
34
35 #include "pinentry.h"
36 #include "misc.h"
37
38 #ifdef WITH_QUALITY
39 #include <crack.h>
40 #endif
41
42 static pwm_t *gpwm;
43 static int gelapsed, gtimeout;
44 static gpg_error_t grc;
45
46 static gpg_error_t set_pinentry_strings(pwm_t *pwm, pwmd_pinentry_t which);
47
48 static gpg_error_t launch_pinentry(pwm_t *pwm)
49 {
50 int rc;
51 assuan_context_t ctx;
52 int child_list[] = {-1};
53 const char *argv[10];
54 const char **p = argv;
55 static struct assuan_malloc_hooks mhooks = {
56 pwmd_malloc, pwmd_realloc, pwmd_free
57 };
58
59 update_pinentry_settings(pwm);
60 if (!pwm->pinentry_display && !pwm->pinentry_tty)
61 return GPG_ERR_ENOTTY;
62
63 *p++ = "pinentry";
64 *p++ = pwm->pinentry_display ? "--display" : "--ttyname";
65 *p++ = pwm->pinentry_display ? pwm->pinentry_display : pwm->pinentry_tty;
66
67 if (pwm->pinentry_lcctype) {
68 *p++ = "--lc-ctype";
69 *p++ = pwm->pinentry_lcctype;
70 }
71
72 if (pwm->pinentry_lcmessages) {
73 *p++ = "--lc-messages";
74 *p++ = pwm->pinentry_lcmessages;
75 }
76
77 *p = NULL;
78
79 if (!pwm->pinentry_display) {
80 *p++ = "--ttytype";
81 *p++ = pwm->pinentry_term ? pwm->pinentry_term : getenv("TERM");
82 *p = NULL;
83 }
84
85 rc = assuan_new_ext(&ctx, GPG_ERR_SOURCE_PINENTRY, &mhooks, NULL, NULL);
86 if (rc)
87 return rc;
88
89 rc = assuan_pipe_connect(ctx,
90 pwm->pinentry_path ? pwm->pinentry_path : PINENTRY_PATH, argv,
91 child_list, NULL, NULL, 0);
92 if (rc)
93 return rc;
94
95 pwm->pinentry_pid = assuan_get_pid(ctx);
96 pwm->pctx = ctx;
97 return set_pinentry_strings(pwm, 0);
98 }
99
100 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, size_t *len,
101 const char *cmd)
102 {
103 if (!pwm->pctx) {
104 gpg_error_t rc = launch_pinentry(pwm);
105
106 if (rc)
107 return rc;
108 }
109
110 return _assuan_command(pwm, pwm->pctx, result, len, cmd);
111 }
112
113 #ifdef WITH_QUALITY
114 static gpg_error_t quality_cb(void *data, const char *line)
115 {
116 pwm_t *pwm = data;
117 int score = 0;
118 char buf[5];
119 const char *tmp;
120
121 if (strncmp(line, "QUALITY ", 8))
122 return GPG_ERR_INV_ARG;
123
124 if (!(tmp = FascistCheck(line+8, CRACKLIB_DICT)))
125 return assuan_send_data(pwm->pctx, "100", 3);
126
127 if (!strcmp(tmp, N_("it is WAY too short")))
128 score = 10;
129 else if (!strcmp(tmp, N_("it is too short")))
130 score = 20;
131 else if (!strcmp(tmp, N_("it is all whitespace")))
132 score = 25;
133 else if (!strcmp(tmp, N_("it is based on your username")))
134 score = 30;
135 else if (!strcmp(tmp, N_("it does not contain enough DIFFERENT characters")))
136 score = 35;
137 else if (!strcmp(tmp, N_("it is based on a dictionary word")))
138 score = 40;
139 else if (!strcmp(tmp, N_("it is based upon your password entry")))
140 score = 50;
141 else if (!strcmp(tmp, N_("it's derived from your password entry")))
142 score = 50;
143 else if (!strcmp(tmp, N_("it is derived from your password entry")))
144 score = 50;
145 else if (!strcmp(tmp, N_("it is based on a (reversed) dictionary word")))
146 score = 60;
147 else if (!strcmp(tmp, N_("it is derivable from your password entry")))
148 score = 70;
149 else if (!strcmp(tmp, N_("it's derivable from your password entry")))
150 score = 70;
151 else if (!strcmp(tmp, N_("it looks like a National Insurance number.")))
152 score = 80;
153 else if (!strcmp(tmp, N_("it is too simplistic/systematic")))
154 score = 90;
155 else
156 score = 0;
157
158 snprintf(buf, sizeof(buf), "%i", score);
159 return assuan_send_data(pwm->pctx, buf, strlen(buf));
160 }
161 #endif
162
163 static gpg_error_t set_pinentry_strings(pwm_t *pwm, pwmd_pinentry_t which)
164 {
165 char *tmp, *desc = NULL;
166 gpg_error_t rc;
167
168 if (which != PWMD_PINENTRY_USER) {
169 rc = pinentry_command(pwm, NULL, NULL, "SETERROR ");
170 if (rc)
171 return rc;
172 }
173
174 tmp = pwmd_malloc(ASSUAN_LINELENGTH+1);
175 if (!tmp)
176 return gpg_error_from_errno(ENOMEM);
177
178 if (!pwm->pinentry_prompt) {
179 pwm->pinentry_prompt = pwmd_strdup(N_("Passphrase:"));
180 if (!pwm->pinentry_prompt) {
181 pwmd_free(tmp);
182 return GPG_ERR_ENOMEM;
183 }
184 }
185
186 if (!pwm->pinentry_desc) {
187 if (which == PWMD_PINENTRY_OPEN || which == PWMD_PINENTRY_OPEN_FAILED)
188 desc = pwmd_strdup_printf(N_("A passphrase is required to unlock the secret key for the encrypted data file \"%s\". Please enter the passphrase below."), pwm->filename);
189 else if (which == PWMD_PINENTRY_SAVE
190 || which == PWMD_PINENTRY_SAVE_FAILED)
191 desc = pwmd_strdup_printf(N_("Please enter the passphrase to use to encrypt the data file \"%s\"."), pwm->filename);
192 else if (which == PWMD_PINENTRY_SAVE_CONFIRM)
193 desc = pwmd_strdup_printf(N_("Please re-enter the passphrase for confirmation."), pwm->filename);
194
195 if (!desc) {
196 pwmd_free(tmp);
197 return GPG_ERR_ENOMEM;
198 }
199 }
200
201 if (pwm->pinentry_desc)
202 desc = pwm->pinentry_desc;
203
204 if (which == PWMD_PINENTRY_USER) {
205 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s",
206 pwm->pinentry_error ? pwm->pinentry_error : "");
207 rc = pinentry_command(pwm, NULL, NULL, tmp);
208 if (rc) {
209 pwmd_free(tmp);
210 return rc;
211 }
212
213 snprintf(tmp, ASSUAN_LINELENGTH, "SETDESC %s",
214 pwm->pinentry_desc ? pwm->pinentry_desc : "");
215 }
216 else {
217 if (which == PWMD_PINENTRY_SAVE_FAILED
218 || which == PWMD_PINENTRY_OPEN_FAILED) {
219 if (which == PWMD_PINENTRY_SAVE_FAILED)
220 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s",
221 N_("Passphrases do not match, try again."));
222 else {
223 if (pwm->pinentry_tries) {
224 strcpy(tmp, "SETERROR ");
225 snprintf(tmp+strlen("SETERROR "), ASSUAN_LINELENGTH,
226 N_("Bad passphrase (try %i of %i)"),
227 pwm->pinentry_try+1, pwm->pinentry_tries);
228 }
229 else
230 snprintf(tmp, ASSUAN_LINELENGTH, "SETERROR %s",
231 N_("Bad passphrase, try again"));
232 }
233
234 rc = pinentry_command(pwm, NULL, NULL, tmp);
235 if (rc) {
236 pwmd_free(tmp);
237 return rc;
238 }
239 }
240
241 snprintf(tmp, ASSUAN_LINELENGTH, "SETDESC %s", desc);
242
243 if (pwm->pinentry_desc != desc)
244 pwmd_free(desc);
245 }
246
247 rc = pinentry_command(pwm, NULL, NULL, tmp);
248 if (rc) {
249 pwmd_free(tmp);
250 return rc;
251 }
252
253 snprintf(tmp, ASSUAN_LINELENGTH, "SETPROMPT %s", pwm->pinentry_prompt);
254 rc = pinentry_command(pwm, NULL, NULL, tmp);
255 pwmd_free(tmp);
256
257 #ifdef WITH_QUALITY
258 if (!rc && which == PWMD_PINENTRY_SAVE) {
259 rc = pinentry_command(pwm, NULL, NULL, "SETQUALITYBAR");
260 if (!rc) {
261 pwm->_inquire_func = quality_cb;
262 pwm->_inquire_data = pwm;
263 }
264 }
265 #endif
266
267 return rc;
268 }
269
270 static gpg_error_t terminate_pinentry(pwm_t *pwm)
271 {
272 pid_t pid = pwm->pinentry_pid;
273
274 pwm->pinentry_pid = -1;
275
276 if (!pwm || pid == -1)
277 return GPG_ERR_INV_ARG;
278
279 if (kill(pid, 0) == 0) {
280 if (kill(pid, SIGTERM) == -1) {
281 if (kill(pid, SIGKILL) == -1)
282 return gpg_error_from_errno(errno);
283 }
284 }
285 else
286 return gpg_error_from_errno(errno);
287
288 return 0;
289 }
290
291 void _pinentry_disconnect(pwm_t *pwm)
292 {
293 if (pwm->pctx)
294 assuan_release(pwm->pctx);
295
296 pwm->pctx = NULL;
297 pwm->pinentry_pid = -1;
298 }
299
300 /*
301 * Only called from a child process.
302 */
303 static void catchsig(int sig)
304 {
305 switch (sig) {
306 case SIGALRM:
307 if (++gelapsed >= gtimeout) {
308 terminate_pinentry(gpwm);
309 grc = gpg_err_make(GPG_ERR_SOURCE_PINENTRY, GPG_ERR_CANCELED);
310 }
311 else
312 alarm(1);
313 break;
314 default:
315 break;
316 }
317 }
318
319 gpg_error_t _getpin(pwm_t *pwm, char **result, size_t *len,
320 pwmd_pinentry_t which)
321 {
322 grc = 0;
323 gpg_error_t rc = set_pinentry_strings(pwm, which);
324
325 if (rc) {
326 _pinentry_disconnect(pwm);
327 return rc;
328 }
329
330 if (result)
331 *result = NULL;
332
333 if (gtimeout) {
334 signal(SIGALRM, catchsig);
335 alarm(1);
336 }
337
338 if (result)
339 *result = NULL;
340
341 rc = pinentry_command(pwm, result, len,
342 which == PWMD_PINENTRY_CONFIRM ? "CONFIRM" : "GETPIN");
343
344 /*
345 * Since there was input cancel any timeout setting.
346 */
347 alarm(0);
348 signal(SIGALRM, SIG_DFL);
349
350 if (rc) {
351 _pinentry_disconnect(pwm);
352
353 /* This lets PWMD_OPTION_PINENTRY_TIMEOUT work. Note that it is not
354 * thread safe do to the global variables. */
355 if (gpg_err_code(rc) == GPG_ERR_EOF)
356 rc = GPG_ERR_CANCELED;
357 }
358
359 return rc;
360 }
361
362 gpg_error_t _pwmd_getpin(pwm_t *pwm, const char *filename, char **result,
363 size_t *len, pwmd_pinentry_t which)
364 {
365 gpg_error_t rc;
366 char *p = pwm->filename;
367
368 if (!pwm)
369 return GPG_ERR_INV_ARG;
370
371 if (which == PWMD_PINENTRY_CLOSE) {
372 _pinentry_disconnect(pwm);
373 return 0;
374 }
375
376 if (!result && which != PWMD_PINENTRY_CONFIRM)
377 return GPG_ERR_INV_ARG;
378
379 /* Another handle is using this pinentry method. Allowing this instance
380 * would reset the timeout and global handle which wouldn't be good. */
381 if (gpwm)
382 return GPG_ERR_PIN_BLOCKED;
383
384 if (pwm->pinentry_timeout != 0) {
385 gpwm = pwm;
386 gtimeout = abs(pwm->pinentry_timeout);
387 gelapsed = 0;
388 }
389
390 pwm->filename = (char *)filename;
391 rc = _getpin(pwm, result, len, which);
392 pwm->filename = p;
393
394 /* Don't timeout when an invalid passphrase was entered. */
395 gtimeout = 0;
396 gpwm = NULL;
397 return rc;
398 }
An API for pwmd.