1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
26 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <sys/select.h>
39 #include <netinet/in.h>
40 #include <sys/socket.h>
52 #define DNS_USE_GETTIMEOFDAY_FOR_ID 1
54 #include <arpa/nameser.h>
66 #define N_(msgid) dgettext("libpwmd", msgid)
73 static int gelapsed
, gtimeout
;
74 static gpg_error_t
pinentry_command(pwm_t
*pwm
, char **result
, const char *cmd
);
77 static char *_getpwuid(struct passwd
*pwd
)
79 size_t size
= sysconf(_SC_GETPW_R_SIZE_MAX
);
80 struct passwd
*result
;
87 buf
= pwmd_malloc(size
);
92 n
= getpwuid_r(getuid(), pwd
, buf
, size
, &result
);
109 static const char *_pwmd_strerror(gpg_error_t e
)
111 gpg_err_code_t code
= gpg_err_code(e
);
113 if (code
>= GPG_ERR_USER_1
&& code
< gpg_err_code(EPWMD_MAX
)) {
118 return N_("Unknown error");
120 return N_("No cache slots available");
122 return N_("Recursion loop");
124 return N_("No file is open");
126 return N_("General LibXML error");
128 return N_("File modified");
135 const char *pwmd_strerror(gpg_error_t code
)
137 const char *p
= _pwmd_strerror(code
);
139 return p
? p
: gpg_strerror(code
);
142 int pwmd_strerror_r(gpg_error_t code
, char *buf
, size_t size
)
144 const char *p
= _pwmd_strerror(code
);
147 snprintf(buf
, size
, "%s", p
);
149 if (strlen(p
) > size
)
155 return gpg_strerror_r(code
, buf
, size
);
158 gpg_error_t
pwmd_init()
160 static int initialized
;
169 bindtextdomain("libpwmd", LOCALEDIR
);
172 assuan_set_malloc_hooks(pwmd_malloc
, pwmd_realloc
, pwmd_free
);
173 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT
);
178 static gpg_error_t
_socket_connect_finalize(pwm_t
*pwm
)
181 int n
= assuan_get_active_fds(pwm
->ctx
, 0, active
, N_ARRAY(active
));
186 return GPG_ERR_EBADFD
;
192 assuan_set_pointer(pwm
->ctx
, pwm
);
195 rc
= pwmd_command(pwm
, NULL
, "OPTION CLIENT NAME=%s", pwm
->name
);
201 rc
= pwmd_command(pwm
, &result
, "VERSION");
203 if (rc
&& rc
!= GPG_ERR_ASS_UNKNOWN_CMD
)
207 pwm
->version
= PWMD_V1
;
209 pwm
->version
= PWMD_V2
;
216 static int read_hook(assuan_context_t ctx
, assuan_fd_t fd
, void *data
,
217 size_t len
, ssize_t
*ret
)
219 pwm_t
*pwm
= assuan_get_pointer(ctx
);
222 if (!pwm
|| !pwm
->tcp_conn
)
224 *ret
= pth_read((int)fd
, data
, len
);
226 *ret
= read((int)fd
, data
, len
);
230 *ret
= libssh2_channel_read(pwm
->tcp_conn
->channel
, data
, len
);
231 n
= libssh2_session_last_errno(pwm
->tcp_conn
->session
);
232 } while (n
== LIBSSH2_ERROR_EAGAIN
);
235 return !n
&& *ret
!= -1 ? 1 : 0;
238 static int write_hook(assuan_context_t ctx
, assuan_fd_t fd
, const void *data
,
239 size_t len
, ssize_t
*ret
)
241 pwm_t
*pwm
= assuan_get_pointer(ctx
);
244 if (!pwm
|| !pwm
->tcp_conn
)
246 *ret
= pth_write((int)fd
, data
, len
);
248 *ret
= write((int)fd
, data
, len
);
252 *ret
= libssh2_channel_write(pwm
->tcp_conn
->channel
, data
, len
);
253 n
= libssh2_session_last_errno(pwm
->tcp_conn
->session
);
254 } while (n
== LIBSSH2_ERROR_EAGAIN
);
257 return !n
&& *ret
!= -1 ? 1 : 0;
260 static void _ssh_deinit(pwmd_tcp_conn_t
*conn
);
261 static void free_tcp_conn(pwmd_tcp_conn_t
*conn
)
266 if (conn
->username
) {
267 pwmd_free(conn
->username
);
268 conn
->username
= NULL
;
271 if (conn
->known_hosts
) {
272 pwmd_free(conn
->known_hosts
);
273 conn
->known_hosts
= NULL
;
276 if (conn
->identity
) {
277 pwmd_free(conn
->identity
);
278 conn
->identity
= NULL
;
281 if (conn
->identity_pub
) {
282 pwmd_free(conn
->identity_pub
);
283 conn
->identity_pub
= NULL
;
287 pwmd_free(conn
->host
);
292 pwmd_free(conn
->hostkey
);
293 conn
->hostkey
= NULL
;
297 ares_destroy(conn
->chan
);
302 ares_free_hostent(conn
->he
);
317 static void _ssh_deinit(pwmd_tcp_conn_t
*conn
)
323 libssh2_channel_free(conn
->channel
);
326 libssh2_session_disconnect(conn
->session
, "Bye!");
327 libssh2_session_free(conn
->session
);
330 conn
->session
= NULL
;
331 conn
->channel
= NULL
;
335 static void _ssh_assuan_deinit(assuan_context_t ctx
)
337 pwm_t
*pwm
= assuan_get_pointer(ctx
);
339 pwm
->tcp_conn
->fd
= -1;
340 _ssh_deinit(pwm
->tcp_conn
);
341 pwm
->tcp_conn
= NULL
;
345 * Sets common options from both pwmd_ssh_connect() and
346 * pwmd_ssh_connect_async().
348 static gpg_error_t
init_tcp_conn(pwmd_tcp_conn_t
**dst
, const char *host
,
349 int port
, const char *identity
, const char *user
, const char *hosts
,
352 pwmd_tcp_conn_t
*conn
;
357 return GPG_ERR_INV_ARG
;
360 if (!host
|| !identity
|| !hosts
)
361 return GPG_ERR_INV_ARG
;
364 conn
= pwmd_calloc(1, sizeof(pwmd_tcp_conn_t
));
367 return gpg_error_from_errno(ENOMEM
);
369 conn
->port
= port
== -1 ? 22 : port
;
370 conn
->host
= pwmd_strdup(host
);
373 rc
= gpg_error_from_errno(ENOMEM
);
379 char *pwbuf
= _getpwuid(&pw
);
382 rc
= gpg_error_from_errno(errno
);
386 conn
->username
= pwmd_strdup(user
? user
: pw
.pw_name
);
389 if (!conn
->username
) {
390 rc
= gpg_error_from_errno(ENOMEM
);
394 conn
->identity
= pwmd_strdup(identity
);
396 if (!conn
->identity
) {
397 rc
= gpg_error_from_errno(ENOMEM
);
401 conn
->identity_pub
= pwmd_malloc(strlen(conn
->identity
)+5);
403 if (!conn
->identity_pub
) {
404 rc
= gpg_error_from_errno(ENOMEM
);
408 sprintf(conn
->identity_pub
, "%s.pub", conn
->identity
);
409 conn
->known_hosts
= pwmd_strdup(hosts
);
411 if (!conn
->known_hosts
) {
412 rc
= gpg_error_from_errno(ENOMEM
);
425 static gpg_error_t
do_connect(pwm_t
*pwm
, int prot
, void *addr
)
427 struct sockaddr_in their_addr
;
429 pwm
->tcp_conn
->fd
= socket(prot
, SOCK_STREAM
, 0);
431 if (pwm
->tcp_conn
->fd
== -1)
432 return gpg_error_from_syserror();
434 if (pwm
->tcp_conn
->async
)
435 fcntl(pwm
->tcp_conn
->fd
, F_SETFL
, O_NONBLOCK
);
437 pwm
->cmd
= ASYNC_CMD_CONNECT
;
438 their_addr
.sin_family
= prot
;
439 their_addr
.sin_port
= htons(pwm
->tcp_conn
->port
);
440 their_addr
.sin_addr
= *((struct in_addr
*)addr
);
441 memset(their_addr
.sin_zero
, '\0', sizeof their_addr
.sin_zero
);
444 if (pth_connect(pwm
->tcp_conn
->fd
, (struct sockaddr
*)&their_addr
,
445 sizeof(their_addr
)) == -1)
447 if (connect(pwm
->tcp_conn
->fd
, (struct sockaddr
*)&their_addr
,
448 sizeof(their_addr
)) == -1)
450 return gpg_error_from_syserror();
455 static gpg_error_t
ares_error_to_pwmd(int status
)
457 if (status
!= ARES_SUCCESS
)
458 warnx("%s", ares_strerror(status
));
464 return GPG_ERR_UNKNOWN_HOST
;
466 return GPG_ERR_EHOSTDOWN
;
468 return GPG_ERR_TIMEOUT
;
470 return gpg_error_from_errno(ENOMEM
);
471 case ARES_ECONNREFUSED
:
472 return GPG_ERR_ECONNREFUSED
;
475 return GPG_ERR_EHOSTUNREACH
;
481 static void dns_resolve_cb(void *arg
, int status
, int timeouts
,
482 unsigned char *abuf
, int alen
)
488 if (status
== ARES_EDESTRUCTION
)
491 if (status
!= ARES_SUCCESS
) {
492 pwm
->tcp_conn
->rc
= ares_error_to_pwmd(status
);
496 /* Check for an IPv6 address first. */
497 if (pwm
->prot
== PWMD_IP_ANY
|| pwm
->prot
== PWMD_IPV6
)
498 rc
= ares_parse_aaaa_reply(abuf
, alen
, &he
, NULL
, NULL
);
500 rc
= ares_parse_a_reply(abuf
, alen
, &he
, NULL
, NULL
);
502 if (rc
!= ARES_SUCCESS
) {
503 if (pwm
->prot
!= PWMD_IP_ANY
|| rc
!= ARES_ENODATA
) {
504 pwm
->tcp_conn
->rc
= ares_error_to_pwmd(status
);
508 rc
= ares_parse_a_reply(abuf
, alen
, &he
, NULL
, NULL
);
510 if (rc
!= ARES_SUCCESS
) {
511 pwm
->tcp_conn
->rc
= ares_error_to_pwmd(status
);
516 pwm
->tcp_conn
->he
= he
;
517 pwm
->tcp_conn
->rc
= do_connect(pwm
, he
->h_addrtype
, he
->h_addr
);
520 static gpg_error_t
_do_pwmd_tcp_connect_async(pwm_t
*pwm
, const char *host
,
521 int port
, const char *identity
, const char *user
,
522 const char *known_hosts
, pwmd_async_cmd_t which
)
524 pwmd_tcp_conn_t
*conn
;
528 return GPG_ERR_INV_ARG
;
530 rc
= init_tcp_conn(&conn
, host
, port
, identity
, user
, known_hosts
,
531 which
== ASYNC_CMD_HOSTKEY
? 1 : 0);
537 pwm
->tcp_conn
= conn
;
538 pwm
->tcp_conn
->cmd
= which
;
540 if (pwm
->tcp_conn
->cmd
== ASYNC_CMD_HOSTKEY
)
541 pwm
->tcp_conn
->get_only
= 1;
543 pwm
->cmd
= ASYNC_CMD_DNS
;
544 pwm
->state
= ASYNC_PROCESS
;
545 ares_init(&pwm
->tcp_conn
->chan
);
546 ares_query(pwm
->tcp_conn
->chan
, pwm
->tcp_conn
->host
, ns_c_any
, ns_t_any
,
547 dns_resolve_cb
, pwm
);
551 gpg_error_t
pwmd_ssh_connect_async(pwm_t
*pwm
, const char *host
, int port
,
552 const char *identity
, const char *user
, const char *known_hosts
)
554 return _do_pwmd_tcp_connect_async(pwm
, host
, port
, identity
, user
,
555 known_hosts
, ASYNC_CMD_CONNECT
);
558 static void *_ssh_malloc(size_t size
, void **data
)
560 return pwmd_malloc(size
);
563 static void _ssh_free(void *ptr
, void **data
)
568 static void *_ssh_realloc(void *ptr
, size_t size
, void **data
)
570 return pwmd_realloc(ptr
, size
);
573 static char *to_hex(const char *str
, size_t slen
)
576 char *buf
= pwmd_malloc(slen
*2+1);
581 for (i
= 0, buf
[0] = 0; i
< slen
; i
++) {
584 sprintf(tmp
, "%02x", (unsigned char)str
[i
]);
591 static int verify_host_key(pwm_t
*pwm
)
593 FILE *fp
= fopen(pwm
->tcp_conn
->known_hosts
, "r");
599 buf
= pwmd_malloc(LINE_MAX
);
604 while ((p
= fgets(buf
, LINE_MAX
, fp
))) {
605 if (*p
== '#' || isspace(*p
))
608 if (p
[strlen(p
)-1] == '\n')
611 if (!strcmp(buf
, pwm
->tcp_conn
->hostkey
))
628 static gpg_error_t
authenticate_ssh(pwm_t
*pwm
)
630 const char *fp
= libssh2_hostkey_hash(pwm
->tcp_conn
->session
,
631 LIBSSH2_HOSTKEY_HASH_SHA1
);
634 pwm
->tcp_conn
->hostkey
= to_hex(fp
, 20);
636 if (!pwm
->tcp_conn
->hostkey
)
637 return gpg_error_from_errno(ENOMEM
);
639 if (pwm
->tcp_conn
->get_only
)
642 if (!fp
|| verify_host_key(pwm
))
643 return GPG_ERR_CHECKSUM
;
645 userauth
= libssh2_userauth_list(pwm
->tcp_conn
->session
,
646 pwm
->tcp_conn
->username
, strlen(pwm
->tcp_conn
->username
));
648 if (!userauth
|| !strstr(userauth
, "publickey"))
649 return GPG_ERR_BAD_PIN_METHOD
;
651 if (libssh2_userauth_publickey_fromfile(pwm
->tcp_conn
->session
,
652 pwm
->tcp_conn
->username
, pwm
->tcp_conn
->identity_pub
,
653 pwm
->tcp_conn
->identity
, NULL
))
654 return GPG_ERR_BAD_SECKEY
;
659 static gpg_error_t
setup_tcp_session(pwm_t
*pwm
)
661 assuan_context_t ctx
;
662 struct assuan_io_hooks io_hooks
= {read_hook
, write_hook
};
665 pwm
->tcp_conn
->session
= libssh2_session_init_ex(_ssh_malloc
, _ssh_free
,
668 if (!pwm
->tcp_conn
->session
) {
669 rc
= gpg_error_from_errno(ENOMEM
);
673 if (libssh2_session_startup(pwm
->tcp_conn
->session
, pwm
->tcp_conn
->fd
)) {
674 rc
= GPG_ERR_ASSUAN_SERVER_FAULT
;
678 rc
= authenticate_ssh(pwm
);
683 /* pwmd_get_hostkey(). */
684 if (pwm
->tcp_conn
->get_only
) {
685 pwm
->result
= pwmd_strdup(pwm
->tcp_conn
->hostkey
);
688 rc
= gpg_error_from_errno(ENOMEM
);
695 pwm
->tcp_conn
->channel
= libssh2_channel_open_session(pwm
->tcp_conn
->session
);
697 if (!pwm
->tcp_conn
->channel
) {
698 rc
= GPG_ERR_ASSUAN_SERVER_FAULT
;
702 if (libssh2_channel_shell(pwm
->tcp_conn
->channel
)) {
703 rc
= GPG_ERR_ASSUAN_SERVER_FAULT
;
707 assuan_set_io_hooks(&io_hooks
);
708 rc
= assuan_socket_connect_fd(&ctx
, pwm
->tcp_conn
->fd
, 0, pwm
);
713 assuan_set_finish_handler(ctx
, _ssh_assuan_deinit
);
715 return _socket_connect_finalize(pwm
);
718 free_tcp_conn(pwm
->tcp_conn
);
719 pwm
->tcp_conn
= NULL
;
723 static gpg_error_t
_do_pwmd_tcp_connect(pwm_t
*pwm
, const char *host
, int port
,
724 const char *identity
, const char *user
, const char *known_hosts
, int get
)
726 pwmd_tcp_conn_t
*conn
;
730 return GPG_ERR_INV_ARG
;
732 rc
= init_tcp_conn(&conn
, host
, port
, identity
, user
, known_hosts
, get
);
737 pwm
->tcp_conn
= conn
;
738 pwm
->tcp_conn
->get_only
= get
;
739 pwm
->cmd
= ASYNC_CMD_DNS
;
740 ares_init(&pwm
->tcp_conn
->chan
);
741 ares_query(pwm
->tcp_conn
->chan
, pwm
->tcp_conn
->host
, ns_c_any
, ns_t_any
,
742 dns_resolve_cb
, pwm
);
744 /* dns_resolve_cb() may have already been called. */
745 if (pwm
->tcp_conn
->rc
) {
746 rc
= pwm
->tcp_conn
->rc
;
751 * Fake a blocking DNS lookup. libcares does a better job than
761 n
= ares_fds(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
762 ares_timeout(pwm
->tcp_conn
->chan
, NULL
, &tv
);
764 n
= pth_select(n
, &rfds
, &wfds
, NULL
, &tv
);
766 n
= select(n
, &rfds
, &wfds
, NULL
, &tv
);
770 rc
= gpg_error_from_syserror();
774 rc
= GPG_ERR_TIMEOUT
;
778 ares_process(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
780 if (pwm
->tcp_conn
->rc
)
782 } while (pwm
->cmd
== ASYNC_CMD_DNS
);
784 if (pwm
->tcp_conn
->rc
) {
785 rc
= pwm
->tcp_conn
->rc
;
789 return setup_tcp_session(pwm
);
795 gpg_error_t
pwmd_ssh_connect(pwm_t
*pwm
, const char *host
, int port
,
796 const char *identity
, const char *user
, const char *known_hosts
)
798 return _do_pwmd_tcp_connect(pwm
, host
, port
, identity
, user
, known_hosts
, 0);
801 gpg_error_t
pwmd_get_hostkey(pwm_t
*pwm
, const char *host
, int port
,
807 rc
= _do_pwmd_tcp_connect(pwm
, host
, port
, NULL
, NULL
, NULL
, 1);
812 hostkey
= pwmd_strdup(pwm
->tcp_conn
->hostkey
);
815 rc
= gpg_error_from_errno(ENOMEM
);
821 gpg_error_t
pwmd_get_hostkey_async(pwm_t
*pwm
, const char *host
, int port
)
823 return _do_pwmd_tcp_connect_async(pwm
, host
, port
, NULL
, NULL
, NULL
,
828 gpg_error_t
pwmd_connect(pwm_t
*pwm
, const char *path
)
830 char *socketpath
= NULL
;
831 assuan_context_t ctx
;
837 return GPG_ERR_INV_ARG
;
839 pwbuf
= _getpwuid(&pw
);
842 return gpg_error_from_errno(errno
);
845 socketpath
= (char *)pwmd_malloc(strlen(pw
.pw_dir
) + strlen("/.pwmd/socket") + 1);
846 sprintf(socketpath
, "%s/.pwmd/socket", pw
.pw_dir
);
849 socketpath
= pwmd_strdup(path
);
852 rc
= assuan_socket_connect_ext(&ctx
, socketpath
, -1, 0);
853 pwmd_free(socketpath
);
859 return _socket_connect_finalize(pwm
);
862 void pwmd_close(pwm_t
*pwm
)
868 assuan_disconnect(pwm
->ctx
);
871 pwmd_free(pwm
->password
);
874 pwmd_free(pwm
->title
);
877 pwmd_free(pwm
->desc
);
880 pwmd_free(pwm
->prompt
);
882 if (pwm
->pinentry_tty
)
883 pwmd_free(pwm
->pinentry_tty
);
885 if (pwm
->pinentry_display
)
886 pwmd_free(pwm
->pinentry_display
);
888 if (pwm
->pinentry_term
)
889 pwmd_free(pwm
->pinentry_term
);
892 pwmd_free(pwm
->lcctype
);
895 pwmd_free(pwm
->lcmessages
);
898 pwmd_free(pwm
->filename
);
901 pwmd_free(pwm
->name
);
905 free_tcp_conn(pwm
->tcp_conn
);
911 static int mem_realloc_cb(void *data
, const void *buffer
, size_t len
)
913 membuf_t
*mem
= (membuf_t
*)data
;
919 if ((p
= pwmd_realloc(mem
->buf
, mem
->len
+ len
)) == NULL
)
923 memcpy((char *)mem
->buf
+ mem
->len
, buffer
, len
);
928 static int _inquire_cb(void *data
, const char *keyword
)
930 pwm_t
*pwm
= (pwm_t
*)data
;
932 int flags
= fcntl(pwm
->fd
, F_GETFL
);
934 /* Shouldn't get this far without a callback. */
935 if (!pwm
->inquire_func
)
936 return GPG_ERR_INV_ARG
;
939 * Since the socket file descriptor is probably set to non-blocking, set to
940 * blocking to prevent GPG_ERR_EAGAIN errors. This should be fixed when
941 * asynchronous INQUIRE is supported by either libassuan or a later
944 fcntl(pwm
->fd
, F_SETFL
, 0);
951 rc
= pwm
->inquire_func(pwm
->inquire_data
, keyword
, rc
, &result
, &len
);
952 rc
= gpg_err_code(rc
);
954 if (rc
== GPG_ERR_EOF
|| !rc
) {
955 if (len
<= 0 || !result
) {
960 arc
= assuan_send_data(pwm
->ctx
, result
, len
);
962 if (rc
== GPG_ERR_EOF
) {
973 fcntl(pwm
->fd
, F_SETFL
, flags
);
977 static gpg_error_t
do_nb_command(pwm_t
*pwm
, const char *cmd
, ...)
983 if (pwm
->state
== ASYNC_DONE
)
984 pwm
->state
= ASYNC_INIT
;
986 if (pwm
->state
!= ASYNC_INIT
)
987 return GPG_ERR_INV_STATE
;
989 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
992 return gpg_error_from_errno(ENOMEM
);
995 vsnprintf(buf
, ASSUAN_LINELENGTH
, cmd
, ap
);
997 rc
= assuan_write_line(pwm
->ctx
, buf
);
1001 pwm
->state
= ASYNC_PROCESS
;
1006 gpg_error_t
pwmd_open_async(pwm_t
*pwm
, const char *filename
)
1008 if (!pwm
|| !filename
)
1009 return GPG_ERR_INV_ARG
;
1012 return GPG_ERR_INV_STATE
;
1014 if (pwm
->cmd
!= ASYNC_CMD_OPEN
) {
1020 pwmd_free(pwm
->filename
);
1022 pwm
->filename
= pwmd_strdup(filename
);
1024 rc
= send_pinentry_options(pwm
);
1030 pwm
->cmd
= ASYNC_CMD_OPEN
;
1031 return do_nb_command(pwm
, "OPEN %s %s", filename
,
1032 pwm
->password
? pwm
->password
: "");
1035 gpg_error_t
pwmd_save_async(pwm_t
*pwm
)
1040 return GPG_ERR_INV_ARG
;
1043 return GPG_ERR_INV_STATE
;
1045 rc
= send_pinentry_options(pwm
);
1050 pwm
->cmd
= ASYNC_CMD_SAVE
;
1051 return do_nb_command(pwm
, "SAVE %s", pwm
->password
? pwm
->password
: "");
1054 static gpg_error_t
parse_assuan_line(pwm_t
*pwm
)
1060 rc
= assuan_read_line(pwm
->ctx
, &line
, &len
);
1063 if (line
[0] == 'O' && line
[1] == 'K' &&
1064 (line
[2] == 0 || line
[2] == ' ')) {
1065 pwm
->state
= ASYNC_DONE
;
1067 else if (line
[0] == '#') {
1069 else if (line
[0] == 'S' && (line
[1] == 0 || line
[1] == ' ')) {
1070 if (pwm
->status_func
) {
1071 pwm
->status_func(pwm
->status_data
,
1072 line
[1] == 0 ? line
+1 : line
+2);
1075 else if (line
[0] == 'E' && line
[1] == 'R' && line
[2] == 'R' &&
1076 (line
[3] == 0 || line
[3] == ' ')) {
1079 pwm
->state
= ASYNC_DONE
;
1086 gpg_error_t
pwmd_pending_line(pwm_t
*pwm
)
1089 return GPG_ERR_INV_ARG
;
1092 return GPG_ERR_INV_STATE
;
1094 return assuan_pending_line(pwm
->ctx
) ? 0 : GPG_ERR_NO_DATA
;
1097 static pwmd_async_t
reset_async(pwm_t
*pwm
, int done
)
1099 pwm
->state
= ASYNC_INIT
;
1100 pwm
->cmd
= ASYNC_CMD_NONE
;
1102 #ifdef WITH_PINENTRY
1103 if (pwm
->nb_fd
!= -1) {
1109 if (done
&& pwm
->tcp_conn
&& pwm
->tcp_conn
->fd
!= -1) {
1110 close(pwm
->tcp_conn
->fd
);
1111 pwm
->tcp_conn
->fd
= -1;
1118 pwmd_async_t
pwmd_process(pwm_t
*pwm
, gpg_error_t
*rc
, char **result
)
1122 struct timeval tv
= {0, 0};
1128 *rc
= GPG_ERR_INV_ARG
;
1131 else if (!pwm
->ctx
) {
1134 *rc
= GPG_ERR_INV_STATE
;
1137 case ASYNC_CMD_CONNECT
:
1138 case ASYNC_CMD_HOSTKEY
:
1143 /* When not in a command, this will let libassuan process status messages
1144 * by calling PWMD_OPTION_STATUS_FUNC. The client can poll the file
1145 * descriptor returned by pwmd_get_fd() to determine when this should be
1146 * called or call pwmd_pending_line() to determine whether a buffered line
1147 * needs to be processed. */
1148 if (pwm
->cmd
== ASYNC_CMD_NONE
) {
1149 *rc
= assuan_command(pwm
, pwm
->ctx
, NULL
, "NOP");
1153 /* Fixes pwmd_open/save_async2() when there is a cached or new file. */
1154 if (pwm
->state
== ASYNC_DONE
) {
1155 reset_async(pwm
, 0);
1159 if (pwm
->state
!= ASYNC_PROCESS
) {
1160 *rc
= GPG_ERR_INV_STATE
;
1165 if (pwm
->cmd
== ASYNC_CMD_DNS
) {
1168 if (pwm
->tcp_conn
->rc
) {
1169 *rc
= pwm
->tcp_conn
->rc
;
1170 reset_async(pwm
, 1);
1176 n
= ares_fds(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
1178 /* Shouldn't happen. */
1183 n
= pth_select(n
, &rfds
, &wfds
, NULL
, &tv
);
1185 n
= select(n
, &rfds
, &wfds
, NULL
, &tv
);
1189 ares_process(pwm
->tcp_conn
->chan
, &rfds
, &wfds
);
1193 else if (pwm
->cmd
== ASYNC_CMD_CONNECT
) {
1194 if (pwm
->tcp_conn
->rc
== GPG_ERR_EINPROGRESS
) {
1196 socklen_t len
= sizeof(int);
1199 FD_SET(pwm
->tcp_conn
->fd
, &fds
);
1201 n
= pth_select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
1203 n
= select(pwm
->tcp_conn
->fd
+1, NULL
, &fds
, NULL
, &tv
);
1206 if (!n
|| !FD_ISSET(pwm
->tcp_conn
->fd
, &fds
))
1209 *rc
= gpg_error_from_syserror();
1210 reset_async(pwm
, 1);
1214 ret
= getsockopt(pwm
->tcp_conn
->fd
, SOL_SOCKET
, SO_ERROR
, &n
, &len
);
1217 *rc
= ret
? gpg_error_from_syserror() : gpg_error_from_errno(n
);
1218 reset_async(pwm
, 1);
1222 else if (pwm
->tcp_conn
->rc
) {
1223 *rc
= pwm
->tcp_conn
->rc
;
1224 reset_async(pwm
, 1);
1228 fcntl(pwm
->tcp_conn
->fd
, F_SETFL
, 0);
1229 *rc
= setup_tcp_session(pwm
);
1232 switch (pwm
->tcp_conn
->cmd
) {
1233 case ASYNC_CMD_HOSTKEY
:
1235 *result
= pwm
->result
;
1242 return reset_async(pwm
, *rc
? 1 : 0);
1246 #ifdef WITH_PINENTRY
1247 if (pwm
->cmd
== ASYNC_CMD_OPEN2
|| pwm
->cmd
== ASYNC_CMD_SAVE2
) {
1250 if (pwm
->nb_fd
== -1) {
1251 *rc
= GPG_ERR_INV_STATE
;
1252 return reset_async(pwm
, 0);
1256 FD_SET(pwm
->nb_fd
, &fds
);
1258 n
= pth_select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
1260 n
= select(pwm
->nb_fd
+1, &fds
, NULL
, NULL
, &tv
);
1263 *rc
= gpg_error_from_syserror();
1264 return reset_async(pwm
, 0);
1268 pwmd_nb_status_t nb
;
1270 size_t len
= pth_read(pwm
->nb_fd
, &nb
, sizeof(nb
));
1272 size_t len
= read(pwm
->nb_fd
, &nb
, sizeof(nb
));
1274 waitpid(pwm
->nb_pid
, &status
, WNOHANG
);
1276 if (len
!= sizeof(nb
)) {
1277 *rc
= gpg_error_from_syserror();
1278 return reset_async(pwm
, pwm
->cmd
== ASYNC_CMD_OPEN2
? 1 : 0);
1283 if (*rc
== GPG_ERR_INV_PASSPHRASE
&& pwm
->cmd
== ASYNC_CMD_SAVE2
) {
1284 reset_async(pwm
, 0);
1285 *rc
= pwmd_save_async2(pwm
);
1286 return ASYNC_PROCESS
;
1289 return reset_async(pwm
, pwm
->cmd
== ASYNC_CMD_OPEN2
? 1 : 0);
1291 if (pwm
->cmd
== ASYNC_CMD_SAVE2
) {
1292 *rc
= do_save_command(pwm
, nb
.password
);
1293 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
1294 return reset_async(pwm
, 0);
1297 if (pwm
->cmd
== ASYNC_CMD_OPEN2
) {
1298 *rc
= do_open_command(pwm
, pwm
->filename
, nb
.password
);
1299 memset(&nb
, 0, sizeof(pwmd_nb_status_t
));
1301 if (*rc
== GPG_ERR_INV_PASSPHRASE
) {
1302 if (++pwm
->pin_try
< pwm
->pinentry_tries
) {
1303 int n
= pwm
->pin_try
;
1305 reset_async(pwm
, 0);
1307 pwm
->cmd
= ASYNC_CMD_OPEN2
;
1308 *rc
= pwmd_open_async2(pwm
, pwm
->filename
);
1311 return reset_async(pwm
, 1);
1317 return reset_async(pwm
, *rc
? 1 : 0);
1326 *rc
= GPG_ERR_INV_STATE
;
1327 return reset_async(pwm
, 0);
1330 /* This is for the non-blocking OPEN and SAVE commands. */
1332 FD_SET(pwm
->fd
, &fds
);
1334 n
= pth_select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
1336 n
= select(pwm
->fd
+1, &fds
, NULL
, NULL
, &tv
);
1340 *rc
= gpg_error_from_syserror();
1341 return reset_async(pwm
, 0);
1345 if (FD_ISSET(pwm
->fd
, &fds
))
1346 *rc
= parse_assuan_line(pwm
);
1349 while (!*rc
&& assuan_pending_line(pwm
->ctx
))
1350 *rc
= parse_assuan_line(pwm
);
1352 /* For pinentry retries. */
1353 if (pwm
->cmd
== ASYNC_CMD_OPEN
&&
1354 gpg_err_code(*rc
) == GPG_ERR_INV_PASSPHRASE
&&
1355 ++pwm
->pin_try
< pwm
->pinentry_tries
) {
1356 pwm
->state
= ASYNC_INIT
;
1357 *rc
= pwmd_open_async(pwm
, pwm
->filename
);
1361 return reset_async(pwm
, pwm
->cmd
== ASYNC_CMD_OPEN
? 1 : 0);
1363 if (pwm
->state
== ASYNC_DONE
) {
1364 reset_async(pwm
, 0);
1371 static gpg_error_t
assuan_command(pwm_t
*pwm
, assuan_context_t ctx
,
1372 char **result
, const char *cmd
)
1380 rc
= assuan_transact(ctx
, cmd
, mem_realloc_cb
, &data
, _inquire_cb
, pwm
,
1381 pwm
->status_func
, pwm
->status_data
);
1385 pwmd_free(data
.buf
);
1391 mem_realloc_cb(&data
, "", 1);
1394 pwmd_free(data
.buf
);
1395 rc
= GPG_ERR_INV_ARG
;
1398 *result
= (char *)data
.buf
;
1402 return gpg_err_code(rc
);
1405 gpg_error_t
pwmd_inquire(pwm_t
*pwm
, const char *cmd
, pwmd_inquire_cb_t fn
,
1408 if (!pwm
|| !cmd
|| !fn
)
1409 return GPG_ERR_INV_ARG
;
1412 return GPG_ERR_INV_STATE
;
1414 pwm
->inquire_func
= fn
;
1415 pwm
->inquire_data
= data
;
1416 return assuan_command(pwm
, pwm
->ctx
, NULL
, cmd
);
1419 #ifdef WITH_PINENTRY
1420 static gpg_error_t
terminate_pinentry(pwm_t
*pwm
)
1422 pid_t pid
= pwm
->pid
;
1426 if (!pwm
|| pid
== -1)
1427 return GPG_ERR_INV_ARG
;
1429 if (kill(pid
, 0) == 0) {
1430 if (kill(pid
, SIGTERM
) == -1) {
1431 if (kill(pid
, SIGKILL
) == -1)
1432 return gpg_error_from_errno(errno
);
1436 return gpg_error_from_errno(errno
);
1441 static gpg_error_t
set_pinentry_strings(pwm_t
*pwm
, int which
)
1446 tmp
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
1449 return gpg_error_from_errno(ENOMEM
);
1452 pwm
->title
= pwmd_strdup(N_("Password Manager Daemon"));
1458 pwm
->prompt
= pwmd_strdup(N_("Passphrase:"));
1463 if (!pwm
->desc
&& (which
== PINENTRY_OPEN
|| which
== PINENTRY_SAVE
)) {
1464 if (which
== PINENTRY_OPEN
)
1465 desc
= pwmd_strdup_printf(N_("A passphrase is required to open the file \"%s\". Please%%0Aenter the passphrase below."), pwm
->filename
);
1467 desc
= pwmd_strdup_printf(N_("A passphrase is required to save to the file \"%s\". Please%%0Aenter the passphrase below."), pwm
->filename
);
1479 snprintf(tmp
, ASSUAN_LINELENGTH
, "SETERROR %s", desc
);
1481 if (pwm
->desc
!= desc
)
1484 case PINENTRY_OPEN_FAILED
:
1485 snprintf(tmp
, ASSUAN_LINELENGTH
, "SETERROR %s",
1486 N_("Invalid passphrase, please try again."));
1488 case PINENTRY_SAVE_CONFIRM
:
1489 snprintf(tmp
, ASSUAN_LINELENGTH
, "SETERROR %s",
1490 N_("Please type the passphrase again for confirmation."));
1494 error
= pinentry_command(pwm
, NULL
, tmp
);
1501 snprintf(tmp
, ASSUAN_LINELENGTH
, "SETPROMPT %s", pwm
->prompt
);
1502 error
= pinentry_command(pwm
, NULL
, tmp
);
1509 snprintf(tmp
, ASSUAN_LINELENGTH
, "SETDESC %s", pwm
->title
);
1510 error
= pinentry_command(pwm
, NULL
, tmp
);
1516 return gpg_error_from_errno(ENOMEM
);
1519 static void update_pinentry_settings(pwm_t
*pwm
)
1525 char *pwbuf
= _getpwuid(&pw
);
1530 snprintf(buf
, sizeof(buf
), "%s/.pwmd/pinentry.conf", pw
.pw_dir
);
1533 if ((fp
= fopen(buf
, "r")) == NULL
)
1536 while ((p
= fgets(buf
, sizeof(buf
), fp
)) != NULL
) {
1537 char name
[32], val
[256];
1539 if (sscanf(p
, " %31[a-zA-Z] = %255s", name
, val
) != 2)
1542 if (strcasecmp(name
, "TTYNAME") == 0) {
1543 pwmd_free(pwm
->pinentry_tty
);
1544 pwm
->pinentry_tty
= pwmd_strdup(val
);
1546 else if (strcasecmp(name
, "TTYTYPE") == 0) {
1547 pwmd_free(pwm
->pinentry_term
);
1548 pwm
->pinentry_term
= pwmd_strdup(val
);
1550 else if (strcasecmp(name
, "DISPLAY") == 0) {
1551 pwmd_free(pwm
->pinentry_display
);
1552 pwm
->pinentry_display
= pwmd_strdup(val
);
1554 else if (strcasecmp(name
, "PATH") == 0) {
1555 pwmd_free(pwm
->pinentry_path
);
1556 pwm
->pinentry_path
= pwmd_strdup(val
);
1563 static gpg_error_t
launch_pinentry(pwm_t
*pwm
)
1566 assuan_context_t ctx
;
1567 int child_list
[] = {-1};
1568 char *display
= getenv("DISPLAY");
1569 const char *argv
[10];
1570 const char **p
= argv
;
1571 int have_display
= 0;
1573 char *ttybuf
= NULL
;
1575 update_pinentry_settings(pwm
);
1577 if (pwm
->pinentry_display
|| display
)
1580 if (!pwm
->pinentry_tty
) {
1581 ttybuf
= pwmd_malloc(255);
1584 return gpg_error_from_errno(ENOMEM
);
1586 rc
= ttyname_r(STDOUT_FILENO
, ttybuf
, 255);
1590 return gpg_error_from_errno(rc
);
1596 tty
= pwm
->pinentry_tty
;
1599 if (!have_display
&& !tty
)
1600 return GPG_ERR_ENOTTY
;
1603 *p
++ = have_display
? "--display" : "--ttyname";
1604 *p
++ = have_display
? pwm
->pinentry_display
? pwm
->pinentry_display
: display
: tty
;
1607 *p
++ = "--lc-ctype";
1608 *p
++ = pwm
->lcctype
;
1611 if (pwm
->lcmessages
) {
1612 *p
++ = "--lc-messages";
1613 *p
++ = pwm
->lcmessages
;
1618 if (!have_display
) {
1620 *p
++ = pwm
->pinentry_term
? pwm
->pinentry_term
: getenv("TERM");
1624 rc
= assuan_pipe_connect(&ctx
, pwm
->pinentry_path
? pwm
->pinentry_path
: PINENTRY_PATH
, argv
, child_list
);
1632 pwm
->pid
= assuan_get_pid(ctx
);
1634 return set_pinentry_strings(pwm
, 0);
1637 static gpg_error_t
pinentry_command(pwm_t
*pwm
, char **result
, const char *cmd
)
1642 n
= launch_pinentry(pwm
);
1648 return assuan_command(pwm
, pwm
->pctx
, result
, cmd
);
1651 static void pinentry_disconnect(pwm_t
*pwm
)
1654 assuan_disconnect(pwm
->pctx
);
1661 * Only called from a child process.
1663 static void catchsig(int sig
)
1667 if (gelapsed
++ >= gtimeout
)
1668 terminate_pinentry(gpwm
);
1679 * Borrowed from libassuan.
1681 static char *percent_escape(const char *atext
)
1683 const unsigned char *s
;
1684 int len
= strlen(atext
) * 3 + 1;
1685 char *buf
= (char *)pwmd_malloc(len
), *p
= buf
;
1690 for (s
=(const unsigned char *)atext
; *s
; s
++) {
1692 sprintf (p
, "%%%02X", *s
);
1703 static gpg_error_t
send_command(pwm_t
*pwm
, char **result
, const char *cmd
)
1706 return GPG_ERR_INV_ARG
;
1708 return assuan_command(pwm
, pwm
->ctx
, result
, cmd
);
1711 gpg_error_t
pwmd_command_ap(pwm_t
*pwm
, char **result
, const char *cmd
,
1719 return GPG_ERR_INV_ARG
;
1722 return GPG_ERR_INV_STATE
;
1725 * C99 allows the dst pointer to be null which will calculate the length
1726 * of the would-be result and return it.
1728 len
= vsnprintf(NULL
, 0, cmd
, ap
)+1;
1729 buf
= (char *)pwmd_malloc(len
);
1732 return gpg_error_from_errno(ENOMEM
);
1734 len
= vsnprintf(buf
, len
, cmd
, ap
);
1736 if (buf
[strlen(buf
)-1] == '\n')
1737 buf
[strlen(buf
)-1] = 0;
1739 if (buf
[strlen(buf
)-1] == '\r')
1740 buf
[strlen(buf
)-1] = 0;
1742 error
= send_command(pwm
, result
, buf
);
1747 gpg_error_t
pwmd_command(pwm_t
*pwm
, char **result
, const char *cmd
, ...)
1753 return GPG_ERR_INV_ARG
;
1756 return GPG_ERR_INV_STATE
;
1762 error
= pwmd_command_ap(pwm
, result
, cmd
, ap
);
1767 #ifdef WITH_PINENTRY
1768 static gpg_error_t
do_getpin(pwm_t
*pwm
, char **result
)
1771 signal(SIGALRM
, catchsig
);
1776 return pinentry_command(pwm
, result
, "GETPIN");
1779 static gpg_error_t
getpin(pwm_t
*pwm
, char **result
, int which
)
1783 error
= set_pinentry_strings(pwm
, which
);
1786 pinentry_disconnect(pwm
);
1790 error
= do_getpin(pwm
, result
);
1793 * Since there was input cancel any timeout setting.
1798 if (error
== GPG_ERR_CANCELED
)
1799 return GPG_ERR_CANCELED
;
1802 pinentry_disconnect(pwm
);
1811 static gpg_error_t
do_open_command(pwm_t
*pwm
, const char *filename
, char *password
)
1815 char *result
= NULL
;
1817 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
1820 return gpg_error_from_errno(ENOMEM
);
1822 snprintf(buf
, ASSUAN_LINELENGTH
, "OPEN %s %s", filename
,
1823 password
? password
: "");
1824 error
= send_command(pwm
, &result
, buf
);
1827 if (error
&& result
)
1833 static gpg_error_t
send_pinentry_options(pwm_t
*pwm
)
1837 if (pwm
->pinentry_path
) {
1838 rc
= pwmd_command(pwm
, NULL
, "OPTION PATH=%s", pwm
->pinentry_path
);
1844 if (pwm
->pinentry_tty
) {
1845 rc
= pwmd_command(pwm
, NULL
, "OPTION TTYNAME=%s", pwm
->pinentry_tty
);
1851 if (pwm
->pinentry_term
) {
1852 rc
= pwmd_command(pwm
, NULL
, "OPTION TTYTYPE=%s", pwm
->pinentry_term
);
1858 if (pwm
->pinentry_display
) {
1859 rc
= pwmd_command(pwm
, NULL
, "OPTION TITLE=%s", pwm
->pinentry_display
);
1866 rc
= pwmd_command(pwm
, NULL
, "OPTION TITLE=%s", pwm
->title
);
1873 rc
= pwmd_command(pwm
, NULL
, "OPTION DESC=%s", pwm
->desc
);
1880 rc
= pwmd_command(pwm
, NULL
, "OPTION PROMPT=%s", pwm
->prompt
);
1887 rc
= pwmd_command(pwm
, NULL
, "OPTION LC_CTYPE=%s", pwm
->lcctype
);
1893 if (pwm
->lcmessages
) {
1894 rc
= pwmd_command(pwm
, NULL
, "OPTION LC_MESSAGES=%s", pwm
->lcmessages
);
1900 if (pwm
->pinentry_timeout
>= 0) {
1901 rc
= pwmd_command(pwm
, NULL
, "OPTION TIMEOUT=%i", pwm
->pinentry_timeout
);
1910 static gpg_error_t
do_pwmd_open(pwm_t
*pwm
, const char *filename
, int nb
,
1913 char *result
= NULL
;
1914 char *password
= NULL
;
1920 if (!pwm
|| !filename
|| !*filename
)
1921 return GPG_ERR_INV_ARG
;
1924 return GPG_ERR_INV_STATE
;
1926 pin_try
= pwm
->pinentry_tries
- 1;
1929 * Avoid calling pinentry if the password is cached on the server or if
1930 * this is a new file. pwmd version 2 adds a VERSION command which is
1931 * determined in _socket_connect_finalize(). If the server is version 2,
1932 * ISCACHED can determine if a file exists.
1934 if (!pwm
->tcp_conn
&& pwm
->version
== PWMD_V1
) {
1935 rc
= pwmd_command(pwm
, &result
, "GETCONFIG data_directory");
1940 len
= strlen(result
)+strlen(filename
)+2;
1941 path
= pwmd_malloc(len
);
1945 return gpg_error_from_errno(ENOMEM
);
1948 snprintf(path
, len
, "%s/%s", result
, filename
);
1951 if (access(path
, R_OK
) == -1) {
1952 if (errno
== ENOENT
) {
1961 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", filename
);
1963 if (gpg_err_code(rc
) == GPG_ERR_ENOENT
)
1966 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
1969 if (!nb
&& rc
== GPG_ERR_NOT_FOUND
) {
1970 if (pwm
->password
) {
1971 password
= pwm
->password
;
1975 if (pwm
->passfunc
) {
1976 rc
= pwm
->passfunc(pwm
->passdata
, &password
);
1985 #ifdef WITH_PINENTRY
1986 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
1987 rc
= pwmd_command(pwm
, NULL
, "OPTION PINENTRY=0");
1993 pwm
->filename
= pwmd_strdup(filename
);
1996 return gpg_error_from_errno(ENOMEM
);
1998 /* Get the passphrase using the LOCAL pinentry. */
2002 pwmd_nb_status_t pw
;
2005 return gpg_error_from_syserror();
2018 if (pwm
->pinentry_timeout
!= 0) {
2020 gtimeout
= abs(pwm
->pinentry_timeout
);
2024 pw
.error
= getpin(pwm
, &password
, PINENTRY_OPEN
);
2026 if (gtimeout
&& gelapsed
>= gtimeout
)
2027 pw
.error
= GPG_ERR_TIMEOUT
;
2029 signal(SIGALRM
, SIG_DFL
);
2032 snprintf(pw
.password
, sizeof(pw
.password
), "%s",
2035 pinentry_disconnect(pwm
);
2037 pth_write(p
[1], &pw
, sizeof(pw
));
2039 write(p
[1], &pw
, sizeof(pw
));
2041 memset(&pw
, 0, sizeof(pw
));
2046 rc
= gpg_error_from_syserror();
2060 rc
= getpin(pwm
, &password
, PINENTRY_OPEN
);
2068 pwm
->state
= ASYNC_DONE
;
2070 if (!local_pinentry
) {
2071 rc
= send_pinentry_options(pwm
);
2077 rc
= do_open_command(pwm
, filename
, password
);
2080 * Keep the user defined password set with pwmd_setopt(). The password may
2081 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
2083 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
2084 pwmd_free(password
);
2086 if (rc
== GPG_ERR_INV_PASSPHRASE
) {
2087 if (pin_try
-- > 0 && !nb
) {
2089 #ifdef WITH_PINENTRY
2091 rc
= getpin(pwm
, &password
, PINENTRY_OPEN_FAILED
);
2094 rc
= pwmd_command(pwm
, &result
, "OPTION TITLE=%s",
2095 N_("Invalid passphrase, please try again."));
2103 #ifdef WITH_PINENTRY
2105 pinentry_disconnect(pwm
);
2113 pwmd_free(pwm
->filename
);
2115 pwm
->filename
= pwmd_strdup(filename
);
2121 gpg_error_t
pwmd_open2(pwm_t
*pwm
, const char *filename
)
2123 #ifndef WITH_PINENTRY
2124 return GPG_ERR_NOT_IMPLEMENTED
;
2126 return do_pwmd_open(pwm
, filename
, 0, 1);
2130 gpg_error_t
pwmd_open(pwm_t
*pwm
, const char *filename
)
2132 return do_pwmd_open(pwm
, filename
, 0, 0);
2135 gpg_error_t
pwmd_open_async2(pwm_t
*pwm
, const char *filename
)
2137 #ifndef WITH_PINENTRY
2138 return GPG_ERR_NOT_IMPLEMENTED
;
2142 if (!pwm
|| !filename
)
2143 return GPG_ERR_INV_ARG
;
2146 return GPG_ERR_INV_STATE
;
2148 if (pwm
->cmd
!= ASYNC_CMD_OPEN2
)
2151 pwm
->cmd
= ASYNC_CMD_OPEN2
;
2152 pwm
->state
= ASYNC_PROCESS
;
2153 rc
= do_pwmd_open(pwm
, filename
, 1, 1);
2156 reset_async(pwm
, 1);
2162 #ifdef WITH_PINENTRY
2163 static gpg_error_t
do_save_getpin(pwm_t
*pwm
, char **password
)
2167 char *result
= NULL
;
2170 error
= getpin(pwm
, &result
, confirm
? PINENTRY_SAVE_CONFIRM
: PINENTRY_SAVE
);
2174 pinentry_disconnect(pwm
);
2177 pwmd_free(*password
);
2187 if (strcmp(*password
, result
)) {
2188 pwmd_free(*password
);
2195 pinentry_disconnect(pwm
);
2200 static gpg_error_t
do_save_command(pwm_t
*pwm
, char *password
)
2204 char *result
= NULL
;
2206 buf
= pwmd_malloc(ASSUAN_LINELENGTH
+1);
2209 return gpg_error_from_errno(ENOMEM
);
2211 snprintf(buf
, ASSUAN_LINELENGTH
, "SAVE %s", password
? password
: "");
2212 error
= send_command(pwm
, &result
, buf
);
2215 if (error
&& result
)
2221 static gpg_error_t
do_pwmd_save(pwm_t
*pwm
, int nb
, int local_pinentry
)
2223 char *result
= NULL
;
2224 char *password
= NULL
;
2228 return GPG_ERR_INV_ARG
;
2231 return GPG_ERR_INV_STATE
;
2233 rc
= pwmd_command(pwm
, &result
, "ISCACHED %s", pwm
->filename
);
2235 if (rc
&& rc
!= GPG_ERR_NOT_FOUND
)
2238 if (!nb
&& rc
== GPG_ERR_NOT_FOUND
) {
2239 if (pwm
->password
) {
2240 password
= pwm
->password
;
2244 if (pwm
->passfunc
) {
2245 rc
= pwm
->passfunc(pwm
->passdata
, &password
);
2254 if (rc
== GPG_ERR_NOT_FOUND
&& local_pinentry
) {
2255 #ifdef WITH_PINENTRY
2256 /* Get the password using the LOCAL pinentry. */
2260 pwmd_nb_status_t pw
;
2263 return gpg_error_from_syserror();
2276 pw
.error
= do_save_getpin(pwm
, &password
);
2277 pinentry_disconnect(pwm
);
2278 snprintf(pw
.password
, sizeof(pw
.password
), "%s",
2281 pth_write(p
[1], &pw
, sizeof(pw
));
2283 write(p
[1], &pw
, sizeof(pw
));
2285 memset(&pw
, 0, sizeof(pw
));
2290 rc
= gpg_error_from_syserror();
2304 rc
= do_save_getpin(pwm
, &password
);
2311 pwm
->state
= ASYNC_DONE
;
2314 if (!local_pinentry
) {
2315 rc
= send_pinentry_options(pwm
);
2321 rc
= do_save_command(pwm
, password
);
2323 if (!pwm
->passfunc
&& password
&& password
!= pwm
->password
)
2324 pwmd_free(password
);
2329 gpg_error_t
pwmd_save_async2(pwm_t
*pwm
)
2331 #ifndef WITH_PINENTRY
2332 return GPG_ERR_NOT_IMPLEMENTED
;
2337 return GPG_ERR_INV_ARG
;
2340 return GPG_ERR_INV_STATE
;
2342 pwm
->cmd
= ASYNC_CMD_SAVE2
;
2343 pwm
->state
= ASYNC_PROCESS
;
2344 rc
= do_pwmd_save(pwm
, 1, 1);
2347 reset_async(pwm
, 0);
2353 gpg_error_t
pwmd_save2(pwm_t
*pwm
)
2355 #ifndef WITH_PINENTRY
2356 return GPG_ERR_NOT_IMPLEMENTED
;
2358 return do_pwmd_save(pwm
, 0, 1);
2362 gpg_error_t
pwmd_save(pwm_t
*pwm
)
2364 return do_pwmd_save(pwm
, 0, 0);
2367 gpg_error_t
pwmd_setopt(pwm_t
*pwm
, pwmd_option_t opt
, ...)
2370 int n
= va_arg(ap
, int);
2372 gpg_error_t error
= 0;
2375 return GPG_ERR_INV_ARG
;
2380 case PWMD_OPTION_STATUS_CB
:
2381 pwm
->status_func
= va_arg(ap
, pwmd_status_cb_t
);
2383 case PWMD_OPTION_STATUS_DATA
:
2384 pwm
->status_data
= va_arg(ap
, void *);
2386 case PWMD_OPTION_PASSPHRASE_CB
:
2387 pwm
->passfunc
= va_arg(ap
, pwmd_passphrase_cb_t
);
2389 case PWMD_OPTION_PASSPHRASE_DATA
:
2390 pwm
->passdata
= va_arg(ap
, void *);
2392 case PWMD_OPTION_PASSPHRASE
:
2393 arg1
= va_arg(ap
, char *);
2396 pwmd_free(pwm
->password
);
2398 pwm
->password
= pwmd_strdup(arg1
);
2400 case PWMD_OPTION_PINENTRY_TRIES
:
2401 n
= va_arg(ap
, int);
2405 error
= GPG_ERR_INV_VALUE
;
2408 pwm
->pinentry_tries
= n
;
2410 case PWMD_OPTION_PINENTRY_TIMEOUT
:
2411 n
= va_arg(ap
, int);
2415 error
= GPG_ERR_INV_VALUE
;
2418 pwm
->pinentry_timeout
= n
;
2420 case PWMD_OPTION_PINENTRY_PATH
:
2421 if (pwm
->pinentry_path
)
2422 pwmd_free(pwm
->pinentry_path
);
2424 pwm
->pinentry_path
= pwmd_strdup(va_arg(ap
, char *));
2426 case PWMD_OPTION_PINENTRY_TTY
:
2427 if (pwm
->pinentry_tty
)
2428 pwmd_free(pwm
->pinentry_tty
);
2430 pwm
->pinentry_tty
= pwmd_strdup(va_arg(ap
, char *));
2432 case PWMD_OPTION_PINENTRY_DISPLAY
:
2433 if (pwm
->pinentry_display
)
2434 pwmd_free(pwm
->pinentry_display
);
2436 pwm
->pinentry_display
= pwmd_strdup(va_arg(ap
, char *));
2438 case PWMD_OPTION_PINENTRY_TERM
:
2439 if (pwm
->pinentry_term
)
2440 pwmd_free(pwm
->pinentry_term
);
2442 pwm
->pinentry_term
= pwmd_strdup(va_arg(ap
, char *));
2444 case PWMD_OPTION_PINENTRY_TITLE
:
2446 pwmd_free(pwm
->title
);
2448 pwm
->title
= percent_escape(va_arg(ap
, char *));
2450 case PWMD_OPTION_PINENTRY_PROMPT
:
2452 pwmd_free(pwm
->prompt
);
2454 pwm
->prompt
= percent_escape(va_arg(ap
, char *));
2456 case PWMD_OPTION_PINENTRY_DESC
:
2458 pwmd_free(pwm
->desc
);
2460 pwm
->desc
= percent_escape(va_arg(ap
, char *));
2462 case PWMD_OPTION_PINENTRY_LC_CTYPE
:
2464 pwmd_free(pwm
->lcctype
);
2466 pwm
->lcctype
= pwmd_strdup(va_arg(ap
, char *));
2468 case PWMD_OPTION_PINENTRY_LC_MESSAGES
:
2469 if (pwm
->lcmessages
)
2470 pwmd_free(pwm
->lcmessages
);
2472 pwm
->lcmessages
= pwmd_strdup(va_arg(ap
, char *));
2475 case PWMD_OPTION_IP_VERSION
:
2476 n
= va_arg(ap
, int);
2485 error
= GPG_ERR_INV_VALUE
;
2493 error
= GPG_ERR_NOT_IMPLEMENTED
;
2501 gpg_error_t
pwmd_get_fd(pwm_t
*pwm
, int *fd
)
2504 return GPG_ERR_INV_ARG
;
2507 return GPG_ERR_INV_STATE
;
2513 gpg_error_t
pwmd_get_async2_fd(pwm_t
*pwm
, int *fd
)
2515 #ifndef WITH_PINENTRY
2516 return GPG_ERR_NOT_IMPLEMENTED
;
2519 return GPG_ERR_INV_ARG
;
2521 if (pwm
->nb_fd
== -1)
2522 return GPG_ERR_INV_STATE
;
2529 pwm_t
*pwmd_new(const char *name
)
2531 pwm_t
*h
= pwmd_calloc(1, sizeof(pwm_t
));
2537 h
->name
= pwmd_strdup(name
);
2546 #ifdef WITH_PINENTRY
2549 h
->pinentry_timeout
= -30;
2550 h
->pinentry_tries
= 3;
2552 h
->prot
= PWMD_IP_ANY
;
2557 void pwmd_free(void *ptr
)
2562 void *pwmd_malloc(size_t size
)
2564 return xmalloc(size
);
2567 void *pwmd_calloc(size_t nmemb
, size_t size
)
2569 return xcalloc(nmemb
, size
);
2572 void *pwmd_realloc(void *ptr
, size_t size
)
2574 return xrealloc(ptr
, size
);
2577 char *pwmd_strdup(const char *str
)
2579 return xstrdup(str
);
2582 char *pwmd_strdup_printf(const char *fmt
, ...)
2592 len
= vsnprintf(NULL
, 0, fmt
, ap
);
2593 buf
= pwmd_malloc(++len
);
2600 vsnprintf(buf
, len
, fmt
, ap
);