search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Call pinentry_disconnect() from pwmd_open() even when there is no
[libpwmd.git] / libpwmd.c
blob8d56406352f443cf1e481555aa0541519c07b7fb
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2008 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <ctype.h>
25 #include <string.h>
26 #include <sys/socket.h>
27 #include <sys/un.h>
28 #include <signal.h>
29 #include <stdarg.h>
30 #include <string.h>
31 #include <sys/wait.h>
32 #include <fcntl.h>
33 #include <pwd.h>
34 #include <time.h>
35 #include <sys/types.h>
36 #include <limits.h>
37 #include <libpwmd.h>
38
39 #ifdef HAVE_CONFIG_H
40 #include <config.h>
41 #endif
42
43 #ifdef HAVE_ASSUAN_H
44 #include <assuan.h>
45 #endif
46
47 #ifdef HAVE_SETLOCALE
48 #include <locale.h>
49 #endif
50
51 #include "gettext.h"
52 #define N_(msgid) dgettext("libpwmd", msgid)
53
54 #ifndef MEM_DEBUG
55 #include "mem.h"
56 #else
57 #define xfree free
58 #define xrealloc realloc
59 #define xmalloc malloc
60 #define xstrdup strdup
61 #define xcalloc calloc
62 #endif
63
64 #include "types.h"
65
66 #ifdef USE_PINENTRY
67 static pwm_t *gpwm;
68 static int gelapsed, gtimeout;
69 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd);
70 static gpg_error_t global_error;
71 #endif
72
73
74 const char *pwmd_strerror(gpg_error_t e)
75 {
76 gpg_err_code_t code = gpg_err_code(e);
77
78 if (code >= GPG_ERR_USER_1 && code < gpg_err_code(EPWMD_MAX)) {
79 switch (code) {
80 case GPG_ERR_USER_1:
81 default:
82 return N_("Unknown error");
83 case GPG_ERR_USER_2:
84 return N_("No cache slots available");
85 case GPG_ERR_USER_3:
86 return N_("Recursion loop");
87 case GPG_ERR_USER_4:
88 return N_("No file is open");
89 case GPG_ERR_USER_5:
90 return N_("General LibXML error");
91 case GPG_ERR_USER_6:
92 return N_("File modified");
93 }
94 }
95
96 return gpg_strerror(e);
97 }
98
99 gpg_error_t pwmd_init()
100 {
101 #ifdef ENABLE_NLS
102 bindtextdomain("libpwmd", LOCALEDIR);
103 #endif
104 gpg_err_init();
105 assuan_set_malloc_hooks(xmalloc, xrealloc, xfree);
106 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT);
107 return 0;
108 }
109
110 pwm_t *pwmd_connect(const char *path, gpg_error_t *error)
111 {
112 pwm_t *pwm = NULL;
113 char *socketpath = NULL;
114 time_t now;
115 struct passwd *pw;
116 assuan_context_t ctx;
117 int rc;
118
119 if (!path) {
120 pw = getpwuid(getuid());
121 socketpath = (char *)xmalloc(strlen(pw->pw_dir) + strlen("/.pwmd/socket") + 1);
122 sprintf(socketpath, "%s/.pwmd/socket", pw->pw_dir);
123 }
124 else
125 socketpath = xstrdup(path);
126
127 rc = assuan_socket_connect_ext(&ctx, socketpath, -1, 0);
128 xfree(socketpath);
129
130 if (rc) {
131 *error = rc;
132 return NULL;
133 }
134
135 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
136 *error = gpg_error_from_errno(errno);
137 assuan_disconnect(ctx);
138 return NULL;
139 }
140
141 pwm->ctx = ctx;
142 #ifdef USE_PINENTRY
143 pwm->pid = -1;
144 pwm->pinentry_tries = 3;
145 #endif
146 time(&now);
147 srandom(now);
148 *error = 0;
149 return pwm;
150 }
151
152 void pwmd_close(pwm_t *pwm)
153 {
154 if (!pwm)
155 return;
156
157 if (pwm->ctx)
158 assuan_disconnect(pwm->ctx);
159
160 if (pwm->password)
161 xfree(pwm->password);
162
163 if (pwm->title)
164 xfree(pwm->title);
165
166 if (pwm->desc)
167 xfree(pwm->desc);
168
169 if (pwm->prompt)
170 xfree(pwm->prompt);
171
172 if (pwm->pinentry_tty)
173 xfree(pwm->pinentry_tty);
174
175 if (pwm->pinentry_display)
176 xfree(pwm->pinentry_display);
177
178 if (pwm->pinentry_term)
179 xfree(pwm->pinentry_term);
180
181 if (pwm->filename)
182 xfree(pwm->filename);
183
184 xfree(pwm);
185 }
186
187 static int mem_realloc_cb(void *data, const void *buffer, size_t len)
188 {
189 membuf_t *mem = (membuf_t *)data;
190 void *p;
191
192 if (!buffer)
193 return 0;
194
195 if ((p = xrealloc(mem->buf, mem->len + len)) == NULL)
196 return 1;
197
198 mem->buf = p;
199 memcpy((char *)mem->buf + mem->len, buffer, len);
200 mem->len += len;
201 return 0;
202 }
203
204 void pwmd_free_result(void *data)
205 {
206 xfree(data);
207 }
208
209 static int _inquire_cb(void *data, const char *keyword)
210 {
211 pwm_t *pwm = (pwm_t *)data;
212 gpg_error_t rc = 0;
213
214 /* Shouldn't get this far without a callback. */
215 if (!pwm->inquire_func)
216 return GPG_ERR_INV_ARG;
217
218 for (;;) {
219 char *result = NULL;
220 size_t len;
221 gpg_error_t arc;
222
223 rc = pwm->inquire_func(pwm->inquire_data, keyword, rc, &result, &len);
224 rc = gpg_err_code(rc);
225
226 if (rc == GPG_ERR_EOF || !rc) {
227 if (len <= 0 || !result || !*result) {
228 rc = 0;
229 break;
230 }
231
232 arc = assuan_send_data(pwm->ctx, result, len);
233
234 if (rc == GPG_ERR_EOF) {
235 rc = arc;
236 break;
237 }
238
239 rc = arc;
240 }
241 else if (rc)
242 break;
243 }
244
245 return rc;
246 }
247
248 static gpg_error_t assuan_command(pwm_t *pwm, assuan_context_t ctx,
249 char **result, const char *cmd)
250 {
251 membuf_t data;
252 gpg_error_t rc;
253
254 data.len = 0;
255 data.buf = NULL;
256
257 rc = assuan_transact(ctx, cmd, mem_realloc_cb, &data, _inquire_cb, pwm,
258 pwm->status_func, pwm->status_data);
259
260 if (rc) {
261 if (data.buf) {
262 xfree(data.buf);
263 data.buf = NULL;
264 }
265 }
266 else {
267 if (data.buf) {
268 mem_realloc_cb(&data, "", 1);
269 *result = (char *)data.buf;
270 }
271 }
272
273 return gpg_err_code(rc);
274 }
275
276 gpg_error_t pwmd_inquire(pwm_t *pwm, const char *cmd, pwmd_inquire_fn fn,
277 void *data)
278 {
279 if (!pwm || !cmd || !fn)
280 return GPG_ERR_INV_ARG;
281
282 pwm->inquire_func = fn;
283 pwm->inquire_data = data;
284 return assuan_command(pwm, pwm->ctx, NULL, cmd);
285 }
286
287 gpg_error_t pwmd_terminate_pinentry(pwm_t *pwm)
288 {
289 #ifndef USE_PINENTRY
290 return GPG_ERR_NOT_IMPLEMENTED;
291 #else
292 if (!pwm || pwm->pid == -1)
293 return GPG_ERR_INV_ARG;
294
295 if (kill(pwm->pid, 0) == 0) {
296 if (kill(pwm->pid, SIGTERM) == -1) {
297 if (kill(pwm->pid, SIGKILL) == -1)
298 return gpg_error_from_errno(errno);
299 }
300
301 pwm->pin_error = GPG_ERR_TIMEOUT;
302 }
303 else
304 return gpg_error_from_errno(errno);
305
306 return 0;
307 #endif
308 }
309
310 #ifdef USE_PINENTRY
311 static gpg_error_t set_pinentry_strings(pwm_t *pwm, int which)
312 {
313 char *buf;
314 char tmp[ASSUAN_LINELENGTH];
315 gpg_error_t error;
316
317 if (!pwm->title)
318 pwm->title = xstrdup(N_("LibPWMD"));
319
320 if (!pwm->prompt)
321 pwm->prompt = xstrdup(N_("Password:"));
322
323 if (!pwm->desc && !which)
324 pwm->desc = xstrdup(N_("Enter a password."));
325
326 if (which == 1) {
327 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Invalid password, please try again."));
328 buf = xstrdup(tmp);
329 }
330 else if (which == 2) {
331 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Please type the password again for confirmation."));
332 buf = xstrdup(tmp);
333 }
334 else {
335 buf = (char *)xmalloc(strlen("SETERROR ") + strlen(pwm->desc) + 1);
336 sprintf(buf, "SETERROR %s", pwm->desc);
337 }
338
339 error = pinentry_command(pwm, NULL, buf);
340 xfree(buf);
341
342 if (error)
343 return error;
344
345 buf = (char *)xmalloc(strlen("SETPROMPT ") + strlen(pwm->prompt) + 1);
346 sprintf(buf, "SETPROMPT %s", pwm->prompt);
347 error = pinentry_command(pwm, NULL, buf);
348 xfree(buf);
349
350 if (error)
351 return error;
352
353 buf = (char *)xmalloc(strlen("SETDESC ") + strlen(pwm->title) + 1);
354 sprintf(buf, "SETDESC %s", pwm->title);
355 error = pinentry_command(pwm, NULL, buf);
356 xfree(buf);
357 return error;
358 }
359
360 static void update_pinentry_settings(pwm_t *pwm)
361 {
362 FILE *fp;
363 char buf[LINE_MAX];
364 struct passwd *pw = getpwuid(getuid());
365 char *p;
366
367 snprintf(buf, sizeof(buf), "%s/.pwmd/pinentry.conf", pw->pw_dir);
368
369 if ((fp = fopen(buf, "r")) == NULL)
370 return;
371
372 while ((p = fgets(buf, sizeof(buf), fp)) != NULL) {
373 char name[32], val[256];
374
375 if (sscanf(p, " %31[a-zA-Z] = %255s", name, val) != 2)
376 continue;
377
378 if (strcasecmp(name, "TTYNAME") == 0) {
379 xfree(pwm->pinentry_tty);
380 pwm->pinentry_tty = xstrdup(val);
381 }
382 else if (strcasecmp(name, "TTYTYPE") == 0) {
383 xfree(pwm->pinentry_term);
384 pwm->pinentry_term = xstrdup(val);
385 }
386 else if (strcasecmp(name, "DISPLAY") == 0) {
387 xfree(pwm->pinentry_display);
388 pwm->pinentry_display = xstrdup(val);
389 }
390 else if (strcasecmp(name, "PATH") == 0) {
391 xfree(pwm->pinentry_path);
392 pwm->pinentry_path = xstrdup(val);
393 }
394 }
395
396 fclose(fp);
397 }
398
399 static gpg_error_t launch_pinentry(pwm_t *pwm)
400 {
401 int rc;
402 assuan_context_t ctx;
403 int child_list[] = {-1};
404 char *display = getenv("DISPLAY");
405 const char *argv[6];
406 int have_display = 0;
407 char *tty = NULL;
408
409 update_pinentry_settings(pwm);
410
411 if (pwm->pinentry_display || display)
412 have_display = 1;
413 else {
414 tty = pwm->pinentry_tty ? pwm->pinentry_tty : ttyname(STDOUT_FILENO);
415
416 if (!tty)
417 return gpg_error_from_errno(errno);
418 }
419
420 if (!have_display && !tty)
421 return GPG_ERR_ENOTTY;
422
423 argv[0] = "pinentry";
424 argv[1] = have_display ? "--display" : "--ttyname";
425 argv[2] = have_display ? pwm->pinentry_display ? pwm->pinentry_display : display : tty;
426 argv[3] = NULL;
427
428 if (!have_display) {
429 argv[3] = "--ttytype";
430 argv[4] = pwm->pinentry_term ? pwm->pinentry_term : getenv("TERM");
431 argv[5] = NULL;
432 }
433
434 rc = assuan_pipe_connect(&ctx, pwm->pinentry_path ? pwm->pinentry_path : PINENTRY_PATH, argv, child_list);
435
436 if (rc)
437 return rc;
438
439 pwm->pid = assuan_get_pid(ctx);
440 pwm->pctx = ctx;
441 return set_pinentry_strings(pwm, 0);
442 }
443
444 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd)
445 {
446 gpg_error_t n;
447
448 if (!pwm->pctx) {
449 n = launch_pinentry(pwm);
450
451 if (n)
452 return n;
453 }
454
455 return assuan_command(pwm, pwm->pctx, result, cmd);
456 }
457
458 static void pinentry_disconnect(pwm_t *pwm)
459 {
460 if (pwm->pctx)
461 assuan_disconnect(pwm->pctx);
462
463 pwm->pctx = NULL;
464 pwm->pid = -1;
465 }
466
467 /*
468 * Only called from a child process.
469 */
470 static void catchsig(int sig)
471 {
472 switch (sig) {
473 case SIGALRM:
474 if (gelapsed++ >= gtimeout) {
475 global_error = pwmd_terminate_pinentry(gpwm);
476
477 if (!global_error)
478 global_error = GPG_ERR_TIMEOUT;
479
480 break;
481 }
482
483 alarm(1);
484 break;
485 default:
486 break;
487 }
488 }
489
490 static char *percent_escape(const char *atext)
491 {
492 const unsigned char *s;
493 int len = strlen(atext) * 3 + 1;
494 char *buf = (char *)xmalloc(len), *p = buf;
495
496 if (!buf)
497 return NULL;
498
499 for (s=(const unsigned char *)atext; *s; s++) {
500 if (*s < ' ') {
501 sprintf (p, "%%%02X", *s);
502 p += 3;
503 }
504 else
505 *p++ = *s;
506 }
507
508 *p = 0;
509 return buf;
510 }
511 #endif
512
513 static gpg_error_t send_command(pwm_t *pwm, char **result, const char *cmd)
514 {
515 if (!cmd)
516 return GPG_ERR_INV_ARG;
517
518 return assuan_command(pwm, pwm->ctx, result, cmd);
519 }
520
521 /*
522 * Avoid sending the BYE command here. libassuan will close the file
523 * descriptor and release the assuan context. Use pwmd_close() instead.
524 */
525 gpg_error_t pwmd_command(pwm_t *pwm, char **result, const char *cmd, ...)
526 {
527 va_list ap;
528 char *buf;
529 size_t len;
530 gpg_error_t error;
531
532 if (!pwm || !cmd)
533 return GPG_ERR_INV_ARG;
534
535 *result = NULL;
536 va_start(ap, cmd);
537 /*
538 * C99
539 */
540 len = vsnprintf(NULL, 0, cmd, ap);
541 buf = (char *)xmalloc(len + 1);
542 len = vsnprintf(buf, len + 1, cmd, ap);
543 va_end(ap);
544 error = send_command(pwm, result, buf);
545 xfree(buf);
546 return error;
547 }
548
549 #ifdef USE_PINENTRY
550 static gpg_error_t do_getpin(pwm_t *pwm, char **result)
551 {
552 if (gtimeout) {
553 signal(SIGALRM, catchsig);
554 alarm(1);
555 }
556
557 *result = NULL;
558 return pinentry_command(pwm, result, "GETPIN");
559 }
560
561 static gpg_error_t getpin(pwm_t *pwm, char **result, int *try_n, int which)
562 {
563 int pin_try = *try_n;
564 gpg_error_t error;
565
566 getpin_again:
567 *try_n = pin_try;
568
569 if (pin_try == -1) {
570 error = set_pinentry_strings(pwm, which);
571
572 if (error) {
573 pinentry_disconnect(pwm);
574 return error;
575 }
576 }
577 else {
578 if (pwm->pinentry_tries-1 != pin_try) {
579 error = set_pinentry_strings(pwm, 1);
580
581 if (error) {
582 pinentry_disconnect(pwm);
583 return error;
584 }
585 }
586 }
587
588 error = do_getpin(pwm, result);
589
590 /*
591 * Since there was input cancel any timeout.
592 */
593 alarm(0);
594
595 if (error) {
596 if (error == GPG_ERR_ASS_CANCELED || error == ASSUAN_Canceled)
597 return GPG_ERR_ASS_CANCELED;
598
599 if (pin_try != -1 && pin_try--)
600 goto getpin_again;
601
602 if (pwm->pctx)
603 pinentry_disconnect(pwm);
604
605 *try_n = pin_try;
606 return error;
607 }
608
609 return 0;
610 }
611 #endif
612
613 gpg_error_t pwmd_open_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
614 {
615 char *result;
616 gpg_error_t error;
617
618 #ifndef USE_PINENTRY
619 return GPG_ERR_NOT_IMPLEMENTED;
620 #endif
621
622 if (!pwm || !pw || !pw->filename[0])
623 return GPG_ERR_INV_ARG;
624
625 close(pw->fd);
626
627 if (pw->error) {
628 error = pw->error;
629 goto fail;
630 }
631
632 error = pwmd_command(pwm, &result, "ISCACHED %s", pw->filename);
633
634 if (error)
635 goto fail;
636
637 if (pwm->filename)
638 xfree(pwm->filename);
639
640 pwm->filename = xstrdup(pw->filename);
641 memset(pw, 0, sizeof(pwmd_nb_status_t));
642 return 0;
643
644 fail:
645 memset(pw, 0, sizeof(pwmd_nb_status_t));
646 return error;
647 }
648
649 static gpg_error_t do_open_command(pwm_t *pwm, const char *filename, char *password)
650 {
651 char buf[ASSUAN_LINELENGTH];
652 gpg_error_t error;
653 char *result = NULL;
654
655 snprintf(buf, sizeof(buf), "OPEN %s %s", filename, password ? password : "");
656 error = send_command(pwm, &result, buf);
657 memset(buf, 0, sizeof(buf));
658
659 if (error && result)
660 xfree(result);
661
662 return error;
663 }
664
665 static int do_pwmd_open(pwm_t *pwm, gpg_error_t *error, const char *filename,
666 int nb, int timeout)
667 {
668 char *result = NULL;
669 char *password = NULL;
670 char path[PATH_MAX];
671 #ifdef USE_PINENTRY
672 int pin_try;
673 #endif
674
675 if (!pwm || !filename || !*filename) {
676 *error = GPG_ERR_INV_ARG;
677 return nb ? -1 : 1;
678 }
679
680 #ifdef USE_PINENTRY
681 pin_try = pwm->pinentry_tries - 1;
682 #endif
683
684 /*
685 * Avoid calling pinentry if the password is cached on the server or if
686 * this is a new file.
687 */
688 *error = pwmd_command(pwm, &result, "GETCONFIG data_directory");
689
690 if (*error)
691 return nb ? -1 : 1;
692
693 snprintf(path, sizeof(path), "%s/%s", result, filename);
694 pwmd_free_result(result);
695
696 if (access(path, R_OK) == -1) {
697 if (errno == ENOENT)
698 goto gotpassword;
699
700 *error = gpg_error_from_errno(errno);
701 return nb ? -1 : 1;
702 }
703
704 *error = pwmd_command(pwm, &result, "ISCACHED %s", filename);
705
706 if (*error == EPWMD_CACHE_NOT_FOUND) {
707 if (pwm->passfunc) {
708 password = pwm->passfunc(pwm, pwm->passdata);
709 goto gotpassword;
710 }
711
712 if (*error == EPWMD_CACHE_NOT_FOUND) {
713 #ifdef USE_PINENTRY
714 /*
715 * Get the password from pinentry.
716 */
717 if (pwm->use_pinentry) {
718 /*
719 * Nonblocking is wanted. fork() then return a file descriptor
720 * that the client can use to read() from.
721 */
722 if (nb) {
723 int p[2];
724 pid_t pid;
725 pwmd_nb_status_t pw;
726
727 if (pipe(p) == -1) {
728 *error = gpg_error_from_syserror();
729 return -1;
730 }
731
732 pid = fork();
733
734 switch (pid) {
735 case 0:
736 close(p[0]);
737 strncpy(pw.filename, filename, sizeof(pw.filename));
738 pw.filename[sizeof(pw.filename)-1] = 0;
739 pw.fd = p[0];
740
741 if (timeout > 0) {
742 gpwm = pwm;
743 gtimeout = timeout;
744 gelapsed = 0;
745 }
746
747 getpin_nb_again:
748 *error = getpin(pwm, &password, &pin_try, 0);
749
750 if (*error) {
751 getpin_nb_fail:
752 if (pwm->pctx)
753 pinentry_disconnect(pwm);
754
755 if (gtimeout && gelapsed >= gtimeout)
756 *error = GPG_ERR_TIMEOUT;
757
758 pw.error = *error;
759 write(p[1], &pw, sizeof(pw));
760 close(p[1]);
761 _exit(1);
762 }
763
764 /*
765 * Don't count the time it takes to open the file
766 * which may have many iterations.
767 */
768 signal(SIGALRM, SIG_DFL);
769 *error = do_open_command(pwm, filename, password);
770
771 if (timeout)
772 signal(SIGALRM, catchsig);
773
774 if (pwm->pctx && *error == EPWMD_BADKEY) {
775 if (pin_try-- > 0)
776 goto getpin_nb_again;
777
778 goto getpin_nb_fail;
779 }
780
781 pinentry_disconnect(pwm);
782 pw.error = 0;
783 write(p[1], &pw, sizeof(pw));
784 close(p[1]);
785 _exit(0);
786 break;
787 case -1:
788 *error = gpg_error_from_syserror();
789 close(p[0]);
790 close(p[1]);
791 return -1;
792 default:
793 break;
794 }
795
796 close(p[1]);
797 return p[0];
798 }
799
800 getpin_again:
801 *error = getpin(pwm, &password, &pin_try, 1);
802
803 if (*error) {
804 if (pwm->pctx)
805 pinentry_disconnect(pwm);
806
807 if (pwm->pin_error) {
808 *error = pwm->pin_error;
809 pwm->pin_error = 0;
810 }
811
812 return 1;
813 }
814 }
815 else {
816 #endif
817 /*
818 * Not using pinentry and the file was not found
819 * in the cache.
820 */
821 #if 0
822 if (pwm->password == NULL) {
823 *error = EPWMD_KEY;
824 return 1;
825 }
826 #endif
827
828 password = pwm->password;
829 #ifdef USE_PINENTRY
830 }
831 #endif
832 }
833 }
834 else if (*error)
835 return nb ? -1 : 1;
836
837 gotpassword:
838 *error = do_open_command(pwm, filename, password);
839
840 /*
841 * Keep the user defined password set with pwmd_setopt(). The password may
842 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
843 */
844 if (password && password != pwm->password)
845 xfree(password);
846
847 #ifdef USE_PINENTRY
848 if (pwm->pctx && *error == EPWMD_BADKEY) {
849 if (pin_try-- > 0)
850 goto getpin_again;
851
852 pinentry_disconnect(pwm);
853 return nb ? -1 : 1;
854 }
855 else if (pwm->pctx)
856 pinentry_disconnect(pwm);
857 #endif
858
859 if (!*error) {
860 if (pwm->filename)
861 xfree(pwm->filename);
862
863 pwm->filename = xstrdup(filename);
864 }
865
866 /*
867 * The file is cached or the file is a new file.
868 */
869 if (nb)
870 return *error ? -1 : -2;
871
872 return *error ? 1 : 0;
873 }
874
875 gpg_error_t pwmd_open(pwm_t *pwm, const char *filename)
876 {
877 gpg_error_t error;
878
879 do_pwmd_open(pwm, &error, filename, 0, 0);
880 return error;
881 }
882
883 int pwmd_open_nb(pwm_t *pwm, gpg_error_t *error, const char *filename,
884 int timeout)
885 {
886 #ifndef USE_PINENTRY
887 *error = GPG_ERR_NOT_IMPLEMENTED;
888 return -1;
889 #else
890 return do_pwmd_open(pwm, error, filename, 1, timeout);
891 #endif
892 }
893
894 #ifdef USE_PINENTRY
895 static gpg_error_t do_save_getpin(pwm_t *pwm, char **password)
896 {
897 int confirm = 0;
898 gpg_error_t error;
899 char *result = NULL;
900 int pin_try = -1;
901
902 again:
903 error = getpin(pwm, &result, &pin_try, confirm ? 2 : 0);
904
905 if (error) {
906 if (pwm->pctx)
907 pinentry_disconnect(pwm);
908
909 if (*password)
910 xfree(*password);
911
912 return error;
913 }
914
915 if (!confirm++) {
916 *password = result;
917 goto again;
918 }
919
920 if (strcmp(*password, result)) {
921 xfree(*password);
922 xfree(result);
923 pinentry_disconnect(pwm);
924 error = EPWMD_BADKEY;
925 return error;
926 }
927
928 xfree(result);
929 pinentry_disconnect(pwm);
930 return 0;
931 }
932 #endif
933
934 static gpg_error_t do_save_command(pwm_t *pwm, char *password)
935 {
936 char buf[ASSUAN_LINELENGTH];
937 gpg_error_t error;
938 char *result = NULL;
939
940 snprintf(buf, sizeof(buf), "SAVE %s", password ? password : "");
941 error = send_command(pwm, &result, buf);
942 memset(&buf, 0, sizeof(buf));
943
944 if (error && result)
945 xfree(result);
946
947 return error;
948 }
949
950 gpg_error_t pwmd_save_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
951 {
952 gpg_error_t error;
953
954 #ifndef USE_PINENTRY
955 return GPG_ERR_NOT_IMPLEMENTED;
956 #endif
957
958 if (!pwm || !pw || !pw->filename[0])
959 return GPG_ERR_INV_ARG;
960
961 close(pw->fd);
962
963 if (pw->error) {
964 error = pw->error;
965 memset(pw, 0, sizeof(pwmd_nb_status_t));
966 return error;
967 }
968
969 memset(pw, 0, sizeof(pwmd_nb_status_t));
970 return 0;
971 }
972
973 static int do_pwmd_save(pwm_t *pwm, gpg_error_t *error, int nb)
974 {
975 char *result = NULL;
976 char *password = NULL;
977
978 if (!pwm) {
979 *error = GPG_ERR_INV_ARG;
980 return nb ? -1 : 1;
981 }
982
983 if (pwm->use_pinentry || pwm->passfunc) {
984 *error = pwmd_command(pwm, &result, "ISCACHED %s", pwm->filename);
985
986 if (*error == EPWMD_CACHE_NOT_FOUND) {
987 #ifdef USE_PINENTRY
988 if (pwm->use_pinentry) {
989 if (nb) {
990 int p[2];
991 pid_t pid;
992 pwmd_nb_status_t pw;
993
994 if (pipe(p) == -1) {
995 *error = gpg_error_from_syserror();
996 return -1;
997 }
998
999 pid = fork();
1000
1001 switch (pid) {
1002 case 0:
1003 close(p[0]);
1004 strncpy(pw.filename, pwm->filename, sizeof(pw.filename));
1005 pw.filename[sizeof(pw.filename)-1] = 0;
1006 pw.fd = p[0];
1007
1008 do {
1009 password = NULL;
1010 *error = do_save_getpin(pwm, &password);
1011 } while (*error == EPWMD_BADKEY);
1012
1013 if (*error) {
1014 if (pwm->pctx)
1015 pinentry_disconnect(pwm);
1016
1017 pw.error = *error;
1018 write(p[1], &pw, sizeof(pw));
1019 close(p[1]);
1020 _exit(1);
1021 }
1022
1023 *error = do_save_command(pwm, password);
1024 pinentry_disconnect(pwm);
1025 pw.error = *error;
1026 write(p[1], &pw, sizeof(pw));
1027 close(p[1]);
1028 _exit(0);
1029 break;
1030 case -1:
1031 *error = gpg_error_from_syserror();
1032 close(p[0]);
1033 close(p[1]);
1034 return -1;
1035 default:
1036 break;
1037 }
1038
1039 close(p[1]);
1040 return p[0];
1041 }
1042
1043 *error = do_save_getpin(pwm, &password);
1044
1045 if (*error)
1046 return 1;
1047 }
1048 else {
1049 #endif
1050 if (pwm->passfunc)
1051 password = (*pwm->passfunc)(pwm, pwm->passdata);
1052 #ifdef USE_PINENTRY
1053 }
1054 #endif
1055 }
1056 else {
1057 if (*error)
1058 return nb ? -1 : 1;
1059 }
1060 }
1061 else
1062 password = pwm->password;
1063
1064 *error = do_save_command(pwm, password);
1065
1066 if (password && password != pwm->password)
1067 xfree(password);
1068
1069 if (nb)
1070 return *error ? -1 : -2;
1071
1072 return *error ? 1 : 0;
1073 }
1074
1075 int pwmd_save_nb(pwm_t *pwm, gpg_error_t *error)
1076 {
1077 #ifndef USE_PINENTRY
1078 *error = GPG_ERR_NOT_IMPLEMENTED;
1079 return -1;
1080 #else
1081 return do_pwmd_save(pwm, error, 1);
1082 #endif
1083 }
1084
1085 gpg_error_t pwmd_save(pwm_t *pwm)
1086 {
1087 gpg_error_t error;
1088
1089 do_pwmd_save(pwm, &error, 0);
1090 return error;
1091 }
1092
1093 gpg_error_t pwmd_setopt(pwm_t *pwm, pwmd_option_t opt, ...)
1094 {
1095 va_list ap;
1096 #ifdef USE_PINENTRY
1097 int n = va_arg(ap, int);
1098 char *result;
1099 #endif
1100 char *arg1;
1101 gpg_error_t error = 0;
1102
1103 if (!pwm)
1104 return GPG_ERR_INV_ARG;
1105
1106 va_start(ap, opt);
1107
1108 switch (opt) {
1109 case PWMD_OPTION_STATUS_FUNC:
1110 pwm->status_func = va_arg(ap, pwmd_status_fn);
1111 break;
1112 case PWMD_OPTION_STATUS_DATA:
1113 pwm->status_data = va_arg(ap, void *);
1114 break;
1115 case PWMD_OPTION_PASSWORD_FUNC:
1116 pwm->passfunc = va_arg(ap, pwmd_password_fn);
1117 break;
1118 case PWMD_OPTION_PASSWORD_DATA:
1119 pwm->passdata = va_arg(ap, void *);
1120 break;
1121 case PWMD_OPTION_PASSWORD:
1122 arg1 = va_arg(ap, char *);
1123
1124 if (pwm->password)
1125 xfree(pwm->password);
1126
1127 pwm->password = xstrdup(arg1);
1128 break;
1129 #ifdef USE_PINENTRY
1130 case PWMD_OPTION_PINENTRY:
1131 n = va_arg(ap, int);
1132
1133 if (n != 0 && n != 1) {
1134 va_end(ap);
1135 error = GPG_ERR_INV_VALUE;
1136 }
1137 else {
1138 pwm->use_pinentry = n;
1139 error = pwmd_command(pwm, &result, "OPTION PINENTRY=%i",
1140 !pwm->use_pinentry);
1141 }
1142 break;
1143 case PWMD_OPTION_PINENTRY_TRIES:
1144 n = va_arg(ap, int);
1145
1146 if (n <= 0) {
1147 va_end(ap);
1148 error = GPG_ERR_INV_VALUE;
1149 }
1150 else
1151 pwm->pinentry_tries = n;
1152 break;
1153 case PWMD_OPTION_PINENTRY_PATH:
1154 if (pwm->pinentry_path)
1155 xfree(pwm->pinentry_path);
1156
1157 pwm->pinentry_path = xstrdup(va_arg(ap, char *));
1158 break;
1159 case PWMD_OPTION_PINENTRY_TTY:
1160 if (pwm->pinentry_tty)
1161 xfree(pwm->pinentry_tty);
1162
1163 pwm->pinentry_tty = xstrdup(va_arg(ap, char *));
1164 break;
1165 case PWMD_OPTION_PINENTRY_DISPLAY:
1166 if (pwm->pinentry_display)
1167 xfree(pwm->pinentry_display);
1168
1169 pwm->pinentry_display = xstrdup(va_arg(ap, char *));
1170 break;
1171 case PWMD_OPTION_PINENTRY_TERM:
1172 if (pwm->pinentry_term)
1173 xfree(pwm->pinentry_term);
1174
1175 pwm->pinentry_term = xstrdup(va_arg(ap, char *));
1176 break;
1177 case PWMD_OPTION_PINENTRY_TITLE:
1178 if (pwm->title)
1179 xfree(pwm->title);
1180 pwm->title = percent_escape(va_arg(ap, char *));
1181 break;
1182 case PWMD_OPTION_PINENTRY_PROMPT:
1183 if (pwm->prompt)
1184 xfree(pwm->prompt);
1185 pwm->prompt = percent_escape(va_arg(ap, char *));
1186 break;
1187 case PWMD_OPTION_PINENTRY_DESC:
1188 if (pwm->desc)
1189 xfree(pwm->desc);
1190 pwm->desc = percent_escape(va_arg(ap, char *));
1191 break;
1192 #else
1193 case PWMD_OPTION_PINENTRY:
1194 case PWMD_OPTION_PINENTRY_TRIES:
1195 case PWMD_OPTION_PINENTRY_PATH:
1196 case PWMD_OPTION_PINENTRY_TTY:
1197 case PWMD_OPTION_PINENTRY_DISPLAY:
1198 case PWMD_OPTION_PINENTRY_TERM:
1199 case PWMD_OPTION_PINENTRY_TITLE:
1200 case PWMD_OPTION_PINENTRY_PROMPT:
1201 case PWMD_OPTION_PINENTRY_DESC:
1202 error = GPG_ERR_NOT_IMPLEMENTED;
1203 break;
1204 #endif
1205 default:
1206 error = GPG_ERR_NOT_IMPLEMENTED;
1207 break;
1208 }
1209
1210 va_end(ap);
1211 return error;
1212 }
An API for pwmd.