2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
4 Ben Kibbey <bjk@luxsci.net>
6 This file is part of pwmd.
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
27 #include <sys/types.h>
35 #include "pwmd-error.h"
38 #include "util-misc.h"
40 #include "util-slist.h"
41 #include "util-string.h"
44 #define DEFAULT_CACHE_TIMEOUT "600"
45 #define DEFAULT_KEEPALIVE_INTERVAL "60"
46 #define DEFAULT_LOCK_TIMEOUT "50" // MUTEX_TRYLOCK in tenths of a second
47 #define DEFAULT_TLS_KX_REGEN_INTERVAL "43200" // 12 hours
49 #define INVALID_VALUE(file, line) do { \
51 log_write(_("%s(%i): invalid value for parameter."), file, line); \
56 PARAM_INT
, PARAM_CHARP
, PARAM_LONG
, PARAM_LONGLONG
, PARAM_CHARPP
,
57 PARAM_BOOL
, PARAM_INVALID
60 static struct config_params_s
66 { "backup", PARAM_BOOL
, "true"},
67 { "socket_path", PARAM_CHARP
, NULL
},
68 { "socket_perms", PARAM_CHARP
, NULL
},
69 { "passphrase_file", PARAM_CHARP
, NULL
},
70 { "log_path", PARAM_CHARP
, "~/.pwmd/log"},
71 { "enable_logging", PARAM_BOOL
, "0"},
72 { "log_keepopen", PARAM_BOOL
, "true"},
73 { "log_level", PARAM_INT
, "0"},
74 { "disable_mlockall", PARAM_BOOL
, "true"},
75 { "cache_timeout", PARAM_INT
, DEFAULT_CACHE_TIMEOUT
},
76 { "cache_push", PARAM_CHARPP
, NULL
},
77 { "disable_list_and_dump", PARAM_BOOL
, "false"},
78 { "recursion_depth", PARAM_INT
, "100"},
79 { "syslog", PARAM_BOOL
, "false"},
80 { "xfer_progress", PARAM_INT
, "8196"},
81 { "allowed", PARAM_CHARPP
, NULL
},
82 { "allowed_file", PARAM_CHARP
, NULL
},
83 { "priority", PARAM_INT
, INVALID_PRIORITY
},
84 { "keepalive_interval", PARAM_INT
, DEFAULT_KEEPALIVE_INTERVAL
},
85 { "tcp_port", PARAM_INT
, "6466"},
86 { "enable_tcp", PARAM_BOOL
, "false"},
87 { "tcp_require_key", PARAM_BOOL
, "false"},
88 { "tcp_wait", PARAM_INT
, "0"},
89 { "tcp_bind", PARAM_CHARP
, "any"},
90 { "tcp_interface", PARAM_CHARP
, NULL
},
91 { "tls_timeout", PARAM_INT
, "300"},
92 { "tls_cipher_suite", PARAM_CHARP
, "SECURE256:SECURE192:SECURE128:-VERS-SSL3.0:-VERS-TLS1.0"},
93 { "tls_dh_level", PARAM_CHARP
, "medium"},
94 { "tls_regen_interval", PARAM_INT
, DEFAULT_TLS_KX_REGEN_INTERVAL
},
95 { "require_save_key", PARAM_BOOL
, "true"},
96 { "invoking_user", PARAM_CHARPP
, NULL
},
97 { "invoking_file", PARAM_CHARP
, NULL
},
98 { "encrypt_to", PARAM_BOOL
, "false"},
99 { "always_trust", PARAM_BOOL
, "false"},
100 { "gpg_homedir", PARAM_CHARP
, NULL
},
101 { "strict_kill", PARAM_BOOL
, "false"},
102 { "lock_timeout", PARAM_INT
, DEFAULT_LOCK_TIMEOUT
},
103 { "send_state", PARAM_INT
, "2"},
104 { "kill_scd", PARAM_BOOL
, "false"},
105 { NULL
, PARAM_INVALID
, NULL
},
108 struct config_param_s
129 static struct config_section_s
*config_find_section (struct slist_s
*config
,
131 static int new_param (struct config_section_s
*section
, const char *filename
,
132 int lineno
, const char *name
, const char *value
,
134 static void free_section (struct config_section_s
*s
);
135 static int set_defaults (struct slist_s
**config
, int reload
);
138 section_remove_param (struct config_section_s
*section
, const char *name
)
140 unsigned i
, t
= slist_length (section
->params
);
142 for (i
= 0; i
< t
; i
++)
144 struct config_param_s
*p
= slist_nth_data (section
->params
, i
);
149 if (!strcmp (p
->name
, name
))
154 xfree (p
->value
.cptype
);
157 strv_free (p
->value
.cpptype
);
161 section
->params
= slist_remove (section
->params
, p
);
169 static struct config_param_s
*
170 config_has_param (struct config_section_s
*s
, const char *what
)
172 unsigned i
, t
= slist_length (s
->params
);
174 for (i
= 0; i
< t
; i
++)
176 struct config_param_s
*p
= slist_nth_data (s
->params
, i
);
180 if (!strcmp (p
->name
, what
))
187 static struct config_param_s
*
188 config_get_param (struct slist_s
*config
,
189 const char *section
, const char *what
, int *exists
)
191 unsigned i
, t
= slist_length (config
);
195 for (i
= 0; i
< t
; i
++)
197 struct config_param_s
*p
;
198 struct config_section_s
*s
= slist_nth_data (config
, i
);
203 if (strcmp (s
->name
, section
))
206 p
= config_has_param (s
, what
);
217 static struct config_section_s
*
218 new_section (struct slist_s
**config
, const char *name
)
221 struct config_section_s
*s
= xcalloc (1, sizeof (struct config_section_s
));
226 s
->name
= str_dup (name
);
229 log_write ("%s", pwmd_strerror (ENOMEM
));
234 tmp
= slist_append (*config
, s
);
237 log_write ("%s", pwmd_strerror (ENOMEM
));
248 config_set_string_param (struct slist_s
**config
, const char *section
,
249 const char *name
, const char *value
)
251 struct config_section_s
*s
= config_find_section (*config
, section
);
255 s
= new_section (config
, section
);
260 return new_param (s
, NULL
, 0, name
, value
, PARAM_CHARP
);
264 config_get_string_param (struct slist_s
*config
, const char *section
,
265 const char *what
, int *exists
)
267 struct config_param_s
*p
= config_get_param (config
, section
, what
, exists
);
268 return *exists
&& p
->value
.cptype
? str_dup (p
->value
.cptype
) : NULL
;
272 config_set_int_param (struct slist_s
**config
, const char *section
,
273 const char *name
, const char *value
)
275 struct config_section_s
*s
= config_find_section (*config
, section
);
279 s
= new_section (config
, section
);
284 return new_param (s
, NULL
, 0, name
, value
, PARAM_INT
);
288 config_get_int_param (struct slist_s
*config
, const char *section
,
289 const char *what
, int *exists
)
291 struct config_param_s
*p
= config_get_param (config
, section
, what
, exists
);
292 return *exists
? p
->value
.itype
: -1;
296 config_set_bool_param (struct slist_s
**config
, const char *section
,
297 const char *name
, const char *value
)
299 struct config_section_s
*s
= config_find_section (*config
, section
);
303 s
= new_section (config
, section
);
308 return new_param (s
, NULL
, 0, name
, value
, PARAM_BOOL
);
312 config_get_bool_param (struct slist_s
*config
, const char *section
,
313 const char *what
, int *exists
)
315 return config_get_int_param (config
, section
, what
, exists
);
319 config_set_long_param (struct slist_s
**config
, const char *section
,
320 const char *name
, const char *value
)
322 struct config_section_s
*s
= config_find_section (*config
, section
);
326 s
= new_section (config
, section
);
331 return new_param (s
, NULL
, 0, name
, value
, PARAM_LONG
);
335 config_get_long_param (struct slist_s
*config
, const char *section
,
336 const char *what
, int *exists
)
338 struct config_param_s
*p
= config_get_param (config
, section
, what
, exists
);
339 return *exists
? p
->value
.ltype
: -1;
343 config_set_longlong_param (struct slist_s
**config
, const char *section
,
344 const char *name
, const char *value
)
346 struct config_section_s
*s
= config_find_section (*config
, section
);
350 s
= new_section (config
, section
);
355 return new_param (s
, NULL
, 0, name
, value
, PARAM_LONGLONG
);
359 config_get_longlong_param (struct slist_s
*config
,
360 const char *section
, const char *what
, int *exists
)
362 struct config_param_s
*p
= config_get_param (config
, section
, what
, exists
);
363 return *exists
? p
->value
.lltype
: -1;
367 config_set_list_param (struct slist_s
**config
, const char *section
,
368 const char *name
, const char *value
)
370 struct config_section_s
*s
= config_find_section (*config
, section
);
374 s
= new_section (config
, section
);
379 return new_param (s
, NULL
, 0, name
, value
, PARAM_CHARPP
);
383 config_get_list_param (struct slist_s
*config
, const char *section
,
384 const char *what
, int *exists
)
386 struct config_param_s
*p
= config_get_param (config
, section
, what
, exists
);
387 return *exists
&& p
->value
.cpptype
? strv_dup (p
->value
.cpptype
) : NULL
;
391 config_get_string (const char *section
, const char *what
)
394 const char *where
= section
? section
: "global";
397 MUTEX_LOCK (&rcfile_mutex
);
398 val
= config_get_string_param (global_config
, where
, what
, &exists
);
399 if (!exists
&& strcmp (section
? section
: "", "global"))
400 val
= config_get_string_param (global_config
, "global", what
, &exists
);
402 MUTEX_UNLOCK (&rcfile_mutex
);
407 config_get_list (const char *section
, const char *what
)
410 const char *where
= section
? section
: "global";
413 MUTEX_LOCK (&rcfile_mutex
);
414 val
= config_get_list_param (global_config
, where
, what
, &exists
);
415 if (!exists
&& strcmp (section
? section
: "", "global"))
416 val
= config_get_list_param (global_config
, "global", what
, &exists
);
418 MUTEX_UNLOCK (&rcfile_mutex
);
423 config_get_integer (const char *section
, const char *what
)
426 const char *where
= section
? section
: "global";
429 MUTEX_LOCK (&rcfile_mutex
);
430 val
= config_get_int_param (global_config
, where
, what
, &exists
);
431 if (!exists
&& strcmp (section
? section
: "", "global"))
432 val
= config_get_int_param (global_config
, "global", what
, &exists
);
434 MUTEX_UNLOCK (&rcfile_mutex
);
439 config_get_longlong (const char *section
, const char *what
)
442 const char *where
= section
? section
: "global";
445 MUTEX_LOCK (&rcfile_mutex
);
446 val
= config_get_longlong_param (global_config
, where
, what
, &exists
);
447 if (!exists
&& strcmp (section
? section
: "", "global"))
448 val
= config_get_longlong_param (global_config
, "global", what
, &exists
);
450 MUTEX_UNLOCK (&rcfile_mutex
);
455 config_get_long (const char *section
, const char *what
)
458 const char *where
= section
? section
: "global";
461 MUTEX_LOCK (&rcfile_mutex
);
462 val
= config_get_long_param (global_config
, where
, what
, &exists
);
463 if (!exists
&& strcmp (section
? section
: "", "global"))
464 val
= config_get_long_param (global_config
, "global", what
, &exists
);
466 MUTEX_UNLOCK (&rcfile_mutex
);
471 config_get_boolean (const char *section
, const char *what
)
473 return config_get_integer (section
, what
);
477 config_get_value (const char *section
, const char *what
)
479 const char *where
= section
? section
: "global";
489 MUTEX_LOCK (&rcfile_mutex
);
491 for (i
= 0; config_params
[i
].name
; i
++)
493 if (!strcmp (config_params
[i
].name
, what
))
495 switch (config_params
[i
].type
)
499 ival
= config_get_int_param (global_config
, where
, what
,
501 if (!exists
&& strcmp (section
? section
: "", "global"))
502 ival
= config_get_int_param (global_config
, "global", what
,
504 result
= str_asprintf ("%i", ival
);
507 cpval
= config_get_string_param (global_config
, where
, what
,
509 if (!exists
&& strcmp (section
? section
: "", "global"))
511 config_get_string_param (global_config
, "global", what
,
516 lval
= config_get_long_param (global_config
, where
, what
,
518 if (!exists
&& strcmp (section
? section
: "", "global"))
519 lval
= config_get_long_param (global_config
, "global", what
,
521 result
= str_asprintf ("%li", lval
);
524 llval
= config_get_longlong_param (global_config
, where
, what
,
526 if (!exists
&& strcmp (section
? section
: "", "global"))
527 llval
= config_get_longlong_param (global_config
, "global",
529 result
= str_asprintf ("%lli", llval
);
532 cppval
= config_get_list_param (global_config
, where
, what
,
534 if (!exists
&& strcmp (section
? section
: "", "global"))
535 cppval
= config_get_list_param (global_config
, "global", what
,
539 result
= strv_join (",", cppval
);
547 MUTEX_UNLOCK (&rcfile_mutex
);
551 /* 'file' is the list parameter file to load into the list parameter 'what'.
552 * The parsing of the parameter is not done here. */
554 parse_list_file (struct slist_s
*config
, const char *section
,
555 const char *file
, const char *what
)
558 char buf
[LINE_MAX
] = {0};
562 char *p
= config_get_string_param (config
, section
, file
, &exists
);
571 tmp
= expand_homedir (p
);
577 rc
= gpg_error_from_errno (errno
);
578 log_write ("%s: %s", p
, pwmd_strerror (rc
));
584 list
= config_get_list_param (config
, section
, what
, &exists
);
588 log_write ("%s", pwmd_strerror (ENOMEM
));
589 return gpg_error (ENOMEM
);
592 while ((p
= fgets (buf
, sizeof (buf
)-1, fp
)))
596 if (p
[strlen(p
)-1] == '\n')
599 while (*p
&& isspace (*p
))
602 if (!*p
|| *p
== ';')
607 pp
= strv_cat (list
, str_dup (p
));
614 log_write ("%s", strerror (ENOMEM
));
615 return gpg_error (ENOMEM
);
626 p
= strv_join (",", list
);
631 log_write ("%s", pwmd_strerror (ENOMEM
));
632 return gpg_error (ENOMEM
);
635 config_set_list_param (&config
, section
, what
, p
);
641 fixup_allowed_once (struct slist_s
**config
, const char *section
)
643 char **list
, **pp
, *p
;
647 rc
= parse_list_file (*config
, section
, "allowed_file", "allowed");
651 list
= config_get_list_param (*config
, section
, "allowed", &exists
);
652 for (pp
= list
; pp
&& *pp
; pp
++)
656 for (p
= *pp
; p
&& *p
; p
++)
664 if (!strcmp (section
, "global"))
666 p
= get_username (getuid());
668 if (config_set_list_param (config
, section
, "allowed", p
))
678 list
= config_get_list_param (*config
, "global", "allowed", &exists
);
681 p
= strv_join (",", list
);
683 if (config_set_list_param (config
, section
, "allowed", p
))
698 fixup_allowed (struct slist_s
**config
)
700 int n
, t
= slist_length (*config
);
702 for (n
= 0; n
< t
; n
++)
704 struct config_section_s
*section
;
706 section
= slist_nth_data (*config
, n
);
707 if (fixup_allowed_once (config
, section
->name
))
715 add_invoking_user (struct invoking_user_s
**users
, char *id
,
716 struct slist_s
**config
)
718 struct passwd
*pwd
= NULL
;
719 struct group
*grp
= NULL
;
720 struct invoking_user_s
*user
, *p
;
723 if (id
&& (*id
== '!' || *id
== '-'))
732 pwd
= getpwuid (getuid ());
735 log_write (_("could not set any invoking user: %s"),
736 pwmd_strerror (errno
? errno
: GPG_ERR_INV_VALUE
));
742 grp
= getgrnam (id
+1);
745 log_write (_("could not parse group '%s': %s"), id
+1,
746 pwmd_strerror (errno
? errno
: GPG_ERR_INV_VALUE
));
753 if (!grp
&& !pwd
&& id
&& *id
!= '#')
756 log_write (_("could not set invoking user '%s': %s"), id
,
757 pwmd_strerror (errno
? errno
: GPG_ERR_INV_VALUE
));
759 log_write (_("could not set any invoking user!"));
764 user
= xcalloc (1, sizeof (struct invoking_user_s
));
767 log_write ("%s", pwmd_strerror (ENOMEM
));
772 user
->type
= pwd
? INVOKING_UID
: grp
? INVOKING_GID
: INVOKING_TLS
;
774 user
->uid
= pwd
->pw_uid
;
776 user
->id
= str_dup (id
+1);
781 for (s
= id
; s
&& *s
; s
++)
784 user
->id
= str_dup (id
+1);
787 /* Set the default invoking_user since it doesn't exist. */
789 config_set_list_param (config
, "global", "invoking_user", pwd
->pw_name
);
797 for (p
= *users
; p
; p
= p
->next
)
810 parse_invoking_users (struct slist_s
**config
)
812 struct invoking_user_s
*users
= NULL
;
816 if (parse_list_file (*config
, "global", "invoking_file", "invoking_user"))
819 list
= config_get_list_param (*config
, "global", "invoking_user", &exists
);
820 for (l
= list
; l
&& *l
; l
++)
822 if (add_invoking_user (&users
, *l
, config
))
825 free_invoking_users (users
);
832 if (add_invoking_user (&users
, NULL
, config
))
839 free_invoking_users (invoking_users
);
840 invoking_users
= users
;
846 set_defaults (struct slist_s
**config
, int reload
)
853 for (i
= 0; config_params
[i
].name
; i
++)
855 switch (config_params
[i
].type
)
858 config_get_bool_param (*config
, "global", config_params
[i
].name
,
862 if (config_set_bool_param
863 (config
, "global", config_params
[i
].name
,
864 config_params
[i
].value
))
869 config_get_int_param (*config
, "global", config_params
[i
].name
,
873 if (config_set_int_param
874 (config
, "global", config_params
[i
].name
,
875 config_params
[i
].value
))
880 s
= config_get_string_param (*config
, "global",
881 config_params
[i
].name
, &exists
);
883 if (!exists
&& config_params
[i
].value
)
885 if (config_set_string_param (config
, "global",
886 config_params
[i
].name
,
887 config_params
[i
].value
))
892 list
= config_get_list_param (*config
, "global",
893 config_params
[i
].name
, &exists
);
895 if (!exists
&& config_params
[i
].value
)
897 if (config_set_list_param (config
, "global",
898 config_params
[i
].name
,
899 config_params
[i
].value
))
904 config_get_long_param (*config
, "global", config_params
[i
].name
,
908 if (config_set_long_param
909 (config
, "global", config_params
[i
].name
,
910 config_params
[i
].value
))
915 config_get_longlong_param (*config
, "global", config_params
[i
].name
,
919 if (config_set_longlong_param (config
, "global",
920 config_params
[i
].name
,
921 config_params
[i
].value
))
929 if (!reload
&& fixup_allowed (config
))
932 if (!reload
&& parse_invoking_users (config
))
935 s
= config_get_string_param(*config
, "global", "gpg_agent_socket", &exists
);
939 s
= str_asprintf ("%s/.gnupg/S.gpg-agent", get_home_dir());
940 config_set_string_param(config
, "global", "gpg_agent_socket", s
);
944 char *tmp
= expand_homedir (s
);
945 config_set_string_param(config
, "global", "gpg_agent_socket", tmp
);
949 log_level
= config_get_int_param (*config
, "global",
950 "log_level", &exists
);
951 log_keepopen
= config_get_int_param (*config
, "global",
952 "log_keepopen", &exists
);
953 max_recursion_depth
= config_get_int_param (*config
, "global",
954 "recursion_depth", &exists
);
955 disable_list_and_dump
= config_get_bool_param (*config
, "global",
956 "disable_list_and_dump",
960 config_get_bool_param (*config
, "global", "disable_mlockall", &exists
);
971 static struct config_section_s
*
972 config_find_section (struct slist_s
*config
, const char *name
)
974 unsigned i
, t
= slist_length (config
);
976 for (i
= 0; i
< t
; i
++)
978 struct config_section_s
*s
= slist_nth_data (config
, i
);
980 if (!strcmp (s
->name
, name
))
987 /* Append a new parameter to the list of parameters for a file
988 * section. When an existing parameter of the same name exists, its
992 new_param (struct config_section_s
*section
, const char *filename
, int lineno
,
993 const char *name
, const char *value
, int type
)
995 struct config_param_s
*param
= NULL
;
998 unsigned i
, t
= slist_length (section
->params
);
1001 for (i
= 0; i
< t
; i
++)
1003 struct config_param_s
*p
= slist_nth_data (section
->params
, i
);
1007 if (!strcmp (name
, p
->name
))
1017 param
= xcalloc (1, sizeof (struct config_param_s
));
1020 log_write ("%s", pwmd_strerror (ENOMEM
));
1024 param
->name
= str_dup (name
);
1028 log_write ("%s", pwmd_strerror (ENOMEM
));
1038 if (!strcasecmp (value
, "no") || !strcasecmp (value
, "0")
1039 || !strcasecmp (value
, "false"))
1040 param
->value
.itype
= 0;
1041 else if (!strcasecmp (value
, "yes") || !strcasecmp (value
, "1")
1042 || !strcasecmp (value
, "true"))
1043 param
->value
.itype
= 1;
1046 INVALID_VALUE (filename
, lineno
);
1049 param
->type
= PARAM_INT
;
1052 xfree (param
->value
.cptype
);
1053 param
->value
.cptype
= NULL
;
1054 param
->value
.cptype
= value
&& *value
? str_dup (value
) : NULL
;
1055 if (value
&& *value
&& !param
->value
.cptype
)
1057 log_write ("%s", pwmd_strerror (ENOMEM
));
1062 strv_free (param
->value
.cpptype
);
1063 param
->value
.cpptype
= NULL
;
1064 param
->value
.cpptype
= value
&& *value
?
1065 str_split_ws (value
, ",", 0) : NULL
;
1066 if (value
&& *value
&& !param
->value
.cpptype
)
1068 log_write ("%s", pwmd_strerror (ENOMEM
));
1073 param
->value
.itype
= strtol (value
, &e
, 10);
1076 INVALID_VALUE (filename
, lineno
);
1081 param
->value
.ltype
= strtol (value
, &e
, 10);
1084 INVALID_VALUE (filename
, lineno
);
1088 case PARAM_LONGLONG
:
1089 param
->value
.lltype
= strtoll (value
, &e
, 10);
1092 INVALID_VALUE (filename
, lineno
);
1101 tmp
= slist_append (section
->params
, param
);
1104 log_write ("%s", pwmd_strerror (ENOMEM
));
1108 section
->params
= tmp
;
1112 xfree (param
->name
);
1118 config_parse (const char *filename
, int reload
)
1120 struct slist_s
*tmpconfig
= NULL
, *tmp
;
1121 struct config_section_s
*cur_section
= NULL
;
1122 char buf
[LINE_MAX
] = {0};
1125 int have_global
= 0;
1126 FILE *fp
= fopen (filename
, "r");
1130 log_write ("%s: %s", filename
,
1131 pwmd_strerror (gpg_error_from_errno (errno
)));
1133 if (errno
!= ENOENT
)
1136 log_write (_("Using defaults!"));
1140 for (; (s
= fgets (buf
, sizeof (buf
)-1, fp
)); lineno
++)
1142 char line
[LINE_MAX
] = { 0 };
1149 for (; s
&& *s
; s
++)
1153 /* New file section. */
1156 struct config_section_s
*section
;
1157 char *p
= strchr (++s
, ']');
1161 log_write (_("%s(%i): unbalanced braces"), filename
,
1166 len
= strlen (s
) - strlen (p
);
1167 memcpy (line
, s
, len
);
1170 section
= config_find_section (tmpconfig
, line
);
1173 log_write (_("%s(%i): section '%s' already exists!"),
1174 filename
, lineno
, line
);
1178 if (!strcmp (line
, "global"))
1181 section
= xcalloc (1, sizeof (struct config_section_s
));
1182 section
->name
= str_dup (line
);
1186 tmp
= slist_append (tmpconfig
, cur_section
);
1189 log_write ("%s", pwmd_strerror (ENOMEM
));
1196 cur_section
= section
;
1202 log_write (_("%s(%i): parameter outside of section!"), filename
,
1207 /* Parameters for each section. */
1208 for (int m
= 0; config_params
[m
].name
; m
++)
1210 size_t len
= strlen (config_params
[m
].name
);
1212 if (!strncmp (s
, config_params
[m
].name
, len
))
1216 while (*p
&& *p
== ' ')
1219 if (!*p
|| *p
!= '=')
1223 while (*p
&& isspace (*p
))
1227 if (new_param (cur_section
, filename
, lineno
, s
, p
,
1228 config_params
[m
].type
))
1238 log_write (_("%s(%i): unknown parameter"), filename
, lineno
);
1248 tmp
= slist_append (tmpconfig
, cur_section
);
1251 log_write ("%s", pwmd_strerror (ENOMEM
));
1261 ("WARNING: %s: could not find a [global] configuration section!"),
1266 char *tmp
= config_get_string_param (tmpconfig
, "global", "tls_dh_level",
1270 if (strcasecmp (tmp
, "low") && strcasecmp (tmp
, "medium")
1271 && strcasecmp (tmp
, "high"))
1274 log_write (_("invalid tls_dh_level value"));
1283 if (set_defaults (&tmpconfig
, reload
))
1295 config_free (tmpconfig
);
1296 free_section (cur_section
);
1301 free_section (struct config_section_s
*s
)
1308 struct config_param_s
*p
= slist_nth_data (s
->params
, 0);
1313 section_remove_param (s
, p
->name
);
1322 config_free (struct slist_s
*config
)
1326 struct config_section_s
*s
= slist_nth_data (config
, 0);
1331 config
= slist_remove (config
, s
);
1337 free_invoking_users (struct invoking_user_s
*users
)
1339 struct invoking_user_s
*p
;
1343 struct invoking_user_s
*next
= p
->next
;
1345 if (p
->type
== INVOKING_TLS
|| p
->type
== INVOKING_GID
)
1354 param_type (const char *name
)
1358 for (i
= 0; config_params
[i
].name
; i
++)
1360 if (!strcmp (config_params
[i
].name
, name
))
1361 return config_params
[i
].type
;
1364 return PARAM_INVALID
;
1368 keep_parse (struct config_keep_s
*k
, const char *section
, const char *key
)
1376 int type
= param_type (key
);
1383 ival
= config_get_int_param (global_config
, section
, key
, &exists
);
1385 value
= str_asprintf ("%i", ival
);
1388 lval
= config_get_long_param (global_config
, section
, key
, &exists
);
1390 value
= str_asprintf ("%li", lval
);
1392 case PARAM_LONGLONG
:
1393 llval
= config_get_longlong_param (global_config
, section
, key
, &exists
);
1395 value
= str_asprintf ("%lli", llval
);
1398 cpval
= config_get_string_param (global_config
, section
, key
, &exists
);
1403 cppval
= config_get_list_param (global_config
, section
, key
, &exists
);
1406 char *s
= strv_join (",", cppval
);
1419 k
->section
= str_dup(section
);
1420 k
->name
= str_dup(key
);
1425 static struct slist_s
*
1426 keep_add (struct slist_s
*k
, const char *s
, const char *key
)
1428 int n
, t
= slist_length (global_config
);
1430 for (n
= 0; n
< t
; n
++)
1432 struct config_section_s
*section
;
1433 struct config_keep_s
*tmp
;
1436 section
= slist_nth_data (global_config
, n
);
1437 tmp
= xcalloc (1, sizeof(struct config_keep_s
));
1439 // Process all sections.
1441 ret
= keep_parse (tmp
, section
->name
, key
);
1443 ret
= keep_parse (tmp
, s
, key
);
1446 k
= slist_append (k
, tmp
);
1454 /* Keep security sensitive settings across SIGHUP. */
1458 struct slist_s
*keep
= NULL
;
1461 keep
= keep_add (keep
, NULL
, "tcp_require_key");
1462 keep
= keep_add (keep
, "global", "tls_regen_interval");
1464 keep
= keep_add (keep
, NULL
, "require_save_key");
1465 keep
= keep_add (keep
, NULL
, "allowed");
1466 keep
= keep_add (keep
, "global", "encrypt_to");
1467 keep
= keep_add (keep
, "global", "always_trust");
1468 keep
= keep_add (keep
, "global", "invoking_user");
1472 /* Restore parameters previously saved with config_keep_save(). This will also
1476 config_keep_restore (struct slist_s
*keep
)
1478 int n
, t
= slist_length (keep
);
1480 for (n
= 0; n
< t
; n
++)
1482 struct config_keep_s
*k
= slist_nth_data (keep
, n
);
1483 int type
= param_type (k
->name
);
1488 config_set_bool_param (&global_config
, k
->section
, k
->name
, k
->value
);
1491 config_set_int_param (&global_config
, k
->section
, k
->name
, k
->value
);
1494 config_set_long_param (&global_config
, k
->section
, k
->name
, k
->value
);
1496 case PARAM_LONGLONG
:
1497 config_set_longlong_param (&global_config
, k
->section
, k
->name
,
1501 config_set_string_param (&global_config
, k
->section
, k
->name
,
1505 config_set_list_param (&global_config
, k
->section
, k
->name
, k
->value
);