search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Conditional build fix.
[libpwmd.git] / src / pwmd.c
blobc2437da5d2a9b1393a08a5f015abbd539f3ead21
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015,
3 2016
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of pwmd.
7
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <unistd.h>
28 #include <err.h>
29 #include <ctype.h>
30 #include <string.h>
31 #include <sys/socket.h>
32 #include <sys/un.h>
33 #include <signal.h>
34 #include <stdarg.h>
35 #include <string.h>
36 #include <sys/wait.h>
37 #include <fcntl.h>
38 #include <pwd.h>
39 #include <grp.h>
40 #include <pthread.h>
41 #include <sys/mman.h>
42 #include <termios.h>
43 #include <assert.h>
44 #include <syslog.h>
45 #include <netinet/in.h>
46 #include <arpa/inet.h>
47 #include <netdb.h>
48 #include <sys/time.h>
49 #include <sys/resource.h>
50 #include <setjmp.h>
51 #include <errno.h>
52 #include <poll.h>
53
54 #ifdef TM_IN_SYS_TIME
55 #include <sys/time.h>
56 #else
57 #include <time.h>
58 #endif
59
60 #ifdef HAVE_LIMITS_H
61 #include <limits.h>
62 #endif
63
64 #ifdef HAVE_GETOPT_LONG
65 #ifdef HAVE_GETOPT_H
66 #include <getopt.h>
67 #endif
68 #else
69 #include "getopt_long.h"
70 #endif
71
72 #ifdef HAVE_PR_SET_NAME
73 #include <sys/prctl.h>
74 #endif
75
76 #include "pwmd-error.h"
77 #include <gcrypt.h>
78
79 #include "util-misc.h"
80 #include "mem.h"
81 #include "xml.h"
82 #include "common.h"
83 #include "commands.h"
84 #include "cache.h"
85 #include "util-string.h"
86 #include "mutex.h"
87 #include "rcfile.h"
88 #include "crypto.h"
89
90 /* In tenths of a second. */
91 #define SIG_TIMEOUT 1
92
93 /* For (tcp_)accept_thread (usec). */
94 #define ACCEPT_TIMEOUT 50000
95
96 static int quit;
97 static int cmdline;
98 static jmp_buf jmp;
99 static int nofork;
100 static int log_fd;
101 static unsigned assuan_level;
102
103 pthread_t accept_tid;
104 #ifdef WITH_GNUTLS
105 static int tls_fd;
106 static int tls6_fd;
107 static int start_stop_tls (int term);
108 #endif
109
110 static gpg_error_t do_cache_push (struct crypto_s *crypto);
111 static int signal_loop (sigset_t sigset);
112
113 #ifndef HAVE_PTHREAD_CANCEL
114 #define INIT_SIGNAL(s, cb) do { \
115 int *n = xmalloc (sizeof (int)); \
116 *n = 0; \
117 pthread_setspecific (signal_thread_key, n); \
118 struct sigaction act; \
119 sigset_t sigset; \
120 sigemptyset (&sigset); \
121 sigaddset (&sigset, s); \
122 pthread_sigmask (SIG_UNBLOCK, &sigset, NULL); \
123 memset (&act, 0, sizeof(act)); \
124 act.sa_flags = SA_SIGINFO; \
125 act.sa_mask = sigset; \
126 act.sa_sigaction = cb; \
127 sigaction (s, &act, NULL); \
128 } while (0)
129 #endif
130
131 #ifndef HAVE_PTHREAD_CANCEL
132 static void
133 catch_thread_signal (int sig, siginfo_t *info, void *ctx)
134 {
135 int *n = (int *) pthread_getspecific (signal_thread_key);
136
137 *n = 1;
138 }
139 #endif
140
141 static void
142 setup_logging ()
143 {
144 int n = config_get_boolean ("global", "enable_logging");
145
146 if (n)
147 {
148 char *p = config_get_string ("global", "log_path");
149
150 if (!p || (logfile && p && log_fd != -1 && strcmp(p, logfile)))
151 {
152 if (log_fd != -1)
153 close (log_fd);
154
155 log_fd = -1;
156 }
157
158 xfree (logfile);
159 logfile = NULL;
160 if (p)
161 logfile = expand_homedir (p);
162 xfree (p);
163 }
164 else
165 {
166 xfree (logfile);
167 logfile = NULL;
168 if (log_fd != -1)
169 close(log_fd);
170
171 log_fd = -1;
172 closelog ();
173 }
174
175 log_syslog = config_get_boolean ("global", "syslog");
176 if (log_syslog == 1)
177 openlog ("pwmd", LOG_NDELAY | LOG_PID, LOG_DAEMON);
178 }
179
180 static void *
181 reload_rcfile_thread (void *arg)
182 {
183 #ifndef HAVE_PTHREAD_CANCEL
184 INIT_SIGNAL (SIGUSR2, catch_thread_signal);
185 #endif
186
187 #ifdef HAVE_PR_SET_NAME
188 prctl (PR_SET_NAME, "reload rcfile");
189 #endif
190 pthread_setspecific (thread_name_key, str_asprintf ("!%s", __FUNCTION__));
191 MUTEX_LOCK (&rcfile_mutex);
192
193 for (;;)
194 {
195 struct slist_s *keep = NULL;
196 struct slist_s *config;
197 int b = disable_list_and_dump;
198 #ifdef WITH_GNUTLS
199 char *prio;
200 char *prio2 = NULL;
201 #endif
202
203 pthread_cleanup_push (release_mutex_cb, &rcfile_mutex);
204 pthread_cond_wait (&rcfile_cond, &rcfile_mutex);
205 TEST_CANCEL ();
206 keep = config_keep_save ();
207 log_write (_("reloading configuration file '%s'"), rcfile);
208
209 #ifdef WITH_GNUTLS
210 prio = config_get_string ("global", "tls_cipher_suite");
211 #endif
212 config = config_parse (rcfile, 1);
213 if (config)
214 {
215 config_free (global_config);
216 global_config = config;
217 setup_logging ();
218 }
219
220 config_keep_restore (keep);
221 disable_list_and_dump = !disable_list_and_dump ? b : 1;
222
223 #ifdef WITH_GNUTLS
224 /* Restart listening sockets since they may have changed. */
225 start_stop_tls (1);
226 start_stop_tls (0);
227
228 prio2 = config_get_string ("global", "tls_cipher_suite");
229 if ((prio2 && (!prio || strcmp (prio, prio2))) || (prio && !prio2))
230 tls_rehandshake ();
231
232 xfree (prio2);
233 xfree (prio);
234 #endif
235 crypto_set_keepalive ();
236 pthread_cleanup_pop (0);
237 }
238
239 MUTEX_UNLOCK (&rcfile_mutex);
240 return NULL;
241 }
242
243 gpg_error_t
244 send_error (assuan_context_t ctx, gpg_error_t e)
245 {
246 struct client_s *client = assuan_get_pointer (ctx);
247
248 if (gpg_err_source (e) == GPG_ERR_SOURCE_UNKNOWN)
249 e = gpg_error (e);
250
251 if (client)
252 client->last_rc = e;
253
254 if (!e)
255 return assuan_process_done (ctx, 0);
256
257 if (!ctx)
258 {
259 log_write ("ERR %i: %s", e, pwmd_strerror (e));
260 return e;
261 }
262
263 if (client && client->xml_error)
264 {
265 log_write ("%s", client->xml_error->message);
266 xfree (client->last_error);
267 client->last_error = NULL;
268 if (client->xml_error->message)
269 client->last_error = str_dup (client->xml_error->message);
270
271 e = assuan_process_done (ctx,
272 assuan_set_error (ctx, e,
273 client->xml_error->message ? client->xml_error->message : NULL));
274 xmlResetLastError ();
275 xmlResetError (client->xml_error);
276 xfree (client->xml_error);
277 client->xml_error = NULL;
278 return e;
279 }
280
281 return assuan_process_done (ctx,
282 assuan_set_error (ctx, e, pwmd_strerror (e)));
283 }
284
285 void
286 log_write (const char *fmt, ...)
287 {
288 char *args;
289 va_list ap;
290 time_t now;
291 char buf[255];
292 pthread_t tid = pthread_self ();
293 static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER;
294
295 if ((!logfile && !isatty (STDERR_FILENO) && !log_syslog) || !fmt)
296 return;
297
298 pthread_mutex_lock (&m);
299 pthread_cleanup_push ((void (*)(void *)) pthread_mutex_unlock, &m);
300
301 if (!cmdline && logfile && log_fd == -1)
302 {
303 log_fd = open (logfile, O_WRONLY | O_CREAT | O_APPEND, 0600);
304 if (log_fd == -1)
305 warn ("%s", logfile);
306 }
307
308 va_start (ap, fmt);
309
310 if (str_vasprintf (&args, fmt, ap) != -1)
311 {
312 if (cmdline)
313 {
314 pthread_cleanup_push (xfree, args);
315 fprintf (stderr, "pwmd: %s\n", args);
316 fflush (stderr);
317 pthread_cleanup_pop (1);
318 }
319 else
320 {
321 char *name = pthread_getspecific (thread_name_key);
322 char *line;
323
324 pthread_cleanup_push (xfree, args);
325 if (name)
326 {
327 if (*name == '!')
328 snprintf (buf, sizeof (buf), "%s: ", name+1);
329 else
330 snprintf (buf, sizeof (buf), "%s(%p): ", name,
331 (pthread_t *)tid);
332 }
333 else
334 snprintf (buf, sizeof (buf), "%p: ", (pthread_t *)tid);
335
336 name = buf;
337 if (!cmdline && log_syslog && !nofork)
338 syslog (LOG_INFO, "%s%s", name, args);
339
340 time (&now);
341 struct tm *tm = localtime (&now);
342 char tbuf[21];
343 strftime (tbuf, sizeof (tbuf), "%b %d %Y %H:%M:%S ", tm);
344 tbuf[sizeof (tbuf) - 1] = 0;
345
346 if (args[strlen (args) - 1] == '\n')
347 args[strlen (args) - 1] = 0;
348
349 line = str_asprintf ("%s %i %s%s\n", tbuf, getpid (), name,
350 args);
351 pthread_cleanup_pop (1);
352 if (line)
353 {
354 pthread_cleanup_push (xfree, line);
355 if (logfile && log_fd != -1)
356 {
357 ssize_t ret = write (log_fd, line, strlen (line));
358 (void)ret;
359 fsync (log_fd);
360 }
361
362 if (nofork)
363 {
364 fprintf (stdout, "%s", line);
365 fflush (stdout);
366 }
367
368 pthread_cleanup_pop (1);
369 }
370 }
371 }
372
373 va_end (ap);
374 pthread_cleanup_pop (0);
375
376 if (log_fd != -1 && log_keepopen <= 0)
377 {
378 close(log_fd);
379 log_fd = -1;
380 }
381
382 pthread_mutex_unlock (&m);
383 }
384
385 static gpg_error_t
386 setup_crypto ()
387 {
388 gpg_error_t rc;
389
390 if (!gpgrt_check_version (REQUIRE_LIBGPGERROR_VERSION))
391 {
392 fprintf (stderr, _("gpgrt_check_version(): Incompatible libgpg-error. "
393 "Wanted %s, got %s.\n"), REQUIRE_LIBGPGERROR_VERSION,
394 gpgrt_check_version (NULL));
395 return GPG_ERR_UNKNOWN_VERSION;
396 }
397
398 gpgrt_init ();
399 //gpgrt_set_alloc_func (xrealloc_gpgrt);
400
401 if (!assuan_check_version (REQUIRE_LIBASSUAN_VERSION))
402 {
403 fprintf (stderr, _("assuan_check_version(): Incompatible libassuan. "
404 "Wanted %s, got %s.\n"), REQUIRE_LIBASSUAN_VERSION,
405 assuan_check_version (NULL));
406 return GPG_ERR_UNKNOWN_VERSION;
407 }
408
409 if (!gcry_check_version (REQUIRE_LIBGCRYPT_VERSION))
410 {
411 fprintf (stderr, _("gcry_check_version(): Incompatible libgcrypt. "
412 "Wanted %s, got %s.\n"), REQUIRE_LIBGCRYPT_VERSION,
413 gcry_check_version (NULL));
414 return GPG_ERR_UNKNOWN_VERSION;
415 }
416
417 gcry_set_allocation_handler (xmalloc, xmalloc, NULL, xrealloc, xfree);
418
419 if (!gpgme_check_version (REQUIRE_LIBGPGME_VERSION))
420 {
421 fprintf (stderr, _("gpgme_check_version(): Incompatible libgpgme. "
422 "Wanted %s, got %s.\n"), REQUIRE_LIBGPGME_VERSION,
423 gpgme_check_version (NULL));
424 return GPG_ERR_UNKNOWN_VERSION;
425 }
426
427 rc = gpgme_engine_check_version (GPGME_PROTOCOL_OPENPGP);
428 if (rc)
429 {
430 fprintf (stderr, _("gpgme_engine_check_version(GPGME_PROTOCOL_OPENPGP): %s"), gpgme_strerror (rc));
431 return GPG_ERR_UNKNOWN_VERSION;
432 }
433
434 //gpgme_set_global_flag ("require-gnupg", REQUIRE_GNUPG_VERSION);
435 #ifdef ENABLE_NLS
436 gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
437 gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL));
438 #endif
439
440 #ifdef WITH_GNUTLS
441 if (gnutls_global_init ())
442 {
443 fprintf(stderr, _("gnutls_global_init() failed.\n"));
444 return GPG_ERR_UNKNOWN_VERSION;
445 }
446
447 if (!gnutls_check_version (REQUIRE_LIBGNUTLS_VERSION))
448 {
449 fprintf (stderr, _("gnutls_check_version(): Incompatible libgnutls. "
450 "Wanted %s, got %s.\n"), REQUIRE_LIBGNUTLS_VERSION,
451 gnutls_check_version (NULL));
452 return GPG_ERR_UNKNOWN_VERSION;
453 }
454
455 gnutls_global_set_log_function (tls_log);
456 gnutls_global_set_audit_log_function (tls_audit_log);
457 #endif
458 return 0;
459 }
460
461 gpg_error_t
462 do_validate_peer (assuan_context_t ctx, const char *section,
463 assuan_peercred_t * peer)
464 {
465 char **users;
466 int allowed = 0;
467 gpg_error_t rc;
468 struct client_s *client = assuan_get_pointer (ctx);
469
470 if (!client)
471 return GPG_ERR_FORBIDDEN;
472
473 #ifdef WITH_GNUTLS
474 if (client->thd->remote)
475 return tls_validate_access (client, section);
476 #endif
477
478 rc = assuan_get_peercred (ctx, peer);
479 if (rc)
480 return rc;
481
482 users = config_get_list (section, "allowed");
483 if (users)
484 {
485 for (char **p = users; !rc && *p; p++)
486 {
487 rc = acl_check_common(client, *p, (*peer)->uid, (*peer)->gid,
488 &allowed);
489 }
490
491 strv_free (users);
492 }
493 else if (client->no_access_param)
494 allowed = 1;
495
496 return allowed && !rc ? 0 : rc ? rc : GPG_ERR_FORBIDDEN;
497 }
498
499 /* Test if uid is a member of group 'name'. Invert when 'not' is true. */
500 #ifdef HAVE_GETGRNAM_R
501 static gpg_error_t
502 acl_check_group (const char *name, uid_t uid, gid_t gid, int not, int *allowed)
503 {
504 char *buf;
505 struct group gr, *gresult;
506 size_t len = sysconf (_SC_GETGR_R_SIZE_MAX);
507 int err;
508 gpg_error_t rc = 0;
509
510 if (len == -1)
511 len = 16384;
512
513 buf = xmalloc (len);
514 if (!buf)
515 return GPG_ERR_ENOMEM;
516
517 err = getgrnam_r (name, &gr, buf, len, &gresult);
518 if (!err && gresult)
519 {
520 if (gresult->gr_gid == gid)
521 {
522 xfree (buf);
523 *allowed = !not;
524 return 0;
525 }
526
527 for (char **t = gresult->gr_mem; !rc && *t; t++)
528 {
529 char *tbuf;
530 struct passwd pw;
531 struct passwd *result = get_pwd_struct (*t, 0, &pw, &tbuf, &rc);
532
533 if (!rc && result && result->pw_uid == uid)
534 {
535 xfree (tbuf);
536 *allowed = !not;
537 break;
538 }
539
540 xfree (tbuf);
541 }
542
543 xfree (buf);
544 return rc;
545 }
546 else if (err)
547 rc = gpg_error_from_errno (err);
548
549 xfree (buf);
550 return rc ? rc : !gresult ? 0 : GPG_ERR_EACCES;
551 }
552 #else
553 static gpg_error_t
554 acl_check_group (const char *name, uid_t uid, gid_t gid, int not, int *allowed)
555 {
556 struct group *gresult;
557 gpg_error_t rc = 0;
558
559 errno = 0;
560 gresult = getgrnam (name);
561 if (!errno && gresult && gresult->gr_gid == gid)
562 {
563 *allowed = !not;
564 return 0;
565 }
566 else if (errno)
567 rc = gpg_error_from_syserror ();
568 else if (!gresult)
569 return 0;
570
571 for (char **t = gresult->gr_mem; !rc && *t; t++)
572 {
573 char *buf;
574 struct passwd pw;
575 struct passwd *result = get_pwd_struct (*t, 0, &pw, &buf, &rc);
576
577 if (!rc && result && result->pw_uid == uid)
578 {
579 xfree (buf);
580 *allowed = !not;
581 break;
582 }
583
584 xfree (buf);
585 }
586
587 return rc;
588 }
589 #endif
590
591 gpg_error_t
592 peer_is_invoker(struct client_s *client)
593 {
594 struct invoking_user_s *user;
595 int allowed = 0;
596
597 if (client->thd->state == CLIENT_STATE_UNKNOWN)
598 return GPG_ERR_EACCES;
599
600 for (user = invoking_users; user; user = user->next)
601 {
602 #ifdef WITH_GNUTLS
603 if (client->thd->remote)
604 {
605 if (user->type == INVOKING_TLS
606 && !strcmp(client->thd->tls->fp, user->id))
607 allowed = user->not ? 0 : 1;
608
609 continue;
610 }
611 #endif
612
613 if (user->type == INVOKING_GID)
614 {
615 gpg_error_t rc = acl_check_group (user->id,
616 client->thd->peer->uid,
617 client->thd->peer->gid,
618 user->not, &allowed);
619 if (rc)
620 return rc;
621 }
622 else if (user->type == INVOKING_UID && client->thd->peer->uid == user->uid)
623 allowed = user->not ? 0 : 1;
624 }
625
626 return allowed ? 0 : GPG_ERR_EACCES;
627 }
628
629 #ifdef HAVE_GETGRNAM_R
630 gpg_error_t
631 acl_check_common (struct client_s *client, const char *user, uid_t uid,
632 gid_t gid, int *allowed)
633 {
634 int not = 0;
635 int rw = 0;
636 int tls = 0;
637 gpg_error_t rc = 0;
638
639 if (!user || !*user)
640 return 0;
641
642 if (*user == '-' || *user == '!')
643 not = 1;
644
645 if (*user == '+') // not implemented yet
646 rw = 1;
647
648 if (*user == '#') // TLS fingerprint hash
649 tls = 1;
650
651 if (not || rw || tls)
652 user++;
653
654 if (tls)
655 {
656 #ifdef WITH_GNUTLS
657 if (client->thd->remote)
658 {
659 if (!strcasecmp (client->thd->tls->fp, user))
660 *allowed = !not;
661 }
662
663 return 0;
664 #else
665 return 0;
666 #endif
667 }
668 #ifdef WITH_GNUTLS
669 else if (client->thd->remote) // Remote client with no FP in the ACL
670 return 0;
671 #endif
672
673 if (*user == '@') // all users in group
674 return acl_check_group (user+1, uid, gid, not, allowed);
675 else
676 {
677 char *buf;
678 struct passwd pw;
679 struct passwd *pwd = get_pwd_struct (user, 0, &pw, &buf, &rc);
680
681 if (!rc && pwd && pwd->pw_uid == uid)
682 *allowed = !not;
683
684 xfree (buf);
685 }
686
687 return rc;
688 }
689 #else
690 gpg_error_t
691 acl_check_common (struct client_s *client, const char *user, uid_t uid,
692 gid_t gid, int *allowed)
693 {
694 gpg_error_t rc = 0;
695 int not = 0;
696 int rw = 0;
697 int tls = 0;
698
699 if (!user || !*user)
700 return 0;
701
702 if (*user == '-' || *user == '!')
703 not = 1;
704
705 if (*user == '+') // not implemented yet
706 rw = 1;
707
708 if (*user == '#') // TLS fingerprint hash
709 tls = 1;
710
711 if (not || rw || tls)
712 user++;
713
714 if (tls)
715 {
716 #ifdef WITH_GNUTLS
717 if (client->thd->remote)
718 {
719 if (!strcasecmp (client->thd->tls->fp, user))
720 *allowed = !not;
721 }
722
723 return 0;
724 #else
725 return 0;
726 #endif
727 }
728
729 if (*user == '@') // all users in group
730 return acl_check_group (user+1, uid, gid, not, allowed);
731 else
732 {
733 char *buf;
734 struct passwd pw;
735 struct passwd *result = get_pwd_struct (user, 0, &pw, &buf, &rc);
736
737 if (!rc && result && result->pw_uid == uid)
738 *allowed = !not;
739
740 xfree (buf);
741 }
742
743 return rc;
744 }
745 #endif
746
747 static gpg_error_t
748 validate_peer (struct client_s *cl)
749 {
750 gpg_error_t rc;
751
752 #ifdef WITH_GNUTLS
753 if (cl->thd->remote)
754 return tls_validate_access (cl, NULL);
755 #endif
756
757 MUTEX_LOCK (&cn_mutex);
758 pthread_cleanup_push (release_mutex_cb, &cn_mutex);
759 rc = do_validate_peer (cl->ctx, "global", &cl->thd->peer);
760 pthread_cleanup_pop (1);
761 log_write ("peer %s: uid=%i, gid=%i, pid=%i, rc=%u",
762 !rc ? _("accepted") : _("rejected"), cl->thd->peer->uid,
763 cl->thd->peer->gid, cl->thd->peer->pid, rc);
764 return rc;
765 }
766
767 static void
768 xml_error_cb (void *data, xmlErrorPtr e)
769 {
770 struct client_s *client = data;
771
772 /*
773 * Keep the first reported error as the one to show in the error
774 * description. Reset in send_error().
775 */
776 if (client->xml_error)
777 return;
778
779 client->xml_error = xcalloc (1, sizeof(xmlError));
780 xmlCopyError (e, client->xml_error);
781 }
782
783 static pid_t
784 hook_waitpid (assuan_context_t ctx, pid_t pid, int action,
785 int *status, int options)
786 {
787 return waitpid (pid, status, options);
788 }
789
790 static ssize_t
791 hook_read (assuan_context_t ctx, assuan_fd_t fd, void *data, size_t len)
792 {
793 #ifdef WITH_GNUTLS
794 struct client_s *client = assuan_get_pointer (ctx);
795
796 if (client->thd->remote)
797 return tls_read_hook (ctx, (int) fd, data, len);
798 #endif
799
800 return read ((int) fd, data, len);
801 }
802
803 static ssize_t
804 hook_write (assuan_context_t ctx, assuan_fd_t fd,
805 const void *data, size_t len)
806 {
807 #ifdef WITH_GNUTLS
808 struct client_s *client = assuan_get_pointer (ctx);
809
810 if (client->thd->remote)
811 return tls_write_hook (ctx, (int) fd, data, len);
812 #endif
813
814 return write ((int) fd, data, len);
815 }
816
817 int
818 assuan_log_cb (assuan_context_t ctx, void *data, unsigned cat,
819 const char *msg)
820 {
821 struct client_s *client = data;
822 char *str = NULL;
823
824 (void)client;
825
826 if (!(assuan_level & cat))
827 return 0;
828
829 if (!msg)
830 return 1;
831
832 switch (cat)
833 {
834 case ASSUAN_LOG_INIT:
835 str = "ASSUAN[INIT]";
836 break;
837 case ASSUAN_LOG_CTX:
838 str = "ASSUAN[CTX]";
839 break;
840 case ASSUAN_LOG_ENGINE:
841 str = "ASSUAN[ENGINE]";
842 break;
843 case ASSUAN_LOG_DATA:
844 str = "ASSUAN[DATA]";
845 break;
846 case ASSUAN_LOG_SYSIO:
847 str = "ASSUAN[SYSIO]";
848 break;
849 case ASSUAN_LOG_CONTROL:
850 str = "ASSUAN[CONTROL]";
851 break;
852 default:
853 str = "ASSUAN[UNKNOWN]";
854 break;
855 }
856
857 log_write ("%s: %s", str, msg);
858 return 1;
859 }
860
861 static int
862 new_connection (struct client_s *cl)
863 {
864 gpg_error_t rc;
865 static struct assuan_malloc_hooks mhooks = { xmalloc, xrealloc, xfree };
866 static struct assuan_system_hooks shooks = {
867 ASSUAN_SYSTEM_HOOKS_VERSION,
868 __assuan_usleep,
869 __assuan_pipe,
870 __assuan_close,
871 hook_read,
872 hook_write,
873 //FIXME
874 NULL, //recvmsg
875 NULL, //sendmsg both are used for FD passing
876 __assuan_spawn,
877 hook_waitpid,
878 __assuan_socketpair,
879 __assuan_socket,
880 __assuan_connect
881 };
882
883 #ifdef WITH_GNUTLS
884 if (cl->thd->remote)
885 {
886 char *prio = config_get_string ("global", "tls_cipher_suite");
887
888 cl->thd->timeout = config_get_integer ("global", "tls_timeout");
889 if (fcntl (cl->thd->fd, F_SETFL, O_NONBLOCK) == -1)
890 return 0;
891
892 cl->thd->tls = tls_init_client (cl->thd->fd, cl->thd->timeout, prio);
893 xfree (prio);
894 if (!cl->thd->tls)
895 return 0;
896 }
897 #endif
898
899 rc = assuan_new_ext (&cl->ctx, GPG_ERR_SOURCE_DEFAULT, &mhooks,
900 assuan_log_cb, cl);
901 if (rc)
902 goto fail;
903
904 assuan_ctx_set_system_hooks (cl->ctx, &shooks);
905 rc = assuan_init_socket_server (cl->ctx, cl->thd->fd, 2);
906 if (rc)
907 goto fail;
908
909 assuan_set_pointer (cl->ctx, cl);
910 assuan_set_hello_line (cl->ctx, PACKAGE_STRING);
911 rc = register_commands (cl->ctx);
912 if (rc)
913 goto fail;
914
915 rc = assuan_accept (cl->ctx);
916 if (rc)
917 goto fail;
918
919 rc = validate_peer (cl);
920 /* May not be implemented on all platforms. */
921 if (rc && gpg_err_code (rc) != GPG_ERR_ASS_GENERAL)
922 goto fail;
923
924 MUTEX_LOCK (&cn_mutex);
925 cl->thd->state = CLIENT_STATE_INIT;
926 MUTEX_UNLOCK (&cn_mutex);
927 cl->lock_timeout = config_get_integer ("global", "lock_timeout");
928 xmlSetStructuredErrorFunc (cl, xml_error_cb);
929 return 1;
930
931 fail:
932 log_write ("%s", pwmd_strerror (rc));
933 return 0;
934 }
935
936 /*
937 * This is called after a client_thread() terminates. Set with
938 * pthread_cleanup_push().
939 */
940 static void
941 free_client_cb (void *arg)
942 {
943 struct client_thread_s *cn = arg;
944 struct client_s *cl = cn->cl;
945
946 MUTEX_LOCK (&cn_mutex);
947 cn_thread_list = slist_remove (cn_thread_list, cn);
948 MUTEX_UNLOCK (&cn_mutex);
949
950 if (cl)
951 {
952 unlock_flock (&cl->flock_fd);
953 reset_client (cl);
954 if (cl->xml_error)
955 xmlResetError (cl->xml_error);
956
957 xfree (cl->xml_error);
958
959 #ifdef WITH_GNUTLS
960 if (cn->tls)
961 {
962 gnutls_deinit (cn->tls->ses);
963 xfree (cn->tls->fp);
964 xfree (cn->tls);
965 }
966 #endif
967
968 if (cl->ctx)
969 assuan_release (cl->ctx);
970 else if (cl->thd && cl->thd->fd != -1)
971 close (cl->thd->fd);
972
973 if (cl->crypto)
974 crypto_free (cl->crypto);
975
976 cl->crypto = NULL;
977 xfree (cl);
978 }
979 else
980 {
981 if (cn->fd != -1)
982 close (cn->fd);
983 }
984
985 while (cn->msg_queue)
986 {
987 struct status_msg_s *msg = cn->msg_queue;
988
989 cn->msg_queue = msg->next;
990 xfree (msg->line);
991 xfree (msg);
992 }
993
994 if (cn->status_msg_pipe[0] != -1)
995 close (cn->status_msg_pipe[0]);
996
997 if (cn->status_msg_pipe[1] != -1)
998 close (cn->status_msg_pipe[1]);
999
1000 pthread_mutex_destroy (&cn->status_mutex);
1001 log_write (_("exiting, fd=%i"), cn->fd);
1002 send_status_all (STATUS_CLIENTS, NULL);
1003
1004 #ifdef WITH_GNUTLS
1005 xfree (cn->peeraddr);
1006 #endif
1007 xfree (cn);
1008 }
1009
1010 void
1011 free_all_clients ()
1012 {
1013 MUTEX_LOCK (&cn_mutex);
1014 pthread_cleanup_push (release_mutex_cb, &cn_mutex);
1015
1016 while (slist_length (cn_thread_list))
1017 {
1018 struct client_thread_s *thd = slist_nth_data (cn_thread_list, 0);
1019
1020 free_client_cb (thd);
1021 }
1022
1023 pthread_cleanup_pop (1);
1024 }
1025
1026 static gpg_error_t
1027 send_msg_queue (struct client_thread_s *thd)
1028 {
1029 MUTEX_LOCK (&thd->status_mutex);
1030 gpg_error_t rc = 0;
1031 char c;
1032 ssize_t ret;
1033
1034 ret = read (thd->status_msg_pipe[0], &c, 1);
1035 rc = gpg_error_from_syserror ();
1036 if (ret == -1 && gpg_err_code (rc) != GPG_ERR_EAGAIN)
1037 log_write ("%s (%i): %s", __FUNCTION__, __LINE__, pwmd_strerror (rc));
1038 else
1039 rc = 0;
1040
1041 thd->wrote_status = 0;
1042
1043 while (thd->msg_queue)
1044 {
1045 struct status_msg_s *msg = thd->msg_queue;
1046
1047 #ifndef HAVE_PTHREAD_CANCEL
1048 if (thd->fd == -1)
1049 break;
1050 #endif
1051
1052 thd->msg_queue = thd->msg_queue->next;
1053 MUTEX_UNLOCK (&thd->status_mutex);
1054 rc = send_status (thd->cl->ctx, msg->s, msg->line);
1055 MUTEX_LOCK (&thd->status_mutex);
1056 xfree (msg->line);
1057 xfree (msg);
1058
1059 if (rc)
1060 break;
1061 }
1062
1063 MUTEX_UNLOCK (&thd->status_mutex);
1064 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1065 log_write ("%s (%i): %s", __FUNCTION__, __LINE__, pwmd_strerror (rc));
1066
1067 return rc;
1068 }
1069
1070 static void *
1071 client_thread (void *data)
1072 {
1073 struct client_thread_s *thd = data;
1074 struct client_s *cl = xcalloc (1, sizeof (struct client_s));
1075 struct slist_s *list;
1076 gpg_error_t rc;
1077 #ifndef HAVE_PTHREAD_CANCEL
1078 INIT_SIGNAL (SIGUSR2, catch_thread_signal);
1079 #endif
1080
1081 #ifdef HAVE_PR_SET_NAME
1082 prctl (PR_SET_NAME, "client");
1083 #endif
1084 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1085
1086 if (!cl)
1087 {
1088 log_write ("%s(%i): %s", __FILE__, __LINE__,
1089 pwmd_strerror (GPG_ERR_ENOMEM));
1090 return NULL;
1091 }
1092
1093 MUTEX_LOCK (&cn_mutex);
1094 pthread_cleanup_push (free_client_cb, thd);
1095 thd->cl = cl;
1096 cl->thd = thd;
1097 cl->flock_fd = -1;
1098
1099 list = slist_append (cn_thread_list, thd);
1100 if (list)
1101 cn_thread_list = list;
1102 else
1103 {
1104 log_write ("%s(%i): %s", __FILE__, __LINE__,
1105 pwmd_strerror (GPG_ERR_ENOMEM));
1106 MUTEX_UNLOCK (&cn_mutex);
1107 return NULL;
1108 }
1109
1110 if (fcntl (thd->status_msg_pipe[0], F_SETFL, O_NONBLOCK) == -1)
1111 rc = gpg_error_from_errno (errno);
1112
1113 if (!rc)
1114 if (fcntl (thd->status_msg_pipe[1], F_SETFL, O_NONBLOCK) == -1)
1115 rc = gpg_error_from_errno (errno);
1116
1117 MUTEX_UNLOCK (&cn_mutex);
1118
1119 if (rc)
1120 {
1121 log_write ("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror (rc));
1122 return NULL;
1123 }
1124
1125 if (new_connection (cl))
1126 {
1127 int finished = 0;
1128 gpg_error_t rc;
1129 struct pollfd fds[2];
1130
1131 fds[0].fd = thd->fd;
1132 fds[0].events = POLLIN;
1133 fds[1].fd = thd->status_msg_pipe[0];
1134 fds[1].events = POLLIN;
1135
1136 send_status_all (STATUS_CLIENTS, NULL);
1137 rc = send_status (cl->ctx, STATUS_CACHE, NULL);
1138 if (rc)
1139 {
1140 log_write ("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror (rc));
1141 finished = 1;
1142 }
1143
1144 while (!finished)
1145 {
1146 int n;
1147 int eof;
1148
1149 n = poll (fds, 2, 100);
1150 if (n == -1)
1151 {
1152 log_write ("%s", strerror (errno));
1153 break;
1154 }
1155
1156 #ifdef WITH_GNUTLS
1157 if (thd->remote && thd->tls && thd->tls->rehandshake)
1158 {
1159 char *prio;
1160 int ret;
1161 const char *e;
1162
1163 if (thd->tls->rehandshake == 1)
1164 {
1165 prio = config_get_string ("global", "tls_cipher_suite");
1166 if (!prio)
1167 {
1168 thd->tls->rehandshake = 0;
1169 continue;
1170 }
1171
1172 ret = gnutls_priority_set_direct (thd->tls->ses, prio, &e);
1173 if (ret == GNUTLS_E_SUCCESS)
1174 {
1175 rc = send_status (cl->ctx, STATUS_REHANDSHAKE, NULL);
1176 if (!rc)
1177 {
1178 rc = assuan_send_data (cl->ctx, NULL, 0);
1179 if (!rc)
1180 {
1181 ret = gnutls_rehandshake (thd->tls->ses);
1182 if (ret)
1183 {
1184 log_write ("%s", gnutls_strerror (ret));
1185 thd->tls->rehandshake = 0;
1186 }
1187 else
1188 thd->tls->rehandshake = 2;
1189 }
1190 }
1191
1192 if (rc)
1193 log_write ("%s", pwmd_strerror (rc));
1194 }
1195 else
1196 log_write ("%s: %s", gnutls_strerror (ret), e);
1197
1198 xfree (prio);
1199 continue;
1200 }
1201 }
1202 #endif
1203
1204 if (!n)
1205 continue;
1206
1207 if (fds[1].revents & POLLIN)
1208 {
1209 #ifdef WITH_GNUTLS
1210 if (!thd->remote || (thd->tls && !thd->tls->rehandshake))
1211 #endif
1212 {
1213 rc = send_msg_queue (thd);
1214 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1215 break;
1216 }
1217 }
1218
1219 #ifdef HAVE_PTHREAD_CANCEL
1220 if (!(fds[0].revents & POLLIN))
1221 #else
1222 if (thd->fd != -1 && !(fds[0].revents & POLLIN))
1223 #endif
1224 continue;
1225
1226 rc = assuan_process_next (cl->ctx, &eof);
1227 if (rc || eof)
1228 {
1229 if (gpg_err_code (rc) == GPG_ERR_EOF || eof)
1230 break;
1231
1232 log_write ("assuan_process_next(): rc=%u %s", rc,
1233 pwmd_strerror (rc));
1234 if (rc == gpg_error (GPG_ERR_ETIMEDOUT))
1235 break;
1236
1237 rc = send_error (cl->ctx, rc);
1238 if (rc)
1239 {
1240 log_write ("assuan_process_done(): rc=%u %s", rc,
1241 pwmd_strerror (rc));
1242 break;
1243 }
1244 }
1245
1246 /* Since the msg queue pipe fd's are non-blocking, check for
1247 * pending status msgs here. GPG_ERR_EPIPE can be seen when the
1248 * client has already disconnected and will be converted to
1249 * GPG_ERR_EOF during assuan_process_next().
1250 */
1251 #ifdef WITH_GNUTLS
1252 if (!thd->remote || (thd->tls && !thd->tls->rehandshake))
1253 #endif
1254 {
1255 rc = send_msg_queue (thd);
1256 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1257 break;
1258 }
1259 }
1260 }
1261
1262 /* Don't do pthread_exit() here because any set pthread_cleanup_push
1263 * functions would be called after a command failed but then the client
1264 * exited normally which may lead to a double free. */
1265 pthread_cleanup_pop (1);
1266 return NULL;
1267 }
1268
1269 static gpg_error_t
1270 xml_import (const char *filename, const char *outfile, char **keyid,
1271 char **sign_keyid, char *keyfile, const char *keyparam,
1272 int symmetric)
1273 {
1274 xmlDocPtr doc;
1275 int fd;
1276 struct stat st;
1277 int len;
1278 xmlChar *xmlbuf;
1279 gpg_error_t rc = 0;
1280 struct crypto_s *crypto = NULL;
1281
1282 if (stat (filename, &st) == -1)
1283 {
1284 rc = gpg_error_from_errno (errno);
1285 return rc;
1286 }
1287
1288 fd = open (filename, O_RDONLY);
1289 if (fd == -1)
1290 return gpg_error_from_errno (errno);
1291
1292 xmlbuf = xmalloc (st.st_size + 1);
1293 if (!xmlbuf)
1294 {
1295 close (fd);
1296 return GPG_ERR_ENOMEM;
1297 }
1298
1299 if (read (fd, xmlbuf, st.st_size) == -1)
1300 {
1301 rc = gpg_error_from_errno (errno);
1302 close (fd);
1303 xfree (xmlbuf);
1304 return rc;
1305 }
1306
1307 close (fd);
1308 xmlbuf[st.st_size] = 0;
1309 // Be sure the document validates.
1310 doc = xmlReadDoc (xmlbuf, NULL, "UTF-8", XML_PARSE_NOBLANKS);
1311 xfree (xmlbuf);
1312 if (!doc)
1313 return GPG_ERR_BAD_DATA;
1314
1315 xmlNodePtr n = xmlDocGetRootElement (doc);
1316 if (n && !xmlStrEqual (n->name, (xmlChar *) "pwmd"))
1317 rc = GPG_ERR_BAD_DATA;
1318
1319 if (!rc)
1320 {
1321 rc = xml_validate_import (NULL, n ? n->children : n);
1322 if (!rc)
1323 {
1324 rc = crypto_init (&crypto, NULL, filename, keyfile != NULL, keyfile);
1325 if (!rc)
1326 {
1327 if (keyfile)
1328 {
1329 crypto->flags |= CRYPTO_FLAG_KEYFILE;
1330 crypto->keyfile = str_dup (keyfile);
1331 }
1332
1333 xmlDocDumpMemory (doc, &crypto->plaintext, &len);
1334 if (len > 0)
1335 crypto->plaintext_size = len;
1336 else
1337 rc = GPG_ERR_ENOMEM;
1338 }
1339 }
1340 }
1341
1342 if (!rc)
1343 {
1344 if (!symmetric && (keyparam || !keyid))
1345 {
1346 char *buf = NULL;
1347
1348 if (keyparam)
1349 {
1350 fd = open (keyparam, O_RDONLY);
1351 if (fd == -1)
1352 rc = gpg_error_from_errno (errno);
1353
1354 if (!rc)
1355 {
1356 if (stat (keyparam, &st) == -1)
1357 rc = gpg_error_from_errno (errno);
1358
1359 if (!rc)
1360 {
1361 buf = xmalloc (st.st_size+1);
1362 if (!buf)
1363 rc = GPG_ERR_ENOMEM;
1364
1365 if (!rc)
1366 {
1367 len = read (fd, buf, st.st_size);
1368 if (len != st.st_size)
1369 rc = gpg_error_from_errno (errno);
1370
1371 if (!rc)
1372 buf[len] = 0;
1373 }
1374 }
1375 }
1376
1377 if (fd != -1)
1378 close (fd);
1379 }
1380 else
1381 {
1382 buf = crypto_default_key_params ();
1383 if (!buf)
1384 rc = GPG_ERR_ENOMEM;
1385 }
1386
1387 if (!rc)
1388 rc = crypto_genkey (NULL, crypto, (unsigned char *)buf);
1389
1390 xfree (buf);
1391 }
1392 else
1393 {
1394 crypto->save.pubkey = strv_dup (keyid);
1395 crypto->save.sigkey = strv_dup (sign_keyid);
1396 }
1397
1398 if (!rc)
1399 {
1400 crypto->flags |= symmetric ? CRYPTO_FLAG_SYMMETRIC : 0;
1401 rc = crypto_encrypt (NULL, crypto);
1402 }
1403 }
1404
1405 if (!rc)
1406 {
1407 if (!strcmp (outfile, "-"))
1408 outfile = NULL;
1409
1410 xfree (crypto->plaintext);
1411 crypto->plaintext = NULL;
1412 xfree (crypto->filename);
1413 crypto->filename = outfile ? str_dup (outfile) : NULL;
1414 rc = crypto_write_file (crypto);
1415 }
1416
1417 xmlFreeDoc (doc);
1418 crypto_free (crypto);
1419 return rc;
1420 }
1421
1422 static gpg_error_t
1423 do_cache_push (struct crypto_s *crypto)
1424 {
1425 gpg_error_t rc;
1426 xmlDocPtr doc;
1427 struct cache_data_s *cdata;
1428 unsigned char *crc;
1429 size_t len;
1430 int fd = -1;
1431
1432 log_write (_("Trying to add datafile '%s' to the file cache ..."),
1433 crypto->filename);
1434
1435 if (valid_filename (crypto->filename) == 0)
1436 {
1437 log_write (_("%s: Invalid characters in filename"), crypto->filename);
1438 return GPG_ERR_INV_VALUE;
1439 }
1440
1441 rc = lock_flock (NULL, crypto->filename, LOCK_SH, &fd);
1442 if (!rc)
1443 rc = crypto_decrypt (NULL, crypto);
1444 if (rc)
1445 {
1446 unlock_flock (&fd);
1447 return rc;
1448 }
1449
1450 rc = xml_parse_doc ((char *) crypto->plaintext, crypto->plaintext_size, &doc);
1451 if (rc)
1452 {
1453 unlock_flock (&fd);
1454 log_write ("%s", pwmd_strerror (rc));
1455 return rc;
1456 }
1457
1458 cdata = xcalloc (1, sizeof (struct cache_data_s));
1459 if (!cdata)
1460 {
1461 unlock_flock (&fd);
1462 xmlFreeDoc (doc);
1463 return GPG_ERR_ENOMEM;
1464 }
1465
1466 rc = get_checksum (crypto->filename, &crc, &len);
1467 unlock_flock (&fd);
1468 if (rc)
1469 {
1470 xmlFreeDoc (doc);
1471 cache_free_data_once (cdata);
1472 return rc;
1473 }
1474
1475 cdata->crc = crc;
1476 rc = cache_encrypt (crypto);
1477 if (!rc)
1478 {
1479 cdata->doc = crypto->plaintext;
1480 cdata->size = crypto->plaintext_size;
1481 crypto->plaintext = NULL;
1482 cdata->pubkey = crypto->pubkey;
1483 cdata->sigkey = crypto->sigkey;
1484 crypto->pubkey = NULL;
1485 crypto->sigkey = NULL;
1486 }
1487 else
1488 {
1489 xmlFreeDoc (doc);
1490 cache_free_data_once (cdata);
1491 return rc;
1492 }
1493
1494 int timeout = config_get_integer (crypto->filename, "cache_timeout");
1495 rc = cache_add_file (crypto->filename, cdata, timeout);
1496 return rc;
1497 }
1498
1499 static gpg_error_t
1500 init_client (int fd, const char *addr)
1501 {
1502 gpg_error_t rc = 0;
1503 struct client_thread_s *new = xcalloc (1, sizeof (struct client_thread_s));
1504
1505 if (!new)
1506 {
1507 close (fd);
1508 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (ENOMEM));
1509 return GPG_ERR_ENOMEM;
1510 }
1511
1512 MUTEX_LOCK (&cn_mutex);
1513 pthread_cleanup_push (release_mutex_cb, &cn_mutex);
1514 new->conntime = time (NULL);
1515
1516 if (pipe (new->status_msg_pipe) == -1)
1517 rc = gpg_error_from_errno (errno);
1518 else
1519 pthread_mutex_init (&new->status_mutex, NULL);
1520
1521 if (!rc)
1522 {
1523 #ifdef WITH_GNUTLS
1524 new->remote = addr ? 1 : 0;
1525 if (addr)
1526 new->peeraddr = str_dup (addr);
1527 #endif
1528 new->fd = fd;
1529 rc = create_thread (client_thread, new, &new->tid, 1);
1530 if (rc)
1531 {
1532 close (new->status_msg_pipe[0]);
1533 close (new->status_msg_pipe[1]);
1534 pthread_mutex_destroy (&new->status_mutex);
1535 }
1536 }
1537
1538 if (!rc)
1539 {
1540 if (addr)
1541 log_write (_("new connection: tid=%p, fd=%i, addr=%s"),
1542 (pthread_t *) new->tid, fd, addr);
1543 else
1544 log_write (_("new connection: tid=%p, fd=%i"),
1545 (pthread_t *) new->tid, fd);
1546 }
1547
1548 pthread_cleanup_pop (1);
1549
1550 if (rc)
1551 {
1552 xfree (new);
1553 close (fd);
1554 log_write ("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror (rc));
1555 }
1556 return rc;
1557 }
1558
1559 #ifdef WITH_GNUTLS
1560 /* From Beej's Guide to Network Programming. It's a good tutorial. */
1561 static void *
1562 get_in_addr (struct sockaddr *sa)
1563 {
1564 if (sa->sa_family == AF_INET)
1565 return &(((struct sockaddr_in *) sa)->sin_addr);
1566
1567 return &(((struct sockaddr_in6 *) sa)->sin6_addr);
1568 }
1569
1570 static int
1571 start_stop_tls_with_protocol (int ipv6, int term)
1572 {
1573 struct addrinfo hints, *servinfo, *p;
1574 int port = config_get_integer ("global", "tcp_port");
1575 char buf[7];
1576 int n;
1577 int *fd = ipv6 ? &tls6_fd : &tls_fd;
1578
1579 if (term || config_get_boolean ("global", "enable_tcp") == 0)
1580 {
1581 if (tls6_fd != -1)
1582 {
1583 shutdown (tls6_fd, SHUT_RDWR);
1584 close (tls6_fd);
1585 tls6_fd = -1;
1586 }
1587
1588 if (tls_fd != -1)
1589 {
1590 shutdown (tls_fd, SHUT_RDWR);
1591 close (tls_fd);
1592 tls_fd = -1;
1593 }
1594
1595 return 0;
1596 }
1597
1598 memset (&hints, 0, sizeof (hints));
1599 hints.ai_family = ipv6 ? AF_INET6 : AF_INET;
1600 hints.ai_socktype = SOCK_STREAM;
1601 hints.ai_flags = AI_PASSIVE;
1602 snprintf (buf, sizeof (buf), "%i", port);
1603
1604 if ((n = getaddrinfo (NULL, buf, &hints, &servinfo)) == -1)
1605 {
1606 log_write ("getaddrinfo(): %s", gai_strerror (n));
1607 return 0;
1608 }
1609
1610 for (n = 0, p = servinfo; p != NULL; p = p->ai_next)
1611 {
1612 int r = 1;
1613
1614 if ((ipv6 && p->ai_family != AF_INET6)
1615 || (!ipv6 && p->ai_family != AF_INET))
1616 continue;
1617
1618 if ((*fd = socket (p->ai_family, p->ai_socktype, p->ai_protocol)) == -1)
1619 {
1620 log_write ("socket(): %s", strerror (errno));
1621 continue;
1622 }
1623
1624 if (setsockopt (*fd, SOL_SOCKET, SO_REUSEADDR, &r, sizeof (int)) == -1)
1625 {
1626 log_write ("setsockopt(): %s",
1627 pwmd_strerror (gpg_error_from_errno (errno)));
1628 freeaddrinfo (servinfo);
1629 goto fail;
1630 }
1631
1632 if (bind (*fd, p->ai_addr, p->ai_addrlen) == -1)
1633 {
1634 close (*fd);
1635 log_write ("bind(): %s",
1636 pwmd_strerror (gpg_error_from_errno (errno)));
1637 continue;
1638 }
1639
1640 n++;
1641 break;
1642 }
1643
1644 freeaddrinfo (servinfo);
1645
1646 if (!n)
1647 goto fail;
1648
1649 #if HAVE_DECL_SO_BINDTODEVICE != 0
1650 char *tmp = config_get_string ("global", "tcp_interface");
1651 if (tmp && setsockopt (*fd, SOL_SOCKET, SO_BINDTODEVICE, tmp,
1652 strlen (tmp)) == -1)
1653 {
1654 log_write ("setsockopt(): %s",
1655 pwmd_strerror (gpg_error_from_errno (errno)));
1656 xfree (tmp);
1657 goto fail;
1658 }
1659
1660 xfree (tmp);
1661 #endif
1662
1663 if (listen (*fd, 128) == -1)
1664 {
1665 log_write ("listen(): %s", strerror (errno));
1666 goto fail;
1667 }
1668
1669 return 1;
1670
1671 fail:
1672 start_stop_tls_with_protocol (0, 1);
1673 if (tls_fd != -1)
1674 close (tls_fd);
1675
1676 if (tls6_fd != -1)
1677 close (tls6_fd);
1678
1679 tls_fd = -1;
1680 tls6_fd = -1;
1681 return 0;
1682 }
1683
1684 static int
1685 start_stop_tls (int term)
1686 {
1687 char *s = config_get_string ("global", "tcp_bind");
1688 int b;
1689
1690 if (!s)
1691 return 0;
1692
1693 if (!strcmp (s, "any"))
1694 {
1695 b = start_stop_tls_with_protocol (0, term);
1696 if (b)
1697 b = start_stop_tls_with_protocol (1, term);
1698 }
1699 else if (!strcmp (s, "ipv4"))
1700 b = start_stop_tls_with_protocol (0, term);
1701 else if (!strcmp (s, "ipv6"))
1702 b = start_stop_tls_with_protocol (1, term);
1703 else
1704 b = 0;
1705
1706 xfree (s);
1707 if (!term && b)
1708 {
1709 gpg_error_t rc = tls_init_params ();
1710 if (rc)
1711 {
1712 start_stop_tls_with_protocol (0, 1);
1713 return 0;
1714 }
1715 }
1716
1717 return b;
1718 }
1719 #endif
1720
1721 #ifdef WITH_GNUTLS
1722 static gpg_error_t
1723 do_tls_accept (struct pollfd *fds)
1724 {
1725 struct sockaddr_storage raddr;
1726 socklen_t slen = sizeof (raddr);
1727 int fd;
1728 char s[INET6_ADDRSTRLEN];
1729
1730 if (!(fds->revents & POLLIN))
1731 return 0;
1732
1733 fd = accept (fds->fd, (struct sockaddr *) &raddr, &slen);
1734 if (fd == -1)
1735 {
1736 int e = errno;
1737
1738 if (errno != EAGAIN && !quit)
1739 log_write ("%s: %s", __FUNCTION__,
1740 pwmd_strerror (gpg_error_from_syserror()));
1741
1742 return gpg_error_from_errno (e);
1743 }
1744
1745 inet_ntop (raddr.ss_family, get_in_addr ((struct sockaddr *) &raddr), s,
1746 sizeof s);
1747 (void) init_client (fd, s);
1748 return 0;
1749 }
1750 #endif
1751
1752 static void *
1753 accept_thread (void *arg)
1754 {
1755 int sockfd = *(int *) arg;
1756 #ifndef HAVE_PTHREAD_CANCEL
1757 INIT_SIGNAL (SIGUSR2, catch_thread_signal);
1758 fcntl (sockfd, F_SETFL, O_NONBLOCK);
1759 #endif
1760
1761 #ifdef HAVE_PR_SET_NAME
1762 prctl (PR_SET_NAME, "accept");
1763 #endif
1764 pthread_setspecific (thread_name_key, str_asprintf ("!%s", __FUNCTION__));
1765
1766 for (;;)
1767 {
1768 socklen_t slen = sizeof (struct sockaddr_un);
1769 struct sockaddr_un raddr;
1770 int fd, s = 0;
1771 struct pollfd fds[3];
1772
1773 TEST_CANCEL ();
1774 memset (fds, 0, sizeof (fds));
1775 fds[s].fd = sockfd;
1776 fds[s++].events = POLLIN;
1777
1778 #ifdef WITH_GNUTLS
1779 if (tls_fd != -1)
1780 {
1781 fds[s].fd = tls_fd;
1782 fds[s++].events = POLLIN;
1783 }
1784 else
1785 fds[s].fd = tls_fd;
1786
1787 if (tls6_fd != -1)
1788 {
1789 fds[s].fd = tls6_fd;
1790 fds[s++].events = POLLIN;
1791 }
1792 else
1793 fds[s].fd = tls6_fd;
1794 #endif
1795
1796 s = poll (fds, s, 500);
1797 if (s == -1)
1798 {
1799 if (errno != EINTR)
1800 log_write ("%s", strerror (errno));
1801 break;
1802 }
1803 else if (s == 0)
1804 continue;
1805
1806 if (fds[0].revents & POLLIN)
1807 {
1808 fd = accept (sockfd, (struct sockaddr *) &raddr, &slen);
1809 if (fd == -1)
1810 {
1811 if (errno == EMFILE || errno == ENFILE)
1812 log_write ("%s: %s", __FUNCTION__,
1813 pwmd_strerror (gpg_error_from_errno (errno)));
1814 else if (errno != EAGAIN && errno != EINTR)
1815 {
1816 if (!quit) // probably EBADF
1817 log_write ("%s: %s", __FUNCTION__,
1818 pwmd_strerror (gpg_error_from_errno (errno)));
1819
1820 break;
1821 }
1822
1823 continue;
1824 }
1825
1826 (void) init_client (fd, NULL);
1827 }
1828
1829 #ifdef WITH_GNUTLS
1830 if (tls_fd != -1 && fds[1].fd == tls_fd)
1831 (void)do_tls_accept (&fds[1]);
1832
1833 if (tls6_fd != -1 && fds[1].fd == tls6_fd)
1834 (void)do_tls_accept (&fds[1]);
1835
1836 if (tls6_fd != -1 && fds[2].fd == tls6_fd)
1837 (void)do_tls_accept (&fds[2]);
1838 #endif
1839 }
1840
1841 /* Just in case accept() failed for some reason other than EBADF */
1842 quit = 1;
1843 return NULL;
1844 }
1845
1846 static void *
1847 cache_timer_thread (void *arg)
1848 {
1849 unsigned k = 0;
1850 #ifndef HAVE_PTHREAD_CANCEL
1851 INIT_SIGNAL (SIGUSR2, catch_thread_signal);
1852 #endif
1853
1854 #ifdef HAVE_PR_SET_NAME
1855 prctl (PR_SET_NAME, "timer");
1856 #endif
1857 pthread_setspecific (thread_name_key, str_asprintf ("!%s", __FUNCTION__));
1858
1859 for (;;)
1860 {
1861 struct timeval tv = { 1, 0 };
1862 unsigned keepalive = config_get_integer ("global", "keepalive_interval");
1863
1864 TEST_CANCEL ();
1865 select (0, NULL, NULL, NULL, &tv);
1866 cache_adjust_timeout ();
1867
1868 if (++k >= keepalive)
1869 {
1870 send_status_all (STATUS_KEEPALIVE, NULL);
1871 k = 0;
1872 }
1873 }
1874
1875 return NULL;
1876 }
1877
1878 static int
1879 signal_loop (sigset_t sigset)
1880 {
1881 int done = 0;
1882 int siint = 0;
1883
1884 do
1885 {
1886 int sig;
1887
1888 sigwait (&sigset, &sig);
1889 log_write (_("caught signal %i (%s)"), sig, strsignal (sig));
1890
1891 switch (sig)
1892 {
1893 case SIGHUP:
1894 pthread_cond_signal (&rcfile_cond);
1895 break;
1896 case SIGUSR1:
1897 log_write (_("clearing file cache"));
1898 cache_clear (NULL, NULL, 1);
1899 send_status_all (STATUS_CACHE, NULL);
1900 break;
1901 default:
1902 siint = 1;
1903 done = 1;
1904 break;
1905 }
1906 }
1907 while (!done);
1908
1909 return siint;
1910 }
1911
1912 static void
1913 catchsig (int sig)
1914 {
1915 log_write (_ ("Caught signal %i (%s). Exiting."), sig, strsignal (sig));
1916 #ifdef HAVE_BACKTRACE
1917 BACKTRACE (__FUNCTION__);
1918 #endif
1919 longjmp (jmp, 1);
1920 }
1921
1922 static void
1923 cancel_all_clients ()
1924 {
1925 unsigned i, t;
1926
1927 MUTEX_LOCK (&cn_mutex);
1928 t = slist_length (cn_thread_list);
1929 for (i = 0; i < t; i++)
1930 {
1931 struct client_thread_s *thd = slist_nth_data (cn_thread_list, i);
1932
1933 #ifdef HAVE_PTHREAD_CANCEL
1934 pthread_cancel (thd->tid);
1935 #else
1936 pthread_kill (thd->tid, SIGUSR2);
1937 #endif
1938 }
1939
1940 while (slist_length (cn_thread_list))
1941 {
1942 MUTEX_UNLOCK (&cn_mutex);
1943 usleep (50000);
1944 MUTEX_LOCK (&cn_mutex);
1945 }
1946
1947 MUTEX_UNLOCK (&cn_mutex);
1948 }
1949
1950 static int
1951 server_loop (int sockfd, char **socketpath)
1952 {
1953 pthread_t cache_timeout_tid;
1954 int cancel_timeout_thread = 0, cancel_accept_thread = 0;
1955 sigset_t sigset;
1956 int n;
1957 int segv = 0;
1958 gpg_error_t rc;
1959
1960 init_commands ();
1961 sigemptyset (&sigset);
1962
1963 /* Termination */
1964 sigaddset (&sigset, SIGTERM);
1965 sigaddset (&sigset, SIGINT);
1966
1967 /* Clears the file cache. */
1968 sigaddset (&sigset, SIGUSR1);
1969
1970 /* Configuration file reloading. */
1971 sigaddset (&sigset, SIGHUP);
1972
1973 #ifndef HAVE_PTHREAD_CANCEL
1974 /*
1975 The socket, cache and rcfile threads use this signal when
1976 pthread_cancel() is unavailable. Prevent the main thread from
1977 catching this signal from another process.
1978 */
1979 sigaddset (&sigset, SIGUSR2);
1980 #endif
1981
1982 /* An assertion failure. */
1983 signal (SIGABRT, catchsig);
1984 sigaddset (&sigset, SIGABRT);
1985 sigprocmask (SIG_BLOCK, &sigset, NULL);
1986
1987 #ifndef HAVE_PTHREAD_CANCEL
1988 /* Remove this signal from the watched signals in signal_loop(). */
1989 sigdelset (&sigset, SIGUSR2);
1990 #endif
1991
1992 /* Can show a backtrace of the stack in the log. */
1993 signal (SIGSEGV, catchsig);
1994
1995 char *p = get_username (getuid());
1996 log_write (_("%s started for user %s"), PACKAGE_STRING, p);
1997 xfree (p);
1998
1999 #ifdef WITH_GNUTLS
2000 if (config_get_boolean ("global", "enable_tcp"))
2001 log_write (_("Listening on %s and TCP port %i"), *socketpath,
2002 config_get_integer ("global", "tcp_port"));
2003 else
2004 log_write (_("Listening on %s"), *socketpath);
2005 #else
2006 log_write (_("Listening on %s"), *socketpath);
2007 #endif
2008
2009 rc = create_thread (reload_rcfile_thread, NULL, &rcfile_tid, 0);
2010 if (rc)
2011 {
2012 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2013 pwmd_strerror (rc));
2014 goto done;
2015 }
2016
2017 rc = create_thread (cache_timer_thread, NULL, &cache_timeout_tid, 0);
2018 if (rc)
2019 {
2020 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2021 pwmd_strerror (rc));
2022 goto done;
2023 }
2024
2025 cancel_timeout_thread = 1;
2026 rc = create_thread (accept_thread, &sockfd, &accept_tid, 0);
2027 if (rc)
2028 {
2029 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2030 pwmd_strerror (rc));
2031 goto done;
2032 }
2033
2034 cancel_accept_thread = 1;
2035 if (!setjmp (jmp))
2036 signal_loop (sigset);
2037 else
2038 segv = 1;
2039
2040 done:
2041 /*
2042 * We're out of the main server loop. This happens when a signal was sent
2043 * to terminate the daemon. We'll wait for all clients to disconnect
2044 * before exiting but exit immediately if another termination signal is
2045 * sent.
2046 */
2047 if (cancel_accept_thread)
2048 {
2049 #ifdef HAVE_PTHREAD_CANCEL
2050 int n = pthread_cancel (accept_tid);
2051 #else
2052 int n = pthread_kill (accept_tid, SIGUSR2);
2053 #endif
2054 if (!n)
2055 pthread_join (accept_tid, NULL);
2056 }
2057
2058 if (cancel_timeout_thread)
2059 {
2060 #ifdef HAVE_PTHREAD_CANCEL
2061 n = pthread_cancel (cache_timeout_tid);
2062 #else
2063 n = pthread_kill (cache_timeout_tid, SIGUSR2);
2064 #endif
2065 if (!n)
2066 pthread_join (cache_timeout_tid, NULL);
2067 }
2068
2069 #ifdef WITH_GNUTLS
2070 start_stop_tls (1);
2071 #endif
2072 shutdown (sockfd, SHUT_RDWR);
2073 close (sockfd);
2074 unlink (*socketpath);
2075 xfree (*socketpath);
2076 *socketpath = NULL;
2077 MUTEX_LOCK (&cn_mutex);
2078 n = slist_length (cn_thread_list);
2079 MUTEX_UNLOCK (&cn_mutex);
2080
2081 if (n && !segv)
2082 cancel_all_clients ();
2083 else
2084 free_all_clients ();
2085
2086 cache_deinit ();
2087 deinit_commands ();
2088 return segv ? EXIT_FAILURE : EXIT_SUCCESS;;
2089 }
2090
2091 static void
2092 startup_failure ()
2093 {
2094 log_write (_
2095 ("Failed to add a file to the cache. Use --force to force startup. Exiting."));
2096 cache_clear (NULL, NULL, 1);
2097 }
2098
2099 static void
2100 usage (const char *pn, int status)
2101 {
2102 FILE *fp = status == EXIT_FAILURE ? stderr : stdout;
2103
2104 fprintf (fp, _("Usage: %s [OPTIONS] [file1] [...]\n"
2105 " --debug=[a:..][,g:N][,t:N] enable debugging (a:[ixedsc],g:[1-9],t:[0-N])\n"
2106 " -f, --rcfile=filename load the specfied configuration file\n"
2107 " (~/.pwmd/config)\n"
2108 " --homedir alternate pwmd home directory (~/.pwmd)\n"
2109 " --kill terminate an existing instance of pwmd\n"
2110 " -n, --no-fork run as a foreground process\n"
2111 " -D, --disable-dump disable the LIST, XPATH and DUMP commands\n"
2112 " --ignore, --force ignore file errors during startup\n"
2113 " -o, --outfile=filename output file when importing or converting\n"
2114 " -C, --convert=filename convert a version 2 data file to version 3\n"
2115 " -I, --import=filename import a pwmd DTD formatted XML file)\n"
2116 " -k, --passphrase-file=file for use when importing or converting\n"
2117 " --no-passphrase-file prompt instead of using --passphrase-file when\n"
2118 " converting\n"
2119 " --no-passphrase when importing or converting\n"
2120 " --keyid=keyID[,..] public key to use when encrypting\n"
2121 " --sign-keyid=fpr[,..] fingerprint of the signing key to use\n"
2122 " --symmetric use conventional encryption with optional signer\n"
2123 " --keyparam=filename custom key parameters to use (gpg default)\n"
2124 " --help this help text\n"
2125 " --version show version and compile time features\n"),
2126 pn);
2127 exit (status);
2128 }
2129
2130 static void
2131 unlink_stale_socket (const char *sock, const char *pidfile)
2132 {
2133 log_write (_ ("removing stale socket %s"), sock);
2134 unlink (sock);
2135 unlink (pidfile);
2136 }
2137
2138 static int
2139 test_pidfile (const char *path, const char *sock, char *buf, size_t buflen,
2140 char **pidfile, int create, mode_t mode, int terminate)
2141 {
2142 pid_t pid;
2143 int fd;
2144 size_t len;
2145
2146 if (!create)
2147 {
2148 snprintf (buf, buflen, "%s/%s.pid", homedir, sock);
2149 *pidfile = str_dup (buf);
2150 fd = open (buf, O_RDONLY);
2151 }
2152 else
2153 fd = open (*pidfile, O_CREAT|O_WRONLY|O_TRUNC, mode);
2154
2155 if (fd == -1)
2156 {
2157 if (!create && errno != ENOENT)
2158 {
2159 log_write ("%s: %s", buf, pwmd_strerror (errno));
2160 free (*pidfile);
2161 *pidfile = NULL;
2162 return -1;
2163 }
2164 else if (!create && !terminate)
2165 return 0;
2166
2167 log_write ("%s: %s", *pidfile, strerror (errno));
2168 return -1;
2169 }
2170
2171 if (create)
2172 {
2173 snprintf (buf, buflen, "%i", getpid ());
2174 ssize_t ret = write (fd, buf, strlen (buf));
2175 if (ret == -1)
2176 log_write ("%s (%i): %s", __FUNCTION__, __LINE__,
2177 pwmd_strerror (gpg_error_from_syserror ()));
2178 close (fd);
2179 return 0;
2180 }
2181
2182 len = read (fd, buf, buflen);
2183 close (fd);
2184 if (len == 0)
2185 {
2186 unlink_stale_socket (path, *pidfile);
2187 return 0;
2188 }
2189
2190 if (sscanf (buf, "%5i", &pid) != 1 || pid == 0)
2191 {
2192 if (!terminate)
2193 {
2194 unlink_stale_socket (path, *pidfile);
2195 return 0;
2196 }
2197 }
2198
2199 if (kill (pid, 0) == -1)
2200 {
2201 unlink_stale_socket (path, *pidfile);
2202 return 0;
2203 }
2204
2205 if (terminate)
2206 {
2207 if (kill (pid, SIGTERM) == -1)
2208 log_write ("%s: %s", path, pwmd_strerror (errno));
2209 }
2210 else
2211 log_write (_ ("an instance for socket %s is already running"), path);
2212
2213 xfree (*pidfile);
2214 *pidfile = NULL;
2215 return 1;
2216 }
2217
2218 static unsigned
2219 parse_debug_level (const char *str, unsigned *debug, int *gpgme, int *tls)
2220 {
2221 const char *p;
2222 unsigned level = 0;
2223 int gl = 0, tl = 0;
2224
2225 for (p = str; p && *p; p++)
2226 {
2227 if (*p == 'a') // assuan debug flags
2228 {
2229 if (*++p != ':')
2230 return 1;
2231
2232 while (*++p)
2233 {
2234 switch (*p)
2235 {
2236 case 'i':
2237 level |= ASSUAN_LOG_INIT;
2238 break;
2239 case 'x':
2240 level |= ASSUAN_LOG_CTX;
2241 break;
2242 case 'e':
2243 level |= ASSUAN_LOG_ENGINE;
2244 break;
2245 case 'd':
2246 level |= ASSUAN_LOG_DATA;
2247 break;
2248 case 's':
2249 level |= ASSUAN_LOG_SYSIO;
2250 break;
2251 case 'c':
2252 level |= ASSUAN_LOG_CONTROL;
2253 break;
2254 case ',':
2255 break;
2256 default:
2257 return 1;
2258 }
2259
2260 if (*p == ',')
2261 break;
2262 }
2263
2264 if (!*p)
2265 break;
2266 }
2267 else if (*p == 'g' || *p == 't') // gpgme and TLS debug level
2268 {
2269 int t = *p == 't';
2270 int n;
2271
2272 if (*++p != ':')
2273 return 1;
2274
2275 if (!isdigit (*++p))
2276 return 1;
2277
2278 n = atoi (p);
2279 if (t)
2280 tl = n;
2281 else
2282 gl = n;
2283
2284 if (tl < 0 || gl < 0 || gl > 9)
2285 return 1;
2286
2287 while (isdigit (*p))
2288 p++;
2289
2290 p--;
2291 if (*(p+1) && *(p+1) != ',')
2292 return 1;
2293 else if (*(p+1))
2294 p++;
2295 }
2296 else
2297 return 1;
2298 }
2299
2300 if (tl)
2301 *tls = tl;
2302
2303 if (gl)
2304 *gpgme = gl;
2305
2306 *debug = level;
2307 return 0;
2308 }
2309
2310 int
2311 main (int argc, char *argv[])
2312 {
2313 int opt;
2314 struct sockaddr_un addr;
2315 char buf[PATH_MAX];
2316 char *socketpath = NULL, *socketdir, *socketname = NULL;
2317 char *socketarg = NULL;
2318 char *datadir = NULL;
2319 char *pidfile = NULL;
2320 mode_t mode = 0600;
2321 int x;
2322 char *p;
2323 char **cache_push = NULL;
2324 char *import = NULL, *keyid = NULL, *sign_keyid = NULL;
2325 char *keyparam = NULL;
2326 int estatus = EXIT_FAILURE;
2327 int sockfd;
2328 char *outfile = NULL;
2329 int do_unlink = 0;
2330 int secure = 0;
2331 int show_version = 0;
2332 int force = 0;
2333 gpg_error_t rc;
2334 char *keyfile = NULL;
2335 int exists;
2336 int optindex;
2337 int terminate = 0;
2338 int sym = 0;
2339 int gpgme_level = -1;
2340 int tls_level = -1;
2341 /* Must maintain the same order as longopts[] */
2342 enum
2343 {
2344 OPT_VERSION, OPT_HELP, OPT_HOMEDIR, OPT_NO_FORK, OPT_DISABLE_DUMP,
2345 OPT_FORCE, OPT_RCFILE, OPT_PASSPHRASE_FILE, OPT_IMPORT, OPT_OUTFILE,
2346 OPT_KEYID, OPT_SIGN_KEYID, OPT_SYMMETRIC, OPT_KEYPARAM, OPT_KILL,
2347 OPT_DEBUG
2348 };
2349 const char *optstring = "nf:C:k:I:o:s";
2350 const struct option longopts[] = {
2351 {"version", no_argument, 0, 0},
2352 {"help", no_argument, 0, 0},
2353 {"homedir", required_argument, 0, 0},
2354 {"no-fork", no_argument, 0, 'n'},
2355 {"disable_dump", no_argument, 0, 0},
2356 {"force", no_argument, 0, 0},
2357 {"rcfile", required_argument, 0, 'f'},
2358 {"passphrase-file", required_argument, 0, 'k'},
2359 {"import", required_argument, 0, 'I'},
2360 {"outfile", required_argument, 0, 'o'},
2361 {"keyid", required_argument, 0, 0},
2362 {"sign-keyid", required_argument, 0, 0},
2363 {"symmetric", no_argument, 0, 's'},
2364 {"keyparam", required_argument, 0, 0},
2365 {"kill", no_argument, 0, 0},
2366 {"debug", required_argument, 0, 0},
2367 {0, 0, 0, 0}
2368 };
2369
2370 log_fd = -1;
2371 cmdline = 1;
2372
2373 #ifndef DEBUG
2374 #ifdef HAVE_SETRLIMIT
2375 struct rlimit rl;
2376
2377 rl.rlim_cur = rl.rlim_max = 0;
2378
2379 if (setrlimit (RLIMIT_CORE, &rl) != 0)
2380 err (EXIT_FAILURE, "setrlimit()");
2381 #endif
2382
2383 #ifdef HAVE_PR_SET_DUMPABLE
2384 prctl (PR_SET_DUMPABLE, 0);
2385 #endif
2386 #endif
2387
2388 #ifdef ENABLE_NLS
2389 setlocale (LC_ALL, "");
2390 bindtextdomain ("pwmd", LOCALEDIR);
2391 textdomain ("pwmd");
2392 #endif
2393
2394 if (setup_crypto ())
2395 exit (EXIT_FAILURE);
2396
2397 #ifdef WITH_GNUTLS
2398 tls_level = tls_level == -1 ? 1 : tls_level;
2399 gnutls_global_set_log_level (tls_level);
2400 tls_fd = -1;
2401 tls6_fd = -1;
2402 #endif
2403 xmlMemSetup (xfree, xmalloc, xrealloc, str_dup);
2404 xmlInitMemory ();
2405 xmlInitGlobals ();
2406 xmlInitParser ();
2407 xmlXPathInit ();
2408
2409 while ((opt = getopt_long (argc, argv, optstring, longopts, &optindex))
2410 != -1)
2411 {
2412 switch (opt)
2413 {
2414 case 'I':
2415 import = optarg;
2416 break;
2417 case 'k':
2418 keyfile = optarg;
2419 break;
2420 case 'o':
2421 outfile = optarg;
2422 break;
2423 case 'D':
2424 secure = 1;
2425 break;
2426 case 'n':
2427 nofork = 1;
2428 break;
2429 case 'f':
2430 rcfile = str_dup (optarg);
2431 break;
2432 case 's':
2433 sym = 1;
2434 break;
2435 default:
2436 usage (argv[0], EXIT_FAILURE);
2437 break;
2438 case 0:
2439 switch (optindex)
2440 {
2441 case OPT_DEBUG:
2442 if (parse_debug_level (optarg, &assuan_level, &gpgme_level,
2443 &tls_level))
2444 usage (argv[0], EXIT_FAILURE);
2445 break;
2446 case OPT_SYMMETRIC:
2447 sym = 1;
2448 break;
2449 case OPT_VERSION:
2450 show_version = 1;
2451 break;
2452 case OPT_HELP:
2453 usage (argv[0], EXIT_SUCCESS);
2454 break;
2455 case OPT_HOMEDIR:
2456 homedir = str_dup (optarg);
2457 break;
2458 case OPT_NO_FORK:
2459 nofork = 1;
2460 break;
2461 case OPT_DISABLE_DUMP:
2462 secure = 1;
2463 break;
2464 case OPT_FORCE:
2465 force = 1;
2466 break;
2467 case OPT_RCFILE:
2468 rcfile = str_dup (optarg);
2469 break;
2470 case OPT_PASSPHRASE_FILE:
2471 keyfile = optarg;
2472 break;
2473 case OPT_IMPORT:
2474 import = optarg;
2475 break;
2476 case OPT_OUTFILE:
2477 outfile = optarg;
2478 break;
2479 case OPT_KEYID:
2480 keyid = optarg;
2481 break;
2482 case OPT_SIGN_KEYID:
2483 sign_keyid = optarg;
2484 break;
2485 case OPT_KEYPARAM:
2486 keyparam = optarg;
2487 break;
2488 case OPT_KILL:
2489 terminate = 1;
2490 break;
2491 default:
2492 usage (argv[0], EXIT_FAILURE);
2493 }
2494 }
2495 }
2496
2497 if (show_version)
2498 {
2499 printf (_("%s\n\n"
2500 "Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016\n"
2501 "%s\n"
2502 "Released under the terms of the GPL v2. Use at your own risk.\n\n"
2503 "Compile time features:\n%s"), PACKAGE_STRING,
2504 PACKAGE_BUGREPORT,
2505 #ifdef PWMD_HOMEDIR
2506 "+PWMD_HOMEDIR=" PWMD_HOMEDIR "\n"
2507 #endif
2508 #ifdef WITH_GNUTLS
2509 "+WITH_GNUTLS\n"
2510 #else
2511 "-WITH_GNUTLS\n"
2512 #endif
2513 #ifdef WITH_LIBACL
2514 "+WITH_LIBACL\n"
2515 #else
2516 "-WITH_LIBACL\n"
2517 #endif
2518 #ifdef DEBUG
2519 "+DEBUG\n"
2520 #else
2521 "-DEBUG\n"
2522 #endif
2523 #ifdef MEM_DEBUG
2524 "+MEM_DEBUG\n"
2525 #else
2526 "-MEM_DEBUG\n"
2527 #endif
2528 #ifdef MUTEX_DEBUG
2529 "+MUTEX_DEBUG\n"
2530 #else
2531 "-MUTEX_DEBUG\n"
2532 #endif
2533 );
2534 exit (EXIT_SUCCESS);
2535 }
2536
2537 if (!homedir)
2538 #ifdef PWMD_HOMEDIR
2539 homedir = str_dup(PWMD_HOMEDIR);
2540 #else
2541 homedir = str_asprintf ("%s/.pwmd", get_home_dir());
2542 #endif
2543
2544 if (mkdir (homedir, 0700) == -1 && errno != EEXIST)
2545 err (EXIT_FAILURE, "%s", homedir);
2546
2547 if (!rcfile)
2548 rcfile = str_asprintf ("%s/config", homedir);
2549
2550 pthread_key_create (&last_error_key, free_key);
2551 #ifndef HAVE_PTHREAD_CANCEL
2552 pthread_key_create (&signal_thread_key, free_key);
2553 #endif
2554
2555 pthread_mutexattr_t attr;
2556 pthread_mutexattr_init (&attr);
2557 pthread_mutexattr_settype (&attr, PTHREAD_MUTEX_RECURSIVE);
2558 pthread_mutex_init (&rcfile_mutex, &attr);
2559 global_config = config_parse (rcfile, 0);
2560 if (!global_config)
2561 {
2562 pthread_mutexattr_destroy (&attr);
2563 pthread_mutex_destroy (&rcfile_mutex);
2564 exit (EXIT_FAILURE);
2565 }
2566
2567 p = config_get_string ("global", "gpg_homedir");
2568 if (!p)
2569 datadir = str_asprintf ("%s/.gnupg", homedir);
2570 else
2571 datadir = expand_homedir (p);
2572
2573 xfree (p);
2574 if (mkdir (datadir, 0700) == -1 && errno != EEXIST)
2575 err (EXIT_FAILURE, "%s", datadir);
2576
2577 if (gpgme_level != -1)
2578 {
2579 char s[2] = { gpgme_level + '0', 0 };
2580
2581 if (getenv ("GPGME_DEBUG"))
2582 log_write (_ ("Overriding GPGME_DEBUG environment with level %u!"),
2583 gpgme_level);
2584
2585 gpgme_set_global_flag ("debug", s);
2586 }
2587
2588 rc = gpgme_set_engine_info (GPGME_PROTOCOL_OpenPGP, NULL, datadir);
2589 xfree (datadir);
2590
2591 snprintf (buf, sizeof (buf), "%s/data", homedir);
2592 if (mkdir (buf, 0700) == -1 && errno != EEXIST)
2593 err (EXIT_FAILURE, "%s", buf);
2594
2595 datadir = str_dup (buf);
2596 pthread_cond_init (&rcfile_cond, NULL);
2597 pthread_mutex_init (&cn_mutex, &attr);
2598 pthread_mutexattr_destroy (&attr);
2599
2600 setup_logging ();
2601
2602 x = config_get_int_param (global_config, "global", "priority", &exists);
2603 if (exists && x != atoi(INVALID_PRIORITY))
2604 {
2605 errno = 0;
2606 if (setpriority (PRIO_PROCESS, 0, x) == -1)
2607 {
2608 log_write ("setpriority(): %s",
2609 pwmd_strerror (gpg_error_from_errno (errno)));
2610 goto do_exit;
2611 }
2612 }
2613 #ifdef HAVE_MLOCKALL
2614 if (disable_mlock == 0 && mlockall (MCL_CURRENT | MCL_FUTURE) == -1)
2615 {
2616 log_write ("mlockall(): %s",
2617 pwmd_strerror (gpg_error_from_errno (errno)));
2618 goto do_exit;
2619 }
2620 #endif
2621
2622 rc = cache_init ();
2623 if (rc)
2624 {
2625 log_write ("pwmd: ERR %i: %s", rc, pwmd_strerror (rc));
2626 exit (EXIT_FAILURE);
2627 }
2628
2629 if (import)
2630 {
2631 char **keyids = NULL, **sign_keyids = NULL;
2632
2633 if (!outfile || !*outfile || argc != optind)
2634 usage (argv[0], EXIT_FAILURE);
2635
2636 if (keyid)
2637 keyids = str_split (keyid, ",", 0);
2638 if (sign_keyid)
2639 sign_keyids = str_split (sign_keyid, ",", 0);
2640 rc = xml_import (import, outfile, keyids, sign_keyids, keyfile, keyparam, sym);
2641 strv_free (keyids);
2642 strv_free (sign_keyids);
2643 if (rc)
2644 {
2645 if (gpg_err_source (rc) == GPG_ERR_SOURCE_UNKNOWN)
2646 rc = gpg_error (rc);
2647
2648 log_write ("%s: %u: %s", import, rc, pwmd_strerror (rc));
2649 }
2650
2651 config_free (global_config);
2652 xfree (rcfile);
2653 exit (rc ? EXIT_FAILURE : EXIT_SUCCESS);
2654 }
2655
2656 p = config_get_string ("global", "socket_path");
2657 if (!p)
2658 p = str_asprintf ("%s/socket", homedir);
2659
2660 socketarg = expand_homedir (p);
2661 xfree (p);
2662
2663 if (!secure)
2664 disable_list_and_dump = config_get_boolean ("global",
2665 "disable_list_and_dump");
2666 else
2667 disable_list_and_dump = secure;
2668
2669 cache_push = config_get_list ("global", "cache_push");
2670
2671 while (optind < argc)
2672 {
2673 if (strv_printf (&cache_push, "%s", argv[optind++]) == 0)
2674 errx (EXIT_FAILURE, "%s", pwmd_strerror (GPG_ERR_ENOMEM));
2675 }
2676
2677 if (strchr (socketarg, '/') == NULL)
2678 {
2679 socketdir = getcwd (buf, sizeof (buf));
2680 socketname = str_dup (socketarg);
2681 socketpath = str_asprintf ("%s/%s", socketdir, socketname);
2682 }
2683 else
2684 {
2685 socketname = str_dup (strrchr (socketarg, '/'));
2686 socketname++;
2687 socketarg[strlen (socketarg) - strlen (socketname) - 1] = 0;
2688 socketdir = str_dup (socketarg);
2689 socketpath = str_asprintf ("%s/%s", socketdir, socketname);
2690 }
2691
2692 if (chdir (datadir))
2693 {
2694 log_write ("%s: %s", datadir,
2695 pwmd_strerror (gpg_error_from_errno (errno)));
2696 unlink (socketpath);
2697 goto do_exit;
2698 }
2699
2700 x = test_pidfile (socketpath, socketname, buf, sizeof(buf), &pidfile, 0,
2701 mode, terminate);
2702 if (!terminate && x)
2703 goto do_exit;
2704 else if (terminate)
2705 {
2706 estatus = x != 1 ? EXIT_FAILURE : EXIT_SUCCESS;
2707 goto do_exit;
2708 }
2709
2710 /*
2711 * bind() doesn't like the full pathname of the socket or any non alphanum
2712 * characters so change to the directory where the socket is wanted then
2713 * create it then change to datadir.
2714 */
2715 if (chdir (socketdir))
2716 {
2717 log_write ("%s: %s", socketdir,
2718 pwmd_strerror (gpg_error_from_errno (errno)));
2719 goto do_exit;
2720 }
2721
2722 xfree (socketdir);
2723
2724 if ((sockfd = socket (PF_UNIX, SOCK_STREAM, 0)) == -1)
2725 {
2726 log_write ("socket(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2727 goto do_exit;
2728 }
2729
2730 addr.sun_family = AF_UNIX;
2731 snprintf (addr.sun_path, sizeof (addr.sun_path), "%s", socketname);
2732 do_unlink = 1;
2733 if (bind (sockfd, (struct sockaddr *) &addr, sizeof (struct sockaddr)) ==
2734 -1)
2735 {
2736 log_write ("bind(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2737
2738 if (errno == EADDRINUSE)
2739 {
2740 do_unlink = 0;
2741 log_write (_("Either there is another pwmd running or '%s' is a \n"
2742 "stale socket. Please remove it manually."), socketpath);
2743 }
2744
2745 goto do_exit;
2746 }
2747
2748 {
2749 char *t = config_get_string ("global", "socket_perms");
2750 mode_t mask;
2751
2752 if (t)
2753 {
2754 mode = strtol (t, NULL, 8);
2755 mask = umask (0);
2756 xfree (t);
2757
2758 if (chmod (socketname, mode) == -1)
2759 {
2760 log_write ("%s: %s", socketname,
2761 pwmd_strerror (gpg_error_from_errno (errno)));
2762 close (sockfd);
2763 umask (mask);
2764 goto do_exit;
2765 }
2766
2767 umask (mask);
2768 }
2769 }
2770
2771 xfree (--socketname);
2772
2773 if (chdir (datadir))
2774 {
2775 log_write ("%s: %s", datadir,
2776 pwmd_strerror (gpg_error_from_errno (errno)));
2777 close (sockfd);
2778 goto do_exit;
2779 }
2780
2781 xfree (datadir);
2782 #ifdef WITH_GNUTLS
2783 if (config_get_boolean ("global", "enable_tcp"))
2784 {
2785 if (!start_stop_tls (0))
2786 {
2787 close (sockfd);
2788 goto do_exit;
2789 }
2790 }
2791 #endif
2792
2793 /*
2794 * Set the cache entry for a file. Prompts for the password.
2795 */
2796 if (cache_push)
2797 {
2798 for (opt = 0; cache_push[opt]; opt++)
2799 {
2800 struct crypto_s *crypto = NULL;
2801 char *pw_file = config_get_string (cache_push[opt],
2802 "passphrase_file");
2803 gpg_error_t rc = crypto_init (&crypto, NULL, cache_push[opt],
2804 pw_file != NULL, pw_file);
2805
2806 if (!rc)
2807 {
2808 crypto->flags |= pw_file ? CRYPTO_FLAG_KEYFILE : 0;
2809 crypto->keyfile = pw_file;
2810 }
2811 else
2812 xfree (pw_file);
2813
2814 if (rc)
2815 {
2816 estatus = EXIT_FAILURE;
2817 goto do_exit;
2818 }
2819
2820 rc = do_cache_push (crypto);
2821 if (rc && !force)
2822 {
2823 log_write ("ERR %u: %s", rc, pwmd_strerror(rc));
2824 strv_free (cache_push);
2825 startup_failure ();
2826 estatus = EXIT_FAILURE;
2827 crypto_free (crypto);
2828 goto do_exit;
2829 }
2830 else if (rc)
2831 log_write ("%s: %s", crypto->filename, pwmd_strerror(rc));
2832 else
2833 log_write (_("Successfully added '%s' to the cache."),
2834 crypto->filename);
2835
2836 crypto_free (crypto);
2837 }
2838
2839 strv_free (cache_push);
2840 log_write (!nofork ? _("Done. Daemonizing...") :
2841 _("Done. Waiting for connections..."));
2842 }
2843
2844 if (listen (sockfd, 128) == -1)
2845 {
2846 log_write ("listen(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2847 goto do_exit;
2848 }
2849
2850 if (!nofork)
2851 {
2852 switch (fork ())
2853 {
2854 case -1:
2855 log_write ("fork(): %s",
2856 pwmd_strerror (gpg_error_from_errno (errno)));
2857 goto do_exit;
2858 case 0:
2859 close (0);
2860 close (1);
2861 close (2);
2862 setsid ();
2863 break;
2864 default:
2865 _exit (EXIT_SUCCESS);
2866 }
2867 }
2868
2869 (void)test_pidfile (socketpath, socketname, buf, sizeof(buf), &pidfile, 1,
2870 mode, 0);
2871 cmdline = 0;
2872 pthread_key_create (&thread_name_key, free_key);
2873 pthread_setspecific (thread_name_key, str_asprintf ("!%s", __FUNCTION__));
2874 estatus = server_loop (sockfd, &socketpath);
2875
2876 do_exit:
2877 if (socketpath && do_unlink)
2878 {
2879 unlink (socketpath);
2880 xfree (socketpath);
2881 }
2882
2883 xfree (socketarg);
2884 #ifdef WITH_GNUTLS
2885 gnutls_global_deinit ();
2886 tls_deinit_params ();
2887 #endif
2888 if (rcfile_tid)
2889 {
2890 #ifdef HAVE_PTHREAD_CANCEL
2891 pthread_cancel (rcfile_tid);
2892 #else
2893 pthread_kill (rcfile_tid, SIGUSR2);
2894 pthread_cond_signal (&rcfile_cond);
2895 #endif
2896 pthread_join (rcfile_tid, NULL);
2897 }
2898
2899 pthread_cond_destroy (&rcfile_cond);
2900 pthread_mutex_destroy (&rcfile_mutex);
2901 pthread_key_delete (last_error_key);
2902 #ifndef HAVE_PTHREAD_CANCEL
2903 pthread_key_delete (signal_thread_key);
2904 #endif
2905
2906 if (global_config)
2907 config_free (global_config);
2908
2909 free_invoking_users (invoking_users);
2910 xfree (rcfile);
2911 xfree (home_directory);
2912 xfree (homedir);
2913 xmlCleanupParser ();
2914 xmlCleanupGlobals ();
2915
2916 if (pidfile)
2917 unlink (pidfile);
2918 xfree (pidfile);
2919
2920 if (estatus == EXIT_SUCCESS && !terminate)
2921 log_write (_("pwmd exiting normally"));
2922
2923 pthread_key_delete (thread_name_key);
2924 closelog ();
2925
2926 if (log_fd != -1)
2927 close (log_fd);
2928
2929 exit (estatus);
2930 }
2931
2932 gpg_error_t lock_flock (assuan_context_t ctx, const char *filename,
2933 int type, int *fd)
2934 {
2935 gpg_error_t rc = 0;
2936
2937 #ifdef HAVE_FLOCK
2938 *fd = open (filename, O_RDONLY);
2939 if (*fd == -1)
2940 return gpg_error_from_syserror ();
2941
2942 TRY_FLOCK (ctx, *fd, type, rc);
2943 if (rc)
2944 {
2945 close (*fd);
2946 *fd = -1;
2947 }
2948 #endif
2949
2950 return rc;
2951 }
2952
2953 void unlock_flock (int *fd)
2954 {
2955 #ifdef HAVE_FLOCK
2956 if (*fd != -1)
2957 close (*fd);
2958
2959 *fd = -1;
2960 #endif
2961 }
An API for pwmd.