search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixed checking the entire peer certificate list.
[libpwmd.git] / libpwmd.c
bloba7771f08b4550222b547a240881a049e9a99bcf3
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2008 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <ctype.h>
25 #include <string.h>
26 #include <sys/socket.h>
27 #include <sys/un.h>
28 #include <signal.h>
29 #include <stdarg.h>
30 #include <string.h>
31 #include <sys/wait.h>
32 #include <fcntl.h>
33 #include <pwd.h>
34 #include <time.h>
35 #include <sys/types.h>
36 #include <limits.h>
37 #include <sys/select.h>
38 #include <netdb.h>
39 #include <netinet/in.h>
40 #include <sys/socket.h>
41 #include <libpwmd.h>
42
43 #ifdef HAVE_CONFIG_H
44 #include <config.h>
45 #endif
46
47 #ifdef WITH_LIBPTH
48 #include <pth.h>
49 #endif
50
51 #ifdef HAVE_LIBGNUTLS
52 #include <gnutls/gnutls.h>
53 #include <gnutls/x509.h>
54 #define DNS_USE_GETTIMEOFDAY_FOR_ID 1
55 #include <event.h>
56 #include <evdns.h>
57 #endif
58
59 #ifdef HAVE_ASSUAN_H
60 #include <assuan.h>
61 #endif
62
63 #ifdef HAVE_SETLOCALE
64 #include <locale.h>
65 #endif
66
67 #include "gettext.h"
68 #define N_(msgid) dgettext("libpwmd", msgid)
69
70 #ifndef MEM_DEBUG
71 #include "mem.h"
72 #else
73 #define xfree free
74 #define xrealloc realloc
75 #define xmalloc malloc
76 #define xstrdup strdup
77 #define xcalloc calloc
78 #endif
79
80 #include "types.h"
81
82 #ifdef WITH_PINENTRY
83 static pwm_t *gpwm;
84 static int gelapsed, gtimeout;
85 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd);
86 static gpg_error_t global_error;
87 #endif
88
89 const char *pwmd_strerror(gpg_error_t e)
90 {
91 gpg_err_code_t code = gpg_err_code(e);
92
93 if (code >= GPG_ERR_USER_1 && code < gpg_err_code(EPWMD_MAX)) {
94 switch (code) {
95 case GPG_ERR_USER_1:
96 default:
97 return N_("Unknown error");
98 case GPG_ERR_USER_2:
99 return N_("No cache slots available");
100 case GPG_ERR_USER_3:
101 return N_("Recursion loop");
102 case GPG_ERR_USER_4:
103 return N_("No file is open");
104 case GPG_ERR_USER_5:
105 return N_("General LibXML error");
106 case GPG_ERR_USER_6:
107 return N_("File modified");
108 case GPG_ERR_USER_7:
109 return N_("Access denied");
110 }
111 }
112
113 return gpg_strerror(e);
114 }
115
116 gpg_error_t pwmd_init()
117 {
118 static int initialized;
119
120 if (initialized)
121 return 0;
122
123 #ifdef HAVE_LIBGNUTLS
124 gnutls_global_set_mem_functions(xmalloc, xmalloc, NULL, xrealloc, xfree);
125 gnutls_global_init ();
126 event_init();
127 evdns_init();
128 #endif
129 #ifdef ENABLE_NLS
130 bindtextdomain("libpwmd", LOCALEDIR);
131 #endif
132 gpg_err_init();
133 assuan_set_malloc_hooks(xmalloc, xrealloc, xfree);
134 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT);
135 initialized = 1;
136 return 0;
137 }
138
139 static pwm_t *_socket_connect_finalize(pwm_t *pwm, assuan_context_t ctx)
140 {
141 int active[2];
142 int n = assuan_get_active_fds(ctx, 0, active, sizeof(active));
143
144 pwm->fd = n <= 0 ? -1 : dup(active[0]);
145 pwm->ctx = ctx;
146 #ifdef WITH_PINENTRY
147 pwm->pid = -1;
148 pwm->pinentry_tries = 3;
149 #endif
150 assuan_set_pointer(ctx, pwm);
151 return pwm;
152 }
153
154 #ifdef HAVE_LIBGNUTLS
155 static int read_hook(assuan_context_t ctx, assuan_fd_t fd, void *data,
156 size_t len, ssize_t *ret)
157 {
158 pwm_t *pwm = assuan_get_pointer(ctx);
159
160 if (!pwm || !pwm->session)
161 *ret = read((int)fd, data, len);
162 else {
163 do {
164 *ret = gnutls_record_recv(pwm->session, data, len);
165
166 if (*ret == GNUTLS_E_REHANDSHAKE) {
167 *ret = gnutls_rehandshake(pwm->session);
168
169 if (*ret == GNUTLS_E_WARNING_ALERT_RECEIVED ||
170 *ret == GNUTLS_A_NO_RENEGOTIATION) {
171 gnutls_perror(*ret);
172 continue;
173 }
174
175 if (*ret != GNUTLS_E_SUCCESS) {
176 gnutls_perror(*ret);
177 *ret = 0;
178 break;
179 }
180
181 *ret = gnutls_handshake(pwm->session);
182
183 if (*ret != GNUTLS_E_SUCCESS) {
184 gnutls_perror(*ret);
185 *ret = 0;
186 break;
187 }
188
189 continue;
190 }
191 } while (*ret == GNUTLS_E_INTERRUPTED || *ret == GNUTLS_E_AGAIN);
192 }
193
194 return *ret <= 0 ? 0 : 1;
195 }
196
197 static int write_hook(assuan_context_t ctx, assuan_fd_t fd, const void *data,
198 size_t len, ssize_t *ret)
199 {
200 pwm_t *pwm = assuan_get_pointer(ctx);
201
202 if (!pwm || !pwm->session)
203 *ret = write((int)fd, data, len);
204 else {
205 do {
206 *ret = gnutls_record_send(pwm->session, data, len);
207 } while (*ret == GNUTLS_E_INTERRUPTED || *ret == GNUTLS_E_AGAIN);
208 }
209
210 return *ret <= 0 ? 0 : 1;
211 }
212
213 static void _tls_deinit(pwm_t *pwm)
214 {
215 if (pwm->session) {
216 gnutls_bye(pwm->session, GNUTLS_SHUT_WR);
217 gnutls_deinit(pwm->session);
218 }
219
220 if (pwm->x509)
221 gnutls_certificate_free_credentials(pwm->x509);
222
223 pwm->session = NULL;
224 pwm->x509 = NULL;
225 }
226
227 static gpg_error_t verify_certificate(pwm_t *pwm)
228 {
229 unsigned int status;
230 const gnutls_datum_t *cert_list;
231 unsigned int cert_list_size;
232 int i;
233 gnutls_x509_crt_t cert;
234 gpg_error_t rc;
235
236 rc = gnutls_certificate_verify_peers2(pwm->session, &status);
237
238 if (rc < 0) {
239 gnutls_perror(rc);
240 return GPG_ERR_BAD_CERT;
241 }
242
243 if (status & GNUTLS_CERT_INVALID)
244 return GPG_ERR_BAD_CERT;
245
246 if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
247 return GPG_ERR_BAD_SIGNATURE;
248
249 if (status & GNUTLS_CERT_REVOKED)
250 return GPG_ERR_CERT_REVOKED;
251
252 if (gnutls_certificate_type_get(pwm->session) != GNUTLS_CRT_X509)
253 return GPG_ERR_UNSUPPORTED_CERT;
254
255 if (gnutls_x509_crt_init(&cert) < 0)
256 return gpg_error_from_errno(ENOMEM);
257
258 cert_list = gnutls_certificate_get_peers(pwm->session, &cert_list_size);
259
260 if (!cert_list) {
261 rc = GPG_ERR_MISSING_CERT;
262 goto done;
263 }
264
265 for (i = 0; i < cert_list_size; i++) {
266 if (gnutls_x509_crt_import(cert, &cert_list[i], GNUTLS_X509_FMT_DER) < 0) {
267 rc = GPG_ERR_BAD_CERT_CHAIN;
268 goto done;
269 }
270
271 if (gnutls_x509_crt_get_expiration_time(cert) < time(0)) {
272 rc = GPG_ERR_CERT_EXPIRED;
273 goto done;
274 }
275
276 if (gnutls_x509_crt_get_activation_time(cert) > time(0)) {
277 rc = GPG_ERR_CERT_TOO_YOUNG;
278 goto done;
279 }
280 }
281
282 done:
283 gnutls_x509_crt_deinit(cert);
284 return rc;
285 }
286
287 static gpg_error_t _tls_init(pwm_t *pwm)
288 {
289 gpg_error_t rc;
290 const char *errstr;
291
292 rc = gnutls_certificate_allocate_credentials(&pwm->x509);
293
294 if (rc)
295 return gpg_error_from_errno(ENOMEM);
296
297 /* The client certificate must be signed by the CA of the pwmd server
298 * certificate in order for the client to authenticate successfully. Man in
299 * the middle attacks are still possible if the attacker is running a pwmd
300 * that doesn't require client certificate authentication. So require the
301 * client to verify the server certificate.
302 */
303 rc = gnutls_certificate_set_x509_trust_file (pwm->x509, pwm->tcp_conn->ca,
304 GNUTLS_X509_FMT_PEM);
305
306 if (rc == -1) {
307 gnutls_perror(rc);
308 rc = GPG_ERR_INV_CERT_OBJ;
309 goto fail;
310 }
311
312 rc = gnutls_certificate_set_x509_key_file(pwm->x509, pwm->tcp_conn->cert,
313 pwm->tcp_conn->key, GNUTLS_X509_FMT_PEM);
314
315 if (rc != GNUTLS_E_SUCCESS) {
316 gnutls_perror(rc);
317 rc = GPG_ERR_INV_CERT_OBJ;
318 goto fail;
319 }
320
321 rc = gnutls_init(&pwm->session, GNUTLS_CLIENT);
322
323 if (rc != GNUTLS_E_SUCCESS) {
324 gnutls_perror(rc);
325 rc = GPG_ERR_INV_CERT_OBJ;
326 goto fail;
327 }
328
329 rc = gnutls_priority_set_direct(pwm->session, "SECURE256", &errstr);
330
331 if (rc != GNUTLS_E_SUCCESS) {
332 gnutls_perror(rc);
333 rc = GPG_ERR_INV_CERT_OBJ;
334 goto fail;
335 }
336
337 rc = gnutls_credentials_set(pwm->session, GNUTLS_CRD_CERTIFICATE, pwm->x509);
338
339 if (rc != GNUTLS_E_SUCCESS) {
340 gnutls_perror(rc);
341 rc = GPG_ERR_INV_CERT_OBJ;
342 goto fail;
343 }
344
345 gnutls_transport_set_ptr(pwm->session,
346 (gnutls_transport_ptr_t)pwm->tcp_conn->fd);
347 rc = gnutls_handshake(pwm->session);
348
349 if (rc != GNUTLS_E_SUCCESS) {
350 gnutls_perror(rc);
351 rc = GPG_ERR_INV_CERT_OBJ;
352 _tls_deinit(pwm);
353 return rc;
354 }
355
356 rc = verify_certificate(pwm);
357
358 fail:
359 if (rc)
360 _tls_deinit(pwm);
361
362 return rc;
363 }
364
365 static void _tls_assuan_deinit(assuan_context_t ctx)
366 {
367 pwm_t *pwm = assuan_get_pointer(ctx);
368
369 _tls_deinit(pwm);
370 }
371
372 static void free_tcp_conn(pwmd_tcp_conn_t *conn)
373 {
374 if (!conn)
375 return;
376
377 if (conn->cert)
378 xfree(conn->cert);
379
380 if (conn->key)
381 xfree(conn->key);
382
383 if (conn->ca)
384 xfree(conn->ca);
385
386 if (conn->host)
387 xfree(conn->host);
388
389 xfree(conn);
390 }
391
392 /*
393 * Sets common options from both pwmd_tcp_connect() and
394 * pwmd_tcp_connect_async().
395 */
396 static gpg_error_t init_tcp_conn(pwmd_tcp_conn_t **dst, char *host, int port,
397 const char *cert, const char *key, const char *ca)
398 {
399 char buf[PATH_MAX];
400 struct passwd *pw = getpwuid(getuid());
401 pwmd_tcp_conn_t *conn;
402 gpg_error_t rc = 0;
403
404 if (!host)
405 return GPG_ERR_INV_ARG;
406
407 conn = xcalloc(1, sizeof(pwmd_tcp_conn_t));
408 if (!conn)
409 return gpg_error_from_errno(ENOMEM);
410
411 conn->port = port == -1 ? 6466 : port;
412 conn->host = xstrdup(host);
413
414 if (!conn->host) {
415 rc = gpg_error_from_errno(ENOMEM);
416 goto fail;
417 }
418
419 if (!cert) {
420 snprintf(buf, sizeof(buf), "%s/.pwmd/client-cert.pem", pw->pw_dir);
421 conn->cert = xstrdup(buf);
422 }
423 else
424 conn->cert = xstrdup(cert);
425
426 if (!conn->cert) {
427 rc = gpg_error_from_errno(ENOMEM);
428 goto fail;
429 }
430
431 if (!key) {
432 snprintf(buf, sizeof(buf), "%s/.pwmd/client-key.pem", pw->pw_dir);
433 conn->key = xstrdup(buf);
434 }
435 else
436 conn->key = xstrdup(key);
437
438 if (!conn->key) {
439 rc = gpg_error_from_errno(ENOMEM);
440 goto fail;
441 }
442
443 if (!ca) {
444 snprintf(buf, sizeof(buf), "%s/.pwmd/ca-cert.pem", pw->pw_dir);
445 conn->ca = xstrdup(buf);
446 }
447 else
448 conn->ca = xstrdup(ca);
449
450 if (!conn->ca) {
451 rc = gpg_error_from_errno(ENOMEM);
452 goto fail;
453 }
454
455 conn->fd = socket(PF_INET, SOCK_STREAM, 0);
456
457 if (conn->fd == -1) {
458 rc = gpg_error_from_syserror();
459 goto fail;
460 }
461
462 *dst = conn;
463 return 0;
464
465 fail:
466 free_tcp_conn(conn);
467 return rc;
468 }
469
470 static gpg_error_t do_connect(pwm_t *pwm, void *addr)
471 {
472 struct sockaddr_in their_addr;
473
474 pwm->cmd = ASYNC_CMD_CONNECT;
475 their_addr.sin_family = AF_INET;
476 their_addr.sin_port = htons(pwm->tcp_conn->port);
477 their_addr.sin_addr = *((struct in_addr *)addr);
478 memset(their_addr.sin_zero, '\0', sizeof their_addr.sin_zero);
479
480 if (connect(pwm->tcp_conn->fd, (struct sockaddr *)&their_addr,
481 sizeof(their_addr)) == -1)
482 return gpg_error_from_syserror();
483
484 return 0;
485 }
486
487 static void dns_resolve_cb(int result, char type, int count, int ttl,
488 void *addrs, void *arg)
489 {
490 pwm_t *pwm = arg;
491
492 if (result != DNS_ERR_NONE) {
493 switch (result) {
494 case DNS_ERR_NOTEXIST:
495 pwm->tcp_conn->rc = GPG_ERR_UNKNOWN_HOST;
496 break;
497 case DNS_ERR_SERVERFAILED:
498 pwm->tcp_conn->rc = GPG_ERR_EHOSTDOWN;
499 break;
500 case DNS_ERR_TIMEOUT:
501 pwm->tcp_conn->rc = GPG_ERR_TIMEOUT;
502 break;
503 default:
504 //FIXME
505 pwm->tcp_conn->rc = GPG_ERR_EHOSTUNREACH;
506 break;
507 }
508
509 return;
510 }
511
512 fcntl(pwm->tcp_conn->fd, F_SETFL, O_NONBLOCK);
513 pwm->tcp_conn->rc = do_connect(pwm, &addrs[0]);
514 }
515
516 pwm_t *pwmd_tcp_connect_async(char *host, int port, gpg_error_t *rc,
517 const char *cert, const char *key, const char *ca)
518 {
519 #ifndef HAVE_LIBGNUTLS
520 *rc = GPG_ERR_NOT_IMPLEMENTED;
521 return NULL;
522 #else
523 pwmd_tcp_conn_t *conn;
524 pwm_t *pwm;
525
526 *rc = init_tcp_conn(&conn, host, port, cert, key, ca);
527
528 if (*rc)
529 return NULL;
530
531 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
532 *rc = gpg_error_from_syserror();
533 free_tcp_conn(conn);
534 return NULL;
535 }
536
537 pwm->tcp_conn = conn;
538 pwm->cmd = ASYNC_CMD_DNS;
539 pwm->state = ASYNC_PROCESS;
540 evdns_resolv_conf_parse(DNS_OPTIONS_ALL, "/etc/resolv.conf");
541 evdns_resolve_ipv4(pwm->tcp_conn->host, 0, dns_resolve_cb, pwm);
542 return pwm;
543 #endif
544 }
545
546 static pwm_t *setup_context(pwm_t *pwm, gpg_error_t *rc)
547 {
548 assuan_context_t ctx;
549 struct assuan_io_hooks io_hooks = {read_hook, write_hook};
550 int fd = pwm->tcp_conn->fd;
551
552 *rc = _tls_init(pwm);
553 free_tcp_conn(pwm->tcp_conn);
554 pwm->tcp_conn = NULL;
555
556 if (*rc)
557 goto fail;
558
559 assuan_set_io_hooks(&io_hooks);
560 *rc = assuan_socket_connect_fd(&ctx, fd, 0, pwm);
561
562 if (*rc)
563 goto fail;
564
565 assuan_set_finish_handler(ctx, _tls_assuan_deinit);
566 return _socket_connect_finalize(pwm, ctx);
567
568 fail:
569 _tls_deinit(pwm);
570 xfree(pwm);
571 return NULL;
572 }
573
574 pwm_t *pwmd_tcp_connect(char *host, int port, gpg_error_t *rc, const char *cert,
575 const char *key, const char *ca)
576 {
577 struct hostent *he;
578 pwm_t *pwm = NULL;
579 pwmd_tcp_conn_t *conn;
580
581 *rc = init_tcp_conn(&conn, host, port, cert, key, ca);
582
583 if (*rc)
584 return NULL;
585
586 if ((he = gethostbyname(conn->host)) == NULL) {
587 // FIXME
588 *rc = gpg_error_from_syserror();
589 free_tcp_conn(conn);
590 return NULL;
591 }
592
593 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
594 *rc = gpg_error_from_syserror();
595 goto fail;
596 }
597
598 pwm->tcp_conn = conn;
599 *rc = do_connect(pwm, he->h_addr);
600
601 if (*rc)
602 goto fail;
603
604 return setup_context(pwm, rc);
605
606 fail:
607 xfree(pwm);
608
609 if (conn->fd >= 0)
610 close(conn->fd);
611
612 free_tcp_conn(conn);
613 return NULL;
614 }
615 #endif
616
617 pwm_t *pwmd_connect(const char *path, gpg_error_t *rc)
618 {
619 pwm_t *pwm = NULL;
620 char *socketpath = NULL;
621 struct passwd *pw;
622 assuan_context_t ctx;
623
624 if (!path) {
625 pw = getpwuid(getuid());
626 socketpath = (char *)xmalloc(strlen(pw->pw_dir) + strlen("/.pwmd/socket") + 1);
627 sprintf(socketpath, "%s/.pwmd/socket", pw->pw_dir);
628 }
629 else
630 socketpath = xstrdup(path);
631
632 *rc = assuan_socket_connect_ext(&ctx, socketpath, -1, 0);
633 xfree(socketpath);
634
635 if (*rc)
636 return NULL;
637
638 if ((pwm = (pwm_t *)xcalloc(1, sizeof(pwm_t))) == NULL) {
639 *rc = gpg_error_from_syserror();
640 return NULL;
641 }
642
643 return _socket_connect_finalize(pwm, ctx);
644 }
645
646 gpg_error_t pwmd_pending_line(pwm_t *pwm, char **line, size_t *len)
647 {
648 if (!pwm)
649 return GPG_ERR_INV_ARG;
650
651 if (assuan_pending_line(pwm->ctx))
652 return assuan_read_line(pwm->ctx, line, len);
653
654 return GPG_ERR_NO_DATA;
655 }
656
657 void pwmd_close(pwm_t *pwm)
658 {
659 if (!pwm)
660 return;
661
662 if (pwm->ctx)
663 assuan_disconnect(pwm->ctx);
664
665 if (pwm->password)
666 xfree(pwm->password);
667
668 if (pwm->title)
669 xfree(pwm->title);
670
671 if (pwm->desc)
672 xfree(pwm->desc);
673
674 if (pwm->prompt)
675 xfree(pwm->prompt);
676
677 if (pwm->pinentry_tty)
678 xfree(pwm->pinentry_tty);
679
680 if (pwm->pinentry_display)
681 xfree(pwm->pinentry_display);
682
683 if (pwm->pinentry_term)
684 xfree(pwm->pinentry_term);
685
686 if (pwm->filename)
687 xfree(pwm->filename);
688
689 xfree(pwm);
690 }
691
692 static int mem_realloc_cb(void *data, const void *buffer, size_t len)
693 {
694 membuf_t *mem = (membuf_t *)data;
695 void *p;
696
697 if (!buffer)
698 return 0;
699
700 if ((p = xrealloc(mem->buf, mem->len + len)) == NULL)
701 return 1;
702
703 mem->buf = p;
704 memcpy((char *)mem->buf + mem->len, buffer, len);
705 mem->len += len;
706 return 0;
707 }
708
709 void pwmd_free_result(void *data)
710 {
711 xfree(data);
712 }
713
714 static int _inquire_cb(void *data, const char *keyword)
715 {
716 pwm_t *pwm = (pwm_t *)data;
717 gpg_error_t rc = 0;
718 int flags = fcntl(pwm->fd, F_GETFL);
719
720 /* Shouldn't get this far without a callback. */
721 if (!pwm->inquire_func)
722 return GPG_ERR_INV_ARG;
723
724 /*
725 * Since the socket file descriptor is probably set to non-blocking, set to
726 * blocking to prevent GPG_ERR_EAGAIN errors. This should be fixes when
727 * asynchronous INQUIRE is supported by either libassuan or a later
728 * libpwmd.
729 */
730 fcntl(pwm->fd, F_SETFL, 0);
731
732 for (;;) {
733 char *result = NULL;
734 size_t len;
735 gpg_error_t arc;
736
737 rc = pwm->inquire_func(pwm->inquire_data, keyword, rc, &result, &len);
738 rc = gpg_err_code(rc);
739
740 if (rc == GPG_ERR_EOF || !rc) {
741 if (len <= 0 || !result || !*result) {
742 rc = 0;
743 break;
744 }
745
746 arc = assuan_send_data(pwm->ctx, result, len);
747
748 if (rc == GPG_ERR_EOF) {
749 rc = arc;
750 break;
751 }
752
753 rc = arc;
754 }
755 else if (rc)
756 break;
757 }
758
759 fcntl(pwm->fd, F_SETFL, flags);
760 return rc;
761 }
762
763 gpg_error_t pwmd_finalize(pwm_t *pwm)
764 {
765 if (!pwm || pwm->cmd == ASYNC_CMD_NONE || pwm->state != ASYNC_DONE)
766 return GPG_ERR_INV_ARG;
767
768 pwm->state = ASYNC_INIT;
769 pwm->cmd = ASYNC_CMD_NONE;
770
771 #ifdef HAVE_LIBGNUTLS
772 if (pwm->cmd == ASYNC_CMD_CONNECT || pwm->cmd == ASYNC_CMD_DNS) {
773 /* pwm is no longer a valid handle. */
774 if (pwm->tcp_conn->rc) {
775 free_tcp_conn(pwm->tcp_conn);
776 xfree(pwm);
777 }
778
779 free_tcp_conn(pwm->tcp_conn);
780 pwm->tcp_conn = NULL;
781 return 0;
782 }
783 #endif
784
785 if (pwm->fd < 0)
786 return GPG_ERR_INV_ARG;
787
788 pwm->state = ASYNC_INIT;
789 pwm->ntries = 0;
790 #ifdef WITH_PINENTRY
791 pwm->is_open_cmd = 0;
792 #endif
793 return 0;
794 }
795
796 static gpg_error_t do_nb_command(pwm_t *pwm, const char *cmd, const char *arg)
797 {
798 char *buf;
799 gpg_error_t rc;
800 size_t len = strlen(cmd) + 2;
801
802 len += arg ? strlen(arg) : 0;
803
804 if (pwm->state != ASYNC_INIT)
805 return GPG_ERR_UNEXPECTED;
806
807 buf = (char *)xmalloc(len);
808
809 if (!buf) {
810 rc = gpg_error_from_errno(ENOMEM);
811 goto fail;
812 }
813
814 snprintf(buf, len, "%s %s", cmd, arg ? arg : "");
815 rc = assuan_write_line(pwm->ctx, buf);
816 xfree(buf);
817
818 if (!rc)
819 pwm->state = ASYNC_PROCESS;
820
821 fail:
822 return rc;
823 }
824
825 gpg_error_t pwmd_open_async(pwm_t *pwm, const char *filename)
826 {
827 if (!pwm || !filename)
828 return GPG_ERR_INV_ARG;
829
830 /* For pinentry retries. */
831 if (!pwm->is_open_cmd) {
832 if (pwm->filename)
833 xfree(pwm->filename);
834
835 pwm->filename = xstrdup(filename);
836 }
837
838 pwm->is_open_cmd = 1;
839 return do_nb_command(pwm, "OPEN", filename);
840 }
841
842 gpg_error_t pwmd_save_async(pwm_t *pwm)
843 {
844 if (!pwm)
845 return GPG_ERR_INV_ARG;
846
847 return do_nb_command(pwm, "SAVE", NULL);
848 }
849
850 static gpg_error_t parse_assuan_line(pwm_t *pwm)
851 {
852 gpg_error_t rc;
853 char *line;
854 size_t len;
855
856 rc = assuan_read_line(pwm->ctx, &line, &len);
857
858 if (!rc) {
859 if (line[0] == 'O' && line[1] == 'K' &&
860 (line[2] == 0 || line[2] == ' ')) {
861 pwm->state = ASYNC_DONE;
862 }
863 else if (line[0] == '#') {
864 }
865 else if (line[0] == 'S' && (line[1] == 0 || line[1] == ' ')) {
866 if (pwm->status_func) {
867 pwm->status_func(pwm->status_data,
868 line[1] == 0 ? line+1 : line+2);
869 }
870 }
871 else if (line[0] == 'E' && line[1] == 'R' && line[2] == 'R' &&
872 (line[3] == 0 || line[3] == ' ')) {
873 line += 4;
874 rc = atoi(line);
875 pwm->state = ASYNC_DONE;
876 }
877 }
878
879 return rc;
880 }
881
882 pwmd_async_t pwmd_process(pwm_t *pwm, gpg_error_t *rc)
883 {
884 fd_set fds;
885 int n;
886 struct timeval tv = {0, 0};
887
888 *rc = 0;
889
890 if (!pwm) {
891 *rc = GPG_ERR_INV_ARG;
892 return ASYNC_DONE;
893 }
894
895 #ifdef HAVE_LIBGNUTLS
896 if (pwm->cmd == ASYNC_CMD_DNS) {
897 if (pwm->tcp_conn->rc) {
898 *rc = pwm->tcp_conn->rc;
899 close(pwm->tcp_conn->fd);
900 pwm->state = ASYNC_DONE;
901 }
902
903 event_loop(EVLOOP_NONBLOCK);
904 return pwm->state;
905 }
906 else if (pwm->cmd == ASYNC_CMD_CONNECT) {
907 if (pwm->tcp_conn->rc == GPG_ERR_EINPROGRESS) {
908 int ret;
909 socklen_t len = sizeof(int);
910
911 FD_ZERO(&fds);
912 FD_SET(pwm->tcp_conn->fd, &fds);
913 n = select(pwm->tcp_conn->fd+1, NULL, &fds, NULL, &tv);
914
915 if (!n || !FD_ISSET(pwm->tcp_conn->fd, &fds))
916 return pwm->state;
917 else if (n == -1) {
918 *rc = gpg_error_from_syserror();
919 close(pwm->tcp_conn->fd);
920 pwm->state = ASYNC_DONE;
921 return pwm->state;
922 }
923
924 ret = getsockopt(pwm->tcp_conn->fd, SOL_SOCKET, SO_ERROR, &n, &len);
925 if (ret || n) {
926 *rc = ret ? gpg_error_from_syserror() : gpg_error_from_errno(n);
927 close(pwm->tcp_conn->fd);
928 pwm->state = ASYNC_DONE;
929 return pwm->state;
930 }
931 }
932 else if (pwm->tcp_conn->rc) {
933 *rc = pwm->tcp_conn->rc;
934 close(pwm->tcp_conn->fd);
935 pwm->state = ASYNC_DONE;
936 return pwm->state;
937 }
938
939 fcntl(pwm->tcp_conn->fd, F_SETFL, 0);
940 setup_context(pwm, rc);
941 pwm->state = ASYNC_DONE;
942 return pwm->state;
943 }
944 #endif
945
946 if (pwm->fd < 0) {
947 *rc = GPG_ERR_INV_ARG;
948 return ASYNC_DONE;
949 }
950 else if (pwm->state == ASYNC_DONE)
951 return pwm->state;
952 else if (pwm->state == ASYNC_INIT) {
953 *rc = GPG_ERR_UNEXPECTED;
954 return ASYNC_DONE;
955 }
956
957 FD_ZERO(&fds);
958 FD_SET(pwm->fd, &fds);
959 #ifdef WITH_LIBPTH
960 n = pth_select(pwm->fd+1, &fds, NULL, NULL, &tv);
961 #else
962 n = select(pwm->fd+1, &fds, NULL, NULL, &tv);
963 #endif
964
965 if (n > 0) {
966 if (FD_ISSET(pwm->fd, &fds))
967 *rc = parse_assuan_line(pwm);
968 }
969
970 while (!*rc && assuan_pending_line(pwm->ctx))
971 *rc = parse_assuan_line(pwm);
972
973 if (pwm->is_open_cmd && gpg_err_code(*rc) == EPWMD_BADKEY &&
974 ++pwm->ntries < pwm->pinentry_tries) {
975 pwm->state = ASYNC_INIT;
976 *rc = pwmd_open_async(pwm, pwm->filename);
977 }
978
979 return pwm->state;
980 }
981
982 static gpg_error_t assuan_command(pwm_t *pwm, assuan_context_t ctx,
983 char **result, const char *cmd)
984 {
985 membuf_t data;
986 gpg_error_t rc;
987
988 data.len = 0;
989 data.buf = NULL;
990
991 rc = assuan_transact(ctx, cmd, mem_realloc_cb, &data, _inquire_cb, pwm,
992 pwm->status_func, pwm->status_data);
993
994 if (rc) {
995 if (data.buf) {
996 xfree(data.buf);
997 data.buf = NULL;
998 }
999 }
1000 else {
1001 if (data.buf) {
1002 mem_realloc_cb(&data, "", 1);
1003 *result = (char *)data.buf;
1004 }
1005 }
1006
1007 return gpg_err_code(rc);
1008 }
1009
1010 gpg_error_t pwmd_inquire(pwm_t *pwm, const char *cmd, pwmd_inquire_fn fn,
1011 void *data)
1012 {
1013 if (!pwm || !cmd || !fn)
1014 return GPG_ERR_INV_ARG;
1015
1016 pwm->inquire_func = fn;
1017 pwm->inquire_data = data;
1018 return assuan_command(pwm, pwm->ctx, NULL, cmd);
1019 }
1020
1021 gpg_error_t pwmd_terminate_pinentry(pwm_t *pwm)
1022 {
1023 #ifndef WITH_PINENTRY
1024 return GPG_ERR_NOT_IMPLEMENTED;
1025 #else
1026 if (!pwm || pwm->pid == -1)
1027 return GPG_ERR_INV_ARG;
1028
1029 if (kill(pwm->pid, 0) == 0) {
1030 if (kill(pwm->pid, SIGTERM) == -1) {
1031 if (kill(pwm->pid, SIGKILL) == -1)
1032 return gpg_error_from_errno(errno);
1033 }
1034
1035 pwm->pin_error = GPG_ERR_TIMEOUT;
1036 }
1037 else
1038 return gpg_error_from_errno(errno);
1039
1040 return 0;
1041 #endif
1042 }
1043
1044 #ifdef WITH_PINENTRY
1045 static gpg_error_t set_pinentry_strings(pwm_t *pwm, int which)
1046 {
1047 char *buf;
1048 char tmp[ASSUAN_LINELENGTH];
1049 gpg_error_t error;
1050
1051 if (!pwm->title)
1052 pwm->title = xstrdup(N_("LibPWMD"));
1053
1054 if (!pwm->prompt)
1055 pwm->prompt = xstrdup(N_("Passphrase:"));
1056
1057 if (!pwm->desc && !which)
1058 pwm->desc = xstrdup(N_("Enter a passphrase."));
1059
1060 if (which == 1) {
1061 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Invalid passphrase, please try again."));
1062 buf = xstrdup(tmp);
1063 }
1064 else if (which == 2) {
1065 snprintf(tmp, sizeof(tmp), "SETERROR %s", N_("Please type the passphrase again for confirmation."));
1066 buf = xstrdup(tmp);
1067 }
1068 else {
1069 buf = (char *)xmalloc(strlen("SETERROR ") + strlen(pwm->desc) + 1);
1070 sprintf(buf, "SETERROR %s", pwm->desc);
1071 }
1072
1073 error = pinentry_command(pwm, NULL, buf);
1074 xfree(buf);
1075
1076 if (error)
1077 return error;
1078
1079 buf = (char *)xmalloc(strlen("SETPROMPT ") + strlen(pwm->prompt) + 1);
1080 sprintf(buf, "SETPROMPT %s", pwm->prompt);
1081 error = pinentry_command(pwm, NULL, buf);
1082 xfree(buf);
1083
1084 if (error)
1085 return error;
1086
1087 buf = (char *)xmalloc(strlen("SETDESC ") + strlen(pwm->title) + 1);
1088 sprintf(buf, "SETDESC %s", pwm->title);
1089 error = pinentry_command(pwm, NULL, buf);
1090 xfree(buf);
1091 return error;
1092 }
1093
1094 static void update_pinentry_settings(pwm_t *pwm)
1095 {
1096 FILE *fp;
1097 char buf[LINE_MAX];
1098 struct passwd *pw = getpwuid(getuid());
1099 char *p;
1100
1101 snprintf(buf, sizeof(buf), "%s/.pwmd/pinentry.conf", pw->pw_dir);
1102
1103 if ((fp = fopen(buf, "r")) == NULL)
1104 return;
1105
1106 while ((p = fgets(buf, sizeof(buf), fp)) != NULL) {
1107 char name[32], val[256];
1108
1109 if (sscanf(p, " %31[a-zA-Z] = %255s", name, val) != 2)
1110 continue;
1111
1112 if (strcasecmp(name, "TTYNAME") == 0) {
1113 xfree(pwm->pinentry_tty);
1114 pwm->pinentry_tty = xstrdup(val);
1115 }
1116 else if (strcasecmp(name, "TTYTYPE") == 0) {
1117 xfree(pwm->pinentry_term);
1118 pwm->pinentry_term = xstrdup(val);
1119 }
1120 else if (strcasecmp(name, "DISPLAY") == 0) {
1121 xfree(pwm->pinentry_display);
1122 pwm->pinentry_display = xstrdup(val);
1123 }
1124 else if (strcasecmp(name, "PATH") == 0) {
1125 xfree(pwm->pinentry_path);
1126 pwm->pinentry_path = xstrdup(val);
1127 }
1128 }
1129
1130 fclose(fp);
1131 }
1132
1133 static gpg_error_t launch_pinentry(pwm_t *pwm)
1134 {
1135 int rc;
1136 assuan_context_t ctx;
1137 int child_list[] = {-1};
1138 char *display = getenv("DISPLAY");
1139 const char *argv[6];
1140 int have_display = 0;
1141 char *tty = NULL;
1142
1143 update_pinentry_settings(pwm);
1144
1145 if (pwm->pinentry_display || display)
1146 have_display = 1;
1147 else {
1148 tty = pwm->pinentry_tty ? pwm->pinentry_tty : ttyname(STDOUT_FILENO);
1149
1150 if (!tty)
1151 return gpg_error_from_errno(errno);
1152 }
1153
1154 if (!have_display && !tty)
1155 return GPG_ERR_ENOTTY;
1156
1157 argv[0] = "pinentry";
1158 argv[1] = have_display ? "--display" : "--ttyname";
1159 argv[2] = have_display ? pwm->pinentry_display ? pwm->pinentry_display : display : tty;
1160 argv[3] = NULL;
1161
1162 if (!have_display) {
1163 argv[3] = "--ttytype";
1164 argv[4] = pwm->pinentry_term ? pwm->pinentry_term : getenv("TERM");
1165 argv[5] = NULL;
1166 }
1167
1168 rc = assuan_pipe_connect(&ctx, pwm->pinentry_path ? pwm->pinentry_path : PINENTRY_PATH, argv, child_list);
1169
1170 if (rc)
1171 return rc;
1172
1173 pwm->pid = assuan_get_pid(ctx);
1174 pwm->pctx = ctx;
1175 return set_pinentry_strings(pwm, 0);
1176 }
1177
1178 static gpg_error_t pinentry_command(pwm_t *pwm, char **result, const char *cmd)
1179 {
1180 gpg_error_t n;
1181
1182 if (!pwm->pctx) {
1183 n = launch_pinentry(pwm);
1184
1185 if (n)
1186 return n;
1187 }
1188
1189 return assuan_command(pwm, pwm->pctx, result, cmd);
1190 }
1191
1192 static void pinentry_disconnect(pwm_t *pwm)
1193 {
1194 if (pwm->pctx)
1195 assuan_disconnect(pwm->pctx);
1196
1197 pwm->pctx = NULL;
1198 pwm->pid = -1;
1199 }
1200
1201 /*
1202 * Only called from a child process.
1203 */
1204 static void catchsig(int sig)
1205 {
1206 switch (sig) {
1207 case SIGALRM:
1208 if (gelapsed++ >= gtimeout) {
1209 global_error = pwmd_terminate_pinentry(gpwm);
1210
1211 if (!global_error)
1212 global_error = GPG_ERR_TIMEOUT;
1213
1214 break;
1215 }
1216
1217 alarm(1);
1218 break;
1219 default:
1220 break;
1221 }
1222 }
1223
1224 /*
1225 * Borrowed from libassuan.
1226 */
1227 static char *percent_escape(const char *atext)
1228 {
1229 const unsigned char *s;
1230 int len = strlen(atext) * 3 + 1;
1231 char *buf = (char *)xmalloc(len), *p = buf;
1232
1233 if (!buf)
1234 return NULL;
1235
1236 for (s=(const unsigned char *)atext; *s; s++) {
1237 if (*s < ' ') {
1238 sprintf (p, "%%%02X", *s);
1239 p += 3;
1240 }
1241 else
1242 *p++ = *s;
1243 }
1244
1245 *p = 0;
1246 return buf;
1247 }
1248 #endif
1249
1250 static gpg_error_t send_command(pwm_t *pwm, char **result, const char *cmd)
1251 {
1252 if (!cmd)
1253 return GPG_ERR_INV_ARG;
1254
1255 return assuan_command(pwm, pwm->ctx, result, cmd);
1256 }
1257
1258 /*
1259 * Avoid sending the BYE command here. libassuan will close the file
1260 * descriptor and release the assuan context. Use pwmd_close() instead.
1261 */
1262 gpg_error_t pwmd_command(pwm_t *pwm, char **result, const char *cmd, ...)
1263 {
1264 va_list ap;
1265 char *buf;
1266 size_t len;
1267 gpg_error_t error;
1268
1269 if (!pwm || !cmd)
1270 return GPG_ERR_INV_ARG;
1271
1272 *result = NULL;
1273 va_start(ap, cmd);
1274 /*
1275 * C99 allows the dst pointer to be null which will calculate the length
1276 * of the result and return it.
1277 */
1278 len = vsnprintf(NULL, 0, cmd, ap);
1279 buf = (char *)xmalloc(len + 1);
1280 len = vsnprintf(buf, len + 1, cmd, ap);
1281 va_end(ap);
1282 error = send_command(pwm, result, buf);
1283 xfree(buf);
1284 return error;
1285 }
1286
1287 #ifdef WITH_PINENTRY
1288 static gpg_error_t do_getpin(pwm_t *pwm, char **result)
1289 {
1290 if (gtimeout) {
1291 signal(SIGALRM, catchsig);
1292 alarm(1);
1293 }
1294
1295 *result = NULL;
1296 return pinentry_command(pwm, result, "GETPIN");
1297 }
1298
1299 static gpg_error_t getpin(pwm_t *pwm, char **result, int *try_n, int which)
1300 {
1301 int pin_try = *try_n;
1302 gpg_error_t error;
1303
1304 getpin_again:
1305 *try_n = pin_try;
1306
1307 if (pin_try == -1) {
1308 error = set_pinentry_strings(pwm, which);
1309
1310 if (error) {
1311 pinentry_disconnect(pwm);
1312 return error;
1313 }
1314 }
1315 else {
1316 if (pwm->pinentry_tries-1 != pin_try) {
1317 error = set_pinentry_strings(pwm, 1);
1318
1319 if (error) {
1320 pinentry_disconnect(pwm);
1321 return error;
1322 }
1323 }
1324 }
1325
1326 error = do_getpin(pwm, result);
1327
1328 /*
1329 * Since there was input cancel any timeout setting.
1330 */
1331 alarm(0);
1332
1333 if (error) {
1334 if (error == GPG_ERR_CANCELED)
1335 return GPG_ERR_CANCELED;
1336
1337 if (pin_try != -1 && pin_try--)
1338 goto getpin_again;
1339
1340 if (pwm->pctx)
1341 pinentry_disconnect(pwm);
1342
1343 *try_n = pin_try;
1344 return error;
1345 }
1346
1347 return 0;
1348 }
1349 #endif
1350
1351 gpg_error_t pwmd_open_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
1352 {
1353 gpg_error_t error;
1354
1355 #ifndef WITH_PINENTRY
1356 return GPG_ERR_NOT_IMPLEMENTED;
1357 #endif
1358
1359 if (!pwm || !pw || !pw->filename[0])
1360 return GPG_ERR_INV_ARG;
1361
1362 close(pw->fd);
1363
1364 if (pw->error) {
1365 error = pw->error;
1366 goto fail;
1367 }
1368
1369 if (pwm->filename)
1370 xfree(pwm->filename);
1371
1372 pwm->filename = xstrdup(pw->filename);
1373 memset(pw, 0, sizeof(pwmd_nb_status_t));
1374 return 0;
1375
1376 fail:
1377 memset(pw, 0, sizeof(pwmd_nb_status_t));
1378 return error;
1379 }
1380
1381 static gpg_error_t do_open_command(pwm_t *pwm, const char *filename, char *password)
1382 {
1383 char buf[ASSUAN_LINELENGTH];
1384 gpg_error_t error;
1385 char *result = NULL;
1386
1387 snprintf(buf, sizeof(buf), "OPEN %s %s", filename, password ? password : "");
1388 error = send_command(pwm, &result, buf);
1389 memset(buf, 0, sizeof(buf));
1390
1391 if (error && result)
1392 xfree(result);
1393
1394 return error;
1395 }
1396
1397 static int do_pwmd_open(pwm_t *pwm, gpg_error_t *error, const char *filename,
1398 int nb, int timeout)
1399 {
1400 char *result = NULL;
1401 char *password = NULL;
1402 char path[PATH_MAX];
1403 #ifdef WITH_PINENTRY
1404 int pin_try;
1405 #endif
1406
1407 if (!pwm || !filename || !*filename) {
1408 *error = GPG_ERR_INV_ARG;
1409 return nb ? -1 : 1;
1410 }
1411
1412 #ifdef WITH_PINENTRY
1413 pin_try = pwm->pinentry_tries - 1;
1414 #endif
1415
1416 /*
1417 * Avoid calling pinentry if the password is cached on the server or if
1418 * this is a new file.
1419 */
1420 *error = pwmd_command(pwm, &result, "GETCONFIG data_directory");
1421
1422 if (*error)
1423 return nb ? -1 : 1;
1424
1425 snprintf(path, sizeof(path), "%s/%s", result, filename);
1426 pwmd_free_result(result);
1427
1428 if (access(path, R_OK) == -1) {
1429 if (errno == ENOENT)
1430 goto gotpassword;
1431 }
1432
1433 *error = pwmd_command(pwm, &result, "ISCACHED %s", filename);
1434
1435 if (*error == EPWMD_CACHE_NOT_FOUND) {
1436 if (pwm->passfunc) {
1437 password = pwm->passfunc(pwm, pwm->passdata);
1438 goto gotpassword;
1439 }
1440
1441 #ifdef WITH_PINENTRY
1442 /*
1443 * Get the password from pinentry.
1444 */
1445 if (pwm->use_pinentry) {
1446 /*
1447 * Nonblocking is wanted. fork() then return a file descriptor
1448 * that the client can use to read() from.
1449 */
1450 if (nb) {
1451 int p[2];
1452 pid_t pid;
1453 pwmd_nb_status_t pw;
1454
1455 if (pipe(p) == -1) {
1456 *error = gpg_error_from_syserror();
1457 return -1;
1458 }
1459
1460 #ifdef WITH_LIBPTH
1461 pid = pth_fork();
1462 #else
1463 pid = fork();
1464 #endif
1465
1466 switch (pid) {
1467 case 0:
1468 close(p[0]);
1469 strncpy(pw.filename, filename, sizeof(pw.filename));
1470 pw.filename[sizeof(pw.filename)-1] = 0;
1471 pw.fd = p[0];
1472
1473 if (timeout > 0) {
1474 gpwm = pwm;
1475 gtimeout = timeout;
1476 gelapsed = 0;
1477 }
1478
1479 getpin_nb_again:
1480 *error = getpin(pwm, &password, &pin_try, 0);
1481
1482 if (*error) {
1483 getpin_nb_fail:
1484 if (pwm->pctx)
1485 pinentry_disconnect(pwm);
1486
1487 if (gtimeout && gelapsed >= gtimeout)
1488 *error = GPG_ERR_TIMEOUT;
1489
1490 pw.error = *error;
1491 #ifdef WITH_LIBPTH
1492 pth_write(p[1], &pw, sizeof(pw));
1493 #else
1494 write(p[1], &pw, sizeof(pw));
1495 #endif
1496 close(p[1]);
1497 _exit(1);
1498 }
1499
1500 /*
1501 * Don't count the time it takes to open the file
1502 * which may have many iterations.
1503 */
1504 signal(SIGALRM, SIG_DFL);
1505 *error = do_open_command(pwm, filename, password);
1506
1507 if (timeout)
1508 signal(SIGALRM, catchsig);
1509
1510 if (pwm->pctx && *error == EPWMD_BADKEY) {
1511 if (pin_try-- > 0)
1512 goto getpin_nb_again;
1513
1514 goto getpin_nb_fail;
1515 }
1516
1517 pinentry_disconnect(pwm);
1518 pw.error = 0;
1519 #ifdef WITH_LIBPTH
1520 pth_write(p[1], &pw, sizeof(pw));
1521 #else
1522 write(p[1], &pw, sizeof(pw));
1523 #endif
1524 close(p[1]);
1525 _exit(0);
1526 break;
1527 case -1:
1528 *error = gpg_error_from_syserror();
1529 close(p[0]);
1530 close(p[1]);
1531 return -1;
1532 default:
1533 break;
1534 }
1535
1536 close(p[1]);
1537 *error = 0;
1538 return p[0];
1539 }
1540 }
1541 else {
1542 #endif
1543 /*
1544 * Not using pinentry and the file was not found
1545 * in the cache.
1546 */
1547 password = pwm->password;
1548 #ifdef WITH_PINENTRY
1549 }
1550 #endif
1551 }
1552 else if (*error)
1553 return nb ? -1 : 1;
1554
1555 gotpassword:
1556 *error = do_open_command(pwm, filename, password);
1557
1558 /*
1559 * Keep the user defined password set with pwmd_setopt(). The password may
1560 * be needed later (pwmd_save()) depending on the pwmd file cache settings.
1561 */
1562 if (password && password != pwm->password)
1563 xfree(password);
1564
1565 #ifdef WITH_PINENTRY
1566 if (*error == EPWMD_BADKEY) {
1567 if (pin_try-- > 0 && !nb) {
1568 *error = pwmd_command(pwm, &result, "OPTION TITLE=%s",
1569 N_("Invalid passphrase, please try again."));
1570
1571 if (*error)
1572 return 1;
1573
1574 goto gotpassword;
1575 }
1576
1577 if (nb)
1578 pinentry_disconnect(pwm);
1579
1580 return nb ? -1 : 1;
1581 }
1582 #endif
1583
1584 if (!*error) {
1585 if (pwm->filename)
1586 xfree(pwm->filename);
1587
1588 pwm->filename = xstrdup(filename);
1589 }
1590
1591 /*
1592 * The file is cached or the file is a new file.
1593 */
1594 if (nb)
1595 return *error ? -1 : -2;
1596
1597 return *error ? 1 : 0;
1598 }
1599
1600 gpg_error_t pwmd_open(pwm_t *pwm, const char *filename)
1601 {
1602 gpg_error_t error;
1603
1604 do_pwmd_open(pwm, &error, filename, 0, 0);
1605 return error;
1606 }
1607
1608 int pwmd_open_nb(pwm_t *pwm, gpg_error_t *error, const char *filename,
1609 int timeout)
1610 {
1611 #ifndef WITH_PINENTRY
1612 *error = GPG_ERR_NOT_IMPLEMENTED;
1613 return -1;
1614 #else
1615 return do_pwmd_open(pwm, error, filename, 1, timeout);
1616 #endif
1617 }
1618
1619 #ifdef WITH_PINENTRY
1620 static gpg_error_t do_save_getpin(pwm_t *pwm, char **password)
1621 {
1622 int confirm = 0;
1623 gpg_error_t error;
1624 char *result = NULL;
1625 int pin_try = -1;
1626
1627 again:
1628 error = getpin(pwm, &result, &pin_try, confirm ? 2 : 0);
1629
1630 if (error) {
1631 if (pwm->pctx)
1632 pinentry_disconnect(pwm);
1633
1634 if (*password)
1635 xfree(*password);
1636
1637 return error;
1638 }
1639
1640 if (!confirm++) {
1641 *password = result;
1642 goto again;
1643 }
1644
1645 if (strcmp(*password, result)) {
1646 xfree(*password);
1647 xfree(result);
1648 pinentry_disconnect(pwm);
1649 error = EPWMD_BADKEY;
1650 return error;
1651 }
1652
1653 xfree(result);
1654 pinentry_disconnect(pwm);
1655 return 0;
1656 }
1657 #endif
1658
1659 static gpg_error_t do_save_command(pwm_t *pwm, char *password)
1660 {
1661 char buf[ASSUAN_LINELENGTH];
1662 gpg_error_t error;
1663 char *result = NULL;
1664
1665 snprintf(buf, sizeof(buf), "SAVE %s", password ? password : "");
1666 error = send_command(pwm, &result, buf);
1667 memset(&buf, 0, sizeof(buf));
1668
1669 if (error && result)
1670 xfree(result);
1671
1672 return error;
1673 }
1674
1675 gpg_error_t pwmd_save_nb_finalize(pwm_t *pwm, pwmd_nb_status_t *pw)
1676 {
1677 gpg_error_t rc;
1678
1679 #ifndef WITH_PINENTRY
1680 return GPG_ERR_NOT_IMPLEMENTED;
1681 #endif
1682
1683 if (!pwm || !pw || !pw->filename[0])
1684 return GPG_ERR_INV_ARG;
1685
1686 close(pw->fd);
1687 rc = pw->error;
1688 memset(pw, 0, sizeof(pwmd_nb_status_t));
1689 return rc;
1690 }
1691
1692 static int do_pwmd_save(pwm_t *pwm, gpg_error_t *error, int nb)
1693 {
1694 char *result = NULL;
1695 char *password = NULL;
1696
1697 if (!pwm) {
1698 *error = GPG_ERR_INV_ARG;
1699 return nb ? -1 : 1;
1700 }
1701
1702 if (pwm->use_pinentry || pwm->passfunc) {
1703 *error = pwmd_command(pwm, &result, "ISCACHED %s", pwm->filename);
1704
1705 if (*error == EPWMD_CACHE_NOT_FOUND) {
1706 #ifdef WITH_PINENTRY
1707 if (pwm->use_pinentry) {
1708 if (nb) {
1709 int p[2];
1710 pid_t pid;
1711 pwmd_nb_status_t pw;
1712
1713 if (pipe(p) == -1) {
1714 *error = gpg_error_from_syserror();
1715 return -1;
1716 }
1717
1718 #ifdef WITH_LIBPTH
1719 pid = pth_fork();
1720 #else
1721 pid = fork();
1722 #endif
1723
1724 switch (pid) {
1725 case 0:
1726 close(p[0]);
1727 strncpy(pw.filename, pwm->filename, sizeof(pw.filename));
1728 pw.filename[sizeof(pw.filename)-1] = 0;
1729 pw.fd = p[0];
1730
1731 do {
1732 password = NULL;
1733 *error = do_save_getpin(pwm, &password);
1734 } while (*error == EPWMD_BADKEY);
1735
1736 if (*error) {
1737 if (pwm->pctx)
1738 pinentry_disconnect(pwm);
1739
1740 pw.error = *error;
1741 #ifdef WITH_LIBPTH
1742 pth_write(p[1], &pw, sizeof(pw));
1743 #else
1744 write(p[1], &pw, sizeof(pw));
1745 #endif
1746 close(p[1]);
1747 _exit(1);
1748 }
1749
1750 *error = do_save_command(pwm, password);
1751 pinentry_disconnect(pwm);
1752 pw.error = *error;
1753 #ifdef WITH_LIBPTH
1754 pth_write(p[1], &pw, sizeof(pw));
1755 #else
1756 write(p[1], &pw, sizeof(pw));
1757 #endif
1758 close(p[1]);
1759 _exit(0);
1760 break;
1761 case -1:
1762 *error = gpg_error_from_syserror();
1763 close(p[0]);
1764 close(p[1]);
1765 return -1;
1766 default:
1767 break;
1768 }
1769
1770 close(p[1]);
1771 *error = 0;
1772 return p[0];
1773 }
1774
1775 *error = do_save_getpin(pwm, &password);
1776
1777 if (*error)
1778 return 1;
1779 }
1780 else {
1781 #endif
1782 if (pwm->passfunc)
1783 password = (*pwm->passfunc)(pwm, pwm->passdata);
1784 #ifdef WITH_PINENTRY
1785 }
1786 #endif
1787 }
1788 else {
1789 if (*error)
1790 return nb ? -1 : 1;
1791 }
1792 }
1793 else
1794 password = pwm->password;
1795
1796 *error = do_save_command(pwm, password);
1797
1798 if (password && password != pwm->password)
1799 xfree(password);
1800
1801 if (nb)
1802 return *error ? -1 : -2;
1803
1804 return *error ? 1 : 0;
1805 }
1806
1807 int pwmd_save_nb(pwm_t *pwm, gpg_error_t *error)
1808 {
1809 #ifndef WITH_PINENTRY
1810 *error = GPG_ERR_NOT_IMPLEMENTED;
1811 return -1;
1812 #else
1813 return do_pwmd_save(pwm, error, 1);
1814 #endif
1815 }
1816
1817 gpg_error_t pwmd_save(pwm_t *pwm)
1818 {
1819 gpg_error_t error;
1820
1821 do_pwmd_save(pwm, &error, 0);
1822 return error;
1823 }
1824
1825 gpg_error_t pwmd_setopt(pwm_t *pwm, pwmd_option_t opt, ...)
1826 {
1827 va_list ap;
1828 #ifdef WITH_PINENTRY
1829 int n = va_arg(ap, int);
1830 char *result;
1831 #endif
1832 char *arg1;
1833 gpg_error_t error = 0;
1834
1835 if (!pwm)
1836 return GPG_ERR_INV_ARG;
1837
1838 va_start(ap, opt);
1839
1840 switch (opt) {
1841 case PWMD_OPTION_STATUS_FUNC:
1842 pwm->status_func = va_arg(ap, pwmd_status_fn);
1843 break;
1844 case PWMD_OPTION_STATUS_DATA:
1845 pwm->status_data = va_arg(ap, void *);
1846 break;
1847 case PWMD_OPTION_PASSWORD_FUNC:
1848 pwm->passfunc = va_arg(ap, pwmd_password_fn);
1849 break;
1850 case PWMD_OPTION_PASSWORD_DATA:
1851 pwm->passdata = va_arg(ap, void *);
1852 break;
1853 case PWMD_OPTION_PASSWORD:
1854 arg1 = va_arg(ap, char *);
1855
1856 if (pwm->password)
1857 xfree(pwm->password);
1858
1859 pwm->password = xstrdup(arg1);
1860 break;
1861 #ifdef WITH_PINENTRY
1862 case PWMD_OPTION_PINENTRY:
1863 n = va_arg(ap, int);
1864
1865 if (n != 0 && n != 1) {
1866 va_end(ap);
1867 error = GPG_ERR_INV_VALUE;
1868 }
1869 else {
1870 pwm->use_pinentry = n;
1871 error = pwmd_command(pwm, &result, "OPTION PINENTRY=%i",
1872 !pwm->use_pinentry);
1873 }
1874 break;
1875 case PWMD_OPTION_PINENTRY_TRIES:
1876 n = va_arg(ap, int);
1877
1878 if (n <= 0) {
1879 va_end(ap);
1880 error = GPG_ERR_INV_VALUE;
1881 }
1882 else
1883 pwm->pinentry_tries = n;
1884 break;
1885 case PWMD_OPTION_PINENTRY_PATH:
1886 if (pwm->pinentry_path)
1887 xfree(pwm->pinentry_path);
1888
1889 pwm->pinentry_path = xstrdup(va_arg(ap, char *));
1890 break;
1891 case PWMD_OPTION_PINENTRY_TTY:
1892 if (pwm->pinentry_tty)
1893 xfree(pwm->pinentry_tty);
1894
1895 pwm->pinentry_tty = xstrdup(va_arg(ap, char *));
1896 break;
1897 case PWMD_OPTION_PINENTRY_DISPLAY:
1898 if (pwm->pinentry_display)
1899 xfree(pwm->pinentry_display);
1900
1901 pwm->pinentry_display = xstrdup(va_arg(ap, char *));
1902 break;
1903 case PWMD_OPTION_PINENTRY_TERM:
1904 if (pwm->pinentry_term)
1905 xfree(pwm->pinentry_term);
1906
1907 pwm->pinentry_term = xstrdup(va_arg(ap, char *));
1908 break;
1909 case PWMD_OPTION_PINENTRY_TITLE:
1910 if (pwm->title)
1911 xfree(pwm->title);
1912 pwm->title = percent_escape(va_arg(ap, char *));
1913 break;
1914 case PWMD_OPTION_PINENTRY_PROMPT:
1915 if (pwm->prompt)
1916 xfree(pwm->prompt);
1917 pwm->prompt = percent_escape(va_arg(ap, char *));
1918 break;
1919 case PWMD_OPTION_PINENTRY_DESC:
1920 if (pwm->desc)
1921 xfree(pwm->desc);
1922 pwm->desc = percent_escape(va_arg(ap, char *));
1923 break;
1924 #else
1925 case PWMD_OPTION_PINENTRY:
1926 case PWMD_OPTION_PINENTRY_TRIES:
1927 case PWMD_OPTION_PINENTRY_PATH:
1928 case PWMD_OPTION_PINENTRY_TTY:
1929 case PWMD_OPTION_PINENTRY_DISPLAY:
1930 case PWMD_OPTION_PINENTRY_TERM:
1931 case PWMD_OPTION_PINENTRY_TITLE:
1932 case PWMD_OPTION_PINENTRY_PROMPT:
1933 case PWMD_OPTION_PINENTRY_DESC:
1934 error = GPG_ERR_NOT_IMPLEMENTED;
1935 break;
1936 #endif
1937 default:
1938 error = GPG_ERR_NOT_IMPLEMENTED;
1939 break;
1940 }
1941
1942 va_end(ap);
1943 return error;
1944 }
1945
1946 gpg_error_t pwmd_assuan_ctx(pwm_t *pwm, assuan_context_t *ctx, int *fd)
1947 {
1948 if (!pwm)
1949 return GPG_ERR_INV_ARG;
1950
1951 *ctx = pwm->ctx;
1952 *fd = pwm->fd;
1953 return 0;
1954 }
An API for pwmd.