search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix PASSWD inquiring a passphrase when PWMD_NO_PASSPHRASE was set.
[pwmd.git] / src / pwmd.c
blob8f039c84be7b9df273a161cfe75d284a1da52fe0
1 /*
2 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013
3 Ben Kibbey <bjk@luxsci.net>
4
5 This file is part of pwmd.
6
7 Pwmd is free software: you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation, either version 2 of the License, or
10 (at your option) any later version.
11
12 Pwmd is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
19 */
20 #ifdef HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23
24 #include <stdio.h>
25 #include <stdlib.h>
26 #include <unistd.h>
27 #include <err.h>
28 #include <ctype.h>
29 #include <string.h>
30 #include <sys/socket.h>
31 #include <sys/un.h>
32 #include <signal.h>
33 #include <stdarg.h>
34 #include <string.h>
35 #include <sys/wait.h>
36 #include <fcntl.h>
37 #include <pwd.h>
38 #include <grp.h>
39 #include <pthread.h>
40 #include <sys/mman.h>
41 #include <termios.h>
42 #include <assert.h>
43 #include <syslog.h>
44 #include <netinet/in.h>
45 #include <arpa/inet.h>
46 #include <netdb.h>
47 #include <sys/time.h>
48 #include <sys/resource.h>
49 #include <setjmp.h>
50 #include <errno.h>
51
52 #ifdef TM_IN_SYS_TIME
53 #include <sys/time.h>
54 #else
55 #include <time.h>
56 #endif
57
58 #ifdef HAVE_LIMITS_H
59 #include <limits.h>
60 #endif
61
62 #ifdef HAVE_GETOPT_LONG
63 #ifdef HAVE_GETOPT_H
64 #include <getopt.h>
65 #endif
66 #else
67 #include "getopt_long.h"
68 #endif
69
70 #ifdef HAVE_PR_SET_NAME
71 #include <sys/prctl.h>
72 #endif
73
74 #include "pwmd-error.h"
75 #include <gcrypt.h>
76
77 #include "util-misc.h"
78 #include "mem.h"
79 #include "xml.h"
80 #include "common.h"
81 #include "commands.h"
82 #include "cache.h"
83 #include "util-string.h"
84 #include "mutex.h"
85 #include "rcfile.h"
86 #include "crypto.h"
87 #include "convert.h"
88 #include "pinentry.h"
89
90 /* In tenths of a second. */
91 #define SIG_TIMEOUT 1
92
93 /* For (tcp_)accept_thread (usec). */
94 #define ACCEPT_TIMEOUT 30000
95
96 static int quit;
97 static int exiting;
98 static int cmdline;
99 static jmp_buf jmp;
100 static int nofork;
101 static pthread_cond_t quit_cond;
102 static pthread_mutex_t quit_mutex;
103 static int no_passphrase_file = 0;
104 static pthread_t keepalive_tid;
105
106 #ifndef HAVE_PTHREAD_CANCEL
107 static pthread_key_t signal_thread_key;
108 #endif
109
110 #ifdef WITH_GNUTLS
111 static int tls_fd;
112 static int tls6_fd;
113 static pthread_t tls_tid;
114 static pthread_t tls6_tid;
115 static int spawned_tls;
116 static int spawned_tls6;
117
118 static int start_stop_tls (int term);
119 #endif
120
121 static int do_cache_push (const char *filename, struct crypto_s *crypto);
122 static int signal_loop (sigset_t sigset);
123
124 GCRY_THREAD_OPTION_PTHREAD_IMPL;
125
126 #ifndef HAVE_PTHREAD_CANCEL
127 #define INIT_THREAD_SIGNAL do { \
128 struct sigaction act; \
129 sigset_t sigset; \
130 sigemptyset (&sigset); \
131 sigaddset (&sigset, SIGUSR2); \
132 pthread_sigmask (SIG_UNBLOCK, &sigset, NULL); \
133 memset (&act, 0, sizeof(act)); \
134 act.sa_flags = SA_SIGINFO; \
135 act.sa_mask = sigset; \
136 act.sa_sigaction = catch_thread_signal; \
137 sigaction (SIGUSR2, &act, NULL); \
138 } while (0)
139
140 static void
141 catch_thread_signal (int sig, siginfo_t *info, void *ctx)
142 {
143 int *n = (int *) pthread_getspecific (signal_thread_key);
144
145 *n = 1;
146 pthread_setspecific (signal_thread_key, n);
147 }
148 #endif
149
150 static void
151 cache_push_from_rcfile ()
152 {
153 struct crypto_s *crypto = NULL;
154 char **cache_push;
155 gpg_error_t rc = init_client_crypto (&crypto);
156
157 if (rc)
158 {
159 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (rc));
160 return;
161 }
162
163 #ifdef WITH_AGENT
164 if (use_agent)
165 {
166 rc = set_agent_option (crypto->agent, "pinentry-mode", "error");
167 if (rc)
168 {
169 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (rc));
170 return;
171 }
172 }
173 #endif
174
175 cache_push = config_get_list ("global", "cache_push");
176 if (cache_push)
177 {
178 char **p;
179
180 for (p = cache_push; *p; p++)
181 {
182 (void) do_cache_push (*p, crypto);
183 cleanup_crypto_stage1 (crypto);
184 }
185
186 strv_free (cache_push);
187 }
188
189 #ifdef WITH_AGENT
190 (void) kill_scd (crypto->agent);
191 #endif
192 cleanup_crypto (&crypto);
193 }
194
195 static void
196 setup_logging ()
197 {
198 int n = config_get_boolean ("global", "enable_logging");
199
200 if (n)
201 {
202 char *p = config_get_string ("global", "log_path");
203
204 xfree (logfile);
205 logfile = expand_homedir (p);
206 xfree (p);
207 }
208 else
209 {
210 xfree (logfile);
211 logfile = NULL;
212 }
213
214 log_syslog = config_get_boolean ("global", "syslog");
215 if (log_syslog == 1)
216 openlog ("pwmd", LOG_NDELAY | LOG_PID, LOG_DAEMON);
217 }
218
219 static void *
220 reload_rcfile_thread (void *arg)
221 {
222 #ifndef HAVE_PTHREAD_CANCEL
223 int *n = xmalloc (sizeof (int));
224
225 *n = 0;
226 pthread_setspecific (signal_thread_key, n);
227 INIT_THREAD_SIGNAL;
228 #endif
229
230 #ifdef HAVE_PR_SET_NAME
231 prctl (PR_SET_NAME, "reload rcfile");
232 #endif
233 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
234 MUTEX_LOCK (&rcfile_mutex);
235 pthread_cleanup_push (cleanup_mutex_cb, &rcfile_mutex);
236
237 for (;;)
238 {
239 struct allowed_users_s
240 {
241 char *section;
242 char **users;
243 };
244 struct slist_s *allowed_users = NULL;
245 struct slist_s *config;
246 int b = disable_list_and_dump;
247 int exists;
248 int require_save_key = config_get_bool_param (global_config, "global",
249 "require_save_key",
250 &exists);
251 #ifdef WITH_GNUTLS
252 int tcp_require_key = config_get_bool_param (global_config, "global",
253 "tcp_require_key",
254 &exists);
255 #endif
256
257 pthread_cond_wait (&rcfile_cond, &rcfile_mutex);
258 #ifndef HAVE_PTHREAD_CANCEL
259 int *cancel = (int *) pthread_getspecific (signal_thread_key);
260 if (*cancel)
261 break;
262 #endif
263
264 /* Keep the "allowed" parameter across rcfile reloads to prevent
265 tampering. */
266 int n, t = slist_length (global_config);
267 for (n = 0; n < t; n++)
268 {
269 struct allowed_users_s *allowed;
270 struct config_section_s *section;
271 char **users;
272
273 section = slist_nth_data (global_config, n);
274 users = config_get_list_param (global_config, section->name,
275 "allowed", &exists);
276 if (users)
277 {
278 allowed = xmalloc (sizeof(struct allowed_users_s));
279 allowed->section = str_dup (section->name);
280 allowed->users = users;
281 allowed_users = slist_append (allowed_users, allowed);
282 }
283 }
284
285 log_write (_("reloading configuration file '%s'"), rcfile);
286 config = config_parse (rcfile);
287 if (config)
288 {
289 config_free (global_config);
290 global_config = config;
291 setup_logging ();
292 cache_push_from_rcfile ();
293 config_clear_keys ();
294 }
295
296 disable_list_and_dump = !disable_list_and_dump ? b : 1;
297 config_set_bool_param (&global_config, "global", "require_save_key",
298 require_save_key ? "true" : "false");
299 #ifdef WITH_GNUTLS
300 if (config_get_bool_param (global_config, "global", "tcp_require_key",
301 &exists) && exists)
302 tcp_require_key = 1;
303
304 config_set_bool_param (&global_config, "global", "tcp_require_key",
305 tcp_require_key ? "true" : "false");
306 #endif
307
308 if (allowed_users)
309 {
310 int n, t = slist_length (allowed_users);
311
312 for (n = 0; n < t; n++)
313 {
314 struct allowed_users_s *allowed;
315 char *tmp;
316
317 allowed = slist_nth_data (allowed_users, n);
318 tmp = strv_join (",", allowed->users);
319 config_set_list_param (&global_config, allowed->section,
320 "allowed", tmp);
321 xfree (tmp);
322 xfree (allowed->section);
323 strv_free (allowed->users);
324 xfree (allowed);
325 }
326
327 slist_free (allowed_users);
328 }
329
330 #ifdef WITH_GNUTLS
331 /* Kill existing listening threads since the configured listening
332 * protocols may have changed. */
333 start_stop_tls (1);
334 start_stop_tls (0);
335 #endif
336 }
337
338 pthread_cleanup_pop (1);
339 return NULL;
340 }
341
342 gpg_error_t
343 send_error (assuan_context_t ctx, gpg_error_t e)
344 {
345 struct client_s *client = assuan_get_pointer (ctx);
346
347 if (gpg_err_source (e) == GPG_ERR_SOURCE_UNKNOWN)
348 e = gpg_error (e);
349
350 if (client)
351 client->last_rc = e;
352
353 if (!e)
354 return assuan_process_done (ctx, 0);
355
356 if (!ctx)
357 {
358 log_write ("ERR %i: %s", e, pwmd_strerror (e));
359 return e;
360 }
361
362 if (client && gpg_err_code (e) == GPG_ERR_BAD_DATA)
363 {
364 xmlErrorPtr xe = client->xml_error;
365
366 if (!xe)
367 xe = xmlGetLastError ();
368 if (xe)
369 {
370 log_write ("%s", xe->message);
371 if (client->last_error)
372 xfree (client->last_error);
373
374 client->last_error = str_dup (xe->message);
375 }
376
377 e = assuan_process_done (ctx, assuan_set_error (ctx, e,
378 xe ? xe->message :
379 NULL));
380
381 if (xe == client->xml_error)
382 xmlResetError (xe);
383 else
384 xmlResetLastError ();
385
386 client->xml_error = NULL;
387 return e;
388 }
389
390 return assuan_process_done (ctx,
391 assuan_set_error (ctx, e, pwmd_strerror (e)));
392 }
393
394 int
395 assuan_log_cb (assuan_context_t ctx, void *data, unsigned cat,
396 const char *msg)
397 {
398 static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER;
399 int i, t;
400 int match = 0;
401
402 pthread_mutex_lock (&m);
403 pthread_cleanup_push ((void (*)(void *)) pthread_mutex_unlock, &m);
404 t = strv_length (debug_level);
405
406 for (i = 0; i < t; i++)
407 {
408 if (!strcasecmp (debug_level[i], (char *) "init")
409 && cat == ASSUAN_LOG_INIT)
410 {
411 match = 1;
412 break;
413 }
414
415 if (!strcasecmp (debug_level[i], (char *) "ctx")
416 && cat == ASSUAN_LOG_CTX)
417 {
418 match = 1;
419 break;
420 }
421
422 if (!strcasecmp (debug_level[i], (char *) "engine")
423 && cat == ASSUAN_LOG_ENGINE)
424 {
425 match = 1;
426 break;
427 }
428
429 if (!strcasecmp (debug_level[i], (char *) "data")
430 && cat == ASSUAN_LOG_DATA)
431 {
432 match = 1;
433 break;
434 }
435
436 if (!strcasecmp (debug_level[i], (char *) "sysio")
437 && cat == ASSUAN_LOG_SYSIO)
438 {
439 match = 1;
440 break;
441 }
442
443 if (!strcasecmp (debug_level[i], (char *) "control")
444 && cat == ASSUAN_LOG_CONTROL)
445 {
446 match = 1;
447 break;
448 }
449 }
450
451 if (match && msg)
452 {
453 if (logfile)
454 {
455 int fd;
456
457 if ((fd =
458 open (logfile, O_WRONLY | O_CREAT | O_APPEND, 0600)) == -1)
459 warn ("%s", logfile);
460 else
461 {
462 pthread_cleanup_push (cleanup_fd_cb, &fd);
463 write (fd, msg, strlen (msg));
464 pthread_cleanup_pop (1);
465 }
466 }
467
468 if (nofork)
469 {
470 fprintf (stderr, "%s%s", data ? (char *) data : "", msg);
471 fflush (stderr);
472 }
473 }
474
475 pthread_cleanup_pop (1);
476 return match;
477 }
478
479 void
480 log_write (const char *fmt, ...)
481 {
482 char *args, *line;
483 va_list ap;
484 struct tm *tm;
485 time_t now;
486 char tbuf[21];
487 int fd = -1;
488 char *name = NULL;
489 char buf[255];
490 pthread_t tid = pthread_self ();
491 static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER;
492
493 if ((!logfile && !isatty (STDERR_FILENO) && !log_syslog) || !fmt)
494 return;
495
496 pthread_mutex_lock (&m);
497 pthread_cleanup_push ((void (*)(void *)) pthread_mutex_unlock, &m);
498 pthread_cleanup_push (cleanup_fd_cb, &fd);
499
500 if (!cmdline && logfile)
501 {
502 if ((fd = open (logfile, O_WRONLY | O_CREAT | O_APPEND, 0600)) == -1)
503 warn ("%s", logfile);
504 }
505
506 va_start (ap, fmt);
507
508 if (str_vasprintf (&args, fmt, ap) != -1)
509 {
510 if (cmdline)
511 {
512 pthread_cleanup_push (xfree, args);
513 fprintf (stderr, "%s\n", args);
514 fflush (stderr);
515 pthread_cleanup_pop (1);
516 }
517 else
518 {
519 pthread_cleanup_push (xfree, args);
520 name = pthread_getspecific (thread_name_key);
521 snprintf (buf, sizeof (buf), "%s(%p): ", name ? name : _("unknown"),
522 (pthread_t *) tid);
523 name = buf;
524
525 if (!cmdline && log_syslog && !nofork)
526 syslog (LOG_INFO, "%s%s", name, args);
527
528 time (&now);
529 tm = localtime (&now);
530 strftime (tbuf, sizeof (tbuf), "%b %d %Y %H:%M:%S ", tm);
531 tbuf[sizeof (tbuf) - 1] = 0;
532
533 if (args[strlen (args) - 1] == '\n')
534 args[strlen (args) - 1] = 0;
535
536 line = str_asprintf ("%s %i %s%s\n", tbuf, getpid (), name, args);
537 pthread_cleanup_pop (1);
538 if (line)
539 {
540 pthread_cleanup_push (xfree, line);
541 if (logfile && fd != -1)
542 {
543 write (fd, line, strlen (line));
544 fsync (fd);
545 }
546
547 if (nofork)
548 {
549 fprintf (stdout, "%s", line);
550 fflush (stdout);
551 }
552
553 pthread_cleanup_pop (1);
554 }
555 }
556 }
557
558 va_end (ap);
559 pthread_cleanup_pop (1);
560 pthread_cleanup_pop (0);
561 pthread_mutex_unlock (&m);
562 }
563
564 #ifdef WITH_GNUTLS
565 static int
566 secure_mem_check (const void *arg)
567 {
568 return 1;
569 }
570 #endif
571
572 static gpg_error_t
573 setup_crypto ()
574 {
575 gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
576
577 if (!gcry_check_version (GCRYPT_VERSION))
578 {
579 fprintf (stderr, _("gcry_check_version(): Incompatible libgcrypt. "
580 "Wanted %s, got %s.\n"), GCRYPT_VERSION,
581 gcry_check_version (NULL));
582 return GPG_ERR_UNKNOWN_VERSION;
583 }
584
585 gcry_set_allocation_handler (xmalloc, xmalloc, NULL, xrealloc, xfree);
586 return 0;
587 }
588
589 #ifdef HAVE_GETGRNAM_R
590 gpg_error_t
591 do_validate_peer (assuan_context_t ctx, const char *section,
592 assuan_peercred_t * peer)
593 {
594 char **users;
595 int allowed = 0;
596 gpg_error_t rc;
597
598 rc = assuan_get_peercred (ctx, peer);
599 if (rc)
600 return rc;
601
602 users = config_get_list (section, "allowed");
603 if (users)
604 {
605 for (char **p = users; *p; p++)
606 {
607 struct passwd pw, *result;
608 struct group gr, *gresult;
609 char *buf = NULL;
610 char *user = *p;
611 int deny = (*user == '-') ? 1 : 0;
612
613 if (deny)
614 user++;
615
616 if (*user == '@') // all users in group
617 {
618 size_t len = sysconf (_SC_GETGR_R_SIZE_MAX);
619
620 if (len == -1)
621 len = 16384;
622
623 buf = xmalloc (len);
624 if (!buf)
625 {
626 strv_free (users);
627 return GPG_ERR_ENOMEM;
628 }
629
630 user++;
631 if (!getgrnam_r (user, &gr, buf, len, &gresult) && gresult)
632 {
633 if (gresult->gr_gid == (*peer)->gid)
634 {
635 xfree (buf);
636 allowed = !deny;
637 continue;
638 }
639
640 len = sysconf (_SC_GETPW_R_SIZE_MAX);
641 if (len == -1)
642 len = 16384;
643
644 char *tbuf = xmalloc (len);
645 for (char **t = gresult->gr_mem; *t; t++)
646 {
647 if (!getpwnam_r (*t, &pw, tbuf, len, &result) && result)
648 {
649 if (result->pw_uid == (*peer)->uid)
650 {
651 allowed = !deny;
652 break;
653 }
654 }
655 }
656 }
657 }
658 else
659 {
660 size_t len = sysconf (_SC_GETPW_R_SIZE_MAX);
661
662 if (len == -1)
663 len = 16384;
664
665 buf = xmalloc (len);
666
667 if (!buf)
668 {
669 strv_free (users);
670 return GPG_ERR_ENOMEM;
671 }
672
673 if (!getpwnam_r (user, &pw, buf, len, &result) && result)
674 {
675 if (result->pw_uid == (*peer)->uid)
676 allowed = !deny;
677 }
678 }
679
680 xfree (buf);
681 }
682
683 strv_free (users);
684 }
685
686 return allowed ? 0 : GPG_ERR_INV_USER_ID;
687 }
688 #else
689 gpg_error_t
690 do_validate_peer (assuan_context_t ctx, const char *section,
691 assuan_peercred_t * peer)
692 {
693 char **users;
694 int allowed = 0;
695 gpg_error_t rc;
696
697 rc = assuan_get_peercred (ctx, peer);
698 if (rc)
699 return rc;
700
701 users = config_get_list (section, "allowed");
702 if (users)
703 {
704 for (char **p = users; *p; p++)
705 {
706 struct passwd *result;
707 struct group *gresult;
708 char *user = *p;
709 int deny = (*user == '-') ? 1 : 0;
710
711 if (deny)
712 user++;
713
714 if (*user == '@') // all users in group
715 {
716 user++;
717 gresult = getgrnam (user);
718 if (gresult && gresult->gr_gid == (*peer)->gid)
719 {
720 allowed = !deny;
721 continue;
722 }
723
724 for (char **t = gresult->gr_mem; *t; t++)
725 {
726 result = getpwnam (*t);
727 if (result && result->pw_uid == (*peer)->uid)
728 {
729 allowed = !deny;
730 break;
731 }
732 }
733 }
734 else
735 {
736 result = getpwnam (user);
737 if (result && result->pw_uid == (*peer)->uid)
738 allowed = !deny;
739 }
740 }
741
742 strv_free (users);
743 }
744
745 return allowed ? 0 : GPG_ERR_INV_USER_ID;
746 }
747 #endif
748
749 static gpg_error_t
750 validate_peer (struct client_s *cl)
751 {
752 gpg_error_t rc;
753 assuan_peercred_t peer;
754
755 #ifdef WITH_GNUTLS
756 if (cl->thd->remote)
757 return tls_validate_access (cl, NULL);
758 #endif
759
760 rc = do_validate_peer (cl->ctx, "global", &peer);
761 if (!rc || gpg_err_code (rc) == GPG_ERR_INV_USER_ID)
762 log_write ("peer %s: uid=%i, gid=%i, pid=%i",
763 !rc ? _("accepted") : _("rejected"), peer->uid, peer->gid,
764 peer->pid);
765 else if (rc)
766 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (rc));
767
768 return rc;
769 }
770
771 static void
772 xml_error_cb (void *data, xmlErrorPtr e)
773 {
774 struct client_s *client = data;
775
776 /*
777 * Keep the first reported error as the one to show in the error
778 * description. Reset in send_error().
779 */
780 if (client->xml_error)
781 return;
782
783 xmlCopyError (e, client->xml_error);
784 }
785
786 static pid_t
787 hook_waitpid (assuan_context_t ctx, pid_t pid, int action,
788 int *status, int options)
789 {
790 return waitpid (pid, status, options);
791 }
792
793 static ssize_t
794 hook_read (assuan_context_t ctx, assuan_fd_t fd, void *data, size_t len)
795 {
796 #ifdef WITH_GNUTLS
797 struct client_s *client = assuan_get_pointer (ctx);
798
799 if (client->thd->remote)
800 return tls_read_hook (ctx, (int) fd, data, len);
801 #endif
802
803 return read ((int) fd, data, len);
804 }
805
806 static ssize_t
807 hook_write (assuan_context_t ctx, assuan_fd_t fd,
808 const void *data, size_t len)
809 {
810 #ifdef WITH_GNUTLS
811 struct client_s *client = assuan_get_pointer (ctx);
812
813 if (client->thd->remote)
814 return tls_write_hook (ctx, (int) fd, data, len);
815 #endif
816
817 return write ((int) fd, data, len);
818 }
819
820 static int
821 new_connection (struct client_s *cl)
822 {
823 gpg_error_t rc;
824 static struct assuan_malloc_hooks mhooks = { xmalloc, xrealloc, xfree };
825 static struct assuan_system_hooks shooks = {
826 ASSUAN_SYSTEM_HOOKS_VERSION,
827 __assuan_usleep,
828 __assuan_pipe,
829 __assuan_close,
830 hook_read,
831 hook_write,
832 //FIXME
833 NULL, //recvmsg
834 NULL, //sendmsg both are used for FD passing
835 __assuan_spawn,
836 hook_waitpid,
837 __assuan_socketpair,
838 __assuan_socket,
839 __assuan_connect
840 };
841
842 #ifdef WITH_GNUTLS
843 if (cl->thd->remote)
844 {
845 char *prio = config_get_string ("global", "tls_cipher_suite");
846
847 cl->thd->tls = tls_init (cl->thd->fd, cl->thd->timeout, prio);
848 xfree (prio);
849 if (!cl->thd->tls)
850 return 0;
851 }
852 #endif
853
854 rc = assuan_new_ext (&cl->ctx, GPG_ERR_SOURCE_DEFAULT, &mhooks,
855 debug_level ? assuan_log_cb : NULL, NULL);
856 if (rc)
857 goto fail;
858
859 assuan_ctx_set_system_hooks (cl->ctx, &shooks);
860 rc = assuan_init_socket_server (cl->ctx, cl->thd->fd, 2);
861 if (rc)
862 goto fail;
863
864 assuan_set_pointer (cl->ctx, cl);
865 assuan_set_hello_line (cl->ctx, PACKAGE_STRING);
866 rc = register_commands (cl->ctx);
867 if (rc)
868 goto fail;
869
870 #ifdef WITH_GNUTLS
871 if (cl->thd->remote)
872 {
873 cl->thd->timeout = config_get_integer ("global", "tls_timeout");
874 fcntl (cl->thd->fd, F_SETFL, O_NONBLOCK);
875 }
876 #endif
877
878 rc = assuan_accept (cl->ctx);
879 if (rc)
880 goto fail;
881
882 rc = validate_peer (cl);
883 /* May not be implemented on all platforms. */
884 if (rc && gpg_err_code (rc) != GPG_ERR_ASS_GENERAL)
885 goto fail;
886
887 rc = init_client_crypto (&cl->crypto);
888 if (rc)
889 goto fail;
890
891 #ifdef WITH_AGENT
892 if (use_agent)
893 cl->crypto->agent->client_ctx = cl->ctx;
894 #endif
895
896 cl->crypto->client_ctx = cl->ctx;
897 xmlSetStructuredErrorFunc (cl, xml_error_cb);
898 return 1;
899
900 fail:
901 log_write ("%s", pwmd_strerror (rc));
902 return 0;
903 }
904
905 /*
906 * This is called after a client_thread() terminates. Set with
907 * pthread_cleanup_push().
908 */
909 static void
910 cleanup_cb (void *arg)
911 {
912 struct client_thread_s *cn = arg;
913 struct client_s *cl = cn->cl;
914
915 MUTEX_LOCK (&cn_mutex);
916 cn_thread_list = slist_remove (cn_thread_list, cn);
917 MUTEX_UNLOCK (&cn_mutex);
918
919 if (cl)
920 {
921 cleanup_client (cl);
922
923 #ifdef WITH_GNUTLS
924 if (cn->tls)
925 {
926 gnutls_deinit (cn->tls->ses);
927 xfree (cn->tls->fp);
928 xfree (cn->tls);
929 }
930 #endif
931
932 if (!cn->atfork && cl->ctx)
933 assuan_release (cl->ctx);
934 else if (!cn->atfork && cl->thd && cl->thd->fd != -1)
935 close (cl->thd->fd);
936
937 if (cl->crypto)
938 cleanup_crypto (&cl->crypto);
939
940 pinentry_free_opts (&cl->pinentry_opts);
941 xfree (cl);
942 }
943 else
944 {
945 if (cn->fd != -1)
946 close (cn->fd);
947 }
948
949 while (cn->msg_queue)
950 {
951 struct status_msg_s *msg = cn->msg_queue;
952
953 cn->msg_queue = msg->next;
954 xfree (msg->line);
955 xfree (msg);
956 }
957
958 if (!cn->atfork && cn->status_msg_pipe[0] != -1)
959 close (cn->status_msg_pipe[0]);
960
961 if (!cn->atfork && cn->status_msg_pipe[1] != -1)
962 close (cn->status_msg_pipe[1]);
963
964 pthread_mutex_destroy (&cn->status_mutex);
965
966 if (!cn->atfork)
967 {
968 log_write (_("exiting, fd=%i"), cn->fd);
969 send_status_all (STATUS_CLIENTS, NULL);
970 }
971
972 xfree (cn);
973 pthread_cond_signal (&quit_cond);
974 }
975
976 void
977 cleanup_all_clients (int atfork)
978 {
979 /* This function may be called from pthread_atfork() which requires
980 reinitialization. */
981 if (atfork)
982 {
983 pthread_mutexattr_t attr;
984
985 pthread_mutexattr_init (&attr);
986 pthread_mutexattr_settype (&attr, PTHREAD_MUTEX_RECURSIVE);
987 pthread_mutex_init (&cn_mutex, &attr);
988 pthread_mutexattr_destroy (&attr);
989 cache_mutex_init ();
990 }
991
992 MUTEX_LOCK (&cn_mutex);
993
994 while (slist_length (cn_thread_list))
995 {
996 struct client_thread_s *thd = slist_nth_data (cn_thread_list, 0);
997
998 thd->atfork = atfork;
999 cleanup_cb (thd);
1000 }
1001
1002 exiting = 1;
1003 MUTEX_UNLOCK (&cn_mutex);
1004 cache_deinit (atfork);
1005 }
1006
1007 static gpg_error_t
1008 send_msg_queue (struct client_thread_s *thd)
1009 {
1010 MUTEX_LOCK (&thd->status_mutex);
1011 gpg_error_t rc = 0;
1012 char c;
1013
1014 read (thd->status_msg_pipe[0], &c, 1);
1015
1016 while (thd->msg_queue)
1017 {
1018 struct status_msg_s *msg = thd->msg_queue;
1019
1020 thd->msg_queue = thd->msg_queue->next;
1021 MUTEX_UNLOCK (&thd->status_mutex);
1022 rc = send_status (thd->cl->ctx, msg->s, msg->line);
1023 MUTEX_LOCK (&thd->status_mutex);
1024 xfree (msg->line);
1025 xfree (msg);
1026
1027 if (rc)
1028 break;
1029 }
1030
1031 MUTEX_UNLOCK (&thd->status_mutex);
1032 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1033 log_write ("%s: %s", __FUNCTION__, pwmd_strerror (rc));
1034
1035 return rc;
1036 }
1037
1038 static void *
1039 client_thread (void *data)
1040 {
1041 struct client_thread_s *thd = data;
1042 struct client_s *cl = xcalloc (1, sizeof (struct client_s));
1043
1044 #ifdef HAVE_PR_SET_NAME
1045 prctl (PR_SET_NAME, "client");
1046 #endif
1047 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1048
1049 if (!cl)
1050 {
1051 log_write ("%s(%i): %s", __FILE__, __LINE__,
1052 pwmd_strerror (GPG_ERR_ENOMEM));
1053 return NULL;
1054 }
1055
1056 MUTEX_LOCK (&cn_mutex);
1057 pthread_cleanup_push (cleanup_cb, thd);
1058 thd->cl = cl;
1059 cl->thd = thd;
1060 MUTEX_UNLOCK (&cn_mutex);
1061
1062 if (new_connection (cl))
1063 {
1064 int finished = 0;
1065 gpg_error_t rc;
1066
1067 send_status_all (STATUS_CLIENTS, NULL);
1068 rc = send_status (cl->ctx, STATUS_CACHE, NULL);
1069 if (rc)
1070 {
1071 log_write ("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror (rc));
1072 finished = 1;
1073 }
1074
1075 while (!finished)
1076 {
1077 fd_set rfds;
1078 int n;
1079 int eof;
1080
1081 FD_ZERO (&rfds);
1082 FD_SET (thd->fd, &rfds);
1083 FD_SET (thd->status_msg_pipe[0], &rfds);
1084 n = thd->fd > thd->status_msg_pipe[0]
1085 ? thd->fd : thd->status_msg_pipe[0];
1086
1087 n = select (n + 1, &rfds, NULL, NULL, NULL);
1088 if (n == -1)
1089 {
1090 log_write ("%s", strerror (errno));
1091 break;
1092 }
1093
1094 if (FD_ISSET (thd->status_msg_pipe[0], &rfds))
1095 {
1096 rc = send_msg_queue (thd);
1097 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1098 break;
1099 }
1100
1101 if (!FD_ISSET (thd->fd, &rfds))
1102 continue;
1103
1104 rc = assuan_process_next (cl->ctx, &eof);
1105 if (rc || eof)
1106 {
1107 if (gpg_err_code (rc) == GPG_ERR_EOF || eof)
1108 break;
1109
1110 log_write ("assuan_process_next(): rc=%i %s", rc,
1111 pwmd_strerror (rc));
1112 if (rc == gpg_error (GPG_ERR_ETIMEDOUT))
1113 break;
1114
1115 rc = send_error (cl->ctx, rc);
1116 if (rc)
1117 {
1118 log_write ("assuan_process_done(): rc=%i %s", rc,
1119 pwmd_strerror (rc));
1120 break;
1121 }
1122 }
1123
1124 /* Since the msg queue pipe fd's are non-blocking, check for
1125 * pending status msgs here. GPG_ERR_EPIPE can be seen when the
1126 * client has already disconnected and will be converted to
1127 * GPG_ERR_EOF during assuan_process_next().
1128 */
1129 rc = send_msg_queue (thd);
1130 if (rc && gpg_err_code (rc) != GPG_ERR_EPIPE)
1131 break;
1132 }
1133 }
1134
1135 pthread_cleanup_pop (1);
1136 return NULL;
1137 }
1138
1139 static int
1140 xml_import (const char *filename, const char *outfile,
1141 const char *keygrip, const char *sign_keygrip,
1142 const char *keyfile, int no_passphrase, const char *cipher,
1143 const char *params, unsigned long s2k_count, uint64_t iterations)
1144 {
1145 xmlDocPtr doc;
1146 int fd;
1147 struct stat st;
1148 int len;
1149 xmlChar *xmlbuf;
1150 xmlChar *xml;
1151 gpg_error_t rc;
1152 struct crypto_s *crypto = NULL;
1153 void *key = NULL;
1154 size_t keylen = 0;
1155 int algo = cipher ? cipher_string_to_gcrypt ((char *) cipher) :
1156 GCRY_CIPHER_AES256;
1157
1158 if (algo == -1)
1159 {
1160 log_write ("ERR %i: %s", gpg_error (GPG_ERR_CIPHER_ALGO),
1161 pwmd_strerror (GPG_ERR_CIPHER_ALGO));
1162 return 0;
1163 }
1164
1165 if (stat (filename, &st) == -1)
1166 {
1167 log_write ("%s: %s", filename,
1168 pwmd_strerror (gpg_error_from_errno (errno)));
1169 return 0;
1170 }
1171
1172 rc = init_client_crypto (&crypto);
1173 if (rc)
1174 return 0;
1175
1176 memcpy (&crypto->save.hdr, &crypto->hdr, sizeof (file_header_t));
1177 crypto->save.hdr.flags = set_cipher_flag (crypto->save.hdr.flags, algo);
1178 log_write (_("Importing XML from '%s'. Output will be written to '%s' ..."),
1179 filename, outfile);
1180
1181 if ((fd = open (filename, O_RDONLY)) == -1)
1182 {
1183 log_write ("%s: %s", filename,
1184 pwmd_strerror (gpg_error_from_errno (errno)));
1185 goto fail;
1186 }
1187
1188 if ((xmlbuf = xmalloc (st.st_size + 1)) == NULL)
1189 {
1190 close (fd);
1191 log_write ("%s(%i): %s", __FILE__, __LINE__,
1192 pwmd_strerror (GPG_ERR_ENOMEM));
1193 goto fail;
1194 }
1195
1196 if (read (fd, xmlbuf, st.st_size) == -1)
1197 {
1198 rc = gpg_error_from_errno (errno);
1199 close (fd);
1200 log_write ("%s: %s", filename, pwmd_strerror (rc));
1201 goto fail;
1202 }
1203
1204 close (fd);
1205 xmlbuf[st.st_size] = 0;
1206 /*
1207 * Make sure the document validates.
1208 */
1209 if ((doc = xmlReadDoc (xmlbuf, NULL, "UTF-8", XML_PARSE_NOBLANKS)) == NULL)
1210 {
1211 log_write ("xmlReadDoc() failed");
1212 xfree (xmlbuf);
1213 goto fail;
1214 }
1215
1216 xfree (xmlbuf);
1217 xmlNodePtr n = xmlDocGetRootElement (doc);
1218 if (n && !xmlStrEqual (n->name, (xmlChar *) "pwmd"))
1219 {
1220 log_write (_("Could not find root \"pwmd\" element."));
1221 rc = GPG_ERR_BAD_DATA;
1222 }
1223
1224 if (!rc)
1225 rc = validate_import (n ? n->children : n);
1226
1227 if (rc)
1228 {
1229 log_write ("ERR %i: %s", rc, pwmd_strerror (rc));
1230 xmlFreeDoc (doc);
1231 goto fail;
1232 }
1233
1234 xmlDocDumpMemory (doc, &xml, &len);
1235 xmlFreeDoc (doc);
1236 crypto->save.s2k_count = s2k_count;
1237 crypto->save.hdr.iterations = iterations;
1238 if (!use_agent)
1239 {
1240 rc = export_common (NULL, 0, crypto, xml, len, outfile, keyfile, &key,
1241 &keylen, 0, 0, no_passphrase);
1242 if (!rc)
1243 log_write (_("Success!"));
1244 }
1245 #ifdef WITH_AGENT
1246 else
1247 {
1248 rc = agent_set_pinentry_options (crypto->agent);
1249 if (!rc)
1250 rc = agent_export_common (crypto, keygrip, sign_keygrip, no_passphrase,
1251 xml, len, outfile, params, keyfile);
1252 }
1253 #endif
1254
1255 gcry_free (key);
1256 xmlFree (xml);
1257 if (rc)
1258 {
1259 send_error (NULL, rc);
1260 goto fail;
1261 }
1262
1263 cleanup_crypto (&crypto);
1264 return 1;
1265
1266 fail:
1267 cleanup_crypto (&crypto);
1268 return 0;
1269 }
1270
1271 static int
1272 do_cache_push (const char *filename, struct crypto_s *crypto)
1273 {
1274 unsigned char md5file[16];
1275 gpg_error_t rc;
1276 char *key = NULL;
1277 size_t keylen = 0;
1278 xmlDocPtr doc;
1279 struct cache_data_s *cdata;
1280 unsigned char *crc;
1281 size_t len;
1282
1283 log_write (_("Trying to add datafile '%s' to the file cache ..."),
1284 filename);
1285
1286 if (valid_filename (filename) == 0)
1287 {
1288 log_write (_("%s: Invalid characters in filename"), filename);
1289 return 0;
1290 }
1291
1292 rc = decrypt_common (NULL, 0, crypto, filename, &key, &keylen);
1293 if (rc)
1294 return 0;
1295
1296 doc = parse_doc ((char *) crypto->plaintext, crypto->plaintext_len);
1297 if (!doc)
1298 {
1299 log_write ("%s", pwmd_strerror (GPG_ERR_ENOMEM));
1300 xfree (key);
1301 return 0;
1302 }
1303
1304 gcry_md_hash_buffer (GCRY_MD_MD5, md5file, filename, strlen (filename));
1305 cdata = xcalloc (1, sizeof (struct cache_data_s));
1306 if (!cdata)
1307 {
1308 xmlFreeDoc (doc);
1309 log_write ("%s", pwmd_strerror (GPG_ERR_ENOMEM));
1310 xfree (key);
1311 return 0;
1312 }
1313
1314 rc = get_checksum (filename, &crc, &len);
1315 if (rc)
1316 {
1317 log_write ("ERR %i: %s", rc, pwmd_strerror (rc));
1318 xmlFreeDoc (doc);
1319 free_cache_data_once (cdata);
1320 xfree (key);
1321 return 0;
1322 }
1323
1324 cdata->crc = crc;
1325 rc = encrypt_xml (NULL, cache_key, cache_keysize, GCRY_CIPHER_AES,
1326 crypto->plaintext, crypto->plaintext_len, &cdata->doc,
1327 &cdata->doclen, &cache_iv, &cache_blocksize, 0);
1328 if (!rc && !IS_PKI (crypto))
1329 {
1330 cdata->key = key;
1331 cdata->keylen = keylen;
1332 }
1333 else
1334 xfree (key);
1335
1336 if (rc)
1337 {
1338 log_write ("ERR %i: %s", rc, pwmd_strerror (rc));
1339 xmlFreeDoc (doc);
1340 free_cache_data_once (cdata);
1341 return 0;
1342 }
1343
1344 #ifdef WITH_AGENT
1345 if (use_agent && IS_PKI (crypto))
1346 {
1347 gcry_sexp_build ((gcry_sexp_t *) & cdata->pubkey, NULL, "%S",
1348 crypto->pkey_sexp);
1349 gcry_sexp_build ((gcry_sexp_t *) & cdata->sigkey, NULL, "%S",
1350 crypto->sigpkey_sexp);
1351 }
1352 #endif
1353
1354 int timeout = config_get_integer (filename, "cache_timeout");
1355 cache_add_file (md5file, crypto->grip, cdata, timeout);
1356 log_write (_("Successfully added '%s' to the cache."), filename);
1357 return 1;
1358 }
1359
1360 static gpg_error_t
1361 init_client (int fd, const char *addr)
1362 {
1363 gpg_error_t rc = 0;
1364 struct client_thread_s *new = xcalloc (1, sizeof (struct client_thread_s));
1365
1366 if (!new)
1367 {
1368 close (fd);
1369 return GPG_ERR_ENOMEM;
1370 }
1371
1372 MUTEX_LOCK (&cn_mutex);
1373 pthread_cleanup_push (cleanup_mutex_cb, &cn_mutex);
1374
1375 if (pipe (new->status_msg_pipe) == -1)
1376 rc = gpg_error_from_errno (errno);
1377
1378 if (!rc)
1379 {
1380 fcntl (new->status_msg_pipe[0], F_SETFL, O_NONBLOCK);
1381 fcntl (new->status_msg_pipe[1], F_SETFL, O_NONBLOCK);
1382 pthread_mutex_init (&new->status_mutex, NULL);
1383 }
1384
1385 if (!rc)
1386 {
1387 #ifdef WITH_GNUTLS
1388 new->remote = addr ? 1 : 0;
1389 #endif
1390 new->fd = fd;
1391 rc = create_thread (client_thread, new, &new->tid, 1);
1392 if (rc)
1393 {
1394 close (new->status_msg_pipe[0]);
1395 close (new->status_msg_pipe[1]);
1396 pthread_mutex_destroy (&new->status_mutex);
1397 }
1398 }
1399
1400 if (!rc)
1401 {
1402 struct slist_s *list = slist_append (cn_thread_list, new);
1403
1404 if (list)
1405 {
1406 cn_thread_list = list;
1407 if (addr)
1408 log_write (_("new connection: tid=%p, fd=%i, addr=%s"),
1409 (pthread_t *) new->tid, fd, addr);
1410 else
1411 log_write (_("new connection: tid=%p, fd=%i"),
1412 (pthread_t *) new->tid, fd);
1413 }
1414 else
1415 rc = GPG_ERR_ENOMEM;
1416 }
1417
1418 pthread_cleanup_pop (1);
1419
1420 if (rc)
1421 {
1422 xfree (new);
1423 close (fd);
1424 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
1425 pwmd_strerror (rc));
1426 }
1427 return rc;
1428 }
1429
1430 static void*
1431 keepalive_thread (void *arg)
1432 {
1433 #ifndef HAVE_PTHREAD_CANCEL
1434 int *n = xmalloc (sizeof (int));
1435
1436 *n = 0;
1437 pthread_setspecific (signal_thread_key, n);
1438 INIT_THREAD_SIGNAL;
1439 #endif
1440
1441 #ifdef HAVE_PR_SET_NAME
1442 prctl (PR_SET_NAME, "keepalive");
1443 #endif
1444 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1445
1446 for (;;)
1447 {
1448 int n = config_get_integer ("global", "keepalive_interval");
1449 struct timeval tv = { n, 0 };
1450 #ifndef HAVE_PTHREAD_CANCEL
1451 int *sigusr2;
1452
1453 sigusr2 = (int *) pthread_getspecific (signal_thread_key);
1454 if (*sigusr2)
1455 break;
1456 #endif
1457
1458 send_status_all (STATUS_KEEPALIVE, NULL);
1459 select (0, NULL, NULL, NULL, &tv);
1460 }
1461
1462 return NULL;
1463 }
1464
1465 #ifdef WITH_GNUTLS
1466 /* From Beej's Guide to Network Programming. It's a good tutorial. */
1467 static void *
1468 get_in_addr (struct sockaddr *sa)
1469 {
1470 if (sa->sa_family == AF_INET)
1471 return &(((struct sockaddr_in *) sa)->sin_addr);
1472
1473 return &(((struct sockaddr_in6 *) sa)->sin6_addr);
1474 }
1475
1476 static void *
1477 tcp_accept_thread (void *arg)
1478 {
1479 int sockfd = *(int *) arg;
1480 #ifndef HAVE_PTHREAD_CANCEL
1481 int *n = xmalloc (sizeof (int));
1482
1483 *n = 0;
1484 pthread_setspecific (signal_thread_key, n);
1485 INIT_THREAD_SIGNAL;
1486 fcntl (sockfd, F_SETFL, O_NONBLOCK);
1487 #endif
1488
1489 #ifdef HAVE_PR_SET_NAME
1490 prctl (PR_SET_NAME, "tcp_accept");
1491 #endif
1492 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1493
1494 for (;;)
1495 {
1496 struct sockaddr_storage raddr;
1497 socklen_t slen = sizeof (raddr);
1498 int fd = -1;
1499 unsigned long n;
1500 char s[INET6_ADDRSTRLEN];
1501 struct timeval tv = { 0, ACCEPT_TIMEOUT };
1502 #ifndef HAVE_PTHREAD_CANCEL
1503 int *sigusr2;
1504
1505 sigusr2 = (int *) pthread_getspecific (signal_thread_key);
1506 if (*sigusr2)
1507 break;
1508 #endif
1509
1510 fd = accept (sockfd, (struct sockaddr *) &raddr, &slen);
1511 if (fd == -1)
1512 {
1513 if (errno == EMFILE || errno == ENFILE)
1514 log_write ("accept(): %s",
1515 pwmd_strerror (gpg_error_from_errno (errno)));
1516 else if (errno != EAGAIN)
1517 {
1518 if (!quit) // probably EBADF
1519 log_write ("accept(): %s", strerror (errno));
1520
1521 break;
1522 }
1523
1524 #ifndef HAVE_PTHREAD_CANCEL
1525 select (0, NULL, NULL, NULL, &tv);
1526 #endif
1527 continue;
1528 }
1529
1530 if (quit)
1531 break;
1532
1533 inet_ntop (raddr.ss_family, get_in_addr ((struct sockaddr *) &raddr),
1534 s, sizeof s);
1535 (void) init_client (fd, s);
1536 n = config_get_integer ("global", "tcp_wait");
1537 if (n > 0)
1538 {
1539 tv.tv_sec = (n * 100000) / 100000;
1540 tv.tv_usec = (n * 100000) % 100000;
1541 select (0, NULL, NULL, NULL, &tv);
1542 }
1543 }
1544
1545 return NULL;
1546 }
1547
1548 static int
1549 start_stop_tls_with_protocol (int ipv6, int term)
1550 {
1551 struct addrinfo hints, *servinfo, *p;
1552 int port = config_get_integer ("global", "tcp_port");
1553 char buf[7];
1554 int n;
1555 gpg_error_t rc;
1556 int *fd = ipv6 ? &tls6_fd : &tls_fd;
1557
1558 if (term || config_get_boolean ("global", "enable_tcp") == 0)
1559 {
1560 if (tls6_fd != -1)
1561 {
1562 if (spawned_tls6)
1563 {
1564 #ifdef HAVE_PTHREAD_CANCEL
1565 pthread_cancel (tls6_tid);
1566 #else
1567 pthread_kill (tls6_tid, SIGUSR2);
1568 #endif
1569 pthread_join (tls6_tid, NULL);
1570 }
1571
1572 shutdown (tls6_fd, SHUT_RDWR);
1573 close (tls6_fd);
1574 tls6_fd = -1;
1575 spawned_tls6 = 0;
1576 }
1577
1578 if (tls_fd != -1)
1579 {
1580 if (spawned_tls)
1581 {
1582 #ifdef HAVE_PTHREAD_CANCEL
1583 pthread_cancel (tls_tid);
1584 #else
1585 pthread_kill (tls_tid, SIGUSR2);
1586 #endif
1587 pthread_join (tls_tid, NULL);
1588 }
1589
1590 shutdown (tls_fd, SHUT_RDWR);
1591 close (tls_fd);
1592 tls_fd = -1;
1593 spawned_tls = 0;
1594 }
1595
1596 /* A client may still be connected. */
1597 if (!quit && x509_cred != NULL)
1598 tls_deinit_params ();
1599
1600 return 1;
1601 }
1602
1603 if ((ipv6 && tls6_fd != -1) || (!ipv6 && tls_fd != -1))
1604 return 1;
1605
1606 memset (&hints, 0, sizeof (hints));
1607 hints.ai_family = ipv6 ? AF_INET6 : AF_INET;
1608 hints.ai_socktype = SOCK_STREAM;
1609 hints.ai_flags = AI_PASSIVE;
1610 snprintf (buf, sizeof (buf), "%i", port);
1611
1612 if ((n = getaddrinfo (NULL, buf, &hints, &servinfo)) == -1)
1613 {
1614 log_write ("getaddrinfo(): %s", gai_strerror (n));
1615 return 0;
1616 }
1617
1618 for (n = 0, p = servinfo; p != NULL; p = p->ai_next)
1619 {
1620 int r = 1;
1621
1622 if ((ipv6 && p->ai_family != AF_INET6)
1623 || (!ipv6 && p->ai_family != AF_INET))
1624 continue;
1625
1626 if ((*fd = socket (p->ai_family, p->ai_socktype, p->ai_protocol)) == -1)
1627 {
1628 log_write ("socket(): %s", strerror (errno));
1629 continue;
1630 }
1631
1632 if (setsockopt (*fd, SOL_SOCKET, SO_REUSEADDR, &r, sizeof (int)) == -1)
1633 {
1634 log_write ("setsockopt(): %s",
1635 pwmd_strerror (gpg_error_from_errno (errno)));
1636 freeaddrinfo (servinfo);
1637 goto fail;
1638 }
1639
1640 if (bind (*fd, p->ai_addr, p->ai_addrlen) == -1)
1641 {
1642 close (*fd);
1643 log_write ("bind(): %s",
1644 pwmd_strerror (gpg_error_from_errno (errno)));
1645 continue;
1646 }
1647
1648 n++;
1649 break;
1650 }
1651
1652 freeaddrinfo (servinfo);
1653
1654 if (!n)
1655 goto fail;
1656
1657 #if HAVE_DECL_SO_BINDTODEVICE != 0
1658 char *tmp = config_get_string ("global", "tcp_interface");
1659 if (tmp && setsockopt (*fd, SOL_SOCKET, SO_BINDTODEVICE, tmp,
1660 strlen (tmp)) == -1)
1661 {
1662 log_write ("setsockopt(): %s",
1663 pwmd_strerror (gpg_error_from_errno (errno)));
1664 xfree (tmp);
1665 goto fail;
1666 }
1667
1668 xfree (tmp);
1669 #endif
1670
1671 if (x509_cred == NULL)
1672 {
1673 rc = tls_init_params ();
1674 if (rc)
1675 goto fail;
1676 }
1677
1678 if (listen (*fd, 0) == -1)
1679 {
1680 log_write ("listen(): %s", strerror (errno));
1681 goto fail;
1682 }
1683
1684 if (ipv6)
1685 rc = create_thread (tcp_accept_thread, fd, &tls6_tid, 0);
1686 else
1687 rc = create_thread (tcp_accept_thread, fd, &tls_tid, 0);
1688
1689 if (rc)
1690 {
1691 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
1692 pwmd_strerror (rc));
1693 goto fail;
1694 }
1695
1696 if (ipv6)
1697 spawned_tls6 = 1;
1698 else
1699 spawned_tls = 1;
1700
1701 return 1;
1702
1703 fail:
1704 start_stop_tls_with_protocol (0, 1);
1705 if (tls_fd != -1)
1706 close (tls_fd);
1707
1708 if (tls6_fd != -1)
1709 close (tls6_fd);
1710
1711 tls_fd = -1;
1712 tls6_fd = -1;
1713 return 0;
1714 }
1715
1716 static int
1717 start_stop_tls (int term)
1718 {
1719 char *s = config_get_string ("global", "tcp_bind");
1720 int b;
1721
1722 if (!s)
1723 return 0;
1724
1725 if (!strcmp (s, "any"))
1726 {
1727 b = start_stop_tls_with_protocol (0, term);
1728 if (b)
1729 b = start_stop_tls_with_protocol (1, term);
1730 }
1731 else if (!strcmp (s, "ipv4"))
1732 b = start_stop_tls_with_protocol (0, term);
1733 else if (!strcmp (s, "ipv6"))
1734 b = start_stop_tls_with_protocol (1, term);
1735 else
1736 b = 0;
1737
1738 xfree (s);
1739 return b;
1740 }
1741 #endif
1742
1743 static void *
1744 accept_thread (void *arg)
1745 {
1746 int sockfd = *(int *) arg;
1747 #ifndef HAVE_PTHREAD_CANCEL
1748 int *n = xmalloc (sizeof (int));
1749
1750 *n = 0;
1751 pthread_setspecific (signal_thread_key, n);
1752 INIT_THREAD_SIGNAL;
1753 fcntl (sockfd, F_SETFL, O_NONBLOCK);
1754 #endif
1755
1756 #ifdef HAVE_PR_SET_NAME
1757 prctl (PR_SET_NAME, "accept");
1758 #endif
1759 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1760
1761 for (;;)
1762 {
1763 socklen_t slen = sizeof (struct sockaddr_un);
1764 struct sockaddr_un raddr;
1765 int fd;
1766 #ifndef HAVE_PTHREAD_CANCEL
1767 struct timeval tv = { 0, ACCEPT_TIMEOUT };
1768 int *sigusr2 = (int *) pthread_getspecific (signal_thread_key);
1769
1770 if (*sigusr2)
1771 break;
1772 #endif
1773
1774 fd = accept (sockfd, (struct sockaddr *) &raddr, &slen);
1775 if (fd == -1)
1776 {
1777 if (errno == EMFILE || errno == ENFILE)
1778 log_write ("accept(): %s",
1779 pwmd_strerror (gpg_error_from_errno (errno)));
1780 else if (errno != EAGAIN)
1781 {
1782 if (!quit) // probably EBADF
1783 log_write ("accept(): %s",
1784 pwmd_strerror (gpg_error_from_errno (errno)));
1785
1786 break;
1787 }
1788
1789 #ifndef HAVE_PTHREAD_CANCEL
1790 select (0, NULL, NULL, NULL, &tv);
1791 #endif
1792 continue;
1793 }
1794
1795 (void) init_client (fd, NULL);
1796 }
1797
1798 /* Just in case accept() failed for some reason other than EBADF */
1799 quit = 1;
1800 return NULL;
1801 }
1802
1803 static void *
1804 cache_timer_thread (void *arg)
1805 {
1806 #ifndef HAVE_PTHREAD_CANCEL
1807 int *n = xmalloc (sizeof (int));
1808
1809 *n = 0;
1810 pthread_setspecific (signal_thread_key, n);
1811 INIT_THREAD_SIGNAL;
1812 #endif
1813
1814 #ifdef HAVE_PR_SET_NAME
1815 prctl (PR_SET_NAME, "cache timer");
1816 #endif
1817 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1818
1819 for (;;)
1820 {
1821 struct timeval tv = { 1, 0 };
1822 #ifndef HAVE_PTHREAD_CANCEL
1823 int *n;
1824
1825 n = (int *) pthread_getspecific (signal_thread_key);
1826 if (*n)
1827 break;
1828 #endif
1829
1830 select (0, NULL, NULL, NULL, &tv);
1831 cache_adjust_timeout ();
1832 }
1833
1834 return NULL;
1835 }
1836
1837 static int
1838 signal_loop (sigset_t sigset)
1839 {
1840 int done = 0;
1841 int siint = 0;
1842
1843 do
1844 {
1845 int sig;
1846
1847 sigwait (&sigset, &sig);
1848
1849 if (sig != SIGQUIT)
1850 log_write (_("caught signal %i (%s)"), sig, strsignal (sig));
1851
1852 switch (sig)
1853 {
1854 case SIGHUP:
1855 pthread_cond_signal (&rcfile_cond);
1856 break;
1857 case SIGUSR1:
1858 log_write (_("clearing file cache"));
1859 cache_clear (NULL);
1860 send_status_all (STATUS_CACHE, NULL);
1861 break;
1862 case SIGQUIT:
1863 done = 1;
1864 break;
1865 default:
1866 siint = 1;
1867 done = 1;
1868 break;
1869 }
1870 }
1871 while (!done);
1872
1873 return siint;
1874 }
1875
1876 static void
1877 catchsig (int sig)
1878 {
1879 log_write (_ ("Caught signal %i (%s). Exiting."), sig, strsignal (sig));
1880 #ifdef HAVE_BACKTRACE
1881 BACKTRACE (__FUNCTION__);
1882 #endif
1883 longjmp (jmp, 1);
1884 }
1885
1886 static void *
1887 waiting_for_exit (void *arg)
1888 {
1889 int last = 0;
1890 #ifndef HAVE_PTHREAD_CANCEL
1891 int *n = xmalloc (sizeof (int));
1892
1893 *n = 0;
1894 pthread_setspecific (signal_thread_key, n);
1895 INIT_THREAD_SIGNAL;
1896 #endif
1897
1898 #ifdef HAVE_PR_SET_NAME
1899 prctl (PR_SET_NAME, "exiting");
1900 #endif
1901 pthread_setspecific (thread_name_key, str_dup (__FUNCTION__));
1902 log_write (_("waiting for all clients to disconnect"));
1903 MUTEX_LOCK (&quit_mutex);
1904 pthread_cleanup_push (cleanup_mutex_cb, &quit_mutex);
1905
1906 for (;;)
1907 {
1908 struct timespec ts;
1909 int n;
1910
1911 MUTEX_LOCK (&cn_mutex);
1912 n = slist_length (cn_thread_list);
1913 MUTEX_UNLOCK (&cn_mutex);
1914 if (!n)
1915 break;
1916
1917 #ifndef HAVE_PTHREAD_CANCEL
1918 int *s = (int *) pthread_getspecific (signal_thread_key);
1919 if (*s)
1920 break;
1921 #endif
1922
1923 if (last != n)
1924 {
1925 log_write (_("%i clients remain"), n);
1926 last = n;
1927 }
1928
1929 INIT_TIMESPEC (SIG_TIMEOUT, ts);
1930 pthread_cond_timedwait (&quit_cond, &quit_mutex, &ts);
1931 }
1932
1933 kill (getpid (), SIGQUIT);
1934 pthread_cleanup_pop (1);
1935 return NULL;
1936 }
1937
1938 static int
1939 server_loop (int sockfd, char **socketpath)
1940 {
1941 pthread_t accept_tid;
1942 pthread_t cache_timeout_tid;
1943 int cancel_timeout_thread = 0, cancel_accept_thread = 0;
1944 int cancel_keepalive_thread = 0;
1945 sigset_t sigset;
1946 int n;
1947 int segv = 0;
1948 gpg_error_t rc;
1949
1950 init_commands ();
1951 sigemptyset (&sigset);
1952
1953 /* Termination */
1954 sigaddset (&sigset, SIGTERM);
1955 sigaddset (&sigset, SIGINT);
1956
1957 /* Clears the file cache. */
1958 sigaddset (&sigset, SIGUSR1);
1959
1960 /* Configuration file reloading. */
1961 sigaddset (&sigset, SIGHUP);
1962
1963 /* For exiting cleanly. */
1964 sigaddset (&sigset, SIGQUIT);
1965
1966 #ifndef HAVE_PTHREAD_CANCEL
1967 /*
1968 The socket, cache and rcfile threads use this signal when
1969 pthread_cancel() is unavailable. Prevent the main thread from
1970 catching this signal from another process.
1971 */
1972 sigaddset (&sigset, SIGUSR2);
1973 #endif
1974
1975 /* When mem.c cannot find a pointer in the list (double free). */
1976 signal (SIGABRT, catchsig);
1977 sigaddset (&sigset, SIGABRT);
1978 sigprocmask (SIG_BLOCK, &sigset, NULL);
1979
1980 #ifndef HAVE_PTHREAD_CANCEL
1981 /* Remove this signal from the watched signals in signal_loop(). */
1982 sigdelset (&sigset, SIGUSR2);
1983 #endif
1984
1985 /* Ignored everywhere. When a client disconnects abnormally this signal
1986 * gets raised. It isn't needed though because client_thread() will check
1987 * for rcs even after the client disconnects. */
1988 signal (SIGPIPE, SIG_IGN);
1989
1990 /* Can show a backtrace of the stack in the log. */
1991 signal (SIGSEGV, catchsig);
1992
1993 #ifdef WITH_GNUTLS
1994 /* Needs to be done after the fork(). */
1995 if (!start_stop_tls (0))
1996 {
1997 segv = 1;
1998 goto done;
1999 }
2000 #endif
2001
2002 pthread_mutex_init (&quit_mutex, NULL);
2003 pthread_cond_init (&quit_cond, NULL);
2004 log_write (_("%s started for user %s"), PACKAGE_STRING, get_username ());
2005
2006 #ifdef WITH_GNUTLS
2007 if (config_get_boolean ("global", "enable_tcp"))
2008 log_write (_("Listening on %s and TCP port %i"), *socketpath,
2009 config_get_integer ("global", "tcp_port"));
2010 else
2011 log_write (_("Listening on %s"), *socketpath);
2012 #else
2013 log_write (_("Listening on %s"), *socketpath);
2014 #endif
2015
2016 rc = create_thread (keepalive_thread, NULL, &keepalive_tid, 0);
2017 if (rc)
2018 {
2019 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2020 pwmd_strerror (rc));
2021 goto done;
2022 }
2023
2024 cancel_keepalive_thread = 1;
2025 rc = create_thread (reload_rcfile_thread, NULL, &rcfile_tid, 0);
2026 if (rc)
2027 {
2028 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2029 pwmd_strerror (rc));
2030 goto done;
2031 }
2032
2033 rc = create_thread (cache_timer_thread, NULL, &cache_timeout_tid, 0);
2034 if (rc)
2035 {
2036 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2037 pwmd_strerror (rc));
2038 goto done;
2039 }
2040
2041 cancel_timeout_thread = 1;
2042 rc = create_thread (accept_thread, &sockfd, &accept_tid, 0);
2043 if (rc)
2044 {
2045 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2046 pwmd_strerror (rc));
2047 goto done;
2048 }
2049
2050 cancel_accept_thread = 1;
2051 if (!setjmp (jmp))
2052 signal_loop (sigset);
2053 else
2054 segv = 1;
2055
2056 done:
2057 /*
2058 * We're out of the main server loop. This happens when a signal was sent
2059 * to terminate the daemon. We'll wait for all clients to disconnect
2060 * before exiting but exit immediately if another termination signal is
2061 * sent.
2062 */
2063 if (cancel_accept_thread)
2064 {
2065 #ifdef HAVE_PTHREAD_CANCEL
2066 int n = pthread_cancel (accept_tid);
2067 #else
2068 int n = pthread_kill (accept_tid, SIGUSR2);
2069 #endif
2070 if (!n)
2071 pthread_join (accept_tid, NULL);
2072 }
2073
2074 #ifdef WITH_GNUTLS
2075 start_stop_tls (1);
2076 #endif
2077 shutdown (sockfd, SHUT_RDWR);
2078 close (sockfd);
2079 unlink (*socketpath);
2080 xfree (*socketpath);
2081 *socketpath = NULL;
2082 MUTEX_LOCK (&cn_mutex);
2083 n = slist_length (cn_thread_list);
2084 MUTEX_UNLOCK (&cn_mutex);
2085
2086 if (n && !segv)
2087 {
2088 pthread_t tid;
2089
2090 rc = create_thread (waiting_for_exit, NULL, &tid, 0);
2091 if (!rc)
2092 {
2093 if (signal_loop (sigset))
2094 {
2095 log_write (_("Received second termination request. Exiting."));
2096 #ifdef HAVE_PTHREAD_CANCEL
2097 pthread_cancel (tid);
2098 #else
2099 pthread_kill (tid, SIGUSR2);
2100 #endif
2101 pthread_join (tid, NULL);
2102 }
2103 }
2104 else
2105 log_write ("%s(%i): pthread_create(): %s", __FILE__, __LINE__,
2106 pwmd_strerror (rc));
2107 }
2108
2109 if (cancel_timeout_thread)
2110 {
2111 #ifdef HAVE_PTHREAD_CANCEL
2112 pthread_cancel (cache_timeout_tid);
2113 #else
2114 pthread_kill (cache_timeout_tid, SIGUSR2);
2115 #endif
2116 pthread_join (cache_timeout_tid, NULL);
2117 }
2118
2119 if (cancel_keepalive_thread)
2120 {
2121 #ifdef HAVE_PTHREAD_CANCEL
2122 pthread_cancel (keepalive_tid);
2123 #else
2124 pthread_kill (keepalive_tid, SIGUSR2);
2125 #endif
2126 pthread_join (keepalive_tid, NULL);
2127 }
2128
2129 cleanup_all_clients (0);
2130 #ifdef WITH_GNUTLS
2131 start_stop_tls (1);
2132 #endif
2133 deinit_commands ();
2134 pthread_cond_destroy (&quit_cond);
2135 pthread_mutex_destroy (&quit_mutex);
2136 return segv ? EXIT_FAILURE : EXIT_SUCCESS;;
2137 }
2138
2139 static void
2140 startup_failure ()
2141 {
2142 log_write (_
2143 ("Failed to add a file to the cache. Use --ignore to force startup. Exiting."));
2144 cache_clear (NULL);
2145 }
2146
2147 /* This is called from cache.c:clear_once(). See
2148 * command.c:clearcache_command() for details about lock checking.
2149 */
2150 static gpg_error_t
2151 free_cache_data (file_cache_t * cache)
2152 {
2153 gpg_error_t rc = GPG_ERR_NO_DATA;
2154 int i, t;
2155 struct client_thread_s *found = NULL;
2156 int self = 0;
2157
2158 if (!cache->data)
2159 return 0;
2160
2161 cache_lock ();
2162 MUTEX_LOCK (&cn_mutex);
2163 pthread_cleanup_push (cleanup_mutex_cb, &cn_mutex);
2164 t = slist_length (cn_thread_list);
2165
2166 for (i = 0; i < t; i++)
2167 {
2168 struct client_thread_s *thd = slist_nth_data (cn_thread_list, i);
2169
2170 if (!thd->cl)
2171 continue;
2172
2173 if (!memcmp (thd->cl->md5file, cache->filename,
2174 sizeof (cache->filename)))
2175 {
2176 if (pthread_equal (pthread_self (), thd->tid))
2177 {
2178 found = thd;
2179 self = 1;
2180 continue;
2181 }
2182
2183 /* Continue trying to find a client who has the same file open and
2184 * also has a lock. */
2185 rc = cache_lock_mutex (thd->cl->ctx, thd->cl->md5file, -1, 0, -1);
2186 if (!rc)
2187 {
2188 self = 0;
2189 found = thd;
2190 break;
2191 }
2192 }
2193 }
2194
2195 if (self && (!rc || rc == GPG_ERR_NO_DATA))
2196 rc = cache_lock_mutex (found->cl->ctx, found->cl->md5file, -1, 0, -1);
2197
2198 if (exiting || !rc || rc == GPG_ERR_NO_DATA)
2199 {
2200 free_cache_data_once (cache->data);
2201 cache->data = NULL;
2202 cache->defer_clear = 0;
2203 cache->timeout = -1;
2204
2205 if (found)
2206 cache_unlock_mutex (found->cl->md5file, 0);
2207
2208 rc = 0;
2209 }
2210
2211 if (rc)
2212 cache->defer_clear = 1;
2213
2214 pthread_cleanup_pop (1);
2215 cache_unlock ();
2216 return rc;
2217 }
2218
2219 static int
2220 convert_v2_datafile (const char *filename, const char *cipher,
2221 const char *keyfile, const char *keygrip,
2222 const char *sign_keygrip, int nopass,
2223 const char *outfile, const char *keyparam,
2224 unsigned long s2k_count, uint64_t iterations)
2225 {
2226 gpg_error_t rc;
2227 void *data = NULL;
2228 size_t datalen;
2229 struct crypto_s *crypto = NULL;
2230 uint16_t ver;
2231 int algo;
2232 void *key = NULL;
2233 size_t keylen = 0;
2234
2235 if (outfile[0] == '-' && outfile[1] == 0)
2236 outfile = NULL;
2237
2238 log_write (_("Converting version 2 data file \"%s\" ..."), filename);
2239 if (access (filename, R_OK) == -1)
2240 {
2241 log_write ("%s: %s", filename,
2242 pwmd_strerror (gpg_error_from_errno (errno)));
2243 return 0;
2244 }
2245
2246 if (keyfile)
2247 {
2248 log_write (_("Using passphrase file \"%s\" for decryption ..."),
2249 keyfile);
2250 if (access (keyfile, R_OK) == -1)
2251 {
2252 log_write ("%s: %s", keyfile,
2253 pwmd_strerror (gpg_error_from_errno (errno)));
2254 return 0;
2255 }
2256 }
2257
2258 rc = read_v2_datafile (filename, keyfile, &data, &datalen, &ver, &algo);
2259 if (rc)
2260 {
2261 log_write ("ERR %i: %s", rc, pwmd_strerror (rc));
2262 return 0;
2263 }
2264
2265 if (cipher)
2266 {
2267 algo = cipher_string_to_gcrypt (cipher);
2268 if (algo == -1)
2269 {
2270 rc = GPG_ERR_CIPHER_ALGO;
2271 goto fail;
2272 }
2273 }
2274
2275 if (ver < 0x212)
2276 {
2277 xmlDocPtr doc = parse_doc (data, datalen);
2278
2279 if (!doc)
2280 {
2281 rc = GPG_ERR_BAD_DATA;
2282 goto fail;
2283 }
2284
2285 rc = convert_pre_212_elements (doc);
2286 gcry_free (data);
2287 data = NULL;
2288 if (!rc)
2289 {
2290 xmlDocDumpFormatMemory (doc, (xmlChar **) & data, (int *) &datalen,
2291 0);
2292 if (!data)
2293 rc = GPG_ERR_ENOMEM;
2294 }
2295
2296 xmlFreeDoc (doc);
2297 if (rc)
2298 goto fail;
2299 }
2300
2301 rc = init_client_crypto (&crypto);
2302 if (!rc)
2303 {
2304 memcpy (&crypto->save.hdr, &crypto->hdr, sizeof (file_header_t));
2305 crypto->save.hdr.flags = set_cipher_flag (crypto->save.hdr.flags, algo);
2306 crypto->save.s2k_count = s2k_count;
2307 crypto->save.hdr.iterations = iterations;
2308
2309 if (!use_agent)
2310 {
2311 rc = export_common (NULL, 0, crypto, data, datalen, outfile, keyfile,
2312 &key, &keylen, 0, 0, nopass);
2313 }
2314 #ifdef WITH_AGENT
2315 else
2316 {
2317 rc = agent_set_pinentry_options (crypto->agent);
2318 if (!rc)
2319 rc = agent_export_common (crypto, keygrip, sign_keygrip, nopass,
2320 data, datalen, outfile, keyparam,
2321 no_passphrase_file ? NULL : keyfile);
2322 }
2323 #endif
2324 if (!rc)
2325 log_write (_("Output written to \"%s\"."), outfile);
2326 }
2327
2328 fail:
2329 if (ver < 0x212)
2330 xmlFree (data);
2331 else
2332 gcry_free (data);
2333
2334 gcry_free (key);
2335 cleanup_crypto (&crypto);
2336
2337 if (rc)
2338 log_write ("ERR %i: %s", rc, pwmd_strerror (rc));
2339 return rc ? 0 : 1;
2340 }
2341
2342 static void
2343 usage (const char *pn, int status)
2344 {
2345 FILE *fp = status == EXIT_FAILURE ? stderr : stdout;
2346
2347 fprintf (fp, _("Usage: %s [OPTIONS] [file1] [...]\n"
2348 " -f, --rcfile=filename load the specfied configuration file\n"
2349 " (~/.pwmd/config)\n"
2350 " --homedir alternate pwmd home directory (~/.pwmd)\n"
2351 #ifdef WITH_AGENT
2352 " --use-agent enable use of gpg-agent\n"
2353 #endif
2354 " -n, --no-fork run as a foreground process\n"
2355 " -D, --disable-dump disable the LIST, XPATH and DUMP commands\n"
2356 " --ignore ignore file errors during startup\n"
2357 " --debug-level=keywords log protocol output (see manual for details)\n"
2358 " -o, --outfile=filename output file when importing or converting\n"
2359 " -C, --convert=filename convert a version 2 data file to version 3\n"
2360 " -I, --import=filename import a pwmd DTD formatted XML file)\n"
2361 " -k, --passphrase-file=file for use when importing or converting\n"
2362 " --no-passphrase-file prompt instead of using --passphrase-file when\n"
2363 " converting\n"
2364 " --no-passphrase when importing or converting\n"
2365 " --keygrip=hex public key to use when encrypting\n"
2366 " --sign-keygrip=hex private key to use when signing\n"
2367 " --keyparam=s-exp custom key parameters to use (RSA-2048)\n"
2368 " --cipher=string encryption cipher (aes256)\n"
2369 " --iterations=N cipher iteration count (N+1)\n"
2370 " --s2k-count=N hash iteration count (>65536, calibrated)\n"
2371 " --help this help text\n"
2372 " --version show version and compile time features\n"),
2373 pn);
2374 exit (status);
2375 }
2376
2377 int
2378 main (int argc, char *argv[])
2379 {
2380 int opt;
2381 struct sockaddr_un addr;
2382 char buf[PATH_MAX];
2383 char *socketpath = NULL, *socketdir, *socketname = NULL;
2384 char *socketarg = NULL;
2385 char *datadir = NULL;
2386 int x;
2387 char *p;
2388 char **cache_push = NULL;
2389 char *import = NULL, *keygrip = NULL, *sign_keygrip = NULL;
2390 char *keyparam = NULL;
2391 int estatus = EXIT_FAILURE;
2392 int sockfd;
2393 char *outfile = NULL;
2394 int do_unlink = 0;
2395 int secure = 0;
2396 int show_version = 0;
2397 int force = 0;
2398 int no_passphrase = 0;
2399 gpg_error_t rc;
2400 char *convertfile = NULL;
2401 char *cipher = NULL;
2402 char *keyfile = NULL;
2403 unsigned long s2k_count = 0;
2404 uint64_t iterations = 0;
2405 int exists;
2406 char *debug_level_opt = NULL;
2407 int optindex;
2408 /* Must maintain the same order as longopts[] */
2409 enum
2410 {
2411 OPT_VERSION, OPT_HELP,
2412 #ifdef WITH_AGENT
2413 OPT_AGENT,
2414 #endif
2415 OPT_DEBUG_LEVEL, OPT_HOMEDIR, OPT_NO_FORK, OPT_DISABLE_DUMP, OPT_IGNORE,
2416 OPT_RCFILE, OPT_CONVERT, OPT_PASSPHRASE_FILE, OPT_IMPORT, OPT_OUTFILE,
2417 OPT_NO_PASSPHRASE_FILE, OPT_KEYGRIP, OPT_SIGN_KEYGRIP, OPT_KEYPARAM,
2418 OPT_CIPHER, OPT_ITERATIONS, OPT_S2K_COUNT, OPT_NO_PASSPHRASE
2419 };
2420 const char *optstring = "nf:C:k:I:o:";
2421 const struct option longopts[] = {
2422 {"version", no_argument, 0, 0},
2423 {"help", no_argument, 0, 0},
2424 #ifdef WITH_AGENT
2425 {"use-agent", no_argument, 0, 0},
2426 #endif
2427 {"debug-level", required_argument, 0, 0},
2428 {"homedir", required_argument, 0, 0},
2429 {"no-fork", no_argument, 0, 'n'},
2430 {"disable_dump", no_argument, 0, 0},
2431 {"ignore", no_argument, 0, 0},
2432 {"rcfile", required_argument, 0, 'f'},
2433 {"convert", required_argument, 0, 'C'},
2434 {"passphrase-file", required_argument, 0, 'k'},
2435 {"import", required_argument, 0, 'I'},
2436 {"outfile", required_argument, 0, 'o'},
2437 {"no-passphrase-file", no_argument, 0, 0},
2438 {"keygrip", required_argument, 0, 0},
2439 {"sign-keygrip", required_argument, 0, 0},
2440 {"keyparam", required_argument, 0, 0},
2441 {"cipher", required_argument, 0, 0},
2442 {"cipher-iterations", required_argument, 0, 0},
2443 {"s2k-count", required_argument, 0, 0},
2444 {"no-passphrase", no_argument, 0, 0},
2445 {0, 0, 0, 0}
2446 };
2447
2448 #ifndef DEBUG
2449 #ifdef HAVE_SETRLIMIT
2450 struct rlimit rl;
2451
2452 rl.rlim_cur = rl.rlim_max = 0;
2453
2454 if (setrlimit (RLIMIT_CORE, &rl) != 0)
2455 err (EXIT_FAILURE, "setrlimit()");
2456 #endif
2457 #endif
2458
2459 #ifdef ENABLE_NLS
2460 setlocale (LC_ALL, "");
2461 bindtextdomain ("pwmd", LOCALEDIR);
2462 textdomain ("pwmd");
2463 #endif
2464
2465 #ifndef MEM_DEBUG
2466 xmem_init ();
2467 #endif
2468 gpg_err_init ();
2469
2470 if (setup_crypto ())
2471 exit (EXIT_FAILURE);
2472
2473 #ifdef WITH_GNUTLS
2474 gnutls_global_set_mem_functions (xmalloc, xmalloc, secure_mem_check,
2475 xrealloc, xfree);
2476 gnutls_global_init ();
2477 gnutls_global_set_log_function (tls_log);
2478 gnutls_global_set_log_level (1);
2479 tls_fd = -1;
2480 tls6_fd = -1;
2481 #endif
2482 xmlMemSetup (xfree, xmalloc, xrealloc, str_dup);
2483 xmlInitMemory ();
2484 xmlInitGlobals ();
2485 xmlInitParser ();
2486 xmlXPathInit ();
2487 cmdline = 1;
2488 use_agent = 0;
2489
2490 while ((opt = getopt_long (argc, argv, optstring, longopts, &optindex))
2491 != -1)
2492 {
2493 switch (opt)
2494 {
2495 case 'I':
2496 import = optarg;
2497 break;
2498 case 'C':
2499 convertfile = optarg;
2500 break;
2501 case 'k':
2502 keyfile = optarg;
2503 break;
2504 case 'o':
2505 outfile = optarg;
2506 break;
2507 case 'D':
2508 secure = 1;
2509 break;
2510 case 'n':
2511 nofork = 1;
2512 break;
2513 case 'f':
2514 rcfile = str_dup (optarg);
2515 break;
2516 default:
2517 usage (argv[0], EXIT_FAILURE);
2518 break;
2519 case 0:
2520 switch (optindex)
2521 {
2522 case OPT_VERSION:
2523 show_version = 1;
2524 break;
2525 case OPT_HELP:
2526 usage (argv[0], 0);
2527 break;
2528 #ifdef WITH_AGENT
2529 case OPT_AGENT:
2530 use_agent = 1;
2531 break;
2532 #endif
2533 case OPT_DEBUG_LEVEL:
2534 debug_level_opt = optarg;
2535 break;
2536 case OPT_HOMEDIR:
2537 homedir = str_dup (optarg);
2538 break;
2539 case OPT_NO_FORK:
2540 nofork = 1;
2541 break;
2542 case OPT_DISABLE_DUMP:
2543 secure = 1;
2544 break;
2545 case OPT_IGNORE:
2546 force = 1;
2547 break;
2548 case OPT_RCFILE:
2549 rcfile = str_dup (optarg);
2550 break;
2551 case OPT_CONVERT:
2552 convertfile = optarg;
2553 break;
2554 case OPT_PASSPHRASE_FILE:
2555 keyfile = optarg;
2556 break;
2557 case OPT_IMPORT:
2558 import = optarg;
2559 break;
2560 case OPT_OUTFILE:
2561 outfile = optarg;
2562 break;
2563 case OPT_NO_PASSPHRASE_FILE:
2564 no_passphrase_file = 1;
2565 break;
2566 case OPT_KEYGRIP:
2567 keygrip = optarg;
2568 break;
2569 case OPT_SIGN_KEYGRIP:
2570 sign_keygrip = optarg;
2571 break;
2572 case OPT_KEYPARAM:
2573 keyparam = optarg;
2574 break;
2575 case OPT_CIPHER:
2576 cipher = optarg;
2577 break;
2578 case OPT_ITERATIONS:
2579 iterations = strtoull (optarg, NULL, 10);
2580 break;
2581 case OPT_S2K_COUNT:
2582 s2k_count = strtoul (optarg, NULL, 10);
2583 break;
2584 case OPT_NO_PASSPHRASE:
2585 no_passphrase = 1;
2586 break;
2587 default:
2588 usage (argv[0], 1);
2589 }
2590 }
2591 }
2592
2593 if (show_version)
2594 {
2595 printf (_("%s\n\n"
2596 "Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013\n"
2597 "%s\n"
2598 "Released under the terms of the GPL v2. Use at your own risk.\n\n"
2599 "Compile time features:\n%s"), PACKAGE_STRING,
2600 PACKAGE_BUGREPORT,
2601 #ifdef PWMD_HOMEDIR
2602 "+PWMD_HOMEDIR=" PWMD_HOMEDIR "\n"
2603 #endif
2604 #ifdef WITH_AGENT
2605 "+WITH_AGENT\n"
2606 #else
2607 "-WITH_AGENT\n"
2608 #endif
2609 #ifdef WITH_QUALITY
2610 "+WITH_QUALITY\n"
2611 #else
2612 "-WITH_QUALITY\n"
2613 #endif
2614 #ifdef WITH_GNUTLS
2615 "+WITH_GNUTLS\n"
2616 #else
2617 "-WITH_GNUTLS\n"
2618 #endif
2619 #ifdef WITH_LIBACL
2620 "+WITH_LIBACL\n"
2621 #else
2622 "-WITH_LIBACL\n"
2623 #endif
2624 #ifdef DEBUG
2625 "+DEBUG\n"
2626 #else
2627 "-DEBUG\n"
2628 #endif
2629 #ifdef MEM_DEBUG
2630 "+MEM_DEBUG\n"
2631 #else
2632 "-MEM_DEBUG\n"
2633 #endif
2634 #ifdef MUTEX_DEBUG
2635 "+MUTEX_DEBUG\n"
2636 #else
2637 "-MUTEX_DEBUG\n"
2638 #endif
2639 );
2640 exit (EXIT_SUCCESS);
2641 }
2642
2643 if (!homedir)
2644 #ifdef PWMD_HOMEDIR
2645 homedir = str_dup(PWMD_HOMEDIR);
2646 #else
2647 homedir = str_asprintf ("%s/.pwmd", get_home_dir ());
2648 #endif
2649
2650 if (mkdir (homedir, 0700) == -1 && errno != EEXIST)
2651 err (EXIT_FAILURE, "%s", homedir);
2652
2653 snprintf (buf, sizeof (buf), "%s/data", homedir);
2654 if (mkdir (buf, 0700) == -1 && errno != EEXIST)
2655 err (EXIT_FAILURE, "%s", buf);
2656
2657 datadir = str_dup (buf);
2658 pthread_mutexattr_t attr;
2659 pthread_mutexattr_init (&attr);
2660 pthread_mutexattr_settype (&attr, PTHREAD_MUTEX_RECURSIVE);
2661 pthread_mutex_init (&rcfile_mutex, &attr);
2662 pthread_cond_init (&rcfile_cond, NULL);
2663 pthread_mutex_init (&cn_mutex, &attr);
2664 pthread_mutexattr_destroy (&attr);
2665 pthread_key_create (&last_error_key, free_key);
2666 #ifndef HAVE_PTHREAD_CANCEL
2667 pthread_key_create (&signal_thread_key, free_key);
2668 #endif
2669
2670 if (!rcfile)
2671 rcfile = str_asprintf ("%s/config", homedir);
2672
2673 global_config = config_parse (rcfile);
2674 if (!global_config)
2675 exit (EXIT_FAILURE);
2676
2677 #ifdef WITH_AGENT
2678 if (!use_agent)
2679 use_agent = config_get_boolean ("global", "use_agent");
2680 #endif
2681
2682 setup_logging ();
2683
2684 if (debug_level_opt)
2685 debug_level = str_split (debug_level_opt, ",", 0);
2686
2687 x = config_get_int_param (global_config, "global", "priority", &exists);
2688 if (exists && x != atoi(INVALID_PRIORITY))
2689 {
2690 errno = 0;
2691 if (setpriority (PRIO_PROCESS, 0, x) == -1)
2692 {
2693 log_write ("setpriority(): %s",
2694 pwmd_strerror (gpg_error_from_errno (errno)));
2695 goto do_exit;
2696 }
2697 }
2698 #ifdef HAVE_MLOCKALL
2699 if (disable_mlock == 0 && mlockall (MCL_CURRENT | MCL_FUTURE) == -1)
2700 {
2701 log_write ("mlockall(): %s",
2702 pwmd_strerror (gpg_error_from_errno (errno)));
2703 goto do_exit;
2704 }
2705 #endif
2706
2707 rc = cache_init (free_cache_data);
2708 if (rc)
2709 {
2710 log_write ("pwmd: ERR %i: %s", rc,
2711 gpg_err_code (rc) == GPG_ERR_UNKNOWN_VERSION
2712 ? _("incompatible gpg-agent version: 2.1.0 or later required")
2713 : pwmd_strerror (rc));
2714 goto do_exit;
2715 }
2716
2717 if (s2k_count == 0)
2718 s2k_count = config_get_ulong (NULL, "s2k_count");
2719
2720 if (convertfile)
2721 {
2722 if (!outfile)
2723 usage (argv[0], EXIT_FAILURE);
2724
2725 estatus = convert_v2_datafile (convertfile, cipher, keyfile, keygrip,
2726 sign_keygrip, no_passphrase, outfile,
2727 keyparam, s2k_count, iterations);
2728 config_free (global_config);
2729 xfree (rcfile);
2730 exit (!estatus);
2731 }
2732
2733 if (import)
2734 {
2735 if (!outfile || !*outfile)
2736 usage (argv[0], EXIT_FAILURE);
2737
2738 if (outfile && outfile[0] == '-' && outfile[1] == 0)
2739 outfile = NULL;
2740
2741 estatus = xml_import (import, outfile, keygrip, sign_keygrip, keyfile,
2742 no_passphrase, cipher, keyparam, s2k_count,
2743 iterations);
2744 config_free (global_config);
2745 xfree (rcfile);
2746 exit (!estatus);
2747 }
2748
2749 p = config_get_string ("global", "socket_path");
2750 if (!p)
2751 p = str_asprintf ("%s/socket", homedir);
2752
2753 socketarg = expand_homedir (p);
2754 xfree (p);
2755
2756 if (!secure)
2757 disable_list_and_dump = config_get_boolean ("global",
2758 "disable_list_and_dump");
2759 else
2760 disable_list_and_dump = secure;
2761
2762 cache_push = config_get_list ("global", "cache_push");
2763
2764 while (optind < argc)
2765 {
2766 if (strv_printf (&cache_push, "%s", argv[optind++]) == 0)
2767 errx (EXIT_FAILURE, "%s", pwmd_strerror (GPG_ERR_ENOMEM));
2768 }
2769
2770 if (strchr (socketarg, '/') == NULL)
2771 {
2772 socketdir = getcwd (buf, sizeof (buf));
2773 socketname = str_dup (socketarg);
2774 socketpath = str_asprintf ("%s/%s", socketdir, socketname);
2775 }
2776 else
2777 {
2778 socketname = str_dup (strrchr (socketarg, '/'));
2779 socketname++;
2780 socketarg[strlen (socketarg) - strlen (socketname) - 1] = 0;
2781 socketdir = str_dup (socketarg);
2782 socketpath = str_asprintf ("%s/%s", socketdir, socketname);
2783 }
2784
2785 if (chdir (datadir))
2786 {
2787 log_write ("%s: %s", datadir,
2788 pwmd_strerror (gpg_error_from_errno (errno)));
2789 unlink (socketpath);
2790 goto do_exit;
2791 }
2792
2793 /*
2794 * Set the cache entry for a file. Prompts for the password.
2795 */
2796 if (cache_push)
2797 {
2798 struct crypto_s *crypto = NULL;
2799 gpg_error_t rc = init_client_crypto (&crypto);
2800
2801 if (rc)
2802 {
2803 estatus = EXIT_FAILURE;
2804 goto do_exit;
2805 }
2806
2807 #ifdef WITH_AGENT
2808 if (use_agent)
2809 {
2810 rc = agent_set_pinentry_options (crypto->agent);
2811 if (rc)
2812 {
2813 estatus = EXIT_FAILURE;
2814 goto do_exit;
2815 }
2816 }
2817 #endif
2818
2819 for (opt = 0; cache_push[opt]; opt++)
2820 {
2821 if (!do_cache_push (cache_push[opt], crypto) && !force)
2822 {
2823 strv_free (cache_push);
2824 startup_failure ();
2825 estatus = EXIT_FAILURE;
2826 cleanup_crypto (&crypto);
2827 goto do_exit;
2828 }
2829
2830 cleanup_crypto_stage1 (crypto);
2831 }
2832
2833 #ifdef WITH_AGENT
2834 if (use_agent)
2835 (void) kill_scd (crypto->agent);
2836 #endif
2837
2838 cleanup_crypto (&crypto);
2839 strv_free (cache_push);
2840 log_write (!nofork ? _("Done. Daemonizing...") :
2841 _("Done. Waiting for connections..."));
2842 }
2843
2844 config_clear_keys ();
2845
2846 /*
2847 * bind() doesn't like the full pathname of the socket or any non alphanum
2848 * characters so change to the directory where the socket is wanted then
2849 * create it then change to datadir.
2850 */
2851 if (chdir (socketdir))
2852 {
2853 log_write ("%s: %s", socketdir,
2854 pwmd_strerror (gpg_error_from_errno (errno)));
2855 goto do_exit;
2856 }
2857
2858 xfree (socketdir);
2859
2860 if ((sockfd = socket (PF_UNIX, SOCK_STREAM, 0)) == -1)
2861 {
2862 log_write ("socket(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2863 goto do_exit;
2864 }
2865
2866 addr.sun_family = AF_UNIX;
2867 snprintf (addr.sun_path, sizeof (addr.sun_path), "%s", socketname);
2868 do_unlink = 1;
2869 if (bind (sockfd, (struct sockaddr *) &addr, sizeof (struct sockaddr)) ==
2870 -1)
2871 {
2872 log_write ("bind(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2873
2874 if (errno == EADDRINUSE)
2875 {
2876 do_unlink = 0;
2877 log_write (_("Either there is another pwmd running or '%s' is a \n"
2878 "stale socket. Please remove it manually."), socketpath);
2879 }
2880
2881 goto do_exit;
2882 }
2883
2884 {
2885 char *t = config_get_string ("global", "socket_perms");
2886 mode_t mode;
2887 mode_t mask;
2888
2889 if (t)
2890 {
2891 mode = strtol (t, NULL, 8);
2892 mask = umask (0);
2893 xfree (t);
2894
2895 if (chmod (socketname, mode) == -1)
2896 {
2897 log_write ("%s: %s", socketname,
2898 pwmd_strerror (gpg_error_from_errno (errno)));
2899 close (sockfd);
2900 umask (mask);
2901 goto do_exit;
2902 }
2903
2904 umask (mask);
2905 }
2906 }
2907
2908 xfree (--socketname);
2909
2910 if (chdir (datadir))
2911 {
2912 log_write ("%s: %s", datadir,
2913 pwmd_strerror (gpg_error_from_errno (errno)));
2914 close (sockfd);
2915 goto do_exit;
2916 }
2917
2918 xfree (datadir);
2919
2920 if (listen (sockfd, 0) == -1)
2921 {
2922 log_write ("listen(): %s", pwmd_strerror (gpg_error_from_errno (errno)));
2923 goto do_exit;
2924 }
2925
2926 cmdline = 0;
2927
2928 if (!nofork)
2929 {
2930 switch (fork ())
2931 {
2932 case -1:
2933 log_write ("fork(): %s",
2934 pwmd_strerror (gpg_error_from_errno (errno)));
2935 goto do_exit;
2936 case 0:
2937 close (0);
2938 close (1);
2939 close (2);
2940 setsid ();
2941 break;
2942 default:
2943 _exit (EXIT_SUCCESS);
2944 }
2945 }
2946
2947 pthread_key_create (&thread_name_key, free_key);
2948 pthread_setspecific (thread_name_key, str_dup ("main"));
2949 estatus = server_loop (sockfd, &socketpath);
2950
2951 do_exit:
2952 if (socketpath && do_unlink)
2953 {
2954 unlink (socketpath);
2955 xfree (socketpath);
2956 }
2957
2958 xfree (socketarg);
2959 #ifdef WITH_GNUTLS
2960 gnutls_global_deinit ();
2961 #endif
2962 if (rcfile_tid)
2963 {
2964 #ifdef HAVE_PTHREAD_CANCEL
2965 pthread_cancel (rcfile_tid);
2966 #else
2967 pthread_kill (rcfile_tid, SIGUSR2);
2968 pthread_cond_signal (&rcfile_cond);
2969 #endif
2970 pthread_join (rcfile_tid, NULL);
2971 }
2972
2973 pthread_cond_destroy (&rcfile_cond);
2974 pthread_mutex_destroy (&rcfile_mutex);
2975 pthread_key_delete (last_error_key);
2976 #ifndef HAVE_PTHREAD_CANCEL
2977 pthread_key_delete (signal_thread_key);
2978 #endif
2979
2980 if (global_config)
2981 config_free (global_config);
2982
2983 xfree (rcfile);
2984 xfree (home_directory);
2985 xfree (homedir);
2986 xmlCleanupParser ();
2987 xmlCleanupGlobals ();
2988
2989 if (estatus == EXIT_SUCCESS)
2990 log_write (_("pwmd exiting normally"));
2991
2992 pthread_key_delete (thread_name_key);
2993 closelog ();
2994 #if defined(DEBUG) && !defined(MEM_DEBUG)
2995 xdump ();
2996 #endif
2997 exit (estatus);
2998 }
A server for managing passphrases and anything else.