search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Changed the PROGRESS status message to either ENCRYPT or DECRYPT.
[pwmd.git] / src / commands.c
blobf4d917b810e21686660171325d9c2a50761c8ac2
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2007 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <sys/types.h>
25 #include <sys/stat.h>
26 #include <fcntl.h>
27 #include <ctype.h>
28 #include <glib.h>
29 #include <glib/gprintf.h>
30 #include <gcrypt.h>
31
32 #ifdef HAVE_CONFIG_H
33 #include <config.h>
34 #endif
35
36 #ifdef HAVE_ZLIB_H
37 #include <zlib.h>
38 #endif
39
40 #ifndef MEM_DEBUG
41 #include "mem.h"
42 #endif
43
44 #include "xml.h"
45 #include "common.h"
46 #include "pwmd_error.h"
47 #include "cache.h"
48 #include "commands.h"
49
50 #ifdef HAVE_ZLIB_H
51 static void *z_alloc(void *data, unsigned items, unsigned size)
52 {
53 #ifndef MEM_DEBUG
54 return gcry_calloc(items, size);
55 #else
56 return calloc(items, size);
57 #endif
58 }
59
60 static void z_free(void *data, void *p)
61 {
62 #ifndef MEM_DEBUG
63 gcry_free(p);
64 #else
65 free(p);
66 #endif
67 }
68 #endif
69
70 static gpg_error_t file_modified(struct client_s *client)
71 {
72 struct stat st;
73
74 if (client->state != STATE_OPEN)
75 return EPWMD_NO_FILE;
76
77 if (stat(client->filename, &st) == 0 && client->mtime) {
78 if (client->mtime != st.st_mtime)
79 return EPWMD_FILE_MODIFIED;
80 }
81
82 return 0;
83 }
84
85 static gboolean encrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
86 void *inbuf, gsize insize)
87 {
88 if ((gcryerrno = gcry_cipher_encrypt(gh, outbuf, outsize, inbuf, insize))) {
89 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
90 return FALSE;
91 }
92
93 return TRUE;
94 }
95
96 gboolean decrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
97 void *inbuf, gsize insize)
98 {
99 if ((gcryerrno = gcry_cipher_decrypt(gh, outbuf, outsize, inbuf, insize))) {
100 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
101 return FALSE;
102 }
103
104 return TRUE;
105 }
106
107 static gpg_error_t parse_xml(assuan_context_t ctx)
108 {
109 struct client_s *client = assuan_get_pointer(ctx);
110
111 client->doc = xmlReadMemory(client->xml, client->len, NULL, "UTF-8", XML_PARSE_NOBLANKS);
112
113 if (!client->doc)
114 return EPWMD_LIBXML_ERROR;
115
116 return 0;
117 }
118
119 gboolean valid_filename(const gchar *filename)
120 {
121 const gchar *p;
122
123 if (!filename || !*filename)
124 return FALSE;
125
126 for (p = filename; *p; p++) {
127 if (g_ascii_isalnum(*p) == FALSE && *p != '-' && *p != '_' && *p != '.')
128 return FALSE;
129 }
130
131 return TRUE;
132 }
133
134 gint open_file(const gchar *filename, struct stat *st)
135 {
136 gint fd;
137
138 if ((fd = open(filename, O_RDONLY)) == -1)
139 return -1;
140
141 if (stat(filename, st) == -1) {
142 close(fd);
143 return -1;
144 }
145
146 return fd;
147 }
148
149 static void cleanup(struct client_s *client)
150 {
151 assuan_context_t ctx = client->ctx;
152
153 /*
154 * This may be a new file so don't use a cache slot. save_command() will
155 * set this to FALSE on success.
156 */
157 if (client->new == TRUE)
158 cache_clear(client->md5file, 1);
159
160 if (client->doc)
161 xmlFreeDoc(client->doc);
162
163 if (client->xml)
164 gcry_free(client->xml);
165
166 if (client->filename)
167 g_free(client->filename);
168
169 gcry_cipher_close(client->gh);
170 memset(client, 0, sizeof(struct client_s));
171 client->state = STATE_CONNECTED;
172 client->ctx = ctx;
173 client->freed = TRUE;
174 }
175
176 static gchar *print_fmt(const char *fmt, ...)
177 {
178 va_list ap;
179 static gchar buf[ASSUAN_LINELENGTH] = {0};
180
181 va_start(ap, fmt);
182 vsnprintf(buf, sizeof(buf), fmt, ap);
183 va_end(ap);
184 return buf;
185 }
186
187 #ifdef HAVE_ZLIB_H
188 gboolean do_decompress(assuan_context_t ctx, gpointer in, gint insize,
189 gpointer *out, glong *outsize, gint *error)
190 {
191 z_stream z;
192 gint ret;
193 gpointer pout;
194 gint cmd = Z_NO_FLUSH;
195 gint total;
196
197 z.zalloc = z_alloc;
198 z.zfree = z_free;
199 z.next_in = in;
200 z.avail_in = total = insize < zlib_bufsize ? insize : zlib_bufsize;
201 z.avail_out = zlib_bufsize;
202 z.next_out = pout = g_malloc(zlib_bufsize);
203
204 if (!pout) {
205 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
206 *error = Z_MEM_ERROR;
207 return FALSE;
208 }
209
210 ret = inflateInit(&z);
211
212 if (ret != Z_OK) {
213 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
214 g_free(pout);
215 return FALSE;
216 }
217
218 do {
219 gpointer p;
220
221 ret = inflate(&z, cmd);
222
223 switch (ret) {
224 case Z_OK:
225 break;
226 case Z_BUF_ERROR:
227 if (!z.avail_out) {
228 p = g_realloc(pout, z.total_out + zlib_bufsize);
229
230 if (!p) {
231 ret = Z_MEM_ERROR;
232 goto fail;
233 }
234
235 pout = p;
236 z.next_out = pout + z.total_out;
237 z.avail_out = zlib_bufsize;
238 }
239
240 if (!z.avail_in && total < insize) {
241 if (total + zlib_bufsize > insize)
242 z.avail_in = insize - total;
243 else
244 z.avail_in = zlib_bufsize;
245
246 z.next_in = in + total;
247
248 if (ctx)
249 assuan_write_status(ctx, "DECOMPRESS",
250 print_fmt("%i %i", total, insize));
251
252 total += z.avail_in;
253 }
254 else if (!z.avail_in)
255 cmd = Z_FINISH;
256
257 break;
258 case Z_STREAM_END:
259 break;
260 default:
261 goto fail;
262 break;
263 }
264 } while (ret != Z_STREAM_END);
265
266 if (ctx)
267 assuan_write_status(ctx, "DECOMPRESS",
268 print_fmt("%i %i", total, insize));
269
270 *out = pout;
271 *outsize = z.total_out;
272 inflateEnd(&z);
273 return TRUE;
274
275 fail:
276 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
277 *error = ret;
278 g_free(pout);
279 inflateEnd(&z);
280 return FALSE;
281 }
282 #endif
283
284 static int open_command(assuan_context_t ctx, char *line)
285 {
286 gint fd;
287 struct stat st;
288 guchar shakey[gcrykeysize];
289 gint cached = 0;
290 gint timeout;
291 gpg_error_t error;
292 struct client_s *client = assuan_get_pointer(ctx);
293 gchar **req;
294 gchar *filename = NULL;
295
296 if ((req = split_input_line(line, " ", 2)) != NULL)
297 filename = req[0];
298
299 if (!filename || !*filename) {
300 g_strfreev(req);
301 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
302 }
303
304 if (valid_filename(filename) == FALSE) {
305 g_strfreev(req);
306 return send_error(ctx, EPWMD_INVALID_FILENAME);
307 }
308
309 if (client->state == STATE_OPEN)
310 cleanup(client);
311
312 client->freed = FALSE;
313
314 if ((gcryerrno = gcry_cipher_open(&client->gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0))) {
315 g_strfreev(req);
316 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
317 cleanup(client);
318 return send_error(ctx, gcryerrno);
319 }
320
321 if (stat(filename, &st) == 0) {
322 if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
323 log_write("%s: %s", filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
324 g_strfreev(req);
325 cleanup(client);
326 return send_error(ctx, EPWMD_INVALID_FILENAME);
327 }
328
329 client->mtime = st.st_mtime;
330 }
331
332 gcry_md_hash_buffer(GCRY_MD_MD5, client->md5file, filename, strlen(filename));
333
334 /*
335 * New files don't need a key.
336 */
337 if (access(filename, R_OK|W_OK) != 0) {
338 if (errno != ENOENT) {
339 error = errno;
340 log_write("%s: %s", filename, strerror(errno));
341 g_strfreev(req);
342 cleanup(client);
343 return send_syserror(ctx, error);
344 }
345 new_doc:
346 if ((client->xml = new_document()) == NULL) {
347 error = errno;
348 log_write("%s", strerror(errno));
349 g_strfreev(req);
350 cleanup(client);
351 return send_syserror(ctx, error);
352 }
353
354 client->len = xmlStrlen(client->xml);
355
356 if (cache_has_file(client->md5file) == TRUE)
357 cache_clear(client->md5file, 1);
358
359 if (cache_add_file(client->md5file, NULL) == FALSE) {
360 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
361 g_strfreev(req);
362 cleanup(client);
363 return send_error(ctx, EPWMD_MAX_SLOTS);
364 }
365
366 client->new = TRUE;
367 client->filename = g_strdup(filename);
368
369 if (!client->filename) {
370 g_strfreev(req);
371 cleanup(client);
372 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
373 return send_syserror(ctx, ENOMEM);
374 }
375
376 if (req[1] && *req[1]) {
377 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
378 memset(req[1], 0, strlen(req[1]));
379 goto update_cache;
380 }
381
382 goto done;
383 }
384
385 if ((fd = open_file(filename, &st)) == -1) {
386 error = errno;
387 log_write("%s: %s", filename, strerror(errno));
388 g_strfreev(req);
389 cleanup(client);
390 return send_syserror(ctx, error);
391 }
392
393 if (st.st_size == 0)
394 goto new_doc;
395
396 if (cache_get_key(client->md5file, shakey) == TRUE)
397 cached = 1;
398 else {
399 /*
400 * No key specified and no matching filename found in the cache.
401 */
402 if (!req[1] || !*req[1]) {
403 close(fd);
404 g_strfreev(req);
405 cleanup(client);
406 return send_error(ctx, EPWMD_KEY);
407 }
408 }
409
410 if (!cached) {
411 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
412 memset(req[1], 0, strlen(req[1]));
413 }
414
415 error = try_xml_decrypt(ctx, fd, st, shakey);
416
417 if (error) {
418 close(fd);
419 memset(shakey, 0, sizeof(shakey));
420 g_strfreev(req);
421 cleanup(client);
422 return send_error(ctx, error);
423 }
424
425 close(fd);
426 client->filename = g_strdup(filename);
427
428 if (!client->filename) {
429 memset(shakey, 0, sizeof(shakey));
430 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
431 g_strfreev(req);
432 cleanup(client);
433 return send_syserror(ctx, ENOMEM);
434 }
435
436 update_cache:
437 if (!cached) {
438 if (cache_update_key(client->md5file, shakey) == FALSE) {
439 memset(shakey, 0, sizeof(shakey));
440 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
441 g_strfreev(req);
442 cleanup(client);
443 return send_error(ctx, EPWMD_MAX_SLOTS);
444 }
445
446 timeout = get_key_file_integer(client->filename, "cache_timeout");
447 cache_reset_timeout(client->md5file, timeout);
448 }
449 else
450 cache_set_timeout(client->md5file, -2);
451
452 memset(shakey, 0, sizeof(shakey));
453
454 done:
455 g_strfreev(req);
456 error = parse_xml(ctx);
457
458 if (client->xml) {
459 gcry_free(client->xml);
460 client->xml = NULL;
461 }
462
463 if (error == 0) {
464 client->state = STATE_OPEN;
465 send_cache_status(ctx);
466 }
467
468 return send_error(ctx, error);
469 }
470
471 #ifdef HAVE_ZLIB_H
472 gboolean do_compress(assuan_context_t ctx, gint level, gpointer data,
473 gint size, gpointer *out, glong *outsize, gint *error)
474 {
475 z_stream z;
476 gpointer pout, pin;
477 gint ret;
478 gint total = 0;
479 gint cmd = Z_NO_FLUSH;
480
481 z.zalloc = z_alloc;
482 z.zfree = z_free;
483 z.next_in = pin = data;
484 z.avail_in = size < zlib_bufsize ? size : zlib_bufsize;
485 z.avail_out = zlib_bufsize;
486 z.next_out = pout = g_malloc(zlib_bufsize);
487
488 if (!pout) {
489 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
490 *error = Z_MEM_ERROR;
491 return FALSE;
492 }
493
494 ret = deflateInit(&z, level);
495
496 if (ret != Z_OK) {
497 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
498 *error = ret;
499 g_free(pout);
500 return FALSE;
501 }
502
503 do {
504 gpointer p;
505
506 ret = deflate(&z, cmd);
507
508 switch (ret) {
509 case Z_OK:
510 break;
511 case Z_BUF_ERROR:
512 if (!z.avail_out) {
513 p = g_realloc(pout, z.total_out + zlib_bufsize);
514
515 if (!p) {
516 ret = Z_MEM_ERROR;
517 goto fail;
518 }
519
520 pout = p;
521 z.next_out = pout + z.total_out;
522 z.avail_out = zlib_bufsize;
523 }
524
525 if (!z.avail_in) {
526 if (total >= size) {
527 cmd = Z_FINISH;
528 break;
529 }
530
531 if (total + zlib_bufsize > size) {
532 z.avail_in = size - total;
533 total += size - total;
534 }
535 else {
536 total += zlib_bufsize;
537 z.avail_in = zlib_bufsize;
538 }
539
540 pin += zlib_bufsize;
541 z.next_in = pin;
542
543 if (ctx)
544 assuan_write_status(ctx, "COMPRESS",
545 print_fmt("%i %i", total, size));
546 }
547
548 break;
549 case Z_STREAM_END:
550 break;
551 default:
552 goto fail;
553 }
554 } while (ret != Z_STREAM_END);
555
556 *out = pout;
557 *outsize = z.total_out;
558 deflateEnd(&z);
559 return TRUE;
560
561 fail:
562 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
563 *error = ret;
564 g_free(pout);
565 deflateEnd(&z);
566 return FALSE;
567 }
568 #endif
569
570 gpg_error_t do_xml_encrypt(struct client_s *client, gcry_cipher_hd_t gh,
571 const gchar *filename, gpointer data, size_t insize,
572 const guchar *shakey, guint iter)
573 {
574 gsize len = insize;
575 gint fd;
576 gpointer inbuf;
577 guchar tkey[gcrykeysize];
578 gchar *p;
579 gint error;
580 guint iter_progress = 0, n_iter = 0;
581 struct file_header_s {
582 guint iter;
583 guchar iv[gcryblocksize];
584 } file_header;
585
586 if (insize / gcryblocksize) {
587 len = (insize / gcryblocksize) * gcryblocksize;
588
589 if (insize % gcryblocksize)
590 len += gcryblocksize;
591 }
592
593 /*
594 * Resize the existing xml buffer to the block size required by gcrypt
595 * rather than duplicating it and wasting memory.
596 */
597 inbuf = gcry_realloc(data, len);
598
599 if (!inbuf)
600 return gpg_error_from_errno(ENOMEM);
601
602 insize = len;
603 gcry_create_nonce(file_header.iv, sizeof(file_header.iv));
604 memcpy(tkey, shakey, sizeof(tkey));
605 tkey[0] ^= 1;
606
607 if ((gcryerrno = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
608 gcry_free(inbuf);
609 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
610 return gcryerrno;
611 }
612
613 file_header.iter = iter;
614
615 if (client)
616 iter_progress = get_key_file_integer("default", "iteration_progress");
617
618 while (iter > 0) {
619 if (client && iter_progress > 0 && iter_progress <= iter) {
620 if (!(iter % iter_progress))
621 assuan_write_status(client->ctx, "ENCRYPT", print_fmt("%i",
622 ++n_iter * iter_progress));
623 }
624
625 if ((gcryerrno = gcry_cipher_setiv(gh, file_header.iv,
626 sizeof(file_header.iv)))) {
627 gcry_free(inbuf);
628 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
629 return gcryerrno;
630 }
631
632 if (encrypt_xml(gh, inbuf, insize, NULL, 0)
633 == FALSE) {
634 gcry_free(inbuf);
635 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
636 return gcryerrno;
637 }
638
639 iter--;
640 }
641
642 if ((gcryerrno = gcry_cipher_setiv(gh, file_header.iv,
643 sizeof(file_header.iv)))) {
644 gcry_free(inbuf);
645 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
646 return gcryerrno;
647 }
648
649 if ((gcryerrno = gcry_cipher_setkey(gh, shakey, gcrykeysize))) {
650 gcry_free(inbuf);
651 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
652 return gcryerrno;
653 }
654
655 if (encrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
656 gcry_free(inbuf);
657 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
658 return gcryerrno;
659 }
660
661 if (client && iter_progress && file_header.iter >= iter_progress) {
662 if ((file_header.iter % iter_progress))
663 assuan_write_status(client->ctx, "ENCRYPT",
664 print_fmt("%i", file_header.iter));
665 }
666
667 if (filename) {
668 if ((fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC, 0600)) == -1) {
669 error = errno;
670 gcry_free(inbuf);
671 p = strrchr(filename, '/');
672 p++;
673 log_write("%s: %s", p, strerror(errno));
674 return gpg_error_from_errno(error);
675 }
676 }
677 else
678 /*
679 * xml_import() from command line.
680 */
681 fd = STDOUT_FILENO;
682
683 write(fd, &file_header, sizeof(struct file_header_s));
684 write(fd, inbuf, insize);
685
686 if (filename)
687 close(fd);
688
689 gcry_free(inbuf);
690 return 0;
691 }
692
693 static int save_command(assuan_context_t ctx, char *line)
694 {
695 gpointer xmlbuf;
696 xmlChar *p;
697 gint len;
698 gint cached = 0;
699 guchar shakey[gcrykeysize];
700 gint iter;
701 struct stat st;
702 struct client_s *client = assuan_get_pointer(ctx);
703 gpg_error_t error;
704 gint timeout;
705 #ifdef HAVE_ZLIB_H
706 gpointer outbuf;
707 glong outsize = 0;
708 #endif
709
710 error = file_modified(client);
711
712 if (error) {
713 log_write("%s: %s", client->filename ? client->filename : "",
714 pwmd_strerror(error));
715 return send_error(ctx, error);
716 }
717
718 if (stat(client->filename, &st) == -1 && errno != ENOENT)
719 return send_syserror(ctx, errno);
720
721 if (errno != ENOENT && !S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
722 log_write("%s: %s", client->filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
723 return send_error(ctx, EPWMD_INVALID_FILENAME);
724 }
725
726 if (!line || !*line) {
727 if (cache_get_key(client->md5file, shakey) == FALSE)
728 return send_error(ctx, EPWMD_KEY);
729
730 cached = 1;
731 }
732 else {
733 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, line, strlen(line));
734 memset(line, 0, strlen(line));
735 }
736
737 xmlDocDumpFormatMemory(client->doc, &p, &len, 0);
738 xmlbuf = p;
739
740 #ifdef HAVE_ZLIB_H
741 iter = get_key_file_integer(client->filename, "compression_level");
742
743 if (iter > 0) {
744 gint zerror;
745
746 if (do_compress(ctx, iter, xmlbuf, len, &outbuf, &outsize, &zerror) == FALSE) {
747 memset(shakey, 0, sizeof(shakey));
748 xmlFree(xmlbuf);
749
750 if (zerror == Z_MEM_ERROR)
751 return send_syserror(ctx, ENOMEM);
752 else
753 return send_error(ctx, GPG_ERR_COMPR_ALGO);
754 }
755 else {
756 gcry_free(xmlbuf);
757 xmlbuf = outbuf;
758 len = outsize;
759 }
760 }
761 #endif
762
763 if ((iter = get_key_file_integer(client->filename, "iterations")) == -1)
764 iter = 0;
765
766 error = do_xml_encrypt(client, client->gh, client->filename, xmlbuf, len, shakey, iter);
767
768 if (error) {
769 memset(shakey, 0, sizeof(shakey));
770 return send_error(ctx, error);
771 }
772
773 stat(client->filename, &st);
774 client->mtime = st.st_mtime;
775 timeout = get_key_file_integer(client->filename, "cache_timeout");
776
777 if (cached) {
778 memset(shakey, 0, sizeof(shakey));
779 cache_reset_timeout(client->md5file, timeout);
780 client->new = FALSE;
781 return 0;
782 }
783
784 if (cache_update_key(client->md5file, shakey) == FALSE) {
785 memset(shakey, 0, sizeof(shakey));
786 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
787 return send_error(ctx, EPWMD_MAX_SLOTS);
788 }
789
790 client->new = FALSE;
791 memset(shakey, 0, sizeof(shakey));
792 cache_reset_timeout(client->md5file, timeout);
793 return 0;
794 }
795
796 static gboolean contains_whitespace(const gchar *str)
797 {
798 const gchar *p = str;
799 gunichar c;
800 glong len;
801
802 len = g_utf8_strlen(p++, -1) -1;
803
804 while (len--) {
805 c = g_utf8_get_char(p++);
806
807 if (g_unichar_isspace(c))
808 return TRUE;
809 }
810
811 return FALSE;
812 }
813
814 static int delete_command(assuan_context_t ctx, char *line)
815 {
816 struct client_s *client = assuan_get_pointer(ctx);
817 gchar **req;
818 gpg_error_t error;
819 xmlNodePtr n;
820
821 error = file_modified(client);
822
823 if (error) {
824 log_write("%s: %s", client->filename ? client->filename : "",
825 pwmd_strerror(error));
826 return send_error(ctx, error);
827 }
828
829 if (strchr(line, '\t'))
830 req = split_input_line(line, "\t", -1);
831 else
832 req = split_input_line(line, " ", -1);
833
834 if (!req || !*req)
835 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
836
837 n = find_account(client->doc, &req, &error, NULL);
838
839 if (!n) {
840 g_strfreev(req);
841 return send_error(ctx, error);
842 }
843
844 /*
845 * No sub-node defined. Remove the entire node (account).
846 */
847 if (!req[1]) {
848 if (n) {
849 xmlUnlinkNode(n);
850 xmlFreeNode(n);
851 }
852
853 g_strfreev(req);
854 return 0;
855 }
856
857 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, NULL);
858 g_strfreev(req);
859
860 if (!n)
861 return send_error(ctx, error);
862
863 if (n) {
864 xmlUnlinkNode(n);
865 xmlFreeNode(n);
866 }
867
868 return 0;
869 }
870
871 static int store_command(assuan_context_t ctx, char *line)
872 {
873 struct client_s *client = assuan_get_pointer(ctx);
874 gchar **req;
875 gpg_error_t error;
876 guchar *result;
877 gsize len;
878 xmlNodePtr n;
879
880 error = file_modified(client);
881
882 if (error) {
883 log_write("%s: %s", client->filename ? client->filename : "",
884 pwmd_strerror(error));
885 return send_error(ctx, error);
886 }
887
888 error = assuan_inquire(ctx, "STORE", &result, &len, 0);
889
890 if (error)
891 return send_error(ctx, error);
892
893 req = split_input_line((gchar *)result, "\t", 0);
894 #ifndef MEM_DEBUG
895 xfree(result);
896 #else
897 free(result);
898 #endif
899
900 if (!req || !*req)
901 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
902
903 again:
904 n = find_account(client->doc, &req, &error, NULL);
905
906 if (error && error == EPWMD_ELEMENT_NOT_FOUND) {
907 if (contains_whitespace(*req) == TRUE) {
908 g_strfreev(req);
909 return send_error(ctx, EPWMD_INVALID_ELEMENT);
910 }
911
912 error = new_account(client->doc, *req);
913
914 if (error) {
915 g_strfreev(req);
916 return send_error(ctx, error);
917 }
918
919 goto again;
920 }
921
922 if (!n) {
923 g_strfreev(req);
924 return send_error(ctx, error);
925 }
926
927 if (req[1]) {
928 if (!n->children)
929 create_elements_cb(n, req+1, &error, NULL);
930 else
931 find_elements(client->doc, n->children, req+1, &error,
932 NULL, NULL, create_elements_cb, NULL);
933 }
934
935 g_strfreev(req);
936 return send_error(ctx, error);
937 }
938
939 static int get_command(assuan_context_t ctx, char *line)
940 {
941 struct client_s *client = assuan_get_pointer(ctx);
942 gchar **req;
943 gpg_error_t error;
944 xmlNodePtr n;
945
946 error = file_modified(client);
947
948 if (error) {
949 log_write("%s: %s", client->filename ? client->filename : "",
950 pwmd_strerror(error));
951 return send_error(ctx, error);
952 }
953
954 req = split_input_line(line, "\t", -1);
955
956 if (!req || !*req) {
957 g_strfreev(req);
958 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
959 }
960
961 n = find_account(client->doc, &req, &error, NULL);
962
963 if (!n) {
964 g_strfreev(req);
965 return send_error(ctx, error);
966 }
967
968 if (req[1])
969 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, NULL);
970
971 g_strfreev(req);
972
973 if (error)
974 return send_error(ctx, error);
975
976 if (!n || !n->children)
977 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
978
979 n = n->children;
980
981 if (!n || !n->content || !*n->content)
982 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
983
984 error = assuan_send_data(ctx, n->content, xmlStrlen(n->content));
985 return send_error(ctx, error);
986 }
987
988 static gchar *element_path_to_req(const gchar *account, xmlChar *path)
989 {
990 xmlChar *p = path;
991 gint n;
992 gchar *buf;
993
994 if (!p)
995 return NULL;
996
997 for (n = 0; *p && n < 3; p++) {
998 if (*p == '/')
999 n++;
1000 }
1001
1002 if (strstr((gchar *)p, "text()") != NULL)
1003 p[xmlStrlen(p) - 7] = 0;
1004
1005 for (n = 0; p[n]; n++) {
1006 if (p[n] == '/')
1007 p[n] = '\t';
1008 }
1009
1010 buf = g_strdup_printf("%s\t%s", account, p);
1011 return buf;
1012 }
1013
1014 gboolean strv_printf(gchar ***array, const gchar *fmt, ...)
1015 {
1016 gchar **a;
1017 va_list ap;
1018 gchar *buf;
1019 gint len = *array ? g_strv_length(*array) : 0;
1020
1021 if (!fmt)
1022 return FALSE;
1023
1024 if ((a = g_realloc(*array, (len + 2) * sizeof(gchar *))) == NULL)
1025 return FALSE;
1026
1027 va_start(ap, fmt);
1028 g_vasprintf(&buf, fmt, ap);
1029 va_end(ap);
1030
1031 a[len++] = buf;
1032 a[len] = NULL;
1033 *array = a;
1034 return TRUE;
1035 }
1036
1037 struct realpath_s {
1038 gchar *account;
1039 };
1040
1041 static xmlNodePtr realpath_elements_cb(xmlNodePtr node, gchar **req,
1042 gpg_error_t *error, void *data)
1043 {
1044 struct realpath_s *rp = data;
1045
1046 if (rp->account)
1047 g_free(rp->account);
1048
1049 rp->account = g_strdup(req[0]);
1050
1051 if (!rp->account) {
1052 *error = gpg_error_from_errno(ENOMEM);
1053 return NULL;
1054 }
1055
1056 return node;
1057 }
1058
1059 static int realpath_command(assuan_context_t ctx, char *line)
1060 {
1061 gpg_error_t error;
1062 struct client_s *client = assuan_get_pointer(ctx);
1063 xmlChar *p;
1064 gchar **req;
1065 gchar *result, *t;
1066 gint i;
1067 xmlNodePtr n;
1068 struct realpath_s *rp;
1069 GString *string;
1070
1071 error = file_modified(client);
1072
1073 if (error) {
1074 log_write("%s: %s", client->filename ? client->filename : "",
1075 pwmd_strerror(error));
1076 return send_error(ctx, error);
1077 }
1078
1079 if (strchr(line, '\t') != NULL) {
1080 if ((req = split_input_line(line, "\t", 0)) == NULL)
1081 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1082 }
1083 else {
1084 if ((req = split_input_line(line, " ", 0)) == NULL)
1085 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1086 }
1087
1088 n = find_account(client->doc, &req, &error, NULL);
1089
1090 if (!n) {
1091 g_strfreev(req);
1092 return send_error(ctx, error);
1093 }
1094
1095 rp = g_malloc(sizeof(struct realpath_s));
1096
1097 if (!rp) {
1098 g_strfreev(req);
1099 return send_syserror(ctx, ENOMEM);
1100 }
1101
1102 rp->account = g_strdup(req[0]);
1103
1104 if (!rp->account) {
1105 g_strfreev(req);
1106 return send_syserror(ctx, ENOMEM);
1107 }
1108
1109 if (req[1]) {
1110 n = find_elements(client->doc, n->children, req+1, &error,
1111 NULL, realpath_elements_cb, NULL, rp);
1112
1113 if (!n) {
1114 g_free(rp->account);
1115 g_free(rp);
1116 g_strfreev(req);
1117 return send_error(ctx, error);
1118 }
1119 }
1120
1121 p = xmlGetNodePath(n);
1122 result = element_path_to_req(rp->account, p);
1123
1124 if (!result) {
1125 g_free(result);
1126 g_free(rp->account);
1127 g_free(rp);
1128 g_strfreev(req);
1129 xmlFree(p);
1130 return send_syserror(ctx, ENOMEM);
1131 }
1132
1133 string = g_string_new(result);
1134 g_free(result);
1135 g_free(rp->account);
1136 g_free(rp);
1137 g_strfreev(req);
1138 xmlFree(p);
1139 i = 0;
1140
1141 again:
1142 for (t = string->str + i; *t; t++, i++) {
1143 if (!i || *t == '\t') {
1144 string = g_string_insert_c(string, !i ? i++ : ++i, '!');
1145 goto again;
1146 }
1147 }
1148
1149 error = assuan_send_data(ctx, string->str, string->len);
1150 g_string_free(string, TRUE);
1151 return send_error(ctx, error);
1152 }
1153
1154 struct list_element_s {
1155 GSList *list;
1156 gchar **elements;
1157 };
1158
1159 static gboolean append_to_element_list(struct list_element_s *elements)
1160 {
1161 gchar *tmp;
1162 gint i, total;
1163 gchar *a;
1164 GSList *list;
1165
1166 if (!elements || !elements->elements)
1167 return TRUE;
1168
1169 tmp = g_strjoinv("\t", elements->elements);
1170
1171 if (!tmp)
1172 return FALSE;
1173
1174 g_strfreev(elements->elements);
1175 elements->elements = NULL;
1176 total = g_slist_length(elements->list);
1177 a = g_utf8_collate_key(tmp, -1);
1178
1179 if (!a) {
1180 g_free(tmp);
1181 return FALSE;
1182 }
1183
1184 /*
1185 * Removes duplicate element paths from the list. This is needed when
1186 * appending an element tree from list_command(). The glib docs recommend
1187 * using g_utf8_collate_key() for a large number of strings.
1188 */
1189 for (i = 0; i < total; i++) {
1190 gchar *p = g_slist_nth_data(elements->list, i);
1191 gchar *b = g_utf8_collate_key(p, -1);
1192
1193 if (!b) {
1194 g_free(a);
1195 g_free(tmp);
1196 return FALSE;
1197 }
1198
1199 if (strcmp(a, b) == 0) {
1200 g_free(a);
1201 g_free(b);
1202 g_free(tmp);
1203 return TRUE;
1204 }
1205
1206 g_free(b);
1207 }
1208
1209 g_free(a);
1210 list = g_slist_append(elements->list, tmp);
1211
1212 if (!list)
1213 return FALSE;
1214
1215 elements->list = list;
1216 return TRUE;
1217 }
1218
1219 static gpg_error_t do_list_recurse(xmlDocPtr doc, xmlNodePtr node,
1220 struct list_element_s *elements, gchar *prefix)
1221 {
1222 xmlNodePtr n;
1223 gpg_error_t error;
1224
1225 if (append_to_element_list(elements) == FALSE)
1226 return gpg_error_from_errno(ENOMEM);
1227
1228 for (n = node; n; n = n->next) {
1229 if (n->type == XML_ELEMENT_NODE) {
1230 xmlChar *content = node_has_attribute(n, (xmlChar *)"target");
1231 gchar *tmp;
1232
1233 if (content) {
1234 strv_printf(&elements->elements, "%s\t%s", prefix, n->name);
1235
1236 if (append_to_element_list(elements) == FALSE)
1237 return gpg_error_from_errno(ENOMEM);
1238 }
1239
1240 tmp = g_strdup_printf("%s\t!%s", prefix, n->name);
1241
1242 if (!tmp)
1243 return gpg_error_from_errno(ENOMEM);
1244
1245 strv_printf(&elements->elements, "%s", tmp);
1246
1247 if (n->children) {
1248 error = do_list_recurse(doc, n->children, elements, tmp);
1249 g_free(tmp);
1250
1251 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1252 return error;
1253 }
1254 else
1255 g_free(tmp);
1256
1257 if (append_to_element_list(elements) == FALSE)
1258 return gpg_error_from_errno(ENOMEM);
1259 }
1260 }
1261
1262 return 0;
1263 }
1264
1265 static gpg_error_t do_list_command(assuan_context_t ctx, xmlDocPtr doc,
1266 struct list_element_s *elements, char *line)
1267 {
1268 gchar *prefix = NULL, *account;
1269 gchar **req = NULL, **oreq = NULL, *tmp;
1270 xmlNodePtr n;
1271 gboolean account_is_literal, account_has_target = FALSE;
1272 gint which = 0;
1273 gchar **p;
1274 gpg_error_t error;
1275
1276 if ((req = split_input_line(line, "\t", 0)) == NULL) {
1277 if ((req = split_input_line(line, " ", 0)) == NULL)
1278 return EPWMD_COMMAND_SYNTAX;
1279 }
1280
1281 prefix = g_strdup(*req);
1282
1283 if (!prefix) {
1284 g_strfreev(req);
1285 return gpg_error_from_errno(ENOMEM);
1286 }
1287
1288 account = g_strdup(*req);
1289
1290 if (!account) {
1291 g_free(prefix);
1292 g_strfreev(req);
1293 return gpg_error_from_errno(ENOMEM);
1294 }
1295
1296 oreq = g_strdupv(req);
1297
1298 if (!oreq) {
1299 g_free(prefix);
1300 g_free(account);
1301 g_strfreev(req);
1302 return gpg_error_from_errno(ENOMEM);
1303 }
1304
1305 p = req;
1306 again:
1307 account_has_target = FALSE;
1308 account_is_literal = is_literal_element_str(prefix);
1309 n = find_account(doc, &p, &error, &account_has_target);
1310
1311 if (which)
1312 oreq = p;
1313 else
1314 req = p;
1315
1316 if (!n)
1317 goto fail;
1318
1319 if (!which && account_is_literal == FALSE && account_has_target == FALSE) {
1320 tmp = g_strdup_printf("!%s", prefix);
1321
1322 if (!tmp) {
1323 error = gpg_error_from_errno(ENOMEM);
1324 goto fail;
1325 }
1326
1327 g_free(prefix);
1328 prefix = tmp;
1329 }
1330
1331 if (*(p+1)) {
1332 gchar *t;
1333
1334 n = find_elements(doc, n->children, p+1, &error,
1335 NULL, NULL, NULL, NULL);
1336
1337 if (error)
1338 goto fail;
1339
1340 tmp = g_strjoinv("\t", p+1);
1341 if (!tmp) {
1342 error = gpg_error_from_errno(ENOMEM);
1343 goto fail;
1344 }
1345
1346 t = g_strdup_printf("%s\t%s", prefix, tmp);
1347 if (!t) {
1348 error = gpg_error_from_errno(ENOMEM);
1349 goto fail;
1350 }
1351
1352 g_free(prefix);
1353 prefix = t;
1354 g_free(tmp);
1355 }
1356
1357 strv_printf(&elements->elements, "%s", prefix);
1358
1359 if (node_has_child_element(n->children) == FALSE) {
1360 if (append_to_element_list(elements) == FALSE) {
1361 error = gpg_error_from_errno(ENOMEM);
1362 goto fail;
1363 }
1364 }
1365 else
1366 error = do_list_recurse(doc, n->children, elements, prefix);
1367
1368 if (error)
1369 goto fail;
1370
1371 if (!which++ && !*(p+1) && account_is_literal == FALSE && account_has_target == TRUE) {
1372 g_free(*oreq);
1373 *oreq = g_strdup_printf("!%s", account);
1374
1375 if (!*oreq) {
1376 error = gpg_error_from_errno(ENOMEM);
1377 goto fail;
1378 }
1379
1380 p = oreq;
1381 g_free(prefix);
1382 prefix = g_strdup(*oreq);
1383
1384 if (!prefix) {
1385 error = gpg_error_from_errno(ENOMEM);
1386 goto fail;
1387 }
1388
1389 goto again;
1390 }
1391
1392 fail:
1393 g_free(prefix);
1394 g_free(account);
1395 g_strfreev(req);
1396
1397 if (oreq)
1398 g_strfreev(oreq);
1399
1400 return error;
1401 }
1402
1403 /*
1404 * This could be faster especially when finding "target" attributes.
1405 */
1406 static int list_command(assuan_context_t ctx, char *line)
1407 {
1408 struct client_s *client = assuan_get_pointer(ctx);
1409 gpg_error_t error;
1410 struct list_element_s *elements = NULL;
1411 GString *string;
1412 gchar *tmp;
1413 gint i, total;
1414
1415 if (disable_list_and_dump == TRUE)
1416 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
1417
1418 error = file_modified(client);
1419
1420 if (error) {
1421 log_write("%s: %s", client->filename, pwmd_strerror(error));
1422 return send_error(ctx, error);
1423 }
1424
1425 if (!*line) {
1426 GString *str;
1427
1428 error = list_accounts(client->doc, &str);
1429
1430 if (error)
1431 return send_error(ctx, error);
1432
1433 error = assuan_send_data(ctx, str->str, str->len);
1434 g_string_free(str, TRUE);
1435 return send_error(ctx, error);
1436 }
1437
1438 elements = g_malloc0(sizeof(struct list_element_s));
1439
1440 if (!elements) {
1441 error = gpg_error_from_errno(ENOMEM);
1442 goto fail;
1443 }
1444
1445 error = do_list_command(ctx, client->doc, elements, line);
1446
1447 if (error)
1448 goto fail;
1449
1450 if (!error) {
1451 total = g_slist_length(elements->list);
1452
1453 if (!total) {
1454 error = EPWMD_EMPTY_ELEMENT;
1455 goto fail;
1456 }
1457
1458 /*
1459 * Find element paths with a target and append those element trees to
1460 * the list.
1461 */
1462 for (i = 0; i < total; i++) {
1463 gchar **req;
1464
1465 tmp = g_slist_nth_data(elements->list, i);
1466 req = split_input_line(tmp, "\t", 0);
1467
1468 if (!req) {
1469 if (g_str_has_prefix(tmp, "!") == TRUE) {
1470 g_strfreev(req);
1471 continue;
1472 }
1473 }
1474 else {
1475 gchar **p;
1476
1477 for (p = req; *p; p++) {
1478 if (g_str_has_prefix(*p, "!") == FALSE)
1479 break;
1480 }
1481
1482 if (!*p) {
1483 g_strfreev(req);
1484 continue;
1485 }
1486 }
1487
1488 g_strfreev(req);
1489 error = do_list_command(ctx, client->doc, elements, tmp);
1490
1491 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1492 goto fail;
1493
1494 total = g_slist_length(elements->list);
1495 }
1496 }
1497
1498 string = g_string_new(NULL);
1499
1500 for (i = 0; i < total; i++) {
1501 tmp = g_slist_nth_data(elements->list, i);
1502 g_string_append_printf(string, "%s\n", tmp);
1503 g_free(tmp);
1504 }
1505
1506 string = g_string_truncate(string, string->len - 1);
1507 error = assuan_send_data(ctx, string->str, string->len);
1508 g_string_free(string, TRUE);
1509
1510 fail:
1511 if (elements) {
1512 if (elements->list)
1513 g_slist_free(elements->list);
1514
1515 if (elements->elements)
1516 g_strfreev(elements->elements);
1517
1518 g_free(elements);
1519 }
1520
1521 return send_error(ctx, error);
1522 }
1523
1524 static gpg_error_t add_attribute(xmlNodePtr node, const gchar *name,
1525 const gchar *value)
1526 {
1527 xmlAttrPtr a;
1528
1529 if ((a = xmlHasProp(node, (xmlChar *)name)) == NULL) {
1530 a = xmlNewProp(node, (xmlChar *)name, (xmlChar *)value);
1531
1532 if (!a)
1533 return EPWMD_LIBXML_ERROR;
1534 }
1535 else
1536 xmlNodeSetContent(a->children, (xmlChar *)value);
1537
1538 return 0;
1539 }
1540
1541 /*
1542 * req[0] - element path
1543 */
1544 static int attribute_list(assuan_context_t ctx, gchar **req)
1545 {
1546 struct client_s *client = assuan_get_pointer(ctx);
1547 gchar **attrlist = NULL;
1548 gint i = 0;
1549 gchar **path = NULL;
1550 xmlAttrPtr a;
1551 xmlNodePtr n, an;
1552 gchar *line;
1553 gpg_error_t error;
1554
1555 if (!req || !req[0])
1556 return EPWMD_COMMAND_SYNTAX;
1557
1558 if ((path = split_input_line(req[0], "\t", 0)) == NULL) {
1559 /*
1560 * The first argument may be only an account.
1561 */
1562 if ((path = split_input_line(req[0], " ", 0)) == NULL)
1563 return EPWMD_COMMAND_SYNTAX;
1564 }
1565
1566 n = find_account(client->doc, &path, &error, NULL);
1567
1568 if (!n) {
1569 g_strfreev(path);
1570 return error;
1571 }
1572
1573 if (path[1]) {
1574 n = find_elements(client->doc, n->children, path+1, &error,
1575 NULL, NULL, NULL, NULL);
1576
1577 if (!n) {
1578 g_strfreev(path);
1579 return error;
1580 }
1581 }
1582
1583 g_strfreev(path);
1584
1585 for (a = n->properties; a; a = a->next) {
1586 gchar **pa;
1587
1588 if ((pa = g_realloc(attrlist, (i + 2) * sizeof(gchar *))) == NULL) {
1589 if (attrlist)
1590 g_strfreev(attrlist);
1591
1592 error = errno;
1593 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(errno));
1594 return gpg_error_from_errno(error);
1595 }
1596
1597 attrlist = pa;
1598 an = a->children;
1599 attrlist[i] = g_strdup_printf("%s\t%s", (gchar *)a->name, (gchar *)an->content);
1600
1601 if (!attrlist[i]) {
1602 g_strfreev(attrlist);
1603 return gpg_error_from_errno(ENOMEM);
1604 }
1605
1606 attrlist[++i] = NULL;
1607 }
1608
1609 if (!attrlist)
1610 return EPWMD_EMPTY_ELEMENT;
1611
1612 line = g_strjoinv("\n", attrlist);
1613
1614 if (!line) {
1615 g_strfreev(attrlist);
1616 return gpg_error_from_errno(ENOMEM);
1617 }
1618
1619 error = assuan_send_data(ctx, line, g_utf8_strlen(line, -1));
1620 g_free(line);
1621 g_strfreev(attrlist);
1622 return error;
1623 }
1624
1625 /*
1626 * req[0] - attribute
1627 * req[1] - element path
1628 */
1629 static int attribute_delete(struct client_s *client, gchar **req)
1630 {
1631 xmlAttrPtr a;
1632 xmlNodePtr n;
1633 gchar **path = NULL;
1634 gpg_error_t error;
1635
1636 if (!req || !req[0] || !req[1])
1637 return EPWMD_COMMAND_SYNTAX;
1638
1639 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1640 /*
1641 * The first argument may be only an account.
1642 */
1643 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1644 return EPWMD_COMMAND_SYNTAX;
1645 }
1646
1647 /*
1648 * Don't remove the "name" attribute for the account element. To remove an
1649 * account use DELETE <account>.
1650 */
1651 if (!path[1] && xmlStrEqual((xmlChar *)req[0], (xmlChar *)"name")) {
1652 error = EPWMD_ATTR_SYNTAX;
1653 goto fail;
1654 }
1655
1656 n = find_account(client->doc, &path, &error, NULL);
1657
1658 if (!n)
1659 goto fail;
1660
1661 if (path[1]) {
1662 n = find_elements(client->doc, n->children, path+1, &error,
1663 NULL, NULL, NULL, NULL);
1664
1665 if (!n)
1666 goto fail;
1667 }
1668
1669 g_strfreev(path);
1670
1671 if ((a = xmlHasProp(n, (xmlChar *)req[0])) == NULL)
1672 return EPWMD_ATTR_NOT_FOUND;
1673
1674 if (xmlRemoveProp(a) == -1)
1675 return EPWMD_LIBXML_ERROR;
1676
1677 return 0;
1678
1679 fail:
1680 g_strfreev(path);
1681 return error;
1682 }
1683
1684 /*
1685 * Creates a "target" attribute. When other commands encounter an element with
1686 * this attribute, the element path is modified to the target value. If the
1687 * source element path doesn't exist when using 'ATTR SET target', it is
1688 * created, but the destination element path must exist.
1689 *
1690 * req[0] - source element path
1691 * req[1] - destination element path
1692 */
1693 static gpg_error_t target_attribute(struct client_s *client, gchar **req)
1694 {
1695 gchar **src, **dst, *line;
1696 gpg_error_t error;
1697 xmlNodePtr n;
1698
1699 if (!req || !req[0] || !req[1])
1700 return EPWMD_COMMAND_SYNTAX;
1701
1702 if ((src = split_input_line(req[0], "\t", 0)) == NULL) {
1703 /*
1704 * The first argument may be only an account.
1705 */
1706 if ((src = split_input_line(req[0], " ", 0)) == NULL)
1707 return EPWMD_COMMAND_SYNTAX;
1708 }
1709
1710 if ((dst = split_input_line(req[1], "\t", 0)) == NULL) {
1711 /*
1712 * The first argument may be only an account.
1713 */
1714 if ((dst = split_input_line(req[1], " ", 0)) == NULL) {
1715 error = EPWMD_COMMAND_SYNTAX;
1716 goto fail;
1717 }
1718 }
1719
1720 n = find_account(client->doc, &dst, &error, NULL);
1721
1722 /*
1723 * Make sure the destination element path exists.
1724 */
1725 if (!n)
1726 goto fail;
1727
1728 if (dst[1]) {
1729 n = find_elements(client->doc, n->children, dst+1, &error,
1730 NULL, NULL, NULL, NULL);
1731
1732 if (!n)
1733 goto fail;
1734 }
1735
1736 again:
1737 n = find_account(client->doc, &src, &error, NULL);
1738
1739 if (!n) {
1740 if (error == EPWMD_ELEMENT_NOT_FOUND) {
1741 error = new_account(client->doc, src[0]);
1742
1743 if (error)
1744 goto fail;
1745
1746 goto again;
1747 }
1748 else
1749 goto fail;
1750 }
1751
1752 if (src[1]) {
1753 if (!n->children)
1754 n = create_target_elements_cb(n, src+1, &error, NULL);
1755 else
1756 n = find_elements(client->doc, n->children, src+1, &error,
1757 NULL, NULL, create_target_elements_cb, NULL);
1758
1759 if (!n)
1760 goto fail;
1761
1762 /*
1763 * Reset the position of the element tree now that the elements
1764 * have been created.
1765 */
1766 n = find_account(client->doc, &src, &error, NULL);
1767
1768 if (!n)
1769 goto fail;
1770
1771 n = find_elements(client->doc, n->children, src+1, &error,
1772 NULL, NULL, NULL, NULL);
1773
1774 if (!n)
1775 goto fail;
1776 }
1777
1778 line = g_strjoinv("\t", dst);
1779 error = add_attribute(n, "target", line);
1780
1781 if (error) {
1782 g_free(line);
1783 goto fail;
1784 }
1785
1786 g_free(line);
1787 g_strfreev(src);
1788 g_strfreev(dst);
1789 return 0;
1790
1791 fail:
1792 g_strfreev(src);
1793 g_strfreev(dst);
1794 return error;
1795 }
1796
1797 /*
1798 * req[0] - account name
1799 * req[1] - new name
1800 */
1801 static gpg_error_t name_attribute(struct client_s *client, gchar **req)
1802 {
1803 gpg_error_t error;
1804 gchar **tmp;
1805 xmlNodePtr n;
1806
1807 tmp = g_strdupv(req);
1808
1809 if (!tmp)
1810 return gpg_error_from_errno(ENOMEM);
1811
1812 n = find_account(client->doc, &tmp, &error, NULL);
1813 g_strfreev(tmp);
1814
1815 if (!n)
1816 return error;
1817
1818 if (g_utf8_collate(req[0], req[1]) == 0)
1819 return 0;
1820
1821 /*
1822 * Will not overwrite an existing account.
1823 */
1824 tmp = g_strdupv(req+1);
1825
1826 if (!tmp)
1827 return gpg_error_from_errno(ENOMEM);
1828
1829 n = find_account(client->doc, &tmp, &error, NULL);
1830 g_strfreev(tmp);
1831
1832 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1833 return error;
1834
1835 if (n)
1836 return EPWMD_ACCOUNT_EXISTS;
1837
1838 /*
1839 * Whitespace not allowed in account names.
1840 */
1841 if (contains_whitespace(req[1]) == TRUE)
1842 return EPWMD_ATTR_SYNTAX;
1843
1844 tmp = g_strdupv(req);
1845
1846 if (!tmp)
1847 return gpg_error_from_errno(ENOMEM);
1848
1849 n = find_account(client->doc, &tmp, &error, NULL);
1850 g_strfreev(tmp);
1851
1852 if (!n)
1853 return EPWMD_ELEMENT_NOT_FOUND;
1854
1855 return add_attribute(n, "name", req[1]);
1856 }
1857
1858 /*
1859 * req[0] - attribute
1860 * req[1] - element path
1861 */
1862 static int attribute_get(assuan_context_t ctx, gchar **req)
1863 {
1864 struct client_s *client = assuan_get_pointer(ctx);
1865 xmlNodePtr n;
1866 xmlChar *a;
1867 gchar **path= NULL;
1868 gpg_error_t error;
1869
1870 if (!req || !req[0] || !req[1])
1871 return EPWMD_COMMAND_SYNTAX;
1872
1873 if (strchr(req[1], '\t')) {
1874 if ((path = split_input_line(req[1], "\t", 0)) == NULL)
1875 return EPWMD_COMMAND_SYNTAX;
1876 }
1877 else {
1878 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1879 return EPWMD_COMMAND_SYNTAX;
1880 }
1881
1882 n = find_account(client->doc, &path, &error, NULL);
1883
1884 if (!n)
1885 goto fail;
1886
1887 if (path[1]) {
1888 n = find_elements(client->doc, n->children, path+1, &error,
1889 NULL, NULL, NULL, NULL);
1890
1891 if (!n)
1892 goto fail;
1893 }
1894
1895 g_strfreev(path);
1896
1897 if ((a = xmlGetProp(n, (xmlChar *)req[0])) == NULL)
1898 return EPWMD_ATTR_NOT_FOUND;
1899
1900 error = assuan_send_data(ctx, a, xmlStrlen(a));
1901 xmlFree(a);
1902 return error;
1903
1904 fail:
1905 g_strfreev(path);
1906 return error;
1907 }
1908
1909 /*
1910 * req[0] - attribute
1911 * req[1] - element path
1912 * req[2] - value
1913 */
1914 static int attribute_set(struct client_s *client, gchar **req)
1915 {
1916 gchar **path = NULL;
1917 gpg_error_t error;
1918 xmlNodePtr n;
1919
1920 if (!req || !req[0] || !req[1] || !req[2])
1921 return EPWMD_COMMAND_SYNTAX;
1922
1923 /*
1924 * Reserved attribute names.
1925 */
1926 if (g_utf8_collate(req[0], "name") == 0) {
1927 /*
1928 * Only reserved for the account element. Not the rest of the
1929 * document.
1930 */
1931 if (strchr(req[1], '\t') == NULL)
1932 return name_attribute(client, req + 1);
1933 }
1934 else if (g_utf8_collate(req[0], "target") == 0)
1935 return target_attribute(client, req + 1);
1936
1937 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1938 /*
1939 * The first argument may be only an account.
1940 */
1941 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1942 return EPWMD_COMMAND_SYNTAX;
1943 }
1944
1945 n = find_account(client->doc, &path, &error, NULL);
1946
1947 if (!n)
1948 goto fail;
1949
1950 if (path[1]) {
1951 n = find_elements(client->doc, n->children, path+1, &error,
1952 NULL, NULL, NULL, NULL);
1953
1954 if (!n)
1955 goto fail;
1956 }
1957
1958 g_strfreev(path);
1959 return add_attribute(n, req[0], req[2]);
1960
1961 fail:
1962 g_strfreev(path);
1963 return error;
1964 }
1965
1966 /*
1967 * req[0] - command
1968 * req[1] - attribute name or element path if command is LIST
1969 * req[2] - element path
1970 * req[2] - element path or value
1971 */
1972 static int attr_command(assuan_context_t ctx, char *line)
1973 {
1974 struct client_s *client = assuan_get_pointer(ctx);
1975 gchar **req = split_input_line(line, " ", 4);
1976 gpg_error_t error = 0;
1977
1978 error = file_modified(client);
1979
1980 if (error) {
1981 log_write("%s: %s", client->filename ? client->filename : "",
1982 pwmd_strerror(error));
1983 g_strfreev(req);
1984 return send_error(ctx, error);
1985 }
1986
1987 if (!req || !req[0] || !req[1]) {
1988 g_strfreev(req);
1989 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1990 }
1991
1992 if (g_ascii_strcasecmp(req[0], "SET") == 0)
1993 error = attribute_set(client, req+1);
1994 else if (g_ascii_strcasecmp(req[0], "GET") == 0)
1995 error = attribute_get(ctx, req+1);
1996 else if (g_ascii_strcasecmp(req[0], "DELETE") == 0)
1997 error = attribute_delete(client, req+1);
1998 else if (g_ascii_strcasecmp(req[0], "LIST") == 0)
1999 error = attribute_list(ctx, req+1);
2000 else
2001 error = EPWMD_COMMAND_SYNTAX;
2002
2003 g_strfreev(req);
2004 return send_error(ctx, error);
2005 }
2006
2007 static int iscached_command(assuan_context_t ctx, char *line)
2008 {
2009 gchar **req = split_input_line(line, " ", 0);
2010 guchar md5file[16];
2011
2012 if (!req || !*req) {
2013 g_strfreev(req);
2014 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2015 }
2016
2017 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2018 g_strfreev(req);
2019
2020 if (cache_iscached(md5file) == FALSE)
2021 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2022
2023 return 0;
2024 }
2025
2026 void send_cache_status(assuan_context_t ctx)
2027 {
2028 char *tmp = print_fmt("%li %li",
2029 cache_file_count(), cache_size / sizeof(file_cache_t) - cache_file_count());
2030
2031 if (ctx)
2032 assuan_write_status(ctx, "CACHE", tmp);
2033 }
2034
2035 static int clearcache_command(assuan_context_t ctx, char *line)
2036 {
2037 struct client_s *client = assuan_get_pointer(ctx);
2038 gchar **req = split_input_line(line, " ", 0);
2039 guchar md5file[16];
2040
2041 if (!req || !*req) {
2042 g_strfreev(req);
2043 cache_clear(client->md5file, 2);
2044 send_cache_status(ctx);
2045 return 0;
2046 }
2047
2048 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2049 g_strfreev(req);
2050 cache_clear(md5file, 1);
2051 send_cache_status(ctx);
2052 return 0;
2053 }
2054
2055 static int cachetimeout_command(assuan_context_t ctx, char *line)
2056 {
2057 guchar md5file[16];
2058 glong timeout;
2059 gchar **req = split_input_line(line, " ", 0);
2060 gchar *p;
2061
2062 if (!req || !*req || !req[1]) {
2063 g_strfreev(req);
2064 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2065 }
2066
2067 errno = 0;
2068 timeout = strtol(req[0], &p, 10);
2069
2070 if (errno != 0 || *p != 0) {
2071 g_strfreev(req);
2072 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2073 }
2074
2075 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[1], strlen(req[1]));
2076 g_strfreev(req);
2077
2078 if (cache_set_timeout(md5file, timeout) == FALSE)
2079 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2080
2081 send_cache_status(ctx);
2082 return 0;
2083 }
2084
2085 static int dump_command(assuan_context_t ctx, char *line)
2086 {
2087 xmlChar *xml;
2088 gssize len;
2089 struct client_s *client = assuan_get_pointer(ctx);
2090 gpg_error_t error;
2091
2092 if (disable_list_and_dump == TRUE)
2093 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2094
2095 error = file_modified(client);
2096
2097 if (error) {
2098 log_write("%s: %s", client->filename ? client->filename : "",
2099 pwmd_strerror(error));
2100 return send_error(ctx, error);
2101 }
2102
2103 xmlDocDumpFormatMemory(client->doc, &xml, &len, 1);
2104 error = assuan_send_data(ctx, xml, len);
2105 xmlFree(xml);
2106 return error;
2107 }
2108
2109 static int getconfig_command(assuan_context_t ctx, gchar *line)
2110 {
2111 struct client_s *client = assuan_get_pointer(ctx);
2112 gpg_error_t error = 0;
2113 gchar *p, *tmp;
2114
2115 if (g_utf8_collate(line, "key") == 0 || g_utf8_collate(line, "key_file") == 0)
2116 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2117
2118 p = get_key_file_string(client->filename ? client->filename : "default", line);
2119
2120 if (!p)
2121 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2122
2123 tmp = expand_homedir(p);
2124 g_free(p);
2125 p = tmp;
2126 error = assuan_send_data(ctx, p, g_utf8_strlen(p, -1));
2127 g_free(p);
2128 return send_error(ctx, error);
2129 }
2130
2131 void cleanup_assuan(assuan_context_t ctx)
2132 {
2133 struct client_s *cl = assuan_get_pointer(ctx);
2134
2135 cleanup(cl);
2136 }
2137
2138 gpg_error_t register_commands(assuan_context_t ctx)
2139 {
2140 static struct {
2141 const char *name;
2142 int (*handler)(assuan_context_t, char *line);
2143 } table[] = {
2144 { "OPEN", open_command },
2145 { "SAVE", save_command },
2146 { "LIST", list_command },
2147 { "REALPATH", realpath_command },
2148 { "STORE", store_command },
2149 { "DELETE", delete_command },
2150 { "GET", get_command },
2151 { "ATTR", attr_command },
2152 { "ISCACHED", iscached_command },
2153 { "CLEARCACHE", clearcache_command },
2154 { "CACHETIMEOUT", cachetimeout_command },
2155 { "GETCONFIG", getconfig_command },
2156 { "DUMP", dump_command },
2157 { "INPUT", NULL },
2158 { "OUTPUT", NULL },
2159 { NULL, NULL }
2160 };
2161 int i, rc;
2162
2163 for (i=0; table[i].name; i++) {
2164 rc = assuan_register_command (ctx, table[i].name, table[i].handler);
2165
2166 if (rc)
2167 return rc;
2168 }
2169
2170 return assuan_register_bye_notify(ctx, cleanup_assuan);
2171 }
2172
2173 gpg_error_t try_xml_decrypt(assuan_context_t ctx, gint fd, struct stat st,
2174 guchar *key)
2175 {
2176 guchar *iv;
2177 void *inbuf;
2178 gsize insize;
2179 guchar tkey[gcrykeysize];
2180 struct file_header_s {
2181 guint iter;
2182 guchar iv[gcryblocksize];
2183 } file_header;
2184 struct client_s *client = ctx ? assuan_get_pointer(ctx) : NULL;
2185 gcry_cipher_hd_t gh;
2186 guint iter, n_iter = 0;
2187 gint iter_progress;
2188 #ifdef HAVE_ZLIB_H
2189 void *outbuf = NULL;
2190 gint zerror = 0;
2191 glong outsize = 0;
2192 #endif
2193
2194 if (!ctx) {
2195 gcryerrno = gcry_cipher_open(&gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
2196
2197 if (gcryerrno)
2198 return gcryerrno;
2199 }
2200 else
2201 gh = client->gh;
2202
2203 lseek(fd, 0, SEEK_SET);
2204 insize = st.st_size - sizeof(struct file_header_s);
2205 iv = gcry_malloc(gcryblocksize);
2206
2207 if (!iv) {
2208 gcry_cipher_close(gh);
2209 return gpg_error_from_errno(ENOMEM);
2210 }
2211
2212 read(fd, &file_header, sizeof(struct file_header_s));
2213 memcpy(iv, &file_header.iv, sizeof(file_header.iv));
2214 inbuf = gcry_malloc(insize);
2215
2216 if (!inbuf) {
2217 gcry_cipher_close(gh);
2218 gcry_free(iv);
2219 return gpg_error_from_errno(ENOMEM);
2220 }
2221
2222 read(fd, inbuf, insize);
2223 memcpy(tkey, key, sizeof(tkey));
2224 tkey[0] ^= 1;
2225
2226 if ((gcryerrno = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2227 if (!ctx) {
2228 gcry_cipher_close(gh);
2229 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2230 }
2231 else
2232 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2233
2234 gcry_free(inbuf);
2235 gcry_free(iv);
2236 return gcryerrno;
2237 }
2238
2239 if ((gcryerrno = gcry_cipher_setkey(gh, key, gcrykeysize))) {
2240 if (!ctx) {
2241 gcry_cipher_close(gh);
2242 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2243 }
2244 else
2245 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2246
2247 gcry_free(inbuf);
2248 gcry_free(iv);
2249
2250 if (!ctx)
2251 gcry_cipher_close(gh);
2252
2253 return gcryerrno;
2254 }
2255
2256 if (decrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
2257 if (!ctx) {
2258 gcry_cipher_close(gh);
2259 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2260 }
2261 else
2262 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2263
2264 gcry_free(inbuf);
2265 gcry_free(iv);
2266 return gcryerrno;
2267 }
2268
2269 if ((gcryerrno = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
2270 if (!ctx) {
2271 gcry_cipher_close(gh);
2272 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2273 }
2274 else
2275 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2276
2277 gcry_free(inbuf);
2278 gcry_free(iv);
2279 return gcryerrno;
2280 }
2281
2282 iter = file_header.iter;
2283 iter_progress = get_key_file_integer("default", "iteration_progress");
2284
2285 while (iter > 0) {
2286 if (ctx && iter_progress > 0 && iter >= iter_progress) {
2287 if (!(iter % iter_progress))
2288 assuan_write_status(ctx, "DECRYPT", print_fmt("%i",
2289 ++n_iter * iter_progress));
2290 }
2291
2292 if ((gcryerrno = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2293 if (!ctx) {
2294 gcry_cipher_close(gh);
2295 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2296 }
2297 else
2298 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2299
2300 gcry_free(inbuf);
2301 gcry_free(iv);
2302 return gcryerrno;
2303 }
2304
2305 if (decrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
2306 if (!ctx) {
2307 gcry_cipher_close(gh);
2308 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2309 }
2310 else
2311 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(gcryerrno));
2312
2313 gcry_free(inbuf);
2314 gcry_free(iv);
2315 return gcryerrno;
2316 }
2317
2318 iter--;
2319 }
2320
2321 if (ctx && iter_progress && file_header.iter >= iter_progress) {
2322 if ((file_header.iter % iter_progress))
2323 assuan_write_status(ctx, "DECRYPT", print_fmt("%i", file_header.iter));
2324 }
2325
2326 gcry_free(iv);
2327
2328 #ifdef HAVE_ZLIB_H
2329 if (do_decompress(ctx, inbuf, insize, &outbuf, &outsize, &zerror) == FALSE) {
2330 /*
2331 * Z_DATA_ERROR may be returned if this file hasn't been compressed yet.
2332 */
2333 if (zerror == Z_MEM_ERROR) {
2334 gcry_free(inbuf);
2335 return gpg_error_from_errno(ENOMEM);
2336 }
2337 else if (zerror != Z_DATA_ERROR) {
2338 gcry_free(inbuf);
2339
2340 if (!ctx) {
2341 gcry_cipher_close(gh);
2342 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gpg_strerror(GPG_ERR_COMPR_ALGO));
2343 }
2344 else
2345 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gpg_strerror(GPG_ERR_COMPR_ALGO));
2346
2347 return GPG_ERR_COMPR_ALGO;
2348 }
2349 }
2350 else {
2351 gcry_free(inbuf);
2352 inbuf = outbuf;
2353 insize = outsize;
2354 }
2355 #endif
2356
2357 if (g_strncasecmp(inbuf, "<?xml version=\"1.0\"?>", 21) != 0) {
2358 gcry_free(inbuf);
2359
2360 if (!ctx)
2361 gcry_cipher_close(gh);
2362
2363 return EPWMD_BADKEY;
2364 }
2365
2366 if (ctx) {
2367 client->xml = inbuf;
2368 client->len = insize;
2369 }
2370 else {
2371 gcry_cipher_close(gh);
2372 gcry_free(inbuf);
2373 }
2374
2375 return 0;
2376 }
A server for managing passphrases and anything else.