search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
IMPORT: make sure the element path is valid.
[pwmd.git] / src / commands.c
blob7f8cd85499ce01feb5133d3f84aa5a34e623156b
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2008 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <sys/types.h>
25 #include <sys/stat.h>
26 #include <fcntl.h>
27 #include <ctype.h>
28 #include <glib.h>
29 #include <gcrypt.h>
30 #include <zlib.h>
31
32 #ifdef HAVE_CONFIG_H
33 #include <config.h>
34 #endif
35
36 #ifndef MEM_DEBUG
37 #include "mem.h"
38 #endif
39
40 #include "xml.h"
41 #include "common.h"
42
43 #ifdef WITH_PINENTRY
44 #include "pinentry.h"
45 #endif
46
47 #include "pwmd_error.h"
48 #include "cache.h"
49 #include "misc.h"
50 #include "commands.h"
51
52 static void *z_alloc(void *data, unsigned items, unsigned size)
53 {
54 #ifndef MEM_DEBUG
55 return gcry_calloc(items, size);
56 #else
57 return calloc(items, size);
58 #endif
59 }
60
61 static void z_free(void *data, void *p)
62 {
63 #ifndef MEM_DEBUG
64 gcry_free(p);
65 #else
66 free(p);
67 #endif
68 }
69
70 static gpg_error_t file_modified(struct client_s *client)
71 {
72 struct stat st;
73
74 if (client->state != STATE_OPEN)
75 return EPWMD_NO_FILE;
76
77 if (stat(client->filename, &st) == 0 && client->mtime) {
78 if (client->mtime != st.st_mtime)
79 return EPWMD_FILE_MODIFIED;
80 }
81
82 return 0;
83 }
84
85 static gboolean encrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
86 void *inbuf, gsize insize)
87 {
88 gpg_error_t rc;
89
90 if ((rc = gcry_cipher_encrypt(gh, outbuf, outsize, inbuf, insize))) {
91 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
92 return FALSE;
93 }
94
95 return TRUE;
96 }
97
98 static gpg_error_t decrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
99 void *inbuf, gsize insize)
100 {
101 gpg_error_t rc;
102
103 if ((rc = gcry_cipher_decrypt(gh, outbuf, outsize, inbuf, insize)))
104 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
105
106 return rc;
107 }
108
109 static gpg_error_t parse_xml(assuan_context_t ctx)
110 {
111 struct client_s *client = assuan_get_pointer(ctx);
112
113 client->doc = xmlReadMemory(client->xml, client->len, NULL, "UTF-8", XML_PARSE_NOBLANKS);
114
115 if (!client->doc)
116 return EPWMD_LIBXML_ERROR;
117
118 return 0;
119 }
120
121 void unlock_file_mutex(struct client_s *client)
122 {
123 pth_mutex_t *m;
124
125 #ifdef WITH_PINENTRY
126 if (client->has_lock == FALSE || client->pinentry->status != PINENTRY_NONE)
127 #else
128 if (client->has_lock == FALSE)
129 #endif
130 return;
131
132 CACHE_LOCK(client->ctx);
133
134 if (cache_get_mutex(client->md5file, &m) == FALSE) {
135 CACHE_UNLOCK;
136 return;
137 }
138
139 CACHE_UNLOCK;
140 pth_mutex_release(m);
141 client->has_lock = FALSE;
142 }
143
144 gpg_error_t lock_file_mutex(struct client_s *client)
145 {
146 pth_mutex_t *m;
147
148 if (client->has_lock == TRUE)
149 return 0;
150
151 CACHE_LOCK(client->ctx);
152
153 if (cache_get_mutex(client->md5file, &m) == FALSE) {
154 CACHE_UNLOCK;
155 return 0;
156 }
157
158 CACHE_UNLOCK;
159
160 if (pth_mutex_acquire(m, TRUE, NULL) == FALSE) {
161 if (errno == EBUSY) {
162 if (client->ctx)
163 assuan_write_status(client->ctx, "LOCKED", N_("Waiting for lock"));
164
165 pth_mutex_acquire(m, FALSE, NULL);
166 }
167 else {
168 gint e = errno;
169 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(errno));
170 return gpg_error_from_errno(e);
171 }
172 }
173
174 client->has_lock = TRUE;
175 return 0;
176 }
177
178 void free_client(struct client_s *client)
179 {
180 if (client->doc)
181 xmlFreeDoc(client->doc);
182
183 if (client->xml)
184 gcry_free(client->xml);
185
186 if (client->filename)
187 g_free(client->filename);
188
189 if (client->gh)
190 gcry_cipher_close(client->gh);
191 }
192
193 void cleanup_client(struct client_s *client)
194 {
195 assuan_context_t ctx = client->ctx;
196 #ifdef WITH_PINENTRY
197 struct pinentry_s *pin = client->pinentry;
198 #endif
199
200 unlock_file_mutex(client);
201 CACHE_LOCK(client->ctx);
202 cache_decr_refcount(client->md5file);
203
204 /*
205 * This may be a new file so don't use a cache slot. save_command() will
206 * set this to FALSE on success.
207 */
208 if (client->new == TRUE)
209 cache_clear(client->md5file, 1);
210
211 free_client(client);
212 memset(client, 0, sizeof(struct client_s));
213 client->state = STATE_CONNECTED;
214 client->ctx = ctx;
215 client->freed = TRUE;
216 #ifdef WITH_PINENTRY
217 client->pinentry = pin;
218 #endif
219 CACHE_UNLOCK;
220 }
221
222 gboolean do_decompress(assuan_context_t ctx, gpointer in, gint insize,
223 gpointer *out, glong *outsize, gint *rc)
224 {
225 z_stream z;
226 gpointer pout;
227 gz_header h;
228 gchar buf[17];
229 gchar str[ASSUAN_LINELENGTH];
230
231 z.zalloc = z_alloc;
232 z.zfree = z_free;
233 z.next_in = in;
234 z.avail_in = insize;
235 z.avail_out = zlib_bufsize;
236 z.next_out = pout = g_malloc(zlib_bufsize);
237
238 if (!pout) {
239 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
240 *rc = Z_MEM_ERROR;
241 return FALSE;
242 }
243
244 *rc = inflateInit2(&z, 47);
245
246 if (*rc != Z_OK) {
247 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
248 g_free(pout);
249 return FALSE;
250 }
251
252 memset(&h, 0, sizeof(gz_header));
253 h.comment = (guchar *)buf;
254 h.comm_max = sizeof(buf);
255 *rc = inflateGetHeader(&z, &h);
256
257 if (*rc != Z_OK) {
258 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
259 g_free(pout);
260 inflateEnd(&z);
261 return FALSE;
262 }
263
264 *rc = inflate(&z, Z_BLOCK);
265
266 if (*rc != Z_OK) {
267 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
268 g_free(pout);
269 inflateEnd(&z);
270 return FALSE;
271 }
272
273 if (h.comment)
274 insize = atoi((gchar *)h.comment);
275
276 do {
277 gpointer p;
278
279 *rc = inflate(&z, Z_FINISH);
280
281 switch (*rc) {
282 case Z_OK:
283 break;
284 case Z_BUF_ERROR:
285 if (!z.avail_out) {
286 p = g_realloc(pout, z.total_out + zlib_bufsize);
287
288 if (!p) {
289 *rc = Z_MEM_ERROR;
290 goto fail;
291 }
292
293 pout = p;
294 z.next_out = pout + z.total_out;
295 z.avail_out = zlib_bufsize;
296
297 if (ctx) {
298 *rc = assuan_write_status(ctx, "DECOMPRESS",
299 print_fmt(str, sizeof(str), "%i %i", z.total_out, insize));
300
301 if (*rc)
302 goto fail;
303 }
304 }
305 break;
306 case Z_STREAM_END:
307 break;
308 default:
309 goto fail;
310 break;
311 }
312
313 pth_yield(NULL);
314 } while (*rc != Z_STREAM_END);
315
316 if (ctx) {
317 *rc = assuan_write_status(ctx, "DECOMPRESS",
318 print_fmt(str, sizeof(str), "%i %i", z.total_out, insize));
319
320 if (*rc)
321 goto fail;
322 }
323
324 *out = pout;
325 *outsize = z.total_out;
326 inflateEnd(&z);
327 *rc = 0;
328 return TRUE;
329
330 fail:
331 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
332 g_free(pout);
333 inflateEnd(&z);
334 return FALSE;
335 }
336
337 gpg_error_t read_file_header(const gchar *filename, file_header_t *fh)
338 {
339 gint fd;
340 gsize len;
341
342 fd = open(filename, O_RDONLY);
343
344 if (fd == -1)
345 return gpg_error_from_errno(errno);
346
347 len = pth_read(fd, fh, sizeof(file_header_t));
348 close(fd);
349
350 if (len != sizeof(file_header_t))
351 return gpg_error_from_errno(errno);
352
353 return 0;
354 }
355
356 static gpg_error_t open_command_finalize(assuan_context_t ctx, guchar shakey[],
357 gboolean cached)
358 {
359 struct client_s *client = assuan_get_pointer(ctx);
360 gpg_error_t rc;
361 struct stat st;
362 gint fd;
363 gint timeout;
364
365 if ((fd = open_file(client->filename, &st)) == -1) {
366 /* New file. */
367 if (errno == ENOENT) {
368 if (shakey[0])
369 goto update_cache;
370
371 goto done;
372 }
373
374 rc = errno;
375 log_write("%s: %s", client->filename, strerror(errno));
376 cleanup_client(client);
377 memset(shakey, 0, sizeof(shakey));
378 return send_syserror(ctx, rc);
379 }
380
381 rc = try_xml_decrypt(ctx, fd, st, shakey);
382 close(fd);
383
384 if (rc) {
385 memset(shakey, 0, sizeof(shakey));
386 cleanup_client(client);
387 return send_error(ctx, rc);
388 }
389
390 update_cache:
391 CACHE_LOCK(client->ctx);
392
393 if (cached == FALSE) {
394 if (cache_update_key(client->md5file, shakey) == FALSE) {
395 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
396 cleanup_client(client);
397 CACHE_UNLOCK;
398 return send_error(ctx, EPWMD_MAX_SLOTS);
399 }
400
401 timeout = get_key_file_integer(client->filename, "cache_timeout");
402 cache_reset_timeout(client->md5file, timeout);
403 }
404 else
405 cache_set_timeout(client->md5file, -2);
406
407 CACHE_UNLOCK;
408
409 done:
410 memset(shakey, 0, sizeof(shakey));
411 rc = parse_xml(ctx);
412
413 if (client->xml) {
414 gcry_free(client->xml);
415 client->xml = NULL;
416 }
417
418 if (!rc) {
419 if (client->new == FALSE)
420 send_cache_status_all();
421
422 client->state = STATE_OPEN;
423 }
424
425 return send_error(ctx, rc);
426 }
427
428 static int open_command(assuan_context_t ctx, char *line)
429 {
430 struct stat st;
431 guchar shakey[gcrykeysize];
432 gboolean cached = FALSE;
433 gpg_error_t rc;
434 struct client_s *client = assuan_get_pointer(ctx);
435 gchar **req;
436 gchar *filename = NULL;
437 file_header_t file_header;
438
439 memset(shakey, 0, sizeof(shakey));
440
441 if ((req = split_input_line(line, " ", 2)) != NULL)
442 filename = req[0];
443
444 if (!filename || !*filename) {
445 g_strfreev(req);
446 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
447 }
448
449 if (valid_filename(filename) == FALSE) {
450 g_strfreev(req);
451 return send_error(ctx, EPWMD_INVALID_FILENAME);
452 }
453
454 if (client->state == STATE_OPEN)
455 cleanup_client(client);
456
457 gcry_md_hash_buffer(GCRY_MD_MD5, client->md5file, filename, strlen(filename));
458 CACHE_LOCK(client->ctx);
459
460 if (cache_has_file(client->md5file) == FALSE) {
461 if (cache_add_file(client->md5file, NULL) == FALSE) {
462 g_strfreev(req);
463 CACHE_UNLOCK;
464 return send_error(ctx, EPWMD_MAX_SLOTS);
465 }
466 }
467
468 cache_incr_refcount(client->md5file);
469 CACHE_UNLOCK;
470 rc = lock_file_mutex(client);
471
472 if (rc) {
473 g_strfreev(req);
474 return send_error(ctx, rc);
475 }
476
477 client->freed = FALSE;
478
479 if ((rc = gcry_cipher_open(&client->gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0))) {
480 g_strfreev(req);
481 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
482 cleanup_client(client);
483 return send_error(ctx, rc);
484 }
485
486 if (stat(filename, &st) == 0) {
487 if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
488 log_write("%s: %s", filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
489 g_strfreev(req);
490 cleanup_client(client);
491 return send_error(ctx, EPWMD_INVALID_FILENAME);
492 }
493
494 client->mtime = st.st_mtime;
495 }
496
497 client->filename = g_strdup(filename);
498
499 if (!client->filename) {
500 memset(shakey, 0, sizeof(shakey));
501 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
502 cleanup_client(client);
503 g_strfreev(req);
504 return send_syserror(ctx, ENOMEM);
505 }
506
507 #ifdef WITH_PINENTRY
508 client->pinentry->filename = g_strdup(client->filename);
509
510 if (!client->pinentry->filename) {
511 memset(shakey, 0, sizeof(shakey));
512 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
513 cleanup_client(client);
514 g_strfreev(req);
515 return send_syserror(ctx, ENOMEM);
516 }
517 #endif
518
519 /*
520 * New files don't need a key.
521 */
522 if (access(filename, R_OK) != 0) {
523 if (errno != ENOENT) {
524 rc = errno;
525 log_write("%s: %s", filename, strerror(errno));
526 g_strfreev(req);
527 cleanup_client(client);
528 return send_syserror(ctx, rc);
529 }
530
531 if ((client->xml = new_document()) == NULL) {
532 log_write("%s", strerror(ENOMEM));
533 g_strfreev(req);
534 cleanup_client(client);
535 return send_syserror(ctx, ENOMEM);
536 }
537
538 client->len = xmlStrlen(client->xml);
539 client->new = TRUE;
540 client->filename = g_strdup(filename);
541
542 if (!client->filename) {
543 g_strfreev(req);
544 cleanup_client(client);
545 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
546 return send_syserror(ctx, ENOMEM);
547 }
548
549 memset(shakey, 0, sizeof(shakey));
550
551 if (req[1] && *req[1])
552 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
553
554 g_strfreev(req);
555 return open_command_finalize(ctx, shakey, cached);
556 }
557
558 rc = read_file_header(filename, &file_header);
559
560 if (rc) {
561 g_strfreev(req);
562 cleanup_client(client);
563 return send_error(ctx, rc);
564 }
565
566 if (file_header.iter == -1)
567 goto done;
568
569 CACHE_LOCK(client->ctx);
570 cached = cache_get_key(client->md5file, shakey);
571 CACHE_UNLOCK;
572
573 if (cached == FALSE) {
574 /*
575 * No key specified and no matching filename found in the cache. Use
576 * pinentry to retrieve the key. Cannot return assuan_process_done()
577 * here otherwise the command will be interrupted. The event loop in
578 * client_thread() will poll the file descriptor waiting for it to
579 * become ready to read a pinentry_key_s which will contain the
580 * entered key or rc. It will then call open_command_finalize() to
581 * to finish the command.
582 */
583 if (!req[1] || !*req[1]) {
584 #ifdef WITH_PINENTRY
585 if (get_key_file_boolean(filename, "enable_pinentry") == FALSE) {
586 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, "", 1);
587 goto done;
588 }
589
590 g_strfreev(req);
591 lock_pin_mutex(client);
592 client->pinentry->which = PINENTRY_OPEN;
593 rc = pinentry_fork(ctx);
594
595 if (rc) {
596 unlock_pin_mutex(client->pinentry);
597 cleanup_client(client);
598 return send_error(ctx, rc);
599 }
600
601 client->pinentry->cb = open_command_finalize;
602 client->pinentry->status = PINENTRY_INIT;
603 return 0;
604 #else
605 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, "", 1);
606 goto done;
607 #endif
608 }
609
610 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
611 }
612
613 done:
614 g_strfreev(req);
615 return open_command_finalize(ctx, shakey, cached);
616 }
617
618 gboolean do_compress(assuan_context_t ctx, gint level, gpointer data,
619 gint size, gpointer *out, glong *outsize, gint *rc)
620 {
621 z_stream z;
622 gpointer pout, pin;
623 gz_header h;
624 gchar buf[17];
625 gint cmd = Z_NO_FLUSH;
626 gchar str[ASSUAN_LINELENGTH];
627
628 z.zalloc = z_alloc;
629 z.zfree = z_free;
630 z.next_in = pin = data;
631 z.avail_in = size < zlib_bufsize ? size : zlib_bufsize;
632 z.avail_out = zlib_bufsize;
633 z.next_out = pout = g_malloc(zlib_bufsize);
634
635 if (!pout) {
636 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
637 *rc = Z_MEM_ERROR;
638 return FALSE;
639 }
640
641 *rc = deflateInit2(&z, level, Z_DEFLATED, 31, 8, Z_DEFAULT_STRATEGY);
642
643 if (*rc != Z_OK) {
644 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
645 g_free(pout);
646 return FALSE;
647 }
648
649 memset(&h, 0, sizeof(gz_header));
650 g_snprintf(buf, sizeof(buf), "%i", size);
651 h.comment = (guchar *)buf;
652 *rc = deflateSetHeader(&z, &h);
653
654 if (*rc != Z_OK) {
655 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
656 g_free(pout);
657 deflateEnd(&z);
658 return FALSE;
659 }
660
661 do {
662 gpointer p;
663
664 *rc = deflate(&z, cmd);
665
666 switch (*rc) {
667 case Z_OK:
668 break;
669 case Z_BUF_ERROR:
670 if (!z.avail_out) {
671 p = g_realloc(pout, z.total_out + zlib_bufsize);
672
673 if (!p) {
674 *rc = Z_MEM_ERROR;
675 goto fail;
676 }
677
678 pout = p;
679 z.next_out = pout + z.total_out;
680 z.avail_out = zlib_bufsize;
681 }
682
683 if (!z.avail_in && z.total_in < size) {
684 if (z.total_in + zlib_bufsize > size)
685 z.avail_in = size - z.total_in;
686 else
687 z.avail_in = zlib_bufsize;
688
689 if (ctx) {
690 *rc = assuan_write_status(ctx, "COMPRESS",
691 print_fmt(str, sizeof(str), "%i %i", z.total_in, size));
692
693 if (*rc)
694 goto fail;
695 }
696 }
697
698 if (z.total_in >= size)
699 cmd = Z_FINISH;
700
701 break;
702 case Z_STREAM_END:
703 break;
704 default:
705 goto fail;
706 }
707
708 pth_yield(NULL);
709 } while (*rc != Z_STREAM_END);
710
711 if (ctx) {
712 *rc = assuan_write_status(ctx, "COMPRESS",
713 print_fmt(str, sizeof(str), "%i %i", z.total_in, size));
714
715 if (*rc)
716 goto fail;
717 }
718
719 *out = pout;
720 *outsize = z.total_out;
721 deflateEnd(&z);
722 *rc = 0;
723 return TRUE;
724
725 fail:
726 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
727 g_free(pout);
728 deflateEnd(&z);
729 return FALSE;
730 }
731
732 gpg_error_t do_xml_encrypt(struct client_s *client, gcry_cipher_hd_t gh,
733 const gchar *filename, gpointer data, size_t insize, guchar *shakey,
734 gint iter)
735 {
736 gsize len = insize;
737 gint fd;
738 gpointer inbuf;
739 guchar tkey[gcrykeysize];
740 gchar *p;
741 gpg_error_t rc;
742 guint iter_progress = 0, n_iter = 0, xiter = 0;
743 gchar tmp[FILENAME_MAX];
744 struct stat st;
745 mode_t mode = 0;
746 file_header_t file_header;
747 gchar str[ASSUAN_LINELENGTH];
748
749 if (iter == -1) {
750 /*
751 * cache_file_count() needs both .used == TRUE and a valid key in
752 * order for it to count as a used cache entry. Fixes CACHE status
753 * messages.
754 */
755 memset(shakey, '!', gcrykeysize);
756 inbuf = data;
757 file_header.iter = iter;
758 goto write_file;
759 }
760
761 if (insize / gcryblocksize) {
762 len = (insize / gcryblocksize) * gcryblocksize;
763
764 if (insize % gcryblocksize)
765 len += gcryblocksize;
766 }
767
768 /*
769 * Resize the existing xml buffer to the block size required by gcrypt
770 * rather than duplicating it and wasting memory.
771 */
772 inbuf = gcry_realloc(data, len);
773
774 if (!inbuf)
775 return gpg_error_from_errno(ENOMEM);
776
777 insize = len;
778 gcry_create_nonce(file_header.iv, sizeof(file_header.iv));
779 memcpy(tkey, shakey, sizeof(tkey));
780 tkey[0] ^= 1;
781
782 if ((rc = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
783 gcry_free(inbuf);
784 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
785 return rc;
786 }
787
788 file_header.iter = iter;
789
790 if (client)
791 iter_progress = get_key_file_integer("global", "iteration_progress");
792
793 if (client && iter_progress && file_header.iter >= iter_progress) {
794 rc = assuan_write_status(client->ctx, "ENCRYPT", "0");
795
796 if (rc) {
797 gcry_free(inbuf);
798 return rc;
799 }
800 }
801
802 while (xiter < file_header.iter) {
803 if (client && iter_progress > 0 && xiter >= iter_progress) {
804 if (!(xiter % iter_progress)) {
805 rc = assuan_write_status(client->ctx, "ENCRYPT",
806 print_fmt(str, sizeof(str), "%i", ++n_iter * iter_progress));
807
808 if (rc) {
809 gcry_free(inbuf);
810 return rc;
811 }
812 }
813 }
814
815 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
816 sizeof(file_header.iv)))) {
817 gcry_free(inbuf);
818 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
819 return rc;
820 }
821
822 if (encrypt_xml(gh, inbuf, insize, NULL, 0)
823 == FALSE) {
824 gcry_free(inbuf);
825 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
826 return rc;
827 }
828
829 xiter++;
830 pth_yield(NULL);
831 }
832
833 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
834 sizeof(file_header.iv)))) {
835 gcry_free(inbuf);
836 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
837 return rc;
838 }
839
840 if ((rc = gcry_cipher_setkey(gh, shakey, gcrykeysize))) {
841 gcry_free(inbuf);
842 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
843 return rc;
844 }
845
846 if (encrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
847 gcry_free(inbuf);
848 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
849 return rc;
850 }
851
852 if (client && iter_progress && file_header.iter >= iter_progress) {
853 rc = assuan_write_status(client->ctx, "ENCRYPT",
854 print_fmt(str, sizeof(str), "%i", file_header.iter));
855
856 if (rc) {
857 gcry_free(inbuf);
858 return rc;
859 }
860 }
861
862 write_file:
863 if (filename) {
864 if (stat(filename, &st) == 0) {
865 mode = st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO);
866
867 /*
868 * FIXME What if the file has an ACL?
869 */
870 if (!(mode & S_IWUSR)) {
871 gcry_free(inbuf);
872 return gpg_error_from_errno(EACCES);
873 }
874 }
875 else {
876 if (errno != ENOENT) {
877 rc = errno;
878 gcry_free(inbuf);
879 return gpg_error_from_errno(rc);
880 }
881 }
882
883 g_snprintf(tmp, sizeof(tmp), ".%s.tmp", filename);
884
885 if ((fd = open(tmp, O_WRONLY|O_CREAT|O_TRUNC, 0600)) == -1) {
886 rc = errno;
887 gcry_free(inbuf);
888 p = strrchr(tmp, '/');
889 p++;
890 log_write("%s: %s", p, strerror(rc));
891 return gpg_error_from_errno(rc);
892 }
893 }
894 else
895 /*
896 * xml_import() from command line.
897 */
898 fd = STDOUT_FILENO;
899
900 len = pth_write(fd, &file_header, sizeof(file_header_t));
901
902 if (len != sizeof(file_header)) {
903 len = errno;
904
905 if (filename) {
906 close(fd);
907 unlink(tmp);
908 }
909
910 gcry_free(inbuf);
911 return gpg_error_from_errno(len);
912 }
913
914 len = pth_write(fd, inbuf, insize);
915
916 if (len != insize) {
917 len = errno;
918
919 if (filename) {
920 close(fd);
921 unlink(tmp);
922 }
923
924 gcry_free(inbuf);
925 return gpg_error_from_errno(len);
926 }
927
928 if (fsync(fd) == -1) {
929 len = errno;
930
931 if (filename) {
932 close(fd);
933 unlink(tmp);
934 }
935
936 gcry_free(inbuf);
937 return gpg_error_from_errno(len);
938 }
939
940 if (filename) {
941 close(fd);
942
943 if (mode && get_key_file_boolean(filename, "backup") == TRUE) {
944 gchar tmp2[FILENAME_MAX];
945
946 g_snprintf(tmp2, sizeof(tmp2), "%s.backup", filename);
947
948 if (rename(filename, tmp2) == -1) {
949 unlink(tmp);
950 len = errno;
951 gcry_free(inbuf);
952 return gpg_error_from_errno(len);
953 }
954 }
955
956 if (rename(tmp, filename) == -1) {
957 len = errno;
958 unlink(tmp);
959 gcry_free(inbuf);
960 return gpg_error_from_errno(len);
961 }
962
963 if (mode)
964 chmod(filename, mode);
965 }
966
967 gcry_free(inbuf);
968 return 0;
969 }
970
971 static gpg_error_t save_command_finalize(assuan_context_t ctx,
972 guchar shakey[], gboolean cached)
973 {
974 struct client_s *client = assuan_get_pointer(ctx);
975 gpointer xmlbuf;
976 xmlChar *p;
977 gint len;
978 gint iter;
979 gint timeout;
980 gpointer outbuf;
981 glong outsize = 0;
982 gint zrc;
983 gpg_error_t rc;
984 struct stat st;
985
986 xmlDocDumpFormatMemory(client->doc, &p, &len, 0);
987 xmlbuf = p;
988
989 iter = get_key_file_integer(client->filename, "compression_level");
990
991 if (iter < 0)
992 iter = 0;
993
994 if (do_compress(ctx, iter, xmlbuf, len, &outbuf, &outsize, &zrc) == FALSE) {
995 memset(shakey, 0, sizeof(shakey));
996 xmlFree(xmlbuf);
997
998 if (zrc == Z_MEM_ERROR) {
999 return send_syserror(ctx, ENOMEM);
1000 }
1001 else
1002 return send_error(ctx, GPG_ERR_COMPR_ALGO);
1003 }
1004 else {
1005 gcry_free(xmlbuf);
1006 xmlbuf = outbuf;
1007 len = outsize;
1008 }
1009
1010 iter = get_key_file_integer(client->filename, "iterations");
1011 rc = do_xml_encrypt(client, client->gh, client->filename, xmlbuf, len, shakey, iter);
1012
1013 if (rc) {
1014 memset(shakey, 0, sizeof(shakey));
1015 return send_error(ctx, rc);
1016 }
1017
1018 stat(client->filename, &st);
1019 client->mtime = st.st_mtime;
1020 timeout = get_key_file_integer(client->filename, "cache_timeout");
1021 CACHE_LOCK(client->ctx);
1022
1023 if (cached) {
1024 memset(shakey, 0, sizeof(shakey));
1025 cache_reset_timeout(client->md5file, timeout);
1026 CACHE_UNLOCK;
1027
1028 if (client->new == TRUE)
1029 send_cache_status_all();
1030
1031 client->new = FALSE;
1032 return send_error(ctx, 0);
1033 }
1034
1035 if (cache_update_key(client->md5file, shakey) == FALSE) {
1036 memset(shakey, 0, sizeof(shakey));
1037 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
1038 CACHE_UNLOCK;
1039 return send_error(ctx, EPWMD_MAX_SLOTS);
1040 }
1041
1042 client->new = FALSE;
1043 memset(shakey, 0, sizeof(shakey));
1044 cache_reset_timeout(client->md5file, timeout);
1045 CACHE_UNLOCK;
1046 send_cache_status_all();
1047 return send_error(ctx, 0);
1048 }
1049
1050 static int save_command(assuan_context_t ctx, char *line)
1051 {
1052 gboolean cached = FALSE;
1053 guchar shakey[gcrykeysize];
1054 struct stat st;
1055 struct client_s *client = assuan_get_pointer(ctx);
1056 gpg_error_t rc;
1057
1058 memset(shakey, 0, sizeof(shakey));
1059 rc = file_modified(client);
1060
1061 if (rc) {
1062 log_write("%s: %s", client->filename ? client->filename : "",
1063 pwmd_strerror(rc));
1064 return send_error(ctx, rc);
1065 }
1066
1067 rc = lock_file_mutex(client);
1068
1069 if (rc)
1070 return send_error(ctx, rc);
1071
1072 if (stat(client->filename, &st) == -1 && errno != ENOENT)
1073 return send_syserror(ctx, errno);
1074
1075 if (errno != ENOENT && !S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
1076 log_write("%s: %s", client->filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
1077 return send_error(ctx, EPWMD_INVALID_FILENAME);
1078 }
1079
1080 if (get_key_file_integer(client->filename, "iterations") == -1)
1081 goto done;
1082
1083 if (!line || !*line) {
1084 guchar tmp[sizeof(shakey)];
1085 CACHE_LOCK(ctx);
1086
1087 memset(tmp, '!', sizeof(tmp));
1088
1089 if (cache_get_key(client->md5file, shakey) == FALSE ||
1090 memcmp(shakey, tmp, sizeof(shakey)) == 0) {
1091 CACHE_UNLOCK;
1092 #ifdef WITH_PINENTRY
1093 if (get_key_file_boolean(client->filename, "enable_pinentry") == FALSE) {
1094 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, "", 1);
1095 goto done;
1096 }
1097
1098 lock_pin_mutex(client);
1099 client->pinentry->which = PINENTRY_SAVE;
1100 rc = pinentry_fork(ctx);
1101
1102 if (rc) {
1103 unlock_pin_mutex(client->pinentry);
1104 return send_error(ctx, rc);
1105 }
1106
1107 client->pinentry->cb = save_command_finalize;
1108 client->pinentry->status = PINENTRY_INIT;
1109 return 0;
1110 #else
1111 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, "", 1);
1112 goto done;
1113 #endif
1114 }
1115 else {
1116 CACHE_UNLOCK;
1117 cached = TRUE;
1118 }
1119 }
1120 else {
1121 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, line, strlen(line));
1122 memset(line, 0, strlen(line));
1123 }
1124
1125 done:
1126 return save_command_finalize(ctx, shakey, cached);
1127 }
1128
1129 static int delete_command(assuan_context_t ctx, char *line)
1130 {
1131 struct client_s *client = assuan_get_pointer(ctx);
1132 gchar **req;
1133 gpg_error_t rc;
1134 xmlNodePtr n;
1135
1136 rc = file_modified(client);
1137
1138 if (rc) {
1139 log_write("%s: %s", client->filename ? client->filename : "",
1140 pwmd_strerror(rc));
1141 return send_error(ctx, rc);
1142 }
1143
1144 if (strchr(line, '\t'))
1145 req = split_input_line(line, "\t", -1);
1146 else
1147 req = split_input_line(line, " ", -1);
1148
1149 if (!req || !*req)
1150 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1151
1152 n = find_account(client->doc, &req, &rc, NULL, 0);
1153
1154 if (!n) {
1155 g_strfreev(req);
1156 return send_error(ctx, rc);
1157 }
1158
1159 /*
1160 * No sub-node defined. Remove the entire node (account).
1161 */
1162 if (!req[1]) {
1163 if (n) {
1164 xmlUnlinkNode(n);
1165 xmlFreeNode(n);
1166 }
1167
1168 g_strfreev(req);
1169 return send_error(ctx, 0);
1170 }
1171
1172 n = find_elements(client->doc, n->children, req+1, &rc, NULL, NULL, NULL, FALSE, 0, NULL);
1173 g_strfreev(req);
1174
1175 if (!n)
1176 return send_error(ctx, rc);
1177
1178 if (n) {
1179 xmlUnlinkNode(n);
1180 xmlFreeNode(n);
1181 }
1182
1183 return send_error(ctx, 0);
1184 }
1185
1186 /*
1187 * Don't return with assuan_process_done() here. This has been called from
1188 * assuan_process_next() and the command should be finished in
1189 * client_thread().
1190 */
1191 static int store_command_finalize(gpointer data, gint assuan_rc, guchar *line,
1192 gsize len)
1193 {
1194 assuan_context_t ctx = data;
1195 struct client_s *client = assuan_get_pointer(ctx);
1196 gchar **req;
1197 xmlNodePtr n;
1198 gpg_error_t rc = file_modified(client);
1199
1200 if (assuan_rc || rc) {
1201 if (line)
1202 #ifndef MEM_DEBUG
1203 xfree(line);
1204 #else
1205 free(line);
1206 #endif
1207 return assuan_rc ? assuan_rc : rc;
1208 }
1209
1210 req = split_input_line((gchar *)line, "\t", 0);
1211 #ifndef MEM_DEBUG
1212 xfree(line);
1213 #else
1214 free(line);
1215 #endif
1216
1217 if (!req || !*req)
1218 return EPWMD_COMMAND_SYNTAX;
1219
1220 if (valid_xml_element((xmlChar *)*req) == FALSE) {
1221 g_strfreev(req);
1222 return EPWMD_INVALID_ELEMENT;
1223 }
1224
1225 if (valid_element_path(req+1, TRUE) == FALSE) {
1226 g_strfreev(req);
1227 return EPWMD_INVALID_ELEMENT;
1228 }
1229
1230 again:
1231 n = find_account(client->doc, &req, &rc, NULL, 0);
1232
1233 if (rc && rc == EPWMD_ELEMENT_NOT_FOUND) {
1234 rc = new_account(client->doc, *req);
1235
1236 if (rc) {
1237 g_strfreev(req);
1238 return rc;
1239 }
1240
1241 goto again;
1242 }
1243
1244 if (!n) {
1245 g_strfreev(req);
1246 return rc;
1247 }
1248
1249 if (req[1]) {
1250 if (!n->children)
1251 create_elements_cb(n, req+1, &rc, NULL);
1252 else
1253 find_elements(client->doc, n->children, req+1, &rc,
1254 NULL, NULL, create_elements_cb, FALSE, 0, NULL);
1255 }
1256
1257 g_strfreev(req);
1258 client->inquire_status = INQUIRE_DONE;
1259 return rc;
1260 }
1261
1262 static int store_command(assuan_context_t ctx, char *line)
1263 {
1264 struct client_s *client = assuan_get_pointer(ctx);
1265 gpg_error_t rc = file_modified(client);
1266
1267 if (rc) {
1268 log_write("%s: %s", client->filename ? client->filename : "",
1269 pwmd_strerror(rc));
1270 return send_error(ctx, rc);
1271 }
1272
1273 rc = assuan_inquire_ext(ctx, "STORE", 0, store_command_finalize, ctx);
1274
1275 if (rc)
1276 return send_error(ctx, rc);
1277
1278 /* Don't return with assuan_process_done() here. This is an INQUIRE. */
1279 client->inquire_status = INQUIRE_BUSY;
1280 return 0;
1281 }
1282
1283 static int get_command(assuan_context_t ctx, char *line)
1284 {
1285 struct client_s *client = assuan_get_pointer(ctx);
1286 gchar **req;
1287 gpg_error_t rc;
1288 xmlNodePtr n;
1289
1290 rc = file_modified(client);
1291
1292 if (rc) {
1293 log_write("%s: %s", client->filename ? client->filename : "",
1294 pwmd_strerror(rc));
1295 return send_error(ctx, rc);
1296 }
1297
1298 req = split_input_line(line, "\t", -1);
1299
1300 if (!req || !*req) {
1301 g_strfreev(req);
1302 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1303 }
1304
1305 n = find_account(client->doc, &req, &rc, NULL, 0);
1306
1307 if (!n) {
1308 g_strfreev(req);
1309 return send_error(ctx, rc);
1310 }
1311
1312 if (req[1])
1313 n = find_elements(client->doc, n->children, req+1, &rc, NULL, NULL, NULL, FALSE, 0, NULL);
1314
1315 g_strfreev(req);
1316
1317 if (rc)
1318 return send_error(ctx, rc);
1319
1320 if (!n || !n->children)
1321 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1322
1323 n = find_text_node(n->children);
1324
1325 if (!n || !n->content || !*n->content)
1326 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1327
1328 rc = assuan_send_data(ctx, n->content, xmlStrlen(n->content));
1329 return send_error(ctx, rc);
1330 }
1331
1332 static xmlNodePtr realpath_elements_cb(xmlNodePtr node, gchar **target,
1333 gpg_error_t *rc, gchar **req_orig, void *data)
1334 {
1335 gchar *path = *(gchar **)data;
1336 gchar *tmp = NULL, *result;
1337
1338 if (path) {
1339 g_free(path);
1340 *(gchar **)data = NULL;
1341 }
1342
1343 path = g_strjoinv("\t", target);
1344
1345 if (!path) {
1346 *rc = gpg_error_from_errno(ENOMEM);
1347 return NULL;
1348 }
1349
1350 if (req_orig) {
1351 tmp = g_strjoinv("\t", req_orig);
1352
1353 if (!tmp) {
1354 g_free(path);
1355 *rc = gpg_error_from_errno(ENOMEM);
1356 return NULL;
1357 }
1358 }
1359
1360 if (tmp && *tmp)
1361 result = g_strdup_printf("%s\t%s", path, tmp);
1362 else
1363 result = g_strdup(path);
1364
1365 if (!result) {
1366 *rc = gpg_error_from_errno(ENOMEM);
1367 g_free(path);
1368 g_free(tmp);
1369 return NULL;
1370 }
1371
1372 g_free(path);
1373 g_free(tmp);
1374 *(gchar **)data = result;
1375 return node;
1376 }
1377
1378 static int realpath_command(assuan_context_t ctx, char *line)
1379 {
1380 gpg_error_t rc;
1381 struct client_s *client = assuan_get_pointer(ctx);
1382 gchar **req;
1383 gchar *t;
1384 gint i;
1385 xmlNodePtr n;
1386 GString *string;
1387 gchar *rp = NULL;
1388
1389 rc = file_modified(client);
1390
1391 if (rc) {
1392 log_write("%s: %s", client->filename ? client->filename : "",
1393 pwmd_strerror(rc));
1394 return send_error(ctx, rc);
1395 }
1396
1397 if (strchr(line, '\t') != NULL) {
1398 if ((req = split_input_line(line, "\t", 0)) == NULL)
1399 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1400 }
1401 else {
1402 if ((req = split_input_line(line, " ", 0)) == NULL)
1403 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1404 }
1405
1406 n = find_account(client->doc, &req, &rc, NULL, 0);
1407
1408 if (!n) {
1409 g_strfreev(req);
1410 return send_error(ctx, rc);
1411 }
1412
1413 rp = g_strjoinv("\t", req);
1414
1415 if (!rp) {
1416 g_strfreev(req);
1417 return send_syserror(ctx, ENOMEM);
1418 }
1419
1420 if (req[1]) {
1421 n = find_elements(client->doc, n->children, req+1, &rc,
1422 NULL, realpath_elements_cb, NULL, FALSE, 0, &rp);
1423
1424 if (!n) {
1425 g_free(rp);
1426 g_strfreev(req);
1427 return send_error(ctx, rc);
1428 }
1429 }
1430
1431 string = g_string_new(rp);
1432 g_free(rp);
1433 g_strfreev(req);
1434
1435 if (!string)
1436 return send_syserror(ctx, ENOMEM);
1437
1438 again:
1439 for (i = 0, t = string->str + i; *t; t++, i++) {
1440 if ((!i && *t != '!') || (*t == '\t' && *(t+1) && *(t+1) != '!')) {
1441 string = g_string_insert_c(string, !i ? i++ : ++i, '!');
1442 goto again;
1443 }
1444 }
1445
1446 rc = assuan_send_data(ctx, string->str, string->len);
1447 g_string_free(string, TRUE);
1448 return send_error(ctx, rc);
1449 }
1450
1451 static int list_command(assuan_context_t ctx, char *line)
1452 {
1453 struct client_s *client = assuan_get_pointer(ctx);
1454 gpg_error_t rc;
1455 struct element_list_s *elements = NULL;
1456 gchar *tmp;
1457
1458 if (disable_list_and_dump == TRUE)
1459 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
1460
1461 rc = file_modified(client);
1462
1463 if (rc) {
1464 log_write("%s: %s", client->filename, pwmd_strerror(rc));
1465 return send_error(ctx, rc);
1466 }
1467
1468 if (!*line) {
1469 GString *str;
1470
1471 rc = list_accounts(client->doc, &str);
1472
1473 if (rc)
1474 return send_error(ctx, rc);
1475
1476 rc = assuan_send_data(ctx, str->str, str->len);
1477 g_string_free(str, TRUE);
1478 return send_error(ctx, rc);
1479 }
1480
1481 elements = g_malloc0(sizeof(struct element_list_s));
1482
1483 if (!elements) {
1484 rc = gpg_err_code_from_errno(ENOMEM);
1485 goto fail;
1486 }
1487
1488 rc = create_path_list(client->doc, elements, line);
1489
1490 if (rc)
1491 goto fail;
1492
1493 if (elements) {
1494 gint total = g_slist_length(elements->list);
1495 gint i;
1496 GString *str;
1497
1498 if (!total) {
1499 rc = EPWMD_EMPTY_ELEMENT;
1500 goto fail;
1501 }
1502
1503 str = g_string_new(NULL);
1504
1505 if (!str) {
1506 rc = gpg_err_code_from_errno(ENOMEM);
1507 goto fail;
1508 }
1509
1510 for (i = 0; i < total; i++) {
1511 tmp = g_slist_nth_data(elements->list, i);
1512 g_string_append_printf(str, "%s%s", tmp, i+1 == total ? "" : "\n");
1513 }
1514
1515 rc = assuan_send_data(ctx, str->str, str->len);
1516 g_string_free(str, TRUE);
1517 }
1518 else
1519 rc = EPWMD_EMPTY_ELEMENT;
1520
1521 fail:
1522 if (elements) {
1523 gint total = g_slist_length(elements->list);
1524 gint i;
1525
1526 for (i = 0; i < total; i++) {
1527 tmp = g_slist_nth_data(elements->list, i);
1528 g_free(tmp);
1529 }
1530
1531 g_slist_free(elements->list);
1532
1533 if (elements->prefix)
1534 g_free(elements->prefix);
1535
1536 g_free(elements);
1537 }
1538
1539 return send_error(ctx, rc);
1540 }
1541
1542 static gpg_error_t add_attribute(xmlNodePtr node, const gchar *name,
1543 const gchar *value)
1544 {
1545 xmlAttrPtr a;
1546
1547 if ((a = xmlHasProp(node, (xmlChar *)name)) == NULL) {
1548 a = xmlNewProp(node, (xmlChar *)name, (xmlChar *)value);
1549
1550 if (!a)
1551 return EPWMD_LIBXML_ERROR;
1552 }
1553 else
1554 xmlNodeSetContent(a->children, (xmlChar *)value);
1555
1556 return 0;
1557 }
1558
1559 /*
1560 * req[0] - element path
1561 */
1562 static int attribute_list(assuan_context_t ctx, gchar **req)
1563 {
1564 struct client_s *client = assuan_get_pointer(ctx);
1565 gchar **attrlist = NULL;
1566 gint i = 0;
1567 gchar **path = NULL;
1568 xmlAttrPtr a;
1569 xmlNodePtr n, an;
1570 gchar *line;
1571 gpg_error_t rc;
1572
1573 if (!req || !req[0])
1574 return EPWMD_COMMAND_SYNTAX;
1575
1576 if ((path = split_input_line(req[0], "\t", 0)) == NULL) {
1577 /*
1578 * The first argument may be only an account.
1579 */
1580 if ((path = split_input_line(req[0], " ", 0)) == NULL)
1581 return EPWMD_COMMAND_SYNTAX;
1582 }
1583
1584 n = find_account(client->doc, &path, &rc, NULL, 0);
1585
1586 if (!n) {
1587 g_strfreev(path);
1588 return rc;
1589 }
1590
1591 if (path[1]) {
1592 n = find_elements(client->doc, n->children, path+1, &rc,
1593 NULL, NULL, NULL, FALSE, 0, NULL);
1594
1595 if (!n) {
1596 g_strfreev(path);
1597 return rc;
1598 }
1599 }
1600
1601 g_strfreev(path);
1602
1603 for (a = n->properties; a; a = a->next) {
1604 gchar **pa;
1605
1606 if ((pa = g_realloc(attrlist, (i + 2) * sizeof(gchar *))) == NULL) {
1607 if (attrlist)
1608 g_strfreev(attrlist);
1609
1610 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
1611 return gpg_error_from_errno(ENOMEM);
1612 }
1613
1614 attrlist = pa;
1615 an = a->children;
1616 attrlist[i] = g_strdup_printf("%s\t%s", (gchar *)a->name, (gchar *)an->content);
1617
1618 if (!attrlist[i]) {
1619 g_strfreev(attrlist);
1620 return gpg_error_from_errno(ENOMEM);
1621 }
1622
1623 attrlist[++i] = NULL;
1624 }
1625
1626 if (!attrlist)
1627 return EPWMD_EMPTY_ELEMENT;
1628
1629 line = g_strjoinv("\n", attrlist);
1630
1631 if (!line) {
1632 g_strfreev(attrlist);
1633 return gpg_error_from_errno(ENOMEM);
1634 }
1635
1636 rc = assuan_send_data(ctx, line, strlen(line));
1637 g_free(line);
1638 g_strfreev(attrlist);
1639 return rc;
1640 }
1641
1642 /*
1643 * req[0] - attribute
1644 * req[1] - element path
1645 */
1646 static int attribute_delete(struct client_s *client, gchar **req)
1647 {
1648 xmlAttrPtr a;
1649 xmlNodePtr n;
1650 gchar **path = NULL;
1651 gpg_error_t rc;
1652
1653 if (!req || !req[0] || !req[1])
1654 return EPWMD_COMMAND_SYNTAX;
1655
1656 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1657 /*
1658 * The first argument may be only an account.
1659 */
1660 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1661 return EPWMD_COMMAND_SYNTAX;
1662 }
1663
1664 /*
1665 * Don't remove the "name" attribute for the account element. To remove an
1666 * account use DELETE <account>.
1667 */
1668 if (!path[1] && xmlStrEqual((xmlChar *)req[0], (xmlChar *)"name")) {
1669 rc = EPWMD_ATTR_SYNTAX;
1670 goto fail;
1671 }
1672
1673 n = find_account(client->doc, &path, &rc, NULL, 0);
1674
1675 if (!n)
1676 goto fail;
1677
1678 if (path[1]) {
1679 n = find_elements(client->doc, n->children, path+1, &rc,
1680 NULL, NULL, NULL, FALSE, 0, NULL);
1681
1682 if (!n)
1683 goto fail;
1684 }
1685
1686 g_strfreev(path);
1687
1688 if ((a = xmlHasProp(n, (xmlChar *)req[0])) == NULL)
1689 return EPWMD_ATTR_NOT_FOUND;
1690
1691 if (xmlRemoveProp(a) == -1)
1692 return EPWMD_LIBXML_ERROR;
1693
1694 return 0;
1695
1696 fail:
1697 g_strfreev(path);
1698 return rc;
1699 }
1700
1701 static xmlNodePtr create_element_path(struct client_s *client, gchar ***path,
1702 gpg_error_t *rc)
1703 {
1704 gchar **src = *path;
1705 gchar **src_orig = g_strdupv(src);
1706 xmlNodePtr n = NULL;
1707
1708 if (!src_orig) {
1709 *rc = gpg_error_from_errno(ENOMEM);
1710 goto fail;
1711 }
1712
1713 again:
1714 n = find_account(client->doc, &src, rc, NULL, 0);
1715
1716 if (!n) {
1717 if (*rc == EPWMD_ELEMENT_NOT_FOUND) {
1718 *rc = new_account(client->doc, src[0]);
1719
1720 if (*rc)
1721 goto fail;
1722
1723 goto again;
1724 }
1725 else
1726 goto fail;
1727 }
1728
1729 if (src[1]) {
1730 if (!n->children)
1731 n = create_target_elements_cb(n, src+1, rc, NULL);
1732 else
1733 n = find_elements(client->doc, n->children, src+1, rc,
1734 NULL, NULL, create_target_elements_cb, FALSE, 0, NULL);
1735
1736 if (!n)
1737 goto fail;
1738
1739 /*
1740 * Reset the position of the element tree now that the elements
1741 * have been created.
1742 */
1743 g_strfreev(src);
1744 src = src_orig;
1745 src_orig = NULL;
1746 n = find_account(client->doc, &src, rc, NULL, 0);
1747
1748 if (!n)
1749 goto fail;
1750
1751 n = find_elements(client->doc, n->children, src+1, rc,
1752 NULL, NULL, NULL, FALSE, 0, NULL);
1753
1754 if (!n)
1755 goto fail;
1756 }
1757
1758 fail:
1759 if (src_orig)
1760 g_strfreev(src_orig);
1761
1762 *path = src;
1763 return n;
1764 }
1765
1766 /*
1767 * Creates a "target" attribute. When other commands encounter an element with
1768 * this attribute, the element path is modified to the target value. If the
1769 * source element path doesn't exist when using 'ATTR SET target', it is
1770 * created, but the destination element path must exist.
1771 *
1772 * req[0] - source element path
1773 * req[1] - destination element path
1774 */
1775 static gpg_error_t target_attribute(struct client_s *client, gchar **req)
1776 {
1777 gchar **src, **dst, *line = NULL;
1778 gpg_error_t rc;
1779 xmlNodePtr n;
1780
1781 if (!req || !req[0] || !req[1])
1782 return EPWMD_COMMAND_SYNTAX;
1783
1784 if ((src = split_input_line(req[0], "\t", 0)) == NULL) {
1785 /*
1786 * The first argument may be only an account.
1787 */
1788 if ((src = split_input_line(req[0], " ", 0)) == NULL)
1789 return EPWMD_COMMAND_SYNTAX;
1790 }
1791
1792 if (valid_element_path(src, FALSE) == FALSE) {
1793 g_strfreev(src);
1794 return EPWMD_INVALID_ELEMENT;
1795 }
1796
1797 if ((dst = split_input_line(req[1], "\t", 0)) == NULL) {
1798 /*
1799 * The first argument may be only an account.
1800 */
1801 if ((dst = split_input_line(req[1], " ", 0)) == NULL) {
1802 rc = EPWMD_COMMAND_SYNTAX;
1803 goto fail;
1804 }
1805 }
1806
1807 n = find_account(client->doc, &dst, &rc, NULL, 0);
1808
1809 /*
1810 * Make sure the destination element path exists.
1811 */
1812 if (!n)
1813 goto fail;
1814
1815 if (dst[1]) {
1816 n = find_elements(client->doc, n->children, dst+1, &rc,
1817 NULL, NULL, NULL, FALSE, 0, NULL);
1818
1819 if (!n)
1820 goto fail;
1821 }
1822
1823 n = create_element_path(client, &src, &rc);
1824
1825 if (rc)
1826 goto fail;
1827
1828 line = g_strjoinv("\t", dst);
1829
1830 if (!line) {
1831 rc = gpg_error_from_errno(ENOMEM);
1832 goto fail;
1833 }
1834
1835 rc = add_attribute(n, "target", line);
1836
1837 fail:
1838 g_free(line);
1839 g_strfreev(src);
1840 g_strfreev(dst);
1841 return rc;
1842 }
1843
1844 /*
1845 * req[0] - account name
1846 * req[1] - new name
1847 */
1848 static gpg_error_t name_attribute(struct client_s *client, gchar **req)
1849 {
1850 gpg_error_t rc;
1851 gchar **tmp;
1852 xmlNodePtr n;
1853
1854 tmp = g_strdupv(req);
1855
1856 if (!tmp)
1857 return gpg_error_from_errno(ENOMEM);
1858
1859 n = find_account(client->doc, &tmp, &rc, NULL, 0);
1860 g_strfreev(tmp);
1861
1862 if (!n)
1863 return rc;
1864
1865 if (g_utf8_collate(req[0], req[1]) == 0)
1866 return 0;
1867
1868 /*
1869 * Will not overwrite an existing account.
1870 */
1871 tmp = g_strdupv(req+1);
1872
1873 if (!tmp)
1874 return gpg_error_from_errno(ENOMEM);
1875
1876 n = find_account(client->doc, &tmp, &rc, NULL, 0);
1877 g_strfreev(tmp);
1878
1879 if (rc && rc != EPWMD_ELEMENT_NOT_FOUND)
1880 return rc;
1881
1882 if (n)
1883 return EPWMD_ACCOUNT_EXISTS;
1884
1885 /*
1886 * Whitespace not allowed in account names.
1887 */
1888 if (contains_whitespace(req[1]) == TRUE)
1889 return EPWMD_ATTR_SYNTAX;
1890
1891 tmp = g_strdupv(req);
1892
1893 if (!tmp)
1894 return gpg_error_from_errno(ENOMEM);
1895
1896 n = find_account(client->doc, &tmp, &rc, NULL, 0);
1897 g_strfreev(tmp);
1898
1899 if (!n)
1900 return EPWMD_ELEMENT_NOT_FOUND;
1901
1902 return add_attribute(n, "name", req[1]);
1903 }
1904
1905 /*
1906 * req[0] - attribute
1907 * req[1] - element path
1908 */
1909 static int attribute_get(assuan_context_t ctx, gchar **req)
1910 {
1911 struct client_s *client = assuan_get_pointer(ctx);
1912 xmlNodePtr n;
1913 xmlChar *a;
1914 gchar **path= NULL;
1915 gpg_error_t rc;
1916
1917 if (!req || !req[0] || !req[1])
1918 return EPWMD_COMMAND_SYNTAX;
1919
1920 if (strchr(req[1], '\t')) {
1921 if ((path = split_input_line(req[1], "\t", 0)) == NULL)
1922 return EPWMD_COMMAND_SYNTAX;
1923 }
1924 else {
1925 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1926 return EPWMD_COMMAND_SYNTAX;
1927 }
1928
1929 n = find_account(client->doc, &path, &rc, NULL, 0);
1930
1931 if (!n)
1932 goto fail;
1933
1934 if (path[1]) {
1935 n = find_elements(client->doc, n->children, path+1, &rc,
1936 NULL, NULL, NULL, FALSE, 0, NULL);
1937
1938 if (!n)
1939 goto fail;
1940 }
1941
1942 g_strfreev(path);
1943
1944 if ((a = xmlGetProp(n, (xmlChar *)req[0])) == NULL)
1945 return EPWMD_ATTR_NOT_FOUND;
1946
1947 rc = assuan_send_data(ctx, a, xmlStrlen(a));
1948 xmlFree(a);
1949 return rc;
1950
1951 fail:
1952 g_strfreev(path);
1953 return rc;
1954 }
1955
1956 /*
1957 * req[0] - attribute
1958 * req[1] - element path
1959 * req[2] - value
1960 */
1961 static int attribute_set(struct client_s *client, gchar **req)
1962 {
1963 gchar **path = NULL;
1964 gpg_error_t rc;
1965 xmlNodePtr n;
1966
1967 if (!req || !req[0] || !req[1] || !req[2])
1968 return EPWMD_COMMAND_SYNTAX;
1969
1970 /*
1971 * Reserved attribute names.
1972 */
1973 if (g_utf8_collate(req[0], "name") == 0) {
1974 /*
1975 * Only reserved for the account element. Not the rest of the
1976 * document.
1977 */
1978 if (strchr(req[1], '\t') == NULL)
1979 return name_attribute(client, req + 1);
1980 }
1981 else if (g_utf8_collate(req[0], "target") == 0)
1982 return target_attribute(client, req + 1);
1983
1984 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1985 /*
1986 * The first argument may be only an account.
1987 */
1988 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1989 return EPWMD_COMMAND_SYNTAX;
1990 }
1991
1992 n = find_account(client->doc, &path, &rc, NULL, 0);
1993
1994 if (!n)
1995 goto fail;
1996
1997 if (path[1]) {
1998 n = find_elements(client->doc, n->children, path+1, &rc,
1999 NULL, NULL, NULL, FALSE, 0, NULL);
2000
2001 if (!n)
2002 goto fail;
2003 }
2004
2005 g_strfreev(path);
2006 return add_attribute(n, req[0], req[2]);
2007
2008 fail:
2009 g_strfreev(path);
2010 return rc;
2011 }
2012
2013 /*
2014 * req[0] - command
2015 * req[1] - attribute name or element path if command is LIST
2016 * req[2] - element path
2017 * req[2] - element path or value
2018 */
2019 static int attr_command(assuan_context_t ctx, char *line)
2020 {
2021 struct client_s *client = assuan_get_pointer(ctx);
2022 gchar **req = split_input_line(line, " ", 4);
2023 gpg_error_t rc = 0;
2024
2025 rc = file_modified(client);
2026
2027 if (rc) {
2028 log_write("%s: %s", client->filename ? client->filename : "",
2029 pwmd_strerror(rc));
2030 g_strfreev(req);
2031 return send_error(ctx, rc);
2032 }
2033
2034 if (!req || !req[0] || !req[1]) {
2035 g_strfreev(req);
2036 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2037 }
2038
2039 if (g_ascii_strcasecmp(req[0], "SET") == 0)
2040 rc = attribute_set(client, req+1);
2041 else if (g_ascii_strcasecmp(req[0], "GET") == 0)
2042 rc = attribute_get(ctx, req+1);
2043 else if (g_ascii_strcasecmp(req[0], "DELETE") == 0)
2044 rc = attribute_delete(client, req+1);
2045 else if (g_ascii_strcasecmp(req[0], "LIST") == 0)
2046 rc = attribute_list(ctx, req+1);
2047 else
2048 rc = EPWMD_COMMAND_SYNTAX;
2049
2050 g_strfreev(req);
2051 return send_error(ctx, rc);
2052 }
2053
2054 static int iscached_command(assuan_context_t ctx, char *line)
2055 {
2056 gchar **req = split_input_line(line, " ", 0);
2057 guchar md5file[16];
2058
2059 if (!req || !*req) {
2060 g_strfreev(req);
2061 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2062 }
2063
2064 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2065 g_strfreev(req);
2066 CACHE_LOCK(ctx);
2067
2068 if (cache_iscached(md5file) == FALSE) {
2069 CACHE_UNLOCK;
2070 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2071 }
2072
2073 CACHE_UNLOCK;
2074 return send_error(ctx, 0);
2075 }
2076
2077 gpg_error_t send_cache_status(assuan_context_t ctx)
2078 {
2079 gchar *tmp;
2080 struct client_s *client = assuan_get_pointer(ctx);
2081 gchar buf[ASSUAN_LINELENGTH];
2082
2083 CACHE_LOCK(client->ctx);
2084 tmp = print_fmt(buf, sizeof(buf), "%i %i",
2085 cache_file_count(),
2086 (cache_size / sizeof(file_cache_t)) - cache_file_count());
2087 CACHE_UNLOCK;
2088
2089 return assuan_write_status(ctx, "CACHE", buf);
2090 }
2091
2092 static int clearcache_command(assuan_context_t ctx, char *line)
2093 {
2094 struct client_s *client = assuan_get_pointer(ctx);
2095 gchar **req = split_input_line(line, " ", 0);
2096 guchar md5file[16];
2097
2098 CACHE_LOCK(ctx);
2099
2100 if (!req || !*req) {
2101 g_strfreev(req);
2102 cache_clear(client->md5file, 2);
2103 CACHE_UNLOCK;
2104 return send_error(ctx, 0);
2105 }
2106
2107 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2108 g_strfreev(req);
2109
2110 if (cache_clear(md5file, 1) == FALSE) {
2111 CACHE_UNLOCK;
2112 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2113 }
2114
2115 CACHE_UNLOCK;
2116 return send_error(ctx, 0);
2117 }
2118
2119 static int cachetimeout_command(assuan_context_t ctx, char *line)
2120 {
2121 guchar md5file[16];
2122 glong timeout;
2123 gchar **req = split_input_line(line, " ", 0);
2124 gchar *p;
2125 struct client_s *client = assuan_get_pointer(ctx);
2126
2127 if (!req || !*req || !req[1]) {
2128 g_strfreev(req);
2129 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2130 }
2131
2132 errno = 0;
2133 timeout = strtol(req[0], &p, 10);
2134
2135 if (errno != 0 || *p != 0) {
2136 g_strfreev(req);
2137 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2138 }
2139
2140 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[1], strlen(req[1]));
2141 g_strfreev(req);
2142 CACHE_LOCK(client->ctx);
2143
2144 if (cache_set_timeout(md5file, timeout) == FALSE) {
2145 CACHE_UNLOCK;
2146 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2147 }
2148
2149 CACHE_UNLOCK;
2150 return send_error(ctx, 0);
2151 }
2152
2153 static int dump_command(assuan_context_t ctx, char *line)
2154 {
2155 xmlChar *xml;
2156 gssize len;
2157 struct client_s *client = assuan_get_pointer(ctx);
2158 gpg_error_t rc;
2159
2160 if (disable_list_and_dump == TRUE)
2161 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2162
2163 rc = file_modified(client);
2164
2165 if (rc) {
2166 log_write("%s: %s", client->filename ? client->filename : "",
2167 pwmd_strerror(rc));
2168 return send_error(ctx, rc);
2169 }
2170
2171 xmlDocDumpFormatMemory(client->doc, &xml, &len, 1);
2172
2173 if (!xml)
2174 return send_syserror(ctx, ENOMEM);
2175
2176 rc = assuan_send_data(ctx, xml, len);
2177 xmlFree(xml);
2178 return send_error(ctx, rc);
2179 }
2180
2181 static int getconfig_command(assuan_context_t ctx, gchar *line)
2182 {
2183 struct client_s *client = assuan_get_pointer(ctx);
2184 gpg_error_t rc = 0;
2185 gchar *p, *tmp;
2186
2187 if (strcmp(line, "key") == 0 || strcmp(line, "key_file") == 0)
2188 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2189
2190 p = get_key_file_string(client->filename ? client->filename : "global", line);
2191
2192 if (!p)
2193 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2194
2195 tmp = expand_homedir(p);
2196
2197 if (!tmp) {
2198 g_free(p);
2199 return send_syserror(ctx, ENOMEM);
2200 }
2201
2202 g_free(p);
2203 p = tmp;
2204 rc = assuan_send_data(ctx, p, strlen(p));
2205 g_free(p);
2206 return send_error(ctx, rc);
2207 }
2208
2209 static int xpath_command(assuan_context_t ctx, gchar *line)
2210 {
2211 struct client_s *client = assuan_get_pointer(ctx);
2212 gpg_error_t rc;
2213 xmlXPathContextPtr xp;
2214 xmlXPathObjectPtr result;
2215 xmlBufferPtr buf = NULL;
2216 gchar **req = NULL;
2217
2218 rc = file_modified(client);
2219
2220 if (rc) {
2221 log_write("%s: %s", client->filename ? client->filename : "",
2222 pwmd_strerror(rc));
2223 return send_error(ctx, rc);
2224 }
2225
2226 if (!line || !*line)
2227 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2228
2229 if ((req = split_input_line(line, "\t", 2)) == NULL) {
2230 if (strv_printf(&req, "%s", line) == FALSE)
2231 return send_syserror(ctx, ENOMEM);
2232 }
2233
2234 xp = xmlXPathNewContext(client->doc);
2235
2236 if (!xp)
2237 return send_error(ctx, EPWMD_LIBXML_ERROR);
2238
2239 result = xmlXPathEvalExpression((xmlChar *)req[0], xp);
2240
2241 if (!result) {
2242 xmlXPathFreeContext(xp);
2243 return send_error(ctx, EPWMD_LIBXML_ERROR);
2244 }
2245
2246 if (xmlXPathNodeSetIsEmpty(result->nodesetval)) {
2247 rc = EPWMD_EMPTY_ELEMENT;
2248 goto fail;
2249 }
2250
2251 rc = recurse_xpath_nodeset(client->doc, result->nodesetval,
2252 (xmlChar *)req[1], &buf);
2253
2254 if (rc)
2255 goto fail;
2256 else if (!req[1] && !xmlBufferLength(buf)) {
2257 rc = EPWMD_EMPTY_ELEMENT;
2258 goto fail;
2259 }
2260 else if (req[1])
2261 goto fail;
2262
2263 rc = assuan_send_data(ctx, xmlBufferContent(buf), xmlBufferLength(buf));
2264
2265 fail:
2266 g_strfreev(req);
2267
2268 if (buf)
2269 xmlBufferFree(buf);
2270
2271 if (result)
2272 xmlXPathFreeObject(result);
2273
2274 if (xp)
2275 xmlXPathFreeContext(xp);
2276
2277 return send_error(ctx, rc);
2278 }
2279
2280 static int import_command_finalize(gpointer data, gint assuan_rc, guchar *line,
2281 gsize len)
2282 {
2283 struct client_s *client = assuan_get_pointer((assuan_context_t)data);
2284 gpg_error_t rc = file_modified(client);
2285 gchar **req, **path = NULL, *content;
2286 xmlDocPtr doc;
2287 xmlNodePtr n, root, copy;
2288
2289 if (assuan_rc || rc) {
2290 if (line)
2291 #ifndef MEM_DEBUG
2292 xfree(line);
2293 #else
2294 free(line);
2295 #endif
2296 return assuan_rc ? assuan_rc : rc;
2297 }
2298
2299 req = split_input_line((gchar *)line, " ", 2);
2300 #ifndef MEM_DEBUG
2301 xfree(line);
2302 #else
2303 free(line);
2304 #endif
2305
2306 if (!req || !*req)
2307 return EPWMD_COMMAND_SYNTAX;
2308
2309 if ((path = split_input_line(req[0], "\t", 0)) == NULL) {
2310 if ((path = split_input_line(req[0], " ", 0)) == NULL)
2311 return EPWMD_COMMAND_SYNTAX;
2312 }
2313
2314 content = req[1];
2315
2316 if (!content || !*content) {
2317 rc = EPWMD_COMMAND_SYNTAX;
2318 goto fail;
2319 }
2320
2321 if (valid_xml_element((xmlChar *)*path) == FALSE) {
2322 rc = EPWMD_INVALID_ELEMENT;
2323 goto fail;
2324 }
2325
2326 if (valid_element_path(path+1, FALSE) == FALSE) {
2327 rc = EPWMD_INVALID_ELEMENT;
2328 goto fail;
2329 }
2330
2331 n = create_element_path(client, &path, &rc);
2332
2333 if (rc)
2334 goto fail;
2335
2336 doc = xmlReadDoc((xmlChar *)content, NULL, "UTF-8", XML_PARSE_NOBLANKS);
2337
2338 if (!doc) {
2339 rc = EPWMD_LIBXML_ERROR;
2340 goto fail;
2341 }
2342
2343 root = xmlDocGetRootElement(doc);
2344 copy = xmlCopyNode(root, 1);
2345 n = xmlAddChild(n, copy);
2346
2347 if (!n) {
2348 rc = EPWMD_LIBXML_ERROR;
2349 goto fail;
2350 }
2351
2352 xmlFreeDoc(doc);
2353
2354 fail:
2355 g_strfreev(path);
2356 g_strfreev(req);
2357 client->inquire_status = INQUIRE_DONE;
2358 return rc;
2359 }
2360
2361 static int import_command(assuan_context_t ctx, gchar *line)
2362 {
2363 gpg_error_t rc;
2364 struct client_s *client = assuan_get_pointer(ctx);
2365
2366 rc = file_modified(client);
2367
2368 if (rc) {
2369 log_write("%s: %s", client->filename ? client->filename : "",
2370 pwmd_strerror(rc));
2371 return send_error(ctx, rc);
2372 }
2373
2374 rc = assuan_inquire_ext(ctx, "IMPORT", 0, import_command_finalize, ctx);
2375
2376 if (rc)
2377 return send_error(ctx, rc);
2378
2379 /* Don't return with assuan_process_done() here. This is an INQUIRE. */
2380 client->inquire_status = INQUIRE_BUSY;
2381 return 0;
2382 }
2383
2384 void cleanup_assuan(assuan_context_t ctx)
2385 {
2386 struct client_s *cl = assuan_get_pointer(ctx);
2387
2388 if (cl)
2389 cleanup_client(cl);
2390 }
2391
2392 static void reset_notify(assuan_context_t ctx)
2393 {
2394 struct client_s *cl = assuan_get_pointer(ctx);
2395
2396 if (cl)
2397 cleanup_client(cl);
2398 }
2399
2400 static gpg_error_t parse_client_option(assuan_context_t ctx, const gchar *line)
2401 {
2402 gchar name[32] = {0}, value[256] = {0};
2403
2404 if (sscanf(line, " %31[a-zA-Z] = %255c", name, value) != 2)
2405 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_SYNTAX);
2406
2407 if (g_strcasecmp(name, (gchar *)"NAME") == 0) {
2408 pth_attr_t attr = pth_attr_of(pth_self());
2409
2410 log_write("OPTION CLIENT %s", line);
2411 pth_attr_set(attr, PTH_ATTR_NAME, value);
2412 pth_attr_destroy(attr);
2413 }
2414 else
2415 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_UNKNOWN_OPTION);
2416
2417 return 0;
2418 }
2419
2420 static int option_handler(assuan_context_t ctx, const gchar *name,
2421 const gchar *value)
2422 {
2423 #ifdef WITH_PINENTRY
2424 struct client_s *client = assuan_get_pointer(ctx);
2425 #endif
2426
2427 if (!value || !*value)
2428 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE);
2429
2430 if (g_strcasecmp(name, (gchar *)"client") == 0)
2431 return parse_client_option(ctx, value);
2432
2433 #ifdef WITH_PINENTRY
2434 if (g_strcasecmp(name, (gchar *)"ttyname") == 0) {
2435 g_free(client->pinentry->ttyname);
2436 client->pinentry->ttyname = g_strdup(value);
2437 }
2438 else if (g_strcasecmp(name, (gchar *)"ttytype") == 0) {
2439 g_free(client->pinentry->ttytype);
2440 client->pinentry->ttytype = g_strdup(value);
2441 }
2442 else if (g_strcasecmp(name, (gchar *)"display") == 0) {
2443 g_free(client->pinentry->display);
2444 client->pinentry->display = g_strdup(value);
2445 }
2446 else if (g_strcasecmp(name, (gchar *)"path") == 0) {
2447 g_free(client->pinentry->path);
2448 client->pinentry->path = g_strdup(value);
2449 }
2450 else if (g_strcasecmp(name, (gchar *)"title") == 0) {
2451 g_free(client->pinentry->title);
2452 client->pinentry->title = g_strdup(value);
2453 }
2454 else if (g_strcasecmp(name, (gchar *)"prompt") == 0) {
2455 g_free(client->pinentry->prompt);
2456 client->pinentry->prompt = g_strdup(value);
2457 }
2458 else if (g_strcasecmp(name, (gchar *)"desc") == 0) {
2459 g_free(client->pinentry->desc);
2460 client->pinentry->desc = g_strdup(value);
2461 }
2462 #if 0
2463 /* Need to wait for pinentry to support a --timeout option so it can
2464 * terminate itself. Cannot do it here because assuan_pipe_connect() calls
2465 * execv() which replaces the pid of the fork()ed thread from
2466 * pinentry_fork(). So pinentry will become a real process after the
2467 * thread terminates and won't be able to be kill()ed from pwmd.
2468 */
2469 else if (g_strcasecmp(name, (gchar *)"timeout") == 0) {
2470 gchar *p = NULL;
2471 gint n = strtol(value, &p, 10);
2472
2473 if (*p || n < 0)
2474 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE);
2475
2476 client->pinentry->timeout = n;
2477 }
2478 #endif
2479 else if (g_strcasecmp(name, (gchar *)"pinentry") == 0) {
2480 gchar *p = NULL;
2481 gint n = strtol(value, &p, 10);
2482
2483 if (*p || n < 0 || n > 1)
2484 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE);
2485
2486 g_key_file_set_boolean(keyfileh, client->filename ? client->filename : "global",
2487 "enable_pinentry", n == 0 ? FALSE : TRUE);
2488 }
2489 else
2490 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_UNKNOWN_OPTION);
2491 #else
2492 return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_NOT_IMPLEMENTED);
2493 #endif
2494
2495 log_write("OPTION %s=%s", name, value);
2496 return 0;
2497 }
2498
2499 gpg_error_t register_commands(assuan_context_t ctx)
2500 {
2501 static struct {
2502 const gchar *name;
2503 gint (*handler)(assuan_context_t, gchar *line);
2504 } table[] = {
2505 { "OPEN", open_command },
2506 { "SAVE", save_command },
2507 { "LIST", list_command },
2508 { "REALPATH", realpath_command },
2509 { "STORE", store_command },
2510 { "DELETE", delete_command },
2511 { "GET", get_command },
2512 { "ATTR", attr_command },
2513 { "ISCACHED", iscached_command },
2514 { "CLEARCACHE", clearcache_command },
2515 { "CACHETIMEOUT", cachetimeout_command },
2516 { "GETCONFIG", getconfig_command },
2517 { "DUMP", dump_command },
2518 { "XPATH", xpath_command },
2519 { "IMPORT", import_command },
2520 { "INPUT", NULL },
2521 { "OUTPUT", NULL },
2522 { NULL, NULL }
2523 };
2524 gint i, rc;
2525
2526 for (i=0; table[i].name; i++) {
2527 rc = assuan_register_command (ctx, table[i].name, table[i].handler);
2528
2529 if (rc)
2530 return rc;
2531 }
2532
2533 rc = assuan_register_bye_notify(ctx, cleanup_assuan);
2534
2535 if (rc)
2536 return rc;
2537
2538 rc = assuan_register_option_handler(ctx, option_handler);
2539
2540 if (rc)
2541 return rc;
2542
2543 return assuan_register_reset_notify(ctx, reset_notify);
2544 }
2545
2546 gpg_error_t try_xml_decrypt(assuan_context_t ctx, gint fd, struct stat st,
2547 guchar *key)
2548 {
2549 guchar *iv;
2550 void *inbuf;
2551 gsize insize, len;
2552 guchar tkey[gcrykeysize];
2553 struct client_s *client = ctx ? assuan_get_pointer(ctx) : NULL;
2554 gcry_cipher_hd_t gh;
2555 guint iter = 0, n_iter = 0;
2556 gint iter_progress;
2557 void *outbuf = NULL;
2558 gint zrc = 0;
2559 glong outsize = 0;
2560 gpg_error_t rc;
2561 file_header_t file_header;
2562 gchar str[ASSUAN_LINELENGTH];
2563
2564 if (!ctx) {
2565 rc = gcry_cipher_open(&gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
2566
2567 if (rc)
2568 return rc;
2569 }
2570 else
2571 gh = client->gh;
2572
2573 lseek(fd, 0, SEEK_SET);
2574 insize = st.st_size - sizeof(file_header_t);
2575 iv = gcry_malloc(gcryblocksize);
2576
2577 if (!iv) {
2578 if (!ctx)
2579 gcry_cipher_close(gh);
2580
2581 return gpg_error_from_errno(ENOMEM);
2582 }
2583
2584 len = pth_read(fd, &file_header, sizeof(file_header_t));
2585
2586 if (len != sizeof(file_header_t)) {
2587 len = errno;
2588
2589 if (!ctx)
2590 gcry_cipher_close(gh);
2591
2592 gcry_free(iv);
2593 errno = len;
2594 return gpg_error_from_errno(errno);
2595 }
2596
2597 /* No encryption iterations. This is a plain (gzipped) file. */
2598 if (file_header.iter == -1) {
2599 /*
2600 * cache_file_count() needs both .used == TRUE and a valid key in
2601 * order for it to count as a used cache entry. Fixes CACHE status
2602 * messages.
2603 */
2604 memset(key, '!', gcrykeysize);
2605 insize = st.st_size - sizeof(file_header_t);
2606 }
2607
2608 memcpy(iv, &file_header.iv, sizeof(file_header.iv));
2609 inbuf = gcry_malloc(insize);
2610
2611 if (!inbuf) {
2612 if (!ctx)
2613 gcry_cipher_close(gh);
2614
2615 gcry_free(iv);
2616 return gpg_error_from_errno(ENOMEM);
2617 }
2618
2619 len = pth_read(fd, inbuf, insize);
2620
2621 if (len != insize) {
2622 len = errno;
2623
2624 if (!ctx)
2625 gcry_cipher_close(gh);
2626
2627 gcry_free(iv);
2628 errno = len;
2629 return gpg_error_from_errno(errno);
2630 }
2631
2632 if (file_header.iter == -1)
2633 goto decompress;
2634
2635 memcpy(tkey, key, sizeof(tkey));
2636 tkey[0] ^= 1;
2637
2638 if ((rc = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2639 if (!ctx) {
2640 gcry_cipher_close(gh);
2641 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2642 }
2643 else
2644 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2645
2646 gcry_free(inbuf);
2647 gcry_free(iv);
2648 return rc;
2649 }
2650
2651 if ((rc = gcry_cipher_setkey(gh, key, gcrykeysize))) {
2652 if (!ctx) {
2653 gcry_cipher_close(gh);
2654 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2655 }
2656 else
2657 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2658
2659 gcry_free(inbuf);
2660 gcry_free(iv);
2661
2662 if (!ctx)
2663 gcry_cipher_close(gh);
2664
2665 return rc;
2666 }
2667
2668 iter_progress = get_key_file_integer("global", "iteration_progress");
2669
2670 if (ctx && iter_progress > 0 && file_header.iter >= iter_progress) {
2671 rc = assuan_write_status(client->ctx, "DECRYPT", "0");
2672
2673 if (rc) {
2674 gcry_free(inbuf);
2675 gcry_free(iv);
2676 return rc;
2677 }
2678 }
2679
2680 rc = decrypt_xml(gh, inbuf, insize, NULL, 0);
2681
2682 if (rc) {
2683 gcry_free(inbuf);
2684 gcry_free(iv);
2685 return rc;
2686 }
2687
2688 if ((rc = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
2689 if (!ctx) {
2690 gcry_cipher_close(gh);
2691 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2692 }
2693 else
2694 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2695
2696 gcry_free(inbuf);
2697 gcry_free(iv);
2698 return rc;
2699 }
2700
2701 while (iter < file_header.iter) {
2702 if (ctx && iter_progress > 0 && iter >= iter_progress) {
2703 if (!(iter % iter_progress)) {
2704 rc = assuan_write_status(ctx, "DECRYPT",
2705 print_fmt(str, sizeof(str), "%i", ++n_iter * iter_progress));
2706
2707 if (rc) {
2708 gcry_free(inbuf);
2709 gcry_free(iv);
2710 return rc;
2711 }
2712 }
2713 }
2714
2715 if ((rc = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2716 if (!ctx) {
2717 gcry_cipher_close(gh);
2718 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2719 }
2720 else
2721 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2722
2723 gcry_free(inbuf);
2724 gcry_free(iv);
2725 return rc;
2726 }
2727
2728 rc = decrypt_xml(gh, inbuf, insize, NULL, 0);
2729
2730 if (rc) {
2731 if (!ctx) {
2732 gcry_cipher_close(gh);
2733 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2734 }
2735 else
2736 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
2737
2738 gcry_free(inbuf);
2739 gcry_free(iv);
2740 return rc;
2741 }
2742
2743 iter++;
2744 pth_yield(NULL);
2745 }
2746
2747 if (ctx && iter_progress && file_header.iter >= iter_progress) {
2748 rc = assuan_write_status(ctx, "DECRYPT",
2749 print_fmt(str, sizeof(str), "%i", file_header.iter));
2750
2751 if (rc) {
2752 gcry_free(inbuf);
2753 gcry_free(iv);
2754 return rc;
2755 }
2756 }
2757
2758 gcry_free(iv);
2759
2760 decompress:
2761 if (do_decompress(ctx, inbuf, insize, &outbuf, &outsize, &zrc) == FALSE) {
2762 /*
2763 * Z_DATA_ERROR may be returned if this file hasn't been compressed yet.
2764 */
2765 if (zrc == Z_MEM_ERROR) {
2766 gcry_free(inbuf);
2767 return gpg_error_from_errno(ENOMEM);
2768 }
2769 else if (zrc != Z_DATA_ERROR) {
2770 gcry_free(inbuf);
2771
2772 if (!ctx)
2773 gcry_cipher_close(gh);
2774
2775 return EPWMD_BADKEY;
2776 }
2777 }
2778 else {
2779 gcry_free(inbuf);
2780 inbuf = outbuf;
2781 insize = outsize;
2782 }
2783
2784 if (g_strncasecmp(inbuf, "<?xml version=\"1.0\"?>", 21) != 0) {
2785 gcry_free(inbuf);
2786
2787 if (!ctx)
2788 gcry_cipher_close(gh);
2789
2790 return EPWMD_BADKEY;
2791 }
2792
2793 if (ctx) {
2794 client->xml = inbuf;
2795 client->len = insize;
2796 }
2797 else {
2798 gcry_cipher_close(gh);
2799 gcry_free(inbuf);
2800 }
2801
2802 return 0;
2803 }
2804
2805 /*
2806 * This is called after every Assuan command.
2807 */
2808 void command_finalize(assuan_context_t ctx, gint rc)
2809 {
2810 struct client_s *client = assuan_get_pointer(ctx);
2811
2812 unlock_file_mutex(client);
2813 }
A server for managing passphrases and anything else.