1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
3 Copyright (C) 2006-2009 Ben Kibbey <bjk@luxsci.net>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02110-1301 USA
38 #include <glib/gprintf.h>
45 #include <netinet/in.h>
46 #include <arpa/inet.h>
49 #include <sys/resource.h>
66 #include "pwmd_error.h"
72 GCRY_THREAD_OPTION_PTH_IMPL
;
74 static void clear_rcfile_keys()
80 groups
= g_key_file_get_groups(keyfileh
, &n
);
82 for (p
= groups
; *p
; p
++) {
85 if (g_key_file_has_key(keyfileh
, *p
, "key", &rc
) == TRUE
)
86 g_key_file_set_string(keyfileh
, *p
, "key", "");
92 static void *reload_rcfile_thread(void *arg
)
94 gboolean b
= disable_list_and_dump
;
96 pth_attr_t attr
= pth_attr_of(pth_self());
98 pth_attr_set(attr
, PTH_ATTR_NAME
, __FUNCTION__
);
99 pth_attr_destroy(attr
);
100 MUTEX_LOCK(&rcfile_mutex
);
101 log_write(N_("reloading configuration file '%s'"), rcfile
);
102 k
= parse_rcfile(FALSE
);
107 g_key_file_free(keyfileh
);
111 disable_list_and_dump
= b
;
112 startStopKeepAlive(FALSE
);
113 send_status_all(STATUS_CONFIG
);
115 MUTEX_UNLOCK(&rcfile_mutex
);
119 static void reload_rcfile()
122 pth_attr_t attr
= pth_attr_new();
126 pth_attr_set(attr
, PTH_ATTR_JOINABLE
, 0);
127 tid
= pth_spawn(attr
, reload_rcfile_thread
, NULL
);
129 pth_attr_destroy(attr
);
132 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
133 _gpg_strerror(gpg_error_from_errno(n
)));
136 gpg_error_t
send_syserror(assuan_context_t ctx
, gint e
)
138 gpg_error_t n
= gpg_error_from_errno(e
);
140 return assuan_process_done(ctx
, assuan_set_error(ctx
, n
, _gpg_strerror(n
)));
143 gpg_error_t
send_error(assuan_context_t ctx
, gpg_error_t e
)
145 gpg_err_code_t n
= gpg_err_code(e
);
146 gpg_error_t code
= gpg_err_make(PWMD_ERR_SOURCE
, n
);
147 struct client_s
*client
= assuan_get_pointer(ctx
);
150 return assuan_process_done(ctx
, 0);
153 log_write("%s", pwmd_strerror(e
));
157 if (n
== EPWMD_LIBXML_ERROR
) {
158 xmlErrorPtr xe
= client
->xml_error
;
161 xe
= xmlGetLastError();
163 e
= assuan_process_done(ctx
, assuan_set_error(ctx
, code
, xe
->message
));
164 log_write("%s", xe
->message
);
166 if (xe
== client
->xml_error
)
171 client
->xml_error
= NULL
;
175 return assuan_process_done(ctx
, assuan_set_error(ctx
, code
, pwmd_strerror(e
)));
178 void log_write(const gchar
*fmt
, ...)
188 pth_t tid
= pth_self();
191 if ((!logfile
&& !isatty(STDERR_FILENO
) && log_syslog
== FALSE
) || !fmt
)
194 if (!cmdline
&& logfile
) {
195 if ((fd
= open(logfile
, O_WRONLY
|O_CREAT
|O_APPEND
, 0600)) == -1) {
203 if (g_vasprintf(&args
, fmt
, ap
) == -1) {
214 fprintf(stderr
, "%s\n", args
);
220 attr
= pth_attr_of(tid
);
222 if (pth_attr_get(attr
, PTH_ATTR_NAME
, &name
) == FALSE
)
225 pth_attr_destroy(attr
);
226 name
= print_fmt(buf
, sizeof(buf
), "%s(%p): ", name
, tid
);
228 if (!cmdline
&& log_syslog
== TRUE
)
229 syslog(LOG_INFO
, "%s%s", name
, args
);
232 tm
= localtime(&now
);
233 strftime(tbuf
, sizeof(tbuf
), "%b %d %Y %H:%M:%S ", tm
);
234 tbuf
[sizeof(tbuf
) - 1] = 0;
236 if (args
[strlen(args
)-1] == '\n')
237 args
[strlen(args
)-1] = 0;
239 line
= g_strdup_printf("%s %i %s%s\n", tbuf
, getpid(), name
, args
);
250 pth_write(fd
, line
, strlen(line
));
255 if (isatty(STDERR_FILENO
)) {
256 fprintf(stderr
, "%s", line
);
263 static void usage(gchar
*pn
)
265 g_fprintf(stderr
, N_(
266 "Usage: %s [-hvDnP] [-f <rcfile>] [-C <filename>] "
267 "[-I <filename> [-i <iter>]]\n "
268 "[-k <keyfile>] [-o <outfile>] [file1] [...]\n"
269 " -n run as a foreground process\n"
270 " -f load the specified rcfile (~/.pwmd/config)\n"
271 " -C convert a version 1 data file to version 2\n"
272 " -I import an XML file\n"
273 " -i encrypt with the specified number of iterations when importing\n"
274 " (config default in the \"global\" section)\n"
275 " -k obtain the key from the specified file\n"
276 " -o output file for use with the -C and -I options\n"
277 " -D disable use of the LIST and DUMP commands\n"
278 " -P disable pinentry\n"
280 " -h this help text\n"
285 static int gcry_SecureCheck(const void *ptr
)
290 static void setup_gcrypt()
292 gcry_control(GCRYCTL_SET_THREAD_CBS
, &gcry_threads_pth
);
293 gcry_check_version(GCRYPT_VERSION
);
295 gcry_set_allocation_handler(xmalloc
, xmalloc
, gcry_SecureCheck
, xrealloc
,
298 if (gcry_cipher_algo_info(GCRY_CIPHER_AES256
, GCRYCTL_TEST_ALGO
, NULL
,
300 errx(EXIT_FAILURE
, N_("Required AES cipher not supported by libgcrypt."));
302 gcry_cipher_algo_info(GCRY_CIPHER_AES256
, GCRYCTL_GET_KEYLEN
, NULL
, &gcrykeysize
);
303 gcry_cipher_algo_info(GCRY_CIPHER_AES256
, GCRYCTL_GET_BLKLEN
, NULL
, &gcryblocksize
);
306 static gint
new_connection(struct client_s
*cl
)
311 rc
= assuan_init_socket_server_ext(&cl
->ctx
, cl
->thd
->fd
, 2);
316 assuan_set_pointer(cl
->ctx
, cl
);
317 ver
= g_strdup_printf("%s", PACKAGE_STRING
);
318 assuan_set_hello_line(cl
->ctx
, ver
);
320 rc
= register_commands(cl
->ctx
);
325 rc
= assuan_accept(cl
->ctx
);
333 log_write("%s", _gpg_strerror(rc
));
339 static void xml_error_cb(void *data
, xmlErrorPtr e
)
341 struct client_s
*client
= data
;
344 * Keep the first reported error as the one to show in the error
345 * description. Reset in send_error().
347 if (client
->xml_error
)
350 xmlCopyError(e
, client
->xml_error
);
353 void close_file_header(file_header_internal_t
*fh
)
358 if (fh
->fd
!= -1 || (cmdline
== TRUE
&& fh
->fd
!= STDOUT_FILENO
))
367 void cleanup_crypto(struct client_crypto_s
**c
)
369 struct client_crypto_s
*cr
= *c
;
384 gcry_free(cr
->tkey2
);
387 gcry_free(cr
->inbuf
);
390 gcry_free(cr
->outbuf
);
392 close_file_header(cr
->fh
);
395 gcry_cipher_close(cr
->gh
);
402 * This is called after a child_thread terminates. Set with
403 * pth_cleanup_push().
405 static void cleanup_cb(void *arg
)
407 struct client_thread_s
*cn
= arg
;
408 struct client_s
*cl
= cn
->cl
;
410 MUTEX_LOCK(&cn_mutex
);
411 cn_thread_list
= g_slist_remove(cn_thread_list
, cn
);
412 MUTEX_UNLOCK(&cn_mutex
);
415 pth_cancel(cn
->msg_tid
);
416 pth_join(cn
->msg_tid
, NULL
);
419 while (pth_msgport_pending(cn
->mp
)) {
420 pth_message_t
*msg
= pth_msgport_get(cn
->mp
);
426 pth_msgport_destroy(cn
->mp
);
435 assuan_deinit_server(cl
->ctx
);
436 else if (cl
->thd
&& cl
->thd
->fd
!= -1)
441 cleanup_pinentry(cl
->pinentry
);
445 cleanup_crypto(&cl
->crypto
);
449 log_write(N_("exiting, fd=%i"), cn
->fd
);
451 send_status_all(STATUS_CLIENTS
);
455 * Called every time a connection is made from init_new_connection(). This is
456 * the thread entry point.
458 static void *client_thread(void *data
)
460 struct client_thread_s
*thd
= data
;
461 struct client_s
*cl
= g_malloc0(sizeof(struct client_s
));
467 * Prevent a race condition with init_new_connection() if this thread
468 * fails (returns) for some reason before init_new_connection() releases
471 MUTEX_LOCK(&cn_mutex
);
472 MUTEX_UNLOCK(&cn_mutex
);
473 pth_cleanup_push(cleanup_cb
, thd
);
476 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
480 attr
= pth_attr_of(pth_self());
481 pth_attr_set(attr
, PTH_ATTR_NAME
, __FUNCTION__
);
482 pth_attr_destroy(attr
);
486 if (new_connection(cl
))
490 cl
->pinentry
= pinentry_init();
493 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
499 if (disable_mlock
== FALSE
&& mlockall(MCL_FUTURE
) == -1) {
500 log_write("mlockall(): %s", strerror(errno
));
505 //pth_mutex_init(&thd->msg_list_mutex);
506 attr
= pth_attr_new();
508 pth_attr_set(attr
, PTH_ATTR_JOINABLE
, TRUE
);
509 thd
->mp
= pth_msgport_create(NULL
);
510 thd
->msg_tid
= pth_spawn(attr
, client_msg_thread
, thd
);
512 pth_attr_destroy(attr
);
515 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
516 _gpg_strerror(gpg_error_from_errno(n
)));
520 pth_yield(thd
->msg_tid
);
521 rc
= send_status(cl
->ctx
, STATUS_CACHE
, NULL
);
524 log_write("%s", _gpg_strerror(rc
));
528 send_status_all(STATUS_CLIENTS
);
529 xmlSetStructuredErrorFunc(cl
, xml_error_cb
);
533 pth_event_t pev
= NULL
;
535 pth_status_t st
, wst
;
536 pth_event_t wev
= NULL
;
537 pth_event_t ev
= pth_event(PTH_EVENT_FD
|PTH_UNTIL_FD_READABLE
,
541 if (cl
->pinentry
->status
== PINENTRY_RUNNING
) {
542 pev
= pth_event(PTH_EVENT_FD
|PTH_UNTIL_FD_READABLE
, cl
->pinentry
->fd
);
543 ev
= pth_event_concat(ev
, pev
, NULL
);
547 if (cl
->inquire_status
== INQUIRE_BUSY
) {
548 wev
= pth_event(PTH_EVENT_FD
|PTH_UNTIL_FD_WRITEABLE
, cl
->thd
->fd
);
549 ev
= pth_event_concat(ev
, wev
, NULL
);
552 pth_cleanup_push(cleanup_ev_cb
, ev
);
554 pth_event_isolate(ev
);
555 st
= pth_event_status(ev
);
556 wst
= pth_event_status(wev
);
558 if (st
== PTH_STATUS_OCCURRED
|| wst
== PTH_STATUS_OCCURRED
) {
559 rc
= assuan_process_next(cl
->ctx
);
562 cl
->inquire_status
= INQUIRE_INIT
;
564 if (gpg_err_code(rc
) == GPG_ERR_EOF
)
567 log_write("assuan_process_next(): %s", _gpg_strerror(rc
));
568 rc
= send_error(cl
->ctx
, gpg_err_make(PWMD_ERR_SOURCE
, rc
));
571 log_write("assuan_process_done(): %s", _gpg_strerror(rc
));
577 if (cl
->pinentry
->pid
&& cl
->pinentry
->status
== PINENTRY_INIT
)
578 cl
->pinentry
->status
= PINENTRY_RUNNING
;
581 switch (cl
->inquire_status
) {
586 cl
->inquire_status
= INQUIRE_INIT
;
587 rc
= assuan_process_done(cl
->ctx
, 0);
595 st
= pth_event_status(pev
);
597 rc
= pinentry_iterate(cl
,
598 pev
&& cl
->pinentry
->fd
!= -1 && st
== PTH_STATUS_OCCURRED
);
604 * Client cleanup (including XML data) is done in cleanup_cb().
609 pth_exit(PTH_CANCELED
);
613 static void setup_logging(GKeyFile
*kf
)
615 gboolean n
= g_key_file_get_boolean(kf
, "global", "enable_logging", NULL
);
618 gchar
*p
= g_key_file_get_string(kf
, "global", "log_path", NULL
);
624 g_snprintf(buf
, sizeof(buf
), "%s%s", g_get_home_dir(), p
--);
630 logfile
= g_strdup(buf
);
640 log_syslog
= g_key_file_get_boolean(kf
, "global", "syslog", NULL
);
644 * Make sure all settings are set to either the specified setting or a
647 static void set_rcfile_defaults(GKeyFile
*kf
)
651 if (g_key_file_has_key(kf
, "global", "socket_path", NULL
) == FALSE
) {
652 g_snprintf(buf
, sizeof(buf
), "~/.pwmd/socket");
653 g_key_file_set_string(kf
, "global", "socket_path", buf
);
656 if (g_key_file_has_key(kf
, "global", "data_directory", NULL
) == FALSE
) {
657 g_snprintf(buf
, sizeof(buf
), "~/.pwmd/data");
658 g_key_file_set_string(kf
, "global", "data_directory", buf
);
661 if (g_key_file_has_key(kf
, "global", "backup", NULL
) == FALSE
)
662 g_key_file_set_boolean(kf
, "global", "backup", TRUE
);
664 if (g_key_file_has_key(kf
, "global", "log_path", NULL
) == FALSE
) {
665 g_snprintf(buf
, sizeof(buf
), "~/.pwmd/log");
666 g_key_file_set_string(kf
, "global", "log_path", buf
);
669 if (g_key_file_has_key(kf
, "global", "enable_logging", NULL
) == FALSE
)
670 g_key_file_set_boolean(kf
, "global", "enable_logging", FALSE
);
673 if (g_key_file_has_key(kf
, "global", "disable_mlockall", NULL
) == FALSE
)
674 g_key_file_set_boolean(kf
, "global", "disable_mlockall", TRUE
);
677 if (g_key_file_has_key(kf
, "global", "cache_timeout", NULL
) == FALSE
)
678 g_key_file_set_integer(kf
, "global", "cache_timeout", -1);
680 if (g_key_file_has_key(kf
, "global", "iterations", NULL
) == FALSE
||
681 g_key_file_get_integer(kf
, "global", "iterations", 0) < 0)
682 g_key_file_set_integer(kf
, "global", "iterations", 1);
684 if (g_key_file_has_key(kf
, "global", "disable_list_and_dump", NULL
) == FALSE
)
685 g_key_file_set_boolean(kf
, "global", "disable_list_and_dump", FALSE
);
687 if (g_key_file_has_key(kf
, "global", "iteration_progress", NULL
) == FALSE
)
688 g_key_file_set_integer(kf
, "global", "iteration_progress", 0);
690 if (g_key_file_has_key(kf
, "global", "compression_level", NULL
) == FALSE
)
691 g_key_file_set_integer(kf
, "global", "compression_level", 6);
693 if (g_key_file_has_key(kf
, "global", "recursion_depth", NULL
) == FALSE
)
694 g_key_file_set_integer(kf
, "global", "recursion_depth", DEFAULT_RECURSION_DEPTH
);
696 if (g_key_file_has_key(kf
, "global", "zlib_bufsize", NULL
) == FALSE
)
697 g_key_file_set_integer(kf
, "global", "zlib_bufsize", DEFAULT_ZLIB_BUFSIZE
);
699 zlib_bufsize
= (uInt
)g_key_file_get_integer(kf
, "global", "zlib_bufsize", NULL
);
701 max_recursion_depth
= g_key_file_get_integer(kf
, "global", "recursion_depth", NULL
);
702 disable_list_and_dump
= g_key_file_get_boolean(kf
, "global", "disable_list_and_dump", NULL
);
705 disable_mlock
= g_key_file_get_boolean(kf
, "global", "disable_mlockall", NULL
);
708 if (g_key_file_has_key(kf
, "global", "syslog", NULL
) == FALSE
)
709 g_key_file_set_boolean(kf
, "global", "syslog", FALSE
);
711 if (g_key_file_has_key(kf
, "global", "keepalive", NULL
) == FALSE
)
712 g_key_file_set_integer(kf
, "global", "keepalive", DEFAULT_KEEPALIVE_TO
);
715 if (g_key_file_has_key(kf
, "global", "enable_pinentry", NULL
) == FALSE
)
716 g_key_file_set_boolean(kf
, "global", "enable_pinentry", TRUE
);
718 if (g_key_file_has_key(kf
, "global", "pinentry_timeout", NULL
) == FALSE
)
719 g_key_file_set_integer(kf
, "global", "pinentry_timeout",
720 DEFAULT_PIN_TIMEOUT
);
722 if (g_key_file_has_key(kf
, "global", "pinentry_path", NULL
) == FALSE
)
723 g_key_file_set_string(kf
, "global", "pinentry_path", PINENTRY_PATH
);
726 if (g_key_file_has_key(kf
, "global", "xfer_progress", NULL
) == FALSE
)
727 g_key_file_set_integer(kf
, "global", "xfer_progress", 8196);
732 static GKeyFile
*parse_rcfile(gboolean specified
)
734 GKeyFile
*kf
= g_key_file_new();
737 if (g_key_file_load_from_file(kf
, rcfile
, G_KEY_FILE_NONE
, &rc
) == FALSE
) {
738 log_write("%s: %s", rcfile
, rc
->message
);
740 if (cmdline
&& specified
) {
745 if (rc
->code
== G_FILE_ERROR_NOENT
) {
747 set_rcfile_defaults(kf
);
755 set_rcfile_defaults(kf
);
759 static gchar
*do_get_password(const gchar
*prompt
)
761 gchar buf
[LINE_MAX
] = {0}, *p
;
762 struct termios told
, tnew
;
765 if (tcgetattr(STDIN_FILENO
, &told
) == -1) {
766 log_write("tcgetattr(): %s", strerror(errno
));
770 memcpy(&tnew
, &told
, sizeof(struct termios
));
771 tnew
.c_lflag
&= ~(ECHO
);
772 tnew
.c_lflag
|= ICANON
|ECHONL
;
774 if (tcsetattr(STDIN_FILENO
, TCSANOW
, &tnew
) == -1) {
775 log_write("tcsetattr(): %s", strerror(errno
));
776 tcsetattr(STDIN_FILENO
, TCSANOW
, &told
);
780 fprintf(stderr
, "%s", prompt
);
782 if ((p
= fgets(buf
, sizeof(buf
), stdin
)) == NULL
) {
783 tcsetattr(STDIN_FILENO
, TCSANOW
, &told
);
787 tcsetattr(STDIN_FILENO
, TCSANOW
, &told
);
788 p
[strlen(p
) - 1] = 0;
791 key
= gcry_malloc(1);
795 key
= gcry_malloc(strlen(p
) + 1);
796 sprintf(key
, "%s", p
);
799 memset(&buf
, 0, sizeof(buf
));
803 /* Only used when "enable_pinentry" is "false" or -P. */
804 static gpg_error_t
get_input(const gchar
*filename
,
805 struct client_crypto_s
*crypto
, guchar
*key
, pinentry_cmd_t which
)
809 if (which
== PINENTRY_SAVE
) {
810 prompt
= g_strdup_printf(N_("New passphrase for file %s: "), filename
);
811 crypto
->tkey
= do_get_password(prompt
);
815 log_write(N_("%s: Skipping file"), filename
);
816 return GPG_ERR_BAD_PASSPHRASE
;
819 prompt
= g_strdup_printf(N_("Repeat passphrase: "));
820 crypto
->tkey2
= do_get_password(prompt
);
823 if (!crypto
->tkey2
) {
824 log_write(N_("%s: Skipping file"), filename
);
825 return GPG_ERR_BAD_PASSPHRASE
;
828 if (strcmp(crypto
->tkey
, crypto
->tkey2
)) {
829 log_write(N_("%s: Passphrase mismatch"), filename
);
833 gcry_md_hash_buffer(GCRY_MD_SHA256
, key
, crypto
->tkey
,
834 strlen(crypto
->tkey
) ? strlen(crypto
->tkey
) : 1);
838 prompt
= g_strdup_printf(N_("Passphrase required for %s: "), filename
);
840 if ((crypto
->tkey
= do_get_password(prompt
)) == NULL
) {
841 log_write(N_("%s: Skipping file"), filename
);
843 return GPG_ERR_BAD_PASSPHRASE
;
846 gcry_md_hash_buffer(GCRY_MD_SHA256
, key
, crypto
->tkey
,
847 strlen(crypto
->tkey
) ? strlen(crypto
->tkey
) : 1);
853 * inbuf must have been allocated with gcry_malloc().
855 gpg_error_t
export_common(const gchar
*filename
, struct client_crypto_s
*crypto
,
856 gpointer inbuf
, gulong insize
)
863 level
= get_key_file_integer(filename
, "compression_level");
868 if (do_compress(NULL
, level
, inbuf
, insize
, &outbuf
, &outsize
, &zrc
)
870 return zrc
== Z_MEM_ERROR
? GPG_ERR_ENOMEM
: GPG_ERR_COMPR_ALGO
;
873 crypto
->inbuf
= outbuf
;
874 crypto
->insize
= outsize
;
875 rc
= do_xml_encrypt(NULL
, crypto
, filename
);
879 static gpg_error_t
get_password(const gchar
*filename
,
880 struct client_crypto_s
*crypto
, guchar
*md5file
, guchar
*key
,
881 pinentry_cmd_t which
)
886 if (g_key_file_get_boolean(keyfileh
, "global", "enable_pinentry", NULL
)
889 return get_input(filename
, crypto
, key
, which
);
893 gchar
*result
= NULL
;
894 struct pinentry_s
*pin
= g_malloc0(sizeof(struct pinentry_s
));
896 pth_mutex_init(&pin
->status_mutex
);
897 set_pinentry_defaults(pin
);
899 pin
->filename
= g_strdup(filename
);
900 rc
= pinentry_getpin(pin
, &result
);
907 gcry_md_hash_buffer(GCRY_MD_SHA256
, key
, result
, result
? strlen(result
) : 1);
909 cleanup_pinentry(pin
);
917 static gboolean
_getline(const gchar
*file
, gchar
**result
, gpg_error_t
*rc
)
920 gchar buf
[LINE_MAX
] = {0}, *p
;
926 if ((fp
= fopen(file
, "r")) == NULL
) {
927 *rc
= gpg_error_from_syserror();
931 p
= fgets(buf
, sizeof(buf
), fp
);
935 if (len
&& buf
[len
- 1] == '\n')
938 str
= gcry_malloc(len
+ 1);
941 *rc
= gpg_error_from_errno(ENOMEM
);
945 memcpy(str
, buf
, len
? len
: 1);
947 memset(&buf
, 0, sizeof(buf
));
952 static gchar
*parse_rcfile_keyfile(const gchar
*filename
, gboolean import
,
956 gchar
*t
, *file
= NULL
, *str
;
958 *rc
= GPG_ERR_UNKNOWN_ERRNO
;
960 if (import
== FALSE
) {
961 if (g_key_file_has_key(keyfileh
, filename
, "key_file", &rv
) == TRUE
) {
962 file
= g_key_file_get_string(keyfileh
, filename
, "key_file", &rv
);
966 log_write("%s: key_file: %s", rcfile
, rv
->message
);
973 t
= expand_homedir(file
);
976 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
977 *rc
= gpg_error_from_errno(ENOMEM
);
986 /* -I or -C. The filename is a key file. */
987 file
= g_strdup(filename
);
990 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
991 *rc
= gpg_error_from_errno(ENOMEM
);
997 log_write("%s: key_file: %s", rcfile
, rv
->message
);
1005 if (_getline(file
, &str
, rc
) == FALSE
) {
1006 log_write("%s: %s: %s", filename
, file
, pwmd_strerror(*rc
));
1016 static gboolean
xml_import(const gchar
*filename
, const gchar
*outfile
,
1017 const gchar
*keyfile
, guint64 iter
)
1026 struct client_crypto_s
*crypto
;
1028 if (stat(filename
, &st
) == -1) {
1029 log_write("%s: %s", filename
, strerror(errno
));
1033 crypto
= init_client_crypto();
1038 crypto
->key
= gcry_malloc(gcrykeysize
);
1039 memset(crypto
->key
, 0, gcrykeysize
);
1042 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1046 log_write(N_("Importing XML from '%s'. Output will be written to '%s' ..."),
1049 if (iter
&& keyfile
) {
1050 crypto
->tkey
= parse_rcfile_keyfile(keyfile
, TRUE
, &rc
);
1055 gcry_md_hash_buffer(GCRY_MD_SHA256
, crypto
->key
, crypto
->tkey
,
1056 strlen(crypto
->tkey
) ? strlen(crypto
->tkey
) : 1);
1059 rc
= get_password(outfile
, crypto
, NULL
, crypto
->key
, PINENTRY_SAVE
);
1065 if ((fd
= open(filename
, O_RDONLY
)) == -1) {
1066 log_write("%s: %s", filename
, strerror(errno
));
1070 if ((xmlbuf
= gcry_malloc(st
.st_size
+1)) == NULL
) {
1072 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1076 if (pth_read(fd
, xmlbuf
, st
.st_size
) == -1) {
1080 log_write("%s: %s", filename
, strerror(errno
));
1085 xmlbuf
[st
.st_size
] = 0;
1088 * Make sure the document validates.
1090 if ((doc
= xmlReadDoc(xmlbuf
, NULL
, "UTF-8", XML_PARSE_NOBLANKS
)) == NULL
) {
1091 log_write("xmlReadDoc() failed");
1097 xmlDocDumpMemory(doc
, &xml
, &len
);
1101 memset(crypto
->key
, '!', gcrykeysize
);
1103 crypto
->fh
= g_malloc0(sizeof(file_header_internal_t
));
1106 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1110 crypto
->fh
->fh2
.iter
= iter
;
1111 rc
= export_common(outfile
, crypto
, xml
, len
);
1115 send_error(NULL
, rc
);
1119 cleanup_crypto(&crypto
);
1123 cleanup_crypto(&crypto
);
1127 gchar
*get_key_file_string(const gchar
*section
, const gchar
*what
)
1132 MUTEX_LOCK(&rcfile_mutex
);
1134 if (g_key_file_has_key(keyfileh
, section
, what
, NULL
) == TRUE
) {
1135 val
= g_key_file_get_string(keyfileh
, section
, what
, &grc
);
1138 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1139 g_clear_error(&grc
);
1143 if (g_key_file_has_key(keyfileh
, "global", what
, NULL
) == TRUE
) {
1144 val
= g_key_file_get_string(keyfileh
, "global", what
, &grc
);
1147 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1148 g_clear_error(&grc
);
1153 MUTEX_UNLOCK(&rcfile_mutex
);
1157 gint
get_key_file_integer(const gchar
*section
, const gchar
*what
)
1162 MUTEX_LOCK(&rcfile_mutex
);
1164 if (g_key_file_has_key(keyfileh
, section
? section
: "global", what
, NULL
) == TRUE
) {
1165 val
= g_key_file_get_integer(keyfileh
, section
? section
: "global", what
, &grc
);
1168 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1169 g_clear_error(&grc
);
1173 if (g_key_file_has_key(keyfileh
, "global", what
, NULL
) == TRUE
) {
1174 val
= g_key_file_get_integer(keyfileh
, "global", what
, &grc
);
1177 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1178 g_clear_error(&grc
);
1183 MUTEX_UNLOCK(&rcfile_mutex
);
1187 gboolean
get_key_file_boolean(const gchar
*section
, const gchar
*what
)
1189 gboolean val
= FALSE
;
1192 MUTEX_LOCK(&rcfile_mutex
);
1194 if (g_key_file_has_key(keyfileh
, section
? section
: "global", what
, NULL
)
1196 val
= g_key_file_get_boolean(keyfileh
, section
? section
: "global",
1200 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1201 g_clear_error(&grc
);
1205 if (g_key_file_has_key(keyfileh
, "global", what
, NULL
) == TRUE
) {
1206 val
= g_key_file_get_boolean(keyfileh
, "global", what
, &grc
);
1209 log_write("%s(%i): %s", __FILE__
, __LINE__
, grc
->message
);
1210 g_clear_error(&grc
);
1215 MUTEX_UNLOCK(&rcfile_mutex
);
1219 static gboolean
parse_rcfile_keys()
1226 groups
= g_key_file_get_groups(keyfileh
, &n
);
1228 for (p
= groups
; *p
; p
++) {
1231 if (g_key_file_has_key(keyfileh
, *p
, "key", &rc
) == TRUE
) {
1232 str
= g_key_file_get_string(keyfileh
, *p
, "key", &rc
);
1236 log_write("%s: key: %s", rcfile
, rc
->message
);
1242 do_cache_push(*p
, str
);
1248 log_write("%s: key: %s", rcfile
, rc
->message
);
1254 str
= parse_rcfile_keyfile(*p
, FALSE
, &ret
);
1259 do_cache_push(*p
, str
);
1267 static gboolean
do_cache_push(const gchar
*filename
, const gchar
*password
)
1271 const gchar
*p
= filename
;
1272 struct client_crypto_s
*crypto
;
1281 if (valid_filename(p
) == FALSE
) {
1282 log_write(N_("%s: Invalid characters in filename"), p
);
1286 gcry_md_hash_buffer(GCRY_MD_MD5
, md5file
, p
, strlen(p
));
1288 if (access(p
, R_OK
|W_OK
) != 0) {
1289 log_write("%s: %s", p
, strerror(errno
));
1293 crypto
= init_client_crypto();
1298 crypto
->fh
= read_file_header(filename
, FALSE
, &rc
);
1301 log_write("%s: %s", p
, pwmd_strerror(rc
));
1302 cleanup_crypto(&crypto
);
1306 crypto
->key
= gcry_malloc(gcrykeysize
);
1309 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1310 cleanup_crypto(&crypto
);
1314 log_write(N_("Adding '%s' to the file cache ..."), filename
);
1316 if (crypto
->fh
->fh2
.iter
<= 0) {
1317 memset(crypto
->key
, '!', gcrykeysize
);
1322 rc
= get_password(p
, crypto
, md5file
, crypto
->key
, PINENTRY_OPEN
);
1325 send_error(NULL
, rc
);
1326 cleanup_crypto(&crypto
);
1330 gcry_free(crypto
->fh
->doc
);
1331 crypto
->fh
->doc
= NULL
;
1334 gcry_md_hash_buffer(GCRY_MD_SHA256
, crypto
->key
, password
,
1335 strlen(password
) ? strlen(password
) : 1);
1338 rc
= try_xml_decrypt(NULL
, crypto
->key
, crypto
, NULL
, NULL
);
1341 log_write("%s: %s", filename
, pwmd_strerror(rc
));
1342 cleanup_crypto(&crypto
);
1346 if (cache_update_key(md5file
, crypto
->key
) == FALSE
) {
1347 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1348 cleanup_crypto(&crypto
);
1352 timeout
= get_key_file_integer(p
, "cache_timeout");
1353 cache_set_timeout(md5file
, timeout
);
1354 log_write(N_("File '%s' now cached"), filename
);
1355 cleanup_crypto(&crypto
);
1359 static void init_new_connection(gint fd
)
1362 struct client_thread_s
*new;
1365 new = g_malloc0(sizeof(struct client_thread_s
));
1368 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1373 MUTEX_LOCK(&cn_mutex
);
1375 attr
= pth_attr_new();
1376 pth_attr_init(attr
);
1377 pth_attr_set(attr
, PTH_ATTR_JOINABLE
, FALSE
);
1378 new->tid
= pth_spawn(attr
, client_thread
, new);
1380 pth_attr_destroy(attr
);
1385 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
1386 _gpg_strerror(gpg_error_from_errno(n
)));
1387 MUTEX_UNLOCK(&cn_mutex
);
1391 cn_thread_list
= g_slist_append(cn_thread_list
, new);
1392 MUTEX_UNLOCK(&cn_mutex
);
1393 log_write(N_("new connection: tid=%p, fd=%i"), new->tid
, fd
);
1396 static void *accept_thread(void *arg
)
1398 gint sockfd
= (gint
)arg
;
1399 pth_attr_t attr
= pth_attr_of(pth_self());
1401 pth_attr_set(attr
, PTH_ATTR_NAME
, __FUNCTION__
);
1402 pth_attr_destroy(attr
);
1405 socklen_t slen
= sizeof(struct sockaddr_un
);
1406 struct sockaddr_un raddr
;
1409 fd
= pth_accept(sockfd
, (struct sockaddr
*)&raddr
, &slen
);
1412 if (errno
!= EAGAIN
) {
1413 if (!quit
) // probably EBADF
1414 log_write("accept(): %s", strerror(errno
));
1422 init_new_connection(fd
);
1425 /* Just in case accept() failed for some reason other than EBADF */
1427 pth_exit(PTH_CANCELED
);
1431 static void *adjust_cache_timer_thread(void *arg
)
1433 pth_attr_t attr
= pth_attr_of(pth_self());
1435 pth_attr_set(attr
, PTH_ATTR_NAME
, __FUNCTION__
);
1436 pth_attr_destroy(attr
);
1441 cache_adjust_timer();
1448 void cleanup_mutex_cb(void *arg
)
1450 pth_mutex_t
*m
= arg
;
1452 pth_mutex_release(m
);
1455 void cleanup_ev_cb(void *arg
)
1457 pth_event_t ev
= arg
;
1459 pth_event_free(ev
, PTH_FREE_ALL
);
1462 static void *keepalive_thread(void *arg
)
1464 gint to
= (gint
)arg
;
1465 pth_attr_t attr
= pth_attr_of(pth_self());
1467 pth_attr_set(attr
, PTH_ATTR_NAME
, __FUNCTION__
);
1468 pth_attr_destroy(attr
);
1471 pth_event_t ev
= pth_event(PTH_EVENT_TIME
, pth_timeout(to
, 0));
1473 pth_cleanup_push(cleanup_ev_cb
, ev
);
1475 send_status_all(STATUS_KEEPALIVE
);
1482 static void startStopKeepAlive(gboolean term
)
1484 gint n
= get_key_file_integer("global", "keepalive");
1487 pth_cancel(keepalive_tid
);
1489 keepalive_tid
= NULL
;
1496 pth_attr_t attr
= pth_attr_new();
1498 pth_attr_init(attr
);
1499 pth_attr_set(attr
, PTH_ATTR_JOINABLE
, FALSE
);
1500 keepalive_tid
= pth_spawn(attr
, keepalive_thread
, (void *)n
);
1502 pth_attr_destroy(attr
);
1504 if (!keepalive_tid
) {
1505 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
1506 _gpg_strerror(gpg_error_from_errno(e
)));
1510 pth_yield(keepalive_tid
);
1514 static gboolean
waiting_for_exit()
1517 pth_event_t evs
= NULL
;
1519 MUTEX_LOCK(&cn_mutex
);
1521 for (t
= g_slist_length(cn_thread_list
), i
= 0; i
< t
; i
++) {
1522 struct client_thread_s
*thd
= g_slist_nth_data(cn_thread_list
, i
);
1523 pth_event_t ev
= pth_event(PTH_EVENT_TID
|PTH_UNTIL_TID_DEAD
, thd
->tid
);
1526 evs
= pth_event_concat(evs
, ev
, NULL
);
1531 MUTEX_UNLOCK(&cn_mutex
);
1537 MUTEX_LOCK(&cn_mutex
);
1538 i
= g_slist_length(cn_thread_list
);
1539 MUTEX_UNLOCK(&cn_mutex
);
1540 pth_event_free(evs
, PTH_FREE_ALL
);
1541 return i
? TRUE
: FALSE
;
1544 static void server_loop(gint sockfd
, gchar
**socketpath
)
1550 pth_t cache_timeout_tid
;
1552 sigemptyset(&sigset
);
1555 sigaddset(&sigset
, SIGTERM
);
1556 sigaddset(&sigset
, SIGINT
);
1558 /* Clears the file cache. */
1559 sigaddset(&sigset
, SIGUSR1
);
1561 /* Configuration file reloading. */
1562 sigaddset(&sigset
, SIGHUP
);
1564 /* Clears the cache and exits when something bad happens. */
1565 sigaddset(&sigset
, SIGABRT
);
1567 /* Ignored everywhere. When a client disconnects abnormally this signal
1568 * gets raised. It isn't needed though because client_thread() will check
1569 * for rcs even after the client disconnects. */
1570 signal(SIGPIPE
, SIG_IGN
);
1571 sigprocmask(SIG_BLOCK
, &sigset
, NULL
);
1573 log_write(N_("%s started for user %s"), PACKAGE_STRING
, g_get_user_name());
1574 log_write(N_("Listening on %s"), *socketpath
);
1575 attr
= pth_attr_new();
1576 pth_attr_init(attr
);
1577 accept_tid
= pth_spawn(attr
, accept_thread
, (void *)sockfd
);
1580 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
1581 _gpg_strerror(gpg_error_from_errno(errno
)));
1582 pth_attr_destroy(attr
);
1586 pth_yield(accept_tid
);
1587 startStopKeepAlive(FALSE
);
1588 pth_attr_set(attr
, PTH_ATTR_JOINABLE
, FALSE
);
1589 cache_timeout_tid
= pth_spawn(attr
, adjust_cache_timer_thread
, NULL
);
1591 if (!cache_timeout_tid
) {
1592 log_write("%s(%i): pth_spawn(): %s", __FILE__
, __LINE__
,
1593 _gpg_strerror(gpg_error_from_errno(errno
)));
1594 pth_attr_destroy(attr
);
1598 pth_yield(cache_timeout_tid
);
1599 pth_attr_destroy(attr
);
1604 pth_sigwait(&sigset
, &sig
);
1605 log_write(N_("caught signal %i (%s)"), sig
, strsignal(sig
));
1607 /* Caught a signal. */
1613 cache_clear(NULL
, 2);
1620 log_write(N_("clearing file cache"));
1621 cache_clear(NULL
, 2);
1632 * We're out of the main server loop. This happens when a signal was sent
1633 * to terminate the daemon. We'll wait for all clients to disconnect
1634 * before exiting and ignore any following signals.
1636 shutdown(sockfd
, SHUT_RDWR
);
1638 pth_cancel(accept_tid
);
1639 pth_join(accept_tid
, NULL
);
1640 unlink(*socketpath
);
1641 g_free(*socketpath
);
1643 MUTEX_LOCK(&cn_mutex
);
1644 n
= g_slist_length(cn_thread_list
);
1645 MUTEX_UNLOCK(&cn_mutex
);
1648 log_write(N_("waiting for all clients to disconnect"));
1651 MUTEX_LOCK(&cn_mutex
);
1652 n
= g_slist_length(cn_thread_list
);
1653 MUTEX_UNLOCK(&cn_mutex
);
1654 log_write(N_("%i clients remain"), n
);
1655 } while (waiting_for_exit());
1658 startStopKeepAlive(TRUE
);
1659 pth_cancel(cache_timeout_tid
);
1664 * Only called from pinentry_fork() in the child process.
1666 void free_client_list()
1668 gint i
, t
= g_slist_length(cn_thread_list
);
1670 for (i
= 0; i
< t
; i
++) {
1671 struct client_thread_s
*cn
= g_slist_nth_data(cn_thread_list
, i
);
1673 free_client(cn
->cl
);
1679 struct client_crypto_s
*init_client_crypto()
1681 struct client_crypto_s
*new = g_malloc0(sizeof(struct client_crypto_s
));
1685 log_write("%s(%i): %s", __FILE__
, __LINE__
, strerror(ENOMEM
));
1689 rc
= gcry_cipher_open(&new->gh
, GCRY_CIPHER_AES256
, GCRY_CIPHER_MODE_CBC
, 0);
1692 log_write("%s(%i): %s", __FUNCTION__
, __LINE__
, _gpg_strerror(rc
));
1700 static gpg_error_t
convert_file(const gchar
*filename
, const gchar
*keyfile
,
1701 const gchar
*outfile
)
1706 struct client_crypto_s
*crypto
= init_client_crypto();
1709 return GPG_ERR_ENOMEM
;
1711 crypto
->key
= gcry_malloc(gcrykeysize
);
1714 cleanup_crypto(&crypto
);
1715 return GPG_ERR_ENOMEM
;
1718 log_write(N_("Converting version 1 data file '%s' to version 2 ..."),
1720 crypto
->fh
= read_file_header(filename
, TRUE
, &rc
);
1725 gcry_md_hash_buffer(GCRY_MD_MD5
, md5file
, filename
, strlen(filename
));
1727 /* The header in version 1 had a bug where the iterations were off-by-one.
1728 * So 0 iterations was really -1 in the header. This is fixed in v2 of the
1731 if (crypto
->fh
->fh1
.iter
>= 0) {
1733 crypto
->tkey
= parse_rcfile_keyfile(keyfile
, TRUE
, &rc
);
1738 gcry_md_hash_buffer(GCRY_MD_SHA256
, crypto
->key
, crypto
->tkey
,
1739 strlen(crypto
->tkey
) ? strlen(crypto
->tkey
) : 1);
1742 rc
= get_password(filename
, crypto
, md5file
, crypto
->key
,
1750 rc
= try_xml_decrypt(NULL
, crypto
->key
, crypto
, &crypto
->fh
->doc
,
1756 rc
= convert_xml((gchar
**)&crypto
->fh
->doc
, &crypto
->fh
->len
);
1759 log_write("%s: %s", filename
, pwmd_strerror(rc
));
1763 crypto
->fh
->v1
= FALSE
;
1764 iter
= crypto
->fh
->fh1
.iter
;
1765 memset(&crypto
->fh
->fh2
, 0, sizeof(crypto
->fh
->fh2
));
1766 /* Keep the iterations and key from the original file. */
1767 crypto
->fh
->fh2
.iter
= iter
+1; // Bugfix for v1 data files.
1768 rc
= export_common(outfile
, crypto
, crypto
->fh
->doc
, crypto
->fh
->len
);
1772 send_error(NULL
, rc
);
1774 /* fh->doc is freed from do_xml_decrypt() via the inbuf pointer. */
1775 cleanup_crypto(&crypto
);
1779 int main(int argc
, char *argv
[])
1782 struct sockaddr_un addr
;
1783 gchar buf
[PATH_MAX
];
1784 gchar
*socketpath
= NULL
, *socketdir
, *socketname
= NULL
;
1785 gchar
*socketarg
= NULL
;
1786 gchar
*datadir
= NULL
;
1790 gchar
**cache_push
= NULL
;
1791 gchar
*import
= NULL
, *keyfile
= NULL
;
1792 guint64 cmd_iterations
= -1;
1793 gint default_timeout
;
1794 gboolean rcfile_spec
= FALSE
;
1795 gint estatus
= EXIT_FAILURE
;
1797 gchar
*outfile
= NULL
;
1798 GMemVTable mtable
= { xmalloc
, xrealloc
, xfree
, xcalloc
, NULL
, NULL
};
1800 gboolean secure
= FALSE
;
1801 gint background
= 1;
1802 gchar
*convert
= NULL
;
1803 #ifdef WITH_PINENTRY
1804 gboolean disable_pinentry
= FALSE
;
1808 #ifdef HAVE_SETRLIMIT
1811 rl
.rlim_cur
= rl
.rlim_max
= 0;
1813 if (setrlimit(RLIMIT_CORE
, &rl
) != 0)
1814 err(EXIT_FAILURE
, "setrlimit()");
1820 setlocale(LC_ALL
, "");
1821 bindtextdomain("pwmd", LOCALEDIR
);
1830 assuan_set_assuan_err_source(GPG_ERR_SOURCE_DEFAULT
);
1831 g_mem_set_vtable(&mtable
);
1832 assuan_set_malloc_hooks(xmalloc
, xrealloc
, xfree
);
1833 xmlMemSetup(xfree
, xmalloc
, xrealloc
, xstrdup
);
1838 g_snprintf(buf
, sizeof(buf
), "%s/.pwmd", g_get_home_dir());
1840 if (mkdir(buf
, 0700) == -1 && errno
!= EEXIST
)
1841 err(EXIT_FAILURE
, "%s", buf
);
1843 g_snprintf(buf
, sizeof(buf
), "%s/.pwmd/data", g_get_home_dir());
1845 if (mkdir(buf
, 0700) == -1 && errno
!= EEXIST
)
1846 err(EXIT_FAILURE
, "%s", buf
);
1850 while ((opt
= getopt(argc
, argv
, "Po:C:nI:i:k:hvf:D")) != EOF
) {
1852 #ifdef WITH_PINENTRY
1854 disable_pinentry
= TRUE
;
1873 cmd_iterations
= strtol(optarg
, NULL
, 10);
1879 rcfile
= g_strdup(optarg
);
1883 printf(N_("%s\nCopyright (c) %s\nReleased under the terms of the GPL v2. Use at your own risk.\n\nCompile time features:\n%s"), PACKAGE_STRING
,
1885 #ifdef WITH_PINENTRY
1913 pth_mutex_init(&cn_mutex
);
1914 pth_mutex_init(&cache_mutex
);
1915 pth_mutex_init(&rcfile_mutex
);
1916 #ifdef WITH_PINENTRY
1917 pth_mutex_init(&pin_mutex
);
1921 rcfile
= g_strdup_printf("%s/.pwmd/config", g_get_home_dir());
1923 if ((keyfileh
= parse_rcfile(rcfile_spec
)) == NULL
)
1926 #ifdef WITH_PINENTRY
1927 if (disable_pinentry
== TRUE
)
1928 g_key_file_set_boolean(keyfileh
, "global", "enable_pinentry", FALSE
);
1931 if (g_key_file_has_key(keyfileh
, "global", "syslog", NULL
) == TRUE
)
1932 log_syslog
= g_key_file_get_boolean(keyfileh
, "global", "syslog", NULL
);
1934 if (log_syslog
== TRUE
)
1935 openlog("pwmd", LOG_NDELAY
|LOG_PID
, LOG_DAEMON
);
1937 if (g_key_file_has_key(keyfileh
, "global", "priority", NULL
)) {
1938 x
= g_key_file_get_integer(keyfileh
, "global", "priority", NULL
);
1941 if (setpriority(PRIO_PROCESS
, 0, x
) == -1) {
1942 log_write("setpriority(): %s", strerror(errno
));
1947 #ifdef HAVE_MLOCKALL
1948 if (disable_mlock
== FALSE
&& mlockall(MCL_FUTURE
) == -1) {
1949 log_write("mlockall(): %s", strerror(errno
));
1958 opt
= convert_file(convert
, keyfile
, outfile
);
1959 g_key_file_free(keyfileh
);
1961 exit(opt
? EXIT_FAILURE
: EXIT_SUCCESS
);
1968 if (cmd_iterations
== -1)
1969 cmd_iterations
= (guint64
)get_key_file_integer("global", "iterations");
1971 opt
= xml_import(import
, outfile
, keyfile
, cmd_iterations
);
1972 g_key_file_free(keyfileh
);
1974 exit(opt
== FALSE
? EXIT_FAILURE
: EXIT_SUCCESS
);
1977 g_key_file_set_list_separator(keyfileh
, ',');
1979 if ((p
= g_key_file_get_string(keyfileh
, "global", "socket_path", NULL
)) == NULL
)
1980 errx(EXIT_FAILURE
, N_("%s: socket_path not defined"), rcfile
);
1982 socketarg
= expand_homedir(p
);
1985 if ((p
= g_key_file_get_string(keyfileh
, "global", "data_directory", NULL
)) == NULL
)
1986 errx(EXIT_FAILURE
, N_("%s: data_directory not defined"), rcfile
);
1988 datadir
= expand_homedir(p
);
1991 if (secure
== FALSE
&& g_key_file_has_key(keyfileh
, "global", "disable_list_and_dump", NULL
) == TRUE
) {
1992 n
= g_key_file_get_boolean(keyfileh
, "global", "disable_list_and_dump", NULL
);
1993 disable_list_and_dump
= n
;
1996 disable_list_and_dump
= secure
;
1998 if (g_key_file_has_key(keyfileh
, "global", "cache_timeout", NULL
) == TRUE
)
1999 default_timeout
= g_key_file_get_integer(keyfileh
, "global", "cache_timeout", NULL
);
2001 default_timeout
= -1;
2003 setup_logging(keyfileh
);
2005 if (g_key_file_has_key(keyfileh
, "global", "cache_push", NULL
) == TRUE
)
2006 cache_push
= g_key_file_get_string_list(keyfileh
, "global", "cache_push", NULL
, NULL
);
2008 if (argc
!= optind
) {
2009 for (; optind
< argc
; optind
++) {
2010 if (strv_printf(&cache_push
, "%s", argv
[optind
]) == FALSE
)
2011 errx(EXIT_FAILURE
, "%s", strerror(ENOMEM
));
2015 if (strchr(socketarg
, '/') == NULL
) {
2016 socketdir
= g_get_current_dir();
2017 socketname
= g_strdup(socketarg
);
2018 socketpath
= g_strdup_printf("%s/%s", socketdir
, socketname
);
2021 socketname
= g_strdup(strrchr(socketarg
, '/'));
2023 socketarg
[strlen(socketarg
) - strlen(socketname
) -1] = 0;
2024 socketdir
= g_strdup(socketarg
);
2025 socketpath
= g_strdup_printf("%s/%s", socketdir
, socketname
);
2028 if (chdir(datadir
)) {
2029 log_write("%s: %s", datadir
, strerror(errno
));
2034 if (parse_rcfile_keys() == FALSE
)
2037 clear_rcfile_keys();
2040 * Set the cache entry for a file. Prompts for the password.
2043 for (opt
= 0; cache_push
[opt
]; opt
++)
2044 do_cache_push(cache_push
[opt
], NULL
);
2046 g_strfreev(cache_push
);
2047 log_write(background
? N_("Done. Daemonizing...") : N_("Done. Waiting for connections..."));
2051 * bind() doesn't like the full pathname of the socket or any non alphanum
2052 * characters so change to the directory where the socket is wanted then
2053 * create it then change to datadir.
2055 if (chdir(socketdir
)) {
2056 log_write("%s: %s", socketdir
, strerror(errno
));
2062 if ((sockfd
= socket(PF_UNIX
, SOCK_STREAM
, 0)) == -1) {
2063 log_write("socket(): %s", strerror(errno
));
2067 addr
.sun_family
= AF_UNIX
;
2068 g_snprintf(addr
.sun_path
, sizeof(addr
.sun_path
), "%s", socketname
);
2070 if (bind(sockfd
, (struct sockaddr
*)&addr
, sizeof(struct sockaddr
)) == -1) {
2071 log_write("bind(): %s", strerror(errno
));
2073 if (errno
== EADDRINUSE
)
2074 log_write(N_("Either there is another pwmd running or '%s' is a \n"
2075 "stale socket. Please remove it manually."), socketpath
);
2081 if (g_key_file_has_key(keyfileh
, "global", "socket_perms", NULL
) == TRUE
) {
2082 gchar
*t
= g_key_file_get_string(keyfileh
, "global", "socket_perms", NULL
);
2083 mode_t mode
= strtol(t
, NULL
, 8);
2084 mode_t mask
= umask(0);
2088 if (chmod(socketname
, mode
) == -1) {
2089 log_write("%s: %s", socketname
, strerror(errno
));
2099 g_free(--socketname
);
2101 if (chdir(datadir
)) {
2102 log_write("%s: %s", datadir
, strerror(errno
));
2110 if (listen(sockfd
, 0) == -1) {
2111 log_write("listen(): %s", strerror(errno
));
2120 log_write("fork(): %s", strerror(errno
));
2133 server_loop(sockfd
, &socketpath
);
2134 estatus
= EXIT_SUCCESS
;
2137 if (socketpath
&& do_unlink
) {
2142 g_key_file_free(keyfileh
);
2145 xmlCleanupGlobals();
2147 if (estatus
== EXIT_SUCCESS
)
2148 log_write(N_("pwmd exiting normally"));
2150 #if defined(DEBUG) && !defined(MEM_DEBUG)