search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Rename "tcp_access" to "tls_access".
[pwmd.git] / src / rcfile.c
blob0b361b351662592edf3053adf0d4cf2ebc4ad61b
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012
4 Ben Kibbey <bjk@luxsci.net>
5
6 This file is part of pwmd.
7
8 Pwmd is free software: you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation, either version 2 of the License, or
11 (at your option) any later version.
12
13 Pwmd is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
20 */
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <sys/types.h>
26 #include <sys/stat.h>
27 #include <fcntl.h>
28 #include <errno.h>
29 #include <glib.h>
30 #include "pwmd-error.h"
31 #include <gcrypt.h>
32 #include "mutex.h"
33 #include "common.h"
34 #include "rcfile.h"
35 #include "misc.h"
36
37 /* This is a string so ealier versions of glib can be used. */
38 #define DEFAULT_CIPHER_ITERATIONS "0"
39
40 void clear_rcfile_keys()
41 {
42 gsize n;
43 gchar **groups;
44 gchar **p;
45
46 groups = g_key_file_get_groups(keyfileh, &n);
47
48 for (p = groups; *p; p++) {
49 if (g_key_file_has_key(keyfileh, *p, "passphrase", NULL) == TRUE)
50 g_key_file_remove_key(keyfileh, *p, "passphrase", NULL);
51 }
52
53 g_strfreev(groups);
54 }
55
56 gchar *get_key_file_string(const gchar *section, const gchar *what)
57 {
58 gchar *val = NULL;
59 GError *grc = NULL;
60
61 MUTEX_LOCK(&rcfile_mutex);
62 section = section ? section : "global";
63
64 if (g_key_file_has_key(keyfileh, section, what, NULL) == TRUE) {
65 val = g_key_file_get_string(keyfileh, section, what, &grc);
66
67 if (grc) {
68 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
69 g_clear_error(&grc);
70 }
71 }
72 else {
73 if (g_key_file_has_key(keyfileh, "global", what, NULL) == TRUE) {
74 val = g_key_file_get_string(keyfileh, "global", what, &grc);
75
76 if (grc) {
77 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
78 g_clear_error(&grc);
79 }
80 }
81 }
82
83 MUTEX_UNLOCK(&rcfile_mutex);
84 return val;
85 }
86
87 gint get_key_file_integer(const gchar *section, const gchar *what)
88 {
89 gint val = -1;
90 GError *grc = NULL;
91
92 MUTEX_LOCK(&rcfile_mutex);
93
94 if (g_key_file_has_key(keyfileh, section ? section : "global", what, NULL) == TRUE) {
95 val = g_key_file_get_integer(keyfileh, section ? section : "global", what, &grc);
96
97 if (grc) {
98 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
99 g_clear_error(&grc);
100 }
101 }
102 else {
103 if (g_key_file_has_key(keyfileh, "global", what, NULL) == TRUE) {
104 val = g_key_file_get_integer(keyfileh, "global", what, &grc);
105
106 if (grc) {
107 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
108 g_clear_error(&grc);
109 }
110 }
111 }
112
113 MUTEX_UNLOCK(&rcfile_mutex);
114 return val;
115 }
116
117 gulong get_key_file_ulong(const gchar *section, const gchar *what)
118 {
119 gchar *val = NULL;
120 GError *grc = NULL;
121
122 MUTEX_LOCK(&rcfile_mutex);
123
124 if (g_key_file_has_key(keyfileh, section ? section : "global", what, NULL) == TRUE) {
125 val = g_key_file_get_string(keyfileh, section ? section : "global", what, &grc);
126
127 if (grc) {
128 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
129 g_clear_error(&grc);
130 }
131 }
132 else {
133 if (g_key_file_has_key(keyfileh, "global", what, NULL) == TRUE) {
134 val = g_key_file_get_string(keyfileh, "global", what, &grc);
135
136 if (grc) {
137 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
138 g_clear_error(&grc);
139 }
140 }
141 }
142
143 MUTEX_UNLOCK(&rcfile_mutex);
144 if (val) {
145 gulong n = strtoul(val, NULL, 10);
146 g_free(val);
147 return n;
148 }
149
150 return 0;
151 }
152
153 gboolean get_key_file_boolean(const gchar *section, const gchar *what)
154 {
155 gboolean val = FALSE;
156 GError *grc = NULL;
157
158 MUTEX_LOCK(&rcfile_mutex);
159
160 if (g_key_file_has_key(keyfileh, section ? section : "global", what, NULL)
161 == TRUE) {
162 val = g_key_file_get_boolean(keyfileh, section ? section : "global",
163 what, &grc);
164
165 if (grc) {
166 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
167 g_clear_error(&grc);
168 }
169 }
170 else {
171 if (g_key_file_has_key(keyfileh, "global", what, NULL) == TRUE) {
172 val = g_key_file_get_boolean(keyfileh, "global", what, &grc);
173
174 if (grc) {
175 log_write("%s(%i): %s", __FILE__, __LINE__, grc->message);
176 g_clear_error(&grc);
177 }
178 }
179 }
180
181 MUTEX_UNLOCK(&rcfile_mutex);
182 return val;
183 }
184
185 GKeyFile *parse_rcfile(gboolean specified, gboolean cmdline)
186 {
187 GKeyFile *kf = g_key_file_new();
188 GError *rc = NULL;
189
190 g_key_file_set_list_separator(kf, ',');
191
192 if (g_key_file_load_from_file(kf, rcfile, G_KEY_FILE_NONE, &rc) == FALSE) {
193 log_write("%s: %s", rcfile, rc->message);
194
195 if (cmdline && specified) {
196 g_clear_error(&rc);
197 return NULL;
198 }
199
200 if (rc->code && rc->code != G_FILE_ERROR_NOENT) {
201 g_clear_error(&rc);
202 return NULL;
203 }
204 }
205
206 set_rcfile_defaults(kf);
207 return kf;
208 }
209
210 void setup_logging(GKeyFile *kf)
211 {
212 gboolean n = g_key_file_get_boolean(kf, "global", "enable_logging", NULL);
213
214 if (n) {
215 gchar *p = g_key_file_get_string(kf, "global", "log_path", NULL);
216
217 logfile = expand_homedir(p);
218 g_free(p);
219 }
220 else {
221 g_free(logfile);
222 logfile = NULL;
223 }
224
225 log_syslog = g_key_file_get_boolean(kf, "global", "syslog", NULL);
226 }
227
228 /*
229 * Make sure all settings are set to either the specified setting or a
230 * default.
231 */
232 void set_rcfile_defaults(GKeyFile *kf)
233 {
234 gchar buf[PATH_MAX];
235
236 if (g_key_file_has_key(kf, "global", "backup", NULL) == FALSE)
237 g_key_file_set_boolean(kf, "global", "backup", TRUE);
238
239 if (g_key_file_has_key(kf, "global", "log_path", NULL) == FALSE) {
240 g_snprintf(buf, sizeof(buf), "~/.pwmd/log");
241 g_key_file_set_string(kf, "global", "log_path", buf);
242 }
243
244 if (g_key_file_has_key(kf, "global", "enable_logging", NULL) == FALSE)
245 g_key_file_set_boolean(kf, "global", "enable_logging", FALSE);
246
247 #ifdef HAVE_MLOCKALL
248 if (g_key_file_has_key(kf, "global", "disable_mlockall", NULL) == FALSE)
249 g_key_file_set_boolean(kf, "global", "disable_mlockall", TRUE);
250 #endif
251
252 if (g_key_file_has_key(kf, "global", "cache_timeout", NULL) == FALSE)
253 g_key_file_set_integer(kf, "global", "cache_timeout", -1);
254
255 if (g_key_file_has_key(kf, "global", "disable_list_and_dump", NULL) == FALSE)
256 g_key_file_set_boolean(kf, "global", "disable_list_and_dump", FALSE);
257
258 if (g_key_file_has_key(kf, "global", "recursion_depth", NULL) == FALSE)
259 g_key_file_set_integer(kf, "global", "recursion_depth", 100);
260
261 max_recursion_depth = g_key_file_get_integer(kf, "global", "recursion_depth", NULL);
262 disable_list_and_dump = g_key_file_get_boolean(kf, "global", "disable_list_and_dump", NULL);
263
264 #ifdef HAVE_MLOCKALL
265 disable_mlock = g_key_file_get_boolean(kf, "global", "disable_mlockall", NULL);
266 #endif
267
268 if (g_key_file_has_key(kf, "global", "syslog", NULL) == FALSE)
269 g_key_file_set_boolean(kf, "global", "syslog", FALSE);
270
271 if (g_key_file_has_key(kf, "global", "xfer_progress", NULL) == FALSE)
272 g_key_file_set_integer(kf, "global", "xfer_progress", 8196);
273
274 if (!g_key_file_has_key(kf, "global", "allowed", NULL)) {
275 const gchar *users[] = { g_get_user_name(), NULL};
276
277 g_key_file_set_string_list(kf, "global", "allowed", users, 1);
278 }
279
280 if (g_key_file_has_key(kf, "global", "nbits", NULL) == FALSE)
281 g_key_file_set_integer(kf, "global", "nbits", 2048);
282
283 if (g_key_file_has_key(kf, "global", "algo", NULL) == FALSE)
284 g_key_file_set_string(kf, "global", "algo", "rsa");
285
286 if (g_key_file_has_key(kf, "global", "cipher", NULL) == FALSE)
287 g_key_file_set_string(kf, "global", "cipher", "aes256");
288
289 if (g_key_file_has_key(kf, "global", "kill_scd", NULL) == FALSE)
290 g_key_file_set_boolean(kf, "global", "kill_scd", FALSE);
291
292 #ifdef WITH_GNUTLS
293 if (g_key_file_has_key(kf, "global", "tcp_port", NULL) == FALSE)
294 g_key_file_set_integer(kf, "global", "tcp_port", 6466);
295
296 if (g_key_file_has_key(kf, "global", "enable_tcp", NULL) == FALSE)
297 g_key_file_set_boolean(kf, "global", "enable_tcp", FALSE);
298
299 if (g_key_file_has_key(kf, "global", "tcp_require_key", NULL) == FALSE)
300 g_key_file_set_boolean(kf, "global", "tcp_require_key", FALSE);
301
302 if (g_key_file_has_key(kf, "global", "tcp_wait", NULL) == FALSE)
303 g_key_file_set_boolean(kf, "global", "tcp_wait", 3);
304
305 if (g_key_file_has_key(kf, "global", "tcp_bind", NULL) == FALSE)
306 g_key_file_set_string(kf, "global", "tcp_bind", "any");
307
308 if (g_key_file_has_key(kf, "global", "tls_cipher_suite", NULL) == FALSE)
309 g_key_file_set_string(kf, "global", "tls_cipher_suite", "SECURE256");
310
311 if (g_key_file_has_key(kf, "global", "tls_use_crl", NULL) == FALSE)
312 g_key_file_set_boolean(kf, "global", "tls_use_crl", FALSE);
313
314 if (g_key_file_has_key(kf, "global", "tls_access", NULL) == FALSE)
315 g_key_file_set_string(kf, "global", "tls_access", "");
316 #endif
317
318 if (g_key_file_has_key(kf, "global", "cipher_iterations", NULL) == FALSE)
319 g_key_file_set_string(kf, "global", "cipher_iterations",
320 DEFAULT_CIPHER_ITERATIONS);
321
322 if (g_key_file_has_key(kf, "global", "cipher_progress", NULL) == FALSE)
323 g_key_file_set_string(kf, "global", "cipher_progress",
324 DEFAULT_ITERATION_PROGRESS);
325
326 setup_logging(kf);
327 }
A server for managing passphrases and anything else.