search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Each cache slot now contains a mutex. This mutex is locked in the OPEN
[pwmd.git] / src / commands.c
blobf4c654cea6145b8b2da3401b8e536c2181f44d12
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2007 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <sys/types.h>
25 #include <sys/stat.h>
26 #include <fcntl.h>
27 #include <ctype.h>
28 #include <glib.h>
29 #include <glib/gprintf.h>
30 #include <gcrypt.h>
31
32 #ifdef HAVE_CONFIG_H
33 #include <config.h>
34 #endif
35
36 #ifdef HAVE_ZLIB_H
37 #include <zlib.h>
38 #endif
39
40 #ifndef MEM_DEBUG
41 #include "mem.h"
42 #endif
43
44 #include "xml.h"
45 #include "common.h"
46 #include "pwmd_error.h"
47 #include "cache.h"
48 #include "commands.h"
49
50 static void *z_alloc(void *data, unsigned items, unsigned size)
51 {
52 #ifndef MEM_DEBUG
53 return gcry_calloc(items, size);
54 #else
55 return calloc(items, size);
56 #endif
57 }
58
59 static void z_free(void *data, void *p)
60 {
61 #ifndef MEM_DEBUG
62 gcry_free(p);
63 #else
64 free(p);
65 #endif
66 }
67
68 static gpg_error_t file_modified(struct client_s *client)
69 {
70 struct stat st;
71
72 if (client->state != STATE_OPEN)
73 return EPWMD_NO_FILE;
74
75 if (stat(client->filename, &st) == 0 && client->mtime) {
76 if (client->mtime != st.st_mtime)
77 return EPWMD_FILE_MODIFIED;
78 }
79
80 return 0;
81 }
82
83 static gboolean encrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
84 void *inbuf, gsize insize)
85 {
86 gpg_error_t rc;
87
88 if ((rc = gcry_cipher_encrypt(gh, outbuf, outsize, inbuf, insize))) {
89 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
90 return FALSE;
91 }
92
93 return TRUE;
94 }
95
96 gpg_error_t decrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
97 void *inbuf, gsize insize)
98 {
99 gpg_error_t rc;
100
101 if ((rc = gcry_cipher_decrypt(gh, outbuf, outsize, inbuf, insize)))
102 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
103
104 return rc;
105 }
106
107 static gpg_error_t parse_xml(assuan_context_t ctx)
108 {
109 struct client_s *client = assuan_get_pointer(ctx);
110
111 client->doc = xmlReadMemory(client->xml, client->len, NULL, "UTF-8", XML_PARSE_NOBLANKS);
112
113 if (!client->doc)
114 return EPWMD_LIBXML_ERROR;
115
116 return 0;
117 }
118
119 gboolean valid_filename(const gchar *filename)
120 {
121 const gchar *p;
122
123 if (!filename || !*filename)
124 return FALSE;
125
126 for (p = filename; *p; p++) {
127 if (g_ascii_isalnum(*p) == FALSE && *p != '-' && *p != '_' && *p != '.')
128 return FALSE;
129 }
130
131 return TRUE;
132 }
133
134 gint open_file(const gchar *filename, struct stat *st)
135 {
136 gint fd;
137
138 if ((fd = open(filename, O_RDONLY)) == -1)
139 return -1;
140
141 if (stat(filename, st) == -1) {
142 close(fd);
143 return -1;
144 }
145
146 return fd;
147 }
148
149 void unlock_file_mutex(struct client_s *client)
150 {
151 pth_mutex_t *m;
152
153 if (client->has_lock == FALSE)
154 return;
155
156 CACHE_LOCK(client->ctx);
157
158 if (cache_get_mutex(client->md5file, &m) == FALSE) {
159 CACHE_UNLOCK;
160 return;
161 }
162
163 CACHE_UNLOCK;
164 pth_mutex_release(m);
165 client->has_lock = FALSE;
166 }
167
168 gpg_error_t lock_file_mutex(struct client_s *client)
169 {
170 pth_mutex_t *m;
171
172 if (client->has_lock == TRUE)
173 return 0;
174
175 CACHE_LOCK(client->ctx);
176
177 if (cache_get_mutex(client->md5file, &m) == FALSE) {
178 CACHE_UNLOCK;
179 return 0;
180 }
181
182 CACHE_UNLOCK;
183
184 if (pth_mutex_acquire(m, TRUE, NULL) == FALSE) {
185 if (errno == EBUSY) {
186 if (client->ctx)
187 assuan_write_status(client->ctx, "LOCKED", N_("Waiting for lock"));
188
189 pth_mutex_acquire(m, FALSE, NULL);
190 }
191 else {
192 gint e = errno;
193 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(errno));
194 return gpg_error_from_errno(e);
195 }
196 }
197
198 client->has_lock = TRUE;
199 return 0;
200 }
201
202 static void cleanup_client(struct client_s *client)
203 {
204 assuan_context_t ctx = client->ctx;
205
206 unlock_file_mutex(client);
207 CACHE_LOCK(client->ctx);
208 cache_decr_refcount(client->md5file);
209
210 /*
211 * This may be a new file so don't use a cache slot. save_command() will
212 * set this to FALSE on success.
213 */
214 if (client->new == TRUE)
215 cache_clear(client->md5file, 1);
216
217 if (client->doc)
218 xmlFreeDoc(client->doc);
219
220 if (client->xml)
221 gcry_free(client->xml);
222
223 if (client->filename)
224 g_free(client->filename);
225
226 if (client->gh)
227 gcry_cipher_close(client->gh);
228
229 memset(client, 0, sizeof(struct client_s));
230 client->state = STATE_CONNECTED;
231 client->ctx = ctx;
232 client->freed = TRUE;
233 CACHE_UNLOCK;
234 }
235
236 static gchar *print_fmt(const char *fmt, ...)
237 {
238 va_list ap;
239 static gchar buf[ASSUAN_LINELENGTH] = {0};
240
241 va_start(ap, fmt);
242 vsnprintf(buf, sizeof(buf), fmt, ap);
243 va_end(ap);
244 return buf;
245 }
246
247 gboolean do_decompress(assuan_context_t ctx, gpointer in, gint insize,
248 gpointer *out, glong *outsize, gint *error)
249 {
250 z_stream z;
251 gint ret;
252 gpointer pout;
253 gz_header h;
254 gchar buf[17];
255 gpg_error_t rc;
256
257 z.zalloc = z_alloc;
258 z.zfree = z_free;
259 z.next_in = in;
260 z.avail_in = insize;
261 z.avail_out = zlib_bufsize;
262 z.next_out = pout = g_malloc(zlib_bufsize);
263
264 if (!pout) {
265 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
266 *error = Z_MEM_ERROR;
267 return FALSE;
268 }
269
270 ret = inflateInit2(&z, 47);
271
272 if (ret != Z_OK) {
273 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
274 g_free(pout);
275 return FALSE;
276 }
277
278 memset(&h, 0, sizeof(gz_header));
279 h.comment = (guchar *)buf;
280 h.comm_max = sizeof(buf);
281 ret = inflateGetHeader(&z, &h);
282
283 if (ret != Z_OK) {
284 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
285 g_free(pout);
286 inflateEnd(&z);
287 return FALSE;
288 }
289
290 ret = inflate(&z, Z_BLOCK);
291
292 if (ret != Z_OK) {
293 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
294 g_free(pout);
295 inflateEnd(&z);
296 return FALSE;
297 }
298
299 if (h.comment)
300 insize = atoi((gchar *)h.comment);
301
302 do {
303 gpointer p;
304
305 ret = inflate(&z, Z_FINISH);
306
307 switch (ret) {
308 case Z_OK:
309 break;
310 case Z_BUF_ERROR:
311 if (!z.avail_out) {
312 p = g_realloc(pout, z.total_out + zlib_bufsize);
313
314 if (!p) {
315 ret = Z_MEM_ERROR;
316 goto fail;
317 }
318
319 pout = p;
320 z.next_out = pout + z.total_out;
321 z.avail_out = zlib_bufsize;
322
323 if (ctx) {
324 rc = assuan_write_status(ctx, "DECOMPRESS",
325 print_fmt("%i %i", z.total_out, insize));
326
327 if (rc) {
328 ret = rc;
329 goto fail;
330 }
331 }
332 }
333 break;
334 case Z_STREAM_END:
335 break;
336 default:
337 goto fail;
338 break;
339 }
340
341 pth_yield(NULL);
342 } while (ret != Z_STREAM_END);
343
344 if (ctx) {
345 rc = assuan_write_status(ctx, "DECOMPRESS",
346 print_fmt("%i %i", z.total_out, insize));
347
348 if (rc) {
349 ret = rc;
350 goto fail;
351 }
352 }
353
354 *out = pout;
355 *outsize = z.total_out;
356 inflateEnd(&z);
357 return TRUE;
358
359 fail:
360 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
361 *error = ret;
362 g_free(pout);
363 inflateEnd(&z);
364 return FALSE;
365 }
366
367 static int open_command(assuan_context_t ctx, char *line)
368 {
369 gint fd;
370 struct stat st;
371 guchar shakey[gcrykeysize];
372 gint cached = 0;
373 gint timeout;
374 gpg_error_t error;
375 struct client_s *client = assuan_get_pointer(ctx);
376 gchar **req;
377 gchar *filename = NULL;
378
379 if ((req = split_input_line(line, " ", 2)) != NULL)
380 filename = req[0];
381
382 if (!filename || !*filename) {
383 g_strfreev(req);
384 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
385 }
386
387 if (valid_filename(filename) == FALSE) {
388 g_strfreev(req);
389 return send_error(ctx, EPWMD_INVALID_FILENAME);
390 }
391
392 if (client->state == STATE_OPEN)
393 cleanup_client(client);
394
395 gcry_md_hash_buffer(GCRY_MD_MD5, client->md5file, filename, strlen(filename));
396 CACHE_LOCK(client->ctx);
397
398 if (cache_has_file(client->md5file) == FALSE) {
399 if (cache_add_file(client->md5file, NULL) == FALSE) {
400 g_strfreev(req);
401 CACHE_UNLOCK;
402 return send_error(ctx, EPWMD_MAX_SLOTS);
403 }
404 }
405
406 CACHE_UNLOCK;
407 error = lock_file_mutex(client);
408
409 if (error) {
410 g_strfreev(req);
411 return send_error(ctx, error);
412 }
413
414 client->freed = FALSE;
415
416 if ((error = gcry_cipher_open(&client->gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0))) {
417 g_strfreev(req);
418 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
419 cleanup_client(client);
420 return send_error(ctx, error);
421 }
422
423 if (stat(filename, &st) == 0) {
424 if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
425 log_write("%s: %s", filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
426 g_strfreev(req);
427 cleanup_client(client);
428 return send_error(ctx, EPWMD_INVALID_FILENAME);
429 }
430
431 client->mtime = st.st_mtime;
432 }
433
434 /*
435 * New files don't need a key.
436 */
437 if (access(filename, R_OK|W_OK) != 0) {
438 if (errno != ENOENT) {
439 error = errno;
440 log_write("%s: %s", filename, strerror(errno));
441 g_strfreev(req);
442 cleanup_client(client);
443 return send_syserror(ctx, error);
444 }
445 new_doc:
446 if ((client->xml = new_document()) == NULL) {
447 log_write("%s", strerror(ENOMEM));
448 g_strfreev(req);
449 cleanup_client(client);
450 return send_syserror(ctx, ENOMEM);
451 }
452
453 client->len = xmlStrlen(client->xml);
454 client->new = TRUE;
455 client->filename = g_strdup(filename);
456
457 if (!client->filename) {
458 g_strfreev(req);
459 cleanup_client(client);
460 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
461 return send_syserror(ctx, ENOMEM);
462 }
463
464 if (req[1] && *req[1]) {
465 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
466 memset(req[1], 0, strlen(req[1]));
467 goto update_cache;
468 }
469
470 goto done;
471 }
472
473 if ((fd = open_file(filename, &st)) == -1) {
474 error = errno;
475 log_write("%s: %s", filename, strerror(errno));
476 g_strfreev(req);
477 cleanup_client(client);
478 return send_syserror(ctx, error);
479 }
480
481 if (st.st_size == 0)
482 goto new_doc;
483
484 CACHE_LOCK(client->ctx);
485
486 if (cache_get_key(client->md5file, shakey) == TRUE)
487 cached = 1;
488 else {
489 /*
490 * No key specified and no matching filename found in the cache.
491 */
492 if (!req[1] || !*req[1]) {
493 close(fd);
494 g_strfreev(req);
495 cleanup_client(client);
496 CACHE_UNLOCK;
497 return send_error(ctx, EPWMD_KEY);
498 }
499 }
500
501 CACHE_UNLOCK;
502
503 if (!cached) {
504 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
505 memset(req[1], 0, strlen(req[1]));
506 }
507
508 error = try_xml_decrypt(ctx, fd, st, shakey);
509
510 if (error) {
511 close(fd);
512 memset(shakey, 0, sizeof(shakey));
513 g_strfreev(req);
514 cleanup_client(client);
515 return send_error(ctx, error);
516 }
517
518 close(fd);
519 client->filename = g_strdup(filename);
520
521 if (!client->filename) {
522 memset(shakey, 0, sizeof(shakey));
523 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
524 g_strfreev(req);
525 cleanup_client(client);
526 return send_syserror(ctx, ENOMEM);
527 }
528
529 update_cache:
530 CACHE_LOCK(client->ctx);
531
532 if (!cached) {
533 if (cache_update_key(client->md5file, shakey) == FALSE) {
534 memset(shakey, 0, sizeof(shakey));
535 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
536 g_strfreev(req);
537 cleanup_client(client);
538 CACHE_UNLOCK;
539 return send_error(ctx, EPWMD_MAX_SLOTS);
540 }
541
542 timeout = get_key_file_integer(client->filename, "cache_timeout");
543 cache_reset_timeout(client->md5file, timeout);
544 }
545 else
546 cache_set_timeout(client->md5file, -2);
547
548 CACHE_UNLOCK;
549 memset(shakey, 0, sizeof(shakey));
550
551 done:
552 g_strfreev(req);
553 error = parse_xml(ctx);
554
555 if (client->xml) {
556 gcry_free(client->xml);
557 client->xml = NULL;
558 }
559
560 if (error == 0)
561 client->state = STATE_OPEN;
562
563 return send_error(ctx, error);
564 }
565
566 gboolean do_compress(assuan_context_t ctx, gint level, gpointer data,
567 gint size, gpointer *out, glong *outsize, gint *error)
568 {
569 z_stream z;
570 gpointer pout, pin;
571 gint ret;
572 gz_header h;
573 gchar buf[17];
574 gint cmd = Z_NO_FLUSH;
575 gpg_error_t rc;
576
577 z.zalloc = z_alloc;
578 z.zfree = z_free;
579 z.next_in = pin = data;
580 z.avail_in = size < zlib_bufsize ? size : zlib_bufsize;
581 z.avail_out = zlib_bufsize;
582 z.next_out = pout = g_malloc(zlib_bufsize);
583
584 if (!pout) {
585 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
586 *error = Z_MEM_ERROR;
587 return FALSE;
588 }
589
590 ret = deflateInit2(&z, level, Z_DEFLATED, 31, 8, Z_DEFAULT_STRATEGY);
591
592 if (ret != Z_OK) {
593 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
594 *error = ret;
595 g_free(pout);
596 return FALSE;
597 }
598
599 memset(&h, 0, sizeof(gz_header));
600 snprintf(buf, sizeof(buf), "%i", size);
601 h.comment = (guchar *)buf;
602 ret = deflateSetHeader(&z, &h);
603
604 if (ret != Z_OK) {
605 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
606 *error = ret;
607 g_free(pout);
608 deflateEnd(&z);
609 return FALSE;
610 }
611
612 do {
613 gpointer p;
614
615 ret = deflate(&z, cmd);
616
617 switch (ret) {
618 case Z_OK:
619 break;
620 case Z_BUF_ERROR:
621 if (!z.avail_out) {
622 p = g_realloc(pout, z.total_out + zlib_bufsize);
623
624 if (!p) {
625 ret = Z_MEM_ERROR;
626 goto fail;
627 }
628
629 pout = p;
630 z.next_out = pout + z.total_out;
631 z.avail_out = zlib_bufsize;
632 }
633
634 if (!z.avail_in && z.total_in < size) {
635 if (z.total_in + zlib_bufsize > size)
636 z.avail_in = size - z.total_in;
637 else
638 z.avail_in = zlib_bufsize;
639
640 if (ctx) {
641 rc = assuan_write_status(ctx, "COMPRESS",
642 print_fmt("%i %i", z.total_in, size));
643
644 if (rc) {
645 ret = rc;
646 goto fail;
647 }
648 }
649 }
650
651 if (z.total_in >= size)
652 cmd = Z_FINISH;
653
654 break;
655 case Z_STREAM_END:
656 break;
657 default:
658 goto fail;
659 }
660
661 pth_yield(NULL);
662 } while (ret != Z_STREAM_END);
663
664 if (ctx) {
665 rc = assuan_write_status(ctx, "COMPRESS",
666 print_fmt("%i %i", z.total_in, size));
667
668 if (rc) {
669 ret = rc;
670 goto fail;
671 }
672 }
673
674 *out = pout;
675 *outsize = z.total_out;
676 deflateEnd(&z);
677 return TRUE;
678
679 fail:
680 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
681 *error = ret;
682 g_free(pout);
683 deflateEnd(&z);
684 return FALSE;
685 }
686
687 gpg_error_t do_xml_encrypt(struct client_s *client, gcry_cipher_hd_t gh,
688 const gchar *filename, gpointer data, size_t insize,
689 const guchar *shakey, guint iter)
690 {
691 gsize len = insize;
692 gint fd;
693 gpointer inbuf;
694 guchar tkey[gcrykeysize];
695 gchar *p;
696 gint error;
697 gpg_error_t rc;
698 guint iter_progress = 0, n_iter = 0, xiter = 0;
699 gchar tmp[FILENAME_MAX];
700 struct file_header_s {
701 guint iter;
702 guchar iv[gcryblocksize];
703 } file_header;
704
705 if (insize / gcryblocksize) {
706 len = (insize / gcryblocksize) * gcryblocksize;
707
708 if (insize % gcryblocksize)
709 len += gcryblocksize;
710 }
711
712 /*
713 * Resize the existing xml buffer to the block size required by gcrypt
714 * rather than duplicating it and wasting memory.
715 */
716 inbuf = gcry_realloc(data, len);
717
718 if (!inbuf)
719 return gpg_error_from_errno(ENOMEM);
720
721 insize = len;
722 gcry_create_nonce(file_header.iv, sizeof(file_header.iv));
723 memcpy(tkey, shakey, sizeof(tkey));
724 tkey[0] ^= 1;
725
726 if ((rc = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
727 gcry_free(inbuf);
728 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
729 return rc;
730 }
731
732 file_header.iter = iter;
733
734 if (client)
735 iter_progress = get_key_file_integer("default", "iteration_progress");
736
737 if (client && iter_progress && file_header.iter >= iter_progress) {
738 error = assuan_write_status(client->ctx, "ENCRYPT", "0");
739
740 if (error) {
741 gcry_free(inbuf);
742 return error;
743 }
744 }
745
746 while (xiter < file_header.iter) {
747 if (client && iter_progress > 0 && xiter >= iter_progress) {
748 if (!(xiter % iter_progress)) {
749 error = assuan_write_status(client->ctx, "ENCRYPT", print_fmt("%i",
750 ++n_iter * iter_progress));
751
752 if (error) {
753 gcry_free(inbuf);
754 return error;
755 }
756 }
757 }
758
759 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
760 sizeof(file_header.iv)))) {
761 gcry_free(inbuf);
762 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
763 return rc;
764 }
765
766 if (encrypt_xml(gh, inbuf, insize, NULL, 0)
767 == FALSE) {
768 gcry_free(inbuf);
769 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
770 return rc;
771 }
772
773 xiter++;
774 pth_yield(NULL);
775 }
776
777 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
778 sizeof(file_header.iv)))) {
779 gcry_free(inbuf);
780 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
781 return rc;
782 }
783
784 if ((rc = gcry_cipher_setkey(gh, shakey, gcrykeysize))) {
785 gcry_free(inbuf);
786 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
787 return rc;
788 }
789
790 if (encrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
791 gcry_free(inbuf);
792 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
793 return rc;
794 }
795
796 if (client && iter_progress && file_header.iter >= iter_progress) {
797 error = assuan_write_status(client->ctx, "ENCRYPT",
798 print_fmt("%i", file_header.iter));
799
800 if (error) {
801 gcry_free(inbuf);
802 return error;
803 }
804 }
805
806 if (filename) {
807 g_snprintf(tmp, sizeof(tmp), ".%s.tmp", filename);
808
809 if ((fd = open(tmp, O_WRONLY|O_CREAT|O_TRUNC, 0600)) == -1) {
810 error = errno;
811 gcry_free(inbuf);
812 p = strrchr(tmp, '/');
813 p++;
814 log_write("%s: %s", p, strerror(errno));
815 return gpg_error_from_errno(error);
816 }
817 }
818 else
819 /*
820 * xml_import() from command line.
821 */
822 fd = STDOUT_FILENO;
823
824 len = pth_write(fd, &file_header, sizeof(struct file_header_s));
825
826 if (len != sizeof(file_header)) {
827 len = errno;
828
829 if (filename)
830 close(fd);
831
832 gcry_free(inbuf);
833 return gpg_error_from_errno(len);
834 }
835
836 len = pth_write(fd, inbuf, insize);
837
838 if (len != insize) {
839 len = errno;
840
841 if (filename)
842 close(fd);
843
844 gcry_free(inbuf);
845 return gpg_error_from_errno(len);
846 }
847
848 if (fsync(fd) == -1) {
849 len = errno;
850 close(fd);
851 gcry_free(inbuf);
852 return gpg_error_from_errno(len);
853 }
854
855 if (filename) {
856 struct stat st;
857 mode_t mode = 0;
858
859 close(fd);
860
861 if (stat(filename, &st) == 0)
862 mode = st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO);
863
864 if (rename(tmp, filename) == -1) {
865 len = errno;
866 gcry_free(inbuf);
867 return gpg_error_from_errno(len);
868 }
869
870 if (mode)
871 chmod(filename, mode);
872 }
873
874 gcry_free(inbuf);
875 return 0;
876 }
877
878 static int save_command(assuan_context_t ctx, char *line)
879 {
880 gpointer xmlbuf;
881 xmlChar *p;
882 gint len;
883 gint cached = 0;
884 guchar shakey[gcrykeysize];
885 gint iter;
886 struct stat st;
887 struct client_s *client = assuan_get_pointer(ctx);
888 gpg_error_t error;
889 gint timeout;
890 gpointer outbuf;
891 glong outsize = 0;
892 gint zerror;
893
894 error = file_modified(client);
895
896 if (error) {
897 log_write("%s: %s", client->filename ? client->filename : "",
898 pwmd_strerror(error));
899 return send_error(ctx, error);
900 }
901
902 error = lock_file_mutex(client);
903
904 if (error)
905 return send_error(ctx, error);
906
907 if (stat(client->filename, &st) == -1 && errno != ENOENT)
908 return send_syserror(ctx, errno);
909
910 if (errno != ENOENT && !S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
911 log_write("%s: %s", client->filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
912 return send_error(ctx, EPWMD_INVALID_FILENAME);
913 }
914
915 if (!line || !*line) {
916 CACHE_LOCK(ctx);
917
918 if (cache_get_key(client->md5file, shakey) == FALSE) {
919 CACHE_UNLOCK;
920 return send_error(ctx, EPWMD_KEY);
921 }
922
923 CACHE_UNLOCK;
924 cached = 1;
925 }
926 else {
927 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, line, strlen(line));
928 memset(line, 0, strlen(line));
929 }
930
931 xmlDocDumpFormatMemory(client->doc, &p, &len, 0);
932 xmlbuf = p;
933
934 iter = get_key_file_integer(client->filename, "compression_level");
935
936 if (iter < 0)
937 iter = 0;
938
939 if (do_compress(ctx, iter, xmlbuf, len, &outbuf, &outsize, &zerror) == FALSE) {
940 memset(shakey, 0, sizeof(shakey));
941 xmlFree(xmlbuf);
942
943 if (zerror == Z_MEM_ERROR) {
944 return send_syserror(ctx, ENOMEM);
945 }
946 else
947 return send_error(ctx, GPG_ERR_COMPR_ALGO);
948 }
949 else {
950 gcry_free(xmlbuf);
951 xmlbuf = outbuf;
952 len = outsize;
953 }
954
955 if ((iter = get_key_file_integer(client->filename, "iterations")) == -1)
956 iter = 0;
957
958 error = do_xml_encrypt(client, client->gh, client->filename, xmlbuf, len, shakey, iter);
959
960 if (error) {
961 memset(shakey, 0, sizeof(shakey));
962 return send_error(ctx, error);
963 }
964
965 stat(client->filename, &st);
966 client->mtime = st.st_mtime;
967 timeout = get_key_file_integer(client->filename, "cache_timeout");
968 CACHE_LOCK(client->ctx);
969
970 if (cached) {
971 memset(shakey, 0, sizeof(shakey));
972 cache_reset_timeout(client->md5file, timeout);
973 client->new = FALSE;
974 CACHE_UNLOCK;
975 return send_error(ctx, 0);
976 }
977
978 if (cache_update_key(client->md5file, shakey) == FALSE) {
979 memset(shakey, 0, sizeof(shakey));
980 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
981 CACHE_UNLOCK;
982 return send_error(ctx, EPWMD_MAX_SLOTS);
983 }
984
985 client->new = FALSE;
986 memset(shakey, 0, sizeof(shakey));
987 cache_reset_timeout(client->md5file, timeout);
988 CACHE_UNLOCK;
989 return send_error(ctx, 0);
990 }
991
992 static gboolean contains_whitespace(const gchar *str)
993 {
994 const gchar *p = str;
995 gunichar c;
996 glong len;
997
998 len = g_utf8_strlen(p++, -1) -1;
999
1000 while (len--) {
1001 c = g_utf8_get_char(p++);
1002
1003 if (g_unichar_isspace(c))
1004 return TRUE;
1005 }
1006
1007 return FALSE;
1008 }
1009
1010 static int delete_command(assuan_context_t ctx, char *line)
1011 {
1012 struct client_s *client = assuan_get_pointer(ctx);
1013 gchar **req;
1014 gpg_error_t error;
1015 xmlNodePtr n;
1016
1017 error = file_modified(client);
1018
1019 if (error) {
1020 log_write("%s: %s", client->filename ? client->filename : "",
1021 pwmd_strerror(error));
1022 return send_error(ctx, error);
1023 }
1024
1025 if (strchr(line, '\t'))
1026 req = split_input_line(line, "\t", -1);
1027 else
1028 req = split_input_line(line, " ", -1);
1029
1030 if (!req || !*req)
1031 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1032
1033 n = find_account(client->doc, &req, &error, NULL, 0);
1034
1035 if (!n) {
1036 g_strfreev(req);
1037 return send_error(ctx, error);
1038 }
1039
1040 /*
1041 * No sub-node defined. Remove the entire node (account).
1042 */
1043 if (!req[1]) {
1044 if (n) {
1045 xmlUnlinkNode(n);
1046 xmlFreeNode(n);
1047 }
1048
1049 g_strfreev(req);
1050 return send_error(ctx, 0);
1051 }
1052
1053 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, FALSE, 0, NULL);
1054 g_strfreev(req);
1055
1056 if (!n)
1057 return send_error(ctx, error);
1058
1059 if (n) {
1060 xmlUnlinkNode(n);
1061 xmlFreeNode(n);
1062 }
1063
1064 return send_error(ctx, 0);
1065 }
1066
1067 /*
1068 * Don't return with assuan_process_done() here. This has been called from
1069 * assuan_process_next() and the command should be finished in
1070 * client_thread().
1071 */
1072 static int store_command_finalize(gpointer data, gint rc, guchar *line,
1073 gsize len)
1074 {
1075 assuan_context_t ctx = data;
1076 struct client_s *client = assuan_get_pointer(ctx);
1077 gchar **req;
1078 guchar *result = line;
1079 xmlNodePtr n;
1080 gpg_error_t error = file_modified(client);
1081
1082 if (rc) {
1083 if (line)
1084 #ifndef MEM_DEBUG
1085 xfree(line);
1086 #else
1087 free(line);
1088 #endif
1089 return rc;
1090 }
1091
1092 req = split_input_line((gchar *)result, "\t", 0);
1093 #ifndef MEM_DEBUG
1094 xfree(line);
1095 #else
1096 free(line);
1097 #endif
1098
1099 if (rc) {
1100 if (req)
1101 g_strfreev(req);
1102
1103 return rc;
1104 }
1105
1106 if (!req || !*req)
1107 return EPWMD_COMMAND_SYNTAX;
1108
1109 again:
1110 n = find_account(client->doc, &req, &error, NULL, 0);
1111
1112 if (error && error == EPWMD_ELEMENT_NOT_FOUND) {
1113 if (contains_whitespace(*req) == TRUE) {
1114 g_strfreev(req);
1115 return EPWMD_INVALID_ELEMENT;
1116 }
1117
1118 error = new_account(client->doc, *req);
1119
1120 if (error) {
1121 g_strfreev(req);
1122 return error;
1123 }
1124
1125 goto again;
1126 }
1127
1128 if (!n) {
1129 g_strfreev(req);
1130 return error;
1131 }
1132
1133 if (req[1]) {
1134 if (!n->children)
1135 create_elements_cb(n, req+1, &error, NULL);
1136 else
1137 find_elements(client->doc, n->children, req+1, &error,
1138 NULL, NULL, create_elements_cb, FALSE, 0, NULL);
1139 }
1140
1141 g_strfreev(req);
1142 return send_error(ctx, error);
1143 }
1144
1145 static int store_command(assuan_context_t ctx, char *line)
1146 {
1147 struct client_s *client = assuan_get_pointer(ctx);
1148 gpg_error_t error = file_modified(client);
1149
1150 if (error) {
1151 log_write("%s: %s", client->filename ? client->filename : "",
1152 pwmd_strerror(error));
1153 return send_error(ctx, error);
1154 }
1155
1156 error = assuan_inquire_ext(ctx, "STORE", 0, store_command_finalize, ctx);
1157
1158 if (error)
1159 return send_error(ctx, error);
1160
1161 /* Don't return with assuan_process_done() here. This is an INQUIRE. */
1162 return 0;
1163 }
1164
1165 static int get_command(assuan_context_t ctx, char *line)
1166 {
1167 struct client_s *client = assuan_get_pointer(ctx);
1168 gchar **req;
1169 gpg_error_t error;
1170 xmlNodePtr n;
1171
1172 error = file_modified(client);
1173
1174 if (error) {
1175 log_write("%s: %s", client->filename ? client->filename : "",
1176 pwmd_strerror(error));
1177 return send_error(ctx, error);
1178 }
1179
1180 req = split_input_line(line, "\t", -1);
1181
1182 if (!req || !*req) {
1183 g_strfreev(req);
1184 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1185 }
1186
1187 n = find_account(client->doc, &req, &error, NULL, 0);
1188
1189 if (!n) {
1190 g_strfreev(req);
1191 return send_error(ctx, error);
1192 }
1193
1194 if (req[1])
1195 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, FALSE, 0, NULL);
1196
1197 g_strfreev(req);
1198
1199 if (error)
1200 return send_error(ctx, error);
1201
1202 if (!n || !n->children)
1203 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1204
1205 n = n->children;
1206
1207 if (!n || !n->content || !*n->content)
1208 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1209
1210 error = assuan_send_data(ctx, n->content, xmlStrlen(n->content));
1211 return send_error(ctx, error);
1212 }
1213
1214 static gchar *element_path_to_req(const gchar *account, xmlChar *path)
1215 {
1216 xmlChar *p = path;
1217 gint n;
1218 gchar *buf;
1219
1220 if (!p)
1221 return NULL;
1222
1223 for (n = 0; *p && n < 3; p++) {
1224 if (*p == '/')
1225 n++;
1226 }
1227
1228 if (strstr((gchar *)p, "text()") != NULL)
1229 p[xmlStrlen(p) - 7] = 0;
1230
1231 for (n = 0; p[n]; n++) {
1232 if (p[n] == '/')
1233 p[n] = '\t';
1234 }
1235
1236 buf = g_strdup_printf("%s\t%s", account, p);
1237 return buf;
1238 }
1239
1240 gboolean strv_printf(gchar ***array, const gchar *fmt, ...)
1241 {
1242 gchar **a;
1243 va_list ap;
1244 gchar *buf;
1245 gint len = *array ? g_strv_length(*array) : 0;
1246 gint ret;
1247
1248 if (!fmt)
1249 return FALSE;
1250
1251 if ((a = g_realloc(*array, (len + 2) * sizeof(gchar *))) == NULL)
1252 return FALSE;
1253
1254 va_start(ap, fmt);
1255 ret = g_vasprintf(&buf, fmt, ap);
1256 va_end(ap);
1257
1258 if (ret == -1)
1259 return FALSE;
1260
1261 a[len++] = buf;
1262 a[len] = NULL;
1263 *array = a;
1264 return TRUE;
1265 }
1266
1267 struct realpath_s {
1268 gchar *account;
1269 };
1270
1271 static xmlNodePtr realpath_elements_cb(xmlNodePtr node, gchar **req,
1272 gpg_error_t *error, void *data)
1273 {
1274 struct realpath_s *rp = data;
1275
1276 if (rp->account)
1277 g_free(rp->account);
1278
1279 rp->account = g_strdup(req[0]);
1280
1281 if (!rp->account) {
1282 *error = gpg_error_from_errno(ENOMEM);
1283 return NULL;
1284 }
1285
1286 return node;
1287 }
1288
1289 static int realpath_command(assuan_context_t ctx, char *line)
1290 {
1291 gpg_error_t error;
1292 struct client_s *client = assuan_get_pointer(ctx);
1293 xmlChar *p;
1294 gchar **req;
1295 gchar *result, *t;
1296 gint i;
1297 xmlNodePtr n;
1298 struct realpath_s *rp;
1299 GString *string;
1300
1301 error = file_modified(client);
1302
1303 if (error) {
1304 log_write("%s: %s", client->filename ? client->filename : "",
1305 pwmd_strerror(error));
1306 return send_error(ctx, error);
1307 }
1308
1309 if (strchr(line, '\t') != NULL) {
1310 if ((req = split_input_line(line, "\t", 0)) == NULL)
1311 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1312 }
1313 else {
1314 if ((req = split_input_line(line, " ", 0)) == NULL)
1315 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1316 }
1317
1318 n = find_account(client->doc, &req, &error, NULL, 0);
1319
1320 if (!n) {
1321 g_strfreev(req);
1322 return send_error(ctx, error);
1323 }
1324
1325 rp = g_malloc(sizeof(struct realpath_s));
1326
1327 if (!rp) {
1328 g_strfreev(req);
1329 return send_syserror(ctx, ENOMEM);
1330 }
1331
1332 rp->account = g_strdup(req[0]);
1333
1334 if (!rp->account) {
1335 g_strfreev(req);
1336 return send_syserror(ctx, ENOMEM);
1337 }
1338
1339 if (req[1]) {
1340 n = find_elements(client->doc, n->children, req+1, &error,
1341 NULL, realpath_elements_cb, NULL, FALSE, 0, rp);
1342
1343 if (!n) {
1344 g_free(rp->account);
1345 g_free(rp);
1346 g_strfreev(req);
1347 return send_error(ctx, error);
1348 }
1349 }
1350
1351 p = xmlGetNodePath(n);
1352 result = element_path_to_req(rp->account, p);
1353
1354 if (!result) {
1355 g_free(result);
1356 g_free(rp->account);
1357 g_free(rp);
1358 g_strfreev(req);
1359 xmlFree(p);
1360 return send_syserror(ctx, ENOMEM);
1361 }
1362
1363 string = g_string_new(result);
1364 g_free(result);
1365 g_free(rp->account);
1366 g_free(rp);
1367 g_strfreev(req);
1368 xmlFree(p);
1369 i = 0;
1370
1371 again:
1372 for (t = string->str + i; *t; t++, i++) {
1373 if (!i || *t == '\t') {
1374 string = g_string_insert_c(string, !i ? i++ : ++i, '!');
1375 goto again;
1376 }
1377 }
1378
1379 error = assuan_send_data(ctx, string->str, string->len);
1380 g_string_free(string, TRUE);
1381 return send_error(ctx, error);
1382 }
1383
1384 struct list_element_s {
1385 GSList *list;
1386 gchar **elements;
1387 };
1388
1389 static gboolean append_to_element_list(struct list_element_s *elements)
1390 {
1391 gchar *tmp;
1392 gint i, total;
1393 gchar *a;
1394 GSList *list;
1395
1396 if (!elements || !elements->elements)
1397 return TRUE;
1398
1399 tmp = g_strjoinv("\t", elements->elements);
1400
1401 if (!tmp)
1402 return FALSE;
1403
1404 g_strfreev(elements->elements);
1405 elements->elements = NULL;
1406 total = g_slist_length(elements->list);
1407 a = g_utf8_collate_key(tmp, -1);
1408
1409 if (!a) {
1410 g_free(tmp);
1411 return FALSE;
1412 }
1413
1414 /*
1415 * Removes duplicate element paths from the list. This is needed when
1416 * appending an element tree from list_command(). The glib docs recommend
1417 * using g_utf8_collate_key() for a large number of strings.
1418 */
1419 for (i = 0; i < total; i++) {
1420 gchar *p = g_slist_nth_data(elements->list, i);
1421 gchar *b = g_utf8_collate_key(p, -1);
1422
1423 if (!b) {
1424 g_free(a);
1425 g_free(tmp);
1426 return FALSE;
1427 }
1428
1429 if (strcmp(a, b) == 0) {
1430 g_free(a);
1431 g_free(b);
1432 g_free(tmp);
1433 return TRUE;
1434 }
1435
1436 g_free(b);
1437 }
1438
1439 g_free(a);
1440 list = g_slist_append(elements->list, tmp);
1441
1442 if (!list)
1443 return FALSE;
1444
1445 elements->list = list;
1446 return TRUE;
1447 }
1448
1449 static gpg_error_t do_list_recurse(xmlDocPtr doc, xmlNodePtr node,
1450 struct list_element_s *elements, gchar *prefix)
1451 {
1452 xmlNodePtr n;
1453 gpg_error_t error;
1454
1455 if (append_to_element_list(elements) == FALSE)
1456 return gpg_error_from_errno(ENOMEM);
1457
1458 for (n = node; n; n = n->next) {
1459 if (n->type == XML_ELEMENT_NODE) {
1460 xmlChar *content = node_has_attribute(n, (xmlChar *)"target");
1461 gchar *tmp;
1462
1463 if (content) {
1464 if (strv_printf(&elements->elements, "%s\t%s", prefix, n->name) == FALSE)
1465 return gpg_error_from_errno(ENOMEM);
1466
1467 if (append_to_element_list(elements) == FALSE)
1468 return gpg_error_from_errno(ENOMEM);
1469 }
1470
1471 tmp = g_strdup_printf("%s\t!%s", prefix, n->name);
1472
1473 if (!tmp)
1474 return gpg_error_from_errno(ENOMEM);
1475
1476 if (strv_printf(&elements->elements, "%s", tmp) == FALSE) {
1477 g_free(tmp);
1478 return gpg_error_from_errno(ENOMEM);
1479 }
1480
1481 if (n->children) {
1482 error = do_list_recurse(doc, n->children, elements, tmp);
1483 g_free(tmp);
1484
1485 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1486 return error;
1487 }
1488 else
1489 g_free(tmp);
1490
1491 if (append_to_element_list(elements) == FALSE)
1492 return gpg_error_from_errno(ENOMEM);
1493 }
1494 }
1495
1496 return 0;
1497 }
1498
1499 static gpg_error_t do_list_command(assuan_context_t ctx, xmlDocPtr doc,
1500 struct list_element_s *elements, char *line)
1501 {
1502 gchar *prefix = NULL, *account;
1503 gchar **req = NULL, **oreq = NULL, *tmp;
1504 xmlNodePtr n;
1505 gboolean account_is_literal, account_has_target = FALSE;
1506 gint which = 0;
1507 gchar **p;
1508 gpg_error_t error;
1509
1510 if ((req = split_input_line(line, "\t", 0)) == NULL) {
1511 if ((req = split_input_line(line, " ", 0)) == NULL)
1512 return EPWMD_COMMAND_SYNTAX;
1513 }
1514
1515 prefix = g_strdup(*req);
1516
1517 if (!prefix) {
1518 g_strfreev(req);
1519 return gpg_error_from_errno(ENOMEM);
1520 }
1521
1522 account = g_strdup(*req);
1523
1524 if (!account) {
1525 g_free(prefix);
1526 g_strfreev(req);
1527 return gpg_error_from_errno(ENOMEM);
1528 }
1529
1530 oreq = g_strdupv(req);
1531
1532 if (!oreq) {
1533 g_free(prefix);
1534 g_free(account);
1535 g_strfreev(req);
1536 return gpg_error_from_errno(ENOMEM);
1537 }
1538
1539 p = req;
1540 again:
1541 account_has_target = FALSE;
1542 account_is_literal = is_literal_element_str(prefix);
1543 n = find_account(doc, &p, &error, &account_has_target, 0);
1544
1545 if (which)
1546 oreq = p;
1547 else
1548 req = p;
1549
1550 if (!n)
1551 goto fail;
1552
1553 if (!which && account_is_literal == FALSE && account_has_target == FALSE) {
1554 tmp = g_strdup_printf("!%s", prefix);
1555
1556 if (!tmp) {
1557 error = gpg_error_from_errno(ENOMEM);
1558 goto fail;
1559 }
1560
1561 g_free(prefix);
1562 prefix = tmp;
1563 }
1564
1565 if (*(p+1)) {
1566 gchar *t;
1567
1568 n = find_elements(doc, n->children, p+1, &error, NULL, NULL, NULL,
1569 TRUE, 0, NULL);
1570
1571 if (error)
1572 goto fail;
1573
1574 tmp = g_strjoinv("\t", p+1);
1575 if (!tmp) {
1576 error = gpg_error_from_errno(ENOMEM);
1577 goto fail;
1578 }
1579
1580 t = g_strdup_printf("%s\t%s", prefix, tmp);
1581 if (!t) {
1582 error = gpg_error_from_errno(ENOMEM);
1583 goto fail;
1584 }
1585
1586 g_free(prefix);
1587 prefix = t;
1588 g_free(tmp);
1589 }
1590
1591 if (strv_printf(&elements->elements, "%s", prefix) == FALSE) {
1592 error = gpg_error_from_errno(ENOMEM);
1593 goto fail;
1594 }
1595
1596 if (node_has_child_element(n->children) == FALSE) {
1597 if (append_to_element_list(elements) == FALSE) {
1598 error = gpg_error_from_errno(ENOMEM);
1599 goto fail;
1600 }
1601 }
1602 else
1603 error = do_list_recurse(doc, n->children, elements, prefix);
1604
1605 if (error)
1606 goto fail;
1607
1608 if (!which++ && !*(p+1) && account_is_literal == FALSE && account_has_target == TRUE) {
1609 g_free(*oreq);
1610 *oreq = g_strdup_printf("!%s", account);
1611
1612 if (!*oreq) {
1613 error = gpg_error_from_errno(ENOMEM);
1614 goto fail;
1615 }
1616
1617 p = oreq;
1618 g_free(prefix);
1619 prefix = g_strdup(*oreq);
1620
1621 if (!prefix) {
1622 error = gpg_error_from_errno(ENOMEM);
1623 goto fail;
1624 }
1625
1626 goto again;
1627 }
1628
1629 fail:
1630 g_free(prefix);
1631 g_free(account);
1632 g_strfreev(req);
1633
1634 if (oreq)
1635 g_strfreev(oreq);
1636
1637 return error;
1638 }
1639
1640 /*
1641 * This could be faster especially when finding "target" attributes.
1642 */
1643 static int list_command(assuan_context_t ctx, char *line)
1644 {
1645 struct client_s *client = assuan_get_pointer(ctx);
1646 gpg_error_t error;
1647 struct list_element_s *elements = NULL;
1648 GString *string;
1649 gchar *tmp;
1650 gint i, total;
1651
1652 if (disable_list_and_dump == TRUE)
1653 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
1654
1655 error = file_modified(client);
1656
1657 if (error) {
1658 log_write("%s: %s", client->filename, pwmd_strerror(error));
1659 return send_error(ctx, error);
1660 }
1661
1662 if (!*line) {
1663 GString *str;
1664
1665 error = list_accounts(client->doc, &str);
1666
1667 if (error)
1668 return send_error(ctx, error);
1669
1670 error = assuan_send_data(ctx, str->str, str->len);
1671 g_string_free(str, TRUE);
1672 return send_error(ctx, error);
1673 }
1674
1675 elements = g_malloc0(sizeof(struct list_element_s));
1676
1677 if (!elements) {
1678 error = gpg_error_from_errno(ENOMEM);
1679 goto fail;
1680 }
1681
1682 error = do_list_command(ctx, client->doc, elements, line);
1683
1684 if (error)
1685 goto fail;
1686
1687 if (!error) {
1688 total = g_slist_length(elements->list);
1689
1690 if (!total) {
1691 error = EPWMD_EMPTY_ELEMENT;
1692 goto fail;
1693 }
1694
1695 /*
1696 * Find element paths with a target and append those element trees to
1697 * the list.
1698 */
1699 for (i = 0; i < total; i++) {
1700 gchar **req;
1701
1702 tmp = g_slist_nth_data(elements->list, i);
1703 req = split_input_line(tmp, "\t", 0);
1704
1705 if (!req) {
1706 if (g_str_has_prefix(tmp, "!") == TRUE) {
1707 g_strfreev(req);
1708 continue;
1709 }
1710 }
1711 else {
1712 gchar **p;
1713
1714 for (p = req; *p; p++) {
1715 if (g_str_has_prefix(*p, "!") == FALSE)
1716 break;
1717 }
1718
1719 if (!*p) {
1720 g_strfreev(req);
1721 continue;
1722 }
1723 }
1724
1725 g_strfreev(req);
1726 error = do_list_command(ctx, client->doc, elements, tmp);
1727
1728 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1729 goto fail;
1730
1731 total = g_slist_length(elements->list);
1732 }
1733 }
1734
1735 string = g_string_new(NULL);
1736
1737 for (i = 0; i < total; i++) {
1738 tmp = g_slist_nth_data(elements->list, i);
1739 g_string_append_printf(string, "%s\n", tmp);
1740 g_free(tmp);
1741 }
1742
1743 string = g_string_truncate(string, string->len - 1);
1744 error = assuan_send_data(ctx, string->str, string->len);
1745 g_string_free(string, TRUE);
1746
1747 fail:
1748 if (elements) {
1749 if (elements->list)
1750 g_slist_free(elements->list);
1751
1752 if (elements->elements)
1753 g_strfreev(elements->elements);
1754
1755 g_free(elements);
1756 }
1757
1758 return send_error(ctx, error);
1759 }
1760
1761 static gpg_error_t add_attribute(xmlNodePtr node, const gchar *name,
1762 const gchar *value)
1763 {
1764 xmlAttrPtr a;
1765
1766 if ((a = xmlHasProp(node, (xmlChar *)name)) == NULL) {
1767 a = xmlNewProp(node, (xmlChar *)name, (xmlChar *)value);
1768
1769 if (!a)
1770 return EPWMD_LIBXML_ERROR;
1771 }
1772 else
1773 xmlNodeSetContent(a->children, (xmlChar *)value);
1774
1775 return 0;
1776 }
1777
1778 /*
1779 * req[0] - element path
1780 */
1781 static int attribute_list(assuan_context_t ctx, gchar **req)
1782 {
1783 struct client_s *client = assuan_get_pointer(ctx);
1784 gchar **attrlist = NULL;
1785 gint i = 0;
1786 gchar **path = NULL;
1787 xmlAttrPtr a;
1788 xmlNodePtr n, an;
1789 gchar *line;
1790 gpg_error_t error;
1791
1792 if (!req || !req[0])
1793 return EPWMD_COMMAND_SYNTAX;
1794
1795 if ((path = split_input_line(req[0], "\t", 0)) == NULL) {
1796 /*
1797 * The first argument may be only an account.
1798 */
1799 if ((path = split_input_line(req[0], " ", 0)) == NULL)
1800 return EPWMD_COMMAND_SYNTAX;
1801 }
1802
1803 n = find_account(client->doc, &path, &error, NULL, 0);
1804
1805 if (!n) {
1806 g_strfreev(path);
1807 return error;
1808 }
1809
1810 if (path[1]) {
1811 n = find_elements(client->doc, n->children, path+1, &error,
1812 NULL, NULL, NULL, FALSE, 0, NULL);
1813
1814 if (!n) {
1815 g_strfreev(path);
1816 return error;
1817 }
1818 }
1819
1820 g_strfreev(path);
1821
1822 for (a = n->properties; a; a = a->next) {
1823 gchar **pa;
1824
1825 if ((pa = g_realloc(attrlist, (i + 2) * sizeof(gchar *))) == NULL) {
1826 if (attrlist)
1827 g_strfreev(attrlist);
1828
1829 error = errno;
1830 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(errno));
1831 return gpg_error_from_errno(error);
1832 }
1833
1834 attrlist = pa;
1835 an = a->children;
1836 attrlist[i] = g_strdup_printf("%s\t%s", (gchar *)a->name, (gchar *)an->content);
1837
1838 if (!attrlist[i]) {
1839 g_strfreev(attrlist);
1840 return gpg_error_from_errno(ENOMEM);
1841 }
1842
1843 attrlist[++i] = NULL;
1844 }
1845
1846 if (!attrlist)
1847 return EPWMD_EMPTY_ELEMENT;
1848
1849 line = g_strjoinv("\n", attrlist);
1850
1851 if (!line) {
1852 g_strfreev(attrlist);
1853 return gpg_error_from_errno(ENOMEM);
1854 }
1855
1856 error = assuan_send_data(ctx, line, strlen(line));
1857 g_free(line);
1858 g_strfreev(attrlist);
1859 return error;
1860 }
1861
1862 /*
1863 * req[0] - attribute
1864 * req[1] - element path
1865 */
1866 static int attribute_delete(struct client_s *client, gchar **req)
1867 {
1868 xmlAttrPtr a;
1869 xmlNodePtr n;
1870 gchar **path = NULL;
1871 gpg_error_t error;
1872
1873 if (!req || !req[0] || !req[1])
1874 return EPWMD_COMMAND_SYNTAX;
1875
1876 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1877 /*
1878 * The first argument may be only an account.
1879 */
1880 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1881 return EPWMD_COMMAND_SYNTAX;
1882 }
1883
1884 /*
1885 * Don't remove the "name" attribute for the account element. To remove an
1886 * account use DELETE <account>.
1887 */
1888 if (!path[1] && xmlStrEqual((xmlChar *)req[0], (xmlChar *)"name")) {
1889 error = EPWMD_ATTR_SYNTAX;
1890 goto fail;
1891 }
1892
1893 n = find_account(client->doc, &path, &error, NULL, 0);
1894
1895 if (!n)
1896 goto fail;
1897
1898 if (path[1]) {
1899 n = find_elements(client->doc, n->children, path+1, &error,
1900 NULL, NULL, NULL, FALSE, 0, NULL);
1901
1902 if (!n)
1903 goto fail;
1904 }
1905
1906 g_strfreev(path);
1907
1908 if ((a = xmlHasProp(n, (xmlChar *)req[0])) == NULL)
1909 return EPWMD_ATTR_NOT_FOUND;
1910
1911 if (xmlRemoveProp(a) == -1)
1912 return EPWMD_LIBXML_ERROR;
1913
1914 return 0;
1915
1916 fail:
1917 g_strfreev(path);
1918 return error;
1919 }
1920
1921 /*
1922 * Creates a "target" attribute. When other commands encounter an element with
1923 * this attribute, the element path is modified to the target value. If the
1924 * source element path doesn't exist when using 'ATTR SET target', it is
1925 * created, but the destination element path must exist.
1926 *
1927 * req[0] - source element path
1928 * req[1] - destination element path
1929 */
1930 static gpg_error_t target_attribute(struct client_s *client, gchar **req)
1931 {
1932 gchar **src, **dst, *line;
1933 gpg_error_t error;
1934 xmlNodePtr n;
1935
1936 if (!req || !req[0] || !req[1])
1937 return EPWMD_COMMAND_SYNTAX;
1938
1939 if ((src = split_input_line(req[0], "\t", 0)) == NULL) {
1940 /*
1941 * The first argument may be only an account.
1942 */
1943 if ((src = split_input_line(req[0], " ", 0)) == NULL)
1944 return EPWMD_COMMAND_SYNTAX;
1945 }
1946
1947 if ((dst = split_input_line(req[1], "\t", 0)) == NULL) {
1948 /*
1949 * The first argument may be only an account.
1950 */
1951 if ((dst = split_input_line(req[1], " ", 0)) == NULL) {
1952 error = EPWMD_COMMAND_SYNTAX;
1953 goto fail;
1954 }
1955 }
1956
1957 n = find_account(client->doc, &dst, &error, NULL, 0);
1958
1959 /*
1960 * Make sure the destination element path exists.
1961 */
1962 if (!n)
1963 goto fail;
1964
1965 if (dst[1]) {
1966 n = find_elements(client->doc, n->children, dst+1, &error,
1967 NULL, NULL, NULL, FALSE, 0, NULL);
1968
1969 if (!n)
1970 goto fail;
1971 }
1972
1973 again:
1974 n = find_account(client->doc, &src, &error, NULL, 0);
1975
1976 if (!n) {
1977 if (error == EPWMD_ELEMENT_NOT_FOUND) {
1978 error = new_account(client->doc, src[0]);
1979
1980 if (error)
1981 goto fail;
1982
1983 goto again;
1984 }
1985 else
1986 goto fail;
1987 }
1988
1989 if (src[1]) {
1990 if (!n->children)
1991 n = create_target_elements_cb(n, src+1, &error, NULL);
1992 else
1993 n = find_elements(client->doc, n->children, src+1, &error,
1994 NULL, NULL, create_target_elements_cb, FALSE, 0, NULL);
1995
1996 if (!n)
1997 goto fail;
1998
1999 /*
2000 * Reset the position of the element tree now that the elements
2001 * have been created.
2002 */
2003 n = find_account(client->doc, &src, &error, NULL, 0);
2004
2005 if (!n)
2006 goto fail;
2007
2008 n = find_elements(client->doc, n->children, src+1, &error,
2009 NULL, NULL, NULL, FALSE, 0, NULL);
2010
2011 if (!n)
2012 goto fail;
2013 }
2014
2015 line = g_strjoinv("\t", dst);
2016 error = add_attribute(n, "target", line);
2017
2018 if (error) {
2019 g_free(line);
2020 goto fail;
2021 }
2022
2023 g_free(line);
2024 g_strfreev(src);
2025 g_strfreev(dst);
2026 return 0;
2027
2028 fail:
2029 g_strfreev(src);
2030 g_strfreev(dst);
2031 return error;
2032 }
2033
2034 /*
2035 * req[0] - account name
2036 * req[1] - new name
2037 */
2038 static gpg_error_t name_attribute(struct client_s *client, gchar **req)
2039 {
2040 gpg_error_t error;
2041 gchar **tmp;
2042 xmlNodePtr n;
2043
2044 tmp = g_strdupv(req);
2045
2046 if (!tmp)
2047 return gpg_error_from_errno(ENOMEM);
2048
2049 n = find_account(client->doc, &tmp, &error, NULL, 0);
2050 g_strfreev(tmp);
2051
2052 if (!n)
2053 return error;
2054
2055 if (g_utf8_collate(req[0], req[1]) == 0)
2056 return 0;
2057
2058 /*
2059 * Will not overwrite an existing account.
2060 */
2061 tmp = g_strdupv(req+1);
2062
2063 if (!tmp)
2064 return gpg_error_from_errno(ENOMEM);
2065
2066 n = find_account(client->doc, &tmp, &error, NULL, 0);
2067 g_strfreev(tmp);
2068
2069 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
2070 return error;
2071
2072 if (n)
2073 return EPWMD_ACCOUNT_EXISTS;
2074
2075 /*
2076 * Whitespace not allowed in account names.
2077 */
2078 if (contains_whitespace(req[1]) == TRUE)
2079 return EPWMD_ATTR_SYNTAX;
2080
2081 tmp = g_strdupv(req);
2082
2083 if (!tmp)
2084 return gpg_error_from_errno(ENOMEM);
2085
2086 n = find_account(client->doc, &tmp, &error, NULL, 0);
2087 g_strfreev(tmp);
2088
2089 if (!n)
2090 return EPWMD_ELEMENT_NOT_FOUND;
2091
2092 return add_attribute(n, "name", req[1]);
2093 }
2094
2095 /*
2096 * req[0] - attribute
2097 * req[1] - element path
2098 */
2099 static int attribute_get(assuan_context_t ctx, gchar **req)
2100 {
2101 struct client_s *client = assuan_get_pointer(ctx);
2102 xmlNodePtr n;
2103 xmlChar *a;
2104 gchar **path= NULL;
2105 gpg_error_t error;
2106
2107 if (!req || !req[0] || !req[1])
2108 return EPWMD_COMMAND_SYNTAX;
2109
2110 if (strchr(req[1], '\t')) {
2111 if ((path = split_input_line(req[1], "\t", 0)) == NULL)
2112 return EPWMD_COMMAND_SYNTAX;
2113 }
2114 else {
2115 if ((path = split_input_line(req[1], " ", 0)) == NULL)
2116 return EPWMD_COMMAND_SYNTAX;
2117 }
2118
2119 n = find_account(client->doc, &path, &error, NULL, 0);
2120
2121 if (!n)
2122 goto fail;
2123
2124 if (path[1]) {
2125 n = find_elements(client->doc, n->children, path+1, &error,
2126 NULL, NULL, NULL, FALSE, 0, NULL);
2127
2128 if (!n)
2129 goto fail;
2130 }
2131
2132 g_strfreev(path);
2133
2134 if ((a = xmlGetProp(n, (xmlChar *)req[0])) == NULL)
2135 return EPWMD_ATTR_NOT_FOUND;
2136
2137 error = assuan_send_data(ctx, a, xmlStrlen(a));
2138 xmlFree(a);
2139 return error;
2140
2141 fail:
2142 g_strfreev(path);
2143 return error;
2144 }
2145
2146 /*
2147 * req[0] - attribute
2148 * req[1] - element path
2149 * req[2] - value
2150 */
2151 static int attribute_set(struct client_s *client, gchar **req)
2152 {
2153 gchar **path = NULL;
2154 gpg_error_t error;
2155 xmlNodePtr n;
2156
2157 if (!req || !req[0] || !req[1] || !req[2])
2158 return EPWMD_COMMAND_SYNTAX;
2159
2160 /*
2161 * Reserved attribute names.
2162 */
2163 if (g_utf8_collate(req[0], "name") == 0) {
2164 /*
2165 * Only reserved for the account element. Not the rest of the
2166 * document.
2167 */
2168 if (strchr(req[1], '\t') == NULL)
2169 return name_attribute(client, req + 1);
2170 }
2171 else if (g_utf8_collate(req[0], "target") == 0)
2172 return target_attribute(client, req + 1);
2173
2174 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
2175 /*
2176 * The first argument may be only an account.
2177 */
2178 if ((path = split_input_line(req[1], " ", 0)) == NULL)
2179 return EPWMD_COMMAND_SYNTAX;
2180 }
2181
2182 n = find_account(client->doc, &path, &error, NULL, 0);
2183
2184 if (!n)
2185 goto fail;
2186
2187 if (path[1]) {
2188 n = find_elements(client->doc, n->children, path+1, &error,
2189 NULL, NULL, NULL, FALSE, 0, NULL);
2190
2191 if (!n)
2192 goto fail;
2193 }
2194
2195 g_strfreev(path);
2196 return add_attribute(n, req[0], req[2]);
2197
2198 fail:
2199 g_strfreev(path);
2200 return error;
2201 }
2202
2203 /*
2204 * req[0] - command
2205 * req[1] - attribute name or element path if command is LIST
2206 * req[2] - element path
2207 * req[2] - element path or value
2208 */
2209 static int attr_command(assuan_context_t ctx, char *line)
2210 {
2211 struct client_s *client = assuan_get_pointer(ctx);
2212 gchar **req = split_input_line(line, " ", 4);
2213 gpg_error_t error = 0;
2214
2215 error = file_modified(client);
2216
2217 if (error) {
2218 log_write("%s: %s", client->filename ? client->filename : "",
2219 pwmd_strerror(error));
2220 g_strfreev(req);
2221 return send_error(ctx, error);
2222 }
2223
2224 if (!req || !req[0] || !req[1]) {
2225 g_strfreev(req);
2226 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2227 }
2228
2229 if (g_ascii_strcasecmp(req[0], "SET") == 0)
2230 error = attribute_set(client, req+1);
2231 else if (g_ascii_strcasecmp(req[0], "GET") == 0)
2232 error = attribute_get(ctx, req+1);
2233 else if (g_ascii_strcasecmp(req[0], "DELETE") == 0)
2234 error = attribute_delete(client, req+1);
2235 else if (g_ascii_strcasecmp(req[0], "LIST") == 0)
2236 error = attribute_list(ctx, req+1);
2237 else
2238 error = EPWMD_COMMAND_SYNTAX;
2239
2240 g_strfreev(req);
2241 return send_error(ctx, error);
2242 }
2243
2244 static int iscached_command(assuan_context_t ctx, char *line)
2245 {
2246 gchar **req = split_input_line(line, " ", 0);
2247 guchar md5file[16];
2248
2249 if (!req || !*req) {
2250 g_strfreev(req);
2251 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2252 }
2253
2254 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2255 g_strfreev(req);
2256 CACHE_LOCK(ctx);
2257
2258 if (cache_iscached(md5file) == FALSE) {
2259 CACHE_UNLOCK;
2260 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2261 }
2262
2263 CACHE_UNLOCK;
2264 return send_error(ctx, 0);
2265 }
2266
2267 gpg_error_t send_cache_status(assuan_context_t ctx)
2268 {
2269 gchar *tmp;
2270 struct client_s *client = assuan_get_pointer(ctx);
2271
2272 CACHE_LOCK(client->ctx);
2273 tmp = print_fmt("%i %i",
2274 cache_file_count(),
2275 (cache_size / sizeof(file_cache_t)) - cache_file_count());
2276 CACHE_UNLOCK;
2277
2278 return assuan_write_status(ctx, "CACHE", tmp);
2279 }
2280
2281 static int clearcache_command(assuan_context_t ctx, char *line)
2282 {
2283 struct client_s *client = assuan_get_pointer(ctx);
2284 gchar **req = split_input_line(line, " ", 0);
2285 guchar md5file[16];
2286
2287 CACHE_LOCK(ctx);
2288
2289 if (!req || !*req) {
2290 g_strfreev(req);
2291 cache_clear(client->md5file, 2);
2292 CACHE_UNLOCK;
2293 return send_error(ctx, 0);
2294 }
2295
2296 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2297 g_strfreev(req);
2298
2299 if (cache_clear(md5file, 1) == FALSE) {
2300 CACHE_UNLOCK;
2301 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2302 }
2303
2304 CACHE_UNLOCK;
2305 return send_error(ctx, 0);
2306 }
2307
2308 static int cachetimeout_command(assuan_context_t ctx, char *line)
2309 {
2310 guchar md5file[16];
2311 glong timeout;
2312 gchar **req = split_input_line(line, " ", 0);
2313 gchar *p;
2314 struct client_s *client = assuan_get_pointer(ctx);
2315
2316 if (!req || !*req || !req[1]) {
2317 g_strfreev(req);
2318 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2319 }
2320
2321 errno = 0;
2322 timeout = strtol(req[0], &p, 10);
2323
2324 if (errno != 0 || *p != 0) {
2325 g_strfreev(req);
2326 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2327 }
2328
2329 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[1], strlen(req[1]));
2330 g_strfreev(req);
2331 CACHE_LOCK(client->ctx);
2332
2333 if (cache_set_timeout(md5file, timeout) == FALSE) {
2334 CACHE_UNLOCK;
2335 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2336 }
2337
2338 CACHE_UNLOCK;
2339 send_cache_status_all();
2340 return send_error(ctx, 0);
2341 }
2342
2343 static int dump_command(assuan_context_t ctx, char *line)
2344 {
2345 xmlChar *xml;
2346 gssize len;
2347 struct client_s *client = assuan_get_pointer(ctx);
2348 gpg_error_t error;
2349
2350 if (disable_list_and_dump == TRUE)
2351 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2352
2353 error = file_modified(client);
2354
2355 if (error) {
2356 log_write("%s: %s", client->filename ? client->filename : "",
2357 pwmd_strerror(error));
2358 return send_error(ctx, error);
2359 }
2360
2361 xmlDocDumpFormatMemory(client->doc, &xml, &len, 1);
2362 error = assuan_send_data(ctx, xml, len);
2363 xmlFree(xml);
2364 return send_error(ctx, error);
2365 }
2366
2367 static int getconfig_command(assuan_context_t ctx, gchar *line)
2368 {
2369 struct client_s *client = assuan_get_pointer(ctx);
2370 gpg_error_t error = 0;
2371 gchar *p, *tmp;
2372
2373 if (strcmp(line, "key") == 0 || strcmp(line, "key_file") == 0)
2374 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2375
2376 p = get_key_file_string(client->filename ? client->filename : "default", line);
2377
2378 if (!p)
2379 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2380
2381 tmp = expand_homedir(p);
2382 g_free(p);
2383 p = tmp;
2384 error = assuan_send_data(ctx, p, strlen(p));
2385 g_free(p);
2386 return send_error(ctx, error);
2387 }
2388
2389 void cleanup_assuan(assuan_context_t ctx)
2390 {
2391 struct client_s *cl = assuan_get_pointer(ctx);
2392
2393 cleanup_client(cl);
2394 }
2395
2396 static void reset_notify(assuan_context_t ctx)
2397 {
2398 struct client_s *cl = assuan_get_pointer(ctx);
2399
2400 cleanup_client(cl);
2401 }
2402
2403 gpg_error_t register_commands(assuan_context_t ctx)
2404 {
2405 static struct {
2406 const char *name;
2407 int (*handler)(assuan_context_t, char *line);
2408 } table[] = {
2409 { "OPEN", open_command },
2410 { "SAVE", save_command },
2411 { "LIST", list_command },
2412 { "REALPATH", realpath_command },
2413 { "STORE", store_command },
2414 { "DELETE", delete_command },
2415 { "GET", get_command },
2416 { "ATTR", attr_command },
2417 { "ISCACHED", iscached_command },
2418 { "CLEARCACHE", clearcache_command },
2419 { "CACHETIMEOUT", cachetimeout_command },
2420 { "GETCONFIG", getconfig_command },
2421 { "DUMP", dump_command },
2422 { "INPUT", NULL },
2423 { "OUTPUT", NULL },
2424 { NULL, NULL }
2425 };
2426 int i, rc;
2427
2428 for (i=0; table[i].name; i++) {
2429 rc = assuan_register_command (ctx, table[i].name, table[i].handler);
2430
2431 if (rc)
2432 return rc;
2433 }
2434
2435 rc = assuan_register_bye_notify(ctx, cleanup_assuan);
2436 if (rc)
2437 return rc;
2438
2439 return assuan_register_reset_notify(ctx, reset_notify);
2440 }
2441
2442 gpg_error_t try_xml_decrypt(assuan_context_t ctx, gint fd, struct stat st,
2443 guchar *key)
2444 {
2445 guchar *iv;
2446 void *inbuf;
2447 gsize insize, len;
2448 guchar tkey[gcrykeysize];
2449 struct file_header_s {
2450 guint iter;
2451 guchar iv[gcryblocksize];
2452 } file_header;
2453 struct client_s *client = ctx ? assuan_get_pointer(ctx) : NULL;
2454 gcry_cipher_hd_t gh;
2455 guint iter = 0, n_iter = 0;
2456 gint iter_progress;
2457 void *outbuf = NULL;
2458 gint zerror = 0;
2459 glong outsize = 0;
2460 gpg_error_t error;
2461
2462 if (!ctx) {
2463 error = gcry_cipher_open(&gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
2464
2465 if (error)
2466 return error;
2467 }
2468 else
2469 gh = client->gh;
2470
2471 lseek(fd, 0, SEEK_SET);
2472 insize = st.st_size - sizeof(struct file_header_s);
2473 iv = gcry_malloc(gcryblocksize);
2474
2475 if (!iv) {
2476 if (!ctx)
2477 gcry_cipher_close(gh);
2478
2479 return gpg_error_from_errno(ENOMEM);
2480 }
2481
2482 len = pth_read(fd, &file_header, sizeof(struct file_header_s));
2483
2484 if (len != sizeof(file_header)) {
2485 len = errno;
2486
2487 if (!ctx)
2488 gcry_cipher_close(gh);
2489
2490 gcry_free(iv);
2491 errno = len;
2492 return gpg_error_from_errno(errno);
2493 }
2494
2495 memcpy(iv, &file_header.iv, sizeof(file_header.iv));
2496 inbuf = gcry_malloc(insize);
2497
2498 if (!inbuf) {
2499 if (!ctx)
2500 gcry_cipher_close(gh);
2501
2502 gcry_free(iv);
2503 return gpg_error_from_errno(ENOMEM);
2504 }
2505
2506 len = pth_read(fd, inbuf, insize);
2507
2508 if (len != insize) {
2509 len = errno;
2510
2511 if (!ctx)
2512 gcry_cipher_close(gh);
2513
2514 gcry_free(iv);
2515 errno = len;
2516 return gpg_error_from_errno(errno);
2517 }
2518
2519 memcpy(tkey, key, sizeof(tkey));
2520 tkey[0] ^= 1;
2521
2522 if ((error = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2523 if (!ctx) {
2524 gcry_cipher_close(gh);
2525 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2526 }
2527 else
2528 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2529
2530 gcry_free(inbuf);
2531 gcry_free(iv);
2532 return error;
2533 }
2534
2535 if ((error = gcry_cipher_setkey(gh, key, gcrykeysize))) {
2536 if (!ctx) {
2537 gcry_cipher_close(gh);
2538 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2539 }
2540 else
2541 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2542
2543 gcry_free(inbuf);
2544 gcry_free(iv);
2545
2546 if (!ctx)
2547 gcry_cipher_close(gh);
2548
2549 return error;
2550 }
2551
2552 iter_progress = get_key_file_integer("default", "iteration_progress");
2553
2554 if (ctx && iter_progress > 0 && file_header.iter >= iter_progress) {
2555 error = assuan_write_status(client->ctx, "DECRYPT", "0");
2556
2557 if (error) {
2558 gcry_free(inbuf);
2559 gcry_free(iv);
2560 return error;
2561 }
2562 }
2563
2564 error = decrypt_xml(gh, inbuf, insize, NULL, 0);
2565
2566 if (error) {
2567 gcry_free(inbuf);
2568 gcry_free(iv);
2569 return error;
2570 }
2571
2572 if ((error = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
2573 if (!ctx) {
2574 gcry_cipher_close(gh);
2575 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2576 }
2577 else
2578 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2579
2580 gcry_free(inbuf);
2581 gcry_free(iv);
2582 return error;
2583 }
2584
2585 while (iter < file_header.iter) {
2586 if (ctx && iter_progress > 0 && iter >= iter_progress) {
2587 if (!(iter % iter_progress)) {
2588 error = assuan_write_status(ctx, "DECRYPT", print_fmt("%i",
2589 ++n_iter * iter_progress));
2590
2591 if (error) {
2592 gcry_free(inbuf);
2593 gcry_free(iv);
2594 return error;
2595 }
2596 }
2597 }
2598
2599 if ((error = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2600 if (!ctx) {
2601 gcry_cipher_close(gh);
2602 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2603 }
2604 else
2605 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2606
2607 gcry_free(inbuf);
2608 gcry_free(iv);
2609 return error;
2610 }
2611
2612 error = decrypt_xml(gh, inbuf, insize, NULL, 0);
2613
2614 if (error) {
2615 if (!ctx) {
2616 gcry_cipher_close(gh);
2617 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2618 }
2619 else
2620 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2621
2622 gcry_free(inbuf);
2623 gcry_free(iv);
2624 return error;
2625 }
2626
2627 iter++;
2628 pth_yield(NULL);
2629 }
2630
2631 if (ctx && iter_progress && file_header.iter >= iter_progress) {
2632 error = assuan_write_status(ctx, "DECRYPT", print_fmt("%i", file_header.iter));
2633
2634 if (error) {
2635 gcry_free(inbuf);
2636 gcry_free(iv);
2637 return error;
2638 }
2639 }
2640
2641 gcry_free(iv);
2642
2643 if (do_decompress(ctx, inbuf, insize, &outbuf, &outsize, &zerror) == FALSE) {
2644 /*
2645 * Z_DATA_ERROR may be returned if this file hasn't been compressed yet.
2646 */
2647 if (zerror == Z_MEM_ERROR) {
2648 gcry_free(inbuf);
2649 return gpg_error_from_errno(ENOMEM);
2650 }
2651 else if (zerror != Z_DATA_ERROR) {
2652 gcry_free(inbuf);
2653
2654 if (!ctx)
2655 gcry_cipher_close(gh);
2656
2657 return EPWMD_BADKEY;
2658 }
2659 }
2660 else {
2661 gcry_free(inbuf);
2662 inbuf = outbuf;
2663 insize = outsize;
2664 }
2665
2666 if (g_strncasecmp(inbuf, "<?xml version=\"1.0\"?>", 21) != 0) {
2667 gcry_free(inbuf);
2668
2669 if (!ctx)
2670 gcry_cipher_close(gh);
2671
2672 return EPWMD_BADKEY;
2673 }
2674
2675 if (ctx) {
2676 client->xml = inbuf;
2677 client->len = insize;
2678 }
2679 else {
2680 gcry_cipher_close(gh);
2681 gcry_free(inbuf);
2682 }
2683
2684 return 0;
2685 }
2686
2687 /*
2688 * This is called after every Assuan command.
2689 */
2690 void command_finalize(assuan_context_t ctx, gint error)
2691 {
2692 struct client_s *client = assuan_get_pointer(ctx);
2693
2694 unlock_file_mutex(client);
2695 }
A server for managing passphrases and anything else.