2 Copyright (C) 2006-2018 Ben Kibbey <bjk@luxsci.net>
4 This file is part of pwmd.
6 Pwmd is free software: you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation, either version 2 of the License, or
9 (at your option) any later version.
11 Pwmd is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
28 #include <sys/types.h>
38 #include "pwmd-error.h"
43 #include "util-misc.h"
52 /* These are command option flags. */
53 #define OPT_INQUIRE 0x0001
54 #define OPT_NO_PASSPHRASE 0x0002
55 #define OPT_ASK 0x0004
56 #define OPT_LIST_RECURSE 0x0008
57 #define OPT_VERBOSE 0x0010
58 #define OPT_LOCK 0x0020
59 #define OPT_LOCK_ON_OPEN 0x0040
60 #define OPT_SIGN 0x0080
61 #define OPT_LIST_ALL 0x0100
62 #define OPT_DATA 0x0200
63 #define OPT_NO_AGENT 0x0400
64 #define OPT_SECRET 0x0800
65 #define OPT_INQUIRE_KEYID 0x1000
66 #define OPT_SYMMETRIC 0x4000
67 #define OPT_NO_SIGNER 0x8000
68 #define OPT_HTML 0x10000
69 #define OPT_CACHE_AGENT 0x20000
70 #define OPT_CACHE_SIGN 0x40000
71 #define OPT_KEYINFO_LEARN 0x80000
73 #define FLOCK_TYPE_NONE 0
74 #define FLOCK_TYPE_SH 0x0001
75 #define FLOCK_TYPE_EX 0x0002
76 #define FLOCK_TYPE_KEEP 0x0004
78 static char env_display
[256];
79 static char env_gpg_tty
[256];
80 static char env_term
[256];
81 static struct command_table_s
**command_table
;
83 static gpg_error_t
do_lock (struct client_s
*client
, int add
);
84 static gpg_error_t
validate_checksum (struct client_s
*, const char *filename
,
85 struct cache_data_s
*, unsigned char **,
87 static gpg_error_t
update_checksum (struct client_s
*client
,
88 unsigned char *from_crc
, size_t crclen
);
89 static gpg_error_t
command_startup (assuan_context_t ctx
, const char *name
);
90 static void command_finalize (assuan_context_t ctx
, gpg_error_t rc
);
92 /* When 'status' is true the 'self' field of the status line will be false
93 * because we never send the STATE status message to the same client that
96 build_client_info_line (struct client_thread_s
*thd
, int status
)
98 char *uid
, *username
= NULL
;
103 uid
= str_asprintf("#%s", thd
->tls
->fp
);
106 uid
= str_asprintf("%u", thd
->peer
->uid
);
107 username
= get_username (thd
->peer
->uid
);
110 uid
= str_asprintf("%u", thd
->peer
->uid
);
111 username
= get_username (thd
->peer
->uid
);
113 line
= str_asprintf ("%p %s %s %s %u %u %u %s %s %u",
115 thd
->name
? thd
->name
: "-",
116 thd
->cl
&& thd
->cl
->filename
117 && (thd
->cl
->flags
& FLAG_OPEN
)
118 ? thd
->cl
->filename
: "/",
120 thd
->remote
? thd
->peeraddr
: "-",
124 thd
->cl
&& thd
->cl
->flags
& FLAG_HAS_LOCK
? 1 : 0,
125 !status
&& pthread_equal (pthread_self (), thd
->tid
) ? 1 : 0,
128 thd
->remote
? "-" : username
,
141 update_client_state (struct client_s
*client
, unsigned s
)
143 MUTEX_LOCK (&cn_mutex
);
144 client
->thd
->state
= s
;
145 MUTEX_UNLOCK (&cn_mutex
);
147 if (client
->thd
->state
!= CLIENT_STATE_UNKNOWN
)
149 char *line
= build_client_info_line (client
->thd
, 1);
151 pthread_cleanup_push (xfree
, line
);
153 send_status_all_not_self (STATUS_STATE
, "%s", line
);
154 pthread_cleanup_pop (1);
159 unlock_file_mutex (struct client_s
*client
, int remove
)
163 // OPEN: keep the lock for the same file being reopened.
164 if (client
->flags
& FLAG_KEEP_LOCK
&& client
->flags
& FLAG_HAS_LOCK
)
167 if (!(client
->flags
& FLAG_HAS_LOCK
))
168 return GPG_ERR_NOT_LOCKED
;
170 rc
= cache_unlock_mutex (client
->filename
, remove
);
172 rc
= GPG_ERR_INV_STATE
;
174 client
->flags
&= ~(FLAG_HAS_LOCK
| FLAG_LOCK_CMD
);
180 lock_file_mutex (struct client_s
*client
, int add
)
183 long timeout
= config_get_long (client
->filename
, "cache_timeout");
185 if (client
->flags
& FLAG_HAS_LOCK
)
188 rc
= cache_lock_mutex (client
->ctx
, client
->filename
,
189 client
->lock_timeout
, add
, timeout
);
191 client
->flags
|= FLAG_HAS_LOCK
;
197 file_modified (struct client_s
*client
, struct command_table_s
*cmd
)
200 int type
= !cmd
->flock_type
|| (cmd
->flock_type
& FLOCK_TYPE_SH
)
203 if (!(client
->flags
& FLAG_OPEN
))
204 return GPG_ERR_INV_STATE
;
206 rc
= lock_file_mutex (client
, 0);
207 if (rc
&& rc
!= GPG_ERR_NO_DATA
)
210 rc
= lock_flock (client
->ctx
, client
->filename
, type
, &client
->flock_fd
);
213 rc
= validate_checksum (client
, client
->filename
, NULL
, NULL
, NULL
, 0);
214 if (gpg_err_code (rc
) == GPG_ERR_ENOENT
&& (client
->flags
& FLAG_NEW
))
217 log_write ("%s: %s", client
->filename
, pwmd_strerror (rc
));
219 else if (gpg_err_code (rc
) == GPG_ERR_ENOENT
)
222 /* FLAG_HAS_LOCK may have been set by the LOCK command or OPEN --lock. */
223 if ((cmd
->unlock
&& !(client
->flags
& FLAG_HAS_LOCK
)) || rc
)
224 unlock_file_mutex (client
, 0);
226 if (rc
|| !(cmd
->flock_type
& FLOCK_TYPE_KEEP
))
227 unlock_flock (&client
->flock_fd
);
233 parse_xml (assuan_context_t ctx
, int new)
235 struct client_s
*client
= assuan_get_pointer (ctx
);
236 int cached
= client
->doc
!= NULL
;
241 client
->doc
= xml_new_document ();
247 xmlDocDumpFormatMemory (client
->doc
, &result
, &len
, 0);
248 client
->crypto
->plaintext
= result
;
249 client
->crypto
->plaintext_size
= len
;
250 if (!client
->crypto
->plaintext
)
252 xmlFreeDoc (client
->doc
);
261 rc
= xml_parse_doc ((char *) client
->crypto
->plaintext
,
262 client
->crypto
->plaintext_size
,
263 (xmlDocPtr
*)&client
->doc
);
269 free_client (struct client_s
*client
)
271 cache_plaintext_release (&client
->doc
);
273 xfree (client
->filename
);
274 xfree (client
->last_error
);
275 crypto_free (client
->crypto
);
276 client
->crypto
= NULL
;
280 reset_client (struct client_s
*client
)
282 assuan_context_t ctx
= client
->ctx
;
283 struct client_thread_s
*thd
= client
->thd
;
284 long lock_timeout
= client
->lock_timeout
;
285 xmlErrorPtr xml_error
= client
->xml_error
;
286 int no_pinentry
= (client
->flags
& FLAG_NO_PINENTRY
);
287 int flock_fd
= client
->flock_fd
;
289 unlock_file_mutex (client
, client
->flags
& FLAG_NEW
);
290 free_client (client
);
291 memset (client
, 0, sizeof (struct client_s
));
292 client
->flock_fd
= flock_fd
;
293 client
->xml_error
= xml_error
;
296 client
->lock_timeout
= lock_timeout
;
297 client
->flags
|= no_pinentry
? FLAG_NO_PINENTRY
: 0;
306 strv_free ((char **) arg
);
310 parse_open_opt_lock (void *data
, void *value
)
312 struct client_s
*client
= data
;
315 client
->opts
|= OPT_LOCK_ON_OPEN
;
320 parse_opt_inquire (void *data
, void *value
)
322 struct client_s
*client
= data
;
325 client
->opts
|= OPT_INQUIRE
;
330 update_checksum (struct client_s
*client
, unsigned char *from_crc
,
335 struct cache_data_s
*cdata
;
340 rc
= get_checksum (client
->filename
, &crc
, &len
);
351 client
->crc
= xmalloc (len
);
352 memcpy (client
->crc
, crc
, len
);
353 pthread_cleanup_push (xfree
, crc
);
354 cdata
= cache_get_data (client
->filename
, NULL
);
355 pthread_cleanup_pop (0);
359 cdata
->crc
= xmalloc (len
);
360 memcpy (cdata
->crc
, crc
, len
);
369 validate_checksum (struct client_s
*client
, const char *filename
,
370 struct cache_data_s
*cdata
, unsigned char **r_crc
,
371 size_t *r_crclen
, int from_cdata
)
378 if (cdata
&& !cdata
->crc
)
379 return GPG_ERR_CHECKSUM
;
381 rc
= get_checksum (filename
, &crc
, &len
);
386 n
= memcmp (client
->crc
, crc
, len
);
387 else if ((client
->flags
& FLAG_NEW
) && cache_get_data (filename
, NULL
))
390 if ((!n
&& cdata
) || (from_cdata
&& cdata
&& crc
))
391 n
= memcmp (cdata
->crc
, crc
, len
);
401 return n
? GPG_ERR_CHECKSUM
: 0;
405 open_command (assuan_context_t ctx
, char *line
)
408 struct client_s
*client
= assuan_get_pointer (ctx
);
410 assuan_peercred_t peer
;
411 struct cache_data_s
*cdata
= NULL
;
413 unsigned char *crc
= NULL
;
416 struct argv_s
*args
[] = {
417 &(struct argv_s
) {"lock", OPTION_TYPE_NOARG
, parse_open_opt_lock
},
421 rc
= parse_options (&line
, args
, client
, 1);
423 return send_error (ctx
, rc
);
425 rc
= do_validate_peer (ctx
, line
, &peer
);
426 if (rc
== GPG_ERR_FORBIDDEN
)
428 rc
= peer_is_invoker (client
);
429 if (rc
== GPG_ERR_EACCES
)
430 rc
= GPG_ERR_FORBIDDEN
;
434 return send_error (ctx
, rc
);
436 if (!valid_filename (line
))
437 return send_error (ctx
, GPG_ERR_INV_VALUE
);
439 /* This client may have locked a different file with ISCACHED --lock than
440 * the current filename. This will remove that lock. */
441 same_file
= client
->filename
&& !strcmp (line
, client
->filename
);
442 if (client
->flags
& FLAG_OPEN
||
443 (client
->flags
& FLAG_HAS_LOCK
&& !same_file
))
445 unsigned opts
= client
->opts
;
446 unsigned flags
= client
->flags
;
449 client
->flags
|= FLAG_KEEP_LOCK
;
451 /* Another client wrote to the same data file as currently opened. */
452 cdata
= cache_get_data (client
->filename
, NULL
);
453 if (cdata
&& cdata
->crc
)
455 /* Remove cache entry for the new file that hadn't been written. */
456 else if (client
->flags
& FLAG_NEW
)
457 cache_clear (NULL
, client
->filename
, 0, 0);
460 reset_client (client
);
462 client
->flags
|= flags
;
463 client
->flags
&= ~(FLAG_LOCK_CMD
);
465 client
->flags
&= ~(FLAG_HAS_LOCK
| FLAG_NEW
);
468 client
->filename
= str_dup (line
);
469 if (!client
->filename
)
470 return send_error(ctx
, GPG_ERR_ENOMEM
);
472 /* Need to lock the mutex here because file_modified() cannot without
473 * knowing the filename. */
474 rc
= lock_file_mutex (client
, 1);
476 client
->flags
&= ~FLAG_OPEN
;
480 rc
= lock_flock (ctx
, client
->filename
, LOCK_SH
, &client
->flock_fd
);
481 if (gpg_err_code (rc
) == GPG_ERR_ENOENT
)
487 char *keyfile
= config_get_string (client
->filename
, "passphrase_file");
489 rc
= crypto_init (&client
->crypto
, client
->ctx
, client
->filename
,
490 client
->flags
& FLAG_NO_PINENTRY
, keyfile
);
494 rc
= open_check_file (client
->filename
, NULL
, NULL
, 1);
497 if (!rc
|| gpg_err_code (rc
) == GPG_ERR_ENOENT
)
506 if (config_get_boolean ("global", "strict_open"))
508 rc
= peer_is_invoker (client
);
509 if (rc
== GPG_ERR_EACCES
)
510 rc
= GPG_ERR_FORBIDDEN
;
515 client
->flags
|= FLAG_NEW
;
516 // data file disappeared. clear the cache entry.
517 cache_clear (NULL
, client
->filename
, 1, 1);
524 cdata
= cache_get_data (client
->filename
, &defer
);
526 && !cache_plaintext_get (client
->filename
, &client
->doc
))
528 rc
= validate_checksum (client
, client
->filename
, cdata
, &crc
,
532 log_write ("%s: %s", client
->filename
,
534 cache_plaintext_release (&client
->doc
);
535 if (rc
== GPG_ERR_CHECKSUM
)
537 cache_clear (NULL
, client
->filename
, 1, 1);
544 if (!rc
&& client
->thd
->remote
545 && config_get_boolean (client
->filename
, "tcp_require_key")
546 && !(client
->flags
& FLAG_NEW
))
548 rc
= crypto_try_decrypt (client
,
549 (client
->flags
& FLAG_NO_PINENTRY
));
554 strv_free (client
->crypto
->pubkey
);
555 client
->crypto
->pubkey
= NULL
;
557 client
->crypto
->pubkey
= strv_dup (cdata
->pubkey
);
559 xfree (client
->crypto
->sigkey
);
560 client
->crypto
->sigkey
= NULL
;
562 client
->crypto
->sigkey
= str_dup (cdata
->sigkey
);
568 else if (cdata
&& cdata
->doc
) // cached document
570 if (!rc
&& !(client
->flags
& FLAG_NEW
))
572 rc
= validate_checksum (client
, client
->filename
, cdata
, &crc
,
574 if (rc
== GPG_ERR_CHECKSUM
)
583 rc
= cache_iscached (client
->filename
, &defer
, 0, 0);
584 if ((!rc
|| rc
== GPG_ERR_ENOENT
) && defer
)
594 log_write ("%s: %s", client
->filename
,
595 pwmd_strerror (GPG_ERR_CHECKSUM
));
596 cache_clear (NULL
, client
->filename
, 1, 1);
598 rc
= crypto_decrypt (client
, client
->crypto
);
603 if (client
->thd
->remote
604 && config_get_boolean (client
->filename
, "tcp_require_key")
605 && !(client
->flags
& FLAG_NEW
))
606 rc
= crypto_try_decrypt (client
,
607 (client
->flags
& FLAG_NO_PINENTRY
));
613 client
->crypto
->plaintext
= cdata
->doc
;
614 client
->crypto
->plaintext_size
= cdata
->size
;
615 rc
= cache_decrypt (client
->crypto
);
621 strv_free (client
->crypto
->pubkey
);
622 client
->crypto
->pubkey
= NULL
;
624 client
->crypto
->pubkey
= strv_dup (cdata
->pubkey
);
626 xfree (client
->crypto
->sigkey
);
627 client
->crypto
->sigkey
= NULL
;
629 client
->crypto
->sigkey
= str_dup (cdata
->sigkey
);
635 client
->crypto
->plaintext
= NULL
;
636 client
->crypto
->plaintext_size
= 0;
640 else // existing file
643 cached
= cdata
!= NULL
;
644 rc
= crypto_decrypt (client
, client
->crypto
);
649 if (!rc
&& !plaintext
)
651 rc
= parse_xml (ctx
, client
->flags
& FLAG_NEW
);
654 rc
= cache_encrypt (client
->crypto
);
656 cache_clear (NULL
, client
->filename
, 1, 1);
659 long timeout
= config_get_long (client
->filename
,
662 cache_free_data_once (cdata
);
663 cdata
= xcalloc (1, sizeof (struct cache_data_s
));
664 cdata
->doc
= client
->crypto
->plaintext
;
665 cdata
->size
= client
->crypto
->plaintext_size
;
666 cdata
->pubkey
= strv_dup(client
->crypto
->pubkey
);
667 cdata
->sigkey
= client
->crypto
->sigkey
? str_dup(client
->crypto
->sigkey
) : NULL
;
668 client
->crypto
->plaintext
= NULL
;
669 client
->crypto
->plaintext_size
= 0;
671 if (cached
) // wont increment the refcount
678 cdata
->crc
= xmalloc (crclen
);
679 memcpy (cdata
->crc
, crc
, crclen
);
682 rc
= cache_set_data (client
->filename
, cdata
);
683 /* The cache entry may have been removed and cache_set_data()
684 * already sent STATUS_CACHE. */
685 if (!cache_iscached (client
->filename
, NULL
, 0, 0))
686 rc
= send_status (ctx
, STATUS_CACHE
, NULL
);
689 rc
= cache_add_file (client
->filename
, cdata
, timeout
);
692 cache_plaintext_set (client
->filename
, client
->doc
, 0);
702 client
->crc
= xmalloc (crclen
);
703 memcpy (client
->crc
, crc
, crclen
);
709 if (!rc
&& !(client
->flags
& FLAG_NEW
) && !cached
)
710 rc
= update_checksum (client
, NULL
, 0);
714 client
->flags
|= FLAG_OPEN
;
716 if (client
->flags
& FLAG_NEW
)
717 rc
= send_status (ctx
, STATUS_NEWFILE
, NULL
);
719 if (!rc
&& (client
->opts
& OPT_LOCK_ON_OPEN
))
720 rc
= do_lock (client
, 0);
725 log_write ("%s: %s", client
->filename
, pwmd_strerror (rc
));
727 if (client
->flags
& FLAG_NEW
)
728 cache_clear (NULL
, client
->filename
, 1, 1);
730 crypto_free (client
->crypto
);
731 client
->crypto
= NULL
;
732 client
->flags
&= ~FLAG_OPEN
;
733 cache_plaintext_release (&client
->doc
);
736 crypto_free_non_keys (client
->crypto
);
738 return send_error (ctx
, rc
);
741 /* If not an invoking_user or is an existing file, check that the list of user
742 * supplied key ID's are in the list of current key ID's obtained when
743 * decrypting the data file.
746 permitted_to_save (struct client_s
*client
, const char **keys
,
752 if ((client
->flags
& FLAG_NEW
) || (client
->opts
& OPT_SYMMETRIC
))
755 rc
= peer_is_invoker (client
);
758 else if (rc
== GPG_ERR_EACCES
)
759 rc
= GPG_ERR_FORBIDDEN
;
764 if ((!value
&& !keys
) || ((value
&& !*value
) && (keys
&& !*keys
)))
767 for (v
= value
; v
&& *v
; v
++)
769 const char **k
, *pv
= *v
;
772 if (*pv
== '0' && *(pv
+1) == 'x')
775 for (k
= keys
; k
&& *k
; k
++)
779 if (*pk
== '0' && *(pk
+1) == 'x')
782 rc
= !strcmp (pv
, pk
) ? 0 : GPG_ERR_FORBIDDEN
;
784 rc
= !strcmp (pv
, *k
) ? 0 : GPG_ERR_FORBIDDEN
;
794 return GPG_ERR_FORBIDDEN
;
800 /* Requires that the keyid be a fingerprint in 16 byte form. */
802 parse_save_opt_keyid_common (struct client_s
*client
, const char **list
,
803 const char *value
, char ***dst
)
810 keys
= str_split (value
, ",", 0);
812 return GPG_ERR_ENOMEM
;
815 rc
= crypto_keyid_to_16b (keys
);
817 rc
= permitted_to_save (client
, list
, (const char **)keys
);
828 parse_save_opt_keyid (void *data
, void *value
)
830 struct client_s
*client
= data
;
831 const char *str
= value
;
835 rc
= parse_save_opt_keyid_common (client
,
836 (const char **)client
->crypto
->pubkey
,
841 client
->crypto
->save
.pubkey
= dst
;
846 parse_save_opt_sign_keyid (void *data
, void *value
)
848 struct client_s
*client
= data
;
849 const char *str
= value
;
854 if (client
->crypto
->sigkey
)
856 if (!strv_printf (&tmp
, "%s", client
->crypto
->sigkey
))
857 return GPG_ERR_ENOMEM
;
860 rc
= parse_save_opt_keyid_common (client
, (const char **)tmp
, str
, &dst
);
866 client
->opts
|= OPT_NO_SIGNER
;
868 client
->crypto
->save
.sigkey
= str_dup (*dst
);
875 parse_save_opt_inquire_keyid (void *data
, void *value
)
877 struct client_s
*client
= data
;
881 if (!(client
->flags
& FLAG_NEW
))
883 gpg_error_t rc
= peer_is_invoker (client
);
886 return rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
;
889 client
->opts
|= OPT_INQUIRE_KEYID
;
894 parse_save_opt_symmetric (void *data
, void *value
)
896 struct client_s
*client
= data
;
899 client
->opts
|= OPT_SYMMETRIC
;
904 parse_genkey_opt_userid (void *data
, void *value
)
906 struct client_s
*client
= data
;
908 if (!(client
->flags
& FLAG_NEW
))
910 gpg_error_t rc
= peer_is_invoker (client
);
913 return rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
;
916 client
->crypto
->save
.userid
= str_dup (value
);
917 return client
->crypto
->save
.userid
? 0 : GPG_ERR_ENOMEM
;
921 parse_genkey_opt_algo (void *data
, void *value
)
923 struct client_s
*client
= data
;
925 client
->crypto
->save
.algo
= str_dup (value
);
926 return client
->crypto
->save
.algo
? 0 : GPG_ERR_ENOMEM
;
930 parse_genkey_opt_no_expire (void *data
, void *value
)
932 struct client_s
*client
= data
;
934 client
->crypto
->save
.flags
|= GPGME_CREATE_NOEXPIRE
;
939 parse_genkey_opt_expire (void *data
, void *value
)
941 struct client_s
*client
= data
;
947 t
= strtoul (value
, &p
, 10);
949 if (!errno
&& p
&& *p
)
950 rc
= GPG_ERR_INV_VALUE
;
951 else if (t
== ULONG_MAX
)
952 rc
= GPG_ERR_INV_VALUE
;
954 rc
= gpg_error_from_syserror ();
956 client
->crypto
->save
.expire
= t
;
962 parse_genkey_opt_no_passphrase (void *data
, void *value
)
964 struct client_s
*client
= data
;
967 client
->crypto
->save
.flags
|= GPGME_CREATE_NOPASSWD
;
971 /* Tests that the keys in new_keys are also in old_keys. */
973 compare_keys (char **new_keys
, char **old_keys
)
977 if (!old_keys
|| !*old_keys
)
980 crypto_keyid_to_16b (new_keys
);
982 for (o
= old_keys
; *o
; o
++)
986 for (n
= new_keys
; *n
; n
++)
988 if (!strcmp (*n
, *o
))
993 return GPG_ERR_NOT_FOUND
;
1000 inquire_keyid (struct client_s
*client
)
1003 unsigned char *result
= NULL
;
1005 const char *s
= "KEYID";
1009 orig
= &client
->crypto
->pubkey
;
1010 save
= &client
->crypto
->save
.pubkey
;
1011 rc
= assuan_inquire (client
->ctx
, s
, &result
, &len
, 0);
1016 rc
= parse_save_opt_keyid_common (client
, (const char **)*orig
,
1017 (char *)result
, &dst
);
1027 /* When a key lookup in gpg-agent's cache fails, the agent tries the last
1028 * successful key to be unlocked. This prevents pwmd from successfully
1029 * clearing a signing key since the previous key, which more than likely
1030 * belongs to the same keypair as the encryption/decryption key, will have the
1031 * passphrase cached and therefore the signing key also cached. So we need to
1032 * clear both the signing and encryption keys to get the effect of requiring a
1033 * passphrase when generating a new keypair for an existing data file, or when
1034 * the "require_save_key" configuration parameter is set. This parameter is
1035 * mostly a failsafe of the gpg-agent option --ignore-cache-for-signing since
1036 * some/most/all users may fail to set it.
1039 save_command (assuan_context_t ctx
, char *line
)
1041 struct client_s
*client
= assuan_get_pointer (ctx
);
1042 struct cache_data_s
*cdata
= NULL
;
1044 gpg_error_t rc
= 0, cache_rc
= 0;
1046 struct argv_s
*args
[] = {
1047 &(struct argv_s
) {"keyid", OPTION_TYPE_ARG
, parse_save_opt_keyid
},
1048 &(struct argv_s
) {"inquire-keyid", OPTION_TYPE_NOARG
,
1049 parse_save_opt_inquire_keyid
},
1050 &(struct argv_s
) {"sign-keyid", OPTION_TYPE_OPTARG
,
1051 parse_save_opt_sign_keyid
},
1052 &(struct argv_s
) {"symmetric", OPTION_TYPE_NOARG
,
1053 parse_save_opt_symmetric
},
1057 crypto_free_save (&client
->crypto
->save
);
1058 client
->crypto
->save
.expire
= DEFAULT_EXPIRE
;
1060 rc
= crypto_is_symmetric (client
->filename
);
1061 if (!rc
|| rc
== GPG_ERR_BAD_DATA
|| rc
== GPG_ERR_ENOENT
)
1065 client
->opts
|= OPT_SYMMETRIC
;
1068 else if (rc
== GPG_ERR_ENOENT
&& (client
->flags
& FLAG_NEW
))
1075 return send_error (ctx
, rc
);
1077 rc
= parse_options (&line
, args
, client
, 0);
1079 return send_error (ctx
, rc
);
1081 if (config_get_boolean (client
->filename
, "require_save_key")
1082 || (client
->opts
& OPT_SYMMETRIC
))
1083 client
->opts
|= OPT_ASK
;
1085 rc
= open_check_file (client
->filename
, NULL
, NULL
, 1);
1086 if (rc
&& gpg_err_code (rc
) != GPG_ERR_ENOENT
)
1088 log_write ("%s: %s", client
->filename
, pwmd_strerror (rc
));
1089 return send_error (ctx
, rc
);
1093 cache_rc
= rc
= cache_iscached (client
->filename
, &defer
, 0, 1);
1095 if (gpg_err_code (rc
) == GPG_ERR_ENOENT
&& (client
->flags
& FLAG_NEW
))
1097 else if (gpg_err_code (rc
) == GPG_ERR_NO_DATA
)
1101 return send_error (ctx
, rc
);
1103 /* Specifying both a recipient and symmetric encryption is an error. */
1104 if ((client
->opts
& OPT_INQUIRE_KEYID
) && (client
->opts
& OPT_SYMMETRIC
))
1105 return send_error (ctx
, GPG_ERR_CONFLICT
);
1106 /* Existing file with a recipient and wanting symmetric is an error. */
1107 else if ((client
->opts
& OPT_SYMMETRIC
) && client
->crypto
->save
.pubkey
)
1108 return send_error (ctx
, GPG_ERR_CONFLICT
);
1109 else if (client
->crypto
->save
.pubkey
&& (client
->opts
& OPT_INQUIRE_KEYID
))
1110 return send_error (ctx
, GPG_ERR_CONFLICT
);
1111 else if (!sym
&& (client
->opts
& OPT_SYMMETRIC
) && !(client
->flags
& FLAG_NEW
))
1112 return send_error (ctx
, GPG_ERR_CONFLICT
);
1113 /* New file that is not symmetric without either a recipient or signer. */
1114 else if ((client
->flags
& FLAG_NEW
) && !(client
->opts
& OPT_SYMMETRIC
)
1115 && (!client
->crypto
->save
.pubkey
|| !client
->crypto
->save
.sigkey
))
1116 return send_error (ctx
, GPG_ERR_SYNTAX
);
1117 else if (client
->opts
& OPT_INQUIRE_KEYID
)
1118 rc
= inquire_keyid (client
);
1122 client
->crypto
->keyfile
= config_get_string (client
->filename
,
1124 rc
= crypto_init_ctx (client
->crypto
, (client
->flags
& FLAG_NO_PINENTRY
),
1125 client
->crypto
->keyfile
);
1128 if (!rc
&& (client
->flags
& FLAG_NEW
))
1130 /* Require --keyid when --sign-keyid exists to keep KEYINFO
1132 if (!client
->crypto
->save
.pubkey
&& client
->crypto
->save
.sigkey
1133 && !(client
->opts
& OPT_SYMMETRIC
))
1134 rc
= GPG_ERR_NO_PUBKEY
;
1138 cdata
= cache_get_data (client
->filename
, NULL
);
1141 if (client
->crypto
->save
.pubkey
)
1142 rc
= compare_keys (client
->crypto
->save
.pubkey
, cdata
->pubkey
);
1144 /* Always allow a signer for symmetric data files. */
1145 if (!rc
&& client
->crypto
->save
.sigkey
1146 && !(client
->opts
& OPT_SYMMETRIC
))
1147 rc
= !strcmp (client
->crypto
->save
.sigkey
, cdata
->sigkey
)
1148 ? 0 : GPG_ERR_NOT_FOUND
;
1150 /* Prevent saving to a recipient who is not in the original recipient
1151 * list without a passphrase. */
1152 if (rc
|| (client
->crypto
->sigkey
&& (client
->opts
& OPT_NO_SIGNER
)))
1153 client
->opts
|= OPT_ASK
;
1155 if (rc
== GPG_ERR_NOT_FOUND
)
1157 rc
= peer_is_invoker (client
);
1158 if (rc
== GPG_ERR_EACCES
)
1159 rc
= GPG_ERR_FORBIDDEN
;
1162 if (!client
->crypto
->save
.pubkey
1163 && !(client
->opts
& OPT_SYMMETRIC
))
1164 client
->crypto
->save
.pubkey
= strv_dup (cdata
->pubkey
);
1166 if (!rc
&& !client
->crypto
->save
.sigkey
&& cdata
->sigkey
1167 && !(client
->opts
& OPT_NO_SIGNER
))
1168 client
->crypto
->save
.sigkey
= str_dup (cdata
->sigkey
);
1169 else if (!rc
&& !client
->crypto
->save
.sigkey
1170 && (client
->opts
& OPT_NO_SIGNER
)
1171 && !(client
->opts
& OPT_SYMMETRIC
))
1172 rc
= GPG_ERR_NO_SIGNATURE_SCHEME
;
1176 client
->crypto
->save
.pubkey
= strv_dup (client
->crypto
->pubkey
);
1177 client
->crypto
->save
.sigkey
= str_dup (client
->crypto
->sigkey
);
1181 if (!rc
&& !(client
->flags
& FLAG_NEW
))
1183 /* Fixes {NEW_,SIGN_}PASSPHRASE inquire keywords. See passphrase_cb(). */
1184 if (client
->opts
& OPT_SYMMETRIC
)
1185 client
->crypto
->flags
|= CRYPTO_FLAG_PASSWD
;
1187 if (client
->opts
& OPT_ASK
)
1189 rc
= cache_clear_agent_keys (client
->filename
, 1, 1);
1191 rc
= crypto_try_decrypt (client
, client
->flags
& FLAG_NO_PINENTRY
);
1195 if (!rc
&& client
->opts
& OPT_SYMMETRIC
)
1196 client
->crypto
->flags
|= CRYPTO_FLAG_PASSWD_NEW
;
1199 rc
= xml_update_element_mtime (client
, xmlDocGetRootElement (client
->doc
));
1205 xmlDocDumpFormatMemory (client
->doc
, &client
->crypto
->plaintext
, &size
,
1208 client
->crypto
->plaintext_size
= (size_t) size
;
1210 rc
= GPG_ERR_ENOMEM
;
1214 client
->crypto
->flags
|= (client
->opts
& OPT_SYMMETRIC
) ? CRYPTO_FLAG_SYMMETRIC
: 0;
1215 client
->crypto
->flags
|= (client
->flags
& FLAG_NEW
) ? CRYPTO_FLAG_NEWFILE
: 0;
1216 client
->crypto
->flags
|= !(client
->opts
& OPT_SYMMETRIC
) ? CRYPTO_FLAG_PASSWD_SIGN
: 0;
1217 rc
= crypto_encrypt (client
, client
->crypto
);
1218 client
->crypto
->flags
&= ~CRYPTO_FLAG_SYMMETRIC
;
1223 unsigned char *crc
= NULL
;
1226 rc
= crypto_write_file (client
->crypto
, &crc
, &crclen
);
1227 pthread_cleanup_push ((void *)xfree
, crc
);
1231 cdata
= cache_get_data (client
->filename
, NULL
);
1233 cdata
= xcalloc (1, sizeof (struct cache_data_s
));
1238 rc
= cache_encrypt (client
->crypto
);
1241 cache_clear (NULL
, client
->filename
, 1, 1);
1242 client
->flags
&= ~(FLAG_NEW
);
1244 strv_free (client
->crypto
->pubkey
);
1245 client
->crypto
->pubkey
= NULL
;
1246 if (client
->crypto
->save
.pubkey
)
1247 client
->crypto
->pubkey
= strv_dup (client
->crypto
->save
.pubkey
);
1249 xfree (client
->crypto
->sigkey
);
1250 client
->crypto
->sigkey
= NULL
;
1251 if (client
->crypto
->save
.sigkey
)
1252 client
->crypto
->sigkey
= str_dup (client
->crypto
->save
.sigkey
);
1258 long timeout
= config_get_long (client
->filename
, "cache_timeout");
1259 xmlDocPtr doc
= xmlCopyDoc (client
->doc
, 1);
1262 rc
= GPG_ERR_ENOMEM
;
1266 cache_plaintext_release (&client
->doc
);
1267 strv_free (cdata
->pubkey
);
1268 cdata
->pubkey
= client
->crypto
->save
.pubkey
;
1269 client
->crypto
->save
.pubkey
= NULL
;
1271 xfree (cdata
->sigkey
);
1272 cdata
->sigkey
= client
->crypto
->save
.sigkey
;
1273 client
->crypto
->save
.sigkey
= NULL
;
1278 /* cache_encrypt() does in-place encryption */
1280 cdata
->doc
= client
->crypto
->plaintext
;
1281 client
->crypto
->plaintext
= NULL
;
1282 cdata
->size
= client
->crypto
->plaintext_size
;
1283 client
->crypto
->plaintext_size
= 0;
1286 cache_plaintext_set (client
->filename
, client
->doc
, 0);
1288 /* Update in case the cache entry expires the next SAVE may
1289 * not have any known keys. */
1290 strv_free (client
->crypto
->pubkey
);
1291 client
->crypto
->pubkey
= NULL
;
1293 client
->crypto
->pubkey
= strv_dup (cdata
->pubkey
);
1295 xfree (client
->crypto
->sigkey
);
1296 client
->crypto
->sigkey
= NULL
;
1298 client
->crypto
->sigkey
= str_dup (cdata
->sigkey
);
1300 if (!cache_rc
) // wont increment refcount
1301 rc
= cache_set_data (client
->filename
, cdata
);
1303 rc
= cache_add_file (client
->filename
, cdata
, timeout
);
1306 if (!rc
&& (cache_rc
|| (client
->flags
& FLAG_NEW
)))
1307 send_status_all (STATUS_CACHE
, NULL
);
1311 rc
= update_checksum (client
, crc
, crclen
);
1312 client
->flags
&= ~(FLAG_NEW
);
1316 pthread_cleanup_pop (1);
1318 client
->did_cow
= 0;
1322 crypto_free_non_keys (client
->crypto
);
1323 return send_error (ctx
, rc
);
1327 parse_genkey_opt_usage (void *data
, void *v
)
1329 struct client_s
*client
= data
;
1332 if (!value
|| !*value
)
1333 return GPG_ERR_INV_VALUE
;
1334 else if (!strcmp (value
, "sign"))
1335 client
->crypto
->save
.flags
|= GPGME_CREATE_SIGN
;
1336 else if (!strcmp (value
, "encrypt"))
1337 client
->crypto
->save
.flags
|= GPGME_CREATE_ENCR
;
1338 else if (!strcmp (value
, "default"))
1339 client
->crypto
->save
.flags
&= ~(GPGME_CREATE_ENCR
|GPGME_CREATE_SIGN
);
1341 return GPG_ERR_INV_VALUE
;
1347 parse_genkey_opt_subkey_of (void *data
, void *v
)
1350 struct client_s
*client
= data
;
1352 char *tmp
[] = { value
, NULL
};
1353 gpgme_key_t
*keys
= NULL
;
1355 rc
= peer_is_invoker (client
);
1357 return rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
;
1359 if (!value
|| !*value
)
1360 return GPG_ERR_INV_VALUE
;
1362 rc
= crypto_list_keys (client
->crypto
, tmp
, 1, &keys
);
1366 if (!keys
|| !*keys
)
1368 crypto_free_key_list (keys
);
1369 return GPG_ERR_NO_SECKEY
;
1372 client
->crypto
->save
.mainkey
= keys
;
1377 genkey_command (assuan_context_t ctx
, char *line
)
1379 struct client_s
*client
= assuan_get_pointer (ctx
);
1380 struct crypto_s
*crypto
, *orig
;
1382 struct argv_s
*args
[] = {
1383 &(struct argv_s
) {"userid", OPTION_TYPE_ARG
,
1384 parse_genkey_opt_userid
},
1385 &(struct argv_s
) {"expire", OPTION_TYPE_ARG
,
1386 parse_genkey_opt_expire
},
1387 &(struct argv_s
) {"no-expire", OPTION_TYPE_NOARG
,
1388 parse_genkey_opt_no_expire
},
1389 &(struct argv_s
) {"algo", OPTION_TYPE_ARG
,
1390 parse_genkey_opt_algo
},
1391 &(struct argv_s
) {"no-passphrase", OPTION_TYPE_NOARG
,
1392 parse_genkey_opt_no_passphrase
},
1393 &(struct argv_s
) {"usage", OPTION_TYPE_ARG
,
1394 parse_genkey_opt_usage
},
1395 &(struct argv_s
) {"subkey-of", OPTION_TYPE_ARG
,
1396 parse_genkey_opt_subkey_of
},
1400 if (!(client
->flags
& FLAG_OPEN
))
1401 return send_error (ctx
, GPG_ERR_INV_STATE
);
1403 rc
= crypto_init (&crypto
, ctx
, client
->filename
,
1404 client
->flags
& FLAG_NO_PINENTRY
, NULL
);
1406 return send_error (ctx
, rc
);
1408 pthread_cleanup_push ((void *)crypto_free
, client
->crypto
);
1409 orig
= client
->crypto
;
1410 client
->crypto
= crypto
;
1411 rc
= parse_options (&line
, args
, client
, 0);
1414 if (!client
->crypto
->save
.userid
&& !client
->crypto
->save
.mainkey
)
1415 rc
= GPG_ERR_SYNTAX
;
1418 client
->crypto
->flags
|= CRYPTO_FLAG_NEWFILE
;
1419 rc
= crypto_genkey (client
, client
->crypto
);
1423 pthread_cleanup_pop (0);
1424 crypto_free (crypto
);
1425 client
->crypto
= orig
;
1426 return send_error (ctx
, rc
);
1430 do_delete (assuan_context_t ctx
, char *line
)
1432 struct client_s
*client
= assuan_get_pointer (ctx
);
1433 struct xml_request_s
*req
;
1437 if (!line
|| !*line
)
1438 return GPG_ERR_SYNTAX
;
1440 rc
= xml_new_request (client
, line
, XML_CMD_DELETE
, &req
);
1444 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
1445 xml_free_request (req
);
1449 rc
= xml_is_element_owner (client
, n
);
1451 rc
= xml_unlink_node (client
, n
);
1456 /* Won't update cdata->plaintext. Other clients are working on the original or
1457 * copy of the same document. The first client to SAVE wins and requires others
1458 * to reopen the data file do to a checksum error. */
1460 copy_on_write (struct client_s
*client
)
1462 struct cache_data_s
*cdata
;
1464 if (client
->did_cow
)
1467 cdata
= cache_get_data (client
->filename
, NULL
);
1471 xmlDocPtr doc
= xmlCopyDoc (client
->doc
, 1);
1474 return GPG_ERR_ENOMEM
;
1476 rc
= cache_plaintext_set (client
->filename
, doc
, 1);
1483 (void)cache_plaintext_release (&client
->doc
);
1485 client
->did_cow
= 1;
1489 return GPG_ERR_NO_DATA
;
1493 delete_command (assuan_context_t ctx
, char *line
)
1495 struct client_s
*client
= assuan_get_pointer (ctx
);
1497 struct argv_s
*args
[] = {
1498 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
1502 rc
= parse_options (&line
, args
, client
, 1);
1503 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
1504 rc
= GPG_ERR_SYNTAX
;
1506 return send_error (ctx
, rc
);
1508 rc
= copy_on_write (client
);
1510 return send_error (ctx
, rc
);
1512 if (client
->opts
& OPT_INQUIRE
)
1514 unsigned char *result
;
1517 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
1519 return send_error (ctx
, rc
);
1521 pthread_cleanup_push ((void *)xfree
, result
);
1522 rc
= do_delete (ctx
, (char *)result
);
1523 pthread_cleanup_pop (1);
1526 rc
= do_delete (ctx
, line
);
1528 return send_error (ctx
, rc
);
1532 update_element_expirey (struct client_s
*client
, xmlNodePtr n
)
1535 xmlChar
*expire
, *incr
;
1537 time_t e
, e_orig
, i
;
1538 time_t now
= time (NULL
);
1540 expire
= xml_attribute_value (n
, (xmlChar
*)"expire");
1545 e
= strtoul ((char *)expire
, &p
, 10);
1546 if (errno
|| *p
|| e
== ULONG_MAX
|| *expire
== '-')
1549 rc
= GPG_ERR_ERANGE
;
1554 incr
= xml_attribute_value (n
, (xmlChar
*)"expire_increment");
1558 i
= strtoul ((char *)incr
, &p
, 10);
1559 if (errno
|| *p
|| i
== ULONG_MAX
|| *incr
== '-')
1562 rc
= GPG_ERR_ERANGE
;
1569 p
= str_asprintf ("%lu", e
);
1572 rc
= GPG_ERR_ENOMEM
;
1576 rc
= xml_add_attribute (client
, n
, "expire", p
);
1579 rc
= send_status (client
->ctx
, STATUS_EXPIRE
, "%lu %lu", e_orig
, e
);
1586 store_command (assuan_context_t ctx
, char *line
)
1588 struct client_s
*client
= assuan_get_pointer (ctx
);
1591 unsigned char *result
;
1592 xmlNodePtr n
, parent
;
1594 char *content
= NULL
;
1595 struct xml_request_s
*req
;
1597 if (!client
->bulk_p
&& line
&& *line
)
1598 return send_error (ctx
, GPG_ERR_SYNTAX
);
1600 rc
= copy_on_write (client
);
1602 return send_error (ctx
, rc
);
1604 if (!client
->bulk_p
)
1606 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
1608 return send_error (ctx
, rc
);
1609 rc
= xml_new_request (client
, (char *)result
, XML_CMD_STORE
, &req
);
1610 if (!result
|| !*result
)
1613 return send_error (ctx
, GPG_ERR_SYNTAX
);
1616 len
= strv_length (req
->args
);
1617 has_content
= result
[strlen ((char *)result
) - 1] != '\t' && len
> 1;
1622 rc
= xml_new_request (client
, line
, XML_CMD_STORE
, &req
);
1623 len
= strv_length (req
->args
);
1624 has_content
= line
&& line
[strlen (line
) - 1] != '\t' && len
> 1;
1628 return send_error (ctx
, rc
);
1630 /* Prevent passing the element content around to save some memory
1632 if (*(req
->args
+1) && !xml_valid_element_path (req
->args
, has_content
))
1634 xml_free_request (req
);
1635 return send_error (ctx
, GPG_ERR_INV_VALUE
);
1638 if (has_content
|| !*req
->args
[len
-1])
1640 content
= req
->args
[len
-1];
1641 req
->args
[len
-1] = NULL
;
1644 if (strv_length (req
->args
) > 1)
1646 rc
= xml_check_recursion (client
, req
);
1647 if (rc
&& rc
!= GPG_ERR_ELEMENT_NOT_FOUND
)
1651 parent
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
1655 rc
= xml_is_element_owner (client
, parent
);
1658 n
= xml_find_text_node (parent
->children
);
1660 xmlNodeSetContent (n
, (xmlChar
*) content
);
1662 xmlNodeAddContent (parent
, (xmlChar
*) content
);
1664 (void)xml_update_element_mtime (client
, parent
);
1665 (void)update_element_expirey (client
, parent
);
1671 xml_free_request (req
);
1672 return send_error (ctx
, rc
);
1676 xfer_data (assuan_context_t ctx
, const char *line
, int total
)
1678 struct client_s
*client
= assuan_get_pointer (ctx
);
1679 int to_send
= total
< ASSUAN_LINELENGTH
? total
: ASSUAN_LINELENGTH
;
1683 if (!(client
->flags
& FLAG_LOCK_CMD
))
1684 rc
= unlock_file_mutex (client
, 0);
1685 if (rc
&& rc
!= GPG_ERR_NOT_LOCKED
)
1690 client
->bulk_p
->result
= xmalloc (total
+1);
1691 if (!client
->bulk_p
->result
)
1692 return GPG_ERR_ENOMEM
;
1693 memcpy (client
->bulk_p
->result
, line
, total
);
1694 client
->bulk_p
->result
[total
] = 0;
1695 client
->bulk_p
->result_len
= total
;
1699 rc
= send_status (ctx
, STATUS_XFER
, "%li %li", sent
, total
);
1705 if (sent
+ to_send
> total
)
1706 to_send
= total
- sent
;
1708 rc
= assuan_send_data (ctx
, (char *) line
+ sent
, to_send
);
1712 while (!rc
&& sent
< total
);
1718 do_get (assuan_context_t ctx
, char *line
)
1720 struct client_s
*client
= assuan_get_pointer (ctx
);
1722 struct xml_request_s
*req
;
1725 if (!line
|| !*line
)
1726 return GPG_ERR_SYNTAX
;
1728 rc
= xml_new_request (client
, line
, XML_CMD_NONE
, &req
);
1732 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
1735 if (n
&& n
->children
)
1739 n
= xml_find_text_node (n
->children
);
1740 if (!n
|| !n
->content
|| !*n
->content
)
1741 rc
= GPG_ERR_NO_DATA
;
1744 rc
= xfer_data (ctx
, (char *) n
->content
, xmlStrlen (n
->content
));
1747 xmlChar
*expire
= xml_attribute_value (tmp
,
1748 (xmlChar
*)"expire");
1751 time_t now
= time (NULL
);
1756 e
= strtoul ((char *)expire
, &p
, 10);
1757 if (errno
|| *p
|| e
== ULONG_MAX
|| *expire
== '-')
1758 log_write (_("invalid expire attribute value: %s"),
1762 pthread_cleanup_push (xmlFree
, expire
);
1763 rc
= send_status (ctx
, STATUS_EXPIRE
, "%lu 0", e
);
1764 pthread_cleanup_pop (0);
1773 rc
= GPG_ERR_NO_DATA
;
1776 xml_free_request (req
);
1781 get_command (assuan_context_t ctx
, char *line
)
1783 struct client_s
*client
= assuan_get_pointer (ctx
);
1785 struct argv_s
*args
[] = {
1786 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
1790 rc
= parse_options (&line
, args
, client
, 1);
1791 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
1792 rc
= GPG_ERR_SYNTAX
;
1794 return send_error (ctx
, rc
);
1796 if (client
->opts
& OPT_INQUIRE
)
1798 unsigned char *result
;
1801 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
1803 return send_error (ctx
, rc
);
1805 pthread_cleanup_push ((void *)xfree
, result
);
1806 rc
= do_get (ctx
, (char *)result
);
1807 pthread_cleanup_pop (1);
1810 rc
= do_get (ctx
, line
);
1812 return send_error (ctx
, rc
);
1815 static void list_command_free1 (void *arg
);
1817 realpath_command (assuan_context_t ctx
, char *line
)
1820 char **realpath
= NULL
;
1821 struct client_s
*client
= assuan_get_pointer (ctx
);
1822 struct argv_s
*args
[] = {
1823 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
1827 rc
= parse_options (&line
, args
, client
, 1);
1828 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
1829 rc
= GPG_ERR_SYNTAX
;
1831 return send_error (ctx
, rc
);
1833 if (client
->opts
& OPT_INQUIRE
)
1835 unsigned char *result
;
1838 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
1840 return send_error (ctx
, rc
);
1842 pthread_cleanup_push ((void *)xfree
, result
);
1843 (void)xml_resolve_path (client
, client
->doc
, result
, &realpath
, &rc
);
1844 pthread_cleanup_pop (1);
1847 (void)xml_resolve_path (client
, client
->doc
, (unsigned char *)line
,
1852 char *tmp
= strv_join ((char *)"\t", realpath
);
1854 strv_free (realpath
);
1856 return send_error (ctx
, GPG_ERR_ENOMEM
);
1858 pthread_cleanup_push ((void *)xfree
, tmp
);
1859 rc
= xfer_data (ctx
, tmp
, strlen (tmp
));
1860 pthread_cleanup_pop (1);
1863 return send_error (ctx
, rc
);
1867 list_command_free1 (void *arg
)
1870 string_free ((struct string_s
*) arg
, 1);
1874 parse_list_opt_recurse (void *data
, void *value
)
1876 struct client_s
*client
= data
;
1879 client
->opts
|= OPT_LIST_RECURSE
;
1884 parse_opt_verbose (void *data
, void *value
)
1886 struct client_s
*client
= data
;
1889 client
->opts
|= OPT_VERBOSE
;
1894 list_path_once (struct client_s
*client
, char *line
,
1895 struct element_list_s
*elements
, struct string_s
*result
)
1899 rc
= xml_create_path_list (client
, client
->doc
, NULL
, elements
, line
, 0);
1900 if (rc
== GPG_ERR_ELOOP
|| rc
== GPG_ERR_EACCES
)
1905 int total
= slist_length (elements
->list
);
1911 for (i
= 0; i
< total
; i
++)
1913 char *tmp
= slist_nth_data (elements
->list
, i
);
1915 string_append_printf (result
, "%s%s", tmp
,
1916 i
+ 1 == total
? "" : "\n");
1920 rc
= GPG_ERR_NO_DATA
;
1927 do_list (assuan_context_t ctx
, char *line
)
1929 struct client_s
*client
= assuan_get_pointer (ctx
);
1930 gpg_error_t rc
= GPG_ERR_NO_DATA
;
1931 struct element_list_s
*elements
= NULL
;
1933 if (!line
|| !*line
)
1935 struct string_s
*str
= string_new (NULL
);
1939 return GPG_ERR_ENOMEM
;
1941 pthread_cleanup_push ((void *)list_command_free1
, str
);
1942 n
= xmlDocGetRootElement (client
->doc
);
1943 for (n
= n
->children
; n
; n
= n
->next
)
1947 if (n
->type
!= XML_ELEMENT_NODE
)
1950 name
= xmlGetProp (n
, (xmlChar
*)"_name");
1953 rc
= GPG_ERR_ENOMEM
;
1957 elements
= xcalloc (1, sizeof (struct element_list_s
));
1961 rc
= GPG_ERR_ENOMEM
;
1965 elements
->prefix
= string_new (NULL
);
1966 if (!elements
->prefix
)
1969 xml_free_element_list (elements
);
1970 rc
= GPG_ERR_ENOMEM
;
1974 elements
->recurse
= client
->opts
& OPT_LIST_RECURSE
;
1975 elements
->root_only
= !elements
->recurse
;
1976 pthread_cleanup_push ((void *)xml_free_element_list
, elements
);
1977 rc
= list_path_once (client
, (char *)name
, elements
, str
);
1979 pthread_cleanup_pop (1);
1984 string_append (str
, "\n");
1988 rc
= xfer_data (ctx
, str
->str
, str
->len
);
1990 pthread_cleanup_pop (1);
1994 elements
= xcalloc (1, sizeof (struct element_list_s
));
1996 return GPG_ERR_ENOMEM
;
1998 elements
->prefix
= string_new (NULL
);
1999 if (!elements
->prefix
)
2001 xml_free_element_list (elements
);
2002 return GPG_ERR_ENOMEM
;
2005 elements
->recurse
= client
->opts
& OPT_LIST_RECURSE
;
2006 pthread_cleanup_push ((void *)xml_free_element_list
, elements
);
2007 struct string_s
*str
= string_new (NULL
);
2008 pthread_cleanup_push ((void *)list_command_free1
, str
);
2009 rc
= list_path_once (client
, line
, elements
, str
);
2011 rc
= xfer_data (ctx
, str
->str
, str
->len
);
2013 pthread_cleanup_pop (1);
2014 pthread_cleanup_pop (1);
2019 list_command (assuan_context_t ctx
, char *line
)
2021 struct client_s
*client
= assuan_get_pointer (ctx
);
2023 struct argv_s
*args
[] = {
2024 &(struct argv_s
) {"recurse", OPTION_TYPE_NOARG
, parse_list_opt_recurse
},
2025 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
2026 /* These are deprecated but kept for backward compatibility with older
2028 &(struct argv_s
) {"verbose", OPTION_TYPE_NOARG
, NULL
},
2029 &(struct argv_s
) {"with-target", OPTION_TYPE_NOARG
, NULL
},
2030 &(struct argv_s
) {"all", OPTION_TYPE_NOARG
, parse_list_opt_recurse
},
2031 &(struct argv_s
) {"no-recurse", OPTION_TYPE_NOARG
, NULL
},
2035 if (disable_list_and_dump
== 1)
2036 return send_error (ctx
, GPG_ERR_NOT_IMPLEMENTED
);
2038 rc
= parse_options (&line
, args
, client
, 1);
2039 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
2040 rc
= GPG_ERR_SYNTAX
;
2042 return send_error (ctx
, rc
);
2044 if (client
->opts
& OPT_INQUIRE
)
2046 unsigned char *result
;
2049 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
2051 return send_error (ctx
, rc
);
2053 pthread_cleanup_push ((void *)xfree
, result
);
2054 rc
= do_list (ctx
, (char *)result
);
2055 pthread_cleanup_pop (1);
2058 rc
= do_list (ctx
, line
);
2060 return send_error (ctx
, rc
);
2063 #define RESUMABLE_ERROR(rc) (rc == GPG_ERR_ELOOP || rc == GPG_ERR_EACCES \
2064 || rc == GPG_ERR_ELEMENT_NOT_FOUND || !rc)
2066 * args[0] - element path
2069 attribute_list (assuan_context_t ctx
, char **args
)
2071 struct client_s
*client
= assuan_get_pointer (ctx
);
2072 char **attrlist
= NULL
;
2076 xmlNodePtr n
, an
, r
;
2079 struct xml_request_s
*req
;
2081 if (!args
|| !args
[0] || !*args
[0])
2082 return GPG_ERR_SYNTAX
;
2084 rc
= xml_new_request (client
, args
[0], XML_CMD_ATTR_LIST
, &req
);
2088 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2089 xml_free_request (req
);
2093 gpg_error_t acl_rc
= 0;
2095 acl_rc
= xml_acl_check (client
, n
);
2096 for (a
= n
->properties
; a
; a
= a
->next
)
2099 int reserved
= xml_reserved_attribute ((char *)a
->name
);
2101 if (acl_rc
== GPG_ERR_EACCES
&& !reserved
)
2103 else if (acl_rc
&& acl_rc
!= GPG_ERR_EACCES
)
2109 if (reserved
&& target
)
2112 pa
= xrealloc (attrlist
, (i
+ 2) * sizeof (char *));
2115 log_write ("%s(%i): %s", __FILE__
, __LINE__
,
2116 pwmd_strerror (GPG_ERR_ENOMEM
));
2117 rc
= GPG_ERR_ENOMEM
;
2123 attrlist
[i
] = str_asprintf ("%s %s", (char *) a
->name
, an
&& an
->content
2124 ? (char *)an
->content
: "");
2128 log_write ("%s(%i): %s", __FILE__
, __LINE__
,
2129 pwmd_strerror (GPG_ERR_ENOMEM
));
2130 rc
= GPG_ERR_ENOMEM
;
2134 attrlist
[++i
] = NULL
;
2137 if (!rc
&& !attrlist
)
2138 return GPG_ERR_NO_DATA
;
2142 r
= xml_resolve_path (client
, client
->doc
, (xmlChar
*)args
[0], NULL
, &rc
);
2143 if (RESUMABLE_ERROR (rc
))
2155 pthread_cleanup_push ((void *)req_free
, attrlist
);
2159 line
= strv_join ("\n", attrlist
);
2162 pthread_cleanup_push ((void *)xfree
, line
);
2163 rc
= xfer_data (ctx
, line
, strlen (line
));
2164 pthread_cleanup_pop (1);
2168 log_write ("%s(%i): %s", __FILE__
, __LINE__
,
2169 pwmd_strerror (GPG_ERR_ENOMEM
));
2170 rc
= GPG_ERR_ENOMEM
;
2174 pthread_cleanup_pop (1);
2179 * args[0] - attribute
2180 * args[1] - element path
2183 attribute_delete (struct client_s
*client
, char **args
)
2188 if (!args
|| !args
[0] || !*args
[0] || !args
[1] || !*args
[1])
2189 return GPG_ERR_SYNTAX
;
2191 if (!strcmp (args
[0], "_name") || !strcmp (args
[0], "target"))
2192 return GPG_ERR_INV_ATTR
;
2194 rc
= copy_on_write (client
);
2198 if (!xml_reserved_attribute (args
[0]))
2199 n
= xml_resolve_path (client
, client
->doc
, (xmlChar
*)args
[1], NULL
, &rc
);
2202 struct xml_request_s
*req
;
2204 rc
= xml_new_request (client
, args
[1], XML_CMD_ATTR
, &req
);
2208 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2209 xml_free_request (req
);
2213 rc
= xml_is_element_owner (client
, n
);
2216 rc
= xml_delete_attribute (client
, n
, (xmlChar
*) args
[0]);
2222 * Creates the "target" attribute. When other commands encounter an element
2223 * with this attribute they follow the "target" after appending remaining
2224 * elements from the original element path to the target. The exception is the
2225 * ATTR command that operates on the element itself (for reserved attribute
2226 * names) and not the target.
2228 * If the source element path doesn't exist when using 'ATTR SET target', it is
2229 * created, but the destination element path must exist. This is simliar to the
2230 * ls(1) command: ln -s src dst.
2232 * args[0] - source element path
2233 * args[1] - destination element path
2236 set_target_attribute (struct client_s
*client
, char **args
)
2238 struct xml_request_s
*req
= NULL
;
2243 if (!args
|| !args
[0] || !args
[1])
2244 return GPG_ERR_SYNTAX
;
2246 src
= str_split (args
[0], "\t", 0);
2248 return GPG_ERR_SYNTAX
;
2250 if (!xml_valid_element_path (src
, 0))
2253 return GPG_ERR_INV_VALUE
;
2256 dst
= str_split (args
[1], "\t", 0);
2260 return GPG_ERR_SYNTAX
;
2263 rc
= copy_on_write (client
);
2267 // Be sure the destination element path exists. */
2268 rc
= xml_new_request (client
, args
[1], XML_CMD_NONE
, &req
);
2272 (void)xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2273 if (rc
&& rc
!= GPG_ERR_EACCES
)
2276 xml_free_request (req
);
2279 if (!strcmp (args
[0], args
[1]))
2281 rc
= GPG_ERR_EEXIST
;
2285 rc
= xml_new_request (client
, args
[0], XML_CMD_ATTR_TARGET
, &req
);
2289 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2290 if (rc
&& rc
!= GPG_ERR_EACCES
)
2295 rc
= xml_add_attribute (client
, n
, "target", args
[1]);
2298 rc
= xml_remove_user_attributes (client
, n
);
2300 rc
= xml_unlink_node (client
, n
->children
);
2307 xml_free_request (req
);
2312 * args[0] - attribute
2313 * args[1] - element path
2316 attribute_get (assuan_context_t ctx
, char **args
)
2318 struct client_s
*client
= assuan_get_pointer (ctx
);
2322 struct xml_request_s
*req
;
2324 if (!args
|| !args
[0] || !*args
[0] || !args
[1] || !*args
[1])
2325 return GPG_ERR_SYNTAX
;
2327 if (!xml_reserved_attribute (args
[0]))
2328 n
= xml_resolve_path (client
, client
->doc
, (xmlChar
*)args
[1], NULL
, &rc
);
2331 rc
= xml_new_request (client
, args
[1], XML_CMD_ATTR
, &req
);
2335 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2336 xml_free_request (req
);
2342 a
= xmlGetProp (n
, (xmlChar
*) args
[0]);
2344 return GPG_ERR_NOT_FOUND
;
2346 pthread_cleanup_push ((void *)xmlFree
, a
);
2349 rc
= xfer_data (ctx
, (char *) a
, xmlStrlen (a
));
2351 rc
= GPG_ERR_NO_DATA
;
2353 pthread_cleanup_pop (1);
2358 * args[0] - attribute
2359 * args[1] - element path
2363 attribute_set (struct client_s
*client
, char **args
)
2365 struct xml_request_s
*req
;
2369 if (!args
|| !args
[0] || !args
[1])
2370 return GPG_ERR_SYNTAX
;
2373 * Reserved attribute names.
2375 if (!strcmp (args
[0], "_name")) // Use the RENAME command instead
2376 return GPG_ERR_INV_ATTR
;
2377 else if (!strcmp (args
[0], "target"))
2378 return set_target_attribute (client
, args
+ 1);
2379 else if (!xml_valid_attribute (args
[0]))
2380 return GPG_ERR_INV_VALUE
;
2382 if (!xml_valid_attribute_value (args
[2]))
2383 return GPG_ERR_INV_VALUE
;
2385 rc
= copy_on_write (client
);
2389 if (!xml_reserved_attribute (args
[0]))
2391 n
= xml_resolve_path (client
, client
->doc
, (xmlChar
*)args
[1], NULL
, &rc
);
2394 rc
= xml_new_request (client
, args
[1], XML_CMD_NONE
, &req
);
2397 rc
= xml_check_recursion (client
, req
);
2398 xml_free_request (req
);
2404 rc
= xml_new_request (client
, args
[1], XML_CMD_ATTR
, &req
);
2408 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
2409 xml_free_request (req
);
2413 rc
= xml_is_element_owner (client
, n
);
2416 rc
= xml_add_attribute (client
, n
, args
[0], args
[2]);
2423 * req[1] - attribute name or element path if command is LIST
2424 * req[2] - element path
2425 * req[2] - element path or value
2429 do_attr (assuan_context_t ctx
, char *line
)
2431 struct client_s
*client
= assuan_get_pointer (ctx
);
2435 if (!line
|| !*line
)
2436 return GPG_ERR_SYNTAX
;
2438 req
= str_split (line
, " ", 4);
2439 if (!req
|| !req
[0] || !req
[1])
2442 return GPG_ERR_SYNTAX
;
2445 pthread_cleanup_push ((void *)req_free
, req
);
2447 if (strcasecmp (req
[0], "SET") == 0)
2448 rc
= attribute_set (client
, req
+ 1);
2449 else if (strcasecmp (req
[0], "GET") == 0)
2450 rc
= attribute_get (ctx
, req
+ 1);
2451 else if (strcasecmp (req
[0], "DELETE") == 0)
2452 rc
= attribute_delete (client
, req
+ 1);
2453 else if (strcasecmp (req
[0], "LIST") == 0)
2454 rc
= attribute_list (ctx
, req
+ 1);
2456 rc
= GPG_ERR_SYNTAX
;
2458 client
->flags
&= ~(FLAG_ACL_IGNORE
|FLAG_ACL_ERROR
);
2459 pthread_cleanup_pop (1);
2464 attr_command (assuan_context_t ctx
, char *line
)
2466 struct client_s
*client
= assuan_get_pointer (ctx
);
2468 struct argv_s
*args
[] = {
2469 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
2473 rc
= parse_options (&line
, args
, client
, 1);
2474 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
2475 rc
= GPG_ERR_SYNTAX
;
2477 return send_error (ctx
, rc
);
2479 if (client
->opts
& OPT_INQUIRE
)
2481 unsigned char *result
;
2484 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
2486 return send_error (ctx
, rc
);
2488 pthread_cleanup_push ((void *)xfree
, result
);
2489 rc
= do_attr (ctx
, (char *)result
);
2490 pthread_cleanup_pop (1);
2493 rc
= do_attr (ctx
, line
);
2495 return send_error (ctx
, rc
);
2499 parse_iscached_opt_lock (void *data
, void *value
)
2501 struct client_s
*client
= data
;
2504 client
->opts
|= OPT_LOCK
;
2509 parse_iscached_opt_agent (void *data
, void *value
)
2511 struct client_s
*client
= data
;
2514 client
->opts
|= OPT_CACHE_AGENT
;
2519 parse_iscached_opt_sign (void *data
, void *value
)
2521 struct client_s
*client
= data
;
2524 client
->opts
|= OPT_CACHE_SIGN
;
2529 iscached_command (assuan_context_t ctx
, char *line
)
2531 struct client_s
*client
= assuan_get_pointer (ctx
);
2534 struct argv_s
*args
[] = {
2535 &(struct argv_s
) {"lock", OPTION_TYPE_NOARG
, parse_iscached_opt_lock
},
2536 &(struct argv_s
) {"agent", OPTION_TYPE_NOARG
, parse_iscached_opt_agent
},
2537 &(struct argv_s
) {"sign", OPTION_TYPE_NOARG
, parse_iscached_opt_sign
},
2541 if (!line
|| !*line
)
2542 return send_error (ctx
, GPG_ERR_SYNTAX
);
2544 rc
= parse_options (&line
, args
, client
, 1);
2546 return send_error (ctx
, rc
);
2547 else if (!valid_filename (line
))
2548 return send_error (ctx
, GPG_ERR_INV_VALUE
);
2550 if (!(client
->flags
& FLAG_OPEN
)
2551 && ((client
->opts
& OPT_CACHE_AGENT
) || (client
->opts
& OPT_CACHE_SIGN
)))
2552 return send_error (ctx
, GPG_ERR_INV_STATE
);
2554 rc
= cache_iscached (line
, &defer
, (client
->opts
& OPT_CACHE_AGENT
),
2555 (client
->opts
& OPT_CACHE_SIGN
));
2557 rc
= GPG_ERR_NO_DATA
;
2561 struct cache_data_s
*cdata
= cache_get_data (line
, NULL
);
2565 rc
= validate_checksum (client
, line
, cdata
, NULL
, NULL
, 1);
2566 if (rc
== GPG_ERR_CHECKSUM
)
2567 rc
= GPG_ERR_NO_DATA
;
2571 if (client
->opts
& OPT_LOCK
2572 && (!rc
|| gpg_err_code (rc
) == GPG_ERR_NO_DATA
2573 || gpg_err_code (rc
) == GPG_ERR_ENOENT
))
2575 gpg_error_t trc
= rc
;
2577 if (client
->filename
&& strcmp (line
, client
->filename
))
2578 reset_client (client
);
2580 xfree (client
->filename
);
2581 client
->filename
= str_dup (line
);
2582 rc
= do_lock (client
, 1);
2587 return send_error (ctx
, rc
);
2591 clearcache_command (assuan_context_t ctx
, char *line
)
2593 struct client_s
*client
= assuan_get_pointer (ctx
);
2594 gpg_error_t rc
= 0, all_rc
= 0;
2598 struct client_thread_s
*once
= NULL
;
2602 pthread_cleanup_push (cache_release_mutex
, NULL
);
2603 count
= cache_file_count ();
2604 MUTEX_LOCK (&cn_mutex
);
2605 pthread_cleanup_push ((void *)release_mutex_cb
, &cn_mutex
);
2607 if (!line
|| !*line
)
2610 t
= slist_length (cn_thread_list
);
2612 for (i
= 0; i
< t
; i
++)
2614 struct client_thread_s
*thd
= slist_nth_data (cn_thread_list
, i
);
2615 assuan_peercred_t peer
;
2620 /* Lock each connected clients' file mutex to prevent any other client
2621 * from accessing the cache entry (the file mutex is locked upon
2622 * command startup). The cache for the entry is not cleared if the
2623 * file mutex is locked by another client to prevent this function
2624 * from blocking. Rather, it returns an error.
2628 if (thd
->cl
->filename
)
2630 rc
= do_validate_peer (ctx
, thd
->cl
->filename
, &peer
);
2631 /* The current client doesn't have permission to open the other
2632 * filename do to "access" configuration parameter in a filename
2633 * section. Since we are clearning all cache entries the error
2634 * will be returned later during cache_clear(). */
2641 else // Idle client without opened file?
2644 rc
= cache_lock_mutex (thd
->cl
->ctx
, thd
->cl
->filename
, -1, 0, -1);
2645 if (gpg_err_code (rc
) == GPG_ERR_LOCKED
)
2647 /* The current client owns the lock. */
2648 if (pthread_equal (pthread_self (), thd
->tid
))
2652 if (cache_iscached (thd
->cl
->filename
, NULL
, 0, 0)
2659 /* The cache entry will be cleared when the other client
2660 * disconnects and cache_timer_thread() does its thing. */
2661 cache_defer_clear (thd
->cl
->filename
);
2664 else if (gpg_err_code (rc
) == GPG_ERR_NO_DATA
)
2672 rc
= cache_clear (NULL
, thd
->cl
->filename
, 1, 0);
2673 cache_unlock_mutex (thd
->cl
->filename
, 0);
2683 /* A single data filename was specified. Lock only this data file
2684 * mutex and free the cache entry. */
2685 rc
= do_validate_peer (ctx
, line
, &peer
);
2686 if (rc
== GPG_ERR_FORBIDDEN
)
2687 rc
= peer_is_invoker (client
);
2689 if (rc
== GPG_ERR_EACCES
)
2690 rc
= GPG_ERR_FORBIDDEN
;
2692 if (!rc
&& thd
->cl
->filename
&& !strcmp (thd
->cl
->filename
, line
))
2694 rc
= cache_lock_mutex (thd
->cl
->ctx
, thd
->cl
->filename
, -1, 0, -1);
2695 if (gpg_err_code (rc
) == GPG_ERR_LOCKED
)
2697 /* The current client owns the lock. */
2698 if (pthread_equal (pthread_self (), thd
->tid
))
2705 rc
= cache_clear (NULL
, thd
->cl
->filename
, 1, 0);
2706 cache_unlock_mutex (thd
->cl
->filename
, 0);
2709 cache_defer_clear (thd
->cl
->filename
);
2711 /* Found a client with the opened file. The cache entry has been
2712 * either cleared (self) or defered to be cleared. */
2718 /* Only connected clients' cache entries have been cleared. Now clear any
2719 * remaining cache entries without clients but only if there wasn't an
2720 * error from above since this would defeat the locking check of the
2721 * remaining entries. */
2722 if (all
&& !all_rc
&& cache_file_count ())
2724 rc
= cache_clear (client
, NULL
, 1, 0);
2725 if (rc
== GPG_ERR_EACCES
)
2726 rc
= GPG_ERR_FORBIDDEN
;
2729 /* No clients are using the specified file. */
2730 else if (!all_rc
&& !rc
&& !once
)
2731 rc
= cache_clear (NULL
, line
, 1, 0);
2733 /* Release the connection mutex. */
2734 pthread_cleanup_pop (1);
2736 if (!rc
|| (cache_file_count () && count
!= cache_file_count ()))
2737 send_status_all (STATUS_CACHE
, NULL
);
2739 /* Release the cache mutex. */
2740 pthread_cleanup_pop (1);
2742 /* One or more files were locked while clearing all cache entries. */
2746 return send_error (ctx
, rc
);
2750 cachetimeout_command (assuan_context_t ctx
, char *line
)
2752 struct client_s
*client
= assuan_get_pointer (ctx
);
2754 char **req
= str_split (line
, " ", 0);
2758 if (!(client
->flags
& FLAG_OPEN
))
2759 return send_error (ctx
, GPG_ERR_INV_STATE
);
2761 if (!req
|| !*req
|| strv_length (req
) > 1)
2764 return send_error (ctx
, GPG_ERR_SYNTAX
);
2768 timeout
= strtol (req
[0], &p
, 10);
2769 if (errno
!= 0 || *p
|| timeout
< (long)-1)
2770 rc
= GPG_ERR_SYNTAX
;
2774 rc
= cache_set_timeout (client
->filename
, timeout
);
2775 if (!rc
|| gpg_err_code (rc
) == GPG_ERR_NOT_FOUND
)
2778 MUTEX_LOCK (&rcfile_mutex
);
2779 config_set_long_param (&global_config
, client
->filename
,
2780 "cache_timeout", req
[0]);
2781 MUTEX_UNLOCK (&rcfile_mutex
);
2786 return send_error (ctx
, rc
);
2790 dump_command (assuan_context_t ctx
, char *line
)
2794 struct client_s
*client
= assuan_get_pointer (ctx
);
2797 if (disable_list_and_dump
== 1)
2798 return send_error (ctx
, GPG_ERR_NOT_IMPLEMENTED
);
2801 return send_error (ctx
, GPG_ERR_SYNTAX
);
2803 rc
= peer_is_invoker(client
);
2805 return send_error (ctx
, (rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
));
2807 xmlDocDumpFormatMemory (client
->doc
, &xml
, &len
, 1);
2811 log_write ("%s(%i): %s", __FILE__
, __LINE__
,
2812 pwmd_strerror (GPG_ERR_ENOMEM
));
2813 return send_error (ctx
, GPG_ERR_ENOMEM
);
2816 pthread_cleanup_push ((void *)xmlFree
, xml
);
2817 rc
= xfer_data (ctx
, (char *) xml
, len
);
2818 pthread_cleanup_pop (1);
2819 return send_error (ctx
, rc
);
2823 getconfig_command (assuan_context_t ctx
, char *line
)
2825 struct client_s
*client
= assuan_get_pointer (ctx
);
2827 char filename
[255] = { 0 }, param
[747] = { 0 };
2828 char *p
, *tmp
= NULL
, *fp
= client
->filename
, *paramp
= line
;
2830 if (!line
|| !*line
)
2831 return send_error (ctx
, GPG_ERR_SYNTAX
);
2833 if (strchr (line
, ' '))
2835 int ret
= sscanf (line
, " %254[^ ] %746c", filename
, param
);
2838 return send_error (ctx
, gpg_error_from_syserror());
2843 if (fp
&& !valid_filename (fp
))
2844 return send_error (ctx
, GPG_ERR_INV_VALUE
);
2846 paramp
= str_down (paramp
);
2847 p
= config_get_value (fp
? fp
: "global", paramp
);
2849 return send_error (ctx
, GPG_ERR_UNKNOWN_OPTION
);
2851 tmp
= expand_homedir (p
);
2855 log_write ("%s(%i): %s", __FILE__
, __LINE__
,
2856 pwmd_strerror (GPG_ERR_ENOMEM
));
2857 return send_error (ctx
, GPG_ERR_ENOMEM
);
2861 pthread_cleanup_push ((void *)xfree
, p
);
2862 rc
= xfer_data (ctx
, p
, strlen (p
));
2863 pthread_cleanup_pop (1);
2864 return send_error (ctx
, rc
);
2869 xmlXPathContextPtr xp
;
2870 xmlXPathObjectPtr result
;
2876 xpath_command_free (void *arg
)
2878 struct xpath_s
*xpath
= arg
;
2883 req_free (xpath
->req
);
2886 xmlBufferFree (xpath
->buf
);
2889 xmlXPathFreeObject (xpath
->result
);
2892 xmlXPathFreeContext (xpath
->xp
);
2896 do_xpath (assuan_context_t ctx
, char *line
)
2899 struct client_s
*client
= assuan_get_pointer (ctx
);
2900 struct xpath_s _x
= { 0 };
2901 struct xpath_s
*xpath
= &_x
;
2903 if (!line
|| !*line
)
2904 return GPG_ERR_SYNTAX
;
2906 if ((xpath
->req
= str_split (line
, "\t", 2)) == NULL
)
2908 if (strv_printf (&xpath
->req
, "%s", line
) == 0)
2909 return GPG_ERR_ENOMEM
;
2914 rc
= copy_on_write (client
);
2919 xpath
->xp
= xmlXPathNewContext (client
->doc
);
2922 rc
= GPG_ERR_BAD_DATA
;
2927 xmlXPathEvalExpression ((xmlChar
*) xpath
->req
[0], xpath
->xp
);
2930 rc
= GPG_ERR_BAD_DATA
;
2934 if (xmlXPathNodeSetIsEmpty (xpath
->result
->nodesetval
))
2936 rc
= GPG_ERR_ELEMENT_NOT_FOUND
;
2940 rc
= xml_recurse_xpath_nodeset (client
, client
->doc
,
2941 xpath
->result
->nodesetval
,
2942 (xmlChar
*) xpath
->req
[1], &xpath
->buf
, 0,
2946 else if (!xpath
->req
[1] && !xmlBufferLength (xpath
->buf
))
2948 rc
= GPG_ERR_NO_DATA
;
2951 else if (xpath
->req
[1])
2957 pthread_cleanup_push ((void *)xpath_command_free
, &xpath
);
2958 rc
= xfer_data (ctx
, (char *) xmlBufferContent (xpath
->buf
),
2959 xmlBufferLength (xpath
->buf
));
2960 pthread_cleanup_pop (0);
2962 xpath_command_free (xpath
);
2967 xpath_command (assuan_context_t ctx
, char *line
)
2969 struct client_s
*client
= assuan_get_pointer (ctx
);
2971 struct argv_s
*args
[] = {
2972 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
2976 if (disable_list_and_dump
== 1)
2977 return send_error (ctx
, GPG_ERR_NOT_IMPLEMENTED
);
2979 rc
= peer_is_invoker(client
);
2981 return send_error (ctx
, (rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
));
2983 rc
= parse_options (&line
, args
, client
, 1);
2984 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
2985 rc
= GPG_ERR_SYNTAX
;
2987 return send_error (ctx
, rc
);
2989 if (client
->opts
& OPT_INQUIRE
)
2991 unsigned char *result
;
2994 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
2996 return send_error (ctx
, rc
);
2998 pthread_cleanup_push ((void *)xfree
, result
);
2999 rc
= do_xpath (ctx
, (char *)result
);
3000 pthread_cleanup_pop (1);
3003 rc
= do_xpath (ctx
, line
);
3005 return send_error (ctx
, rc
);
3009 do_xpathattr (assuan_context_t ctx
, char *line
)
3011 struct client_s
*client
= assuan_get_pointer (ctx
);
3015 struct xpath_s _x
= { 0 };
3016 struct xpath_s
*xpath
= &_x
;
3018 if (!line
|| !*line
)
3019 return GPG_ERR_SYNTAX
;
3021 if ((req
= str_split (line
, " ", 3)) == NULL
)
3022 return GPG_ERR_ENOMEM
;
3026 rc
= GPG_ERR_SYNTAX
;
3030 if (!strcasecmp (req
[0], "SET"))
3032 else if (!strcasecmp (req
[0], "DELETE"))
3036 rc
= GPG_ERR_SYNTAX
;
3040 if (!req
[1] || !req
[2])
3042 rc
= GPG_ERR_SYNTAX
;
3046 if ((xpath
->req
= str_split (req
[2], "\t", 3)) == NULL
)
3048 rc
= GPG_ERR_ENOMEM
;
3052 if (!xpath
->req
[0] || (!xpath
->req
[1] && !cmd
) || (xpath
->req
[1] && cmd
))
3054 rc
= GPG_ERR_SYNTAX
;
3058 rc
= copy_on_write (client
);
3062 xpath
->xp
= xmlXPathNewContext (client
->doc
);
3065 rc
= GPG_ERR_BAD_DATA
;
3069 xpath
->result
= xmlXPathEvalExpression ((xmlChar
*) xpath
->req
[0], xpath
->xp
);
3072 rc
= GPG_ERR_BAD_DATA
;
3076 if (xmlXPathNodeSetIsEmpty (xpath
->result
->nodesetval
))
3078 rc
= GPG_ERR_ELEMENT_NOT_FOUND
;
3082 rc
= xml_recurse_xpath_nodeset (client
, client
->doc
,
3083 xpath
->result
->nodesetval
,
3084 (xmlChar
*) xpath
->req
[1], &xpath
->buf
, cmd
,
3085 (xmlChar
*) req
[1]);
3088 xpath_command_free (xpath
);
3093 /* XPATHATTR SET|DELETE <name> <expression>[<TAB>[value]] */
3095 xpathattr_command (assuan_context_t ctx
, char *line
)
3097 struct client_s
*client
= assuan_get_pointer (ctx
);
3099 struct argv_s
*args
[] = {
3100 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
3104 if (disable_list_and_dump
== 1)
3105 return send_error (ctx
, GPG_ERR_NOT_IMPLEMENTED
);
3107 rc
= peer_is_invoker(client
);
3109 return send_error (ctx
, (rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
));
3111 rc
= parse_options (&line
, args
, client
, 1);
3112 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
3113 rc
= GPG_ERR_SYNTAX
;
3115 return send_error (ctx
, rc
);
3117 if (client
->opts
& OPT_INQUIRE
)
3119 unsigned char *result
;
3122 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
3124 return send_error (ctx
, rc
);
3126 pthread_cleanup_push ((void *)xfree
, result
);
3127 rc
= do_xpathattr (ctx
, (char *)result
);
3128 pthread_cleanup_pop (1);
3131 rc
= do_xpathattr (ctx
, line
);
3133 return send_error (ctx
, rc
);
3137 do_import (struct client_s
*client
, const char *root_element
,
3138 unsigned char *content
)
3140 xmlDocPtr doc
= NULL
;
3141 xmlNodePtr n
= NULL
, root
;
3143 struct string_s
*str
= NULL
, *tstr
= NULL
;
3144 struct xml_request_s
*req
= NULL
;
3146 if (!content
|| !*content
)
3147 return GPG_ERR_SYNTAX
;
3151 rc
= xml_new_request (client
, root_element
, XML_CMD_STORE
, &req
);
3158 if (!xml_valid_element_path (req
->args
, 0))
3160 xml_free_request (req
);
3162 return GPG_ERR_INV_VALUE
;
3166 str
= string_new_content ((char *)content
);
3167 tstr
= string_prepend (str
, "<pwmd>");
3171 tstr
= string_append (str
, "</pwmd>");
3173 rc
= GPG_ERR_ENOMEM
;
3178 rc
= GPG_ERR_ENOMEM
;
3183 doc
= xmlReadDoc ((xmlChar
*) str
->str
, NULL
, "UTF-8", XML_PARSE_NOBLANKS
);
3184 string_free (str
, 1);
3187 rc
= GPG_ERR_BAD_DATA
;
3191 root
= xmlDocGetRootElement (doc
);
3192 root
= root
->children
;
3193 if (root
->type
!= XML_ELEMENT_NODE
)
3195 rc
= GPG_ERR_BAD_DATA
;
3199 rc
= xml_validate_import (client
, root
);
3205 /* Create the new specified root element path, if needed. */
3206 n
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
),
3211 /* Overwrite the children of the specified root element path. */
3212 (void)xml_unlink_node (client
, n
->children
);
3216 n
= xmlDocGetRootElement (client
->doc
);
3221 xmlChar
*name
= xml_attribute_value (root
, (xmlChar
*)"_name");
3224 rc
= GPG_ERR_BAD_DATA
;
3227 /* No --root argument passed. Overwrite the current documents' root
3228 * element matching the root element of the imported data. */
3229 xml_free_request (req
);
3231 rc
= xml_new_request (client
, (char *)name
, XML_CMD_DELETE
, &req
);
3237 tmp
= xml_find_elements (client
, req
,
3238 xmlDocGetRootElement (req
->doc
), &rc
);
3239 if (rc
&& rc
!= GPG_ERR_ELEMENT_NOT_FOUND
)
3243 (void)xml_unlink_node (client
, tmp
);
3251 copy
= xmlCopyNodeList (root
);
3253 rc
= GPG_ERR_ENOMEM
;
3256 n
= xmlAddChildList (n
, copy
);
3258 rc
= GPG_ERR_ENOMEM
;
3263 if (!rc
&& n
&& n
->parent
)
3264 rc
= xml_update_element_mtime (client
, n
->parent
);
3267 xml_free_request (req
);
3276 parse_import_opt_root (void *data
, void *value
)
3278 struct client_s
*client
= data
;
3280 client
->import_root
= str_dup (value
);
3281 return client
->import_root
? 0 : GPG_ERR_ENOMEM
;
3285 import_command (assuan_context_t ctx
, char *line
)
3288 struct client_s
*client
= assuan_get_pointer (ctx
);
3289 unsigned char *result
;
3291 struct argv_s
*args
[] = {
3292 &(struct argv_s
) {"root", OPTION_TYPE_ARG
, parse_import_opt_root
},
3296 xfree (client
->import_root
);
3297 client
->import_root
= NULL
;
3298 rc
= parse_options (&line
, args
, client
, client
->bulk_p
? 1 : 0);
3300 return send_error (ctx
, rc
);
3302 rc
= copy_on_write (client
);
3304 return send_error (ctx
, rc
);
3306 if (!client
->bulk_p
)
3308 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
3311 xfree (client
->import_root
);
3312 client
->import_root
= NULL
;
3313 return send_error (ctx
, rc
);
3315 rc
= do_import (client
, client
->import_root
, result
);
3319 char *p
= str_dup (line
);
3322 rc
= GPG_ERR_ENOMEM
;
3324 rc
= do_import (client
, client
->import_root
, (unsigned char *)p
);
3327 xfree (client
->import_root
);
3328 client
->import_root
= NULL
;
3329 return send_error (ctx
, rc
);
3333 do_lock (struct client_s
*client
, int add
)
3335 gpg_error_t rc
= lock_file_mutex (client
, add
);
3338 client
->flags
|= FLAG_LOCK_CMD
;
3344 lock_command (assuan_context_t ctx
, char *line
)
3346 struct client_s
*client
= assuan_get_pointer (ctx
);
3350 return send_error (ctx
, GPG_ERR_SYNTAX
);
3352 rc
= do_lock (client
, 0);
3353 return send_error (ctx
, rc
);
3357 unlock_command (assuan_context_t ctx
, char *line
)
3359 struct client_s
*client
= assuan_get_pointer (ctx
);
3363 return send_error (ctx
, GPG_ERR_SYNTAX
);
3365 rc
= unlock_file_mutex (client
, 0);
3366 return send_error (ctx
, rc
);
3370 set_env (const char *name
, char *buf
, size_t size
, const char *value
)
3372 MUTEX_LOCK (&rcfile_mutex
);
3373 if (!value
|| !*value
)
3378 else if (!buf
[0] || strcmp (buf
, value
))
3380 snprintf (buf
, size
, "%s=%s", name
, value
);
3384 MUTEX_UNLOCK (&rcfile_mutex
);
3388 option_command (assuan_context_t ctx
, char *line
)
3390 struct client_s
*client
= assuan_get_pointer (ctx
);
3392 char namebuf
[255] = { 0 };
3393 char *name
= namebuf
;
3394 char *value
= NULL
, *p
, *tmp
= NULL
;
3396 p
= strchr (line
, '=');
3399 strncpy (namebuf
, line
, sizeof(namebuf
));
3400 namebuf
[sizeof(namebuf
)-1] = 0;
3404 tmp
= str_dup (line
);
3406 return send_error (ctx
, GPG_ERR_ENOMEM
);
3408 tmp
[strlen (line
) - strlen (p
)] = 0;
3409 strncpy (namebuf
, tmp
, sizeof (namebuf
));
3410 namebuf
[sizeof(namebuf
)-1] = 0;
3416 log_write2 ("OPTION name='%s' value='%s'", name
, value
);
3418 if (strcasecmp (name
, (char *) "lock-timeout") == 0)
3424 n
= strtol (value
, &tmp
, 10);
3426 return send_error (ctx
, GPG_ERR_INV_VALUE
);
3429 client
->lock_timeout
= n
;
3431 else if (strcasecmp (name
, (char *) "client-state") == 0)
3435 MUTEX_LOCK (&client
->thd
->status_mutex
);
3438 n
= strtol (value
, &tmp
, 10);
3439 if ((tmp
&& *tmp
) || (n
< 0 || n
> 1))
3441 MUTEX_UNLOCK (&client
->thd
->status_mutex
);
3442 return send_error (ctx
, GPG_ERR_INV_VALUE
);
3444 client
->client_state
= n
;
3447 client
->client_state
= 0;
3448 MUTEX_UNLOCK (&client
->thd
->status_mutex
);
3450 else if (strcasecmp (name
, (char *) "NAME") == 0)
3452 if (value
&& strchr (value
, ' '))
3453 rc
= GPG_ERR_INV_VALUE
;
3456 MUTEX_LOCK (&cn_mutex
);
3457 tmp
= pthread_getspecific (thread_name_key
);
3458 pthread_setspecific (thread_name_key
, NULL
);
3460 xfree (client
->thd
->name
);
3461 client
->thd
->name
= NULL
;
3462 if (value
&& *value
)
3464 pthread_setspecific (thread_name_key
, str_dup (value
));
3465 client
->thd
->name
= str_dup (value
);
3467 MUTEX_UNLOCK (&cn_mutex
);
3470 else if (strcasecmp (name
, "disable-pinentry") == 0)
3474 if (value
&& *value
)
3476 n
= (int) strtol (value
, &tmp
, 10);
3477 if (*tmp
|| n
< 0 || n
> 1)
3478 return send_error (ctx
, GPG_ERR_INV_VALUE
);
3482 client
->flags
|= FLAG_NO_PINENTRY
;
3484 client
->flags
&= ~FLAG_NO_PINENTRY
;
3486 else if (strcasecmp (name
, "ttyname") == 0)
3487 set_env ("GPG_TTY", env_gpg_tty
, sizeof (env_gpg_tty
), value
);
3488 else if (strcasecmp (name
, "ttytype") == 0)
3489 set_env ("TERM", env_term
, sizeof (env_term
), value
);
3490 else if (strcasecmp (name
, "display") == 0)
3491 set_env ("DISPLAY", env_display
, sizeof (env_display
), value
);
3492 else if (strcasecmp (name
, "lc_messages") == 0)
3495 else if (strcasecmp (name
, "lc_ctype") == 0)
3498 else if (strcasecmp (name
, "desc") == 0)
3501 else if (strcasecmp (name
, "pinentry-timeout") == 0)
3505 rc
= GPG_ERR_UNKNOWN_OPTION
;
3507 return send_error (ctx
, rc
);
3511 do_rename (assuan_context_t ctx
, char *line
)
3513 struct client_s
*client
= assuan_get_pointer (ctx
);
3515 xmlNodePtr src
, dst
;
3516 struct string_s
*str
= NULL
, *tstr
;
3517 struct xml_request_s
*req
;
3520 if (!line
|| !*line
)
3521 return GPG_ERR_SYNTAX
;
3523 args
= str_split (line
, " ", 0);
3524 if (!args
|| strv_length (args
) != 2)
3527 return GPG_ERR_SYNTAX
;
3530 if (!xml_valid_element ((xmlChar
*) args
[1]))
3533 return GPG_ERR_INV_VALUE
;
3536 rc
= xml_new_request (client
, args
[0], XML_CMD_RENAME
, &req
);
3543 src
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
3547 rc
= xml_is_element_owner (client
, src
);
3551 xmlChar
*a
= xmlGetProp (src
, (xmlChar
*) "_name");
3554 rc
= GPG_ERR_ENOMEM
;
3558 /* To prevent unwanted effects:
3560 * <element _name="a"><element _name="b"/></element>
3564 if (xmlStrEqual (a
, (xmlChar
*) args
[1]))
3567 rc
= GPG_ERR_EEXIST
;
3572 str
= string_new (args
[0]);
3575 rc
= GPG_ERR_ENOMEM
;
3579 p
= strrchr (str
->str
, '\t');
3581 tstr
= string_truncate (str
, strlen (str
->str
)-strlen (p
));
3583 tstr
= string_truncate (str
, 0);
3587 string_free (str
, 1);
3588 rc
= GPG_ERR_ENOMEM
;
3593 tstr
= string_append_printf (str
, "%s%s", str
->len
? "\t" : "", args
[1]);
3596 string_free (str
, 1);
3597 rc
= GPG_ERR_ENOMEM
;
3602 xml_free_request (req
);
3603 rc
= xml_new_request (client
, str
->str
, XML_CMD_RENAME
, &req
);
3604 string_free (str
, 1);
3611 dst
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
3612 if (rc
&& rc
!= GPG_ERR_ELEMENT_NOT_FOUND
)
3617 /* Target may exist:
3619 * <element _name="a"/>
3620 * <element _name="b" target="a"/>
3626 rc
= GPG_ERR_EEXIST
;
3632 rc
= xml_is_element_owner (client
, dst
);
3636 rc
= xml_add_attribute (client
, src
, "_name", args
[1]);
3638 xml_unlink_node (client
, dst
);
3641 rc
= xml_add_attribute (client
, src
, "_name", args
[1]);
3644 xml_free_request (req
);
3650 rename_command (assuan_context_t ctx
, char *line
)
3652 struct client_s
*client
= assuan_get_pointer (ctx
);
3654 struct argv_s
*args
[] = {
3655 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
3659 rc
= parse_options (&line
, args
, client
, 1);
3660 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
3661 rc
= GPG_ERR_SYNTAX
;
3663 return send_error (ctx
, rc
);
3665 rc
= copy_on_write (client
);
3667 return send_error (ctx
, rc
);
3669 if (client
->opts
& OPT_INQUIRE
)
3671 unsigned char *result
;
3674 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
3676 return send_error (ctx
, rc
);
3678 pthread_cleanup_push ((void *)xfree
, result
);
3679 rc
= do_rename (ctx
, (char *)result
);
3680 pthread_cleanup_pop (1);
3683 rc
= do_rename (ctx
, line
);
3685 return send_error (ctx
, rc
);
3689 do_copy (assuan_context_t ctx
, char *line
)
3691 struct client_s
*client
= assuan_get_pointer (ctx
);
3692 char **args
, **targs
;
3693 xmlNodePtr src
, dst
, tree
= NULL
;
3694 struct xml_request_s
*req
;
3697 if (!line
|| !*line
)
3698 return GPG_ERR_SYNTAX
;
3700 args
= str_split (line
, " ", 0);
3701 if (!args
|| strv_length (args
) != 2)
3704 return GPG_ERR_SYNTAX
;
3707 targs
= str_split (args
[1], "\t", 0);
3711 return GPG_ERR_SYNTAX
;
3714 if (!xml_valid_element_path (targs
, 0))
3718 return GPG_ERR_INV_VALUE
;
3722 rc
= xml_new_request (client
, args
[0], XML_CMD_NONE
, &req
);
3729 src
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
3733 tree
= xmlCopyNodeList (src
);
3736 rc
= GPG_ERR_ENOMEM
;
3740 xml_free_request (req
);
3741 /* Create the destination element path if it does not exist. */
3742 rc
= xml_new_request (client
, args
[1], XML_CMD_STORE
, &req
);
3749 dst
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
3753 rc
= xml_is_element_owner (client
, dst
);
3757 rc
= xml_validate_target (client
, req
->doc
, args
[1], src
);
3758 if (rc
|| src
== dst
)
3760 rc
= rc
? rc
: GPG_ERR_EEXIST
;
3764 /* Merge any attributes from the src node to the initial dst node. */
3765 for (xmlAttrPtr attr
= tree
->properties
; attr
; attr
= attr
->next
)
3767 if (xmlStrEqual (attr
->name
, (xmlChar
*) "_name"))
3770 xmlAttrPtr a
= xmlHasProp (dst
, attr
->name
);
3774 xmlChar
*tmp
= xmlNodeGetContent (attr
->children
);
3775 xmlNewProp (dst
, attr
->name
, tmp
);
3777 /* Create the default attributes. */
3778 rc
= xml_add_attribute (client
, dst
, NULL
, NULL
);
3781 xmlNodePtr n
= dst
->children
;
3782 (void)xml_unlink_node (client
, n
);
3783 dst
->children
= NULL
;
3787 n
= xmlCopyNodeList (tree
->children
);
3790 rc
= GPG_ERR_ENOMEM
;
3794 n
= xmlAddChildList (dst
, n
);
3797 rc
= GPG_ERR_ENOMEM
;
3801 rc
= xml_update_element_mtime (client
, xmlDocGetRootElement (client
->doc
)
3802 == dst
->parent
? dst
: dst
->parent
);
3807 (void)xml_unlink_node (client
, tree
);
3809 xml_free_request (req
);
3815 copy_command (assuan_context_t ctx
, char *line
)
3817 struct client_s
*client
= assuan_get_pointer (ctx
);
3819 struct argv_s
*args
[] = {
3820 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
3824 rc
= parse_options (&line
, args
, client
, 1);
3825 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
3826 rc
= GPG_ERR_SYNTAX
;
3828 return send_error (ctx
, rc
);
3830 rc
= copy_on_write (client
);
3832 return send_error (ctx
, rc
);
3834 if (client
->opts
& OPT_INQUIRE
)
3836 unsigned char *result
;
3839 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
3841 return send_error (ctx
, rc
);
3843 pthread_cleanup_push ((void *)xfree
, result
);
3844 rc
= do_copy (ctx
, (char *)result
);
3845 pthread_cleanup_pop (1);
3848 rc
= do_copy (ctx
, line
);
3850 return send_error (ctx
, rc
);
3854 do_move (assuan_context_t ctx
, char *line
)
3856 struct client_s
*client
= assuan_get_pointer (ctx
);
3858 xmlNodePtr src
, dst
;
3859 struct xml_request_s
*req
;
3862 if (!line
|| !*line
)
3863 return GPG_ERR_SYNTAX
;
3865 args
= str_split (line
, " ", 0);
3866 if (!args
|| strv_length (args
) != 2)
3869 return GPG_ERR_SYNTAX
;
3874 char **targs
= str_split (args
[1], "\t", 0);
3878 return GPG_ERR_ENOMEM
;
3881 if (!xml_valid_element_path (targs
, 0))
3885 return GPG_ERR_INV_VALUE
;
3891 rc
= xml_new_request (client
, args
[0], XML_CMD_MOVE
, &req
);
3898 src
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
), &rc
);
3902 rc
= xml_is_element_owner (client
, src
);
3906 xml_free_request (req
);
3910 rc
= xml_new_request (client
, args
[1], XML_CMD_NONE
, &req
);
3914 dst
= xml_find_elements (client
, req
, xmlDocGetRootElement (req
->doc
),
3918 dst
= xmlDocGetRootElement (client
->doc
);
3920 if (rc
&& rc
!= GPG_ERR_ELEMENT_NOT_FOUND
)
3925 for (xmlNodePtr n
= dst
; n
; n
= n
->parent
)
3929 rc
= GPG_ERR_EEXIST
;
3936 xmlChar
*a
= xml_attribute_value (src
, (xmlChar
*) "_name");
3937 xmlNodePtr dup
= xml_find_element (client
, dst
->children
, (char *) a
, &rc
);
3940 if (rc
&& rc
!= GPG_ERR_ELEMENT_NOT_FOUND
)
3949 rc
= GPG_ERR_EEXIST
;
3953 if (dst
== xmlDocGetRootElement (client
->doc
))
3958 while (n
->parent
&& n
->parent
!= dst
)
3961 a
= xml_attribute_value (n
, (xmlChar
*) "_name");
3962 xmlChar
*b
= xml_attribute_value (src
, (xmlChar
*) "_name");
3964 if (xmlStrEqual (a
, b
))
3967 xmlUnlinkNode (src
);
3968 (void)xml_unlink_node (client
, n
);
3975 (void)xml_unlink_node (client
, dup
);
3978 xmlUnlinkNode (dup
);
3982 if (!dst
&& req
&& req
->args
&& *req
->args
)
3984 struct xml_request_s
*nreq
= NULL
;
3985 xmlChar
*name
= xml_attribute_value (src
, (xmlChar
*) "_name");
3987 if (src
->parent
== xmlDocGetRootElement (client
->doc
)
3988 && !strcmp ((char *) name
, *req
->args
))
3991 rc
= GPG_ERR_EEXIST
;
3996 rc
= xml_new_request (client
, args
[1], XML_CMD_STORE
, &nreq
);
3999 dst
= xml_find_elements (client
, nreq
,
4000 xmlDocGetRootElement (nreq
->doc
), &rc
);
4001 xml_free_request (nreq
);
4008 xml_update_element_mtime (client
, src
->parent
);
4009 xmlUnlinkNode (src
);
4011 dst
= xmlAddChildList (dst
, src
);
4013 rc
= GPG_ERR_ENOMEM
;
4015 xml_update_element_mtime (client
, dst
->parent
);
4018 xml_free_request (req
);
4024 move_command (assuan_context_t ctx
, char *line
)
4026 struct client_s
*client
= assuan_get_pointer (ctx
);
4028 struct argv_s
*args
[] = {
4029 &(struct argv_s
) {"inquire", OPTION_TYPE_NOARG
, parse_opt_inquire
},
4033 rc
= parse_options (&line
, args
, client
, 1);
4034 if (!rc
&& (client
->opts
& OPT_INQUIRE
) && line
&& *line
)
4035 rc
= GPG_ERR_SYNTAX
;
4037 return send_error (ctx
, rc
);
4039 rc
= copy_on_write (client
);
4041 return send_error (ctx
, rc
);
4043 if (client
->opts
& OPT_INQUIRE
)
4045 unsigned char *result
;
4048 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
4050 return send_error (ctx
, rc
);
4052 pthread_cleanup_push ((void *)xfree
, result
);
4053 rc
= do_move (ctx
, (char *)result
);
4054 pthread_cleanup_pop (1);
4057 rc
= do_move (ctx
, line
);
4059 return send_error (ctx
, rc
);
4063 sort_files (const void *arg1
, const void *arg2
)
4065 char *const *a
= arg1
;
4066 char *const *b
= arg2
;
4068 return strcmp (*a
, *b
);
4072 ls_command (assuan_context_t ctx
, char *line
)
4074 struct client_s
*client
= assuan_get_pointer (ctx
);
4081 #ifdef HAVE_READDIR_R
4083 struct dirent
*cur
= NULL
, *p
;
4085 struct dirent
*cur
= NULL
;
4087 struct argv_s
*args
[] = {
4088 &(struct argv_s
) {"verbose", OPTION_TYPE_NOARG
, parse_opt_verbose
},
4092 rc
= parse_options (&line
, args
, client
, 0);
4094 return send_error (ctx
, rc
);
4096 tmp
= str_asprintf ("%s/data", homedir
);
4097 dir
= expand_homedir (tmp
);
4100 return send_error (ctx
, GPG_ERR_ENOMEM
);
4103 rc
= gpg_error_from_errno (errno
);
4108 return send_error (ctx
, rc
);
4111 #ifdef HAVE_READDIR_R
4112 len
= offsetof (struct dirent
, d_name
) + pathconf (dir
, _PC_NAME_MAX
) + 1;
4118 return send_error (ctx
, GPG_ERR_ENOMEM
);
4120 pthread_cleanup_push (xfree
, p
);
4123 pthread_cleanup_push ((void *)closedir
, d
);
4127 #ifdef HAVE_READDIR_R
4128 while (!readdir_r (d
, p
, &cur
) && cur
)
4130 while ((cur
= readdir (d
)))
4136 rc
= open_check_file (cur
->d_name
, NULL
, &st
, 1);
4140 if (client
->opts
& OPT_VERBOSE
)
4141 tmp
= str_asprintf ("%s %lu.%lu %lu.%lu %lu.%lu", cur
->d_name
,
4142 st
.st_atim
.tv_sec
, st
.st_atim
.tv_nsec
,
4143 st
.st_mtim
.tv_sec
, st
.st_mtim
.tv_nsec
,
4144 st
.st_ctim
.tv_sec
, st
.st_ctim
.tv_nsec
);
4146 tmp
= str_dup (cur
->d_name
);
4150 rc
= GPG_ERR_ENOMEM
;
4154 vtmp
= strv_cat (v
, tmp
);
4158 rc
= GPG_ERR_ENOMEM
;
4165 pthread_cleanup_pop (1); // closedir (d)
4166 #ifdef HAVE_READDIR_R
4167 pthread_cleanup_pop (1); // xfree (p)
4170 if (rc
&& rc
!= GPG_ERR_ENODEV
)
4173 return send_error (ctx
, rc
);
4179 unsigned n
, t
= strv_length (v
);
4181 qsort (v
, t
, sizeof (char **), sort_files
);
4183 for (n
= 0; n
< t
; n
++)
4185 tmp
= str_asprintf ("%s%s\n", list
? list
: "", v
[n
]);
4189 rc
= GPG_ERR_ENOMEM
;
4200 return send_error (ctx
, GPG_ERR_NO_DATA
);
4202 list
[strlen (list
) - 1] = 0;
4203 pthread_cleanup_push (xfree
, list
);
4204 rc
= xfer_data (ctx
, list
, strlen (list
));
4205 pthread_cleanup_pop (1);
4206 return send_error (ctx
, rc
);
4209 /* Run all commands in the command list 'head'. The return code isn't
4210 * considered at all for a command. It is stored in the list and later sent to
4213 dispatch_bulk_commands (struct client_s
*client
, struct sexp_s
**list
)
4218 for (i
= 0; list
&& list
[i
];)
4220 struct bulk_cmd_s
*cur
= list
[i
]->user
;
4222 if (!strcmp (list
[i
]->tag
, "command")
4223 || !strcmp (list
[i
]->tag
, "id"))
4229 client
->bulk_p
= cur
;
4230 rc
= command_startup (client
->ctx
, cur
->cmd
->name
);
4235 cur
->rc
= cur
->cmd
->handler (client
->ctx
, list
[i
]->data
);
4236 command_finalize (client
->ctx
, cur
->rc
);
4239 if (list
[i
+1] && !strcmp (list
[i
+1]->tag
, "rc"))
4241 gpg_error_t erc
= 0;
4243 if (list
[i
+1]->data
)
4244 erc
= strtoul (list
[i
+1]->data
, NULL
, 10);
4252 rc
= dispatch_bulk_commands (client
, list
[++i
]->next
);
4266 bulk_command (assuan_context_t ctx
, char *line
)
4268 struct client_s
*client
= assuan_get_pointer (ctx
);
4270 unsigned char *result
;
4272 struct sexp_s
**sexp
= NULL
;
4275 return send_error (ctx
, GPG_ERR_SYNTAX
);
4277 rc
= assuan_inquire (ctx
, "DATA", &result
, &len
, 0);
4279 return send_error (ctx
, rc
);
4282 return send_error (ctx
, GPG_ERR_SYNTAX
);
4284 rc
= bulk_parse_commands (&sexp
, (const char *)result
, command_table
);
4287 return send_error (ctx
, rc
);
4289 pthread_cleanup_push ((void *)bulk_free_list
, sexp
);
4290 rc
= dispatch_bulk_commands (client
, sexp
);
4291 pthread_cleanup_pop (0);
4293 rc
= bulk_build_result (sexp
, (char **)&result
);
4295 bulk_free_list (sexp
);
4299 pthread_cleanup_push ((void *)xfree
, result
);
4300 rc
= xfer_data (ctx
, (char *)result
, strlen ((char *)result
));
4301 pthread_cleanup_pop (1);
4304 return send_error (ctx
, rc
);
4308 nop_command (assuan_context_t ctx
, char *line
)
4310 return send_error (ctx
, 0);
4314 bye_notify (assuan_context_t ctx
, char *line
)
4316 struct client_s
*cl
= assuan_get_pointer (ctx
);
4317 gpg_error_t ret
= 0;
4320 update_client_state (cl
, CLIENT_STATE_DISCON
);
4324 if (cl
->thd
->remote
)
4330 struct timeval tv
= { 0, 50000 };
4332 rc
= gnutls_bye (cl
->thd
->tls
->ses
, GNUTLS_SHUT_RDWR
);
4333 if (rc
== GNUTLS_E_AGAIN
)
4334 select (0, NULL
, NULL
, NULL
, &tv
);
4336 while (rc
== GNUTLS_E_AGAIN
);
4340 /* This will let assuan_process_next() return. */
4341 if (fcntl (cl
->thd
->fd
, F_SETFL
, O_NONBLOCK
) == -1)
4343 cl
->last_rc
= gpg_error_from_errno (errno
);
4347 cl
->last_rc
= 0; // BYE command result
4352 reset_notify (assuan_context_t ctx
, char *line
)
4354 struct client_s
*client
= assuan_get_pointer (ctx
);
4358 reset_client (client
);
4364 * This is called before every Assuan command.
4367 command_startup (assuan_context_t ctx
, const char *name
)
4369 struct client_s
*client
= assuan_get_pointer (ctx
);
4371 struct command_table_s
*cmd
= NULL
;
4373 log_write2 ("command='%s'", name
);
4374 client
->last_rc
= client
->opts
= 0;
4376 for (int i
= 0; command_table
[i
]; i
++)
4378 if (!strcasecmp (name
, command_table
[i
]->name
))
4380 if (command_table
[i
]->ignore_startup
)
4382 cmd
= command_table
[i
];
4388 return GPG_ERR_UNKNOWN_COMMAND
;
4390 client
->last_rc
= rc
= gpg_error (file_modified (client
, cmd
));
4392 update_client_state (client
, CLIENT_STATE_COMMAND
);
4398 * This is called after every Assuan command.
4401 command_finalize (assuan_context_t ctx
, gpg_error_t rc
)
4403 struct client_s
*client
= assuan_get_pointer (ctx
);
4406 if (!(client
->flags
& FLAG_LOCK_CMD
))
4407 unlock_file_mutex (client
, 0);
4409 unlock_flock (&client
->flock_fd
);
4410 log_write2 (_("command completed: rc=%u"), rc
? rc
: client
->last_rc
);
4411 client
->last_rc
= gpg_error (GPG_ERR_UNKNOWN_COMMAND
);
4412 client
->bulk_p
= NULL
;
4414 client
->thd
->buffer_timeout
= client
->thd
->last_buffer_size
= 0;
4416 if (client
->thd
->state
!= CLIENT_STATE_DISCON
)
4417 update_client_state (client
, CLIENT_STATE_IDLE
);
4421 parse_help_opt_html (void *data
, void *value
)
4423 struct client_s
*client
= data
;
4426 client
->opts
|= OPT_HTML
;
4431 help_command (assuan_context_t ctx
, char *line
)
4435 struct client_s
*client
= assuan_get_pointer (ctx
);
4436 struct argv_s
*args
[] = {
4437 &(struct argv_s
) {"html", OPTION_TYPE_NOARG
, parse_help_opt_html
},
4441 rc
= parse_options (&line
, args
, client
, 1);
4443 return send_error (ctx
, rc
);
4445 if (!line
|| !*line
)
4448 char *help
= str_dup (_("Usage: HELP [--html] [<COMMAND>]\n"
4449 "For commands that take an element path as an argument, each element is "
4450 "separated with an ASCII @key{TAB} character (ASCII 0x09)."
4453 for (i
= 0; command_table
[i
]; i
++)
4455 if (!command_table
[i
]->help
)
4458 /* @npxref{} won't put a "See " or "see " in front of the command.
4459 * It's not a texinfo command but needed for --html. */
4460 tmp
= str_asprintf ("%s %s%s%s", help
,
4461 client
->opts
& OPT_HTML
? "@npxref{" : "",
4462 command_table
[i
]->name
,
4463 client
->opts
& OPT_HTML
? "}" : "");
4468 tmp
= strip_texi_and_wrap (help
, client
->opts
& OPT_HTML
);
4470 pthread_cleanup_push ((void *)xfree
, tmp
);
4471 rc
= xfer_data (ctx
, tmp
, strlen (tmp
));
4472 pthread_cleanup_pop (1);
4473 return send_error (ctx
, rc
);
4476 for (i
= 0; command_table
[i
]; i
++)
4478 if (!strcasecmp (line
, command_table
[i
]->name
))
4482 if (!command_table
[i
]->help
)
4485 help
= strip_texi_and_wrap (command_table
[i
]->help
,
4486 client
->opts
& OPT_HTML
);
4487 tmp
= str_asprintf ("%s%s",
4488 (client
->opts
& OPT_HTML
) ? "" : _("Usage: "),
4491 pthread_cleanup_push ((void *)xfree
, tmp
);
4492 rc
= xfer_data (ctx
, tmp
, strlen (tmp
));
4493 pthread_cleanup_pop (1);
4494 return send_error (ctx
, rc
);
4498 return send_error (ctx
, GPG_ERR_INV_NAME
);
4502 new_command (const char *name
, int ignore
, int unlock
, int flock_type
,
4503 gpg_error_t (*handler
) (assuan_context_t
, char *),
4507 struct command_table_s
**tmp
;
4510 for (i
= 0; command_table
[i
]; i
++);
4512 tmp
= xrealloc (command_table
, (i
+ 2) * sizeof (struct command_table_s
*));
4514 command_table
= tmp
;
4515 command_table
[i
] = xcalloc (1, sizeof (struct command_table_s
));
4516 command_table
[i
]->name
= name
;
4517 command_table
[i
]->handler
= handler
;
4518 command_table
[i
]->ignore_startup
= ignore
;
4519 command_table
[i
]->unlock
= unlock
;
4520 command_table
[i
]->flock_type
= flock_type
;
4521 command_table
[i
++]->help
= help
;
4522 command_table
[i
] = NULL
;
4530 for (i
= 0; command_table
[i
]; i
++)
4531 xfree (command_table
[i
]);
4533 xfree (command_table
);
4537 sort_commands (const void *arg1
, const void *arg2
)
4539 struct command_table_s
*const *a
= arg1
;
4540 struct command_table_s
*const *b
= arg2
;
4549 return strcmp ((*a
)->name
, (*b
)->name
);
4553 passwd_command (assuan_context_t ctx
, char *line
)
4555 struct client_s
*client
= assuan_get_pointer (ctx
);
4559 rc
= peer_is_invoker (client
);
4561 return send_error (ctx
, (rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
));
4563 if (client
->flags
& FLAG_NEW
)
4564 return send_error (ctx
, GPG_ERR_INV_STATE
);
4566 client
->crypto
->keyfile
= config_get_string (client
->filename
,
4568 rc
= crypto_init_ctx (client
->crypto
, client
->flags
& FLAG_NO_PINENTRY
,
4569 client
->crypto
->keyfile
);
4571 rc
= crypto_passwd (client
, client
->crypto
);
4573 crypto_free_non_keys (client
->crypto
);
4574 return send_error (ctx
, rc
);
4578 parse_opt_data (void *data
, void *value
)
4580 struct client_s
*client
= data
;
4583 client
->opts
|= OPT_DATA
;
4588 send_client_list (assuan_context_t ctx
)
4590 struct client_s
*client
= assuan_get_pointer (ctx
);
4593 if (client
->opts
& OPT_VERBOSE
)
4599 MUTEX_LOCK (&cn_mutex
);
4600 pthread_cleanup_push ((void *)release_mutex_cb
, &cn_mutex
);
4601 t
= slist_length (cn_thread_list
);
4603 for (i
= 0; i
< t
; i
++)
4605 struct client_thread_s
*thd
= slist_nth_data (cn_thread_list
, i
);
4608 if (thd
->state
== CLIENT_STATE_UNKNOWN
)
4611 tmp
= build_client_info_line (thd
, 0);
4614 char **l
= strv_cat (list
, tmp
);
4616 rc
= GPG_ERR_ENOMEM
;
4621 rc
= GPG_ERR_ENOMEM
;
4630 pthread_cleanup_pop (1);
4634 line
= strv_join ("\n", list
);
4636 pthread_cleanup_push ((void *)xfree
, line
);
4637 rc
= xfer_data (ctx
, line
, strlen (line
));
4638 pthread_cleanup_pop (1);
4642 if (client
->opts
& OPT_DATA
)
4644 char buf
[ASSUAN_LINELENGTH
];
4646 MUTEX_LOCK (&cn_mutex
);
4647 snprintf (buf
, sizeof (buf
), "%u", slist_length (cn_thread_list
));
4648 MUTEX_UNLOCK (&cn_mutex
);
4649 rc
= xfer_data (ctx
, buf
, strlen (buf
));
4652 rc
= send_status (ctx
, STATUS_CLIENTS
, NULL
);
4658 getinfo_command (assuan_context_t ctx
, char *line
)
4660 struct client_s
*client
= assuan_get_pointer (ctx
);
4662 char buf
[ASSUAN_LINELENGTH
];
4663 struct argv_s
*args
[] = {
4664 &(struct argv_s
) {"data", OPTION_TYPE_NOARG
, parse_opt_data
},
4665 &(struct argv_s
) {"verbose", OPTION_TYPE_NOARG
, parse_opt_verbose
},
4669 rc
= parse_options (&line
, args
, client
, 1);
4671 return send_error (ctx
, rc
);
4673 if (!line
|| !*line
)
4674 return send_error (ctx
, GPG_ERR_SYNTAX
);
4676 if (!strcasecmp (line
, "clients"))
4678 rc
= send_client_list (ctx
);
4680 else if (!strcasecmp (line
, "cache"))
4682 if (client
->opts
& OPT_DATA
)
4684 snprintf (buf
, sizeof (buf
), "%u", cache_file_count ());
4685 rc
= xfer_data (ctx
, buf
, strlen (buf
));
4688 rc
= send_status (ctx
, STATUS_CACHE
, NULL
);
4690 else if (!strcasecmp (line
, "pid"))
4692 pid_t pid
= getpid ();
4694 snprintf (buf
, sizeof (buf
), "%u", pid
);
4695 rc
= xfer_data (ctx
, buf
, strlen (buf
));
4697 else if (!strcasecmp (line
, "version"))
4699 char *tmp
= str_asprintf ("0x%06x %s", VERSION_HEX
,
4707 pthread_cleanup_push (xfree
, tmp
);
4708 rc
= xfer_data (ctx
, tmp
, strlen (tmp
));
4709 pthread_cleanup_pop (1);
4711 else if (!strcasecmp (line
, "last_error"))
4713 if (client
->last_error
)
4714 rc
= xfer_data (ctx
, client
->last_error
, strlen (client
->last_error
));
4716 rc
= GPG_ERR_NO_DATA
;
4718 else if (!strcasecmp (line
, "user"))
4723 if (client
->thd
->remote
)
4724 user
= str_asprintf ("#%s", client
->thd
->tls
->fp
);
4726 user
= get_username (client
->thd
->peer
->uid
);
4728 user
= get_username (client
->thd
->peer
->uid
);
4732 pthread_cleanup_push ((void *)xfree
, user
);
4733 rc
= xfer_data (ctx
, user
, strlen (user
));
4734 pthread_cleanup_pop (1);
4737 rc
= GPG_ERR_NO_DATA
;
4740 rc
= gpg_error (GPG_ERR_SYNTAX
);
4742 return send_error (ctx
, rc
);
4746 parse_opt_secret (void *data
, void *value
)
4748 struct client_s
*client
= data
;
4751 client
->opts
|= OPT_SECRET
;
4756 parse_keyinfo_opt_learn (void *data
, void *value
)
4758 struct client_s
*client
= data
;
4761 client
->opts
|= OPT_KEYINFO_LEARN
;
4766 keyinfo_command (assuan_context_t ctx
, char *line
)
4768 struct client_s
*client
= assuan_get_pointer (ctx
);
4770 char **keys
= NULL
, **p
= NULL
;
4772 struct argv_s
*args
[] = {
4773 &(struct argv_s
) {"learn", OPTION_TYPE_NOARG
, parse_keyinfo_opt_learn
},
4777 rc
= parse_options (&line
, args
, client
, 0);
4779 return send_error (ctx
, rc
);
4782 return send_error (ctx
, GPG_ERR_SYNTAX
);
4784 if (!(client
->flags
& FLAG_OPEN
))
4785 return send_error (ctx
, GPG_ERR_INV_STATE
);
4787 if (client
->opts
& OPT_KEYINFO_LEARN
)
4789 rc
= cache_agent_command ("LEARN");
4790 return send_error (ctx
, rc
);
4793 if (client
->flags
& FLAG_NEW
)
4794 return send_error (ctx
, GPG_ERR_NO_DATA
);
4796 rc
= lock_flock (ctx
, client
->filename
, FLOCK_TYPE_SH
, &client
->flock_fd
);
4798 return send_error (ctx
, rc
);
4800 rc
= crypto_is_symmetric (client
->filename
);
4801 unlock_flock (&client
->flock_fd
);
4804 else if (rc
!= GPG_ERR_BAD_DATA
)
4805 return send_error (ctx
, rc
);
4810 p
= strv_catv (keys
, client
->crypto
->pubkey
);
4812 rc
= GPG_ERR_ENOMEM
;
4817 if (!rc
&& client
->crypto
->sigkey
)
4819 if (!strv_printf (&keys
, "S%s", client
->crypto
->sigkey
))
4822 return send_error (ctx
, GPG_ERR_ENOMEM
);
4830 line
= strv_join ("\n", keys
);
4832 pthread_cleanup_push ((void *)xfree
, line
);
4834 rc
= xfer_data (ctx
, line
, strlen (line
));
4836 rc
= GPG_ERR_ENOMEM
;
4838 pthread_cleanup_pop (1);
4841 rc
= GPG_ERR_NO_DATA
;
4846 return send_error (ctx
, rc
);
4850 deletekey_command (assuan_context_t ctx
, char *line
)
4853 struct client_s
*client
= assuan_get_pointer (ctx
);
4854 struct crypto_s
*crypto
= NULL
;
4855 char *keys
[] = { NULL
, NULL
};
4856 gpgme_key_t
*result
;
4859 if (!(client
->flags
& FLAG_OPEN
))
4860 return send_error (ctx
, GPG_ERR_INV_STATE
);
4862 rc
= peer_is_invoker (client
);
4864 return send_error (ctx
, (rc
== GPG_ERR_EACCES
? GPG_ERR_FORBIDDEN
: rc
));
4866 if (client
->flags
& FLAG_NO_PINENTRY
)
4867 return send_error (ctx
, GPG_ERR_NOT_IMPLEMENTED
);
4870 return send_error (ctx
, GPG_ERR_SYNTAX
);
4872 rc
= crypto_keyid_to_16b_once (line
);
4874 return send_error (ctx
, rc
);
4876 for (p
= client
->crypto
->pubkey
; p
&& *p
; p
++)
4878 if (!strcmp (*p
, line
))
4884 if (client
->crypto
->sigkey
&& strcmp (client
->crypto
->sigkey
, line
))
4885 return send_error (ctx
, GPG_ERR_FORBIDDEN
);
4886 else if (!client
->crypto
->sigkey
)
4887 return send_error (ctx
, GPG_ERR_NO_SECKEY
);
4890 rc
= crypto_init (&crypto
, client
->ctx
, client
->filename
,
4891 client
->flags
& FLAG_NO_PINENTRY
, NULL
);
4893 return send_error (ctx
, rc
);
4895 pthread_cleanup_push ((void *)crypto_free
, crypto
);
4897 rc
= crypto_list_keys (crypto
, keys
, 1, &result
);
4900 pthread_cleanup_push ((void *)crypto_free_key_list
, result
);
4901 rc
= crypto_delete_key (client
, crypto
, *result
, 1);
4902 pthread_cleanup_pop (1);
4905 pthread_cleanup_pop (1);
4906 return send_error (ctx
, rc
);
4910 kill_command (assuan_context_t ctx
, char *line
)
4912 struct client_s
*client
= assuan_get_pointer (ctx
);
4916 if (!line
|| !*line
)
4917 return send_error (ctx
, GPG_ERR_SYNTAX
);
4919 MUTEX_LOCK (&cn_mutex
);
4920 pthread_cleanup_push ((void *)release_mutex_cb
, &cn_mutex
);
4921 t
= slist_length (cn_thread_list
);
4924 for (i
= 0; i
< t
; i
++)
4926 struct client_thread_s
*thd
= slist_nth_data (cn_thread_list
, i
);
4927 char *tmp
= str_asprintf ("%p", thd
->tid
);
4929 if (strcmp (line
, tmp
))
4936 rc
= peer_is_invoker (client
);
4939 #ifdef HAVE_PTHREAD_CANCEL
4940 pthread_cancel (thd
->tid
);
4942 pthread_kill (thd
->tid
, SIGUSR2
);
4946 else if (rc
== GPG_ERR_EACCES
)
4947 rc
= GPG_ERR_FORBIDDEN
;
4951 if (config_get_boolean ("global", "strict_kill"))
4955 if (client
->thd
->remote
&& thd
->remote
)
4957 if (!thd
->tls
|| !thd
->tls
->fp
)
4959 rc
= GPG_ERR_INV_STATE
;
4962 if (!strcmp (client
->thd
->tls
->fp
, thd
->tls
->fp
))
4964 #ifdef HAVE_PTHREAD_CANCEL
4965 pthread_cancel (thd
->tid
);
4967 pthread_kill (thd
->tid
, SIGUSR2
);
4973 else if (!client
->thd
->remote
&& !thd
->remote
)
4976 if (client
->thd
->peer
->uid
== thd
->peer
->uid
)
4978 #ifdef HAVE_PTHREAD_CANCEL
4979 pthread_cancel (thd
->tid
);
4981 pthread_kill (thd
->tid
, SIGUSR2
);
4989 pthread_cleanup_pop (1);
4990 return send_error (ctx
, rc
);
4994 listkeys_command (assuan_context_t ctx
, char *line
)
4996 struct client_s
*client
= assuan_get_pointer (ctx
);
4997 struct crypto_s
*crypto
= NULL
;
4998 char **pattern
= NULL
;
4999 gpgme_key_t
*keys
= NULL
;
5000 char **result
= NULL
;
5002 struct argv_s
*args
[] = {
5003 &(struct argv_s
) {"secret-only", OPTION_TYPE_NOARG
, parse_opt_secret
},
5007 rc
= parse_options (&line
, args
, client
, 1);
5009 return send_error (ctx
, rc
);
5011 rc
= crypto_init (&crypto
, client
->ctx
, client
->filename
,
5012 client
->flags
& FLAG_NO_PINENTRY
, NULL
);
5014 return send_error (ctx
, rc
);
5016 pthread_cleanup_push ((void *)crypto_free
, crypto
);
5017 pattern
= str_split (line
, ",", 0);
5018 pthread_cleanup_push ((void *)(void *)strv_free
, pattern
);
5019 rc
= crypto_list_keys (crypto
, pattern
, client
->opts
& OPT_SECRET
,
5021 pthread_cleanup_pop (1);
5022 pthread_cleanup_pop (1);
5027 for (i
= 0; keys
[i
]; i
++)
5029 char *p
= crypto_key_info (keys
[i
]);
5034 rc
= GPG_ERR_ENOMEM
;
5038 r
= strv_cat (result
, p
);
5041 rc
= GPG_ERR_ENOMEM
;
5049 rc
= GPG_ERR_NO_DATA
;
5051 crypto_free_key_list (keys
);
5056 line
= strv_join ("\n", result
);
5058 pthread_cleanup_push ((void *)xfree
, line
);
5060 rc
= GPG_ERR_ENOMEM
;
5062 rc
= xfer_data (ctx
, line
, strlen (line
));
5064 pthread_cleanup_pop (1);
5069 if (gpg_err_code (rc
) == GPG_ERR_NO_PUBKEY
5070 || gpg_err_code (rc
) == GPG_ERR_NO_SECKEY
)
5071 rc
= GPG_ERR_NO_DATA
;
5073 return send_error (ctx
, rc
);
5079 /* !BEGIN-HELP-TEXT!
5081 * This comment is used as a marker to generate the offline documentation
5082 * found in doc/pwmd.info. The indentation needs to be kept for the awk
5083 * script to determine where commands begin and end.
5085 new_command("HELP", 1, 1, 0, help_command
, _(
5086 "HELP [--html] [<COMMAND>]\n" /* Showing available commands. */
5087 "Show available commands or command specific help text."
5089 "The @option{--html} option will output the help text in HTML format."
5092 new_command("DELETEKEY", 1, 1, FLOCK_TYPE_SH
|FLOCK_TYPE_KEEP
, deletekey_command
, _(
5093 "DELETEKEY <keyid>\n" /* Deleting a key from the key ring. */
5094 "Deletes the public and secret key associated with key @var{keyid} from the "
5095 "keyring. The @var{keyid} must be one associated with the currently opened "
5097 "Note that no confirmation occurs. Also note that when the key is deleted, "
5098 "the current or other data files using this key will no longer be able to be "
5102 new_command("KILL", 1, 0, 0, kill_command
, _(
5103 "KILL <thread_id>\n" /* Terminating another client. */
5104 "Terminates the client identified by @var{thread_id} and releases any file "
5105 "lock or other resources it has held. See @code{GETINFO} (@pxref{GETINFO}) "
5106 "for details about listing connected clients. An @code{invoking_user} "
5107 "(@pxref{Configuration}) may kill any client while others may only kill "
5108 "clients of the same @code{UID} or @abbr{TLS} fingerprint."
5111 new_command("LISTKEYS", 1, 0, 0, listkeys_command
, _(
5112 "LISTKEYS [--secret-only] [pattern[,<pattern>]]\n" /* Listing keys in the key ring. */
5113 "Returns a new line separated list of key information matching a comma "
5114 "separated list of @var{pattern}'s. When option @option{--secret-only} is "
5115 "specified, only keys matching @var{pattern} that also have a secret key "
5116 "available will be returned."
5119 new_command("KEYINFO", 1, 0, 0, keyinfo_command
, _(
5120 "KEYINFO [--learn]\n" /* Showing keys used for the current data file. */
5121 "Returns a new line separated list of key ID's that the currently opened "
5122 "data file has recipients and signers for. If the key is a signing key it "
5123 "will be prefixed with an @code{S}. If the file is a new one, or has no "
5124 "signers in the case of being symmetrically encrypted, the error code "
5125 "@code{GPG_ERR_NO_DATA} is returned."
5127 "When the @option{--learn} option is passed, keys on a smartcard will be "
5131 new_command("GETINFO", 1, 1, 0, getinfo_command
, _(
5132 "GETINFO [--data] [--verbose] CACHE | CLIENTS | PID | USER | LAST_ERROR | VERSION\n" /* Obtaining server and client information. */
5133 "Get server and other information. The information is returned via a status "
5134 "message (@pxref{Status Messages}) unless otherwise noted or @option{--data} "
5137 "@var{CACHE} returns the number of cached documents."
5139 "@var{CLIENTS} returns the number of "
5140 "connected clients via a status message or a list of connected clients when "
5141 "the @option{--verbose} parameter is used (implies @option{--data}). A "
5142 "verbose line of a client list contains "
5144 "fields: the thread ID, client name, opened file (@code{/} if none opened), "
5145 "IP address if remote, file lock status, whether the current client is self "
5146 "or not, client state (see below), "
5147 "user ID or TLS fingerprint of the connected client, username if the "
5148 "client is a local one else @code{-}, and finally the time stamp of when the "
5151 "Client state @code{0} is an unknown client state, state @code{1} indicates "
5152 "the client has connected but hasn't completed initializing, state @code{2} "
5153 "indicates that the client is idle, state @code{3} means the "
5154 "client is in a command and state @code{4} means the client is disconnecting. "
5156 "@var{PID} returns the process ID number of the server via a data response."
5158 "@var{VERSION} returns the server version number and compile-time features "
5159 "via a data response with each being space delimited."
5161 "@var{LAST_ERROR} returns a detailed description of the last failed command "
5162 "via a data response, when available."
5164 "@var{USER} returns the username or @abbr{TLS} hash of the connected client "
5165 "via a data response."
5168 new_command("PASSWD", 0, 0, FLOCK_TYPE_EX
|FLOCK_TYPE_KEEP
, passwd_command
, _(
5169 "PASSWD\n" /* Changing the passphrase for a key. */
5170 "Changes the passphrase of the secret key required to open the current "
5171 "data file. If the data file is symmetrically encrypted, the error "
5172 "@code{GPG_ERR_NOT_SUPPORTED} is returned. When symmetrically encrypted, "
5173 "the @code{SAVE} command (@pxref{SAVE}) should be used instead to prevent "
5174 "this command saving any unwanted changes to the @abbr{XML} document."
5176 "Note that when the current data file has been either encrypted or signed "
5177 "with a key stored on a smartcard this command will return an error. In this "
5178 "case you should instead use @command{gpg --card-edit} to change the "
5179 "pin of the smartcard or @command{gpg --edit-key} to change the passphrase "
5180 "of the key used to sign or encrypt the data file."
5182 "This command is not available to non-invoking clients "
5183 "(@pxref{Access Control})."
5186 new_command("OPEN", 1, 1, FLOCK_TYPE_SH
|FLOCK_TYPE_KEEP
, open_command
, _(
5187 "OPEN [--lock] <filename>\n" /* Opening a data file. */
5188 "Opens @var{filename}. When the @var{filename} is not found on the "
5189 "file-system then a new in-memory document will be created. If the file is "
5190 "found, it is looked for in the file cache and when found no passphrase will "
5191 "be required to open it. When not cached, @cite{pinentry(1)} will be used to "
5192 "retrieve the passphrase for decryption unless @option{disable-pinentry} "
5193 "(@pxref{OPTION}) was specified in which case @command{pwmd} will "
5194 "@emph{INQUIRE} the client for the passphrase. Note than when configuration "
5195 "option @option{strict_open} is enabled and the client is not an "
5196 "@option{invoking_user}, an error will be returned when the data file does "
5199 "When the @option{--lock} option is passed then the file mutex will be "
5200 "locked as if the @code{LOCK} command (@pxref{LOCK}) had been sent after the "
5201 "file had been opened."
5204 new_command("GENKEY", 1, 1, 0, genkey_command
, _(
5205 "GENKEY --subkey-of=fpr | --userid=\"str\" [--no-expire | --expire=N] [--algo=\"str\"] [--no-passphrase] [--usage=\"default|sign|encrypt\"]\n" /* Generating a new key. */
5206 "Generates a new key based on option arguments. One of "
5207 "@option{--subkey-of} or @option{--userid} is "
5208 "required. The @option{--subkey-of} option will generate a subkey for the key "
5209 "of the specified fingerprint."
5212 new_command("SAVE", 0, 0, FLOCK_TYPE_EX
|FLOCK_TYPE_KEEP
, save_command
, _(
5213 "SAVE [--sign-keyid=[<fpr>]] [--symmetric | --keyid=<fpr>[,..] | --inquire-keyid]\n" /* Saving document changes to disk. */
5214 "Writes the in-memory @abbr{XML} document to disk. The file written to is the "
5215 "file that was opened when using the @code{OPEN} command (@pxref{OPEN})."
5217 "If the file is a new one, one of @option{--symmetric}, @option{--keyid} or"
5218 "@option{--inquire-keyid} is required. When not @option{--symmetric}, option "
5219 "@option{--sign-keyid} is also required, but optional otherwise."
5221 "You can encrypt the data file to a recipient other than the one that it "
5222 "was originally encrypted with by passing the @option{--keyid} or "
5223 "@option{--inquire-keyid} option with a comma separated list of "
5224 "public encryption key fingerprints as its argument. Use the "
5225 "@command{LISTKEYS} command (@pxref{LISTKEYS}) to show key information by "
5226 "pattern. The @option{--sign-keyid} option may also be used to sign the data "
5227 "file with an alternate key by specifying the fingerprint of a signing key. "
5228 "Only one signing key is supported unlike the @option{--keyid} option. "
5229 "A passphrase to decrypt the data file "
5230 "will be required when one or more of the original encryption keys or signing "
5231 "key are not found in either of these two options' arguments or when the data "
5232 "file is symmetrically encrypted reguardless of the @code{require_save_key} "
5233 "configuration parameter. The original encryption keys and signing key will be "
5234 "used when neither of these options are specified."
5236 "The @option{--keyid} and @option{--sign-keyid} options are not available "
5237 "to non-invoking clients "
5238 "(@pxref{Access Control}) when the recipients or signer do not match those "
5239 "that were used when the file was @code{OPEN}'ed."
5241 "The @option{--symmetric} option specifies that a new data file be "
5242 "conventionally encrypted. These types of data files do not use a recipient "
5243 "public key but may optionally be signed by using the @option{--sign-keyid} "
5244 "option. To remove the signing key from a symmtrically encrypted data file, "
5245 "leave the option value empty."
5247 "Note that you cannot change encryption schemes once a data file has been "
5251 new_command("ISCACHED", 1, 0, 0, iscached_command
, _(
5252 "ISCACHED [--lock] [--agent [--sign]] <filename>\n" /* Testing cache status. */
5253 "Determines the file cache status of the specified @var{filename}. "
5254 "The default is to test whether the filename is cached in memory. Passing "
5255 "option @option{--agent} will test the @command{gpg-agent} cache for at most "
5256 "one cached key used for opening the data file (@pxref{OPEN}). To test if "
5257 "a signing key is cached, pass @option{--sign} along with @option{--agent}. "
5258 "Both the @option{--agent} and @option{--sign} options require an opened data "
5261 "An @emph{OK} response is returned if the specified @var{filename} is found "
5262 "in the cache. If not found in the cache but exists on the filesystem "
5263 "then @code{GPG_ERR_NO_DATA} is returned. Otherwise a filesystem error is "
5266 "The @option{--lock} option will lock the file mutex of @var{filename} when "
5267 "the file exists; it does not need to be opened nor cached. The lock will be "
5268 "released when the client exits or sends the @code{UNLOCK} command "
5269 "(@pxref{UNLOCK}). When this option is passed the current data file is closed."
5272 new_command("CLEARCACHE", 1, 1, 0, clearcache_command
, _(
5273 "CLEARCACHE [<filename>]\n" /* Removing a cache entry. */
5274 "Clears a file cache entry for all or the specified @var{filename}. Note that "
5275 "this will also clear any @command{gpg-agent} cached keys which may cause "
5276 "problems if another data file shares the same keys as @var{filename}."
5278 "When clearing all cache entries a permissions test is done against the "
5279 "current client based on the @var{allowed} configuration parameter in a "
5280 "@var{filename} section. Both a cache entry may be cleared and an error "
5281 "returned depending on cached data files and client permissions."
5284 new_command("CACHETIMEOUT", 1, 1, 0, cachetimeout_command
, _(
5285 "CACHETIMEOUT <seconds>\n" /* Setting the cache timeout. */
5286 "The time in @var{seconds} until the currently opened data file will be "
5287 "removed from the cache. @code{-1} will keep the cache entry forever, "
5288 "@code{0} will require the passphrase for each @code{OPEN} command "
5289 "(@pxref{OPEN}) or @code{SAVE} (@pxref{SAVE}) command. @xref{Configuration}, "
5290 "and the @code{cache_timeout} parameter."
5293 new_command("LIST", 0, 1, 0, list_command
, _(
5294 "LIST [--inquire] [--recurse] [element[<TAB>child[..]]]\n" /* Showing document elements. */
5295 "If no element path is given then a newline separated list of root elements "
5296 "is returned with a data response. If given, then children of the specified "
5297 "element path are returned."
5299 "Each element path "
5300 "returned will have zero or more flags appened to it. These flags are "
5301 "delimited from the element path by a single space character. A flag itself "
5302 "is a single character. Flag @code{P} indicates that access to the element "
5303 "is denied. Flag @code{+} indicates that there are child nodes of "
5304 "the current element path. Flag @code{E} indicates that an element of the "
5305 "element path contained in a @var{target} attribute could not be found. Flag "
5306 "@code{O} indicates that a @var{target} attribute recursion limit was reached "
5307 "(@pxref{Configuration}). Flag @code{T}, followed by a single space character, "
5308 "then an element path, is the element path of the @var{target} attribute "
5309 "contained in the current element."
5311 "When a specified element path contains an error, beit from the final "
5312 "element in the path or any previous element, the path is still shown but "
5313 "will contain the error flag for the element with the error. Determining "
5314 "the actual element which contains the error is up to the client. This can be "
5315 "done by traversing the final element up to parent elements that contain the "
5318 "The option @option{--recurse} may be used to list the entire element tree "
5319 "for a specified element path or the entire tree for all root elements."
5321 "When the @option{--inquire} option is passed then all remaining non-option "
5322 "arguments are retrieved via a server @emph{INQUIRE}."
5325 new_command("REALPATH", 0, 1, 0, realpath_command
, _(
5326 "REALPATH [--inquire] element[<TAB>child[..]]\n" /* Resolving an element. */
5327 "Resolves all @code{target} attributes of the specified element path and "
5328 "returns the result with a data response. @xref{Target Attribute}, for details."
5330 "When the @option{--inquire} option is passed then all remaining non-option "
5331 "arguments are retrieved via a server @emph{INQUIRE}."
5334 new_command("STORE", 0, 1, 0, store_command
, _(
5335 "STORE element[<TAB>child[..]]<TAB>[content]\n" /* Modifying the content of an element. */
5336 "This command uses a server @emph{INQUIRE} to retrieve data from the client."
5338 "Creates a new element path or modifies the @var{content} of an existing "
5339 "element. If only a single element is specified then a new root element is "
5340 "created. Otherwise, elements are @key{TAB} delimited and the content will be "
5341 "set to the final @key{TAB} delimited element. If no @var{content} is "
5342 "specified after the final @key{TAB}, then the content of the existing "
5343 "element will be removed; or will be empty if creating a new element."
5345 "The only restriction of an element name is that it not contain whitespace "
5346 "characters. There is no other whitespace between the @key{TAB} delimited "
5347 "elements. It is recommended that the content of an element be base64 encoded "
5348 "when it contains control or @key{TAB} characters to prevent @abbr{XML} "
5349 "parsing and @command{pwmd} syntax errors."
5352 new_command("RENAME", 0, 1, 0, rename_command
, _(
5353 "RENAME [--inquire] element[<TAB>child[..]] <value>\n" /* Renaming an element. */
5354 "Renames the specified @var{element} to the new @var{value}. If an element of "
5355 "the same name as the @var{value} already exists it will be overwritten."
5357 "When the @option{--inquire} option is passed then all remaining non-option "
5358 "arguments are retrieved via a server @emph{INQUIRE}."
5361 new_command("COPY", 0, 1, 0, copy_command
, _(
5362 "COPY [--inquire] source[<TAB>child[..]] dest[<TAB>child[..]]\n" /* Copying an element. */
5363 "Copies the entire element tree starting from the child node of the source "
5364 "element, to the destination element path. If the destination element path "
5365 "does not exist then it will be created; otherwise it is overwritten."
5367 "Note that attributes from the source element are merged into the "
5368 "destination element when the destination element path exists. When an "
5369 "attribute of the same name exists in both the source and destination "
5370 "elements then the destination attribute will be updated to the source "
5373 "When the @option{--inquire} option is passed then all remaining non-option "
5374 "arguments are retrieved via a server @emph{INQUIRE}."
5377 new_command("MOVE", 0, 1, 0, move_command
, _(
5378 "MOVE [--inquire] source[<TAB>child[..]] [dest[<TAB>child[..]]]\n" /* Moving an element. */
5379 "Moves the source element path to the destination element path. If the "
5380 "destination is not specified then it will be moved to the root node of the "
5381 "document. If the destination is specified and exists then it will be "
5382 "overwritten; otherwise non-existing elements of the destination element "
5383 "path will be created."
5385 "When the @option{--inquire} option is passed then all remaining non-option "
5386 "arguments are retrieved via a server @emph{INQUIRE}."
5389 new_command("DELETE", 0, 1, 0, delete_command
, _(
5390 "DELETE [--inquire] element[<TAB>child[..]]\n" /* Deleting an element. */
5391 "Removes the specified element path and all of its children. This may break "
5392 "an element with a @code{target} attribute (@pxref{Target Attribute}) that "
5393 "refers to this element or any of its children."
5395 "When the @option{--inquire} option is passed then all remaining non-option "
5396 "arguments are retrieved via a server @emph{INQUIRE}."
5399 new_command("GET", 0, 1, 0, get_command
, _(
5400 "GET [--inquire] element[<TAB>child[..]]\n" /* Getting the content of an element. */
5401 "Retrieves the content of the specified element. The content is returned "
5402 "with a data response."
5404 "When the @option{--inquire} option is passed then all remaining non-option "
5405 "arguments are retrieved via a server @emph{INQUIRE}."
5408 new_command("ATTR", 0, 1, 0, attr_command
, _(
5409 "ATTR [--inquire] SET|GET|DELETE|LIST [<attribute>] element[<TAB>child[..]] ..\n" /* Modifying element attributes. */
5411 "@item ATTR SET attribute element[<TAB>child[..]] [value]\n"
5412 " Stores or updates an @var{attribute} name and optional @var{value} of an "
5413 "element. When no @var{value} is specified any existing value will be removed."
5415 "@item ATTR DELETE attribute element[<TAB>child[..]]\n"
5416 " Removes an attribute from an element. If @var{attribute} is @code{_name} "
5417 "or @code{target} an error is returned. Use the @command{DELETE} command "
5418 "(@pxref{DELETE}) instead."
5420 "@item ATTR LIST element[<TAB>child[..]]\n"
5421 " Retrieves a newline separated list of attributes names and values "
5422 "from the specified element. Each attribute name and value is space delimited."
5424 "@item ATTR GET attribute element[<TAB>child[..]]\n"
5425 " Retrieves the value of an @var{attribute} from an element."
5428 "When the @option{--inquire} option is passed then all remaining non-option "
5429 "arguments are retrieved via a server @emph{INQUIRE}."
5431 "@xref{Target Attribute}, for details about this special attribute and also "
5432 "@pxref{Other Attributes} for other attributes that are handled specially "
5433 "by @command{pwmd}."
5436 new_command("XPATH", 0, 1, 0, xpath_command
, _(
5437 "XPATH [--inquire] <expression>[<TAB>[value]]\n" /* Modifying more than one element. */
5438 "Evaluates an XPath @var{expression}. If no @var{value} argument is "
5439 "specified it is assumed the expression is a request to return a result. "
5440 "Otherwise, the result is set to the @var{value} argument and the document is "
5441 "updated. If there is no @var{value} after the @key{TAB} character, the value "
5442 "is assumed to be empty and the document is updated. For example:"
5445 "XPATH //element[@@_name='password']@key{TAB}\n"
5448 "would clear the content of all @var{password} elements in the data file "
5449 "while leaving off the trailing @key{TAB} would return all @var{password} "
5450 "elements in @abbr{XML} format."
5452 "When the @option{--inquire} option is passed then all remaining non-option "
5453 "arguments are retrieved via a server @emph{INQUIRE}."
5455 "See @url{http://www.w3schools.com/xpath/xpath_syntax.asp} for @abbr{XPATH} "
5456 "expression syntax."
5459 new_command("XPATHATTR", 0, 1, 0, xpathattr_command
, _(
5460 "XPATHATTR [--inquire] SET|DELETE <name> <expression>[<TAB>[<value>]]\n" /* Modifying more than one element's attributes. */
5461 "Like the @code{XPATH} command (@pxref{XPATH}) but operates on element "
5462 "attributes and does not return a result. For the @var{SET} operation the "
5463 "@var{value} is optional but the field is required. If not specified then "
5464 "the attribute value will be empty. For example:"
5467 "XPATHATTR SET password //element[@@_name='password']@key{TAB}\n"
5470 "would create a @var{password} attribute for each @var{password} element "
5471 "found in the document. The attribute value will be empty but still exist."
5473 "When the @option{--inquire} option is passed then all remaining non-option "
5474 "arguments are retrieved via a server @emph{INQUIRE}."
5476 "See @url{http://www.w3schools.com/xpath/xpath_syntax.asp} for @abbr{XPATH} "
5477 "expression syntax."
5480 new_command("IMPORT", 0, 1, 0, import_command
, _(
5481 "IMPORT [--root=element[<TAB>child[..]]]\n" /* Creating elements from XML. */
5482 "This command uses a server @emph{INQUIRE} to retrieve data from the client."
5484 "Like the @code{STORE} command (@pxref{STORE}), but the @var{content} "
5485 "argument is raw @abbr{XML} data. The content is created as a child of "
5486 "the element path specified with the @option{--root} option or at the "
5487 "document root when not specified. Existing elements of the same name will "
5490 "The content must begin with an @abbr{XML} element node. @xref{Introduction}, "
5494 new_command("DUMP", 1, 1, 0, dump_command
, _(
5495 "DUMP\n" /* Showing the XML document. */
5496 "Shows the in memory @abbr{XML} document with indenting. @xref{XPATH}, for "
5497 "dumping a specific node."
5500 new_command("LOCK", 0, 0, 0, lock_command
, _(
5501 "LOCK\n" /* Locking the current data file. */
5502 "Locks the mutex associated with the opened file. This prevents other clients "
5503 "from sending commands to the same opened file until the client "
5504 "that sent this command either disconnects or sends the @code{UNLOCK} "
5505 "command. @xref{UNLOCK}."
5508 new_command("UNLOCK", 1, 0, 0, unlock_command
, _(
5509 "UNLOCK\n" /* Removing a data file lock. */
5510 "Unlocks the file mutex which was locked with the @code{LOCK} command or "
5511 "a commands' @option{--lock} option (@pxref{LOCK}, @pxref{OPEN}, "
5512 "@pxref{ISCACHED})."
5515 new_command("GETCONFIG", 1, 1, 0, getconfig_command
, _(
5516 "GETCONFIG [filename] <parameter>\n" /* Obtaining a configuration value. */
5517 "Returns the value of a @command{pwmd} configuration @var{parameter} with a "
5518 "data response. If no file has been opened then the value for @var{filename} "
5519 "or the default from the @var{global} section will be returned. If a file "
5520 "has been opened and no @var{filename} is specified, the value previously "
5521 "set with the @code{OPTION} command (@pxref{OPTION}) will be returned."
5524 new_command("OPTION", 1, 1, 0, option_command
, _(
5525 "OPTION <NAME>=[<VALUE>]\n" /* Setting various client parameters. */
5526 "Sets a client option @var{name} to @var{value}. The value for an option is "
5527 "kept for the duration of the connection with the exception of the "
5528 "@command{pinentry} options which are defaults for all future connections "
5529 "(@pxref{Pinentry}). When @var{value} is empty the option is unset."
5532 "@item DISABLE-PINENTRY\n"
5533 "Disable use of @command{pinentry} for passphrase retrieval. When @code{1}, a "
5534 "server inquire is sent to the client to obtain the passphrase. This option "
5535 "may be set as needed before the @code{OPEN} (@pxref{OPEN}), @code{PASSWD} "
5536 "(@pxref{PASSWD}) and @code{SAVE} (@pxref{SAVE}) commands. Set to @code{0} "
5537 "to use a @command{pinentry}."
5540 "Set or unset the X11 display to use when prompting for a passphrase."
5543 "Set the terminal device path to use when prompting for a passphrase."
5546 "Set the terminal type for use with @option{TTYNAME}."
5549 "Associates the thread ID of the connection with the specified textual "
5550 "representation. Useful for debugging log messages. May not contain whitespace."
5552 "@item LOCK-TIMEOUT\n"
5553 "When not @code{0}, the duration in tenths of a second to wait for the file "
5554 "mutex which has been locked by another thread to be released before returning "
5555 "an error. When @code{-1} the error will be returned immediately."
5557 "@item CLIENT-STATE\n"
5558 "When set to @code{1} then client state status messages for other clients are "
5559 "sent to the current client. The default is @code{0}."
5563 new_command("LS", 1, 1, 0, ls_command
, _(
5564 "LS [--verbose]\n" /* Showing available data files. */
5565 "Returns a newline separated list of data files stored in the data directory "
5566 "@file{HOMEDIR/data} (@pxref{Invoking}) with a data response. When the "
5567 "@var{--verbose} option is passed, the space-separated filesystem inode "
5568 "access, modification and change times are appended to the line."
5571 new_command("BULK", 1, 1, 0, bulk_command
, _(
5572 "BULK\n" /* Run a series of commands in sequence. */
5573 "Inquire a semi-canonical s-expression representing a series of protocol "
5574 "commands to be run in seqeunce (@pxref{Bulk Commands}). Returns a canonical "
5575 "s-expression containing each commands id, return value and result data "
5579 new_command("RESET", 1, 1, 0, NULL
, _(
5580 "RESET\n" /* Resetting the client state. */
5581 "Closes the currently opened file but keeps any previously set client options "
5585 new_command("NOP", 1, 1, 0, nop_command
, _(
5586 "NOP\n" /* Testing the connection. */
5587 "This command does nothing. It is useful for testing the connection for a "
5588 "timeout condition."
5591 /* !END-HELP-TEXT! */
5592 new_command ("CANCEL", 1, 1, 0, NULL
, NULL
);
5593 new_command ("END", 1, 1, 0, NULL
, NULL
);
5594 new_command ("BYE", 1, 1, 0, NULL
, NULL
);
5597 for (i
= 0; command_table
[i
]; i
++);
5598 qsort (command_table
, i
- 1, sizeof (struct command_table_s
*),
5603 register_commands (assuan_context_t ctx
)
5607 for (; command_table
[i
]; i
++)
5609 if (!command_table
[i
]->handler
)
5612 rc
= assuan_register_command (ctx
, command_table
[i
]->name
,
5613 command_table
[i
]->handler
,
5614 command_table
[i
]->help
);
5619 rc
= assuan_register_bye_notify (ctx
, bye_notify
);
5623 rc
= assuan_register_reset_notify (ctx
, reset_notify
);
5627 rc
= assuan_register_pre_cmd_notify (ctx
, command_startup
);
5631 return assuan_register_post_cmd_notify (ctx
, command_finalize
);