search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Don't create any elements of an element path that contains an
[pwmd.git] / src / commands.c
blob50de7a78c58886d5aaf2d3fc47d75e19b46d954a
1 /* vim:tw=78:ts=8:sw=4:set ft=c: */
2 /*
3 Copyright (C) 2006-2007 Ben Kibbey <bjk@luxsci.net>
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
9
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with this program; if not, write to the Free Software
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <unistd.h>
22 #include <err.h>
23 #include <errno.h>
24 #include <sys/types.h>
25 #include <sys/stat.h>
26 #include <fcntl.h>
27 #include <ctype.h>
28 #include <glib.h>
29 #include <glib/gprintf.h>
30 #include <gcrypt.h>
31
32 #ifdef HAVE_CONFIG_H
33 #include <config.h>
34 #endif
35
36 #ifdef HAVE_ZLIB_H
37 #include <zlib.h>
38 #endif
39
40 #ifndef MEM_DEBUG
41 #include "mem.h"
42 #endif
43
44 #include "xml.h"
45 #include "common.h"
46 #include "pwmd_error.h"
47 #include "cache.h"
48 #include "commands.h"
49
50 static void *z_alloc(void *data, unsigned items, unsigned size)
51 {
52 #ifndef MEM_DEBUG
53 return gcry_calloc(items, size);
54 #else
55 return calloc(items, size);
56 #endif
57 }
58
59 static void z_free(void *data, void *p)
60 {
61 #ifndef MEM_DEBUG
62 gcry_free(p);
63 #else
64 free(p);
65 #endif
66 }
67
68 static gpg_error_t file_modified(struct client_s *client)
69 {
70 struct stat st;
71
72 if (client->state != STATE_OPEN)
73 return EPWMD_NO_FILE;
74
75 if (stat(client->filename, &st) == 0 && client->mtime) {
76 if (client->mtime != st.st_mtime)
77 return EPWMD_FILE_MODIFIED;
78 }
79
80 return 0;
81 }
82
83 static gboolean encrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
84 void *inbuf, gsize insize)
85 {
86 gpg_error_t rc;
87
88 if ((rc = gcry_cipher_encrypt(gh, outbuf, outsize, inbuf, insize))) {
89 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
90 return FALSE;
91 }
92
93 return TRUE;
94 }
95
96 gpg_error_t decrypt_xml(gcry_cipher_hd_t gh, void *outbuf, gsize outsize,
97 void *inbuf, gsize insize)
98 {
99 gpg_error_t rc;
100
101 if ((rc = gcry_cipher_decrypt(gh, outbuf, outsize, inbuf, insize)))
102 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
103
104 return rc;
105 }
106
107 static gpg_error_t parse_xml(assuan_context_t ctx)
108 {
109 struct client_s *client = assuan_get_pointer(ctx);
110
111 client->doc = xmlReadMemory(client->xml, client->len, NULL, "UTF-8", XML_PARSE_NOBLANKS);
112
113 if (!client->doc)
114 return EPWMD_LIBXML_ERROR;
115
116 return 0;
117 }
118
119 gboolean valid_filename(const gchar *filename)
120 {
121 const gchar *p;
122
123 if (!filename || !*filename)
124 return FALSE;
125
126 for (p = filename; *p; p++) {
127 if (g_ascii_isalnum(*p) == FALSE && *p != '-' && *p != '_' && *p != '.')
128 return FALSE;
129 }
130
131 return TRUE;
132 }
133
134 gint open_file(const gchar *filename, struct stat *st)
135 {
136 gint fd;
137
138 if ((fd = open(filename, O_RDONLY)) == -1)
139 return -1;
140
141 if (stat(filename, st) == -1) {
142 close(fd);
143 return -1;
144 }
145
146 return fd;
147 }
148
149 void unlock_file_mutex(struct client_s *client)
150 {
151 pth_mutex_t *m;
152
153 if (client->has_lock == FALSE)
154 return;
155
156 CACHE_LOCK(client->ctx);
157
158 if (cache_get_mutex(client->md5file, &m) == FALSE) {
159 CACHE_UNLOCK;
160 return;
161 }
162
163 CACHE_UNLOCK;
164 pth_mutex_release(m);
165 client->has_lock = FALSE;
166 }
167
168 gpg_error_t lock_file_mutex(struct client_s *client)
169 {
170 pth_mutex_t *m;
171
172 if (client->has_lock == TRUE)
173 return 0;
174
175 CACHE_LOCK(client->ctx);
176
177 if (cache_get_mutex(client->md5file, &m) == FALSE) {
178 CACHE_UNLOCK;
179 return 0;
180 }
181
182 CACHE_UNLOCK;
183
184 if (pth_mutex_acquire(m, TRUE, NULL) == FALSE) {
185 if (errno == EBUSY) {
186 if (client->ctx)
187 assuan_write_status(client->ctx, "LOCKED", N_("Waiting for lock"));
188
189 pth_mutex_acquire(m, FALSE, NULL);
190 }
191 else {
192 gint e = errno;
193 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(errno));
194 return gpg_error_from_errno(e);
195 }
196 }
197
198 client->has_lock = TRUE;
199 return 0;
200 }
201
202 static void cleanup_client(struct client_s *client)
203 {
204 assuan_context_t ctx = client->ctx;
205
206 unlock_file_mutex(client);
207 CACHE_LOCK(client->ctx);
208 cache_decr_refcount(client->md5file);
209
210 /*
211 * This may be a new file so don't use a cache slot. save_command() will
212 * set this to FALSE on success.
213 */
214 if (client->new == TRUE)
215 cache_clear(client->md5file, 1);
216
217 if (client->doc)
218 xmlFreeDoc(client->doc);
219
220 if (client->xml)
221 gcry_free(client->xml);
222
223 if (client->filename)
224 g_free(client->filename);
225
226 if (client->gh)
227 gcry_cipher_close(client->gh);
228
229 memset(client, 0, sizeof(struct client_s));
230 client->state = STATE_CONNECTED;
231 client->ctx = ctx;
232 client->freed = TRUE;
233 CACHE_UNLOCK;
234 }
235
236 static gchar *print_fmt(const char *fmt, ...)
237 {
238 va_list ap;
239 static gchar buf[ASSUAN_LINELENGTH] = {0};
240
241 va_start(ap, fmt);
242 vsnprintf(buf, sizeof(buf), fmt, ap);
243 va_end(ap);
244 return buf;
245 }
246
247 gboolean do_decompress(assuan_context_t ctx, gpointer in, gint insize,
248 gpointer *out, glong *outsize, gint *error)
249 {
250 z_stream z;
251 gint ret;
252 gpointer pout;
253 gz_header h;
254 gchar buf[17];
255 gpg_error_t rc;
256
257 z.zalloc = z_alloc;
258 z.zfree = z_free;
259 z.next_in = in;
260 z.avail_in = insize;
261 z.avail_out = zlib_bufsize;
262 z.next_out = pout = g_malloc(zlib_bufsize);
263
264 if (!pout) {
265 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
266 *error = Z_MEM_ERROR;
267 return FALSE;
268 }
269
270 ret = inflateInit2(&z, 47);
271
272 if (ret != Z_OK) {
273 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
274 g_free(pout);
275 return FALSE;
276 }
277
278 memset(&h, 0, sizeof(gz_header));
279 h.comment = (guchar *)buf;
280 h.comm_max = sizeof(buf);
281 ret = inflateGetHeader(&z, &h);
282
283 if (ret != Z_OK) {
284 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
285 g_free(pout);
286 inflateEnd(&z);
287 return FALSE;
288 }
289
290 ret = inflate(&z, Z_BLOCK);
291
292 if (ret != Z_OK) {
293 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
294 g_free(pout);
295 inflateEnd(&z);
296 return FALSE;
297 }
298
299 if (h.comment)
300 insize = atoi((gchar *)h.comment);
301
302 do {
303 gpointer p;
304
305 ret = inflate(&z, Z_FINISH);
306
307 switch (ret) {
308 case Z_OK:
309 break;
310 case Z_BUF_ERROR:
311 if (!z.avail_out) {
312 p = g_realloc(pout, z.total_out + zlib_bufsize);
313
314 if (!p) {
315 ret = Z_MEM_ERROR;
316 goto fail;
317 }
318
319 pout = p;
320 z.next_out = pout + z.total_out;
321 z.avail_out = zlib_bufsize;
322
323 if (ctx) {
324 rc = assuan_write_status(ctx, "DECOMPRESS",
325 print_fmt("%i %i", z.total_out, insize));
326
327 if (rc) {
328 ret = rc;
329 goto fail;
330 }
331 }
332 }
333 break;
334 case Z_STREAM_END:
335 break;
336 default:
337 goto fail;
338 break;
339 }
340
341 pth_yield(NULL);
342 } while (ret != Z_STREAM_END);
343
344 if (ctx) {
345 rc = assuan_write_status(ctx, "DECOMPRESS",
346 print_fmt("%i %i", z.total_out, insize));
347
348 if (rc) {
349 ret = rc;
350 goto fail;
351 }
352 }
353
354 *out = pout;
355 *outsize = z.total_out;
356 inflateEnd(&z);
357 return TRUE;
358
359 fail:
360 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
361 *error = ret;
362 g_free(pout);
363 inflateEnd(&z);
364 return FALSE;
365 }
366
367 static int open_command(assuan_context_t ctx, char *line)
368 {
369 gint fd;
370 struct stat st;
371 guchar shakey[gcrykeysize];
372 gint cached = 0;
373 gint timeout;
374 gpg_error_t error;
375 struct client_s *client = assuan_get_pointer(ctx);
376 gchar **req;
377 gchar *filename = NULL;
378
379 if ((req = split_input_line(line, " ", 2)) != NULL)
380 filename = req[0];
381
382 if (!filename || !*filename) {
383 g_strfreev(req);
384 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
385 }
386
387 if (valid_filename(filename) == FALSE) {
388 g_strfreev(req);
389 return send_error(ctx, EPWMD_INVALID_FILENAME);
390 }
391
392 if (client->state == STATE_OPEN)
393 cleanup_client(client);
394
395 gcry_md_hash_buffer(GCRY_MD_MD5, client->md5file, filename, strlen(filename));
396 CACHE_LOCK(client->ctx);
397
398 if (cache_has_file(client->md5file) == FALSE) {
399 if (cache_add_file(client->md5file, NULL) == FALSE) {
400 g_strfreev(req);
401 CACHE_UNLOCK;
402 return send_error(ctx, EPWMD_MAX_SLOTS);
403 }
404 }
405
406 cache_incr_refcount(client->md5file);
407 CACHE_UNLOCK;
408 error = lock_file_mutex(client);
409
410 if (error) {
411 g_strfreev(req);
412 return send_error(ctx, error);
413 }
414
415 client->freed = FALSE;
416
417 if ((error = gcry_cipher_open(&client->gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0))) {
418 g_strfreev(req);
419 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
420 cleanup_client(client);
421 return send_error(ctx, error);
422 }
423
424 if (stat(filename, &st) == 0) {
425 if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
426 log_write("%s: %s", filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
427 g_strfreev(req);
428 cleanup_client(client);
429 return send_error(ctx, EPWMD_INVALID_FILENAME);
430 }
431
432 client->mtime = st.st_mtime;
433 }
434
435 /*
436 * New files don't need a key.
437 */
438 if (access(filename, R_OK|W_OK) != 0) {
439 if (errno != ENOENT) {
440 error = errno;
441 log_write("%s: %s", filename, strerror(errno));
442 g_strfreev(req);
443 cleanup_client(client);
444 return send_syserror(ctx, error);
445 }
446 new_doc:
447 if ((client->xml = new_document()) == NULL) {
448 log_write("%s", strerror(ENOMEM));
449 g_strfreev(req);
450 cleanup_client(client);
451 return send_syserror(ctx, ENOMEM);
452 }
453
454 client->len = xmlStrlen(client->xml);
455 client->new = TRUE;
456 client->filename = g_strdup(filename);
457
458 if (!client->filename) {
459 g_strfreev(req);
460 cleanup_client(client);
461 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
462 return send_syserror(ctx, ENOMEM);
463 }
464
465 if (req[1] && *req[1]) {
466 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
467 memset(req[1], 0, strlen(req[1]));
468 goto update_cache;
469 }
470
471 goto done;
472 }
473
474 if ((fd = open_file(filename, &st)) == -1) {
475 error = errno;
476 log_write("%s: %s", filename, strerror(errno));
477 g_strfreev(req);
478 cleanup_client(client);
479 return send_syserror(ctx, error);
480 }
481
482 if (st.st_size == 0)
483 goto new_doc;
484
485 CACHE_LOCK(client->ctx);
486
487 if (cache_get_key(client->md5file, shakey) == TRUE)
488 cached = 1;
489 else {
490 /*
491 * No key specified and no matching filename found in the cache.
492 */
493 if (!req[1] || !*req[1]) {
494 close(fd);
495 g_strfreev(req);
496 cleanup_client(client);
497 CACHE_UNLOCK;
498 return send_error(ctx, EPWMD_KEY);
499 }
500 }
501
502 CACHE_UNLOCK;
503
504 if (!cached) {
505 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, req[1], strlen(req[1]));
506 memset(req[1], 0, strlen(req[1]));
507 }
508
509 error = try_xml_decrypt(ctx, fd, st, shakey);
510
511 if (error) {
512 close(fd);
513 memset(shakey, 0, sizeof(shakey));
514 g_strfreev(req);
515 cleanup_client(client);
516 return send_error(ctx, error);
517 }
518
519 close(fd);
520 client->filename = g_strdup(filename);
521
522 if (!client->filename) {
523 memset(shakey, 0, sizeof(shakey));
524 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(ENOMEM));
525 g_strfreev(req);
526 cleanup_client(client);
527 return send_syserror(ctx, ENOMEM);
528 }
529
530 update_cache:
531 CACHE_LOCK(client->ctx);
532
533 if (!cached) {
534 if (cache_update_key(client->md5file, shakey) == FALSE) {
535 memset(shakey, 0, sizeof(shakey));
536 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
537 g_strfreev(req);
538 cleanup_client(client);
539 CACHE_UNLOCK;
540 return send_error(ctx, EPWMD_MAX_SLOTS);
541 }
542
543 timeout = get_key_file_integer(client->filename, "cache_timeout");
544 cache_reset_timeout(client->md5file, timeout);
545 }
546 else
547 cache_set_timeout(client->md5file, -2);
548
549 CACHE_UNLOCK;
550 memset(shakey, 0, sizeof(shakey));
551
552 done:
553 g_strfreev(req);
554 error = parse_xml(ctx);
555
556 if (client->xml) {
557 gcry_free(client->xml);
558 client->xml = NULL;
559 }
560
561 if (error == 0) {
562 if (client->new == FALSE)
563 send_cache_status_all();
564
565 client->state = STATE_OPEN;
566 }
567
568 return send_error(ctx, error);
569 }
570
571 gboolean do_compress(assuan_context_t ctx, gint level, gpointer data,
572 gint size, gpointer *out, glong *outsize, gint *error)
573 {
574 z_stream z;
575 gpointer pout, pin;
576 gint ret;
577 gz_header h;
578 gchar buf[17];
579 gint cmd = Z_NO_FLUSH;
580 gpg_error_t rc;
581
582 z.zalloc = z_alloc;
583 z.zfree = z_free;
584 z.next_in = pin = data;
585 z.avail_in = size < zlib_bufsize ? size : zlib_bufsize;
586 z.avail_out = zlib_bufsize;
587 z.next_out = pout = g_malloc(zlib_bufsize);
588
589 if (!pout) {
590 log_write("%s(%i): %s", __FUNCTION__, __LINE__, strerror(ENOMEM));
591 *error = Z_MEM_ERROR;
592 return FALSE;
593 }
594
595 ret = deflateInit2(&z, level, Z_DEFLATED, 31, 8, Z_DEFAULT_STRATEGY);
596
597 if (ret != Z_OK) {
598 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
599 *error = ret;
600 g_free(pout);
601 return FALSE;
602 }
603
604 memset(&h, 0, sizeof(gz_header));
605 snprintf(buf, sizeof(buf), "%i", size);
606 h.comment = (guchar *)buf;
607 ret = deflateSetHeader(&z, &h);
608
609 if (ret != Z_OK) {
610 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
611 *error = ret;
612 g_free(pout);
613 deflateEnd(&z);
614 return FALSE;
615 }
616
617 do {
618 gpointer p;
619
620 ret = deflate(&z, cmd);
621
622 switch (ret) {
623 case Z_OK:
624 break;
625 case Z_BUF_ERROR:
626 if (!z.avail_out) {
627 p = g_realloc(pout, z.total_out + zlib_bufsize);
628
629 if (!p) {
630 ret = Z_MEM_ERROR;
631 goto fail;
632 }
633
634 pout = p;
635 z.next_out = pout + z.total_out;
636 z.avail_out = zlib_bufsize;
637 }
638
639 if (!z.avail_in && z.total_in < size) {
640 if (z.total_in + zlib_bufsize > size)
641 z.avail_in = size - z.total_in;
642 else
643 z.avail_in = zlib_bufsize;
644
645 if (ctx) {
646 rc = assuan_write_status(ctx, "COMPRESS",
647 print_fmt("%i %i", z.total_in, size));
648
649 if (rc) {
650 ret = rc;
651 goto fail;
652 }
653 }
654 }
655
656 if (z.total_in >= size)
657 cmd = Z_FINISH;
658
659 break;
660 case Z_STREAM_END:
661 break;
662 default:
663 goto fail;
664 }
665
666 pth_yield(NULL);
667 } while (ret != Z_STREAM_END);
668
669 if (ctx) {
670 rc = assuan_write_status(ctx, "COMPRESS",
671 print_fmt("%i %i", z.total_in, size));
672
673 if (rc) {
674 ret = rc;
675 goto fail;
676 }
677 }
678
679 *out = pout;
680 *outsize = z.total_out;
681 deflateEnd(&z);
682 return TRUE;
683
684 fail:
685 log_write("%s(%i): %s", __FUNCTION__, __LINE__, z.msg);
686 *error = ret;
687 g_free(pout);
688 deflateEnd(&z);
689 return FALSE;
690 }
691
692 gpg_error_t do_xml_encrypt(struct client_s *client, gcry_cipher_hd_t gh,
693 const gchar *filename, gpointer data, size_t insize,
694 const guchar *shakey, guint iter)
695 {
696 gsize len = insize;
697 gint fd;
698 gpointer inbuf;
699 guchar tkey[gcrykeysize];
700 gchar *p;
701 gint error;
702 gpg_error_t rc;
703 guint iter_progress = 0, n_iter = 0, xiter = 0;
704 gchar tmp[FILENAME_MAX];
705 struct file_header_s {
706 guint iter;
707 guchar iv[gcryblocksize];
708 } file_header;
709
710 if (insize / gcryblocksize) {
711 len = (insize / gcryblocksize) * gcryblocksize;
712
713 if (insize % gcryblocksize)
714 len += gcryblocksize;
715 }
716
717 /*
718 * Resize the existing xml buffer to the block size required by gcrypt
719 * rather than duplicating it and wasting memory.
720 */
721 inbuf = gcry_realloc(data, len);
722
723 if (!inbuf)
724 return gpg_error_from_errno(ENOMEM);
725
726 insize = len;
727 gcry_create_nonce(file_header.iv, sizeof(file_header.iv));
728 memcpy(tkey, shakey, sizeof(tkey));
729 tkey[0] ^= 1;
730
731 if ((rc = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
732 gcry_free(inbuf);
733 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
734 return rc;
735 }
736
737 file_header.iter = iter;
738
739 if (client)
740 iter_progress = get_key_file_integer("default", "iteration_progress");
741
742 if (client && iter_progress && file_header.iter >= iter_progress) {
743 error = assuan_write_status(client->ctx, "ENCRYPT", "0");
744
745 if (error) {
746 gcry_free(inbuf);
747 return error;
748 }
749 }
750
751 while (xiter < file_header.iter) {
752 if (client && iter_progress > 0 && xiter >= iter_progress) {
753 if (!(xiter % iter_progress)) {
754 error = assuan_write_status(client->ctx, "ENCRYPT", print_fmt("%i",
755 ++n_iter * iter_progress));
756
757 if (error) {
758 gcry_free(inbuf);
759 return error;
760 }
761 }
762 }
763
764 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
765 sizeof(file_header.iv)))) {
766 gcry_free(inbuf);
767 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
768 return rc;
769 }
770
771 if (encrypt_xml(gh, inbuf, insize, NULL, 0)
772 == FALSE) {
773 gcry_free(inbuf);
774 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
775 return rc;
776 }
777
778 xiter++;
779 pth_yield(NULL);
780 }
781
782 if ((rc = gcry_cipher_setiv(gh, file_header.iv,
783 sizeof(file_header.iv)))) {
784 gcry_free(inbuf);
785 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
786 return rc;
787 }
788
789 if ((rc = gcry_cipher_setkey(gh, shakey, gcrykeysize))) {
790 gcry_free(inbuf);
791 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
792 return rc;
793 }
794
795 if (encrypt_xml(gh, inbuf, insize, NULL, 0) == FALSE) {
796 gcry_free(inbuf);
797 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(rc));
798 return rc;
799 }
800
801 if (client && iter_progress && file_header.iter >= iter_progress) {
802 error = assuan_write_status(client->ctx, "ENCRYPT",
803 print_fmt("%i", file_header.iter));
804
805 if (error) {
806 gcry_free(inbuf);
807 return error;
808 }
809 }
810
811 if (filename) {
812 g_snprintf(tmp, sizeof(tmp), ".%s.tmp", filename);
813
814 if ((fd = open(tmp, O_WRONLY|O_CREAT|O_TRUNC, 0600)) == -1) {
815 error = errno;
816 gcry_free(inbuf);
817 p = strrchr(tmp, '/');
818 p++;
819 log_write("%s: %s", p, strerror(errno));
820 return gpg_error_from_errno(error);
821 }
822 }
823 else
824 /*
825 * xml_import() from command line.
826 */
827 fd = STDOUT_FILENO;
828
829 len = pth_write(fd, &file_header, sizeof(struct file_header_s));
830
831 if (len != sizeof(file_header)) {
832 len = errno;
833
834 if (filename)
835 close(fd);
836
837 gcry_free(inbuf);
838 return gpg_error_from_errno(len);
839 }
840
841 len = pth_write(fd, inbuf, insize);
842
843 if (len != insize) {
844 len = errno;
845
846 if (filename)
847 close(fd);
848
849 gcry_free(inbuf);
850 return gpg_error_from_errno(len);
851 }
852
853 if (fsync(fd) == -1) {
854 len = errno;
855 close(fd);
856 gcry_free(inbuf);
857 return gpg_error_from_errno(len);
858 }
859
860 if (filename) {
861 struct stat st;
862 mode_t mode = 0;
863
864 close(fd);
865
866 if (stat(filename, &st) == 0)
867 mode = st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO);
868
869 if (rename(tmp, filename) == -1) {
870 len = errno;
871 gcry_free(inbuf);
872 return gpg_error_from_errno(len);
873 }
874
875 if (mode)
876 chmod(filename, mode);
877 }
878
879 gcry_free(inbuf);
880 return 0;
881 }
882
883 static int save_command(assuan_context_t ctx, char *line)
884 {
885 gpointer xmlbuf;
886 xmlChar *p;
887 gint len;
888 gint cached = 0;
889 guchar shakey[gcrykeysize];
890 gint iter;
891 struct stat st;
892 struct client_s *client = assuan_get_pointer(ctx);
893 gpg_error_t error;
894 gint timeout;
895 gpointer outbuf;
896 glong outsize = 0;
897 gint zerror;
898
899 error = file_modified(client);
900
901 if (error) {
902 log_write("%s: %s", client->filename ? client->filename : "",
903 pwmd_strerror(error));
904 return send_error(ctx, error);
905 }
906
907 error = lock_file_mutex(client);
908
909 if (error)
910 return send_error(ctx, error);
911
912 if (stat(client->filename, &st) == -1 && errno != ENOENT)
913 return send_syserror(ctx, errno);
914
915 if (errno != ENOENT && !S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode)) {
916 log_write("%s: %s", client->filename, pwmd_strerror(EPWMD_INVALID_FILENAME));
917 return send_error(ctx, EPWMD_INVALID_FILENAME);
918 }
919
920 if (!line || !*line) {
921 CACHE_LOCK(ctx);
922
923 if (cache_get_key(client->md5file, shakey) == FALSE) {
924 CACHE_UNLOCK;
925 return send_error(ctx, EPWMD_KEY);
926 }
927
928 CACHE_UNLOCK;
929 cached = 1;
930 }
931 else {
932 gcry_md_hash_buffer(GCRY_MD_SHA256, shakey, line, strlen(line));
933 memset(line, 0, strlen(line));
934 }
935
936 xmlDocDumpFormatMemory(client->doc, &p, &len, 0);
937 xmlbuf = p;
938
939 iter = get_key_file_integer(client->filename, "compression_level");
940
941 if (iter < 0)
942 iter = 0;
943
944 if (do_compress(ctx, iter, xmlbuf, len, &outbuf, &outsize, &zerror) == FALSE) {
945 memset(shakey, 0, sizeof(shakey));
946 xmlFree(xmlbuf);
947
948 if (zerror == Z_MEM_ERROR) {
949 return send_syserror(ctx, ENOMEM);
950 }
951 else
952 return send_error(ctx, GPG_ERR_COMPR_ALGO);
953 }
954 else {
955 gcry_free(xmlbuf);
956 xmlbuf = outbuf;
957 len = outsize;
958 }
959
960 if ((iter = get_key_file_integer(client->filename, "iterations")) == -1)
961 iter = 0;
962
963 error = do_xml_encrypt(client, client->gh, client->filename, xmlbuf, len, shakey, iter);
964
965 if (error) {
966 memset(shakey, 0, sizeof(shakey));
967 return send_error(ctx, error);
968 }
969
970 stat(client->filename, &st);
971 client->mtime = st.st_mtime;
972 timeout = get_key_file_integer(client->filename, "cache_timeout");
973 CACHE_LOCK(client->ctx);
974
975 if (cached) {
976 memset(shakey, 0, sizeof(shakey));
977 cache_reset_timeout(client->md5file, timeout);
978 CACHE_UNLOCK;
979
980 if (client->new == TRUE)
981 send_cache_status_all();
982
983 client->new = FALSE;
984 return send_error(ctx, 0);
985 }
986
987 if (cache_update_key(client->md5file, shakey) == FALSE) {
988 memset(shakey, 0, sizeof(shakey));
989 log_write("%s(%i): %s", __FILE__, __LINE__, pwmd_strerror(EPWMD_MAX_SLOTS));
990 CACHE_UNLOCK;
991 return send_error(ctx, EPWMD_MAX_SLOTS);
992 }
993
994 client->new = FALSE;
995 memset(shakey, 0, sizeof(shakey));
996 cache_reset_timeout(client->md5file, timeout);
997 CACHE_UNLOCK;
998 send_cache_status_all();
999 return send_error(ctx, 0);
1000 }
1001
1002 static gboolean contains_whitespace(const gchar *str)
1003 {
1004 const gchar *p = str;
1005 gunichar c;
1006 glong len;
1007
1008 len = g_utf8_strlen(p++, -1) -1;
1009
1010 while (len--) {
1011 c = g_utf8_get_char(p++);
1012
1013 if (g_unichar_isspace(c))
1014 return TRUE;
1015 }
1016
1017 return FALSE;
1018 }
1019
1020 static int delete_command(assuan_context_t ctx, char *line)
1021 {
1022 struct client_s *client = assuan_get_pointer(ctx);
1023 gchar **req;
1024 gpg_error_t error;
1025 xmlNodePtr n;
1026
1027 error = file_modified(client);
1028
1029 if (error) {
1030 log_write("%s: %s", client->filename ? client->filename : "",
1031 pwmd_strerror(error));
1032 return send_error(ctx, error);
1033 }
1034
1035 if (strchr(line, '\t'))
1036 req = split_input_line(line, "\t", -1);
1037 else
1038 req = split_input_line(line, " ", -1);
1039
1040 if (!req || !*req)
1041 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1042
1043 n = find_account(client->doc, &req, &error, NULL, 0);
1044
1045 if (!n) {
1046 g_strfreev(req);
1047 return send_error(ctx, error);
1048 }
1049
1050 /*
1051 * No sub-node defined. Remove the entire node (account).
1052 */
1053 if (!req[1]) {
1054 if (n) {
1055 xmlUnlinkNode(n);
1056 xmlFreeNode(n);
1057 }
1058
1059 g_strfreev(req);
1060 return send_error(ctx, 0);
1061 }
1062
1063 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, FALSE, 0, NULL);
1064 g_strfreev(req);
1065
1066 if (!n)
1067 return send_error(ctx, error);
1068
1069 if (n) {
1070 xmlUnlinkNode(n);
1071 xmlFreeNode(n);
1072 }
1073
1074 return send_error(ctx, 0);
1075 }
1076
1077 /*
1078 * Don't return with assuan_process_done() here. This has been called from
1079 * assuan_process_next() and the command should be finished in
1080 * client_thread().
1081 */
1082 static int store_command_finalize(gpointer data, gint rc, guchar *line,
1083 gsize len)
1084 {
1085 assuan_context_t ctx = data;
1086 struct client_s *client = assuan_get_pointer(ctx);
1087 gchar **req;
1088 guchar *result = line;
1089 xmlNodePtr n;
1090 gpg_error_t error = file_modified(client);
1091
1092 if (rc) {
1093 if (line)
1094 #ifndef MEM_DEBUG
1095 xfree(line);
1096 #else
1097 free(line);
1098 #endif
1099 return rc;
1100 }
1101
1102 req = split_input_line((gchar *)result, "\t", 0);
1103 #ifndef MEM_DEBUG
1104 xfree(line);
1105 #else
1106 free(line);
1107 #endif
1108
1109 if (rc) {
1110 if (req)
1111 g_strfreev(req);
1112
1113 return rc;
1114 }
1115
1116 if (!req || !*req)
1117 return EPWMD_COMMAND_SYNTAX;
1118
1119 if (valid_element_path(req, TRUE) == FALSE) {
1120 g_strfreev(req);
1121 return EPWMD_INVALID_ELEMENT;
1122 }
1123
1124 again:
1125 n = find_account(client->doc, &req, &error, NULL, 0);
1126
1127 if (error && error == EPWMD_ELEMENT_NOT_FOUND) {
1128 error = new_account(client->doc, *req);
1129
1130 if (error) {
1131 g_strfreev(req);
1132 return error;
1133 }
1134
1135 goto again;
1136 }
1137
1138 if (!n) {
1139 g_strfreev(req);
1140 return error;
1141 }
1142
1143 if (req[1]) {
1144 if (!n->children)
1145 create_elements_cb(n, req+1, &error, NULL);
1146 else
1147 find_elements(client->doc, n->children, req+1, &error,
1148 NULL, NULL, create_elements_cb, FALSE, 0, NULL);
1149 }
1150
1151 g_strfreev(req);
1152 client->inquire_status = INQUIRE_DONE;
1153 return error;
1154 }
1155
1156 static int store_command(assuan_context_t ctx, char *line)
1157 {
1158 struct client_s *client = assuan_get_pointer(ctx);
1159 gpg_error_t error = file_modified(client);
1160
1161 if (error) {
1162 log_write("%s: %s", client->filename ? client->filename : "",
1163 pwmd_strerror(error));
1164 return send_error(ctx, error);
1165 }
1166
1167 error = assuan_inquire_ext(ctx, "STORE", 0, store_command_finalize, ctx);
1168
1169 if (error)
1170 return send_error(ctx, error);
1171
1172 /* Don't return with assuan_process_done() here. This is an INQUIRE. */
1173 client->inquire_status = INQUIRE_BUSY;
1174 return 0;
1175 }
1176
1177 static int get_command(assuan_context_t ctx, char *line)
1178 {
1179 struct client_s *client = assuan_get_pointer(ctx);
1180 gchar **req;
1181 gpg_error_t error;
1182 xmlNodePtr n;
1183
1184 error = file_modified(client);
1185
1186 if (error) {
1187 log_write("%s: %s", client->filename ? client->filename : "",
1188 pwmd_strerror(error));
1189 return send_error(ctx, error);
1190 }
1191
1192 req = split_input_line(line, "\t", -1);
1193
1194 if (!req || !*req) {
1195 g_strfreev(req);
1196 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1197 }
1198
1199 n = find_account(client->doc, &req, &error, NULL, 0);
1200
1201 if (!n) {
1202 g_strfreev(req);
1203 return send_error(ctx, error);
1204 }
1205
1206 if (req[1])
1207 n = find_elements(client->doc, n->children, req+1, &error, NULL, NULL, NULL, FALSE, 0, NULL);
1208
1209 g_strfreev(req);
1210
1211 if (error)
1212 return send_error(ctx, error);
1213
1214 if (!n || !n->children)
1215 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1216
1217 n = n->children;
1218
1219 if (!n || !n->content || !*n->content)
1220 return send_error(ctx, EPWMD_EMPTY_ELEMENT);
1221
1222 error = assuan_send_data(ctx, n->content, xmlStrlen(n->content));
1223 return send_error(ctx, error);
1224 }
1225
1226 static gchar *element_path_to_req(const gchar *account, xmlChar *path)
1227 {
1228 xmlChar *p = path;
1229 gint n;
1230 gchar *buf;
1231
1232 if (!p)
1233 return NULL;
1234
1235 for (n = 0; *p && n < 3; p++) {
1236 if (*p == '/')
1237 n++;
1238 }
1239
1240 if (strstr((gchar *)p, "text()") != NULL)
1241 p[xmlStrlen(p) - 7] = 0;
1242
1243 for (n = 0; p[n]; n++) {
1244 if (p[n] == '/')
1245 p[n] = '\t';
1246 }
1247
1248 buf = g_strdup_printf("%s\t%s", account, p);
1249 return buf;
1250 }
1251
1252 gboolean strv_printf(gchar ***array, const gchar *fmt, ...)
1253 {
1254 gchar **a;
1255 va_list ap;
1256 gchar *buf;
1257 gint len = *array ? g_strv_length(*array) : 0;
1258 gint ret;
1259
1260 if (!fmt)
1261 return FALSE;
1262
1263 if ((a = g_realloc(*array, (len + 2) * sizeof(gchar *))) == NULL)
1264 return FALSE;
1265
1266 va_start(ap, fmt);
1267 ret = g_vasprintf(&buf, fmt, ap);
1268 va_end(ap);
1269
1270 if (ret == -1)
1271 return FALSE;
1272
1273 a[len++] = buf;
1274 a[len] = NULL;
1275 *array = a;
1276 return TRUE;
1277 }
1278
1279 struct realpath_s {
1280 gchar *account;
1281 };
1282
1283 static xmlNodePtr realpath_elements_cb(xmlNodePtr node, gchar **req,
1284 gpg_error_t *error, void *data)
1285 {
1286 struct realpath_s *rp = data;
1287
1288 if (rp->account)
1289 g_free(rp->account);
1290
1291 rp->account = g_strdup(req[0]);
1292
1293 if (!rp->account) {
1294 *error = gpg_error_from_errno(ENOMEM);
1295 return NULL;
1296 }
1297
1298 return node;
1299 }
1300
1301 static int realpath_command(assuan_context_t ctx, char *line)
1302 {
1303 gpg_error_t error;
1304 struct client_s *client = assuan_get_pointer(ctx);
1305 xmlChar *p;
1306 gchar **req;
1307 gchar *result, *t;
1308 gint i;
1309 xmlNodePtr n;
1310 struct realpath_s *rp;
1311 GString *string;
1312
1313 error = file_modified(client);
1314
1315 if (error) {
1316 log_write("%s: %s", client->filename ? client->filename : "",
1317 pwmd_strerror(error));
1318 return send_error(ctx, error);
1319 }
1320
1321 if (strchr(line, '\t') != NULL) {
1322 if ((req = split_input_line(line, "\t", 0)) == NULL)
1323 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1324 }
1325 else {
1326 if ((req = split_input_line(line, " ", 0)) == NULL)
1327 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
1328 }
1329
1330 n = find_account(client->doc, &req, &error, NULL, 0);
1331
1332 if (!n) {
1333 g_strfreev(req);
1334 return send_error(ctx, error);
1335 }
1336
1337 rp = g_malloc(sizeof(struct realpath_s));
1338
1339 if (!rp) {
1340 g_strfreev(req);
1341 return send_syserror(ctx, ENOMEM);
1342 }
1343
1344 rp->account = g_strdup(req[0]);
1345
1346 if (!rp->account) {
1347 g_strfreev(req);
1348 return send_syserror(ctx, ENOMEM);
1349 }
1350
1351 if (req[1]) {
1352 n = find_elements(client->doc, n->children, req+1, &error,
1353 NULL, realpath_elements_cb, NULL, FALSE, 0, rp);
1354
1355 if (!n) {
1356 g_free(rp->account);
1357 g_free(rp);
1358 g_strfreev(req);
1359 return send_error(ctx, error);
1360 }
1361 }
1362
1363 p = xmlGetNodePath(n);
1364 result = element_path_to_req(rp->account, p);
1365
1366 if (!result) {
1367 g_free(result);
1368 g_free(rp->account);
1369 g_free(rp);
1370 g_strfreev(req);
1371 xmlFree(p);
1372 return send_syserror(ctx, ENOMEM);
1373 }
1374
1375 string = g_string_new(result);
1376 g_free(result);
1377 g_free(rp->account);
1378 g_free(rp);
1379 g_strfreev(req);
1380 xmlFree(p);
1381 i = 0;
1382
1383 again:
1384 for (t = string->str + i; *t; t++, i++) {
1385 if (!i || *t == '\t') {
1386 string = g_string_insert_c(string, !i ? i++ : ++i, '!');
1387 goto again;
1388 }
1389 }
1390
1391 error = assuan_send_data(ctx, string->str, string->len);
1392 g_string_free(string, TRUE);
1393 return send_error(ctx, error);
1394 }
1395
1396 struct list_element_s {
1397 GSList *list;
1398 gchar **elements;
1399 };
1400
1401 static gboolean append_to_element_list(struct list_element_s *elements)
1402 {
1403 gchar *tmp;
1404 gint i, total;
1405 gchar *a;
1406 GSList *list;
1407
1408 if (!elements || !elements->elements)
1409 return TRUE;
1410
1411 tmp = g_strjoinv("\t", elements->elements);
1412
1413 if (!tmp)
1414 return FALSE;
1415
1416 g_strfreev(elements->elements);
1417 elements->elements = NULL;
1418 total = g_slist_length(elements->list);
1419 a = g_utf8_collate_key(tmp, -1);
1420
1421 if (!a) {
1422 g_free(tmp);
1423 return FALSE;
1424 }
1425
1426 /*
1427 * Removes duplicate element paths from the list. This is needed when
1428 * appending an element tree from list_command(). The glib docs recommend
1429 * using g_utf8_collate_key() for a large number of strings.
1430 */
1431 for (i = 0; i < total; i++) {
1432 gchar *p = g_slist_nth_data(elements->list, i);
1433 gchar *b = g_utf8_collate_key(p, -1);
1434
1435 if (!b) {
1436 g_free(a);
1437 g_free(tmp);
1438 return FALSE;
1439 }
1440
1441 if (strcmp(a, b) == 0) {
1442 g_free(a);
1443 g_free(b);
1444 g_free(tmp);
1445 return TRUE;
1446 }
1447
1448 g_free(b);
1449 }
1450
1451 g_free(a);
1452 list = g_slist_append(elements->list, tmp);
1453
1454 if (!list)
1455 return FALSE;
1456
1457 elements->list = list;
1458 return TRUE;
1459 }
1460
1461 static gpg_error_t do_list_recurse(xmlDocPtr doc, xmlNodePtr node,
1462 struct list_element_s *elements, gchar *prefix)
1463 {
1464 xmlNodePtr n;
1465 gpg_error_t error;
1466
1467 if (append_to_element_list(elements) == FALSE)
1468 return gpg_error_from_errno(ENOMEM);
1469
1470 for (n = node; n; n = n->next) {
1471 if (n->type == XML_ELEMENT_NODE) {
1472 xmlChar *content = node_has_attribute(n, (xmlChar *)"target");
1473 gchar *tmp;
1474
1475 if (content) {
1476 if (strv_printf(&elements->elements, "%s\t%s", prefix, n->name) == FALSE)
1477 return gpg_error_from_errno(ENOMEM);
1478
1479 if (append_to_element_list(elements) == FALSE)
1480 return gpg_error_from_errno(ENOMEM);
1481 }
1482
1483 tmp = g_strdup_printf("%s\t!%s", prefix, n->name);
1484
1485 if (!tmp)
1486 return gpg_error_from_errno(ENOMEM);
1487
1488 if (strv_printf(&elements->elements, "%s", tmp) == FALSE) {
1489 g_free(tmp);
1490 return gpg_error_from_errno(ENOMEM);
1491 }
1492
1493 if (n->children) {
1494 error = do_list_recurse(doc, n->children, elements, tmp);
1495 g_free(tmp);
1496
1497 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1498 return error;
1499 }
1500 else
1501 g_free(tmp);
1502
1503 if (append_to_element_list(elements) == FALSE)
1504 return gpg_error_from_errno(ENOMEM);
1505 }
1506 }
1507
1508 return 0;
1509 }
1510
1511 static gpg_error_t do_list_command(assuan_context_t ctx, xmlDocPtr doc,
1512 struct list_element_s *elements, char *line)
1513 {
1514 gchar *prefix = NULL, *account;
1515 gchar **req = NULL, **oreq = NULL, *tmp;
1516 xmlNodePtr n;
1517 gboolean account_is_literal, account_has_target = FALSE;
1518 gint which = 0;
1519 gchar **p;
1520 gpg_error_t error;
1521
1522 if ((req = split_input_line(line, "\t", 0)) == NULL) {
1523 if ((req = split_input_line(line, " ", 0)) == NULL)
1524 return EPWMD_COMMAND_SYNTAX;
1525 }
1526
1527 prefix = g_strdup(*req);
1528
1529 if (!prefix) {
1530 g_strfreev(req);
1531 return gpg_error_from_errno(ENOMEM);
1532 }
1533
1534 account = g_strdup(*req);
1535
1536 if (!account) {
1537 g_free(prefix);
1538 g_strfreev(req);
1539 return gpg_error_from_errno(ENOMEM);
1540 }
1541
1542 oreq = g_strdupv(req);
1543
1544 if (!oreq) {
1545 g_free(prefix);
1546 g_free(account);
1547 g_strfreev(req);
1548 return gpg_error_from_errno(ENOMEM);
1549 }
1550
1551 p = req;
1552 again:
1553 account_has_target = FALSE;
1554 account_is_literal = is_literal_element_str(prefix);
1555 n = find_account(doc, &p, &error, &account_has_target, 0);
1556
1557 if (which)
1558 oreq = p;
1559 else
1560 req = p;
1561
1562 if (!n)
1563 goto fail;
1564
1565 if (!which && account_is_literal == FALSE && account_has_target == FALSE) {
1566 tmp = g_strdup_printf("!%s", prefix);
1567
1568 if (!tmp) {
1569 error = gpg_error_from_errno(ENOMEM);
1570 goto fail;
1571 }
1572
1573 g_free(prefix);
1574 prefix = tmp;
1575 }
1576
1577 if (*(p+1)) {
1578 gchar *t;
1579
1580 n = find_elements(doc, n->children, p+1, &error, NULL, NULL, NULL,
1581 TRUE, 0, NULL);
1582
1583 if (error)
1584 goto fail;
1585
1586 tmp = g_strjoinv("\t", p+1);
1587 if (!tmp) {
1588 error = gpg_error_from_errno(ENOMEM);
1589 goto fail;
1590 }
1591
1592 t = g_strdup_printf("%s\t%s", prefix, tmp);
1593 if (!t) {
1594 error = gpg_error_from_errno(ENOMEM);
1595 goto fail;
1596 }
1597
1598 g_free(prefix);
1599 prefix = t;
1600 g_free(tmp);
1601 }
1602
1603 if (strv_printf(&elements->elements, "%s", prefix) == FALSE) {
1604 error = gpg_error_from_errno(ENOMEM);
1605 goto fail;
1606 }
1607
1608 if (node_has_child_element(n->children) == FALSE) {
1609 if (append_to_element_list(elements) == FALSE) {
1610 error = gpg_error_from_errno(ENOMEM);
1611 goto fail;
1612 }
1613 }
1614 else
1615 error = do_list_recurse(doc, n->children, elements, prefix);
1616
1617 if (error)
1618 goto fail;
1619
1620 if (!which++ && !*(p+1) && account_is_literal == FALSE && account_has_target == TRUE) {
1621 g_free(*oreq);
1622 *oreq = g_strdup_printf("!%s", account);
1623
1624 if (!*oreq) {
1625 error = gpg_error_from_errno(ENOMEM);
1626 goto fail;
1627 }
1628
1629 p = oreq;
1630 g_free(prefix);
1631 prefix = g_strdup(*oreq);
1632
1633 if (!prefix) {
1634 error = gpg_error_from_errno(ENOMEM);
1635 goto fail;
1636 }
1637
1638 goto again;
1639 }
1640
1641 fail:
1642 g_free(prefix);
1643 g_free(account);
1644 g_strfreev(req);
1645
1646 if (oreq)
1647 g_strfreev(oreq);
1648
1649 return error;
1650 }
1651
1652 /*
1653 * This could be faster especially when finding "target" attributes.
1654 */
1655 static int list_command(assuan_context_t ctx, char *line)
1656 {
1657 struct client_s *client = assuan_get_pointer(ctx);
1658 gpg_error_t error;
1659 struct list_element_s *elements = NULL;
1660 GString *string;
1661 gchar *tmp;
1662 gint i, total;
1663
1664 if (disable_list_and_dump == TRUE)
1665 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
1666
1667 error = file_modified(client);
1668
1669 if (error) {
1670 log_write("%s: %s", client->filename, pwmd_strerror(error));
1671 return send_error(ctx, error);
1672 }
1673
1674 if (!*line) {
1675 GString *str;
1676
1677 error = list_accounts(client->doc, &str);
1678
1679 if (error)
1680 return send_error(ctx, error);
1681
1682 error = assuan_send_data(ctx, str->str, str->len);
1683 g_string_free(str, TRUE);
1684 return send_error(ctx, error);
1685 }
1686
1687 elements = g_malloc0(sizeof(struct list_element_s));
1688
1689 if (!elements) {
1690 error = gpg_error_from_errno(ENOMEM);
1691 goto fail;
1692 }
1693
1694 error = do_list_command(ctx, client->doc, elements, line);
1695
1696 if (error)
1697 goto fail;
1698
1699 if (!error) {
1700 total = g_slist_length(elements->list);
1701
1702 if (!total) {
1703 error = EPWMD_EMPTY_ELEMENT;
1704 goto fail;
1705 }
1706
1707 /*
1708 * Find element paths with a target and append those element trees to
1709 * the list.
1710 */
1711 for (i = 0; i < total; i++) {
1712 gchar **req;
1713
1714 tmp = g_slist_nth_data(elements->list, i);
1715 req = split_input_line(tmp, "\t", 0);
1716
1717 if (!req) {
1718 if (g_str_has_prefix(tmp, "!") == TRUE) {
1719 g_strfreev(req);
1720 continue;
1721 }
1722 }
1723 else {
1724 gchar **p;
1725
1726 for (p = req; *p; p++) {
1727 if (g_str_has_prefix(*p, "!") == FALSE)
1728 break;
1729 }
1730
1731 if (!*p) {
1732 g_strfreev(req);
1733 continue;
1734 }
1735 }
1736
1737 g_strfreev(req);
1738 error = do_list_command(ctx, client->doc, elements, tmp);
1739
1740 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
1741 goto fail;
1742
1743 total = g_slist_length(elements->list);
1744 }
1745 }
1746
1747 string = g_string_new(NULL);
1748
1749 for (i = 0; i < total; i++) {
1750 tmp = g_slist_nth_data(elements->list, i);
1751 g_string_append_printf(string, "%s\n", tmp);
1752 g_free(tmp);
1753 }
1754
1755 string = g_string_truncate(string, string->len - 1);
1756 error = assuan_send_data(ctx, string->str, string->len);
1757 g_string_free(string, TRUE);
1758
1759 fail:
1760 if (elements) {
1761 if (elements->list)
1762 g_slist_free(elements->list);
1763
1764 if (elements->elements)
1765 g_strfreev(elements->elements);
1766
1767 g_free(elements);
1768 }
1769
1770 return send_error(ctx, error);
1771 }
1772
1773 static gpg_error_t add_attribute(xmlNodePtr node, const gchar *name,
1774 const gchar *value)
1775 {
1776 xmlAttrPtr a;
1777
1778 if ((a = xmlHasProp(node, (xmlChar *)name)) == NULL) {
1779 a = xmlNewProp(node, (xmlChar *)name, (xmlChar *)value);
1780
1781 if (!a)
1782 return EPWMD_LIBXML_ERROR;
1783 }
1784 else
1785 xmlNodeSetContent(a->children, (xmlChar *)value);
1786
1787 return 0;
1788 }
1789
1790 /*
1791 * req[0] - element path
1792 */
1793 static int attribute_list(assuan_context_t ctx, gchar **req)
1794 {
1795 struct client_s *client = assuan_get_pointer(ctx);
1796 gchar **attrlist = NULL;
1797 gint i = 0;
1798 gchar **path = NULL;
1799 xmlAttrPtr a;
1800 xmlNodePtr n, an;
1801 gchar *line;
1802 gpg_error_t error;
1803
1804 if (!req || !req[0])
1805 return EPWMD_COMMAND_SYNTAX;
1806
1807 if ((path = split_input_line(req[0], "\t", 0)) == NULL) {
1808 /*
1809 * The first argument may be only an account.
1810 */
1811 if ((path = split_input_line(req[0], " ", 0)) == NULL)
1812 return EPWMD_COMMAND_SYNTAX;
1813 }
1814
1815 n = find_account(client->doc, &path, &error, NULL, 0);
1816
1817 if (!n) {
1818 g_strfreev(path);
1819 return error;
1820 }
1821
1822 if (path[1]) {
1823 n = find_elements(client->doc, n->children, path+1, &error,
1824 NULL, NULL, NULL, FALSE, 0, NULL);
1825
1826 if (!n) {
1827 g_strfreev(path);
1828 return error;
1829 }
1830 }
1831
1832 g_strfreev(path);
1833
1834 for (a = n->properties; a; a = a->next) {
1835 gchar **pa;
1836
1837 if ((pa = g_realloc(attrlist, (i + 2) * sizeof(gchar *))) == NULL) {
1838 if (attrlist)
1839 g_strfreev(attrlist);
1840
1841 error = errno;
1842 log_write("%s(%i): %s", __FILE__, __LINE__, strerror(errno));
1843 return gpg_error_from_errno(error);
1844 }
1845
1846 attrlist = pa;
1847 an = a->children;
1848 attrlist[i] = g_strdup_printf("%s\t%s", (gchar *)a->name, (gchar *)an->content);
1849
1850 if (!attrlist[i]) {
1851 g_strfreev(attrlist);
1852 return gpg_error_from_errno(ENOMEM);
1853 }
1854
1855 attrlist[++i] = NULL;
1856 }
1857
1858 if (!attrlist)
1859 return EPWMD_EMPTY_ELEMENT;
1860
1861 line = g_strjoinv("\n", attrlist);
1862
1863 if (!line) {
1864 g_strfreev(attrlist);
1865 return gpg_error_from_errno(ENOMEM);
1866 }
1867
1868 error = assuan_send_data(ctx, line, strlen(line));
1869 g_free(line);
1870 g_strfreev(attrlist);
1871 return error;
1872 }
1873
1874 /*
1875 * req[0] - attribute
1876 * req[1] - element path
1877 */
1878 static int attribute_delete(struct client_s *client, gchar **req)
1879 {
1880 xmlAttrPtr a;
1881 xmlNodePtr n;
1882 gchar **path = NULL;
1883 gpg_error_t error;
1884
1885 if (!req || !req[0] || !req[1])
1886 return EPWMD_COMMAND_SYNTAX;
1887
1888 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
1889 /*
1890 * The first argument may be only an account.
1891 */
1892 if ((path = split_input_line(req[1], " ", 0)) == NULL)
1893 return EPWMD_COMMAND_SYNTAX;
1894 }
1895
1896 /*
1897 * Don't remove the "name" attribute for the account element. To remove an
1898 * account use DELETE <account>.
1899 */
1900 if (!path[1] && xmlStrEqual((xmlChar *)req[0], (xmlChar *)"name")) {
1901 error = EPWMD_ATTR_SYNTAX;
1902 goto fail;
1903 }
1904
1905 n = find_account(client->doc, &path, &error, NULL, 0);
1906
1907 if (!n)
1908 goto fail;
1909
1910 if (path[1]) {
1911 n = find_elements(client->doc, n->children, path+1, &error,
1912 NULL, NULL, NULL, FALSE, 0, NULL);
1913
1914 if (!n)
1915 goto fail;
1916 }
1917
1918 g_strfreev(path);
1919
1920 if ((a = xmlHasProp(n, (xmlChar *)req[0])) == NULL)
1921 return EPWMD_ATTR_NOT_FOUND;
1922
1923 if (xmlRemoveProp(a) == -1)
1924 return EPWMD_LIBXML_ERROR;
1925
1926 return 0;
1927
1928 fail:
1929 g_strfreev(path);
1930 return error;
1931 }
1932
1933 /*
1934 * Creates a "target" attribute. When other commands encounter an element with
1935 * this attribute, the element path is modified to the target value. If the
1936 * source element path doesn't exist when using 'ATTR SET target', it is
1937 * created, but the destination element path must exist.
1938 *
1939 * req[0] - source element path
1940 * req[1] - destination element path
1941 */
1942 static gpg_error_t target_attribute(struct client_s *client, gchar **req)
1943 {
1944 gchar **src, **dst, *line;
1945 gpg_error_t error;
1946 xmlNodePtr n;
1947
1948 if (!req || !req[0] || !req[1])
1949 return EPWMD_COMMAND_SYNTAX;
1950
1951 if ((src = split_input_line(req[0], "\t", 0)) == NULL) {
1952 /*
1953 * The first argument may be only an account.
1954 */
1955 if ((src = split_input_line(req[0], " ", 0)) == NULL)
1956 return EPWMD_COMMAND_SYNTAX;
1957 }
1958
1959 if (valid_element_path(src, FALSE) == FALSE) {
1960 g_strfreev(src);
1961 return EPWMD_INVALID_ELEMENT;
1962 }
1963
1964 if ((dst = split_input_line(req[1], "\t", 0)) == NULL) {
1965 /*
1966 * The first argument may be only an account.
1967 */
1968 if ((dst = split_input_line(req[1], " ", 0)) == NULL) {
1969 error = EPWMD_COMMAND_SYNTAX;
1970 goto fail;
1971 }
1972 }
1973
1974 n = find_account(client->doc, &dst, &error, NULL, 0);
1975
1976 /*
1977 * Make sure the destination element path exists.
1978 */
1979 if (!n)
1980 goto fail;
1981
1982 if (dst[1]) {
1983 n = find_elements(client->doc, n->children, dst+1, &error,
1984 NULL, NULL, NULL, FALSE, 0, NULL);
1985
1986 if (!n)
1987 goto fail;
1988 }
1989
1990 again:
1991 n = find_account(client->doc, &src, &error, NULL, 0);
1992
1993 if (!n) {
1994 if (error == EPWMD_ELEMENT_NOT_FOUND) {
1995 error = new_account(client->doc, src[0]);
1996
1997 if (error)
1998 goto fail;
1999
2000 goto again;
2001 }
2002 else
2003 goto fail;
2004 }
2005
2006 if (src[1]) {
2007 if (!n->children)
2008 n = create_target_elements_cb(n, src+1, &error, NULL);
2009 else
2010 n = find_elements(client->doc, n->children, src+1, &error,
2011 NULL, NULL, create_target_elements_cb, FALSE, 0, NULL);
2012
2013 if (!n)
2014 goto fail;
2015
2016 /*
2017 * Reset the position of the element tree now that the elements
2018 * have been created.
2019 */
2020 n = find_account(client->doc, &src, &error, NULL, 0);
2021
2022 if (!n)
2023 goto fail;
2024
2025 n = find_elements(client->doc, n->children, src+1, &error,
2026 NULL, NULL, NULL, FALSE, 0, NULL);
2027
2028 if (!n)
2029 goto fail;
2030 }
2031
2032 line = g_strjoinv("\t", dst);
2033 error = add_attribute(n, "target", line);
2034
2035 if (error) {
2036 g_free(line);
2037 goto fail;
2038 }
2039
2040 g_free(line);
2041 g_strfreev(src);
2042 g_strfreev(dst);
2043 return 0;
2044
2045 fail:
2046 g_strfreev(src);
2047 g_strfreev(dst);
2048 return error;
2049 }
2050
2051 /*
2052 * req[0] - account name
2053 * req[1] - new name
2054 */
2055 static gpg_error_t name_attribute(struct client_s *client, gchar **req)
2056 {
2057 gpg_error_t error;
2058 gchar **tmp;
2059 xmlNodePtr n;
2060
2061 tmp = g_strdupv(req);
2062
2063 if (!tmp)
2064 return gpg_error_from_errno(ENOMEM);
2065
2066 n = find_account(client->doc, &tmp, &error, NULL, 0);
2067 g_strfreev(tmp);
2068
2069 if (!n)
2070 return error;
2071
2072 if (g_utf8_collate(req[0], req[1]) == 0)
2073 return 0;
2074
2075 /*
2076 * Will not overwrite an existing account.
2077 */
2078 tmp = g_strdupv(req+1);
2079
2080 if (!tmp)
2081 return gpg_error_from_errno(ENOMEM);
2082
2083 n = find_account(client->doc, &tmp, &error, NULL, 0);
2084 g_strfreev(tmp);
2085
2086 if (error && error != EPWMD_ELEMENT_NOT_FOUND)
2087 return error;
2088
2089 if (n)
2090 return EPWMD_ACCOUNT_EXISTS;
2091
2092 /*
2093 * Whitespace not allowed in account names.
2094 */
2095 if (contains_whitespace(req[1]) == TRUE)
2096 return EPWMD_ATTR_SYNTAX;
2097
2098 tmp = g_strdupv(req);
2099
2100 if (!tmp)
2101 return gpg_error_from_errno(ENOMEM);
2102
2103 n = find_account(client->doc, &tmp, &error, NULL, 0);
2104 g_strfreev(tmp);
2105
2106 if (!n)
2107 return EPWMD_ELEMENT_NOT_FOUND;
2108
2109 return add_attribute(n, "name", req[1]);
2110 }
2111
2112 /*
2113 * req[0] - attribute
2114 * req[1] - element path
2115 */
2116 static int attribute_get(assuan_context_t ctx, gchar **req)
2117 {
2118 struct client_s *client = assuan_get_pointer(ctx);
2119 xmlNodePtr n;
2120 xmlChar *a;
2121 gchar **path= NULL;
2122 gpg_error_t error;
2123
2124 if (!req || !req[0] || !req[1])
2125 return EPWMD_COMMAND_SYNTAX;
2126
2127 if (strchr(req[1], '\t')) {
2128 if ((path = split_input_line(req[1], "\t", 0)) == NULL)
2129 return EPWMD_COMMAND_SYNTAX;
2130 }
2131 else {
2132 if ((path = split_input_line(req[1], " ", 0)) == NULL)
2133 return EPWMD_COMMAND_SYNTAX;
2134 }
2135
2136 n = find_account(client->doc, &path, &error, NULL, 0);
2137
2138 if (!n)
2139 goto fail;
2140
2141 if (path[1]) {
2142 n = find_elements(client->doc, n->children, path+1, &error,
2143 NULL, NULL, NULL, FALSE, 0, NULL);
2144
2145 if (!n)
2146 goto fail;
2147 }
2148
2149 g_strfreev(path);
2150
2151 if ((a = xmlGetProp(n, (xmlChar *)req[0])) == NULL)
2152 return EPWMD_ATTR_NOT_FOUND;
2153
2154 error = assuan_send_data(ctx, a, xmlStrlen(a));
2155 xmlFree(a);
2156 return error;
2157
2158 fail:
2159 g_strfreev(path);
2160 return error;
2161 }
2162
2163 /*
2164 * req[0] - attribute
2165 * req[1] - element path
2166 * req[2] - value
2167 */
2168 static int attribute_set(struct client_s *client, gchar **req)
2169 {
2170 gchar **path = NULL;
2171 gpg_error_t error;
2172 xmlNodePtr n;
2173
2174 if (!req || !req[0] || !req[1] || !req[2])
2175 return EPWMD_COMMAND_SYNTAX;
2176
2177 /*
2178 * Reserved attribute names.
2179 */
2180 if (g_utf8_collate(req[0], "name") == 0) {
2181 /*
2182 * Only reserved for the account element. Not the rest of the
2183 * document.
2184 */
2185 if (strchr(req[1], '\t') == NULL)
2186 return name_attribute(client, req + 1);
2187 }
2188 else if (g_utf8_collate(req[0], "target") == 0)
2189 return target_attribute(client, req + 1);
2190
2191 if ((path = split_input_line(req[1], "\t", 0)) == NULL) {
2192 /*
2193 * The first argument may be only an account.
2194 */
2195 if ((path = split_input_line(req[1], " ", 0)) == NULL)
2196 return EPWMD_COMMAND_SYNTAX;
2197 }
2198
2199 n = find_account(client->doc, &path, &error, NULL, 0);
2200
2201 if (!n)
2202 goto fail;
2203
2204 if (path[1]) {
2205 n = find_elements(client->doc, n->children, path+1, &error,
2206 NULL, NULL, NULL, FALSE, 0, NULL);
2207
2208 if (!n)
2209 goto fail;
2210 }
2211
2212 g_strfreev(path);
2213 return add_attribute(n, req[0], req[2]);
2214
2215 fail:
2216 g_strfreev(path);
2217 return error;
2218 }
2219
2220 /*
2221 * req[0] - command
2222 * req[1] - attribute name or element path if command is LIST
2223 * req[2] - element path
2224 * req[2] - element path or value
2225 */
2226 static int attr_command(assuan_context_t ctx, char *line)
2227 {
2228 struct client_s *client = assuan_get_pointer(ctx);
2229 gchar **req = split_input_line(line, " ", 4);
2230 gpg_error_t error = 0;
2231
2232 error = file_modified(client);
2233
2234 if (error) {
2235 log_write("%s: %s", client->filename ? client->filename : "",
2236 pwmd_strerror(error));
2237 g_strfreev(req);
2238 return send_error(ctx, error);
2239 }
2240
2241 if (!req || !req[0] || !req[1]) {
2242 g_strfreev(req);
2243 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2244 }
2245
2246 if (g_ascii_strcasecmp(req[0], "SET") == 0)
2247 error = attribute_set(client, req+1);
2248 else if (g_ascii_strcasecmp(req[0], "GET") == 0)
2249 error = attribute_get(ctx, req+1);
2250 else if (g_ascii_strcasecmp(req[0], "DELETE") == 0)
2251 error = attribute_delete(client, req+1);
2252 else if (g_ascii_strcasecmp(req[0], "LIST") == 0)
2253 error = attribute_list(ctx, req+1);
2254 else
2255 error = EPWMD_COMMAND_SYNTAX;
2256
2257 g_strfreev(req);
2258 return send_error(ctx, error);
2259 }
2260
2261 static int iscached_command(assuan_context_t ctx, char *line)
2262 {
2263 gchar **req = split_input_line(line, " ", 0);
2264 guchar md5file[16];
2265
2266 if (!req || !*req) {
2267 g_strfreev(req);
2268 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2269 }
2270
2271 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2272 g_strfreev(req);
2273 CACHE_LOCK(ctx);
2274
2275 if (cache_iscached(md5file) == FALSE) {
2276 CACHE_UNLOCK;
2277 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2278 }
2279
2280 CACHE_UNLOCK;
2281 return send_error(ctx, 0);
2282 }
2283
2284 gpg_error_t send_cache_status(assuan_context_t ctx)
2285 {
2286 gchar *tmp;
2287 struct client_s *client = assuan_get_pointer(ctx);
2288
2289 CACHE_LOCK(client->ctx);
2290 tmp = print_fmt("%i %i",
2291 cache_file_count(),
2292 (cache_size / sizeof(file_cache_t)) - cache_file_count());
2293 CACHE_UNLOCK;
2294
2295 return assuan_write_status(ctx, "CACHE", tmp);
2296 }
2297
2298 static int clearcache_command(assuan_context_t ctx, char *line)
2299 {
2300 struct client_s *client = assuan_get_pointer(ctx);
2301 gchar **req = split_input_line(line, " ", 0);
2302 guchar md5file[16];
2303
2304 CACHE_LOCK(ctx);
2305
2306 if (!req || !*req) {
2307 g_strfreev(req);
2308 cache_clear(client->md5file, 2);
2309 CACHE_UNLOCK;
2310 return send_error(ctx, 0);
2311 }
2312
2313 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[0], strlen(req[0]));
2314 g_strfreev(req);
2315
2316 if (cache_clear(md5file, 1) == FALSE) {
2317 CACHE_UNLOCK;
2318 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2319 }
2320
2321 CACHE_UNLOCK;
2322 return send_error(ctx, 0);
2323 }
2324
2325 static int cachetimeout_command(assuan_context_t ctx, char *line)
2326 {
2327 guchar md5file[16];
2328 glong timeout;
2329 gchar **req = split_input_line(line, " ", 0);
2330 gchar *p;
2331 struct client_s *client = assuan_get_pointer(ctx);
2332
2333 if (!req || !*req || !req[1]) {
2334 g_strfreev(req);
2335 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2336 }
2337
2338 errno = 0;
2339 timeout = strtol(req[0], &p, 10);
2340
2341 if (errno != 0 || *p != 0) {
2342 g_strfreev(req);
2343 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2344 }
2345
2346 gcry_md_hash_buffer(GCRY_MD_MD5, md5file, req[1], strlen(req[1]));
2347 g_strfreev(req);
2348 CACHE_LOCK(client->ctx);
2349
2350 if (cache_set_timeout(md5file, timeout) == FALSE) {
2351 CACHE_UNLOCK;
2352 return send_error(ctx, EPWMD_CACHE_NOT_FOUND);
2353 }
2354
2355 CACHE_UNLOCK;
2356 send_cache_status_all();
2357 return send_error(ctx, 0);
2358 }
2359
2360 static int dump_command(assuan_context_t ctx, char *line)
2361 {
2362 xmlChar *xml;
2363 gssize len;
2364 struct client_s *client = assuan_get_pointer(ctx);
2365 gpg_error_t error;
2366
2367 if (disable_list_and_dump == TRUE)
2368 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2369
2370 error = file_modified(client);
2371
2372 if (error) {
2373 log_write("%s: %s", client->filename ? client->filename : "",
2374 pwmd_strerror(error));
2375 return send_error(ctx, error);
2376 }
2377
2378 xmlDocDumpFormatMemory(client->doc, &xml, &len, 1);
2379 error = assuan_send_data(ctx, xml, len);
2380 xmlFree(xml);
2381 return send_error(ctx, error);
2382 }
2383
2384 static int getconfig_command(assuan_context_t ctx, gchar *line)
2385 {
2386 struct client_s *client = assuan_get_pointer(ctx);
2387 gpg_error_t error = 0;
2388 gchar *p, *tmp;
2389
2390 if (strcmp(line, "key") == 0 || strcmp(line, "key_file") == 0)
2391 return send_error(ctx, GPG_ERR_NOT_IMPLEMENTED);
2392
2393 p = get_key_file_string(client->filename ? client->filename : "default", line);
2394
2395 if (!p)
2396 return send_error(ctx, EPWMD_COMMAND_SYNTAX);
2397
2398 tmp = expand_homedir(p);
2399 g_free(p);
2400 p = tmp;
2401 error = assuan_send_data(ctx, p, strlen(p));
2402 g_free(p);
2403 return send_error(ctx, error);
2404 }
2405
2406 void cleanup_assuan(assuan_context_t ctx)
2407 {
2408 struct client_s *cl = assuan_get_pointer(ctx);
2409
2410 cleanup_client(cl);
2411 }
2412
2413 static void reset_notify(assuan_context_t ctx)
2414 {
2415 struct client_s *cl = assuan_get_pointer(ctx);
2416
2417 cleanup_client(cl);
2418 }
2419
2420 gpg_error_t register_commands(assuan_context_t ctx)
2421 {
2422 static struct {
2423 const char *name;
2424 int (*handler)(assuan_context_t, char *line);
2425 } table[] = {
2426 { "OPEN", open_command },
2427 { "SAVE", save_command },
2428 { "LIST", list_command },
2429 { "REALPATH", realpath_command },
2430 { "STORE", store_command },
2431 { "DELETE", delete_command },
2432 { "GET", get_command },
2433 { "ATTR", attr_command },
2434 { "ISCACHED", iscached_command },
2435 { "CLEARCACHE", clearcache_command },
2436 { "CACHETIMEOUT", cachetimeout_command },
2437 { "GETCONFIG", getconfig_command },
2438 { "DUMP", dump_command },
2439 { "INPUT", NULL },
2440 { "OUTPUT", NULL },
2441 { NULL, NULL }
2442 };
2443 int i, rc;
2444
2445 for (i=0; table[i].name; i++) {
2446 rc = assuan_register_command (ctx, table[i].name, table[i].handler);
2447
2448 if (rc)
2449 return rc;
2450 }
2451
2452 rc = assuan_register_bye_notify(ctx, cleanup_assuan);
2453 if (rc)
2454 return rc;
2455
2456 return assuan_register_reset_notify(ctx, reset_notify);
2457 }
2458
2459 gpg_error_t try_xml_decrypt(assuan_context_t ctx, gint fd, struct stat st,
2460 guchar *key)
2461 {
2462 guchar *iv;
2463 void *inbuf;
2464 gsize insize, len;
2465 guchar tkey[gcrykeysize];
2466 struct file_header_s {
2467 guint iter;
2468 guchar iv[gcryblocksize];
2469 } file_header;
2470 struct client_s *client = ctx ? assuan_get_pointer(ctx) : NULL;
2471 gcry_cipher_hd_t gh;
2472 guint iter = 0, n_iter = 0;
2473 gint iter_progress;
2474 void *outbuf = NULL;
2475 gint zerror = 0;
2476 glong outsize = 0;
2477 gpg_error_t error;
2478
2479 if (!ctx) {
2480 error = gcry_cipher_open(&gh, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0);
2481
2482 if (error)
2483 return error;
2484 }
2485 else
2486 gh = client->gh;
2487
2488 lseek(fd, 0, SEEK_SET);
2489 insize = st.st_size - sizeof(struct file_header_s);
2490 iv = gcry_malloc(gcryblocksize);
2491
2492 if (!iv) {
2493 if (!ctx)
2494 gcry_cipher_close(gh);
2495
2496 return gpg_error_from_errno(ENOMEM);
2497 }
2498
2499 len = pth_read(fd, &file_header, sizeof(struct file_header_s));
2500
2501 if (len != sizeof(file_header)) {
2502 len = errno;
2503
2504 if (!ctx)
2505 gcry_cipher_close(gh);
2506
2507 gcry_free(iv);
2508 errno = len;
2509 return gpg_error_from_errno(errno);
2510 }
2511
2512 memcpy(iv, &file_header.iv, sizeof(file_header.iv));
2513 inbuf = gcry_malloc(insize);
2514
2515 if (!inbuf) {
2516 if (!ctx)
2517 gcry_cipher_close(gh);
2518
2519 gcry_free(iv);
2520 return gpg_error_from_errno(ENOMEM);
2521 }
2522
2523 len = pth_read(fd, inbuf, insize);
2524
2525 if (len != insize) {
2526 len = errno;
2527
2528 if (!ctx)
2529 gcry_cipher_close(gh);
2530
2531 gcry_free(iv);
2532 errno = len;
2533 return gpg_error_from_errno(errno);
2534 }
2535
2536 memcpy(tkey, key, sizeof(tkey));
2537 tkey[0] ^= 1;
2538
2539 if ((error = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2540 if (!ctx) {
2541 gcry_cipher_close(gh);
2542 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2543 }
2544 else
2545 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2546
2547 gcry_free(inbuf);
2548 gcry_free(iv);
2549 return error;
2550 }
2551
2552 if ((error = gcry_cipher_setkey(gh, key, gcrykeysize))) {
2553 if (!ctx) {
2554 gcry_cipher_close(gh);
2555 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2556 }
2557 else
2558 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2559
2560 gcry_free(inbuf);
2561 gcry_free(iv);
2562
2563 if (!ctx)
2564 gcry_cipher_close(gh);
2565
2566 return error;
2567 }
2568
2569 iter_progress = get_key_file_integer("default", "iteration_progress");
2570
2571 if (ctx && iter_progress > 0 && file_header.iter >= iter_progress) {
2572 error = assuan_write_status(client->ctx, "DECRYPT", "0");
2573
2574 if (error) {
2575 gcry_free(inbuf);
2576 gcry_free(iv);
2577 return error;
2578 }
2579 }
2580
2581 error = decrypt_xml(gh, inbuf, insize, NULL, 0);
2582
2583 if (error) {
2584 gcry_free(inbuf);
2585 gcry_free(iv);
2586 return error;
2587 }
2588
2589 if ((error = gcry_cipher_setkey(gh, tkey, gcrykeysize))) {
2590 if (!ctx) {
2591 gcry_cipher_close(gh);
2592 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2593 }
2594 else
2595 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2596
2597 gcry_free(inbuf);
2598 gcry_free(iv);
2599 return error;
2600 }
2601
2602 while (iter < file_header.iter) {
2603 if (ctx && iter_progress > 0 && iter >= iter_progress) {
2604 if (!(iter % iter_progress)) {
2605 error = assuan_write_status(ctx, "DECRYPT", print_fmt("%i",
2606 ++n_iter * iter_progress));
2607
2608 if (error) {
2609 gcry_free(inbuf);
2610 gcry_free(iv);
2611 return error;
2612 }
2613 }
2614 }
2615
2616 if ((error = gcry_cipher_setiv(gh, iv, gcryblocksize))) {
2617 if (!ctx) {
2618 gcry_cipher_close(gh);
2619 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2620 }
2621 else
2622 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2623
2624 gcry_free(inbuf);
2625 gcry_free(iv);
2626 return error;
2627 }
2628
2629 error = decrypt_xml(gh, inbuf, insize, NULL, 0);
2630
2631 if (error) {
2632 if (!ctx) {
2633 gcry_cipher_close(gh);
2634 warnx("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2635 }
2636 else
2637 log_write("%s(%i): %s", __FUNCTION__, __LINE__, gcry_strerror(error));
2638
2639 gcry_free(inbuf);
2640 gcry_free(iv);
2641 return error;
2642 }
2643
2644 iter++;
2645 pth_yield(NULL);
2646 }
2647
2648 if (ctx && iter_progress && file_header.iter >= iter_progress) {
2649 error = assuan_write_status(ctx, "DECRYPT", print_fmt("%i", file_header.iter));
2650
2651 if (error) {
2652 gcry_free(inbuf);
2653 gcry_free(iv);
2654 return error;
2655 }
2656 }
2657
2658 gcry_free(iv);
2659
2660 if (do_decompress(ctx, inbuf, insize, &outbuf, &outsize, &zerror) == FALSE) {
2661 /*
2662 * Z_DATA_ERROR may be returned if this file hasn't been compressed yet.
2663 */
2664 if (zerror == Z_MEM_ERROR) {
2665 gcry_free(inbuf);
2666 return gpg_error_from_errno(ENOMEM);
2667 }
2668 else if (zerror != Z_DATA_ERROR) {
2669 gcry_free(inbuf);
2670
2671 if (!ctx)
2672 gcry_cipher_close(gh);
2673
2674 return EPWMD_BADKEY;
2675 }
2676 }
2677 else {
2678 gcry_free(inbuf);
2679 inbuf = outbuf;
2680 insize = outsize;
2681 }
2682
2683 if (g_strncasecmp(inbuf, "<?xml version=\"1.0\"?>", 21) != 0) {
2684 gcry_free(inbuf);
2685
2686 if (!ctx)
2687 gcry_cipher_close(gh);
2688
2689 return EPWMD_BADKEY;
2690 }
2691
2692 if (ctx) {
2693 client->xml = inbuf;
2694 client->len = insize;
2695 }
2696 else {
2697 gcry_cipher_close(gh);
2698 gcry_free(inbuf);
2699 }
2700
2701 return 0;
2702 }
2703
2704 /*
2705 * This is called after every Assuan command.
2706 */
2707 void command_finalize(assuan_context_t ctx, gint error)
2708 {
2709 struct client_s *client = assuan_get_pointer(ctx);
2710
2711 unlock_file_mutex(client);
2712 }
A server for managing passphrases and anything else.