From 872df12cacc1575b66a19bb3b3670e94368b9cff Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Thu, 23 Apr 2009 21:04:06 -0400 Subject: [PATCH] Renamed SET parameters: PINENTRY -> ENABLE_PINENTRY, TIMEOUT -> PINENTRY_TIMEOUT, PATH -> PINENTRY_PATH. The configured values (from the rcfile or from a SET command) for "pinentry_timeout" and "enable_pinentry" are now file specific. --- doc/COMMANDS | 50 ++++++++++++++++++++------------------ src/commands.c | 76 +++++++++++++++++++++++++++++++++++++++++----------------- src/common.h | 4 +++- src/pinentry.c | 11 +++++++-- src/pwmd.c | 6 +++-- 5 files changed, 97 insertions(+), 50 deletions(-) diff --git a/doc/COMMANDS b/doc/COMMANDS index e5399269..d20c5f14 100644 --- a/doc/COMMANDS +++ b/doc/COMMANDS @@ -183,29 +183,33 @@ pinentry(1) to retrieve the key. Pinentry options can be set with the SET command followed by the option name and value. Below are the available pwmd options: - NAME VALUE Description - ---------|----------|---------------------------------------------------- - PINENTRY 0|1 When 0, disable use of pinentry. The default is 1. - TIMEOUT The number of seconds before the pinentry process - will terminate while waiting for a passphrase. The - default is 20, 0 disables. - PATH Full path to the pinentry binary. The default is - specified at compile time. - TTYNAME Same as the --ttyname option to pinentry(1). - TTYTYPE Same as the --ttytype option to pinentry(1). - DISPLAY Same as the --display option to pinentry(1). - TITLE Sets the title string of the pinentry dialog. - PROMPT Sets the prompt string of the pinentry dialog. - DESC Sets the error or description string of the pinenry - LC_CTYPE Same as the --lc-ctype option to pinentry(1). - LC_MESSAGES Same as the --lc-messages option to pinentry(1). - ITERATIONS The number of encryption iterations to do when the - SAVE command is sent. An opened file is needed when - setting this option. The CONFIG status message is - sent after receiving this command. - NAME Associates the thread ID of the connection with the - specified textual representation. Useful for - debugging log messages. + NAME VALUE Description + -----------------|----------|---------------------------------------------- + ENABLE_PINENTRY 0|1 When 0, disable use of pinentry. The default + is 1. + PINENTRY_TIMEOUT The number of seconds before the pinentry + process will terminate while waiting for a + passphrase. The default is 20, 0 disables. + PINENTRTY_PATH Full path to the pinentry binary. The default + is specified at compile time. + TTYNAME Same as the --ttyname option to pinentry(1). + TTYTYPE Same as the --ttytype option to pinentry(1). + DISPLAY Same as the --display option to pinentry(1). + TITLE Sets the title string of the pinentry dialog. + PROMPT Sets the prompt string of the pinentry dialog. + DESC Sets the error or description string of the + pinentry dialog. + LC_CTYPE Same as the --lc-ctype option to pinentry(1). + LC_MESSAGES Same as the --lc-messages option to + pinentry(1). + ITERATIONS The number of encryption iterations to do + when the SAVE command is sent. An opened file + is needed when setting this option. The + CONFIG status message is sent after receiving + this command. + NAME Associates the thread ID of the connection + with the specified textual representation. + Useful for debugging log messages. When pinentry is used with the SAVE command the passphrase will be asked for confirmation. If the confirmation fails, the process is started over again diff --git a/src/commands.c b/src/commands.c index 039e3706..6a8a1b8b 100644 --- a/src/commands.c +++ b/src/commands.c @@ -2506,8 +2506,8 @@ static int getconfig_command(assuan_context_t ctx, gchar *line) if (strchr(line, ' ')) { sscanf(line, " %254[^ ] %746c", filename, param); - fp = filename; paramp = param; + fp = filename; } if (fp && !valid_filename(fp)) @@ -2520,7 +2520,7 @@ static int getconfig_command(assuan_context_t ctx, gchar *line) return send_syserror(ctx, ENOMEM); } - if (fp && !g_strcmp0(paramp, "iterations")) { + if (fp && !g_ascii_strcasecmp(paramp, "iterations")) { if (!(client->opts & OPT_ITERATIONS) || fp != client->filename) { file_header_internal_t *fh = read_file_header(fp, FALSE, &rc); @@ -2542,6 +2542,39 @@ static int getconfig_command(assuan_context_t ctx, gchar *line) } } } + else if (!g_ascii_strcasecmp(paramp, "enable_pinentry")) { + gboolean n; + + if (fp == client->filename && (client->opts & OPT_PINENTRY)) + n = client->pinentry->enable; + else + n = get_key_file_boolean(fp, "enable_pinentry"); + + p = g_strdup_printf("%s", n ? "true" : "false"); + + if (!p) { + log_write("%s(%i): %s", __FILE__, __LINE__, + strerror(ENOMEM)); + return send_syserror(ctx, ENOMEM); + } + + goto done; + } + else if (!g_ascii_strcasecmp(paramp, "pinentry_timeout")) { + if (fp == client->filename && (client->opts & OPT_PINENTRY_TO)) + p = g_strdup_printf("%i", client->pinentry->timeout); + else + p = g_strdup_printf("%i", + get_key_file_integer(fp, "pinentry_timeout")); + + if (!p) { + log_write("%s(%i): %s", __FILE__, __LINE__, + strerror(ENOMEM)); + return send_syserror(ctx, ENOMEM); + } + + goto done; + } p = get_key_file_string(fp ? fp : "global", paramp); g_free(paramp); @@ -2862,7 +2895,7 @@ static int set_unset_common(assuan_context_t ctx, const gchar *name, gchar *p = NULL; if (!client->filename) - return send_error(ctx, EPWMD_NO_FILE); + return EPWMD_NO_FILE; if (!value) { MUTEX_LOCK(&rcfile_mutex); @@ -2876,8 +2909,7 @@ static int set_unset_common(assuan_context_t ctx, const gchar *name, n = strtol(value, &p, 10); if (errno || (p && *p) || n < 0) - return send_error(ctx, - gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE)); + return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE); MUTEX_LOCK(&rcfile_mutex); g_key_file_set_integer(keyfileh, @@ -2907,7 +2939,7 @@ static int set_unset_common(assuan_context_t ctx, const gchar *name, client->pinentry->name = g_strdup(buf); if (!client->pinentry->name) - return send_error(ctx, gpg_error_from_errno(ENOMEM)); + return gpg_error_from_errno(ENOMEM); #endif } #ifdef WITH_PINENTRY @@ -2921,7 +2953,7 @@ static int set_unset_common(assuan_context_t ctx, const gchar *name, set_option_value(&client->pinentry->ttytype, value); else if (g_ascii_strcasecmp(name, (gchar *)"display") == 0) set_option_value(&client->pinentry->display, value); - else if (g_ascii_strcasecmp(name, (gchar *)"path") == 0) + else if (g_ascii_strcasecmp(name, (gchar *)"pinentry_path") == 0) set_option_value(&client->pinentry->path, value); else if (g_ascii_strcasecmp(name, (gchar *)"title") == 0) set_option_value(&client->pinentry->title, value); @@ -2929,66 +2961,66 @@ static int set_unset_common(assuan_context_t ctx, const gchar *name, set_option_value(&client->pinentry->prompt, value); else if (g_ascii_strcasecmp(name, (gchar *)"desc") == 0) set_option_value(&client->pinentry->desc, value); - else if (g_ascii_strcasecmp(name, (gchar *)"timeout") == 0) { + else if (g_ascii_strcasecmp(name, "pinentry_timeout") == 0) { gchar *p = NULL; gint n; if (!value) { client->pinentry->timeout = - get_key_file_integer("global", "pinentry_timeout"); + get_key_file_integer(client->filename, "pinentry_timeout"); + client->opts &= ~(OPT_PINENTRY_TO); goto done; } n = strtol(value, &p, 10); if (*p || n < 0) - return send_error(ctx, - gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE)); + return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE); client->pinentry->timeout = n; + client->opts |= OPT_PINENTRY_TO; } - else if (g_ascii_strcasecmp(name, (gchar *)"pinentry") == 0) { + else if (g_ascii_strcasecmp(name, "enable_pinentry") == 0) { gchar *p = NULL; gint n; if (!value) { - client->pinentry->enable = get_key_file_boolean("global", - "enable_pinentry"); + client->pinentry->enable = -1; + client->opts &= ~(OPT_PINENTRY); goto done; } n = strtol(value, &p, 10); if (*p || n < 0 || n > 1) - return send_error(ctx, - gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE)); + return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_INV_VALUE); client->pinentry->enable = n == 0 ? FALSE : TRUE; + client->opts |= OPT_PINENTRY; } #endif else - return send_error(ctx, - gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_UNKNOWN_OPTION)); + return gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_UNKNOWN_OPTION); done: log_write("%s %s%s%s", value ? "SET" : "UNSET", name, value ? "=" : "", value ? value : ""); - return send_error(ctx, 0); + return 0; } static int unset_command(assuan_context_t ctx, gchar *line) { - return set_unset_common(ctx, line, NULL); + return send_error(ctx, set_unset_common(ctx, line, NULL)); } static int set_command(assuan_context_t ctx, gchar *line) { gchar name[64] = {0}, value[256] = {0}; - if (sscanf(line, " %63[a-zA-Z] = %255c", name, value) != 2) + if (sscanf(line, " %63[_a-zA-Z] = %255c", name, value) != 2) return send_error(ctx, gpg_err_make(PWMD_ERR_SOURCE, GPG_ERR_SYNTAX)); - return set_unset_common(ctx, name, value); + return send_error(ctx, set_unset_common(ctx, name, value)); } static void bye_notify(assuan_context_t ctx) diff --git a/src/common.h b/src/common.h index d78af3f5..9057738f 100644 --- a/src/common.h +++ b/src/common.h @@ -171,7 +171,9 @@ struct client_crypto_s { }; /* These are flags that are set by a client via the OPTION command. */ -#define OPT_ITERATIONS 0x1 +#define OPT_ITERATIONS 0x1 +#define OPT_PINENTRY 0x2 +#define OPT_PINENTRY_TO 0x4 struct client_s { assuan_context_t ctx; diff --git a/src/pinentry.c b/src/pinentry.c index ee01386b..607f06a6 100644 --- a/src/pinentry.c +++ b/src/pinentry.c @@ -527,6 +527,8 @@ gpg_error_t pinentry_fork(assuan_context_t ctx) break; case 0: close(p[0]); + pin->timeout = get_key_file_integer(pin->filename, + "pinentry_timeout"); if (pin->timeout > 0 && pin->which == PINENTRY_OPEN) { /* @@ -626,13 +628,18 @@ void cleanup_pinentry(struct pinentry_s *pin) g_free(pin); } +void reset_pin_defaults(struct pinentry_s *pin) +{ + pin->enable = -1; + pin->timeout = get_key_file_integer("global", "pinentry_timeout"); +} + void set_pinentry_defaults(struct pinentry_s *pin) { FILE *fp; gchar buf[PATH_MAX]; gchar *p; - pin->enable = -1; g_snprintf(buf, sizeof(buf), "%s/.pwmd/pinentry.conf", g_get_home_dir()); fp = fopen(buf, "r"); @@ -666,7 +673,7 @@ void set_pinentry_defaults(struct pinentry_s *pin) fclose(fp); } - pin->timeout = get_key_file_integer("global", "pinentry_timeout"); + reset_pin_defaults(pin); } int pinentry_iterate(struct client_s *cl, gboolean read_ready) diff --git a/src/pwmd.c b/src/pwmd.c index 5f12e59e..f9359003 100644 --- a/src/pwmd.c +++ b/src/pwmd.c @@ -1191,8 +1191,10 @@ gboolean get_key_file_boolean(const gchar *section, const gchar *what) MUTEX_LOCK(&rcfile_mutex); - if (g_key_file_has_key(keyfileh, section, what, NULL) == TRUE) { - val = g_key_file_get_boolean(keyfileh, section, what, &grc); + if (g_key_file_has_key(keyfileh, section ? section : "global", what, NULL) + == TRUE) { + val = g_key_file_get_boolean(keyfileh, section ? section : "global", + what, &grc); if (grc) { log_write("%s(%i): %s", __FILE__, __LINE__, grc->message); -- 2.11.4.GIT