LCOV - code coverage report
Current view: top level - sm - gpgsm.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 213 936 22.8 %
Date: 2016-11-29 15:00:56 Functions: 9 25 36.0 %

          Line data    Source code
       1             : /* gpgsm.c - GnuPG for S/MIME
       2             :  * Copyright (C) 2001-2008, 2010  Free Software Foundation, Inc.
       3             :  * Copyright (C) 2001-2008, 2010  Werner Koch
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <https://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <errno.h>
      23             : #include <stdio.h>
      24             : #include <stdlib.h>
      25             : #include <string.h>
      26             : #include <ctype.h>
      27             : #include <unistd.h>
      28             : #include <fcntl.h>
      29             : /*#include <mcheck.h>*/
      30             : 
      31             : #include "gpgsm.h"
      32             : #include <gcrypt.h>
      33             : #include <assuan.h> /* malloc hooks */
      34             : 
      35             : #include "passphrase.h"
      36             : #include "../common/shareddefs.h"
      37             : #include "../kbx/keybox.h" /* malloc hooks */
      38             : #include "i18n.h"
      39             : #include "keydb.h"
      40             : #include "sysutils.h"
      41             : #include "gc-opt-flags.h"
      42             : #include "asshelp.h"
      43             : #include "../common/init.h"
      44             : 
      45             : 
      46             : #ifndef O_BINARY
      47             : #define O_BINARY 0
      48             : #endif
      49             : 
      50             : enum cmd_and_opt_values {
      51             :   aNull = 0,
      52             :   oArmor        = 'a',
      53             :   aDetachedSign = 'b',
      54             :   aSym          = 'c',
      55             :   aDecrypt      = 'd',
      56             :   aEncr         = 'e',
      57             :   aListKeys     = 'k',
      58             :   aListSecretKeys = 'K',
      59             :   oDryRun       = 'n',
      60             :   oOutput       = 'o',
      61             :   oQuiet        = 'q',
      62             :   oRecipient    = 'r',
      63             :   aSign         = 's',
      64             :   oUser         = 'u',
      65             :   oVerbose      = 'v',
      66             :   oBatch        = 500,
      67             :   aClearsign,
      68             :   aKeygen,
      69             :   aSignEncr,
      70             :   aDeleteKey,
      71             :   aImport,
      72             :   aVerify,
      73             :   aListExternalKeys,
      74             :   aListChain,
      75             :   aSendKeys,
      76             :   aRecvKeys,
      77             :   aExport,
      78             :   aExportSecretKeyP12,
      79             :   aExportSecretKeyP8,
      80             :   aExportSecretKeyRaw,
      81             :   aServer,
      82             :   aLearnCard,
      83             :   aCallDirmngr,
      84             :   aCallProtectTool,
      85             :   aPasswd,
      86             :   aGPGConfList,
      87             :   aGPGConfTest,
      88             :   aDumpKeys,
      89             :   aDumpChain,
      90             :   aDumpSecretKeys,
      91             :   aDumpExternalKeys,
      92             :   aKeydbClearSomeCertFlags,
      93             :   aFingerprint,
      94             : 
      95             :   oOptions,
      96             :   oDebug,
      97             :   oDebugLevel,
      98             :   oDebugAll,
      99             :   oDebugNone,
     100             :   oDebugWait,
     101             :   oDebugAllowCoreDump,
     102             :   oDebugNoChainValidation,
     103             :   oDebugIgnoreExpiration,
     104             :   oLogFile,
     105             :   oNoLogFile,
     106             :   oAuditLog,
     107             :   oHtmlAuditLog,
     108             : 
     109             :   oEnableSpecialFilenames,
     110             : 
     111             :   oAgentProgram,
     112             :   oDisplay,
     113             :   oTTYname,
     114             :   oTTYtype,
     115             :   oLCctype,
     116             :   oLCmessages,
     117             :   oXauthority,
     118             : 
     119             :   oPreferSystemDirmngr,
     120             :   oDirmngrProgram,
     121             :   oDisableDirmngr,
     122             :   oProtectToolProgram,
     123             :   oFakedSystemTime,
     124             : 
     125             :   oPassphraseFD,
     126             :   oPinentryMode,
     127             : 
     128             :   oAssumeArmor,
     129             :   oAssumeBase64,
     130             :   oAssumeBinary,
     131             : 
     132             :   oBase64,
     133             :   oNoArmor,
     134             :   oP12Charset,
     135             : 
     136             :   oCompliance,
     137             : 
     138             :   oDisableCRLChecks,
     139             :   oEnableCRLChecks,
     140             :   oDisableTrustedCertCRLCheck,
     141             :   oEnableTrustedCertCRLCheck,
     142             :   oForceCRLRefresh,
     143             : 
     144             :   oDisableOCSP,
     145             :   oEnableOCSP,
     146             : 
     147             :   oIncludeCerts,
     148             :   oPolicyFile,
     149             :   oDisablePolicyChecks,
     150             :   oEnablePolicyChecks,
     151             :   oAutoIssuerKeyRetrieve,
     152             : 
     153             :   oWithFingerprint,
     154             :   oWithMD5Fingerprint,
     155             :   oWithKeygrip,
     156             :   oWithSecret,
     157             :   oAnswerYes,
     158             :   oAnswerNo,
     159             :   oKeyring,
     160             :   oDefaultKey,
     161             :   oDefRecipient,
     162             :   oDefRecipientSelf,
     163             :   oNoDefRecipient,
     164             :   oStatusFD,
     165             :   oCipherAlgo,
     166             :   oDigestAlgo,
     167             :   oExtraDigestAlgo,
     168             :   oNoVerbose,
     169             :   oNoSecmemWarn,
     170             :   oNoDefKeyring,
     171             :   oNoGreeting,
     172             :   oNoTTY,
     173             :   oNoOptions,
     174             :   oNoBatch,
     175             :   oHomedir,
     176             :   oWithColons,
     177             :   oWithKeyData,
     178             :   oWithValidation,
     179             :   oWithEphemeralKeys,
     180             :   oSkipVerify,
     181             :   oValidationModel,
     182             :   oKeyServer,
     183             :   oEncryptTo,
     184             :   oNoEncryptTo,
     185             :   oLoggerFD,
     186             :   oDisableCipherAlgo,
     187             :   oDisablePubkeyAlgo,
     188             :   oIgnoreTimeConflict,
     189             :   oNoRandomSeedFile,
     190             :   oNoCommonCertsImport,
     191             :   oIgnoreCertExtension,
     192             :   oNoAutostart
     193             :  };
     194             : 
     195             : 
     196             : static ARGPARSE_OPTS opts[] = {
     197             : 
     198             :   ARGPARSE_group (300, N_("@Commands:\n ")),
     199             : 
     200             :   ARGPARSE_c (aSign, "sign", N_("make a signature")),
     201             : /*ARGPARSE_c (aClearsign, "clearsign", N_("make a clear text signature") ),*/
     202             :   ARGPARSE_c (aDetachedSign, "detach-sign", N_("make a detached signature")),
     203             :   ARGPARSE_c (aEncr, "encrypt", N_("encrypt data")),
     204             : /*ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")),*/
     205             :   ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")),
     206             :   ARGPARSE_c (aVerify, "verify",  N_("verify a signature")),
     207             :   ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
     208             :   ARGPARSE_c (aListExternalKeys, "list-external-keys",
     209             :               N_("list external keys")),
     210             :   ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
     211             :   ARGPARSE_c (aListChain,   "list-chain",  N_("list certificate chain")),
     212             :   ARGPARSE_c (aFingerprint, "fingerprint", N_("list keys and fingerprints")),
     213             :   ARGPARSE_c (aKeygen, "gen-key", N_("generate a new key pair")),
     214             :   ARGPARSE_c (aDeleteKey, "delete-keys",
     215             :               N_("remove keys from the public keyring")),
     216             : /*ARGPARSE_c (aSendKeys, "send-keys", N_("export keys to a keyserver")),*/
     217             : /*ARGPARSE_c (aRecvKeys, "recv-keys", N_("import keys from a keyserver")),*/
     218             :   ARGPARSE_c (aImport, "import", N_("import certificates")),
     219             :   ARGPARSE_c (aExport, "export", N_("export certificates")),
     220             : 
     221             :   /* We use -raw and not -p1 for pkcs#1 secret key export so that it
     222             :      won't accidentally be used in case -p12 was intended.  */
     223             :   ARGPARSE_c (aExportSecretKeyP12, "export-secret-key-p12", "@"),
     224             :   ARGPARSE_c (aExportSecretKeyP8,  "export-secret-key-p8", "@"),
     225             :   ARGPARSE_c (aExportSecretKeyRaw, "export-secret-key-raw", "@"),
     226             : 
     227             :   ARGPARSE_c (aLearnCard, "learn-card", N_("register a smartcard")),
     228             :   ARGPARSE_c (aServer, "server", N_("run in server mode")),
     229             :   ARGPARSE_c (aCallDirmngr, "call-dirmngr",
     230             :               N_("pass a command to the dirmngr")),
     231             :   ARGPARSE_c (aCallProtectTool, "call-protect-tool",
     232             :               N_("invoke gpg-protect-tool")),
     233             :   ARGPARSE_c (aPasswd, "passwd", N_("change a passphrase")),
     234             :   ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
     235             :   ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
     236             : 
     237             :   ARGPARSE_c (aDumpKeys, "dump-cert", "@"),
     238             :   ARGPARSE_c (aDumpKeys, "dump-keys", "@"),
     239             :   ARGPARSE_c (aDumpChain, "dump-chain", "@"),
     240             :   ARGPARSE_c (aDumpExternalKeys, "dump-external-keys", "@"),
     241             :   ARGPARSE_c (aDumpSecretKeys, "dump-secret-keys", "@"),
     242             :   ARGPARSE_c (aKeydbClearSomeCertFlags, "keydb-clear-some-cert-flags", "@"),
     243             : 
     244             :   ARGPARSE_group (301, N_("@\nOptions:\n ")),
     245             : 
     246             :   ARGPARSE_s_n (oArmor, "armor", N_("create ascii armored output")),
     247             :   ARGPARSE_s_n (oArmor, "armour", "@"),
     248             :   ARGPARSE_s_n (oBase64, "base64", N_("create base-64 encoded output")),
     249             : 
     250             :   ARGPARSE_s_s (oP12Charset, "p12-charset", "@"),
     251             : 
     252             :   ARGPARSE_s_i (oPassphraseFD,    "passphrase-fd", "@"),
     253             :   ARGPARSE_s_s (oPinentryMode,    "pinentry-mode", "@"),
     254             : 
     255             :   ARGPARSE_s_n (oAssumeArmor, "assume-armor",
     256             :                 N_("assume input is in PEM format")),
     257             :   ARGPARSE_s_n (oAssumeBase64, "assume-base64",
     258             :                 N_("assume input is in base-64 format")),
     259             :   ARGPARSE_s_n (oAssumeBinary, "assume-binary",
     260             :                 N_("assume input is in binary format")),
     261             : 
     262             :   ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")),
     263             : 
     264             :   ARGPARSE_s_n (oPreferSystemDirmngr,"prefer-system-dirmngr", "@"),
     265             : 
     266             :   ARGPARSE_s_n (oDisableCRLChecks, "disable-crl-checks",
     267             :                 N_("never consult a CRL")),
     268             :   ARGPARSE_s_n (oEnableCRLChecks, "enable-crl-checks", "@"),
     269             :   ARGPARSE_s_n (oDisableTrustedCertCRLCheck,
     270             :                 "disable-trusted-cert-crl-check", "@"),
     271             :   ARGPARSE_s_n (oEnableTrustedCertCRLCheck,
     272             :                 "enable-trusted-cert-crl-check", "@"),
     273             : 
     274             :   ARGPARSE_s_n (oForceCRLRefresh, "force-crl-refresh", "@"),
     275             : 
     276             :   ARGPARSE_s_n (oDisableOCSP, "disable-ocsp", "@"),
     277             :   ARGPARSE_s_n (oEnableOCSP,  "enable-ocsp", N_("check validity using OCSP")),
     278             : 
     279             :   ARGPARSE_s_s (oValidationModel, "validation-model", "@"),
     280             : 
     281             :   ARGPARSE_s_i (oIncludeCerts, "include-certs",
     282             :                 N_("|N|number of certificates to include") ),
     283             : 
     284             :   ARGPARSE_s_s (oPolicyFile, "policy-file",
     285             :                 N_("|FILE|take policy information from FILE")),
     286             : 
     287             :   ARGPARSE_s_n (oDisablePolicyChecks, "disable-policy-checks",
     288             :                 N_("do not check certificate policies")),
     289             :   ARGPARSE_s_n (oEnablePolicyChecks, "enable-policy-checks", "@"),
     290             : 
     291             :   ARGPARSE_s_n (oAutoIssuerKeyRetrieve, "auto-issuer-key-retrieve",
     292             :                 N_("fetch missing issuer certificates")),
     293             : 
     294             :   ARGPARSE_s_s (oEncryptTo, "encrypt-to", "@"),
     295             :   ARGPARSE_s_n (oNoEncryptTo, "no-encrypt-to", "@"),
     296             : 
     297             :   ARGPARSE_s_s (oUser, "local-user",
     298             :                 N_("|USER-ID|use USER-ID to sign or decrypt")),
     299             : 
     300             :   ARGPARSE_s_s (oOutput, "output", N_("|FILE|write output to FILE")),
     301             :   ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
     302             :   ARGPARSE_s_n (oQuiet, "quiet",  N_("be somewhat more quiet")),
     303             :   ARGPARSE_s_n (oNoTTY, "no-tty", N_("don't use the terminal at all")),
     304             :   ARGPARSE_s_s (oLogFile, "log-file",
     305             :                 N_("|FILE|write a server mode log to FILE")),
     306             :   ARGPARSE_s_n (oNoLogFile, "no-log-file", "@"),
     307             :   ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"),
     308             : 
     309             :   ARGPARSE_s_s (oAuditLog, "audit-log",
     310             :                 N_("|FILE|write an audit log to FILE")),
     311             :   ARGPARSE_s_s (oHtmlAuditLog, "html-audit-log", "@"),
     312             :   ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
     313             :   ARGPARSE_s_n (oBatch, "batch", N_("batch mode: never ask")),
     314             :   ARGPARSE_s_n (oAnswerYes, "yes", N_("assume yes on most questions")),
     315             :   ARGPARSE_s_n (oAnswerNo,  "no",  N_("assume no on most questions")),
     316             : 
     317             :   ARGPARSE_s_s (oKeyring, "keyring",
     318             :                 N_("|FILE|add keyring to the list of keyrings")),
     319             : 
     320             :   ARGPARSE_s_s (oDefaultKey, "default-key",
     321             :                 N_("|USER-ID|use USER-ID as default secret key")),
     322             : 
     323             :   /* Not yet used: */
     324             :   /*   ARGPARSE_s_s (oDefRecipient, "default-recipient", */
     325             :   /*                  N_("|NAME|use NAME as default recipient")), */
     326             :   /*   ARGPARSE_s_n (oDefRecipientSelf, "default-recipient-self", */
     327             :   /*                  N_("use the default key as default recipient")), */
     328             :   /*   ARGPARSE_s_n (oNoDefRecipient, "no-default-recipient", "@"), */
     329             : 
     330             :   ARGPARSE_s_s (oKeyServer, "keyserver",
     331             :                 N_("|SPEC|use this keyserver to lookup keys")),
     332             :   ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
     333             : 
     334             :   ARGPARSE_s_s (oDebug, "debug", "@"),
     335             :   ARGPARSE_s_s (oDebugLevel, "debug-level",
     336             :                 N_("|LEVEL|set the debugging level to LEVEL")),
     337             :   ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
     338             :   ARGPARSE_s_n (oDebugNone, "debug-none", "@"),
     339             :   ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
     340             :   ARGPARSE_s_n (oDebugAllowCoreDump, "debug-allow-core-dump", "@"),
     341             :   ARGPARSE_s_n (oDebugNoChainValidation, "debug-no-chain-validation", "@"),
     342             :   ARGPARSE_s_n (oDebugIgnoreExpiration,  "debug-ignore-expiration", "@"),
     343             : 
     344             :   ARGPARSE_s_i (oStatusFD, "status-fd",
     345             :                 N_("|FD|write status info to this FD")),
     346             : 
     347             :   ARGPARSE_s_s (oCipherAlgo, "cipher-algo",
     348             :                 N_("|NAME|use cipher algorithm NAME")),
     349             :   ARGPARSE_s_s (oDigestAlgo, "digest-algo",
     350             :                 N_("|NAME|use message digest algorithm NAME")),
     351             :   ARGPARSE_s_s (oExtraDigestAlgo, "extra-digest-algo", "@"),
     352             : 
     353             : 
     354             :   ARGPARSE_group (302, N_(
     355             :   "@\n(See the man page for a complete listing of all commands and options)\n"
     356             :   )),
     357             : 
     358             :   ARGPARSE_group (303, N_("@\nExamples:\n\n"
     359             :     " -se -r Bob [file]          sign and encrypt for user Bob\n"
     360             :     " --clearsign [file]         make a clear text signature\n"
     361             :     " --detach-sign [file]       make a detached signature\n"
     362             :     " --list-keys [names]        show keys\n"
     363             :     " --fingerprint [names]      show fingerprints\n"  )),
     364             : 
     365             :   /* Hidden options. */
     366             :   ARGPARSE_s_s (oCompliance, "compliance",   "@"),
     367             :   ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
     368             :   ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"),
     369             :   ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
     370             :   ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
     371             :   ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
     372             :   ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
     373             :   ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
     374             :   ARGPARSE_s_n (oNoOptions, "no-options", "@"),
     375             :   ARGPARSE_s_s (oHomedir, "homedir", "@"),
     376             :   ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
     377             :   ARGPARSE_s_s (oDisplay,    "display", "@"),
     378             :   ARGPARSE_s_s (oTTYname,    "ttyname", "@"),
     379             :   ARGPARSE_s_s (oTTYtype,    "ttytype", "@"),
     380             :   ARGPARSE_s_s (oLCctype,    "lc-ctype", "@"),
     381             :   ARGPARSE_s_s (oLCmessages, "lc-messages", "@"),
     382             :   ARGPARSE_s_s (oXauthority, "xauthority", "@"),
     383             :   ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"),
     384             :   ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr", "@"),
     385             :   ARGPARSE_s_s (oProtectToolProgram, "protect-tool-program", "@"),
     386             :   ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
     387             :   ARGPARSE_s_n (oNoBatch, "no-batch", "@"),
     388             :   ARGPARSE_s_n (oWithColons, "with-colons", "@"),
     389             :   ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"),
     390             :   ARGPARSE_s_n (oWithValidation, "with-validation", "@"),
     391             :   ARGPARSE_s_n (oWithMD5Fingerprint, "with-md5-fingerprint", "@"),
     392             :   ARGPARSE_s_n (oWithEphemeralKeys,  "with-ephemeral-keys", "@"),
     393             :   ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
     394             :   ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
     395             :   ARGPARSE_s_n (oWithKeygrip,     "with-keygrip", "@"),
     396             :   ARGPARSE_s_n (oWithSecret,      "with-secret", "@"),
     397             :   ARGPARSE_s_s (oDisableCipherAlgo,  "disable-cipher-algo", "@"),
     398             :   ARGPARSE_s_s (oDisablePubkeyAlgo,  "disable-pubkey-algo", "@"),
     399             :   ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
     400             :   ARGPARSE_s_n (oNoRandomSeedFile,  "no-random-seed-file", "@"),
     401             :   ARGPARSE_s_n (oNoCommonCertsImport, "no-common-certs-import", "@"),
     402             :   ARGPARSE_s_s (oIgnoreCertExtension, "ignore-cert-extension", "@"),
     403             :   ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
     404             : 
     405             :   /* Command aliases.  */
     406             :   ARGPARSE_c (aListKeys, "list-key", "@"),
     407             :   ARGPARSE_c (aListChain, "list-sig", "@"),
     408             :   ARGPARSE_c (aListChain, "list-sigs", "@"),
     409             :   ARGPARSE_c (aListChain, "check-sig", "@"),
     410             :   ARGPARSE_c (aListChain, "check-sigs", "@"),
     411             :   ARGPARSE_c (aDeleteKey, "delete-key", "@"),
     412             : 
     413             :   ARGPARSE_end ()
     414             : };
     415             : 
     416             : 
     417             : /* The list of supported debug flags.  */
     418             : static struct debug_flags_s debug_flags [] =
     419             :   {
     420             :     { DBG_X509_VALUE   , "x509"    },
     421             :     { DBG_MPI_VALUE    , "mpi"     },
     422             :     { DBG_CRYPTO_VALUE , "crypto"  },
     423             :     { DBG_MEMORY_VALUE , "memory"  },
     424             :     { DBG_CACHE_VALUE  , "cache"   },
     425             :     { DBG_MEMSTAT_VALUE, "memstat" },
     426             :     { DBG_HASHING_VALUE, "hashing" },
     427             :     { DBG_IPC_VALUE    , "ipc"     },
     428             :     { 0, NULL }
     429             :   };
     430             : 
     431             : 
     432             : /* Global variable to keep an error count. */
     433             : int gpgsm_errors_seen = 0;
     434             : 
     435             : /* It is possible that we are currentlu running under setuid permissions */
     436             : static int maybe_setuid = 1;
     437             : 
     438             : /* Helper to implement --debug-level and --debug*/
     439             : static const char *debug_level;
     440             : static unsigned int debug_value;
     441             : 
     442             : /* Option --enable-special-filenames */
     443             : static int allow_special_filenames;
     444             : 
     445             : /* Default value for include-certs.  We need an extra macro for
     446             :    gpgconf-list because the variable will be changed by the command
     447             :    line option.
     448             : 
     449             :    It is often cumbersome to locate intermediate certificates, thus by
     450             :    default we include all certificates in the chain.  However we leave
     451             :    out the root certificate because that would make it too easy for
     452             :    the recipient to import that root certificate.  A root certificate
     453             :    should be installed only after due checks and thus it won't help to
     454             :    send it along with each message.  */
     455             : #define DEFAULT_INCLUDE_CERTS -2 /* Include all certs but root. */
     456             : static int default_include_certs = DEFAULT_INCLUDE_CERTS;
     457             : 
     458             : /* Whether the chain mode shall be used for validation.  */
     459             : static int default_validation_model;
     460             : 
     461             : /* The default cipher algo.  */
     462             : #define DEFAULT_CIPHER_ALGO "AES"
     463             : 
     464             : 
     465             : static char *build_list (const char *text,
     466             :                          const char *(*mapf)(int), int (*chkf)(int));
     467             : static void set_cmd (enum cmd_and_opt_values *ret_cmd,
     468             :                      enum cmd_and_opt_values new_cmd );
     469             : 
     470             : static void emergency_cleanup (void);
     471             : static int check_special_filename (const char *fname, int for_write);
     472             : static int open_read (const char *filename);
     473             : static estream_t open_es_fread (const char *filename, const char *mode);
     474             : static estream_t open_es_fwrite (const char *filename);
     475             : static void run_protect_tool (int argc, char **argv);
     476             : 
     477             : static int
     478           0 : our_pk_test_algo (int algo)
     479             : {
     480           0 :   switch (algo)
     481             :     {
     482             :     case GCRY_PK_RSA:
     483             :     case GCRY_PK_ECDSA:
     484           0 :       return gcry_pk_test_algo (algo);
     485             :     default:
     486           0 :       return 1;
     487             :     }
     488             : }
     489             : 
     490             : static int
     491           0 : our_cipher_test_algo (int algo)
     492             : {
     493           0 :   switch (algo)
     494             :     {
     495             :     case GCRY_CIPHER_3DES:
     496             :     case GCRY_CIPHER_AES128:
     497             :     case GCRY_CIPHER_AES192:
     498             :     case GCRY_CIPHER_AES256:
     499             :     case GCRY_CIPHER_SERPENT128:
     500             :     case GCRY_CIPHER_SERPENT192:
     501             :     case GCRY_CIPHER_SERPENT256:
     502             :     case GCRY_CIPHER_SEED:
     503             :     case GCRY_CIPHER_CAMELLIA128:
     504             :     case GCRY_CIPHER_CAMELLIA192:
     505             :     case GCRY_CIPHER_CAMELLIA256:
     506           0 :       return gcry_cipher_test_algo (algo);
     507             :     default:
     508           0 :       return 1;
     509             :     }
     510             : }
     511             : 
     512             : 
     513             : static int
     514           0 : our_md_test_algo (int algo)
     515             : {
     516           0 :   switch (algo)
     517             :     {
     518             :     case GCRY_MD_MD5:
     519             :     case GCRY_MD_SHA1:
     520             :     case GCRY_MD_RMD160:
     521             :     case GCRY_MD_SHA224:
     522             :     case GCRY_MD_SHA256:
     523             :     case GCRY_MD_SHA384:
     524             :     case GCRY_MD_SHA512:
     525             :     case GCRY_MD_WHIRLPOOL:
     526           0 :       return gcry_md_test_algo (algo);
     527             :     default:
     528           0 :       return 1;
     529             :     }
     530             : }
     531             : 
     532             : 
     533             : static char *
     534           0 : make_libversion (const char *libname, const char *(*getfnc)(const char*))
     535             : {
     536             :   const char *s;
     537             :   char *result;
     538             : 
     539           0 :   if (maybe_setuid)
     540             :     {
     541           0 :       gcry_control (GCRYCTL_INIT_SECMEM, 0, 0);  /* Drop setuid. */
     542           0 :       maybe_setuid = 0;
     543             :     }
     544           0 :   s = getfnc (NULL);
     545           0 :   result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
     546           0 :   strcpy (stpcpy (stpcpy (result, libname), " "), s);
     547           0 :   return result;
     548             : }
     549             : 
     550             : 
     551             : static const char *
     552           0 : my_strusage( int level )
     553             : {
     554             :   static char *digests, *pubkeys, *ciphers;
     555             :   static char *ver_gcry, *ver_ksba;
     556             :   const char *p;
     557             : 
     558           0 :   switch (level)
     559             :     {
     560           0 :     case 11: p = "@GPGSM@ (@GNUPG@)";
     561           0 :       break;
     562           0 :     case 13: p = VERSION; break;
     563           0 :     case 17: p = PRINTABLE_OS_NAME; break;
     564           0 :     case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
     565             : 
     566             :     case 1:
     567           0 :     case 40: p = _("Usage: @GPGSM@ [options] [files] (-h for help)");
     568           0 :       break;
     569             :     case 41:
     570           0 :       p = _("Syntax: @GPGSM@ [options] [files]\n"
     571             :             "Sign, check, encrypt or decrypt using the S/MIME protocol\n"
     572             :             "Default operation depends on the input data\n");
     573           0 :       break;
     574             : 
     575             :     case 20:
     576           0 :       if (!ver_gcry)
     577           0 :         ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
     578           0 :       p = ver_gcry;
     579           0 :       break;
     580             :     case 21:
     581           0 :       if (!ver_ksba)
     582           0 :         ver_ksba = make_libversion ("libksba", ksba_check_version);
     583           0 :       p = ver_ksba;
     584           0 :       break;
     585             : 
     586           0 :     case 31: p = "\nHome: "; break;
     587           0 :     case 32: p = gnupg_homedir (); break;
     588           0 :     case 33: p = _("\nSupported algorithms:\n"); break;
     589             :     case 34:
     590           0 :       if (!ciphers)
     591           0 :         ciphers = build_list ("Cipher: ", gnupg_cipher_algo_name,
     592             :                               our_cipher_test_algo );
     593           0 :       p = ciphers;
     594           0 :       break;
     595             :     case 35:
     596           0 :       if (!pubkeys)
     597           0 :         pubkeys = build_list ("Pubkey: ", gcry_pk_algo_name,
     598             :                               our_pk_test_algo );
     599           0 :       p = pubkeys;
     600           0 :       break;
     601             :     case 36:
     602           0 :       if (!digests)
     603           0 :         digests = build_list("Hash: ", gcry_md_algo_name, our_md_test_algo );
     604           0 :       p = digests;
     605           0 :       break;
     606             : 
     607           0 :     default: p = NULL; break;
     608             :     }
     609           0 :   return p;
     610             : }
     611             : 
     612             : 
     613             : static char *
     614           0 : build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
     615             : {
     616             :   int i;
     617           0 :   size_t n=strlen(text)+2;
     618             :   char *list, *p;
     619             : 
     620           0 :   if (maybe_setuid) {
     621           0 :     gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
     622             :   }
     623             : 
     624           0 :   for (i=1; i < 400; i++ )
     625           0 :     if (!chkf(i))
     626           0 :       n += strlen(mapf(i)) + 2;
     627           0 :   list = xmalloc (21 + n);
     628           0 :   *list = 0;
     629           0 :   for (p=NULL, i=1; i < 400; i++)
     630             :     {
     631           0 :       if (!chkf(i))
     632             :         {
     633           0 :           if( !p )
     634           0 :             p = stpcpy (list, text );
     635             :           else
     636           0 :             p = stpcpy (p, ", ");
     637           0 :           p = stpcpy (p, mapf(i) );
     638             :         }
     639             :     }
     640           0 :   if (p)
     641           0 :     strcpy (p, "\n" );
     642           0 :   return list;
     643             : }
     644             : 
     645             : 
     646             : /* Set the file pointer into binary mode if required.  */
     647             : static void
     648           0 : set_binary (FILE *fp)
     649             : {
     650             : #ifdef HAVE_DOSISH_SYSTEM
     651             :   setmode (fileno (fp), O_BINARY);
     652             : #else
     653             :   (void)fp;
     654             : #endif
     655           0 : }
     656             : 
     657             : 
     658             : 
     659             : static void
     660           0 : wrong_args (const char *text)
     661             : {
     662           0 :   fprintf (stderr, _("usage: %s [options] %s\n"), GPGSM_NAME, text);
     663           0 :   gpgsm_exit (2);
     664           0 : }
     665             : 
     666             : 
     667             : static void
     668           0 : set_opt_session_env (const char *name, const char *value)
     669             : {
     670             :   gpg_error_t err;
     671             : 
     672           0 :   err = session_env_setenv (opt.session_env, name, value);
     673           0 :   if (err)
     674           0 :     log_fatal ("error setting session environment: %s\n",
     675             :                gpg_strerror (err));
     676           0 : }
     677             : 
     678             : 
     679             : /* Setup the debugging.  With a DEBUG_LEVEL of NULL only the active
     680             :    debug flags are propagated to the subsystems.  With DEBUG_LEVEL
     681             :    set, a specific set of debug flags is set; and individual debugging
     682             :    flags will be added on top.  */
     683             : static void
     684           3 : set_debug (void)
     685             : {
     686           3 :   int numok = (debug_level && digitp (debug_level));
     687           3 :   int numlvl = numok? atoi (debug_level) : 0;
     688             : 
     689           3 :   if (!debug_level)
     690             :     ;
     691           0 :   else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
     692           0 :     opt.debug = 0;
     693           0 :   else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
     694           0 :     opt.debug = DBG_IPC_VALUE;
     695           0 :   else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
     696           0 :     opt.debug = DBG_IPC_VALUE|DBG_X509_VALUE;
     697           0 :   else if (!strcmp (debug_level, "expert")  || (numok && numlvl <= 8))
     698           0 :     opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE
     699             :                  |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
     700           0 :   else if (!strcmp (debug_level, "guru") || numok)
     701             :     {
     702           0 :       opt.debug = ~0;
     703             :       /* Unless the "guru" string has been used we don't want to allow
     704             :          hashing debugging.  The rationale is that people tend to
     705             :          select the highest debug value and would then clutter their
     706             :          disk with debug files which may reveal confidential data.  */
     707           0 :       if (numok)
     708           0 :         opt.debug &= ~(DBG_HASHING_VALUE);
     709             :     }
     710             :   else
     711             :     {
     712           0 :       log_error (_("invalid debug-level '%s' given\n"), debug_level);
     713           0 :       gpgsm_exit (2);
     714             :     }
     715             : 
     716           3 :   opt.debug |= debug_value;
     717             : 
     718           3 :   if (opt.debug && !opt.verbose)
     719           0 :     opt.verbose = 1;
     720           3 :   if (opt.debug)
     721           0 :     opt.quiet = 0;
     722             : 
     723           3 :   if (opt.debug & DBG_MPI_VALUE)
     724           0 :     gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
     725           3 :   if (opt.debug & DBG_CRYPTO_VALUE )
     726           0 :     gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
     727           3 :   gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
     728             : 
     729           3 :   if (opt.debug)
     730           0 :     parse_debug_flag (NULL, &opt.debug, debug_flags);
     731           3 : }
     732             : 
     733             : 
     734             : 
     735             : static void
     736           3 : set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
     737             : {
     738           3 :   enum cmd_and_opt_values cmd = *ret_cmd;
     739             : 
     740           3 :   if (!cmd || cmd == new_cmd)
     741           3 :     cmd = new_cmd;
     742           0 :   else if ( cmd == aSign && new_cmd == aEncr )
     743           0 :     cmd = aSignEncr;
     744           0 :   else if ( cmd == aEncr && new_cmd == aSign )
     745           0 :     cmd = aSignEncr;
     746           0 :   else if ( (cmd == aSign && new_cmd == aClearsign)
     747           0 :             || (cmd == aClearsign && new_cmd == aSign) )
     748           0 :     cmd = aClearsign;
     749             :   else
     750             :     {
     751           0 :       log_error(_("conflicting commands\n"));
     752           0 :       gpgsm_exit(2);
     753             :     }
     754             : 
     755           3 :   *ret_cmd = cmd;
     756           3 : }
     757             : 
     758             : 
     759             : /* Helper to add recipients to a list. */
     760             : static void
     761           0 : do_add_recipient (ctrl_t ctrl, const char *name,
     762             :                   certlist_t *recplist, int is_encrypt_to, int recp_required)
     763             : {
     764           0 :   int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to);
     765           0 :   if (rc)
     766             :     {
     767           0 :       if (recp_required)
     768             :         {
     769           0 :           log_error ("can't encrypt to '%s': %s\n", name, gpg_strerror (rc));
     770           0 :           gpgsm_status2 (ctrl, STATUS_INV_RECP,
     771             :                          get_inv_recpsgnr_code (rc), name, NULL);
     772             :         }
     773             :       else
     774           0 :         log_info (_("Note: won't be able to encrypt to '%s': %s\n"),
     775             :                   name, gpg_strerror (rc));
     776             :     }
     777           0 : }
     778             : 
     779             : 
     780             : static void
     781           0 : parse_validation_model (const char *model)
     782             : {
     783           0 :   int i = gpgsm_parse_validation_model (model);
     784           0 :   if (i == -1)
     785           0 :     log_error (_("unknown validation model '%s'\n"), model);
     786             :   else
     787           0 :     default_validation_model = i;
     788           0 : }
     789             : 
     790             : 
     791             : /* Release the list of SERVERS.  As usual it is okay to call this
     792             :    function with SERVERS passed as NULL.  */
     793             : void
     794           3 : keyserver_list_free (struct keyserver_spec *servers)
     795             : {
     796           6 :   while (servers)
     797             :     {
     798           0 :       struct keyserver_spec *tmp = servers->next;
     799           0 :       xfree (servers->host);
     800           0 :       xfree (servers->user);
     801           0 :       if (servers->pass)
     802           0 :         memset (servers->pass, 0, strlen (servers->pass));
     803           0 :       xfree (servers->pass);
     804           0 :       xfree (servers->base);
     805           0 :       xfree (servers);
     806           0 :       servers = tmp;
     807             :     }
     808           3 : }
     809             : 
     810             : /* See also dirmngr ldapserver_parse_one().  */
     811             : struct keyserver_spec *
     812           0 : parse_keyserver_line (char *line,
     813             :                       const char *filename, unsigned int lineno)
     814             : {
     815             :   char *p;
     816             :   char *endp;
     817             :   struct keyserver_spec *server;
     818             :   int fieldno;
     819           0 :   int fail = 0;
     820             : 
     821             :   /* Parse the colon separated fields.  */
     822           0 :   server = xcalloc (1, sizeof *server);
     823           0 :   for (fieldno = 1, p = line; p; p = endp, fieldno++ )
     824             :     {
     825           0 :       endp = strchr (p, ':');
     826           0 :       if (endp)
     827           0 :         *endp++ = '\0';
     828           0 :       trim_spaces (p);
     829           0 :       switch (fieldno)
     830             :         {
     831             :         case 1:
     832           0 :           if (*p)
     833           0 :             server->host = xstrdup (p);
     834             :           else
     835             :             {
     836           0 :               log_error (_("%s:%u: no hostname given\n"),
     837             :                          filename, lineno);
     838           0 :               fail = 1;
     839             :             }
     840           0 :           break;
     841             : 
     842             :         case 2:
     843           0 :           if (*p)
     844           0 :             server->port = atoi (p);
     845           0 :           break;
     846             : 
     847             :         case 3:
     848           0 :           if (*p)
     849           0 :             server->user = xstrdup (p);
     850           0 :           break;
     851             : 
     852             :         case 4:
     853           0 :           if (*p && !server->user)
     854             :             {
     855           0 :               log_error (_("%s:%u: password given without user\n"),
     856             :                          filename, lineno);
     857           0 :               fail = 1;
     858             :             }
     859           0 :           else if (*p)
     860           0 :             server->pass = xstrdup (p);
     861           0 :           break;
     862             : 
     863             :         case 5:
     864           0 :           if (*p)
     865           0 :             server->base = xstrdup (p);
     866           0 :           break;
     867             : 
     868             :         default:
     869             :           /* (We silently ignore extra fields.) */
     870           0 :           break;
     871             :         }
     872             :     }
     873             : 
     874           0 :   if (fail)
     875             :     {
     876           0 :       log_info (_("%s:%u: skipping this line\n"), filename, lineno);
     877           0 :       keyserver_list_free (server);
     878           0 :       server = NULL;
     879             :     }
     880             : 
     881           0 :   return server;
     882             : }
     883             : 
     884             : 
     885             : int
     886           3 : main ( int argc, char **argv)
     887             : {
     888             :   ARGPARSE_ARGS pargs;
     889             :   int orig_argc;
     890             :   char **orig_argv;
     891             :   /*  char *username;*/
     892             :   int may_coredump;
     893           3 :   strlist_t sl, remusr= NULL, locusr=NULL;
     894           3 :   strlist_t nrings=NULL;
     895           3 :   int detached_sig = 0;
     896           3 :   FILE *configfp = NULL;
     897           3 :   char *configname = NULL;
     898             :   unsigned configlineno;
     899           3 :   int parse_debug = 0;
     900           3 :   int no_more_options = 0;
     901           3 :   int default_config =1;
     902           3 :   int default_keyring = 1;
     903           3 :   char *logfile = NULL;
     904           3 :   char *auditlog = NULL;
     905           3 :   char *htmlauditlog = NULL;
     906           3 :   int greeting = 0;
     907           3 :   int nogreeting = 0;
     908           3 :   int debug_wait = 0;
     909           3 :   int use_random_seed = 1;
     910           3 :   int no_common_certs_import = 0;
     911           3 :   int with_fpr = 0;
     912           3 :   const char *forced_digest_algo = NULL;
     913           3 :   const char *extra_digest_algo = NULL;
     914           3 :   enum cmd_and_opt_values cmd = 0;
     915             :   struct server_control_s ctrl;
     916           3 :   certlist_t recplist = NULL;
     917           3 :   certlist_t signerlist = NULL;
     918           3 :   int do_not_setup_keys = 0;
     919           3 :   int recp_required = 0;
     920           3 :   estream_t auditfp = NULL;
     921           3 :   estream_t htmlauditfp = NULL;
     922             :   struct assuan_malloc_hooks malloc_hooks;
     923           3 :   int pwfd = -1;
     924             :   /*mtrace();*/
     925             : 
     926           3 :   early_system_init ();
     927           3 :   gnupg_reopen_std (GPGSM_NAME);
     928             :   /* trap_unaligned ();*/
     929           3 :   gnupg_rl_initialize ();
     930           3 :   set_strusage (my_strusage);
     931           3 :   gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
     932             : 
     933             :   /* Please note that we may running SUID(ROOT), so be very CAREFUL
     934             :      when adding any stuff between here and the call to secmem_init()
     935             :      somewhere after the option parsing */
     936           3 :   log_set_prefix (GPGSM_NAME, GPGRT_LOG_WITH_PREFIX);
     937             : 
     938             :   /* Make sure that our subsystems are ready.  */
     939           3 :   i18n_init ();
     940           3 :   init_common_subsystems (&argc, &argv);
     941             : 
     942             :   /* Check that the libraries are suitable.  Do it here because the
     943             :      option parse may need services of the library */
     944           3 :   if (!ksba_check_version (NEED_KSBA_VERSION) )
     945           0 :     log_fatal (_("%s is too old (need %s, have %s)\n"), "libksba",
     946             :                NEED_KSBA_VERSION, ksba_check_version (NULL) );
     947             : 
     948             : 
     949           3 :   gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
     950             : 
     951           3 :   may_coredump = disable_core_dumps ();
     952             : 
     953           3 :   gnupg_init_signals (0, emergency_cleanup);
     954             : 
     955           3 :   dotlock_create (NULL, 0); /* Register lockfile cleanup.  */
     956             : 
     957           3 :   opt.autostart = 1;
     958           3 :   opt.session_env = session_env_new ();
     959           3 :   if (!opt.session_env)
     960           0 :     log_fatal ("error allocating session environment block: %s\n",
     961           0 :                strerror (errno));
     962             : 
     963             :   /* Note: If you change this default cipher algorithm , please
     964             :      remember to update the Gpgconflist entry as well.  */
     965           3 :   opt.def_cipher_algoid = DEFAULT_CIPHER_ALGO;
     966             : 
     967             : 
     968             :   /* First check whether we have a config file on the commandline */
     969           3 :   orig_argc = argc;
     970           3 :   orig_argv = argv;
     971           3 :   pargs.argc = &argc;
     972           3 :   pargs.argv = &argv;
     973           3 :   pargs.flags= 1|(1<<6);  /* do not remove the args, ignore version */
     974           9 :   while (arg_parse( &pargs, opts))
     975             :     {
     976           3 :       if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
     977           0 :         parse_debug++;
     978           3 :       else if (pargs.r_opt == oOptions)
     979             :         { /* yes there is one, so we do not try the default one but
     980             :              read the config file when it is encountered at the
     981             :              commandline */
     982           0 :           default_config = 0;
     983             :         }
     984           3 :       else if (pargs.r_opt == oNoOptions)
     985             :         {
     986           0 :           default_config = 0; /* --no-options */
     987           0 :           opt.no_homedir_creation = 1;
     988             :         }
     989           3 :       else if (pargs.r_opt == oHomedir)
     990           0 :         gnupg_set_homedir (pargs.r.ret_str);
     991           3 :       else if (pargs.r_opt == aCallProtectTool)
     992           0 :         break; /* This break makes sure that --version and --help are
     993             :                   passed to the protect-tool. */
     994             :     }
     995             : 
     996             : 
     997             :   /* Initialize the secure memory. */
     998           3 :   gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
     999           3 :   maybe_setuid = 0;
    1000             : 
    1001             :   /*
    1002             :      Now we are now working under our real uid
    1003             :   */
    1004             : 
    1005           3 :   ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
    1006             : 
    1007           3 :   malloc_hooks.malloc = gcry_malloc;
    1008           3 :   malloc_hooks.realloc = gcry_realloc;
    1009           3 :   malloc_hooks.free = gcry_free;
    1010           3 :   assuan_set_malloc_hooks (&malloc_hooks);
    1011           3 :   assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
    1012           3 :   setup_libassuan_logging (&opt.debug, NULL);
    1013             : 
    1014           3 :   keybox_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
    1015             : 
    1016             :   /* Setup a default control structure for command line mode */
    1017           3 :   memset (&ctrl, 0, sizeof ctrl);
    1018           3 :   gpgsm_init_default_ctrl (&ctrl);
    1019           3 :   ctrl.no_server = 1;
    1020           3 :   ctrl.status_fd = -1; /* No status output. */
    1021           3 :   ctrl.autodetect_encoding = 1;
    1022             : 
    1023             :   /* Set the default option file */
    1024           3 :   if (default_config )
    1025           3 :     configname = make_filename (gnupg_homedir (),
    1026             :                                 GPGSM_NAME EXTSEP_S "conf", NULL);
    1027             :   /* Set the default policy file */
    1028           3 :   opt.policy_file = make_filename (gnupg_homedir (), "policies.txt", NULL);
    1029             : 
    1030           3 :   argc        = orig_argc;
    1031           3 :   argv        = orig_argv;
    1032           3 :   pargs.argc  = &argc;
    1033           3 :   pargs.argv  = &argv;
    1034           3 :   pargs.flags =  1;  /* do not remove the args */
    1035             : 
    1036             :  next_pass:
    1037           6 :   if (configname) {
    1038           3 :     configlineno = 0;
    1039           3 :     configfp = fopen (configname, "r");
    1040           3 :     if (!configfp)
    1041             :       {
    1042           0 :         if (default_config)
    1043             :           {
    1044           0 :             if (parse_debug)
    1045           0 :               log_info (_("Note: no default option file '%s'\n"), configname);
    1046             :           }
    1047             :         else
    1048             :           {
    1049           0 :             log_error (_("option file '%s': %s\n"), configname, strerror(errno));
    1050           0 :             gpgsm_exit(2);
    1051             :           }
    1052           0 :         xfree(configname);
    1053           0 :         configname = NULL;
    1054             :       }
    1055           3 :     if (parse_debug && configname)
    1056           0 :       log_info (_("reading options from '%s'\n"), configname);
    1057           3 :     default_config = 0;
    1058             :   }
    1059             : 
    1060          27 :   while (!no_more_options
    1061          21 :          && optfile_parse (configfp, configname, &configlineno, &pargs, opts))
    1062             :     {
    1063          15 :       switch (pargs.r_opt)
    1064             :         {
    1065             :         case aGPGConfList:
    1066             :         case aGPGConfTest:
    1067           0 :           set_cmd (&cmd, pargs.r_opt);
    1068           0 :           do_not_setup_keys = 1;
    1069           0 :           nogreeting = 1;
    1070           0 :           break;
    1071             : 
    1072             :         case aServer:
    1073           0 :           opt.batch = 1;
    1074           0 :           set_cmd (&cmd, aServer);
    1075           0 :           break;
    1076             : 
    1077             :         case aCallDirmngr:
    1078           0 :           opt.batch = 1;
    1079           0 :           set_cmd (&cmd, aCallDirmngr);
    1080           0 :           do_not_setup_keys = 1;
    1081           0 :           break;
    1082             : 
    1083             :         case aCallProtectTool:
    1084           0 :           opt.batch = 1;
    1085           0 :           set_cmd (&cmd, aCallProtectTool);
    1086           0 :           no_more_options = 1; /* Stop parsing. */
    1087           0 :           do_not_setup_keys = 1;
    1088           0 :           break;
    1089             : 
    1090             :         case aDeleteKey:
    1091           0 :           set_cmd (&cmd, aDeleteKey);
    1092             :           /*greeting=1;*/
    1093           0 :           do_not_setup_keys = 1;
    1094           0 :           break;
    1095             : 
    1096             :         case aDetachedSign:
    1097           0 :           detached_sig = 1;
    1098           0 :           set_cmd (&cmd, aSign );
    1099           0 :           break;
    1100             : 
    1101             :         case aKeygen:
    1102           0 :           set_cmd (&cmd, aKeygen);
    1103           0 :           greeting=1;
    1104           0 :           do_not_setup_keys = 1;
    1105           0 :           break;
    1106             : 
    1107             :         case aImport:
    1108             :         case aSendKeys:
    1109             :         case aRecvKeys:
    1110             :         case aExport:
    1111             :         case aExportSecretKeyP12:
    1112             :         case aExportSecretKeyP8:
    1113             :         case aExportSecretKeyRaw:
    1114             :         case aDumpKeys:
    1115             :         case aDumpChain:
    1116             :         case aDumpExternalKeys:
    1117             :         case aDumpSecretKeys:
    1118             :         case aListKeys:
    1119             :         case aListExternalKeys:
    1120             :         case aListSecretKeys:
    1121             :         case aListChain:
    1122             :         case aLearnCard:
    1123             :         case aPasswd:
    1124             :         case aKeydbClearSomeCertFlags:
    1125           3 :           do_not_setup_keys = 1;
    1126           3 :           set_cmd (&cmd, pargs.r_opt);
    1127           3 :           break;
    1128             : 
    1129             :         case aEncr:
    1130           0 :           recp_required = 1;
    1131           0 :           set_cmd (&cmd, pargs.r_opt);
    1132           0 :           break;
    1133             : 
    1134             :         case aSym:
    1135             :         case aDecrypt:
    1136             :         case aSign:
    1137             :         case aClearsign:
    1138             :         case aVerify:
    1139           0 :           set_cmd (&cmd, pargs.r_opt);
    1140           0 :           break;
    1141             : 
    1142             :           /* Output encoding selection.  */
    1143             :         case oArmor:
    1144           0 :           ctrl.create_pem = 1;
    1145           0 :           break;
    1146             :         case oBase64:
    1147           0 :           ctrl.create_pem = 0;
    1148           0 :           ctrl.create_base64 = 1;
    1149           0 :           break;
    1150             :         case oNoArmor:
    1151           0 :           ctrl.create_pem = 0;
    1152           0 :           ctrl.create_base64 = 0;
    1153           0 :           break;
    1154             : 
    1155             :         case oP12Charset:
    1156           0 :           opt.p12_charset = pargs.r.ret_str;
    1157           0 :           break;
    1158             : 
    1159             :         case oPassphraseFD:
    1160           0 :           pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
    1161           0 :           break;
    1162             : 
    1163             :         case oPinentryMode:
    1164           0 :           opt.pinentry_mode = parse_pinentry_mode (pargs.r.ret_str);
    1165           0 :           if (opt.pinentry_mode == -1)
    1166           0 :             log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
    1167           0 :           break;
    1168             : 
    1169             :           /* Input encoding selection.  */
    1170             :         case oAssumeArmor:
    1171           0 :           ctrl.autodetect_encoding = 0;
    1172           0 :           ctrl.is_pem = 1;
    1173           0 :           ctrl.is_base64 = 0;
    1174           0 :           break;
    1175             :         case oAssumeBase64:
    1176           0 :           ctrl.autodetect_encoding = 0;
    1177           0 :           ctrl.is_pem = 0;
    1178           0 :           ctrl.is_base64 = 1;
    1179           0 :           break;
    1180             :         case oAssumeBinary:
    1181           0 :           ctrl.autodetect_encoding = 0;
    1182           0 :           ctrl.is_pem = 0;
    1183           0 :           ctrl.is_base64 = 0;
    1184           0 :           break;
    1185             : 
    1186             :         case oDisableCRLChecks:
    1187           3 :           opt.no_crl_check = 1;
    1188           3 :           break;
    1189             :         case oEnableCRLChecks:
    1190           0 :           opt.no_crl_check = 0;
    1191           0 :           break;
    1192             :         case oDisableTrustedCertCRLCheck:
    1193           0 :           opt.no_trusted_cert_crl_check = 1;
    1194           0 :           break;
    1195             :         case oEnableTrustedCertCRLCheck:
    1196           0 :           opt.no_trusted_cert_crl_check = 0;
    1197           0 :           break;
    1198             :         case oForceCRLRefresh:
    1199           0 :           opt.force_crl_refresh = 1;
    1200           0 :           break;
    1201             : 
    1202             :         case oDisableOCSP:
    1203           0 :           ctrl.use_ocsp = opt.enable_ocsp = 0;
    1204           0 :           break;
    1205             :         case oEnableOCSP:
    1206           0 :           ctrl.use_ocsp = opt.enable_ocsp = 1;
    1207           0 :           break;
    1208             : 
    1209             :         case oIncludeCerts:
    1210           0 :           ctrl.include_certs = default_include_certs = pargs.r.ret_int;
    1211           0 :           break;
    1212             : 
    1213             :         case oPolicyFile:
    1214           0 :           xfree (opt.policy_file);
    1215           0 :           if (*pargs.r.ret_str)
    1216           0 :             opt.policy_file = xstrdup (pargs.r.ret_str);
    1217             :           else
    1218           0 :             opt.policy_file = NULL;
    1219           0 :           break;
    1220             : 
    1221             :         case oDisablePolicyChecks:
    1222           0 :           opt.no_policy_check = 1;
    1223           0 :           break;
    1224             :         case oEnablePolicyChecks:
    1225           0 :           opt.no_policy_check = 0;
    1226           0 :           break;
    1227             : 
    1228             :         case oAutoIssuerKeyRetrieve:
    1229           0 :           opt.auto_issuer_key_retrieve = 1;
    1230           0 :           break;
    1231             : 
    1232           0 :         case oOutput: opt.outfile = pargs.r.ret_str; break;
    1233             : 
    1234             : 
    1235           0 :         case oQuiet: opt.quiet = 1; break;
    1236           0 :         case oNoTTY: /* fixme:tty_no_terminal(1);*/ break;
    1237           0 :         case oDryRun: opt.dry_run = 1; break;
    1238             : 
    1239             :         case oVerbose:
    1240           0 :           opt.verbose++;
    1241           0 :           gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
    1242           0 :           break;
    1243             :         case oNoVerbose:
    1244           0 :           opt.verbose = 0;
    1245           0 :           gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
    1246           0 :           break;
    1247             : 
    1248           0 :         case oLogFile: logfile = pargs.r.ret_str; break;
    1249           0 :         case oNoLogFile: logfile = NULL; break;
    1250             : 
    1251           0 :         case oAuditLog: auditlog = pargs.r.ret_str; break;
    1252           0 :         case oHtmlAuditLog: htmlauditlog = pargs.r.ret_str; break;
    1253             : 
    1254             :         case oBatch:
    1255           0 :           opt.batch = 1;
    1256           0 :           greeting = 0;
    1257           0 :           break;
    1258           0 :         case oNoBatch: opt.batch = 0; break;
    1259             : 
    1260           0 :         case oAnswerYes: opt.answer_yes = 1; break;
    1261           0 :         case oAnswerNo: opt.answer_no = 1; break;
    1262             : 
    1263           0 :         case oKeyring: append_to_strlist (&nrings, pargs.r.ret_str); break;
    1264             : 
    1265             :         case oDebug:
    1266           0 :           if (parse_debug_flag (pargs.r.ret_str, &debug_value, debug_flags))
    1267             :             {
    1268           0 :               pargs.r_opt = ARGPARSE_INVALID_ARG;
    1269           0 :               pargs.err = ARGPARSE_PRINT_ERROR;
    1270             :             }
    1271           0 :           break;
    1272           0 :         case oDebugAll: debug_value = ~0; break;
    1273           0 :         case oDebugNone: debug_value = 0; break;
    1274           0 :         case oDebugLevel: debug_level = pargs.r.ret_str; break;
    1275           0 :         case oDebugWait: debug_wait = pargs.r.ret_int; break;
    1276             :         case oDebugAllowCoreDump:
    1277           0 :           may_coredump = enable_core_dumps ();
    1278           0 :           break;
    1279           0 :         case oDebugNoChainValidation: opt.no_chain_validation = 1; break;
    1280           0 :         case oDebugIgnoreExpiration: opt.ignore_expiration = 1; break;
    1281             : 
    1282           0 :         case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break;
    1283           0 :         case oLoggerFD: log_set_fd (pargs.r.ret_int ); break;
    1284             :         case oWithMD5Fingerprint:
    1285           0 :           opt.with_md5_fingerprint=1; /*fall through*/
    1286             :         case oWithFingerprint:
    1287           0 :           with_fpr=1; /*fall through*/
    1288             :         case aFingerprint:
    1289           0 :           opt.fingerprint++;
    1290           0 :           break;
    1291             : 
    1292             :         case oWithKeygrip:
    1293           0 :           opt.with_keygrip = 1;
    1294           0 :           break;
    1295             : 
    1296             :         case oOptions:
    1297             :           /* config files may not be nested (silently ignore them) */
    1298           0 :           if (!configfp)
    1299             :             {
    1300           0 :               xfree(configname);
    1301           0 :               configname = xstrdup (pargs.r.ret_str);
    1302           0 :               goto next_pass;
    1303             :             }
    1304           0 :           break;
    1305           0 :         case oNoOptions: opt.no_homedir_creation = 1; break; /* no-options */
    1306           0 :         case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break;
    1307           3 :         case oAgentProgram: opt.agent_program = pargs.r.ret_str;  break;
    1308             : 
    1309             :         case oDisplay:
    1310           0 :           set_opt_session_env ("DISPLAY", pargs.r.ret_str);
    1311           0 :           break;
    1312             :         case oTTYname:
    1313           0 :           set_opt_session_env ("GPG_TTY", pargs.r.ret_str);
    1314           0 :           break;
    1315             :         case oTTYtype:
    1316           0 :           set_opt_session_env ("TERM", pargs.r.ret_str);
    1317           0 :           break;
    1318             :         case oXauthority:
    1319           0 :           set_opt_session_env ("XAUTHORITY", pargs.r.ret_str);
    1320           0 :           break;
    1321             : 
    1322           0 :         case oLCctype: opt.lc_ctype = xstrdup (pargs.r.ret_str); break;
    1323           0 :         case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break;
    1324             : 
    1325           0 :         case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str;  break;
    1326           0 :         case oDisableDirmngr: opt.disable_dirmngr = 1;  break;
    1327           0 :         case oPreferSystemDirmngr: /* Obsolete */; break;
    1328             :         case oProtectToolProgram:
    1329           0 :           opt.protect_tool_program = pargs.r.ret_str;
    1330           0 :           break;
    1331             : 
    1332             :         case oFakedSystemTime:
    1333             :           {
    1334           3 :             time_t faked_time = isotime2epoch (pargs.r.ret_str);
    1335           3 :             if (faked_time == (time_t)(-1))
    1336           3 :               faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
    1337           3 :             gnupg_set_time (faked_time, 0);
    1338             :           }
    1339           3 :           break;
    1340             : 
    1341           0 :         case oNoDefKeyring: default_keyring = 0; break;
    1342           0 :         case oNoGreeting: nogreeting = 1; break;
    1343             : 
    1344             :         case oDefaultKey:
    1345           0 :           if (*pargs.r.ret_str)
    1346             :             {
    1347           0 :               xfree (opt.local_user);
    1348           0 :               opt.local_user = xstrdup (pargs.r.ret_str);
    1349             :             }
    1350           0 :           break;
    1351             :         case oDefRecipient:
    1352           0 :           if (*pargs.r.ret_str)
    1353           0 :             opt.def_recipient = xstrdup (pargs.r.ret_str);
    1354           0 :           break;
    1355             :         case oDefRecipientSelf:
    1356           0 :           xfree (opt.def_recipient);
    1357           0 :           opt.def_recipient = NULL;
    1358           0 :           opt.def_recipient_self = 1;
    1359           0 :           break;
    1360             :         case oNoDefRecipient:
    1361           0 :           xfree (opt.def_recipient);
    1362           0 :           opt.def_recipient = NULL;
    1363           0 :           opt.def_recipient_self = 0;
    1364           0 :           break;
    1365             : 
    1366           0 :         case oWithKeyData: opt.with_key_data=1; /* fall through */
    1367           0 :         case oWithColons: ctrl.with_colons = 1; break;
    1368           0 :         case oWithSecret: ctrl.with_secret = 1; break;
    1369           0 :         case oWithValidation: ctrl.with_validation=1; break;
    1370           0 :         case oWithEphemeralKeys: ctrl.with_ephemeral_keys=1; break;
    1371             : 
    1372           0 :         case oSkipVerify: opt.skip_verify=1; break;
    1373             : 
    1374           0 :         case oNoEncryptTo: opt.no_encrypt_to = 1; break;
    1375             :         case oEncryptTo: /* Store the recipient in the second list */
    1376           0 :           sl = add_to_strlist (&remusr, pargs.r.ret_str);
    1377           0 :           sl->flags = 1;
    1378           0 :           break;
    1379             : 
    1380             :         case oRecipient: /* store the recipient */
    1381           0 :           add_to_strlist ( &remusr, pargs.r.ret_str);
    1382           0 :           break;
    1383             : 
    1384             :         case oUser: /* Store the local users, the first one is the default */
    1385           0 :           if (!opt.local_user)
    1386           0 :             opt.local_user = xstrdup (pargs.r.ret_str);
    1387           0 :           add_to_strlist (&locusr, pargs.r.ret_str);
    1388           0 :           break;
    1389             : 
    1390             :         case oNoSecmemWarn:
    1391           3 :           gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
    1392           3 :           break;
    1393             : 
    1394             :         case oCipherAlgo:
    1395           0 :           opt.def_cipher_algoid = pargs.r.ret_str;
    1396           0 :           break;
    1397             : 
    1398             :         case oDisableCipherAlgo:
    1399             :           {
    1400           0 :             int algo = gcry_cipher_map_name (pargs.r.ret_str);
    1401           0 :             gcry_cipher_ctl (NULL, GCRYCTL_DISABLE_ALGO, &algo, sizeof algo);
    1402             :           }
    1403           0 :           break;
    1404             :         case oDisablePubkeyAlgo:
    1405             :           {
    1406           0 :             int algo = gcry_pk_map_name (pargs.r.ret_str);
    1407           0 :             gcry_pk_ctl (GCRYCTL_DISABLE_ALGO,&algo, sizeof algo );
    1408             :           }
    1409           0 :           break;
    1410             : 
    1411             :         case oDigestAlgo:
    1412           0 :           forced_digest_algo = pargs.r.ret_str;
    1413           0 :           break;
    1414             : 
    1415             :         case oExtraDigestAlgo:
    1416           0 :           extra_digest_algo = pargs.r.ret_str;
    1417           0 :           break;
    1418             : 
    1419           0 :         case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
    1420           0 :         case oNoRandomSeedFile: use_random_seed = 0; break;
    1421           0 :         case oNoCommonCertsImport: no_common_certs_import = 1; break;
    1422             : 
    1423           0 :         case oEnableSpecialFilenames: allow_special_filenames =1; break;
    1424             : 
    1425           0 :         case oValidationModel: parse_validation_model (pargs.r.ret_str); break;
    1426             : 
    1427             :         case oKeyServer:
    1428             :           {
    1429             :             struct keyserver_spec *keyserver;
    1430           0 :             keyserver = parse_keyserver_line (pargs.r.ret_str,
    1431             :                                               configname, configlineno);
    1432           0 :             if (! keyserver)
    1433           0 :               log_error (_("could not parse keyserver\n"));
    1434             :             else
    1435             :               {
    1436             :                 /* FIXME: Keep last next pointer.  */
    1437           0 :                 struct keyserver_spec **next_p = &opt.keyserver;
    1438           0 :                 while (*next_p)
    1439           0 :                   next_p = &(*next_p)->next;
    1440           0 :                 *next_p = keyserver;
    1441             :               }
    1442             :           }
    1443           0 :           break;
    1444             : 
    1445             :         case oIgnoreCertExtension:
    1446           0 :           add_to_strlist (&opt.ignored_cert_extensions, pargs.r.ret_str);
    1447           0 :           break;
    1448             : 
    1449           0 :         case oNoAutostart: opt.autostart = 0; break;
    1450             : 
    1451             :         case oCompliance:
    1452             :           /* Dummy option for now.  */
    1453           0 :           break;
    1454             : 
    1455             :         default:
    1456           0 :           pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
    1457           0 :           break;
    1458             :         }
    1459             :     }
    1460             : 
    1461           6 :   if (configfp)
    1462             :     {
    1463           3 :       fclose (configfp);
    1464           3 :       configfp = NULL;
    1465             :       /* Keep a copy of the config filename. */
    1466           3 :       opt.config_filename = configname;
    1467           3 :       configname = NULL;
    1468           3 :       goto next_pass;
    1469             :     }
    1470           3 :   xfree (configname);
    1471           3 :   configname = NULL;
    1472             : 
    1473           3 :   if (!opt.config_filename)
    1474           0 :     opt.config_filename = make_filename (gnupg_homedir (),
    1475             :                                          GPGSM_NAME EXTSEP_S "conf",
    1476             :                                          NULL);
    1477             : 
    1478           3 :   if (log_get_errorcount(0))
    1479           0 :     gpgsm_exit(2);
    1480             : 
    1481           3 :   if (pwfd != -1)       /* Read the passphrase now.  */
    1482           0 :     read_passphrase_from_fd (pwfd);
    1483             : 
    1484             :   /* Now that we have the options parsed we need to update the default
    1485             :      control structure.  */
    1486           3 :   gpgsm_init_default_ctrl (&ctrl);
    1487             : 
    1488           3 :   if (nogreeting)
    1489           0 :     greeting = 0;
    1490             : 
    1491           3 :   if (greeting)
    1492             :     {
    1493           0 :       es_fprintf (es_stderr, "%s %s; %s\n",
    1494             :                   strusage(11), strusage(13), strusage(14) );
    1495           0 :       es_fprintf (es_stderr, "%s\n", strusage(15) );
    1496             :     }
    1497             : #  ifdef IS_DEVELOPMENT_VERSION
    1498             :   if (!opt.batch)
    1499             :     {
    1500             :       log_info ("NOTE: THIS IS A DEVELOPMENT VERSION!\n");
    1501             :       log_info ("It is only intended for test purposes and should NOT be\n");
    1502             :       log_info ("used in a production environment or with production keys!\n");
    1503             :     }
    1504             : #  endif
    1505             : 
    1506           3 :   if (may_coredump && !opt.quiet)
    1507           0 :     log_info (_("WARNING: program may create a core file!\n"));
    1508             : 
    1509             : /*   if (opt.qualsig_approval && !opt.quiet) */
    1510             : /*     log_info (_("This software has officially been approved to " */
    1511             : /*                 "create and verify\n" */
    1512             : /*                 "qualified signatures according to German law.\n")); */
    1513             : 
    1514           3 :   if (logfile && cmd == aServer)
    1515             :     {
    1516           0 :       log_set_file (logfile);
    1517           0 :       log_set_prefix (NULL, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
    1518             :     }
    1519             : 
    1520           3 :   if (gnupg_faked_time_p ())
    1521             :     {
    1522             :       gnupg_isotime_t tbuf;
    1523             : 
    1524           3 :       log_info (_("WARNING: running with faked system time: "));
    1525           3 :       gnupg_get_isotime (tbuf);
    1526           3 :       dump_isotime (tbuf);
    1527           3 :       log_printf ("\n");
    1528             :     }
    1529             : 
    1530             :   /* Print a warning if an argument looks like an option.  */
    1531           3 :   if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
    1532             :     {
    1533             :       int i;
    1534             : 
    1535           6 :       for (i=0; i < argc; i++)
    1536           3 :         if (argv[i][0] == '-' && argv[i][1] == '-')
    1537           0 :           log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
    1538             :     }
    1539             : 
    1540             : /*FIXME    if (opt.batch) */
    1541             : /*      tty_batchmode (1); */
    1542             : 
    1543           3 :   gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
    1544             : 
    1545           3 :   set_debug ();
    1546             : 
    1547             :   /* Although we always use gpgsm_exit, we better install a regualr
    1548             :      exit handler so that at least the secure memory gets wiped
    1549             :      out. */
    1550           3 :   if (atexit (emergency_cleanup))
    1551             :     {
    1552           0 :       log_error ("atexit failed\n");
    1553           0 :       gpgsm_exit (2);
    1554             :     }
    1555             : 
    1556             :   /* Must do this after dropping setuid, because the mapping functions
    1557             :      may try to load an module and we may have disabled an algorithm.
    1558             :      We remap the commonly used algorithms to the OIDs for
    1559             :      convenience.  We need to work with the OIDs because they are used
    1560             :      to check whether the encryption mode is actually available. */
    1561           3 :   if (!strcmp (opt.def_cipher_algoid, "3DES") )
    1562           0 :     opt.def_cipher_algoid = "1.2.840.113549.3.7";
    1563           3 :   else if (!strcmp (opt.def_cipher_algoid, "AES")
    1564           0 :            || !strcmp (opt.def_cipher_algoid, "AES128"))
    1565           3 :     opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2";
    1566           0 :   else if (!strcmp (opt.def_cipher_algoid, "AES192") )
    1567           0 :     opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.22";
    1568           0 :   else if (!strcmp (opt.def_cipher_algoid, "AES256") )
    1569           0 :     opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42";
    1570           0 :   else if (!strcmp (opt.def_cipher_algoid, "SERPENT")
    1571           0 :            || !strcmp (opt.def_cipher_algoid, "SERPENT128") )
    1572           0 :     opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2";
    1573           0 :   else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
    1574           0 :     opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22";
    1575           0 :   else if (!strcmp (opt.def_cipher_algoid, "SERPENT256") )
    1576           0 :     opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
    1577           0 :   else if (!strcmp (opt.def_cipher_algoid, "SEED") )
    1578           0 :     opt.def_cipher_algoid = "1.2.410.200004.1.4";
    1579           0 :   else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
    1580           0 :            || !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
    1581           0 :     opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
    1582           0 :   else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
    1583           0 :     opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3";
    1584           0 :   else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") )
    1585           0 :     opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4";
    1586             : 
    1587           3 :   if (cmd != aGPGConfList)
    1588             :     {
    1589           3 :       if ( !gcry_cipher_map_name (opt.def_cipher_algoid)
    1590           3 :            || !gcry_cipher_mode_from_oid (opt.def_cipher_algoid))
    1591           0 :         log_error (_("selected cipher algorithm is invalid\n"));
    1592             : 
    1593           3 :       if (forced_digest_algo)
    1594             :         {
    1595           0 :           opt.forced_digest_algo = gcry_md_map_name (forced_digest_algo);
    1596           0 :           if (our_md_test_algo(opt.forced_digest_algo) )
    1597           0 :             log_error (_("selected digest algorithm is invalid\n"));
    1598             :         }
    1599           3 :       if (extra_digest_algo)
    1600             :         {
    1601           0 :           opt.extra_digest_algo = gcry_md_map_name (extra_digest_algo);
    1602           0 :           if (our_md_test_algo (opt.extra_digest_algo) )
    1603           0 :             log_error (_("selected digest algorithm is invalid\n"));
    1604             :         }
    1605             :     }
    1606             : 
    1607           3 :   if (log_get_errorcount(0))
    1608           0 :     gpgsm_exit(2);
    1609             : 
    1610             :   /* Set the random seed file. */
    1611           3 :   if (use_random_seed)
    1612             :     {
    1613           3 :       char *p = make_filename (gnupg_homedir (), "random_seed", NULL);
    1614           3 :       gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
    1615           3 :       xfree(p);
    1616             :     }
    1617             : 
    1618           3 :   if (!cmd && opt.fingerprint && !with_fpr)
    1619           0 :     set_cmd (&cmd, aListKeys);
    1620             : 
    1621             :   /* Add default keybox. */
    1622           3 :   if (!nrings && default_keyring)
    1623             :     {
    1624             :       int created;
    1625             : 
    1626           3 :       keydb_add_resource (&ctrl, "pubring.kbx", 0, &created);
    1627           3 :       if (created && !no_common_certs_import)
    1628             :         {
    1629             :           /* Import the standard certificates for a new default keybox. */
    1630             :           char *filelist[2];
    1631             : 
    1632           1 :           filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL);
    1633           1 :           filelist[1] = NULL;
    1634           1 :           if (!access (filelist[0], F_OK))
    1635             :             {
    1636           0 :               log_info (_("importing common certificates '%s'\n"),
    1637             :                         filelist[0]);
    1638           0 :               gpgsm_import_files (&ctrl, 1, filelist, open_read);
    1639             :             }
    1640           1 :           xfree (filelist[0]);
    1641             :         }
    1642             :     }
    1643           3 :   for (sl = nrings; sl; sl = sl->next)
    1644           0 :     keydb_add_resource (&ctrl, sl->d, 0, NULL);
    1645           3 :   FREE_STRLIST(nrings);
    1646             : 
    1647             : 
    1648             :   /* Prepare the audit log feature for certain commands.  */
    1649           3 :   if (auditlog || htmlauditlog)
    1650             :     {
    1651           0 :       switch (cmd)
    1652             :         {
    1653             :         case aEncr:
    1654             :         case aSign:
    1655             :         case aDecrypt:
    1656             :         case aVerify:
    1657           0 :           audit_release (ctrl.audit);
    1658           0 :           ctrl.audit = audit_new ();
    1659           0 :           if (auditlog)
    1660           0 :             auditfp = open_es_fwrite (auditlog);
    1661           0 :           if (htmlauditlog)
    1662           0 :             htmlauditfp = open_es_fwrite (htmlauditlog);
    1663           0 :           break;
    1664             :         default:
    1665           0 :           break;
    1666             :         }
    1667             :     }
    1668             : 
    1669             : 
    1670           3 :   if (!do_not_setup_keys)
    1671             :     {
    1672           0 :       for (sl = locusr; sl ; sl = sl->next)
    1673             :         {
    1674           0 :           int rc = gpgsm_add_to_certlist (&ctrl, sl->d, 1, &signerlist, 0);
    1675           0 :           if (rc)
    1676             :             {
    1677           0 :               log_error (_("can't sign using '%s': %s\n"),
    1678           0 :                          sl->d, gpg_strerror (rc));
    1679           0 :               gpgsm_status2 (&ctrl, STATUS_INV_SGNR,
    1680           0 :                              get_inv_recpsgnr_code (rc), sl->d, NULL);
    1681           0 :               gpgsm_status2 (&ctrl, STATUS_INV_RECP,
    1682           0 :                              get_inv_recpsgnr_code (rc), sl->d, NULL);
    1683             :             }
    1684             :         }
    1685             : 
    1686             :       /* Build the recipient list.  We first add the regular ones and then
    1687             :          the encrypt-to ones because the underlying function will silently
    1688             :          ignore duplicates and we can't allow keeping a duplicate which is
    1689             :          flagged as encrypt-to as the actually encrypt function would then
    1690             :          complain about no (regular) recipients. */
    1691           0 :       for (sl = remusr; sl; sl = sl->next)
    1692           0 :         if (!(sl->flags & 1))
    1693           0 :           do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required);
    1694           0 :       if (!opt.no_encrypt_to)
    1695             :         {
    1696           0 :           for (sl = remusr; sl; sl = sl->next)
    1697           0 :             if ((sl->flags & 1))
    1698           0 :               do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
    1699             :         }
    1700             :     }
    1701             : 
    1702           3 :   if (log_get_errorcount(0))
    1703           0 :     gpgsm_exit(1); /* Must stop for invalid recipients. */
    1704             : 
    1705             :   /* Dispatch command.  */
    1706           3 :   switch (cmd)
    1707             :     {
    1708             :     case aGPGConfList:
    1709             :       { /* List options and default values in the GPG Conf format.  */
    1710           0 :         char *config_filename_esc = percent_escape (opt.config_filename, NULL);
    1711             : 
    1712           0 :         es_printf ("%s-%s.conf:%lu:\"%s\n",
    1713             :                    GPGCONF_NAME, GPGSM_NAME,
    1714             :                    GC_OPT_FLAG_DEFAULT, config_filename_esc);
    1715           0 :         xfree (config_filename_esc);
    1716             : 
    1717           0 :         es_printf ("verbose:%lu:\n", GC_OPT_FLAG_NONE);
    1718           0 :         es_printf ("quiet:%lu:\n", GC_OPT_FLAG_NONE);
    1719           0 :         es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
    1720           0 :         es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
    1721           0 :         es_printf ("disable-crl-checks:%lu:\n", GC_OPT_FLAG_NONE);
    1722           0 :         es_printf ("disable-trusted-cert-crl-check:%lu:\n", GC_OPT_FLAG_NONE);
    1723           0 :         es_printf ("enable-ocsp:%lu:\n", GC_OPT_FLAG_NONE);
    1724           0 :         es_printf ("include-certs:%lu:%d:\n", GC_OPT_FLAG_DEFAULT,
    1725             :                    DEFAULT_INCLUDE_CERTS);
    1726           0 :         es_printf ("disable-policy-checks:%lu:\n", GC_OPT_FLAG_NONE);
    1727           0 :         es_printf ("auto-issuer-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE);
    1728           0 :         es_printf ("disable-dirmngr:%lu:\n", GC_OPT_FLAG_NONE);
    1729           0 :         es_printf ("cipher-algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
    1730             :                    DEFAULT_CIPHER_ALGO);
    1731           0 :         es_printf ("p12-charset:%lu:\n", GC_OPT_FLAG_DEFAULT);
    1732           0 :         es_printf ("default-key:%lu:\n", GC_OPT_FLAG_DEFAULT);
    1733           0 :         es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT);
    1734           0 :         es_printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE);
    1735             : 
    1736             :         /* The next one is an info only item and should match what
    1737             :            proc_parameters actually implements.  */
    1738           0 :         es_printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
    1739             :                    "RSA-2048");
    1740             : 
    1741             :       }
    1742           0 :       break;
    1743             :     case aGPGConfTest:
    1744             :       /* This is merely a dummy command to test whether the
    1745             :          configuration file is valid.  */
    1746           0 :       break;
    1747             : 
    1748             :     case aServer:
    1749           0 :       if (debug_wait)
    1750             :         {
    1751           0 :           log_debug ("waiting for debugger - my pid is %u .....\n",
    1752           0 :                      (unsigned int)getpid());
    1753           0 :           gnupg_sleep (debug_wait);
    1754           0 :           log_debug ("... okay\n");
    1755             :          }
    1756           0 :       gpgsm_server (recplist);
    1757           0 :       break;
    1758             : 
    1759             :     case aCallDirmngr:
    1760           0 :       if (!argc)
    1761           0 :         wrong_args ("--call-dirmngr <command> {args}");
    1762             :       else
    1763           0 :         if (gpgsm_dirmngr_run_command (&ctrl, *argv, argc-1, argv+1))
    1764           0 :           gpgsm_exit (1);
    1765           0 :       break;
    1766             : 
    1767             :     case aCallProtectTool:
    1768           0 :       run_protect_tool (argc, argv);
    1769           0 :       break;
    1770             : 
    1771             :     case aEncr: /* Encrypt the given file. */
    1772             :       {
    1773           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1774             : 
    1775           0 :         set_binary (stdin);
    1776             : 
    1777           0 :         if (!argc) /* Source is stdin. */
    1778           0 :           gpgsm_encrypt (&ctrl, recplist, 0, fp);
    1779           0 :         else if (argc == 1)  /* Source is the given file. */
    1780           0 :           gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
    1781             :         else
    1782           0 :           wrong_args ("--encrypt [datafile]");
    1783             : 
    1784           0 :         es_fclose (fp);
    1785             :       }
    1786           0 :       break;
    1787             : 
    1788             :     case aSign: /* Sign the given file. */
    1789             :       {
    1790           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1791             : 
    1792             :         /* Fixme: We should also allow concatenation of multiple files for
    1793             :            signing because that is what gpg does.*/
    1794           0 :         set_binary (stdin);
    1795           0 :         if (!argc) /* Create from stdin. */
    1796           0 :           gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
    1797           0 :         else if (argc == 1) /* From file. */
    1798           0 :           gpgsm_sign (&ctrl, signerlist,
    1799             :                       open_read (*argv), detached_sig, fp);
    1800             :         else
    1801           0 :           wrong_args ("--sign [datafile]");
    1802             : 
    1803           0 :         es_fclose (fp);
    1804             :       }
    1805           0 :       break;
    1806             : 
    1807             :     case aSignEncr: /* sign and encrypt the given file */
    1808           0 :       log_error ("this command has not yet been implemented\n");
    1809           0 :       break;
    1810             : 
    1811             :     case aClearsign: /* make a clearsig */
    1812           0 :       log_error ("this command has not yet been implemented\n");
    1813           0 :       break;
    1814             : 
    1815             :     case aVerify:
    1816             :       {
    1817           0 :         estream_t fp = NULL;
    1818             : 
    1819           0 :         set_binary (stdin);
    1820           0 :         if (argc == 2 && opt.outfile)
    1821           0 :           log_info ("option --output ignored for a detached signature\n");
    1822           0 :         else if (opt.outfile)
    1823           0 :           fp = open_es_fwrite (opt.outfile);
    1824             : 
    1825           0 :         if (!argc)
    1826           0 :           gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */
    1827           0 :         else if (argc == 1)
    1828           0 :           gpgsm_verify (&ctrl, open_read (*argv), -1, fp); /* std signature */
    1829           0 :         else if (argc == 2) /* detached signature (sig, detached) */
    1830           0 :           gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
    1831             :         else
    1832           0 :           wrong_args ("--verify [signature [detached_data]]");
    1833             : 
    1834           0 :         es_fclose (fp);
    1835             :       }
    1836           0 :       break;
    1837             : 
    1838             :     case aDecrypt:
    1839             :       {
    1840           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1841             : 
    1842           0 :         set_binary (stdin);
    1843           0 :         if (!argc)
    1844           0 :           gpgsm_decrypt (&ctrl, 0, fp); /* from stdin */
    1845           0 :         else if (argc == 1)
    1846           0 :           gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
    1847             :         else
    1848           0 :           wrong_args ("--decrypt [filename]");
    1849             : 
    1850           0 :         es_fclose (fp);
    1851             :       }
    1852           0 :       break;
    1853             : 
    1854             :     case aDeleteKey:
    1855           0 :       for (sl=NULL; argc; argc--, argv++)
    1856           0 :         add_to_strlist (&sl, *argv);
    1857           0 :       gpgsm_delete (&ctrl, sl);
    1858           0 :       free_strlist(sl);
    1859           0 :       break;
    1860             : 
    1861             :     case aListChain:
    1862             :     case aDumpChain:
    1863           0 :        ctrl.with_chain = 1;
    1864             :     case aListKeys:
    1865             :     case aDumpKeys:
    1866             :     case aListExternalKeys:
    1867             :     case aDumpExternalKeys:
    1868             :     case aListSecretKeys:
    1869             :     case aDumpSecretKeys:
    1870             :       {
    1871             :         unsigned int mode;
    1872             :         estream_t fp;
    1873             : 
    1874           0 :         switch (cmd)
    1875             :           {
    1876             :           case aListChain:
    1877           0 :           case aListKeys:         mode = (0   | 0 | (1<<6)); break;
    1878             :           case aDumpChain:
    1879           0 :           case aDumpKeys:         mode = (256 | 0 | (1<<6)); break;
    1880           0 :           case aListExternalKeys: mode = (0   | 0 | (1<<7)); break;
    1881           0 :           case aDumpExternalKeys: mode = (256 | 0 | (1<<7)); break;
    1882           0 :           case aListSecretKeys:   mode = (0   | 2 | (1<<6)); break;
    1883           0 :           case aDumpSecretKeys:   mode = (256 | 2 | (1<<6)); break;
    1884           0 :           default: BUG();
    1885             :           }
    1886             : 
    1887           0 :         fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1888           0 :         for (sl=NULL; argc; argc--, argv++)
    1889           0 :           add_to_strlist (&sl, *argv);
    1890           0 :         gpgsm_list_keys (&ctrl, sl, fp, mode);
    1891           0 :         free_strlist(sl);
    1892           0 :         es_fclose (fp);
    1893             :       }
    1894           0 :       break;
    1895             : 
    1896             : 
    1897             :     case aKeygen: /* Generate a key; well kind of. */
    1898             :       {
    1899           0 :         estream_t fpin = NULL;
    1900             :         estream_t fpout;
    1901             : 
    1902           0 :         if (opt.batch)
    1903             :           {
    1904           0 :             if (!argc) /* Create from stdin. */
    1905           0 :               fpin = open_es_fread ("-", "r");
    1906           0 :             else if (argc == 1) /* From file. */
    1907           0 :               fpin = open_es_fread (*argv, "r");
    1908             :             else
    1909           0 :               wrong_args ("--gen-key --batch [parmfile]");
    1910             :           }
    1911             : 
    1912           0 :         fpout = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1913             : 
    1914           0 :         if (fpin)
    1915           0 :           gpgsm_genkey (&ctrl, fpin, fpout);
    1916             :         else
    1917           0 :           gpgsm_gencertreq_tty (&ctrl, fpout);
    1918             : 
    1919           0 :         es_fclose (fpout);
    1920             :       }
    1921           0 :       break;
    1922             : 
    1923             : 
    1924             :     case aImport:
    1925           3 :       gpgsm_import_files (&ctrl, argc, argv, open_read);
    1926           3 :       break;
    1927             : 
    1928             :     case aExport:
    1929             :       {
    1930             :         estream_t fp;
    1931             : 
    1932           0 :         fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1933           0 :         for (sl=NULL; argc; argc--, argv++)
    1934           0 :           add_to_strlist (&sl, *argv);
    1935           0 :         gpgsm_export (&ctrl, sl, fp);
    1936           0 :         free_strlist(sl);
    1937           0 :         es_fclose (fp);
    1938             :       }
    1939           0 :       break;
    1940             : 
    1941             :     case aExportSecretKeyP12:
    1942             :       {
    1943           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1944             : 
    1945           0 :         if (argc == 1)
    1946           0 :           gpgsm_p12_export (&ctrl, *argv, fp, 0);
    1947             :         else
    1948           0 :           wrong_args ("--export-secret-key-p12 KEY-ID");
    1949           0 :         if (fp != es_stdout)
    1950           0 :           es_fclose (fp);
    1951             :       }
    1952           0 :       break;
    1953             : 
    1954             :     case aExportSecretKeyP8:
    1955             :       {
    1956           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1957             : 
    1958           0 :         if (argc == 1)
    1959           0 :           gpgsm_p12_export (&ctrl, *argv, fp, 1);
    1960             :         else
    1961           0 :           wrong_args ("--export-secret-key-p8 KEY-ID");
    1962           0 :         if (fp != es_stdout)
    1963           0 :           es_fclose (fp);
    1964             :       }
    1965           0 :       break;
    1966             : 
    1967             :     case aExportSecretKeyRaw:
    1968             :       {
    1969           0 :         estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
    1970             : 
    1971           0 :         if (argc == 1)
    1972           0 :           gpgsm_p12_export (&ctrl, *argv, fp, 2);
    1973             :         else
    1974           0 :           wrong_args ("--export-secret-key-raw KEY-ID");
    1975           0 :         if (fp != es_stdout)
    1976           0 :           es_fclose (fp);
    1977             :       }
    1978           0 :       break;
    1979             : 
    1980             :     case aSendKeys:
    1981             :     case aRecvKeys:
    1982           0 :       log_error ("this command has not yet been implemented\n");
    1983           0 :       break;
    1984             : 
    1985             : 
    1986             :     case aLearnCard:
    1987           0 :       if (argc)
    1988           0 :         wrong_args ("--learn-card");
    1989             :       else
    1990             :         {
    1991           0 :           int rc = gpgsm_agent_learn (&ctrl);
    1992           0 :           if (rc)
    1993           0 :             log_error ("error learning card: %s\n", gpg_strerror (rc));
    1994             :         }
    1995           0 :       break;
    1996             : 
    1997             :     case aPasswd:
    1998           0 :       if (argc != 1)
    1999           0 :         wrong_args ("--passwd <key-Id>");
    2000             :       else
    2001             :         {
    2002             :           int rc;
    2003           0 :           ksba_cert_t cert = NULL;
    2004           0 :           char *grip = NULL;
    2005             : 
    2006           0 :           rc = gpgsm_find_cert (&ctrl, *argv, NULL, &cert);
    2007           0 :           if (rc)
    2008             :             ;
    2009           0 :           else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
    2010           0 :             rc = gpg_error (GPG_ERR_BUG);
    2011             :           else
    2012             :             {
    2013           0 :               char *desc = gpgsm_format_keydesc (cert);
    2014           0 :               rc = gpgsm_agent_passwd (&ctrl, grip, desc);
    2015           0 :               xfree (desc);
    2016             :             }
    2017           0 :           if (rc)
    2018           0 :             log_error ("error changing passphrase: %s\n", gpg_strerror (rc));
    2019           0 :           xfree (grip);
    2020           0 :           ksba_cert_release (cert);
    2021             :         }
    2022           0 :       break;
    2023             : 
    2024             :     case aKeydbClearSomeCertFlags:
    2025           0 :       for (sl=NULL; argc; argc--, argv++)
    2026           0 :         add_to_strlist (&sl, *argv);
    2027           0 :       keydb_clear_some_cert_flags (&ctrl, sl);
    2028           0 :       free_strlist(sl);
    2029           0 :       break;
    2030             : 
    2031             : 
    2032             :     default:
    2033           0 :         log_error (_("invalid command (there is no implicit command)\n"));
    2034           0 :         break;
    2035             :     }
    2036             : 
    2037             :   /* Print the audit result if needed.  */
    2038           3 :   if ((auditlog && auditfp) || (htmlauditlog && htmlauditfp))
    2039             :     {
    2040           0 :       if (auditlog && auditfp)
    2041           0 :         audit_print_result (ctrl.audit, auditfp, 0);
    2042           0 :       if (htmlauditlog && htmlauditfp)
    2043           0 :         audit_print_result (ctrl.audit, htmlauditfp, 1);
    2044           0 :       audit_release (ctrl.audit);
    2045           0 :       ctrl.audit = NULL;
    2046           0 :       es_fclose (auditfp);
    2047           0 :       es_fclose (htmlauditfp);
    2048             :     }
    2049             : 
    2050             :   /* cleanup */
    2051           3 :   keyserver_list_free (opt.keyserver);
    2052           3 :   opt.keyserver = NULL;
    2053           3 :   gpgsm_release_certlist (recplist);
    2054           3 :   gpgsm_release_certlist (signerlist);
    2055           3 :   FREE_STRLIST (remusr);
    2056           3 :   FREE_STRLIST (locusr);
    2057           3 :   gpgsm_exit(0);
    2058           0 :   return 8; /*NOTREACHED*/
    2059             : }
    2060             : 
    2061             : /* Note: This function is used by signal handlers!. */
    2062             : static void
    2063           6 : emergency_cleanup (void)
    2064             : {
    2065           6 :   gcry_control (GCRYCTL_TERM_SECMEM );
    2066           6 : }
    2067             : 
    2068             : 
    2069             : void
    2070           3 : gpgsm_exit (int rc)
    2071             : {
    2072           3 :   gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
    2073           3 :   if (opt.debug & DBG_MEMSTAT_VALUE)
    2074             :     {
    2075           0 :       gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
    2076           0 :       gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
    2077             :     }
    2078           3 :   if (opt.debug)
    2079           0 :     gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
    2080           3 :   emergency_cleanup ();
    2081           3 :   rc = rc? rc : log_get_errorcount(0)? 2 : gpgsm_errors_seen? 1 : 0;
    2082           3 :   exit (rc);
    2083             : }
    2084             : 
    2085             : 
    2086             : void
    2087           6 : gpgsm_init_default_ctrl (struct server_control_s *ctrl)
    2088             : {
    2089           6 :   ctrl->include_certs = default_include_certs;
    2090           6 :   ctrl->use_ocsp = opt.enable_ocsp;
    2091           6 :   ctrl->validation_model = default_validation_model;
    2092           6 :   ctrl->offline = opt.disable_dirmngr;
    2093           6 : }
    2094             : 
    2095             : 
    2096             : int
    2097           0 : gpgsm_parse_validation_model (const char *model)
    2098             : {
    2099           0 :   if (!ascii_strcasecmp (model, "shell") )
    2100           0 :     return 0;
    2101           0 :   else if ( !ascii_strcasecmp (model, "chain") )
    2102           0 :     return 1;
    2103           0 :   else if ( !ascii_strcasecmp (model, "steed") )
    2104           0 :     return 2;
    2105             :   else
    2106           0 :     return -1;
    2107             : }
    2108             : 
    2109             : 
    2110             : /* Check whether the filename has the form "-&nnnn", where n is a
    2111             :    non-zero number.  Returns this number or -1 if it is not the case.  */
    2112             : static int
    2113           3 : check_special_filename (const char *fname, int for_write)
    2114             : {
    2115           3 :   if (allow_special_filenames
    2116           0 :       && fname && *fname == '-' && fname[1] == '&' ) {
    2117             :     int i;
    2118             : 
    2119           0 :     fname += 2;
    2120           0 :     for (i=0; isdigit (fname[i]); i++ )
    2121             :       ;
    2122           0 :     if ( !fname[i] )
    2123           0 :       return translate_sys2libc_fd_int (atoi (fname), for_write);
    2124             :   }
    2125           3 :   return -1;
    2126             : }
    2127             : 
    2128             : 
    2129             : 
    2130             : /* Open the FILENAME for read and return the file descriptor.  Stop
    2131             :    with an error message in case of problems.  "-" denotes stdin and
    2132             :    if special filenames are allowed the given fd is opened instead.  */
    2133             : static int
    2134           3 : open_read (const char *filename)
    2135             : {
    2136             :   int fd;
    2137             : 
    2138           3 :   if (filename[0] == '-' && !filename[1])
    2139             :     {
    2140           0 :       set_binary (stdin);
    2141           0 :       return 0; /* stdin */
    2142             :     }
    2143           3 :   fd = check_special_filename (filename, 0);
    2144           3 :   if (fd != -1)
    2145           0 :     return fd;
    2146           3 :   fd = open (filename, O_RDONLY | O_BINARY);
    2147           3 :   if (fd == -1)
    2148             :     {
    2149           0 :       log_error (_("can't open '%s': %s\n"), filename, strerror (errno));
    2150           0 :       gpgsm_exit (2);
    2151             :     }
    2152           3 :   return fd;
    2153             : }
    2154             : 
    2155             : /* Same as open_read but return an estream_t.  */
    2156             : static estream_t
    2157           0 : open_es_fread (const char *filename, const char *mode)
    2158             : {
    2159             :   int fd;
    2160             :   estream_t fp;
    2161             : 
    2162           0 :   if (filename[0] == '-' && !filename[1])
    2163           0 :     fd = fileno (stdin);
    2164             :   else
    2165           0 :     fd = check_special_filename (filename, 0);
    2166           0 :   if (fd != -1)
    2167             :     {
    2168           0 :       fp = es_fdopen_nc (fd, mode);
    2169           0 :       if (!fp)
    2170             :         {
    2171           0 :           log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
    2172           0 :           gpgsm_exit (2);
    2173             :         }
    2174           0 :       return fp;
    2175             :     }
    2176           0 :   fp = es_fopen (filename, mode);
    2177           0 :   if (!fp)
    2178             :     {
    2179           0 :       log_error (_("can't open '%s': %s\n"), filename, strerror (errno));
    2180           0 :       gpgsm_exit (2);
    2181             :     }
    2182           0 :   return fp;
    2183             : }
    2184             : 
    2185             : 
    2186             : /* Open FILENAME for fwrite and return an extended stream.  Stop with
    2187             :    an error message in case of problems.  "-" denotes stdout and if
    2188             :    special filenames are allowed the given fd is opened instead.
    2189             :    Caller must close the returned stream. */
    2190             : static estream_t
    2191           0 : open_es_fwrite (const char *filename)
    2192             : {
    2193             :   int fd;
    2194             :   estream_t fp;
    2195             : 
    2196           0 :   if (filename[0] == '-' && !filename[1])
    2197             :     {
    2198           0 :       fflush (stdout);
    2199           0 :       fp = es_fdopen_nc (fileno(stdout), "wb");
    2200           0 :       return fp;
    2201             :     }
    2202             : 
    2203           0 :   fd = check_special_filename (filename, 1);
    2204           0 :   if (fd != -1)
    2205             :     {
    2206           0 :       fp = es_fdopen_nc (fd, "wb");
    2207           0 :       if (!fp)
    2208             :         {
    2209           0 :           log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
    2210           0 :           gpgsm_exit (2);
    2211             :         }
    2212           0 :       return fp;
    2213             :     }
    2214           0 :   fp = es_fopen (filename, "wb");
    2215           0 :   if (!fp)
    2216             :     {
    2217           0 :       log_error (_("can't open '%s': %s\n"), filename, strerror (errno));
    2218           0 :       gpgsm_exit (2);
    2219             :     }
    2220           0 :   return fp;
    2221             : }
    2222             : 
    2223             : 
    2224             : static void
    2225           0 : run_protect_tool (int argc, char **argv)
    2226             : {
    2227             : #ifdef HAVE_W32_SYSTEM
    2228             :   (void)argc;
    2229             :   (void)argv;
    2230             : #else
    2231             :   const char *pgm;
    2232             :   char **av;
    2233             :   int i;
    2234             : 
    2235           0 :   if (!opt.protect_tool_program || !*opt.protect_tool_program)
    2236           0 :     pgm = gnupg_module_name (GNUPG_MODULE_NAME_PROTECT_TOOL);
    2237             :   else
    2238           0 :     pgm = opt.protect_tool_program;
    2239             : 
    2240           0 :   av = xcalloc (argc+2, sizeof *av);
    2241           0 :   av[0] = strrchr (pgm, '/');
    2242           0 :   if (!av[0])
    2243           0 :     av[0] = xstrdup (pgm);
    2244           0 :   for (i=1; argc; i++, argc--, argv++)
    2245           0 :     av[i] = *argv;
    2246           0 :   av[i] = NULL;
    2247           0 :   execv (pgm, av);
    2248           0 :   log_error ("error executing '%s': %s\n", pgm, strerror (errno));
    2249             : #endif /*!HAVE_W32_SYSTEM*/
    2250           0 :   gpgsm_exit (2);
    2251           0 : }

Generated by: LCOV version 1.11