Line data Source code
1 : /* gpg-agent.c - The GnuPG Agent
2 : * Copyright (C) 2000-2007, 2009-2010 Free Software Foundation, Inc.
3 : * Copyright (C) 2000-2016 Werner Koch
4 : *
5 : * This file is part of GnuPG.
6 : *
7 : * GnuPG is free software; you can redistribute it and/or modify
8 : * it under the terms of the GNU General Public License as published by
9 : * the Free Software Foundation; either version 3 of the License, or
10 : * (at your option) any later version.
11 : *
12 : * GnuPG is distributed in the hope that it will be useful,
13 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : * GNU General Public License for more details.
16 : *
17 : * You should have received a copy of the GNU General Public License
18 : * along with this program; if not, see <https://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include <config.h>
22 :
23 : #include <stdio.h>
24 : #include <stdlib.h>
25 : #include <stddef.h>
26 : #include <stdarg.h>
27 : #include <string.h>
28 : #include <errno.h>
29 : #include <assert.h>
30 : #include <time.h>
31 : #include <fcntl.h>
32 : #include <sys/stat.h>
33 : #ifdef HAVE_W32_SYSTEM
34 : # ifndef WINVER
35 : # define WINVER 0x0500 /* Same as in common/sysutils.c */
36 : # endif
37 : # ifdef HAVE_WINSOCK2_H
38 : # include <winsock2.h>
39 : # endif
40 : # include <aclapi.h>
41 : # include <sddl.h>
42 : #else /*!HAVE_W32_SYSTEM*/
43 : # include <sys/socket.h>
44 : # include <sys/un.h>
45 : #endif /*!HAVE_W32_SYSTEM*/
46 : #include <unistd.h>
47 : #ifdef HAVE_SIGNAL_H
48 : # include <signal.h>
49 : #endif
50 : #include <npth.h>
51 :
52 : #define GNUPG_COMMON_NEED_AFLOCAL
53 : #include "agent.h"
54 : #include <assuan.h> /* Malloc hooks and socket wrappers. */
55 :
56 : #include "i18n.h"
57 : #include "sysutils.h"
58 : #include "gc-opt-flags.h"
59 : #include "exechelp.h"
60 : #include "asshelp.h"
61 : #include "../common/init.h"
62 :
63 :
64 : enum cmd_and_opt_values
65 : { aNull = 0,
66 : oCsh = 'c',
67 : oQuiet = 'q',
68 : oSh = 's',
69 : oVerbose = 'v',
70 :
71 : oNoVerbose = 500,
72 : aGPGConfList,
73 : aGPGConfTest,
74 : aUseStandardSocketP,
75 : oOptions,
76 : oDebug,
77 : oDebugAll,
78 : oDebugLevel,
79 : oDebugWait,
80 : oDebugQuickRandom,
81 : oDebugPinentry,
82 : oNoGreeting,
83 : oNoOptions,
84 : oHomedir,
85 : oNoDetach,
86 : oNoGrab,
87 : oLogFile,
88 : oServer,
89 : oDaemon,
90 : oSupervised,
91 : oBatch,
92 :
93 : oPinentryProgram,
94 : oPinentryTouchFile,
95 : oPinentryInvisibleChar,
96 : oPinentryTimeout,
97 : oDisplay,
98 : oTTYname,
99 : oTTYtype,
100 : oLCctype,
101 : oLCmessages,
102 : oXauthority,
103 : oScdaemonProgram,
104 : oDefCacheTTL,
105 : oDefCacheTTLSSH,
106 : oMaxCacheTTL,
107 : oMaxCacheTTLSSH,
108 : oEnforcePassphraseConstraints,
109 : oMinPassphraseLen,
110 : oMinPassphraseNonalpha,
111 : oCheckPassphrasePattern,
112 : oMaxPassphraseDays,
113 : oEnablePassphraseHistory,
114 : oUseStandardSocket,
115 : oNoUseStandardSocket,
116 : oExtraSocket,
117 : oBrowserSocket,
118 : oFakedSystemTime,
119 :
120 : oIgnoreCacheForSigning,
121 : oAllowMarkTrusted,
122 : oNoAllowMarkTrusted,
123 : oAllowPresetPassphrase,
124 : oAllowLoopbackPinentry,
125 : oNoAllowLoopbackPinentry,
126 : oNoAllowExternalCache,
127 : oAllowEmacsPinentry,
128 : oKeepTTY,
129 : oKeepDISPLAY,
130 : oSSHSupport,
131 : oPuttySupport,
132 : oDisableScdaemon,
133 : oDisableCheckOwnSocket,
134 : oWriteEnvFile
135 : };
136 :
137 :
138 : #ifndef ENAMETOOLONG
139 : # define ENAMETOOLONG EINVAL
140 : #endif
141 :
142 :
143 : static ARGPARSE_OPTS opts[] = {
144 :
145 : ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
146 : ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
147 : ARGPARSE_c (aUseStandardSocketP, "use-standard-socket-p", "@"),
148 :
149 : ARGPARSE_group (301, N_("@Options:\n ")),
150 :
151 : ARGPARSE_s_n (oDaemon, "daemon", N_("run in daemon mode (background)")),
152 : ARGPARSE_s_n (oServer, "server", N_("run in server mode (foreground)")),
153 : #ifndef HAVE_W32_SYSTEM
154 : ARGPARSE_s_n (oSupervised, "supervised", N_("run in supervised mode")),
155 : #endif
156 : ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
157 : ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
158 : ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
159 : ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
160 : ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
161 :
162 : ARGPARSE_s_s (oDebug, "debug", "@"),
163 : ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
164 : ARGPARSE_s_s (oDebugLevel, "debug-level", "@"),
165 : ARGPARSE_s_i (oDebugWait," debug-wait", "@"),
166 : ARGPARSE_s_n (oDebugQuickRandom, "debug-quick-random", "@"),
167 : ARGPARSE_s_n (oDebugPinentry, "debug-pinentry", "@"),
168 :
169 : ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
170 : ARGPARSE_s_n (oNoGrab, "no-grab", N_("do not grab keyboard and mouse")),
171 : ARGPARSE_s_s (oLogFile, "log-file", N_("use a log file for the server")),
172 : ARGPARSE_s_s (oPinentryProgram, "pinentry-program",
173 : /* */ N_("|PGM|use PGM as the PIN-Entry program")),
174 : ARGPARSE_s_s (oPinentryTouchFile, "pinentry-touch-file", "@"),
175 : ARGPARSE_s_s (oPinentryInvisibleChar, "pinentry-invisible-char", "@"),
176 : ARGPARSE_s_u (oPinentryTimeout, "pinentry-timeout", "@"),
177 : ARGPARSE_s_s (oScdaemonProgram, "scdaemon-program",
178 : /* */ N_("|PGM|use PGM as the SCdaemon program") ),
179 : ARGPARSE_s_n (oDisableScdaemon, "disable-scdaemon",
180 : /* */ N_("do not use the SCdaemon") ),
181 : ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
182 :
183 : ARGPARSE_s_s (oExtraSocket, "extra-socket",
184 : /* */ N_("|NAME|accept some commands via NAME")),
185 :
186 : ARGPARSE_s_s (oBrowserSocket, "browser-socket", "@"),
187 :
188 : ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
189 :
190 : ARGPARSE_s_n (oBatch, "batch", "@"),
191 : ARGPARSE_s_s (oHomedir, "homedir", "@"),
192 :
193 : ARGPARSE_s_s (oDisplay, "display", "@"),
194 : ARGPARSE_s_s (oTTYname, "ttyname", "@"),
195 : ARGPARSE_s_s (oTTYtype, "ttytype", "@"),
196 : ARGPARSE_s_s (oLCctype, "lc-ctype", "@"),
197 : ARGPARSE_s_s (oLCmessages, "lc-messages", "@"),
198 : ARGPARSE_s_s (oXauthority, "xauthority", "@"),
199 : ARGPARSE_s_n (oKeepTTY, "keep-tty",
200 : /* */ N_("ignore requests to change the TTY")),
201 : ARGPARSE_s_n (oKeepDISPLAY, "keep-display",
202 : /* */ N_("ignore requests to change the X display")),
203 :
204 : ARGPARSE_s_u (oDefCacheTTL, "default-cache-ttl",
205 : N_("|N|expire cached PINs after N seconds")),
206 : ARGPARSE_s_u (oDefCacheTTLSSH, "default-cache-ttl-ssh", "@" ),
207 : ARGPARSE_s_u (oMaxCacheTTL, "max-cache-ttl", "@" ),
208 : ARGPARSE_s_u (oMaxCacheTTLSSH, "max-cache-ttl-ssh", "@" ),
209 :
210 : ARGPARSE_s_n (oEnforcePassphraseConstraints, "enforce-passphrase-constraints",
211 : /* */ "@"),
212 : ARGPARSE_s_u (oMinPassphraseLen, "min-passphrase-len", "@"),
213 : ARGPARSE_s_u (oMinPassphraseNonalpha, "min-passphrase-nonalpha", "@"),
214 : ARGPARSE_s_s (oCheckPassphrasePattern, "check-passphrase-pattern", "@"),
215 : ARGPARSE_s_u (oMaxPassphraseDays, "max-passphrase-days", "@"),
216 : ARGPARSE_s_n (oEnablePassphraseHistory, "enable-passphrase-history", "@"),
217 :
218 : ARGPARSE_s_n (oIgnoreCacheForSigning, "ignore-cache-for-signing",
219 : /* */ N_("do not use the PIN cache when signing")),
220 : ARGPARSE_s_n (oNoAllowExternalCache, "no-allow-external-cache",
221 : /* */ N_("disallow the use of an external password cache")),
222 : ARGPARSE_s_n (oNoAllowMarkTrusted, "no-allow-mark-trusted",
223 : /* */ N_("disallow clients to mark keys as \"trusted\"")),
224 : ARGPARSE_s_n (oAllowMarkTrusted, "allow-mark-trusted", "@"),
225 : ARGPARSE_s_n (oAllowPresetPassphrase, "allow-preset-passphrase",
226 : /* */ N_("allow presetting passphrase")),
227 : ARGPARSE_s_n (oNoAllowLoopbackPinentry, "no-allow-loopback-pinentry",
228 : N_("disallow caller to override the pinentry")),
229 : ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry", "@"),
230 : ARGPARSE_s_n (oAllowEmacsPinentry, "allow-emacs-pinentry",
231 : /* */ N_("allow passphrase to be prompted through Emacs")),
232 :
233 : ARGPARSE_s_n (oSSHSupport, "enable-ssh-support", N_("enable ssh support")),
234 : ARGPARSE_s_n (oPuttySupport, "enable-putty-support",
235 : #ifdef HAVE_W32_SYSTEM
236 : /* */ N_("enable putty support")
237 : #else
238 : /* */ "@"
239 : #endif
240 : ),
241 :
242 : /* Dummy options for backward compatibility. */
243 : ARGPARSE_o_s (oWriteEnvFile, "write-env-file", "@"),
244 : ARGPARSE_s_n (oUseStandardSocket, "use-standard-socket", "@"),
245 : ARGPARSE_s_n (oNoUseStandardSocket, "no-use-standard-socket", "@"),
246 :
247 : {0} /* End of list */
248 : };
249 :
250 :
251 : /* The list of supported debug flags. */
252 : static struct debug_flags_s debug_flags [] =
253 : {
254 : { DBG_COMMAND_VALUE, "command" },
255 : { DBG_MPI_VALUE , "mpi" },
256 : { DBG_CRYPTO_VALUE , "crypto" },
257 : { DBG_MEMORY_VALUE , "memory" },
258 : { DBG_CACHE_VALUE , "cache" },
259 : { DBG_MEMSTAT_VALUE, "memstat" },
260 : { DBG_HASHING_VALUE, "hashing" },
261 : { DBG_IPC_VALUE , "ipc" },
262 : { 77, NULL } /* 77 := Do not exit on "help" or "?". */
263 : };
264 :
265 :
266 :
267 : #define DEFAULT_CACHE_TTL (10*60) /* 10 minutes */
268 : #define DEFAULT_CACHE_TTL_SSH (30*60) /* 30 minutes */
269 : #define MAX_CACHE_TTL (120*60) /* 2 hours */
270 : #define MAX_CACHE_TTL_SSH (120*60) /* 2 hours */
271 : #define MIN_PASSPHRASE_LEN (8)
272 : #define MIN_PASSPHRASE_NONALPHA (1)
273 : #define MAX_PASSPHRASE_DAYS (0)
274 :
275 : /* The timer tick used for housekeeping stuff. For Windows we use a
276 : longer period as the SetWaitableTimer seems to signal earlier than
277 : the 2 seconds. CHECK_OWN_SOCKET_INTERVAL defines how often we
278 : check our own socket in standard socket mode. If that value is 0
279 : we don't check at all. All values are in seconds. */
280 : #if defined(HAVE_W32CE_SYSTEM)
281 : # define TIMERTICK_INTERVAL (60)
282 : # define CHECK_OWN_SOCKET_INTERVAL (0) /* Never */
283 : #elif defined(HAVE_W32_SYSTEM)
284 : # define TIMERTICK_INTERVAL (4)
285 : # define CHECK_OWN_SOCKET_INTERVAL (60)
286 : #else
287 : # define TIMERTICK_INTERVAL (2)
288 : # define CHECK_OWN_SOCKET_INTERVAL (60)
289 : #endif
290 :
291 :
292 : /* Flag indicating that the ssh-agent subsystem has been enabled. */
293 : static int ssh_support;
294 :
295 : #ifdef HAVE_W32_SYSTEM
296 : /* Flag indicating that support for Putty has been enabled. */
297 : static int putty_support;
298 : /* A magic value used with WM_COPYDATA. */
299 : #define PUTTY_IPC_MAGIC 0x804e50ba
300 : /* To avoid surprises we limit the size of the mapped IPC file to this
301 : value. Putty currently (0.62) uses 8k, thus 16k should be enough
302 : for the foreseeable future. */
303 : #define PUTTY_IPC_MAXLEN 16384
304 : #endif /*HAVE_W32_SYSTEM*/
305 :
306 : /* The list of open file descriptors at startup. Note that this list
307 : has been allocated using the standard malloc. */
308 : static int *startup_fd_list;
309 :
310 : /* The signal mask at startup and a flag telling whether it is valid. */
311 : #ifdef HAVE_SIGPROCMASK
312 : static sigset_t startup_signal_mask;
313 : static int startup_signal_mask_valid;
314 : #endif
315 :
316 : /* Flag to indicate that a shutdown was requested. */
317 : static int shutdown_pending;
318 :
319 : /* Counter for the currently running own socket checks. */
320 : static int check_own_socket_running;
321 :
322 : /* Flags to indicate that check_own_socket shall not be called. */
323 : static int disable_check_own_socket;
324 :
325 : /* Flag indicating that we are in supervised mode. */
326 : static int is_supervised;
327 :
328 : /* Flag to inhibit socket removal in cleanup. */
329 : static int inhibit_socket_removal;
330 :
331 : /* It is possible that we are currently running under setuid permissions */
332 : static int maybe_setuid = 1;
333 :
334 : /* Name of the communication socket used for native gpg-agent
335 : requests. The second variable is either NULL or a malloced string
336 : with the real socket name in case it has been redirected. */
337 : static char *socket_name;
338 : static char *redir_socket_name;
339 :
340 : /* Name of the optional extra socket used for native gpg-agent requests. */
341 : static char *socket_name_extra;
342 : static char *redir_socket_name_extra;
343 :
344 : /* Name of the optional browser socket used for native gpg-agent requests. */
345 : static char *socket_name_browser;
346 : static char *redir_socket_name_browser;
347 :
348 : /* Name of the communication socket used for ssh-agent-emulation. */
349 : static char *socket_name_ssh;
350 : static char *redir_socket_name_ssh;
351 :
352 : /* We need to keep track of the server's nonces (these are dummies for
353 : POSIX systems). */
354 : static assuan_sock_nonce_t socket_nonce;
355 : static assuan_sock_nonce_t socket_nonce_extra;
356 : static assuan_sock_nonce_t socket_nonce_browser;
357 : static assuan_sock_nonce_t socket_nonce_ssh;
358 :
359 :
360 : /* Default values for options passed to the pinentry. */
361 : static char *default_display;
362 : static char *default_ttyname;
363 : static char *default_ttytype;
364 : static char *default_lc_ctype;
365 : static char *default_lc_messages;
366 : static char *default_xauthority;
367 :
368 : /* Name of a config file, which will be reread on a HUP if it is not NULL. */
369 : static char *config_filename;
370 :
371 : /* Helper to implement --debug-level */
372 : static const char *debug_level;
373 :
374 : /* Keep track of the current log file so that we can avoid updating
375 : the log file after a SIGHUP if it didn't changed. Malloced. */
376 : static char *current_logfile;
377 :
378 : /* The handle_tick() function may test whether a parent is still
379 : running. We record the PID of the parent here or -1 if it should be
380 : watched. */
381 : static pid_t parent_pid = (pid_t)(-1);
382 :
383 : /* Number of active connections. */
384 : static int active_connections;
385 :
386 : /* This object is used to dispatch progress messages from Libgcrypt to
387 : * the right thread. Given that we will have at max only a few dozen
388 : * connections at a time, using a linked list is the easiest way to
389 : * handle this. */
390 : struct progress_dispatch_s
391 : {
392 : struct progress_dispatch_s *next;
393 : /* The control object of the connection. If this is NULL no
394 : * connection is associated with this item and it is free for reuse
395 : * by new connections. */
396 : ctrl_t ctrl;
397 :
398 : /* The thread id of (npth_self) of the connection. */
399 : npth_t tid;
400 :
401 : /* The callback set by the connection. This is similar to the
402 : * Libgcrypt callback but with the control object passed as the
403 : * first argument. */
404 : void (*cb)(ctrl_t ctrl,
405 : const char *what, int printchar,
406 : int current, int total);
407 : };
408 : struct progress_dispatch_s *progress_dispatch_list;
409 :
410 :
411 :
412 : �
413 : /*
414 : Local prototypes.
415 : */
416 :
417 : static char *create_socket_name (char *standard_name, int with_homedir);
418 : static gnupg_fd_t create_server_socket (char *name, int primary, int cygwin,
419 : char **r_redir_name,
420 : assuan_sock_nonce_t *nonce);
421 : static void create_directories (void);
422 :
423 : static void agent_libgcrypt_progress_cb (void *data, const char *what,
424 : int printchar,
425 : int current, int total);
426 : static void agent_init_default_ctrl (ctrl_t ctrl);
427 : static void agent_deinit_default_ctrl (ctrl_t ctrl);
428 :
429 : static void handle_connections (gnupg_fd_t listen_fd,
430 : gnupg_fd_t listen_fd_extra,
431 : gnupg_fd_t listen_fd_browser,
432 : gnupg_fd_t listen_fd_ssh);
433 : static void check_own_socket (void);
434 : static int check_for_running_agent (int silent);
435 :
436 : /* Pth wrapper function definitions. */
437 30645 : ASSUAN_SYSTEM_NPTH_IMPL;
438 :
439 : �
440 : /*
441 : Functions.
442 : */
443 :
444 : /* Allocate a string describing a library version by calling a GETFNC.
445 : This function is expected to be called only once. GETFNC is
446 : expected to have a semantic like gcry_check_version (). */
447 : static char *
448 0 : make_libversion (const char *libname, const char *(*getfnc)(const char*))
449 : {
450 : const char *s;
451 : char *result;
452 :
453 0 : if (maybe_setuid)
454 : {
455 0 : gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
456 0 : maybe_setuid = 0;
457 : }
458 0 : s = getfnc (NULL);
459 0 : result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
460 0 : strcpy (stpcpy (stpcpy (result, libname), " "), s);
461 0 : return result;
462 : }
463 :
464 : /* Return strings describing this program. The case values are
465 : described in common/argparse.c:strusage. The values here override
466 : the default values given by strusage. */
467 : static const char *
468 108 : my_strusage (int level)
469 : {
470 : static char *ver_gcry;
471 : const char *p;
472 :
473 108 : switch (level)
474 : {
475 54 : case 11: p = "@GPG_AGENT@ (@GNUPG@)";
476 54 : break;
477 54 : case 13: p = VERSION; break;
478 0 : case 17: p = PRINTABLE_OS_NAME; break;
479 : /* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
480 : reporting address. This is so that we can change the
481 : reporting address without breaking the translations. */
482 0 : case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
483 :
484 : case 20:
485 0 : if (!ver_gcry)
486 0 : ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
487 0 : p = ver_gcry;
488 0 : break;
489 :
490 : case 1:
491 0 : case 40: p = _("Usage: @GPG_AGENT@ [options] (-h for help)");
492 0 : break;
493 0 : case 41: p = _("Syntax: @GPG_AGENT@ [options] [command [args]]\n"
494 : "Secret key management for @GNUPG@\n");
495 0 : break;
496 :
497 0 : default: p = NULL;
498 : }
499 108 : return p;
500 : }
501 :
502 :
503 :
504 : /* Setup the debugging. With the global variable DEBUG_LEVEL set to NULL
505 : only the active debug flags are propagated to the subsystems. With
506 : DEBUG_LEVEL set, a specific set of debug flags is set; thus overriding
507 : all flags already set. Note that we don't fail here, because it is
508 : important to keep gpg-agent running even after re-reading the
509 : options due to a SIGHUP. */
510 : static void
511 50 : set_debug (void)
512 : {
513 50 : int numok = (debug_level && digitp (debug_level));
514 50 : int numlvl = numok? atoi (debug_level) : 0;
515 :
516 50 : if (!debug_level)
517 : ;
518 0 : else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
519 0 : opt.debug = 0;
520 0 : else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
521 0 : opt.debug = DBG_IPC_VALUE;
522 0 : else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
523 0 : opt.debug = DBG_IPC_VALUE|DBG_COMMAND_VALUE;
524 0 : else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
525 0 : opt.debug = (DBG_IPC_VALUE|DBG_COMMAND_VALUE
526 : |DBG_CACHE_VALUE);
527 0 : else if (!strcmp (debug_level, "guru") || numok)
528 : {
529 0 : opt.debug = ~0;
530 : /* Unless the "guru" string has been used we don't want to allow
531 : hashing debugging. The rationale is that people tend to
532 : select the highest debug value and would then clutter their
533 : disk with debug files which may reveal confidential data. */
534 0 : if (numok)
535 0 : opt.debug &= ~(DBG_HASHING_VALUE);
536 : }
537 : else
538 : {
539 0 : log_error (_("invalid debug-level '%s' given\n"), debug_level);
540 0 : opt.debug = 0; /* Reset debugging, so that prior debug
541 : statements won't have an undesired effect. */
542 : }
543 :
544 50 : if (opt.debug && !opt.verbose)
545 0 : opt.verbose = 1;
546 50 : if (opt.debug && opt.quiet)
547 0 : opt.quiet = 0;
548 :
549 50 : if (opt.debug & DBG_MPI_VALUE)
550 0 : gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
551 50 : if (opt.debug & DBG_CRYPTO_VALUE )
552 0 : gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
553 50 : gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
554 :
555 50 : if (opt.debug)
556 0 : parse_debug_flag (NULL, &opt.debug, debug_flags);
557 50 : }
558 :
559 :
560 : /* Helper for cleanup to remove one socket with NAME. REDIR_NAME is
561 : the corresponding real name if the socket has been redirected. */
562 : static void
563 400 : remove_socket (char *name, char *redir_name)
564 : {
565 400 : if (name && *name)
566 : {
567 200 : if (redir_name)
568 0 : name = redir_name;
569 :
570 200 : gnupg_remove (name);
571 200 : *name = 0;
572 : }
573 400 : }
574 :
575 :
576 : /* Discover which inherited file descriptors correspond to which
577 : * services/sockets offered by gpg-agent, using the LISTEN_FDS and
578 : * LISTEN_FDNAMES convention. The understood labels are "ssh",
579 : * "extra", and "browser". "std" or other labels will be interpreted
580 : * as the standard socket.
581 : *
582 : * This function is designed to log errors when the expected file
583 : * descriptors don't make sense, but to do its best to continue to
584 : * work even in the face of minor misconfigurations.
585 : *
586 : * For more information on the LISTEN_FDS convention, see
587 : * sd_listen_fds(3) on certain Linux distributions.
588 : */
589 : #ifndef HAVE_W32_SYSTEM
590 : static void
591 0 : map_supervised_sockets (gnupg_fd_t *r_fd,
592 : gnupg_fd_t *r_fd_extra,
593 : gnupg_fd_t *r_fd_browser,
594 : gnupg_fd_t *r_fd_ssh)
595 : {
596 : struct {
597 : const char *label;
598 : int **fdaddr;
599 : char **nameaddr;
600 0 : } tbl[] = {
601 : { "ssh", &r_fd_ssh, &socket_name_ssh },
602 : { "browser", &r_fd_browser, &socket_name_browser },
603 : { "extra", &r_fd_extra, &socket_name_extra },
604 : { "std", &r_fd, &socket_name } /* (Must be the last item.) */
605 : };
606 : const char *envvar;
607 : char **fdnames;
608 : int nfdnames;
609 : int fd_count;
610 :
611 0 : *r_fd = *r_fd_extra = *r_fd_browser = *r_fd_ssh = -1;
612 :
613 : /* Print a warning if LISTEN_PID does not match outr pid. */
614 0 : envvar = getenv ("LISTEN_PID");
615 0 : if (!envvar)
616 0 : log_error ("no LISTEN_PID environment variable found in "
617 : "--supervised mode (ignoring)\n");
618 0 : else if (strtoul (envvar, NULL, 10) != (unsigned long)getpid ())
619 0 : log_error ("environment variable LISTEN_PID (%lu) does not match"
620 : " our pid (%lu) in --supervised mode (ignoring)\n",
621 : (unsigned long)strtoul (envvar, NULL, 10),
622 0 : (unsigned long)getpid ());
623 :
624 : /* Parse LISTEN_FDNAMES into the array FDNAMES. */
625 0 : envvar = getenv ("LISTEN_FDNAMES");
626 0 : if (envvar)
627 : {
628 0 : fdnames = strtokenize (envvar, ":");
629 0 : if (!fdnames)
630 : {
631 0 : log_error ("strtokenize failed: %s\n",
632 : gpg_strerror (gpg_error_from_syserror ()));
633 0 : agent_exit (1);
634 : }
635 0 : for (nfdnames=0; fdnames[nfdnames]; nfdnames++)
636 : ;
637 : }
638 : else
639 : {
640 0 : fdnames = NULL;
641 0 : nfdnames = 0;
642 : }
643 :
644 : /* Parse LISTEN_FDS into fd_count or provide a replacement. */
645 0 : envvar = getenv ("LISTEN_FDS");
646 0 : if (envvar)
647 0 : fd_count = atoi (envvar);
648 0 : else if (fdnames)
649 : {
650 0 : log_error ("no LISTEN_FDS environment variable found in --supervised"
651 : " mode (relying on LISTEN_FDNAMES instead)\n");
652 0 : fd_count = nfdnames;
653 : }
654 : else
655 : {
656 0 : log_error ("no LISTEN_FDS or LISTEN_FDNAMES environment variables "
657 : "found in --supervised mode"
658 : " (assuming 1 active descriptor)\n");
659 0 : fd_count = 1;
660 : }
661 :
662 0 : if (fd_count < 1)
663 : {
664 0 : log_error ("--supervised mode expects at least one file descriptor"
665 : " (was told %d, carrying on as though it were 1)\n",
666 : fd_count);
667 0 : fd_count = 1;
668 : }
669 :
670 : /* Assign the descriptors to the return values. */
671 0 : if (!fdnames)
672 : {
673 : struct stat statbuf;
674 :
675 0 : if (fd_count != 1)
676 0 : log_error ("no LISTEN_FDNAMES and LISTEN_FDS (%d) != 1"
677 : " in --supervised mode."
678 : " (ignoring all sockets but the first one)\n",
679 : fd_count);
680 0 : if (fstat (3, &statbuf) == -1 && errno ==EBADF)
681 0 : log_fatal ("file descriptor 3 must be valid in --supervised mode"
682 : " if LISTEN_FDNAMES is not set\n");
683 0 : *r_fd = 3;
684 0 : socket_name = gnupg_get_socket_name (3);
685 : }
686 0 : else if (fd_count != nfdnames)
687 : {
688 0 : log_fatal ("number of items in LISTEN_FDNAMES (%d) does not match "
689 : "LISTEN_FDS (%d) in --supervised mode\n",
690 : nfdnames, fd_count);
691 : }
692 : else
693 : {
694 : int i, j, fd;
695 : char *name;
696 :
697 0 : for (i = 0; i < nfdnames; i++)
698 : {
699 0 : for (j = 0; j < DIM (tbl); j++)
700 : {
701 0 : if (!strcmp (fdnames[i], tbl[j].label) || j == DIM(tbl)-1)
702 : {
703 0 : fd = 3 + i;
704 0 : if (**tbl[j].fdaddr == -1)
705 : {
706 0 : name = gnupg_get_socket_name (fd);
707 0 : if (name)
708 : {
709 0 : **tbl[j].fdaddr = fd;
710 0 : *tbl[j].nameaddr = name;
711 0 : log_info ("using fd %d for %s socket (%s)\n",
712 : fd, tbl[j].label, name);
713 : }
714 : else
715 : {
716 0 : log_error ("cannot listen on fd %d for %s socket\n",
717 : fd, tbl[j].label);
718 0 : close (fd);
719 : }
720 : }
721 : else
722 : {
723 0 : log_error ("cannot listen on more than one %s socket\n",
724 : tbl[j].label);
725 0 : close (fd);
726 : }
727 0 : break;
728 : }
729 : }
730 : }
731 : }
732 :
733 0 : xfree (fdnames);
734 0 : }
735 : #endif /*!HAVE_W32_SYSTEM*/
736 :
737 :
738 : /* Cleanup code for this program. This is either called has an atexit
739 : handler or directly. */
740 : static void
741 150 : cleanup (void)
742 : {
743 : static int done;
744 :
745 150 : if (done)
746 200 : return;
747 100 : done = 1;
748 100 : deinitialize_module_cache ();
749 100 : if (!is_supervised && !inhibit_socket_removal)
750 : {
751 100 : remove_socket (socket_name, redir_socket_name);
752 100 : if (opt.extra_socket > 1)
753 100 : remove_socket (socket_name_extra, redir_socket_name_extra);
754 100 : if (opt.browser_socket > 1)
755 100 : remove_socket (socket_name_browser, redir_socket_name_browser);
756 100 : remove_socket (socket_name_ssh, redir_socket_name_ssh);
757 : }
758 : }
759 :
760 :
761 :
762 : /* Handle options which are allowed to be reset after program start.
763 : Return true when the current option in PARGS could be handled and
764 : false if not. As a special feature, passing a value of NULL for
765 : PARGS, resets the options to the default. REREAD should be set
766 : true if it is not the initial option parsing. */
767 : static int
768 466 : parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
769 : {
770 466 : if (!pargs)
771 : { /* reset mode */
772 50 : opt.quiet = 0;
773 50 : opt.verbose = 0;
774 50 : opt.debug = 0;
775 50 : opt.no_grab = 0;
776 50 : opt.debug_pinentry = 0;
777 50 : opt.pinentry_program = NULL;
778 50 : opt.pinentry_touch_file = NULL;
779 50 : xfree (opt.pinentry_invisible_char);
780 50 : opt.pinentry_invisible_char = NULL;
781 50 : opt.pinentry_timeout = 0;
782 50 : opt.scdaemon_program = NULL;
783 50 : opt.def_cache_ttl = DEFAULT_CACHE_TTL;
784 50 : opt.def_cache_ttl_ssh = DEFAULT_CACHE_TTL_SSH;
785 50 : opt.max_cache_ttl = MAX_CACHE_TTL;
786 50 : opt.max_cache_ttl_ssh = MAX_CACHE_TTL_SSH;
787 50 : opt.enforce_passphrase_constraints = 0;
788 50 : opt.min_passphrase_len = MIN_PASSPHRASE_LEN;
789 50 : opt.min_passphrase_nonalpha = MIN_PASSPHRASE_NONALPHA;
790 50 : opt.check_passphrase_pattern = NULL;
791 50 : opt.max_passphrase_days = MAX_PASSPHRASE_DAYS;
792 50 : opt.enable_passphrase_history = 0;
793 50 : opt.ignore_cache_for_signing = 0;
794 50 : opt.allow_mark_trusted = 1;
795 50 : opt.allow_external_cache = 1;
796 50 : opt.allow_loopback_pinentry = 1;
797 50 : opt.allow_emacs_pinentry = 0;
798 50 : opt.disable_scdaemon = 0;
799 50 : disable_check_own_socket = 0;
800 50 : return 1;
801 : }
802 :
803 416 : switch (pargs->r_opt)
804 : {
805 0 : case oQuiet: opt.quiet = 1; break;
806 0 : case oVerbose: opt.verbose++; break;
807 :
808 : case oDebug:
809 0 : parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
810 0 : break;
811 0 : case oDebugAll: opt.debug = ~0; break;
812 0 : case oDebugLevel: debug_level = pargs->r.ret_str; break;
813 0 : case oDebugPinentry: opt.debug_pinentry = 1; break;
814 :
815 : case oLogFile:
816 0 : if (!reread)
817 0 : return 0; /* not handeld */
818 0 : if (!current_logfile || !pargs->r.ret_str
819 0 : || strcmp (current_logfile, pargs->r.ret_str))
820 : {
821 0 : log_set_file (pargs->r.ret_str);
822 0 : xfree (current_logfile);
823 0 : current_logfile = xtrystrdup (pargs->r.ret_str);
824 : }
825 0 : break;
826 :
827 46 : case oNoGrab: opt.no_grab = 1; break;
828 :
829 78 : case oPinentryProgram: opt.pinentry_program = pargs->r.ret_str; break;
830 0 : case oPinentryTouchFile: opt.pinentry_touch_file = pargs->r.ret_str; break;
831 : case oPinentryInvisibleChar:
832 0 : xfree (opt.pinentry_invisible_char);
833 0 : opt.pinentry_invisible_char = xtrystrdup (pargs->r.ret_str); break;
834 : break;
835 0 : case oPinentryTimeout: opt.pinentry_timeout = pargs->r.ret_ulong; break;
836 0 : case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break;
837 0 : case oDisableScdaemon: opt.disable_scdaemon = 1; break;
838 0 : case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
839 :
840 0 : case oDefCacheTTL: opt.def_cache_ttl = pargs->r.ret_ulong; break;
841 0 : case oDefCacheTTLSSH: opt.def_cache_ttl_ssh = pargs->r.ret_ulong; break;
842 0 : case oMaxCacheTTL: opt.max_cache_ttl = pargs->r.ret_ulong; break;
843 0 : case oMaxCacheTTLSSH: opt.max_cache_ttl_ssh = pargs->r.ret_ulong; break;
844 :
845 : case oEnforcePassphraseConstraints:
846 0 : opt.enforce_passphrase_constraints=1;
847 0 : break;
848 0 : case oMinPassphraseLen: opt.min_passphrase_len = pargs->r.ret_ulong; break;
849 : case oMinPassphraseNonalpha:
850 0 : opt.min_passphrase_nonalpha = pargs->r.ret_ulong;
851 0 : break;
852 : case oCheckPassphrasePattern:
853 0 : opt.check_passphrase_pattern = pargs->r.ret_str;
854 0 : break;
855 : case oMaxPassphraseDays:
856 0 : opt.max_passphrase_days = pargs->r.ret_ulong;
857 0 : break;
858 : case oEnablePassphraseHistory:
859 0 : opt.enable_passphrase_history = 1;
860 0 : break;
861 :
862 0 : case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;
863 :
864 0 : case oAllowMarkTrusted: opt.allow_mark_trusted = 1; break;
865 0 : case oNoAllowMarkTrusted: opt.allow_mark_trusted = 0; break;
866 :
867 46 : case oAllowPresetPassphrase: opt.allow_preset_passphrase = 1; break;
868 :
869 0 : case oAllowLoopbackPinentry: opt.allow_loopback_pinentry = 1; break;
870 0 : case oNoAllowLoopbackPinentry: opt.allow_loopback_pinentry = 0; break;
871 :
872 0 : case oNoAllowExternalCache: opt.allow_external_cache = 0;
873 0 : break;
874 :
875 0 : case oAllowEmacsPinentry: opt.allow_emacs_pinentry = 1;
876 0 : break;
877 :
878 : default:
879 246 : return 0; /* not handled */
880 : }
881 :
882 170 : return 1; /* handled */
883 : }
884 :
885 :
886 : /* Fixup some options after all have been processed. */
887 : static void
888 50 : finalize_rereadable_options (void)
889 : {
890 50 : }
891 :
892 :
893 : static void
894 50 : thread_init_once (void)
895 : {
896 : static int npth_initialized = 0;
897 :
898 50 : if (!npth_initialized)
899 : {
900 50 : npth_initialized++;
901 50 : npth_init ();
902 : }
903 50 : gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
904 : /* Now that we have set the syscall clamp we need to tell Libgcrypt
905 : * that it should get them from libgpg-error. Note that Libgcrypt
906 : * has already been initialized but at that point nPth was not
907 : * initialized and thus Libgcrypt could not set its system call
908 : * clamp. */
909 : #if GCRYPT_VERSION_NUMBER >= 0x010800 /* 1.8.0 */
910 : gcry_control (GCRYCTL_REINIT_SYSCALL_CLAMP, 0, 0);
911 : #endif
912 50 : }
913 :
914 :
915 : static void
916 50 : initialize_modules (void)
917 : {
918 50 : thread_init_once ();
919 50 : assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
920 50 : initialize_module_cache ();
921 50 : initialize_module_call_pinentry ();
922 50 : initialize_module_call_scd ();
923 50 : initialize_module_trustlist ();
924 50 : }
925 :
926 :
927 : /* The main entry point. */
928 : int
929 50 : main (int argc, char **argv )
930 : {
931 : ARGPARSE_ARGS pargs;
932 : int orig_argc;
933 : char **orig_argv;
934 50 : FILE *configfp = NULL;
935 50 : char *configname = NULL;
936 : const char *shell;
937 : unsigned configlineno;
938 50 : int parse_debug = 0;
939 50 : int default_config =1;
940 50 : int pipe_server = 0;
941 50 : int is_daemon = 0;
942 50 : int nodetach = 0;
943 50 : int csh_style = 0;
944 50 : char *logfile = NULL;
945 50 : int debug_wait = 0;
946 50 : int gpgconf_list = 0;
947 : gpg_error_t err;
948 : struct assuan_malloc_hooks malloc_hooks;
949 :
950 50 : early_system_init ();
951 :
952 : /* Before we do anything else we save the list of currently open
953 : file descriptors and the signal mask. This info is required to
954 : do the exec call properly. */
955 50 : startup_fd_list = get_all_open_fds ();
956 : #ifdef HAVE_SIGPROCMASK
957 50 : if (!sigprocmask (SIG_UNBLOCK, NULL, &startup_signal_mask))
958 50 : startup_signal_mask_valid = 1;
959 : #endif /*HAVE_SIGPROCMASK*/
960 :
961 : /* Set program name etc. */
962 50 : set_strusage (my_strusage);
963 50 : gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
964 : /* Please note that we may running SUID(ROOT), so be very CAREFUL
965 : when adding any stuff between here and the call to INIT_SECMEM()
966 : somewhere after the option parsing */
967 50 : log_set_prefix (GPG_AGENT_NAME, GPGRT_LOG_WITH_PREFIX|GPGRT_LOG_WITH_PID);
968 :
969 : /* Make sure that our subsystems are ready. */
970 50 : i18n_init ();
971 50 : init_common_subsystems (&argc, &argv);
972 :
973 50 : malloc_hooks.malloc = gcry_malloc;
974 50 : malloc_hooks.realloc = gcry_realloc;
975 50 : malloc_hooks.free = gcry_free;
976 50 : assuan_set_malloc_hooks (&malloc_hooks);
977 50 : assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
978 50 : assuan_sock_init ();
979 50 : setup_libassuan_logging (&opt.debug, NULL);
980 :
981 50 : setup_libgcrypt_logging ();
982 50 : gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
983 50 : gcry_set_progress_handler (agent_libgcrypt_progress_cb, NULL);
984 :
985 50 : disable_core_dumps ();
986 :
987 : /* Set default options. */
988 50 : parse_rereadable_options (NULL, 0); /* Reset them to default values. */
989 :
990 50 : shell = getenv ("SHELL");
991 50 : if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
992 0 : csh_style = 1;
993 :
994 : /* Record some of the original environment strings. */
995 : {
996 : const char *s;
997 : int idx;
998 : static const char *names[] =
999 : { "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL };
1000 :
1001 50 : err = 0;
1002 50 : opt.startup_env = session_env_new ();
1003 50 : if (!opt.startup_env)
1004 0 : err = gpg_error_from_syserror ();
1005 250 : for (idx=0; !err && names[idx]; idx++)
1006 : {
1007 200 : s = getenv (names[idx]);
1008 200 : if (s)
1009 100 : err = session_env_setenv (opt.startup_env, names[idx], s);
1010 : }
1011 50 : if (!err)
1012 : {
1013 50 : s = gnupg_ttyname (0);
1014 50 : if (s)
1015 0 : err = session_env_setenv (opt.startup_env, "GPG_TTY", s);
1016 : }
1017 50 : if (err)
1018 0 : log_fatal ("error recording startup environment: %s\n",
1019 : gpg_strerror (err));
1020 :
1021 : /* Fixme: Better use the locale function here. */
1022 50 : opt.startup_lc_ctype = getenv ("LC_CTYPE");
1023 50 : if (opt.startup_lc_ctype)
1024 50 : opt.startup_lc_ctype = xstrdup (opt.startup_lc_ctype);
1025 50 : opt.startup_lc_messages = getenv ("LC_MESSAGES");
1026 50 : if (opt.startup_lc_messages)
1027 0 : opt.startup_lc_messages = xstrdup (opt.startup_lc_messages);
1028 : }
1029 :
1030 : /* Check whether we have a config file on the commandline */
1031 50 : orig_argc = argc;
1032 50 : orig_argv = argv;
1033 50 : pargs.argc = &argc;
1034 50 : pargs.argv = &argv;
1035 50 : pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
1036 300 : while (arg_parse( &pargs, opts))
1037 : {
1038 200 : if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
1039 0 : parse_debug++;
1040 200 : else if (pargs.r_opt == oOptions)
1041 : { /* yes there is one, so we do not try the default one, but
1042 : read the option file when it is encountered at the
1043 : commandline */
1044 0 : default_config = 0;
1045 : }
1046 200 : else if (pargs.r_opt == oNoOptions)
1047 0 : default_config = 0; /* --no-options */
1048 200 : else if (pargs.r_opt == oHomedir)
1049 50 : gnupg_set_homedir (pargs.r.ret_str);
1050 150 : else if (pargs.r_opt == oDebugQuickRandom)
1051 : {
1052 50 : gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
1053 : }
1054 :
1055 : }
1056 :
1057 : /* Initialize the secure memory. */
1058 50 : gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
1059 50 : maybe_setuid = 0;
1060 :
1061 : /*
1062 : Now we are now working under our real uid
1063 : */
1064 :
1065 50 : if (default_config)
1066 50 : configname = make_filename (gnupg_homedir (),
1067 : GPG_AGENT_NAME EXTSEP_S "conf", NULL);
1068 :
1069 50 : argc = orig_argc;
1070 50 : argv = orig_argv;
1071 50 : pargs.argc = &argc;
1072 50 : pargs.argv = &argv;
1073 50 : pargs.flags= 1; /* do not remove the args */
1074 : next_pass:
1075 96 : if (configname)
1076 : {
1077 50 : configlineno = 0;
1078 50 : configfp = fopen (configname, "r");
1079 50 : if (!configfp)
1080 : {
1081 4 : if (default_config)
1082 : {
1083 4 : if( parse_debug )
1084 0 : log_info (_("Note: no default option file '%s'\n"),
1085 : configname );
1086 : /* Save the default conf file name so that
1087 : reread_configuration is able to test whether the
1088 : config file has been created in the meantime. */
1089 4 : xfree (config_filename);
1090 4 : config_filename = configname;
1091 4 : configname = NULL;
1092 : }
1093 : else
1094 : {
1095 0 : log_error (_("option file '%s': %s\n"),
1096 0 : configname, strerror(errno) );
1097 0 : exit(2);
1098 : }
1099 4 : xfree (configname);
1100 4 : configname = NULL;
1101 : }
1102 50 : if (parse_debug && configname )
1103 0 : log_info (_("reading options from '%s'\n"), configname );
1104 50 : default_config = 0;
1105 : }
1106 :
1107 608 : while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
1108 : {
1109 416 : if (parse_rereadable_options (&pargs, 0))
1110 170 : continue; /* Already handled */
1111 246 : switch (pargs.r_opt)
1112 : {
1113 0 : case aGPGConfList: gpgconf_list = 1; break;
1114 0 : case aGPGConfTest: gpgconf_list = 2; break;
1115 0 : case aUseStandardSocketP: gpgconf_list = 3; break;
1116 0 : case oBatch: opt.batch=1; break;
1117 :
1118 0 : case oDebugWait: debug_wait = pargs.r.ret_int; break;
1119 :
1120 : case oOptions:
1121 : /* config files may not be nested (silently ignore them) */
1122 0 : if (!configfp)
1123 : {
1124 0 : xfree(configname);
1125 0 : configname = xstrdup(pargs.r.ret_str);
1126 0 : goto next_pass;
1127 : }
1128 0 : break;
1129 0 : case oNoGreeting: /* Dummy option. */ break;
1130 0 : case oNoVerbose: opt.verbose = 0; break;
1131 0 : case oNoOptions: break; /* no-options */
1132 50 : case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break;
1133 0 : case oNoDetach: nodetach = 1; break;
1134 0 : case oLogFile: logfile = pargs.r.ret_str; break;
1135 0 : case oCsh: csh_style = 1; break;
1136 0 : case oSh: csh_style = 0; break;
1137 0 : case oServer: pipe_server = 1; break;
1138 50 : case oDaemon: is_daemon = 1; break;
1139 0 : case oSupervised: is_supervised = 1; break;
1140 :
1141 0 : case oDisplay: default_display = xstrdup (pargs.r.ret_str); break;
1142 0 : case oTTYname: default_ttyname = xstrdup (pargs.r.ret_str); break;
1143 0 : case oTTYtype: default_ttytype = xstrdup (pargs.r.ret_str); break;
1144 0 : case oLCctype: default_lc_ctype = xstrdup (pargs.r.ret_str); break;
1145 0 : case oLCmessages: default_lc_messages = xstrdup (pargs.r.ret_str);
1146 0 : break;
1147 0 : case oXauthority: default_xauthority = xstrdup (pargs.r.ret_str);
1148 0 : break;
1149 :
1150 : case oUseStandardSocket:
1151 : case oNoUseStandardSocket:
1152 50 : obsolete_option (configname, configlineno, "use-standard-socket");
1153 50 : break;
1154 :
1155 : case oFakedSystemTime:
1156 : {
1157 0 : time_t faked_time = isotime2epoch (pargs.r.ret_str);
1158 0 : if (faked_time == (time_t)(-1))
1159 0 : faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
1160 0 : gnupg_set_time (faked_time, 0);
1161 : }
1162 0 : break;
1163 :
1164 0 : case oKeepTTY: opt.keep_tty = 1; break;
1165 0 : case oKeepDISPLAY: opt.keep_display = 1; break;
1166 :
1167 : case oSSHSupport:
1168 46 : ssh_support = 1;
1169 46 : break;
1170 : case oPuttySupport:
1171 : # ifdef HAVE_W32_SYSTEM
1172 : putty_support = 1;
1173 : # endif
1174 0 : break;
1175 :
1176 : case oExtraSocket:
1177 0 : opt.extra_socket = 1; /* (1 = points into argv) */
1178 0 : socket_name_extra = pargs.r.ret_str;
1179 0 : break;
1180 :
1181 : case oBrowserSocket:
1182 0 : opt.browser_socket = 1; /* (1 = points into argv) */
1183 0 : socket_name_browser = pargs.r.ret_str;
1184 0 : break;
1185 :
1186 : case oDebugQuickRandom:
1187 : /* Only used by the first stage command line parser. */
1188 50 : break;
1189 :
1190 : case oWriteEnvFile:
1191 0 : obsolete_option (configname, configlineno, "write-env-file");
1192 0 : break;
1193 :
1194 0 : default : pargs.err = configfp? 1:2; break;
1195 : }
1196 : }
1197 96 : if (configfp)
1198 : {
1199 46 : fclose( configfp );
1200 46 : configfp = NULL;
1201 : /* Keep a copy of the name so that it can be read on SIGHUP. */
1202 46 : if (config_filename != configname)
1203 : {
1204 46 : xfree (config_filename);
1205 46 : config_filename = configname;
1206 : }
1207 46 : configname = NULL;
1208 46 : goto next_pass;
1209 : }
1210 :
1211 50 : xfree (configname);
1212 50 : configname = NULL;
1213 50 : if (log_get_errorcount(0))
1214 0 : exit(2);
1215 :
1216 50 : finalize_rereadable_options ();
1217 :
1218 : /* Print a warning if an argument looks like an option. */
1219 50 : if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
1220 : {
1221 : int i;
1222 :
1223 50 : for (i=0; i < argc; i++)
1224 0 : if (argv[i][0] == '-' && argv[i][1] == '-')
1225 0 : log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
1226 : }
1227 :
1228 : #ifdef ENABLE_NLS
1229 : /* gpg-agent usually does not output any messages because it runs in
1230 : the background. For log files it is acceptable to have messages
1231 : always encoded in utf-8. We switch here to utf-8, so that
1232 : commands like --help still give native messages. It is far
1233 : easier to switch only once instead of for every message and it
1234 : actually helps when more then one thread is active (avoids an
1235 : extra copy step). */
1236 50 : bind_textdomain_codeset (PACKAGE_GT, "UTF-8");
1237 : #endif
1238 :
1239 50 : if (!pipe_server && !is_daemon && !gpgconf_list && !is_supervised)
1240 : {
1241 : /* We have been called without any command and thus we merely
1242 : check whether an agent is already running. We do this right
1243 : here so that we don't clobber a logfile with this check but
1244 : print the status directly to stderr. */
1245 0 : opt.debug = 0;
1246 0 : set_debug ();
1247 0 : check_for_running_agent (0);
1248 0 : agent_exit (0);
1249 : }
1250 :
1251 50 : if (is_supervised)
1252 : ;
1253 50 : else if (!opt.extra_socket)
1254 50 : opt.extra_socket = 1;
1255 0 : else if (socket_name_extra
1256 0 : && (!strcmp (socket_name_extra, "none")
1257 0 : || !strcmp (socket_name_extra, "/dev/null")))
1258 : {
1259 : /* User requested not to create this socket. */
1260 0 : opt.extra_socket = 0;
1261 0 : socket_name_extra = NULL;
1262 : }
1263 :
1264 50 : if (is_supervised)
1265 : ;
1266 50 : else if (!opt.browser_socket)
1267 50 : opt.browser_socket = 1;
1268 0 : else if (socket_name_browser
1269 0 : && (!strcmp (socket_name_browser, "none")
1270 0 : || !strcmp (socket_name_browser, "/dev/null")))
1271 : {
1272 : /* User requested not to create this socket. */
1273 0 : opt.browser_socket = 0;
1274 0 : socket_name_browser = NULL;
1275 : }
1276 :
1277 50 : set_debug ();
1278 :
1279 50 : if (atexit (cleanup))
1280 : {
1281 0 : log_error ("atexit failed\n");
1282 0 : cleanup ();
1283 0 : exit (1);
1284 : }
1285 :
1286 : /* Try to create missing directories. */
1287 50 : create_directories ();
1288 :
1289 50 : if (debug_wait && pipe_server)
1290 : {
1291 0 : thread_init_once ();
1292 0 : log_debug ("waiting for debugger - my pid is %u .....\n",
1293 0 : (unsigned int)getpid());
1294 0 : gnupg_sleep (debug_wait);
1295 0 : log_debug ("... okay\n");
1296 : }
1297 :
1298 50 : if (gpgconf_list == 3)
1299 : {
1300 : /* We now use the standard socket always - return true for
1301 : backward compatibility. */
1302 0 : agent_exit (0);
1303 : }
1304 50 : else if (gpgconf_list == 2)
1305 0 : agent_exit (0);
1306 50 : else if (gpgconf_list)
1307 : {
1308 : char *filename;
1309 : char *filename_esc;
1310 :
1311 : /* List options and default values in the GPG Conf format. */
1312 0 : filename = make_filename (gnupg_homedir (),
1313 : GPG_AGENT_NAME EXTSEP_S "conf", NULL);
1314 0 : filename_esc = percent_escape (filename, NULL);
1315 :
1316 0 : es_printf ("%s-%s.conf:%lu:\"%s\n",
1317 : GPGCONF_NAME, GPG_AGENT_NAME,
1318 : GC_OPT_FLAG_DEFAULT, filename_esc);
1319 0 : xfree (filename);
1320 0 : xfree (filename_esc);
1321 :
1322 0 : es_printf ("verbose:%lu:\n"
1323 : "quiet:%lu:\n"
1324 : "debug-level:%lu:\"none:\n"
1325 : "log-file:%lu:\n",
1326 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME,
1327 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME,
1328 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
1329 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME );
1330 0 : es_printf ("default-cache-ttl:%lu:%d:\n",
1331 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, DEFAULT_CACHE_TTL );
1332 0 : es_printf ("default-cache-ttl-ssh:%lu:%d:\n",
1333 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, DEFAULT_CACHE_TTL_SSH );
1334 0 : es_printf ("max-cache-ttl:%lu:%d:\n",
1335 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MAX_CACHE_TTL );
1336 0 : es_printf ("max-cache-ttl-ssh:%lu:%d:\n",
1337 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MAX_CACHE_TTL_SSH );
1338 0 : es_printf ("enforce-passphrase-constraints:%lu:\n",
1339 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1340 0 : es_printf ("min-passphrase-len:%lu:%d:\n",
1341 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MIN_PASSPHRASE_LEN );
1342 0 : es_printf ("min-passphrase-nonalpha:%lu:%d:\n",
1343 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
1344 : MIN_PASSPHRASE_NONALPHA);
1345 0 : es_printf ("check-passphrase-pattern:%lu:\n",
1346 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME);
1347 0 : es_printf ("max-passphrase-days:%lu:%d:\n",
1348 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
1349 : MAX_PASSPHRASE_DAYS);
1350 0 : es_printf ("enable-passphrase-history:%lu:\n",
1351 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1352 0 : es_printf ("no-grab:%lu:\n",
1353 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1354 0 : es_printf ("ignore-cache-for-signing:%lu:\n",
1355 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1356 0 : es_printf ("no-allow-external-cache:%lu:\n",
1357 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1358 0 : es_printf ("no-allow-mark-trusted:%lu:\n",
1359 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1360 0 : es_printf ("disable-scdaemon:%lu:\n",
1361 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1362 0 : es_printf ("enable-ssh-support:%lu:\n", GC_OPT_FLAG_NONE);
1363 : #ifdef HAVE_W32_SYSTEM
1364 : es_printf ("enable-putty-support:%lu:\n", GC_OPT_FLAG_NONE);
1365 : #endif
1366 0 : es_printf ("no-allow-loopback-pinentry:%lu:\n",
1367 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1368 0 : es_printf ("allow-emacs-pinentry:%lu:\n",
1369 : GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
1370 0 : es_printf ("pinentry-timeout:%lu:0:\n",
1371 : GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME);
1372 :
1373 0 : agent_exit (0);
1374 : }
1375 :
1376 : /* Now start with logging to a file if this is desired. */
1377 50 : if (logfile)
1378 : {
1379 0 : log_set_file (logfile);
1380 0 : log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1381 : | GPGRT_LOG_WITH_TIME
1382 : | GPGRT_LOG_WITH_PID));
1383 0 : current_logfile = xstrdup (logfile);
1384 : }
1385 :
1386 : /* Make sure that we have a default ttyname. */
1387 50 : if (!default_ttyname && gnupg_ttyname (1))
1388 0 : default_ttyname = xstrdup (gnupg_ttyname (1));
1389 50 : if (!default_ttytype && getenv ("TERM"))
1390 50 : default_ttytype = xstrdup (getenv ("TERM"));
1391 :
1392 :
1393 50 : if (pipe_server)
1394 : {
1395 : /* This is the simple pipe based server */
1396 : ctrl_t ctrl;
1397 :
1398 0 : initialize_modules ();
1399 :
1400 0 : ctrl = xtrycalloc (1, sizeof *ctrl);
1401 0 : if (!ctrl)
1402 : {
1403 0 : log_error ("error allocating connection control data: %s\n",
1404 0 : strerror (errno) );
1405 0 : agent_exit (1);
1406 : }
1407 0 : ctrl->session_env = session_env_new ();
1408 0 : if (!ctrl->session_env)
1409 : {
1410 0 : log_error ("error allocating session environment block: %s\n",
1411 0 : strerror (errno) );
1412 0 : xfree (ctrl);
1413 0 : agent_exit (1);
1414 : }
1415 0 : agent_init_default_ctrl (ctrl);
1416 0 : start_command_handler (ctrl, GNUPG_INVALID_FD, GNUPG_INVALID_FD);
1417 0 : agent_deinit_default_ctrl (ctrl);
1418 0 : xfree (ctrl);
1419 : }
1420 50 : else if (is_supervised)
1421 : {
1422 : #ifndef HAVE_W32_SYSTEM
1423 : gnupg_fd_t fd, fd_extra, fd_browser, fd_ssh;
1424 :
1425 0 : initialize_modules ();
1426 :
1427 : /* when supervised and sending logs to stderr, the process
1428 : supervisor should handle log entry metadata (pid, name,
1429 : timestamp) */
1430 0 : if (!logfile)
1431 0 : log_set_prefix (NULL, 0);
1432 :
1433 0 : log_info ("%s %s starting in supervised mode.\n",
1434 : strusage(11), strusage(13) );
1435 :
1436 : /* See below in "regular server mode" on why we remove certain
1437 : * envvars. */
1438 0 : if (!opt.keep_display)
1439 0 : gnupg_unsetenv ("DISPLAY");
1440 0 : gnupg_unsetenv ("INSIDE_EMACS");
1441 :
1442 : /* Virtually create the sockets. Note that we use -1 here
1443 : * because the whole thing works only on Unix. */
1444 0 : map_supervised_sockets (&fd, &fd_extra, &fd_browser, &fd_ssh);
1445 0 : if (fd == -1)
1446 0 : log_fatal ("no standard socket provided\n");
1447 :
1448 : #ifdef HAVE_SIGPROCMASK
1449 0 : if (startup_signal_mask_valid)
1450 : {
1451 0 : if (sigprocmask (SIG_SETMASK, &startup_signal_mask, NULL))
1452 0 : log_error ("error restoring signal mask: %s\n",
1453 0 : strerror (errno));
1454 : }
1455 : else
1456 0 : log_info ("no saved signal mask\n");
1457 : #endif /*HAVE_SIGPROCMASK*/
1458 :
1459 0 : log_info ("listening on: std=%d extra=%d browser=%d ssh=%d\n",
1460 : fd, fd_extra, fd_browser, fd_ssh);
1461 0 : handle_connections (fd, fd_extra, fd_browser, fd_ssh);
1462 : #endif /*!HAVE_W32_SYSTEM*/
1463 : }
1464 50 : else if (!is_daemon)
1465 : ; /* NOTREACHED */
1466 : else
1467 : { /* Regular server mode */
1468 : gnupg_fd_t fd;
1469 50 : gnupg_fd_t fd_extra = GNUPG_INVALID_FD;
1470 50 : gnupg_fd_t fd_browser = GNUPG_INVALID_FD;
1471 50 : gnupg_fd_t fd_ssh = GNUPG_INVALID_FD;
1472 : #ifndef HAVE_W32_SYSTEM
1473 : pid_t pid;
1474 : #endif
1475 :
1476 : /* Remove the DISPLAY variable so that a pinentry does not
1477 : default to a specific display. There is still a default
1478 : display when gpg-agent was started using --display or a
1479 : client requested this using an OPTION command. Note, that we
1480 : don't do this when running in reverse daemon mode (i.e. when
1481 : exec the program given as arguments). */
1482 : #ifndef HAVE_W32_SYSTEM
1483 50 : if (!opt.keep_display && !argc)
1484 50 : gnupg_unsetenv ("DISPLAY");
1485 : #endif
1486 :
1487 : /* Remove the INSIDE_EMACS variable so that a pinentry does not
1488 : always try to interact with Emacs. The variable is set when
1489 : a client requested this using an OPTION command. */
1490 50 : gnupg_unsetenv ("INSIDE_EMACS");
1491 :
1492 : /* Create the sockets. */
1493 50 : socket_name = create_socket_name (GPG_AGENT_SOCK_NAME, 1);
1494 50 : fd = create_server_socket (socket_name, 1, 0,
1495 : &redir_socket_name, &socket_nonce);
1496 :
1497 50 : if (opt.extra_socket)
1498 : {
1499 50 : if (socket_name_extra)
1500 0 : socket_name_extra = create_socket_name (socket_name_extra, 0);
1501 : else
1502 50 : socket_name_extra = create_socket_name
1503 : /**/ (GPG_AGENT_EXTRA_SOCK_NAME, 1);
1504 50 : opt.extra_socket = 2; /* Indicate that it has been malloced. */
1505 50 : fd_extra = create_server_socket (socket_name_extra, 0, 0,
1506 : &redir_socket_name_extra,
1507 : &socket_nonce_extra);
1508 : }
1509 :
1510 50 : if (opt.browser_socket)
1511 : {
1512 50 : if (socket_name_browser)
1513 0 : socket_name_browser = create_socket_name (socket_name_browser, 0);
1514 : else
1515 50 : socket_name_browser= create_socket_name
1516 : /**/ (GPG_AGENT_BROWSER_SOCK_NAME, 1);
1517 50 : opt.browser_socket = 2; /* Indicate that it has been malloced. */
1518 50 : fd_browser = create_server_socket (socket_name_browser, 0, 0,
1519 : &redir_socket_name_browser,
1520 : &socket_nonce_browser);
1521 : }
1522 :
1523 50 : socket_name_ssh = create_socket_name (GPG_AGENT_SSH_SOCK_NAME, 1);
1524 50 : fd_ssh = create_server_socket (socket_name_ssh, 0, 1,
1525 : &redir_socket_name_ssh,
1526 : &socket_nonce_ssh);
1527 :
1528 : /* If we are going to exec a program in the parent, we record
1529 : the PID, so that the child may check whether the program is
1530 : still alive. */
1531 50 : if (argc)
1532 0 : parent_pid = getpid ();
1533 :
1534 50 : fflush (NULL);
1535 : #ifdef HAVE_W32_SYSTEM
1536 : (void)csh_style;
1537 : (void)nodetach;
1538 : #else /*!HAVE_W32_SYSTEM*/
1539 50 : pid = fork ();
1540 100 : if (pid == (pid_t)-1)
1541 : {
1542 0 : log_fatal ("fork failed: %s\n", strerror (errno) );
1543 : exit (1);
1544 : }
1545 100 : else if (pid)
1546 : { /* We are the parent */
1547 : char *infostr_ssh_sock, *infostr_ssh_valid;
1548 :
1549 : /* Close the socket FD. */
1550 50 : close (fd);
1551 :
1552 : /* The signal mask might not be correct right now and thus
1553 : we restore it. That is not strictly necessary but some
1554 : programs falsely assume a cleared signal mask. */
1555 :
1556 : #ifdef HAVE_SIGPROCMASK
1557 50 : if (startup_signal_mask_valid)
1558 : {
1559 50 : if (sigprocmask (SIG_SETMASK, &startup_signal_mask, NULL))
1560 0 : log_error ("error restoring signal mask: %s\n",
1561 0 : strerror (errno));
1562 : }
1563 : else
1564 0 : log_info ("no saved signal mask\n");
1565 : #endif /*HAVE_SIGPROCMASK*/
1566 :
1567 : /* Create the SSH info string if enabled. */
1568 50 : if (ssh_support)
1569 : {
1570 46 : if (asprintf (&infostr_ssh_sock, "SSH_AUTH_SOCK=%s",
1571 : socket_name_ssh) < 0)
1572 : {
1573 0 : log_error ("out of core\n");
1574 0 : kill (pid, SIGTERM);
1575 0 : exit (1);
1576 : }
1577 46 : if (asprintf (&infostr_ssh_valid, "gnupg_SSH_AUTH_SOCK_by=%lu",
1578 46 : (unsigned long)getpid()) < 0)
1579 : {
1580 0 : log_error ("out of core\n");
1581 0 : kill (pid, SIGTERM);
1582 0 : exit (1);
1583 : }
1584 : }
1585 :
1586 50 : *socket_name = 0; /* Don't let cleanup() remove the socket -
1587 : the child should do this from now on */
1588 50 : if (opt.extra_socket)
1589 50 : *socket_name_extra = 0;
1590 50 : if (opt.browser_socket)
1591 50 : *socket_name_browser = 0;
1592 50 : *socket_name_ssh = 0;
1593 :
1594 50 : if (argc)
1595 : { /* Run the program given on the commandline. */
1596 0 : if (ssh_support && (putenv (infostr_ssh_sock)
1597 0 : || putenv (infostr_ssh_valid)))
1598 : {
1599 0 : log_error ("failed to set environment: %s\n",
1600 0 : strerror (errno) );
1601 0 : kill (pid, SIGTERM );
1602 0 : exit (1);
1603 : }
1604 :
1605 : /* Close all the file descriptors except the standard
1606 : ones and those open at startup. We explicitly don't
1607 : close 0,1,2 in case something went wrong collecting
1608 : them at startup. */
1609 0 : close_all_fds (3, startup_fd_list);
1610 :
1611 : /* Run the command. */
1612 0 : execvp (argv[0], argv);
1613 0 : log_error ("failed to run the command: %s\n", strerror (errno));
1614 0 : kill (pid, SIGTERM);
1615 0 : exit (1);
1616 : }
1617 : else
1618 : {
1619 : /* Print the environment string, so that the caller can use
1620 : shell's eval to set it */
1621 50 : if (csh_style)
1622 : {
1623 0 : if (ssh_support)
1624 : {
1625 0 : *strchr (infostr_ssh_sock, '=') = ' ';
1626 0 : es_printf ("setenv %s;\n", infostr_ssh_sock);
1627 : }
1628 : }
1629 : else
1630 : {
1631 50 : if (ssh_support)
1632 : {
1633 46 : es_printf ("%s; export SSH_AUTH_SOCK;\n",
1634 : infostr_ssh_sock);
1635 : }
1636 : }
1637 50 : if (ssh_support)
1638 : {
1639 46 : xfree (infostr_ssh_sock);
1640 46 : xfree (infostr_ssh_valid);
1641 : }
1642 50 : exit (0);
1643 : }
1644 : /*NOTREACHED*/
1645 : } /* End parent */
1646 :
1647 : /*
1648 : This is the child
1649 : */
1650 :
1651 50 : initialize_modules ();
1652 :
1653 : /* Detach from tty and put process into a new session */
1654 50 : if (!nodetach )
1655 : {
1656 : int i;
1657 : unsigned int oldflags;
1658 :
1659 : /* Close stdin, stdout and stderr unless it is the log stream */
1660 200 : for (i=0; i <= 2; i++)
1661 : {
1662 150 : if (!log_test_fd (i) && i != fd )
1663 : {
1664 100 : if ( ! close (i)
1665 100 : && open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
1666 : {
1667 0 : log_error ("failed to open '%s': %s\n",
1668 0 : "/dev/null", strerror (errno));
1669 0 : cleanup ();
1670 0 : exit (1);
1671 : }
1672 : }
1673 : }
1674 50 : if (setsid() == -1)
1675 : {
1676 0 : log_error ("setsid() failed: %s\n", strerror(errno) );
1677 0 : cleanup ();
1678 0 : exit (1);
1679 : }
1680 :
1681 50 : log_get_prefix (&oldflags);
1682 50 : log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
1683 50 : opt.running_detached = 1;
1684 : }
1685 :
1686 50 : if (chdir("/"))
1687 : {
1688 0 : log_error ("chdir to / failed: %s\n", strerror (errno));
1689 0 : exit (1);
1690 : }
1691 :
1692 : {
1693 : struct sigaction sa;
1694 :
1695 50 : sa.sa_handler = SIG_IGN;
1696 50 : sigemptyset (&sa.sa_mask);
1697 50 : sa.sa_flags = 0;
1698 50 : sigaction (SIGPIPE, &sa, NULL);
1699 : }
1700 : #endif /*!HAVE_W32_SYSTEM*/
1701 :
1702 50 : log_info ("%s %s started\n", strusage(11), strusage(13) );
1703 50 : handle_connections (fd, fd_extra, fd_browser, fd_ssh);
1704 4 : assuan_sock_close (fd);
1705 : }
1706 :
1707 4 : return 0;
1708 : }
1709 :
1710 :
1711 : /* Exit entry point. This function should be called instead of a
1712 : plain exit. */
1713 : void
1714 46 : agent_exit (int rc)
1715 : {
1716 : /*FIXME: update_random_seed_file();*/
1717 :
1718 : /* We run our cleanup handler because that may close cipher contexts
1719 : stored in secure memory and thus this needs to be done before we
1720 : explicitly terminate secure memory. */
1721 46 : cleanup ();
1722 :
1723 : #if 1
1724 : /* at this time a bit annoying */
1725 46 : if (opt.debug & DBG_MEMSTAT_VALUE)
1726 : {
1727 0 : gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
1728 0 : gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
1729 : }
1730 46 : if (opt.debug)
1731 0 : gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
1732 : #endif
1733 46 : gcry_control (GCRYCTL_TERM_SECMEM );
1734 46 : rc = rc? rc : log_get_errorcount(0)? 2 : 0;
1735 46 : exit (rc);
1736 : }
1737 :
1738 :
1739 : /* This is our callback function for gcrypt progress messages. It is
1740 : set once at startup and dispatches progress messages to the
1741 : corresponding threads of the agent. */
1742 : static void
1743 414 : agent_libgcrypt_progress_cb (void *data, const char *what, int printchar,
1744 : int current, int total)
1745 : {
1746 : struct progress_dispatch_s *dispatch;
1747 414 : npth_t mytid = npth_self ();
1748 :
1749 : (void)data;
1750 :
1751 414 : for (dispatch = progress_dispatch_list; dispatch; dispatch = dispatch->next)
1752 414 : if (dispatch->ctrl && dispatch->tid == mytid)
1753 414 : break;
1754 414 : if (dispatch && dispatch->cb)
1755 414 : dispatch->cb (dispatch->ctrl, what, printchar, current, total);
1756 :
1757 : /* Libgcrypt < 1.8 does not know about nPth and thus when it reads
1758 : * from /dev/random this will block the process. To mitigate this
1759 : * problem we take a short nap when Libgcrypt tells us that it needs
1760 : * more entropy. This way other threads have chance to run. */
1761 : #if GCRYPT_VERSION_NUMBER < 0x010800 /* 1.8.0 */
1762 414 : if (what && !strcmp (what, "need_entropy"))
1763 0 : npth_usleep (100000); /* 100ms */
1764 : #endif
1765 414 : }
1766 :
1767 :
1768 : /* If a progress dispatcher callback has been associated with the
1769 : * current connection unregister it. */
1770 : static void
1771 723 : unregister_progress_cb (void)
1772 : {
1773 : struct progress_dispatch_s *dispatch;
1774 723 : npth_t mytid = npth_self ();
1775 :
1776 738 : for (dispatch = progress_dispatch_list; dispatch; dispatch = dispatch->next)
1777 728 : if (dispatch->ctrl && dispatch->tid == mytid)
1778 713 : break;
1779 723 : if (dispatch)
1780 : {
1781 713 : dispatch->ctrl = NULL;
1782 713 : dispatch->cb = NULL;
1783 : }
1784 723 : }
1785 :
1786 :
1787 : /* Setup a progress callback CB for the current connection. Using a
1788 : * CB of NULL disables the callback. */
1789 : void
1790 759 : agent_set_progress_cb (void (*cb)(ctrl_t ctrl, const char *what,
1791 : int printchar, int current, int total),
1792 : ctrl_t ctrl)
1793 : {
1794 : struct progress_dispatch_s *dispatch, *firstfree;
1795 759 : npth_t mytid = npth_self ();
1796 :
1797 759 : firstfree = NULL;
1798 1477 : for (dispatch = progress_dispatch_list; dispatch; dispatch = dispatch->next)
1799 : {
1800 718 : if (dispatch->ctrl && dispatch->tid == mytid)
1801 0 : break;
1802 718 : if (!dispatch->ctrl && !firstfree)
1803 708 : firstfree = dispatch;
1804 : }
1805 759 : if (!dispatch) /* None allocated: Reuse or allocate a new one. */
1806 : {
1807 759 : if (firstfree)
1808 : {
1809 708 : dispatch = firstfree;
1810 : }
1811 51 : else if ((dispatch = xtrycalloc (1, sizeof *dispatch)))
1812 : {
1813 51 : dispatch->next = progress_dispatch_list;
1814 51 : progress_dispatch_list = dispatch;
1815 : }
1816 : else
1817 : {
1818 0 : log_error ("error allocating new progress dispatcher slot: %s\n",
1819 : gpg_strerror (gpg_error_from_syserror ()));
1820 759 : return;
1821 : }
1822 759 : dispatch->ctrl = ctrl;
1823 759 : dispatch->tid = mytid;
1824 : }
1825 :
1826 759 : dispatch->cb = cb;
1827 : }
1828 :
1829 :
1830 : /* Each thread has its own local variables conveyed by a control
1831 : structure usually identified by an argument named CTRL. This
1832 : function is called immediately after allocating the control
1833 : structure. Its purpose is to setup the default values for that
1834 : structure. Note that some values may have already been set. */
1835 : static void
1836 769 : agent_init_default_ctrl (ctrl_t ctrl)
1837 : {
1838 769 : assert (ctrl->session_env);
1839 :
1840 : /* Note we ignore malloc errors because we can't do much about it
1841 : and the request will fail anyway shortly after this
1842 : initialization. */
1843 769 : session_env_setenv (ctrl->session_env, "DISPLAY", default_display);
1844 769 : session_env_setenv (ctrl->session_env, "GPG_TTY", default_ttyname);
1845 769 : session_env_setenv (ctrl->session_env, "TERM", default_ttytype);
1846 769 : session_env_setenv (ctrl->session_env, "XAUTHORITY", default_xauthority);
1847 769 : session_env_setenv (ctrl->session_env, "PINENTRY_USER_DATA", NULL);
1848 :
1849 769 : if (ctrl->lc_ctype)
1850 0 : xfree (ctrl->lc_ctype);
1851 769 : ctrl->lc_ctype = default_lc_ctype? xtrystrdup (default_lc_ctype) : NULL;
1852 :
1853 769 : if (ctrl->lc_messages)
1854 0 : xfree (ctrl->lc_messages);
1855 1538 : ctrl->lc_messages = default_lc_messages? xtrystrdup (default_lc_messages)
1856 769 : /**/ : NULL;
1857 769 : ctrl->cache_ttl_opt_preset = CACHE_TTL_OPT_PRESET;
1858 769 : }
1859 :
1860 :
1861 : /* Release all resources allocated by default in the control
1862 : structure. This is the counterpart to agent_init_default_ctrl. */
1863 : static void
1864 723 : agent_deinit_default_ctrl (ctrl_t ctrl)
1865 : {
1866 723 : unregister_progress_cb ();
1867 723 : session_env_release (ctrl->session_env);
1868 :
1869 723 : if (ctrl->lc_ctype)
1870 10 : xfree (ctrl->lc_ctype);
1871 723 : if (ctrl->lc_messages)
1872 0 : xfree (ctrl->lc_messages);
1873 723 : }
1874 :
1875 :
1876 : /* Because the ssh protocol does not send us information about the
1877 : current TTY setting, we use this function to use those from startup
1878 : or those explicitly set. This is also used for the restricted mode
1879 : where we ignore requests to change the environment. */
1880 : gpg_error_t
1881 10 : agent_copy_startup_env (ctrl_t ctrl)
1882 : {
1883 : static const char *names[] =
1884 : {"GPG_TTY", "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL};
1885 10 : gpg_error_t err = 0;
1886 : int idx;
1887 : const char *value;
1888 :
1889 60 : for (idx=0; !err && names[idx]; idx++)
1890 50 : if ((value = session_env_getenv (opt.startup_env, names[idx])))
1891 20 : err = session_env_setenv (ctrl->session_env, names[idx], value);
1892 :
1893 10 : if (!err && !ctrl->lc_ctype && opt.startup_lc_ctype)
1894 10 : if (!(ctrl->lc_ctype = xtrystrdup (opt.startup_lc_ctype)))
1895 0 : err = gpg_error_from_syserror ();
1896 :
1897 10 : if (!err && !ctrl->lc_messages && opt.startup_lc_messages)
1898 0 : if (!(ctrl->lc_messages = xtrystrdup (opt.startup_lc_messages)))
1899 0 : err = gpg_error_from_syserror ();
1900 :
1901 10 : if (err)
1902 0 : log_error ("error setting default session environment: %s\n",
1903 : gpg_strerror (err));
1904 :
1905 10 : return err;
1906 : }
1907 :
1908 :
1909 : /* Reread parts of the configuration. Note, that this function is
1910 : obviously not thread-safe and should only be called from the PTH
1911 : signal handler.
1912 :
1913 : Fixme: Due to the way the argument parsing works, we create a
1914 : memory leak here for all string type arguments. There is currently
1915 : no clean way to tell whether the memory for the argument has been
1916 : allocated or points into the process' original arguments. Unless
1917 : we have a mechanism to tell this, we need to live on with this. */
1918 : static void
1919 0 : reread_configuration (void)
1920 : {
1921 : ARGPARSE_ARGS pargs;
1922 : FILE *fp;
1923 0 : unsigned int configlineno = 0;
1924 : int dummy;
1925 :
1926 0 : if (!config_filename)
1927 0 : return; /* No config file. */
1928 :
1929 0 : fp = fopen (config_filename, "r");
1930 0 : if (!fp)
1931 : {
1932 0 : log_info (_("option file '%s': %s\n"),
1933 0 : config_filename, strerror(errno) );
1934 0 : return;
1935 : }
1936 :
1937 0 : parse_rereadable_options (NULL, 1); /* Start from the default values. */
1938 :
1939 0 : memset (&pargs, 0, sizeof pargs);
1940 0 : dummy = 0;
1941 0 : pargs.argc = &dummy;
1942 0 : pargs.flags = 1; /* do not remove the args */
1943 0 : while (optfile_parse (fp, config_filename, &configlineno, &pargs, opts) )
1944 : {
1945 0 : if (pargs.r_opt < -1)
1946 0 : pargs.err = 1; /* Print a warning. */
1947 : else /* Try to parse this option - ignore unchangeable ones. */
1948 0 : parse_rereadable_options (&pargs, 1);
1949 : }
1950 0 : fclose (fp);
1951 0 : finalize_rereadable_options ();
1952 0 : set_debug ();
1953 : }
1954 :
1955 :
1956 : /* Return the file name of the socket we are using for native
1957 : requests. */
1958 : const char *
1959 13 : get_agent_socket_name (void)
1960 : {
1961 13 : const char *s = socket_name;
1962 :
1963 13 : return (s && *s)? s : NULL;
1964 : }
1965 :
1966 : /* Return the file name of the socket we are using for SSH
1967 : requests. */
1968 : const char *
1969 0 : get_agent_ssh_socket_name (void)
1970 : {
1971 0 : const char *s = socket_name_ssh;
1972 :
1973 0 : return (s && *s)? s : NULL;
1974 : }
1975 :
1976 :
1977 : /* Return the number of active connections. */
1978 : int
1979 0 : get_agent_active_connection_count (void)
1980 : {
1981 0 : return active_connections;
1982 : }
1983 :
1984 :
1985 : /* Under W32, this function returns the handle of the scdaemon
1986 : notification event. Calling it the first time creates that
1987 : event. */
1988 : #if defined(HAVE_W32_SYSTEM) && !defined(HAVE_W32CE_SYSTEM)
1989 : void *
1990 : get_agent_scd_notify_event (void)
1991 : {
1992 : static HANDLE the_event = INVALID_HANDLE_VALUE;
1993 :
1994 : if (the_event == INVALID_HANDLE_VALUE)
1995 : {
1996 : HANDLE h, h2;
1997 : SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE};
1998 :
1999 : /* We need to use a manual reset event object due to the way our
2000 : w32-pth wait function works: If we would use an automatic
2001 : reset event we are not able to figure out which handle has
2002 : been signaled because at the time we single out the signaled
2003 : handles using WFSO the event has already been reset due to
2004 : the WFMO. */
2005 : h = CreateEvent (&sa, TRUE, FALSE, NULL);
2006 : if (!h)
2007 : log_error ("can't create scd notify event: %s\n", w32_strerror (-1) );
2008 : else if (!DuplicateHandle (GetCurrentProcess(), h,
2009 : GetCurrentProcess(), &h2,
2010 : EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
2011 : {
2012 : log_error ("setting syncronize for scd notify event failed: %s\n",
2013 : w32_strerror (-1) );
2014 : CloseHandle (h);
2015 : }
2016 : else
2017 : {
2018 : CloseHandle (h);
2019 : the_event = h2;
2020 : }
2021 : }
2022 :
2023 : return the_event;
2024 : }
2025 : #endif /*HAVE_W32_SYSTEM && !HAVE_W32CE_SYSTEM*/
2026 :
2027 :
2028 :
2029 : /* Create a name for the socket in the home directory as using
2030 : STANDARD_NAME. We also check for valid characters as well as
2031 : against a maximum allowed length for a unix domain socket is done.
2032 : The function terminates the process in case of an error. Returns:
2033 : Pointer to an allocated string with the absolute name of the socket
2034 : used. */
2035 : static char *
2036 200 : create_socket_name (char *standard_name, int with_homedir)
2037 : {
2038 : char *name;
2039 :
2040 200 : if (with_homedir)
2041 200 : name = make_filename (gnupg_socketdir (), standard_name, NULL);
2042 : else
2043 0 : name = make_filename (standard_name, NULL);
2044 200 : if (strchr (name, PATHSEP_C))
2045 : {
2046 0 : log_error (("'%s' are not allowed in the socket name\n"), PATHSEP_S);
2047 0 : agent_exit (2);
2048 : }
2049 200 : return name;
2050 : }
2051 :
2052 :
2053 :
2054 : /* Create a Unix domain socket with NAME. Returns the file descriptor
2055 : or terminates the process in case of an error. Note that this
2056 : function needs to be used for the regular socket first (indicated
2057 : by PRIMARY) and only then for the extra and the ssh sockets. If
2058 : the socket has been redirected the name of the real socket is
2059 : stored as a malloced string at R_REDIR_NAME. If CYGWIN is set a
2060 : Cygwin compatible socket is created (Windows only). */
2061 : static gnupg_fd_t
2062 200 : create_server_socket (char *name, int primary, int cygwin,
2063 : char **r_redir_name, assuan_sock_nonce_t *nonce)
2064 : {
2065 : struct sockaddr *addr;
2066 : struct sockaddr_un *unaddr;
2067 : socklen_t len;
2068 : gnupg_fd_t fd;
2069 : int rc;
2070 :
2071 200 : xfree (*r_redir_name);
2072 200 : *r_redir_name = NULL;
2073 :
2074 200 : fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
2075 200 : if (fd == ASSUAN_INVALID_FD)
2076 : {
2077 0 : log_error (_("can't create socket: %s\n"), strerror (errno));
2078 0 : *name = 0; /* Inhibit removal of the socket by cleanup(). */
2079 0 : agent_exit (2);
2080 : }
2081 :
2082 200 : if (cygwin)
2083 50 : assuan_sock_set_flag (fd, "cygwin", 1);
2084 :
2085 200 : unaddr = xmalloc (sizeof *unaddr);
2086 200 : addr = (struct sockaddr*)unaddr;
2087 :
2088 : {
2089 : int redirected;
2090 :
2091 200 : if (assuan_sock_set_sockaddr_un (name, addr, &redirected))
2092 : {
2093 0 : if (errno == ENAMETOOLONG)
2094 0 : log_error (_("socket name '%s' is too long\n"), name);
2095 : else
2096 0 : log_error ("error preparing socket '%s': %s\n",
2097 : name, gpg_strerror (gpg_error_from_syserror ()));
2098 0 : *name = 0; /* Inhibit removal of the socket by cleanup(). */
2099 0 : agent_exit (2);
2100 : }
2101 200 : if (redirected)
2102 : {
2103 0 : *r_redir_name = xstrdup (unaddr->sun_path);
2104 0 : if (opt.verbose)
2105 0 : log_info ("redirecting socket '%s' to '%s'\n", name, *r_redir_name);
2106 : }
2107 : }
2108 :
2109 200 : len = SUN_LEN (unaddr);
2110 200 : rc = assuan_sock_bind (fd, addr, len);
2111 :
2112 : /* Our error code mapping on W32CE returns EEXIST thus we also test
2113 : for this. */
2114 200 : if (rc == -1
2115 0 : && (errno == EADDRINUSE
2116 : #ifdef HAVE_W32_SYSTEM
2117 : || errno == EEXIST
2118 : #endif
2119 : ))
2120 : {
2121 : /* Check whether a gpg-agent is already running. We do this
2122 : test only if this is the primary socket. For secondary
2123 : sockets we assume that a test for gpg-agent has already been
2124 : done and reuse the requested socket. Testing the ssh-socket
2125 : is not possible because at this point, though we know the new
2126 : Assuan socket, the Assuan server and thus the ssh-agent
2127 : server is not yet operational; this would lead to a hang. */
2128 0 : if (primary && !check_for_running_agent (1))
2129 : {
2130 0 : log_set_prefix (NULL, GPGRT_LOG_WITH_PREFIX);
2131 0 : log_set_file (NULL);
2132 0 : log_error (_("a gpg-agent is already running - "
2133 : "not starting a new one\n"));
2134 0 : *name = 0; /* Inhibit removal of the socket by cleanup(). */
2135 0 : assuan_sock_close (fd);
2136 0 : agent_exit (2);
2137 : }
2138 0 : gnupg_remove (unaddr->sun_path);
2139 0 : rc = assuan_sock_bind (fd, addr, len);
2140 : }
2141 200 : if (rc != -1 && (rc=assuan_sock_get_nonce (addr, len, nonce)))
2142 0 : log_error (_("error getting nonce for the socket\n"));
2143 200 : if (rc == -1)
2144 : {
2145 : /* We use gpg_strerror here because it allows us to get strings
2146 : for some W32 socket error codes. */
2147 0 : log_error (_("error binding socket to '%s': %s\n"),
2148 0 : unaddr->sun_path,
2149 : gpg_strerror (gpg_error_from_syserror ()));
2150 :
2151 0 : assuan_sock_close (fd);
2152 0 : *name = 0; /* Inhibit removal of the socket by cleanup(). */
2153 0 : agent_exit (2);
2154 : }
2155 :
2156 200 : if (gnupg_chmod (unaddr->sun_path, "-rwx"))
2157 0 : log_error (_("can't set permissions of '%s': %s\n"),
2158 0 : unaddr->sun_path, strerror (errno));
2159 :
2160 200 : if (listen (FD2INT(fd), 5 ) == -1)
2161 : {
2162 0 : log_error (_("listen() failed: %s\n"), strerror (errno));
2163 0 : *name = 0; /* Inhibit removal of the socket by cleanup(). */
2164 0 : assuan_sock_close (fd);
2165 0 : agent_exit (2);
2166 : }
2167 :
2168 200 : if (opt.verbose)
2169 0 : log_info (_("listening on socket '%s'\n"), unaddr->sun_path);
2170 :
2171 200 : return fd;
2172 : }
2173 :
2174 :
2175 : /* Check that the directory for storing the private keys exists and
2176 : create it if not. This function won't fail as it is only a
2177 : convenience function and not strictly necessary. */
2178 : static void
2179 50 : create_private_keys_directory (const char *home)
2180 : {
2181 : char *fname;
2182 : struct stat statbuf;
2183 :
2184 50 : fname = make_filename (home, GNUPG_PRIVATE_KEYS_DIR, NULL);
2185 50 : if (stat (fname, &statbuf) && errno == ENOENT)
2186 : {
2187 14 : if (gnupg_mkdir (fname, "-rwx"))
2188 0 : log_error (_("can't create directory '%s': %s\n"),
2189 0 : fname, strerror (errno) );
2190 14 : else if (!opt.quiet)
2191 14 : log_info (_("directory '%s' created\n"), fname);
2192 : }
2193 50 : if (gnupg_chmod (fname, "-rwx"))
2194 0 : log_error (_("can't set permissions of '%s': %s\n"),
2195 0 : fname, strerror (errno));
2196 50 : xfree (fname);
2197 50 : }
2198 :
2199 :
2200 : /* Create the directory only if the supplied directory name is the
2201 : same as the default one. This way we avoid to create arbitrary
2202 : directories when a non-default home directory is used. To cope
2203 : with HOME, we compare only the suffix if we see that the default
2204 : homedir does start with a tilde. We don't stop here in case of
2205 : problems because other functions will throw an error anyway.*/
2206 : static void
2207 50 : create_directories (void)
2208 : {
2209 : struct stat statbuf;
2210 50 : const char *defhome = standard_homedir ();
2211 : char *home;
2212 :
2213 50 : home = make_filename (gnupg_homedir (), NULL);
2214 50 : if ( stat (home, &statbuf) )
2215 : {
2216 0 : if (errno == ENOENT)
2217 : {
2218 0 : if (
2219 : #ifdef HAVE_W32_SYSTEM
2220 : ( !compare_filenames (home, defhome) )
2221 : #else
2222 0 : (*defhome == '~'
2223 0 : && (strlen (home) >= strlen (defhome+1)
2224 0 : && !strcmp (home + strlen(home)
2225 0 : - strlen (defhome+1), defhome+1)))
2226 0 : || (*defhome != '~' && !strcmp (home, defhome) )
2227 : #endif
2228 : )
2229 : {
2230 0 : if (gnupg_mkdir (home, "-rwx"))
2231 0 : log_error (_("can't create directory '%s': %s\n"),
2232 0 : home, strerror (errno) );
2233 : else
2234 : {
2235 0 : if (!opt.quiet)
2236 0 : log_info (_("directory '%s' created\n"), home);
2237 0 : create_private_keys_directory (home);
2238 : }
2239 : }
2240 : }
2241 : else
2242 0 : log_error (_("stat() failed for '%s': %s\n"), home, strerror (errno));
2243 : }
2244 50 : else if ( !S_ISDIR(statbuf.st_mode))
2245 : {
2246 0 : log_error (_("can't use '%s' as home directory\n"), home);
2247 : }
2248 : else /* exists and is a directory. */
2249 : {
2250 50 : create_private_keys_directory (home);
2251 : }
2252 50 : xfree (home);
2253 50 : }
2254 :
2255 :
2256 :
2257 : /* This is the worker for the ticker. It is called every few seconds
2258 : and may only do fast operations. */
2259 : static void
2260 22 : handle_tick (void)
2261 : {
2262 : static time_t last_minute;
2263 :
2264 22 : if (!last_minute)
2265 11 : last_minute = time (NULL);
2266 :
2267 : /* Check whether the scdaemon has died and cleanup in this case. */
2268 22 : agent_scd_check_aliveness ();
2269 :
2270 : /* If we are running as a child of another process, check whether
2271 : the parent is still alive and shutdown if not. */
2272 : #ifndef HAVE_W32_SYSTEM
2273 22 : if (parent_pid != (pid_t)(-1))
2274 : {
2275 0 : if (kill (parent_pid, 0))
2276 : {
2277 0 : shutdown_pending = 2;
2278 0 : log_info ("parent process died - shutting down\n");
2279 0 : log_info ("%s %s stopped\n", strusage(11), strusage(13) );
2280 0 : cleanup ();
2281 0 : agent_exit (0);
2282 : }
2283 : }
2284 : #endif /*HAVE_W32_SYSTEM*/
2285 :
2286 : /* Code to be run from time to time. */
2287 : #if CHECK_OWN_SOCKET_INTERVAL > 0
2288 22 : if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL))
2289 : {
2290 0 : check_own_socket ();
2291 0 : last_minute = time (NULL);
2292 : }
2293 : #endif
2294 :
2295 22 : }
2296 :
2297 :
2298 : /* A global function which allows us to call the reload stuff from
2299 : other places too. This is only used when build for W32. */
2300 : void
2301 0 : agent_sighup_action (void)
2302 : {
2303 0 : log_info ("SIGHUP received - "
2304 : "re-reading configuration and flushing cache\n");
2305 :
2306 0 : agent_flush_cache ();
2307 0 : reread_configuration ();
2308 0 : agent_reload_trustlist ();
2309 : /* We flush the module name cache so that after installing a
2310 : "pinentry" binary that one can be used in case the
2311 : "pinentry-basic" fallback was in use. */
2312 0 : gnupg_module_name_flush_some ();
2313 0 : }
2314 :
2315 :
2316 : /* A helper function to handle SIGUSR2. */
2317 : static void
2318 0 : agent_sigusr2_action (void)
2319 : {
2320 0 : if (opt.verbose)
2321 0 : log_info ("SIGUSR2 received - updating card event counter\n");
2322 : /* Nothing to check right now. We only increment a counter. */
2323 0 : bump_card_eventcounter ();
2324 0 : }
2325 :
2326 :
2327 : #ifndef HAVE_W32_SYSTEM
2328 : /* The signal handler for this program. It is expected to be run in
2329 : its own trhead and not in the context of a signal handler. */
2330 : static void
2331 0 : handle_signal (int signo)
2332 : {
2333 0 : switch (signo)
2334 : {
2335 : #ifndef HAVE_W32_SYSTEM
2336 : case SIGHUP:
2337 0 : agent_sighup_action ();
2338 0 : break;
2339 :
2340 : case SIGUSR1:
2341 0 : log_info ("SIGUSR1 received - printing internal information:\n");
2342 : /* Fixme: We need to see how to integrate pth dumping into our
2343 : logging system. */
2344 : /* pth_ctrl (PTH_CTRL_DUMPSTATE, log_get_stream ()); */
2345 0 : agent_query_dump_state ();
2346 0 : agent_scd_dump_state ();
2347 0 : break;
2348 :
2349 : case SIGUSR2:
2350 0 : agent_sigusr2_action ();
2351 0 : break;
2352 :
2353 : case SIGTERM:
2354 0 : if (!shutdown_pending)
2355 0 : log_info ("SIGTERM received - shutting down ...\n");
2356 : else
2357 0 : log_info ("SIGTERM received - still %i open connections\n",
2358 : active_connections);
2359 0 : shutdown_pending++;
2360 0 : if (shutdown_pending > 2)
2361 : {
2362 0 : log_info ("shutdown forced\n");
2363 0 : log_info ("%s %s stopped\n", strusage(11), strusage(13) );
2364 0 : cleanup ();
2365 0 : agent_exit (0);
2366 : }
2367 0 : break;
2368 :
2369 : case SIGINT:
2370 0 : log_info ("SIGINT received - immediate shutdown\n");
2371 0 : log_info( "%s %s stopped\n", strusage(11), strusage(13));
2372 0 : cleanup ();
2373 0 : agent_exit (0);
2374 : break;
2375 : #endif
2376 : default:
2377 0 : log_info ("signal %d received - no action defined\n", signo);
2378 : }
2379 0 : }
2380 : #endif
2381 :
2382 : /* Check the nonce on a new connection. This is a NOP unless we we
2383 : are using our Unix domain socket emulation under Windows. */
2384 : static int
2385 769 : check_nonce (ctrl_t ctrl, assuan_sock_nonce_t *nonce)
2386 : {
2387 769 : if (assuan_sock_check_nonce (ctrl->thread_startup.fd, nonce))
2388 : {
2389 0 : log_info (_("error reading nonce on fd %d: %s\n"),
2390 0 : FD2INT(ctrl->thread_startup.fd), strerror (errno));
2391 0 : assuan_sock_close (ctrl->thread_startup.fd);
2392 0 : xfree (ctrl);
2393 0 : return -1;
2394 : }
2395 : else
2396 769 : return 0;
2397 : }
2398 :
2399 :
2400 : #ifdef HAVE_W32_SYSTEM
2401 : /* The window message processing function for Putty. Warning: This
2402 : code runs as a native Windows thread. Use of our own functions
2403 : needs to be bracket with pth_leave/pth_enter. */
2404 : static LRESULT CALLBACK
2405 : putty_message_proc (HWND hwnd, UINT msg, WPARAM wparam, LPARAM lparam)
2406 : {
2407 : int ret = 0;
2408 : int w32rc;
2409 : COPYDATASTRUCT *cds;
2410 : const char *mapfile;
2411 : HANDLE maphd;
2412 : PSID mysid = NULL;
2413 : PSID mapsid = NULL;
2414 : void *data = NULL;
2415 : PSECURITY_DESCRIPTOR psd = NULL;
2416 : ctrl_t ctrl = NULL;
2417 :
2418 : if (msg != WM_COPYDATA)
2419 : {
2420 : return DefWindowProc (hwnd, msg, wparam, lparam);
2421 : }
2422 :
2423 : cds = (COPYDATASTRUCT*)lparam;
2424 : if (cds->dwData != PUTTY_IPC_MAGIC)
2425 : return 0; /* Ignore data with the wrong magic. */
2426 : mapfile = cds->lpData;
2427 : if (!cds->cbData || mapfile[cds->cbData - 1])
2428 : return 0; /* Ignore empty and non-properly terminated strings. */
2429 :
2430 : if (DBG_IPC)
2431 : {
2432 : npth_protect ();
2433 : log_debug ("ssh map file '%s'", mapfile);
2434 : npth_unprotect ();
2435 : }
2436 :
2437 : maphd = OpenFileMapping (FILE_MAP_ALL_ACCESS, FALSE, mapfile);
2438 : if (DBG_IPC)
2439 : {
2440 : npth_protect ();
2441 : log_debug ("ssh map handle %p\n", maphd);
2442 : npth_unprotect ();
2443 : }
2444 :
2445 : if (!maphd || maphd == INVALID_HANDLE_VALUE)
2446 : return 0;
2447 :
2448 : npth_protect ();
2449 :
2450 : mysid = w32_get_user_sid ();
2451 : if (!mysid)
2452 : {
2453 : log_error ("error getting my sid\n");
2454 : goto leave;
2455 : }
2456 :
2457 : w32rc = GetSecurityInfo (maphd, SE_KERNEL_OBJECT,
2458 : OWNER_SECURITY_INFORMATION,
2459 : &mapsid, NULL, NULL, NULL,
2460 : &psd);
2461 : if (w32rc)
2462 : {
2463 : log_error ("error getting sid of ssh map file: rc=%d", w32rc);
2464 : goto leave;
2465 : }
2466 :
2467 : if (DBG_IPC)
2468 : {
2469 : char *sidstr;
2470 :
2471 : if (!ConvertSidToStringSid (mysid, &sidstr))
2472 : sidstr = NULL;
2473 : log_debug (" my sid: '%s'", sidstr? sidstr: "[error]");
2474 : LocalFree (sidstr);
2475 : if (!ConvertSidToStringSid (mapsid, &sidstr))
2476 : sidstr = NULL;
2477 : log_debug ("ssh map file sid: '%s'", sidstr? sidstr: "[error]");
2478 : LocalFree (sidstr);
2479 : }
2480 :
2481 : if (!EqualSid (mysid, mapsid))
2482 : {
2483 : log_error ("ssh map file has a non-matching sid\n");
2484 : goto leave;
2485 : }
2486 :
2487 : data = MapViewOfFile (maphd, FILE_MAP_ALL_ACCESS, 0, 0, 0);
2488 : if (DBG_IPC)
2489 : log_debug ("ssh IPC buffer at %p\n", data);
2490 : if (!data)
2491 : goto leave;
2492 :
2493 : /* log_printhex ("request:", data, 20); */
2494 :
2495 : ctrl = xtrycalloc (1, sizeof *ctrl);
2496 : if (!ctrl)
2497 : {
2498 : log_error ("error allocating connection control data: %s\n",
2499 : strerror (errno) );
2500 : goto leave;
2501 : }
2502 : ctrl->session_env = session_env_new ();
2503 : if (!ctrl->session_env)
2504 : {
2505 : log_error ("error allocating session environment block: %s\n",
2506 : strerror (errno) );
2507 : goto leave;
2508 : }
2509 :
2510 : agent_init_default_ctrl (ctrl);
2511 : if (!serve_mmapped_ssh_request (ctrl, data, PUTTY_IPC_MAXLEN))
2512 : ret = 1; /* Valid ssh message has been constructed. */
2513 : agent_deinit_default_ctrl (ctrl);
2514 : /* log_printhex (" reply:", data, 20); */
2515 :
2516 : leave:
2517 : xfree (ctrl);
2518 : if (data)
2519 : UnmapViewOfFile (data);
2520 : xfree (mapsid);
2521 : if (psd)
2522 : LocalFree (psd);
2523 : xfree (mysid);
2524 : CloseHandle (maphd);
2525 :
2526 : npth_unprotect ();
2527 :
2528 : return ret;
2529 : }
2530 : #endif /*HAVE_W32_SYSTEM*/
2531 :
2532 :
2533 : #ifdef HAVE_W32_SYSTEM
2534 : /* The thread handling Putty's IPC requests. */
2535 : static void *
2536 : putty_message_thread (void *arg)
2537 : {
2538 : WNDCLASS wndwclass = {0, putty_message_proc, 0, 0,
2539 : NULL, NULL, NULL, NULL, NULL, "Pageant"};
2540 : HWND hwnd;
2541 : MSG msg;
2542 :
2543 : (void)arg;
2544 :
2545 : if (opt.verbose)
2546 : log_info ("putty message loop thread started\n");
2547 :
2548 : /* The message loop runs as thread independent from our nPth system.
2549 : This also means that we need to make sure that we switch back to
2550 : our system before calling any no-windows function. */
2551 : npth_unprotect ();
2552 :
2553 : /* First create a window to make sure that a message queue exists
2554 : for this thread. */
2555 : if (!RegisterClass (&wndwclass))
2556 : {
2557 : npth_protect ();
2558 : log_error ("error registering Pageant window class");
2559 : return NULL;
2560 : }
2561 : hwnd = CreateWindowEx (0, "Pageant", "Pageant", 0,
2562 : 0, 0, 0, 0,
2563 : HWND_MESSAGE, /* hWndParent */
2564 : NULL, /* hWndMenu */
2565 : NULL, /* hInstance */
2566 : NULL); /* lpParm */
2567 : if (!hwnd)
2568 : {
2569 : npth_protect ();
2570 : log_error ("error creating Pageant window");
2571 : return NULL;
2572 : }
2573 :
2574 : while (GetMessage(&msg, NULL, 0, 0))
2575 : {
2576 : TranslateMessage(&msg);
2577 : DispatchMessage(&msg);
2578 : }
2579 :
2580 : /* Back to nPth. */
2581 : npth_protect ();
2582 :
2583 : if (opt.verbose)
2584 : log_info ("putty message loop thread stopped\n");
2585 : return NULL;
2586 : }
2587 : #endif /*HAVE_W32_SYSTEM*/
2588 :
2589 :
2590 : static void *
2591 759 : do_start_connection_thread (ctrl_t ctrl)
2592 : {
2593 759 : active_connections++;
2594 759 : agent_init_default_ctrl (ctrl);
2595 759 : if (opt.verbose && !DBG_IPC)
2596 0 : log_info (_("handler 0x%lx for fd %d started\n"),
2597 : (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
2598 :
2599 759 : start_command_handler (ctrl, GNUPG_INVALID_FD, ctrl->thread_startup.fd);
2600 713 : if (opt.verbose && !DBG_IPC)
2601 0 : log_info (_("handler 0x%lx for fd %d terminated\n"),
2602 : (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
2603 :
2604 713 : agent_deinit_default_ctrl (ctrl);
2605 713 : xfree (ctrl);
2606 713 : active_connections--;
2607 713 : return NULL;
2608 : }
2609 :
2610 :
2611 : /* This is the standard connection thread's main function. */
2612 : static void *
2613 759 : start_connection_thread_std (void *arg)
2614 : {
2615 759 : ctrl_t ctrl = arg;
2616 :
2617 759 : if (check_nonce (ctrl, &socket_nonce))
2618 : {
2619 0 : log_error ("handler 0x%lx nonce check FAILED\n",
2620 : (unsigned long) npth_self());
2621 0 : return NULL;
2622 : }
2623 :
2624 759 : return do_start_connection_thread (ctrl);
2625 : }
2626 :
2627 :
2628 : /* This is the extra socket connection thread's main function. */
2629 : static void *
2630 0 : start_connection_thread_extra (void *arg)
2631 : {
2632 0 : ctrl_t ctrl = arg;
2633 :
2634 0 : if (check_nonce (ctrl, &socket_nonce_extra))
2635 : {
2636 0 : log_error ("handler 0x%lx nonce check FAILED\n",
2637 : (unsigned long) npth_self());
2638 0 : return NULL;
2639 : }
2640 :
2641 0 : ctrl->restricted = 1;
2642 0 : return do_start_connection_thread (ctrl);
2643 : }
2644 :
2645 :
2646 : /* This is the browser socket connection thread's main function. */
2647 : static void *
2648 0 : start_connection_thread_browser (void *arg)
2649 : {
2650 0 : ctrl_t ctrl = arg;
2651 :
2652 0 : if (check_nonce (ctrl, &socket_nonce_browser))
2653 : {
2654 0 : log_error ("handler 0x%lx nonce check FAILED\n",
2655 : (unsigned long) npth_self());
2656 0 : return NULL;
2657 : }
2658 :
2659 0 : ctrl->restricted = 2;
2660 0 : return do_start_connection_thread (ctrl);
2661 : }
2662 :
2663 :
2664 : /* This is the ssh connection thread's main function. */
2665 : static void *
2666 10 : start_connection_thread_ssh (void *arg)
2667 : {
2668 10 : ctrl_t ctrl = arg;
2669 :
2670 10 : if (check_nonce (ctrl, &socket_nonce_ssh))
2671 0 : return NULL;
2672 :
2673 10 : active_connections++;
2674 10 : agent_init_default_ctrl (ctrl);
2675 10 : if (opt.verbose)
2676 0 : log_info (_("ssh handler 0x%lx for fd %d started\n"),
2677 : (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
2678 :
2679 10 : start_command_handler_ssh (ctrl, ctrl->thread_startup.fd);
2680 10 : if (opt.verbose)
2681 0 : log_info (_("ssh handler 0x%lx for fd %d terminated\n"),
2682 : (unsigned long) npth_self(), FD2INT(ctrl->thread_startup.fd));
2683 :
2684 10 : agent_deinit_default_ctrl (ctrl);
2685 10 : xfree (ctrl);
2686 10 : active_connections--;
2687 10 : return NULL;
2688 : }
2689 :
2690 :
2691 : /* Connection handler loop. Wait for connection requests and spawn a
2692 : thread after accepting a connection. */
2693 : static void
2694 50 : handle_connections (gnupg_fd_t listen_fd,
2695 : gnupg_fd_t listen_fd_extra,
2696 : gnupg_fd_t listen_fd_browser,
2697 : gnupg_fd_t listen_fd_ssh)
2698 : {
2699 : gpg_error_t err;
2700 : npth_attr_t tattr;
2701 : struct sockaddr_un paddr;
2702 : socklen_t plen;
2703 : fd_set fdset, read_fdset;
2704 : int ret;
2705 : gnupg_fd_t fd;
2706 : int nfd;
2707 : int saved_errno;
2708 : struct timespec abstime;
2709 : struct timespec curtime;
2710 : struct timespec timeout;
2711 : #ifdef HAVE_W32_SYSTEM
2712 : HANDLE events[2];
2713 : unsigned int events_set;
2714 : #endif
2715 50 : int my_inotify_fd = -1;
2716 : struct {
2717 : const char *name;
2718 : void *(*func) (void *arg);
2719 : gnupg_fd_t l_fd;
2720 50 : } listentbl[] = {
2721 : { "std", start_connection_thread_std },
2722 : { "extra", start_connection_thread_extra },
2723 : { "browser", start_connection_thread_browser },
2724 : { "ssh", start_connection_thread_ssh }
2725 : };
2726 :
2727 :
2728 50 : ret = npth_attr_init(&tattr);
2729 50 : if (ret)
2730 0 : log_fatal ("error allocating thread attributes: %s\n",
2731 : strerror (ret));
2732 50 : npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
2733 :
2734 : #ifndef HAVE_W32_SYSTEM
2735 50 : npth_sigev_init ();
2736 50 : npth_sigev_add (SIGHUP);
2737 50 : npth_sigev_add (SIGUSR1);
2738 50 : npth_sigev_add (SIGUSR2);
2739 50 : npth_sigev_add (SIGINT);
2740 50 : npth_sigev_add (SIGTERM);
2741 50 : npth_sigev_fini ();
2742 : #else
2743 : # ifdef HAVE_W32CE_SYSTEM
2744 : /* Use a dummy event. */
2745 : sigs = 0;
2746 : ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
2747 : # else
2748 : events[0] = get_agent_scd_notify_event ();
2749 : events[1] = INVALID_HANDLE_VALUE;
2750 : # endif
2751 : #endif
2752 :
2753 50 : if (disable_check_own_socket)
2754 0 : my_inotify_fd = -1;
2755 50 : else if ((err = gnupg_inotify_watch_socket (&my_inotify_fd, socket_name)))
2756 : {
2757 0 : if (gpg_err_code (err) != GPG_ERR_NOT_SUPPORTED)
2758 0 : log_info ("error enabling fast daemon termination: %s\n",
2759 : gpg_strerror (err));
2760 : }
2761 :
2762 : /* On Windows we need to fire up a separate thread to listen for
2763 : requests from Putty (an SSH client), so we can replace Putty's
2764 : Pageant (its ssh-agent implementation). */
2765 : #ifdef HAVE_W32_SYSTEM
2766 : if (putty_support)
2767 : {
2768 : npth_t thread;
2769 :
2770 : ret = npth_create (&thread, &tattr, putty_message_thread, NULL);
2771 : if (ret)
2772 : {
2773 : log_error ("error spawning putty message loop: %s\n", strerror (ret));
2774 : }
2775 : }
2776 : #endif /*HAVE_W32_SYSTEM*/
2777 :
2778 : /* Set a flag to tell call-scd.c that it may enable event
2779 : notifications. */
2780 50 : opt.sigusr2_enabled = 1;
2781 :
2782 50 : FD_ZERO (&fdset);
2783 50 : FD_SET (FD2INT (listen_fd), &fdset);
2784 50 : nfd = FD2INT (listen_fd);
2785 50 : if (listen_fd_extra != GNUPG_INVALID_FD)
2786 : {
2787 50 : FD_SET ( FD2INT(listen_fd_extra), &fdset);
2788 50 : if (FD2INT (listen_fd_extra) > nfd)
2789 50 : nfd = FD2INT (listen_fd_extra);
2790 : }
2791 50 : if (listen_fd_browser != GNUPG_INVALID_FD)
2792 : {
2793 50 : FD_SET ( FD2INT(listen_fd_browser), &fdset);
2794 50 : if (FD2INT (listen_fd_browser) > nfd)
2795 50 : nfd = FD2INT (listen_fd_browser);
2796 : }
2797 50 : if (listen_fd_ssh != GNUPG_INVALID_FD)
2798 : {
2799 50 : FD_SET ( FD2INT(listen_fd_ssh), &fdset);
2800 50 : if (FD2INT (listen_fd_ssh) > nfd)
2801 50 : nfd = FD2INT (listen_fd_ssh);
2802 : }
2803 50 : if (my_inotify_fd != -1)
2804 : {
2805 50 : FD_SET (my_inotify_fd, &fdset);
2806 50 : if (my_inotify_fd > nfd)
2807 50 : nfd = my_inotify_fd;
2808 : }
2809 :
2810 50 : listentbl[0].l_fd = listen_fd;
2811 50 : listentbl[1].l_fd = listen_fd_extra;
2812 50 : listentbl[2].l_fd = listen_fd_browser;
2813 50 : listentbl[3].l_fd = listen_fd_ssh;
2814 :
2815 50 : npth_clock_gettime (&abstime);
2816 50 : abstime.tv_sec += TIMERTICK_INTERVAL;
2817 :
2818 : for (;;)
2819 : {
2820 : /* Shutdown test. */
2821 919 : if (shutdown_pending)
2822 : {
2823 4 : if (active_connections == 0)
2824 4 : break; /* ready */
2825 :
2826 : /* Do not accept new connections but keep on running the
2827 : loop to cope with the timer events. */
2828 0 : FD_ZERO (&fdset);
2829 : }
2830 :
2831 : /* POSIX says that fd_set should be implemented as a structure,
2832 : thus a simple assignment is fine to copy the entire set. */
2833 915 : read_fdset = fdset;
2834 :
2835 915 : npth_clock_gettime (&curtime);
2836 915 : if (!(npth_timercmp (&curtime, &abstime, <)))
2837 : {
2838 : /* Timeout. */
2839 22 : handle_tick ();
2840 22 : npth_clock_gettime (&abstime);
2841 22 : abstime.tv_sec += TIMERTICK_INTERVAL;
2842 : }
2843 915 : npth_timersub (&abstime, &curtime, &timeout);
2844 :
2845 : #ifndef HAVE_W32_SYSTEM
2846 915 : ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
2847 915 : npth_sigev_sigmask ());
2848 869 : saved_errno = errno;
2849 :
2850 : {
2851 : int signo;
2852 1738 : while (npth_sigev_get_pending (&signo))
2853 0 : handle_signal (signo);
2854 : }
2855 : #else
2856 : ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
2857 : events, &events_set);
2858 : saved_errno = errno;
2859 :
2860 : /* This is valid even if npth_eselect returns an error. */
2861 : if (events_set & 1)
2862 : agent_sigusr2_action ();
2863 : #endif
2864 :
2865 869 : if (ret == -1 && saved_errno != EINTR)
2866 : {
2867 0 : log_error (_("npth_pselect failed: %s - waiting 1s\n"),
2868 : strerror (saved_errno));
2869 0 : npth_sleep (1);
2870 0 : continue;
2871 : }
2872 869 : if (ret <= 0)
2873 : /* Interrupt or timeout. Will be handled when calculating the
2874 : next timeout. */
2875 22 : continue;
2876 :
2877 847 : if (!shutdown_pending)
2878 : {
2879 : int idx;
2880 : ctrl_t ctrl;
2881 : npth_t thread;
2882 :
2883 847 : if (my_inotify_fd != -1
2884 847 : && FD_ISSET (my_inotify_fd, &read_fdset)
2885 78 : && gnupg_inotify_has_name (my_inotify_fd, GPG_AGENT_SOCK_NAME))
2886 : {
2887 4 : shutdown_pending = 1;
2888 4 : log_info ("socket file has been removed - shutting down\n");
2889 : }
2890 :
2891 4235 : for (idx=0; idx < DIM(listentbl); idx++)
2892 : {
2893 3388 : if (listentbl[idx].l_fd == GNUPG_INVALID_FD)
2894 0 : continue;
2895 3388 : if (!FD_ISSET (FD2INT (listentbl[idx].l_fd), &read_fdset))
2896 2619 : continue;
2897 :
2898 769 : plen = sizeof paddr;
2899 769 : fd = INT2FD (npth_accept (FD2INT(listentbl[idx].l_fd),
2900 : (struct sockaddr *)&paddr, &plen));
2901 769 : if (fd == GNUPG_INVALID_FD)
2902 : {
2903 0 : log_error ("accept failed for %s: %s\n",
2904 0 : listentbl[idx].name, strerror (errno));
2905 : }
2906 769 : else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)))
2907 : {
2908 0 : log_error ("error allocating connection data for %s: %s\n",
2909 0 : listentbl[idx].name, strerror (errno) );
2910 0 : assuan_sock_close (fd);
2911 : }
2912 769 : else if ( !(ctrl->session_env = session_env_new ()))
2913 : {
2914 0 : log_error ("error allocating session env block for %s: %s\n",
2915 0 : listentbl[idx].name, strerror (errno) );
2916 0 : xfree (ctrl);
2917 0 : assuan_sock_close (fd);
2918 : }
2919 : else
2920 : {
2921 769 : ctrl->thread_startup.fd = fd;
2922 769 : ret = npth_create (&thread, &tattr,
2923 : listentbl[idx].func, ctrl);
2924 769 : if (ret)
2925 : {
2926 0 : log_error ("error spawning connection handler for %s:"
2927 : " %s\n", listentbl[idx].name, strerror (ret));
2928 0 : assuan_sock_close (fd);
2929 0 : xfree (ctrl);
2930 : }
2931 : }
2932 769 : fd = GNUPG_INVALID_FD;
2933 : }
2934 : }
2935 869 : }
2936 :
2937 4 : if (my_inotify_fd != -1)
2938 4 : close (my_inotify_fd);
2939 4 : cleanup ();
2940 4 : log_info (_("%s %s stopped\n"), strusage(11), strusage(13));
2941 4 : npth_attr_destroy (&tattr);
2942 4 : }
2943 :
2944 :
2945 :
2946 : /* Helper for check_own_socket. */
2947 : static gpg_error_t
2948 0 : check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
2949 : {
2950 0 : membuf_t *mb = opaque;
2951 0 : put_membuf (mb, buffer, length);
2952 0 : return 0;
2953 : }
2954 :
2955 :
2956 : /* The thread running the actual check. We need to run this in a
2957 : separate thread so that check_own_thread can be called from the
2958 : timer tick. */
2959 : static void *
2960 0 : check_own_socket_thread (void *arg)
2961 : {
2962 : int rc;
2963 0 : char *sockname = arg;
2964 0 : assuan_context_t ctx = NULL;
2965 : membuf_t mb;
2966 : char *buffer;
2967 :
2968 0 : check_own_socket_running++;
2969 :
2970 0 : rc = assuan_new (&ctx);
2971 0 : if (rc)
2972 : {
2973 0 : log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
2974 0 : goto leave;
2975 : }
2976 0 : assuan_set_flag (ctx, ASSUAN_NO_LOGGING, 1);
2977 :
2978 0 : rc = assuan_socket_connect (ctx, sockname, (pid_t)(-1), 0);
2979 0 : if (rc)
2980 : {
2981 0 : log_error ("can't connect my own socket: %s\n", gpg_strerror (rc));
2982 0 : goto leave;
2983 : }
2984 :
2985 0 : init_membuf (&mb, 100);
2986 0 : rc = assuan_transact (ctx, "GETINFO pid", check_own_socket_pid_cb, &mb,
2987 : NULL, NULL, NULL, NULL);
2988 0 : put_membuf (&mb, "", 1);
2989 0 : buffer = get_membuf (&mb, NULL);
2990 0 : if (rc || !buffer)
2991 : {
2992 0 : log_error ("sending command \"%s\" to my own socket failed: %s\n",
2993 : "GETINFO pid", gpg_strerror (rc));
2994 0 : rc = 1;
2995 : }
2996 0 : else if ( (pid_t)strtoul (buffer, NULL, 10) != getpid ())
2997 : {
2998 0 : log_error ("socket is now serviced by another server\n");
2999 0 : rc = 1;
3000 : }
3001 0 : else if (opt.verbose > 1)
3002 0 : log_error ("socket is still served by this server\n");
3003 :
3004 0 : xfree (buffer);
3005 :
3006 : leave:
3007 0 : xfree (sockname);
3008 0 : if (ctx)
3009 0 : assuan_release (ctx);
3010 0 : if (rc)
3011 : {
3012 : /* We may not remove the socket as it is now in use by another
3013 : server. */
3014 0 : inhibit_socket_removal = 1;
3015 0 : shutdown_pending = 2;
3016 0 : log_info ("this process is useless - shutting down\n");
3017 : }
3018 0 : check_own_socket_running--;
3019 0 : return NULL;
3020 : }
3021 :
3022 :
3023 : /* Check whether we are still listening on our own socket. In case
3024 : another gpg-agent process started after us has taken ownership of
3025 : our socket, we would linger around without any real task. Thus we
3026 : better check once in a while whether we are really needed. */
3027 : static void
3028 0 : check_own_socket (void)
3029 : {
3030 : char *sockname;
3031 : npth_t thread;
3032 : npth_attr_t tattr;
3033 : int err;
3034 :
3035 0 : if (disable_check_own_socket)
3036 0 : return;
3037 :
3038 0 : if (check_own_socket_running || shutdown_pending)
3039 0 : return; /* Still running or already shutting down. */
3040 :
3041 0 : sockname = make_filename_try (gnupg_socketdir (), GPG_AGENT_SOCK_NAME, NULL);
3042 0 : if (!sockname)
3043 0 : return; /* Out of memory. */
3044 :
3045 0 : err = npth_attr_init (&tattr);
3046 0 : if (err)
3047 0 : return;
3048 0 : npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
3049 0 : err = npth_create (&thread, &tattr, check_own_socket_thread, sockname);
3050 0 : if (err)
3051 0 : log_error ("error spawning check_own_socket_thread: %s\n", strerror (err));
3052 0 : npth_attr_destroy (&tattr);
3053 : }
3054 :
3055 :
3056 :
3057 : /* Figure out whether an agent is available and running. Prints an
3058 : error if not. If SILENT is true, no messages are printed.
3059 : Returns 0 if the agent is running. */
3060 : static int
3061 0 : check_for_running_agent (int silent)
3062 : {
3063 : gpg_error_t err;
3064 : char *sockname;
3065 0 : assuan_context_t ctx = NULL;
3066 :
3067 0 : sockname = make_filename_try (gnupg_socketdir (), GPG_AGENT_SOCK_NAME, NULL);
3068 0 : if (!sockname)
3069 0 : return gpg_error_from_syserror ();
3070 :
3071 0 : err = assuan_new (&ctx);
3072 0 : if (!err)
3073 0 : err = assuan_socket_connect (ctx, sockname, (pid_t)(-1), 0);
3074 0 : xfree (sockname);
3075 0 : if (err)
3076 : {
3077 0 : if (!silent)
3078 0 : log_error (_("no gpg-agent running in this session\n"));
3079 :
3080 0 : if (ctx)
3081 0 : assuan_release (ctx);
3082 0 : return -1;
3083 : }
3084 :
3085 0 : if (!opt.quiet && !silent)
3086 0 : log_info ("gpg-agent running and available\n");
3087 :
3088 0 : assuan_release (ctx);
3089 0 : return 0;
3090 : }
|
