/****************
* Same as add_to_strlist() but if is_utf8 is *not* set a conversion
* to UTF8 is done
*/
STRLIST
add_to_strlist2( STRLIST *list, const char *string, int is_utf8 )
{
STRLIST sl;
if( is_utf8 )
sl = add_to_strlist( list, string );
else {
char *p = native_to_utf8( string );
sl = add_to_strlist( list, p );
xfree( p );
}
return sl;
}
static int
expand_id(const char *id,STRLIST *into,unsigned int flags)
{
struct groupitem *groups;
int count=0;
for(groups=opt.grouplist;groups;groups=groups->next)
{
/* need strcasecmp() here, as this should be localized */
if(strcasecmp(groups->name,id)==0)
{
STRLIST each,sl;
/* this maintains the current utf8-ness */
for(each=groups->values;each;each=each->next)
{
sl=add_to_strlist(into,each->d);
sl->flags=flags;
count++;
}
break;
}
}
return count;
}
static int append_strlist(struct conf *dst, struct conf *src)
{
struct strlist *s;
for(s=get_strlist(src); s; s=s->next)
if(add_to_strlist(dst, s->path, s->flag))
return -1;
return 0;
}
static int setup_script_arg_override(struct conf *c, struct conf *args)
{
struct strlist *s;
set_strlist(args, NULL);
for(s=get_strlist(c); s; s=s->next)
if(add_to_strlist(args, s->path, s->flag))
return -1;
return 0;
}
static int incexc_munge(struct conf **c, struct strlist *s)
{
#ifdef HAVE_WIN32
convert_backslashes(&s->path);
#endif
if(path_checks(s->path,
"ERROR: Please use absolute include/exclude paths.\n"))
return -1;
if(add_to_strlist(c[OPT_INCEXCDIR], s->path, s->flag))
return -1;
return 0;
}
struct curl_slist *
curl_slist_append(struct curl_slist *list,const char *string)
{
if(!list)
{
list=calloc(1,sizeof(*list));
if(!list)
return NULL;
}
add_to_strlist(&list->list,string);
return list;
}
/* For simplicity, and to avoid potential loops, we only expand once -
you can't make an alias that points to an alias. */
static STRLIST
expand_group(STRLIST input)
{
STRLIST sl,output=NULL,rover;
for(rover=input;rover;rover=rover->next)
if(expand_id(rover->d,&output,rover->flags)==0)
{
/* Didn't find any groups, so use the existing string */
sl=add_to_strlist(&output,rover->d);
sl->flags=rover->flags;
}
return output;
}
// This decides which directories to start backing up, and which
// are subdirectories which don't need to be started separately.
static int finalise_start_dirs(struct conf **c)
{
struct strlist *s=NULL;
struct strlist *last_ie=NULL;
struct strlist *last_sd=NULL;
// Make sure that the startdir list starts empty, or chaos will ensue.
conf_free_content(c[OPT_STARTDIR]);
for(s=get_strlist(c[OPT_INCLUDE]); s; s=s->next)
{
#ifdef HAVE_WIN32
convert_backslashes(&s->path);
#endif
if(path_checks(s->path,
"ERROR: Please use absolute include/exclude paths.\n"))
return -1;
// Ensure that we do not backup the same directory twice.
if(last_ie && !strcmp(s->path, last_ie->path))
{
logp("Directory appears twice in conf: %s\n",
s->path);
return -1;
}
// If it is not a subdirectory of the most recent start point,
// we have found another start point.
if(!get_strlist(c[OPT_STARTDIR])
|| !last_sd || !is_subdir(last_sd->path, s->path))
{
// Do not use strlist_add_sorted, because last_sd is
// relying on incexcdir already being sorted.
if(add_to_strlist(c[OPT_STARTDIR], s->path, s->flag))
return -1;
last_sd=s;
}
else
{
// If it is not a starting directory, it should at
// least be included as a cross_filesystem entry.
if(add_to_cross_filesystem(c, s->path))
return -1;
}
last_ie=s;
}
return 0;
}
/* Command line parsing. */
static void
parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
{
int no_more_options = 0;
while (!no_more_options && optfile_parse (NULL, NULL, NULL, pargs, popts))
{
switch (pargs->r_opt)
{
case oOutput:
opt.outfile = pargs->r.ret_str;
break;
case oDirectory:
opt.directory = pargs->r.ret_str;
break;
case oSetFilename:
opt.filename = pargs->r.ret_str;
break;
case oQuiet:
opt.quiet = 1;
break;
case oVerbose:
opt.verbose++;
break;
case oNoVerbose:
opt.verbose = 0;
break;
case oFilesFrom:
files_from = pargs->r.ret_str;
break;
case oNull:
null_names = 1;
break;
case aList:
case aDecrypt:
case aEncrypt:
case aSign:
set_cmd (&cmd, pargs->r_opt);
break;
case oRecipient:
add_to_strlist (&opt.recipients, pargs->r.ret_str);
break;
case oUser:
opt.user = pargs->r.ret_str;
break;
case oSymmetric:
set_cmd (&cmd, aEncrypt);
opt.symmetric = 1;
break;
case oGpgProgram:
opt.gpg_program = pargs->r.ret_str;
break;
case oSkipCrypto:
skip_crypto = 1;
break;
case oOpenPGP: /* Dummy option for now. */
break;
case oCMS: /* Dummy option for now. */
break;
case oGpgArgs:
;
{
strlist_t list;
if (shell_parse_stringlist (pargs->r.ret_str, &list))
log_error ("failed to parse gpg arguments '%s'\n",
pargs->r.ret_str);
else
{
if (opt.gpg_arguments)
strlist_last (opt.gpg_arguments)->next = list;
else
opt.gpg_arguments = list;
}
}
break;
case oTarArgs:
;
{
int tar_argc;
char **tar_argv;
if (shell_parse_argv (pargs->r.ret_str, &tar_argc, &tar_argv))
log_error ("failed to parse tar arguments '%s'\n",
pargs->r.ret_str);
else
{
ARGPARSE_ARGS tar_args;
tar_args.argc = &tar_argc;
tar_args.argv = &tar_argv;
tar_args.flags = ARGPARSE_FLAG_ARG0;
parse_arguments (&tar_args, tar_opts);
if (tar_args.err)
log_error ("unsupported tar arguments '%s'\n",
pargs->r.ret_str);
pargs->err = tar_args.err;
}
}
break;
case oDryRun:
opt.dry_run = 1;
break;
default:
pargs->err = 2;
break;
}
}
}
int
verify_signatures (ctrl_t ctrl, int nfiles, char **files )
{
IOBUF fp;
armor_filter_context_t *afx = NULL;
progress_filter_context_t *pfx = new_progress_context ();
const char *sigfile;
int i, rc;
strlist_t sl;
/* Decide whether we should handle a detached or a normal signature,
* which is needed so that the code later can hash the correct data and
* not have a normal signature act as detached signature and ignoring the
* indended signed material from the 2nd file or stdin.
* 1. gpg <file - normal
* 2. gpg file - normal (or detached)
* 3. gpg file <file2 - detached
* 4. gpg file file2 - detached
* The question is how decide between case 2 and 3? The only way
* we can do it is by reading one byte from stdin and then unget
* it; the problem here is that we may be reading from the
* terminal (which could be detected using isatty() but won't work
* when under contol of a pty using program (e.g. expect)) and
* might get us in trouble when stdin is used for another purpose
* (--passphrase-fd 0). So we have to break with the behaviour
* prior to gpg 1.0.4 by assuming that case 3 is a normal
* signature (where file2 is ignored and require for a detached
* signature to indicate signed material comes from stdin by using
* case 4 with a file2 of "-".
*
* Actually we don't have to change anything here but can handle
* that all quite easily in mainproc.c
*/
sigfile = nfiles? *files : NULL;
/* open the signature file */
fp = iobuf_open(sigfile);
if (fp && is_secured_file (iobuf_get_fd (fp)))
{
iobuf_close (fp);
fp = NULL;
gpg_err_set_errno (EPERM);
}
if( !fp ) {
rc = gpg_error_from_syserror ();
log_error(_("can't open '%s': %s\n"),
print_fname_stdin(sigfile), gpg_strerror (rc));
goto leave;
}
handle_progress (pfx, fp, sigfile);
if ( !opt.no_armor && use_armor_filter( fp ) )
{
afx = new_armor_context ();
push_armor_filter (afx, fp);
}
sl = NULL;
for(i=nfiles-1 ; i > 0 ; i-- )
add_to_strlist( &sl, files[i] );
rc = proc_signature_packets (ctrl, NULL, fp, sl, sigfile );
free_strlist(sl);
iobuf_close(fp);
if( (afx && afx->no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) {
log_error(_("the signature could not be verified.\n"
"Please remember that the signature file (.sig or .asc)\n"
"should be the first file given on the command line.\n") );
rc = 0;
}
leave:
release_armor_context (afx);
release_progress_context (pfx);
return rc;
}
static int add_to_cross_filesystem(struct conf **c, const char *path)
{
if(strlist_find(get_strlist(c[OPT_FSCHGDIR]), path, 0))
return 0;
return add_to_strlist(c[OPT_FSCHGDIR], path, 0);
}
static int load_conf_field_and_value(struct conf **c,
const char *f, // field
const char *v, // value
const char *conf_path,
int line)
{
if(!strcmp(f, "compression"))
{
int compression=get_compression(v);
if(compression<0) return -1;
set_int(c[OPT_COMPRESSION], compression);
}
else if(!strcmp(f, "ssl_compression"))
{
int compression=get_compression(v);
if(compression<0) return -1;
set_int(c[OPT_SSL_COMPRESSION], compression);
}
else if(!strcmp(f, "ratelimit"))
{
float f=0;
f=atof(v);
// User is specifying Mega bits per second.
// Need to convert to bytes per second.
f=(f*1024*1024)/8;
if(!f)
{
logp("ratelimit should be greater than zero\n");
return -1;
}
set_float(c[OPT_RATELIMIT], f);
}
else
{
int i=0;
for(i=0; i<OPT_MAX; i++)
{
if(strcmp(c[i]->field, f)) continue;
switch(c[i]->conf_type)
{
case CT_STRING:
return set_string(c[i], v);
case CT_UINT:
return set_int(c[i], atoi(v));
case CT_FLOAT:
return set_float(c[i], atof(v));
break;
case CT_MODE_T:
return set_mode_t(c[i],
strtol(v, NULL, 8));
case CT_SSIZE_T:
{
uint64_t s=0;
return
get_file_size(v, &s, conf_path, line)
|| set_uint64_t(c[i], s);
}
case CT_E_BURP_MODE:
return set_e_burp_mode(c[i],
str_to_burp_mode(v));
case CT_E_PROTOCOL:
return set_e_protocol(c[i],
str_to_protocol(v));
case CT_E_RECOVERY_METHOD:
return set_e_recovery_method(c[i],
str_to_recovery_method(v));
case CT_STRLIST:
return add_to_strlist(c[i], v,
!strcmp(c[i]->field, "include"));
case CT_E_RSHASH:
break;
case CT_CNTR:
break;
// No default so we get a warning if something
// was missed;
}
}
}
return 0;
}
static int process_entry(struct strlist *ig, struct conf **confs)
{
int ret=-1;
size_t len1=0;
char *sav=NULL;
char **splitstr1=NULL;
WIN32_FIND_DATA ffd;
HANDLE hFind=INVALID_HANDLE_VALUE;
convert_backslashes(&ig->path);
if(ig->path[strlen(ig->path)-1]!='*')
{
if(!(splitstr1=xstrsplit(ig->path, "*", &len1)))
goto end;
}
if(len1>2)
{
logp("include_glob error: '%s' contains at least"
" two '*' which is not currently supported\n",
ig->path);
goto end;
}
if(len1>1)
{
char *tmppath=NULL;
if(astrcat(&tmppath, splitstr1[0], __func__)
|| !(sav=strdup_w(tmppath, __func__))
|| astrcat(&tmppath, "*", __func__))
goto end;
hFind=FindFirstFileA(tmppath, &ffd);
free_w(&tmppath);
}
else
hFind=FindFirstFileA(ig->path, &ffd);
if(hFind==INVALID_HANDLE_VALUE)
{
LPVOID lpMsgBuf;
DWORD dw=GetLastError();
FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER |
FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
dw,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPTSTR)&lpMsgBuf,
0, NULL );
logp("Error: %s\n", lpMsgBuf);
LocalFree(lpMsgBuf);
goto end;
}
do
{
if(ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY
&& strcmp(ffd.cFileName, ".")
&& strcmp(ffd.cFileName, ".."))
{
char *tmppath=NULL;
if(len1<2)
{
if(ig->path[strlen(ig->path)-1]=='*')
{
if(!(tmppath=xstrsub(ig->path, 0,
strlen(ig->path)-1))
|| astrcat(&tmppath,
ffd.cFileName, __func__))
goto end;
}
else
if(!(tmppath=strdup_w(ig->path,
__func__))) goto end;
}
else
{
if(astrcat(&tmppath, sav, __func__)
|| astrcat(&tmppath, ffd.cFileName, __func__)
|| astrcat(&tmppath, splitstr1[1], __func__))
goto end;
}
if(add_to_strlist(confs[OPT_INCLUDE], tmppath, 1))
goto end;
free_w(&tmppath);
}
}
while(FindNextFileA(hFind, &ffd)!=0);
FindClose(hFind);
ret=0;
end:
if(splitstr1)
{
free_w(&sav);
xfree_list(splitstr1, len1);
}
return ret;
}
int
main (int argc, char **argv )
{
ARGPARSE_ARGS pargs;
int orig_argc;
gpg_error_t err;
int may_coredump;
char **orig_argv;
FILE *configfp = NULL;
char *configname = NULL;
const char *shell;
unsigned int configlineno;
int parse_debug = 0;
const char *debug_level = NULL;
int default_config =1;
int greeting = 0;
int nogreeting = 0;
int multi_server = 0;
int is_daemon = 0;
int nodetach = 0;
int csh_style = 0;
char *logfile = NULL;
int debug_wait = 0;
int gpgconf_list = 0;
const char *config_filename = NULL;
int allow_coredump = 0;
int standard_socket = 0;
struct assuan_malloc_hooks malloc_hooks;
set_strusage (my_strusage);
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
/* Please note that we may running SUID(ROOT), so be very CAREFUL
when adding any stuff between here and the call to INIT_SECMEM()
somewhere after the option parsing */
log_set_prefix ("scdaemon", 1|4);
/* Make sure that our subsystems are ready. */
i18n_init ();
init_common_subsystems (&argc, &argv);
/* Libgcrypt requires us to register the threading model first.
Note that this will also do the pth_init. */
gcry_threads_pth.init = fixed_gcry_pth_init;
err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
if (err)
{
log_fatal ("can't register GNU Pth with Libgcrypt: %s\n",
gpg_strerror (err));
}
/* Check that the libraries are suitable. Do it here because
the option parsing may need services of the library */
if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
{
log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
}
ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
malloc_hooks.malloc = gcry_malloc;
malloc_hooks.realloc = gcry_realloc;
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
assuan_set_system_hooks (ASSUAN_SYSTEM_PTH);
assuan_sock_init ();
setup_libassuan_logging (&opt.debug);
setup_libgcrypt_logging ();
gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
may_coredump = disable_core_dumps ();
/* Set default options. */
opt.allow_admin = 1;
opt.pcsc_driver = DEFAULT_PCSC_DRIVER;
#ifdef HAVE_W32_SYSTEM
standard_socket = 1; /* Under Windows we always use a standard
socket. */
#endif
shell = getenv ("SHELL");
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
csh_style = 1;
opt.homedir = default_homedir ();
/* Check whether we have a config file on the commandline */
orig_argc = argc;
orig_argv = argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
while (arg_parse( &pargs, opts))
{
if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
parse_debug++;
else if (pargs.r_opt == oOptions)
{ /* yes there is one, so we do not try the default one, but
read the option file when it is encountered at the
commandline */
default_config = 0;
}
else if (pargs.r_opt == oNoOptions)
default_config = 0; /* --no-options */
else if (pargs.r_opt == oHomedir)
opt.homedir = pargs.r.ret_str;
}
/* initialize the secure memory. */
gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
maybe_setuid = 0;
/*
Now we are working under our real uid
*/
if (default_config)
configname = make_filename (opt.homedir, "scdaemon.conf", NULL );
argc = orig_argc;
argv = orig_argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1; /* do not remove the args */
next_pass:
if (configname)
{
configlineno = 0;
configfp = fopen (configname, "r");
if (!configfp)
{
if (default_config)
{
if( parse_debug )
log_info (_("NOTE: no default option file `%s'\n"),
configname );
}
else
{
log_error (_("option file `%s': %s\n"),
configname, strerror(errno) );
exit(2);
}
xfree (configname);
configname = NULL;
}
if (parse_debug && configname )
log_info (_("reading options from `%s'\n"), configname );
default_config = 0;
}
while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
{
switch (pargs.r_opt)
{
case aGPGConfList: gpgconf_list = 1; break;
case aGPGConfTest: gpgconf_list = 2; break;
case oQuiet: opt.quiet = 1; break;
case oVerbose: opt.verbose++; break;
case oBatch: opt.batch=1; break;
case oDebug: opt.debug |= pargs.r.ret_ulong; break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
case oDebugWait: debug_wait = pargs.r.ret_int; break;
case oDebugAllowCoreDump:
enable_core_dumps ();
allow_coredump = 1;
break;
case oDebugCCIDDriver:
#ifdef HAVE_LIBUSB
ccid_set_debug_level (ccid_set_debug_level (-1)+1);
#endif /*HAVE_LIBUSB*/
break;
case oDebugDisableTicker: ticker_disabled = 1; break;
case oDebugLogTid:
log_set_pid_suffix_cb (tid_log_callback);
break;
case oOptions:
/* config files may not be nested (silently ignore them) */
if (!configfp)
{
xfree(configname);
configname = xstrdup(pargs.r.ret_str);
goto next_pass;
}
break;
case oNoGreeting: nogreeting = 1; break;
case oNoVerbose: opt.verbose = 0; break;
case oNoOptions: break; /* no-options */
case oHomedir: opt.homedir = pargs.r.ret_str; break;
case oNoDetach: nodetach = 1; break;
case oLogFile: logfile = pargs.r.ret_str; break;
case oCsh: csh_style = 1; break;
case oSh: csh_style = 0; break;
case oServer: pipe_server = 1; break;
case oMultiServer: pipe_server = 1; multi_server = 1; break;
case oDaemon: is_daemon = 1; break;
case oReaderPort: opt.reader_port = pargs.r.ret_str; break;
case octapiDriver: opt.ctapi_driver = pargs.r.ret_str; break;
case opcscDriver: opt.pcsc_driver = pargs.r.ret_str; break;
case oDisableCCID: opt.disable_ccid = 1; break;
case oDisableOpenSC: break;
case oDisableKeypad: opt.disable_keypad = 1; break;
case oAllowAdmin: /* Dummy because allow is now the default. */
break;
case oDenyAdmin: opt.allow_admin = 0; break;
case oCardTimeout: opt.card_timeout = pargs.r.ret_ulong; break;
case oDisableApplication:
add_to_strlist (&opt.disabled_applications, pargs.r.ret_str);
break;
default:
pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
break;
}
}
if (configfp)
{
fclose( configfp );
configfp = NULL;
/* Keep a copy of the config name for use by --gpgconf-list. */
config_filename = configname;
configname = NULL;
goto next_pass;
}
xfree (configname);
configname = NULL;
if (log_get_errorcount(0))
exit(2);
if (nogreeting )
greeting = 0;
if (greeting)
{
es_fprintf (es_stderr, "%s %s; %s\n",
strusage(11), strusage(13), strusage(14) );
es_fprintf (es_stderr, "%s\n", strusage(15) );
}
#ifdef IS_DEVELOPMENT_VERSION
log_info ("NOTE: this is a development version!\n");
#endif
if (atexit (cleanup))
{
log_error ("atexit failed\n");
cleanup ();
exit (1);
}
set_debug (debug_level);
initialize_module_command ();
if (gpgconf_list == 2)
scd_exit (0);
if (gpgconf_list)
{
/* List options and default values in the GPG Conf format. */
char *filename = NULL;
char *filename_esc;
if (config_filename)
filename = xstrdup (config_filename);
else
filename = make_filename (opt.homedir, "scdaemon.conf", NULL);
filename_esc = percent_escape (filename, NULL);
es_printf ("gpgconf-scdaemon.conf:%lu:\"%s\n",
GC_OPT_FLAG_DEFAULT, filename_esc);
xfree (filename_esc);
xfree (filename);
es_printf ("verbose:%lu:\n"
"quiet:%lu:\n"
"debug-level:%lu:\"none:\n"
"log-file:%lu:\n",
GC_OPT_FLAG_NONE,
GC_OPT_FLAG_NONE,
GC_OPT_FLAG_DEFAULT,
GC_OPT_FLAG_NONE );
es_printf ("reader-port:%lu:\n", GC_OPT_FLAG_NONE );
es_printf ("ctapi-driver:%lu:\n", GC_OPT_FLAG_NONE );
es_printf ("pcsc-driver:%lu:\"%s:\n",
GC_OPT_FLAG_DEFAULT, DEFAULT_PCSC_DRIVER );
#ifdef HAVE_LIBUSB
es_printf ("disable-ccid:%lu:\n", GC_OPT_FLAG_NONE );
#endif
es_printf ("deny-admin:%lu:\n", GC_OPT_FLAG_NONE );
es_printf ("disable-keypad:%lu:\n", GC_OPT_FLAG_NONE );
es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0);
scd_exit (0);
}
/* Now start with logging to a file if this is desired. */
if (logfile)
{
log_set_file (logfile);
log_set_prefix (NULL, 1|2|4);
}
if (debug_wait && pipe_server)
{
log_debug ("waiting for debugger - my pid is %u .....\n",
(unsigned int)getpid());
gnupg_sleep (debug_wait);
log_debug ("... okay\n");
}
if (pipe_server)
{
/* This is the simple pipe based server */
ctrl_t ctrl;
pth_attr_t tattr;
int fd = -1;
#ifndef HAVE_W32_SYSTEM
{
struct sigaction sa;
sa.sa_handler = SIG_IGN;
sigemptyset (&sa.sa_mask);
sa.sa_flags = 0;
sigaction (SIGPIPE, &sa, NULL);
}
#endif
/* If --debug-allow-core-dump has been given we also need to
switch the working directory to a place where we can actually
write. */
if (allow_coredump)
{
if (chdir("/tmp"))
log_debug ("chdir to `/tmp' failed: %s\n", strerror (errno));
else
log_debug ("changed working directory to `/tmp'\n");
}
/* In multi server mode we need to listen on an additional
socket. Create that socket now before starting the handler
for the pipe connection. This allows that handler to send
back the name of that socket. */
if (multi_server)
{
socket_name = create_socket_name (standard_socket,
"S.scdaemon",
"gpg-XXXXXX/S.scdaemon");
fd = FD2INT(create_server_socket (standard_socket,
socket_name, &socket_nonce));
}
tattr = pth_attr_new();
pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 512*1024);
pth_attr_set (tattr, PTH_ATTR_NAME, "pipe-connection");
ctrl = xtrycalloc (1, sizeof *ctrl);
if ( !ctrl )
{
log_error ("error allocating connection control data: %s\n",
strerror (errno) );
scd_exit (2);
}
ctrl->thread_startup.fd = GNUPG_INVALID_FD;
if ( !pth_spawn (tattr, start_connection_thread, ctrl) )
{
log_error ("error spawning pipe connection handler: %s\n",
strerror (errno) );
xfree (ctrl);
scd_exit (2);
}
/* We run handle_connection to wait for the shutdown signal and
to run the ticker stuff. */
handle_connections (fd);
if (fd != -1)
close (fd);
}
else if (!is_daemon)
{
log_info (_("please use the option `--daemon'"
" to run the program in the background\n"));
}
else
{ /* Regular server mode */
int fd;
#ifndef HAVE_W32_SYSTEM
pid_t pid;
int i;
#endif
/* Create the socket. */
socket_name = create_socket_name (standard_socket,
"S.scdaemon",
"gpg-XXXXXX/S.scdaemon");
fd = FD2INT (create_server_socket (standard_socket,
socket_name, &socket_nonce));
fflush (NULL);
#ifndef HAVE_W32_SYSTEM
pid = fork ();
if (pid == (pid_t)-1)
{
log_fatal ("fork failed: %s\n", strerror (errno) );
exit (1);
}
else if (pid)
{ /* we are the parent */
char *infostr;
close (fd);
/* create the info string: <name>:<pid>:<protocol_version> */
if (estream_asprintf (&infostr, "SCDAEMON_INFO=%s:%lu:1",
socket_name, (ulong) pid) < 0)
{
log_error ("out of core\n");
kill (pid, SIGTERM);
exit (1);
}
*socket_name = 0; /* don't let cleanup() remove the socket -
the child should do this from now on */
if (argc)
{ /* run the program given on the commandline */
if (putenv (infostr))
{
log_error ("failed to set environment: %s\n",
strerror (errno) );
kill (pid, SIGTERM );
exit (1);
}
execvp (argv[0], argv);
log_error ("failed to run the command: %s\n", strerror (errno));
kill (pid, SIGTERM);
exit (1);
}
else
{
/* Print the environment string, so that the caller can use
shell's eval to set it */
if (csh_style)
{
*strchr (infostr, '=') = ' ';
es_printf ( "setenv %s\n", infostr);
}
else
{
es_printf ( "%s; export SCDAEMON_INFO;\n", infostr);
}
xfree (infostr);
exit (0);
}
/* NOTREACHED */
} /* end parent */
/* This is the child. */
/* Detach from tty and put process into a new session. */
if (!nodetach )
{
/* Close stdin, stdout and stderr unless it is the log stream. */
for (i=0; i <= 2; i++)
{
if ( log_test_fd (i) && i != fd)
close (i);
}
if (setsid() == -1)
{
log_error ("setsid() failed: %s\n", strerror(errno) );
cleanup ();
exit (1);
}
}
{
struct sigaction sa;
sa.sa_handler = SIG_IGN;
sigemptyset (&sa.sa_mask);
sa.sa_flags = 0;
sigaction (SIGPIPE, &sa, NULL);
}
if (chdir("/"))
{
log_error ("chdir to / failed: %s\n", strerror (errno));
exit (1);
}
#endif /*!HAVE_W32_SYSTEM*/
handle_connections (fd);
close (fd);
}
return 0;
}
