/* gpgconf main. */ int main (int argc, char **argv) { ARGPARSE_ARGS pargs; const char *fname; int no_more_options = 0; enum cmd_and_opt_values cmd = 0; FILE *outfp = NULL; gnupg_reopen_std ("gpgconf"); set_strusage (my_strusage); log_set_prefix ("gpgconf", 1); /* Make sure that our subsystems are ready. */ i18n_init(); init_common_subsystems (); /* Parse the command line. */ pargs.argc = &argc; pargs.argv = &argv; pargs.flags = 1; /* Do not remove the args. */ while (!no_more_options && optfile_parse (NULL, NULL, NULL, &pargs, opts)) { switch (pargs.r_opt) { case oOutput: opt.outfile = pargs.r.ret_str; break; case oQuiet: opt.quiet = 1; break; case oDryRun: opt.dry_run = 1; break; case oRuntime: opt.runtime = 1; break; case oVerbose: opt.verbose++; break; case oNoVerbose: opt.verbose = 0; break; case aListDirs: case aListComponents: case aCheckPrograms: case aListOptions: case aChangeOptions: case aCheckOptions: case aApplyDefaults: case aListConfig: case aCheckConfig: case aReload: cmd = pargs.r_opt; break; default: pargs.err = 2; break; } } if (log_get_errorcount (0)) exit (2); fname = argc ? *argv : NULL; switch (cmd) { case aListComponents: default: /* List all components. */ gc_component_list_components (get_outfp (&outfp)); break; case aCheckPrograms: /* Check all programs. */ gc_check_programs (get_outfp (&outfp)); break; case aListOptions: case aChangeOptions: case aCheckOptions: if (!fname) { fputs (_("usage: gpgconf [options] "), stderr); putc ('\n',stderr); fputs (_("Need one component argument"), stderr); putc ('\n',stderr); exit (2); } else { int idx = gc_component_find (fname); if (idx < 0) { fputs (_("Component not found"), stderr); putc ('\n', stderr); exit (1); } if (cmd == aCheckOptions) gc_component_check_options (idx, get_outfp (&outfp), NULL); else { gc_component_retrieve_options (idx); if (gc_process_gpgconf_conf (NULL, 1, 0, NULL)) exit (1); if (cmd == aListOptions) gc_component_list_options (idx, get_outfp (&outfp)); else if (cmd == aChangeOptions) gc_component_change_options (idx, stdin, get_outfp (&outfp)); } } break; case aReload: if (!fname) { /* Reload all. */ gc_component_reload (-1); } else { /* Reload given component. */ int idx; idx = gc_component_find (fname); if (idx < 0) { fputs (_("Component not found"), stderr); putc ('\n', stderr); exit (1); } else { gc_component_reload (idx); } } break; case aListConfig: if (gc_process_gpgconf_conf (fname, 0, 0, get_outfp (&outfp))) exit (1); break; case aCheckConfig: if (gc_process_gpgconf_conf (fname, 0, 0, NULL)) exit (1); break; case aApplyDefaults: if (fname) { fputs (_("usage: gpgconf [options] "), stderr); putc ('\n',stderr); fputs (_("No argument allowed"), stderr); putc ('\n',stderr); exit (2); } gc_component_retrieve_options (-1); if (gc_process_gpgconf_conf (NULL, 1, 1, NULL)) exit (1); break; case aListDirs: /* Show the system configuration directories for gpgconf. */ get_outfp (&outfp); fprintf (outfp, "sysconfdir:%s\n", gc_percent_escape (gnupg_sysconfdir ())); fprintf (outfp, "bindir:%s\n", gc_percent_escape (gnupg_bindir ())); fprintf (outfp, "libexecdir:%s\n", gc_percent_escape (gnupg_libexecdir ())); fprintf (outfp, "libdir:%s\n", gc_percent_escape (gnupg_libdir ())); fprintf (outfp, "datadir:%s\n", gc_percent_escape (gnupg_datadir ())); fprintf (outfp, "localedir:%s\n", gc_percent_escape (gnupg_localedir ())); fprintf (outfp, "dirmngr-socket:%s\n", gc_percent_escape (dirmngr_socket_name ())); { char *infostr = getenv ("GPG_AGENT_INFO"); if (!infostr || !*infostr) infostr = make_filename (default_homedir (), "S.gpg-agent", NULL); else { char *tmp; infostr = xstrdup (infostr); tmp = strchr (infostr, PATHSEP_C); if (!tmp || tmp == infostr) { xfree (infostr); infostr = NULL; } else *tmp = 0; } fprintf (outfp, "agent-socket:%s\n", infostr? gc_percent_escape (infostr) : ""); xfree (infostr); } { /* We need to use make_filename to expand a possible "~/". */ char *tmp = make_filename (default_homedir (), NULL); fprintf (outfp, "homedir:%s\n", gc_percent_escape (tmp)); xfree (tmp); } break; } if (outfp && outfp != stdout) if (fclose (outfp)) gc_error (1, errno, "error closing `%s'", opt.outfile); return 0; }
/* Try to connect to the dirmngr via socket or fork it off and work by pipes. Handle the server's initial greeting */ static assuan_context_t start_dirmngr (int only_daemon) { int rc; char *infostr, *p; assuan_context_t ctx; int try_default = 0; infostr = opt.force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); if (only_daemon && (!infostr || !*infostr)) { infostr = xstrdup (dirmngr_socket_name ()); try_default = 1; } rc = assuan_new (&ctx); if (rc) { log_error (_("failed to allocate assuan context: %s\n"), gpg_strerror (rc)); return NULL; } if (!infostr || !*infostr) { const char *pgmname; const char *argv[3]; int no_close_list[3]; int i; if (only_daemon) { log_error (_("apparently no running dirmngr\n")); return NULL; } if (opt.verbose) log_info (_("no running dirmngr - starting one\n")); if (!opt.dirmngr_program || !*opt.dirmngr_program) opt.dirmngr_program = "./dirmngr"; if ( !(pgmname = strrchr (opt.dirmngr_program, '/'))) pgmname = opt.dirmngr_program; else pgmname++; argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (es_fileno (es_stderr)); no_close_list[i] = -1; /* Connect to the agent and perform initial handshaking. */ rc = assuan_pipe_connect (ctx, opt.dirmngr_program, argv, no_close_list, NULL, NULL, 0); } else /* Connect to a daemon. */ { int prot; int pid; infostr = xstrdup (infostr); if (!try_default && *infostr) { if ( !(p = strchr (infostr, ':')) || p == infostr) { log_error (_("malformed DIRMNGR_INFO environment variable\n")); xfree (infostr); if (only_daemon) return NULL; /* Try again by starting a new instance. */ opt.force_pipe_server = 1; return start_dirmngr (0); } *p++ = 0; pid = atoi (p); while (*p && *p != ':') p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("dirmngr protocol version %d is not supported\n"), prot); xfree (infostr); if (only_daemon) return NULL; opt.force_pipe_server = 1; return start_dirmngr (0); } } else pid = -1; rc = assuan_socket_connect (ctx, infostr, pid, 0); xfree (infostr); if (gpg_err_code(rc) == GPG_ERR_ASS_CONNECT_FAILED && !only_daemon) { log_error (_("can't connect to the dirmngr - trying fall back\n")); opt.force_pipe_server = 1; return start_dirmngr (0); } } if (rc) { assuan_release (ctx); log_error (_("can't connect to the dirmngr: %s\n"), gpg_strerror (rc)); return NULL; } return ctx; }
/* Startup the server. DEFAULT_RECPLIST is the list of recipients as set from the command line or config file. We only require those marked as encrypt-to. */ void gpgsm_server (certlist_t default_recplist) { int rc; assuan_fd_t filedes[2]; assuan_context_t ctx; struct server_control_s ctrl; static const char hello[] = ("GNU Privacy Guard's S/M server " VERSION " ready"); memset (&ctrl, 0, sizeof ctrl); gpgsm_init_default_ctrl (&ctrl); /* We use a pipe based server so that we can work from scripts. assuan_init_pipe_server will automagically detect when we are called with a socketpair and ignore FILEDES in this case. */ #ifdef HAVE_W32CE_SYSTEM #define SERVER_STDIN es_fileno(es_stdin) #define SERVER_STDOUT es_fileno(es_stdout) #else #define SERVER_STDIN 0 #define SERVER_STDOUT 1 #endif filedes[0] = assuan_fdopen (SERVER_STDIN); filedes[1] = assuan_fdopen (SERVER_STDOUT); rc = assuan_new (&ctx); if (rc) { log_error ("failed to allocate assuan context: %s\n", gpg_strerror (rc)); gpgsm_exit (2); } rc = assuan_init_pipe_server (ctx, filedes); if (rc) { log_error ("failed to initialize the server: %s\n", gpg_strerror (rc)); gpgsm_exit (2); } rc = register_commands (ctx); if (rc) { log_error ("failed to the register commands with Assuan: %s\n", gpg_strerror(rc)); gpgsm_exit (2); } if (opt.verbose || opt.debug) { char *tmp = NULL; const char *s1 = getenv ("GPG_AGENT_INFO"); if (asprintf (&tmp, "Home: %s\n" "Config: %s\n" "AgentInfo: %s\n" "DirmngrInfo: %s\n" "%s", opt.homedir, opt.config_filename, s1?s1:"[not set]", dirmngr_socket_name (), hello) > 0) { assuan_set_hello_line (ctx, tmp); free (tmp); } } else assuan_set_hello_line (ctx, hello); assuan_register_reset_notify (ctx, reset_notify); assuan_register_input_notify (ctx, input_notify); assuan_register_output_notify (ctx, output_notify); assuan_register_option_handler (ctx, option_handler); assuan_set_pointer (ctx, &ctrl); ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local); ctrl.server_local->assuan_ctx = ctx; ctrl.server_local->message_fd = -1; ctrl.server_local->list_internal = 1; ctrl.server_local->list_external = 0; ctrl.server_local->default_recplist = default_recplist; for (;;) { rc = assuan_accept (ctx); if (rc == -1) { break; } else if (rc) { log_info ("Assuan accept problem: %s\n", gpg_strerror (rc)); break; } rc = assuan_process (ctx); if (rc) { log_info ("Assuan processing failed: %s\n", gpg_strerror (rc)); continue; } } gpgsm_release_certlist (ctrl.server_local->recplist); ctrl.server_local->recplist = NULL; gpgsm_release_certlist (ctrl.server_local->signerlist); ctrl.server_local->signerlist = NULL; xfree (ctrl.server_local); audit_release (ctrl.audit); ctrl.audit = NULL; assuan_release (ctx); }
/* Try to connect to the dirmngr via a socket. On platforms supporting it, start it up if needed. Returns a new assuan context at R_CTX or an error code. */ gpg_error_t start_new_dirmngr (assuan_context_t *r_ctx, gpg_err_source_t errsource, const char *homedir, const char *dirmngr_program, int verbose, int debug, gpg_error_t (*status_cb)(ctrl_t, int, ...), ctrl_t status_cb_arg) { gpg_error_t err; assuan_context_t ctx; const char *sockname; int did_success_msg = 0; *r_ctx = NULL; err = assuan_new (&ctx); if (err) { log_error ("error allocating assuan context: %s\n", gpg_strerror (err)); return err; } sockname = dirmngr_socket_name (); err = assuan_socket_connect (ctx, sockname, 0, 0); #ifdef USE_DIRMNGR_AUTO_START if (err) { lock_spawn_t lock; const char *argv[2]; /* With no success try start a new Dirmngr. On most systems this will fail because the Dirmngr is expected to be a system service. However on Wince we don't distinguish users and thus we can start it. A future extension might be to use the userv system to start the Dirmngr as a system service. */ if (!dirmngr_program || !*dirmngr_program) dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR); if (verbose) log_info (_("no running Dirmngr - starting '%s'\n"), dirmngr_program); if (status_cb) status_cb (status_cb_arg, STATUS_PROGRESS, "starting_dirmngr ? 0 0", NULL); if (fflush (NULL)) { gpg_error_t tmperr = gpg_err_make (errsource, gpg_err_code_from_syserror ()); log_error ("error flushing pending output: %s\n", strerror (errno)); assuan_release (ctx); return tmperr; } argv[0] = "--daemon"; argv[1] = NULL; if (!(err = lock_spawning (&lock, homedir, "dirmngr", verbose)) && assuan_socket_connect (ctx, sockname, 0, 0)) { err = gnupg_spawn_process_detached (dirmngr_program, argv,NULL); if (err) log_error ("failed to start the dirmngr '%s': %s\n", dirmngr_program, gpg_strerror (err)); else { int i; for (i=0; i < SECS_TO_WAIT_FOR_DIRMNGR; i++) { if (verbose) log_info (_("waiting for the dirmngr " "to come up ... (%ds)\n"), SECS_TO_WAIT_FOR_DIRMNGR - i); gnupg_sleep (1); err = assuan_socket_connect (ctx, sockname, 0, 0); if (!err) { if (verbose) { log_info (_("connection to the dirmngr" " established\n")); did_success_msg = 1; } break; } } } } unlock_spawning (&lock, "dirmngr"); } #else (void)homedir; (void)dirmngr_program; (void)verbose; (void)status_cb; (void)status_cb_arg; #endif /*USE_DIRMNGR_AUTO_START*/ if (err) { log_error ("connecting dirmngr at '%s' failed: %s\n", sockname, gpg_strerror (err)); assuan_release (ctx); return gpg_err_make (errsource, GPG_ERR_NO_DIRMNGR); } if (debug && !did_success_msg) log_debug (_("connection to the dirmngr established\n")); *r_ctx = ctx; return 0; }
/* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting */ static int start_dirmngr_ext (ctrl_t ctrl, assuan_context_t *ctx_r) { int rc; char *infostr, *p; assuan_context_t ctx = NULL; int try_default = 0; if (opt.disable_dirmngr) return gpg_error (GPG_ERR_NO_DIRMNGR); if (*ctx_r) return 0; /* Note: if you change this to multiple connections, you also need to take care of the implicit option sending caching. */ #ifdef HAVE_W32_SYSTEM infostr = NULL; opt.prefer_system_dirmngr = 1; #else infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); #endif /*HAVE_W32_SYSTEM*/ if (infostr && !*infostr) infostr = NULL; else if (infostr) infostr = xstrdup (infostr); if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr) { infostr = xstrdup (dirmngr_socket_name ()); try_default = 1; } rc = assuan_new (&ctx); if (rc) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc)); return rc; } if (!infostr) { const char *pgmname; const char *argv[3]; int no_close_list[3]; int i; if (!opt.dirmngr_program || !*opt.dirmngr_program) opt.dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR); if ( !(pgmname = strrchr (opt.dirmngr_program, '/'))) pgmname = opt.dirmngr_program; else pgmname++; if (opt.verbose) log_info (_("no running dirmngr - starting `%s'\n"), opt.dirmngr_program); if (fflush (NULL)) { gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); return tmperr; } argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); no_close_list[i] = -1; /* connect to the agent and perform initial handshaking */ rc = assuan_pipe_connect (ctx, opt.dirmngr_program, argv, no_close_list, NULL, NULL, 0); } else { int prot; int pid; if (!try_default) { if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) { log_error (_("malformed DIRMNGR_INFO environment variable\n")); xfree (infostr); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } *p++ = 0; pid = atoi (p); while (*p && *p != PATHSEP_C) p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("dirmngr protocol version %d is not supported\n"), prot); xfree (infostr); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } } else pid = -1; rc = assuan_socket_connect (ctx, infostr, pid, 0); #ifdef HAVE_W32_SYSTEM if (rc) log_debug ("connecting dirmngr at `%s' failed\n", infostr); #endif xfree (infostr); #ifndef HAVE_W32_SYSTEM if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED) { log_info (_("can't connect to the dirmngr - trying fall back\n")); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } #endif /*!HAVE_W32_SYSTEM*/ } prepare_dirmngr (ctrl, ctx, rc); if (rc) { assuan_release (ctx); log_error ("can't connect to the dirmngr: %s\n", gpg_strerror (rc)); return gpg_error (GPG_ERR_NO_DIRMNGR); } *ctx_r = ctx; if (DBG_ASSUAN) log_debug ("connection to dirmngr established\n"); return 0; }