Pin::Pin() { gpg_error_t res; pid_t pid; int flags; const char *argv[2]; gpg_err_init(); res = assuan_new (&ctx); if(res) throw runtime_error(strprintf("pinentry initialisation: %s", gpg_strerror(res))); assuan_set_assuan_log_prefix("Pin: "); // needed esp. for ncurses lang = strprintf("OPTION lc-ctype=%s",getenv("LANG")); tty = strprintf("OPTION ttyname=%s",getenv("TTY")); flags = 0x0; argv[0] = "bitcoind"; // fake argv argv[1] = NULL; res = assuan_pipe_connect (ctx, SECURE_EXEC_PATH"/pinentry", argv, NULL, NULL, NULL, flags); if(res) throw runtime_error(strprintf("pinentry pipe forking: %s", gpg_strerror(res))); pid = assuan_get_pid(ctx); if(pid == ASSUAN_INVALID_PID) throw runtime_error(strprintf("pinentry not running: %s", gpg_strerror(res))); cmd(tty.c_str()); cmd(lang.c_str()); }
static gpg_error_t export_cert (char *fpr, struct cert *cert) { gpg_error_t err; assuan_context_t ctx; const char *argv[] = { "gpgsm", "--server", NULL }; #define COMMANDLINELEN 80 char cmd[COMMANDLINELEN]; struct export_hook exp; err = assuan_new (&ctx); if (err) { DEBUG (DBG_CRIT, "failed to allocate assuan context: %s", gpg_strerror (err)); return err; } err = assuan_pipe_connect (ctx, get_gpgsm_path (), argv, NULL, NULL, NULL, 128); if (err) { assuan_release (ctx); DEBUG (DBG_CRIT, "spawning %s\n", get_gpgsm_path ()); return err; } exp.buffer = NULL; exp.buffer_len = 0; exp.buffer_size = 0; snprintf (cmd, sizeof (cmd), "EXPORT --data -- %s\n", cert->fpr); err = assuan_transact (ctx, cmd, export_cert_cb, &exp, NULL, NULL, NULL, NULL); assuan_release (ctx); if (!err) { cert->cert_der = exp.buffer; cert->cert_der_len = exp.buffer_len; } #ifdef COMPAT_FALLBACK else if (gpg_err_code (err) == GPG_ERR_ASS_NO_OUTPUT) { /* For compatibility with GPGSM 2.0.0, we fall back to a work around in that case. */ if (cert->cert_der) { free (cert->cert_der); cert->cert_der = NULL; } err = export_cert_compat (fpr, cert); } #endif if (!err) err = scute_agent_is_trusted (fpr, &cert->is_trusted); return err; }
Pinentry::Pinentry() { gpg_error_t error; if ((error = assuan_new(&_pinentry)) != GPG_ERR_NO_ERROR) throw std::system_error(error, gpg_category()); const char *argv[] = {"pinentry", nullptr}; if ((error = assuan_pipe_connect(_pinentry, "/usr/bin/pinentry", argv, nullptr, nullptr, nullptr, 0)) != GPG_ERR_NO_ERROR) throw std::system_error(error, gpg_category()); }
/* Invoke SEARCH_CB for each certificate found using assuan connection CTX to GPGSM. */ gpg_error_t scute_gpgsm_search_certs_by_fpr (const char *fpr, cert_search_cb_t search_cb, void *search_cb_hook) { gpg_error_t err; assuan_context_t ctx; const char *argv[] = { "gpgsm", "--server", NULL }; struct search_ctx_by_field search; err = assuan_new (&ctx); if (err) { DEBUG (DBG_CRIT, "failed to allocate assuan context: %s", gpg_strerror (err)); return err; } err = assuan_pipe_connect (ctx, get_gpgsm_path (), argv, NULL, NULL, NULL, 128); if (err) { assuan_release (ctx); DEBUG (DBG_CRIT, "failed to spawn %s\n", get_gpgsm_path ()); return err; } search.field = SEARCH_BY_FPR; search.pattern = fpr; search.search_cb = search_cb; search.search_cb_hook = search_cb_hook; err = scute_gpgsm_search_certs (ctx, &search_certs_by_field, &search); assuan_release (ctx); return err; }
int ask_and_verify_pin_code(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *pin) { int r; size_t len; const char *argv[3]; const char *pgmname = PIN_ENTRY; ASSUAN_CONTEXT ctx; char buf[500]; char errtext[100]; struct entry_parm_s parm; struct sc_pkcs15_pin_info *pinfo = (struct sc_pkcs15_pin_info *) pin->data; argv[0] = pgmname; argv[1] = NULL; r = assuan_pipe_connect(&ctx, pgmname, (char **) argv, NULL); if (r) { printf("Can't connect to the PIN entry module: %s\n", assuan_strerror((AssuanError) r)); goto err; } sprintf(buf, "SETDESC Enter PIN [%s] for digital signing ", pin->label); r = assuan_transact(ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL); if (r) { printf("SETDESC: %s\n", assuan_strerror((AssuanError) r)); goto err; } errtext[0] = 0; while (1) { if (errtext[0]) { sprintf(buf, "SETERROR %s", errtext); r = assuan_transact(ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL); errtext[0] = 0; } parm.lines = 0; parm.size = sizeof(buf); parm.buffer = buf; r = assuan_transact(ctx, "GETPIN", getpin_cb, &parm, NULL, NULL, NULL, NULL); if (r == ASSUAN_Canceled) { assuan_disconnect(ctx); return -2; } if (r) { printf("GETPIN: %s\n", assuan_strerror((AssuanError) r)); goto err; } len = strlen(buf); if (len < pinfo->min_length) { sprintf(errtext, "PIN code too short, min. %lu digits", (unsigned long) pinfo->min_length); continue; } if (len > pinfo->max_length) { sprintf(errtext, "PIN code too long, max. %lu digits", (unsigned long) pinfo->max_length); continue; } r = sc_pkcs15_verify_pin(p15card, pinfo, (const u8 *) buf, strlen(buf)); switch (r) { case SC_ERROR_PIN_CODE_INCORRECT: sprintf(errtext, "PIN code incorrect (%d %s left)", pinfo->tries_left, pinfo->tries_left == 1 ? "try" : "tries"); break; case 0: break; default: goto err; } if (r == 0) break; } assuan_disconnect(ctx); return 0; err: assuan_disconnect(ctx); return -1; }
/* M A I N */ int main (int argc, char **argv) { int last_argc = -1; assuan_context_t ctx; gpg_error_t err; int no_close_fds[2]; const char *arglist[10]; int is_server = 0; int with_exec = 0; char *fname = prepend_srcdir ("motd"); if (argc) { log_set_prefix (*argv); argc--; argv++; } while (argc && last_argc != argc ) { last_argc = argc; if (!strcmp (*argv, "--help")) { puts ( "usage: ./fdpassing [options]\n" "\n" "Options:\n" " --verbose Show what is going on\n" " --with-exec Exec the child. Default is just a fork\n" ); exit (0); } if (!strcmp (*argv, "--verbose")) { verbose = 1; argc--; argv++; } else if (!strcmp (*argv, "--debug")) { verbose = debug = 1; argc--; argv++; } else if (!strcmp (*argv, "--server")) { is_server = 1; argc--; argv++; } else if (!strcmp (*argv, "--with-exec")) { with_exec = 1; argc--; argv++; } } assuan_set_assuan_log_prefix (log_prefix); if (is_server) { server (); log_info ("server finished\n"); } else { const char *loc; no_close_fds[0] = 2; no_close_fds[1] = -1; if (with_exec) { arglist[0] = "fdpassing"; arglist[1] = "--server"; arglist[2] = verbose? "--verbose":NULL; arglist[3] = NULL; } err = assuan_new (&ctx); if (err) log_fatal ("assuan_new failed: %s\n", gpg_strerror (err)); err = assuan_pipe_connect (ctx, with_exec? "./fdpassing":NULL, with_exec ? arglist : &loc, no_close_fds, NULL, NULL, 1); if (err) { log_error ("assuan_pipe_connect failed: %s\n", gpg_strerror (err)); return 1; } if (!with_exec && loc[0] == 's') { server (); log_info ("server finished\n"); } else { if (client (ctx, fname)) { log_info ("waiting for server to terminate...\n"); assuan_release (ctx); } log_info ("client finished\n"); } } return errorcount ? 1 : 0; }
/* Try to connect to the dirmngr via socket or fork it off and work by pipes. Handle the server's initial greeting */ static assuan_context_t start_dirmngr (int only_daemon) { int rc; char *infostr, *p; assuan_context_t ctx; int try_default = 0; infostr = opt.force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); if (only_daemon && (!infostr || !*infostr)) { infostr = xstrdup (dirmngr_socket_name ()); try_default = 1; } rc = assuan_new (&ctx); if (rc) { log_error (_("failed to allocate assuan context: %s\n"), gpg_strerror (rc)); return NULL; } if (!infostr || !*infostr) { const char *pgmname; const char *argv[3]; int no_close_list[3]; int i; if (only_daemon) { log_error (_("apparently no running dirmngr\n")); return NULL; } if (opt.verbose) log_info (_("no running dirmngr - starting one\n")); if (!opt.dirmngr_program || !*opt.dirmngr_program) opt.dirmngr_program = "./dirmngr"; if ( !(pgmname = strrchr (opt.dirmngr_program, '/'))) pgmname = opt.dirmngr_program; else pgmname++; argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (es_fileno (es_stderr)); no_close_list[i] = -1; /* Connect to the agent and perform initial handshaking. */ rc = assuan_pipe_connect (ctx, opt.dirmngr_program, argv, no_close_list, NULL, NULL, 0); } else /* Connect to a daemon. */ { int prot; int pid; infostr = xstrdup (infostr); if (!try_default && *infostr) { if ( !(p = strchr (infostr, ':')) || p == infostr) { log_error (_("malformed DIRMNGR_INFO environment variable\n")); xfree (infostr); if (only_daemon) return NULL; /* Try again by starting a new instance. */ opt.force_pipe_server = 1; return start_dirmngr (0); } *p++ = 0; pid = atoi (p); while (*p && *p != ':') p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("dirmngr protocol version %d is not supported\n"), prot); xfree (infostr); if (only_daemon) return NULL; opt.force_pipe_server = 1; return start_dirmngr (0); } } else pid = -1; rc = assuan_socket_connect (ctx, infostr, pid, 0); xfree (infostr); if (gpg_err_code(rc) == GPG_ERR_ASS_CONNECT_FAILED && !only_daemon) { log_error (_("can't connect to the dirmngr - trying fall back\n")); opt.force_pipe_server = 1; return start_dirmngr (0); } } if (rc) { assuan_release (ctx); log_error (_("can't connect to the dirmngr: %s\n"), gpg_strerror (rc)); return NULL; } return ctx; }
/* Fire up a new GPG. Handle the server's initial greeting. Returns 0 on success and stores the assuan context at R_CTX. */ static gpg_error_t start_gpg (ctrl_t ctrl, const char *gpg_program, strlist_t gpg_arguments, int input_fd, int output_fd, assuan_context_t *r_ctx) { gpg_error_t err; assuan_context_t ctx = NULL; const char *pgmname; const char **argv; assuan_fd_t no_close_list[5]; int i; char line[ASSUAN_LINELENGTH]; (void)ctrl; *r_ctx = NULL; err = assuan_new (&ctx); if (err) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (err)); return err; } /* The first time we are used, intialize the gpg_program variable. */ if ( !gpg_program || !*gpg_program ) gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG); /* Compute argv[0]. */ if ( !(pgmname = strrchr (gpg_program, '/'))) pgmname = gpg_program; else pgmname++; if (fflush (NULL)) { err = my_error_from_syserror (); log_error ("error flushing pending output: %s\n", gpg_strerror (err)); return err; } argv = xtrycalloc (strlist_length (gpg_arguments) + 3, sizeof *argv); if (argv == NULL) { err = my_error_from_syserror (); return err; } i = 0; argv[i++] = pgmname; argv[i++] = "--server"; for (; gpg_arguments; gpg_arguments = gpg_arguments->next) argv[i++] = gpg_arguments->d; argv[i++] = NULL; i = 0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); if (input_fd != -1) no_close_list[i++] = assuan_fd_from_posix_fd (input_fd); if (output_fd != -1) no_close_list[i++] = assuan_fd_from_posix_fd (output_fd); no_close_list[i] = ASSUAN_INVALID_FD; /* Connect to GPG and perform initial handshaking. */ err = assuan_pipe_connect (ctx, gpg_program, argv, no_close_list, NULL, NULL, 0); if (err) { assuan_release (ctx); log_error ("can't connect to GPG: %s\n", gpg_strerror (err)); return gpg_error (GPG_ERR_NO_ENGINE); } if (input_fd != -1) { snprintf (line, sizeof line, "INPUT FD=%d", input_fd); err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (err) { assuan_release (ctx); log_error ("error sending INPUT command: %s\n", gpg_strerror (err)); return err; } } if (output_fd != -1) { snprintf (line, sizeof line, "OUTPUT FD=%d", output_fd); err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (err) { assuan_release (ctx); log_error ("error sending OUTPUT command: %s\n", gpg_strerror (err)); return err; } } *r_ctx = ctx; return 0; }
static gpgme_error_t g13_new (void **engine, const char *file_name, const char *home_dir) { gpgme_error_t err = 0; engine_g13_t g13; const char *pgmname; int argc; const char *argv[5]; char *dft_display = NULL; char dft_ttyname[64]; char *dft_ttytype = NULL; char *optstr; g13 = calloc (1, sizeof *g13); if (!g13) return gpg_error_from_syserror (); g13->status_cb.fd = -1; g13->status_cb.dir = 1; g13->status_cb.tag = 0; g13->status_cb.data = g13; pgmname = file_name ? file_name : _gpgme_get_default_g13_name (); argc = 0; argv[argc++] = _gpgme_get_basename (pgmname); if (home_dir) { argv[argc++] = "--homedir"; argv[argc++] = home_dir; } argv[argc++] = "--server"; argv[argc++] = NULL; err = assuan_new_ext (&g13->assuan_ctx, GPG_ERR_SOURCE_GPGME, &_gpgme_assuan_malloc_hooks, _gpgme_assuan_log_cb, NULL); if (err) goto leave; assuan_ctx_set_system_hooks (g13->assuan_ctx, &_gpgme_assuan_system_hooks); #if USE_DESCRIPTOR_PASSING err = assuan_pipe_connect (g13->assuan_ctx, pgmname, argv, NULL, NULL, NULL, ASSUAN_PIPE_CONNECT_FDPASSING); #else err = assuan_pipe_connect (g13->assuan_ctx, pgmname, argv, NULL, NULL, NULL, 0); #endif if (err) goto leave; err = _gpgme_getenv ("DISPLAY", &dft_display); if (err) goto leave; if (dft_display) { if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { free (dft_display); err = gpg_error_from_syserror (); goto leave; } free (dft_display); err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; } if (isatty (1)) { int rc; rc = ttyname_r (1, dft_ttyname, sizeof (dft_ttyname)); /* Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g., when /dev/pts is not accessible under chroot. */ if (!rc) { if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; err = _gpgme_getenv ("TERM", &dft_ttytype); if (err) goto leave; if (dft_ttytype) { if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) { free (dft_ttytype); err = gpg_error_from_syserror (); goto leave; } free (dft_ttytype); err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; } } } #ifdef HAVE_W32_SYSTEM /* Under Windows we need to use AllowSetForegroundWindow. Tell g13 to tell us when it needs it. */ if (!err) { err = assuan_transact (g13->assuan_ctx, "OPTION allow-pinentry-notify", NULL, NULL, NULL, NULL, NULL, NULL); if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) err = 0; /* This is a new feature of g13. */ } #endif /*HAVE_W32_SYSTEM*/ leave: if (err) g13_release (g13); else *engine = g13; return err; }
/* Fork off the pin entry if this has not already been done. Note, that this function must always be used to aquire the lock for the pinentry - we will serialize _all_ pinentry calls. */ static int start_pinentry (ctrl_t ctrl) { int rc = 0; const char *pgmname; assuan_context_t ctx; const char *argv[5]; int no_close_list[3]; int i; const char *tmpstr; unsigned long pinentry_pid; const char *value; struct timespec abstime; int err; npth_clock_gettime (&abstime); abstime.tv_sec += LOCK_TIMEOUT; err = npth_mutex_timedlock (&entry_lock, &abstime); if (err) { if (err == ETIMEDOUT) rc = gpg_error (GPG_ERR_TIMEOUT); else rc = gpg_error_from_errno (rc); log_error (_("failed to acquire the pinentry lock: %s\n"), gpg_strerror (rc)); return rc; } entry_owner = ctrl; if (entry_ctx) return 0; if (opt.verbose) log_info ("starting a new PIN Entry\n"); #ifdef HAVE_W32_SYSTEM fflush (stdout); fflush (stderr); #endif if (fflush (NULL)) { #ifndef HAVE_W32_SYSTEM gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); #endif log_error ("error flushing pending output: %s\n", strerror (errno)); /* At least Windows XP fails here with EBADF. According to docs and Wine an fflush(NULL) is the same as _flushall. However the Wime implementaion does not flush stdin,stdout and stderr - see above. Lets try to ignore the error. */ #ifndef HAVE_W32_SYSTEM return unlock_pinentry (tmperr); #endif } if (!opt.pinentry_program || !*opt.pinentry_program) opt.pinentry_program = gnupg_module_name (GNUPG_MODULE_NAME_PINENTRY); pgmname = opt.pinentry_program; if ( !(pgmname = strrchr (opt.pinentry_program, '/'))) pgmname = opt.pinentry_program; else pgmname++; /* OS X needs the entire file name in argv[0], so that it can locate the resource bundle. For other systems we stick to the usual convention of supplying only the name of the program. */ #ifdef __APPLE__ argv[0] = opt.pinentry_program; #else /*!__APPLE__*/ argv[0] = pgmname; #endif /*__APPLE__*/ if (!opt.keep_display && (value = session_env_getenv (ctrl->session_env, "DISPLAY"))) { argv[1] = "--display"; argv[2] = value; argv[3] = NULL; } else argv[1] = NULL; i=0; if (!opt.running_detached) { if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); } no_close_list[i] = -1; rc = assuan_new (&ctx); if (rc) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc)); return rc; } /* We don't want to log the pinentry communication to make the logs easier to read. We might want to add a new debug option to enable pinentry logging. */ #ifdef ASSUAN_NO_LOGGING assuan_set_flag (ctx, ASSUAN_NO_LOGGING, 1); #endif /* Connect to the pinentry and perform initial handshaking. Note that atfork is used to change the environment for pinentry. We start the server in detached mode to suppress the console window under Windows. */ rc = assuan_pipe_connect (ctx, opt.pinentry_program, argv, no_close_list, atfork_cb, ctrl, ASSUAN_PIPE_CONNECT_DETACHED); if (rc) { log_error ("can't connect to the PIN entry module '%s': %s\n", opt.pinentry_program, gpg_strerror (rc)); assuan_release (ctx); return unlock_pinentry (gpg_error (GPG_ERR_NO_PIN_ENTRY)); } entry_ctx = ctx; if (DBG_ASSUAN) log_debug ("connection to PIN entry established\n"); rc = assuan_transact (entry_ctx, opt.no_grab? "OPTION no-grab":"OPTION grab", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) return unlock_pinentry (rc); value = session_env_getenv (ctrl->session_env, "GPG_TTY"); if (value) { char *optstr; if (asprintf (&optstr, "OPTION ttyname=%s", value) < 0 ) return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); if (rc) return unlock_pinentry (rc); } value = session_env_getenv (ctrl->session_env, "TERM"); if (value) { char *optstr; if (asprintf (&optstr, "OPTION ttytype=%s", value) < 0 ) return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); if (rc) return unlock_pinentry (rc); } if (ctrl->lc_ctype) { char *optstr; if (asprintf (&optstr, "OPTION lc-ctype=%s", ctrl->lc_ctype) < 0 ) return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); if (rc) return unlock_pinentry (rc); } if (ctrl->lc_messages) { char *optstr; if (asprintf (&optstr, "OPTION lc-messages=%s", ctrl->lc_messages) < 0 ) return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); if (rc) return unlock_pinentry (rc); } { /* Provide a few default strings for use by the pinentries. This may help a pinentry to avoid implementing localization code. */ static struct { const char *key, *value; } tbl[] = { /* TRANSLATORS: These are labels for buttons etc used in Pinentries. An underscore indicates that the next letter should be used as an accelerator. Double the underscore for a literal one. The actual to be translated text starts after the second vertical bar. */ { "ok", N_("|pinentry-label|_OK") }, { "cancel", N_("|pinentry-label|_Cancel") }, { "prompt", N_("|pinentry-label|PIN:") }, { NULL, NULL} }; char *optstr; int idx; const char *s, *s2; for (idx=0; tbl[idx].key; idx++) { s = _(tbl[idx].value); if (*s == '|' && (s2=strchr (s+1,'|'))) s = s2+1; if (asprintf (&optstr, "OPTION default-%s=%s", tbl[idx].key, s) < 0 ) return unlock_pinentry (out_of_core ()); assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); } } /* Tell the pinentry the name of a file it shall touch after having messed with the tty. This is optional and only supported by newer pinentries and thus we do no error checking. */ tmpstr = opt.pinentry_touch_file; if (tmpstr && !strcmp (tmpstr, "/dev/null")) tmpstr = NULL; else if (!tmpstr) tmpstr = get_agent_socket_name (); if (tmpstr) { char *optstr; if (asprintf (&optstr, "OPTION touch-file=%s", tmpstr ) < 0 ) ; else { assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); xfree (optstr); } } /* Now ask the Pinentry for its PID. If the Pinentry is new enough it will send the pid back and we will use an inquire to notify our client. The client may answer the inquiry either with END or with CAN to cancel the pinentry. */ rc = assuan_transact (entry_ctx, "GETINFO pid", getinfo_pid_cb, &pinentry_pid, NULL, NULL, NULL, NULL); if (rc) { log_info ("You may want to update to a newer pinentry\n"); rc = 0; } else if (!rc && (pid_t)pinentry_pid == (pid_t)(-1)) log_error ("pinentry did not return a PID\n"); else { rc = agent_inq_pinentry_launched (ctrl, pinentry_pid); if (gpg_err_code (rc) == GPG_ERR_CANCELED || gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED) return unlock_pinentry (gpg_err_make (GPG_ERR_SOURCE_DEFAULT, gpg_err_code (rc))); rc = 0; } return 0; }
int ask_user_consent(sc_card_t *card) { int res; struct stat buf; const char *argv[3]; assuan_fd_t noclosefds[2]; assuan_context_t ctx; if ( (card==NULL) || (card->ctx==NULL)) return SC_ERROR_INVALID_ARGUMENTS; get_user_consent_env(card->ctx); res=stat(user_consent_app,&buf); if (res!=0) { /* TODO: check that pinentry file is executable */ sc_debug(card->ctx,SC_LOG_DEBUG_NORMAL,"Invalid pinentry application: %s\n",user_consent_app); SC_FUNC_RETURN(card->ctx,SC_LOG_DEBUG_NORMAL,SC_ERROR_INVALID_ARGUMENTS); } argv[0]=user_consent_app; argv[1]=NULL; argv[2]=NULL; noclosefds[0]= fileno(stderr); noclosefds[1]= ASSUAN_INVALID_FD; #ifdef HAVE_ASSUAN_2 res = assuan_new(&ctx); if (res!=0) { sc_debug(card->ctx,SC_LOG_DEBUG_NORMAL,"Can't create the User Consent environment: %s\n",_gpg_error(res)); SC_FUNC_RETURN(card->ctx,SC_LOG_DEBUG_NORMAL,SC_ERROR_INVALID_ARGUMENTS); } res = assuan_pipe_connect(ctx,user_consent_app,argv,noclosefds,NULL,NULL,0); #else res = assuan_pipe_connect(&ctx,user_consent_app,argv,0); #endif if (res!=0) { sc_debug(card->ctx,SC_LOG_DEBUG_NORMAL,"Can't connect to the User Consent module: %s\n",_gpg_error(res)); res=SC_ERROR_INVALID_ARGUMENTS; /* invalid or not available pinentry */ goto exit; } res = assuan_transact( ctx, "SETDESC Está a punto de realizar una firma electrónica con su clave de FIRMA del DNI electrónico.¿Desea permitir esta operación?", NULL, NULL, NULL, NULL, NULL, NULL); if (res!=0) { sc_debug(card->ctx,SC_LOG_DEBUG_NORMAL,"SETDESC: %s\n", _gpg_error(res)); res=SC_ERROR_CARD_CMD_FAILED; /* perhaps should use a better errcode */ goto exit; } res = assuan_transact(ctx,"CONFIRM",NULL,NULL,NULL,NULL,NULL,NULL); #ifdef HAVE_ASSUAN_1 if (res == ASSUAN_Canceled) { sc_debug(card->ctx,SC_LOG_DEBUG_VERBOSE,"Sign cancelled by user"); res= SC_ERROR_NOT_ALLOWED; goto exit; } #endif if (res) { sc_debug(card->ctx,SC_LOG_DEBUG_NORMAL,"SETERROR: %s\n",_gpg_error(res)); res=SC_ERROR_SECURITY_STATUS_NOT_SATISFIED; } else { res=SC_SUCCESS; } exit: #ifdef HAVE_ASSUAN_2 assuan_release(ctx); #else assuan_disconnect(ctx); #endif SC_FUNC_RETURN(card->ctx,SC_LOG_DEBUG_NORMAL,res); }
/* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting. Returns a new assuan context at R_CTX or an error code. */ gpg_error_t start_new_gpg_agent (assuan_context_t *r_ctx, gpg_err_source_t errsource, const char *homedir, const char *agent_program, const char *opt_lc_ctype, const char *opt_lc_messages, session_env_t session_env, int verbose, int debug, gpg_error_t (*status_cb)(ctrl_t, int, ...), ctrl_t status_cb_arg) { /* If we ever failed to connect via a socket we will force the use of the pipe based server for the lifetime of the process. */ static int force_pipe_server = 0; gpg_error_t err = 0; char *infostr, *p; assuan_context_t ctx; int did_success_msg = 0; *r_ctx = NULL; err = assuan_new (&ctx); if (err) { log_error ("error allocating assuan context: %s\n", gpg_strerror (err)); return err; } restart: infostr = force_pipe_server? NULL : getenv ("GPG_AGENT_INFO"); if (!infostr || !*infostr) { char *sockname; const char *argv[3]; pid_t pid; int excode; /* First check whether we can connect at the standard socket. */ sockname = make_filename (homedir, "S.gpg-agent", NULL); err = assuan_socket_connect (ctx, sockname, 0, 0); if (err) { /* With no success start a new server. */ if (!agent_program || !*agent_program) agent_program = gnupg_module_name (GNUPG_MODULE_NAME_AGENT); if (verbose) log_info (_("no running gpg-agent - starting '%s'\n"), agent_program); if (status_cb) status_cb (status_cb_arg, STATUS_PROGRESS, "starting_agent ? 0 0", NULL); if (fflush (NULL)) { gpg_error_t tmperr = gpg_err_make (errsource, gpg_err_code_from_syserror ()); log_error ("error flushing pending output: %s\n", strerror (errno)); xfree (sockname); assuan_release (ctx); return tmperr; } argv[0] = "--use-standard-socket-p"; argv[1] = NULL; err = gnupg_spawn_process_fd (agent_program, argv, -1, -1, -1, &pid); if (err) log_debug ("starting '%s' for testing failed: %s\n", agent_program, gpg_strerror (err)); else if ((err = gnupg_wait_process (agent_program, pid, 1, &excode))) { if (excode == -1) log_debug ("running '%s' for testing failed (wait): %s\n", agent_program, gpg_strerror (err)); } gnupg_release_process (pid); if (!err && !excode) { /* If the agent has been configured for use with a standard socket, an environment variable is not required and thus we we can savely start the agent here. */ lock_spawn_t lock; argv[0] = "--daemon"; argv[1] = "--use-standard-socket"; argv[2] = NULL; if (!(err = lock_spawning (&lock, homedir, "agent", verbose)) && assuan_socket_connect (ctx, sockname, 0, 0)) { err = gnupg_spawn_process_detached (agent_program, argv,NULL); if (err) log_error ("failed to start agent '%s': %s\n", agent_program, gpg_strerror (err)); else { int i; for (i=0; i < SECS_TO_WAIT_FOR_AGENT; i++) { if (verbose) log_info (_("waiting for the agent " "to come up ... (%ds)\n"), SECS_TO_WAIT_FOR_AGENT - i); gnupg_sleep (1); err = assuan_socket_connect (ctx, sockname, 0, 0); if (!err) { if (verbose) { log_info (_("connection to agent " "established\n")); did_success_msg = 1; } break; } } } } unlock_spawning (&lock, "agent"); } else { /* If using the standard socket is not the default we start the agent as a pipe server which gives us most of the required features except for passphrase caching etc. */ const char *pgmname; int no_close_list[3]; int i; if ( !(pgmname = strrchr (agent_program, '/'))) pgmname = agent_program; else pgmname++; argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); no_close_list[i] = -1; /* Connect to the agent and perform initial handshaking. */ err = assuan_pipe_connect (ctx, agent_program, argv, no_close_list, NULL, NULL, 0); } } xfree (sockname); } else { int prot; int pid; infostr = xstrdup (infostr); if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) { log_error (_("malformed GPG_AGENT_INFO environment variable\n")); xfree (infostr); force_pipe_server = 1; goto restart; } *p++ = 0; pid = atoi (p); while (*p && *p != PATHSEP_C) p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("gpg-agent protocol version %d is not supported\n"), prot); xfree (infostr); force_pipe_server = 1; goto restart; } err = assuan_socket_connect (ctx, infostr, pid, 0); xfree (infostr); if (gpg_err_code (err) == GPG_ERR_ASS_CONNECT_FAILED) { log_info (_("can't connect to the agent - trying fall back\n")); force_pipe_server = 1; goto restart; } } if (err) { log_error ("can't connect to the agent: %s\n", gpg_strerror (err)); assuan_release (ctx); return gpg_err_make (errsource, GPG_ERR_NO_AGENT); } if (debug && !did_success_msg) log_debug (_("connection to agent established\n")); err = assuan_transact (ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (!err) err = send_pinentry_environment (ctx, errsource, opt_lc_ctype, opt_lc_messages, session_env); if (err) { assuan_release (ctx); return err; } *r_ctx = ctx; return 0; }
int ask_user_auth() { int r; const char *argv[3]; const char *pgmname = PIN_ENTRY; ASSUAN_CONTEXT ctx; gchar buf[500]; gsize buflen = sizeof(buf); gchar *buf_conv_ptr = NULL; const char *local_charset, *default_charset; gsize bytes_read=0, bytes_written=0; gboolean is_utf8; memset(buf, 0, buflen); default_charset = setlocale(LC_CTYPE, ""); setlocale(LC_ALL, ""); bindtextdomain(PACKAGE, "/usr/share/locale"); textdomain(PACKAGE); argv[0] = pgmname; argv[1] = NULL; r = assuan_pipe_connect(&ctx, pgmname, (char **) argv, 0); if (r) { printf(i18n("Can't connect to the PIN entry module: %s\n"), assuan_strerror((AssuanError) r)); goto err; } sprintf(buf, i18n("SETDESC Está a punto de realizar una firma electrónica con su clave de FIRMA del DNI electrónico. ¿Desea permitir esta operación?")); is_utf8 = g_get_charset(&local_charset); buf_conv_ptr = g_convert_with_fallback(buf, buflen, local_charset, "UTF-8", NULL, &bytes_read, &bytes_written, NULL); if(!buf_conv_ptr) { printf(i18n("Error converting string to locale charset.\n")); goto err; } r = assuan_transact(ctx, buf_conv_ptr, NULL, NULL, NULL, NULL, NULL, NULL); if (r) { printf("SETDESC: %s\n", assuan_strerror((AssuanError) r)); goto err; } while (1) { r = assuan_transact(ctx, "CONFIRM", NULL, NULL, NULL, NULL, NULL, NULL); if (r == ASSUAN_Canceled) { assuan_disconnect(ctx); return -2; } if (r) { printf("SETERROR: %s\n", assuan_strerror((AssuanError) r)); goto err; } if (r == 0) break; } assuan_disconnect(ctx); return 0; err: assuan_disconnect(ctx); return -1; }
/* This is a compatibility function for GPGSM 2.0.0, which does not support the --data option with the EXPORT command. */ static gpg_error_t export_cert_compat (char *fpr, struct cert *cert) { gpg_error_t err; assuan_context_t ctx; const char *argv[] = { "gpgsm", "--server", NULL }; int got; #define COMMANDLINELEN 80 char cmd[COMMANDLINELEN]; int output_fds[2]; int child_fds[2]; #define MAX_CERT_SIZE 4096 cert->cert_der = malloc (MAX_CERT_SIZE); if (!cert->cert_der) return gpg_error_from_syserror (); if(pipe (output_fds) < 0) return gpg_error_from_syserror (); child_fds[0] = assuan_fd_from_posix_fd (output_fds[1]); child_fds[1] = -1; err = assuan_new (&ctx); if (err) { close (output_fds[0]); close (output_fds[1]); DEBUG (DBG_CRIT, "failed to allocate assuan context: %s\n", gpg_strerror (err)); return err; } err = assuan_pipe_connect (ctx, get_gpgsm_path (), argv, child_fds, NULL, NULL, 128); close (output_fds[1]); if (err) { close (output_fds[0]); assuan_release (ctx); DEBUG (DBG_CRIT, "failed to spawn %s\n", get_gpgsm_path ()); return err; } snprintf (cmd, sizeof (cmd), "OUTPUT FD=%i", output_fds[1]); err = assuan_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL); if (err) goto export_out; /* FIXME: This will only work if the certificate is small and fits into the pipe buffer completely!!! */ snprintf (cmd, sizeof (cmd), "EXPORT %s\n", cert->fpr); err = assuan_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL); if (err) goto export_out; do { got = read (output_fds[0], cert->cert_der + cert->cert_der_len, MAX_CERT_SIZE - cert->cert_der_len); if (got > 0) cert->cert_der_len += got; } while (!err && got > 0 && cert->cert_der_len < MAX_CERT_SIZE); if (got < 0 || cert->cert_der_len == MAX_CERT_SIZE) err = gpg_error (GPG_ERR_GENERAL); export_out: assuan_release (ctx); close (output_fds[0]); return err; }
/* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting */ static int start_dirmngr_ext (ctrl_t ctrl, assuan_context_t *ctx_r) { int rc; char *infostr, *p; assuan_context_t ctx = NULL; int try_default = 0; if (opt.disable_dirmngr) return gpg_error (GPG_ERR_NO_DIRMNGR); if (*ctx_r) return 0; /* Note: if you change this to multiple connections, you also need to take care of the implicit option sending caching. */ #ifdef HAVE_W32_SYSTEM infostr = NULL; opt.prefer_system_dirmngr = 1; #else infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO"); #endif /*HAVE_W32_SYSTEM*/ if (infostr && !*infostr) infostr = NULL; else if (infostr) infostr = xstrdup (infostr); if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr) { infostr = xstrdup (dirmngr_socket_name ()); try_default = 1; } rc = assuan_new (&ctx); if (rc) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc)); return rc; } if (!infostr) { const char *pgmname; const char *argv[3]; int no_close_list[3]; int i; if (!opt.dirmngr_program || !*opt.dirmngr_program) opt.dirmngr_program = gnupg_module_name (GNUPG_MODULE_NAME_DIRMNGR); if ( !(pgmname = strrchr (opt.dirmngr_program, '/'))) pgmname = opt.dirmngr_program; else pgmname++; if (opt.verbose) log_info (_("no running dirmngr - starting `%s'\n"), opt.dirmngr_program); if (fflush (NULL)) { gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); return tmperr; } argv[0] = pgmname; argv[1] = "--server"; argv[2] = NULL; i=0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); no_close_list[i] = -1; /* connect to the agent and perform initial handshaking */ rc = assuan_pipe_connect (ctx, opt.dirmngr_program, argv, no_close_list, NULL, NULL, 0); } else { int prot; int pid; if (!try_default) { if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr) { log_error (_("malformed DIRMNGR_INFO environment variable\n")); xfree (infostr); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } *p++ = 0; pid = atoi (p); while (*p && *p != PATHSEP_C) p++; prot = *p? atoi (p+1) : 0; if (prot != 1) { log_error (_("dirmngr protocol version %d is not supported\n"), prot); xfree (infostr); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } } else pid = -1; rc = assuan_socket_connect (ctx, infostr, pid, 0); #ifdef HAVE_W32_SYSTEM if (rc) log_debug ("connecting dirmngr at `%s' failed\n", infostr); #endif xfree (infostr); #ifndef HAVE_W32_SYSTEM if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED) { log_info (_("can't connect to the dirmngr - trying fall back\n")); force_pipe_server = 1; return start_dirmngr_ext (ctrl, ctx_r); } #endif /*!HAVE_W32_SYSTEM*/ } prepare_dirmngr (ctrl, ctx, rc); if (rc) { assuan_release (ctx); log_error ("can't connect to the dirmngr: %s\n", gpg_strerror (rc)); return gpg_error (GPG_ERR_NO_DIRMNGR); } *ctx_r = ctx; if (DBG_ASSUAN) log_debug ("connection to dirmngr established\n"); return 0; }
static gpgme_error_t gpgsm_new(void **engine, const char *file_name, const char *home_dir) { gpgme_error_t err = 0; engine_gpgsm_t gpgsm; const char *argv[5]; int argc; #if !USE_DESCRIPTOR_PASSING int fds[2]; int child_fds[4]; #endif char *dft_display = NULL; char dft_ttyname[64]; char *dft_ttytype = NULL; char *optstr; gpgsm = calloc(1, sizeof * gpgsm); if(!gpgsm) return gpg_error_from_errno(errno); gpgsm->status_cb.fd = -1; gpgsm->status_cb.dir = 1; gpgsm->status_cb.tag = 0; gpgsm->status_cb.data = gpgsm; gpgsm->input_cb.fd = -1; gpgsm->input_cb.dir = 0; gpgsm->input_cb.tag = 0; gpgsm->input_cb.server_fd = -1; gpgsm->output_cb.fd = -1; gpgsm->output_cb.dir = 1; gpgsm->output_cb.tag = 0; gpgsm->output_cb.server_fd = -1; gpgsm->message_cb.fd = -1; gpgsm->message_cb.dir = 0; gpgsm->message_cb.tag = 0; gpgsm->message_cb.server_fd = -1; gpgsm->status.fnc = 0; gpgsm->colon.fnc = 0; gpgsm->colon.attic.line = 0; gpgsm->colon.attic.linesize = 0; gpgsm->colon.attic.linelen = 0; gpgsm->colon.any = 0; gpgsm->io_cbs.add = NULL; gpgsm->io_cbs.add_priv = NULL; gpgsm->io_cbs.remove = NULL; gpgsm->io_cbs.event = NULL; gpgsm->io_cbs.event_priv = NULL; #if !USE_DESCRIPTOR_PASSING if(_gpgme_io_pipe(fds, 0) < 0) { err = gpg_error_from_errno(errno); goto leave; } gpgsm->input_cb.fd = fds[1]; gpgsm->input_cb.server_fd = fds[0]; if(_gpgme_io_pipe(fds, 1) < 0) { err = gpg_error_from_errno(errno); goto leave; } gpgsm->output_cb.fd = fds[0]; gpgsm->output_cb.server_fd = fds[1]; if(_gpgme_io_pipe(fds, 0) < 0) { err = gpg_error_from_errno(errno); goto leave; } gpgsm->message_cb.fd = fds[1]; gpgsm->message_cb.server_fd = fds[0]; child_fds[0] = gpgsm->input_cb.server_fd; child_fds[1] = gpgsm->output_cb.server_fd; child_fds[2] = gpgsm->message_cb.server_fd; child_fds[3] = -1; #endif argc = 0; argv[argc++] = "gpgsm"; if(home_dir) { argv[argc++] = "--homedir"; argv[argc++] = home_dir; } argv[argc++] = "--server"; argv[argc++] = NULL; #if USE_DESCRIPTOR_PASSING err = assuan_pipe_connect_ext (&gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path(), argv, NULL, NULL, NULL, 1); #else err = assuan_pipe_connect (&gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path(), argv, child_fds); #endif if(err) goto leave; err = _gpgme_getenv("DISPLAY", &dft_display); if(err) goto leave; if(dft_display) { if(asprintf(&optstr, "OPTION display=%s", dft_display) < 0) { free(dft_display); err = gpg_error_from_errno(errno); goto leave; } free(dft_display); err = assuan_transact(gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free(optstr); if(err) { err = map_assuan_error(err); goto leave; } } if(isatty(1)) { if(ttyname_r(1, dft_ttyname, sizeof(dft_ttyname))) { err = gpg_error_from_errno(errno); goto leave; } else { if(asprintf(&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_errno(errno); goto leave; } err = assuan_transact(gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free(optstr); if(err) { err = map_assuan_error(err); goto leave; } err = _gpgme_getenv("TERM", &dft_ttytype); if(err) goto leave; if(dft_ttytype) { if(asprintf(&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) { free(dft_ttytype); err = gpg_error_from_errno(errno); goto leave; } free(dft_ttytype); err = assuan_transact(gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free(optstr); if(err) { err = map_assuan_error(err); goto leave; } } } } #if !USE_DESCRIPTOR_PASSING if(!err && (_gpgme_io_set_close_notify(gpgsm->input_cb.fd, close_notify_handler, gpgsm) || _gpgme_io_set_close_notify(gpgsm->output_cb.fd, close_notify_handler, gpgsm) || _gpgme_io_set_close_notify(gpgsm->message_cb.fd, close_notify_handler, gpgsm))) { err = gpg_error(GPG_ERR_GENERAL); goto leave; } #endif leave: /* Close the server ends of the pipes. Our ends are closed in gpgsm_release(). */ #if !USE_DESCRIPTOR_PASSING if(gpgsm->input_cb.server_fd != -1) _gpgme_io_close(gpgsm->input_cb.server_fd); if(gpgsm->output_cb.server_fd != -1) _gpgme_io_close(gpgsm->output_cb.server_fd); if(gpgsm->message_cb.server_fd != -1) _gpgme_io_close(gpgsm->message_cb.server_fd); #endif if(err) gpgsm_release(gpgsm); else *engine = gpgsm; return err; }
/* Fire up a new GPG. Handle the server's initial greeting. Returns 0 on success and stores the assuan context at R_CTX. */ static gpg_error_t start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx) { gpg_error_t err; assuan_context_t ctx = NULL; const char *pgmname; const char *argv[10]; int no_close_list[5]; int i; char line[ASSUAN_LINELENGTH]; (void)ctrl; *r_ctx = NULL; err = assuan_new (&ctx); if (err) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (err)); return err; } /* The first time we are used, intialize the gpg_program variable. */ if ( !opt.gpg_program || !*opt.gpg_program ) opt.gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG); if (opt.verbose) log_info (_("no running gpg - starting '%s'\n"), opt.gpg_program); /* Compute argv[0]. */ if ( !(pgmname = strrchr (opt.gpg_program, '/'))) pgmname = opt.gpg_program; else pgmname++; if (fflush (NULL)) { err = gpg_error_from_syserror (); log_error ("error flushing pending output: %s\n", gpg_strerror (err)); return err; } i = 0; argv[i++] = pgmname; argv[i++] = "--server"; if ((opt.debug & 1024)) argv[i++] = "--debug=1024"; argv[i++] = "-z"; argv[i++] = "0"; argv[i++] = "--trust-model"; argv[i++] = "always"; argv[i++] = NULL; i = 0; if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); if (input_fd != -1) no_close_list[i++] = assuan_fd_from_posix_fd (input_fd); if (output_fd != -1) no_close_list[i++] = assuan_fd_from_posix_fd (output_fd); no_close_list[i] = -1; /* Connect to GPG and perform initial handshaking. */ err = assuan_pipe_connect (ctx, opt.gpg_program, argv, no_close_list, NULL, NULL, 0); if (err) { assuan_release (ctx); log_error ("can't connect to GPG: %s\n", gpg_strerror (err)); return gpg_error (GPG_ERR_NO_ENGINE); } if (input_fd != -1) { snprintf (line, sizeof line, "INPUT FD=%d", input_fd); err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (err) { assuan_release (ctx); log_error ("error sending INPUT command: %s\n", gpg_strerror (err)); return err; } } if (output_fd != -1) { snprintf (line, sizeof line, "OUTPUT FD=%d", output_fd); err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); if (err) { assuan_release (ctx); log_error ("error sending OUTPUT command: %s\n", gpg_strerror (err)); return err; } } *r_ctx = ctx; if (DBG_ASSUAN) log_debug ("connection to GPG established\n"); return 0; }
static gpgme_error_t gpgsm_new (void **engine, const char *file_name, const char *home_dir) { gpgme_error_t err = 0; engine_gpgsm_t gpgsm; const char *argv[5]; int argc; #if !USE_DESCRIPTOR_PASSING int fds[2]; int child_fds[4]; #endif char *dft_display = NULL; char dft_ttyname[64]; char *dft_ttytype = NULL; char *optstr; gpgsm = calloc (1, sizeof *gpgsm); if (!gpgsm) return gpg_error_from_syserror (); gpgsm->status_cb.fd = -1; gpgsm->status_cb.dir = 1; gpgsm->status_cb.tag = 0; gpgsm->status_cb.data = gpgsm; gpgsm->input_cb.fd = -1; gpgsm->input_cb.dir = 0; gpgsm->input_cb.tag = 0; gpgsm->input_cb.server_fd = -1; *gpgsm->input_cb.server_fd_str = 0; gpgsm->output_cb.fd = -1; gpgsm->output_cb.dir = 1; gpgsm->output_cb.tag = 0; gpgsm->output_cb.server_fd = -1; *gpgsm->output_cb.server_fd_str = 0; gpgsm->message_cb.fd = -1; gpgsm->message_cb.dir = 0; gpgsm->message_cb.tag = 0; gpgsm->message_cb.server_fd = -1; *gpgsm->message_cb.server_fd_str = 0; gpgsm->status.fnc = 0; gpgsm->colon.fnc = 0; gpgsm->colon.attic.line = 0; gpgsm->colon.attic.linesize = 0; gpgsm->colon.attic.linelen = 0; gpgsm->colon.any = 0; gpgsm->inline_data = NULL; gpgsm->io_cbs.add = NULL; gpgsm->io_cbs.add_priv = NULL; gpgsm->io_cbs.remove = NULL; gpgsm->io_cbs.event = NULL; gpgsm->io_cbs.event_priv = NULL; #if !USE_DESCRIPTOR_PASSING if (_gpgme_io_pipe (fds, 0) < 0) { err = gpg_error_from_syserror (); goto leave; } gpgsm->input_cb.fd = fds[1]; gpgsm->input_cb.server_fd = fds[0]; if (_gpgme_io_pipe (fds, 1) < 0) { err = gpg_error_from_syserror (); goto leave; } gpgsm->output_cb.fd = fds[0]; gpgsm->output_cb.server_fd = fds[1]; if (_gpgme_io_pipe (fds, 0) < 0) { err = gpg_error_from_syserror (); goto leave; } gpgsm->message_cb.fd = fds[1]; gpgsm->message_cb.server_fd = fds[0]; child_fds[0] = gpgsm->input_cb.server_fd; child_fds[1] = gpgsm->output_cb.server_fd; child_fds[2] = gpgsm->message_cb.server_fd; child_fds[3] = -1; #endif argc = 0; argv[argc++] = "gpgsm"; if (home_dir) { argv[argc++] = "--homedir"; argv[argc++] = home_dir; } argv[argc++] = "--server"; argv[argc++] = NULL; err = assuan_new_ext (&gpgsm->assuan_ctx, GPG_ERR_SOURCE_GPGME, &_gpgme_assuan_malloc_hooks, _gpgme_assuan_log_cb, NULL); if (err) goto leave; assuan_ctx_set_system_hooks (gpgsm->assuan_ctx, &_gpgme_assuan_system_hooks); #if USE_DESCRIPTOR_PASSING err = assuan_pipe_connect (gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path (), argv, NULL, NULL, NULL, ASSUAN_PIPE_CONNECT_FDPASSING); #else { assuan_fd_t achild_fds[4]; int i; /* For now... */ for (i = 0; i < 4; i++) achild_fds[i] = (assuan_fd_t) child_fds[i]; err = assuan_pipe_connect (gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path (), argv, achild_fds, NULL, NULL, 0); /* For now... */ for (i = 0; i < 4; i++) child_fds[i] = (int) achild_fds[i]; } /* On Windows, handles are inserted in the spawned process with DuplicateHandle, and child_fds contains the server-local names for the inserted handles when assuan_pipe_connect returns. */ if (!err) { /* Note: We don't use _gpgme_io_fd2str here. On W32 the returned handles are real W32 system handles, not whatever GPGME uses internally (which may be a system handle, a C library handle or a GLib/Qt channel. Confusing, yes, but remember these are server-local names, so they are not part of GPGME at all. */ snprintf (gpgsm->input_cb.server_fd_str, sizeof gpgsm->input_cb.server_fd_str, "%d", child_fds[0]); snprintf (gpgsm->output_cb.server_fd_str, sizeof gpgsm->output_cb.server_fd_str, "%d", child_fds[1]); snprintf (gpgsm->message_cb.server_fd_str, sizeof gpgsm->message_cb.server_fd_str, "%d", child_fds[2]); } #endif if (err) goto leave; err = _gpgme_getenv ("DISPLAY", &dft_display); if (err) goto leave; if (dft_display) { if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { free (dft_display); err = gpg_error_from_syserror (); goto leave; } free (dft_display); err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; } if (isatty (1)) { int rc; rc = ttyname_r (1, dft_ttyname, sizeof (dft_ttyname)); if (rc) { err = gpg_error_from_errno (rc); goto leave; } else { if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; err = _gpgme_getenv ("TERM", &dft_ttytype); if (err) goto leave; if (dft_ttytype) { if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) { free (dft_ttytype); err = gpg_error_from_syserror (); goto leave; } free (dft_ttytype); err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); if (err) goto leave; } } } /* Ask gpgsm to enable the audit log support. */ if (!err) { err = assuan_transact (gpgsm->assuan_ctx, "OPTION enable-audit-log=1", NULL, NULL, NULL, NULL, NULL, NULL); if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) err = 0; /* This is an optional feature of gpgsm. */ } #ifdef HAVE_W32_SYSTEM /* Under Windows we need to use AllowSetForegroundWindow. Tell gpgsm to tell us when it needs it. */ if (!err) { err = assuan_transact (gpgsm->assuan_ctx, "OPTION allow-pinentry-notify", NULL, NULL, NULL, NULL, NULL, NULL); if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) err = 0; /* This is a new feature of gpgsm. */ } #endif /*HAVE_W32_SYSTEM*/ #if !USE_DESCRIPTOR_PASSING if (!err && (_gpgme_io_set_close_notify (gpgsm->input_cb.fd, close_notify_handler, gpgsm) || _gpgme_io_set_close_notify (gpgsm->output_cb.fd, close_notify_handler, gpgsm) || _gpgme_io_set_close_notify (gpgsm->message_cb.fd, close_notify_handler, gpgsm))) { err = gpg_error (GPG_ERR_GENERAL); goto leave; } #endif leave: /* Close the server ends of the pipes (because of this, we must use the stored server_fd_str in the function start). Our ends are closed in gpgsm_release(). */ #if !USE_DESCRIPTOR_PASSING if (gpgsm->input_cb.server_fd != -1) _gpgme_io_close (gpgsm->input_cb.server_fd); if (gpgsm->output_cb.server_fd != -1) _gpgme_io_close (gpgsm->output_cb.server_fd); if (gpgsm->message_cb.server_fd != -1) _gpgme_io_close (gpgsm->message_cb.server_fd); #endif if (err) gpgsm_release (gpgsm); else *engine = gpgsm; return err; }
/* Fork off the SCdaemon if this has not already been done. Lock the daemon and make sure that a proper context has been setup in CTRL. This function might also lock the daemon, which means that the caller must call unlock_scd after this fucntion has returned success and the actual Assuan transaction been done. */ static int start_scd (ctrl_t ctrl) { gpg_error_t err = 0; const char *pgmname; assuan_context_t ctx = NULL; const char *argv[3]; assuan_fd_t no_close_list[3]; int i; int rc; if (opt.disable_scdaemon) return gpg_error (GPG_ERR_NOT_SUPPORTED); /* If this is the first call for this session, setup the local data structure. */ if (!ctrl->scd_local) { ctrl->scd_local = xtrycalloc (1, sizeof *ctrl->scd_local); if (!ctrl->scd_local) return gpg_error_from_syserror (); ctrl->scd_local->ctrl_backlink = ctrl; ctrl->scd_local->next_local = scd_local_list; scd_local_list = ctrl->scd_local; } /* Assert that the lock count is as expected. */ if (ctrl->scd_local->locked) { log_error ("start_scd: invalid lock count (%d)\n", ctrl->scd_local->locked); return gpg_error (GPG_ERR_INTERNAL); } ctrl->scd_local->locked++; if (ctrl->scd_local->ctx) return 0; /* Okay, the context is fine. We used to test for an alive context here and do an disconnect. Now that we have a ticker function to check for it, it is easier not to check here but to let the connection run on an error instead. */ /* We need to protect the following code. */ rc = npth_mutex_lock (&start_scd_lock); if (rc) { log_error ("failed to acquire the start_scd lock: %s\n", strerror (rc)); return gpg_error (GPG_ERR_INTERNAL); } /* Check whether the pipe server has already been started and in this case either reuse a lingering pipe connection or establish a new socket based one. */ if (primary_scd_ctx && primary_scd_ctx_reusable) { ctx = primary_scd_ctx; primary_scd_ctx_reusable = 0; if (opt.verbose) log_info ("new connection to SCdaemon established (reusing)\n"); goto leave; } rc = assuan_new (&ctx); if (rc) { log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc)); err = rc; goto leave; } if (socket_name) { rc = assuan_socket_connect (ctx, socket_name, 0, 0); if (rc) { log_error ("can't connect to socket '%s': %s\n", socket_name, gpg_strerror (rc)); err = gpg_error (GPG_ERR_NO_SCDAEMON); goto leave; } if (opt.verbose) log_info ("new connection to SCdaemon established\n"); goto leave; } if (primary_scd_ctx) { log_info ("SCdaemon is running but won't accept further connections\n"); err = gpg_error (GPG_ERR_NO_SCDAEMON); goto leave; } /* Nope, it has not been started. Fire it up now. */ if (opt.verbose) log_info ("no running SCdaemon - starting it\n"); if (fflush (NULL)) { #ifndef HAVE_W32_SYSTEM err = gpg_error_from_syserror (); #endif log_error ("error flushing pending output: %s\n", strerror (errno)); /* At least Windows XP fails here with EBADF. According to docs and Wine an fflush(NULL) is the same as _flushall. However the Wime implementaion does not flush stdin,stdout and stderr - see above. Lets try to ignore the error. */ #ifndef HAVE_W32_SYSTEM goto leave; #endif } if (!opt.scdaemon_program || !*opt.scdaemon_program) opt.scdaemon_program = gnupg_module_name (GNUPG_MODULE_NAME_SCDAEMON); if ( !(pgmname = strrchr (opt.scdaemon_program, '/'))) pgmname = opt.scdaemon_program; else pgmname++; argv[0] = pgmname; argv[1] = "--multi-server"; argv[2] = NULL; i=0; if (!opt.running_detached) { if (log_get_fd () != -1) no_close_list[i++] = assuan_fd_from_posix_fd (log_get_fd ()); no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr)); } no_close_list[i] = ASSUAN_INVALID_FD; /* Connect to the scdaemon and perform initial handshaking. Use detached flag so that under Windows SCDAEMON does not show up a new window. */ rc = assuan_pipe_connect (ctx, opt.scdaemon_program, argv, no_close_list, atfork_cb, NULL, ASSUAN_PIPE_CONNECT_DETACHED); if (rc) { log_error ("can't connect to the SCdaemon: %s\n", gpg_strerror (rc)); err = gpg_error (GPG_ERR_NO_SCDAEMON); goto leave; } if (opt.verbose) log_debug ("first connection to SCdaemon established\n"); /* Get the name of the additional socket opened by scdaemon. */ { membuf_t data; unsigned char *databuf; size_t datalen; xfree (socket_name); socket_name = NULL; init_membuf (&data, 256); assuan_transact (ctx, "GETINFO socket_name", membuf_data_cb, &data, NULL, NULL, NULL, NULL); databuf = get_membuf (&data, &datalen); if (databuf && datalen) { socket_name = xtrymalloc (datalen + 1); if (!socket_name) log_error ("warning: can't store socket name: %s\n", strerror (errno)); else { memcpy (socket_name, databuf, datalen); socket_name[datalen] = 0; if (DBG_IPC) log_debug ("additional connections at '%s'\n", socket_name); } } xfree (databuf); } /* Tell the scdaemon we want him to send us an event signal. We don't support this for W32CE. */ #ifndef HAVE_W32CE_SYSTEM if (opt.sigusr2_enabled) { char buf[100]; #ifdef HAVE_W32_SYSTEM snprintf (buf, sizeof buf, "OPTION event-signal=%lx", (unsigned long)get_agent_scd_notify_event ()); #else snprintf (buf, sizeof buf, "OPTION event-signal=%d", SIGUSR2); #endif assuan_transact (ctx, buf, NULL, NULL, NULL, NULL, NULL, NULL); } #endif /*HAVE_W32CE_SYSTEM*/ primary_scd_ctx = ctx; primary_scd_ctx_reusable = 0; leave: if (err) { unlock_scd (ctrl, err); if (ctx) assuan_release (ctx); } else { ctrl->scd_local->ctx = ctx; } rc = npth_mutex_unlock (&start_scd_lock); if (rc) log_error ("failed to release the start_scd lock: %s\n", strerror (rc)); return err; }