2014-10-17 13:31:07 +02:00
|
|
|
|
/* dirmngr.c - Keyserver and X.509 LDAP access
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* Copyright (C) 2002 Klarälvdalens Datakonsult AB
|
2020-03-06 17:02:58 +01:00
|
|
|
|
* Copyright (C) 2003-2004, 2006-2007, 2008, 2010-2011, 2020 g10 Code GmbH
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* Copyright (C) 2014 Werner Koch
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* This file is part of GnuPG.
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
2010-06-09 16:53:51 +00:00
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2010-06-09 16:53:51 +00:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
2014-03-18 11:07:05 +01:00
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2020-02-21 21:45:13 +01:00
|
|
|
|
* SPDX-License-Identifier: GPL-3.0-or-later
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <stdarg.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <assert.h>
|
|
|
|
|
#include <time.h>
|
|
|
|
|
#include <fcntl.h>
|
2017-07-25 12:19:08 +02:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <sys/un.h>
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#endif
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <unistd.h>
|
2010-07-16 13:19:45 +00:00
|
|
|
|
#ifdef HAVE_SIGNAL_H
|
|
|
|
|
# include <signal.h>
|
|
|
|
|
#endif
|
2016-09-07 12:36:48 +02:00
|
|
|
|
#ifdef HAVE_INOTIFY_INIT
|
|
|
|
|
# include <sys/inotify.h>
|
|
|
|
|
#endif /*HAVE_INOTIFY_INIT*/
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
#include <npth.h>
|
2014-10-02 17:33:57 +02:00
|
|
|
|
|
|
|
|
|
#include "dirmngr-err.h"
|
|
|
|
|
|
|
|
|
|
#if HTTP_USE_NTBTLS
|
|
|
|
|
# include <ntbtls.h>
|
|
|
|
|
#elif HTTP_USE_GNUTLS
|
2014-05-05 16:09:45 +02:00
|
|
|
|
# include <gnutls/gnutls.h>
|
|
|
|
|
#endif /*HTTP_USE_GNUTLS*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
|
2020-02-10 16:37:34 +01:00
|
|
|
|
#define INCLUDED_BY_MAIN_MODULE 1
|
2015-04-24 16:10:15 +02:00
|
|
|
|
#define GNUPG_COMMON_NEED_AFLOCAL
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#include "dirmngr.h"
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
#include <assuan.h>
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
#include "certcache.h"
|
|
|
|
|
#include "crlcache.h"
|
|
|
|
|
#include "crlfetch.h"
|
|
|
|
|
#include "misc.h"
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
|
|
|
|
# include "ldapserver.h"
|
|
|
|
|
#endif
|
2017-03-07 20:21:23 +09:00
|
|
|
|
#include "../common/asshelp.h"
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
|
|
|
|
# include "ldap-wrapper.h"
|
|
|
|
|
#endif
|
2021-04-20 10:50:10 +02:00
|
|
|
|
#include "../common/comopt.h"
|
2012-02-06 20:50:47 +01:00
|
|
|
|
#include "../common/init.h"
|
2017-03-07 20:21:23 +09:00
|
|
|
|
#include "../common/gc-opt-flags.h"
|
2015-11-12 13:20:18 +01:00
|
|
|
|
#include "dns-stuff.h"
|
2017-03-02 18:17:58 +01:00
|
|
|
|
#include "http-common.h"
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2014-12-01 09:50:55 +01:00
|
|
|
|
#ifndef ENAMETOOLONG
|
|
|
|
|
# define ENAMETOOLONG EINVAL
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-07-16 13:19:45 +00:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
enum cmd_and_opt_values {
|
|
|
|
|
aNull = 0,
|
|
|
|
|
oCsh = 'c',
|
|
|
|
|
oQuiet = 'q',
|
|
|
|
|
oSh = 's',
|
|
|
|
|
oVerbose = 'v',
|
|
|
|
|
oNoVerbose = 500,
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
aServer,
|
|
|
|
|
aDaemon,
|
2016-10-26 16:37:08 -04:00
|
|
|
|
aSupervised,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
aListCRLs,
|
|
|
|
|
aLoadCRL,
|
|
|
|
|
aFetchCRL,
|
|
|
|
|
aShutdown,
|
|
|
|
|
aFlush,
|
|
|
|
|
aGPGConfList,
|
|
|
|
|
aGPGConfTest,
|
2020-10-02 12:26:02 +02:00
|
|
|
|
aGPGConfVersions,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
oOptions,
|
|
|
|
|
oDebug,
|
|
|
|
|
oDebugAll,
|
|
|
|
|
oDebugWait,
|
|
|
|
|
oDebugLevel,
|
2014-05-05 16:09:45 +02:00
|
|
|
|
oGnutlsDebug,
|
2022-08-31 18:11:36 +02:00
|
|
|
|
oDebugCacheExpiredCerts,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oNoGreeting,
|
|
|
|
|
oNoOptions,
|
|
|
|
|
oHomedir,
|
|
|
|
|
oNoDetach,
|
|
|
|
|
oLogFile,
|
|
|
|
|
oBatch,
|
|
|
|
|
oDisableHTTP,
|
|
|
|
|
oDisableLDAP,
|
2017-01-24 16:36:28 +01:00
|
|
|
|
oDisableIPv4,
|
2017-04-03 20:56:12 +02:00
|
|
|
|
oDisableIPv6,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oIgnoreLDAPDP,
|
|
|
|
|
oIgnoreHTTPDP,
|
|
|
|
|
oIgnoreOCSPSvcUrl,
|
|
|
|
|
oHonorHTTPProxy,
|
|
|
|
|
oHTTPProxy,
|
|
|
|
|
oLDAPProxy,
|
|
|
|
|
oOnlyLDAPProxy,
|
2021-05-26 15:49:14 +02:00
|
|
|
|
oLDAPServer,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oLDAPFile,
|
|
|
|
|
oLDAPTimeout,
|
|
|
|
|
oLDAPAddServers,
|
|
|
|
|
oOCSPResponder,
|
|
|
|
|
oOCSPSigner,
|
|
|
|
|
oOCSPMaxClockSkew,
|
|
|
|
|
oOCSPMaxPeriod,
|
|
|
|
|
oOCSPCurrentPeriod,
|
|
|
|
|
oMaxReplies,
|
2014-05-05 16:09:45 +02:00
|
|
|
|
oHkpCaCert,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oFakedSystemTime,
|
|
|
|
|
oForce,
|
|
|
|
|
oAllowOCSP,
|
2016-11-17 10:14:14 +01:00
|
|
|
|
oAllowVersionCheck,
|
2021-11-13 14:46:19 +01:00
|
|
|
|
oStealSocket,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oSocketName,
|
|
|
|
|
oLDAPWrapperProgram,
|
|
|
|
|
oHTTPWrapperProgram,
|
2021-10-06 10:31:41 +02:00
|
|
|
|
oIgnoreCert,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
oIgnoreCertExtension,
|
2015-09-18 16:17:11 +02:00
|
|
|
|
oUseTor,
|
2017-02-01 17:54:14 +01:00
|
|
|
|
oNoUseTor,
|
2015-10-05 17:44:20 +02:00
|
|
|
|
oKeyServer,
|
2015-11-12 13:20:18 +01:00
|
|
|
|
oNameServer,
|
2016-09-07 12:36:48 +02:00
|
|
|
|
oDisableCheckOwnSocket,
|
2016-12-01 15:45:51 +01:00
|
|
|
|
oStandardResolver,
|
2016-12-14 15:36:25 +01:00
|
|
|
|
oRecursiveResolver,
|
2016-12-20 09:53:58 +01:00
|
|
|
|
oResolverTimeout,
|
2017-06-08 09:30:48 +02:00
|
|
|
|
oConnectTimeout,
|
|
|
|
|
oConnectQuickTimeout,
|
2017-12-12 14:14:40 +01:00
|
|
|
|
oListenBacklog,
|
2023-03-16 14:52:28 +01:00
|
|
|
|
oFakeCRL,
|
2010-06-09 16:53:51 +00:00
|
|
|
|
aTest
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-02-21 21:45:13 +01:00
|
|
|
|
static gpgrt_opt_t opts[] = {
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
|
|
|
|
|
ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
|
2020-10-02 12:26:02 +02:00
|
|
|
|
ARGPARSE_c (aGPGConfVersions, "gpgconf-versions", "@"),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_group (300, N_("@Commands:\n ")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
|
|
|
|
|
ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
|
2016-10-27 09:27:03 +02:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2022-04-25 12:03:45 +02:00
|
|
|
|
ARGPARSE_c (aSupervised, "supervised", "@"),
|
2016-10-27 09:27:03 +02:00
|
|
|
|
#endif
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
|
|
|
|
|
ARGPARSE_c (aShutdown, "shutdown", N_("shutdown the dirmngr")),
|
|
|
|
|
ARGPARSE_c (aFlush, "flush", N_("flush the cache")),
|
|
|
|
|
|
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_header (NULL, N_("Options used for startup")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
|
|
|
|
|
ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
|
2021-11-13 14:46:19 +01:00
|
|
|
|
ARGPARSE_s_n (oStealSocket, "steal-socket", "@"),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_s (oHomedir, "homedir", "@"),
|
2020-02-21 21:45:13 +01:00
|
|
|
|
ARGPARSE_conffile (oOptions, "options", N_("|FILE|read options from FILE")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_noconffile (oNoOptions, "no-options", "@"),
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ARGPARSE_header ("Monitor", N_("Options controlling the diagnostic output")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
|
|
|
|
|
ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
|
|
|
|
|
ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oDebugLevel, "debug-level",
|
|
|
|
|
N_("|LEVEL|set the debugging level to LEVEL")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_s (oDebug, "debug", "@"),
|
|
|
|
|
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
|
|
|
|
|
ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
|
|
|
|
|
ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
|
|
|
|
|
ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oLogFile, "log-file",
|
|
|
|
|
N_("|FILE|write server mode logs to FILE")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ARGPARSE_header ("Configuration",
|
|
|
|
|
N_("Options controlling the configuration")),
|
|
|
|
|
|
2016-11-17 10:14:14 +01:00
|
|
|
|
ARGPARSE_s_n (oAllowVersionCheck, "allow-version-check",
|
|
|
|
|
N_("allow online software version check")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_i (oListenBacklog, "listen-backlog", "@"),
|
|
|
|
|
ARGPARSE_s_i (oMaxReplies, "max-replies",
|
|
|
|
|
N_("|N|do not return more than N items in one query")),
|
|
|
|
|
ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
|
|
|
|
|
ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
|
2021-10-06 10:31:41 +02:00
|
|
|
|
ARGPARSE_s_s (oIgnoreCert,"ignore-cert", "@"),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"),
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ARGPARSE_header ("Network", N_("Network related options")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
|
|
|
|
|
ARGPARSE_s_n (oNoUseTor, "no-use-tor", "@"),
|
|
|
|
|
ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"),
|
|
|
|
|
ARGPARSE_s_n (oDisableIPv6, "disable-ipv6", "@"),
|
|
|
|
|
ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"),
|
|
|
|
|
ARGPARSE_s_n (oRecursiveResolver, "recursive-resolver", "@"),
|
|
|
|
|
ARGPARSE_s_i (oResolverTimeout, "resolver-timeout", "@"),
|
|
|
|
|
ARGPARSE_s_s (oNameServer, "nameserver", "@"),
|
|
|
|
|
ARGPARSE_s_i (oConnectTimeout, "connect-timeout", "@"),
|
|
|
|
|
ARGPARSE_s_i (oConnectQuickTimeout, "connect-quick-timeout", "@"),
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ARGPARSE_header ("HTTP", N_("Configuration for HTTP servers")),
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_n (oDisableHTTP, "disable-http", N_("inhibit the use of HTTP")),
|
|
|
|
|
ARGPARSE_s_n (oIgnoreHTTPDP,"ignore-http-dp",
|
|
|
|
|
N_("ignore HTTP CRL distribution points")),
|
|
|
|
|
ARGPARSE_s_s (oHTTPProxy, "http-proxy",
|
|
|
|
|
N_("|URL|redirect all HTTP requests to URL")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy",
|
|
|
|
|
N_("use system's HTTP proxy setting")),
|
|
|
|
|
ARGPARSE_s_s (oLDAPWrapperProgram, "ldap-wrapper-program", "@"),
|
|
|
|
|
|
2022-01-25 20:22:46 +01:00
|
|
|
|
ARGPARSE_header ("Keyserver", N_("Configuration for OpenPGP servers")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_s (oKeyServer, "keyserver",
|
|
|
|
|
N_("|URL|use keyserver at URL")),
|
|
|
|
|
ARGPARSE_s_s (oHkpCaCert, "hkp-cacert",
|
|
|
|
|
N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
2022-01-25 20:22:46 +01:00
|
|
|
|
ARGPARSE_header ("LDAP", N_("Configuration for X.509 servers")),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oDisableLDAP, "disable-ldap", N_("inhibit the use of LDAP")),
|
|
|
|
|
ARGPARSE_s_n (oIgnoreLDAPDP,"ignore-ldap-dp",
|
|
|
|
|
N_("ignore LDAP CRL distribution points")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oLDAPProxy, "ldap-proxy",
|
|
|
|
|
N_("|HOST|use HOST for LDAP queries")),
|
|
|
|
|
ARGPARSE_s_n (oOnlyLDAPProxy, "only-ldap-proxy",
|
|
|
|
|
N_("do not use fallback hosts with --ldap-proxy")),
|
2021-05-26 15:49:14 +02:00
|
|
|
|
ARGPARSE_s_s (oLDAPServer, "ldapserver",
|
|
|
|
|
N_("|SPEC|use this keyserver to lookup keys")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oLDAPFile, "ldapserverlist-file",
|
|
|
|
|
N_("|FILE|read LDAP server list from FILE")),
|
|
|
|
|
ARGPARSE_s_n (oLDAPAddServers, "add-servers",
|
|
|
|
|
N_("add new servers discovered in CRL distribution"
|
|
|
|
|
" points to serverlist")),
|
|
|
|
|
ARGPARSE_s_i (oLDAPTimeout, "ldaptimeout",
|
|
|
|
|
N_("|N|set LDAP timeout to N seconds")),
|
2023-03-16 14:52:28 +01:00
|
|
|
|
ARGPARSE_s_s (oFakeCRL, "fake-crl", "@"),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
|
|
|
|
ARGPARSE_header ("OCSP", N_("Configuration for OCSP")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_s_n (oAllowOCSP, "allow-ocsp", N_("allow sending OCSP requests")),
|
|
|
|
|
ARGPARSE_s_n (oIgnoreOCSPSvcUrl, "ignore-ocsp-service-url",
|
|
|
|
|
N_("ignore certificate contained OCSP service URLs")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oOCSPResponder, "ocsp-responder",
|
|
|
|
|
N_("|URL|use OCSP responder at URL")),
|
2011-01-25 11:26:01 +01:00
|
|
|
|
ARGPARSE_s_s (oOCSPSigner, "ocsp-signer",
|
|
|
|
|
N_("|FPR|OCSP response signed by FPR")),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_i (oOCSPMaxClockSkew, "ocsp-max-clock-skew", "@"),
|
|
|
|
|
ARGPARSE_s_i (oOCSPMaxPeriod, "ocsp-max-period", "@"),
|
|
|
|
|
ARGPARSE_s_i (oOCSPCurrentPeriod, "ocsp-current-period", "@"),
|
|
|
|
|
|
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_header (NULL, N_("Other options")),
|
2014-05-05 16:09:45 +02:00
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_s_n (oForce, "force", N_("force loading of outdated CRLs")),
|
2014-05-05 16:09:45 +02:00
|
|
|
|
|
2022-08-31 18:11:36 +02:00
|
|
|
|
ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
|
|
|
|
|
ARGPARSE_s_n (oDebugCacheExpiredCerts, "debug-cache-expired-certs", "@"),
|
2017-01-24 16:36:28 +01:00
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
ARGPARSE_header (NULL, ""), /* Stop the header group. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2020-03-06 17:02:58 +01:00
|
|
|
|
/* Not yet used options. */
|
|
|
|
|
ARGPARSE_s_n (oBatch, "batch", "@"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"),
|
2020-03-06 17:02:58 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing "
|
|
|
|
|
"of all commands and options)\n")),
|
|
|
|
|
|
|
|
|
|
ARGPARSE_end ()
|
|
|
|
|
};
|
|
|
|
|
|
2015-06-23 09:12:44 +02:00
|
|
|
|
/* The list of supported debug flags. */
|
|
|
|
|
static struct debug_flags_s debug_flags [] =
|
|
|
|
|
{
|
|
|
|
|
{ DBG_X509_VALUE , "x509" },
|
|
|
|
|
{ DBG_CRYPTO_VALUE , "crypto" },
|
|
|
|
|
{ DBG_MEMORY_VALUE , "memory" },
|
|
|
|
|
{ DBG_CACHE_VALUE , "cache" },
|
|
|
|
|
{ DBG_MEMSTAT_VALUE, "memstat" },
|
|
|
|
|
{ DBG_HASHING_VALUE, "hashing" },
|
|
|
|
|
{ DBG_IPC_VALUE , "ipc" },
|
2016-12-19 09:41:15 +01:00
|
|
|
|
{ DBG_DNS_VALUE , "dns" },
|
|
|
|
|
{ DBG_NETWORK_VALUE, "network" },
|
2015-06-23 09:12:44 +02:00
|
|
|
|
{ DBG_LOOKUP_VALUE , "lookup" },
|
2017-02-23 20:14:16 +01:00
|
|
|
|
{ DBG_EXTPROG_VALUE, "extprog" },
|
2023-02-23 10:20:33 +01:00
|
|
|
|
{ DBG_KEEPTMP_VALUE, "keeptmp" },
|
2015-06-23 09:12:44 +02:00
|
|
|
|
{ 77, NULL } /* 77 := Do not exit on "help" or "?". */
|
|
|
|
|
};
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#define DEFAULT_MAX_REPLIES 10
|
2017-11-07 10:02:53 +01:00
|
|
|
|
#define DEFAULT_LDAP_TIMEOUT 15 /* seconds */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2017-06-08 09:30:48 +02:00
|
|
|
|
#define DEFAULT_CONNECT_TIMEOUT (15*1000) /* 15 seconds */
|
|
|
|
|
#define DEFAULT_CONNECT_QUICK_TIMEOUT ( 2*1000) /* 2 seconds */
|
|
|
|
|
|
2014-12-01 09:50:55 +01:00
|
|
|
|
/* For the cleanup handler we need to keep track of the socket's name. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static const char *socket_name;
|
2014-12-01 09:50:55 +01:00
|
|
|
|
/* If the socket has been redirected, this is the name of the
|
|
|
|
|
redirected socket.. */
|
|
|
|
|
static const char *redir_socket_name;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
/* We need to keep track of the server's nonces (these are dummies for
|
|
|
|
|
POSIX systems). */
|
|
|
|
|
static assuan_sock_nonce_t socket_nonce;
|
|
|
|
|
|
2017-12-12 14:14:40 +01:00
|
|
|
|
/* Value for the listen() backlog argument.
|
|
|
|
|
* Change at runtime with --listen-backlog. */
|
|
|
|
|
static int listen_backlog = 64;
|
|
|
|
|
|
2015-03-19 11:14:52 +01:00
|
|
|
|
/* Only if this flag has been set will we remove the socket file. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static int cleanup_socket;
|
|
|
|
|
|
|
|
|
|
/* Keep track of the current log file so that we can avoid updating
|
|
|
|
|
the log file after a SIGHUP if it didn't changed. Malloced. */
|
|
|
|
|
static char *current_logfile;
|
|
|
|
|
|
|
|
|
|
/* Helper to implement --debug-level. */
|
|
|
|
|
static const char *debug_level;
|
|
|
|
|
|
2014-10-02 17:33:57 +02:00
|
|
|
|
/* Helper to set the NTBTLS or GNUTLS log level. */
|
2014-05-05 16:09:45 +02:00
|
|
|
|
static int opt_gnutls_debug = -1;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Flag indicating that a shutdown has been requested. */
|
|
|
|
|
static volatile int shutdown_pending;
|
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
/* Flags to indicate that we shall not watch our own socket. */
|
|
|
|
|
static int disable_check_own_socket;
|
|
|
|
|
|
2021-11-13 14:46:19 +01:00
|
|
|
|
/* Flag indicating to start the daemon even if one already runs. */
|
|
|
|
|
static int steal_socket;
|
|
|
|
|
|
|
|
|
|
|
2017-02-01 17:54:14 +01:00
|
|
|
|
/* Flag to control the Tor mode. */
|
|
|
|
|
static enum
|
|
|
|
|
{ TOR_MODE_AUTO = 0, /* Switch to NO or YES */
|
|
|
|
|
TOR_MODE_NEVER, /* Never use Tor. */
|
|
|
|
|
TOR_MODE_NO, /* Do not use Tor */
|
|
|
|
|
TOR_MODE_YES, /* Use Tor */
|
|
|
|
|
TOR_MODE_FORCE /* Force using Tor */
|
|
|
|
|
} tor_mode;
|
|
|
|
|
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Counter for the active connections. */
|
|
|
|
|
static int active_connections;
|
|
|
|
|
|
2016-11-17 10:14:14 +01:00
|
|
|
|
/* This flag is set by any network access and used by the housekeeping
|
|
|
|
|
* thread to run background network tasks. */
|
|
|
|
|
static int network_activity_seen;
|
|
|
|
|
|
2018-10-24 15:56:18 -04:00
|
|
|
|
/* A list of filenames registered with --hkp-cacert. */
|
2017-02-21 13:57:24 +01:00
|
|
|
|
static strlist_t hkp_cacert_filenames;
|
|
|
|
|
|
2021-05-26 15:49:14 +02:00
|
|
|
|
/* A flag used to clear the list of ldapservers iff --ldapserver is
|
|
|
|
|
* given on the command line or one of the conf files. In this case we
|
|
|
|
|
* want to clear all old specifications through the legacy
|
|
|
|
|
* dirmngr_ldapservers.conf. */
|
|
|
|
|
static int ldapserver_list_needs_reset;
|
2017-02-21 13:57:24 +01:00
|
|
|
|
|
2017-07-26 10:02:52 +02:00
|
|
|
|
/* The timer tick used for housekeeping stuff. The second constant is used when a shutdown is pending. */
|
|
|
|
|
#define TIMERTICK_INTERVAL (60)
|
|
|
|
|
#define TIMERTICK_INTERVAL_SHUTDOWN (4)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2016-11-18 08:28:15 +01:00
|
|
|
|
/* How oft to run the housekeeping. */
|
2014-03-18 11:07:05 +01:00
|
|
|
|
#define HOUSEKEEPING_INTERVAL (600)
|
|
|
|
|
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* This union is used to avoid compiler warnings in case a pointer is
|
|
|
|
|
64 bit and an int 32 bit. We store an integer in a pointer and get
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
it back later (npth_getspecific et al.). */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
union int_and_ptr_u
|
|
|
|
|
{
|
|
|
|
|
int aint;
|
|
|
|
|
assuan_fd_t afd;
|
|
|
|
|
void *aptr;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The key used to store the current file descriptor in the thread
|
|
|
|
|
local storage. We use this in conjunction with the
|
2015-06-16 12:12:03 +02:00
|
|
|
|
log_set_pid_suffix_cb feature. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2017-04-13 13:06:38 +09:00
|
|
|
|
static npth_key_t my_tlskey_current_fd;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/* Prototypes. */
|
|
|
|
|
static void cleanup (void);
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2020-07-02 16:05:40 +02:00
|
|
|
|
static ldap_server_t parse_ldapserver_file (const char* filename, int ienoent);
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif /*USE_LDAP*/
|
2021-10-06 10:31:41 +02:00
|
|
|
|
static fingerprint_list_t parse_fingerprint_item (const char *string,
|
|
|
|
|
const char *optionname,
|
|
|
|
|
int want_binary);
|
2016-11-11 17:30:23 +01:00
|
|
|
|
static void netactivity_action (void);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static void handle_connections (assuan_fd_t listen_fd);
|
2020-10-02 12:26:02 +02:00
|
|
|
|
static void gpgconf_versions (void);
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
/* NPth wrapper function definitions. */
|
|
|
|
|
ASSUAN_SYSTEM_NPTH_IMPL;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static const char *
|
|
|
|
|
my_strusage( int level )
|
|
|
|
|
{
|
|
|
|
|
const char *p;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
switch ( level )
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
case 9: p = "GPL-3.0-or-later"; break;
|
2013-11-18 14:09:47 +01:00
|
|
|
|
case 11: p = "@DIRMNGR@ (@GNUPG@)";
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
|
|
|
|
case 13: p = VERSION; break;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
case 14: p = GNUPG_DEF_COPYRIGHT_LINE; break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case 17: p = PRINTABLE_OS_NAME; break;
|
|
|
|
|
/* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
|
|
|
|
|
reporting address. This is so that we can change the
|
|
|
|
|
reporting address without breaking the translations. */
|
|
|
|
|
case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
|
|
|
|
|
case 49: p = PACKAGE_BUGREPORT; break;
|
|
|
|
|
case 1:
|
2013-11-18 14:09:47 +01:00
|
|
|
|
case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)");
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
2013-11-18 14:09:47 +01:00
|
|
|
|
case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n"
|
2014-10-17 13:31:07 +02:00
|
|
|
|
"Keyserver, CRL, and OCSP access for @GNUPG@\n");
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
default: p = NULL;
|
|
|
|
|
}
|
|
|
|
|
return p;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Callback from libksba to hash a provided buffer. Our current
|
|
|
|
|
implementation does only allow SHA-1 for hashing. This may be
|
2018-10-24 15:56:18 -04:00
|
|
|
|
extended by mapping the name, testing for algorithm availability
|
2010-06-09 16:53:51 +00:00
|
|
|
|
and adjust the length checks accordingly. */
|
2011-01-25 11:26:01 +01:00
|
|
|
|
static gpg_error_t
|
2010-06-09 16:53:51 +00:00
|
|
|
|
my_ksba_hash_buffer (void *arg, const char *oid,
|
|
|
|
|
const void *buffer, size_t length, size_t resultsize,
|
|
|
|
|
unsigned char *result, size_t *resultlen)
|
|
|
|
|
{
|
|
|
|
|
(void)arg;
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (oid && strcmp (oid, "1.3.14.3.2.26"))
|
|
|
|
|
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (resultsize < 20)
|
|
|
|
|
return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
gcry_md_hash_buffer (2, result, buffer, length);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*resultlen = 20;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2014-05-05 16:09:45 +02:00
|
|
|
|
/* GNUTLS log function callback. */
|
2015-02-11 19:01:11 +01:00
|
|
|
|
#ifdef HTTP_USE_GNUTLS
|
2014-05-05 16:09:45 +02:00
|
|
|
|
static void
|
|
|
|
|
my_gnutls_log (int level, const char *text)
|
|
|
|
|
{
|
|
|
|
|
int n;
|
|
|
|
|
|
|
|
|
|
n = strlen (text);
|
|
|
|
|
while (n && text[n-1] == '\n')
|
|
|
|
|
n--;
|
|
|
|
|
|
|
|
|
|
log_debug ("gnutls:L%d: %.*s\n", level, n, text);
|
|
|
|
|
}
|
2015-02-11 19:01:11 +01:00
|
|
|
|
#endif /*HTTP_USE_GNUTLS*/
|
2014-05-05 16:09:45 +02:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Setup the debugging. With a LEVEL of NULL only the active debug
|
|
|
|
|
flags are propagated to the subsystems. With LEVEL set, a specific
|
|
|
|
|
set of debug flags is set; thus overriding all flags already
|
|
|
|
|
set. */
|
|
|
|
|
static void
|
|
|
|
|
set_debug (void)
|
|
|
|
|
{
|
|
|
|
|
int numok = (debug_level && digitp (debug_level));
|
|
|
|
|
int numlvl = numok? atoi (debug_level) : 0;
|
|
|
|
|
|
|
|
|
|
if (!debug_level)
|
|
|
|
|
;
|
|
|
|
|
else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
|
|
|
|
|
opt.debug = 0;
|
|
|
|
|
else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
|
2015-04-06 13:42:17 +02:00
|
|
|
|
opt.debug = DBG_IPC_VALUE;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
|
2015-04-06 13:42:17 +02:00
|
|
|
|
opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
|
2015-04-06 13:42:17 +02:00
|
|
|
|
opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
|
|
|
|
|
else if (!strcmp (debug_level, "guru") || numok)
|
|
|
|
|
{
|
|
|
|
|
opt.debug = ~0;
|
|
|
|
|
/* Unless the "guru" string has been used we don't want to allow
|
|
|
|
|
hashing debugging. The rationale is that people tend to
|
|
|
|
|
select the highest debug value and would then clutter their
|
2011-01-25 11:26:01 +01:00
|
|
|
|
disk with debug files which may reveal confidential data. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (numok)
|
2023-02-23 10:20:33 +01:00
|
|
|
|
opt.debug &= ~(DBG_HASHING_VALUE|DBG_KEEPTMP_VALUE);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("invalid debug-level '%s' given\n"), debug_level);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
log_info (_("valid debug levels are: %s\n"),
|
|
|
|
|
"none, basic, advanced, expert, guru");
|
|
|
|
|
opt.debug = 0; /* Reset debugging, so that prior debug
|
|
|
|
|
statements won't have an undesired effect. */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (opt.debug && !opt.verbose)
|
|
|
|
|
{
|
|
|
|
|
opt.verbose = 1;
|
|
|
|
|
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
|
|
|
|
|
}
|
|
|
|
|
if (opt.debug && opt.quiet)
|
|
|
|
|
opt.quiet = 0;
|
|
|
|
|
|
|
|
|
|
if (opt.debug & DBG_CRYPTO_VALUE )
|
|
|
|
|
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
|
2014-05-05 16:09:45 +02:00
|
|
|
|
|
2014-10-02 17:33:57 +02:00
|
|
|
|
#if HTTP_USE_NTBTLS
|
|
|
|
|
if (opt_gnutls_debug >= 0)
|
|
|
|
|
{
|
|
|
|
|
ntbtls_set_debug (opt_gnutls_debug, NULL, NULL);
|
|
|
|
|
}
|
|
|
|
|
#elif HTTP_USE_GNUTLS
|
2014-05-05 16:09:45 +02:00
|
|
|
|
if (opt_gnutls_debug >= 0)
|
|
|
|
|
{
|
|
|
|
|
gnutls_global_set_log_function (my_gnutls_log);
|
|
|
|
|
gnutls_global_set_log_level (opt_gnutls_debug);
|
|
|
|
|
}
|
|
|
|
|
#endif /*HTTP_USE_GNUTLS*/
|
2015-06-23 09:12:44 +02:00
|
|
|
|
|
|
|
|
|
if (opt.debug)
|
|
|
|
|
parse_debug_flag (NULL, &opt.debug, debug_flags);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2015-10-19 13:12:24 +02:00
|
|
|
|
static void
|
|
|
|
|
set_tor_mode (void)
|
|
|
|
|
{
|
2017-02-01 17:54:14 +01:00
|
|
|
|
if (dirmngr_use_tor ())
|
2015-10-19 13:12:24 +02:00
|
|
|
|
{
|
2018-10-24 15:56:18 -04:00
|
|
|
|
/* Enable Tor mode and when called again force a new circuit
|
2017-01-03 12:03:28 +01:00
|
|
|
|
* (e.g. on SIGHUP). */
|
|
|
|
|
enable_dns_tormode (1);
|
2015-10-19 13:12:24 +02:00
|
|
|
|
if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
|
|
|
|
|
{
|
2015-10-21 18:14:24 +02:00
|
|
|
|
log_error ("error enabling Tor mode: %s\n", strerror (errno));
|
2015-10-19 13:12:24 +02:00
|
|
|
|
log_info ("(is your Libassuan recent enough?)\n");
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-02-01 17:54:14 +01:00
|
|
|
|
else
|
|
|
|
|
disable_dns_tormode ();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Return true if Tor shall be used. */
|
|
|
|
|
int
|
|
|
|
|
dirmngr_use_tor (void)
|
|
|
|
|
{
|
|
|
|
|
if (tor_mode == TOR_MODE_AUTO)
|
|
|
|
|
{
|
2017-07-26 10:58:15 +02:00
|
|
|
|
/* Figure out whether Tor is running. */
|
|
|
|
|
assuan_fd_t sock;
|
|
|
|
|
|
|
|
|
|
sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR);
|
|
|
|
|
if (sock == ASSUAN_INVALID_FD)
|
|
|
|
|
tor_mode = TOR_MODE_NO;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
tor_mode = TOR_MODE_YES;
|
|
|
|
|
assuan_sock_close (sock);
|
|
|
|
|
}
|
2017-02-01 17:54:14 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tor_mode == TOR_MODE_FORCE)
|
|
|
|
|
return 2; /* Use Tor (using 2 to indicate force mode) */
|
|
|
|
|
else if (tor_mode == TOR_MODE_YES)
|
|
|
|
|
return 1; /* Use Tor */
|
|
|
|
|
else
|
|
|
|
|
return 0; /* Do not use Tor. */
|
2015-10-19 13:12:24 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2022-02-01 16:02:20 +01:00
|
|
|
|
/* This is somewhat similar to dirmngr_use_tor but avoids a trial
|
|
|
|
|
* connect and may thus be faster for this special case. */
|
|
|
|
|
int
|
|
|
|
|
dirmngr_never_use_tor_p (void)
|
|
|
|
|
{
|
|
|
|
|
return tor_mode == TOR_MODE_NEVER;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static void
|
|
|
|
|
wrong_args (const char *text)
|
|
|
|
|
{
|
2013-11-18 14:09:47 +01:00
|
|
|
|
es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME);
|
2010-07-16 13:19:45 +00:00
|
|
|
|
es_fputs (text, es_stderr);
|
|
|
|
|
es_putc ('\n', es_stderr);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
dirmngr_exit (2);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Helper to stop the reaper thread for the ldap wrapper. */
|
|
|
|
|
static void
|
|
|
|
|
shutdown_reaper (void)
|
|
|
|
|
{
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ldap_wrapper_wait_connections ();
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Handle options which are allowed to be reset after program start.
|
|
|
|
|
Return true if the current option in PARGS could be handled and
|
|
|
|
|
false if not. As a special feature, passing a value of NULL for
|
|
|
|
|
PARGS, resets the options to the default. REREAD should be set
|
|
|
|
|
true if it is not the initial option parsing. */
|
|
|
|
|
static int
|
2020-02-21 21:45:13 +01:00
|
|
|
|
parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
if (!pargs)
|
|
|
|
|
{ /* Reset mode. */
|
|
|
|
|
opt.quiet = 0;
|
|
|
|
|
opt.verbose = 0;
|
|
|
|
|
opt.debug = 0;
|
|
|
|
|
opt.ldap_wrapper_program = NULL;
|
|
|
|
|
opt.disable_http = 0;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
opt.disable_ldap = 0;
|
|
|
|
|
opt.honor_http_proxy = 0;
|
|
|
|
|
opt.http_proxy = NULL;
|
|
|
|
|
opt.ldap_proxy = NULL;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
opt.only_ldap_proxy = 0;
|
|
|
|
|
opt.ignore_http_dp = 0;
|
|
|
|
|
opt.ignore_ldap_dp = 0;
|
|
|
|
|
opt.ignore_ocsp_service_url = 0;
|
|
|
|
|
opt.allow_ocsp = 0;
|
2016-11-17 10:14:14 +01:00
|
|
|
|
opt.allow_version_check = 0;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
opt.ocsp_responder = NULL;
|
|
|
|
|
opt.ocsp_max_clock_skew = 10 * 60; /* 10 minutes. */
|
|
|
|
|
opt.ocsp_max_period = 90 * 86400; /* 90 days. */
|
|
|
|
|
opt.ocsp_current_period = 3 * 60 * 60; /* 3 hours. */
|
|
|
|
|
opt.max_replies = DEFAULT_MAX_REPLIES;
|
|
|
|
|
while (opt.ocsp_signer)
|
|
|
|
|
{
|
|
|
|
|
fingerprint_list_t tmp = opt.ocsp_signer->next;
|
|
|
|
|
xfree (opt.ocsp_signer);
|
|
|
|
|
opt.ocsp_signer = tmp;
|
|
|
|
|
}
|
2021-10-06 10:31:41 +02:00
|
|
|
|
while (opt.ignored_certs)
|
|
|
|
|
{
|
|
|
|
|
fingerprint_list_t tmp = opt.ignored_certs->next;
|
|
|
|
|
xfree (opt.ignored_certs);
|
|
|
|
|
opt.ignored_certs = tmp;
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
FREE_STRLIST (opt.ignored_cert_extensions);
|
2014-05-05 16:09:45 +02:00
|
|
|
|
http_register_tls_ca (NULL);
|
2017-02-21 13:57:24 +01:00
|
|
|
|
FREE_STRLIST (hkp_cacert_filenames);
|
2015-12-02 11:49:41 +01:00
|
|
|
|
FREE_STRLIST (opt.keyserver);
|
2017-02-01 17:54:14 +01:00
|
|
|
|
/* Note: We do not allow resetting of TOR_MODE_FORCE at runtime. */
|
|
|
|
|
if (tor_mode != TOR_MODE_FORCE)
|
|
|
|
|
tor_mode = TOR_MODE_AUTO;
|
2016-09-07 12:36:48 +02:00
|
|
|
|
disable_check_own_socket = 0;
|
2016-12-01 15:45:51 +01:00
|
|
|
|
enable_standard_resolver (0);
|
2016-12-20 09:53:58 +01:00
|
|
|
|
set_dns_timeout (0);
|
2017-06-08 09:30:48 +02:00
|
|
|
|
opt.connect_timeout = 0;
|
|
|
|
|
opt.connect_quick_timeout = 0;
|
2021-05-26 19:06:10 +02:00
|
|
|
|
opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
|
2021-05-26 15:49:14 +02:00
|
|
|
|
ldapserver_list_needs_reset = 1;
|
2022-08-31 18:11:36 +02:00
|
|
|
|
opt.debug_cache_expired_certs = 0;
|
2023-03-16 14:52:28 +01:00
|
|
|
|
xfree (opt.fake_crl);
|
|
|
|
|
opt.fake_crl = NULL;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch (pargs->r_opt)
|
|
|
|
|
{
|
|
|
|
|
case oQuiet: opt.quiet = 1; break;
|
|
|
|
|
case oVerbose: opt.verbose++; break;
|
2015-06-23 09:12:44 +02:00
|
|
|
|
case oDebug:
|
|
|
|
|
parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
|
|
|
|
|
break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oDebugAll: opt.debug = ~0; break;
|
|
|
|
|
case oDebugLevel: debug_level = pargs->r.ret_str; break;
|
2014-05-05 16:09:45 +02:00
|
|
|
|
case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
case oLogFile:
|
|
|
|
|
if (!reread)
|
|
|
|
|
return 0; /* Not handled. */
|
|
|
|
|
if (!current_logfile || !pargs->r.ret_str
|
|
|
|
|
|| strcmp (current_logfile, pargs->r.ret_str))
|
|
|
|
|
{
|
|
|
|
|
log_set_file (pargs->r.ret_str);
|
|
|
|
|
xfree (current_logfile);
|
|
|
|
|
current_logfile = xtrystrdup (pargs->r.ret_str);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oLDAPWrapperProgram:
|
|
|
|
|
opt.ldap_wrapper_program = pargs->r.ret_str;
|
|
|
|
|
break;
|
|
|
|
|
case oHTTPWrapperProgram:
|
|
|
|
|
opt.http_wrapper_program = pargs->r.ret_str;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case oDisableHTTP: opt.disable_http = 1; break;
|
|
|
|
|
case oDisableLDAP: opt.disable_ldap = 1; break;
|
2017-01-24 16:36:28 +01:00
|
|
|
|
case oDisableIPv4: opt.disable_ipv4 = 1; break;
|
2017-04-03 20:56:12 +02:00
|
|
|
|
case oDisableIPv6: opt.disable_ipv6 = 1; break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oHonorHTTPProxy: opt.honor_http_proxy = 1; break;
|
|
|
|
|
case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break;
|
|
|
|
|
case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break;
|
|
|
|
|
case oOnlyLDAPProxy: opt.only_ldap_proxy = 1; break;
|
|
|
|
|
case oIgnoreHTTPDP: opt.ignore_http_dp = 1; break;
|
|
|
|
|
case oIgnoreLDAPDP: opt.ignore_ldap_dp = 1; break;
|
|
|
|
|
case oIgnoreOCSPSvcUrl: opt.ignore_ocsp_service_url = 1; break;
|
|
|
|
|
|
|
|
|
|
case oAllowOCSP: opt.allow_ocsp = 1; break;
|
2016-11-17 10:14:14 +01:00
|
|
|
|
case oAllowVersionCheck: opt.allow_version_check = 1; break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oOCSPResponder: opt.ocsp_responder = pargs->r.ret_str; break;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
case oOCSPSigner:
|
2021-10-06 10:31:41 +02:00
|
|
|
|
opt.ocsp_signer = parse_fingerprint_item (pargs->r.ret_str,
|
|
|
|
|
"--ocsp-signer", 0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
|
|
|
|
case oOCSPMaxClockSkew: opt.ocsp_max_clock_skew = pargs->r.ret_int; break;
|
|
|
|
|
case oOCSPMaxPeriod: opt.ocsp_max_period = pargs->r.ret_int; break;
|
|
|
|
|
case oOCSPCurrentPeriod: opt.ocsp_current_period = pargs->r.ret_int; break;
|
|
|
|
|
|
|
|
|
|
case oMaxReplies: opt.max_replies = pargs->r.ret_int; break;
|
|
|
|
|
|
2014-05-05 16:09:45 +02:00
|
|
|
|
case oHkpCaCert:
|
2015-10-06 13:10:26 +02:00
|
|
|
|
{
|
2017-02-21 13:57:24 +01:00
|
|
|
|
/* We need to register the filenames with gnutls (http.c) and
|
|
|
|
|
* also for our own cert cache. */
|
2015-10-06 13:10:26 +02:00
|
|
|
|
char *tmpname;
|
|
|
|
|
|
2016-10-27 18:30:57 -04:00
|
|
|
|
/* Do tilde expansion and make path absolute. */
|
|
|
|
|
tmpname = make_absfilename (pargs->r.ret_str, NULL);
|
|
|
|
|
http_register_tls_ca (tmpname);
|
2017-02-21 13:57:24 +01:00
|
|
|
|
add_to_strlist (&hkp_cacert_filenames, pargs->r.ret_str);
|
2015-10-06 13:10:26 +02:00
|
|
|
|
xfree (tmpname);
|
|
|
|
|
}
|
2014-05-05 16:09:45 +02:00
|
|
|
|
break;
|
|
|
|
|
|
2021-10-06 10:31:41 +02:00
|
|
|
|
case oIgnoreCert:
|
|
|
|
|
{
|
|
|
|
|
fingerprint_list_t item, r;
|
|
|
|
|
item = parse_fingerprint_item (pargs->r.ret_str, "--ignore-cert", 20);
|
|
|
|
|
if (item)
|
|
|
|
|
{ /* Append */
|
|
|
|
|
if (!opt.ignored_certs)
|
|
|
|
|
opt.ignored_certs = item;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
for (r = opt.ignored_certs; r->next; r = r->next)
|
|
|
|
|
;
|
|
|
|
|
r->next = item;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oIgnoreCertExtension:
|
|
|
|
|
add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
|
|
|
|
|
break;
|
|
|
|
|
|
2017-02-01 17:54:14 +01:00
|
|
|
|
case oUseTor:
|
|
|
|
|
tor_mode = TOR_MODE_FORCE;
|
|
|
|
|
break;
|
|
|
|
|
case oNoUseTor:
|
|
|
|
|
if (tor_mode != TOR_MODE_FORCE)
|
|
|
|
|
tor_mode = TOR_MODE_NEVER;
|
|
|
|
|
break;
|
2015-09-18 16:17:11 +02:00
|
|
|
|
|
2016-12-01 15:45:51 +01:00
|
|
|
|
case oStandardResolver: enable_standard_resolver (1); break;
|
2016-12-14 15:36:25 +01:00
|
|
|
|
case oRecursiveResolver: enable_recursive_resolver (1); break;
|
2016-12-01 15:45:51 +01:00
|
|
|
|
|
2021-05-26 15:49:14 +02:00
|
|
|
|
case oLDAPServer:
|
2021-06-11 10:30:02 +09:00
|
|
|
|
#if USE_LDAP
|
2021-05-26 15:49:14 +02:00
|
|
|
|
{
|
|
|
|
|
ldap_server_t server;
|
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
|
|
p = pargs->r.ret_str;
|
|
|
|
|
if (!strncmp (p, "ldap:", 5) && !(p[5] == '/' && p[6] == '/'))
|
|
|
|
|
p += 5;
|
|
|
|
|
|
|
|
|
|
server = ldapserver_parse_one (p, NULL, 0);
|
|
|
|
|
if (server)
|
|
|
|
|
{
|
|
|
|
|
if (ldapserver_list_needs_reset)
|
|
|
|
|
{
|
|
|
|
|
ldapserver_list_needs_reset = 0;
|
|
|
|
|
ldapserver_list_free (opt.ldapservers);
|
|
|
|
|
opt.ldapservers = NULL;
|
|
|
|
|
}
|
|
|
|
|
server->next = opt.ldapservers;
|
|
|
|
|
opt.ldapservers = server;
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-06-11 10:30:02 +09:00
|
|
|
|
#endif
|
2021-05-26 15:49:14 +02:00
|
|
|
|
break;
|
|
|
|
|
|
2015-10-05 17:44:20 +02:00
|
|
|
|
case oKeyServer:
|
2015-12-02 11:49:41 +01:00
|
|
|
|
if (*pargs->r.ret_str)
|
|
|
|
|
add_to_strlist (&opt.keyserver, pargs->r.ret_str);
|
2015-10-05 17:44:20 +02:00
|
|
|
|
break;
|
|
|
|
|
|
2015-11-12 13:20:18 +01:00
|
|
|
|
case oNameServer:
|
|
|
|
|
set_dns_nameserver (pargs->r.ret_str);
|
|
|
|
|
break;
|
|
|
|
|
|
2016-12-20 09:53:58 +01:00
|
|
|
|
case oResolverTimeout:
|
|
|
|
|
set_dns_timeout (pargs->r.ret_int);
|
|
|
|
|
break;
|
|
|
|
|
|
2017-06-08 09:30:48 +02:00
|
|
|
|
case oConnectTimeout:
|
|
|
|
|
opt.connect_timeout = pargs->r.ret_ulong * 1000;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case oConnectQuickTimeout:
|
|
|
|
|
opt.connect_quick_timeout = pargs->r.ret_ulong * 1000;
|
|
|
|
|
break;
|
|
|
|
|
|
2021-05-26 19:06:10 +02:00
|
|
|
|
case oLDAPTimeout:
|
|
|
|
|
opt.ldaptimeout = pargs->r.ret_int;
|
|
|
|
|
break;
|
|
|
|
|
|
2022-08-31 18:11:36 +02:00
|
|
|
|
case oDebugCacheExpiredCerts:
|
|
|
|
|
opt.debug_cache_expired_certs = 0;
|
|
|
|
|
break;
|
|
|
|
|
|
2023-03-16 14:52:28 +01:00
|
|
|
|
case oFakeCRL:
|
|
|
|
|
xfree (opt.fake_crl);
|
|
|
|
|
opt.fake_crl = *pargs->r.ret_str? xstrdup (pargs->r.ret_str) : NULL;
|
|
|
|
|
break;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
default:
|
|
|
|
|
return 0; /* Not handled. */
|
|
|
|
|
}
|
|
|
|
|
|
2016-12-19 23:27:02 +01:00
|
|
|
|
set_dns_verbose (opt.verbose, !!DBG_DNS);
|
2017-01-11 10:35:46 +01:00
|
|
|
|
http_set_verbose (opt.verbose, !!DBG_NETWORK);
|
2017-01-24 16:36:28 +01:00
|
|
|
|
set_dns_disable_ipv4 (opt.disable_ipv4);
|
2017-04-03 20:56:12 +02:00
|
|
|
|
set_dns_disable_ipv6 (opt.disable_ipv6);
|
2016-12-19 23:27:02 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
return 1; /* Handled. */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2018-10-24 15:56:18 -04:00
|
|
|
|
/* This function is called after option parsing to adjust some values
|
2017-06-08 09:30:48 +02:00
|
|
|
|
* and call option setup functions. */
|
|
|
|
|
static void
|
2023-01-11 11:08:47 +01:00
|
|
|
|
post_option_parsing (enum cmd_and_opt_values cmd)
|
2017-06-08 09:30:48 +02:00
|
|
|
|
{
|
|
|
|
|
/* It would be too surpirsing if the quick timeout is larger than
|
|
|
|
|
* the standard value. */
|
|
|
|
|
if (opt.connect_quick_timeout > opt.connect_timeout)
|
|
|
|
|
opt.connect_quick_timeout = opt.connect_timeout;
|
|
|
|
|
|
|
|
|
|
set_debug ();
|
2023-01-11 11:08:47 +01:00
|
|
|
|
/* For certain commands we do not want to set/test for Tor mode
|
|
|
|
|
* because that is somewhat expensive. */
|
|
|
|
|
switch (cmd)
|
|
|
|
|
{
|
|
|
|
|
case aGPGConfList:
|
|
|
|
|
case aGPGConfTest:
|
|
|
|
|
case aGPGConfVersions:
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
set_tor_mode ();
|
|
|
|
|
break;
|
|
|
|
|
}
|
2017-06-08 09:30:48 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
static int
|
|
|
|
|
pid_suffix_callback (unsigned long *r_suffix)
|
|
|
|
|
{
|
|
|
|
|
union int_and_ptr_u value;
|
|
|
|
|
|
2015-06-16 12:12:03 +02:00
|
|
|
|
memset (&value, 0, sizeof value);
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
value.aptr = npth_getspecific (my_tlskey_current_fd);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*r_suffix = value.aint;
|
|
|
|
|
return (*r_suffix != -1); /* Use decimal representation. */
|
|
|
|
|
}
|
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
|
|
|
|
|
2017-02-20 17:24:00 +01:00
|
|
|
|
#if HTTP_USE_NTBTLS
|
|
|
|
|
static void
|
|
|
|
|
my_ntbtls_log_handler (void *opaque, int level, const char *fmt, va_list argv)
|
|
|
|
|
{
|
|
|
|
|
(void)opaque;
|
|
|
|
|
|
|
|
|
|
if (level == -1)
|
2017-12-11 10:37:30 +01:00
|
|
|
|
log_logv_prefix (GPGRT_LOGLVL_INFO, "ntbtls: ", fmt, argv);
|
2017-02-20 17:24:00 +01:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
char prefix[10+20];
|
|
|
|
|
snprintf (prefix, sizeof prefix, "ntbtls(%d): ", level);
|
2017-12-11 10:37:30 +01:00
|
|
|
|
log_logv_prefix (GPGRT_LOGLVL_DEBUG, prefix, fmt, argv);
|
2017-02-20 17:24:00 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2016-10-04 09:01:13 +09:00
|
|
|
|
static void
|
|
|
|
|
thread_init (void)
|
|
|
|
|
{
|
|
|
|
|
npth_init ();
|
2019-01-25 10:15:39 +09:00
|
|
|
|
assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
|
2016-10-07 10:45:22 +09:00
|
|
|
|
gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
|
2016-10-04 09:01:13 +09:00
|
|
|
|
|
|
|
|
|
/* Now with NPth running we can set the logging callback. Our
|
|
|
|
|
windows implementation does not yet feature the NPth TLS
|
|
|
|
|
functions. */
|
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
|
|
|
|
|
if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
|
|
|
|
|
log_set_pid_suffix_cb (pid_suffix_callback);
|
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int
|
|
|
|
|
main (int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
enum cmd_and_opt_values cmd = 0;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_argparse_t pargs;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int orig_argc;
|
|
|
|
|
char **orig_argv;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
char *last_configname = NULL;
|
|
|
|
|
const char *configname = NULL;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
const char *shell;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
int debug_argparser = 0;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int greeting = 0;
|
|
|
|
|
int nogreeting = 0;
|
|
|
|
|
int nodetach = 0;
|
|
|
|
|
int csh_style = 0;
|
|
|
|
|
char *logfile = NULL;
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2010-06-09 16:53:51 +00:00
|
|
|
|
char *ldapfile = NULL;
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif /*USE_LDAP*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int debug_wait = 0;
|
|
|
|
|
int rc;
|
|
|
|
|
struct assuan_malloc_hooks malloc_hooks;
|
|
|
|
|
|
2015-01-28 19:57:22 +01:00
|
|
|
|
early_system_init ();
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_set_strusage (my_strusage);
|
Call log_set_prefix() with human-readable labels.
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 01:37:57 -04:00
|
|
|
|
log_set_prefix (DIRMNGR_NAME, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
/* Make sure that our subsystems are ready. */
|
|
|
|
|
i18n_init ();
|
|
|
|
|
init_common_subsystems (&argc, &argv);
|
|
|
|
|
|
|
|
|
|
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Check that the libraries are suitable. Do it here because
|
|
|
|
|
the option parsing may need services of the libraries. */
|
|
|
|
|
if (!ksba_check_version (NEED_KSBA_VERSION) )
|
|
|
|
|
log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba",
|
|
|
|
|
NEED_KSBA_VERSION, ksba_check_version (NULL) );
|
|
|
|
|
|
|
|
|
|
ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
|
|
|
|
|
ksba_set_hash_buffer_function (my_ksba_hash_buffer, NULL);
|
|
|
|
|
|
2014-10-02 17:33:57 +02:00
|
|
|
|
/* Init TLS library. */
|
|
|
|
|
#if HTTP_USE_NTBTLS
|
|
|
|
|
if (!ntbtls_check_version (NEED_NTBTLS_VERSION) )
|
|
|
|
|
log_fatal( _("%s is too old (need %s, have %s)\n"), "ntbtls",
|
|
|
|
|
NEED_NTBTLS_VERSION, ntbtls_check_version (NULL) );
|
|
|
|
|
#elif HTTP_USE_GNUTLS
|
2014-05-05 16:09:45 +02:00
|
|
|
|
rc = gnutls_global_init ();
|
|
|
|
|
if (rc)
|
|
|
|
|
log_fatal ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
|
|
|
|
|
#endif /*HTTP_USE_GNUTLS*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
/* Init Assuan. */
|
|
|
|
|
malloc_hooks.malloc = gcry_malloc;
|
|
|
|
|
malloc_hooks.realloc = gcry_realloc;
|
|
|
|
|
malloc_hooks.free = gcry_free;
|
|
|
|
|
assuan_set_malloc_hooks (&malloc_hooks);
|
|
|
|
|
assuan_set_assuan_log_prefix (log_get_prefix (NULL));
|
|
|
|
|
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
|
|
|
|
|
assuan_sock_init ();
|
2016-09-05 12:50:35 +02:00
|
|
|
|
setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
setup_libgcrypt_logging ();
|
|
|
|
|
|
2017-02-20 17:24:00 +01:00
|
|
|
|
#if HTTP_USE_NTBTLS
|
|
|
|
|
ntbtls_set_log_handler (my_ntbtls_log_handler, NULL);
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Setup defaults. */
|
|
|
|
|
shell = getenv ("SHELL");
|
|
|
|
|
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
|
|
|
|
|
csh_style = 1;
|
|
|
|
|
|
|
|
|
|
/* Reset rereadable options to default values. */
|
2011-01-25 11:26:01 +01:00
|
|
|
|
parse_rereadable_options (NULL, 0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2017-06-08 09:30:48 +02:00
|
|
|
|
/* Default TCP timeouts. */
|
|
|
|
|
opt.connect_timeout = DEFAULT_CONNECT_TIMEOUT;
|
|
|
|
|
opt.connect_quick_timeout = DEFAULT_CONNECT_QUICK_TIMEOUT;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* LDAP defaults. */
|
|
|
|
|
opt.add_new_ldapservers = 0;
|
|
|
|
|
opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
|
|
|
|
|
|
|
|
|
|
/* Other defaults. */
|
|
|
|
|
|
|
|
|
|
/* Check whether we have a config file given on the commandline */
|
|
|
|
|
orig_argc = argc;
|
|
|
|
|
orig_argv = argv;
|
|
|
|
|
pargs.argc = &argc;
|
|
|
|
|
pargs.argv = &argv;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
pargs.flags= (ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION);
|
|
|
|
|
while (gpgrt_argparse (NULL, &pargs, opts))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
switch (pargs.r_opt)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
case oDebug:
|
|
|
|
|
case oDebugAll:
|
|
|
|
|
debug_argparser++;
|
|
|
|
|
break;
|
|
|
|
|
case oHomedir:
|
2016-06-07 10:59:46 +02:00
|
|
|
|
gnupg_set_homedir (pargs.r.ret_str);
|
2020-02-21 21:45:13 +01:00
|
|
|
|
break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2020-02-21 21:45:13 +01:00
|
|
|
|
/* Reset the flags. */
|
|
|
|
|
pargs.flags &= ~(ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2016-08-18 11:23:40 +02:00
|
|
|
|
socket_name = dirmngr_socket_name ();
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2020-02-21 21:45:13 +01:00
|
|
|
|
/* The configuraton directories for use by gpgrt_argparser. */
|
|
|
|
|
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
|
|
|
|
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
|
|
|
|
|
|
|
|
|
/* We are re-using the struct, thus the reset flag. We OR the
|
|
|
|
|
* flags so that the internal intialized flag won't be cleared. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
argc = orig_argc;
|
|
|
|
|
argv = orig_argv;
|
|
|
|
|
pargs.argc = &argc;
|
|
|
|
|
pargs.argv = &argv;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
pargs.flags |= (ARGPARSE_FLAG_RESET
|
|
|
|
|
| ARGPARSE_FLAG_KEEP
|
|
|
|
|
| ARGPARSE_FLAG_SYS
|
|
|
|
|
| ARGPARSE_FLAG_USER);
|
|
|
|
|
while (gpgrt_argparser (&pargs, opts, DIRMNGR_NAME EXTSEP_S "conf"))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
if (pargs.r_opt == ARGPARSE_CONFFILE)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
if (debug_argparser)
|
|
|
|
|
log_info (_("reading options from '%s'\n"),
|
|
|
|
|
pargs.r_type? pargs.r.ret_str: "[cmdline]");
|
|
|
|
|
if (pargs.r_type)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
xfree (last_configname);
|
|
|
|
|
last_configname = xstrdup (pargs.r.ret_str);
|
|
|
|
|
configname = last_configname;
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
else
|
2020-02-21 21:45:13 +01:00
|
|
|
|
configname = NULL;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (parse_rereadable_options (&pargs, 0))
|
|
|
|
|
continue; /* Already handled */
|
|
|
|
|
switch (pargs.r_opt)
|
|
|
|
|
{
|
2011-01-25 11:26:01 +01:00
|
|
|
|
case aServer:
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case aDaemon:
|
2016-10-26 16:37:08 -04:00
|
|
|
|
case aSupervised:
|
2011-01-25 11:26:01 +01:00
|
|
|
|
case aShutdown:
|
|
|
|
|
case aFlush:
|
|
|
|
|
case aListCRLs:
|
|
|
|
|
case aLoadCRL:
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case aFetchCRL:
|
|
|
|
|
case aGPGConfList:
|
|
|
|
|
case aGPGConfTest:
|
2020-10-02 12:26:02 +02:00
|
|
|
|
case aGPGConfVersions:
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cmd = pargs.r_opt;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case oQuiet: opt.quiet = 1; break;
|
|
|
|
|
case oVerbose: opt.verbose++; break;
|
|
|
|
|
case oBatch: opt.batch=1; break;
|
|
|
|
|
|
|
|
|
|
case oDebugWait: debug_wait = pargs.r.ret_int; break;
|
|
|
|
|
|
|
|
|
|
case oNoGreeting: nogreeting = 1; break;
|
|
|
|
|
case oNoVerbose: opt.verbose = 0; break;
|
|
|
|
|
case oHomedir: /* Ignore this option here. */; break;
|
|
|
|
|
case oNoDetach: nodetach = 1; break;
|
2021-11-13 14:46:19 +01:00
|
|
|
|
case oStealSocket: steal_socket = 1; break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oLogFile: logfile = pargs.r.ret_str; break;
|
|
|
|
|
case oCsh: csh_style = 1; break;
|
|
|
|
|
case oSh: csh_style = 0; break;
|
2014-10-17 15:59:45 +02:00
|
|
|
|
case oLDAPFile:
|
|
|
|
|
# if USE_LDAP
|
|
|
|
|
ldapfile = pargs.r.ret_str;
|
|
|
|
|
# endif /*USE_LDAP*/
|
|
|
|
|
break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case oLDAPAddServers: opt.add_new_ldapservers = 1; break;
|
|
|
|
|
|
|
|
|
|
case oFakedSystemTime:
|
|
|
|
|
gnupg_set_time ((time_t)pargs.r.ret_ulong, 0);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case oForce: opt.force = 1; break;
|
|
|
|
|
|
|
|
|
|
case oSocketName: socket_name = pargs.r.ret_str; break;
|
|
|
|
|
|
2017-12-12 14:14:40 +01:00
|
|
|
|
case oListenBacklog:
|
|
|
|
|
listen_backlog = pargs.r.ret_int;
|
|
|
|
|
break;
|
|
|
|
|
|
2020-02-21 21:45:13 +01:00
|
|
|
|
default:
|
|
|
|
|
if (configname)
|
|
|
|
|
pargs.err = ARGPARSE_PRINT_WARNING;
|
|
|
|
|
else
|
|
|
|
|
pargs.err = ARGPARSE_PRINT_ERROR;
|
|
|
|
|
break;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_argparse (NULL, &pargs, NULL); /* Release internal state. */
|
|
|
|
|
|
|
|
|
|
if (!last_configname)
|
|
|
|
|
opt.config_filename = gpgrt_fnameconcat (gnupg_homedir (),
|
|
|
|
|
DIRMNGR_NAME EXTSEP_S "conf",
|
|
|
|
|
NULL);
|
|
|
|
|
else
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
opt.config_filename = last_configname;
|
|
|
|
|
last_configname = NULL;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2020-02-21 21:45:13 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (log_get_errorcount(0))
|
|
|
|
|
exit(2);
|
2021-04-20 10:50:10 +02:00
|
|
|
|
|
|
|
|
|
/* Get a default log file from common.conf. */
|
|
|
|
|
if (!logfile && !parse_comopt (GNUPG_MODULE_NAME_DIRMNGR, debug_argparser))
|
|
|
|
|
{
|
|
|
|
|
logfile = comopt.logfile;
|
|
|
|
|
comopt.logfile = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (nogreeting )
|
|
|
|
|
greeting = 0;
|
|
|
|
|
|
|
|
|
|
if (!opt.homedir_cache)
|
2016-06-07 10:59:46 +02:00
|
|
|
|
opt.homedir_cache = xstrdup (gnupg_homedir ());
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
if (greeting)
|
|
|
|
|
{
|
2010-07-16 13:19:45 +00:00
|
|
|
|
es_fprintf (es_stderr, "%s %s; %s\n",
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_strusage(11), gpgrt_strusage(13), gpgrt_strusage(14));
|
|
|
|
|
es_fprintf (es_stderr, "%s\n", gpgrt_strusage(15));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#ifdef IS_DEVELOPMENT_VERSION
|
|
|
|
|
log_info ("NOTE: this is a development version!\n");
|
|
|
|
|
#endif
|
|
|
|
|
|
2012-03-27 12:35:13 +02:00
|
|
|
|
/* Print a warning if an argument looks like an option. */
|
|
|
|
|
if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
for (i=0; i < argc; i++)
|
|
|
|
|
if (argv[i][0] == '-' && argv[i][1] == '-')
|
2014-10-10 15:29:42 +02:00
|
|
|
|
log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
|
2012-03-27 12:35:13 +02:00
|
|
|
|
}
|
|
|
|
|
|
2020-10-20 10:43:55 +02:00
|
|
|
|
if (!gnupg_access ("/etc/"DIRMNGR_NAME, F_OK)
|
2016-06-07 10:59:46 +02:00
|
|
|
|
&& !strncmp (gnupg_homedir (), "/etc/", 5))
|
2011-01-25 11:26:01 +01:00
|
|
|
|
log_info
|
2013-11-18 14:09:47 +01:00
|
|
|
|
("NOTE: DirMngr is now a proper part of %s. The configuration and"
|
2010-07-16 13:19:45 +00:00
|
|
|
|
" other directory names changed. Please check that no other version"
|
|
|
|
|
" of dirmngr is still installed. To disable this warning, remove the"
|
2013-11-18 14:09:47 +01:00
|
|
|
|
" directory '/etc/dirmngr'.\n", GNUPG_NAME);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (gnupg_faked_time_p ())
|
|
|
|
|
{
|
2010-10-21 08:52:23 +00:00
|
|
|
|
gnupg_isotime_t tbuf;
|
|
|
|
|
|
2010-10-21 08:23:29 +00:00
|
|
|
|
log_info (_("WARNING: running with faked system time: "));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
gnupg_get_isotime (tbuf);
|
2010-10-21 08:23:29 +00:00
|
|
|
|
dump_isotime (tbuf);
|
|
|
|
|
log_printf ("\n");
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-01-11 11:08:47 +01:00
|
|
|
|
post_option_parsing (cmd);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2021-05-26 15:49:14 +02:00
|
|
|
|
/* Get LDAP server list from file unless --ldapserver has been used. */
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2021-05-26 15:49:14 +02:00
|
|
|
|
if (opt.ldapservers)
|
|
|
|
|
;
|
|
|
|
|
else if (!ldapfile)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2016-06-07 10:59:46 +02:00
|
|
|
|
ldapfile = make_filename (gnupg_homedir (),
|
2016-08-18 11:23:40 +02:00
|
|
|
|
"dirmngr_ldapservers.conf",
|
2010-06-09 16:53:51 +00:00
|
|
|
|
NULL);
|
2020-07-02 16:05:40 +02:00
|
|
|
|
opt.ldapservers = parse_ldapserver_file (ldapfile, 1);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
xfree (ldapfile);
|
|
|
|
|
}
|
|
|
|
|
else
|
2020-07-02 16:05:40 +02:00
|
|
|
|
opt.ldapservers = parse_ldapserver_file (ldapfile, 0);
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif /*USE_LDAP*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
/* We need to ignore the PIPE signal because the we might log to a
|
|
|
|
|
socket and that code handles EPIPE properly. The ldap wrapper
|
|
|
|
|
also requires us to ignore this silly signal. Assuan would set
|
|
|
|
|
this signal to ignore anyway.*/
|
|
|
|
|
signal (SIGPIPE, SIG_IGN);
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/* Ready. Now to our duties. */
|
2016-08-18 11:23:40 +02:00
|
|
|
|
if (!cmd)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cmd = aServer;
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
|
|
if (cmd == aServer)
|
|
|
|
|
{
|
2014-03-12 18:24:52 +01:00
|
|
|
|
/* Note that this server mode is mainly useful for debugging. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (argc)
|
|
|
|
|
wrong_args ("--server");
|
|
|
|
|
|
|
|
|
|
if (logfile)
|
|
|
|
|
{
|
|
|
|
|
log_set_file (logfile);
|
Call log_set_prefix() with human-readable labels.
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 01:37:57 -04:00
|
|
|
|
log_set_prefix (NULL, GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (debug_wait)
|
|
|
|
|
{
|
|
|
|
|
log_debug ("waiting for debugger - my pid is %u .....\n",
|
|
|
|
|
(unsigned int)getpid());
|
|
|
|
|
gnupg_sleep (debug_wait);
|
|
|
|
|
log_debug ("... okay\n");
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-17 15:59:45 +02:00
|
|
|
|
|
2016-10-04 09:01:13 +09:00
|
|
|
|
thread_init ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
crl_cache_init ();
|
2018-09-11 13:54:49 +09:00
|
|
|
|
ks_hkp_init ();
|
2016-11-11 17:30:23 +01:00
|
|
|
|
http_register_netactivity_cb (netactivity_action);
|
2017-11-14 13:42:18 +01:00
|
|
|
|
start_command_handler (ASSUAN_INVALID_FD, 0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
shutdown_reaper ();
|
|
|
|
|
}
|
2016-10-27 09:27:03 +02:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2016-10-26 16:37:08 -04:00
|
|
|
|
else if (cmd == aSupervised)
|
|
|
|
|
{
|
2022-04-26 11:16:28 +09:00
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
2022-04-25 12:03:45 +02:00
|
|
|
|
if (!opt.quiet)
|
|
|
|
|
log_info(_("WARNING: \"%s\" is a deprecated option\n"), "--supervised");
|
|
|
|
|
|
2016-10-26 16:37:08 -04:00
|
|
|
|
/* In supervised mode, we expect file descriptor 3 to be an
|
|
|
|
|
already opened, listening socket.
|
|
|
|
|
|
|
|
|
|
We will also not detach from the controlling process or close
|
|
|
|
|
stderr; the supervisor should handle all of that. */
|
2016-10-27 09:27:03 +02:00
|
|
|
|
if (fstat (3, &statbuf) == -1 && errno == EBADF)
|
2016-10-26 16:37:08 -04:00
|
|
|
|
{
|
2016-10-27 09:27:03 +02:00
|
|
|
|
log_error ("file descriptor 3 must be validin --supervised mode\n");
|
2016-10-26 16:37:08 -04:00
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
socket_name = gnupg_get_socket_name (3);
|
|
|
|
|
|
|
|
|
|
/* Now start with logging to a file if this is desired. */
|
|
|
|
|
if (logfile)
|
|
|
|
|
{
|
|
|
|
|
log_set_file (logfile);
|
|
|
|
|
log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
|
|
|
|
|
|GPGRT_LOG_WITH_TIME
|
|
|
|
|
|GPGRT_LOG_WITH_PID));
|
|
|
|
|
current_logfile = xstrdup (logfile);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
log_set_prefix (NULL, 0);
|
|
|
|
|
|
|
|
|
|
thread_init ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2016-10-26 16:37:08 -04:00
|
|
|
|
crl_cache_init ();
|
2018-09-11 13:54:49 +09:00
|
|
|
|
ks_hkp_init ();
|
2016-11-11 17:30:23 +01:00
|
|
|
|
http_register_netactivity_cb (netactivity_action);
|
2016-10-26 16:37:08 -04:00
|
|
|
|
handle_connections (3);
|
|
|
|
|
shutdown_reaper ();
|
|
|
|
|
}
|
2016-10-27 09:27:03 +02:00
|
|
|
|
#endif /*HAVE_W32_SYSTEM*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
else if (cmd == aDaemon)
|
|
|
|
|
{
|
|
|
|
|
assuan_fd_t fd;
|
|
|
|
|
pid_t pid;
|
|
|
|
|
int len;
|
|
|
|
|
struct sockaddr_un serv_addr;
|
|
|
|
|
|
|
|
|
|
if (argc)
|
|
|
|
|
wrong_args ("--daemon");
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Now start with logging to a file if this is desired. */
|
|
|
|
|
if (logfile)
|
|
|
|
|
{
|
|
|
|
|
log_set_file (logfile);
|
2015-04-24 15:49:18 +02:00
|
|
|
|
log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
|
|
|
|
|
|GPGRT_LOG_WITH_TIME
|
|
|
|
|
|GPGRT_LOG_WITH_PID));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
current_logfile = xstrdup (logfile);
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-15 15:30:21 +01:00
|
|
|
|
if (debug_wait)
|
|
|
|
|
{
|
|
|
|
|
log_debug ("waiting for debugger - my pid is %u .....\n",
|
|
|
|
|
(unsigned int)getpid());
|
|
|
|
|
gnupg_sleep (debug_wait);
|
|
|
|
|
log_debug ("... okay\n");
|
|
|
|
|
}
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
if (strchr (socket_name, ':'))
|
|
|
|
|
{
|
|
|
|
|
log_error (_("colons are not allowed in the socket name\n"));
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
|
|
|
|
|
if (fd == ASSUAN_INVALID_FD)
|
|
|
|
|
{
|
|
|
|
|
log_error (_("can't create socket: %s\n"), strerror (errno));
|
|
|
|
|
cleanup ();
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
|
2014-12-01 09:50:55 +01:00
|
|
|
|
{
|
|
|
|
|
int redirected;
|
|
|
|
|
|
|
|
|
|
if (assuan_sock_set_sockaddr_un (socket_name,
|
|
|
|
|
(struct sockaddr*)&serv_addr,
|
|
|
|
|
&redirected))
|
|
|
|
|
{
|
|
|
|
|
if (errno == ENAMETOOLONG)
|
|
|
|
|
log_error (_("socket name '%s' is too long\n"), socket_name);
|
|
|
|
|
else
|
|
|
|
|
log_error ("error preparing socket '%s': %s\n",
|
|
|
|
|
socket_name,
|
|
|
|
|
gpg_strerror (gpg_error_from_syserror ()));
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
if (redirected)
|
|
|
|
|
{
|
|
|
|
|
redir_socket_name = xstrdup (serv_addr.sun_path);
|
|
|
|
|
if (opt.verbose)
|
|
|
|
|
log_info ("redirecting socket '%s' to '%s'\n",
|
|
|
|
|
socket_name, redir_socket_name);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2010-08-06 13:52:01 +00:00
|
|
|
|
len = SUN_LEN (&serv_addr);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (rc == -1
|
2010-08-06 13:52:01 +00:00
|
|
|
|
&& (errno == EADDRINUSE
|
|
|
|
|
#ifdef HAVE_W32_SYSTEM
|
|
|
|
|
|| errno == EEXIST
|
|
|
|
|
#endif
|
|
|
|
|
))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2021-11-13 14:46:19 +01:00
|
|
|
|
/* Fixme: We should actually test whether a dirmngr is
|
|
|
|
|
* already running. For now the steal option is a dummy. */
|
|
|
|
|
/* if (steal_socket) */
|
|
|
|
|
/* log_info (N_("trying to steal socket from running %s\n"), */
|
|
|
|
|
/* "dirmngr"); */
|
2014-12-01 09:50:55 +01:00
|
|
|
|
gnupg_remove (redir_socket_name? redir_socket_name : socket_name);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
|
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (rc != -1
|
2010-06-09 16:53:51 +00:00
|
|
|
|
&& (rc = assuan_sock_get_nonce ((struct sockaddr*) &serv_addr, len, &socket_nonce)))
|
|
|
|
|
log_error (_("error getting nonce for the socket\n"));
|
|
|
|
|
if (rc == -1)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("error binding socket to '%s': %s\n"),
|
2014-12-01 09:50:55 +01:00
|
|
|
|
serv_addr.sun_path,
|
2020-10-21 16:59:38 +02:00
|
|
|
|
gpg_strerror (gpg_error_from_syserror ()));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
assuan_sock_close (fd);
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
cleanup_socket = 1;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2016-06-08 16:18:02 +02:00
|
|
|
|
if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
|
|
|
|
|
log_error (_("can't set permissions of '%s': %s\n"),
|
|
|
|
|
serv_addr.sun_path, strerror (errno));
|
|
|
|
|
|
2017-12-12 14:14:40 +01:00
|
|
|
|
if (listen (FD2INT (fd), listen_backlog) == -1)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2017-12-12 14:14:40 +01:00
|
|
|
|
log_error ("listen(fd,%d) failed: %s\n",
|
|
|
|
|
listen_backlog, strerror (errno));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
assuan_sock_close (fd);
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (opt.verbose)
|
2014-12-01 09:50:55 +01:00
|
|
|
|
log_info (_("listening on socket '%s'\n"), serv_addr.sun_path);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2010-07-16 13:19:45 +00:00
|
|
|
|
es_fflush (NULL);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2010-08-16 11:03:43 +00:00
|
|
|
|
/* Note: We keep the dirmngr_info output only for the sake of
|
|
|
|
|
existing scripts which might use this to detect a successful
|
|
|
|
|
start of the dirmngr. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#ifdef HAVE_W32_SYSTEM
|
2014-03-07 09:46:44 +01:00
|
|
|
|
(void)csh_style;
|
|
|
|
|
(void)nodetach;
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
pid = getpid ();
|
2013-11-18 14:09:47 +01:00
|
|
|
|
es_printf ("set %s=%s;%lu;1\n",
|
|
|
|
|
DIRMNGR_INFO_NAME, socket_name, (ulong) pid);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#else
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
pid = fork();
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (pid == (pid_t)-1)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2010-10-21 08:23:29 +00:00
|
|
|
|
log_fatal (_("error forking process: %s\n"), strerror (errno));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (pid)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{ /* We are the parent */
|
|
|
|
|
char *infostr;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Don't let cleanup() remove the socket - the child is
|
|
|
|
|
responsible for doing that. */
|
|
|
|
|
cleanup_socket = 0;
|
|
|
|
|
|
|
|
|
|
close (fd);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Create the info string: <name>:<pid>:<protocol_version> */
|
2013-11-18 14:09:47 +01:00
|
|
|
|
if (asprintf (&infostr, "%s=%s:%lu:1",
|
2014-12-01 09:50:55 +01:00
|
|
|
|
DIRMNGR_INFO_NAME, serv_addr.sun_path, (ulong)pid ) < 0)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
log_error (_("out of core\n"));
|
|
|
|
|
kill (pid, SIGTERM);
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
/* Print the environment string, so that the caller can use
|
2010-08-16 11:03:43 +00:00
|
|
|
|
shell's eval to set it. But see above. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (csh_style)
|
|
|
|
|
{
|
|
|
|
|
*strchr (infostr, '=') = ' ';
|
2012-01-03 11:14:14 +01:00
|
|
|
|
es_printf ( "setenv %s;\n", infostr);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2013-11-18 14:09:47 +01:00
|
|
|
|
es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
free (infostr);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
exit (0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/*NEVER REACHED*/
|
|
|
|
|
} /* end parent */
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2010-06-09 16:53:51 +00:00
|
|
|
|
This is the child
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Detach from tty and put process into a new session */
|
|
|
|
|
if (!nodetach )
|
2011-01-25 11:26:01 +01:00
|
|
|
|
{
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int i;
|
|
|
|
|
unsigned int oldflags;
|
|
|
|
|
|
|
|
|
|
/* Close stdin, stdout and stderr unless it is the log stream */
|
|
|
|
|
for (i=0; i <= 2; i++)
|
|
|
|
|
{
|
|
|
|
|
if (!log_test_fd (i) && i != fd )
|
2016-11-16 21:17:47 +01:00
|
|
|
|
{
|
|
|
|
|
if ( !close (i)
|
|
|
|
|
&& open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
|
|
|
|
|
{
|
|
|
|
|
log_error ("failed to open '%s': %s\n",
|
|
|
|
|
"/dev/null", strerror (errno));
|
|
|
|
|
cleanup ();
|
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2016-11-16 21:17:47 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (setsid() == -1)
|
|
|
|
|
{
|
2010-10-21 08:23:29 +00:00
|
|
|
|
log_error ("setsid() failed: %s\n", strerror(errno) );
|
2010-06-09 16:53:51 +00:00
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log_get_prefix (&oldflags);
|
2015-04-24 15:49:18 +02:00
|
|
|
|
log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
opt.running_detached = 1;
|
|
|
|
|
|
2017-07-25 12:52:33 +02:00
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
if (!nodetach )
|
|
|
|
|
{
|
2017-07-25 12:24:01 +02:00
|
|
|
|
if (gnupg_chdir (gnupg_daemon_rootdir ()))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2017-07-25 12:24:01 +02:00
|
|
|
|
log_error ("chdir to '%s' failed: %s\n",
|
|
|
|
|
gnupg_daemon_rootdir (), strerror (errno));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
dirmngr_exit (1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-04 09:01:13 +09:00
|
|
|
|
thread_init ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
crl_cache_init ();
|
2018-09-11 13:54:49 +09:00
|
|
|
|
ks_hkp_init ();
|
2016-11-11 17:30:23 +01:00
|
|
|
|
http_register_netactivity_cb (netactivity_action);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
handle_connections (fd);
|
|
|
|
|
shutdown_reaper ();
|
|
|
|
|
}
|
|
|
|
|
else if (cmd == aListCRLs)
|
|
|
|
|
{
|
|
|
|
|
/* Just list the CRL cache and exit. */
|
|
|
|
|
if (argc)
|
|
|
|
|
wrong_args ("--list-crls");
|
|
|
|
|
crl_cache_init ();
|
2010-07-16 13:19:45 +00:00
|
|
|
|
crl_cache_list (es_stdout);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
else if (cmd == aLoadCRL)
|
|
|
|
|
{
|
|
|
|
|
struct server_control_s ctrlbuf;
|
|
|
|
|
|
|
|
|
|
memset (&ctrlbuf, 0, sizeof ctrlbuf);
|
|
|
|
|
dirmngr_init_default_ctrl (&ctrlbuf);
|
|
|
|
|
|
2016-10-04 09:01:13 +09:00
|
|
|
|
thread_init ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
crl_cache_init ();
|
2018-09-11 13:54:49 +09:00
|
|
|
|
ks_hkp_init ();
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (!argc)
|
|
|
|
|
rc = crl_cache_load (&ctrlbuf, NULL);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
for (; !rc && argc; argc--, argv++)
|
|
|
|
|
rc = crl_cache_load (&ctrlbuf, *argv);
|
|
|
|
|
}
|
2015-04-21 17:14:53 +02:00
|
|
|
|
dirmngr_deinit_default_ctrl (&ctrlbuf);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
else if (cmd == aFetchCRL)
|
|
|
|
|
{
|
|
|
|
|
ksba_reader_t reader;
|
|
|
|
|
struct server_control_s ctrlbuf;
|
|
|
|
|
|
|
|
|
|
if (argc != 1)
|
|
|
|
|
wrong_args ("--fetch-crl URL");
|
|
|
|
|
|
|
|
|
|
memset (&ctrlbuf, 0, sizeof ctrlbuf);
|
|
|
|
|
dirmngr_init_default_ctrl (&ctrlbuf);
|
|
|
|
|
|
2016-10-04 09:01:13 +09:00
|
|
|
|
thread_init ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
crl_cache_init ();
|
2018-09-11 13:54:49 +09:00
|
|
|
|
ks_hkp_init ();
|
2010-06-09 16:53:51 +00:00
|
|
|
|
rc = crl_fetch (&ctrlbuf, argv[0], &reader);
|
|
|
|
|
if (rc)
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("fetching CRL from '%s' failed: %s\n"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
argv[0], gpg_strerror (rc));
|
|
|
|
|
else
|
|
|
|
|
{
|
2011-01-25 11:26:01 +01:00
|
|
|
|
rc = crl_cache_insert (&ctrlbuf, argv[0], reader);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (rc)
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("processing CRL from '%s' failed: %s\n"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
argv[0], gpg_strerror (rc));
|
|
|
|
|
crl_close_reader (reader);
|
|
|
|
|
}
|
2015-04-21 17:14:53 +02:00
|
|
|
|
dirmngr_deinit_default_ctrl (&ctrlbuf);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
else if (cmd == aFlush)
|
|
|
|
|
{
|
|
|
|
|
/* Delete cache and exit. */
|
|
|
|
|
if (argc)
|
|
|
|
|
wrong_args ("--flush");
|
|
|
|
|
rc = crl_cache_flush();
|
|
|
|
|
}
|
|
|
|
|
else if (cmd == aGPGConfTest)
|
|
|
|
|
dirmngr_exit (0);
|
|
|
|
|
else if (cmd == aGPGConfList)
|
|
|
|
|
{
|
|
|
|
|
unsigned long flags = 0;
|
|
|
|
|
char *filename_esc;
|
|
|
|
|
|
2011-01-19 16:29:30 +01:00
|
|
|
|
es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
|
|
|
|
|
es_printf ("ldaptimeout:%lu:%u\n",
|
2020-03-14 18:53:43 +01:00
|
|
|
|
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
|
2011-01-19 16:29:30 +01:00
|
|
|
|
es_printf ("max-replies:%lu:%u\n",
|
2020-03-14 18:53:43 +01:00
|
|
|
|
flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
|
2017-03-02 17:58:00 +01:00
|
|
|
|
|
|
|
|
|
filename_esc = percent_escape (get_default_keyserver (0), NULL);
|
|
|
|
|
es_printf ("keyserver:%lu:\"%s:\n", flags | GC_OPT_FLAG_DEFAULT,
|
|
|
|
|
filename_esc);
|
|
|
|
|
xfree (filename_esc);
|
|
|
|
|
|
2016-12-20 09:53:58 +01:00
|
|
|
|
es_printf ("resolver-timeout:%lu:%u\n",
|
|
|
|
|
flags | GC_OPT_FLAG_DEFAULT, 0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2020-10-02 12:26:02 +02:00
|
|
|
|
else if (cmd == aGPGConfVersions)
|
|
|
|
|
gpgconf_versions ();
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cleanup ();
|
|
|
|
|
return !!rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
cleanup (void)
|
|
|
|
|
{
|
|
|
|
|
crl_cache_deinit ();
|
|
|
|
|
cert_cache_deinit (1);
|
2016-12-16 21:00:14 +01:00
|
|
|
|
reload_dns_stuff (1);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2010-06-09 16:53:51 +00:00
|
|
|
|
ldapserver_list_free (opt.ldapservers);
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif /*USE_LDAP*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
opt.ldapservers = NULL;
|
|
|
|
|
|
|
|
|
|
if (cleanup_socket)
|
|
|
|
|
{
|
|
|
|
|
cleanup_socket = 0;
|
2014-12-01 09:50:55 +01:00
|
|
|
|
if (redir_socket_name)
|
|
|
|
|
gnupg_remove (redir_socket_name);
|
|
|
|
|
else if (socket_name && *socket_name)
|
2010-07-16 13:19:45 +00:00
|
|
|
|
gnupg_remove (socket_name);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
void
|
2010-06-09 16:53:51 +00:00
|
|
|
|
dirmngr_exit (int rc)
|
|
|
|
|
{
|
|
|
|
|
cleanup ();
|
|
|
|
|
exit (rc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
dirmngr_init_default_ctrl (ctrl_t ctrl)
|
|
|
|
|
{
|
2017-02-19 10:36:43 +01:00
|
|
|
|
ctrl->magic = SERVER_CONTROL_MAGIC;
|
2015-04-21 17:14:53 +02:00
|
|
|
|
if (opt.http_proxy)
|
|
|
|
|
ctrl->http_proxy = xstrdup (opt.http_proxy);
|
2017-02-21 09:37:07 +01:00
|
|
|
|
ctrl->http_no_crl = 1;
|
2017-06-08 09:30:48 +02:00
|
|
|
|
ctrl->timeout = opt.connect_timeout;
|
2015-04-21 17:14:53 +02:00
|
|
|
|
}
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2015-04-21 17:14:53 +02:00
|
|
|
|
void
|
|
|
|
|
dirmngr_deinit_default_ctrl (ctrl_t ctrl)
|
|
|
|
|
{
|
|
|
|
|
if (!ctrl)
|
|
|
|
|
return;
|
2017-02-19 10:36:43 +01:00
|
|
|
|
ctrl->magic = 0xdeadbeef;
|
|
|
|
|
|
2015-04-21 17:14:53 +02:00
|
|
|
|
xfree (ctrl->http_proxy);
|
|
|
|
|
ctrl->http_proxy = NULL;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Create a list of LDAP servers from the file FILENAME. Returns the
|
2011-01-25 11:26:01 +01:00
|
|
|
|
list or NULL in case of errors.
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
Spelling cleanup.
No functional changes, just fixing minor spelling issues.
---
Most of these were identified from the command line by running:
codespell \
--ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
--skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
NEWS README README.maint TODO
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 09:34:42 -05:00
|
|
|
|
The format of such a file is line oriented where empty lines and
|
2010-06-09 16:53:51 +00:00
|
|
|
|
lines starting with a hash mark are ignored. All other lines are
|
|
|
|
|
assumed to be colon seprated with these fields:
|
|
|
|
|
|
|
|
|
|
1. field: Hostname
|
|
|
|
|
2. field: Portnumber
|
2011-01-25 11:26:01 +01:00
|
|
|
|
3. field: Username
|
2010-06-09 16:53:51 +00:00
|
|
|
|
4. field: Password
|
|
|
|
|
5. field: Base DN
|
|
|
|
|
|
|
|
|
|
*/
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#if USE_LDAP
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static ldap_server_t
|
2020-07-02 16:05:40 +02:00
|
|
|
|
parse_ldapserver_file (const char* filename, int ignore_enoent)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
char buffer[1024];
|
|
|
|
|
char *p;
|
|
|
|
|
ldap_server_t server, serverstart, *serverend;
|
|
|
|
|
int c;
|
|
|
|
|
unsigned int lineno = 0;
|
2010-07-16 13:19:45 +00:00
|
|
|
|
estream_t fp;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2010-07-16 13:19:45 +00:00
|
|
|
|
fp = es_fopen (filename, "r");
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (!fp)
|
|
|
|
|
{
|
2020-07-02 16:05:40 +02:00
|
|
|
|
if (ignore_enoent && gpg_err_code_from_syserror () == GPG_ERR_ENOENT)
|
|
|
|
|
;
|
|
|
|
|
else
|
|
|
|
|
log_info ("failed to open '%s': %s\n", filename, strerror (errno));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
serverstart = NULL;
|
|
|
|
|
serverend = &serverstart;
|
2010-07-16 13:19:45 +00:00
|
|
|
|
while (es_fgets (buffer, sizeof buffer, fp))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
lineno++;
|
|
|
|
|
if (!*buffer || buffer[strlen(buffer)-1] != '\n')
|
|
|
|
|
{
|
2010-07-16 13:19:45 +00:00
|
|
|
|
if (*buffer && es_feof (fp))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
; /* Last line not terminated - continue. */
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
log_error (_("%s:%u: line too long - skipped\n"),
|
|
|
|
|
filename, lineno);
|
2010-07-16 13:19:45 +00:00
|
|
|
|
while ( (c=es_fgetc (fp)) != EOF && c != '\n')
|
2010-06-09 16:53:51 +00:00
|
|
|
|
; /* Skip until end of line. */
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
/* Skip empty and comment lines.*/
|
|
|
|
|
for (p=buffer; spacep (p); p++)
|
|
|
|
|
;
|
|
|
|
|
if (!*p || *p == '\n' || *p == '#')
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
/* Parse the colon separated fields. */
|
|
|
|
|
server = ldapserver_parse_one (buffer, filename, lineno);
|
|
|
|
|
if (server)
|
|
|
|
|
{
|
|
|
|
|
*serverend = server;
|
|
|
|
|
serverend = &server->next;
|
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
}
|
|
|
|
|
|
2010-07-16 13:19:45 +00:00
|
|
|
|
if (es_ferror (fp))
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("error reading '%s': %s\n"), filename, strerror (errno));
|
2010-07-16 13:19:45 +00:00
|
|
|
|
es_fclose (fp);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
return serverstart;
|
|
|
|
|
}
|
2014-10-17 15:59:45 +02:00
|
|
|
|
#endif /*USE_LDAP*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2021-10-06 10:31:41 +02:00
|
|
|
|
|
|
|
|
|
/* Parse a fingerprint entry as used by --ocsc-signer. OPTIONNAME as
|
|
|
|
|
* a description on the options used. WANT_BINARY requests to store a
|
|
|
|
|
* binary fingerprint. Returns NULL on error and logs that error. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static fingerprint_list_t
|
2021-10-06 10:31:41 +02:00
|
|
|
|
parse_fingerprint_item (const char *string,
|
|
|
|
|
const char *optionname, int want_binary)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
gpg_error_t err;
|
|
|
|
|
char *fname;
|
2010-07-16 13:19:45 +00:00
|
|
|
|
estream_t fp;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
char line[256];
|
|
|
|
|
char *p;
|
|
|
|
|
fingerprint_list_t list, *list_tail, item;
|
|
|
|
|
unsigned int lnr = 0;
|
|
|
|
|
int c, i, j;
|
|
|
|
|
int errflag = 0;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Check whether this is not a filename and treat it as a direct
|
|
|
|
|
fingerprint specification. */
|
|
|
|
|
if (!strpbrk (string, "/.~\\"))
|
|
|
|
|
{
|
|
|
|
|
item = xcalloc (1, sizeof *item);
|
|
|
|
|
for (i=j=0; (string[i] == ':' || hexdigitp (string+i)) && j < 40; i++)
|
|
|
|
|
if ( string[i] != ':' )
|
|
|
|
|
item->hexfpr[j++] = string[i] >= 'a'? (string[i] & 0xdf): string[i];
|
|
|
|
|
item->hexfpr[j] = 0;
|
|
|
|
|
if (j != 40 || !(spacep (string+i) || !string[i]))
|
|
|
|
|
{
|
2011-01-25 11:26:01 +01:00
|
|
|
|
log_error (_("%s:%u: invalid fingerprint detected\n"),
|
2021-10-06 10:31:41 +02:00
|
|
|
|
optionname, 0);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
xfree (item);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2021-10-06 10:31:41 +02:00
|
|
|
|
if (want_binary)
|
|
|
|
|
{
|
|
|
|
|
item->binlen = 20;
|
|
|
|
|
hex2bin (item->hexfpr, item->hexfpr, 20);
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
return item;
|
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
/* Well, it is a filename. */
|
|
|
|
|
if (*string == '/' || (*string == '~' && string[1] == '/'))
|
|
|
|
|
fname = make_filename (string, NULL);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (string[0] == '.' && string[1] == '/' )
|
|
|
|
|
string += 2;
|
2016-06-07 10:59:46 +02:00
|
|
|
|
fname = make_filename (gnupg_homedir (), string, NULL);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
2010-07-16 13:19:45 +00:00
|
|
|
|
fp = es_fopen (fname, "r");
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (!fp)
|
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
xfree (fname);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
list = NULL;
|
|
|
|
|
list_tail = &list;
|
|
|
|
|
for (;;)
|
|
|
|
|
{
|
2010-07-16 13:19:45 +00:00
|
|
|
|
if (!es_fgets (line, DIM(line)-1, fp) )
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2010-07-16 13:19:45 +00:00
|
|
|
|
if (!es_feof (fp))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
log_error (_("%s:%u: read error: %s\n"),
|
|
|
|
|
fname, lnr, gpg_strerror (err));
|
|
|
|
|
errflag = 1;
|
|
|
|
|
}
|
2010-07-16 13:19:45 +00:00
|
|
|
|
es_fclose (fp);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (errflag)
|
|
|
|
|
{
|
|
|
|
|
while (list)
|
|
|
|
|
{
|
|
|
|
|
fingerprint_list_t tmp = list->next;
|
|
|
|
|
xfree (list);
|
|
|
|
|
list = tmp;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
xfree (fname);
|
|
|
|
|
return list; /* Ready. */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lnr++;
|
|
|
|
|
if (!*line || line[strlen(line)-1] != '\n')
|
|
|
|
|
{
|
|
|
|
|
/* Eat until end of line. */
|
2010-07-16 13:19:45 +00:00
|
|
|
|
while ( (c=es_getc (fp)) != EOF && c != '\n')
|
2010-06-09 16:53:51 +00:00
|
|
|
|
;
|
|
|
|
|
err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
|
|
|
|
|
/* */: GPG_ERR_INCOMPLETE_LINE);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
log_error (_("%s:%u: read error: %s\n"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
fname, lnr, gpg_strerror (err));
|
|
|
|
|
errflag = 1;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Allow for empty lines and spaces */
|
|
|
|
|
for (p=line; spacep (p); p++)
|
|
|
|
|
;
|
|
|
|
|
if (!*p || *p == '\n' || *p == '#')
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
item = xcalloc (1, sizeof *item);
|
|
|
|
|
*list_tail = item;
|
|
|
|
|
list_tail = &item->next;
|
|
|
|
|
|
|
|
|
|
for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
|
|
|
|
|
if ( p[i] != ':' )
|
|
|
|
|
item->hexfpr[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
|
|
|
|
|
item->hexfpr[j] = 0;
|
|
|
|
|
if (j != 40 || !(spacep (p+i) || p[i] == '\n'))
|
|
|
|
|
{
|
|
|
|
|
log_error (_("%s:%u: invalid fingerprint detected\n"), fname, lnr);
|
|
|
|
|
errflag = 1;
|
|
|
|
|
}
|
2021-10-06 10:31:41 +02:00
|
|
|
|
else if (want_binary)
|
|
|
|
|
{
|
|
|
|
|
item->binlen = 20;
|
|
|
|
|
hex2bin (item->hexfpr, item->hexfpr, 20);
|
|
|
|
|
}
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
i++;
|
|
|
|
|
while (spacep (p+i))
|
|
|
|
|
i++;
|
|
|
|
|
if (p[i] && p[i] != '\n')
|
|
|
|
|
log_info (_("%s:%u: garbage at end of line ignored\n"), fname, lnr);
|
|
|
|
|
}
|
|
|
|
|
/*NOTREACHED*/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2011-01-25 11:26:01 +01:00
|
|
|
|
Stuff used in daemon mode.
|
2010-06-09 16:53:51 +00:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Reread parts of the configuration. Note, that this function is
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
obviously not thread-safe and should only be called from the NPTH
|
2011-01-25 11:26:01 +01:00
|
|
|
|
signal handler.
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
Fixme: Due to the way the argument parsing works, we create a
|
|
|
|
|
memory leak here for all string type arguments. There is currently
|
|
|
|
|
no clean way to tell whether the memory for the argument has been
|
Spelling cleanup.
No functional changes, just fixing minor spelling issues.
---
Most of these were identified from the command line by running:
codespell \
--ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
--skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
NEWS README README.maint TODO
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 09:34:42 -05:00
|
|
|
|
allocated or points into the process's original arguments. Unless
|
2010-06-09 16:53:51 +00:00
|
|
|
|
we have a mechanism to tell this, we need to live on with this. */
|
|
|
|
|
static void
|
|
|
|
|
reread_configuration (void)
|
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_argparse_t pargs;
|
2020-02-22 11:35:34 +01:00
|
|
|
|
char *twopart;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int dummy;
|
2021-04-20 10:50:10 +02:00
|
|
|
|
int logfile_seen = 0;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
if (!opt.config_filename)
|
2021-04-20 10:50:10 +02:00
|
|
|
|
goto finish; /* No config file. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2020-02-22 11:35:34 +01:00
|
|
|
|
twopart = strconcat (DIRMNGR_NAME EXTSEP_S "conf" PATHSEP_S,
|
|
|
|
|
opt.config_filename, NULL);
|
|
|
|
|
if (!twopart)
|
|
|
|
|
return; /* Out of core. */
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
parse_rereadable_options (NULL, 1); /* Start from the default values. */
|
|
|
|
|
|
|
|
|
|
memset (&pargs, 0, sizeof pargs);
|
|
|
|
|
dummy = 0;
|
|
|
|
|
pargs.argc = &dummy;
|
2020-02-21 21:45:13 +01:00
|
|
|
|
pargs.flags = (ARGPARSE_FLAG_KEEP
|
|
|
|
|
|ARGPARSE_FLAG_SYS
|
|
|
|
|
|ARGPARSE_FLAG_USER);
|
2020-02-22 11:35:34 +01:00
|
|
|
|
while (gpgrt_argparser (&pargs, opts, twopart))
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2020-02-21 21:45:13 +01:00
|
|
|
|
if (pargs.r_opt == ARGPARSE_CONFFILE)
|
|
|
|
|
{
|
|
|
|
|
log_info (_("reading options from '%s'\n"),
|
|
|
|
|
pargs.r_type? pargs.r.ret_str: "[cmdline]");
|
|
|
|
|
}
|
|
|
|
|
else if (pargs.r_opt < -1)
|
|
|
|
|
pargs.err = ARGPARSE_PRINT_WARNING;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
else /* Try to parse this option - ignore unchangeable ones. */
|
2021-04-20 10:50:10 +02:00
|
|
|
|
{
|
|
|
|
|
if (pargs.r_opt == oLogFile)
|
|
|
|
|
logfile_seen = 1;
|
|
|
|
|
parse_rereadable_options (&pargs, 1);
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2020-02-21 21:45:13 +01:00
|
|
|
|
gpgrt_argparse (NULL, &pargs, NULL); /* Release internal state. */
|
2020-02-22 11:35:34 +01:00
|
|
|
|
xfree (twopart);
|
2023-01-11 11:08:47 +01:00
|
|
|
|
post_option_parsing (0);
|
2021-04-20 10:50:10 +02:00
|
|
|
|
|
|
|
|
|
finish:
|
|
|
|
|
/* Get a default log file from common.conf. */
|
|
|
|
|
if (!logfile_seen && !parse_comopt (GNUPG_MODULE_NAME_DIRMNGR, !!opt.debug))
|
|
|
|
|
{
|
|
|
|
|
if (!current_logfile || !comopt.logfile
|
|
|
|
|
|| strcmp (current_logfile, comopt.logfile))
|
|
|
|
|
{
|
|
|
|
|
log_set_file (comopt.logfile);
|
|
|
|
|
xfree (current_logfile);
|
|
|
|
|
current_logfile = comopt.logfile? xtrystrdup (comopt.logfile) : NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-08-12 11:43:46 +00:00
|
|
|
|
/* A global function which allows us to trigger the reload stuff from
|
|
|
|
|
other places. */
|
|
|
|
|
void
|
|
|
|
|
dirmngr_sighup_action (void)
|
|
|
|
|
{
|
|
|
|
|
log_info (_("SIGHUP received - "
|
|
|
|
|
"re-reading configuration and flushing caches\n"));
|
|
|
|
|
reread_configuration ();
|
2019-03-11 18:15:05 +01:00
|
|
|
|
set_tor_mode ();
|
2010-08-12 11:43:46 +00:00
|
|
|
|
cert_cache_deinit (0);
|
|
|
|
|
crl_cache_deinit ();
|
2017-02-21 13:57:24 +01:00
|
|
|
|
cert_cache_init (hkp_cacert_filenames);
|
2010-08-12 11:43:46 +00:00
|
|
|
|
crl_cache_init ();
|
2016-12-16 21:00:14 +01:00
|
|
|
|
reload_dns_stuff (0);
|
2017-01-23 13:07:54 +01:00
|
|
|
|
ks_hkp_reload ();
|
2010-08-12 11:43:46 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-11-11 17:30:23 +01:00
|
|
|
|
/* This function is called if some network activity was done. At this
|
|
|
|
|
* point we know the we have a network and we can decide whether to
|
|
|
|
|
* run scheduled background tasks soon. The function should return
|
|
|
|
|
* quickly and only trigger actions for another thread. */
|
|
|
|
|
static void
|
|
|
|
|
netactivity_action (void)
|
|
|
|
|
{
|
2016-11-17 10:14:14 +01:00
|
|
|
|
network_activity_seen = 1;
|
2016-11-11 17:30:23 +01:00
|
|
|
|
}
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
/* The signal handler. */
|
2014-03-07 09:46:44 +01:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static void
|
|
|
|
|
handle_signal (int signo)
|
|
|
|
|
{
|
|
|
|
|
switch (signo)
|
|
|
|
|
{
|
|
|
|
|
case SIGHUP:
|
2010-08-12 11:43:46 +00:00
|
|
|
|
dirmngr_sighup_action ();
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case SIGUSR1:
|
2023-03-10 10:52:43 +01:00
|
|
|
|
/* See also cmd_getinfo:"stats". */
|
|
|
|
|
cert_cache_print_stats (NULL);
|
|
|
|
|
domaininfo_print_stats (NULL);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
break;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case SIGUSR2:
|
|
|
|
|
log_info (_("SIGUSR2 received - no action defined\n"));
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case SIGTERM:
|
|
|
|
|
if (!shutdown_pending)
|
|
|
|
|
log_info (_("SIGTERM received - shutting down ...\n"));
|
|
|
|
|
else
|
|
|
|
|
log_info (_("SIGTERM received - still %d active connections\n"),
|
|
|
|
|
active_connections);
|
|
|
|
|
shutdown_pending++;
|
|
|
|
|
if (shutdown_pending > 2)
|
|
|
|
|
{
|
|
|
|
|
log_info (_("shutdown forced\n"));
|
2020-02-21 21:45:13 +01:00
|
|
|
|
log_info ("%s %s stopped\n", gpgrt_strusage(11), gpgrt_strusage(13));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cleanup ();
|
|
|
|
|
dirmngr_exit (0);
|
|
|
|
|
}
|
|
|
|
|
break;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
case SIGINT:
|
|
|
|
|
log_info (_("SIGINT received - immediate shutdown\n"));
|
2020-02-21 21:45:13 +01:00
|
|
|
|
log_info( "%s %s stopped\n", gpgrt_strusage(11), gpgrt_strusage(13));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cleanup ();
|
|
|
|
|
dirmngr_exit (0);
|
|
|
|
|
break;
|
2014-03-07 09:46:44 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
default:
|
|
|
|
|
log_info (_("signal %d received - no action defined\n"), signo);
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-03-07 09:46:44 +01:00
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
|
2014-03-18 11:07:05 +01:00
|
|
|
|
/* Thread to do the housekeeping. */
|
|
|
|
|
static void *
|
|
|
|
|
housekeeping_thread (void *arg)
|
|
|
|
|
{
|
|
|
|
|
static int sentinel;
|
|
|
|
|
time_t curtime;
|
2016-11-17 10:14:14 +01:00
|
|
|
|
struct server_control_s ctrlbuf;
|
2014-03-18 11:07:05 +01:00
|
|
|
|
|
|
|
|
|
(void)arg;
|
|
|
|
|
|
|
|
|
|
curtime = gnupg_get_time ();
|
|
|
|
|
if (sentinel)
|
|
|
|
|
{
|
|
|
|
|
log_info ("housekeeping is already going on\n");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
sentinel++;
|
2016-09-19 11:47:29 +02:00
|
|
|
|
if (opt.verbose > 1)
|
2014-03-18 11:07:05 +01:00
|
|
|
|
log_info ("starting housekeeping\n");
|
|
|
|
|
|
2016-11-17 10:14:14 +01:00
|
|
|
|
memset (&ctrlbuf, 0, sizeof ctrlbuf);
|
|
|
|
|
dirmngr_init_default_ctrl (&ctrlbuf);
|
|
|
|
|
|
2019-11-12 20:29:47 +01:00
|
|
|
|
dns_stuff_housekeeping ();
|
2014-03-18 11:07:05 +01:00
|
|
|
|
ks_hkp_housekeeping (curtime);
|
2016-11-17 10:14:14 +01:00
|
|
|
|
if (network_activity_seen)
|
|
|
|
|
{
|
|
|
|
|
network_activity_seen = 0;
|
2017-01-31 13:22:52 +01:00
|
|
|
|
if (opt.allow_version_check)
|
2016-11-17 10:14:14 +01:00
|
|
|
|
dirmngr_load_swdb (&ctrlbuf, 0);
|
2017-11-14 13:42:18 +01:00
|
|
|
|
workqueue_run_global_tasks (&ctrlbuf, 1);
|
2016-11-17 10:14:14 +01:00
|
|
|
|
}
|
2017-11-14 13:42:18 +01:00
|
|
|
|
else
|
|
|
|
|
workqueue_run_global_tasks (&ctrlbuf, 0);
|
2016-11-17 10:14:14 +01:00
|
|
|
|
|
|
|
|
|
dirmngr_deinit_default_ctrl (&ctrlbuf);
|
2014-03-18 11:07:05 +01:00
|
|
|
|
|
2016-09-19 11:47:29 +02:00
|
|
|
|
if (opt.verbose > 1)
|
2014-03-18 11:07:05 +01:00
|
|
|
|
log_info ("ready with housekeeping\n");
|
|
|
|
|
sentinel--;
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-11-27 20:15:53 +01:00
|
|
|
|
/* We try to enable correct overflow handling for signed int (commonly
|
|
|
|
|
* used for time_t). With gcc 4.2 -fno-strict-overflow was introduced
|
|
|
|
|
* and used here as a pragma. Later gcc versions (gcc 6?) removed
|
|
|
|
|
* this as a pragma and -fwrapv was then suggested as a replacement
|
|
|
|
|
* for -fno-strict-overflow. */
|
|
|
|
|
#if GPGRT_HAVE_PRAGMA_GCC_PUSH
|
2014-04-08 17:06:02 +02:00
|
|
|
|
# pragma GCC push_options
|
2019-11-27 20:15:53 +01:00
|
|
|
|
# pragma GCC optimize ("wrapv")
|
2014-04-08 17:06:02 +02:00
|
|
|
|
#endif
|
|
|
|
|
static int
|
|
|
|
|
time_for_housekeeping_p (time_t curtime)
|
2010-06-09 16:53:51 +00:00
|
|
|
|
{
|
2014-03-18 11:07:05 +01:00
|
|
|
|
static time_t last_housekeeping;
|
|
|
|
|
|
|
|
|
|
if (!last_housekeeping)
|
|
|
|
|
last_housekeeping = curtime;
|
|
|
|
|
|
2014-04-08 17:06:02 +02:00
|
|
|
|
if (last_housekeeping + HOUSEKEEPING_INTERVAL <= curtime
|
|
|
|
|
|| last_housekeeping > curtime /*(be prepared for y2038)*/)
|
|
|
|
|
{
|
|
|
|
|
last_housekeeping = curtime;
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2019-11-27 20:15:53 +01:00
|
|
|
|
#if GPGRT_HAVE_PRAGMA_GCC_PUSH
|
2014-04-08 17:06:02 +02:00
|
|
|
|
# pragma GCC pop_options
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* This is the worker for the ticker. It is called every few seconds
|
|
|
|
|
and may only do fast operations. */
|
|
|
|
|
static void
|
|
|
|
|
handle_tick (void)
|
|
|
|
|
{
|
2017-07-26 10:02:52 +02:00
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
2014-04-08 17:06:02 +02:00
|
|
|
|
if (time_for_housekeeping_p (gnupg_get_time ()))
|
2014-03-18 11:07:05 +01:00
|
|
|
|
{
|
|
|
|
|
npth_t thread;
|
|
|
|
|
npth_attr_t tattr;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
err = npth_attr_init (&tattr);
|
|
|
|
|
if (err)
|
|
|
|
|
log_error ("error preparing housekeeping thread: %s\n", strerror (err));
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
|
|
|
|
|
err = npth_create (&thread, &tattr, housekeeping_thread, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
log_error ("error spawning housekeeping thread: %s\n",
|
|
|
|
|
strerror (err));
|
|
|
|
|
npth_attr_destroy (&tattr);
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-07-26 10:02:52 +02:00
|
|
|
|
|
|
|
|
|
/* Check whether the homedir is still available. */
|
|
|
|
|
if (!shutdown_pending
|
2020-10-20 16:38:06 +02:00
|
|
|
|
&& gnupg_stat (gnupg_homedir (), &statbuf) && errno == ENOENT)
|
2017-07-26 10:02:52 +02:00
|
|
|
|
{
|
|
|
|
|
shutdown_pending = 1;
|
|
|
|
|
log_info ("homedir has been removed - shutting down\n");
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-03-19 11:14:52 +01:00
|
|
|
|
/* Check the nonce on a new connection. This is a NOP unless we are
|
|
|
|
|
using our Unix domain socket emulation under Windows. */
|
2011-01-25 11:26:01 +01:00
|
|
|
|
static int
|
2010-06-09 16:53:51 +00:00
|
|
|
|
check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
|
|
|
|
|
{
|
|
|
|
|
if (assuan_sock_check_nonce (fd, nonce))
|
|
|
|
|
{
|
2011-01-25 11:26:01 +01:00
|
|
|
|
log_info (_("error reading nonce on fd %d: %s\n"),
|
2010-06-09 16:53:51 +00:00
|
|
|
|
FD2INT (fd), strerror (errno));
|
|
|
|
|
assuan_sock_close (fd);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-11-16 12:41:46 +01:00
|
|
|
|
/* Helper to call a connection's main function. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static void *
|
|
|
|
|
start_connection_thread (void *arg)
|
|
|
|
|
{
|
2017-11-14 13:42:18 +01:00
|
|
|
|
static unsigned int last_session_id;
|
|
|
|
|
unsigned int session_id;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
union int_and_ptr_u argval;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
gnupg_fd_t fd;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2015-06-16 12:12:03 +02:00
|
|
|
|
memset (&argval, 0, sizeof argval);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
argval.aptr = arg;
|
|
|
|
|
fd = argval.afd;
|
|
|
|
|
|
|
|
|
|
if (check_nonce (fd, &socket_nonce))
|
2011-01-25 11:26:01 +01:00
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
log_error ("handler nonce check FAILED\n");
|
2011-01-25 11:26:01 +01:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_setspecific (my_tlskey_current_fd, argval.aptr);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
active_connections++;
|
|
|
|
|
if (opt.verbose)
|
|
|
|
|
log_info (_("handler for fd %d started\n"), FD2INT (fd));
|
|
|
|
|
|
2017-11-14 13:42:18 +01:00
|
|
|
|
session_id = ++last_session_id;
|
|
|
|
|
if (!session_id)
|
|
|
|
|
session_id = ++last_session_id;
|
|
|
|
|
start_command_handler (fd, session_id);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
if (opt.verbose)
|
|
|
|
|
log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
|
|
|
|
|
active_connections--;
|
|
|
|
|
|
2017-11-14 13:42:18 +01:00
|
|
|
|
workqueue_run_post_session_tasks (session_id);
|
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
argval.afd = ASSUAN_INVALID_FD;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_setspecific (my_tlskey_current_fd, argval.aptr);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#endif
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2010-06-09 16:53:51 +00:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
#ifdef HAVE_INOTIFY_INIT
|
|
|
|
|
/* Read an inotify event and return true if it matches NAME. */
|
|
|
|
|
static int
|
|
|
|
|
my_inotify_is_name (int fd, const char *name)
|
|
|
|
|
{
|
|
|
|
|
union {
|
|
|
|
|
struct inotify_event ev;
|
|
|
|
|
char _buf[sizeof (struct inotify_event) + 100 + 1];
|
|
|
|
|
} buf;
|
|
|
|
|
int n;
|
|
|
|
|
const char *s;
|
|
|
|
|
|
|
|
|
|
s = strrchr (name, '/');
|
|
|
|
|
if (s && s[1])
|
|
|
|
|
name = s + 1;
|
|
|
|
|
|
|
|
|
|
n = npth_read (fd, &buf, sizeof buf);
|
|
|
|
|
if (n < sizeof (struct inotify_event))
|
|
|
|
|
return 0;
|
|
|
|
|
if (buf.ev.len < strlen (name)+1)
|
|
|
|
|
return 0;
|
|
|
|
|
if (strcmp (buf.ev.name, name))
|
|
|
|
|
return 0; /* Not the desired file. */
|
|
|
|
|
|
|
|
|
|
return 1; /* Found. */
|
|
|
|
|
}
|
|
|
|
|
#endif /*HAVE_INOTIFY_INIT*/
|
|
|
|
|
|
|
|
|
|
|
2016-11-29 20:35:10 +01:00
|
|
|
|
/* Main loop in daemon mode. Note that LISTEN_FD will be owned by
|
|
|
|
|
* this function. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
static void
|
|
|
|
|
handle_connections (assuan_fd_t listen_fd)
|
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_t tattr;
|
2014-03-07 09:46:44 +01:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2010-06-09 16:53:51 +00:00
|
|
|
|
int signo;
|
2014-03-07 09:46:44 +01:00
|
|
|
|
#endif
|
2010-06-09 16:53:51 +00:00
|
|
|
|
struct sockaddr_un paddr;
|
|
|
|
|
socklen_t plen = sizeof( paddr );
|
2011-01-25 11:26:01 +01:00
|
|
|
|
int nfd, ret;
|
|
|
|
|
fd_set fdset, read_fdset;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
struct timespec abstime;
|
|
|
|
|
struct timespec curtime;
|
|
|
|
|
struct timespec timeout;
|
|
|
|
|
int saved_errno;
|
2016-11-29 20:15:47 +01:00
|
|
|
|
int my_inotify_fd = -1;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_init (&tattr);
|
|
|
|
|
npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
|
|
|
|
#ifndef HAVE_W32_SYSTEM /* FIXME */
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_sigev_init ();
|
|
|
|
|
npth_sigev_add (SIGHUP);
|
|
|
|
|
npth_sigev_add (SIGUSR1);
|
|
|
|
|
npth_sigev_add (SIGUSR2);
|
|
|
|
|
npth_sigev_add (SIGINT);
|
|
|
|
|
npth_sigev_add (SIGTERM);
|
|
|
|
|
npth_sigev_fini ();
|
2010-06-09 16:53:51 +00:00
|
|
|
|
#endif
|
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
#ifdef HAVE_INOTIFY_INIT
|
|
|
|
|
if (disable_check_own_socket)
|
|
|
|
|
my_inotify_fd = -1;
|
|
|
|
|
else if ((my_inotify_fd = inotify_init ()) == -1)
|
|
|
|
|
log_info ("error enabling fast daemon termination: %s\n",
|
|
|
|
|
strerror (errno));
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* We need to watch the directory for the file because there
|
|
|
|
|
* won't be an IN_DELETE_SELF for a socket file. */
|
|
|
|
|
char *slash = strrchr (socket_name, '/');
|
|
|
|
|
log_assert (slash && slash[1]);
|
|
|
|
|
*slash = 0;
|
|
|
|
|
if (inotify_add_watch (my_inotify_fd, socket_name, IN_DELETE) == -1)
|
|
|
|
|
{
|
|
|
|
|
close (my_inotify_fd);
|
|
|
|
|
my_inotify_fd = -1;
|
|
|
|
|
}
|
|
|
|
|
*slash = '/';
|
|
|
|
|
}
|
|
|
|
|
#endif /*HAVE_INOTIFY_INIT*/
|
|
|
|
|
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
/* Setup the fdset. It has only one member. This is because we use
|
|
|
|
|
pth_select instead of pth_accept to properly sync timeouts with
|
|
|
|
|
to full second. */
|
|
|
|
|
FD_ZERO (&fdset);
|
|
|
|
|
FD_SET (FD2INT (listen_fd), &fdset);
|
|
|
|
|
nfd = FD2INT (listen_fd);
|
2016-09-07 12:36:48 +02:00
|
|
|
|
if (my_inotify_fd != -1)
|
|
|
|
|
{
|
|
|
|
|
FD_SET (my_inotify_fd, &fdset);
|
|
|
|
|
if (my_inotify_fd > nfd)
|
|
|
|
|
nfd = my_inotify_fd;
|
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_clock_gettime (&abstime);
|
|
|
|
|
abstime.tv_sec += TIMERTICK_INTERVAL;
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
/* Main loop. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
for (;;)
|
|
|
|
|
{
|
2011-01-25 11:26:01 +01:00
|
|
|
|
/* Shutdown test. */
|
2010-06-09 16:53:51 +00:00
|
|
|
|
if (shutdown_pending)
|
|
|
|
|
{
|
|
|
|
|
if (!active_connections)
|
|
|
|
|
break; /* ready */
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
/* Do not accept new connections but keep on running the
|
2016-11-29 20:35:10 +01:00
|
|
|
|
* loop to cope with the timer events.
|
|
|
|
|
*
|
|
|
|
|
* Note that we do not close the listening socket because a
|
|
|
|
|
* client trying to connect to that socket would instead
|
|
|
|
|
* restart a new dirmngr instance - which is unlikely the
|
|
|
|
|
* intention of a shutdown. */
|
|
|
|
|
/* assuan_sock_close (listen_fd); */
|
|
|
|
|
/* listen_fd = -1; */
|
2011-01-25 11:26:01 +01:00
|
|
|
|
FD_ZERO (&fdset);
|
2016-11-29 20:15:47 +01:00
|
|
|
|
nfd = -1;
|
|
|
|
|
if (my_inotify_fd != -1)
|
|
|
|
|
{
|
|
|
|
|
FD_SET (my_inotify_fd, &fdset);
|
|
|
|
|
nfd = my_inotify_fd;
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
/* Take a copy of the fdset. */
|
|
|
|
|
read_fdset = fdset;
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_clock_gettime (&curtime);
|
|
|
|
|
if (!(npth_timercmp (&curtime, &abstime, <)))
|
|
|
|
|
{
|
2017-07-26 10:02:52 +02:00
|
|
|
|
/* Timeout. When a shutdown is pending we use a shorter
|
|
|
|
|
* interval to handle the shutdown more quickly. */
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
handle_tick ();
|
|
|
|
|
npth_clock_gettime (&abstime);
|
2017-07-26 10:02:52 +02:00
|
|
|
|
abstime.tv_sec += (shutdown_pending
|
|
|
|
|
? TIMERTICK_INTERVAL_SHUTDOWN
|
|
|
|
|
: TIMERTICK_INTERVAL);
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
}
|
|
|
|
|
npth_timersub (&abstime, &curtime, &timeout);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2012-01-19 22:27:44 +01:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2018-04-27 11:57:08 +02:00
|
|
|
|
ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
|
|
|
|
|
npth_sigev_sigmask());
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
saved_errno = errno;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
while (npth_sigev_get_pending(&signo))
|
|
|
|
|
handle_signal (signo);
|
2012-01-19 22:27:44 +01:00
|
|
|
|
#else
|
|
|
|
|
ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout, NULL, NULL);
|
|
|
|
|
saved_errno = errno;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
#endif
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
if (ret == -1 && saved_errno != EINTR)
|
|
|
|
|
{
|
|
|
|
|
log_error (_("npth_pselect failed: %s - waiting 1s\n"),
|
|
|
|
|
strerror (saved_errno));
|
2021-10-05 14:05:56 +09:00
|
|
|
|
gnupg_sleep (1);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
if (ret <= 0)
|
2016-09-07 12:36:48 +02:00
|
|
|
|
{
|
|
|
|
|
/* Interrupt or timeout. Will be handled when calculating the
|
|
|
|
|
next timeout. */
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (shutdown_pending)
|
|
|
|
|
{
|
|
|
|
|
/* Do not anymore accept connections. */
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_INOTIFY_INIT
|
|
|
|
|
if (my_inotify_fd != -1 && FD_ISSET (my_inotify_fd, &read_fdset)
|
|
|
|
|
&& my_inotify_is_name (my_inotify_fd, socket_name))
|
|
|
|
|
{
|
|
|
|
|
shutdown_pending = 1;
|
|
|
|
|
log_info ("socket file has been removed - shutting down\n");
|
|
|
|
|
}
|
|
|
|
|
#endif /*HAVE_INOTIFY_INIT*/
|
2010-06-09 16:53:51 +00:00
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
if (FD_ISSET (FD2INT (listen_fd), &read_fdset))
|
2011-01-25 11:26:01 +01:00
|
|
|
|
{
|
2017-04-18 09:04:11 +09:00
|
|
|
|
gnupg_fd_t fd;
|
|
|
|
|
|
2011-01-25 11:26:01 +01:00
|
|
|
|
plen = sizeof paddr;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
fd = INT2FD (npth_accept (FD2INT(listen_fd),
|
|
|
|
|
(struct sockaddr *)&paddr, &plen));
|
2011-01-25 11:26:01 +01:00
|
|
|
|
if (fd == GNUPG_INVALID_FD)
|
|
|
|
|
{
|
|
|
|
|
log_error ("accept failed: %s\n", strerror (errno));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
char threadname[50];
|
|
|
|
|
union int_and_ptr_u argval;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_t thread;
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2015-06-16 12:12:03 +02:00
|
|
|
|
memset (&argval, 0, sizeof argval);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
argval.afd = fd;
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 12:04:46 +09:00
|
|
|
|
snprintf (threadname, sizeof threadname,
|
2011-01-25 11:26:01 +01:00
|
|
|
|
"conn fd=%d", FD2INT(fd));
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
|
2015-06-16 12:12:03 +02:00
|
|
|
|
ret = npth_create (&thread, &tattr,
|
|
|
|
|
start_connection_thread, argval.aptr);
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
if (ret)
|
2011-01-25 11:26:01 +01:00
|
|
|
|
{
|
|
|
|
|
log_error ("error spawning connection handler: %s\n",
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
strerror (ret) );
|
2011-01-25 11:26:01 +01:00
|
|
|
|
assuan_sock_close (fd);
|
|
|
|
|
}
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_setname_np (thread, threadname);
|
2011-01-25 11:26:01 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2011-01-25 11:26:01 +01:00
|
|
|
|
|
2016-09-07 12:36:48 +02:00
|
|
|
|
#ifdef HAVE_INOTIFY_INIT
|
|
|
|
|
if (my_inotify_fd != -1)
|
|
|
|
|
close (my_inotify_fd);
|
|
|
|
|
#endif /*HAVE_INOTIFY_INIT*/
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_destroy (&tattr);
|
2017-02-23 20:14:16 +01:00
|
|
|
|
if (listen_fd != GNUPG_INVALID_FD)
|
2017-04-18 09:04:11 +09:00
|
|
|
|
assuan_sock_close (listen_fd);
|
2010-06-09 16:53:51 +00:00
|
|
|
|
cleanup ();
|
2020-02-21 21:45:13 +01:00
|
|
|
|
log_info ("%s %s stopped\n", gpgrt_strusage(11), gpgrt_strusage(13));
|
2010-06-09 16:53:51 +00:00
|
|
|
|
}
|
2016-10-26 16:37:06 -04:00
|
|
|
|
|
|
|
|
|
const char*
|
|
|
|
|
dirmngr_get_current_socket_name (void)
|
|
|
|
|
{
|
|
|
|
|
if (socket_name)
|
|
|
|
|
return socket_name;
|
|
|
|
|
else
|
|
|
|
|
return dirmngr_socket_name ();
|
|
|
|
|
}
|
2020-10-02 12:26:02 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Parse the revision part from the extended version blurb. */
|
|
|
|
|
static const char *
|
|
|
|
|
get_revision_from_blurb (const char *blurb, int *r_len)
|
|
|
|
|
{
|
|
|
|
|
const char *s = blurb? blurb : "";
|
|
|
|
|
int n;
|
|
|
|
|
|
|
|
|
|
for (; *s; s++)
|
|
|
|
|
if (*s == '\n' && s[1] == '(')
|
|
|
|
|
break;
|
2020-11-19 09:06:31 +01:00
|
|
|
|
if (*s)
|
2020-10-02 12:26:02 +02:00
|
|
|
|
{
|
|
|
|
|
s += 2;
|
|
|
|
|
for (n=0; s[n] && s[n] != ' '; n++)
|
|
|
|
|
;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
s = "?";
|
|
|
|
|
n = 1;
|
|
|
|
|
}
|
|
|
|
|
*r_len = n;
|
|
|
|
|
return s;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Print versions of dirmngr and used libraries. This is used by
|
|
|
|
|
* "gpgconf --show-versions" so that there is no need to link gpgconf
|
|
|
|
|
* against all these libraries. This is an internal API and should
|
|
|
|
|
* not be relied upon. */
|
|
|
|
|
static void
|
|
|
|
|
gpgconf_versions (void)
|
|
|
|
|
{
|
|
|
|
|
const char *s;
|
|
|
|
|
int n;
|
|
|
|
|
|
|
|
|
|
/* Unfortunately Npth has no way to get the version. */
|
|
|
|
|
|
|
|
|
|
s = get_revision_from_blurb (assuan_check_version ("\x01\x01"), &n);
|
|
|
|
|
es_fprintf (es_stdout, "* Libassuan %s (%.*s)\n\n",
|
|
|
|
|
assuan_check_version (NULL), n, s);
|
|
|
|
|
|
2020-11-19 09:06:31 +01:00
|
|
|
|
s = get_revision_from_blurb (ksba_check_version ("\x01\x01"), &n);
|
|
|
|
|
es_fprintf (es_stdout, "* KSBA %s (%.*s)\n\n",
|
|
|
|
|
ksba_check_version (NULL), n, s);
|
2020-10-02 12:26:02 +02:00
|
|
|
|
|
|
|
|
|
#ifdef HTTP_USE_NTBTLS
|
|
|
|
|
s = get_revision_from_blurb (ntbtls_check_version ("\x01\x01"), &n);
|
|
|
|
|
es_fprintf (es_stdout, "* NTBTLS %s (%.*s)\n\n",
|
|
|
|
|
ntbtls_check_version (NULL), n, s);
|
|
|
|
|
#elif HTTP_USE_GNUTLS
|
|
|
|
|
es_fprintf (es_stdout, "* GNUTLS %s\n\n",
|
|
|
|
|
gnutls_check_version (NULL));
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
}
|