2010-02-17 20:03:37 +01:00
|
|
|
|
/* call-pinentry.c - Spawn the pinentry to query stuff from the user
|
|
|
|
|
* Copyright (C) 2001, 2002, 2004, 2007, 2008,
|
|
|
|
|
* 2010 Free Software Foundation, Inc.
|
2003-06-05 09:14:21 +02:00
|
|
|
|
*
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-06-05 09:14:21 +02:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-06-05 09:14:21 +02:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <ctype.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <sys/stat.h>
|
2005-11-28 12:52:25 +01:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2008-03-20 16:31:43 +01:00
|
|
|
|
# include <sys/wait.h>
|
|
|
|
|
# include <sys/types.h>
|
|
|
|
|
# include <signal.h>
|
2017-02-03 21:16:26 +01:00
|
|
|
|
# include <sys/utsname.h>
|
2003-06-05 09:14:21 +02:00
|
|
|
|
#endif
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
#include <npth.h>
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
#include "agent.h"
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
#include <assuan.h>
|
agent: Resolve conflict of util.h.
* agent/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* agent/call-pinentry.c, agent/call-scd.c: Follow the change.
* agent/command-ssh.c, agent/command.c, agent/cvt-openpgp.c: Ditto.
* agent/divert-scd.c, agent/findkey.c, agent/genkey.c: Ditto.
* agent/gpg-agent.c, agent/pksign.c, agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c, agent/protect.c, agent/trustlist.c: Ditto.
* agent/w32main.c: Ditto.
--
For openpty function, we need to include util.h on some OS.
We also have util.h in common/, so this change is needed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 11:22:48 +01:00
|
|
|
|
#include "../common/sysutils.h"
|
|
|
|
|
#include "../common/i18n.h"
|
2020-11-06 14:19:24 +01:00
|
|
|
|
#include "../common/zb32.h"
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
#ifdef _POSIX_OPEN_MAX
|
|
|
|
|
#define MAX_OPEN_FDS _POSIX_OPEN_MAX
|
|
|
|
|
#else
|
|
|
|
|
#define MAX_OPEN_FDS 20
|
|
|
|
|
#endif
|
|
|
|
|
|
2004-08-20 15:03:32 +02:00
|
|
|
|
|
|
|
|
|
/* Because access to the pinentry must be serialized (it is and shall
|
2015-05-06 15:27:23 +02:00
|
|
|
|
be a global mutually exclusive dialog) we better timeout pending
|
|
|
|
|
requests after some time. 1 minute seem to be a reasonable
|
2004-08-20 15:03:32 +02:00
|
|
|
|
time. */
|
|
|
|
|
#define LOCK_TIMEOUT (1*60)
|
|
|
|
|
|
2021-08-18 11:23:23 +02:00
|
|
|
|
/* Define the number of bits to use for a generated pin. The
|
|
|
|
|
* passphrase will be rendered as zbase32 which results for 150 bits
|
|
|
|
|
* in a string of 30 characters. That fits nicely into the 5
|
|
|
|
|
* character blocking which pinentry can do. 128 bits would actually
|
2022-06-27 18:02:03 +02:00
|
|
|
|
* be sufficient but can't be formatted nicely. Please do not change
|
|
|
|
|
* this value because pattern check files may let such passwords
|
|
|
|
|
* always pass. */
|
2021-08-18 11:23:23 +02:00
|
|
|
|
#define DEFAULT_GENPIN_BITS 150
|
2020-11-06 14:19:24 +01:00
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
/* The assuan context of the current pinentry. */
|
|
|
|
|
static assuan_context_t entry_ctx;
|
2004-08-20 15:03:32 +02:00
|
|
|
|
|
2017-02-22 16:54:32 +01:00
|
|
|
|
/* A list of features of the current pinentry. */
|
|
|
|
|
static struct
|
|
|
|
|
{
|
|
|
|
|
/* The Pinentry support RS+US tabbing. This means that a RS (0x1e)
|
|
|
|
|
* starts a new tabbing block in which a US (0x1f) followed by a
|
|
|
|
|
* colon marks a colon. A pinentry can use this to pretty print
|
|
|
|
|
* name value pairs. */
|
|
|
|
|
unsigned int tabbing:1;
|
|
|
|
|
} entry_features;
|
|
|
|
|
|
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
/* A mutex used to serialize access to the pinentry. */
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
static npth_mutex_t entry_lock;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
/* The thread ID of the popup working thread. */
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
static npth_t popup_tid;
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
/* A flag used in communication between the popup working thread and
|
|
|
|
|
its stop function. */
|
|
|
|
|
static int popup_finished;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Data to be passed to our callbacks, */
|
|
|
|
|
struct entry_parm_s
|
|
|
|
|
{
|
2003-06-05 09:14:21 +02:00
|
|
|
|
int lines;
|
|
|
|
|
size_t size;
|
2005-06-16 10:12:03 +02:00
|
|
|
|
unsigned char *buffer;
|
2019-02-19 05:12:07 +01:00
|
|
|
|
int status;
|
2021-08-13 13:42:31 +02:00
|
|
|
|
unsigned int constraints_flags;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2004-12-19 18:44:20 +01:00
|
|
|
|
/* This function must be called once to initialize this module. This
|
|
|
|
|
has to be done before a second thread is spawned. We can't do the
|
|
|
|
|
static initialization because Pth emulation code might not be able
|
2005-11-28 12:52:25 +01:00
|
|
|
|
to do a static init; in particular, it is not possible for W32. */
|
2004-12-19 18:44:20 +01:00
|
|
|
|
void
|
2007-06-14 19:05:07 +02:00
|
|
|
|
initialize_module_call_pinentry (void)
|
2004-12-19 18:44:20 +01:00
|
|
|
|
{
|
|
|
|
|
static int initialized;
|
2018-09-10 02:16:50 +02:00
|
|
|
|
int err;
|
2004-12-19 18:44:20 +01:00
|
|
|
|
|
|
|
|
|
if (!initialized)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
{
|
2018-09-10 02:16:50 +02:00
|
|
|
|
err = npth_mutex_init (&entry_lock, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
log_fatal ("error initializing mutex: %s\n", strerror (err));
|
|
|
|
|
|
|
|
|
|
initialized = 1;
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
2004-12-19 18:44:20 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-04-28 03:06:33 +02:00
|
|
|
|
/* This function may be called to print information pertaining to the
|
2005-06-07 21:09:18 +02:00
|
|
|
|
current state of this module to the log. */
|
|
|
|
|
void
|
|
|
|
|
agent_query_dump_state (void)
|
|
|
|
|
{
|
2023-07-03 03:46:46 +02:00
|
|
|
|
log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld popup_tid=%lx\n",
|
|
|
|
|
entry_ctx, (long)assuan_get_pid (entry_ctx),
|
|
|
|
|
(unsigned long)popup_tid);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Called to make sure that a popup window owned by the current
|
|
|
|
|
connection gets closed. */
|
|
|
|
|
void
|
|
|
|
|
agent_reset_query (ctrl_t ctrl)
|
|
|
|
|
{
|
2017-10-27 02:54:48 +02:00
|
|
|
|
if (entry_ctx && popup_tid && ctrl->pinentry_active)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
{
|
|
|
|
|
agent_popup_message_stop (ctrl);
|
|
|
|
|
}
|
2005-06-07 21:09:18 +02:00
|
|
|
|
}
|
|
|
|
|
|
2004-12-19 18:44:20 +01:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
/* Unlock the pinentry so that another thread can start one and
|
|
|
|
|
disconnect that pinentry - we do this after the unlock so that a
|
|
|
|
|
stalled pinentry does not block other threads. Fixme: We should
|
2005-02-23 22:06:32 +01:00
|
|
|
|
have a timeout in Assuan for the disconnect operation. */
|
2015-10-09 04:33:13 +02:00
|
|
|
|
static gpg_error_t
|
2017-10-27 02:54:48 +02:00
|
|
|
|
unlock_pinentry (ctrl_t ctrl, gpg_error_t rc)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
2005-06-07 21:09:18 +02:00
|
|
|
|
assuan_context_t ctx = entry_ctx;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
int err;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2015-03-11 16:28:32 +01:00
|
|
|
|
if (rc)
|
|
|
|
|
{
|
2015-04-06 13:42:17 +02:00
|
|
|
|
if (DBG_IPC)
|
2015-03-11 16:28:32 +01:00
|
|
|
|
log_debug ("error calling pinentry: %s <%s>\n",
|
|
|
|
|
gpg_strerror (rc), gpg_strsource (rc));
|
|
|
|
|
|
|
|
|
|
/* Change the source of the error to pinentry so that the final
|
|
|
|
|
consumer of the error code knows that the problem is with
|
|
|
|
|
pinentry. For backward compatibility we do not do that for
|
|
|
|
|
some common error codes. */
|
|
|
|
|
switch (gpg_err_code (rc))
|
|
|
|
|
{
|
|
|
|
|
case GPG_ERR_NO_PIN_ENTRY:
|
|
|
|
|
case GPG_ERR_CANCELED:
|
|
|
|
|
case GPG_ERR_FULLY_CANCELED:
|
|
|
|
|
case GPG_ERR_ASS_UNKNOWN_INQUIRE:
|
|
|
|
|
case GPG_ERR_ASS_TOO_MUCH_DATA:
|
|
|
|
|
case GPG_ERR_NO_PASSPHRASE:
|
|
|
|
|
case GPG_ERR_BAD_PASSPHRASE:
|
|
|
|
|
case GPG_ERR_BAD_PIN:
|
2023-10-06 12:04:00 +02:00
|
|
|
|
case GPG_ERR_BAD_RESET_CODE:
|
2015-03-11 16:28:32 +01:00
|
|
|
|
break;
|
|
|
|
|
|
2017-07-28 11:40:56 +02:00
|
|
|
|
case GPG_ERR_CORRUPTED_PROTECTION:
|
|
|
|
|
/* This comes from gpg-agent. */
|
|
|
|
|
break;
|
|
|
|
|
|
2015-03-11 16:28:32 +01:00
|
|
|
|
default:
|
|
|
|
|
rc = gpg_err_make (GPG_ERR_SOURCE_PINENTRY, gpg_err_code (rc));
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-27 02:54:48 +02:00
|
|
|
|
if (--ctrl->pinentry_active == 0)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
2017-10-26 07:40:38 +02:00
|
|
|
|
entry_ctx = NULL;
|
|
|
|
|
err = npth_mutex_unlock (&entry_lock);
|
|
|
|
|
if (err)
|
|
|
|
|
{
|
|
|
|
|
log_error ("failed to release the entry lock: %s\n", strerror (err));
|
|
|
|
|
if (!rc)
|
|
|
|
|
rc = gpg_error_from_errno (err);
|
|
|
|
|
}
|
|
|
|
|
assuan_release (ctx);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-24 21:50:49 +01:00
|
|
|
|
|
2019-11-25 11:39:56 +01:00
|
|
|
|
/* Helper for at_fork_cb which can also be called by the parent to
|
2021-08-18 10:20:22 +02:00
|
|
|
|
* show which envvars will be set. */
|
2019-11-25 11:39:56 +01:00
|
|
|
|
static void
|
|
|
|
|
atfork_core (ctrl_t ctrl, int debug_mode)
|
|
|
|
|
{
|
|
|
|
|
int iterator = 0;
|
|
|
|
|
const char *name, *assname, *value;
|
|
|
|
|
|
|
|
|
|
while ((name = session_env_list_stdenvnames (&iterator, &assname)))
|
|
|
|
|
{
|
|
|
|
|
/* For all new envvars (!ASSNAME) and the two medium old ones
|
|
|
|
|
* which do have an assuan name but are conveyed using
|
|
|
|
|
* environment variables, update the environment of the forked
|
2021-08-13 14:08:53 +02:00
|
|
|
|
* process. We also pass DISPLAY despite that --display is also
|
|
|
|
|
* used when exec-ing the pinentry. The reason is that for
|
|
|
|
|
* example the qt5ct tool does not have any arguments and thus
|
|
|
|
|
* relies on the DISPLAY envvar. The use case here is a global
|
|
|
|
|
* envvar like "QT_QPA_PLATFORMTHEME=qt5ct" which for example is
|
|
|
|
|
* useful when using the Qt pinentry under GNOME or XFCE.
|
|
|
|
|
*/
|
2019-11-25 11:39:56 +01:00
|
|
|
|
if (!assname
|
2021-08-13 14:08:53 +02:00
|
|
|
|
|| (!opt.keep_display && !strcmp (name, "DISPLAY"))
|
2019-11-25 11:39:56 +01:00
|
|
|
|
|| !strcmp (name, "XAUTHORITY")
|
|
|
|
|
|| !strcmp (name, "PINENTRY_USER_DATA"))
|
|
|
|
|
{
|
|
|
|
|
value = session_env_getenv (ctrl->session_env, name);
|
|
|
|
|
if (value)
|
|
|
|
|
{
|
|
|
|
|
if (debug_mode)
|
|
|
|
|
log_debug ("pinentry: atfork used setenv(%s,%s)\n",name,value);
|
|
|
|
|
else
|
|
|
|
|
gnupg_setenv (name, value, 1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2004-01-24 21:50:49 +01:00
|
|
|
|
/* To make sure we leave no secrets in our image after forking of the
|
|
|
|
|
pinentry, we use this callback. */
|
|
|
|
|
static void
|
|
|
|
|
atfork_cb (void *opaque, int where)
|
|
|
|
|
{
|
2007-11-19 17:03:50 +01:00
|
|
|
|
ctrl_t ctrl = opaque;
|
|
|
|
|
|
2004-01-24 21:50:49 +01:00
|
|
|
|
if (!where)
|
2007-11-19 17:03:50 +01:00
|
|
|
|
{
|
|
|
|
|
gcry_control (GCRYCTL_TERM_SECMEM);
|
2019-11-25 11:39:56 +01:00
|
|
|
|
atfork_core (ctrl, 0);
|
2007-11-19 17:03:50 +01:00
|
|
|
|
}
|
2004-01-24 21:50:49 +01:00
|
|
|
|
}
|
|
|
|
|
|
2009-07-07 12:02:41 +02:00
|
|
|
|
|
2017-02-22 16:54:32 +01:00
|
|
|
|
/* Status line callback for the FEATURES status. */
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
getinfo_features_cb (void *opaque, const char *line)
|
|
|
|
|
{
|
|
|
|
|
const char *args;
|
|
|
|
|
char **tokens;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
(void)opaque;
|
|
|
|
|
|
|
|
|
|
if ((args = has_leading_keyword (line, "FEATURES")))
|
|
|
|
|
{
|
|
|
|
|
tokens = strtokenize (args, " ");
|
|
|
|
|
if (!tokens)
|
|
|
|
|
return gpg_error_from_syserror ();
|
|
|
|
|
for (i=0; tokens[i]; i++)
|
|
|
|
|
if (!strcmp (tokens[i], "tabbing"))
|
|
|
|
|
entry_features.tabbing = 1;
|
|
|
|
|
xfree (tokens);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
static gpg_error_t
|
2008-02-14 20:50:10 +01:00
|
|
|
|
getinfo_pid_cb (void *opaque, const void *buffer, size_t length)
|
|
|
|
|
{
|
|
|
|
|
unsigned long *pid = opaque;
|
|
|
|
|
char pidbuf[50];
|
|
|
|
|
|
|
|
|
|
/* There is only the pid in the server's response. */
|
|
|
|
|
if (length >= sizeof pidbuf)
|
|
|
|
|
length = sizeof pidbuf -1;
|
|
|
|
|
if (length)
|
|
|
|
|
{
|
|
|
|
|
strncpy (pidbuf, buffer, length);
|
|
|
|
|
pidbuf[length] = 0;
|
|
|
|
|
*pid = strtoul (pidbuf, NULL, 10);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2004-01-24 21:50:49 +01:00
|
|
|
|
|
2016-11-03 20:07:56 +01:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
/* Fork off the pin entry if this has not already been done. Note,
|
2015-11-16 12:41:46 +01:00
|
|
|
|
that this function must always be used to acquire the lock for the
|
2003-06-05 09:14:21 +02:00
|
|
|
|
pinentry - we will serialize _all_ pinentry calls.
|
|
|
|
|
*/
|
2015-10-09 04:33:13 +02:00
|
|
|
|
static gpg_error_t
|
2005-11-28 12:52:25 +01:00
|
|
|
|
start_pinentry (ctrl_t ctrl)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
int rc = 0;
|
2015-02-04 10:09:28 +01:00
|
|
|
|
const char *full_pgmname;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
const char *pgmname;
|
2006-09-06 18:35:52 +02:00
|
|
|
|
assuan_context_t ctx;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
const char *argv[5];
|
2014-03-07 09:46:44 +01:00
|
|
|
|
assuan_fd_t no_close_list[3];
|
2003-06-05 09:14:21 +02:00
|
|
|
|
int i;
|
2007-02-14 17:27:55 +01:00
|
|
|
|
const char *tmpstr;
|
2008-02-14 20:50:10 +01:00
|
|
|
|
unsigned long pinentry_pid;
|
2009-07-07 12:02:41 +02:00
|
|
|
|
const char *value;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
struct timespec abstime;
|
2016-11-03 20:07:56 +01:00
|
|
|
|
char *flavor_version;
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
int err;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2017-10-27 02:54:48 +02:00
|
|
|
|
if (ctrl->pinentry_active)
|
2017-10-26 07:40:38 +02:00
|
|
|
|
{
|
2017-10-27 02:54:48 +02:00
|
|
|
|
/* It's trying to use pinentry recursively. In this situation,
|
|
|
|
|
the thread holds ENTRY_LOCK already. */
|
|
|
|
|
ctrl->pinentry_active++;
|
2017-10-26 07:40:38 +02:00
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_clock_gettime (&abstime);
|
|
|
|
|
abstime.tv_sec += LOCK_TIMEOUT;
|
|
|
|
|
err = npth_mutex_timedlock (&entry_lock, &abstime);
|
|
|
|
|
if (err)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
if (err == ETIMEDOUT)
|
|
|
|
|
rc = gpg_error (GPG_ERR_TIMEOUT);
|
2004-08-20 15:03:32 +02:00
|
|
|
|
else
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
rc = gpg_error_from_errno (rc);
|
2004-08-20 15:03:32 +02:00
|
|
|
|
log_error (_("failed to acquire the pinentry lock: %s\n"),
|
|
|
|
|
gpg_strerror (rc));
|
|
|
|
|
return rc;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (entry_ctx)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
return 0;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
if (opt.verbose)
|
|
|
|
|
log_info ("starting a new PIN Entry\n");
|
2007-07-16 11:53:47 +02:00
|
|
|
|
|
2011-02-04 12:57:53 +01:00
|
|
|
|
#ifdef HAVE_W32_SYSTEM
|
2007-07-16 11:53:47 +02:00
|
|
|
|
fflush (stdout);
|
|
|
|
|
fflush (stderr);
|
|
|
|
|
#endif
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (fflush (NULL))
|
|
|
|
|
{
|
2007-08-27 20:10:27 +02:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2003-06-05 09:14:21 +02:00
|
|
|
|
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
|
2007-08-27 20:10:27 +02:00
|
|
|
|
#endif
|
2003-06-05 09:14:21 +02:00
|
|
|
|
log_error ("error flushing pending output: %s\n", strerror (errno));
|
2007-07-16 11:53:47 +02:00
|
|
|
|
/* At least Windows XP fails here with EBADF. According to docs
|
|
|
|
|
and Wine an fflush(NULL) is the same as _flushall. However
|
2017-04-28 03:06:33 +02:00
|
|
|
|
the Wine implementation does not flush stdin,stdout and stderr
|
2015-05-06 15:27:23 +02:00
|
|
|
|
- see above. Let's try to ignore the error. */
|
2007-07-16 11:53:47 +02:00
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, tmperr);
|
2007-07-16 11:53:47 +02:00
|
|
|
|
#endif
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2015-02-04 10:09:28 +01:00
|
|
|
|
full_pgmname = opt.pinentry_program;
|
|
|
|
|
if (!full_pgmname || !*full_pgmname)
|
|
|
|
|
full_pgmname = gnupg_module_name (GNUPG_MODULE_NAME_PINENTRY);
|
|
|
|
|
if ( !(pgmname = strrchr (full_pgmname, '/')))
|
|
|
|
|
pgmname = full_pgmname;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else
|
|
|
|
|
pgmname++;
|
|
|
|
|
|
2007-02-20 15:55:32 +01:00
|
|
|
|
/* OS X needs the entire file name in argv[0], so that it can locate
|
2007-07-04 11:34:28 +02:00
|
|
|
|
the resource bundle. For other systems we stick to the usual
|
2007-02-20 15:55:32 +01:00
|
|
|
|
convention of supplying only the name of the program. */
|
|
|
|
|
#ifdef __APPLE__
|
2015-02-04 10:09:28 +01:00
|
|
|
|
argv[0] = full_pgmname;
|
2007-02-20 15:55:32 +01:00
|
|
|
|
#else /*!__APPLE__*/
|
2003-06-05 09:14:21 +02:00
|
|
|
|
argv[0] = pgmname;
|
2007-02-20 15:55:32 +01:00
|
|
|
|
#endif /*__APPLE__*/
|
|
|
|
|
|
2009-07-07 12:02:41 +02:00
|
|
|
|
if (!opt.keep_display
|
|
|
|
|
&& (value = session_env_getenv (ctrl->session_env, "DISPLAY")))
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
argv[1] = "--display";
|
2009-07-07 12:02:41 +02:00
|
|
|
|
argv[2] = value;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
argv[3] = NULL;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
argv[1] = NULL;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
i=0;
|
|
|
|
|
if (!opt.running_detached)
|
2022-06-22 06:34:06 +02:00
|
|
|
|
no_close_list[i++] = assuan_fd_from_posix_fd (fileno (stderr));
|
2014-03-07 09:46:44 +01:00
|
|
|
|
no_close_list[i] = ASSUAN_INVALID_FD;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
rc = assuan_new (&ctx);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
2017-10-26 07:40:38 +02:00
|
|
|
|
|
2017-10-27 02:54:48 +02:00
|
|
|
|
ctrl->pinentry_active = 1;
|
2017-10-26 07:40:38 +02:00
|
|
|
|
entry_ctx = ctx;
|
|
|
|
|
|
2010-09-01 11:48:35 +02:00
|
|
|
|
/* We don't want to log the pinentry communication to make the logs
|
|
|
|
|
easier to read. We might want to add a new debug option to enable
|
|
|
|
|
pinentry logging. */
|
|
|
|
|
#ifdef ASSUAN_NO_LOGGING
|
2015-05-11 10:23:24 +02:00
|
|
|
|
assuan_set_flag (ctx, ASSUAN_NO_LOGGING, !opt.debug_pinentry);
|
2010-09-01 11:48:35 +02:00
|
|
|
|
#endif
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
|
2007-11-19 17:03:50 +01:00
|
|
|
|
/* Connect to the pinentry and perform initial handshaking. Note
|
2008-01-15 17:06:08 +01:00
|
|
|
|
that atfork is used to change the environment for pinentry. We
|
|
|
|
|
start the server in detached mode to suppress the console window
|
|
|
|
|
under Windows. */
|
2017-10-26 07:40:38 +02:00
|
|
|
|
rc = assuan_pipe_connect (entry_ctx, full_pgmname, argv,
|
2009-11-05 13:06:45 +01:00
|
|
|
|
no_close_list, atfork_cb, ctrl,
|
|
|
|
|
ASSUAN_PIPE_CONNECT_DETACHED);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("can't connect to the PIN entry module '%s': %s\n",
|
2015-02-04 10:09:28 +01:00
|
|
|
|
full_pgmname, gpg_strerror (rc));
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, gpg_error (GPG_ERR_NO_PIN_ENTRY));
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2015-04-06 13:42:17 +02:00
|
|
|
|
if (DBG_IPC)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
log_debug ("connection to PIN entry established\n");
|
|
|
|
|
|
2019-11-25 11:39:56 +01:00
|
|
|
|
if (opt.debug_pinentry)
|
2021-08-18 10:20:22 +02:00
|
|
|
|
atfork_core (ctrl, 1); /* Just show the envvars set after the fork. */
|
2019-11-25 11:39:56 +01:00
|
|
|
|
|
2016-10-25 17:07:08 +02:00
|
|
|
|
value = session_env_getenv (ctrl->session_env, "PINENTRY_USER_DATA");
|
|
|
|
|
if (value != NULL)
|
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
|
|
|
|
if (asprintf (&optstr, "OPTION pinentry-user-data=%s", value) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2016-10-25 17:07:08 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
xfree (optstr);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2016-10-25 17:07:08 +02:00
|
|
|
|
}
|
|
|
|
|
|
2011-02-04 12:57:53 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx,
|
2003-06-05 09:14:21 +02:00
|
|
|
|
opt.no_grab? "OPTION no-grab":"OPTION grab",
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2019-07-11 07:55:28 +02:00
|
|
|
|
{
|
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_NOT_SUPPORTED
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_UNKNOWN_OPTION)
|
|
|
|
|
{
|
|
|
|
|
if (opt.verbose)
|
|
|
|
|
log_info ("Option no-grab/grab is ignored by pinentry.\n");
|
|
|
|
|
/* Keep going even if the feature is not supported. */
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
}
|
2009-07-07 12:02:41 +02:00
|
|
|
|
|
|
|
|
|
value = session_env_getenv (ctrl->session_env, "GPG_TTY");
|
|
|
|
|
if (value)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
2009-07-07 12:02:41 +02:00
|
|
|
|
if (asprintf (&optstr, "OPTION ttyname=%s", value) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
2008-05-27 14:03:50 +02:00
|
|
|
|
xfree (optstr);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2009-07-07 12:02:41 +02:00
|
|
|
|
value = session_env_getenv (ctrl->session_env, "TERM");
|
2019-06-04 04:35:06 +02:00
|
|
|
|
if (value && *value)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
2009-07-07 12:02:41 +02:00
|
|
|
|
if (asprintf (&optstr, "OPTION ttytype=%s", value) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
2010-02-17 20:03:37 +01:00
|
|
|
|
xfree (optstr);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2004-12-17 21:41:50 +01:00
|
|
|
|
if (ctrl->lc_ctype)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
|
|
|
|
if (asprintf (&optstr, "OPTION lc-ctype=%s", ctrl->lc_ctype) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
2010-02-17 20:03:37 +01:00
|
|
|
|
xfree (optstr);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2004-12-17 21:41:50 +01:00
|
|
|
|
if (ctrl->lc_messages)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
|
|
|
|
if (asprintf (&optstr, "OPTION lc-messages=%s", ctrl->lc_messages) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
2010-02-17 20:03:37 +01:00
|
|
|
|
xfree (optstr);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2007-02-14 17:27:55 +01:00
|
|
|
|
|
2015-05-07 15:42:00 +02:00
|
|
|
|
|
2015-05-11 18:08:44 +02:00
|
|
|
|
if (opt.allow_external_cache)
|
|
|
|
|
{
|
|
|
|
|
/* Indicate to the pinentry that it may read from an external cache.
|
|
|
|
|
|
|
|
|
|
It is essential that the pinentry respect this. If the
|
|
|
|
|
cached password is not up to date and retry == 1, then, using
|
|
|
|
|
a version of GPG Agent that doesn't support this, won't issue
|
|
|
|
|
another pin request and the user won't get a chance to
|
|
|
|
|
correct the password. */
|
|
|
|
|
rc = assuan_transact (entry_ctx, "OPTION allow-external-password-cache",
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2015-05-11 18:08:44 +02:00
|
|
|
|
}
|
2015-05-07 15:42:00 +02:00
|
|
|
|
|
2015-06-09 14:07:00 +02:00
|
|
|
|
if (opt.allow_emacs_pinentry)
|
|
|
|
|
{
|
|
|
|
|
/* Indicate to the pinentry that it may read passphrase through
|
|
|
|
|
Emacs minibuffer, if possible. */
|
|
|
|
|
rc = assuan_transact (entry_ctx, "OPTION allow-emacs-prompt",
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2015-06-09 14:07:00 +02:00
|
|
|
|
}
|
|
|
|
|
|
2015-05-07 15:42:00 +02:00
|
|
|
|
|
2010-02-17 20:03:37 +01:00
|
|
|
|
{
|
|
|
|
|
/* Provide a few default strings for use by the pinentries. This
|
2018-11-12 18:13:31 +01:00
|
|
|
|
* may help a pinentry to avoid implementing localization code.
|
|
|
|
|
* Note that gpg-agent has been set to utf-8 so that the strings
|
|
|
|
|
* are in the expected encoding. */
|
2017-05-22 23:42:44 +02:00
|
|
|
|
static const struct { const char *key, *value; int what; } tbl[] = {
|
2018-11-12 18:13:31 +01:00
|
|
|
|
/* TRANSLATORS: These are labels for buttons etc as used in
|
|
|
|
|
* Pinentries. In your translation copy the text before the
|
|
|
|
|
* second vertical bar verbatim; translate only the following
|
|
|
|
|
* text. An underscore indicates that the next letter should be
|
|
|
|
|
* used as an accelerator. Double the underscore to have
|
|
|
|
|
* pinentry display a literal underscore. */
|
2010-02-17 20:03:37 +01:00
|
|
|
|
{ "ok", N_("|pinentry-label|_OK") },
|
|
|
|
|
{ "cancel", N_("|pinentry-label|_Cancel") },
|
2015-05-11 10:25:09 +02:00
|
|
|
|
{ "yes", N_("|pinentry-label|_Yes") },
|
|
|
|
|
{ "no", N_("|pinentry-label|_No") },
|
2010-02-26 11:52:05 +01:00
|
|
|
|
{ "prompt", N_("|pinentry-label|PIN:") },
|
2015-05-11 18:08:44 +02:00
|
|
|
|
{ "pwmngr", N_("|pinentry-label|_Save in password manager"), 1 },
|
2015-05-11 10:25:09 +02:00
|
|
|
|
{ "cf-visi",N_("Do you really want to make your "
|
|
|
|
|
"passphrase visible on the screen?") },
|
|
|
|
|
{ "tt-visi",N_("|pinentry-tt|Make passphrase visible") },
|
|
|
|
|
{ "tt-hide",N_("|pinentry-tt|Hide passphrase") },
|
2021-07-21 12:36:18 +02:00
|
|
|
|
{ "capshint", N_("Caps Lock is on") },
|
2010-02-17 20:03:37 +01:00
|
|
|
|
{ NULL, NULL}
|
|
|
|
|
};
|
|
|
|
|
char *optstr;
|
|
|
|
|
int idx;
|
2010-02-26 11:52:05 +01:00
|
|
|
|
const char *s, *s2;
|
2010-02-17 20:03:37 +01:00
|
|
|
|
|
|
|
|
|
for (idx=0; tbl[idx].key; idx++)
|
|
|
|
|
{
|
2015-05-11 18:08:44 +02:00
|
|
|
|
if (!opt.allow_external_cache && tbl[idx].what == 1)
|
|
|
|
|
continue; /* No need for it. */
|
2015-06-30 21:58:02 +02:00
|
|
|
|
s = L_(tbl[idx].value);
|
2010-02-26 11:52:05 +01:00
|
|
|
|
if (*s == '|' && (s2=strchr (s+1,'|')))
|
|
|
|
|
s = s2+1;
|
|
|
|
|
if (asprintf (&optstr, "OPTION default-%s=%s", tbl[idx].key, s) < 0 )
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2010-02-17 20:03:37 +01:00
|
|
|
|
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
xfree (optstr);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-16 21:24:14 +02:00
|
|
|
|
/* Tell the pinentry that we would prefer that the given character
|
|
|
|
|
is used as the invisible character by the entry widget. */
|
|
|
|
|
if (opt.pinentry_invisible_char)
|
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
|
|
|
|
if ((optstr = xtryasprintf ("OPTION invisible-char=%s",
|
|
|
|
|
opt.pinentry_invisible_char)))
|
|
|
|
|
{
|
|
|
|
|
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
/* We ignore errors because this is just a fancy thing and
|
|
|
|
|
older pinentries do not support this feature. */
|
|
|
|
|
xfree (optstr);
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2016-01-20 11:22:44 +01:00
|
|
|
|
if (opt.pinentry_timeout)
|
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
|
|
|
|
if ((optstr = xtryasprintf ("SETTIMEOUT %lu", opt.pinentry_timeout)))
|
|
|
|
|
{
|
|
|
|
|
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
/* We ignore errors because this is just a fancy thing. */
|
|
|
|
|
xfree (optstr);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2007-02-14 17:27:55 +01:00
|
|
|
|
/* Tell the pinentry the name of a file it shall touch after having
|
|
|
|
|
messed with the tty. This is optional and only supported by
|
|
|
|
|
newer pinentries and thus we do no error checking. */
|
|
|
|
|
tmpstr = opt.pinentry_touch_file;
|
|
|
|
|
if (tmpstr && !strcmp (tmpstr, "/dev/null"))
|
|
|
|
|
tmpstr = NULL;
|
|
|
|
|
else if (!tmpstr)
|
|
|
|
|
tmpstr = get_agent_socket_name ();
|
|
|
|
|
if (tmpstr)
|
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2007-02-14 17:27:55 +01:00
|
|
|
|
if (asprintf (&optstr, "OPTION touch-file=%s", tmpstr ) < 0 )
|
|
|
|
|
;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
2008-05-27 14:03:50 +02:00
|
|
|
|
xfree (optstr);
|
2007-02-14 17:27:55 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-03 17:13:08 +01:00
|
|
|
|
/* Tell Pinentry about our client. */
|
|
|
|
|
if (ctrl->client_pid)
|
|
|
|
|
{
|
|
|
|
|
char *optstr;
|
2017-02-03 21:16:26 +01:00
|
|
|
|
const char *nodename = "";
|
|
|
|
|
|
|
|
|
|
#ifndef HAVE_W32_SYSTEM
|
|
|
|
|
struct utsname utsbuf;
|
|
|
|
|
if (!uname (&utsbuf))
|
|
|
|
|
nodename = utsbuf.nodename;
|
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
|
|
|
|
|
2017-02-05 08:12:25 +01:00
|
|
|
|
if ((optstr = xtryasprintf ("OPTION owner=%lu/%d %s",
|
|
|
|
|
ctrl->client_pid, ctrl->client_uid,
|
|
|
|
|
nodename)))
|
2017-02-03 17:13:08 +01:00
|
|
|
|
{
|
|
|
|
|
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
/* We ignore errors because this is just a fancy thing and
|
|
|
|
|
older pinentries do not support this feature. */
|
|
|
|
|
xfree (optstr);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-14 20:50:10 +01:00
|
|
|
|
|
2017-02-03 12:04:52 +01:00
|
|
|
|
/* Ask the pinentry for its version and flavor and store that as a
|
2016-11-03 20:07:56 +01:00
|
|
|
|
* string in MB. This information is useful for helping users to
|
2019-11-18 17:19:09 +01:00
|
|
|
|
* figure out Pinentry problems. Note that "flavor" may also return
|
2017-02-22 16:54:32 +01:00
|
|
|
|
* a status line with the features; we use a dedicated handler for
|
|
|
|
|
* that. */
|
2016-11-03 20:07:56 +01:00
|
|
|
|
{
|
|
|
|
|
membuf_t mb;
|
|
|
|
|
|
|
|
|
|
init_membuf (&mb, 256);
|
|
|
|
|
if (assuan_transact (entry_ctx, "GETINFO flavor",
|
2017-02-22 16:54:32 +01:00
|
|
|
|
put_membuf_cb, &mb,
|
|
|
|
|
NULL, NULL,
|
|
|
|
|
getinfo_features_cb, NULL))
|
2016-11-03 20:07:56 +01:00
|
|
|
|
put_membuf_str (&mb, "unknown");
|
|
|
|
|
put_membuf_str (&mb, " ");
|
|
|
|
|
if (assuan_transact (entry_ctx, "GETINFO version",
|
|
|
|
|
put_membuf_cb, &mb, NULL, NULL, NULL, NULL))
|
|
|
|
|
put_membuf_str (&mb, "unknown");
|
2017-02-03 12:04:52 +01:00
|
|
|
|
put_membuf_str (&mb, " ");
|
|
|
|
|
if (assuan_transact (entry_ctx, "GETINFO ttyinfo",
|
|
|
|
|
put_membuf_cb, &mb, NULL, NULL, NULL, NULL))
|
|
|
|
|
put_membuf_str (&mb, "? ? ?");
|
2016-11-03 20:07:56 +01:00
|
|
|
|
put_membuf (&mb, "", 1);
|
|
|
|
|
flavor_version = get_membuf (&mb, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-02-14 20:50:10 +01:00
|
|
|
|
/* Now ask the Pinentry for its PID. If the Pinentry is new enough
|
|
|
|
|
it will send the pid back and we will use an inquire to notify
|
|
|
|
|
our client. The client may answer the inquiry either with END or
|
|
|
|
|
with CAN to cancel the pinentry. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx, "GETINFO pid",
|
2008-02-14 20:50:10 +01:00
|
|
|
|
getinfo_pid_cb, &pinentry_pid,
|
|
|
|
|
NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
{
|
|
|
|
|
log_info ("You may want to update to a newer pinentry\n");
|
|
|
|
|
rc = 0;
|
|
|
|
|
}
|
2020-07-31 10:20:31 +02:00
|
|
|
|
else if (!rc && pinentry_pid == (unsigned long)(-1L))
|
2008-02-14 20:50:10 +01:00
|
|
|
|
log_error ("pinentry did not return a PID\n");
|
|
|
|
|
else
|
|
|
|
|
{
|
2016-11-03 20:07:56 +01:00
|
|
|
|
rc = agent_inq_pinentry_launched (ctrl, pinentry_pid, flavor_version);
|
2010-10-13 17:57:08 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_CANCELED
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, gpg_err_make (GPG_ERR_SOURCE_DEFAULT,
|
|
|
|
|
gpg_err_code (rc)));
|
2008-02-14 20:50:10 +01:00
|
|
|
|
rc = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-03 20:07:56 +01:00
|
|
|
|
xfree (flavor_version);
|
|
|
|
|
|
2017-04-14 05:54:06 +02:00
|
|
|
|
return rc;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2008-02-14 20:50:10 +01:00
|
|
|
|
|
2015-05-06 15:27:23 +02:00
|
|
|
|
/* Returns True if the pinentry is currently active. If WAITSECONDS is
|
2006-10-19 16:22:06 +02:00
|
|
|
|
greater than zero the function will wait for this many seconds
|
|
|
|
|
before returning. */
|
|
|
|
|
int
|
|
|
|
|
pinentry_active_p (ctrl_t ctrl, int waitseconds)
|
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
int err;
|
2008-10-20 15:53:23 +02:00
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
2006-10-19 16:22:06 +02:00
|
|
|
|
if (waitseconds > 0)
|
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
struct timespec abstime;
|
2006-10-19 16:22:06 +02:00
|
|
|
|
int rc;
|
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_clock_gettime (&abstime);
|
|
|
|
|
abstime.tv_sec += waitseconds;
|
|
|
|
|
err = npth_mutex_timedlock (&entry_lock, &abstime);
|
|
|
|
|
if (err)
|
2006-10-19 16:22:06 +02:00
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
if (err == ETIMEDOUT)
|
2006-10-19 16:22:06 +02:00
|
|
|
|
rc = gpg_error (GPG_ERR_TIMEOUT);
|
|
|
|
|
else
|
|
|
|
|
rc = gpg_error (GPG_ERR_INTERNAL);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
err = npth_mutex_trylock (&entry_lock);
|
|
|
|
|
if (err)
|
2006-10-19 16:22:06 +02:00
|
|
|
|
return gpg_error (GPG_ERR_LOCKED);
|
|
|
|
|
}
|
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
err = npth_mutex_unlock (&entry_lock);
|
|
|
|
|
if (err)
|
|
|
|
|
log_error ("failed to release the entry lock at %d: %s\n", __LINE__,
|
|
|
|
|
strerror (errno));
|
2006-10-19 16:22:06 +02:00
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
static gpg_error_t
|
2003-06-05 09:14:21 +02:00
|
|
|
|
getpin_cb (void *opaque, const void *buffer, size_t length)
|
|
|
|
|
{
|
|
|
|
|
struct entry_parm_s *parm = opaque;
|
|
|
|
|
|
|
|
|
|
if (!buffer)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/* we expect the pin to fit on one line */
|
|
|
|
|
if (parm->lines || length >= parm->size)
|
2006-09-06 18:35:52 +02:00
|
|
|
|
return gpg_error (GPG_ERR_ASS_TOO_MUCH_DATA);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
/* fixme: we should make sure that the assuan buffer is allocated in
|
|
|
|
|
secure memory or read the response byte by byte */
|
|
|
|
|
memcpy (parm->buffer, buffer, length);
|
|
|
|
|
parm->buffer[length] = 0;
|
|
|
|
|
parm->lines++;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
all_digitsp( const char *s)
|
|
|
|
|
{
|
|
|
|
|
for (; *s && *s >= '0' && *s <= '9'; s++)
|
|
|
|
|
;
|
|
|
|
|
return !*s;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
|
2007-09-18 13:40:09 +02:00
|
|
|
|
/* Return a new malloced string by unescaping the string S. Escaping
|
|
|
|
|
is percent escaping and '+'/space mapping. A binary Nul will
|
|
|
|
|
silently be replaced by a 0xFF. Function returns NULL to indicate
|
2015-05-06 15:27:23 +02:00
|
|
|
|
an out of memory status. Parsing stops at the end of the string or
|
2007-09-18 13:40:09 +02:00
|
|
|
|
a white space character. */
|
|
|
|
|
static char *
|
|
|
|
|
unescape_passphrase_string (const unsigned char *s)
|
|
|
|
|
{
|
|
|
|
|
char *buffer, *d;
|
|
|
|
|
|
|
|
|
|
buffer = d = xtrymalloc_secure (strlen ((const char*)s)+1);
|
|
|
|
|
if (!buffer)
|
|
|
|
|
return NULL;
|
|
|
|
|
while (*s && !spacep (s))
|
|
|
|
|
{
|
|
|
|
|
if (*s == '%' && s[1] && s[2])
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2007-09-18 13:40:09 +02:00
|
|
|
|
s++;
|
|
|
|
|
*d = xtoi_2 (s);
|
|
|
|
|
if (!*d)
|
|
|
|
|
*d = '\xff';
|
|
|
|
|
d++;
|
|
|
|
|
s += 2;
|
|
|
|
|
}
|
|
|
|
|
else if (*s == '+')
|
|
|
|
|
{
|
|
|
|
|
*d++ = ' ';
|
|
|
|
|
s++;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
*d++ = *s++;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
*d = 0;
|
2007-09-18 13:40:09 +02:00
|
|
|
|
return buffer;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Estimate the quality of the passphrase PW and return a value in the
|
|
|
|
|
range 0..100. */
|
|
|
|
|
static int
|
|
|
|
|
estimate_passphrase_quality (const char *pw)
|
|
|
|
|
{
|
|
|
|
|
int goodlength = opt.min_passphrase_len + opt.min_passphrase_len/3;
|
|
|
|
|
int length;
|
|
|
|
|
const char *s;
|
|
|
|
|
|
|
|
|
|
if (goodlength < 1)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
for (length = 0, s = pw; *s; s++)
|
|
|
|
|
if (!spacep (s))
|
|
|
|
|
length ++;
|
|
|
|
|
|
|
|
|
|
if (length > goodlength)
|
|
|
|
|
return 100;
|
|
|
|
|
return ((length*10) / goodlength)*10;
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
|
|
|
|
/* Generate a random passphrase in zBase32 encoding (RFC-6189) to be
|
2022-06-27 18:02:03 +02:00
|
|
|
|
* used by Pinentry to suggest a passphrase. Note that we have the
|
|
|
|
|
* same algorithm in gpg.c for --gen-random at level 30. It is
|
|
|
|
|
* important that we always output exactly 30 characters to match the
|
|
|
|
|
* special exception we have in the pattern file for symmetric
|
|
|
|
|
* encryption. */
|
2020-11-06 14:19:24 +01:00
|
|
|
|
static char *
|
|
|
|
|
generate_pin (void)
|
|
|
|
|
{
|
2022-06-27 18:02:03 +02:00
|
|
|
|
unsigned int nbits = DEFAULT_GENPIN_BITS;
|
|
|
|
|
size_t nbytes = nbytes = (nbits + 7) / 8;
|
2020-11-06 15:43:08 +01:00
|
|
|
|
void *rand;
|
|
|
|
|
char *generated;
|
|
|
|
|
|
2022-06-27 18:02:03 +02:00
|
|
|
|
rand = gcry_random_bytes_secure (nbytes, GCRY_STRONG_RANDOM);
|
2020-11-06 14:19:24 +01:00
|
|
|
|
if (!rand)
|
|
|
|
|
{
|
2020-11-06 15:43:08 +01:00
|
|
|
|
log_error ("failed to generate random pin\n");
|
2020-11-06 14:19:24 +01:00
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
2021-08-18 11:23:23 +02:00
|
|
|
|
generated = zb32_encode (rand, nbits);
|
2020-11-06 14:19:24 +01:00
|
|
|
|
gcry_free (rand);
|
|
|
|
|
return generated;
|
|
|
|
|
}
|
2007-09-18 13:40:09 +02:00
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
2020-11-06 14:19:24 +01:00
|
|
|
|
/* Handle inquiries. */
|
2021-08-13 13:42:31 +02:00
|
|
|
|
struct inq_cb_parm_s
|
|
|
|
|
{
|
|
|
|
|
assuan_context_t ctx;
|
|
|
|
|
unsigned int flags; /* CHECK_CONSTRAINTS_... */
|
2021-08-18 18:24:35 +02:00
|
|
|
|
int genpinhash_valid;
|
|
|
|
|
char genpinhash[32]; /* Hash of the last generated pin. */
|
2021-08-13 13:42:31 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
2024-05-13 00:09:23 +02:00
|
|
|
|
/* Return true if PIN is identical to the last generated pin. */
|
2021-08-18 18:24:35 +02:00
|
|
|
|
static int
|
|
|
|
|
is_generated_pin (struct inq_cb_parm_s *parm, const char *pin)
|
|
|
|
|
{
|
|
|
|
|
char hashbuf[32];
|
|
|
|
|
|
|
|
|
|
if (!parm->genpinhash_valid)
|
|
|
|
|
return 0;
|
|
|
|
|
if (!*pin)
|
|
|
|
|
return 0;
|
|
|
|
|
/* Note that we compare the hash so that we do not need to save the
|
|
|
|
|
* generated PIN longer than needed. */
|
|
|
|
|
gcry_md_hash_buffer (GCRY_MD_SHA256, hashbuf, pin, strlen (pin));
|
|
|
|
|
|
|
|
|
|
if (!memcmp (hashbuf, parm->genpinhash, 32))
|
|
|
|
|
return 1; /* yes, it is the same. */
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-09-23 02:01:25 +02:00
|
|
|
|
static gpg_error_t
|
2020-11-06 14:19:24 +01:00
|
|
|
|
inq_cb (void *opaque, const char *line)
|
2007-09-18 13:40:09 +02:00
|
|
|
|
{
|
2021-08-13 13:42:31 +02:00
|
|
|
|
struct inq_cb_parm_s *parm = opaque;
|
2020-11-06 15:43:08 +01:00
|
|
|
|
gpg_error_t err;
|
Use has_leading_keyword in the assuan callbacks.
* agent/call-pinentry.c (inq_quality): Use has_leading_keyword.
* agent/call-scd.c (inq_needpin, inq_writekey_parms): Ditto.
* g10/call-agent.c (inq_writecert_parms, keyinfo_status_cb): Ditto.
(inq_genkey_parms, inq_ciphertext_cb, inq_import_key_parms): Ditto.
* g10/call-dirmngr.c (ks_put_inq_cb): Ditto.
* sm/call-agent.c (default_inq_cb, inq_ciphertext_cb): Ditto.
(inq_genkey_parms, istrusted_status_cb, learn_status_cb): Ditto.
(keyinfo_status_cb, inq_import_key_parms): Ditto.
* sm/call-dirmngr.c (inq_certificate, isvalid_status_cb): Ditto.
(lookup_status_cb, run_command_inq_cb, run_command_status_cb): Ditto.
2013-02-22 10:56:13 +01:00
|
|
|
|
const char *s;
|
2020-11-06 15:43:08 +01:00
|
|
|
|
char *pin;
|
2007-09-18 13:40:09 +02:00
|
|
|
|
|
Use has_leading_keyword in the assuan callbacks.
* agent/call-pinentry.c (inq_quality): Use has_leading_keyword.
* agent/call-scd.c (inq_needpin, inq_writekey_parms): Ditto.
* g10/call-agent.c (inq_writecert_parms, keyinfo_status_cb): Ditto.
(inq_genkey_parms, inq_ciphertext_cb, inq_import_key_parms): Ditto.
* g10/call-dirmngr.c (ks_put_inq_cb): Ditto.
* sm/call-agent.c (default_inq_cb, inq_ciphertext_cb): Ditto.
(inq_genkey_parms, istrusted_status_cb, learn_status_cb): Ditto.
(keyinfo_status_cb, inq_import_key_parms): Ditto.
* sm/call-dirmngr.c (inq_certificate, isvalid_status_cb): Ditto.
(lookup_status_cb, run_command_inq_cb, run_command_status_cb): Ditto.
2013-02-22 10:56:13 +01:00
|
|
|
|
if ((s = has_leading_keyword (line, "QUALITY")))
|
2007-09-18 13:40:09 +02:00
|
|
|
|
{
|
2020-11-06 14:19:24 +01:00
|
|
|
|
char numbuf[20];
|
|
|
|
|
int percent;
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
Use has_leading_keyword in the assuan callbacks.
* agent/call-pinentry.c (inq_quality): Use has_leading_keyword.
* agent/call-scd.c (inq_needpin, inq_writekey_parms): Ditto.
* g10/call-agent.c (inq_writecert_parms, keyinfo_status_cb): Ditto.
(inq_genkey_parms, inq_ciphertext_cb, inq_import_key_parms): Ditto.
* g10/call-dirmngr.c (ks_put_inq_cb): Ditto.
* sm/call-agent.c (default_inq_cb, inq_ciphertext_cb): Ditto.
(inq_genkey_parms, istrusted_status_cb, learn_status_cb): Ditto.
(keyinfo_status_cb, inq_import_key_parms): Ditto.
* sm/call-dirmngr.c (inq_certificate, isvalid_status_cb): Ditto.
(lookup_status_cb, run_command_inq_cb, run_command_status_cb): Ditto.
2013-02-22 10:56:13 +01:00
|
|
|
|
pin = unescape_passphrase_string (s);
|
2007-09-18 13:40:09 +02:00
|
|
|
|
if (!pin)
|
2020-11-06 15:43:08 +01:00
|
|
|
|
err = gpg_error_from_syserror ();
|
2007-09-18 13:40:09 +02:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
percent = estimate_passphrase_quality (pin);
|
2021-08-13 13:42:31 +02:00
|
|
|
|
if (check_passphrase_constraints (NULL, pin, parm->flags, NULL))
|
2007-09-18 13:40:09 +02:00
|
|
|
|
percent = -percent;
|
|
|
|
|
snprintf (numbuf, sizeof numbuf, "%d", percent);
|
2021-08-13 13:42:31 +02:00
|
|
|
|
err = assuan_send_data (parm->ctx, numbuf, strlen (numbuf));
|
2007-09-18 13:40:09 +02:00
|
|
|
|
xfree (pin);
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-28 10:11:39 +02:00
|
|
|
|
else if ((s = has_leading_keyword (line, "CHECKPIN")))
|
|
|
|
|
{
|
|
|
|
|
char *errtext = NULL;
|
|
|
|
|
size_t errtextlen;
|
|
|
|
|
|
|
|
|
|
if (!opt.enforce_passphrase_constraints)
|
|
|
|
|
{
|
|
|
|
|
log_error ("unexpected inquiry 'CHECKPIN' without enforced "
|
|
|
|
|
"passphrase constraints\n");
|
|
|
|
|
err = gpg_error (GPG_ERR_ASS_UNEXPECTED_CMD);
|
|
|
|
|
goto leave;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pin = unescape_passphrase_string (s);
|
|
|
|
|
if (!pin)
|
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
|
else
|
|
|
|
|
{
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!is_generated_pin (parm, pin)
|
|
|
|
|
&& check_passphrase_constraints (NULL, pin,parm->flags, &errtext))
|
2021-07-28 10:11:39 +02:00
|
|
|
|
{
|
|
|
|
|
if (errtext)
|
|
|
|
|
{
|
|
|
|
|
/* Unescape the percent-escaped errtext because
|
|
|
|
|
assuan_send_data escapes it again. */
|
|
|
|
|
errtextlen = percent_unescape_inplace (errtext, 0);
|
2021-08-13 13:42:31 +02:00
|
|
|
|
err = assuan_send_data (parm->ctx, errtext, errtextlen);
|
2021-07-28 10:11:39 +02:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
log_error ("passphrase check failed without error text\n");
|
|
|
|
|
err = gpg_error (GPG_ERR_GENERAL);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2021-08-13 13:42:31 +02:00
|
|
|
|
err = assuan_send_data (parm->ctx, NULL, 0);
|
2021-07-28 10:11:39 +02:00
|
|
|
|
}
|
|
|
|
|
xfree (errtext);
|
|
|
|
|
xfree (pin);
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-11-06 14:19:24 +01:00
|
|
|
|
else if ((s = has_leading_keyword (line, "GENPIN")))
|
|
|
|
|
{
|
2021-08-18 18:24:35 +02:00
|
|
|
|
int wasconf;
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
parm->genpinhash_valid = 0;
|
|
|
|
|
pin = generate_pin ();
|
|
|
|
|
if (!pin)
|
2020-11-06 14:19:24 +01:00
|
|
|
|
{
|
2021-08-18 18:24:35 +02:00
|
|
|
|
log_error ("failed to generate a passphrase\n");
|
|
|
|
|
err = gpg_error (GPG_ERR_GENERAL);
|
|
|
|
|
goto leave;
|
2020-11-06 14:19:24 +01:00
|
|
|
|
}
|
2021-08-18 18:24:35 +02:00
|
|
|
|
wasconf = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
|
|
|
|
|
assuan_begin_confidential (parm->ctx);
|
|
|
|
|
err = assuan_send_data (parm->ctx, pin, strlen (pin));
|
|
|
|
|
if (!wasconf)
|
|
|
|
|
assuan_end_confidential (parm->ctx);
|
|
|
|
|
gcry_md_hash_buffer (GCRY_MD_SHA256, parm->genpinhash, pin, strlen (pin));
|
|
|
|
|
parm->genpinhash_valid = 1;
|
|
|
|
|
xfree (pin);
|
2020-11-06 14:19:24 +01:00
|
|
|
|
}
|
2007-09-18 13:40:09 +02:00
|
|
|
|
else
|
|
|
|
|
{
|
2012-06-05 19:29:22 +02:00
|
|
|
|
log_error ("unsupported inquiry '%s' from pinentry\n", line);
|
2020-11-06 15:43:08 +01:00
|
|
|
|
err = gpg_error (GPG_ERR_ASS_UNKNOWN_INQUIRE);
|
2007-09-18 13:40:09 +02:00
|
|
|
|
}
|
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
leave:
|
|
|
|
|
return err;
|
2007-09-18 13:40:09 +02:00
|
|
|
|
}
|
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
2020-11-06 14:19:24 +01:00
|
|
|
|
/* Helper to setup pinentry for genpin action. */
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
setup_genpin (ctrl_t ctrl)
|
|
|
|
|
{
|
2020-11-06 15:43:08 +01:00
|
|
|
|
gpg_error_t err;
|
2020-11-06 14:19:24 +01:00
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
char *tmpstr, *tmpstr2;
|
|
|
|
|
const char *tooltip;
|
|
|
|
|
|
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
|
|
|
|
/* TRANSLATORS: This string is displayed by Pinentry as the label
|
|
|
|
|
for generating a passphrase. */
|
2020-11-06 15:43:08 +01:00
|
|
|
|
tmpstr = try_percent_escape (L_("Suggest"), "\t\r\n\f\v");
|
2020-11-06 14:19:24 +01:00
|
|
|
|
snprintf (line, DIM(line), "SETGENPIN %s", tmpstr? tmpstr:"");
|
|
|
|
|
xfree (tmpstr);
|
2020-11-06 15:43:08 +01:00
|
|
|
|
err = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (gpg_err_code (err) == 103 /*(Old assuan error code)*/
|
|
|
|
|
|| gpg_err_code (err) == GPG_ERR_ASS_UNKNOWN_CMD)
|
2020-11-06 14:19:24 +01:00
|
|
|
|
; /* Ignore Unknown Command from old Pinentry versions. */
|
2020-11-06 15:43:08 +01:00
|
|
|
|
else if (err)
|
|
|
|
|
return err;
|
2020-11-06 14:19:24 +01:00
|
|
|
|
|
|
|
|
|
tmpstr2 = gnupg_get_help_string ("pinentry.genpin.tooltip", 0);
|
|
|
|
|
if (tmpstr2)
|
|
|
|
|
tooltip = tmpstr2;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* TRANSLATORS: This string is a tooltip, shown by pinentry when
|
2020-11-06 15:43:08 +01:00
|
|
|
|
hovering over the generate button. Please use an appropriate
|
2020-11-06 14:19:24 +01:00
|
|
|
|
string to describe what this is about. The length of the
|
|
|
|
|
tooltip is limited to about 900 characters. If you do not
|
2021-02-12 08:07:19 +01:00
|
|
|
|
translate this entry, a default English text (see source)
|
|
|
|
|
will be used. The strcmp thingy is there to detect a
|
2020-11-06 15:43:08 +01:00
|
|
|
|
non-translated string. */
|
|
|
|
|
tooltip = L_("pinentry.genpin.tooltip");
|
2020-11-06 14:19:24 +01:00
|
|
|
|
if (!strcmp ("pinentry.genpin.tooltip", tooltip))
|
2021-02-18 14:43:25 +01:00
|
|
|
|
tooltip = "Suggest a random passphrase.";
|
2020-11-06 14:19:24 +01:00
|
|
|
|
}
|
|
|
|
|
tmpstr = try_percent_escape (tooltip, "\t\r\n\f\v");
|
|
|
|
|
xfree (tmpstr2);
|
|
|
|
|
snprintf (line, DIM(line), "SETGENPIN_TT %s", tmpstr? tmpstr:"");
|
|
|
|
|
xfree (tmpstr);
|
2020-11-06 15:43:08 +01:00
|
|
|
|
err = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (gpg_err_code (err) == 103 /*(Old assuan error code)*/
|
|
|
|
|
|| gpg_err_code (err) == GPG_ERR_ASS_UNKNOWN_CMD)
|
2020-11-06 14:19:24 +01:00
|
|
|
|
; /* Ignore Unknown Command from old pinentry versions. */
|
2020-11-06 15:43:08 +01:00
|
|
|
|
else if (err)
|
|
|
|
|
return err;
|
2020-11-06 14:19:24 +01:00
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2007-09-18 13:40:09 +02:00
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
|
2021-07-12 12:20:28 +02:00
|
|
|
|
/* Helper to setup pinentry for formatted passphrase. */
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
setup_formatted_passphrase (ctrl_t ctrl)
|
|
|
|
|
{
|
|
|
|
|
static const struct { const char *key, *help_id, *value; } tbl[] = {
|
|
|
|
|
{ "hint", "pinentry.formatted_passphrase.hint",
|
2021-12-21 02:09:55 +01:00
|
|
|
|
/* TRANSLATORS: This is a text shown by pinentry if the option
|
|
|
|
|
for formatted passphrase is enabled. The length is
|
|
|
|
|
limited to about 900 characters. */
|
2021-07-12 12:20:28 +02:00
|
|
|
|
N_("Note: The blanks are not part of the passphrase.") },
|
|
|
|
|
{ NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
gpg_error_t rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
int idx;
|
|
|
|
|
char *tmpstr;
|
|
|
|
|
const char *s;
|
2021-08-18 10:20:22 +02:00
|
|
|
|
char *escapedstr;
|
2021-07-12 12:20:28 +02:00
|
|
|
|
|
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
|
|
|
|
if (opt.pinentry_formatted_passphrase)
|
|
|
|
|
{
|
2021-08-12 10:47:34 +02:00
|
|
|
|
snprintf (line, DIM(line), "OPTION formatted-passphrase");
|
2021-07-12 12:20:28 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
for (idx=0; tbl[idx].key; idx++)
|
|
|
|
|
{
|
|
|
|
|
tmpstr = gnupg_get_help_string (tbl[idx].help_id, 0);
|
|
|
|
|
if (tmpstr)
|
|
|
|
|
s = tmpstr;
|
|
|
|
|
else
|
|
|
|
|
s = L_(tbl[idx].value);
|
2021-08-18 10:20:22 +02:00
|
|
|
|
escapedstr = try_percent_escape (s, "\t\r\n\f\v");
|
2021-07-12 12:20:28 +02:00
|
|
|
|
xfree (tmpstr);
|
2021-08-18 10:20:22 +02:00
|
|
|
|
if (escapedstr && *escapedstr)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "OPTION formatted-passphrase-%s=%s",
|
|
|
|
|
tbl[idx].key, escapedstr);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
rc = 0;
|
|
|
|
|
xfree (escapedstr);
|
2021-07-12 12:20:28 +02:00
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2021-07-28 10:11:39 +02:00
|
|
|
|
/* Helper to setup pinentry for enforced passphrase constraints. */
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
setup_enforced_constraints (ctrl_t ctrl)
|
|
|
|
|
{
|
|
|
|
|
static const struct { const char *key, *help_id, *value; } tbl[] = {
|
|
|
|
|
{ "hint-short", "pinentry.constraints.hint.short", NULL },
|
|
|
|
|
{ "hint-long", "pinentry.constraints.hint.long", NULL },
|
|
|
|
|
/* TRANSLATORS: This is a text shown by pinentry as title of a dialog
|
|
|
|
|
telling the user that the entered new passphrase does not satisfy
|
|
|
|
|
the passphrase constraints. Please keep it short. */
|
|
|
|
|
{ "error-title", NULL, N_("Passphrase Not Allowed") },
|
|
|
|
|
{ NULL, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
gpg_error_t rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
int idx;
|
|
|
|
|
char *tmpstr;
|
|
|
|
|
const char *s;
|
|
|
|
|
char *escapedstr;
|
|
|
|
|
|
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
|
|
|
|
if (opt.enforce_passphrase_constraints)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "OPTION constraints-enforce");
|
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL,
|
|
|
|
|
NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
for (idx=0; tbl[idx].key; idx++)
|
|
|
|
|
{
|
|
|
|
|
tmpstr = gnupg_get_help_string (tbl[idx].help_id, 0);
|
|
|
|
|
if (tmpstr)
|
|
|
|
|
s = tmpstr;
|
|
|
|
|
else if (tbl[idx].value)
|
|
|
|
|
s = L_(tbl[idx].value);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
log_error ("no help string found for %s\n", tbl[idx].help_id);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
escapedstr = try_percent_escape (s, "\t\r\n\f\v");
|
|
|
|
|
xfree (tmpstr);
|
2021-08-18 10:20:22 +02:00
|
|
|
|
if (escapedstr && *escapedstr)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "OPTION constraints-%s=%s",
|
|
|
|
|
tbl[idx].key, escapedstr);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
rc = 0; /* Ignore an empty string (would give an IPC error). */
|
2021-07-28 10:11:39 +02:00
|
|
|
|
xfree (escapedstr);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-05-15 13:16:28 +02:00
|
|
|
|
/* Helper for agent_askpin and agent_get_passphrase. */
|
2015-10-09 04:33:13 +02:00
|
|
|
|
static gpg_error_t
|
2015-06-30 21:58:02 +02:00
|
|
|
|
setup_qualitybar (ctrl_t ctrl)
|
2009-05-15 13:16:28 +02:00
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
char *tmpstr, *tmpstr2;
|
|
|
|
|
const char *tooltip;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2015-11-27 17:53:52 +01:00
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
2009-05-15 13:16:28 +02:00
|
|
|
|
/* TRANSLATORS: This string is displayed by Pinentry as the label
|
|
|
|
|
for the quality bar. */
|
2015-06-30 21:58:02 +02:00
|
|
|
|
tmpstr = try_percent_escape (L_("Quality:"), "\t\r\n\f\v");
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETQUALITYBAR %s", tmpstr? tmpstr:"");
|
2009-05-15 13:16:28 +02:00
|
|
|
|
xfree (tmpstr);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc == 103 /*(Old assuan error code)*/
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_ASS_UNKNOWN_CMD)
|
|
|
|
|
; /* Ignore Unknown Command from old Pinentry versions. */
|
|
|
|
|
else if (rc)
|
|
|
|
|
return rc;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2009-05-15 13:16:28 +02:00
|
|
|
|
tmpstr2 = gnupg_get_help_string ("pinentry.qualitybar.tooltip", 0);
|
|
|
|
|
if (tmpstr2)
|
|
|
|
|
tooltip = tmpstr2;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* TRANSLATORS: This string is a tooltip, shown by pinentry when
|
|
|
|
|
hovering over the quality bar. Please use an appropriate
|
|
|
|
|
string to describe what this is about. The length of the
|
|
|
|
|
tooltip is limited to about 900 characters. If you do not
|
|
|
|
|
translate this entry, a default english text (see source)
|
|
|
|
|
will be used. */
|
2015-06-30 21:58:02 +02:00
|
|
|
|
tooltip = L_("pinentry.qualitybar.tooltip");
|
2009-05-15 13:16:28 +02:00
|
|
|
|
if (!strcmp ("pinentry.qualitybar.tooltip", tooltip))
|
2021-02-18 14:43:25 +01:00
|
|
|
|
tooltip = ("The quality of the text entered above.\n"
|
|
|
|
|
"Please ask your administrator for "
|
|
|
|
|
"details about the criteria.");
|
2009-05-15 13:16:28 +02:00
|
|
|
|
}
|
|
|
|
|
tmpstr = try_percent_escape (tooltip, "\t\r\n\f\v");
|
|
|
|
|
xfree (tmpstr2);
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETQUALITYBAR_TT %s", tmpstr? tmpstr:"");
|
2009-05-15 13:16:28 +02:00
|
|
|
|
xfree (tmpstr);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc == 103 /*(Old assuan error code)*/
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_ASS_UNKNOWN_CMD)
|
|
|
|
|
; /* Ignore Unknown Command from old pinentry versions. */
|
|
|
|
|
else if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2007-09-18 13:40:09 +02:00
|
|
|
|
|
2014-10-24 16:20:20 +02:00
|
|
|
|
/* Check the button_info line for a close action. Also check for the
|
|
|
|
|
PIN_REPEATED flag. */
|
2010-10-01 22:33:53 +02:00
|
|
|
|
static gpg_error_t
|
2015-05-06 14:35:22 +02:00
|
|
|
|
pinentry_status_cb (void *opaque, const char *line)
|
2010-10-01 22:33:53 +02:00
|
|
|
|
{
|
2014-10-24 16:20:20 +02:00
|
|
|
|
unsigned int *flag = opaque;
|
|
|
|
|
const char *args;
|
2010-10-01 22:33:53 +02:00
|
|
|
|
|
2014-10-24 16:20:20 +02:00
|
|
|
|
if ((args = has_leading_keyword (line, "BUTTON_INFO")))
|
2010-10-01 22:33:53 +02:00
|
|
|
|
{
|
2014-10-24 16:20:20 +02:00
|
|
|
|
if (!strcmp (args, "close"))
|
2015-05-06 14:50:38 +02:00
|
|
|
|
*flag |= PINENTRY_STATUS_CLOSE_BUTTON;
|
2010-10-01 22:33:53 +02:00
|
|
|
|
}
|
2014-10-24 16:20:20 +02:00
|
|
|
|
else if (has_leading_keyword (line, "PIN_REPEATED"))
|
|
|
|
|
{
|
2015-05-06 14:35:22 +02:00
|
|
|
|
*flag |= PINENTRY_STATUS_PIN_REPEATED;
|
2014-10-24 16:20:20 +02:00
|
|
|
|
}
|
2015-05-06 15:20:32 +02:00
|
|
|
|
else if (has_leading_keyword (line, "PASSWORD_FROM_CACHE"))
|
|
|
|
|
{
|
|
|
|
|
*flag |= PINENTRY_STATUS_PASSWORD_FROM_CACHE;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2010-10-01 22:33:53 +02:00
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2017-04-28 03:06:33 +02:00
|
|
|
|
/* Build a SETDESC command line. This is a dedicated function so that
|
2017-02-22 16:54:32 +01:00
|
|
|
|
* it can remove control characters which are not supported by the
|
|
|
|
|
* current Pinentry. */
|
|
|
|
|
static void
|
|
|
|
|
build_cmd_setdesc (char *line, size_t linelen, const char *desc)
|
|
|
|
|
{
|
|
|
|
|
char *src, *dst;
|
|
|
|
|
|
|
|
|
|
snprintf (line, linelen, "SETDESC %s", desc);
|
|
|
|
|
if (!entry_features.tabbing)
|
|
|
|
|
{
|
|
|
|
|
/* Remove RS and US. */
|
|
|
|
|
for (src=dst=line; *src; src++)
|
|
|
|
|
if (!strchr ("\x1e\x1f", *src))
|
|
|
|
|
*dst++ = *src;
|
|
|
|
|
*dst = 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-01 22:33:53 +02:00
|
|
|
|
|
2019-02-19 03:55:55 +01:00
|
|
|
|
|
2019-02-19 06:36:50 +01:00
|
|
|
|
/* Watch the socket's EOF condition, while checking finish of
|
|
|
|
|
foreground thread. When EOF condition is detected, terminate
|
|
|
|
|
the pinentry process behind the assuan pipe.
|
|
|
|
|
*/
|
|
|
|
|
static void *
|
|
|
|
|
watch_sock (void *arg)
|
|
|
|
|
{
|
|
|
|
|
while (1)
|
|
|
|
|
{
|
|
|
|
|
int err;
|
|
|
|
|
fd_set fdset;
|
|
|
|
|
struct timeval timeout = { 0, 500000 };
|
2019-06-28 02:33:30 +02:00
|
|
|
|
gnupg_fd_t sock = *(gnupg_fd_t *)arg;
|
2019-02-19 06:36:50 +01:00
|
|
|
|
|
|
|
|
|
if (sock == GNUPG_INVALID_FD)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
FD_ZERO (&fdset);
|
|
|
|
|
FD_SET (FD2INT (sock), &fdset);
|
2023-07-18 07:43:36 +02:00
|
|
|
|
err = npth_select (FD2NUM (sock)+1, &fdset, NULL, NULL, &timeout);
|
2019-02-19 06:36:50 +01:00
|
|
|
|
|
|
|
|
|
if (err < 0)
|
|
|
|
|
{
|
|
|
|
|
if (errno == EINTR)
|
|
|
|
|
continue;
|
|
|
|
|
else
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Possibly, it's EOF. */
|
|
|
|
|
if (err > 0)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 06:25:00 +02:00
|
|
|
|
assuan_pipe_kill_server (entry_ctx);
|
2019-02-19 06:36:50 +01:00
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-02-19 03:55:55 +01:00
|
|
|
|
static gpg_error_t
|
2019-06-28 02:33:30 +02:00
|
|
|
|
watch_sock_start (gnupg_fd_t *sock_p, npth_t *thread_p)
|
2019-02-19 03:55:55 +01:00
|
|
|
|
{
|
2019-02-19 06:36:50 +01:00
|
|
|
|
npth_attr_t tattr;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
err = npth_attr_init (&tattr);
|
|
|
|
|
if (err)
|
|
|
|
|
{
|
|
|
|
|
log_error ("do_getpin: error npth_attr_init: %s\n", strerror (err));
|
|
|
|
|
return gpg_error_from_errno (err);
|
|
|
|
|
}
|
|
|
|
|
npth_attr_setdetachstate (&tattr, NPTH_CREATE_JOINABLE);
|
|
|
|
|
|
2019-06-28 02:33:30 +02:00
|
|
|
|
err = npth_create (thread_p, &tattr, watch_sock, sock_p);
|
2019-02-19 06:36:50 +01:00
|
|
|
|
npth_attr_destroy (&tattr);
|
|
|
|
|
if (err)
|
|
|
|
|
{
|
|
|
|
|
log_error ("do_getpin: error spawning thread: %s\n", strerror (err));
|
|
|
|
|
return gpg_error_from_errno (err);
|
|
|
|
|
}
|
2019-02-19 03:55:55 +01:00
|
|
|
|
|
2019-06-28 02:33:30 +02:00
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
watch_sock_end (gnupg_fd_t *sock_p, npth_t *thread_p)
|
|
|
|
|
{
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
*sock_p = GNUPG_INVALID_FD;
|
|
|
|
|
err = npth_join (*thread_p, NULL);
|
|
|
|
|
if (err)
|
|
|
|
|
log_error ("watch_sock_end: error joining thread: %s\n", strerror (err));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Ask pinentry to get a pin by "GETPIN" command, spawning a thread
|
|
|
|
|
detecting the socket's EOF.
|
|
|
|
|
*/
|
|
|
|
|
static gpg_error_t
|
|
|
|
|
do_getpin (ctrl_t ctrl, struct entry_parm_s *parm)
|
|
|
|
|
{
|
|
|
|
|
gpg_error_t rc;
|
|
|
|
|
gnupg_fd_t sock_watched = ctrl->thread_startup.fd;
|
|
|
|
|
npth_t thread;
|
2021-08-18 10:20:22 +02:00
|
|
|
|
int wasconf;
|
2021-08-13 13:42:31 +02:00
|
|
|
|
struct inq_cb_parm_s inq_cb_parm;
|
2019-06-28 02:33:30 +02:00
|
|
|
|
|
|
|
|
|
rc = watch_sock_start (&sock_watched, &thread);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
2021-08-13 13:42:31 +02:00
|
|
|
|
inq_cb_parm.ctx = entry_ctx;
|
|
|
|
|
inq_cb_parm.flags = parm->constraints_flags;
|
2021-08-18 18:24:35 +02:00
|
|
|
|
inq_cb_parm.genpinhash_valid = 0;
|
2021-08-13 13:42:31 +02:00
|
|
|
|
|
2021-08-18 10:20:22 +02:00
|
|
|
|
wasconf = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
|
2019-02-19 03:55:55 +01:00
|
|
|
|
assuan_begin_confidential (entry_ctx);
|
|
|
|
|
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, parm,
|
2021-08-13 13:42:31 +02:00
|
|
|
|
inq_cb, &inq_cb_parm,
|
2019-02-19 05:12:07 +01:00
|
|
|
|
pinentry_status_cb, &parm->status);
|
2021-08-18 10:20:22 +02:00
|
|
|
|
if (!wasconf)
|
|
|
|
|
assuan_end_confidential (entry_ctx);
|
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!rc && parm->buffer && is_generated_pin (&inq_cb_parm, parm->buffer))
|
|
|
|
|
parm->status |= PINENTRY_STATUS_PASSWORD_GENERATED;
|
|
|
|
|
else
|
|
|
|
|
parm->status &= ~PINENTRY_STATUS_PASSWORD_GENERATED;
|
|
|
|
|
|
2019-02-19 03:55:55 +01:00
|
|
|
|
/* Most pinentries out in the wild return the old Assuan error code
|
|
|
|
|
for canceled which gets translated to an assuan Cancel error and
|
|
|
|
|
not to the code for a user cancel. Fix this here. */
|
|
|
|
|
if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
|
|
|
|
|
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
|
|
|
|
|
/* Change error code in case the window close button was clicked
|
|
|
|
|
to cancel the operation. */
|
2019-02-19 05:12:07 +01:00
|
|
|
|
if ((parm->status & PINENTRY_STATUS_CLOSE_BUTTON)
|
2019-02-19 03:55:55 +01:00
|
|
|
|
&& gpg_err_code (rc) == GPG_ERR_CANCELED)
|
|
|
|
|
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
|
|
|
|
|
|
2019-06-28 02:33:30 +02:00
|
|
|
|
watch_sock_end (&sock_watched, &thread);
|
2019-02-19 06:36:50 +01:00
|
|
|
|
|
2019-02-19 03:55:55 +01:00
|
|
|
|
return rc;
|
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
/* Call the Entry and ask for the PIN. We do check for a valid PIN
|
|
|
|
|
number here and repeat it as long as we have invalid formed
|
2015-05-06 15:27:23 +02:00
|
|
|
|
numbers. KEYINFO and CACHE_MODE are used to tell pinentry something
|
2015-04-14 18:41:05 +02:00
|
|
|
|
about the key. */
|
2015-10-09 04:33:13 +02:00
|
|
|
|
gpg_error_t
|
2005-05-24 14:37:36 +02:00
|
|
|
|
agent_askpin (ctrl_t ctrl,
|
|
|
|
|
const char *desc_text, const char *prompt_text,
|
|
|
|
|
const char *initial_errtext,
|
2015-04-14 18:41:05 +02:00
|
|
|
|
struct pin_entry_info_s *pininfo,
|
|
|
|
|
const char *keyinfo, cache_mode_t cache_mode)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
2015-10-09 04:33:13 +02:00
|
|
|
|
gpg_error_t rc;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
struct entry_parm_s parm;
|
|
|
|
|
const char *errtext = NULL;
|
|
|
|
|
int is_pin = 0;
|
2021-08-18 18:24:35 +02:00
|
|
|
|
int is_generated;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (opt.batch)
|
|
|
|
|
return 0; /* fixme: we should return BAD PIN */
|
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
if (ctrl->pinentry_mode != PINENTRY_MODE_ASK)
|
|
|
|
|
{
|
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL)
|
|
|
|
|
return gpg_error (GPG_ERR_CANCELED);
|
2011-09-11 22:55:34 +02:00
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK)
|
|
|
|
|
{
|
|
|
|
|
unsigned char *passphrase;
|
|
|
|
|
size_t size;
|
|
|
|
|
|
|
|
|
|
*pininfo->pin = 0; /* Reset the PIN. */
|
2017-07-05 11:54:45 +02:00
|
|
|
|
rc = pinentry_loopback (ctrl, "PASSPHRASE", &passphrase, &size,
|
|
|
|
|
pininfo->max_length - 1);
|
2011-09-11 22:55:34 +02:00
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
memcpy(&pininfo->pin, passphrase, size);
|
|
|
|
|
xfree(passphrase);
|
|
|
|
|
pininfo->pin[size] = 0;
|
|
|
|
|
if (pininfo->check_cb)
|
|
|
|
|
{
|
|
|
|
|
/* More checks by utilizing the optional callback. */
|
|
|
|
|
pininfo->cb_errtext = NULL;
|
|
|
|
|
rc = pininfo->check_cb (pininfo);
|
|
|
|
|
}
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
return gpg_error(GPG_ERR_NO_PIN_ENTRY);
|
2011-03-03 18:35:08 +01:00
|
|
|
|
}
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (!pininfo || pininfo->max_length < 1)
|
|
|
|
|
return gpg_error (GPG_ERR_INV_VALUE);
|
|
|
|
|
if (!desc_text && pininfo->min_digits)
|
2015-06-30 21:58:02 +02:00
|
|
|
|
desc_text = L_("Please enter your PIN, so that the secret key "
|
|
|
|
|
"can be unlocked for this session");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else if (!desc_text)
|
2015-06-30 21:58:02 +02:00
|
|
|
|
desc_text = L_("Please enter your passphrase, so that the secret key "
|
|
|
|
|
"can be unlocked for this session");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2005-05-24 14:37:36 +02:00
|
|
|
|
if (prompt_text)
|
|
|
|
|
is_pin = !!strstr (prompt_text, "PIN");
|
|
|
|
|
else
|
|
|
|
|
is_pin = desc_text && strstr (desc_text, "PIN");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
rc = start_pinentry (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
2015-05-06 15:20:32 +02:00
|
|
|
|
/* If we have a KEYINFO string and are normal, user, or ssh cache
|
2015-04-14 18:41:05 +02:00
|
|
|
|
mode, we tell that the Pinentry so it may use it for own caching
|
|
|
|
|
purposes. Most pinentries won't have this implemented and thus
|
|
|
|
|
we do not error out in this case. */
|
|
|
|
|
if (keyinfo && (cache_mode == CACHE_MODE_NORMAL
|
|
|
|
|
|| cache_mode == CACHE_MODE_USER
|
|
|
|
|
|| cache_mode == CACHE_MODE_SSH))
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETKEYINFO %c/%s",
|
2015-05-06 15:20:32 +02:00
|
|
|
|
cache_mode == CACHE_MODE_USER? 'u' :
|
|
|
|
|
cache_mode == CACHE_MODE_SSH? 's' : 'n',
|
|
|
|
|
keyinfo);
|
|
|
|
|
else
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETKEYINFO --clear");
|
2015-05-06 15:20:32 +02:00
|
|
|
|
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_ASS_UNKNOWN_CMD)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2015-04-14 18:41:05 +02:00
|
|
|
|
|
2017-02-22 16:54:32 +01:00
|
|
|
|
build_cmd_setdesc (line, DIM(line), desc_text);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETPROMPT %s",
|
2015-06-30 21:58:02 +02:00
|
|
|
|
prompt_text? prompt_text : is_pin? L_("PIN:") : L_("Passphrase:"));
|
2005-05-24 14:37:36 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2007-09-18 13:40:09 +02:00
|
|
|
|
/* If a passphrase quality indicator has been requested and a
|
|
|
|
|
minimum passphrase length has not been disabled, send the command
|
|
|
|
|
to the pinentry. */
|
|
|
|
|
if (pininfo->with_qualitybar && opt.min_passphrase_len )
|
|
|
|
|
{
|
2015-06-30 21:58:02 +02:00
|
|
|
|
rc = setup_qualitybar (ctrl);
|
2009-05-15 13:16:28 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2007-09-18 13:40:09 +02:00
|
|
|
|
}
|
2004-02-21 14:05:22 +01:00
|
|
|
|
|
|
|
|
|
if (initial_errtext)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETERROR %s", initial_errtext);
|
2004-02-21 14:05:22 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2004-02-21 14:05:22 +01:00
|
|
|
|
}
|
|
|
|
|
|
2014-10-24 16:20:20 +02:00
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETREPEATERROR %s",
|
2015-06-30 21:58:02 +02:00
|
|
|
|
L_("does not match - try again"));
|
2014-10-24 16:20:20 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
pininfo->with_repeat = 0; /* Pinentry does not support it. */
|
2023-03-06 02:14:07 +01:00
|
|
|
|
|
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "SETREPEATOK %s",
|
|
|
|
|
L_("Passphrases match."));
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
rc = 0; /* Pinentry does not support it. */
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-24 16:20:20 +02:00
|
|
|
|
}
|
|
|
|
|
pininfo->repeat_okay = 0;
|
2019-01-28 04:58:13 +01:00
|
|
|
|
pininfo->status = 0;
|
2014-10-24 16:20:20 +02:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
for (;pininfo->failed_tries < pininfo->max_tries; pininfo->failed_tries++)
|
|
|
|
|
{
|
|
|
|
|
memset (&parm, 0, sizeof parm);
|
|
|
|
|
parm.size = pininfo->max_length;
|
2007-08-27 20:10:27 +02:00
|
|
|
|
*pininfo->pin = 0; /* Reset the PIN. */
|
2005-06-16 10:12:03 +02:00
|
|
|
|
parm.buffer = (unsigned char*)pininfo->pin;
|
2021-08-13 13:42:31 +02:00
|
|
|
|
parm.constraints_flags = pininfo->constraints_flags;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
if (errtext)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2012-08-22 18:54:37 +02:00
|
|
|
|
/* TRANSLATORS: The string is appended to an error message in
|
2007-01-25 09:30:47 +01:00
|
|
|
|
the pinentry. The %s is the actual error message, the
|
|
|
|
|
two %d give the current and maximum number of tries. */
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), L_("SETERROR %s (try %d of %d)"),
|
2003-06-05 09:14:21 +02:00
|
|
|
|
errtext, pininfo->failed_tries+1, pininfo->max_tries);
|
2004-02-21 14:05:22 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
errtext = NULL;
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2014-10-24 16:20:20 +02:00
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETREPEAT %s", L_("Repeat:"));
|
2014-10-24 16:20:20 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2014-10-24 16:20:20 +02:00
|
|
|
|
}
|
|
|
|
|
|
2019-02-19 05:12:07 +01:00
|
|
|
|
rc = do_getpin (ctrl, &parm);
|
|
|
|
|
pininfo->status = parm.status;
|
2021-08-18 18:24:35 +02:00
|
|
|
|
is_generated = !!(parm.status & PINENTRY_STATUS_PASSWORD_GENERATED);
|
|
|
|
|
|
2006-09-06 18:35:52 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_ASS_TOO_MUCH_DATA)
|
2015-06-30 21:58:02 +02:00
|
|
|
|
errtext = is_pin? L_("PIN too long")
|
|
|
|
|
: L_("Passphrase too long");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!errtext && pininfo->min_digits && !is_generated)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
/* do some basic checks on the entered PIN. */
|
|
|
|
|
if (!all_digitsp (pininfo->pin))
|
2015-06-30 21:58:02 +02:00
|
|
|
|
errtext = L_("Invalid characters in PIN");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else if (pininfo->max_digits
|
|
|
|
|
&& strlen (pininfo->pin) > pininfo->max_digits)
|
2015-06-30 21:58:02 +02:00
|
|
|
|
errtext = L_("PIN too long");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else if (strlen (pininfo->pin) < pininfo->min_digits)
|
2015-06-30 21:58:02 +02:00
|
|
|
|
errtext = L_("PIN too short");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!errtext && pininfo->check_cb && !is_generated)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
/* More checks by utilizing the optional callback. */
|
|
|
|
|
pininfo->cb_errtext = NULL;
|
|
|
|
|
rc = pininfo->check_cb (pininfo);
|
2019-01-28 04:58:13 +01:00
|
|
|
|
/* When pinentry cache causes an error, return now. */
|
|
|
|
|
if (rc
|
|
|
|
|
&& (pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
|
2023-10-06 12:04:00 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_BAD_PIN
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_BAD_RESET_CODE)
|
2019-01-28 04:58:13 +01:00
|
|
|
|
{
|
|
|
|
|
if (pininfo->cb_errtext)
|
|
|
|
|
errtext = pininfo->cb_errtext;
|
2023-10-06 12:04:00 +02:00
|
|
|
|
else
|
2019-01-28 04:58:13 +01:00
|
|
|
|
errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
|
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!errtext)
|
2014-10-24 16:20:20 +02:00
|
|
|
|
{
|
2015-05-06 14:35:22 +02:00
|
|
|
|
if (pininfo->with_repeat
|
2019-01-28 04:58:13 +01:00
|
|
|
|
&& (pininfo->status & PINENTRY_STATUS_PIN_REPEATED))
|
2014-10-24 16:20:20 +02:00
|
|
|
|
pininfo->repeat_okay = 1;
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, 0); /* okay, got a PIN or passphrase */
|
2014-10-24 16:20:20 +02:00
|
|
|
|
}
|
2015-05-06 15:20:32 +02:00
|
|
|
|
|
2019-01-28 04:58:13 +01:00
|
|
|
|
if ((pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
|
2020-07-08 14:20:01 +02:00
|
|
|
|
{
|
|
|
|
|
/* The password was read from the cache. Don't count this
|
|
|
|
|
against the retry count. */
|
|
|
|
|
pininfo->failed_tries --;
|
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN
|
2003-06-05 09:14:21 +02:00
|
|
|
|
: GPG_ERR_BAD_PASSPHRASE));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2006-10-04 18:45:04 +02:00
|
|
|
|
/* Ask for the passphrase using the supplied arguments. The returned
|
2020-07-08 14:20:01 +02:00
|
|
|
|
passphrase needs to be freed by the caller. PININFO is optional
|
2020-11-06 14:19:24 +01:00
|
|
|
|
and can be used to have constraints checking while the pinentry
|
2020-07-08 14:20:01 +02:00
|
|
|
|
dialog is open (like what we do in agent_askpin). This is very
|
2020-11-06 14:19:24 +01:00
|
|
|
|
similar to agent_askpin and we should eventually merge the two
|
2020-07-08 14:20:01 +02:00
|
|
|
|
functions. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
int
|
2005-11-28 12:52:25 +01:00
|
|
|
|
agent_get_passphrase (ctrl_t ctrl,
|
2003-06-05 09:14:21 +02:00
|
|
|
|
char **retpass, const char *desc, const char *prompt,
|
2015-05-19 14:58:04 +02:00
|
|
|
|
const char *errtext, int with_qualitybar,
|
2020-07-08 14:20:01 +02:00
|
|
|
|
const char *keyinfo, cache_mode_t cache_mode,
|
|
|
|
|
struct pin_entry_info_s *pininfo)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
int rc;
|
2020-07-08 14:20:01 +02:00
|
|
|
|
int is_pin;
|
2021-08-18 18:24:35 +02:00
|
|
|
|
int is_generated;
|
2003-06-05 09:14:21 +02:00
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
struct entry_parm_s parm;
|
|
|
|
|
|
|
|
|
|
*retpass = NULL;
|
|
|
|
|
if (opt.batch)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
return gpg_error (GPG_ERR_BAD_PASSPHRASE);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
if (ctrl->pinentry_mode != PINENTRY_MODE_ASK)
|
|
|
|
|
{
|
2020-07-08 14:20:01 +02:00
|
|
|
|
unsigned char *passphrase;
|
|
|
|
|
size_t size;
|
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL)
|
|
|
|
|
return gpg_error (GPG_ERR_CANCELED);
|
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK && pininfo)
|
2011-09-11 22:55:34 +02:00
|
|
|
|
{
|
2020-07-08 14:20:01 +02:00
|
|
|
|
*pininfo->pin = 0; /* Reset the PIN. */
|
|
|
|
|
rc = pinentry_loopback (ctrl, "PASSPHRASE",
|
|
|
|
|
&passphrase, &size,
|
|
|
|
|
pininfo->max_length - 1);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
memcpy (&pininfo->pin, passphrase, size);
|
|
|
|
|
wipememory (passphrase, size);
|
|
|
|
|
xfree (passphrase);
|
|
|
|
|
pininfo->pin[size] = 0;
|
|
|
|
|
if (pininfo->check_cb)
|
|
|
|
|
{
|
|
|
|
|
/* More checks by utilizing the optional callback. */
|
|
|
|
|
pininfo->cb_errtext = NULL;
|
|
|
|
|
rc = pininfo->check_cb (pininfo);
|
|
|
|
|
}
|
|
|
|
|
return rc;
|
2011-09-11 22:55:34 +02:00
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
}
|
|
|
|
|
else if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK)
|
|
|
|
|
{
|
|
|
|
|
/* Legacy variant w/o PININFO. */
|
2015-10-09 04:55:18 +02:00
|
|
|
|
return pinentry_loopback (ctrl, "PASSPHRASE",
|
2017-07-05 11:54:45 +02:00
|
|
|
|
(unsigned char **)retpass, &size,
|
|
|
|
|
MAX_PASSPHRASE_LEN);
|
2011-09-11 22:55:34 +02:00
|
|
|
|
}
|
2020-07-08 14:20:01 +02:00
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
return gpg_error (GPG_ERR_NO_PIN_ENTRY);
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = start_pinentry (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
/* Set IS_PIN and if needed a default prompt. */
|
|
|
|
|
if (prompt)
|
|
|
|
|
is_pin = !!strstr (prompt, "PIN");
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
is_pin = desc && strstr (desc, "PIN");
|
|
|
|
|
prompt = is_pin? L_("PIN:"): L_("Passphrase:");
|
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2015-05-19 14:58:04 +02:00
|
|
|
|
/* If we have a KEYINFO string and are normal, user, or ssh cache
|
|
|
|
|
mode, we tell that the Pinentry so it may use it for own caching
|
|
|
|
|
purposes. Most pinentries won't have this implemented and thus
|
|
|
|
|
we do not error out in this case. */
|
|
|
|
|
if (keyinfo && (cache_mode == CACHE_MODE_NORMAL
|
|
|
|
|
|| cache_mode == CACHE_MODE_USER
|
|
|
|
|
|| cache_mode == CACHE_MODE_SSH))
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETKEYINFO %c/%s",
|
2015-05-19 14:58:04 +02:00
|
|
|
|
cache_mode == CACHE_MODE_USER? 'u' :
|
|
|
|
|
cache_mode == CACHE_MODE_SSH? 's' : 'n',
|
|
|
|
|
keyinfo);
|
|
|
|
|
else
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETKEYINFO --clear");
|
2015-05-19 14:58:04 +02:00
|
|
|
|
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc && gpg_err_code (rc) != GPG_ERR_ASS_UNKNOWN_CMD)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2015-05-19 14:58:04 +02:00
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (desc)
|
2017-02-22 16:54:32 +01:00
|
|
|
|
build_cmd_setdesc (line, DIM(line), desc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "RESET");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETPROMPT %s", prompt);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
if ((with_qualitybar || (pininfo && pininfo->with_qualitybar))
|
|
|
|
|
&& opt.min_passphrase_len)
|
2009-05-15 13:16:28 +02:00
|
|
|
|
{
|
2015-06-30 21:58:02 +02:00
|
|
|
|
rc = setup_qualitybar (ctrl);
|
2009-05-15 13:16:28 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2009-05-15 13:16:28 +02:00
|
|
|
|
}
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (errtext)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETERROR %s", errtext);
|
2020-07-08 14:20:01 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2021-07-12 12:20:28 +02:00
|
|
|
|
rc = setup_formatted_passphrase (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
if (!pininfo)
|
|
|
|
|
{
|
|
|
|
|
/* Legacy method without PININFO. */
|
|
|
|
|
memset (&parm, 0, sizeof parm);
|
|
|
|
|
parm.size = ASSUAN_LINELENGTH/2 - 5;
|
|
|
|
|
parm.buffer = gcry_malloc_secure (parm.size+10);
|
|
|
|
|
if (!parm.buffer)
|
|
|
|
|
return unlock_pinentry (ctrl, out_of_core ());
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
rc = do_getpin (ctrl, &parm);
|
|
|
|
|
if (rc)
|
|
|
|
|
xfree (parm.buffer);
|
|
|
|
|
else
|
|
|
|
|
*retpass = parm.buffer;
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We got PININFO. */
|
|
|
|
|
|
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "SETREPEATERROR %s",
|
|
|
|
|
L_("does not match - try again"));
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
pininfo->with_repeat = 0; /* Pinentry does not support it. */
|
2020-11-06 14:19:24 +01:00
|
|
|
|
|
2023-03-06 02:14:07 +01:00
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "SETREPEATOK %s",
|
|
|
|
|
L_("Passphrases match."));
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
rc = 0; /* Pinentry does not support it. */
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-06 15:43:08 +01:00
|
|
|
|
(void)setup_genpin (ctrl);
|
2021-07-28 10:11:39 +02:00
|
|
|
|
|
|
|
|
|
rc = setup_enforced_constraints (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2020-07-08 14:20:01 +02:00
|
|
|
|
}
|
|
|
|
|
pininfo->repeat_okay = 0;
|
|
|
|
|
pininfo->status = 0;
|
|
|
|
|
|
|
|
|
|
for (;pininfo->failed_tries < pininfo->max_tries; pininfo->failed_tries++)
|
|
|
|
|
{
|
|
|
|
|
memset (&parm, 0, sizeof parm);
|
2021-08-18 18:24:35 +02:00
|
|
|
|
parm.constraints_flags = pininfo->constraints_flags;
|
2020-07-08 14:20:01 +02:00
|
|
|
|
parm.size = pininfo->max_length;
|
|
|
|
|
parm.buffer = (unsigned char*)pininfo->pin;
|
|
|
|
|
*pininfo->pin = 0; /* Reset the PIN. */
|
|
|
|
|
|
|
|
|
|
if (errtext)
|
|
|
|
|
{
|
|
|
|
|
/* TRANSLATORS: The string is appended to an error message in
|
|
|
|
|
the pinentry. The %s is the actual error message, the
|
|
|
|
|
two %d give the current and maximum number of tries. */
|
|
|
|
|
snprintf (line, DIM(line), L_("SETERROR %s (try %d of %d)"),
|
|
|
|
|
errtext, pininfo->failed_tries+1, pininfo->max_tries);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
errtext = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pininfo->with_repeat)
|
|
|
|
|
{
|
|
|
|
|
snprintf (line, DIM(line), "SETREPEAT %s", L_("Repeat:"));
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rc = do_getpin (ctrl, &parm);
|
|
|
|
|
pininfo->status = parm.status;
|
2021-08-18 18:24:35 +02:00
|
|
|
|
is_generated = !!(parm.status & PINENTRY_STATUS_PASSWORD_GENERATED);
|
|
|
|
|
|
2020-07-08 14:20:01 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_ASS_TOO_MUCH_DATA)
|
|
|
|
|
errtext = is_pin? L_("PIN too long")
|
|
|
|
|
: L_("Passphrase too long");
|
|
|
|
|
else if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!errtext && pininfo->min_digits && !is_generated)
|
2020-07-08 14:20:01 +02:00
|
|
|
|
{
|
|
|
|
|
/* do some basic checks on the entered PIN. */
|
|
|
|
|
if (!all_digitsp (pininfo->pin))
|
|
|
|
|
errtext = L_("Invalid characters in PIN");
|
|
|
|
|
else if (pininfo->max_digits
|
|
|
|
|
&& strlen (pininfo->pin) > pininfo->max_digits)
|
|
|
|
|
errtext = L_("PIN too long");
|
|
|
|
|
else if (strlen (pininfo->pin) < pininfo->min_digits)
|
|
|
|
|
errtext = L_("PIN too short");
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-18 18:24:35 +02:00
|
|
|
|
if (!errtext && pininfo->check_cb && !is_generated)
|
2020-07-08 14:20:01 +02:00
|
|
|
|
{
|
|
|
|
|
/* More checks by utilizing the optional callback. */
|
|
|
|
|
pininfo->cb_errtext = NULL;
|
|
|
|
|
rc = pininfo->check_cb (pininfo);
|
|
|
|
|
/* When pinentry cache causes an error, return now. */
|
|
|
|
|
if (rc && (pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
|
2023-10-06 12:04:00 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_BAD_PIN
|
|
|
|
|
|| gpg_err_code (rc) == GPG_ERR_BAD_RESET_CODE)
|
2020-07-08 14:20:01 +02:00
|
|
|
|
{
|
|
|
|
|
if (pininfo->cb_errtext)
|
|
|
|
|
errtext = pininfo->cb_errtext;
|
2023-10-06 12:04:00 +02:00
|
|
|
|
else
|
2020-07-08 14:20:01 +02:00
|
|
|
|
errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
|
|
|
|
|
}
|
|
|
|
|
else if (rc)
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!errtext)
|
|
|
|
|
{
|
|
|
|
|
if (pininfo->with_repeat
|
|
|
|
|
&& (pininfo->status & PINENTRY_STATUS_PIN_REPEATED))
|
|
|
|
|
pininfo->repeat_okay = 1;
|
|
|
|
|
return unlock_pinentry (ctrl, 0); /* okay, got a PIN or passphrase */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
|
|
|
|
|
{
|
|
|
|
|
/* The password was read from the Pinentry's own cache.
|
|
|
|
|
Don't count this against the retry count. */
|
|
|
|
|
pininfo->failed_tries--;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return unlock_pinentry (ctrl, gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN
|
|
|
|
|
: GPG_ERR_BAD_PASSPHRASE));
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Pop up the PIN-entry, display the text and the prompt and ask the
|
2005-11-28 12:52:25 +01:00
|
|
|
|
user to confirm this. We return 0 for success, ie. the user
|
2003-06-05 09:14:21 +02:00
|
|
|
|
confirmed it, GPG_ERR_NOT_CONFIRMED for what the text says or an
|
2009-06-17 12:19:50 +02:00
|
|
|
|
other error. If WITH_CANCEL it true an extra cancel button is
|
|
|
|
|
displayed to allow the user to easily return a GPG_ERR_CANCELED.
|
|
|
|
|
if the Pinentry does not support this, the user can still cancel by
|
|
|
|
|
closing the Pinentry window. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
int
|
2005-11-28 12:52:25 +01:00
|
|
|
|
agent_get_confirmation (ctrl_t ctrl,
|
2011-02-04 12:57:53 +01:00
|
|
|
|
const char *desc, const char *ok,
|
2009-06-17 12:19:50 +02:00
|
|
|
|
const char *notok, int with_cancel)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
if (ctrl->pinentry_mode != PINENTRY_MODE_ASK)
|
|
|
|
|
{
|
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL)
|
|
|
|
|
return gpg_error (GPG_ERR_CANCELED);
|
|
|
|
|
|
2019-06-04 02:17:21 +02:00
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK)
|
|
|
|
|
return pinentry_loopback_confirm (ctrl, desc, 1, ok, notok);
|
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
return gpg_error (GPG_ERR_NO_PIN_ENTRY);
|
|
|
|
|
}
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = start_pinentry (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
if (desc)
|
2017-02-22 16:54:32 +01:00
|
|
|
|
build_cmd_setdesc (line, DIM(line), desc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
else
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "RESET");
|
2003-06-05 09:14:21 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
2006-10-04 18:45:04 +02:00
|
|
|
|
/* Most pinentries out in the wild return the old Assuan error code
|
|
|
|
|
for canceled which gets translated to an assuan Cancel error and
|
|
|
|
|
not to the code for a user cancel. Fix this here. */
|
|
|
|
|
if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
|
|
|
|
|
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
|
|
|
|
|
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
|
|
|
|
|
if (ok)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETOK %s", ok);
|
2009-06-17 12:19:50 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx,
|
|
|
|
|
line, NULL, NULL, NULL, NULL, NULL, NULL);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
2009-06-17 12:19:50 +02:00
|
|
|
|
if (notok)
|
2003-06-05 09:14:21 +02:00
|
|
|
|
{
|
2009-06-17 12:19:50 +02:00
|
|
|
|
/* Try to use the newer NOTOK feature if a cancel button is
|
2010-02-17 20:03:37 +01:00
|
|
|
|
requested. If no cancel button is requested we keep on using
|
2009-06-17 12:19:50 +02:00
|
|
|
|
the standard cancel. */
|
|
|
|
|
if (with_cancel)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETNOTOK %s", notok);
|
2009-06-17 12:19:50 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx,
|
|
|
|
|
line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
rc = GPG_ERR_ASS_UNKNOWN_CMD;
|
|
|
|
|
|
2009-04-14 22:36:14 +02:00
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_ASS_UNKNOWN_CMD)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETCANCEL %s", notok);
|
2009-06-17 12:19:50 +02:00
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
2009-04-14 22:36:14 +02:00
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
2019-06-28 02:33:30 +02:00
|
|
|
|
{
|
|
|
|
|
gnupg_fd_t sock_watched = ctrl->thread_startup.fd;
|
|
|
|
|
npth_t thread;
|
2006-10-16 19:36:44 +02:00
|
|
|
|
|
2019-06-28 02:33:30 +02:00
|
|
|
|
rc = watch_sock_start (&sock_watched, &thread);
|
2019-08-06 22:38:30 +02:00
|
|
|
|
if (!rc)
|
|
|
|
|
{
|
|
|
|
|
rc = assuan_transact (entry_ctx, "CONFIRM",
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc && gpg_err_source (rc)
|
|
|
|
|
&& gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
|
|
|
|
|
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
|
2019-06-28 02:33:30 +02:00
|
|
|
|
|
2019-08-06 22:38:30 +02:00
|
|
|
|
watch_sock_end (&sock_watched, &thread);
|
|
|
|
|
}
|
2019-06-28 02:33:30 +02:00
|
|
|
|
|
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
|
|
|
|
}
|
2003-06-05 09:14:21 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2007-08-27 20:10:27 +02:00
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
/* The thread running the popup message. */
|
|
|
|
|
static void *
|
|
|
|
|
popup_message_thread (void *arg)
|
|
|
|
|
{
|
2019-06-28 02:33:30 +02:00
|
|
|
|
gpg_error_t rc;
|
|
|
|
|
gnupg_fd_t sock_watched = *(gnupg_fd_t *)arg;
|
|
|
|
|
npth_t thread;
|
|
|
|
|
|
|
|
|
|
rc = watch_sock_start (&sock_watched, &thread);
|
|
|
|
|
if (rc)
|
|
|
|
|
return NULL;
|
2008-10-20 15:53:23 +02:00
|
|
|
|
|
2007-01-25 09:30:47 +01:00
|
|
|
|
/* We use the --one-button hack instead of the MESSAGE command to
|
|
|
|
|
allow the use of old Pinentries. Those old Pinentries will then
|
|
|
|
|
show an additional Cancel button but that is mostly a visual
|
|
|
|
|
annoyance. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
assuan_transact (entry_ctx, "CONFIRM --one-button",
|
2007-01-25 09:30:47 +01:00
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
2019-06-28 02:33:30 +02:00
|
|
|
|
watch_sock_end (&sock_watched, &thread);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
popup_finished = 1;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Pop up a message window similar to the confirm one but keep it open
|
|
|
|
|
until agent_popup_message_stop has been called. It is crucial for
|
|
|
|
|
the caller to make sure that the stop function gets called as soon
|
2006-11-20 17:49:41 +01:00
|
|
|
|
as the message is not anymore required because the message is
|
2005-11-28 12:52:25 +01:00
|
|
|
|
system modal and all other attempts to use the pinentry will fail
|
|
|
|
|
(after a timeout). */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
int
|
2007-01-25 09:30:47 +01:00
|
|
|
|
agent_popup_message_start (ctrl_t ctrl, const char *desc, const char *ok_btn)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_t tattr;
|
|
|
|
|
int err;
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
2011-03-03 18:35:08 +01:00
|
|
|
|
if (ctrl->pinentry_mode != PINENTRY_MODE_ASK)
|
2019-06-04 02:17:21 +02:00
|
|
|
|
{
|
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL)
|
|
|
|
|
return gpg_error (GPG_ERR_CANCELED);
|
|
|
|
|
|
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK)
|
|
|
|
|
return pinentry_loopback_confirm (ctrl, desc, 0, ok_btn, NULL);
|
|
|
|
|
|
|
|
|
|
return gpg_error (GPG_ERR_NO_PIN_ENTRY);
|
|
|
|
|
}
|
2011-03-03 18:35:08 +01:00
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
rc = start_pinentry (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
if (desc)
|
2017-02-22 16:54:32 +01:00
|
|
|
|
build_cmd_setdesc (line, DIM(line), desc);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
else
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "RESET");
|
2005-11-28 12:52:25 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
if (ok_btn)
|
|
|
|
|
{
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "SETOK %s", ok_btn);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
rc = assuan_transact (entry_ctx, line, NULL,NULL,NULL,NULL,NULL,NULL);
|
|
|
|
|
if (rc)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
|
|
|
|
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
err = npth_attr_init (&tattr);
|
|
|
|
|
if (err)
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, gpg_error_from_errno (err));
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_setdetachstate (&tattr, NPTH_CREATE_JOINABLE);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
popup_finished = 0;
|
2019-06-28 02:33:30 +02:00
|
|
|
|
err = npth_create (&popup_tid, &tattr, popup_message_thread,
|
|
|
|
|
&ctrl->thread_startup.fd);
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_attr_destroy (&tattr);
|
|
|
|
|
if (err)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
{
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
rc = gpg_error_from_errno (err);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
log_error ("error spawning popup message handler: %s\n",
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
strerror (err) );
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
npth_setname_np (popup_tid, "popup-message");
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Close a popup window. */
|
|
|
|
|
void
|
|
|
|
|
agent_popup_message_stop (ctrl_t ctrl)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
2008-10-20 15:53:23 +02:00
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
2019-06-04 02:17:21 +02:00
|
|
|
|
if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK)
|
|
|
|
|
return;
|
|
|
|
|
|
2005-11-28 12:52:25 +01:00
|
|
|
|
if (!popup_tid || !entry_ctx)
|
|
|
|
|
{
|
|
|
|
|
log_debug ("agent_popup_message_stop called with no active popup\n");
|
2011-02-04 12:57:53 +01:00
|
|
|
|
return;
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 06:25:00 +02:00
|
|
|
|
if (popup_finished)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
; /* Already finished and ready for joining. */
|
2023-05-30 06:25:00 +02:00
|
|
|
|
else
|
|
|
|
|
assuan_pipe_kill_server (entry_ctx);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
/* Now wait for the thread to terminate. */
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
rc = npth_join (popup_tid, NULL);
|
2013-01-25 06:17:29 +01:00
|
|
|
|
if (rc)
|
2005-11-28 12:52:25 +01:00
|
|
|
|
log_debug ("agent_popup_message_stop: pth_join failed: %s\n",
|
2013-01-25 06:17:29 +01:00
|
|
|
|
strerror (rc));
|
Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-03 22:12:37 +01:00
|
|
|
|
/* Thread IDs are opaque, but we try our best here by resetting it
|
|
|
|
|
to the same content that a static global variable has. */
|
|
|
|
|
memset (&popup_tid, '\0', sizeof (popup_tid));
|
2005-11-28 12:52:25 +01:00
|
|
|
|
|
|
|
|
|
/* Now we can close the connection. */
|
2017-10-27 02:54:48 +02:00
|
|
|
|
unlock_pinentry (ctrl, 0);
|
2005-11-28 12:52:25 +01:00
|
|
|
|
}
|
2015-05-19 15:00:16 +02:00
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
agent_clear_passphrase (ctrl_t ctrl,
|
|
|
|
|
const char *keyinfo, cache_mode_t cache_mode)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
char line[ASSUAN_LINELENGTH];
|
|
|
|
|
|
|
|
|
|
if (! (keyinfo && (cache_mode == CACHE_MODE_NORMAL
|
|
|
|
|
|| cache_mode == CACHE_MODE_USER
|
|
|
|
|
|| cache_mode == CACHE_MODE_SSH)))
|
|
|
|
|
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
|
|
|
|
|
|
|
|
|
rc = start_pinentry (ctrl);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 05:04:46 +02:00
|
|
|
|
snprintf (line, DIM(line), "CLEARPASSPHRASE %c/%s",
|
2015-05-19 15:00:16 +02:00
|
|
|
|
cache_mode == CACHE_MODE_USER? 'u' :
|
|
|
|
|
cache_mode == CACHE_MODE_SSH? 's' : 'n',
|
|
|
|
|
keyinfo);
|
|
|
|
|
rc = assuan_transact (entry_ctx, line,
|
|
|
|
|
NULL, NULL, NULL, NULL, NULL, NULL);
|
|
|
|
|
|
2017-10-27 02:54:48 +02:00
|
|
|
|
return unlock_pinentry (ctrl, rc);
|
2015-05-19 15:00:16 +02:00
|
|
|
|
}
|