1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00

tkd: Implement finalizer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2023-03-15 14:44:18 +09:00
parent 5d515d7059
commit 4a48149d84
No known key found for this signature in database
GPG Key ID: 640114AF89DE6054
3 changed files with 113 additions and 8 deletions

View File

@ -181,6 +181,55 @@ pin_cb (void *opaque, const char *info, char **retstr)
} }
#endif #endif
static const char hlp_getinfo[] =
"GETINFO <what>\n"
"\n"
"Multi purpose command to return certain information. \n"
"Supported values of WHAT are:\n"
"\n"
" version - Return the version of the program.\n"
" pid - Return the process id of the server.\n"
" socket_name - Return the name of the socket.\n"
" connections - Return number of active connections.";
static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line)
{
int rc = 0;
const char *s;
if (!strcmp (line, "version"))
{
s = VERSION;
rc = assuan_send_data (ctx, s, strlen (s));
}
else if (!strcmp (line, "pid"))
{
char numbuf[50];
snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ());
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
}
else if (!strcmp (line, "socket_name"))
{
s = tkd_get_socket_name ();
if (s)
rc = assuan_send_data (ctx, s, strlen (s));
else
rc = gpg_error (GPG_ERR_NO_DATA);
}
else if (!strcmp (line, "connections"))
{
char numbuf[20];
snprintf (numbuf, sizeof numbuf, "%d", get_active_connection_count ());
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
}
else
rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
return rc;
}
/* SLOTLIST command /* SLOTLIST command
* A command to (re)scan for available keys, something like SERIALNO * A command to (re)scan for available keys, something like SERIALNO
* command of scdaemon. * command of scdaemon.
@ -199,7 +248,7 @@ cmd_slotlist (assuan_context_t ctx, char *line)
line = skip_options (line); line = skip_options (line);
(void)line; (void)line;
err = token_slotlist (ctrl, ctx); err = token_init (ctrl, ctx);
return err; return err;
} }
@ -386,6 +435,7 @@ register_commands (assuan_context_t ctx)
{ "PKSIGN", cmd_pksign, hlp_pksign }, { "PKSIGN", cmd_pksign, hlp_pksign },
{ "KILLTKD", cmd_killtkd, hlp_killtkd }, { "KILLTKD", cmd_killtkd, hlp_killtkd },
{ "KEYINFO", cmd_keyinfo, hlp_keyinfo }, { "KEYINFO", cmd_keyinfo, hlp_keyinfo },
{ "GETINFO", cmd_getinfo, hlp_getinfo },
{ NULL } { NULL }
}; };
int i, rc; int i, rc;

View File

@ -85,6 +85,7 @@ struct token {
}; };
struct cryptoki { struct cryptoki {
void *handle; /* DL handle to PKCS#11 Module. */
struct ck_function_list *f; struct ck_function_list *f;
int num_slots; int num_slots;
struct token token_list[MAX_SLOTS]; struct token token_list[MAX_SLOTS];
@ -101,6 +102,9 @@ get_function_list (struct cryptoki *ck, const char *libname)
{ {
unsigned long err = 0; unsigned long err = 0;
unsigned long (*p_func) (struct ck_function_list **); unsigned long (*p_func) (struct ck_function_list **);
if (ck->handle == NULL)
{
void *handle; void *handle;
handle = dlopen (libname, RTLD_NOW); handle = dlopen (libname, RTLD_NOW);
@ -109,7 +113,10 @@ get_function_list (struct cryptoki *ck, const char *libname)
return -1; return -1;
} }
p_func = (CK_C_GetFunctionList)dlsym (handle, "C_GetFunctionList"); ck->handle = handle;
}
p_func = (CK_C_GetFunctionList)dlsym (ck->handle, "C_GetFunctionList");
if (p_func == NULL) if (p_func == NULL)
{ {
return -1; return -1;
@ -978,7 +985,7 @@ do_pksign (struct key *key, int hash_algo,
gpg_error_t gpg_error_t
token_slotlist (ctrl_t ctrl, assuan_context_t ctx) token_init (ctrl_t ctrl, assuan_context_t ctx)
{ {
gpg_error_t err = 0; gpg_error_t err = 0;
@ -1067,6 +1074,51 @@ token_slotlist (ctrl_t ctrl, assuan_context_t ctx)
return err; return err;
} }
gpg_error_t
token_fini (ctrl_t ctrl, assuan_context_t ctx)
{
long r;
struct cryptoki *ck = ck_instance;
int i;
(void)ctrl;
(void)ctx;
for (i = 0; i < ck->num_slots; i++)
{
struct token *token = &ck->token_list[i];
if (!token->valid)
continue;
if (token->login_required)
logout (token);
r = close_session (token);
if (r)
{
log_error ("Error at close_session: %ld\n", r);
continue;
}
token->valid = 0;
}
ck->num_slots = 0;
r = ck->f->C_Finalize (NULL);
if (r)
{
return -1;
}
dlclose (ck->handle);
ck->handle = NULL;
return 0;
}
gpg_error_t gpg_error_t
token_sign (ctrl_t ctrl, assuan_context_t ctx, token_sign (ctrl_t ctrl, assuan_context_t ctx,
const char *keygrip, int hash_algo, const char *keygrip, int hash_algo,

View File

@ -94,6 +94,7 @@ struct server_control_s
void tkd_exit (int rc); void tkd_exit (int rc);
void tkd_kick_the_loop (void); void tkd_kick_the_loop (void);
const char *tkd_get_socket_name (void); const char *tkd_get_socket_name (void);
int get_active_connection_count (void);
/*-- command.c --*/ /*-- command.c --*/
gpg_error_t initialize_module_command (void); gpg_error_t initialize_module_command (void);
@ -109,7 +110,9 @@ void send_keyinfo (ctrl_t ctrl, int data, const char *keygrip_str,
const char *usage); const char *usage);
/*-- pkcs11.c --*/ /*-- pkcs11.c --*/
gpg_error_t token_slotlist (ctrl_t ctrl, assuan_context_t ctx); gpg_error_t token_init (ctrl_t ctrl, assuan_context_t ctx);
gpg_error_t token_fini (ctrl_t ctrl, assuan_context_t ctx);
gpg_error_t token_sign (ctrl_t ctrl, assuan_context_t ctx, gpg_error_t token_sign (ctrl_t ctrl, assuan_context_t ctx,
const char *keygrip, int hash_algo, const char *keygrip, int hash_algo,
unsigned char **r_outdata, unsigned char **r_outdata,