agent: Use the sysconfdir for a pattern file.

* agent/genkey.c (do_check_passphrase_pattern): Use make_filename.
2024-12-22 10:19:57 +01:00 · 2021-08-20 16:22:05 +02:00 · 2021-08-20 16:22:05 +02:00 · 5ed8e598fa
commit 5ed8e598fa
parent db5dc7a91a
2 changed files with 35 additions and 5 deletions
--- a/agent/genkey.c
+++ b/agent/genkey.c
@ -25,6 +25,7 @@
 #include <string.h>
 #include <ctype.h>
 #include <assert.h>
+#include <unistd.h>

 #include "agent.h"
 #include "../common/i18n.h"
@ -103,6 +104,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
  pid_t pid;
  int result, i;
  const char *pattern;
+  char *patternfname;

  (void)ctrl;

@ -113,11 +115,34 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
  if (!pattern)
    return 1; /* Oops - Assume password should not be used  */

+  if (strchr (pattern, '/') || strchr (pattern, '\\')
+      || (*pattern == '~' && pattern[1] == '/'))
+    patternfname = make_absfilename_try (pattern, NULL);
+  else
+    patternfname = make_filename_try (gnupg_sysconfdir (), pattern, NULL);
+  if (!patternfname)
+    {
+      log_error ("error making filename from '%s': %s\n",
+                 pattern, gpg_strerror (gpg_error_from_syserror ()));
+      return 1; /* Do not pass the check.  */
+    }
+
+  /* Make debugging a broken config easier by printing a useful error
+   * message.  */
+  if (gnupg_access (patternfname, F_OK))
+    {
+      log_error ("error accessing '%s': %s\n",
+                 patternfname, gpg_strerror (gpg_error_from_syserror ()));
+      xfree (patternfname);
+      return 1; /* Do not pass the check.  */
+    }
+
  infp = gnupg_tmpfile ();
  if (!infp)
    {
      err = gpg_error_from_syserror ();
      log_error (_("error creating temporary file: %s\n"), gpg_strerror (err));
+      xfree (patternfname);
      return 1; /* Error - assume password should not be used.  */
    }

@ -127,6 +152,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
      log_error (_("error writing to temporary file: %s\n"),
                 gpg_strerror (err));
      fclose (infp);
+      xfree (patternfname);
      return 1; /* Error - assume password should not be used.  */
    }
  fseek (infp, 0, SEEK_SET);
@ -135,7 +161,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
  i = 0;
  argv[i++] = "--null";
  argv[i++] = "--",
-  argv[i++] = pattern,
+  argv[i++] = patternfname,
  argv[i] = NULL;
  assert (i < sizeof argv);

@ -154,6 +180,8 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
    putc ('\xff', infp);
  fflush (infp);
  fclose (infp);
+
+  xfree (patternfname);
  return result;
 }

--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -453,10 +453,12 @@ to 1.
@opindex check-sym-passphrase-pattern
 Check the passphrase against the pattern given in @var{file}.  When
 entering a new passphrase matching one of these pattern a warning will
-be displayed. @var{file} should be an absolute filename.  The default
-is not to use any pattern file.  The second version of this option is
-only used when creating a new symmetric key to allow the use of
-different patterns for such passphrases.
+be displayed.  If @var{file} does not contain any slashes and does not
+start with "~/" it is searched in the system configuration directory
+(@file{@value{SYSCONFDIR}}).  The default is not to use any
+pattern file.  The second version of this option is only used when
+creating a new symmetric key to allow the use of different patterns
+for such passphrases.

 Security note: It is known that checking a passphrase against a list of
 pattern or even against a complete dictionary is not very effective to