« back to all changes in this revision
Viewing changes to agent/command.c
- browse files at revision 17
- compare with another revision
- download diff
- download tarball
- view history from revision 17
- Committer: Bazaar Package Importer
- Author(s): Marc Deslauriers
- Date: 2011-05-25 14:27:35 UTC
- mfrom: (1.1.15 upstream) (7.1.7 sid)
- Revision ID: james.westby@ubuntu.com-20110525142735-jccyw0fopnyv728q
Tags: 2.0.17-2ubuntu1
* Merge from debian unstable. Remaining changes:
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.dev: udev rules to set ACLs on SCM smartcard readers.
. debian/rules: Call dh_installudev.
- debian/control: Rename Vcs-* to XS-Debian-Vcs-*.
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
. debian/gnupg2.dev: udev rules to set ACLs on SCM smartcard readers.
. debian/rules: Call dh_installudev.
- debian/control: Rename Vcs-* to XS-Debian-Vcs-*.
- files added:
- .pc/debian-changes-2.0.17-2
- .pc/debian-changes-2.0.17-2ubuntu1
- files removed:
- .pc/01-gnupg2-rename.diff/doc
- .pc/02-encode-s2k.diff
- .pc/02-encode-s2k.diff/agent
- .pc/03-gpgsm-realloc.diff
- .pc/03-gpgsm-realloc.diff/kbx
- .pc/debian-changes-2.0.14-2
- files modified:
- .pc/01-gnupg2-rename.diff/configure.ac
added
removed
agent/command.c
34
34
#include <sys/stat.h>
35
35
#include <dirent.h>
36
36
37
#include "agent.h"
37
38
#include <assuan.h>
38
39
39
#include "i18n.h"
40
#include "agent.h"
41
40
42
41
/* maximum allowed size of the inquired ciphertext */
43
42
#define MAXLEN_CIPHERTEXT 4096
60
59
char *keydesc; /* Allocated description for the next key
61
60
operation. */
62
61
int pause_io_logging; /* Used to suppress I/O logging during a command */
63
#ifdef HAVE_W32_SYSTEM
64
62
int stopme; /* If set to true the agent will be terminated after
65
63
the end of this session. */
66
#endif
67
64
int allow_pinentry_notify; /* Set if pinentry notifications should
68
65
be done. */
69
66
};
133
130
static gpg_error_t
134
131
write_and_clear_outbuf (assuan_context_t ctx, membuf_t *mb)
135
132
{
136
assuan_error_t ae;
133
gpg_error_t ae;
137
134
void *p;
138
135
size_t n;
139
136
147
144
}
148
145
149
146
150
static void
151
reset_notify (assuan_context_t ctx)
147
static gpg_error_t
148
reset_notify (assuan_context_t ctx, char *line)
152
149
{
153
150
ctrl_t ctrl = assuan_get_pointer (ctx);
154
151
152
(void) line;
153
155
154
memset (ctrl->keygrip, 0, 20);
156
155
ctrl->have_keygrip = 0;
157
156
ctrl->digest.valuelen = 0;
158
157
159
158
xfree (ctrl->server_local->keydesc);
160
159
ctrl->server_local->keydesc = NULL;
160
return 0;
161
161
}
162
162
163
163
262
262
parse_keygrip (assuan_context_t ctx, const char *string, unsigned char *buf)
263
263
{
264
264
int rc;
265
size_t n;
265
size_t n = 0;
266
266
267
267
rc = parse_hexstring (ctx, string, &n);
268
268
if (rc)
341
341
342
342
343
343
344
/* GETEVENTCOUNTER
345
346
Return a a status line named EVENTCOUNTER with the current values
347
of all event counters. The values are decimal numbers in the range
348
0 to UINT_MAX and wrapping around to 0. The actual values should
349
not be relied upon, they shall only be used to detect a change.
350
351
The currently defined counters are:
352
353
ANY - Incremented with any change of any of the other counters.
354
KEY - Incremented for added or removed private keys.
355
CARD - Incremented for changes of the card readers stati.
356
*/
357
static int
344
static const char hlp_geteventcounter[] =
345
"GETEVENTCOUNTER\n"
346
"\n"
347
"Return a a status line named EVENTCOUNTER with the current values\n"
348
"of all event counters. The values are decimal numbers in the range\n"
349
"0 to UINT_MAX and wrapping around to 0. The actual values should\n"
350
"not be relied upon, they shall only be used to detect a change.\n"
351
"\n"
352
"The currently defined counters are:\n"
353
"\n"
354
"ANY - Incremented with any change of any of the other counters.\n"
355
"KEY - Incremented for added or removed private keys.\n"
356
"CARD - Incremented for changes of the card readers stati.";
357
static gpg_error_t
358
358
cmd_geteventcounter (assuan_context_t ctx, char *line)
359
359
{
360
360
ctrl_t ctrl = assuan_get_pointer (ctx);
399
399
400
400
401
401
402
/* ISTRUSTED <hexstring_with_fingerprint>
403
404
Return OK when we have an entry with this fingerprint in our
405
trustlist */
406
static int
402
static const char hlp_istrusted[] =
403
"ISTRUSTED <hexstring_with_fingerprint>\n"
404
"\n"
405
"Return OK when we have an entry with this fingerprint in our\n"
406
"trustlist";
407
static gpg_error_t
407
408
cmd_istrusted (assuan_context_t ctx, char *line)
408
409
{
409
410
ctrl_t ctrl = assuan_get_pointer (ctx);
437
438
}
438
439
}
439
440
440
/* LISTTRUSTED
441
441
442
List all entries from the trustlist */
443
static int
442
static const char hlp_listtrusted[] =
443
"LISTTRUSTED\n"
444
"\n"
445
"List all entries from the trustlist.";
446
static gpg_error_t
444
447
cmd_listtrusted (assuan_context_t ctx, char *line)
445
448
{
446
449
int rc;
454
457
}
455
458
456
459
457
/* MARKTRUSTED <hexstring_with_fingerprint> <flag> <display_name>
458
459
Store a new key in into the trustlist*/
460
static int
460
static const char hlp_martrusted[] =
461
"MARKTRUSTED <hexstring_with_fingerprint> <flag> <display_name>\n"
462
"\n"
463
"Store a new key in into the trustlist.";
464
static gpg_error_t
461
465
cmd_marktrusted (assuan_context_t ctx, char *line)
462
466
{
463
467
ctrl_t ctrl = assuan_get_pointer (ctx);
498
502
499
503
500
504
501
/* HAVEKEY <hexstring_with_keygrip>
502
503
Return success when the secret key is available */
504
static int
505
static const char hlp_havekey[] =
506
"HAVEKEY <hexstring_with_keygrip>\n"
507
"\n"
508
"Return success when the secret key is available.";
509
static gpg_error_t
505
510
cmd_havekey (assuan_context_t ctx, char *line)
506
511
{
507
512
int rc;
518
523
}
519
524
520
525
521
/* SIGKEY <hexstring_with_keygrip>
522
SETKEY <hexstring_with_keygrip>
523
524
Set the key used for a sign or decrypt operation */
525
static int
526
static const char hlp_sigkey[] =
527
"SIGKEY <hexstring_with_keygrip>\n"
528
"SETKEY <hexstring_with_keygrip>\n"
529
"\n"
530
"Set the key used for a sign or decrypt operation.";
531
static gpg_error_t
526
532
cmd_sigkey (assuan_context_t ctx, char *line)
527
533
{
528
534
int rc;
536
542
}
537
543
538
544
539
/* SETKEYDESC plus_percent_escaped_string
540
541
Set a description to be used for the next PKSIGN or PKDECRYPT
542
operation if this operation requires the entry of a passphrase. If
543
this command is not used a default text will be used. Note, that
544
this description implictly selects the label used for the entry
545
box; if the string contains the string PIN (which in general will
546
not be translated), "PIN" is used, otherwise the translation of
547
"passphrase" is used. The description string should not contain
548
blanks unless they are percent or '+' escaped.
549
550
The description is only valid for the next PKSIGN or PKDECRYPT
551
operation.
552
*/
553
static int
545
static const char hlp_setkeydesc[] =
546
"SETKEYDESC plus_percent_escaped_string\n"
547
"\n"
548
"Set a description to be used for the next PKSIGN or PKDECRYPT\n"
549
"operation if this operation requires the entry of a passphrase. If\n"
550
"this command is not used a default text will be used. Note, that\n"
551
"this description implictly selects the label used for the entry\n"
552
"box; if the string contains the string PIN (which in general will\n"
553
"not be translated), \"PIN\" is used, otherwise the translation of\n"
554
"\"passphrase\" is used. The description string should not contain\n"
555
"blanks unless they are percent or '+' escaped.\n"
556
"\n"
557
"The description is only valid for the next PKSIGN or PKDECRYPT\n"
558
"operation.";
559
static gpg_error_t
554
560
cmd_setkeydesc (assuan_context_t ctx, char *line)
555
561
{
556
562
ctrl_t ctrl = assuan_get_pointer (ctx);
580
586
}
581
587
582
588
583
/* SETHASH --hash=<name>|<algonumber> <hexstring>
584
585
The client can use this command to tell the server about the data
586
(which usually is a hash) to be signed. */
587
static int
589
static const char hlp_sethash[] =
590
"SETHASH --hash=<name>|<algonumber> <hexstring>\n"
591
"\n"
592
"The client can use this command to tell the server about the data\n"
593
"(which usually is a hash) to be signed.";
594
static gpg_error_t
588
595
cmd_sethash (assuan_context_t ctx, char *line)
589
596
{
590
597
int rc;
635
642
ctrl->digest.algo = algo;
636
643
637
644
/* Parse the hash value. */
645
n = 0;
638
646
rc = parse_hexstring (ctx, line, &n);
639
647
if (rc)
640
648
return rc;
658
666
}
659
667
660
668
661
/* PKSIGN <options>
662
663
Perform the actual sign operation. Neither input nor output are
664
sensitive to eavesdropping. */
665
static int
669
static const char hlp_pksign[] =
670
"PKSIGN [options]\n"
671
"\n"
672
"Perform the actual sign operation. Neither input nor output are\n"
673
"sensitive to eavesdropping.";
674
static gpg_error_t
666
675
cmd_pksign (assuan_context_t ctx, char *line)
667
676
{
668
677
int rc;
692
701
return rc;
693
702
}
694
703
695
/* PKDECRYPT <options>
696
704
697
Perform the actual decrypt operation. Input is not
698
sensitive to eavesdropping */
699
static int
705
static const char hlp_pkdecrypt[] =
706
"PKDECRYPT <options>\n"
707
"\n"
708
"Perform the actual decrypt operation. Input is not\n"
709
"sensitive to eavesdropping.";
710
static gpg_error_t
700
711
cmd_pkdecrypt (assuan_context_t ctx, char *line)
701
712
{
702
713
int rc;
730
741
}
731
742
732
743
733
/* GENKEY
734
735
Generate a new key, store the secret part and return the public
736
part. Here is an example transaction:
737
738
C: GENKEY
739
S: INQUIRE KEYPARAM
740
C: D (genkey (rsa (nbits 1024)))
741
C: END
742
S: D (public-key
743
S: D (rsa (n 326487324683264) (e 10001)))
744
S OK key created
745
*/
746
747
static int
744
static const char hlp_genkey[] =
745
"GENKEY\n"
746
"\n"
747
"Generate a new key, store the secret part and return the public\n"
748
"part. Here is an example transaction:\n"
749
"\n"
750
" C: GENKEY\n"
751
" S: INQUIRE KEYPARAM\n"
752
" C: D (genkey (rsa (nbits 1024)))\n"
753
" C: END\n"
754
" S: D (public-key\n"
755
" S: D (rsa (n 326487324683264) (e 10001)))\n"
756
" S: OK key created\n"
757
"\n";
758
static gpg_error_t
748
759
cmd_genkey (assuan_context_t ctx, char *line)
749
760
{
750
761
ctrl_t ctrl = assuan_get_pointer (ctx);
776
787
777
788
778
789
779
/* READKEY <hexstring_with_keygrip>
780
781
Return the public key for the given keygrip. */
782
static int
790
static const char hlp_readkey[] =
791
"READKEY <hexstring_with_keygrip>\n"
792
"\n"
793
"Return the public key for the given keygrip.";
794
static gpg_error_t
783
795
cmd_readkey (assuan_context_t ctx, char *line)
784
796
{
785
797
ctrl_t ctrl = assuan_get_pointer (ctx);
819
831
820
832
821
833
822
/* KEYINFO [--list] <keygrip>
823
824
Return information about the key specified by the KEYGRIP. If the
825
key is not available GPG_ERR_NOT_FOUND is returned. If the option
826
--list is given the keygrip is ignored and information about all
827
available keys are returned. The information is returned as a
828
status line with this format:
829
830
KEYINFO <keygrip> <type> <serialno> <idstr>
831
832
KEYGRIP is the keygrip.
833
834
TYPE is describes the type of the key:
835
'D' - Regular key stored on disk,
836
'T' - Key is stored on a smartcard (token).
837
'-' - Unknown type.
838
839
SERIALNO is an ASCII string with the serial number of the
840
smartcard. If the serial number is not known a single
841
dash '-' is used instead.
842
843
IDSTR is the IDSTR used to distinguish keys on a smartcard. If it
844
is not known a dash is used instead.
845
846
More information may be added in the future.
847
*/
834
static const char hlp_keyinfo[] =
835
"KEYINFO [--list] <keygrip>\n"
836
"\n"
837
"Return information about the key specified by the KEYGRIP. If the\n"
838
"key is not available GPG_ERR_NOT_FOUND is returned. If the option\n"
839
"--list is given the keygrip is ignored and information about all\n"
840
"available keys are returned. The information is returned as a\n"
841
"status line with this format:\n"
842
"\n"
843
" KEYINFO <keygrip> <type> <serialno> <idstr>\n"
844
"\n"
845
"KEYGRIP is the keygrip.\n"
846
"\n"
847
"TYPE is describes the type of the key:\n"
848
" 'D' - Regular key stored on disk,\n"
849
" 'T' - Key is stored on a smartcard (token).\n"
850
" '-' - Unknown type.\n"
851
"\n"
852
"SERIALNO is an ASCII string with the serial number of the\n"
853
" smartcard. If the serial number is not known a single\n"
854
" dash '-' is used instead.\n"
855
"\n"
856
"IDSTR is the IDSTR used to distinguish keys on a smartcard. If it\n"
857
" is not known a dash is used instead.\n"
858
"\n"
859
"More information may be added in the future.";
848
860
static gpg_error_t
849
861
do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip)
850
862
{
892
904
}
893
905
894
906
895
static int
907
static gpg_error_t
896
908
cmd_keyinfo (assuan_context_t ctx, char *line)
897
909
{
898
910
ctrl_t ctrl = assuan_get_pointer (ctx);
986
998
}
987
999
988
1000
989
/* GET_PASSPHRASE [--data] [--check] [--no-ask] [--repeat[=N]]
990
[--qualitybar] <cache_id>
991
[<error_message> <prompt> <description>]
992
993
This function is usually used to ask for a passphrase to be used
994
for conventional encryption, but may also be used by programs which
995
need specal handling of passphrases. This command uses a syntax
996
which helps clients to use the agent with minimum effort. The
997
agent either returns with an error or with a OK followed by the hex
998
encoded passphrase. Note that the length of the strings is
999
implicitly limited by the maximum length of a command.
1000
1001
If the option "--data" is used the passphrase is returned by usual
1002
data lines and not on the okay line.
1003
1004
If the option "--check" is used the passphrase constraints checks as
1005
implemented by gpg-agent are applied. A check is not done if the
1006
passphrase has been found in the cache.
1007
1008
If the option "--no-ask" is used and the passphrase is not in the
1009
cache the user will not be asked to enter a passphrase but the error
1010
code GPG_ERR_NO_DATA is returned.
1011
1012
If the option "--qualitybar" is used a visual indication of the
1013
entered passphrase quality is shown. (Unless no minimum passphrase
1014
length has been configured.)
1015
*/
1016
1017
static int
1001
static const char hlp_get_passphrase[] =
1002
"GET_PASSPHRASE [--data] [--check] [--no-ask] [--repeat[=N]]\n"
1003
" [--qualitybar] <cache_id>\n"
1004
" [<error_message> <prompt> <description>]\n"
1005
"\n"
1006
"This function is usually used to ask for a passphrase to be used\n"
1007
"for conventional encryption, but may also be used by programs which\n"
1008
"need specal handling of passphrases. This command uses a syntax\n"
1009
"which helps clients to use the agent with minimum effort. The\n"
1010
"agent either returns with an error or with a OK followed by the hex\n"
1011
"encoded passphrase. Note that the length of the strings is\n"
1012
"implicitly limited by the maximum length of a command.\n"
1013
"\n"
1014
"If the option \"--data\" is used the passphrase is returned by usual\n"
1015
"data lines and not on the okay line.\n"
1016
"\n"
1017
"If the option \"--check\" is used the passphrase constraints checks as\n"
1018
"implemented by gpg-agent are applied. A check is not done if the\n"
1019
"passphrase has been found in the cache.\n"
1020
"\n"
1021
"If the option \"--no-ask\" is used and the passphrase is not in the\n"
1022
"cache the user will not be asked to enter a passphrase but the error\n"
1023
"code GPG_ERR_NO_DATA is returned. \n"
1024
"\n"
1025
"If the option \"--qualitybar\" is used a visual indication of the\n"
1026
"entered passphrase quality is shown. (Unless no minimum passphrase\n"
1027
"length has been configured.)";
1028
static gpg_error_t
1018
1029
cmd_get_passphrase (assuan_context_t ctx, char *line)
1019
1030
{
1020
1031
ctrl_t ctrl = assuan_get_pointer (ctx);
1161
1172
}
1162
1173
1163
1174
1164
/* CLEAR_PASSPHRASE <cache_id>
1165
1166
may be used to invalidate the cache entry for a passphrase. The
1167
function returns with OK even when there is no cached passphrase.
1168
*/
1169
1170
static int
1175
static const char hlp_clear_passphrase[] =
1176
"CLEAR_PASSPHRASE <cache_id>\n"
1177
"\n"
1178
"may be used to invalidate the cache entry for a passphrase. The\n"
1179
"function returns with OK even when there is no cached passphrase.";
1180
static gpg_error_t
1171
1181
cmd_clear_passphrase (assuan_context_t ctx, char *line)
1172
1182
{
1173
1183
char *cacheid = NULL;
1188
1198
}
1189
1199
1190
1200
1191
/* GET_CONFIRMATION <description>
1192
1193
This command may be used to ask for a simple confirmation.
1194
DESCRIPTION is displayed along with a Okay and Cancel button. This
1195
command uses a syntax which helps clients to use the agent with
1196
minimum effort. The agent either returns with an error or with a
1197
OK. Note, that the length of DESCRIPTION is implicitly limited by
1198
the maximum length of a command. DESCRIPTION should not contain
1199
any spaces, those must be encoded either percent escaped or simply
1200
as '+'.
1201
*/
1202
1203
static int
1201
static const char hlp_get_confirmation[] =
1202
"GET_CONFIRMATION <description>\n"
1203
"\n"
1204
"This command may be used to ask for a simple confirmation.\n"
1205
"DESCRIPTION is displayed along with a Okay and Cancel button. This\n"
1206
"command uses a syntax which helps clients to use the agent with\n"
1207
"minimum effort. The agent either returns with an error or with a\n"
1208
"OK. Note, that the length of DESCRIPTION is implicitly limited by\n"
1209
"the maximum length of a command. DESCRIPTION should not contain\n"
1210
"any spaces, those must be encoded either percent escaped or simply\n"
1211
"as '+'.";
1212
static gpg_error_t
1204
1213
cmd_get_confirmation (assuan_context_t ctx, char *line)
1205
1214
{
1206
1215
ctrl_t ctrl = assuan_get_pointer (ctx);
1237
1246
1238
1247
1239
1248
1240
/* LEARN [--send]
1241
1242
Learn something about the currently inserted smartcard. With
1243
--send the new certificates are send back. */
1244
static int
1249
static const char hlp_learn[] =
1250
"LEARN [--send]\n"
1251
"\n"
1252
"Learn something about the currently inserted smartcard. With\n"
1253
"--send the new certificates are send back.";
1254
static gpg_error_t
1245
1255
cmd_learn (assuan_context_t ctx, char *line)
1246
1256
{
1247
1257
ctrl_t ctrl = assuan_get_pointer (ctx);
1255
1265
1256
1266
1257
1267
1258
/* PASSWD <hexstring_with_keygrip>
1259
1260
Change the passphrase/PIN for the key identified by keygrip in LINE. */
1261
static int
1268
static const char hlp_passwd[] =
1269
"PASSWD <hexstring_with_keygrip>\n"
1270
"\n"
1271
"Change the passphrase/PIN for the key identified by keygrip in LINE.";
1272
static gpg_error_t
1262
1273
cmd_passwd (assuan_context_t ctx, char *line)
1263
1274
{
1264
1275
ctrl_t ctrl = assuan_get_pointer (ctx);
1297
1308
return rc;
1298
1309
}
1299
1310
1300
/* PRESET_PASSPHRASE <string_or_keygrip> <timeout> <hexstring>
1301
1302
Set the cached passphrase/PIN for the key identified by the keygrip
1303
to passwd for the given time, where -1 means infinite and 0 means
1304
the default (currently only a timeout of -1 is allowed, which means
1305
to never expire it). If passwd is not provided, ask for it via the
1306
pinentry module. */
1307
static int
1311
1312
static const char hlp_preset_passphrase[] =
1313
"PRESET_PASSPHRASE <string_or_keygrip> <timeout> <hexstring>\n"
1314
"\n"
1315
"Set the cached passphrase/PIN for the key identified by the keygrip\n"
1316
"to passwd for the given time, where -1 means infinite and 0 means\n"
1317
"the default (currently only a timeout of -1 is allowed, which means\n"
1318
"to never expire it). If passwd is not provided, ask for it via the\n"
1319
"pinentry module.";
1320
static gpg_error_t
1308
1321
cmd_preset_passphrase (assuan_context_t ctx, char *line)
1309
1322
{
1310
1323
int rc;
1336
1349
line++;
1337
1350
1338
1351
/* Syntax check the hexstring. */
1352
len = 0;
1339
1353
rc = parse_hexstring (ctx, line, &len);
1340
1354
if (rc)
1341
1355
return rc;
1362
1376
return rc;
1363
1377
}
1364
1378
1379
1365
1380
1366
/* SCD <commands to pass to the scdaemon>
1367
1368
This is a general quote command to redirect everything to the
1369
SCDAEMON. */
1370
static int
1381
static const char hlp_scd[] =
1382
"SCD <commands to pass to the scdaemon>\n"
1383
" \n"
1384
"This is a general quote command to redirect everything to the\n"
1385
"SCdaemon.";
1386
static gpg_error_t
1371
1387
cmd_scd (assuan_context_t ctx, char *line)
1372
1388
{
1373
1389
ctrl_t ctrl = assuan_get_pointer (ctx);
1380
1396
1381
1397
1382
1398
1383
/* GETVAL <key>
1384
1385
Return the value for KEY from the special environment as created by
1386
PUTVAL.
1387
*/
1388
static int
1399
static const char hlp_getval[] =
1400
"GETVAL <key>\n"
1401
"\n"
1402
"Return the value for KEY from the special environment as created by\n"
1403
"PUTVAL.";
1404
static gpg_error_t
1389
1405
cmd_getval (assuan_context_t ctx, char *line)
1390
1406
{
1391
1407
int rc = 0;
1424
1440
}
1425
1441
1426
1442
1427
/* PUTVAL <key> [<percent_escaped_value>]
1428
1429
The gpg-agent maintains a kind of environment which may be used to
1430
store key/value pairs in it, so that they can be retrieved later.
1431
This may be used by helper daemons to daemonize themself on
1432
invocation and register them with gpg-agent. Callers of the
1433
daemon's service may now first try connect to get the information
1434
for that service from gpg-agent through the GETVAL command and then
1435
try to connect to that daemon. Only if that fails they may start
1436
an own instance of the service daemon.
1437
1438
KEY is an an arbitrary symbol with the same syntax rules as keys
1439
for shell environment variables. PERCENT_ESCAPED_VALUE is the
1440
corresponsing value; they should be similar to the values of
1441
envronment variables but gpg-agent does not enforce any
1442
restrictions. If that value is not given any value under that KEY
1443
is removed from this special environment.
1444
*/
1445
static int
1443
static const char hlp_putval[] =
1444
"PUTVAL <key> [<percent_escaped_value>]\n"
1445
"\n"
1446
"The gpg-agent maintains a kind of environment which may be used to\n"
1447
"store key/value pairs in it, so that they can be retrieved later.\n"
1448
"This may be used by helper daemons to daemonize themself on\n"
1449
"invocation and register them with gpg-agent. Callers of the\n"
1450
"daemon's service may now first try connect to get the information\n"
1451
"for that service from gpg-agent through the GETVAL command and then\n"
1452
"try to connect to that daemon. Only if that fails they may start\n"
1453
"an own instance of the service daemon. \n"
1454
"\n"
1455
"KEY is an an arbitrary symbol with the same syntax rules as keys\n"
1456
"for shell environment variables. PERCENT_ESCAPED_VALUE is the\n"
1457
"corresponsing value; they should be similar to the values of\n"
1458
"envronment variables but gpg-agent does not enforce any\n"
1459
"restrictions. If that value is not given any value under that KEY\n"
1460
"is removed from this special environment.";
1461
static gpg_error_t
1446
1462
cmd_putval (assuan_context_t ctx, char *line)
1447
1463
{
1448
1464
int rc = 0;
1511
1527
1512
1528
1513
1529
1514
/* UPDATESTARTUPTTY
1515
1516
Set startup TTY and X DISPLAY variables to the values of this
1517
session. This command is useful to pull future pinentries to
1518
another screen. It is only required because there is no way in the
1519
ssh-agent protocol to convey this information. */
1520
static int
1530
static const char hlp_updatestartuptty[] =
1531
"UPDATESTARTUPTTY\n"
1532
"\n"
1533
"Set startup TTY and X11 DISPLAY variables to the values of this\n"
1534
"session. This command is useful to pull future pinentries to\n"
1535
"another screen. It is only required because there is no way in the\n"
1536
"ssh-agent protocol to convey this information.";
1537
static gpg_error_t
1521
1538
cmd_updatestartuptty (assuan_context_t ctx, char *line)
1522
1539
{
1523
1540
static const char *names[] =
1571
1588
1572
1589
1573
1590
1574
#ifdef HAVE_W32_SYSTEM
1575
/* KILLAGENT
1576
1577
Under Windows we start the agent on the fly. Thus it also make
1578
sense to allow a client to stop the agent. */
1579
static int
1591
static const char hlp_killagent[] =
1592
"KILLAGENT\n"
1593
"\n"
1594
"If the agent has been started using a standard socket\n"
1595
"we allow a client to stop the agent.";
1596
static gpg_error_t
1580
1597
cmd_killagent (assuan_context_t ctx, char *line)
1581
1598
{
1582
1599
ctrl_t ctrl = assuan_get_pointer (ctx);
1583
1600
1584
1601
(void)line;
1602
1603
if (!opt.use_standard_socket)
1604
return set_error (GPG_ERR_NOT_SUPPORTED, "no --use-standard-socket");
1585
1605
1586
1606
ctrl->server_local->stopme = 1;
1587
1607
return gpg_error (GPG_ERR_EOF);
1588
1608
}
1589
1609
1590
/* RELOADAGENT
1591
1610
1592
As signals are inconvenient under Windows, we provide this command
1593
to allow reloading of the configuration. */
1594
static int
1611
static const char hlp_reloadagent[] =
1612
"RELOADAGENT\n"
1613
"\n"
1614
"This command is an alternative to SIGHUP\n"
1615
"to reload the configuration.";
1616
static gpg_error_t
1595
1617
cmd_reloadagent (assuan_context_t ctx, char *line)
1596
1618
{
1597
1619
(void)ctx;
1600
1622
agent_sighup_action ();
1601
1623
return 0;
1602
1624
}
1603
#endif /*HAVE_W32_SYSTEM*/
1604
1625
1605
1626
1606
1627
1607
/* GETINFO <what>
1608
1609
Multipurpose function to return a variety of information.
1610
Supported values for WHAT are:
1611
1612
version - Return the version of the program.
1613
pid - Return the process id of the server.
1614
socket_name - Return the name of the socket.
1615
ssh_socket_name - Return the name of the ssh socket.
1616
scd_running - Return OK if the SCdaemon is already running.
1617
s2k_count - Return the calibrated S2K count.
1618
cmd_has_option CMD OPT
1619
- Returns OK if the command CMD implements the option OPT.
1620
*/
1621
static int
1628
static const char hlp_getinfo[] =
1629
"GETINFO <what>\n"
1630
"\n"
1631
"Multipurpose function to return a variety of information.\n"
1632
"Supported values for WHAT are:\n"
1633
"\n"
1634
" version - Return the version of the program.\n"
1635
" pid - Return the process id of the server.\n"
1636
" socket_name - Return the name of the socket.\n"
1637
" ssh_socket_name - Return the name of the ssh socket.\n"
1638
" scd_running - Return OK if the SCdaemon is already running.\n"
1639
" std_session_env - List the standard session environment.\n"
1640
" std_startup_env - List the standard startup environment.\n"
1641
" cmd_has_option\n"
1642
" - Returns OK if the command CMD implements the option OPT.";
1643
static gpg_error_t
1622
1644
cmd_getinfo (assuan_context_t ctx, char *line)
1623
1645
{
1646
ctrl_t ctrl = assuan_get_pointer (ctx);
1624
1647
int rc = 0;
1625
1648
1626
1649
if (!strcmp (line, "version"))
1664
1687
snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_count ());
1665
1688
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
1666
1689
}
1690
else if (!strcmp (line, "std_session_env")
1691
|| !strcmp (line, "std_startup_env"))
1692
{
1693
int iterator;
1694
const char *name, *value;
1695
char *string;
1696
1697
iterator = 0;
1698
while ((name = session_env_list_stdenvnames (&iterator, NULL)))
1699
{
1700
value = session_env_getenv_or_default
1701
(line[5] == 't'? opt.startup_env:ctrl->session_env, name, NULL);
1702
if (value)
1703
{
1704
string = xtryasprintf ("%s=%s", name, value);
1705
if (!string)
1706
rc = gpg_error_from_syserror ();
1707
else
1708
{
1709
rc = assuan_send_data (ctx, string, strlen (string)+1);
1710
if (!rc)
1711
rc = assuan_send_data (ctx, NULL, 0);
1712
}
1713
if (rc)
1714
break;
1715
}
1716
}
1717
}
1667
1718
else if (!strncmp (line, "cmd_has_option", 14)
1668
1719
&& (line[14] == ' ' || line[14] == '\t' || !line[14]))
1669
1720
{
1703
1754
1704
1755
1705
1756
1706
static int
1757
static gpg_error_t
1707
1758
option_handler (assuan_context_t ctx, const char *key, const char *value)
1708
1759
{
1709
1760
ctrl_t ctrl = assuan_get_pointer (ctx);
1773
1824
/* Called by libassuan after all commands. ERR is the error from the
1774
1825
last assuan operation and not the one returned from the command. */
1775
1826
static void
1776
post_cmd_notify (assuan_context_t ctx, int err)
1827
post_cmd_notify (assuan_context_t ctx, gpg_error_t err)
1777
1828
{
1778
1829
ctrl_t ctrl = assuan_get_pointer (ctx);
1779
1830
1789
1840
that the debug output won't get cluttered by this primitive
1790
1841
command. */
1791
1842
static unsigned int
1792
io_monitor (assuan_context_t ctx, int direction,
1843
io_monitor (assuan_context_t ctx, void *hook, int direction,
1793
1844
const char *line, size_t linelen)
1794
1845
{
1795
1846
ctrl_t ctrl = assuan_get_pointer (ctx);
1796
1847
1848
(void) hook;
1849
1797
1850
/* Note that we only check for the uppercase name. This allows to
1798
1851
see the logging for debugging if using a non-upercase command
1799
1852
name. */
1800
if (ctx && !direction
1853
if (ctx && direction == ASSUAN_IO_FROM_PEER
1801
1854
&& linelen >= 15
1802
1855
&& !strncmp (line, "GETEVENTCOUNTER", 15)
1803
1856
&& (linelen == 15 || spacep (line+15)))
1805
1858
ctrl->server_local->pause_io_logging = 1;
1806
1859
}
1807
1860
1808
return ctrl->server_local->pause_io_logging? 1:0;
1861
return ctrl->server_local->pause_io_logging? ASSUAN_IO_MONITOR_NOLOG : 0;
1809
1862
}
1810
1863
1811
1864
1829
1882
{
1830
1883
static struct {
1831
1884
const char *name;
1832
int (*handler)(assuan_context_t, char *line);
1885
assuan_handler_t handler;
1886
const char * const help;
1833
1887
} table[] = {
1834
{ "GETEVENTCOUNTER",cmd_geteventcounter },
1835
{ "ISTRUSTED", cmd_istrusted },
1836
{ "HAVEKEY", cmd_havekey },
1837
{ "KEYINFO", cmd_keyinfo },
1838
{ "SIGKEY", cmd_sigkey },
1839
{ "SETKEY", cmd_sigkey },
1840
{ "SETKEYDESC", cmd_setkeydesc },
1841
{ "SETHASH", cmd_sethash },
1842
{ "PKSIGN", cmd_pksign },
1843
{ "PKDECRYPT", cmd_pkdecrypt },
1844
{ "GENKEY", cmd_genkey },
1845
{ "READKEY", cmd_readkey },
1846
{ "GET_PASSPHRASE", cmd_get_passphrase },
1847
{ "PRESET_PASSPHRASE", cmd_preset_passphrase },
1848
{ "CLEAR_PASSPHRASE", cmd_clear_passphrase },
1849
{ "GET_CONFIRMATION", cmd_get_confirmation },
1850
{ "LISTTRUSTED", cmd_listtrusted },
1851
{ "MARKTRUSTED", cmd_marktrusted },
1852
{ "LEARN", cmd_learn },
1853
{ "PASSWD", cmd_passwd },
1888
{ "GETEVENTCOUNTER",cmd_geteventcounter, hlp_geteventcounter },
1889
{ "ISTRUSTED", cmd_istrusted, hlp_istrusted },
1890
{ "HAVEKEY", cmd_havekey, hlp_havekey },
1891
{ "KEYINFO", cmd_keyinfo, hlp_keyinfo },
1892
{ "SIGKEY", cmd_sigkey, hlp_sigkey },
1893
{ "SETKEY", cmd_sigkey, hlp_sigkey },
1894
{ "SETKEYDESC", cmd_setkeydesc,hlp_setkeydesc },
1895
{ "SETHASH", cmd_sethash, hlp_sethash },
1896
{ "PKSIGN", cmd_pksign, hlp_pksign },
1897
{ "PKDECRYPT", cmd_pkdecrypt, hlp_pkdecrypt },
1898
{ "GENKEY", cmd_genkey, hlp_genkey },
1899
{ "READKEY", cmd_readkey, hlp_readkey },
1900
{ "GET_PASSPHRASE", cmd_get_passphrase, hlp_get_passphrase },
1901
{ "PRESET_PASSPHRASE", cmd_preset_passphrase, hlp_preset_passphrase },
1902
{ "CLEAR_PASSPHRASE", cmd_clear_passphrase, hlp_clear_passphrase },
1903
{ "GET_CONFIRMATION", cmd_get_confirmation, hlp_get_confirmation },
1904
{ "LISTTRUSTED", cmd_listtrusted, hlp_listtrusted },
1905
{ "MARKTRUSTED", cmd_marktrusted, hlp_martrusted },
1906
{ "LEARN", cmd_learn, hlp_learn },
1907
{ "PASSWD", cmd_passwd, hlp_passwd },
1854
1908
{ "INPUT", NULL },
1855
1909
{ "OUTPUT", NULL },
1856
{ "SCD", cmd_scd },
1857
{ "GETVAL", cmd_getval },
1858
{ "PUTVAL", cmd_putval },
1859
{ "UPDATESTARTUPTTY", cmd_updatestartuptty },
1860
#ifdef HAVE_W32_SYSTEM
1861
{ "KILLAGENT", cmd_killagent },
1862
{ "RELOADAGENT", cmd_reloadagent },
1863
#endif
1864
{ "GETINFO", cmd_getinfo },
1910
{ "SCD", cmd_scd, hlp_scd },
1911
{ "GETVAL", cmd_getval, hlp_getval },
1912
{ "PUTVAL", cmd_putval, hlp_putval },
1913
{ "UPDATESTARTUPTTY", cmd_updatestartuptty, hlp_updatestartuptty },
1914
{ "KILLAGENT", cmd_killagent, hlp_killagent },
1915
{ "RELOADAGENT", cmd_reloadagent,hlp_reloadagent },
1916
{ "GETINFO", cmd_getinfo, hlp_getinfo },
1865
1917
{ NULL }
1866
1918
};
1867
1919
int i, rc;
1868
1920
1869
1921
for (i=0; table[i].name; i++)
1870
1922
{
1871
rc = assuan_register_command (ctx, table[i].name, table[i].handler);
1923
rc = assuan_register_command (ctx, table[i].name, table[i].handler,
1924
table[i].help);
1872
1925
if (rc)
1873
1926
return rc;
1874
1927
}
1875
#ifdef HAVE_ASSUAN_SET_IO_MONITOR
1876
1928
assuan_register_post_cmd_notify (ctx, post_cmd_notify);
1877
#endif
1878
1929
assuan_register_reset_notify (ctx, reset_notify);
1879
1930
assuan_register_option_handler (ctx, option_handler);
1880
1931
return 0;
1889
1940
start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
1890
1941
{
1891
1942
int rc;
1892
assuan_context_t ctx;
1943
assuan_context_t ctx = NULL;
1944
1945
rc = assuan_new (&ctx);
1946
if (rc)
1947
{
1948
log_error ("failed to allocate assuan context: %s\n", gpg_strerror (rc));
1949
agent_exit (2);
1950
}
1893
1951
1894
1952
if (listen_fd == GNUPG_INVALID_FD && fd == GNUPG_INVALID_FD)
1895
1953
{
1896
int filedes[2];
1954
assuan_fd_t filedes[2];
1897
1955
1898
filedes[0] = 0;
1899
filedes[1] = 1;
1900
rc = assuan_init_pipe_server (&ctx, filedes);
1956
filedes[0] = assuan_fdopen (0);
1957
filedes[1] = assuan_fdopen (1);
1958
rc = assuan_init_pipe_server (ctx, filedes);
1901
1959
}
1902
1960
else if (listen_fd != GNUPG_INVALID_FD)
1903
1961
{
1904
rc = assuan_init_socket_server_ext (&ctx, listen_fd, 0);
1962
rc = assuan_init_socket_server (ctx, listen_fd, 0);
1905
1963
/* FIXME: Need to call assuan_sock_set_nonce for Windows. But
1906
1964
this branch is currently not used. */
1907
1965
}
1908
1966
else
1909
1967
{
1910
rc = assuan_init_socket_server_ext (&ctx, fd, 2);
1968
rc = assuan_init_socket_server (ctx, fd, ASSUAN_SOCKET_SERVER_ACCEPTED);
1911
1969
}
1912
1970
if (rc)
1913
1971
{
1930
1988
ctrl->server_local->use_cache_for_signing = 1;
1931
1989
ctrl->digest.raw_value = 0;
1932
1990
1933
if (DBG_ASSUAN)
1934
assuan_set_log_stream (ctx, log_get_stream ());
1935
1936
#ifdef HAVE_ASSUAN_SET_IO_MONITOR
1937
assuan_set_io_monitor (ctx, io_monitor);
1938
#endif
1991
assuan_set_io_monitor (ctx, io_monitor, NULL);
1939
1992
1940
1993
for (;;)
1941
1994
{
1965
2018
agent_reset_query (ctrl);
1966
2019
1967
2020
/* Cleanup. */
1968
assuan_deinit_server (ctx);
1969
#ifdef HAVE_W32_SYSTEM
2021
assuan_release (ctx);
1970
2022
if (ctrl->server_local->stopme)
1971
2023
agent_exit (0);
1972
#endif
1973
2024
xfree (ctrl->server_local);
1974
2025
ctrl->server_local = NULL;
1975
2026
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1