Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F34110821
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Size
167 KB
Subscribers
None
View Options
diff --git a/agent/ChangeLog b/agent/ChangeLog
index eb80654a5..ce1fdccd8 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,2887 +1,2892 @@
+2010-12-02 Werner Koch <wk@g10code.com>
+
+ * gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL) [W32CE]: Set to 60
+ seconds.
+
2010-11-29 Werner Koch <wk@g10code.com>
* cache.c (initialize_module_cache): Factor code out to ...
(init_encryption): new.
(new_data, agent_get_cache): Init encryption on on the fly.
2010-11-26 Werner Koch <wk@g10code.com>
* gpg-agent.c (CHECK_OWN_SOCKET_INTERVAL): New.
(handle_tick) [W32CE]: Don't check own socket.
2010-11-23 Werner Koch <wk@g10code.com>
* Makefile.am (gpg_agent_LDFLAGS): Add extra_bin_ldflags.
2010-11-11 Werner Koch <wk@g10code.com>
* agent.h (opt): Add field SIGUSR2_ENABLED.
* gpg-agent.c (handle_connections): Set that flag.
* call-scd.c (start_scd): Enable events depending on this flag.
2010-10-27 Werner Koch <wk@g10code.com>
* gpg-agent.c (create_socket_name): Use TMPDIR. Change callers.
2010-10-26 Werner Koch <wk@g10code.com>
* cache.c (agent_put_cache): Allow deletion even if TTL is passwd
as 0.
* genkey.c (agent_protect_and_store): Add arg PASSPHRASE_ADDR.
* command.c (cmd_passwd): Add option --passwd-nonce.
(struct server_local_s): Add LAST_CACHE_NONCE and LAST_PASSWD_NONCE.
(clear_nonce_cache): New.
(reset_notify): Clear the nonce cache.
(start_command_handler): Ditto.
2010-10-25 Werner Koch <wk@g10code.com>
* command.c (cmd_export_key): Free CACHE_NONCE.
(cmd_passwd): Add option --cache-nonce.
2010-10-18 Werner Koch <wk@g10code.com>
* call-pinentry.c (start_pinentry): Print name of pinentry on
connect error.
* call-scd.c (agent_card_pksign): Make sure to return an unsigned
number.
2010-10-14 Werner Koch <wk@g10code.com>
* command.c (cmd_genkey): Add option --no-protection.
* genkey.c (agent_genkey): Add arg NO_PROTECTION.
2010-10-13 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_passphrase): Support the close_button.
* gpg-agent.c (create_server_socket): Switch back to stderr
logging if we are not starting a agent.
* command.c (cmd_passwd, cmd_export_key): Move mapping of
GPG_ERR_FULLY_CANCELED to ..
(leave_cmd): .. here.
(option_handler): Add option agent-awareness.
* protect-tool.c (get_passphrase): Take care of
GPG_ERR_FULLY_CANCELED.
* findkey.c (try_unprotect_cb): Ditto.
(unprotect): Remove the fully_canceled hack.
* call-pinentry.c (start_pinentry): Ditto.
(agent_askpin): Ditto.
* pkdecrypt.c (agent_pkdecrypt): Ditto
* pksign.c (agent_pksign_do): Ditto.
* genkey.c (agent_ask_new_passphrase): Remove arg CANCEL_ALL.
2010-10-06 Werner Koch <wk@g10code.com>
* cvt-openpgp.c (convert_secret_key): Add missing break.
2010-10-05 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Don't set SSH_AGENT_PID so that ssh-agent -k
won't kill out gpg-agent.
2010-09-30 Werner Koch <wk@g10code.com>
* gpg-agent.c (agent_exit): Run cleanup.
(cleanup): Run only once.
* call-pinentry.c (close_button_status_cb): New.
(agent_askpin): Add arg R_CANCEL_ALL. Change all callers.
* genkey.c (agent_ask_new_passphrase): Ditto.
* findkey.c (unprotect): Return GPG_ERR_FULLY_CANCELED if needed.
* command.c (cmd_export_key): Add support for OpenPGP keys.
* findkey.c (unprotect): Add optional arg R_PASSPHRASE.
(agent_key_from_file): Ditto. Change all callers.
* findkey.c (unprotect): Do not put the passphrase into the cache
if it has been changed.
* cvt-openpgp.c (convert_to_openpgp, apply_protection)
(key_from_sexp): New.
2010-09-29 Werner Koch <wk@g10code.com>
* cvt-openpgp.c (convert_openpgp): Rename to convert_from_openpgp.
* command.c (has_option): Stop at "--".
(has_option_name, option_value): Ditto.
(skip_options): Skip initial spaces.
2010-09-24 Werner Koch <wk@g10code.com>
* gpg-agent.c (main, reread_configuration): Always test whether
the default configuration file has been created in the meantime.
Fixes bug#1285.
2010-09-17 Werner Koch <wk@g10code.com>
* command.c (cmd_havekey): Allow testing of several keygrips.
2010-09-15 Werner Koch <wk@g10code.com>
* protect.c (calculate_mic): Take care of shared secret format.
* agent.h (PROTECTED_SHARED_SECRET): New.
2010-09-02 Werner Koch <wk@g10code.com>
* cache.c (new_data): Change arg and callers to use a string and
explicity return an error code. We never used raw binary data and
thus it is easier to use a string. Adjust callers.
(initialize_module_cache, deinitialize_module_cache): New.
(new_data): Encrypt the cached data.
(struct cache_item_s): Remove field LOCKCOUNT. Change all users
accordingly.
(agent_unlock_cache_entry): Remove.
(agent_get_cache): Return an allocated string and remove CACHE_ID.
* genkey.c (agent_genkey): Remove cache marker stuff.
* findkey.c (unprotect): Ditto.
* cvt-openpgp.c (convert_openpgp): Ditto.
* command.c (cmd_get_passphrase): Ditto.
* gpg-agent.c (main, cleanup): Initialize and deinitialize the
cache module.
2010-09-01 Werner Koch <wk@g10code.com>
* call-pinentry.c (start_pinentry): Disable pinentry logging.
* command.c (cmd_import_key, cmd_genkey, cmd_pksign): Add CACHE
handling.
* cvt-openpgp.c (convert_openpgp): Add arg CACHE_NONCE and try the
cached nonce first.
* genkey.c (agent_genkey): Add arg CACHE_NONCE.
* cache.c (agent_get_cache): Require user and nonce cache modes
to match the requested mode.
(agent_put_cache): Ditto.
* agent.h (CACHE_MODE_NONCE): New.
* pksign.c (agent_pksign_do, agent_pksign): Add arg CACHE_NONCE.
* findkey.c (agent_key_from_file): Ditto.
(unprotect): Implement it.
2010-08-31 Werner Koch <wk@g10code.com>
* pksign.c (do_encode_dsa): Fix sign problem.
* findkey.c (agent_is_dsa_key): Adjust to actual usage.
2010-08-30 Werner Koch <wk@g10code.com>
* protect.c (s2k_hash_passphrase): New public function.
2010-08-27 Werner Koch <wk@g10code.com>
* command.c (cmd_import_key): Support OpenPGP keys.
* cvt-openpgp.h, cvt-openpgp.c: New. Some of the code is based on
code taken from g10/seckey-cert.c.
2010-08-26 Werner Koch <wk@g10code.com>
* command-ssh.c (open_control_file): Use estream to create the file.
* findkey.c (agent_write_private_key): Explicitly create file with
mode 600.
* gpg-agent.c (main): Ditto.
* trustlist.c (agent_marktrusted): Explicitly create file with
mode 640.
2010-08-16 Werner Koch <wk@g10code.com>
* gpg-agent.c: Replace remaining printf by es_printf.
2010-08-11 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_passphrase, agent_askpin): Fix
setting of confidential flag.
* call-scd.c (agent_card_scd): Pass assuan comment lines to the
caller.
(ASSUAN_CONVEY_COMMENTS): Provide replacement if needed.
2010-08-09 Werner Koch <wk@g10code.com>
* Makefile.am (t_common_ldadd): Add NETLIBS for sake of the TCP
logging.
2010-06-24 Werner Koch <wk@g10code.com>
* genkey.c (check_passphrase_pattern): Use HANG option for
gnupg_wait_progress. Fixes regression from 2010-06-09.
2010-06-21 Werner Koch <wk@g10code.com>
* protect-tool.c (export_p12_file, import_p12_cert_cb)
(import_p12_file, sexp_to_kparms, store_private_key): Remove
unused code.
2010-06-18 Werner Koch <wk@g10code.com>
* protect-tool.c (store_private_key, rsa_key_check): Remove.
* command.c (cmd_export_key): New.
2010-06-15 Werner Koch <wk@g10code.com>
* command.c (cmd_keywrap_key, cmd_import_key): New.
* genkey.c (agent_genkey, agent_protect_and_store): Factor common
code out to...
(agent_ask_new_passphrase): .. new.
* findkey.c (agent_write_private_key): Return GPG_ERR_EEXIST
instead of GPG_ERR_GENERAL.
2010-06-14 Werner Koch <wk@g10code.com>
* protect-tool.c: Remove commands --p12-import and --p12-export.
* minip12.c, minip12.h: Move to ../sm.
* Makefile.am (gpg_protect_tool_SOURCES): Remove them.
* preset-passphrase.c: Remove unneeded minip12.h.
* command.c (cmd_keywrap_key): New.
* command.c (leave_cmd): New.
(cmd_istrusted, cmd_listtrusted, cmd_marktrusted, cmd_pksign)
(cmd_pkdecrypt, cmd_genkey, cmd_readkey, cmd_keyinfo)
(cmd_get_passphrase, cmd_get_confirmation, cmd_learn)
(cmd_passwd, cmd_preset_passphrase, cmd_getval, cmd_putval): Use it.
2010-05-12 Werner Koch <wk@g10code.com>
* preset-passphrase.c (forget_passphrase): Actually implement
this. Fixes bug#1198.
2010-05-11 Werner Koch <wk@g10code.com>
* agent.h (opt): Add field USE_STANDARD_SOCKET.
* gpg-agent.c (use_standard_socket): Remove. Use new option instead.
* command.c (cmd_killagent, cmd_reloadagent): Provide command also
for non-W32 platforms.
(cmd_getinfo): New subcommands std_session_env and std_startup_env.
2010-05-03 Werner Koch <wk@g10code.com>
* gpg-agent.c (check_own_socket_thread): Do not release SOCKNAME
too early.
2010-04-30 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Add command --use-standard-socket-p.
2010-04-26 Werner Koch <wk@g10code.com>
* gpg-agent.c (create_server_socket) [W32]: Also check for EEXIST.
2010-04-19 Werner Koch <wk@g10code.com>
* pksign.c (get_dsa_qbits, do_encode_dsa): New.
(agent_pksign_do): Detect DSA keys and use do_encode_dsa.
* findkey.c (agent_public_key_from_file): Factor some code out to ..
(key_parms_from_sexp): New.
(agent_is_dsa_key): New.
* command.c (cmd_sethash): Clear digeest.RAW_VALUE.
2010-04-14 Werner Koch <wk@g10code.com>
* Makefile.am (libexec_PROGRAMS) [W32CE]: Do not build
gpg-preset-passphrase for now.
(pwquery_libs) [W32CE]: Set to empty.
* trustlist.c (read_one_trustfile): Use estream.
2010-04-13 Werner Koch <wk@g10code.com>
* findkey.c (read_key_file): Use estream.
(agent_write_private_key): Ditto.
2010-04-07 Werner Koch <wk@g10code.com>
* gpg-agent.c (handle_connections) [W32]: Assume that PTh support
the handle event. Use a dummy event for W32CE.
(get_agent_scd_notify_event) [W32CE]: Do not build.
* call-pinentry.c: Remove setenv.h. Include sysutils.h.
(atfork_cb): s/setenv/gnupg_setenv/.
* gpg-agent.c: Do not include setenv.h.
(main): s/unsetenv/gnupg_unsetenv/.
* protect.c (calibrate_get_time) [W32CE]: Use GetThreadTimes.
2010-04-06 Werner Koch <wk@g10code.com>
* call-scd.c [!HAVE_SIGNAL_H]: Do not include signal.h.
* findkey.c (agent_write_private_key): s/remove/gnupg_remove/.
* command-ssh.c (search_control_file): Replace rewind by fseek and
clearerr.
* genkey.c (check_passphrase_pattern): Ditto.
* gpg-agent.c [!HAVE_SIGNAL_H]: Do not include signal.h.
(remove_socket): s/remove/gnupg_remove/.
(create_private_keys_directory): Use gnupg_mkdir.
2010-03-11 Werner Koch <wk@g10code.com>
* gpg-agent.c: Include "asshelp.h".
(main): Remove assuan_set_assuan_log_prefix. Add
assuan_set_log_cb.
(handle_signal): Disable pth ctrl dumping.
(parse_rereadable_options, main): Remove assuan_set_assuan_log_stream.
* call-scd.c (start_scd): Remove assuan_set_log_stream.
2010-03-10 Werner Koch <wk@g10code.com>
* Makefile.am (common_libs): Remove libjnlib.a.
* trustlist.c, protect-tool.c, command-ssh.c: Remove estream.h.
2010-02-17 Werner Koch <wk@g10code.com>
* call-pinentry.c (start_pinentry): Always free OPTSTR. Send
default-xxx strings.
2010-01-26 Werner Koch <wk@g10code.com>
* protect.c (do_encryption): Encode the s2kcount and no not use a
static value of 96.
2009-12-21 Werner Koch <wk@g10code.com>
* command.c (cmd_getinfo): Add sub-command s2k_count.
2009-12-14 Werner Koch <wk@g10code.com>
* protect.c (agent_unprotect): Decode the S2K count here and take
care of the new unencoded values. Add a lower limit sanity check.
(hash_passphrase): Do not decode here.
(get_standard_s2k_count, calibrate_s2k_count): New.
(calibrate_get_time, calibrate_elapsed_time): New.
(do_encryption): Use get_standard_s2k_count.
2009-12-08 Werner Koch <wk@g10code.com>
* protect.c (agent_unprotect): Avoid compiler warning.
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Convert posix fd to assuan fd.
* call-scd.c (start_scd): Likewise.
2009-12-03 Werner Koch <wk@g10code.com>
* gpg-agent.c (set_debug): Allow for numerical debug leveles. Print
active debug flags.
2009-12-02 Werner Koch <wk@g10code.com>
* trustlist.c (read_trustfiles): Store the pointer returned from
shrinking the memory and not the orginal one. Fixes bug#1163.
Reported by TAKAHASHI Tamotsu. Also return correct error after
memory failure.
2009-11-27 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Do not call
assuan_set_log_stream anymore.
* gpg-agent.c (main): But call assuan_set_assuan_log_stream here.
2009-11-25 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Use assuan_fd_t and
assuan_fdopen on fds.
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Call assuan_pipe_connect, not
assuan_pipe_connect_ext.
* command.c (start_command_handler): Change
assuan_init_socket_server_ext into assuan_init_socket_server.
* call-scd.c (start_scd): Update use of assuan_socket_connect and
assuan_pipe_connect.
* gpg-agent.c (check_own_socket_thread, check_for_running_agent):
Update use of assuan_socket_connect.
2009-11-04 Werner Koch <wk@g10code.com>
* command.c (register_commands): Add help arg to
assuan_register_command. Convert all command comments to help
strings.
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* command.c (reset_notify): Take LINE arg and return error.
(register_commands): Use assuan_handler_t type.
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
libassuan-pth.
* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks and assuan_sock_init.
Fix invocation of assuan_socket_connect.
2009-09-23 Werner Koch <wk@g10code.com>
* command.c (register_commands) [HAVE_ASSUAN_SET_IO_MONITOR]:
Remove cpp condition.
(start_command_handler) [HAVE_ASSUAN_SET_IO_MONITOR]: Ditto.
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
2009-09-04 Marcus Brinkmann <marcus@g10code.com>
* command.c (start_command_handler): Add comment about gap in
implementation (in dead code), for future reference.
2009-08-11 Werner Koch <wk@g10code.com>
* divert-scd.c (ask_for_card): I18n a prompt string.
2009-07-06 Werner Koch <wk@g10code.com>
* agent.h: Include session-env.h.
(opt): Replace most of the startup_xxx fields by a session_env_t.
(struct server_control_s): Likewise.
* gpg-agent.c (main): Rewrite setting of the startup fields.
(handle_connections, main): Allocate SESSION_ENV.
(agent_init_default_ctrl, agent_deinit_default_ctrl): Change
accordingly.
* command.c (option_handler): Ditto.
(cmd_updatestartuptty): Change accordingly. Protect old values
from out of core failures.
* command-ssh.c (start_command_handler_ssh): Ditto.
(start_command_handler_ssh): Replace strdup by xtrystrdup.
* call-pinentry.c (atfork_cb): Pass new envrinmnet variables.
(start_pinentry): Use session_env stuff.
* protect-tool.c (main): Adjust call to gnupg_prepare_get_passphrase.
2009-06-24 Werner Koch <wk@g10code.com>
* genkey.c (agent_protect_and_store): Return RC and not 0.
* protect.c (do_encryption): Fix ignored error code from malloc.
Reported by Fabian Keil.
2009-06-17 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_confirmation): Add arg WITH_CANCEL.
Change all callers.
* trustlist.c (agent_marktrusted): Use WITH_CANCEL
2009-06-09 Werner Koch <wk@g10code.com>
* learncard.c (send_cert_back): Ignore certain error codes.
2009-06-05 Werner Koch <wk@g10code.com>
* protect-tool.c (store_private_key): Fix last change by appending
a ".key".
2009-06-03 Werner Koch <wk@g10code.com>
* protect-tool.c: Include estream.h.
(store_private_key): Replace stdio streams by estream functions
for a portable use of the "x" mode.
* trustlist.c: Include estream.h.
(agent_marktrusted): Replace stdio stream by estream functions.
* protect-tool.c (store_private_key): Use bin2hex.
2009-06-02 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Run pth_kill after fork. Fixes bug#1066.
2009-05-19 Werner Koch <wk@g10code.com>
* gpg-agent.c (JNLIB_NEED_AFLOCAL): Define.
(create_server_socket): Use SUN_LEN macro.
2009-05-15 Werner Koch <wk@g10code.com>
Fix bug #1053.
* agent.h (lookup_ttl_t): New.
* findkey.c (unprotect): Add arg LOOKUP_TTL.
(agent_key_from_file): Ditto.
* pksign.c (agent_pksign_do): Ditto.
* command-ssh.c (ttl_from_sshcontrol): New.
(data_sign): Pass new function to agent_pksign_do.
(search_control_file): Add new arg R_TTL.
2009-05-14 Werner Koch <wk@g10code.com>
* command.c (cmd_get_passphrase): Add option --qualitybar.
* call-pinentry.c (agent_askpin): Factor some code out to ...
(setup_qualitybar): .. new.
(agent_get_passphrase): Add arg WITH_QUALITYBAR and implement it.
2009-04-14 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (agent_get_confirmation): Try SETNOTOK command
with pinentry.
2009-04-01 Werner Koch <wk@g10code.com>
* protect-tool.c (pe_opt): New.
(opts): Add option --agent-program. Use ARGPARSE macros.
(get_new_passphrase): Remove.
(get_passphrase): Use gpg-agent directly. Remove arg OPT_CHECK and
change all callers.
* Makefile.am (gpg_protect_tool_LDADD): Replace pwquery_libs by
LIBASSUAN_LIBS.
(gpg_protect_tool_CFLAGS): New.
* command.c (percent_plus_unescape): Remove.
(cmd_putval): Use percent_plus_unescape_inplace.
* call-scd.c (unescape_status_string): Remove.
(card_getattr_cb): Use percent_plus_unescape.
* protect-tool.c (main): Use percent_plus_unescape from common/.
(percent_plus_unescape, percent_plus_unescape_string): Remove.
2009-03-27 Werner Koch <wk@g10code.com>
* learncard.c (agent_handle_learn): Add new certtype 111.
2009-03-26 Werner Koch <wk@g10code.com>
* agent.h (MAX_DIGEST_LEN): Change to 64.
* command.c (cmd_sethash): Allow digest length of 48 and 64.
(cmd_sethash): Allow more hash algos.
* trustlist.c (reformat_name): New.
(agent_marktrusted): Use a reformatted name. Reload the table
before the update and always reload it at the end.
(agent_istrusted): Check early for the disabled flag.
2009-03-25 Werner Koch <wk@g10code.com>
* pkdecrypt.c (agent_pkdecrypt): Return a specific error message
if the key is not available.
* gpg-agent.c (main): Print a started message to show the real pid.
2009-03-20 Werner Koch <wk@g10code.com>
* learncard.c (struct kpinfo_cp_parm_s): Add field CTRL.
(struct certinfo_cb_parm_s): Ditto.
(agent_handle_learn): Set CTRL field.
(kpinfo_cb, certinfo_cb): Send progress status.
* agent.h (agent_write_status): Flag with GNUPG_GCC_A_SENTINEL.
2009-03-19 Werner Koch <wk@g10code.com>
* trustlist.c (struct trustitem_s): Add field DISABLED.
(read_one_trustfile): Parse the '!' flag.
(agent_istrusted, agent_listtrusted): Check flag.
(agent_istrusted): Add arg R_DISABLED. Change all callers.
(agent_marktrusted): Do not ask if flagged as disabled. Reverse
the order of the questions. Store the disabled flag.
* gpg-agent.c (main): Save signal mask and open fds. Restore mask
and close all fds prior to the exec. Fixes bug#1013.
2009-03-17 Werner Koch <wk@g10code.com>
* command.c (cmd_get_passphrase): Break repeat loop on error.
Show error message.
(cmd_getinfo): Add subcommand "cmd_has_option".
(command_has_option): New.
2009-03-17 Daiki Ueno <ueno@unixuser.org>
* command.c (option_value): New function.
(cmd_get_passphrase): Accept new option --repeat, which makes
gpg-agent to ask passphrase several times.
2009-03-06 Werner Koch <wk@g10code.com>
* command.c (cmd_keyinfo): New command.
(register_commands): Register it.
(agent_write_status): Make sure not to print LR or CR.
* divert-scd.c (ask_for_card): Factor shadow info parsing out to ...
* protect.c (parse_shadow_info): New.
* findkey.c (agent_key_from_file): Use make_canon_sexp.
(agent_write_private_key, unprotect, read_key_file)
(agent_key_available): Use bin2hex.
(agent_key_info_from_file): New.
(read_key_file): Log no error message for ENOENT.
2009-03-05 Werner Koch <wk@g10code.com>
* divert-scd.c (getpin_cb): Support flag 'P'. Change max_digits
from 8 to 16. Append a message about keypads.
* findkey.c (unprotect): Change max digits to 16.
2009-03-02 Werner Koch <wk@g10code.com>
* command.c (cmd_getinfo): Add subcommand "scd_running".
* call-scd.c (agent_scd_check_running): New.
* gpg-agent.c: Add missing option strings for "--batch" and
"--homedir". Reported by Petr Uzel.
* protect-tool.c (import_p12_file): Take care of canceled
passphrase entry. Fixes bug#1003.
(export_p12_file): Ditto.
2008-12-17 Werner Koch <wk@g10code.com>
* gpg-agent.c (handle_connections): Set action of all pth event
handled signals to SIG_IGN. Use a different pth_sigmask strategy.
2008-12-10 Werner Koch <wk@g10code.com>
* command.c (cmd_get_passphrase): Implement option --no-ask.
2008-12-09 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Call i18n_init before init_common_subsystems.
* preset-passphrase.c (main): Ditto.
* protect-tool.c (main): Ditto.
* command.c (cmd_preset_passphrase): Allow an arbitrary string for
the cache id.
2008-12-08 Werner Koch <wk@g10code.com>
* gpg-agent.c (handle_connections): Sync the ticker to the next
full second. This is bug#871.
2008-12-05 Werner Koch <wk@g10code.com>
* minip12.c (decrypt_block): Fix const modified of CHARSETS.
* learncard.c (sinfo_cb_parm_s): Remove superflous semicolon.
Reported by Stoyan Angelov.
2008-11-18 Werner Koch <wk@g10code.com>
* gpg-agent.c (make_libversion): New.
(my_strusage): Print libgcrypt version
2008-11-11 Werner Koch <wk@g10code.com>
* call-scd.c (membuf_data_cb): Change return type to
assuan_error_t to avoid warnings with newer libassuan versions.
2008-11-04 Werner Koch <wk@g10code.com>
* command.c (cmd_killagent): Stop the agent immediately.
(start_command_handler): Take care of GPG_ERR_EOF.
2008-10-29 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Move USE_STANDARD_SOCKET to the outer scope.
(create_socket_name): Remove arg USE_STANDARD_SOCKET. Change all
callers.
(create_server_socket): Remove IS_STANDARD_NAME and replace it by
USE_STANDARD_SOCKET. Change all callers.
(check_own_socket_running): New.
(check_own_socket, check_own_socket_thread): New.
(handle_tick): Check server socket once a minute.
(handle_connections): Remove the extra pth_wait in the shutdown
case.
2008-10-20 Werner Koch <wk@g10code.com>
* command.c (cmd_geteventcounter): Mark unused arg.
(cmd_listtrusted, cmd_pksign, cmd_pkdecrypt, cmd_genkey): Ditto.
(cmd_updatestartuptty, post_cmd_notify): Ditto.
* command-ssh.c (add_control_entry)
(ssh_handler_request_identities, ssh_handler_remove_identity)
(ssh_handler_remove_all_identities, ssh_handler_lock)
(ssh_handler_unlock): Ditto.
* call-pinentry.c (pinentry_active_p, popup_message_thread)
(agent_popup_message_stop): Ditto.
* findkey.c (agent_public_key_from_file): Ditto.
* genkey.c (check_passphrase_pattern): Ditto.
* call-scd.c (atfork_cb): Ditto.
* protect-tool.c (import_p12_cert_cb): Ditto.
* t-protect.c (main): Ditto.
2008-10-17 Werner Koch <wk@g10code.com>
* call-scd.c (start_scd) [W32]: Use snprintf again because we now
always use the estream variant.
2008-10-15 Werner Koch <wk@g10code.com>
* call-scd.c (start_scd): Enable assuan loggging if requested.
(agent_scd_check_aliveness) [W32]: Fix use of GetExitCodeProcess.
2008-10-14 Werner Koch <wk@g10code.com>
* gpg-agent.c (get_agent_scd_notify_event): Need to use a manual
reset event.
2008-09-29 Werner Koch <wk@g10code.com>
* agent.h (GCRY_MD_USER): Rename to GCRY_MODULE_ID_USER.
(GCRY_MD_USER_TLS_MD5SHA1): Rename to MD_USER_TLS_MD5SHA1 and
change all users.
2008-09-25 Werner Koch <wk@g10code.com>
* divert-scd.c (getpin_cb): Support a Reset Code style PINs..
2008-09-03 Werner Koch <wk@g10code.com>
* command.c (parse_keygrip): Use hex2bin.
(cmd_preset_passphrase): Decode the passphrase. Reported by Kiss
Gabor. Fixes #679 again.
* preset-passphrase.c (make_hexstring): Remove.
(preset_passphrase): Use bin2hex.
2008-05-27 Werner Koch <wk@g10code.com>
* trustlist.c (insert_colons): Fix stupidly wrong allocation size
computation.
2008-05-26 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Re-initialize default assuan log stream if a
log file is used.
* trustlist.c (agent_marktrusted): Use xtryasprintf and xfree.
* gpg-agent.c (main, agent_deinit_default_ctrl): Always use xfree
because our asprintf is mapped to an xmalloc style function in
util.h. Replace xstrdup by xtrystrdup.
* w32main.c (build_argv): Ditto.
* preset-passphrase.c (preset_passphrase): Ditto.
* divert-scd.c (ask_for_card): Ditto.
* command.c (option_handler): Ditto.
* command-ssh.c (ssh_handler_request_identities): Ditto.
* call-pinentry.c (start_pinentry): Ditto.
* gpg-agent.c (start_connection_thread)
(start_connection_thread_ssh): Use pth_thread_id for useful output
under W32.
(pth_thread_id) [!PTH_HAVE_PTH_THREAD_ID]: New.
2008-03-17 Werner Koch <wk@g10code.com>
* agent.h (agent_inq_pinentry_launched): New prototype.
* call-pinentry.c: Include sys/types.h and signal.h.
2008-02-14 Werner Koch <wk@g10code.com>
* command.c (agent_inq_pinentry_launched): New.
(option_handler): Add option allow-pinentry-notify.
* call-pinentry.c (getinfo_pid_cb): New.
(start_pinentry): Ask for the PID and notify the client.
2008-01-15 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Start pinentry in detached
mode.
2007-12-04 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_askpin): Use gnupg_get_help_string.
2007-12-03 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): s/standard_socket/use_standard_socket/ for
clarity.
(create_server_socket): New arg IS_SSH to avoid testing with
assuan commands.
2007-11-20 Werner Koch <wk@g10code.com>
* gpg-agent.c (get_agent_scd_notify_event): New.
(handle_signal): Factor SIGUSR2 code out to:
(agent_sigusr2_action): .. New.
(agent_sighup_action): Print info message here and not in
handle_signal.
(handle_connections) [PTH_EVENT_HANDLE]: Call agent_sigusr2_action.
* call-scd.c (agent_scd_check_aliveness) [W32]: Implemented.
(start_scd) [W32]: Send event-signal option.
2007-11-19 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_askpin): Set the tooltip for the quality
bar.
2007-11-15 Werner Koch <wk@g10code.com>
* agent.h (struct server_control_s): Add XAUTHORITY and
PINENTRY_USER_DATA.
* gpg-agent.c: New option --xauthority.
(main, agent_init_default_ctrl)
(agent_deinit_default_ctrl): Implemented
* command.c (cmd_updatestartuptty): Ditto.
* command-ssh.c (start_command_handler_ssh): Ditto.
* call-pinentry.c (atfork_cb): Set the environment.
(start_pinentry): Pass CTRL as arg to atfork_cb.
2007-11-14 Werner Koch <wk@g10code.com>
* call-scd.c (start_scd) [W32]: Take care of fflush peculiarities.
2007-11-07 Werner Koch <wk@g10code.com>
* agent.h: Remove errors.h.
2007-10-24 Werner Koch <wk@g10code.com>
* genkey.c (check_passphrase_constraints): Changed the wording of
the warning messages.
2007-10-19 Werner Koch <wk@g10code.com>
* protect-tool.c (get_passphrase): Use new utf8 switch fucntions.
2007-10-15 Daiki Ueno <ueno@unixuser.org> (wk)
* command-ssh.c (reenter_compare_cb): New function; imported from
genkey.c.
(ssh_identity_register): Ask initial passphrase twice.
2007-10-02 Werner Koch <wk@g10code.com>
* command.c (cmd_getinfo): Add "pid" subcommand.
2007-10-01 Werner Koch <wk@g10code.com>
* agent.h (struct server_control_s): Remove unused CONNECTION_FD.
* gpg-agent.c: Remove w32-afunix.h. Include mkdtemp.h.
(socket_nonce, socket_nonce_ssh): New.
(create_server_socket): Use assuan socket wrappers. Remove W32
specific stuff. Save the server nonce.
(check_nonce): New.
(start_connection_thread, start_connection_thread_ssh): Call it.
(handle_connections): Change args to gnupg_fd_t.
* command.c (start_command_handler): Change LISTEN_FD to gnupg_fd_t.
* command-ssh.c (start_command_handler_ssh): Ditto.
2007-09-18 Werner Koch <wk@g10code.com>
* agent.h (struct pin_entry_info_s): Add element WITH_QUALITYBAR.
* genkey.c (check_passphrase_constraints): New arg SILENT.
Changed all callers.
(agent_protect_and_store, agent_genkey): Enable qualitybar.
* call-pinentry.c (agent_askpin): Send that option.
(unescape_passphrase_string): New.
(inq_quality): New.
(estimate_passphrase_quality): New.
2007-09-14 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (agent_popup_message_stop): Implement kill for
Windows.
2007-08-28 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Add option --faked-system-time.
* protect-tool.c (read_and_unprotect): Print the protected-at date.
* agent.h (struct server_control_s): Add member IN_PASSWD.
* command.c (cmd_passwd): Set it.
* findkey.c (try_unprotect_cb): Use it.
* protect.c (do_encryption): Replace asprintf by xtryasprint.
(agent_protect): Create the protected-at item.
(agent_unprotect): Add optional arg PROTECTED_AT.
(merge_lists): Add args CUTOFF and CUTLEN.
(agent_unprotect): Use them.
* findkey.c (try_unprotect_cb): Add code to test for expired keys.
(unprotect): Allow changing the passphrase.
2007-08-27 Werner Koch <wk@g10code.com>
* gpg-agent.c: Add options --min-passphrase-nonalpha,
--check-passphrase-pattern and --enforce-passphrase-constraints.
(MIN_PASSPHRASE_NONALPHA): Init nonalpha option to 1.
(main): Declare options for gpgconf.
* agent.h (struct): Add members MIN_PASSPHRASE_NONALPHA,
ENFORCE_PASSPHRASE_CONSTRAINTS and CHECK_PASSPHRASE_PATTERN.
* genkey.c (nonalpha_charcount): New.
(check_passphrase_pattern): New.
(check_passphrase_constraints): Implement. Factor some code out...
(take_this_one_anyway, take_this_one_anyway2): .. New.
* call-pinentry.c (agent_show_message): New.
(agent_askpin): We better reset the pin buffer before asking.
* trustlist.c (insert_colons): New.
(agent_marktrusted): Pretty print the fpr.
2007-08-22 Werner Koch <wk@g10code.com>
* findkey.c (O_BINARY): Make sure it is defined.
(agent_write_private_key): Use O_BINARY
* protect-tool.c (import_p12_file): Add hack to allow importing of
gnupg 2.0.4 generated files.
2007-08-06 Werner Koch <wk@g10code.com>
* trustlist.c (read_one_trustfile): Add flag "cm".
(agent_istrusted): Ditto.
2007-08-02 Werner Koch <wk@g10code.com>
* gpg-agent.c: Include gc-opt-flags.h and remove their definition
here.
2007-07-13 Werner Koch <wk@g10code.com>
* genkey.c (check_passphrase_constraints): Require a confirmation
for an empty passphrase.
(agent_genkey, agent_protect_and_store): No need to repeat an
empty passphrase.
2007-07-05 Werner Koch <wk@g10code.com>
* call-scd.c (struct inq_needpin_s): New.
(inq_needpin): Pass unknown inquiries up.
2007-07-04 Werner Koch <wk@g10code.com>
* gpg-agent.c (TIMERTICK_INTERVAL): New.
(fixed_gcry_pth_init, main): Kludge to fix Pth initialization.
2007-07-03 Werner Koch <wk@g10code.com>
* gpg-agent.c (handle_connections): Do not use FD_SETSIZE for
select but compute the correct number.
2007-07-02 Werner Koch <wk@g10code.com>
* command.c (cmd_reloadagent) [W32]: New.
(register_commands) [W32]: New command RELOADAGENT.
* Makefile.am (gpg_agent_SOURCES): Remove w32main.c and w32main.h.
(gpg_agent_res_ldflags): Remove icon file as we don't have a
proper icon yet.
* gpg-agent.c (main): do not include w32main.h. Remove all calls
to w32main.c.
(agent_sighup_action): New.
(handle_signal): Use it.
2007-06-26 Werner Koch <wk@g10code.com>
* gpg-agent.c (create_directories) [W32]: Made it work.
2007-06-21 Werner Koch <wk@g10code.com>
* agent.h (ctrl_t): Remove. It is now declared in ../common/util.h.
* gpg-agent.c (check_for_running_agent): New arg SILENT. Changed
all callers.
(create_server_socket): If the standard socket is in use check
whether a agent is running and avoid starting another one.
2007-06-18 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (main): Percent escape pathname in --gpgconf-list
output.
2007-06-18 Werner Koch <wk@g10code.com>
* w32main.c (build_argv): New.
(WinMain): Use it.
* command.c (cmd_killagent) [W32]: New.
(cmd_getinfo): New.
* gpg-agent.c (get_agent_ssh_socket_name): New.
(no_force_standard_socket) New.
(create_server_socket): Use it.
* Makefile.am (gpg_agent_res_ldflags): Pass windows option to ld.
2007-06-14 Werner Koch <wk@g10code.com>
* protect-tool.c (main): Setup default socket name for
simple-pwquery.
(MAP_SPWQ_ERROR_IMPL): New. Use map_spwq_error for spqw related
error codes.
* preset-passphrase.c (main): Setup default socket name for
simple-pwquery.
(map_spwq_error): Remove.
(MAP_SPWQ_ERROR_IMPL): New.
* call-pinentry.c (start_pinentry): Use gnupg_module_name.
* call-scd.c (start_scd): Ditto.
2007-06-12 Werner Koch <wk@g10code.com>
* taskbar.c: New.
* trustlist.c (read_one_trustfile): Replace GNUPG_SYSCONFDIR by a
function call.
(read_trustfiles): Ditto.
* gpg-agent.c (main): Replace some calls by init_common_subsystems.
* preset-passphrase.c (main): Ditto.
* protect-tool.c (main): Ditto.
2007-06-11 Werner Koch <wk@g10code.com>
* Makefile.am (common_libs): Use libcommonstd macro.
(commonpth_libs): Use libcommonpth macro.
* protect-tool.c (main) [W32]: Call pth_init.
* preset-passphrase.c (main) [W32]: Replace the explicit Winsocket
init by a call to pth_init.
* trustlist.c (initialize_module_trustlist): New.
* gpg-agent.c (main): Call it.
* call-pinentry.c (initialize_module_query): Rename to
initialize_module_call_pinentry.
* minip12.c: Remove iconv.h. Add utf8conf.h. Changed all iconv
calss to use these jnlib wrappers.
2007-06-06 Werner Koch <wk@g10code.com>
* minip12.c (enum): Rename CONTEXT to ASNCONTEXT as winnt.h
defines such a symbol to access the process context.
* call-pinentry.c (dump_mutex_state) [W32]: Handle the W32Pth case.
* call-scd.c (dump_mutex_state): Ditto.
* protect-tool.c (i18n_init): Remove.
* preset-passphrase.c (i18n_init): Remove.
* gpg-agent.c (i18n_init): Remove.
2007-05-19 Marcus Brinkmann <marcus@g10code.de>
* protect-tool.c (get_passphrase): Free ORIG_CODESET on error.
2007-05-14 Werner Koch <wk@g10code.com>
* protect.c (make_shadow_info): Replace sprintf by smklen.
2007-04-20 Werner Koch <wk@g10code.com>
* gpg-agent.c (my_gcry_logger, my_gcry_outofcore_handler): Removed.
(main): Call the setup_libgcrypt_logging helper.
* protect-tool.c (my_gcry_logger): Removed.
(main): Call the setup_libgcrypt_logging helper.
2007-04-03 Werner Koch <wk@g10code.com>
* trustlist.c (read_trustfiles): Take a missing trustlist as an
empty one.
2007-03-20 Werner Koch <wk@g10code.com>
* protect-tool.c: New option --p12-charset.
* minip12.c (p12_build): Implement it.
2007-03-19 Werner Koch <wk@g10code.com>
* minip12.c: Include iconv.h.
(decrypt_block): New.
(parse_bag_encrypted_data, parse_bag_data): Use it here.
(bag_data_p, bag_decrypted_data_p): New helpers.
2007-03-06 Werner Koch <wk@g10code.com>
* gpg-agent.c (main) <gpgconf>: Add entries for all ttl options.
2007-02-20 Werner Koch <wk@g10code.com>
* call-pinentry.c (start_pinentry): Fix for OS X to allow loading
of the bundle. Tested by Benjamin Donnachie.
2007-02-14 Werner Koch <wk@g10code.com>
* gpg-agent.c: New option --pinentry-touch-file.
(get_agent_socket_name): New.
* agent.h (opt): Add pinentry_touch_file.
* call-pinentry.c (start_pinentry): Send new option to the
pinentry.
2007-01-31 Moritz Schulte <moritz@g10code.com> (wk)
* command-ssh.c (stream_read_string): Initialize LENGTH to zero.
(start_command_handler_ssh): Use es_fgetc/es_ungetc to check if
EOF has been reached before trying to process another request.
2007-01-31 Werner Koch <wk@g10code.com>
* command-ssh.c (start_command_handler_ssh):
* Makefile.am (t_common_ldadd): Add LIBICONV.
2007-01-25 Werner Koch <wk@g10code.com>
* genkey.c (check_passphrase_constraints): Get ngettext call right
and use UTF-8 aware strlen.
* protect-tool.c (get_passphrase): New arg OPT_CHECK.
(get_new_passphrase): Enable OPT_CHECK on the first call.
* command.c (cmd_get_passphrase): Implement option --check.
2007-01-24 Werner Koch <wk@g10code.com>
* gpg-agent.c (MIN_PASSPHRASE_LEN): New
(parse_rereadable_options): New option --min-passphrase-len.
* genkey.c (check_passphrase_constraints): New.
(agent_genkey, agent_protect_and_store): Call new function. Fix
memory leak.
* call-pinentry.c (agent_askpin): Allow translation of the displayed
error message.
(agent_popup_message_start): Remove arg CANCEL_BTN.
(popup_message_thread): Use --one-button option.
* command.c (cmd_passwd): Now that we don't distinguish between
assuan and regular error codes we can jump to the end on error.
2006-12-07 David Shaw <dshaw@jabberwocky.com>
* Makefile.am: Link to iconv for jnlib dependency.
2006-11-20 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_popup_message_stop): Use SIGKILL.
* call-scd.c (inq_needpin): Implement POPUPKEYPADPROMPT and
DISMISSKEYPADPROMPT.
2006-11-15 Werner Koch <wk@g10code.com>
* protect.c (make_shadow_info): Cast printf arg to unsigned int.
* minip12.c (parse_bag_encrypted_data): Ditto.
(parse_bag_data, p12_parse): Ditto.
* command-ssh.c (ssh_identity_register): Changed buffer_n to
size_t.
* agent.h (struct server_control_s): New field thread_startup.
* command.c (start_command_handler): Moved CTRL init code to ..
* gpg-agent.c (start_connection_thread): .. here.
(agent_deinit_default_ctrl): New.
(agent_init_default_ctrl): Made static.
(handle_connections): Allocate CTRL and pass it pth_spawn.
* command-ssh.c (start_command_handler_ssh): Moved CTRL init code
to ..
* gpg-agent.c (start_connection_thread_ssh): .. here.
2006-11-14 Werner Koch <wk@g10code.com>
* command.c (bump_key_eventcounter): New.
(bump_card_eventcounter): New.
(cmd_geteventcounter): New command.
* gpg-agent.c (handle_signal): Call bump_card_eventcounter.
* findkey.c (agent_write_private_key): Call bump_key_eventcounter.
* trustlist.c (agent_reload_trustlist): Ditto.
* command.c (post_cmd_notify, io_monitor): New.
(register_commands, start_command_handler): Register them.
2006-11-09 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): In detached mode connect standard
descriptors to /dev/null.
* trustlist.c (read_trustfiles): Make sure not to pass a zero size
to realloc as the C standards says that this behaves like free.
2006-11-06 Werner Koch <wk@g10code.com>
* protect-tool.c (my_strusage): Fixed typo.
2006-10-23 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): New command --gpgconf-test.
* minip12.c (parse_bag_encrypted_data, parse_bag_data): Allow for
a salt of 20 bytes.
2006-10-20 Werner Koch <wk@g10code.com>
* Makefile.am (t_common_ldadd): Use GPG_ERROR_LIBS instead -o just -l
2006-10-19 Werner Koch <wk@g10code.com>
* findkey.c (unprotect): Use it to avoid unnecessary calls to
agent_askpin.
* call-pinentry.c (pinentry_active_p): New.
2006-10-17 Werner Koch <wk@g10code.com>
* Makefile.am (gpg_agent_LDADD): Link to libcommonpth.
(gpg_agent_CFLAGS): New. This allows to only link this with Pth.
2006-10-16 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_confirmation): Map Cancel code here too.
* trustlist.c (agent_marktrusted): Return Cancel instead of
Not_Confirmed for the first question.
2006-10-12 Werner Koch <wk@g10code.com>
* protect-tool.c (get_passphrase): Fix if !HAVE_LANGINFO_CODESET.
2006-10-06 Werner Koch <wk@g10code.com>
* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
(gpg_agent_LDADD): Ditto.
* divert-scd.c (divert_pksign): Use PKAUTH for the TLS algo.
2006-10-05 Werner Koch <wk@g10code.com>
* command.c (has_option_name): New.
(cmd_sethash): New --hash option.
* pksign.c (do_encode_raw_pkcs1): New.
(agent_pksign_do): Use it here for the TLS algo.
* agent.h (GCRY_MD_USER_TLS_MD5SHA1): New.
* divert-scd.c (pksign): Add case for tls-md5sha1.
* divert-scd.c (encode_md_for_card): Check that the algo is valid.
2006-10-04 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_get_passphrase): Changed to return the
unencoded passphrase.
(agent_askpin, agent_get_passphrase, agent_get_confirmation): Need
to map the cancel error.
* command.c (send_back_passphrase): New.
(cmd_get_passphrase): Use it here. Also implement --data option.
(skip_options): New.
2006-09-26 Werner Koch <wk@g10code.com>
* learncard.c (agent_handle_learn): Send back the keypair
information.
2006-09-25 Werner Koch <wk@g10code.com>
* trustlist.c (read_one_trustfile): Allow extra flags.
(struct trustitem_s): Replaced KEYFLAGS by a FLAGS struct.
Changed all code to use this.
(agent_istrusted): New arg CTRL. Changed all callers. Send back
flags.
* command.c (agent_write_status): New.
2006-09-20 Werner Koch <wk@g10code.com>
* Makefile.am: Changes to allow parallel make runs.
2006-09-15 Werner Koch <wk@g10code.com>
* trustlist.c: Entirely rewritten.
(agent_trustlist_housekeeping): Removed and removed all calls.
2006-09-14 Werner Koch <wk@g10code.com>
Replaced all call gpg_error_from_errno(errno) by
gpg_error_from_syserror().
* call-pinentry.c (start_pinentry): Replaced pipe_connect2 by
pipe_connect_ext.
* call-scd.c (start_scd): Ditto.
* command.c (start_command_handler): Replaced
init_connected_socket_server by init_socket_server_ext.
2006-09-13 Werner Koch <wk@g10code.com>
* preset-passphrase.c (main) [W32]: Check for WSAStartup error.
2006-09-08 Werner Koch <wk@g10code.com>
* call-scd.c: Add signal.h as we are referencing SIGUSR2.
2006-09-06 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (AM_CFLAGS): Add $(GPG_ERR_CFLAGS).
(gpg_agent_LDADD): Replace -lgpg-error with $(GPG_ERROR_LIBS).
2006-09-06 Werner Koch <wk@g10code.com>
* query.c: Renamed to ..
* call-pinentry.c: .. this.
* agent.h (out_of_core): Removed.
(CTRL): Removed and changed everywhere to ctrl_t.
Replaced all Assuan error codes by libgpg-error codes. Removed
all map_to_assuan_status and map_assuan_err.
* gpg-agent.c (main): Call assuan_set_assuan_err_source to have Assuan
switch to gpg-error codes.
* command.c (set_error): Adjusted.
2006-09-04 Werner Koch <wk@g10code.com>
* command.c (percent_plus_unescape): New.
(cmd_get_val, cmd_putval): New.
2006-08-29 Werner Koch <wk@g10code.com>
* command-ssh.c (stream_read_mpi): Sanity check for early
detecting of too large keys.
* gpg-agent.c (my_gcry_outofcore_handler): New.
(main): Register it.
(main): No allocate 32k secure memory (was 16k).
2006-07-31 Werner Koch <wk@g10code.com>
* preset-passphrase.c (make_hexstring): For consistency use
xtrymalloc and changed caller to use xfree. Fixed function
comment.
2006-07-29 Marcus Brinkmann <marcus@g10code.de>
* preset-passphrase.c (preset_passphrase): Do not strip off last
character of passphrase.
(make_hexstring): New function.
* command.c (cmd_preset_passphrase): Use parse_hexstring to syntax
check passphrase argument. Truncate passphrase at delimiter.
2006-07-24 Werner Koch <wk@g10code.com>
* minip12.c (build_key_bag): New args SHA1HASH and
KEYIDSTR. Append bag Attributes if these args are given.
(build_cert_sequence): ditto.
(p12_build): Calculate certificate hash and pass to build
functions.
2006-07-21 Werner Koch <wk@g10code.com>
* minip12.c (oid_pkcs_12_keyBag): New.
(parse_bag_encrypted_data): New arg R_RESULT. Support keybags and
return the key object.
(p12_parse): Take new arg into account. Free RESULT on error.
2006-06-26 Werner Koch <wk@g10code.com>
* gpg-agent.c (handle_signal): Print info for SIGUSR2 only in
verbose mode.
2006-06-22 Werner Koch <wk@g10code.com>
* command-ssh.c (make_cstring): Use memcpy instead of strncpy.
(ssh_receive_mpint_list, sexp_key_extract, data_sign): Use
xtrycalloc instead of xtrymalloc followed by memset.
2006-06-20 Werner Koch <wk@g10code.com>
* minip12.c (create_final): New arg PW. Add code to calculate the
MAC.
2006-06-09 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
(gpg_protect_tool_LDADD): Likewise.
(gpg_preset_passphrase_LDADD): Likewise.
2006-04-09 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
possible DoS attack.
2006-04-01 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
byte - KEY_GRIP_RAW is a raw binary string anyway.
2006-02-09 Werner Koch <wk@g10code.com>
* call-scd.c (struct scd_local_s): New field next_local.
(scd_local_list): New.
(start_scd): Put new local into list.
(agent_reset_scd): Remove it from the list.
(agent_scd_check_aliveness): Here is the actual reason why we need
all this stuff.
(agent_reset_scd): Send the new command RESTART instead of RESET.
2005-12-16 Werner Koch <wk@g10code.com>
* minip12.c (cram_octet_string): New
(p12_parse): Use it for NDEFed bags.
(parse_bag_data): Ditto.
(string_to_key, set_key_iv, crypt_block): New arg SALTLEN.
(p12_build): Use old value 8 for new arg.
(parse_bag_encrypted_data, parse_bag_data): Allow for salts of 8
to 16 bytes. Add new arg R_CONSUMED.
2005-11-24 Werner Koch <wk@g10code.com>
* minip12.c (p12_parse): Fixed for case that the key object comes
prior to the certificate.
2005-10-19 Werner Koch <wk@g10code.com>
* divert-scd.c (getpin_cb): Hack to use it for a keypad message.
* call-scd.c (inq_needpin): Reworked to support the new KEYPADINFO.
* query.c (start_pinentry): Keep track of the owner.
(popup_message_thread, agent_popup_message_start)
(agent_popup_message_stop, agent_reset_query): New.
* command.c (start_command_handler): Make sure a popup window gets
closed.
2005-10-08 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (gpg_protect_tool_LDADD): Add ../gl/libgnu.a.
(gpg_preset_passphrase_LDADD, t_common_ldadd): Likewise.
(gpg_agent_LDADD): Add ../gl/libgnu.a after ../common/libcommon.a.
2005-09-16 Werner Koch <wk@g10code.com>
* minip12.c (build_key_sequence, build_cert_sequence): Fixed
padding.
2005-09-15 Moritz Schulte <moritz@g10code.com>
* t-protect.c (test_agent_protect): Implemented.
(main): Disable use of secure memory.
2005-09-09 Werner Koch <wk@g10code.com>
* minip12.c (p12_build): Oops, array needs to be larger for the
certificate.
(build_cert_bag): Fixed yesterdays change.
* command-ssh.c (card_key_available): Let the card handler decide
whether the card is supported here. Also get a short serial
number to return from the card handler.
2005-09-08 Werner Koch <wk@g10code.com>
* minip12.c (build_cert_bag): Use a non constructed object.
i.e. 0x80 and not 0xa0.
2005-08-16 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Use a default file name for --write-env-file.
2005-07-25 Werner Koch <wk@g10code.com>
* findkey.c (agent_public_key_from_file): Fixed array assignment.
This was the cause for random segvs.
2005-06-29 Werner Koch <wk@g10code.com>
* command-ssh.c (data_sign): Removed empty statement.
2005-06-21 Werner Koch <wk@g10code.com>
* minip12.c (create_final): Cast size_t to ulong for printf.
(build_key_bag, build_cert_bag, build_cert_sequence): Ditto.
2005-06-16 Werner Koch <wk@g10code.com>
* protect-tool.c (make_advanced): Makde RESULT a plain char.
* call-scd.c (unescape_status_string): Need to cast unsigned char*
for strcpy.
(agent_card_pksign): Made arg R_BUF an unsigned char**.
* divert-scd.c (divert_pksign): Made SIGVAL unsigned char*.
(encode_md_for_card): Initialize R_VAL and R_LEN.
* genkey.c (store_key): Made BUF unsigned.
* protect.c (do_encryption): Ditto.
(do_encryption): Made arg PROTBEGIN unsigned. Initialize RESULT
and RESULTLEN even on error.
(merge_lists): Need to cast unsigned char * for strcpy. Initialize
RESULTand RESULTLEN even on error.
(agent_unprotect): Likewise for strtoul.
(make_shadow_info): Made P and INFO plain char.
(agent_shadow_key): Made P plain char.
2005-06-15 Werner Koch <wk@g10code.com>
* query.c (agent_get_passphrase): Made HEXSTRING a char*.
* command-ssh.c (ssh_key_grip): Made arg BUFFER unsigned.
(ssh_key_grip): Simplified.
(data_sign): Initialize variables with the definition.
(ssh_convert_key_to_blob): Make sure that BLOB and BLOB_SIZE
are set to NULL on error. Cool, gcc-4 detects uninitialized stuff
beyond function boundaries; well it can't know that we do error
proper error handling so that this was not a real error.
(file_to_buffer): Likewise for BUFFER and BUFFER_N.
(data_sign): Likewise for SIG and SIG_N.
(stream_read_byte): Set B to a value even on error.
* command.c (cmd_genkey): Changed VALUE to char.
(cmd_readkey): Cast arg for gcry_sexp_sprint.
* agent.h (struct server_control_s): Made KEYGRIP unsigned.
2005-06-13 Werner Koch <wk@g10code.com>
* command-ssh.c (start_command_handler_ssh): Reset the SCD.
2005-06-09 Werner Koch <wk@g10code.com>
* gpg-agent.c (create_socket_name): New option --max-cache-ttl-ssh.
* cache.c (housekeeping): Use it.
(agent_put_cache): Use a switch to get the default ttl so that it
is easier to add more cases.
2005-06-06 Werner Koch <wk@g10code.com>
* gpg-agent.c: New option --default-cache-ttl-ssh.
* agent.h (cache_mode_t): New.
* pksign.c (agent_pksign_do): New arg CACHE_MODE to replace the
ARG IGNORE_CACHE. Changed all callers.
(agent_pksign): Ditto.
* findkey.c (agent_key_from_file): Ditto. Canged all callers.
(unprotect): Ditto.
* command-ssh.c (data_sign): Use CACHE_MODE_SSH.
* cache.c (agent_get_cache): New arg CACHE_MODE.
(agent_put_cache): Ditto. Store it in the cache.
* query.c (agent_query_dump_state, dump_mutex_state): New.
(unlock_pinentry): Reset the global context before releasing the
mutex.
* gpg-agent.c (handle_signal): Dump query.c info on SIGUSR1.
* call-scd.c (agent_scd_check_aliveness): Always do a waitpid and
add a timeout to the locking.
2005-06-03 Werner Koch <wk@g10code.com>
* command.c (cmd_updatestartuptty): New.
* gpg-agent.c: New option --write-env-file.
* gpg-agent.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.
2005-06-02 Werner Koch <wk@g10code.com>
* call-scd.c (agent_scd_dump_state, dump_mutex_state): New.
* gpg-agent.c (handle_signal): Print it on SIGUSR1.
(handle_connections): Include the file descriptor into the
threadnames.
2005-06-01 Werner Koch <wk@g10code.com>
* gpg-agent.c: Include setenv.h.
2005-05-31 Werner Koch <wk@g10code.com>
* agent.h (out_of_core): s/__inline__/inine. Noted by Ray Link.
2005-05-25 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Do not unset the DISPLAY when we are
continuing as child.
2005-05-24 Werner Koch <wk@g10code.com>
* call-scd.c (inq_needpin): Skip leading spaces in of PIN
description.
* divert-scd.c (getpin_cb): Enhanced to cope with description
flags.
* query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all
callers.
2005-05-21 Werner Koch <wk@g10code.com>
* call-scd.c (start_scd): Don't test for an alive scdaemon here.
(agent_scd_check_aliveness): New.
* gpg-agent.c (handle_tick): Test for an alive scdaemon.
(handle_signal): Print thread info on SIGUSR1.
2005-05-20 Werner Koch <wk@g10code.com>
* protect-tool.c: New option --canonical.
(show_file): Implement it.
* keyformat.txt: Define the created-at attribute for keys.
2005-05-18 Werner Koch <wk@g10code.com>
* divert-scd.c (ask_for_card): Removed the card reset kludge.
2005-05-17 Werner Koch <wk@g10code.com>
* call-scd.c (unlock_scd): Add new arg CTRL. Changed all callers.
(start_scd): Reoworked to allow for additional connections.
* agent.h (ctrl_t): Add local data for the SCdaemon.
* command.c (start_command_handler): Release SERVER_LOCAL.
* gpg-agent.c (create_server_socket): Use xmalloc.
(main): Removed option --disable-pth a dummy. Removed non-pth
code path.
(cleanup_sh): Removed. Not needed anymore.
2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_key_to_buffer): Rename to ...
(ssh_key_to_protected_buffer): ... this; change callers.
Improved documentation.
Use ssh_key_grip(), where gcry_pk_get_keygrip() has been used
before.
(ssh_handler_sign_request): Removed unusued variable P.
2005-04-20 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities): Removed
debugging code (sleep call), which was commited unintenionally.
2005-04-20 Werner Koch <wk@g10code.com>
* minip12.c (parse_bag_encrypted_data): Fix the unpadding hack.
* gpg-agent.c: New option --disable-scdaemon.
(handle_connections): Add time event to drive ...
(handle_tick): New function.
(main): Record the parent PID. Fixed segv when using ssh and a
command.
* call-scd.c (start_scd): Take care of this option.
2005-04-03 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_spec): New member: secret_input.
(REQUEST_SPEC_DEFINE): New argument: secret_input.
(request_specs): Add secret_input flag.
(request_spec_lookup): New function ...
(ssh_request_process): ... use it here; depending on secret_input
flag allocate secure or non-secure memory.
2005-03-02 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (sexp_key_extract): Removed FIXME, since
xtrymallos does set errno correctly by now.
(sexp_extract_identifier): Remove const attribute from identifier.
(ssh_handler_request_identities): Remove const attribute from
key_type; removes ugly casts and FIXME.
(sexp_key_extract): Remove const attribute from comment.
(ssh_send_key_public): Remove const attribute from
key_type/comment; removes ugly cast.
(data_sign): Remove const attribute from identifier; removes ugly
cast.
(key_secret_to_public): Remove const attribute from comment;
removes ugly cast.
(ssh_handler_sign_request): Remove const attribute from p.
(sexp_key_extract): Use make_cstring().
(ssh_key_extract_comment): Likewise.
(ssh_key_to_buffer): Use secure memory for memory area to hold the
key S-Expression.
Added more comments.
2005-02-25 Werner Koch <wk@g10code.com>
* findkey.c (modify_description): Keep invalid % escapes, so that
%0A may pass through.
* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.
* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.
2005-02-24 Werner Koch <wk@g10code.com>
* call-scd.c (unescape_status_string): New. Actual a copy of
../g10/call-agent.c
(card_getattr_cb, agent_card_getattr): New.
* command-ssh.c (card_key_available): New.
(ssh_handler_request_identities): First see whether a card key is
available.
* gpg-agent.c (handle_connections): Need to check for events if
select returns with -1.
2005-02-23 Werner Koch <wk@g10code.com>
* command-ssh.c (get_passphrase): Removed.
(ssh_identity_register): Partly rewritten.
(open_control_file, search_control_file, add_control_entry): New.
(ssh_handler_request_identities): Return only files listed in our
control file.
* findkey.c (unprotect): Check for allocation error.
* agent.h (opt): Add fields to record the startup terminal
settings.
* gpg-agent.c (main): Record them and do not force keep display
with --enable-ssh-support.
* command-ssh.c (start_command_handler_ssh): Use them here.
* gpg-agent.c: Renamed option --ssh-support to
--enable-ssh-support.
* command.c (cmd_readkey): New.
(register_commands): Register new command "READKEY".
* command-ssh.c (ssh_request_process): Improved logging.
* findkey.c (agent_write_private_key): Always use plain open.
Don't depend on an umask for permissions.
(agent_key_from_file): Factored file reading code out to ..
(read_key_file): .. new function.
(agent_public_key_from_file): New.
2005-02-22 Werner Koch <wk@g10code.com>
* command-ssh.c (stream_read_string): Removed call to abort on
memory error because the CVS version of libgcrypt makes sure
that ERRNO gets always set on error even with a faulty user
supplied function.
2005-02-19 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
not use elems_secret member of key_spec.
(ssh_key_type_spec): Removed member: elems_secret.
(ssh_key_types): Removed elems_secret data.
(ssh_sexp_construct): Renamed to ...
(sexp_key_construct): ... this; changed callers.
(ssh_sexp_extract): Renamed to ...
(sexp_key_extract): ... this; changed callers.
(ssh_sexp_extract_key_type): Renamed to ...
(sexp_extract_identifier): ... this; changed callers; use
make_cstring().
Added more comments.
2005-02-18 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
template, clarified.
(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
protected-private key and shadowed-private-key as public keys.
(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
and ssh_sexp_construct().
2005-02-15 Werner Koch <wk@g10code.com>
* findkey.c (modify_description): Don't increment OUT_LEN during
the second pass.
2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (es_read_byte): Renamed to ...
(stream_es_read_byte): ... this; changed callers.
(es_write_byte): Renamed to ...
(stream_write_byte): ... this; changed callers.
(es_read_uint32): Renamed to ...
(stream_read_uint32): ... this; changed callers.
(es_write_uint32): Renamed to ...
(stream_write_uint32): ... this; changed callers.
(es_read_data): Renamed to ...
(stream_read_data): ... this; changed callers.
(es_write_data): Renamed to ...
(stream_write_data): ... this; changed callers.
(es_read_string): Renamed to ...
(stream_read_string): ... this; changed callers.
(es_read_cstring): Renamed to ...
(stream_read_cstring): ... this; changed callers.
(es_write_string): Renamed to ...
(stream_write_string): ... this; changed callers.
(es_write_cstring): Renamed to ...
(stream_write_cstring): ... this; changed callers.
(es_read_mpi): Renamed to ...
(stream_read_mpi): ... this; changed callers.
(es_write_mpi): Renamed to ...
(stream_write_mpi): ... this; changed callers.
(es_copy): Renamed to ...
(stream_copy): ... this; changed callers.
(es_read_file): Renamed to ...
(file_to_buffer): ... this; changed callers.
(ssh_identity_register): Removed variable description_length;
changed code to use asprintf for description.
(stream_write_uint32): Do not filter out the last byte of shift
expression.
(uint32_construct): New macro ...
(stream_read_uint32): ... use it; removed unnecessary cast.
2005-02-03 Werner Koch <wk@g10code.com>
* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.
* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.
* command-ssh.c: Removed stdint.h. s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):
* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation. Make comment a C-string. Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.
* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value. Documented. Changed callers.
(create_server_socket): Cleanups similar to above. Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this. Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept. Test all FDs after returning from a
select. Remove the event tests from the accept calls. The select
already assured that the accept won't block.
2005-01-29 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities)
(ssh_handler_sign_request, ssh_handler_add_identity)
(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
code instead of a boolean.
(ssh_request_process): Changed to return a boolean instead of an
error; adjust caller.
(ssh_request_handle_t): Adjusted type.
(ssh_request_spec): New member: identifier.
(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
request_specs[].
(ssh_request_process): In debugging mode, log identifier of
handler to execute.
(start_command_handler_ssh): Moved most of the stream handling
code ...
(ssh_request_process): ... here.
2005-01-28 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
ssh_identity_register().
(ssh_identity_register): New argument: ctrl; pass ctrl to
get_passphrase().
(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
(start_command_handler_ssh): Use agent_init_default_ctrl();
deallocate structure members, which might be dynamically
allocated.
(lifetime_default): Removed variable.
(ssh_handler_add_identity): Fix ttl handling; renamed variable
`death' to `ttl'.
(ssh_identity_register): Fix key grip handling.
2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_sign_request): Confirm to agent
protocol in case of failure.
* command-ssh.c: New file.
* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.
* findkey.c (modify_description): New function.
(agent_key_from_file): Support comment field in key s-expressions.
* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
(opts) New entry for oSSHSupport.
New variable: socket_name_ssh.
(cleanup_do): New function based on cleanup().
(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
(main): New switch case for oSSHSupport.
(main): Move socket name creation code to ...
(create_socket_name): ... this new function.
(main): Use create_socket_name() for creating socket names for
socket_name and for socket_name_ssh in case ssh support is
enabled.
Move socket creation code to ...
(create_server_socket): ... this new function.
(main): Use create_server_socket() for creating sockets.
In case standard_socket is set, do not only store a socket name in
socket_name, but also in socket_name_ssh.
Generate additional environment info strings for ssh support.
Pass additional ssh socket argument to handle_connections.
(start_connection_thread_ssh): New function.
(handle_connections): Use select to multiplex between gpg-agent
and ssh-agent protocol.
* agent.h (struct opt): New member: ssh_support.
(start_command_handler_ssh): Add prototype.
2005-01-04 Werner Koch <wk@g10code.com>
* trustlist.c (agent_marktrusted): Use "Cancel" for the first
confirmation and made the strings translatable.
* cache.c (agent_put_cache): Fix the test for using the default
TTL.
2004-12-21 Werner Koch <wk@g10code.com>
* preset-passphrase.c (preset_passphrase): Handle --passphrase.
* Makefile.am (gpg_preset_passphrase_LDADD): Reorder libs so that
pwquery may use stuff from jnlib. Conditionally add -lwsock2
(gpg_protect_tool_LDADD): Ditto.
* preset-passphrase.c (main): Use default_homedir().
(main) [W32]: Initialize sockets.
2004-12-21 Marcus Brinkmann <marcus@g10code.de>
* Makefile.am (libexec_PROGRAMS): Add gpg-preset-passphrase.
(gpg_preset_passphrase_SOURCES, gpg_preset_passphrase_LDADD): New
targets.
* agent.h (opt): New member allow_cache_passphrase.
* cache.c (housekeeping): Check if R->ttl is not negative.
(agent_put_cache): Allow ttl to be negative.
* command.c (parse_hexstring): Allow something to follow the
hexstring.
(cmd_cache_passphrase): New function.
(register_commands): Add it.
* gpg-agent.c: Handle --allow-preset-passphrase.
* preset-passphrase.c: New file.
2004-12-21 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Use default_homedir().
* protect-tool.c (main): Ditto.
2004-12-20 Werner Koch <wk@g10code.com>
* gpg-agent.c (main) [W32]: Now that Mutexes work we can remove
the pth_init kludge.
(main): Add new options --[no-]use-standard-socket.
(check_for_running_agent): Check whether it is running on the
standard socket.
* call-scd.c (init_membuf, put_membuf, get_membuf): Removed. We
now use the identical implementation from ../common/membuf.c.
* pksign.c (agent_pksign): Changed arg OUTFP to OUTBUF and use
membuf functions to return the value.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* genkey.c (agent_genkey): Ditto.
* command.c (cmd_pksign, cmd_pkdecrypt, cmd_genkey): Replaced
assuan_get_data_fp() by a the membuf scheme.
(clear_outbuf, write_and_clear_outbuf): New.
2004-12-19 Werner Koch <wk@g10code.com>
* query.c (initialize_module_query): New.
* call-scd.c (initialize_module_call_scd): New.
* gpg-agent.c (main): Call them.
2004-12-18 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): Remove special Pth initialize.
* agent.h (map_assuan_err): Define in terms of
map_assuan_err_with_source.
2004-12-17 Moritz Schulte <moritz@g10code.com>
* query.c: Undo change from 2004-12-05.
2004-12-15 Werner Koch <wk@g10code.com>
* gpg-agent.c [W32]: Various hacks to make it work.
* findkey.c (agent_write_private_key) [W32]: Adjust open call.
* call-scd.c (start_scd) [W32]: Don't check whether the daemon
didn't died. To hard to do under Windows.
(start_scd) [W32]: Disable sending of the event signal option.
* protect-tool.c (read_file, export_p12_file) [W32]: Use setmode
to get stdout and stin into binary mode.
2004-12-05 Moritz Schulte <moritz@g10code.com>
* query.c (start_pinentry): Allow CTRL be NULL.
2004-10-22 Werner Koch <wk@g10code.com>
* gpg-agent.c (parse_rereadable_options): Return "not handled"
when the log file has not beend hadled. This is will let the main
option processing continue. Fixed a bug introduced on 2004-09-4
resulting in logging to stderr until a HUP has been given.
(main): Don't close the listen FD.
2004-09-30 Werner Koch <wk@g10code.com>
* Makefile.am: Adjusted from gettext 1.14.
2004-09-29 Werner Koch <wk@g10code.com>
* minip12.c (parse_bag_encrypted_data): Print error if a bad
passphrase has been given.
2004-09-28 Werner Koch <wk@g10code.com>
* protect.c (agent_unprotect): Fixed wiping of CLEARTEXT. Thanks
to Moritz for pointing this out.
2004-09-25 Moritz Schulte <moritz@g10code.com>
* agent.h: Declare: agent_pksign_do.
(struct server_control_s): New member: raw_value.
* pksign.c (do_encode_md): New argument: raw_value; support
generation of raw (non-pkcs1) data objects; adjust callers.
(agent_pksign_do): New function, based on code ripped
out from agent_pksign.
(agent_pksign): Use agent_pksign_do.
* command.c (start_command_handler): Set ctrl.digest.raw_value.
2004-09-09 Werner Koch <wk@g10code.de>
* gpg-agent.c (check_for_running_agent): New.
(main): The default action is now to check for an already running
agent.
(parse_rereadable_options): Set logfile only on reread.
(main): Do not print the "is development version" note.
2004-08-20 Werner Koch <wk@g10code.de>
* gpg-agent.c: New option --max-cache-ttl. Suggested by Alexander
Belopolsky.
* cache.c (housekeeping): Use it here instead of the hardwired
default of 1 hour.
* query.c (start_pinentry): Use a timeout for the pinentry lock.
2004-08-18 Werner Koch <wk@g10code.de>
* protect-tool.c (get_passphrase): Make sure that the default
prompts passed to gpg-agent are utf-8 encoded. Add new prompt values.
(import_p12_file, import_p12_file, export_p12_file): Changed calls
to get_passphrase so that better prompts are displayed.
(get_new_passphrase): New.
2004-07-22 Werner Koch <wk@g10code.de>
* trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.
* gpg-agent.c (handle_connections): Increase the stack size ot 256k.
2004-06-20 Moritz Schulte <moritz@g10code.com>
* gpg-agent.c: Include <sys/stat.h> (build fix for BSD).
2004-05-11 Werner Koch <wk@gnupg.org>
* gpg-agent.c (handle_signal): Reload the trustlist on SIGHUP.
(start_connection_thread): Hack to simulate a ticker.
* trustlist.c (agent_trustlist_housekeeping)
(agent_reload_trustlist): New. Protected all global functions
here with a simple counter which is sufficient for Pth.
2004-05-03 Werner Koch <wk@gnupg.org>
* gpg-agent.c: Remove help texts for options lile --lc-ctype.
(main): New option --allow-mark-trusted.
* trustlist.c (agent_marktrusted): Use it here.
2004-04-30 Werner Koch <wk@gnupg.org>
* protect-tool.c: New option --enable-status-msg.
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.
* gpg-agent.c (parse_rereadable_options): New arg REREAD. Allow
changing oLogFile.
(current_logfile): New.
2004-04-26 Werner Koch <wk@gnupg.org>
* call-scd.c (start_scd): Do not register an event signal if we
are running as a pipe server.
2004-04-21 Werner Koch <wk@gnupg.org>
* call-scd.c (start_scd): Send event-signal option. Always check
that the scdaemon is still running.
* gpg-agent.c (handle_signal): Do not use SIGUSR{1,2} anymore for
changing the verbosity.
2004-04-16 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Tell the logging code that we are running
detached.
2004-04-06 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.
2004-03-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (main): For now, always print the default config
file name for --gpgconf-list.
2004-03-17 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main) <gpgconf>: Fixed default value quoting.
2004-03-16 Werner Koch <wk@gnupg.org>
* gpg-agent.c (parse_rereadable_options): Use the new
DEFAULT_CACHE_TTL macro.
(main): Updated --gpgconf-list output.
2004-02-21 Werner Koch <wk@gnupg.org>
* command.c (cmd_passwd): Take acount of a key description.
* genkey.c (reenter_compare_cb): Do not set the error text.
(agent_protect_and_store, agent_genkey): Force a re-enter after a
non-matching passphrase.
* query.c (agent_askpin): Add new arg INITIAL_ERRTEXT; changed
all callers.
2004-02-19 Werner Koch <wk@gnupg.org>
* protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build. Detect a keygrip and construct the filename in that
case. Unprotcet a key if needed. Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.
* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.
2004-02-18 Werner Koch <wk@gnupg.org>
* protect-tool.c (main): Setup the used character set.
* gpg-agent.c (main): Ditto.
* gpg-agent.c (set_debug): New. New option --debug-level.
(main): New option --gpgconf-list.
2004-02-17 Werner Koch <wk@gnupg.org>
* pksign.c (do_encode_md): Cleaned up by using gcry_sexp_build.
* Makefile.am (gpg_protect_tool_SOURCES): Removed
simple-pwquery.[ch], as we once moved it to ../common.
2004-02-13 Werner Koch <wk@gnupg.org>
* command.c (cmd_setkeydesc): New.
(register_commands): Add command SETKEYDESC.
(cmd_pksign, cmd_pkdecrypt): Use the key description.
(reset_notify): Reset the description.
* findkey.c (unprotect): Add arg DESC_TEXT.
(agent_key_from_file): Ditto.
* pksign.c (agent_pksign): Ditto.
* pkdecrypt.c (agent_pkdecrypt): Ditto. Made CIPHERTEXT an
unsigned char*.
* protect-tool.c (main): New options --no-fail-on-exist, --homedir.
(store_private_key): Use them here.
2004-02-12 Werner Koch <wk@gnupg.org>
* protect-tool.c (read_file, main): Allow reading from stdin.
* Makefile.am: Include cmacros.am for common flags.
(libexec_PROGRAMS): Put gpg-protect-tool there.
2004-02-10 Werner Koch <wk@gnupg.org>
* minip12.c (parse_bag_encrypted_data): Finished implementation.
(p12_parse): Add callback args.
* protect-tool.c (import_p12_cert_cb): New.
(import_p12_file): Use it.
2004-02-06 Werner Koch <wk@gnupg.org>
* minip12.c (crypt_block): Add arg CIPHER_ALGO; changed all callers.
(set_key_iv): Add arg KEYBYTES; changed caller.
2004-02-03 Werner Koch <wk@gnupg.org>
* findkey.c (agent_key_from_file): Extra paranoid wipe.
* protect.c (agent_unprotect): Ditto.
(merge_lists): Ditto. Add arg RESULTLEN.
* pkdecrypt.c (agent_pkdecrypt): Don't show the secret key even in
debug mode.
* protect.c: Add DSA and Elgamal description.
2004-01-29 Werner Koch <wk@gnupg.org>
* agent.h (server_control_s): Add connection_fd field.
* command.c (start_command_handler): Init it here.
* gpg-agent.c (agent_init_default_ctrl): and here.
* call-scd.c: Add the CTRL arg to all functions calling start_scd
and pass it to start_scd. Changed all callers
(start_scd): Keep track of the current active connection.
(agent_reset_scd): New.
* command.c (start_command_handler): Call it here.
* learncard.c (agent_handle_learn): Add arg CTRL; changed caller.
(send_cert_back): Ditto.
2004-01-28 Werner Koch <wk@gnupg.org>
* trustlist.c (agent_marktrusted): Check whether the trustlist is
writable.
2004-01-27 Werner Koch <wk@gnupg.org>
* sexp-parse.h: Moved to ../common.
2004-01-24 Werner Koch <wk@gnupg.org>
* call-scd.c (atfork_cb): New.
(start_scd): Make sure secmem gets cleared.
* query.c (atfork_cb): New.
(start_pinentry): Make sure secmem gets cleared.
2004-01-16 Werner Koch <wk@gnupg.org>
* findkey.c (agent_key_from_file): Now return an error code so
that we have more detailed error messages in the upper layers.
This fixes the handling of pinentry's cancel button.
* pksign.c (agent_pksign): Changed accordingly.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* command.c (cmd_passwd): Ditto.
2003-12-16 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Set the prefixes for assuan logging.
2003-12-15 Werner Koch <wk@gnupg.org>
* protect.c (do_encryption): Use gcry_create_nonce instad of the
obsolete WEAK_RANDOM.
2003-11-20 Werner Koch <wk@gnupg.org>
* sexp-parse.h (snext): Don't use atoi_1 and digitp macros, so
that this file is useful by other applications too.
2003-10-27 Werner Koch <wk@gnupg.org>
* command.c (cmd_get_confirmation): New command.
2003-08-20 Timo Schulz <twoaday@freakmail.de>
* pksign.c (do_encode_md): Allocate enough space. Cast md
byte to unsigned char to prevent sign extension.
2003-08-14 Timo Schulz <twoaday@freakmail.de>
* pksign.c (do_encode_md): Due to the fact pkcs#1 padding
is now in Libgcrypt, use the new interface.
2003-07-31 Werner Koch <wk@gnupg.org>
* Makefile.am (gpg_agent_LDADD): Added INTLLIBS.
(gpg_protect_tool_SOURCES): Added simple-pwquery.[ch]
2003-07-27 Werner Koch <wk@gnupg.org>
Adjusted for gcry_mpi_print and gcry_mpi_scan API change.
2003-07-15 Werner Koch <wk@gnupg.org>
* simple-pwquery.c, simple-pwquery.h: Moved to ../common.
* Makefile.am (gpg_protect_tool_LDADD): Add simple-pwquery.o.
Removed it from xx_SOURCES.
2003-07-04 Werner Koch <wk@gnupg.org>
* gpg-agent.c (handle_connections): Kludge to allow use of Pth 1
and 2.
2003-06-30 Werner Koch <wk@gnupg.org>
* call-scd.c (learn_status_cb): Store the serialno in PARM.
2003-06-26 Werner Koch <wk@gnupg.org>
* call-scd.c (agent_card_serialno): Don't do a RESET anymore.
2003-06-25 Werner Koch <wk@gnupg.org>
* command.c (cmd_scd): New.
* call-scd.c (agent_card_scd): New.
* divert-scd.c (divert_generic_cmd): New
* call-scd.c (agent_card_learn): New callback args SINFO.
(learn_status_cb): Pass all other status lines to the sinfo
callback.
* learncard.c (release_sinfo, sinfo_cb): New.
(agent_handle_learn): Pass the new cb to the learn function and
pass the collected information back to the client's assuan
connection.
* gpg-agent.c (main): Moved pth_init before gcry_check_version.
2003-06-24 Werner Koch <wk@gnupg.org>
* gpg-agent.c (handle_connections): Adjusted for Pth 2.0
Adjusted for changes in the libgcrypt API. Some more fixes for the
libgpg-error stuff.
2003-06-04 Werner Koch <wk@gnupg.org>
Renamed error codes from INVALID to INV and removed _ERROR suffixes.
2003-06-03 Werner Koch <wk@gnupg.org>
Changed all error codes in all files to the new libgpg-error scheme.
* agent.h: Include gpg-error.h and errno.h
* Makefile.am: Link with libgpg-error
* query.c: assuan.h is now a system header.
* genkey.c (agent_genkey): Fixed silly use of xmalloc by
xtrymalloc.
2003-04-29 Werner Koch <wk@gnupg.org>
* command.c (register_commands): Adjusted for new Assuan semantics.
* Makefile.am: Don't override LDFLAGS.
2002-12-04 Werner Koch <wk@gnupg.org>
* gpg-agent.c: New variable config_filename.
(parse_rereadable_options): New.
(main): Use it here. Add setting of default values, set
config_filename.
(reread_configuration): Filled with actual code.
2002-12-03 Werner Koch <wk@gnupg.org>
* protect-tool.c (read_key): Don't run make_canonical on a NULL
buffer.
* command.c (parse_hexstring): New.
(cmd_sethash): Use it.
(parse_keygrip): New.
(cmd_havekey, cmd_sigkey): Use it.
(cmd_passwd): New.
* genkey.c (agent_protect_and_store): New.
(store_key): Add arg FORCE.
(agent_genkey): Pass false to this force of store_key.
2002-11-13 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Switch all messages to utf-8.
* simple-pwquery.c (agent_send_all_options): Use $GPG_TTY and
stdin with ttyname.
* cache.c (new_data): Uiih - /sizeof d/sizeof *d/.
2002-11-10 Werner Koch <wk@gnupg.org>
* command.c (option_handler): Fix keep_tty check.
2002-11-06 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Make sure we have a default ttyname.
* command.c (option_handler): Check opt.keep_tty here
* query.c (start_pinentry): but not anymore here.
2002-11-05 Werner Koch <wk@gnupg.org>
* agent.h (opt,server_control_s): Move display and lc_ variables
to the control struct so that they are per connection.
* gpg-agent.c (agent_init_default_ctrl): New.
(main): Assign those command line options to new default_* variables.
Reset DISPLAY in server mode so that tehre is no implicit default.
* command.c (start_command_handler): Initialize and deinitialize
the control values.
(option_handler): Work on the ctrl values and not on the opt.
* query.c (start_pinentry): New argument CTRL to set the display
connection specific. Changed all callers to pass this value.
(agent_askpin,agent_get_passphrase,agent_get_confirmation): Add
CTRL arg and pass it ot start_pinentry.
* command.c (cmd_get_passphrase): Pass CTRL argument.
* trustlist.c (agent_marktrusted): Add CTRL argument
* command.c (cmd_marktrusted): Pass CTRL argument
* divert-scd.c (ask_for_card): Add CTRL arg.
(divert_pksign,divert_pkdecrypt): Ditto. Changed caller.
(getpin_cb): Use OPAQUE to pass the CTRL variable. Changed both
users.
* findkey.c (unprotect): Add CTRL arg.
(agent_key_from_file): Ditto.
* query.c (unlock_pinentry): Disconnect the pinentry so that we
start a new one for each request. This is required to support
clients with different environments (e.g. X magic cookies).
2002-09-05 Neal H. Walfield <neal@cs.uml.edu>
* gpg-agent.c (main) [USE_GNU_PTH]: No need to call
assuan_set_io_func as assuan is smart.
2002-09-25 Werner Koch <wk@gnupg.org>
* gpg-agent.c (handle_signal): Flush cache on SIGHUP.
* cache.c (agent_flush_cache): New.
* gpg-agent.c, agent.h: Add --keep-display and --keep-tty.
* query.c (start_pinentry): Implement them. The option passing
needs more thoughts.
2002-09-09 Werner Koch <wk@gnupg.org>
* gpg-agent.c (create_private_keys_directory)
(create_directories): New.
(main): Try to create a home directory.
2002-09-04 Neal H. Walfield <neal@g10code.de>
* gpg-agent.c (main): Use sigaction, not signal.
2002-09-03 Neal H. Walfield <neal@g10code.de>
* findkey.c: Include <fcntl.h>.
(agent_write_private_key): Prefer POSIX compatibity, open and
fdopen, over the simplicity of GNU extensions, fopen(file, "x").
2002-08-22 Werner Koch <wk@gnupg.org>
* query.c (agent_askpin): Provide the default desc text depending
on the pininfo. Do the basic PIN verification only when
min_digits is set.
2002-08-21 Werner Koch <wk@gnupg.org>
* query.c (agent_askpin): Hack to show the right default prompt.
(agent_get_passphrase): Ditto.
* trans.c: Removed and replaced all usages with standard _()
* divert-scd.c (getpin_cb): Pass a more descritive text to the
pinentry.
* Makefile.am: Renamed the binary protect-tool to gpg-protect-tool.
* protect-tool.c: Removed the note about internal use only.
* gpg-agent.c (main): New option --daemon so that the program is
not accidently started in the background.
2002-08-16 Werner Koch <wk@gnupg.org>
* call-scd.c (learn_status_cb): Handle CERTINFO status.
(agent_card_learn): Add args for certinfo cb.
* learncard.c (release_certinfo,certinfo_cb): New.
(send_cert_back): New. With factored out code from ..
(agent_handle_learn): here. Return certinfo stuff.
2002-07-26 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): New option --ignore-cache-for-signing.
* command.c (option_handler): New server option
use-cache-for-signing defaulting to true.
(cmd_pksign): handle global and per session option.
* findkey.c (agent_key_from_file, unprotect): New arg
ignore_cache. Changed all callers.
* pksign.c (agent_pksign): Likewise.
2002-06-29 Werner Koch <wk@gnupg.org>
* query.c (start_pinentry): Use GNUPG_DERAULT_PINENTRY.
* call-scd.c (start_scd): Use GNUPG_DEFAULT_SCDAEMON.
2002-06-28 Werner Koch <wk@gnupg.org>
* protect-tool.c (export_p12_file): New.
(main): New command --p12-export.
* minip12.c (create_final,p12_build,compute_tag_length): New.
(store_tag_length): New.
2002-06-27 Werner Koch <wk@gnupg.org>
* minip12.c (crypt_block): Renamed from decrypt_block, add arg to
allow encryption.
* Makefile.am (pkglib_PROGRAMS): Put protect-tool there.
* findkey.c (agent_write_private_key,agent_key_from_file)
(agent_key_available): Use GNUPG_PRIVATE_KEYS_DIR constant.
* gpg-agent.c (main): Use GNUPG_DEFAULT_HOMEDIR constant.
* protect-tool.c (store_private_key): New.
(import_p12_file): Store the new file if requested.
(main): New options --force and --store.
* gpg-agent.c (main): Set a global flag when running detached.
* query.c (start_pinentry): Pass the list of FD to keep in the
child when not running detached.
* call-scd.c (start_scd): Ditto.
2002-06-26 Werner Koch <wk@gnupg.org>
* command.c (cmd_istrusted, cmd_listtrusted, cmd_marktrusted)
(cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_get_passphrase)
(cmd_learn): Print an error message for a failed operation.
* simple-pwquery.c, simple-pwquery.h: New.
* protect-tool. (get_passphrase): New, used to get a passphrase
from the agent if none was given on the command line.
2002-06-25 Werner Koch <wk@gnupg.org>
* protect-tool.c (rsa_key_check): New.
(import_p12_file): New.
(main): New command --p12-import.
* minip12.c, minip12.h: New.
2002-06-24 Werner Koch <wk@gnupg.org>
* protect-tool.c (read_file): New.
(read_key): Factored most code out to read_file.
2002-06-17 Werner Koch <wk@gnupg.org>
* agent.h: Add a callback function to the pin_entry_info structure.
* query.c (agent_askpin): Use the callback to check for a correct
PIN. Removed the start_err_text argument because it is not
anymore needed; changed callers.
* findkey.c (unprotect): Replace our own check loop by a callback.
(try_unprotect_cb): New.
* genkey.c (reenter_compare_cb): New.
(agent_genkey): Use this callback here. Fixed setting of the pi2
variable and a segv in case of an empty PIN.
* divert-scd.c (getpin_cb): Removed some unused stuff and
explained what we still have to change.
2002-06-12 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): New option --disable-pth.
2002-06-11 Werner Koch <wk@gnupg.org>
* protect-tool.c: Add command --show-keygrip
(show_keygrip): New.
2002-05-23 Werner Koch <wk@gnupg.org>
* call-scd.c: Seirialized all scdaeom access when using Pth.
* cache.c: Made the cache Pth-thread-safe.
(agent_unlock_cache_entry): New.
* findkey.c (unprotect): Unlock the returned cache value.
* command.c (cmd_get_passphrase): Ditto.
* gpg-agent.c (main): Register pth_read/write with Assuan.
2002-05-22 Werner Koch <wk@gnupg.org>
* query.c: Serialized all pinentry access when using Pth.
* gpg-agent.c (handle_signal,start_connection_thread)
(handle_connections): New
(main): Use the new Pth stuff to allow concurrent connections.
* command.c (start_command_handler): Add new arg FD so that the
fucntion can also be used for an already connected socket.
* Makefile.am: Link with Pth.
2002-05-14 Werner Koch <wk@gnupg.org>
* cache.c (housekeeping, agent_put_cache): Use our time() wrapper.
2002-04-26 Werner Koch <wk@gnupg.org>
* cache.c (agent_put_cache): Reinitialize the creation time and
the ttl when reusing a slot.
* call-scd.c (start_scd): Print debug messages only with debug
flags set.
* query.c (start_pinentry): Ditto.
2002-04-25 Marcus Brinkmann <marcus@g10code.de>
* agent.h (agent_get_confirmation): Replace paramter prompt with
two parameters ok and cancel.
* query.c (agent_get_confirmation): Likewise. Implement this.
* trustlist.c (agent_marktrusted): Fix invocation of
agent_get_confirmation.
* divert-scd.c (ask_for_card): Likewise.
2002-04-24 Marcus Brinkmann <marcus@g10code.de>
* agent.h (struct opt): Add members display, ttyname, ttytype,
lc_ctype, and lc_messages.
* gpg-agent.c (enum cmd_and_opt_values): Add oDisplay, oTTYname,
oTTYtype, oLCctype, and LCmessages.
(main): Handle these options.
* command.c (option_handler): New function.
(register_commands): Register option handler.
* query.c (start_pinentry): Pass the various display and tty
options to the pinentry.
2002-04-05 Werner Koch <wk@gnupg.org>
* protect-tool.c (show_file): New. Used as default action.
2002-03-28 Werner Koch <wk@gnupg.org>
* divert-scd.c (encode_md_for_card): Don't do the pkcs-1 padding,
the scdaemon should take care of it.
(ask_for_card): Hack to not display the trailing zero.
2002-03-11 Werner Koch <wk@gnupg.org>
* learncard.c (kpinfo_cb): Remove the content restrictions from
the keyID.
2002-03-06 Werner Koch <wk@gnupg.org>
* learncard.c: New.
* divert-scd.c (ask_for_card): The serial number is binary so
convert it to hex here.
* findkey.c (agent_write_private_key): New.
* genkey.c (store_key): And use it here.
* pkdecrypt.c (agent_pkdecrypt): Changed the way the diversion is done.
* divert-scd.c (divert_pkdecrypt): Changed interface and
implemented it.
2002-03-05 Werner Koch <wk@gnupg.org>
* call-scd.c (inq_needpin): New.
(agent_card_pksign): Add getpin_cb args.
(agent_card_pkdecrypt): New.
2002-03-04 Werner Koch <wk@gnupg.org>
* pksign.c (agent_pksign): Changed how the diversion is done.
* divert-scd.c (divert_pksign): Changed interface and implemented it.
(encode_md_for_card): New.
* call-scd.c (agent_card_pksign): New.
2002-02-28 Werner Koch <wk@gnupg.org>
* pksign.c (agent_pksign): Detect whether a Smartcard is to be
used and divert the operation in this case.
* pkdecrypt.c (agent_pkdecrypt): Likewise
* findkey.c (agent_key_from_file): Add optional arg shadow_info
and have it return information about a shadowed key.
* protect.c (agent_get_shadow_info): New.
* protect.c (snext,sskip,smatch): Moved to
* sexp-parse.h: New file.
* divert-scd.c: New.
2002-02-27 Werner Koch <wk@gnupg.org>
* protect.c (agent_shadow_key): New.
* command.c (cmd_learn): New command LEARN.
* gpg-agent.c: New option --scdaemon-program.
* call-scd.c (start_scd): New. Based on query.c
* query.c: Add 2 more arguments to all uses of assuan_transact.
2002-02-18 Werner Koch <wk@gnupg.org>
* findkey.c (unprotect): Show an error message for a bad passphrase.
* command.c (cmd_marktrusted): Implemented.
* trustlist.c (agent_marktrusted): New.
(open_list): Add APPEND arg.
* query.c (agent_get_confirmation): New.
2002-02-06 Werner Koch <wk@gnupg.org>
* cache.c (housekeeping): Fixed linking in the remove case.
2002-02-01 Werner Koch <wk@gnupg.org>
* gpg-agent.c: New option --default-cache-ttl.
* cache.c (agent_put_cache): Use it.
* cache.c: Add a few debug outputs.
* protect.c (agent_private_key_type): New.
* agent.h: Add PRIVATE_KEY_ enums.
* findkey.c (agent_key_from_file): Use it to decide whether we
have to unprotect a key.
(unprotect): Cache the passphrase.
* findkey.c (agent_key_from_file,agent_key_available): The key
files do now require a ".key" suffix to make a script's life
easier.
* genkey.c (store_key): Ditto.
2002-01-31 Werner Koch <wk@gnupg.org>
* genkey.c (store_key): Protect the key.
(agent_genkey): Ask for the passphrase.
* findkey.c (unprotect): Actually unprotect the key.
* query.c (agent_askpin): Add an optional start_err_text.
2002-01-30 Werner Koch <wk@gnupg.org>
* protect.c: New.
(hash_passphrase): Based on the GnuPG 1.0.6 version.
* protect-tool.c: New
2002-01-29 Werner Koch <wk@gnupg.org>
* findkey.c (agent_key_available): New.
* command.c (cmd_havekey): New.
(register_commands): And register new command.
2002-01-20 Werner Koch <wk@gnupg.org>
* command.c (cmd_get_passphrase): Remove the plus signs.
* query.c (start_pinentry): Send no-grab option to pinentry
* gpg-agent.c (main): Move variable grab as no_grab to agent.h.
2002-01-19 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): Disable core dumps.
* cache.c: New.
* command.c (cmd_get_passphrase): Use the cache.
(cmd_clear_passphrase): Ditto.
* gpg-agent.c: Removed unused cruft and implement the socket
based server.
(my_strusage): Take bug report address from configure.ac.
* command.c (start_command_handler): Add an argument to start as
regular server.
(start_command_handler): Enable Assuan logging.
2002-01-15 Werner Koch <wk@gnupg.org>
* trustlist.c: New.
* command.c (cmd_istrusted, cmd_listtrusted, cmd_marktrusted): New.
2002-01-07 Werner Koch <wk@gnupg.org>
* genkey.c: Store the secret part and return the public part.
2002-01-03 Werner Koch <wk@gnupg.org>
* command.c (cmd_get_passphrase): New.
(cmd_clear_passphrase): New.
* query.c (agent_get_passphrase): New.
2002-01-02 Werner Koch <wk@gnupg.org>
* genkey.c: New.
* command.c (cmd_genkey): New.
* command.c (rc_to_assuan_status): Removed and changed all callers
to use map_to_assuan_status.
2001-12-19 Werner Koch <wk@gnupg.org>
* keyformat.txt: New.
2001-12-19 Marcus Brinkmann <marcus@g10code.de>
* query.c (start_pinentry): Add new argument to assuan_pipe_connect.
2001-12-18 Werner Koch <wk@gnupg.org>
* Makefile.am: Use LIBGCRYPT macros
2001-12-14 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): New option --batch. New option --debug-wait
n, so that it is possible to attach gdb when used in server mode.
* query.c (agent_askpin): Don't ask in batch mode.
* command.c: Removed the conversion macros as they are now in
../common/util.h.
2001-12-14 Marcus Brinkmann <marcus@g10code.de>
* query.c (LINELENGTH): Removed.
(agent_askpin): Use ASSUAN_LINELENGTH, not LINELENGTH.
2001-11-19 Werner Koch <wk@gnupg.org>
* gpg-agent.c: Removed all GUI code, removed code for old
protocol. New code to use the Assuan protocol as a server and
also to communicate with a new ask-passphrase utility.
2000-11-22 Werner Koch <wk@gnupg.org>
* gpg-agent.c (main): csh support by Dan Winship, new options --sh
and --csh and set default by consulting $SHELL.
Mon Aug 21 17:59:17 CEST 2000 Werner Koch <wk@openit.de>
* gpg-agent.c (passphrase_dialog): Cleanup the window and added the
user supplied text to the window.
(main): Fixed segv in gtk_init when used without a command to start.
* gpg-agent.c: --flush option.
(req_flush): New.
(req_clear_passphrase): Implemented.
Fri Aug 18 14:27:14 CEST 2000 Werner Koch <wk@openit.de>
* gpg-agent.c: New.
* Makefile.am: New.
Copyright 2001, 2002, 2003, 2004, 2005,
2007, 2008, 2009, 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 92a26eb1e..ca150b471 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -1,2303 +1,2303 @@
/* gpg-agent.c - The GnuPG Agent
* Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2009,
* 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <stdarg.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include <time.h>
#include <fcntl.h>
#include <sys/stat.h>
#ifndef HAVE_W32_SYSTEM
# include <sys/socket.h>
# include <sys/un.h>
#endif /*!HAVE_W32_SYSTEM*/
#include <unistd.h>
#ifdef HAVE_SIGNAL_H
# include <signal.h>
#endif
#include <pth.h>
#define JNLIB_NEED_LOG_LOGV
#define JNLIB_NEED_AFLOCAL
#include "agent.h"
#include <assuan.h> /* Malloc hooks and socket wrappers. */
#include "i18n.h"
#include "mkdtemp.h" /* Gnulib replacement. */
#include "sysutils.h"
#include "gc-opt-flags.h"
#include "exechelp.h"
#include "asshelp.h"
enum cmd_and_opt_values
{ aNull = 0,
oCsh = 'c',
oQuiet = 'q',
oSh = 's',
oVerbose = 'v',
oNoVerbose = 500,
aGPGConfList,
aGPGConfTest,
aUseStandardSocketP,
oOptions,
oDebug,
oDebugAll,
oDebugLevel,
oDebugWait,
oNoGreeting,
oNoOptions,
oHomedir,
oNoDetach,
oNoGrab,
oLogFile,
oServer,
oDaemon,
oBatch,
oPinentryProgram,
oPinentryTouchFile,
oDisplay,
oTTYname,
oTTYtype,
oLCctype,
oLCmessages,
oXauthority,
oScdaemonProgram,
oDefCacheTTL,
oDefCacheTTLSSH,
oMaxCacheTTL,
oMaxCacheTTLSSH,
oEnforcePassphraseConstraints,
oMinPassphraseLen,
oMinPassphraseNonalpha,
oCheckPassphrasePattern,
oMaxPassphraseDays,
oEnablePassphraseHistory,
oUseStandardSocket,
oNoUseStandardSocket,
oFakedSystemTime,
oIgnoreCacheForSigning,
oAllowMarkTrusted,
oAllowPresetPassphrase,
oKeepTTY,
oKeepDISPLAY,
oSSHSupport,
oDisableScdaemon,
oWriteEnvFile
};
static ARGPARSE_OPTS opts[] = {
{ aGPGConfList, "gpgconf-list", 256, "@" },
{ aGPGConfTest, "gpgconf-test", 256, "@" },
{ aUseStandardSocketP, "use-standard-socket-p", 256, "@" },
{ 301, NULL, 0, N_("@Options:\n ") },
{ oServer, "server", 0, N_("run in server mode (foreground)") },
{ oDaemon, "daemon", 0, N_("run in daemon mode (background)") },
{ oVerbose, "verbose", 0, N_("verbose") },
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") },
{ oSh, "sh", 0, N_("sh-style command output") },
{ oCsh, "csh", 0, N_("csh-style command output") },
{ oOptions, "options" , 2, N_("|FILE|read options from FILE")},
{ oDebug, "debug" ,4|16, "@"},
{ oDebugAll, "debug-all" ,0, "@"},
{ oDebugLevel, "debug-level" ,2, "@"},
{ oDebugWait,"debug-wait",1, "@"},
{ oNoDetach, "no-detach" ,0, N_("do not detach from the console")},
{ oNoGrab, "no-grab" ,0, N_("do not grab keyboard and mouse")},
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
{ oUseStandardSocket, "use-standard-socket", 0,
N_("use a standard location for the socket")},
{ oNoUseStandardSocket, "no-use-standard-socket", 0, "@"},
{ oPinentryProgram, "pinentry-program", 2 ,
N_("|PGM|use PGM as the PIN-Entry program") },
{ oPinentryTouchFile, "pinentry-touch-file", 2 , "@" },
{ oScdaemonProgram, "scdaemon-program", 2 ,
N_("|PGM|use PGM as the SCdaemon program") },
{ oDisableScdaemon, "disable-scdaemon", 0, N_("do not use the SCdaemon") },
{ oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */
{ oBatch, "batch", 0, "@" },
{ oHomedir, "homedir", 2, "@"},
{ oDisplay, "display", 2, "@" },
{ oTTYname, "ttyname", 2, "@" },
{ oTTYtype, "ttytype", 2, "@" },
{ oLCctype, "lc-ctype", 2, "@" },
{ oLCmessages, "lc-messages", 2, "@" },
{ oXauthority, "xauthority", 2, "@" },
{ oKeepTTY, "keep-tty", 0, N_("ignore requests to change the TTY")},
{ oKeepDISPLAY, "keep-display",
0, N_("ignore requests to change the X display")},
{ oDefCacheTTL, "default-cache-ttl", 4,
N_("|N|expire cached PINs after N seconds")},
{ oDefCacheTTLSSH, "default-cache-ttl-ssh", 4, "@" },
{ oMaxCacheTTL, "max-cache-ttl", 4, "@" },
{ oMaxCacheTTLSSH, "max-cache-ttl-ssh", 4, "@" },
{ oEnforcePassphraseConstraints, "enforce-passphrase-constraints", 0, "@"},
{ oMinPassphraseLen, "min-passphrase-len", 4, "@" },
{ oMinPassphraseNonalpha, "min-passphrase-nonalpha", 4, "@" },
{ oCheckPassphrasePattern, "check-passphrase-pattern", 2, "@" },
{ oMaxPassphraseDays, "max-passphrase-days", 4, "@" },
{ oEnablePassphraseHistory, "enable-passphrase-history", 0, "@" },
{ oIgnoreCacheForSigning, "ignore-cache-for-signing", 0,
N_("do not use the PIN cache when signing")},
{ oAllowMarkTrusted, "allow-mark-trusted", 0,
N_("allow clients to mark keys as \"trusted\"")},
{ oAllowPresetPassphrase, "allow-preset-passphrase", 0,
N_("allow presetting passphrase")},
{ oSSHSupport, "enable-ssh-support", 0, N_("enable ssh-agent emulation") },
{ oWriteEnvFile, "write-env-file", 2|8,
N_("|FILE|write environment settings also to FILE")},
{0}
};
#define DEFAULT_CACHE_TTL (10*60) /* 10 minutes */
#define DEFAULT_CACHE_TTL_SSH (30*60) /* 30 minutes */
#define MAX_CACHE_TTL (120*60) /* 2 hours */
#define MAX_CACHE_TTL_SSH (120*60) /* 2 hours */
#define MIN_PASSPHRASE_LEN (8)
#define MIN_PASSPHRASE_NONALPHA (1)
#define MAX_PASSPHRASE_DAYS (0)
/* The timer tick used for housekeeping stuff. For Windows we use a
longer period as the SetWaitableTimer seems to signal earlier than
- the 2 seconds. */
-#ifdef HAVE_W32_SYSTEM
-#define TIMERTICK_INTERVAL (4)
+ the 2 seconds. CHECK_OWN_SOCKET_INTERVAL defines how often we
+ check our own socket in standard socket mode. If that value is 0
+ we don't check at all. All values are in seconds. */
+#if defined(HAVE_W32CE_SYSTEM)
+# define TIMERTICK_INTERVAL (60)
+# define CHECK_OWN_SOCKET_INTERVAL (0) /* Never */
+#elif defined(HAVE_W32_SYSTEM)
+# define TIMERTICK_INTERVAL (4)
+# define CHECK_OWN_SOCKET_INTERVAL (60)
#else
-#define TIMERTICK_INTERVAL (2) /* Seconds. */
+# define TIMERTICK_INTERVAL (2)
+# define CHECK_OWN_SOCKET_INTERVAL (60)
#endif
-/* How often shall we check our own socket in standard socket mode.
- If that value is 0 we don't check at all. */
-#ifdef HAVE_W32_SYSTEM
-# define CHECK_OWN_SOCKET_INTERVAL (0)
-#else
-# define CHECK_OWN_SOCKET_INTERVAL (60) /* Seconds. */
-#endif
/* The list of open file descriptors at startup. Note that this list
has been allocated using the standard malloc. */
static int *startup_fd_list;
/* The signal mask at startup and a flag telling whether it is valid. */
#ifdef HAVE_SIGPROCMASK
static sigset_t startup_signal_mask;
static int startup_signal_mask_valid;
#endif
/* Flag to indicate that a shutdown was requested. */
static int shutdown_pending;
/* Counter for the currently running own socket checks. */
static int check_own_socket_running;
/* It is possible that we are currently running under setuid permissions */
static int maybe_setuid = 1;
/* Name of the communication socket used for native gpg-agent requests. */
static char *socket_name;
/* Name of the communication socket used for ssh-agent-emulation. */
static char *socket_name_ssh;
/* We need to keep track of the server's nonces (these are dummies for
POSIX systems). */
static assuan_sock_nonce_t socket_nonce;
static assuan_sock_nonce_t socket_nonce_ssh;
/* Default values for options passed to the pinentry. */
static char *default_display;
static char *default_ttyname;
static char *default_ttytype;
static char *default_lc_ctype;
static char *default_lc_messages;
static char *default_xauthority;
/* Name of a config file, which will be reread on a HUP if it is not NULL. */
static char *config_filename;
/* Helper to implement --debug-level */
static const char *debug_level;
/* Keep track of the current log file so that we can avoid updating
the log file after a SIGHUP if it didn't changed. Malloced. */
static char *current_logfile;
/* The handle_tick() function may test whether a parent is still
running. We record the PID of the parent here or -1 if it should be
watched. */
static pid_t parent_pid = (pid_t)(-1);
/*
Local prototypes.
*/
static char *create_socket_name (char *standard_name, char *template);
static gnupg_fd_t create_server_socket (char *name, int is_ssh,
assuan_sock_nonce_t *nonce);
static void create_directories (void);
static void agent_init_default_ctrl (ctrl_t ctrl);
static void agent_deinit_default_ctrl (ctrl_t ctrl);
static void handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t listen_fd_ssh);
static void check_own_socket (void);
static int check_for_running_agent (int silent, int mode);
/* Pth wrapper function definitions. */
ASSUAN_SYSTEM_PTH_IMPL;
GCRY_THREAD_OPTION_PTH_IMPL;
static int fixed_gcry_pth_init (void)
{
return pth_self ()? 0 : (pth_init () == FALSE) ? errno : 0;
}
#ifndef PTH_HAVE_PTH_THREAD_ID
static unsigned long pth_thread_id (void)
{
return (unsigned long)pth_self ();
}
#endif
/*
Functions.
*/
static char *
make_libversion (const char *libname, const char *(*getfnc)(const char*))
{
const char *s;
char *result;
if (maybe_setuid)
{
gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
maybe_setuid = 0;
}
s = getfnc (NULL);
result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
strcpy (stpcpy (stpcpy (result, libname), " "), s);
return result;
}
static const char *
my_strusage (int level)
{
static char *ver_gcry;
const char *p;
switch (level)
{
case 11: p = "gpg-agent (GnuPG)";
break;
case 13: p = VERSION; break;
case 17: p = PRINTABLE_OS_NAME; break;
/* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
reporting address. This is so that we can change the
reporting address without breaking the translations. */
case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
case 20:
if (!ver_gcry)
ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
p = ver_gcry;
break;
case 1:
case 40: p = _("Usage: gpg-agent [options] (-h for help)");
break;
case 41: p = _("Syntax: gpg-agent [options] [command [args]]\n"
"Secret key management for GnuPG\n");
break;
default: p = NULL;
}
return p;
}
/* Setup the debugging. With the global variable DEBUG_LEVEL set to NULL
only the active debug flags are propagated to the subsystems. With
DEBUG_LEVEL set, a specific set of debug flags is set; thus overriding
all flags already set. Note that we don't fail here, because it is
important to keep gpg-agent running even after re-reading the
options due to a SIGHUP. */
static void
set_debug (void)
{
int numok = (debug_level && digitp (debug_level));
int numlvl = numok? atoi (debug_level) : 0;
if (!debug_level)
;
else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
opt.debug = 0;
else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
opt.debug = DBG_ASSUAN_VALUE;
else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
opt.debug = DBG_ASSUAN_VALUE|DBG_COMMAND_VALUE;
else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
opt.debug = (DBG_ASSUAN_VALUE|DBG_COMMAND_VALUE
|DBG_CACHE_VALUE);
else if (!strcmp (debug_level, "guru") || numok)
{
opt.debug = ~0;
/* Unless the "guru" string has been used we don't want to allow
hashing debugging. The rationale is that people tend to
select the highest debug value and would then clutter their
disk with debug files which may reveal confidential data. */
if (numok)
opt.debug &= ~(DBG_HASHING_VALUE);
}
else
{
log_error (_("invalid debug-level `%s' given\n"), debug_level);
opt.debug = 0; /* Reset debugging, so that prior debug
statements won't have an undesired effect. */
}
if (opt.debug && !opt.verbose)
opt.verbose = 1;
if (opt.debug && opt.quiet)
opt.quiet = 0;
if (opt.debug & DBG_MPI_VALUE)
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
if (opt.debug & DBG_CRYPTO_VALUE )
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
log_info ("enabled debug flags:%s%s%s%s%s%s%s%s\n",
(opt.debug & DBG_COMMAND_VALUE)? " command":"",
(opt.debug & DBG_MPI_VALUE )? " mpi":"",
(opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
(opt.debug & DBG_MEMORY_VALUE )? " memory":"",
(opt.debug & DBG_CACHE_VALUE )? " cache":"",
(opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
(opt.debug & DBG_HASHING_VALUE)? " hashing":"",
(opt.debug & DBG_ASSUAN_VALUE )? " assuan":"");
}
/* Helper for cleanup to remove one socket with NAME. */
static void
remove_socket (char *name)
{
if (name && *name)
{
char *p;
gnupg_remove (name);
p = strrchr (name, '/');
if (p)
{
*p = 0;
rmdir (name);
*p = '/';
}
*name = 0;
}
}
static void
cleanup (void)
{
static int done;
if (done)
return;
done = 1;
deinitialize_module_cache ();
remove_socket (socket_name);
remove_socket (socket_name_ssh);
}
/* Handle options which are allowed to be reset after program start.
Return true when the current option in PARGS could be handled and
false if not. As a special feature, passing a value of NULL for
PARGS, resets the options to the default. REREAD should be set
true if it is not the initial option parsing. */
static int
parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
{
if (!pargs)
{ /* reset mode */
opt.quiet = 0;
opt.verbose = 0;
opt.debug = 0;
opt.no_grab = 0;
opt.pinentry_program = NULL;
opt.pinentry_touch_file = NULL;
opt.scdaemon_program = NULL;
opt.def_cache_ttl = DEFAULT_CACHE_TTL;
opt.def_cache_ttl_ssh = DEFAULT_CACHE_TTL_SSH;
opt.max_cache_ttl = MAX_CACHE_TTL;
opt.max_cache_ttl_ssh = MAX_CACHE_TTL_SSH;
opt.enforce_passphrase_constraints = 0;
opt.min_passphrase_len = MIN_PASSPHRASE_LEN;
opt.min_passphrase_nonalpha = MIN_PASSPHRASE_NONALPHA;
opt.check_passphrase_pattern = NULL;
opt.max_passphrase_days = MAX_PASSPHRASE_DAYS;
opt.enable_passhrase_history = 0;
opt.ignore_cache_for_signing = 0;
opt.allow_mark_trusted = 0;
opt.disable_scdaemon = 0;
return 1;
}
switch (pargs->r_opt)
{
case oQuiet: opt.quiet = 1; break;
case oVerbose: opt.verbose++; break;
case oDebug: opt.debug |= pargs->r.ret_ulong; break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs->r.ret_str; break;
case oLogFile:
if (!reread)
return 0; /* not handeld */
if (!current_logfile || !pargs->r.ret_str
|| strcmp (current_logfile, pargs->r.ret_str))
{
log_set_file (pargs->r.ret_str);
xfree (current_logfile);
current_logfile = xtrystrdup (pargs->r.ret_str);
}
break;
case oNoGrab: opt.no_grab = 1; break;
case oPinentryProgram: opt.pinentry_program = pargs->r.ret_str; break;
case oPinentryTouchFile: opt.pinentry_touch_file = pargs->r.ret_str; break;
case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break;
case oDisableScdaemon: opt.disable_scdaemon = 1; break;
case oDefCacheTTL: opt.def_cache_ttl = pargs->r.ret_ulong; break;
case oDefCacheTTLSSH: opt.def_cache_ttl_ssh = pargs->r.ret_ulong; break;
case oMaxCacheTTL: opt.max_cache_ttl = pargs->r.ret_ulong; break;
case oMaxCacheTTLSSH: opt.max_cache_ttl_ssh = pargs->r.ret_ulong; break;
case oEnforcePassphraseConstraints:
opt.enforce_passphrase_constraints=1;
break;
case oMinPassphraseLen: opt.min_passphrase_len = pargs->r.ret_ulong; break;
case oMinPassphraseNonalpha:
opt.min_passphrase_nonalpha = pargs->r.ret_ulong;
break;
case oCheckPassphrasePattern:
opt.check_passphrase_pattern = pargs->r.ret_str;
break;
case oMaxPassphraseDays:
opt.max_passphrase_days = pargs->r.ret_ulong;
break;
case oEnablePassphraseHistory:
opt.enable_passhrase_history = 1;
break;
case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;
case oAllowMarkTrusted: opt.allow_mark_trusted = 1; break;
case oAllowPresetPassphrase: opt.allow_preset_passphrase = 1; break;
default:
return 0; /* not handled */
}
return 1; /* handled */
}
/* The main entry point. */
int
main (int argc, char **argv )
{
ARGPARSE_ARGS pargs;
int orig_argc;
int may_coredump;
char **orig_argv;
FILE *configfp = NULL;
char *configname = NULL;
const char *shell;
unsigned configlineno;
int parse_debug = 0;
int default_config =1;
int greeting = 0;
int nogreeting = 0;
int pipe_server = 0;
int is_daemon = 0;
int nodetach = 0;
int csh_style = 0;
char *logfile = NULL;
int debug_wait = 0;
int gpgconf_list = 0;
gpg_error_t err;
const char *env_file_name = NULL;
struct assuan_malloc_hooks malloc_hooks;
/* Before we do anything else we save the list of currently open
file descriptors and the signal mask. This info is required to
do the exec call properly. */
startup_fd_list = get_all_open_fds ();
#ifdef HAVE_SIGPROCMASK
if (!sigprocmask (SIG_UNBLOCK, NULL, &startup_signal_mask))
startup_signal_mask_valid = 1;
#endif /*HAVE_SIGPROCMASK*/
/* Set program name etc. */
set_strusage (my_strusage);
gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
/* Please note that we may running SUID(ROOT), so be very CAREFUL
when adding any stuff between here and the call to INIT_SECMEM()
somewhere after the option parsing */
log_set_prefix ("gpg-agent", JNLIB_LOG_WITH_PREFIX|JNLIB_LOG_WITH_PID);
/* Make sure that our subsystems are ready. */
i18n_init ();
init_common_subsystems (&argc, &argv);
/* Libgcrypt requires us to register the threading model first.
Note that this will also do the pth_init. */
gcry_threads_pth.init = fixed_gcry_pth_init;
err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
if (err)
{
log_fatal ("can't register GNU Pth with Libgcrypt: %s\n",
gpg_strerror (err));
}
/* Check that the libraries are suitable. Do it here because
the option parsing may need services of the library. */
if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
{
log_fatal( _("%s is too old (need %s, have %s)\n"), "libgcrypt",
NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
}
malloc_hooks.malloc = gcry_malloc;
malloc_hooks.realloc = gcry_realloc;
malloc_hooks.free = gcry_free;
assuan_set_malloc_hooks (&malloc_hooks);
assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
assuan_set_system_hooks (ASSUAN_SYSTEM_PTH);
assuan_sock_init ();
setup_libassuan_logging (&opt.debug);
setup_libgcrypt_logging ();
gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
may_coredump = disable_core_dumps ();
/* Set default options. */
parse_rereadable_options (NULL, 0); /* Reset them to default values. */
#ifdef USE_STANDARD_SOCKET
opt.use_standard_socket = 1;
#endif
shell = getenv ("SHELL");
if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
csh_style = 1;
opt.homedir = default_homedir ();
/* Record some of the original environment strings. */
{
const char *s;
int idx;
static const char *names[] =
{ "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL };
err = 0;
opt.startup_env = session_env_new ();
if (!opt.startup_env)
err = gpg_error_from_syserror ();
for (idx=0; !err && names[idx]; idx++)
{
s = getenv (names[idx]);
if (s)
err = session_env_setenv (opt.startup_env, names[idx], s);
}
if (!err)
{
s = ttyname (0);
if (s)
err = session_env_setenv (opt.startup_env, "GPG_TTY", s);
}
if (err)
log_fatal ("error recording startup environment: %s\n",
gpg_strerror (err));
/* Fixme: Better use the locale function here. */
opt.startup_lc_ctype = getenv ("LC_CTYPE");
if (opt.startup_lc_ctype)
opt.startup_lc_ctype = xstrdup (opt.startup_lc_ctype);
opt.startup_lc_messages = getenv ("LC_MESSAGES");
if (opt.startup_lc_messages)
opt.startup_lc_messages = xstrdup (opt.startup_lc_messages);
}
/* Check whether we have a config file on the commandline */
orig_argc = argc;
orig_argv = argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
while (arg_parse( &pargs, opts))
{
if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
parse_debug++;
else if (pargs.r_opt == oOptions)
{ /* yes there is one, so we do not try the default one, but
read the option file when it is encountered at the
commandline */
default_config = 0;
}
else if (pargs.r_opt == oNoOptions)
default_config = 0; /* --no-options */
else if (pargs.r_opt == oHomedir)
opt.homedir = pargs.r.ret_str;
}
/* Initialize the secure memory. */
gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
maybe_setuid = 0;
/*
Now we are now working under our real uid
*/
if (default_config)
configname = make_filename (opt.homedir, "gpg-agent.conf", NULL );
argc = orig_argc;
argv = orig_argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1; /* do not remove the args */
next_pass:
if (configname)
{
configlineno = 0;
configfp = fopen (configname, "r");
if (!configfp)
{
if (default_config)
{
if( parse_debug )
log_info (_("NOTE: no default option file `%s'\n"),
configname );
/* Save the default conf file name so that
reread_configuration is able to test whether the
config file has been created in the meantime. */
xfree (config_filename);
config_filename = configname;
configname = NULL;
}
else
{
log_error (_("option file `%s': %s\n"),
configname, strerror(errno) );
exit(2);
}
xfree (configname);
configname = NULL;
}
if (parse_debug && configname )
log_info (_("reading options from `%s'\n"), configname );
default_config = 0;
}
while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
{
if (parse_rereadable_options (&pargs, 0))
continue; /* Already handled */
switch (pargs.r_opt)
{
case aGPGConfList: gpgconf_list = 1; break;
case aGPGConfTest: gpgconf_list = 2; break;
case aUseStandardSocketP: gpgconf_list = 3; break;
case oBatch: opt.batch=1; break;
case oDebugWait: debug_wait = pargs.r.ret_int; break;
case oOptions:
/* config files may not be nested (silently ignore them) */
if (!configfp)
{
xfree(configname);
configname = xstrdup(pargs.r.ret_str);
goto next_pass;
}
break;
case oNoGreeting: nogreeting = 1; break;
case oNoVerbose: opt.verbose = 0; break;
case oNoOptions: break; /* no-options */
case oHomedir: opt.homedir = pargs.r.ret_str; break;
case oNoDetach: nodetach = 1; break;
case oLogFile: logfile = pargs.r.ret_str; break;
case oCsh: csh_style = 1; break;
case oSh: csh_style = 0; break;
case oServer: pipe_server = 1; break;
case oDaemon: is_daemon = 1; break;
case oDisplay: default_display = xstrdup (pargs.r.ret_str); break;
case oTTYname: default_ttyname = xstrdup (pargs.r.ret_str); break;
case oTTYtype: default_ttytype = xstrdup (pargs.r.ret_str); break;
case oLCctype: default_lc_ctype = xstrdup (pargs.r.ret_str); break;
case oLCmessages: default_lc_messages = xstrdup (pargs.r.ret_str);
case oXauthority: default_xauthority = xstrdup (pargs.r.ret_str);
break;
case oUseStandardSocket: opt.use_standard_socket = 1; break;
case oNoUseStandardSocket: opt.use_standard_socket = 0; break;
case oFakedSystemTime:
{
time_t faked_time = isotime2epoch (pargs.r.ret_str);
if (faked_time == (time_t)(-1))
faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
gnupg_set_time (faked_time, 0);
}
break;
case oKeepTTY: opt.keep_tty = 1; break;
case oKeepDISPLAY: opt.keep_display = 1; break;
case oSSHSupport: opt.ssh_support = 1; break;
case oWriteEnvFile:
if (pargs.r_type)
env_file_name = pargs.r.ret_str;
else
env_file_name = make_filename ("~/.gpg-agent-info", NULL);
break;
default : pargs.err = configfp? 1:2; break;
}
}
if (configfp)
{
fclose( configfp );
configfp = NULL;
/* Keep a copy of the name so that it can be read on SIGHUP. */
if (config_filename != configname)
{
xfree (config_filename);
config_filename = configname;
}
configname = NULL;
goto next_pass;
}
xfree (configname);
configname = NULL;
if (log_get_errorcount(0))
exit(2);
if (nogreeting )
greeting = 0;
if (greeting)
{
es_fprintf (es_stderr, "%s %s; %s\n",
strusage(11), strusage(13), strusage(14) );
es_fprintf (es_stderr, "%s\n", strusage(15) );
}
#ifdef IS_DEVELOPMENT_VERSION
/* We don't want to print it here because gpg-agent is useful of its
own and quite matured. */
/*log_info ("NOTE: this is a development version!\n");*/
#endif
#ifdef ENABLE_NLS
/* gpg-agent usually does not output any messages because it runs in
the background. For log files it is acceptable to have messages
always encoded in utf-8. We switch here to utf-8, so that
commands like --help still give native messages. It is far
easier to switch only once instead of for every message and it
actually helps when more then one thread is active (avoids an
extra copy step). */
bind_textdomain_codeset (PACKAGE_GT, "UTF-8");
#endif
if (!pipe_server && !is_daemon && !gpgconf_list)
{
/* We have been called without any options and thus we merely
check whether an agent is already running. We do this right
here so that we don't clobber a logfile with this check but
print the status directly to stderr. */
opt.debug = 0;
set_debug ();
check_for_running_agent (0, 0);
agent_exit (0);
}
set_debug ();
if (atexit (cleanup))
{
log_error ("atexit failed\n");
cleanup ();
exit (1);
}
initialize_module_cache ();
initialize_module_call_pinentry ();
initialize_module_call_scd ();
initialize_module_trustlist ();
/* Try to create missing directories. */
create_directories ();
if (debug_wait && pipe_server)
{
log_debug ("waiting for debugger - my pid is %u .....\n",
(unsigned int)getpid());
gnupg_sleep (debug_wait);
log_debug ("... okay\n");
}
if (gpgconf_list == 3)
{
if (opt.use_standard_socket && !opt.quiet)
log_info ("configured to use the standard socket\n");
agent_exit (!opt.use_standard_socket);
}
else if (gpgconf_list == 2)
agent_exit (0);
else if (gpgconf_list)
{
char *filename;
char *filename_esc;
/* List options and default values in the GPG Conf format. */
filename = make_filename (opt.homedir, "gpg-agent.conf", NULL );
filename_esc = percent_escape (filename, NULL);
es_printf ("gpgconf-gpg-agent.conf:%lu:\"%s\n",
GC_OPT_FLAG_DEFAULT, filename_esc);
xfree (filename);
xfree (filename_esc);
es_printf ("verbose:%lu:\n"
"quiet:%lu:\n"
"debug-level:%lu:\"none:\n"
"log-file:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME,
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME,
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME );
es_printf ("default-cache-ttl:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, DEFAULT_CACHE_TTL );
es_printf ("default-cache-ttl-ssh:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, DEFAULT_CACHE_TTL_SSH );
es_printf ("max-cache-ttl:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MAX_CACHE_TTL );
es_printf ("max-cache-ttl-ssh:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MAX_CACHE_TTL_SSH );
es_printf ("enforce-passphrase-constraints:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("min-passphrase-len:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME, MIN_PASSPHRASE_LEN );
es_printf ("min-passphrase-nonalpha:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
MIN_PASSPHRASE_NONALPHA);
es_printf ("check-passphrase-pattern:%lu:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME);
es_printf ("max-passphrase-days:%lu:%d:\n",
GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME,
MAX_PASSPHRASE_DAYS);
es_printf ("enable-passphrase-history:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("no-grab:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("ignore-cache-for-signing:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("allow-mark-trusted:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("disable-scdaemon:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
agent_exit (0);
}
/* Now start with logging to a file if this is desired. */
if (logfile)
{
log_set_file (logfile);
log_set_prefix (NULL, (JNLIB_LOG_WITH_PREFIX
|JNLIB_LOG_WITH_TIME
|JNLIB_LOG_WITH_PID));
current_logfile = xstrdup (logfile);
}
/* Make sure that we have a default ttyname. */
if (!default_ttyname && ttyname (1))
default_ttyname = xstrdup (ttyname (1));
if (!default_ttytype && getenv ("TERM"))
default_ttytype = xstrdup (getenv ("TERM"));
if (pipe_server)
{
/* This is the simple pipe based server */
ctrl_t ctrl;
ctrl = xtrycalloc (1, sizeof *ctrl);
if (!ctrl)
{
log_error ("error allocating connection control data: %s\n",
strerror (errno) );
agent_exit (1);
}
ctrl->session_env = session_env_new ();
if (!ctrl->session_env)
{
log_error ("error allocating session environment block: %s\n",
strerror (errno) );
xfree (ctrl);
agent_exit (1);
}
agent_init_default_ctrl (ctrl);
start_command_handler (ctrl, GNUPG_INVALID_FD, GNUPG_INVALID_FD);
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
}
else if (!is_daemon)
; /* NOTREACHED */
else
{ /* Regular server mode */
gnupg_fd_t fd;
gnupg_fd_t fd_ssh;
pid_t pid;
/* Remove the DISPLAY variable so that a pinentry does not
default to a specific display. There is still a default
display when gpg-agent was started using --display or a
client requested this using an OPTION command. Note, that we
don't do this when running in reverse daemon mode (i.e. when
exec the program given as arguments). */
#ifndef HAVE_W32_SYSTEM
if (!opt.keep_display && !argc)
gnupg_unsetenv ("DISPLAY");
#endif
/* Create the sockets. */
socket_name = create_socket_name
("S.gpg-agent", "gpg-XXXXXX/S.gpg-agent");
if (opt.ssh_support)
socket_name_ssh = create_socket_name
("S.gpg-agent.ssh", "gpg-XXXXXX/S.gpg-agent.ssh");
fd = create_server_socket (socket_name, 0, &socket_nonce);
if (opt.ssh_support)
fd_ssh = create_server_socket (socket_name_ssh, 1, &socket_nonce_ssh);
else
fd_ssh = GNUPG_INVALID_FD;
/* If we are going to exec a program in the parent, we record
the PID, so that the child may check whether the program is
still alive. */
if (argc)
parent_pid = getpid ();
fflush (NULL);
#ifdef HAVE_W32_SYSTEM
pid = getpid ();
es_printf ("set GPG_AGENT_INFO=%s;%lu;1\n", socket_name, (ulong)pid);
#else /*!HAVE_W32_SYSTEM*/
pid = fork ();
if (pid == (pid_t)-1)
{
log_fatal ("fork failed: %s\n", strerror (errno) );
exit (1);
}
else if (pid)
{ /* We are the parent */
char *infostr, *infostr_ssh_sock;
/* Close the socket FD. */
close (fd);
/* Note that we used a standard fork so that Pth runs in
both the parent and the child. The pth_fork would
terminate Pth in the child but that is not the way we
want it. Thus we use a plain fork and terminate Pth here
in the parent. The pth_kill may or may not work reliable
but it should not harm to call it. Because Pth fiddles
with the signal mask the signal mask might not be correct
right now and thus we restore it. That is not strictly
necessary but some programs falsely assume a cleared
signal mask. */
if ( !pth_kill () )
log_error ("pth_kill failed in forked process\n");
#ifdef HAVE_SIGPROCMASK
if (startup_signal_mask_valid)
{
if (sigprocmask (SIG_SETMASK, &startup_signal_mask, NULL))
log_error ("error restoring signal mask: %s\n",
strerror (errno));
}
else
log_info ("no saved signal mask\n");
#endif /*HAVE_SIGPROCMASK*/
/* Create the info string: <name>:<pid>:<protocol_version> */
if (asprintf (&infostr, "GPG_AGENT_INFO=%s:%lu:1",
socket_name, (ulong)pid ) < 0)
{
log_error ("out of core\n");
kill (pid, SIGTERM);
exit (1);
}
if (opt.ssh_support)
{
if (asprintf (&infostr_ssh_sock, "SSH_AUTH_SOCK=%s",
socket_name_ssh) < 0)
{
log_error ("out of core\n");
kill (pid, SIGTERM);
exit (1);
}
}
*socket_name = 0; /* Don't let cleanup() remove the socket -
the child should do this from now on */
if (opt.ssh_support)
*socket_name_ssh = 0;
if (env_file_name)
{
estream_t fp;
fp = es_fopen (env_file_name, "w,mode=-rw");
if (!fp)
log_error (_("error creating `%s': %s\n"),
env_file_name, strerror (errno));
else
{
es_fputs (infostr, fp);
es_putc ('\n', fp);
if (opt.ssh_support)
{
es_fputs (infostr_ssh_sock, fp);
es_putc ('\n', fp);
}
es_fclose (fp);
}
}
if (argc)
{ /* Run the program given on the commandline. */
if (putenv (infostr))
{
log_error ("failed to set environment: %s\n",
strerror (errno) );
kill (pid, SIGTERM );
exit (1);
}
if (opt.ssh_support && putenv (infostr_ssh_sock))
{
log_error ("failed to set environment: %s\n",
strerror (errno) );
kill (pid, SIGTERM );
exit (1);
}
/* Close all the file descriptors except the standard
ones and those open at startup. We explicitly don't
close 0,1,2 in case something went wrong collecting
them at startup. */
close_all_fds (3, startup_fd_list);
/* Run the command. */
execvp (argv[0], argv);
log_error ("failed to run the command: %s\n", strerror (errno));
kill (pid, SIGTERM);
exit (1);
}
else
{
/* Print the environment string, so that the caller can use
shell's eval to set it */
if (csh_style)
{
*strchr (infostr, '=') = ' ';
es_printf ("setenv %s\n", infostr);
if (opt.ssh_support)
{
*strchr (infostr_ssh_sock, '=') = ' ';
es_printf ("setenv %s\n", infostr_ssh_sock);
}
}
else
{
es_printf ( "%s; export GPG_AGENT_INFO;\n", infostr);
if (opt.ssh_support)
{
es_printf ("%s; export SSH_AUTH_SOCK;\n",
infostr_ssh_sock);
}
}
xfree (infostr);
if (opt.ssh_support)
{
xfree (infostr_ssh_sock);
}
exit (0);
}
/*NOTREACHED*/
} /* End parent */
/*
This is the child
*/
/* Detach from tty and put process into a new session */
if (!nodetach )
{
int i;
unsigned int oldflags;
/* Close stdin, stdout and stderr unless it is the log stream */
for (i=0; i <= 2; i++)
{
if (!log_test_fd (i) && i != fd )
{
if ( ! close (i)
&& open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
{
log_error ("failed to open `%s': %s\n",
"/dev/null", strerror (errno));
cleanup ();
exit (1);
}
}
}
if (setsid() == -1)
{
log_error ("setsid() failed: %s\n", strerror(errno) );
cleanup ();
exit (1);
}
log_get_prefix (&oldflags);
log_set_prefix (NULL, oldflags | JNLIB_LOG_RUN_DETACHED);
opt.running_detached = 1;
}
if (chdir("/"))
{
log_error ("chdir to / failed: %s\n", strerror (errno));
exit (1);
}
{
struct sigaction sa;
sa.sa_handler = SIG_IGN;
sigemptyset (&sa.sa_mask);
sa.sa_flags = 0;
sigaction (SIGPIPE, &sa, NULL);
}
#endif /*!HAVE_W32_SYSTEM*/
log_info ("%s %s started\n", strusage(11), strusage(13) );
handle_connections (fd, opt.ssh_support ? fd_ssh : GNUPG_INVALID_FD);
assuan_sock_close (fd);
}
return 0;
}
void
agent_exit (int rc)
{
/*FIXME: update_random_seed_file();*/
/* We run our cleanup handler because that may close cipher contexts
stored in secure memory and thus this needs to be done before we
explicitly terminate secure memory. */
cleanup ();
#if 1
/* at this time a bit annoying */
if (opt.debug & DBG_MEMSTAT_VALUE)
{
gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
}
if (opt.debug)
gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
#endif
gcry_control (GCRYCTL_TERM_SECMEM );
rc = rc? rc : log_get_errorcount(0)? 2 : 0;
exit (rc);
}
static void
agent_init_default_ctrl (ctrl_t ctrl)
{
/* Note we ignore malloc errors because we can't do much about it
and the request will fail anyway shortly after this
initialization. */
session_env_setenv (ctrl->session_env, "DISPLAY", default_display);
session_env_setenv (ctrl->session_env, "GPG_TTY", default_ttyname);
session_env_setenv (ctrl->session_env, "TERM", default_ttytype);
session_env_setenv (ctrl->session_env, "XAUTHORITY", default_xauthority);
session_env_setenv (ctrl->session_env, "PINENTRY_USER_DATA", NULL);
if (ctrl->lc_ctype)
xfree (ctrl->lc_ctype);
ctrl->lc_ctype = default_lc_ctype? xtrystrdup (default_lc_ctype) : NULL;
if (ctrl->lc_messages)
xfree (ctrl->lc_messages);
ctrl->lc_messages = default_lc_messages? xtrystrdup (default_lc_messages)
/**/ : NULL;
}
static void
agent_deinit_default_ctrl (ctrl_t ctrl)
{
session_env_release (ctrl->session_env);
if (ctrl->lc_ctype)
xfree (ctrl->lc_ctype);
if (ctrl->lc_messages)
xfree (ctrl->lc_messages);
}
/* Reread parts of the configuration. Note, that this function is
obviously not thread-safe and should only be called from the PTH
signal handler.
Fixme: Due to the way the argument parsing works, we create a
memory leak here for all string type arguments. There is currently
no clean way to tell whether the memory for the argument has been
allocated or points into the process' original arguments. Unless
we have a mechanism to tell this, we need to live on with this. */
static void
reread_configuration (void)
{
ARGPARSE_ARGS pargs;
FILE *fp;
unsigned int configlineno = 0;
int dummy;
if (!config_filename)
return; /* No config file. */
fp = fopen (config_filename, "r");
if (!fp)
{
log_info (_("option file `%s': %s\n"),
config_filename, strerror(errno) );
return;
}
parse_rereadable_options (NULL, 1); /* Start from the default values. */
memset (&pargs, 0, sizeof pargs);
dummy = 0;
pargs.argc = &dummy;
pargs.flags = 1; /* do not remove the args */
while (optfile_parse (fp, config_filename, &configlineno, &pargs, opts) )
{
if (pargs.r_opt < -1)
pargs.err = 1; /* Print a warning. */
else /* Try to parse this option - ignore unchangeable ones. */
parse_rereadable_options (&pargs, 1);
}
fclose (fp);
set_debug ();
}
/* Return the file name of the socket we are using for native
requests. */
const char *
get_agent_socket_name (void)
{
const char *s = socket_name;
return (s && *s)? s : NULL;
}
/* Return the file name of the socket we are using for SSH
requests. */
const char *
get_agent_ssh_socket_name (void)
{
const char *s = socket_name_ssh;
return (s && *s)? s : NULL;
}
/* Under W32, this function returns the handle of the scdaemon
notification event. Calling it the first time creates that
event. */
#if defined(HAVE_W32_SYSTEM) && !defined(HAVE_W32CE_SYSTEM)
void *
get_agent_scd_notify_event (void)
{
static HANDLE the_event;
if (!the_event)
{
HANDLE h, h2;
SECURITY_ATTRIBUTES sa = { sizeof (SECURITY_ATTRIBUTES), NULL, TRUE};
/* We need to use a manual reset event object due to the way our
w32-pth wait function works: If we would use an automatic
reset event we are not able to figure out which handle has
been signaled because at the time we single out the signaled
handles using WFSO the event has already been reset due to
the WFMO. */
h = CreateEvent (&sa, TRUE, FALSE, NULL);
if (!h)
log_error ("can't create scd notify event: %s\n", w32_strerror (-1) );
else if (!DuplicateHandle (GetCurrentProcess(), h,
GetCurrentProcess(), &h2,
EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
{
log_error ("setting syncronize for scd notify event failed: %s\n",
w32_strerror (-1) );
CloseHandle (h);
}
else
{
CloseHandle (h);
the_event = h2;
}
}
return the_event;
}
#endif /*HAVE_W32_SYSTEM && !HAVE_W32CE_SYSTEM*/
/* Create a name for the socket. With USE_STANDARD_SOCKET given as
true using STANDARD_NAME in the home directory or if given as
false from the mkdir type name TEMPLATE. In the latter case a
unique name in a unique new directory will be created. In both
cases check for valid characters as well as against a maximum
allowed length for a unix domain socket is done. The function
terminates the process in case of an error. Returns: Pointer to an
allocated string with the absolute name of the socket used. */
static char *
create_socket_name (char *standard_name, char *template)
{
char *name, *p;
if (opt.use_standard_socket)
name = make_filename (opt.homedir, standard_name, NULL);
else
{
/* Prepend the tmp directory to the template. */
p = getenv ("TMPDIR");
if (!p || !*p)
p = "/tmp";
if (p[strlen (p) - 1] == '/')
name = xstrconcat (p, template, NULL);
else
name = xstrconcat (p, "/", template, NULL);
p = strrchr (name, '/');
if (!p)
BUG ();
*p = 0;
if (!mkdtemp (name))
{
log_error (_("can't create directory `%s': %s\n"),
name, strerror (errno));
agent_exit (2);
}
*p = '/';
}
if (strchr (name, PATHSEP_C))
{
log_error (("`%s' are not allowed in the socket name\n"), PATHSEP_S);
agent_exit (2);
}
if (strlen (name) + 1 >= DIMof (struct sockaddr_un, sun_path) )
{
log_error (_("name of socket too long\n"));
agent_exit (2);
}
return name;
}
/* Create a Unix domain socket with NAME. Returns the file descriptor
or terminates the process in case of an error. Not that this
function needs to be used for the regular socket first and only
then for the ssh socket. */
static gnupg_fd_t
create_server_socket (char *name, int is_ssh, assuan_sock_nonce_t *nonce)
{
struct sockaddr_un *serv_addr;
socklen_t len;
gnupg_fd_t fd;
int rc;
fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
if (fd == ASSUAN_INVALID_FD)
{
log_error (_("can't create socket: %s\n"), strerror (errno));
agent_exit (2);
}
serv_addr = xmalloc (sizeof (*serv_addr));
memset (serv_addr, 0, sizeof *serv_addr);
serv_addr->sun_family = AF_UNIX;
if (strlen (name) + 1 >= sizeof (serv_addr->sun_path))
{
log_error (_("socket name `%s' is too long\n"), name);
agent_exit (2);
}
strcpy (serv_addr->sun_path, name);
len = SUN_LEN (serv_addr);
rc = assuan_sock_bind (fd, (struct sockaddr*) serv_addr, len);
/* Our error code mapping on W32CE returns EEXIST thus we also test
for this. */
if (opt.use_standard_socket && rc == -1
&& (errno == EADDRINUSE
#ifdef HAVE_W32_SYSTEM
|| errno == EEXIST
#endif
))
{
/* Check whether a gpg-agent is already running on the standard
socket. We do this test only if this is not the ssh socket.
For ssh we assume that a test for gpg-agent has already been
done and reuse the requested ssh socket. Testing the
ssh-socket is not possible because at this point, though we
know the new Assuan socket, the Assuan server and thus the
ssh-agent server is not yet operational. This would lead to
a hang. */
if (!is_ssh && !check_for_running_agent (1, 1))
{
log_set_prefix (NULL, JNLIB_LOG_WITH_PREFIX);
log_set_file (NULL);
log_error (_("a gpg-agent is already running - "
"not starting a new one\n"));
*name = 0; /* Inhibit removal of the socket by cleanup(). */
assuan_sock_close (fd);
agent_exit (2);
}
gnupg_remove (name);
rc = assuan_sock_bind (fd, (struct sockaddr*) serv_addr, len);
}
if (rc != -1
&& (rc=assuan_sock_get_nonce ((struct sockaddr*)serv_addr, len, nonce)))
log_error (_("error getting nonce for the socket\n"));
if (rc == -1)
{
/* We use gpg_strerror here because it allows us to get strings
for some W32 socket error codes. */
log_error (_("error binding socket to `%s': %s\n"),
serv_addr->sun_path,
gpg_strerror (gpg_error_from_errno (errno)));
assuan_sock_close (fd);
if (opt.use_standard_socket)
*name = 0; /* Inhibit removal of the socket by cleanup(). */
agent_exit (2);
}
if (listen (FD2INT(fd), 5 ) == -1)
{
log_error (_("listen() failed: %s\n"), strerror (errno));
assuan_sock_close (fd);
agent_exit (2);
}
if (opt.verbose)
log_info (_("listening on socket `%s'\n"), serv_addr->sun_path);
return fd;
}
/* Check that the directory for storing the private keys exists and
create it if not. This function won't fail as it is only a
convenience function and not strictly necessary. */
static void
create_private_keys_directory (const char *home)
{
char *fname;
struct stat statbuf;
fname = make_filename (home, GNUPG_PRIVATE_KEYS_DIR, NULL);
if (stat (fname, &statbuf) && errno == ENOENT)
{
if (gnupg_mkdir (fname, "-rwx"))
log_error (_("can't create directory `%s': %s\n"),
fname, strerror (errno) );
else if (!opt.quiet)
log_info (_("directory `%s' created\n"), fname);
}
xfree (fname);
}
/* Create the directory only if the supplied directory name is the
same as the default one. This way we avoid to create arbitrary
directories when a non-default home directory is used. To cope
with HOME, we compare only the suffix if we see that the default
homedir does start with a tilde. We don't stop here in case of
problems because other functions will throw an error anyway.*/
static void
create_directories (void)
{
struct stat statbuf;
const char *defhome = standard_homedir ();
char *home;
home = make_filename (opt.homedir, NULL);
if ( stat (home, &statbuf) )
{
if (errno == ENOENT)
{
if (
#ifdef HAVE_W32_SYSTEM
( !compare_filenames (home, defhome) )
#else
(*defhome == '~'
&& (strlen (home) >= strlen (defhome+1)
&& !strcmp (home + strlen(home)
- strlen (defhome+1), defhome+1)))
|| (*defhome != '~' && !strcmp (home, defhome) )
#endif
)
{
if (gnupg_mkdir (home, "-rwx"))
log_error (_("can't create directory `%s': %s\n"),
home, strerror (errno) );
else
{
if (!opt.quiet)
log_info (_("directory `%s' created\n"), home);
create_private_keys_directory (home);
}
}
}
else
log_error (_("stat() failed for `%s': %s\n"), home, strerror (errno));
}
else if ( !S_ISDIR(statbuf.st_mode))
{
log_error (_("can't use `%s' as home directory\n"), home);
}
else /* exists and is a directory. */
{
create_private_keys_directory (home);
}
xfree (home);
}
/* This is the worker for the ticker. It is called every few seconds
and may only do fast operations. */
static void
handle_tick (void)
{
static time_t last_minute;
if (!last_minute)
last_minute = time (NULL);
/* Check whether the scdaemon has died and cleanup in this case. */
agent_scd_check_aliveness ();
/* If we are running as a child of another process, check whether
the parent is still alive and shutdown if not. */
#ifndef HAVE_W32_SYSTEM
if (parent_pid != (pid_t)(-1))
{
if (kill (parent_pid, 0))
{
shutdown_pending = 2;
log_info ("parent process died - shutting down\n");
log_info ("%s %s stopped\n", strusage(11), strusage(13) );
cleanup ();
agent_exit (0);
}
}
#endif /*HAVE_W32_SYSTEM*/
/* Code to be run from time to time. */
#if CHECK_OWN_SOCKET_INTERVAL > 0
if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL))
{
check_own_socket ();
last_minute = time (NULL);
}
#endif
}
/* A global function which allows us to call the reload stuff from
other places too. This is only used when build for W32. */
void
agent_sighup_action (void)
{
log_info ("SIGHUP received - "
"re-reading configuration and flushing cache\n");
agent_flush_cache ();
reread_configuration ();
agent_reload_trustlist ();
}
static void
agent_sigusr2_action (void)
{
if (opt.verbose)
log_info ("SIGUSR2 received - updating card event counter\n");
/* Nothing to check right now. We only increment a counter. */
bump_card_eventcounter ();
}
static void
handle_signal (int signo)
{
switch (signo)
{
#ifndef HAVE_W32_SYSTEM
case SIGHUP:
agent_sighup_action ();
break;
case SIGUSR1:
log_info ("SIGUSR1 received - printing internal information:\n");
/* Fixme: We need to see how to integrate pth dumping into our
logging system. */
/* pth_ctrl (PTH_CTRL_DUMPSTATE, log_get_stream ()); */
agent_query_dump_state ();
agent_scd_dump_state ();
break;
case SIGUSR2:
agent_sigusr2_action ();
break;
case SIGTERM:
if (!shutdown_pending)
log_info ("SIGTERM received - shutting down ...\n");
else
log_info ("SIGTERM received - still %ld running threads\n",
pth_ctrl( PTH_CTRL_GETTHREADS ));
shutdown_pending++;
if (shutdown_pending > 2)
{
log_info ("shutdown forced\n");
log_info ("%s %s stopped\n", strusage(11), strusage(13) );
cleanup ();
agent_exit (0);
}
break;
case SIGINT:
log_info ("SIGINT received - immediate shutdown\n");
log_info( "%s %s stopped\n", strusage(11), strusage(13));
cleanup ();
agent_exit (0);
break;
#endif
default:
log_info ("signal %d received - no action defined\n", signo);
}
}
/* Check the nonce on a new connection. This is a NOP unless we we
are using our Unix domain socket emulation under Windows. */
static int
check_nonce (ctrl_t ctrl, assuan_sock_nonce_t *nonce)
{
if (assuan_sock_check_nonce (ctrl->thread_startup.fd, nonce))
{
log_info (_("error reading nonce on fd %d: %s\n"),
FD2INT(ctrl->thread_startup.fd), strerror (errno));
assuan_sock_close (ctrl->thread_startup.fd);
xfree (ctrl);
return -1;
}
else
return 0;
}
/* This is the standard connection thread's main function. */
static void *
start_connection_thread (void *arg)
{
ctrl_t ctrl = arg;
if (check_nonce (ctrl, &socket_nonce))
{
log_error ("handler 0x%lx nonce check FAILED\n", pth_thread_id ());
return NULL;
}
agent_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("handler 0x%lx for fd %d started\n"),
pth_thread_id (), FD2INT(ctrl->thread_startup.fd));
start_command_handler (ctrl, GNUPG_INVALID_FD, ctrl->thread_startup.fd);
if (opt.verbose)
log_info (_("handler 0x%lx for fd %d terminated\n"),
pth_thread_id (), FD2INT(ctrl->thread_startup.fd));
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
return NULL;
}
/* This is the ssh connection thread's main function. */
static void *
start_connection_thread_ssh (void *arg)
{
ctrl_t ctrl = arg;
if (check_nonce (ctrl, &socket_nonce_ssh))
return NULL;
agent_init_default_ctrl (ctrl);
if (opt.verbose)
log_info (_("ssh handler 0x%lx for fd %d started\n"),
pth_thread_id (), FD2INT(ctrl->thread_startup.fd));
start_command_handler_ssh (ctrl, ctrl->thread_startup.fd);
if (opt.verbose)
log_info (_("ssh handler 0x%lx for fd %d terminated\n"),
pth_thread_id (), FD2INT(ctrl->thread_startup.fd));
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
return NULL;
}
/* Connection handler loop. Wait for connection requests and spawn a
thread after accepting a connection. */
static void
handle_connections (gnupg_fd_t listen_fd, gnupg_fd_t listen_fd_ssh)
{
pth_attr_t tattr;
pth_event_t ev, time_ev;
sigset_t sigs;
int signo;
struct sockaddr_un paddr;
socklen_t plen;
fd_set fdset, read_fdset;
int ret;
gnupg_fd_t fd;
int nfd;
tattr = pth_attr_new();
pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 256*1024);
#ifndef HAVE_W32_SYSTEM /* fixme */
/* Make sure that the signals we are going to handle are not blocked
and create an event object for them. We also set the default
action to ignore because we use an Pth event to get notified
about signals. This avoids that the default action is taken in
case soemthing goes wrong within Pth. The problem might also be
a Pth bug. */
sigemptyset (&sigs );
{
static const int mysigs[] = { SIGHUP, SIGUSR1, SIGUSR2, SIGINT, SIGTERM };
struct sigaction sa;
int i;
for (i=0; i < DIM (mysigs); i++)
{
sigemptyset (&sa.sa_mask);
sa.sa_handler = SIG_IGN;
sa.sa_flags = 0;
sigaction (mysigs[i], &sa, NULL);
sigaddset (&sigs, mysigs[i]);
}
}
pth_sigmask (SIG_UNBLOCK, &sigs, NULL);
ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
#else
# ifdef HAVE_W32CE_SYSTEM
/* Use a dummy event. */
sigs = 0;
ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
# else
sigs = 0;
ev = pth_event (PTH_EVENT_HANDLE, get_agent_scd_notify_event ());
signo = 0;
# endif
#endif
time_ev = NULL;
/* Set a flag to tell call-scd.c that it may enable event
notifications. */
opt.sigusr2_enabled = 1;
FD_ZERO (&fdset);
FD_SET (FD2INT (listen_fd), &fdset);
nfd = FD2INT (listen_fd);
if (listen_fd_ssh != GNUPG_INVALID_FD)
{
FD_SET ( FD2INT(listen_fd_ssh), &fdset);
if (FD2INT (listen_fd_ssh) > nfd)
nfd = FD2INT (listen_fd_ssh);
}
for (;;)
{
/* Make sure that our signals are not blocked. */
pth_sigmask (SIG_UNBLOCK, &sigs, NULL);
/* Shutdown test. */
if (shutdown_pending)
{
if (pth_ctrl (PTH_CTRL_GETTHREADS) == 1)
break; /* ready */
/* Do not accept new connections but keep on running the
loop to cope with the timer events. */
FD_ZERO (&fdset);
}
/* Create a timeout event if needed. To help with power saving
we syncronize the ticks to the next full second. */
if (!time_ev)
{
pth_time_t nexttick;
nexttick = pth_timeout (TIMERTICK_INTERVAL, 0);
if (nexttick.tv_usec > 10) /* Use a 10 usec threshhold. */
{
nexttick.tv_sec++;
nexttick.tv_usec = 0;
}
time_ev = pth_event (PTH_EVENT_TIME, nexttick);
}
/* POSIX says that fd_set should be implemented as a structure,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
if (time_ev)
pth_event_concat (ev, time_ev, NULL);
ret = pth_select_ev (nfd+1, &read_fdset, NULL, NULL, NULL, ev);
if (time_ev)
pth_event_isolate (time_ev);
if (ret == -1)
{
if (pth_event_occurred (ev)
|| (time_ev && pth_event_occurred (time_ev)))
{
if (pth_event_occurred (ev))
{
#if defined(HAVE_W32_SYSTEM) && defined(PTH_EVENT_HANDLE)
agent_sigusr2_action ();
#else
handle_signal (signo);
#endif
}
if (time_ev && pth_event_occurred (time_ev))
{
pth_event_free (time_ev, PTH_FREE_ALL);
time_ev = NULL;
handle_tick ();
}
continue;
}
log_error (_("pth_select failed: %s - waiting 1s\n"),
strerror (errno));
pth_sleep (1);
continue;
}
if (pth_event_occurred (ev))
{
#if defined(HAVE_W32_SYSTEM) && defined(PTH_EVENT_HANDLE)
agent_sigusr2_action ();
#else
handle_signal (signo);
#endif
}
if (time_ev && pth_event_occurred (time_ev))
{
pth_event_free (time_ev, PTH_FREE_ALL);
time_ev = NULL;
handle_tick ();
}
/* We now might create new threads and because we don't want any
signals (as we are handling them here) to be delivered to a
new thread. Thus we need to block those signals. */
pth_sigmask (SIG_BLOCK, &sigs, NULL);
if (!shutdown_pending && FD_ISSET (FD2INT (listen_fd), &read_fdset))
{
ctrl_t ctrl;
plen = sizeof paddr;
fd = INT2FD (pth_accept (FD2INT(listen_fd),
(struct sockaddr *)&paddr, &plen));
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed: %s\n", strerror (errno));
}
else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
{
log_error ("error allocating connection control data: %s\n",
strerror (errno) );
assuan_sock_close (fd);
}
else if ( !(ctrl->session_env = session_env_new ()) )
{
log_error ("error allocating session environment block: %s\n",
strerror (errno) );
xfree (ctrl);
assuan_sock_close (fd);
}
else
{
char threadname[50];
snprintf (threadname, sizeof threadname-1,
"conn fd=%d (gpg)", FD2INT(fd));
threadname[sizeof threadname -1] = 0;
pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
ctrl->thread_startup.fd = fd;
if (!pth_spawn (tattr, start_connection_thread, ctrl))
{
log_error ("error spawning connection handler: %s\n",
strerror (errno) );
assuan_sock_close (fd);
xfree (ctrl);
}
}
fd = GNUPG_INVALID_FD;
}
if (!shutdown_pending && listen_fd_ssh != GNUPG_INVALID_FD
&& FD_ISSET ( FD2INT (listen_fd_ssh), &read_fdset))
{
ctrl_t ctrl;
plen = sizeof paddr;
fd = INT2FD(pth_accept (FD2INT(listen_fd_ssh),
(struct sockaddr *)&paddr, &plen));
if (fd == GNUPG_INVALID_FD)
{
log_error ("accept failed for ssh: %s\n", strerror (errno));
}
else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
{
log_error ("error allocating connection control data: %s\n",
strerror (errno) );
assuan_sock_close (fd);
}
else if ( !(ctrl->session_env = session_env_new ()) )
{
log_error ("error allocating session environment block: %s\n",
strerror (errno) );
xfree (ctrl);
assuan_sock_close (fd);
}
else
{
char threadname[50];
agent_init_default_ctrl (ctrl);
snprintf (threadname, sizeof threadname-1,
"conn fd=%d (ssh)", FD2INT(fd));
threadname[sizeof threadname -1] = 0;
pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
ctrl->thread_startup.fd = fd;
if (!pth_spawn (tattr, start_connection_thread_ssh, ctrl) )
{
log_error ("error spawning ssh connection handler: %s\n",
strerror (errno) );
assuan_sock_close (fd);
xfree (ctrl);
}
}
fd = GNUPG_INVALID_FD;
}
}
pth_event_free (ev, PTH_FREE_ALL);
if (time_ev)
pth_event_free (time_ev, PTH_FREE_ALL);
cleanup ();
log_info (_("%s %s stopped\n"), strusage(11), strusage(13));
}
/* Helper for check_own_socket. */
static gpg_error_t
check_own_socket_pid_cb (void *opaque, const void *buffer, size_t length)
{
membuf_t *mb = opaque;
put_membuf (mb, buffer, length);
return 0;
}
/* The thread running the actual check. We need to run this in a
separate thread so that check_own_thread can be called from the
timer tick. */
static void *
check_own_socket_thread (void *arg)
{
int rc;
char *sockname = arg;
assuan_context_t ctx = NULL;
membuf_t mb;
char *buffer;
check_own_socket_running++;
rc = assuan_new (&ctx);
if (rc)
{
log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
goto leave;
}
rc = assuan_socket_connect (ctx, sockname, (pid_t)(-1), 0);
if (rc)
{
log_error ("can't connect my own socket: %s\n", gpg_strerror (rc));
goto leave;
}
init_membuf (&mb, 100);
rc = assuan_transact (ctx, "GETINFO pid", check_own_socket_pid_cb, &mb,
NULL, NULL, NULL, NULL);
put_membuf (&mb, "", 1);
buffer = get_membuf (&mb, NULL);
if (rc || !buffer)
{
log_error ("sending command \"%s\" to my own socket failed: %s\n",
"GETINFO pid", gpg_strerror (rc));
rc = 1;
}
else if ( (pid_t)strtoul (buffer, NULL, 10) != getpid ())
{
log_error ("socket is now serviced by another server\n");
rc = 1;
}
else if (opt.verbose > 1)
log_error ("socket is still served by this server\n");
xfree (buffer);
leave:
xfree (sockname);
if (ctx)
assuan_release (ctx);
if (rc)
{
/* We may not remove the socket as it is now in use by another
server. Setting the name to empty does this. */
if (socket_name)
*socket_name = 0;
if (socket_name_ssh)
*socket_name_ssh = 0;
shutdown_pending = 2;
log_info ("this process is useless - shutting down\n");
}
check_own_socket_running--;
return NULL;
}
/* Check whether we are still listening on our own socket. In case
another gpg-agent process started after us has taken ownership of
our socket, we would linger around without any real task. Thus we
better check once in a while whether we are really needed. */
static void
check_own_socket (void)
{
char *sockname;
pth_attr_t tattr;
if (!opt.use_standard_socket)
return; /* This check makes only sense in standard socket mode. */
if (check_own_socket_running || shutdown_pending)
return; /* Still running or already shutting down. */
sockname = make_filename (opt.homedir, "S.gpg-agent", NULL);
if (!sockname)
return; /* Out of memory. */
tattr = pth_attr_new();
pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 256*1024);
pth_attr_set (tattr, PTH_ATTR_NAME, "check-own-socket");
if (!pth_spawn (tattr, check_own_socket_thread, sockname))
log_error ("error spawning check_own_socket_thread: %s\n",
strerror (errno) );
pth_attr_destroy (tattr);
}
/* Figure out whether an agent is available and running. Prints an
error if not. If SILENT is true, no messages are printed. Usually
started with MODE 0. Returns 0 if the agent is running. */
static int
check_for_running_agent (int silent, int mode)
{
int rc;
char *infostr, *p;
assuan_context_t ctx = NULL;
int prot, pid;
if (!mode)
{
infostr = getenv ("GPG_AGENT_INFO");
if (!infostr || !*infostr)
{
if (!check_for_running_agent (silent, 1))
return 0; /* Okay, its running on the standard socket. */
if (!silent)
log_error (_("no gpg-agent running in this session\n"));
return -1;
}
infostr = xstrdup (infostr);
if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr)
{
xfree (infostr);
if (!check_for_running_agent (silent, 1))
return 0; /* Okay, its running on the standard socket. */
if (!silent)
log_error (_("malformed GPG_AGENT_INFO environment variable\n"));
return -1;
}
*p++ = 0;
pid = atoi (p);
while (*p && *p != PATHSEP_C)
p++;
prot = *p? atoi (p+1) : 0;
if (prot != 1)
{
xfree (infostr);
if (!silent)
log_error (_("gpg-agent protocol version %d is not supported\n"),
prot);
if (!check_for_running_agent (silent, 1))
return 0; /* Okay, its running on the standard socket. */
return -1;
}
}
else /* MODE != 0 */
{
infostr = make_filename (opt.homedir, "S.gpg-agent", NULL);
pid = (pid_t)(-1);
}
rc = assuan_new (&ctx);
if (! rc)
rc = assuan_socket_connect (ctx, infostr, pid, 0);
xfree (infostr);
if (rc)
{
if (!mode && !check_for_running_agent (silent, 1))
return 0; /* Okay, its running on the standard socket. */
if (!mode && !silent)
log_error ("can't connect to the agent: %s\n", gpg_strerror (rc));
if (ctx)
assuan_release (ctx);
return -1;
}
if (!opt.quiet && !silent)
log_info ("gpg-agent running and available\n");
assuan_release (ctx);
return 0;
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Fri, Dec 5, 9:32 AM (1 d, 11 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
e4/3c/10e1bdcfc552bc623dc7399e04d3
Attached To
rG GnuPG
Event Timeline
Log In to Comment