diff --git a/common/homedir.c b/common/homedir.c
index e9e75d01e..4b6e46e88 100644
--- a/common/homedir.c
+++ b/common/homedir.c
@@ -1,1162 +1,1165 @@
/* homedir.c - Setup the home directory.
* Copyright (C) 2004, 2006, 2007, 2010 Free Software Foundation, Inc.
* Copyright (C) 2013, 2016 Werner Koch
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include
#include
#ifdef HAVE_W32_SYSTEM
#include /* Due to the stupid mingw64 requirement to
include this header before windows.h which
is often implicitly included. */
#include
#ifndef CSIDL_APPDATA
#define CSIDL_APPDATA 0x001a
#endif
#ifndef CSIDL_LOCAL_APPDATA
#define CSIDL_LOCAL_APPDATA 0x001c
#endif
#ifndef CSIDL_COMMON_APPDATA
#define CSIDL_COMMON_APPDATA 0x0023
#endif
#ifndef CSIDL_FLAG_CREATE
#define CSIDL_FLAG_CREATE 0x8000
#endif
#endif /*HAVE_W32_SYSTEM*/
#ifdef HAVE_STAT
#include /* for stat() */
#endif
#include "util.h"
#include "sysutils.h"
#include "zb32.h"
/* The GnuPG homedir. This is only accessed by the functions
* gnupg_homedir and gnupg_set_homedir. Malloced. */
static char *the_gnupg_homedir;
/* Flag indicating that home directory is not the default one. */
static byte non_default_homedir;
#ifdef HAVE_W32_SYSTEM
/* A flag used to indicate that a control file for gpgconf has been
detected. Under Windows the presence of this file indicates a
portable installations and triggers several changes:
- The GNUGHOME directory is fixed relative to installation
directory. All other means to set the home directory are ignore.
- All registry variables will be ignored.
This flag is not used on Unix systems.
*/
static byte w32_portable_app;
#endif /*HAVE_W32_SYSTEM*/
#ifdef HAVE_W32_SYSTEM
/* This flag is true if this process' binary has been installed under
bin and not in the root directory as often used before GnuPG 2.1. */
static byte w32_bin_is_bin;
#endif /*HAVE_W32_SYSTEM*/
#ifdef HAVE_W32_SYSTEM
static const char *w32_rootdir (void);
#endif
#ifdef HAVE_W32_SYSTEM
static void
w32_try_mkdir (const char *dir)
{
#ifdef HAVE_W32CE_SYSTEM
wchar_t *wdir = utf8_to_wchar (dir);
if (wdir)
{
CreateDirectory (wdir, NULL);
xfree (wdir);
}
#else
CreateDirectory (dir, NULL);
#endif
}
#endif
/* This is a helper function to load a Windows function from either of
one DLLs. */
#ifdef HAVE_W32_SYSTEM
static HRESULT
w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e)
{
static int initialized;
static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPSTR);
if (!initialized)
{
static char *dllnames[] = { "shell32.dll", "shfolder.dll", NULL };
void *handle;
int i;
initialized = 1;
for (i=0, handle = NULL; !handle && dllnames[i]; i++)
{
handle = dlopen (dllnames[i], RTLD_LAZY);
if (handle)
{
func = dlsym (handle, "SHGetFolderPathA");
if (!func)
{
dlclose (handle);
handle = NULL;
}
}
}
}
if (func)
return func (a,b,c,d,e);
else
return -1;
}
#endif /*HAVE_W32_SYSTEM*/
/* Check whether DIR is the default homedir. */
static int
is_gnupg_default_homedir (const char *dir)
{
int result;
char *a = make_absfilename (dir, NULL);
char *b = make_absfilename (GNUPG_DEFAULT_HOMEDIR, NULL);
result = !compare_filenames (a, b);
xfree (b);
xfree (a);
return result;
}
/* Helper to remove trailing slashes from NEWDIR. Return a new
* allocated string if that has been done or NULL if there are no
* slashes to remove. Also inserts a missing slash after a Windows
* drive letter. */
static char *
copy_dir_with_fixup (const char *newdir)
{
char *result = NULL;
char *p;
if (!*newdir)
return NULL;
#ifdef HAVE_W32_SYSTEM
if (newdir[0] && newdir[1] == ':'
&& !(newdir[2] == '/' || newdir[2] == '\\'))
{
/* Drive letter with missing leading slash. */
p = result = xmalloc (strlen (newdir) + 1 + 1);
*p++ = newdir[0];
*p++ = newdir[1];
*p++ = '\\';
strcpy (p, newdir+2);
/* Remove trailing slashes. */
p = result + strlen (result) - 1;
while (p > result+2 && (*p == '/' || *p == '\\'))
*p-- = 0;
}
else if (newdir[strlen (newdir)-1] == '/'
|| newdir[strlen (newdir)-1] == '\\' )
{
result = xstrdup (newdir);
p = result + strlen (result) - 1;
while (p > result
&& (*p == '/' || *p == '\\')
&& (p-1 > result && p[-1] != ':')) /* We keep "c:/". */
*p-- = 0;
}
#else /*!HAVE_W32_SYSTEM*/
if (newdir[strlen (newdir)-1] == '/')
{
result = xstrdup (newdir);
p = result + strlen (result) - 1;
while (p > result && *p == '/')
*p-- = 0;
}
#endif /*!HAVE_W32_SYSTEM*/
return result;
}
/* Get the standard home directory. In general this function should
not be used as it does not consider a registry value (under W32) or
the GNUPGHOME environment variable. It is better to use
default_homedir(). */
const char *
standard_homedir (void)
{
#ifdef HAVE_W32_SYSTEM
static const char *dir;
if (!dir)
{
const char *rdir;
rdir = w32_rootdir ();
if (w32_portable_app)
{
dir = xstrconcat (rdir, DIRSEP_S "home", NULL);
}
else
{
char path[MAX_PATH];
/* It might be better to use LOCAL_APPDATA because this is
defined as "non roaming" and thus more likely to be kept
locally. For private keys this is desired. However,
given that many users copy private keys anyway forth and
back, using a system roaming services might be better
than to let them do it manually. A security conscious
user will anyway use the registry entry to have better
control. */
if (w32_shgetfolderpath (NULL, CSIDL_APPDATA|CSIDL_FLAG_CREATE,
NULL, 0, path) >= 0)
{
char *tmp = xmalloc (strlen (path) + 6 +1);
strcpy (stpcpy (tmp, path), "\\gnupg");
dir = tmp;
/* Try to create the directory if it does not yet exists. */
if (access (dir, F_OK))
w32_try_mkdir (dir);
}
else
dir = GNUPG_DEFAULT_HOMEDIR;
}
}
return dir;
#else/*!HAVE_W32_SYSTEM*/
return GNUPG_DEFAULT_HOMEDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
/* Set up the default home directory. The usual --homedir option
should be parsed later. */
const char *
default_homedir (void)
{
const char *dir;
#ifdef HAVE_W32_SYSTEM
/* For a portable application we only use the standard homedir. */
w32_rootdir ();
if (w32_portable_app)
return standard_homedir ();
#endif /*HAVE_W32_SYSTEM*/
dir = getenv ("GNUPGHOME");
#ifdef HAVE_W32_SYSTEM
if (!dir || !*dir)
{
static const char *saved_dir;
if (!saved_dir)
{
if (!dir || !*dir)
{
char *tmp, *p;
+ /* This is deprecated; gpgconf --list-dirs prints a
+ * warning if the homedir has been taken from the
+ * registry. */
tmp = read_w32_registry_string (NULL,
GNUPG_REGISTRY_DIR,
"HomeDir");
if (tmp && !*tmp)
{
xfree (tmp);
tmp = NULL;
}
if (tmp)
{
/* Strip trailing backslashes. */
p = tmp + strlen (tmp) - 1;
while (p > tmp && *p == '\\')
*p-- = 0;
saved_dir = tmp;
}
}
if (!saved_dir)
saved_dir = standard_homedir ();
}
dir = saved_dir;
}
#endif /*HAVE_W32_SYSTEM*/
if (!dir || !*dir)
dir = GNUPG_DEFAULT_HOMEDIR;
else
{
char *p;
p = copy_dir_with_fixup (dir);
if (p)
dir = p;
if (!is_gnupg_default_homedir (dir))
non_default_homedir = 1;
}
return dir;
}
#ifdef HAVE_W32_SYSTEM
/* Check whether gpgconf is installed and if so read the gpgconf.ctl
file. */
static void
check_portable_app (const char *dir)
{
char *fname;
fname = xstrconcat (dir, DIRSEP_S "gpgconf.exe", NULL);
if (!access (fname, F_OK))
{
strcpy (fname + strlen (fname) - 3, "ctl");
if (!access (fname, F_OK))
{
/* gpgconf.ctl file found. Record this fact. */
w32_portable_app = 1;
{
unsigned int flags;
log_get_prefix (&flags);
log_set_prefix (NULL, (flags | GPGRT_LOG_NO_REGISTRY));
}
/* FIXME: We should read the file to detect special flags
and print a warning if we don't understand them */
}
}
xfree (fname);
}
/* Determine the root directory of the gnupg installation on Windows. */
static const char *
w32_rootdir (void)
{
static int got_dir;
static char dir[MAX_PATH+5];
if (!got_dir)
{
char *p;
int rc;
wchar_t wdir [MAX_PATH+5];
rc = GetModuleFileNameW (NULL, wdir, MAX_PATH);
if (rc && WideCharToMultiByte (CP_UTF8, 0, wdir, -1, dir, MAX_PATH-4,
NULL, NULL) < 0)
rc = 0;
if (!rc)
{
log_debug ("GetModuleFileName failed: %s\n", w32_strerror (-1));
*dir = 0;
}
got_dir = 1;
p = strrchr (dir, DIRSEP_C);
if (p)
{
*p = 0;
check_portable_app (dir);
/* If we are installed below "bin" we strip that and use
the top directory instead. */
p = strrchr (dir, DIRSEP_C);
if (p && !strcmp (p+1, "bin"))
{
*p = 0;
w32_bin_is_bin = 1;
}
}
if (!p)
{
log_debug ("bad filename '%s' returned for this process\n", dir);
*dir = 0;
}
}
if (*dir)
return dir;
/* Fallback to the hardwired value. */
return GNUPG_LIBEXECDIR;
}
static const char *
w32_commondir (void)
{
static char *dir;
if (!dir)
{
const char *rdir;
char path[MAX_PATH];
/* Make sure that w32_rootdir has been called so that we are
able to check the portable application flag. The common dir
is the identical to the rootdir. In that case there is also
no need to strdup its value. */
rdir = w32_rootdir ();
if (w32_portable_app)
return rdir;
if (w32_shgetfolderpath (NULL, CSIDL_COMMON_APPDATA,
NULL, 0, path) >= 0)
{
char *tmp = xmalloc (strlen (path) + 4 +1);
strcpy (stpcpy (tmp, path), "\\GNU");
dir = tmp;
/* No auto create of the directory. Either the installer or
the admin has to create these directories. */
}
else
{
/* Ooops: Not defined - probably an old Windows version.
Use the installation directory instead. */
dir = xstrdup (rdir);
}
}
return dir;
}
#endif /*HAVE_W32_SYSTEM*/
/* Change the homedir. Some care must be taken to set this early
* enough because previous calls to gnupg_homedir may else return a
* different string. */
void
gnupg_set_homedir (const char *newdir)
{
char *tmp = NULL;
if (!newdir || !*newdir)
newdir = default_homedir ();
else
{
tmp = copy_dir_with_fixup (newdir);
if (tmp)
newdir = tmp;
if (!is_gnupg_default_homedir (newdir))
non_default_homedir = 1;
}
xfree (the_gnupg_homedir);
the_gnupg_homedir = make_absfilename (newdir, NULL);;
xfree (tmp);
}
/* Return the homedir. The returned string is valid until another
* gnupg-set-homedir call. This is always an absolute directory name.
* The function replaces the former global var opt.homedir. */
const char *
gnupg_homedir (void)
{
/* If a homedir has not been set, set it to the default. */
if (!the_gnupg_homedir)
the_gnupg_homedir = make_absfilename (default_homedir (), NULL);
return the_gnupg_homedir;
}
/* Return whether the home dir is the default one. */
int
gnupg_default_homedir_p (void)
{
return !non_default_homedir;
}
/* Return the directory name used by daemons for their current working
* directory. */
const char *
gnupg_daemon_rootdir (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
{
char path[MAX_PATH];
size_t n;
n = GetSystemDirectoryA (path, sizeof path);
if (!n || n >= sizeof path)
name = xstrdup ("/"); /* Error - use the curret top dir instead. */
else
name = xstrdup (path);
}
return name;
#else /*!HAVE_W32_SYSTEM*/
return "/";
#endif /*!HAVE_W32_SYSTEM*/
}
/* Helper for gnupg-socketdir. This is a global function, so that
* gpgconf can use it for its --create-socketdir command. If
* SKIP_CHECKS is set permission checks etc. are not done. The
* function always returns a malloced directory name and stores these
* bit flags at R_INFO:
*
* 1 := Internal error, stat failed, out of core, etc.
* 2 := No /run/user directory.
* 4 := Directory not owned by the user, not a directory
* or wrong permissions.
* 8 := Same as 4 but for the subdir.
* 16 := mkdir failed
* 32 := Non default homedir; checking subdir.
* 64 := Subdir does not exist.
* 128 := Using homedir as fallback.
*/
char *
_gnupg_socketdir_internal (int skip_checks, unsigned *r_info)
{
#if defined(HAVE_W32_SYSTEM) || !defined(HAVE_STAT)
char *name;
(void)skip_checks;
*r_info = 0;
name = xstrdup (gnupg_homedir ());
#else /* Unix and stat(2) available. */
static const char * const bases[] = {
#ifdef USE_RUN_GNUPG_USER_SOCKET
"/run/gnupg",
#endif
"/run",
#ifdef USE_RUN_GNUPG_USER_SOCKET
"/var/run/gnupg",
#endif
"/var/run",
NULL
};
int i;
struct stat sb;
char prefix[19 + 1 + 20 + 6 + 1];
const char *s;
char *name = NULL;
*r_info = 0;
/* First make sure that non_default_homedir can be set. */
gnupg_homedir ();
/* It has been suggested to first check XDG_RUNTIME_DIR envvar.
* However, the specs state that the lifetime of the directory MUST
* be bound to the user being logged in. Now GnuPG may also be run
* as a background process with no (desktop) user logged in. Thus
* we better don't do that. */
/* Check whether we have a /run/[gnupg/]user dir. */
for (i=0; bases[i]; i++)
{
snprintf (prefix, sizeof prefix, "%s/user/%u",
bases[i], (unsigned int)getuid ());
if (!stat (prefix, &sb) && S_ISDIR(sb.st_mode))
break;
}
if (!bases[i])
{
*r_info |= 2; /* No /run/user directory. */
goto leave;
}
if (sb.st_uid != getuid ())
{
*r_info |= 4; /* Not owned by the user. */
if (!skip_checks)
goto leave;
}
if (strlen (prefix) + 7 >= sizeof prefix)
{
*r_info |= 1; /* Ooops: Buffer too short to append "/gnupg". */
goto leave;
}
strcat (prefix, "/gnupg");
/* Check whether the gnupg sub directory has proper permissions. */
if (stat (prefix, &sb))
{
if (errno != ENOENT)
{
*r_info |= 1; /* stat failed. */
goto leave;
}
/* Try to create the directory and check again. */
if (gnupg_mkdir (prefix, "-rwx"))
{
*r_info |= 16; /* mkdir failed. */
goto leave;
}
if (stat (prefix, &sb))
{
*r_info |= 1; /* stat failed. */
goto leave;
}
}
/* Check that it is a directory, owned by the user, and only the
* user has permissions to use it. */
if (!S_ISDIR(sb.st_mode)
|| sb.st_uid != getuid ()
|| (sb.st_mode & (S_IRWXG|S_IRWXO)))
{
*r_info |= 4; /* Bad permissions or not a directory. */
if (!skip_checks)
goto leave;
}
/* If a non default homedir is used, we check whether an
* corresponding sub directory below the socket dir is available
* and use that. We hash the non default homedir to keep the new
* subdir short enough. */
if (non_default_homedir)
{
char sha1buf[20];
char *suffix;
*r_info |= 32; /* Testing subdir. */
s = gnupg_homedir ();
gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, s, strlen (s));
suffix = zb32_encode (sha1buf, 8*15);
if (!suffix)
{
*r_info |= 1; /* Out of core etc. */
goto leave;
}
name = strconcat (prefix, "/d.", suffix, NULL);
xfree (suffix);
if (!name)
{
*r_info |= 1; /* Out of core etc. */
goto leave;
}
/* Stat that directory and check constraints.
* The command
* gpgconf --remove-socketdir
* can be used to remove that directory. */
if (stat (name, &sb))
{
if (errno != ENOENT)
*r_info |= 1; /* stat failed. */
else if (!skip_checks)
{
/* Try to create the directory and check again. */
if (gnupg_mkdir (name, "-rwx"))
*r_info |= 16; /* mkdir failed. */
else if (stat (prefix, &sb))
{
if (errno != ENOENT)
*r_info |= 1; /* stat failed. */
else
*r_info |= 64; /* Subdir does not exist. */
}
else
goto leave; /* Success! */
}
else
*r_info |= 64; /* Subdir does not exist. */
if (!skip_checks)
{
xfree (name);
name = NULL;
goto leave;
}
}
else if (!S_ISDIR(sb.st_mode)
|| sb.st_uid != getuid ()
|| (sb.st_mode & (S_IRWXG|S_IRWXO)))
{
*r_info |= 8; /* Bad permissions or subdir is not a directory. */
if (!skip_checks)
{
xfree (name);
name = NULL;
goto leave;
}
}
}
else
name = xstrdup (prefix);
leave:
/* If nothing works fall back to the homedir. */
if (!name)
{
*r_info |= 128; /* Fallback. */
name = xstrdup (gnupg_homedir ());
}
#endif /* Unix */
return name;
}
/*
* Return the name of the socket dir. That is the directory used for
* the IPC local sockets. This is an absolute directory name.
*/
const char *
gnupg_socketdir (void)
{
static char *name;
if (!name)
{
unsigned int dummy;
name = _gnupg_socketdir_internal (0, &dummy);
}
return name;
}
/* Return the name of the sysconfdir. This is a static string. This
function is required because under Windows we can't simply compile
it in. */
const char *
gnupg_sysconfdir (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
{
const char *s1, *s2;
s1 = w32_commondir ();
s2 = DIRSEP_S "etc" DIRSEP_S "gnupg";
name = xmalloc (strlen (s1) + strlen (s2) + 1);
strcpy (stpcpy (name, s1), s2);
}
return name;
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_SYSCONFDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
const char *
gnupg_bindir (void)
{
#if defined (HAVE_W32CE_SYSTEM)
static char *name;
if (!name)
name = xstrconcat (w32_rootdir (), DIRSEP_S "bin", NULL);
return name;
#elif defined(HAVE_W32_SYSTEM)
const char *rdir;
rdir = w32_rootdir ();
if (w32_bin_is_bin)
{
static char *name;
if (!name)
name = xstrconcat (rdir, DIRSEP_S "bin", NULL);
return name;
}
else
return rdir;
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_BINDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
/* Return the name of the libexec directory. The name is allocated in
a static area on the first use. This function won't fail. */
const char *
gnupg_libexecdir (void)
{
#ifdef HAVE_W32_SYSTEM
return gnupg_bindir ();
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_LIBEXECDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
const char *
gnupg_libdir (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
name = xstrconcat (w32_rootdir (), DIRSEP_S "lib" DIRSEP_S "gnupg", NULL);
return name;
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_LIBDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
const char *
gnupg_datadir (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
name = xstrconcat (w32_rootdir (), DIRSEP_S "share" DIRSEP_S "gnupg", NULL);
return name;
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_DATADIR;
#endif /*!HAVE_W32_SYSTEM*/
}
const char *
gnupg_localedir (void)
{
#ifdef HAVE_W32_SYSTEM
static char *name;
if (!name)
name = xstrconcat (w32_rootdir (), DIRSEP_S "share" DIRSEP_S "locale",
NULL);
return name;
#else /*!HAVE_W32_SYSTEM*/
return LOCALEDIR;
#endif /*!HAVE_W32_SYSTEM*/
}
/* Return the name of the cache directory. The name is allocated in a
static area on the first use. Windows only: If the directory does
not exist it is created. */
const char *
gnupg_cachedir (void)
{
#ifdef HAVE_W32_SYSTEM
static const char *dir;
if (!dir)
{
const char *rdir;
rdir = w32_rootdir ();
if (w32_portable_app)
{
dir = xstrconcat (rdir,
DIRSEP_S, "var",
DIRSEP_S, "cache",
DIRSEP_S, "gnupg", NULL);
}
else
{
char path[MAX_PATH];
const char *s1[] = { "GNU", "cache", "gnupg", NULL };
int s1_len;
const char **comp;
s1_len = 0;
for (comp = s1; *comp; comp++)
s1_len += 1 + strlen (*comp);
if (w32_shgetfolderpath (NULL, CSIDL_LOCAL_APPDATA|CSIDL_FLAG_CREATE,
NULL, 0, path) >= 0)
{
char *tmp = xmalloc (strlen (path) + s1_len + 1);
char *p;
p = stpcpy (tmp, path);
for (comp = s1; *comp; comp++)
{
p = stpcpy (p, "\\");
p = stpcpy (p, *comp);
if (access (tmp, F_OK))
w32_try_mkdir (tmp);
}
dir = tmp;
}
else
{
dir = "c:\\temp\\cache\\gnupg";
#ifdef HAVE_W32CE_SYSTEM
dir += 2;
w32_try_mkdir ("\\temp\\cache");
w32_try_mkdir ("\\temp\\cache\\gnupg");
#endif
}
}
}
return dir;
#else /*!HAVE_W32_SYSTEM*/
return GNUPG_LOCALSTATEDIR "/cache/" PACKAGE_NAME;
#endif /*!HAVE_W32_SYSTEM*/
}
/* Return the user socket name used by DirMngr. */
const char *
dirmngr_socket_name (void)
{
static char *name;
if (!name)
name = make_filename (gnupg_socketdir (), DIRMNGR_SOCK_NAME, NULL);
return name;
}
/* Return the default pinentry name. If RESET is true the internal
cache is first flushed. */
static const char *
get_default_pinentry_name (int reset)
{
static struct {
const char *(*rfnc)(void);
const char *name;
} names[] = {
/* The first entry is what we return in case we found no
other pinentry. */
{ gnupg_bindir, DIRSEP_S "pinentry" EXEEXT_S },
#ifdef HAVE_W32_SYSTEM
/* Try Gpg4win directory (with bin and without.) */
{ w32_rootdir, "\\..\\Gpg4win\\bin\\pinentry.exe" },
{ w32_rootdir, "\\..\\Gpg4win\\pinentry.exe" },
/* Try old Gpgwin directory. */
{ w32_rootdir, "\\..\\GNU\\GnuPG\\pinentry.exe" },
/* Try a Pinentry from the common GNU dir. */
{ w32_rootdir, "\\..\\GNU\\bin\\pinentry.exe" },
#endif
/* Last chance is a pinentry-basic (which comes with the
GnuPG 2.1 Windows installer). */
{ gnupg_bindir, DIRSEP_S "pinentry-basic" EXEEXT_S }
};
static char *name;
if (reset)
{
xfree (name);
name = NULL;
}
if (!name)
{
int i;
for (i=0; i < DIM(names); i++)
{
char *name2;
name2 = xstrconcat (names[i].rfnc (), names[i].name, NULL);
if (!access (name2, F_OK))
{
/* Use that pinentry. */
xfree (name);
name = name2;
break;
}
if (!i) /* Store the first as fallback return. */
name = name2;
else
xfree (name2);
}
}
return name;
}
/* If set, 'gnupg_module_name' returns modules from that build
* directory. */
static char *gnupg_build_directory;
/* For sanity checks. */
static int gnupg_module_name_called;
/* Set NEWDIR as the new build directory. This will make
* 'gnupg_module_name' return modules from that build directory. Must
* be called before any invocation of 'gnupg_module_name', and must
* not be called twice. It can be used by test suites to make sure
* the components from the build directory are used instead of
* potentially outdated installed ones. */
void
gnupg_set_builddir (const char *newdir)
{
log_assert (! gnupg_module_name_called);
log_assert (! gnupg_build_directory);
gnupg_build_directory = xtrystrdup (newdir);
}
/* If no build directory has been configured, try to set it from the
* environment. We only do this in development builds to avoid
* increasing the set of influential environment variables and hence
* the attack surface of production builds. */
static void
gnupg_set_builddir_from_env (void)
{
#if defined(IS_DEVELOPMENT_VERSION) || defined(ENABLE_GNUPG_BUILDDIR_ENVVAR)
if (gnupg_build_directory)
return;
gnupg_build_directory = getenv ("GNUPG_BUILDDIR");
#endif
}
/* Return the file name of a helper tool. WHICH is one of the
GNUPG_MODULE_NAME_foo constants. */
const char *
gnupg_module_name (int which)
{
gnupg_set_builddir_from_env ();
gnupg_module_name_called = 1;
#define X(a,b,c) do { \
static char *name; \
if (!name) \
name = gnupg_build_directory \
? xstrconcat (gnupg_build_directory, \
DIRSEP_S b DIRSEP_S c EXEEXT_S, NULL) \
: xstrconcat (gnupg_ ## a (), DIRSEP_S c EXEEXT_S, NULL); \
return name; \
} while (0)
switch (which)
{
case GNUPG_MODULE_NAME_AGENT:
#ifdef GNUPG_DEFAULT_AGENT
return GNUPG_DEFAULT_AGENT;
#else
X(bindir, "agent", "gpg-agent");
#endif
case GNUPG_MODULE_NAME_PINENTRY:
#ifdef GNUPG_DEFAULT_PINENTRY
return GNUPG_DEFAULT_PINENTRY; /* (Set by a configure option) */
#else
return get_default_pinentry_name (0);
#endif
case GNUPG_MODULE_NAME_SCDAEMON:
#ifdef GNUPG_DEFAULT_SCDAEMON
return GNUPG_DEFAULT_SCDAEMON;
#else
X(libexecdir, "scd", "scdaemon");
#endif
case GNUPG_MODULE_NAME_DIRMNGR:
#ifdef GNUPG_DEFAULT_DIRMNGR
return GNUPG_DEFAULT_DIRMNGR;
#else
X(bindir, "dirmngr", DIRMNGR_NAME);
#endif
case GNUPG_MODULE_NAME_PROTECT_TOOL:
#ifdef GNUPG_DEFAULT_PROTECT_TOOL
return GNUPG_DEFAULT_PROTECT_TOOL;
#else
X(libexecdir, "agent", "gpg-protect-tool");
#endif
case GNUPG_MODULE_NAME_DIRMNGR_LDAP:
#ifdef GNUPG_DEFAULT_DIRMNGR_LDAP
return GNUPG_DEFAULT_DIRMNGR_LDAP;
#else
X(libexecdir, "dirmngr", "dirmngr_ldap");
#endif
case GNUPG_MODULE_NAME_CHECK_PATTERN:
X(libexecdir, "tools", "gpg-check-pattern");
case GNUPG_MODULE_NAME_GPGSM:
X(bindir, "sm", "gpgsm");
case GNUPG_MODULE_NAME_GPG:
#if USE_GPG2_HACK
if (! gnupg_build_directory)
X(bindir, "g10", GPG_NAME "2");
else
#endif
X(bindir, "g10", GPG_NAME);
case GNUPG_MODULE_NAME_GPGV:
#if USE_GPG2_HACK
if (! gnupg_build_directory)
X(bindir, "g10", GPG_NAME "v2");
else
#endif
X(bindir, "g10", GPG_NAME "v");
case GNUPG_MODULE_NAME_CONNECT_AGENT:
X(bindir, "tools", "gpg-connect-agent");
case GNUPG_MODULE_NAME_GPGCONF:
X(bindir, "tools", "gpgconf");
default:
BUG ();
}
#undef X
}
/* Flush some of the cached module names. This is for example used by
gpg-agent to allow configuring a different pinentry. */
void
gnupg_module_name_flush_some (void)
{
(void)get_default_pinentry_name (1);
}
diff --git a/tools/gpgconf.c b/tools/gpgconf.c
index d9ee4a9c6..708b37002 100644
--- a/tools/gpgconf.c
+++ b/tools/gpgconf.c
@@ -1,910 +1,924 @@
/* gpgconf.c - Configuration utility for GnuPG
* Copyright (C) 2003, 2007, 2009, 2011 Free Software Foundation, Inc.
* Copyright (C) 2016 g10 Code GmbH.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include
#include
#include
#include "gpgconf.h"
#include "../common/i18n.h"
#include "../common/sysutils.h"
#include "../common/init.h"
#include "../common/status.h"
/* Constants to identify the commands and options. */
enum cmd_and_opt_values
{
aNull = 0,
oDryRun = 'n',
oOutput = 'o',
oQuiet = 'q',
oVerbose = 'v',
oRuntime = 'r',
oComponent = 'c',
oNull = '0',
oNoVerbose = 500,
oHomedir,
oBuilddir,
oStatusFD,
oShowSocket,
aListComponents,
aCheckPrograms,
aListOptions,
aChangeOptions,
aCheckOptions,
aApplyDefaults,
aListConfig,
aCheckConfig,
aQuerySWDB,
aListDirs,
aLaunch,
aKill,
aCreateSocketDir,
aRemoveSocketDir,
aApplyProfile,
aReload
};
/* The list of commands and options. */
static ARGPARSE_OPTS opts[] =
{
{ 300, NULL, 0, N_("@Commands:\n ") },
{ aListComponents, "list-components", 256, N_("list all components") },
{ aCheckPrograms, "check-programs", 256, N_("check all programs") },
{ aListOptions, "list-options", 256, N_("|COMPONENT|list options") },
{ aChangeOptions, "change-options", 256, N_("|COMPONENT|change options") },
{ aCheckOptions, "check-options", 256, N_("|COMPONENT|check options") },
{ aApplyDefaults, "apply-defaults", 256,
N_("apply global default values") },
{ aApplyProfile, "apply-profile", 256,
N_("|FILE|update configuration files using FILE") },
{ aListDirs, "list-dirs", 256,
N_("get the configuration directories for @GPGCONF@") },
{ aListConfig, "list-config", 256,
N_("list global configuration file") },
{ aCheckConfig, "check-config", 256,
N_("check global configuration file") },
{ aQuerySWDB, "query-swdb", 256,
N_("query the software version database") },
{ aReload, "reload", 256, N_("reload all or a given component")},
{ aLaunch, "launch", 256, N_("launch a given component")},
{ aKill, "kill", 256, N_("kill a given component")},
{ aCreateSocketDir, "create-socketdir", 256, "@"},
{ aRemoveSocketDir, "remove-socketdir", 256, "@"},
{ 301, NULL, 0, N_("@\nOptions:\n ") },
{ oOutput, "output", 2, N_("use as output file") },
{ oVerbose, "verbose", 0, N_("verbose") },
{ oQuiet, "quiet", 0, N_("quiet") },
{ oDryRun, "dry-run", 0, N_("do not make any changes") },
{ oRuntime, "runtime", 0, N_("activate changes at runtime, if possible") },
ARGPARSE_s_i (oStatusFD, "status-fd", N_("|FD|write status info to this FD")),
/* hidden options */
{ oHomedir, "homedir", 2, "@" },
{ oBuilddir, "build-prefix", 2, "@" },
{ oNull, "null", 0, "@" },
{ oNoVerbose, "no-verbose", 0, "@"},
ARGPARSE_s_n (oShowSocket, "show-socket", "@"),
ARGPARSE_end(),
};
/* The stream to output the status information. Status Output is disabled if
* this is NULL. */
static estream_t statusfp;
/* Print usage information and provide strings for help. */
static const char *
my_strusage( int level )
{
const char *p;
switch (level)
{
case 11: p = "@GPGCONF@ (@GNUPG@)";
break;
case 13: p = VERSION; break;
case 17: p = PRINTABLE_OS_NAME; break;
case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
case 1:
case 40: p = _("Usage: @GPGCONF@ [options] (-h for help)");
break;
case 41:
p = _("Syntax: @GPGCONF@ [options]\n"
"Manage configuration options for tools of the @GNUPG@ system\n");
break;
default: p = NULL; break;
}
return p;
}
/* Return the fp for the output. This is usually stdout unless
--output has been used. In the latter case this function opens
that file. */
static estream_t
get_outfp (estream_t *fp)
{
if (!*fp)
{
if (opt.outfile)
{
*fp = es_fopen (opt.outfile, "w");
if (!*fp)
gc_error (1, errno, "can not open '%s'", opt.outfile);
}
else
*fp = es_stdout;
}
return *fp;
}
/* Set the status FD. */
static void
set_status_fd (int fd)
{
static int last_fd = -1;
if (fd != -1 && last_fd == fd)
return;
if (statusfp && statusfp != es_stdout && statusfp != es_stderr)
es_fclose (statusfp);
statusfp = NULL;
if (fd == -1)
return;
if (fd == 1)
statusfp = es_stdout;
else if (fd == 2)
statusfp = es_stderr;
else
statusfp = es_fdopen (fd, "w");
if (!statusfp)
{
log_fatal ("can't open fd %d for status output: %s\n",
fd, gpg_strerror (gpg_error_from_syserror ()));
}
last_fd = fd;
}
/* Write a status line with code NO followed by the output of the
* printf style FORMAT. The caller needs to make sure that LFs and
* CRs are not printed. */
void
gpgconf_write_status (int no, const char *format, ...)
{
va_list arg_ptr;
if (!statusfp)
return; /* Not enabled. */
es_fputs ("[GNUPG:] ", statusfp);
es_fputs (get_status_string (no), statusfp);
if (format)
{
es_putc (' ', statusfp);
va_start (arg_ptr, format);
es_vfprintf (statusfp, format, arg_ptr);
va_end (arg_ptr);
}
es_putc ('\n', statusfp);
}
static void
list_dirs (estream_t fp, char **names)
{
static struct {
const char *name;
const char *(*fnc)(void);
const char *extra;
} list[] = {
{ "sysconfdir", gnupg_sysconfdir, NULL },
{ "bindir", gnupg_bindir, NULL },
{ "libexecdir", gnupg_libexecdir, NULL },
{ "libdir", gnupg_libdir, NULL },
{ "datadir", gnupg_datadir, NULL },
{ "localedir", gnupg_localedir, NULL },
{ "socketdir", gnupg_socketdir, NULL },
{ "dirmngr-socket", dirmngr_socket_name, NULL,},
{ "agent-ssh-socket", gnupg_socketdir, GPG_AGENT_SSH_SOCK_NAME },
{ "agent-extra-socket", gnupg_socketdir, GPG_AGENT_EXTRA_SOCK_NAME },
{ "agent-browser-socket",gnupg_socketdir, GPG_AGENT_BROWSER_SOCK_NAME },
{ "agent-socket", gnupg_socketdir, GPG_AGENT_SOCK_NAME },
{ "homedir", gnupg_homedir, NULL }
};
int idx, j;
char *tmp;
const char *s;
for (idx = 0; idx < DIM (list); idx++)
{
s = list[idx].fnc ();
if (list[idx].extra)
{
tmp = make_filename (s, list[idx].extra, NULL);
s = tmp;
}
else
tmp = NULL;
if (!names)
es_fprintf (fp, "%s:%s\n", list[idx].name, gc_percent_escape (s));
else
{
for (j=0; names[j]; j++)
if (!strcmp (names[j], list[idx].name))
{
es_fputs (s, fp);
es_putc (opt.null? '\0':'\n', fp);
}
}
xfree (tmp);
}
+
+
+#ifdef HAVE_W32_SYSTEM
+ tmp = read_w32_registry_string (NULL,
+ GNUPG_REGISTRY_DIR,
+ "HomeDir");
+ if (tmp)
+ {
+ es_fflush (fp);
+ log_info ("Warning: homedir taken from registry key (%s %s)\n",
+ GNUPG_REGISTRY_DIR, "HomeDir");
+ xfree (tmp);
+ }
+#endif /*HAVE_W32_SYSTEM*/
}
/* Check whether NAME is valid argument for query_swdb(). Valid names
* start with a letter and contain only alphanumeric characters or an
* underscore. */
static int
valid_swdb_name_p (const char *name)
{
if (!name || !*name || !alphap (name))
return 0;
for (name++; *name; name++)
if (!alnump (name) && *name != '_')
return 0;
return 1;
}
/* Query the SWDB file. If necessary and possible this functions asks
* the dirmngr to load an updated version of that file. The caller
* needs to provide the NAME to query (e.g. "gnupg", "libgcrypt") and
* optional the currently installed version in CURRENT_VERSION. The
* output written to OUT is a colon delimited line with these fields:
*
* name :: The name of the package
* curvers:: The installed version if given.
* status :: This value tells the status of the software package
* '-' :: No information available
* (error or CURRENT_VERSION not given)
* '?' :: Unknown NAME
* 'u' :: Update available
* 'c' :: The version is Current
* 'n' :: The current version is already Newer than the
* available one.
* urgency :: If the value is greater than zero an urgent update is required.
* error :: 0 on success or an gpg_err_code_t
* Common codes seen:
* GPG_ERR_TOO_OLD :: The SWDB file is to old to be used.
* GPG_ERR_ENOENT :: The SWDB file is not available.
* GPG_ERR_BAD_SIGNATURE :: Currupted SWDB file.
* filedate:: Date of the swdb file (yyyymmddThhmmss)
* verified:: Date we checked the validity of the file (yyyyymmddThhmmss)
* version :: The version string from the swdb.
* reldate :: Release date of that version (yyyymmddThhmmss)
* size :: Size of the package in bytes.
* hash :: SHA-2 hash of the package.
*
*/
static void
query_swdb (estream_t out, const char *name, const char *current_version)
{
gpg_error_t err;
const char *search_name;
char *fname = NULL;
estream_t fp = NULL;
char *line = NULL;
char *self_version = NULL;
size_t length_of_line = 0;
size_t maxlen;
ssize_t len;
char *fields[2];
char *p;
gnupg_isotime_t filedate = {0};
gnupg_isotime_t verified = {0};
char *value_ver = NULL;
gnupg_isotime_t value_date = {0};
char *value_size = NULL;
char *value_sha2 = NULL;
unsigned long value_size_ul = 0;
int status, i;
if (!valid_swdb_name_p (name))
{
log_error ("error in package name '%s': %s\n",
name, gpg_strerror (GPG_ERR_INV_NAME));
goto leave;
}
if (!strcmp (name, "gnupg"))
search_name = GNUPG_SWDB_TAG;
else if (!strcmp (name, "gnupg1"))
search_name = "gnupg1";
else
search_name = name;
if (!current_version && !strcmp (name, "gnupg"))
{
/* Use our own version but string a possible beta string. */
self_version = xstrdup (PACKAGE_VERSION);
p = strchr (self_version, '-');
if (p)
*p = 0;
current_version = self_version;
}
if (current_version && (strchr (current_version, ':')
|| compare_version_strings (current_version, NULL)))
{
log_error ("error in version string '%s': %s\n",
current_version, gpg_strerror (GPG_ERR_INV_ARG));
goto leave;
}
fname = make_filename (gnupg_homedir (), "swdb.lst", NULL);
fp = es_fopen (fname, "r");
if (!fp)
{
err = gpg_error_from_syserror ();
es_fprintf (out, "%s:%s:-::%u:::::::\n",
name,
current_version? current_version : "",
gpg_err_code (err));
if (gpg_err_code (err) != GPG_ERR_ENOENT)
log_error (_("error opening '%s': %s\n"), fname, gpg_strerror (err));
goto leave;
}
/* Note that the parser uses the first occurrence of a matching
* values and ignores possible duplicated values. */
maxlen = 2048; /* Set limit. */
while ((len = es_read_line (fp, &line, &length_of_line, &maxlen)) > 0)
{
if (!maxlen)
{
err = gpg_error (GPG_ERR_LINE_TOO_LONG);
log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (err));
goto leave;
}
/* Strip newline and carriage return, if present. */
while (len > 0 && (line[len - 1] == '\n' || line[len - 1] == '\r'))
line[--len] = '\0';
if (split_fields (line, fields, DIM (fields)) < DIM(fields))
continue; /* Skip empty lines and names w/o a value. */
if (*fields[0] == '#')
continue; /* Skip comments. */
/* Record the meta data. */
if (!*filedate && !strcmp (fields[0], ".filedate"))
{
string2isotime (filedate, fields[1]);
continue;
}
if (!*verified && !strcmp (fields[0], ".verified"))
{
string2isotime (verified, fields[1]);
continue;
}
/* Tokenize the name. */
p = strrchr (fields[0], '_');
if (!p)
continue; /* Name w/o an underscore. */
*p++ = 0;
/* Wait for the requested name. */
if (!strcmp (fields[0], search_name))
{
if (!strcmp (p, "ver") && !value_ver)
value_ver = xstrdup (fields[1]);
else if (!strcmp (p, "date") && !*value_date)
string2isotime (value_date, fields[1]);
else if (!strcmp (p, "size") && !value_size)
value_size = xstrdup (fields[1]);
else if (!strcmp (p, "sha2") && !value_sha2)
value_sha2 = xstrdup (fields[1]);
}
}
if (len < 0 || es_ferror (fp))
{
err = gpg_error_from_syserror ();
log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (err));
goto leave;
}
if (!*filedate || !*verified)
{
err = gpg_error (GPG_ERR_INV_TIME);
es_fprintf (out, "%s:%s:-::%u:::::::\n",
name,
current_version? current_version : "",
gpg_err_code (err));
goto leave;
}
if (!value_ver)
{
es_fprintf (out, "%s:%s:?:::::::::\n",
name,
current_version? current_version : "");
goto leave;
}
if (value_size)
{
gpg_err_set_errno (0);
value_size_ul = strtoul (value_size, &p, 10);
if (errno)
value_size_ul = 0;
else if (*p == 'k')
value_size_ul *= 1024;
}
err = 0;
status = '-';
if (compare_version_strings (value_ver, NULL))
err = gpg_error (GPG_ERR_INV_VALUE);
else if (!current_version)
;
else if (!(i = compare_version_strings (value_ver, current_version)))
status = 'c';
else if (i > 0)
status = 'u';
else
status = 'n';
es_fprintf (out, "%s:%s:%c::%d:%s:%s:%s:%s:%lu:%s:\n",
name,
current_version? current_version : "",
status,
err,
filedate,
verified,
value_ver,
value_date,
value_size_ul,
value_sha2? value_sha2 : "");
leave:
xfree (value_ver);
xfree (value_size);
xfree (value_sha2);
xfree (line);
es_fclose (fp);
xfree (fname);
xfree (self_version);
}
/* gpgconf main. */
int
main (int argc, char **argv)
{
gpg_error_t err;
ARGPARSE_ARGS pargs;
const char *fname;
int no_more_options = 0;
enum cmd_and_opt_values cmd = 0;
estream_t outfp = NULL;
int show_socket = 0;
early_system_init ();
gnupg_reopen_std (GPGCONF_NAME);
set_strusage (my_strusage);
log_set_prefix (GPGCONF_NAME, GPGRT_LOG_WITH_PREFIX);
/* Make sure that our subsystems are ready. */
i18n_init();
init_common_subsystems (&argc, &argv);
gc_components_init ();
/* Parse the command line. */
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags = 1; /* Do not remove the args. */
while (!no_more_options && optfile_parse (NULL, NULL, NULL, &pargs, opts))
{
switch (pargs.r_opt)
{
case oOutput: opt.outfile = pargs.r.ret_str; break;
case oQuiet: opt.quiet = 1; break;
case oDryRun: opt.dry_run = 1; break;
case oRuntime:
opt.runtime = 1;
break;
case oVerbose: opt.verbose++; break;
case oNoVerbose: opt.verbose = 0; break;
case oHomedir: gnupg_set_homedir (pargs.r.ret_str); break;
case oBuilddir: gnupg_set_builddir (pargs.r.ret_str); break;
case oNull: opt.null = 1; break;
case oStatusFD:
set_status_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1));
break;
case oShowSocket: show_socket = 1; break;
case aListDirs:
case aListComponents:
case aCheckPrograms:
case aListOptions:
case aChangeOptions:
case aCheckOptions:
case aApplyDefaults:
case aApplyProfile:
case aListConfig:
case aCheckConfig:
case aQuerySWDB:
case aReload:
case aLaunch:
case aKill:
case aCreateSocketDir:
case aRemoveSocketDir:
cmd = pargs.r_opt;
break;
default: pargs.err = 2; break;
}
}
if (log_get_errorcount (0))
gpgconf_failure (GPG_ERR_USER_2);
/* Print a warning if an argument looks like an option. */
if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
{
int i;
for (i=0; i < argc; i++)
if (argv[i][0] == '-' && argv[i][1] == '-')
log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
}
fname = argc ? *argv : NULL;
switch (cmd)
{
case aListComponents:
default:
/* List all components. */
gc_component_list_components (get_outfp (&outfp));
break;
case aCheckPrograms:
/* Check all programs. */
gc_check_programs (get_outfp (&outfp));
break;
case aListOptions:
case aChangeOptions:
case aCheckOptions:
if (!fname)
{
es_fprintf (es_stderr, _("usage: %s [options] "), GPGCONF_NAME);
es_putc ('\n', es_stderr);
es_fputs (_("Need one component argument"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (GPG_ERR_USER_2);
}
else
{
int idx = gc_component_find (fname);
if (idx < 0)
{
es_fputs (_("Component not found"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (0);
}
if (cmd == aCheckOptions)
gc_component_check_options (idx, get_outfp (&outfp), NULL);
else
{
gc_component_retrieve_options (idx);
if (gc_process_gpgconf_conf (NULL, 1, 0, NULL))
gpgconf_failure (0);
if (cmd == aListOptions)
gc_component_list_options (idx, get_outfp (&outfp));
else if (cmd == aChangeOptions)
gc_component_change_options (idx, es_stdin,
get_outfp (&outfp), 0);
}
}
break;
case aLaunch:
case aKill:
if (!fname)
{
es_fprintf (es_stderr, _("usage: %s [options] "), GPGCONF_NAME);
es_putc ('\n', es_stderr);
es_fputs (_("Need one component argument"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (GPG_ERR_USER_2);
}
else if (!strcmp (fname, "all"))
{
if (cmd == aLaunch)
{
if (gc_component_launch (-1))
gpgconf_failure (0);
}
else
{
gc_component_kill (-1);
}
}
else
{
/* Launch/Kill a given component. */
int idx;
idx = gc_component_find (fname);
if (idx < 0)
{
es_fputs (_("Component not found"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (0);
}
else if (cmd == aLaunch)
{
err = gc_component_launch (idx);
if (show_socket)
{
char *names[2];
if (idx == GC_COMPONENT_GPG_AGENT)
names[0] = "agent-socket";
else if (idx == GC_COMPONENT_DIRMNGR)
names[0] = "dirmngr-socket";
else
names[0] = NULL;
names[1] = NULL;
get_outfp (&outfp);
list_dirs (outfp, names);
}
if (err)
gpgconf_failure (0);
}
else
{
/* We don't error out if the kill failed because this
command should do nothing if the component is not
running. */
gc_component_kill (idx);
}
}
break;
case aReload:
if (!fname || !strcmp (fname, "all"))
{
/* Reload all. */
gc_component_reload (-1);
}
else
{
/* Reload given component. */
int idx;
idx = gc_component_find (fname);
if (idx < 0)
{
es_fputs (_("Component not found"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (0);
}
else
{
gc_component_reload (idx);
}
}
break;
case aListConfig:
if (gc_process_gpgconf_conf (fname, 0, 0, get_outfp (&outfp)))
gpgconf_failure (0);
break;
case aCheckConfig:
if (gc_process_gpgconf_conf (fname, 0, 0, NULL))
gpgconf_failure (0);
break;
case aApplyDefaults:
if (fname)
{
es_fprintf (es_stderr, _("usage: %s [options] "), GPGCONF_NAME);
es_putc ('\n', es_stderr);
es_fputs (_("No argument allowed"), es_stderr);
es_putc ('\n', es_stderr);
gpgconf_failure (GPG_ERR_USER_2);
}
gc_component_retrieve_options (-1);
if (gc_process_gpgconf_conf (NULL, 1, 1, NULL))
gpgconf_failure (0);
break;
case aApplyProfile:
gc_component_retrieve_options (-1);
if (gc_apply_profile (fname))
gpgconf_failure (0);
break;
case aListDirs:
/* Show the system configuration directories for gpgconf. */
get_outfp (&outfp);
list_dirs (outfp, argc? argv : NULL);
break;
case aQuerySWDB:
/* Query the software version database. */
if (!fname || argc > 2)
{
es_fprintf (es_stderr, "usage: %s --query-swdb NAME [VERSION]\n",
GPGCONF_NAME);
gpgconf_failure (GPG_ERR_USER_2);
}
get_outfp (&outfp);
query_swdb (outfp, fname, argc > 1? argv[1] : NULL);
break;
case aCreateSocketDir:
{
char *socketdir;
unsigned int flags;
/* Make sure that the top /run/user/UID/gnupg dir has been
* created. */
gnupg_socketdir ();
/* Check the /var/run dir. */
socketdir = _gnupg_socketdir_internal (1, &flags);
if ((flags & 64) && !opt.dry_run)
{
/* No sub dir - create it. */
if (gnupg_mkdir (socketdir, "-rwx"))
gc_error (1, errno, "error creating '%s'", socketdir);
/* Try again. */
xfree (socketdir);
socketdir = _gnupg_socketdir_internal (1, &flags);
}
/* Give some info. */
if ( (flags & ~32) || opt.verbose || opt.dry_run)
{
log_info ("socketdir is '%s'\n", socketdir);
if ((flags & 1)) log_info ("\tgeneral error\n");
if ((flags & 2)) log_info ("\tno /run/user dir\n");
if ((flags & 4)) log_info ("\tbad permissions\n");
if ((flags & 8)) log_info ("\tbad permissions (subdir)\n");
if ((flags & 16)) log_info ("\tmkdir failed\n");
if ((flags & 32)) log_info ("\tnon-default homedir\n");
if ((flags & 64)) log_info ("\tno such subdir\n");
if ((flags & 128)) log_info ("\tusing homedir as fallback\n");
}
if ((flags & ~32) && !opt.dry_run)
gc_error (1, 0, "error creating socket directory");
xfree (socketdir);
}
break;
case aRemoveSocketDir:
{
char *socketdir;
unsigned int flags;
/* Check the /var/run dir. */
socketdir = _gnupg_socketdir_internal (1, &flags);
if ((flags & 128))
log_info ("ignoring request to remove non /run/user socket dir\n");
else if (opt.dry_run)
;
else if (rmdir (socketdir))
{
/* If the director is not empty we first try to delet
* socket files. */
err = gpg_error_from_syserror ();
if (gpg_err_code (err) == GPG_ERR_ENOTEMPTY
|| gpg_err_code (err) == GPG_ERR_EEXIST)
{
static const char * const names[] = {
GPG_AGENT_SOCK_NAME,
GPG_AGENT_EXTRA_SOCK_NAME,
GPG_AGENT_BROWSER_SOCK_NAME,
GPG_AGENT_SSH_SOCK_NAME,
SCDAEMON_SOCK_NAME,
DIRMNGR_SOCK_NAME
};
int i;
char *p;
for (i=0; i < DIM(names); i++)
{
p = strconcat (socketdir , "/", names[i], NULL);
if (p)
gnupg_remove (p);
xfree (p);
}
if (rmdir (socketdir))
gc_error (1, 0, "error removing '%s': %s",
socketdir, gpg_strerror (err));
}
else if (gpg_err_code (err) == GPG_ERR_ENOENT)
gc_error (0, 0, "warning: removing '%s' failed: %s",
socketdir, gpg_strerror (err));
else
gc_error (1, 0, "error removing '%s': %s",
socketdir, gpg_strerror (err));
}
xfree (socketdir);
}
break;
}
if (outfp != es_stdout)
if (es_fclose (outfp))
gc_error (1, errno, "error closing '%s'", opt.outfile);
if (log_get_errorcount (0))
gpgconf_failure (0);
else
gpgconf_write_status (STATUS_SUCCESS, NULL);
return 0;
}
void
gpgconf_failure (gpg_error_t err)
{
log_flush ();
if (!err)
err = gpg_error (GPG_ERR_GENERAL);
gpgconf_write_status
(STATUS_FAILURE, "- %u",
gpg_err_code (err) == GPG_ERR_USER_2? GPG_ERR_EINVAL : err);
exit (gpg_err_code (err) == GPG_ERR_USER_2? 2 : 1);
}