1 /* dirmngr.c - Keyserver and X.509 LDAP access
2 * Copyright (C) 2002 Klarälvdalens Datakonsult AB
3 * Copyright (C) 2003, 2004, 2006, 2007, 2008, 2010, 2011 g10 Code GmbH
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
33 #ifndef HAVE_W32_SYSTEM
34 #include <sys/socket.h>
42 #ifdef HAVE_INOTIFY_INIT
43 # include <sys/inotify.h>
44 #endif /*HAVE_INOTIFY_INIT*/
47 #include "dirmngr-err.h"
52 # include <gnutls/gnutls.h>
53 #endif /*HTTP_USE_GNUTLS*/
56 #define GNUPG_COMMON_NEED_AFLOCAL
61 #include "certcache.h"
66 # include "ldapserver.h"
70 # include "ldap-wrapper.h"
72 #include "../common/init.h"
73 #include "gc-opt-flags.h"
74 #include "dns-stuff.h"
77 # define ENAMETOOLONG EINVAL
81 enum cmd_and_opt_values {
139 oIgnoreCertExtension,
143 oDisableCheckOwnSocket,
152 static ARGPARSE_OPTS opts[] = {
154 ARGPARSE_group (300, N_("@Commands:\n ")),
156 ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
157 ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
158 #ifndef HAVE_W32_SYSTEM
159 ARGPARSE_c (aSupervised, "supervised", N_("run in supervised mode")),
161 ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
162 ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
163 ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
164 ARGPARSE_c (aShutdown, "shutdown", N_("shutdown the dirmngr")),
165 ARGPARSE_c (aFlush, "flush", N_("flush the cache")),
166 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
167 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
169 ARGPARSE_group (301, N_("@\nOptions:\n ")),
171 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
172 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
173 ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
174 ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
175 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
176 ARGPARSE_s_s (oDebugLevel, "debug-level",
177 N_("|LEVEL|set the debugging level to LEVEL")),
178 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
179 ARGPARSE_s_s (oLogFile, "log-file",
180 N_("|FILE|write server mode logs to FILE")),
181 ARGPARSE_s_n (oBatch, "batch", N_("run without asking a user")),
182 ARGPARSE_s_n (oForce, "force", N_("force loading of outdated CRLs")),
183 ARGPARSE_s_n (oAllowOCSP, "allow-ocsp", N_("allow sending OCSP requests")),
184 ARGPARSE_s_n (oAllowVersionCheck, "allow-version-check",
185 N_("allow online software version check")),
186 ARGPARSE_s_n (oDisableHTTP, "disable-http", N_("inhibit the use of HTTP")),
187 ARGPARSE_s_n (oDisableLDAP, "disable-ldap", N_("inhibit the use of LDAP")),
188 ARGPARSE_s_n (oIgnoreHTTPDP,"ignore-http-dp",
189 N_("ignore HTTP CRL distribution points")),
190 ARGPARSE_s_n (oIgnoreLDAPDP,"ignore-ldap-dp",
191 N_("ignore LDAP CRL distribution points")),
192 ARGPARSE_s_n (oIgnoreOCSPSvcUrl, "ignore-ocsp-service-url",
193 N_("ignore certificate contained OCSP service URLs")),
195 ARGPARSE_s_s (oHTTPProxy, "http-proxy",
196 N_("|URL|redirect all HTTP requests to URL")),
197 ARGPARSE_s_s (oLDAPProxy, "ldap-proxy",
198 N_("|HOST|use HOST for LDAP queries")),
199 ARGPARSE_s_n (oOnlyLDAPProxy, "only-ldap-proxy",
200 N_("do not use fallback hosts with --ldap-proxy")),
202 ARGPARSE_s_s (oLDAPFile, "ldapserverlist-file",
203 N_("|FILE|read LDAP server list from FILE")),
204 ARGPARSE_s_n (oLDAPAddServers, "add-servers",
205 N_("add new servers discovered in CRL distribution"
206 " points to serverlist")),
207 ARGPARSE_s_i (oLDAPTimeout, "ldaptimeout",
208 N_("|N|set LDAP timeout to N seconds")),
210 ARGPARSE_s_s (oOCSPResponder, "ocsp-responder",
211 N_("|URL|use OCSP responder at URL")),
212 ARGPARSE_s_s (oOCSPSigner, "ocsp-signer",
213 N_("|FPR|OCSP response signed by FPR")),
214 ARGPARSE_s_i (oOCSPMaxClockSkew, "ocsp-max-clock-skew", "@"),
215 ARGPARSE_s_i (oOCSPMaxPeriod, "ocsp-max-period", "@"),
216 ARGPARSE_s_i (oOCSPCurrentPeriod, "ocsp-current-period", "@"),
218 ARGPARSE_s_i (oMaxReplies, "max-replies",
219 N_("|N|do not return more than N items in one query")),
221 ARGPARSE_s_s (oNameServer, "nameserver", "@"),
222 ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
223 ARGPARSE_s_s (oHkpCaCert, "hkp-cacert",
224 N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
226 ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
228 ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"),
230 ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
232 ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
233 ARGPARSE_s_s (oDebug, "debug", "@"),
234 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
235 ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
236 ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
237 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
238 ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
239 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
240 ARGPARSE_s_s (oHomedir, "homedir", "@"),
241 ARGPARSE_s_s (oLDAPWrapperProgram, "ldap-wrapper-program", "@"),
242 ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"),
243 ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy", "@"),
244 ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"),
245 ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"),
246 ARGPARSE_s_n (oRecursiveResolver, "recursive-resolver", "@"),
247 ARGPARSE_s_i (oResolverTimeout, "resolver-timeout", "@"),
249 ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing "
250 "of all commands and options)\n")),
255 /* The list of supported debug flags. */
256 static struct debug_flags_s debug_flags [] =
258 { DBG_X509_VALUE , "x509" },
259 { DBG_CRYPTO_VALUE , "crypto" },
260 { DBG_MEMORY_VALUE , "memory" },
261 { DBG_CACHE_VALUE , "cache" },
262 { DBG_MEMSTAT_VALUE, "memstat" },
263 { DBG_HASHING_VALUE, "hashing" },
264 { DBG_IPC_VALUE , "ipc" },
265 { DBG_DNS_VALUE , "dns" },
266 { DBG_NETWORK_VALUE, "network" },
267 { DBG_LOOKUP_VALUE , "lookup" },
268 { 77, NULL } /* 77 := Do not exit on "help" or "?". */
271 #define DEFAULT_MAX_REPLIES 10
272 #define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
274 /* For the cleanup handler we need to keep track of the socket's name. */
275 static const char *socket_name;
276 /* If the socket has been redirected, this is the name of the
277 redirected socket.. */
278 static const char *redir_socket_name;
280 /* We need to keep track of the server's nonces (these are dummies for
282 static assuan_sock_nonce_t socket_nonce;
284 /* Only if this flag has been set will we remove the socket file. */
285 static int cleanup_socket;
287 /* Keep track of the current log file so that we can avoid updating
288 the log file after a SIGHUP if it didn't changed. Malloced. */
289 static char *current_logfile;
291 /* Helper to implement --debug-level. */
292 static const char *debug_level;
294 /* Helper to set the NTBTLS or GNUTLS log level. */
295 static int opt_gnutls_debug = -1;
297 /* Flag indicating that a shutdown has been requested. */
298 static volatile int shutdown_pending;
300 /* Flags to indicate that we shall not watch our own socket. */
301 static int disable_check_own_socket;
303 /* Counter for the active connections. */
304 static int active_connections;
306 /* This flag is set by any network access and used by the housekeeping
307 * thread to run background network tasks. */
308 static int network_activity_seen;
310 /* This union is used to avoid compiler warnings in case a pointer is
311 64 bit and an int 32 bit. We store an integer in a pointer and get
312 it back later (npth_getspecific et al.). */
322 /* The key used to store the current file descriptor in the thread
323 local storage. We use this in conjunction with the
324 log_set_pid_suffix_cb feature. */
325 #ifndef HAVE_W32_SYSTEM
326 static int my_tlskey_current_fd;
330 static void cleanup (void);
332 static ldap_server_t parse_ldapserver_file (const char* filename);
334 static fingerprint_list_t parse_ocsp_signer (const char *string);
335 static void netactivity_action (void);
336 static void handle_connections (assuan_fd_t listen_fd);
338 /* NPth wrapper function definitions. */
339 ASSUAN_SYSTEM_NPTH_IMPL;
342 my_strusage( int level )
347 case 11: p = "@DIRMNGR@ (@GNUPG@)";
349 case 13: p = VERSION; break;
350 case 17: p = PRINTABLE_OS_NAME; break;
351 /* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
352 reporting address. This is so that we can change the
353 reporting address without breaking the translations. */
354 case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
355 case 49: p = PACKAGE_BUGREPORT; break;
357 case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)");
359 case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n"
360 "Keyserver, CRL, and OCSP access for @GNUPG@\n");
369 /* Callback from libksba to hash a provided buffer. Our current
370 implementation does only allow SHA-1 for hashing. This may be
371 extended by mapping the name, testing for algorithm availibility
372 and adjust the length checks accordingly. */
374 my_ksba_hash_buffer (void *arg, const char *oid,
375 const void *buffer, size_t length, size_t resultsize,
376 unsigned char *result, size_t *resultlen)
380 if (oid && strcmp (oid, "1.3.14.3.2.26"))
381 return gpg_error (GPG_ERR_NOT_SUPPORTED);
383 return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
384 gcry_md_hash_buffer (2, result, buffer, length);
390 /* GNUTLS log function callback. */
391 #ifdef HTTP_USE_GNUTLS
393 my_gnutls_log (int level, const char *text)
398 while (n && text[n-1] == '\n')
401 log_debug ("gnutls:L%d: %.*s\n", level, n, text);
403 #endif /*HTTP_USE_GNUTLS*/
405 /* Setup the debugging. With a LEVEL of NULL only the active debug
406 flags are propagated to the subsystems. With LEVEL set, a specific
407 set of debug flags is set; thus overriding all flags already
412 int numok = (debug_level && digitp (debug_level));
413 int numlvl = numok? atoi (debug_level) : 0;
417 else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
419 else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
420 opt.debug = DBG_IPC_VALUE;
421 else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
422 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE);
423 else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
424 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE
425 |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
426 else if (!strcmp (debug_level, "guru") || numok)
429 /* Unless the "guru" string has been used we don't want to allow
430 hashing debugging. The rationale is that people tend to
431 select the highest debug value and would then clutter their
432 disk with debug files which may reveal confidential data. */
434 opt.debug &= ~(DBG_HASHING_VALUE);
438 log_error (_("invalid debug-level '%s' given\n"), debug_level);
439 log_info (_("valid debug levels are: %s\n"),
440 "none, basic, advanced, expert, guru");
441 opt.debug = 0; /* Reset debugging, so that prior debug
442 statements won't have an undesired effect. */
446 if (opt.debug && !opt.verbose)
449 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
451 if (opt.debug && opt.quiet)
454 if (opt.debug & DBG_CRYPTO_VALUE )
455 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
458 if (opt_gnutls_debug >= 0)
460 ntbtls_set_debug (opt_gnutls_debug, NULL, NULL);
462 #elif HTTP_USE_GNUTLS
463 if (opt_gnutls_debug >= 0)
465 gnutls_global_set_log_function (my_gnutls_log);
466 gnutls_global_set_log_level (opt_gnutls_debug);
468 #endif /*HTTP_USE_GNUTLS*/
471 parse_debug_flag (NULL, &opt.debug, debug_flags);
480 /* Enable Tor mode and when called again force a new curcuit
481 * (e.g. on SIGHUP). */
482 enable_dns_tormode (1);
483 if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
485 log_error ("error enabling Tor mode: %s\n", strerror (errno));
486 log_info ("(is your Libassuan recent enough?)\n");
493 wrong_args (const char *text)
495 es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME);
496 es_fputs (text, es_stderr);
497 es_putc ('\n', es_stderr);
502 /* Helper to stop the reaper thread for the ldap wrapper. */
504 shutdown_reaper (void)
507 ldap_wrapper_wait_connections ();
512 /* Handle options which are allowed to be reset after program start.
513 Return true if the current option in PARGS could be handled and
514 false if not. As a special feature, passing a value of NULL for
515 PARGS, resets the options to the default. REREAD should be set
516 true if it is not the initial option parsing. */
518 parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
525 opt.ldap_wrapper_program = NULL;
526 opt.disable_http = 0;
527 opt.disable_ldap = 0;
528 opt.honor_http_proxy = 0;
529 opt.http_proxy = NULL;
530 opt.ldap_proxy = NULL;
531 opt.only_ldap_proxy = 0;
532 opt.ignore_http_dp = 0;
533 opt.ignore_ldap_dp = 0;
534 opt.ignore_ocsp_service_url = 0;
536 opt.allow_version_check = 0;
537 opt.ocsp_responder = NULL;
538 opt.ocsp_max_clock_skew = 10 * 60; /* 10 minutes. */
539 opt.ocsp_max_period = 90 * 86400; /* 90 days. */
540 opt.ocsp_current_period = 3 * 60 * 60; /* 3 hours. */
541 opt.max_replies = DEFAULT_MAX_REPLIES;
542 while (opt.ocsp_signer)
544 fingerprint_list_t tmp = opt.ocsp_signer->next;
545 xfree (opt.ocsp_signer);
546 opt.ocsp_signer = tmp;
548 FREE_STRLIST (opt.ignored_cert_extensions);
549 http_register_tls_ca (NULL);
550 FREE_STRLIST (opt.keyserver);
551 /* Note: We do not allow resetting of opt.use_tor at runtime. */
552 disable_check_own_socket = 0;
553 enable_standard_resolver (0);
558 switch (pargs->r_opt)
560 case oQuiet: opt.quiet = 1; break;
561 case oVerbose: opt.verbose++; break;
563 parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
565 case oDebugAll: opt.debug = ~0; break;
566 case oDebugLevel: debug_level = pargs->r.ret_str; break;
567 case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
571 return 0; /* Not handled. */
572 if (!current_logfile || !pargs->r.ret_str
573 || strcmp (current_logfile, pargs->r.ret_str))
575 log_set_file (pargs->r.ret_str);
576 xfree (current_logfile);
577 current_logfile = xtrystrdup (pargs->r.ret_str);
581 case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
583 case oLDAPWrapperProgram:
584 opt.ldap_wrapper_program = pargs->r.ret_str;
586 case oHTTPWrapperProgram:
587 opt.http_wrapper_program = pargs->r.ret_str;
590 case oDisableHTTP: opt.disable_http = 1; break;
591 case oDisableLDAP: opt.disable_ldap = 1; break;
592 case oDisableIPv4: opt.disable_ipv4 = 1; break;
593 case oHonorHTTPProxy: opt.honor_http_proxy = 1; break;
594 case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break;
595 case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break;
596 case oOnlyLDAPProxy: opt.only_ldap_proxy = 1; break;
597 case oIgnoreHTTPDP: opt.ignore_http_dp = 1; break;
598 case oIgnoreLDAPDP: opt.ignore_ldap_dp = 1; break;
599 case oIgnoreOCSPSvcUrl: opt.ignore_ocsp_service_url = 1; break;
601 case oAllowOCSP: opt.allow_ocsp = 1; break;
602 case oAllowVersionCheck: opt.allow_version_check = 1; break;
603 case oOCSPResponder: opt.ocsp_responder = pargs->r.ret_str; break;
605 opt.ocsp_signer = parse_ocsp_signer (pargs->r.ret_str);
607 case oOCSPMaxClockSkew: opt.ocsp_max_clock_skew = pargs->r.ret_int; break;
608 case oOCSPMaxPeriod: opt.ocsp_max_period = pargs->r.ret_int; break;
609 case oOCSPCurrentPeriod: opt.ocsp_current_period = pargs->r.ret_int; break;
611 case oMaxReplies: opt.max_replies = pargs->r.ret_int; break;
617 /* Do tilde expansion and make path absolute. */
618 tmpname = make_absfilename (pargs->r.ret_str, NULL);
619 http_register_tls_ca (tmpname);
624 case oIgnoreCertExtension:
625 add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
628 case oUseTor: opt.use_tor = 1; break;
630 case oStandardResolver: enable_standard_resolver (1); break;
631 case oRecursiveResolver: enable_recursive_resolver (1); break;
634 if (*pargs->r.ret_str)
635 add_to_strlist (&opt.keyserver, pargs->r.ret_str);
639 set_dns_nameserver (pargs->r.ret_str);
642 case oResolverTimeout:
643 set_dns_timeout (pargs->r.ret_int);
647 return 0; /* Not handled. */
650 set_dns_verbose (opt.verbose, !!DBG_DNS);
651 http_set_verbose (opt.verbose, !!DBG_NETWORK);
652 set_dns_disable_ipv4 (opt.disable_ipv4);
654 return 1; /* Handled. */
658 #ifndef HAVE_W32_SYSTEM
660 pid_suffix_callback (unsigned long *r_suffix)
662 union int_and_ptr_u value;
664 memset (&value, 0, sizeof value);
665 value.aptr = npth_getspecific (my_tlskey_current_fd);
666 *r_suffix = value.aint;
667 return (*r_suffix != -1); /* Use decimal representation. */
669 #endif /*!HAVE_W32_SYSTEM*/
676 gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
678 /* Now with NPth running we can set the logging callback. Our
679 windows implementation does not yet feature the NPth TLS
681 #ifndef HAVE_W32_SYSTEM
682 if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
683 if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
684 log_set_pid_suffix_cb (pid_suffix_callback);
685 #endif /*!HAVE_W32_SYSTEM*/
690 main (int argc, char **argv)
692 enum cmd_and_opt_values cmd = 0;
696 FILE *configfp = NULL;
697 char *configname = NULL;
699 unsigned configlineno;
701 int default_config =1;
706 char *logfile = NULL;
708 char *ldapfile = NULL;
712 struct assuan_malloc_hooks malloc_hooks;
714 early_system_init ();
715 set_strusage (my_strusage);
716 log_set_prefix (DIRMNGR_NAME, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
718 /* Make sure that our subsystems are ready. */
720 init_common_subsystems (&argc, &argv);
722 gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
724 /* Check that the libraries are suitable. Do it here because
725 the option parsing may need services of the libraries. */
726 if (!ksba_check_version (NEED_KSBA_VERSION) )
727 log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba",
728 NEED_KSBA_VERSION, ksba_check_version (NULL) );
730 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
731 ksba_set_hash_buffer_function (my_ksba_hash_buffer, NULL);
733 /* Init TLS library. */
735 if (!ntbtls_check_version (NEED_NTBTLS_VERSION) )
736 log_fatal( _("%s is too old (need %s, have %s)\n"), "ntbtls",
737 NEED_NTBTLS_VERSION, ntbtls_check_version (NULL) );
738 #elif HTTP_USE_GNUTLS
739 rc = gnutls_global_init ();
741 log_fatal ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
742 #endif /*HTTP_USE_GNUTLS*/
745 malloc_hooks.malloc = gcry_malloc;
746 malloc_hooks.realloc = gcry_realloc;
747 malloc_hooks.free = gcry_free;
748 assuan_set_malloc_hooks (&malloc_hooks);
749 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
750 assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
751 assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
753 setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
755 setup_libgcrypt_logging ();
757 /* Setup defaults. */
758 shell = getenv ("SHELL");
759 if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
762 /* Reset rereadable options to default values. */
763 parse_rereadable_options (NULL, 0);
766 opt.add_new_ldapservers = 0;
767 opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
769 /* Other defaults. */
771 /* Check whether we have a config file given on the commandline */
776 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
777 while (arg_parse( &pargs, opts))
779 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
781 else if (pargs.r_opt == oOptions)
782 { /* Yes there is one, so we do not try the default one, but
783 read the option file when it is encountered at the
787 else if (pargs.r_opt == oNoOptions)
788 default_config = 0; /* --no-options */
789 else if (pargs.r_opt == oHomedir)
791 gnupg_set_homedir (pargs.r.ret_str);
795 socket_name = dirmngr_socket_name ();
797 configname = make_filename (gnupg_homedir (), DIRMNGR_NAME".conf", NULL );
803 pargs.flags= 1; /* do not remove the args */
808 configfp = fopen (configname, "r");
814 log_info (_("Note: no default option file '%s'\n"),
819 log_error (_("option file '%s': %s\n"),
820 configname, strerror(errno) );
826 if (parse_debug && configname )
827 log_info (_("reading options from '%s'\n"), configname );
831 while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
833 if (parse_rereadable_options (&pargs, 0))
834 continue; /* Already handled */
850 case oQuiet: opt.quiet = 1; break;
851 case oVerbose: opt.verbose++; break;
852 case oBatch: opt.batch=1; break;
854 case oDebugWait: debug_wait = pargs.r.ret_int; break;
857 /* Config files may not be nested (silently ignore them) */
861 configname = xstrdup(pargs.r.ret_str);
865 case oNoGreeting: nogreeting = 1; break;
866 case oNoVerbose: opt.verbose = 0; break;
867 case oNoOptions: break; /* no-options */
868 case oHomedir: /* Ignore this option here. */; break;
869 case oNoDetach: nodetach = 1; break;
870 case oLogFile: logfile = pargs.r.ret_str; break;
871 case oCsh: csh_style = 1; break;
872 case oSh: csh_style = 0; break;
875 ldapfile = pargs.r.ret_str;
878 case oLDAPAddServers: opt.add_new_ldapservers = 1; break;
880 opt.ldaptimeout = pargs.r.ret_int;
883 case oFakedSystemTime:
884 gnupg_set_time ((time_t)pargs.r.ret_ulong, 0);
887 case oForce: opt.force = 1; break;
889 case oSocketName: socket_name = pargs.r.ret_str; break;
891 default : pargs.err = configfp? 1:2; break;
898 /* Keep a copy of the name so that it can be read on SIGHUP. */
899 opt.config_filename = configname;
905 if (log_get_errorcount(0))
910 if (!opt.homedir_cache)
911 opt.homedir_cache = xstrdup (gnupg_homedir ());
915 es_fprintf (es_stderr, "%s %s; %s\n",
916 strusage(11), strusage(13), strusage(14) );
917 es_fprintf (es_stderr, "%s\n", strusage(15) );
920 #ifdef IS_DEVELOPMENT_VERSION
921 log_info ("NOTE: this is a development version!\n");
924 /* Print a warning if an argument looks like an option. */
925 if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
929 for (i=0; i < argc; i++)
930 if (argv[i][0] == '-' && argv[i][1] == '-')
931 log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
934 if (!access ("/etc/"DIRMNGR_NAME, F_OK)
935 && !strncmp (gnupg_homedir (), "/etc/", 5))
937 ("NOTE: DirMngr is now a proper part of %s. The configuration and"
938 " other directory names changed. Please check that no other version"
939 " of dirmngr is still installed. To disable this warning, remove the"
940 " directory '/etc/dirmngr'.\n", GNUPG_NAME);
942 if (gnupg_faked_time_p ())
944 gnupg_isotime_t tbuf;
946 log_info (_("WARNING: running with faked system time: "));
947 gnupg_get_isotime (tbuf);
955 /* Get LDAP server list from file. */
959 ldapfile = make_filename (gnupg_homedir (),
960 "dirmngr_ldapservers.conf",
962 opt.ldapservers = parse_ldapserver_file (ldapfile);
966 opt.ldapservers = parse_ldapserver_file (ldapfile);
969 #ifndef HAVE_W32_SYSTEM
970 /* We need to ignore the PIPE signal because the we might log to a
971 socket and that code handles EPIPE properly. The ldap wrapper
972 also requires us to ignore this silly signal. Assuan would set
973 this signal to ignore anyway.*/
974 signal (SIGPIPE, SIG_IGN);
977 /* Ready. Now to our duties. */
984 /* Note that this server mode is mainly useful for debugging. */
986 wrong_args ("--server");
990 log_set_file (logfile);
991 log_set_prefix (NULL, GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
996 log_debug ("waiting for debugger - my pid is %u .....\n",
997 (unsigned int)getpid());
998 gnupg_sleep (debug_wait);
999 log_debug ("... okay\n");
1006 http_register_netactivity_cb (netactivity_action);
1007 start_command_handler (ASSUAN_INVALID_FD);
1010 #ifndef HAVE_W32_SYSTEM
1011 else if (cmd == aSupervised)
1013 /* In supervised mode, we expect file descriptor 3 to be an
1014 already opened, listening socket.
1016 We will also not detach from the controlling process or close
1017 stderr; the supervisor should handle all of that. */
1018 struct stat statbuf;
1019 if (fstat (3, &statbuf) == -1 && errno == EBADF)
1021 log_error ("file descriptor 3 must be validin --supervised mode\n");
1024 socket_name = gnupg_get_socket_name (3);
1026 /* Now start with logging to a file if this is desired. */
1029 log_set_file (logfile);
1030 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1031 |GPGRT_LOG_WITH_TIME
1032 |GPGRT_LOG_WITH_PID));
1033 current_logfile = xstrdup (logfile);
1036 log_set_prefix (NULL, 0);
1041 http_register_netactivity_cb (netactivity_action);
1042 handle_connections (3);
1045 #endif /*HAVE_W32_SYSTEM*/
1046 else if (cmd == aDaemon)
1051 struct sockaddr_un serv_addr;
1054 wrong_args ("--daemon");
1056 /* Now start with logging to a file if this is desired. */
1059 log_set_file (logfile);
1060 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1061 |GPGRT_LOG_WITH_TIME
1062 |GPGRT_LOG_WITH_PID));
1063 current_logfile = xstrdup (logfile);
1066 #ifndef HAVE_W32_SYSTEM
1067 if (strchr (socket_name, ':'))
1069 log_error (_("colons are not allowed in the socket name\n"));
1073 fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
1074 if (fd == ASSUAN_INVALID_FD)
1076 log_error (_("can't create socket: %s\n"), strerror (errno));
1084 if (assuan_sock_set_sockaddr_un (socket_name,
1085 (struct sockaddr*)&serv_addr,
1088 if (errno == ENAMETOOLONG)
1089 log_error (_("socket name '%s' is too long\n"), socket_name);
1091 log_error ("error preparing socket '%s': %s\n",
1093 gpg_strerror (gpg_error_from_syserror ()));
1098 redir_socket_name = xstrdup (serv_addr.sun_path);
1100 log_info ("redirecting socket '%s' to '%s'\n",
1101 socket_name, redir_socket_name);
1105 len = SUN_LEN (&serv_addr);
1107 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1109 && (errno == EADDRINUSE
1110 #ifdef HAVE_W32_SYSTEM
1115 /* Fixme: We should test whether a dirmngr is already running. */
1116 gnupg_remove (redir_socket_name? redir_socket_name : socket_name);
1117 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1120 && (rc = assuan_sock_get_nonce ((struct sockaddr*) &serv_addr, len, &socket_nonce)))
1121 log_error (_("error getting nonce for the socket\n"));
1124 log_error (_("error binding socket to '%s': %s\n"),
1126 gpg_strerror (gpg_error_from_errno (errno)));
1127 assuan_sock_close (fd);
1132 if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
1133 log_error (_("can't set permissions of '%s': %s\n"),
1134 serv_addr.sun_path, strerror (errno));
1136 if (listen (FD2INT (fd), 5) == -1)
1138 log_error (_("listen() failed: %s\n"), strerror (errno));
1139 assuan_sock_close (fd);
1144 log_info (_("listening on socket '%s'\n"), serv_addr.sun_path);
1148 /* Note: We keep the dirmngr_info output only for the sake of
1149 existing scripts which might use this to detect a successful
1150 start of the dirmngr. */
1151 #ifdef HAVE_W32_SYSTEM
1156 es_printf ("set %s=%s;%lu;1\n",
1157 DIRMNGR_INFO_NAME, socket_name, (ulong) pid);
1160 if (pid == (pid_t)-1)
1162 log_fatal (_("error forking process: %s\n"), strerror (errno));
1167 { /* We are the parent */
1170 /* Don't let cleanup() remove the socket - the child is
1171 responsible for doing that. */
1176 /* Create the info string: <name>:<pid>:<protocol_version> */
1177 if (asprintf (&infostr, "%s=%s:%lu:1",
1178 DIRMNGR_INFO_NAME, serv_addr.sun_path, (ulong)pid ) < 0)
1180 log_error (_("out of core\n"));
1181 kill (pid, SIGTERM);
1184 /* Print the environment string, so that the caller can use
1185 shell's eval to set it. But see above. */
1188 *strchr (infostr, '=') = ' ';
1189 es_printf ( "setenv %s;\n", infostr);
1193 es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME);
1205 /* Detach from tty and put process into a new session */
1209 unsigned int oldflags;
1211 /* Close stdin, stdout and stderr unless it is the log stream */
1212 for (i=0; i <= 2; i++)
1214 if (!log_test_fd (i) && i != fd )
1217 && open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
1219 log_error ("failed to open '%s': %s\n",
1220 "/dev/null", strerror (errno));
1229 log_error ("setsid() failed: %s\n", strerror(errno) );
1233 log_get_prefix (&oldflags);
1234 log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
1235 opt.running_detached = 1;
1239 log_error ("chdir to / failed: %s\n", strerror (errno));
1248 http_register_netactivity_cb (netactivity_action);
1249 handle_connections (fd);
1252 else if (cmd == aListCRLs)
1254 /* Just list the CRL cache and exit. */
1256 wrong_args ("--list-crls");
1258 crl_cache_list (es_stdout);
1260 else if (cmd == aLoadCRL)
1262 struct server_control_s ctrlbuf;
1264 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1265 dirmngr_init_default_ctrl (&ctrlbuf);
1271 rc = crl_cache_load (&ctrlbuf, NULL);
1274 for (; !rc && argc; argc--, argv++)
1275 rc = crl_cache_load (&ctrlbuf, *argv);
1277 dirmngr_deinit_default_ctrl (&ctrlbuf);
1279 else if (cmd == aFetchCRL)
1281 ksba_reader_t reader;
1282 struct server_control_s ctrlbuf;
1285 wrong_args ("--fetch-crl URL");
1287 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1288 dirmngr_init_default_ctrl (&ctrlbuf);
1293 rc = crl_fetch (&ctrlbuf, argv[0], &reader);
1295 log_error (_("fetching CRL from '%s' failed: %s\n"),
1296 argv[0], gpg_strerror (rc));
1299 rc = crl_cache_insert (&ctrlbuf, argv[0], reader);
1301 log_error (_("processing CRL from '%s' failed: %s\n"),
1302 argv[0], gpg_strerror (rc));
1303 crl_close_reader (reader);
1305 dirmngr_deinit_default_ctrl (&ctrlbuf);
1307 else if (cmd == aFlush)
1309 /* Delete cache and exit. */
1311 wrong_args ("--flush");
1312 rc = crl_cache_flush();
1314 else if (cmd == aGPGConfTest)
1316 else if (cmd == aGPGConfList)
1318 unsigned long flags = 0;
1322 /* First the configuration file. This is not an option, but it
1323 is vital information for GPG Conf. */
1324 if (!opt.config_filename)
1325 opt.config_filename = make_filename (gnupg_homedir (),
1326 "dirmngr.conf", NULL );
1328 filename = percent_escape (opt.config_filename, NULL);
1329 es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
1330 GC_OPT_FLAG_DEFAULT, filename);
1333 es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
1334 es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
1335 es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
1336 es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
1337 es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
1339 /* --csh and --sh are mutually exclusive, something we can not
1340 express in GPG Conf. --options is only usable from the
1341 command line, really. --debug-all interacts with --debug,
1342 and having both of them is thus problematic. --no-detach is
1343 also only usable on the command line. --batch is unused. */
1345 filename = make_filename (gnupg_homedir (),
1346 "dirmngr_ldapservers.conf",
1348 filename_esc = percent_escape (filename, NULL);
1349 es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
1351 xfree (filename_esc);
1354 es_printf ("ldaptimeout:%lu:%u\n",
1355 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
1356 es_printf ("max-replies:%lu:%u\n",
1357 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
1358 es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1359 es_printf ("allow-version-check:%lu:\n", flags | GC_OPT_FLAG_NONE);
1360 es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
1361 es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
1363 es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
1364 es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
1366 es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
1367 es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
1368 es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
1369 es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1370 es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1371 es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1372 es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1373 es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1374 es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1375 /* Note: The next one is to fix a typo in gpgconf - should be
1376 removed eventually. */
1377 es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1379 es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE);
1380 es_printf ("keyserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1381 es_printf ("nameserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1382 es_printf ("resolver-timeout:%lu:%u\n",
1383 flags | GC_OPT_FLAG_DEFAULT, 0);
1393 crl_cache_deinit ();
1394 cert_cache_deinit (1);
1395 reload_dns_stuff (1);
1398 ldapserver_list_free (opt.ldapservers);
1400 opt.ldapservers = NULL;
1405 if (redir_socket_name)
1406 gnupg_remove (redir_socket_name);
1407 else if (socket_name && *socket_name)
1408 gnupg_remove (socket_name);
1414 dirmngr_exit (int rc)
1422 dirmngr_init_default_ctrl (ctrl_t ctrl)
1425 ctrl->http_proxy = xstrdup (opt.http_proxy);
1430 dirmngr_deinit_default_ctrl (ctrl_t ctrl)
1434 xfree (ctrl->http_proxy);
1435 ctrl->http_proxy = NULL;
1439 /* Create a list of LDAP servers from the file FILENAME. Returns the
1440 list or NULL in case of errors.
1442 The format fo such a file is line oriented where empty lines and
1443 lines starting with a hash mark are ignored. All other lines are
1444 assumed to be colon seprated with these fields:
1447 2. field: Portnumber
1454 static ldap_server_t
1455 parse_ldapserver_file (const char* filename)
1459 ldap_server_t server, serverstart, *serverend;
1461 unsigned int lineno = 0;
1464 fp = es_fopen (filename, "r");
1467 log_error (_("error opening '%s': %s\n"), filename, strerror (errno));
1472 serverend = &serverstart;
1473 while (es_fgets (buffer, sizeof buffer, fp))
1476 if (!*buffer || buffer[strlen(buffer)-1] != '\n')
1478 if (*buffer && es_feof (fp))
1479 ; /* Last line not terminated - continue. */
1482 log_error (_("%s:%u: line too long - skipped\n"),
1484 while ( (c=es_fgetc (fp)) != EOF && c != '\n')
1485 ; /* Skip until end of line. */
1489 /* Skip empty and comment lines.*/
1490 for (p=buffer; spacep (p); p++)
1492 if (!*p || *p == '\n' || *p == '#')
1495 /* Parse the colon separated fields. */
1496 server = ldapserver_parse_one (buffer, filename, lineno);
1499 *serverend = server;
1500 serverend = &server->next;
1505 log_error (_("error reading '%s': %s\n"), filename, strerror (errno));
1512 static fingerprint_list_t
1513 parse_ocsp_signer (const char *string)
1520 fingerprint_list_t list, *list_tail, item;
1521 unsigned int lnr = 0;
1526 /* Check whether this is not a filename and treat it as a direct
1527 fingerprint specification. */
1528 if (!strpbrk (string, "/.~\\"))
1530 item = xcalloc (1, sizeof *item);
1531 for (i=j=0; (string[i] == ':' || hexdigitp (string+i)) && j < 40; i++)
1532 if ( string[i] != ':' )
1533 item->hexfpr[j++] = string[i] >= 'a'? (string[i] & 0xdf): string[i];
1534 item->hexfpr[j] = 0;
1535 if (j != 40 || !(spacep (string+i) || !string[i]))
1537 log_error (_("%s:%u: invalid fingerprint detected\n"),
1538 "--ocsp-signer", 0);
1545 /* Well, it is a filename. */
1546 if (*string == '/' || (*string == '~' && string[1] == '/'))
1547 fname = make_filename (string, NULL);
1550 if (string[0] == '.' && string[1] == '/' )
1552 fname = make_filename (gnupg_homedir (), string, NULL);
1555 fp = es_fopen (fname, "r");
1558 err = gpg_error_from_syserror ();
1559 log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
1568 if (!es_fgets (line, DIM(line)-1, fp) )
1572 err = gpg_error_from_syserror ();
1573 log_error (_("%s:%u: read error: %s\n"),
1574 fname, lnr, gpg_strerror (err));
1582 fingerprint_list_t tmp = list->next;
1588 return list; /* Ready. */
1592 if (!*line || line[strlen(line)-1] != '\n')
1594 /* Eat until end of line. */
1595 while ( (c=es_getc (fp)) != EOF && c != '\n')
1597 err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
1598 /* */: GPG_ERR_INCOMPLETE_LINE);
1599 log_error (_("%s:%u: read error: %s\n"),
1600 fname, lnr, gpg_strerror (err));
1605 /* Allow for empty lines and spaces */
1606 for (p=line; spacep (p); p++)
1608 if (!*p || *p == '\n' || *p == '#')
1611 item = xcalloc (1, sizeof *item);
1613 list_tail = &item->next;
1615 for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
1617 item->hexfpr[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
1618 item->hexfpr[j] = 0;
1619 if (j != 40 || !(spacep (p+i) || p[i] == '\n'))
1621 log_error (_("%s:%u: invalid fingerprint detected\n"), fname, lnr);
1625 while (spacep (p+i))
1627 if (p[i] && p[i] != '\n')
1628 log_info (_("%s:%u: garbage at end of line ignored\n"), fname, lnr);
1637 Stuff used in daemon mode.
1642 /* Reread parts of the configuration. Note, that this function is
1643 obviously not thread-safe and should only be called from the NPTH
1646 Fixme: Due to the way the argument parsing works, we create a
1647 memory leak here for all string type arguments. There is currently
1648 no clean way to tell whether the memory for the argument has been
1649 allocated or points into the process' original arguments. Unless
1650 we have a mechanism to tell this, we need to live on with this. */
1652 reread_configuration (void)
1654 ARGPARSE_ARGS pargs;
1656 unsigned int configlineno = 0;
1659 if (!opt.config_filename)
1660 return; /* No config file. */
1662 fp = fopen (opt.config_filename, "r");
1665 log_error (_("option file '%s': %s\n"),
1666 opt.config_filename, strerror(errno) );
1670 parse_rereadable_options (NULL, 1); /* Start from the default values. */
1672 memset (&pargs, 0, sizeof pargs);
1674 pargs.argc = &dummy;
1675 pargs.flags = 1; /* do not remove the args */
1676 while (optfile_parse (fp, opt.config_filename, &configlineno, &pargs, opts) )
1678 if (pargs.r_opt < -1)
1679 pargs.err = 1; /* Print a warning. */
1680 else /* Try to parse this option - ignore unchangeable ones. */
1681 parse_rereadable_options (&pargs, 1);
1690 /* A global function which allows us to trigger the reload stuff from
1693 dirmngr_sighup_action (void)
1695 log_info (_("SIGHUP received - "
1696 "re-reading configuration and flushing caches\n"));
1697 reread_configuration ();
1698 cert_cache_deinit (0);
1699 crl_cache_deinit ();
1702 reload_dns_stuff (0);
1707 /* This function is called if some network activity was done. At this
1708 * point we know the we have a network and we can decide whether to
1709 * run scheduled background tasks soon. The function should return
1710 * quickly and only trigger actions for another thread. */
1712 netactivity_action (void)
1714 network_activity_seen = 1;
1718 /* The signal handler. */
1719 #ifndef HAVE_W32_SYSTEM
1721 handle_signal (int signo)
1726 dirmngr_sighup_action ();
1730 cert_cache_print_stats ();
1734 log_info (_("SIGUSR2 received - no action defined\n"));
1738 if (!shutdown_pending)
1739 log_info (_("SIGTERM received - shutting down ...\n"));
1741 log_info (_("SIGTERM received - still %d active connections\n"),
1742 active_connections);
1744 if (shutdown_pending > 2)
1746 log_info (_("shutdown forced\n"));
1747 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
1754 log_info (_("SIGINT received - immediate shutdown\n"));
1755 log_info( "%s %s stopped\n", strusage(11), strusage(13));
1761 log_info (_("signal %d received - no action defined\n"), signo);
1764 #endif /*!HAVE_W32_SYSTEM*/
1767 /* Check the nonce on a new connection. This is a NOP unless we are
1768 using our Unix domain socket emulation under Windows. */
1770 check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
1772 if (assuan_sock_check_nonce (fd, nonce))
1774 log_info (_("error reading nonce on fd %d: %s\n"),
1775 FD2INT (fd), strerror (errno));
1776 assuan_sock_close (fd);
1784 /* Helper to call a connection's main function. */
1786 start_connection_thread (void *arg)
1788 union int_and_ptr_u argval;
1791 memset (&argval, 0, sizeof argval);
1795 if (check_nonce (fd, &socket_nonce))
1797 log_error ("handler nonce check FAILED\n");
1801 #ifndef HAVE_W32_SYSTEM
1802 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1805 active_connections++;
1807 log_info (_("handler for fd %d started\n"), FD2INT (fd));
1809 start_command_handler (fd);
1812 log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
1813 active_connections--;
1815 #ifndef HAVE_W32_SYSTEM
1816 argval.afd = ASSUAN_INVALID_FD;
1817 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1824 #ifdef HAVE_INOTIFY_INIT
1825 /* Read an inotify event and return true if it matches NAME. */
1827 my_inotify_is_name (int fd, const char *name)
1830 struct inotify_event ev;
1831 char _buf[sizeof (struct inotify_event) + 100 + 1];
1836 s = strrchr (name, '/');
1840 n = npth_read (fd, &buf, sizeof buf);
1841 if (n < sizeof (struct inotify_event))
1843 if (buf.ev.len < strlen (name)+1)
1845 if (strcmp (buf.ev.name, name))
1846 return 0; /* Not the desired file. */
1848 return 1; /* Found. */
1850 #endif /*HAVE_INOTIFY_INIT*/
1853 /* Main loop in daemon mode. Note that LISTEN_FD will be owned by
1856 handle_connections (assuan_fd_t listen_fd)
1859 #ifndef HAVE_W32_SYSTEM
1862 struct sockaddr_un paddr;
1863 socklen_t plen = sizeof( paddr );
1866 fd_set fdset, read_fdset;
1868 int my_inotify_fd = -1;
1870 npth_attr_init (&tattr);
1871 npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
1873 #ifndef HAVE_W32_SYSTEM /* FIXME */
1875 npth_sigev_add (SIGHUP);
1876 npth_sigev_add (SIGUSR1);
1877 npth_sigev_add (SIGUSR2);
1878 npth_sigev_add (SIGINT);
1879 npth_sigev_add (SIGTERM);
1883 #ifdef HAVE_INOTIFY_INIT
1884 if (disable_check_own_socket)
1886 else if ((my_inotify_fd = inotify_init ()) == -1)
1887 log_info ("error enabling fast daemon termination: %s\n",
1891 /* We need to watch the directory for the file because there
1892 * won't be an IN_DELETE_SELF for a socket file. */
1893 char *slash = strrchr (socket_name, '/');
1894 log_assert (slash && slash[1]);
1896 if (inotify_add_watch (my_inotify_fd, socket_name, IN_DELETE) == -1)
1898 close (my_inotify_fd);
1903 #endif /*HAVE_INOTIFY_INIT*/
1906 /* Setup the fdset. */
1908 FD_SET (FD2INT (listen_fd), &fdset);
1909 nfd = FD2INT (listen_fd);
1910 if (my_inotify_fd != -1)
1912 FD_SET (my_inotify_fd, &fdset);
1913 if (my_inotify_fd > nfd)
1914 nfd = my_inotify_fd;
1920 /* Shutdown test. */
1921 if (shutdown_pending)
1923 if (!active_connections)
1926 /* Do not accept new connections but keep on running the
1927 * select loop to wait for signals (e.g. SIGCHLD).
1929 * Note that we do not close the listening socket because a
1930 * client trying to connect to that socket would instead
1931 * restart a new dirmngr instance - which is unlikely the
1932 * intention of a shutdown. */
1933 /* assuan_sock_close (listen_fd); */
1934 /* listen_fd = -1; */
1937 if (my_inotify_fd != -1)
1939 FD_SET (my_inotify_fd, &fdset);
1940 nfd = my_inotify_fd;
1944 /* Take a copy of the fdset. */
1947 #ifndef HAVE_W32_SYSTEM
1948 ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL, npth_sigev_sigmask());
1949 saved_errno = errno;
1951 while (npth_sigev_get_pending(&signo))
1952 handle_signal (signo);
1954 ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL, NULL, NULL);
1955 saved_errno = errno;
1958 if (ret == -1 && saved_errno != EINTR)
1960 log_error (_("npth_pselect failed: %s - waiting 1s\n"),
1961 strerror (saved_errno));
1968 /* Interrupt. Will be handled at the top of the next loop. */
1972 if (shutdown_pending)
1974 /* Do not anymore accept connections. */
1978 #ifdef HAVE_INOTIFY_INIT
1979 if (my_inotify_fd != -1 && FD_ISSET (my_inotify_fd, &read_fdset)
1980 && my_inotify_is_name (my_inotify_fd, socket_name))
1982 shutdown_pending = 1;
1983 log_info ("socket file has been removed - shutting down\n");
1985 #endif /*HAVE_INOTIFY_INIT*/
1987 if (FD_ISSET (FD2INT (listen_fd), &read_fdset))
1989 plen = sizeof paddr;
1990 fd = INT2FD (npth_accept (FD2INT(listen_fd),
1991 (struct sockaddr *)&paddr, &plen));
1992 if (fd == GNUPG_INVALID_FD)
1994 log_error ("accept failed: %s\n", strerror (errno));
1998 char threadname[50];
1999 union int_and_ptr_u argval;
2002 memset (&argval, 0, sizeof argval);
2004 snprintf (threadname, sizeof threadname,
2005 "conn fd=%d", FD2INT(fd));
2007 ret = npth_create (&thread, &tattr,
2008 start_connection_thread, argval.aptr);
2011 log_error ("error spawning connection handler: %s\n",
2013 assuan_sock_close (fd);
2015 npth_setname_np (thread, threadname);
2017 fd = GNUPG_INVALID_FD;
2021 #ifdef HAVE_INOTIFY_INIT
2022 if (my_inotify_fd != -1)
2023 close (my_inotify_fd);
2024 #endif /*HAVE_INOTIFY_INIT*/
2025 npth_attr_destroy (&tattr);
2026 if (listen_fd != -1)
2027 assuan_sock_close (fd);
2029 log_info ("%s %s stopped\n", strusage(11), strusage(13));
2033 dirmngr_get_current_socket_name (void)
2038 return dirmngr_socket_name ();