1 /* dirmngr.c - Keyserver and X.509 LDAP access
2 * Copyright (C) 2002 Klarälvdalens Datakonsult AB
3 * Copyright (C) 2003, 2004, 2006, 2007, 2008, 2010, 2011 g10 Code GmbH
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
33 #ifndef HAVE_W32_SYSTEM
34 #include <sys/socket.h>
42 #ifdef HAVE_INOTIFY_INIT
43 # include <sys/inotify.h>
44 #endif /*HAVE_INOTIFY_INIT*/
47 #include "dirmngr-err.h"
52 # include <gnutls/gnutls.h>
53 #endif /*HTTP_USE_GNUTLS*/
56 #define GNUPG_COMMON_NEED_AFLOCAL
61 #include "certcache.h"
66 # include "ldapserver.h"
70 # include "ldap-wrapper.h"
72 #include "../common/init.h"
73 #include "gc-opt-flags.h"
74 #include "dns-stuff.h"
77 # define ENAMETOOLONG EINVAL
81 enum cmd_and_opt_values {
138 oIgnoreCertExtension,
142 oDisableCheckOwnSocket,
151 static ARGPARSE_OPTS opts[] = {
153 ARGPARSE_group (300, N_("@Commands:\n ")),
155 ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
156 ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
157 #ifndef HAVE_W32_SYSTEM
158 ARGPARSE_c (aSupervised, "supervised", N_("run in supervised mode")),
160 ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
161 ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
162 ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
163 ARGPARSE_c (aShutdown, "shutdown", N_("shutdown the dirmngr")),
164 ARGPARSE_c (aFlush, "flush", N_("flush the cache")),
165 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
166 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
168 ARGPARSE_group (301, N_("@\nOptions:\n ")),
170 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
171 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
172 ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
173 ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
174 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
175 ARGPARSE_s_s (oDebugLevel, "debug-level",
176 N_("|LEVEL|set the debugging level to LEVEL")),
177 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
178 ARGPARSE_s_s (oLogFile, "log-file",
179 N_("|FILE|write server mode logs to FILE")),
180 ARGPARSE_s_n (oBatch, "batch", N_("run without asking a user")),
181 ARGPARSE_s_n (oForce, "force", N_("force loading of outdated CRLs")),
182 ARGPARSE_s_n (oAllowOCSP, "allow-ocsp", N_("allow sending OCSP requests")),
183 ARGPARSE_s_n (oAllowVersionCheck, "allow-version-check",
184 N_("allow online software version check")),
185 ARGPARSE_s_n (oDisableHTTP, "disable-http", N_("inhibit the use of HTTP")),
186 ARGPARSE_s_n (oDisableLDAP, "disable-ldap", N_("inhibit the use of LDAP")),
187 ARGPARSE_s_n (oIgnoreHTTPDP,"ignore-http-dp",
188 N_("ignore HTTP CRL distribution points")),
189 ARGPARSE_s_n (oIgnoreLDAPDP,"ignore-ldap-dp",
190 N_("ignore LDAP CRL distribution points")),
191 ARGPARSE_s_n (oIgnoreOCSPSvcUrl, "ignore-ocsp-service-url",
192 N_("ignore certificate contained OCSP service URLs")),
194 ARGPARSE_s_s (oHTTPProxy, "http-proxy",
195 N_("|URL|redirect all HTTP requests to URL")),
196 ARGPARSE_s_s (oLDAPProxy, "ldap-proxy",
197 N_("|HOST|use HOST for LDAP queries")),
198 ARGPARSE_s_n (oOnlyLDAPProxy, "only-ldap-proxy",
199 N_("do not use fallback hosts with --ldap-proxy")),
201 ARGPARSE_s_s (oLDAPFile, "ldapserverlist-file",
202 N_("|FILE|read LDAP server list from FILE")),
203 ARGPARSE_s_n (oLDAPAddServers, "add-servers",
204 N_("add new servers discovered in CRL distribution"
205 " points to serverlist")),
206 ARGPARSE_s_i (oLDAPTimeout, "ldaptimeout",
207 N_("|N|set LDAP timeout to N seconds")),
209 ARGPARSE_s_s (oOCSPResponder, "ocsp-responder",
210 N_("|URL|use OCSP responder at URL")),
211 ARGPARSE_s_s (oOCSPSigner, "ocsp-signer",
212 N_("|FPR|OCSP response signed by FPR")),
213 ARGPARSE_s_i (oOCSPMaxClockSkew, "ocsp-max-clock-skew", "@"),
214 ARGPARSE_s_i (oOCSPMaxPeriod, "ocsp-max-period", "@"),
215 ARGPARSE_s_i (oOCSPCurrentPeriod, "ocsp-current-period", "@"),
217 ARGPARSE_s_i (oMaxReplies, "max-replies",
218 N_("|N|do not return more than N items in one query")),
220 ARGPARSE_s_s (oNameServer, "nameserver", "@"),
221 ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
222 ARGPARSE_s_s (oHkpCaCert, "hkp-cacert",
223 N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
225 ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
227 ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
229 ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
230 ARGPARSE_s_s (oDebug, "debug", "@"),
231 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
232 ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
233 ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
234 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
235 ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
236 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
237 ARGPARSE_s_s (oHomedir, "homedir", "@"),
238 ARGPARSE_s_s (oLDAPWrapperProgram, "ldap-wrapper-program", "@"),
239 ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"),
240 ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy", "@"),
241 ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"),
242 ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"),
243 ARGPARSE_s_n (oRecursiveResolver, "recursive-resolver", "@"),
244 ARGPARSE_s_i (oResolverTimeout, "resolver-timeout", "@"),
246 ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing "
247 "of all commands and options)\n")),
252 /* The list of supported debug flags. */
253 static struct debug_flags_s debug_flags [] =
255 { DBG_X509_VALUE , "x509" },
256 { DBG_CRYPTO_VALUE , "crypto" },
257 { DBG_MEMORY_VALUE , "memory" },
258 { DBG_CACHE_VALUE , "cache" },
259 { DBG_MEMSTAT_VALUE, "memstat" },
260 { DBG_HASHING_VALUE, "hashing" },
261 { DBG_IPC_VALUE , "ipc" },
262 { DBG_DNS_VALUE , "dns" },
263 { DBG_NETWORK_VALUE, "network" },
264 { DBG_LOOKUP_VALUE , "lookup" },
265 { 77, NULL } /* 77 := Do not exit on "help" or "?". */
268 #define DEFAULT_MAX_REPLIES 10
269 #define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
271 /* For the cleanup handler we need to keep track of the socket's name. */
272 static const char *socket_name;
273 /* If the socket has been redirected, this is the name of the
274 redirected socket.. */
275 static const char *redir_socket_name;
277 /* We need to keep track of the server's nonces (these are dummies for
279 static assuan_sock_nonce_t socket_nonce;
281 /* Only if this flag has been set will we remove the socket file. */
282 static int cleanup_socket;
284 /* Keep track of the current log file so that we can avoid updating
285 the log file after a SIGHUP if it didn't changed. Malloced. */
286 static char *current_logfile;
288 /* Helper to implement --debug-level. */
289 static const char *debug_level;
291 /* Helper to set the NTBTLS or GNUTLS log level. */
292 static int opt_gnutls_debug = -1;
294 /* Flag indicating that a shutdown has been requested. */
295 static volatile int shutdown_pending;
297 /* Flags to indicate that we shall not watch our own socket. */
298 static int disable_check_own_socket;
300 /* Counter for the active connections. */
301 static int active_connections;
303 /* This flag is set by any network access and used by the housekeeping
304 * thread to run background network tasks. */
305 static int network_activity_seen;
307 /* This union is used to avoid compiler warnings in case a pointer is
308 64 bit and an int 32 bit. We store an integer in a pointer and get
309 it back later (npth_getspecific et al.). */
319 /* The key used to store the current file descriptor in the thread
320 local storage. We use this in conjunction with the
321 log_set_pid_suffix_cb feature. */
322 #ifndef HAVE_W32_SYSTEM
323 static int my_tlskey_current_fd;
327 static void cleanup (void);
329 static ldap_server_t parse_ldapserver_file (const char* filename);
331 static fingerprint_list_t parse_ocsp_signer (const char *string);
332 static void netactivity_action (void);
333 static void handle_connections (assuan_fd_t listen_fd);
335 /* NPth wrapper function definitions. */
336 ASSUAN_SYSTEM_NPTH_IMPL;
339 my_strusage( int level )
344 case 11: p = "@DIRMNGR@ (@GNUPG@)";
346 case 13: p = VERSION; break;
347 case 17: p = PRINTABLE_OS_NAME; break;
348 /* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
349 reporting address. This is so that we can change the
350 reporting address without breaking the translations. */
351 case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
352 case 49: p = PACKAGE_BUGREPORT; break;
354 case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)");
356 case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n"
357 "Keyserver, CRL, and OCSP access for @GNUPG@\n");
366 /* Callback from libksba to hash a provided buffer. Our current
367 implementation does only allow SHA-1 for hashing. This may be
368 extended by mapping the name, testing for algorithm availibility
369 and adjust the length checks accordingly. */
371 my_ksba_hash_buffer (void *arg, const char *oid,
372 const void *buffer, size_t length, size_t resultsize,
373 unsigned char *result, size_t *resultlen)
377 if (oid && strcmp (oid, "1.3.14.3.2.26"))
378 return gpg_error (GPG_ERR_NOT_SUPPORTED);
380 return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
381 gcry_md_hash_buffer (2, result, buffer, length);
387 /* GNUTLS log function callback. */
388 #ifdef HTTP_USE_GNUTLS
390 my_gnutls_log (int level, const char *text)
395 while (n && text[n-1] == '\n')
398 log_debug ("gnutls:L%d: %.*s\n", level, n, text);
400 #endif /*HTTP_USE_GNUTLS*/
402 /* Setup the debugging. With a LEVEL of NULL only the active debug
403 flags are propagated to the subsystems. With LEVEL set, a specific
404 set of debug flags is set; thus overriding all flags already
409 int numok = (debug_level && digitp (debug_level));
410 int numlvl = numok? atoi (debug_level) : 0;
414 else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
416 else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
417 opt.debug = DBG_IPC_VALUE;
418 else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
419 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE);
420 else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
421 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE
422 |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
423 else if (!strcmp (debug_level, "guru") || numok)
426 /* Unless the "guru" string has been used we don't want to allow
427 hashing debugging. The rationale is that people tend to
428 select the highest debug value and would then clutter their
429 disk with debug files which may reveal confidential data. */
431 opt.debug &= ~(DBG_HASHING_VALUE);
435 log_error (_("invalid debug-level '%s' given\n"), debug_level);
436 log_info (_("valid debug levels are: %s\n"),
437 "none, basic, advanced, expert, guru");
438 opt.debug = 0; /* Reset debugging, so that prior debug
439 statements won't have an undesired effect. */
443 if (opt.debug && !opt.verbose)
446 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
448 if (opt.debug && opt.quiet)
451 if (opt.debug & DBG_CRYPTO_VALUE )
452 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
455 if (opt_gnutls_debug >= 0)
457 ntbtls_set_debug (opt_gnutls_debug, NULL, NULL);
459 #elif HTTP_USE_GNUTLS
460 if (opt_gnutls_debug >= 0)
462 gnutls_global_set_log_function (my_gnutls_log);
463 gnutls_global_set_log_level (opt_gnutls_debug);
465 #endif /*HTTP_USE_GNUTLS*/
468 parse_debug_flag (NULL, &opt.debug, debug_flags);
477 /* Enable Tor mode and when called again force a new curcuit
478 * (e.g. on SIGHUP). */
479 enable_dns_tormode (1);
480 if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
482 log_error ("error enabling Tor mode: %s\n", strerror (errno));
483 log_info ("(is your Libassuan recent enough?)\n");
490 wrong_args (const char *text)
492 es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME);
493 es_fputs (text, es_stderr);
494 es_putc ('\n', es_stderr);
499 /* Helper to stop the reaper thread for the ldap wrapper. */
501 shutdown_reaper (void)
504 ldap_wrapper_wait_connections ();
509 /* Handle options which are allowed to be reset after program start.
510 Return true if the current option in PARGS could be handled and
511 false if not. As a special feature, passing a value of NULL for
512 PARGS, resets the options to the default. REREAD should be set
513 true if it is not the initial option parsing. */
515 parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
522 opt.ldap_wrapper_program = NULL;
523 opt.disable_http = 0;
524 opt.disable_ldap = 0;
525 opt.honor_http_proxy = 0;
526 opt.http_proxy = NULL;
527 opt.ldap_proxy = NULL;
528 opt.only_ldap_proxy = 0;
529 opt.ignore_http_dp = 0;
530 opt.ignore_ldap_dp = 0;
531 opt.ignore_ocsp_service_url = 0;
533 opt.allow_version_check = 0;
534 opt.ocsp_responder = NULL;
535 opt.ocsp_max_clock_skew = 10 * 60; /* 10 minutes. */
536 opt.ocsp_max_period = 90 * 86400; /* 90 days. */
537 opt.ocsp_current_period = 3 * 60 * 60; /* 3 hours. */
538 opt.max_replies = DEFAULT_MAX_REPLIES;
539 while (opt.ocsp_signer)
541 fingerprint_list_t tmp = opt.ocsp_signer->next;
542 xfree (opt.ocsp_signer);
543 opt.ocsp_signer = tmp;
545 FREE_STRLIST (opt.ignored_cert_extensions);
546 http_register_tls_ca (NULL);
547 FREE_STRLIST (opt.keyserver);
548 /* Note: We do not allow resetting of opt.use_tor at runtime. */
549 disable_check_own_socket = 0;
550 enable_standard_resolver (0);
555 switch (pargs->r_opt)
557 case oQuiet: opt.quiet = 1; break;
558 case oVerbose: opt.verbose++; break;
560 parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
562 case oDebugAll: opt.debug = ~0; break;
563 case oDebugLevel: debug_level = pargs->r.ret_str; break;
564 case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
568 return 0; /* Not handled. */
569 if (!current_logfile || !pargs->r.ret_str
570 || strcmp (current_logfile, pargs->r.ret_str))
572 log_set_file (pargs->r.ret_str);
573 xfree (current_logfile);
574 current_logfile = xtrystrdup (pargs->r.ret_str);
578 case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
580 case oLDAPWrapperProgram:
581 opt.ldap_wrapper_program = pargs->r.ret_str;
583 case oHTTPWrapperProgram:
584 opt.http_wrapper_program = pargs->r.ret_str;
587 case oDisableHTTP: opt.disable_http = 1; break;
588 case oDisableLDAP: opt.disable_ldap = 1; break;
589 case oHonorHTTPProxy: opt.honor_http_proxy = 1; break;
590 case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break;
591 case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break;
592 case oOnlyLDAPProxy: opt.only_ldap_proxy = 1; break;
593 case oIgnoreHTTPDP: opt.ignore_http_dp = 1; break;
594 case oIgnoreLDAPDP: opt.ignore_ldap_dp = 1; break;
595 case oIgnoreOCSPSvcUrl: opt.ignore_ocsp_service_url = 1; break;
597 case oAllowOCSP: opt.allow_ocsp = 1; break;
598 case oAllowVersionCheck: opt.allow_version_check = 1; break;
599 case oOCSPResponder: opt.ocsp_responder = pargs->r.ret_str; break;
601 opt.ocsp_signer = parse_ocsp_signer (pargs->r.ret_str);
603 case oOCSPMaxClockSkew: opt.ocsp_max_clock_skew = pargs->r.ret_int; break;
604 case oOCSPMaxPeriod: opt.ocsp_max_period = pargs->r.ret_int; break;
605 case oOCSPCurrentPeriod: opt.ocsp_current_period = pargs->r.ret_int; break;
607 case oMaxReplies: opt.max_replies = pargs->r.ret_int; break;
613 /* Do tilde expansion and make path absolute. */
614 tmpname = make_absfilename (pargs->r.ret_str, NULL);
615 http_register_tls_ca (tmpname);
620 case oIgnoreCertExtension:
621 add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
624 case oUseTor: opt.use_tor = 1; break;
626 case oStandardResolver: enable_standard_resolver (1); break;
627 case oRecursiveResolver: enable_recursive_resolver (1); break;
630 if (*pargs->r.ret_str)
631 add_to_strlist (&opt.keyserver, pargs->r.ret_str);
635 set_dns_nameserver (pargs->r.ret_str);
638 case oResolverTimeout:
639 set_dns_timeout (pargs->r.ret_int);
643 return 0; /* Not handled. */
646 set_dns_verbose (opt.verbose, !!DBG_DNS);
648 return 1; /* Handled. */
652 #ifndef HAVE_W32_SYSTEM
654 pid_suffix_callback (unsigned long *r_suffix)
656 union int_and_ptr_u value;
658 memset (&value, 0, sizeof value);
659 value.aptr = npth_getspecific (my_tlskey_current_fd);
660 *r_suffix = value.aint;
661 return (*r_suffix != -1); /* Use decimal representation. */
663 #endif /*!HAVE_W32_SYSTEM*/
670 gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
672 /* Now with NPth running we can set the logging callback. Our
673 windows implementation does not yet feature the NPth TLS
675 #ifndef HAVE_W32_SYSTEM
676 if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
677 if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
678 log_set_pid_suffix_cb (pid_suffix_callback);
679 #endif /*!HAVE_W32_SYSTEM*/
684 main (int argc, char **argv)
686 enum cmd_and_opt_values cmd = 0;
690 FILE *configfp = NULL;
691 char *configname = NULL;
693 unsigned configlineno;
695 int default_config =1;
700 char *logfile = NULL;
702 char *ldapfile = NULL;
706 struct assuan_malloc_hooks malloc_hooks;
708 early_system_init ();
709 set_strusage (my_strusage);
710 log_set_prefix (DIRMNGR_NAME, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
712 /* Make sure that our subsystems are ready. */
714 init_common_subsystems (&argc, &argv);
716 gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
718 /* Check that the libraries are suitable. Do it here because
719 the option parsing may need services of the libraries. */
720 if (!ksba_check_version (NEED_KSBA_VERSION) )
721 log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba",
722 NEED_KSBA_VERSION, ksba_check_version (NULL) );
724 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
725 ksba_set_hash_buffer_function (my_ksba_hash_buffer, NULL);
727 /* Init TLS library. */
729 if (!ntbtls_check_version (NEED_NTBTLS_VERSION) )
730 log_fatal( _("%s is too old (need %s, have %s)\n"), "ntbtls",
731 NEED_NTBTLS_VERSION, ntbtls_check_version (NULL) );
732 #elif HTTP_USE_GNUTLS
733 rc = gnutls_global_init ();
735 log_fatal ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
736 #endif /*HTTP_USE_GNUTLS*/
739 malloc_hooks.malloc = gcry_malloc;
740 malloc_hooks.realloc = gcry_realloc;
741 malloc_hooks.free = gcry_free;
742 assuan_set_malloc_hooks (&malloc_hooks);
743 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
744 assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
745 assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
747 setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
749 setup_libgcrypt_logging ();
751 /* Setup defaults. */
752 shell = getenv ("SHELL");
753 if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
756 /* Reset rereadable options to default values. */
757 parse_rereadable_options (NULL, 0);
760 opt.add_new_ldapservers = 0;
761 opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
763 /* Other defaults. */
765 /* Check whether we have a config file given on the commandline */
770 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
771 while (arg_parse( &pargs, opts))
773 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
775 else if (pargs.r_opt == oOptions)
776 { /* Yes there is one, so we do not try the default one, but
777 read the option file when it is encountered at the
781 else if (pargs.r_opt == oNoOptions)
782 default_config = 0; /* --no-options */
783 else if (pargs.r_opt == oHomedir)
785 gnupg_set_homedir (pargs.r.ret_str);
789 socket_name = dirmngr_socket_name ();
791 configname = make_filename (gnupg_homedir (), DIRMNGR_NAME".conf", NULL );
797 pargs.flags= 1; /* do not remove the args */
802 configfp = fopen (configname, "r");
808 log_info (_("Note: no default option file '%s'\n"),
813 log_error (_("option file '%s': %s\n"),
814 configname, strerror(errno) );
820 if (parse_debug && configname )
821 log_info (_("reading options from '%s'\n"), configname );
825 while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
827 if (parse_rereadable_options (&pargs, 0))
828 continue; /* Already handled */
844 case oQuiet: opt.quiet = 1; break;
845 case oVerbose: opt.verbose++; break;
846 case oBatch: opt.batch=1; break;
848 case oDebugWait: debug_wait = pargs.r.ret_int; break;
851 /* Config files may not be nested (silently ignore them) */
855 configname = xstrdup(pargs.r.ret_str);
859 case oNoGreeting: nogreeting = 1; break;
860 case oNoVerbose: opt.verbose = 0; break;
861 case oNoOptions: break; /* no-options */
862 case oHomedir: /* Ignore this option here. */; break;
863 case oNoDetach: nodetach = 1; break;
864 case oLogFile: logfile = pargs.r.ret_str; break;
865 case oCsh: csh_style = 1; break;
866 case oSh: csh_style = 0; break;
869 ldapfile = pargs.r.ret_str;
872 case oLDAPAddServers: opt.add_new_ldapservers = 1; break;
874 opt.ldaptimeout = pargs.r.ret_int;
877 case oFakedSystemTime:
878 gnupg_set_time ((time_t)pargs.r.ret_ulong, 0);
881 case oForce: opt.force = 1; break;
883 case oSocketName: socket_name = pargs.r.ret_str; break;
885 default : pargs.err = configfp? 1:2; break;
892 /* Keep a copy of the name so that it can be read on SIGHUP. */
893 opt.config_filename = configname;
899 if (log_get_errorcount(0))
904 if (!opt.homedir_cache)
905 opt.homedir_cache = xstrdup (gnupg_homedir ());
909 es_fprintf (es_stderr, "%s %s; %s\n",
910 strusage(11), strusage(13), strusage(14) );
911 es_fprintf (es_stderr, "%s\n", strusage(15) );
914 #ifdef IS_DEVELOPMENT_VERSION
915 log_info ("NOTE: this is a development version!\n");
918 /* Print a warning if an argument looks like an option. */
919 if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
923 for (i=0; i < argc; i++)
924 if (argv[i][0] == '-' && argv[i][1] == '-')
925 log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
928 if (!access ("/etc/"DIRMNGR_NAME, F_OK)
929 && !strncmp (gnupg_homedir (), "/etc/", 5))
931 ("NOTE: DirMngr is now a proper part of %s. The configuration and"
932 " other directory names changed. Please check that no other version"
933 " of dirmngr is still installed. To disable this warning, remove the"
934 " directory '/etc/dirmngr'.\n", GNUPG_NAME);
936 if (gnupg_faked_time_p ())
938 gnupg_isotime_t tbuf;
940 log_info (_("WARNING: running with faked system time: "));
941 gnupg_get_isotime (tbuf);
949 /* Get LDAP server list from file. */
953 ldapfile = make_filename (gnupg_homedir (),
954 "dirmngr_ldapservers.conf",
956 opt.ldapservers = parse_ldapserver_file (ldapfile);
960 opt.ldapservers = parse_ldapserver_file (ldapfile);
963 #ifndef HAVE_W32_SYSTEM
964 /* We need to ignore the PIPE signal because the we might log to a
965 socket and that code handles EPIPE properly. The ldap wrapper
966 also requires us to ignore this silly signal. Assuan would set
967 this signal to ignore anyway.*/
968 signal (SIGPIPE, SIG_IGN);
971 /* Ready. Now to our duties. */
978 /* Note that this server mode is mainly useful for debugging. */
980 wrong_args ("--server");
984 log_set_file (logfile);
985 log_set_prefix (NULL, GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
990 log_debug ("waiting for debugger - my pid is %u .....\n",
991 (unsigned int)getpid());
992 gnupg_sleep (debug_wait);
993 log_debug ("... okay\n");
1000 http_register_netactivity_cb (netactivity_action);
1001 start_command_handler (ASSUAN_INVALID_FD);
1004 #ifndef HAVE_W32_SYSTEM
1005 else if (cmd == aSupervised)
1007 /* In supervised mode, we expect file descriptor 3 to be an
1008 already opened, listening socket.
1010 We will also not detach from the controlling process or close
1011 stderr; the supervisor should handle all of that. */
1012 struct stat statbuf;
1013 if (fstat (3, &statbuf) == -1 && errno == EBADF)
1015 log_error ("file descriptor 3 must be validin --supervised mode\n");
1018 socket_name = gnupg_get_socket_name (3);
1020 /* Now start with logging to a file if this is desired. */
1023 log_set_file (logfile);
1024 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1025 |GPGRT_LOG_WITH_TIME
1026 |GPGRT_LOG_WITH_PID));
1027 current_logfile = xstrdup (logfile);
1030 log_set_prefix (NULL, 0);
1035 http_register_netactivity_cb (netactivity_action);
1036 handle_connections (3);
1039 #endif /*HAVE_W32_SYSTEM*/
1040 else if (cmd == aDaemon)
1045 struct sockaddr_un serv_addr;
1048 wrong_args ("--daemon");
1050 /* Now start with logging to a file if this is desired. */
1053 log_set_file (logfile);
1054 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1055 |GPGRT_LOG_WITH_TIME
1056 |GPGRT_LOG_WITH_PID));
1057 current_logfile = xstrdup (logfile);
1060 #ifndef HAVE_W32_SYSTEM
1061 if (strchr (socket_name, ':'))
1063 log_error (_("colons are not allowed in the socket name\n"));
1067 fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
1068 if (fd == ASSUAN_INVALID_FD)
1070 log_error (_("can't create socket: %s\n"), strerror (errno));
1078 if (assuan_sock_set_sockaddr_un (socket_name,
1079 (struct sockaddr*)&serv_addr,
1082 if (errno == ENAMETOOLONG)
1083 log_error (_("socket name '%s' is too long\n"), socket_name);
1085 log_error ("error preparing socket '%s': %s\n",
1087 gpg_strerror (gpg_error_from_syserror ()));
1092 redir_socket_name = xstrdup (serv_addr.sun_path);
1094 log_info ("redirecting socket '%s' to '%s'\n",
1095 socket_name, redir_socket_name);
1099 len = SUN_LEN (&serv_addr);
1101 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1103 && (errno == EADDRINUSE
1104 #ifdef HAVE_W32_SYSTEM
1109 /* Fixme: We should test whether a dirmngr is already running. */
1110 gnupg_remove (redir_socket_name? redir_socket_name : socket_name);
1111 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1114 && (rc = assuan_sock_get_nonce ((struct sockaddr*) &serv_addr, len, &socket_nonce)))
1115 log_error (_("error getting nonce for the socket\n"));
1118 log_error (_("error binding socket to '%s': %s\n"),
1120 gpg_strerror (gpg_error_from_errno (errno)));
1121 assuan_sock_close (fd);
1126 if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
1127 log_error (_("can't set permissions of '%s': %s\n"),
1128 serv_addr.sun_path, strerror (errno));
1130 if (listen (FD2INT (fd), 5) == -1)
1132 log_error (_("listen() failed: %s\n"), strerror (errno));
1133 assuan_sock_close (fd);
1138 log_info (_("listening on socket '%s'\n"), serv_addr.sun_path);
1142 /* Note: We keep the dirmngr_info output only for the sake of
1143 existing scripts which might use this to detect a successful
1144 start of the dirmngr. */
1145 #ifdef HAVE_W32_SYSTEM
1150 es_printf ("set %s=%s;%lu;1\n",
1151 DIRMNGR_INFO_NAME, socket_name, (ulong) pid);
1154 if (pid == (pid_t)-1)
1156 log_fatal (_("error forking process: %s\n"), strerror (errno));
1161 { /* We are the parent */
1164 /* Don't let cleanup() remove the socket - the child is
1165 responsible for doing that. */
1170 /* Create the info string: <name>:<pid>:<protocol_version> */
1171 if (asprintf (&infostr, "%s=%s:%lu:1",
1172 DIRMNGR_INFO_NAME, serv_addr.sun_path, (ulong)pid ) < 0)
1174 log_error (_("out of core\n"));
1175 kill (pid, SIGTERM);
1178 /* Print the environment string, so that the caller can use
1179 shell's eval to set it. But see above. */
1182 *strchr (infostr, '=') = ' ';
1183 es_printf ( "setenv %s;\n", infostr);
1187 es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME);
1199 /* Detach from tty and put process into a new session */
1203 unsigned int oldflags;
1205 /* Close stdin, stdout and stderr unless it is the log stream */
1206 for (i=0; i <= 2; i++)
1208 if (!log_test_fd (i) && i != fd )
1211 && open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
1213 log_error ("failed to open '%s': %s\n",
1214 "/dev/null", strerror (errno));
1223 log_error ("setsid() failed: %s\n", strerror(errno) );
1227 log_get_prefix (&oldflags);
1228 log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
1229 opt.running_detached = 1;
1233 log_error ("chdir to / failed: %s\n", strerror (errno));
1242 http_register_netactivity_cb (netactivity_action);
1243 handle_connections (fd);
1246 else if (cmd == aListCRLs)
1248 /* Just list the CRL cache and exit. */
1250 wrong_args ("--list-crls");
1252 crl_cache_list (es_stdout);
1254 else if (cmd == aLoadCRL)
1256 struct server_control_s ctrlbuf;
1258 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1259 dirmngr_init_default_ctrl (&ctrlbuf);
1265 rc = crl_cache_load (&ctrlbuf, NULL);
1268 for (; !rc && argc; argc--, argv++)
1269 rc = crl_cache_load (&ctrlbuf, *argv);
1271 dirmngr_deinit_default_ctrl (&ctrlbuf);
1273 else if (cmd == aFetchCRL)
1275 ksba_reader_t reader;
1276 struct server_control_s ctrlbuf;
1279 wrong_args ("--fetch-crl URL");
1281 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1282 dirmngr_init_default_ctrl (&ctrlbuf);
1287 rc = crl_fetch (&ctrlbuf, argv[0], &reader);
1289 log_error (_("fetching CRL from '%s' failed: %s\n"),
1290 argv[0], gpg_strerror (rc));
1293 rc = crl_cache_insert (&ctrlbuf, argv[0], reader);
1295 log_error (_("processing CRL from '%s' failed: %s\n"),
1296 argv[0], gpg_strerror (rc));
1297 crl_close_reader (reader);
1299 dirmngr_deinit_default_ctrl (&ctrlbuf);
1301 else if (cmd == aFlush)
1303 /* Delete cache and exit. */
1305 wrong_args ("--flush");
1306 rc = crl_cache_flush();
1308 else if (cmd == aGPGConfTest)
1310 else if (cmd == aGPGConfList)
1312 unsigned long flags = 0;
1316 /* First the configuration file. This is not an option, but it
1317 is vital information for GPG Conf. */
1318 if (!opt.config_filename)
1319 opt.config_filename = make_filename (gnupg_homedir (),
1320 "dirmngr.conf", NULL );
1322 filename = percent_escape (opt.config_filename, NULL);
1323 es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
1324 GC_OPT_FLAG_DEFAULT, filename);
1327 es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
1328 es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
1329 es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
1330 es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
1331 es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
1333 /* --csh and --sh are mutually exclusive, something we can not
1334 express in GPG Conf. --options is only usable from the
1335 command line, really. --debug-all interacts with --debug,
1336 and having both of them is thus problematic. --no-detach is
1337 also only usable on the command line. --batch is unused. */
1339 filename = make_filename (gnupg_homedir (),
1340 "dirmngr_ldapservers.conf",
1342 filename_esc = percent_escape (filename, NULL);
1343 es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
1345 xfree (filename_esc);
1348 es_printf ("ldaptimeout:%lu:%u\n",
1349 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
1350 es_printf ("max-replies:%lu:%u\n",
1351 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
1352 es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1353 es_printf ("allow-version-check:%lu:\n", flags | GC_OPT_FLAG_NONE);
1354 es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
1355 es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
1357 es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
1358 es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
1360 es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
1361 es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
1362 es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
1363 es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1364 es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1365 es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1366 es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1367 es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1368 es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1369 /* Note: The next one is to fix a typo in gpgconf - should be
1370 removed eventually. */
1371 es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1373 es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE);
1374 es_printf ("keyserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1375 es_printf ("nameserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1376 es_printf ("resolver-timeout:%lu:%u\n",
1377 flags | GC_OPT_FLAG_DEFAULT, 0);
1387 crl_cache_deinit ();
1388 cert_cache_deinit (1);
1389 reload_dns_stuff (1);
1392 ldapserver_list_free (opt.ldapservers);
1394 opt.ldapservers = NULL;
1399 if (redir_socket_name)
1400 gnupg_remove (redir_socket_name);
1401 else if (socket_name && *socket_name)
1402 gnupg_remove (socket_name);
1408 dirmngr_exit (int rc)
1416 dirmngr_init_default_ctrl (ctrl_t ctrl)
1419 ctrl->http_proxy = xstrdup (opt.http_proxy);
1424 dirmngr_deinit_default_ctrl (ctrl_t ctrl)
1428 xfree (ctrl->http_proxy);
1429 ctrl->http_proxy = NULL;
1433 /* Create a list of LDAP servers from the file FILENAME. Returns the
1434 list or NULL in case of errors.
1436 The format fo such a file is line oriented where empty lines and
1437 lines starting with a hash mark are ignored. All other lines are
1438 assumed to be colon seprated with these fields:
1441 2. field: Portnumber
1448 static ldap_server_t
1449 parse_ldapserver_file (const char* filename)
1453 ldap_server_t server, serverstart, *serverend;
1455 unsigned int lineno = 0;
1458 fp = es_fopen (filename, "r");
1461 log_error (_("error opening '%s': %s\n"), filename, strerror (errno));
1466 serverend = &serverstart;
1467 while (es_fgets (buffer, sizeof buffer, fp))
1470 if (!*buffer || buffer[strlen(buffer)-1] != '\n')
1472 if (*buffer && es_feof (fp))
1473 ; /* Last line not terminated - continue. */
1476 log_error (_("%s:%u: line too long - skipped\n"),
1478 while ( (c=es_fgetc (fp)) != EOF && c != '\n')
1479 ; /* Skip until end of line. */
1483 /* Skip empty and comment lines.*/
1484 for (p=buffer; spacep (p); p++)
1486 if (!*p || *p == '\n' || *p == '#')
1489 /* Parse the colon separated fields. */
1490 server = ldapserver_parse_one (buffer, filename, lineno);
1493 *serverend = server;
1494 serverend = &server->next;
1499 log_error (_("error reading '%s': %s\n"), filename, strerror (errno));
1506 static fingerprint_list_t
1507 parse_ocsp_signer (const char *string)
1514 fingerprint_list_t list, *list_tail, item;
1515 unsigned int lnr = 0;
1520 /* Check whether this is not a filename and treat it as a direct
1521 fingerprint specification. */
1522 if (!strpbrk (string, "/.~\\"))
1524 item = xcalloc (1, sizeof *item);
1525 for (i=j=0; (string[i] == ':' || hexdigitp (string+i)) && j < 40; i++)
1526 if ( string[i] != ':' )
1527 item->hexfpr[j++] = string[i] >= 'a'? (string[i] & 0xdf): string[i];
1528 item->hexfpr[j] = 0;
1529 if (j != 40 || !(spacep (string+i) || !string[i]))
1531 log_error (_("%s:%u: invalid fingerprint detected\n"),
1532 "--ocsp-signer", 0);
1539 /* Well, it is a filename. */
1540 if (*string == '/' || (*string == '~' && string[1] == '/'))
1541 fname = make_filename (string, NULL);
1544 if (string[0] == '.' && string[1] == '/' )
1546 fname = make_filename (gnupg_homedir (), string, NULL);
1549 fp = es_fopen (fname, "r");
1552 err = gpg_error_from_syserror ();
1553 log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
1562 if (!es_fgets (line, DIM(line)-1, fp) )
1566 err = gpg_error_from_syserror ();
1567 log_error (_("%s:%u: read error: %s\n"),
1568 fname, lnr, gpg_strerror (err));
1576 fingerprint_list_t tmp = list->next;
1582 return list; /* Ready. */
1586 if (!*line || line[strlen(line)-1] != '\n')
1588 /* Eat until end of line. */
1589 while ( (c=es_getc (fp)) != EOF && c != '\n')
1591 err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
1592 /* */: GPG_ERR_INCOMPLETE_LINE);
1593 log_error (_("%s:%u: read error: %s\n"),
1594 fname, lnr, gpg_strerror (err));
1599 /* Allow for empty lines and spaces */
1600 for (p=line; spacep (p); p++)
1602 if (!*p || *p == '\n' || *p == '#')
1605 item = xcalloc (1, sizeof *item);
1607 list_tail = &item->next;
1609 for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
1611 item->hexfpr[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
1612 item->hexfpr[j] = 0;
1613 if (j != 40 || !(spacep (p+i) || p[i] == '\n'))
1615 log_error (_("%s:%u: invalid fingerprint detected\n"), fname, lnr);
1619 while (spacep (p+i))
1621 if (p[i] && p[i] != '\n')
1622 log_info (_("%s:%u: garbage at end of line ignored\n"), fname, lnr);
1631 Stuff used in daemon mode.
1636 /* Reread parts of the configuration. Note, that this function is
1637 obviously not thread-safe and should only be called from the NPTH
1640 Fixme: Due to the way the argument parsing works, we create a
1641 memory leak here for all string type arguments. There is currently
1642 no clean way to tell whether the memory for the argument has been
1643 allocated or points into the process' original arguments. Unless
1644 we have a mechanism to tell this, we need to live on with this. */
1646 reread_configuration (void)
1648 ARGPARSE_ARGS pargs;
1650 unsigned int configlineno = 0;
1653 if (!opt.config_filename)
1654 return; /* No config file. */
1656 fp = fopen (opt.config_filename, "r");
1659 log_error (_("option file '%s': %s\n"),
1660 opt.config_filename, strerror(errno) );
1664 parse_rereadable_options (NULL, 1); /* Start from the default values. */
1666 memset (&pargs, 0, sizeof pargs);
1668 pargs.argc = &dummy;
1669 pargs.flags = 1; /* do not remove the args */
1670 while (optfile_parse (fp, opt.config_filename, &configlineno, &pargs, opts) )
1672 if (pargs.r_opt < -1)
1673 pargs.err = 1; /* Print a warning. */
1674 else /* Try to parse this option - ignore unchangeable ones. */
1675 parse_rereadable_options (&pargs, 1);
1684 /* A global function which allows us to trigger the reload stuff from
1687 dirmngr_sighup_action (void)
1689 log_info (_("SIGHUP received - "
1690 "re-reading configuration and flushing caches\n"));
1691 reread_configuration ();
1692 cert_cache_deinit (0);
1693 crl_cache_deinit ();
1696 reload_dns_stuff (0);
1700 /* This function is called if some network activity was done. At this
1701 * point we know the we have a network and we can decide whether to
1702 * run scheduled background tasks soon. The function should return
1703 * quickly and only trigger actions for another thread. */
1705 netactivity_action (void)
1707 network_activity_seen = 1;
1711 /* The signal handler. */
1712 #ifndef HAVE_W32_SYSTEM
1714 handle_signal (int signo)
1719 dirmngr_sighup_action ();
1723 cert_cache_print_stats ();
1727 log_info (_("SIGUSR2 received - no action defined\n"));
1731 if (!shutdown_pending)
1732 log_info (_("SIGTERM received - shutting down ...\n"));
1734 log_info (_("SIGTERM received - still %d active connections\n"),
1735 active_connections);
1737 if (shutdown_pending > 2)
1739 log_info (_("shutdown forced\n"));
1740 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
1747 log_info (_("SIGINT received - immediate shutdown\n"));
1748 log_info( "%s %s stopped\n", strusage(11), strusage(13));
1754 log_info (_("signal %d received - no action defined\n"), signo);
1757 #endif /*!HAVE_W32_SYSTEM*/
1760 /* Check the nonce on a new connection. This is a NOP unless we are
1761 using our Unix domain socket emulation under Windows. */
1763 check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
1765 if (assuan_sock_check_nonce (fd, nonce))
1767 log_info (_("error reading nonce on fd %d: %s\n"),
1768 FD2INT (fd), strerror (errno));
1769 assuan_sock_close (fd);
1777 /* Helper to call a connection's main function. */
1779 start_connection_thread (void *arg)
1781 union int_and_ptr_u argval;
1784 memset (&argval, 0, sizeof argval);
1788 if (check_nonce (fd, &socket_nonce))
1790 log_error ("handler nonce check FAILED\n");
1794 #ifndef HAVE_W32_SYSTEM
1795 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1798 active_connections++;
1800 log_info (_("handler for fd %d started\n"), FD2INT (fd));
1802 start_command_handler (fd);
1805 log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
1806 active_connections--;
1808 #ifndef HAVE_W32_SYSTEM
1809 argval.afd = ASSUAN_INVALID_FD;
1810 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1817 #ifdef HAVE_INOTIFY_INIT
1818 /* Read an inotify event and return true if it matches NAME. */
1820 my_inotify_is_name (int fd, const char *name)
1823 struct inotify_event ev;
1824 char _buf[sizeof (struct inotify_event) + 100 + 1];
1829 s = strrchr (name, '/');
1833 n = npth_read (fd, &buf, sizeof buf);
1834 if (n < sizeof (struct inotify_event))
1836 if (buf.ev.len < strlen (name)+1)
1838 if (strcmp (buf.ev.name, name))
1839 return 0; /* Not the desired file. */
1841 return 1; /* Found. */
1843 #endif /*HAVE_INOTIFY_INIT*/
1846 /* Main loop in daemon mode. Note that LISTEN_FD will be owned by
1849 handle_connections (assuan_fd_t listen_fd)
1852 #ifndef HAVE_W32_SYSTEM
1855 struct sockaddr_un paddr;
1856 socklen_t plen = sizeof( paddr );
1859 fd_set fdset, read_fdset;
1861 int my_inotify_fd = -1;
1863 npth_attr_init (&tattr);
1864 npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
1866 #ifndef HAVE_W32_SYSTEM /* FIXME */
1868 npth_sigev_add (SIGHUP);
1869 npth_sigev_add (SIGUSR1);
1870 npth_sigev_add (SIGUSR2);
1871 npth_sigev_add (SIGINT);
1872 npth_sigev_add (SIGTERM);
1876 #ifdef HAVE_INOTIFY_INIT
1877 if (disable_check_own_socket)
1879 else if ((my_inotify_fd = inotify_init ()) == -1)
1880 log_info ("error enabling fast daemon termination: %s\n",
1884 /* We need to watch the directory for the file because there
1885 * won't be an IN_DELETE_SELF for a socket file. */
1886 char *slash = strrchr (socket_name, '/');
1887 log_assert (slash && slash[1]);
1889 if (inotify_add_watch (my_inotify_fd, socket_name, IN_DELETE) == -1)
1891 close (my_inotify_fd);
1896 #endif /*HAVE_INOTIFY_INIT*/
1899 /* Setup the fdset. */
1901 FD_SET (FD2INT (listen_fd), &fdset);
1902 nfd = FD2INT (listen_fd);
1903 if (my_inotify_fd != -1)
1905 FD_SET (my_inotify_fd, &fdset);
1906 if (my_inotify_fd > nfd)
1907 nfd = my_inotify_fd;
1913 /* Shutdown test. */
1914 if (shutdown_pending)
1916 if (!active_connections)
1919 /* Do not accept new connections but keep on running the
1920 * select loop to wait for signals (e.g. SIGCHLD).
1922 * Note that we do not close the listening socket because a
1923 * client trying to connect to that socket would instead
1924 * restart a new dirmngr instance - which is unlikely the
1925 * intention of a shutdown. */
1926 /* assuan_sock_close (listen_fd); */
1927 /* listen_fd = -1; */
1930 if (my_inotify_fd != -1)
1932 FD_SET (my_inotify_fd, &fdset);
1933 nfd = my_inotify_fd;
1937 /* Take a copy of the fdset. */
1940 #ifndef HAVE_W32_SYSTEM
1941 ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL, npth_sigev_sigmask());
1942 saved_errno = errno;
1944 while (npth_sigev_get_pending(&signo))
1945 handle_signal (signo);
1947 ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL, NULL, NULL);
1948 saved_errno = errno;
1951 if (ret == -1 && saved_errno != EINTR)
1953 log_error (_("npth_pselect failed: %s - waiting 1s\n"),
1954 strerror (saved_errno));
1961 /* Interrupt. Will be handled at the top of the next loop. */
1965 if (shutdown_pending)
1967 /* Do not anymore accept connections. */
1971 #ifdef HAVE_INOTIFY_INIT
1972 if (my_inotify_fd != -1 && FD_ISSET (my_inotify_fd, &read_fdset)
1973 && my_inotify_is_name (my_inotify_fd, socket_name))
1975 shutdown_pending = 1;
1976 log_info ("socket file has been removed - shutting down\n");
1978 #endif /*HAVE_INOTIFY_INIT*/
1980 if (FD_ISSET (FD2INT (listen_fd), &read_fdset))
1982 plen = sizeof paddr;
1983 fd = INT2FD (npth_accept (FD2INT(listen_fd),
1984 (struct sockaddr *)&paddr, &plen));
1985 if (fd == GNUPG_INVALID_FD)
1987 log_error ("accept failed: %s\n", strerror (errno));
1991 char threadname[50];
1992 union int_and_ptr_u argval;
1995 memset (&argval, 0, sizeof argval);
1997 snprintf (threadname, sizeof threadname,
1998 "conn fd=%d", FD2INT(fd));
2000 ret = npth_create (&thread, &tattr,
2001 start_connection_thread, argval.aptr);
2004 log_error ("error spawning connection handler: %s\n",
2006 assuan_sock_close (fd);
2008 npth_setname_np (thread, threadname);
2010 fd = GNUPG_INVALID_FD;
2014 #ifdef HAVE_INOTIFY_INIT
2015 if (my_inotify_fd != -1)
2016 close (my_inotify_fd);
2017 #endif /*HAVE_INOTIFY_INIT*/
2018 npth_attr_destroy (&tattr);
2019 if (listen_fd != -1)
2020 assuan_sock_close (fd);
2022 log_info ("%s %s stopped\n", strusage(11), strusage(13));
2026 dirmngr_get_current_socket_name (void)
2031 return dirmngr_socket_name ();