1 /* dirmngr.c - Keyserver and X.509 LDAP access
2 * Copyright (C) 2002 Klarälvdalens Datakonsult AB
3 * Copyright (C) 2003, 2004, 2006, 2007, 2008, 2010, 2011 g10 Code GmbH
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
33 #ifndef HAVE_W32_SYSTEM
34 #include <sys/socket.h>
42 #ifdef HAVE_INOTIFY_INIT
43 # include <sys/inotify.h>
44 #endif /*HAVE_INOTIFY_INIT*/
47 #include "dirmngr-err.h"
52 # include <gnutls/gnutls.h>
53 #endif /*HTTP_USE_GNUTLS*/
56 #define GNUPG_COMMON_NEED_AFLOCAL
61 #include "certcache.h"
66 # include "ldapserver.h"
70 # include "ldap-wrapper.h"
72 #include "../common/init.h"
73 #include "gc-opt-flags.h"
74 #include "dns-stuff.h"
77 # define ENAMETOOLONG EINVAL
81 enum cmd_and_opt_values {
138 oIgnoreCertExtension,
142 oDisableCheckOwnSocket,
151 static ARGPARSE_OPTS opts[] = {
153 ARGPARSE_group (300, N_("@Commands:\n ")),
155 ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
156 ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
157 #ifndef HAVE_W32_SYSTEM
158 ARGPARSE_c (aSupervised, "supervised", N_("run in supervised mode")),
160 ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
161 ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
162 ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
163 ARGPARSE_c (aShutdown, "shutdown", N_("shutdown the dirmngr")),
164 ARGPARSE_c (aFlush, "flush", N_("flush the cache")),
165 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
166 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
168 ARGPARSE_group (301, N_("@\nOptions:\n ")),
170 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
171 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
172 ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
173 ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
174 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
175 ARGPARSE_s_s (oDebugLevel, "debug-level",
176 N_("|LEVEL|set the debugging level to LEVEL")),
177 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
178 ARGPARSE_s_s (oLogFile, "log-file",
179 N_("|FILE|write server mode logs to FILE")),
180 ARGPARSE_s_n (oBatch, "batch", N_("run without asking a user")),
181 ARGPARSE_s_n (oForce, "force", N_("force loading of outdated CRLs")),
182 ARGPARSE_s_n (oAllowOCSP, "allow-ocsp", N_("allow sending OCSP requests")),
183 ARGPARSE_s_n (oAllowVersionCheck, "allow-version-check",
184 N_("allow online software version check")),
185 ARGPARSE_s_n (oDisableHTTP, "disable-http", N_("inhibit the use of HTTP")),
186 ARGPARSE_s_n (oDisableLDAP, "disable-ldap", N_("inhibit the use of LDAP")),
187 ARGPARSE_s_n (oIgnoreHTTPDP,"ignore-http-dp",
188 N_("ignore HTTP CRL distribution points")),
189 ARGPARSE_s_n (oIgnoreLDAPDP,"ignore-ldap-dp",
190 N_("ignore LDAP CRL distribution points")),
191 ARGPARSE_s_n (oIgnoreOCSPSvcUrl, "ignore-ocsp-service-url",
192 N_("ignore certificate contained OCSP service URLs")),
194 ARGPARSE_s_s (oHTTPProxy, "http-proxy",
195 N_("|URL|redirect all HTTP requests to URL")),
196 ARGPARSE_s_s (oLDAPProxy, "ldap-proxy",
197 N_("|HOST|use HOST for LDAP queries")),
198 ARGPARSE_s_n (oOnlyLDAPProxy, "only-ldap-proxy",
199 N_("do not use fallback hosts with --ldap-proxy")),
201 ARGPARSE_s_s (oLDAPFile, "ldapserverlist-file",
202 N_("|FILE|read LDAP server list from FILE")),
203 ARGPARSE_s_n (oLDAPAddServers, "add-servers",
204 N_("add new servers discovered in CRL distribution"
205 " points to serverlist")),
206 ARGPARSE_s_i (oLDAPTimeout, "ldaptimeout",
207 N_("|N|set LDAP timeout to N seconds")),
209 ARGPARSE_s_s (oOCSPResponder, "ocsp-responder",
210 N_("|URL|use OCSP responder at URL")),
211 ARGPARSE_s_s (oOCSPSigner, "ocsp-signer",
212 N_("|FPR|OCSP response signed by FPR")),
213 ARGPARSE_s_i (oOCSPMaxClockSkew, "ocsp-max-clock-skew", "@"),
214 ARGPARSE_s_i (oOCSPMaxPeriod, "ocsp-max-period", "@"),
215 ARGPARSE_s_i (oOCSPCurrentPeriod, "ocsp-current-period", "@"),
217 ARGPARSE_s_i (oMaxReplies, "max-replies",
218 N_("|N|do not return more than N items in one query")),
220 ARGPARSE_s_s (oNameServer, "nameserver", "@"),
221 ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
222 ARGPARSE_s_s (oHkpCaCert, "hkp-cacert",
223 N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
225 ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
227 ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
229 ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
230 ARGPARSE_s_s (oDebug, "debug", "@"),
231 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
232 ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
233 ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
234 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
235 ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
236 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
237 ARGPARSE_s_s (oHomedir, "homedir", "@"),
238 ARGPARSE_s_s (oLDAPWrapperProgram, "ldap-wrapper-program", "@"),
239 ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"),
240 ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy", "@"),
241 ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"),
242 ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"),
243 ARGPARSE_s_n (oRecursiveResolver, "recursive-resolver", "@"),
244 ARGPARSE_s_i (oResolverTimeout, "resolver-timeout", "@"),
246 ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing "
247 "of all commands and options)\n")),
252 /* The list of supported debug flags. */
253 static struct debug_flags_s debug_flags [] =
255 { DBG_X509_VALUE , "x509" },
256 { DBG_CRYPTO_VALUE , "crypto" },
257 { DBG_MEMORY_VALUE , "memory" },
258 { DBG_CACHE_VALUE , "cache" },
259 { DBG_MEMSTAT_VALUE, "memstat" },
260 { DBG_HASHING_VALUE, "hashing" },
261 { DBG_IPC_VALUE , "ipc" },
262 { DBG_DNS_VALUE , "dns" },
263 { DBG_NETWORK_VALUE, "network" },
264 { DBG_LOOKUP_VALUE , "lookup" },
265 { 77, NULL } /* 77 := Do not exit on "help" or "?". */
268 #define DEFAULT_MAX_REPLIES 10
269 #define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
271 /* For the cleanup handler we need to keep track of the socket's name. */
272 static const char *socket_name;
273 /* If the socket has been redirected, this is the name of the
274 redirected socket.. */
275 static const char *redir_socket_name;
277 /* We need to keep track of the server's nonces (these are dummies for
279 static assuan_sock_nonce_t socket_nonce;
281 /* Only if this flag has been set will we remove the socket file. */
282 static int cleanup_socket;
284 /* Keep track of the current log file so that we can avoid updating
285 the log file after a SIGHUP if it didn't changed. Malloced. */
286 static char *current_logfile;
288 /* Helper to implement --debug-level. */
289 static const char *debug_level;
291 /* Helper to set the NTBTLS or GNUTLS log level. */
292 static int opt_gnutls_debug = -1;
294 /* Flag indicating that a shutdown has been requested. */
295 static volatile int shutdown_pending;
297 /* Flags to indicate that we shall not watch our own socket. */
298 static int disable_check_own_socket;
300 /* Counter for the active connections. */
301 static int active_connections;
303 /* This flag is set by any network access and used by the housekeeping
304 * thread to run background network tasks. */
305 static int network_activity_seen;
307 /* This union is used to avoid compiler warnings in case a pointer is
308 64 bit and an int 32 bit. We store an integer in a pointer and get
309 it back later (npth_getspecific et al.). */
319 /* The key used to store the current file descriptor in the thread
320 local storage. We use this in conjunction with the
321 log_set_pid_suffix_cb feature. */
322 #ifndef HAVE_W32_SYSTEM
323 static int my_tlskey_current_fd;
327 static void cleanup (void);
329 static ldap_server_t parse_ldapserver_file (const char* filename);
331 static fingerprint_list_t parse_ocsp_signer (const char *string);
332 static void netactivity_action (void);
333 static void handle_connections (assuan_fd_t listen_fd);
335 /* NPth wrapper function definitions. */
336 ASSUAN_SYSTEM_NPTH_IMPL;
339 my_strusage( int level )
344 case 11: p = "@DIRMNGR@ (@GNUPG@)";
346 case 13: p = VERSION; break;
347 case 17: p = PRINTABLE_OS_NAME; break;
348 /* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
349 reporting address. This is so that we can change the
350 reporting address without breaking the translations. */
351 case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
352 case 49: p = PACKAGE_BUGREPORT; break;
354 case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)");
356 case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n"
357 "Keyserver, CRL, and OCSP access for @GNUPG@\n");
366 /* Callback from libksba to hash a provided buffer. Our current
367 implementation does only allow SHA-1 for hashing. This may be
368 extended by mapping the name, testing for algorithm availibility
369 and adjust the length checks accordingly. */
371 my_ksba_hash_buffer (void *arg, const char *oid,
372 const void *buffer, size_t length, size_t resultsize,
373 unsigned char *result, size_t *resultlen)
377 if (oid && strcmp (oid, "1.3.14.3.2.26"))
378 return gpg_error (GPG_ERR_NOT_SUPPORTED);
380 return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
381 gcry_md_hash_buffer (2, result, buffer, length);
387 /* GNUTLS log function callback. */
388 #ifdef HTTP_USE_GNUTLS
390 my_gnutls_log (int level, const char *text)
395 while (n && text[n-1] == '\n')
398 log_debug ("gnutls:L%d: %.*s\n", level, n, text);
400 #endif /*HTTP_USE_GNUTLS*/
402 /* Setup the debugging. With a LEVEL of NULL only the active debug
403 flags are propagated to the subsystems. With LEVEL set, a specific
404 set of debug flags is set; thus overriding all flags already
409 int numok = (debug_level && digitp (debug_level));
410 int numlvl = numok? atoi (debug_level) : 0;
414 else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
416 else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
417 opt.debug = DBG_IPC_VALUE;
418 else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
419 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE);
420 else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
421 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE
422 |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
423 else if (!strcmp (debug_level, "guru") || numok)
426 /* Unless the "guru" string has been used we don't want to allow
427 hashing debugging. The rationale is that people tend to
428 select the highest debug value and would then clutter their
429 disk with debug files which may reveal confidential data. */
431 opt.debug &= ~(DBG_HASHING_VALUE);
435 log_error (_("invalid debug-level '%s' given\n"), debug_level);
436 log_info (_("valid debug levels are: %s\n"),
437 "none, basic, advanced, expert, guru");
438 opt.debug = 0; /* Reset debugging, so that prior debug
439 statements won't have an undesired effect. */
443 if (opt.debug && !opt.verbose)
446 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
448 if (opt.debug && opt.quiet)
451 if (opt.debug & DBG_CRYPTO_VALUE )
452 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
455 if (opt_gnutls_debug >= 0)
457 ntbtls_set_debug (opt_gnutls_debug, NULL, NULL);
459 #elif HTTP_USE_GNUTLS
460 if (opt_gnutls_debug >= 0)
462 gnutls_global_set_log_function (my_gnutls_log);
463 gnutls_global_set_log_level (opt_gnutls_debug);
465 #endif /*HTTP_USE_GNUTLS*/
468 parse_debug_flag (NULL, &opt.debug, debug_flags);
477 if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
479 log_error ("error enabling Tor mode: %s\n", strerror (errno));
480 log_info ("(is your Libassuan recent enough?)\n");
487 wrong_args (const char *text)
489 es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME);
490 es_fputs (text, es_stderr);
491 es_putc ('\n', es_stderr);
496 /* Helper to stop the reaper thread for the ldap wrapper. */
498 shutdown_reaper (void)
501 ldap_wrapper_wait_connections ();
506 /* Handle options which are allowed to be reset after program start.
507 Return true if the current option in PARGS could be handled and
508 false if not. As a special feature, passing a value of NULL for
509 PARGS, resets the options to the default. REREAD should be set
510 true if it is not the initial option parsing. */
512 parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
519 opt.ldap_wrapper_program = NULL;
520 opt.disable_http = 0;
521 opt.disable_ldap = 0;
522 opt.honor_http_proxy = 0;
523 opt.http_proxy = NULL;
524 opt.ldap_proxy = NULL;
525 opt.only_ldap_proxy = 0;
526 opt.ignore_http_dp = 0;
527 opt.ignore_ldap_dp = 0;
528 opt.ignore_ocsp_service_url = 0;
530 opt.allow_version_check = 0;
531 opt.ocsp_responder = NULL;
532 opt.ocsp_max_clock_skew = 10 * 60; /* 10 minutes. */
533 opt.ocsp_max_period = 90 * 86400; /* 90 days. */
534 opt.ocsp_current_period = 3 * 60 * 60; /* 3 hours. */
535 opt.max_replies = DEFAULT_MAX_REPLIES;
536 while (opt.ocsp_signer)
538 fingerprint_list_t tmp = opt.ocsp_signer->next;
539 xfree (opt.ocsp_signer);
540 opt.ocsp_signer = tmp;
542 FREE_STRLIST (opt.ignored_cert_extensions);
543 http_register_tls_ca (NULL);
544 FREE_STRLIST (opt.keyserver);
545 /* Note: We do not allow resetting of opt.use_tor at runtime. */
546 disable_check_own_socket = 0;
547 enable_standard_resolver (0);
552 switch (pargs->r_opt)
554 case oQuiet: opt.quiet = 1; break;
555 case oVerbose: opt.verbose++; break;
557 parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
559 case oDebugAll: opt.debug = ~0; break;
560 case oDebugLevel: debug_level = pargs->r.ret_str; break;
561 case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
565 return 0; /* Not handled. */
566 if (!current_logfile || !pargs->r.ret_str
567 || strcmp (current_logfile, pargs->r.ret_str))
569 log_set_file (pargs->r.ret_str);
570 xfree (current_logfile);
571 current_logfile = xtrystrdup (pargs->r.ret_str);
575 case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
577 case oLDAPWrapperProgram:
578 opt.ldap_wrapper_program = pargs->r.ret_str;
580 case oHTTPWrapperProgram:
581 opt.http_wrapper_program = pargs->r.ret_str;
584 case oDisableHTTP: opt.disable_http = 1; break;
585 case oDisableLDAP: opt.disable_ldap = 1; break;
586 case oHonorHTTPProxy: opt.honor_http_proxy = 1; break;
587 case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break;
588 case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break;
589 case oOnlyLDAPProxy: opt.only_ldap_proxy = 1; break;
590 case oIgnoreHTTPDP: opt.ignore_http_dp = 1; break;
591 case oIgnoreLDAPDP: opt.ignore_ldap_dp = 1; break;
592 case oIgnoreOCSPSvcUrl: opt.ignore_ocsp_service_url = 1; break;
594 case oAllowOCSP: opt.allow_ocsp = 1; break;
595 case oAllowVersionCheck: opt.allow_version_check = 1; break;
596 case oOCSPResponder: opt.ocsp_responder = pargs->r.ret_str; break;
598 opt.ocsp_signer = parse_ocsp_signer (pargs->r.ret_str);
600 case oOCSPMaxClockSkew: opt.ocsp_max_clock_skew = pargs->r.ret_int; break;
601 case oOCSPMaxPeriod: opt.ocsp_max_period = pargs->r.ret_int; break;
602 case oOCSPCurrentPeriod: opt.ocsp_current_period = pargs->r.ret_int; break;
604 case oMaxReplies: opt.max_replies = pargs->r.ret_int; break;
610 /* Do tilde expansion and make path absolute. */
611 tmpname = make_absfilename (pargs->r.ret_str, NULL);
612 http_register_tls_ca (tmpname);
617 case oIgnoreCertExtension:
618 add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
621 case oUseTor: opt.use_tor = 1; break;
623 case oStandardResolver: enable_standard_resolver (1); break;
624 case oRecursiveResolver: enable_recursive_resolver (1); break;
627 if (*pargs->r.ret_str)
628 add_to_strlist (&opt.keyserver, pargs->r.ret_str);
632 set_dns_nameserver (pargs->r.ret_str);
635 case oResolverTimeout:
636 set_dns_timeout (pargs->r.ret_int);
640 return 0; /* Not handled. */
643 set_dns_verbose (opt.verbose, !!DBG_DNS);
645 return 1; /* Handled. */
649 #ifndef HAVE_W32_SYSTEM
651 pid_suffix_callback (unsigned long *r_suffix)
653 union int_and_ptr_u value;
655 memset (&value, 0, sizeof value);
656 value.aptr = npth_getspecific (my_tlskey_current_fd);
657 *r_suffix = value.aint;
658 return (*r_suffix != -1); /* Use decimal representation. */
660 #endif /*!HAVE_W32_SYSTEM*/
667 gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
669 /* Now with NPth running we can set the logging callback. Our
670 windows implementation does not yet feature the NPth TLS
672 #ifndef HAVE_W32_SYSTEM
673 if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
674 if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
675 log_set_pid_suffix_cb (pid_suffix_callback);
676 #endif /*!HAVE_W32_SYSTEM*/
681 main (int argc, char **argv)
683 enum cmd_and_opt_values cmd = 0;
687 FILE *configfp = NULL;
688 char *configname = NULL;
690 unsigned configlineno;
692 int default_config =1;
697 char *logfile = NULL;
699 char *ldapfile = NULL;
703 struct assuan_malloc_hooks malloc_hooks;
705 early_system_init ();
706 set_strusage (my_strusage);
707 log_set_prefix (DIRMNGR_NAME, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
709 /* Make sure that our subsystems are ready. */
711 init_common_subsystems (&argc, &argv);
713 gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
715 /* Check that the libraries are suitable. Do it here because
716 the option parsing may need services of the libraries. */
717 if (!ksba_check_version (NEED_KSBA_VERSION) )
718 log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba",
719 NEED_KSBA_VERSION, ksba_check_version (NULL) );
721 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
722 ksba_set_hash_buffer_function (my_ksba_hash_buffer, NULL);
724 /* Init TLS library. */
726 if (!ntbtls_check_version (NEED_NTBTLS_VERSION) )
727 log_fatal( _("%s is too old (need %s, have %s)\n"), "ntbtls",
728 NEED_NTBTLS_VERSION, ntbtls_check_version (NULL) );
729 #elif HTTP_USE_GNUTLS
730 rc = gnutls_global_init ();
732 log_fatal ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
733 #endif /*HTTP_USE_GNUTLS*/
736 malloc_hooks.malloc = gcry_malloc;
737 malloc_hooks.realloc = gcry_realloc;
738 malloc_hooks.free = gcry_free;
739 assuan_set_malloc_hooks (&malloc_hooks);
740 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
741 assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
742 assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
744 setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
746 setup_libgcrypt_logging ();
748 /* Setup defaults. */
749 shell = getenv ("SHELL");
750 if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
753 /* Reset rereadable options to default values. */
754 parse_rereadable_options (NULL, 0);
757 opt.add_new_ldapservers = 0;
758 opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
760 /* Other defaults. */
762 /* Check whether we have a config file given on the commandline */
767 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
768 while (arg_parse( &pargs, opts))
770 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
772 else if (pargs.r_opt == oOptions)
773 { /* Yes there is one, so we do not try the default one, but
774 read the option file when it is encountered at the
778 else if (pargs.r_opt == oNoOptions)
779 default_config = 0; /* --no-options */
780 else if (pargs.r_opt == oHomedir)
782 gnupg_set_homedir (pargs.r.ret_str);
786 socket_name = dirmngr_socket_name ();
788 configname = make_filename (gnupg_homedir (), DIRMNGR_NAME".conf", NULL );
794 pargs.flags= 1; /* do not remove the args */
799 configfp = fopen (configname, "r");
805 log_info (_("Note: no default option file '%s'\n"),
810 log_error (_("option file '%s': %s\n"),
811 configname, strerror(errno) );
817 if (parse_debug && configname )
818 log_info (_("reading options from '%s'\n"), configname );
822 while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
824 if (parse_rereadable_options (&pargs, 0))
825 continue; /* Already handled */
841 case oQuiet: opt.quiet = 1; break;
842 case oVerbose: opt.verbose++; break;
843 case oBatch: opt.batch=1; break;
845 case oDebugWait: debug_wait = pargs.r.ret_int; break;
848 /* Config files may not be nested (silently ignore them) */
852 configname = xstrdup(pargs.r.ret_str);
856 case oNoGreeting: nogreeting = 1; break;
857 case oNoVerbose: opt.verbose = 0; break;
858 case oNoOptions: break; /* no-options */
859 case oHomedir: /* Ignore this option here. */; break;
860 case oNoDetach: nodetach = 1; break;
861 case oLogFile: logfile = pargs.r.ret_str; break;
862 case oCsh: csh_style = 1; break;
863 case oSh: csh_style = 0; break;
866 ldapfile = pargs.r.ret_str;
869 case oLDAPAddServers: opt.add_new_ldapservers = 1; break;
871 opt.ldaptimeout = pargs.r.ret_int;
874 case oFakedSystemTime:
875 gnupg_set_time ((time_t)pargs.r.ret_ulong, 0);
878 case oForce: opt.force = 1; break;
880 case oSocketName: socket_name = pargs.r.ret_str; break;
882 default : pargs.err = configfp? 1:2; break;
889 /* Keep a copy of the name so that it can be read on SIGHUP. */
890 opt.config_filename = configname;
896 if (log_get_errorcount(0))
901 if (!opt.homedir_cache)
902 opt.homedir_cache = xstrdup (gnupg_homedir ());
906 es_fprintf (es_stderr, "%s %s; %s\n",
907 strusage(11), strusage(13), strusage(14) );
908 es_fprintf (es_stderr, "%s\n", strusage(15) );
911 #ifdef IS_DEVELOPMENT_VERSION
912 log_info ("NOTE: this is a development version!\n");
917 log_info ("WARNING: ***************************************\n");
918 log_info ("WARNING: Tor mode (--use-tor) MAY NOT FULLY WORK!\n");
919 log_info ("WARNING: ***************************************\n");
922 /* Print a warning if an argument looks like an option. */
923 if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
927 for (i=0; i < argc; i++)
928 if (argv[i][0] == '-' && argv[i][1] == '-')
929 log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
932 if (!access ("/etc/"DIRMNGR_NAME, F_OK)
933 && !strncmp (gnupg_homedir (), "/etc/", 5))
935 ("NOTE: DirMngr is now a proper part of %s. The configuration and"
936 " other directory names changed. Please check that no other version"
937 " of dirmngr is still installed. To disable this warning, remove the"
938 " directory '/etc/dirmngr'.\n", GNUPG_NAME);
940 if (gnupg_faked_time_p ())
942 gnupg_isotime_t tbuf;
944 log_info (_("WARNING: running with faked system time: "));
945 gnupg_get_isotime (tbuf);
953 /* Get LDAP server list from file. */
957 ldapfile = make_filename (gnupg_homedir (),
958 "dirmngr_ldapservers.conf",
960 opt.ldapservers = parse_ldapserver_file (ldapfile);
964 opt.ldapservers = parse_ldapserver_file (ldapfile);
967 #ifndef HAVE_W32_SYSTEM
968 /* We need to ignore the PIPE signal because the we might log to a
969 socket and that code handles EPIPE properly. The ldap wrapper
970 also requires us to ignore this silly signal. Assuan would set
971 this signal to ignore anyway.*/
972 signal (SIGPIPE, SIG_IGN);
975 /* Ready. Now to our duties. */
982 /* Note that this server mode is mainly useful for debugging. */
984 wrong_args ("--server");
988 log_set_file (logfile);
989 log_set_prefix (NULL, GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
994 log_debug ("waiting for debugger - my pid is %u .....\n",
995 (unsigned int)getpid());
996 gnupg_sleep (debug_wait);
997 log_debug ("... okay\n");
1004 http_register_netactivity_cb (netactivity_action);
1005 start_command_handler (ASSUAN_INVALID_FD);
1008 #ifndef HAVE_W32_SYSTEM
1009 else if (cmd == aSupervised)
1011 /* In supervised mode, we expect file descriptor 3 to be an
1012 already opened, listening socket.
1014 We will also not detach from the controlling process or close
1015 stderr; the supervisor should handle all of that. */
1016 struct stat statbuf;
1017 if (fstat (3, &statbuf) == -1 && errno == EBADF)
1019 log_error ("file descriptor 3 must be validin --supervised mode\n");
1022 socket_name = gnupg_get_socket_name (3);
1024 /* Now start with logging to a file if this is desired. */
1027 log_set_file (logfile);
1028 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1029 |GPGRT_LOG_WITH_TIME
1030 |GPGRT_LOG_WITH_PID));
1031 current_logfile = xstrdup (logfile);
1034 log_set_prefix (NULL, 0);
1039 http_register_netactivity_cb (netactivity_action);
1040 handle_connections (3);
1043 #endif /*HAVE_W32_SYSTEM*/
1044 else if (cmd == aDaemon)
1049 struct sockaddr_un serv_addr;
1052 wrong_args ("--daemon");
1054 /* Now start with logging to a file if this is desired. */
1057 log_set_file (logfile);
1058 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1059 |GPGRT_LOG_WITH_TIME
1060 |GPGRT_LOG_WITH_PID));
1061 current_logfile = xstrdup (logfile);
1064 #ifndef HAVE_W32_SYSTEM
1065 if (strchr (socket_name, ':'))
1067 log_error (_("colons are not allowed in the socket name\n"));
1071 fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
1072 if (fd == ASSUAN_INVALID_FD)
1074 log_error (_("can't create socket: %s\n"), strerror (errno));
1082 if (assuan_sock_set_sockaddr_un (socket_name,
1083 (struct sockaddr*)&serv_addr,
1086 if (errno == ENAMETOOLONG)
1087 log_error (_("socket name '%s' is too long\n"), socket_name);
1089 log_error ("error preparing socket '%s': %s\n",
1091 gpg_strerror (gpg_error_from_syserror ()));
1096 redir_socket_name = xstrdup (serv_addr.sun_path);
1098 log_info ("redirecting socket '%s' to '%s'\n",
1099 socket_name, redir_socket_name);
1103 len = SUN_LEN (&serv_addr);
1105 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1107 && (errno == EADDRINUSE
1108 #ifdef HAVE_W32_SYSTEM
1113 /* Fixme: We should test whether a dirmngr is already running. */
1114 gnupg_remove (redir_socket_name? redir_socket_name : socket_name);
1115 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1118 && (rc = assuan_sock_get_nonce ((struct sockaddr*) &serv_addr, len, &socket_nonce)))
1119 log_error (_("error getting nonce for the socket\n"));
1122 log_error (_("error binding socket to '%s': %s\n"),
1124 gpg_strerror (gpg_error_from_errno (errno)));
1125 assuan_sock_close (fd);
1130 if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
1131 log_error (_("can't set permissions of '%s': %s\n"),
1132 serv_addr.sun_path, strerror (errno));
1134 if (listen (FD2INT (fd), 5) == -1)
1136 log_error (_("listen() failed: %s\n"), strerror (errno));
1137 assuan_sock_close (fd);
1142 log_info (_("listening on socket '%s'\n"), serv_addr.sun_path);
1146 /* Note: We keep the dirmngr_info output only for the sake of
1147 existing scripts which might use this to detect a successful
1148 start of the dirmngr. */
1149 #ifdef HAVE_W32_SYSTEM
1154 es_printf ("set %s=%s;%lu;1\n",
1155 DIRMNGR_INFO_NAME, socket_name, (ulong) pid);
1158 if (pid == (pid_t)-1)
1160 log_fatal (_("error forking process: %s\n"), strerror (errno));
1165 { /* We are the parent */
1168 /* Don't let cleanup() remove the socket - the child is
1169 responsible for doing that. */
1174 /* Create the info string: <name>:<pid>:<protocol_version> */
1175 if (asprintf (&infostr, "%s=%s:%lu:1",
1176 DIRMNGR_INFO_NAME, serv_addr.sun_path, (ulong)pid ) < 0)
1178 log_error (_("out of core\n"));
1179 kill (pid, SIGTERM);
1182 /* Print the environment string, so that the caller can use
1183 shell's eval to set it. But see above. */
1186 *strchr (infostr, '=') = ' ';
1187 es_printf ( "setenv %s;\n", infostr);
1191 es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME);
1203 /* Detach from tty and put process into a new session */
1207 unsigned int oldflags;
1209 /* Close stdin, stdout and stderr unless it is the log stream */
1210 for (i=0; i <= 2; i++)
1212 if (!log_test_fd (i) && i != fd )
1215 && open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
1217 log_error ("failed to open '%s': %s\n",
1218 "/dev/null", strerror (errno));
1227 log_error ("setsid() failed: %s\n", strerror(errno) );
1231 log_get_prefix (&oldflags);
1232 log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
1233 opt.running_detached = 1;
1237 log_error ("chdir to / failed: %s\n", strerror (errno));
1246 http_register_netactivity_cb (netactivity_action);
1247 handle_connections (fd);
1250 else if (cmd == aListCRLs)
1252 /* Just list the CRL cache and exit. */
1254 wrong_args ("--list-crls");
1256 crl_cache_list (es_stdout);
1258 else if (cmd == aLoadCRL)
1260 struct server_control_s ctrlbuf;
1262 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1263 dirmngr_init_default_ctrl (&ctrlbuf);
1269 rc = crl_cache_load (&ctrlbuf, NULL);
1272 for (; !rc && argc; argc--, argv++)
1273 rc = crl_cache_load (&ctrlbuf, *argv);
1275 dirmngr_deinit_default_ctrl (&ctrlbuf);
1277 else if (cmd == aFetchCRL)
1279 ksba_reader_t reader;
1280 struct server_control_s ctrlbuf;
1283 wrong_args ("--fetch-crl URL");
1285 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1286 dirmngr_init_default_ctrl (&ctrlbuf);
1291 rc = crl_fetch (&ctrlbuf, argv[0], &reader);
1293 log_error (_("fetching CRL from '%s' failed: %s\n"),
1294 argv[0], gpg_strerror (rc));
1297 rc = crl_cache_insert (&ctrlbuf, argv[0], reader);
1299 log_error (_("processing CRL from '%s' failed: %s\n"),
1300 argv[0], gpg_strerror (rc));
1301 crl_close_reader (reader);
1303 dirmngr_deinit_default_ctrl (&ctrlbuf);
1305 else if (cmd == aFlush)
1307 /* Delete cache and exit. */
1309 wrong_args ("--flush");
1310 rc = crl_cache_flush();
1312 else if (cmd == aGPGConfTest)
1314 else if (cmd == aGPGConfList)
1316 unsigned long flags = 0;
1320 /* First the configuration file. This is not an option, but it
1321 is vital information for GPG Conf. */
1322 if (!opt.config_filename)
1323 opt.config_filename = make_filename (gnupg_homedir (),
1324 "dirmngr.conf", NULL );
1326 filename = percent_escape (opt.config_filename, NULL);
1327 es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
1328 GC_OPT_FLAG_DEFAULT, filename);
1331 es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
1332 es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
1333 es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
1334 es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
1335 es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
1337 /* --csh and --sh are mutually exclusive, something we can not
1338 express in GPG Conf. --options is only usable from the
1339 command line, really. --debug-all interacts with --debug,
1340 and having both of them is thus problematic. --no-detach is
1341 also only usable on the command line. --batch is unused. */
1343 filename = make_filename (gnupg_homedir (),
1344 "dirmngr_ldapservers.conf",
1346 filename_esc = percent_escape (filename, NULL);
1347 es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
1349 xfree (filename_esc);
1352 es_printf ("ldaptimeout:%lu:%u\n",
1353 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
1354 es_printf ("max-replies:%lu:%u\n",
1355 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
1356 es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1357 es_printf ("allow-version-check:%lu:\n", flags | GC_OPT_FLAG_NONE);
1358 es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
1359 es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
1361 es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
1362 es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
1364 es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
1365 es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
1366 es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
1367 es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1368 es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1369 es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1370 es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1371 es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1372 es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1373 /* Note: The next one is to fix a typo in gpgconf - should be
1374 removed eventually. */
1375 es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1377 es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE);
1378 es_printf ("keyserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1379 es_printf ("nameserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1380 es_printf ("resolver-timeout:%lu:%u\n",
1381 flags | GC_OPT_FLAG_DEFAULT, 0);
1391 crl_cache_deinit ();
1392 cert_cache_deinit (1);
1393 reload_dns_stuff (1);
1396 ldapserver_list_free (opt.ldapservers);
1398 opt.ldapservers = NULL;
1403 if (redir_socket_name)
1404 gnupg_remove (redir_socket_name);
1405 else if (socket_name && *socket_name)
1406 gnupg_remove (socket_name);
1412 dirmngr_exit (int rc)
1420 dirmngr_init_default_ctrl (ctrl_t ctrl)
1423 ctrl->http_proxy = xstrdup (opt.http_proxy);
1428 dirmngr_deinit_default_ctrl (ctrl_t ctrl)
1432 xfree (ctrl->http_proxy);
1433 ctrl->http_proxy = NULL;
1437 /* Create a list of LDAP servers from the file FILENAME. Returns the
1438 list or NULL in case of errors.
1440 The format fo such a file is line oriented where empty lines and
1441 lines starting with a hash mark are ignored. All other lines are
1442 assumed to be colon seprated with these fields:
1445 2. field: Portnumber
1452 static ldap_server_t
1453 parse_ldapserver_file (const char* filename)
1457 ldap_server_t server, serverstart, *serverend;
1459 unsigned int lineno = 0;
1462 fp = es_fopen (filename, "r");
1465 log_error (_("error opening '%s': %s\n"), filename, strerror (errno));
1470 serverend = &serverstart;
1471 while (es_fgets (buffer, sizeof buffer, fp))
1474 if (!*buffer || buffer[strlen(buffer)-1] != '\n')
1476 if (*buffer && es_feof (fp))
1477 ; /* Last line not terminated - continue. */
1480 log_error (_("%s:%u: line too long - skipped\n"),
1482 while ( (c=es_fgetc (fp)) != EOF && c != '\n')
1483 ; /* Skip until end of line. */
1487 /* Skip empty and comment lines.*/
1488 for (p=buffer; spacep (p); p++)
1490 if (!*p || *p == '\n' || *p == '#')
1493 /* Parse the colon separated fields. */
1494 server = ldapserver_parse_one (buffer, filename, lineno);
1497 *serverend = server;
1498 serverend = &server->next;
1503 log_error (_("error reading '%s': %s\n"), filename, strerror (errno));
1510 static fingerprint_list_t
1511 parse_ocsp_signer (const char *string)
1518 fingerprint_list_t list, *list_tail, item;
1519 unsigned int lnr = 0;
1524 /* Check whether this is not a filename and treat it as a direct
1525 fingerprint specification. */
1526 if (!strpbrk (string, "/.~\\"))
1528 item = xcalloc (1, sizeof *item);
1529 for (i=j=0; (string[i] == ':' || hexdigitp (string+i)) && j < 40; i++)
1530 if ( string[i] != ':' )
1531 item->hexfpr[j++] = string[i] >= 'a'? (string[i] & 0xdf): string[i];
1532 item->hexfpr[j] = 0;
1533 if (j != 40 || !(spacep (string+i) || !string[i]))
1535 log_error (_("%s:%u: invalid fingerprint detected\n"),
1536 "--ocsp-signer", 0);
1543 /* Well, it is a filename. */
1544 if (*string == '/' || (*string == '~' && string[1] == '/'))
1545 fname = make_filename (string, NULL);
1548 if (string[0] == '.' && string[1] == '/' )
1550 fname = make_filename (gnupg_homedir (), string, NULL);
1553 fp = es_fopen (fname, "r");
1556 err = gpg_error_from_syserror ();
1557 log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
1566 if (!es_fgets (line, DIM(line)-1, fp) )
1570 err = gpg_error_from_syserror ();
1571 log_error (_("%s:%u: read error: %s\n"),
1572 fname, lnr, gpg_strerror (err));
1580 fingerprint_list_t tmp = list->next;
1586 return list; /* Ready. */
1590 if (!*line || line[strlen(line)-1] != '\n')
1592 /* Eat until end of line. */
1593 while ( (c=es_getc (fp)) != EOF && c != '\n')
1595 err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
1596 /* */: GPG_ERR_INCOMPLETE_LINE);
1597 log_error (_("%s:%u: read error: %s\n"),
1598 fname, lnr, gpg_strerror (err));
1603 /* Allow for empty lines and spaces */
1604 for (p=line; spacep (p); p++)
1606 if (!*p || *p == '\n' || *p == '#')
1609 item = xcalloc (1, sizeof *item);
1611 list_tail = &item->next;
1613 for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
1615 item->hexfpr[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
1616 item->hexfpr[j] = 0;
1617 if (j != 40 || !(spacep (p+i) || p[i] == '\n'))
1619 log_error (_("%s:%u: invalid fingerprint detected\n"), fname, lnr);
1623 while (spacep (p+i))
1625 if (p[i] && p[i] != '\n')
1626 log_info (_("%s:%u: garbage at end of line ignored\n"), fname, lnr);
1635 Stuff used in daemon mode.
1640 /* Reread parts of the configuration. Note, that this function is
1641 obviously not thread-safe and should only be called from the NPTH
1644 Fixme: Due to the way the argument parsing works, we create a
1645 memory leak here for all string type arguments. There is currently
1646 no clean way to tell whether the memory for the argument has been
1647 allocated or points into the process' original arguments. Unless
1648 we have a mechanism to tell this, we need to live on with this. */
1650 reread_configuration (void)
1652 ARGPARSE_ARGS pargs;
1654 unsigned int configlineno = 0;
1657 if (!opt.config_filename)
1658 return; /* No config file. */
1660 fp = fopen (opt.config_filename, "r");
1663 log_error (_("option file '%s': %s\n"),
1664 opt.config_filename, strerror(errno) );
1668 parse_rereadable_options (NULL, 1); /* Start from the default values. */
1670 memset (&pargs, 0, sizeof pargs);
1672 pargs.argc = &dummy;
1673 pargs.flags = 1; /* do not remove the args */
1674 while (optfile_parse (fp, opt.config_filename, &configlineno, &pargs, opts) )
1676 if (pargs.r_opt < -1)
1677 pargs.err = 1; /* Print a warning. */
1678 else /* Try to parse this option - ignore unchangeable ones. */
1679 parse_rereadable_options (&pargs, 1);
1688 /* A global function which allows us to trigger the reload stuff from
1691 dirmngr_sighup_action (void)
1693 log_info (_("SIGHUP received - "
1694 "re-reading configuration and flushing caches\n"));
1695 reread_configuration ();
1696 cert_cache_deinit (0);
1697 crl_cache_deinit ();
1700 reload_dns_stuff (0);
1704 /* This function is called if some network activity was done. At this
1705 * point we know the we have a network and we can decide whether to
1706 * run scheduled background tasks soon. The function should return
1707 * quickly and only trigger actions for another thread. */
1709 netactivity_action (void)
1711 network_activity_seen = 1;
1715 /* The signal handler. */
1716 #ifndef HAVE_W32_SYSTEM
1718 handle_signal (int signo)
1723 dirmngr_sighup_action ();
1727 cert_cache_print_stats ();
1731 log_info (_("SIGUSR2 received - no action defined\n"));
1735 if (!shutdown_pending)
1736 log_info (_("SIGTERM received - shutting down ...\n"));
1738 log_info (_("SIGTERM received - still %d active connections\n"),
1739 active_connections);
1741 if (shutdown_pending > 2)
1743 log_info (_("shutdown forced\n"));
1744 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
1751 log_info (_("SIGINT received - immediate shutdown\n"));
1752 log_info( "%s %s stopped\n", strusage(11), strusage(13));
1758 log_info (_("signal %d received - no action defined\n"), signo);
1761 #endif /*!HAVE_W32_SYSTEM*/
1764 /* Check the nonce on a new connection. This is a NOP unless we are
1765 using our Unix domain socket emulation under Windows. */
1767 check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
1769 if (assuan_sock_check_nonce (fd, nonce))
1771 log_info (_("error reading nonce on fd %d: %s\n"),
1772 FD2INT (fd), strerror (errno));
1773 assuan_sock_close (fd);
1781 /* Helper to call a connection's main function. */
1783 start_connection_thread (void *arg)
1785 union int_and_ptr_u argval;
1788 memset (&argval, 0, sizeof argval);
1792 if (check_nonce (fd, &socket_nonce))
1794 log_error ("handler nonce check FAILED\n");
1798 #ifndef HAVE_W32_SYSTEM
1799 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1802 active_connections++;
1804 log_info (_("handler for fd %d started\n"), FD2INT (fd));
1806 start_command_handler (fd);
1809 log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
1810 active_connections--;
1812 #ifndef HAVE_W32_SYSTEM
1813 argval.afd = ASSUAN_INVALID_FD;
1814 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1821 #ifdef HAVE_INOTIFY_INIT
1822 /* Read an inotify event and return true if it matches NAME. */
1824 my_inotify_is_name (int fd, const char *name)
1827 struct inotify_event ev;
1828 char _buf[sizeof (struct inotify_event) + 100 + 1];
1833 s = strrchr (name, '/');
1837 n = npth_read (fd, &buf, sizeof buf);
1838 if (n < sizeof (struct inotify_event))
1840 if (buf.ev.len < strlen (name)+1)
1842 if (strcmp (buf.ev.name, name))
1843 return 0; /* Not the desired file. */
1845 return 1; /* Found. */
1847 #endif /*HAVE_INOTIFY_INIT*/
1850 /* Main loop in daemon mode. Note that LISTEN_FD will be owned by
1853 handle_connections (assuan_fd_t listen_fd)
1856 #ifndef HAVE_W32_SYSTEM
1859 struct sockaddr_un paddr;
1860 socklen_t plen = sizeof( paddr );
1863 fd_set fdset, read_fdset;
1865 int my_inotify_fd = -1;
1867 npth_attr_init (&tattr);
1868 npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
1870 #ifndef HAVE_W32_SYSTEM /* FIXME */
1872 npth_sigev_add (SIGHUP);
1873 npth_sigev_add (SIGUSR1);
1874 npth_sigev_add (SIGUSR2);
1875 npth_sigev_add (SIGINT);
1876 npth_sigev_add (SIGTERM);
1880 #ifdef HAVE_INOTIFY_INIT
1881 if (disable_check_own_socket)
1883 else if ((my_inotify_fd = inotify_init ()) == -1)
1884 log_info ("error enabling fast daemon termination: %s\n",
1888 /* We need to watch the directory for the file because there
1889 * won't be an IN_DELETE_SELF for a socket file. */
1890 char *slash = strrchr (socket_name, '/');
1891 log_assert (slash && slash[1]);
1893 if (inotify_add_watch (my_inotify_fd, socket_name, IN_DELETE) == -1)
1895 close (my_inotify_fd);
1900 #endif /*HAVE_INOTIFY_INIT*/
1903 /* Setup the fdset. */
1905 FD_SET (FD2INT (listen_fd), &fdset);
1906 nfd = FD2INT (listen_fd);
1907 if (my_inotify_fd != -1)
1909 FD_SET (my_inotify_fd, &fdset);
1910 if (my_inotify_fd > nfd)
1911 nfd = my_inotify_fd;
1917 /* Shutdown test. */
1918 if (shutdown_pending)
1920 if (!active_connections)
1923 /* Do not accept new connections but keep on running the
1924 * select loop to wait for signals (e.g. SIGCHLD).
1926 * Note that we do not close the listening socket because a
1927 * client trying to connect to that socket would instead
1928 * restart a new dirmngr instance - which is unlikely the
1929 * intention of a shutdown. */
1930 /* assuan_sock_close (listen_fd); */
1931 /* listen_fd = -1; */
1934 if (my_inotify_fd != -1)
1936 FD_SET (my_inotify_fd, &fdset);
1937 nfd = my_inotify_fd;
1941 /* Take a copy of the fdset. */
1944 #ifndef HAVE_W32_SYSTEM
1945 ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL, npth_sigev_sigmask());
1946 saved_errno = errno;
1948 while (npth_sigev_get_pending(&signo))
1949 handle_signal (signo);
1951 ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL, NULL, NULL);
1952 saved_errno = errno;
1955 if (ret == -1 && saved_errno != EINTR)
1957 log_error (_("npth_pselect failed: %s - waiting 1s\n"),
1958 strerror (saved_errno));
1965 /* Interrupt. Will be handled at the top of the next loop. */
1969 if (shutdown_pending)
1971 /* Do not anymore accept connections. */
1975 #ifdef HAVE_INOTIFY_INIT
1976 if (my_inotify_fd != -1 && FD_ISSET (my_inotify_fd, &read_fdset)
1977 && my_inotify_is_name (my_inotify_fd, socket_name))
1979 shutdown_pending = 1;
1980 log_info ("socket file has been removed - shutting down\n");
1982 #endif /*HAVE_INOTIFY_INIT*/
1984 if (FD_ISSET (FD2INT (listen_fd), &read_fdset))
1986 plen = sizeof paddr;
1987 fd = INT2FD (npth_accept (FD2INT(listen_fd),
1988 (struct sockaddr *)&paddr, &plen));
1989 if (fd == GNUPG_INVALID_FD)
1991 log_error ("accept failed: %s\n", strerror (errno));
1995 char threadname[50];
1996 union int_and_ptr_u argval;
1999 memset (&argval, 0, sizeof argval);
2001 snprintf (threadname, sizeof threadname,
2002 "conn fd=%d", FD2INT(fd));
2004 ret = npth_create (&thread, &tattr,
2005 start_connection_thread, argval.aptr);
2008 log_error ("error spawning connection handler: %s\n",
2010 assuan_sock_close (fd);
2012 npth_setname_np (thread, threadname);
2014 fd = GNUPG_INVALID_FD;
2018 #ifdef HAVE_INOTIFY_INIT
2019 if (my_inotify_fd != -1)
2020 close (my_inotify_fd);
2021 #endif /*HAVE_INOTIFY_INIT*/
2022 npth_attr_destroy (&tattr);
2023 if (listen_fd != -1)
2024 assuan_sock_close (fd);
2026 log_info ("%s %s stopped\n", strusage(11), strusage(13));
2030 dirmngr_get_current_socket_name (void)
2035 return dirmngr_socket_name ();