1 /* dirmngr.c - Keyserver and X.509 LDAP access
2 * Copyright (C) 2002 Klarälvdalens Datakonsult AB
3 * Copyright (C) 2003, 2004, 2006, 2007, 2008, 2010, 2011 g10 Code GmbH
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <https://www.gnu.org/licenses/>.
33 #ifndef HAVE_W32_SYSTEM
34 #include <sys/socket.h>
42 #ifdef HAVE_INOTIFY_INIT
43 # include <sys/inotify.h>
44 #endif /*HAVE_INOTIFY_INIT*/
47 #include "dirmngr-err.h"
52 # include <gnutls/gnutls.h>
53 #endif /*HTTP_USE_GNUTLS*/
56 #define GNUPG_COMMON_NEED_AFLOCAL
61 #include "certcache.h"
66 # include "ldapserver.h"
70 # include "ldap-wrapper.h"
72 #include "../common/init.h"
73 #include "gc-opt-flags.h"
74 #include "dns-stuff.h"
77 # define ENAMETOOLONG EINVAL
81 enum cmd_and_opt_values {
138 oIgnoreCertExtension,
142 oDisableCheckOwnSocket,
151 static ARGPARSE_OPTS opts[] = {
153 ARGPARSE_group (300, N_("@Commands:\n ")),
155 ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
156 ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
157 #ifndef HAVE_W32_SYSTEM
158 ARGPARSE_c (aSupervised, "supervised", N_("run in supervised mode")),
160 ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
161 ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
162 ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
163 ARGPARSE_c (aShutdown, "shutdown", N_("shutdown the dirmngr")),
164 ARGPARSE_c (aFlush, "flush", N_("flush the cache")),
165 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
166 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
168 ARGPARSE_group (301, N_("@\nOptions:\n ")),
170 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
171 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
172 ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
173 ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
174 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
175 ARGPARSE_s_s (oDebugLevel, "debug-level",
176 N_("|LEVEL|set the debugging level to LEVEL")),
177 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
178 ARGPARSE_s_s (oLogFile, "log-file",
179 N_("|FILE|write server mode logs to FILE")),
180 ARGPARSE_s_n (oBatch, "batch", N_("run without asking a user")),
181 ARGPARSE_s_n (oForce, "force", N_("force loading of outdated CRLs")),
182 ARGPARSE_s_n (oAllowOCSP, "allow-ocsp", N_("allow sending OCSP requests")),
183 ARGPARSE_s_n (oAllowVersionCheck, "allow-version-check",
184 N_("allow online software version check")),
185 ARGPARSE_s_n (oDisableHTTP, "disable-http", N_("inhibit the use of HTTP")),
186 ARGPARSE_s_n (oDisableLDAP, "disable-ldap", N_("inhibit the use of LDAP")),
187 ARGPARSE_s_n (oIgnoreHTTPDP,"ignore-http-dp",
188 N_("ignore HTTP CRL distribution points")),
189 ARGPARSE_s_n (oIgnoreLDAPDP,"ignore-ldap-dp",
190 N_("ignore LDAP CRL distribution points")),
191 ARGPARSE_s_n (oIgnoreOCSPSvcUrl, "ignore-ocsp-service-url",
192 N_("ignore certificate contained OCSP service URLs")),
194 ARGPARSE_s_s (oHTTPProxy, "http-proxy",
195 N_("|URL|redirect all HTTP requests to URL")),
196 ARGPARSE_s_s (oLDAPProxy, "ldap-proxy",
197 N_("|HOST|use HOST for LDAP queries")),
198 ARGPARSE_s_n (oOnlyLDAPProxy, "only-ldap-proxy",
199 N_("do not use fallback hosts with --ldap-proxy")),
201 ARGPARSE_s_s (oLDAPFile, "ldapserverlist-file",
202 N_("|FILE|read LDAP server list from FILE")),
203 ARGPARSE_s_n (oLDAPAddServers, "add-servers",
204 N_("add new servers discovered in CRL distribution"
205 " points to serverlist")),
206 ARGPARSE_s_i (oLDAPTimeout, "ldaptimeout",
207 N_("|N|set LDAP timeout to N seconds")),
209 ARGPARSE_s_s (oOCSPResponder, "ocsp-responder",
210 N_("|URL|use OCSP responder at URL")),
211 ARGPARSE_s_s (oOCSPSigner, "ocsp-signer",
212 N_("|FPR|OCSP response signed by FPR")),
213 ARGPARSE_s_i (oOCSPMaxClockSkew, "ocsp-max-clock-skew", "@"),
214 ARGPARSE_s_i (oOCSPMaxPeriod, "ocsp-max-period", "@"),
215 ARGPARSE_s_i (oOCSPCurrentPeriod, "ocsp-current-period", "@"),
217 ARGPARSE_s_i (oMaxReplies, "max-replies",
218 N_("|N|do not return more than N items in one query")),
220 ARGPARSE_s_s (oNameServer, "nameserver", "@"),
221 ARGPARSE_s_s (oKeyServer, "keyserver", "@"),
222 ARGPARSE_s_s (oHkpCaCert, "hkp-cacert",
223 N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
225 ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
227 ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
229 ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
230 ARGPARSE_s_s (oDebug, "debug", "@"),
231 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
232 ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
233 ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
234 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
235 ARGPARSE_s_n (oDisableCheckOwnSocket, "disable-check-own-socket", "@"),
236 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
237 ARGPARSE_s_s (oHomedir, "homedir", "@"),
238 ARGPARSE_s_s (oLDAPWrapperProgram, "ldap-wrapper-program", "@"),
239 ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"),
240 ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy", "@"),
241 ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"),
242 ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"),
243 ARGPARSE_s_n (oRecursiveResolver, "recursive-resolver", "@"),
244 ARGPARSE_s_i (oResolverTimeout, "resolver-timeout", "@"),
246 ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing "
247 "of all commands and options)\n")),
252 /* The list of supported debug flags. */
253 static struct debug_flags_s debug_flags [] =
255 { DBG_X509_VALUE , "x509" },
256 { DBG_CRYPTO_VALUE , "crypto" },
257 { DBG_MEMORY_VALUE , "memory" },
258 { DBG_CACHE_VALUE , "cache" },
259 { DBG_MEMSTAT_VALUE, "memstat" },
260 { DBG_HASHING_VALUE, "hashing" },
261 { DBG_IPC_VALUE , "ipc" },
262 { DBG_DNS_VALUE , "dns" },
263 { DBG_NETWORK_VALUE, "network" },
264 { DBG_LOOKUP_VALUE , "lookup" },
265 { 77, NULL } /* 77 := Do not exit on "help" or "?". */
268 #define DEFAULT_MAX_REPLIES 10
269 #define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
271 /* For the cleanup handler we need to keep track of the socket's name. */
272 static const char *socket_name;
273 /* If the socket has been redirected, this is the name of the
274 redirected socket.. */
275 static const char *redir_socket_name;
277 /* We need to keep track of the server's nonces (these are dummies for
279 static assuan_sock_nonce_t socket_nonce;
281 /* Only if this flag has been set will we remove the socket file. */
282 static int cleanup_socket;
284 /* Keep track of the current log file so that we can avoid updating
285 the log file after a SIGHUP if it didn't changed. Malloced. */
286 static char *current_logfile;
288 /* Helper to implement --debug-level. */
289 static const char *debug_level;
291 /* Helper to set the NTBTLS or GNUTLS log level. */
292 static int opt_gnutls_debug = -1;
294 /* Flag indicating that a shutdown has been requested. */
295 static volatile int shutdown_pending;
297 /* Flags to indicate that we shall not watch our own socket. */
298 static int disable_check_own_socket;
300 /* Counter for the active connections. */
301 static int active_connections;
303 /* This flag is set by any network access and used by the housekeeping
304 * thread to run background network tasks. */
305 static int network_activity_seen;
307 /* This union is used to avoid compiler warnings in case a pointer is
308 64 bit and an int 32 bit. We store an integer in a pointer and get
309 it back later (npth_getspecific et al.). */
319 /* The key used to store the current file descriptor in the thread
320 local storage. We use this in conjunction with the
321 log_set_pid_suffix_cb feature. */
322 #ifndef HAVE_W32_SYSTEM
323 static int my_tlskey_current_fd;
327 static void cleanup (void);
329 static ldap_server_t parse_ldapserver_file (const char* filename);
331 static fingerprint_list_t parse_ocsp_signer (const char *string);
332 static void netactivity_action (void);
333 static void handle_connections (assuan_fd_t listen_fd);
335 /* NPth wrapper function definitions. */
336 ASSUAN_SYSTEM_NPTH_IMPL;
339 my_strusage( int level )
344 case 11: p = "@DIRMNGR@ (@GNUPG@)";
346 case 13: p = VERSION; break;
347 case 17: p = PRINTABLE_OS_NAME; break;
348 /* TRANSLATORS: @EMAIL@ will get replaced by the actual bug
349 reporting address. This is so that we can change the
350 reporting address without breaking the translations. */
351 case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
352 case 49: p = PACKAGE_BUGREPORT; break;
354 case 40: p = _("Usage: @DIRMNGR@ [options] (-h for help)");
356 case 41: p = _("Syntax: @DIRMNGR@ [options] [command [args]]\n"
357 "Keyserver, CRL, and OCSP access for @GNUPG@\n");
366 /* Callback from libksba to hash a provided buffer. Our current
367 implementation does only allow SHA-1 for hashing. This may be
368 extended by mapping the name, testing for algorithm availibility
369 and adjust the length checks accordingly. */
371 my_ksba_hash_buffer (void *arg, const char *oid,
372 const void *buffer, size_t length, size_t resultsize,
373 unsigned char *result, size_t *resultlen)
377 if (oid && strcmp (oid, "1.3.14.3.2.26"))
378 return gpg_error (GPG_ERR_NOT_SUPPORTED);
380 return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
381 gcry_md_hash_buffer (2, result, buffer, length);
387 /* GNUTLS log function callback. */
388 #ifdef HTTP_USE_GNUTLS
390 my_gnutls_log (int level, const char *text)
395 while (n && text[n-1] == '\n')
398 log_debug ("gnutls:L%d: %.*s\n", level, n, text);
400 #endif /*HTTP_USE_GNUTLS*/
402 /* Setup the debugging. With a LEVEL of NULL only the active debug
403 flags are propagated to the subsystems. With LEVEL set, a specific
404 set of debug flags is set; thus overriding all flags already
409 int numok = (debug_level && digitp (debug_level));
410 int numlvl = numok? atoi (debug_level) : 0;
414 else if (!strcmp (debug_level, "none") || (numok && numlvl < 1))
416 else if (!strcmp (debug_level, "basic") || (numok && numlvl <= 2))
417 opt.debug = DBG_IPC_VALUE;
418 else if (!strcmp (debug_level, "advanced") || (numok && numlvl <= 5))
419 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE);
420 else if (!strcmp (debug_level, "expert") || (numok && numlvl <= 8))
421 opt.debug = (DBG_IPC_VALUE|DBG_X509_VALUE|DBG_LOOKUP_VALUE
422 |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
423 else if (!strcmp (debug_level, "guru") || numok)
426 /* Unless the "guru" string has been used we don't want to allow
427 hashing debugging. The rationale is that people tend to
428 select the highest debug value and would then clutter their
429 disk with debug files which may reveal confidential data. */
431 opt.debug &= ~(DBG_HASHING_VALUE);
435 log_error (_("invalid debug-level '%s' given\n"), debug_level);
436 log_info (_("valid debug levels are: %s\n"),
437 "none, basic, advanced, expert, guru");
438 opt.debug = 0; /* Reset debugging, so that prior debug
439 statements won't have an undesired effect. */
443 if (opt.debug && !opt.verbose)
446 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
448 if (opt.debug && opt.quiet)
451 if (opt.debug & DBG_CRYPTO_VALUE )
452 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
455 if (opt_gnutls_debug >= 0)
457 ntbtls_set_debug (opt_gnutls_debug, NULL, NULL);
459 #elif HTTP_USE_GNUTLS
460 if (opt_gnutls_debug >= 0)
462 gnutls_global_set_log_function (my_gnutls_log);
463 gnutls_global_set_log_level (opt_gnutls_debug);
465 #endif /*HTTP_USE_GNUTLS*/
468 parse_debug_flag (NULL, &opt.debug, debug_flags);
477 /* Enable Tor mode and when called again force a new curcuit
478 * (e.g. on SIGHUP). */
479 enable_dns_tormode (1);
480 if (assuan_sock_set_flag (ASSUAN_INVALID_FD, "tor-mode", 1))
482 log_error ("error enabling Tor mode: %s\n", strerror (errno));
483 log_info ("(is your Libassuan recent enough?)\n");
490 wrong_args (const char *text)
492 es_fprintf (es_stderr, _("usage: %s [options] "), DIRMNGR_NAME);
493 es_fputs (text, es_stderr);
494 es_putc ('\n', es_stderr);
499 /* Helper to stop the reaper thread for the ldap wrapper. */
501 shutdown_reaper (void)
504 ldap_wrapper_wait_connections ();
509 /* Handle options which are allowed to be reset after program start.
510 Return true if the current option in PARGS could be handled and
511 false if not. As a special feature, passing a value of NULL for
512 PARGS, resets the options to the default. REREAD should be set
513 true if it is not the initial option parsing. */
515 parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
522 opt.ldap_wrapper_program = NULL;
523 opt.disable_http = 0;
524 opt.disable_ldap = 0;
525 opt.honor_http_proxy = 0;
526 opt.http_proxy = NULL;
527 opt.ldap_proxy = NULL;
528 opt.only_ldap_proxy = 0;
529 opt.ignore_http_dp = 0;
530 opt.ignore_ldap_dp = 0;
531 opt.ignore_ocsp_service_url = 0;
533 opt.allow_version_check = 0;
534 opt.ocsp_responder = NULL;
535 opt.ocsp_max_clock_skew = 10 * 60; /* 10 minutes. */
536 opt.ocsp_max_period = 90 * 86400; /* 90 days. */
537 opt.ocsp_current_period = 3 * 60 * 60; /* 3 hours. */
538 opt.max_replies = DEFAULT_MAX_REPLIES;
539 while (opt.ocsp_signer)
541 fingerprint_list_t tmp = opt.ocsp_signer->next;
542 xfree (opt.ocsp_signer);
543 opt.ocsp_signer = tmp;
545 FREE_STRLIST (opt.ignored_cert_extensions);
546 http_register_tls_ca (NULL);
547 FREE_STRLIST (opt.keyserver);
548 /* Note: We do not allow resetting of opt.use_tor at runtime. */
549 disable_check_own_socket = 0;
550 enable_standard_resolver (0);
555 switch (pargs->r_opt)
557 case oQuiet: opt.quiet = 1; break;
558 case oVerbose: opt.verbose++; break;
560 parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
562 case oDebugAll: opt.debug = ~0; break;
563 case oDebugLevel: debug_level = pargs->r.ret_str; break;
564 case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
568 return 0; /* Not handled. */
569 if (!current_logfile || !pargs->r.ret_str
570 || strcmp (current_logfile, pargs->r.ret_str))
572 log_set_file (pargs->r.ret_str);
573 xfree (current_logfile);
574 current_logfile = xtrystrdup (pargs->r.ret_str);
578 case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
580 case oLDAPWrapperProgram:
581 opt.ldap_wrapper_program = pargs->r.ret_str;
583 case oHTTPWrapperProgram:
584 opt.http_wrapper_program = pargs->r.ret_str;
587 case oDisableHTTP: opt.disable_http = 1; break;
588 case oDisableLDAP: opt.disable_ldap = 1; break;
589 case oHonorHTTPProxy: opt.honor_http_proxy = 1; break;
590 case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break;
591 case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break;
592 case oOnlyLDAPProxy: opt.only_ldap_proxy = 1; break;
593 case oIgnoreHTTPDP: opt.ignore_http_dp = 1; break;
594 case oIgnoreLDAPDP: opt.ignore_ldap_dp = 1; break;
595 case oIgnoreOCSPSvcUrl: opt.ignore_ocsp_service_url = 1; break;
597 case oAllowOCSP: opt.allow_ocsp = 1; break;
598 case oAllowVersionCheck: opt.allow_version_check = 1; break;
599 case oOCSPResponder: opt.ocsp_responder = pargs->r.ret_str; break;
601 opt.ocsp_signer = parse_ocsp_signer (pargs->r.ret_str);
603 case oOCSPMaxClockSkew: opt.ocsp_max_clock_skew = pargs->r.ret_int; break;
604 case oOCSPMaxPeriod: opt.ocsp_max_period = pargs->r.ret_int; break;
605 case oOCSPCurrentPeriod: opt.ocsp_current_period = pargs->r.ret_int; break;
607 case oMaxReplies: opt.max_replies = pargs->r.ret_int; break;
613 /* Do tilde expansion and make path absolute. */
614 tmpname = make_absfilename (pargs->r.ret_str, NULL);
615 http_register_tls_ca (tmpname);
620 case oIgnoreCertExtension:
621 add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
624 case oUseTor: opt.use_tor = 1; break;
626 case oStandardResolver: enable_standard_resolver (1); break;
627 case oRecursiveResolver: enable_recursive_resolver (1); break;
630 if (*pargs->r.ret_str)
631 add_to_strlist (&opt.keyserver, pargs->r.ret_str);
635 set_dns_nameserver (pargs->r.ret_str);
638 case oResolverTimeout:
639 set_dns_timeout (pargs->r.ret_int);
643 return 0; /* Not handled. */
646 set_dns_verbose (opt.verbose, !!DBG_DNS);
647 http_set_verbose (opt.verbose, !!DBG_NETWORK);
649 return 1; /* Handled. */
653 #ifndef HAVE_W32_SYSTEM
655 pid_suffix_callback (unsigned long *r_suffix)
657 union int_and_ptr_u value;
659 memset (&value, 0, sizeof value);
660 value.aptr = npth_getspecific (my_tlskey_current_fd);
661 *r_suffix = value.aint;
662 return (*r_suffix != -1); /* Use decimal representation. */
664 #endif /*!HAVE_W32_SYSTEM*/
671 gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
673 /* Now with NPth running we can set the logging callback. Our
674 windows implementation does not yet feature the NPth TLS
676 #ifndef HAVE_W32_SYSTEM
677 if (npth_key_create (&my_tlskey_current_fd, NULL) == 0)
678 if (npth_setspecific (my_tlskey_current_fd, NULL) == 0)
679 log_set_pid_suffix_cb (pid_suffix_callback);
680 #endif /*!HAVE_W32_SYSTEM*/
685 main (int argc, char **argv)
687 enum cmd_and_opt_values cmd = 0;
691 FILE *configfp = NULL;
692 char *configname = NULL;
694 unsigned configlineno;
696 int default_config =1;
701 char *logfile = NULL;
703 char *ldapfile = NULL;
707 struct assuan_malloc_hooks malloc_hooks;
709 early_system_init ();
710 set_strusage (my_strusage);
711 log_set_prefix (DIRMNGR_NAME, GPGRT_LOG_WITH_PREFIX | GPGRT_LOG_WITH_PID);
713 /* Make sure that our subsystems are ready. */
715 init_common_subsystems (&argc, &argv);
717 gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
719 /* Check that the libraries are suitable. Do it here because
720 the option parsing may need services of the libraries. */
721 if (!ksba_check_version (NEED_KSBA_VERSION) )
722 log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba",
723 NEED_KSBA_VERSION, ksba_check_version (NULL) );
725 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
726 ksba_set_hash_buffer_function (my_ksba_hash_buffer, NULL);
728 /* Init TLS library. */
730 if (!ntbtls_check_version (NEED_NTBTLS_VERSION) )
731 log_fatal( _("%s is too old (need %s, have %s)\n"), "ntbtls",
732 NEED_NTBTLS_VERSION, ntbtls_check_version (NULL) );
733 #elif HTTP_USE_GNUTLS
734 rc = gnutls_global_init ();
736 log_fatal ("gnutls_global_init failed: %s\n", gnutls_strerror (rc));
737 #endif /*HTTP_USE_GNUTLS*/
740 malloc_hooks.malloc = gcry_malloc;
741 malloc_hooks.realloc = gcry_realloc;
742 malloc_hooks.free = gcry_free;
743 assuan_set_malloc_hooks (&malloc_hooks);
744 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
745 assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
746 assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
748 setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
750 setup_libgcrypt_logging ();
752 /* Setup defaults. */
753 shell = getenv ("SHELL");
754 if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
757 /* Reset rereadable options to default values. */
758 parse_rereadable_options (NULL, 0);
761 opt.add_new_ldapservers = 0;
762 opt.ldaptimeout = DEFAULT_LDAP_TIMEOUT;
764 /* Other defaults. */
766 /* Check whether we have a config file given on the commandline */
771 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
772 while (arg_parse( &pargs, opts))
774 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
776 else if (pargs.r_opt == oOptions)
777 { /* Yes there is one, so we do not try the default one, but
778 read the option file when it is encountered at the
782 else if (pargs.r_opt == oNoOptions)
783 default_config = 0; /* --no-options */
784 else if (pargs.r_opt == oHomedir)
786 gnupg_set_homedir (pargs.r.ret_str);
790 socket_name = dirmngr_socket_name ();
792 configname = make_filename (gnupg_homedir (), DIRMNGR_NAME".conf", NULL );
798 pargs.flags= 1; /* do not remove the args */
803 configfp = fopen (configname, "r");
809 log_info (_("Note: no default option file '%s'\n"),
814 log_error (_("option file '%s': %s\n"),
815 configname, strerror(errno) );
821 if (parse_debug && configname )
822 log_info (_("reading options from '%s'\n"), configname );
826 while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
828 if (parse_rereadable_options (&pargs, 0))
829 continue; /* Already handled */
845 case oQuiet: opt.quiet = 1; break;
846 case oVerbose: opt.verbose++; break;
847 case oBatch: opt.batch=1; break;
849 case oDebugWait: debug_wait = pargs.r.ret_int; break;
852 /* Config files may not be nested (silently ignore them) */
856 configname = xstrdup(pargs.r.ret_str);
860 case oNoGreeting: nogreeting = 1; break;
861 case oNoVerbose: opt.verbose = 0; break;
862 case oNoOptions: break; /* no-options */
863 case oHomedir: /* Ignore this option here. */; break;
864 case oNoDetach: nodetach = 1; break;
865 case oLogFile: logfile = pargs.r.ret_str; break;
866 case oCsh: csh_style = 1; break;
867 case oSh: csh_style = 0; break;
870 ldapfile = pargs.r.ret_str;
873 case oLDAPAddServers: opt.add_new_ldapservers = 1; break;
875 opt.ldaptimeout = pargs.r.ret_int;
878 case oFakedSystemTime:
879 gnupg_set_time ((time_t)pargs.r.ret_ulong, 0);
882 case oForce: opt.force = 1; break;
884 case oSocketName: socket_name = pargs.r.ret_str; break;
886 default : pargs.err = configfp? 1:2; break;
893 /* Keep a copy of the name so that it can be read on SIGHUP. */
894 opt.config_filename = configname;
900 if (log_get_errorcount(0))
905 if (!opt.homedir_cache)
906 opt.homedir_cache = xstrdup (gnupg_homedir ());
910 es_fprintf (es_stderr, "%s %s; %s\n",
911 strusage(11), strusage(13), strusage(14) );
912 es_fprintf (es_stderr, "%s\n", strusage(15) );
915 #ifdef IS_DEVELOPMENT_VERSION
916 log_info ("NOTE: this is a development version!\n");
919 /* Print a warning if an argument looks like an option. */
920 if (!opt.quiet && !(pargs.flags & ARGPARSE_FLAG_STOP_SEEN))
924 for (i=0; i < argc; i++)
925 if (argv[i][0] == '-' && argv[i][1] == '-')
926 log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
929 if (!access ("/etc/"DIRMNGR_NAME, F_OK)
930 && !strncmp (gnupg_homedir (), "/etc/", 5))
932 ("NOTE: DirMngr is now a proper part of %s. The configuration and"
933 " other directory names changed. Please check that no other version"
934 " of dirmngr is still installed. To disable this warning, remove the"
935 " directory '/etc/dirmngr'.\n", GNUPG_NAME);
937 if (gnupg_faked_time_p ())
939 gnupg_isotime_t tbuf;
941 log_info (_("WARNING: running with faked system time: "));
942 gnupg_get_isotime (tbuf);
950 /* Get LDAP server list from file. */
954 ldapfile = make_filename (gnupg_homedir (),
955 "dirmngr_ldapservers.conf",
957 opt.ldapservers = parse_ldapserver_file (ldapfile);
961 opt.ldapservers = parse_ldapserver_file (ldapfile);
964 #ifndef HAVE_W32_SYSTEM
965 /* We need to ignore the PIPE signal because the we might log to a
966 socket and that code handles EPIPE properly. The ldap wrapper
967 also requires us to ignore this silly signal. Assuan would set
968 this signal to ignore anyway.*/
969 signal (SIGPIPE, SIG_IGN);
972 /* Ready. Now to our duties. */
979 /* Note that this server mode is mainly useful for debugging. */
981 wrong_args ("--server");
985 log_set_file (logfile);
986 log_set_prefix (NULL, GPGRT_LOG_WITH_TIME | GPGRT_LOG_WITH_PID);
991 log_debug ("waiting for debugger - my pid is %u .....\n",
992 (unsigned int)getpid());
993 gnupg_sleep (debug_wait);
994 log_debug ("... okay\n");
1001 http_register_netactivity_cb (netactivity_action);
1002 start_command_handler (ASSUAN_INVALID_FD);
1005 #ifndef HAVE_W32_SYSTEM
1006 else if (cmd == aSupervised)
1008 /* In supervised mode, we expect file descriptor 3 to be an
1009 already opened, listening socket.
1011 We will also not detach from the controlling process or close
1012 stderr; the supervisor should handle all of that. */
1013 struct stat statbuf;
1014 if (fstat (3, &statbuf) == -1 && errno == EBADF)
1016 log_error ("file descriptor 3 must be validin --supervised mode\n");
1019 socket_name = gnupg_get_socket_name (3);
1021 /* Now start with logging to a file if this is desired. */
1024 log_set_file (logfile);
1025 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1026 |GPGRT_LOG_WITH_TIME
1027 |GPGRT_LOG_WITH_PID));
1028 current_logfile = xstrdup (logfile);
1031 log_set_prefix (NULL, 0);
1036 http_register_netactivity_cb (netactivity_action);
1037 handle_connections (3);
1040 #endif /*HAVE_W32_SYSTEM*/
1041 else if (cmd == aDaemon)
1046 struct sockaddr_un serv_addr;
1049 wrong_args ("--daemon");
1051 /* Now start with logging to a file if this is desired. */
1054 log_set_file (logfile);
1055 log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
1056 |GPGRT_LOG_WITH_TIME
1057 |GPGRT_LOG_WITH_PID));
1058 current_logfile = xstrdup (logfile);
1061 #ifndef HAVE_W32_SYSTEM
1062 if (strchr (socket_name, ':'))
1064 log_error (_("colons are not allowed in the socket name\n"));
1068 fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
1069 if (fd == ASSUAN_INVALID_FD)
1071 log_error (_("can't create socket: %s\n"), strerror (errno));
1079 if (assuan_sock_set_sockaddr_un (socket_name,
1080 (struct sockaddr*)&serv_addr,
1083 if (errno == ENAMETOOLONG)
1084 log_error (_("socket name '%s' is too long\n"), socket_name);
1086 log_error ("error preparing socket '%s': %s\n",
1088 gpg_strerror (gpg_error_from_syserror ()));
1093 redir_socket_name = xstrdup (serv_addr.sun_path);
1095 log_info ("redirecting socket '%s' to '%s'\n",
1096 socket_name, redir_socket_name);
1100 len = SUN_LEN (&serv_addr);
1102 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1104 && (errno == EADDRINUSE
1105 #ifdef HAVE_W32_SYSTEM
1110 /* Fixme: We should test whether a dirmngr is already running. */
1111 gnupg_remove (redir_socket_name? redir_socket_name : socket_name);
1112 rc = assuan_sock_bind (fd, (struct sockaddr*) &serv_addr, len);
1115 && (rc = assuan_sock_get_nonce ((struct sockaddr*) &serv_addr, len, &socket_nonce)))
1116 log_error (_("error getting nonce for the socket\n"));
1119 log_error (_("error binding socket to '%s': %s\n"),
1121 gpg_strerror (gpg_error_from_errno (errno)));
1122 assuan_sock_close (fd);
1127 if (gnupg_chmod (serv_addr.sun_path, "-rwx"))
1128 log_error (_("can't set permissions of '%s': %s\n"),
1129 serv_addr.sun_path, strerror (errno));
1131 if (listen (FD2INT (fd), 5) == -1)
1133 log_error (_("listen() failed: %s\n"), strerror (errno));
1134 assuan_sock_close (fd);
1139 log_info (_("listening on socket '%s'\n"), serv_addr.sun_path);
1143 /* Note: We keep the dirmngr_info output only for the sake of
1144 existing scripts which might use this to detect a successful
1145 start of the dirmngr. */
1146 #ifdef HAVE_W32_SYSTEM
1151 es_printf ("set %s=%s;%lu;1\n",
1152 DIRMNGR_INFO_NAME, socket_name, (ulong) pid);
1155 if (pid == (pid_t)-1)
1157 log_fatal (_("error forking process: %s\n"), strerror (errno));
1162 { /* We are the parent */
1165 /* Don't let cleanup() remove the socket - the child is
1166 responsible for doing that. */
1171 /* Create the info string: <name>:<pid>:<protocol_version> */
1172 if (asprintf (&infostr, "%s=%s:%lu:1",
1173 DIRMNGR_INFO_NAME, serv_addr.sun_path, (ulong)pid ) < 0)
1175 log_error (_("out of core\n"));
1176 kill (pid, SIGTERM);
1179 /* Print the environment string, so that the caller can use
1180 shell's eval to set it. But see above. */
1183 *strchr (infostr, '=') = ' ';
1184 es_printf ( "setenv %s;\n", infostr);
1188 es_printf ( "%s; export %s;\n", infostr, DIRMNGR_INFO_NAME);
1200 /* Detach from tty and put process into a new session */
1204 unsigned int oldflags;
1206 /* Close stdin, stdout and stderr unless it is the log stream */
1207 for (i=0; i <= 2; i++)
1209 if (!log_test_fd (i) && i != fd )
1212 && open ("/dev/null", i? O_WRONLY : O_RDONLY) == -1)
1214 log_error ("failed to open '%s': %s\n",
1215 "/dev/null", strerror (errno));
1224 log_error ("setsid() failed: %s\n", strerror(errno) );
1228 log_get_prefix (&oldflags);
1229 log_set_prefix (NULL, oldflags | GPGRT_LOG_RUN_DETACHED);
1230 opt.running_detached = 1;
1234 log_error ("chdir to / failed: %s\n", strerror (errno));
1243 http_register_netactivity_cb (netactivity_action);
1244 handle_connections (fd);
1247 else if (cmd == aListCRLs)
1249 /* Just list the CRL cache and exit. */
1251 wrong_args ("--list-crls");
1253 crl_cache_list (es_stdout);
1255 else if (cmd == aLoadCRL)
1257 struct server_control_s ctrlbuf;
1259 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1260 dirmngr_init_default_ctrl (&ctrlbuf);
1266 rc = crl_cache_load (&ctrlbuf, NULL);
1269 for (; !rc && argc; argc--, argv++)
1270 rc = crl_cache_load (&ctrlbuf, *argv);
1272 dirmngr_deinit_default_ctrl (&ctrlbuf);
1274 else if (cmd == aFetchCRL)
1276 ksba_reader_t reader;
1277 struct server_control_s ctrlbuf;
1280 wrong_args ("--fetch-crl URL");
1282 memset (&ctrlbuf, 0, sizeof ctrlbuf);
1283 dirmngr_init_default_ctrl (&ctrlbuf);
1288 rc = crl_fetch (&ctrlbuf, argv[0], &reader);
1290 log_error (_("fetching CRL from '%s' failed: %s\n"),
1291 argv[0], gpg_strerror (rc));
1294 rc = crl_cache_insert (&ctrlbuf, argv[0], reader);
1296 log_error (_("processing CRL from '%s' failed: %s\n"),
1297 argv[0], gpg_strerror (rc));
1298 crl_close_reader (reader);
1300 dirmngr_deinit_default_ctrl (&ctrlbuf);
1302 else if (cmd == aFlush)
1304 /* Delete cache and exit. */
1306 wrong_args ("--flush");
1307 rc = crl_cache_flush();
1309 else if (cmd == aGPGConfTest)
1311 else if (cmd == aGPGConfList)
1313 unsigned long flags = 0;
1317 /* First the configuration file. This is not an option, but it
1318 is vital information for GPG Conf. */
1319 if (!opt.config_filename)
1320 opt.config_filename = make_filename (gnupg_homedir (),
1321 "dirmngr.conf", NULL );
1323 filename = percent_escape (opt.config_filename, NULL);
1324 es_printf ("gpgconf-dirmngr.conf:%lu:\"%s\n",
1325 GC_OPT_FLAG_DEFAULT, filename);
1328 es_printf ("verbose:%lu:\n", flags | GC_OPT_FLAG_NONE);
1329 es_printf ("quiet:%lu:\n", flags | GC_OPT_FLAG_NONE);
1330 es_printf ("debug-level:%lu:\"none\n", flags | GC_OPT_FLAG_DEFAULT);
1331 es_printf ("log-file:%lu:\n", flags | GC_OPT_FLAG_NONE);
1332 es_printf ("force:%lu:\n", flags | GC_OPT_FLAG_NONE);
1334 /* --csh and --sh are mutually exclusive, something we can not
1335 express in GPG Conf. --options is only usable from the
1336 command line, really. --debug-all interacts with --debug,
1337 and having both of them is thus problematic. --no-detach is
1338 also only usable on the command line. --batch is unused. */
1340 filename = make_filename (gnupg_homedir (),
1341 "dirmngr_ldapservers.conf",
1343 filename_esc = percent_escape (filename, NULL);
1344 es_printf ("ldapserverlist-file:%lu:\"%s\n", flags | GC_OPT_FLAG_DEFAULT,
1346 xfree (filename_esc);
1349 es_printf ("ldaptimeout:%lu:%u\n",
1350 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_LDAP_TIMEOUT);
1351 es_printf ("max-replies:%lu:%u\n",
1352 flags | GC_OPT_FLAG_DEFAULT, DEFAULT_MAX_REPLIES);
1353 es_printf ("allow-ocsp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1354 es_printf ("allow-version-check:%lu:\n", flags | GC_OPT_FLAG_NONE);
1355 es_printf ("ocsp-responder:%lu:\n", flags | GC_OPT_FLAG_NONE);
1356 es_printf ("ocsp-signer:%lu:\n", flags | GC_OPT_FLAG_NONE);
1358 es_printf ("faked-system-time:%lu:\n", flags | GC_OPT_FLAG_NONE);
1359 es_printf ("no-greeting:%lu:\n", flags | GC_OPT_FLAG_NONE);
1361 es_printf ("disable-http:%lu:\n", flags | GC_OPT_FLAG_NONE);
1362 es_printf ("disable-ldap:%lu:\n", flags | GC_OPT_FLAG_NONE);
1363 es_printf ("honor-http-proxy:%lu\n", flags | GC_OPT_FLAG_NONE);
1364 es_printf ("http-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1365 es_printf ("ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1366 es_printf ("only-ldap-proxy:%lu:\n", flags | GC_OPT_FLAG_NONE);
1367 es_printf ("ignore-ldap-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1368 es_printf ("ignore-http-dp:%lu:\n", flags | GC_OPT_FLAG_NONE);
1369 es_printf ("ignore-ocsp-service-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1370 /* Note: The next one is to fix a typo in gpgconf - should be
1371 removed eventually. */
1372 es_printf ("ignore-ocsp-servic-url:%lu:\n", flags | GC_OPT_FLAG_NONE);
1374 es_printf ("use-tor:%lu:\n", flags | GC_OPT_FLAG_NONE);
1375 es_printf ("keyserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1376 es_printf ("nameserver:%lu:\n", flags | GC_OPT_FLAG_NONE);
1377 es_printf ("resolver-timeout:%lu:%u\n",
1378 flags | GC_OPT_FLAG_DEFAULT, 0);
1388 crl_cache_deinit ();
1389 cert_cache_deinit (1);
1390 reload_dns_stuff (1);
1393 ldapserver_list_free (opt.ldapservers);
1395 opt.ldapservers = NULL;
1400 if (redir_socket_name)
1401 gnupg_remove (redir_socket_name);
1402 else if (socket_name && *socket_name)
1403 gnupg_remove (socket_name);
1409 dirmngr_exit (int rc)
1417 dirmngr_init_default_ctrl (ctrl_t ctrl)
1420 ctrl->http_proxy = xstrdup (opt.http_proxy);
1425 dirmngr_deinit_default_ctrl (ctrl_t ctrl)
1429 xfree (ctrl->http_proxy);
1430 ctrl->http_proxy = NULL;
1434 /* Create a list of LDAP servers from the file FILENAME. Returns the
1435 list or NULL in case of errors.
1437 The format fo such a file is line oriented where empty lines and
1438 lines starting with a hash mark are ignored. All other lines are
1439 assumed to be colon seprated with these fields:
1442 2. field: Portnumber
1449 static ldap_server_t
1450 parse_ldapserver_file (const char* filename)
1454 ldap_server_t server, serverstart, *serverend;
1456 unsigned int lineno = 0;
1459 fp = es_fopen (filename, "r");
1462 log_error (_("error opening '%s': %s\n"), filename, strerror (errno));
1467 serverend = &serverstart;
1468 while (es_fgets (buffer, sizeof buffer, fp))
1471 if (!*buffer || buffer[strlen(buffer)-1] != '\n')
1473 if (*buffer && es_feof (fp))
1474 ; /* Last line not terminated - continue. */
1477 log_error (_("%s:%u: line too long - skipped\n"),
1479 while ( (c=es_fgetc (fp)) != EOF && c != '\n')
1480 ; /* Skip until end of line. */
1484 /* Skip empty and comment lines.*/
1485 for (p=buffer; spacep (p); p++)
1487 if (!*p || *p == '\n' || *p == '#')
1490 /* Parse the colon separated fields. */
1491 server = ldapserver_parse_one (buffer, filename, lineno);
1494 *serverend = server;
1495 serverend = &server->next;
1500 log_error (_("error reading '%s': %s\n"), filename, strerror (errno));
1507 static fingerprint_list_t
1508 parse_ocsp_signer (const char *string)
1515 fingerprint_list_t list, *list_tail, item;
1516 unsigned int lnr = 0;
1521 /* Check whether this is not a filename and treat it as a direct
1522 fingerprint specification. */
1523 if (!strpbrk (string, "/.~\\"))
1525 item = xcalloc (1, sizeof *item);
1526 for (i=j=0; (string[i] == ':' || hexdigitp (string+i)) && j < 40; i++)
1527 if ( string[i] != ':' )
1528 item->hexfpr[j++] = string[i] >= 'a'? (string[i] & 0xdf): string[i];
1529 item->hexfpr[j] = 0;
1530 if (j != 40 || !(spacep (string+i) || !string[i]))
1532 log_error (_("%s:%u: invalid fingerprint detected\n"),
1533 "--ocsp-signer", 0);
1540 /* Well, it is a filename. */
1541 if (*string == '/' || (*string == '~' && string[1] == '/'))
1542 fname = make_filename (string, NULL);
1545 if (string[0] == '.' && string[1] == '/' )
1547 fname = make_filename (gnupg_homedir (), string, NULL);
1550 fp = es_fopen (fname, "r");
1553 err = gpg_error_from_syserror ();
1554 log_error (_("can't open '%s': %s\n"), fname, gpg_strerror (err));
1563 if (!es_fgets (line, DIM(line)-1, fp) )
1567 err = gpg_error_from_syserror ();
1568 log_error (_("%s:%u: read error: %s\n"),
1569 fname, lnr, gpg_strerror (err));
1577 fingerprint_list_t tmp = list->next;
1583 return list; /* Ready. */
1587 if (!*line || line[strlen(line)-1] != '\n')
1589 /* Eat until end of line. */
1590 while ( (c=es_getc (fp)) != EOF && c != '\n')
1592 err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
1593 /* */: GPG_ERR_INCOMPLETE_LINE);
1594 log_error (_("%s:%u: read error: %s\n"),
1595 fname, lnr, gpg_strerror (err));
1600 /* Allow for empty lines and spaces */
1601 for (p=line; spacep (p); p++)
1603 if (!*p || *p == '\n' || *p == '#')
1606 item = xcalloc (1, sizeof *item);
1608 list_tail = &item->next;
1610 for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
1612 item->hexfpr[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
1613 item->hexfpr[j] = 0;
1614 if (j != 40 || !(spacep (p+i) || p[i] == '\n'))
1616 log_error (_("%s:%u: invalid fingerprint detected\n"), fname, lnr);
1620 while (spacep (p+i))
1622 if (p[i] && p[i] != '\n')
1623 log_info (_("%s:%u: garbage at end of line ignored\n"), fname, lnr);
1632 Stuff used in daemon mode.
1637 /* Reread parts of the configuration. Note, that this function is
1638 obviously not thread-safe and should only be called from the NPTH
1641 Fixme: Due to the way the argument parsing works, we create a
1642 memory leak here for all string type arguments. There is currently
1643 no clean way to tell whether the memory for the argument has been
1644 allocated or points into the process' original arguments. Unless
1645 we have a mechanism to tell this, we need to live on with this. */
1647 reread_configuration (void)
1649 ARGPARSE_ARGS pargs;
1651 unsigned int configlineno = 0;
1654 if (!opt.config_filename)
1655 return; /* No config file. */
1657 fp = fopen (opt.config_filename, "r");
1660 log_error (_("option file '%s': %s\n"),
1661 opt.config_filename, strerror(errno) );
1665 parse_rereadable_options (NULL, 1); /* Start from the default values. */
1667 memset (&pargs, 0, sizeof pargs);
1669 pargs.argc = &dummy;
1670 pargs.flags = 1; /* do not remove the args */
1671 while (optfile_parse (fp, opt.config_filename, &configlineno, &pargs, opts) )
1673 if (pargs.r_opt < -1)
1674 pargs.err = 1; /* Print a warning. */
1675 else /* Try to parse this option - ignore unchangeable ones. */
1676 parse_rereadable_options (&pargs, 1);
1685 /* A global function which allows us to trigger the reload stuff from
1688 dirmngr_sighup_action (void)
1690 log_info (_("SIGHUP received - "
1691 "re-reading configuration and flushing caches\n"));
1692 reread_configuration ();
1693 cert_cache_deinit (0);
1694 crl_cache_deinit ();
1697 reload_dns_stuff (0);
1702 /* This function is called if some network activity was done. At this
1703 * point we know the we have a network and we can decide whether to
1704 * run scheduled background tasks soon. The function should return
1705 * quickly and only trigger actions for another thread. */
1707 netactivity_action (void)
1709 network_activity_seen = 1;
1713 /* The signal handler. */
1714 #ifndef HAVE_W32_SYSTEM
1716 handle_signal (int signo)
1721 dirmngr_sighup_action ();
1725 cert_cache_print_stats ();
1729 log_info (_("SIGUSR2 received - no action defined\n"));
1733 if (!shutdown_pending)
1734 log_info (_("SIGTERM received - shutting down ...\n"));
1736 log_info (_("SIGTERM received - still %d active connections\n"),
1737 active_connections);
1739 if (shutdown_pending > 2)
1741 log_info (_("shutdown forced\n"));
1742 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
1749 log_info (_("SIGINT received - immediate shutdown\n"));
1750 log_info( "%s %s stopped\n", strusage(11), strusage(13));
1756 log_info (_("signal %d received - no action defined\n"), signo);
1759 #endif /*!HAVE_W32_SYSTEM*/
1762 /* Check the nonce on a new connection. This is a NOP unless we are
1763 using our Unix domain socket emulation under Windows. */
1765 check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce)
1767 if (assuan_sock_check_nonce (fd, nonce))
1769 log_info (_("error reading nonce on fd %d: %s\n"),
1770 FD2INT (fd), strerror (errno));
1771 assuan_sock_close (fd);
1779 /* Helper to call a connection's main function. */
1781 start_connection_thread (void *arg)
1783 union int_and_ptr_u argval;
1786 memset (&argval, 0, sizeof argval);
1790 if (check_nonce (fd, &socket_nonce))
1792 log_error ("handler nonce check FAILED\n");
1796 #ifndef HAVE_W32_SYSTEM
1797 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1800 active_connections++;
1802 log_info (_("handler for fd %d started\n"), FD2INT (fd));
1804 start_command_handler (fd);
1807 log_info (_("handler for fd %d terminated\n"), FD2INT (fd));
1808 active_connections--;
1810 #ifndef HAVE_W32_SYSTEM
1811 argval.afd = ASSUAN_INVALID_FD;
1812 npth_setspecific (my_tlskey_current_fd, argval.aptr);
1819 #ifdef HAVE_INOTIFY_INIT
1820 /* Read an inotify event and return true if it matches NAME. */
1822 my_inotify_is_name (int fd, const char *name)
1825 struct inotify_event ev;
1826 char _buf[sizeof (struct inotify_event) + 100 + 1];
1831 s = strrchr (name, '/');
1835 n = npth_read (fd, &buf, sizeof buf);
1836 if (n < sizeof (struct inotify_event))
1838 if (buf.ev.len < strlen (name)+1)
1840 if (strcmp (buf.ev.name, name))
1841 return 0; /* Not the desired file. */
1843 return 1; /* Found. */
1845 #endif /*HAVE_INOTIFY_INIT*/
1848 /* Main loop in daemon mode. Note that LISTEN_FD will be owned by
1851 handle_connections (assuan_fd_t listen_fd)
1854 #ifndef HAVE_W32_SYSTEM
1857 struct sockaddr_un paddr;
1858 socklen_t plen = sizeof( paddr );
1861 fd_set fdset, read_fdset;
1863 int my_inotify_fd = -1;
1865 npth_attr_init (&tattr);
1866 npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
1868 #ifndef HAVE_W32_SYSTEM /* FIXME */
1870 npth_sigev_add (SIGHUP);
1871 npth_sigev_add (SIGUSR1);
1872 npth_sigev_add (SIGUSR2);
1873 npth_sigev_add (SIGINT);
1874 npth_sigev_add (SIGTERM);
1878 #ifdef HAVE_INOTIFY_INIT
1879 if (disable_check_own_socket)
1881 else if ((my_inotify_fd = inotify_init ()) == -1)
1882 log_info ("error enabling fast daemon termination: %s\n",
1886 /* We need to watch the directory for the file because there
1887 * won't be an IN_DELETE_SELF for a socket file. */
1888 char *slash = strrchr (socket_name, '/');
1889 log_assert (slash && slash[1]);
1891 if (inotify_add_watch (my_inotify_fd, socket_name, IN_DELETE) == -1)
1893 close (my_inotify_fd);
1898 #endif /*HAVE_INOTIFY_INIT*/
1901 /* Setup the fdset. */
1903 FD_SET (FD2INT (listen_fd), &fdset);
1904 nfd = FD2INT (listen_fd);
1905 if (my_inotify_fd != -1)
1907 FD_SET (my_inotify_fd, &fdset);
1908 if (my_inotify_fd > nfd)
1909 nfd = my_inotify_fd;
1915 /* Shutdown test. */
1916 if (shutdown_pending)
1918 if (!active_connections)
1921 /* Do not accept new connections but keep on running the
1922 * select loop to wait for signals (e.g. SIGCHLD).
1924 * Note that we do not close the listening socket because a
1925 * client trying to connect to that socket would instead
1926 * restart a new dirmngr instance - which is unlikely the
1927 * intention of a shutdown. */
1928 /* assuan_sock_close (listen_fd); */
1929 /* listen_fd = -1; */
1932 if (my_inotify_fd != -1)
1934 FD_SET (my_inotify_fd, &fdset);
1935 nfd = my_inotify_fd;
1939 /* Take a copy of the fdset. */
1942 #ifndef HAVE_W32_SYSTEM
1943 ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL, npth_sigev_sigmask());
1944 saved_errno = errno;
1946 while (npth_sigev_get_pending(&signo))
1947 handle_signal (signo);
1949 ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL, NULL, NULL);
1950 saved_errno = errno;
1953 if (ret == -1 && saved_errno != EINTR)
1955 log_error (_("npth_pselect failed: %s - waiting 1s\n"),
1956 strerror (saved_errno));
1963 /* Interrupt. Will be handled at the top of the next loop. */
1967 if (shutdown_pending)
1969 /* Do not anymore accept connections. */
1973 #ifdef HAVE_INOTIFY_INIT
1974 if (my_inotify_fd != -1 && FD_ISSET (my_inotify_fd, &read_fdset)
1975 && my_inotify_is_name (my_inotify_fd, socket_name))
1977 shutdown_pending = 1;
1978 log_info ("socket file has been removed - shutting down\n");
1980 #endif /*HAVE_INOTIFY_INIT*/
1982 if (FD_ISSET (FD2INT (listen_fd), &read_fdset))
1984 plen = sizeof paddr;
1985 fd = INT2FD (npth_accept (FD2INT(listen_fd),
1986 (struct sockaddr *)&paddr, &plen));
1987 if (fd == GNUPG_INVALID_FD)
1989 log_error ("accept failed: %s\n", strerror (errno));
1993 char threadname[50];
1994 union int_and_ptr_u argval;
1997 memset (&argval, 0, sizeof argval);
1999 snprintf (threadname, sizeof threadname,
2000 "conn fd=%d", FD2INT(fd));
2002 ret = npth_create (&thread, &tattr,
2003 start_connection_thread, argval.aptr);
2006 log_error ("error spawning connection handler: %s\n",
2008 assuan_sock_close (fd);
2010 npth_setname_np (thread, threadname);
2012 fd = GNUPG_INVALID_FD;
2016 #ifdef HAVE_INOTIFY_INIT
2017 if (my_inotify_fd != -1)
2018 close (my_inotify_fd);
2019 #endif /*HAVE_INOTIFY_INIT*/
2020 npth_attr_destroy (&tattr);
2021 if (listen_fd != -1)
2022 assuan_sock_close (fd);
2024 log_info ("%s %s stopped\n", strusage(11), strusage(13));
2028 dirmngr_get_current_socket_name (void)
2033 return dirmngr_socket_name ();