search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
[gnupg.git] / g13 / g13.c
blob0e479b0165105a68d80f5973f2e6874b5a8c632c
1 /* g13.c - Disk Key management with GnuPG
2 * Copyright (C) 2009 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include <config.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <errno.h>
25 #include <ctype.h>
26 #include <unistd.h>
27 #include <fcntl.h>
28 #include <pth.h>
29
30 #include "g13.h"
31
32 #include <gcrypt.h>
33 #include <assuan.h>
34
35 #include "i18n.h"
36 #include "sysutils.h"
37 #include "gc-opt-flags.h"
38 #include "keyblob.h"
39 #include "server.h"
40 #include "runner.h"
41 #include "create.h"
42 #include "mount.h"
43 #include "mountinfo.h"
44
45
46 enum cmd_and_opt_values {
47 aNull = 0,
48 oQuiet = 'q',
49 oVerbose = 'v',
50
51 aGPGConfList = 500,
52 aGPGConfTest,
53 aCreate,
54 aMount,
55 aUmount,
56 aServer,
57
58 oOptions,
59 oDebug,
60 oDebugLevel,
61 oDebugAll,
62 oDebugNone,
63 oDebugWait,
64 oDebugAllowCoreDump,
65 oLogFile,
66 oNoLogFile,
67 oAuditLog,
68
69 oOutput,
70
71 oAgentProgram,
72 oGpgProgram,
73
74 oDisplay,
75 oTTYname,
76 oTTYtype,
77 oLCctype,
78 oLCmessages,
79 oXauthority,
80
81 oStatusFD,
82 oLoggerFD,
83
84 oNoVerbose,
85 oNoSecmemWarn,
86 oNoGreeting,
87 oNoTTY,
88 oNoOptions,
89 oHomedir,
90 oWithColons,
91 oDryRun,
92 oNoDetach,
93
94 oRecipient,
95
96 oNoRandomSeedFile,
97 oFakedSystemTime
98 };
99
100
101 static ARGPARSE_OPTS opts[] = {
102
103 ARGPARSE_group (300, N_("@Commands:\n ")),
104
105 ARGPARSE_c (aCreate, "create", N_("Create a new file system container")),
106 ARGPARSE_c (aMount, "mount", N_("Mount a file system container") ),
107 ARGPARSE_c (aUmount, "umount", N_("Unmount a file system container") ),
108 ARGPARSE_c (aServer, "server", N_("Run in server mode")),
109
110 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
111 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
112
113 ARGPARSE_group (301, N_("@\nOptions:\n ")),
114
115 ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")),
116
117 ARGPARSE_s_s (oOutput, "output", N_("|FILE|write output to FILE")),
118 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
119 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
120 ARGPARSE_s_n (oNoTTY, "no-tty", N_("don't use the terminal at all")),
121 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
122 ARGPARSE_s_s (oLogFile, "log-file", N_("|FILE|write log output to FILE")),
123 ARGPARSE_s_n (oNoLogFile, "no-log-file", "@"),
124 ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"),
125
126 ARGPARSE_s_s (oAuditLog, "audit-log",
127 N_("|FILE|write an audit log to FILE")),
128 ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
129
130 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
131
132 ARGPARSE_p_u (oDebug, "debug", "@"),
133 ARGPARSE_s_s (oDebugLevel, "debug-level",
134 N_("|LEVEL|set the debugging level to LEVEL")),
135 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
136 ARGPARSE_s_n (oDebugNone, "debug-none", "@"),
137 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
138 ARGPARSE_s_n (oDebugAllowCoreDump, "debug-allow-core-dump", "@"),
139
140 ARGPARSE_s_i (oStatusFD, "status-fd",
141 N_("|FD|write status info to this FD")),
142
143 ARGPARSE_group (302, N_(
144 "@\n(See the man page for a complete listing of all commands and options)\n"
145 )),
146
147 ARGPARSE_group (303, N_("@\nExamples:\n\n"
148 " blurb\n"
149 " blurb\n")),
150
151 /* Hidden options. */
152 ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
153 ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
154 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
155 ARGPARSE_s_n (oNoOptions, "no-options", "@"),
156 ARGPARSE_s_s (oHomedir, "homedir", "@"),
157 ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
158 ARGPARSE_s_s (oGpgProgram, "gpg-program", "@"),
159 ARGPARSE_s_s (oDisplay, "display", "@"),
160 ARGPARSE_s_s (oTTYname, "ttyname", "@"),
161 ARGPARSE_s_s (oTTYtype, "ttytype", "@"),
162 ARGPARSE_s_s (oLCctype, "lc-ctype", "@"),
163 ARGPARSE_s_s (oLCmessages, "lc-messages", "@"),
164 ARGPARSE_s_s (oXauthority, "xauthority", "@"),
165 ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
166 ARGPARSE_s_n (oWithColons, "with-colons", "@"),
167 ARGPARSE_s_n (oNoRandomSeedFile, "no-random-seed-file", "@"),
168
169 /* Command aliases. */
170
171 ARGPARSE_end ()
172 };
173
174
175 /* The timer tick interval used by the idle task. */
176 #define TIMERTICK_INTERVAL_SEC (1)
177
178
179 /* Global variable to keep an error count. */
180 int g13_errors_seen = 0;
181
182 /* It is possible that we are currently running under setuid permissions. */
183 static int maybe_setuid = 1;
184
185 /* Helper to implement --debug-level and --debug. */
186 static const char *debug_level;
187 static unsigned int debug_value;
188
189 /* Flag to indicate that a shutdown was requested. */
190 static int shutdown_pending;
191
192 /* The thread id of the idle task. */
193 static pth_t idle_task_tid;
194
195
196 \f
197 static void set_cmd (enum cmd_and_opt_values *ret_cmd,
198 enum cmd_and_opt_values new_cmd );
199
200 static void emergency_cleanup (void);
201 static void start_idle_task (void);
202 static void join_idle_task (void);
203
204
205 \f
206 /* Begin Pth wrapper functions. */
207 ASSUAN_SYSTEM_PTH_IMPL;
208
209 GCRY_THREAD_OPTION_PTH_IMPL;
210 static int fixed_gcry_pth_init (void)
211 {
212 return pth_self ()? 0 : (pth_init () == FALSE) ? errno : 0;
213 }
214 /* End Pth wrapper functions. */
215
216
217 static const char *
218 my_strusage( int level )
219 {
220 const char *p;
221
222 switch (level)
223 {
224 case 11: p = "g13 (GnuPG)";
225 break;
226 case 13: p = VERSION; break;
227 case 17: p = PRINTABLE_OS_NAME; break;
228 case 19: p = _("Please report bugs to <" PACKAGE_BUGREPORT ">.\n");
229 break;
230 case 1:
231 case 40: p = _("Usage: g13 [options] [files] (-h for help)");
232 break;
233 case 41:
234 p = _("Syntax: g13 [options] [files]\n"
235 "Create, mount or unmount an encrypted file system container\n");
236 break;
237
238 case 31: p = "\nHome: "; break;
239 case 32: p = opt.homedir; break;
240
241 default: p = NULL; break;
242 }
243 return p;
244 }
245
246
247 static void
248 wrong_args (const char *text)
249 {
250 fputs (_("usage: g13 [options] "), stderr);
251 fputs (text, stderr);
252 putc ('\n', stderr);
253 g13_exit (2);
254 }
255
256
257 /* Setup the debugging. With a DEBUG_LEVEL of NULL only the active
258 debug flags are propagated to the subsystems. With DEBUG_LEVEL
259 set, a specific set of debug flags is set; and individual debugging
260 flags will be added on top. */
261 static void
262 set_debug (void)
263 {
264 if (!debug_level)
265 ;
266 else if (!strcmp (debug_level, "none"))
267 opt.debug = 0;
268 else if (!strcmp (debug_level, "basic"))
269 opt.debug = DBG_ASSUAN_VALUE|DBG_MOUNT_VALUE;
270 else if (!strcmp (debug_level, "advanced"))
271 opt.debug = DBG_ASSUAN_VALUE|DBG_MOUNT_VALUE;
272 else if (!strcmp (debug_level, "expert"))
273 opt.debug = (DBG_ASSUAN_VALUE|DBG_MOUNT_VALUE|DBG_CRYPTO_VALUE);
274 else if (!strcmp (debug_level, "guru"))
275 opt.debug = ~0;
276 else
277 {
278 log_error (_("invalid debug-level `%s' given\n"), debug_level);
279 g13_exit(2);
280 }
281
282 opt.debug |= debug_value;
283
284 if (opt.debug && !opt.verbose)
285 opt.verbose = 1;
286 if (opt.debug)
287 opt.quiet = 0;
288
289 if (opt.debug & DBG_CRYPTO_VALUE )
290 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
291 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
292 }
293
294
295
296 static void
297 set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
298 {
299 enum cmd_and_opt_values cmd = *ret_cmd;
300
301 if (!cmd || cmd == new_cmd)
302 cmd = new_cmd;
303 else
304 {
305 log_error (_("conflicting commands\n"));
306 g13_exit (2);
307 }
308
309 *ret_cmd = cmd;
310 }
311
312
313 /* Helper to add recipients to a list. */
314 static int
315 add_encryption_key (ctrl_t ctrl, const char *name,
316 void /*FIXME*/ *keylist, int is_cms)
317 {
318 /* FIXME: Decide whether to add a CMS or OpenPGP key and then add
319 the key to a list. */
320 /* int rc = foo_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to); */
321 /* if (rc) */
322 /* { */
323 /* if (recp_required) */
324 /* { */
325 /* log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc)); */
326 /* gpgsm_status2 (ctrl, STATUS_INV_RECP, */
327 /* get_inv_recpsgnr_code (rc), name, NULL); */
328 /* } */
329 /* else */
330 /* log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"), */
331 /* name, gpg_strerror (rc)); */
332 /* } */
333 return 0; /* Key is good. */
334 }
335
336
337 int
338 main ( int argc, char **argv)
339 {
340 ARGPARSE_ARGS pargs;
341 int orig_argc;
342 char **orig_argv;
343 gpg_error_t err;
344 const char *fname;
345 int may_coredump;
346 FILE *configfp = NULL;
347 char *configname = NULL;
348 unsigned configlineno;
349 int parse_debug = 0;
350 int no_more_options = 0;
351 int default_config =1;
352 char *logfile = NULL;
353 char *auditlog = NULL;
354 int greeting = 0;
355 int nogreeting = 0;
356 int debug_wait = 0;
357 int use_random_seed = 1;
358 int nodetach = 0;
359 int nokeysetup = 0;
360 enum cmd_and_opt_values cmd = 0;
361 struct server_control_s ctrl;
362 estream_t auditfp = NULL;
363 strlist_t recipients = NULL;
364
365 /*mtrace();*/
366
367 gnupg_reopen_std ("g13");
368 set_strusage (my_strusage);
369 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
370
371 log_set_prefix ("g13", 1);
372
373 /* Make sure that our subsystems are ready. */
374 i18n_init ();
375 init_common_subsystems ();
376
377 /* Libgcrypt requires us to register the threading model first.
378 Note that this will also do the pth_init. */
379 gcry_threads_pth.init = fixed_gcry_pth_init;
380 err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
381 if (err)
382 {
383 log_fatal ("can't register GNU Pth with Libgcrypt: %s\n",
384 gpg_strerror (err));
385 }
386
387 /* Check that the Libgcrypt is suitable. */
388 if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
389 log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
390 NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
391
392 /* Take extra care of the random pool. */
393 gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
394
395 may_coredump = disable_core_dumps ();
396
397 gnupg_init_signals (0, emergency_cleanup);
398
399 create_dotlock (NULL); /* Register locking cleanup. */
400
401 opt.homedir = default_homedir ();
402
403 /* First check whether we have a config file on the commandline. */
404 orig_argc = argc;
405 orig_argv = argv;
406 pargs.argc = &argc;
407 pargs.argv = &argv;
408 pargs.flags= 1|(1<<6); /* Do not remove the args, ignore version. */
409 while (arg_parse( &pargs, opts))
410 {
411 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
412 parse_debug++;
413 else if (pargs.r_opt == oOptions)
414 { /* Yes, there is one, so we do not try the default one but
415 read the config file when it is encountered at the
416 commandline. */
417 default_config = 0;
418 }
419 else if (pargs.r_opt == oNoOptions)
420 default_config = 0; /* --no-options */
421 else if (pargs.r_opt == oHomedir)
422 opt.homedir = pargs.r.ret_str;
423 }
424
425 /* Initialize the secure memory. */
426 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
427 maybe_setuid = 0;
428
429 /*
430 Now we are now working under our real uid
431 */
432
433 /* Setup malloc hooks. */
434 {
435 struct assuan_malloc_hooks malloc_hooks;
436
437 malloc_hooks.malloc = gcry_malloc;
438 malloc_hooks.realloc = gcry_realloc;
439 malloc_hooks.free = gcry_free;
440 assuan_set_malloc_hooks (&malloc_hooks);
441 }
442
443 /* Prepare libassuan. */
444 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
445 assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
446 assuan_set_system_hooks (ASSUAN_SYSTEM_PTH);
447
448
449 /* Setup a default control structure for command line mode. */
450 memset (&ctrl, 0, sizeof ctrl);
451 g13_init_default_ctrl (&ctrl);
452
453 /* Set the default option file */
454 if (default_config )
455 configname = make_filename (opt.homedir, "g13.conf", NULL);
456
457 argc = orig_argc;
458 argv = orig_argv;
459 pargs.argc = &argc;
460 pargs.argv = &argv;
461 pargs.flags = 1; /* Do not remove the args. */
462
463 next_pass:
464 if (configname)
465 {
466 configlineno = 0;
467 configfp = fopen (configname, "r");
468 if (!configfp)
469 {
470 if (default_config)
471 {
472 if (parse_debug)
473 log_info (_("NOTE: no default option file `%s'\n"), configname);
474 }
475 else
476 {
477 log_error (_("option file `%s': %s\n"),
478 configname, strerror(errno));
479 g13_exit(2);
480 }
481 xfree (configname);
482 configname = NULL;
483 }
484 if (parse_debug && configname)
485 log_info (_("reading options from `%s'\n"), configname);
486 default_config = 0;
487 }
488
489 while (!no_more_options
490 && optfile_parse (configfp, configname, &configlineno, &pargs, opts))
491 {
492 switch (pargs.r_opt)
493 {
494 case aGPGConfList:
495 case aGPGConfTest:
496 set_cmd (&cmd, pargs.r_opt);
497 nogreeting = 1;
498 nokeysetup = 1;
499 break;
500
501 case aServer:
502 case aMount:
503 case aUmount:
504 nokeysetup = 1;
505 case aCreate:
506 set_cmd (&cmd, pargs.r_opt);
507 break;
508
509 case oOutput: opt.outfile = pargs.r.ret_str; break;
510
511 case oQuiet: opt.quiet = 1; break;
512 case oNoGreeting: nogreeting = 1; break;
513 case oNoTTY: break;
514
515 case oDryRun: opt.dry_run = 1; break;
516
517 case oVerbose:
518 opt.verbose++;
519 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
520 break;
521 case oNoVerbose:
522 opt.verbose = 0;
523 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
524 break;
525
526 case oLogFile: logfile = pargs.r.ret_str; break;
527 case oNoLogFile: logfile = NULL; break;
528
529 case oAuditLog: auditlog = pargs.r.ret_str; break;
530
531 case oNoDetach: nodetach = 1; break;
532
533 case oDebug: debug_value |= pargs.r.ret_ulong; break;
534 case oDebugAll: debug_value = ~0; break;
535 case oDebugNone: debug_value = 0; break;
536 case oDebugLevel: debug_level = pargs.r.ret_str; break;
537 case oDebugWait: debug_wait = pargs.r.ret_int; break;
538 case oDebugAllowCoreDump:
539 may_coredump = enable_core_dumps ();
540 break;
541
542 case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break;
543 case oLoggerFD: log_set_fd (pargs.r.ret_int ); break;
544
545 case oNoOptions: break; /* no-options */
546 case oOptions:
547 /* Config files may not be nested (silently ignore them). */
548 if (!configfp)
549 {
550 xfree(configname);
551 configname = xstrdup (pargs.r.ret_str);
552 goto next_pass;
553 }
554 break;
555
556 case oHomedir: opt.homedir = pargs.r.ret_str; break;
557
558 case oAgentProgram: opt.agent_program = pargs.r.ret_str; break;
559 case oGpgProgram: opt.gpg_program = pargs.r.ret_str; break;
560 case oDisplay: opt.display = xstrdup (pargs.r.ret_str); break;
561 case oTTYname: opt.ttyname = xstrdup (pargs.r.ret_str); break;
562 case oTTYtype: opt.ttytype = xstrdup (pargs.r.ret_str); break;
563 case oLCctype: opt.lc_ctype = xstrdup (pargs.r.ret_str); break;
564 case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break;
565 case oXauthority: opt.xauthority = xstrdup (pargs.r.ret_str); break;
566
567 case oFakedSystemTime:
568 {
569 time_t faked_time = isotime2epoch (pargs.r.ret_str);
570 if (faked_time == (time_t)(-1))
571 faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
572 gnupg_set_time (faked_time, 0);
573 }
574 break;
575
576 case oNoSecmemWarn: gcry_control (GCRYCTL_DISABLE_SECMEM_WARN); break;
577
578 case oNoRandomSeedFile: use_random_seed = 0; break;
579
580 case oRecipient: /* Store the encryption key. */
581 add_to_strlist (&recipients, pargs.r.ret_str);
582 break;
583
584
585 default:
586 pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
587 break;
588 }
589 }
590
591 if (configfp)
592 {
593 fclose (configfp);
594 configfp = NULL;
595 /* Keep a copy of the config filename. */
596 opt.config_filename = configname;
597 configname = NULL;
598 goto next_pass;
599 }
600 xfree (configname);
601 configname = NULL;
602
603 if (!opt.config_filename)
604 opt.config_filename = make_filename (opt.homedir, "g13.conf", NULL);
605
606 if (log_get_errorcount(0))
607 g13_exit(2);
608
609 /* Now that we have the options parsed we need to update the default
610 control structure. */
611 g13_init_default_ctrl (&ctrl);
612
613 if (nogreeting)
614 greeting = 0;
615
616 if (greeting)
617 {
618 fprintf (stderr, "%s %s; %s\n",
619 strusage(11), strusage(13), strusage(14) );
620 fprintf (stderr, "%s\n", strusage(15) );
621 }
622
623 if (may_coredump && !opt.quiet)
624 log_info (_("WARNING: program may create a core file!\n"));
625
626 if (logfile)
627 {
628 log_set_file (logfile);
629 log_set_prefix (NULL, 1|2|4);
630 }
631
632 if (gnupg_faked_time_p ())
633 {
634 gnupg_isotime_t tbuf;
635
636 log_info (_("WARNING: running with faked system time: "));
637 gnupg_get_isotime (tbuf);
638 dump_isotime (tbuf);
639 log_printf ("\n");
640 }
641
642 /* Print any pending secure memory warnings. */
643 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
644
645 /* Setup the debug flags for all subsystems. */
646 set_debug ();
647
648 /* Install a regular exit handler to make real sure that the secure
649 memory gets wiped out. */
650 if (atexit (emergency_cleanup))
651 {
652 log_error ("atexit failed\n");
653 g13_exit (2);
654 }
655
656 /* Terminate if we found any error until now. */
657 if (log_get_errorcount(0))
658 g13_exit (2);
659
660 /* Set the standard GnuPG random seed file. */
661 if (use_random_seed)
662 {
663 char *p = make_filename (opt.homedir, "random_seed", NULL);
664 gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
665 xfree(p);
666 }
667
668 /* Store given filename into FNAME. */
669 fname = argc? *argv : NULL;
670
671 /* Parse all given encryption keys. This does a lookup of the keys
672 and stops if any of the given keys was not found. */
673 if (!nokeysetup)
674 {
675 strlist_t sl;
676 int failed = 0;
677
678 for (sl = recipients; sl; sl = sl->next)
679 if (add_encryption_key (&ctrl, sl->d, NULL /* FIXME*/, 0))
680 failed = 1;
681 if (failed)
682 g13_exit (1);
683 }
684
685 /* Dispatch command. */
686 switch (cmd)
687 {
688 case aGPGConfList:
689 { /* List options and default values in the GPG Conf format. */
690 char *config_filename_esc = percent_escape (opt.config_filename, NULL);
691
692 printf ("gpgconf-g13.conf:%lu:\"%s\n",
693 GC_OPT_FLAG_DEFAULT, config_filename_esc);
694 xfree (config_filename_esc);
695
696 printf ("verbose:%lu:\n", GC_OPT_FLAG_NONE);
697 printf ("quiet:%lu:\n", GC_OPT_FLAG_NONE);
698 printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
699 printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
700 }
701 break;
702 case aGPGConfTest:
703 /* This is merely a dummy command to test whether the
704 configuration file is valid. */
705 break;
706
707 case aServer:
708 {
709 start_idle_task ();
710 err = g13_server (&ctrl);
711 if (err)
712 log_error ("server exited with error: %s <%s>\n",
713 gpg_strerror (err), gpg_strsource (err));
714 else
715 shutdown_pending++;
716 }
717 break;
718
719 case aCreate: /* Create a new container. */
720 {
721 if (argc != 1)
722 wrong_args ("--create filename");
723 start_idle_task ();
724 err = g13_create_container (&ctrl, argv[0]);
725 if (err)
726 log_error ("error creating a new container: %s <%s>\n",
727 gpg_strerror (err), gpg_strsource (err));
728 else
729 shutdown_pending++;
730 }
731 break;
732
733 case aMount: /* Mount a container. */
734 {
735 if (argc != 1 && argc != 2 )
736 wrong_args ("--mount filename [mountpoint]");
737 start_idle_task ();
738 err = g13_mount_container (&ctrl, argv[0], argc == 2?argv[1]:NULL);
739 if (err)
740 log_error ("error mounting container `%s': %s <%s>\n",
741 *argv, gpg_strerror (err), gpg_strsource (err));
742 }
743 break;
744
745 default:
746 log_error (_("invalid command (there is no implicit command)\n"));
747 break;
748 }
749
750 if (!err)
751 join_idle_task ();
752
753 /* Print the audit result if needed. */
754 if (auditlog && auditfp)
755 {
756 /* audit_print_result (ctrl.audit, auditfp, 0); */
757 /* audit_release (ctrl.audit); */
758 ctrl.audit = NULL;
759 es_fclose (auditfp);
760 }
761
762 /* Cleanup. */
763 g13_exit (0);
764 return 8; /*NOTREACHED*/
765 }
766
767
768 /* Note: This function is used by signal handlers!. */
769 static void
770 emergency_cleanup (void)
771 {
772 gcry_control (GCRYCTL_TERM_SECMEM );
773 }
774
775
776 void
777 g13_exit (int rc)
778 {
779 gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
780 if (opt.debug & DBG_MEMSTAT_VALUE)
781 {
782 gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
783 gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
784 }
785 if (opt.debug)
786 gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
787 emergency_cleanup ();
788 rc = rc? rc : log_get_errorcount(0)? 2 : g13_errors_seen? 1 : 0;
789 exit (rc);
790 }
791
792
793 /* Store defaults into the per-connection CTRL object. */
794 void
795 g13_init_default_ctrl (struct server_control_s *ctrl)
796 {
797 ctrl->conttype = CONTTYPE_ENCFS;
798 }
799
800
801 /* This function is called for each signal we catch. It is run in the
802 main context or the one of a Pth thread and thus it is not
803 restricted in what it may do. */
804 static void
805 handle_signal (int signo)
806 {
807 switch (signo)
808 {
809 #ifndef HAVE_W32_SYSTEM
810 case SIGHUP:
811 log_info ("SIGHUP received - re-reading configuration\n");
812 /* Fixme: Not yet implemented. */
813 break;
814
815 case SIGUSR1:
816 log_info ("SIGUSR1 received - printing internal information:\n");
817 pth_ctrl (PTH_CTRL_DUMPSTATE, log_get_stream ());
818 mountinfo_dump_all ();
819 break;
820
821 case SIGUSR2:
822 log_info ("SIGUSR2 received - no action defined\n");
823 break;
824
825 case SIGTERM:
826 if (!shutdown_pending)
827 log_info ("SIGTERM received - shutting down ...\n");
828 else
829 log_info ("SIGTERM received - still %u runners active\n",
830 runner_get_threads ());
831 shutdown_pending++;
832 if (shutdown_pending > 2)
833 {
834 log_info ("shutdown forced\n");
835 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
836 g13_exit (0);
837 }
838 break;
839
840 case SIGINT:
841 log_info ("SIGINT received - immediate shutdown\n");
842 log_info( "%s %s stopped\n", strusage(11), strusage(13));
843 g13_exit (0);
844 break;
845 #endif /*!HAVE_W32_SYSTEM*/
846
847 default:
848 log_info ("signal %d received - no action defined\n", signo);
849 }
850 }
851
852
853 /* This ticker function is called about every TIMERTICK_INTERVAL_SEC
854 seconds. */
855 static void
856 handle_tick (void)
857 {
858 /* log_debug ("TICK\n"); */
859 }
860
861
862 /* The idle task. We use a separate thread to do idle stuff and to
863 catch signals. */
864 static void *
865 idle_task (void *dummy_arg)
866 {
867 sigset_t sigs; /* The set of signals we want to catch. */
868 pth_event_t ev; /* The main event to catch signals. */
869 pth_event_t time_ev; /* The time event. */
870 int signo; /* The number of a raised signal is stored here. */
871
872 (void)dummy_arg;
873
874 /* Create the event to catch the signals. */
875 #ifndef HAVE_W32_SYSTEM
876 sigemptyset (&sigs );
877 sigaddset (&sigs, SIGHUP);
878 sigaddset (&sigs, SIGUSR1);
879 sigaddset (&sigs, SIGUSR2);
880 sigaddset (&sigs, SIGINT);
881 sigaddset (&sigs, SIGTERM);
882 pth_sigmask (SIG_UNBLOCK, &sigs, NULL);
883 #else
884 sigs = 0;
885 #endif
886 ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
887
888 /* The time event neds to computed n tghe fly. */
889 time_ev = NULL;
890
891 for (;;)
892 {
893 /* The shutdown flag allows us to terminate the idle task. */
894 if (shutdown_pending)
895 {
896 runner_cancel_all ();
897
898 if (!runner_get_threads ())
899 break; /* ready */
900 }
901
902 /* Create a timeout event if needed. To help with power saving
903 we syncronize the ticks to the next full second. */
904 if (!time_ev)
905 {
906 pth_time_t nexttick;
907
908 nexttick = pth_timeout (TIMERTICK_INTERVAL_SEC, 0);
909 if (nexttick.tv_usec > 10) /* Use a 10 usec threshhold. */
910 {
911 nexttick.tv_sec++;
912 nexttick.tv_usec = 0;
913 }
914 time_ev = pth_event (PTH_EVENT_TIME, nexttick);
915 }
916
917 pth_event_concat (ev, time_ev, NULL);
918 pth_wait (ev);
919 pth_event_isolate (time_ev);
920
921 if (pth_event_occurred (ev))
922 {
923 handle_signal (signo);
924 }
925
926 if (time_ev && pth_event_occurred (time_ev))
927 {
928 pth_event_free (time_ev, PTH_FREE_ALL);
929 time_ev = NULL;
930 handle_tick ();
931 }
932 }
933
934 pth_event_free (ev, PTH_FREE_ALL);
935 if (time_ev)
936 pth_event_free (time_ev, PTH_FREE_ALL);
937 log_info (_("%s %s stopped\n"), strusage(11), strusage(13));
938 return NULL;
939 }
940
941
942 /* Start the idle task. */
943 static void
944 start_idle_task (void)
945 {
946 pth_attr_t tattr;
947 pth_t tid;
948
949 tattr = pth_attr_new ();
950 pth_attr_set (tattr, PTH_ATTR_JOINABLE, 1);
951 pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 64*1024);
952 pth_attr_set (tattr, PTH_ATTR_NAME, "idle-task");
953
954 tid = pth_spawn (tattr, idle_task, NULL);
955 if (!tid)
956 {
957 log_fatal ("error starting idle task: %s\n",
958 gpg_strerror (gpg_error_from_syserror ()));
959 return; /*NOTREACHED*/
960 }
961 idle_task_tid = tid;
962 pth_attr_destroy (tattr);
963 }
964
965
966 /* Wait for the idle task to finish. */
967 static void
968 join_idle_task (void)
969 {
970 if (idle_task_tid)
971 {
972 if (!pth_join (idle_task_tid, NULL))
973 log_error ("waiting for idle task thread failed: %s\n",
974 gpg_strerror (gpg_error_from_syserror ()));
975 }
976 }
977
gnupg svn clone