search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Avoid catch-22 with README.main not being distributed but having the
[gnupg.git] / scd / scdaemon.c
blob175729a03f26e535475a7ca80afc0fc5080e8b45
1 /* scdaemon.c - The GnuPG Smartcard Daemon
2 * Copyright (C) 2001, 2002, 2004, 2005,
3 * 2007, 2008, 2009 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <stddef.h>
26 #include <stdarg.h>
27 #include <string.h>
28 #include <errno.h>
29 #include <assert.h>
30 #include <time.h>
31 #include <fcntl.h>
32 #ifndef HAVE_W32_SYSTEM
33 #include <sys/socket.h>
34 #include <sys/un.h>
35 #endif /*HAVE_W32_SYSTEM*/
36 #include <unistd.h>
37 #include <signal.h>
38 #include <pth.h>
39
40 #define JNLIB_NEED_LOG_LOGV
41 #define JNLIB_NEED_AFLOCAL
42 #include "scdaemon.h"
43 #include <ksba.h>
44 #include <gcrypt.h>
45
46 #include <assuan.h> /* malloc hooks */
47
48 #include "i18n.h"
49 #include "sysutils.h"
50 #include "app-common.h"
51 #include "apdu.h"
52 #include "ccid-driver.h"
53 #include "mkdtemp.h"
54 #include "gc-opt-flags.h"
55
56
57 enum cmd_and_opt_values
58 { aNull = 0,
59 oCsh = 'c',
60 oQuiet = 'q',
61 oSh = 's',
62 oVerbose = 'v',
63
64 oNoVerbose = 500,
65 aGPGConfList,
66 aGPGConfTest,
67 oOptions,
68 oDebug,
69 oDebugAll,
70 oDebugLevel,
71 oDebugWait,
72 oDebugAllowCoreDump,
73 oDebugCCIDDriver,
74 oDebugLogTid,
75 oNoGreeting,
76 oNoOptions,
77 oHomedir,
78 oNoDetach,
79 oNoGrab,
80 oLogFile,
81 oServer,
82 oMultiServer,
83 oDaemon,
84 oBatch,
85 oReaderPort,
86 oCardTimeout,
87 octapiDriver,
88 opcscDriver,
89 oDisableCCID,
90 oDisableOpenSC,
91 oDisableKeypad,
92 oAllowAdmin,
93 oDenyAdmin,
94 oDisableApplication,
95 oDebugDisableTicker
96 };
97
98
99
100 static ARGPARSE_OPTS opts[] = {
101 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
102 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
103
104 ARGPARSE_group (301, N_("@Options:\n ")),
105
106 ARGPARSE_s_n (oServer,"server", N_("run in server mode (foreground)")),
107 ARGPARSE_s_n (oMultiServer, "multi-server",
108 N_("run in multi server mode (foreground)")),
109 ARGPARSE_s_n (oDaemon, "daemon", N_("run in daemon mode (background)")),
110 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
111 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
112 ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
113 ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
114 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
115 ARGPARSE_p_u (oDebug, "debug", "@"),
116 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
117 ARGPARSE_s_s (oDebugLevel, "debug-level" ,
118 N_("|LEVEL|set the debugging level to LEVEL")),
119 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
120 ARGPARSE_s_n (oDebugAllowCoreDump, "debug-allow-core-dump", "@"),
121 ARGPARSE_s_n (oDebugCCIDDriver, "debug-ccid-driver", "@"),
122 ARGPARSE_s_n (oDebugDisableTicker, "debug-disable-ticker", "@"),
123 ARGPARSE_s_n (oDebugLogTid, "debug-log-tid", "@"),
124 ARGPARSE_s_n (oNoDetach, "no-detach", N_("do not detach from the console")),
125 ARGPARSE_s_s (oLogFile, "log-file", N_("|FILE|write a log to FILE")),
126 ARGPARSE_s_s (oReaderPort, "reader-port",
127 N_("|N|connect to reader at port N")),
128 ARGPARSE_s_s (octapiDriver, "ctapi-driver",
129 N_("|NAME|use NAME as ct-API driver")),
130 ARGPARSE_s_s (opcscDriver, "pcsc-driver",
131 N_("|NAME|use NAME as PC/SC driver")),
132 ARGPARSE_s_n (oDisableCCID, "disable-ccid",
133 #ifdef HAVE_LIBUSB
134 N_("do not use the internal CCID driver")
135 #else
136 "@"
137 #endif
138 /* end --disable-ccid */),
139 ARGPARSE_s_u (oCardTimeout, "card-timeout",
140 N_("|N|disconnect the card after N seconds of inactivity")),
141 ARGPARSE_s_n (oDisableKeypad, "disable-keypad",
142 N_("do not use a reader's keypad")),
143 ARGPARSE_s_n (oAllowAdmin, "allow-admin", "@"),
144 ARGPARSE_s_n (oDenyAdmin, "deny-admin",
145 N_("deny the use of admin card commands")),
146 ARGPARSE_s_s (oDisableApplication, "disable-application", "@"),
147
148 ARGPARSE_end ()
149 };
150
151
152 /* The card driver we use by default for PC/SC. */
153 #if defined(HAVE_W32_SYSTEM) || defined(__CYGWIN__)
154 #define DEFAULT_PCSC_DRIVER "winscard.dll"
155 #elif defined(__APPLE__)
156 #define DEFAULT_PCSC_DRIVER "/System/Library/Frameworks/PCSC.framework/PCSC"
157 #elif defined(__GLIBC__)
158 #define DEFAULT_PCSC_DRIVER "libpcsclite.so.1"
159 #else
160 #define DEFAULT_PCSC_DRIVER "libpcsclite.so"
161 #endif
162
163 /* The timer tick used for housekeeping stuff. We poll every 500ms to
164 let the user immediately know a status change.
165
166 This is not too good for power saving but given that there is no
167 easy way to block on card status changes it is the best we can do.
168 For PC/SC we could in theory use an extra thread to wait for status
169 changes but that requires a native thread because there is no way
170 to make the underlying PC/SC card change function block using a Pth
171 mechanism. Given that a native thread could only be used under W32
172 we don't do that at all. */
173 #define TIMERTICK_INTERVAL_SEC (0)
174 #define TIMERTICK_INTERVAL_USEC (500000)
175
176 /* Flag to indicate that a shutdown was requested. */
177 static int shutdown_pending;
178
179 /* It is possible that we are currently running under setuid permissions */
180 static int maybe_setuid = 1;
181
182 /* Flag telling whether we are running as a pipe server. */
183 static int pipe_server;
184
185 /* Name of the communication socket */
186 static char *socket_name;
187
188 /* We need to keep track of the server's nonces (these are dummies for
189 POSIX systems). */
190 static assuan_sock_nonce_t socket_nonce;
191
192 /* Debug flag to disable the ticker. The ticker is in fact not
193 disabled but it won't perform any ticker specific actions. */
194 static int ticker_disabled;
195
196
197 \f
198 static char *create_socket_name (int use_standard_socket,
199 char *standard_name, char *template);
200 static gnupg_fd_t create_server_socket (int is_standard_name, const char *name,
201 assuan_sock_nonce_t *nonce);
202
203 static void *start_connection_thread (void *arg);
204 static void handle_connections (int listen_fd);
205
206 /* Pth wrapper function definitions. */
207 GCRY_THREAD_OPTION_PTH_IMPL;
208 static int fixed_gcry_pth_init (void)
209 {
210 return pth_self ()? 0 : (pth_init () == FALSE) ? errno : 0;
211 }
212
213
214 \f
215 static char *
216 make_libversion (const char *libname, const char *(*getfnc)(const char*))
217 {
218 const char *s;
219 char *result;
220
221 if (maybe_setuid)
222 {
223 gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
224 maybe_setuid = 0;
225 }
226 s = getfnc (NULL);
227 result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
228 strcpy (stpcpy (stpcpy (result, libname), " "), s);
229 return result;
230 }
231
232
233 static const char *
234 my_strusage (int level)
235 {
236 static char *ver_gcry, *ver_ksba;
237 const char *p;
238
239 switch (level)
240 {
241 case 11: p = "scdaemon (GnuPG)";
242 break;
243 case 13: p = VERSION; break;
244 case 17: p = PRINTABLE_OS_NAME; break;
245 case 19: p = _("Please report bugs to <@EMAIL@>.\n"); break;
246
247 case 20:
248 if (!ver_gcry)
249 ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
250 p = ver_gcry;
251 break;
252 case 21:
253 if (!ver_ksba)
254 ver_ksba = make_libversion ("libksba", ksba_check_version);
255 p = ver_ksba;
256 break;
257 case 1:
258 case 40: p = _("Usage: scdaemon [options] (-h for help)");
259 break;
260 case 41: p = _("Syntax: scdaemon [options] [command [args]]\n"
261 "Smartcard daemon for GnuPG\n");
262 break;
263
264 default: p = NULL;
265 }
266 return p;
267 }
268
269
270 static unsigned long
271 tid_log_callback (void)
272 {
273 #ifdef PTH_HAVE_PTH_THREAD_ID
274 return pth_thread_id ();
275 #else
276 return (unsigned long)pth_self ();
277 #endif
278 }
279
280
281
282
283
284 /* Setup the debugging. With a LEVEL of NULL only the active debug
285 flags are propagated to the subsystems. With LEVEL set, a specific
286 set of debug flags is set; thus overriding all flags already
287 set. */
288 static void
289 set_debug (const char *level)
290 {
291 if (!level)
292 ;
293 else if (!strcmp (level, "none"))
294 opt.debug = 0;
295 else if (!strcmp (level, "basic"))
296 opt.debug = DBG_ASSUAN_VALUE;
297 else if (!strcmp (level, "advanced"))
298 opt.debug = DBG_ASSUAN_VALUE|DBG_COMMAND_VALUE;
299 else if (!strcmp (level, "expert"))
300 opt.debug = (DBG_ASSUAN_VALUE|DBG_COMMAND_VALUE
301 |DBG_CACHE_VALUE|DBG_CARD_IO_VALUE);
302 else if (!strcmp (level, "guru"))
303 opt.debug = ~0;
304 else
305 {
306 log_error (_("invalid debug-level `%s' given\n"), level);
307 scd_exit(2);
308 }
309
310
311 if (opt.debug && !opt.verbose)
312 opt.verbose = 1;
313 if (opt.debug && opt.quiet)
314 opt.quiet = 0;
315
316 if (opt.debug & DBG_MPI_VALUE)
317 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
318 if (opt.debug & DBG_CRYPTO_VALUE )
319 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
320 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
321 }
322
323
324
325 static void
326 cleanup (void)
327 {
328 if (socket_name && *socket_name)
329 {
330 char *p;
331
332 remove (socket_name);
333 p = strrchr (socket_name, '/');
334 if (p)
335 {
336 *p = 0;
337 rmdir (socket_name);
338 *p = '/';
339 }
340 *socket_name = 0;
341 }
342 }
343
344
345
346 int
347 main (int argc, char **argv )
348 {
349 ARGPARSE_ARGS pargs;
350 int orig_argc;
351 gpg_error_t err;
352 int may_coredump;
353 char **orig_argv;
354 FILE *configfp = NULL;
355 char *configname = NULL;
356 const char *shell;
357 unsigned int configlineno;
358 int parse_debug = 0;
359 const char *debug_level = NULL;
360 int default_config =1;
361 int greeting = 0;
362 int nogreeting = 0;
363 int multi_server = 0;
364 int is_daemon = 0;
365 int nodetach = 0;
366 int csh_style = 0;
367 char *logfile = NULL;
368 int debug_wait = 0;
369 int gpgconf_list = 0;
370 const char *config_filename = NULL;
371 int allow_coredump = 0;
372 int standard_socket = 0;
373
374 set_strusage (my_strusage);
375 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
376 /* Please note that we may running SUID(ROOT), so be very CAREFUL
377 when adding any stuff between here and the call to INIT_SECMEM()
378 somewhere after the option parsing */
379 log_set_prefix ("scdaemon", 1|4);
380
381 /* Make sure that our subsystems are ready. */
382 i18n_init ();
383 init_common_subsystems ();
384
385
386 /* Libgcrypt requires us to register the threading model first.
387 Note that this will also do the pth_init. */
388 gcry_threads_pth.init = fixed_gcry_pth_init;
389 err = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth);
390 if (err)
391 {
392 log_fatal ("can't register GNU Pth with Libgcrypt: %s\n",
393 gpg_strerror (err));
394 }
395
396 /* Check that the libraries are suitable. Do it here because
397 the option parsing may need services of the library */
398 if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
399 {
400 log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
401 NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
402 }
403
404 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
405
406 assuan_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
407 assuan_set_assuan_log_stream (log_get_stream ());
408 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
409 assuan_set_assuan_err_source (GPG_ERR_SOURCE_DEFAULT);
410
411 setup_libgcrypt_logging ();
412 gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
413
414 may_coredump = disable_core_dumps ();
415
416 /* Set default options. */
417 opt.allow_admin = 1;
418 opt.pcsc_driver = DEFAULT_PCSC_DRIVER;
419
420 #ifdef HAVE_W32_SYSTEM
421 standard_socket = 1; /* Under Windows we always use a standard
422 socket. */
423 #endif
424
425
426 shell = getenv ("SHELL");
427 if (shell && strlen (shell) >= 3 && !strcmp (shell+strlen (shell)-3, "csh") )
428 csh_style = 1;
429
430 opt.homedir = default_homedir ();
431
432 /* Check whether we have a config file on the commandline */
433 orig_argc = argc;
434 orig_argv = argv;
435 pargs.argc = &argc;
436 pargs.argv = &argv;
437 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
438 while (arg_parse( &pargs, opts))
439 {
440 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
441 parse_debug++;
442 else if (pargs.r_opt == oOptions)
443 { /* yes there is one, so we do not try the default one, but
444 read the option file when it is encountered at the
445 commandline */
446 default_config = 0;
447 }
448 else if (pargs.r_opt == oNoOptions)
449 default_config = 0; /* --no-options */
450 else if (pargs.r_opt == oHomedir)
451 opt.homedir = pargs.r.ret_str;
452 }
453
454 /* initialize the secure memory. */
455 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
456 maybe_setuid = 0;
457
458 /*
459 Now we are working under our real uid
460 */
461
462
463 if (default_config)
464 configname = make_filename (opt.homedir, "scdaemon.conf", NULL );
465
466
467 argc = orig_argc;
468 argv = orig_argv;
469 pargs.argc = &argc;
470 pargs.argv = &argv;
471 pargs.flags= 1; /* do not remove the args */
472 next_pass:
473 if (configname)
474 {
475 configlineno = 0;
476 configfp = fopen (configname, "r");
477 if (!configfp)
478 {
479 if (default_config)
480 {
481 if( parse_debug )
482 log_info (_("NOTE: no default option file `%s'\n"),
483 configname );
484 }
485 else
486 {
487 log_error (_("option file `%s': %s\n"),
488 configname, strerror(errno) );
489 exit(2);
490 }
491 xfree (configname);
492 configname = NULL;
493 }
494 if (parse_debug && configname )
495 log_info (_("reading options from `%s'\n"), configname );
496 default_config = 0;
497 }
498
499 while (optfile_parse( configfp, configname, &configlineno, &pargs, opts) )
500 {
501 switch (pargs.r_opt)
502 {
503 case aGPGConfList: gpgconf_list = 1; break;
504 case aGPGConfTest: gpgconf_list = 2; break;
505 case oQuiet: opt.quiet = 1; break;
506 case oVerbose: opt.verbose++; break;
507 case oBatch: opt.batch=1; break;
508
509 case oDebug: opt.debug |= pargs.r.ret_ulong; break;
510 case oDebugAll: opt.debug = ~0; break;
511 case oDebugLevel: debug_level = pargs.r.ret_str; break;
512 case oDebugWait: debug_wait = pargs.r.ret_int; break;
513 case oDebugAllowCoreDump:
514 enable_core_dumps ();
515 allow_coredump = 1;
516 break;
517 case oDebugCCIDDriver:
518 #ifdef HAVE_LIBUSB
519 ccid_set_debug_level (ccid_set_debug_level (-1)+1);
520 #endif /*HAVE_LIBUSB*/
521 break;
522 case oDebugDisableTicker: ticker_disabled = 1; break;
523 case oDebugLogTid:
524 log_set_get_tid_callback (tid_log_callback);
525 break;
526
527 case oOptions:
528 /* config files may not be nested (silently ignore them) */
529 if (!configfp)
530 {
531 xfree(configname);
532 configname = xstrdup(pargs.r.ret_str);
533 goto next_pass;
534 }
535 break;
536 case oNoGreeting: nogreeting = 1; break;
537 case oNoVerbose: opt.verbose = 0; break;
538 case oNoOptions: break; /* no-options */
539 case oHomedir: opt.homedir = pargs.r.ret_str; break;
540 case oNoDetach: nodetach = 1; break;
541 case oLogFile: logfile = pargs.r.ret_str; break;
542 case oCsh: csh_style = 1; break;
543 case oSh: csh_style = 0; break;
544 case oServer: pipe_server = 1; break;
545 case oMultiServer: pipe_server = 1; multi_server = 1; break;
546 case oDaemon: is_daemon = 1; break;
547
548 case oReaderPort: opt.reader_port = pargs.r.ret_str; break;
549 case octapiDriver: opt.ctapi_driver = pargs.r.ret_str; break;
550 case opcscDriver: opt.pcsc_driver = pargs.r.ret_str; break;
551 case oDisableCCID: opt.disable_ccid = 1; break;
552 case oDisableOpenSC: break;
553
554 case oDisableKeypad: opt.disable_keypad = 1; break;
555
556 case oAllowAdmin: /* Dummy because allow is now the default. */
557 break;
558 case oDenyAdmin: opt.allow_admin = 0; break;
559
560 case oCardTimeout: opt.card_timeout = pargs.r.ret_ulong; break;
561
562 case oDisableApplication:
563 add_to_strlist (&opt.disabled_applications, pargs.r.ret_str);
564 break;
565
566 default:
567 pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
568 break;
569 }
570 }
571 if (configfp)
572 {
573 fclose( configfp );
574 configfp = NULL;
575 /* Keep a copy of the config name for use by --gpgconf-list. */
576 config_filename = configname;
577 configname = NULL;
578 goto next_pass;
579 }
580 xfree (configname);
581 configname = NULL;
582 if (log_get_errorcount(0))
583 exit(2);
584 if (nogreeting )
585 greeting = 0;
586
587 if (greeting)
588 {
589 fprintf (stderr, "%s %s; %s\n",
590 strusage(11), strusage(13), strusage(14) );
591 fprintf (stderr, "%s\n", strusage(15) );
592 }
593 #ifdef IS_DEVELOPMENT_VERSION
594 log_info ("NOTE: this is a development version!\n");
595 #endif
596
597
598 if (atexit (cleanup))
599 {
600 log_error ("atexit failed\n");
601 cleanup ();
602 exit (1);
603 }
604
605 set_debug (debug_level);
606
607 initialize_module_command ();
608
609 if (gpgconf_list == 2)
610 scd_exit (0);
611 if (gpgconf_list)
612 {
613 /* List options and default values in the GPG Conf format. */
614 char *filename = NULL;
615 char *filename_esc;
616
617 if (config_filename)
618 filename = xstrdup (config_filename);
619 else
620 filename = make_filename (opt.homedir, "scdaemon.conf", NULL);
621 filename_esc = percent_escape (filename, NULL);
622
623 printf ("gpgconf-scdaemon.conf:%lu:\"%s\n",
624 GC_OPT_FLAG_DEFAULT, filename_esc);
625 xfree (filename_esc);
626 xfree (filename);
627
628 printf ("verbose:%lu:\n"
629 "quiet:%lu:\n"
630 "debug-level:%lu:\"none:\n"
631 "log-file:%lu:\n",
632 GC_OPT_FLAG_NONE,
633 GC_OPT_FLAG_NONE,
634 GC_OPT_FLAG_DEFAULT,
635 GC_OPT_FLAG_NONE );
636
637 printf ("reader-port:%lu:\n", GC_OPT_FLAG_NONE );
638 printf ("ctapi-driver:%lu:\n", GC_OPT_FLAG_NONE );
639 printf ("pcsc-driver:%lu:\"%s:\n",
640 GC_OPT_FLAG_DEFAULT, DEFAULT_PCSC_DRIVER );
641 #ifdef HAVE_LIBUSB
642 printf ("disable-ccid:%lu:\n", GC_OPT_FLAG_NONE );
643 #endif
644 printf ("deny-admin:%lu:\n", GC_OPT_FLAG_NONE );
645 printf ("disable-keypad:%lu:\n", GC_OPT_FLAG_NONE );
646 printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0);
647
648 scd_exit (0);
649 }
650
651 /* Now start with logging to a file if this is desired. */
652 if (logfile)
653 {
654 log_set_file (logfile);
655 log_set_prefix (NULL, 1|2|4);
656 }
657
658 if (debug_wait && pipe_server)
659 {
660 log_debug ("waiting for debugger - my pid is %u .....\n",
661 (unsigned int)getpid());
662 gnupg_sleep (debug_wait);
663 log_debug ("... okay\n");
664 }
665
666 if (pipe_server)
667 {
668 /* This is the simple pipe based server */
669 ctrl_t ctrl;
670 pth_attr_t tattr;
671 int fd = -1;
672
673 #ifndef HAVE_W32_SYSTEM
674 {
675 struct sigaction sa;
676
677 sa.sa_handler = SIG_IGN;
678 sigemptyset (&sa.sa_mask);
679 sa.sa_flags = 0;
680 sigaction (SIGPIPE, &sa, NULL);
681 }
682 #endif
683
684 /* If --debug-allow-core-dump has been given we also need to
685 switch the working directory to a place where we can actually
686 write. */
687 if (allow_coredump)
688 {
689 if (chdir("/tmp"))
690 log_debug ("chdir to `/tmp' failed: %s\n", strerror (errno));
691 else
692 log_debug ("changed working directory to `/tmp'\n");
693 }
694
695 /* In multi server mode we need to listen on an additional
696 socket. Create that socket now before starting the handler
697 for the pipe connection. This allows that handler to send
698 back the name of that socket. */
699 if (multi_server)
700 {
701 socket_name = create_socket_name (standard_socket,
702 "S.scdaemon",
703 "/tmp/gpg-XXXXXX/S.scdaemon");
704
705 fd = FD2INT(create_server_socket (standard_socket,
706 socket_name, &socket_nonce));
707 }
708
709 tattr = pth_attr_new();
710 pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
711 pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 512*1024);
712 pth_attr_set (tattr, PTH_ATTR_NAME, "pipe-connection");
713
714 ctrl = xtrycalloc (1, sizeof *ctrl);
715 if ( !ctrl )
716 {
717 log_error ("error allocating connection control data: %s\n",
718 strerror (errno) );
719 scd_exit (2);
720 }
721 ctrl->thread_startup.fd = GNUPG_INVALID_FD;
722 if ( !pth_spawn (tattr, start_connection_thread, ctrl) )
723 {
724 log_error ("error spawning pipe connection handler: %s\n",
725 strerror (errno) );
726 xfree (ctrl);
727 scd_exit (2);
728 }
729
730 /* We run handle_connection to wait for the shutdown signal and
731 to run the ticker stuff. */
732 handle_connections (fd);
733 if (fd != -1)
734 close (fd);
735 }
736 else if (!is_daemon)
737 {
738 log_info (_("please use the option `--daemon'"
739 " to run the program in the background\n"));
740 }
741 else
742 { /* Regular server mode */
743 int fd;
744 #ifndef HAVE_W32_SYSTEM
745 pid_t pid;
746 int i;
747 #endif
748
749 /* Create the socket. */
750 socket_name = create_socket_name (standard_socket,
751 "S.scdaemon",
752 "/tmp/gpg-XXXXXX/S.scdaemon");
753
754 fd = FD2INT (create_server_socket (standard_socket,
755 socket_name, &socket_nonce));
756
757
758 fflush (NULL);
759 #ifndef HAVE_W32_SYSTEM
760 pid = fork ();
761 if (pid == (pid_t)-1)
762 {
763 log_fatal ("fork failed: %s\n", strerror (errno) );
764 exit (1);
765 }
766 else if (pid)
767 { /* we are the parent */
768 char *infostr;
769
770 close (fd);
771
772 /* create the info string: <name>:<pid>:<protocol_version> */
773 if (estream_asprintf (&infostr, "SCDAEMON_INFO=%s:%lu:1",
774 socket_name, (ulong) pid) < 0)
775 {
776 log_error ("out of core\n");
777 kill (pid, SIGTERM);
778 exit (1);
779 }
780 *socket_name = 0; /* don't let cleanup() remove the socket -
781 the child should do this from now on */
782 if (argc)
783 { /* run the program given on the commandline */
784 if (putenv (infostr))
785 {
786 log_error ("failed to set environment: %s\n",
787 strerror (errno) );
788 kill (pid, SIGTERM );
789 exit (1);
790 }
791 execvp (argv[0], argv);
792 log_error ("failed to run the command: %s\n", strerror (errno));
793 kill (pid, SIGTERM);
794 exit (1);
795 }
796 else
797 {
798 /* Print the environment string, so that the caller can use
799 shell's eval to set it */
800 if (csh_style)
801 {
802 *strchr (infostr, '=') = ' ';
803 printf ( "setenv %s\n", infostr);
804 }
805 else
806 {
807 printf ( "%s; export SCDAEMON_INFO;\n", infostr);
808 }
809 xfree (infostr);
810 exit (0);
811 }
812 /* NOTREACHED */
813 } /* end parent */
814
815 /* This is the child. */
816
817 /* Detach from tty and put process into a new session. */
818 if (!nodetach )
819 {
820 /* Close stdin, stdout and stderr unless it is the log stream. */
821 for (i=0; i <= 2; i++)
822 {
823 if ( log_test_fd (i) && i != fd)
824 close (i);
825 }
826 if (setsid() == -1)
827 {
828 log_error ("setsid() failed: %s\n", strerror(errno) );
829 cleanup ();
830 exit (1);
831 }
832 }
833
834 {
835 struct sigaction sa;
836
837 sa.sa_handler = SIG_IGN;
838 sigemptyset (&sa.sa_mask);
839 sa.sa_flags = 0;
840 sigaction (SIGPIPE, &sa, NULL);
841 }
842
843 if (chdir("/"))
844 {
845 log_error ("chdir to / failed: %s\n", strerror (errno));
846 exit (1);
847 }
848
849 #endif /*!HAVE_W32_SYSTEM*/
850
851 handle_connections (fd);
852
853 close (fd);
854 }
855
856 return 0;
857 }
858
859 void
860 scd_exit (int rc)
861 {
862 apdu_prepare_exit ();
863 #if 0
864 #warning no update_random_seed_file
865 update_random_seed_file();
866 #endif
867 #if 0
868 /* at this time a bit annoying */
869 if (opt.debug & DBG_MEMSTAT_VALUE)
870 {
871 gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
872 gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
873 }
874 if (opt.debug)
875 gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
876 #endif
877 gcry_control (GCRYCTL_TERM_SECMEM );
878 rc = rc? rc : log_get_errorcount(0)? 2 : 0;
879 exit (rc);
880 }
881
882
883 static void
884 scd_init_default_ctrl (ctrl_t ctrl)
885 {
886 ctrl->reader_slot = -1;
887 }
888
889 static void
890 scd_deinit_default_ctrl (ctrl_t ctrl)
891 {
892 (void)ctrl;
893 }
894
895
896 /* Return the name of the socket to be used to connect to this
897 process. If no socket is available, return NULL. */
898 const char *
899 scd_get_socket_name ()
900 {
901 if (socket_name && *socket_name)
902 return socket_name;
903 return NULL;
904 }
905
906
907 static void
908 handle_signal (int signo)
909 {
910 switch (signo)
911 {
912 #ifndef HAVE_W32_SYSTEM
913 case SIGHUP:
914 log_info ("SIGHUP received - "
915 "re-reading configuration and resetting cards\n");
916 /* reread_configuration (); */
917 break;
918
919 case SIGUSR1:
920 log_info ("SIGUSR1 received - printing internal information:\n");
921 pth_ctrl (PTH_CTRL_DUMPSTATE, log_get_stream ());
922 app_dump_state ();
923 break;
924
925 case SIGUSR2:
926 log_info ("SIGUSR2 received - no action defined\n");
927 break;
928
929 case SIGTERM:
930 if (!shutdown_pending)
931 log_info ("SIGTERM received - shutting down ...\n");
932 else
933 log_info ("SIGTERM received - still %ld running threads\n",
934 pth_ctrl( PTH_CTRL_GETTHREADS ));
935 shutdown_pending++;
936 if (shutdown_pending > 2)
937 {
938 log_info ("shutdown forced\n");
939 log_info ("%s %s stopped\n", strusage(11), strusage(13) );
940 cleanup ();
941 scd_exit (0);
942 }
943 break;
944
945 case SIGINT:
946 log_info ("SIGINT received - immediate shutdown\n");
947 log_info( "%s %s stopped\n", strusage(11), strusage(13));
948 cleanup ();
949 scd_exit (0);
950 break;
951 #endif /*!HAVE_W32_SYSTEM*/
952
953 default:
954 log_info ("signal %d received - no action defined\n", signo);
955 }
956 }
957
958
959 static void
960 handle_tick (void)
961 {
962 if (!ticker_disabled)
963 scd_update_reader_status_file ();
964 }
965
966
967 /* Create a name for the socket. With USE_STANDARD_SOCKET given as
968 true using STANDARD_NAME in the home directory or if given has
969 false from the mkdir type name TEMPLATE. In the latter case a
970 unique name in a unique new directory will be created. In both
971 cases check for valid characters as well as against a maximum
972 allowed length for a unix domain socket is done. The function
973 terminates the process in case of an error. Retunrs: Pointer to an
974 allcoated string with the absolute name of the socket used. */
975 static char *
976 create_socket_name (int use_standard_socket,
977 char *standard_name, char *template)
978 {
979 char *name, *p;
980
981 if (use_standard_socket)
982 name = make_filename (opt.homedir, standard_name, NULL);
983 else
984 {
985 name = xstrdup (template);
986 p = strrchr (name, '/');
987 if (!p)
988 BUG ();
989 *p = 0;
990 if (!mkdtemp (name))
991 {
992 log_error (_("can't create directory `%s': %s\n"),
993 name, strerror (errno));
994 scd_exit (2);
995 }
996 *p = '/';
997 }
998
999 if (strchr (name, PATHSEP_C))
1000 {
1001 log_error (("`%s' are not allowed in the socket name\n"), PATHSEP_S);
1002 scd_exit (2);
1003 }
1004 if (strlen (name) + 1 >= DIMof (struct sockaddr_un, sun_path) )
1005 {
1006 log_error (_("name of socket too long\n"));
1007 scd_exit (2);
1008 }
1009 return name;
1010 }
1011
1012
1013
1014 /* Create a Unix domain socket with NAME. IS_STANDARD_NAME indicates
1015 whether a non-random socket is used. Returns the file descriptor
1016 or terminates the process in case of an error. */
1017 static gnupg_fd_t
1018 create_server_socket (int is_standard_name, const char *name,
1019 assuan_sock_nonce_t *nonce)
1020 {
1021 struct sockaddr_un *serv_addr;
1022 socklen_t len;
1023 gnupg_fd_t fd;
1024 int rc;
1025
1026 fd = assuan_sock_new (AF_UNIX, SOCK_STREAM, 0);
1027 if (fd == GNUPG_INVALID_FD)
1028 {
1029 log_error (_("can't create socket: %s\n"), strerror (errno));
1030 scd_exit (2);
1031 }
1032
1033 serv_addr = xmalloc (sizeof (*serv_addr));
1034 memset (serv_addr, 0, sizeof *serv_addr);
1035 serv_addr->sun_family = AF_UNIX;
1036 assert (strlen (name) + 1 < sizeof (serv_addr->sun_path));
1037 strcpy (serv_addr->sun_path, name);
1038 len = SUN_LEN (serv_addr);
1039
1040 rc = assuan_sock_bind (fd, (struct sockaddr*) serv_addr, len);
1041 if (is_standard_name && rc == -1 && errno == EADDRINUSE)
1042 {
1043 remove (name);
1044 rc = assuan_sock_bind (fd, (struct sockaddr*) serv_addr, len);
1045 }
1046 if (rc != -1
1047 && (rc=assuan_sock_get_nonce ((struct sockaddr*)serv_addr, len, nonce)))
1048 log_error (_("error getting nonce for the socket\n"));
1049 if (rc == -1)
1050 {
1051 log_error (_("error binding socket to `%s': %s\n"),
1052 serv_addr->sun_path,
1053 gpg_strerror (gpg_error_from_syserror ()));
1054 assuan_sock_close (fd);
1055 scd_exit (2);
1056 }
1057
1058 if (listen (FD2INT(fd), 5 ) == -1)
1059 {
1060 log_error (_("listen() failed: %s\n"),
1061 gpg_strerror (gpg_error_from_syserror ()));
1062 assuan_sock_close (fd);
1063 scd_exit (2);
1064 }
1065
1066 if (opt.verbose)
1067 log_info (_("listening on socket `%s'\n"), serv_addr->sun_path);
1068
1069 return fd;
1070 }
1071
1072
1073
1074 /* This is the standard connection thread's main function. */
1075 static void *
1076 start_connection_thread (void *arg)
1077 {
1078 ctrl_t ctrl = arg;
1079
1080 if (ctrl->thread_startup.fd != GNUPG_INVALID_FD
1081 && assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
1082 {
1083 log_info (_("error reading nonce on fd %d: %s\n"),
1084 FD2INT(ctrl->thread_startup.fd), strerror (errno));
1085 assuan_sock_close (ctrl->thread_startup.fd);
1086 xfree (ctrl);
1087 return NULL;
1088 }
1089
1090 scd_init_default_ctrl (ctrl);
1091 if (opt.verbose)
1092 log_info (_("handler for fd %d started\n"),
1093 FD2INT(ctrl->thread_startup.fd));
1094
1095 /* If this is a pipe server, we request a shutdown if the command
1096 handler asked for it. With the next ticker event and given that
1097 no other connections are running the shutdown will then
1098 happen. */
1099 if (scd_command_handler (ctrl, FD2INT(ctrl->thread_startup.fd))
1100 && pipe_server)
1101 shutdown_pending = 1;
1102
1103 if (opt.verbose)
1104 log_info (_("handler for fd %d terminated\n"),
1105 FD2INT (ctrl->thread_startup.fd));
1106
1107 scd_deinit_default_ctrl (ctrl);
1108 xfree (ctrl);
1109 return NULL;
1110 }
1111
1112
1113 /* Connection handler loop. Wait for connection requests and spawn a
1114 thread after accepting a connection. LISTEN_FD is allowed to be -1
1115 in which case this code will only do regular timeouts and handle
1116 signals. */
1117 static void
1118 handle_connections (int listen_fd)
1119 {
1120 pth_attr_t tattr;
1121 pth_event_t ev, time_ev;
1122 sigset_t sigs;
1123 int signo;
1124 struct sockaddr_un paddr;
1125 socklen_t plen;
1126 fd_set fdset, read_fdset;
1127 int ret;
1128 int fd;
1129 int nfd;
1130
1131 tattr = pth_attr_new();
1132 pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
1133 pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 512*1024);
1134
1135 #ifndef HAVE_W32_SYSTEM /* fixme */
1136 sigemptyset (&sigs );
1137 sigaddset (&sigs, SIGHUP);
1138 sigaddset (&sigs, SIGUSR1);
1139 sigaddset (&sigs, SIGUSR2);
1140 sigaddset (&sigs, SIGINT);
1141 sigaddset (&sigs, SIGTERM);
1142 pth_sigmask (SIG_UNBLOCK, &sigs, NULL);
1143 ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
1144 #else
1145 sigs = 0;
1146 ev = pth_event (PTH_EVENT_SIGS, &sigs, &signo);
1147 #endif
1148 time_ev = NULL;
1149
1150 FD_ZERO (&fdset);
1151 nfd = 0;
1152 if (listen_fd != -1)
1153 {
1154 FD_SET (listen_fd, &fdset);
1155 nfd = listen_fd;
1156 }
1157
1158 for (;;)
1159 {
1160 sigset_t oldsigs;
1161
1162 if (shutdown_pending)
1163 {
1164 if (pth_ctrl (PTH_CTRL_GETTHREADS) == 1)
1165 break; /* ready */
1166
1167 /* Do not accept anymore connections but wait for existing
1168 connections to terminate. We do this by clearing out all
1169 file descriptors to wait for, so that the select will be
1170 used to just wait on a signal or timeout event. */
1171 FD_ZERO (&fdset);
1172 listen_fd = -1;
1173 }
1174
1175 /* Create a timeout event if needed. Round it up to the next
1176 microsecond interval to help with power saving. */
1177 if (!time_ev)
1178 {
1179 pth_time_t nexttick = pth_timeout (TIMERTICK_INTERVAL_SEC,
1180 TIMERTICK_INTERVAL_USEC/2);
1181 if ((nexttick.tv_usec % (TIMERTICK_INTERVAL_USEC/2)) > 10)
1182 {
1183 nexttick.tv_usec = ((nexttick.tv_usec
1184 /(TIMERTICK_INTERVAL_USEC/2))
1185 + 1) * (TIMERTICK_INTERVAL_USEC/2);
1186 if (nexttick.tv_usec >= 1000000)
1187 {
1188 nexttick.tv_sec++;
1189 nexttick.tv_usec = 0;
1190 }
1191 }
1192 time_ev = pth_event (PTH_EVENT_TIME, nexttick);
1193 }
1194
1195 /* POSIX says that fd_set should be implemented as a structure,
1196 thus a simple assignment is fine to copy the entire set. */
1197 read_fdset = fdset;
1198
1199 if (time_ev)
1200 pth_event_concat (ev, time_ev, NULL);
1201 ret = pth_select_ev (nfd+1, &read_fdset, NULL, NULL, NULL, ev);
1202 if (time_ev)
1203 pth_event_isolate (time_ev);
1204
1205 if (ret == -1)
1206 {
1207 if (pth_event_occurred (ev)
1208 || (time_ev && pth_event_occurred (time_ev)))
1209 {
1210 if (pth_event_occurred (ev))
1211 handle_signal (signo);
1212 if (time_ev && pth_event_occurred (time_ev))
1213 {
1214 pth_event_free (time_ev, PTH_FREE_ALL);
1215 time_ev = NULL;
1216 handle_tick ();
1217 }
1218 continue;
1219 }
1220 log_error (_("pth_select failed: %s - waiting 1s\n"),
1221 strerror (errno));
1222 pth_sleep (1);
1223 continue;
1224 }
1225
1226 if (pth_event_occurred (ev))
1227 {
1228 handle_signal (signo);
1229 }
1230
1231 if (time_ev && pth_event_occurred (time_ev))
1232 {
1233 pth_event_free (time_ev, PTH_FREE_ALL);
1234 time_ev = NULL;
1235 handle_tick ();
1236 }
1237
1238 /* We now might create new threads and because we don't want any
1239 signals - we are handling here - to be delivered to a new
1240 thread. Thus we need to block those signals. */
1241 pth_sigmask (SIG_BLOCK, &sigs, &oldsigs);
1242
1243 if (listen_fd != -1 && FD_ISSET (listen_fd, &read_fdset))
1244 {
1245 ctrl_t ctrl;
1246
1247 plen = sizeof paddr;
1248 fd = pth_accept (listen_fd, (struct sockaddr *)&paddr, &plen);
1249 if (fd == -1)
1250 {
1251 log_error ("accept failed: %s\n", strerror (errno));
1252 }
1253 else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
1254 {
1255 log_error ("error allocating connection control data: %s\n",
1256 strerror (errno) );
1257 close (fd);
1258 }
1259 else
1260 {
1261 char threadname[50];
1262
1263 snprintf (threadname, sizeof threadname-1, "conn fd=%d", fd);
1264 threadname[sizeof threadname -1] = 0;
1265 pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
1266 ctrl->thread_startup.fd = INT2FD (fd);
1267 if (!pth_spawn (tattr, start_connection_thread, ctrl))
1268 {
1269 log_error ("error spawning connection handler: %s\n",
1270 strerror (errno) );
1271 xfree (ctrl);
1272 close (fd);
1273 }
1274 }
1275 fd = -1;
1276 }
1277
1278 /* Restore the signal mask. */
1279 pth_sigmask (SIG_SETMASK, &oldsigs, NULL);
1280
1281 }
1282
1283 pth_event_free (ev, PTH_FREE_ALL);
1284 if (time_ev)
1285 pth_event_free (time_ev, PTH_FREE_ALL);
1286 cleanup ();
1287 log_info (_("%s %s stopped\n"), strusage(11), strusage(13));
1288 }
1289
1290
gnupg svn clone