search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2008-05-15 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / tools / gpgconf-comp.c
blob664589b9c913c458bada6906ba4c0c03eef0d1f4
1 /* gpgconf-comp.c - Configuration utility for GnuPG.
2 * Copyright (C) 2004, 2007, 2008 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with GnuPG; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #if HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23 #include <stdlib.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <fcntl.h>
27 #include <unistd.h>
28 #include <sys/types.h>
29 #include <assert.h>
30 #include <errno.h>
31 #include <time.h>
32 #include <stdarg.h>
33 #include <signal.h>
34 #include <ctype.h>
35 #ifdef HAVE_W32_SYSTEM
36 # define WIN32_LEAN_AND_MEAN 1
37 # include <windows.h>
38 #else
39 # include <pwd.h>
40 # include <grp.h>
41 #endif
42
43 /* For log_logv(), asctimestamp(), gnupg_get_time (). */
44 #define JNLIB_NEED_LOG_LOGV
45 #include "util.h"
46 #include "i18n.h"
47 #include "exechelp.h"
48
49 #include "gc-opt-flags.h"
50 #include "gpgconf.h"
51
52
53 /* There is a problem with gpg 1.4 under Windows: --gpgconf-list
54 returns a plain filename without escaping. As long as we have not
55 fixed that we need to use gpg2 - it might actually be better to use
56 gpg2 in any case. */
57 #ifdef HAVE_W32_SYSTEM
58 #define GPGNAME "gpg2"
59 #else
60 #define GPGNAME "gpg"
61 #endif
62
63 \f
64 /* TODO:
65 Components: Add more components and their options.
66 Robustness: Do more validation. Call programs to do validation for us.
67 Add options to change backend binary path.
68 Extract binary path for some backends from gpgsm/gpg config.
69 */
70
71 \f
72 #if (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ))
73 void gc_error (int status, int errnum, const char *fmt, ...) \
74 __attribute__ ((format (printf, 3, 4)));
75 #endif
76
77 /* Output a diagnostic message. If ERRNUM is not 0, then the output
78 is followed by a colon, a white space, and the error string for the
79 error number ERRNUM. In any case the output is finished by a
80 newline. The message is prepended by the program name, a colon,
81 and a whitespace. The output may be further formatted or
82 redirected by the jnlib logging facility. */
83 void
84 gc_error (int status, int errnum, const char *fmt, ...)
85 {
86 va_list arg_ptr;
87
88 va_start (arg_ptr, fmt);
89 log_logv (JNLIB_LOG_ERROR, fmt, arg_ptr);
90 va_end (arg_ptr);
91
92 if (errnum)
93 log_printf (": %s\n", strerror (errnum));
94 else
95 log_printf ("\n");
96
97 if (status)
98 {
99 log_printf (NULL);
100 log_printf ("fatal error (exit status %i)\n", status);
101 exit (status);
102 }
103 }
104
105 \f
106 /* Forward declaration. */
107 void gpg_agent_runtime_change (void);
108
109 /* Backend configuration. Backends are used to decide how the default
110 and current value of an option can be determined, and how the
111 option can be changed. To every option in every component belongs
112 exactly one backend that controls and determines the option. Some
113 backends are programs from the GPG system. Others might be
114 implemented by GPGConf itself. If you change this enum, don't
115 forget to update GC_BACKEND below. */
116 typedef enum
117 {
118 /* Any backend, used for find_option (). */
119 GC_BACKEND_ANY,
120
121 /* The Gnu Privacy Guard. */
122 GC_BACKEND_GPG,
123
124 /* The Gnu Privacy Guard for S/MIME. */
125 GC_BACKEND_GPGSM,
126
127 /* The GPG Agent. */
128 GC_BACKEND_GPG_AGENT,
129
130 /* The GnuPG SCDaemon. */
131 GC_BACKEND_SCDAEMON,
132
133 /* The Aegypten directory manager. */
134 GC_BACKEND_DIRMNGR,
135
136 /* The LDAP server list file for the Aegypten director manager. */
137 GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST,
138
139 /* The number of the above entries. */
140 GC_BACKEND_NR
141 } gc_backend_t;
142
143
144 /* To be able to implement generic algorithms for the various
145 backends, we collect all information about them in this struct. */
146 static struct
147 {
148 /* The name of the backend. */
149 const char *name;
150
151 /* The name of the program that acts as the backend. Some backends
152 don't have an associated program, but are implemented directly by
153 GPGConf. In this case, PROGRAM is NULL. */
154 char *program;
155
156 /* The module name (GNUPG_MODULE_NAME_foo) as defined by
157 ../common/util.h. This value is used to get the actual installed
158 path of the program. 0 is used if no backedn program is
159 available. */
160 char module_name;
161
162 /* The runtime change callback. */
163 void (*runtime_change) (void);
164
165 /* The option name for the configuration filename of this backend.
166 This must be an absolute pathname. It can be an option from a
167 different backend (but then ordering of the options might
168 matter). */
169 const char *option_config_filename;
170
171 /* If this is a file backend rather than a program backend, then
172 this is the name of the option associated with the file. */
173 const char *option_name;
174 } gc_backend[GC_BACKEND_NR] =
175 {
176 { NULL }, /* GC_BACKEND_ANY dummy entry. */
177 { "GnuPG", GPGNAME, GNUPG_MODULE_NAME_GPG,
178 NULL, "gpgconf-gpg.conf" },
179 { "GPGSM", "gpgsm", GNUPG_MODULE_NAME_GPGSM,
180 NULL, "gpgconf-gpgsm.conf" },
181 { "GPG Agent", "gpg-agent", GNUPG_MODULE_NAME_AGENT,
182 gpg_agent_runtime_change, "gpgconf-gpg-agent.conf" },
183 { "SCDaemon", "scdaemon", GNUPG_MODULE_NAME_SCDAEMON,
184 NULL, "gpgconf-scdaemon.conf" },
185 { "DirMngr", "dirmngr", GNUPG_MODULE_NAME_DIRMNGR,
186 NULL, "gpgconf-dirmngr.conf" },
187 { "DirMngr LDAP Server List", NULL, 0,
188 NULL, "ldapserverlist-file", "LDAP Server" },
189 };
190
191 \f
192 /* Option configuration. */
193
194 /* An option might take an argument, or not. Argument types can be
195 basic or complex. Basic types are generic and easy to validate.
196 Complex types provide more specific information about the intended
197 use, but can be difficult to validate. If you add to this enum,
198 don't forget to update GC_ARG_TYPE below. YOU MUST NOT CHANGE THE
199 NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE EXTERNAL
200 INTERFACE. */
201 typedef enum
202 {
203 /* Basic argument types. */
204
205 /* No argument. */
206 GC_ARG_TYPE_NONE = 0,
207
208 /* A String argument. */
209 GC_ARG_TYPE_STRING = 1,
210
211 /* A signed integer argument. */
212 GC_ARG_TYPE_INT32 = 2,
213
214 /* An unsigned integer argument. */
215 GC_ARG_TYPE_UINT32 = 3,
216
217 /* ADD NEW BASIC TYPE ENTRIES HERE. */
218
219 /* Complex argument types. */
220
221 /* A complete pathname. */
222 GC_ARG_TYPE_PATHNAME = 32,
223
224 /* An LDAP server in the format
225 HOSTNAME:PORT:USERNAME:PASSWORD:BASE_DN. */
226 GC_ARG_TYPE_LDAP_SERVER = 33,
227
228 /* A 40 character fingerprint. */
229 GC_ARG_TYPE_KEY_FPR = 34,
230
231 /* A user ID or key ID or fingerprint for a certificate. */
232 GC_ARG_TYPE_PUB_KEY = 35,
233
234 /* A user ID or key ID or fingerprint for a certificate with a key. */
235 GC_ARG_TYPE_SEC_KEY = 36,
236
237 /* ADD NEW COMPLEX TYPE ENTRIES HERE. */
238
239 /* The number of the above entries. */
240 GC_ARG_TYPE_NR
241 } gc_arg_type_t;
242
243
244 /* For every argument, we record some information about it in the
245 following struct. */
246 static struct
247 {
248 /* For every argument type exists a basic argument type that can be
249 used as a fallback for input and validation purposes. */
250 gc_arg_type_t fallback;
251
252 /* Human-readable name of the type. */
253 const char *name;
254 } gc_arg_type[GC_ARG_TYPE_NR] =
255 {
256 /* The basic argument types have their own types as fallback. */
257 { GC_ARG_TYPE_NONE, "none" },
258 { GC_ARG_TYPE_STRING, "string" },
259 { GC_ARG_TYPE_INT32, "int32" },
260 { GC_ARG_TYPE_UINT32, "uint32" },
261
262 /* Reserved basic type entries for future extension. */
263 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
264 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
265 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
266 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
267 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
268 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
269 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
270 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
271 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
272 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
273 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
274 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
275 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
276 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
277
278 /* The complex argument types have a basic type as fallback. */
279 { GC_ARG_TYPE_STRING, "pathname" },
280 { GC_ARG_TYPE_STRING, "ldap server" },
281 { GC_ARG_TYPE_STRING, "key fpr" },
282 { GC_ARG_TYPE_STRING, "pub key" },
283 { GC_ARG_TYPE_STRING, "sec key" },
284 };
285
286
287 /* Every option has an associated expert level, than can be used to
288 hide advanced and expert options from beginners. If you add to
289 this list, don't forget to update GC_LEVEL below. YOU MUST NOT
290 CHANGE THE NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE
291 EXTERNAL INTERFACE. */
292 typedef enum
293 {
294 /* The basic options should always be displayed. */
295 GC_LEVEL_BASIC,
296
297 /* The advanced options may be hidden from beginners. */
298 GC_LEVEL_ADVANCED,
299
300 /* The expert options should only be displayed to experts. */
301 GC_LEVEL_EXPERT,
302
303 /* The invisible options should normally never be displayed. */
304 GC_LEVEL_INVISIBLE,
305
306 /* The internal options are never exported, they mark options that
307 are recorded for internal use only. */
308 GC_LEVEL_INTERNAL,
309
310 /* ADD NEW ENTRIES HERE. */
311
312 /* The number of the above entries. */
313 GC_LEVEL_NR
314 } gc_expert_level_t;
315
316 /* A description for each expert level. */
317 static struct
318 {
319 const char *name;
320 } gc_level[] =
321 {
322 { "basic" },
323 { "advanced" },
324 { "expert" },
325 { "invisible" },
326 { "internal" }
327 };
328
329
330 /* Option flags. The flags which are used by the backends are defined
331 by gc-opt-flags.h, included above.
332
333 YOU MUST NOT CHANGE THE NUMBERS OF THE EXISTING FLAGS, AS THEY ARE
334 PART OF THE EXTERNAL INTERFACE. */
335
336 /* Some entries in the option list are not options, but mark the
337 beginning of a new group of options. These entries have the GROUP
338 flag set. */
339 #define GC_OPT_FLAG_GROUP (1UL << 0)
340 /* The ARG_OPT flag for an option indicates that the argument is
341 optional. This is never set for GC_ARG_TYPE_NONE options. */
342 #define GC_OPT_FLAG_ARG_OPT (1UL << 1)
343 /* The LIST flag for an option indicates that the option can occur
344 several times. A comma separated list of arguments is used as the
345 argument value. */
346 #define GC_OPT_FLAG_LIST (1UL << 2)
347 /* The NO_CHANGE flag for an option indicates that the user should not
348 be allowed to change this option using the standard gpgconf method.
349 Frontends using gpgconf should grey out such options, so that only
350 the current value is displayed. */
351 #define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
352
353
354 /* A human-readable description for each flag. */
355 static struct
356 {
357 const char *name;
358 } gc_flag[] =
359 {
360 { "group" },
361 { "optional arg" },
362 { "list" },
363 { "runtime" },
364 { "default" },
365 { "default desc" },
366 { "no arg desc" },
367 { "no change" }
368 };
369
370
371 /* To each option, or group marker, the information in the GC_OPTION
372 struct is provided. If you change this, don't forget to update the
373 option list of each component. */
374 struct gc_option
375 {
376 /* If this is NULL, then this is a terminator in an array of unknown
377 length. Otherwise, if this entry is a group marker (see FLAGS),
378 then this is the name of the group described by this entry.
379 Otherwise it is the name of the option described by this
380 entry. The name must not contain a colon. */
381 const char *name;
382
383 /* The option flags. If the GROUP flag is set, then this entry is a
384 group marker, not an option, and only the fields LEVEL,
385 DESC_DOMAIN and DESC are valid. In all other cases, this entry
386 describes a new option and all fields are valid. */
387 unsigned long flags;
388
389 /* The expert level. This field is valid for options and groups. A
390 group has the expert level of the lowest-level option in the
391 group. */
392 gc_expert_level_t level;
393
394 /* A gettext domain in which the following description can be found.
395 If this is NULL, then DESC is not translated. Valid for groups
396 and options.
397
398 Note that we try to keep the description of groups within the
399 gnupg domain.
400
401 IMPORTANT: If you add a new domain please make sure to add a code
402 set switching call to the function my_dgettext further below. */
403 const char *desc_domain;
404
405 /* A gettext description for this group or option. If it starts
406 with a '|', then the string up to the next '|' describes the
407 argument, and the description follows the second '|'.
408
409 In general enclosing these description in N_() is not required
410 because the description should be identical to the one in the
411 help menu of the respective program. */
412 const char *desc;
413
414 /* The following fields are only valid for options. */
415
416 /* The type of the option argument. */
417 gc_arg_type_t arg_type;
418
419 /* The backend that implements this option. */
420 gc_backend_t backend;
421
422 /* The following fields are set to NULL at startup (because all
423 option's are declared as static variables). They are at the end
424 of the list so that they can be omitted from the option
425 declarations. */
426
427 /* This is true if the option is supported by this version of the
428 backend. */
429 int active;
430
431 /* The default value for this option. This is NULL if the option is
432 not present in the backend, the empty string if no default is
433 available, and otherwise a quoted string. */
434 char *default_value;
435
436 /* The default argument is only valid if the "optional arg" flag is
437 set, and specifies the default argument (value) that is used if
438 the argument is omitted. */
439 char *default_arg;
440
441 /* The current value of this option. */
442 char *value;
443
444 /* The new flags for this option. The only defined flag is actually
445 GC_OPT_FLAG_DEFAULT, and it means that the option should be
446 deleted. In this case, NEW_VALUE is NULL. */
447 unsigned long new_flags;
448
449 /* The new value of this option. */
450 char *new_value;
451 };
452 typedef struct gc_option gc_option_t;
453
454 /* Use this macro to terminate an option list. */
455 #define GC_OPTION_NULL { NULL }
456
457 \f
458 /* The options of the GC_COMPONENT_GPG_AGENT component. */
459 static gc_option_t gc_options_gpg_agent[] =
460 {
461 /* The configuration file to which we write the changes. */
462 { "gpgconf-gpg-agent.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
463 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
464
465 { "Monitor",
466 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
467 "gnupg", N_("Options controlling the diagnostic output") },
468 { "verbose", GC_OPT_FLAG_LIST|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
469 "gnupg", "verbose",
470 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
471 { "quiet", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
472 "gnupg", "be somewhat more quiet",
473 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
474 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
475 NULL, NULL,
476 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
477
478 { "Configuration",
479 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
480 "gnupg", N_("Options controlling the configuration") },
481 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
482 "gnupg", "|FILE|read options from FILE",
483 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
484 { "disable-scdaemon", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
485 "gnupg", "do not use the SCdaemon",
486 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
487
488 { "Debug",
489 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
490 "gnupg", N_("Options useful for debugging") },
491 { "debug-level", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
492 "gnupg", "|LEVEL|set the debugging level to LEVEL",
493 GC_ARG_TYPE_STRING, GC_BACKEND_GPG_AGENT },
494 { "log-file", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
495 "gnupg", N_("|FILE|write server mode logs to FILE"),
496 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
497 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
498 NULL, NULL,
499 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
500
501 { "Security",
502 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
503 "gnupg", N_("Options controlling the security") },
504 { "default-cache-ttl", GC_OPT_FLAG_RUNTIME,
505 GC_LEVEL_BASIC, "gnupg",
506 "|N|expire cached PINs after N seconds",
507 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
508 { "default-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
509 GC_LEVEL_ADVANCED, "gnupg",
510 N_("|N|expire SSH keys after N seconds"),
511 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
512 { "max-cache-ttl", GC_OPT_FLAG_RUNTIME,
513 GC_LEVEL_EXPERT, "gnupg",
514 N_("|N|set maximum PIN cache lifetime to N seconds"),
515 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
516 { "max-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
517 GC_LEVEL_EXPERT, "gnupg",
518 N_("|N|set maximum SSH key lifetime to N seconds"),
519 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
520 { "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
521 GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
522 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
523 { "allow-mark-trusted", GC_OPT_FLAG_RUNTIME,
524 GC_LEVEL_ADVANCED, "gnupg", "allow clients to mark keys as \"trusted\"",
525 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
526 { "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT,
527 "gnupg", "do not grab keyboard and mouse",
528 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
529
530 { "Passphrase policy",
531 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
532 "gnupg", N_("Options enforcing a passphrase policy") },
533 { "enforce-passphrase-constraints", GC_OPT_FLAG_RUNTIME,
534 GC_LEVEL_EXPERT, "gnupg",
535 N_("do not allow to bypass the passphrase policy"),
536 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
537 { "min-passphrase-len", GC_OPT_FLAG_RUNTIME,
538 GC_LEVEL_ADVANCED, "gnupg",
539 N_("|N|set minimal required length for new passphrases to N"),
540 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
541 { "min-passphrase-nonalpha", GC_OPT_FLAG_RUNTIME,
542 GC_LEVEL_EXPERT, "gnupg",
543 N_("|N|require at least N non-alpha characters for a new passphrase"),
544 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
545 { "check-passphrase-pattern", GC_OPT_FLAG_RUNTIME,
546 GC_LEVEL_EXPERT,
547 "gnupg", N_("|FILE|check new passphrases against pattern in FILE"),
548 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
549 { "max-passphrase-days", GC_OPT_FLAG_RUNTIME,
550 GC_LEVEL_EXPERT, "gnupg",
551 N_("|N|expire the passphrase after N days"),
552 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
553 { "enable-passphrase-history", GC_OPT_FLAG_RUNTIME,
554 GC_LEVEL_EXPERT, "gnupg",
555 N_("do not allow the reuse of old passphrases"),
556 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
557
558 GC_OPTION_NULL
559 };
560
561
562 /* The options of the GC_COMPONENT_SCDAEMON component. */
563 static gc_option_t gc_options_scdaemon[] =
564 {
565 /* The configuration file to which we write the changes. */
566 { "gpgconf-scdaemon.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
567 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
568
569 { "Monitor",
570 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
571 "gnupg", N_("Options controlling the diagnostic output") },
572 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
573 "gnupg", "verbose",
574 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
575 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
576 "gnupg", "be somewhat more quiet",
577 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
578 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
579 NULL, NULL,
580 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
581
582 { "Configuration",
583 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
584 "gnupg", N_("Options controlling the configuration") },
585 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
586 "gnupg", "|FILE|read options from FILE",
587 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
588 { "reader-port", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
589 "gnupg", "|N|connect to reader at port N",
590 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
591 { "ctapi-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
592 "gnupg", "|NAME|use NAME as ct-API driver",
593 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
594 { "pcsc-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
595 "gnupg", "|NAME|use NAME as PC/SC driver",
596 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
597 { "disable-opensc", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
598 "gnupg", "do not use the OpenSC layer",
599 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
600 { "disable-ccid", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
601 "gnupg", "do not use the internal CCID driver",
602 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
603 { "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
604 "gnupg", "do not use a reader's keypad",
605 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
606
607 { "Debug",
608 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
609 "gnupg", N_("Options useful for debugging") },
610 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
611 "gnupg", "|LEVEL|set the debugging level to LEVEL",
612 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
613 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
614 "gnupg", N_("|FILE|write server mode logs to FILE"),
615 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
616
617 { "Security",
618 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
619 "gnupg", N_("Options controlling the security") },
620 { "allow-admin", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
621 "gnupg", "allow the use of admin card commands",
622 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
623
624
625 GC_OPTION_NULL
626 };
627
628
629 /* The options of the GC_COMPONENT_GPG component. */
630 static gc_option_t gc_options_gpg[] =
631 {
632 /* The configuration file to which we write the changes. */
633 { "gpgconf-gpg.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
634 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
635
636 { "Monitor",
637 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
638 "gnupg", N_("Options controlling the diagnostic output") },
639 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
640 "gnupg", "verbose",
641 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
642 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
643 "gnupg", "be somewhat more quiet",
644 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
645 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
646 NULL, NULL,
647 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
648
649 { "Configuration",
650 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
651 "gnupg", N_("Options controlling the configuration") },
652 { "default-key", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
653 "gnupg", N_("|NAME|use NAME as default secret key"),
654 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
655 { "encrypt-to", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
656 "gnupg", N_("|NAME|encrypt to user ID NAME as well"),
657 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
658 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
659 "gnupg", "|FILE|read options from FILE",
660 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
661
662 { "Debug",
663 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
664 "gnupg", N_("Options useful for debugging") },
665 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
666 "gnupg", "|LEVEL|set the debugging level to LEVEL",
667 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
668 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
669 "gnupg", N_("|FILE|write server mode logs to FILE"),
670 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
671 /* { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE, */
672 /* NULL, NULL, */
673 /* GC_ARG_TYPE_UINT32, GC_BACKEND_GPG }, */
674
675 { "Keyserver",
676 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
677 "gnupg", N_("Configuration for Keyservers") },
678 { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
679 "gnupg", N_("|URL|use keyserver at URL"),
680 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
681 { "allow-pka-lookup", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
682 "gnupg", N_("allow PKA lookups (DNS requests)"),
683 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
684 { "auto-key-locate", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
685 "gnupg", N_("|MECHANISMS|use MECHANISMS to locate keys by mail address"),
686 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
687
688
689 GC_OPTION_NULL
690 };
691
692
693
694 /* The options of the GC_COMPONENT_GPGSM component. */
695 static gc_option_t gc_options_gpgsm[] =
696 {
697 /* The configuration file to which we write the changes. */
698 { "gpgconf-gpgsm.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
699 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
700
701 { "Monitor",
702 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
703 "gnupg", N_("Options controlling the diagnostic output") },
704 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
705 "gnupg", "verbose",
706 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
707 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
708 "gnupg", "be somewhat more quiet",
709 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
710 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
711 NULL, NULL,
712 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
713
714 { "Configuration",
715 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
716 "gnupg", N_("Options controlling the configuration") },
717 { "default-key", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
718 "gnupg", N_("|NAME|use NAME as default secret key"),
719 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
720 { "encrypt-to", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
721 "gnupg", N_("|NAME|encrypt to user ID NAME as well"),
722 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
723 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
724 "gnupg", "|FILE|read options from FILE",
725 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
726 { "prefer-system-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
727 "gnupg", "use system's dirmngr if available",
728 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
729 { "disable-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
730 "gnupg", N_("disable all access to the dirmngr"),
731 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
732 { "p12-charset", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
733 "gnupg", N_("|NAME|use encoding NAME for PKCS#12 passphrases"),
734 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
735
736 { "Debug",
737 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
738 "gnupg", N_("Options useful for debugging") },
739 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
740 "gnupg", "|LEVEL|set the debugging level to LEVEL",
741 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
742 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
743 "gnupg", N_("|FILE|write server mode logs to FILE"),
744 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
745 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
746 NULL, NULL,
747 GC_ARG_TYPE_UINT32, GC_BACKEND_GPGSM },
748
749 { "Security",
750 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
751 "gnupg", N_("Options controlling the security") },
752 { "disable-crl-checks", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
753 "gnupg", "never consult a CRL",
754 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
755 { "disable-trusted-cert-crl-check", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
756 "gnupg", N_("do not check CRLs for root certificates"),
757 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
758 { "enable-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
759 "gnupg", "check validity using OCSP",
760 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
761 { "include-certs", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
762 "gnupg", "|N|number of certificates to include",
763 GC_ARG_TYPE_INT32, GC_BACKEND_GPGSM },
764 { "disable-policy-checks", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
765 "gnupg", "do not check certificate policies",
766 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
767 { "auto-issuer-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
768 "gnupg", "fetch missing issuer certificates",
769 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
770 { "cipher-algo", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
771 "gnupg", "|NAME|use cipher algorithm NAME",
772 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
773
774 GC_OPTION_NULL
775 };
776
777
778 /* The options of the GC_COMPONENT_DIRMNGR component. */
779 static gc_option_t gc_options_dirmngr[] =
780 {
781 /* The configuration file to which we write the changes. */
782 { "gpgconf-dirmngr.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
783 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
784
785 { "Monitor",
786 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
787 "gnupg", N_("Options controlling the diagnostic output") },
788 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
789 "dirmngr", "verbose",
790 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
791 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
792 "dirmngr", "be somewhat more quiet",
793 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
794 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
795 NULL, NULL,
796 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
797
798 { "Format",
799 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
800 "gnupg", N_("Options controlling the format of the output") },
801 { "sh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
802 "dirmngr", "sh-style command output",
803 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
804 { "csh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
805 "dirmngr", "csh-style command output",
806 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
807
808 { "Configuration",
809 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
810 "gnupg", N_("Options controlling the configuration") },
811 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
812 "dirmngr", "|FILE|read options from FILE",
813 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
814
815 { "Debug",
816 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
817 "gnupg", N_("Options useful for debugging") },
818 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
819 "dirmngr", "|LEVEL|set the debugging level to LEVEL",
820 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
821 { "no-detach", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
822 "dirmngr", "do not detach from the console",
823 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
824 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
825 "dirmngr", N_("|FILE|write server mode logs to FILE"),
826 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
827 { "debug-wait", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
828 NULL, NULL,
829 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
830 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
831 NULL, NULL,
832 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
833
834 { "Enforcement",
835 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
836 "gnupg", N_("Options controlling the interactivity and enforcement") },
837 { "batch", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
838 "dirmngr", "run without asking a user",
839 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
840 { "force", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
841 "dirmngr", "force loading of outdated CRLs",
842 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
843
844 { "HTTP",
845 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
846 "gnupg", N_("Configuration for HTTP servers") },
847 { "disable-http", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
848 "dirmngr", "inhibit the use of HTTP",
849 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
850 { "ignore-http-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
851 "dirmngr", "ignore HTTP CRL distribution points",
852 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
853 { "http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
854 "dirmngr", "|URL|redirect all HTTP requests to URL",
855 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
856 { "honor-http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
857 "gnupg", N_("use system's HTTP proxy setting"),
858 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
859
860 { "LDAP",
861 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
862 "gnupg", N_("Configuration of LDAP servers to use") },
863 { "disable-ldap", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
864 "dirmngr", "inhibit the use of LDAP",
865 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
866 { "ignore-ldap-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
867 "dirmngr", "ignore LDAP CRL distribution points",
868 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
869 { "ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
870 "dirmngr", "|HOST|use HOST for LDAP queries",
871 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
872 { "only-ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
873 "dirmngr", "do not use fallback hosts with --ldap-proxy",
874 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
875 { "add-servers", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
876 "dirmngr", "add new servers discovered in CRL distribution points"
877 " to serverlist", GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
878 { "ldaptimeout", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
879 "dirmngr", "|N|set LDAP timeout to N seconds",
880 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
881 /* The following entry must not be removed, as it is required for
882 the GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST. */
883 { "ldapserverlist-file",
884 GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
885 "dirmngr", "|FILE|read LDAP server list from FILE",
886 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
887 /* This entry must come after at least one entry for
888 GC_BACKEND_DIRMNGR in this component, so that the entry for
889 "ldapserverlist-file will be initialized before this one. */
890 { "LDAP Server", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
891 "gnupg", N_("LDAP server list"),
892 GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST },
893 { "max-replies", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
894 "dirmngr", "|N|do not return more than N items in one query",
895 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
896
897 { "OCSP",
898 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
899 "gnupg", N_("Configuration for OCSP") },
900 { "allow-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
901 "dirmngr", "allow sending OCSP requests",
902 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
903 { "ignore-ocsp-service-url", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
904 "dirmngr", "ignore certificate contained OCSP service URLs",
905 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
906 { "ocsp-responder", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
907 "dirmngr", "|URL|use OCSP responder at URL",
908 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
909 { "ocsp-signer", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
910 "dirmngr", "|FPR|OCSP response signed by FPR",
911 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
912
913
914 GC_OPTION_NULL
915 };
916
917 \f
918 /* Component system. Each component is a set of options that can be
919 configured at the same time. If you change this, don't forget to
920 update GC_COMPONENT below. */
921 typedef enum
922 {
923 /* The classic GPG for OpenPGP. */
924 GC_COMPONENT_GPG,
925
926 /* The GPG Agent. */
927 GC_COMPONENT_GPG_AGENT,
928
929 /* The Smardcard Daemon. */
930 GC_COMPONENT_SCDAEMON,
931
932 /* GPG for S/MIME. */
933 GC_COMPONENT_GPGSM,
934
935 /* The LDAP Directory Manager for CRLs. */
936 GC_COMPONENT_DIRMNGR,
937
938 /* The number of components. */
939 GC_COMPONENT_NR
940 } gc_component_t;
941
942
943 /* The information associated with each component. */
944 static struct
945 {
946 /* The name of this component. Must not contain a colon (':')
947 character. */
948 const char *name;
949
950 /* The gettext domain for the description DESC. If this is NULL,
951 then the description is not translated. */
952 const char *desc_domain;
953
954 /* The description for this domain. */
955 const char *desc;
956
957 /* The list of options for this component, terminated by
958 GC_OPTION_NULL. */
959 gc_option_t *options;
960 } gc_component[] =
961 {
962 { "gpg", NULL, "GPG for OpenPGP", gc_options_gpg },
963 { "gpg-agent", NULL, "GPG Agent", gc_options_gpg_agent },
964 { "scdaemon", NULL, "Smartcard Daemon", gc_options_scdaemon },
965 { "gpgsm", NULL, "GPG for S/MIME", gc_options_gpgsm },
966 { "dirmngr", NULL, "Directory Manager", gc_options_dirmngr }
967 };
968
969
970
971 /* Structure used to collect error output of the backend programs. */
972 struct error_line_s;
973 typedef struct error_line_s *error_line_t;
974 struct error_line_s
975 {
976 error_line_t next; /* Link to next item. */
977 const char *fname; /* Name of the config file (points into BUFFER). */
978 unsigned int lineno; /* Line number of the config file. */
979 const char *errtext; /* Text of the error message (points into BUFFER). */
980 char buffer[1]; /* Helper buffer. */
981 };
982
983
984 \f
985 /* Engine specific support. */
986 void
987 gpg_agent_runtime_change (void)
988 {
989 #ifndef HAVE_W32_SYSTEM
990 char *agent = getenv ("GPG_AGENT_INFO");
991 char *pid_str;
992 unsigned long pid_long;
993 char *tail;
994 pid_t pid;
995
996 if (!agent)
997 return;
998
999 pid_str = strchr (agent, ':');
1000 if (!pid_str)
1001 return;
1002
1003 pid_str++;
1004 errno = 0;
1005 pid_long = strtoul (pid_str, &tail, 0);
1006 if (errno || (*tail != ':' && *tail != '\0'))
1007 return;
1008
1009 pid = (pid_t) pid_long;
1010
1011 /* Check for overflow. */
1012 if (pid_long != (unsigned long) pid)
1013 return;
1014
1015 /* Ignore any errors here. */
1016 kill (pid, SIGHUP);
1017 #endif /*!HAVE_W32_SYSTEM*/
1018 }
1019
1020 \f
1021 /* More or less Robust version of dgettext. It has the side effect of
1022 switching the codeset to utf-8 because this is what we want to
1023 output. In theory it is posible to keep the orginal code set and
1024 switch back for regular disgnostic output (redefine "_(" for that)
1025 but given the natur of this tool, being something invoked from
1026 other pograms, it does not make much sense. */
1027 static const char *
1028 my_dgettext (const char *domain, const char *msgid)
1029 {
1030 #ifdef USE_SIMPLE_GETTEXT
1031 if (domain)
1032 {
1033 static int switched_codeset;
1034 char *text;
1035
1036 if (!switched_codeset)
1037 {
1038 switched_codeset = 1;
1039 gettext_select_utf8 (1);
1040 }
1041
1042 if (!strcmp (domain, "gnupg"))
1043 domain = PACKAGE_GT;
1044
1045 /* FIXME: we have no dgettext, thus we can't switch. */
1046
1047 text = gettext (msgid);
1048 return text ? text : msgid;
1049 }
1050 #elif defined(ENABLE_NLS)
1051 if (domain)
1052 {
1053 static int switched_codeset;
1054 char *text;
1055
1056 if (!switched_codeset)
1057 {
1058 switched_codeset = 1;
1059 bind_textdomain_codeset (PACKAGE_GT, "utf-8");
1060
1061 bindtextdomain ("dirmngr", LOCALEDIR);
1062 bind_textdomain_codeset ("dirmngr", "utf-8");
1063
1064 }
1065
1066 /* Note: This is a hack to actually use the gnupg2 domain as
1067 long we are in a transition phase where gnupg 1.x and 1.9 may
1068 coexist. */
1069 if (!strcmp (domain, "gnupg"))
1070 domain = PACKAGE_GT;
1071
1072 text = dgettext (domain, msgid);
1073 return text ? text : msgid;
1074 }
1075 else
1076 #endif
1077 return msgid;
1078 }
1079
1080
1081 /* Percent-Escape special characters. The string is valid until the
1082 next invocation of the function. */
1083 static char *
1084 my_percent_escape (const char *src)
1085 {
1086 static char *esc_str;
1087 static int esc_str_len;
1088 int new_len = 3 * strlen (src) + 1;
1089 char *dst;
1090
1091 if (esc_str_len < new_len)
1092 {
1093 char *new_esc_str = realloc (esc_str, new_len);
1094 if (!new_esc_str)
1095 gc_error (1, errno, "can not escape string");
1096 esc_str = new_esc_str;
1097 esc_str_len = new_len;
1098 }
1099
1100 dst = esc_str;
1101 while (*src)
1102 {
1103 if (*src == '%')
1104 {
1105 *(dst++) = '%';
1106 *(dst++) = '2';
1107 *(dst++) = '5';
1108 }
1109 else if (*src == ':')
1110 {
1111 /* The colon is used as field separator. */
1112 *(dst++) = '%';
1113 *(dst++) = '3';
1114 *(dst++) = 'a';
1115 }
1116 else if (*src == ',')
1117 {
1118 /* The comma is used as list separator. */
1119 *(dst++) = '%';
1120 *(dst++) = '2';
1121 *(dst++) = 'c';
1122 }
1123 else
1124 *(dst++) = *(src);
1125 src++;
1126 }
1127 *dst = '\0';
1128 return esc_str;
1129 }
1130
1131
1132
1133 /* Percent-Deescape special characters. The string is valid until the
1134 next invocation of the function. */
1135 static char *
1136 percent_deescape (const char *src)
1137 {
1138 static char *str;
1139 static int str_len;
1140 int new_len = 3 * strlen (src) + 1;
1141 char *dst;
1142
1143 if (str_len < new_len)
1144 {
1145 char *new_str = realloc (str, new_len);
1146 if (!new_str)
1147 gc_error (1, errno, "can not deescape string");
1148 str = new_str;
1149 str_len = new_len;
1150 }
1151
1152 dst = str;
1153 while (*src)
1154 {
1155 if (*src == '%')
1156 {
1157 int val = hextobyte (src + 1);
1158
1159 if (val < 0)
1160 gc_error (1, 0, "malformed end of string %s", src);
1161
1162 *(dst++) = (char) val;
1163 src += 3;
1164 }
1165 else
1166 *(dst++) = *(src++);
1167 }
1168 *dst = '\0';
1169 return str;
1170 }
1171
1172 \f
1173 /* List all components that are available. */
1174 void
1175 gc_component_list_components (FILE *out)
1176 {
1177 gc_component_t component;
1178 gc_option_t *option;
1179 gc_backend_t backend;
1180 int backend_seen[GC_BACKEND_NR];
1181 const char *desc;
1182 const char *pgmname;
1183
1184 for (component = 0; component < GC_COMPONENT_NR; component++)
1185 {
1186 option = gc_component[component].options;
1187 if (option)
1188 {
1189 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1190 backend_seen[backend] = 0;
1191
1192 pgmname = "";
1193 for (; option && option->name; option++)
1194 {
1195 if ((option->flags & GC_OPT_FLAG_GROUP))
1196 continue;
1197 backend = option->backend;
1198 if (backend_seen[backend])
1199 continue;
1200 backend_seen[backend] = 1;
1201 assert (backend != GC_BACKEND_ANY);
1202 if (gc_backend[backend].program
1203 && !gc_backend[backend].module_name)
1204 continue;
1205 pgmname = gnupg_module_name (gc_backend[backend].module_name);
1206 break;
1207 }
1208
1209 desc = gc_component[component].desc;
1210 desc = my_dgettext (gc_component[component].desc_domain, desc);
1211 fprintf (out, "%s:%s:",
1212 gc_component[component].name, my_percent_escape (desc));
1213 fprintf (out, "%s\n", my_percent_escape (pgmname));
1214 }
1215 }
1216 }
1217
1218
1219 \f
1220 static int
1221 all_digits_p (const char *p, size_t len)
1222 {
1223 if (!len)
1224 return 0; /* No. */
1225 for (; len; len--, p++)
1226 if (!isascii (*p) || !isdigit (*p))
1227 return 0; /* No. */
1228 return 1; /* Yes. */
1229 }
1230
1231
1232 /* Collect all error lines from file descriptor FD. Only lines
1233 prefixed with TAG are considered. Close that file descriptor
1234 then. Returns a list of error line items (which may be empty).
1235 There is no error return. */
1236 static error_line_t
1237 collect_error_output (int fd, const char *tag)
1238 {
1239 FILE *fp;
1240 char buffer[1024];
1241 char *p, *p2, *p3;
1242 int c, cont_line;
1243 unsigned int pos;
1244 error_line_t eitem, errlines, *errlines_tail;
1245 size_t taglen = strlen (tag);
1246
1247 fp = fdopen (fd, "r");
1248 if (!fp)
1249 gc_error (1, errno, "can't fdopen pipe for reading");
1250
1251 errlines = NULL;
1252 errlines_tail = &errlines;
1253 pos = 0;
1254 cont_line = 0;
1255 while ((c=getc (fp)) != EOF)
1256 {
1257 buffer[pos++] = c;
1258 if (pos >= sizeof buffer - 5 || c == '\n')
1259 {
1260 buffer[pos - (c == '\n')] = 0;
1261 if (cont_line)
1262 ; /*Ignore continuations of previous line. */
1263 else if (!strncmp (buffer, tag, taglen) && buffer[taglen] == ':')
1264 {
1265 /* "gpgsm: foo:4: bla" */
1266 /* Yep, we are interested in this line. */
1267 p = buffer + taglen + 1;
1268 while (*p == ' ' || *p == '\t')
1269 p++;
1270 if (!*p)
1271 ; /* Empty lines are ignored. */
1272 else if ( (p2 = strchr (p, ':')) && (p3 = strchr (p2+1, ':'))
1273 && all_digits_p (p2+1, p3 - (p2+1)))
1274 {
1275 /* Line in standard compiler format. */
1276 p3++;
1277 while (*p3 == ' ' || *p3 == '\t')
1278 p3++;
1279 eitem = xmalloc (sizeof *eitem + strlen (p));
1280 eitem->next = NULL;
1281 strcpy (eitem->buffer, p);
1282 eitem->fname = eitem->buffer;
1283 eitem->buffer[p2-p] = 0;
1284 eitem->errtext = eitem->buffer + (p3 - p);
1285 /* (we already checked that there are only ascii
1286 digits followed by a colon) */
1287 eitem->lineno = 0;
1288 for (p2++; isdigit (*p2); p2++)
1289 eitem->lineno = eitem->lineno*10 + (*p2 - '0');
1290 *errlines_tail = eitem;
1291 errlines_tail = &eitem->next;
1292 }
1293 else
1294 {
1295 /* Other error output. */
1296 eitem = xmalloc (sizeof *eitem + strlen (p));
1297 eitem->next = NULL;
1298 strcpy (eitem->buffer, p);
1299 eitem->fname = NULL;
1300 eitem->errtext = eitem->buffer;
1301 eitem->lineno = 0;
1302 *errlines_tail = eitem;
1303 errlines_tail = &eitem->next;
1304 }
1305 }
1306 pos = 0;
1307 /* If this was not a complete line mark that we are in a
1308 continuation. */
1309 cont_line = (c != '\n');
1310 }
1311 }
1312
1313 /* We ignore error lines not terminated by a LF. */
1314
1315 fclose (fp);
1316 return errlines;
1317 }
1318
1319
1320
1321 /* Check all components that are available. */
1322 void
1323 gc_component_check_programs (FILE *out)
1324 {
1325 gpg_error_t err;
1326 gc_component_t component;
1327 unsigned int result;
1328 int backend_seen[GC_BACKEND_NR];
1329 gc_backend_t backend;
1330 gc_option_t *option;
1331 const char *desc;
1332 const char *pgmname;
1333 const char *argv[2];
1334 pid_t pid;
1335 int exitcode;
1336 int filedes[2];
1337 error_line_t errlines, errptr;
1338
1339 /* We use a temporary file to collect the error output. It would be
1340 better to use a pipe here but as of now we have no suitable
1341 fucntion to create a portable pipe outside of exechelp. Thus it
1342 is easier to use the tempfile approach. */
1343 for (component = 0; component < GC_COMPONENT_NR; component++)
1344 {
1345 if (!gc_component[component].options)
1346 continue;
1347
1348 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1349 backend_seen[backend] = 0;
1350
1351 option = gc_component[component].options;
1352 for (; option && option->name; option++)
1353 {
1354 if ((option->flags & GC_OPT_FLAG_GROUP))
1355 continue;
1356 backend = option->backend;
1357 if (backend_seen[backend])
1358 continue;
1359 backend_seen[backend] = 1;
1360 assert (backend != GC_BACKEND_ANY);
1361 if (!gc_backend[backend].program)
1362 continue;
1363 if (!gc_backend[backend].module_name)
1364 continue;
1365
1366 pgmname = gnupg_module_name (gc_backend[backend].module_name);
1367 argv[0] = "--gpgconf-test";
1368 argv[1] = NULL;
1369
1370 err = gnupg_create_inbound_pipe (filedes);
1371 if (err)
1372 gc_error (1, 0, _("error creating a pipe: %s\n"),
1373 gpg_strerror (err));
1374
1375 result = 0;
1376 errlines = NULL;
1377 if (gnupg_spawn_process_fd (pgmname, argv, -1, -1, filedes[1], &pid))
1378 {
1379 close (filedes[0]);
1380 close (filedes[1]);
1381 result |= 1; /* Program could not be run. */
1382 }
1383 else
1384 {
1385 close (filedes[1]);
1386 errlines = collect_error_output (filedes[0],
1387 gc_component[component].name);
1388 if (gnupg_wait_process (pgmname, pid, &exitcode))
1389 {
1390 if (exitcode == -1)
1391 result |= 1; /* Program could not be run or it
1392 terminated abnormally. */
1393 result |= 2; /* Program returned an error. */
1394 }
1395 }
1396
1397 /* If the program could not be run, we can't tell whether
1398 the config file is good. */
1399 if ((result&1))
1400 result |= 2;
1401
1402 desc = gc_component[component].desc;
1403 desc = my_dgettext (gc_component[component].desc_domain, desc);
1404 fprintf (out, "%s:%s:",
1405 gc_component[component].name, my_percent_escape (desc));
1406 fputs (my_percent_escape (pgmname), out);
1407 fprintf (out, ":%d:%d:", !(result & 1), !(result & 2));
1408 for (errptr = errlines; errptr; errptr = errptr->next)
1409 {
1410 if (errptr != errlines)
1411 fputs ("\n:::::", out); /* Continuation line. */
1412 if (errptr->fname)
1413 fputs (my_percent_escape (errptr->fname), out);
1414 putc (':', out);
1415 if (errptr->fname)
1416 fprintf (out, "%u", errptr->lineno);
1417 putc (':', out);
1418 fputs (my_percent_escape (errptr->errtext), out);
1419 putc (':', out);
1420 }
1421 putc ('\n', out);
1422
1423 while (errlines)
1424 {
1425 error_line_t tmp = errlines->next;
1426 xfree (errlines);
1427 errlines = tmp;
1428 }
1429 break; /* Loop over options of this component */
1430 }
1431 }
1432 }
1433
1434
1435 \f
1436 /* Find the component with the name NAME. Returns -1 if not
1437 found. */
1438 int
1439 gc_component_find (const char *name)
1440 {
1441 gc_component_t idx;
1442
1443 for (idx = 0; idx < GC_COMPONENT_NR; idx++)
1444 {
1445 if (gc_component[idx].options
1446 && !strcmp (name, gc_component[idx].name))
1447 return idx;
1448 }
1449 return -1;
1450 }
1451
1452 \f
1453 /* List the option OPTION. */
1454 static void
1455 list_one_option (const gc_option_t *option, FILE *out)
1456 {
1457 const char *desc = NULL;
1458 char *arg_name = NULL;
1459
1460 if (option->desc)
1461 {
1462 desc = my_dgettext (option->desc_domain, option->desc);
1463
1464 if (*desc == '|')
1465 {
1466 const char *arg_tail = strchr (&desc[1], '|');
1467
1468 if (arg_tail)
1469 {
1470 int arg_len = arg_tail - &desc[1];
1471 arg_name = xmalloc (arg_len + 1);
1472 memcpy (arg_name, &desc[1], arg_len);
1473 arg_name[arg_len] = '\0';
1474 desc = arg_tail + 1;
1475 }
1476 }
1477 }
1478
1479
1480 /* YOU MUST NOT REORDER THE FIELDS IN THIS OUTPUT, AS THEIR ORDER IS
1481 PART OF THE EXTERNAL INTERFACE. YOU MUST NOT REMOVE ANY
1482 FIELDS. */
1483
1484 /* The name field. */
1485 fprintf (out, "%s", option->name);
1486
1487 /* The flags field. */
1488 fprintf (out, ":%lu", option->flags);
1489 if (opt.verbose)
1490 {
1491 putc (' ', out);
1492
1493 if (!option->flags)
1494 fprintf (out, "none");
1495 else
1496 {
1497 unsigned long flags = option->flags;
1498 unsigned long flag = 0;
1499 unsigned long first = 1;
1500
1501 while (flags)
1502 {
1503 if (flags & 1)
1504 {
1505 if (first)
1506 first = 0;
1507 else
1508 putc (',', out);
1509 fprintf (out, "%s", gc_flag[flag].name);
1510 }
1511 flags >>= 1;
1512 flag++;
1513 }
1514 }
1515 }
1516
1517 /* The level field. */
1518 fprintf (out, ":%u", option->level);
1519 if (opt.verbose)
1520 fprintf (out, " %s", gc_level[option->level].name);
1521
1522 /* The description field. */
1523 fprintf (out, ":%s", desc ? my_percent_escape (desc) : "");
1524
1525 /* The type field. */
1526 fprintf (out, ":%u", option->arg_type);
1527 if (opt.verbose)
1528 fprintf (out, " %s", gc_arg_type[option->arg_type].name);
1529
1530 /* The alternate type field. */
1531 fprintf (out, ":%u", gc_arg_type[option->arg_type].fallback);
1532 if (opt.verbose)
1533 fprintf (out, " %s",
1534 gc_arg_type[gc_arg_type[option->arg_type].fallback].name);
1535
1536 /* The argument name field. */
1537 fprintf (out, ":%s", arg_name ? my_percent_escape (arg_name) : "");
1538 if (arg_name)
1539 xfree (arg_name);
1540
1541 /* The default value field. */
1542 fprintf (out, ":%s", option->default_value ? option->default_value : "");
1543
1544 /* The default argument field. */
1545 fprintf (out, ":%s", option->default_arg ? option->default_arg : "");
1546
1547 /* The value field. */
1548 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
1549 && (option->flags & GC_OPT_FLAG_LIST)
1550 && option->value)
1551 /* The special format "1,1,1,1,...,1" is converted to a number
1552 here. */
1553 fprintf (out, ":%u", (unsigned int)((strlen (option->value) + 1) / 2));
1554 else
1555 fprintf (out, ":%s", option->value ? option->value : "");
1556
1557 /* ADD NEW FIELDS HERE. */
1558
1559 putc ('\n', out);
1560 }
1561
1562
1563 /* List all options of the component COMPONENT. */
1564 void
1565 gc_component_list_options (int component, FILE *out)
1566 {
1567 const gc_option_t *option = gc_component[component].options;
1568
1569 while (option && option->name)
1570 {
1571 /* Do not output unknown or internal options. */
1572 if (!(option->flags & GC_OPT_FLAG_GROUP)
1573 && (!option->active || option->level == GC_LEVEL_INTERNAL))
1574 {
1575 option++;
1576 continue;
1577 }
1578
1579 if (option->flags & GC_OPT_FLAG_GROUP)
1580 {
1581 const gc_option_t *group_option = option + 1;
1582 gc_expert_level_t level = GC_LEVEL_NR;
1583
1584 /* The manual states that the group level is always the
1585 minimum of the levels of all contained options. Due to
1586 different active options, and because it is hard to
1587 maintain manually, we calculate it here. The value in
1588 the global static table is ignored. */
1589
1590 while (group_option->name)
1591 {
1592 if (group_option->flags & GC_OPT_FLAG_GROUP)
1593 break;
1594 if (group_option->level < level)
1595 level = group_option->level;
1596 group_option++;
1597 }
1598
1599 /* Check if group is empty. */
1600 if (level != GC_LEVEL_NR)
1601 {
1602 gc_option_t opt_copy;
1603
1604 /* Fix up the group level. */
1605 memcpy (&opt_copy, option, sizeof (opt_copy));
1606 opt_copy.level = level;
1607 list_one_option (&opt_copy, out);
1608 }
1609 }
1610 else
1611 list_one_option (option, out);
1612
1613 option++;
1614 }
1615 }
1616
1617
1618 /* Find the option NAME in component COMPONENT, for the backend
1619 BACKEND. If BACKEND is GC_BACKEND_ANY, any backend will match. */
1620 static gc_option_t *
1621 find_option (gc_component_t component, const char *name,
1622 gc_backend_t backend)
1623 {
1624 gc_option_t *option = gc_component[component].options;
1625 while (option->name)
1626 {
1627 if (!(option->flags & GC_OPT_FLAG_GROUP)
1628 && !strcmp (option->name, name)
1629 && (backend == GC_BACKEND_ANY || option->backend == backend))
1630 break;
1631 option++;
1632 }
1633 return option->name ? option : NULL;
1634 }
1635
1636 \f
1637 /* Determine the configuration pathname for the component COMPONENT
1638 and backend BACKEND. */
1639 static char *
1640 get_config_pathname (gc_component_t component, gc_backend_t backend)
1641 {
1642 char *pathname = NULL;
1643 gc_option_t *option = find_option
1644 (component, gc_backend[backend].option_config_filename, GC_BACKEND_ANY);
1645 assert (option);
1646 assert (option->arg_type == GC_ARG_TYPE_PATHNAME);
1647 assert (!(option->flags & GC_OPT_FLAG_LIST));
1648
1649 if (!option->active || !option->default_value)
1650 gc_error (1, 0, "Option %s, needed by backend %s, was not initialized",
1651 gc_backend[backend].option_config_filename,
1652 gc_backend[backend].name);
1653
1654 if (option->value && *option->value)
1655 pathname = percent_deescape (&option->value[1]);
1656 else if (option->default_value && *option->default_value)
1657 pathname = percent_deescape (&option->default_value[1]);
1658 else
1659 pathname = "";
1660
1661 #ifdef HAVE_DOSISH_SYSTEM
1662 if (!(pathname[0]
1663 && pathname[1] == ':'
1664 && (pathname[2] == '/' || pathname[2] == '\\')))
1665 #else
1666 if (pathname[0] != '/')
1667 #endif
1668 gc_error (1, 0, "Option %s, needed by backend %s, is not absolute",
1669 gc_backend[backend].option_config_filename,
1670 gc_backend[backend].name);
1671
1672 return pathname;
1673 }
1674
1675 \f
1676 /* Retrieve the options for the component COMPONENT from backend
1677 BACKEND, which we already know is a program-type backend. */
1678 static void
1679 retrieve_options_from_program (gc_component_t component, gc_backend_t backend)
1680 {
1681 gpg_error_t err;
1682 int filedes[2];
1683 const char *pgmname;
1684 const char *argv[2];
1685 int exitcode;
1686 pid_t pid;
1687 char *line = NULL;
1688 size_t line_len = 0;
1689 ssize_t length;
1690 FILE *config;
1691 char *config_pathname;
1692
1693 err = gnupg_create_inbound_pipe (filedes);
1694 if (err)
1695 gc_error (1, 0, _("error creating a pipe: %s\n"), gpg_strerror (err));
1696
1697 pgmname = (gc_backend[backend].module_name
1698 ? gnupg_module_name (gc_backend[backend].module_name)
1699 : gc_backend[backend].program );
1700 argv[0] = "--gpgconf-list";
1701 argv[1] = NULL;
1702
1703 err = gnupg_spawn_process_fd (pgmname, argv, -1, filedes[1], -1, &pid);
1704 if (err)
1705 {
1706 close (filedes[0]);
1707 close (filedes[1]);
1708 gc_error (1, 0, "could not gather active options from `%s': %s",
1709 pgmname, gpg_strerror (err));
1710 }
1711 close (filedes[1]);
1712 config = fdopen (filedes[0], "r");
1713 if (!config)
1714 gc_error (1, errno, "can't fdopen pipe for reading");
1715
1716 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1717 {
1718 gc_option_t *option;
1719 char *linep;
1720 unsigned long flags = 0;
1721 char *default_value = NULL;
1722
1723 /* Strip newline and carriage return, if present. */
1724 while (length > 0
1725 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
1726 line[--length] = '\0';
1727
1728 linep = strchr (line, ':');
1729 if (linep)
1730 *(linep++) = '\0';
1731
1732 /* Extract additional flags. Default to none. */
1733 if (linep)
1734 {
1735 char *end;
1736 char *tail;
1737
1738 end = strchr (linep, ':');
1739 if (end)
1740 *(end++) = '\0';
1741
1742 errno = 0;
1743 flags = strtoul (linep, &tail, 0);
1744 if (errno)
1745 gc_error (1, errno, "malformed flags in option %s from %s",
1746 line, pgmname);
1747 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
1748 gc_error (1, 0, "garbage after flags in option %s from %s",
1749 line, pgmname);
1750
1751 linep = end;
1752 }
1753
1754 /* Extract default value, if present. Default to empty if
1755 not. */
1756 if (linep)
1757 {
1758 char *end;
1759
1760 end = strchr (linep, ':');
1761 if (end)
1762 *(end++) = '\0';
1763
1764 if (flags & GC_OPT_FLAG_DEFAULT)
1765 default_value = linep;
1766
1767 linep = end;
1768 }
1769
1770 /* Look up the option in the component and install the
1771 configuration data. */
1772 option = find_option (component, line, backend);
1773 if (option)
1774 {
1775 if (option->active)
1776 gc_error (1, errno, "option %s returned twice from %s",
1777 line, pgmname);
1778 option->active = 1;
1779
1780 option->flags |= flags;
1781 if (default_value && *default_value)
1782 option->default_value = xstrdup (default_value);
1783 }
1784 }
1785 if (length < 0 || ferror (config))
1786 gc_error (1, errno, "error reading from %s",pgmname);
1787 if (fclose (config) && ferror (config))
1788 gc_error (1, errno, "error closing %s", pgmname);
1789
1790 err = gnupg_wait_process (pgmname, pid, &exitcode);
1791 if (err)
1792 gc_error (1, 0, "running %s failed (exitcode=%d): %s",
1793 pgmname, exitcode, gpg_strerror (err));
1794
1795
1796 /* At this point, we can parse the configuration file. */
1797 config_pathname = get_config_pathname (component, backend);
1798
1799 config = fopen (config_pathname, "r");
1800 if (!config)
1801 gc_error (0, errno, "warning: can not open config file %s",
1802 config_pathname);
1803 else
1804 {
1805 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1806 {
1807 char *name;
1808 char *value;
1809 gc_option_t *option;
1810
1811 name = line;
1812 while (*name == ' ' || *name == '\t')
1813 name++;
1814 if (!*name || *name == '#' || *name == '\r' || *name == '\n')
1815 continue;
1816
1817 value = name;
1818 while (*value && *value != ' ' && *value != '\t'
1819 && *value != '#' && *value != '\r' && *value != '\n')
1820 value++;
1821 if (*value == ' ' || *value == '\t')
1822 {
1823 char *end;
1824
1825 *(value++) = '\0';
1826 while (*value == ' ' || *value == '\t')
1827 value++;
1828
1829 end = value;
1830 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1831 end++;
1832 while (end > value && (end[-1] == ' ' || end[-1] == '\t'))
1833 end--;
1834 *end = '\0';
1835 }
1836 else
1837 *value = '\0';
1838
1839 /* Look up the option in the component and install the
1840 configuration data. */
1841 option = find_option (component, line, backend);
1842 if (option)
1843 {
1844 char *opt_value;
1845
1846 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
1847 {
1848 if (*value)
1849 gc_error (0, 0,
1850 "warning: ignoring argument %s for option %s",
1851 value, name);
1852 opt_value = xstrdup ("1");
1853 }
1854 else if (gc_arg_type[option->arg_type].fallback
1855 == GC_ARG_TYPE_STRING)
1856 opt_value = xasprintf ("\"%s", my_percent_escape (value));
1857 else
1858 {
1859 /* FIXME: Verify that the number is sane. */
1860 opt_value = xstrdup (value);
1861 }
1862
1863 /* Now enter the option into the table. */
1864 if (!(option->flags & GC_OPT_FLAG_LIST))
1865 {
1866 if (option->value)
1867 free (option->value);
1868 option->value = opt_value;
1869 }
1870 else
1871 {
1872 if (!option->value)
1873 option->value = opt_value;
1874 else
1875 {
1876 char *opt_val = opt_value;
1877
1878 option->value = xasprintf ("%s,%s", option->value,
1879 opt_val);
1880 xfree (opt_value);
1881 }
1882 }
1883 }
1884 }
1885
1886 if (length < 0 || ferror (config))
1887 gc_error (1, errno, "error reading from %s", config_pathname);
1888 if (fclose (config) && ferror (config))
1889 gc_error (1, errno, "error closing %s", config_pathname);
1890 }
1891
1892 xfree (line);
1893 }
1894
1895
1896 /* Retrieve the options for the component COMPONENT from backend
1897 BACKEND, which we already know is of type file list. */
1898 static void
1899 retrieve_options_from_file (gc_component_t component, gc_backend_t backend)
1900 {
1901 gc_option_t *list_option;
1902 char *list_pathname;
1903 FILE *list_file;
1904 char *line = NULL;
1905 size_t line_len = 0;
1906 ssize_t length;
1907 char *list = NULL;
1908
1909 list_option = find_option (component,
1910 gc_backend[backend].option_name, GC_BACKEND_ANY);
1911 assert (list_option);
1912 assert (!list_option->active);
1913
1914 list_pathname = get_config_pathname (component, backend);
1915 list_file = fopen (list_pathname, "r");
1916 if (!list_file)
1917 gc_error (0, errno, "warning: can not open list file %s", list_pathname);
1918 else
1919 {
1920
1921 while ((length = read_line (list_file, &line, &line_len, NULL)) > 0)
1922 {
1923 char *start;
1924 char *end;
1925 char *new_list;
1926
1927 start = line;
1928 while (*start == ' ' || *start == '\t')
1929 start++;
1930 if (!*start || *start == '#' || *start == '\r' || *start == '\n')
1931 continue;
1932
1933 end = start;
1934 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1935 end++;
1936 /* Walk back to skip trailing white spaces. Looks evil, but
1937 works because of the conditions on START and END imposed
1938 at this point (END is at least START + 1, and START is
1939 not a whitespace character). */
1940 while (*(end - 1) == ' ' || *(end - 1) == '\t')
1941 end--;
1942 *end = '\0';
1943 /* FIXME: Oh, no! This is so lame! Should use realloc and
1944 really append. */
1945 if (list)
1946 {
1947 new_list = xasprintf ("%s,\"%s", list, my_percent_escape (start));
1948 xfree (list);
1949 list = new_list;
1950 }
1951 else
1952 list = xasprintf ("\"%s", my_percent_escape (start));
1953 }
1954 if (length < 0 || ferror (list_file))
1955 gc_error (1, errno, "can not read list file %s", list_pathname);
1956 }
1957
1958 list_option->active = 1;
1959 list_option->value = list;
1960
1961 if (list_file && fclose (list_file) && ferror (list_file))
1962 gc_error (1, errno, "error closing %s", list_pathname);
1963 xfree (line);
1964 }
1965
1966
1967 /* Retrieve the currently active options and their defaults from all
1968 involved backends for this component. Using -1 for component will
1969 retrieve all options from all components. */
1970 void
1971 gc_component_retrieve_options (int component)
1972 {
1973 int process_all = 0;
1974 int backend_seen[GC_BACKEND_NR];
1975 gc_backend_t backend;
1976 gc_option_t *option;
1977
1978 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1979 backend_seen[backend] = 0;
1980
1981 if (component == -1)
1982 {
1983 process_all = 1;
1984 component = 0;
1985 assert (component < GC_COMPONENT_NR);
1986 }
1987
1988 do
1989 {
1990 option = gc_component[component].options;
1991
1992 while (option && option->name)
1993 {
1994 if (!(option->flags & GC_OPT_FLAG_GROUP))
1995 {
1996 backend = option->backend;
1997
1998 if (backend_seen[backend])
1999 {
2000 option++;
2001 continue;
2002 }
2003 backend_seen[backend] = 1;
2004
2005 assert (backend != GC_BACKEND_ANY);
2006
2007 if (gc_backend[backend].program)
2008 retrieve_options_from_program (component, backend);
2009 else
2010 retrieve_options_from_file (component, backend);
2011 }
2012 option++;
2013 }
2014 }
2015 while (process_all && ++component < GC_COMPONENT_NR);
2016
2017 }
2018
2019
2020 \f
2021 /* Perform a simple validity check based on the type. Return in
2022 NEW_VALUE_NR the value of the number in NEW_VALUE if OPTION is of
2023 type GC_ARG_TYPE_NONE. */
2024 static void
2025 option_check_validity (gc_option_t *option, unsigned long flags,
2026 char *new_value, unsigned long *new_value_nr)
2027 {
2028 char *arg;
2029
2030 if (!option->active)
2031 gc_error (1, 0, "option %s not supported by backend %s",
2032 option->name, gc_backend[option->backend].name);
2033
2034 if (option->new_flags || option->new_value)
2035 gc_error (1, 0, "option %s already changed", option->name);
2036
2037 if (flags & GC_OPT_FLAG_DEFAULT)
2038 {
2039 if (*new_value)
2040 gc_error (1, 0, "argument %s provided for deleted option %s",
2041 new_value, option->name);
2042
2043 return;
2044 }
2045
2046 /* GC_ARG_TYPE_NONE options have special list treatment. */
2047 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
2048 {
2049 char *tail;
2050
2051 errno = 0;
2052 *new_value_nr = strtoul (new_value, &tail, 0);
2053
2054 if (errno)
2055 gc_error (1, errno, "invalid argument for option %s",
2056 option->name);
2057 if (*tail)
2058 gc_error (1, 0, "garbage after argument for option %s",
2059 option->name);
2060
2061 if (!(option->flags & GC_OPT_FLAG_LIST))
2062 {
2063 if (*new_value_nr != 1)
2064 gc_error (1, 0, "argument for non-list option %s of type 0 "
2065 "(none) must be 1", option->name);
2066 }
2067 else
2068 {
2069 if (*new_value_nr == 0)
2070 gc_error (1, 0, "argument for option %s of type 0 (none) "
2071 "must be positive", option->name);
2072 }
2073
2074 return;
2075 }
2076
2077 arg = new_value;
2078 do
2079 {
2080 if (*arg == '\0' || *arg == ',')
2081 {
2082 if (!(option->flags & GC_OPT_FLAG_ARG_OPT))
2083 gc_error (1, 0, "argument required for option %s", option->name);
2084
2085 if (*arg == ',' && !(option->flags & GC_OPT_FLAG_LIST))
2086 gc_error (1, 0, "list found for non-list option %s", option->name);
2087 }
2088 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_STRING)
2089 {
2090 if (*arg != '"')
2091 gc_error (1, 0, "string argument for option %s must begin "
2092 "with a quote (\") character", option->name);
2093
2094 /* FIXME: We do not allow empty string arguments for now, as
2095 we do not quote arguments in configuration files, and
2096 thus no argument is indistinguishable from the empty
2097 string. */
2098 if (arg[1] == '\0' || arg[1] == ',')
2099 gc_error (1, 0, "empty string argument for option %s is "
2100 "currently not allowed. Please report this!",
2101 option->name);
2102 }
2103 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
2104 {
2105 errno = 0;
2106 (void) strtol (arg, &arg, 0);
2107
2108 if (errno)
2109 gc_error (1, errno, "invalid argument for option %s",
2110 option->name);
2111
2112 if (*arg != '\0' && *arg != ',')
2113 gc_error (1, 0, "garbage after argument for option %s",
2114 option->name);
2115 }
2116 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
2117 {
2118 errno = 0;
2119 (void) strtoul (arg, &arg, 0);
2120
2121 if (errno)
2122 gc_error (1, errno, "invalid argument for option %s",
2123 option->name);
2124
2125 if (*arg != '\0' && *arg != ',')
2126 gc_error (1, 0, "garbage after argument for option %s",
2127 option->name);
2128 }
2129 arg = strchr (arg, ',');
2130 if (arg)
2131 arg++;
2132 }
2133 while (arg && *arg);
2134 }
2135
2136 #ifdef HAVE_W32_SYSTEM
2137 int
2138 copy_file (const char *src_name, const char *dst_name)
2139 {
2140 #define BUF_LEN 4096
2141 char buffer[BUF_LEN];
2142 int len;
2143 FILE *src;
2144 FILE *dst;
2145
2146 src = fopen (src_name, "r");
2147 if (src == NULL)
2148 return -1;
2149
2150 dst = fopen (dst_name, "w");
2151 if (dst == NULL)
2152 {
2153 int saved_err = errno;
2154 fclose (src);
2155 errno = saved_err;
2156 return -1;
2157 }
2158
2159 do
2160 {
2161 int written;
2162
2163 len = fread (buffer, 1, BUF_LEN, src);
2164 if (len == 0)
2165 break;
2166 written = fwrite (buffer, 1, len, dst);
2167 if (written != len)
2168 break;
2169 }
2170 while (!feof (src) && !ferror (src) && !ferror (dst));
2171
2172 if (ferror (src) || ferror (dst) || !feof (src))
2173 {
2174 int saved_errno = errno;
2175 fclose (src);
2176 fclose (dst);
2177 unlink (dst_name);
2178 errno = saved_errno;
2179 return -1;
2180 }
2181
2182 if (fclose (dst) && ferror (dst))
2183 gc_error (1, errno, "error closing %s", dst_name);
2184 if (fclose (src) && ferror (src))
2185 gc_error (1, errno, "error closing %s", src_name);
2186
2187 return 0;
2188 }
2189 #endif /* HAVE_W32_SYSTEM */
2190
2191
2192 /* Create and verify the new configuration file for the specified
2193 backend and component. Returns 0 on success and -1 on error. */
2194 static int
2195 change_options_file (gc_component_t component, gc_backend_t backend,
2196 char **src_filenamep, char **dest_filenamep,
2197 char **orig_filenamep)
2198 {
2199 static const char marker[] = "###+++--- GPGConf ---+++###";
2200 /* True if we are within the marker in the config file. */
2201 int in_marker = 0;
2202 gc_option_t *option;
2203 char *line = NULL;
2204 size_t line_len;
2205 ssize_t length;
2206 int res;
2207 int fd;
2208 FILE *src_file = NULL;
2209 FILE *dest_file = NULL;
2210 char *src_filename;
2211 char *dest_filename;
2212 char *orig_filename;
2213 char *arg;
2214 char *cur_arg = NULL;
2215
2216 option = find_option (component,
2217 gc_backend[backend].option_name, GC_BACKEND_ANY);
2218 assert (option);
2219 assert (option->active);
2220 assert (gc_arg_type[option->arg_type].fallback != GC_ARG_TYPE_NONE);
2221
2222 /* FIXME. Throughout the function, do better error reporting. */
2223 /* Note that get_config_pathname() calls percent_deescape(), so we
2224 call this before processing the arguments. */
2225 dest_filename = xstrdup (get_config_pathname (component, backend));
2226 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
2227 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
2228
2229 arg = option->new_value;
2230 if (arg && arg[0] == '\0')
2231 arg = NULL;
2232 else if (arg)
2233 {
2234 char *end;
2235
2236 arg++;
2237 end = strchr (arg, ',');
2238 if (end)
2239 *end = '\0';
2240
2241 cur_arg = percent_deescape (arg);
2242 if (end)
2243 {
2244 *end = ',';
2245 arg = end + 1;
2246 }
2247 else
2248 arg = NULL;
2249 }
2250
2251 #ifdef HAVE_W32_SYSTEM
2252 res = copy_file (dest_filename, orig_filename);
2253 #else
2254 res = link (dest_filename, orig_filename);
2255 #endif
2256 if (res < 0 && errno != ENOENT)
2257 return -1;
2258 if (res < 0)
2259 {
2260 xfree (orig_filename);
2261 orig_filename = NULL;
2262 }
2263
2264 /* We now initialize the return strings, so the caller can do the
2265 cleanup for us. */
2266 *src_filenamep = src_filename;
2267 *dest_filenamep = dest_filename;
2268 *orig_filenamep = orig_filename;
2269
2270 /* Use open() so that we can use O_EXCL. */
2271 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
2272 if (fd < 0)
2273 return -1;
2274 src_file = fdopen (fd, "w");
2275 res = errno;
2276 if (!src_file)
2277 {
2278 errno = res;
2279 return -1;
2280 }
2281
2282 /* Only if ORIG_FILENAME is not NULL did the configuration file
2283 exist already. In this case, we will copy its content into the
2284 new configuration file, changing it to our liking in the
2285 process. */
2286 if (orig_filename)
2287 {
2288 dest_file = fopen (dest_filename, "r");
2289 if (!dest_file)
2290 goto change_file_one_err;
2291
2292 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2293 {
2294 int disable = 0;
2295 char *start;
2296
2297 if (!strncmp (marker, line, sizeof (marker) - 1))
2298 {
2299 if (!in_marker)
2300 in_marker = 1;
2301 else
2302 break;
2303 }
2304
2305 start = line;
2306 while (*start == ' ' || *start == '\t')
2307 start++;
2308 if (*start && *start != '\r' && *start != '\n' && *start != '#')
2309 {
2310 char *end;
2311 char *endp;
2312 char saved_end;
2313
2314 endp = start;
2315 end = endp;
2316
2317 /* Search for the end of the line. */
2318 while (*endp && *endp != '#' && *endp != '\r' && *endp != '\n')
2319 {
2320 endp++;
2321 if (*endp && *endp != ' ' && *endp != '\t'
2322 && *endp != '\r' && *endp != '\n' && *endp != '#')
2323 end = endp + 1;
2324 }
2325 saved_end = *end;
2326 *end = '\0';
2327
2328 if ((option->new_flags & GC_OPT_FLAG_DEFAULT)
2329 || !cur_arg || strcmp (start, cur_arg))
2330 disable = 1;
2331 else
2332 {
2333 /* Find next argument. */
2334 if (arg)
2335 {
2336 char *arg_end;
2337
2338 arg++;
2339 arg_end = strchr (arg, ',');
2340 if (arg_end)
2341 *arg_end = '\0';
2342
2343 cur_arg = percent_deescape (arg);
2344 if (arg_end)
2345 {
2346 *arg_end = ',';
2347 arg = arg_end + 1;
2348 }
2349 else
2350 arg = NULL;
2351 }
2352 else
2353 cur_arg = NULL;
2354 }
2355
2356 *end = saved_end;
2357 }
2358
2359 if (disable)
2360 {
2361 if (!in_marker)
2362 {
2363 fprintf (src_file,
2364 "# GPGConf disabled this option here at %s\n",
2365 asctimestamp (gnupg_get_time ()));
2366 if (ferror (src_file))
2367 goto change_file_one_err;
2368 fprintf (src_file, "# %s", line);
2369 if (ferror (src_file))
2370 goto change_file_one_err;
2371 }
2372 }
2373 else
2374 {
2375 fprintf (src_file, "%s", line);
2376 if (ferror (src_file))
2377 goto change_file_one_err;
2378 }
2379 }
2380 if (length < 0 || ferror (dest_file))
2381 goto change_file_one_err;
2382 }
2383
2384 if (!in_marker)
2385 {
2386 /* There was no marker. This is the first time we edit the
2387 file. We add our own marker at the end of the file and
2388 proceed. Note that we first write a newline, this guards us
2389 against files which lack the newline at the end of the last
2390 line, while it doesn't hurt us in all other cases. */
2391 fprintf (src_file, "\n%s\n", marker);
2392 if (ferror (src_file))
2393 goto change_file_one_err;
2394 }
2395
2396 /* At this point, we have copied everything up to the end marker
2397 into the new file, except for the arguments we are going to add.
2398 Now, dump the new arguments and write the end marker, possibly
2399 followed by the rest of the original file. */
2400 while (cur_arg)
2401 {
2402 fprintf (src_file, "%s\n", cur_arg);
2403
2404 /* Find next argument. */
2405 if (arg)
2406 {
2407 char *end;
2408
2409 arg++;
2410 end = strchr (arg, ',');
2411 if (end)
2412 *end = '\0';
2413
2414 cur_arg = percent_deescape (arg);
2415 if (end)
2416 {
2417 *end = ',';
2418 arg = end + 1;
2419 }
2420 else
2421 arg = NULL;
2422 }
2423 else
2424 cur_arg = NULL;
2425 }
2426
2427 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2428 if (ferror (src_file))
2429 goto change_file_one_err;
2430
2431 if (!in_marker)
2432 {
2433 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2434 if (ferror (src_file))
2435 goto change_file_one_err;
2436 fprintf (src_file, "# It will disable options before this marked "
2437 "block, but it will\n");
2438 if (ferror (src_file))
2439 goto change_file_one_err;
2440 fprintf (src_file, "# never change anything below these lines.\n");
2441 if (ferror (src_file))
2442 goto change_file_one_err;
2443 }
2444 if (dest_file)
2445 {
2446 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2447 {
2448 fprintf (src_file, "%s", line);
2449 if (ferror (src_file))
2450 goto change_file_one_err;
2451 }
2452 if (length < 0 || ferror (dest_file))
2453 goto change_file_one_err;
2454 }
2455 xfree (line);
2456 line = NULL;
2457
2458 res = fclose (src_file);
2459 if (res)
2460 {
2461 res = errno;
2462 close (fd);
2463 if (dest_file)
2464 fclose (dest_file);
2465 errno = res;
2466 return -1;
2467 }
2468 close (fd);
2469 if (dest_file)
2470 {
2471 res = fclose (dest_file);
2472 if (res)
2473 return -1;
2474 }
2475 return 0;
2476
2477 change_file_one_err:
2478 xfree (line);
2479 res = errno;
2480 if (src_file)
2481 {
2482 fclose (src_file);
2483 close (fd);
2484 }
2485 if (dest_file)
2486 fclose (dest_file);
2487 errno = res;
2488 return -1;
2489 }
2490
2491
2492 /* Create and verify the new configuration file for the specified
2493 backend and component. Returns 0 on success and -1 on error. */
2494 static int
2495 change_options_program (gc_component_t component, gc_backend_t backend,
2496 char **src_filenamep, char **dest_filenamep,
2497 char **orig_filenamep)
2498 {
2499 static const char marker[] = "###+++--- GPGConf ---+++###";
2500 /* True if we are within the marker in the config file. */
2501 int in_marker = 0;
2502 gc_option_t *option;
2503 char *line = NULL;
2504 size_t line_len;
2505 ssize_t length;
2506 int res;
2507 int fd;
2508 FILE *src_file = NULL;
2509 FILE *dest_file = NULL;
2510 char *src_filename;
2511 char *dest_filename;
2512 char *orig_filename;
2513 /* Special hack for gpg, see below. */
2514 int utf8strings_seen = 0;
2515
2516 /* FIXME. Throughout the function, do better error reporting. */
2517 dest_filename = xstrdup (get_config_pathname (component, backend));
2518 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
2519 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
2520
2521 #ifdef HAVE_W32_SYSTEM
2522 res = copy_file (dest_filename, orig_filename);
2523 #else
2524 res = link (dest_filename, orig_filename);
2525 #endif
2526 if (res < 0 && errno != ENOENT)
2527 return -1;
2528 if (res < 0)
2529 {
2530 xfree (orig_filename);
2531 orig_filename = NULL;
2532 }
2533
2534 /* We now initialize the return strings, so the caller can do the
2535 cleanup for us. */
2536 *src_filenamep = src_filename;
2537 *dest_filenamep = dest_filename;
2538 *orig_filenamep = orig_filename;
2539
2540 /* Use open() so that we can use O_EXCL. */
2541 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
2542 if (fd < 0)
2543 return -1;
2544 src_file = fdopen (fd, "w");
2545 res = errno;
2546 if (!src_file)
2547 {
2548 errno = res;
2549 return -1;
2550 }
2551
2552 /* Only if ORIG_FILENAME is not NULL did the configuration file
2553 exist already. In this case, we will copy its content into the
2554 new configuration file, changing it to our liking in the
2555 process. */
2556 if (orig_filename)
2557 {
2558 dest_file = fopen (dest_filename, "r");
2559 if (!dest_file)
2560 goto change_one_err;
2561
2562 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2563 {
2564 int disable = 0;
2565 char *start;
2566
2567 if (!strncmp (marker, line, sizeof (marker) - 1))
2568 {
2569 if (!in_marker)
2570 in_marker = 1;
2571 else
2572 break;
2573 }
2574 else if (backend == GC_BACKEND_GPG && in_marker
2575 && ! strcmp ("utf8-strings\n", line))
2576 {
2577 /* Strip duplicated entries. */
2578 if (utf8strings_seen)
2579 disable = 1;
2580 else
2581 utf8strings_seen = 1;
2582 }
2583
2584 start = line;
2585 while (*start == ' ' || *start == '\t')
2586 start++;
2587 if (*start && *start != '\r' && *start != '\n' && *start != '#')
2588 {
2589 char *end;
2590 char saved_end;
2591
2592 end = start;
2593 while (*end && *end != ' ' && *end != '\t'
2594 && *end != '\r' && *end != '\n' && *end != '#')
2595 end++;
2596 saved_end = *end;
2597 *end = '\0';
2598
2599 option = find_option (component, start, backend);
2600 *end = saved_end;
2601 if (option && ((option->new_flags & GC_OPT_FLAG_DEFAULT)
2602 || option->new_value))
2603 disable = 1;
2604 }
2605 if (disable)
2606 {
2607 if (!in_marker)
2608 {
2609 fprintf (src_file,
2610 "# GPGConf disabled this option here at %s\n",
2611 asctimestamp (gnupg_get_time ()));
2612 if (ferror (src_file))
2613 goto change_one_err;
2614 fprintf (src_file, "# %s", line);
2615 if (ferror (src_file))
2616 goto change_one_err;
2617 }
2618 }
2619 else
2620 {
2621 fprintf (src_file, "%s", line);
2622 if (ferror (src_file))
2623 goto change_one_err;
2624 }
2625 }
2626 if (length < 0 || ferror (dest_file))
2627 goto change_one_err;
2628 }
2629
2630 if (!in_marker)
2631 {
2632 /* There was no marker. This is the first time we edit the
2633 file. We add our own marker at the end of the file and
2634 proceed. Note that we first write a newline, this guards us
2635 against files which lack the newline at the end of the last
2636 line, while it doesn't hurt us in all other cases. */
2637 fprintf (src_file, "\n%s\n", marker);
2638 if (ferror (src_file))
2639 goto change_one_err;
2640 }
2641 /* At this point, we have copied everything up to the end marker
2642 into the new file, except for the options we are going to change.
2643 Now, dump the changed options (except for those we are going to
2644 revert to their default), and write the end marker, possibly
2645 followed by the rest of the original file. */
2646
2647 /* We have to turn on UTF8 strings for GnuPG. */
2648 if (backend == GC_BACKEND_GPG && ! utf8strings_seen)
2649 fprintf (src_file, "utf8-strings\n");
2650
2651 option = gc_component[component].options;
2652 while (option->name)
2653 {
2654 if (!(option->flags & GC_OPT_FLAG_GROUP)
2655 && option->backend == backend
2656 && option->new_value)
2657 {
2658 char *arg = option->new_value;
2659
2660 do
2661 {
2662 if (*arg == '\0' || *arg == ',')
2663 {
2664 fprintf (src_file, "%s\n", option->name);
2665 if (ferror (src_file))
2666 goto change_one_err;
2667 }
2668 else if (gc_arg_type[option->arg_type].fallback
2669 == GC_ARG_TYPE_NONE)
2670 {
2671 assert (*arg == '1');
2672 fprintf (src_file, "%s\n", option->name);
2673 if (ferror (src_file))
2674 goto change_one_err;
2675
2676 arg++;
2677 }
2678 else if (gc_arg_type[option->arg_type].fallback
2679 == GC_ARG_TYPE_STRING)
2680 {
2681 char *end;
2682
2683 assert (*arg == '"');
2684 arg++;
2685
2686 end = strchr (arg, ',');
2687 if (end)
2688 *end = '\0';
2689
2690 fprintf (src_file, "%s %s\n", option->name,
2691 percent_deescape (arg));
2692 if (ferror (src_file))
2693 goto change_one_err;
2694
2695 if (end)
2696 *end = ',';
2697 arg = end;
2698 }
2699 else
2700 {
2701 char *end;
2702
2703 end = strchr (arg, ',');
2704 if (end)
2705 *end = '\0';
2706
2707 fprintf (src_file, "%s %s\n", option->name, arg);
2708 if (ferror (src_file))
2709 goto change_one_err;
2710
2711 if (end)
2712 *end = ',';
2713 arg = end;
2714 }
2715
2716 assert (arg == NULL || *arg == '\0' || *arg == ',');
2717 if (arg && *arg == ',')
2718 arg++;
2719 }
2720 while (arg && *arg);
2721 }
2722 option++;
2723 }
2724
2725 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2726 if (ferror (src_file))
2727 goto change_one_err;
2728
2729 if (!in_marker)
2730 {
2731 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2732 if (ferror (src_file))
2733 goto change_one_err;
2734 fprintf (src_file, "# It will disable options before this marked "
2735 "block, but it will\n");
2736 if (ferror (src_file))
2737 goto change_one_err;
2738 fprintf (src_file, "# never change anything below these lines.\n");
2739 if (ferror (src_file))
2740 goto change_one_err;
2741 }
2742 if (dest_file)
2743 {
2744 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2745 {
2746 fprintf (src_file, "%s", line);
2747 if (ferror (src_file))
2748 goto change_one_err;
2749 }
2750 if (length < 0 || ferror (dest_file))
2751 goto change_one_err;
2752 }
2753 xfree (line);
2754 line = NULL;
2755
2756 res = fclose (src_file);
2757 if (res)
2758 {
2759 res = errno;
2760 close (fd);
2761 if (dest_file)
2762 fclose (dest_file);
2763 errno = res;
2764 return -1;
2765 }
2766 close (fd);
2767 if (dest_file)
2768 {
2769 res = fclose (dest_file);
2770 if (res)
2771 return -1;
2772 }
2773 return 0;
2774
2775 change_one_err:
2776 xfree (line);
2777 res = errno;
2778 if (src_file)
2779 {
2780 fclose (src_file);
2781 close (fd);
2782 }
2783 if (dest_file)
2784 fclose (dest_file);
2785 errno = res;
2786 return -1;
2787 }
2788
2789
2790 /* Common code for gc_component_change_options and
2791 gc_process_gpgconf_conf. */
2792 static void
2793 change_one_value (gc_option_t *option, int *runtime,
2794 unsigned long flags, char *new_value)
2795 {
2796 unsigned long new_value_nr = 0;
2797
2798 option_check_validity (option, flags, new_value, &new_value_nr);
2799
2800 if (option->flags & GC_OPT_FLAG_RUNTIME)
2801 runtime[option->backend] = 1;
2802
2803 option->new_flags = flags;
2804 if (!(flags & GC_OPT_FLAG_DEFAULT))
2805 {
2806 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
2807 && (option->flags & GC_OPT_FLAG_LIST))
2808 {
2809 char *str;
2810
2811 /* We convert the number to a list of 1's for convenient
2812 list handling. */
2813 assert (new_value_nr > 0);
2814 option->new_value = xmalloc ((2 * (new_value_nr - 1) + 1) + 1);
2815 str = option->new_value;
2816 *(str++) = '1';
2817 while (--new_value_nr > 0)
2818 {
2819 *(str++) = ',';
2820 *(str++) = '1';
2821 }
2822 *(str++) = '\0';
2823 }
2824 else
2825 option->new_value = xstrdup (new_value);
2826 }
2827 }
2828
2829
2830 /* Read the modifications from IN and apply them. If IN is NULL the
2831 modifications are expected to already have been set to the global
2832 table. */
2833 void
2834 gc_component_change_options (int component, FILE *in)
2835 {
2836 int err = 0;
2837 int runtime[GC_BACKEND_NR];
2838 char *src_pathname[GC_BACKEND_NR];
2839 char *dest_pathname[GC_BACKEND_NR];
2840 char *orig_pathname[GC_BACKEND_NR];
2841 gc_backend_t backend;
2842 gc_option_t *option;
2843 char *line = NULL;
2844 size_t line_len = 0;
2845 ssize_t length;
2846
2847 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2848 {
2849 runtime[backend] = 0;
2850 src_pathname[backend] = NULL;
2851 dest_pathname[backend] = NULL;
2852 orig_pathname[backend] = NULL;
2853 }
2854
2855 if (in)
2856 {
2857 /* Read options from the file IN. */
2858 while ((length = read_line (in, &line, &line_len, NULL)) > 0)
2859 {
2860 char *linep;
2861 unsigned long flags = 0;
2862 char *new_value = "";
2863
2864 /* Strip newline and carriage return, if present. */
2865 while (length > 0
2866 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
2867 line[--length] = '\0';
2868
2869 linep = strchr (line, ':');
2870 if (linep)
2871 *(linep++) = '\0';
2872
2873 /* Extract additional flags. Default to none. */
2874 if (linep)
2875 {
2876 char *end;
2877 char *tail;
2878
2879 end = strchr (linep, ':');
2880 if (end)
2881 *(end++) = '\0';
2882
2883 errno = 0;
2884 flags = strtoul (linep, &tail, 0);
2885 if (errno)
2886 gc_error (1, errno, "malformed flags in option %s", line);
2887 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
2888 gc_error (1, 0, "garbage after flags in option %s", line);
2889
2890 linep = end;
2891 }
2892
2893 /* Don't allow setting of the no change flag. */
2894 flags &= ~GC_OPT_FLAG_NO_CHANGE;
2895
2896 /* Extract default value, if present. Default to empty if not. */
2897 if (linep)
2898 {
2899 char *end;
2900 end = strchr (linep, ':');
2901 if (end)
2902 *(end++) = '\0';
2903 new_value = linep;
2904 linep = end;
2905 }
2906
2907 option = find_option (component, line, GC_BACKEND_ANY);
2908 if (!option)
2909 gc_error (1, 0, "unknown option %s", line);
2910
2911 if ((option->flags & GC_OPT_FLAG_NO_CHANGE))
2912 {
2913 gc_error (0, 0, "ignoring new value for option %s",
2914 option->name);
2915 continue;
2916 }
2917
2918 change_one_value (option, runtime, flags, new_value);
2919 }
2920 }
2921
2922 /* Now that we have collected and locally verified the changes,
2923 write them out to new configuration files, verify them
2924 externally, and then commit them. */
2925 option = gc_component[component].options;
2926 while (option && option->name)
2927 {
2928 /* Go on if we have already seen this backend, or if there is
2929 nothing to do. */
2930 if (src_pathname[option->backend]
2931 || !(option->new_flags || option->new_value))
2932 {
2933 option++;
2934 continue;
2935 }
2936
2937 if (gc_backend[option->backend].program)
2938 err = change_options_program (component, option->backend,
2939 &src_pathname[option->backend],
2940 &dest_pathname[option->backend],
2941 &orig_pathname[option->backend]);
2942 else
2943 err = change_options_file (component, option->backend,
2944 &src_pathname[option->backend],
2945 &dest_pathname[option->backend],
2946 &orig_pathname[option->backend]);
2947
2948 if (err)
2949 break;
2950
2951 option++;
2952 }
2953
2954 if (!err)
2955 {
2956 int i;
2957
2958 for (i = 0; i < GC_BACKEND_NR; i++)
2959 {
2960 if (src_pathname[i])
2961 {
2962 /* FIXME: Make a verification here. */
2963
2964 assert (dest_pathname[i]);
2965
2966 if (orig_pathname[i])
2967 {
2968 #ifdef HAVE_W32_SYSTEM
2969 /* There is no atomic update on W32. */
2970 err = unlink (dest_pathname[i]);
2971 #endif /* HAVE_W32_SYSTEM */
2972 if (!err)
2973 err = rename (src_pathname[i], dest_pathname[i]);
2974 }
2975 else
2976 {
2977 #ifdef HAVE_W32_SYSTEM
2978 /* We skip the unlink if we expect the file not to
2979 be there. */
2980 err = rename (src_pathname[i], dest_pathname[i]);
2981 #else /* HAVE_W32_SYSTEM */
2982 /* This is a bit safer than rename() because we
2983 expect DEST_PATHNAME not to be there. If it
2984 happens to be there, this will fail. */
2985 err = link (src_pathname[i], dest_pathname[i]);
2986 if (!err)
2987 err = unlink (src_pathname[i]);
2988 #endif /* !HAVE_W32_SYSTEM */
2989 }
2990 if (err)
2991 break;
2992 src_pathname[i] = NULL;
2993 }
2994 }
2995 }
2996
2997 if (err)
2998 {
2999 int i;
3000 int saved_errno = errno;
3001
3002 /* An error occured. */
3003 for (i = 0; i < GC_BACKEND_NR; i++)
3004 {
3005 if (src_pathname[i])
3006 {
3007 /* The change was not yet committed. */
3008 unlink (src_pathname[i]);
3009 if (orig_pathname[i])
3010 unlink (orig_pathname[i]);
3011 }
3012 else
3013 {
3014 /* The changes were already committed. FIXME: This is a
3015 tad dangerous, as we don't know if we don't overwrite
3016 a version of the file that is even newer than the one
3017 we just installed. */
3018 if (orig_pathname[i])
3019 {
3020 #ifdef HAVE_W32_SYSTEM
3021 /* There is no atomic update on W32. */
3022 unlink (dest_pathname[i]);
3023 #endif /* HAVE_W32_SYSTEM */
3024 rename (orig_pathname[i], dest_pathname[i]);
3025 }
3026 else
3027 unlink (dest_pathname[i]);
3028 }
3029 }
3030 gc_error (1, saved_errno, "could not commit changes");
3031 }
3032
3033 /* If it all worked, notify the daemons of the changes. */
3034 if (opt.runtime)
3035 for (backend = 0; backend < GC_BACKEND_NR; backend++)
3036 {
3037 if (runtime[backend] && gc_backend[backend].runtime_change)
3038 (*gc_backend[backend].runtime_change) ();
3039 }
3040
3041 /* Move the per-process backup file into its place. */
3042 for (backend = 0; backend < GC_BACKEND_NR; backend++)
3043 if (orig_pathname[backend])
3044 {
3045 char *backup_pathname;
3046
3047 assert (dest_pathname[backend]);
3048
3049 backup_pathname = xasprintf ("%s.gpgconf.bak", dest_pathname[backend]);
3050
3051 #ifdef HAVE_W32_SYSTEM
3052 /* There is no atomic update on W32. */
3053 unlink (backup_pathname);
3054 #endif /* HAVE_W32_SYSTEM */
3055 rename (orig_pathname[backend], backup_pathname);
3056 }
3057
3058 xfree (line);
3059 }
3060
3061
3062 /* Check whether USER matches the current user of one of its group.
3063 This function may change USER. Returns true is there is a
3064 match. */
3065 static int
3066 key_matches_user_or_group (char *user)
3067 {
3068 char *group;
3069
3070 if (*user == '*' && user[1] == 0)
3071 return 1; /* A single asterisk matches all users. */
3072
3073 group = strchr (user, ':');
3074 if (group)
3075 *group++ = 0;
3076
3077 #ifdef HAVE_W32_SYSTEM
3078 /* Under Windows we don't support groups. */
3079 if (group && *group)
3080 gc_error (0, 0, _("Note that group specifications are ignored\n"));
3081 if (*user)
3082 {
3083 static char *my_name;
3084
3085 if (!my_name)
3086 {
3087 char tmp[1];
3088 DWORD size = 1;
3089
3090 GetUserNameA (tmp, &size);
3091 my_name = xmalloc (size);
3092 if (!GetUserNameA (my_name, &size))
3093 gc_error (1,0, "error getting current user name: %s",
3094 w32_strerror (-1));
3095 }
3096
3097 if (!strcmp (user, my_name))
3098 return 1; /* Found. */
3099 }
3100 #else /*!HAVE_W32_SYSTEM*/
3101 /* First check whether the user matches. */
3102 if (*user)
3103 {
3104 static char *my_name;
3105
3106 if (!my_name)
3107 {
3108 struct passwd *pw = getpwuid ( getuid () );
3109 if (!pw)
3110 gc_error (1, errno, "getpwuid failed for current user");
3111 my_name = xstrdup (pw->pw_name);
3112 }
3113 if (!strcmp (user, my_name))
3114 return 1; /* Found. */
3115 }
3116
3117 /* If that failed, check whether a group matches. */
3118 if (group && *group)
3119 {
3120 static char *my_group;
3121 static char **my_supgroups;
3122 int n;
3123
3124 if (!my_group)
3125 {
3126 struct group *gr = getgrgid ( getgid () );
3127 if (!gr)
3128 gc_error (1, errno, "getgrgid failed for current user");
3129 my_group = xstrdup (gr->gr_name);
3130 }
3131 if (!strcmp (group, my_group))
3132 return 1; /* Found. */
3133
3134 if (!my_supgroups)
3135 {
3136 int ngids;
3137 gid_t *gids;
3138
3139 ngids = getgroups (0, NULL);
3140 gids = xcalloc (ngids+1, sizeof *gids);
3141 ngids = getgroups (ngids, gids);
3142 if (ngids < 0)
3143 gc_error (1, errno, "getgroups failed for current user");
3144 my_supgroups = xcalloc (ngids+1, sizeof *my_supgroups);
3145 for (n=0; n < ngids; n++)
3146 {
3147 struct group *gr = getgrgid ( gids[n] );
3148 if (!gr)
3149 gc_error (1, errno, "getgrgid failed for supplementary group");
3150 my_supgroups[n] = xstrdup (gr->gr_name);
3151 }
3152 xfree (gids);
3153 }
3154
3155 for (n=0; my_supgroups[n]; n++)
3156 if (!strcmp (group, my_supgroups[n]))
3157 return 1; /* Found. */
3158 }
3159 #endif /*!HAVE_W32_SYSTEM*/
3160 return 0; /* No match. */
3161 }
3162
3163
3164
3165 /* Read and process the global configuration file for gpgconf. This
3166 optional file is used to update our internal tables at runtime and
3167 may also be used to set new default values. If FNAME is NULL the
3168 default name will be used. With UPDATE set to true the internal
3169 tables are actually updated; if not set, only a syntax check is
3170 done. If DEFAULTS is true the global options are written to the
3171 configuration files. If LISTFP is set, no changes are done but the
3172 configuration file is printed to LISTFP in a colon separated format.
3173
3174 Returns 0 on success or if the config file is not present; -1 is
3175 returned on error. */
3176 int
3177 gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults,
3178 FILE *listfp)
3179 {
3180 int result = 0;
3181 char *line = NULL;
3182 size_t line_len = 0;
3183 ssize_t length;
3184 FILE *config;
3185 int lineno = 0;
3186 int in_rule = 0;
3187 int got_match = 0;
3188 int runtime[GC_BACKEND_NR];
3189 int used_components[GC_COMPONENT_NR];
3190 int backend_id, component_id;
3191 char *fname;
3192
3193 if (fname_arg)
3194 fname = xstrdup (fname_arg);
3195 else
3196 fname = make_filename (gnupg_sysconfdir (), "gpgconf.conf", NULL);
3197
3198 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
3199 runtime[backend_id] = 0;
3200 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
3201 used_components[component_id] = 0;
3202
3203 config = fopen (fname, "r");
3204 if (!config)
3205 {
3206 /* Do not print an error if the file is not available, except
3207 when running in syntax check mode. */
3208 if (errno != ENOENT || !update)
3209 {
3210 gc_error (0, errno, "can not open global config file `%s'", fname);
3211 result = -1;
3212 }
3213 xfree (fname);
3214 return result;
3215 }
3216
3217 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
3218 {
3219 char *key, *component, *option, *flags, *value;
3220 char *empty;
3221 gc_option_t *option_info = NULL;
3222 char *p;
3223 int is_continuation;
3224
3225 lineno++;
3226 key = line;
3227 while (*key == ' ' || *key == '\t')
3228 key++;
3229 if (!*key || *key == '#' || *key == '\r' || *key == '\n')
3230 continue;
3231
3232 is_continuation = (key != line);
3233
3234 /* Parse the key field. */
3235 if (!is_continuation && got_match)
3236 break; /* Finish after the first match. */
3237 else if (!is_continuation)
3238 {
3239 in_rule = 0;
3240 for (p=key+1; *p && !strchr (" \t\r\n", *p); p++)
3241 ;
3242 if (!*p)
3243 {
3244 gc_error (0, 0, "missing rule at `%s', line %d", fname, lineno);
3245 result = -1;
3246 continue;
3247 }
3248 *p++ = 0;
3249 component = p;
3250 }
3251 else if (!in_rule)
3252 {
3253 gc_error (0, 0, "continuation but no rule at `%s', line %d",
3254 fname, lineno);
3255 result = -1;
3256 continue;
3257 }
3258 else
3259 {
3260 component = key;
3261 key = NULL;
3262 }
3263
3264 in_rule = 1;
3265
3266 /* Parse the component. */
3267 while (*component == ' ' || *component == '\t')
3268 component++;
3269 for (p=component; *p && !strchr (" \t\r\n", *p); p++)
3270 ;
3271 if (p == component)
3272 {
3273 gc_error (0, 0, "missing component at `%s', line %d",
3274 fname, lineno);
3275 result = -1;
3276 continue;
3277 }
3278 empty = p;
3279 *p++ = 0;
3280 option = p;
3281 component_id = gc_component_find (component);
3282 if (component_id < 0)
3283 {
3284 gc_error (0, 0, "unknown component at `%s', line %d",
3285 fname, lineno);
3286 result = -1;
3287 }
3288
3289 /* Parse the option name. */
3290 while (*option == ' ' || *option == '\t')
3291 option++;
3292 for (p=option; *p && !strchr (" \t\r\n", *p); p++)
3293 ;
3294 if (p == option)
3295 {
3296 gc_error (0, 0, "missing option at `%s', line %d",
3297 fname, lineno);
3298 result = -1;
3299 continue;
3300 }
3301 *p++ = 0;
3302 flags = p;
3303 if ( component_id != -1)
3304 {
3305 option_info = find_option (component_id, option, GC_BACKEND_ANY);
3306 if (!option_info)
3307 {
3308 gc_error (0, 0, "unknown option at `%s', line %d",
3309 fname, lineno);
3310 result = -1;
3311 }
3312 }
3313
3314
3315 /* Parse the optional flags. */
3316 while (*flags == ' ' || *flags == '\t')
3317 flags++;
3318 if (*flags == '[')
3319 {
3320 flags++;
3321 p = strchr (flags, ']');
3322 if (!p)
3323 {
3324 gc_error (0, 0, "syntax error in rule at `%s', line %d",
3325 fname, lineno);
3326 result = -1;
3327 continue;
3328 }
3329 *p++ = 0;
3330 value = p;
3331 }
3332 else /* No flags given. */
3333 {
3334 value = flags;
3335 flags = NULL;
3336 }
3337
3338 /* Parse the optional value. */
3339 while (*value == ' ' || *value == '\t')
3340 value++;
3341 for (p=value; *p && !strchr ("\r\n", *p); p++)
3342 ;
3343 if (p == value)
3344 value = empty; /* No value given; let it point to an empty string. */
3345 else
3346 {
3347 /* Strip trailing white space. */
3348 *p = 0;
3349 for (p--; p > value && (*p == ' ' || *p == '\t'); p--)
3350 *p = 0;
3351 }
3352
3353 /* Check flag combinations. */
3354 if (!flags)
3355 ;
3356 else if (!strcmp (flags, "default"))
3357 {
3358 if (*value)
3359 {
3360 gc_error (0, 0, "flag \"default\" may not be combined "
3361 "with a value at `%s', line %d",
3362 fname, lineno);
3363 result = -1;
3364 }
3365 }
3366 else if (!strcmp (flags, "change"))
3367 ;
3368 else if (!strcmp (flags, "no-change"))
3369 ;
3370 else
3371 {
3372 gc_error (0, 0, "unknown flag at `%s', line %d",
3373 fname, lineno);
3374 result = -1;
3375 }
3376
3377 /* In list mode we print out all records. */
3378 if (listfp && !result)
3379 {
3380 /* If this is a new ruleset, print a key record. */
3381 if (!is_continuation)
3382 {
3383 char *group = strchr (key, ':');
3384 if (group)
3385 {
3386 *group++ = 0;
3387 if ((p = strchr (group, ':')))
3388 *p = 0; /* We better strip any extra stuff. */
3389 }
3390
3391 fprintf (listfp, "k:%s:", my_percent_escape (key));
3392 fprintf (listfp, "%s\n", group? my_percent_escape (group):"");
3393 }
3394
3395 /* All other lines are rule records. */
3396 fprintf (listfp, "r:::%s:%s:%s:",
3397 gc_component[component_id].name,
3398 option_info->name? option_info->name : "",
3399 flags? flags : "");
3400 if (value != empty)
3401 fprintf (listfp, "\"%s", my_percent_escape (value));
3402
3403 putc ('\n', listfp);
3404 }
3405
3406 /* Check whether the key matches but do this only if we are not
3407 running in syntax check mode. */
3408 if ( update
3409 && !result && !listfp
3410 && (got_match || (key && key_matches_user_or_group (key))) )
3411 {
3412 int newflags = 0;
3413
3414 got_match = 1;
3415
3416 /* Apply the flags from gpgconf.conf. */
3417 if (!flags)
3418 ;
3419 else if (!strcmp (flags, "default"))
3420 newflags |= GC_OPT_FLAG_DEFAULT;
3421 else if (!strcmp (flags, "no-change"))
3422 option_info->flags |= GC_OPT_FLAG_NO_CHANGE;
3423 else if (!strcmp (flags, "change"))
3424 option_info->flags &= ~GC_OPT_FLAG_NO_CHANGE;
3425
3426 if (defaults)
3427 {
3428 assert (component_id >= 0 && component_id < GC_COMPONENT_NR);
3429 used_components[component_id] = 1;
3430
3431 /* Here we explicitly allow to update the value again. */
3432 if (newflags)
3433 {
3434 option_info->new_flags = 0;
3435 }
3436 if (*value)
3437 {
3438 xfree (option_info->new_value);
3439 option_info->new_value = NULL;
3440 }
3441 change_one_value (option_info, runtime, newflags, value);
3442 }
3443 }
3444 }
3445
3446 if (length < 0 || ferror (config))
3447 {
3448 gc_error (0, errno, "error reading from `%s'", fname);
3449 result = -1;
3450 }
3451 if (fclose (config) && ferror (config))
3452 gc_error (0, errno, "error closing `%s'", fname);
3453
3454 xfree (line);
3455
3456 /* If it all worked, process the options. */
3457 if (!result && update && defaults && !listfp)
3458 {
3459 /* We need to switch off the runtime update, so that we can do
3460 it later all at once. */
3461 int save_opt_runtime = opt.runtime;
3462 opt.runtime = 0;
3463
3464 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
3465 {
3466 gc_component_change_options (component_id, NULL);
3467 }
3468 opt.runtime = save_opt_runtime;
3469
3470 if (opt.runtime)
3471 {
3472 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
3473 if (runtime[backend_id] && gc_backend[backend_id].runtime_change)
3474 (*gc_backend[backend_id].runtime_change) ();
3475 }
3476 }
3477
3478 xfree (fname);
3479 return result;
3480 }
gnupg svn clone