search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2007-12-04 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / tools / gpgconf-comp.c
blob5dc55de767fc2942b1bef6bd775ccf6cf9888651
1 /* gpgconf-comp.c - Configuration utility for GnuPG.
2 * Copyright (C) 2004, 2007 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with GnuPG; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #if HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23 #include <stdlib.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <fcntl.h>
27 #include <unistd.h>
28 #include <sys/types.h>
29 #include <assert.h>
30 #include <errno.h>
31 #include <time.h>
32 #include <stdarg.h>
33 #include <signal.h>
34 #include <ctype.h>
35 #ifdef HAVE_W32_SYSTEM
36 # define WIN32_LEAN_AND_MEAN 1
37 # include <windows.h>
38 #else
39 # include <pwd.h>
40 # include <grp.h>
41 #endif
42
43 /* For log_logv(), asctimestamp(), gnupg_get_time (). */
44 #define JNLIB_NEED_LOG_LOGV
45 #include "util.h"
46 #include "i18n.h"
47 #include "exechelp.h"
48
49 #include "gc-opt-flags.h"
50 #include "gpgconf.h"
51
52
53 /* There is a problem with gpg 1.4 under Windows: --gpgconf-list
54 returns a plain filename without escaping. As long as we have not
55 fixed that we need to use gpg2 - it might actually be better to use
56 gpg2 in any case. */
57 #ifdef HAVE_W32_SYSTEM
58 #define GPGNAME "gpg2"
59 #else
60 #define GPGNAME "gpg"
61 #endif
62
63 \f
64 /* TODO:
65 Components: Add more components and their options.
66 Robustness: Do more validation. Call programs to do validation for us.
67 Add options to change backend binary path.
68 Extract binary path for some backends from gpgsm/gpg config.
69 */
70
71 \f
72 #if (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ))
73 void gc_error (int status, int errnum, const char *fmt, ...) \
74 __attribute__ ((format (printf, 3, 4)));
75 #endif
76
77 /* Output a diagnostic message. If ERRNUM is not 0, then the output
78 is followed by a colon, a white space, and the error string for the
79 error number ERRNUM. In any case the output is finished by a
80 newline. The message is prepended by the program name, a colon,
81 and a whitespace. The output may be further formatted or
82 redirected by the jnlib logging facility. */
83 void
84 gc_error (int status, int errnum, const char *fmt, ...)
85 {
86 va_list arg_ptr;
87
88 va_start (arg_ptr, fmt);
89 log_logv (JNLIB_LOG_ERROR, fmt, arg_ptr);
90 va_end (arg_ptr);
91
92 if (errnum)
93 log_printf (": %s\n", strerror (errnum));
94 else
95 log_printf ("\n");
96
97 if (status)
98 {
99 log_printf (NULL);
100 log_printf ("fatal error (exit status %i)\n", status);
101 exit (status);
102 }
103 }
104
105 \f
106 /* Forward declaration. */
107 void gpg_agent_runtime_change (void);
108
109 /* Backend configuration. Backends are used to decide how the default
110 and current value of an option can be determined, and how the
111 option can be changed. To every option in every component belongs
112 exactly one backend that controls and determines the option. Some
113 backends are programs from the GPG system. Others might be
114 implemented by GPGConf itself. If you change this enum, don't
115 forget to update GC_BACKEND below. */
116 typedef enum
117 {
118 /* Any backend, used for find_option (). */
119 GC_BACKEND_ANY,
120
121 /* The Gnu Privacy Guard. */
122 GC_BACKEND_GPG,
123
124 /* The Gnu Privacy Guard for S/MIME. */
125 GC_BACKEND_GPGSM,
126
127 /* The GPG Agent. */
128 GC_BACKEND_GPG_AGENT,
129
130 /* The GnuPG SCDaemon. */
131 GC_BACKEND_SCDAEMON,
132
133 /* The Aegypten directory manager. */
134 GC_BACKEND_DIRMNGR,
135
136 /* The LDAP server list file for the Aegypten director manager. */
137 GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST,
138
139 /* The number of the above entries. */
140 GC_BACKEND_NR
141 } gc_backend_t;
142
143
144 /* To be able to implement generic algorithms for the various
145 backends, we collect all information about them in this struct. */
146 static struct
147 {
148 /* The name of the backend. */
149 const char *name;
150
151 /* The name of the program that acts as the backend. Some backends
152 don't have an associated program, but are implemented directly by
153 GPGConf. In this case, PROGRAM is NULL. */
154 char *program;
155
156 /* The module name (GNUPG_MODULE_NAME_foo) as defined by
157 ../common/util.h. This value is used to get the actual installed
158 path of the program. 0 is used if no backedn program is
159 available. */
160 char module_name;
161
162 /* The runtime change callback. */
163 void (*runtime_change) (void);
164
165 /* The option name for the configuration filename of this backend.
166 This must be an absolute pathname. It can be an option from a
167 different backend (but then ordering of the options might
168 matter). */
169 const char *option_config_filename;
170
171 /* If this is a file backend rather than a program backend, then
172 this is the name of the option associated with the file. */
173 const char *option_name;
174 } gc_backend[GC_BACKEND_NR] =
175 {
176 { NULL }, /* GC_BACKEND_ANY dummy entry. */
177 { "GnuPG", GPGNAME, GNUPG_MODULE_NAME_GPG,
178 NULL, "gpgconf-gpg.conf" },
179 { "GPGSM", "gpgsm", GNUPG_MODULE_NAME_GPGSM,
180 NULL, "gpgconf-gpgsm.conf" },
181 { "GPG Agent", "gpg-agent", GNUPG_MODULE_NAME_AGENT,
182 gpg_agent_runtime_change, "gpgconf-gpg-agent.conf" },
183 { "SCDaemon", "scdaemon", GNUPG_MODULE_NAME_SCDAEMON,
184 NULL, "gpgconf-scdaemon.conf" },
185 { "DirMngr", "dirmngr", GNUPG_MODULE_NAME_DIRMNGR,
186 NULL, "gpgconf-dirmngr.conf" },
187 { "DirMngr LDAP Server List", NULL, 0,
188 NULL, "ldapserverlist-file", "LDAP Server" },
189 };
190
191 \f
192 /* Option configuration. */
193
194 /* An option might take an argument, or not. Argument types can be
195 basic or complex. Basic types are generic and easy to validate.
196 Complex types provide more specific information about the intended
197 use, but can be difficult to validate. If you add to this enum,
198 don't forget to update GC_ARG_TYPE below. YOU MUST NOT CHANGE THE
199 NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE EXTERNAL
200 INTERFACE. */
201 typedef enum
202 {
203 /* Basic argument types. */
204
205 /* No argument. */
206 GC_ARG_TYPE_NONE = 0,
207
208 /* A String argument. */
209 GC_ARG_TYPE_STRING = 1,
210
211 /* A signed integer argument. */
212 GC_ARG_TYPE_INT32 = 2,
213
214 /* An unsigned integer argument. */
215 GC_ARG_TYPE_UINT32 = 3,
216
217 /* ADD NEW BASIC TYPE ENTRIES HERE. */
218
219 /* Complex argument types. */
220
221 /* A complete pathname. */
222 GC_ARG_TYPE_PATHNAME = 32,
223
224 /* An LDAP server in the format
225 HOSTNAME:PORT:USERNAME:PASSWORD:BASE_DN. */
226 GC_ARG_TYPE_LDAP_SERVER = 33,
227
228 /* A 40 character fingerprint. */
229 GC_ARG_TYPE_KEY_FPR = 34,
230
231 /* ADD NEW COMPLEX TYPE ENTRIES HERE. */
232
233 /* The number of the above entries. */
234 GC_ARG_TYPE_NR
235 } gc_arg_type_t;
236
237
238 /* For every argument, we record some information about it in the
239 following struct. */
240 static struct
241 {
242 /* For every argument type exists a basic argument type that can be
243 used as a fallback for input and validation purposes. */
244 gc_arg_type_t fallback;
245
246 /* Human-readable name of the type. */
247 const char *name;
248 } gc_arg_type[GC_ARG_TYPE_NR] =
249 {
250 /* The basic argument types have their own types as fallback. */
251 { GC_ARG_TYPE_NONE, "none" },
252 { GC_ARG_TYPE_STRING, "string" },
253 { GC_ARG_TYPE_INT32, "int32" },
254 { GC_ARG_TYPE_UINT32, "uint32" },
255
256 /* Reserved basic type entries for future extension. */
257 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
258 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
259 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
260 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
261 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
262 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
263 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
264 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
265 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
266 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
267 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
268 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
269 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
270 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
271
272 /* The complex argument types have a basic type as fallback. */
273 { GC_ARG_TYPE_STRING, "pathname" },
274 { GC_ARG_TYPE_STRING, "ldap server" },
275 { GC_ARG_TYPE_STRING, "key fpr" },
276 };
277
278
279 /* Every option has an associated expert level, than can be used to
280 hide advanced and expert options from beginners. If you add to
281 this list, don't forget to update GC_LEVEL below. YOU MUST NOT
282 CHANGE THE NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE
283 EXTERNAL INTERFACE. */
284 typedef enum
285 {
286 /* The basic options should always be displayed. */
287 GC_LEVEL_BASIC,
288
289 /* The advanced options may be hidden from beginners. */
290 GC_LEVEL_ADVANCED,
291
292 /* The expert options should only be displayed to experts. */
293 GC_LEVEL_EXPERT,
294
295 /* The invisible options should normally never be displayed. */
296 GC_LEVEL_INVISIBLE,
297
298 /* The internal options are never exported, they mark options that
299 are recorded for internal use only. */
300 GC_LEVEL_INTERNAL,
301
302 /* ADD NEW ENTRIES HERE. */
303
304 /* The number of the above entries. */
305 GC_LEVEL_NR
306 } gc_expert_level_t;
307
308 /* A description for each expert level. */
309 static struct
310 {
311 const char *name;
312 } gc_level[] =
313 {
314 { "basic" },
315 { "advanced" },
316 { "expert" },
317 { "invisible" },
318 { "internal" }
319 };
320
321
322 /* Option flags. The flags which are used by the backends are defined
323 by gc-opt-flags.h, included above.
324
325 YOU MUST NOT CHANGE THE NUMBERS OF THE EXISTING FLAGS, AS THEY ARE
326 PART OF THE EXTERNAL INTERFACE. */
327
328 /* Some entries in the option list are not options, but mark the
329 beginning of a new group of options. These entries have the GROUP
330 flag set. */
331 #define GC_OPT_FLAG_GROUP (1UL << 0)
332 /* The ARG_OPT flag for an option indicates that the argument is
333 optional. This is never set for GC_ARG_TYPE_NONE options. */
334 #define GC_OPT_FLAG_ARG_OPT (1UL << 1)
335 /* The LIST flag for an option indicates that the option can occur
336 several times. A comma separated list of arguments is used as the
337 argument value. */
338 #define GC_OPT_FLAG_LIST (1UL << 2)
339 /* The NO_CHANGE flag for an option indicates that the user should not
340 be allowed to change this option using the standard gpgconf method.
341 Frontends using gpgconf should grey out such options, so that only
342 the current value is displayed. */
343 #define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
344
345
346 /* A human-readable description for each flag. */
347 static struct
348 {
349 const char *name;
350 } gc_flag[] =
351 {
352 { "group" },
353 { "optional arg" },
354 { "list" },
355 { "runtime" },
356 { "default" },
357 { "default desc" },
358 { "no arg desc" },
359 { "no change" }
360 };
361
362
363 /* To each option, or group marker, the information in the GC_OPTION
364 struct is provided. If you change this, don't forget to update the
365 option list of each component. */
366 struct gc_option
367 {
368 /* If this is NULL, then this is a terminator in an array of unknown
369 length. Otherwise, if this entry is a group marker (see FLAGS),
370 then this is the name of the group described by this entry.
371 Otherwise it is the name of the option described by this
372 entry. The name must not contain a colon. */
373 const char *name;
374
375 /* The option flags. If the GROUP flag is set, then this entry is a
376 group marker, not an option, and only the fields LEVEL,
377 DESC_DOMAIN and DESC are valid. In all other cases, this entry
378 describes a new option and all fields are valid. */
379 unsigned long flags;
380
381 /* The expert level. This field is valid for options and groups. A
382 group has the expert level of the lowest-level option in the
383 group. */
384 gc_expert_level_t level;
385
386 /* A gettext domain in which the following description can be found.
387 If this is NULL, then DESC is not translated. Valid for groups
388 and options.
389
390 Note that we try to keep the description of groups within the
391 gnupg domain.
392
393 IMPORTANT: If you add a new domain please make sure to add a code
394 set switching call to the function my_dgettext further below. */
395 const char *desc_domain;
396
397 /* A gettext description for this group or option. If it starts
398 with a '|', then the string up to the next '|' describes the
399 argument, and the description follows the second '|'.
400
401 In general enclosing these description in N_() is not required
402 because the description should be identical to the one in the
403 help menu of the respective program. */
404 const char *desc;
405
406 /* The following fields are only valid for options. */
407
408 /* The type of the option argument. */
409 gc_arg_type_t arg_type;
410
411 /* The backend that implements this option. */
412 gc_backend_t backend;
413
414 /* The following fields are set to NULL at startup (because all
415 option's are declared as static variables). They are at the end
416 of the list so that they can be omitted from the option
417 declarations. */
418
419 /* This is true if the option is supported by this version of the
420 backend. */
421 int active;
422
423 /* The default value for this option. This is NULL if the option is
424 not present in the backend, the empty string if no default is
425 available, and otherwise a quoted string. */
426 char *default_value;
427
428 /* The default argument is only valid if the "optional arg" flag is
429 set, and specifies the default argument (value) that is used if
430 the argument is omitted. */
431 char *default_arg;
432
433 /* The current value of this option. */
434 char *value;
435
436 /* The new flags for this option. The only defined flag is actually
437 GC_OPT_FLAG_DEFAULT, and it means that the option should be
438 deleted. In this case, NEW_VALUE is NULL. */
439 unsigned long new_flags;
440
441 /* The new value of this option. */
442 char *new_value;
443 };
444 typedef struct gc_option gc_option_t;
445
446 /* Use this macro to terminate an option list. */
447 #define GC_OPTION_NULL { NULL }
448
449 \f
450 /* The options of the GC_COMPONENT_GPG_AGENT component. */
451 static gc_option_t gc_options_gpg_agent[] =
452 {
453 /* The configuration file to which we write the changes. */
454 { "gpgconf-gpg-agent.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
455 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
456
457 { "Monitor",
458 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
459 "gnupg", N_("Options controlling the diagnostic output") },
460 { "verbose", GC_OPT_FLAG_LIST|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
461 "gnupg", "verbose",
462 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
463 { "quiet", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
464 "gnupg", "be somewhat more quiet",
465 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
466 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
467 NULL, NULL,
468 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
469
470 { "Configuration",
471 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
472 "gnupg", N_("Options controlling the configuration") },
473 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
474 "gnupg", "|FILE|read options from FILE",
475 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
476 { "disable-scdaemon", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
477 "gnupg", "do not use the SCdaemon",
478 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
479
480 { "Debug",
481 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
482 "gnupg", N_("Options useful for debugging") },
483 { "debug-level", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
484 "gnupg", "|LEVEL|set the debugging level to LEVEL",
485 GC_ARG_TYPE_STRING, GC_BACKEND_GPG_AGENT },
486 { "log-file", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
487 "gnupg", N_("|FILE|write server mode logs to FILE"),
488 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
489 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
490 NULL, NULL,
491 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
492
493 { "Security",
494 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
495 "gnupg", N_("Options controlling the security") },
496 { "default-cache-ttl", GC_OPT_FLAG_RUNTIME,
497 GC_LEVEL_BASIC, "gnupg",
498 "|N|expire cached PINs after N seconds",
499 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
500 { "default-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
501 GC_LEVEL_ADVANCED, "gnupg",
502 N_("|N|expire SSH keys after N seconds"),
503 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
504 { "max-cache-ttl", GC_OPT_FLAG_RUNTIME,
505 GC_LEVEL_EXPERT, "gnupg",
506 N_("|N|set maximum PIN cache lifetime to N seconds"),
507 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
508 { "max-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
509 GC_LEVEL_EXPERT, "gnupg",
510 N_("|N|set maximum SSH key lifetime to N seconds"),
511 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
512 { "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
513 GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
514 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
515 { "allow-mark-trusted", GC_OPT_FLAG_RUNTIME,
516 GC_LEVEL_ADVANCED, "gnupg", "allow clients to mark keys as \"trusted\"",
517 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
518 { "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT,
519 "gnupg", "do not grab keyboard and mouse",
520 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
521
522 { "Passphrase policy",
523 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
524 "gnupg", N_("Options enforcing a passphrase policy") },
525 { "enforce-passphrase-constraints", GC_OPT_FLAG_RUNTIME,
526 GC_LEVEL_EXPERT, "gnupg",
527 N_("do not allow to bypass the passphrase policy"),
528 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
529 { "min-passphrase-len", GC_OPT_FLAG_RUNTIME,
530 GC_LEVEL_ADVANCED, "gnupg",
531 N_("|N|set minimal required length for new passphrases to N"),
532 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
533 { "min-passphrase-nonalpha", GC_OPT_FLAG_RUNTIME,
534 GC_LEVEL_EXPERT, "gnupg",
535 N_("|N|require at least N non-alpha characters for a new passphrase"),
536 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
537 { "check-passphrase-pattern", GC_OPT_FLAG_RUNTIME,
538 GC_LEVEL_EXPERT,
539 "gnupg", N_("|FILE|check new passphrases against pattern in FILE"),
540 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
541 { "max-passphrase-days", GC_OPT_FLAG_RUNTIME,
542 GC_LEVEL_EXPERT, "gnupg",
543 N_("|N|expire the passphrase after N days"),
544 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
545 { "enable-passphrase-history", GC_OPT_FLAG_RUNTIME,
546 GC_LEVEL_EXPERT, "gnupg",
547 N_("do not allow the reuse of old passphrases"),
548 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
549
550 GC_OPTION_NULL
551 };
552
553
554 /* The options of the GC_COMPONENT_SCDAEMON component. */
555 static gc_option_t gc_options_scdaemon[] =
556 {
557 /* The configuration file to which we write the changes. */
558 { "gpgconf-scdaemon.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
559 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
560
561 { "Monitor",
562 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
563 "gnupg", N_("Options controlling the diagnostic output") },
564 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
565 "gnupg", "verbose",
566 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
567 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
568 "gnupg", "be somewhat more quiet",
569 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
570 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
571 NULL, NULL,
572 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
573
574 { "Configuration",
575 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
576 "gnupg", N_("Options controlling the configuration") },
577 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
578 "gnupg", "|FILE|read options from FILE",
579 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
580 { "reader-port", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
581 "gnupg", "|N|connect to reader at port N",
582 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
583 { "ctapi-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
584 "gnupg", "|NAME|use NAME as ct-API driver",
585 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
586 { "pcsc-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
587 "gnupg", "|NAME|use NAME as PC/SC driver",
588 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
589 { "disable-opensc", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
590 "gnupg", "do not use the OpenSC layer",
591 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
592 { "disable-ccid", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
593 "gnupg", "do not use the internal CCID driver",
594 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
595 { "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
596 "gnupg", "do not use a reader's keypad",
597 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
598
599 { "Debug",
600 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
601 "gnupg", N_("Options useful for debugging") },
602 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
603 "gnupg", "|LEVEL|set the debugging level to LEVEL",
604 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
605 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
606 "gnupg", N_("|FILE|write server mode logs to FILE"),
607 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
608
609 { "Security",
610 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
611 "gnupg", N_("Options controlling the security") },
612 { "allow-admin", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
613 "gnupg", "allow the use of admin card commands",
614 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
615
616
617 GC_OPTION_NULL
618 };
619
620
621 /* The options of the GC_COMPONENT_GPG component. */
622 static gc_option_t gc_options_gpg[] =
623 {
624 /* The configuration file to which we write the changes. */
625 { "gpgconf-gpg.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
626 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
627
628 { "Monitor",
629 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
630 "gnupg", N_("Options controlling the diagnostic output") },
631 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
632 "gnupg", "verbose",
633 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
634 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
635 "gnupg", "be somewhat more quiet",
636 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
637 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
638 NULL, NULL,
639 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
640
641 { "Configuration",
642 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
643 "gnupg", N_("Options controlling the configuration") },
644 { "default-key", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
645 "gnupg", N_("|NAME|use NAME as default secret key"),
646 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
647 { "encrypt-to", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
648 "gnupg", N_("|NAME|encrypt to user ID NAME as well"),
649 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
650 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
651 "gnupg", "|FILE|read options from FILE",
652 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
653
654 { "Debug",
655 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
656 "gnupg", N_("Options useful for debugging") },
657 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
658 "gnupg", "|LEVEL|set the debugging level to LEVEL",
659 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
660 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
661 "gnupg", N_("|FILE|write server mode logs to FILE"),
662 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
663 /* { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE, */
664 /* NULL, NULL, */
665 /* GC_ARG_TYPE_UINT32, GC_BACKEND_GPG }, */
666
667 { "Keyserver",
668 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
669 "gnupg", N_("Configuration for Keyservers") },
670 { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
671 "gnupg", N_("|URL|use keyserver at URL"),
672 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
673 { "allow-pka-lookup", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
674 "gnupg", N_("allow PKA lookups (DNS requests)"),
675 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
676
677
678 GC_OPTION_NULL
679 };
680
681
682
683 /* The options of the GC_COMPONENT_GPGSM component. */
684 static gc_option_t gc_options_gpgsm[] =
685 {
686 /* The configuration file to which we write the changes. */
687 { "gpgconf-gpgsm.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
688 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
689
690 { "Monitor",
691 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
692 "gnupg", N_("Options controlling the diagnostic output") },
693 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
694 "gnupg", "verbose",
695 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
696 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
697 "gnupg", "be somewhat more quiet",
698 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
699 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
700 NULL, NULL,
701 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
702
703 { "Configuration",
704 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
705 "gnupg", N_("Options controlling the configuration") },
706 { "default-key", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
707 "gnupg", N_("|NAME|use NAME as default secret key"),
708 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
709 { "encrypt-to", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
710 "gnupg", N_("|NAME|encrypt to user ID NAME as well"),
711 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
712 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
713 "gnupg", "|FILE|read options from FILE",
714 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
715 { "prefer-system-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
716 "gnupg", "use system's dirmngr if available",
717 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
718 { "p12-charset", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
719 "gnupg", N_("|NAME|use encoding NAME for PKCS#12 passphrases"),
720 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
721
722 { "Debug",
723 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
724 "gnupg", N_("Options useful for debugging") },
725 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
726 "gnupg", "|LEVEL|set the debugging level to LEVEL",
727 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
728 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
729 "gnupg", N_("|FILE|write server mode logs to FILE"),
730 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
731 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
732 NULL, NULL,
733 GC_ARG_TYPE_UINT32, GC_BACKEND_GPGSM },
734
735 { "Security",
736 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
737 "gnupg", N_("Options controlling the security") },
738 { "disable-crl-checks", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
739 "gnupg", "never consult a CRL",
740 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
741 { "disable-trusted-cert-crl-check", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
742 "gnupg", N_("do not check CRLs for root certificates"),
743 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
744 { "enable-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
745 "gnupg", "check validity using OCSP",
746 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
747 { "include-certs", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
748 "gnupg", "|N|number of certificates to include",
749 GC_ARG_TYPE_INT32, GC_BACKEND_GPGSM },
750 { "disable-policy-checks", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
751 "gnupg", "do not check certificate policies",
752 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
753 { "auto-issuer-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
754 "gnupg", "fetch missing issuer certificates",
755 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
756 { "cipher-algo", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
757 "gnupg", "|NAME|use cipher algorithm NAME",
758 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
759
760 GC_OPTION_NULL
761 };
762
763
764 /* The options of the GC_COMPONENT_DIRMNGR component. */
765 static gc_option_t gc_options_dirmngr[] =
766 {
767 /* The configuration file to which we write the changes. */
768 { "gpgconf-dirmngr.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
769 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
770
771 { "Monitor",
772 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
773 "gnupg", N_("Options controlling the diagnostic output") },
774 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
775 "dirmngr", "verbose",
776 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
777 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
778 "dirmngr", "be somewhat more quiet",
779 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
780 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
781 NULL, NULL,
782 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
783
784 { "Format",
785 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
786 "gnupg", N_("Options controlling the format of the output") },
787 { "sh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
788 "dirmngr", "sh-style command output",
789 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
790 { "csh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
791 "dirmngr", "csh-style command output",
792 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
793
794 { "Configuration",
795 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
796 "gnupg", N_("Options controlling the configuration") },
797 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
798 "dirmngr", "|FILE|read options from FILE",
799 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
800
801 { "Debug",
802 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
803 "gnupg", N_("Options useful for debugging") },
804 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
805 "dirmngr", "|LEVEL|set the debugging level to LEVEL",
806 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
807 { "no-detach", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
808 "dirmngr", "do not detach from the console",
809 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
810 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
811 "dirmngr", N_("|FILE|write server mode logs to FILE"),
812 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
813 { "debug-wait", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
814 NULL, NULL,
815 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
816 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
817 NULL, NULL,
818 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
819
820 { "Enforcement",
821 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
822 "gnupg", N_("Options controlling the interactivity and enforcement") },
823 { "batch", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
824 "dirmngr", "run without asking a user",
825 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
826 { "force", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
827 "dirmngr", "force loading of outdated CRLs",
828 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
829
830 { "HTTP",
831 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
832 "gnupg", N_("Configuration for HTTP servers") },
833 { "disable-http", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
834 "dirmngr", "inhibit the use of HTTP",
835 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
836 { "ignore-http-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
837 "dirmngr", "ignore HTTP CRL distribution points",
838 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
839 { "http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
840 "dirmngr", "|URL|redirect all HTTP requests to URL",
841 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
842 { "honor-http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
843 "dirmngr", N_("use system's HTTP proxy setting"),
844 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
845
846 { "LDAP",
847 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
848 "gnupg", N_("Configuration of LDAP servers to use") },
849 { "disable-ldap", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
850 "dirmngr", "inhibit the use of LDAP",
851 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
852 { "ignore-ldap-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
853 "dirmngr", "ignore LDAP CRL distribution points",
854 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
855 { "ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
856 "dirmngr", "|HOST|use HOST for LDAP queries",
857 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
858 { "only-ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
859 "dirmngr", "do not use fallback hosts with --ldap-proxy",
860 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
861 { "add-servers", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
862 "dirmngr", "add new servers discovered in CRL distribution points"
863 " to serverlist", GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
864 { "ldaptimeout", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
865 "dirmngr", "|N|set LDAP timeout to N seconds",
866 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
867 /* The following entry must not be removed, as it is required for
868 the GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST. */
869 { "ldapserverlist-file",
870 GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
871 "dirmngr", "|FILE|read LDAP server list from FILE",
872 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
873 /* This entry must come after at least one entry for
874 GC_BACKEND_DIRMNGR in this component, so that the entry for
875 "ldapserverlist-file will be initialized before this one. */
876 { "LDAP Server", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
877 NULL, "LDAP server list",
878 GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST },
879 { "max-replies", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
880 "dirmngr", "|N|do not return more than N items in one query",
881 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
882
883 { "OCSP",
884 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
885 "gnupg", N_("Configuration for OCSP") },
886 { "allow-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
887 "dirmngr", "allow sending OCSP requests",
888 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
889 { "ignore-ocsp-service-url", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
890 "dirmngr", "ignore certificate contained OCSP service URLs",
891 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
892 { "ocsp-responder", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
893 "dirmngr", "|URL|use OCSP responder at URL",
894 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
895 { "ocsp-signer", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
896 "dirmngr", "|FPR|OCSP response signed by FPR",
897 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
898
899
900 GC_OPTION_NULL
901 };
902
903 \f
904 /* Component system. Each component is a set of options that can be
905 configured at the same time. If you change this, don't forget to
906 update GC_COMPONENT below. */
907 typedef enum
908 {
909 /* The classic GPG for OpenPGP. */
910 GC_COMPONENT_GPG,
911
912 /* The GPG Agent. */
913 GC_COMPONENT_GPG_AGENT,
914
915 /* The Smardcard Daemon. */
916 GC_COMPONENT_SCDAEMON,
917
918 /* GPG for S/MIME. */
919 GC_COMPONENT_GPGSM,
920
921 /* The LDAP Directory Manager for CRLs. */
922 GC_COMPONENT_DIRMNGR,
923
924 /* The number of components. */
925 GC_COMPONENT_NR
926 } gc_component_t;
927
928
929 /* The information associated with each component. */
930 static struct
931 {
932 /* The name of this component. Must not contain a colon (':')
933 character. */
934 const char *name;
935
936 /* The gettext domain for the description DESC. If this is NULL,
937 then the description is not translated. */
938 const char *desc_domain;
939
940 /* The description for this domain. */
941 const char *desc;
942
943 /* The list of options for this component, terminated by
944 GC_OPTION_NULL. */
945 gc_option_t *options;
946 } gc_component[] =
947 {
948 { "gpg", NULL, "GPG for OpenPGP", gc_options_gpg },
949 { "gpg-agent", NULL, "GPG Agent", gc_options_gpg_agent },
950 { "scdaemon", NULL, "Smartcard Daemon", gc_options_scdaemon },
951 { "gpgsm", NULL, "GPG for S/MIME", gc_options_gpgsm },
952 { "dirmngr", NULL, "Directory Manager", gc_options_dirmngr }
953 };
954
955
956
957 /* Structure used to collect error output of the backend programs. */
958 struct error_line_s;
959 typedef struct error_line_s *error_line_t;
960 struct error_line_s
961 {
962 error_line_t next; /* Link to next item. */
963 const char *fname; /* Name of the config file (points into BUFFER). */
964 unsigned int lineno; /* Line number of the config file. */
965 const char *errtext; /* Text of the error message (points into BUFFER). */
966 char buffer[1]; /* Helper buffer. */
967 };
968
969
970 \f
971 /* Engine specific support. */
972 void
973 gpg_agent_runtime_change (void)
974 {
975 #ifndef HAVE_W32_SYSTEM
976 char *agent = getenv ("GPG_AGENT_INFO");
977 char *pid_str;
978 unsigned long pid_long;
979 char *tail;
980 pid_t pid;
981
982 if (!agent)
983 return;
984
985 pid_str = strchr (agent, ':');
986 if (!pid_str)
987 return;
988
989 pid_str++;
990 errno = 0;
991 pid_long = strtoul (pid_str, &tail, 0);
992 if (errno || (*tail != ':' && *tail != '\0'))
993 return;
994
995 pid = (pid_t) pid_long;
996
997 /* Check for overflow. */
998 if (pid_long != (unsigned long) pid)
999 return;
1000
1001 /* Ignore any errors here. */
1002 kill (pid, SIGHUP);
1003 #endif /*!HAVE_W32_SYSTEM*/
1004 }
1005
1006 \f
1007 /* More or less Robust version of dgettext. It has the side effect of
1008 switching the codeset to utf-8 because this is what we want to
1009 output. In theory it is posible to keep the orginal code set and
1010 switch back for regular disgnostic output (redefine "_(" for that)
1011 but given the natur of this tool, being something invoked from
1012 other pograms, it does not make much sense. */
1013 static const char *
1014 my_dgettext (const char *domain, const char *msgid)
1015 {
1016 #ifdef ENABLE_NLS
1017 if (domain)
1018 {
1019 static int switched_codeset;
1020 char *text;
1021
1022 if (!switched_codeset)
1023 {
1024 switched_codeset = 1;
1025 bind_textdomain_codeset (PACKAGE_GT, "utf-8");
1026
1027 bindtextdomain ("dirmngr", LOCALEDIR);
1028 bind_textdomain_codeset ("dirmngr", "utf-8");
1029
1030 }
1031
1032 /* Note: This is a hack to actually use the gnupg2 domain as
1033 long we are in a transition phase where gnupg 1.x and 1.9 may
1034 coexist. */
1035 if (!strcmp (domain, "gnupg"))
1036 domain = PACKAGE_GT;
1037
1038 text = dgettext (domain, msgid);
1039 return text ? text : msgid;
1040 }
1041 else
1042 #endif
1043 return msgid;
1044 }
1045
1046
1047 /* Percent-Escape special characters. The string is valid until the
1048 next invocation of the function. */
1049 static char *
1050 my_percent_escape (const char *src)
1051 {
1052 static char *esc_str;
1053 static int esc_str_len;
1054 int new_len = 3 * strlen (src) + 1;
1055 char *dst;
1056
1057 if (esc_str_len < new_len)
1058 {
1059 char *new_esc_str = realloc (esc_str, new_len);
1060 if (!new_esc_str)
1061 gc_error (1, errno, "can not escape string");
1062 esc_str = new_esc_str;
1063 esc_str_len = new_len;
1064 }
1065
1066 dst = esc_str;
1067 while (*src)
1068 {
1069 if (*src == '%')
1070 {
1071 *(dst++) = '%';
1072 *(dst++) = '2';
1073 *(dst++) = '5';
1074 }
1075 else if (*src == ':')
1076 {
1077 /* The colon is used as field separator. */
1078 *(dst++) = '%';
1079 *(dst++) = '3';
1080 *(dst++) = 'a';
1081 }
1082 else if (*src == ',')
1083 {
1084 /* The comma is used as list separator. */
1085 *(dst++) = '%';
1086 *(dst++) = '2';
1087 *(dst++) = 'c';
1088 }
1089 else
1090 *(dst++) = *(src);
1091 src++;
1092 }
1093 *dst = '\0';
1094 return esc_str;
1095 }
1096
1097
1098
1099 /* Percent-Deescape special characters. The string is valid until the
1100 next invocation of the function. */
1101 static char *
1102 percent_deescape (const char *src)
1103 {
1104 static char *str;
1105 static int str_len;
1106 int new_len = 3 * strlen (src) + 1;
1107 char *dst;
1108
1109 if (str_len < new_len)
1110 {
1111 char *new_str = realloc (str, new_len);
1112 if (!new_str)
1113 gc_error (1, errno, "can not deescape string");
1114 str = new_str;
1115 str_len = new_len;
1116 }
1117
1118 dst = str;
1119 while (*src)
1120 {
1121 if (*src == '%')
1122 {
1123 int val = hextobyte (src + 1);
1124
1125 if (val < 0)
1126 gc_error (1, 0, "malformed end of string %s", src);
1127
1128 *(dst++) = (char) val;
1129 src += 3;
1130 }
1131 else
1132 *(dst++) = *(src++);
1133 }
1134 *dst = '\0';
1135 return str;
1136 }
1137
1138 \f
1139 /* List all components that are available. */
1140 void
1141 gc_component_list_components (FILE *out)
1142 {
1143 gc_component_t component;
1144 gc_option_t *option;
1145 gc_backend_t backend;
1146 int backend_seen[GC_BACKEND_NR];
1147 const char *desc;
1148 const char *pgmname;
1149
1150 for (component = 0; component < GC_COMPONENT_NR; component++)
1151 {
1152 option = gc_component[component].options;
1153 if (option)
1154 {
1155 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1156 backend_seen[backend] = 0;
1157
1158 pgmname = "";
1159 for (; option && option->name; option++)
1160 {
1161 if ((option->flags & GC_OPT_FLAG_GROUP))
1162 continue;
1163 backend = option->backend;
1164 if (backend_seen[backend])
1165 continue;
1166 backend_seen[backend] = 1;
1167 assert (backend != GC_BACKEND_ANY);
1168 if (gc_backend[backend].program
1169 && !gc_backend[backend].module_name)
1170 continue;
1171 pgmname = gnupg_module_name (gc_backend[backend].module_name);
1172 break;
1173 }
1174
1175 desc = gc_component[component].desc;
1176 desc = my_dgettext (gc_component[component].desc_domain, desc);
1177 fprintf (out, "%s:%s:",
1178 gc_component[component].name, my_percent_escape (desc));
1179 fprintf (out, "%s\n", my_percent_escape (pgmname));
1180 }
1181 }
1182 }
1183
1184
1185 \f
1186 static int
1187 all_digits_p (const char *p, size_t len)
1188 {
1189 if (!len)
1190 return 0; /* No. */
1191 for (; len; len--, p++)
1192 if (!isascii (*p) || !isdigit (*p))
1193 return 0; /* No. */
1194 return 1; /* Yes. */
1195 }
1196
1197
1198 /* Collect all error lines from file descriptor FD. Only lines
1199 prefixed with TAG are considered. Close that file descriptor
1200 then. Returns a list of error line items (which may be empty).
1201 There is no error return. */
1202 static error_line_t
1203 collect_error_output (int fd, const char *tag)
1204 {
1205 FILE *fp;
1206 char buffer[1024];
1207 char *p, *p2, *p3;
1208 int c, cont_line;
1209 unsigned int pos;
1210 error_line_t eitem, errlines, *errlines_tail;
1211 size_t taglen = strlen (tag);
1212
1213 fp = fdopen (fd, "r");
1214 if (!fp)
1215 gc_error (1, errno, "can't fdopen pipe for reading");
1216
1217 errlines = NULL;
1218 errlines_tail = &errlines;
1219 pos = 0;
1220 cont_line = 0;
1221 while ((c=getc (fp)) != EOF)
1222 {
1223 buffer[pos++] = c;
1224 if (pos >= sizeof buffer - 5 || c == '\n')
1225 {
1226 buffer[pos - (c == '\n')] = 0;
1227 if (cont_line)
1228 ; /*Ignore continuations of previous line. */
1229 else if (!strncmp (buffer, tag, taglen) && buffer[taglen] == ':')
1230 {
1231 /* "gpgsm: foo:4: bla" */
1232 /* Yep, we are interested in this line. */
1233 p = buffer + taglen + 1;
1234 while (*p == ' ' || *p == '\t')
1235 p++;
1236 if (!*p)
1237 ; /* Empty lines are ignored. */
1238 else if ( (p2 = strchr (p, ':')) && (p3 = strchr (p2+1, ':'))
1239 && all_digits_p (p2+1, p3 - (p2+1)))
1240 {
1241 /* Line in standard compiler format. */
1242 p3++;
1243 while (*p3 == ' ' || *p3 == '\t')
1244 p3++;
1245 eitem = xmalloc (sizeof *eitem + strlen (p));
1246 eitem->next = NULL;
1247 strcpy (eitem->buffer, p);
1248 eitem->fname = eitem->buffer;
1249 eitem->buffer[p2-p] = 0;
1250 eitem->errtext = eitem->buffer + (p3 - p);
1251 /* (we already checked that there are only ascii
1252 digits followed by a colon) */
1253 eitem->lineno = 0;
1254 for (p2++; isdigit (*p2); p2++)
1255 eitem->lineno = eitem->lineno*10 + (*p2 - '0');
1256 *errlines_tail = eitem;
1257 errlines_tail = &eitem->next;
1258 }
1259 else
1260 {
1261 /* Other error output. */
1262 eitem = xmalloc (sizeof *eitem + strlen (p));
1263 eitem->next = NULL;
1264 strcpy (eitem->buffer, p);
1265 eitem->fname = NULL;
1266 eitem->errtext = eitem->buffer;
1267 eitem->lineno = 0;
1268 *errlines_tail = eitem;
1269 errlines_tail = &eitem->next;
1270 }
1271 }
1272 pos = 0;
1273 /* If this was not a complete line mark that we are in a
1274 continuation. */
1275 cont_line = (c != '\n');
1276 }
1277 }
1278
1279 /* We ignore error lines not terminated by a LF. */
1280
1281 fclose (fp);
1282 return errlines;
1283 }
1284
1285
1286
1287 /* Check all components that are available. */
1288 void
1289 gc_component_check_programs (FILE *out)
1290 {
1291 gpg_error_t err;
1292 gc_component_t component;
1293 unsigned int result;
1294 int backend_seen[GC_BACKEND_NR];
1295 gc_backend_t backend;
1296 gc_option_t *option;
1297 const char *desc;
1298 const char *pgmname;
1299 const char *argv[2];
1300 pid_t pid;
1301 int exitcode;
1302 int filedes[2];
1303 error_line_t errlines, errptr;
1304
1305 /* We use a temporary file to collect the error output. It would be
1306 better to use a pipe here but as of now we have no suitable
1307 fucntion to create a portable pipe outside of exechelp. Thus it
1308 is easier to use the tempfile approach. */
1309 for (component = 0; component < GC_COMPONENT_NR; component++)
1310 {
1311 if (!gc_component[component].options)
1312 continue;
1313
1314 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1315 backend_seen[backend] = 0;
1316
1317 option = gc_component[component].options;
1318 for (; option && option->name; option++)
1319 {
1320 if ((option->flags & GC_OPT_FLAG_GROUP))
1321 continue;
1322 backend = option->backend;
1323 if (backend_seen[backend])
1324 continue;
1325 backend_seen[backend] = 1;
1326 assert (backend != GC_BACKEND_ANY);
1327 if (!gc_backend[backend].program)
1328 continue;
1329 if (!gc_backend[backend].module_name)
1330 continue;
1331
1332 pgmname = gnupg_module_name (gc_backend[backend].module_name);
1333 argv[0] = "--gpgconf-test";
1334 argv[1] = NULL;
1335
1336 err = gnupg_create_inbound_pipe (filedes);
1337 if (err)
1338 gc_error (1, 0, _("error creating a pipe: %s\n"),
1339 gpg_strerror (err));
1340
1341 result = 0;
1342 errlines = NULL;
1343 if (gnupg_spawn_process_fd (pgmname, argv, -1, -1, filedes[1], &pid))
1344 {
1345 close (filedes[0]);
1346 close (filedes[1]);
1347 result |= 1; /* Program could not be run. */
1348 }
1349 else
1350 {
1351 close (filedes[1]);
1352 errlines = collect_error_output (filedes[0],
1353 gc_component[component].name);
1354 if (gnupg_wait_process (pgmname, pid, &exitcode))
1355 {
1356 if (exitcode == -1)
1357 result |= 1; /* Program could not be run or it
1358 terminated abnormally. */
1359 result |= 2; /* Program returned an error. */
1360 }
1361 }
1362
1363 /* If the program could not be run, we can't tell whether
1364 the config file is good. */
1365 if ((result&1))
1366 result |= 2;
1367
1368 desc = gc_component[component].desc;
1369 desc = my_dgettext (gc_component[component].desc_domain, desc);
1370 fprintf (out, "%s:%s:",
1371 gc_component[component].name, my_percent_escape (desc));
1372 fputs (my_percent_escape (pgmname), out);
1373 fprintf (out, ":%d:%d:", !(result & 1), !(result & 2));
1374 for (errptr = errlines; errptr; errptr = errptr->next)
1375 {
1376 if (errptr != errlines)
1377 fputs ("\n:::::", out); /* Continuation line. */
1378 if (errptr->fname)
1379 fputs (my_percent_escape (errptr->fname), out);
1380 putc (':', out);
1381 if (errptr->fname)
1382 fprintf (out, "%u", errptr->lineno);
1383 putc (':', out);
1384 fputs (my_percent_escape (errptr->errtext), out);
1385 putc (':', out);
1386 }
1387 putc ('\n', out);
1388
1389 while (errlines)
1390 {
1391 error_line_t tmp = errlines->next;
1392 xfree (errlines);
1393 errlines = tmp;
1394 }
1395 break; /* Loop over options of this component */
1396 }
1397 }
1398 }
1399
1400
1401 \f
1402 /* Find the component with the name NAME. Returns -1 if not
1403 found. */
1404 int
1405 gc_component_find (const char *name)
1406 {
1407 gc_component_t idx;
1408
1409 for (idx = 0; idx < GC_COMPONENT_NR; idx++)
1410 {
1411 if (gc_component[idx].options
1412 && !strcmp (name, gc_component[idx].name))
1413 return idx;
1414 }
1415 return -1;
1416 }
1417
1418 \f
1419 /* List the option OPTION. */
1420 static void
1421 list_one_option (const gc_option_t *option, FILE *out)
1422 {
1423 const char *desc = NULL;
1424 char *arg_name = NULL;
1425
1426 if (option->desc)
1427 {
1428 desc = my_dgettext (option->desc_domain, option->desc);
1429
1430 if (*desc == '|')
1431 {
1432 const char *arg_tail = strchr (&desc[1], '|');
1433
1434 if (arg_tail)
1435 {
1436 int arg_len = arg_tail - &desc[1];
1437 arg_name = xmalloc (arg_len + 1);
1438 memcpy (arg_name, &desc[1], arg_len);
1439 arg_name[arg_len] = '\0';
1440 desc = arg_tail + 1;
1441 }
1442 }
1443 }
1444
1445
1446 /* YOU MUST NOT REORDER THE FIELDS IN THIS OUTPUT, AS THEIR ORDER IS
1447 PART OF THE EXTERNAL INTERFACE. YOU MUST NOT REMOVE ANY
1448 FIELDS. */
1449
1450 /* The name field. */
1451 fprintf (out, "%s", option->name);
1452
1453 /* The flags field. */
1454 fprintf (out, ":%lu", option->flags);
1455 if (opt.verbose)
1456 {
1457 putc (' ', out);
1458
1459 if (!option->flags)
1460 fprintf (out, "none");
1461 else
1462 {
1463 unsigned long flags = option->flags;
1464 unsigned long flag = 0;
1465 unsigned long first = 1;
1466
1467 while (flags)
1468 {
1469 if (flags & 1)
1470 {
1471 if (first)
1472 first = 0;
1473 else
1474 putc (',', out);
1475 fprintf (out, "%s", gc_flag[flag].name);
1476 }
1477 flags >>= 1;
1478 flag++;
1479 }
1480 }
1481 }
1482
1483 /* The level field. */
1484 fprintf (out, ":%u", option->level);
1485 if (opt.verbose)
1486 fprintf (out, " %s", gc_level[option->level].name);
1487
1488 /* The description field. */
1489 fprintf (out, ":%s", desc ? my_percent_escape (desc) : "");
1490
1491 /* The type field. */
1492 fprintf (out, ":%u", option->arg_type);
1493 if (opt.verbose)
1494 fprintf (out, " %s", gc_arg_type[option->arg_type].name);
1495
1496 /* The alternate type field. */
1497 fprintf (out, ":%u", gc_arg_type[option->arg_type].fallback);
1498 if (opt.verbose)
1499 fprintf (out, " %s",
1500 gc_arg_type[gc_arg_type[option->arg_type].fallback].name);
1501
1502 /* The argument name field. */
1503 fprintf (out, ":%s", arg_name ? my_percent_escape (arg_name) : "");
1504 if (arg_name)
1505 xfree (arg_name);
1506
1507 /* The default value field. */
1508 fprintf (out, ":%s", option->default_value ? option->default_value : "");
1509
1510 /* The default argument field. */
1511 fprintf (out, ":%s", option->default_arg ? option->default_arg : "");
1512
1513 /* The value field. */
1514 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
1515 && (option->flags & GC_OPT_FLAG_LIST)
1516 && option->value)
1517 /* The special format "1,1,1,1,...,1" is converted to a number
1518 here. */
1519 fprintf (out, ":%u", (unsigned int)((strlen (option->value) + 1) / 2));
1520 else
1521 fprintf (out, ":%s", option->value ? option->value : "");
1522
1523 /* ADD NEW FIELDS HERE. */
1524
1525 putc ('\n', out);
1526 }
1527
1528
1529 /* List all options of the component COMPONENT. */
1530 void
1531 gc_component_list_options (int component, FILE *out)
1532 {
1533 const gc_option_t *option = gc_component[component].options;
1534 const gc_option_t *group_option = NULL;
1535
1536 while (option && option->name)
1537 {
1538 /* Do not output unknown or internal options. */
1539 if (!(option->flags & GC_OPT_FLAG_GROUP)
1540 && (!option->active || option->level == GC_LEVEL_INTERNAL))
1541 {
1542 option++;
1543 continue;
1544 }
1545
1546 if (option->flags & GC_OPT_FLAG_GROUP)
1547 group_option = option;
1548 else
1549 {
1550 if (group_option)
1551 {
1552 list_one_option (group_option, out);
1553 group_option = NULL;
1554 }
1555
1556 list_one_option (option, out);
1557 }
1558
1559 option++;
1560 }
1561 }
1562
1563
1564 /* Find the option NAME in component COMPONENT, for the backend
1565 BACKEND. If BACKEND is GC_BACKEND_ANY, any backend will match. */
1566 static gc_option_t *
1567 find_option (gc_component_t component, const char *name,
1568 gc_backend_t backend)
1569 {
1570 gc_option_t *option = gc_component[component].options;
1571 while (option->name)
1572 {
1573 if (!(option->flags & GC_OPT_FLAG_GROUP)
1574 && !strcmp (option->name, name)
1575 && (backend == GC_BACKEND_ANY || option->backend == backend))
1576 break;
1577 option++;
1578 }
1579 return option->name ? option : NULL;
1580 }
1581
1582 \f
1583 /* Determine the configuration pathname for the component COMPONENT
1584 and backend BACKEND. */
1585 static char *
1586 get_config_pathname (gc_component_t component, gc_backend_t backend)
1587 {
1588 char *pathname = NULL;
1589 gc_option_t *option = find_option
1590 (component, gc_backend[backend].option_config_filename, GC_BACKEND_ANY);
1591 assert (option);
1592 assert (option->arg_type == GC_ARG_TYPE_PATHNAME);
1593 assert (!(option->flags & GC_OPT_FLAG_LIST));
1594
1595 if (!option->active || !option->default_value)
1596 gc_error (1, 0, "Option %s, needed by backend %s, was not initialized",
1597 gc_backend[backend].option_config_filename,
1598 gc_backend[backend].name);
1599
1600 if (option->value && *option->value)
1601 pathname = percent_deescape (&option->value[1]);
1602 else if (option->default_value && *option->default_value)
1603 pathname = percent_deescape (&option->default_value[1]);
1604 else
1605 pathname = "";
1606
1607 #ifdef HAVE_DOSISH_SYSTEM
1608 if (!(pathname[0]
1609 && pathname[1] == ':'
1610 && (pathname[2] == '/' || pathname[2] == '\\')))
1611 #else
1612 if (pathname[0] != '/')
1613 #endif
1614 gc_error (1, 0, "Option %s, needed by backend %s, is not absolute",
1615 gc_backend[backend].option_config_filename,
1616 gc_backend[backend].name);
1617
1618 return pathname;
1619 }
1620
1621 \f
1622 /* Retrieve the options for the component COMPONENT from backend
1623 BACKEND, which we already know is a program-type backend. */
1624 static void
1625 retrieve_options_from_program (gc_component_t component, gc_backend_t backend)
1626 {
1627 gpg_error_t err;
1628 int filedes[2];
1629 const char *pgmname;
1630 const char *argv[2];
1631 int exitcode;
1632 pid_t pid;
1633 char *line = NULL;
1634 size_t line_len = 0;
1635 ssize_t length;
1636 FILE *config;
1637 char *config_pathname;
1638
1639 err = gnupg_create_inbound_pipe (filedes);
1640 if (err)
1641 gc_error (1, 0, _("error creating a pipe: %s\n"), gpg_strerror (err));
1642
1643 pgmname = (gc_backend[backend].module_name
1644 ? gnupg_module_name (gc_backend[backend].module_name)
1645 : gc_backend[backend].program );
1646 argv[0] = "--gpgconf-list";
1647 argv[1] = NULL;
1648
1649 err = gnupg_spawn_process_fd (pgmname, argv, -1, filedes[1], -1, &pid);
1650 if (err)
1651 {
1652 close (filedes[0]);
1653 close (filedes[1]);
1654 gc_error (1, 0, "could not gather active options from `%s': %s",
1655 pgmname, gpg_strerror (err));
1656 }
1657 close (filedes[1]);
1658 config = fdopen (filedes[0], "r");
1659 if (!config)
1660 gc_error (1, errno, "can't fdopen pipe for reading");
1661
1662 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1663 {
1664 gc_option_t *option;
1665 char *linep;
1666 unsigned long flags = 0;
1667 char *default_value = NULL;
1668
1669 /* Strip newline and carriage return, if present. */
1670 while (length > 0
1671 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
1672 line[--length] = '\0';
1673
1674 linep = strchr (line, ':');
1675 if (linep)
1676 *(linep++) = '\0';
1677
1678 /* Extract additional flags. Default to none. */
1679 if (linep)
1680 {
1681 char *end;
1682 char *tail;
1683
1684 end = strchr (linep, ':');
1685 if (end)
1686 *(end++) = '\0';
1687
1688 errno = 0;
1689 flags = strtoul (linep, &tail, 0);
1690 if (errno)
1691 gc_error (1, errno, "malformed flags in option %s from %s",
1692 line, pgmname);
1693 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
1694 gc_error (1, 0, "garbage after flags in option %s from %s",
1695 line, pgmname);
1696
1697 linep = end;
1698 }
1699
1700 /* Extract default value, if present. Default to empty if
1701 not. */
1702 if (linep)
1703 {
1704 char *end;
1705
1706 end = strchr (linep, ':');
1707 if (end)
1708 *(end++) = '\0';
1709
1710 if (flags & GC_OPT_FLAG_DEFAULT)
1711 default_value = linep;
1712
1713 linep = end;
1714 }
1715
1716 /* Look up the option in the component and install the
1717 configuration data. */
1718 option = find_option (component, line, backend);
1719 if (option)
1720 {
1721 if (option->active)
1722 gc_error (1, errno, "option %s returned twice from %s",
1723 line, pgmname);
1724 option->active = 1;
1725
1726 option->flags |= flags;
1727 if (default_value && *default_value)
1728 option->default_value = xstrdup (default_value);
1729 }
1730 }
1731 if (length < 0 || ferror (config))
1732 gc_error (1, errno, "error reading from %s",pgmname);
1733 if (fclose (config) && ferror (config))
1734 gc_error (1, errno, "error closing %s", pgmname);
1735
1736 err = gnupg_wait_process (pgmname, pid, &exitcode);
1737 if (err)
1738 gc_error (1, 0, "running %s failed (exitcode=%d): %s",
1739 pgmname, exitcode, gpg_strerror (err));
1740
1741
1742 /* At this point, we can parse the configuration file. */
1743 config_pathname = get_config_pathname (component, backend);
1744
1745 config = fopen (config_pathname, "r");
1746 if (!config)
1747 gc_error (0, errno, "warning: can not open config file %s",
1748 config_pathname);
1749 else
1750 {
1751 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1752 {
1753 char *name;
1754 char *value;
1755 gc_option_t *option;
1756
1757 name = line;
1758 while (*name == ' ' || *name == '\t')
1759 name++;
1760 if (!*name || *name == '#' || *name == '\r' || *name == '\n')
1761 continue;
1762
1763 value = name;
1764 while (*value && *value != ' ' && *value != '\t'
1765 && *value != '#' && *value != '\r' && *value != '\n')
1766 value++;
1767 if (*value == ' ' || *value == '\t')
1768 {
1769 char *end;
1770
1771 *(value++) = '\0';
1772 while (*value == ' ' || *value == '\t')
1773 value++;
1774
1775 end = value;
1776 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1777 end++;
1778 while (end > value && (end[-1] == ' ' || end[-1] == '\t'))
1779 end--;
1780 *end = '\0';
1781 }
1782 else
1783 *value = '\0';
1784
1785 /* Look up the option in the component and install the
1786 configuration data. */
1787 option = find_option (component, line, backend);
1788 if (option)
1789 {
1790 char *opt_value;
1791
1792 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
1793 {
1794 if (*value)
1795 gc_error (0, 0,
1796 "warning: ignoring argument %s for option %s",
1797 value, name);
1798 opt_value = xstrdup ("1");
1799 }
1800 else if (gc_arg_type[option->arg_type].fallback
1801 == GC_ARG_TYPE_STRING)
1802 opt_value = xasprintf ("\"%s", my_percent_escape (value));
1803 else
1804 {
1805 /* FIXME: Verify that the number is sane. */
1806 opt_value = xstrdup (value);
1807 }
1808
1809 /* Now enter the option into the table. */
1810 if (!(option->flags & GC_OPT_FLAG_LIST))
1811 {
1812 if (option->value)
1813 free (option->value);
1814 option->value = opt_value;
1815 }
1816 else
1817 {
1818 if (!option->value)
1819 option->value = opt_value;
1820 else
1821 {
1822 char *opt_val = opt_value;
1823
1824 option->value = xasprintf ("%s,%s", option->value,
1825 opt_val);
1826 xfree (opt_value);
1827 }
1828 }
1829 }
1830 }
1831
1832 if (length < 0 || ferror (config))
1833 gc_error (1, errno, "error reading from %s", config_pathname);
1834 if (fclose (config) && ferror (config))
1835 gc_error (1, errno, "error closing %s", config_pathname);
1836 }
1837
1838 xfree (line);
1839 }
1840
1841
1842 /* Retrieve the options for the component COMPONENT from backend
1843 BACKEND, which we already know is of type file list. */
1844 static void
1845 retrieve_options_from_file (gc_component_t component, gc_backend_t backend)
1846 {
1847 gc_option_t *list_option;
1848 char *list_pathname;
1849 FILE *list_file;
1850 char *line = NULL;
1851 size_t line_len = 0;
1852 ssize_t length;
1853 char *list = NULL;
1854
1855 list_option = find_option (component,
1856 gc_backend[backend].option_name, GC_BACKEND_ANY);
1857 assert (list_option);
1858 assert (!list_option->active);
1859
1860 list_pathname = get_config_pathname (component, backend);
1861 list_file = fopen (list_pathname, "r");
1862 if (!list_file)
1863 gc_error (0, errno, "warning: can not open list file %s", list_pathname);
1864 else
1865 {
1866
1867 while ((length = read_line (list_file, &line, &line_len, NULL)) > 0)
1868 {
1869 char *start;
1870 char *end;
1871 char *new_list;
1872
1873 start = line;
1874 while (*start == ' ' || *start == '\t')
1875 start++;
1876 if (!*start || *start == '#' || *start == '\r' || *start == '\n')
1877 continue;
1878
1879 end = start;
1880 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1881 end++;
1882 /* Walk back to skip trailing white spaces. Looks evil, but
1883 works because of the conditions on START and END imposed
1884 at this point (END is at least START + 1, and START is
1885 not a whitespace character). */
1886 while (*(end - 1) == ' ' || *(end - 1) == '\t')
1887 end--;
1888 *end = '\0';
1889 /* FIXME: Oh, no! This is so lame! Should use realloc and
1890 really append. */
1891 if (list)
1892 {
1893 new_list = xasprintf ("%s,\"%s", list, my_percent_escape (start));
1894 xfree (list);
1895 list = new_list;
1896 }
1897 else
1898 list = xasprintf ("\"%s", my_percent_escape (start));
1899 }
1900 if (length < 0 || ferror (list_file))
1901 gc_error (1, errno, "can not read list file %s", list_pathname);
1902 }
1903
1904 list_option->active = 1;
1905 list_option->value = list;
1906
1907 if (list_file && fclose (list_file) && ferror (list_file))
1908 gc_error (1, errno, "error closing %s", list_pathname);
1909 xfree (line);
1910 }
1911
1912
1913 /* Retrieve the currently active options and their defaults from all
1914 involved backends for this component. Using -1 for component will
1915 retrieve all options from all components. */
1916 void
1917 gc_component_retrieve_options (int component)
1918 {
1919 int process_all = 0;
1920 int backend_seen[GC_BACKEND_NR];
1921 gc_backend_t backend;
1922 gc_option_t *option;
1923
1924 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1925 backend_seen[backend] = 0;
1926
1927 if (component == -1)
1928 {
1929 process_all = 1;
1930 component = 0;
1931 assert (component < GC_COMPONENT_NR);
1932 }
1933
1934 do
1935 {
1936 option = gc_component[component].options;
1937
1938 while (option && option->name)
1939 {
1940 if (!(option->flags & GC_OPT_FLAG_GROUP))
1941 {
1942 backend = option->backend;
1943
1944 if (backend_seen[backend])
1945 {
1946 option++;
1947 continue;
1948 }
1949 backend_seen[backend] = 1;
1950
1951 assert (backend != GC_BACKEND_ANY);
1952
1953 if (gc_backend[backend].program)
1954 retrieve_options_from_program (component, backend);
1955 else
1956 retrieve_options_from_file (component, backend);
1957 }
1958 option++;
1959 }
1960 }
1961 while (process_all && ++component < GC_COMPONENT_NR);
1962
1963 }
1964
1965
1966 \f
1967 /* Perform a simple validity check based on the type. Return in
1968 NEW_VALUE_NR the value of the number in NEW_VALUE if OPTION is of
1969 type GC_ARG_TYPE_NONE. */
1970 static void
1971 option_check_validity (gc_option_t *option, unsigned long flags,
1972 char *new_value, unsigned long *new_value_nr)
1973 {
1974 char *arg;
1975
1976 if (!option->active)
1977 gc_error (1, 0, "option %s not supported by backend %s",
1978 option->name, gc_backend[option->backend].name);
1979
1980 if (option->new_flags || option->new_value)
1981 gc_error (1, 0, "option %s already changed", option->name);
1982
1983 if (flags & GC_OPT_FLAG_DEFAULT)
1984 {
1985 if (*new_value)
1986 gc_error (1, 0, "argument %s provided for deleted option %s",
1987 new_value, option->name);
1988
1989 return;
1990 }
1991
1992 /* GC_ARG_TYPE_NONE options have special list treatment. */
1993 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
1994 {
1995 char *tail;
1996
1997 errno = 0;
1998 *new_value_nr = strtoul (new_value, &tail, 0);
1999
2000 if (errno)
2001 gc_error (1, errno, "invalid argument for option %s",
2002 option->name);
2003 if (*tail)
2004 gc_error (1, 0, "garbage after argument for option %s",
2005 option->name);
2006
2007 if (!(option->flags & GC_OPT_FLAG_LIST))
2008 {
2009 if (*new_value_nr != 1)
2010 gc_error (1, 0, "argument for non-list option %s of type 0 "
2011 "(none) must be 1", option->name);
2012 }
2013 else
2014 {
2015 if (*new_value_nr == 0)
2016 gc_error (1, 0, "argument for option %s of type 0 (none) "
2017 "must be positive", option->name);
2018 }
2019
2020 return;
2021 }
2022
2023 arg = new_value;
2024 do
2025 {
2026 if (*arg == '\0' || *arg == ',')
2027 {
2028 if (!(option->flags & GC_OPT_FLAG_ARG_OPT))
2029 gc_error (1, 0, "argument required for option %s", option->name);
2030
2031 if (*arg == ',' && !(option->flags & GC_OPT_FLAG_LIST))
2032 gc_error (1, 0, "list found for non-list option %s", option->name);
2033 }
2034 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_STRING)
2035 {
2036 if (*arg != '"')
2037 gc_error (1, 0, "string argument for option %s must begin "
2038 "with a quote (\") character", option->name);
2039 }
2040 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
2041 {
2042 errno = 0;
2043 (void) strtol (arg, &arg, 0);
2044
2045 if (errno)
2046 gc_error (1, errno, "invalid argument for option %s",
2047 option->name);
2048
2049 if (*arg != '\0' && *arg != ',')
2050 gc_error (1, 0, "garbage after argument for option %s",
2051 option->name);
2052 }
2053 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
2054 {
2055 errno = 0;
2056 (void) strtoul (arg, &arg, 0);
2057
2058 if (errno)
2059 gc_error (1, errno, "invalid argument for option %s",
2060 option->name);
2061
2062 if (*arg != '\0' && *arg != ',')
2063 gc_error (1, 0, "garbage after argument for option %s",
2064 option->name);
2065 }
2066 arg = strchr (arg, ',');
2067 if (arg)
2068 arg++;
2069 }
2070 while (arg && *arg);
2071 }
2072
2073 #ifdef HAVE_W32_SYSTEM
2074 int
2075 copy_file (const char *src_name, const char *dst_name)
2076 {
2077 #define BUF_LEN 4096
2078 char buffer[BUF_LEN];
2079 int len;
2080 FILE *src;
2081 FILE *dst;
2082
2083 src = fopen (src_name, "r");
2084 if (src == NULL)
2085 return -1;
2086
2087 dst = fopen (dst_name, "w");
2088 if (dst == NULL)
2089 {
2090 int saved_err = errno;
2091 fclose (src);
2092 errno = saved_err;
2093 return -1;
2094 }
2095
2096 do
2097 {
2098 int written;
2099
2100 len = fread (buffer, 1, BUF_LEN, src);
2101 if (len == 0)
2102 break;
2103 written = fwrite (buffer, 1, len, dst);
2104 if (written != len)
2105 break;
2106 }
2107 while (!feof (src) && !ferror (src) && !ferror (dst));
2108
2109 if (ferror (src) || ferror (dst) || !feof (src))
2110 {
2111 int saved_errno = errno;
2112 fclose (src);
2113 fclose (dst);
2114 unlink (dst_name);
2115 errno = saved_errno;
2116 return -1;
2117 }
2118
2119 if (fclose (dst) && ferror (dst))
2120 gc_error (1, errno, "error closing %s", dst_name);
2121 if (fclose (src) && ferror (src))
2122 gc_error (1, errno, "error closing %s", src_name);
2123
2124 return 0;
2125 }
2126 #endif /* HAVE_W32_SYSTEM */
2127
2128
2129 /* Create and verify the new configuration file for the specified
2130 backend and component. Returns 0 on success and -1 on error. */
2131 static int
2132 change_options_file (gc_component_t component, gc_backend_t backend,
2133 char **src_filenamep, char **dest_filenamep,
2134 char **orig_filenamep)
2135 {
2136 static const char marker[] = "###+++--- GPGConf ---+++###";
2137 /* True if we are within the marker in the config file. */
2138 int in_marker = 0;
2139 gc_option_t *option;
2140 char *line = NULL;
2141 size_t line_len;
2142 ssize_t length;
2143 int res;
2144 int fd;
2145 FILE *src_file = NULL;
2146 FILE *dest_file = NULL;
2147 char *src_filename;
2148 char *dest_filename;
2149 char *orig_filename;
2150 char *arg;
2151 char *cur_arg = NULL;
2152
2153 option = find_option (component,
2154 gc_backend[backend].option_name, GC_BACKEND_ANY);
2155 assert (option);
2156 assert (option->active);
2157 assert (gc_arg_type[option->arg_type].fallback != GC_ARG_TYPE_NONE);
2158
2159 /* FIXME. Throughout the function, do better error reporting. */
2160 /* Note that get_config_pathname() calls percent_deescape(), so we
2161 call this before processing the arguments. */
2162 dest_filename = xstrdup (get_config_pathname (component, backend));
2163 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
2164 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
2165
2166 arg = option->new_value;
2167 if (arg && arg[0] == '\0')
2168 arg = NULL;
2169 else if (arg)
2170 {
2171 char *end;
2172
2173 arg++;
2174 end = strchr (arg, ',');
2175 if (end)
2176 *end = '\0';
2177
2178 cur_arg = percent_deescape (arg);
2179 if (end)
2180 {
2181 *end = ',';
2182 arg = end + 1;
2183 }
2184 else
2185 arg = NULL;
2186 }
2187
2188 #ifdef HAVE_W32_SYSTEM
2189 res = copy_file (dest_filename, orig_filename);
2190 #else
2191 res = link (dest_filename, orig_filename);
2192 #endif
2193 if (res < 0 && errno != ENOENT)
2194 return -1;
2195 if (res < 0)
2196 {
2197 xfree (orig_filename);
2198 orig_filename = NULL;
2199 }
2200
2201 /* We now initialize the return strings, so the caller can do the
2202 cleanup for us. */
2203 *src_filenamep = src_filename;
2204 *dest_filenamep = dest_filename;
2205 *orig_filenamep = orig_filename;
2206
2207 /* Use open() so that we can use O_EXCL. */
2208 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
2209 if (fd < 0)
2210 return -1;
2211 src_file = fdopen (fd, "w");
2212 res = errno;
2213 if (!src_file)
2214 {
2215 errno = res;
2216 return -1;
2217 }
2218
2219 /* Only if ORIG_FILENAME is not NULL did the configuration file
2220 exist already. In this case, we will copy its content into the
2221 new configuration file, changing it to our liking in the
2222 process. */
2223 if (orig_filename)
2224 {
2225 dest_file = fopen (dest_filename, "r");
2226 if (!dest_file)
2227 goto change_file_one_err;
2228
2229 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2230 {
2231 int disable = 0;
2232 char *start;
2233
2234 if (!strncmp (marker, line, sizeof (marker) - 1))
2235 {
2236 if (!in_marker)
2237 in_marker = 1;
2238 else
2239 break;
2240 }
2241
2242 start = line;
2243 while (*start == ' ' || *start == '\t')
2244 start++;
2245 if (*start && *start != '\r' && *start != '\n' && *start != '#')
2246 {
2247 char *end;
2248 char *endp;
2249 char saved_end;
2250
2251 endp = start;
2252 end = endp;
2253
2254 /* Search for the end of the line. */
2255 while (*endp && *endp != '#' && *endp != '\r' && *endp != '\n')
2256 {
2257 endp++;
2258 if (*endp && *endp != ' ' && *endp != '\t'
2259 && *endp != '\r' && *endp != '\n' && *endp != '#')
2260 end = endp + 1;
2261 }
2262 saved_end = *end;
2263 *end = '\0';
2264
2265 if ((option->new_flags & GC_OPT_FLAG_DEFAULT)
2266 || !cur_arg || strcmp (start, cur_arg))
2267 disable = 1;
2268 else
2269 {
2270 /* Find next argument. */
2271 if (arg)
2272 {
2273 char *arg_end;
2274
2275 arg++;
2276 arg_end = strchr (arg, ',');
2277 if (arg_end)
2278 *arg_end = '\0';
2279
2280 cur_arg = percent_deescape (arg);
2281 if (arg_end)
2282 {
2283 *arg_end = ',';
2284 arg = arg_end + 1;
2285 }
2286 else
2287 arg = NULL;
2288 }
2289 else
2290 cur_arg = NULL;
2291 }
2292
2293 *end = saved_end;
2294 }
2295
2296 if (disable)
2297 {
2298 if (!in_marker)
2299 {
2300 fprintf (src_file,
2301 "# GPGConf disabled this option here at %s\n",
2302 asctimestamp (gnupg_get_time ()));
2303 if (ferror (src_file))
2304 goto change_file_one_err;
2305 fprintf (src_file, "# %s", line);
2306 if (ferror (src_file))
2307 goto change_file_one_err;
2308 }
2309 }
2310 else
2311 {
2312 fprintf (src_file, "%s", line);
2313 if (ferror (src_file))
2314 goto change_file_one_err;
2315 }
2316 }
2317 if (length < 0 || ferror (dest_file))
2318 goto change_file_one_err;
2319 }
2320
2321 if (!in_marker)
2322 {
2323 /* There was no marker. This is the first time we edit the
2324 file. We add our own marker at the end of the file and
2325 proceed. Note that we first write a newline, this guards us
2326 against files which lack the newline at the end of the last
2327 line, while it doesn't hurt us in all other cases. */
2328 fprintf (src_file, "\n%s\n", marker);
2329 if (ferror (src_file))
2330 goto change_file_one_err;
2331 }
2332
2333 /* At this point, we have copied everything up to the end marker
2334 into the new file, except for the arguments we are going to add.
2335 Now, dump the new arguments and write the end marker, possibly
2336 followed by the rest of the original file. */
2337 while (cur_arg)
2338 {
2339 fprintf (src_file, "%s\n", cur_arg);
2340
2341 /* Find next argument. */
2342 if (arg)
2343 {
2344 char *end;
2345
2346 arg++;
2347 end = strchr (arg, ',');
2348 if (end)
2349 *end = '\0';
2350
2351 cur_arg = percent_deescape (arg);
2352 if (end)
2353 {
2354 *end = ',';
2355 arg = end + 1;
2356 }
2357 else
2358 arg = NULL;
2359 }
2360 else
2361 cur_arg = NULL;
2362 }
2363
2364 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2365 if (ferror (src_file))
2366 goto change_file_one_err;
2367
2368 if (!in_marker)
2369 {
2370 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2371 if (ferror (src_file))
2372 goto change_file_one_err;
2373 fprintf (src_file, "# It will disable options before this marked "
2374 "block, but it will\n");
2375 if (ferror (src_file))
2376 goto change_file_one_err;
2377 fprintf (src_file, "# never change anything below these lines.\n");
2378 if (ferror (src_file))
2379 goto change_file_one_err;
2380 }
2381 if (dest_file)
2382 {
2383 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2384 {
2385 fprintf (src_file, "%s", line);
2386 if (ferror (src_file))
2387 goto change_file_one_err;
2388 }
2389 if (length < 0 || ferror (dest_file))
2390 goto change_file_one_err;
2391 }
2392 xfree (line);
2393 line = NULL;
2394
2395 res = fclose (src_file);
2396 if (res)
2397 {
2398 res = errno;
2399 close (fd);
2400 if (dest_file)
2401 fclose (dest_file);
2402 errno = res;
2403 return -1;
2404 }
2405 close (fd);
2406 if (dest_file)
2407 {
2408 res = fclose (dest_file);
2409 if (res)
2410 return -1;
2411 }
2412 return 0;
2413
2414 change_file_one_err:
2415 xfree (line);
2416 res = errno;
2417 if (src_file)
2418 {
2419 fclose (src_file);
2420 close (fd);
2421 }
2422 if (dest_file)
2423 fclose (dest_file);
2424 errno = res;
2425 return -1;
2426 }
2427
2428
2429 /* Create and verify the new configuration file for the specified
2430 backend and component. Returns 0 on success and -1 on error. */
2431 static int
2432 change_options_program (gc_component_t component, gc_backend_t backend,
2433 char **src_filenamep, char **dest_filenamep,
2434 char **orig_filenamep)
2435 {
2436 static const char marker[] = "###+++--- GPGConf ---+++###";
2437 /* True if we are within the marker in the config file. */
2438 int in_marker = 0;
2439 gc_option_t *option;
2440 char *line = NULL;
2441 size_t line_len;
2442 ssize_t length;
2443 int res;
2444 int fd;
2445 FILE *src_file = NULL;
2446 FILE *dest_file = NULL;
2447 char *src_filename;
2448 char *dest_filename;
2449 char *orig_filename;
2450
2451 /* FIXME. Throughout the function, do better error reporting. */
2452 dest_filename = xstrdup (get_config_pathname (component, backend));
2453 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
2454 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
2455
2456 #ifdef HAVE_W32_SYSTEM
2457 res = copy_file (dest_filename, orig_filename);
2458 #else
2459 res = link (dest_filename, orig_filename);
2460 #endif
2461 if (res < 0 && errno != ENOENT)
2462 return -1;
2463 if (res < 0)
2464 {
2465 xfree (orig_filename);
2466 orig_filename = NULL;
2467 }
2468
2469 /* We now initialize the return strings, so the caller can do the
2470 cleanup for us. */
2471 *src_filenamep = src_filename;
2472 *dest_filenamep = dest_filename;
2473 *orig_filenamep = orig_filename;
2474
2475 /* Use open() so that we can use O_EXCL. */
2476 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
2477 if (fd < 0)
2478 return -1;
2479 src_file = fdopen (fd, "w");
2480 res = errno;
2481 if (!src_file)
2482 {
2483 errno = res;
2484 return -1;
2485 }
2486
2487 /* Only if ORIG_FILENAME is not NULL did the configuration file
2488 exist already. In this case, we will copy its content into the
2489 new configuration file, changing it to our liking in the
2490 process. */
2491 if (orig_filename)
2492 {
2493 dest_file = fopen (dest_filename, "r");
2494 if (!dest_file)
2495 goto change_one_err;
2496
2497 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2498 {
2499 int disable = 0;
2500 char *start;
2501
2502 if (!strncmp (marker, line, sizeof (marker) - 1))
2503 {
2504 if (!in_marker)
2505 in_marker = 1;
2506 else
2507 break;
2508 }
2509
2510 start = line;
2511 while (*start == ' ' || *start == '\t')
2512 start++;
2513 if (*start && *start != '\r' && *start != '\n' && *start != '#')
2514 {
2515 char *end;
2516 char saved_end;
2517
2518 end = start;
2519 while (*end && *end != ' ' && *end != '\t'
2520 && *end != '\r' && *end != '\n' && *end != '#')
2521 end++;
2522 saved_end = *end;
2523 *end = '\0';
2524
2525 option = find_option (component, start, backend);
2526 *end = saved_end;
2527 if (option && ((option->new_flags & GC_OPT_FLAG_DEFAULT)
2528 || option->new_value))
2529 disable = 1;
2530 }
2531 if (disable)
2532 {
2533 if (!in_marker)
2534 {
2535 fprintf (src_file,
2536 "# GPGConf disabled this option here at %s\n",
2537 asctimestamp (gnupg_get_time ()));
2538 if (ferror (src_file))
2539 goto change_one_err;
2540 fprintf (src_file, "# %s", line);
2541 if (ferror (src_file))
2542 goto change_one_err;
2543 }
2544 }
2545 else
2546 {
2547 fprintf (src_file, "%s", line);
2548 if (ferror (src_file))
2549 goto change_one_err;
2550 }
2551 }
2552 if (length < 0 || ferror (dest_file))
2553 goto change_one_err;
2554 }
2555
2556 if (!in_marker)
2557 {
2558 /* There was no marker. This is the first time we edit the
2559 file. We add our own marker at the end of the file and
2560 proceed. Note that we first write a newline, this guards us
2561 against files which lack the newline at the end of the last
2562 line, while it doesn't hurt us in all other cases. */
2563 fprintf (src_file, "\n%s\n", marker);
2564 if (ferror (src_file))
2565 goto change_one_err;
2566 }
2567 /* At this point, we have copied everything up to the end marker
2568 into the new file, except for the options we are going to change.
2569 Now, dump the changed options (except for those we are going to
2570 revert to their default), and write the end marker, possibly
2571 followed by the rest of the original file. */
2572
2573 /* We have to turn on UTF8 strings for GnuPG. */
2574 if (backend == GC_BACKEND_GPG)
2575 fprintf (src_file, "utf8-strings\n");
2576
2577 option = gc_component[component].options;
2578 while (option->name)
2579 {
2580 if (!(option->flags & GC_OPT_FLAG_GROUP)
2581 && option->backend == backend
2582 && option->new_value)
2583 {
2584 char *arg = option->new_value;
2585
2586 do
2587 {
2588 if (*arg == '\0' || *arg == ',')
2589 {
2590 fprintf (src_file, "%s\n", option->name);
2591 if (ferror (src_file))
2592 goto change_one_err;
2593 }
2594 else if (gc_arg_type[option->arg_type].fallback
2595 == GC_ARG_TYPE_NONE)
2596 {
2597 assert (*arg == '1');
2598 fprintf (src_file, "%s\n", option->name);
2599 if (ferror (src_file))
2600 goto change_one_err;
2601
2602 arg++;
2603 }
2604 else if (gc_arg_type[option->arg_type].fallback
2605 == GC_ARG_TYPE_STRING)
2606 {
2607 char *end;
2608
2609 assert (*arg == '"');
2610 arg++;
2611
2612 end = strchr (arg, ',');
2613 if (end)
2614 *end = '\0';
2615
2616 fprintf (src_file, "%s %s\n", option->name,
2617 percent_deescape (arg));
2618 if (ferror (src_file))
2619 goto change_one_err;
2620
2621 if (end)
2622 *end = ',';
2623 arg = end;
2624 }
2625 else
2626 {
2627 char *end;
2628
2629 end = strchr (arg, ',');
2630 if (end)
2631 *end = '\0';
2632
2633 fprintf (src_file, "%s %s\n", option->name, arg);
2634 if (ferror (src_file))
2635 goto change_one_err;
2636
2637 if (end)
2638 *end = ',';
2639 arg = end;
2640 }
2641
2642 assert (arg == NULL || *arg == '\0' || *arg == ',');
2643 if (arg && *arg == ',')
2644 arg++;
2645 }
2646 while (arg && *arg);
2647 }
2648 option++;
2649 }
2650
2651 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2652 if (ferror (src_file))
2653 goto change_one_err;
2654
2655 if (!in_marker)
2656 {
2657 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2658 if (ferror (src_file))
2659 goto change_one_err;
2660 fprintf (src_file, "# It will disable options before this marked "
2661 "block, but it will\n");
2662 if (ferror (src_file))
2663 goto change_one_err;
2664 fprintf (src_file, "# never change anything below these lines.\n");
2665 if (ferror (src_file))
2666 goto change_one_err;
2667 }
2668 if (dest_file)
2669 {
2670 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2671 {
2672 fprintf (src_file, "%s", line);
2673 if (ferror (src_file))
2674 goto change_one_err;
2675 }
2676 if (length < 0 || ferror (dest_file))
2677 goto change_one_err;
2678 }
2679 xfree (line);
2680 line = NULL;
2681
2682 res = fclose (src_file);
2683 if (res)
2684 {
2685 res = errno;
2686 close (fd);
2687 if (dest_file)
2688 fclose (dest_file);
2689 errno = res;
2690 return -1;
2691 }
2692 close (fd);
2693 if (dest_file)
2694 {
2695 res = fclose (dest_file);
2696 if (res)
2697 return -1;
2698 }
2699 return 0;
2700
2701 change_one_err:
2702 xfree (line);
2703 res = errno;
2704 if (src_file)
2705 {
2706 fclose (src_file);
2707 close (fd);
2708 }
2709 if (dest_file)
2710 fclose (dest_file);
2711 errno = res;
2712 return -1;
2713 }
2714
2715
2716 /* Common code for gc_component_change_options and
2717 gc_process_gpgconf_conf. */
2718 static void
2719 change_one_value (gc_option_t *option, int *runtime,
2720 unsigned long flags, char *new_value)
2721 {
2722 unsigned long new_value_nr = 0;
2723
2724 option_check_validity (option, flags, new_value, &new_value_nr);
2725
2726 if (option->flags & GC_OPT_FLAG_RUNTIME)
2727 runtime[option->backend] = 1;
2728
2729 option->new_flags = flags;
2730 if (!(flags & GC_OPT_FLAG_DEFAULT))
2731 {
2732 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
2733 && (option->flags & GC_OPT_FLAG_LIST))
2734 {
2735 char *str;
2736
2737 /* We convert the number to a list of 1's for convenient
2738 list handling. */
2739 assert (new_value_nr > 0);
2740 option->new_value = xmalloc ((2 * (new_value_nr - 1) + 1) + 1);
2741 str = option->new_value;
2742 *(str++) = '1';
2743 while (--new_value_nr > 0)
2744 {
2745 *(str++) = ',';
2746 *(str++) = '1';
2747 }
2748 *(str++) = '\0';
2749 }
2750 else
2751 option->new_value = xstrdup (new_value);
2752 }
2753 }
2754
2755
2756 /* Read the modifications from IN and apply them. If IN is NULL the
2757 modifications are expected to already have been set to the global
2758 table. */
2759 void
2760 gc_component_change_options (int component, FILE *in)
2761 {
2762 int err = 0;
2763 int runtime[GC_BACKEND_NR];
2764 char *src_pathname[GC_BACKEND_NR];
2765 char *dest_pathname[GC_BACKEND_NR];
2766 char *orig_pathname[GC_BACKEND_NR];
2767 gc_backend_t backend;
2768 gc_option_t *option;
2769 char *line = NULL;
2770 size_t line_len = 0;
2771 ssize_t length;
2772
2773 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2774 {
2775 runtime[backend] = 0;
2776 src_pathname[backend] = NULL;
2777 dest_pathname[backend] = NULL;
2778 orig_pathname[backend] = NULL;
2779 }
2780
2781 if (in)
2782 {
2783 /* Read options from the file IN. */
2784 while ((length = read_line (in, &line, &line_len, NULL)) > 0)
2785 {
2786 char *linep;
2787 unsigned long flags = 0;
2788 char *new_value = "";
2789
2790 /* Strip newline and carriage return, if present. */
2791 while (length > 0
2792 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
2793 line[--length] = '\0';
2794
2795 linep = strchr (line, ':');
2796 if (linep)
2797 *(linep++) = '\0';
2798
2799 /* Extract additional flags. Default to none. */
2800 if (linep)
2801 {
2802 char *end;
2803 char *tail;
2804
2805 end = strchr (linep, ':');
2806 if (end)
2807 *(end++) = '\0';
2808
2809 errno = 0;
2810 flags = strtoul (linep, &tail, 0);
2811 if (errno)
2812 gc_error (1, errno, "malformed flags in option %s", line);
2813 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
2814 gc_error (1, 0, "garbage after flags in option %s", line);
2815
2816 linep = end;
2817 }
2818
2819 /* Don't allow setting of the no change flag. */
2820 flags &= ~GC_OPT_FLAG_NO_CHANGE;
2821
2822 /* Extract default value, if present. Default to empty if not. */
2823 if (linep)
2824 {
2825 char *end;
2826 end = strchr (linep, ':');
2827 if (end)
2828 *(end++) = '\0';
2829 new_value = linep;
2830 linep = end;
2831 }
2832
2833 option = find_option (component, line, GC_BACKEND_ANY);
2834 if (!option)
2835 gc_error (1, 0, "unknown option %s", line);
2836
2837 if ((option->flags & GC_OPT_FLAG_NO_CHANGE))
2838 {
2839 gc_error (0, 0, "ignoring new value for option %s",
2840 option->name);
2841 continue;
2842 }
2843
2844 change_one_value (option, runtime, flags, new_value);
2845 }
2846 }
2847
2848 /* Now that we have collected and locally verified the changes,
2849 write them out to new configuration files, verify them
2850 externally, and then commit them. */
2851 option = gc_component[component].options;
2852 while (option && option->name)
2853 {
2854 /* Go on if we have already seen this backend, or if there is
2855 nothing to do. */
2856 if (src_pathname[option->backend]
2857 || !(option->new_flags || option->new_value))
2858 {
2859 option++;
2860 continue;
2861 }
2862
2863 if (gc_backend[option->backend].program)
2864 err = change_options_program (component, option->backend,
2865 &src_pathname[option->backend],
2866 &dest_pathname[option->backend],
2867 &orig_pathname[option->backend]);
2868 else
2869 err = change_options_file (component, option->backend,
2870 &src_pathname[option->backend],
2871 &dest_pathname[option->backend],
2872 &orig_pathname[option->backend]);
2873
2874 if (err)
2875 break;
2876
2877 option++;
2878 }
2879
2880 if (!err)
2881 {
2882 int i;
2883
2884 for (i = 0; i < GC_BACKEND_NR; i++)
2885 {
2886 if (src_pathname[i])
2887 {
2888 /* FIXME: Make a verification here. */
2889
2890 assert (dest_pathname[i]);
2891
2892 if (orig_pathname[i])
2893 {
2894 #ifdef HAVE_W32_SYSTEM
2895 /* There is no atomic update on W32. */
2896 err = unlink (dest_pathname[i]);
2897 #endif /* HAVE_W32_SYSTEM */
2898 if (!err)
2899 err = rename (src_pathname[i], dest_pathname[i]);
2900 }
2901 else
2902 {
2903 #ifdef HAVE_W32_SYSTEM
2904 /* We skip the unlink if we expect the file not to
2905 be there. */
2906 err = rename (src_pathname[i], dest_pathname[i]);
2907 #else /* HAVE_W32_SYSTEM */
2908 /* This is a bit safer than rename() because we
2909 expect DEST_PATHNAME not to be there. If it
2910 happens to be there, this will fail. */
2911 err = link (src_pathname[i], dest_pathname[i]);
2912 if (!err)
2913 err = unlink (src_pathname[i]);
2914 #endif /* !HAVE_W32_SYSTEM */
2915 }
2916 if (err)
2917 break;
2918 src_pathname[i] = NULL;
2919 }
2920 }
2921 }
2922
2923 if (err)
2924 {
2925 int i;
2926 int saved_errno = errno;
2927
2928 /* An error occured. */
2929 for (i = 0; i < GC_BACKEND_NR; i++)
2930 {
2931 if (src_pathname[i])
2932 {
2933 /* The change was not yet committed. */
2934 unlink (src_pathname[i]);
2935 if (orig_pathname[i])
2936 unlink (orig_pathname[i]);
2937 }
2938 else
2939 {
2940 /* The changes were already committed. FIXME: This is a
2941 tad dangerous, as we don't know if we don't overwrite
2942 a version of the file that is even newer than the one
2943 we just installed. */
2944 if (orig_pathname[i])
2945 {
2946 #ifdef HAVE_W32_SYSTEM
2947 /* There is no atomic update on W32. */
2948 unlink (dest_pathname[i]);
2949 #endif /* HAVE_W32_SYSTEM */
2950 rename (orig_pathname[i], dest_pathname[i]);
2951 }
2952 else
2953 unlink (dest_pathname[i]);
2954 }
2955 }
2956 gc_error (1, saved_errno, "could not commit changes");
2957 }
2958
2959 /* If it all worked, notify the daemons of the changes. */
2960 if (opt.runtime)
2961 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2962 {
2963 if (runtime[backend] && gc_backend[backend].runtime_change)
2964 (*gc_backend[backend].runtime_change) ();
2965 }
2966
2967 /* Move the per-process backup file into its place. */
2968 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2969 if (orig_pathname[backend])
2970 {
2971 char *backup_pathname;
2972
2973 assert (dest_pathname[backend]);
2974
2975 backup_pathname = xasprintf ("%s.gpgconf.bak", dest_pathname[backend]);
2976
2977 #ifdef HAVE_W32_SYSTEM
2978 /* There is no atomic update on W32. */
2979 unlink (backup_pathname);
2980 #endif /* HAVE_W32_SYSTEM */
2981 rename (orig_pathname[backend], backup_pathname);
2982 }
2983
2984 xfree (line);
2985 }
2986
2987
2988 /* Check whether USER matches the current user of one of its group.
2989 This function may change USER. Returns true is there is a
2990 match. */
2991 static int
2992 key_matches_user_or_group (char *user)
2993 {
2994 char *group;
2995
2996 if (*user == '*' && user[1] == 0)
2997 return 1; /* A single asterisk matches all users. */
2998
2999 group = strchr (user, ':');
3000 if (group)
3001 *group++ = 0;
3002
3003 #ifdef HAVE_W32_SYSTEM
3004 /* Under Windows we don't support groups. */
3005 if (group && *group)
3006 gc_error (0, 0, _("Note that group specifications are ignored\n"));
3007 if (*user)
3008 {
3009 static char *my_name;
3010
3011 if (!my_name)
3012 {
3013 char tmp[1];
3014 DWORD size = 1;
3015
3016 GetUserNameA (tmp, &size);
3017 my_name = xmalloc (size);
3018 if (!GetUserNameA (my_name, &size))
3019 gc_error (1,0, "error getting current user name: %s",
3020 w32_strerror (-1));
3021 }
3022
3023 if (!strcmp (user, my_name))
3024 return 1; /* Found. */
3025 }
3026 #else /*!HAVE_W32_SYSTEM*/
3027 /* First check whether the user matches. */
3028 if (*user)
3029 {
3030 static char *my_name;
3031
3032 if (!my_name)
3033 {
3034 struct passwd *pw = getpwuid ( getuid () );
3035 if (!pw)
3036 gc_error (1, errno, "getpwuid failed for current user");
3037 my_name = xstrdup (pw->pw_name);
3038 }
3039 if (!strcmp (user, my_name))
3040 return 1; /* Found. */
3041 }
3042
3043 /* If that failed, check whether a group matches. */
3044 if (group && *group)
3045 {
3046 static char *my_group;
3047 static char **my_supgroups;
3048 int n;
3049
3050 if (!my_group)
3051 {
3052 struct group *gr = getgrgid ( getgid () );
3053 if (!gr)
3054 gc_error (1, errno, "getgrgid failed for current user");
3055 my_group = xstrdup (gr->gr_name);
3056 }
3057 if (!strcmp (group, my_group))
3058 return 1; /* Found. */
3059
3060 if (!my_supgroups)
3061 {
3062 int ngids;
3063 gid_t *gids;
3064
3065 ngids = getgroups (0, NULL);
3066 gids = xcalloc (ngids+1, sizeof *gids);
3067 ngids = getgroups (ngids, gids);
3068 if (ngids < 0)
3069 gc_error (1, errno, "getgroups failed for current user");
3070 my_supgroups = xcalloc (ngids+1, sizeof *my_supgroups);
3071 for (n=0; n < ngids; n++)
3072 {
3073 struct group *gr = getgrgid ( gids[n] );
3074 if (!gr)
3075 gc_error (1, errno, "getgrgid failed for supplementary group");
3076 my_supgroups[n] = xstrdup (gr->gr_name);
3077 }
3078 xfree (gids);
3079 }
3080
3081 for (n=0; my_supgroups[n]; n++)
3082 if (!strcmp (group, my_supgroups[n]))
3083 return 1; /* Found. */
3084 }
3085 #endif /*!HAVE_W32_SYSTEM*/
3086 return 0; /* No match. */
3087 }
3088
3089
3090
3091 /* Read and process the global configuration file for gpgconf. This
3092 optional file is used to update our internal tables at runtime and
3093 may also be used to set new default values. If FNAME is NULL the
3094 default name will be used. With UPDATE set to true the internal
3095 tables are actually updated; if not set, only a syntax check is
3096 done. If DEFAULTS is true the global options are written to the
3097 configuration files. If LISTFP is set, no changes are done but the
3098 configuration file is printed to LISTFP in a colon separated format.
3099
3100 Returns 0 on success or if the config file is not present; -1 is
3101 returned on error. */
3102 int
3103 gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults,
3104 FILE *listfp)
3105 {
3106 int result = 0;
3107 char *line = NULL;
3108 size_t line_len = 0;
3109 ssize_t length;
3110 FILE *config;
3111 int lineno = 0;
3112 int in_rule = 0;
3113 int got_match = 0;
3114 int runtime[GC_BACKEND_NR];
3115 int used_components[GC_COMPONENT_NR];
3116 int backend_id, component_id;
3117 char *fname;
3118
3119 if (fname_arg)
3120 fname = xstrdup (fname_arg);
3121 else
3122 fname = make_filename (gnupg_sysconfdir (), "gpgconf.conf", NULL);
3123
3124 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
3125 runtime[backend_id] = 0;
3126 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
3127 used_components[component_id] = 0;
3128
3129 config = fopen (fname, "r");
3130 if (!config)
3131 {
3132 /* Do not print an error if the file is not available, except
3133 when running in syntax check mode. */
3134 if (errno != ENOENT || !update)
3135 {
3136 gc_error (0, errno, "can not open global config file `%s'", fname);
3137 result = -1;
3138 }
3139 xfree (fname);
3140 return result;
3141 }
3142
3143 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
3144 {
3145 char *key, *component, *option, *flags, *value;
3146 char *empty;
3147 gc_option_t *option_info = NULL;
3148 char *p;
3149 int is_continuation;
3150
3151 lineno++;
3152 key = line;
3153 while (*key == ' ' || *key == '\t')
3154 key++;
3155 if (!*key || *key == '#' || *key == '\r' || *key == '\n')
3156 continue;
3157
3158 is_continuation = (key != line);
3159
3160 /* Parse the key field. */
3161 if (!is_continuation && got_match)
3162 break; /* Finish after the first match. */
3163 else if (!is_continuation)
3164 {
3165 in_rule = 0;
3166 for (p=key+1; *p && !strchr (" \t\r\n", *p); p++)
3167 ;
3168 if (!*p)
3169 {
3170 gc_error (0, 0, "missing rule at `%s', line %d", fname, lineno);
3171 result = -1;
3172 continue;
3173 }
3174 *p++ = 0;
3175 component = p;
3176 }
3177 else if (!in_rule)
3178 {
3179 gc_error (0, 0, "continuation but no rule at `%s', line %d",
3180 fname, lineno);
3181 result = -1;
3182 continue;
3183 }
3184 else
3185 {
3186 component = key;
3187 key = NULL;
3188 }
3189
3190 in_rule = 1;
3191
3192 /* Parse the component. */
3193 while (*component == ' ' || *component == '\t')
3194 component++;
3195 for (p=component; *p && !strchr (" \t\r\n", *p); p++)
3196 ;
3197 if (p == component)
3198 {
3199 gc_error (0, 0, "missing component at `%s', line %d",
3200 fname, lineno);
3201 result = -1;
3202 continue;
3203 }
3204 empty = p;
3205 *p++ = 0;
3206 option = p;
3207 component_id = gc_component_find (component);
3208 if (component_id < 0)
3209 {
3210 gc_error (0, 0, "unknown component at `%s', line %d",
3211 fname, lineno);
3212 result = -1;
3213 }
3214
3215 /* Parse the option name. */
3216 while (*option == ' ' || *option == '\t')
3217 option++;
3218 for (p=option; *p && !strchr (" \t\r\n", *p); p++)
3219 ;
3220 if (p == option)
3221 {
3222 gc_error (0, 0, "missing option at `%s', line %d",
3223 fname, lineno);
3224 result = -1;
3225 continue;
3226 }
3227 *p++ = 0;
3228 flags = p;
3229 if ( component_id != -1)
3230 {
3231 option_info = find_option (component_id, option, GC_BACKEND_ANY);
3232 if (!option_info)
3233 {
3234 gc_error (0, 0, "unknown option at `%s', line %d",
3235 fname, lineno);
3236 result = -1;
3237 }
3238 }
3239
3240
3241 /* Parse the optional flags. */
3242 while (*flags == ' ' || *flags == '\t')
3243 flags++;
3244 if (*flags == '[')
3245 {
3246 flags++;
3247 p = strchr (flags, ']');
3248 if (!p)
3249 {
3250 gc_error (0, 0, "syntax error in rule at `%s', line %d",
3251 fname, lineno);
3252 result = -1;
3253 continue;
3254 }
3255 *p++ = 0;
3256 value = p;
3257 }
3258 else /* No flags given. */
3259 {
3260 value = flags;
3261 flags = NULL;
3262 }
3263
3264 /* Parse the optional value. */
3265 while (*value == ' ' || *value == '\t')
3266 value++;
3267 for (p=value; *p && !strchr ("\r\n", *p); p++)
3268 ;
3269 if (p == value)
3270 value = empty; /* No value given; let it point to an empty string. */
3271 else
3272 {
3273 /* Strip trailing white space. */
3274 *p = 0;
3275 for (p--; p > value && (*p == ' ' || *p == '\t'); p--)
3276 *p = 0;
3277 }
3278
3279 /* Check flag combinations. */
3280 if (!flags)
3281 ;
3282 else if (!strcmp (flags, "default"))
3283 {
3284 if (*value)
3285 {
3286 gc_error (0, 0, "flag \"default\" may not be combined "
3287 "with a value at `%s', line %d",
3288 fname, lineno);
3289 result = -1;
3290 }
3291 }
3292 else if (!strcmp (flags, "change"))
3293 ;
3294 else if (!strcmp (flags, "no-change"))
3295 ;
3296 else
3297 {
3298 gc_error (0, 0, "unknown flag at `%s', line %d",
3299 fname, lineno);
3300 result = -1;
3301 }
3302
3303 /* In list mode we print out all records. */
3304 if (listfp && !result)
3305 {
3306 /* If this is a new ruleset, print a key record. */
3307 if (!is_continuation)
3308 {
3309 char *group = strchr (key, ':');
3310 if (group)
3311 {
3312 *group++ = 0;
3313 if ((p = strchr (group, ':')))
3314 *p = 0; /* We better strip any extra stuff. */
3315 }
3316
3317 fprintf (listfp, "k:%s:", my_percent_escape (key));
3318 fprintf (listfp, "%s\n", group? my_percent_escape (group):"");
3319 }
3320
3321 /* All other lines are rule records. */
3322 fprintf (listfp, "r:::%s:%s:%s:",
3323 gc_component[component_id].name,
3324 option_info->name? option_info->name : "",
3325 flags? flags : "");
3326 if (value != empty)
3327 fprintf (listfp, "\"%s", my_percent_escape (value));
3328
3329 putc ('\n', listfp);
3330 }
3331
3332 /* Check whether the key matches but do this only if we are not
3333 running in syntax check mode. */
3334 if ( update
3335 && !result && !listfp
3336 && (got_match || (key && key_matches_user_or_group (key))) )
3337 {
3338 int newflags = 0;
3339
3340 got_match = 1;
3341
3342 /* Apply the flags from gpgconf.conf. */
3343 if (!flags)
3344 ;
3345 else if (!strcmp (flags, "default"))
3346 newflags |= GC_OPT_FLAG_DEFAULT;
3347 else if (!strcmp (flags, "no-change"))
3348 option_info->flags |= GC_OPT_FLAG_NO_CHANGE;
3349 else if (!strcmp (flags, "change"))
3350 option_info->flags &= ~GC_OPT_FLAG_NO_CHANGE;
3351
3352 if (defaults)
3353 {
3354 assert (component_id >= 0 && component_id < GC_COMPONENT_NR);
3355 used_components[component_id] = 1;
3356
3357 /* Here we explicitly allow to update the value again. */
3358 if (newflags)
3359 {
3360 option_info->new_flags = 0;
3361 }
3362 if (*value)
3363 {
3364 xfree (option_info->new_value);
3365 option_info->new_value = NULL;
3366 }
3367 change_one_value (option_info, runtime, newflags, value);
3368 }
3369 }
3370 }
3371
3372 if (length < 0 || ferror (config))
3373 {
3374 gc_error (0, errno, "error reading from `%s'", fname);
3375 result = -1;
3376 }
3377 if (fclose (config) && ferror (config))
3378 gc_error (0, errno, "error closing `%s'", fname);
3379
3380 xfree (line);
3381
3382 /* If it all worked, process the options. */
3383 if (!result && update && defaults && !listfp)
3384 {
3385 /* We need to switch off the runtime update, so that we can do
3386 it later all at once. */
3387 int save_opt_runtime = opt.runtime;
3388 opt.runtime = 0;
3389
3390 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
3391 {
3392 gc_component_change_options (component_id, NULL);
3393 }
3394 opt.runtime = save_opt_runtime;
3395
3396 if (opt.runtime)
3397 {
3398 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
3399 if (runtime[backend_id] && gc_backend[backend_id].runtime_change)
3400 (*gc_backend[backend_id].runtime_change) ();
3401 }
3402 }
3403
3404 xfree (fname);
3405 return result;
3406 }
gnupg svn clone