search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2007-07-05 Marcus Brinkmann <marcus@g10code.de>
[gnupg.git] / tools / gpgconf-comp.c
blobba147ad4890af50febfac43b2e8ed1036a1c875f
1 /* gpgconf-comp.c - Configuration utility for GnuPG.
2 * Copyright (C) 2004, 2007 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with GnuPG; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #if HAVE_CONFIG_H
21 #include <config.h>
22 #endif
23 #include <stdlib.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <fcntl.h>
27 #include <unistd.h>
28 #include <sys/types.h>
29 #include <assert.h>
30 #include <errno.h>
31 #include <time.h>
32 #include <stdarg.h>
33 #include <signal.h>
34 #ifdef HAVE_W32_SYSTEM
35 # define WIN32_LEAN_AND_MEAN 1
36 # include <windows.h>
37 #else
38 # include <pwd.h>
39 # include <grp.h>
40 #endif
41
42 /* For log_logv(), asctimestamp(), gnupg_get_time (). */
43 #define JNLIB_NEED_LOG_LOGV
44 #include "util.h"
45 #include "i18n.h"
46
47 #include "gpgconf.h"
48
49
50 /* There is a problem with gpg 1.4 under Windows: --gpgconf-list
51 returns a plain filename without escaping. As long as we have not
52 fixed that we need to use gpg2 - it might actually be better to use
53 gpg2 in any case. */
54 #ifdef HAVE_W32_SYSTEM
55 #define GPGNAME "gpg2"
56 #else
57 #define GPGNAME "gpg"
58 #endif
59
60 \f
61 /* TODO:
62 Components: Add more components and their options.
63 Robustness: Do more validation. Call programs to do validation for us.
64 Don't use popen, as this will not tell us if the program had a
65 non-zero exit code.
66 Add options to change backend binary path.
67 Extract binary path for some backends from gpgsm/gpg config.
68 */
69
70 \f
71 #if (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ))
72 void gc_error (int status, int errnum, const char *fmt, ...) \
73 __attribute__ ((format (printf, 3, 4)));
74 #endif
75
76 /* Output a diagnostic message. If ERRNUM is not 0, then the output
77 is followed by a colon, a white space, and the error string for the
78 error number ERRNUM. In any case the output is finished by a
79 newline. The message is prepended by the program name, a colon,
80 and a whitespace. The output may be further formatted or
81 redirected by the jnlib logging facility. */
82 void
83 gc_error (int status, int errnum, const char *fmt, ...)
84 {
85 va_list arg_ptr;
86
87 va_start (arg_ptr, fmt);
88 log_logv (JNLIB_LOG_ERROR, fmt, arg_ptr);
89 va_end (arg_ptr);
90
91 if (errnum)
92 log_printf (": %s\n", strerror (errnum));
93 else
94 log_printf ("\n");
95
96 if (status)
97 {
98 log_printf (NULL);
99 log_printf ("fatal error (exit status %i)\n", status);
100 exit (status);
101 }
102 }
103
104 \f
105 /* Forward declaration. */
106 void gpg_agent_runtime_change (void);
107
108 /* Backend configuration. Backends are used to decide how the default
109 and current value of an option can be determined, and how the
110 option can be changed. To every option in every component belongs
111 exactly one backend that controls and determines the option. Some
112 backends are programs from the GPG system. Others might be
113 implemented by GPGConf itself. If you change this enum, don't
114 forget to update GC_BACKEND below. */
115 typedef enum
116 {
117 /* Any backend, used for find_option (). */
118 GC_BACKEND_ANY,
119
120 /* The Gnu Privacy Guard. */
121 GC_BACKEND_GPG,
122
123 /* The Gnu Privacy Guard for S/MIME. */
124 GC_BACKEND_GPGSM,
125
126 /* The GPG Agent. */
127 GC_BACKEND_GPG_AGENT,
128
129 /* The GnuPG SCDaemon. */
130 GC_BACKEND_SCDAEMON,
131
132 /* The Aegypten directory manager. */
133 GC_BACKEND_DIRMNGR,
134
135 /* The LDAP server list file for the Aegypten director manager. */
136 GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST,
137
138 /* The number of the above entries. */
139 GC_BACKEND_NR
140 } gc_backend_t;
141
142
143 /* To be able to implement generic algorithms for the various
144 backends, we collect all information about them in this struct. */
145 static struct
146 {
147 /* The name of the backend. */
148 const char *name;
149
150 /* The name of the program that acts as the backend. Some backends
151 don't have an associated program, but are implemented directly by
152 GPGConf. In this case, PROGRAM is NULL. */
153 char *program;
154
155 /* The runtime change callback. */
156 void (*runtime_change) (void);
157
158 /* The option name for the configuration filename of this backend.
159 This must be an absolute pathname. It can be an option from a
160 different backend (but then ordering of the options might
161 matter). */
162 const char *option_config_filename;
163
164 /* If this is a file backend rather than a program backend, then
165 this is the name of the option associated with the file. */
166 const char *option_name;
167 } gc_backend[GC_BACKEND_NR] =
168 {
169 { NULL }, /* GC_BACKEND_ANY dummy entry. */
170 { "GnuPG", GPGNAME, NULL, "gpgconf-gpg.conf" },
171 { "GPGSM", "gpgsm", NULL, "gpgconf-gpgsm.conf" },
172 { "GPG Agent", "gpg-agent", gpg_agent_runtime_change,
173 "gpgconf-gpg-agent.conf" },
174 { "SCDaemon", "scdaemon", NULL, "gpgconf-scdaemon.conf" },
175 { "DirMngr", "dirmngr", NULL, "gpgconf-dirmngr.conf" },
176 { "DirMngr LDAP Server List", NULL, NULL, "ldapserverlist-file",
177 "LDAP Server" },
178 };
179
180 \f
181 /* Option configuration. */
182
183 /* An option might take an argument, or not. Argument types can be
184 basic or complex. Basic types are generic and easy to validate.
185 Complex types provide more specific information about the intended
186 use, but can be difficult to validate. If you add to this enum,
187 don't forget to update GC_ARG_TYPE below. YOU MUST NOT CHANGE THE
188 NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE EXTERNAL
189 INTERFACE. */
190 typedef enum
191 {
192 /* Basic argument types. */
193
194 /* No argument. */
195 GC_ARG_TYPE_NONE = 0,
196
197 /* A String argument. */
198 GC_ARG_TYPE_STRING = 1,
199
200 /* A signed integer argument. */
201 GC_ARG_TYPE_INT32 = 2,
202
203 /* An unsigned integer argument. */
204 GC_ARG_TYPE_UINT32 = 3,
205
206 /* ADD NEW BASIC TYPE ENTRIES HERE. */
207
208 /* Complex argument types. */
209
210 /* A complete pathname. */
211 GC_ARG_TYPE_PATHNAME = 32,
212
213 /* An LDAP server in the format
214 HOSTNAME:PORT:USERNAME:PASSWORD:BASE_DN. */
215 GC_ARG_TYPE_LDAP_SERVER = 33,
216
217 /* A 40 character fingerprint. */
218 GC_ARG_TYPE_KEY_FPR = 34,
219
220 /* ADD NEW COMPLEX TYPE ENTRIES HERE. */
221
222 /* The number of the above entries. */
223 GC_ARG_TYPE_NR
224 } gc_arg_type_t;
225
226
227 /* For every argument, we record some information about it in the
228 following struct. */
229 static struct
230 {
231 /* For every argument type exists a basic argument type that can be
232 used as a fallback for input and validation purposes. */
233 gc_arg_type_t fallback;
234
235 /* Human-readable name of the type. */
236 const char *name;
237 } gc_arg_type[GC_ARG_TYPE_NR] =
238 {
239 /* The basic argument types have their own types as fallback. */
240 { GC_ARG_TYPE_NONE, "none" },
241 { GC_ARG_TYPE_STRING, "string" },
242 { GC_ARG_TYPE_INT32, "int32" },
243 { GC_ARG_TYPE_UINT32, "uint32" },
244
245 /* Reserved basic type entries for future extension. */
246 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
247 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
248 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
249 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
250 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
251 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
252 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
253 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
254 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
255 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
256 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
257 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
258 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
259 { GC_ARG_TYPE_NR, NULL }, { GC_ARG_TYPE_NR, NULL },
260
261 /* The complex argument types have a basic type as fallback. */
262 { GC_ARG_TYPE_STRING, "pathname" },
263 { GC_ARG_TYPE_STRING, "ldap server" },
264 { GC_ARG_TYPE_STRING, "key fpr" },
265 };
266
267
268 /* Every option has an associated expert level, than can be used to
269 hide advanced and expert options from beginners. If you add to
270 this list, don't forget to update GC_LEVEL below. YOU MUST NOT
271 CHANGE THE NUMBERS OF THE EXISTING ENTRIES, AS THEY ARE PART OF THE
272 EXTERNAL INTERFACE. */
273 typedef enum
274 {
275 /* The basic options should always be displayed. */
276 GC_LEVEL_BASIC,
277
278 /* The advanced options may be hidden from beginners. */
279 GC_LEVEL_ADVANCED,
280
281 /* The expert options should only be displayed to experts. */
282 GC_LEVEL_EXPERT,
283
284 /* The invisible options should normally never be displayed. */
285 GC_LEVEL_INVISIBLE,
286
287 /* The internal options are never exported, they mark options that
288 are recorded for internal use only. */
289 GC_LEVEL_INTERNAL,
290
291 /* ADD NEW ENTRIES HERE. */
292
293 /* The number of the above entries. */
294 GC_LEVEL_NR
295 } gc_expert_level_t;
296
297 /* A description for each expert level. */
298 static struct
299 {
300 const char *name;
301 } gc_level[] =
302 {
303 { "basic" },
304 { "advanced" },
305 { "expert" },
306 { "invisible" },
307 { "internal" }
308 };
309
310
311 /* Option flags. YOU MUST NOT CHANGE THE NUMBERS OF THE EXISTING
312 FLAGS, AS THEY ARE PART OF THE EXTERNAL INTERFACE. */
313 #define GC_OPT_FLAG_NONE 0UL
314 /* Some entries in the option list are not options, but mark the
315 beginning of a new group of options. These entries have the GROUP
316 flag set. */
317 #define GC_OPT_FLAG_GROUP (1UL << 0)
318 /* The ARG_OPT flag for an option indicates that the argument is
319 optional. This is never set for GC_ARG_TYPE_NONE options. */
320 #define GC_OPT_FLAG_ARG_OPT (1UL << 1)
321 /* The LIST flag for an option indicates that the option can occur
322 several times. A comma separated list of arguments is used as the
323 argument value. */
324 #define GC_OPT_FLAG_LIST (1UL << 2)
325 /* The RUNTIME flag for an option indicates that the option can be
326 changed at runtime. */
327 #define GC_OPT_FLAG_RUNTIME (1UL << 3)
328
329 /* The following flags are incorporated from the backend. */
330 /* The DEFAULT flag for an option indicates that the option has a
331 default value. */
332 #define GC_OPT_FLAG_DEFAULT (1UL << 4)
333 /* The DEF_DESC flag for an option indicates that the option has a
334 default, which is described by the value of the default field. */
335 #define GC_OPT_FLAG_DEF_DESC (1UL << 5)
336 /* The NO_ARG_DESC flag for an option indicates that the argument has
337 a default, which is described by the value of the ARGDEF field. */
338 #define GC_OPT_FLAG_NO_ARG_DESC (1UL << 6)
339 /* The NO_CHANGE flag for an option indicates that the user should not
340 be allowed to chnage this option using the standard gpgconf method.
341 Frontends using gpgconf should grey out such otions, so that only
342 the current value is displayed. */
343 #define GC_OPT_FLAG_NO_CHANGE (1UL <<7)
344
345 /* A human-readable description for each flag. */
346 static struct
347 {
348 const char *name;
349 } gc_flag[] =
350 {
351 { "group" },
352 { "optional arg" },
353 { "list" },
354 { "runtime" },
355 { "default" },
356 { "default desc" },
357 { "no arg desc" },
358 { "no change" }
359 };
360
361
362 /* To each option, or group marker, the information in the GC_OPTION
363 struct is provided. If you change this, don't forget to update the
364 option list of each component. */
365 struct gc_option
366 {
367 /* If this is NULL, then this is a terminator in an array of unknown
368 length. Otherwise, if this entry is a group marker (see FLAGS),
369 then this is the name of the group described by this entry.
370 Otherwise it is the name of the option described by this
371 entry. The name must not contain a colon. */
372 const char *name;
373
374 /* The option flags. If the GROUP flag is set, then this entry is a
375 group marker, not an option, and only the fields LEVEL,
376 DESC_DOMAIN and DESC are valid. In all other cases, this entry
377 describes a new option and all fields are valid. */
378 unsigned long flags;
379
380 /* The expert level. This field is valid for options and groups. A
381 group has the expert level of the lowest-level option in the
382 group. */
383 gc_expert_level_t level;
384
385 /* A gettext domain in which the following description can be found.
386 If this is NULL, then DESC is not translated. Valid for groups
387 and options.
388
389 Note that we try to keep the description of groups within the
390 gnupg domain.
391
392 IMPORTANT: If you add a new domain please make sure to add a code
393 set switching call to the function my_dgettext further below. */
394 const char *desc_domain;
395
396 /* A gettext description for this group or option. If it starts
397 with a '|', then the string up to the next '|' describes the
398 argument, and the description follows the second '|'.
399
400 In general enclosing these description in N_() is not required
401 because the description should be identical to the one in the
402 help menu of the respective program. */
403 const char *desc;
404
405 /* The following fields are only valid for options. */
406
407 /* The type of the option argument. */
408 gc_arg_type_t arg_type;
409
410 /* The backend that implements this option. */
411 gc_backend_t backend;
412
413 /* The following fields are set to NULL at startup (because all
414 option's are declared as static variables). They are at the end
415 of the list so that they can be omitted from the option
416 declarations. */
417
418 /* This is true if the option is supported by this version of the
419 backend. */
420 int active;
421
422 /* The default value for this option. This is NULL if the option is
423 not present in the backend, the empty string if no default is
424 available, and otherwise a quoted string. */
425 char *default_value;
426
427 /* The default argument is only valid if the "optional arg" flag is
428 set, and specifies the default argument (value) that is used if
429 the argument is omitted. */
430 char *default_arg;
431
432 /* The current value of this option. */
433 char *value;
434
435 /* The new flags for this option. The only defined flag is actually
436 GC_OPT_FLAG_DEFAULT, and it means that the option should be
437 deleted. In this case, NEW_VALUE is NULL. */
438 unsigned long new_flags;
439
440 /* The new value of this option. */
441 char *new_value;
442 };
443 typedef struct gc_option gc_option_t;
444
445 /* Use this macro to terminate an option list. */
446 #define GC_OPTION_NULL { NULL }
447
448 \f
449 /* The options of the GC_COMPONENT_GPG_AGENT component. */
450 static gc_option_t gc_options_gpg_agent[] =
451 {
452 /* The configuration file to which we write the changes. */
453 { "gpgconf-gpg-agent.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
454 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
455
456 { "Monitor",
457 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
458 "gnupg", N_("Options controlling the diagnostic output") },
459 { "verbose", GC_OPT_FLAG_LIST|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
460 "gnupg", "verbose",
461 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
462 { "quiet", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
463 "gnupg", "be somewhat more quiet",
464 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
465 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
466 NULL, NULL,
467 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
468
469 { "Configuration",
470 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
471 "gnupg", N_("Options controlling the configuration") },
472 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
473 "gnupg", "|FILE|read options from FILE",
474 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
475 { "disable-scdaemon", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
476 "gnupg", "do not use the SCdaemon",
477 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
478
479 { "Debug",
480 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
481 "gnupg", N_("Options useful for debugging") },
482 { "debug-level", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
483 "gnupg", "|LEVEL|set the debugging level to LEVEL",
484 GC_ARG_TYPE_STRING, GC_BACKEND_GPG_AGENT },
485 { "log-file", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
486 "gnupg", N_("|FILE|write server mode logs to FILE"),
487 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG_AGENT },
488 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
489 NULL, NULL,
490 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
491
492 { "Security",
493 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
494 "gnupg", N_("Options controlling the security") },
495 { "default-cache-ttl", GC_OPT_FLAG_RUNTIME,
496 GC_LEVEL_BASIC, "gnupg",
497 "|N|expire cached PINs after N seconds",
498 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
499 { "default-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
500 GC_LEVEL_ADVANCED, "gnupg",
501 N_("|N|expire SSH keys after N seconds"),
502 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
503 { "max-cache-ttl", GC_OPT_FLAG_RUNTIME,
504 GC_LEVEL_EXPERT, "gnupg",
505 N_("|N|set maximum PIN cache lifetime to N seconds"),
506 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
507 { "max-cache-ttl-ssh", GC_OPT_FLAG_RUNTIME,
508 GC_LEVEL_EXPERT, "gnupg",
509 N_("|N|set maximum SSH key lifetime to N seconds"),
510 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
511 { "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
512 GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
513 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
514 { "allow-mark-trusted", GC_OPT_FLAG_RUNTIME,
515 GC_LEVEL_ADVANCED, "gnupg", "allow clients to mark keys as \"trusted\"",
516 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
517 { "min-passphrase-len", GC_OPT_FLAG_RUNTIME,
518 GC_LEVEL_EXPERT, "gnupg",
519 N_("|N|set minimal required length for new passphrases to N"),
520 GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },
521 { "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT,
522 "gnupg", "do not grab keyboard and mouse",
523 GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
524
525 GC_OPTION_NULL
526 };
527
528
529 /* The options of the GC_COMPONENT_SCDAEMON component. */
530 static gc_option_t gc_options_scdaemon[] =
531 {
532 /* The configuration file to which we write the changes. */
533 { "gpgconf-scdaemon.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
534 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
535
536 { "Monitor",
537 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
538 "gnupg", N_("Options controlling the diagnostic output") },
539 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
540 "gnupg", "verbose",
541 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
542 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
543 "gnupg", "be somewhat more quiet",
544 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
545 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
546 NULL, NULL,
547 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
548
549 { "Configuration",
550 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
551 "gnupg", N_("Options controlling the configuration") },
552 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
553 "gnupg", "|FILE|read options from FILE",
554 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
555 { "reader-port", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
556 "gnupg", "|N|connect to reader at port N",
557 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
558 { "ctapi-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
559 "gnupg", "|NAME|use NAME as ct-API driver",
560 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
561 { "pcsc-driver", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
562 "gnupg", "|NAME|use NAME as PC/SC driver",
563 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
564 { "disable-opensc", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
565 "gnupg", "do not use the OpenSC layer",
566 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
567 { "disable-ccid", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
568 "gnupg", "do not use the internal CCID driver",
569 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
570 { "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
571 "gnupg", "do not use a reader's keypad",
572 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
573
574 { "Debug",
575 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
576 "gnupg", N_("Options useful for debugging") },
577 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
578 "gnupg", "|LEVEL|set the debugging level to LEVEL",
579 GC_ARG_TYPE_STRING, GC_BACKEND_SCDAEMON },
580 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
581 "gnupg", N_("|FILE|write server mode logs to FILE"),
582 GC_ARG_TYPE_PATHNAME, GC_BACKEND_SCDAEMON },
583
584 { "Security",
585 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
586 "gnupg", N_("Options controlling the security") },
587 { "allow-admin", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
588 "gnupg", "allow the use of admin card commands",
589 GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
590
591
592 GC_OPTION_NULL
593 };
594
595
596 /* The options of the GC_COMPONENT_GPG component. */
597 static gc_option_t gc_options_gpg[] =
598 {
599 /* The configuration file to which we write the changes. */
600 { "gpgconf-gpg.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
601 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
602
603 { "Monitor",
604 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
605 "gnupg", N_("Options controlling the diagnostic output") },
606 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
607 "gnupg", "verbose",
608 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
609 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
610 "gnupg", "be somewhat more quiet",
611 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
612 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
613 NULL, NULL,
614 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
615
616 { "Configuration",
617 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
618 "gnupg", N_("Options controlling the configuration") },
619 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
620 "gnupg", "|FILE|read options from FILE",
621 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
622
623 { "Debug",
624 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
625 "gnupg", N_("Options useful for debugging") },
626 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
627 "gnupg", "|LEVEL|set the debugging level to LEVEL",
628 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
629 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
630 "gnupg", N_("|FILE|write server mode logs to FILE"),
631 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPG },
632 /* { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE, */
633 /* NULL, NULL, */
634 /* GC_ARG_TYPE_UINT32, GC_BACKEND_GPG }, */
635
636 { "Keyserver",
637 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
638 "gnupg", N_("Configuration for Keyservers") },
639 { "keyserver", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
640 "gnupg", "|URL|use keyserver at URL",
641 GC_ARG_TYPE_STRING, GC_BACKEND_GPG },
642 { "allow-pka-lookup", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
643 "gnupg", N_("allow PKA lookups (DNS requests)"),
644 GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
645
646
647 GC_OPTION_NULL
648 };
649
650
651
652 /* The options of the GC_COMPONENT_GPGSM component. */
653 static gc_option_t gc_options_gpgsm[] =
654 {
655 /* The configuration file to which we write the changes. */
656 { "gpgconf-gpgsm.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
657 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
658
659 { "Monitor",
660 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
661 "gnupg", N_("Options controlling the diagnostic output") },
662 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
663 "gnupg", "verbose",
664 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
665 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
666 "gnupg", "be somewhat more quiet",
667 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
668 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
669 NULL, NULL,
670 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
671
672 { "Configuration",
673 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
674 "gnupg", N_("Options controlling the configuration") },
675 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
676 "gnupg", "|FILE|read options from FILE",
677 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
678 { "prefer-system-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
679 "gnupg", "use system's dirmngr if available",
680 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
681 { "p12-charset", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
682 "gnupg", N_("|NAME|use encoding NAME for PKCS#12 passphrases"),
683 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
684
685 { "Debug",
686 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
687 "gnupg", N_("Options useful for debugging") },
688 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
689 "gnupg", "|LEVEL|set the debugging level to LEVEL",
690 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
691 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
692 "gnupg", N_("|FILE|write server mode logs to FILE"),
693 GC_ARG_TYPE_PATHNAME, GC_BACKEND_GPGSM },
694 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
695 NULL, NULL,
696 GC_ARG_TYPE_UINT32, GC_BACKEND_GPGSM },
697
698 { "Security",
699 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
700 "gnupg", N_("Options controlling the security") },
701 { "disable-crl-checks", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
702 "gnupg", "never consult a CRL",
703 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
704 { "disable-trusted-cert-crl-check", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
705 "gnupg", N_("do not check CRLs for root certificates"),
706 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
707 { "enable-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
708 "gnupg", "check validity using OCSP",
709 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
710 { "include-certs", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
711 "gnupg", "|N|number of certificates to include",
712 GC_ARG_TYPE_INT32, GC_BACKEND_GPGSM },
713 { "disable-policy-checks", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
714 "gnupg", "do not check certificate policies",
715 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
716 { "auto-issuer-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
717 "gnupg", "fetch missing issuer certificates",
718 GC_ARG_TYPE_NONE, GC_BACKEND_GPGSM },
719 { "cipher-algo", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
720 "gnupg", "|NAME|use cipher algorithm NAME",
721 GC_ARG_TYPE_STRING, GC_BACKEND_GPGSM },
722
723 GC_OPTION_NULL
724 };
725
726
727 /* The options of the GC_COMPONENT_DIRMNGR component. */
728 static gc_option_t gc_options_dirmngr[] =
729 {
730 /* The configuration file to which we write the changes. */
731 { "gpgconf-dirmngr.conf", GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
732 NULL, NULL, GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
733
734 { "Monitor",
735 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
736 "gnupg", N_("Options controlling the diagnostic output") },
737 { "verbose", GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
738 "dirmngr", "verbose",
739 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
740 { "quiet", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
741 "dirmngr", "be somewhat more quiet",
742 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
743 { "no-greeting", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
744 NULL, NULL,
745 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
746
747 { "Format",
748 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
749 "gnupg", N_("Options controlling the format of the output") },
750 { "sh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
751 "dirmngr", "sh-style command output",
752 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
753 { "csh", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
754 "dirmngr", "csh-style command output",
755 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
756
757 { "Configuration",
758 GC_OPT_FLAG_GROUP, GC_LEVEL_EXPERT,
759 "gnupg", N_("Options controlling the configuration") },
760 { "options", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
761 "dirmngr", "|FILE|read options from FILE",
762 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
763
764 { "Debug",
765 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
766 "gnupg", N_("Options useful for debugging") },
767 { "debug-level", GC_OPT_FLAG_ARG_OPT, GC_LEVEL_ADVANCED,
768 "dirmngr", "|LEVEL|set the debugging level to LEVEL",
769 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
770 { "no-detach", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
771 "dirmngr", "do not detach from the console",
772 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
773 { "log-file", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
774 "dirmngr", N_("|FILE|write server mode logs to FILE"),
775 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
776 { "debug-wait", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
777 NULL, NULL,
778 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
779 { "faked-system-time", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE,
780 NULL, NULL,
781 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
782
783 { "Enforcement",
784 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
785 "gnupg", N_("Options controlling the interactivity and enforcement") },
786 { "batch", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
787 "dirmngr", "run without asking a user",
788 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
789 { "force", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
790 "dirmngr", "force loading of outdated CRLs",
791 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
792
793 { "HTTP",
794 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
795 "gnupg", N_("Configuration for HTTP servers") },
796 { "disable-http", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
797 "dirmngr", "inhibit the use of HTTP",
798 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
799 { "ignore-http-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
800 "dirmngr", "ignore HTTP CRL distribution points",
801 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
802 { "http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
803 "dirmngr", "|URL|redirect all HTTP requests to URL",
804 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
805 { "honor-http-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
806 "dirmngr", N_("use system's HTTP proxy setting"),
807 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
808
809 { "LDAP",
810 GC_OPT_FLAG_GROUP, GC_LEVEL_BASIC,
811 "gnupg", N_("Configuration of LDAP servers to use") },
812 { "disable-ldap", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
813 "dirmngr", "inhibit the use of LDAP",
814 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
815 { "ignore-ldap-dp", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
816 "dirmngr", "ignore LDAP CRL distribution points",
817 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
818 { "ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
819 "dirmngr", "|HOST|use HOST for LDAP queries",
820 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
821 { "only-ldap-proxy", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
822 "dirmngr", "do not use fallback hosts with --ldap-proxy",
823 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
824 { "add-servers", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
825 "dirmngr", "add new servers discovered in CRL distribution points"
826 " to serverlist", GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
827 { "ldaptimeout", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
828 "dirmngr", "|N|set LDAP timeout to N seconds",
829 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
830 /* The following entry must not be removed, as it is required for
831 the GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST. */
832 { "ldapserverlist-file",
833 GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
834 "dirmngr", "|FILE|read LDAP server list from FILE",
835 GC_ARG_TYPE_PATHNAME, GC_BACKEND_DIRMNGR },
836 /* This entry must come after at least one entry for
837 GC_BACKEND_DIRMNGR in this component, so that the entry for
838 "ldapserverlist-file will be initialized before this one. */
839 { "LDAP Server", GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_LIST, GC_LEVEL_BASIC,
840 NULL, "LDAP server list",
841 GC_ARG_TYPE_LDAP_SERVER, GC_BACKEND_DIRMNGR_LDAP_SERVER_LIST },
842 { "max-replies", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
843 "dirmngr", "|N|do not return more than N items in one query",
844 GC_ARG_TYPE_UINT32, GC_BACKEND_DIRMNGR },
845
846 { "OCSP",
847 GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,
848 "gnupg", N_("Configuration for OCSP") },
849 { "allow-ocsp", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
850 "dirmngr", "allow sending OCSP requests",
851 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
852 { "ignore-ocsp-service-url", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
853 "dirmngr", "ignore certificate contained OCSP service URLs",
854 GC_ARG_TYPE_NONE, GC_BACKEND_DIRMNGR },
855 { "ocsp-responder", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
856 "dirmngr", "|URL|use OCSP responder at URL",
857 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
858 { "ocsp-signer", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
859 "dirmngr", "|FPR|OCSP response signed by FPR",
860 GC_ARG_TYPE_STRING, GC_BACKEND_DIRMNGR },
861
862
863 GC_OPTION_NULL
864 };
865
866 \f
867 /* Component system. Each component is a set of options that can be
868 configured at the same time. If you change this, don't forget to
869 update GC_COMPONENT below. */
870 typedef enum
871 {
872 /* The classic GPG for OpenPGP. */
873 GC_COMPONENT_GPG,
874
875 /* The GPG Agent. */
876 GC_COMPONENT_GPG_AGENT,
877
878 /* The Smardcard Daemon. */
879 GC_COMPONENT_SCDAEMON,
880
881 /* GPG for S/MIME. */
882 GC_COMPONENT_GPGSM,
883
884 /* The LDAP Directory Manager for CRLs. */
885 GC_COMPONENT_DIRMNGR,
886
887 /* The number of components. */
888 GC_COMPONENT_NR
889 } gc_component_t;
890
891
892 /* The information associated with each component. */
893 static struct
894 {
895 /* The name of this component. Must not contain a colon (':')
896 character. */
897 const char *name;
898
899 /* The gettext domain for the description DESC. If this is NULL,
900 then the description is not translated. */
901 const char *desc_domain;
902
903 /* The description for this domain. */
904 const char *desc;
905
906 /* The list of options for this component, terminated by
907 GC_OPTION_NULL. */
908 gc_option_t *options;
909 } gc_component[] =
910 {
911 { "gpg", NULL, "GPG for OpenPGP", gc_options_gpg },
912 { "gpg-agent", NULL, "GPG Agent", gc_options_gpg_agent },
913 { "scdaemon", NULL, "Smartcard Daemon", gc_options_scdaemon },
914 { "gpgsm", NULL, "GPG for S/MIME", gc_options_gpgsm },
915 #ifndef HAVE_W32_SYSTEM
916 { "dirmngr", NULL, "Directory Manager", gc_options_dirmngr }
917 #endif
918 };
919
920 \f
921 /* Engine specific support. */
922 void
923 gpg_agent_runtime_change (void)
924 {
925 #ifndef HAVE_W32_SYSTEM
926 char *agent = getenv ("GPG_AGENT_INFO");
927 char *pid_str;
928 unsigned long pid_long;
929 char *tail;
930 pid_t pid;
931
932 if (!agent)
933 return;
934
935 pid_str = strchr (agent, ':');
936 if (!pid_str)
937 return;
938
939 pid_str++;
940 errno = 0;
941 pid_long = strtoul (pid_str, &tail, 0);
942 if (errno || (*tail != ':' && *tail != '\0'))
943 return;
944
945 pid = (pid_t) pid_long;
946
947 /* Check for overflow. */
948 if (pid_long != (unsigned long) pid)
949 return;
950
951 /* Ignore any errors here. */
952 kill (pid, SIGHUP);
953 #endif /*!HAVE_W32_SYSTEM*/
954 }
955
956 \f
957 /* More or less Robust version of dgettext. It has the side effect of
958 switching the codeset to utf-8 because this is what we want to
959 output. In theory it is posible to keep the orginal code set and
960 switch back for regular disgnostic output (redefine "_(" for that)
961 but given the natur of this tool, being something invoked from
962 other pograms, it does not make much sense. */
963 static const char *
964 my_dgettext (const char *domain, const char *msgid)
965 {
966 #ifdef ENABLE_NLS
967 if (domain)
968 {
969 static int switched_codeset;
970 char *text;
971
972 if (!switched_codeset)
973 {
974 switched_codeset = 1;
975 bind_textdomain_codeset (PACKAGE_GT, "utf-8");
976
977 bindtextdomain ("dirmngr", LOCALEDIR);
978 bind_textdomain_codeset ("dirmngr", "utf-8");
979
980 }
981
982 /* Note: This is a hack to actually use the gnupg2 domain as
983 long we are in a transition phase where gnupg 1.x and 1.9 may
984 coexist. */
985 if (!strcmp (domain, "gnupg"))
986 domain = PACKAGE_GT;
987
988 text = dgettext (domain, msgid);
989 return text ? text : msgid;
990 }
991 else
992 #endif
993 return msgid;
994 }
995
996
997 /* Percent-Escape special characters. The string is valid until the
998 next invocation of the function. */
999 static char *
1000 my_percent_escape (const char *src)
1001 {
1002 static char *esc_str;
1003 static int esc_str_len;
1004 int new_len = 3 * strlen (src) + 1;
1005 char *dst;
1006
1007 if (esc_str_len < new_len)
1008 {
1009 char *new_esc_str = realloc (esc_str, new_len);
1010 if (!new_esc_str)
1011 gc_error (1, errno, "can not escape string");
1012 esc_str = new_esc_str;
1013 esc_str_len = new_len;
1014 }
1015
1016 dst = esc_str;
1017 while (*src)
1018 {
1019 if (*src == '%')
1020 {
1021 *(dst++) = '%';
1022 *(dst++) = '2';
1023 *(dst++) = '5';
1024 }
1025 else if (*src == ':')
1026 {
1027 /* The colon is used as field separator. */
1028 *(dst++) = '%';
1029 *(dst++) = '3';
1030 *(dst++) = 'a';
1031 }
1032 else if (*src == ',')
1033 {
1034 /* The comma is used as list separator. */
1035 *(dst++) = '%';
1036 *(dst++) = '2';
1037 *(dst++) = 'c';
1038 }
1039 else
1040 *(dst++) = *(src);
1041 src++;
1042 }
1043 *dst = '\0';
1044 return esc_str;
1045 }
1046
1047
1048
1049 /* Percent-Deescape special characters. The string is valid until the
1050 next invocation of the function. */
1051 static char *
1052 percent_deescape (const char *src)
1053 {
1054 static char *str;
1055 static int str_len;
1056 int new_len = 3 * strlen (src) + 1;
1057 char *dst;
1058
1059 if (str_len < new_len)
1060 {
1061 char *new_str = realloc (str, new_len);
1062 if (!new_str)
1063 gc_error (1, errno, "can not deescape string");
1064 str = new_str;
1065 str_len = new_len;
1066 }
1067
1068 dst = str;
1069 while (*src)
1070 {
1071 if (*src == '%')
1072 {
1073 int val = hextobyte (src + 1);
1074
1075 if (val < 0)
1076 gc_error (1, 0, "malformed end of string %s", src);
1077
1078 *(dst++) = (char) val;
1079 src += 3;
1080 }
1081 else
1082 *(dst++) = *(src++);
1083 }
1084 *dst = '\0';
1085 return str;
1086 }
1087
1088 \f
1089 /* List all components that are available. */
1090 void
1091 gc_component_list_components (FILE *out)
1092 {
1093 gc_component_t idx;
1094
1095 for (idx = 0; idx < GC_COMPONENT_NR; idx++)
1096 {
1097 if (gc_component[idx].options)
1098 {
1099 const char *desc = gc_component[idx].desc;
1100 desc = my_dgettext (gc_component[idx].desc_domain, desc);
1101 fprintf (out, "%s:%s\n",
1102 gc_component[idx].name, my_percent_escape (desc));
1103 }
1104 }
1105 }
1106
1107 \f
1108 /* Find the component with the name NAME. Returns -1 if not
1109 found. */
1110 int
1111 gc_component_find (const char *name)
1112 {
1113 gc_component_t idx;
1114
1115 for (idx = 0; idx < GC_COMPONENT_NR; idx++)
1116 {
1117 if (gc_component[idx].options
1118 && !strcmp (name, gc_component[idx].name))
1119 return idx;
1120 }
1121 return -1;
1122 }
1123
1124 \f
1125 /* List the option OPTION. */
1126 static void
1127 list_one_option (const gc_option_t *option, FILE *out)
1128 {
1129 const char *desc = NULL;
1130 char *arg_name = NULL;
1131
1132 if (option->desc)
1133 {
1134 desc = my_dgettext (option->desc_domain, option->desc);
1135
1136 if (*desc == '|')
1137 {
1138 const char *arg_tail = strchr (&desc[1], '|');
1139
1140 if (arg_tail)
1141 {
1142 int arg_len = arg_tail - &desc[1];
1143 arg_name = xmalloc (arg_len + 1);
1144 memcpy (arg_name, &desc[1], arg_len);
1145 arg_name[arg_len] = '\0';
1146 desc = arg_tail + 1;
1147 }
1148 }
1149 }
1150
1151
1152 /* YOU MUST NOT REORDER THE FIELDS IN THIS OUTPUT, AS THEIR ORDER IS
1153 PART OF THE EXTERNAL INTERFACE. YOU MUST NOT REMOVE ANY
1154 FIELDS. */
1155
1156 /* The name field. */
1157 fprintf (out, "%s", option->name);
1158
1159 /* The flags field. */
1160 fprintf (out, ":%lu", option->flags);
1161 if (opt.verbose)
1162 {
1163 putc (' ', out);
1164
1165 if (!option->flags)
1166 fprintf (out, "none");
1167 else
1168 {
1169 unsigned long flags = option->flags;
1170 unsigned long flag = 0;
1171 unsigned long first = 1;
1172
1173 while (flags)
1174 {
1175 if (flags & 1)
1176 {
1177 if (first)
1178 first = 0;
1179 else
1180 putc (',', out);
1181 fprintf (out, "%s", gc_flag[flag].name);
1182 }
1183 flags >>= 1;
1184 flag++;
1185 }
1186 }
1187 }
1188
1189 /* The level field. */
1190 fprintf (out, ":%u", option->level);
1191 if (opt.verbose)
1192 fprintf (out, " %s", gc_level[option->level].name);
1193
1194 /* The description field. */
1195 fprintf (out, ":%s", desc ? my_percent_escape (desc) : "");
1196
1197 /* The type field. */
1198 fprintf (out, ":%u", option->arg_type);
1199 if (opt.verbose)
1200 fprintf (out, " %s", gc_arg_type[option->arg_type].name);
1201
1202 /* The alternate type field. */
1203 fprintf (out, ":%u", gc_arg_type[option->arg_type].fallback);
1204 if (opt.verbose)
1205 fprintf (out, " %s",
1206 gc_arg_type[gc_arg_type[option->arg_type].fallback].name);
1207
1208 /* The argument name field. */
1209 fprintf (out, ":%s", arg_name ? my_percent_escape (arg_name) : "");
1210 if (arg_name)
1211 xfree (arg_name);
1212
1213 /* The default value field. */
1214 fprintf (out, ":%s", option->default_value ? option->default_value : "");
1215
1216 /* The default argument field. */
1217 fprintf (out, ":%s", option->default_arg ? option->default_arg : "");
1218
1219 /* The value field. */
1220 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
1221 && (option->flags & GC_OPT_FLAG_LIST)
1222 && option->value)
1223 /* The special format "1,1,1,1,...,1" is converted to a number
1224 here. */
1225 fprintf (out, ":%u", (unsigned int)((strlen (option->value) + 1) / 2));
1226 else
1227 fprintf (out, ":%s", option->value ? option->value : "");
1228
1229 /* ADD NEW FIELDS HERE. */
1230
1231 putc ('\n', out);
1232 }
1233
1234
1235 /* List all options of the component COMPONENT. */
1236 void
1237 gc_component_list_options (int component, FILE *out)
1238 {
1239 const gc_option_t *option = gc_component[component].options;
1240 const gc_option_t *group_option = NULL;
1241
1242 while (option && option->name)
1243 {
1244 /* Do not output unknown or internal options. */
1245 if (!(option->flags & GC_OPT_FLAG_GROUP)
1246 && (!option->active || option->level == GC_LEVEL_INTERNAL))
1247 {
1248 option++;
1249 continue;
1250 }
1251
1252 if (option->flags & GC_OPT_FLAG_GROUP)
1253 group_option = option;
1254 else
1255 {
1256 if (group_option)
1257 {
1258 list_one_option (group_option, out);
1259 group_option = NULL;
1260 }
1261
1262 list_one_option (option, out);
1263 }
1264
1265 option++;
1266 }
1267 }
1268
1269
1270 /* Find the option NAME in component COMPONENT, for the backend
1271 BACKEND. If BACKEND is GC_BACKEND_ANY, any backend will match. */
1272 static gc_option_t *
1273 find_option (gc_component_t component, const char *name,
1274 gc_backend_t backend)
1275 {
1276 gc_option_t *option = gc_component[component].options;
1277 while (option->name)
1278 {
1279 if (!(option->flags & GC_OPT_FLAG_GROUP)
1280 && !strcmp (option->name, name)
1281 && (backend == GC_BACKEND_ANY || option->backend == backend))
1282 break;
1283 option++;
1284 }
1285 return option->name ? option : NULL;
1286 }
1287
1288 \f
1289 /* Determine the configuration pathname for the component COMPONENT
1290 and backend BACKEND. */
1291 static char *
1292 get_config_pathname (gc_component_t component, gc_backend_t backend)
1293 {
1294 char *pathname = NULL;
1295 gc_option_t *option = find_option
1296 (component, gc_backend[backend].option_config_filename, GC_BACKEND_ANY);
1297 assert (option);
1298 assert (option->arg_type == GC_ARG_TYPE_PATHNAME);
1299 assert (!(option->flags & GC_OPT_FLAG_LIST));
1300
1301 if (!option->active || !option->default_value)
1302 gc_error (1, 0, "Option %s, needed by backend %s, was not initialized",
1303 gc_backend[backend].option_config_filename,
1304 gc_backend[backend].name);
1305
1306 if (option->value && *option->value)
1307 pathname = percent_deescape (&option->value[1]);
1308 else if (option->default_value && *option->default_value)
1309 pathname = percent_deescape (&option->default_value[1]);
1310 else
1311 pathname = "";
1312
1313 #ifdef HAVE_DOSISH_SYSTEM
1314 if (!(pathname[0]
1315 && pathname[1] == ':'
1316 && (pathname[2] == '/' || pathname[2] == '\\')))
1317 #else
1318 if (pathname[0] != '/')
1319 #endif
1320 gc_error (1, 0, "Option %s, needed by backend %s, is not absolute",
1321 gc_backend[backend].option_config_filename,
1322 gc_backend[backend].name);
1323
1324 return pathname;
1325 }
1326
1327 \f
1328 /* Retrieve the options for the component COMPONENT from backend
1329 BACKEND, which we already know is a program-type backend. */
1330 static void
1331 retrieve_options_from_program (gc_component_t component, gc_backend_t backend)
1332 {
1333 char *cmd_line;
1334 char *line = NULL;
1335 size_t line_len = 0;
1336 ssize_t length;
1337 FILE *config;
1338 char *config_pathname;
1339
1340 cmd_line = xasprintf ("%s --gpgconf-list", gc_backend[backend].program);
1341
1342 config = popen (cmd_line, "r");
1343 if (!config)
1344 gc_error (1, errno, "could not gather active options from %s", cmd_line);
1345
1346 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1347 {
1348 gc_option_t *option;
1349 char *linep;
1350 unsigned long flags = 0;
1351 char *default_value = NULL;
1352
1353 /* Strip newline and carriage return, if present. */
1354 while (length > 0
1355 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
1356 line[--length] = '\0';
1357
1358 linep = strchr (line, ':');
1359 if (linep)
1360 *(linep++) = '\0';
1361
1362 /* Extract additional flags. Default to none. */
1363 if (linep)
1364 {
1365 char *end;
1366 char *tail;
1367
1368 end = strchr (linep, ':');
1369 if (end)
1370 *(end++) = '\0';
1371
1372 errno = 0;
1373 flags = strtoul (linep, &tail, 0);
1374 if (errno)
1375 gc_error (1, errno, "malformed flags in option %s from %s", line, cmd_line);
1376 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
1377 gc_error (1, 0, "garbage after flags in option %s from %s", line, cmd_line);
1378
1379 linep = end;
1380 }
1381
1382 /* Extract default value, if present. Default to empty if
1383 not. */
1384 if (linep)
1385 {
1386 char *end;
1387
1388 end = strchr (linep, ':');
1389 if (end)
1390 *(end++) = '\0';
1391
1392 if (flags & GC_OPT_FLAG_DEFAULT)
1393 default_value = linep;
1394
1395 linep = end;
1396 }
1397
1398 /* Look up the option in the component and install the
1399 configuration data. */
1400 option = find_option (component, line, backend);
1401 if (option)
1402 {
1403 if (option->active)
1404 gc_error (1, errno, "option %s returned twice from %s",
1405 line, cmd_line);
1406 option->active = 1;
1407
1408 option->flags |= flags;
1409 if (default_value && *default_value)
1410 option->default_value = xstrdup (default_value);
1411 }
1412 }
1413 if (length < 0 || ferror (config))
1414 gc_error (1, errno, "error reading from %s", cmd_line);
1415 if (fclose (config) && ferror (config))
1416 gc_error (1, errno, "error closing %s", cmd_line);
1417 xfree (cmd_line);
1418
1419 /* At this point, we can parse the configuration file. */
1420 config_pathname = get_config_pathname (component, backend);
1421
1422 config = fopen (config_pathname, "r");
1423 if (!config)
1424 gc_error (0, errno, "warning: can not open config file %s",
1425 config_pathname);
1426 else
1427 {
1428 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
1429 {
1430 char *name;
1431 char *value;
1432 gc_option_t *option;
1433
1434 name = line;
1435 while (*name == ' ' || *name == '\t')
1436 name++;
1437 if (!*name || *name == '#' || *name == '\r' || *name == '\n')
1438 continue;
1439
1440 value = name;
1441 while (*value && *value != ' ' && *value != '\t'
1442 && *value != '#' && *value != '\r' && *value != '\n')
1443 value++;
1444 if (*value == ' ' || *value == '\t')
1445 {
1446 char *end;
1447
1448 *(value++) = '\0';
1449 while (*value == ' ' || *value == '\t')
1450 value++;
1451
1452 end = value;
1453 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1454 end++;
1455 while (end > value && (end[-1] == ' ' || end[-1] == '\t'))
1456 end--;
1457 *end = '\0';
1458 }
1459 else
1460 *value = '\0';
1461
1462 /* Look up the option in the component and install the
1463 configuration data. */
1464 option = find_option (component, line, backend);
1465 if (option)
1466 {
1467 char *opt_value;
1468
1469 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
1470 {
1471 if (*value)
1472 gc_error (0, 0,
1473 "warning: ignoring argument %s for option %s",
1474 value, name);
1475 opt_value = xstrdup ("1");
1476 }
1477 else if (gc_arg_type[option->arg_type].fallback
1478 == GC_ARG_TYPE_STRING)
1479 opt_value = xasprintf ("\"%s", my_percent_escape (value));
1480 else
1481 {
1482 /* FIXME: Verify that the number is sane. */
1483 opt_value = xstrdup (value);
1484 }
1485
1486 /* Now enter the option into the table. */
1487 if (!(option->flags & GC_OPT_FLAG_LIST))
1488 {
1489 if (option->value)
1490 free (option->value);
1491 option->value = opt_value;
1492 }
1493 else
1494 {
1495 if (!option->value)
1496 option->value = opt_value;
1497 else
1498 {
1499 char *opt_val = opt_value;
1500
1501 option->value = xasprintf ("%s,%s", option->value,
1502 opt_val);
1503 xfree (opt_value);
1504 }
1505 }
1506 }
1507 }
1508
1509 if (length < 0 || ferror (config))
1510 gc_error (1, errno, "error reading from %s", config_pathname);
1511 if (fclose (config) && ferror (config))
1512 gc_error (1, errno, "error closing %s", config_pathname);
1513 }
1514
1515 xfree (line);
1516 }
1517
1518
1519 /* Retrieve the options for the component COMPONENT from backend
1520 BACKEND, which we already know is of type file list. */
1521 static void
1522 retrieve_options_from_file (gc_component_t component, gc_backend_t backend)
1523 {
1524 gc_option_t *list_option;
1525 char *list_pathname;
1526 FILE *list_file;
1527 char *line = NULL;
1528 size_t line_len = 0;
1529 ssize_t length;
1530 char *list = NULL;
1531
1532 list_option = find_option (component,
1533 gc_backend[backend].option_name, GC_BACKEND_ANY);
1534 assert (list_option);
1535 assert (!list_option->active);
1536
1537 list_pathname = get_config_pathname (component, backend);
1538 list_file = fopen (list_pathname, "r");
1539 if (!list_file)
1540 gc_error (0, errno, "warning: can not open list file %s", list_pathname);
1541 else
1542 {
1543
1544 while ((length = read_line (list_file, &line, &line_len, NULL)) > 0)
1545 {
1546 char *start;
1547 char *end;
1548 char *new_list;
1549
1550 start = line;
1551 while (*start == ' ' || *start == '\t')
1552 start++;
1553 if (!*start || *start == '#' || *start == '\r' || *start == '\n')
1554 continue;
1555
1556 end = start;
1557 while (*end && *end != '#' && *end != '\r' && *end != '\n')
1558 end++;
1559 /* Walk back to skip trailing white spaces. Looks evil, but
1560 works because of the conditions on START and END imposed
1561 at this point (END is at least START + 1, and START is
1562 not a whitespace character). */
1563 while (*(end - 1) == ' ' || *(end - 1) == '\t')
1564 end--;
1565 *end = '\0';
1566 /* FIXME: Oh, no! This is so lame! Should use realloc and
1567 really append. */
1568 if (list)
1569 {
1570 new_list = xasprintf ("%s,\"%s", list, my_percent_escape (start));
1571 xfree (list);
1572 list = new_list;
1573 }
1574 else
1575 list = xasprintf ("\"%s", my_percent_escape (start));
1576 }
1577 if (length < 0 || ferror (list_file))
1578 gc_error (1, errno, "can not read list file %s", list_pathname);
1579 }
1580
1581 list_option->active = 1;
1582 list_option->value = list;
1583
1584 if (fclose (list_file) && ferror (list_file))
1585 gc_error (1, errno, "error closing %s", list_pathname);
1586 xfree (line);
1587 }
1588
1589
1590 /* Retrieve the currently active options and their defaults from all
1591 involved backends for this component. Using -1 for component will
1592 retrieve all options from all components. */
1593 void
1594 gc_component_retrieve_options (int component)
1595 {
1596 int process_all = 0;
1597 int backend_seen[GC_BACKEND_NR];
1598 gc_backend_t backend;
1599 gc_option_t *option;
1600
1601 for (backend = 0; backend < GC_BACKEND_NR; backend++)
1602 backend_seen[backend] = 0;
1603
1604 if (component == -1)
1605 {
1606 process_all = 1;
1607 component = 0;
1608 assert (component < GC_COMPONENT_NR);
1609 }
1610
1611 do
1612 {
1613 option = gc_component[component].options;
1614
1615 while (option && option->name)
1616 {
1617 if (!(option->flags & GC_OPT_FLAG_GROUP))
1618 {
1619 backend = option->backend;
1620
1621 if (backend_seen[backend])
1622 {
1623 option++;
1624 continue;
1625 }
1626 backend_seen[backend] = 1;
1627
1628 assert (backend != GC_BACKEND_ANY);
1629
1630 if (gc_backend[backend].program)
1631 retrieve_options_from_program (component, backend);
1632 else
1633 retrieve_options_from_file (component, backend);
1634 }
1635 option++;
1636 }
1637 }
1638 while (process_all && ++component < GC_COMPONENT_NR);
1639
1640 }
1641 \f
1642 /* Perform a simple validity check based on the type. Return in
1643 NEW_VALUE_NR the value of the number in NEW_VALUE if OPTION is of
1644 type GC_ARG_TYPE_NONE. */
1645 static void
1646 option_check_validity (gc_option_t *option, unsigned long flags,
1647 char *new_value, unsigned long *new_value_nr)
1648 {
1649 char *arg;
1650
1651 if (!option->active)
1652 gc_error (1, 0, "option %s not supported by backend %s",
1653 option->name, gc_backend[option->backend].name);
1654
1655 if (option->new_flags || option->new_value)
1656 gc_error (1, 0, "option %s already changed", option->name);
1657
1658 if (flags & GC_OPT_FLAG_DEFAULT)
1659 {
1660 if (*new_value)
1661 gc_error (1, 0, "argument %s provided for deleted option %s",
1662 new_value, option->name);
1663
1664 return;
1665 }
1666
1667 /* GC_ARG_TYPE_NONE options have special list treatment. */
1668 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE)
1669 {
1670 char *tail;
1671
1672 errno = 0;
1673 *new_value_nr = strtoul (new_value, &tail, 0);
1674
1675 if (errno)
1676 gc_error (1, errno, "invalid argument for option %s",
1677 option->name);
1678 if (*tail)
1679 gc_error (1, 0, "garbage after argument for option %s",
1680 option->name);
1681
1682 if (!(option->flags & GC_OPT_FLAG_LIST))
1683 {
1684 if (*new_value_nr != 1)
1685 gc_error (1, 0, "argument for non-list option %s of type 0 "
1686 "(none) must be 1", option->name);
1687 }
1688 else
1689 {
1690 if (*new_value_nr == 0)
1691 gc_error (1, 0, "argument for option %s of type 0 (none) "
1692 "must be positive", option->name);
1693 }
1694
1695 return;
1696 }
1697
1698 arg = new_value;
1699 do
1700 {
1701 if (*arg == '\0' || *arg == ',')
1702 {
1703 if (!(option->flags & GC_OPT_FLAG_ARG_OPT))
1704 gc_error (1, 0, "argument required for option %s", option->name);
1705
1706 if (*arg == ',' && !(option->flags & GC_OPT_FLAG_LIST))
1707 gc_error (1, 0, "list found for non-list option %s", option->name);
1708 }
1709 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_STRING)
1710 {
1711 if (*arg != '"')
1712 gc_error (1, 0, "string argument for option %s must begin "
1713 "with a quote (\") character", option->name);
1714 }
1715 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
1716 {
1717 errno = 0;
1718 (void) strtol (arg, &arg, 0);
1719
1720 if (errno)
1721 gc_error (1, errno, "invalid argument for option %s",
1722 option->name);
1723
1724 if (*arg != '\0' && *arg != ',')
1725 gc_error (1, 0, "garbage after argument for option %s",
1726 option->name);
1727 }
1728 else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32)
1729 {
1730 errno = 0;
1731 (void) strtoul (arg, &arg, 0);
1732
1733 if (errno)
1734 gc_error (1, errno, "invalid argument for option %s",
1735 option->name);
1736
1737 if (*arg != '\0' && *arg != ',')
1738 gc_error (1, 0, "garbage after argument for option %s",
1739 option->name);
1740 }
1741 arg = strchr (arg, ',');
1742 if (arg)
1743 arg++;
1744 }
1745 while (arg && *arg);
1746 }
1747
1748 #ifdef HAVE_W32_SYSTEM
1749 int
1750 copy_file (const char *src_name, const char *dst_name)
1751 {
1752 #define BUF_LEN 4096
1753 char buffer[BUF_LEN];
1754 int len;
1755 FILE *src;
1756 FILE *dst;
1757
1758 src = fopen (src_name, "r");
1759 if (src == NULL)
1760 return -1;
1761
1762 dst = fopen (dst_name, "w");
1763 if (dst == NULL)
1764 {
1765 int saved_err = errno;
1766 fclose (src);
1767 errno = saved_err;
1768 return -1;
1769 }
1770
1771 do
1772 {
1773 int written;
1774
1775 len = fread (buffer, 1, BUF_LEN, src);
1776 if (len == 0)
1777 break;
1778 written = fwrite (buffer, 1, len, dst);
1779 if (written != len)
1780 break;
1781 }
1782 while (!feof (src) && !ferror (src) && !ferror (dst));
1783
1784 if (ferror (src) || ferror (dst) || !feof (src))
1785 {
1786 int saved_errno = errno;
1787 fclose (src);
1788 fclose (dst);
1789 unlink (dst_name);
1790 errno = saved_errno;
1791 return -1;
1792 }
1793
1794 if (fclose (dst) && ferror (dst))
1795 gc_error (1, errno, "error closing %s", dst_name);
1796 if (fclose (src) && ferror (src))
1797 gc_error (1, errno, "error closing %s", src_name);
1798
1799 return 0;
1800 }
1801 #endif /* HAVE_W32_SYSTEM */
1802
1803
1804 /* Create and verify the new configuration file for the specified
1805 backend and component. Returns 0 on success and -1 on error. */
1806 static int
1807 change_options_file (gc_component_t component, gc_backend_t backend,
1808 char **src_filenamep, char **dest_filenamep,
1809 char **orig_filenamep)
1810 {
1811 static const char marker[] = "###+++--- GPGConf ---+++###";
1812 /* True if we are within the marker in the config file. */
1813 int in_marker = 0;
1814 gc_option_t *option;
1815 char *line = NULL;
1816 size_t line_len;
1817 ssize_t length;
1818 int res;
1819 int fd;
1820 FILE *src_file = NULL;
1821 FILE *dest_file = NULL;
1822 char *src_filename;
1823 char *dest_filename;
1824 char *orig_filename;
1825 char *arg;
1826 char *cur_arg = NULL;
1827
1828 option = find_option (component,
1829 gc_backend[backend].option_name, GC_BACKEND_ANY);
1830 assert (option);
1831 assert (option->active);
1832 assert (gc_arg_type[option->arg_type].fallback != GC_ARG_TYPE_NONE);
1833
1834 /* FIXME. Throughout the function, do better error reporting. */
1835 /* Note that get_config_pathname() calls percent_deescape(), so we
1836 call this before processing the arguments. */
1837 dest_filename = xstrdup (get_config_pathname (component, backend));
1838 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
1839 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
1840
1841 arg = option->new_value;
1842 if (arg && arg[0] == '\0')
1843 arg = NULL;
1844 else if (arg)
1845 {
1846 char *end;
1847
1848 arg++;
1849 end = strchr (arg, ',');
1850 if (end)
1851 *end = '\0';
1852
1853 cur_arg = percent_deescape (arg);
1854 if (end)
1855 {
1856 *end = ',';
1857 arg = end + 1;
1858 }
1859 else
1860 arg = NULL;
1861 }
1862
1863 #ifdef HAVE_W32_SYSTEM
1864 res = copy_file (dest_filename, orig_filename);
1865 #else
1866 res = link (dest_filename, orig_filename);
1867 #endif
1868 if (res < 0 && errno != ENOENT)
1869 return -1;
1870 if (res < 0)
1871 {
1872 xfree (orig_filename);
1873 orig_filename = NULL;
1874 }
1875
1876 /* We now initialize the return strings, so the caller can do the
1877 cleanup for us. */
1878 *src_filenamep = src_filename;
1879 *dest_filenamep = dest_filename;
1880 *orig_filenamep = orig_filename;
1881
1882 /* Use open() so that we can use O_EXCL. */
1883 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
1884 if (fd < 0)
1885 return -1;
1886 src_file = fdopen (fd, "w");
1887 res = errno;
1888 if (!src_file)
1889 {
1890 errno = res;
1891 return -1;
1892 }
1893
1894 /* Only if ORIG_FILENAME is not NULL did the configuration file
1895 exist already. In this case, we will copy its content into the
1896 new configuration file, changing it to our liking in the
1897 process. */
1898 if (orig_filename)
1899 {
1900 dest_file = fopen (dest_filename, "r");
1901 if (!dest_file)
1902 goto change_file_one_err;
1903
1904 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
1905 {
1906 int disable = 0;
1907 char *start;
1908
1909 if (!strncmp (marker, line, sizeof (marker) - 1))
1910 {
1911 if (!in_marker)
1912 in_marker = 1;
1913 else
1914 break;
1915 }
1916
1917 start = line;
1918 while (*start == ' ' || *start == '\t')
1919 start++;
1920 if (*start && *start != '\r' && *start != '\n' && *start != '#')
1921 {
1922 char *end;
1923 char *endp;
1924 char saved_end;
1925
1926 endp = start;
1927 end = endp;
1928
1929 /* Search for the end of the line. */
1930 while (*endp && *endp != '#' && *endp != '\r' && *endp != '\n')
1931 {
1932 endp++;
1933 if (*endp && *endp != ' ' && *endp != '\t'
1934 && *endp != '\r' && *endp != '\n' && *endp != '#')
1935 end = endp + 1;
1936 }
1937 saved_end = *end;
1938 *end = '\0';
1939
1940 if ((option->new_flags & GC_OPT_FLAG_DEFAULT)
1941 || !cur_arg || strcmp (start, cur_arg))
1942 disable = 1;
1943 else
1944 {
1945 /* Find next argument. */
1946 if (arg)
1947 {
1948 char *arg_end;
1949
1950 arg++;
1951 arg_end = strchr (arg, ',');
1952 if (arg_end)
1953 *arg_end = '\0';
1954
1955 cur_arg = percent_deescape (arg);
1956 if (arg_end)
1957 {
1958 *arg_end = ',';
1959 arg = arg_end + 1;
1960 }
1961 else
1962 arg = NULL;
1963 }
1964 else
1965 cur_arg = NULL;
1966 }
1967
1968 *end = saved_end;
1969 }
1970
1971 if (disable)
1972 {
1973 if (!in_marker)
1974 {
1975 fprintf (src_file,
1976 "# GPGConf disabled this option here at %s\n",
1977 asctimestamp (gnupg_get_time ()));
1978 if (ferror (src_file))
1979 goto change_file_one_err;
1980 fprintf (src_file, "# %s", line);
1981 if (ferror (src_file))
1982 goto change_file_one_err;
1983 }
1984 }
1985 else
1986 {
1987 fprintf (src_file, "%s", line);
1988 if (ferror (src_file))
1989 goto change_file_one_err;
1990 }
1991 }
1992 if (length < 0 || ferror (dest_file))
1993 goto change_file_one_err;
1994 }
1995
1996 if (!in_marker)
1997 {
1998 /* There was no marker. This is the first time we edit the
1999 file. We add our own marker at the end of the file and
2000 proceed. Note that we first write a newline, this guards us
2001 against files which lack the newline at the end of the last
2002 line, while it doesn't hurt us in all other cases. */
2003 fprintf (src_file, "\n%s\n", marker);
2004 if (ferror (src_file))
2005 goto change_file_one_err;
2006 }
2007
2008 /* At this point, we have copied everything up to the end marker
2009 into the new file, except for the arguments we are going to add.
2010 Now, dump the new arguments and write the end marker, possibly
2011 followed by the rest of the original file. */
2012 while (cur_arg)
2013 {
2014 fprintf (src_file, "%s\n", cur_arg);
2015
2016 /* Find next argument. */
2017 if (arg)
2018 {
2019 char *end;
2020
2021 arg++;
2022 end = strchr (arg, ',');
2023 if (end)
2024 *end = '\0';
2025
2026 cur_arg = percent_deescape (arg);
2027 if (end)
2028 {
2029 *end = ',';
2030 arg = end + 1;
2031 }
2032 else
2033 arg = NULL;
2034 }
2035 else
2036 cur_arg = NULL;
2037 }
2038
2039 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2040 if (ferror (src_file))
2041 goto change_file_one_err;
2042
2043 if (!in_marker)
2044 {
2045 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2046 if (ferror (src_file))
2047 goto change_file_one_err;
2048 fprintf (src_file, "# It will disable options before this marked "
2049 "block, but it will\n");
2050 if (ferror (src_file))
2051 goto change_file_one_err;
2052 fprintf (src_file, "# never change anything below these lines.\n");
2053 if (ferror (src_file))
2054 goto change_file_one_err;
2055 }
2056 if (dest_file)
2057 {
2058 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2059 {
2060 fprintf (src_file, "%s", line);
2061 if (ferror (src_file))
2062 goto change_file_one_err;
2063 }
2064 if (length < 0 || ferror (dest_file))
2065 goto change_file_one_err;
2066 }
2067 xfree (line);
2068 line = NULL;
2069
2070 res = fclose (src_file);
2071 if (res)
2072 {
2073 res = errno;
2074 close (fd);
2075 if (dest_file)
2076 fclose (dest_file);
2077 errno = res;
2078 return -1;
2079 }
2080 close (fd);
2081 if (dest_file)
2082 {
2083 res = fclose (dest_file);
2084 if (res)
2085 return -1;
2086 }
2087 return 0;
2088
2089 change_file_one_err:
2090 xfree (line);
2091 res = errno;
2092 if (src_file)
2093 {
2094 fclose (src_file);
2095 close (fd);
2096 }
2097 if (dest_file)
2098 fclose (dest_file);
2099 errno = res;
2100 return -1;
2101 }
2102
2103
2104 /* Create and verify the new configuration file for the specified
2105 backend and component. Returns 0 on success and -1 on error. */
2106 static int
2107 change_options_program (gc_component_t component, gc_backend_t backend,
2108 char **src_filenamep, char **dest_filenamep,
2109 char **orig_filenamep)
2110 {
2111 static const char marker[] = "###+++--- GPGConf ---+++###";
2112 /* True if we are within the marker in the config file. */
2113 int in_marker = 0;
2114 gc_option_t *option;
2115 char *line = NULL;
2116 size_t line_len;
2117 ssize_t length;
2118 int res;
2119 int fd;
2120 FILE *src_file = NULL;
2121 FILE *dest_file = NULL;
2122 char *src_filename;
2123 char *dest_filename;
2124 char *orig_filename;
2125
2126 /* FIXME. Throughout the function, do better error reporting. */
2127 dest_filename = xstrdup (get_config_pathname (component, backend));
2128 src_filename = xasprintf ("%s.gpgconf.%i.new", dest_filename, getpid ());
2129 orig_filename = xasprintf ("%s.gpgconf.%i.bak", dest_filename, getpid ());
2130
2131 #ifdef HAVE_W32_SYSTEM
2132 res = copy_file (dest_filename, orig_filename);
2133 #else
2134 res = link (dest_filename, orig_filename);
2135 #endif
2136 if (res < 0 && errno != ENOENT)
2137 return -1;
2138 if (res < 0)
2139 {
2140 xfree (orig_filename);
2141 orig_filename = NULL;
2142 }
2143
2144 /* We now initialize the return strings, so the caller can do the
2145 cleanup for us. */
2146 *src_filenamep = src_filename;
2147 *dest_filenamep = dest_filename;
2148 *orig_filenamep = orig_filename;
2149
2150 /* Use open() so that we can use O_EXCL. */
2151 fd = open (src_filename, O_CREAT | O_EXCL | O_WRONLY, 0644);
2152 if (fd < 0)
2153 return -1;
2154 src_file = fdopen (fd, "w");
2155 res = errno;
2156 if (!src_file)
2157 {
2158 errno = res;
2159 return -1;
2160 }
2161
2162 /* Only if ORIG_FILENAME is not NULL did the configuration file
2163 exist already. In this case, we will copy its content into the
2164 new configuration file, changing it to our liking in the
2165 process. */
2166 if (orig_filename)
2167 {
2168 dest_file = fopen (dest_filename, "r");
2169 if (!dest_file)
2170 goto change_one_err;
2171
2172 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2173 {
2174 int disable = 0;
2175 char *start;
2176
2177 if (!strncmp (marker, line, sizeof (marker) - 1))
2178 {
2179 if (!in_marker)
2180 in_marker = 1;
2181 else
2182 break;
2183 }
2184
2185 start = line;
2186 while (*start == ' ' || *start == '\t')
2187 start++;
2188 if (*start && *start != '\r' && *start != '\n' && *start != '#')
2189 {
2190 char *end;
2191 char saved_end;
2192
2193 end = start;
2194 while (*end && *end != ' ' && *end != '\t'
2195 && *end != '\r' && *end != '\n' && *end != '#')
2196 end++;
2197 saved_end = *end;
2198 *end = '\0';
2199
2200 option = find_option (component, start, backend);
2201 *end = saved_end;
2202 if (option && ((option->new_flags & GC_OPT_FLAG_DEFAULT)
2203 || option->new_value))
2204 disable = 1;
2205 }
2206 if (disable)
2207 {
2208 if (!in_marker)
2209 {
2210 fprintf (src_file,
2211 "# GPGConf disabled this option here at %s\n",
2212 asctimestamp (gnupg_get_time ()));
2213 if (ferror (src_file))
2214 goto change_one_err;
2215 fprintf (src_file, "# %s", line);
2216 if (ferror (src_file))
2217 goto change_one_err;
2218 }
2219 }
2220 else
2221 {
2222 fprintf (src_file, "%s", line);
2223 if (ferror (src_file))
2224 goto change_one_err;
2225 }
2226 }
2227 if (length < 0 || ferror (dest_file))
2228 goto change_one_err;
2229 }
2230
2231 if (!in_marker)
2232 {
2233 /* There was no marker. This is the first time we edit the
2234 file. We add our own marker at the end of the file and
2235 proceed. Note that we first write a newline, this guards us
2236 against files which lack the newline at the end of the last
2237 line, while it doesn't hurt us in all other cases. */
2238 fprintf (src_file, "\n%s\n", marker);
2239 if (ferror (src_file))
2240 goto change_one_err;
2241 }
2242 /* At this point, we have copied everything up to the end marker
2243 into the new file, except for the options we are going to change.
2244 Now, dump the changed options (except for those we are going to
2245 revert to their default), and write the end marker, possibly
2246 followed by the rest of the original file. */
2247
2248 /* We have to turn on UTF8 strings for GnuPG. */
2249 if (backend == GC_BACKEND_GPG)
2250 fprintf (src_file, "utf8-strings\n");
2251
2252 option = gc_component[component].options;
2253 while (option->name)
2254 {
2255 if (!(option->flags & GC_OPT_FLAG_GROUP)
2256 && option->backend == backend
2257 && option->new_value)
2258 {
2259 char *arg = option->new_value;
2260
2261 do
2262 {
2263 if (*arg == '\0' || *arg == ',')
2264 {
2265 fprintf (src_file, "%s\n", option->name);
2266 if (ferror (src_file))
2267 goto change_one_err;
2268 }
2269 else if (gc_arg_type[option->arg_type].fallback
2270 == GC_ARG_TYPE_NONE)
2271 {
2272 assert (*arg == '1');
2273 fprintf (src_file, "%s\n", option->name);
2274 if (ferror (src_file))
2275 goto change_one_err;
2276
2277 arg++;
2278 }
2279 else if (gc_arg_type[option->arg_type].fallback
2280 == GC_ARG_TYPE_STRING)
2281 {
2282 char *end;
2283
2284 assert (*arg == '"');
2285 arg++;
2286
2287 end = strchr (arg, ',');
2288 if (end)
2289 *end = '\0';
2290
2291 fprintf (src_file, "%s %s\n", option->name,
2292 percent_deescape (arg));
2293 if (ferror (src_file))
2294 goto change_one_err;
2295
2296 if (end)
2297 *end = ',';
2298 arg = end;
2299 }
2300 else
2301 {
2302 char *end;
2303
2304 end = strchr (arg, ',');
2305 if (end)
2306 *end = '\0';
2307
2308 fprintf (src_file, "%s %s\n", option->name, arg);
2309 if (ferror (src_file))
2310 goto change_one_err;
2311
2312 if (end)
2313 *end = ',';
2314 arg = end;
2315 }
2316
2317 assert (arg == NULL || *arg == '\0' || *arg == ',');
2318 if (arg && *arg == ',')
2319 arg++;
2320 }
2321 while (arg && *arg);
2322 }
2323 option++;
2324 }
2325
2326 fprintf (src_file, "%s %s\n", marker, asctimestamp (gnupg_get_time ()));
2327 if (ferror (src_file))
2328 goto change_one_err;
2329
2330 if (!in_marker)
2331 {
2332 fprintf (src_file, "# GPGConf edited this configuration file.\n");
2333 if (ferror (src_file))
2334 goto change_one_err;
2335 fprintf (src_file, "# It will disable options before this marked "
2336 "block, but it will\n");
2337 if (ferror (src_file))
2338 goto change_one_err;
2339 fprintf (src_file, "# never change anything below these lines.\n");
2340 if (ferror (src_file))
2341 goto change_one_err;
2342 }
2343 if (dest_file)
2344 {
2345 while ((length = read_line (dest_file, &line, &line_len, NULL)) > 0)
2346 {
2347 fprintf (src_file, "%s", line);
2348 if (ferror (src_file))
2349 goto change_one_err;
2350 }
2351 if (length < 0 || ferror (dest_file))
2352 goto change_one_err;
2353 }
2354 xfree (line);
2355 line = NULL;
2356
2357 res = fclose (src_file);
2358 if (res)
2359 {
2360 res = errno;
2361 close (fd);
2362 if (dest_file)
2363 fclose (dest_file);
2364 errno = res;
2365 return -1;
2366 }
2367 close (fd);
2368 if (dest_file)
2369 {
2370 res = fclose (dest_file);
2371 if (res)
2372 return -1;
2373 }
2374 return 0;
2375
2376 change_one_err:
2377 xfree (line);
2378 res = errno;
2379 if (src_file)
2380 {
2381 fclose (src_file);
2382 close (fd);
2383 }
2384 if (dest_file)
2385 fclose (dest_file);
2386 errno = res;
2387 return -1;
2388 }
2389
2390
2391 /* Common code for gc_component_change_options and
2392 gc_process_gpgconf_conf. */
2393 static void
2394 change_one_value (gc_option_t *option, int *runtime,
2395 unsigned long flags, char *new_value)
2396 {
2397 unsigned long new_value_nr = 0;
2398
2399 option_check_validity (option, flags, new_value, &new_value_nr);
2400
2401 if (option->flags & GC_OPT_FLAG_RUNTIME)
2402 runtime[option->backend] = 1;
2403
2404 option->new_flags = flags;
2405 if (!(flags & GC_OPT_FLAG_DEFAULT))
2406 {
2407 if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_NONE
2408 && (option->flags & GC_OPT_FLAG_LIST))
2409 {
2410 char *str;
2411
2412 /* We convert the number to a list of 1's for convenient
2413 list handling. */
2414 assert (new_value_nr > 0);
2415 option->new_value = xmalloc ((2 * (new_value_nr - 1) + 1) + 1);
2416 str = option->new_value;
2417 *(str++) = '1';
2418 while (--new_value_nr > 0)
2419 {
2420 *(str++) = ',';
2421 *(str++) = '1';
2422 }
2423 *(str++) = '\0';
2424 }
2425 else
2426 option->new_value = xstrdup (new_value);
2427 }
2428 }
2429
2430
2431 /* Read the modifications from IN and apply them. If IN is NULL the
2432 modifications are expected to already have been set to the global
2433 table. */
2434 void
2435 gc_component_change_options (int component, FILE *in)
2436 {
2437 int err = 0;
2438 int runtime[GC_BACKEND_NR];
2439 char *src_pathname[GC_BACKEND_NR];
2440 char *dest_pathname[GC_BACKEND_NR];
2441 char *orig_pathname[GC_BACKEND_NR];
2442 gc_backend_t backend;
2443 gc_option_t *option;
2444 char *line = NULL;
2445 size_t line_len = 0;
2446 ssize_t length;
2447
2448 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2449 {
2450 runtime[backend] = 0;
2451 src_pathname[backend] = NULL;
2452 dest_pathname[backend] = NULL;
2453 orig_pathname[backend] = NULL;
2454 }
2455
2456 if (in)
2457 {
2458 /* Read options from the file IN. */
2459 while ((length = read_line (in, &line, &line_len, NULL)) > 0)
2460 {
2461 char *linep;
2462 unsigned long flags = 0;
2463 char *new_value = "";
2464
2465 /* Strip newline and carriage return, if present. */
2466 while (length > 0
2467 && (line[length - 1] == '\n' || line[length - 1] == '\r'))
2468 line[--length] = '\0';
2469
2470 linep = strchr (line, ':');
2471 if (linep)
2472 *(linep++) = '\0';
2473
2474 /* Extract additional flags. Default to none. */
2475 if (linep)
2476 {
2477 char *end;
2478 char *tail;
2479
2480 end = strchr (linep, ':');
2481 if (end)
2482 *(end++) = '\0';
2483
2484 errno = 0;
2485 flags = strtoul (linep, &tail, 0);
2486 if (errno)
2487 gc_error (1, errno, "malformed flags in option %s", line);
2488 if (!(*tail == '\0' || *tail == ':' || *tail == ' '))
2489 gc_error (1, 0, "garbage after flags in option %s", line);
2490
2491 linep = end;
2492 }
2493
2494 /* Don't allow setting of the no change flag. */
2495 flags &= ~GC_OPT_FLAG_NO_CHANGE;
2496
2497 /* Extract default value, if present. Default to empty if not. */
2498 if (linep)
2499 {
2500 char *end;
2501 end = strchr (linep, ':');
2502 if (end)
2503 *(end++) = '\0';
2504 new_value = linep;
2505 linep = end;
2506 }
2507
2508 option = find_option (component, line, GC_BACKEND_ANY);
2509 if (!option)
2510 gc_error (1, 0, "unknown option %s", line);
2511
2512 if ((option->flags & GC_OPT_FLAG_NO_CHANGE))
2513 {
2514 gc_error (0, 0, "ignoring new value for option %s",
2515 option->name);
2516 continue;
2517 }
2518
2519 change_one_value (option, runtime, flags, new_value);
2520 }
2521 }
2522
2523 /* Now that we have collected and locally verified the changes,
2524 write them out to new configuration files, verify them
2525 externally, and then commit them. */
2526 option = gc_component[component].options;
2527 while (option && option->name)
2528 {
2529 /* Go on if we have already seen this backend, or if there is
2530 nothing to do. */
2531 if (src_pathname[option->backend]
2532 || !(option->new_flags || option->new_value))
2533 {
2534 option++;
2535 continue;
2536 }
2537
2538 if (gc_backend[option->backend].program)
2539 err = change_options_program (component, option->backend,
2540 &src_pathname[option->backend],
2541 &dest_pathname[option->backend],
2542 &orig_pathname[option->backend]);
2543 else
2544 err = change_options_file (component, option->backend,
2545 &src_pathname[option->backend],
2546 &dest_pathname[option->backend],
2547 &orig_pathname[option->backend]);
2548
2549 if (err)
2550 break;
2551
2552 option++;
2553 }
2554
2555 if (!err)
2556 {
2557 int i;
2558
2559 for (i = 0; i < GC_BACKEND_NR; i++)
2560 {
2561 if (src_pathname[i])
2562 {
2563 /* FIXME: Make a verification here. */
2564
2565 assert (dest_pathname[i]);
2566
2567 if (orig_pathname[i])
2568 {
2569 #ifdef HAVE_W32_SYSTEM
2570 /* There is no atomic update on W32. */
2571 err = unlink (dest_pathname[i]);
2572 #endif /* HAVE_W32_SYSTEM */
2573 if (!err)
2574 err = rename (src_pathname[i], dest_pathname[i]);
2575 }
2576 else
2577 {
2578 #ifdef HAVE_W32_SYSTEM
2579 /* We skip the unlink if we expect the file not to
2580 be there. */
2581 err = rename (src_pathname[i], dest_pathname[i]);
2582 #else /* HAVE_W32_SYSTEM */
2583 /* This is a bit safer than rename() because we
2584 expect DEST_PATHNAME not to be there. If it
2585 happens to be there, this will fail. */
2586 err = link (src_pathname[i], dest_pathname[i]);
2587 if (!err)
2588 err = unlink (src_pathname[i]);
2589 #endif /* !HAVE_W32_SYSTEM */
2590 }
2591 if (err)
2592 break;
2593 src_pathname[i] = NULL;
2594 }
2595 }
2596 }
2597
2598 if (err)
2599 {
2600 int i;
2601 int saved_errno = errno;
2602
2603 /* An error occured. */
2604 for (i = 0; i < GC_BACKEND_NR; i++)
2605 {
2606 if (src_pathname[i])
2607 {
2608 /* The change was not yet committed. */
2609 unlink (src_pathname[i]);
2610 if (orig_pathname[i])
2611 unlink (orig_pathname[i]);
2612 }
2613 else
2614 {
2615 /* The changes were already committed. FIXME: This is a
2616 tad dangerous, as we don't know if we don't overwrite
2617 a version of the file that is even newer than the one
2618 we just installed. */
2619 if (orig_pathname[i])
2620 {
2621 #ifdef HAVE_W32_SYSTEM
2622 /* There is no atomic update on W32. */
2623 unlink (dest_pathname[i]);
2624 #endif /* HAVE_W32_SYSTEM */
2625 rename (orig_pathname[i], dest_pathname[i]);
2626 }
2627 else
2628 unlink (dest_pathname[i]);
2629 }
2630 }
2631 gc_error (1, saved_errno, "could not commit changes");
2632 }
2633
2634 /* If it all worked, notify the daemons of the changes. */
2635 if (opt.runtime)
2636 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2637 {
2638 if (runtime[backend] && gc_backend[backend].runtime_change)
2639 (*gc_backend[backend].runtime_change) ();
2640 }
2641
2642 /* Move the per-process backup file into its place. */
2643 for (backend = 0; backend < GC_BACKEND_NR; backend++)
2644 if (orig_pathname[backend])
2645 {
2646 char *backup_pathname;
2647
2648 assert (dest_pathname[backend]);
2649
2650 backup_pathname = xasprintf ("%s.gpgconf.bak", dest_pathname[backend]);
2651
2652 #ifdef HAVE_W32_SYSTEM
2653 /* There is no atomic update on W32. */
2654 unlink (backup_pathname);
2655 #endif /* HAVE_W32_SYSTEM */
2656 rename (orig_pathname[backend], backup_pathname);
2657 }
2658
2659 xfree (line);
2660 }
2661
2662
2663 /* Check whether USER matches the current user of one of its group.
2664 This function may change USER. Returns true is there is a
2665 match. */
2666 static int
2667 key_matches_user_or_group (char *user)
2668 {
2669 char *group;
2670
2671 if (*user == '*' && user[1] == 0)
2672 return 1; /* A single asterisk matches all users. */
2673
2674 group = strchr (user, ':');
2675 if (group)
2676 *group++ = 0;
2677
2678 #ifdef HAVE_W32_SYSTEM
2679 /* Under Windows we don't support groups. */
2680 if (group && *group)
2681 gc_error (0, 0, _("Note that group specifications are ignored\n"));
2682 if (*user)
2683 {
2684 static char *my_name;
2685
2686 if (!my_name)
2687 {
2688 char tmp[1];
2689 DWORD size = 1;
2690
2691 GetUserNameA (tmp, &size);
2692 my_name = xmalloc (size);
2693 if (!GetUserNameA (my_name, &size))
2694 gc_error (1,0, "error getting current user name: %s",
2695 w32_strerror (-1));
2696 }
2697
2698 if (!strcmp (user, my_name))
2699 return 1; /* Found. */
2700 }
2701 #else /*!HAVE_W32_SYSTEM*/
2702 /* First check whether the user matches. */
2703 if (*user)
2704 {
2705 static char *my_name;
2706
2707 if (!my_name)
2708 {
2709 struct passwd *pw = getpwuid ( getuid () );
2710 if (!pw)
2711 gc_error (1, errno, "getpwuid failed for current user");
2712 my_name = xstrdup (pw->pw_name);
2713 }
2714 if (!strcmp (user, my_name))
2715 return 1; /* Found. */
2716 }
2717
2718 /* If that failed, check whether a group matches. */
2719 if (group && *group)
2720 {
2721 static char *my_group;
2722 static char **my_supgroups;
2723 int n;
2724
2725 if (!my_group)
2726 {
2727 struct group *gr = getgrgid ( getgid () );
2728 if (!gr)
2729 gc_error (1, errno, "getgrgid failed for current user");
2730 my_group = xstrdup (gr->gr_name);
2731 }
2732 if (!strcmp (group, my_group))
2733 return 1; /* Found. */
2734
2735 if (!my_supgroups)
2736 {
2737 int ngids;
2738 gid_t *gids;
2739
2740 ngids = getgroups (0, NULL);
2741 gids = xcalloc (ngids+1, sizeof *gids);
2742 ngids = getgroups (ngids, gids);
2743 if (ngids < 0)
2744 gc_error (1, errno, "getgroups failed for current user");
2745 my_supgroups = xcalloc (ngids+1, sizeof *my_supgroups);
2746 for (n=0; n < ngids; n++)
2747 {
2748 struct group *gr = getgrgid ( gids[n] );
2749 if (!gr)
2750 gc_error (1, errno, "getgrgid failed for supplementary group");
2751 my_supgroups[n] = xstrdup (gr->gr_name);
2752 }
2753 xfree (gids);
2754 }
2755
2756 for (n=0; my_supgroups[n]; n++)
2757 if (!strcmp (group, my_supgroups[n]))
2758 return 1; /* Found. */
2759 }
2760 #endif /*!HAVE_W32_SYSTEM*/
2761 return 0; /* No match. */
2762 }
2763
2764
2765
2766 /* Read and process the global configuration file for gpgconf. This
2767 optional file is used to update our internal tables at runtime and
2768 may also be used to set new default values. If FNAME is NULL the
2769 default name will be used. With UPDATE set to true the internal
2770 tables are actually updated; if not set, only a syntax check is
2771 done. If DEFAULTS is true the global options are written to the
2772 configuration files.
2773
2774 Returns 0 on success or if the config file is not present; -1 is
2775 returned on error. */
2776 int
2777 gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults)
2778 {
2779 int result = 0;
2780 char *line = NULL;
2781 size_t line_len = 0;
2782 ssize_t length;
2783 FILE *config;
2784 int lineno = 0;
2785 int in_rule = 0;
2786 int got_match = 0;
2787 int runtime[GC_BACKEND_NR];
2788 int used_components[GC_COMPONENT_NR];
2789 int backend_id, component_id;
2790 char *fname = (char *) fname_arg;
2791
2792 if (!fname)
2793 fname = make_filename (gnupg_sysconfdir (), "gpgconf.conf", NULL);
2794
2795 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
2796 runtime[backend_id] = 0;
2797 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
2798 used_components[component_id] = 0;
2799
2800 config = fopen (fname, "r");
2801 if (!config)
2802 {
2803 /* Do not print an error if the file is not available, except
2804 when runnign in syntax check mode. */
2805 if (errno != ENOENT || !update)
2806 {
2807 gc_error (0, errno, "can not open global config file `%s'", fname);
2808 result = -1;
2809 }
2810 xfree (fname);
2811 return result;
2812 }
2813
2814 while ((length = read_line (config, &line, &line_len, NULL)) > 0)
2815 {
2816 char *key, *component, *option, *flags, *value;
2817 char *empty;
2818 gc_option_t *option_info = NULL;
2819 char *p;
2820 int is_continuation;
2821
2822 lineno++;
2823 key = line;
2824 while (*key == ' ' || *key == '\t')
2825 key++;
2826 if (!*key || *key == '#' || *key == '\r' || *key == '\n')
2827 continue;
2828
2829 is_continuation = (key != line);
2830
2831 /* Parse the key field. */
2832 if (!is_continuation && got_match)
2833 break; /* Finish after the first match. */
2834 else if (!is_continuation)
2835 {
2836 in_rule = 0;
2837 for (p=key+1; *p && !strchr (" \t\r\n", *p); p++)
2838 ;
2839 if (!*p)
2840 {
2841 gc_error (0, 0, "missing rule at `%s', line %d", fname, lineno);
2842 result = -1;
2843 continue;
2844 }
2845 *p++ = 0;
2846 component = p;
2847 }
2848 else if (!in_rule)
2849 {
2850 gc_error (0, 0, "continuation but no rule at `%s', line %d",
2851 fname, lineno);
2852 result = -1;
2853 continue;
2854 }
2855 else
2856 {
2857 component = key;
2858 key = NULL;
2859 }
2860
2861 in_rule = 1;
2862
2863 /* Parse the component. */
2864 while (*component == ' ' || *component == '\t')
2865 component++;
2866 for (p=component; *p && !strchr (" \t\r\n", *p); p++)
2867 ;
2868 if (p == component)
2869 {
2870 gc_error (0, 0, "missing component at `%s', line %d",
2871 fname, lineno);
2872 result = -1;
2873 continue;
2874 }
2875 empty = p;
2876 *p++ = 0;
2877 option = p;
2878 component_id = gc_component_find (component);
2879 if (component_id < 0)
2880 {
2881 gc_error (0, 0, "unknown component at `%s', line %d",
2882 fname, lineno);
2883 result = -1;
2884 }
2885
2886 /* Parse the option name. */
2887 while (*option == ' ' || *option == '\t')
2888 option++;
2889 for (p=option; *p && !strchr (" \t\r\n", *p); p++)
2890 ;
2891 if (p == option)
2892 {
2893 gc_error (0, 0, "missing option at `%s', line %d",
2894 fname, lineno);
2895 result = -1;
2896 continue;
2897 }
2898 *p++ = 0;
2899 flags = p;
2900 if ( component_id != -1)
2901 {
2902 option_info = find_option (component_id, option, GC_BACKEND_ANY);
2903 if (!option_info)
2904 {
2905 gc_error (0, 0, "unknown option at `%s', line %d",
2906 fname, lineno);
2907 result = -1;
2908 }
2909 }
2910
2911
2912 /* Parse the optional flags. */
2913 while (*flags == ' ' || *flags == '\t')
2914 flags++;
2915 if (*flags == '[')
2916 {
2917 flags++;
2918 p = strchr (flags, ']');
2919 if (!p)
2920 {
2921 gc_error (0, 0, "syntax error in rule at `%s', line %d",
2922 fname, lineno);
2923 result = -1;
2924 continue;
2925 }
2926 *p++ = 0;
2927 value = p;
2928 }
2929 else /* No flags given. */
2930 {
2931 value = flags;
2932 flags = NULL;
2933 }
2934
2935 /* Parse the optional value. */
2936 while (*value == ' ' || *value == '\t')
2937 value++;
2938 for (p=value; *p && !strchr ("\r\n", *p); p++)
2939 ;
2940 if (p == value)
2941 value = empty; /* No value given; let it point to an empty string. */
2942 else
2943 {
2944 /* Strip trailing white space. */
2945 *p = 0;
2946 for (p--; p > value && (*p == ' ' || *p == '\t'); p--)
2947 *p = 0;
2948 }
2949
2950 /* Check flag combinations. */
2951 if (!flags)
2952 ;
2953 else if (!strcmp (flags, "default"))
2954 {
2955 if (*value)
2956 {
2957 gc_error (0, 0, "flag \"default\" may not be combined "
2958 "with a value at `%s', line %d",
2959 fname, lineno);
2960 result = -1;
2961 }
2962 }
2963 else if (!strcmp (flags, "change"))
2964 ;
2965 else if (!strcmp (flags, "no-change"))
2966 ;
2967 else
2968 {
2969 gc_error (0, 0, "unknown flag at `%s', line %d",
2970 fname, lineno);
2971 result = -1;
2972 }
2973
2974
2975 /* Check whether the key matches but do this only if we are not
2976 running in syntax check mode. */
2977 if ( update
2978 && !result
2979 && (got_match || (key && key_matches_user_or_group (key))) )
2980 {
2981 int newflags = 0;
2982
2983 got_match = 1;
2984
2985 /* Apply the flags from gpgconf.conf. */
2986 if (!flags)
2987 ;
2988 else if (!strcmp (flags, "default"))
2989 newflags |= GC_OPT_FLAG_DEFAULT;
2990 else if (!strcmp (flags, "no-change"))
2991 option_info->flags |= GC_OPT_FLAG_NO_CHANGE;
2992 else if (!strcmp (flags, "change"))
2993 option_info->flags &= ~GC_OPT_FLAG_NO_CHANGE;
2994
2995 if (defaults)
2996 {
2997 assert (component_id >= 0 && component_id < GC_COMPONENT_NR);
2998 used_components[component_id] = 1;
2999
3000 /* Here we explicitly allow to update the value again. */
3001 if (newflags)
3002 {
3003 option_info->new_flags = 0;
3004 }
3005 if (*value)
3006 {
3007 xfree (option_info->new_value);
3008 option_info->new_value = NULL;
3009 }
3010 change_one_value (option_info, runtime, newflags, value);
3011 }
3012 }
3013 }
3014
3015 if (length < 0 || ferror (config))
3016 {
3017 gc_error (0, errno, "error reading from `%s'", fname);
3018 result = -1;
3019 }
3020 if (fclose (config) && ferror (config))
3021 gc_error (0, errno, "error closing `%s'", fname);
3022
3023 xfree (line);
3024
3025 /* If it all worked, process the options. */
3026 if (!result && update && defaults)
3027 {
3028 /* We need to switch off the runtime update, so that we can do
3029 it later all at once. */
3030 int save_opt_runtime = opt.runtime;
3031 opt.runtime = 0;
3032
3033 for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
3034 {
3035 gc_component_change_options (component_id, NULL);
3036 }
3037 opt.runtime = save_opt_runtime;
3038
3039 if (opt.runtime)
3040 {
3041 for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
3042 if (runtime[backend_id] && gc_backend[backend_id].runtime_change)
3043 (*gc_backend[backend_id].runtime_change) ();
3044 }
3045 }
3046
3047 xfree (fname);
3048 return result;
3049 }
gnupg svn clone