| blob | 33f9bb6edc7e9c6a437209e8d5b5a4a3f95c1e79 |
1 /* server.c - server mode for gpg
2 * Copyright (C) 2006, 2008 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
20 #include <config.h>
21 #include <errno.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <stdarg.h>
26 #include <ctype.h>
27 #include <unistd.h>
31 #include <assuan.h>
39 #define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t))
42 /* Data used to associate an Assuan context with local server data. */
43 struct server_local_s
44 {
45 /* Our current Assuan context. */
46 assuan_context_t assuan_ctx;
47 /* File descriptor as set by the MESSAGE command. */
48 gnupg_fd_t message_fd;
50 /* List of prepared recipients. */
51 pk_list_t recplist;
53 };
56 \f
57 /* Helper to close the message fd if it is open. */
58 static void
60 {
62 {
65 }
66 }
69 /* Skip over options. Blanks after the options are also removed. */
72 {
74 line++;
76 {
78 line++;
80 line++;
81 }
83 }
86 /* Check whether the option NAME appears in LINE. */
87 static int
89 {
97 }
102 \f
103 /* Called by libassuan for Assuan options. See the Assuan manual for
104 details. */
105 static gpg_error_t
107 {
108 /* ctrl_t ctrl = assuan_get_pointer (ctx); */
113 /* Fixme: Implement the tty and locale args. */
115 {
116 }
118 {
119 }
121 {
122 }
124 {
125 }
127 {
128 }
130 {
131 }
133 {
134 }
136 {
137 /* This is for now a dummy option. */
138 }
139 else
143 }
146 /* Called by libassuan for RESET commands. */
147 static void
149 {
158 }
161 /* Called by libassuan for INPUT commands. */
162 static void
164 {
165 /* ctrl_t ctrl = assuan_get_pointer (ctx); */
174 ;
175 else
176 {
177 /* FIXME (autodetect encoding) */
178 }
179 }
182 /* Called by libassuan for OUTPUT commands. */
183 static void
185 {
186 /* ctrl_t ctrl = assuan_get_pointer (ctx); */
193 {
194 /* FIXME */
195 }
196 }
200 \f
201 /* RECIPIENT [--hidden] <userID>
203 Set the recipient for the encryption. <userID> should be the
204 internal representation of the key; the server may accept any other
205 way of specification. If this is a valid and trusted recipient the
206 server does respond with OK, otherwise the return is an ERR with
207 the reason why the recipient can't be used, the encryption will
208 then not be done for this recipient. If the policy is not to
209 encrypt at all if not all recipients are valid, the client has to
210 take care of this. All RECIPIENT commands are cumulative until a
211 RESET or an successful ENCRYPT command. */
212 static gpg_error_t
214 {
216 gpg_error_t err;
222 /* FIXME: Expand groups
223 if (opt.grouplist)
224 remusr = expand_group (rcpts);
225 else
226 remusr = rcpts;
227 */
235 }
238 \f
239 /* SIGNER <userID>
241 Set the signer's keys for the signature creation. <userID> should
242 be the internal representation of the key; the server may accept
243 any other way of specification. If this is a valid and usable
244 signing key the server does respond with OK, otherwise it returns
245 an ERR with the reason why the key can't be used, the signing will
246 then not be done for this key. If the policy is not to sign at all
247 if not all signer keys are valid, the client has to take care of
248 this. All SIGNER commands are cumulative until a RESET but they
249 are *not* reset by an SIGN command becuase it can be expected that
250 set of signers are used for more than one sign operation.
252 Note that this command returns an INV_RECP status which is a bit
253 strange, but they are very similar. */
254 static gpg_error_t
256 {
260 }
263 \f
264 /* ENCRYPT
266 Do the actual encryption process. Takes the plaintext from the
267 INPUT command, writes the ciphertext to the file descriptor set
268 with the OUTPUT command, take the recipients from all the
269 recipients set so far with RECIPIENTS.
271 If this command fails the clients should try to delete all output
272 currently done or otherwise mark it as invalid. GPG does ensure
273 that there won't be any security problem with leftover data on the
274 output in this case.
276 In most cases this command won't fail because most necessary checks
277 have been done while setting the recipients. However some checks
278 can only be done right here and thus error may occur anyway (for
279 example, no recipients at all).
281 The input, output and message pipes are closed after this
282 command. */
283 static gpg_error_t
285 {
287 gpg_error_t err;
293 {
297 }
301 {
304 }
307 {
310 }
312 /* Fixme: Check that we are using real files and not pipes if in
313 PGP-2 mode. Do all the other checks we do in gpg.c for aEncr.
314 Maybe we should drop the PGP2 compatibility. */
317 /* FIXME: GPGSM does this here: Add all encrypt-to marked recipients
318 from the default list. */
320 /* fixme: err = ctrl->audit? 0 : start_audit_session (ctrl);*/
324 out_fd);
326 leave:
327 /* Release the recipient list on success. */
329 {
332 }
334 /* Close and reset the fds. */
342 }
345 \f
346 /* DECRYPT
348 This performs the decrypt operation. */
349 static gpg_error_t
351 {
353 gpg_error_t err;
367 /* Close and reset the fds. */
375 }
378 \f
379 /* VERIFY
381 This does a verify operation on the message send to the input-FD.
382 The result is written out using status lines. If an output FD was
383 given, the signed text will be written to that.
385 If the signature is a detached one, the server will inquire about
386 the signed material and the client must provide it.
387 */
388 static gpg_error_t
390 {
397 /* FIXME: Revamp this code it is nearly to 3 years old and was only
398 intended as a quick test. */
406 {
410 }
415 /* Need to dup it because it might get closed and libassuan won't
416 know about it then. */
420 out_fp);
431 }
434 \f
435 /* SIGN [--detached]
437 Sign the data set with the INPUT command and write it to the sink
438 set by OUTPUT. With "--detached" specified, a detached signature
439 is created. */
440 static gpg_error_t
442 {
446 }
449 \f
450 /* IMPORT
452 Import keys as read from the input-fd, return status message for
453 each imported one. The import checks the validity of the key. */
454 static gpg_error_t
456 {
460 }
463 \f
464 /* EXPORT [--data [--armor|--base64]] [--] pattern
466 Similar to the --export command line command, this command exports
467 public keys matching PATTERN. The output is send to the output fd
468 unless the --data option has been used in which case the output
469 gets send inline using regular data lines. The options "--armor"
470 and "--base" ospecify an output format if "--data" has been used.
471 Recall that in general the output format is set with the OUTPUT
472 command.
473 */
474 static gpg_error_t
476 {
480 }
483 \f
484 /* DELKEYS
486 Fixme
487 */
488 static gpg_error_t
490 {
494 }
497 \f
498 /* MESSAGE FD[=<n>]
500 Set the file descriptor to read a message which is used with
501 detached signatures. */
502 static gpg_error_t
504 {
506 gnupg_fd_t fd;
516 }
519 \f
520 /* LISTKEYS [<patterns>]
521 LISTSECRETKEYS [<patterns>]
523 fixme
524 */
525 static gpg_error_t
527 {
533 }
536 static gpg_error_t
538 {
540 }
543 static gpg_error_t
545 {
547 }
550 \f
551 /* GENKEY
553 Read the parameters in native format from the input fd and create a
554 new OpenPGP key.
555 */
556 static gpg_error_t
558 {
562 }
565 /* GETINFO <what>
567 Multipurpose function to return a variety of information.
568 Supported values for WHAT are:
570 version - Return the version of the program.
571 pid - Return the process id of the server.
573 */
574 static gpg_error_t
576 {
580 {
583 }
585 {
590 }
591 else
594 }
597 \f
598 /* Helper to register our commands with libassuan. */
599 static int
601 {
602 static struct
603 {
624 };
628 {
632 }
634 }
638 \f
639 /* Startup the server. CTRL must have been allocated by the caller
640 and set to the default values. */
641 int
643 {
650 /* We use a pipe based server so that we can work from scripts.
651 assuan_init_pipe_server will automagically detect when we are
652 called with a socketpair and ignore FILEDES in this case. */
657 {
661 }
665 {
668 }
672 {
676 }
680 {
691 hello);
693 {
696 }
697 }
698 else
707 {
710 }
718 {
721 {
724 }
726 {
729 }
733 {
736 }
737 }
739 leave:
741 {
746 }
749 }