search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix problem with incompatible gpg.conf files.
[gnupg.git] / sm / gpgsm.c
blob8a2a1c0b9f10c1af62e69185b9f2a5631638f208
1 /* gpgsm.c - GnuPG for S/MIME
2 * Copyright (C) 2001, 2002, 2003, 2004, 2005,
3 * 2006, 2007, 2008 Free Software Foundation, Inc.
4 *
5 * This file is part of GnuPG.
6 *
7 * GnuPG is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GnuPG is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include <config.h>
22 #include <errno.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <ctype.h>
27 #include <unistd.h>
28 #include <fcntl.h>
29 /*#include <mcheck.h>*/
30
31 #include "gpgsm.h"
32 #include <gcrypt.h>
33 #include <assuan.h> /* malloc hooks */
34
35 #include "../kbx/keybox.h" /* malloc hooks */
36 #include "i18n.h"
37 #include "keydb.h"
38 #include "sysutils.h"
39 #include "gc-opt-flags.h"
40
41
42 #ifndef O_BINARY
43 #define O_BINARY 0
44 #endif
45
46 enum cmd_and_opt_values {
47 aNull = 0,
48 oArmor = 'a',
49 aDetachedSign = 'b',
50 aSym = 'c',
51 aDecrypt = 'd',
52 aEncr = 'e',
53 aListKeys = 'k',
54 aListSecretKeys = 'K',
55 oDryRun = 'n',
56 oOutput = 'o',
57 oQuiet = 'q',
58 oRecipient = 'r',
59 aSign = 's',
60 oUser = 'u',
61 oVerbose = 'v',
62 oBatch = 500,
63 aClearsign,
64 aKeygen,
65 aSignEncr,
66 aDeleteKey,
67 aImport,
68 aVerify,
69 aVerifyFiles,
70 aListExternalKeys,
71 aListChain,
72 aSendKeys,
73 aRecvKeys,
74 aExport,
75 aExportSecretKeyP12,
76 aServer,
77 aLearnCard,
78 aCallDirmngr,
79 aCallProtectTool,
80 aPasswd,
81 aGPGConfList,
82 aGPGConfTest,
83 aDumpKeys,
84 aDumpChain,
85 aDumpSecretKeys,
86 aDumpExternalKeys,
87 aKeydbClearSomeCertFlags,
88 aFingerprint,
89
90 oOptions,
91 oDebug,
92 oDebugLevel,
93 oDebugAll,
94 oDebugNone,
95 oDebugWait,
96 oDebugAllowCoreDump,
97 oDebugNoChainValidation,
98 oDebugIgnoreExpiration,
99 oFixedPassphrase,
100 oLogFile,
101 oNoLogFile,
102 oAuditLog,
103
104 oEnableSpecialFilenames,
105
106 oAgentProgram,
107 oDisplay,
108 oTTYname,
109 oTTYtype,
110 oLCctype,
111 oLCmessages,
112 oXauthority,
113
114 oPreferSystemDirmngr,
115 oDirmngrProgram,
116 oDisableDirmngr,
117 oProtectToolProgram,
118 oFakedSystemTime,
119
120
121 oAssumeArmor,
122 oAssumeBase64,
123 oAssumeBinary,
124
125 oBase64,
126 oNoArmor,
127 oP12Charset,
128
129 oDisableCRLChecks,
130 oEnableCRLChecks,
131 oDisableTrustedCertCRLCheck,
132 oEnableTrustedCertCRLCheck,
133 oForceCRLRefresh,
134
135 oDisableOCSP,
136 oEnableOCSP,
137
138 oIncludeCerts,
139 oPolicyFile,
140 oDisablePolicyChecks,
141 oEnablePolicyChecks,
142 oAutoIssuerKeyRetrieve,
143
144 oWithFingerprint,
145 oWithMD5Fingerprint,
146 oAnswerYes,
147 oAnswerNo,
148 oKeyring,
149 oDefaultKey,
150 oDefRecipient,
151 oDefRecipientSelf,
152 oNoDefRecipient,
153 oStatusFD,
154 oCipherAlgo,
155 oDigestAlgo,
156 oExtraDigestAlgo,
157 oNoVerbose,
158 oNoSecmemWarn,
159 oNoDefKeyring,
160 oNoGreeting,
161 oNoTTY,
162 oNoOptions,
163 oNoBatch,
164 oHomedir,
165 oWithColons,
166 oWithKeyData,
167 oWithValidation,
168 oWithEphemeralKeys,
169 oSkipVerify,
170 oValidationModel,
171 oKeyServer,
172 oEncryptTo,
173 oNoEncryptTo,
174 oLoggerFD,
175 oDisableCipherAlgo,
176 oDisablePubkeyAlgo,
177 oIgnoreTimeConflict,
178 oNoRandomSeedFile,
179 oNoCommonCertsImport
180 };
181
182
183 static ARGPARSE_OPTS opts[] = {
184
185 ARGPARSE_group (300, N_("@Commands:\n ")),
186
187 ARGPARSE_c (aSign, "sign", N_("make a signature")),
188 ARGPARSE_c (aClearsign, "clearsign", N_("make a clear text signature") ),
189 ARGPARSE_c (aDetachedSign, "detach-sign", N_("make a detached signature")),
190 ARGPARSE_c (aEncr, "encrypt", N_("encrypt data")),
191 ARGPARSE_c (aSym, "symmetric", N_("encryption only with symmetric cipher")),
192 ARGPARSE_c (aDecrypt, "decrypt", N_("decrypt data (default)")),
193 ARGPARSE_c (aVerify, "verify", N_("verify a signature")),
194 ARGPARSE_c (aVerifyFiles, "verify-files", "@"),
195 ARGPARSE_c (aListKeys, "list-keys", N_("list keys")),
196 ARGPARSE_c (aListExternalKeys, "list-external-keys",
197 N_("list external keys")),
198 ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
199 ARGPARSE_c (aListChain, "list-chain", N_("list certificate chain")),
200 ARGPARSE_c (aFingerprint, "fingerprint", N_("list keys and fingerprints")),
201 ARGPARSE_c (aKeygen, "gen-key", "@"),
202 ARGPARSE_c (aDeleteKey, "delete-keys",
203 N_("remove keys from the public keyring")),
204 ARGPARSE_c (aSendKeys, "send-keys", N_("export keys to a key server")),
205 ARGPARSE_c (aRecvKeys, "recv-keys", N_("import keys from a key server")),
206 ARGPARSE_c (aImport, "import", N_("import certificates")),
207 ARGPARSE_c (aExport, "export", N_("export certificates")),
208 ARGPARSE_c (aExportSecretKeyP12, "export-secret-key-p12", "@"),
209 ARGPARSE_c (aLearnCard, "learn-card", N_("register a smartcard")),
210 ARGPARSE_c (aServer, "server", N_("run in server mode")),
211 ARGPARSE_c (aCallDirmngr, "call-dirmngr",
212 N_("pass a command to the dirmngr")),
213 ARGPARSE_c (aCallProtectTool, "call-protect-tool",
214 N_("invoke gpg-protect-tool")),
215 ARGPARSE_c (aPasswd, "passwd", N_("change a passphrase")),
216 ARGPARSE_c (aGPGConfList, "gpgconf-list", "@"),
217 ARGPARSE_c (aGPGConfTest, "gpgconf-test", "@"),
218
219 ARGPARSE_c (aDumpKeys, "dump-cert", "@"),
220 ARGPARSE_c (aDumpKeys, "dump-keys", "@"),
221 ARGPARSE_c (aDumpChain, "dump-chain", "@"),
222 ARGPARSE_c (aDumpExternalKeys, "dump-external-keys", "@"),
223 ARGPARSE_c (aDumpSecretKeys, "dump-secret-keys", "@"),
224 ARGPARSE_c (aKeydbClearSomeCertFlags, "keydb-clear-some-cert-flags", "@"),
225
226 ARGPARSE_group (301, N_("@\nOptions:\n ")),
227
228 ARGPARSE_s_n (oArmor, "armor", N_("create ascii armored output")),
229 ARGPARSE_s_n (oArmor, "armour", "@"),
230 ARGPARSE_s_n (oBase64, "base64", N_("create base-64 encoded output")),
231
232 ARGPARSE_s_s (oP12Charset, "p12-charset", "@"),
233
234 ARGPARSE_s_n (oAssumeArmor, "assume-armor",
235 N_("assume input is in PEM format")),
236 ARGPARSE_s_n (oAssumeBase64, "assume-base64",
237 N_("assume input is in base-64 format")),
238 ARGPARSE_s_n (oAssumeBinary, "assume-binary",
239 N_("assume input is in binary format")),
240
241 ARGPARSE_s_s (oRecipient, "recipient", N_("|USER-ID|encrypt for USER-ID")),
242
243 ARGPARSE_s_n (oPreferSystemDirmngr,"prefer-system-dirmngr",
244 N_("use system's dirmngr if available")),
245
246 ARGPARSE_s_n (oDisableCRLChecks, "disable-crl-checks",
247 N_("never consult a CRL")),
248 ARGPARSE_s_n (oEnableCRLChecks, "enable-crl-checks", "@"),
249 ARGPARSE_s_n (oDisableTrustedCertCRLCheck,
250 "disable-trusted-cert-crl-check", "@"),
251 ARGPARSE_s_n (oEnableTrustedCertCRLCheck,
252 "enable-trusted-cert-crl-check", "@"),
253
254 ARGPARSE_s_n (oForceCRLRefresh, "force-crl-refresh", "@"),
255
256 ARGPARSE_s_n (oDisableOCSP, "disable-ocsp", "@"),
257 ARGPARSE_s_n (oEnableOCSP, "enable-ocsp", N_("check validity using OCSP")),
258
259 ARGPARSE_s_s (oValidationModel, "validation-model", "@"),
260
261 ARGPARSE_s_i (oIncludeCerts, "include-certs",
262 N_("|N|number of certificates to include") ),
263
264 ARGPARSE_s_s (oPolicyFile, "policy-file",
265 N_("|FILE|take policy information from FILE")),
266
267 ARGPARSE_s_n (oDisablePolicyChecks, "disable-policy-checks",
268 N_("do not check certificate policies")),
269 ARGPARSE_s_n (oEnablePolicyChecks, "enable-policy-checks", "@"),
270
271 ARGPARSE_s_n (oAutoIssuerKeyRetrieve, "auto-issuer-key-retrieve",
272 N_("fetch missing issuer certificates")),
273
274 ARGPARSE_s_s (oEncryptTo, "encrypt-to", "@"),
275 ARGPARSE_s_n (oNoEncryptTo, "no-encrypt-to", "@"),
276
277 ARGPARSE_s_s (oUser, "local-user",
278 N_("|USER-ID|use USER-ID to sign or decrypt")),
279
280 ARGPARSE_s_s (oOutput, "output", N_("|FILE|write output to FILE")),
281 ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
282 ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
283 ARGPARSE_s_n (oNoTTY, "no-tty", N_("don't use the terminal at all")),
284 ARGPARSE_s_s (oLogFile, "log-file",
285 N_("|FILE|write a server mode log to FILE")),
286 ARGPARSE_s_n (oNoLogFile, "no-log-file", "@"),
287 ARGPARSE_s_i (oLoggerFD, "logger-fd", "@"),
288
289 ARGPARSE_s_s (oAuditLog, "audit-log",
290 N_("|FILE|write an audit log to FILE")),
291 ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
292 ARGPARSE_s_n (oBatch, "batch", N_("batch mode: never ask")),
293 ARGPARSE_s_n (oAnswerYes, "yes", N_("assume yes on most questions")),
294 ARGPARSE_s_n (oAnswerNo, "no", N_("assume no on most questions")),
295
296 ARGPARSE_s_s (oKeyring, "keyring",
297 N_("|FILE|add keyring to the list of keyrings")),
298
299 ARGPARSE_s_s (oDefaultKey, "default-key",
300 N_("|USER-ID|use USER-ID as default secret key")),
301
302 /* Not yet used: */
303 /* ARGPARSE_s_s (oDefRecipient, "default-recipient", */
304 /* N_("|NAME|use NAME as default recipient")), */
305 /* ARGPARSE_s_n (oDefRecipientSelf, "default-recipient-self", */
306 /* N_("use the default key as default recipient")), */
307 /* ARGPARSE_s_n (oNoDefRecipient, "no-default-recipient", "@"), */
308
309 ARGPARSE_s_s (oKeyServer, "keyserver",
310 N_("|SPEC|use this keyserver to lookup keys")),
311 ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
312
313 ARGPARSE_p_u (oDebug, "debug", "@"),
314 ARGPARSE_s_s (oDebugLevel, "debug-level",
315 N_("|LEVEL|set the debugging level to LEVEL")),
316 ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
317 ARGPARSE_s_n (oDebugNone, "debug-none", "@"),
318 ARGPARSE_s_i (oDebugWait, "debug-wait", "@"),
319 ARGPARSE_s_n (oDebugAllowCoreDump, "debug-allow-core-dump", "@"),
320 ARGPARSE_s_n (oDebugNoChainValidation, "debug-no-chain-validation", "@"),
321 ARGPARSE_s_n (oDebugIgnoreExpiration, "debug-ignore-expiration", "@"),
322 ARGPARSE_s_s (oFixedPassphrase, "fixed-passphrase", "@"),
323
324 ARGPARSE_s_i (oStatusFD, "status-fd",
325 N_("|FD|write status info to this FD")),
326
327 ARGPARSE_s_s (oCipherAlgo, "cipher-algo",
328 N_("|NAME|use cipher algorithm NAME")),
329 ARGPARSE_s_s (oDigestAlgo, "digest-algo",
330 N_("|NAME|use message digest algorithm NAME")),
331 ARGPARSE_s_s (oExtraDigestAlgo, "extra-digest-algo", "@"),
332
333
334 ARGPARSE_group (302, N_(
335 "@\n(See the man page for a complete listing of all commands and options)\n"
336 )),
337
338 ARGPARSE_group (303, N_("@\nExamples:\n\n"
339 " -se -r Bob [file] sign and encrypt for user Bob\n"
340 " --clearsign [file] make a clear text signature\n"
341 " --detach-sign [file] make a detached signature\n"
342 " --list-keys [names] show keys\n"
343 " --fingerprint [names] show fingerprints\n" )),
344
345 /* Hidden options. */
346 ARGPARSE_s_n (oNoVerbose, "no-verbose", "@"),
347 ARGPARSE_s_n (oEnableSpecialFilenames, "enable-special-filenames", "@"),
348 ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
349 ARGPARSE_s_n (oNoArmor, "no-armor", "@"),
350 ARGPARSE_s_n (oNoArmor, "no-armour", "@"),
351 ARGPARSE_s_n (oNoDefKeyring, "no-default-keyring", "@"),
352 ARGPARSE_s_n (oNoGreeting, "no-greeting", "@"),
353 ARGPARSE_s_n (oNoOptions, "no-options", "@"),
354 ARGPARSE_s_s (oHomedir, "homedir", "@"),
355 ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
356 ARGPARSE_s_s (oDisplay, "display", "@"),
357 ARGPARSE_s_s (oTTYname, "ttyname", "@"),
358 ARGPARSE_s_s (oTTYtype, "ttytype", "@"),
359 ARGPARSE_s_s (oLCctype, "lc-ctype", "@"),
360 ARGPARSE_s_s (oLCmessages, "lc-messages", "@"),
361 ARGPARSE_s_s (oXauthority, "xauthority", "@"),
362 ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"),
363 ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr", "@"),
364 ARGPARSE_s_s (oProtectToolProgram, "protect-tool-program", "@"),
365 ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
366 ARGPARSE_s_n (oNoBatch, "no-batch", "@"),
367 ARGPARSE_s_n (oWithColons, "with-colons", "@"),
368 ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"),
369 ARGPARSE_s_n (oWithValidation, "with-validation", "@"),
370 ARGPARSE_s_n (oWithMD5Fingerprint, "with-md5-fingerprint", "@"),
371 ARGPARSE_s_n (oWithEphemeralKeys, "with-ephemeral-keys", "@"),
372 ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"),
373 ARGPARSE_s_n (oWithFingerprint, "with-fingerprint", "@"),
374 ARGPARSE_s_s (oDisableCipherAlgo, "disable-cipher-algo", "@"),
375 ARGPARSE_s_s (oDisablePubkeyAlgo, "disable-pubkey-algo", "@"),
376 ARGPARSE_s_n (oIgnoreTimeConflict, "ignore-time-conflict", "@"),
377 ARGPARSE_s_n (oNoRandomSeedFile, "no-random-seed-file", "@"),
378 ARGPARSE_s_n (oNoCommonCertsImport, "no-common-certs-import", "@"),
379
380 /* Command aliases. */
381 ARGPARSE_c (aListKeys, "list-key", "@"),
382 ARGPARSE_c (aListChain, "list-sig", "@"),
383 ARGPARSE_c (aListChain, "list-sigs", "@"),
384 ARGPARSE_c (aListChain, "check-sig", "@"),
385 ARGPARSE_c (aListChain, "check-sigs", "@"),
386 ARGPARSE_c (aDeleteKey, "delete-key", "@"),
387
388 ARGPARSE_end ()
389 };
390
391
392
393
394 /* Global variable to keep an error count. */
395 int gpgsm_errors_seen = 0;
396
397 /* It is possible that we are currentlu running under setuid permissions */
398 static int maybe_setuid = 1;
399
400 /* Helper to implement --debug-level and --debug*/
401 static const char *debug_level;
402 static unsigned int debug_value;
403
404 /* Option --enable-special-filenames */
405 static int allow_special_filenames;
406
407 /* Default value for include-certs. */
408 static int default_include_certs = 1; /* Only include the signer's cert. */
409
410 /* Whether the chain mode shall be used for validation. */
411 static int default_validation_model;
412
413
414 static char *build_list (const char *text,
415 const char *(*mapf)(int), int (*chkf)(int));
416 static void set_cmd (enum cmd_and_opt_values *ret_cmd,
417 enum cmd_and_opt_values new_cmd );
418
419 static void emergency_cleanup (void);
420 static int check_special_filename (const char *fname, int for_write);
421 static int open_read (const char *filename);
422 static FILE *open_fwrite (const char *filename);
423 static estream_t open_es_fwrite (const char *filename);
424 static void run_protect_tool (int argc, char **argv);
425
426 static int
427 our_pk_test_algo (int algo)
428 {
429 switch (algo)
430 {
431 case GCRY_PK_RSA:
432 case GCRY_PK_ECDSA:
433 return gcry_pk_test_algo (algo);
434 default:
435 return 1;
436 }
437 }
438
439 static int
440 our_cipher_test_algo (int algo)
441 {
442 switch (algo)
443 {
444 case GCRY_CIPHER_3DES:
445 case GCRY_CIPHER_AES128:
446 case GCRY_CIPHER_AES192:
447 case GCRY_CIPHER_AES256:
448 case GCRY_CIPHER_SERPENT128:
449 case GCRY_CIPHER_SERPENT192:
450 case GCRY_CIPHER_SERPENT256:
451 case GCRY_CIPHER_SEED:
452 case GCRY_CIPHER_CAMELLIA128:
453 case GCRY_CIPHER_CAMELLIA192:
454 case GCRY_CIPHER_CAMELLIA256:
455 return gcry_cipher_test_algo (algo);
456 default:
457 return 1;
458 }
459 }
460
461
462 static int
463 our_md_test_algo (int algo)
464 {
465 switch (algo)
466 {
467 case GCRY_MD_MD5:
468 case GCRY_MD_SHA1:
469 case GCRY_MD_RMD160:
470 case GCRY_MD_SHA224:
471 case GCRY_MD_SHA256:
472 case GCRY_MD_SHA384:
473 case GCRY_MD_SHA512:
474 case GCRY_MD_WHIRLPOOL:
475 return gcry_md_test_algo (algo);
476 default:
477 return 1;
478 }
479 }
480
481
482 static char *
483 make_libversion (const char *libname, const char *(*getfnc)(const char*))
484 {
485 const char *s;
486 char *result;
487
488 if (maybe_setuid)
489 {
490 gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
491 maybe_setuid = 0;
492 }
493 s = getfnc (NULL);
494 result = xmalloc (strlen (libname) + 1 + strlen (s) + 1);
495 strcpy (stpcpy (stpcpy (result, libname), " "), s);
496 return result;
497 }
498
499
500 static const char *
501 my_strusage( int level )
502 {
503 static char *digests, *pubkeys, *ciphers;
504 static char *ver_gcry, *ver_ksba;
505 const char *p;
506
507 switch (level)
508 {
509 case 11: p = "gpgsm (GnuPG)";
510 break;
511 case 13: p = VERSION; break;
512 case 17: p = PRINTABLE_OS_NAME; break;
513 case 19: p = _("Please report bugs to <" PACKAGE_BUGREPORT ">.\n");
514 break;
515 case 1:
516 case 40: p = _("Usage: gpgsm [options] [files] (-h for help)");
517 break;
518 case 41:
519 p = _("Syntax: gpgsm [options] [files]\n"
520 "sign, check, encrypt or decrypt using the S/MIME protocol\n"
521 "default operation depends on the input data\n");
522 break;
523
524 case 20:
525 if (!ver_gcry)
526 ver_gcry = make_libversion ("libgcrypt", gcry_check_version);
527 p = ver_gcry;
528 break;
529 case 21:
530 if (!ver_ksba)
531 ver_ksba = make_libversion ("libksba", ksba_check_version);
532 p = ver_ksba;
533 break;
534
535 case 31: p = "\nHome: "; break;
536 case 32: p = opt.homedir; break;
537 case 33: p = _("\nSupported algorithms:\n"); break;
538 case 34:
539 if (!ciphers)
540 ciphers = build_list ("Cipher: ", gcry_cipher_algo_name,
541 our_cipher_test_algo );
542 p = ciphers;
543 break;
544 case 35:
545 if (!pubkeys)
546 pubkeys = build_list ("Pubkey: ", gcry_pk_algo_name,
547 our_pk_test_algo );
548 p = pubkeys;
549 break;
550 case 36:
551 if (!digests)
552 digests = build_list("Hash: ", gcry_md_algo_name, our_md_test_algo );
553 p = digests;
554 break;
555
556 default: p = NULL; break;
557 }
558 return p;
559 }
560
561
562 static char *
563 build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
564 {
565 int i;
566 size_t n=strlen(text)+2;
567 char *list, *p;
568
569 if (maybe_setuid) {
570 gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
571 }
572
573 for (i=1; i < 400; i++ )
574 if (!chkf(i))
575 n += strlen(mapf(i)) + 2;
576 list = xmalloc (21 + n);
577 *list = 0;
578 for (p=NULL, i=1; i < 400; i++)
579 {
580 if (!chkf(i))
581 {
582 if( !p )
583 p = stpcpy (list, text );
584 else
585 p = stpcpy (p, ", ");
586 p = stpcpy (p, mapf(i) );
587 }
588 }
589 if (p)
590 p = stpcpy(p, "\n" );
591 return list;
592 }
593
594
595 /* Set the file pointer into binary mode if required. */
596 static void
597 set_binary (FILE *fp)
598 {
599 #ifdef HAVE_DOSISH_SYSTEM
600 setmode (fileno (fp), O_BINARY);
601 #else
602 (void)fp;
603 #endif
604 }
605
606
607
608 static void
609 wrong_args (const char *text)
610 {
611 fputs (_("usage: gpgsm [options] "), stderr);
612 fputs (text, stderr);
613 putc ('\n', stderr);
614 gpgsm_exit (2);
615 }
616
617
618 /* Setup the debugging. With a DEBUG_LEVEL of NULL only the active
619 debug flags are propagated to the subsystems. With DEBUG_LEVEL
620 set, a specific set of debug flags is set; and individual debugging
621 flags will be added on top. */
622 static void
623 set_debug (void)
624 {
625 if (!debug_level)
626 ;
627 else if (!strcmp (debug_level, "none"))
628 opt.debug = 0;
629 else if (!strcmp (debug_level, "basic"))
630 opt.debug = DBG_ASSUAN_VALUE;
631 else if (!strcmp (debug_level, "advanced"))
632 opt.debug = DBG_ASSUAN_VALUE|DBG_X509_VALUE;
633 else if (!strcmp (debug_level, "expert"))
634 opt.debug = (DBG_ASSUAN_VALUE|DBG_X509_VALUE
635 |DBG_CACHE_VALUE|DBG_CRYPTO_VALUE);
636 else if (!strcmp (debug_level, "guru"))
637 opt.debug = ~0;
638 else
639 {
640 log_error (_("invalid debug-level `%s' given\n"), debug_level);
641 gpgsm_exit(2);
642 }
643
644 opt.debug |= debug_value;
645
646 if (opt.debug && !opt.verbose)
647 opt.verbose = 1;
648 if (opt.debug)
649 opt.quiet = 0;
650
651 if (opt.debug & DBG_MPI_VALUE)
652 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 2);
653 if (opt.debug & DBG_CRYPTO_VALUE )
654 gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1);
655 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
656 }
657
658
659
660 static void
661 set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
662 {
663 enum cmd_and_opt_values cmd = *ret_cmd;
664
665 if (!cmd || cmd == new_cmd)
666 cmd = new_cmd;
667 else if ( cmd == aSign && new_cmd == aEncr )
668 cmd = aSignEncr;
669 else if ( cmd == aEncr && new_cmd == aSign )
670 cmd = aSignEncr;
671 else if ( (cmd == aSign && new_cmd == aClearsign)
672 || (cmd == aClearsign && new_cmd == aSign) )
673 cmd = aClearsign;
674 else
675 {
676 log_error(_("conflicting commands\n"));
677 gpgsm_exit(2);
678 }
679
680 *ret_cmd = cmd;
681 }
682
683
684 /* Helper to add recipients to a list. */
685 static void
686 do_add_recipient (ctrl_t ctrl, const char *name,
687 certlist_t *recplist, int is_encrypt_to, int recp_required)
688 {
689 int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to);
690 if (rc)
691 {
692 if (recp_required)
693 {
694 log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc));
695 gpgsm_status2 (ctrl, STATUS_INV_RECP,
696 gpg_err_code (rc) == -1? "1":
697 gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
698 gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
699 gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
700 gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
701 gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
702 gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
703 gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
704 gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
705 "0",
706 name, NULL);
707 }
708 else
709 log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"),
710 name, gpg_strerror (rc));
711 }
712 }
713
714
715 static void
716 parse_validation_model (const char *model)
717 {
718 int i = gpgsm_parse_validation_model (model);
719 if (i == -1)
720 log_error (_("unknown validation model `%s'\n"), model);
721 else
722 default_validation_model = i;
723 }
724
725
726 /* Release the list of SERVERS. As usual it is okay to call this
727 function with SERVERS passed as NULL. */
728 void
729 keyserver_list_free (struct keyserver_spec *servers)
730 {
731 while (servers)
732 {
733 struct keyserver_spec *tmp = servers->next;
734 xfree (servers->host);
735 xfree (servers->user);
736 if (servers->pass)
737 memset (servers->pass, 0, strlen (servers->pass));
738 xfree (servers->pass);
739 xfree (servers->base);
740 xfree (servers);
741 servers = tmp;
742 }
743 }
744
745 /* See also dirmngr ldapserver_parse_one(). */
746 struct keyserver_spec *
747 parse_keyserver_line (char *line,
748 const char *filename, unsigned int lineno)
749 {
750 char *p;
751 char *endp;
752 struct keyserver_spec *server;
753 int fieldno;
754 int fail = 0;
755
756 /* Parse the colon separated fields. */
757 server = xcalloc (1, sizeof *server);
758 for (fieldno = 1, p = line; p; p = endp, fieldno++ )
759 {
760 endp = strchr (p, ':');
761 if (endp)
762 *endp++ = '\0';
763 trim_spaces (p);
764 switch (fieldno)
765 {
766 case 1:
767 if (*p)
768 server->host = xstrdup (p);
769 else
770 {
771 log_error (_("%s:%u: no hostname given\n"),
772 filename, lineno);
773 fail = 1;
774 }
775 break;
776
777 case 2:
778 if (*p)
779 server->port = atoi (p);
780 break;
781
782 case 3:
783 if (*p)
784 server->user = xstrdup (p);
785 break;
786
787 case 4:
788 if (*p && !server->user)
789 {
790 log_error (_("%s:%u: password given without user\n"),
791 filename, lineno);
792 fail = 1;
793 }
794 else if (*p)
795 server->pass = xstrdup (p);
796 break;
797
798 case 5:
799 if (*p)
800 server->base = xstrdup (p);
801 break;
802
803 default:
804 /* (We silently ignore extra fields.) */
805 break;
806 }
807 }
808
809 if (fail)
810 {
811 log_info (_("%s:%u: skipping this line\n"), filename, lineno);
812 keyserver_list_free (server);
813 }
814
815 return server;
816 }
817
818
819 int
820 main ( int argc, char **argv)
821 {
822 ARGPARSE_ARGS pargs;
823 int orig_argc;
824 char **orig_argv;
825 const char *fname;
826 /* char *username;*/
827 int may_coredump;
828 strlist_t sl, remusr= NULL, locusr=NULL;
829 strlist_t nrings=NULL;
830 int detached_sig = 0;
831 FILE *configfp = NULL;
832 char *configname = NULL;
833 unsigned configlineno;
834 int parse_debug = 0;
835 int no_more_options = 0;
836 int default_config =1;
837 int default_keyring = 1;
838 char *logfile = NULL;
839 char *auditlog = NULL;
840 int greeting = 0;
841 int nogreeting = 0;
842 int debug_wait = 0;
843 int use_random_seed = 1;
844 int no_common_certs_import = 0;
845 int with_fpr = 0;
846 const char *forced_digest_algo = NULL;
847 const char *extra_digest_algo = NULL;
848 enum cmd_and_opt_values cmd = 0;
849 struct server_control_s ctrl;
850 certlist_t recplist = NULL;
851 certlist_t signerlist = NULL;
852 int do_not_setup_keys = 0;
853 int recp_required = 0;
854 estream_t auditfp = NULL;
855
856 /*mtrace();*/
857
858 gnupg_reopen_std ("gpgsm");
859 /* trap_unaligned ();*/
860 gnupg_rl_initialize ();
861 set_strusage (my_strusage);
862 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
863 /* We don't need any locking in libgcrypt unless we use any kind of
864 threading. */
865 gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING);
866
867 /* Please note that we may running SUID(ROOT), so be very CAREFUL
868 when adding any stuff between here and the call to secmem_init()
869 somewhere after the option parsing */
870 log_set_prefix ("gpgsm", 1);
871
872 /* Make sure that our subsystems are ready. */
873 i18n_init();
874 init_common_subsystems ();
875
876 /* Check that the libraries are suitable. Do it here because the
877 option parse may need services of the library */
878 if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
879 log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
880 NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) );
881 if (!ksba_check_version (NEED_KSBA_VERSION) )
882 log_fatal (_("%s is too old (need %s, have %s)\n"), "libksba",
883 NEED_KSBA_VERSION, ksba_check_version (NULL) );
884
885
886 gcry_control (GCRYCTL_USE_SECURE_RNDPOOL);
887
888 may_coredump = disable_core_dumps ();
889
890 gnupg_init_signals (0, emergency_cleanup);
891
892 create_dotlock (NULL); /* register locking cleanup */
893
894 /* Note: If you change this default cipher algorithm , please
895 remember to update the Gpgconflist entry as well. */
896 opt.def_cipher_algoid = "3DES"; /*des-EDE3-CBC*/
897
898 opt.homedir = default_homedir ();
899
900 /* First check whether we have a config file on the commandline */
901 orig_argc = argc;
902 orig_argv = argv;
903 pargs.argc = &argc;
904 pargs.argv = &argv;
905 pargs.flags= 1|(1<<6); /* do not remove the args, ignore version */
906 while (arg_parse( &pargs, opts))
907 {
908 if (pargs.r_opt == oDebug || pargs.r_opt == oDebugAll)
909 parse_debug++;
910 else if (pargs.r_opt == oOptions)
911 { /* yes there is one, so we do not try the default one but
912 read the config file when it is encountered at the
913 commandline */
914 default_config = 0;
915 }
916 else if (pargs.r_opt == oNoOptions)
917 default_config = 0; /* --no-options */
918 else if (pargs.r_opt == oHomedir)
919 opt.homedir = pargs.r.ret_str;
920 else if (pargs.r_opt == aCallProtectTool)
921 break; /* This break makes sure that --version and --help are
922 passed to the protect-tool. */
923 }
924
925
926 /* Initialize the secure memory. */
927 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
928 maybe_setuid = 0;
929
930 /*
931 Now we are now working under our real uid
932 */
933
934 ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free );
935
936 assuan_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
937 assuan_set_assuan_log_stream (log_get_stream ());
938 assuan_set_assuan_log_prefix (log_get_prefix (NULL));
939 assuan_set_assuan_err_source (GPG_ERR_SOURCE_DEFAULT);
940
941 keybox_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free);
942
943 /* Setup a default control structure for command line mode */
944 memset (&ctrl, 0, sizeof ctrl);
945 gpgsm_init_default_ctrl (&ctrl);
946 ctrl.no_server = 1;
947 ctrl.status_fd = -1; /* not status output */
948 ctrl.autodetect_encoding = 1;
949
950 /* Set the default option file */
951 if (default_config )
952 configname = make_filename (opt.homedir, "gpgsm.conf", NULL);
953 /* Set the default policy file */
954 opt.policy_file = make_filename (opt.homedir, "policies.txt", NULL);
955
956 argc = orig_argc;
957 argv = orig_argv;
958 pargs.argc = &argc;
959 pargs.argv = &argv;
960 pargs.flags = 1; /* do not remove the args */
961
962 next_pass:
963 if (configname) {
964 configlineno = 0;
965 configfp = fopen (configname, "r");
966 if (!configfp)
967 {
968 if (default_config)
969 {
970 if (parse_debug)
971 log_info (_("NOTE: no default option file `%s'\n"), configname);
972 }
973 else
974 {
975 log_error (_("option file `%s': %s\n"), configname, strerror(errno));
976 gpgsm_exit(2);
977 }
978 xfree(configname);
979 configname = NULL;
980 }
981 if (parse_debug && configname)
982 log_info (_("reading options from `%s'\n"), configname);
983 default_config = 0;
984 }
985
986 while (!no_more_options
987 && optfile_parse (configfp, configname, &configlineno, &pargs, opts))
988 {
989 switch (pargs.r_opt)
990 {
991 case aGPGConfList:
992 case aGPGConfTest:
993 set_cmd (&cmd, pargs.r_opt);
994 do_not_setup_keys = 1;
995 nogreeting = 1;
996 break;
997
998 case aServer:
999 opt.batch = 1;
1000 set_cmd (&cmd, aServer);
1001 break;
1002
1003 case aCallDirmngr:
1004 opt.batch = 1;
1005 set_cmd (&cmd, aCallDirmngr);
1006 do_not_setup_keys = 1;
1007 break;
1008
1009 case aCallProtectTool:
1010 opt.batch = 1;
1011 set_cmd (&cmd, aCallProtectTool);
1012 no_more_options = 1; /* Stop parsing. */
1013 do_not_setup_keys = 1;
1014 break;
1015
1016 case aDeleteKey:
1017 set_cmd (&cmd, aDeleteKey);
1018 /*greeting=1;*/
1019 do_not_setup_keys = 1;
1020 break;
1021
1022 case aDetachedSign:
1023 detached_sig = 1;
1024 set_cmd (&cmd, aSign );
1025 break;
1026
1027 case aKeygen:
1028 set_cmd (&cmd, aKeygen);
1029 greeting=1;
1030 do_not_setup_keys = 1;
1031 break;
1032
1033 case aImport:
1034 case aSendKeys:
1035 case aRecvKeys:
1036 case aExport:
1037 case aExportSecretKeyP12:
1038 case aDumpKeys:
1039 case aDumpChain:
1040 case aDumpExternalKeys:
1041 case aDumpSecretKeys:
1042 case aListKeys:
1043 case aListExternalKeys:
1044 case aListSecretKeys:
1045 case aListChain:
1046 case aLearnCard:
1047 case aPasswd:
1048 case aKeydbClearSomeCertFlags:
1049 do_not_setup_keys = 1;
1050 set_cmd (&cmd, pargs.r_opt);
1051 break;
1052
1053 case aEncr:
1054 recp_required = 1;
1055 set_cmd (&cmd, pargs.r_opt);
1056 break;
1057
1058 case aSym:
1059 case aDecrypt:
1060 case aSign:
1061 case aClearsign:
1062 case aVerify:
1063 set_cmd (&cmd, pargs.r_opt);
1064 break;
1065
1066 /* Output encoding selection. */
1067 case oArmor:
1068 ctrl.create_pem = 1;
1069 break;
1070 case oBase64:
1071 ctrl.create_pem = 0;
1072 ctrl.create_base64 = 1;
1073 break;
1074 case oNoArmor:
1075 ctrl.create_pem = 0;
1076 ctrl.create_base64 = 0;
1077 break;
1078
1079 case oP12Charset:
1080 opt.p12_charset = pargs.r.ret_str;
1081 break;
1082
1083 /* Input encoding selection. */
1084 case oAssumeArmor:
1085 ctrl.autodetect_encoding = 0;
1086 ctrl.is_pem = 1;
1087 ctrl.is_base64 = 0;
1088 break;
1089 case oAssumeBase64:
1090 ctrl.autodetect_encoding = 0;
1091 ctrl.is_pem = 0;
1092 ctrl.is_base64 = 1;
1093 break;
1094 case oAssumeBinary:
1095 ctrl.autodetect_encoding = 0;
1096 ctrl.is_pem = 0;
1097 ctrl.is_base64 = 0;
1098 break;
1099
1100 case oDisableCRLChecks:
1101 opt.no_crl_check = 1;
1102 break;
1103 case oEnableCRLChecks:
1104 opt.no_crl_check = 0;
1105 break;
1106 case oDisableTrustedCertCRLCheck:
1107 opt.no_trusted_cert_crl_check = 1;
1108 break;
1109 case oEnableTrustedCertCRLCheck:
1110 opt.no_trusted_cert_crl_check = 0;
1111 break;
1112 case oForceCRLRefresh:
1113 opt.force_crl_refresh = 1;
1114 break;
1115
1116 case oDisableOCSP:
1117 ctrl.use_ocsp = opt.enable_ocsp = 0;
1118 break;
1119 case oEnableOCSP:
1120 ctrl.use_ocsp = opt.enable_ocsp = 1;
1121 break;
1122
1123 case oIncludeCerts:
1124 ctrl.include_certs = default_include_certs = pargs.r.ret_int;
1125 break;
1126
1127 case oPolicyFile:
1128 xfree (opt.policy_file);
1129 if (*pargs.r.ret_str)
1130 opt.policy_file = xstrdup (pargs.r.ret_str);
1131 else
1132 opt.policy_file = NULL;
1133 break;
1134
1135 case oDisablePolicyChecks:
1136 opt.no_policy_check = 1;
1137 break;
1138 case oEnablePolicyChecks:
1139 opt.no_policy_check = 0;
1140 break;
1141
1142 case oAutoIssuerKeyRetrieve:
1143 opt.auto_issuer_key_retrieve = 1;
1144 break;
1145
1146 case oOutput: opt.outfile = pargs.r.ret_str; break;
1147
1148
1149 case oQuiet: opt.quiet = 1; break;
1150 case oNoTTY: /* fixme:tty_no_terminal(1);*/ break;
1151 case oDryRun: opt.dry_run = 1; break;
1152
1153 case oVerbose:
1154 opt.verbose++;
1155 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
1156 break;
1157 case oNoVerbose:
1158 opt.verbose = 0;
1159 gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
1160 break;
1161
1162 case oLogFile: logfile = pargs.r.ret_str; break;
1163 case oNoLogFile: logfile = NULL; break;
1164
1165 case oAuditLog: auditlog = pargs.r.ret_str; break;
1166
1167 case oBatch:
1168 opt.batch = 1;
1169 greeting = 0;
1170 break;
1171 case oNoBatch: opt.batch = 0; break;
1172
1173 case oAnswerYes: opt.answer_yes = 1; break;
1174 case oAnswerNo: opt.answer_no = 1; break;
1175
1176 case oKeyring: append_to_strlist (&nrings, pargs.r.ret_str); break;
1177
1178 case oDebug: debug_value |= pargs.r.ret_ulong; break;
1179 case oDebugAll: debug_value = ~0; break;
1180 case oDebugNone: debug_value = 0; break;
1181 case oDebugLevel: debug_level = pargs.r.ret_str; break;
1182 case oDebugWait: debug_wait = pargs.r.ret_int; break;
1183 case oDebugAllowCoreDump:
1184 may_coredump = enable_core_dumps ();
1185 break;
1186 case oDebugNoChainValidation: opt.no_chain_validation = 1; break;
1187 case oDebugIgnoreExpiration: opt.ignore_expiration = 1; break;
1188 case oFixedPassphrase: opt.fixed_passphrase = pargs.r.ret_str; break;
1189
1190 case oStatusFD: ctrl.status_fd = pargs.r.ret_int; break;
1191 case oLoggerFD: log_set_fd (pargs.r.ret_int ); break;
1192 case oWithMD5Fingerprint:
1193 opt.with_md5_fingerprint=1; /*fall thru*/
1194 case oWithFingerprint:
1195 with_fpr=1; /*fall thru*/
1196 case aFingerprint:
1197 opt.fingerprint++;
1198 break;
1199
1200 case oOptions:
1201 /* config files may not be nested (silently ignore them) */
1202 if (!configfp)
1203 {
1204 xfree(configname);
1205 configname = xstrdup (pargs.r.ret_str);
1206 goto next_pass;
1207 }
1208 break;
1209 case oNoOptions: break; /* no-options */
1210 case oHomedir: opt.homedir = pargs.r.ret_str; break;
1211 case oAgentProgram: opt.agent_program = pargs.r.ret_str; break;
1212 case oDisplay: opt.display = xstrdup (pargs.r.ret_str); break;
1213 case oTTYname: opt.ttyname = xstrdup (pargs.r.ret_str); break;
1214 case oTTYtype: opt.ttytype = xstrdup (pargs.r.ret_str); break;
1215 case oLCctype: opt.lc_ctype = xstrdup (pargs.r.ret_str); break;
1216 case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break;
1217 case oXauthority: opt.xauthority = xstrdup (pargs.r.ret_str); break;
1218 case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break;
1219 case oDisableDirmngr: opt.disable_dirmngr = 1; break;
1220 case oPreferSystemDirmngr: opt.prefer_system_dirmngr = 1; break;
1221 case oProtectToolProgram:
1222 opt.protect_tool_program = pargs.r.ret_str;
1223 break;
1224
1225 case oFakedSystemTime:
1226 {
1227 time_t faked_time = isotime2epoch (pargs.r.ret_str);
1228 if (faked_time == (time_t)(-1))
1229 faked_time = (time_t)strtoul (pargs.r.ret_str, NULL, 10);
1230 gnupg_set_time (faked_time, 0);
1231 }
1232 break;
1233
1234 case oNoDefKeyring: default_keyring = 0; break;
1235 case oNoGreeting: nogreeting = 1; break;
1236
1237 case oDefaultKey:
1238 if (*pargs.r.ret_str)
1239 {
1240 xfree (opt.local_user);
1241 opt.local_user = xstrdup (pargs.r.ret_str);
1242 }
1243 break;
1244 case oDefRecipient:
1245 if (*pargs.r.ret_str)
1246 opt.def_recipient = xstrdup (pargs.r.ret_str);
1247 break;
1248 case oDefRecipientSelf:
1249 xfree (opt.def_recipient);
1250 opt.def_recipient = NULL;
1251 opt.def_recipient_self = 1;
1252 break;
1253 case oNoDefRecipient:
1254 xfree (opt.def_recipient);
1255 opt.def_recipient = NULL;
1256 opt.def_recipient_self = 0;
1257 break;
1258
1259 case oWithKeyData: opt.with_key_data=1; /* fall thru */
1260 case oWithColons: ctrl.with_colons = 1; break;
1261 case oWithValidation: ctrl.with_validation=1; break;
1262 case oWithEphemeralKeys: ctrl.with_ephemeral_keys=1; break;
1263
1264 case oSkipVerify: opt.skip_verify=1; break;
1265
1266 case oNoEncryptTo: opt.no_encrypt_to = 1; break;
1267 case oEncryptTo: /* Store the recipient in the second list */
1268 sl = add_to_strlist (&remusr, pargs.r.ret_str);
1269 sl->flags = 1;
1270 break;
1271
1272 case oRecipient: /* store the recipient */
1273 add_to_strlist ( &remusr, pargs.r.ret_str);
1274 break;
1275
1276 case oUser: /* Store the local users, the first one is the default */
1277 if (!opt.local_user)
1278 opt.local_user = xstrdup (pargs.r.ret_str);
1279 add_to_strlist (&locusr, pargs.r.ret_str);
1280 break;
1281
1282 case oNoSecmemWarn:
1283 gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
1284 break;
1285
1286 case oCipherAlgo:
1287 opt.def_cipher_algoid = pargs.r.ret_str;
1288 break;
1289
1290 case oDisableCipherAlgo:
1291 {
1292 int algo = gcry_cipher_map_name (pargs.r.ret_str);
1293 gcry_cipher_ctl (NULL, GCRYCTL_DISABLE_ALGO, &algo, sizeof algo);
1294 }
1295 break;
1296 case oDisablePubkeyAlgo:
1297 {
1298 int algo = gcry_pk_map_name (pargs.r.ret_str);
1299 gcry_pk_ctl (GCRYCTL_DISABLE_ALGO,&algo, sizeof algo );
1300 }
1301 break;
1302
1303 case oDigestAlgo:
1304 forced_digest_algo = pargs.r.ret_str;
1305 break;
1306
1307 case oExtraDigestAlgo:
1308 extra_digest_algo = pargs.r.ret_str;
1309 break;
1310
1311 case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
1312 case oNoRandomSeedFile: use_random_seed = 0; break;
1313 case oNoCommonCertsImport: no_common_certs_import = 1; break;
1314
1315 case oEnableSpecialFilenames: allow_special_filenames =1; break;
1316
1317 case oValidationModel: parse_validation_model (pargs.r.ret_str); break;
1318
1319 case oKeyServer:
1320 {
1321 struct keyserver_spec *keyserver;
1322 keyserver = parse_keyserver_line (pargs.r.ret_str,
1323 configname, configlineno);
1324 if (! keyserver)
1325 log_error (_("could not parse keyserver\n"));
1326 else
1327 {
1328 /* FIXME: Keep last next pointer. */
1329 struct keyserver_spec **next_p = &opt.keyserver;
1330 while (*next_p)
1331 next_p = &(*next_p)->next;
1332 *next_p = keyserver;
1333 }
1334 }
1335 break;
1336
1337 default:
1338 pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
1339 break;
1340 }
1341 }
1342
1343 if (configfp)
1344 {
1345 fclose (configfp);
1346 configfp = NULL;
1347 /* Keep a copy of the config filename. */
1348 opt.config_filename = configname;
1349 configname = NULL;
1350 goto next_pass;
1351 }
1352 xfree (configname);
1353 configname = NULL;
1354
1355 if (!opt.config_filename)
1356 opt.config_filename = make_filename (opt.homedir, "gpgsm.conf", NULL);
1357
1358 if (log_get_errorcount(0))
1359 gpgsm_exit(2);
1360
1361 /* Now that we have the optiosn parsed we need to update the default
1362 control structure. */
1363 gpgsm_init_default_ctrl (&ctrl);
1364
1365 if (nogreeting)
1366 greeting = 0;
1367
1368 if (greeting)
1369 {
1370 fprintf(stderr, "%s %s; %s\n",
1371 strusage(11), strusage(13), strusage(14) );
1372 fprintf(stderr, "%s\n", strusage(15) );
1373 }
1374 # ifdef IS_DEVELOPMENT_VERSION
1375 if (!opt.batch)
1376 {
1377 log_info ("NOTE: THIS IS A DEVELOPMENT VERSION!\n");
1378 log_info ("It is only intended for test purposes and should NOT be\n");
1379 log_info ("used in a production environment or with production keys!\n");
1380 }
1381 # endif
1382
1383 if (auditlog)
1384 log_info ("NOTE: The audit log feature (--audit-log) is "
1385 "WORK IN PRORESS and not ready for use!\n");
1386
1387
1388 if (may_coredump && !opt.quiet)
1389 log_info (_("WARNING: program may create a core file!\n"));
1390
1391 /* if (opt.qualsig_approval && !opt.quiet) */
1392 /* log_info (_("This software has offically been approved to " */
1393 /* "create and verify\n" */
1394 /* "qualified signatures according to German law.\n")); */
1395
1396 if (logfile && cmd == aServer)
1397 {
1398 log_set_file (logfile);
1399 log_set_prefix (NULL, 1|2|4);
1400 }
1401
1402 if (gnupg_faked_time_p ())
1403 {
1404 gnupg_isotime_t tbuf;
1405
1406 log_info (_("WARNING: running with faked system time: "));
1407 gnupg_get_isotime (tbuf);
1408 dump_isotime (tbuf);
1409 log_printf ("\n");
1410 }
1411
1412 /*FIXME if (opt.batch) */
1413 /* tty_batchmode (1); */
1414
1415 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
1416
1417 set_debug ();
1418
1419 /* Although we alwasy use gpgsm_exit, we better install a regualr
1420 exit handler so that at least the secure memory gets wiped
1421 out. */
1422 if (atexit (emergency_cleanup))
1423 {
1424 log_error ("atexit failed\n");
1425 gpgsm_exit (2);
1426 }
1427
1428 /* Must do this after dropping setuid, because the mapping functions
1429 may try to load an module and we may have disabled an algorithm.
1430 We remap the commonly used algorithms to the OIDs for
1431 convenience. We need to work with the OIDs because they are used
1432 to check whether the encryption mode is actually available. */
1433 if (!strcmp (opt.def_cipher_algoid, "3DES") )
1434 opt.def_cipher_algoid = "1.2.840.113549.3.7";
1435 else if (!strcmp (opt.def_cipher_algoid, "AES")
1436 || !strcmp (opt.def_cipher_algoid, "AES128"))
1437 opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2";
1438 else if (!strcmp (opt.def_cipher_algoid, "AES256") )
1439 opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42";
1440 else if (!strcmp (opt.def_cipher_algoid, "SERPENT")
1441 || !strcmp (opt.def_cipher_algoid, "SERPENT128") )
1442 opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2";
1443 else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
1444 opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22";
1445 else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
1446 opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
1447 else if (!strcmp (opt.def_cipher_algoid, "SEED") )
1448 opt.def_cipher_algoid = "1.2.410.200004.1.4";
1449 else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
1450 || !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
1451 opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
1452 else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
1453 opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3";
1454 else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") )
1455 opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4";
1456
1457 if (cmd != aGPGConfList)
1458 {
1459 if ( !gcry_cipher_map_name (opt.def_cipher_algoid)
1460 || !gcry_cipher_mode_from_oid (opt.def_cipher_algoid))
1461 log_error (_("selected cipher algorithm is invalid\n"));
1462
1463 if (forced_digest_algo)
1464 {
1465 opt.forced_digest_algo = gcry_md_map_name (forced_digest_algo);
1466 if (our_md_test_algo(opt.forced_digest_algo) )
1467 log_error (_("selected digest algorithm is invalid\n"));
1468 }
1469 if (extra_digest_algo)
1470 {
1471 opt.extra_digest_algo = gcry_md_map_name (extra_digest_algo);
1472 if (our_md_test_algo (opt.extra_digest_algo) )
1473 log_error (_("selected digest algorithm is invalid\n"));
1474 }
1475 }
1476
1477 if (log_get_errorcount(0))
1478 gpgsm_exit(2);
1479
1480 /* Set the random seed file. */
1481 if (use_random_seed)
1482 {
1483 char *p = make_filename (opt.homedir, "random_seed", NULL);
1484 gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
1485 xfree(p);
1486 }
1487
1488 if (!cmd && opt.fingerprint && !with_fpr)
1489 set_cmd (&cmd, aListKeys);
1490
1491 /* Add default keybox. */
1492 if (!nrings && default_keyring)
1493 {
1494 int created;
1495
1496 keydb_add_resource ("pubring.kbx", 0, 0, &created);
1497 if (created && !no_common_certs_import)
1498 {
1499 /* Import the standard certificates for a new default keybox. */
1500 char *filelist[2];
1501
1502 filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL);
1503 filelist[1] = NULL;
1504 if (!access (filelist[0], F_OK))
1505 {
1506 log_info (_("importing common certificates `%s'\n"),
1507 filelist[0]);
1508 gpgsm_import_files (&ctrl, 1, filelist, open_read);
1509 }
1510 xfree (filelist[0]);
1511 }
1512 }
1513 for (sl = nrings; sl; sl = sl->next)
1514 keydb_add_resource (sl->d, 0, 0, NULL);
1515 FREE_STRLIST(nrings);
1516
1517
1518 /* Prepare the audit log feature for certain commands. */
1519 if (auditlog)
1520 {
1521 switch (cmd)
1522 {
1523 case aEncr:
1524 case aSign:
1525 case aDecrypt:
1526 case aVerify:
1527 audit_release (ctrl.audit);
1528 ctrl.audit = audit_new ();
1529 auditfp = open_es_fwrite (auditlog);
1530 break;
1531 default:
1532 break;
1533 }
1534 }
1535
1536
1537 if (!do_not_setup_keys)
1538 {
1539 for (sl = locusr; sl ; sl = sl->next)
1540 {
1541 int rc = gpgsm_add_to_certlist (&ctrl, sl->d, 1, &signerlist, 0);
1542 if (rc)
1543 {
1544 log_error (_("can't sign using `%s': %s\n"),
1545 sl->d, gpg_strerror (rc));
1546 gpgsm_status2 (&ctrl, STATUS_INV_RECP,
1547 gpg_err_code (rc) == -1? "1":
1548 gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
1549 gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
1550 gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
1551 gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
1552 gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
1553 gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
1554 gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
1555 gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
1556 gpg_err_code (rc) == GPG_ERR_NO_SECKEY? "9":
1557 "0",
1558 sl->d, NULL);
1559 }
1560 }
1561
1562 /* Build the recipient list. We first add the regular ones and then
1563 the encrypt-to ones because the underlying function will silently
1564 ignore duplicates and we can't allow to keep a duplicate which is
1565 flagged as encrypt-to as the actually encrypt function would then
1566 complain about no (regular) recipients. */
1567 for (sl = remusr; sl; sl = sl->next)
1568 if (!(sl->flags & 1))
1569 do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required);
1570 if (!opt.no_encrypt_to)
1571 {
1572 for (sl = remusr; sl; sl = sl->next)
1573 if ((sl->flags & 1))
1574 do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
1575 }
1576 }
1577
1578 if (log_get_errorcount(0))
1579 gpgsm_exit(1); /* Must stop for invalid recipients. */
1580
1581 fname = argc? *argv : NULL;
1582
1583 /* Dispatch command. */
1584 switch (cmd)
1585 {
1586 case aGPGConfList:
1587 { /* List options and default values in the GPG Conf format. */
1588 char *config_filename_esc = percent_escape (opt.config_filename, NULL);
1589
1590 printf ("gpgconf-gpgsm.conf:%lu:\"%s\n",
1591 GC_OPT_FLAG_DEFAULT, config_filename_esc);
1592 xfree (config_filename_esc);
1593
1594 printf ("verbose:%lu:\n", GC_OPT_FLAG_NONE);
1595 printf ("quiet:%lu:\n", GC_OPT_FLAG_NONE);
1596 printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
1597 printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
1598 printf ("disable-crl-checks:%lu:\n", GC_OPT_FLAG_NONE);
1599 printf ("disable-trusted-cert-crl-check:%lu:\n", GC_OPT_FLAG_NONE);
1600 printf ("enable-ocsp:%lu:\n", GC_OPT_FLAG_NONE);
1601 printf ("include-certs:%lu:1:\n", GC_OPT_FLAG_DEFAULT);
1602 printf ("disable-policy-checks:%lu:\n", GC_OPT_FLAG_NONE);
1603 printf ("auto-issuer-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE);
1604 printf ("disable-dirmngr:%lu:\n", GC_OPT_FLAG_NONE);
1605 #ifndef HAVE_W32_SYSTEM
1606 printf ("prefer-system-dirmngr:%lu:\n", GC_OPT_FLAG_NONE);
1607 #endif
1608 printf ("cipher-algo:%lu:\"3DES:\n", GC_OPT_FLAG_DEFAULT);
1609 printf ("p12-charset:%lu:\n", GC_OPT_FLAG_DEFAULT);
1610 printf ("default-key:%lu:\n", GC_OPT_FLAG_DEFAULT);
1611 printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_DEFAULT);
1612 printf ("keyserver:%lu:\n", GC_OPT_FLAG_NONE);
1613
1614 }
1615 break;
1616 case aGPGConfTest:
1617 /* This is merely a dummy command to test whether the
1618 configuration file is valid. */
1619 break;
1620
1621 case aServer:
1622 if (debug_wait)
1623 {
1624 log_debug ("waiting for debugger - my pid is %u .....\n",
1625 (unsigned int)getpid());
1626 gnupg_sleep (debug_wait);
1627 log_debug ("... okay\n");
1628 }
1629 gpgsm_server (recplist);
1630 break;
1631
1632 case aCallDirmngr:
1633 if (!argc)
1634 wrong_args ("--call-dirmngr <command> {args}");
1635 else
1636 if (gpgsm_dirmngr_run_command (&ctrl, *argv, argc-1, argv+1))
1637 gpgsm_exit (1);
1638 break;
1639
1640 case aCallProtectTool:
1641 run_protect_tool (argc, argv);
1642 break;
1643
1644 case aEncr: /* Encrypt the given file. */
1645 {
1646 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1647
1648 set_binary (stdin);
1649
1650 if (!argc) /* Source is stdin. */
1651 gpgsm_encrypt (&ctrl, recplist, 0, fp);
1652 else if (argc == 1) /* Source is the given file. */
1653 gpgsm_encrypt (&ctrl, recplist, open_read (*argv), fp);
1654 else
1655 wrong_args ("--encrypt [datafile]");
1656
1657 if (fp != stdout)
1658 fclose (fp);
1659 }
1660 break;
1661
1662 case aSign: /* Sign the given file. */
1663 {
1664 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1665
1666 /* Fixme: We should also allow to concatenate multiple files for
1667 signing because that is what gpg does.*/
1668 set_binary (stdin);
1669 if (!argc) /* Create from stdin. */
1670 gpgsm_sign (&ctrl, signerlist, 0, detached_sig, fp);
1671 else if (argc == 1) /* From file. */
1672 gpgsm_sign (&ctrl, signerlist,
1673 open_read (*argv), detached_sig, fp);
1674 else
1675 wrong_args ("--sign [datafile]");
1676
1677 if (fp != stdout)
1678 fclose (fp);
1679 }
1680 break;
1681
1682 case aSignEncr: /* sign and encrypt the given file */
1683 log_error ("this command has not yet been implemented\n");
1684 break;
1685
1686 case aClearsign: /* make a clearsig */
1687 log_error ("this command has not yet been implemented\n");
1688 break;
1689
1690 case aVerify:
1691 {
1692 FILE *fp = NULL;
1693
1694 set_binary (stdin);
1695 if (argc == 2 && opt.outfile)
1696 log_info ("option --output ignored for a detached signature\n");
1697 else if (opt.outfile)
1698 fp = open_fwrite (opt.outfile);
1699
1700 if (!argc)
1701 gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */
1702 else if (argc == 1)
1703 gpgsm_verify (&ctrl, open_read (*argv), -1, fp); /* std signature */
1704 else if (argc == 2) /* detached signature (sig, detached) */
1705 gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL);
1706 else
1707 wrong_args ("--verify [signature [detached_data]]");
1708
1709 if (fp && fp != stdout)
1710 fclose (fp);
1711 }
1712 break;
1713
1714 case aVerifyFiles:
1715 log_error (_("this command has not yet been implemented\n"));
1716 break;
1717
1718 case aDecrypt:
1719 {
1720 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1721
1722 set_binary (stdin);
1723 if (!argc)
1724 gpgsm_decrypt (&ctrl, 0, fp); /* from stdin */
1725 else if (argc == 1)
1726 gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
1727 else
1728 wrong_args ("--decrypt [filename]");
1729 if (fp != stdout)
1730 fclose (fp);
1731 }
1732 break;
1733
1734 case aDeleteKey:
1735 for (sl=NULL; argc; argc--, argv++)
1736 add_to_strlist (&sl, *argv);
1737 gpgsm_delete (&ctrl, sl);
1738 free_strlist(sl);
1739 break;
1740
1741 case aListChain:
1742 case aDumpChain:
1743 ctrl.with_chain = 1;
1744 case aListKeys:
1745 case aDumpKeys:
1746 case aListExternalKeys:
1747 case aDumpExternalKeys:
1748 case aListSecretKeys:
1749 case aDumpSecretKeys:
1750 {
1751 unsigned int mode;
1752 estream_t fp;
1753
1754 switch (cmd)
1755 {
1756 case aListChain:
1757 case aListKeys: mode = (0 | 0 | (1<<6)); break;
1758 case aDumpChain:
1759 case aDumpKeys: mode = (256 | 0 | (1<<6)); break;
1760 case aListExternalKeys: mode = (0 | 0 | (1<<7)); break;
1761 case aDumpExternalKeys: mode = (256 | 0 | (1<<7)); break;
1762 case aListSecretKeys: mode = (0 | 2 | (1<<6)); break;
1763 case aDumpSecretKeys: mode = (256 | 2 | (1<<6)); break;
1764 default: BUG();
1765 }
1766
1767 fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
1768 for (sl=NULL; argc; argc--, argv++)
1769 add_to_strlist (&sl, *argv);
1770 gpgsm_list_keys (&ctrl, sl, fp, mode);
1771 free_strlist(sl);
1772 es_fclose (fp);
1773 }
1774 break;
1775
1776
1777 case aKeygen: /* Generate a key; well kind of. */
1778 {
1779 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1780 gpgsm_gencertreq_tty (&ctrl, fp);
1781 if (fp != stdout)
1782 fclose (fp);
1783 }
1784 break;
1785
1786
1787 case aImport:
1788 gpgsm_import_files (&ctrl, argc, argv, open_read);
1789 break;
1790
1791 case aExport:
1792 {
1793 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1794
1795 for (sl=NULL; argc; argc--, argv++)
1796 add_to_strlist (&sl, *argv);
1797 gpgsm_export (&ctrl, sl, fp, NULL);
1798 free_strlist(sl);
1799 if (fp != stdout)
1800 fclose (fp);
1801 }
1802 break;
1803
1804 case aExportSecretKeyP12:
1805 {
1806 FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-");
1807
1808 if (argc == 1)
1809 gpgsm_p12_export (&ctrl, *argv, fp);
1810 else
1811 wrong_args ("--export-secret-key-p12 KEY-ID");
1812 if (fp != stdout)
1813 fclose (fp);
1814 }
1815 break;
1816
1817 case aSendKeys:
1818 case aRecvKeys:
1819 log_error ("this command has not yet been implemented\n");
1820 break;
1821
1822
1823 case aLearnCard:
1824 if (argc)
1825 wrong_args ("--learn-card");
1826 else
1827 {
1828 int rc = gpgsm_agent_learn (&ctrl);
1829 if (rc)
1830 log_error ("error learning card: %s\n", gpg_strerror (rc));
1831 }
1832 break;
1833
1834 case aPasswd:
1835 if (argc != 1)
1836 wrong_args ("--passwd <key-Id>");
1837 else
1838 {
1839 int rc;
1840 ksba_cert_t cert = NULL;
1841 char *grip = NULL;
1842
1843 rc = gpgsm_find_cert (*argv, NULL, &cert);
1844 if (rc)
1845 ;
1846 else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
1847 rc = gpg_error (GPG_ERR_BUG);
1848 else
1849 {
1850 char *desc = gpgsm_format_keydesc (cert);
1851 rc = gpgsm_agent_passwd (&ctrl, grip, desc);
1852 xfree (desc);
1853 }
1854 if (rc)
1855 log_error ("error changing passphrase: %s\n", gpg_strerror (rc));
1856 xfree (grip);
1857 ksba_cert_release (cert);
1858 }
1859 break;
1860
1861 case aKeydbClearSomeCertFlags:
1862 for (sl=NULL; argc; argc--, argv++)
1863 add_to_strlist (&sl, *argv);
1864 keydb_clear_some_cert_flags (&ctrl, sl);
1865 free_strlist(sl);
1866 break;
1867
1868
1869 default:
1870 log_error (_("invalid command (there is no implicit command)\n"));
1871 break;
1872 }
1873
1874 /* Print the audit result if needed. */
1875 if (auditlog && auditfp)
1876 {
1877 audit_print_result (ctrl.audit, auditfp, 0);
1878 audit_release (ctrl.audit);
1879 ctrl.audit = NULL;
1880 es_fclose (auditfp);
1881 }
1882
1883 /* cleanup */
1884 keyserver_list_free (opt.keyserver);
1885 opt.keyserver = NULL;
1886 gpgsm_release_certlist (recplist);
1887 gpgsm_release_certlist (signerlist);
1888 FREE_STRLIST (remusr);
1889 FREE_STRLIST (locusr);
1890 gpgsm_exit(0);
1891 return 8; /*NOTREACHED*/
1892 }
1893
1894 /* Note: This function is used by signal handlers!. */
1895 static void
1896 emergency_cleanup (void)
1897 {
1898 gcry_control (GCRYCTL_TERM_SECMEM );
1899 }
1900
1901
1902 void
1903 gpgsm_exit (int rc)
1904 {
1905 gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
1906 if (opt.debug & DBG_MEMSTAT_VALUE)
1907 {
1908 gcry_control( GCRYCTL_DUMP_MEMORY_STATS );
1909 gcry_control( GCRYCTL_DUMP_RANDOM_STATS );
1910 }
1911 if (opt.debug)
1912 gcry_control (GCRYCTL_DUMP_SECMEM_STATS );
1913 emergency_cleanup ();
1914 rc = rc? rc : log_get_errorcount(0)? 2 : gpgsm_errors_seen? 1 : 0;
1915 exit (rc);
1916 }
1917
1918
1919 void
1920 gpgsm_init_default_ctrl (struct server_control_s *ctrl)
1921 {
1922 ctrl->include_certs = default_include_certs;
1923 ctrl->use_ocsp = opt.enable_ocsp;
1924 ctrl->validation_model = default_validation_model;
1925 }
1926
1927
1928 int
1929 gpgsm_parse_validation_model (const char *model)
1930 {
1931 if (!ascii_strcasecmp (model, "shell") )
1932 return 0;
1933 else if ( !ascii_strcasecmp (model, "chain") )
1934 return 1;
1935 else
1936 return -1;
1937 }
1938
1939
1940 /* Check whether the filename has the form "-&nnnn", where n is a
1941 non-zero number. Returns this number or -1 if it is not the case. */
1942 static int
1943 check_special_filename (const char *fname, int for_write)
1944 {
1945 if (allow_special_filenames
1946 && fname && *fname == '-' && fname[1] == '&' ) {
1947 int i;
1948
1949 fname += 2;
1950 for (i=0; isdigit (fname[i]); i++ )
1951 ;
1952 if ( !fname[i] )
1953 return translate_sys2libc_fd_int (atoi (fname), for_write);
1954 }
1955 return -1;
1956 }
1957
1958
1959
1960 /* Open the FILENAME for read and return the filedescriptor. Stop
1961 with an error message in case of problems. "-" denotes stdin and
1962 if special filenames are allowed the given fd is opened instead. */
1963 static int
1964 open_read (const char *filename)
1965 {
1966 int fd;
1967
1968 if (filename[0] == '-' && !filename[1])
1969 {
1970 set_binary (stdin);
1971 return 0; /* stdin */
1972 }
1973 fd = check_special_filename (filename, 0);
1974 if (fd != -1)
1975 return fd;
1976 fd = open (filename, O_RDONLY | O_BINARY);
1977 if (fd == -1)
1978 {
1979 log_error (_("can't open `%s': %s\n"), filename, strerror (errno));
1980 gpgsm_exit (2);
1981 }
1982 return fd;
1983 }
1984
1985 /* Open FILENAME for fwrite and return the stream. Stop with an error
1986 message in case of problems. "-" denotes stdout and if special
1987 filenames are allowed the given fd is opened instead. Caller must
1988 close the returned stream unless it is stdout. */
1989 static FILE *
1990 open_fwrite (const char *filename)
1991 {
1992 int fd;
1993 FILE *fp;
1994
1995 if (filename[0] == '-' && !filename[1])
1996 {
1997 set_binary (stdout);
1998 return stdout;
1999 }
2000
2001 fd = check_special_filename (filename, 1);
2002 if (fd != -1)
2003 {
2004 fp = fdopen (dup (fd), "wb");
2005 if (!fp)
2006 {
2007 log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
2008 gpgsm_exit (2);
2009 }
2010 set_binary (fp);
2011 return fp;
2012 }
2013 fp = fopen (filename, "wb");
2014 if (!fp)
2015 {
2016 log_error (_("can't open `%s': %s\n"), filename, strerror (errno));
2017 gpgsm_exit (2);
2018 }
2019 return fp;
2020 }
2021
2022
2023 /* Open FILENAME for fwrite and return an extended stream. Stop with
2024 an error message in case of problems. "-" denotes stdout and if
2025 special filenames are allowed the given fd is opened instead.
2026 Caller must close the returned stream. */
2027 static estream_t
2028 open_es_fwrite (const char *filename)
2029 {
2030 int fd;
2031 estream_t fp;
2032
2033 if (filename[0] == '-' && !filename[1])
2034 {
2035 fflush (stdout);
2036 fp = es_fdopen_nc (fileno(stdout), "wb");
2037 return fp;
2038 }
2039
2040 fd = check_special_filename (filename, 1);
2041 if (fd != -1)
2042 {
2043 fp = es_fdopen_nc (fd, "wb");
2044 if (!fp)
2045 {
2046 log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
2047 gpgsm_exit (2);
2048 }
2049 return fp;
2050 }
2051 fp = es_fopen (filename, "wb");
2052 if (!fp)
2053 {
2054 log_error (_("can't open `%s': %s\n"), filename, strerror (errno));
2055 gpgsm_exit (2);
2056 }
2057 return fp;
2058 }
2059
2060
2061 static void
2062 run_protect_tool (int argc, char **argv)
2063 {
2064 #ifndef HAVE_W32_SYSTEM
2065 const char *pgm;
2066 char **av;
2067 int i;
2068
2069 if (!opt.protect_tool_program || !*opt.protect_tool_program)
2070 pgm = gnupg_module_name (GNUPG_MODULE_NAME_PROTECT_TOOL);
2071 else
2072 pgm = opt.protect_tool_program;
2073
2074 av = xcalloc (argc+2, sizeof *av);
2075 av[0] = strrchr (pgm, '/');
2076 if (!av[0])
2077 av[0] = xstrdup (pgm);
2078 for (i=1; argc; i++, argc--, argv++)
2079 av[i] = *argv;
2080 av[i] = NULL;
2081 execv (pgm, av);
2082 log_error ("error executing `%s': %s\n", pgm, strerror (errno));
2083 #endif /*HAVE_W32_SYSTEM*/
2084 gpgsm_exit (2);
2085 }
gnupg svn clone