Updated the german translation
[gnupg.git] / common / get-passphrase.c
blobe1a11482ecbead386b649204a792a8ca060a6efb
1 /* get-passphrase.c - Ask for a passphrase via the agent
2 * Copyright (C) 2009 Free Software Foundation, Inc.
4 * This file is part of GnuPG.
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
20 #include <config.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <assert.h>
25 #include <assuan.h>
27 #include "util.h"
28 #include "i18n.h"
29 #include "asshelp.h"
30 #include "membuf.h"
31 #include "sysutils.h"
32 #include "get-passphrase.h"
34 /* The context used by this process to ask for the passphrase. */
35 static assuan_context_t agent_ctx;
36 static struct
38 gpg_err_source_t errsource;
39 int verbosity;
40 const char *homedir;
41 const char *agent_program;
42 const char *lc_ctype;
43 const char *lc_messages;
44 session_env_t session_env;
45 const char *pinentry_user_data;
46 } agentargs;
49 /* Set local variable to be used for a possible agent startup. Note
50 that the strings are just pointers and should not anymore be
51 modified by the caller. */
52 void
53 gnupg_prepare_get_passphrase (gpg_err_source_t errsource,
54 int verbosity,
55 const char *homedir,
56 const char *agent_program,
57 const char *opt_lc_ctype,
58 const char *opt_lc_messages,
59 session_env_t session_env)
61 agentargs.errsource = errsource;
62 agentargs.verbosity = verbosity;
63 agentargs.homedir = homedir;
64 agentargs.agent_program = agent_program;
65 agentargs.lc_ctype = opt_lc_ctype;
66 agentargs.lc_messages = opt_lc_messages;
67 agentargs.session_env = session_env;
71 /* Try to connect to the agent via socket or fork it off and work by
72 pipes. Handle the server's initial greeting. */
73 static gpg_error_t
74 start_agent (void)
76 gpg_error_t err;
78 /* Fixme: This code is not thread safe, thus we don't build it with
79 pth. We will need a context for each thread or serialize the
80 access to the agent. */
81 if (agent_ctx)
82 return 0;
84 err = start_new_gpg_agent (&agent_ctx,
85 agentargs.errsource,
86 agentargs.homedir,
87 agentargs.agent_program,
88 agentargs.lc_ctype,
89 agentargs.lc_messages,
90 agentargs.session_env,
91 agentargs.verbosity, 0, NULL, NULL);
92 if (!err)
94 /* Tell the agent that we support Pinentry notifications. No
95 error checking so that it will work with older agents. */
96 assuan_transact (agent_ctx, "OPTION allow-pinentry-notify",
97 NULL, NULL, NULL, NULL, NULL, NULL);
100 return err;
104 /* This is the default inquiry callback. It merely handles the
105 Pinentry notification. */
106 static int
107 default_inq_cb (void *opaque, const char *line)
109 (void)opaque;
111 if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17]))
113 gnupg_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10));
114 /* We do not return errors to avoid breaking other code. */
116 else
117 log_debug ("ignoring gpg-agent inquiry `%s'\n", line);
119 return 0;
123 static int
124 membuf_data_cb (void *opaque, const void *buffer, size_t length)
126 membuf_t *data = opaque;
128 if (buffer)
129 put_membuf (data, buffer, length);
130 return 0;
134 /* Ask for a passphrase via gpg-agent. On success the caller needs to
135 free the string stored at R_PASSPHRASE. On error NULL will be
136 stored at R_PASSPHRASE and an appropriate gpg error code is
137 returned. With REPEAT set to 1, gpg-agent will ask the user to
138 repeat the just entered passphrase. CACHE_ID is a gpg-agent style
139 passphrase cache id or NULL. ERR_MSG is a error message to be
140 presented to the user (e.g. "bad passphrase - try again") or NULL.
141 PROMPT is the prompt string to label the entry box, it may be NULL
142 for a default one. DESC_MSG is a longer description to be
143 displayed above the entry box, if may be NULL for a default one.
144 If USE_SECMEM is true, the returned passphrase is retruned in
145 secure memory. The length of all these strings is limited; they
146 need to fit in their encoded form into a standard Assuan line (i.e
147 less then about 950 characters). All strings shall be UTF-8. */
148 gpg_error_t
149 gnupg_get_passphrase (const char *cache_id,
150 const char *err_msg,
151 const char *prompt,
152 const char *desc_msg,
153 int repeat,
154 int check_quality,
155 int use_secmem,
156 char **r_passphrase)
158 gpg_error_t err;
159 char line[ASSUAN_LINELENGTH];
160 const char *arg1 = NULL;
161 char *arg2 = NULL;
162 char *arg3 = NULL;
163 char *arg4 = NULL;
164 membuf_t data;
166 *r_passphrase = NULL;
168 err = start_agent ();
169 if (err)
170 return err;
172 /* Check that the gpg-agent understands the repeat option. */
173 if (assuan_transact (agent_ctx,
174 "GETINFO cmd_has_option GET_PASSPHRASE repeat",
175 NULL, NULL, NULL, NULL, NULL, NULL))
176 return gpg_error (GPG_ERR_NOT_SUPPORTED);
178 arg1 = cache_id && *cache_id? cache_id:NULL;
179 if (err_msg && *err_msg)
180 if (!(arg2 = percent_plus_escape (err_msg)))
181 goto no_mem;
182 if (prompt && *prompt)
183 if (!(arg3 = percent_plus_escape (prompt)))
184 goto no_mem;
185 if (desc_msg && *desc_msg)
186 if (!(arg4 = percent_plus_escape (desc_msg)))
187 goto no_mem;
189 snprintf (line, DIM(line)-1,
190 "GET_PASSPHRASE --data %s--repeat=%d -- %s %s %s %s",
191 check_quality? "--check ":"",
192 repeat,
193 arg1? arg1:"X",
194 arg2? arg2:"X",
195 arg3? arg3:"X",
196 arg4? arg4:"X");
197 line[DIM(line)-1] = 0;
198 xfree (arg2);
199 xfree (arg3);
200 xfree (arg4);
202 if (use_secmem)
203 init_membuf_secure (&data, 64);
204 else
205 init_membuf (&data, 64);
206 err = assuan_transact (agent_ctx, line,
207 membuf_data_cb, &data,
208 default_inq_cb, NULL, NULL, NULL);
210 /* Older Pinentries return the old assuan error code for canceled
211 which gets translated bt libassuan to GPG_ERR_ASS_CANCELED and
212 not to the code for a user cancel. Fix this here. */
213 if (err && gpg_err_source (err)
214 && gpg_err_code (err) == GPG_ERR_ASS_CANCELED)
215 err = gpg_err_make (gpg_err_source (err), GPG_ERR_CANCELED);
217 if (err)
219 void *p;
220 size_t n;
222 p = get_membuf (&data, &n);
223 if (p)
224 wipememory (p, n);
225 xfree (p);
227 else
229 put_membuf (&data, "", 1);
230 *r_passphrase = get_membuf (&data, NULL);
231 if (!*r_passphrase)
232 err = gpg_error_from_syserror ();
234 return err;
235 no_mem:
236 err = gpg_error_from_syserror ();
237 xfree (arg2);
238 xfree (arg3);
239 xfree (arg4);
240 return err;
244 /* Flush the passphrase cache with Id CACHE_ID. */
245 gpg_error_t
246 gnupg_clear_passphrase (const char *cache_id)
248 gpg_error_t err;
249 char line[ASSUAN_LINELENGTH];
251 if (!cache_id || !*cache_id)
252 return 0;
254 err = start_agent ();
255 if (err)
256 return err;
258 snprintf (line, DIM(line)-1, "CLEAR_PASSPHRASE %s", cache_id);
259 line[DIM(line)-1] = 0;
260 return assuan_transact (agent_ctx, line, NULL, NULL,
261 default_inq_cb, NULL, NULL, NULL);