1 /* server.c - LDAP and Keyserver access server
2 * Copyright (C) 2002 Klarälvdalens Datakonsult AB
3 * Copyright (C) 2003, 2004, 2005, 2007, 2008, 2009, 2011, 2015 g10 Code GmbH
4 * Copyright (C) 2014 Werner Koch
6 * This file is part of GnuPG.
8 * GnuPG is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuPG is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
28 #include <sys/types.h>
39 # include "ldapserver.h"
42 #include "certcache.h"
46 # include "ldap-wrapper.h"
48 #include "ks-action.h"
49 #include "ks-engine.h" /* (ks_hkp_print_hosttable) */
51 # include "ldap-parse-uri.h"
53 #include "dns-stuff.h"
54 #include "mbox-util.h"
57 /* To avoid DoS attacks we limit the size of a certificate to
58 something reasonable. The DoS was actually only an issue back when
59 Dirmngr was a system service and not a user service. */
60 #define MAX_CERT_LENGTH (16*1024)
62 /* The same goes for OpenPGP keyblocks, but here we need to allow for
63 much longer blocks; a 200k keyblock is not too unusual for keys
64 with a lot of signatures (e.g. 0x5b0358a2). 9C31503C6D866396 even
65 has 770 KiB as of 2015-08-23. To avoid adding a runtime option we
66 now use 20MiB which should really be enough. Well, a key with
67 several pictures could be larger (the parser as a 18MiB limit for
68 attribute packets) but it won't be nice to the keyservers to send
69 them such large blobs. */
70 #define MAX_KEYBLOCK_LENGTH (20*1024*1024)
73 #define PARM_ERROR(t) assuan_set_error (ctx, \
74 gpg_error (GPG_ERR_ASS_PARAMETER), (t))
75 #define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t))
79 /* Control structure per connection. */
82 /* Data used to associate an Assuan context with local server data */
83 assuan_context_t assuan_ctx;
85 /* Per-session LDAP servers. */
86 ldap_server_t ldapservers;
88 /* Per-session list of keyservers. */
89 uri_item_t keyservers;
91 /* If this flag is set to true this dirmngr process will be
92 terminated after the end of this session. */
95 /* State variable private to is_tor_running. */
100 /* Cookie definition for assuan data line output. */
101 static gpgrt_ssize_t data_line_cookie_write (void *cookie,
102 const void *buffer, size_t size);
103 static int data_line_cookie_close (void *cookie);
104 static es_cookie_io_functions_t data_line_cookie_functions =
107 data_line_cookie_write,
109 data_line_cookie_close
116 /* Accessor for the local ldapservers variable. */
118 get_ldapservers_from_ctrl (ctrl_t ctrl)
120 if (ctrl && ctrl->server_local)
121 return ctrl->server_local->ldapservers;
126 /* Release an uri_item_t list. */
128 release_uri_item_list (uri_item_t list)
132 uri_item_t tmp = list->next;
133 http_release_parsed_uri (list->parsed_uri);
139 /* Release all configured keyserver info from CTRL. */
141 release_ctrl_keyservers (ctrl_t ctrl)
143 if (! ctrl->server_local)
146 release_uri_item_list (ctrl->server_local->keyservers);
147 ctrl->server_local->keyservers = NULL;
152 /* Helper to print a message while leaving a command. */
154 leave_cmd (assuan_context_t ctx, gpg_error_t err)
158 const char *name = assuan_get_command_name (ctx);
161 if (gpg_err_source (err) == GPG_ERR_SOURCE_DEFAULT)
162 log_error ("command '%s' failed: %s\n", name,
165 log_error ("command '%s' failed: %s <%s>\n", name,
166 gpg_strerror (err), gpg_strsource (err));
172 /* This is a wrapper around assuan_send_data which makes debugging the
173 output in verbose mode easier. */
175 data_line_write (assuan_context_t ctx, const void *buffer_arg, size_t size)
177 const char *buffer = buffer_arg;
180 if (opt.verbose && buffer && size)
182 /* Ease reading of output by sending a physical line at each LF. */
189 p = memchr (buffer, '\n', nbytes);
190 n = p ? (p - buffer) + 1 : nbytes;
191 err = assuan_send_data (ctx, buffer, n);
194 gpg_err_set_errno (EIO);
199 if (nbytes && (err=assuan_send_data (ctx, NULL, 0))) /* Flush line. */
201 gpg_err_set_errno (EIO);
209 err = assuan_send_data (ctx, buffer, size);
212 gpg_err_set_errno (EIO); /* For use by data_line_cookie_write. */
221 /* A write handler used by es_fopencookie to write assuan data
224 data_line_cookie_write (void *cookie, const void *buffer, size_t size)
226 assuan_context_t ctx = cookie;
228 if (data_line_write (ctx, buffer, size))
230 return (gpgrt_ssize_t)size;
235 data_line_cookie_close (void *cookie)
237 assuan_context_t ctx = cookie;
239 if (assuan_send_data (ctx, NULL, 0))
241 gpg_err_set_errno (EIO);
249 /* Copy the % and + escaped string S into the buffer D and replace the
250 escape sequences. Note, that it is sufficient to allocate the
251 target string D as long as the source string S, i.e.: strlen(s)+1.
252 Note further that if S contains an escaped binary Nul the resulting
253 string D will contain the 0 as well as all other characters but it
254 will be impossible to know whether this is the original EOS or a
257 strcpy_escaped_plus (char *d, const unsigned char *s)
261 if (*s == '%' && s[1] && s[2])
276 /* Check whether the option NAME appears in LINE */
278 has_option (const char *line, const char *name)
281 int n = strlen (name);
283 s = strstr (line, name);
284 return (s && (s == line || spacep (s-1)) && (!s[n] || spacep (s+n)));
287 /* Same as has_option but only considers options at the begin of the
288 line. This is useful for commands which allow arbitrary strings on
291 has_leading_option (const char *line, const char *name)
296 if (name[0] != '-' || name[1] != '-' || !name[2] || spacep (name+2))
299 while ( *line == '-' && line[1] == '-' )
302 while (*line && !spacep (line))
304 if (n == (line - s) && !strncmp (s, name, n))
306 while (spacep (line))
313 /* Same as has_option but does only test for the name of the option
314 and ignores an argument, i.e. with NAME being "--hash" it would
315 return a pointer for "--hash" as well as for "--hash=foo". If
316 thhere is no such option NULL is returned. The pointer returned
317 points right behind the option name, this may be an equal sign, Nul
319 /* static const char * */
320 /* has_option_name (const char *line, const char *name) */
323 /* int n = strlen (name); */
325 /* s = strstr (line, name); */
326 /* return (s && (s == line || spacep (s-1)) */
327 /* && (!s[n] || spacep (s+n) || s[n] == '=')) ? (s+n) : NULL; */
331 /* Skip over options. It is assumed that leading spaces have been
332 removed (this is the case for lines passed to a handler from
333 assuan). Blanks after the options are also removed. */
335 skip_options (char *line)
337 while ( *line == '-' && line[1] == '-' )
339 while (*line && !spacep (line))
341 while (spacep (line))
348 /* This fucntion returns true if a Tor server is running. The sattus
349 is cached for the current conenction. */
351 is_tor_running (ctrl_t ctrl)
353 #if ASSUAN_VERSION_NUMBER >= 0x020402
354 /* Check whether we can connect to the proxy. We use a
355 special feature introduced with libassuan 2.4.2. */
357 if (!ctrl || !ctrl->server_local)
358 return 0; /* Ooops. */
360 if (!ctrl->server_local->tor_state)
364 sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR);
365 if (sock == ASSUAN_INVALID_FD)
366 ctrl->server_local->tor_state = -1; /* Not running. */
369 assuan_sock_close (sock);
370 ctrl->server_local->tor_state = 1; /* Running. */
373 return (ctrl->server_local->tor_state > 0);
374 #else /* Libassuan < 2.4.2 */
375 return 0; /* We don't know. */
380 /* Return an error if the assuan context does not belong to the owner
381 of the process or to root. On error FAILTEXT is set as Assuan
384 check_owner_permission (assuan_context_t ctx, const char *failtext)
386 #ifdef HAVE_W32_SYSTEM
387 /* Under Windows the dirmngr is always run under the control of the
393 assuan_peercred_t cred;
395 ec = gpg_err_code (assuan_get_peercred (ctx, &cred));
396 if (!ec && cred->uid && cred->uid != getuid ())
399 return set_error (ec, failtext);
406 /* Common code for get_cert_local and get_issuer_cert_local. */
408 do_get_cert_local (ctrl_t ctrl, const char *name, const char *command)
410 unsigned char *value;
418 buf = xmalloc ( strlen (command) + 1 + strlen(name) + 1);
419 strcpy (stpcpy (stpcpy (buf, command), " "), name);
422 buf = xstrdup (command);
424 rc = assuan_inquire (ctrl->server_local->assuan_ctx, buf,
425 &value, &valuelen, MAX_CERT_LENGTH);
429 log_error (_("assuan_inquire(%s) failed: %s\n"),
430 command, gpg_strerror (rc));
440 rc = ksba_cert_new (&cert);
443 rc = ksba_cert_init_from_mem (cert, value, valuelen);
446 ksba_cert_release (cert);
456 /* Ask back to return a certificate for name, given as a regular
457 gpgsm certificate indentificates (e.g. fingerprint or one of the
458 other methods). Alternatively, NULL may be used for NAME to
459 return the current target certificate. Either return the certificate
460 in a KSBA object or NULL if it is not available.
463 get_cert_local (ctrl_t ctrl, const char *name)
465 if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
468 log_debug ("get_cert_local called w/o context\n");
471 return do_get_cert_local (ctrl, name, "SENDCERT");
475 /* Ask back to return the issuing certificate for name, given as a
476 regular gpgsm certificate indentificates (e.g. fingerprint or one
477 of the other methods). Alternatively, NULL may be used for NAME to
478 return thecurrent target certificate. Either return the certificate
479 in a KSBA object or NULL if it is not available.
483 get_issuing_cert_local (ctrl_t ctrl, const char *name)
485 if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
488 log_debug ("get_issuing_cert_local called w/o context\n");
491 return do_get_cert_local (ctrl, name, "SENDISSUERCERT");
494 /* Ask back to return a certificate with subject NAME and a
495 subjectKeyIdentifier of KEYID. */
497 get_cert_local_ski (ctrl_t ctrl, const char *name, ksba_sexp_t keyid)
499 unsigned char *value;
506 if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx)
509 log_debug ("get_cert_local_ski called w/o context\n");
514 log_debug ("get_cert_local_ski called with insufficient arguments\n");
518 hexkeyid = serial_hex (keyid);
521 log_debug ("serial_hex() failed\n");
525 buf = xtrymalloc (15 + strlen (hexkeyid) + 2 + strlen(name) + 1);
529 log_error ("can't allocate enough memory: %s\n", strerror (errno));
533 strcpy (stpcpy (stpcpy (stpcpy (buf, "SENDCERT_SKI "), hexkeyid)," /"),name);
536 rc = assuan_inquire (ctrl->server_local->assuan_ctx, buf,
537 &value, &valuelen, MAX_CERT_LENGTH);
541 log_error (_("assuan_inquire(%s) failed: %s\n"), "SENDCERT_SKI",
552 rc = ksba_cert_new (&cert);
555 rc = ksba_cert_init_from_mem (cert, value, valuelen);
558 ksba_cert_release (cert);
567 /* Ask the client via an inquiry to check the istrusted status of the
568 certificate specified by the hexified fingerprint HEXFPR. Returns
569 0 if the certificate is trusted by the client or an error code. */
571 get_istrusted_from_client (ctrl_t ctrl, const char *hexfpr)
573 unsigned char *value;
578 if (!ctrl || !ctrl->server_local || !ctrl->server_local->assuan_ctx
580 return gpg_error (GPG_ERR_INV_ARG);
582 snprintf (request, sizeof request, "ISTRUSTED %s", hexfpr);
583 rc = assuan_inquire (ctrl->server_local->assuan_ctx, request,
584 &value, &valuelen, 100);
587 log_error (_("assuan_inquire(%s) failed: %s\n"),
588 request, gpg_strerror (rc));
591 /* The expected data is: "1" or "1 cruft" (not a C-string). */
592 if (valuelen && *value == '1' && (valuelen == 1 || spacep (value+1)))
595 rc = gpg_error (GPG_ERR_NOT_TRUSTED);
603 /* Ask the client to return the certificate associated with the
604 current command. This is sometimes needed because the client usually
605 sends us just the cert ID, assuming that the request can be
606 satisfied from the cache, where the cert ID is used as key. */
608 inquire_cert_and_load_crl (assuan_context_t ctx)
610 ctrl_t ctrl = assuan_get_pointer (ctx);
612 unsigned char *value = NULL;
614 ksba_cert_t cert = NULL;
616 err = assuan_inquire( ctx, "SENDCERT", &value, &valuelen, 0);
621 /* FILE *fp = fopen ("foo.der", "r"); */
622 /* value = xmalloc (2000); */
623 /* valuelen = fread (value, 1, 2000, fp); */
627 if (!valuelen) /* No data returned; return a comprehensible error. */
628 return gpg_error (GPG_ERR_MISSING_CERT);
630 err = ksba_cert_new (&cert);
633 err = ksba_cert_init_from_mem (cert, value, valuelen);
636 xfree (value); value = NULL;
638 err = crl_cache_reload_crl (ctrl, cert);
641 ksba_cert_release (cert);
647 /* Handle OPTION commands. */
649 option_handler (assuan_context_t ctx, const char *key, const char *value)
651 ctrl_t ctrl = assuan_get_pointer (ctx);
654 if (!strcmp (key, "force-crl-refresh"))
656 int i = *value? atoi (value) : 0;
657 ctrl->force_crl_refresh = i;
659 else if (!strcmp (key, "audit-events"))
661 int i = *value? atoi (value) : 0;
662 ctrl->audit_events = i;
664 else if (!strcmp (key, "http-proxy"))
666 xfree (ctrl->http_proxy);
667 if (!*value || !strcmp (value, "none"))
668 ctrl->http_proxy = NULL;
669 else if (!(ctrl->http_proxy = xtrystrdup (value)))
670 err = gpg_error_from_syserror ();
672 else if (!strcmp (key, "honor-keyserver-url-used"))
674 /* Return an error if we are running in Tor mode. */
676 err = gpg_error (GPG_ERR_FORBIDDEN);
679 err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
686 static const char hlp_dns_cert[] =
687 "DNS_CERT <subtype> <name>\n"
688 "DNS_CERT --pka <user_id>\n"
689 "DNS_CERT --dane <user_id>\n"
691 "Return the CERT record for <name>. <subtype> is one of\n"
692 " * Return the first record of any supported subtype\n"
693 " PGP Return the first record of subtype PGP (3)\n"
694 " IPGP Return the first record of subtype IPGP (6)\n"
695 "If the content of a certifciate is available (PGP) it is returned\n"
696 "by data lines. Fingerprints and URLs are returned via status lines.\n"
697 "In --pka mode the fingerprint and if available an URL is returned.\n"
698 "In --dane mode the key is returned from RR type 61";
700 cmd_dns_cert (assuan_context_t ctx, char *line)
702 /* ctrl_t ctrl = assuan_get_pointer (ctx); */
704 int pka_mode, dane_mode;
706 char *namebuf = NULL;
707 char *encodedhash = NULL;
713 unsigned char *fpr = NULL;
717 pka_mode = has_option (line, "--pka");
718 dane_mode = has_option (line, "--dane");
719 line = skip_options (line);
721 if (pka_mode && dane_mode)
723 err = PARM_ERROR ("either --pka or --dane may be given");
727 if (pka_mode || dane_mode)
728 ; /* No need to parse here - we do this later. */
731 p = strchr (line, ' ');
734 err = PARM_ERROR ("missing arguments");
738 if (!strcmp (line, "*"))
739 certtype = DNS_CERTTYPE_ANY;
740 else if (!strcmp (line, "IPGP"))
741 certtype = DNS_CERTTYPE_IPGP;
742 else if (!strcmp (line, "PGP"))
743 certtype = DNS_CERTTYPE_PGP;
746 err = PARM_ERROR ("unknown subtype");
754 err = PARM_ERROR ("name missing");
759 if (opt.use_tor && (err = enable_dns_tormode (0)))
761 /* Tor mode is requested but the DNS code can't enable it. */
762 assuan_set_error (ctx, err, "error enabling Tor mode");
766 if (pka_mode || dane_mode)
768 char *domain; /* Points to mbox. */
769 char hashbuf[32]; /* For SHA-1 and SHA-256. */
771 /* We lowercase ascii characters but the DANE I-D does not allow
772 this. FIXME: Check after the release of the RFC whether to
774 mbox = mailbox_from_userid (line);
775 if (!mbox || !(domain = strchr (mbox, '@')))
777 err = set_error (GPG_ERR_INV_USER_ID, "no mailbox in user id");
784 gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, mbox, strlen (mbox));
785 encodedhash = zb32_encode (hashbuf, 8*20);
788 err = gpg_error_from_syserror ();
791 namebuf = strconcat (encodedhash, "._pka.", domain, NULL);
794 err = gpg_error_from_syserror ();
798 certtype = DNS_CERTTYPE_IPGP;
802 /* Note: The hash is truncated to 28 bytes and we lowercase
803 the result only for aesthetic reasons. */
804 gcry_md_hash_buffer (GCRY_MD_SHA256, hashbuf, mbox, strlen (mbox));
805 encodedhash = bin2hex (hashbuf, 28, NULL);
808 err = gpg_error_from_syserror ();
811 ascii_strlwr (encodedhash);
812 namebuf = strconcat (encodedhash, "._openpgpkey.", domain, NULL);
815 err = gpg_error_from_syserror ();
819 certtype = DNS_CERTTYPE_RR61;
825 err = get_dns_cert (name, certtype, &key, &keylen, &fpr, &fprlen, &url);
831 err = data_line_write (ctx, key, keylen);
840 tmpstr = bin2hex (fpr, fprlen, NULL);
842 err = gpg_error_from_syserror ();
845 err = assuan_write_status (ctx, "FPR", tmpstr);
854 err = assuan_write_status (ctx, "URL", url);
867 return leave_cmd (ctx, err);
872 static const char hlp_ldapserver[] =
873 "LDAPSERVER <data>\n"
875 "Add a new LDAP server to the list of configured LDAP servers.\n"
876 "DATA is in the same format as expected in the configure file.";
878 cmd_ldapserver (assuan_context_t ctx, char *line)
881 ctrl_t ctrl = assuan_get_pointer (ctx);
882 ldap_server_t server;
883 ldap_server_t *last_next_p;
885 while (spacep (line))
888 return leave_cmd (ctx, PARM_ERROR (_("ldapserver missing")));
890 server = ldapserver_parse_one (line, "", 0);
892 return leave_cmd (ctx, gpg_error (GPG_ERR_INV_ARG));
894 last_next_p = &ctrl->server_local->ldapservers;
896 last_next_p = &(*last_next_p)->next;
897 *last_next_p = server;
898 return leave_cmd (ctx, 0);
901 return leave_cmd (ctx, gpg_error (GPG_ERR_NOT_IMPLEMENTED));
906 static const char hlp_isvalid[] =
907 "ISVALID [--only-ocsp] [--force-default-responder]"
908 " <certificate_id>|<certificate_fpr>\n"
910 "This command checks whether the certificate identified by the\n"
911 "certificate_id is valid. This is done by consulting CRLs or\n"
912 "whatever has been configured. Note, that the returned error codes\n"
913 "are from gpg-error.h. The command may callback using the inquire\n"
914 "function. See the manual for details.\n"
916 "The CERTIFICATE_ID is a hex encoded string consisting of two parts,\n"
917 "delimited by a single dot. The first part is the SHA-1 hash of the\n"
918 "issuer name and the second part the serial number.\n"
920 "Alternatively the certificate's fingerprint may be given in which\n"
921 "case an OCSP request is done before consulting the CRL.\n"
923 "If the option --only-ocsp is given, no fallback to a CRL check will\n"
926 "If the option --force-default-responder is given, only the default\n"
927 "OCSP responder will be used and any other methods of obtaining an\n"
928 "OCSP responder URL won't be used.";
930 cmd_isvalid (assuan_context_t ctx, char *line)
932 ctrl_t ctrl = assuan_get_pointer (ctx);
933 char *issuerhash, *serialno;
938 int force_default_responder;
940 only_ocsp = has_option (line, "--only-ocsp");
941 force_default_responder = has_option (line, "--force-default-responder");
942 line = skip_options (line);
944 issuerhash = xstrdup (line); /* We need to work on a copy of the
945 line because that same Assuan
946 context may be used for an inquiry.
947 That is because Assuan reuses its
951 serialno = strchr (issuerhash, '.');
956 char *endp = strchr (issuerhash, ' ');
959 if (strlen (issuerhash) != 40)
962 return leave_cmd (ctx, PARM_ERROR (_("serialno missing in cert ID")));
971 /* Note, that we ignore the given issuer hash and instead rely
972 on the current certificate semantics used with this
975 err = gpg_error (GPG_ERR_NOT_SUPPORTED);
977 err = ocsp_isvalid (ctrl, NULL, NULL, force_default_responder);
978 /* Fixme: If we got no ocsp response and --only-ocsp is not used
979 we should fall back to CRL mode. Thus we need to clear
980 OCSP_MODE, get the issuerhash and the serialno from the
981 current certificate and jump to again. */
984 err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
987 switch (crl_cache_isvalid (ctrl,
988 issuerhash, serialno,
989 ctrl->force_crl_refresh))
991 case CRL_CACHE_VALID:
994 case CRL_CACHE_INVALID:
995 err = gpg_error (GPG_ERR_CERT_REVOKED);
997 case CRL_CACHE_DONTKNOW:
999 err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
1000 else if (!(err = inquire_cert_and_load_crl (ctx)))
1006 case CRL_CACHE_CANTUSE:
1007 err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
1010 log_fatal ("crl_cache_isvalid returned invalid code\n");
1015 return leave_cmd (ctx, err);
1019 /* If the line contains a SHA-1 fingerprint as the first argument,
1020 return the FPR vuffer on success. The function checks that the
1021 fingerprint consists of valid characters and prints and error
1022 message if it does not and returns NULL. Fingerprints are
1023 considered optional and thus no explicit error is returned. NULL is
1024 also returned if there is no fingerprint at all available.
1025 FPR must be a caller provided buffer of at least 20 bytes.
1027 Note that colons within the fingerprint are allowed to separate 2
1028 hex digits; this allows for easier cutting and pasting using the
1029 usual fingerprint rendering.
1031 static unsigned char *
1032 get_fingerprint_from_line (const char *line, unsigned char *fpr)
1037 for (s=line, i=0; *s && *s != ' '; s++ )
1039 if ( hexdigitp (s) && hexdigitp (s+1) )
1042 return NULL; /* Fingerprint too long. */
1043 fpr[i++] = xtoi_2 (s);
1046 else if ( *s != ':' )
1047 return NULL; /* Invalid. */
1050 return NULL; /* Fingerprint to short. */
1056 static const char hlp_checkcrl[] =
1057 "CHECKCRL [<fingerprint>]\n"
1059 "Check whether the certificate with FINGERPRINT (SHA-1 hash of the\n"
1060 "entire X.509 certificate blob) is valid or not by consulting the\n"
1061 "CRL responsible for this certificate. If the fingerprint has not\n"
1062 "been given or the certificate is not known, the function \n"
1063 "inquires the certificate using an\n"
1065 " INQUIRE TARGETCERT\n"
1067 "and the caller is expected to return the certificate for the\n"
1068 "request (which should match FINGERPRINT) as a binary blob.\n"
1069 "Processing then takes place without further interaction; in\n"
1070 "particular dirmngr tries to locate other required certificate by\n"
1071 "its own mechanism which includes a local certificate store as well\n"
1072 "as a list of trusted root certificates.\n"
1074 "The return value is the usual gpg-error code or 0 for ducesss;\n"
1075 "i.e. the certificate validity has been confirmed by a valid CRL.";
1077 cmd_checkcrl (assuan_context_t ctx, char *line)
1079 ctrl_t ctrl = assuan_get_pointer (ctx);
1081 unsigned char fprbuffer[20], *fpr;
1084 fpr = get_fingerprint_from_line (line, fprbuffer);
1085 cert = fpr? get_cert_byfpr (fpr) : NULL;
1089 /* We do not have this certificate yet or the fingerprint has
1090 not been given. Inquire it from the client. */
1091 unsigned char *value = NULL;
1094 err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
1095 &value, &valuelen, MAX_CERT_LENGTH);
1098 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
1102 if (!valuelen) /* No data returned; return a comprehensible error. */
1103 err = gpg_error (GPG_ERR_MISSING_CERT);
1106 err = ksba_cert_new (&cert);
1108 err = ksba_cert_init_from_mem (cert, value, valuelen);
1117 err = crl_cache_cert_isvalid (ctrl, cert, ctrl->force_crl_refresh);
1118 if (gpg_err_code (err) == GPG_ERR_NO_CRL_KNOWN)
1120 err = crl_cache_reload_crl (ctrl, cert);
1122 err = crl_cache_cert_isvalid (ctrl, cert, 0);
1126 ksba_cert_release (cert);
1127 return leave_cmd (ctx, err);
1131 static const char hlp_checkocsp[] =
1132 "CHECKOCSP [--force-default-responder] [<fingerprint>]\n"
1134 "Check whether the certificate with FINGERPRINT (SHA-1 hash of the\n"
1135 "entire X.509 certificate blob) is valid or not by asking an OCSP\n"
1136 "responder responsible for this certificate. The optional\n"
1137 "fingerprint may be used for a quick check in case an OCSP check has\n"
1138 "been done for this certificate recently (we always cache OCSP\n"
1139 "responses for a couple of minutes). If the fingerprint has not been\n"
1140 "given or there is no cached result, the function inquires the\n"
1141 "certificate using an\n"
1143 " INQUIRE TARGETCERT\n"
1145 "and the caller is expected to return the certificate for the\n"
1146 "request (which should match FINGERPRINT) as a binary blob.\n"
1147 "Processing then takes place without further interaction; in\n"
1148 "particular dirmngr tries to locate other required certificates by\n"
1149 "its own mechanism which includes a local certificate store as well\n"
1150 "as a list of trusted root certifciates.\n"
1152 "If the option --force-default-responder is given, only the default\n"
1153 "OCSP responder will be used and any other methods of obtaining an\n"
1154 "OCSP responder URL won't be used.\n"
1156 "The return value is the usual gpg-error code or 0 for ducesss;\n"
1157 "i.e. the certificate validity has been confirmed by a valid CRL.";
1159 cmd_checkocsp (assuan_context_t ctx, char *line)
1161 ctrl_t ctrl = assuan_get_pointer (ctx);
1163 unsigned char fprbuffer[20], *fpr;
1165 int force_default_responder;
1167 force_default_responder = has_option (line, "--force-default-responder");
1168 line = skip_options (line);
1170 fpr = get_fingerprint_from_line (line, fprbuffer);
1171 cert = fpr? get_cert_byfpr (fpr) : NULL;
1175 /* We do not have this certificate yet or the fingerprint has
1176 not been given. Inquire it from the client. */
1177 unsigned char *value = NULL;
1180 err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
1181 &value, &valuelen, MAX_CERT_LENGTH);
1184 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
1188 if (!valuelen) /* No data returned; return a comprehensible error. */
1189 err = gpg_error (GPG_ERR_MISSING_CERT);
1192 err = ksba_cert_new (&cert);
1194 err = ksba_cert_init_from_mem (cert, value, valuelen);
1203 if (!opt.allow_ocsp)
1204 err = gpg_error (GPG_ERR_NOT_SUPPORTED);
1206 err = ocsp_isvalid (ctrl, cert, NULL, force_default_responder);
1209 ksba_cert_release (cert);
1210 return leave_cmd (ctx, err);
1216 lookup_cert_by_url (assuan_context_t ctx, const char *url)
1218 ctrl_t ctrl = assuan_get_pointer (ctx);
1219 gpg_error_t err = 0;
1220 unsigned char *value = NULL;
1223 /* Fetch single certificate given it's URL. */
1224 err = fetch_cert_by_url (ctrl, url, &value, &valuelen);
1227 log_error (_("fetch_cert_by_url failed: %s\n"), gpg_strerror (err));
1231 /* Send the data, flush the buffer and then send an END. */
1232 err = assuan_send_data (ctx, value, valuelen);
1234 err = assuan_send_data (ctx, NULL, 0);
1236 err = assuan_write_line (ctx, "END");
1239 log_error (_("error sending data: %s\n"), gpg_strerror (err));
1249 /* Send the certificate, flush the buffer and then send an END. */
1251 return_one_cert (void *opaque, ksba_cert_t cert)
1253 assuan_context_t ctx = opaque;
1255 const unsigned char *der;
1258 der = ksba_cert_get_image (cert, &derlen);
1260 err = gpg_error (GPG_ERR_INV_CERT_OBJ);
1263 err = assuan_send_data (ctx, der, derlen);
1265 err = assuan_send_data (ctx, NULL, 0);
1267 err = assuan_write_line (ctx, "END");
1270 log_error (_("error sending data: %s\n"), gpg_strerror (err));
1275 /* Lookup certificates from the internal cache or using the ldap
1278 lookup_cert_by_pattern (assuan_context_t ctx, char *line,
1279 int single, int cache_only)
1281 gpg_error_t err = 0;
1283 strlist_t sl, list = NULL;
1284 int truncated = 0, truncation_forced = 0;
1286 int local_count = 0;
1288 ctrl_t ctrl = assuan_get_pointer (ctx);
1289 unsigned char *value = NULL;
1291 struct ldapserver_iter ldapserver_iter;
1292 cert_fetch_context_t fetch_context;
1294 int any_no_data = 0;
1296 /* Break the line down into an STRLIST */
1297 for (p=line; *p; line = p)
1299 while (*p && *p != ' ')
1306 sl = xtrymalloc (sizeof *sl + strlen (line));
1309 err = gpg_error_from_errno (errno);
1312 memset (sl, 0, sizeof *sl);
1313 strcpy_escaped_plus (sl->d, line);
1319 /* First look through the internal cache. The certifcates retruned
1320 here are not counted towards the truncation limit. */
1321 if (single && !cache_only)
1322 ; /* Do not read from the local cache in this case. */
1325 for (sl=list; sl; sl = sl->next)
1327 err = get_certs_bypattern (sl->d, return_one_cert, ctx);
1333 if (gpg_err_code (err) == GPG_ERR_NO_DATA)
1339 else if (gpg_err_code (err) == GPG_ERR_INV_NAME && !cache_only)
1341 /* No real fault because the internal pattern lookup
1342 can't yet cope with all types of pattern. */
1350 /* Loop over all configured servers unless we want only the
1351 certificates from the cache. */
1353 for (ldapserver_iter_begin (&ldapserver_iter, ctrl);
1354 !cache_only && !ldapserver_iter_end_p (&ldapserver_iter)
1355 && ldapserver_iter.server->host && !truncation_forced;
1356 ldapserver_iter_next (&ldapserver_iter))
1358 ldap_server_t ldapserver = ldapserver_iter.server;
1361 log_debug ("cmd_lookup: trying %s:%d base=%s\n",
1362 ldapserver->host, ldapserver->port,
1363 ldapserver->base?ldapserver->base : "[default]");
1365 /* Fetch certificates matching pattern */
1366 err = start_cert_fetch (ctrl, &fetch_context, list, ldapserver);
1367 if ( gpg_err_code (err) == GPG_ERR_NO_DATA )
1370 log_debug ("cmd_lookup: no data\n");
1377 log_error (_("start_cert_fetch failed: %s\n"), gpg_strerror (err));
1381 /* Fetch the certificates for this query. */
1382 while (!truncation_forced)
1384 xfree (value); value = NULL;
1385 err = fetch_next_cert (fetch_context, &value, &valuelen);
1386 if (gpg_err_code (err) == GPG_ERR_NO_DATA )
1392 if (gpg_err_code (err) == GPG_ERR_TRUNCATED)
1398 if (gpg_err_code (err) == GPG_ERR_EOF)
1405 err = gpg_error (GPG_ERR_BUG);
1410 log_error (_("fetch_next_cert failed: %s\n"),
1411 gpg_strerror (err));
1412 end_cert_fetch (fetch_context);
1417 log_debug ("cmd_lookup: returning one cert%s\n",
1418 truncated? " (truncated)":"");
1420 /* Send the data, flush the buffer and then send an END line
1421 as a certificate delimiter. */
1422 err = assuan_send_data (ctx, value, valuelen);
1424 err = assuan_send_data (ctx, NULL, 0);
1426 err = assuan_write_line (ctx, "END");
1429 log_error (_("error sending data: %s\n"), gpg_strerror (err));
1430 end_cert_fetch (fetch_context);
1434 if (++count >= opt.max_replies )
1436 truncation_forced = 1;
1437 log_info (_("max_replies %d exceeded\n"), opt.max_replies );
1443 end_cert_fetch (fetch_context);
1448 if (truncated || truncation_forced)
1452 sprintf (str, "%d", count);
1453 assuan_write_status (ctx, "TRUNCATED", str);
1456 if (!err && !count && !local_count && any_no_data)
1457 err = gpg_error (GPG_ERR_NO_DATA);
1460 free_strlist (list);
1465 static const char hlp_lookup[] =
1466 "LOOKUP [--url] [--single] [--cache-only] <pattern>\n"
1468 "Lookup certificates matching PATTERN. With --url the pattern is\n"
1469 "expected to be one URL.\n"
1471 "If --url is not given: To allow for multiple patterns (which are ORed)\n"
1472 "quoting is required: Spaces are translated to \"+\" or \"%20\";\n"
1473 "obviously this requires that the usual escape quoting rules are applied.\n"
1475 "If --url is given no special escaping is required because URLs are\n"
1476 "already escaped this way.\n"
1478 "If --single is given the first and only the first match will be\n"
1479 "returned. If --cache-only is _not_ given, no local query will be\n"
1482 "If --cache-only is given no external lookup is done so that only\n"
1483 "certificates from the cache may get returned.";
1485 cmd_lookup (assuan_context_t ctx, char *line)
1488 int lookup_url, single, cache_only;
1490 lookup_url = has_leading_option (line, "--url");
1491 single = has_leading_option (line, "--single");
1492 cache_only = has_leading_option (line, "--cache-only");
1493 line = skip_options (line);
1495 if (lookup_url && cache_only)
1496 err = gpg_error (GPG_ERR_NOT_FOUND);
1497 else if (lookup_url && single)
1498 err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
1499 else if (lookup_url)
1500 err = lookup_cert_by_url (ctx, line);
1502 err = lookup_cert_by_pattern (ctx, line, single, cache_only);
1504 return leave_cmd (ctx, err);
1508 static const char hlp_loadcrl[] =
1509 "LOADCRL [--url] <filename|url>\n"
1511 "Load the CRL in the file with name FILENAME into our cache. Note\n"
1512 "that FILENAME should be given with an absolute path because\n"
1513 "Dirmngrs cwd is not known. With --url the CRL is directly loaded\n"
1514 "from the given URL.\n"
1516 "This command is usually used by gpgsm using the invocation \"gpgsm\n"
1517 "--call-dirmngr loadcrl <filename>\". A direct invocation of Dirmngr\n"
1518 "is not useful because gpgsm might need to callback gpgsm to ask for\n"
1519 "the CA's certificate.";
1521 cmd_loadcrl (assuan_context_t ctx, char *line)
1523 ctrl_t ctrl = assuan_get_pointer (ctx);
1524 gpg_error_t err = 0;
1525 int use_url = has_leading_option (line, "--url");
1527 line = skip_options (line);
1531 ksba_reader_t reader;
1533 err = crl_fetch (ctrl, line, &reader);
1535 log_error (_("fetching CRL from '%s' failed: %s\n"),
1536 line, gpg_strerror (err));
1539 err = crl_cache_insert (ctrl, line, reader);
1541 log_error (_("processing CRL from '%s' failed: %s\n"),
1542 line, gpg_strerror (err));
1543 crl_close_reader (reader);
1550 buf = xtrymalloc (strlen (line)+1);
1552 err = gpg_error_from_syserror ();
1555 strcpy_escaped_plus (buf, line);
1556 err = crl_cache_load (ctrl, buf);
1561 return leave_cmd (ctx, err);
1565 static const char hlp_listcrls[] =
1568 "List the content of all CRLs in a readable format. This command is\n"
1569 "usually used by gpgsm using the invocation \"gpgsm --call-dirmngr\n"
1570 "listcrls\". It may also be used directly using \"dirmngr\n"
1573 cmd_listcrls (assuan_context_t ctx, char *line)
1580 fp = es_fopencookie (ctx, "w", data_line_cookie_functions);
1582 err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
1585 err = crl_cache_list (fp);
1588 return leave_cmd (ctx, err);
1592 static const char hlp_cachecert[] =
1595 "Put a certificate into the internal cache. This command might be\n"
1596 "useful if a client knows in advance certificates required for a\n"
1597 "test and wants to make sure they get added to the internal cache.\n"
1598 "It is also helpful for debugging. To get the actual certificate,\n"
1599 "this command immediately inquires it using\n"
1601 " INQUIRE TARGETCERT\n"
1603 "and the caller is expected to return the certificate for the\n"
1604 "request as a binary blob.";
1606 cmd_cachecert (assuan_context_t ctx, char *line)
1608 ctrl_t ctrl = assuan_get_pointer (ctx);
1610 ksba_cert_t cert = NULL;
1611 unsigned char *value = NULL;
1616 err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
1617 &value, &valuelen, MAX_CERT_LENGTH);
1620 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
1624 if (!valuelen) /* No data returned; return a comprehensible error. */
1625 err = gpg_error (GPG_ERR_MISSING_CERT);
1628 err = ksba_cert_new (&cert);
1630 err = ksba_cert_init_from_mem (cert, value, valuelen);
1636 err = cache_cert (cert);
1639 ksba_cert_release (cert);
1640 return leave_cmd (ctx, err);
1644 static const char hlp_validate[] =
1647 "Validate a certificate using the certificate validation function\n"
1648 "used internally by dirmngr. This command is only useful for\n"
1649 "debugging. To get the actual certificate, this command immediately\n"
1650 "inquires it using\n"
1652 " INQUIRE TARGETCERT\n"
1654 "and the caller is expected to return the certificate for the\n"
1655 "request as a binary blob.";
1657 cmd_validate (assuan_context_t ctx, char *line)
1659 ctrl_t ctrl = assuan_get_pointer (ctx);
1661 ksba_cert_t cert = NULL;
1662 unsigned char *value = NULL;
1667 err = assuan_inquire (ctrl->server_local->assuan_ctx, "TARGETCERT",
1668 &value, &valuelen, MAX_CERT_LENGTH);
1671 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
1675 if (!valuelen) /* No data returned; return a comprehensible error. */
1676 err = gpg_error (GPG_ERR_MISSING_CERT);
1679 err = ksba_cert_new (&cert);
1681 err = ksba_cert_init_from_mem (cert, value, valuelen);
1687 /* If we have this certificate already in our cache, use the cached
1688 version for validation because this will take care of any cached
1691 unsigned char fpr[20];
1692 ksba_cert_t tmpcert;
1694 cert_compute_fpr (cert, fpr);
1695 tmpcert = get_cert_byfpr (fpr);
1698 ksba_cert_release (cert);
1703 err = validate_cert_chain (ctrl, cert, NULL, VALIDATE_MODE_CERT, NULL);
1706 ksba_cert_release (cert);
1707 return leave_cmd (ctx, err);
1712 /* Parse an keyserver URI and store it in a new uri item which is
1713 returned at R_ITEM. On error return an error code. */
1715 make_keyserver_item (const char *uri, uri_item_t *r_item)
1721 item = xtrymalloc (sizeof *item + strlen (uri));
1723 return gpg_error_from_syserror ();
1726 item->parsed_uri = NULL;
1727 strcpy (item->uri, uri);
1730 if (ldap_uri_p (item->uri))
1731 err = ldap_parse_uri (&item->parsed_uri, uri);
1735 err = http_parse_uri (&item->parsed_uri, uri, 1);
1746 /* If no keyserver is stored in CTRL but a global keyserver has been
1747 set, put that global keyserver into CTRL. We need use this
1748 function to help migrate from the old gpg based keyserver
1749 configuration to the new dirmngr based configuration. */
1751 ensure_keyserver (ctrl_t ctrl)
1755 uri_item_t onion_items = NULL;
1756 uri_item_t plain_items = NULL;
1760 if (ctrl->server_local->keyservers)
1761 return 0; /* Already set for this session. */
1763 return 0; /* No global option set. */
1765 for (sl = opt.keyserver; sl; sl = sl->next)
1767 err = make_keyserver_item (sl->d, &item);
1770 if (item->parsed_uri->onion)
1772 item->next = onion_items;
1777 item->next = plain_items;
1782 /* Decide which to use. Note that the sesssion has no keyservers
1784 if (onion_items && !onion_items->next && plain_items && !plain_items->next)
1786 /* If there is just one onion and one plain keyserver given, we take
1787 only one depending on whether Tor is running or not. */
1788 if (is_tor_running (ctrl))
1790 ctrl->server_local->keyservers = onion_items;
1795 ctrl->server_local->keyservers = plain_items;
1799 else if (!is_tor_running (ctrl))
1801 /* Tor is not running. It does not make sense to add Onion
1803 ctrl->server_local->keyservers = plain_items;
1808 /* In all other cases add all keyservers. */
1809 ctrl->server_local->keyservers = onion_items;
1811 for (ui = ctrl->server_local->keyservers; ui && ui->next; ui = ui->next)
1814 ui->next = plain_items;
1816 ctrl->server_local->keyservers = plain_items;
1821 release_uri_item_list (onion_items);
1822 release_uri_item_list (plain_items);
1828 static const char hlp_keyserver[] =
1829 "KEYSERVER [<options>] [<uri>|<host>]\n"
1832 " --clear Remove all configured keyservers\n"
1833 " --resolve Resolve HKP host names and rotate\n"
1834 " --hosttable Print table of known hosts and pools\n"
1835 " --dead Mark <host> as dead\n"
1836 " --alive Mark <host> as alive\n"
1838 "If called without arguments list all configured keyserver URLs.\n"
1839 "If called with an URI add this as keyserver. Note that keyservers\n"
1840 "are configured on a per-session base. A default keyserver may already be\n"
1841 "present, thus the \"--clear\" option must be used to get full control.\n"
1842 "If \"--clear\" and an URI are used together the clear command is\n"
1843 "obviously executed first. A RESET command does not change the list\n"
1844 "of configured keyservers.";
1846 cmd_keyserver (assuan_context_t ctx, char *line)
1848 ctrl_t ctrl = assuan_get_pointer (ctx);
1849 gpg_error_t err = 0;
1850 int clear_flag, add_flag, help_flag, host_flag, resolve_flag;
1851 int dead_flag, alive_flag;
1852 uri_item_t item = NULL; /* gcc 4.4.5 is not able to detect that it
1853 is always initialized. */
1855 clear_flag = has_option (line, "--clear");
1856 help_flag = has_option (line, "--help");
1857 resolve_flag = has_option (line, "--resolve");
1858 host_flag = has_option (line, "--hosttable");
1859 dead_flag = has_option (line, "--dead");
1860 alive_flag = has_option (line, "--alive");
1861 line = skip_options (line);
1866 err = ks_action_help (ctrl, line);
1872 err = ensure_keyserver (ctrl);
1874 err = ks_action_resolve (ctrl, ctrl->server_local->keyservers);
1879 if (alive_flag && dead_flag)
1881 err = set_error (GPG_ERR_ASS_PARAMETER, "no support for zombies");
1886 err = check_owner_permission (ctx, "no permission to use --dead");
1890 if (alive_flag || dead_flag)
1894 err = set_error (GPG_ERR_ASS_PARAMETER, "name of host missing");
1898 err = ks_hkp_mark_host (ctrl, line, alive_flag);
1905 err = ks_hkp_print_hosttable (ctrl);
1909 if (resolve_flag || host_flag || alive_flag || dead_flag)
1914 err = make_keyserver_item (line, &item);
1919 release_ctrl_keyservers (ctrl);
1922 item->next = ctrl->server_local->keyservers;
1923 ctrl->server_local->keyservers = item;
1926 if (!add_flag && !clear_flag && !help_flag)
1928 /* List configured keyservers. However, we first add a global
1932 err = ensure_keyserver (ctrl);
1935 assuan_set_error (ctx, err,
1936 "Bad keyserver configuration in dirmngr.conf");
1940 for (u=ctrl->server_local->keyservers; u; u = u->next)
1941 dirmngr_status (ctrl, "KEYSERVER", u->uri, NULL);
1946 return leave_cmd (ctx, err);
1951 static const char hlp_ks_search[] =
1952 "KS_SEARCH {<pattern>}\n"
1954 "Search the configured OpenPGP keyservers (see command KEYSERVER)\n"
1955 "for keys matching PATTERN";
1957 cmd_ks_search (assuan_context_t ctx, char *line)
1959 ctrl_t ctrl = assuan_get_pointer (ctx);
1965 /* No options for now. */
1966 line = skip_options (line);
1968 /* Break the line down into an strlist. Each pattern is
1969 percent-plus escaped. */
1971 for (p=line; *p; line = p)
1973 while (*p && *p != ' ')
1979 sl = xtrymalloc (sizeof *sl + strlen (line));
1982 err = gpg_error_from_syserror ();
1986 strcpy_escaped_plus (sl->d, line);
1992 err = ensure_keyserver (ctrl);
1996 /* Setup an output stream and perform the search. */
1997 outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
1999 err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
2002 err = ks_action_search (ctrl, ctrl->server_local->keyservers,
2008 free_strlist (list);
2009 return leave_cmd (ctx, err);
2014 static const char hlp_ks_get[] =
2015 "KS_GET {<pattern>}\n"
2017 "Get the keys matching PATTERN from the configured OpenPGP keyservers\n"
2018 "(see command KEYSERVER). Each pattern should be a keyid, a fingerprint,\n"
2019 "or an exact name indicated by the '=' prefix.";
2021 cmd_ks_get (assuan_context_t ctx, char *line)
2023 ctrl_t ctrl = assuan_get_pointer (ctx);
2029 /* No options for now. */
2030 line = skip_options (line);
2032 /* Break the line into a strlist. Each pattern is by
2033 definition percent-plus escaped. However we only support keyids
2034 and fingerprints and thus the client has no need to apply the
2037 for (p=line; *p; line = p)
2039 while (*p && *p != ' ')
2045 sl = xtrymalloc (sizeof *sl + strlen (line));
2048 err = gpg_error_from_syserror ();
2052 strcpy_escaped_plus (sl->d, line);
2058 err = ensure_keyserver (ctrl);
2062 /* Setup an output stream and perform the get. */
2063 outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
2065 err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
2068 err = ks_action_get (ctrl, ctrl->server_local->keyservers, list, outfp);
2073 free_strlist (list);
2074 return leave_cmd (ctx, err);
2078 static const char hlp_ks_fetch[] =
2081 "Get the key(s) from URL.";
2083 cmd_ks_fetch (assuan_context_t ctx, char *line)
2085 ctrl_t ctrl = assuan_get_pointer (ctx);
2089 /* No options for now. */
2090 line = skip_options (line);
2092 err = ensure_keyserver (ctrl);
2096 /* Setup an output stream and perform the get. */
2097 outfp = es_fopencookie (ctx, "w", data_line_cookie_functions);
2099 err = set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream");
2102 err = ks_action_fetch (ctrl, line, outfp);
2107 return leave_cmd (ctx, err);
2112 static const char hlp_ks_put[] =
2115 "Send a key to the configured OpenPGP keyservers. The actual key material\n"
2116 "is then requested by Dirmngr using\n"
2118 " INQUIRE KEYBLOCK\n"
2120 "The client shall respond with a binary version of the keyblock (e.g.,\n"
2121 "the output of `gpg --export KEYID'). For LDAP\n"
2122 "keyservers Dirmngr may ask for meta information of the provided keyblock\n"
2125 " INQUIRE KEYBLOCK_INFO\n"
2127 "The client shall respond with a colon delimited info lines (the output\n"
2128 "of 'for x in keys sigs; do gpg --list-$x --with-colons KEYID; done').\n";
2130 cmd_ks_put (assuan_context_t ctx, char *line)
2132 ctrl_t ctrl = assuan_get_pointer (ctx);
2134 unsigned char *value = NULL;
2136 unsigned char *info = NULL;
2139 /* No options for now. */
2140 line = skip_options (line);
2142 err = ensure_keyserver (ctrl);
2146 /* Ask for the key material. */
2147 err = assuan_inquire (ctx, "KEYBLOCK",
2148 &value, &valuelen, MAX_KEYBLOCK_LENGTH);
2151 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
2155 if (!valuelen) /* No data returned; return a comprehensible error. */
2157 err = gpg_error (GPG_ERR_MISSING_CERT);
2161 /* Ask for the key meta data. Not actually needed for HKP servers
2162 but we do it anyway to test the client implementaion. */
2163 err = assuan_inquire (ctx, "KEYBLOCK_INFO",
2164 &info, &infolen, MAX_KEYBLOCK_LENGTH);
2167 log_error (_("assuan_inquire failed: %s\n"), gpg_strerror (err));
2172 err = ks_action_put (ctrl, ctrl->server_local->keyservers,
2173 value, valuelen, info, infolen);
2178 return leave_cmd (ctx, err);
2184 static const char hlp_getinfo[] =
2187 "Multi purpose command to return certain information. \n"
2188 "Supported values of WHAT are:\n"
2190 "version - Return the version of the program.\n"
2191 "pid - Return the process id of the server.\n"
2192 "tor - Return OK if running in Tor mode\n"
2193 "dnsinfo - Return info about the DNS resolver\n"
2194 "socket_name - Return the name of the socket.\n";
2196 cmd_getinfo (assuan_context_t ctx, char *line)
2198 ctrl_t ctrl = assuan_get_pointer (ctx);
2201 if (!strcmp (line, "version"))
2203 const char *s = VERSION;
2204 err = assuan_send_data (ctx, s, strlen (s));
2206 else if (!strcmp (line, "pid"))
2210 snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ());
2211 err = assuan_send_data (ctx, numbuf, strlen (numbuf));
2213 else if (!strcmp (line, "socket_name"))
2215 const char *s = dirmngr_user_socket_name ();
2218 s = dirmngr_sys_socket_name ();
2221 err = assuan_send_data (ctx, s, strlen (s));
2223 err = gpg_error (GPG_ERR_NO_DATA);
2225 else if (!strcmp (line, "tor"))
2229 if (!is_tor_running (ctrl))
2230 err = assuan_write_status (ctx, "NO_TOR", "Tor not running");
2234 assuan_set_okay_line (ctx, "- Tor mode is enabled");
2237 err = set_error (GPG_ERR_FALSE, "Tor mode is NOT enabled");
2239 else if (!strcmp (line, "dnsinfo"))
2241 #if USE_ADNS && HAVE_ADNS_IF_TORMODE
2242 assuan_set_okay_line (ctx, "- ADNS with Tor support");
2244 assuan_set_okay_line (ctx, "- ADNS w/o Tor support");
2246 assuan_set_okay_line (ctx, "- System resolver w/o Tor support");
2251 err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
2253 return leave_cmd (ctx, err);
2258 static const char hlp_killdirmngr[] =
2261 "This command allows a user - given sufficient permissions -\n"
2262 "to kill this dirmngr process.\n";
2264 cmd_killdirmngr (assuan_context_t ctx, char *line)
2266 ctrl_t ctrl = assuan_get_pointer (ctx);
2271 if (opt.system_daemon)
2273 if (opt.system_service)
2274 err = set_error (GPG_ERR_NOT_SUPPORTED,
2275 "can't do that whilst running as system service");
2277 err = check_owner_permission (ctx,
2278 "no permission to kill this process");
2285 ctrl->server_local->stopme = 1;
2286 assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1);
2287 err = gpg_error (GPG_ERR_EOF);
2293 static const char hlp_reloaddirmngr[] =
2296 "This command is an alternative to SIGHUP\n"
2297 "to reload the configuration.";
2299 cmd_reloaddirmngr (assuan_context_t ctx, char *line)
2304 if (opt.system_daemon)
2306 #ifndef HAVE_W32_SYSTEM
2310 err = check_owner_permission (ctx,
2311 "no permission to reload this process");
2318 dirmngr_sighup_action ();
2325 /* Tell the assuan library about our commands. */
2327 register_commands (assuan_context_t ctx)
2331 assuan_handler_t handler;
2332 const char * const help;
2334 { "DNS_CERT", cmd_dns_cert, hlp_dns_cert },
2335 { "LDAPSERVER", cmd_ldapserver, hlp_ldapserver },
2336 { "ISVALID", cmd_isvalid, hlp_isvalid },
2337 { "CHECKCRL", cmd_checkcrl, hlp_checkcrl },
2338 { "CHECKOCSP", cmd_checkocsp, hlp_checkocsp },
2339 { "LOOKUP", cmd_lookup, hlp_lookup },
2340 { "LOADCRL", cmd_loadcrl, hlp_loadcrl },
2341 { "LISTCRLS", cmd_listcrls, hlp_listcrls },
2342 { "CACHECERT", cmd_cachecert, hlp_cachecert },
2343 { "VALIDATE", cmd_validate, hlp_validate },
2344 { "KEYSERVER", cmd_keyserver, hlp_keyserver },
2345 { "KS_SEARCH", cmd_ks_search, hlp_ks_search },
2346 { "KS_GET", cmd_ks_get, hlp_ks_get },
2347 { "KS_FETCH", cmd_ks_fetch, hlp_ks_fetch },
2348 { "KS_PUT", cmd_ks_put, hlp_ks_put },
2349 { "GETINFO", cmd_getinfo, hlp_getinfo },
2350 { "KILLDIRMNGR",cmd_killdirmngr,hlp_killdirmngr },
2351 { "RELOADDIRMNGR",cmd_reloaddirmngr,hlp_reloaddirmngr },
2356 for (i=j=0; table[i].name; i++)
2358 rc = assuan_register_command (ctx, table[i].name, table[i].handler,
2367 /* Note that we do not reset the list of configured keyservers. */
2369 reset_notify (assuan_context_t ctx, char *line)
2371 ctrl_t ctrl = assuan_get_pointer (ctx);
2375 ldapserver_list_free (ctrl->server_local->ldapservers);
2377 ctrl->server_local->ldapservers = NULL;
2382 /* Startup the server and run the main command loop. With FD = -1,
2383 use stdin/stdout. */
2385 start_command_handler (assuan_fd_t fd)
2387 static const char hello[] = "Dirmngr " VERSION " at your service";
2388 static char *hello_line;
2390 assuan_context_t ctx;
2393 ctrl = xtrycalloc (1, sizeof *ctrl);
2395 ctrl->server_local = xtrycalloc (1, sizeof *ctrl->server_local);
2396 if (!ctrl || !ctrl->server_local)
2398 log_error (_("can't allocate control structure: %s\n"),
2404 dirmngr_init_default_ctrl (ctrl);
2406 rc = assuan_new (&ctx);
2409 log_error (_("failed to allocate assuan context: %s\n"),
2414 if (fd == ASSUAN_INVALID_FD)
2416 assuan_fd_t filedes[2];
2418 filedes[0] = assuan_fdopen (0);
2419 filedes[1] = assuan_fdopen (1);
2420 rc = assuan_init_pipe_server (ctx, filedes);
2424 rc = assuan_init_socket_server (ctx, fd, ASSUAN_SOCKET_SERVER_ACCEPTED);
2429 assuan_release (ctx);
2430 log_error (_("failed to initialize the server: %s\n"),
2435 rc = register_commands (ctx);
2438 log_error (_("failed to the register commands with Assuan: %s\n"),
2447 const char *cfgname;
2449 cfgname = opt.config_filename? opt.config_filename : "[none]";
2451 n = (30 + strlen (opt.homedir) + strlen (cfgname)
2452 + strlen (hello) + 1);
2453 hello_line = xmalloc (n+1);
2454 snprintf (hello_line, n,
2464 ctrl->server_local->assuan_ctx = ctx;
2465 assuan_set_pointer (ctx, ctrl);
2467 assuan_set_hello_line (ctx, hello_line);
2468 assuan_register_option_handler (ctx, option_handler);
2469 assuan_register_reset_notify (ctx, reset_notify);
2473 rc = assuan_accept (ctx);
2478 log_info (_("Assuan accept problem: %s\n"), gpg_strerror (rc));
2482 #ifndef HAVE_W32_SYSTEM
2485 assuan_peercred_t peercred;
2487 if (!assuan_get_peercred (ctx, &peercred))
2488 log_info ("connection from process %ld (%ld:%ld)\n",
2489 (long)peercred->pid, (long)peercred->uid,
2490 (long)peercred->gid);
2494 rc = assuan_process (ctx);
2497 log_info (_("Assuan processing failed: %s\n"), gpg_strerror (rc));
2504 ldap_wrapper_connection_cleanup (ctrl);
2506 ldapserver_list_free (ctrl->server_local->ldapservers);
2508 ctrl->server_local->ldapservers = NULL;
2510 release_ctrl_keyservers (ctrl);
2512 ctrl->server_local->assuan_ctx = NULL;
2513 assuan_release (ctx);
2515 if (ctrl->server_local->stopme)
2519 log_error ("oops: connection control structure still referenced (%d)\n",
2523 release_ctrl_ocsp_certs (ctrl);
2524 xfree (ctrl->server_local);
2525 dirmngr_deinit_default_ctrl (ctrl);
2531 /* Send a status line back to the client. KEYWORD is the status
2532 keyword, the optional string arguments are blank separated added to
2533 the line, the last argument must be a NULL. */
2535 dirmngr_status (ctrl_t ctrl, const char *keyword, ...)
2537 gpg_error_t err = 0;
2541 va_start (arg_ptr, keyword);
2543 if (ctrl->server_local)
2545 assuan_context_t ctx = ctrl->server_local->assuan_ctx;
2551 while ( (text = va_arg (arg_ptr, const char *)) )
2558 for ( ; *text && n < DIM (buf)-2; n++)
2562 err = assuan_write_status (ctx, keyword, buf);
2570 /* Print a help status line. TEXTLEN gives the length of the text
2571 from TEXT to be printed. The function splits text at LFs. */
2573 dirmngr_status_help (ctrl_t ctrl, const char *text)
2575 gpg_error_t err = 0;
2577 if (ctrl->server_local)
2579 assuan_context_t ctx = ctrl->server_local->assuan_ctx;
2587 for ( ; *text && *text != '\n' && n < DIM (buf)-2; n++)
2592 err = assuan_write_status (ctx, "#", buf);
2594 while (!err && *text);
2600 /* Send a tick progress indicator back. Fixme: This is only done for
2601 the currently active channel. */
2603 dirmngr_tick (ctrl_t ctrl)
2605 static time_t next_tick = 0;
2606 gpg_error_t err = 0;
2607 time_t now = time (NULL);
2611 next_tick = now + 1;
2613 else if ( now > next_tick )
2617 err = dirmngr_status (ctrl, "PROGRESS", "tick", "? 0 0", NULL);
2620 /* Take this as in indication for a cancel request. */
2621 err = gpg_error (GPG_ERR_CANCELED);
2626 next_tick = now + 1;